X-Git-Url: https://git.openstreetmap.org/rails.git/blobdiff_plain/cbbfdf394880d29c9a6cc2259fcfd474088fa9bb..3259bc7edecbcfc54eb70e3c0a1e07d6b582a46c:/app/models/client_application.rb diff --git a/app/models/client_application.rb b/app/models/client_application.rb index d3799abe0..ffca1c63c 100644 --- a/app/models/client_application.rb +++ b/app/models/client_application.rb @@ -2,10 +2,26 @@ require 'oauth' class ClientApplication < ActiveRecord::Base belongs_to :user has_many :tokens, :class_name => "OauthToken" + has_many :access_tokens validates_presence_of :name, :url, :key, :secret validates_uniqueness_of :key before_validation_on_create :generate_keys + validates_format_of :url, :with => /\Ahttp(s?):\/\/(\w+:{0,1}\w*@)?(\S+)(:[0-9]+)?(\/|\/([\w#!:.?+=&%@!\-\/]))?/i + validates_format_of :support_url, :with => /\Ahttp(s?):\/\/(\w+:{0,1}\w*@)?(\S+)(:[0-9]+)?(\/|\/([\w#!:.?+=&%@!\-\/]))?/i, :allow_blank=>true + validates_format_of :callback_url, :with => /\A[a-z][a-z0-9.+-]*:\/\/(\w+:{0,1}\w*@)?(\S+)(:[0-9]+)?(\/|\/([\w#!:.?+=&%@!\-\/]))?/i, :allow_blank=>true + + attr_accessor :token_callback_url + + def self.find_token(token_key) + token = OauthToken.find_by_token(token_key, :include => :client_application) + if token && token.authorized? + token + else + nil + end + end + def self.verify_request(request, options = {}, &block) begin signature = OAuth::Signature.build(request, options, &block) @@ -35,7 +51,21 @@ class ClientApplication < ActiveRecord::Base end def create_request_token - RequestToken.create :client_application => self + RequestToken.create :client_application => self, :callback_url => self.token_callback_url + end + + def access_token_for_user(user) + unless token = access_tokens.find(:first, :conditions => { :user_id => user.id, :invalidated_at => nil }) + params = { :user => user } + + permissions.each do |p| + params[p] = true + end + + token = access_tokens.create(params) + end + + token end # the permissions that this client would like from the user @@ -52,8 +82,8 @@ protected :allow_write_api, :allow_read_gpx, :allow_write_gpx ] def generate_keys - @oauth_client = oauth_server.generate_consumer_credentials - self.key = @oauth_client.key - self.secret = @oauth_client.secret + oauth_client = oauth_server.generate_consumer_credentials + self.key = oauth_client.key + self.secret = oauth_client.secret end end