Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Newer
Older
100644 159 lines (112 sloc) 4.294 kb
8772dab update readme
Ryan Sonnek authored
1 # devise_oauth2_providable
e6c59d4 add license
Ryan Sonnek authored
2
8772dab update readme
Ryan Sonnek authored
3 Rails3 engine that brings OAuth2 Provider support to your application.
e6c59d4 add license
Ryan Sonnek authored
4
18491f7 update docs
Ryan Sonnek authored
5 Current OAuth2 Specification Draft:
f30bfea update docs
Ryan Sonnek authored
6 http://tools.ietf.org/html/draft-ietf-oauth-v2-22
18491f7 update docs
Ryan Sonnek authored
7
2dec477 update docs
Ryan Sonnek authored
8 ## Features
9
f30bfea update docs
Ryan Sonnek authored
10 * integrate OAuth2 authentication with Devise authenthentication stack
ad6957f update docs
Ryan Sonnek authored
11 * one-stop-shop includes all Models, Controllers and Views to get up and
12 running quickly
4a261a0 update docs
Ryan Sonnek authored
13 * All server requests support authentication via bearer token included in
14 the request. http://tools.ietf.org/html/draft-ietf-oauth-v2-bearer-04
f4a7419 update docs
Ryan Sonnek authored
15 * customizable mount point for oauth2 routes (ex: /oauth2 vs /oauth)
4a261a0 update docs
Ryan Sonnek authored
16
2dec477 update docs
Ryan Sonnek authored
17
f4a7419 update docs
Ryan Sonnek authored
18 ## Requirements
19
20 * Devise authentication library
21 * Rails 3.1 or higher
22
18491f7 update docs
Ryan Sonnek authored
23 ## Installation
24
f30bfea update docs
Ryan Sonnek authored
25 #### Install gem
18491f7 update docs
Ryan Sonnek authored
26 ```ruby
f30bfea update docs
Ryan Sonnek authored
27 # Gemfile
18491f7 update docs
Ryan Sonnek authored
28 gem 'devise_oauth2_providable'
29 ```
30
f30bfea update docs
Ryan Sonnek authored
31 #### Migrate database for Oauth2 models
0148d74 use one migration for entire schema
Ryan Sonnek authored
32 ```
33 $ rake devise_oauth2_providable:install:migrations
f30bfea update docs
Ryan Sonnek authored
34 $ rake db:migrate
18491f7 update docs
Ryan Sonnek authored
35 ```
d96bc9d move files
Ryan Sonnek authored
36
f30bfea update docs
Ryan Sonnek authored
37 #### Add Oauth2 Routes
d96bc9d move files
Ryan Sonnek authored
38 ```ruby
39 # config/routes.rb
184cbeb @benatkin fix typo
benatkin authored
40 Rails.application.routes.draw do
f30bfea update docs
Ryan Sonnek authored
41 # oauth routes can be mounted to any path (ex: /oauth2 or /oauth)
d96bc9d move files
Ryan Sonnek authored
42 mount Devise::Oauth2Providable::Engine => '/oauth2'
43 end
44 ```
45
f30bfea update docs
Ryan Sonnek authored
46 #### Configure User for supported Oauth2 flows
18491f7 update docs
Ryan Sonnek authored
47 ```ruby
48 class User
49 # NOTE: include :database_authenticatable configuration
50 # if supporting Resource Owner Password Credentials Grant Type
e822c34 update docs
Ryan Sonnek authored
51 devise :oauth2_providable,
52 :oauth2_password_grantable,
5541d67 @colszowka Added missing devise module to setup instructions - with that added, …
colszowka authored
53 :oauth2_refresh_token_grantable,
54 :oauth2_authorization_code_grantable
18491f7 update docs
Ryan Sonnek authored
55 end
56 ```
57
4e51f35 update readme
Ryan Sonnek authored
58 #### (optional) Configure token expiration settings
59 ```ruby
60 # config/application.rb
61 config.devise_oauth2_providable.access_token_expires_in = 1.second # 15.minute default
62 config.devise_oauth2_providable.refresh_token_expires_in = 1.minute # 1.month default
63 config.devise_oauth2_providable.authorization_token_expires_in = 5.seconds # 1.minute default
64 ```
65
18491f7 update docs
Ryan Sonnek authored
66 ## Models
67
68 ### Client
69 registered OAuth2 client for storing the unique client_id and
70 client_secret.
71
72 ### AccessToken
73 http://tools.ietf.org/html/draft-ietf-oauth-v2-15#section-1.3
74
75 Short lived token used by clients to perform subsequent requests (see
76 bearer token spec)
77
20395dc update docs for customizing default_lifetime
Ryan Sonnek authored
78 expires after 15min by default. to customize the duration of the access token:
79
80 ```ruby
81 Devise::Oauth2Providable::AccessToken.default_lifetime = 1.minute
82 ```
e6c59d4 add license
Ryan Sonnek authored
83
18491f7 update docs
Ryan Sonnek authored
84 ### RefreshToken
85 http://tools.ietf.org/html/draft-ietf-oauth-v2-15#section-1.5
86
87 Long lived token used by clients to request new access tokens without
88 requiring user intervention to re-authorize.
89
20395dc update docs for customizing default_lifetime
Ryan Sonnek authored
90 expires after 1 month by default. to customize the duration of refresh token:
91
92 ```ruby
93 Devise::Oauth2Providable::RefreshToken.default_lifetime = 1.year
94 ```
18491f7 update docs
Ryan Sonnek authored
95
4f21d5a fix spelling
Ryan Sonnek authored
96 ### AuthorizationCode
18491f7 update docs
Ryan Sonnek authored
97 http://tools.ietf.org/html/draft-ietf-oauth-v2-15#section-1.4.1
98
99 *Very* short lived token created to allow a client to request an access
100 token after a user has gone through the authorization flow.
101
20395dc update docs for customizing default_lifetime
Ryan Sonnek authored
102 expires after 1min by default. to customize the duration of the
103 authorization code:
104
105 ```ruby
106 Devise::Oauth2Providable::AuthorizationCode.default_lifetime = 5.minutes
107 ```
18491f7 update docs
Ryan Sonnek authored
108
109 ## Routes
110
111 ### /oauth2/authorize
2dec477 update docs
Ryan Sonnek authored
112 http://tools.ietf.org/html/draft-ietf-oauth-v2-15#section-2.1
113
114 Endpoint to start client authorization flow. Models, controllers and
115 views are included for out of the box deployment.
116
8dd3ead update docs
Ryan Sonnek authored
117 Supports the Authorization Code and Implicit grant types.
118
18491f7 update docs
Ryan Sonnek authored
119 ### /oauth2/token
2dec477 update docs
Ryan Sonnek authored
120 http://tools.ietf.org/html/draft-ietf-oauth-v2-15#section-2.2
121
18491f7 update docs
Ryan Sonnek authored
122 Endpoint to request access token. See grant type documentation for
123 supported flows.
124
125 ## Grant Types
2dec477 update docs
Ryan Sonnek authored
126
127 ### Resource Owner Password Credentials Grant Type
128 http://tools.ietf.org/html/draft-ietf-oauth-v2-15#section-4.3
129
130 in order to use the Resource Owner Password Credentials Grant Type, your
035ecda add refresh token association for access token
Ryan Sonnek authored
131 Devise model *must* be configured with the :database_authenticatable option
132
133 ### Client Credentials Grant Type
134 http://tools.ietf.org/html/draft-ietf-oauth-v2-15#section-4.4
2dec477 update docs
Ryan Sonnek authored
135
8dd3ead update docs
Ryan Sonnek authored
136 ### Authorization Code Grant Type
137 http://tools.ietf.org/html/draft-ietf-oauth-v2-15#section-4.1
138
2dec477 update docs
Ryan Sonnek authored
139 ### Implicit Grant Type
140 http://tools.ietf.org/html/draft-ietf-oauth-v2-15#section-4.2
141
142 ### Refresh Token Grant Type
143 http://tools.ietf.org/html/draft-ietf-oauth-v2-15#section-6
144
e6c59d4 add license
Ryan Sonnek authored
145 ## Contributing
146
147 * Fork the project
148 * Fix the issue
149 * Add unit tests
150 * Submit pull request on github
151
152 See CONTRIBUTORS.txt for list of project contributors
153
154 ## Copyright
155
156 Copyright (c) 2011 Socialcast, Inc.
157 See LICENSE.txt for further details.
158
Something went wrong with that request. Please try again.