vidibus-oauth2_server 0.0.0
Sign up to get free protection for your applications and to get access to all the features.
- data/.document +5 -0
- data/.gitignore +22 -0
- data/Gemfile +14 -0
- data/Gemfile.lock +123 -0
- data/LICENSE +20 -0
- data/README.rdoc +61 -0
- data/Rakefile +22 -0
- data/VERSION +1 -0
- data/app/controllers/oauth2_controller.rb +100 -0
- data/app/models/oauth2_token.rb +74 -0
- data/config/locales/en.yml +16 -0
- data/config/routes.rb +4 -0
- data/lib/vidibus-oauth2_server.rb +9 -0
- data/lib/vidibus/oauth2_server.rb +25 -0
- data/lib/vidibus/oauth2_server/extensions.rb +5 -0
- data/lib/vidibus/oauth2_server/extensions/controller.rb +20 -0
- data/vidibus-oauth2_server.gemspec +66 -0
- metadata +145 -0
data/.document
ADDED
data/.gitignore
ADDED
data/Gemfile
ADDED
@@ -0,0 +1,14 @@
|
|
1
|
+
source :rubygems
|
2
|
+
|
3
|
+
gem "rails", "~> 3.0.0"
|
4
|
+
gem "mongoid", "~> 2.0.0.beta.20"
|
5
|
+
gem "vidibus-core_extensions"
|
6
|
+
gem "vidibus-uuid"
|
7
|
+
|
8
|
+
# Development dependecies
|
9
|
+
gem "jeweler"
|
10
|
+
gem "rake"
|
11
|
+
gem "rspec", "~> 2.0.0.beta.20"
|
12
|
+
gem "rr"
|
13
|
+
gem "relevance-rcov"
|
14
|
+
gem "webmock"
|
data/Gemfile.lock
ADDED
@@ -0,0 +1,123 @@
|
|
1
|
+
GEM
|
2
|
+
remote: http://rubygems.org/
|
3
|
+
specs:
|
4
|
+
abstract (1.0.0)
|
5
|
+
actionmailer (3.0.0)
|
6
|
+
actionpack (= 3.0.0)
|
7
|
+
mail (~> 2.2.5)
|
8
|
+
actionpack (3.0.0)
|
9
|
+
activemodel (= 3.0.0)
|
10
|
+
activesupport (= 3.0.0)
|
11
|
+
builder (~> 2.1.2)
|
12
|
+
erubis (~> 2.6.6)
|
13
|
+
i18n (~> 0.4.1)
|
14
|
+
rack (~> 1.2.1)
|
15
|
+
rack-mount (~> 0.6.12)
|
16
|
+
rack-test (~> 0.5.4)
|
17
|
+
tzinfo (~> 0.3.23)
|
18
|
+
activemodel (3.0.0)
|
19
|
+
activesupport (= 3.0.0)
|
20
|
+
builder (~> 2.1.2)
|
21
|
+
i18n (~> 0.4.1)
|
22
|
+
activerecord (3.0.0)
|
23
|
+
activemodel (= 3.0.0)
|
24
|
+
activesupport (= 3.0.0)
|
25
|
+
arel (~> 1.0.0)
|
26
|
+
tzinfo (~> 0.3.23)
|
27
|
+
activeresource (3.0.0)
|
28
|
+
activemodel (= 3.0.0)
|
29
|
+
activesupport (= 3.0.0)
|
30
|
+
activesupport (3.0.0)
|
31
|
+
addressable (2.2.1)
|
32
|
+
arel (1.0.1)
|
33
|
+
activesupport (~> 3.0.0)
|
34
|
+
bson (1.0.9)
|
35
|
+
builder (2.1.2)
|
36
|
+
crack (0.1.8)
|
37
|
+
diff-lcs (1.1.2)
|
38
|
+
erubis (2.6.6)
|
39
|
+
abstract (>= 1.0.0)
|
40
|
+
gemcutter (0.6.1)
|
41
|
+
git (1.2.5)
|
42
|
+
i18n (0.4.1)
|
43
|
+
jeweler (1.4.0)
|
44
|
+
gemcutter (>= 0.1.0)
|
45
|
+
git (>= 1.2.5)
|
46
|
+
rubyforge (>= 2.0.0)
|
47
|
+
json_pure (1.4.6)
|
48
|
+
macaddr (1.0.0)
|
49
|
+
mail (2.2.6.1)
|
50
|
+
activesupport (>= 2.3.6)
|
51
|
+
mime-types
|
52
|
+
treetop (>= 1.4.5)
|
53
|
+
mime-types (1.16)
|
54
|
+
mongo (1.0.9)
|
55
|
+
bson (>= 1.0.5)
|
56
|
+
mongoid (2.0.0.beta.19)
|
57
|
+
activemodel (~> 3.0)
|
58
|
+
mongo (= 1.0.9)
|
59
|
+
tzinfo (~> 0.3.22)
|
60
|
+
will_paginate (~> 3.0.pre)
|
61
|
+
polyglot (0.3.1)
|
62
|
+
rack (1.2.1)
|
63
|
+
rack-mount (0.6.13)
|
64
|
+
rack (>= 1.0.0)
|
65
|
+
rack-test (0.5.6)
|
66
|
+
rack (>= 1.0)
|
67
|
+
rails (3.0.0)
|
68
|
+
actionmailer (= 3.0.0)
|
69
|
+
actionpack (= 3.0.0)
|
70
|
+
activerecord (= 3.0.0)
|
71
|
+
activeresource (= 3.0.0)
|
72
|
+
activesupport (= 3.0.0)
|
73
|
+
bundler (~> 1.0.0)
|
74
|
+
railties (= 3.0.0)
|
75
|
+
railties (3.0.0)
|
76
|
+
actionpack (= 3.0.0)
|
77
|
+
activesupport (= 3.0.0)
|
78
|
+
rake (>= 0.8.4)
|
79
|
+
thor (~> 0.14.0)
|
80
|
+
rake (0.8.7)
|
81
|
+
relevance-rcov (0.9.2.1)
|
82
|
+
rr (1.0.0)
|
83
|
+
rspec (2.0.0.beta.22)
|
84
|
+
rspec-core (= 2.0.0.beta.22)
|
85
|
+
rspec-expectations (= 2.0.0.beta.22)
|
86
|
+
rspec-mocks (= 2.0.0.beta.22)
|
87
|
+
rspec-core (2.0.0.beta.22)
|
88
|
+
rspec-expectations (2.0.0.beta.22)
|
89
|
+
diff-lcs (>= 1.1.2)
|
90
|
+
rspec-mocks (2.0.0.beta.22)
|
91
|
+
rspec-core (= 2.0.0.beta.22)
|
92
|
+
rspec-expectations (= 2.0.0.beta.22)
|
93
|
+
rubyforge (2.0.4)
|
94
|
+
json_pure (>= 1.1.7)
|
95
|
+
thor (0.14.2)
|
96
|
+
treetop (1.4.8)
|
97
|
+
polyglot (>= 0.3.1)
|
98
|
+
tzinfo (0.3.23)
|
99
|
+
uuid (2.3.1)
|
100
|
+
macaddr (~> 1.0)
|
101
|
+
vidibus-core_extensions (0.3.7)
|
102
|
+
vidibus-uuid (0.3.8)
|
103
|
+
mongoid (~> 2.0.0.beta.20)
|
104
|
+
uuid (~> 2.3.1)
|
105
|
+
webmock (1.3.5)
|
106
|
+
addressable (>= 2.1.1)
|
107
|
+
crack (>= 0.1.7)
|
108
|
+
will_paginate (3.0.pre2)
|
109
|
+
|
110
|
+
PLATFORMS
|
111
|
+
ruby
|
112
|
+
|
113
|
+
DEPENDENCIES
|
114
|
+
jeweler
|
115
|
+
mongoid (~> 2.0.0.beta.20)
|
116
|
+
rails (~> 3.0.0)
|
117
|
+
rake
|
118
|
+
relevance-rcov
|
119
|
+
rr
|
120
|
+
rspec (~> 2.0.0.beta.20)
|
121
|
+
vidibus-core_extensions
|
122
|
+
vidibus-uuid
|
123
|
+
webmock
|
data/LICENSE
ADDED
@@ -0,0 +1,20 @@
|
|
1
|
+
Copyright (c) 2010 Andre Pankratz
|
2
|
+
|
3
|
+
Permission is hereby granted, free of charge, to any person obtaining
|
4
|
+
a copy of this software and associated documentation files (the
|
5
|
+
"Software"), to deal in the Software without restriction, including
|
6
|
+
without limitation the rights to use, copy, modify, merge, publish,
|
7
|
+
distribute, sublicense, and/or sell copies of the Software, and to
|
8
|
+
permit persons to whom the Software is furnished to do so, subject to
|
9
|
+
the following conditions:
|
10
|
+
|
11
|
+
The above copyright notice and this permission notice shall be
|
12
|
+
included in all copies or substantial portions of the Software.
|
13
|
+
|
14
|
+
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
|
15
|
+
EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
|
16
|
+
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
|
17
|
+
NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
|
18
|
+
LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
|
19
|
+
OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
|
20
|
+
WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
data/README.rdoc
ADDED
@@ -0,0 +1,61 @@
|
|
1
|
+
= vidibus-oauth2_server
|
2
|
+
|
3
|
+
Allows OAuth2 authentication based on http://tools.ietf.org/html/draft-ietf-oauth2-v2-00.
|
4
|
+
|
5
|
+
This gem is part of the open source SOA framework Vidibus: http://vidibus.org.
|
6
|
+
|
7
|
+
It is far from being complete and stable! But this will change soon.
|
8
|
+
|
9
|
+
|
10
|
+
== Installation
|
11
|
+
|
12
|
+
Add the dependency to the Gemfile of your application:
|
13
|
+
|
14
|
+
gem "vidibus-oauth2_server"
|
15
|
+
|
16
|
+
Then call bundle install on your console.
|
17
|
+
|
18
|
+
|
19
|
+
=== Extension of your ApplicationController
|
20
|
+
|
21
|
+
In ApplicationController of your OAuth server application you have to define two methods in order to perform OAuth authentication. The first method performs a sign in of the current user, the other method returns a client object with given id.
|
22
|
+
|
23
|
+
Example from Vidibus' Connector service:
|
24
|
+
|
25
|
+
# Returns Service with given id.
|
26
|
+
# This method is called from Vidibus' Oauth2Server gem.
|
27
|
+
def oauth2_client(id)
|
28
|
+
Service.where(:uuid => id).first
|
29
|
+
end
|
30
|
+
|
31
|
+
|
32
|
+
=== Extension of your client model
|
33
|
+
|
34
|
+
Provide an #domain method to your OAuth client model that returns the domain name of the client. This method is used to validate the redirect_url.
|
35
|
+
|
36
|
+
Before issuing a token, the Oauth2Controller will ensure that the given client_secret is valid. In order to perform this validation, a method #valid_oauth2_secret? must be given on your client model.
|
37
|
+
|
38
|
+
Example from Vidibus' Connector service:
|
39
|
+
|
40
|
+
# Returns true if given client_secret matches signature.
|
41
|
+
def valid_oauth2_secret?(client_secret)
|
42
|
+
client_secret == Vidibus::Secure.sign("#{Service.this.url}#{uuid}", secret)
|
43
|
+
end
|
44
|
+
|
45
|
+
|
46
|
+
== TODO
|
47
|
+
|
48
|
+
* Write specs!
|
49
|
+
* Explain usage and integration
|
50
|
+
* Implement token expiry
|
51
|
+
* Apply changes made in http://tools.ietf.org/html/draft-ietf-oauth2-v2-10?
|
52
|
+
|
53
|
+
|
54
|
+
== Copyright
|
55
|
+
|
56
|
+
Copyright (c) 2010 Andre Pankratz. See LICENSE for details.
|
57
|
+
|
58
|
+
|
59
|
+
== Thank you
|
60
|
+
|
61
|
+
The development of this gem was sponsored by Käuferportal: http://www.kaeuferportal.de
|
data/Rakefile
ADDED
@@ -0,0 +1,22 @@
|
|
1
|
+
require "rubygems"
|
2
|
+
require "rake"
|
3
|
+
|
4
|
+
begin
|
5
|
+
require "jeweler"
|
6
|
+
Jeweler::Tasks.new do |gem|
|
7
|
+
gem.name = "vidibus-oauth2_server"
|
8
|
+
gem.summary = %Q{OAuth2 server for Rails 3 with Mongoid.}
|
9
|
+
gem.description = %Q{OAuth2 server for Rails 3 with Mongoid.}
|
10
|
+
gem.email = "andre@vidibus.com"
|
11
|
+
gem.homepage = "http://github.com/vidibus/vidibus-oauth2_server"
|
12
|
+
gem.authors = ["Andre Pankratz"]
|
13
|
+
gem.add_dependency "rails", "~> 3.0.0"
|
14
|
+
gem.add_dependency "mongoid", "~> 2.0.0.beta.20"
|
15
|
+
gem.add_dependency "vidibus-core_extensions"
|
16
|
+
gem.add_dependency "vidibus-uuid"
|
17
|
+
# gem is a Gem::Specification... see http://www.rubygems.org/read/chapter/20 for additional settings
|
18
|
+
end
|
19
|
+
Jeweler::GemcutterTasks.new
|
20
|
+
rescue LoadError
|
21
|
+
puts "Jeweler (or a dependency) not available. Install it with: gem install jeweler"
|
22
|
+
end
|
data/VERSION
ADDED
@@ -0,0 +1 @@
|
|
1
|
+
0.0.0
|
@@ -0,0 +1,100 @@
|
|
1
|
+
class Oauth2Controller < ApplicationController
|
2
|
+
skip_before_filter :verify_authenticity_token
|
3
|
+
|
4
|
+
around_filter :oauth2_error_handler
|
5
|
+
|
6
|
+
before_filter :validate_oauth2_type!
|
7
|
+
before_filter :validate_oauth2_client_id!
|
8
|
+
before_filter :validate_oauth2_redirect_url!
|
9
|
+
|
10
|
+
before_filter :authenticate_user!, :only => :authorize
|
11
|
+
before_filter :validate_oauth2_client_secret!, :only => :access_token
|
12
|
+
|
13
|
+
def authorize
|
14
|
+
args = params.slice(:client_id, :redirect_url)
|
15
|
+
args[:user_id] = current_user.uuid
|
16
|
+
token = Oauth2Token.create!(args)
|
17
|
+
uri_params = { :code => token.code }
|
18
|
+
uri_params[:state] = params[:state] if params.has_key?(:state)
|
19
|
+
uri = build_uri(params[:redirect_url], uri_params)
|
20
|
+
redirect_to(uri)
|
21
|
+
end
|
22
|
+
|
23
|
+
def access_token
|
24
|
+
token = Oauth2Token.find!(params)
|
25
|
+
render :text => { :access_token => token.token }.to_uri, :type => :url_encoded_form, :status => :ok
|
26
|
+
end
|
27
|
+
|
28
|
+
protected
|
29
|
+
|
30
|
+
# Ensures that the type of flow is supported
|
31
|
+
def validate_oauth2_type!
|
32
|
+
type = params[:type]
|
33
|
+
raise Vidibus::Oauth2Server::MissingTypeError if type.blank?
|
34
|
+
raise Vidibus::Oauth2Server::UnsupportedTypeError unless Vidibus::Oauth2Server::FLOWS.include?(type)
|
35
|
+
end
|
36
|
+
|
37
|
+
# Ensures that given client id is valid
|
38
|
+
def validate_oauth2_client_id!
|
39
|
+
raise Vidibus::Oauth2Server::MissingClientIdError if params[:client_id].blank?
|
40
|
+
@oauth2_client = oauth2_client(params[:client_id])
|
41
|
+
raise Vidibus::Oauth2Server::InvalidClientIdError unless @oauth2_client
|
42
|
+
end
|
43
|
+
|
44
|
+
# Ensures that redirect_url is valid for given client.
|
45
|
+
def validate_oauth2_redirect_url!
|
46
|
+
redirect_url = params[:redirect_url]
|
47
|
+
raise Vidibus::Oauth2Server::MissingRedirectUrlError if redirect_url.blank?
|
48
|
+
raise Vidibus::Oauth2Server::MalformedRedirectUrlError unless valid_uri?(redirect_url)
|
49
|
+
unless redirect_url.match(/^https?:\/\/([a-z0-9]+\.)?#{@oauth2_client.domain}/) # allow subdomains but ensure host of client application
|
50
|
+
raise Vidibus::Oauth2Server::InvalidRedirectUrlError
|
51
|
+
end
|
52
|
+
end
|
53
|
+
|
54
|
+
# Ensures that given client_secret is valid for given client.
|
55
|
+
def validate_oauth2_client_secret!
|
56
|
+
raise Vidibus::Oauth2Server::InvalidClientSecretError unless @oauth2_client.valid_oauth2_secret?(params[:client_secret])
|
57
|
+
end
|
58
|
+
|
59
|
+
# Returns error message for given exception.
|
60
|
+
def oauth2_error_handler
|
61
|
+
begin
|
62
|
+
yield
|
63
|
+
rescue Vidibus::Oauth2Server::MissingTypeError
|
64
|
+
error = "missing_type"
|
65
|
+
rescue Vidibus::Oauth2Server::UnsupportedTypeError
|
66
|
+
error = "unsupported_type"
|
67
|
+
rescue Vidibus::Oauth2Server::MissingClientIdError
|
68
|
+
error = "missing_client_id"
|
69
|
+
rescue Vidibus::Oauth2Server::InvalidClientIdError
|
70
|
+
error = "invalid_client_id"
|
71
|
+
rescue Vidibus::Oauth2Server::InvalidClientSecretError
|
72
|
+
error = "invalid_client_secret"
|
73
|
+
rescue Vidibus::Oauth2Server::MissingRedirectUrlError
|
74
|
+
error = "missing_redirect_url"
|
75
|
+
rescue Vidibus::Oauth2Server::MalformedRedirectUrlError
|
76
|
+
error = "malformed_redirect_url"
|
77
|
+
rescue Vidibus::Oauth2Server::InvalidRedirectUrlError
|
78
|
+
error = "invalid_redirect_url"
|
79
|
+
rescue Vidibus::Oauth2Server::MissingCodeError
|
80
|
+
error = "missing_code"
|
81
|
+
rescue Vidibus::Oauth2Server::InvalidCodeError
|
82
|
+
error = "invalid_code"
|
83
|
+
rescue Vidibus::Oauth2Server::ExpiredCodeError
|
84
|
+
error = "expired_code"
|
85
|
+
rescue Vidibus::Oauth2Server::InvalidTokenError
|
86
|
+
error = "invalid_token"
|
87
|
+
rescue Vidibus::Oauth2Server::ExpiredTokenError
|
88
|
+
error = "expired_token"
|
89
|
+
ensure
|
90
|
+
if error
|
91
|
+
status ||= :bad_request
|
92
|
+
render :text => I18n.t("oauth2_server.errors.#{error}"), :status => status
|
93
|
+
end
|
94
|
+
end
|
95
|
+
|
96
|
+
# Autorization error?
|
97
|
+
# :status => :unauthorized # The response MUST include a WWW-Authenticate header field (section 14.47) containing a challenge applicable to the requested resource.
|
98
|
+
# :status => :forbidden # Maybe better?
|
99
|
+
end
|
100
|
+
end
|
@@ -0,0 +1,74 @@
|
|
1
|
+
require "active_support"
|
2
|
+
|
3
|
+
class Oauth2Token
|
4
|
+
include Mongoid::Document
|
5
|
+
include Mongoid::Timestamps
|
6
|
+
|
7
|
+
CODE_EXPIRY = 60 # Lifetime of token authorization code in seconds.
|
8
|
+
TOKEN_EXPIRY = 0 # Lifetime of token in seconds. 0 will never expire token.
|
9
|
+
|
10
|
+
field :client_id
|
11
|
+
field :user_id
|
12
|
+
field :redirect_url
|
13
|
+
field :token
|
14
|
+
field :secret
|
15
|
+
field :code
|
16
|
+
|
17
|
+
field :code_expires_at, :type => Time
|
18
|
+
field :token_expires_at, :type => Time
|
19
|
+
|
20
|
+
index :client_id
|
21
|
+
index :token
|
22
|
+
index :code
|
23
|
+
|
24
|
+
validates :client_id, :redirect_url, :presence => true
|
25
|
+
validates :token, :code, :uniqueness => { :allow_blank => true }
|
26
|
+
|
27
|
+
before_create :generate_code
|
28
|
+
|
29
|
+
# Returns a token by given parameters.
|
30
|
+
# If +token+ is given a valid Oauth2Token will be returned.
|
31
|
+
# If +client_id+ and +redirect_url+ is given the +code+ provided will be exchanged for a token.
|
32
|
+
def self.find!(args = {})
|
33
|
+
if tok = args[:token]
|
34
|
+
token = Oauth2Token.where(:token => tok).first
|
35
|
+
raise Vidibus::Oauth2Server::InvalidTokenError unless token
|
36
|
+
raise Vidibus::Oauth2Server::ExpiredTokenError if token.token_expires_at and token.token_expires_at < Time.now
|
37
|
+
else
|
38
|
+
client_id = args[:client_id]
|
39
|
+
redirect_url = args[:redirect_url]
|
40
|
+
code = args[:code]
|
41
|
+
|
42
|
+
raise Vidibus::Oauth2Server::MissingClientIdError if client_id.blank?
|
43
|
+
raise Vidibus::Oauth2Server::MissingRedirectUrlError if redirect_url.blank?
|
44
|
+
raise Vidibus::Oauth2Server::MissingCodeError if code.blank?
|
45
|
+
|
46
|
+
token = Oauth2Token.where(:client_id => client_id).and(:code => code).first
|
47
|
+
raise Vidibus::Oauth2Server::InvalidCodeError unless token
|
48
|
+
raise Vidibus::Oauth2Server::InvalidRedirectUrlError unless redirect_url == token.redirect_url
|
49
|
+
|
50
|
+
token.exchange!
|
51
|
+
end
|
52
|
+
token
|
53
|
+
end
|
54
|
+
|
55
|
+
# Exchanges the code for a token if given code is valid and has not expired yet.
|
56
|
+
def exchange!
|
57
|
+
raise Vidibus::Oauth2Server::InvalidCodeError unless code
|
58
|
+
raise Vidibus::Oauth2Server::ExpiredCodeError unless code_expires_at >= Time.now
|
59
|
+
self.code = nil
|
60
|
+
self.code_expires_at = nil
|
61
|
+
self.token = ActiveSupport::SecureRandom.hex(60)
|
62
|
+
self.token_expires_at = Time.now + TOKEN_EXPIRY if TOKEN_EXPIRY > 0
|
63
|
+
save!
|
64
|
+
return code
|
65
|
+
end
|
66
|
+
|
67
|
+
protected
|
68
|
+
|
69
|
+
# Generate a random code
|
70
|
+
def generate_code
|
71
|
+
self.code = ActiveSupport::SecureRandom.hex(60)
|
72
|
+
self.code_expires_at = Time.now + CODE_EXPIRY
|
73
|
+
end
|
74
|
+
end
|
@@ -0,0 +1,16 @@
|
|
1
|
+
en:
|
2
|
+
oauth2_server:
|
3
|
+
errors:
|
4
|
+
missing_type: "Parameter 'type' is missing. Please provide the type of OAuth flow to apply."
|
5
|
+
unsupported_type: "Parameter 'type' has an supported value. This type of OAuth flow is not supported by this server."
|
6
|
+
missing_client_id: "Parameter 'client_id' is missing. Please provide the key of the requesting client application."
|
7
|
+
invalid_client_id: "Parameter 'client_id' is invalid. Please provide the key of a valid client application."
|
8
|
+
invalid_client_secret: "Parameter 'client_secret' is invalid. Please provide the secret of given client application."
|
9
|
+
missing_redirect_url: "Parameter 'redirect_url' is missing. Please provide an URL to redirect to."
|
10
|
+
malformed_redirect_url: "Parameter 'redirect_url' is malformed. Please provide a valid URL to redirect to."
|
11
|
+
invalid_redirect_url: "Parameter 'redirect_url' is invalid. It has to match the URL of the requesting service. Please provide a valid URL to redirect to."
|
12
|
+
missing_code: "Parameter 'code' is missing. Please provide a code to obtain an OAuth token."
|
13
|
+
invalid_code: "Parameter 'code' is invalid. Please provide a valid code to obtain an OAuth token."
|
14
|
+
expired_code: "Parameter 'code' is expired. The code you provided to obtain an OAuth token has expired."
|
15
|
+
invalid_token: "Parameter 'token' is invalid. Please provide a valid OAuth token to perform authorization."
|
16
|
+
expired_token: "Parameter 'token' is expired. The OAuth token you provided has expired."
|
data/config/routes.rb
ADDED
@@ -0,0 +1,25 @@
|
|
1
|
+
module Vidibus
|
2
|
+
module Oauth2Server
|
3
|
+
class Oauth2ServerError < StandardError; end
|
4
|
+
|
5
|
+
class MissingTypeError < Oauth2ServerError; end
|
6
|
+
class UnsupportedTypeError < Oauth2ServerError; end
|
7
|
+
|
8
|
+
class MissingClientIdError < Oauth2ServerError; end
|
9
|
+
class InvalidClientIdError < Oauth2ServerError; end
|
10
|
+
class InvalidClientSecretError < Oauth2ServerError; end
|
11
|
+
|
12
|
+
class MissingRedirectUrlError < Oauth2ServerError; end
|
13
|
+
class MalformedRedirectUrlError < Oauth2ServerError; end
|
14
|
+
class InvalidRedirectUrlError < Oauth2ServerError; end
|
15
|
+
|
16
|
+
class MissingCodeError < Oauth2ServerError; end
|
17
|
+
class InvalidCodeError < Oauth2ServerError; end
|
18
|
+
class ExpiredCodeError < Oauth2ServerError; end
|
19
|
+
|
20
|
+
class InvalidTokenError < Oauth2ServerError; end
|
21
|
+
class ExpiredTokenError < Oauth2ServerError; end
|
22
|
+
|
23
|
+
FLOWS = %w[web_server]
|
24
|
+
end
|
25
|
+
end
|
@@ -0,0 +1,20 @@
|
|
1
|
+
module Vidibus
|
2
|
+
module Oauth2Server
|
3
|
+
module Extensions
|
4
|
+
|
5
|
+
# Contains core modifications of rails controller methods.
|
6
|
+
module Controller
|
7
|
+
|
8
|
+
# Authenticates user.
|
9
|
+
def authenticate_user!
|
10
|
+
raise "Add a method authenticate_user! to your ApplicationController that authenticates the user that calls the OAuth actions."
|
11
|
+
end
|
12
|
+
|
13
|
+
# Returns Oauth2 client application matching given id.
|
14
|
+
def oauth2_client(id)
|
15
|
+
raise "Add a method oauth2_client to your ApplicationController that returns the OAuth client application for given id."
|
16
|
+
end
|
17
|
+
end
|
18
|
+
end
|
19
|
+
end
|
20
|
+
end
|
@@ -0,0 +1,66 @@
|
|
1
|
+
# Generated by jeweler
|
2
|
+
# DO NOT EDIT THIS FILE DIRECTLY
|
3
|
+
# Instead, edit Jeweler::Tasks in Rakefile, and run the gemspec command
|
4
|
+
# -*- encoding: utf-8 -*-
|
5
|
+
|
6
|
+
Gem::Specification.new do |s|
|
7
|
+
s.name = %q{vidibus-oauth2_server}
|
8
|
+
s.version = "0.0.0"
|
9
|
+
|
10
|
+
s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
|
11
|
+
s.authors = ["Andre Pankratz"]
|
12
|
+
s.date = %q{2010-10-02}
|
13
|
+
s.description = %q{OAuth2 server for Rails 3 with Mongoid.}
|
14
|
+
s.email = %q{andre@vidibus.com}
|
15
|
+
s.extra_rdoc_files = [
|
16
|
+
"LICENSE",
|
17
|
+
"README.rdoc"
|
18
|
+
]
|
19
|
+
s.files = [
|
20
|
+
".document",
|
21
|
+
".gitignore",
|
22
|
+
"Gemfile",
|
23
|
+
"Gemfile.lock",
|
24
|
+
"LICENSE",
|
25
|
+
"README.rdoc",
|
26
|
+
"Rakefile",
|
27
|
+
"VERSION",
|
28
|
+
"app/controllers/oauth2_controller.rb",
|
29
|
+
"app/models/oauth2_token.rb",
|
30
|
+
"config/locales/en.yml",
|
31
|
+
"config/routes.rb",
|
32
|
+
"lib/vidibus-oauth2_server.rb",
|
33
|
+
"lib/vidibus/oauth2_server.rb",
|
34
|
+
"lib/vidibus/oauth2_server/extensions.rb",
|
35
|
+
"lib/vidibus/oauth2_server/extensions/controller.rb",
|
36
|
+
"vidibus-oauth2_server.gemspec"
|
37
|
+
]
|
38
|
+
s.homepage = %q{http://github.com/vidibus/vidibus-oauth2_server}
|
39
|
+
s.rdoc_options = ["--charset=UTF-8"]
|
40
|
+
s.require_paths = ["lib"]
|
41
|
+
s.rubygems_version = %q{1.3.7}
|
42
|
+
s.summary = %q{OAuth2 server for Rails 3 with Mongoid.}
|
43
|
+
|
44
|
+
if s.respond_to? :specification_version then
|
45
|
+
current_version = Gem::Specification::CURRENT_SPECIFICATION_VERSION
|
46
|
+
s.specification_version = 3
|
47
|
+
|
48
|
+
if Gem::Version.new(Gem::VERSION) >= Gem::Version.new('1.2.0') then
|
49
|
+
s.add_runtime_dependency(%q<rails>, ["~> 3.0.0"])
|
50
|
+
s.add_runtime_dependency(%q<mongoid>, ["~> 2.0.0.beta.20"])
|
51
|
+
s.add_runtime_dependency(%q<vidibus-core_extensions>, [">= 0"])
|
52
|
+
s.add_runtime_dependency(%q<vidibus-uuid>, [">= 0"])
|
53
|
+
else
|
54
|
+
s.add_dependency(%q<rails>, ["~> 3.0.0"])
|
55
|
+
s.add_dependency(%q<mongoid>, ["~> 2.0.0.beta.20"])
|
56
|
+
s.add_dependency(%q<vidibus-core_extensions>, [">= 0"])
|
57
|
+
s.add_dependency(%q<vidibus-uuid>, [">= 0"])
|
58
|
+
end
|
59
|
+
else
|
60
|
+
s.add_dependency(%q<rails>, ["~> 3.0.0"])
|
61
|
+
s.add_dependency(%q<mongoid>, ["~> 2.0.0.beta.20"])
|
62
|
+
s.add_dependency(%q<vidibus-core_extensions>, [">= 0"])
|
63
|
+
s.add_dependency(%q<vidibus-uuid>, [">= 0"])
|
64
|
+
end
|
65
|
+
end
|
66
|
+
|
metadata
ADDED
@@ -0,0 +1,145 @@
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
2
|
+
name: vidibus-oauth2_server
|
3
|
+
version: !ruby/object:Gem::Version
|
4
|
+
hash: 31
|
5
|
+
prerelease: false
|
6
|
+
segments:
|
7
|
+
- 0
|
8
|
+
- 0
|
9
|
+
- 0
|
10
|
+
version: 0.0.0
|
11
|
+
platform: ruby
|
12
|
+
authors:
|
13
|
+
- Andre Pankratz
|
14
|
+
autorequire:
|
15
|
+
bindir: bin
|
16
|
+
cert_chain: []
|
17
|
+
|
18
|
+
date: 2010-10-02 00:00:00 +02:00
|
19
|
+
default_executable:
|
20
|
+
dependencies:
|
21
|
+
- !ruby/object:Gem::Dependency
|
22
|
+
name: rails
|
23
|
+
prerelease: false
|
24
|
+
requirement: &id001 !ruby/object:Gem::Requirement
|
25
|
+
none: false
|
26
|
+
requirements:
|
27
|
+
- - ~>
|
28
|
+
- !ruby/object:Gem::Version
|
29
|
+
hash: 7
|
30
|
+
segments:
|
31
|
+
- 3
|
32
|
+
- 0
|
33
|
+
- 0
|
34
|
+
version: 3.0.0
|
35
|
+
type: :runtime
|
36
|
+
version_requirements: *id001
|
37
|
+
- !ruby/object:Gem::Dependency
|
38
|
+
name: mongoid
|
39
|
+
prerelease: false
|
40
|
+
requirement: &id002 !ruby/object:Gem::Requirement
|
41
|
+
none: false
|
42
|
+
requirements:
|
43
|
+
- - ~>
|
44
|
+
- !ruby/object:Gem::Version
|
45
|
+
hash: 62196427
|
46
|
+
segments:
|
47
|
+
- 2
|
48
|
+
- 0
|
49
|
+
- 0
|
50
|
+
- beta
|
51
|
+
- 20
|
52
|
+
version: 2.0.0.beta.20
|
53
|
+
type: :runtime
|
54
|
+
version_requirements: *id002
|
55
|
+
- !ruby/object:Gem::Dependency
|
56
|
+
name: vidibus-core_extensions
|
57
|
+
prerelease: false
|
58
|
+
requirement: &id003 !ruby/object:Gem::Requirement
|
59
|
+
none: false
|
60
|
+
requirements:
|
61
|
+
- - ">="
|
62
|
+
- !ruby/object:Gem::Version
|
63
|
+
hash: 3
|
64
|
+
segments:
|
65
|
+
- 0
|
66
|
+
version: "0"
|
67
|
+
type: :runtime
|
68
|
+
version_requirements: *id003
|
69
|
+
- !ruby/object:Gem::Dependency
|
70
|
+
name: vidibus-uuid
|
71
|
+
prerelease: false
|
72
|
+
requirement: &id004 !ruby/object:Gem::Requirement
|
73
|
+
none: false
|
74
|
+
requirements:
|
75
|
+
- - ">="
|
76
|
+
- !ruby/object:Gem::Version
|
77
|
+
hash: 3
|
78
|
+
segments:
|
79
|
+
- 0
|
80
|
+
version: "0"
|
81
|
+
type: :runtime
|
82
|
+
version_requirements: *id004
|
83
|
+
description: OAuth2 server for Rails 3 with Mongoid.
|
84
|
+
email: andre@vidibus.com
|
85
|
+
executables: []
|
86
|
+
|
87
|
+
extensions: []
|
88
|
+
|
89
|
+
extra_rdoc_files:
|
90
|
+
- LICENSE
|
91
|
+
- README.rdoc
|
92
|
+
files:
|
93
|
+
- .document
|
94
|
+
- .gitignore
|
95
|
+
- Gemfile
|
96
|
+
- Gemfile.lock
|
97
|
+
- LICENSE
|
98
|
+
- README.rdoc
|
99
|
+
- Rakefile
|
100
|
+
- VERSION
|
101
|
+
- app/controllers/oauth2_controller.rb
|
102
|
+
- app/models/oauth2_token.rb
|
103
|
+
- config/locales/en.yml
|
104
|
+
- config/routes.rb
|
105
|
+
- lib/vidibus-oauth2_server.rb
|
106
|
+
- lib/vidibus/oauth2_server.rb
|
107
|
+
- lib/vidibus/oauth2_server/extensions.rb
|
108
|
+
- lib/vidibus/oauth2_server/extensions/controller.rb
|
109
|
+
- vidibus-oauth2_server.gemspec
|
110
|
+
has_rdoc: true
|
111
|
+
homepage: http://github.com/vidibus/vidibus-oauth2_server
|
112
|
+
licenses: []
|
113
|
+
|
114
|
+
post_install_message:
|
115
|
+
rdoc_options:
|
116
|
+
- --charset=UTF-8
|
117
|
+
require_paths:
|
118
|
+
- lib
|
119
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
120
|
+
none: false
|
121
|
+
requirements:
|
122
|
+
- - ">="
|
123
|
+
- !ruby/object:Gem::Version
|
124
|
+
hash: 3
|
125
|
+
segments:
|
126
|
+
- 0
|
127
|
+
version: "0"
|
128
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
129
|
+
none: false
|
130
|
+
requirements:
|
131
|
+
- - ">="
|
132
|
+
- !ruby/object:Gem::Version
|
133
|
+
hash: 3
|
134
|
+
segments:
|
135
|
+
- 0
|
136
|
+
version: "0"
|
137
|
+
requirements: []
|
138
|
+
|
139
|
+
rubyforge_project:
|
140
|
+
rubygems_version: 1.3.7
|
141
|
+
signing_key:
|
142
|
+
specification_version: 3
|
143
|
+
summary: OAuth2 server for Rails 3 with Mongoid.
|
144
|
+
test_files: []
|
145
|
+
|