Update oauth models and controllers for OAuth 1.0a support
This commit is contained in:
Tom Hughes
parent
c08f9a2f03
commit
1c3a9ee62b
5 changed files with 67 additions and 8 deletions
|
|
@ -52,9 +52,17 @@ class OauthController < ApplicationController
|
|||
|
||||
if any_auth
|
||||
@token.authorize!(@user)
|
||||
redirect_url = params[:oauth_callback] || @token.client_application.callback_url
|
||||
if @token.oauth10?
|
||||
redirect_url = params[:oauth_callback] || @token.client_application.callback_url
|
||||
else
|
||||
redirect_url = @token.oob? ? @token.client_application.callback_url : @token.callback_url
|
||||
end
|
||||
if redirect_url
|
||||
redirect_to "#{redirect_url}?oauth_token=#{@token.token}"
|
||||
if @token.oauth10?
|
||||
redirect_to "#{redirect_url}?oauth_token=#{@token.token}"
|
||||
else
|
||||
redirect_to "#{redirect_url}?oauth_token=#{@token.token}&oauth_verifier=#{@token.verifier}"
|
||||
end
|
||||
else
|
||||
render :action => "authorize_success"
|
||||
end
|
||||
|
|
|
|||
|
|
@ -6,6 +6,21 @@ class ClientApplication < ActiveRecord::Base
|
|||
validates_uniqueness_of :key
|
||||
before_validation_on_create :generate_keys
|
||||
|
||||
validates_format_of :url, :with => /\Ahttp(s?):\/\/(\w+:{0,1}\w*@)?(\S+)(:[0-9]+)?(\/|\/([\w#!:.?+=&%@!\-\/]))?/i
|
||||
validates_format_of :support_url, :with => /\Ahttp(s?):\/\/(\w+:{0,1}\w*@)?(\S+)(:[0-9]+)?(\/|\/([\w#!:.?+=&%@!\-\/]))?/i, :allow_blank=>true
|
||||
validates_format_of :callback_url, :with => /\Ahttp(s?):\/\/(\w+:{0,1}\w*@)?(\S+)(:[0-9]+)?(\/|\/([\w#!:.?+=&%@!\-\/]))?/i, :allow_blank=>true
|
||||
|
||||
attr_accessor :token_callback_url
|
||||
|
||||
def self.find_token(token_key)
|
||||
token = OauthToken.find_by_token(token_key, :include => :client_application)
|
||||
if token && token.authorized?
|
||||
token
|
||||
else
|
||||
nil
|
||||
end
|
||||
end
|
||||
|
||||
def self.verify_request(request, options = {}, &block)
|
||||
begin
|
||||
signature = OAuth::Signature.build(request, options, &block)
|
||||
|
|
@ -35,7 +50,7 @@ class ClientApplication < ActiveRecord::Base
|
|||
end
|
||||
|
||||
def create_request_token
|
||||
RequestToken.create :client_application => self
|
||||
RequestToken.create :client_application => self, :callback_url => self.token_callback_url
|
||||
end
|
||||
|
||||
# the permissions that this client would like from the user
|
||||
|
|
@ -52,8 +67,8 @@ protected
|
|||
:allow_write_api, :allow_read_gpx, :allow_write_gpx ]
|
||||
|
||||
def generate_keys
|
||||
@oauth_client = oauth_server.generate_consumer_credentials
|
||||
self.key = @oauth_client.key
|
||||
self.secret = @oauth_client.secret
|
||||
oauth_client = oauth_server.generate_consumer_credentials
|
||||
self.key = oauth_client.key
|
||||
self.secret = oauth_client.secret
|
||||
end
|
||||
end
|
||||
|
|
|
|||
|
|
@ -1,17 +1,23 @@
|
|||
class RequestToken < OauthToken
|
||||
|
||||
attr_accessor :provided_oauth_verifier
|
||||
|
||||
def authorize!(user)
|
||||
return false if authorized?
|
||||
self.user = user
|
||||
self.authorized_at = Time.now
|
||||
self.verifier = OAuth::Helper.generate_key(16)[0,20] unless oauth10?
|
||||
self.save
|
||||
end
|
||||
|
||||
|
||||
def exchange!
|
||||
return false unless authorized?
|
||||
return false unless oauth10? || verifier == provided_oauth_verifier
|
||||
|
||||
RequestToken.transaction do
|
||||
params = { :user => user, :client_application => client_application }
|
||||
# copy the permissions from the authorised request token to the access token
|
||||
client_application.permissions.each { |p|
|
||||
client_application.permissions.each { |p|
|
||||
params[p] = read_attribute(p)
|
||||
}
|
||||
|
||||
|
|
@ -20,4 +26,21 @@ class RequestToken < OauthToken
|
|||
access_token
|
||||
end
|
||||
end
|
||||
|
||||
def to_query
|
||||
if oauth10?
|
||||
super
|
||||
else
|
||||
"#{super}&oauth_callback_confirmed=true"
|
||||
end
|
||||
end
|
||||
|
||||
def oob?
|
||||
self.callback_url=='oob'
|
||||
end
|
||||
|
||||
def oauth10?
|
||||
(defined? OAUTH_10_SUPPORT) && OAUTH_10_SUPPORT && self.callback_url.blank?
|
||||
end
|
||||
|
||||
end
|
||||
|
|
|
|||
|
|
@ -53,6 +53,8 @@ standard_settings: &standard_settings
|
|||
gpx_image_dir: "/home/osm/images"
|
||||
# Location of data for file columns
|
||||
#file_column_root: ""
|
||||
# Enable legacy OAuth 1.0 support
|
||||
oauth_10_support: true
|
||||
|
||||
development:
|
||||
<<: *standard_settings
|
||||
|
|
|
|||
11
db/migrate/20100910084426_add_callback_to_oauth_tokens.rb
Normal file
11
db/migrate/20100910084426_add_callback_to_oauth_tokens.rb
Normal file
|
|
@ -0,0 +1,11 @@
|
|||
class AddCallbackToOauthTokens < ActiveRecord::Migration
|
||||
def self.up
|
||||
add_column :oauth_tokens, :callback_url, :string
|
||||
add_column :oauth_tokens, :verifier, :string, :limit => 20
|
||||
end
|
||||
|
||||
def self.down
|
||||
remove_column :oauth_tokens, :callback_url
|
||||
remove_column :oauth_tokens, :verifier
|
||||
end
|
||||
end
|
||||
Loading…
Add table
Reference in a new issue