update renren to Oauth 2.0

Gemfile.lock

@@ -1,13 +1,9 @@
 PATH
   remote: .
   specs:
-    omniauth_china (0.0.3)
-      multi_json (~> 0.0.2)
-      nokogiri (~> 1.4.2)
-      oa-core (~> 0.2.0.beta1)
-      oa-oauth (~> 0.2.0.beta1)
-      oauth (~> 0.4.0)
-      oauth2 (~> 0.1.0)
+    omniauth_china (0.0.6)
+      oa-core (~> 0.2.0)
+      oa-oauth (~> 0.2.0)
 
 GEM
   remote: http://rubygems.org/
@@ -145,12 +141,6 @@ DEPENDENCIES
   capybara (>= 0.4.0)
   json (~> 1.4.3)
   mg (~> 0.0.8)
-  multi_json (~> 0.0.2)
-  nokogiri (~> 1.4.2)
-  oa-core (~> 0.2.0.beta1)
-  oa-oauth (~> 0.2.0.beta1)
-  oauth (~> 0.4.0)
-  oauth2 (~> 0.1.0)
   omniauth_china!
   rack
   rack-test (~> 0.5.4)

README.markdown

@@ -22,22 +22,11 @@ OmniAuth currently supports the following external providers:
   * T163 (credit: [he9qi](http://github.com/he9qi))
   * Tsohu (credit: [he9qi](http://github.com/he9qi))
   * Tqq (credit: [he9qi](http://github.com/he9qi))
-* Renren (Renren Connect of renren.com) (credit: [taweili](http://github.com/taweili), [rainux](http://github.com/rainux))
+  * Renren (credit: [taweili](http://github.com/taweili), [rainux](http://github.com/rainux), [he9qi](http://github.com/he9qi))
 
-## 人人（[taweili](http://github.com/taweili), [rainux](http://github.com/rainux))
+## 人人（[taweili](http://github.com/taweili), [rainux](http://github.com/rainux), [he9qi](http://github.com/he9qi))
 
-Run the generator to generate `xd_receiver.html` and include helper into ApplicationHelper:
-
-    rails g omniauth_renren:install
-
-Place the Renren Connect button on any page by simply call `omniauth_renren_connect_button` and `omniauth_renren_javascript`:
-
-    <%= omniauth_renren_connect_button %>
-    <%= omniauth_renren_javascript %>
-
-Route `/auth/renren` to the page that contain Renren Connect button:
-
-    match '/auth/renren' => 'users#show'
+人人 uses Oauth 2.0 now, however, As of right now, 人人still needs session key to get more user information besides uid　[see here](http://wiki.dev.renren.com/wiki/%E8%8E%B7%E5%8F%96%E4%BA%BA%E4%BA%BA%E7%BD%91%E8%B5%84%E6%BA%90), so we still need `session.rb` and `service.rb` if we want more user information. Hopefully this will change soon in the future.
 
 ## Usage
 
@@ -69,7 +58,3 @@ The `user_info` hash will automatically be populated with as much information ab
 ## Contributors (thanks!)
   * [huacnlee](http://github.com/huacnlee)
 
-
-## TODO
-
-Write better tests!!

lib/omniauth_china/strategies/renren.rb

@@ -1,48 +1,79 @@
-require 'omniauth_china/oauth_china'
+require 'omniauth/oauth'
+require 'multi_json'
 
 module OmniAuth
   module Strategies
-    class Renren
-      include OmniAuth::Strategy
+
+    # Authenticate to Renren utilizing OAuth 2.0 and retrieve
+    # basic user information.
+    #
+    # @example Basic Usage
+    #   use OmniAuth::Strategies::Renren, 'client_id', 'client_secret'
+    class Renren < OAuth2
       autoload :Session, 'omniauth_china/strategies/renren/session'
       autoload :Service, 'omniauth_china/strategies/renren/service'
-      autoload :Helper,  'omniauth_china/strategies/renren/helper'
-
+
       class << self
-        def api_key
-          @@api_key
-        end
-
-        def secret_key
-          @@secret_key
-        end
+        def api_key; @@api_key; end
+        def secret_key; @@secret_key; end
       end
-
-      def initialize(app, api_key, secret_key, options = {})
-        @@api_key = api_key
-        @@secret_key = secret_key
-
-        super(app, :renren, options)
+
+      # @param [Rack Application] app standard middleware application parameter
+      # @param [String] client_id the application id as [registered on Renren](http://www.renren.com/developers/)
+      # @param [String] client_secret the application secret as registered on Renren
+      # @option options [String] :scope ('email') comma-separated extended permissions such as `email` and `manage_pages`
+      def initialize(app, client_id = nil, client_secret = nil, options = {}, &block)
+        @@api_key = client_id
+        @@secret_key = client_secret
+        super(app, :renren, client_id, client_secret, {:site => 'https://graph.renren.com/', :access_token_path => "/oauth/token"}, options, &block)
       end
-
+
+      def user_hash
+        @data ||= MultiJson.decode(@access_token.get('/renren_api/session_key', { :oauth_token => @access_token.token }, { "Accept-Language" => "zh;"}))
+        @renren_session ||= Renren::Session.new(@data)
+      end
+
       def request_phase
-        @response.finish
+        options[:scope] ||= "email"
+        options[:response_type] ||= "code"
+        super
       end
-
+
+      # need to have :grant_type=>"authorization_code" for renren to work
       def callback_phase
-        @renren_session = Renren::Session.new(request.cookies)
-        super
+        if request.params['error'] || request.params['error_reason']
+          raise CallbackError.new(request.params['error'], request.params['error_description'] || request.params['error_reason'], request.params['error_uri'])
+        end
+        verifier = request.params['code']
+        @access_token = client.web_server.get_access_token(verifier,  {:redirect_uri => callback_url, :grant_type=>"authorization_code" })
+        @env['omniauth.auth'] = auth_hash
+        call_app!
+      rescue ::OAuth2::HTTPError, ::OAuth2::AccessDenied, CallbackError => e
+        fail!(:invalid_credentials, e)
       end
-
+      
       def auth_hash
         OmniAuth::Utils.deep_merge(super, {
-          'uid' => @renren_session.uid,
-          'user_info' => @renren_session.user,
+          'uid' => user_hash.uid,
+          'user_info' => user_info,
           'extra' => {
-            'renren_session' => @renren_session
+            'user_hash' => user_hash.user
           }
         })
       end
+
+      def user_info
+        user_hash = self.user_hash.user
+        {
+          'username' => user_hash['name'],
+          'name' => user_hash['name'],
+          'image' => user_hash['tinyurl'],
+          'vip' => user_hash['vip'],
+          'headurl' => user_hash['headurl']
+        }
+      end
+
     end
+
   end
-end
+end

lib/omniauth_china/strategies/renren/session.rb

@@ -13,11 +13,10 @@ class OtherException < Exception; end
         attr_reader :expires
         attr_reader :uid
 
-        def initialize(cookies)
-          options = extract_renren_cookies(cookies)
-          @expires = options['expires'] ? Integer(options['expires']) : 0
-          @session_key = options['session_key']
-          @uid = options['user']
+        def initialize(user_hash)
+          @expires = user_hash['renren_token']['expires_in'] ? user_hash['renren_token']['expires_in'].to_i : 0
+          @session_key = user_hash['renren_token']['session_key']
+          @uid = user_hash['user']['id']
         end
 
         def user
@@ -65,26 +64,6 @@ def compute_sig(params)
         end
 
         private
-        def extract_renren_cookies(cookies)
-          parsed = {}
-          xn_cookie_names(cookies).each { |key| parsed[key[xn_cookie_prefix.size, key.size]] = cookies[key] }
-
-          # #returning gracefully if the cookies aren't set or have expired
-          # return unless parsed['session_key'] && parsed['user'] && parsed['expires'] && parsed['ss']
-          # # TODO: check expires, why it alway less than Time.now
-          # return unless (Time.at(parsed['expires'].to_s.to_f) > Time.now) || (parsed['expires'] == "0")
-          # #if we have the unexpired cookies, we'll throw an exception if the sig doesn't verify
-          verify_signature(parsed, cookies[Renren.api_key])
-          parsed
-        end
-
-        def xn_cookie_names(cookies)
-          xn_cookie_names = cookies.keys.select {|k| k && k.starts_with?(xn_cookie_prefix) }
-        end
-
-        def xn_cookie_prefix
-          Renren.api_key + '_'
-        end
 
         def verify_signature(renren_sig_params, expected_signature)
           self.class.send :verify_signature, renren_sig_params, expected_signature

lib/omniauth_china/version.rb

@@ -1,3 +1,3 @@
 module OmniauthChina
-  VERSION = "0.0.6"
+  VERSION = "0.0.7"
 end

spec/omniauth_china/strategies/renren_spec.rb

@@ -0,0 +1,5 @@
+require File.expand_path(File.dirname(__FILE__) + '/../../spec_helper')
+
+describe OmniAuth::Strategies::Renren do
+  it_should_behave_like "an oauth2 strategy"
+end