plezi 0.12.22 → 0.14.0

data/lib/plezi/oauth.rb

@@ -1,5 +0,0 @@
-# requires the open-uri library.
-# require 'open-uri'
-require 'net/http'
-# require the OAuth2 controller
-require 'plezi/oauth/auth_controller.rb'

data/lib/plezi/oauth/auth_controller.rb

@@ -1,229 +0,0 @@
-
-
-
-
-module Plezi
-
-	#########################################
-	# This is a social Authentication Controller for OAuth2 services.
-	# This controller allows you to easily deploy Facebook Login, Google Login and any other OAuth2 complient login service.
-	#
-	# To include this controller in your application, you need to require it using:
-	#
-	#       require 'plezi/oauth'
-	#
-	# It is possible to manualy register any OAuth 2.0 authentication service using the `register_service` method:
-	# 
-	#           	register_service(:foo,
-	#           			app_id: 'registered app id / client id',
-	#           			app_secret: 'registered app secret / client secret',
-	#           			auth_url: "https://foo.bar.com/o/oauth2/auth",
-	#           			token_url: "https://foo.bar.com/oauth2/v3/token",
-	#           			profile_url: "https://foo.bar/oauth2/v1/userinfo",
-	#           			scope: "profile email")
-	#
-	# The `.register_service` method will be automatically called for the following login services:
-	#
-	# - Facebook authentication using the Graph API, v. 2.3 - [see Facebook documentation](https://developers.facebook.com/docs/facebook-login/manually-build-a-login-flow/v2.3).
-	# - Google authentication using the OAuth 2.0 API - [see Google documentation](https://developers.google.com/identity/protocols/OAuth2WebServer).
-	#
-	# To enjoy autorgistration for Facebook or Google, make sure the following environment variables are set:
-	#       ENV['FB_APP_ID'] = {facebook_app_id}
-	#       ENV['FB_APP_SECRET'] = {facebook_app_secret}
-	#       ENV['GOOGLE_APP_ID'] = {google_app_id}
-	#       ENV['GOOGLE_APP_SECRET'] = {google_app_secret}
-	#
-	# To add the OAuth routes to the routes, use the following short-cut method (add it to the `routes.rb`) file:
-	#
-	#       create_auth_shared_route do |service, remote_user_id, email, full_remote_response|	
-	#          # perform any specific app authentication logic such as saving the info.
-	#          # return the current user or false if the callback is called with an authentication failure.
-	#       end
-	#
-	# \* Notice that, as always, route placement order effects behavior, so that routes are checked according to order of creation.
-	#
-	# The `create_auth_shared_route` method is a shortcut taht calls the `#shared_route` method with the relevant arguments and sets the OAuth2Ctrl callback.
-	#
-	# Use the following links for social authentication:
-	#
-	# - Facebook: "/auth/facebook"
-	# - Google: "/auth/google"
-	# - foo_service: "/auth/foo_service"
-	#
-	# You can control the page to which the user will return once authentication is complete
-	# (even when authentication fails) by setting the "redirect_after" parameter into the GET request in the url. for example:
-	# 
-	# - Google: "/auth/google?redirect_after=/foo/bar"
-	class OAuth2Ctrl
-
-		# Sets (or gets) the global callback to be called after authentication is attempeted.
-		#
-		# Accepts a block that will be called with the following parameters:
-		# service_name:: the name of the service. i.e. :facebook, :google, etc'.
-		# service_token:: the authentication token returned by the service. This token should be stored for future access
-		# remote_user_id:: service's user id.
-		# remote_user_email:: user's primamry email, as (and if) registed with the service.
-		# remote_response:: a Hash with the complete user data response (including email and id).
-		#
-		# If the authentication fails for the service, the block will be called with the following values `auth_callback.call(nil, ni, {server: :responce, might_be: :empty})`
-		#
-		# The block will be run in the context of the controller and all the controller's methods will be available to it.
-		#
-		# i.e.:
-		#       OAuth2Ctrl.auth_callback |service, service_token, id, email, full_res|  PL.info "OAuth got: #{full_res.to_s}"; cookies["#{service}_pl_auth_token".to_sym], cookies["#{service}_user_id".to_sym], cookies["#{service}_user_email".to_sym] = service_token, id, email }
-		#
-		# defaults to the example above, which isn't a very sercure behavior, but allows for easy testing.
-		def self.auth_callback &block
-			block_given? ? (@@auth_callback = block) : ( @@auth_callback ||= (Proc.new {|service, service_token, id, email, res| Plezi.info "deafult callback called for #{service}, with response: #{res.to_s}";  session["#{service}_pl_auth_token"], session["#{service}_user_id"], session["#{service}_user_email"] = service_token, id, email}) )
-		end
-
-
-		# Stores the registered services library
-		SERVICES = {}
-
-		# This method registers a social login service that conforms to the OAuth2 model.
-		#
-		# Accepts the following required parameters:
-		# service_name:: a Symbol naming the service. i.e. :facebook or :google .
-		# options:: a Hash of options, some of which are required.
-		#
-		# The options are:
-		# app_id:: Required. The aplication's unique ID (sometimes called `client_id`) registered with the service. i.e. ENV [FB_APP_ID] (storing these in environment variables is safer then hardcoding them)
-		# app_secret:: Required. The aplication's unique secret registered with the service (sometimes called `client_secret`).
-		# auth_url:: Required. The authentication URL. This is the url to which the user is redirected. i.e.: "https://www.facebook.com/dialog/oauth"
-		# token_url:: Required. The token request URL. This is the url used to switch the single-use code into a persistant authentication token. i.e.: "https://www.googleapis.com/oauth2/v3/token"
-		# profile_url:: Required. The URL used to ask the service for the user's profile (the service's API url). i.e.: "https://graph.facebook.com/v2.3/me"
-		# scope:: a String representing the scope requested. i.e. 'email profile'.
-		#
-		# There will be an attempt to automatically register Facebook and Google login services under these conditions:
-		#
-		# * For Facebook: Both ENV ['FB_APP_ID'] && ENV ['FB_APP_SECRET'] have been defined.
-		# * For Google: Both ENV ['GOOGLE_APP_ID'] && ENV ['GOOGLE_APP_SECRET'] have been defined.
-		#
-		#
-		# The auto registration uses the following urls (updated to June 5, 2015):
-		#
-		# * facebook auth_url: "https://www.facebook.com/dialog/oauth"
-		# * facebook token_url: "https://graph.facebook.com/v2.3/oauth/access_token"
-		# * facebook profile_url: "https://graph.facebook.com/v2.3/me"
-		# * google auth_url: "https://accounts.google.com/o/oauth2/auth"
-		# * google token_url: "https://www.googleapis.com/oauth2/v3/token"
-		# * google profile_url: "https://www.googleapis.com/plus/v1/people/me"
-		#
-		# to change the default scope or url's for Facebook or Google, simpley re-register the service using this method.
-		#
-		def self.register_service service_name, options
-			raise "Cannot register service, missing required information." unless service_name && options[:auth_url] && options[:token_url] && options[:profile_url] && options[:app_id] && options[:app_secret]
-			# for google, scope is space delimited. for facebook it's comma delimited
-			options[:scope] ||= 'profile, email'
-			SERVICES[service_name] = options
-		end
-
-		# Called to manually run through the authentication logic for the requested service,
-		# without performing any redirections.
-		#
-		# Use this method to attempt and re-login a user using an existing login token:
-		#
-		#             token = 'google_token_could_be_recieved_also_from_javascript_sdk'
-		#             OAuth2Ctrl.auth :google, token, self
-		#
-		# The method will return false if re-login fails and it will otherwise return the callback's return value.
-		#
-		# Call this method from within a controller, passing the controller (self) to the method, like so:
-		#
-		#             OAuth2Ctrl.auth :facebook, token, self
-		#
-		# This is especially effective if `auth_callback` returns the user object, as it would allow to chain
-		# different login methods, i.e.:
-		#
-		#             @user ||= app_login || OAuth2Ctrl.auth(:facebook, fb_token, self) || OAuth2Ctrl.auth(:google, google_token, self) || ....
-		def self.auth service_name, service_token, controller
-			service = SERVICES[service_name]
-			return false unless service
-			# auth_res = controller.cookies[c_name] ? (JSON.parse URI.parse("#{service[:profile_url]}?access_token=#{controller.cookies[c_name]}").read rescue ({}) ) : {}
-			# controller.cookies[c_name] = nil unless auth_res['id']
-			# auth_res['id'] ? controller.instance_exec( service_name, auth_res['id'], auth_res['email'], auth_res, &auth_callback) : ( controller.instance_exec( service_name, nil, nil, auth_res, &auth_callback) && false)
-			auth_res = {}
-			uri = URI.parse("#{service[:profile_url]}?access_token=#{service_token}")
-			Net::HTTP.start(uri.host, uri.port, use_ssl: (uri.scheme == "https"), verify_mode: OpenSSL::SSL::VERIFY_NONE) do |http|
-				req =  Net::HTTP::Get.new(uri)
-				res = http.request(req).body
-				auth_res = (JSON.parse res) rescue ({})
-			end if service_token
-			auth_res['id'] ? controller.instance_exec( service_name, service_token, auth_res['id'], auth_res['email'], auth_res, &auth_callback) : ( controller.instance_exec( service_name, nil, nil, nil, auth_res, &auth_callback) && false)
-		end
-
-		def update
-			service_name = params[:id].to_s.to_sym
-			service = SERVICES[service_name]
-			return false unless service
-			if params[:error]
-				instance_exec( service_name, nil, nil, nil, {}, &self.class.auth_callback)
-				return redirect_to(flash[:redirect_after])
-			end
-			unless params[:code]
-				flash[:redirect_after] = params[:redirect_after] || '/'
-				return redirect_to _auth_url_for(service_name)
-			end
-			uri = URI.parse service[:token_url]
-			service_token = nil
-			Net::HTTP.start(uri.host, uri.port, use_ssl: (uri.scheme == "https"), verify_mode: OpenSSL::SSL::VERIFY_NONE) do |http|
-				req =  Net::HTTP::Post.new(uri)
-				req.form_data = {"client_id" => service[:app_id],
-								"client_secret" => service[:app_secret], "code" => params[:code] ,
-								"grant_type" => "authorization_code","redirect_uri" => "#{request.base_url}/auth/#{service_name.to_s}"}
-				res = http.request(req).body
-				service_token = ((JSON.parse res)['access_token'] rescue nil)
-			end
-
-			self.class.auth service_name, service_token, self
-			redirect_to(flash[:redirect_after])
-		end
-		alias :show :update
-
-		protected
-
-		# returns a url for the requested service's social login.
-		#
-		# this is used internally. Normal behavior would be to set a link to '/auth/{service_name}', where correct redirection will be automatic.
-		#
-		def _auth_url_for service_name
-			service = SERVICES[service_name]
-			return nil unless service
-			redirect_uri = Plezi::Base::Helpers.encode_url "#{request.base_url}/auth/#{service_name.to_s}" #response_type
-			return "#{service[:auth_url]}?client_id=#{service[:app_id]}&redirect_uri=#{redirect_uri}&scope=#{service[:scope]}&response_type=code"
-		end
-
-		register_service(:facebook, app_id: ENV['FB_APP_ID'],
-									app_secret: ENV['FB_APP_SECRET'],
-									auth_url: "https://www.facebook.com/dialog/oauth",
-									token_url: "https://graph.facebook.com/v2.3/oauth/access_token",
-									profile_url: "https://graph.facebook.com/v2.3/me",
-									scope: "public_profile,email") if ENV['FB_APP_ID'] && ENV['FB_APP_SECRET']
-		register_service(:google, app_id: ENV['GOOGLE_APP_ID'],
-									app_secret: ENV['GOOGLE_APP_SECRET'],
-									auth_url: "https://accounts.google.com/o/oauth2/auth",
-									token_url: "https://www.googleapis.com/oauth2/v3/token",
-									profile_url: "https://www.googleapis.com/oauth2/v1/userinfo",
-									scope: "profile email") if ENV['GOOGLE_APP_ID'] && ENV['GOOGLE_APP_SECRET']
-
-	end
-end
-
-# This method creates the OAuth2Ctrl route.
-# This is actually a short-cut for:
-#
-#       shared_route "auth/(:id)/(:code)" , Plezi::OAuth2Ctrl
-#       Plezi::OAuth2Ctrl.auth_callback = Proc.new {|service, user_id, user_email, service_response| ... }
-#
-# the `:id` parameter is used to identify the service (facebook, google. etc').
-#
-# The method accepts a block that will be used to set the authentication callback. See the Plezi::OAuth2Ctrl documentation for details.
-#
-# The method can be called only once and will self-destruct.
-def create_auth_shared_route options = {}, &block
-	shared_route "auth/(:id)" , Plezi::OAuth2Ctrl
-	undef create_auth_shared_route
-	Plezi::OAuth2Ctrl.auth_callback &block if block
-	Plezi::OAuth2Ctrl
-end

data/resources/404.haml

@@ -1,121 +0,0 @@
-!!!5
-%head
-	:css
-		/*
-		med-blue: #44518E
-		dark-gray: #424A70
-		blue: #1B2864
-		light-blue: #818ECE
-		light-gray: #99A3CE
-		*/
-		body, html
-		{
-			background-color: #99A3CE;
-			padding: 0; margin: 0;
-			width: 100%;
-			font-size: 1em;
-		}
-
-		h1
-		{
-		    font-family: 'Shadows Into Light', cursive;
-		    background-color: #1B2864;
-		    color: #99A3CE;
-		    text-align: center;
-		    border-bottom: 4px solid #424A70;
-		    margin: 0 0 1em 0;
-		    padding: 0.4em 0;
-		    width: 100%;
-		}
-		h2
-		{
-		    background-color: #44518E;
-		    color: #C6CCE7;
-		    text-align: left;
-		    margin: 0 0 1em 0;
-		    padding: 0.5em 5%;
-		    border-radius: 20px 20px 0 0;
-		    font-family: 'Architects Daughter', cursive;
-		    border-bottom: 3px solid #424A70;
-		    font-size: 1.2em;
-		}
-		h3
-		{
-		    font-family: 'Architects Daughter', cursive;    
-		    background-color: #44518E;
-		    color: #C6CCE7;
-		    text-align: left;
-		    margin: 0 0 1em 0;
-		    padding: 0.5em 5%;
-		    border-radius: 1em 1em 0 0;
-		    border-bottom: 2px solid #424A70;
-		    font-size: 1.1em;
-		}
-		h2:before {
-		  content: "|||";
-		  color: #99A3CE;
-		  padding-right: 0.3em;
-		  margin-left: -0.5em;
-		}
-		h3:before {
-			content: "|||||";
-			color: #99A3CE;
-			padding-right: 0.3em;
-			margin-left: -1em;
-		}
-		h1 a, h2 a, h3 a
-		{
-		    color: #EBCD86;
-		}
-		h1 a:hover, h2 a:hover, h3 a:hover
-		{
-		    color: #EBD7A6;
-		}
-		p
-		{
-		    font-size: 1em;
-		    padding: 0 1em;
-		    margin: 0.5em 0;        
-		}
-		a
-		{
-		    color: #D0AC54;
-		    text-decoration: none;
-		}
-		a:hover
-		{
-		    color: #927121;
-		    text-decoration: underline;
-		}
-		#wrapper
-		{
-		    background-color: #fff;
-		    margin: 1em 5%;
-		    padding: 0 0 2%;
-		    border-radius: 20px;
-		    min-height: 50%;
-		    color: #007;
-		}
-
-		#wrapper p{ padding: 0 2%;}
-		.bold { font-weight: bold; }
-		#wrapper ol li{ padding: 0 2%;}
-		pre
-		{
-		    border-radius: 20px;
-		    padding: 0.5em 0;
-		    background-color: #444;
-		    color: #ddd;
-		}
-		@media screen and (max-width: 680px)
-		{
-		}
-%body
-	%h1< Plezi 404 error code (missing, not broken)...
-	#wrapper
-		%h2#missing
-			couldn't find
-			= defined?(request) ? request.path : "what you're looking for..."
-		%p Sorry, we couldn't find what you're looking for...
-		%p ... but we can always bring you something nice from another location, right?
-		/ want to use your layout? use the :haml_concat method to wrap the 404 error code message. see http://haml.info/docs/yardoc/Haml/Helpers.html#haml_concat-instance_method .

data/resources/404.html

@@ -1,124 +0,0 @@
-<!DOCTYPE html>
-<head>
-  <style>
-    /*
-    med-blue: #44518E
-    dark-gray: #424A70
-    blue: #1B2864
-    light-blue: #818ECE
-    light-gray: #99A3CE
-    */
-    body, html
-    {
-        background-color: #99A3CE;
-        padding: 0; margin: 0;
-        width: 100%;
-        font-size: 1em;
-    }
-
-    h1
-    {
-        font-family: 'Shadows Into Light', cursive;
-        background-color: #1B2864;
-        color: #99A3CE;
-        text-align: center;
-        border-bottom: 4px solid #424A70;
-        margin: 0 0 1em 0;
-        padding: 0.4em 0;
-        width: 100%;
-    }
-    h2
-    {
-        background-color: #44518E;
-        color: #C6CCE7;
-        text-align: left;
-        margin: 0 0 1em 0;
-        padding: 0.5em 5%;
-        border-radius: 20px 20px 0 0;
-        font-family: 'Architects Daughter', cursive;
-        border-bottom: 3px solid #424A70;
-        font-size: 1.2em;
-    }
-    h3
-    {
-        font-family: 'Architects Daughter', cursive;    
-        background-color: #44518E;
-        color: #C6CCE7;
-        text-align: left;
-        margin: 0 0 1em 0;
-        padding: 0.5em 5%;
-        border-radius: 1em 1em 0 0;
-        border-bottom: 2px solid #424A70;
-        font-size: 1.1em;
-    }
-    h2:before {
-      content: "|||";
-      color: #99A3CE;
-      padding-right: 0.3em;
-      margin-left: -0.5em;
-    }
-    h3:before {
-      content: "|||||";
-      color: #99A3CE;
-      padding-right: 0.3em;
-      margin-left: -1em;
-    }
-    h1 a, h2 a, h3 a
-    {
-        color: #EBCD86;
-    }
-    h1 a:hover, h2 a:hover, h3 a:hover
-    {
-        color: #EBD7A6;
-    }
-    p
-    {
-        font-size: 1em;
-        padding: 0 1em;
-        margin: 0.5em 0;        
-    }
-    a
-    {
-        color: #D0AC54;
-        text-decoration: none;
-    }
-    a:hover
-    {
-        color: #927121;
-        text-decoration: underline;
-    }
-    #wrapper
-    {
-        background-color: #fff;
-        margin: 1em 5%;
-        padding: 0 0 2%;
-        border-radius: 20px;
-        min-height: 50%;
-        color: #007;
-    }
-
-    #wrapper p{ padding: 0 2%;}
-    .bold { font-weight: bold; }
-    #wrapper ol li{ padding: 0 2%;}
-    pre
-    {
-        border-radius: 20px;
-        padding: 0.5em 0;
-        background-color: #444;
-        color: #ddd;
-    }
-    @media screen and (max-width: 680px)
-    {
-    }
-  </style>
-</head>
-<body>
-  <h1>Plezi 404 error code (missing, not broken)...</h1>
-  <div id='wrapper'>
-      <h2 id='missing'>
-        couldn't find your request...
-      </h2>
-      <p>Sorry, we couldn't find what you're looking for...</p>
-      <p>... but we can always bring you something nice from another location, right?</p>
-  </div>
-</body>