Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Middleware for catching OAuth2 access tokens in Rack apps
Ruby
Tag: v0.0.1

Fetching latest commit…

Cannot retrieve the latest commit at this time

Failed to load latest commit information.
lib
test
.gitignore
Gemfile
README.mkd
Rakefile
rack-oauth2_utils.gemspec

README.mkd

Rack OAuth Utils

Simple Rack middleware that catches OAuth2 access tokens and validates identity

This gem only covers the simple use of "using a token". You must implement the authorization and "getting a token" part in your app.

USAGE

class API < Sinatra::Base
  use Rack::OAuth2Utils::Middleware, :store => SomeKeyValueStore

  helpers do

    def authorized?
      !!identity
    end

    def identity
     requets.env['oauth.identity']
    end

    def current_account
     Account.find(identity) if authorized?
    end

  end

  get '/private' do
    if authorized?
      content_type 'application/json'
      current_account.to_json
    else
      halt 403, 'Access forbidden'
    end
  end

end

:store is anything that responds to [], []= and delete. Can be Redis, PStore, some ORM wrapper, etc.

Store is expected to store access_tokens mapped to some identity string (for example account IDs).

There is a test store based on PStore (filesystem. Do no use in production):

store = Rack::OAuth2Utils::TestStore.new('tmp/access_tokens.store')

store['some_access_token'] = 'some_account_id'

It is up to you how you store tokens and identities.

See test/middlewate_test.rb for details

Something went wrong with that request. Please try again.