forked from harley/newstc
-
Notifications
You must be signed in to change notification settings - Fork 3
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Aashish Manchanda
committed
Jul 13, 2009
1 parent
db548dd
commit 6e15b8a
Showing
23 changed files
with
768 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Original file line | Diff line number | Diff line change |
---|---|---|---|
@@ -0,0 +1,2 @@ | |||
class Addusersoauthfields < ActiveRecord::Base | |||
end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Original file line | Diff line number | Diff line change |
---|---|---|---|
@@ -0,0 +1,21 @@ | |||
class CreateAddusersoauthfields < ActiveRecord::Migration | |||
ddef self.up | |||
add_column :users, :oauth_token, :string | |||
add_column :users, :oauth_secret, :string | |||
add_index :users, :oauth_token | |||
|
|||
change_column :users, :login, :string, :default => nil, :null => true | |||
change_column :users, :crypted_password, :string, :default => nil, :null => true | |||
change_column :users, :password_salt, :string, :default => nil, :null => true | |||
end | |||
|
|||
def self.down | |||
remove_column :users, :oauth_token | |||
remove_column :users, :oauth_secret | |||
|
|||
[:login, :crypted_password, :password_salt].each do |field| | |||
User.all(:conditions => "#{field} is NULL").each { |user| user.update_attribute(field, "") if user.send(field).nil? } | |||
change_column :users, field, :string, :default => "", :null => false | |||
end | |||
end | |||
end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Original file line | Diff line number | Diff line change |
---|---|---|---|
@@ -0,0 +1,7 @@ | |||
# Read about fixtures at http://ar.rubyonrails.org/classes/Fixtures.html | |||
|
|||
# one: | |||
# column: value | |||
# | |||
# two: | |||
# column: value |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Original file line | Diff line number | Diff line change |
---|---|---|---|
@@ -0,0 +1,8 @@ | |||
require 'test_helper' | |||
|
|||
class AddusersoauthfieldsTest < ActiveSupport::TestCase | |||
# Replace this with your real tests. | |||
test "the truth" do | |||
assert true | |||
end | |||
end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Original file line | Diff line number | Diff line change |
---|---|---|---|
@@ -0,0 +1,23 @@ | |||
== 1.0.6 released 2009-6-29 | |||
|
|||
* Any attributes set on the User model before saving, will now be maintained after the user | |||
returns from authenticating with the oauth server. | |||
|
|||
== 1.0.4 released 2009-6-27 | |||
|
|||
* Bug fix | |||
|
|||
== 1.0.2 released 2009-6-27 | |||
|
|||
* Using oauth's callback_url parameter to control where the oauth server returns the user to the application. | |||
The callback_url parameter was temporarily disabled on major oauth sites due to security concerns, but has been resolved. | |||
|
|||
* Removed the need to add specific oauth routes and an oauth_controller (YAY!). This makes using the plugin much easier. | |||
|
|||
== 1.0.1 released 2009-6-4 | |||
|
|||
* Adding helpers for the login/register buttons to be used in conjunction with authlogic_oauth | |||
|
|||
== 1.0.0 released 2009-5-31 | |||
|
|||
* Initial release. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Original file line | Diff line number | Diff line change |
---|---|---|---|
@@ -0,0 +1,20 @@ | |||
Copyright (c) 2009 John Allison (johnallison.me) | |||
|
|||
Permission is hereby granted, free of charge, to any person obtaining | |||
a copy of this software and associated documentation files (the | |||
"Software"), to deal in the Software without restriction, including | |||
without limitation the rights to use, copy, modify, merge, publish, | |||
distribute, sublicense, and/or sell copies of the Software, and to | |||
permit persons to whom the Software is furnished to do so, subject to | |||
the following conditions: | |||
|
|||
The above copyright notice and this permission notice shall be | |||
included in all copies or substantial portions of the Software. | |||
|
|||
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, | |||
EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF | |||
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND | |||
NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE | |||
LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION | |||
OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION | |||
WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Original file line | Diff line number | Diff line change |
---|---|---|---|
@@ -0,0 +1,20 @@ | |||
CHANGELOG.rdoc | |||
MIT-LICENSE | |||
Manifest.txt | |||
README.rdoc | |||
Rakefile | |||
init.rb | |||
lib/authlogic_oauth.rb | |||
lib/authlogic_oauth/acts_as_authentic.rb | |||
lib/authlogic_oauth/helper.rb | |||
lib/authlogic_oauth/oauth_process.rb | |||
lib/authlogic_oauth/session.rb | |||
lib/authlogic_oauth/version.rb | |||
lib/oauth_callback_filter.rb | |||
rails/init.rb | |||
test/acts_as_authentic_test.rb | |||
test/fixtures/users.yml | |||
test/lib/user.rb | |||
test/lib/user_session.rb | |||
test/session_test.rb | |||
test/test_helper.rb |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Original file line | Diff line number | Diff line change |
---|---|---|---|
@@ -0,0 +1,100 @@ | |||
= Authlogic OAuth | |||
|
|||
Authlogic OAuth is an extension of the Authlogic library to add OAuth support. One use case for authentication with OAuth is allowing users to log in with their Twitter credentials. | |||
|
|||
== Helpful links | |||
|
|||
* <b>Authlogic:</b> http://github.com/binarylogic/authlogic | |||
* <b>OAuth Example Project:</b> http://github.com/jrallison/authlogic_example/tree/with-oauth | |||
* <b>Live example with Twitter:</b> http://authlogic-oauth.heroku.com | |||
|
|||
== Install and use | |||
|
|||
=== 1. Install Authlogic and setup your application | |||
|
|||
* <b>Authlogic:</b> http://github.com/binarylogic/authlogic | |||
* <b>Authlogic Example:</b> http://github.com/binarylogic/authlogic_example | |||
|
|||
=== 2. Install OAuth and Authlogic_Oauth | |||
|
|||
$ sudo gem install oauth | |||
$ sudo gem install authlogic-oauth | |||
|
|||
Now add the gem dependencies in your config: | |||
|
|||
config.gem "oauth" | |||
config.gem "authlogic-oauth", :lib => "authlogic_oauth" | |||
|
|||
Or for older version of rails, install it as a plugin: | |||
|
|||
$ script/plugin install git://github.com/jrallison/authlogic_oauth.git | |||
|
|||
=== 3. Make some simple changes to your database: | |||
|
|||
class AddUsersOauthFields < ActiveRecord::Migration | |||
def self.up | |||
add_column :users, :oauth_token, :string | |||
add_column :users, :oauth_secret, :string | |||
add_index :users, :oauth_token | |||
|
|||
change_column :users, :login, :string, :default => nil, :null => true | |||
change_column :users, :crypted_password, :string, :default => nil, :null => true | |||
change_column :users, :password_salt, :string, :default => nil, :null => true | |||
end | |||
|
|||
def self.down | |||
remove_column :users, :oauth_token | |||
remove_column :users, :oauth_secret | |||
|
|||
[:login, :crypted_password, :password_salt].each do |field| | |||
User.all(:conditions => "#{field} is NULL").each { |user| user.update_attribute(field, "") if user.send(field).nil? } | |||
change_column :users, field, :string, :default => "", :null => false | |||
end | |||
end | |||
end | |||
|
|||
=== 4. Make sure you save your objects properly | |||
|
|||
You only need to save your objects this way if you want the user to authenticate with their OAuth provider. | |||
|
|||
That being said, you probably want to do this in your controllers. You should do this for BOTH your User objects and UserSession objects (assuming you are authenticating users). It should look something like this: | |||
|
|||
@user_session.save do |result| | |||
if result | |||
flash[:notice] = "Login successful!" | |||
redirect_back_or_default account_url | |||
else | |||
render :action => :new | |||
end | |||
end | |||
|
|||
You should save your @user objects this way as well, because you also want the user to authenticate with OAuth. | |||
|
|||
Notice we are saving with a block. Why? Because we need to redirect the user to their OAuth provider so that they can authenticate. When we do this, we don't want to execute that block of code, because if we do, we will get a DoubleRender error. This lets us skip that entire block and send the user along their way without any problems. | |||
|
|||
=== 5. Define the oauth_consumer class method on your UserSession model | |||
|
|||
The oauth_consumer should return an OAuth::Consumer which is configured for your OAuth provider. Here's an example for Twitter: | |||
|
|||
class UserSession < Authlogic::Session::Base | |||
|
|||
def self.oauth_consumer | |||
OAuth::Consumer.new("TOKEN", "SECRET", | |||
{ :site=>"http://twitter.com", | |||
:authorize_url => "http://twitter.com/oauth/authenticate" }) | |||
end | |||
|
|||
end | |||
|
|||
=== 6. Add login and register buttons to your views | |||
|
|||
<%= oauth_register_button :value => "Register with Twitter" %> | |||
<%= oauth_login_button :value => "Login with Twitter" %> | |||
|
|||
That's it! The rest is taken care of for you. | |||
|
|||
= Here are some next steps for the plugin. | |||
|
|||
1. Safe OAuth error handling. | |||
2. Remove oauth request from the Rails request cycle. | |||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Original file line | Diff line number | Diff line change |
---|---|---|---|
@@ -0,0 +1 @@ | |||
File.dirname(__FILE__) + "/rails/init.rb" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Original file line | Diff line number | Diff line change |
---|---|---|---|
@@ -0,0 +1,9 @@ | |||
require File.dirname(__FILE__) + "/authlogic_oauth/version" | |||
require File.dirname(__FILE__) + "/authlogic_oauth/oauth_process" | |||
require File.dirname(__FILE__) + "/authlogic_oauth/acts_as_authentic" | |||
require File.dirname(__FILE__) + "/authlogic_oauth/session" | |||
require File.dirname(__FILE__) + "/authlogic_oauth/helper" | |||
|
|||
ActiveRecord::Base.send(:include, AuthlogicOauth::ActsAsAuthentic) | |||
Authlogic::Session::Base.send(:include, AuthlogicOauth::Session) | |||
ActionController::Base.helper AuthlogicOauth::Helper |
120 changes: 120 additions & 0 deletions
120
vendor/plugins/authlogic_oauth/lib/authlogic_oauth/acts_as_authentic.rb
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Original file line | Diff line number | Diff line change |
---|---|---|---|
@@ -0,0 +1,120 @@ | |||
module AuthlogicOauth | |||
module ActsAsAuthentic | |||
def self.included(klass) | |||
klass.class_eval do | |||
extend Config | |||
add_acts_as_authentic_module(Methods, :prepend) | |||
end | |||
end | |||
|
|||
module Config | |||
# The name of the oauth token field in the database. | |||
# | |||
# * <tt>Default:</tt> :oauth_token | |||
# * <tt>Accepts:</tt> Symbol | |||
def oauth_token_field(value = nil) | |||
rw_config(:oauth_token_field, value, :oauth_token) | |||
end | |||
alias_method :oauth_token_field=, :oauth_token_field | |||
|
|||
# The name of the oauth token secret field in the database. | |||
# | |||
# * <tt>Default:</tt> :oauth_secret | |||
# * <tt>Accepts:</tt> Symbol | |||
def oauth_secret_field(value = nil) | |||
rw_config(:oauth_secret_field, value, :oauth_secret) | |||
end | |||
alias_method :oauth_secret_field=, :oauth_secret_field | |||
end | |||
|
|||
module Methods | |||
include OauthProcess | |||
|
|||
# Set up some simple validations | |||
def self.included(klass) | |||
klass.class_eval do | |||
alias_method "#{oauth_token_field.to_s}=".to_sym, :oauth_token= | |||
alias_method "#{oauth_secret_field.to_s}=".to_sym, :oauth_secret= | |||
end | |||
|
|||
return if !klass.column_names.include?(klass.oauth_token_field.to_s) | |||
|
|||
klass.class_eval do | |||
validate :validate_by_oauth, :if => :authenticating_with_oauth? | |||
|
|||
validates_uniqueness_of klass.oauth_token_field, :scope => validations_scope, :if => :using_oauth? | |||
validates_presence_of klass.oauth_secret_field, :scope => validations_scope, :if => :using_oauth? | |||
|
|||
validates_length_of_password_field_options validates_length_of_password_field_options.merge(:if => :validate_password_with_oauth?) | |||
validates_confirmation_of_password_field_options validates_confirmation_of_password_field_options.merge(:if => :validate_password_with_oauth?) | |||
validates_length_of_password_confirmation_field_options validates_length_of_password_confirmation_field_options.merge(:if => :validate_password_with_oauth?) | |||
validates_length_of_login_field_options validates_length_of_login_field_options.merge(:if => :validate_password_with_oauth?) | |||
validates_format_of_login_field_options validates_format_of_login_field_options.merge(:if => :validate_password_with_oauth?) | |||
end | |||
|
|||
# email needs to be optional for oauth | |||
klass.validate_email_field = false | |||
end | |||
|
|||
def save(perform_validation = true, &block) | |||
if perform_validation && block_given? && redirecting_to_oauth_server? | |||
# Save attributes so they aren't lost during the authentication with the oauth server | |||
session_class.controller.session[:authlogic_oauth_attributes] = attributes.reject!{|k, v| v.blank?} | |||
redirect_to_oauth | |||
return false | |||
end | |||
|
|||
result = super | |||
yield(result) if block_given? | |||
result | |||
end | |||
|
|||
# Set the oauth fields | |||
def oauth_token=(value) | |||
write_attribute(oauth_token_field, value.blank? ? nil : value) | |||
end | |||
|
|||
def oauth_secret=(value) | |||
write_attribute(oauth_secret_field, value.blank? ? nil : value) | |||
end | |||
|
|||
private | |||
|
|||
def authenticating_with_oauth? | |||
(session_class.controller.params && !session_class.controller.params[:register_with_oauth].blank?) || oauth_response | |||
end | |||
|
|||
def authenticate_with_oauth | |||
# Restore any attributes which were saved before redirecting to the oauth server | |||
self.attributes = session_class.controller.session.delete(:authlogic_oauth_attributes) | |||
access_token = generate_access_token | |||
|
|||
self.oauth_token = access_token.token | |||
self.oauth_secret = access_token.secret | |||
end | |||
|
|||
def access_token | |||
OAuth::AccessToken.new(oauth, | |||
read_attribute(oauth_token_field), | |||
read_attribute(oauth_secret_field)) | |||
end | |||
|
|||
def using_oauth? | |||
respond_to?(oauth_token_field) && !oauth_token.blank? | |||
end | |||
|
|||
def validate_password_with_oauth? | |||
!using_oauth? && require_password? | |||
end | |||
|
|||
def oauth_token_field | |||
self.class.oauth_token_field | |||
end | |||
|
|||
def oauth_secret_field | |||
self.class.oauth_secret_field | |||
end | |||
|
|||
end | |||
end | |||
end |
16 changes: 16 additions & 0 deletions
16
vendor/plugins/authlogic_oauth/lib/authlogic_oauth/helper.rb
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Original file line | Diff line number | Diff line change |
---|---|---|---|
@@ -0,0 +1,16 @@ | |||
module AuthlogicOauth | |||
module Helper | |||
def oauth_register_button(options = {}) | |||
oauth_button('register_with_oauth', options) | |||
end | |||
|
|||
def oauth_login_button(options = {}) | |||
oauth_button('login_with_oauth', options) | |||
end | |||
|
|||
private | |||
def oauth_button(name, options = {}) | |||
"<input type='submit' value='#{options[:value]}' name='#{name}' id='user_submit' class='#{options[:class]}'/>" | |||
end | |||
end | |||
end |
Oops, something went wrong.