0.0
No commit activity in last 3 years
No release in over 3 years
The OAuth 2.0 Authorization Framework draft-ietf-oauth-v2-28 implementation on top of devise.
2005
2006
2007
2008
2009
2010
2011
2012
2013
2014
2015
2016
2017
2018
2019
2020
2021
2022
2023
2024
 Dependencies

Development

Runtime

>= 2.1
>= 3.0.0
 Project Readme

Devise::Oauth

Installation

Add it to your Gemfile

gem 'devise_oauth'

Mount engine in your routes.rb file

mount Devise::Oauth::Engine => '/oauth'

Define possible scopes in your application.rb

Devise::Oauth.scopes = [:read, :write]

Add strategies to your User model

class User < ActiveRecord::Base
  devise :database_authenticatable,
         #:registerable,
         #:recoverable,
         #:rememberable,
         #:trackable,
         #:omniauthable,

         # OAuth provider
         :access_token_authenticatable,
         :client_ownable,
         :resource_ownable

Create migration [TODO: write generator]

look at db/migrate/20120622164619_devise_create_oauth.rb for now

CanCan support

if your app is accessed with access_token then we set it as oauth_token to current_user

class Ability
  include CanCan::Ability

  def initialize(user)
    user ||= User.new # guest user (not logged in)
    if user.oauth_token?
      # has access_token, so we set access rights with scope
      setup_client(user)
    else
      # normal user access rights setup
      setup(user)
    end

    # See the wiki for details: https://github.com/ryanb/cancan/wiki/Defining-Abilities
  end

  private

  def setup_client(user)
    if user.oauth_scope? :write
      can :create, :protected_resource
    end
  end

  def setup(user)

  end
end

This project rocks and uses MIT-LICENSE.