Commit 4dd55ebd authored by Jonne Hass's avatar Jonne Hass

fix diaspora connect for the new oauth stuff WIP. There's one bug where the...

fix diaspora connect for the new oauth stuff WIP. There's one bug where the oauth_identifier changes but the client doesn't get informed or doesn't save it. I hope it's the last bug. Btw. this is all ugly
parent 05be43e2
......@@ -12,7 +12,7 @@ gem 'thin', '~> 1.3.1', :require => false
gem 'devise', '~> 1.3.1'
gem 'devise_invitable', '0.5.0'
gem 'jwt', "0.1.3"
gem 'oauth2-provider', '0.0.16'
gem 'oauth2-provider', '0.0.19'
gem 'omniauth', '1.0.1'
gem 'omniauth-facebook'
......
......@@ -278,8 +278,8 @@ GEM
oauth2 (0.5.0)
faraday (>= 0.6.1, < 0.8)
multi_json (~> 1.0.0)
oauth2-provider (0.0.16)
activesupport (~> 3.0.1)
oauth2-provider (0.0.19)
activesupport (~> 3.0)
addressable (~> 2.2)
ohai (0.6.10)
mixlib-cli
......@@ -483,7 +483,7 @@ DEPENDENCIES
mysql2 (= 0.2.17)
newrelic_rpm
nokogiri (~> 1.5.0)
oauth2-provider (= 0.0.16)
oauth2-provider (= 0.0.19)
ohai (~> 0.6.10)
omniauth (= 1.0.1)
omniauth-facebook
......
......@@ -4,6 +4,7 @@ class ApisController < ApplicationController
respond_to :json
def me
# debugger
@person = @user.person
render :json => {
:birthday => @person.profile.birthday,
......
......@@ -53,28 +53,41 @@ class AuthorizationsController < ApplicationController
render :text => "bad request: #{params.inspect}", :status => 403
return
end
packaged_manifest = JSON.parse(RestClient.get("#{app_url}manifest.json").body)
public_key = OpenSSL::PKey::RSA.new(packaged_manifest['public_key'])
manifest = JWT.decode(packaged_manifest['jwt'], public_key)
message = verify(signed_string, Base64.decode64(params[:signature]), public_key, manifest)
if not (message =='ok')
render :text => message, :status => 403
elsif manifest["application_base_url"].match(/^https?:\/\/(localhost|chubbi\.es|www\.cubbi\.es|cubbi\.es)(:\d+)?\/$/).nil?
# This will only be temporary (less than a month) while we iron out the kinks in Diaspora Connect. Essentially,
# whatever we release people will try to work off of and it sucks to build things on top of non-stable things.
# We also started writing a gem that we'll release (around the same time) that makes becoming a Diaspora enabled
# ruby project a breeze.
render :text => "Domain (#{manifest["application_base_url"]}) currently not authorized for Diaspora OAuth", :status => 403
else
client = OAuth2::Provider.client_class.create_or_reset_from_manifest!(manifest, public_key)
render :json => {:client_id => client.oauth_identifier,
:client_secret => client.oauth_secret,
:expires_in => 0,
:flows_supported => ""}
packaged_manifest = JSON.parse(RestClient.get("#{app_url}manifest.json").body)
public_key = OpenSSL::PKey::RSA.new(packaged_manifest['public_key'])
manifest = JWT.decode(packaged_manifest['jwt'], public_key)
message = verify(signed_string, Base64.decode64(params[:signature]), public_key, manifest)
if not (message =='ok')
render :text => message, :status => 403
elsif manifest["application_base_url"].match(/^https?:\/\/(localhost|chubbi\.es|www\.cubbi\.es|cubbi\.es)(:\d+)?\/$/).nil?
# This will only be temporary (less than a month) while we iron out the kinks in Diaspora Connect. Essentially,
# whatever we release people will try to work off of and it sucks to build things on top of non-stable things.
# We also started writing a gem that we'll release (around the same time) that makes becoming a Diaspora enabled
# ruby project a breeze.
render :text => "Domain (#{manifest["application_base_url"]}) currently not authorized for Diaspora OAuth", :status => 403
else
client = OAuth2::Provider.client_class.create_or_reset_from_manifest!(manifest, public_key)
debugger
json = {:client_id => client.oauth_identifier,
:client_secret => client.oauth_secret,
:expires_in => 0,
:flows_supported => ""}
if params[:code]
code = client.authorization_codes.claim(params[:code],
params[:redirect_uri])
json.merge!(
:access_token => code.access_token,
:refresh_token => code.refresh_token
)
end
render :json => json
end
end
def index
......
class AddOauthRedirectUriToOauthClients < ActiveRecord::Migration
def self.up
add_column :oauth_clients, :oauth_redirect_uri, :string
end
def self.down
remove_column :oauth_clients, :oauth_redirect_uri
end
end
class RemoveLowLengthLimitsFromOauthTables < ActiveRecord::Migration
def self.up
change_column :oauth_clients, :oauth_identifier, :string, :limit => 127
change_column :oauth_clients, :oauth_secret, :string, :limit => 127
change_column :oauth_clients, :nonce, :string, :limit => 127
change_column :oauth_authorization_codes, :code, :string, :limit => 127
change_column :oauth_access_tokens, :access_token, :string, :limit => 127
change_column :oauth_access_tokens, :refresh_token, :string, :limit => 127
end
def self.down
change_column :oauth_clients, :oauth_identifier, :string, :limit => 32
change_column :oauth_clients, :oauth_secret, :string, :limit => 32
change_column :oauth_clients, :nonce, :string, :limit => 64
change_column :oauth_authorization_codes, :code, :string, :limit => 32
change_column :oauth_access_tokens, :access_token, :string, :limit => 32
change_column :oauth_access_tokens, :refresh_token, :string, :limit => 32
end
end
......@@ -10,7 +10,7 @@
#
# It's strongly recommended to check this file into your version control system.
ActiveRecord::Schema.define(:version => 20111109023618) do
ActiveRecord::Schema.define(:version => 20111207233503) do
create_table "account_deletions", :force => true do |t|
t.string "diaspora_handle"
......@@ -199,17 +199,17 @@ ActiveRecord::Schema.define(:version => 20111109023618) do
add_index "o_embed_caches", ["url"], :name => "index_o_embed_caches_on_url", :length => {"url"=>255}
create_table "oauth_access_tokens", :force => true do |t|
t.integer "authorization_id", :null => false
t.string "access_token", :limit => 32, :null => false
t.string "refresh_token", :limit => 32
t.integer "authorization_id", :null => false
t.string "access_token", :limit => 127, :null => false
t.string "refresh_token", :limit => 127
t.datetime "expires_at"
t.datetime "created_at"
t.datetime "updated_at"
end
create_table "oauth_authorization_codes", :force => true do |t|
t.integer "authorization_id", :null => false
t.string "code", :limit => 32, :null => false
t.integer "authorization_id", :null => false
t.string "code", :limit => 127, :null => false
t.datetime "expires_at"
t.datetime "created_at"
t.datetime "updated_at"
......@@ -231,11 +231,12 @@ ActiveRecord::Schema.define(:version => 20111109023618) do
t.text "description", :null => false
t.string "application_base_url", :limit => 127, :null => false
t.string "icon_url", :limit => 127, :null => false
t.string "oauth_identifier", :limit => 32, :null => false
t.string "oauth_secret", :limit => 32, :null => false
t.string "nonce", :limit => 64
t.string "oauth_identifier", :limit => 127, :null => false
t.string "oauth_secret", :limit => 127, :null => false
t.string "nonce", :limit => 127
t.text "public_key", :null => false
t.text "permissions_overview", :null => false
t.string "oauth_redirect_uri"
end
add_index "oauth_clients", ["application_base_url"], :name => "index_oauth_clients_on_application_base_url", :unique => true
......@@ -459,6 +460,8 @@ ActiveRecord::Schema.define(:version => 20111109023618) do
t.string "confirm_email_token", :limit => 30
t.datetime "locked_at"
t.boolean "show_community_spotlight_in_stream", :default => true, :null => false
t.boolean "auto_follow_back", :default => false
t.integer "auto_follow_back_aspect_id"
end
add_index "users", ["authentication_token"], :name => "index_users_on_authentication_token", :unique => true
......
......@@ -87,7 +87,7 @@ module Chubbies
begin
@resource_response = user.access_token.token.get("/api/v0/me")
haml :response
rescue OAuth2::AccessDenied
rescue OAuth2::Error
"Token invalid"
end
else
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment