Make the Oauth Provider a Sintra Rack Middleware app.

Author: Michael Wood

lib/rack_oauth_provider.rb

@@ -0,0 +1,111 @@
+require 'sinatra/base'
+require 'oauth/request_proxy/rack_request'
+require File.dirname(__FILE__) + '/oauth_provider/lib/oauth_provider'
+
+class RackOAuthProvider < Sinatra::Base
+  
+  def initialize(app, paths)
+    @paths = paths
+    @app = app
+  end
+  
+  set :root, File.dirname(__FILE__)
+  set :views, File.dirname(__FILE__) + '/rack_oauth_provider'
+
+  provider = OAuthProvider::create(:sqlite3, 'provider.sqlite3')
+  #provider = OAuthProvider::create(:data_mapper, 'provider.sqlite3')
+
+  mime :json, "application/json"
+  
+  # http://blog.joncrosby.me/post/72451217/a-world-of-middleware
+  # this hackeration is required for sinatra to be a nice rack citizen
+  error 404 do
+     @app.call(env)
+  end
+  
+  before do
+    # check protected path agaist request path
+    # see if we should proceed with oauth access confirmation...
+    path = @request.path_info
+    
+    @paths.each do |protected_oauth_path,protected_oauth_method|
+      if protected_oauth_path.match(path)
+
+        if protected_oauth_method.include?(@request.request_method.to_s.downcase.to_sym)
+          warn path + " was matched to " + @request.request_method.to_s + " " + protected_oauth_path.to_s
+          
+          oauth_confirm_access(provider)
+        end
+      end
+    end
+  end
+   
+  # OAuth routes
+  get "/oauth/request_token" do
+    provider.issue_request(request).query_string
+  end
+
+  get "/oauth/access_token" do
+    if access_token = provider.upgrade_request(request)
+      access_token.query_string
+    else
+      raise Sinatra::NotFound, "No such request token"
+    end
+  end
+
+  # Authorize endpoints
+  get "/oauth/authorize" do
+    if @request_token = provider.backend.find_user_request(params[:oauth_token])
+      erb :authorize
+    else
+      raise Sinatra::NotFound, "No such request token"
+    end
+  end
+
+  post "/oauth/authorize" do
+    if request_token = provider.backend.find_user_request(params[:oauth_token])
+      if request_token.authorize
+        redirect request_token.callback
+      else
+        raise "Could not authorize"
+      end
+    else
+      raise Sinatra::NotFound, "No such request token"
+    end
+  end
+
+  get "/oauth/applications" do
+    @consumers = provider.consumers
+    erb :applications
+  end
+
+  post '/oauth/applications' do
+    begin
+      @consumer = provider.add_consumer(params[:application_callback])
+
+      #redirect "/oauth/applications"
+      @consumer_key = @consumer.token.shared_key
+      @consumer_secret = @consumer.token.secret_key
+
+    rescue Exception
+      @error = "Failed to create a token!"
+    end
+
+    @consumers = provider.consumers
+
+    erb :applications
+  end
+
+  private
+
+  def oauth_confirm_access(provider)
+    begin
+      access = provider.confirm_access(@request)
+    rescue Exception
+      halt "No access! Please verify your OAuth access token and secret."
+    end
+  end
+
+
+end
+  

lib/rack_oauth_provider/applications.erb

@@ -0,0 +1,53 @@
+<% if @error %>
+	<div style="background-color: #fee; padding: 20px; margin-bottom: 10px;">
+		<h2>Oops!</h2>
+		
+		<p><%= @error %></p>
+	</div>
+<% end %>
+
+<% if @consumer_key and @consumer_secret %>
+	<div style="background-color: #efe; padding: 20px; margin-bottom: 10px;">
+		<h2>Application created!</h2>
+	
+		<h3>Save this information!</h3>
+	
+		<b>Consumer Key:</b>
+		<%= @consumer_key %>
+		<br/>
+
+		<b>Consumer Secret:</b>
+		<%= @consumer_secret %>
+	</div>
+<% end %>
+
+
+<h2>My Applications</h2>
+
+<% if !@consumers.empty? %>
+	<% @consumers.each do |consumer| %>
+		<div style="background-color: #eef; padding: 20px; margin-bottom: 10px;">
+			<b><%= consumer.callback %></b>
+			<p>
+				<b>Consumer Key:</b> <%= consumer.token.shared_key %>
+				<br/>
+				<b>Consumer Secret:</b> <%= consumer.token.secret_key %>
+			</p>
+		</div>
+	<% end %>
+<% else %>
+	You don't have any applications... yet.
+<% end %>
+
+<h3>Create New Application</h3>
+
+<div class="app">
+  <form action="/oauth/applications" method="POST">
+		<div>
+			Application Callback:
+			<br/>
+			<input type="text" name="application_callback" id="application_callback" rows="20" />
+		</div>
+		<input type="submit" value="Create Application"/>
+  </form>
+</div>

lib/rack_oauth_provider/authorize.erb

@@ -0,0 +1,10 @@
+<h2>You are about to authorize (<%= @request_token.consumer.callback %>)</h2>
+<form action="/oauth/authorize" method="post">
+  <p>
+    <input id="oauth_token" name="oauth_token" type="hidden" value="<%= @request_token.shared_key %>" />
+  </p>
+
+  <p>
+    <input name="commit" type="submit" value="Authorize" />
+  </p>
+</form>

lib/rack_oauth_provider/layout.erb

@@ -0,0 +1,53 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+  <title>Sinatra OAuth API Test!</title>
+  <style>
+    html {
+      background-color: #eee;
+			font-family: Arial, sans-serif;
+    }
+		h1 {
+			margin-top:0;
+		}
+		input[type="text"],textarea
+		{
+			font-size:16px;
+			width: 100%;
+		}
+		input[type="submit"] {
+			margin-top: 20px;
+    	background-color: #efe;
+    	border: 1px solid #ccc;
+			padding: 10px;
+			font-weight: bold;
+			font-size: 16px;
+			cursor: pointer
+		}
+    #content {
+    	width: 600px;
+			margin: 100px auto;
+    	background-color: #fff;
+    	border: 1px solid #ccc;
+    	padding: 20px;
+    }
+		#navigation {
+    	background-color: #eee;
+			padding: 20px;
+			margin-bottom: 20px;
+			
+		}
+  </style>
+</head>
+<body>
+	<div id="content">
+		<h1>Sinatra OAuth API Rack Middleware</h1>
+
+		<div id="navigation">
+			<a href="/">Home</a> | <a href="/messages">Messages</a> | <a href="/oauth/applications">OAuth Applications</a>
+		</div>
+
+		<%= yield %>
+	</div>
+</body>
+</html>