Permalink
Browse files

first stab at moving the oauth signature verification part to a rack

filter
  • Loading branch information...
1 parent 04fc31d commit e0bda1892520b7af7fe8b254bf9fabf87f5dad2d @pelle committed Dec 6, 2010
Showing with 111 additions and 31 deletions.
  1. +18 −1 lib/oauth-plugin.rb
  2. +49 −23 lib/oauth/controllers/application_controller_methods.rb
  3. +39 −0 lib/oauth/rack/oauth_filter.rb
  4. +5 −7 rails/init.rb
View
19 lib/oauth-plugin.rb
@@ -1 +1,18 @@
-# leaving this empty
+require 'oauth'
+require 'oauth/signature/hmac/sha1'
+require 'oauth/rack/oauth_filter'
+require 'oauth/request_proxy/rack_request'
+require 'oauth/server'
+require 'oauth/controllers/application_controller_methods'
+
+
+module OAuth
+ module Plugin
+ class OAuthRailtie < Rails::Railtie
+ initializer "oauth-plugin.configure_rails_initialization" do |app|
+ app.middleware.insert_before ActionDispatch::Cookies, OAuth::Rack::OAuthFilter
+ ActionController::Base.send :include, OAuth::Controllers::ApplicationControllerMethods
+ end
+ end
+ end
+end
View
72 lib/oauth/controllers/application_controller_methods.rb
@@ -44,10 +44,19 @@ def initialize(controller,strategies)
def params
controller.send :params
end
+
def request
controller.send :request
end
+ def env
+ request.env
+ end
+
+ def using_rack_filter?
+ request.env["oauth_plugin"]
+ end
+
def allow?
if @strategies.any? do |strategy|
@strategy = strategy.to_sym
@@ -77,22 +86,32 @@ def oauth20_token
end
def oauth10_token
- begin
- if ClientApplication.verify_request(request) do |request_proxy|
- @oauth_token = ClientApplication.find_token(request_proxy.token)
- if @oauth_token.respond_to?(:provided_oauth_verifier=)
- @oauth_token.provided_oauth_verifier=request_proxy.oauth_verifier
- end
- # return the token secret and the consumer secret
- [(@oauth_token.nil? ? nil : @oauth_token.secret), (@oauth_token.client_application.nil? ? nil : @oauth_token.client_application.secret)]
- end
+ if using_rack_filter?
+ if env["oauth.token"]
+ @oauth_token = env["oauth.token"]
controller.send :current_token=, @oauth_token
true
else
false
end
- rescue
- false
+ else
+ begin
+ if ClientApplication.verify_request(request) do |request_proxy|
+ @oauth_token = ClientApplication.find_token(request_proxy.token)
+ if @oauth_token.respond_to?(:provided_oauth_verifier=)
+ @oauth_token.provided_oauth_verifier=request_proxy.oauth_verifier
+ end
+ # return the token secret and the consumer secret
+ [(@oauth_token.nil? ? nil : @oauth_token.secret), (@oauth_token.client_application.nil? ? nil : @oauth_token.client_application.secret)]
+ end
+ controller.send :current_token=, @oauth_token
+ true
+ else
+ false
+ end
+ rescue
+ false
+ end
end
end
@@ -109,23 +128,30 @@ def token
end
def two_legged
- begin
- if ClientApplication.verify_request(request) do |request_proxy|
- @client_application = ClientApplication.find_by_key(request_proxy.consumer_key)
+ if using_rack_filter?
+ if env["oauth.client_application"]
+ @client_application = env["oauth.client_application"]
+ controller.send :current_client_application=, @client_application
+ end
+ else
+ begin
+ if ClientApplication.verify_request(request) do |request_proxy|
+ @client_application = ClientApplication.find_by_key(request_proxy.consumer_key)
- # Store this temporarily in client_application object for use in request token generation
- @client_application.token_callback_url=request_proxy.oauth_callback if request_proxy.oauth_callback
+ # Store this temporarily in client_application object for use in request token generation
+ @client_application.token_callback_url=request_proxy.oauth_callback if request_proxy.oauth_callback
- # return the token secret and the consumer secret
- [nil, @client_application.secret]
+ # return the token secret and the consumer secret
+ [nil, @client_application.secret]
+ end
+ controller.send :current_client_application=, @client_application
+ true
+ else
+ false
end
- controller.send :current_client_application=, @client_application
- true
- else
+ rescue
false
end
- rescue
- false
end
end
View
39 lib/oauth/rack/oauth_filter.rb
@@ -0,0 +1,39 @@
+require "rack"
+require "rack/request"
+require "oauth/signature"
+module OAuth
+ module Rack
+ class OAuthFilter
+ def initialize(app)
+ @app = app
+ end
+
+ def call(env)
+ request = ::Rack::Request.new(env)
+ env["oauth_plugin"]=true
+ if ClientApplication.verify_request(request) do |request_proxy|
+ client_application = ClientApplication.find_by_key(request_proxy.consumer_key)
+ env["oauth.client_application_candidate"] = client_application
+ # Store this temporarily in client_application object for use in request token generation
+ client_application.token_callback_url=request_proxy.oauth_callback if request_proxy.oauth_callback
+
+ oauth_token = client_application.tokens.first(:conditions=>{:token => request_proxy.token})
+ if oauth_token.respond_to?(:provided_oauth_verifier=)
+ oauth_token.provided_oauth_verifier=request_proxy.oauth_verifier
+ end
+ env["oauth.token_candidate"] = oauth_token
+ # return the token secret and the consumer secret
+ [(oauth_token.nil? ? nil : oauth_token.secret), (client_application.nil? ? nil : client_application.secret)]
+ end
+ env["oauth.token"] = env["oauth.token_candidate"]
+ env["oauth.client_application"] = env["oauth.client_application_candidate"]
+# Rails.logger.info "oauth.token = #{env["oauth.token"].inspect}"
+ end
+ env["oauth.client_application_candidate"] = nil
+ env["oauth.token_candidate"] = nil
+ response = @app.call(env)
+ end
+ end
+
+ end
+end
View
12 rails/init.rb
@@ -1,11 +1,9 @@
require 'oauth'
require 'oauth/signature/hmac/sha1'
-if Rails.version =~ /^3\./
- require 'oauth/request_proxy/rack_request'
-else
- require 'oauth/request_proxy/action_controller_request'
-end
+require 'oauth/rack/oauth_filter'
require 'oauth/server'
require 'oauth/controllers/application_controller_methods'
-
-ActionController::Base.send :include, OAuth::Controllers::ApplicationControllerMethods
+if Rails.version =~ /^2\./
+ require 'oauth/request_proxy/action_controller_request'
+ ActionController::Base.send :include, OAuth::Controllers::ApplicationControllerMethods
+end

0 comments on commit e0bda18

Please sign in to comment.