]> git.openstreetmap.org Git - rails.git/commitdiff
Switch web site to use OAuth 2
authorTom Hughes <tom@compton.nu>
Sun, 27 Jun 2021 17:42:47 +0000 (18:42 +0100)
committerTom Hughes <tom@compton.nu>
Sun, 27 Jun 2021 18:00:36 +0000 (19:00 +0100)
app/assets/javascripts/oauth.js
app/controllers/application_controller.rb
app/helpers/application_helper.rb
app/models/user.rb
config/settings.yml
package.json
yarn.lock

index d688590b05c0ce0ed8e6bbb25f307b3e2a32177f..0c3538c511089ae087da3aafb678d37f9979b458 100644 (file)
@@ -1,26 +1,11 @@
-//= require ohauth/ohauth
-
 $(document).ready(function () {
   var application_data = $("head").data();
 
 $(document).ready(function () {
   var application_data = $("head").data();
 
-  function makeAbsolute(url) {
-    var a = document.createElement("a");
-    a.href = url;
-    return a.href;
-  }
-
-  if (application_data.token) {
-    var headerGenerator = window.ohauth.headerGenerator({
-      consumer_key: application_data.consumerKey,
-      consumer_secret: application_data.consumerSecret,
-      token: application_data.token,
-      token_secret: application_data.tokenSecret
-    });
-
-    $.ajaxPrefilter(function (options, jqxhr) {
+  if (application_data.oauthToken) {
+    $.ajaxPrefilter(function (options) {
       if (options.oauth) {
         options.headers = options.headers || {};
       if (options.oauth) {
         options.headers = options.headers || {};
-        options.headers.Authorization = headerGenerator(options.type, makeAbsolute(options.url), jqxhr.data);
+        options.headers.Authorization = "Bearer " + application_data.oauthToken;
       }
     });
   }
       }
     });
   }
index fc8b75b60144ec40e2bf2a851ae7fcdce8c171da..8df126a04e3a5ea02325b652dc0f0432cf08b5ab 100644 (file)
@@ -67,7 +67,7 @@ class ApplicationController < ActionController::Base
   end
 
   def require_oauth
   end
 
   def require_oauth
-    @oauth_token = current_user.access_token(Settings.oauth_key) if current_user && Settings.key?(:oauth_key)
+    @oauth_token = current_user.oauth_token(Settings.oauth_application) if current_user && Settings.key?(:oauth_application)
   end
 
   ##
   end
 
   ##
index faf538fa926917dc429136d1a960eebd4ba7e13e..c9f165d528af8f7d32bd6ee94e03035e02d3a2e8 100644 (file)
@@ -58,13 +58,7 @@ module ApplicationHelper
     end
 
     data[:location] = session[:location] if session[:location]
     end
 
     data[:location] = session[:location] if session[:location]
-
-    if oauth_token
-      data[:token] = oauth_token.token
-      data[:token_secret] = oauth_token.secret
-      data[:consumer_key] = oauth_token.client_application.key
-      data[:consumer_secret] = oauth_token.client_application.secret
-    end
+    data[:oauth_token] = oauth_token.token if oauth_token
 
     data
   end
 
     data
   end
index 964359e9cd4cec972f596f08eec1b45c71de3fe2..c02795a4af9656f4e8219d15dd942ab54e27a26c 100644 (file)
@@ -288,11 +288,23 @@ class User < ApplicationRecord
   end
 
   ##
   end
 
   ##
-  # return an oauth access token for a specified application
+  # return an oauth access token for a specified application
   def access_token(application_key)
     ClientApplication.find_by(:key => application_key).access_token_for_user(self)
   end
 
   def access_token(application_key)
     ClientApplication.find_by(:key => application_key).access_token_for_user(self)
   end
 
+  ##
+  # return an oauth 2 access token for a specified application
+  def oauth_token(application_id)
+    application = Doorkeeper.config.application_model.find_by(:uid => application_id)
+
+    Doorkeeper.config.access_token_model.find_or_create_for(
+      :application => application,
+      :resource_owner => self,
+      :scopes => application.scopes
+    )
+  end
+
   def fingerprint
     digest = Digest::SHA256.new
     digest.update(email)
   def fingerprint
     digest = Digest::SHA256.new
     digest.update(email)
index 81ab3701597a304a314adb95e6bcf2a4adf525c8..6f77efcfd835ea3b83e00e6706225839b2ac2166 100644 (file)
@@ -84,8 +84,8 @@ oauth_10_support: true
 nominatim_url: "https://nominatim.openstreetmap.org/"
 # Default editor
 default_editor: "id"
 nominatim_url: "https://nominatim.openstreetmap.org/"
 # Default editor
 default_editor: "id"
-# OAuth consumer key for the web site
-#oauth_key: ""
+# OAuth application for the web site
+#oauth_application: ""
 # OAuth consumer key for iD
 #id_key: ""
 # Imagery to return in capabilities as blacklisted
 # OAuth consumer key for iD
 #id_key: ""
 # Imagery to return in capabilities as blacklisted
index 60da79b05fb7deb051a12bdcca089fd095bc8bd3..4e5538cfde6494160bedd546d787eae5f4dad60c 100644 (file)
@@ -8,7 +8,6 @@
     "js-cookie": "^2.2.1",
     "leaflet": "^1.6.0",
     "leaflet.locatecontrol": "^0.74.0",
     "js-cookie": "^2.2.1",
     "leaflet": "^1.6.0",
     "leaflet.locatecontrol": "^0.74.0",
-    "ohauth": "^1.0.0",
     "qs": "^6.9.4"
   },
   "devDependencies": {
     "qs": "^6.9.4"
   },
   "devDependencies": {
index ee875da31c21a349d47a5e51c7e9d592f56fcfd1..73606bc732330f5311e6b73d03e8489b2c44afbb 100644 (file)
--- a/yarn.lock
+++ b/yarn.lock
@@ -550,11 +550,6 @@ js-yaml@^3.13.1:
     argparse "^1.0.7"
     esprima "^4.0.0"
 
     argparse "^1.0.7"
     esprima "^4.0.0"
 
-jshashes@~1.0.8:
-  version "1.0.8"
-  resolved "https://registry.yarnpkg.com/jshashes/-/jshashes-1.0.8.tgz#f60d837428383abf73ab022e1542e6614bd75514"
-  integrity sha512-btmQZ/w1rj8Lb6nEwvhjM7nBYoj54yaEFo2PWh3RkxZ8qNwuvOxvQYN/JxVuwoMmdIluL+XwYVJ+pEEZoSYybQ==
-
 json-schema-traverse@^0.4.1:
   version "0.4.1"
   resolved "https://registry.yarnpkg.com/json-schema-traverse/-/json-schema-traverse-0.4.1.tgz#69f6a87d9513ab8bb8fe63bdb0979c448e684660"
 json-schema-traverse@^0.4.1:
   version "0.4.1"
   resolved "https://registry.yarnpkg.com/json-schema-traverse/-/json-schema-traverse-0.4.1.tgz#69f6a87d9513ab8bb8fe63bdb0979c448e684660"
@@ -625,13 +620,6 @@ object-inspect@^1.9.0:
   resolved "https://registry.yarnpkg.com/object-inspect/-/object-inspect-1.9.0.tgz#c90521d74e1127b67266ded3394ad6116986533a"
   integrity sha512-i3Bp9iTqwhaLZBxGkRfo5ZbE07BQRT7MGu8+nNgwW9ItGp1TzCTw2DLEoWwjClxBjOFI/hWljTAmYGCEwmtnOw==
 
   resolved "https://registry.yarnpkg.com/object-inspect/-/object-inspect-1.9.0.tgz#c90521d74e1127b67266ded3394ad6116986533a"
   integrity sha512-i3Bp9iTqwhaLZBxGkRfo5ZbE07BQRT7MGu8+nNgwW9ItGp1TzCTw2DLEoWwjClxBjOFI/hWljTAmYGCEwmtnOw==
 
-ohauth@^1.0.0:
-  version "1.0.1"
-  resolved "https://registry.yarnpkg.com/ohauth/-/ohauth-1.0.1.tgz#a5d4ab8e5390bb1cad68a58cc9c58630173c02f2"
-  integrity sha512-R9ZUN3+FVCwzeOOHCJpzA9jw/byRxp5O9X06mTL6Sp/LIQn/rLrMv6cwYctX+hoIKzRUsalGJXZ1kG5wBmSskQ==
-  dependencies:
-    jshashes "~1.0.8"
-
 once@^1.3.0:
   version "1.4.0"
   resolved "https://registry.yarnpkg.com/once/-/once-1.4.0.tgz#583b1aa775961d4b113ac17d9c50baef9dd76bd1"
 once@^1.3.0:
   version "1.4.0"
   resolved "https://registry.yarnpkg.com/once/-/once-1.4.0.tgz#583b1aa775961d4b113ac17d9c50baef9dd76bd1"