Merge branch 'oauth_rails3' into stable

Victor Costa
2 parents be8fa504 074d20a9
Showing 43 changed files with 624 additions and 234 deletions Show diff stats
plugins/oauth_client/controllers/oauth_client_plugin_admin_controller.rb
plugins/oauth_client/controllers/public/oauth_client_plugin_public_controller.rb
plugins/oauth_client/db/migrate/20140828184930_add_settings_to_users.rb
plugins/oauth_client/db/migrate/20141010135314_create_oauth_client_plugin_provider.rb
plugins/oauth_client/db/migrate/20141014162710_create_oauth_client_user_providers.rb
plugins/oauth_client/lib/ext/environment.rb
plugins/oauth_client/lib/ext/user.rb
plugins/oauth_client/lib/oauth_client_plugin.rb
plugins/oauth_client/lib/oauth_client_plugin/provider.rb
plugins/oauth_client/lib/oauth_client_plugin/user_provider.rb
plugins/oauth_client/lib/omniauth/strategies/noosfero_oauth2.rb
plugins/oauth_client/public/images/facebook-icon.png
plugins/oauth_client/public/images/google-icon.png
plugins/oauth_client/public/style.css
plugins/oauth_client/test/functional/oauth_client_plugin_public_controller_test.rb
plugins/oauth_client/test/unit/environment_test.rb
plugins/oauth_client/test/unit/oauth_client_plugin_test.rb
plugins/oauth_client/test/unit/user_test.rb
plugins/oauth_client/views/auth/_facebook.html.erb
plugins/oauth_client/views/auth/_google_oauth2.html.erb
 class OauthClientPluginAdminController < AdminController
  
   def index
-    settings = params[:settings] || {}
+  end
+
+  def new
+    @provider = environment.oauth_providers.new
+    render :file => 'oauth_client_plugin_admin/edit'
+  end
+
+  def remove
+    environment.oauth_providers.find(params[:id]).destroy
+    redirect_to :action => 'index'
+  end
  
-    @settings = Noosfero::Plugin::Settings.new(environment, OauthClientPlugin, settings)
-    @providers = @settings.get_setting(:providers) || {}
+  def edit
+    @provider = params[:id] ? environment.oauth_providers.find(params[:id]) : environment.oauth_providers.new
     if request.post?
-      @settings.save!
-      session[:notice] = 'Settings succefully saved.'
-      redirect_to :action => 'index'
+      if @provider.update_attributes(params['oauth_client_plugin_provider'])
+        session[:notice] = _('Saved!')
+      else
+        session[:notice] = _('Error!')
+      end
     end
   end
  
@@ -2,21 +2,12 @@ class OauthClientPluginPublicController &lt; PublicController
  
   def callback
     auth = request.env["omniauth.auth"]
-    login = auth.info.email.split('@').first
-    user = environment.users.find_with_omniauth(auth)
-
-    if user
-      session[:user] = user
-      redirect_to :controller => :account, :action => :login
-    else
-      session[:oauth_data] = auth
-      name = auth.info.name
-      name ||= auth.extra && auth.extra.raw_info ? auth.extra.raw_info.name : ''
-      redirect_to :controller => :account, :action => :signup, :user => {:login => login, :email => auth.info.email}, :profile_data => {:name => name}
-    end
+    user = environment.users.find_by_email(auth.info.email)
+    user ? login(user) : signup(auth)
   end
  
   def failure
+    session[:notice] = _('Failed to login')
     redirect_to root_url
   end
  
@@ -25,4 +16,29 @@ class OauthClientPluginPublicController &lt; PublicController
     redirect_to root_url
   end
  
+  protected
+
+  def login(user)
+    provider = OauthClientPlugin::Provider.find(session[:provider_id])
+    user_provider = user.oauth_user_providers.find_by_provider_id(provider.id)
+    unless user_provider
+      user_provider = user.oauth_user_providers.create(:user => user, :provider => provider, :enabled => true)
+    end
+    if user_provider.enabled? && provider.enabled?
+      session[:user] = user.id
+    else
+      session[:notice] = _("Can't login with #{provider.name}")
+    end
+
+    redirect_to :controller => :account, :action => :login
+  end
+
+  def signup(auth)
+    login = auth.info.email.split('@').first
+    session[:oauth_data] = auth
+    name = auth.info.name
+    name ||= auth.extra && auth.extra.raw_info ? auth.extra.raw_info.name : ''
+    redirect_to :controller => :account, :action => :signup, :user => {:login => login, :email => auth.info.email}, :profile_data => {:name => name}
+  end
+
 end
@@ -1,9 +0,0 @@
-class AddSettingsToUsers < ActiveRecord::Migration
-  def self.up
-    add_column :users, :settings, :string
-  end
-
-  def self.down
-    remove_column :users, :settings
-  end
-end
@@ -0,0 +1,19 @@
+class CreateOauthClientPluginProvider < ActiveRecord::Migration
+
+  def self.up
+    create_table :oauth_client_plugin_providers do |t|
+      t.integer :environment_id
+      t.string :strategy
+      t.string :name
+      t.text :options
+      t.boolean :enabled
+      t.integer :image_id
+
+      t.timestamps
+    end
+  end
+
+  def self.down
+    drop_table :oauth_client_plugin_providers
+  end
+end
@@ -0,0 +1,14 @@
+class CreateOauthClientUserProviders < ActiveRecord::Migration
+  def self.up
+    create_table :oauth_client_plugin_user_providers do |t|
+      t.references :user
+      t.references :provider
+      t.boolean :enabled
+      t.timestamps
+    end
+  end
+
+  def self.down
+    drop_table :oauth_client_plugin_user_providers
+  end
+end
@@ -0,0 +1,7 @@
+require_dependency 'environment'
+
+class Environment
+
+  has_many :oauth_providers, :class_name => 'OauthClientPlugin::Provider'
+
+end
@@ -2,21 +2,11 @@ require_dependency &#39;user&#39;
  
 class User
  
-  acts_as_having_settings :field => :settings
-
-  settings_items :oauth_providers, :type => Array, :default => []
-
-  def self.find_with_omniauth(auth)
-    user = self.find_by_email(auth.info.email)
-    if user && !user.oauth_providers.empty? #FIXME save new oauth providers
-      user
-    else
-      nil
-    end
-  end
+  has_many :oauth_user_providers, :class_name => 'OauthClientPlugin::UserProvider'
+  has_many :oauth_providers, :through => :oauth_user_providers, :source => :provider
  
   def password_required_with_oauth?
-    password_required_without_oauth? && oauth_providers.blank?
+    password_required_without_oauth? && oauth_providers.empty?
   end
  
   alias_method_chain :password_required?, :oauth
@@ -24,7 +14,12 @@ class User
   after_create :activate_oauth_user
  
   def activate_oauth_user
-    activate unless oauth_providers.empty?
+    unless oauth_providers.empty?
+      activate
+      oauth_providers.each do |provider|
+        OauthClientPlugin::UserProvider.create!(:user => self, :provider => provider, :enabled => true)
+      end
+    end
   end
  
   def make_activation_code_with_oauth
@@ -13,7 +13,7 @@ class OauthClientPlugin &lt; Noosfero::Plugin
   def login_extra_contents
     plugin = self
     proc do
-      render :partial => 'auth/oauth_login', :locals => {:providers => plugin.enabled_providers}
+      render :partial => 'auth/oauth_login', :locals => {:providers => environment.oauth_providers.enabled}
     end
   end
  
@@ -29,12 +29,6 @@ class OauthClientPlugin &lt; Noosfero::Plugin
     end
   end
  
-  def enabled_providers
-    settings = Noosfero::Plugin::Settings.new(context.environment, OauthClientPlugin)
-    providers = settings.get_setting(:providers)
-    providers.select {|provider, options| options[:enabled]}
-  end
-
   PROVIDERS = {
     :facebook => {
       :name => 'Facebook'
@@ -55,18 +49,24 @@ class OauthClientPlugin &lt; Noosfero::Plugin
  
   Rails.application.config.middleware.use OmniAuth::Builder do
     PROVIDERS.each do |provider, options|
-      provider provider, :setup => lambda { |env|
+      setup = lambda { |env|
         request = Rack::Request.new env
         strategy = env['omniauth.strategy']
  
         domain = Domain.find_by_name(request.host)
         environment = domain.environment rescue Environment.default
-        settings = Noosfero::Plugin::Settings.new(environment, OauthClientPlugin)
-        providers = settings.get_setting(:providers)
  
-        strategy.options.client_id = providers[provider][:client_id]
-        strategy.options.client_secret = providers[provider][:client_secret]
-      }, :path_prefix => '/plugin/oauth_client', :callback_path => "/plugin/oauth_client/public/callback/#{provider}"
+        provider_id = request.session['omniauth.params'] ? request.session['omniauth.params']['id'] : request.params['id']
+        provider = environment.oauth_providers.find(provider_id)
+        strategy.options.merge!(provider.options.symbolize_keys)
+
+        request.session[:provider_id] = provider_id
+      }
+
+      provider provider, :setup => setup,
+        :path_prefix => '/plugin/oauth_client',
+        :callback_path => "/plugin/oauth_client/public/callback/#{provider}",
+        :client_options => { :connection_opts => { :proxy => ENV["HTTP_PROXY"] || ENV["http_proxy"] || ENV["HTTPS_PROXY"] || ENV["https_proxy"] } }
     end
  
     unless Rails.env.production?
@@ -81,7 +81,7 @@ class OauthClientPlugin &lt; Noosfero::Plugin
         auth = session[:oauth_data]
  
         if auth.present? && params[:user].present?
-          params[:user][:oauth_providers] = [{:provider => auth.provider, :uid => auth.uid}]
+          params[:user][:oauth_providers] = [OauthClientPlugin::Provider.find(session[:provider_id])]
           if request.post? && auth.info.email != params[:user][:email]
             raise "Wrong email for oauth signup"
           end
@@ -0,0 +1,20 @@
+class OauthClientPlugin::Provider < Noosfero::Plugin::ActiveRecord
+
+  belongs_to :environment
+
+  validates_presence_of :name, :strategy
+
+  acts_as_having_image
+  acts_as_having_settings :field => :options
+
+  settings_items :client_id, :type => :string
+  settings_items :client_secret, :type => :string
+  settings_items :client_options, :type => Hash
+
+  attr_accessible :name, :environment, :strategy, :client_id, :client_secret, :enabled, :client_options, :image_builder
+
+  scope :enabled, :conditions => {:enabled => true}
+
+  acts_as_having_image
+
+end
@@ -0,0 +1,10 @@
+class OauthClientPlugin::UserProvider < Noosfero::Plugin::ActiveRecord
+
+   belongs_to :user, :class_name => 'User'
+   belongs_to :provider, :class_name => 'OauthClientPlugin::Provider'
+
+   set_table_name :oauth_client_plugin_user_providers
+
+   attr_accessible :user, :provider, :enabled
+
+end
@@ -4,10 +4,9 @@ module OmniAuth
   module Strategies
     class NoosferoOauth2 < OmniAuth::Strategies::OAuth2
       option :name, :noosfero_oauth2
-
       option :client_options, {
-        :site => "http://noosfero.com:3001",
-        :authorize_url => "/oauth/authorize"
+        :authorize_url => '/oauth_provider/oauth/authorize',
+        :token_url     => '/oauth_provider/oauth/token'
       }
  
       uid { raw_info["id"] }
@@ -15,15 +14,12 @@ module OmniAuth
       info do
         {
           :email => raw_info["email"]
-          # and anything else you want to return to your API consumers
         }
       end
  
       def raw_info
-        #@raw_info ||= access_token.get('/api/v1/me.json').parsed
-        #FIXME
-        #raise access_token.inspect
-        User['vfcosta'].attributes
+        #FIXME access the noosfero api (coming soon)
+        @raw_info ||= access_token.get('/plugin/oauth_provider/public/me').parsed
       end
     end
   end
@@ -5,18 +5,11 @@
   display: inline-block;
   text-decoration: none;
   background-repeat: no-repeat;
-  padding-left: 22px;
   line-height: 20px;
 }
-
-.oauth-login .provider .facebook {
-  background-image: url(images/facebook-icon.png);
+.oauth-login .provider a img {
+  max-width: 40px;
 }
-
-.oauth-login .provider .google_oauth2 {
-  background-image: url(images/google-icon.png);
-}
-
 .oauth-login .provider .developer {
   display: none;
 }
@@ -0,0 +1,80 @@
+require File.dirname(__FILE__) + '/../test_helper'
+
+class OauthClientPluginPublicControllerTest < ActionController::TestCase
+
+  def setup
+    @auth = mock
+    @auth.stubs(:info).returns(mock)
+    request.env["omniauth.auth"] = @auth
+    @environment = Environment.default
+    @provider = OauthClientPlugin::Provider.create!(:name => 'provider', :strategy => 'provider', :enabled => true)
+  end
+  attr_reader :auth, :environment, :provider
+
+  should 'redirect to signup when user is not found' do
+    auth.info.stubs(:email).returns("xyz123@noosfero.org")
+    auth.info.stubs(:name).returns('xyz123')
+    session[:provider_id] = provider.id
+
+    get :callback
+    assert_match /.*\/account\/signup/, @response.redirect_url
+  end
+
+  should 'redirect to login when user is found' do
+    user = fast_create(User, :environment_id => environment.id)
+    auth.info.stubs(:email).returns(user.email)
+    auth.info.stubs(:name).returns(user.name)
+    session[:provider_id] = provider.id
+
+    get :callback
+    assert_redirected_to :controller => :account, :action => :login
+    assert_equal user.id, session[:user]
+  end
+
+  should 'do not login when the provider is disabled' do
+    user = fast_create(User, :environment_id => environment.id)
+    auth.info.stubs(:email).returns(user.email)
+    auth.info.stubs(:name).returns(user.name)
+    session[:provider_id] = provider.id
+    provider.update_attribute(:enabled, false)
+
+    get :callback
+    assert_redirected_to :controller => :account, :action => :login
+    assert_equal nil, session[:user]
+  end
+
+  should 'do not login when the provider is disabled for a user' do
+    user = fast_create(User, :environment_id => environment.id)
+    auth.info.stubs(:email).returns(user.email)
+    auth.info.stubs(:name).returns(user.name)
+    session[:provider_id] = provider.id
+    user.oauth_user_providers.create(:user => user, :provider => provider, :enabled => false)
+
+    get :callback
+    assert_redirected_to :controller => :account, :action => :login
+    assert_equal nil, session[:user]
+  end
+
+  should 'save provider when an user login with it' do
+    user = fast_create(User, :environment_id => environment.id)
+    auth.info.stubs(:email).returns(user.email)
+    auth.info.stubs(:name).returns(user.name)
+    session[:provider_id] = provider.id
+
+    get :callback
+    assert_equal [provider], user.oauth_providers
+  end
+
+  should 'do not duplicate relations between an user and a provider when the same provider was used again in a login' do
+    user = fast_create(User, :environment_id => environment.id)
+    auth.info.stubs(:email).returns(user.email)
+    auth.info.stubs(:name).returns(user.name)
+    session[:provider_id] = provider.id
+
+    get :callback
+    assert_no_difference 'user.oauth_user_providers.count' do
+      3.times { get :callback }
+    end
+  end
+
+end
@@ -0,0 +1,10 @@
+require File.dirname(__FILE__) + '/../test_helper'
+
+class UserTest < ActiveSupport::TestCase
+
+  should 'be able to add oauth providers in a environment' do
+    env = fast_create(Environment)
+    env.oauth_providers << OauthClientPlugin::Provider.new(:name => 'test', :strategy => 'test')
+  end
+
+end
@@ -3,13 +3,16 @@ require File.dirname(__FILE__) + &#39;/../test_helper&#39;
 class OauthClientPluginTest < ActiveSupport::TestCase
  
   def setup
-    @plugin = OauthClientPlugin.new
+    @plugin = OauthClientPlugin.new(self)
     @params = {}
     @plugin.stubs(:context).returns(self)
     @environment = Environment.default
+    @session = {}
+    @request = mock
+    @provider = OauthClientPlugin::Provider.create!(:name => 'name', :strategy => 'strategy')
   end
  
-  attr_reader :params, :plugin, :environment
+  attr_reader :params, :plugin, :environment, :session, :request, :provider
  
   should 'has extra contents for login' do
     assert plugin.login_extra_contents
@@ -19,33 +22,27 @@ class OauthClientPluginTest &lt; ActiveSupport::TestCase
     assert_equal '', instance_eval(&plugin.signup_extra_contents)
   end
  
-  should 'has signup extra contents if there is enabled providers' do
-    params[:user] = {:oauth_providers => [:provider]}
+  should 'has signup extra contents if oauth_data exists in session' do
+    session[:oauth_data] = {:oauth => 'test'}
     expects(:render).with(:partial => 'account/oauth_signup').once
     instance_eval(&plugin.signup_extra_contents)
   end
  
-  should 'list enabled providers' do
-    settings = Noosfero::Plugin::Settings.new(environment, OauthClientPlugin)
-    providers = {:test => {:enabled => true}, :test2 => {:enabled => false}}
-    settings.set_setting(:providers, providers)
-    assert_equal({:test => {:enabled => true}}, plugin.enabled_providers)
-  end
-
   should 'define before filter for account controller' do
     assert plugin.account_controller_filters
   end
  
   should 'raise error if oauth email was changed' do
-    request = mock
-    stubs(:request).returns(request)
     request.expects(:post?).returns(true)
  
     oauth_data = mock
     info = mock
     oauth_data.stubs(:info).returns(info)
+    oauth_data.stubs(:uid).returns('uid')
+    oauth_data.stubs(:provider).returns('provider')
     info.stubs(:email).returns('test@example.com')
-    stubs(:session).returns({:oauth_data => oauth_data})
+    session[:oauth_data] = oauth_data
+    session[:provider_id] = provider.id
  
     params[:user] = {:email => 'test2@example.com'}
     assert_raises RuntimeError do
@@ -54,32 +51,35 @@ class OauthClientPluginTest &lt; ActiveSupport::TestCase
   end
  
   should 'do not raise error if oauth email was not changed' do
-    request = mock
-    stubs(:request).returns(request)
     request.expects(:post?).returns(true)
  
     oauth_data = mock
     info = mock
     oauth_data.stubs(:info).returns(info)
+    oauth_data.stubs(:uid).returns('uid')
+    oauth_data.stubs(:provider).returns('provider')
     info.stubs(:email).returns('test@example.com')
-    stubs(:session).returns({:oauth_data => oauth_data})
+    session[:oauth_data] = oauth_data
+    session[:provider_id] = provider.id
  
     params[:user] = {:email => 'test@example.com'}
     instance_eval(&plugin.account_controller_filters[:block])
   end
  
   should 'do not raise error if oauth session is not set' do
-    request = mock
-    stubs(:request).returns(request)
-    request.expects(:post?).returns(true)
-    stubs(:session).returns({})
     instance_eval(&plugin.account_controller_filters[:block])
   end
  
   should 'do not raise error if it is not a post' do
-    request = mock
-    stubs(:request).returns(request)
     request.expects(:post?).returns(false)
+    params[:user] = {:email => 'test2@example.com'}
+
+    oauth_data = mock
+    oauth_data.stubs(:uid).returns('uid')
+    oauth_data.stubs(:provider).returns('provider')
+    session[:provider_id] = provider.id
+
+    session[:oauth_data] = oauth_data
     instance_eval(&plugin.account_controller_filters[:block])
   end
  
@@ -2,22 +2,13 @@ require File.dirname(__FILE__) + &#39;/../test_helper&#39;
  
 class UserTest < ActiveSupport::TestCase
  
-  should 'find with omniauth params' do
-    user = fast_create(User)
-    user.settings[:oauth_providers] = [:test => {}]
-    user.save!
-    auth = {:info => OpenStruct.new({:email => user.email})}
-    assert_equal user, User.find_with_omniauth(OpenStruct.new(auth))
-  end
-
-  should 'do not return user if there is no provider' do
-    user = fast_create(User)
-    auth = {:info => OpenStruct.new({:email => user.email})}
-    assert_equal nil, User.find_with_omniauth(OpenStruct.new(auth))
+  def setup
+    @provider = OauthClientPlugin::Provider.create!(:name => 'name', :strategy => 'strategy')
   end
+  attr_reader :provider
  
   should 'password is not required if there is a oauth provider' do
-    User.create!(:email => 'testoauth@example.com', :login => 'testoauth', :oauth_providers => [:test])
+    User.create!(:email => 'testoauth@example.com', :login => 'testoauth', :oauth_providers => [provider])
   end
  
   should 'password is required if there is a oauth provider' do
@@ -27,7 +18,7 @@ class UserTest &lt; ActiveSupport::TestCase
   end
  
   should 'activate user when created with oauth' do
-    user = User.create!(:email => 'testoauth@example.com', :login => 'testoauth', :oauth_providers => [:test])
+    user = User.create!(:email => 'testoauth@example.com', :login => 'testoauth', :oauth_providers => [provider])
     assert user.activated?
   end
  
@@ -37,7 +28,7 @@ class UserTest &lt; ActiveSupport::TestCase
   end
  
   should 'not make activation code when created with oauth' do
-    user = User.create!(:email => 'testoauth@example.com', :login => 'testoauth', :oauth_providers => [:test])
+    user = User.create!(:email => 'testoauth@example.com', :login => 'testoauth', :oauth_providers => [provider])
     assert !user.activation_code
   end
  
@@ -1 +0,0 @@
-<a class="facebook" href="/plugin/oauth_client/facebook"><%= _('Login with Facebook') %></a>
@@ -1 +0,0 @@
-<a class="google_oauth2" href="/plugin/oauth_client/google_oauth2"><%= _('Login with Google') %></a>
@@ -1 +0,0 @@
-<a class="noosfero_oauth2" href="/plugin/oauth_client/noosfero_oauth2"><%= _('Login with Noosfero') %></a>
 <div class="oauth-login">
-  <% providers.each do |provider, options| %>
+  <% unless providers.empty? %>
+    <%= _('Login with:') %>
+  <% end %>
+  <% providers.each do |provider| %>
     <span class="provider">
-      <%= render :partial => "auth/#{provider}", :locals => {:app_id => options['client_id'] } %>
+      <%= link_to provider.image ? image_tag(provider.image.public_filename) : provider.name, "/plugin/oauth_client/#{provider.strategy}?id=#{provider.id}", :class => provider.strategy, :title => provider.name %>
     </span>
   <% end %>
  
   <span class="provider">
     <% unless Rails.env.production? %>
-      <%= link_to _('Developer Login'), "/plugin/oauth/developer", :class => 'developer' %>
+      <%= link_to _('Developer Login'), "/plugin/oauth_client/developer", :class => 'developer' %>
     <% end %>
   </span>
 </div>
@@ -0,0 +1,6 @@
+<%= f.fields_for :client_options, OpenStruct.new(provider.options[:client_options]) do |c| %>
+  <div class="client-url">
+    <span class="label"><%= _('Client Url') %></span>
+    <span class="value"><%= c.text_field :site %></span>
+  </div>
+<% end %>
@@ -0,0 +1,60 @@
+<h1><%= _('Oauth Client Settings') %></h1>
+<h3><%= _('Edit Provider') %></h3>
+
+<%= form_for @provider, :url => {:action => 'edit'}, :method => 'post' do |f| %>
+
+  <div class="enabled">
+    <%= f.check_box :enabled %>
+    <%= _('Enabled') %>
+  </div>
+
+  <div class="name">
+    <span class="label">
+      <%= _('Name') %>
+    </span>
+    <span class="value">
+      <%= f.text_field :name %>
+    </span>
+  </div>
+
+  <div class="strategy">
+    <span class="label">
+      <%= _('Strategy') %>
+    </span>
+    <span class="value">
+      <%= f.select :strategy, OauthClientPlugin::PROVIDERS %>
+    </span>
+  </div>
+
+  <div class="image-icon">
+    <%= f.fields_for :image_builder, @provider.image do |i| %>
+      <%= file_field_or_thumbnail(_('Image:'), @provider.image, i) %><%= _("Max size: %s (.jpg, .gif, .png)")% Image.max_size.to_humanreadable %>
+    <% end %>
+  </div>
+
+  <div class="client-id">
+    <span class="label">
+      <%= _('Client Id') %>
+    </span>
+    <span class="value">
+      <%= f.text_field :client_id %>
+    </span>
+  </div>
+
+  <div class="client-secret">
+    <span class="label">
+      <%= _('Client Secret') %>
+    </span>
+    <span class="value">
+      <%= f.text_field :client_secret %>
+    </span>
+  </div>
+
+  <% if File.exists?(File.join(File.dirname(__FILE__), "_#{@provider.strategy}.html.erb")) %>
+    <%= render :partial => "#{@provider.strategy}", :locals => {:f => f, :provider => @provider} %>
+  <% end %>
+
+  <% button_bar do %>
+    <%= submit_button(:save, _('Save'), :cancel => {:action => 'index'}) %>
+  <% end %>
+<% end %>
 <h1><%= _('Oauth Client Settings') %></h1>
+<h3><%= _('Providers') %></h3>
+<%= link_to _('New'), {:action => 'new'} %>
+<table>
+  <tr>
+    <th><%= _('Name') %></th>
+    <th><%= _('Strategy') %></th>
+    <th><%= _('Actions') %></th>
+  </tr>
  
-<%= form_for(:settings) do |f| %>
-  <div class="providers">
-    <h3><%= _('Providers') %></h3>
-  <%= f.fields_for :providers, OpenStruct.new(@providers) do |p| %>
-
-    <% OauthClientPlugin::PROVIDERS.each do |available_provider, options| %>
-      <% provider = OpenStruct.new(@providers[available_provider]) %>
-
-      <%= p.fields_for available_provider, provider do |o| %>
-        <div class="provider">
-          <div class="name">
-            <h4><%= o.check_box :enabled, {:class => 'enable', :checked => provider.enabled=='true'}, true, false %>
-            <%= options[:name] %></h4>
-          </div>
-          <div class="options" style="<%= provider.enabled=='true' ? '':'display:none' %>">
-            <div class="client-id">
-              <span class="label"><%= _('Client ID') %></span>
-              <span class="value"><%= o.text_field :client_id %></span>
-            </div>
-            <div class="client-secret">
-              <span class="label"><%= _('Client Secret') %></span>
-              <span class="value"><%= o.text_field :client_secret %></span>
-            </div>
-          </div>
-        </div>
-      <% end %>
-    <% end %>
+  <% environment.oauth_providers.each do |provider| %>
+    <tr>
+      <td><%= provider.name %></td>
+      <td><%= provider.strategy %></td>
+      <td>
+        <%= link_to _('Edit'), {:action => 'edit', :id => provider.id} %>
+        <%= link_to _('Remove'), {:action => 'remove', :id => provider.id} %>
+      </td>
+    </tr>
   <% end %>
-
-  <% button_bar do %>
-    <%= submit_button(:save, _('Save'), :cancel => {:controller => 'plugins', :action => 'index'}) %>
-  <% end %>
-  </div>
-<% end %>
-
-<script>
-  jQuery(document).ready(function($) {
-    $('.providers .provider .enable').on('click', function() {
-      $(this).parents('.provider').find('.options').toggle('fast');
-    });
-  });
-</script>
+</table>
@@ -0,0 +1,8 @@
+module Doorkeeper
+  class ApplicationController < ApplicationController
+
+    include Helpers::Controller
+    helper 'doorkeeper/form_errors'
+
+  end
+end
@@ -0,0 +1,9 @@
+class OauthProviderApplicationsController < Doorkeeper::ApplicationsController
+
+  no_design_blocks
+  layout :get_layout
+
+  def show
+  end
+
+end
@@ -0,0 +1,6 @@
+class OauthProviderAuthorizedApplicationsController < Doorkeeper::AuthorizedApplicationsController
+
+  no_design_blocks
+  layout :get_layout
+
+end
@@ -0,0 +1,6 @@
+class OauthProviderPluginAdminController < AdminController
+
+  def index
+  end
+
+end
@@ -0,0 +1,10 @@
+class OauthProviderPluginPublicController < PublicController
+
+  doorkeeper_for :me
+
+  def me
+    user = User.find(doorkeeper_token.resource_owner_id) if doorkeeper_token
+    render :json => {:id =>user.login, :email => user.email}.to_json
+  end
+
+end
@@ -9,18 +9,14 @@ class OauthProviderPlugin &lt; Noosfero::Plugin
   end
  
   Doorkeeper.configure do
-    # Change the ORM that doorkeeper will use.
-    # Currently supported options are :active_record, :mongoid2, :mongoid3, :mongo_mapper
     orm :active_record
  
-    # This block will be called to check whether the resource owner is authenticated or not.
     resource_owner_authenticator do
       domain = Domain.find_by_name(request.host)
       environment = domain ? domain.environment : Environment.default
       environment.users.find_by_id(session[:user]) || redirect_to('/account/login')
     end
  
-    # If you want to restrict access to the web interface for adding oauth authorized applications, you need to declare the block below.
     admin_authenticator do
       domain = Domain.find_by_name(request.host)
       environment = domain ? domain.environment : Environment.default
@@ -31,81 +27,24 @@ class OauthProviderPlugin &lt; Noosfero::Plugin
       user
     end
  
-    # Authorization Code expiration time (default 10 minutes).
-    # authorization_code_expires_in 10.minutes
-
-    # Access token expiration time (default 2 hours).
-    # If you want to disable expiration, set this to nil.
-    # access_token_expires_in 2.hours
-
-    # Reuse access token for the same resource owner within an application (disabled by default)
-    # Rationale: https://github.com/doorkeeper-gem/doorkeeper/issues/383
-    # reuse_access_token
-
-    # Issue access tokens with refresh token (disabled by default)
-    # use_refresh_token
-
-    # Provide support for an owner to be assigned to each registered application (disabled by default)
-    # Optional parameter :confirmation => true (default false) if you want to enforce ownership of
-    # a registered application
-    # Note: you must also run the rails g doorkeeper:application_owner generator to provide the necessary support
-    # enable_application_owner :confirmation => false
-
-    # Define access token scopes for your provider
-    # For more information go to
-    # https://github.com/doorkeeper-gem/doorkeeper/wiki/Using-Scopes
-    # default_scopes  :public
-    # optional_scopes :write, :update
-
-    # Change the way client credentials are retrieved from the request object.
-    # By default it retrieves first from the `HTTP_AUTHORIZATION` header, then
-    # falls back to the `:client_id` and `:client_secret` params from the `params` object.
-    # Check out the wiki for more information on customization
-    # client_credentials :from_basic, :from_params
-
-    # Change the way access token is authenticated from the request object.
-    # By default it retrieves first from the `HTTP_AUTHORIZATION` header, then
-    # falls back to the `:access_token` or `:bearer_token` params from the `params` object.
-    # Check out the wiki for more information on customization
-    # access_token_methods :from_bearer_authorization, :from_access_token_param, :from_bearer_param
-
-    # Change the native redirect uri for client apps
-    # When clients register with the following redirect uri, they won't be redirected to any server and the authorization code will be displayed within the provider
-    # The value can be any string. Use nil to disable this feature. When disabled, clients must provide a valid URL
-    # (Similar behaviour: https://developers.google.com/accounts/docs/OAuth2InstalledApp#choosingredirecturi)
-    #
-    # native_redirect_uri 'urn:ietf:wg:oauth:2.0:oob'
-
-    # Specify what grant flows are enabled in array of Strings. The valid
-    # strings and the flows they enable are:
-    #
-    # "authorization_code" => Authorization Code Grant Flow
-    # "implicit"           => Implicit Grant Flow
-    # "password"           => Resource Owner Password Credentials Grant Flow
-    # "client_credentials" => Client Credentials Grant Flow
-    #
-    # If not specified, Doorkeeper enables all the four grant flows.
-    #
-    # grant_flows %w(authorization_code implicit password client_credentials)
-
-    # Under some circumstances you might want to have applications auto-approved,
-    # so that the user skips the authorization step.
-    # For example if dealing with trusted a application.
-    # skip_authorization do |resource_owner, client|
-    #   client.superapp? or resource_owner.admin?
-    # end
-
-    # WWW-Authenticate Realm (default "Doorkeeper").
-    # realm "Doorkeeper"
-
-    # Allow dynamic query parameters (disabled by default)
-    # Some applications require dynamic query parameters on their request_uri
-    # set to true if you want this to be allowed
-    # wildcard_redirect_uri false
+    default_scopes :public
   end
  
-  Rails.application.routes.prepend do
-    use_doorkeeper
+  Rails.configuration.to_prepare do
+    Rails.application.routes.prepend do
+      scope 'oauth_provider' do
+        use_doorkeeper do
+          controllers ({
+            :applications => 'oauth_provider_applications',
+            :authorized_applications => 'oauth_provider_authorized_applications'
+          })
+        end
+      end
+    end
   end
  
+  SCOPE_TRANSLATION = {
+    'public' => _('Access your public data')
+  }
+
 end
@@ -0,0 +1,5 @@
+<%- submit_btn_css ||= 'btn btn-link' %>
+<%= form_tag [:oauth, application] do %>
+  <input type="hidden" name="_method" value="delete">
+  <%= submit_tag 'Destroy', onclick: "return confirm('Are you sure?')", class: submit_btn_css %>
+<% end %>
@@ -0,0 +1,39 @@
+<%= form_for [:oauth, application], html: {class: 'form-horizontal', role: 'form'} do |f| %>
+  <% if application.errors.any? %>
+    <div class="alert alert-danger" data-alert>
+      <p><%= _('Whoops! Check your form for possible errors') %></p>
+    </div>
+  <% end %>
+
+  <%= content_tag :div, class: "form-group#{' has-error' if application.errors[:name].present?}" do %>
+    <%= f.label :name, class: 'col-sm-2 control-label', for: 'application_name' %>
+    <div class="col-sm-10">
+      <%= f.text_field :name, class: 'form-control' %>
+      <%= doorkeeper_errors_for application, :name %>
+    </div>
+  <% end %>
+
+  <%= content_tag :div, class: "form-group#{' has-error' if application.errors[:redirect_uri].present?}" do %>
+    <%= f.label :redirect_uri, class: 'col-sm-2 control-label', for: 'application_redirect_uri' %>
+    <div class="col-sm-10">
+      <%= f.text_area :redirect_uri, class: 'form-control' %>
+      <%= doorkeeper_errors_for application, :redirect_uri %>
+      <span class="help-block">
+        <%= _('Use one line per URI') %>
+        </span>
+      <% if Doorkeeper.configuration.native_redirect_uri %>
+          <span class="help-block">
+            Use <code><%= Doorkeeper.configuration.native_redirect_uri %></code> for local tests
+          </span>
+      <% end %>
+    </div>
+  <% end %>
+
+  <div class="form-group">
+    <div class="col-sm-offset-2 col-sm-10">
+      <%= f.submit _('Submit'), class: "btn btn-primary" %>
+      <%= link_to _("Cancel"), oauth_applications_path, :class => "btn btn-default" %>
+    </div>
+  </div>
+<% end %>
+
@@ -0,0 +1,5 @@
+<div class="page-header">
+  <h1><%= _('Edit application') %></h1>
+</div>
+
+<%= render 'form', application: @application %>
@@ -0,0 +1,26 @@
+<div class="page-header">
+  <h3><%= link_to _('Oauh Provider'), '/admin/plugin/oauth_provider' %></h3>
+</div>
+
+<p><%= link_to _('New Application'), new_oauth_application_path, class: 'btn btn-success' %></p>
+
+<table class="table table-striped">
+  <thead>
+  <tr>
+    <th><%= _('Name') %></th>
+    <th><%= _('Callback URL') %></th>
+    <th></th>
+    <th></th>
+  </tr>
+  </thead>
+  <tbody>
+  <% @applications.each do |application| %>
+    <tr id="application_<%= application.id %>">
+      <td><%= link_to application.name, [:oauth, application] %></td>
+      <td><%= application.redirect_uri %></td>
+      <td><%= link_to _('Edit'), edit_oauth_application_path(application), class: 'btn btn-link' %></td>
+      <td><%= render 'delete_form', application: application %></td>
+    </tr>
+  <% end %>
+  </tbody>
+</table>
@@ -0,0 +1,5 @@
+<div class="page-header">
+  <h1>New application</h1>
+</div>
+
+<%= render 'form', application: @application %>
@@ -0,0 +1,40 @@
+<div class="page-header">
+  <h1><%= _('Application: %s' % @application.name) %></h1>
+</div>
+
+<div class="row">
+  <div class="col-md-8">
+    <h4><%= _('Application Id:') %></h4>
+
+    <p><code id="application_id"><%= @application.uid %></code></p>
+
+    <h4><%= _('Secret:') %></h4>
+
+    <p><code id="secret"><%= @application.secret %></code></p>
+
+    <h4><%= _('Callback urls:') %></h4>
+
+    <table>
+      <% @application.redirect_uri.split.each do |uri| %>
+        <tr>
+          <td>
+            <code><%= uri %></code>
+          </td>
+          <td>
+          </td>
+        </tr>
+      <% end %>
+    </table>
+  </div>
+
+  <div class="col-md-4">
+    <h3><%= _('Actions') %></h3>
+
+    <p>
+      <%= link_to _('Edit'), edit_oauth_application_path(@application), class: 'btn btn-primary' %>
+      <%= link_to _("Cancel"), oauth_applications_path, :class => "btn btn-default" %>
+    </p>
+
+    <p><%= render 'delete_form', application: @application, submit_btn_css: 'btn btn-danger' %></p>
+  </div>
+</div>
@@ -0,0 +1,7 @@
+<div class="page-header">
+  <h1>An error has occurred</h1>
+</div>
+
+<main role="main">
+  <pre><%= @pre_auth.error_response.body[:error_description] %></pre>
+</main>
@@ -0,0 +1,40 @@
+<header class="page-header" role="banner">
+  <h1><%= _('Authorize required') %></h1>
+</header>
+
+<main role="main">
+  <p class="h4">
+  <%= _('Authorize %s to use your account?' % "<strong class=\"text-info\">#{@pre_auth.client.name}</strong>") %>
+  </p>
+
+  <% if @pre_auth.scopes %>
+    <div id="oauth-permissions">
+      <p><%= _('This application will be able to:') %></p>
+
+      <ul class="text-info">
+        <% @pre_auth.scopes.each do |scope| %>
+          <li><%= OauthProviderPlugin::SCOPE_TRANSLATION[scope] %></li>
+        <% end %>
+      </ul>
+    </div>
+  <% end %>
+
+  <div class="actions">
+    <%= form_tag oauth_authorization_path, method: :post do %>
+      <%= hidden_field_tag :client_id, @pre_auth.client.uid %>
+      <%= hidden_field_tag :redirect_uri, @pre_auth.redirect_uri %>
+      <%= hidden_field_tag :state, @pre_auth.state %>
+      <%= hidden_field_tag :response_type, @pre_auth.response_type %>
+      <%= hidden_field_tag :scope, @pre_auth.scope %>
+      <%= submit_tag _("Authorize"), class: "btn btn-success btn-lg btn-block" %>
+    <% end %>
+    <%= form_tag oauth_authorization_path, method: :delete do %>
+      <%= hidden_field_tag :client_id, @pre_auth.client.uid %>
+      <%= hidden_field_tag :redirect_uri, @pre_auth.redirect_uri %>
+      <%= hidden_field_tag :state, @pre_auth.state %>
+      <%= hidden_field_tag :response_type, @pre_auth.response_type %>
+      <%= hidden_field_tag :scope, @pre_auth.scope %>
+      <%= submit_tag _("Deny"), class: "btn btn-danger btn-lg btn-block" %>
+    <% end %>
+  </div>
+</main>
@@ -0,0 +1,7 @@
+<header class="page-header">
+  <h1>Authorization code:</h1>
+</header>
+
+<main role="main">
+  <code id="authorization_code"><%= params[:code] %></code>
+</main>
@@ -0,0 +1,5 @@
+<%- submit_btn_css ||= 'btn btn-link' %>
+<%= form_tag oauth_authorized_application_path(application) do %>
+  <input type="hidden" name="_method" value="delete">
+  <%= submit_tag 'Revoke', onclick: "return confirm('Are you sure?')", class: submit_btn_css %>
+<% end %>
@@ -0,0 +1,25 @@
+<header class="page-header">
+  <h1>Your authorized applications</h1>
+</header>
+
+<main role="main">
+  <table class="table table-striped">
+    <thead>
+    <tr>
+      <th>Application</th>
+      <th>Created At</th>
+      <th></th>
+      <th></th>
+    </tr>
+    </thead>
+    <tbody>
+    <% @applications.each do |application| %>
+      <tr>
+        <td><%= application.name %></td>
+        <td><%= application.created_at.strftime('%Y-%m-%d %H:%M:%S') %></td>
+        <td><%= render 'delete_form', application: application %></td>
+      </tr>
+    <% end %>
+    </tbody>
+  </table>
+</main>
@@ -0,0 +1,11 @@
+<div class="oauth-provider">
+<h3><%= _('Oauh Provider') %></h3>
+
+  <div class="applications">
+    <%= link_to _('Applications'), oauth_applications_path %>
+  </div>
+  <div class="authorized-applications">
+    <%= link_to _('Authorized Applications'), oauth_authorized_applications_path %>
+  </div>
+
+</div>
1	1	class OauthClientPluginAdminController < AdminController
2	2
3	3	def index
4		- settings = params[:settings] \|\| {}
	4	+ end
	5	+
	6	+ def new
	7	+ @provider = environment.oauth_providers.new
	8	+ render :file => 'oauth_client_plugin_admin/edit'
	9	+ end
	10	+
	11	+ def remove
	12	+ environment.oauth_providers.find(params[:id]).destroy
	13	+ redirect_to :action => 'index'
	14	+ end
5	15
6		- @settings = Noosfero::Plugin::Settings.new(environment, OauthClientPlugin, settings)
7		- @providers = @settings.get_setting(:providers) \|\| {}
	16	+ def edit
	17	+ @provider = params[:id] ? environment.oauth_providers.find(params[:id]) : environment.oauth_providers.new
8	18	if request.post?
9		- @settings.save!
10		- session[:notice] = 'Settings succefully saved.'
11		- redirect_to :action => 'index'
	19	+ if @provider.update_attributes(params['oauth_client_plugin_provider'])
	20	+ session[:notice] = _('Saved!')
	21	+ else
	22	+ session[:notice] = _('Error!')
	23	+ end
12	24	end
13	25	end
14	26
...	...
...	...	@@ -2,21 +2,12 @@ class OauthClientPluginPublicController < PublicController
2	2
3	3	def callback
4	4	auth = request.env["omniauth.auth"]
5		- login = auth.info.email.split('@').first
6		- user = environment.users.find_with_omniauth(auth)
7		-
8		- if user
9		- session[:user] = user
10		- redirect_to :controller => :account, :action => :login
11		- else
12		- session[:oauth_data] = auth
13		- name = auth.info.name
14		- name \|\|= auth.extra && auth.extra.raw_info ? auth.extra.raw_info.name : ''
15		- redirect_to :controller => :account, :action => :signup, :user => {:login => login, :email => auth.info.email}, :profile_data => {:name => name}
16		- end
	5	+ user = environment.users.find_by_email(auth.info.email)
	6	+ user ? login(user) : signup(auth)
17	7	end
18	8
19	9	def failure
	10	+ session[:notice] = _('Failed to login')
20	11	redirect_to root_url
21	12	end
22	13
...	...	@@ -25,4 +16,29 @@ class OauthClientPluginPublicController < PublicController
25	16	redirect_to root_url
26	17	end
27	18
	19	+ protected
	20	+
	21	+ def login(user)
	22	+ provider = OauthClientPlugin::Provider.find(session[:provider_id])
	23	+ user_provider = user.oauth_user_providers.find_by_provider_id(provider.id)
	24	+ unless user_provider
	25	+ user_provider = user.oauth_user_providers.create(:user => user, :provider => provider, :enabled => true)
	26	+ end
	27	+ if user_provider.enabled? && provider.enabled?
	28	+ session[:user] = user.id
	29	+ else
	30	+ session[:notice] = _("Can't login with #{provider.name}")
	31	+ end
	32	+
	33	+ redirect_to :controller => :account, :action => :login
	34	+ end
	35	+
	36	+ def signup(auth)
	37	+ login = auth.info.email.split('@').first
	38	+ session[:oauth_data] = auth
	39	+ name = auth.info.name
	40	+ name \|\|= auth.extra && auth.extra.raw_info ? auth.extra.raw_info.name : ''
	41	+ redirect_to :controller => :account, :action => :signup, :user => {:login => login, :email => auth.info.email}, :profile_data => {:name => name}
	42	+ end
	43	+
28	44	end
...	...
...	...	@@ -1,9 +0,0 @@
1		-class AddSettingsToUsers < ActiveRecord::Migration
2		- def self.up
3		- add_column :users, :settings, :string
4		- end
5		-
6		- def self.down
7		- remove_column :users, :settings
8		- end
9		-end
...	...	@@ -0,0 +1,19 @@
	1	+class CreateOauthClientPluginProvider < ActiveRecord::Migration
	2	+
	3	+ def self.up
	4	+ create_table :oauth_client_plugin_providers do \|t\|
	5	+ t.integer :environment_id
	6	+ t.string :strategy
	7	+ t.string :name
	8	+ t.text :options
	9	+ t.boolean :enabled
	10	+ t.integer :image_id
	11	+
	12	+ t.timestamps
	13	+ end
	14	+ end
	15	+
	16	+ def self.down
	17	+ drop_table :oauth_client_plugin_providers
	18	+ end
	19	+end
...	...
...	...	@@ -0,0 +1,14 @@
	1	+class CreateOauthClientUserProviders < ActiveRecord::Migration
	2	+ def self.up
	3	+ create_table :oauth_client_plugin_user_providers do \|t\|
	4	+ t.references :user
	5	+ t.references :provider
	6	+ t.boolean :enabled
	7	+ t.timestamps
	8	+ end
	9	+ end
	10	+
	11	+ def self.down
	12	+ drop_table :oauth_client_plugin_user_providers
	13	+ end
	14	+end
...	...
...	...	@@ -0,0 +1,7 @@
	1	+require_dependency 'environment'
	2	+
	3	+class Environment
	4	+
	5	+ has_many :oauth_providers, :class_name => 'OauthClientPlugin::Provider'
	6	+
	7	+end
...	...
...	...	@@ -2,21 +2,11 @@ require_dependency 'user'
2	2
3	3	class User
4	4
5		- acts_as_having_settings :field => :settings
6		-
7		- settings_items :oauth_providers, :type => Array, :default => []
8		-
9		- def self.find_with_omniauth(auth)
10		- user = self.find_by_email(auth.info.email)
11		- if user && !user.oauth_providers.empty? #FIXME save new oauth providers
12		- user
13		- else
14		- nil
15		- end
16		- end
	5	+ has_many :oauth_user_providers, :class_name => 'OauthClientPlugin::UserProvider'
	6	+ has_many :oauth_providers, :through => :oauth_user_providers, :source => :provider
17	7
18	8	def password_required_with_oauth?
19		- password_required_without_oauth? && oauth_providers.blank?
	9	+ password_required_without_oauth? && oauth_providers.empty?
20	10	end
21	11
22	12	alias_method_chain :password_required?, :oauth
...	...	@@ -24,7 +14,12 @@ class User
24	14	after_create :activate_oauth_user
25	15
26	16	def activate_oauth_user
27		- activate unless oauth_providers.empty?
	17	+ unless oauth_providers.empty?
	18	+ activate
	19	+ oauth_providers.each do \|provider\|
	20	+ OauthClientPlugin::UserProvider.create!(:user => self, :provider => provider, :enabled => true)
	21	+ end
	22	+ end
28	23	end
29	24
30	25	def make_activation_code_with_oauth
...	...
...	...	@@ -13,7 +13,7 @@ class OauthClientPlugin < Noosfero::Plugin
13	13	def login_extra_contents
14	14	plugin = self
15	15	proc do
16		- render :partial => 'auth/oauth_login', :locals => {:providers => plugin.enabled_providers}
	16	+ render :partial => 'auth/oauth_login', :locals => {:providers => environment.oauth_providers.enabled}
17	17	end
18	18	end
19	19
...	...	@@ -29,12 +29,6 @@ class OauthClientPlugin < Noosfero::Plugin
29	29	end
30	30	end
31	31
32		- def enabled_providers
33		- settings = Noosfero::Plugin::Settings.new(context.environment, OauthClientPlugin)
34		- providers = settings.get_setting(:providers)
35		- providers.select {\|provider, options\| options[:enabled]}
36		- end
37		-
38	32	PROVIDERS = {
39	33	:facebook => {
40	34	:name => 'Facebook'
...	...	@@ -55,18 +49,24 @@ class OauthClientPlugin < Noosfero::Plugin
55	49
56	50	Rails.application.config.middleware.use OmniAuth::Builder do
57	51	PROVIDERS.each do \|provider, options\|
58		- provider provider, :setup => lambda { \|env\|
	52	+ setup = lambda { \|env\|
59	53	request = Rack::Request.new env
60	54	strategy = env['omniauth.strategy']
61	55
62	56	domain = Domain.find_by_name(request.host)
63	57	environment = domain.environment rescue Environment.default
64		- settings = Noosfero::Plugin::Settings.new(environment, OauthClientPlugin)
65		- providers = settings.get_setting(:providers)
66	58
67		- strategy.options.client_id = providers[provider][:client_id]
68		- strategy.options.client_secret = providers[provider][:client_secret]
69		- }, :path_prefix => '/plugin/oauth_client', :callback_path => "/plugin/oauth_client/public/callback/#{provider}"
	59	+ provider_id = request.session['omniauth.params'] ? request.session['omniauth.params']['id'] : request.params['id']
	60	+ provider = environment.oauth_providers.find(provider_id)
	61	+ strategy.options.merge!(provider.options.symbolize_keys)
	62	+
	63	+ request.session[:provider_id] = provider_id
	64	+ }
	65	+
	66	+ provider provider, :setup => setup,
	67	+ :path_prefix => '/plugin/oauth_client',
	68	+ :callback_path => "/plugin/oauth_client/public/callback/#{provider}",
	69	+ :client_options => { :connection_opts => { :proxy => ENV["HTTP_PROXY"] \|\| ENV["http_proxy"] \|\| ENV["HTTPS_PROXY"] \|\| ENV["https_proxy"] } }
70	70	end
71	71
72	72	unless Rails.env.production?
...	...	@@ -81,7 +81,7 @@ class OauthClientPlugin < Noosfero::Plugin
81	81	auth = session[:oauth_data]
82	82
83	83	if auth.present? && params[:user].present?
84		- params[:user][:oauth_providers] = [{:provider => auth.provider, :uid => auth.uid}]
	84	+ params[:user][:oauth_providers] = [OauthClientPlugin::Provider.find(session[:provider_id])]
85	85	if request.post? && auth.info.email != params[:user][:email]
86	86	raise "Wrong email for oauth signup"
87	87	end
...	...
...	...	@@ -0,0 +1,20 @@
	1	+class OauthClientPlugin::Provider < Noosfero::Plugin::ActiveRecord
	2	+
	3	+ belongs_to :environment
	4	+
	5	+ validates_presence_of :name, :strategy
	6	+
	7	+ acts_as_having_image
	8	+ acts_as_having_settings :field => :options
	9	+
	10	+ settings_items :client_id, :type => :string
	11	+ settings_items :client_secret, :type => :string
	12	+ settings_items :client_options, :type => Hash
	13	+
	14	+ attr_accessible :name, :environment, :strategy, :client_id, :client_secret, :enabled, :client_options, :image_builder
	15	+
	16	+ scope :enabled, :conditions => {:enabled => true}
	17	+
	18	+ acts_as_having_image
	19	+
	20	+end
...	...
...	...	@@ -0,0 +1,10 @@
	1	+class OauthClientPlugin::UserProvider < Noosfero::Plugin::ActiveRecord
	2	+
	3	+ belongs_to :user, :class_name => 'User'
	4	+ belongs_to :provider, :class_name => 'OauthClientPlugin::Provider'
	5	+
	6	+ set_table_name :oauth_client_plugin_user_providers
	7	+
	8	+ attr_accessible :user, :provider, :enabled
	9	+
	10	+end
...	...