twitter-login 0.1.0 → 0.2.0

data/README.markdown

@@ -28,17 +28,17 @@ frameworks.
 
     ## Sinatra
     enable :sessions
-    use Twitter::Login, :key => 'CONSUMER KEY', :secret => 'SECRET'
+    use Twitter::Login, :consumer_key => 'KEY', :secret => 'SECRET'
     helpers Twitter::Login::Helpers
     
     ## Rails
     # environment.rb:
-    config.middleware.use Twitter::Login, :key => 'CONSUMER KEY', :secret => 'SECRET'
+    config.middleware.use Twitter::Login, :consumer_key => 'KEY', :secret => 'SECRET'
     
     # application_controller.rb
     include Twitter::Login::Helpers
 
-Fill in the `:key`, `:secret` placeholders with real values. You're done.
+Fill in the `:consumer_key`, `:secret` placeholders with real values. You're done.
 
 
 What it does
@@ -58,7 +58,7 @@ Configuration
 
 Available options for `Twitter::Login` middleware are:
 
-* `:key` -- OAuth consumer key *(required)*
+* `:consumer_key` -- OAuth consumer key *(required)*
 * `:secret` -- OAuth secret *(required)*
 * `:login_path` -- where user goes to login (default: "/login")
 * `:return_to` -- where user goes after login (default: "/")
@@ -72,8 +72,8 @@ The `Twitter::Login::Helpers` module (for Sinatra, Rails) adds these methods to
 * `twitter_user` (Hashie::Mash) -- Info about authenticated user. Check this object to
   know whether there is a currently logged-in user. Access user data like `twitter_user.screen_name`
 * `twitter_logout` -- Erases info about Twitter login from session, effectively logging-out the Twitter user
-* `twitter_consumer` (Twitter::Base) -- An OAuth consumer client from ["twitter" gem][gem].
-  With it you can query anything on behalf of authenticated user, e.g. `twitter_consumer.friends_timeline`
+* `twitter_client` (Twitter::Base) -- An OAuth consumer client from ["twitter" gem][gem].
+  With it you can query anything on behalf of authenticated user, e.g. `twitter_client.friends_timeline`
 
 [register]: http://twitter.com/apps/new
 [gem]: http://rdoc.info/projects/jnunemaker/twitter

data/lib/twitter/login.rb

@@ -5,20 +5,23 @@ require 'hashie/mash'
 class Twitter::Login
   attr_reader :options
   
-  DEFAULTS = {
-    :login_path => '/login', :return_to => '/',
-    :site => 'http://twitter.com', :authorize_path => '/oauth/authenticate'
-  }
+  class << self
+    attr_accessor :consumer_key, :secret
+  end
+  
+  DEFAULTS = { :login_path => '/login', :return_to => '/' }
   
   def initialize(app, options)
     @app = app
     @options = DEFAULTS.merge options
+    self.class.consumer_key, self.class.secret = @options[:consumer_key], @options[:secret]
   end
   
   def call(env)
     request = Request.new(env)
     
     if request.get? and request.path == options[:login_path]
+      @oauth = nil
       # detect if Twitter redirected back here
       if request[:oauth_verifier]
         handle_twitter_authorization(request) do
@@ -26,7 +29,7 @@ class Twitter::Login
         end
       elsif request[:denied]
         # user refused to log in with Twitter, so give up
-        redirect_to_return_path(request)
+        handle_denied_access(request)
       else
         # user clicked to login; send them to Twitter
         redirect_to_twitter(request)
@@ -37,13 +40,14 @@ class Twitter::Login
   end
   
   module Helpers
-    def twitter_consumer
-      token = OAuth::AccessToken.new(oauth_consumer, *session[:access_token])
-      Twitter::Base.new token
+    def twitter_client
+      oauth = twitter_oauth
+      oauth.authorize_from_access(*session[:access_token])
+      Twitter::Base.new oauth
     end
     
-    def oauth_consumer
-      OAuth::Consumer.new(*session[:oauth_consumer])
+    def twitter_oauth
+      Twitter::OAuth.new Twitter::Login.consumer_key, Twitter::Login.secret
     end
     
     def twitter_user
@@ -53,7 +57,7 @@ class Twitter::Login
     end
     
     def twitter_logout
-      [:oauth_consumer, :access_token, :twitter_user].each do |key|
+      [:access_token, :twitter_user].each do |key|
         session[key] = nil # work around a Rails 2.3.5 bug
         session.delete key
       end
@@ -83,17 +87,16 @@ class Twitter::Login
   
   def redirect_to_twitter(request)
     # create a request token and store its parameter in session
-    token = oauth_consumer.get_request_token(:oauth_callback => request.url)
-    request.session[:request_token] = [token.token, token.secret]
+    oauth.set_callback_url(request.url)
+    request.session[:request_token] = [oauth.request_token.token, oauth.request_token.secret]
     # redirect to Twitter authorization page
-    redirect token.authorize_url
+    redirect oauth.request_token.authorize_url
   end
   
   def handle_twitter_authorization(request)
-    access_token = get_access_token(request)
+    authorize_from_request(request)
     
     # get and store authenticated user's info from Twitter
-    twitter = Twitter::Base.new access_token
     request.session[:twitter_user] = twitter.verify_credentials.to_hash
     
     # pass the request down to the main app
@@ -109,20 +112,21 @@ class Twitter::Login
     end
   end
   
+  def handle_denied_access(request)
+    request.session[:request_token] = nil # work around a Rails 2.3.5 bug
+    request.session.delete(:request_token)
+    redirect_to_return_path(request)
+  end
+  
   private
   
-  def get_access_token(request)
-    # replace the request token in session with access token
-    request_token = ::OAuth::RequestToken.new(oauth_consumer, *request.session[:request_token])
-    access_token = request_token.get_access_token(:oauth_verifier => request[:oauth_verifier])
+  # replace the request token in session with access token
+  def authorize_from_request(request)
+    rtoken, rsecret = request.session[:request_token]
+    oauth.authorize_from_request(rtoken, rsecret, request[:oauth_verifier])
     
-    # store access token and OAuth consumer parameters in session
     request.session.delete(:request_token)
-    request.session[:access_token] = [access_token.token, access_token.secret]
-    consumer = access_token.consumer
-    request.session[:oauth_consumer] = [consumer.key, consumer.secret, consumer.options]
-    
-    return access_token
+    request.session[:access_token] = [oauth.access_token.token, oauth.access_token.secret]
   end
   
   def redirect_to_return_path(request)
@@ -133,8 +137,11 @@ class Twitter::Login
     ["302", {'Location' => url, 'Content-type' => 'text/plain'}, []]
   end
   
-  def oauth_consumer
-    ::OAuth::Consumer.new options[:key], options[:secret],
-      :site => options[:site], :authorize_path => options[:authorize_path]
+  def oauth
+    @oauth ||= Twitter::OAuth.new options[:consumer_key], options[:secret], :sign_in => true
+  end
+  
+  def twitter
+    Twitter::Base.new oauth
   end
 end

data/spec/login_spec.rb

@@ -21,7 +21,7 @@ describe Twitter::Login do
       
       builder = Rack::Builder.new
       builder.use Rack::Session::Cookie
-      builder.use described_class, :key => 'abc', :secret => '123'
+      builder.use described_class, :consumer_key => 'abc', :secret => '123'
       builder.run main_app
       builder.to_app
     end
@@ -31,12 +31,21 @@ describe Twitter::Login do
     @request = Rack::MockRequest.new(@app)
   end
   
+  it "should expose consumer key/secret globally" do
+    Twitter::Login.consumer_key.should == 'abc'
+    Twitter::Login.secret.should == '123'
+  end
+  
+  it "should ignore normal requests" do
+    get('/', :lint => true)
+    response.status.should == 200
+    response.body.should == 'Hello world'
+  end
+  
   it "should login with Twitter" do
-    consumer = mock_oauth_consumer('OAuth Consumer')
-    token = mock('Request Token', :authorize_url => 'http://disney.com/oauth', :token => 'abc', :secret => '123')
-    consumer.should_receive(:get_request_token).with(:oauth_callback => 'http://example.org/login').and_return(token)
-    # request.session[:request_token] = token
-    # redirect token.authorize_url
+    request_token = mock('Request Token', :authorize_url => 'http://disney.com/oauth', :token => 'abc', :secret => '123')
+    oauth = mock_oauth('Twitter OAuth', :request_token => request_token)
+    oauth.should_receive(:set_callback_url).with('http://example.org/login')
     
     get('/login', :lint => true)
     response.status.should == 302
@@ -46,31 +55,40 @@ describe Twitter::Login do
   end
   
   it "should authorize with Twitter" do
-    consumer = mock_oauth_consumer('OAuth Consumer', :key => 'con', :secret => 'sumer', :options => {:one=>'two'})
-    request_token = mock('Request Token')
-    OAuth::RequestToken.should_receive(:new).with(consumer, 'abc', '123').and_return(request_token)
-    access_token = mock('Access Token', :token => 'access1', :secret => '42', :consumer => consumer)
-    request_token.should_receive(:get_access_token).with(:oauth_verifier => 'abc').and_return(access_token)
+    consumer = mock('OAuth consumer')
+    access_token = mock('Access Token', :token => 'access1', :secret => '42')
+    oauth = mock_oauth('Twitter OAuth', :access_token => access_token, :consumer => consumer)
+    oauth.should_receive(:authorize_from_request).with('abc', '123', 'allrighty')
     
     twitter = mock('Twitter Base')
-    Twitter::Base.should_receive(:new).with(access_token).and_return(twitter)
-    user_credentials = Hashie::Mash.new :screen_name => 'faker',
-      :name => 'Fake Jr.', :profile_image_url => 'http://disney.com/mickey.png',
-      :followers_count => '13', :friends_count => '6', :statuses_count => '52'
-    twitter.should_receive(:verify_credentials).and_return(user_credentials)
+    Twitter::Base.should_receive(:new).with(oauth).and_return(twitter)
+    
+    twitter.should_receive(:verify_credentials).and_return {
+      Hashie::Mash.new :screen_name => 'faker',
+        :name => 'Fake Jr.', :profile_image_url => 'http://disney.com/mickey.png',
+        :followers_count => '13', :friends_count => '6', :statuses_count => '52'
+    }
     
     session_data = {:request_token => ['abc', '123']}
-    get('/login?oauth_verifier=abc', build_session(session_data).update(:lint => true))
+    get('/login?oauth_verifier=allrighty', build_session(session_data).update(:lint => true))
     response.status.should == 302
     response['Location'].should == 'http://example.org/'
     session[:request_token].should be_nil
     session[:access_token].should == ['access1', '42']
-    session[:oauth_consumer].should == ['con', 'sumer', {:one => 'two'}]
+    session[:oauth_consumer].should be_nil
     
     current_user = session[:twitter_user]
     current_user['screen_name'].should == 'faker'
   end
   
+  it "should handle denied access" do
+    session_data = {:request_token => ['abc', '123']}
+    get('/login?denied=OMG', build_session(session_data).update(:lint => true))
+    response.status.should == 302
+    response['Location'].should == 'http://example.org/'
+    session[:request_token].should be_nil
+  end
+  
   protected
   
   [:get, :post, :put, :delete, :head].each do |method|
@@ -104,11 +122,9 @@ describe Twitter::Login do
     [Marshal.dump(obj)].pack('m*')
   end
   
-  def mock_oauth_consumer(*args)
+  def mock_oauth(*args)
     consumer = mock(*args)
-    OAuth::Consumer.should_receive(:new).and_return(consumer)
-    # .with(instance_of(String), instance_of(String),
-    # :site => 'http://twitter.com', :authorize_path => '/oauth/authenticate')
+    Twitter::OAuth.should_receive(:new).and_return(consumer)
     consumer
   end
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification 
 name: twitter-login
 version: !ruby/object:Gem::Version 
-  version: 0.1.0
+  version: 0.2.0
 platform: ruby
 authors: 
 - "Mislav Marohni\xC4\x87"
@@ -9,7 +9,7 @@ autorequire:
 bindir: bin
 cert_chain: []
 
-date: 2010-01-03 00:00:00 +01:00
+date: 2010-01-04 00:00:00 +01:00
 default_executable: 
 dependencies: 
 - !ruby/object:Gem::Dependency