Refining for 0.1 release

dhou · May 13, 2008 · 45f03a3 · 45f03a3
1 parent 6c29080
commit 45f03a3
Show file tree

Hide file tree

Showing 4 changed files with 67 additions and 33 deletions.
diff --git a/oauth-plugin/grails-app/controllers/OauthController.groovy b/oauth-plugin/grails-app/controllers/OauthController.groovy
@@ -29,57 +29,86 @@ class OauthController {
 	 */
     def auth = {
 		try{
-			def consumerName = params.consumer
-			def token = oauthService.fetchRequestToken(consumerName)
-			session.tokenKey = token.key
-	    	session.tokenSecret = token.secret
-	    	def redir = oauthService.getAuthUrl(token.key, consumerName, params)
+			//Some services like FireEagle don't retain callback and params
+			//Must store the params in session
+			//def consumerName = params.consumer
+			params.remove('controller')
+			params.remove('action')
+			session.cbparams = params
+
+			def token = oauthService.fetchRequestToken(params.consumer)
+			session.oauthToken = token
+	    	log.debug "Stored token to session: ${session.oauthToken}"
+	    	def redir = oauthService.getAuthUrl(token.key, params.consumer, params)
 	    	log.debug "Going to redirect to auth url: $redir"
 	    	redirect(url:redir)
 	    	return
 		}catch(OAuthProblemException e){
-			flash.oauthError = e.problem?:'oauth.unknown'
+			flash.oauthError = e?.problem?e?.problem.replace('_','.'):'oauth.unknown'
 			flash.oauthErrorParams = e.parameters
 			redirect(controller:errorController, action:errorAction)
 		}
     }
 
 	/**
-	 * This action will be called when the OAuth service returns
+	 * This action will be called when the OAuth service returns from user authorization
 	 * Do not (and no need) to call this explicitly
+	 * Access token and secret are stored in session
+	 * Get them by session.oauthToken.key and session.oauthToken.secret
 	 */
     def callback = {
-    	log.debug "Got params: $params"
-
-		def returnController = params.remove('return_controller')
-		def returnAction = params.remove('return_action')
-		def errorController = params.remove('error_controller')
-		def errorAction = params.remove('error_action')
+    	log.debug "Got callback params: $params"
+    	session.cbparams.each{k,v->
+    		log.debug("session param[$k]: $v")
+	 	}
+		def returnController = params.remove('return_controller')?:session.cbparams.remove('return_controller')
+		def returnAction = params.remove('return_action')?:session.cbparams.remove('return_action')
+		def errorController = params.remove('error_controller')?:session.cbparams.remove('error_controller')
+		def errorAction = params.remove('error_action')?:session.cbparams.remove('error_action')
+
 		params.remove('controller')
 		params.remove('action')
+		params.each{k,v->
+			log.debug "remaining params[$k]: $v"
+		}
+		def redirParams = params + session.cbparams
+		redirParams.each{k,v->
+			log.debug "Redir params[$k]: $v"
+		}
+		session.cbparams = null
+
+		def oauth_token = params?.oauth_token
+		if(oauth_token && oauth_token != session.oauthToken.key){
+			//returned token is different from the last received request token
+			flash.oauthError = 'oauth.token.mismatch'
+			redirect(controller:errorController, action:errorAction, params:redirParams)
+			return
+		}
+
     	try{
-			def accessToken = oauthService.fetchAccessToken(params.consumer, [key:session.tokenKey, secret:session.tokenSecret])
-			session.tokenKey = accessToken.key
-			session.tokenSecret = accessToken.secret
+			def accessToken = oauthService.fetchAccessToken(redirParams.consumer, [key:session.oauthToken.key, secret:session.oauthToken.secret])
+			session.oauthToken = accessToken
 			log.debug("Got access token: ${accessToken.key}\nGot token secret: ${accessToken.secret}")
-			log.debug("Saved token to session: [key]${session.tokenKey} [secret]${session.tokenSecret}")
+			log.debug("Saved token to session: [key]${session.oauthToken.key} [secret]${session.oauthToken.secret}")
 			log.debug "Redirecting: [controller]$returnController, [action]$returnAction"
-			redirect(controller:returnController, action:returnAction, params:params)
+			redirect(controller:returnController, action:returnAction, params:redirParams)
     	}catch(OAuthProblemException e){
     		log.debug "OAuthProblemException problem: ${e?.problem}"
     		log.debug "status code: ${e.httpStatusCode}"
-    		if(e.httpStatusCode == 400){
-    			flash.oauthError = e.problem?:'oauth.badrequest'
-    		} else if (e.httpStatusCode == 401){
-    			flash.oauthError = e.problem?:'oauth.unauthorized'
-    		} else {
-    			flash.oauthError = e.problem?:'oauth.unknown'
+    		if(!e?.problem){
+	    		if(e.httpStatusCode == 400){
+	    			flash.oauthError = e?.problem?e?.problem.replace('_','.'):'oauth.400badrequest'
+	    		} else if (e.httpStatusCode == 401){
+	    			flash.oauthError = e?.problem?e?.problem.replace('_','.'):'oauth.401unauthorized'
+	    		} else {
+	    			flash.oauthError = e?.problem?e?.problem.replace('_','.'):'oauth.unknown'
+	    		}
     		}
     		flash.oauthErrorParams = e.parameters
     		e.parameters.each{key,value->
     			log.debug "$key:$value"
     		}
-    		redirect(controller:errorController, action:errorAction, params:params)
+    		redirect(controller:errorController, action:errorAction, params:redirParams)
     	}
     }
 

diff --git a/oauth-plugin/grails-app/i18n/messages.properties b/oauth-plugin/grails-app/i18n/messages.properties
@@ -0,0 +1,7 @@
+oauth.unknown=An unknown error has occurred. Please try the OAuth process again.
+oauth.requesttoken.missing=Failed to retrieve the request token from the OAuth service provider. Please try to the authorization action again.
+oauth.accesstoken.missing=Failed to retrieve the access token from the OAuth service provider. Please check and try again.
+oauth.400badrequest=There has been an error in the OAuth request. Please try again.
+oauth.401unauthorized=You are unauthorized to perform the action. Please get authorized with OAuth first.
+oauth.invalid.consumer=No OAuth consumer found. Please check the problem and try again.
+oauth.invalid.token=No OAuth token found. Please check the problem and try again.
diff --git a/oauth-plugin/grails-app/taglib/OauthTagLib.groovy b/oauth-plugin/grails-app/taglib/OauthTagLib.groovy
@@ -16,7 +16,7 @@
 
 class OauthTagLib {
 	/**
-	 * Renders an OAuth user authorization request link
+	 * Renders an OAuth user authorization request link to the service provider
 	 * 
 	 * Attributes:
 	 * consumer - the oauth consumer name
@@ -35,7 +35,7 @@ class OauthTagLib {
 	}
 
 	/**
-	 * Construct the URL for OAuth authorization action
+	 * Construct the URL string for OAuth authorization action
 	 * To be used in other means than a simple <a> link
 	 */
 	def oauthUrl = { attrs ->
@@ -67,9 +67,7 @@ class OauthTagLib {
 	 * 
 	 * <g:hasOauthError>
 	 *     <div class="errors">
-	 *         <ul>
-	 *             <li><g:renderOauthError /></li>
-	 *         </ul>
+	 *         <g:renderOauthError />
 	 *     </div>
 	 * </g:hasLoginError>
 	 */

diff --git a/oauth-plugin/plugin.xml b/oauth-plugin/plugin.xml
@@ -2,9 +2,9 @@
   <author>Yong Rong (Damien) Hou</author>
   <authorEmail>houyongr@gmail.com</authorEmail>
   <title>Adds OAuth capability to Grails apps</title>
-  <description>This plugin wraps up the OAuth Java implementation and provides out-of-the-box
-OAuth functionality for Grails apps
-</description>
+  <description>	This plugin wraps up the OAuth Java implementation and provides out-of-the-box
+	OAuth functionality for Grails apps
+	</description>
   <documentation>http://grails.org/Oauth+Plugin</documentation>
   <resources>
     <resource>OauthController</resource>