Permalink
Browse files

Moving everything into a sub directory for easier installation.

  • Loading branch information...
0 parents commit 4edb8be21ae57271c9b6b63f764b6dc8006ba392 @pelle committed Nov 27, 2007
Showing with 1,514 additions and 0 deletions.
  1. +35 −0 CHANGELOG
  2. +20 −0 MIT-LICENSE
  3. +47 −0 README
  4. +22 −0 Rakefile
  5. +19 −0 generators/oauth_provider/USAGE
  6. +89 −0 generators/oauth_provider/oauth_provider_generator.rb
  7. +16 −0 generators/oauth_provider/templates/_form.html.erb
  8. +10 −0 generators/oauth_provider/templates/access_token.rb
  9. +11 −0 generators/oauth_provider/templates/authorize.html.erb
  10. +1 −0 generators/oauth_provider/templates/authorize_failure.html.erb
  11. +1 −0 generators/oauth_provider/templates/authorize_success.html.erb
  12. +60 −0 generators/oauth_provider/templates/client_application.rb
  13. +202 −0 generators/oauth_provider/templates/client_application_spec.rb
  14. +23 −0 generators/oauth_provider/templates/client_applications.yml
  15. +107 −0 generators/oauth_provider/templates/controller.rb
  16. +518 −0 generators/oauth_provider/templates/controller_spec.rb
  17. +2 −0 generators/oauth_provider/templates/helper.rb
  18. +40 −0 generators/oauth_provider/templates/index.html.erb
  19. +44 −0 generators/oauth_provider/templates/migration.rb
  20. +5 −0 generators/oauth_provider/templates/new.html.erb
  21. +13 −0 generators/oauth_provider/templates/oauth_nonce.rb
  22. +24 −0 generators/oauth_provider/templates/oauth_nonce_spec.rb
  23. +13 −0 generators/oauth_provider/templates/oauth_nonces.yml
  24. +32 −0 generators/oauth_provider/templates/oauth_token.rb
  25. +55 −0 generators/oauth_provider/templates/oauth_token_spec.rb
  26. +17 −0 generators/oauth_provider/templates/oauth_tokens.yml
  27. +18 −0 generators/oauth_provider/templates/request_token.rb
  28. +20 −0 generators/oauth_provider/templates/show.html.erb
  29. +3 −0 init.rb
  30. +1 −0 install.rb
  31. +41 −0 lib/oauth/rails/controller_methods.rb
  32. +4 −0 tasks/oauth_tasks.rake
  33. +1 −0 uninstall.rb
@@ -0,0 +1,35 @@
+revision 23
+
+- removed all core libraries from plugin. They are now in the oauth gem.
+
+# oauth-plugin-pre-gem Branch created
+
+revision 18
+- added a generator for creation oauth_providers
+
+revision 12
+- the bug with post and put has now been fixed.
+- better documentation
+
+revision 9
+- added a test helper. Include OAuth::TestHelper in your tests or specs to mock incoming requests
+
+revision: 8
+- moved tests into oauth folder and renamed them to make them work with autotest by default
+- Refactored the request methods to make them more flexible and ready for integrating with ActiveResource
+- There are a few tests that fail. All of them to do with put and post requests with payload data. I decided to commit anyway, to get the new api out.
+
+revision: 7
+
+- Done a lot of work on the Server side of things. The Server class has changed a lot and is likely to be incompatible with previous versions
+
+revision: 6
+
+- Throws InsecureSignatureMethod exception if attempting to use straight sha1 or md5.
+- Disables plaintext signature over http (throws an InsecureSignatureMethod)
+- Better testing of signature methods - the prior tests were seriously flawed.
+
+revision: 5
+
+- Removed support for sha1 and md5
+- Implemented draft 6 support of OAuth removing secrets from base string
@@ -0,0 +1,20 @@
+Copyright (c) 2007 [name of plugin creator]
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
47 README
@@ -0,0 +1,47 @@
+= OAuth Plugin
+
+This is the beginning of a plugin for implementing both OAuth clients and servers in Rails applications.
+
+See the OAuth specs at:
+
+http://oauth.googlecode.com/svn/spec/branches/1.0/drafts/7/spec.html
+
+and the OAuth site at:
+
+http://oauth.net
+
+== Requirements
+
+You need to install the oauth gem
+
+ sudo gem install oauth
+
+This is a change from earlier versions that had the code within the plugin.
+
+The Generator currently creates code (in particular views) that only work in Rails 2.
+
+It should not be difficult to manually modify the code to work on Rails 1.2.x
+
+I think the only real issue is that the views have .html.erb extensions. So these could theoretically just be renamed to .rhtml.
+
+Please let me know if this works and I will see if I can make the generator conditionally create .rhtml for pre 2.0 versions of RAIL.
+
+== OAuth Provider generator
+
+While it isn't very flexible at the moment there is an oauth_provider generator which you can use like this:
+
+./script/generate oauth_provider
+
+This generates an oauth_controller as well as the required models.
+
+It requires an authentication framework such as acts_as_authenticated, restful_authentication or restful_open_id_authentication. It also requires Rails 2.0.
+
+== More
+
+The Google Code project is http://code.google.com/p/oauth-plugin/
+
+The OAuth Ruby Gem home page is http://oauth.rubyforge.org
+
+Please help documentation, patches and testing.
+
+Copyright (c) 2007 Pelle Braendgaard, released under the MIT license
@@ -0,0 +1,22 @@
+require 'rake'
+require 'rake/testtask'
+require 'rake/rdoctask'
+
+desc 'Default: run unit tests.'
+task :default => :test
+
+desc 'Test the oauth plugin.'
+Rake::TestTask.new(:test) do |t|
+ t.libs << 'lib'
+ t.pattern = 'test/**/*_test.rb'
+ t.verbose = true
+end
+
+desc 'Generate documentation for the oauth plugin.'
+Rake::RDocTask.new(:rdoc) do |rdoc|
+ rdoc.rdoc_dir = 'rdoc'
+ rdoc.title = 'Oauth'
+ rdoc.options << '--line-numbers' << '--inline-source'
+ rdoc.rdoc_files.include('README')
+ rdoc.rdoc_files.include('lib/**/*.rb')
+end
@@ -0,0 +1,19 @@
+./script/generate oauth_provider
+
+This creates an OAuth Provider controller as well as the requisite models.
+
+It requires an authentication framework such as acts_as_authenticated, restful_authentication or restful_open_id_authentication.
+
+You need to add the following routes to your config/routes.rb file:
+
+map.oauth '/oauth',:controller=>'oauth',:action=>'index'
+map.authorize '/oauth/authorize',:controller=>'oauth',:action=>'authorize'
+map.request_token '/oauth/request_token',:controller=>'oauth',:action=>'request_token'
+map.access_token '/oauth/access_token',:controller=>'oauth',:action=>'access_token'
+map.test_request '/oauth/test_request',:controller=>'oauth',:action=>'test_request'
+
+include the following in your user.rb
+
+has_many :client_applications
+has_many :tokens, :class_name=>"OauthToken",:order=>"authorized_at desc",:include=>[:client_application]
+
@@ -0,0 +1,89 @@
+class OauthProviderGenerator < Rails::Generator::Base
+ default_options :skip_migration => false
+ attr_reader :class_path,
+ :controller_name,
+ :controller_class_path,
+ :controller_file_path,
+ :controller_class_name,
+ :controller_singular_name,
+ :controller_plural_name
+ alias_method :controller_file_name, :controller_singular_name
+
+ def initialize(runtime_args, runtime_options = {})
+ super
+
+ @controller_name = args.shift || 'oauth'
+ @controller_singular_name = 'oauth'
+ @controller_plural_name = 'oauth'
+ @controller_file_name = 'oauth'
+ @controller_class_name="Oauth"
+ @class_path=''
+ @controller_class_path=''
+ end
+
+ def manifest
+ record do |m|
+
+ # Check for class naming collisions.
+ # Check for class naming collisions.
+ m.class_collisions controller_class_path, "#{controller_class_name}Controller", # Oauth Controller
+ "#{controller_class_name}Helper"
+ m.class_collisions class_path, "ClientApplication","OauthNonce","RequestToken","AccessToken","OauthToken"
+
+ # Controller, helper, views, and test directories.
+ m.directory File.join('app/models', class_path)
+ m.directory File.join('app/controllers', controller_class_path)
+ m.directory File.join('app/helpers', controller_class_path)
+ m.directory File.join('app/views', controller_class_path, controller_file_name)
+ m.directory File.join('spec')
+ m.directory File.join('spec/models')
+ m.directory File.join('spec/fixtures', class_path)
+ m.directory File.join('spec/controllers', controller_class_path)
+
+ m.template 'client_application.rb',File.join('app/models',"client_application.rb")
+ m.template 'oauth_token.rb', File.join('app/models',"oauth_token.rb")
+ m.template 'request_token.rb', File.join('app/models',"request_token.rb")
+ m.template 'access_token.rb', File.join('app/models',"access_token.rb")
+ m.template 'oauth_nonce.rb', File.join('app/models',"oauth_nonce.rb")
+
+ m.template 'client_application_spec.rb',File.join('spec/models',"client_application_spec.rb")
+ m.template 'oauth_token_spec.rb', File.join('spec/models',"oauth_token_spec.rb")
+ m.template 'oauth_nonce_spec.rb', File.join('spec/models',"oauth_nonce_spec.rb")
+
+
+ m.template 'client_applications.yml',File.join('spec/fixtures',"client_applications.yml")
+ m.template 'oauth_tokens.yml', File.join('spec/fixtures',"oauth_tokens.yml")
+ m.template 'oauth_nonces.yml', File.join('spec/fixtures',"oauth_nonces.yml")
+
+ m.template 'controller.rb',File.join('app/controllers',controller_class_path,"#{controller_file_name}_controller.rb")
+ m.template 'helper.rb',File.join('app/helpers',controller_class_path,"#{controller_file_name}_helper.rb")
+ m.template 'controller_spec.rb',File.join('spec/controllers',controller_class_path,"#{controller_file_name}_controller_spec.rb")
+
+ m.template 'new.html.erb', File.join('app/views', controller_class_path, controller_file_name, "new.html.erb")
+ m.template 'index.html.erb', File.join('app/views', controller_class_path, controller_file_name, "index.html.erb")
+ m.template 'show.html.erb', File.join('app/views', controller_class_path, controller_file_name, "show.html.erb")
+ m.template 'authorize.html.erb', File.join('app/views', controller_class_path, controller_file_name, "authorize.html.erb")
+ m.template 'authorize_success.html.erb', File.join('app/views', controller_class_path, controller_file_name, "authorize_success.html.erb")
+ m.template 'authorize_failure.html.erb', File.join('app/views', controller_class_path, controller_file_name, "authorize_failure.html.erb")
+ m.template '_form.html.erb', File.join('app/views', controller_class_path, controller_file_name, "_form.html.erb")
+
+ unless options[:skip_migration]
+ m.migration_template 'migration.rb', 'db/migrate', :assigns => {
+ :migration_name => "CreateOauthTables"
+ }, :migration_file_name => "create_oauth_tables"
+ end
+ end
+ end
+
+ protected
+ def banner
+ "Usage: #{$0} #{spec.name}"
+ end
+
+ def add_options!(opt)
+ opt.separator ''
+ opt.separator 'Options:'
+ opt.on("--skip-migration",
+ "Don't generate a migration file") { |v| options[:skip_migration] = v }
+ end
+end
@@ -0,0 +1,16 @@
+<div class="field">
+ <label for="client_application_name">Name*</label><br/>
+ <%%=f.text_field :name%>
+</div>
+<div class="field">
+ <label for="client_application_url">Main Application URL*</label><br/>
+ <%%=f.text_field :url%>
+</div>
+<div class="field">
+ <label for="client_application_callback_url">Callback URL*</label><br/>
+ <%%=f.text_field :callback_url%>
+</div>
+<div class="field">
+ <label for="client_application_support_url">Support URL</label><br/>
+ <%%=f.text_field :support_url%>
+</div>
@@ -0,0 +1,10 @@
+class AccessToken<OauthToken
+ validates_presence_of :user
+ before_create :set_authorized_at
+
+ protected
+
+ def set_authorized_at
+ self.authorized_at=Time.now
+ end
+end
@@ -0,0 +1,11 @@
+<h1>Authorize access to your account</h1>
+<p>Would you like to authorize <%%=link_to @token.client_application.name,@token.client_application.url%> (<%%=link_to @token.client_application.url,@token.client_application.url%>) to access your account?</p>
+<%%form_tag authorize_url do %>
+<%%=hidden_field_tag "oauth_token",@token.token%>
+<p>
+ <%%=check_box_tag 'authorize'%> authorize access
+</p>
+<p>
+ <%%=submit_tag%>
+</p>
+<%%end%>
@@ -0,0 +1 @@
+<h1>You have disallowed this request</h1>
@@ -0,0 +1 @@
+<h1>You have allowed this request</h1>
@@ -0,0 +1,60 @@
+require 'oauth'
+class ClientApplication < ActiveRecord::Base
+ belongs_to :user
+ has_many :tokens,:class_name=>"OauthToken"
+ validates_presence_of :name,:url,:key,:secret
+ validates_uniqueness_of :key
+ before_validation_on_create :generate_keys
+
+ def self.find_for_request(request)
+ consumer_key=OAuth::Request.extract_consumer_key(request)
+ find_by_key consumer_key if consumer_key
+ end
+
+ def self.authorize_request?(request)
+ oauth_request=OAuth::Request.incoming(request)
+ return false unless OauthNonce.remember(oauth_request.nonce,oauth_request.timestamp)
+ return false unless oauth_request.token
+ token=AccessToken.find_by_token oauth_request.token
+ return false unless token
+ return false unless token.authorized?
+ return false unless oauth_request.verify?(token.client_application.secret,token.secret)
+ token
+ end
+
+ def oauth_server
+ @oauth_server||=OAuth::Server.new "http://your.site"
+ end
+
+ def credentials
+ @oauth_client||=OAuth::ConsumerCredentials.new key,secret
+ end
+
+ def create_request_token(request)
+ oauth_request=OAuth::Request.incoming(request)
+ return false unless OauthNonce.remember(oauth_request.nonce,oauth_request.timestamp)
+ return false if oauth_request.token
+ return false unless oauth_request.verify?(secret)
+ RequestToken.create :client_application=>self
+ end
+
+ def exchange_for_access_token(request)
+ oauth_request=OAuth::Request.incoming(request)
+ return false unless OauthNonce.remember(oauth_request.nonce,oauth_request.timestamp)
+ return false unless oauth_request.token
+ token=tokens.find_by_token oauth_request.token
+ return false unless token
+ return false unless token.is_a?(RequestToken)
+ return false unless token.authorized?
+ return false unless oauth_request.verify?(secret,token.secret)
+ token.exchange!
+ end
+
+ protected
+
+ def generate_keys
+ @oauth_client=oauth_server.generate_consumer_credentials
+ self.key=@oauth_client.key
+ self.secret=@oauth_client.secret
+ end
+end
Oops, something went wrong.

0 comments on commit 4edb8be

Please sign in to comment.