Added new configuration params

andreazaupa · Apr 6, 2011 · 7f01e15 · 7f01e15
1 parent 9fd9de6
commit 7f01e15
Show file tree

Hide file tree

Showing 11 changed files with 20 additions and 19 deletions.
diff --git a/README.rdoc b/README.rdoc
@@ -89,8 +89,7 @@ Using curl the request might look like:
           "code": "g2VDXwrT0S6iZeUeYQBYi2stxRy", \
           "grant_type": "authorization_code", \
           "client_id": "http://localhost:30000/clients/a918F2fs3", \
-          "client_secret": "a34a7afe4731e745de9d61iZeUeY", \
-          "scope": "write"
+          "client_secret": "a34a7afe4731e745de9d61iZeUeY" \
        }'
 
 The response is a JSON Object containing the access token:
@@ -110,7 +109,6 @@ you can use the token endpoint with your refresh token with the following query
 * <b>client_id</b> (REQUIRED): client identifier (in our case is the uri field of the client)
 * <b>client_secred</b> (REQUIRED): client secret code
 * <b>refresh_token</b> (REQUIRED): refresh token previusly received
-* <b>state</b> (OPTIONAL): opaque value used by the client to maintain state between the request and callback
 
 Using curl the request might look like:
 
@@ -211,7 +209,7 @@ Using curl the request might look like:
           "client_secret": "a34a7afe4731e745de9d61iZeUeY", \
           "username": "alice@example.com", \
           "password": "example", \
-          "scope": "write"
+          "scope": "write" \
        }'
 
 The response is a JSON Object containing the access token:
@@ -231,7 +229,6 @@ you can use the token endpoint with your refresh token with the following query
 * <b>client_id</b> (REQUIRED): client identifier (in our case is the uri field of the client)
 * <b>client_secred</b> (REQUIRED): client secret code
 * <b>refresh_token</b> (REQUIRED): refresh token previusly received
-* <b>state</b> (OPTIONAL): opaque value used by the client to maintain state between the request and callback
 
 Using curl the request might look like:
 
@@ -258,7 +255,9 @@ The response is a JSON Object containing the new access token.
 
 Rest OAuth 2.0 Server allows you to personalize some options changing {oauth.yml}[link:blob/master/config/oauth.yml]
 
-* <b>expires_in</b>: define the seconds after which the access token expire. 
+* <b>token_expires_in</b>: define the seconds after which the access token expires. 
+* <b>authorization_expires_in</b>: define the seconds after which the authorization code expires. 
+* <b>secure_random</b>: define the lenght of tokens, code and secret keys.
 
 
 

diff --git a/app/controllers/oauth/oauth_authorize_controller.rb b/app/controllers/oauth/oauth_authorize_controller.rb
@@ -122,7 +122,7 @@ def authorization_redirect_uri(client, authorization, state)
     def implicit_redirect_uri(client, token, state)
       uri  = client.redirect_uri
       uri += "#token=" + token.token
-      uri += "&expires_in=" + Oauth.settings["expires_in"]
+      uri += "&expires_in=" + Oauth.settings["token_expires_in"]
       uri += "&state=" + state if state
       return uri
     end

diff --git a/app/models/oauth/oauth_authorization.rb b/app/models/oauth/oauth_authorization.rb
@@ -57,12 +57,12 @@ def where_code_and_client_uri(code, client_id)
 
     # random authorization code
     def random_code
-      self.code = ActiveSupport::SecureRandom.hex(32)
+      self.code = ActiveSupport::SecureRandom.hex(Oauth.settings["random_length"])
     end
 
     # expiration time
     def create_expiration
-      self.expire_at = Chronic.parse("in 150 seconds")
+      self.expire_at = Chronic.parse("in #{Oauth.settings["authorization_expires_in"]} seconds")
     end
 
 end
diff --git a/app/models/oauth/oauth_client.rb b/app/models/oauth/oauth_client.rb
@@ -96,7 +96,7 @@ def block_authorizations!
     end
 
     def random_secret
-      self.secret = ActiveSupport::SecureRandom.hex(32)
+      self.secret = ActiveSupport::SecureRandom.hex(Oauth.settings["random_length"])
     end
 
     def clean

diff --git a/app/models/oauth/oauth_refresh_token.rb b/app/models/oauth/oauth_refresh_token.rb
@@ -12,7 +12,7 @@ class OauthRefreshToken
   private
 
     def random_refresh_token
-      self.refresh_token = ActiveSupport::SecureRandom.hex(32)
+      self.refresh_token = ActiveSupport::SecureRandom.hex(Oauth.settings["random_length"])
     end
 
 end
diff --git a/app/models/oauth/oauth_token.rb b/app/models/oauth/oauth_token.rb
@@ -62,15 +62,15 @@ def expired?
   private
 
     def random_token
-      self.token = ActiveSupport::SecureRandom.hex(32)
+      self.token = ActiveSupport::SecureRandom.hex(Oauth.settings["random_length"])
     end
 
     def random_refresh_token
-      self.refresh_token = ActiveSupport::SecureRandom.hex(32)
+      self.refresh_token = ActiveSupport::SecureRandom.hex(Oauth.settings["random_length"])
     end
 
     def create_expiration
-      self.expire_at = Chronic.parse("in #{Oauth.settings["expires_in"]} seconds")
+      self.expire_at = Chronic.parse("in #{Oauth.settings["token_expires_in"]} seconds")
     end
 
 end
diff --git a/app/views/oauth/token.json.erb b/app/views/oauth/token.json.erb
@@ -1,5 +1,5 @@
 { 
   "access_token": "<%=@token.token%>",
-  "expires_in": <%=Oauth.settings["expires_in"]%>,
+  "expires_in": <%=Oauth.settings["token_expires_in"]%>,
   "refresh_token": "<%=@refresh_token.refresh_token%>"
 }
diff --git a/config/oauth.yml b/config/oauth.yml
@@ -1 +1,3 @@
-expires_in: "1800"
+token_expires_in: "1800"
+authorization_expires_in: "150"
+random_length: 32
diff --git a/spec/acceptance/oauth/oauth_token_controller_spec.rb b/spec/acceptance/oauth/oauth_token_controller_spec.rb
@@ -52,7 +52,7 @@
 
     scenario "fails when authorization is expired" do
       authorization.expire_at # hack (otherwise do not set the time)
-      Delorean.time_travel_to("in 151 seconds")
+      Delorean.time_travel_to("in #{Oauth.settings["authorization_expires_in"]} seconds")
       create_token_uri(attributes)
       page.should have_content "Authorization expired"
       page.should have_content "less than 5 seconds"

diff --git a/spec/acceptance/support/helpers.rb b/spec/acceptance/support/helpers.rb
@@ -47,7 +47,7 @@ def authorization_grant_uri(client)
   def implicit_grant_uri(client)
     token = OauthToken.last
     token.token.should_not be_nil
-    uri = client.redirect_uri + "#token=" + token.token + "&expires_in=" + Oauth.settings["expires_in"]
+    uri = client.redirect_uri + "#token=" + token.token + "&expires_in=" + Oauth.settings["token_expires_in"]
   end
 
   def authorization_denied_uri(client)

diff --git a/spec/models/oauth/oauth_token_spec.rb b/spec/models/oauth/oauth_token_spec.rb
@@ -48,7 +48,7 @@
 
   it "#expired?" do
     subject.should_not be_expired
-    Delorean.time_travel_to("in #{Oauth.settings["expires_in"]} seconds")
+    Delorean.time_travel_to("in #{Oauth.settings["token_expires_in"]} seconds")
     subject.should be_expired
   end