Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
The OAuth 2.0 Authorization Framework draft-ietf-oauth-v2-28 implementation on top of devise.
branch: master

Fetching latest commit…

Cannot retrieve the latest commit at this time

Failed to load latest commit information.
app
config
db/migrate
lib
script
spec
.gitignore
.rspec
Gemfile
Gemfile.lock
MIT-LICENSE
README.md
Rakefile
devise_oauth.gemspec

README.md

Devise::Oauth

Installation

Add it to your Gemfile

gem 'devise_oauth'

Mount engine in your routes.rb file

mount Devise::Oauth::Engine => '/oauth'

Define possible scopes in your application.rb

Devise::Oauth.scopes = [:read, :write]

Add strategies to your User model

class User < ActiveRecord::Base
  devise :database_authenticatable,
         #:registerable,
         #:recoverable,
         #:rememberable,
         #:trackable,
         #:omniauthable,

         # OAuth provider
         :access_token_authenticatable,
         :client_ownable,
         :resource_ownable

Create migration [TODO: write generator]

look at db/migrate/20120622164619_devise_create_oauth.rb for now

CanCan support

if your app is accessed with access_token then we set it as oauth_token to current_user

class Ability
  include CanCan::Ability

  def initialize(user)
    user ||= User.new # guest user (not logged in)
    if user.oauth_token?
      # has access_token, so we set access rights with scope
      setup_client(user)
    else
      # normal user access rights setup
      setup(user)
    end

    # See the wiki for details: https://github.com/ryanb/cancan/wiki/Defining-Abilities
  end

  private

  def setup_client(user)
    if user.oauth_scope? :write
      can :create, :protected_resource
    end
  end

  def setup(user)

  end
end

This project rocks and uses MIT-LICENSE.

Something went wrong with that request. Please try again.