Giter Site home page Giter Site logo

hawkinsunlimited / doorkeeper-provider-app Goto Github PK

View Code? Open in Web Editor NEW

This project forked from gottfrois/doorkeeper-provider-app

0.0 2.0 0.0 171 KB

Rails sample API using Devise, Doorkeeper and OAuth2

Ruby 88.27% JavaScript 1.59% CoffeeScript 2.11% CSS 1.78% HTML 6.25%

doorkeeper-provider-app's Introduction

Doorkeeper Provider App

Here you will find a Doorkeeper Provder demo using Devise and Mongoid 2.4.x.

Please see Doorkeeper for documentation on doorkeeper.

Please see OAuth2 for documentation on OAuth2 and to understand the requests calls below.

I used Ryan Bates railscast #353 to build this application. Some updates had been made to make it work with mongoid.

Getting started

Just clone the repository and launch the bundle command:

git clone git://github.com/gottfrois/doorkeeper-provider-app.git
cd doorkeeper-provider-app
bundle

Then start all services using foreman:

foreman start

If foreman is not installed yet, you can either start services manually or install foreman with:

gem install foreman

or manually start services:

mongod run --config /usr/local/etc/mongod.conf
bundle exec rails s -p 5100

Run the following rake command to seed the database:

bundle exec rake db:seed

This will create two users you can use to play with the application:

email: "[email protected]", password: "please"
email: "lee.do@myappcom", password: "please"

You are good to visit http://localhost:5100 and enjoy :)

API

This app provide basic API calls. The current API endpoints are:

GET /api/conversations
GET /api/conversations/:id
GET /api/conversations/:conversation_id/messages
GET /api/conversations/:conversation_id/messages/:id
GET /api/users
GET /api/users/me
POST /api/users
POST /api/conversations
PUT /api/conversations/:conversation_id/messages/:id
DELETE /api/conversations/:conversation_id/messages/:id

See routes file for more details.

All API controllers are under "app/controllers/api/v1/". Just create a new folder (namespace) to build a new API version.

See below how to make api call in rails console.

Manage applications

Run the server and go to http://localhost:5100/oauth/applications to see and manage authorized applications.

Tips

If you want to use this for registering a mobile client for example, you might want to skip the "authorize application" process. This way you won't have to ask your client to authorize on the server with a web browser. You will just get your token from the api server.

You can simulate a client using curl:

curl -i http://localhost:5100/oauth/token \
-F grant_type="client_credentials" \
-F client_id="your_application_id" \
-F client_secret="your_secret"

You can use user credentials to get the token without validations:

curl -i http://localhost:5100/oauth/token \
-F grant_type="password" \
-F username="a_user_email_address" \
-F password="a_user_password" \
-F client_id="your_application_id" \
-F client_secret="your_secret"

You can use irb console to test:

irb -r oauth2

Then in the console:

app_id = "your_app_id"
secret = "your_secret"
client = OAuth2::Client.new(app_id, secret, site: "http://localhost:5100")
access = OAuth2::AccessToken.from_hash(client, {"access_token" => "the_token_returned_from_curl_command","token_type" => "bearer","expires_in" => 7200})

access.get('/api/users').parsed
access.get('/api/users/me').parsed
access.get('/api/conversations').parsed
access.get('/api/conversations/some_id/').parsed
access.get('/api/conversations/some_id/messages').parsed

access.post('/api/users', body: {user: {email: '[email protected]', password: 'please'}}).parsed
access.post('/api/conversations', body: {conversation: {messages_attributes: [{body: 'foo'}]}}).parsed

access.put('/api/conversations/5022caba1de760379b000003/messages/5022caba1de760379b000004', body: {message: {body: 'new content'}}).parsed

access.delete('/api/conversations/5022caba1de760379b000003/messages/5022caba1de760379b000004').parsed

Note: When making the POST request on /api/users, you'll probable want to do it without a token you've got from curl passing some user's credentials. In another word, my example is made such that you can create a new user from an API call passing a valid token, but a token acquired without some user's credentials. Like the curl command we saw previously:

curl -i http://localhost:5100/oauth/token \
-F grant_type="client_credentials" \
-F client_id="your_application_id" \
-F client_secret="your_secret"

Then you could get a brand new token (and use this one for further requests if you want change the "current_user" context to your new user) acquired this time with your new user's credentials.

Note on CORS (Cross Origin Resource Sharing)

You might be cronfronted to some issues while requesting for an other domain (from a mobile application for example).

For this demo application, I have used rack-cors middleware in order to set HTTP headers to allow CORS.

That's it for now !

doorkeeper-provider-app's People

Contributors

gottfrois avatar wnkz avatar

Watchers

James Cloos avatar Michael Hawkins avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.