Adding initial version of the OAuth token authentication method. This adds basic OAuth support for registering apps, getting and revoking keys, etc... The tokens come with 6 separate permissions bits; read/write user preferences, write diaries, write API and read/write GPS traces. Needs more tests.
This commit is contained in:
Matt Amos
parent
2ad330d642
commit
b8f6dbd403
85 changed files with 3277 additions and 9 deletions
44
db/migrate/036_create_oauth_tables.rb
Normal file
44
db/migrate/036_create_oauth_tables.rb
Normal file
|
|
@ -0,0 +1,44 @@
|
|||
class CreateOauthTables < ActiveRecord::Migration
|
||||
def self.up
|
||||
create_table :client_applications do |t|
|
||||
t.string :name
|
||||
t.string :url
|
||||
t.string :support_url
|
||||
t.string :callback_url
|
||||
t.string :key, :limit => 50
|
||||
t.string :secret, :limit => 50
|
||||
t.integer :user_id
|
||||
|
||||
t.timestamps
|
||||
end
|
||||
add_index :client_applications, :key, :unique => true
|
||||
|
||||
create_table :oauth_tokens do |t|
|
||||
t.integer :user_id
|
||||
t.string :type, :limit => 20
|
||||
t.integer :client_application_id
|
||||
t.string :token, :limit => 50
|
||||
t.string :secret, :limit => 50
|
||||
t.timestamp :authorized_at, :invalidated_at
|
||||
t.timestamps
|
||||
end
|
||||
|
||||
add_index :oauth_tokens, :token, :unique => true
|
||||
|
||||
create_table :oauth_nonces do |t|
|
||||
t.string :nonce
|
||||
t.integer :timestamp
|
||||
|
||||
t.timestamps
|
||||
end
|
||||
add_index :oauth_nonces, [:nonce, :timestamp], :unique => true
|
||||
|
||||
end
|
||||
|
||||
def self.down
|
||||
drop_table :client_applications
|
||||
drop_table :oauth_tokens
|
||||
drop_table :oauth_nonces
|
||||
end
|
||||
|
||||
end
|
||||
23
db/migrate/037_add_fine_o_auth_permissions.rb
Normal file
23
db/migrate/037_add_fine_o_auth_permissions.rb
Normal file
|
|
@ -0,0 +1,23 @@
|
|||
class AddFineOAuthPermissions < ActiveRecord::Migration
|
||||
PERMISSIONS = [:allow_read_prefs, :allow_write_prefs, :allow_write_diary,
|
||||
:allow_write_api, :allow_read_gpx, :allow_write_gpx ]
|
||||
|
||||
def self.up
|
||||
PERMISSIONS.each do |perm|
|
||||
# add fine-grained permissions columns for OAuth tokens, allowing people to
|
||||
# give permissions to parts of the site only.
|
||||
add_column :oauth_tokens, perm, :boolean, :null => false, :default => false
|
||||
|
||||
# add fine-grained permissions columns for client applications, allowing the
|
||||
# client applications to request particular privileges.
|
||||
add_column :client_applications, perm, :boolean, :null => false, :default => false
|
||||
end
|
||||
end
|
||||
|
||||
def self.down
|
||||
PERMISSIONS.each do |perm|
|
||||
remove_column :oauth_tokens, perm
|
||||
remove_column :client_applications, perm
|
||||
end
|
||||
end
|
||||
end
|
||||
Loading…
Add table
Add a link
Reference in a new issue