tpitale-rack-oauth2-server 2.2.1

data/Rakefile

@@ -0,0 +1,90 @@
+require "rake/testtask"
+
+spec = Gem::Specification.load(Dir["*.gemspec"].first)
+
+desc "Install dependencies"
+task :setup do
+  puts "Installing gems for testing with Sinatra ..."
+  sh "bundle install"
+  puts "Installing gems for testing with Rails 2.3 ..."
+  sh "env BUNDLE_GEMFILE=Rails2 bundle install"
+  puts "Installing gems for testing with Rails 3.x ..."
+  sh "env BUNDLE_GEMFILE=Rails3 bundle install"
+end
+
+desc "Run this in development mode when updating the CoffeeScript file"
+task :coffee do
+  sh "coffee -w -o lib/rack/oauth2/admin/js/ lib/rack/oauth2/admin/js/application.coffee"
+end
+
+task :compile do
+  sh "coffee -c -l -o lib/rack/oauth2/admin/js/ lib/rack/oauth2/admin/js/application.coffee"
+end
+
+desc "Build the Gem"
+task :build=>:compile do
+  sh "gem build #{spec.name}.gemspec"
+end
+
+desc "Install #{spec.name} locally"
+task :install=>:build do
+  sudo = "sudo" unless File.writable?( Gem::ConfigMap[:bindir])
+  sh "#{sudo} gem install #{spec.name}-#{spec.version}.gem"
+end
+
+desc "Push new release to gemcutter and git tag"
+task :push=>["test:all", "build"] do
+  sh "git push"
+  puts "Tagging version #{spec.version} .."
+  sh "git tag v#{spec.version}"
+  sh "git push --tag"
+  puts "Building and pushing gem .."
+  sh "gem push #{spec.name}-#{spec.version}.gem"
+end
+
+desc "Run all tests"
+Rake::TestTask.new do |task|
+  task.test_files = FileList['test/**/*_test.rb']
+  if Rake.application.options.trace
+    #task.warning = true
+    task.verbose = true
+  elsif Rake.application.options.silent
+    task.ruby_opts << "-W0"
+  else
+    task.verbose = true
+  end
+    task.ruby_opts << "-I."
+end
+
+namespace :test do
+  task :all=>["test:sinatra", "test:rails2", "test:rails3"]
+  desc "Run all tests against Sinatra"
+  task :sinatra do
+    sh "rake test FRAMEWORK=sinatra"
+  end
+  desc "Run all tests against Rails"
+  task :rails do
+    sh "rake test FRAMEWORK=rails"
+  end
+  desc "Run all tests against Rails 2.3.x"
+  task :rails2 do
+    sh "env BUNDLE_GEMFILE=Rails2 rake test FRAMEWORK=rails"
+  end
+  desc "Run all tests against Rails 3.x"
+  task :rails3 do
+    sh "env BUNDLE_GEMFILE=Rails3 bundle exec rake test FRAMEWORK=rails"
+  end
+end
+task :default=>"test:all"
+
+begin 
+  require "yard"
+  YARD::Rake::YardocTask.new do |doc|
+    doc.files = FileList["lib/**/*.rb"]
+  end
+rescue LoadError
+end
+
+task :clean do
+  rm_rf %w{doc .yardoc *.gem}
+end

data/VERSION

@@ -0,0 +1 @@
+2.2.1

data/bin/oauth2-server

@@ -0,0 +1,206 @@
+#!/usr/bin/env ruby
+$LOAD_PATH.unshift File.expand_path(File.dirname(__FILE__) + '/../lib')
+require "rack/oauth2/server"
+require "uri"
+
+# this is a weird way to shorten the namespace
+include Rack::OAuth2
+
+
+# if (i = ARGV.index("--db")) && ARGV[i+1]
+#   url = ARGV[i + 1]
+#   uri = URI.parse(url)
+#   uri = URI.parse("mongo://#{url}") if uri.opaque
+#   db = Mongo::Connection.new(uri.host, uri.port)[uri.path.sub(/^\//, "")]
+#   db.authenticate uri.user, uri.password if uri.user
+#   Server.database = db
+#   ARGV[i,2] = []
+# end
+if (i = ARGV.index("--port") || ARGV.index("-p")) && ARGV[i+1]
+  port = ARGV[i + 1].to_i
+  ARGV[i,2] = []
+end
+
+
+case ARGV[0]
+when "list"
+
+  # fail "No database. Use the --db option to tell us which database to use" unless Server.database
+  Server::Client.all.each do |client|
+    next if client.revoked
+    print "%-30s\t%s\n" % [client.display_name, client.link]
+    print "  ID %s\tSecret %s\n" % [client.id, client.secret]
+    print "\n"
+  end
+
+when "register"
+
+  # fail "No database. Use the --db option to tell us which database to use" unless Server.database
+  begin
+    print "Application name:\t"
+    display_name = $stdin.gets
+    print "Application URL:\t"
+    link = $stdin.gets
+    print "Redirect URI:\t\t"
+    redirect_uri = $stdin.gets
+    print "Scope (space separated names):\t\t"
+    scope = $stdin.gets
+    client = Server::Client.create(:display_name=>display_name, :link=>link, :redirect_uri=>redirect_uri, :scope=>scope)
+  rescue
+    puts "\nFailed to register client: #{$!}"
+    exit -1
+  end
+  puts "Registered #{client.display_name}"
+  puts "ID\t#{client.id}"
+  puts "Secret\t#{client.secret}"
+
+when "setup"
+
+  # fail "No database. Use the --db option to tell us which database to use" unless Server.database
+  puts "Where would you mount the Web console? This is a URL that must end with /admin,"
+  puts "for example, http://example.com/oauth/admin"
+  print ": "
+  uri = URI.parse($stdin.gets)
+  begin
+    uri.normalize!
+    fail "No an HTTP/S URL" unless uri.absolute? && %{http https}.include?(uri.scheme)
+    fail "Path must end with /admin" unless uri.path[/\/admin$/]
+    client = Server::Client.create(:display_name=>"OAuth Console", :link=>uri.to_s, :image_url=>"#{uri.to_s}/images/oauth-2.png",
+                             :redirect_uri=>uri.to_s, :scope=>"oauth-admin")
+  rescue
+    puts "\nFailed to register client: #{$!}"
+    exit -1
+  end
+  print <<-TEXT
+
+Next Steps
+==========
+
+Make sure you ONLY authorize administrators to use the oauth-admin scope.
+For example:
+
+  before_filter do
+    # Only admins allowed to authorize the scope oauth-admin
+    head oauth.deny! if oauth.scope.include?("oauth-admin") && !current_user.admin?
+  end
+
+Rails 2.x, add the following to config/environment.rb:
+
+  config.after_initialize do
+    config.middleware.use Rack::OAuth2::Server::Admin.mount "#{uri.path}"
+    Rack::OAuth2::Server::Admin.set :client_id, "#{client.id}"
+    Rack::OAuth2::Server::Admin.set :client_secret, "#{client.secret}"
+  end
+
+Rails 3.x, add the following to config/application.rb:
+
+  config.after_initialize do
+    Rack::OAuth2::Server::Admin.set :client_id, "#{client.id}"
+    Rack::OAuth2::Server::Admin.set :client_secret, "#{client.secret}"
+  end
+
+And add the follownig to config/routes.rb:
+
+  mount Rack::OAuth2::Server::Admin=>"/oauth/admin"
+
+Sinatra, Padrino and other Rack applications, mount the console:
+
+  Rack::Builder.new do
+    map("#{uri.path}") { run Rack::OAuth2::Server::Admin }
+    map("/") { run MyApp }
+  end
+  Rack::OAuth2::Server::Admin.set :client_id, "#{client.id}"
+  Rack::OAuth2::Server::Admin.set :client_secret, "#{client.secret}"
+
+The console will authorize access by redirecting to
+  https://#{uri.host}/oauth/authorize
+
+If this is not your OAuth 2.0 authorization endpoint, you can change it by
+setting the :authorize option.
+  TEXT
+
+when "practice"
+
+  require "logger"
+  begin
+    require "thin"
+  rescue LoadError
+    puts "Needs the Thin Web server. Please gem install thin and run again"
+    exit -1
+  end
+  require "rack/oauth2/server/practice"
+
+  # fail "No database. Use the --db option to tell us which database to use" unless Server.database
+  port ||= 8080
+  admin_url = "http://localhost:#{port}/oauth/admin"
+  unless client = Server::Client.lookup(admin_url)
+    client = Server::Client.create(:display_name=>"Practice OAuth Console", :image_url=>"#{admin_url}/images/oauth-2.png",
+                             :link=>admin_url, :redirect_uri=>admin_url, :scope=>"oauth-admin")
+  end
+  Server::Admin.configure do |config|
+    logger = Logger.new(STDOUT)
+    logger.level = Logger::DEBUG
+    config.set :client_id, client.id
+    config.set :client_secret, client.secret
+    config.set :scope, "nobody sudo"
+    config.set :logger, logger
+    config.set :logging, true
+    config.set :dump_errors, true
+    config.oauth.logger = logger
+  end
+
+  Server::Practice.configure do |config|
+    logger = Logger.new(STDOUT)
+    logger.level = Logger::DEBUG
+    config.set :logger, logger
+    config.set :logging, true
+    config.set :dump_errors, true
+    config.oauth.logger = logger
+  end
+
+  print "\nFiring up the practice server.\nFor instructions, go to http://localhost:#{port}/\n\n\n"
+  Thin::Server.new "127.0.0.1", port  do
+    map("/") { run Server::Practice.new }
+    map("/oauth/admin") { run Server::Admin.new }
+  end.start
+
+# when "migrate"
+# 
+#   # fail "No database. Use the --db option to tell us which database to use" unless Server.database
+#   puts "Set all clients to this scope (can change later by calling Client.register):"
+#   print ": "
+#   scope = $stdin.gets.strip.split
+#   puts "Updating Client scope to #{scope.join(", ")}"
+#   Server::Client.collection.find({ :scope=>{ :$exists=>false } }, :fields=>[]).each do |client|
+#     update = { :scope=>scope,
+#       :tokens_granted=>Server::AccessToken.count(:client_id=>client["_id"]),
+#       :tokens_revoked=>Server::AccessToken.count(:client_id=>client["_id"], :revoked=>true) }
+#     Server::Client.collection.update({ :_id=>client["_id"] }, { :$set=>update })
+#   end
+#   [Server::AccessToken, Server::AccessGrant, Server::AuthRequest].each do |mod|
+#     puts "Updating #{mod.name} scope from string to array"
+#     mod.collection.find({ :scope=>{ :$type=>2 } }, :fields=>[]).each do |token|
+#       scope = token["scope"].split
+#       mod.collection.update({ :_id=>token["_id"] }, { :$set=>{ :scope=>scope } })
+#     end
+#   end
+else
+
+  print <<-TEXT
+Usage: oauth2-server [options] COMMAND [args]
+Version #{Server::VERSION}
+
+Commands:
+  list            Lists all active clients
+  migrate         Run this when migrating from 1.x to 2.x
+  practice        Runs a dummy OAuth 2.0 server, use this to test your OAuth 2.0 client
+  register        Register a new client application
+  setup           Create new admin account and help you setup the OAuth Web console
+
+Options:
+  --db database   Database name or connection URL
+  --port number   Port to run admin server, detault is 8080
+  TEXT
+  exit -1
+
+end

data/lib/rack-oauth2-server.rb

@@ -0,0 +1,4 @@
+require "rack/oauth2/server"
+require "rack/oauth2/sinatra" if defined?(Sinatra)
+require "rack/oauth2/rails" if defined?(Rails)
+require "rack/oauth2/server/railtie" if defined?(Rails::Railtie)

data/lib/rack/oauth2/admin/css/screen.css

@@ -0,0 +1,347 @@
+html {
+  background: #eee;
+}
+body {
+  margin: 0;
+  padding: 0;
+  width: 100%;
+  font: 12pt "Helvetica", "Lucida Sans", "Verdana";
+}
+
+a { text-decoration: none; color: #00c; }
+a:hover, a:focus { text-decoration: underline; color: #00c; }
+h1, h2 {
+  text-shadow: rgba(255,255,255,.2) 0 1px 1px;
+  color: rgb(76, 86, 108);
+}
+h1 { font-size: 18pt; margin: 0.6em 0 }
+h2 { font-size: 16pt; margin: 0.3em 0 }
+
+label {
+  display: block;
+  color: #000;
+  font-weight: 600;
+  font-size: 0.9em;
+  margin: 0.9em 0;
+}
+label input, label textarea, label select {
+  display: block;
+}
+label.check {
+  font-weight: normal;
+}
+label.check input {
+  display: inline;
+}
+label input, label textarea {
+  font-size: 12pt;
+  line-height: 1.3em;
+}
+label .hint {
+  font-weight: normal;
+  color: #666;
+  margin: 0;
+}
+button {
+  font-size: 11pt;
+  text-shadow: 0 -1px 1px rgba(0,0,0,0.25);
+  border: 1px solid #dddddd;
+  background: #f6f6f6 50% 50% repeat-x;
+  font-weight: bold;
+  color: #0073ea;
+  outline: none;
+  line-height: 1.3em;
+  vertical-align: bottom;
+  padding: 2px 8px;
+  background: -webkit-gradient(linear, 0% 0%, 0% 100%, from(rgba(226,226,226,0.0)), to(rgba(226,226,226,1.0)));
+  -webkit-border-radius: 4px; -moz-border-radius: 4px;
+  -moz-box-shadow: 0 0 4px rgba(0,0,0,0.0);
+  -webkit-box-shadow: 0 0 4px rgba(0,0,0,0.0);
+}
+button:hover, button:focus {
+  text-shadow: 0 -1px 1px rgba(255,255,255,0.25);
+  border: 1px solid #0073ea;
+  background: #0073ea 50% 50% repeat-x;
+  background: -webkit-gradient(linear, 0% 0%, 0% 100%, from(rgba(0, 115, 234, 0.5)), to(rgba(0,115,234, 1.0)));
+  color: #fff;
+  text-decoration: none;
+  cursor: pointer;
+  -moz-box-shadow: 0 2px 4px rgba(0,0,0,0.5);
+  -webkit-box-shadow: 0 1px 3px rgba(0,0,0,0.5);
+}
+button:active { background: -webkit-gradient(linear, 0% 0%, 0% 100%, from(rgba(0, 115, 234, 1.0)), to(rgba(0,115,234, 0.5))); position: relative; top: 1px }
+.error {
+  color: #f44;
+  padding-left: 1em;
+}
+
+
+/* Message dropping down from the top */
+#notice {
+  position: absolute;
+  top: 0;
+  left: 0;
+  right: 0;
+  line-height: 1.6em;
+  background: #FFFE36;
+  color: #000;
+  border-bottom: 1px solid #ddd;
+  text-align: center;
+  z-index: 99;
+}
+
+#header {
+  margin: 0;
+  padding: 1em 2em 3em 2em;
+  border-bottom: 2px solid #CCC;
+  background: #6595A4;
+  color: #fff;
+}
+#header .title {
+  font-size: 18pt;
+  font-weight: bold;
+  display: block;
+  line-height: 32px;
+  float: left;
+}
+#header .title a {
+  color: #fff;
+  text-shadow: white 0px 0px 1px;
+  text-decoration: none;
+}
+#header .title img {
+  width: 32px;
+  height: 32px;
+  vertical-align: bottom;
+}
+#header .signout, #header .signin {
+  color: #C8E9F3;
+  float: right;
+  font-size: 11pt;
+  line-height: 32px;
+  display: none;
+}
+
+#main {
+  margin: 0;
+  padding: 2em 2em 4em 2em;
+  background: #fff;
+  border: 1px solid #fff;
+  min-width: 960px;
+}
+#footer {
+  background: #eee;
+  color: #666;
+  border-top: 1px solid #ccc;
+  font-size: 90%;
+  padding: 0 2em 2em 2em;
+}
+
+table {
+  width: 100%;
+  table-layout: auto;
+  empty-cells: show;
+  border-collapse: separate;
+  border-spacing: 0px;
+  margin-top: 2em;
+}
+table th {
+  text-align: left;
+  border-bottom: 1px solid #ccc;
+  margin-right: 48px;
+}
+table td {
+  text-align: left;
+  vertical-align: top;
+  border-bottom: 1px solid #ddf;
+  line-height: 32px;
+  margin: 0;
+  padding: 0;
+}
+table tr:hover td {
+  background: #ddf;
+}
+table td.created, table td.revoke, table td.accessed {
+  width: 6em;
+}
+table tr.revoked td, table tr.revoked a {
+  color: #888;
+}
+table button {
+  margin-top: -2px;
+  font-size: 10pt;
+}
+
+table.clients td.name {
+  padding-left: 32px;
+}
+table.clients td.name img {
+  width: 24px;
+  height: 24px;
+  border: none;
+  margin: 4px 4px -4px -32px;
+}
+table.clients td.secrets {
+  width: 28em;
+}
+table.clients td.secrets dl {
+  display: none;
+  width: 40em;
+  margin: 0 -12em 0.6em 0;
+  line-height: 1.3em;
+}
+table.clients td.secrets dt {
+  width: 4em;
+  float: left;
+  color: #888;
+  margin-bottom: 0.3em;
+}
+table.clients td.secrets dd:after {
+  content: ".";
+  display: block;
+  clear: both;
+  visibility: hidden;
+  line-height: 0;
+  height: 0;
+}
+
+table.tokens td.token {
+  width: 36em;
+}
+table.tokens td.scope {
+  float: none;
+}
+
+.pagination {
+  width: 100%;
+  margin-top: 2em;
+}
+.pagination a[rel=next] {
+  float: right;
+}
+.pagination a[rel=previous] {
+  float: left;
+}
+
+.metrics {
+  height: 100px;
+}
+.metrics #fig {
+  float: left;
+  width: 500px;
+  height: 60px;
+}
+.metrics:after {
+  content: ".";
+  display: block;
+  clear: both;
+  visibility: hidden;
+  line-height: 0;
+  height: 0;
+}
+.badges {
+  list-style: none;
+  margin:  0;
+  padding: 0;
+  text-align: right;
+  width: 100%;
+}
+.badges li {
+  display: inline-block;
+  margin-left: 8px;
+  min-width: 8em;
+}
+.badges  big {
+  font-size: 22pt;
+  display: block;
+  text-align: center;
+}
+.badges small {
+  font-size: 11pt;
+  display: block;
+  text-align: center;
+}
+
+.client .details {
+  margin: 0 0 2em 0;
+}
+.client .details .name {
+  margin: 0;
+  font-size: 16pt;
+  font-weight: bold;
+  float: left;
+}
+.client .details img {
+  border: none;
+  width: 24px;
+  height: 24px;
+  vertical-align: bottom;
+}
+.client .details .actions {
+  float: left;
+  line-height: 20pt;
+  margin-left: 1em;
+}
+.client .details .actions a {
+  margin: 0 0 0 0.3em;
+}
+.client .details .meta {
+  clear: both;
+  display: block;
+  color: #888;
+  font-size: 10pt;
+}
+.client .details .notes {
+  font-size: 11pt;
+  margin: 0.2em 0;
+}
+
+.client.new, .client.edit {
+  margin: 0;
+  padding: 1em;
+  border: 1px solid #eee;
+}
+.client .fields>#image {
+  float: left;
+  margin: 0.5em 12px 0 0;
+  width: 48px;
+  height: 48px;
+}
+.client .fields>* {
+  margin-left: 60px;
+}
+.client .fields {
+  float: left;
+}
+.client .scope {
+  float: right;
+}
+.client .scope .uncommon {
+  color: red;
+}
+.client hr {
+  clear: both;
+  border: none;
+  margin: 1em;
+}
+
+.no-access {
+  margin: 0;
+  padding: 0;
+}
+.no-access h1 {
+  color: red;
+}
+
+#throbber {
+  display: none;
+  position: absolute;
+  top: 6em;
+  right: 2em;
+  width: 48px;
+  height: 48px;
+  content: "";
+}
+.loading {
+  background: url("../images/loading.gif") no-repeat 50% 50%;
+}