Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Gem for oAuth2 Consumer AND Provider functionality in Rails 2.3.5

Tags:

ruby-on-rails

rubygems

oauth

oauth-2.0

oauth-provider

I'm struggling finding a usable gem which provides the following for a Rails 2.3.5 application:

  • we want to protect out API with oAuth 2; therefore a Controller for creating access/request Tokens and the models (Client, Token,...) are required
  • we want to consume oAuth2 Services like Facebook and Twitter

It would also be nice to have support for 3 legged and 2 legged authentication.

I found those gems, but they all have major drawbacks:

  • oauth-ruby (github.com/oauth/oauth-ruby)
    • i'm not quite sure if it already implements oauth2 mechanisms
    • more like a basic lib for services on top
  • oauth-plugin (github.com/pelle/oauth-plugin)
    • looks convenient BUT oauth2 only supported in rails3 branch :(
  • oauth2 (github.com/intridea/oauth2)
    • only for oAuth2 Consumers / no Provider Functionality
  • oauth2-ruby (github.com/aflatter/oauth2-ruby/tree/)
    • last Commit: 16.07.10 "DESCTRUCTIVE COMMIT" :(
    • based on oAuth2 Draft 00 (old!)
  • oauth2-provider (github.com/ThoughtWorksStudios/oauth2_provider)
    • last Commit: 21.10.10 - good
    • only Provider functionality :(
    • based on oAuth2 Draft 09 (quite recent)

Did anybody achieve those requirenments with one or a combination of those gems? Could you please provide me a direction?

Any help is much appreciated!

like image 564
Makibo Avatar asked Oct 26 '10 16:10

Makibo

2 Answers

I can't help with your search. But I'll just say that that's a pretty large number of implementations for a protocol that is still in very active development :)

See my pointers to the current OAuth 2.0 status, as of draft 11, at https://security.stackexchange.com/questions/1187/what-were-the-specific-security-flaws-with-oauth-1-0-how-are-they-being-addresse/1201#1201

(Can anyone characterize the degree of interoperability between the different drafts of 2.0?)

like image 89
nealmcb Avatar answered Nov 14 '22 14:11

nealmcb

Wanted to add a couple more libraries that I've come across. I haven't used either, but I thought they should be on this post for people to compare:

  • https://github.com/songkick/oauth2-provider
  • https://github.com/flowtown/rack-oauth2-server
like image 37
Travis Reeder Avatar answered Nov 14 '22 14:11

Travis Reeder
Sign in to Comment

Related questions

How do get a random DateTime rounded to beginning of hour in Rails?
Renaming the created_at, updated_at columns of ActiveRecord/Rails
sudo gem install pg won't work
how to use strip_tags and truncate inside my Model.rb?
web2py in the future? [closed]
Adding a submit button image to a Rails form
How to send emails with multiple, dynamic smtp using Actionmailer/Ruby on Rails
Can't open rails console: production database not configured, establish_connection raises ActiveRecord::AdapterNotSpecified
How to speed up assets compilation for tests?
Testing REST-API responses with Rspec and Rack::Test
Use rails_admin forms in custom views?
How to simply stop or restart foreman processes
Routes in Engine mounted on subdomain do not inherit the constraints
Sidekiq concurrency and database connections pool
Rails select_tag onchange ajax request
Microdata: How to use with templates/partials?
How to use Byebug with Sidekiq and Foreman
Reusable remote modal Rails
What's the best way to implement gmail style "undo" in Rails?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!