X-Git-Url: https://git.openstreetmap.org./rails.git/blobdiff_plain/41a123334bc75d17335e3f242b0243ddfd3e6389..6d5c551a7c0c7002acdc62eb9ec1041866da6f84:/app/models/client_application.rb?ds=inline diff --git a/app/models/client_application.rb b/app/models/client_application.rb index 2186dc5df..ffca1c63c 100644 --- a/app/models/client_application.rb +++ b/app/models/client_application.rb @@ -2,20 +2,26 @@ require 'oauth' class ClientApplication < ActiveRecord::Base belongs_to :user has_many :tokens, :class_name => "OauthToken" + has_many :access_tokens validates_presence_of :name, :url, :key, :secret validates_uniqueness_of :key before_validation_on_create :generate_keys + validates_format_of :url, :with => /\Ahttp(s?):\/\/(\w+:{0,1}\w*@)?(\S+)(:[0-9]+)?(\/|\/([\w#!:.?+=&%@!\-\/]))?/i + validates_format_of :support_url, :with => /\Ahttp(s?):\/\/(\w+:{0,1}\w*@)?(\S+)(:[0-9]+)?(\/|\/([\w#!:.?+=&%@!\-\/]))?/i, :allow_blank=>true + validates_format_of :callback_url, :with => /\A[a-z][a-z0-9.+-]*:\/\/(\w+:{0,1}\w*@)?(\S+)(:[0-9]+)?(\/|\/([\w#!:.?+=&%@!\-\/]))?/i, :allow_blank=>true + + attr_accessor :token_callback_url + def self.find_token(token_key) token = OauthToken.find_by_token(token_key, :include => :client_application) if token && token.authorized? - logger.info "Loaded #{token.token} which was authorized by (user_id=#{token.user_id}) on the #{token.authorized_at}" token else nil end end - + def self.verify_request(request, options = {}, &block) begin signature = OAuth::Signature.build(request, options, &block) @@ -45,7 +51,21 @@ class ClientApplication < ActiveRecord::Base end def create_request_token - RequestToken.create :client_application => self + RequestToken.create :client_application => self, :callback_url => self.token_callback_url + end + + def access_token_for_user(user) + unless token = access_tokens.find(:first, :conditions => { :user_id => user.id, :invalidated_at => nil }) + params = { :user => user } + + permissions.each do |p| + params[p] = true + end + + token = access_tokens.create(params) + end + + token end # the permissions that this client would like from the user @@ -62,8 +82,8 @@ protected :allow_write_api, :allow_read_gpx, :allow_write_gpx ] def generate_keys - @oauth_client = oauth_server.generate_consumer_credentials - self.key = @oauth_client.key - self.secret = @oauth_client.secret + oauth_client = oauth_server.generate_consumer_credentials + self.key = oauth_client.key + self.secret = oauth_client.secret end end