This Gem offers an 'invisible' way for an OAuth Handshake in an Rails application.
Add this line to your application's Gemfile:
gem 'oauth_rails'
And then execute:
$ bundle
Or install it yourself as:
$ gem install oauth_rails
Configure a few constants in config/initializers/oauth_rails.rb
OAuthRails.setup({
oauth_host: 'https://api.SOMETHING.com',
oauth_consumer_key: 'OAUTH_CONSUMER_KEY',
oauth_consumer_secret: 'OAUTH_CONSUMER_SECRET',
proc_authorization_successful: Proc.new do |controller_context, token, secret|
# Do something special (like saving) with the OAuth-'token' and 'secret' and
# use the 'controller_context' to complete the controller behavior
controller_context.redirect_to controller_context.root_url
end,
proc_authorization_failed: Proc.new { |controller_context| controller_context.root_url }
})
Redirect the user to the oauth_handshake_path and use the procs to define the behaviors for the success and failure situations. Yes, it is so simple! \o/
All default settings can be overwritten with the OAuthRails.setup() method
DEFAULT_SETTINGS = {
oauth_host: nil,
oauth_request_token_path: '/v1/request_token',
oauth_authorize_path: '/v1/authorize',
oauth_access_token_path: '/v1/access_token',
oauth_consumer_key: nil,
oauth_consumer_secret: nil,
oauth_callback_url: 'http://localhost:3000/oauth/authorize',
oauth_verifier_key: :oauth_verifier,
proc_initialize_handshake: Proc.new { |controller_context| },
proc_initialize_authorization_failed: Proc.new { |controller_context| OAuthRails.call(:authorization_failed, controller_context) },
proc_authorization_successful: Proc.new { |controller_context, token, secret| raise "Run 'OAuthRails.setup()' to set a ':proc_authorization_successful'" },
proc_authorization_failed: Proc.new { |controller_context| raise "Run 'OAuthRails.setup()' to set a ':proc_authorization_failed'" }
}
The procs can be used to execute custom code. The procs proc_authorization_successful and proc_authorization_failed are mandatory for the core functionality., they will be called when the authorization was successful or not. They should handle the OAuth data and redirections.
In progress.
git checkout -b my-new-feature)git commit -am 'Add some feature')git push origin my-new-feature)FAQs
Unknown package
We found that oauth_rails demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
PyPI confirms no security flaws were exploited in the Ultralytics supply chain attack and highlights improvements for safer package publishing.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.