Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Enable OAuth2 #160

Closed
wants to merge 1 commit into from

Conversation

Projects
None yet
7 participants
@gravityrail
Copy link

commented Apr 9, 2012

I know this commit has a terrible name, I edited it directly in GitHub and I'm not sure how to do "amend"s here. Nevertheless, since we have enabled OAuth2 on our site we decided to suggest that you enable it upstream - it's working well for us.

Thanks,
Dan

@JeanMertz

This comment has been minimized.

Copy link

commented Apr 21, 2012

This is just what I was looking for.

How would you specify the different paths like /authorize or /token? Do you perhaps have an example of using Grape with Oauth2?

@dblock

This comment has been minimized.

Copy link
Member

commented Apr 25, 2012

I would like an update to the documentation before we merge this. Something about enabling various authentications, including OAuth2. Possible?

@gravityrail

This comment has been minimized.

Copy link
Author

commented May 3, 2012

Sure, I have some real example code but it might take me a while to clean it up.

Something like:

  • inside the resource:

auth(:oauth2, :token_class => 'AccessToken')

  • then a class like this:

class AccessToken

def self.verify(token)
if token.nil?
return false
else
return AccessToken.find_by_token(token)
end
end

trivial example, everyone has permission for /api/people

def permission_for(env)
path = env['PATH_INFO']
#has the format "/api/people"
nothing, api, domain = path.split('/')
return [:people].include? domain.to_sym # tri
end

end

@jalcine

This comment has been minimized.

Copy link

commented Jul 26, 2012

What's the status here? No new commits, I see.

@dblock

This comment has been minimized.

Copy link
Member

commented Jul 26, 2012

It needs a README update and possibly tests.

@lgs

This comment has been minimized.

Copy link

commented Aug 14, 2012

+1, this is really missing in grape. Any news for this integration ?

@dblock

This comment has been minimized.

Copy link
Member

commented Sep 6, 2012

This has been open for a long time without any action. So I am going to close it. I still would like to see a nice writeup of OAuth2 integration w/ Grape, one way or another.

@dblock dblock closed this Sep 6, 2012

@chitsaou

This comment has been minimized.

Copy link

commented Nov 4, 2013

Hi @dblock, I've integrated Grape and Doorkeeper (OAuth 2 Provider). Here is how I did: OAuth 2.0 Tutorial: Protect Grape API with Doorkeeper, and also a step-by-step sample repository chitsaou/oauth2-api-sample.

Hope it can help you.

BTW may I put the link in Wiki?

@dblock

This comment has been minimized.

Copy link
Member

commented Nov 4, 2013

Done, thanks for this!

@jalcine

This comment has been minimized.

Copy link

commented Nov 4, 2013

🎃 yuss

@antek-drzewiecki

This comment has been minimized.

Copy link

commented Sep 19, 2014

@chitsaou , @dblock , i've authored a gem named WineBouncer to protect your precious Grapes from unauthorised requests. It can offer a more up to date protection of your Grape API with Doorkeeper. It also offers grape-swagger syntax like authorization (compliant with swagger spec) so you can use Oauth2 in your swagger documentation without modifications. I was hoping what you guys think of this implementation and maybe give some feedback.

@dblock

This comment has been minimized.

Copy link
Member

commented Sep 19, 2014

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.