An OAuth2 Provider for rack based apps
Ruby
Latest commit 540b8ef Apr 28, 2012 @tomafro tomafro Merge pull request #39 from socialcast/quiet-mongo-log-in-tests
Set Mongoid logging level to INFO
Permalink
Failed to load latest commit information.
examples
lib Switch to new ActiveRecord table name setting syntax to get rid of th… Apr 27, 2012
spec Removed extra comma Apr 27, 2012
.gitignore gemfile.lock removed May 12, 2011
.travis.yml
Gemfile Basic OAuth2 provider code, extracted from the hashblue.com site Nov 22, 2010
LICENSE
README.md Add client_credentials grant type Jan 9, 2012
Rakefile
oauth2-provider.gemspec

README.md

oauth2-provider

Simple OAuth2 provider code extracted from hashblue.com

Details

  • Implements draft 11 of the oauth2 spec
  • Handles the authorization_code, password, and client_credential grant types
  • Supports ActiveRecord and Mongoid

Usage Instructions

In your Gemfile:

gem 'oauth2-provider', :git => 'git@github.com:freerange/oauth2-provider.git'

If you're using ActiveRecord, grab the schema out of spec/schema.rb, and run the migration.

To dish out authorization codes you will need to implement something like this:

class AuthorizationController < ApplicationController
  include OAuth2::Provider::Rack::AuthorizationCodesSupport

  before_filter :authenticate_user!
  before_filter :block_invalid_authorization_code_requests

  def new
    @client = oauth2_authorization_request.client
  end

  def create
    if params[:yes].present?
      grant_authorization_code(current_user)
    else
      deny_authorization_code
    end
  end

end

And add a couple of routes:

match "/oauth/authorize", :via => :get, :to => "authorization#new"
match "/oauth/authorize", :via => :post, :to => "authorization#create"

oauth2-provider will handle requests to /oauth/access_token to handle conversion of authorization codes to access tokens.