Module: Facepalm::Rails::Controller::OauthAccess

Defined in:

lib/facepalm/rails/controller/oauth_access.rb

Overview

OAuth 2.0 authentication module

Defined Under Namespace

Modules: ClassMethods Classes: AccessFilter

Class Method Summary

• .included(base) ⇒ Object

Instance Method Summary

• #facepalm_require_authentication(*permissions) ⇒ Object

  Requires a given set of permissions in context of the current action.

• #facepalm_url_encryptor ⇒ Object

  Internally used to encrypt return URL for authentication endpoint.

Class Method Details

.included(base) ⇒ Object

# File 'lib/facepalm/rails/controller/oauth_access.rb', line 9

def self.included(base)
  base.extend(ClassMethods)
end

Instance Method Details

#facepalm_require_authentication(*permissions) ⇒ Object

Requires a given set of permissions in context of the current action. Use it to require permissions in a single action or custom filter.

NOTE: Facepalm doesn’t check if user provided all required permissions.

It only checks if user was authenticated and redirects to permission
request page with a given set of permissions.

Examples:

class MyController < ApplicationController
  before_filter :my_custom_filter, :only => :show

  def my_custom_filter
    my_custom_condition? and facepalm_require_authentication(:publish_actions)
  end

  def index
    if facepalm_require_authentication(:email)
      ... do what you need ...
    end
  end
end

Parameters:

• permissions —

  An array of permissions to require

Returns:

• true if user authorized the application, false otehrwise

# File 'lib/facepalm/rails/controller/oauth_access.rb', line 71

def facepalm_require_authentication(*permissions)
  if current_facebook_user.try(:authenticated?)
    true
  else
    # Encrypting return URL to pass it to Facebook
    return_code = facepalm_url_encryptor.encrypt(
      url_for(params_without_facebook_data.merge(:canvas => false, :only_path => true))
    )

    redirect_from_iframe(
      facepalm.oauth_client.url_for_oauth_code(
        :permissions => permissions,
        :callback => facepalm_endpoint_url(
          :fb_return_to => ::Rack::Utils.escape(return_code)
        )
      )
    )

    false
  end
end

#facepalm_url_encryptor ⇒ Object

Internally used to encrypt return URL for authentication endpoint

Returns:

• ActiveSupport::MessageEncryptor

# File 'lib/facepalm/rails/controller/oauth_access.rb', line 98

def facepalm_url_encryptor
  @facebook_url_encryptor ||= ActiveSupport::MessageEncryptor.new(facepalm.secret)
end