Initial import, specs are passing but nothing is checked to be actual…

…ly working yet.

.gitignore

@@ -0,0 +1,17 @@
+*.gem
+*.rbc
+.bundle
+.config
+.yardoc
+Gemfile.lock
+InstalledFiles
+_yardoc
+coverage
+doc/
+lib/bundler/man
+pkg
+rdoc
+spec/reports
+test/tmp
+test/version_tmp
+tmp

.rspec

@@ -0,0 +1,2 @@
+--color
+--format=progress

Gemfile

@@ -0,0 +1,12 @@
+source 'http://rubygems.org'
+
+gem 'omniauth', :git => 'git://github.com/intridea/omniauth.git'
+gemspec
+
+group :development, :test do
+  gem 'guard'
+  gem 'guard-rspec'
+  gem 'guard-bundler'
+  gem 'growl'
+  gem 'rb-fsevent'
+end

Guardfile

@@ -0,0 +1,11 @@
+guard 'rspec', :version => 2 do
+  watch(%r{^spec/.+_spec\.rb$})
+  watch(%r{^lib/(.+)\.rb$})     { |m| "spec/#{m[1]}_spec.rb" }
+  watch('spec/spec_helper.rb')  { "spec" }
+end
+
+
+guard 'bundler' do
+  watch('Gemfile')
+  watch(/^.+\.gemspec/)
+end

Rakefile

@@ -0,0 +1,9 @@
+#!/usr/bin/env rake
+require "bundler/gem_tasks"
+require 'rspec/core/rake_task'
+
+desc 'Default: run specs.'
+task :default => :spec
+
+desc "Run specs"
+RSpec::Core::RakeTask.new

lib/omniauth-oauth.rb

@@ -0,0 +1,3 @@
+require "omniauth-oauth/version"
+require 'omniauth/strategies/oauth'
+

lib/omniauth-oauth/version.rb

@@ -0,0 +1,5 @@
+module OmniAuth
+  module OAuth
+    VERSION = "1.0.0.alpha"
+  end
+end

lib/omniauth/strategies/oauth.rb

@@ -0,0 +1,89 @@
+require 'multi_json'
+require 'oauth'
+require 'omniauth'
+
+module OmniAuth
+  module Strategies
+    class OAuth
+      include OmniAuth::Strategy
+
+      def initialize(app, name, consumer_key=nil, consumer_secret=nil, consumer_options={}, options={}, &block)
+        self.consumer_key = consumer_key
+        self.consumer_secret = consumer_secret
+        self.consumer_options = consumer_options
+        super
+        self.options[:open_timeout] ||= 30
+        self.options[:read_timeout] ||= 30
+        self.options[:authorize_params] = options[:authorize_params] || {}
+      end
+
+      def consumer
+        consumer = ::OAuth::Consumer.new(consumer_key, consumer_secret, consumer_options.merge(options[:client_options] || options[:consumer_options] || {}))
+        consumer.http.open_timeout = options[:open_timeout] if options[:open_timeout]
+        consumer.http.read_timeout = options[:read_timeout] if options[:read_timeout]
+        consumer
+      end
+
+      attr_reader :name
+      attr_accessor :consumer_key, :consumer_secret, :consumer_options
+
+      def request_phase
+        request_token = consumer.get_request_token(:oauth_callback => callback_url)
+        session['oauth'] ||= {}
+        session['oauth'][name.to_s] = {'callback_confirmed' => request_token.callback_confirmed?, 'request_token' => request_token.token, 'request_secret' => request_token.secret}
+
+        if request_token.callback_confirmed?
+          redirect request_token.authorize_url(options[:authorize_params])
+        else
+          redirect request_token.authorize_url(options[:authorize_params].merge(:oauth_callback => callback_url))
+        end
+
+      rescue ::Timeout::Error => e
+        fail!(:timeout, e)
+      rescue ::Net::HTTPFatalError, ::OpenSSL::SSL::SSLError => e
+        fail!(:service_unavailable, e)
+      end
+
+      def callback_phase
+        raise OmniAuth::NoSessionError.new("Session Expired") if session['oauth'].nil?
+
+        request_token = ::OAuth::RequestToken.new(consumer, session['oauth'][name.to_s].delete('request_token'), session['oauth'][name.to_s].delete('request_secret'))
+
+        opts = {}
+        if session['oauth'][name.to_s]['callback_confirmed']
+          opts[:oauth_verifier] = request['oauth_verifier']
+        else
+          opts[:oauth_callback] = callback_url
+        end
+
+        @access_token = request_token.get_access_token(opts)
+        super
+      rescue ::Timeout::Error => e
+        fail!(:timeout, e)
+      rescue ::Net::HTTPFatalError, ::OpenSSL::SSL::SSLError => e
+        fail!(:service_unavailable, e)
+      rescue ::OAuth::Unauthorized => e
+        fail!(:invalid_credentials, e)
+      rescue ::NoMethodError, ::MultiJson::DecodeError => e
+        fail!(:invalid_response, e)
+      rescue ::OmniAuth::NoSessionError => e
+        fail!(:session_expired, e)
+      end
+
+      def auth_hash
+        OmniAuth::Utils.deep_merge(super, {
+          'credentials' => {
+            'token' => @access_token.token,
+            'secret' => @access_token.secret
+          }, 'extra' => {
+            'access_token' => @access_token
+          }
+        })
+      end
+
+      def unique_id
+        nil
+      end
+    end
+  end
+end

omniauth-oauth.gemspec

@@ -0,0 +1,24 @@
+# -*- encoding: utf-8 -*-
+require File.expand_path('../lib/omniauth-oauth/version', __FILE__)
+
+Gem::Specification.new do |gem|
+  gem.authors       = ["Michael Bleigh"]
+  gem.email         = ["michael@intridea.com"]
+  gem.description   = %q{A generic OAuth (1.0/1.0a) strategy for OmniAuth.}
+  gem.summary       = %q{A generic OAuth (1.0/1.0a) strategy for OmniAuth.}
+  gem.homepage      = "https://github.com/intridea/omniauth-oauth"
+
+  gem.add_runtime_dependency     'omniauth', '~> 1.0.0.alpha'
+  gem.add_runtime_dependency     'oauth'
+  gem.add_development_dependency 'rspec', '~> 2.6'
+  gem.add_development_dependency 'webmock'
+  gem.add_development_dependency 'simplecov'
+  gem.add_development_dependency 'rack-test'
+
+  gem.executables   = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) }
+  gem.files         = `git ls-files`.split("\n")
+  gem.test_files    = `git ls-files -- {test,spec,features}/*`.split("\n")
+  gem.name          = "omniauth-oauth"
+  gem.require_paths = ["lib"]
+  gem.version       = OmniAuth::OAuth::VERSION
+end

spec/omniauth/strategies/oauth_spec.rb

@@ -0,0 +1,131 @@
+require 'spec_helper'
+
+describe "OmniAuth::Strategies::OAuth" do
+
+  def app
+    Rack::Builder.new {
+      use OmniAuth::Test::PhonySession
+      use OmniAuth::Builder do
+        provider :oauth, 'example.org', 'abc', 'def', :site => 'https://api.example.org'
+        provider :oauth, 'example.org_with_authorize_params', 'abc', 'def', { :site => 'https://api.example.org' }, :authorize_params => {:abc => 'def'}
+      end
+      run lambda { |env| [404, {'Content-Type' => 'text/plain'}, [env.key?('omniauth.auth').to_s]] }
+    }.to_app
+  end
+
+  def session
+    last_request.env['rack.session']
+  end
+
+  before do
+    stub_request(:post, 'https://api.example.org/oauth/request_token').
+       to_return(:body => "oauth_token=yourtoken&oauth_token_secret=yoursecret&oauth_callback_confirmed=true")
+  end
+
+  describe '/auth/{name}' do
+    context 'successful' do
+      before do
+        get '/auth/example.org'
+      end
+      it 'should redirect to authorize_url' do
+        last_response.should be_redirect
+        last_response.headers['Location'].should == 'https://api.example.org/oauth/authorize?oauth_token=yourtoken'
+      end
+
+      it 'should redirect to authorize_url with authorize_params when set' do
+        get '/auth/example.org_with_authorize_params'
+        last_response.should be_redirect
+        [
+          'https://api.example.org/oauth/authorize?abc=def&oauth_token=yourtoken',
+          'https://api.example.org/oauth/authorize?oauth_token=yourtoken&abc=def'
+        ].should be_include(last_response.headers['Location'])
+      end
+
+      it 'should set appropriate session variables' do
+        session['oauth'].should == {"example.org" => {'callback_confirmed' => true, 'request_token' => 'yourtoken', 'request_secret' => 'yoursecret'}}
+      end
+    end
+
+    context 'unsuccessful' do
+      before do
+        stub_request(:post, 'https://api.example.org/oauth/request_token').
+           to_raise(::Net::HTTPFatalError.new(%Q{502 "Bad Gateway"}, nil))
+        get '/auth/example.org'
+      end
+
+      it 'should call fail! with :service_unavailable' do
+        last_request.env['omniauth.error'].should be_kind_of(::Net::HTTPFatalError)
+        last_request.env['omniauth.error.type'] = :service_unavailable
+      end
+
+      context "SSL failure" do
+        before do
+          stub_request(:post, 'https://api.example.org/oauth/request_token').
+             to_raise(::OpenSSL::SSL::SSLError.new("SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed"))
+          get '/auth/example.org'
+        end
+
+        it 'should call fail! with :service_unavailable' do
+          last_request.env['omniauth.error'].should be_kind_of(::OpenSSL::SSL::SSLError)
+          last_request.env['omniauth.error.type'] = :service_unavailable
+        end
+      end
+    end
+  end
+
+    describe '/auth/{name}/callback' do
+      before do
+        stub_request(:post, 'https://api.example.org/oauth/access_token').
+         to_return(:body => "oauth_token=yourtoken&oauth_token_secret=yoursecret")
+      get '/auth/example.org/callback', {:oauth_verifier => 'dudeman'}, {'rack.session' => {'oauth' => {"example.org" => {'callback_confirmed' => true, 'request_token' => 'yourtoken', 'request_secret' => 'yoursecret'}}}}
+    end
+
+    it 'should exchange the request token for an access token' do
+      last_request.env['omniauth.auth']['provider'].should == 'example.org'
+      last_request.env['omniauth.auth']['extra']['access_token'].should be_kind_of(OAuth::AccessToken)
+    end
+
+    it 'should call through to the master app' do
+      last_response.body.should == 'true'
+    end
+
+    context "bad gateway (or any 5xx) for access_token" do
+      before do
+        stub_request(:post, 'https://api.example.org/oauth/access_token').
+           to_raise(::Net::HTTPFatalError.new(%Q{502 "Bad Gateway"}, nil))
+        get '/auth/example.org/callback', {:oauth_verifier => 'dudeman'}, {'rack.session' => {'oauth' => {"example.org" => {'callback_confirmed' => true, 'request_token' => 'yourtoken', 'request_secret' => 'yoursecret'}}}}
+      end
+
+      it 'should call fail! with :service_unavailable' do
+        last_request.env['omniauth.error'].should be_kind_of(::Net::HTTPFatalError)
+        last_request.env['omniauth.error.type'] = :service_unavailable
+      end
+    end
+
+    context "SSL failure" do
+      before do
+        stub_request(:post, 'https://api.example.org/oauth/access_token').
+           to_raise(::OpenSSL::SSL::SSLError.new("SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed"))
+        get '/auth/example.org/callback', {:oauth_verifier => 'dudeman'}, {'rack.session' => {'oauth' => {"example.org" => {'callback_confirmed' => true, 'request_token' => 'yourtoken', 'request_secret' => 'yoursecret'}}}}
+      end
+
+      it 'should call fail! with :service_unavailable' do
+        last_request.env['omniauth.error'].should be_kind_of(::OpenSSL::SSL::SSLError)
+        last_request.env['omniauth.error.type'] = :service_unavailable
+      end
+    end
+  end
+
+  describe '/auth/{name}/callback with expired session' do
+    before do
+      stub_request(:post, 'https://api.example.org/oauth/access_token').
+         to_return(:body => "oauth_token=yourtoken&oauth_token_secret=yoursecret")
+      get '/auth/example.org/callback', {:oauth_verifier => 'dudeman'}, {'rack.session' => {}}
+    end
+
+    it 'should call fail! with :session_expired' do
+      last_request.env['omniauth.error'].should be_kind_of(::OmniAuth::NoSessionError)
+      last_request.env['omniauth.error.type'] = :session_expired
+    end
+  end
+end

spec/spec_helper.rb

@@ -0,0 +1,16 @@
+$:.unshift File.expand_path('..', __FILE__)
+$:.unshift File.expand_path('../../lib', __FILE__)
+require 'simplecov'
+SimpleCov.start
+require 'rspec'
+require 'rack/test'
+require 'webmock/rspec'
+require 'omniauth'
+require 'omniauth-oauth'
+
+RSpec.configure do |config|
+  config.include WebMock::API
+  config.include Rack::Test::Methods
+  config.extend  OmniAuth::Test::StrategyMacros, :type => :strategy
+end
+