yine devise modeli olan rails üzerinden gideceğiz. yanlız burda login sayfası olmayacak. login butonuna tıkladığımızda 4000 portundaki sistemden login olacak ve tekrar 3000 portundaki client programına yönlenip giren kişinin bilgilerini getircek ve aynı zamanda login olmuş olacak
gem:
gem 'omniauth'
gem 'omniauth-oauth2', '~> 1.3.1'
$bundle
gelen bilgilerin user modelinde karşılığı olmalı
$ rails g migration AddOmniauthToUsers uid:integer token:string
$ rake db:migrate
controllars/omniauth_callbacks_controller.rb dosyası oluşturup aşağıdaki şekilde güncelleyelim
class OmniauthCallbacksController < Devise::OmniauthCallbacksController
def doorkeeper
oauth_data = request.env["omniauth.auth"]
@user=User.find_by_uid(oauth_data.uid)
if @user!=nil
@user.uid=oauth_data.uid
@user.save
else
@user=User.create(
uid: oauth_data.uid,
email: oauth_data.info.email,
token: oauth_data.credentials.token
)
@user.save
end
sign_in_and_redirect @user , :event => :authentication
end
end
controllars/api_controller.rb
class ApiController < ApplicationController
respond_to :json
def explore
@json = doorkeeper_access_token.get("api/v1/#{params[:api]}").parsed
respond_with @json
end
end
user.rb
devise :database_authenticatable,
:recoverable, :rememberable, :omniauthable
root sayfası olarak home/index.html.erb olarrak ayarladığımızı düşünürsek bu sayfanın login ve log_out grişlerini düzenleyelım
<div class="row">
<p>
<h1> Uygulama A </h1>
</p>
</div>
<br/>
<div class="row">
<%if user_signed_in?%>
<%=current_user.email%>
<%= link_to "Sign out", destroy_user_session_path, method: :destroy%>
<%else%>
<%= link_to "Sign in Uzem", user_omniauth_authorize_path(:doorkeeper), :class => "btn primary"%>
<%end%>
</div>
config/application.rb
config.AppID = 'providerAppId'
config.AppSecret='providerSecret',
config.AppSite="provider web adress"
initializers/devise.rb
require File.expand_path('lib/omniauth/strategies/doorkeeper', Rails.root)
Devise.setup do |config|
config.mailer_sender = 'please-change-me-at-config-initializers- devise@example.com'
require 'devise/orm/active_record'
config.case_insensitive_keys = [:email]
config.strip_whitespace_keys = [:email]
config.skip_session_storage = [:http_auth]
config.stretches = Rails.env.test? ? 1 : 10
config.reconfirmable = true
config.expire_all_remember_me_on_sign_out = true
config.password_length = 8..72
config.reset_password_within = 6.hours
config.sign_out_via = :delete
config.omniauth :doorkeeper, Rails.application.config.AppID, Rails.application.config.AppSecret,
:client_options => {:site => Rails.application.config.AppSite}
end
=> sitedeki adres provider uygulamasının çalıştıgı port
controller/application_controller.rb
class ApplicationController < ActionController::Base
protect_from_forgery
def doorkeeper_oauth_client
@client ||= OAuth2::Client.new( Rails.application.config.AppID, Rails.application.config.AppSecret, :site => Rails.application.config.AppSite)
end
def doorkeeper_access_token
@token ||= OAuth2::AccessToken.new(doorkeeper_oauth_client, current_user.doorkeeper_access_token) if current_user
end
end
routes.rb
Rails.application.routes.draw do
get 'explore/:api', to: 'api#explore',:as => :explore_api
devise_for :users, :controllers => { :omniauth_callbacks => "omniauth_callbacks" }
devise_scope :user do
get '/users/sign_out' => 'devise/sessions#destroy'
end
root :to => 'home#index'
end
aşağıdaki dosyalar yoksa oluşturalım.
doorkeeper.rb
module OmniAuth
module Strategies
class Doorkeeper < OmniAuth::Strategies::OAuth2
option :name, :doorkeeper
option :client_options, {
:site => "http://localhost:4000",
:authorize_path => "/oauth/authorize"
}
uid do
raw_info["id"]
end
info do
{
:email => raw_info["email"]
}
end
def raw_info
@raw_info ||= access_token.get('/api/v1/me.json').parsed
end
end
end
end
Çalıştırıp Bakalım
sign in e tıkladığımızda 4000 portuna gidip login olmamızı isteyecek
provider@gmail.com ile giriş yapalım
client programını buradan indirebilirsiniz