Skip to content
Closed
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
21 changes: 21 additions & 0 deletions lib/generators/sorcery/templates/initializer.rb
Original file line number Diff line number Diff line change
Expand Up @@ -86,6 +86,15 @@
# config.ca_file =


# For information about the Instagram API:
# - note that in their docs and console `client_id` correspond to `key`
#
# config.instagram.key = "8e4eeace2cfb4823bc1d49537f3a7a5b"
# config.instagram.secret = "edd2fce451914c828124c0eeaa674bae"
# config.instagram.callback_url = "http://0.0.0.0:3000/oauth/callback?provider=instagram"
# config.instagram.user_info_mapping = {name: "username", instagram_id: "id"}
#
#
# For information about LinkedIn API:
# - user info fields go to https://developer.linkedin.com/documents/profile-fields
# - access permissions go to https://developer.linkedin.com/documents/authentication#granting
Expand Down Expand Up @@ -146,6 +155,18 @@
# config.liveid.callback_url = "http://mydomain.com:3000/oauth/callback?provider=liveid"
# config.liveid.user_info_mapping = {:username => "name"}

# For information about JIRA API:
# https://developer.atlassian.com/display/JIRADEV/JIRA+REST+API+Example+-+OAuth+authentication
# to obtain the consumer key and the public key you can use the jira-ruby gem https://github.com/sumoheavy/jira-ruby
# or run openssl req -x509 -nodes -newkey rsa:1024 -sha1 -keyout rsakey.pem -out rsacert.pem to obtain the public key
# Make sure you have configured the application link properly

# config.jira.key = "1234567"
# config.jira.secret = "jiraTest"
# config.jira.site = "http://localhost:2990/jira/plugins/servlet/oauth"
# config.jira.signature_method = "RSA-SHA1"
# config.jira.private_key_file = "rsakey.pem"


# --- user config ---
config.user_config do |user|
Expand Down
2 changes: 1 addition & 1 deletion lib/sorcery/controller.rb
Original file line number Diff line number Diff line change
Expand Up @@ -103,7 +103,7 @@ def not_authenticated
# @param [<User-Model>] user the user instance.
# @return - do not depend on the return value.
def auto_login(user, should_remember = false)
session[:user_id] = user.id
session[:user_id] = user.id.to_s
@current_user = user
end

Expand Down
2 changes: 2 additions & 0 deletions lib/sorcery/controller/submodules/external.rb
Original file line number Diff line number Diff line change
Expand Up @@ -9,13 +9,15 @@ def self.included(base)

require 'sorcery/providers/base'
require 'sorcery/providers/facebook'
require 'sorcery/providers/instagram'
require 'sorcery/providers/twitter'
require 'sorcery/providers/vk'
require 'sorcery/providers/linkedin'
require 'sorcery/providers/liveid'
require 'sorcery/providers/xing'
require 'sorcery/providers/github'
require 'sorcery/providers/google'
require 'sorcery/providers/jira'

Config.module_eval do
class << self
Expand Down
4 changes: 2 additions & 2 deletions lib/sorcery/controller/submodules/remember_me.rb
Original file line number Diff line number Diff line change
Expand Up @@ -38,7 +38,7 @@ def forget_me!
# Override.
# logins a user instance, and optionally remembers him.
def auto_login(user, should_remember = false)
session[:user_id] = user.id
session[:user_id] = user.id.to_s
@current_user = user
remember_me! if should_remember
end
Expand All @@ -58,7 +58,7 @@ def login_from_cookie
user = cookies.signed[:remember_me_token] && user_class.sorcery_adapter.find_by_remember_me_token(cookies.signed[:remember_me_token])
if user && user.has_remember_me_token?
set_remember_me_cookie!(user)
session[:user_id] = user.id
session[:user_id] = user.id.to_s
@current_user = user
else
@current_user = false
Expand Down
102 changes: 102 additions & 0 deletions lib/sorcery/providers/instagram.rb
Original file line number Diff line number Diff line change
@@ -0,0 +1,102 @@
module Sorcery
module Providers
# This class adds support for OAuth with Instagram.com.

class Instagram < Base

include Protocols::Oauth2


attr_accessor :access_permissions, :token_url,
:authorization_path, :user_info_path,
:scope, :user_info_fields


def initialize
@site = 'https://api.instagram.com'
@token_url = '/oauth/access_token'
@authorization_path = '/oauth/authorize/'
@user_info_path = '/v1/users/self'
super
end

# provider implements method to build Oauth client
def login_url(params, session)
authorize_url
end


# @override of Base#authorize_url
def authorize_url(opts={})
@scope = build_access_scope!
super(opts.merge(:token_url => @token_url))
end

# pass oauth2 param `code` provided by instgrm server
def process_callback(params, session)
args = {}.tap do |a|
a[:code] = params[:code] if params[:code]
end
get_access_token(args, token_url: @token_url,
client_id: @key, client_secret: @secret)
end


# see `user_info_mapping` in config/initializer,
# given `user_info_mapping` to specify
# {:db_attribute_name => 'instagram_attr_name'}
# so that Sorcery can build AR model from attr names
#
# NOTE: instead of just getting the user info
# from the access_token (which already returns them),
# testing strategy relies on querying user_info_path
def get_user_hash(access_token)
call_api_params = {
:access_token => access_token.token,
:client_id => access_token[:client_id]
}
response = access_token.get(
"#{user_info_path}?#{call_api_params.to_param}"
)


_user_attrs = Hash.new
_user_attrs[:user_info] = JSON.parse(response.body)['data']
_user_attrs[:uid] = _user_attrs[:user_info]['id']
_user_attrs
end


private

# build access scope attribute for instagram
# e.g. whether to access for `likes` or just basic
def build_access_scope!
valid = /\A(basic|comments|relationships|likes)$/

if !access_permissions.present?
_scopes = ["basic"]
elsif access_permissions.kind_of?(Array)
_scopes = access_permissions
.map(&:to_s)
.grep(valid)
elsif access_permissions.kind_of?(String)
_scopes = access_permissions
.split(/\W+/)
.grep(valid)
end

# basic IS required
# b/c instagram fails on blank values
# and requires `basic` for any additional scope
_scopes.push('basic')

_scopes.uniq.join(' ')

end

end

end

end
77 changes: 77 additions & 0 deletions lib/sorcery/providers/jira.rb
Original file line number Diff line number Diff line change
@@ -0,0 +1,77 @@
module Sorcery
module Providers
# This class adds support for OAuth with Jira
#
# config.jira.key = <key>
# config.jira.secret = <secret>
# ...
#
class Jira < Base

include Protocols::Oauth

attr_accessor :access_token_path, :authorize_path, :request_token_path,
:user_info_path, :site, :signature_method, :private_key_file, :callback_url


def initialize
@configuration = {
authorize_path: '/authorize',
request_token_path: '/request-token',
access_token_path: '/access-token'
}
@user_info_path = '/users/me'
end

# Override included get_consumer method to provide authorize_path
#read extra configurations
def get_consumer
@configuration = @configuration.merge({
site: site,
signature_method: signature_method,
consumer_key: key,
private_key_file: private_key_file
})
::OAuth::Consumer.new(@key, @secret, @configuration)
end

def get_user_hash(access_token)
response = access_token.get(user_info_path)

{}.tap do |h|
h[:user_info] = JSON.parse(response.body)['users'].first
h[:uid] = user_hash[:user_info]['id'].to_s
end
end

# calculates and returns the url to which the user should be redirected,
# to get authenticated at the external provider's site.
def login_url(params, session)
req_token = get_request_token
session[:request_token] = req_token.token
session[:request_token_secret] = req_token.secret

#it was like that -> redirect_to authorize_url({ request_token: req_token.token, request_token_secret: req_token.secret })
#for some reason Jira does not need these parameters

get_request_token(
session[:request_token],
session[:request_token_secret]
).authorize_url
end

# tries to login the user from access token
def process_callback(params, session)
args = {
oauth_verifier: params[:oauth_verifier],
request_token: session[:request_token],
request_token_secret: session[:request_token_secret]
}

args.merge!({ code: params[:code] }) if params[:code]
get_access_token(args)
end

end
end
end
2 changes: 1 addition & 1 deletion spec/controllers/controller_http_basic_auth_spec.rb
Original file line number Diff line number Diff line change
Expand Up @@ -62,7 +62,7 @@

get :test_http_basic_auth, nil, http_authentication_used: true

expect(session[:user_id]).to be 42
expect(session[:user_id]).to eq "42"
end
end
end
Loading