Created
August 7, 2009 08:39
-
-
Save vincentchu/163784 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
class LiveServices | |
# MSFT Live Services Application Information | |
LIVE_APP_ID = {'development' => 'XXX', 'staging' => 'XXX', 'production' => 'XXX'} | |
LIVE_SECRET = {'development' => 'SHH', 'staging' => 'SHH', 'production' => 'SHH'} | |
PRIVACY_URL = {'development' => 'http://privacy.com', | |
'staging' => 'http://privacy.com', | |
'production' => 'http://privacy.com'} | |
DELEGATE_PATH = "https://consent.live.com/Delegation.aspx" | |
# return_url = Where the user is redirected to after authenticating on Live Services | |
# permissions = Comma-separated string that lists the areas that you want access | |
# to (e.g. Contacts.View,Contacts.Update) | |
def self.new_auth_url(return_url, permissions, privacy_policy_url = nil) | |
privacy_policy_url ||= PRIVACY_URL[RAILS_ENV] | |
app_verifier = get_app_verifier | |
params = [["ru", CGI.escape(return_url)], | |
["ps", CGI.escape(permissions)], | |
["pl", CGI.escape(privacy_policy_url)], | |
["app", CGI.escape(app_verifier)]] | |
auth_url = DELEGATE_PATH + "?" + params.collect {|x| x.join("=")}.join("&") | |
end | |
# This method signs the key using your secret, application id, and a timestamp | |
def self.get_app_verifier | |
signkey = OpenSSL::Digest::SHA256.digest("SIGNATURE" + LIVE_SECRET[RAILS_ENV])[0..15] | |
token = "appid=#{LIVE_APP_ID[RAILS_ENV]}&ts=#{Time.now.to_i}" | |
signed_token = CGI.escape(Base64.encode64(OpenSSL::HMAC.digest(OpenSSL::Digest::SHA256.new, signkey, token))) | |
app_verifier = token + "&sig=#{signed_token}" | |
return app_verifier | |
end | |
end |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment