xaviershay-twitter-auth 0.1.19

data/README.markdown

@@ -0,0 +1,119 @@
+TwitterAuth
+===========
+
+TwitterAuth aims to provide a complete authentication and API access solution for creating Twitter applications in Rails. It provides a generator and all of the necessary components to use Twitter as the sole authentication provider for an application using either Twitter's OAuth or HTTP Basic authentication strategies.
+
+Installation
+============
+
+You can include TwitterAuth as a gem in your project like so:
+
+    config.gem 'twitter-auth', :lib => 'twitter_auth'
+
+Or you can install it as a traditional Rails plugin:
+
+    script/plugin install git://github.com/mbleigh/twitter-auth.git
+
+Note that because TwitterAuth utilizes Rails Engines functionality introduced in Rails 2.3, it will not work with earlier versions of Rails.
+
+**NOTE:** TwitterAuth requires Rails version 2.3 or later because it makes extensive use of the new support for Rails Engines. Previous versions of Rails are not supported.
+
+Usage
+=====
+
+To utilize TwitterAuth in your application you will need to run the generator:
+
+    script/generate twitter_auth [--oauth (default) | --basic]
+
+This will generate a migration as well as set up the stubs needed to use the Rails Engines controllers and models set up by TwitterAuth. It will also create a User class that inherits from TwitterUser, abstracting away all of the Twitter authentication functionality and leaving you a blank slate to work with for your application. 
+
+Finally, it will create a configuration file in `config/twitter_auth.yml` in which you should input your OAuth consumer key and secret (if using the OAuth strategy) as well as a custom callback for development (the `oauth_callback` option is where Twitter will send the browser after authentication is complete. If you leave it blank Twitter will send it to the URL set up when you registered your application).
+
+Sign in with Twitter
+--------------------
+
+Twitter recently implemented a convenience layer on top of OAuth called [Sign in with Twitter](http://apiwiki.twitter.com/Sign-in-with-Twitter). TwitterAuth makes use of this by default in newly generated applications by setting the `authorize_path` in `twitter_auth.yml`.
+
+If you already have an application utilizing TwitterAuth that you would like to utilize the new system, simply add this line to your `twitter_auth.yml` in each environment:
+
+    authorize_path: "/oauth/authenticate"
+
+Usage Basics
+------------
+
+If you need more information about how to use OAuth with Twitter, please visit Twitter's [OAuth FAQ](http://apiwiki.twitter.com/OAuth-FAQ).
+
+TwitterAuth borrows heavily from [Restful Authentication](http://github.com/technoweenie/restful-authentication) for its API because it's simple and well-known. Here are some of the familiar methods that are available:
+
+* `login_required`: a before filter that can be added to a controller to require that a user logs in before he/she can view the page.
+* `current_user`: returns the logged in user if one exists, otherwise returns `nil`.
+* `logged_in?`: true if logged in, false otherwise.
+* `redirect_back_or_default(url)`: redirects to the location where `store_location` was last called or the specified default URL.
+* `store_location`: store the current URL for returning to when a `redirect_back_or_default` is called.
+* `authorized?`: override this to add fine-grained access control for when `login_required` is already called.
+
+Accessing the Twitter API
+-------------------------
+
+Obviously if you're using Twitter as an authentication strategy you probably have interest in accessing Twitter API information as well. Because I wasn't really satisfied with either of the popular Twitter API Ruby libraries ([Twitter4R](http://twitter4r.rubyforge.org) and [Twitter](http://twitter.rubyforge.org)) and also because neither support OAuth (yet), I decided to go with a simple, dependency-free API implementation.
+
+The `User` class will have a `twitter` method that provides a generic dispatcher with HTTP verb commands available (`get`, `put`, `post`, and `delete`). These are automatically initialized to the `base_url` you specified in the `twitter_auth.yml` file, so you need only specify a path. Additionally, it will automatically append a .json extension and parse the JSON if you don't provide (it returns strings for XML because, well, I don't like XML and don't feel like parsing it).
+
+    # This code will work with the OAuth and Basic strategies alike.
+    user = User.find_by_login('mbleigh')
+
+    user.twitter.get('/account/verify_credentials')
+    # => {'screen_name' => 'mbleigh', 'name' => 'Michael Bleigh' ... }
+
+    user.twitter.post('/statuses/update.json', 'status' => 'This is my status.')
+    # => {"user"=>{"login" => "mbleigh" ... }, "text"=>"This is my status.", "id"=>1234567890 ... }
+
+If Twitter returns something other than a 200 response code, TwitterAuth will catch it and try to raise a salient error message. The exception class is `TwitterAuth::Dispatcher::Error` if you're in the mood to catch it.
+
+This area of the code is still a little raw, but hopefully will evolve to be a little more user-friendly as TwitterAuth matures. In the meantime, it's a perfectly workable foundation library, and the fact that it works the same with OAuth and HTTP Basic makes it all the better!
+
+Customizing TwitterAuth
+-----------------------
+
+There are a number of hooks to extend the functionality of TwitterAuth. Here is a brief description of each of them.
+
+### Controller Methods
+
+TwitterAuth provides some default controller methods that may be overridden in your `ApplicationController` to behave differently.
+
+* `authentication_failed(message)`: called when Twitter authorization has failed during the process. By default, simply redirects to the site root and sets the `flash[:error]`.
+* `authentication_succeeded(message=default)`: called when Twitter authorization has completed successfully. By default, simply redirects to the site root and sets the `flash[:notice]`.
+* `access_denied`: what happens when the `login_required` before filter fails. By default it stores the current location to return to and redirects to the login process.
+* `build_user(user)`: after a new user has been instantiated, but before it is saved, it is passed to this method so that you can set extra attributes
+
+Tips and Tricks
+---------------
+
+* If you are getting an `OpenSSL::SSL:SSLError (certificate verify failed)` you may want to [see this ticket and comments](https://mbleigh.lighthouseapp.com/projects/27783-twitterauth/tickets/6-error-on-login#ticket-6-2).
+
+Development
+-----------
+
+### Specs
+
+To be able to run the test suite, twitter-auth needs to be hosted inside a project. Create a new blank rails app, and add the following lines to config/environments/test.rb:
+
+    config.gem "rspec",            :lib => false, :version => ">= 1.2.0" 
+    config.gem "rspec-rails",      :lib => false, :version => ">= 1.2.0" 
+    config.gem "remarkable_rails", :lib => false
+
+Install twitter-auth as a plugin to vendor/plugins, then cd to vendor/plugins/twitter-auth and run rake.
+
+Resources
+---------
+
+* **Bug Reports:** See the [Issues Page](http://github.com/mbleigh/twitter-auth/issues) to report any problems you have using TwitterAuth.
+* **Blog Post:** The [original blog post about TwitterAuth](http://intridea.com/2009/3/23/twitter-auth-for-near-instant-twitter-apps) has a tutorial as well to get you started.
+* **GitHub Pages:** TwitterAuth has a [simple GitHub page](http://mbleigh.com/twitter-auth)
+
+Copyright
+---------
+
+**TwitterAuth** is Copyright (c) 2009 [Michael Bleigh](http://www.mbleigh.com) and [Intridea, Inc.](http://www.intridea.com/), released under the MIT License.
+
+TwitterAuth is not affiliated with Twitter, Inc.

data/Rakefile

@@ -0,0 +1,31 @@
+require 'rake'
+require 'spec/rake/spectask'
+
+desc 'Default: run specs.'
+task :default => :spec
+
+desc 'Run the specs'
+Spec::Rake::SpecTask.new(:spec) do |t|
+  t.spec_opts = ['--colour --format progress --loadby mtime --reverse']
+  t.spec_files = FileList['spec/**/*_spec.rb']
+end
+
+begin
+  require 'jeweler'
+  Jeweler::Tasks.new do |s|
+    s.name = "twitter-auth"
+    s.summary = "TwitterAuth is a Rails plugin gem that provides Single Sign-On capabilities for Rails applications via Twitter."
+    s.email = "michael@intridea.com"
+    s.homepage = "http://github.com/mbleigh/twitter-auth"
+    s.description = "TwitterAuth is a Rails plugin gem that provides Single Sign-On capabilities for Rails applications via Twitter. Both OAuth and HTTP Basic are supported."
+s.files =  FileList["[A-Z]*", "{bin,generators,lib,spec,config,app,rails}/**/*"] - FileList["**/*.log"]
+    
+    s.authors = ["Michael Bleigh"]
+    s.add_dependency('oauth', '>= 0.3.1')
+    s.add_dependency('ezcrypto', '>= 0.7.2')
+    s.rubyforge_project = 'twitter-auth'
+  end
+rescue LoadError
+  puts "Jeweler not available. Install it with: sudo gem install technicalpickles-jeweler -s http://gems.github.com"
+end
+

data/VERSION.yml

@@ -0,0 +1,4 @@
+--- 
+:major: 0
+:minor: 1
+:patch: 18

data/app/controllers/sessions_controller.rb

@@ -0,0 +1,66 @@
+class SessionsController < ApplicationController
+  def new
+    if TwitterAuth.oauth?
+      @request_token = TwitterAuth.consumer.get_request_token
+      session[:request_token] = @request_token.token
+      session[:request_token_secret] = @request_token.secret
+     
+      url = @request_token.authorize_url
+      url << "&oauth_callback=#{CGI.escape(TwitterAuth.oauth_callback)}" if TwitterAuth.oauth_callback?      
+      redirect_to url
+    else
+      # we don't have to do anything, it's just a simple form for HTTP basic!
+    end
+  end
+
+  def create
+    logout_keeping_session!
+    if user = User.authenticate(params[:login], params[:password])
+      self.current_user = user
+      authentication_succeeded and return
+    else
+      authentication_failed('Unable to verify your credentials through Twitter. Please try again.', '/login') and return
+    end
+  end
+
+  def oauth_callback
+    unless session[:request_token] && session[:request_token_secret] 
+      authentication_failed('No authentication information was found in the session. Please try again.') and return
+    end
+
+   unless params[:oauth_token].blank? || session[:request_token] ==  params[:oauth_token]
+     authentication_failed('Authentication information does not match session information. Please try again.') and return
+   end
+
+    @request_token = OAuth::RequestToken.new(TwitterAuth.consumer, session[:request_token], session[:request_token_secret])
+
+    @access_token = @request_token.get_access_token
+    
+    # The request token has been invalidated
+    # so we nullify it in the session.
+    session[:request_token] = nil
+    session[:request_token_secret] = nil
+
+    @user = User.identify_or_create_from_access_token(@access_token) do |user|
+      build_user(user)
+    end
+
+    session[:user_id] = @user.id
+
+    cookies[:remember_token] = @user.remember_me
+
+    authentication_succeeded 
+  rescue Net::HTTPServerException, Net::HTTPFatalError, TwitterAuth::Dispatcher::Error => e
+    case e.message
+      when '401 "Unauthorized"'
+        authentication_failed('This authentication request is no longer valid. Please try again.') and return
+      else
+        authentication_failed('There was a problem trying to authenticate you. Please try again.') and return
+    end 
+  end
+  
+  def destroy
+    logout_keeping_session!
+    redirect_back_or_default('/')
+  end
+end

data/app/models/twitter_auth/basic_user.rb

@@ -0,0 +1,63 @@
+require 'net/http'
+
+module TwitterAuth
+  module BasicUser
+    def self.included(base)
+      base.class_eval do
+        attr_protected :crypted_password, :salt
+      end
+
+      base.extend TwitterAuth::BasicUser::ClassMethods
+    end
+
+    module ClassMethods
+      def verify_credentials(login, password)
+        response = TwitterAuth.net.start { |http|
+          request = Net::HTTP::Get.new('/account/verify_credentials.json')
+          request.basic_auth login, password
+          http.request(request)
+        }
+
+        if response.code == '200'
+          JSON.parse(response.body)
+        else
+          false
+        end
+      end
+
+      def authenticate(login, password)
+        if twitter_hash = verify_credentials(login, password)
+          user = identify_or_create_from_twitter_hash_and_password(twitter_hash, password)
+          user
+        else
+          nil
+        end
+      end
+
+      def identify_or_create_from_twitter_hash_and_password(twitter_hash, password)
+        if user = User.find_by_login(twitter_hash['screen_name']) 
+          user.assign_twitter_attributes(twitter_hash)
+          user.password = password
+          user.save
+          user
+        else
+          user = User.new_from_twitter_hash(twitter_hash)
+          user.password = password
+          user.save
+          user
+        end
+      end
+    end
+   
+    def password=(new_password)
+      encrypted = TwitterAuth::Cryptify.encrypt(new_password)
+      self.crypted_password = encrypted[:encrypted_data]
+      self.salt = encrypted[:salt]
+    end
+
+    def password
+      TwitterAuth::Cryptify.decrypt(self.crypted_password, self.salt)
+    end
+  end
+end
+

data/app/models/twitter_auth/generic_user.rb

@@ -0,0 +1,93 @@
+module TwitterAuth
+  class GenericUser < ActiveRecord::Base
+    attr_protected :login, :remember_token, :remember_token_expires_at
+    
+    TWITTER_ATTRIBUTES = [
+      :name,
+      :location,
+      :description,
+      :profile_image_url,
+      :url,
+      :protected,
+      :profile_background_color,
+      :profile_sidebar_fill_color,
+      :profile_link_color,
+      :profile_sidebar_border_color,
+      :profile_text_color,
+      :profile_background_image_url,
+      :profile_background_tile,
+      :friends_count,
+      :statuses_count,
+      :followers_count,      
+      :favourites_count,
+      :time_zone,
+      :utc_offset
+    ]
+    
+    validates_presence_of :login
+    validates_format_of :login, :with => /\A[a-z0-9_]+\z/i
+    validates_length_of :login, :in => 1..15
+    validates_uniqueness_of :login, :case_sensitive => false
+    validates_uniqueness_of :remember_token, :allow_blank => true
+    
+    def self.table_name; 'users' end
+
+    def self.new_from_twitter_hash(hash)
+      raise ArgumentError, 'Invalid hash: must include screen_name.' unless hash.key?('screen_name')
+
+      user = User.new
+      user.login = hash['screen_name']
+
+      TWITTER_ATTRIBUTES.each do |att|
+        user.send("#{att}=", hash[att.to_s]) if user.respond_to?("#{att}=")
+      end
+
+      user
+    end
+
+    def self.from_remember_token(token)
+      first(:conditions => ["remember_token = ? AND remember_token_expires_at > ?", token, Time.now])
+    end
+      
+    def assign_twitter_attributes(hash)
+      TWITTER_ATTRIBUTES.each do |att|
+        send("#{att}=", hash[att.to_s]) if respond_to?("#{att}=")
+      end
+    end
+
+    def update_twitter_attributes(hash)
+      assign_twitter_attributes(hash)
+      save
+    end
+
+    if TwitterAuth.oauth?
+      include TwitterAuth::OauthUser
+    else
+      include TwitterAuth::BasicUser
+    end
+
+    def twitter
+      if TwitterAuth.oauth?
+        TwitterAuth::Dispatcher::Oauth.new(self)
+      else
+        TwitterAuth::Dispatcher::Basic.new(self)
+      end
+    end
+
+    def remember_me
+      return false unless respond_to?(:remember_token)
+
+      self.remember_token = ActiveSupport::SecureRandom.hex(10)
+      self.remember_token_expires_at = Time.now + TwitterAuth.remember_for.days
+      
+      save
+
+      {:value => self.remember_token, :expires => self.remember_token_expires_at}
+    end
+
+    def forget_me
+      self.remember_token = self.remember_token_expires_at = nil
+      self.save
+    end
+  end
+end

data/app/models/twitter_auth/oauth_user.rb

@@ -0,0 +1,44 @@
+module TwitterAuth
+  module OauthUser
+    def self.included(base)
+      base.class_eval do
+        attr_protected :access_token, :access_secret
+      end
+
+      base.extend TwitterAuth::OauthUser::ClassMethods
+      base.extend TwitterAuth::Dispatcher::Shared
+    end
+    
+    module ClassMethods
+      def identify_or_create_from_access_token(token, secret=nil, &block)
+        raise ArgumentError, 'Must authenticate with an OAuth::AccessToken or the string access token and secret.' unless (token && secret) || token.is_a?(OAuth::AccessToken)
+        
+        response = token.get(TwitterAuth.path_prefix + '/account/verify_credentials.json')
+        user_info = handle_response(response)
+        
+        if user = User.find_by_login(user_info['screen_name'])
+          user.assign_twitter_attributes(user_info)
+          user.access_token = token.token
+          user.access_secret = token.secret
+          user.save
+          user
+        else
+          User.create_from_twitter_hash_and_token(user_info, token, &block) 
+        end
+      end
+
+      def create_from_twitter_hash_and_token(user_info, access_token)
+        user = User.new_from_twitter_hash(user_info)
+        user.access_token = access_token.token
+        user.access_secret = access_token.secret
+        yield user if block_given?
+        user.save
+        user
+      end
+    end
+
+    def token
+      OAuth::AccessToken.new(TwitterAuth.consumer, access_token, access_secret)
+    end 
+  end
+end

data/app/views/sessions/_login_form.html.erb

@@ -0,0 +1,17 @@
+<% form_tag session_path, :id => 'login_form' do %>
+  <div class='field'>
+    <label for='login'>Twitter Username:</label>
+    <%= text_field_tag 'login', nil, :class => 'text_field' %>
+  </div>
+  <div class='field'>
+    <label for='password'>Password:</label>
+    <%= password_field_tag 'password', nil, :class => 'password_field' %>
+  </div>
+  <!--<div class='checkbox-field'>
+<%= check_box_tag 'remember_me' %> <label for='remember_me'>Keep Me Logged In</label>
+</div>-->
+  <div class='field submit'>
+    <%= submit_tag 'Log In', :class => 'submit' %>
+  </div>
+<% end %>
+

data/app/views/sessions/new.html.erb

@@ -0,0 +1,5 @@
+<h1>Log In Via Twitter</h1>
+
+<p>This application utilizes your Twitter username and password for authentication; you do not have to create a separate account here. To log in, just enter your Twitter credentials in the form below.</p>
+
+<%= render :partial => 'login_form' %>