Module: OpenSocial::Auth

Defined in:

lib/opensocial/auth/base.rb

Instance Method Summary

• #get_access_token(connection, token, secret) ⇒ Object

  If neccesary, swaps an existing request token and secret for an access token, storing it in the Connection class, and returning the access token and secret for later use.

• #get_oauth_token(key, secret, container, callback) ⇒ Object

  Gets an OAuth request token, and redirects the user to authorize the app to access data on their behalf.

• #validate(key = CONSUMER_KEY, secret = CONSUMER_SECRET) ⇒ Object

  Validates an incoming request by using the OAuth library and the supplied key and secret.

Instance Method Details

#get_access_token(connection, token, secret) ⇒ Object

If neccesary, swaps an existing request token and secret for an access token, storing it in the Connection class, and returning the access token and secret for later use.

# File 'lib/opensocial/auth/base.rb', line 82

def get_access_token(connection, token, secret)
  if (token && secret)
    consumer = OAuth::Consumer.new(connection.consumer_key,
                                   connection.consumer_secret,
                                   connection.container)

    if connection.consumer_token.token.empty? &&
       connection.consumer_token.secret.empty?
      connection.consumer_token = OAuth::Token.new(token, secret)

      uri = URI.parse(connection.container[:base_uri] +
                      connection.container[:access_token_path])
      http = Net::HTTP.new(uri.host, uri.port)
      req = Net::HTTP::Get.new(uri.request_uri)
      connection.sign!(http, req)

      resp = http.get(req.path)

      matches = resp.body.match(/oauth_token=(.*?)&oauth_token_secret=(.*)/)
      access_token = matches[1]
      access_secret = matches[2]
    end

    reusable_token = OAuth::AccessToken.new(consumer, access_token, access_secret)
    connection.consumer_token = reusable_token

    return access_token, access_secret
  end
  
  return nil, nil
end

#get_oauth_token(key, secret, container, callback) ⇒ Object

Gets an OAuth request token, and redirects the user to authorize the app to access data on their behalf.

# File 'lib/opensocial/auth/base.rb', line 63

def get_oauth_token(key, secret, container, callback)
  consumer = OAuth::Consumer.new(key, secret, {
    :site => container[:base_uri],
    :request_token_path => container[:request_token_path],
    :authorize_path => container[:authorize_path],
    :access_token_path => container[:access_token_path],
    :http_method => container[:http_method]
  })
  request_token = consumer.get_request_token
  
  session[:token] = request_token.token
  session[:secret] = request_token.secret
  
  redirect_to request_token.authorize_url + '&oauth_callback=' + CGI.escape(callback)
end

#validate(key = CONSUMER_KEY, secret = CONSUMER_SECRET) ⇒ Object

Validates an incoming request by using the OAuth library and the supplied key and secret.

# File 'lib/opensocial/auth/base.rb', line 48

def validate(key = CONSUMER_KEY, secret = CONSUMER_SECRET)
  consumer = OAuth::Consumer.new(key, secret)
  begin
    signature = OAuth::Signature.build(request) do
      [nil, consumer.secret]
    end
    pass = signature.verify
  rescue OAuth::Signature::UnknownSignatureMethod => e
    logger.error 'An unknown signature method was supplied: ' + e.to_s
  end
  return pass
end