Permalink
Browse files

Make the Oauth Provider a Sintra Rack Middleware app.

  • Loading branch information...
1 parent 16f27ca commit 5d842cefe1bf3637bffa3b30fe9d6ca653108125 @eddanger committed Jan 29, 2009
View
@@ -0,0 +1,111 @@
+require 'sinatra/base'
+require 'oauth/request_proxy/rack_request'
+require File.dirname(__FILE__) + '/oauth_provider/lib/oauth_provider'
+
+class RackOAuthProvider < Sinatra::Base
+
+ def initialize(app, paths)
+ @paths = paths
+ @app = app
+ end
+
+ set :root, File.dirname(__FILE__)
+ set :views, File.dirname(__FILE__) + '/rack_oauth_provider'
+
+ provider = OAuthProvider::create(:sqlite3, 'provider.sqlite3')
+ #provider = OAuthProvider::create(:data_mapper, 'provider.sqlite3')
+
+ mime :json, "application/json"
+
+ # http://blog.joncrosby.me/post/72451217/a-world-of-middleware
+ # this hackeration is required for sinatra to be a nice rack citizen
+ error 404 do
+ @app.call(env)
+ end
+
+ before do
+ # check protected path agaist request path
+ # see if we should proceed with oauth access confirmation...
+ path = @request.path_info
+
+ @paths.each do |protected_oauth_path,protected_oauth_method|
+ if protected_oauth_path.match(path)
+
+ if protected_oauth_method.include?(@request.request_method.to_s.downcase.to_sym)
+ warn path + " was matched to " + @request.request_method.to_s + " " + protected_oauth_path.to_s
+
+ oauth_confirm_access(provider)
+ end
+ end
+ end
+ end
+
+ # OAuth routes
+ get "/oauth/request_token" do
+ provider.issue_request(request).query_string
+ end
+
+ get "/oauth/access_token" do
+ if access_token = provider.upgrade_request(request)
+ access_token.query_string
+ else
+ raise Sinatra::NotFound, "No such request token"
+ end
+ end
+
+ # Authorize endpoints
+ get "/oauth/authorize" do
+ if @request_token = provider.backend.find_user_request(params[:oauth_token])
+ erb :authorize
+ else
+ raise Sinatra::NotFound, "No such request token"
+ end
+ end
+
+ post "/oauth/authorize" do
+ if request_token = provider.backend.find_user_request(params[:oauth_token])
+ if request_token.authorize
+ redirect request_token.callback
+ else
+ raise "Could not authorize"
+ end
+ else
+ raise Sinatra::NotFound, "No such request token"
+ end
+ end
+
+ get "/oauth/applications" do
+ @consumers = provider.consumers
+ erb :applications
+ end
+
+ post '/oauth/applications' do
+ begin
+ @consumer = provider.add_consumer(params[:application_callback])
+
+ #redirect "/oauth/applications"
+ @consumer_key = @consumer.token.shared_key
+ @consumer_secret = @consumer.token.secret_key
+
+ rescue Exception
+ @error = "Failed to create a token!"
+ end
+
+ @consumers = provider.consumers
+
+ erb :applications
+ end
+
+ private
+
+ def oauth_confirm_access(provider)
+ begin
+ access = provider.confirm_access(@request)
+ rescue Exception
+ halt "No access! Please verify your OAuth access token and secret."
+ end
+ end
+
+
+end
+
@@ -0,0 +1,53 @@
+<% if @error %>
+ <div style="background-color: #fee; padding: 20px; margin-bottom: 10px;">
+ <h2>Oops!</h2>
+
+ <p><%= @error %></p>
+ </div>
+<% end %>
+
+<% if @consumer_key and @consumer_secret %>
+ <div style="background-color: #efe; padding: 20px; margin-bottom: 10px;">
+ <h2>Application created!</h2>
+
+ <h3>Save this information!</h3>
+
+ <b>Consumer Key:</b>
+ <%= @consumer_key %>
+ <br/>
+
+ <b>Consumer Secret:</b>
+ <%= @consumer_secret %>
+ </div>
+<% end %>
+
+
+<h2>My Applications</h2>
+
+<% if !@consumers.empty? %>
+ <% @consumers.each do |consumer| %>
+ <div style="background-color: #eef; padding: 20px; margin-bottom: 10px;">
+ <b><%= consumer.callback %></b>
+ <p>
+ <b>Consumer Key:</b> <%= consumer.token.shared_key %>
+ <br/>
+ <b>Consumer Secret:</b> <%= consumer.token.secret_key %>
+ </p>
+ </div>
+ <% end %>
+<% else %>
+ You don't have any applications... yet.
+<% end %>
+
+<h3>Create New Application</h3>
+
+<div class="app">
+ <form action="/oauth/applications" method="POST">
+ <div>
+ Application Callback:
+ <br/>
+ <input type="text" name="application_callback" id="application_callback" rows="20" />
+ </div>
+ <input type="submit" value="Create Application"/>
+ </form>
+</div>
@@ -0,0 +1,10 @@
+<h2>You are about to authorize (<%= @request_token.consumer.callback %>)</h2>
+<form action="/oauth/authorize" method="post">
+ <p>
+ <input id="oauth_token" name="oauth_token" type="hidden" value="<%= @request_token.shared_key %>" />
+ </p>
+
+ <p>
+ <input name="commit" type="submit" value="Authorize" />
+ </p>
+</form>
@@ -0,0 +1,53 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+ <title>Sinatra OAuth API Test!</title>
+ <style>
+ html {
+ background-color: #eee;
+ font-family: Arial, sans-serif;
+ }
+ h1 {
+ margin-top:0;
+ }
+ input[type="text"],textarea
+ {
+ font-size:16px;
+ width: 100%;
+ }
+ input[type="submit"] {
+ margin-top: 20px;
+ background-color: #efe;
+ border: 1px solid #ccc;
+ padding: 10px;
+ font-weight: bold;
+ font-size: 16px;
+ cursor: pointer
+ }
+ #content {
+ width: 600px;
+ margin: 100px auto;
+ background-color: #fff;
+ border: 1px solid #ccc;
+ padding: 20px;
+ }
+ #navigation {
+ background-color: #eee;
+ padding: 20px;
+ margin-bottom: 20px;
+
+ }
+ </style>
+</head>
+<body>
+ <div id="content">
+ <h1>Sinatra OAuth API Rack Middleware</h1>
+
+ <div id="navigation">
+ <a href="/">Home</a> | <a href="/messages">Messages</a> | <a href="/oauth/applications">OAuth Applications</a>
+ </div>
+
+ <%= yield %>
+ </div>
+</body>
+</html>

0 comments on commit 5d842ce

Please sign in to comment.