Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

authlogic refactored to use passport

  • Loading branch information...
commit b0c03f99f857fc08786eb7237e7177dbc3ff96c3 1 parent d2c057d
Lance Pollard authored
Showing with 309 additions and 1,770 deletions.
  1. +7 −2 .gitignore
  2. 0  CHANGELOG.markdown
  3. +0 −9 Gemfile
  4. +15 −41 Manifest
  5. +2 −1  Rakefile
  6. +1 −1  VERSION
  7. +55 −0 authlogic-connect.gemspec
  8. +0 −9 generators/authlogic_connect_migration/authlogic_connect_migration.rb
  9. +0 −16 generators/authlogic_connect_migration/templates/create_sessions.rb
  10. +0 −18 generators/authlogic_connect_migration/templates/create_tokens.rb
  11. +0 −30 generators/authlogic_connect_migration/templates/create_users.rb
  12. +3 −32 lib/authlogic-connect.rb
  13. +0 −61 lib/authlogic_connect/access_token.rb
  14. +0 −46 lib/authlogic_connect/authlogic_connect.rb
  15. +0 −19 lib/authlogic_connect/callback_filter.rb
  16. +0 −10 lib/authlogic_connect/common.rb
  17. +0 −30 lib/authlogic_connect/common/session.rb
  18. +0 −45 lib/authlogic_connect/common/state.rb
  19. +0 −77 lib/authlogic_connect/common/user.rb
  20. +0 −124 lib/authlogic_connect/common/variables.rb
  21. +0 −14 lib/authlogic_connect/engine.rb
  22. +0 −56 lib/authlogic_connect/ext.rb
  23. +4 −0 lib/authlogic_connect/mixins.rb
  24. +42 −0 lib/authlogic_connect/mixins/session.rb
  25. +68 −0 lib/authlogic_connect/mixins/user.rb
  26. +2 −11 lib/authlogic_connect/oauth.rb
  27. +0 −20 lib/authlogic_connect/oauth/helper.rb
  28. +0 −75 lib/authlogic_connect/oauth/process.rb
  29. +18 −54 lib/authlogic_connect/oauth/session.rb
  30. +0 −60 lib/authlogic_connect/oauth/state.rb
  31. +0 −2  lib/authlogic_connect/oauth/tokens/aol_token.rb
  32. +0 −11 lib/authlogic_connect/oauth/tokens/facebook_token.rb
  33. +0 −15 lib/authlogic_connect/oauth/tokens/foursquare_token.rb
  34. +0 −9 lib/authlogic_connect/oauth/tokens/get_satisfaction_token.rb
  35. +0 −14 lib/authlogic_connect/oauth/tokens/github_token.rb
  36. +0 −41 lib/authlogic_connect/oauth/tokens/google_token.rb
  37. +0 −19 lib/authlogic_connect/oauth/tokens/linked_in_token.rb
  38. +0 −12 lib/authlogic_connect/oauth/tokens/meetup_token.rb
  39. +0 −26 lib/authlogic_connect/oauth/tokens/myspace_token.rb
  40. +0 −10 lib/authlogic_connect/oauth/tokens/netflix_token.rb
  41. +0 −164 lib/authlogic_connect/oauth/tokens/oauth_token.rb
  42. +0 −9 lib/authlogic_connect/oauth/tokens/ohloh_token.rb
  43. 0  lib/authlogic_connect/oauth/tokens/opensocial_token.rb
  44. +0 −8 lib/authlogic_connect/oauth/tokens/twitter_token.rb
  45. +0 −18 lib/authlogic_connect/oauth/tokens/vimeo_token.rb
  46. +0 −19 lib/authlogic_connect/oauth/tokens/yahoo_token.rb
  47. +19 −55 lib/authlogic_connect/oauth/user.rb
  48. +0 −64 lib/authlogic_connect/oauth/variables.rb
  49. +3 −10 lib/authlogic_connect/openid.rb
  50. +0 −74 lib/authlogic_connect/openid/process.rb
  51. +35 −42 lib/authlogic_connect/openid/session.rb
  52. +0 −48 lib/authlogic_connect/openid/state.rb
  53. 0  lib/authlogic_connect/openid/tokens/aol_token.rb
  54. 0  lib/authlogic_connect/openid/tokens/blogger_token.rb
  55. 0  lib/authlogic_connect/openid/tokens/flickr_token.rb
  56. +0 −3  lib/authlogic_connect/openid/tokens/my_openid_token.rb
  57. +28 −29 lib/authlogic_connect/openid/user.rb
  58. +0 −19 lib/authlogic_connect/openid/variables.rb
  59. +0 −19 lib/authlogic_connect/rack_state.rb
  60. +0 −127 lib/open_id_authentication.rb
  61. +2 −34 test/test_helper.rb
  62. +5 −3 test/test_oauth.rb
  63. +0 −5 test/test_user.rb
9 .gitignore
View
@@ -1,10 +1,15 @@
.DS_Store
+pkg
+pkg/*
pkg/**/*
doc/**/*
*.tgz
*.gem
*.result
*.yml
-test/config.yml
-*.gemspec
+test/config
+test/config/*
+test/config/**/*
+*/*.gemspec
+*/**/*.gemspec
*~
0  CHANGELOG.markdown
View
No changes.
9 Gemfile
View
@@ -1,9 +0,0 @@
-source 'http://rubygems.org'
-
-gem 'rails', '3.0.0.beta3'
-
-gem "ruby-openid"
-gem 'rack-openid', '>=0.2.1', :require => 'rack/openid'
-gem "authlogic", :git => "git://github.com/odorcicd/authlogic.git", :branch => "rails3"
-gem "oauth"
-gem "oauth2"
56 Manifest
View
@@ -2,57 +2,31 @@ README.markdown
Rakefile
init.rb
MIT-LICENSE
+VERSION
lib/authlogic-connect.rb
lib/authlogic_connect
-lib/authlogic_connect/access_token.rb
-lib/authlogic_connect/authlogic_connect.rb
-lib/authlogic_connect/callback_filter.rb
-lib/authlogic_connect/common
-lib/authlogic_connect/common/session.rb
-lib/authlogic_connect/common/state.rb
-lib/authlogic_connect/common/user.rb
-lib/authlogic_connect/common/variables.rb
-lib/authlogic_connect/common.rb
-lib/authlogic_connect/engine.rb
-lib/authlogic_connect/ext.rb
+lib/authlogic_connect/mixins
+lib/authlogic_connect/mixins/session.rb
+lib/authlogic_connect/mixins/user.rb
+lib/authlogic_connect/mixins.rb
lib/authlogic_connect/oauth
-lib/authlogic_connect/oauth/helper.rb
-lib/authlogic_connect/oauth/process.rb
lib/authlogic_connect/oauth/session.rb
-lib/authlogic_connect/oauth/state.rb
-lib/authlogic_connect/oauth/tokens
-lib/authlogic_connect/oauth/tokens/aol_token.rb
-lib/authlogic_connect/oauth/tokens/facebook_token.rb
-lib/authlogic_connect/oauth/tokens/foursquare_token.rb
-lib/authlogic_connect/oauth/tokens/get_satisfaction_token.rb
-lib/authlogic_connect/oauth/tokens/github_token.rb
-lib/authlogic_connect/oauth/tokens/google_token.rb
-lib/authlogic_connect/oauth/tokens/linked_in_token.rb
-lib/authlogic_connect/oauth/tokens/meetup_token.rb
-lib/authlogic_connect/oauth/tokens/myspace_token.rb
-lib/authlogic_connect/oauth/tokens/netflix_token.rb
-lib/authlogic_connect/oauth/tokens/oauth_token.rb
-lib/authlogic_connect/oauth/tokens/ohloh_token.rb
-lib/authlogic_connect/oauth/tokens/opensocial_token.rb
-lib/authlogic_connect/oauth/tokens/twitter_token.rb
-lib/authlogic_connect/oauth/tokens/vimeo_token.rb
-lib/authlogic_connect/oauth/tokens/yahoo_token.rb
lib/authlogic_connect/oauth/user.rb
-lib/authlogic_connect/oauth/variables.rb
lib/authlogic_connect/oauth.rb
lib/authlogic_connect/openid
-lib/authlogic_connect/openid/process.rb
lib/authlogic_connect/openid/session.rb
-lib/authlogic_connect/openid/state.rb
lib/authlogic_connect/openid/tokens
-lib/authlogic_connect/openid/tokens/aol_token.rb
-lib/authlogic_connect/openid/tokens/blogger_token.rb
-lib/authlogic_connect/openid/tokens/flickr_token.rb
-lib/authlogic_connect/openid/tokens/my_openid_token.rb
lib/authlogic_connect/openid/tokens/openid_token.rb
lib/authlogic_connect/openid/user.rb
-lib/authlogic_connect/openid/variables.rb
lib/authlogic_connect/openid.rb
-lib/authlogic_connect/rack_state.rb
-lib/open_id_authentication.rb
rails/init.rb
+test/config
+test/config/tokens.yml
+test/libs
+test/libs/database.rb
+test/libs/user.rb
+test/libs/user_session.rb
+test/test_helper.rb
+test/test_oauth.rb
+test/test_openid.rb
+test/test_user.rb
3  Rakefile
View
@@ -14,7 +14,7 @@ spec = Gem::Specification.new do |s|
s.homepage = "http://github.com/viatropos/authlogic-connect"
s.has_rdoc = true
s.rubyforge_project = "authlogic-connect"
- s.files = %w(README.markdown Rakefile init.rb MIT-LICENSE VERSION) + Dir["{lib,rails}/**/*"] - Dir["test/tmp"]
+ s.files = %w(README.markdown Rakefile init.rb MIT-LICENSE VERSION) + Dir["{lib,rails,test}/**/*"] - Dir["test/tmp"]
s.require_path = "lib"
s.add_dependency("activesupport", ">= 2.1.2")
s.add_dependency("activerecord", ">= 2.1.2")
@@ -24,6 +24,7 @@ spec = Gem::Specification.new do |s|
s.add_dependency("oauth")
s.add_dependency("oauth2")
s.add_dependency("authlogic")
+ s.add_dependency("passport")
end
desc "Create .gemspec file (useful for github)"
2  VERSION
View
@@ -1 +1 @@
-0.0.6
+0.1.0
55 authlogic-connect.gemspec
View
@@ -0,0 +1,55 @@
+# -*- encoding: utf-8 -*-
+
+Gem::Specification.new do |s|
+ s.name = %q{authlogic-connect}
+ s.version = "0.1.0"
+
+ s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
+ s.authors = ["Lance Pollard"]
+ s.date = %q{2010-08-16}
+ s.description = %q{Ruby Oauth and OpenID library that abstracts away all the complexities of connecting to multiple accounts.}
+ s.email = ["lancejpollard@gmail.com"]
+ s.files = ["README.markdown", "Rakefile", "init.rb", "MIT-LICENSE", "VERSION", "lib/authlogic-connect.rb", "lib/authlogic_connect", "lib/authlogic_connect/mixins", "lib/authlogic_connect/mixins/session.rb", "lib/authlogic_connect/mixins/user.rb", "lib/authlogic_connect/mixins.rb", "lib/authlogic_connect/oauth", "lib/authlogic_connect/oauth/session.rb", "lib/authlogic_connect/oauth/user.rb", "lib/authlogic_connect/oauth.rb", "lib/authlogic_connect/openid", "lib/authlogic_connect/openid/session.rb", "lib/authlogic_connect/openid/tokens", "lib/authlogic_connect/openid/tokens/openid_token.rb", "lib/authlogic_connect/openid/user.rb", "lib/authlogic_connect/openid.rb", "rails/init.rb", "test/config", "test/config/tokens.yml", "test/libs", "test/libs/database.rb", "test/libs/user.rb", "test/libs/user_session.rb", "test/test_helper.rb", "test/test_oauth.rb", "test/test_openid.rb", "test/test_user.rb"]
+ s.homepage = %q{http://github.com/viatropos/authlogic-connect}
+ s.require_paths = ["lib"]
+ s.rubyforge_project = %q{authlogic-connect}
+ s.rubygems_version = %q{1.3.7}
+ s.summary = %q{Oauth and OpenID made dead simple}
+
+ if s.respond_to? :specification_version then
+ current_version = Gem::Specification::CURRENT_SPECIFICATION_VERSION
+ s.specification_version = 3
+
+ if Gem::Version.new(Gem::VERSION) >= Gem::Version.new('1.2.0') then
+ s.add_runtime_dependency(%q<activesupport>, [">= 2.1.2"])
+ s.add_runtime_dependency(%q<activerecord>, [">= 2.1.2"])
+ s.add_runtime_dependency(%q<json>, [">= 0"])
+ s.add_runtime_dependency(%q<ruby-openid>, [">= 0"])
+ s.add_runtime_dependency(%q<rack-openid>, [">= 0.2.1"])
+ s.add_runtime_dependency(%q<oauth>, [">= 0"])
+ s.add_runtime_dependency(%q<oauth2>, [">= 0"])
+ s.add_runtime_dependency(%q<authlogic>, [">= 0"])
+ s.add_runtime_dependency(%q<passport>, [">= 0"])
+ else
+ s.add_dependency(%q<activesupport>, [">= 2.1.2"])
+ s.add_dependency(%q<activerecord>, [">= 2.1.2"])
+ s.add_dependency(%q<json>, [">= 0"])
+ s.add_dependency(%q<ruby-openid>, [">= 0"])
+ s.add_dependency(%q<rack-openid>, [">= 0.2.1"])
+ s.add_dependency(%q<oauth>, [">= 0"])
+ s.add_dependency(%q<oauth2>, [">= 0"])
+ s.add_dependency(%q<authlogic>, [">= 0"])
+ s.add_dependency(%q<passport>, [">= 0"])
+ end
+ else
+ s.add_dependency(%q<activesupport>, [">= 2.1.2"])
+ s.add_dependency(%q<activerecord>, [">= 2.1.2"])
+ s.add_dependency(%q<json>, [">= 0"])
+ s.add_dependency(%q<ruby-openid>, [">= 0"])
+ s.add_dependency(%q<rack-openid>, [">= 0.2.1"])
+ s.add_dependency(%q<oauth>, [">= 0"])
+ s.add_dependency(%q<oauth2>, [">= 0"])
+ s.add_dependency(%q<authlogic>, [">= 0"])
+ s.add_dependency(%q<passport>, [">= 0"])
+ end
+end
9 generators/authlogic_connect_migration/authlogic_connect_migration.rb
View
@@ -1,9 +0,0 @@
-class AuthlogicConnectMigrationGenerator < Rails::Generator::Base
- def manifest
- record do |m|
- m.migration_template 'migration.rb', 'db/create_users', :migration_file_name => "create_users"
- m.migration_template 'migration.rb', 'db/create_sessions', :migration_file_name => "create_sessions"
- m.migration_template 'migration.rb', 'db/create_tokens', :migration_file_name => "create_tokens"
- end
- end
-end
16 generators/authlogic_connect_migration/templates/create_sessions.rb
View
@@ -1,16 +0,0 @@
-class CreateSessions < ActiveRecord::Migration
- def self.up
- create_table :sessions do |t|
- t.string :session_id, :null => false
- t.text :data
- t.timestamps
- end
-
- add_index :sessions, :session_id
- add_index :sessions, :updated_at
- end
-
- def self.down
- drop_table :sessions
- end
-end
18 generators/authlogic_connect_migration/templates/create_tokens.rb
View
@@ -1,18 +0,0 @@
-class CreateTokens < ActiveRecord::Migration
- def self.up
- create_table :tokens do |t|
- t.integer :user_id
- t.string :type, :limit => 30
- t.string :key, :limit => 1024 # This has to be huge because of Yahoo's excessively large tokens
- t.string :secret
- t.boolean :active # whether or not it's associated with the account
- t.timestamps
- end
-
- add_index :tokens, :key, :unique
- end
-
- def self.down
- drop_table :tokens
- end
-end
30 generators/authlogic_connect_migration/templates/create_users.rb
View
@@ -1,30 +0,0 @@
-class CreateUsers < ActiveRecord::Migration
- def self.up
- create_table :users do |t|
- # authlogic
- t.timestamps
- t.string :login, :null => false
- t.string :crypted_password, :null => false
- t.string :password_salt, :null => false
- t.string :persistence_token, :null => false
- t.integer :login_count, :default => 0, :null => false
- t.datetime :last_request_at
- t.datetime :last_login_at
- t.datetime :current_login_at
- t.string :last_login_ip
- t.string :current_login_ip
- # authlogic-connect
- t.string :openid_identifier # should be a token, later...
- t.integer :active_token_id
- end
-
- add_index :users, :login
- add_index :users, :persistence_token
- add_index :users, :last_request_at
- add_index :users, :active_token_id
- end
-
- def self.down
- drop_table :users
- end
-end
35 lib/authlogic-connect.rb
View
@@ -1,39 +1,10 @@
+require 'rubygems'
require 'active_record'
-require "rubygems"
require 'authlogic'
-require 'oauth'
-require 'oauth2'
+require 'passport'
this = File.dirname(__FILE__)
library = "#{this}/authlogic_connect"
-
-require "#{this}/open_id_authentication"
-require "#{library}/ext"
-require "#{library}/authlogic_connect"
-require "#{library}/callback_filter"
-require "#{library}/access_token"
require "#{library}/openid"
require "#{library}/oauth"
-require "#{library}/common"
-require "#{library}/engine" if defined?(Rails) && Rails::VERSION::MAJOR == 3
-
-custom_models = ["#{library}/access_token"]
-custom_models += Dir["#{library}/oauth/tokens"]
-custom_models += Dir["#{library}/openid/tokens"]
-
-# Rails 3/2 config
-load_path_method = ActiveSupport::Dependencies.respond_to?(:autoload_paths) ? :autoload_paths : :load_paths
-
-custom_models.each do |path|
- $LOAD_PATH << path
- ActiveSupport::Dependencies.send(load_path_method) << path
-end
-
-# Rails 3beta4 backport
-if defined?(ActiveSupport::HashWithIndifferentAccess)
- ActiveSupport::HashWithIndifferentAccess.class_eval do
- def symbolize_keys!
- symbolize_keys
- end
- end
-end
+require "#{library}/mixins"
61 lib/authlogic_connect/access_token.rb
View
@@ -1,61 +0,0 @@
-class AccessToken < ActiveRecord::Base
- belongs_to :user
-
- def client
- self.class.client
- end
-
- def consumer
- self.class.consumer
- end
-
- def service_name
- self.class.service_name
- end
-
- def settings
- self.class.settings
- end
-
- def config
- self.class.config
- end
-
- def get(path)
-
- end
-
- class << self
- def service_name
- @service_name ||= self.to_s.underscore.scan(/^(.*?)(_token)?$/)[0][0].to_sym
- end
-
- def client
- raise "implement client in subclass"
- end
-
- def consumer
- raise "implement consumer in subclass"
- end
-
- def settings(site, hash = {})
- @settings = hash.merge(:site => site)
- end
-
- def config
- @settings ||= {}
- @settings.dup
- end
-
- def api_version(value = nil)
- config[:api]
- end
-
- protected
-
- def credentials
- @credentials ||= AuthlogicConnect.credentials(service_name)
- end
- end
-
-end
46 lib/authlogic_connect/authlogic_connect.rb
View
@@ -1,46 +0,0 @@
-module AuthlogicConnect
- KEY = "connect" unless defined?(KEY)
- OAUTH = "oauth" unless defined?(OAUTH)
- OPEN_ID = "open_id" unless defined?(OPEN_ID)
-
- class << self
-
- attr_accessor :config
-
- def config=(value)
- value.recursively_symbolize_keys!
- @config = value
- end
-
- def key(path)
- result = self.config
- path.to_s.split(".").each { |node| result = result[node.to_sym] if result }
- result
- end
-
- def credentials(service)
- key("#{KEY}.#{service.to_s}")
- end
-
- def services
- key(KEY)
- end
-
- def service_names
- services.keys.collect(&:to_s)
- end
-
- def include?(service)
- !credentials(service).nil?
- end
-
- def token(key)
- raise "can't find key '#{key.to_s}' in AuthlogicConnect.config" unless AuthlogicConnect.include?(key) and !key.to_s.empty?
- "#{key.to_s.camelcase}Token".constantize
- end
-
- def consumer(key)
- token(key).consumer
- end
- end
-end
19 lib/authlogic_connect/callback_filter.rb
View
@@ -1,19 +0,0 @@
-class AuthlogicConnect::CallbackFilter
- def initialize(app)
- @app = app
- end
-
- # this intercepts how the browser interprets the url.
- # so we override it and say,
- # "if we've stored a variable in the session called :auth_callback_method,
- # then convert that into a POST call so we re-call the original method"
- def call(env)
- if env["rack.session"].nil?
- raise "Make sure you are setting the session in Rack too! Place this in config/application.rb"
- end
- unless env["rack.session"][:auth_callback_method].blank?
- env["REQUEST_METHOD"] = env["rack.session"].delete(:auth_callback_method).to_s.upcase
- end
- @app.call(env)
- end
-end
10 lib/authlogic_connect/common.rb
View
@@ -1,10 +0,0 @@
-module AuthlogicConnect::Common
-end
-
-require File.dirname(__FILE__) + "/common/state"
-require File.dirname(__FILE__) + "/common/variables"
-require File.dirname(__FILE__) + "/common/user"
-require File.dirname(__FILE__) + "/common/session"
-
-ActiveRecord::Base.send(:include, AuthlogicConnect::Common::User)
-Authlogic::Session::Base.send(:include, AuthlogicConnect::Common::Session)
30 lib/authlogic_connect/common/session.rb
View
@@ -1,30 +0,0 @@
-module AuthlogicConnect::Common
- module Session
-
- def self.included(base)
- base.class_eval do
- include Variables
- include InstanceMethods
- end
- end
-
- module InstanceMethods
-
- # core save method coordinating how to save the session.
- # want to destroy the block if we redirect to a remote service, that's it.
- # otherwise the block contains the render methods we wan to use
- def save(&block)
- self.errors.clear
- # log_state
- authenticate_via_protocol(block_given?) do |redirecting|
- block = nil if redirecting
- result = super(&block)
- cleanup_authentication_session unless block.nil?
- result
- end
- end
-
- end
-
- end
-end
45 lib/authlogic_connect/common/state.rb
View
@@ -1,45 +0,0 @@
-# This class holds query/state variables common to oauth and openid
-module AuthlogicConnect::Common::State
-
- def auth_controller?
- !auth_controller.blank?
- end
-
- def auth_params?
- auth_controller? && !auth_params.blank?
- end
-
- def auth_session?
- !auth_session.blank?
- end
-
- def is_auth_session?
- self.is_a?(Authlogic::Session::Base)
- end
-
- def start_authentication?
- start_oauth? || start_openid?
- end
-
- def validate_password_with_oauth?
- !using_openid? && super
- end
-
- def validate_password_with_openid?
- !using_oauth? && super
- end
-
- # because user and session are so closely tied together, I am still
- # uncertain as to how they are saved. So this makes sure if we are
- # logging in, it must be saving the session, otherwise the user.
- def correct_request_class?
- return false unless auth_params?
-
- if is_auth_session?
- auth_type.to_s == "session"
- else
- auth_type.to_s == "user"
- end
- end
-
-end
77 lib/authlogic_connect/common/user.rb
View
@@ -1,77 +0,0 @@
-# This class is the main api for the user.
-# It is also required to properly sequence the save methods
-# for the different authentication types (oauth and openid)
-module AuthlogicConnect::Common::User
-
- def self.included(base)
- base.class_eval do
- add_acts_as_authentic_module(InstanceMethods, :append)
- add_acts_as_authentic_module(AuthlogicConnect::Common::Variables, :prepend)
- end
- end
-
- module InstanceMethods
-
- def self.included(base)
- base.class_eval do
- has_many :access_tokens, :class_name => "AccessToken", :dependent => :destroy
- belongs_to :active_token, :class_name => "AccessToken", :dependent => :destroy
- accepts_nested_attributes_for :access_tokens, :active_token
- end
- end
-
- def authenticated_with
- @authenticated_with ||= self.access_tokens.collect{|t| t.service_name.to_s}
- end
-
- def authenticated_with?(service)
- self.access_tokens.detect{|t| t.service_name.to_s == service.to_s}
- end
-
- def update_attributes(attributes, &block)
- self.attributes = attributes
- save(:validate => true, &block)
- end
-
- def has_token?(service_name)
- !get_token(service_name).nil?
- end
-
- def get_token(service_name)
- self.access_tokens.detect {|i| i.service_name.to_s == service_name.to_s}
- end
-
- # core save method coordinating how to save the user.
- # we dont' want to ru validations based on the
- # authentication mission we are trying to accomplish.
- # instead, we just return save as false.
- # the next time around, when we recieve the callback,
- # we will run the validations.
- # when you call 'current_user_session' in ApplicationController,
- # it leads to calling 'save' on this User object via "session.record.save",
- # from the 'persisting?' method. So we don't want any of this to occur
- # when that save is called, and the only way to check currently is
- # to check if there is a block_given?
- def save(options = {}, &block)
- self.errors.clear
- # log_state
- options = {} if options == false
- options[:validate] = true unless options.has_key?(:validate)
- save_options = ActiveRecord::VERSION::MAJOR < 3 ? options[:validate] : options
-
- # kill the block if we're starting authentication
- authenticate_via_protocol(block_given?, options) do |start_authentication|
- block = nil if start_authentication # redirecting
- # forces you to validate, only if a block is given
- result = super(save_options) # validate!
- unless block.nil?
- cleanup_authentication_session(options)
- yield(result)
- end
- result
- end
- end
-
- end
-
-end
124 lib/authlogic_connect/common/variables.rb
View
@@ -1,124 +0,0 @@
-module AuthlogicConnect::Common::Variables
- include AuthlogicConnect::Common::State
-
- attr_reader :processing_authentication
-
- def auth_class
- is_auth_session? ? self.class : session_class
- end
-
- def auth_controller
- is_auth_session? ? controller : session_class.controller
- end
-
- def auth_params
- return nil unless auth_controller?
- auth_controller.params.symbolize_keys!
- auth_controller.params.keys.each do |key|
- auth_controller.params[key.to_s] = auth_controller.params.delete(key) if key.to_s =~ /^OpenID/
- end
- auth_controller.params
- end
-
- def auth_session
- return nil unless auth_controller?
- auth_controller.session.symbolize_keys!
- auth_controller.session.keys.each do |key|
- auth_controller.session[key.to_s] = auth_controller.session.delete(key) if key.to_s =~ /^OpenID/
- end
- auth_controller.session
- end
-
- def auth_callback_url(options = {})
- auth_controller.url_for({:controller => auth_controller.controller_name, :action => auth_controller.action_name}.merge(options))
- end
-
- # if we've said it's a "user" (registration), or a "session" (login)
- def auth_type
- from_session_or_params(:authentication_type)
- end
-
- # auth_params and auth_session attributes are all String!
- def from_session_or_params(attribute)
- return nil unless auth_controller?
- key = attribute.is_a?(Symbol) ? attribute : attribute.to_sym
- result = auth_params[key] if (auth_params && auth_params[key])
- result = auth_session[key] if (result.nil? || result.blank?)
- result
- end
-
- def add_session_key(key, value)
-
- end
-
- def remove_session_key(key)
- keys = key.is_a?(Symbol) ? [key, key.to_s] : [key, key.to_sym]
- keys.each {|k| auth_session.delete(k)}
- end
-
- # wraps the call to "save" (in yield).
- # reason being, we need to somehow not allow oauth/openid validations to run
- # when we don't have a block. We can't know that using class methods, so we create
- # this property "processing_authentication", which is used in the validation method.
- # it's value is set to "block_given", which is the value of block_given?
- def authenticate_via_protocol(block_given = false, options = {}, &block)
- @processing_authentication = auth_controller? && block_given
- saved = yield start_authentication?
- @processing_authentication = false
- saved
- end
-
- # returns boolean
- def authentication_protocol(with, phase)
- returning(send("#{phase.to_s}_#{with.to_s}?")) do |ready|
- send("#{phase.to_s}_#{with.to_s}") if ready
- end if send("using_#{with.to_s}?")
- end
-
- # it only reaches this point once it has returned, or you
- # have manually skipped the redirect and save was called directly.
- def cleanup_authentication_session(options = {}, &block)
- unless (options.has_key?(:keep_session) && options[:keep_session])
- %w(oauth openid).each do |type|
- send("cleanup_#{type.to_s}_session")
- end
- end
- end
-
- def log(*methods)
- methods.each do |method|
- puts "#{method.to_s}: #{send(method).inspect}"
- end
- end
-
- def log_state
- log(:correct_request_class?)
- log(:using_oauth?, :start_oauth?, :complete_oauth?)
- log(:oauth_request?, :oauth_response?, :stored_oauth_token_and_secret?)
- log(:using_openid?, :start_openid?, :complete_openid?, :openid_request?, :openid_response?)
- log(:authenticating_with_openid?)
- log(:stored_oauth_token_and_secret)
- end
-
- # because we may need to store 6+ session variables, all with pretty lengthy names,
- # might as well just tinify them.
- # just an idea
- def optimized_session_key(key)
- @optimized_session_keys ||= {
- :auth_request_class => :authcl,
- :authentication_method => :authme,
- :authentication_type => :authty,
- :oauth_provider => :authpr,
- :auth_callback_method => :authcb,
- :oauth_request_token => :authtk,
- :oauth_request_token_secret => :authsc,
- :auth_attributes => :authat
- }
- @optimized_session_keys[key]
- end
-
- def auto_register?
- true
- end
-
-end
14 lib/authlogic_connect/engine.rb
View
@@ -1,14 +0,0 @@
-module AuthlogicConnect
- class Engine < Rails::Engine
-
- initializer "authlogic_connect.authentication_hook" do |app|
- app.middleware.use AuthlogicConnect::CallbackFilter
- app.middleware.use OpenIdAuthentication
- end
-
- initializer "authlogic_connect.finalize", :after => "authlogic_connect.authentication_hook" do |app|
- OpenID::Util.logger = Rails.logger
- ActionController::Base.send :include, OpenIdAuthentication
- end
- end
-end
56 lib/authlogic_connect/ext.rb
View
@@ -1,56 +0,0 @@
-# these are extensions I've found useful for this project
-class String
- # normalizes an OpenID according to http://openid.net/specs/openid-authentication-2_0.html#normalization
- def normalize_identifier
- # clean up whitespace
- identifier = self.dup.strip
-
- # if an XRI has a prefix, strip it.
- identifier.gsub!(/xri:\/\//i, '')
-
- # dodge XRIs -- TODO: validate, don't just skip.
- unless ['=', '@', '+', '$', '!', '('].include?(identifier.at(0))
- # does it begin with http? if not, add it.
- identifier = "http://#{identifier}" unless identifier =~ /^http/i
-
- # strip any fragments
- identifier.gsub!(/\#(.*)$/, '')
-
- begin
- uri = URI.parse(identifier)
- uri.scheme = uri.scheme.downcase # URI should do this
- identifier = uri.normalize.to_s
- rescue URI::InvalidURIError
- raise InvalidOpenId.new("#{identifier} is not an OpenID identifier")
- end
- end
-
- return identifier
- end
-end
-
-class Hash
- def recursively_symbolize_keys!
- self.symbolize_keys!
- self.values.each do |v|
- if v.is_a? Hash
- v.recursively_symbolize_keys!
- elsif v.is_a? Array
- v.recursively_symbolize_keys!
- end
- end
- self
- end
-end
-
-class Array
- def recursively_symbolize_keys!
- self.each do |item|
- if item.is_a? Hash
- item.recursively_symbolize_keys!
- elsif item.is_a? Array
- item.recursively_symbolize_keys!
- end
- end
- end
-end
4 lib/authlogic_connect/mixins.rb
View
@@ -0,0 +1,4 @@
+Dir["#{File.dirname(__FILE__)}/mixins/*"].each { |file| require file }
+
+ActiveRecord::Base.send(:include, AuthlogicConnect::Mixins::User)
+Authlogic::Session::Base.send(:include, AuthlogicConnect::Mixins::Session)
42 lib/authlogic_connect/mixins/session.rb
View
@@ -0,0 +1,42 @@
+module AuthlogicConnect
+ module Mixins
+ module Session
+
+ def self.included(base)
+ base.validate :validate_passport, :if => lambda { Passport.authenticating?(:session) }
+ base.send :include, InstanceMethods
+ end
+
+ module InstanceMethods
+
+ def save(&block)
+ block = nil if block_given? && Passport.process?
+ result = super(&block)
+ yield(result) unless block.nil?
+ result
+ end
+
+ def validate_passport
+ Passport.authenticate(self.record) do |token|
+ if token
+ if @record
+ self.attempted_record = @record
+ else
+ self.attempted_record = klass.new
+ end
+
+ if attempted_record
+ attempted_record.access_tokens << token
+ attempted_record.save
+ else
+ errors.add(:base, "Could not find user in our database, have you registered with your oauth account?")
+ end
+ else
+ errors.add("Passport validation error")
+ end
+ end
+ end
+ end
+ end
+ end
+end
68 lib/authlogic_connect/mixins/user.rb
View
@@ -0,0 +1,68 @@
+# This class is the main api for the user.
+# It is also required to properly sequence the save methods
+# for the different authentication types (oauth and openid)
+module AuthlogicConnect
+ module Mixins
+ module User
+
+ def self.included(base)
+ base.validate :validate_passport, :if => lambda { Passport.authenticating?(:user) }
+ base.send :include, InstanceMethods
+ end
+
+ module InstanceMethods
+
+ def self.included(base)
+ base.class_eval do
+ has_many :access_tokens, :as => :user, :class_name => "AccessToken", :dependent => :destroy
+ accepts_nested_attributes_for :access_tokens
+ end
+ end
+
+ def save(options = {}, &block)
+ block = nil if block_given? && Passport.process?
+ options[:validate] = true unless options.has_key?(:validate)
+ result = super(options, &block)
+ yield(result) unless block.nil?
+ result
+ end
+
+ def validate_passport
+ Passport.authenticate(self) do |token|
+ if token
+ access_tokens << token
+ else
+ errors.add("Passport validation error")
+ end
+ end
+ end
+
+ def update_attributes(attributes, &block)
+ self.attributes = attributes
+ save(:validate => true, &block)
+ end
+
+ def access_token(service)
+ self.access_tokens.detect { |token| token.service == service.to_s }
+ end
+
+ def access_token?(service)
+ access_token(service).blank?
+ end
+
+ # user.facebook_token
+ # user.facebook_token?
+ def method_missing(meth, *args, &block)
+ if meth.to_s =~ /(\w+)_token(\?)?/
+ service = $1
+ return access_token?(service) unless $2.blank?
+ return access_token(service)
+ end
+
+ super(meth, *args, &block)
+ end
+
+ end
+ end
+ end
+end
13 lib/authlogic_connect/oauth.rb
View
@@ -1,14 +1,5 @@
-module AuthlogicConnect::Oauth
-end
-
-require File.dirname(__FILE__) + "/oauth/state"
-require File.dirname(__FILE__) + "/oauth/variables"
-require File.dirname(__FILE__) + "/oauth/process"
-require File.dirname(__FILE__) + "/oauth/user"
-require File.dirname(__FILE__) + "/oauth/session"
-require File.dirname(__FILE__) + "/oauth/helper"
+Dir["#{File.dirname(__FILE__)}/oauth/*"].each { |file| require file }
ActiveRecord::Base.send(:include, AuthlogicConnect::Oauth::User)
Authlogic::Session::Base.send(:include, AuthlogicConnect::Oauth::Session)
-ActionController::Base.helper AuthlogicConnect::Oauth::Helper
-ActionView::Helpers::FormBuilder.send(:include, AuthlogicConnect::Oauth::FormHelper)
+
20 lib/authlogic_connect/oauth/helper.rb
View
@@ -1,20 +0,0 @@
-module AuthlogicConnect::Oauth::Helper
-
- # options include "name"
- def oauth_register_hidden_input
- oauth_input(:type => "user")
- end
-
- def oauth_login_hidden_input
- oauth_input(:type => "session")
- end
-
- def oauth_input(options = {})
- tag(:input, {:type => "hidden", :name => "authentication_type", :value => options[:type]})
- end
-
-end
-
-module AuthlogicConnect::Oauth::FormHelper
-
-end
75 lib/authlogic_connect/oauth/process.rb
View
@@ -1,75 +0,0 @@
-module AuthlogicConnect::Oauth::Process
-
- include AuthlogicConnect::Oauth::Variables
-
- # Step 2: after save is called, it runs this method for validation
- def validate_by_oauth
- if processing_authentication
- authentication_protocol(:oauth, :start) || authentication_protocol(:oauth, :complete)
- end
- end
-
- # Step 3: if new_oauth_request?, redirect to oauth provider
- def start_oauth
- save_oauth_session
- authorize_url = token_class.authorize_url(auth_callback_url) do |request_token|
- save_auth_session_token(request_token) # only for oauth version 1
- end
- auth_controller.redirect_to authorize_url
- end
-
- # Step 4: on callback, run this method
- def complete_oauth
- # implemented in User and Session Oauth modules
- unless new_oauth_request? # shouldn't be validating if it's redirecting...
- restore_attributes
- complete_oauth_transaction
- return true
- end
- return false
- end
-
- # Step 3a: save our passed-parameters into the session,
- # so we can retrieve them after the redirect calls back
- def save_oauth_session
- # Store the class which is redirecting, so we can ensure other classes
- # don't get confused and attempt to use the response
- auth_session[:auth_request_class] = self.class.name
-
- auth_session[:authentication_type] = auth_params[:authentication_type]
- auth_session[:oauth_provider] = auth_params[:oauth_provider]
- auth_session[:auth_method] = "oauth"
-
- # Tell our rack callback filter what method the current request is using
- auth_session[:auth_callback_method] = auth_controller.request.method
- end
-
- # Step 3b (if version 1.0 of oauth)
- def save_auth_session_token(request)
- # store token and secret
- auth_session[:oauth_request_token] = request.token
- auth_session[:oauth_request_token_secret] = request.secret
- end
-
- def restore_attributes
- end
-
- # Step last, after the response
- # having lots of trouble testing logging and out multiple times,
- # so there needs to be a solid way to know when a user has messed up loggin in.
- def cleanup_oauth_session
- [:auth_request_class,
- :authentication_type,
- :auth_method,
- :auth_attributes,
- :oauth_provider,
- :auth_callback_method,
- :oauth_request_token,
- :oauth_request_token_secret,
- :_key,
- :_token,
- :_secret,
- ].each {|key| remove_session_key(key)}
- end
-
-end
72 lib/authlogic_connect/oauth/session.rb
View
@@ -1,60 +1,24 @@
-module AuthlogicConnect::Oauth
- # This module is responsible for adding oauth
- # to the Authlogic::Session::Base class.
- module Session
- def self.included(base)
- base.class_eval do
- include InstanceMethods
+module AuthlogicConnect
+ module Oauth
+ # This module is responsible for adding oauth
+ # to the Authlogic::Session::Base class.
+ module Session
+ def self.included(base)
+ base.send :include, InstanceMethods
end
- end
-
- module InstanceMethods
- include Process
-
- def self.included(klass)
- klass.class_eval do
- validate :validate_by_oauth, :if => :authenticating_with_oauth?
- end
- end
-
- # Hooks into credentials so that you can pass a user who has already has an oauth access token.
- def credentials=(value)
- super
- values = value.is_a?(Array) ? value : [value]
- hash = values.first.is_a?(Hash) ? values.first.with_indifferent_access : nil
- self.record = hash[:priority_record] if !hash.nil? && hash.key?(:priority_record)
- end
-
- def record=(record)
- @record = record
- end
-
- private
- def complete_oauth_transaction
- if @record
- self.attempted_record = record
- else
- # this generated token is always the same for a user!
- # this is searching with User.find ...
- # attempted_record is part of AuthLogic
- hash = oauth_token_and_secret
- token = token_class.find_by_key_or_token(hash[:key], hash[:token], :include => [:user]) # some weird error if I leave out the include)
- if token
- self.attempted_record = token.user
- elsif auto_register?
- self.attempted_record = klass.new
- self.attempted_record.access_tokens << token_class.new(hash)
- self.attempted_record.save
- else
- auth_session[:_key] = hash[:key]
- auth_session[:_token] = hash[:token]
- auth_session[:_secret] = hash[:secret]
- end
+ module InstanceMethods
+
+ # Hooks into credentials so that you can pass a user who has already has an oauth access token.
+ def credentials=(value)
+ super
+ values = value.is_a?(Array) ? value : [value]
+ hash = values.first.is_a?(Hash) ? values.first.with_indifferent_access : nil
+ self.record = hash[:priority_record] if !hash.nil? && hash.key?(:priority_record)
end
-
- if !attempted_record
- errors.add(:user, "Could not find user in our database, have you registered with your oauth account?")
+
+ def record=(record)
+ @record = record
end
end
end
60 lib/authlogic_connect/oauth/state.rb
View
@@ -1,60 +0,0 @@
-# all these methods must return true or false
-module AuthlogicConnect::Oauth::State
-
- # 1. to call
- # checks that we just passed parameters to it,
- # and that the parameters say 'authentication_method' == 'oauth'
- def oauth_request?
- auth_params? && oauth_provider?
- end
-
- # 2. from call
- # checks that the correct session variables are there
- def oauth_response?
- !oauth_response.nil? && auth_session? && auth_session[:auth_request_class] == self.class.name && auth_session[:auth_method] == "oauth"
- end
-
- def oauth_complete?
- oauth_response? || stored_oauth_token_and_secret?
- end
-
- # 3. either to or from call
- def using_oauth?
- oauth_request? || oauth_response? || stored_oauth_token_and_secret?
- end
-
- def new_oauth_request?
- return false if stored_oauth_token_and_secret?
- return oauth_response.blank?
- end
-
- def oauth_provider?
- !oauth_provider.blank?
- end
-
- # main method we call on validation
- def authenticating_with_oauth?
- correct_request_class? && using_oauth?
- end
-
- def allow_oauth_redirect?
- authenticating_with_oauth? && !oauth_complete?
- end
-
- def start_oauth?
- authenticating_with_oauth? && !oauth_complete?
- end
-
- def complete_oauth?
- using_oauth? && !new_oauth_request?
- end
-
- def validate_password_with_oauth?
- !using_oauth? && require_password?
- end
-
- def stored_oauth_token_and_secret?
- !is_auth_session? && auth_params? && auth_params.has_key?(:_key) && auth_params.has_key?(:_token) && auth_params.has_key?(:_secret)
- end
-
-end
2  lib/authlogic_connect/oauth/tokens/aol_token.rb
View
@@ -1,2 +0,0 @@
-# http://dev.aol.com/openauth_gettingstarted
-# https://my.screenname.aol.com/_cqr/login/login.psp?sitedomain=dev.aol.com&authLev=1&lang=en&locale=us&siteState=OrigUrl%3Dhttp%253A%252F%252Fdev.aol.com%252Fkeys
11 lib/authlogic_connect/oauth/tokens/facebook_token.rb
View
@@ -1,11 +0,0 @@
-# http://www.facebook.com/developers/apps.php
-# http://developers.facebook.com/setup/
-class FacebookToken < OauthToken
-
- version 2.0
-
- settings "https://graph.facebook.com",
- :authorize_url => "https://graph.facebook.com/oauth/authorize",
- :scope => "email, offline_access"
-
-end
15 lib/authlogic_connect/oauth/tokens/foursquare_token.rb
View
@@ -1,15 +0,0 @@
-class FoursquareToken < OauthToken
-
- key do |access_token|
- body = JSON.parse(access_token.get("/user.json").body)
- user_id = body['user']['id'].to_s
- end
-
- settings "http://api.foursquare.com/:api_version",
- :request_token_url => "http://foursquare.com/oauth/request_token",
- :access_token_url => "http://foursquare.com/oauth/access_token",
- :authorize_url => "http://foursquare.com/oauth/authorize",
- :api_versions => {1 => "v1", 2 => "v2"},
- :api_version => 1
-
-end
9 lib/authlogic_connect/oauth/tokens/get_satisfaction_token.rb
View
@@ -1,9 +0,0 @@
-# http://getsatisfaction.com/developers/oauth
-class GetSatisfactionToken < OauthToken
-
- settings "http://getsatisfaction.com",
- :request_token_path => "/api/request_token",
- :authorize_url => "/api/authorize",
- :access_token_path => "/api/access_token"
-
-end
14 lib/authlogic_connect/oauth/tokens/github_token.rb
View
@@ -1,14 +0,0 @@
-class GithubToken < OauthToken
-
- version 2
-
- key do |access_token|
- user = JSON.parse(access_token.get("/api/v2/json/user/show"))
- user["id"]
- end
-
- settings "https://github.com",
- :authorize_path => "/login/oauth/authorize",
- :access_token_path => "/login/oauth/access_token"
-
-end
41 lib/authlogic_connect/oauth/tokens/google_token.rb
View
@@ -1,41 +0,0 @@
-# http://code.google.com/apis/accounts/docs/OAuth_ref.html
-# http://code.google.com/apis/accounts/docs/OpenID.html#settingup
-# http://code.google.com/apis/accounts/docs/OAuth.html
-# http://code.google.com/apis/accounts/docs/RegistrationForWebAppsAuto.html
-# http://www.manu-j.com/blog/add-google-oauth-ruby-on-rails-sites/214/
-# http://googlecodesamples.com/oauth_playground/
-# Scopes:
-# Analytics https://www.google.com/analytics/feeds/
-# Google Base http://www.google.com/base/feeds/
-# Book Search http://www.google.com/books/feeds/
-# Blogger http://www.blogger.com/feeds/
-# Calendar http://www.google.com/calendar/feeds/
-# Contacts http://www.google.com/m8/feeds/
-# Documents List http://docs.google.com/feeds/
-# Finance http://finance.google.com/finance/feeds/
-# GMail https://mail.google.com/mail/feed/atom
-# Health https://www.google.com/health/feeds/
-# H9 https://www.google.com/h9/feeds/
-# Maps http://maps.google.com/maps/feeds/
-# OpenSocial http://www-opensocial.googleusercontent.com/api/people/
-# orkut http://www.orkut.com/social/rest
-# Picasa Web http://picasaweb.google.com/data/
-# Sidewiki http://www.google.com/sidewiki/feeds/
-# Sites http://sites.google.com/feeds/
-# Spreadsheets http://spreadsheets.google.com/feeds/
-# Webmaster Tools http://www.google.com/webmasters/tools/feeds/
-# YouTube http://gdata.youtube.com
-class GoogleToken < OauthToken
-
- settings "https://www.google.com",
- :request_token_path => "/accounts/OAuthGetRequestToken",
- :authorize_path => "/accounts/OAuthAuthorizeToken",
- :access_token_path => "/accounts/OAuthGetAccessToken",
- :scope => "https://www.googleapis.com/auth/userinfo#email"
-
- key do |access_token|
- body = JSON.parse(access_token.get("https://www.googleapis.com/userinfo/email?alt=json").body)
- email = body["data"]["email"]
- end
-
-end
19 lib/authlogic_connect/oauth/tokens/linked_in_token.rb
View
@@ -1,19 +0,0 @@
-# http://developer.linkedin.com/docs/DOC-1008
-# https://www.linkedin.com/secure/developer
-# http://github.com/pengwynn/linkedin/tree/master/lib/linked_in/
-class LinkedInToken < OauthToken
-
- key do |access_token|
- body = access_token.get("https://api.linkedin.com/v1/people/~:(id)").body
- id = body.gsub("<id>([^><]+)</id>", "\\1") # so we don't need to also import nokogiri
- id
- end
-
- settings "https://api.linkedin.com",
- :request_token_path => "/uas/oauth/requestToken",
- :access_token_path => "/uas/oauth/accessToken",
- :authorize_path => "/uas/oauth/authorize",
- :http_method => "get",
- :scheme => :query_string
-
-end
12 lib/authlogic_connect/oauth/tokens/meetup_token.rb
View
@@ -1,12 +0,0 @@
-# http://www.meetup.com/meetup_api/docs/#oauth
-# protected resources: http://api.meetup.com
-class MeetupToken < OauthToken
-
- key :user_id
-
- settings "http://www.meetup.com/"
- :request_token_path => "/oauth/request",
- :authorize_path => "/authorize",
- :access_token_path => "/oauth/access"
-
-end
26 lib/authlogic_connect/oauth/tokens/myspace_token.rb
View
@@ -1,26 +0,0 @@
-# http://wiki.developer.myspace.com/index.php?title=Category:MySpaceID
-# http://developerwiki.myspace.com/index.php?title=OAuth_REST_API_Usage_-_Authentication_Process
-# http://developerwiki.myspace.com/index.php?title=How_to_Set_Up_a_New_Application_for_OpenID
-# http://developer.myspace.com/Modules/Apps/Pages/ApplyDevSandbox.aspx
-# after you've signed up:
-# http://developer.myspace.com/modules/apps/pages/createappaccount.aspx
-# "Create a MySpaceID App"
-# http://developer.myspace.com/modules/apps/pages/editapp.aspx?appid=188312&mode=create
-# http://developer.myspace.com/Modules/APIs/Pages/OAuthTool.aspx
-# http://developer.myspace.com/Community/forums/p/3626/15947.aspx
-class MyspaceToken < OauthToken
-
- # http://wiki.developer.myspace.com/index.php?title=Portable_Contacts_REST_Resources
- key do |access_token|
- body = JSON.parse(access_token.get("/v2/people/@me/@self?format=json").body)
- id = body["entry"]["id"]
- end
-
- settings "http://api.myspace.com",
- :request_token_path => "/request_token",
- :authorize_path => "/authorize",
- :access_token_path => "/access_token",
- :http_method => "get",
- :scheme => :query_string
-
-end
10 lib/authlogic_connect/oauth/tokens/netflix_token.rb
View
@@ -1,10 +0,0 @@
-class NetflixToken < OauthToken
-
- key :user_id
-
- settings "http://api.netflix.com",
- :request_token_path => "/oauth/request_token",
- :access_token_path => "/oauth/access_token",
- :authorize_path => "/oauth/login"
-
-end
164 lib/authlogic_connect/oauth/tokens/oauth_token.rb
View
@@ -1,164 +0,0 @@
-class OauthToken < AccessToken
-
- def client
- unless @client
- if oauth_version == 1.0
- @client = OAuth::AccessToken.new(self.consumer, self.token, self.secret)
- else
- @client = OAuth2::AccessToken.new(self.consumer, self.token)
- end
- end
-
- @client
- end
-
- def clear
- @client = nil
- end
-
- def oauth_version
- self.class.oauth_version
- end
-
- def get(path, headers = {})
- client.get(path, headers)
- end
-
- def post(path, body = "", headers = {})
- client.post(path, body, headers)
- end
-
- def head(path, headers = {})
- client.head(path, headers)
- end
-
- def put(path, body = "", headers = {})
- client.put(path, body, headers)
- end
-
- def delete(path, headers = {})
- client.delete(path, headers)
- end
-
- class << self
-
- # oauth version, 1.0 or 2.0
- def version(value)
- @oauth_version = value
- end
-
- def oauth_version
- @oauth_version ||= 1.0
- end
-
- # unique key that we will use from the AccessToken response
- # to identify the user by.
- # in Twitter, its "user_id". Twitter has "screen_name", but that's
- # more subject to change than user_id. Pick whatever is least likely to change
- def key(value = nil, &block)
- if block_given?
- @oauth_key = block
- else
- @oauth_key = value.is_a?(Symbol) ? value : value.to_sym
- end
- end
-
- def oauth_key
- @oauth_key
- end
-
- def config
- super.merge(credentials[:options] || {})
- end
-
- def consumer
- if oauth_version == 1.0
- OAuth::Consumer.new(credentials[:key], credentials[:secret], config)
- else
- OAuth2::Client.new(credentials[:key], credentials[:secret], config)
- end
- end
-
- # if we're lucky we can find it by the token.
- def find_by_key_or_token(key, token, options = {})
- result = self.find_by_key(key, options) unless key.nil?
- unless result
- if !token.blank? && self.respond_to?(:find_by_token)
- result = self.find_by_token(token, options)
- end
- end
- result
- end
-
- # this is a wrapper around oauth 1 and 2.
- # it looks obscure, but from the api point of view
- # you won't have to worry about it's implementation.
- # in oauth 1.0, key = oauth_token, secret = oauth_secret
- # in oauth 2.0, key = code, secret = access_token
- def get_token_and_secret(options = {})
- oauth_verifier = options[:oauth_verifier]
- redirect_uri = options[:redirect_uri]
- token = options[:token]
- secret = options[:secret]
- consumer = self.consumer # cached
-
- if oauth_version == 1.0
- access = request_token(token, secret).get_access_token(:oauth_verifier => oauth_verifier)
- result = {:token => access.token, :secret => access.secret, :key => nil}
- if self.oauth_key
- if oauth_key.is_a?(Proc)
- result[:key] = oauth_key.call(access)
- else
- result[:key] = access.params[self.oauth_key] || access.params[self.oauth_key.to_s] # try both
- end
- else
- puts "Access Token: #{access.inspect}"
- raise "please set an oauth key for #{service_name.to_s}"
- end
- else
- access = consumer.web_server.get_access_token(secret, :redirect_uri => redirect_uri)
- result = {:token => access.token, :secret => secret, :key => nil}
- end
-
- result
- end
-
- # this is a cleaner method so we can access the authorize_url
- # from oauth 1 or 2
- def authorize_url(callback_url, &block)
- consumer = self.consumer # cached
-
- if oauth_version == 1.0
- request = get_request_token(callback_url, consumer)
- yield request if block_given?
- return request.authorize_url
- else
- options = {:redirect_uri => callback_url}
-
- unless consumer.nil? || consumer.options.empty? || consumer.options[:scope].nil?
- options[:scope] = consumer.options[:scope]
- else
- options[:scope] = self.config[:scope] unless self.config[:scope].blank?
- end
- return consumer.web_server.authorize_url(options)
- end
- end
-
- def request_token(token, secret)
- OAuth::RequestToken.new(consumer, token, secret)
- end
-
- # if you pass a hash as the second parameter to consumer.get_request_token,
- # ruby oauth will think this is a form and all sorts of bad things happen
- def get_request_token(callback_url, consumer = nil)
- options = {:scope => config[:scope]} if config[:scope]
- consumer ||= self.consumer
- consumer.get_request_token({:oauth_callback => callback_url}, options)
- end
-
- def get_access_token(oauth_verifier)
- request_token.get_access_token(:oauth_verifier => oauth_verifier)
- end
- end
-
-end
9 lib/authlogic_connect/oauth/tokens/ohloh_token.rb
View
@@ -1,9 +0,0 @@
-# https://www.ohloh.net/
-# http://www.ohloh.net/api/oauth
-class OhlohToken < OauthToken
-
- key :user_id
-
- settings "http://www.ohloh.net"
-
-end
0  lib/authlogic_connect/oauth/tokens/opensocial_token.rb
View
No changes.
8 lib/authlogic_connect/oauth/tokens/twitter_token.rb
View
@@ -1,8 +0,0 @@
-class TwitterToken < OauthToken
-
- key :user_id
-
- settings "http://api.twitter.com",
- :authorize_url => "http://api.twitter.com/oauth/authenticate"
-
-end
18 lib/authlogic_connect/oauth/tokens/vimeo_token.rb
View
@@ -1,18 +0,0 @@
-# http://www.vimeo.com/api/docs/oauth
-# http://www.vimeo.com/api/applications/new
-# http://vimeo.com/api/applications
-class VimeoToken < OauthToken
-
- key do |access_token|
- body = JSON.parse(access_token.get("http://vimeo.com/api/v2/#{access_token.token}/info.json"))
- user_id = body.first["id"]
- end
-
- settings "http://vimeo.com",
- :request_token_path => "/oauth/request_token",
- :authorize_path => "/oauth/authorize",
- :access_token_path => "/oauth/access_token",
- :http_method => "get",
- :scheme => :query_string
-
-end
19 lib/authlogic_connect/oauth/tokens/yahoo_token.rb
View
@@ -1,19 +0,0 @@
-# https://developer.apps.yahoo.com/dashboard/createKey.html
-# https://developer.apps.yahoo.com/projects
-# http://developer.yahoo.com/oauth/guide/oauth-accesstoken.html
-# http://developer.yahoo.com/oauth/guide/oauth-auth-flow.html
-# http://code.google.com/apis/gadgets/docs/oauth.html
-# http://developer.yahoo.com/social/rest_api_guide/web-services-guids.html
-# A GUID identifies a person
-# http://social.yahooapis.com/v1/me/guid
-class YahooToken < OauthToken
-
- # http://social.yahooapis.com/v1/me/guid
- key :xoauth_yahoo_guid
-
- settings "https://api.login.yahoo.com",
- :request_token_path => '/oauth/v2/get_request_token',
- :access_token_path => '/oauth/v2/get_token',
- :authorize_path => '/oauth/v2/request_auth'
-
-end
74 lib/authlogic_connect/oauth/user.rb
View
@@ -1,64 +1,28 @@
-module AuthlogicConnect::Oauth::User
+module AuthlogicConnect
+ module Oauth
+ module User
- def self.included(base)
- base.class_eval do
- # add_acts_as_authentic_module makes sure it is
- # only added to the user model, not all activerecord models.
- add_acts_as_authentic_module(InstanceMethods, :prepend)
- end
- end
+ def self.included(base)
+ base.send :include, InstanceMethods
+ end
- module InstanceMethods
- include AuthlogicConnect::Oauth::Process
-
- # Set up some simple validations
- def self.included(base)
- base.class_eval do
+ module InstanceMethods
- validate :validate_by_oauth, :if => :authenticating_with_oauth?
+ # Set up some simple validations
+ def self.included(base)
+ base.class_eval do
- # need these validation options if you don't want it to choke
- # on password length, which you don't need if you're using oauth
- validates_length_of_password_field_options validates_length_of_password_field_options.merge(:if => :validate_password_with_oauth?)
- validates_confirmation_of_password_field_options validates_confirmation_of_password_field_options.merge(:if => :validate_password_with_oauth?)
- validates_length_of_password_confirmation_field_options validates_length_of_password_confirmation_field_options.merge(:if => :validate_password_with_oauth?)
- validates_length_of_login_field_options validates_length_of_login_field_options.merge(:if => :validate_password_with_oauth?)
- validates_format_of_login_field_options validates_format_of_login_field_options.merge(:if => :validate_password_with_oauth?)
+ # need these validation options if you don't want it to choke
+ # on password length, which you don't need if you're using oauth
+ validates_length_of_password_field_options validates_length_of_password_field_options.merge(:if => :validate_password_with_oauth?)
+ validates_confirmation_of_password_field_options validates_confirmation_of_password_field_options.merge(:if => :validate_password_with_oauth?)
+ validates_length_of_password_confirmation_field_options validates_length_of_password_confirmation_field_options.merge(:if => :validate_password_with_oauth?)
+ validates_length_of_login_field_options validates_length_of_login_field_options.merge(:if => :validate_password_with_oauth?)
+ validates_format_of_login_field_options validates_format_of_login_field_options.merge(:if => :validate_password_with_oauth?)
+ end
+ end
end
end
-
- # user adds a few extra things to this method from Process
- # modules work like inheritance
- def save_oauth_session
- super
- auth_session[:auth_attributes] = attributes.reject!{|k, v| v.blank? || !self.respond_to?(k)} unless is_auth_session?
- end
-
- def redirect_to_oauth
- return has_token?(oauth_provider) ? false : super
- end
-
- def restore_attributes
- # Restore any attributes which were saved before redirecting to the auth server
- self.attributes = auth_session[:auth_attributes]
- end
-
- # single implementation method for oauth.
- # this is called after we get the callback url and we are saving the user
- # to the database.
- # it is called by the validation chain.
- def complete_oauth_transaction
- token = token_class.new(oauth_token_and_secret)
- old_token = token_class.find_by_key_or_token(token.key, token.token)
- token = old_token if old_token
-
- if has_token?(oauth_provider)
- self.errors.add(:tokens, "you have already created an account using your #{token_class.service_name} account, so it")
- else
- self.access_tokens << token
- end
- end
-
end
end
64 lib/authlogic_connect/oauth/variables.rb
View
@@ -1,64 +0,0 @@
-module AuthlogicConnect::Oauth::Variables
- include AuthlogicConnect::Oauth::State
-
- # this doesn't do anything yet, just to show what variables
- # we need from the form
- def oauth_variables
- [:oauth_provider]
- end
-
- # this comes straight from either the params or session.
- # it is required for most of the other accessors in here
- def oauth_provider
- from_session_or_params(:oauth_provider)
- end
-
- # next is "token_class", which is found from the oauth_provider key.
- # it is the OauthToken subclass, such as TwitterToken, which we
- # use as the api for accessing oauth and saving the response to the database for a user.
- def token_class
- AuthlogicConnect.token(oauth_provider) unless oauth_provider.blank?
- end
-
- # This should go...
- def oauth_response
- auth_params && oauth_token
- end
-
- # the token from the response parameters
- def oauth_token
- return nil unless token_class
- oauth_version == 1.0 ? auth_params[:oauth_token] : auth_params[:code]
- end
-
- # the version of oauth we're using. Accessed from the OauthToken subclass
- def oauth_version
- token_class.oauth_version
- end
-
- # the Oauth gem consumer, whereby we can make requests to the server
- def oauth_consumer
- token_class.consumer
- end
-
- def stored_oauth_token_and_secret
- if auth_controller?
- {:key => auth_params[:_key], :token => auth_params[:_token], :secret => auth_params[:_secret]}
- else
- {:key => nil, :token => nil, :secret => nil}
- end
- end
-
- # this is a thick method.
- # it gives you the final key and secret that we will store in the database
- def oauth_token_and_secret
- return stored_oauth_token_and_secret if stored_oauth_token_and_secret?
- token_class.get_token_and_secret(
- :token => auth_session[:oauth_request_token],
- :secret => oauth_version == 1.0 ? auth_session[:oauth_request_token_secret] : oauth_token,
- :oauth_verifier => auth_params[:oauth_verifier],
- :redirect_uri => auth_callback_url
- )
- end
-
-end
13 lib/authlogic_connect/openid.rb
View
@@ -1,11 +1,4 @@
-module AuthlogicConnect::Openid
-end
+#Dir["#{File.dirname(__FILE__)}/openid/*"].each { |file| require file unless File.directory?(file) }
-require File.dirname(__FILE__) + "/openid/state"
-require File.dirname(__FILE__) + "/openid/variables"
-require File.dirname(__FILE__) + "/openid/process"
-require File.dirname(__FILE__) + "/openid/user"
-require File.dirname(__FILE__) + "/openid/session"
-
-ActiveRecord::Base.send(:include, AuthlogicConnect::Openid::User)
-Authlogic::Session::Base.send(:include, AuthlogicConnect::Openid::Session)
+#ActiveRecord::Base.send(:include, AuthlogicConnect::Openid::User)
+#Authlogic::Session::Base.send(:include, AuthlogicConnect::Openid::Session)
74 lib/authlogic_connect/openid/process.rb
View
@@ -1,74 +0,0 @@
-module AuthlogicConnect::Openid::Process
-
- include AuthlogicConnect::Openid::Variables
-
- def start_openid
- save_openid_session
- call_openid
- end
-
- def complete_openid
- restore_attributes
- call_openid
- end
-
- def call_openid
- options = {}
- options[:return_to] = auth_callback_url
- # this is called both on start and complete.
- # reason being, in the open_id_authentication library (where "authenticate_with_open_id" is defined),
- # it checks the rack session to find openid pareters, and knows whether we're at
- # start or complete
- auth_controller.send(:authenticate_with_open_id, openid_identifier, options) do |result, openid_identifier|
- complete_openid_transaction(result, openid_identifier)
- return true
- end
- return false
- end
-
- def complete_openid_transaction(result, openid_identifier)
- if result.unsuccessful?
- errors.add_to_base(result.message)
- end
-
- if AccessToken.find_by_key(openid_identifier.normalize_identifier)
- else
- token = OpenidToken.new(:key => openid_identifier)
- self.access_tokens << token
- self.active_token = token
- end
- end
-
- # want to do this after the final save
- def cleanup_openid_session
- [:auth_attributes, :authentication_type, :auth_callback_method].each {|key| remove_session_key(key)}
- auth_session.each_key do |key|
- remove_session_key(key) if key.to_s =~ /^OpenID/
- end
- end
-
- def validate_by_openid
- if processing_authentication
- authentication_protocol(:openid, :start) || authentication_protocol(:openid, :complete)
- errors.add(:access_tokens, "had the following error: #{@openid_error}") if @openid_error
- end
- end
-
- def save_openid_session
- # Tell our rack callback filter what method the current request is using
- auth_session[:auth_callback_method] = auth_controller.request.method
- auth_session[:auth_attributes] = attributes_to_save
- auth_session[:authentication_type] = auth_params[:authentication_type]
- auth_session[:auth_method] = "openid"
- end
-
- def attributes_to_save
- {}
- end
-
- def restore_attributes
- # Restore any attributes which were saved before redirecting to the auth server
- self.attributes = auth_session[:auth_attributes] unless is_auth_session?
- end
-
-end
77 lib/authlogic_connect/openid/session.rb
View
@@ -1,56 +1,49 @@
-module AuthlogicConnect::Openid
- # This module is responsible for adding all of the OpenID goodness to the Authlogic::Session::Base class.
- module Session
- # Add a simple openid_identifier attribute and some validations for the field.
- def self.included(klass)
- klass.class_eval do
- include InstanceMethods
- end
- end
-
- module InstanceMethods
- include AuthlogicConnect::Openid::Process
-
- def self.included(klass)
- klass.class_eval do
- validate :validate_by_openid, :if => :authenticating_with_openid?
- end
+module AuthlogicConnect
+ module Openid
+ # This module is responsible for adding all of the OpenID goodness to the Authlogic::Session::Base class.
+ module Session
+ # Add a simple openid_identifier attribute and some validations for the field.
+ def self.included(base)
+ base.send :include, InstanceMethods
end
- # Hooks into credentials so that you can pass an :openid_identifier key.
- def credentials=(value)
- super
- values = value.is_a?(Array) ? value : [value]
- hash = values.first.is_a?(Hash) ? values.first.with_indifferent_access : nil
- end
-
- private
+ module InstanceMethods
- def auto_register?
- false
+ # Hooks into credentials so that you can pass an :openid_identifier key.
+ def credentials=(value)
+ super
+ values = value.is_a?(Array) ? value : [value]
+ hash = values.first.is_a?(Hash) ? values.first.with_indifferent_access : nil
end
-
- def complete_openid_transaction(result, openid_identifier)
- if result.unsuccessful?
- errors.add_to_base(result.message)
+
+ private
+
+ def auto_register?
+ false
end
+
+ def complete_openid_transaction(result, openid_identifier)
+ if result.unsuccessful?
+ errors.add_to_base(result.message)
+ end
- token = AccessToken.find_by_key(openid_identifier.normalize_identifier, :include => [:user])
+ token = AccessToken.find_by_key(openid_identifier.normalize_identifier, :include => [:user])
- self.attempted_record = token.user if token
+ self.attempted_record = token.user if token
- if !attempted_record
- if auto_register?
- self.attempted_record = klass.new
- self.attempted_record.access_tokens << OpenidToken.new(:key => openid_identifier.normalize_identifier)
- self.attempted_record.save
- else
- auth_session[:openid_identifier] = openid_identifier
- errors.add(:user, "Could not find user in our database, have you registered with your openid account?")
+ if !attempted_record
+ if auto_register?
+ self.attempted_record = base.new
+ self.attempted_record.access_tokens << OpenidToken.new(:key => openid_identifier.normalize_identifier)
+ self.attempted_record.save
+ else
+ auth_session[:openid_identifier] = openid_identifier
+ errors.add(:user, "Could not find user in our database, have you registered with your openid account?")
+ end
end
end
- end
+ end
end
end
end
48 lib/authlogic_connect/openid/state.rb
View
@@ -1,48 +0,0 @@
-# all these methods must return true or false
-module AuthlogicConnect::Openid::State
-
- # 1. to call
- def openid_request?
- !openid_identifier.blank? && auth_session[:auth_attributes].nil?
- end
-
- def openid_identifier?
- openid_request?
- end
-
- def openid_provider?
-
- end
-
- # 2. from call
- # better check needed
- def openid_response?
- auth_controller? && !auth_session[:auth_attributes].nil? && auth_session[:auth_method] == "openid"
- end
- alias_method :openid_complete?, :openid_response?
-
- # 3. either to or from call
- # this should include more!
- # we know we are using open id if:
- # the params passed in have "openid_identifier"
- def using_openid?
- auth_controller? && (openid_request? || openid_response?)
- end
-
- def authenticating_with_openid?
- auth_controller? && auth_class.activated? && using_openid?
- end
-
- def start_openid?
- authenticating_with_openid? && !openid_response?
- end
-
- def complete_openid?
- openid_complete?
- end
-
- def validate_password_with_openid?
- !using_openid? && require_password?
- end
-
-end
0  lib/authlogic_connect/openid/tokens/aol_token.rb
View
No changes.
0  lib/authlogic_connect/openid/tokens/blogger_token.rb
View
No changes.
0  lib/authlogic_connect/openid/tokens/flickr_token.rb
View
No changes.
3  lib/authlogic_connect/openid/tokens/my_openid_token.rb
View
@@ -1,3 +0,0 @@
-class MyOpenidToken < OpenidToken
-
-end
57 lib/authlogic_connect/openid/user.rb
View
@@ -1,37 +1,36 @@
-module AuthlogicConnect::Openid
- module User
- def self.included(base)
- base.class_eval do
- add_acts_as_authentic_module(AuthlogicConnect::Openid::Process, :prepend)
- add_acts_as_authentic_module(InstanceMethods, :append)
- end
- end
-
- module InstanceMethods
-
- def self.included(base)
+module AuthlogicConnect
+ module Openid
+ module User
+ def self.included(base)
base.class_eval do
- validate :validate_by_openid, :if => :authenticating_with_openid?
-
- validates_length_of_password_field_options validates_length_of_password_field_options.merge(:if => :validate_password_with_openid?)
- validates_confirmation_of_password_field_options validates_confirmation_of_password_field_options.merge(:if => :validate_password_with_openid?)
- validates_length_of_password_confirmation_field_options validates_length_of_password_confirmation_field_options.merge(:if => :validate_password_with_openid?)
- validates_length_of_login_field_options validates_length_of_login_field_options.merge(:if => :validate_password_with_openid?)
- validates_format_of_login_field_options validates_format_of_login_field_options.merge(:if => :validate_password_with_openid?)
+ add_acts_as_authentic_module(InstanceMethods, :append)
end
end
-
- def attributes_to_save
- attr_list = [:id, :password, crypted_password_field, password_salt_field, :persistence_token, :perishable_token, :single_access_token, :login_count,
- :failed_login_count, :last_request_at, :current_login_at, :last_login_at, :current_login_ip, :last_login_ip, :created_at,
- :updated_at, :lock_version]
- attrs_to_save = attributes.clone.delete_if do |k, v|
- attr_list.include?(k.to_sym)
+
+ module InstanceMethods
+
+ def self.included(base)
+ base.class_eval do
+ validates_length_of_password_field_options validates_length_of_password_field_options.merge(:if => :validate_password_with_openid?)
+ validates_confirmation_of_password_field_options validates_confirmation_of_password_field_options.merge(:if => :validate_password_with_openid?)
+ validates_length_of_password_confirmation_field_options validates_length_of_password_confirmation_field_options.merge(:if => :validate_password_with_openid?)
+ validates_length_of_login_field_options validates_length_of_login_field_options.merge(:if => :validate_password_with_openid?)
+ validates_format_of_login_field_options validates_format_of_login_field_options.merge(:if => :validate_password_with_openid?)
+ end
end
- if self.respond_to?(:password) && self.respond_to?(:password_confirmation)
- attrs_to_save.merge!(:password => password, :password_confirmation => password_confirmation)
+
+ def attributes_to_save
+ attr_list = [:id, :password, crypted_password_field, password_salt_field, :persistence_token, :perishable_token, :single_access_token, :login_count,
+ :failed_login_count, :last_request_at, :current_login_at, :last_login_at, :current_login_ip, :last_login_ip, :created_at,
+ :updated_at, :lock_version]
+ attrs_to_save = attributes.clone.delete_if do |k, v|
+ attr_list.include?(k.to_sym)
+ end
+ if self.respond_to?(:password) && self.respond_to?(:password_confirmation)
+ attrs_to_save.merge!(:password => password, :password_confirmation => password_confirmation)
+ end
+ attrs_to_save.reject!{|k, v| v.blank? || !self.respond_to?(k)}
end
- attrs_to_save.reject!{|k, v| v.blank? || !self.respond_to?(k)}
end
end
end
19 lib/authlogic_connect/openid/variables.rb
View
@@ -1,19 +0,0 @@
-module AuthlogicConnect::Openid::Variables
- include AuthlogicConnect::Openid::State
-
- # openid_provider = "blogger", "myopenid", etc.
- # openid_identifier = "viatropos.myopenid.com", etc.
- # openid_key = "viatropos"
-# def openid_attributes
-# [:openid_provider, :openid_identifier, :openid_key]
-# end
-
- def openid_identifier
- auth_params[:openid_identifier] if auth_params?
- end
-
- def openid_provider
- from_session_or_params(:openid_provider) if auth_controller?
- end
-
-end
19 lib/authlogic_connect/rack_state.rb
View
@@ -1,19 +0,0 @@
-class AuthlogicConnect::RackState
- def initialize(app)
- @app = app
- end
-
- # this intercepts how the browser interprets the url.
- # so we override it and say,
- # "if we've stored a variable in the session called :auth_callback_method,
- # then convert that into a POST call so we re-call the original method"
- def call(env)
- if env["rack.session"].nil?
- raise "Make sure you are setting the session in Rack too! Place this in config/application.rb"
- end
- unless env["rack.session"][:auth_callback_method].blank?
- env["REQUEST_METHOD"] = env["rack.session"].delete(:auth_callback_method).to_s.upcase
- end
- @app.call(env)
- end
-end
127 lib/open_id_authentication.rb
View
@@ -1,127 +0,0 @@
-# copied from open_id_authentication plugin on github
-require 'uri'
-require 'openid'
-require 'rack/openid'
-
-module OpenIdAuthentication
- def self.new(app)
- store = OpenIdAuthentication.store
- if store.nil?
- Rails.logger.warn "OpenIdAuthentication.store is nil. Using in-memory store."
- end
-
- ::Rack::OpenID.new(app, OpenIdAuthentication.store)
- end
-
- def self.store
- @@store
- end
-
- def self.store=(*store_option)
- store, *parameters = *([ store_option ].flatten)
-
- @@store = case store
- when :memory
- require 'openid/store/memory'
- OpenID::Store::Memory.new
- when :file
- require 'openid/store/filesystem'
- OpenID::Store::Filesystem.new(Rails.root.join('tmp/openids'))
- when :memcache
- require 'memcache'
- require 'openid/store/memcache'
- OpenID::Store::Memcache.new(MemCache.new(parameters))
- else
- store
- end
- end
-
- self.store = nil
-
- class Result
- ERROR_MESSAGES = {
- :missing => "Sorry, the OpenID server couldn't be found",
- :invalid => "Sorry, but this does not appear to be a valid OpenID",
- :canceled => "OpenID verification was canceled",
- :failed => "OpenID verification failed",
- :setup_needed => "OpenID verification needs setup"
- }
-
- def self.[](code)
- new(code)
- end
-
- def initialize(code)
- @code = code
- end
-
- def status
- @code
- end
-
- ERROR_MESSAGES.keys.each { |state| define_method("#{state}?") { @code == state } }
-
- def successful?
- @code == :successful
- end
-
- def unsuccessful?
- ERROR_MESSAGES.keys.include?(@code)
- end
-
- def message
- ERROR_MESSAGES[@code]
- end
- end
-
- protected
- # The parameter name of "openid_identifier" is used rather than
- # the Rails convention "open_id_identifier" because that's what
- # the specification dictates in order to get browser auto-complete
- # working across sites
- def using_open_id?(identifier = nil) #:doc:
- identifier ||= open_id_identifier
- !identifier.blank? || request.env[Rack::OpenID::RESPONSE]
- end
-
- def authenticate_with_open_id(identifier = nil, options = {}, &block) #:doc:
- identifier ||= open_id_identifier
- if request.env[Rack::OpenID::RESPONSE]
- complete_open_id_authentication(&block)
- else
- begin_open_id_authentication(identifier, options, &block)
- end
- end
-
- private
- def open_id_identifier
- params[:openid_identifier] || params[:openid_url]
- end
-
- def begin_open_id_authentication(identifier, options = {})
- options[:identifier] = identifier
- value = Rack::OpenID.build_header(options)
- response.headers[Rack::OpenID::AUTHENTICATE_HEADER] = value
- head :unauthorized
- end
-
- def complete_open_id_authentication
- response = request.env[Rack::OpenID::RESPONSE]
- identifier = response.display_identifier
- case response.status
- when OpenID::Consumer::SUCCESS
- yield Result[:successful], identifier,
- OpenID::SReg::Response.from_success_response(response)
- when :missing
- yield Result[:missing], identifier, nil
- when :invalid
- yield Result[:invalid], identifier, nil
- when OpenID::Consumer::CANCEL
- yield Result[:canceled], identifier, nil
- when OpenID::Consumer::FAILURE
- yield Result[:failed], identifier, nil
- when OpenID::Consumer::SETUP_NEEDED
- yield Result[:setup_needed], response.setup_url, nil
- end
- end
-end
36 test/test_helper.rb
View
@@ -16,6 +16,8 @@
require File.dirname(__FILE__) + '/libs/user_session'
require 'authlogic/test_case'
+Passport.configure("./test/config/tokens.yml")
+
# A temporary fix to bring active record errors up to speed with rails edge.
# I need to remove this once the new gem is released. This is only here so my tests pass.
unless defined?(::ActiveModel)
@@ -27,40 +29,6 @@ def [](key)
end
end
-AuthlogicConnect.config = {
- :default => "twitter",
- :connect => {
- :twitter => {
- :key => "my_key",
- :secret => "my_secret",
- :headers => {
- "User-Agent" => "Safari",
- "MyApp-Version" => "1.2"
- },
- :api_version => 1
- },
- :facebook => {
- :key => "my_key",
- :secret => "my_secret"
- },
- :foursquare => {
- :key => "my_key",
- :secret => "my_secret"
- },
- :google => {
- :key => "my_key",
- :secret => "my_secret"
- },
- :yahoo => {
- :key => "my_key",
- :secret => "my_secret"
- },
- :vimeo => {
-
- }
- }
-}
-
# want to add a "method" property!
Authlogic::TestCase::MockRequest.class_eval do
def method
8 test/test_oauth.rb
View
@@ -106,11 +106,13 @@ class OauthTest < ActiveSupport::TestCase
@key_and_secret = {:key => "a_key", :secret => "a_secret", :token => "a_token"}
@user.auth_controller.params.merge!(:oauth_token => @key_and_secret[:token])
TwitterToken.stubs(:get_token_and_secret).returns(@key_and_secret)
+ Passport::Oauth::Token
+ OAuth::RequestToken
end
should "have TwitterToken" do
assert_equal TwitterToken, @user.token_class
- assert 1.0, @user.token_class.oauth_version
+ assert 1.0, @user.token_class.version
end
should "have oauth token" do
@@ -123,7 +125,7 @@ class OauthTest < ActiveSupport::TestCase
assert_equal true, @user.auth_params?
assert_equal true, @user.oauth_provider?
assert_equal false, @user.oauth_response.blank?
- #assert_equal false, @user.oauth_request?
+ assert_equal false, @user.oauth_request?
# need a better way of checking this!
end
@@ -172,7 +174,7 @@ class OauthTest < ActiveSupport::TestCase
end
should "be version 1 since it's twitter" do
- assert_equal 1.0, @token.oauth_version
+ assert_equal 1.0, @token.version
end
should "return a new consumer with each call" do
5 test/test_user.rb
View
@@ -19,11 +19,6 @@ class UserTest < Test::Unit::TestCase
assert_equal [], @user.access_tokens
end
- should "have 'active_token' method" do
- assert @user.respond_to?(:active_token)
- assert_equal nil, @user.active_token
- end
-
end