class Trello::Authorization::OAuthPolicy

Handles the OAuth connectivity to Trello.

For 2-legged OAuth, do the following:

OAuthPolicy.consumer_credential = OAuthCredential.new "public_key", "secret"
OAuthPolicy.token               = OAuthCredential.new "token_key", nil

For 3-legged OAuth, do the following:

OAuthPolicy.consumer_credential = OAuthCredential.new "public_key", "secret"
OAuthPolicy.return_url          = "http://your.site.com/path/to/receive/post"
OAuthPolicy.callback            = Proc.new do |request_token|
  DB.save(request_token.key, request_token.secret)
  redirect_to request_token.authorize_url
end

Then, recreate the request token given the request token key and secret you saved earlier, and the consumer, and pass that RequestToken instance the get_access_token method, and store that in OAuthPolicy.token as a OAuthCredential.

Attributes

callback[RW]
consumer_credential[RW]
return_url[RW]
token[RW]
attributes[RW]
callback[RW]
consumer_credential[RW]
return_url[RW]
token[RW]

Public Class Methods

authorize(request) click to toggle source
# File lib/trello/authorization.rb, line 76
def authorize(request)
  new.authorize(request)
end
new(attrs = {}) click to toggle source
# File lib/trello/authorization.rb, line 84
def initialize(attrs = {})
  @consumer_key       = attrs[:consumer_key]
  @consumer_secret    = attrs[:consumer_secret]
  @oauth_token        = attrs[:oauth_token]
  @oauth_token_secret = attrs[:oauth_token_secret]
  @return_url         = attrs[:return_url]          || self.class.return_url
  @callback           = attrs[:callback]            || self.class.callback
end

Public Instance Methods

authorize(request) click to toggle source
# File lib/trello/authorization.rb, line 93
def authorize(request)
  unless consumer_credential
    Trello.logger.error "The consumer_credential has not been supplied."
    fail "The consumer_credential has not been supplied."
  end

  if token
    request.headers = {"Authorization" => get_auth_header(request.uri, :get)}
    request
  else
    consumer(return_url: return_url, callback_method: :postMessage)
    request_token = consumer.get_request_token(oauth_callback: return_url)
    callback.call request_token
    return nil
  end
end
consumer_key() click to toggle source
# File lib/trello/authorization.rb, line 118
def consumer_key
  consumer_credential.key
end
consumer_secret() click to toggle source
# File lib/trello/authorization.rb, line 122
def consumer_secret
  consumer_credential.secret
end
oauth_token() click to toggle source
# File lib/trello/authorization.rb, line 126
def oauth_token
  token.key
end
oauth_token_secret() click to toggle source
# File lib/trello/authorization.rb, line 130
def oauth_token_secret
  token.secret
end

Private Instance Methods

build_consumer_credential() click to toggle source
# File lib/trello/authorization.rb, line 136
def build_consumer_credential
  if @consumer_key && @consumer_secret
    OAuthCredential.new @consumer_key, @consumer_secret
  else
    self.class.consumer_credential
  end
end
build_token() click to toggle source
# File lib/trello/authorization.rb, line 144
def build_token
  if @oauth_token
    OAuthCredential.new @oauth_token, @oauth_token_secret
  else
    self.class.token
  end
end
consumer(options = {}) click to toggle source
# File lib/trello/authorization.rb, line 163
def consumer(options = {})
  @consumer ||= OAuth::Consumer.new(
    consumer_credential.key,
    consumer_credential.secret,
    consumer_params(options)
  )
end
consumer_params(params = {}) click to toggle source
# File lib/trello/authorization.rb, line 152
def consumer_params(params = {})
  {
    scheme: :header,
    scope: 'read,write,account',
    http_method: :get,
    request_token_path: "https://trello.com/1/OAuthGetRequestToken",
    authorize_path: "https://trello.com/1/OAuthAuthorizeToken",
    access_token_path: "https://trello.com/1/OAuthGetAccessToken"
  }.merge!(params)
end
get_auth_header(url, verb, options = {}) click to toggle source
# File lib/trello/authorization.rb, line 171
def get_auth_header(url, verb, options = {})
  request = Net::HTTP::Get.new Addressable::URI.parse(url).to_s

  consumer.options[:signature_method] = 'HMAC-SHA1'
  consumer.options[:nonce]            = Nonce.next
  consumer.options[:timestamp]          = Clock.timestamp
  consumer.options[:uri]              = url
  consumer.key                        = consumer_credential.key
  consumer.secret                     = consumer_credential.secret

  consumer.sign!(request, OAuth::Token.new(token.key, token.secret))

  request['authorization']
end