plezi 0.8.4 → 0.8.5

data/lib/plezi/oauth.rb

@@ -1,4 +1,5 @@
 # requires the open-uri library.
-require 'open-uri'
+# require 'open-uri'
+require 'net/http'
 # require the OAuth2 controller
-require 'plezi/oauth/auth_controller.rb'
+require 'plezi/oauth/auth_controller.rb'

data/lib/plezi/oauth/auth_controller.rb

@@ -1,61 +1,80 @@
-require 'open-uri'
+
 
 
 
 module Plezi
 
 	#########################################
-	# This is a social Authentication Controller
+	# This is a social Authentication Controller for OAuth2 services.
+	# This controller allows you to easily deploy Facebook Login, Google Login and any other OAuth2 complient login service.
+	#
+	# To include this controller in your application, you need to require it using:
+	#
+	#       require 'plezi/oauth'
 	#
-	# This controller currently supports:
+	# It is possible to manualy register any OAuth 2.0 authentication service using the `register_service` method:
+	# 
+	#           	register_service(:foo,
+	#           			app_id: 'registered app id / client id',
+	#           			app_secret: 'registered app secret / client secret',
+	#           			auth_url: "https://foo.bar.com/o/oauth2/auth",
+	#           			token_url: "https://foo.bar.com/oauth2/v3/token",
+	#           			profile_url: "https://foo.bar/oauth2/v1/userinfo",
+	#           			scope: "profile email")
+	#
+	# The `.register_service` method will be automatically called for the following login services:
 	#
 	# - Facebook authentication using the Graph API, v. 2.3 - [see Facebook documentation](https://developers.facebook.com/docs/facebook-login/manually-build-a-login-flow/v2.3).
 	# - Google authentication using the OAuth 2.0 API - [see Google documentation](https://developers.google.com/identity/protocols/OAuth2WebServer).
 	#
-	# It's also possible to manualy register any OAuth 2.0 authentication service using the `register_service` method.
-	#
-	# To use this Controller in your application, make sure the following variables are set:
+	# To enjoy autorgistration for Facebook or Google, make sure the following environment variables are set:
 	#       ENV['FB_APP_ID'] = {facebook_app_id}
 	#       ENV['FB_APP_SECRET'] = {facebook_app_secret}
 	#       ENV['GOOGLE_APP_ID'] = {google_app_id}
 	#       ENV['GOOGLE_APP_SECRET'] = {google_app_secret}
 	#
-	# Add the following route to routes.rb file (as always, route placement order effects behavior):
+	# To add the OAuth routes to the routes, use the following short-cut method (add it to the `routes.rb`) file:
 	#
 	#       create_auth_shared_route do |service, remote_user_id, email, full_remote_response|	
 	#          # perform any specific app authentication logic such as saving the info.
 	#          # return the current user or false if the callback is called with an authentication failure.
 	#       end
 	#
-	# The `create_auth_shared_route` method is a shortcut for calling the `#shared_route` method with the relevant arguments and setting the OAuth2Ctrl callback.
+	# \* Notice that, as always, route placement order effects behavior, so that routes are checked according to order of creation.
+	#
+	# The `create_auth_shared_route` method is a shortcut taht calls the `#shared_route` method with the relevant arguments and sets the OAuth2Ctrl callback.
 	#
 	# Use the following links for social authentication:
 	#
-	# - Facebook: "/auth/facebook?redirect_after=/foo/bar"
-	# - Google: "/auth/google?redirect_after=/foo/bar"
-	# - foo_service: "/auth/foo_service?redirect_after=/foo/bar"
+	# - Facebook: "/auth/facebook"
+	# - Google: "/auth/google"
+	# - foo_service: "/auth/foo_service"
 	#
+	# You can control the page to which the user will return once authentication is complete
+	# (even when authentication fails) by setting the "redirect_after" parameter into the GET request in the url. for example:
+	# 
+	# - Google: "/auth/google?redirect_after=/foo/bar"
 	class OAuth2Ctrl
 
-		# Sets (or gets) the callback to be called after authentication is attempeted.
+		# Sets (or gets) the global callback to be called after authentication is attempeted.
 		#
 		# Accepts a block that will be called with the following parameters:
 		# service_name:: the name of the service. i.e. :facebook, :google, etc'.
 		# service_token:: the authentication token returned by the service. This token should be stored for future access
 		# remote_user_id:: service's user id.
-		# remote_user_email:: users primamry email, if registed with the service.
+		# remote_user_email:: user's primamry email, as (and if) registed with the service.
 		# remote_response:: a Hash with the complete user data response (including email and id).
 		#
-		# If the authentication fails for Facebook, the block will be called with the following values `auth_callback.call(nil, ni, {server: :responce, might_be: :empty})`
+		# If the authentication fails for the service, the block will be called with the following values `auth_callback.call(nil, ni, {server: :responce, might_be: :empty})`
 		#
 		# The block will be run in the context of the controller and all the controller's methods will be available to it.
 		#
 		# i.e.:
-		#       OAuth2Ctrl.auth_callback |service, service_token, id, email, res|  cookies["#{service}_pl_auth_token".to_sym], cookies["#{service}_user_id".to_sym], cookies["#{service}_user_email".to_sym] = service_token, id, email }
+		#       OAuth2Ctrl.auth_callback |service, service_token, id, email, full_res|  PL.info "OAuth got: #{full_res.to_s}"; cookies["#{service}_pl_auth_token".to_sym], cookies["#{service}_user_id".to_sym], cookies["#{service}_user_email".to_sym] = service_token, id, email }
 		#
 		# defaults to the example above, which isn't a very sercure behavior, but allows for easy testing.
 		def self.auth_callback &block
-			block_given? ? (@auth_callback = block) : ( @auth_callback ||= (Proc.new {|service, service_token, id, email, res| Plezi.info "deafult callback called for #{service}, with response: #{res.to_s}";  cookies["#{service}_pl_auth_token".to_sym], cookies["#{service}_user_id".to_sym], cookies["#{service}_user_email".to_sym] = service_token, id, email}) )
+			block_given? ? (@@auth_callback = block) : ( @@auth_callback ||= (Proc.new {|service, service_token, id, email, res| Plezi.info "deafult callback called for #{service}, with response: #{res.to_s}";  cookies["#{service}_pl_auth_token".to_sym], cookies["#{service}_user_id".to_sym], cookies["#{service}_user_email".to_sym] = service_token, id, email}) )
 		end
 
 
@@ -69,20 +88,20 @@ module Plezi
 		# options:: a Hash of options, some of which are required.
 		#
 		# The options are:
-		# app_id:: the aplication's unique ID registered with the service. i.e. ENV[FB_APP_ID] (storing these in environment variables is safer then hardcoding them)
-		# app_secret:: the aplication's unique secret registered with the service.
-		# auth_url:: the authentication URL. This is the url to which the user is redirected. i.e.: "https://www.facebook.com/dialog/oauth"
-		# token_url:: the token request URL. This is the url used to switch the single-use code into a persistant authentication token. i.e.: "https://www.googleapis.com/oauth2/v3/token"
-		# profile_url:: the URL used to ask the service for the user's profile (the service's API url). i.e.: "https://graph.facebook.com/v2.3/me"
+		# app_id:: Required. The aplication's unique ID registered with the service. i.e. ENV [FB_APP_ID] (storing these in environment variables is safer then hardcoding them)
+		# app_secret:: Required. The aplication's unique secret registered with the service.
+		# auth_url:: Required. The authentication URL. This is the url to which the user is redirected. i.e.: "https://www.facebook.com/dialog/oauth"
+		# token_url:: Required. The token request URL. This is the url used to switch the single-use code into a persistant authentication token. i.e.: "https://www.googleapis.com/oauth2/v3/token"
+		# profile_url:: Required. The URL used to ask the service for the user's profile (the service's API url). i.e.: "https://graph.facebook.com/v2.3/me"
 		# scope:: a String representing the scope requested. i.e. 'email profile'.
 		#
-		# There will be an attempt to aitomatically register Facebook and Google login services under these conditions:
+		# There will be an attempt to automatically register Facebook and Google login services under these conditions:
 		#
-		# * For Facebook: Both ENV['FB_APP_ID'] && ENV['FB_APP_SECRET'] have been defined.
-		# * For Google: Both ENV['GOOGLE_APP_ID'] && ENV['GOOGLE_APP_SECRET'] have been defined.
+		# * For Facebook: Both ENV ['FB_APP_ID'] && ENV ['FB_APP_SECRET'] have been defined.
+		# * For Google: Both ENV ['GOOGLE_APP_ID'] && ENV ['GOOGLE_APP_SECRET'] have been defined.
 		#
 		#
-		# Just for reference, at the time of this writing:
+		# The auto registration uses the following urls (updated to June 5, 2015):
 		#
 		# * facebook auth_url: "https://www.facebook.com/dialog/oauth"
 		# * facebook token_url: "https://graph.facebook.com/v2.3/oauth/access_token"
@@ -91,6 +110,8 @@ module Plezi
 		# * google token_url: "https://www.googleapis.com/oauth2/v3/token"
 		# * google profile_url: "https://www.googleapis.com/plus/v1/people/me"
 		#
+		# to change the default url's for Facebook or Google, simpley re-register the service using this method.
+		#
 		def self.register_service service_name, options
 			raise "Cannot register service, missing required information." unless service_name && options[:auth_url] && options[:token_url] && options[:profile_url] && options[:app_id] && options[:app_secret]
 			# for google, scope is space delimited. for facebook it's comma delimited
@@ -201,8 +222,8 @@ end
 #
 # The method can be called only once and will self-destruct.
 def create_auth_shared_route options = {}, &block
-	shared_route "auth/(:id)/(:code)" , Plezi::OAuth2Ctrl
+	shared_route "auth/(:id)" , Plezi::OAuth2Ctrl
 	undef create_auth_shared_route
-	Plezi::OAuth2Ctrl.auth_callback = block if block
+	Plezi::OAuth2Ctrl.auth_callback &block if block
 	Plezi::OAuth2Ctrl
 end

data/lib/plezi/server/http_protocol.rb

@@ -296,6 +296,17 @@ module Plezi
 	end
 end
 
+
+# # HTTPProtocol - to do list
+#
+# XML::
+# support for XML HTTP body types?
+#
+# Charset::
+# parse chareset for incoming content-type in the multipart request body? (or leave if binary?)
+
+
+
 ## Heroku/extra headers info
 
 # All headers are considered to be case-insensitive, as per HTTP Specification.

data/lib/plezi/server/websocket_client.rb

@@ -0,0 +1,172 @@
+module Plezi
+
+	# Websocket client objects are members of this class.
+	#
+	# This is a VERY simple Websocket client. It doesn't support cookies, HTTP authentication or... well... anything, really.
+	# It's just a simple client used for the Plezi framework's testing. It's usful for simple WebSocket connections, but no more.
+	class WebsocketClient
+		attr_accessor :response, :request
+
+		class RequestEmulator < Hash
+			def service
+				self[:connection]
+			end
+		end
+
+		def initialize request
+			@response = WSResponse.new request
+			@options = request[:options]
+			@on_message = @options[:on_message]
+			raise "Websocket client must have an #on_message Proc." unless @on_message && @on_message.is_a?(Proc)
+			@on_connect = @options[:on_connect]
+			@on_disconnect = @options[:on_disconnect]
+		end
+
+		def on_message(data = false, &block)
+			unless data
+				@on_message = block if block
+				return @on_message
+			end
+			instance_exec( data, &@on_message) 
+		end
+
+		def on_connect(&block)
+			if block
+				@on_connect = block
+				return @on_connect
+			end
+			instance_exec(&@on_connect) if @on_connect
+		end
+
+		def on_disconnect(&block)
+			if block
+				@on_disconnect = block
+				return @on_disconnect
+			end
+			instance_exec(&@on_disconnect) if @on_disconnect
+		end
+
+		#disconnects the Websocket.
+		def disconnect
+			@response.close if @response
+		end
+
+		# sends data through the socket. a shortcut for ws_client.response <<
+		def << data
+			@response << data			
+		end
+
+		# Create a simple Websocket Client(!)
+		#
+		# This method accepts two parameters:
+		# url:: a String representing the URL of the websocket. i.e.: 'ws://foo.bar.com:80/ws/path'
+		# options:: a Hash with options to be used. The options will be used to define
+		# &block:: an optional block that accepts one parameter (data) and will be used as the `#on_message(data)`
+		#
+		# The method will either return a WebsocketClient instance object or it will raise an exception.
+		#
+		# An on_message Proc must be defined, or the method will fail.
+		#
+		# The on_message Proc can be defined using the optional block:
+		#
+		#      WebsocketClient.connect_to("ws://localhost:3000/") {|data| response << data} #echo example
+		#
+		# OR, the on_message Proc can be defined using the options Hash: 
+		#
+		#      WebsocketClient.connect_to("ws://localhost:3000/", on_connect: -> {}, on_message: -> {|data| response << data})
+		#
+		# The #on_message(data), #on_connect and #on_disconnect methods will be executed within the context of the WebsocketClient
+		# object, and will have natice acess to the Websocket response object.
+		#
+		# After the WebsocketClient had been created, it's possible to update the #on_message and #on_disconnect methods:
+		#
+		#      # updates #on_message
+		#      wsclient.on_message do |data|
+		#           response << "I'll disconnect on the next message!"
+		#           # updates #on_message again.
+		#           on_message {|data| disconnect }
+		#      end
+		#
+		#
+		# !!please be aware that the Websockt Client will not attempt to verify SSL certificates,
+		# so that even SSL connections are subject to a possible man in the middle attack.
+		def self.connect_to url, options={}, &block
+			options[:on_message] ||= block
+			options[:handler] = WebsocketClient
+			options[:protocol] = EventMachine::Protocol
+			url = URI.parse(url) unless url.is_a?(URI)
+			connection_type = EventMachine::Connection
+
+			socket = false #implement the connection, ssl vs. no ssl
+			if url.scheme == "https" || url.scheme == "wss"
+				connection_type = EventMachine::SSLConnection
+				options[:ssl_client] = true
+				url.port ||= 443
+			end
+			url.port ||= 80
+			socket = TCPSocket.new(url.host, url.port)
+			connection = connection_type.new socket, options
+			psedo_request = RequestEmulator.new
+			psedo_request[:connection] = connection
+			psedo_request[:client_ip] = 'WS Client'
+			psedo_request[:url] = url
+			psedo_request[:options] = options
+			WSProtocol.client_handshake psedo_request
+			connection.handler
+			rescue => e
+				socket.close if socket
+				raise e
+		end
+
+	end
+
+	class WSProtocol < EventMachine::Protocol
+		def self.client_handshake psedo_request, timeout = 5
+			connection = psedo_request[:connection]
+			url = psedo_request[:url]
+			# send protocol upgrade request
+			websocket_key = [(Array.new(16) {rand 255} .pack 'c*' )].pack('m0*')
+			connection.send "GET #{url.path}#{url.query.to_s.empty? ? '' : ('?' + url.query)} HTTP/1.1\r\nHost: #{url.host}#{url.port ? (':'+url.port.to_s) : ''}\r\nUpgrade: websocket\r\nConnection: Upgrade\r\nSec-WebSocket-Key: #{websocket_key}\r\nSec-WebSocket-Version: 13\r\n\r\n"
+			# wait for answer - make sure we don't over-read
+			# (a websocket message might be sent immidiately after connection is established)
+			reply = ''
+			reply.force_encoding('binary')
+			start_time = Time.now
+			stop_reply = "\r\n\r\n"
+			until reply[-4..-1] == stop_reply
+				(reply << connection.read(1)) rescue (sleep 0.1)
+				raise Timeout::Error, "Websocket client handshake timed out (HTTP reply not recieved)\n\n Got Only: #{reply.dump}" if Time.now >= (start_time + 5)
+			end
+			# review reply
+			raise 'Connection Refused.' unless reply.lines[0].match(/^HTTP\/[\d\.]+ 101/i)
+			raise 'Websocket Key Authentication failed.' unless reply.match(/^Sec-WebSocket-Accept:[\s]*([^\s]*)/i) && reply.match(/^Sec-WebSocket-Accept:[\s]*([^\s]*)/i)[1] == Digest::SHA1.base64digest(websocket_key + '258EAFA5-E914-47DA-95CA-C5AB0DC85B11')
+			# set-up handler response object. 
+			connection.handler = WebsocketClient.new psedo_request
+
+			# raise "not yet implemented"
+
+			# set the connetion's protocol to a new WSProtocol instance
+			connection.protocol = self.new psedo_request[:connection], psedo_request[:options]
+			# add the socket to the EventMachine IO reactor
+			EventMachine.add_io connection.socket, connection
+			true
+		end
+	end
+end
+
+
+######
+## example requests
+
+# GET /nickname HTTP/1.1
+# Upgrade: websocket
+# Connection: Upgrade
+# Host: localhost:3000
+# Origin: https://www.websocket.org
+# Cookie: test=my%20cookies; user_token=2INa32_vDgx8Aa1qe43oILELpSdIe9xwmT8GTWjkS-w
+# Pragma: no-cache
+# Cache-Control: no-cache
+# Sec-WebSocket-Key: 1W9B64oYSpyRL/yuc4k+Ww==
+# Sec-WebSocket-Version: 13
+# Sec-WebSocket-Extensions: x-webkit-deflate-frame
+# User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10) AppleWebKit/600.1.25 (KHTML, like Gecko) Version/8.0 Safari/600.1.25

data/lib/plezi/version.rb

@@ -1,3 +1,3 @@
 module Plezi
-    VERSION = "0.8.4"
+    VERSION = "0.8.5"
 end

data/resources/Gemfile

@@ -86,3 +86,4 @@ gem 'plezi'
 ## but first, please remember that AcriveRecord needs extra attention when multi-threading
 # gem 'activerecord', :require => 'active_record'
 # gem 'bcrypt', '~> 3.1.7'
+# gem 'standalone_migrations' # will provide better rake tasks support for ActiveRecord

data/resources/database.yml

@@ -0,0 +1,33 @@
+# The following are common database setting as recomended by Heroku:
+default: &default
+  adapter: postgresql
+  host: localhost
+  username: user
+
+development:
+  <<: *default
+  database: app-dev
+
+production:
+  <<: *default
+  database: app-dev
+
+# # Here is an Sqlite3 example DB.
+# # You can use it to update the default if you want to use Sqlite3
+# sqlite3_db:
+#   adapter: sqlite3
+#   pool: 5
+#   timeout: 5000
+#   database: db/db.sqlite3
+
+
+# # Here is a MySQL example DB.
+# # You can use it to update the default if you want to use MySQL
+# mysql_db:
+#   adapter: mysql2
+#   encoding: utf8
+#   username: root
+#   password: password
+#   host: localhost
+#   port: 3306
+#   database: database_name

data/resources/db_ac_config.rb

@@ -7,19 +7,13 @@
 # 
 ############
 ## ActiveRecord without Rails
-# more info @:
+# more info at:
 # https://www.youtube.com/watch?v=o0SzhgYntK8
 # demo code here:
 # https://github.com/stungeye/ActiveRecord-without-Rails
 if defined? ActiveRecord
-
-	if defined? SQLite3
-		ActiveRecord::Base.establish_connection :adapter => 'sqlite3', :database => Root.join('db','db.sqlite3').to_s, encoding: 'unicode'
-	elsif defined? PG
-		ActiveRecord::Base.establish_connection :adapter => 'postgresql', encoding: 'unicode'
-  else
-    Plezi.logger.warning "ActiveRecord database adapter not auto-set. Update the db_ac_config.rb file"
-	end
+	puts "Loading ActiveRecord database setting: #{ENV['ENV']}"
+	ActiveRecord::Base.establish_connection(  YAML::load(  File.open( Root.join('db', 'config.yml').to_s )  )[ ENV["ENV"].to_s ]  )
 
 	# if debugging purposes, uncomment this line to see the ActiveRecord's generated SQL:
 	# ActiveRecord::Base.logger = Plezi.logger
@@ -27,32 +21,39 @@ if defined? ActiveRecord
 	# Uncomment this line to make the logger output look nicer in Windows.
 	# ActiveSupport::LogSubscriber.colorize_logging = false
 
+	# Load ActiveRecord Tasks, if implemented
 	if defined? Rake
-##########
-# start rake segment
-
-    namespace :db do
-
-      desc "Migrate the database so that it is fully updated, using db/migrate."
-      task :migrate do
-        ActiveRecord::Base.logger = Plezi.logger
-        ActiveRecord::Migrator.migrate(Root.join('db', 'migrate').to_s, ENV["VERSION"] ? ENV["VERSION"].to_i : nil )
-      end
-
-      desc "Seed the database using the db/seeds.rb file"
-      task :seed do
-        if ::File.exists? Root.join('db','seeds.rb').to_s
-          load Root.join('db','seeds.rb').to_s
-        else
-          puts "the seeds file doesn't exists. please create a seeds.db file and place it in the db folder for the app."
-        end
-      end
-
-    end
-
-# end rake segment
-##########
+
+		begin
+			require 'standalone_migrations'
+			StandaloneMigrations::Tasks.load_tasks
+		rescue Exception => e
+			ActiveRecord::Tasks::DatabaseTasks.env = ENV['ENV'] || 'development'
+			ActiveRecord::Tasks::DatabaseTasks.database_configuration = YAML.load(File.read(Root.join('db', 'config.yml').to_s))
+			ActiveRecord::Tasks::DatabaseTasks.db_dir = Root.join('db').to_s
+			ActiveRecord::Tasks::DatabaseTasks.fixtures_path = Root.join( 'db', 'fixtures').to_s
+			ActiveRecord::Tasks::DatabaseTasks.migrations_paths = [Root.join('db', 'migrate').to_s]
+			ActiveRecord::Tasks::DatabaseTasks.seed_loader = Class.new do
+				def self.load_seed
+					filename = Root.join('db', 'seeds.rb').to_s
+					unless File.file?(filename)
+						IO.write filename, ''
+					end
+					load filename
+				end
+			end
+			ActiveRecord::Tasks::DatabaseTasks.root = Root.to_s
+
+			task :environment do
+				ActiveRecord::Base.configurations = ActiveRecord::Tasks::DatabaseTasks.database_configuration
+				ActiveRecord::Base.establish_connection ActiveRecord::Tasks::DatabaseTasks.env.to_sym
+			end
+
+			load 'active_record/railties/databases.rake'
+
+		end
 	end
 
+
 end