rammer 1.1.2 → 2.0.0

data/lib/modules/migrations/02_create_sessions.rb

@@ -0,0 +1,36 @@
+=begin
+**************************************************************************
+* The MIT License (MIT)
+
+* Copyright (c) 2013-2014 QBurst Technologies Inc.
+
+* Permission is hereby granted, free of charge, to any person obtaining a copy
+* of this software and associated documentation files (the "Software"), to deal
+* in the Software without restriction, including without limitation the rights
+* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+* copies of the Software, and to permit persons to whom the Software is
+* furnished to do so, subject to the following conditions:
+
+* The above copyright notice and this permission notice shall be included in
+* all copies or substantial portions of the Software.
+
+* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+* THE SOFTWARE.
+
+**************************************************************************
+=end
+
+class CreateSessions < ActiveRecord::Migration
+  def change
+  	create_table(:sessions) do |t|
+      t.string :user_id
+      t.string :session_token
+    end
+    add_index  :sessions, :session_token, :unique => true
+  end
+end

data/lib/modules/migrations/03_create_owners.rb

@@ -0,0 +1,40 @@
+=begin
+**************************************************************************
+* The MIT License (MIT)
+
+* Copyright (c) 2013-2014 QBurst Technologies Inc.
+
+* Permission is hereby granted, free of charge, to any person obtaining a copy
+* of this software and associated documentation files (the "Software"), to deal
+* in the Software without restriction, including without limitation the rights
+* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+* copies of the Software, and to permit persons to whom the Software is
+* furnished to do so, subject to the following conditions:
+
+* The above copyright notice and this permission notice shall be included in
+* all copies or substantial portions of the Software.
+
+* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+* THE SOFTWARE.
+
+**************************************************************************
+=end
+
+class CreateOwners < ActiveRecord::Migration
+  def self.up
+    create_table :owners do |t|
+      t.timestamps
+      t.string     :username
+    end
+	add_index :owners, [:username]
+  end
+
+  def self.down
+    drop_table :owners
+  end
+end

data/lib/modules/migrations/04_create_oauth2_authorizations.rb

@@ -0,0 +1,50 @@
+=begin
+**************************************************************************
+* The MIT License (MIT)
+
+* Copyright (c) 2013-2014 QBurst Technologies Inc.
+
+* Permission is hereby granted, free of charge, to any person obtaining a copy
+* of this software and associated documentation files (the "Software"), to deal
+* in the Software without restriction, including without limitation the rights
+* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+* copies of the Software, and to permit persons to whom the Software is
+* furnished to do so, subject to the following conditions:
+
+* The above copyright notice and this permission notice shall be included in
+* all copies or substantial portions of the Software.
+
+* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+* THE SOFTWARE.
+
+**************************************************************************
+=end
+
+class CreateOauth2Authorizations < ActiveRecord::Migration
+  def self.up
+    create_table :oauth2_authorizations do |t|
+      t.timestamps
+      t.string     :oauth2_resource_owner_type
+      t.integer    :oauth2_resource_owner_id
+      t.belongs_to :oauth2_client
+      t.string     :scope
+      t.string     :code,               :limit => 40
+      t.string     :access_token,  :limit => 40
+      t.string     :refresh_token, :limit => 40
+      t.datetime   :expires_at
+    end
+    add_index :oauth2_authorizations, [:oauth2_client_id, :code]
+    add_index :oauth2_authorizations, [:access_token]
+    add_index :oauth2_authorizations, [:oauth2_client_id, :access_token], :name => 'access_token_index'
+    add_index :oauth2_authorizations, [:oauth2_client_id, :refresh_token], :name => 'refresh_token_index'
+  end
+
+  def self.down
+    drop_table :oauth2_authorizations
+  end
+end

data/lib/modules/migrations/05_create_oauth2_clients.rb

@@ -0,0 +1,45 @@
+=begin
+**************************************************************************
+* The MIT License (MIT)
+
+* Copyright (c) 2013-2014 QBurst Technologies Inc.
+
+* Permission is hereby granted, free of charge, to any person obtaining a copy
+* of this software and associated documentation files (the "Software"), to deal
+* in the Software without restriction, including without limitation the rights
+* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+* copies of the Software, and to permit persons to whom the Software is
+* furnished to do so, subject to the following conditions:
+
+* The above copyright notice and this permission notice shall be included in
+* all copies or substantial portions of the Software.
+
+* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+* THE SOFTWARE.
+
+**************************************************************************
+=end
+
+class CreateOauth2Clients < ActiveRecord::Migration
+  def self.up
+    create_table :oauth2_clients do |t|
+      t.string     :name
+      t.string     :client_id
+      t.string     :client_secret_hash
+      t.string     :redirect_uri
+      t.string     :basic_code
+      t.timestamps
+    end
+    add_index :oauth2_clients, :client_id, :unique => true
+  end
+
+  def self.down
+    drop_table :oauth2_clients
+  end
+
+end

data/lib/modules/models/oauth2_authorization.rb

@@ -0,0 +1,203 @@
+=begin
+**************************************************************************
+* The MIT License (MIT)
+
+* Copyright (c) 2013-2014 QBurst Technologies Inc.
+
+* Permission is hereby granted, free of charge, to any person obtaining a copy
+* of this software and associated documentation files (the "Software"), to deal
+* in the Software without restriction, including without limitation the rights
+* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+* copies of the Software, and to permit persons to whom the Software is
+* furnished to do so, subject to the following conditions:
+
+* The above copyright notice and this permission notice shall be included in
+* all copies or substantial portions of the Software.
+
+* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+* THE SOFTWARE.
+
+**************************************************************************
+=end
+
+class Oauth2Authorization < ActiveRecord::Base
+  belongs_to :client, :class_name => 'Oauth2Client'
+=begin
+Process each oauth api requests for required results.
+=end
+  def self.api_call(params,env,endpoint)
+    if User.validate_params?(params,endpoint)
+      case endpoint
+      when "register"
+        expected_response,response_message = Oauth2Client.register(params)
+      when "request_token"
+        expected_response,response_message = Oauth2Client.process_request(params,env,"code")
+      when "authorize"
+        expected_response,response_message = Oauth2Client.process_request(params,env,"authorize")
+      when "access_token"
+        expected_response,response_message = Oauth2Client.process_request(params,env,"token")
+      when "token"
+        expected_response,response_message = Owner.process_bearer_request(params,env,"bearer_token")
+      when "invalidate_token"
+        expected_response,response_message = Owner.process_bearer_request(params,env,"invalidate")
+      end
+      return expected_response,response_message
+    else
+      error = "Parameters missing or invalid."
+      error_response = Oauth2Authorization.error_response(error) 
+      return error_response,false
+    end 
+  end 
+=begin
+Creates and returns the basic oauth details.
+=end
+  def get_token(owner,client, attributes = {})
+    return nil unless owner and client
+    @instance = owner.oauth2_authorization(client,owner) ||
+        Oauth2Authorization.new do |authorization|
+            authorization.oauth2_resource_owner_id  = owner.id
+            authorization.oauth2_client_id = client.id
+        end
+    case attributes[:response_type]
+    when 'code'
+      @instance.code ||= create_code(client)
+    when 'token'
+      @instance.access_token  ||= create_access_token
+      @instance.refresh_token ||= create_refresh_token(client)
+    end
+
+    if @instance.expires_at.nil?        
+      @instance.expires_at = attributes[:duration].present? ? Time.now + attributes[:duration].to_i : nil         
+    elsif attributes[:invalidate]
+      @instance.expires_at = Time.now
+    end
+
+    if @instance.scope.nil?
+      @instance.scope = attributes[:scope].present? ? attributes[:scope] : nil        
+    elsif attributes[:scope].present?
+      @instance.scope += "," + attributes[:scope] unless @instance.scope.include? attributes[:scope]
+    end
+
+    @instance.save
+    return @instance
+
+    rescue Object => error
+      raise error
+  end
+=begin
+Creates and returns the basic api response.
+=end
+  def api_response(redirect_uri)
+    redirect_to_url = self.build_url(redirect_uri,"token") 
+    self.refresh_access_token if self.expired? 
+    return redirect_to_url
+  end
+=begin
+Refreshes the expired access token.
+=end
+  def refresh_access_token
+    self.expires_at = Time.now + 3600   
+    save
+  end
+=begin
+Creates and returns the request token code.
+=end
+  def create_code(client)
+    Songkick::OAuth2.generate_id do |code|
+        return code
+    end
+  end
+=begin
+Creates and returns the access token.
+=end
+  def create_access_token
+    hash = nil
+    Songkick::OAuth2.generate_id do |token|
+      hash = Songkick::OAuth2.hashify(token)         
+    end
+    return hash
+  end
+=begin
+Creates and returns the request token hash.
+=end
+  def create_refresh_token(client)
+    verified_client = Oauth2Client.find_by_client_id(client.client_id)
+    Songkick::OAuth2.generate_id do |refresh_token|
+      if verified_client
+          hash = Songkick::OAuth2.hashify(refresh_token)
+        else
+            hash = nil
+          end
+    end
+      return hash
+  end
+=begin
+Handles the scope attribute.
+=end
+  def scopes
+    scopes = scope ? scope.split(/\s+/) : []
+    scopes = attributes[:scope]
+    Set.new(scopes).to_s
+  end
+=begin
+Checks the presence of scope attribute value.
+=end
+  def in_scope?(request_scope)
+    [*request_scope].all?(&scopes.method(:include?))
+  end
+=begin
+Checks the expiry of access token.
+=end
+  def expired?
+    return false unless expires_at
+    expires_at < Time.now
+  end
+=begin
+Creates and returns the access token hash.
+=end
+  def generate_access_token
+    self.access_token ||= self.create_access_token
+    save && access_token
+  end
+=begin
+Creates and generates the request token code.
+=end
+  def generate_code
+    self.code ||= self.create_code(client)
+    save && code
+  end
+=begin
+Creates and returns the error response.
+=end
+  def self.error_response(error)
+    error_response = {
+      :error => "Unauthorized access",
+      :description => error,
+      :status => 401
+    }
+  end
+=begin
+Creates and returns the redirect url.
+=end
+  def build_url(redirect_uri,type)
+    path = redirect_uri.split('#',2).first if redirect_uri.include? "#"
+    path = redirect_uri.split('?',2).first if redirect_uri.include? "?"
+    case type
+    when "token"
+      return path + "?access_token=#{self.access_token}"
+    when "code"
+      return path + "?request_token=#{self.code}"
+    end
+  end
+=begin
+Creates and returns the redirect url basic path.
+=end
+  def redirect(auth)
+    return auth.redirect_uri.split('#',2).first
+  end
+end

data/lib/modules/models/oauth2_client.rb

@@ -0,0 +1,216 @@
+=begin
+**************************************************************************
+* The MIT License (MIT)
+
+* Copyright (c) 2013-2014 QBurst Technologies Inc.
+
+* Permission is hereby granted, free of charge, to any person obtaining a copy
+* of this software and associated documentation files (the "Software"), to deal
+* in the Software without restriction, including without limitation the rights
+* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+* copies of the Software, and to permit persons to whom the Software is
+* furnished to do so, subject to the following conditions:
+
+* The above copyright notice and this permission notice shall be included in
+* all copies or substantial portions of the Software.
+
+* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+* THE SOFTWARE.
+
+**************************************************************************
+=end
+
+class Oauth2Client < ActiveRecord::Base
+  has_many :oauth2_authorizations
+  attr_accessible :name, :client_id, :client_secret_hash, :redirect_uri
+  validates_presence_of :name, :client_id, :client_secret_hash, :redirect_uri
+  validates_uniqueness_of :client_id
+
+  before_validation :generate_keys, :on => :create
+=begin
+Registers a new oauth client and returns the required details.
+=end
+  def self.register(params)
+    if @client = Oauth2Client.find_by_name(params.name)
+      error = "Client already exists."
+      error_message = Oauth2Authorization.error_response(error)
+      return error_message, false
+    else
+      @oauth2_client = Oauth2Client.create!(:name => params.name, :redirect_uri => params.redirect_uri)          
+      string = "#{@oauth2_client.client_id}:#{@oauth2_client.client_secret_hash}"
+      @oauth2_client.update_attribute(:basic_code, Base64.encode64(string))
+      redirect_url = @oauth2_client.redirect_to_url(params.callback_url)
+      return redirect_url, true
+    end
+  end
+=begin
+Checks for valid authorization basic code.
+=end
+  def self.valid_authorization?(params)
+    authorization_decoded = Base64.decode64(params.authorization)   
+    @client = Oauth2Client.find_by_client_id(params.client_id)
+    if @client 
+      unless authorization_decoded.eql?("#{@client.client_id}:#{@client.client_secret_hash}")
+        return false, "present"
+      else
+        return true, "present"
+      end
+    else
+      return false, "absent"
+    end   
+  end
+
+=begin
+Processes the /access_token /authorize and /request_token endpoint and returns the required oauth details.
+=end
+  def self.process_request(params,env,action)
+    if User.logged_in?(params)
+      case action
+      when "code"
+        expected_response,response_message = Oauth2Client.grant_code(params,env)
+      when "token"
+        expected_response,response_message = Oauth2Client.grant_access(params,env,"user")
+      when "authorize"
+        @oauth2 = Songkick::OAuth2::Provider.parse(@owner, env)
+        expected_response = "Redirection url to authorization page" 
+        response_message = true
+      end
+      return expected_response,response_message
+    else
+      error = "Invalid user session."
+      error_response = Oauth2Authorization.error_response(error) 
+      return error_response,false
+    end
+  end
+=begin
+Creates and returns request token for the client.
+=end
+  def self.grant_code(params,env)
+    @owner  = Owner.find_by_username(params.username)
+    @owner = Owner.create(:username => params.username) if @owner.nil?
+
+    @oauth2 = Songkick::OAuth2::Provider.parse(@owner, env)  
+    if @oauth2.valid?    
+      @auth = Songkick::OAuth2::Provider::Authorization.new(@owner, params)
+      @authenticated_owner = Oauth2Authorization.find_by_oauth2_resource_owner_id_and_oauth2_client_id(@owner.id,@auth.client.id)
+      unless @authenticated_owner
+        @instance = Oauth2Client.obtain_token(params, @auth,"code")
+      else
+        @instance = @authenticated_owner
+      end
+      if @instance.code.nil?                
+        error_message = Oauth2Authorization.error_response(@oauth2.error_description)
+        return error_message, false   
+      else
+        redirect_to_url = @instance.build_url(@auth.redirect_uri,"code") 
+        @instance.refresh_access_token if @instance.expired?  
+        return redirect_to_url, true                      
+      end  
+    else
+      error_message = Oauth2Authorization.error_response(@oauth2.error_description) 
+      return error_message, false  
+    end
+  end
+=begin
+Creates and returns access token for the client.
+=end
+  def self.grant_access(params,env,request_type)
+    if request_type == "user"
+      @owner  = Owner.find_by_username(params.username)
+      @owner = Owner.create(:username => params.username) if @owner.nil?
+    else
+      @owner  = Owner.find_by_username(params.host_name+"_bearer")
+      @owner = Owner.create(:username => params.host_name+"_bearer") if @owner.nil?
+    end
+
+    @oauth2 = Songkick::OAuth2::Provider.parse(@owner, env)  
+    if @oauth2.valid?    
+      @auth = Songkick::OAuth2::Provider::Authorization.new(@owner, params)
+      @authenticated_owner = Oauth2Authorization.find_by_oauth2_resource_owner_id_and_oauth2_client_id(@owner.id,@auth.client.id)
+      unless @authenticated_owner
+        @instance = Oauth2Client.obtain_token(params, @auth,"token")   
+      else
+        @instance = @authenticated_owner
+      end
+      if @instance.access_token.nil?                
+        error_message = Oauth2Authorization.error_response(@oauth2.error_description)
+        return error_message, false   
+      elsif @instance.code.nil? && request_type == "user"
+        error = "Invalid request. Request token generation required."
+        error_message = Oauth2Authorization.error_response(error)
+        return error_message, false   
+      else
+        if request_type == "bearer"
+          redirect_to_url = @instance.api_response(@auth.redirect_uri)
+          return redirect_to_url, true 
+        elsif @instance.code == params.request_token && request_type == "user"
+          redirect_to_url = @instance.api_response(@auth.redirect_uri) 
+          return redirect_to_url, true  
+        else 
+          error = "Invalid request token."
+          error_message = Oauth2Authorization.error_response(error)
+          return error_message, false      
+        end            
+      end  
+    else
+      error_message = Oauth2Authorization.error_response(@oauth2.error_description) 
+      return error_message, false  
+    end
+  end
+=begin
+Invalidates the bearer token for the specifies client.
+=end
+  def self.invalidate_token(params,env)
+    @owner  = Owner.find_by_username(params.host_name+"_bearer")            
+    if @owner.nil?
+      error = "No Bearer token issued to this client."
+      error_message = Oauth2Authorization.error_response(error)
+      return error_message, false 
+    else
+      @oauth2 = Songkick::OAuth2::Provider.parse(@owner, env)
+      if @oauth2.valid? 
+        @auth = Songkick::OAuth2::Provider::Authorization.new(@owner, params)                 
+        @oauth2_authorization_instance = Oauth2Authorization.new()
+        @instance = @oauth2_authorization_instance.get_token(@auth.owner,@auth.client,
+                  :response_type => "token",
+                  :invalidate => true)                                                  
+        return @instance.redirect(@auth), true                   
+      else
+        error_message = Oauth2Authorization.error_response(@oauth2.error_description) 
+        return error_message, false  
+      end
+    end
+  end
+=begin
+Builds the redirect url for oauth.
+=end
+  def redirect_to_url(callback_url)
+    client_details = "client_id=#{self.client_id}"
+    return callback_url + "?#{client_details}"
+  end
+
+  protected
+=begin
+Creates and returns oauth client secret key hash and id.
+=end
+  def generate_keys
+    self.client_id = OAuth::Helper.generate_key(40)[0,40]
+    self.client_secret_hash = OAuth::Helper.generate_key(40)[0,40]
+  end
+=begin
+Creates and returns the basic oauth details.
+=end
+  def self.obtain_token(params, auth,action)
+    @oauth2_authorization_instance = Oauth2Authorization.new()
+    @instance = @oauth2_authorization_instance.get_token(auth.owner, auth.client,
+              :response_type => action,
+              :scope => params["scope"].present? ? params["scope"] : nil,
+              :duration => params["duration"].present? ? params["duration"] : 3600)
+    return @instance
+  end
+end

data/lib/modules/models/owner.rb

@@ -0,0 +1,65 @@
+=begin
+**************************************************************************
+* The MIT License (MIT)
+
+* Copyright (c) 2013-2014 QBurst Technologies Inc.
+
+* Permission is hereby granted, free of charge, to any person obtaining a copy
+* of this software and associated documentation files (the "Software"), to deal
+* in the Software without restriction, including without limitation the rights
+* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+* copies of the Software, and to permit persons to whom the Software is
+* furnished to do so, subject to the following conditions:
+
+* The above copyright notice and this permission notice shall be included in
+* all copies or substantial portions of the Software.
+
+* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+* THE SOFTWARE.
+
+**************************************************************************
+=end
+
+class Owner < ActiveRecord::Base
+  has_many :oauth2_authorizations
+=begin
+Returns oauth details for specified client id.
+=end
+  def oauth2_authorization_for(client)
+    Oauth2Authorization.find_by_oauth2_client_id(client.id)
+  end
+=begin
+Returns oauth details for specified client id and owner id.
+=end
+  def oauth2_authorization(client,owner)
+    Oauth2Authorization.find_by_oauth2_client_id_and_oauth2_resource_owner_id(client.id,owner.id)
+  end
+=begin
+Processes the /token and /invalidate_token endpoint and returns the required doauth details.
+=end
+  def self.process_bearer_request(params,env,action)
+    flag, void_value = Oauth2Client.valid_authorization?(params)
+		if flag && void_value == "present"
+      case action
+      when "bearer_token"
+		    expected_response,response_message = Oauth2Client.grant_access(params,env,"bearer")
+      when "invalidate"
+        expected_response,response_message = Oauth2Client.invalidate_token(params,env)
+      end
+      return expected_response,response_message
+	  elsif void_value == "present"
+			error = "Invalid authorization code"
+			error_response = Oauth2Authorization.error_response(error) 
+      return error_response,false
+		else
+		  error = "Invalid client id"
+			error_response = Oauth2Authorization.error_response(error) 
+      return error_response,false
+		end
+  end
+end

data/lib/modules/models/session.rb

@@ -0,0 +1,30 @@
+=begin
+**************************************************************************
+* The MIT License (MIT)
+
+* Copyright (c) 2013-2014 QBurst Technologies Inc.
+
+* Permission is hereby granted, free of charge, to any person obtaining a copy
+* of this software and associated documentation files (the "Software"), to deal
+* in the Software without restriction, including without limitation the rights
+* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+* copies of the Software, and to permit persons to whom the Software is
+* furnished to do so, subject to the following conditions:
+
+* The above copyright notice and this permission notice shall be included in
+* all copies or substantial portions of the Software.
+
+* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+* THE SOFTWARE.
+
+**************************************************************************
+=end
+
+class Session < ActiveRecord::Base
+has_many :users
+end