Skip to content

Instantly share code, notes, and snippets.

@timothyjoh
Forked from technoweenie/oauth2_example.rb
Created May 26, 2010 11:17
Show Gist options
  • Save timothyjoh/414358 to your computer and use it in GitHub Desktop.
Save timothyjoh/414358 to your computer and use it in GitHub Desktop.
# crappy server implementation using technoweenie/oauth2 (server branch)
# http://github.com/technoweenie/oauth2/compare/master...server
#
# ruby oauth2_example.rb -p 4568
# ruby oauth2_example.rb
# open http://localhost:4567/auth/facebook
require 'rubygems'
require 'sinatra'
require 'oauth2/client'
require 'oauth2/server'
require 'json'
# Faraday middleware for logging outgoing http requests.
class ConnectionLogger < Faraday::Middleware
def call(env)
env[:response].on_complete do |env|
puts "RESULT: #{env[:status]}\n#{env[:body]}"
end
process_body_for_request(env)
puts "#{env[:method].inspect} #{env[:url].to_s}"
puts env[:request_headers].inspect if !env[:request_headers].empty?
puts env[:body] if env[:body]
@app.call env
end
end
## Client Implementation
$client = OAuth2::Client.new('123', '456', :site => 'http://localhost:4568', :adapter => :test)
$client.connection.build do |b|
b.use ConnectionLogger
b.adapter :net_http
end
# access this to request a token from facebook.
get '/auth/facebook' do
url = $client.web_server.authorize_url(
:redirect_uri => redirect_uri,
:scope => 'email,offline_access'
)
puts "Redirecting to URL: #{url.inspect}"
redirect url
end
# If the user authorizes it, this request gets your access token
# and makes a successful api call.
get '/auth/facebook/callback' do
access_token = $client.web_server.access_token(params[:code], :redirect_uri => redirect_uri)
user = JSON.parse(access_token.get('/me'))
user.inspect
end
def redirect_uri(path = '/auth/facebook/callback', query = nil)
uri = URI.parse(request.url)
uri.path = path
uri.query = query
uri.to_s
end
## Server Implementation
$strategy = OAuth2::ServerStrategy::Memory.new
$app = $strategy.app! :id => '123', :secret => '456', :redirect_uri => 'http://localhost:4567'
# This checks their client id and redirects back with a temporary code if the user accepts.
# In this experimental demo, no form is shown, so the user always accepts.
get '/oauth/authorize' do
server = get_server
url = params[:redirect_uri] + "?code=#{server.temporary_code}"
puts "Redirecting to #{url.inspect}"
redirect url
end
# This is a simple API request to swap out a temporary code with an access token.
get '/oauth/access_token' do
server = get_server(:code => params[:code])
s = "access_token=#{server.access_token}"
puts "RETURNING #{s.inspect}"
s
end
# mock facebook api call
get '/me' do
if options = $strategy.access_token_options(params[:access_token])
{:client_id => options[:app].id, :client_secret => options[:app].secret}.to_json
else
"{}"
end
end
def get_server(options = {})
OAuth2::Server.new(params[:client_id], {:redirect_uri => params[:redirect_uri], :type => params[:type], :scope => params[:scope], :strategy => $strategy}.update(options))
end
Redirecting to URL: "https://graph.facebook.com/oauth/authorize?scope=email%2Coffline_access&client_id=120094574673767&type=web_server&redirect_uri=http%3A%2F%2Flocalhost%3A4567%2Fauth%2Ffacebook%2Fcallback"
127.0.0.1 - - [22/Apr/2010 14:59:42] "GET /auth/facebook HTTP/1.1" 302 - 0.0013
:get https://graph.facebook.com/oauth/access_token?code=0b634250f9f698c348ab1e72-564393355%7CEhVdUzzMGXZ_BGY6BK3L9avyxps.&client_id=120094574673767&client_secret=b54dc82476af2814e620b86776c42c0e&type=web_server&redirect_uri=http%3A%2F%2Flocalhost%3A4567%2Fauth%2Ffacebook%2Fcallback
RESULT: 200
access_token=120094574673767|0b634250f9f698c348ab1e72-564393355|H87xBimxCdyA9Jr6KWXqXgL599o.
:get https://graph.facebook.com/me?access_token=120094574673767%7C0b634250f9f698c348ab1e72-564393355%7CH87xBimxCdyA9Jr6KWXqXgL599o.
RESULT: 200
{"id":"123","name":"Rick Olson"}
127.0.0.1 - - [22/Apr/2010 14:59:45] "GET /auth/facebook/callback?code=0b634250f9f698c348ab1e72-564393355%7CEhVdUzzMGXZ_BGY6BK3L9avyxps. HTTP/1.1" 200 284 0.8317
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment