technoweenie/oauth2_example.rb

## oauth2_example.rb
# crappy server implementation using technoweenie/oauth2 (server branch)
# http://github.com/technoweenie/oauth2/compare/master...server
#
#   ruby oauth2_example.rb -p 4568
#   ruby oauth2_example.rb
#   open http://localhost:4567/auth/facebook

require 'rubygems'
require 'sinatra'
require 'oauth2/client'
require 'oauth2/server'
require 'json'

# Faraday middleware for logging outgoing http requests.
class ConnectionLogger < Faraday::Middleware
  def call(env)
    env[:response].on_complete do |env|
      puts "RESULT: #{env[:status]}\n#{env[:body]}"
    end

    process_body_for_request(env)
    puts "#{env[:method].inspect} #{env[:url].to_s}"
    puts env[:request_headers].inspect if !env[:request_headers].empty?
    puts env[:body] if env[:body]
    @app.call env
  end
end

## Client Implementation
$client = OAuth2::Client.new('123', '456', :site => 'http://localhost:4568', :adapter => :test)
$client.connection.build do |b|
  b.use ConnectionLogger
  b.adapter :net_http
end

# access this to request a token from facebook.
get '/auth/facebook' do
  url = $client.web_server.authorize_url(
    :redirect_uri => redirect_uri,
    :scope => 'email,offline_access'
  )
  puts "Redirecting to URL: #{url.inspect}"
  redirect url
end

# If the user authorizes it, this request gets your access token
# and makes a successful api call.
get '/auth/facebook/callback' do
  access_token = $client.web_server.access_token(params[:code], :redirect_uri => redirect_uri)
  user = JSON.parse(access_token.get('/me'))

  user.inspect
end

def redirect_uri(path = '/auth/facebook/callback', query = nil)
  uri = URI.parse(request.url)
  uri.path  = path
  uri.query = query
  uri.to_s
end

## Server Implementation
$strategy = OAuth2::ServerStrategy::Memory.new
$app      = $strategy.app! :id => '123', :secret => '456', :redirect_uri => 'http://localhost:4567'

# This checks their client id and redirects back with a temporary code if the user accepts.
# In this experimental demo, no form is shown, so the user always accepts.
get '/oauth/authorize' do
  server = get_server
  url = params[:redirect_uri] + "?code=#{server.temporary_code}"
  puts "Redirecting to #{url.inspect}"
  redirect url
end

# This is a simple API request to swap out a temporary code with an access token.
get '/oauth/access_token' do
  server = get_server(:code => params[:code])
  s = "access_token=#{server.access_token}"
  puts "RETURNING #{s.inspect}"
  s
end

# mock facebook api call
get '/me' do
  if options = $strategy.access_token_options(params[:access_token])
    {:client_id => options[:app].id, :client_secret => options[:app].secret}.to_json
  else
    "{}"
  end
end

def get_server(options = {})
  OAuth2::Server.new(params[:client_id], {:redirect_uri => params[:redirect_uri], :type => params[:type], :scope => params[:scope], :strategy => $strategy}.update(options))
end

## output.log
Redirecting to URL: "https://graph.facebook.com/oauth/authorize?scope=email%2Coffline_access&client_id=120094574673767&type=web_server&redirect_uri=http%3A%2F%2Flocalhost%3A4567%2Fauth%2Ffacebook%2Fcallback"
127.0.0.1 - - [22/Apr/2010 14:59:42] "GET /auth/facebook HTTP/1.1" 302 - 0.0013
:get https://graph.facebook.com/oauth/access_token?code=0b634250f9f698c348ab1e72-564393355%7CEhVdUzzMGXZ_BGY6BK3L9avyxps.&client_id=120094574673767&client_secret=b54dc82476af2814e620b86776c42c0e&type=web_server&redirect_uri=http%3A%2F%2Flocalhost%3A4567%2Fauth%2Ffacebook%2Fcallback
RESULT: 200
access_token=120094574673767|0b634250f9f698c348ab1e72-564393355|H87xBimxCdyA9Jr6KWXqXgL599o.
:get https://graph.facebook.com/me?access_token=120094574673767%7C0b634250f9f698c348ab1e72-564393355%7CH87xBimxCdyA9Jr6KWXqXgL599o.
RESULT: 200
{"id":"123","name":"Rick Olson"}
127.0.0.1 - - [22/Apr/2010 14:59:45] "GET /auth/facebook/callback?code=0b634250f9f698c348ab1e72-564393355%7CEhVdUzzMGXZ_BGY6BK3L9avyxps. HTTP/1.1" 200 284 0.8317
	# crappy server implementation using technoweenie/oauth2 (server branch)
	# http://github.com/technoweenie/oauth2/compare/master...server
	#
	# ruby oauth2_example.rb -p 4568
	# ruby oauth2_example.rb
	# open http://localhost:4567/auth/facebook

	require 'rubygems'
	require 'sinatra'
	require 'oauth2/client'
	require 'oauth2/server'
	require 'json'

	# Faraday middleware for logging outgoing http requests.
	class ConnectionLogger < Faraday::Middleware
	def call(env)
	env[:response].on_complete do \|env\|
	puts "RESULT: #{env[:status]}\n#{env[:body]}"
	end

	process_body_for_request(env)
	puts "#{env[:method].inspect} #{env[:url].to_s}"
	puts env[:request_headers].inspect if !env[:request_headers].empty?
	puts env[:body] if env[:body]
	@app.call env
	end
	end

	## Client Implementation
	$client = OAuth2::Client.new('123', '456', :site => 'http://localhost:4568', :adapter => :test)
	$client.connection.build do \|b\|
	b.use ConnectionLogger
	b.adapter :net_http
	end

	# access this to request a token from facebook.
	get '/auth/facebook' do
	url = $client.web_server.authorize_url(
	:redirect_uri => redirect_uri,
	:scope => 'email,offline_access'
	)
	puts "Redirecting to URL: #{url.inspect}"
	redirect url
	end

	# If the user authorizes it, this request gets your access token
	# and makes a successful api call.
	get '/auth/facebook/callback' do
	access_token = $client.web_server.access_token(params[:code], :redirect_uri => redirect_uri)
	user = JSON.parse(access_token.get('/me'))

	user.inspect
	end

	def redirect_uri(path = '/auth/facebook/callback', query = nil)
	uri = URI.parse(request.url)
	uri.path = path
	uri.query = query
	uri.to_s
	end

	## Server Implementation
	$strategy = OAuth2::ServerStrategy::Memory.new
	$app = $strategy.app! :id => '123', :secret => '456', :redirect_uri => 'http://localhost:4567'

	# This checks their client id and redirects back with a temporary code if the user accepts.
	# In this experimental demo, no form is shown, so the user always accepts.
	get '/oauth/authorize' do
	server = get_server
	url = params[:redirect_uri] + "?code=#{server.temporary_code}"
	puts "Redirecting to #{url.inspect}"
	redirect url
	end

	# This is a simple API request to swap out a temporary code with an access token.
	get '/oauth/access_token' do
	server = get_server(:code => params[:code])
	s = "access_token=#{server.access_token}"
	puts "RETURNING #{s.inspect}"
	s
	end

	# mock facebook api call
	get '/me' do
	if options = $strategy.access_token_options(params[:access_token])
	{:client_id => options[:app].id, :client_secret => options[:app].secret}.to_json
	else
	"{}"
	end
	end

	def get_server(options = {})
	OAuth2::Server.new(params[:client_id], {:redirect_uri => params[:redirect_uri], :type => params[:type], :scope => params[:scope], :strategy => $strategy}.update(options))
	end
	Redirecting to URL: "https://graph.facebook.com/oauth/authorize?scope=email%2Coffline_access&client_id=120094574673767&type=web_server&redirect_uri=http%3A%2F%2Flocalhost%3A4567%2Fauth%2Ffacebook%2Fcallback"
	127.0.0.1 - - [22/Apr/2010 14:59:42] "GET /auth/facebook HTTP/1.1" 302 - 0.0013
	:get https://graph.facebook.com/oauth/access_token?code=0b634250f9f698c348ab1e72-564393355%7CEhVdUzzMGXZ_BGY6BK3L9avyxps.&client_id=120094574673767&client_secret=b54dc82476af2814e620b86776c42c0e&type=web_server&redirect_uri=http%3A%2F%2Flocalhost%3A4567%2Fauth%2Ffacebook%2Fcallback
	RESULT: 200
	access_token=120094574673767\|0b634250f9f698c348ab1e72-564393355\|H87xBimxCdyA9Jr6KWXqXgL599o.
	:get https://graph.facebook.com/me?access_token=120094574673767%7C0b634250f9f698c348ab1e72-564393355%7CH87xBimxCdyA9Jr6KWXqXgL599o.
	RESULT: 200
	{"id":"123","name":"Rick Olson"}
	127.0.0.1 - - [22/Apr/2010 14:59:45] "GET /auth/facebook/callback?code=0b634250f9f698c348ab1e72-564393355%7CEhVdUzzMGXZ_BGY6BK3L9avyxps. HTTP/1.1" 200 284 0.8317