Permalink
Browse files

fix diaspora connect for the new oauth stuff WIP. There's one bug whe…

…re the oauth_identifier changes but the client doesn't get informed or doesn't save it. I hope it's the last bug. Btw. this is all ugly
  • Loading branch information...
1 parent 05be43e commit 4dd55ebdada3d731b3a6afc959717da7f3e1f1c1 @jhass jhass committed Dec 8, 2011
View
@@ -12,7 +12,7 @@ gem 'thin', '~> 1.3.1', :require => false
gem 'devise', '~> 1.3.1'
gem 'devise_invitable', '0.5.0'
gem 'jwt', "0.1.3"
-gem 'oauth2-provider', '0.0.16'
+gem 'oauth2-provider', '0.0.19'
gem 'omniauth', '1.0.1'
gem 'omniauth-facebook'
View
@@ -278,8 +278,8 @@ GEM
oauth2 (0.5.0)
faraday (>= 0.6.1, < 0.8)
multi_json (~> 1.0.0)
- oauth2-provider (0.0.16)
- activesupport (~> 3.0.1)
+ oauth2-provider (0.0.19)
+ activesupport (~> 3.0)
addressable (~> 2.2)
ohai (0.6.10)
mixlib-cli
@@ -483,7 +483,7 @@ DEPENDENCIES
mysql2 (= 0.2.17)
newrelic_rpm
nokogiri (~> 1.5.0)
- oauth2-provider (= 0.0.16)
+ oauth2-provider (= 0.0.19)
ohai (~> 0.6.10)
omniauth (= 1.0.1)
omniauth-facebook
@@ -4,6 +4,7 @@ class ApisController < ApplicationController
respond_to :json
def me
+# debugger
@person = @user.person
render :json => {
:birthday => @person.profile.birthday,
@@ -53,28 +53,41 @@ def token
render :text => "bad request: #{params.inspect}", :status => 403
return
end
- packaged_manifest = JSON.parse(RestClient.get("#{app_url}manifest.json").body)
- public_key = OpenSSL::PKey::RSA.new(packaged_manifest['public_key'])
- manifest = JWT.decode(packaged_manifest['jwt'], public_key)
-
- message = verify(signed_string, Base64.decode64(params[:signature]), public_key, manifest)
- if not (message =='ok')
- render :text => message, :status => 403
- elsif manifest["application_base_url"].match(/^https?:\/\/(localhost|chubbi\.es|www\.cubbi\.es|cubbi\.es)(:\d+)?\/$/).nil?
- # This will only be temporary (less than a month) while we iron out the kinks in Diaspora Connect. Essentially,
- # whatever we release people will try to work off of and it sucks to build things on top of non-stable things.
- # We also started writing a gem that we'll release (around the same time) that makes becoming a Diaspora enabled
- # ruby project a breeze.
-
- render :text => "Domain (#{manifest["application_base_url"]}) currently not authorized for Diaspora OAuth", :status => 403
- else
- client = OAuth2::Provider.client_class.create_or_reset_from_manifest!(manifest, public_key)
-
- render :json => {:client_id => client.oauth_identifier,
- :client_secret => client.oauth_secret,
- :expires_in => 0,
- :flows_supported => ""}
+
+ packaged_manifest = JSON.parse(RestClient.get("#{app_url}manifest.json").body)
+ public_key = OpenSSL::PKey::RSA.new(packaged_manifest['public_key'])
+ manifest = JWT.decode(packaged_manifest['jwt'], public_key)
+
+ message = verify(signed_string, Base64.decode64(params[:signature]), public_key, manifest)
+ if not (message =='ok')
+ render :text => message, :status => 403
+ elsif manifest["application_base_url"].match(/^https?:\/\/(localhost|chubbi\.es|www\.cubbi\.es|cubbi\.es)(:\d+)?\/$/).nil?
+ # This will only be temporary (less than a month) while we iron out the kinks in Diaspora Connect. Essentially,
+ # whatever we release people will try to work off of and it sucks to build things on top of non-stable things.
+ # We also started writing a gem that we'll release (around the same time) that makes becoming a Diaspora enabled
+ # ruby project a breeze.
+
+ render :text => "Domain (#{manifest["application_base_url"]}) currently not authorized for Diaspora OAuth", :status => 403
+ else
+ client = OAuth2::Provider.client_class.create_or_reset_from_manifest!(manifest, public_key)
+
+ debugger
+ json = {:client_id => client.oauth_identifier,
+ :client_secret => client.oauth_secret,
+ :expires_in => 0,
+ :flows_supported => ""}
+
+ if params[:code]
+ code = client.authorization_codes.claim(params[:code],
+ params[:redirect_uri])
+ json.merge!(
+ :access_token => code.access_token,
+ :refresh_token => code.refresh_token
+ )
end
+
+ render :json => json
+ end
end
def index
@@ -0,0 +1,9 @@
+class AddOauthRedirectUriToOauthClients < ActiveRecord::Migration
+ def self.up
+ add_column :oauth_clients, :oauth_redirect_uri, :string
+ end
+
+ def self.down
+ remove_column :oauth_clients, :oauth_redirect_uri
+ end
+end
@@ -0,0 +1,19 @@
+class RemoveLowLengthLimitsFromOauthTables < ActiveRecord::Migration
+ def self.up
+ change_column :oauth_clients, :oauth_identifier, :string, :limit => 127
+ change_column :oauth_clients, :oauth_secret, :string, :limit => 127
+ change_column :oauth_clients, :nonce, :string, :limit => 127
+ change_column :oauth_authorization_codes, :code, :string, :limit => 127
+ change_column :oauth_access_tokens, :access_token, :string, :limit => 127
+ change_column :oauth_access_tokens, :refresh_token, :string, :limit => 127
+ end
+
+ def self.down
+ change_column :oauth_clients, :oauth_identifier, :string, :limit => 32
+ change_column :oauth_clients, :oauth_secret, :string, :limit => 32
+ change_column :oauth_clients, :nonce, :string, :limit => 64
+ change_column :oauth_authorization_codes, :code, :string, :limit => 32
+ change_column :oauth_access_tokens, :access_token, :string, :limit => 32
+ change_column :oauth_access_tokens, :refresh_token, :string, :limit => 32
+ end
+end
View
@@ -10,7 +10,7 @@
#
# It's strongly recommended to check this file into your version control system.
-ActiveRecord::Schema.define(:version => 20111109023618) do
+ActiveRecord::Schema.define(:version => 20111207233503) do
create_table "account_deletions", :force => true do |t|
t.string "diaspora_handle"
@@ -199,17 +199,17 @@
add_index "o_embed_caches", ["url"], :name => "index_o_embed_caches_on_url", :length => {"url"=>255}
create_table "oauth_access_tokens", :force => true do |t|
- t.integer "authorization_id", :null => false
- t.string "access_token", :limit => 32, :null => false
- t.string "refresh_token", :limit => 32
+ t.integer "authorization_id", :null => false
+ t.string "access_token", :limit => 127, :null => false
+ t.string "refresh_token", :limit => 127
t.datetime "expires_at"
t.datetime "created_at"
t.datetime "updated_at"
end
create_table "oauth_authorization_codes", :force => true do |t|
- t.integer "authorization_id", :null => false
- t.string "code", :limit => 32, :null => false
+ t.integer "authorization_id", :null => false
+ t.string "code", :limit => 127, :null => false
t.datetime "expires_at"
t.datetime "created_at"
t.datetime "updated_at"
@@ -231,11 +231,12 @@
t.text "description", :null => false
t.string "application_base_url", :limit => 127, :null => false
t.string "icon_url", :limit => 127, :null => false
- t.string "oauth_identifier", :limit => 32, :null => false
- t.string "oauth_secret", :limit => 32, :null => false
- t.string "nonce", :limit => 64
+ t.string "oauth_identifier", :limit => 127, :null => false
+ t.string "oauth_secret", :limit => 127, :null => false
+ t.string "nonce", :limit => 127
t.text "public_key", :null => false
t.text "permissions_overview", :null => false
+ t.string "oauth_redirect_uri"
end
add_index "oauth_clients", ["application_base_url"], :name => "index_oauth_clients_on_application_base_url", :unique => true
@@ -459,6 +460,8 @@
t.string "confirm_email_token", :limit => 30
t.datetime "locked_at"
t.boolean "show_community_spotlight_in_stream", :default => true, :null => false
+ t.boolean "auto_follow_back", :default => false
+ t.integer "auto_follow_back_aspect_id"
end
add_index "users", ["authentication_token"], :name => "index_users_on_authentication_token", :unique => true
View
@@ -87,7 +87,7 @@ def create_account(hash)
begin
@resource_response = user.access_token.token.get("/api/v0/me")
haml :response
- rescue OAuth2::AccessDenied
+ rescue OAuth2::Error
"Token invalid"
end
else

0 comments on commit 4dd55eb

Please sign in to comment.