Skip to content

Commit

Permalink
oauth plaugin testing
Browse files Browse the repository at this point in the history
  • Loading branch information
Aashish Manchanda committed Jul 13, 2009
1 parent db548dd commit 6e15b8a
Show file tree
Hide file tree
Showing 23 changed files with 768 additions and 0 deletions.
2 changes: 2 additions & 0 deletions app/models/addusersoauthfields.rb
View file
Original file line number Original file line Diff line number Diff line change
@@ -0,0 +1,2 @@
class Addusersoauthfields < ActiveRecord::Base
end
21 changes: 21 additions & 0 deletions db/migrate/20090713171702_create_addusersoauthfields.rb
View file
Original file line number Original file line Diff line number Diff line change
@@ -0,0 +1,21 @@
class CreateAddusersoauthfields < ActiveRecord::Migration
ddef self.up
add_column :users, :oauth_token, :string
add_column :users, :oauth_secret, :string
add_index :users, :oauth_token

change_column :users, :login, :string, :default => nil, :null => true
change_column :users, :crypted_password, :string, :default => nil, :null => true
change_column :users, :password_salt, :string, :default => nil, :null => true
end

def self.down
remove_column :users, :oauth_token
remove_column :users, :oauth_secret

[:login, :crypted_password, :password_salt].each do |field|
User.all(:conditions => "#{field} is NULL").each { |user| user.update_attribute(field, "") if user.send(field).nil? }
change_column :users, field, :string, :default => "", :null => false
end
end
end
7 changes: 7 additions & 0 deletions test/fixtures/addusersoauthfields.yml
View file
Original file line number Original file line Diff line number Diff line change
@@ -0,0 +1,7 @@
# Read about fixtures at http://ar.rubyonrails.org/classes/Fixtures.html

# one:
# column: value
#
# two:
# column: value
8 changes: 8 additions & 0 deletions test/unit/addusersoauthfields_test.rb
View file
Original file line number Original file line Diff line number Diff line change
@@ -0,0 +1,8 @@
require 'test_helper'

class AddusersoauthfieldsTest < ActiveSupport::TestCase
# Replace this with your real tests.
test "the truth" do
assert true
end
end
23 changes: 23 additions & 0 deletions vendor/plugins/authlogic_oauth/CHANGELOG.rdoc
View file
Original file line number Original file line Diff line number Diff line change
@@ -0,0 +1,23 @@
== 1.0.6 released 2009-6-29

* Any attributes set on the User model before saving, will now be maintained after the user
returns from authenticating with the oauth server.

== 1.0.4 released 2009-6-27

* Bug fix

== 1.0.2 released 2009-6-27

* Using oauth's callback_url parameter to control where the oauth server returns the user to the application.
The callback_url parameter was temporarily disabled on major oauth sites due to security concerns, but has been resolved.

* Removed the need to add specific oauth routes and an oauth_controller (YAY!). This makes using the plugin much easier.

== 1.0.1 released 2009-6-4

* Adding helpers for the login/register buttons to be used in conjunction with authlogic_oauth

== 1.0.0 released 2009-5-31

* Initial release.
20 changes: 20 additions & 0 deletions vendor/plugins/authlogic_oauth/MIT-LICENSE
View file
Original file line number Original file line Diff line number Diff line change
@@ -0,0 +1,20 @@
Copyright (c) 2009 John Allison (johnallison.me)

Permission is hereby granted, free of charge, to any person obtaining
a copy of this software and associated documentation files (the
"Software"), to deal in the Software without restriction, including
without limitation the rights to use, copy, modify, merge, publish,
distribute, sublicense, and/or sell copies of the Software, and to
permit persons to whom the Software is furnished to do so, subject to
the following conditions:

The above copyright notice and this permission notice shall be
included in all copies or substantial portions of the Software.

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
20 changes: 20 additions & 0 deletions vendor/plugins/authlogic_oauth/Manifest.txt
View file
Original file line number Original file line Diff line number Diff line change
@@ -0,0 +1,20 @@
CHANGELOG.rdoc
MIT-LICENSE
Manifest.txt
README.rdoc
Rakefile
init.rb
lib/authlogic_oauth.rb
lib/authlogic_oauth/acts_as_authentic.rb
lib/authlogic_oauth/helper.rb
lib/authlogic_oauth/oauth_process.rb
lib/authlogic_oauth/session.rb
lib/authlogic_oauth/version.rb
lib/oauth_callback_filter.rb
rails/init.rb
test/acts_as_authentic_test.rb
test/fixtures/users.yml
test/lib/user.rb
test/lib/user_session.rb
test/session_test.rb
test/test_helper.rb
100 changes: 100 additions & 0 deletions vendor/plugins/authlogic_oauth/README.rdoc
View file
Original file line number Original file line Diff line number Diff line change
@@ -0,0 +1,100 @@
= Authlogic OAuth

Authlogic OAuth is an extension of the Authlogic library to add OAuth support. One use case for authentication with OAuth is allowing users to log in with their Twitter credentials.

== Helpful links

* <b>Authlogic:</b> http://github.com/binarylogic/authlogic
* <b>OAuth Example Project:</b> http://github.com/jrallison/authlogic_example/tree/with-oauth
* <b>Live example with Twitter:</b> http://authlogic-oauth.heroku.com

== Install and use

=== 1. Install Authlogic and setup your application

* <b>Authlogic:</b> http://github.com/binarylogic/authlogic
* <b>Authlogic Example:</b> http://github.com/binarylogic/authlogic_example

=== 2. Install OAuth and Authlogic_Oauth

$ sudo gem install oauth
$ sudo gem install authlogic-oauth

Now add the gem dependencies in your config:

config.gem "oauth"
config.gem "authlogic-oauth", :lib => "authlogic_oauth"

Or for older version of rails, install it as a plugin:

$ script/plugin install git://github.com/jrallison/authlogic_oauth.git

=== 3. Make some simple changes to your database:

class AddUsersOauthFields < ActiveRecord::Migration
def self.up
add_column :users, :oauth_token, :string
add_column :users, :oauth_secret, :string
add_index :users, :oauth_token

change_column :users, :login, :string, :default => nil, :null => true
change_column :users, :crypted_password, :string, :default => nil, :null => true
change_column :users, :password_salt, :string, :default => nil, :null => true
end

def self.down
remove_column :users, :oauth_token
remove_column :users, :oauth_secret

[:login, :crypted_password, :password_salt].each do |field|
User.all(:conditions => "#{field} is NULL").each { |user| user.update_attribute(field, "") if user.send(field).nil? }
change_column :users, field, :string, :default => "", :null => false
end
end
end

=== 4. Make sure you save your objects properly

You only need to save your objects this way if you want the user to authenticate with their OAuth provider.

That being said, you probably want to do this in your controllers. You should do this for BOTH your User objects and UserSession objects (assuming you are authenticating users). It should look something like this:

@user_session.save do |result|
if result
flash[:notice] = "Login successful!"
redirect_back_or_default account_url
else
render :action => :new
end
end

You should save your @user objects this way as well, because you also want the user to authenticate with OAuth.

Notice we are saving with a block. Why? Because we need to redirect the user to their OAuth provider so that they can authenticate. When we do this, we don't want to execute that block of code, because if we do, we will get a DoubleRender error. This lets us skip that entire block and send the user along their way without any problems.

=== 5. Define the oauth_consumer class method on your UserSession model

The oauth_consumer should return an OAuth::Consumer which is configured for your OAuth provider. Here's an example for Twitter:

class UserSession < Authlogic::Session::Base

def self.oauth_consumer
OAuth::Consumer.new("TOKEN", "SECRET",
{ :site=>"http://twitter.com",
:authorize_url => "http://twitter.com/oauth/authenticate" })
end

end

=== 6. Add login and register buttons to your views

<%= oauth_register_button :value => "Register with Twitter" %>
<%= oauth_login_button :value => "Login with Twitter" %>

That's it! The rest is taken care of for you.

= Here are some next steps for the plugin.

1. Safe OAuth error handling.
2. Remove oauth request from the Rails request cycle.

1 change: 1 addition & 0 deletions vendor/plugins/authlogic_oauth/init.rb
View file
Original file line number Original file line Diff line number Diff line change
@@ -0,0 +1 @@
File.dirname(__FILE__) + "/rails/init.rb"
9 changes: 9 additions & 0 deletions vendor/plugins/authlogic_oauth/lib/authlogic_oauth.rb
View file
Original file line number Original file line Diff line number Diff line change
@@ -0,0 +1,9 @@
require File.dirname(__FILE__) + "/authlogic_oauth/version"
require File.dirname(__FILE__) + "/authlogic_oauth/oauth_process"
require File.dirname(__FILE__) + "/authlogic_oauth/acts_as_authentic"
require File.dirname(__FILE__) + "/authlogic_oauth/session"
require File.dirname(__FILE__) + "/authlogic_oauth/helper"

ActiveRecord::Base.send(:include, AuthlogicOauth::ActsAsAuthentic)
Authlogic::Session::Base.send(:include, AuthlogicOauth::Session)
ActionController::Base.helper AuthlogicOauth::Helper
120 changes: 120 additions & 0 deletions vendor/plugins/authlogic_oauth/lib/authlogic_oauth/acts_as_authentic.rb
View file
Original file line number Original file line Diff line number Diff line change
@@ -0,0 +1,120 @@
module AuthlogicOauth
module ActsAsAuthentic
def self.included(klass)
klass.class_eval do
extend Config
add_acts_as_authentic_module(Methods, :prepend)
end
end

module Config
# The name of the oauth token field in the database.
#
# * <tt>Default:</tt> :oauth_token
# * <tt>Accepts:</tt> Symbol
def oauth_token_field(value = nil)
rw_config(:oauth_token_field, value, :oauth_token)
end
alias_method :oauth_token_field=, :oauth_token_field

# The name of the oauth token secret field in the database.
#
# * <tt>Default:</tt> :oauth_secret
# * <tt>Accepts:</tt> Symbol
def oauth_secret_field(value = nil)
rw_config(:oauth_secret_field, value, :oauth_secret)
end
alias_method :oauth_secret_field=, :oauth_secret_field
end

module Methods
include OauthProcess

# Set up some simple validations
def self.included(klass)
klass.class_eval do
alias_method "#{oauth_token_field.to_s}=".to_sym, :oauth_token=
alias_method "#{oauth_secret_field.to_s}=".to_sym, :oauth_secret=
end

return if !klass.column_names.include?(klass.oauth_token_field.to_s)

klass.class_eval do
validate :validate_by_oauth, :if => :authenticating_with_oauth?

validates_uniqueness_of klass.oauth_token_field, :scope => validations_scope, :if => :using_oauth?
validates_presence_of klass.oauth_secret_field, :scope => validations_scope, :if => :using_oauth?

validates_length_of_password_field_options validates_length_of_password_field_options.merge(:if => :validate_password_with_oauth?)
validates_confirmation_of_password_field_options validates_confirmation_of_password_field_options.merge(:if => :validate_password_with_oauth?)
validates_length_of_password_confirmation_field_options validates_length_of_password_confirmation_field_options.merge(:if => :validate_password_with_oauth?)
validates_length_of_login_field_options validates_length_of_login_field_options.merge(:if => :validate_password_with_oauth?)
validates_format_of_login_field_options validates_format_of_login_field_options.merge(:if => :validate_password_with_oauth?)
end

# email needs to be optional for oauth
klass.validate_email_field = false
end

def save(perform_validation = true, &block)
if perform_validation && block_given? && redirecting_to_oauth_server?
# Save attributes so they aren't lost during the authentication with the oauth server
session_class.controller.session[:authlogic_oauth_attributes] = attributes.reject!{|k, v| v.blank?}
redirect_to_oauth
return false
end

result = super
yield(result) if block_given?
result
end

# Set the oauth fields
def oauth_token=(value)
write_attribute(oauth_token_field, value.blank? ? nil : value)
end

def oauth_secret=(value)
write_attribute(oauth_secret_field, value.blank? ? nil : value)
end

private

def authenticating_with_oauth?
(session_class.controller.params && !session_class.controller.params[:register_with_oauth].blank?) || oauth_response
end

def authenticate_with_oauth
# Restore any attributes which were saved before redirecting to the oauth server
self.attributes = session_class.controller.session.delete(:authlogic_oauth_attributes)
access_token = generate_access_token

self.oauth_token = access_token.token
self.oauth_secret = access_token.secret
end

def access_token
OAuth::AccessToken.new(oauth,
read_attribute(oauth_token_field),
read_attribute(oauth_secret_field))
end

def using_oauth?
respond_to?(oauth_token_field) && !oauth_token.blank?
end

def validate_password_with_oauth?
!using_oauth? && require_password?
end

def oauth_token_field
self.class.oauth_token_field
end

def oauth_secret_field
self.class.oauth_secret_field
end

end
end
end
16 changes: 16 additions & 0 deletions vendor/plugins/authlogic_oauth/lib/authlogic_oauth/helper.rb
View file
Original file line number Original file line Diff line number Diff line change
@@ -0,0 +1,16 @@
module AuthlogicOauth
module Helper
def oauth_register_button(options = {})
oauth_button('register_with_oauth', options)
end

def oauth_login_button(options = {})
oauth_button('login_with_oauth', options)
end

private
def oauth_button(name, options = {})
"<input type='submit' value='#{options[:value]}' name='#{name}' id='user_submit' class='#{options[:class]}'/>"
end
end
end
Loading

0 comments on commit 6e15b8a

Please sign in to comment.