warden_oauth
warden_oauth enhances the Warden authentication framework, offering a simple interface for creating oauth strategies.
Getting Started
To get started you just have to require the warden_oauth libraries, and setup the oauth services you would like to have on the Warden::Manager
middleware declaration:
Warden::Manager do |manager|
manager.failure_app = FailureApp
manager.oauth(:twitter) do |twitter|
twitter.consumer_secret = <YOUR CONSUMER SECRET>
twitter.consumer_key = <YOUR CONSUMER KEY>
twitter.options :site => 'http://twitter.com'
end
manager.default_strategies(:twitter_oauth, :password, :other)
end
Giving an Access Token fetcher
Users get identified on a system via an access_token and an access_secret, when a valid access_token is recevied, warden_oauth calls a fetcher declared on Warden::Manager.access_token_user_finder
.
Warden::Manager.access_token_user_finder(:twitter) do |access_token|
User.find_by_access_token_and_access_secret(access_token.token, access_token.secret)
end
If a user is returned, then this is the user that is going to be authenticated in the session, otherwise the FailureApp
will be called, you may check the env['warden.options'][:oauth][:access_token]
to check the original access_token and create a new user from there if desired.
Strategy Class info
When you declare an oauth strategy on the Warden::Manager
initialization, (e.g. manager.oauth(:service_name)) a Warden::OAuth::Strategy::ServiceName
will be declared, at the same time this class will be registered as :service_name_oauth
on the Warden::Strategies
.
So if we have a declaration like the one of the Getting Started section, we will have an Strategy class called Warden::OAuth::Strategy::Twitter
, and this will be registered as :twitter_oauth
.
Running the Strategy
In order to get the strategy running in the app, you have to specify a parameter called warden_oauth_provider with the name of the oauth service you want to start. So for example, if you would like to boot the twitter oauth example given on the “Getting Started” section you just have to specify the parameter on a protected url.
In Rails:
link_to 'Twitter Authentication', url_for(login_path(:warden_oauth_provider => 'twitter'))
Note on Patches/Pull Requests
For any error send an email to: romanandreg [at] gmail [dot] com
Copyright
Copyright © 2009 Roman Gonzalez. See LICENSE for details.