fix diaspora connect for the new oauth stuff WIP. There's one bug where the oauth_identifier changes but the client doesn't get informed or doesn't save it. I hope it's the last bug. Btw. this is all ugly

2011-12-08 01:56:05 +01:00 · 2011-12-08 01:56:05 +01:00 · 4dd55ebdad
commit 4dd55ebdad
parent 05be43e21a
8 changed files with 77 additions and 32 deletions
--- a/2
+++ b/2
@ -12,7 +12,7 @@ gem 'thin', '~> 1.3.1', :require => false
 gem 'devise', '~> 1.3.1'
 gem 'devise_invitable', '0.5.0'
 gem 'jwt', "0.1.3"
-gem 'oauth2-provider', '0.0.16'
+gem 'oauth2-provider', '0.0.19'

 gem 'omniauth', '1.0.1'
 gem 'omniauth-facebook'
--- a/Gemfile.lock
+++ b/Gemfile.lock
@ -278,8 +278,8 @@ GEM
    oauth2 (0.5.0)
      faraday (>= 0.6.1, < 0.8)
      multi_json (~> 1.0.0)
-    oauth2-provider (0.0.16)
-      activesupport (~> 3.0.1)
+    oauth2-provider (0.0.19)
+      activesupport (~> 3.0)
      addressable (~> 2.2)
    ohai (0.6.10)
      mixlib-cli
@ -483,7 +483,7 @@ DEPENDENCIES
  mysql2 (= 0.2.17)
  newrelic_rpm
  nokogiri (~> 1.5.0)
-  oauth2-provider (= 0.0.16)
+  oauth2-provider (= 0.0.19)
  ohai (~> 0.6.10)
  omniauth (= 1.0.1)
  omniauth-facebook
--- a/app/controllers/apis_controller.rb
+++ b/app/controllers/apis_controller.rb
@ -4,6 +4,7 @@ class ApisController < ApplicationController
  respond_to :json

  def me
+#    debugger
    @person = @user.person
    render :json => {
                      :birthday => @person.profile.birthday,
--- a/app/controllers/authorizations_controller.rb
+++ b/app/controllers/authorizations_controller.rb
@ -53,28 +53,41 @@ class AuthorizationsController < ApplicationController
      render :text => "bad request: #{params.inspect}", :status => 403
      return
    end
-      packaged_manifest = JSON.parse(RestClient.get("#{app_url}manifest.json").body)
-      public_key = OpenSSL::PKey::RSA.new(packaged_manifest['public_key'])
-      manifest = JWT.decode(packaged_manifest['jwt'], public_key)
+    
+    packaged_manifest = JSON.parse(RestClient.get("#{app_url}manifest.json").body)
+    public_key = OpenSSL::PKey::RSA.new(packaged_manifest['public_key'])
+    manifest = JWT.decode(packaged_manifest['jwt'], public_key)

-      message = verify(signed_string, Base64.decode64(params[:signature]), public_key, manifest)
-      if not (message =='ok')
-        render :text => message, :status => 403
-      elsif manifest["application_base_url"].match(/^https?:\/\/(localhost|chubbi\.es|www\.cubbi\.es|cubbi\.es)(:\d+)?\/$/).nil?
-        # This will only be temporary (less than a month) while we iron out the kinks in Diaspora Connect. Essentially,
-        # whatever we release people will try to work off of and it sucks to build things on top of non-stable things.
-        # We also started writing a gem that we'll release (around the same time) that makes becoming a Diaspora enabled
-        # ruby project a breeze.
+    message = verify(signed_string, Base64.decode64(params[:signature]), public_key, manifest)
+    if not (message =='ok')
+      render :text => message, :status => 403
+    elsif manifest["application_base_url"].match(/^https?:\/\/(localhost|chubbi\.es|www\.cubbi\.es|cubbi\.es)(:\d+)?\/$/).nil?
+      # This will only be temporary (less than a month) while we iron out the kinks in Diaspora Connect. Essentially,
+      # whatever we release people will try to work off of and it sucks to build things on top of non-stable things.
+      # We also started writing a gem that we'll release (around the same time) that makes becoming a Diaspora enabled
+      # ruby project a breeze.

-        render :text => "Domain (#{manifest["application_base_url"]}) currently not authorized for Diaspora OAuth", :status => 403
-      else
-        client = OAuth2::Provider.client_class.create_or_reset_from_manifest!(manifest, public_key)
+      render :text => "Domain (#{manifest["application_base_url"]}) currently not authorized for Diaspora OAuth", :status => 403
+    else
+      client = OAuth2::Provider.client_class.create_or_reset_from_manifest!(manifest, public_key)

-        render :json => {:client_id => client.oauth_identifier,
-                         :client_secret => client.oauth_secret,
-                         :expires_in => 0,
-                         :flows_supported => ""}
+      debugger
+      json = {:client_id => client.oauth_identifier,
+              :client_secret => client.oauth_secret,
+              :expires_in => 0,
+              :flows_supported => ""}
+
+      if params[:code]
+        code = client.authorization_codes.claim(params[:code], 
+                                                params[:redirect_uri])
+        json.merge!(
+          :access_token => code.access_token,
+          :refresh_token => code.refresh_token
+        )
      end
+
+      render :json => json
+    end
  end

  def index
--- a/db/migrate/20111207230506_add_oauth_redirect_uri_to_oauth_clients.rb
+++ b/db/migrate/20111207230506_add_oauth_redirect_uri_to_oauth_clients.rb
@ -0,0 +1,9 @@
+class AddOauthRedirectUriToOauthClients < ActiveRecord::Migration
+  def self.up
+    add_column :oauth_clients, :oauth_redirect_uri, :string
+  end
+
+  def self.down
+    remove_column :oauth_clients, :oauth_redirect_uri
+  end
+end
--- a/db/migrate/20111207233503_remove_low_length_limits_from_oauth_tables.rb
+++ b/db/migrate/20111207233503_remove_low_length_limits_from_oauth_tables.rb
@ -0,0 +1,19 @@
+class RemoveLowLengthLimitsFromOauthTables < ActiveRecord::Migration
+  def self.up
+    change_column :oauth_clients, :oauth_identifier, :string, :limit => 127
+    change_column :oauth_clients, :oauth_secret, :string, :limit => 127
+    change_column :oauth_clients, :nonce, :string, :limit => 127
+    change_column :oauth_authorization_codes, :code, :string, :limit => 127
+    change_column :oauth_access_tokens, :access_token, :string, :limit => 127
+    change_column :oauth_access_tokens, :refresh_token, :string, :limit => 127
+  end
+
+  def self.down
+    change_column :oauth_clients, :oauth_identifier, :string, :limit => 32
+    change_column :oauth_clients, :oauth_secret, :string, :limit => 32
+    change_column :oauth_clients, :nonce, :string, :limit => 64
+    change_column :oauth_authorization_codes, :code, :string, :limit => 32
+    change_column :oauth_access_tokens, :access_token, :string, :limit => 32
+    change_column :oauth_access_tokens, :refresh_token, :string, :limit => 32
+  end
+end
--- a/db/schema.rb
+++ b/db/schema.rb
@ -10,7 +10,7 @@
 #
 # It's strongly recommended to check this file into your version control system.

-ActiveRecord::Schema.define(:version => 20111109023618) do
+ActiveRecord::Schema.define(:version => 20111207233503) do

  create_table "account_deletions", :force => true do |t|
    t.string  "diaspora_handle"
@ -199,17 +199,17 @@ ActiveRecord::Schema.define(:version => 20111109023618) do
  add_index "o_embed_caches", ["url"], :name => "index_o_embed_caches_on_url", :length => {"url"=>255}

  create_table "oauth_access_tokens", :force => true do |t|
-    t.integer  "authorization_id",               :null => false
-    t.string   "access_token",     :limit => 32, :null => false
-    t.string   "refresh_token",    :limit => 32
+    t.integer  "authorization_id",                :null => false
+    t.string   "access_token",     :limit => 127, :null => false
+    t.string   "refresh_token",    :limit => 127
    t.datetime "expires_at"
    t.datetime "created_at"
    t.datetime "updated_at"
  end

  create_table "oauth_authorization_codes", :force => true do |t|
-    t.integer  "authorization_id",               :null => false
-    t.string   "code",             :limit => 32, :null => false
+    t.integer  "authorization_id",                :null => false
+    t.string   "code",             :limit => 127, :null => false
    t.datetime "expires_at"
    t.datetime "created_at"
    t.datetime "updated_at"
@ -231,11 +231,12 @@ ActiveRecord::Schema.define(:version => 20111109023618) do
    t.text   "description",                         :null => false
    t.string "application_base_url", :limit => 127, :null => false
    t.string "icon_url",             :limit => 127, :null => false
-    t.string "oauth_identifier",     :limit => 32,  :null => false
-    t.string "oauth_secret",         :limit => 32,  :null => false
-    t.string "nonce",                :limit => 64
+    t.string "oauth_identifier",     :limit => 127, :null => false
+    t.string "oauth_secret",         :limit => 127, :null => false
+    t.string "nonce",                :limit => 127
    t.text   "public_key",                          :null => false
    t.text   "permissions_overview",                :null => false
+    t.string "oauth_redirect_uri"
  end

  add_index "oauth_clients", ["application_base_url"], :name => "index_oauth_clients_on_application_base_url", :unique => true
@ -459,6 +460,8 @@ ActiveRecord::Schema.define(:version => 20111109023618) do
    t.string   "confirm_email_token",                :limit => 30
    t.datetime "locked_at"
    t.boolean  "show_community_spotlight_in_stream",                :default => true,  :null => false
+    t.boolean  "auto_follow_back",                                  :default => false
+    t.integer  "auto_follow_back_aspect_id"
  end

  add_index "users", ["authentication_token"], :name => "index_users_on_authentication_token", :unique => true
--- a/spec/chubbies/app.rb
+++ b/spec/chubbies/app.rb
@ -87,7 +87,7 @@ module Chubbies
          begin
            @resource_response = user.access_token.token.get("/api/v0/me")
            haml :response
-          rescue OAuth2::AccessDenied
+          rescue OAuth2::Error
            "Token invalid"
          end
        else