myexperiment-hackers
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[myexperiment-hackers] [3135] branches/wf4ever: cd branches/wf4ever ; sv


From: noreply
Subject: [myexperiment-hackers] [3135] branches/wf4ever: cd branches/wf4ever ; svn merge -r3133:3130 ^/ branches/wf4ever # REVERSE
Date: Tue, 25 Sep 2012 17:32:46 +0000 (UTC)

Revision
3135
Author
dgc
Date
2012-09-25 17:32:46 +0000 (Tue, 25 Sep 2012)

Log Message

cd branches/wf4ever ; svn merge -r3133:3130 ^/branches/wf4ever # REVERSE

Modified Paths

Added Paths

Removed Paths

Diff

Deleted: branches/wf4ever/app/controllers/oauth_clients_controller.rb (3134 => 3135)


--- branches/wf4ever/app/controllers/oauth_clients_controller.rb	2012-09-25 17:29:10 UTC (rev 3134)
+++ branches/wf4ever/app/controllers/oauth_clients_controller.rb	2012-09-25 17:32:46 UTC (rev 3135)
@@ -1,170 +0,0 @@
-class OauthController < ApplicationController
-  before_filter :login_required,:except=>[:request_token,:access_token,:test_request]
-  before_filter :get_client_application, : [:show, :edit, :update, :destroy]
-  before_filter :login_or_oauth_required,:
-  before_filter :verify_oauth_consumer_signature, :
-  # before_filter :verify_oauth_request_token, :
-  # Uncomment the following if you are using restful_open_id_authentication
-  skip_before_filter :verify_authenticity_token
-
-  def request_token
-    @token=current_client_application.create_request_token
-    if @token
-      render :text=>@token.to_query
-    else
-      render :nothing => true, :status => 401
-    end
-  end
-
-  def access_token
-    @token=current_token.exchange!
-    if @token
-      render :text=>@token.to_query
-    else
-      render :nothing => true, :status => 401
-    end
-  end
-
-  def test_request
-    render :text=>params.collect{|k,v|"#{k}=#{v}"}.join("&")
-  end
-
-  def authorize
-    @client_applications=current_user.client_applications
-    @token=RequestToken.find_by_token params[:oauth_token]
-    if @token.client_application.nil?
-       if redirect_url
-         redirect_to redirect_url+"?oauth_failure=1"
-       else
-         render :action=""
-       end
-    end
-    @address@hidden
-    redirect_url=params[:oauth_callback]||@token.client_application.callback_url
-    if (@token.client_application.key_type == 'System') || @client_applications.include?(@token.client_application)
-      unless @token.invalidated?
-        if request.post?
-          if params[:authorize]=='1'
-            @token.authorize!(current_user)
-            if redirect_url
-              redirect_to redirect_url+"address@hidden"
-            else
-              render :action=""
-            end
-          elsif params[:commit]=="Save Changes"
-            @token.invalidate!
-            if redirect_url
-              redirect_to redirect_url+"?oauth_failure=1"
-            else
-              render :action=""
-            end
-          end
-        end
-      else
-       if redirect_url
-         redirect_to redirect_url+"?oauth_failure=1"
-       else
-         render :action=""
-       end
-      end
-    else
-       if redirect_url
-         redirect_to redirect_url+"?oauth_failure=1"
-       else
-         render :action=""
-       end
-    end
-  end
-
-  def revoke
-    @token=current_user.tokens.find_by_token params[:token]
-    if @token
-      @token.invalidate!
-      flash[:notice]="You've revoked the token for address@hidden"
-    end
-    redirect_to oauth_url
-  end
-
-  def index
-    @client_applications = current_user.client_applications
-    @tokens = current_user.tokens.find :all, :conditions => 'oauth_tokens.invalidated_at is null and oauth_tokens.authorized_at is not null'
-  end
-
-  def new
-    @permissions = TABLES['REST'][:data]
-    @address@hidden
-    @client_application = ClientApplication.new
-    @permissions_for=[]
-  end
-
-  def create
-    @client_application = current_user.client_applications.build(params[:client_application])
-    if @client_application.save
-      if params[:key_permissions] 
-        for key_permission in params[:key_permissions] do
-          @key_permission = KeyPermission.new(:client_application_id => @client_application.id, :for ="" key_permission[0])
-          @key_permission.save
-        end
-      end
-      flash[:notice] = "Client Application successfully registered!"
-      redirect_to :action ="" "show", :id => @client_application.id
-    else
-      render :action ="" "new"
-    end
-  end
-
-  def show
-    if (!(@client_application.user_id == current_user.id or @client_application.creator_id == current_user.id))
-      @client_application = nil
-    end
-    @address@hidden
-  end
-
-  def edit
-    @permissions = TABLES['REST'][:data]
-    @address@hidden
-    if (!(@client_application.user_id == current_user.id or @client_application.creator_id == current_user.id))
-        @client_application = nil
-    end
-    @address@hidden
-    unless @client_application.nil?
-      @address@hidden
-    end
-  end
-
-  def update
-    if (current_user.admin? or @client_application.key_type=="User")
-      @client_application.permissions.delete_all
-      if params[:key_permissions] 
-        for key_permission in params[:key_permissions] do
-          @key_permission = KeyPermission.new(:client_application_id => @client_application.id, :for ="" key_permission[0])
-           @key_permission.save
-        end
-      end
-    end
-    if @client_application.update_attributes(params[:client_application])
-      flash[:notice] = "Updated the client information successfully"
-      redirect_to :action ="" "show", :id => @client_application.id
-    else
-      render :action ="" "edit"
-    end
-  end
-
-  def destroy
-    @client_application.destroy
-    flash[:notice] = "Destroyed the client application registration"
-    redirect_to :action ="" "index"
-  end
-
-  private
-  def get_client_application
-    unless @client_application = current_user.client_applications.find(params[:id])
-      flash.now[:error] = "Wrong application id"
-      raise ActiveRecord::RecordNotFound
-    end
-    unless Authorization.is_authorized?(action_name, nil, @client_application, current_user)
-      flash.now[:error] = "Application not authorized"
-      raise ActiveRecord::RecordNotFound
-    end
-  end
-end

Deleted: branches/wf4ever/app/controllers/oauth_controller.rb (3134 => 3135)


--- branches/wf4ever/app/controllers/oauth_controller.rb	2012-09-25 17:29:10 UTC (rev 3134)
+++ branches/wf4ever/app/controllers/oauth_controller.rb	2012-09-25 17:32:46 UTC (rev 3135)
@@ -1,31 +0,0 @@
-require 'oauth-plugin'
-require 'oauth/controllers/provider_controller'
-class OauthController < ApplicationController
-  include OAuth::Controllers::ProviderController
-
-  protected
-  # Override this to match your authorization page form
-  # It currently expects a checkbox called authorize
-  # def user_authorizes_token?
-  #   params[:authorize] == '1'
-  # end
-
-  def user_authorizes_token?
-    params[:authorize] == '1'
-  end
-
-  # should authenticate and return a user if valid password.
-  # This example should work with most Authlogic or Devise. Uncomment it
-  # def authenticate_user(username,password)
-  #   user = User.find_by_email params[:username]
-  #   if user && user.valid_password?(params[:password])
-  #     user
-  #   else
-  #     nil
-  #   end
-  # end
-
-  def authenticate_user(username, password)
-    User.authenticate(username, password)
-  end
-end

Copied: branches/wf4ever/app/controllers/oauth_controller.rb (from rev 3130, branches/wf4ever/app/controllers/oauth_controller.rb) (0 => 3135)


--- branches/wf4ever/app/controllers/oauth_controller.rb	                        (rev 0)
+++ branches/wf4ever/app/controllers/oauth_controller.rb	2012-09-25 17:32:46 UTC (rev 3135)
@@ -0,0 +1,188 @@
+class OauthController < ApplicationController
+  before_filter :login_required,:except=>[:request_token,:access_token,:test_request]
+  before_filter :find_client_application_auth, : :edit, :update, :destroy]
+  before_filter :login_or_oauth_required,:
+  before_filter :verify_oauth_consumer_signature, :
+  # before_filter :verify_oauth_request_token, :
+  # Uncomment the following if you are using restful_open_id_authentication
+  skip_before_filter :verify_authenticity_token
+
+  def request_token
+    @token=current_client_application.create_request_token
+    if @token
+      render :text=>@token.to_query
+    else
+      render :nothing => true, :status => 401
+    end
+  end
+
+  def access_token
+    @token=current_token.exchange!
+    if @token
+      render :text=>@token.to_query
+    else
+      render :nothing => true, :status => 401
+    end
+  end
+
+  def test_request
+    render :text=>params.collect{|k,v|"#{k}=#{v}"}.join("&")
+  end
+
+  def authorize
+    @client_applications=current_user.client_applications
+    @token=RequestToken.find_by_token params[:oauth_token]
+    if @token.client_application.nil?
+       if redirect_url
+         redirect_to redirect_url+"?oauth_failure=1"
+       else
+         render :action=""
+       end
+    end
+    @address@hidden
+    redirect_url=params[:oauth_callback]||@token.client_application.callback_url
+    if (@token.client_application.key_type == 'System') || @client_applications.include?(@token.client_application)
+      unless @token.invalidated?
+        if request.post?
+          if params[:authorize]=='1'
+            @token.authorize!(current_user)
+            if redirect_url
+              redirect_to redirect_url+"address@hidden"
+            else
+              render :action=""
+            end
+          elsif params[:commit]=="Save Changes"
+            @token.invalidate!
+            if redirect_url
+              redirect_to redirect_url+"?oauth_failure=1"
+            else
+              render :action=""
+            end
+          end
+        end
+      else
+       if redirect_url
+         redirect_to redirect_url+"?oauth_failure=1"
+       else
+         render :action=""
+       end
+      end
+    else
+       if redirect_url
+         redirect_to redirect_url+"?oauth_failure=1"
+       else
+         render :action=""
+       end
+    end
+  end
+
+  def revoke
+    @token=current_user.tokens.find_by_token params[:token]
+    if @token
+      @token.invalidate!
+      flash[:notice]="You've revoked the token for address@hidden"
+    end
+    redirect_to oauth_url
+  end
+
+  def index
+    @client_applications=current_user.client_applications
+    @admin_client_applications=ClientApplication.find(:all, :conditions => ["user_id != ? and creator_id = ?", current_user.id, current_user.id])
+    @tokens=current_user.tokens.find :all, :conditions=>'oauth_tokens.invalidated_at is null and oauth_tokens.authorized_at is not null'
+  end
+
+  def new
+    @permissions = TABLES['REST'][:data]
+    @address@hidden
+    @client_application=ClientApplication.new
+    @permissions_for=[]
+  end
+
+  def create
+    @client_application=current_user.client_applications.build(params[:client_application])
+    if @client_application.save
+      if params[:key_permissions] 
+        for key_permission in params[:key_permissions] do
+          @key_permission = KeyPermission.new(:client_application_id => @client_application.id, :for ="" key_permission[0])
+          @key_permission.save
+        end
+      end
+      flash[:notice]="Client Application successfully registered!"
+      redirect_to :action=""
+    else
+      render :action=""
+    end
+  end
+
+  def show
+    if (!(@client_application.user_id == current_user.id or @client_application.creator_id == current_user.id))
+      @client_application = nil
+    end
+    @address@hidden
+  end
+
+  def edit
+    @permissions = TABLES['REST'][:data]
+    @address@hidden
+    if (!(@client_application.user_id == current_user.id or @client_application.creator_id == current_user.id))
+        @client_application = nil
+    end
+    @address@hidden
+    unless @client_application.nil?
+      @address@hidden
+    end
+  end
+
+  def update
+    if (current_user.admin? or @client_application.key_type=="User")
+      @client_application.permissions.delete_all
+      if params[:key_permissions] 
+        for key_permission in params[:key_permissions] do
+          @key_permission = KeyPermission.new(:client_application_id => @client_application.id, :for ="" key_permission[0])
+           @key_permission.save
+        end
+      end
+    end
+    if @client_application.update_attributes(params[:client_application])
+      flash[:notice]="Client Application 'address@hidden' successfully updated!"
+      redirect_to :action=""
+    else
+      render :action=""
+    end
+  end
+
+  def destroy
+    address@hidden
+    @client_application.destroy
+    flash[:notice]="Registration for Client Application '#{client_application_name}' has been removed!"
+    redirect_to :action=""
+  end
+
+private
+
+  def find_client_application_auth
+    if action_name == 'update'
+      id = params[:client_application][:id]
+    else
+      id = params[:id]
+    end
+    begin
+      client_app=ClientApplication.find(id)
+      if Authorization.is_authorized?(action_name, nil, client_app, current_user)
+        @client_application = client_app
+      else
+        error("Client Application not found (id not authorized)", "is invalid (not authorized)")
+      end
+    rescue ActiveRecord::RecordNotFound
+      error("Client Application not found", "is invalid")
+    end
+  end
+
+  def error(notice, message, attr=:id)
+    flash[:error] = notice
+
+    respond_to do |format|
+      format.html { redirect_to oauth_url }
+    end
+  end
+end

Copied: branches/wf4ever/app/helpers/oauth_helper.rb (from rev 3130, branches/wf4ever/app/helpers/oauth_helper.rb) (0 => 3135)


--- branches/wf4ever/app/helpers/oauth_helper.rb	                        (rev 0)
+++ branches/wf4ever/app/helpers/oauth_helper.rb	2012-09-25 17:32:46 UTC (rev 3135)
@@ -0,0 +1,3 @@
+module OauthHelper
+
+end

Modified: branches/wf4ever/app/models/access_token.rb (3134 => 3135)


--- branches/wf4ever/app/models/access_token.rb	2012-09-25 17:29:10 UTC (rev 3134)
+++ branches/wf4ever/app/models/access_token.rb	2012-09-25 17:32:46 UTC (rev 3135)
@@ -1,16 +1,10 @@
-class AccessToken < OauthToken
-  validates_presence_of :user, :secret
+class AccessToken<OauthToken
+  validates_presence_of :user
   before_create :set_authorized_at
-
-  # Implement this to return a hash or array of the capabilities the access token has
-  # This is particularly useful if you have implemented user defined permissions.
-  # def capabilities
-  #   {:invalidate=>"/oauth/invalidate",:capabilities=>"/oauth/capabilities"}
-  # end
-
-  protected
-
+  
+  protected 
+  
   def set_authorized_at
-    self.authorized_at = Time.now
+    self.authorized_at=Time.now
   end
-end
+end
\ No newline at end of file

Modified: branches/wf4ever/app/models/client_application.rb (3134 => 3135)


--- branches/wf4ever/app/models/client_application.rb	2012-09-25 17:29:10 UTC (rev 3134)
+++ branches/wf4ever/app/models/client_application.rb	2012-09-25 17:32:46 UTC (rev 3135)
@@ -1,60 +1,54 @@
 require 'oauth'
 class ClientApplication < ActiveRecord::Base
   belongs_to :user
-  has_many :tokens, :class_name => "OauthToken", :dependent => :destroy
-  has_many :access_tokens
-  has_many :oauth2_verifiers
-  has_many :oauth_tokens
+  has_many :tokens,:class_name=>"OauthToken", :dependent => :destroy
   has_many :permissions,
            :class_name => "KeyPermission",
            :order => "key_permissions.for",
            :dependent => :destroy
   belongs_to :creator,
              :class_name => "User",
-             :foreign_key => "creator_id"
-  validates_presence_of :name, :url, :key, :secret
+	     :foreign_key => "creator_id"
+  validates_presence_of :name,:url,:key,:secret
   validates_uniqueness_of :key
   before_validation_on_create :generate_keys
-
-  validates_format_of :url, :with => /\Ahttp(s?):\/\/(\w+:{0,1}\w*@)?(\S+)(:[0-9]+)?(\/|\/([\w#!:.?+=&address@hidden/]))?/i
-  validates_format_of :support_url, :with => /\Ahttp(s?):\/\/(\w+:{0,1}\w*@)?(\S+)(:[0-9]+)?(\/|\/([\w#!:.?+=&address@hidden/]))?/i, :allow_blank=>true
-  validates_format_of :callback_url, :with => /\Ahttp(s?):\/\/(\w+:{0,1}\w*@)?(\S+)(:[0-9]+)?(\/|\/([\w#!:.?+=&address@hidden/]))?/i, :allow_blank=>true
-
-  attr_accessor :token_callback_url
-
+  
   def self.find_token(token_key)
-    token = OauthToken.find_by_token(token_key, :include => :client_application)
-    if token && token.authorized?
-      token
-    else
-      nil
-    end
+    token=OauthToken.find_by_token(token_key, :include => :client_application)
+    logger.info "Loaded #{token.token} which was authorized by (user_id=#{token.user_id}) on the #{token.authorized_at}"
+    return token if token.authorized?
+    nil
   end
-
+  
   def self.verify_request(request, options = {}, &block)
     begin
-      signature = OAuth::Signature.build(request, options, &block)
-      return false unless OauthNonce.remember(signature.request.nonce, signature.request.timestamp)
-      value = signature.verify
+      signature=OAuth::Signature.build(request,options,&block)
+      logger.info "Signature Base String: #{signature.signature_base_string}"
+      logger.info "Consumer: #{signature.send :consumer_key}"
+      logger.info "Token: #{signature.send :token}"
+      return false unless OauthNonce.remember(signature.request.nonce,signature.request.timestamp)
+      value=signature.verify
+#      value=true
+      logger.info "Signature verification returned: #{value.to_s}"
       value
-    rescue OAuth::Signature::UnknownSignatureMethod => e
-      false
+    rescue OAuth::Signature::UnknownSignatureMethod=>e
+      #logger.info "ERROR"+e.to_s
+     false
     end
   end
-
+  
   def oauth_server
-    @oauth_server ||= OAuth::Server.new("http://your.site")
+    @oauth_server||=OAuth::Server.new "http://your.site"
   end
-
+  
   def credentials
-    @oauth_client ||= OAuth::Consumer.new(key, secret)
+    @oauth_client||=OAuth::Consumer.new key,secret
   end
-
-  # If your application requires passing in extra parameters handle it here
-  def create_request_token(params={})
-    RequestToken.create :client_application => self, :callback_url=>self.token_callback_url
+    
+  def create_request_token
+    RequestToken.create :client_application=>self
   end
-
+  
   def permissions_for
     permissions_for= []
     for key_permission in self.permissions do
@@ -62,11 +56,12 @@
     end
     permissions_for
   end
-
-protected
-
+  
+  protected
+  
   def generate_keys
-    self.key = OAuth::Helper.generate_key(40)[0,40]
-    self.secret = OAuth::Helper.generate_key(40)[0,40]
+    @oauth_client=oauth_server.generate_consumer_credentials
+    address@hidden
+    address@hidden
   end
 end

Deleted: branches/wf4ever/app/models/oauth2_token.rb (3134 => 3135)


--- branches/wf4ever/app/models/oauth2_token.rb	2012-09-25 17:29:10 UTC (rev 3134)
+++ branches/wf4ever/app/models/oauth2_token.rb	2012-09-25 17:32:46 UTC (rev 3135)
@@ -1,20 +0,0 @@
-class Oauth2Token < AccessToken
-  attr_accessor :state
-  def as_json(options={})
-    d = {:access_token=>token, :token_type => 'bearer'}
-    d[:expires_in] = expires_in if expires_at
-    d
-  end
-
-  def to_query
-    q = "access_token=#{token}&token_type=bearer"
-    q << "&state=#{URI.escape(state)}" if @state
-    q << "&expires_in=#{expires_in}" if expires_at
-    q << "&scope=#{URI.escape(scope)}" if scope
-    q
-  end
-
-  def expires_in
-    expires_at.to_i - Time.now.to_i
-  end
-end

Deleted: branches/wf4ever/app/models/oauth2_verifier.rb (3134 => 3135)


--- branches/wf4ever/app/models/oauth2_verifier.rb	2012-09-25 17:29:10 UTC (rev 3134)
+++ branches/wf4ever/app/models/oauth2_verifier.rb	2012-09-25 17:32:46 UTC (rev 3135)
@@ -1,35 +0,0 @@
-class Oauth2Verifier < OauthToken
-  validates_presence_of :user
-  attr_accessor :state
-
-  def exchange!(params={})
-    OauthToken.transaction do
-      token = Oauth2Token.create! :user=>user,:client_application=>client_application, :scope => scope
-      invalidate!
-      token
-    end
-  end
-
-  def code
-    token
-  end
-
-  def redirect_url
-    callback_url
-  end
-
-  def to_query
-    q = "code=#{token}"
-    q << "&state=#{URI.escape(state)}" if @state
-    q
-  end
-
-  protected
-
-  def generate_keys
-    self.token = OAuth::Helper.generate_key(20)[0,20]
-    self.expires_at = 10.minutes.from_now
-    self.authorized_at = Time.now
-  end
-
-end

Modified: branches/wf4ever/app/models/oauth_nonce.rb (3134 => 3135)


--- branches/wf4ever/app/models/oauth_nonce.rb	2012-09-25 17:29:10 UTC (rev 3134)
+++ branches/wf4ever/app/models/oauth_nonce.rb	2012-09-25 17:32:46 UTC (rev 3135)
@@ -1,12 +1,12 @@
 # Simple store of nonces. The OAuth Spec requires that any given pair of nonce and timestamps are unique.
 # Thus you can use the same nonce with a different timestamp and viceversa.
 class OauthNonce < ActiveRecord::Base
-  validates_presence_of :nonce, :timestamp
-  validates_uniqueness_of :nonce, :scope => :timestamp
-
+  validates_presence_of :nonce,:timestamp
+  validates_uniqueness_of :nonce,:scope=>:timestamp
+  
   # Remembers a nonce and it's associated timestamp. It returns false if it has already been used
-  def self.remember(nonce, timestamp)
-    oauth_nonce = OauthNonce.create(:nonce => nonce, :timestamp => timestamp)
+  def self.remember(nonce,timestamp)
+    oauth_nonce=OauthNonce.create(:nonce=>nonce,:timestamp=>timestamp)
     return false if oauth_nonce.new_record?
     oauth_nonce
   end

Modified: branches/wf4ever/app/models/oauth_token.rb (3134 => 3135)


--- branches/wf4ever/app/models/oauth_token.rb	2012-09-25 17:29:10 UTC (rev 3134)
+++ branches/wf4ever/app/models/oauth_token.rb	2012-09-25 17:32:46 UTC (rev 3135)
@@ -2,29 +2,31 @@
   belongs_to :client_application
   belongs_to :user
   validates_uniqueness_of :token
-  validates_presence_of :client_application, :token
+  validates_presence_of :client_application,:token,:secret
   before_validation_on_create :generate_keys
-
+  
   def invalidated?
-    invalidated_at != nil
+    invalidated_at!=nil
   end
-
+  
   def invalidate!
-    update_attribute(:invalidated_at, Time.now)
+    update_attribute(:invalidated_at,Time.now)
   end
-
+  
   def authorized?
-    authorized_at != nil && !invalidated?
+    authorized_at!=nil && !invalidated?
   end
-
+  
   def to_query
     "oauth_token=#{token}&oauth_token_secret=#{secret}"
   end
-
+    
   protected
-
+  
   def generate_keys
-    self.token = OAuth::Helper.generate_key(40)[0,40]
-    self.secret = OAuth::Helper.generate_key(40)[0,40]
+    @oauth_token=client_application.oauth_server.generate_credentials
+    address@hidden
+    address@hidden
   end
+  
 end

Modified: branches/wf4ever/app/models/request_token.rb (3134 => 3135)


--- branches/wf4ever/app/models/request_token.rb	2012-09-25 17:29:10 UTC (rev 3134)
+++ branches/wf4ever/app/models/request_token.rb	2012-09-25 17:32:46 UTC (rev 3135)
@@ -1,40 +1,18 @@
-class RequestToken < OauthToken
-
-  attr_accessor :provided_oauth_verifier
-
+class RequestToken<OauthToken
+  
   def authorize!(user)
     return false if authorized?
-    self.user = user
-    self.authorized_at = Time.now
-    self.verifier=OAuth::Helper.generate_key(20)[0,20] unless oauth10?
+    self.user=user
+    self.authorized_at=Time.now
     self.save
   end
-
+  
   def exchange!
     return false unless authorized?
-    return false unless oauth10? || verifier==provided_oauth_verifier
-
     RequestToken.transaction do
-      access_token = AccessToken.create(:user => user, :client_application => client_application)
+      access_token=AccessToken.create(:user=>user,:client_application=>client_application)
       invalidate!
       access_token
     end
   end
-
-  def to_query
-    if oauth10?
-      super
-    else
-      "#{super}&oauth_callback_confirmed=true"
-    end
-  end
-
-  def oob?
-    callback_url.nil? || callback_url.downcase == 'oob'
-  end
-
-  def oauth10?
-    (defined? OAUTH_10_SUPPORT) && OAUTH_10_SUPPORT && self.callback_url.blank?
-  end
-
-end
+end
\ No newline at end of file

Copied: branches/wf4ever/app/views/oauth/_form.rhtml (from rev 3130, branches/wf4ever/app/views/oauth/_form.rhtml) (0 => 3135)


--- branches/wf4ever/app/views/oauth/_form.rhtml	                        (rev 0)
+++ branches/wf4ever/app/views/oauth/_form.rhtml	2012-09-25 17:32:46 UTC (rev 3135)
@@ -0,0 +1,54 @@
+<div class="field">
+	<label for=""
+	<%=f.text_field :name %>
+</div>
+<div class="field">
+        <% if current_user.admin? %>
+          <label for=""
+	  <% unless @client_application.id %>  
+	    <%= select_tag "client_application[key_type]", options_for_select([ "User", "System"], "User") %>
+	  <% else %>
+	    <%= select_tag "client_application[key_type]", options_for_select([ "User", "System"], @client_application.key_type) %>
+	  <% end %>
+</div>
+<div class="field">
+	  <label for="" User*</label><br/>
+          <% unless @client_application.id %>
+            <select id="client_application[user_id]" name="client_application[user_id]" %>
+              <% all_users().each do |u| %>
+	        <option <%= 'selected="selected"' if u.id==current_user.id %> value="<%= u.id %>"><%= h(u.name) %></option><% end %>
+            </select>
+          <% else %>
+            <select id="client_application[user_id]" name="client_application[user_id]">
+              <% all_users().each do |u| %>
+	         <option <%= 'selected="selected"' if address@hidden %> value="<%= u.id %>"><%= h(u.name) %></option><% end %>
+            </select>
+	  <% end %>
+	<% else %>
+          <%= f.hidden_field :user_id, :value => current_user.id %>
+	  <% unless @client_application.id %>
+	    <%= f.hidden_field :key_type, :value => "User" %>
+	  <% else %>
+	     <%= f.hidden_field :key_type, :value => @client_application.key_type %>
+	  <% end %>
+	<% end %>
+	<% unless @client_application.id %>
+	  <%= f.hidden_field :creator_id, :value => current_user.id %>
+	<% else %>
+	  <%= f.hidden_field :creator_id, :value => @client_application.creator_id %>
+	<% end %>
+
+</div>
+<div class="field">
+	<label for="" Application URL*</label><br/>
+	<%=f.text_field :url%>
+</div>
+<div class="field">
+	<label for="" URL*</label><br/>
+	<%=f.text_field :callback_url%>
+</div>
+<div class="field">
+	<label for="" URL</label><br/>
+	<%=f.text_field :support_url%>
+</div>
+

Modified: branches/wf4ever/app/views/oauth/authorize.rhtml (3134 => 3135)


--- branches/wf4ever/app/views/oauth/authorize.rhtml	2012-09-25 17:29:10 UTC (rev 3134)
+++ branches/wf4ever/app/views/oauth/authorize.rhtml	2012-09-25 17:32:46 UTC (rev 3135)
@@ -1,15 +1,15 @@
 <h1>Authorize access to your account</h1>
-<p>Would you like to authorize <%= link_to @token.client_application.name,@token.client_application.url %> (<%= link_to @token.client_application.url,@token.client_application.url %>) to access your account?</p>
-<% form_tag authorize_url do %>
-  <%= hidden_field_tag "oauth_token", @token.token %>
-  <%- if params[:oauth_callback] -%>
-  <%= hidden_field_tag "oauth_callback", params[:oauth_callback] %>
-<%- end -%>
+<p>Would you like to authorize <%=link_to @token.client_application.name,@token.client_application.url%> (<%=link_to @token.client_application.url,@token.client_application.url%>) to access your account?</p>
+<%form_tag authorize_url do %>
+<%=hidden_field_tag "oauth_token",@token.token%>
+<%-if params[:oauth_callback]-%>
+<%=hidden_field_tag "oauth_callback", params[:oauth_callback]%>
+<%-end-%>
 <p>
-  <%= check_box_tag 'authorize' %> authorize access
+	<%=check_box_tag 'authorize'%> authorize access
 </p>
 <p>
-  <%= submit_tag %>
+	<%=submit_tag%>
 </p>
-<% end %>
+<%end%>
 <%= render :partial => "show_permissions" -%>

Copied: branches/wf4ever/app/views/oauth/index.rhtml (from rev 3130, branches/wf4ever/app/views/oauth/index.rhtml) (0 => 3135)


--- branches/wf4ever/app/views/oauth/index.rhtml	                        (rev 0)
+++ branches/wf4ever/app/views/oauth/index.rhtml	2012-09-25 17:32:46 UTC (rev 3135)
@@ -0,0 +1,46 @@
+<h1>OAuth Client Applications</h1>
+<%unless @tokens.empty?%>
+<p>The following tokens have been issued to applications in your name</p>
+<table>
+	<tr><th>Application</th><th>Issued</th><th>&nbsp;</th></tr>
+	<address@hidden do |token|%>
+		<tr>
+			<td><%=link_to token.client_application.name,token.client_application.url%></td>
+			<td><%=token.authorized_at%></td>
+			<td>
+				<%form_tag :controller=>'oauth',:action="" do%>
+				<%=hidden_field_tag 'token',token.token%>
+				<%=submit_tag "Revoke!"%>
+				<%end%>
+			</td>
+		</tr>
+	<%end%>
+	
+</table>
+<%end%>
+<h3>Your Registered Client Applications</h3>
+<%if @client_applications.empty?%>
+	<p>
+		Do you have an application you would like to register for use with us using the <a href="" standard?
+	</p>
+	<p>
+		You must register your web application before it can make OAuth requests to this service
+	</p>
+<%else%>
+	<address@hidden do |client|%>
+		<div><%=link_to client.name,:action=""
+	<%end%>
+<%end%>
+<% if current_user.admin? %>
+<h3>Client Applications You Have Created For Other Users</h3>
+<% if @admin_client_applications.empty? %>
+	<p>You do not currently have any client applications that you have created or other users.</p>
+<%else%>
+	<address@hidden do |client|%>
+                <div><%=link_to client.name,:action=""
+        <%end%>
+<% end %>
+<% end %>
+<ul class="sectionIcons">
+	<li><%= icon "register_application", {:controller =>'oauth',:action="" nil, nil, "Register Client Application" %></li>
+</ul>

Copied: branches/wf4ever/app/views/oauth/new.rhtml (from rev 3130, branches/wf4ever/app/views/oauth/new.rhtml) (0 => 3135)


--- branches/wf4ever/app/views/oauth/new.rhtml	                        (rev 0)
+++ branches/wf4ever/app/views/oauth/new.rhtml	2012-09-25 17:32:46 UTC (rev 3135)
@@ -0,0 +1,7 @@
+<h1>Register a new application</h1>
+<% form_for :client_application, :url ="" { :action ="" :create } do |f| %>
+       <%= render :partial => "form", :locals => { :f => f } %>
+       <%= render :partial => "permissions", :locals => { :f => f } %>
+       <br/><br/>
+       <p style="text-align: center; font-weight: bold;"><%= submit_tag "Register" %></p>
+<% end %>

Deleted: branches/wf4ever/app/views/oauth/oauth2_authorize.html.erb (3134 => 3135)


--- branches/wf4ever/app/views/oauth/oauth2_authorize.html.erb	2012-09-25 17:29:10 UTC (rev 3134)
+++ branches/wf4ever/app/views/oauth/oauth2_authorize.html.erb	2012-09-25 17:32:46 UTC (rev 3135)
@@ -1,17 +0,0 @@
-<h1>Authorize access to your account</h1>
-<p>Would you like to authorize <%= link_to @token.client_application.name,@token.client_application.url %> (<%= link_to @token.client_application.url,@token.client_application.url %>) to access your account?</p>
-<% form_tag authorize_url do %>
-  <%= hidden_field_tag "response_type", params[:response_type]%>
-  <%= hidden_field_tag "client_id", params[:client_id]%>
-  <%= hidden_field_tag "redirect_uri", params[:redirect_uri]%>
-  <%= hidden_field_tag "state", params[:state]%>
-  <%= hidden_field_tag "scope", params[:scope]%>
-
-<p>
-  <%= check_box_tag 'authorize' %> authorize access
-</p>
-<p>
-  <%= submit_tag %>
-</p>
-<% end %>
-<%= render :partial => "show_permissions" -%>

Copied: branches/wf4ever/app/views/oauth/show.rhtml (from rev 3130, branches/wf4ever/app/views/oauth/show.rhtml) (0 => 3135)


--- branches/wf4ever/app/views/oauth/show.rhtml	                        (rev 0)
+++ branches/wf4ever/app/views/oauth/show.rhtml	2012-09-25 17:32:46 UTC (rev 3135)
@@ -0,0 +1,45 @@
+<ul class="sectionIcons">
+  <li><%= icon('manage', {:controller=>'oauth', :action="" :id=>@client_application.id}, nil, nil, 'Update Client Application')%></li>
+  <li><%= icon('destroy', {:controller=>'oauth', :action="" :id=>@client_application.id}, nil, { :confirm => 'Are you you wish to remove this client application?', :method => :revoke }, 'Remove Client Application') %></li>
+</ul>
+<h1>OAuth details for <address@hidden></h1>
+<p>
+        <b>Main Application URL:</b> <address@hidden>
+</p>
+<p>
+	<b>Key Type:</b> <address@hidden>
+</p>
+<% if current_user.admin? %>
+<p>
+	<b>For User:</b> <a href="" user_path(@client_application.user.id) %>"><address@hidden></a>
+</p>
+<% end %>
+<p>
+        <b>Callback URL:</b> <address@hidden>
+</p>
+<p>
+        <b>Support URL:</b> <address@hidden>
+</p>
+<p>
+	<b>Consumer Key:</b> <address@hidden>
+</p>
+<p>
+	<b>Consumer Secret:</b> <address@hidden>
+</p>
+<p>
+	<b>Request Token URL</b> http<%='s' if request.ssl?%>://<%=request.host_with_port%><address@hidden>
+</p>
+<p>
+	<b>Access Token URL</b> http<%='s' if request.ssl?%>://<%=request.host_with_port%><address@hidden>
+</p>
+<p>
+	<b>Authorize URL</b> http<%='s' if request.ssl?%>://<%=request.host_with_port%><address@hidden>
+</p>
+
+<p>
+	We support hmac-sha1 (recommended) as well as plain text in ssl mode.
+</p>
+
+<%= render :partial => "show_permissions" %>
+
+ <!--<p><%= TABLES['REST'][:data].inspect %></p> -->

Modified: branches/wf4ever/config/environment.rb (3134 => 3135)


--- branches/wf4ever/config/environment.rb	2012-09-25 17:29:10 UTC (rev 3134)
+++ branches/wf4ever/config/environment.rb	2012-09-25 17:32:46 UTC (rev 3135)
@@ -46,6 +46,7 @@
     :mannie_taverna_scufl,
     :mannie_taverna_t2flow,
     :oauth,
+    :oauth_plugin,
     :open_id_authentication,
     :paginating_find,
     :qrcode,

Modified: branches/wf4ever/config/routes.rb (3134 => 3135)


--- branches/wf4ever/config/routes.rb	2012-09-25 17:29:10 UTC (rev 3134)
+++ branches/wf4ever/config/routes.rb	2012-09-25 17:32:46 UTC (rev 3135)
@@ -202,15 +202,12 @@
   map.resources :messages, :collection => { :sent => :get, :delete_all_selected => :delete }
 
   # all oauth
-  map.resources :oauth_clients
+  map.oauth '/oauth',:controller=>'oauth',:action=""
+  map.authorize '/oauth/authorize',:controller=>'oauth',:action=""
+  map.request_token '/oauth/request_token',:controller=>'oauth',:action=""
+  map.access_token '/oauth/access_token',:controller=>'oauth',:action=""
+  map.test_request '/oauth/test_request',:controller=>'oauth',:action=""
 
-  map.test_request '/oauth/test_request', :controller => 'oauth', :action ="" 'test_request'
-  map.token '/oauth/token', :controller => 'oauth', :action ="" 'token'
-  map.access_token '/oauth/access_token', :controller => 'oauth', :action ="" 'access_token'
-  map.request_token '/oauth/request_token', :controller => 'oauth', :action ="" 'request_token'
-  map.authorize '/oauth/authorize', :controller => 'oauth', :action ="" 'authorize'
-  map.oauth '/oauth', :controller => 'oauth', :action ="" 'index'
-
   # User timeline
   map.connect 'users/timeline', :controller => 'users', :action ="" 'timeline'
   map.connect 'users/users_for_timeline', :controller => 'users', :action ="" 'users_for_timeline'

Deleted: branches/wf4ever/db/migrate/20120921144930_update_oauth_tables.rb (3134 => 3135)


--- branches/wf4ever/db/migrate/20120921144930_update_oauth_tables.rb	2012-09-25 17:29:10 UTC (rev 3134)
+++ branches/wf4ever/db/migrate/20120921144930_update_oauth_tables.rb	2012-09-25 17:32:46 UTC (rev 3135)
@@ -1,18 +0,0 @@
-# myExperiment: db/migrate/20120921144930_update_oauth_tables.rb
-#
-# Copyright (c) 2012 University of Manchester and the University of Southampton.
-# See license.txt for details.
-
-class UpdateOauthTables < ActiveRecord::Migration
-  def self.up
-    add_column :oauth_tokens, :callback_url, :string
-    add_column :oauth_tokens, :verifier, :string, :limit => 20
-    add_column :oauth_tokens, :scope, :string
-  end
-
-  def self.down
-    drop_column :oauth_tokens, :callback_url
-    drop_column :oauth_tokens, :verifier
-    drop_column :oauth_tokens, :scope
-  end
-end

Modified: branches/wf4ever/db/schema.rb (3134 => 3135)


--- branches/wf4ever/db/schema.rb	2012-09-25 17:29:10 UTC (rev 3134)
+++ branches/wf4ever/db/schema.rb	2012-09-25 17:32:46 UTC (rev 3135)
@@ -9,7 +9,7 @@
 #
 # It's strongly recommended to check this file into your version control system.
 
-ActiveRecord::Schema.define(:version => 20120921144930) do
+ActiveRecord::Schema.define(:version => 20120605091404) do
 
   create_table "activity_limits", :force => true do |t|
     t.string   "contributor_type", :null => false
@@ -400,9 +400,6 @@
     t.datetime "invalidated_at"
     t.datetime "created_at"
     t.datetime "updated_at"
-    t.string   "callback_url"
-    t.string   "verifier",              :limit => 20
-    t.string   "scope"
   end
 
   add_index "oauth_tokens", ["token"], :name => "index_oauth_tokens_on_token", :unique => true

reply via email to

[Prev in Thread] Current Thread [Next in Thread]