lib/databasedotcom-oauth2.rb in databasedotcom-oauth2-0.1.7 vs lib/databasedotcom-oauth2.rb in databasedotcom-oauth2-0.1.8
- old
+ new
@@ -13,18 +13,33 @@
end
end
module Databasedotcom
+ def self.parse_domain(url = nil)
+ unless url.nil?
+ url = "https://" + url if (url =~ /http[s]?:\/\//).nil?
+ begin
+ url = Addressable::URI.parse(url)
+ rescue Addressable::URI::InvalidURIError
+ url = nil
+ end
+ url = url.host unless url.nil?
+ url.strip! unless url.nil?
+ end
+ url = nil if url && url.strip.empty?
+ url
+ end
+
class Client
def self.from_token(token, api_version)
client = nil
unless token.nil?
client = self.new({
:client_id => token.client.id,
:client_secret => token.client.secret,
- :host => token.client.site
+ :host => Databasedotcom.parse_domain(token.client.site)
})
m = token["id"].match(/\/id\/([^\/]+)\/([^\/]+)$/)
client.org_id = m[1] rescue nil
client.user_id = m[2] rescue nil
client.version = api_version
@@ -33,10 +48,15 @@
client.refresh_token = token.refresh_token
end
client
end
+ #def set_org_and_user_id(orgid, userid)
+ # @org_id = orgid
+ # @user_id = userid
+ #end
+
def org_id=(val)
@org_id = val
end
def user_id=(val)
@@ -86,10 +106,11 @@
@immediate = options[:immediate]
@scope_override = options[:scope_override] || false
@display_override = options[:display_override] || false
@immediate_override = options[:immediate_override] || false
@api_version = options[:api_version] || "24.0"
+ @debugging = options[:debugging] || false
end
fail "\n\ndatabasedotcom-oauth2 initialization error! :endpoints parameter " \
+ "is invalid. Do something like this:\n\nuse Databasedotcom::OAuth2::Web" \
+ "ServerFlow, :endpoints => {\"login.salesforce.com\" => { :key => CLIENT" \
@@ -137,10 +158,11 @@
def on_authorize_path?
on_path?(@path_prefix)
end
def authorize_call
+ puts "==================\nauthorize phase\n==================\n" if @debugging
#determine endpoint via param; but if blank, use default
endpoint = request.params["endpoint"] #get endpoint from http param
keys = @endpoints[endpoint] #if endpoint not found, default will be used
endpoint = @endpoints.invert[keys] #re-lookup endpoint in case original param was bogus
mydomain = self.class.sanitize_mydomain(request.params["mydomain"])
@@ -148,15 +170,17 @@
#add endpoint to relay state so callback knows which keys to use
request.params["state"] ||= "/"
state = Addressable::URI.parse(request.params["state"])
state.query_values={} unless state.query_values
state.query_values= state.query_values.merge({:endpoint => endpoint})
+
+ puts "endpoint: #{endpoint}\nmydomain: #{mydomain}\nstate: #{state.to_str}" if @debugging
#build params hash to be passed to ouath2 authorize redirect url
auth_params = {
:redirect_uri => "#{full_host}#{@path_prefix}/callback",
- :state => state.to_s
+ :state => state.to_str
}
auth_params[:scope] = @scope unless @scope.nil? || @scope.strip.empty?
auth_params[:display] = @display unless @display.nil?
auth_params[:immediate] = @immediate unless @immediate.nil?
@@ -169,18 +193,21 @@
overrides[:display] = request.params["display"] unless !@display_override || request.params["display"].nil?
overrides[:immediate] = request.params["immediate"] unless !@immediate_override || request.params["immediate"].nil?
auth_params.merge!(overrides)
#do redirect
- redirect client(mydomain || endpoint, keys[:key], keys[:secret]).auth_code.authorize_url(auth_params)
+ redirect_url = client(mydomain || endpoint, keys[:key], keys[:secret]).auth_code.authorize_url(auth_params)
+ puts "redirecting to #{redirect_url}..." if @debugging
+ redirect redirect_url
end
def on_callback_path?
on_path?(@path_prefix + "/callback")
end
def callback_call
+ puts "==================\ncallback phase\n==================\n" if @debugging
#check for error
callback_error = request.params["error"]
callback_error_details = request.params["error_description"]
fail "#{callback_error} #{callback_error_details}" unless callback_error.nil? || callback_error.strip.empty?
@@ -192,39 +219,58 @@
state = Addressable::URI.parse(request.params["state"])
state.query_values= {} if state.query_values.nil?
state_params = state.query_values.dup
endpoint = state_params.delete("endpoint")
keys = @endpoints[endpoint]
+ puts "endpoint #{endpoint}"
+ puts "keys #{keys}"
state.query_values= state_params
state = state.to_s
state.sub!(/\?$/,"") unless state.nil?
+ puts "endpoint: #{endpoint}\nstate: #{state.to_str}\nretrieving token" if @debugging
#do callout to retrieve token
access_token = client(endpoint, keys[:key], keys[:secret]).auth_code.get_token(code,
:redirect_uri => "#{full_host}#{@path_prefix}/callback")
+ puts "access_token immediatly post get token call #{access_token.inspect}" if @debugging
access_token.options[:mode] = :query
access_token.options[:param_name] = :oauth_token
access_token.options[:endpoint] = endpoint
access_token.client = nil
+ puts "access_token pre marshal-encrypt-cookiewrite #{access_token.inspect}" if @debugging
#populate session with serialized, encrypted token
#will be used later to materialize actual token and databasedotcom client handle
set_session_token(encrypt(access_token))
+ puts "session_token \n#{session_token}" if @debugging
redirect state.to_str
end
def materialize_token_and_client_from_session_if_present
- access_token = decrypt(session_token) unless session_token.nil? rescue nil
+ puts "==========================\nmaterialize intercept\n==========================\n" if @debugging
+ access_token = nil
+ puts "session_token \n#{session_token}" if @debugging
+ begin
+ access_token = decrypt(session_token) unless session_token.nil?
+ rescue Exception => e
+ puts "Exception FYI"
+ self.class._log_exception(e)
+ end
unless access_token.nil?
+ puts "access_token post cookieread-decrypt-marshal #{access_token.inspect}" if @debugging
instance_url = access_token.params["instance_url"]
endpoint = access_token.options[:endpoint]
keys = @endpoints[endpoint]
+ puts "endpoint #{endpoint}\nkeys #{keys}" if @debugging
access_token.client = client(instance_url, keys[:key], keys[:secret])
unless keys.nil?
- @env[TOKEN_KEY] = access_token
+ @env[TOKEN_KEY] = access_token #::OAuth2::AccessToken.from_hash(client(instance_url, keys[:key], keys[:secret]),access_token_hash.dup)
@env[CLIENT_KEY] = ::Databasedotcom::Client.from_token(@env[TOKEN_KEY],@api_version)
+ @env[CLIENT_KEY].debugging = @debugging
end
+ puts "materialized token: #{@env[TOKEN_KEY].inspect}" if @debugging
+ puts "materialized client: #{@env[CLIENT_KEY].inspect}" if @debugging
end
end
def session
@env["rack.session"] ||= {} #in case session is nil
@@ -282,11 +328,11 @@
def client(site, client_id, client_secret)
::OAuth2::Client.new(
client_id,
client_secret,
- :site => "https://#{self.class.parse_domain(site)}",
+ :site => "https://#{Databasedotcom.parse_domain(site)}",
:authorize_url => '/services/oauth2/authorize',
:token_url => '/services/oauth2/token'
)
end
@@ -304,11 +350,11 @@
exception.backtrace.join("\n ") +
"\n\n"
end
def sanitize_mydomain(mydomain)
- mydomain = parse_domain(mydomain)
+ mydomain = Databasedotcom.parse_domain(mydomain)
mydomain = nil unless mydomain.nil? || !mydomain.strip.empty?
mydomain = mydomain.split(/\.my\.salesforce\.com/).first + ".my.salesforce.com" unless mydomain.nil?
mydomain
end
@@ -327,24 +373,9 @@
#set random default if default isn't already populated
if !endpoints.empty? && endpoints.default.nil?
endpoints.default = endpoints[endpoints.keys.first]
end
endpoints
- end
-
- def parse_domain(url = nil)
- unless url.nil?
- url = "https://" + url if (url =~ /http[s]?:\/\//).nil?
- begin
- url = Addressable::URI.parse(url)
- rescue Addressable::URI::InvalidURIError
- url = nil
- end
- url = url.host unless url.nil?
- url.strip! unless url.nil?
- end
- url = nil if url && url.strip.empty?
- url
end
def param_repeated(url = nil, param_name = nil)
return_value = nil
unless url.nil? || url.strip.empty? || param_name.nil?