Class: CloudKit::OAuthFilter

Inherits:

Object

• Object
• CloudKit::OAuthFilter

Includes:

Util

Defined in:

lib/cloudkit/oauth_filter.rb

Overview

An OAuthFilter provides both OAuth 1.0 support, plus OAuth Discovery.

Responds to the following URIs as part of the OAuth 1.0 “dance”:

/oauth/request_tokens
/oauth/authorization
/oauth/authorized_request_tokens/{id}
/oauth/access_tokens

Responds to the following URIs as part of OAuth Discovery:

/oauth
/oauth/meta

See also:

• OAuth Core 1.0

• OAuth Discovery

• Thread covering /oauth and /oauth/meta URIs.

Constant Summary

@@lock =

Mutex.new

@@store =

nil

Instance Method Summary

• #call(env) ⇒ Object
• #initialize(app, options = {}) ⇒ OAuthFilter constructor

  A new instance of OAuthFilter.

• #store ⇒ Object

Methods included from Util

#erb, #r, #unquote

Constructor Details

#initialize(app, options = {}) ⇒ OAuthFilter

Returns a new instance of OAuthFilter.

# File 'lib/cloudkit/oauth_filter.rb', line 27

def initialize(app, options={})
  @app     = app
  @options = options
end

Instance Method Details

#call(env) ⇒ Object

# File 'lib/cloudkit/oauth_filter.rb', line 32

def call(env)
  @@lock.synchronize do
    @@store = OAuthStore.new
  end unless @@store

  request = Request.new(env)
  request.announce_auth(CLOUDKIT_OAUTH_FILTER_KEY)
  return xrds_location(request) if oauth_disco_draft2_xrds?(request)
  return @app.call(env) if request.path_info == '/'

  load_user_from_session(request)

  begin
    case request
    when r(:get, '/oauth/meta')
      get_meta(request)
    when r(:post, '/oauth/request_tokens', ['oauth_consumer_key'])
      create_request_token(request)
    when r(:get, '/oauth/authorization', ['oauth_token'])
      request_authorization(request)
    when r(:put, '/oauth/authorized_request_tokens/:id', ['submit' => 'Approve'])
      # Temporarily relying on a button value until pluggable templates are
      # introduced in 1.0.
      authorize_request_token(request)
    when r(:put, '/oauth/authorized_request_tokens/:id', ['submit' => 'Deny'])
      # See previous comment.
      deny_request_token(request)
    when r(:post, '/oauth/authorized_request_tokens/:id', [{'_method' => 'PUT'}])
      authorize_request_token(request)
    when r(:post, '/oauth/access_tokens')
      create_access_token(request)
    when r(:get, '/oauth')
      get_descriptor(request)
    else
      inject_user_or_challenge(request)
      @app.call(env)
    end
  rescue OAuth::Signature::UnknownSignatureMethod
    # The OAuth spec suggests a 400 status, but serving a 401 with the
    # meta/challenge info seems more appropriate as the OAuth metadata
    # specifies the supported signature methods, giving the user agent an
    # opportunity to fix the error.
    return challenge(request, 'unknown signature method')
  end
end

#store ⇒ Object

# File 'lib/cloudkit/oauth_filter.rb', line 78

def store; @@store; end