├── .gitignore
├── .travis.yml
├── Gemfile
├── LICENSE
├── README.md
├── Rakefile
├── examples
├── client
│ ├── Gemfile
│ ├── Gemfile.lock
│ ├── README
│ ├── app.rb
│ ├── config.ru
│ └── views
│ │ ├── home.haml
│ │ └── response.haml
└── rails3-example
│ ├── .gitignore
│ ├── Gemfile
│ ├── Gemfile.lock
│ ├── README
│ ├── Rakefile
│ ├── app
│ ├── controllers
│ │ ├── account_controller.rb
│ │ ├── application_controller.rb
│ │ ├── authorization_controller.rb
│ │ ├── home_controller.rb
│ │ └── session_controller.rb
│ ├── helpers
│ │ └── application_helper.rb
│ ├── models
│ │ └── account.rb
│ └── views
│ │ ├── authorization
│ │ └── new.html.erb
│ │ ├── home
│ │ └── show.html.erb
│ │ ├── layouts
│ │ └── application.html.erb
│ │ └── session
│ │ └── new.html.erb
│ ├── config.ru
│ ├── config
│ ├── application.rb
│ ├── boot.rb
│ ├── database.yml
│ ├── environment.rb
│ ├── environments
│ │ ├── development.rb
│ │ ├── production.rb
│ │ └── test.rb
│ ├── initializers
│ │ ├── backtrace_silencers.rb
│ │ ├── inflections.rb
│ │ ├── mime_types.rb
│ │ ├── secret_token.rb
│ │ └── session_store.rb
│ ├── locales
│ │ └── en.yml
│ └── routes.rb
│ ├── db
│ ├── migrate
│ │ ├── 20110508151935_add_account_table.rb
│ │ └── 20110508151948_add_oauth2_tables.rb
│ ├── schema.rb
│ └── seeds.rb
│ ├── doc
│ └── README_FOR_APP
│ ├── lib
│ └── tasks
│ │ └── .gitkeep
│ ├── public
│ ├── 404.html
│ ├── 422.html
│ ├── 500.html
│ ├── favicon.ico
│ ├── images
│ │ └── rails.png
│ ├── robots.txt
│ └── stylesheets
│ │ └── .gitkeep
│ └── script
│ └── rails
├── lib
├── oauth2-provider.rb
└── oauth2
│ ├── provider.rb
│ └── provider
│ ├── models.rb
│ ├── models
│ ├── access_token.rb
│ ├── active_record.rb
│ ├── active_record
│ │ ├── access_token.rb
│ │ ├── authorization.rb
│ │ ├── authorization_code.rb
│ │ └── client.rb
│ ├── authorization.rb
│ ├── authorization_code.rb
│ ├── client.rb
│ ├── mongoid.rb
│ └── mongoid
│ │ ├── access_token.rb
│ │ ├── authorization.rb
│ │ ├── authorization_code.rb
│ │ └── client.rb
│ ├── rack.rb
│ ├── rack
│ ├── access_token_handler.rb
│ ├── authorization_code_request.rb
│ ├── authorization_codes_support.rb
│ ├── middleware.rb
│ ├── resource_request.rb
│ └── responses.rb
│ ├── rails.rb
│ ├── rails
│ └── controller_authentication.rb
│ ├── random.rb
│ └── version.rb
├── oauth2-provider.gemspec
└── spec
├── models
├── access_token_spec.rb
├── authorization_code_spec.rb
├── authorization_spec.rb
├── client_spec.rb
└── random_token_spec.rb
├── requests
├── access_tokens_controller_spec.rb
├── authentication_spec.rb
├── authorization_code_request_spec.rb
└── middleware_spec.rb
├── schema.rb
├── set_backend_env_to_mongoid.rb
├── spec_helper.rb
└── support
├── activerecord_backend.rb
├── factories.rb
├── macros.rb
├── mongoid_backend.rb
└── rack.rb
/.gitignore:
--------------------------------------------------------------------------------
1 | /.bundle
2 | /log
3 | /pkg
4 | /spec/*.db
5 | /*.db
6 | /doc
7 | /Gemfile.lock
8 | .idea
9 |
--------------------------------------------------------------------------------
/.travis.yml:
--------------------------------------------------------------------------------
1 | language: ruby
2 | rvm:
3 | - 1.8.7
4 | - 1.9.3
--------------------------------------------------------------------------------
/Gemfile:
--------------------------------------------------------------------------------
1 | source :rubygems
2 |
3 | gemspec
--------------------------------------------------------------------------------
/LICENSE:
--------------------------------------------------------------------------------
1 | Copyright (C) 2011 by Tom Ward
2 |
3 | Permission is hereby granted, free of charge, to any person obtaining a copy
4 | of this software and associated documentation files (the "Software"), to deal
5 | in the Software without restriction, including without limitation the rights
6 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
7 | copies of the Software, and to permit persons to whom the Software is
8 | furnished to do so, subject to the following conditions:
9 |
10 | The above copyright notice and this permission notice shall be included in
11 | all copies or substantial portions of the Software.
12 |
13 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
14 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
15 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
16 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
17 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
18 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
19 | THE SOFTWARE.
--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
1 | **DEPRECATION NOTICE**: This project is no longer supported. [Doorkeeper](https://github.com/doorkeeper-gem/doorkeeper) or [`Songkick::Oauth2::Provider`](https://github.com/songkick/oauth2-provider) might offer the functionality you're looking for. We're keeping this repository around in case anyone is still relying on it, but note that there are a number of security vulnerabilities in the gem's dependencies as things stand, so use it at your own risk. If anyone wants to take over ownership of the repo, please [get in touch](http://gofreerange.com/contact).
2 |
3 | oauth2-provider
4 | ==
5 |
6 | Simple OAuth2 provider code extracted from [hashblue.com](https://hashblue.com/)
7 |
8 | Details
9 | --
10 |
11 | * Implements [draft 11](http://tools.ietf.org/html/draft-ietf-oauth-v2-11) of the oauth2 spec
12 | * Handles the authorization_code, password, and client_credential grant types
13 | * Supports ActiveRecord and Mongoid
14 |
15 | Usage Instructions
16 | --
17 |
18 | In your Gemfile:
19 |
20 | gem 'oauth2-provider', :git => 'git@github.com:freerange/oauth2-provider.git'
21 |
22 | If you're using ActiveRecord, grab the schema out of `spec/schema.rb`, and run the migration.
23 |
24 | To dish out authorization codes you will need to implement something like this:
25 |
26 | class AuthorizationController < ApplicationController
27 | include OAuth2::Provider::Rack::AuthorizationCodesSupport
28 |
29 | before_filter :authenticate_user!
30 | before_filter :block_invalid_authorization_code_requests
31 |
32 | def new
33 | @client = oauth2_authorization_request.client
34 | end
35 |
36 | def create
37 | if params[:yes].present?
38 | grant_authorization_code(current_user)
39 | else
40 | deny_authorization_code
41 | end
42 | end
43 |
44 | end
45 |
46 | And add a couple of routes:
47 |
48 | match "/oauth/authorize", :via => :get, :to => "authorization#new"
49 | match "/oauth/authorize", :via => :post, :to => "authorization#create"
50 |
51 | oauth2-provider will handle requests to `/oauth/access_token` to handle conversion of authorization codes to access tokens.
52 |
--------------------------------------------------------------------------------
/Rakefile:
--------------------------------------------------------------------------------
1 | require 'bundler'
2 | Bundler::GemHelper.install_tasks
3 |
4 | require 'bundler/setup'
5 | require 'rspec/core/rake_task'
6 |
7 | namespace :spec do
8 | desc "Run specs using the active_record backend"
9 | RSpec::Core::RakeTask.new(:activerecord) do |t|
10 | t.rspec_opts = "-f n -c"
11 | t.pattern = "spec/**/*_spec.rb"
12 | end
13 |
14 | desc "Run specs using the mongoid backend"
15 | RSpec::Core::RakeTask.new(:mongoid) do |t|
16 | t.rspec_opts = "-f n -c"
17 | t.pattern = "spec/**/*_spec.rb"
18 | t.ruby_opts = "-Ispec -rset_backend_env_to_mongoid"
19 | end
20 |
21 | desc "Run specs using both backends"
22 | task :all => ['spec:activerecord', 'spec:mongoid']
23 | end
24 |
25 | task :default => 'spec:all'
--------------------------------------------------------------------------------
/examples/client/Gemfile:
--------------------------------------------------------------------------------
1 | source :rubygems
2 |
3 | gem 'sinatra'
4 | gem 'haml'
5 |
6 | gem 'httparty'
--------------------------------------------------------------------------------
/examples/client/Gemfile.lock:
--------------------------------------------------------------------------------
1 | GEM
2 | remote: http://rubygems.org/
3 | specs:
4 | crack (0.1.8)
5 | haml (3.0.18)
6 | httparty (0.7.4)
7 | crack (= 0.1.8)
8 | rack (1.2.2)
9 | sinatra (1.2.6)
10 | rack (~> 1.1)
11 | tilt (>= 1.2.2, < 2.0)
12 | tilt (1.3)
13 |
14 | PLATFORMS
15 | ruby
16 |
17 | DEPENDENCIES
18 | haml
19 | httparty
20 | sinatra
21 |
--------------------------------------------------------------------------------
/examples/client/README:
--------------------------------------------------------------------------------
1 | This is a (very very) simple OAuth2 client, designed to work with the oauth2-provider examples. To get it running, cd to the client folder, then run:
2 |
3 | 1) bundle install
4 | 2) bundle exec rackup
5 |
6 | This should start the client on port 9292
7 |
8 | Assuming an example server is running (such as the one in examples/rails3-example), visit http://localhost:9292. To read content from the server you'll be asked to login (tomafro/secret) and then authorize the client. Finally some very simple content from the server will be shown.
--------------------------------------------------------------------------------
/examples/client/app.rb:
--------------------------------------------------------------------------------
1 | require 'rubygems'
2 | require 'bundler/setup'
3 | require 'sinatra'
4 | require 'haml'
5 | require 'httparty'
6 |
7 | CLIENT_ID = 'abcdefgh12345678'
8 | CLIENT_SECRET = 'secret'
9 | RESOURCE_HOST = 'http://localhost:3000'
10 |
11 | enable :sessions
12 |
13 | helpers do
14 | def redirect_uri
15 | "http://" + request.host_with_port + "/callback"
16 | end
17 |
18 | def access_token
19 | session[:access_token]
20 | end
21 |
22 | def get_with_access_token(path)
23 | HTTParty.get(RESOURCE_HOST + path, :query => {:oauth_token => access_token})
24 | end
25 |
26 | def authorize_url
27 | RESOURCE_HOST + "/oauth/authorize?client_id=#{CLIENT_ID}&client_secret=#{CLIENT_SECRET}&redirect_uri=#{redirect_uri}"
28 | end
29 |
30 | def access_token_url
31 | RESOURCE_HOST + "/oauth/access_token"
32 | end
33 | end
34 |
35 | get '/' do
36 | haml :home
37 | end
38 |
39 | get '/callback' do
40 | response = HTTParty.post(access_token_url, :body => {
41 | :client_id => CLIENT_ID,
42 | :client_secret => CLIENT_SECRET,
43 | :redirect_uri => redirect_uri,
44 | :code => params["code"],
45 | :grant_type => 'authorization_code'}
46 | )
47 |
48 | session[:access_token] = response["access_token"]
49 | redirect '/account'
50 | end
51 |
52 | get '/account' do
53 | if access_token
54 | @resource_response = get_with_access_token("/account.json")
55 | haml :response
56 | else
57 | redirect authorize_url
58 | end
59 | end
--------------------------------------------------------------------------------
/examples/client/config.ru:
--------------------------------------------------------------------------------
1 | require File.dirname(__FILE__) + '/app'
2 |
3 | run Sinatra::Application
--------------------------------------------------------------------------------
/examples/client/views/home.haml:
--------------------------------------------------------------------------------
1 | To use this client,
2 | %a{:href => '/account'}
3 | click here
--------------------------------------------------------------------------------
/examples/client/views/response.haml:
--------------------------------------------------------------------------------
1 | %div
2 | The response from the RESOURCE SERVER loading "/account.json :"
3 | %h2
4 | Headers
5 | %pre
6 | =@resource_response.headers.inspect
7 | %h2
8 | Body
9 | %pre
10 | =@resource_response.body.inspect
11 |
--------------------------------------------------------------------------------
/examples/rails3-example/.gitignore:
--------------------------------------------------------------------------------
1 | .bundle
2 | db/*.sqlite3
3 | log/*.log
4 | tmp/
5 |
--------------------------------------------------------------------------------
/examples/rails3-example/Gemfile:
--------------------------------------------------------------------------------
1 | source 'http://rubygems.org'
2 |
3 | gem 'rails', '3.0.7'
4 |
5 | # Bundle edge Rails instead:
6 | # gem 'rails', :git => 'git://github.com/rails/rails.git'
7 |
8 | gem 'sqlite3'
9 |
10 | gem 'oauth2-provider', :path => '../..'
--------------------------------------------------------------------------------
/examples/rails3-example/Gemfile.lock:
--------------------------------------------------------------------------------
1 | PATH
2 | remote: ../..
3 | specs:
4 | oauth2-provider (0.0.18)
5 | activesupport (~> 3.0)
6 | addressable (~> 2.2)
7 |
8 | GEM
9 | remote: http://rubygems.org/
10 | specs:
11 | abstract (1.0.0)
12 | actionmailer (3.0.7)
13 | actionpack (= 3.0.7)
14 | mail (~> 2.2.15)
15 | actionpack (3.0.7)
16 | activemodel (= 3.0.7)
17 | activesupport (= 3.0.7)
18 | builder (~> 2.1.2)
19 | erubis (~> 2.6.6)
20 | i18n (~> 0.5.0)
21 | rack (~> 1.2.1)
22 | rack-mount (~> 0.6.14)
23 | rack-test (~> 0.5.7)
24 | tzinfo (~> 0.3.23)
25 | activemodel (3.0.7)
26 | activesupport (= 3.0.7)
27 | builder (~> 2.1.2)
28 | i18n (~> 0.5.0)
29 | activerecord (3.0.7)
30 | activemodel (= 3.0.7)
31 | activesupport (= 3.0.7)
32 | arel (~> 2.0.2)
33 | tzinfo (~> 0.3.23)
34 | activeresource (3.0.7)
35 | activemodel (= 3.0.7)
36 | activesupport (= 3.0.7)
37 | activesupport (3.0.7)
38 | addressable (2.2.6)
39 | arel (2.0.9)
40 | builder (2.1.2)
41 | erubis (2.6.6)
42 | abstract (>= 1.0.0)
43 | i18n (0.5.0)
44 | mail (2.2.19)
45 | activesupport (>= 2.3.6)
46 | i18n (>= 0.4.0)
47 | mime-types (~> 1.16)
48 | treetop (~> 1.4.8)
49 | mime-types (1.16)
50 | polyglot (0.3.1)
51 | rack (1.2.2)
52 | rack-mount (0.6.14)
53 | rack (>= 1.0.0)
54 | rack-test (0.5.7)
55 | rack (>= 1.0)
56 | rails (3.0.7)
57 | actionmailer (= 3.0.7)
58 | actionpack (= 3.0.7)
59 | activerecord (= 3.0.7)
60 | activeresource (= 3.0.7)
61 | activesupport (= 3.0.7)
62 | bundler (~> 1.0)
63 | railties (= 3.0.7)
64 | railties (3.0.7)
65 | actionpack (= 3.0.7)
66 | activesupport (= 3.0.7)
67 | rake (>= 0.8.7)
68 | thor (~> 0.14.4)
69 | rake (0.8.7)
70 | sqlite3 (1.3.3)
71 | thor (0.14.6)
72 | treetop (1.4.9)
73 | polyglot (>= 0.3.1)
74 | tzinfo (0.3.27)
75 |
76 | PLATFORMS
77 | ruby
78 |
79 | DEPENDENCIES
80 | oauth2-provider!
81 | rails (= 3.0.7)
82 | sqlite3
83 |
--------------------------------------------------------------------------------
/examples/rails3-example/README:
--------------------------------------------------------------------------------
1 | This is a (very) basic app demonstrating the oauth2-provider library. To get it going, cd to the app folder, then:
2 |
3 | 1) Run `bundle install`
4 | 2) Run `bundle exec rake db:reset db:seed`
5 | 3) Run `bundle exec rails server`
6 |
7 | This should start the app on port 3000
8 |
9 | To try it out, you need an oauth client. Luckily there's a (very very) simple one in the examples/client folder. Keep this example running, follow the instructions to start the client, then have a play.
--------------------------------------------------------------------------------
/examples/rails3-example/Rakefile:
--------------------------------------------------------------------------------
1 | # Add your own tasks in files placed in lib/tasks ending in .rake,
2 | # for example lib/tasks/capistrano.rake, and they will automatically be available to Rake.
3 |
4 | require File.expand_path('../config/application', __FILE__)
5 | require 'rake'
6 |
7 | Rails3Example::Application.load_tasks
8 |
--------------------------------------------------------------------------------
/examples/rails3-example/app/controllers/account_controller.rb:
--------------------------------------------------------------------------------
1 | class AccountController < ApplicationController
2 | authenticate_with_oauth
3 | before_filter :set_current_account_from_oauth
4 |
5 | def show
6 | render :json => {:login => current_account.login}
7 | end
8 |
9 | private
10 |
11 | def set_current_account_from_oauth
12 | @current_account = request.env['oauth2'].resource_owner
13 | end
14 | end
--------------------------------------------------------------------------------
/examples/rails3-example/app/controllers/application_controller.rb:
--------------------------------------------------------------------------------
1 | class ApplicationController < ActionController::Base
2 | protect_from_forgery
3 |
4 | def current_account
5 | @current_account ||= session[:account_id] && Account.find_by_id(session[:account_id])
6 | end
7 |
8 | helper_method :current_account
9 |
10 | private
11 |
12 | def authenticate_account
13 | unless current_account
14 | session[:return_url] = request.fullpath
15 | redirect_to new_session_url
16 | end
17 | end
18 | end
19 |
--------------------------------------------------------------------------------
/examples/rails3-example/app/controllers/authorization_controller.rb:
--------------------------------------------------------------------------------
1 | class AuthorizationController < ApplicationController
2 | include OAuth2::Provider::Rack::AuthorizationCodesSupport
3 |
4 | before_filter :authenticate_account
5 | before_filter :block_invalid_authorization_code_requests
6 | before_filter :regrant_existing_authorization
7 |
8 | def new
9 | @client = oauth2_authorization_request.client
10 | end
11 |
12 | def create
13 | if params[:commit] == "Yes"
14 | grant_authorization_code(current_account)
15 | else
16 | deny_authorization_code
17 | end
18 | end
19 |
20 | private
21 |
22 | def regrant_existing_authorization
23 | oauth2_authorization_request.grant_existing! current_account
24 | end
25 | end
--------------------------------------------------------------------------------
/examples/rails3-example/app/controllers/home_controller.rb:
--------------------------------------------------------------------------------
1 | class HomeController < ApplicationController
2 | def show
3 | end
4 | end
--------------------------------------------------------------------------------
/examples/rails3-example/app/controllers/session_controller.rb:
--------------------------------------------------------------------------------
1 | class SessionController < ApplicationController
2 | class Session
3 | attr_accessor :login, :password
4 | end
5 |
6 | def new
7 | @session = Session.new
8 | end
9 |
10 | def create
11 | if account = Account.authenticate(params[:session][:login], params[:session][:password])
12 | session[:account_id] = account.id
13 | redirect_to return_url
14 | else
15 | redirect_to :action => :new
16 | end
17 | end
18 |
19 | private
20 |
21 | def return_url
22 | session[:return_url] || root_url
23 | end
24 | end
--------------------------------------------------------------------------------
/examples/rails3-example/app/helpers/application_helper.rb:
--------------------------------------------------------------------------------
1 | module ApplicationHelper
2 | end
3 |
--------------------------------------------------------------------------------
/examples/rails3-example/app/models/account.rb:
--------------------------------------------------------------------------------
1 | class Account < ActiveRecord::Base
2 | def self.authenticate(login, password)
3 | # N.B. Don't use this for authentication in a real app
4 | find_by_login_and_password(login, password)
5 | end
6 | end
--------------------------------------------------------------------------------
/examples/rails3-example/app/views/authorization/new.html.erb:
--------------------------------------------------------------------------------
1 | <%= form_for :authorization, :url => oauth_authorize_path(params.slice(:redirect_uri, :client_id, :client_secret)) do |form| %>
2 | Authorize
3 | <%= form.submit "Yes", :value => 'Yes' %>
4 | <%= form.submit "No", :value => 'No' %>
5 | <% end %>
--------------------------------------------------------------------------------
/examples/rails3-example/app/views/home/show.html.erb:
--------------------------------------------------------------------------------
1 | Hello <%= current_account ? current_account.login : "stranger" %>!
--------------------------------------------------------------------------------
/examples/rails3-example/app/views/layouts/application.html.erb:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
9 | Rails3Example
10 | <%= csrf_meta_tag %>
11 |
12 |
13 |
14 | <%= yield %>
15 |
16 |
17 |
18 |
--------------------------------------------------------------------------------
/examples/rails3-example/app/views/session/new.html.erb:
--------------------------------------------------------------------------------
1 | <%= form_for :session, :url => session_path do |form| %>
2 | <%= form.label :login %>
3 | <%= form.text_field :login %>
4 | <%= form.label :password %>
5 | <%= form.password_field :password %>
6 | <%= form.submit "Login" %>
7 | <% end %>
--------------------------------------------------------------------------------
/examples/rails3-example/config.ru:
--------------------------------------------------------------------------------
1 | # This file is used by Rack-based servers to start the application.
2 |
3 | require ::File.expand_path('../config/environment', __FILE__)
4 | run Rails3Example::Application
5 |
--------------------------------------------------------------------------------
/examples/rails3-example/config/application.rb:
--------------------------------------------------------------------------------
1 | require File.expand_path('../boot', __FILE__)
2 |
3 | require 'rails/all'
4 |
5 | # If you have a Gemfile, require the gems listed there, including any gems
6 | # you've limited to :test, :development, or :production.
7 | Bundler.require(:default, Rails.env) if defined?(Bundler)
8 |
9 | module Rails3Example
10 | class Application < Rails::Application
11 | # Settings in config/environments/* take precedence over those specified here.
12 | # Application configuration should go into files in config/initializers
13 | # -- all .rb files in that directory are automatically loaded.
14 |
15 | # Custom directories with classes and modules you want to be autoloadable.
16 | # config.autoload_paths += %W(#{config.root}/extras)
17 |
18 | # Only load the plugins named here, in the order given (default is alphabetical).
19 | # :all can be used as a placeholder for all plugins not explicitly named.
20 | # config.plugins = [ :exception_notification, :ssl_requirement, :all ]
21 |
22 | # Activate observers that should always be running.
23 | # config.active_record.observers = :cacher, :garbage_collector, :forum_observer
24 |
25 | # Set Time.zone default to the specified zone and make Active Record auto-convert to this zone.
26 | # Run "rake -D time" for a list of tasks for finding time zone names. Default is UTC.
27 | # config.time_zone = 'Central Time (US & Canada)'
28 |
29 | # The default locale is :en and all translations from config/locales/*.rb,yml are auto loaded.
30 | # config.i18n.load_path += Dir[Rails.root.join('my', 'locales', '*.{rb,yml}').to_s]
31 | # config.i18n.default_locale = :de
32 |
33 | # JavaScript files you want as :defaults (application.js is always included).
34 | # config.action_view.javascript_expansions[:defaults] = %w(jquery rails)
35 |
36 | # Configure the default encoding used in templates for Ruby 1.9.
37 | config.encoding = "utf-8"
38 |
39 | # Configure sensitive parameters which will be filtered from the log file.
40 | config.filter_parameters += [:password]
41 | end
42 | end
43 |
--------------------------------------------------------------------------------
/examples/rails3-example/config/boot.rb:
--------------------------------------------------------------------------------
1 | require 'rubygems'
2 |
3 | # Set up gems listed in the Gemfile.
4 | ENV['BUNDLE_GEMFILE'] ||= File.expand_path('../../Gemfile', __FILE__)
5 |
6 | require 'bundler/setup' if File.exists?(ENV['BUNDLE_GEMFILE'])
7 |
--------------------------------------------------------------------------------
/examples/rails3-example/config/database.yml:
--------------------------------------------------------------------------------
1 | # SQLite version 3.x
2 | # gem install sqlite3
3 | development:
4 | adapter: sqlite3
5 | database: db/development.sqlite3
6 | pool: 5
7 | timeout: 5000
8 |
9 | # Warning: The database defined as "test" will be erased and
10 | # re-generated from your development database when you run "rake".
11 | # Do not set this db to the same as development or production.
12 | test:
13 | adapter: sqlite3
14 | database: db/test.sqlite3
15 | pool: 5
16 | timeout: 5000
17 |
18 | production:
19 | adapter: sqlite3
20 | database: db/production.sqlite3
21 | pool: 5
22 | timeout: 5000
23 |
--------------------------------------------------------------------------------
/examples/rails3-example/config/environment.rb:
--------------------------------------------------------------------------------
1 | # Load the rails application
2 | require File.expand_path('../application', __FILE__)
3 |
4 | # Initialize the rails application
5 | Rails3Example::Application.initialize!
6 |
--------------------------------------------------------------------------------
/examples/rails3-example/config/environments/development.rb:
--------------------------------------------------------------------------------
1 | Rails3Example::Application.configure do
2 | # Settings specified here will take precedence over those in config/application.rb
3 |
4 | # In the development environment your application's code is reloaded on
5 | # every request. This slows down response time but is perfect for development
6 | # since you don't have to restart the webserver when you make code changes.
7 | config.cache_classes = false
8 |
9 | # Log error messages when you accidentally call methods on nil.
10 | config.whiny_nils = true
11 |
12 | # Show full error reports and disable caching
13 | config.consider_all_requests_local = true
14 | config.action_view.debug_rjs = true
15 | config.action_controller.perform_caching = false
16 |
17 | # Don't care if the mailer can't send
18 | config.action_mailer.raise_delivery_errors = false
19 |
20 | # Print deprecation notices to the Rails logger
21 | config.active_support.deprecation = :log
22 |
23 | # Only use best-standards-support built into browsers
24 | config.action_dispatch.best_standards_support = :builtin
25 | end
26 |
27 |
--------------------------------------------------------------------------------
/examples/rails3-example/config/environments/production.rb:
--------------------------------------------------------------------------------
1 | Rails3Example::Application.configure do
2 | # Settings specified here will take precedence over those in config/application.rb
3 |
4 | # The production environment is meant for finished, "live" apps.
5 | # Code is not reloaded between requests
6 | config.cache_classes = true
7 |
8 | # Full error reports are disabled and caching is turned on
9 | config.consider_all_requests_local = false
10 | config.action_controller.perform_caching = true
11 |
12 | # Specifies the header that your server uses for sending files
13 | config.action_dispatch.x_sendfile_header = "X-Sendfile"
14 |
15 | # For nginx:
16 | # config.action_dispatch.x_sendfile_header = 'X-Accel-Redirect'
17 |
18 | # If you have no front-end server that supports something like X-Sendfile,
19 | # just comment this out and Rails will serve the files
20 |
21 | # See everything in the log (default is :info)
22 | # config.log_level = :debug
23 |
24 | # Use a different logger for distributed setups
25 | # config.logger = SyslogLogger.new
26 |
27 | # Use a different cache store in production
28 | # config.cache_store = :mem_cache_store
29 |
30 | # Disable Rails's static asset server
31 | # In production, Apache or nginx will already do this
32 | config.serve_static_assets = false
33 |
34 | # Enable serving of images, stylesheets, and javascripts from an asset server
35 | # config.action_controller.asset_host = "http://assets.example.com"
36 |
37 | # Disable delivery errors, bad email addresses will be ignored
38 | # config.action_mailer.raise_delivery_errors = false
39 |
40 | # Enable threaded mode
41 | # config.threadsafe!
42 |
43 | # Enable locale fallbacks for I18n (makes lookups for any locale fall back to
44 | # the I18n.default_locale when a translation can not be found)
45 | config.i18n.fallbacks = true
46 |
47 | # Send deprecation notices to registered listeners
48 | config.active_support.deprecation = :notify
49 | end
50 |
--------------------------------------------------------------------------------
/examples/rails3-example/config/environments/test.rb:
--------------------------------------------------------------------------------
1 | Rails3Example::Application.configure do
2 | # Settings specified here will take precedence over those in config/application.rb
3 |
4 | # The test environment is used exclusively to run your application's
5 | # test suite. You never need to work with it otherwise. Remember that
6 | # your test database is "scratch space" for the test suite and is wiped
7 | # and recreated between test runs. Don't rely on the data there!
8 | config.cache_classes = true
9 |
10 | # Log error messages when you accidentally call methods on nil.
11 | config.whiny_nils = true
12 |
13 | # Show full error reports and disable caching
14 | config.consider_all_requests_local = true
15 | config.action_controller.perform_caching = false
16 |
17 | # Raise exceptions instead of rendering exception templates
18 | config.action_dispatch.show_exceptions = false
19 |
20 | # Disable request forgery protection in test environment
21 | config.action_controller.allow_forgery_protection = false
22 |
23 | # Tell Action Mailer not to deliver emails to the real world.
24 | # The :test delivery method accumulates sent emails in the
25 | # ActionMailer::Base.deliveries array.
26 | config.action_mailer.delivery_method = :test
27 |
28 | # Use SQL instead of Active Record's schema dumper when creating the test database.
29 | # This is necessary if your schema can't be completely dumped by the schema dumper,
30 | # like if you have constraints or database-specific column types
31 | # config.active_record.schema_format = :sql
32 |
33 | # Print deprecation notices to the stderr
34 | config.active_support.deprecation = :stderr
35 | end
36 |
--------------------------------------------------------------------------------
/examples/rails3-example/config/initializers/backtrace_silencers.rb:
--------------------------------------------------------------------------------
1 | # Be sure to restart your server when you modify this file.
2 |
3 | # You can add backtrace silencers for libraries that you're using but don't wish to see in your backtraces.
4 | # Rails.backtrace_cleaner.add_silencer { |line| line =~ /my_noisy_library/ }
5 |
6 | # You can also remove all the silencers if you're trying to debug a problem that might stem from framework code.
7 | # Rails.backtrace_cleaner.remove_silencers!
8 |
--------------------------------------------------------------------------------
/examples/rails3-example/config/initializers/inflections.rb:
--------------------------------------------------------------------------------
1 | # Be sure to restart your server when you modify this file.
2 |
3 | # Add new inflection rules using the following format
4 | # (all these examples are active by default):
5 | # ActiveSupport::Inflector.inflections do |inflect|
6 | # inflect.plural /^(ox)$/i, '\1en'
7 | # inflect.singular /^(ox)en/i, '\1'
8 | # inflect.irregular 'person', 'people'
9 | # inflect.uncountable %w( fish sheep )
10 | # end
11 |
--------------------------------------------------------------------------------
/examples/rails3-example/config/initializers/mime_types.rb:
--------------------------------------------------------------------------------
1 | # Be sure to restart your server when you modify this file.
2 |
3 | # Add new mime types for use in respond_to blocks:
4 | # Mime::Type.register "text/richtext", :rtf
5 | # Mime::Type.register_alias "text/html", :iphone
6 |
--------------------------------------------------------------------------------
/examples/rails3-example/config/initializers/secret_token.rb:
--------------------------------------------------------------------------------
1 | # Be sure to restart your server when you modify this file.
2 |
3 | # Your secret key for verifying the integrity of signed cookies.
4 | # If you change this key, all old signed cookies will become invalid!
5 | # Make sure the secret is at least 30 characters and all random,
6 | # no regular words or you'll be exposed to dictionary attacks.
7 | Rails3Example::Application.config.secret_token = 'e5f8bf909ecfaf4a9a4b275acb58dc8126733a4d4a25bec1266a624296cd1845c3d6c19fcc44f2346a31aac4a25544348e9ebada6903bb35d5f6a235954cff26'
8 |
--------------------------------------------------------------------------------
/examples/rails3-example/config/initializers/session_store.rb:
--------------------------------------------------------------------------------
1 | # Be sure to restart your server when you modify this file.
2 |
3 | Rails3Example::Application.config.session_store :cookie_store, :key => '_rails3-example_session'
4 |
5 | # Use the database for sessions instead of the cookie-based default,
6 | # which shouldn't be used to store highly confidential information
7 | # (create the session table with "rails generate session_migration")
8 | # Rails3Example::Application.config.session_store :active_record_store
9 |
--------------------------------------------------------------------------------
/examples/rails3-example/config/locales/en.yml:
--------------------------------------------------------------------------------
1 | # Sample localization file for English. Add more files in this directory for other locales.
2 | # See http://github.com/svenfuchs/rails-i18n/tree/master/rails%2Flocale for starting points.
3 |
4 | en:
5 | hello: "Hello world"
6 |
--------------------------------------------------------------------------------
/examples/rails3-example/config/routes.rb:
--------------------------------------------------------------------------------
1 | Rails3Example::Application.routes.draw do
2 | resource :session, :controller => :session
3 | resource :account, :controller => :account
4 |
5 | match "/oauth/authorize", :via => :get, :to => "authorization#new"
6 | match "/oauth/authorize", :via => :post, :to => "authorization#create"
7 |
8 | root :to => 'home#show'
9 | end
10 |
--------------------------------------------------------------------------------
/examples/rails3-example/db/migrate/20110508151935_add_account_table.rb:
--------------------------------------------------------------------------------
1 | class AddAccountTable < ActiveRecord::Migration
2 | def self.up
3 | create_table :accounts, :force => true do |table|
4 | table.string :login, :null => false
5 | table.string :password, :null => false
6 | end
7 | end
8 |
9 | def self.down
10 | drop_table :accounts
11 | end
12 | end
13 |
--------------------------------------------------------------------------------
/examples/rails3-example/db/migrate/20110508151948_add_oauth2_tables.rb:
--------------------------------------------------------------------------------
1 | class AddOauth2Tables < ActiveRecord::Migration
2 | def self.up
3 | create_table 'oauth_clients', :force => true do |t|
4 | t.string 'name'
5 | t.string 'oauth_identifier', :null => false
6 | t.string 'oauth_secret', :null => false
7 | t.string 'oauth_redirect_uri'
8 | end
9 |
10 | create_table 'oauth_authorization_codes', :force => true do |t|
11 | t.integer 'authorization_id', :null => false
12 | t.string 'code', :null => false
13 | t.datetime 'expires_at'
14 | t.datetime 'created_at'
15 | t.datetime 'updated_at'
16 | t.string 'redirect_uri'
17 | end
18 |
19 | create_table 'oauth_authorizations', :force => true do |t|
20 | t.integer 'client_id', :null => false
21 | t.integer 'resource_owner_id'
22 | t.string 'resource_owner_type'
23 | t.string 'scope'
24 | t.datetime 'expires_at'
25 | end
26 |
27 | create_table 'oauth_access_tokens', :force => true do |t|
28 | t.integer 'authorization_id', :null => false
29 | t.string 'access_token', :null => false
30 | t.string 'refresh_token'
31 | t.datetime 'expires_at'
32 | t.datetime 'created_at'
33 | t.datetime 'updated_at'
34 | end
35 | end
36 |
37 | def self.down
38 | drop_table 'oauth_access_tokens'
39 | drop_table 'oauth_authorizations'
40 | drop_table 'oauth_authorization_codes'
41 | drop_table 'oauth_clients'
42 | end
43 | end
44 |
--------------------------------------------------------------------------------
/examples/rails3-example/db/schema.rb:
--------------------------------------------------------------------------------
1 | # This file is auto-generated from the current state of the database. Instead
2 | # of editing this file, please use the migrations feature of Active Record to
3 | # incrementally modify your database, and then regenerate this schema definition.
4 | #
5 | # Note that this schema.rb definition is the authoritative source for your
6 | # database schema. If you need to create the application database on another
7 | # system, you should be using db:schema:load, not running all the migrations
8 | # from scratch. The latter is a flawed and unsustainable approach (the more migrations
9 | # you'll amass, the slower it'll run and the greater likelihood for issues).
10 | #
11 | # It's strongly recommended to check this file into your version control system.
12 |
13 | ActiveRecord::Schema.define(:version => 20110614224516) do
14 |
15 | create_table "accounts", :force => true do |t|
16 | t.string "login", :null => false
17 | t.string "password", :null => false
18 | end
19 |
20 | create_table "oauth_access_tokens", :force => true do |t|
21 | t.integer "authorization_id", :null => false
22 | t.string "access_token", :null => false
23 | t.string "refresh_token"
24 | t.datetime "expires_at"
25 | t.datetime "created_at"
26 | t.datetime "updated_at"
27 | end
28 |
29 | create_table "oauth_authorization_codes", :force => true do |t|
30 | t.integer "authorization_id", :null => false
31 | t.string "code", :null => false
32 | t.datetime "expires_at"
33 | t.datetime "created_at"
34 | t.datetime "updated_at"
35 | t.string "redirect_uri"
36 | end
37 |
38 | create_table "oauth_authorizations", :force => true do |t|
39 | t.integer "client_id", :null => false
40 | t.integer "resource_owner_id"
41 | t.string "resource_owner_type"
42 | t.string "scope"
43 | t.datetime "expires_at"
44 | end
45 |
46 | create_table "oauth_clients", :force => true do |t|
47 | t.string "name"
48 | t.string "oauth_identifier", :null => false
49 | t.string "oauth_secret", :null => false
50 | t.string "oauth_redirect_uri"
51 | end
52 |
53 | end
54 |
--------------------------------------------------------------------------------
/examples/rails3-example/db/seeds.rb:
--------------------------------------------------------------------------------
1 | # This file should contain all the record creation needed to seed the database with its default values.
2 | # The data can then be loaded with the rake db:seed (or created alongside the db with db:setup).
3 | #
4 | # Examples:
5 | #
6 | # cities = City.create([{ :name => 'Chicago' }, { :name => 'Copenhagen' }])
7 | # Mayor.create(:name => 'Daley', :city => cities.first)
8 |
9 | OAuth2::Provider.client_class.create! :name => 'Example Client', :oauth_identifier => 'abcdefgh12345678', :oauth_secret => 'secret'
10 |
11 | Account.create! :login => 'tomafro', :password => 'secret'
--------------------------------------------------------------------------------
/examples/rails3-example/doc/README_FOR_APP:
--------------------------------------------------------------------------------
1 | Use this README file to introduce your application and point to useful places in the API for learning more.
2 | Run "rake doc:app" to generate API documentation for your models, controllers, helpers, and libraries.
3 |
--------------------------------------------------------------------------------
/examples/rails3-example/lib/tasks/.gitkeep:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/freerange/oauth2-provider/d8c390f523e921df48a0cb11939497811b93b49c/examples/rails3-example/lib/tasks/.gitkeep
--------------------------------------------------------------------------------
/examples/rails3-example/public/404.html:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 | The page you were looking for doesn't exist (404)
5 |
17 |
18 |
19 |
20 |
21 |
22 |
The page you were looking for doesn't exist.
23 |
You may have mistyped the address or the page may have moved.
24 |
22 |
The change you wanted was rejected.
23 |
Maybe you tried to change something you didn't have access to.
24 |
22 |
We're sorry, but something went wrong.
23 |
We've been notified about this issue and we'll take a look at it shortly.
24 |