Implement automatic OAuth setup for Potlatch 2
authorTom Hughes <tom@compton.nu>
Tue, 16 Nov 2010 00:50:12 +0000 (00:50 +0000)
committerTom Hughes <tom@compton.nu>
Mon, 29 Nov 2010 12:20:22 +0000 (12:20 +0000)
app/models/client_application.rb
app/models/user.rb
app/views/site/_potlatch2.html.erb
config/example.application.yml

index 9474a01..09eec40 100644 (file)
@@ -2,6 +2,7 @@ require 'oauth'
 class ClientApplication < ActiveRecord::Base
   belongs_to :user
   has_many :tokens, :class_name => "OauthToken"
+  has_many :access_tokens
   validates_presence_of :name, :url, :key, :secret
   validates_uniqueness_of :key
   before_validation_on_create :generate_keys
@@ -53,6 +54,20 @@ class ClientApplication < ActiveRecord::Base
     RequestToken.create :client_application => self, :callback_url => self.token_callback_url
   end
 
+  def access_token_for_user(user)
+    unless token = access_tokens.find(:first, :conditions => { :user_id => user.id, :invalidated_at => nil })
+      params = { :user => user }
+
+      permissions.each do |p|
+        params[p] = true
+      end
+
+      token = access_tokens.create(params)
+    end
+    
+    token
+  end
+
   # the permissions that this client would like from the user
   def permissions
     ClientApplication.all_permissions.select { |p| self[p] }
index ecf93b6..1db8ada 100644 (file)
@@ -203,4 +203,10 @@ class User < ActiveRecord::Base
 
     return score.to_i
   end
+
+  ##
+  # return an oauth access token for a specified application
+  def access_token(application_key)
+    return ClientApplication.find_by_key(application_key).access_token_for_user(self)
+  end
 end
index 705b913..5b07247 100644 (file)
@@ -3,6 +3,9 @@
 </div>
 
 <%= javascript_include_tag 'swfobject.js' %>
+
+<% token = @user.access_token(POTLATCH2_KEY) %>
+
 <script type="text/javascript" defer="defer">
   var brokenContentSize = $("content").offsetWidth == 0;
   var fo = new SWFObject("/potlatch2/potlatch2.swf?d="+Math.round(Math.random()*1000), "potlatch", "100%", "100%", "9", "#FFFFFF");
     if (lat) { fo.addVariable("lat",lat); }
     if (lon) { fo.addVariable("lon",lon); }
     fo.addVariable("zoom",zoom);
-    fo.addVariable("api","/api/<%= API_VERSION %>/");
-    fo.addVariable("policy","/api/crossdomain.xml");
+    fo.addVariable("api","http://<%= SERVER_URL %>/api/<%= API_VERSION %>/");
+    fo.addVariable("policy","http://<%= SERVER_URL %>/api/crossdomain.xml");
     fo.addVariable("connection","XML");
+    fo.addVariable("oauth_token","<%= token.token %>");
+    fo.addVariable("oauth_token_secret","<%= token.secret %>");
+    fo.addVariable("oauth_consumer_key","<%= token.client_application.key %>");
+    fo.addVariable("oauth_consumer_secret","<%= token.client_application.secret %>");
     fo.write("map");
   }
 
index 5533b51..c88d894 100644 (file)
@@ -59,6 +59,8 @@ standard_settings: &standard_settings
   nominatim_url: "http://nominatim.openstreetmap.org/"
   # Default editor
   default_editor: "potlatch"
+  # OAuth consumer key for Potlatch 2
+  #potlatch2_key: ""
 
 development:
   <<: *standard_settings