Permalink
Switch branches/tags
Nothing to show
Find file
Fetching contributors…
Cannot retrieve contributors at this time
77 lines (66 sloc) 2.52 KB
module AuthlogicConnect::Oauth::Process
include AuthlogicConnect::Oauth::Variables
# Step 2: after save is called, it runs this method for validation
def validate_by_oauth
if processing_authentication
authentication_protocol(:oauth, :start) || authentication_protocol(:oauth, :complete)
end
end
# Step 3: if new_oauth_request?, redirect to oauth provider
def start_oauth
save_oauth_session
authorize_url = token_class.authorize_url(auth_callback_url) do |request_token|
request_token.display = "popup"
save_auth_session_token(request_token) # only for oauth version 1
end
puts "4 AAAAAAAAAA ----------------- authorize_url #{authorize_url}"
auth_controller.redirect_to authorize_url
end
# Step 4: on callback, run this method
def complete_oauth
# implemented in User and Session Oauth modules
unless new_oauth_request? # shouldn't be validating if it's redirecting...
restore_attributes
complete_oauth_transaction
return true
end
return false
end
# Step 3a: save our passed-parameters into the session,
# so we can retrieve them after the redirect calls back
def save_oauth_session
# Store the class which is redirecting, so we can ensure other classes
# don't get confused and attempt to use the response
auth_session[:auth_request_class] = self.class.name
auth_session[:authentication_type] = auth_params[:authentication_type]
auth_session[:oauth_provider] = auth_params[:oauth_provider]
auth_session[:auth_method] = "oauth"
# Tell our rack callback filter what method the current request is using
auth_session[:auth_callback_method] = auth_controller.request.method
end
# Step 3b (if version 1.0 of oauth)
def save_auth_session_token(request)
# store token and secret
auth_session[:oauth_request_token] = request.token
auth_session[:oauth_request_token_secret] = request.secret
end
def restore_attributes
end
# Step last, after the response
# having lots of trouble testing logging and out multiple times,
# so there needs to be a solid way to know when a user has messed up loggin in.
def cleanup_oauth_session
[:auth_request_class,
:authentication_type,
:auth_method,
:auth_attributes,
:oauth_provider,
:auth_callback_method,
:oauth_request_token,
:oauth_request_token_secret,
:_key,
:_token,
:_secret,
].each {|key| remove_session_key(key)}
end
end