CSC/ECE 517 Fall 2013/ch1 1w19 rj
Using secure API authorization via OAuth
OAuth is the de facto standard authentication mechanism used by prominent websites like Facebook and Twitter. This wiki discusses Ruby support for OAuth and highlight using examples.
Introduction to OAuth
OAuth in Ruby
Creating an OAuth Provider
1. Create a Rails application
rails new OAuthProviderApp
2. Add devise and oauth-plugin gems to your Gemfile
gem 'devise' gem 'oauth-plugin'
3. Run bundle install to install the Gems
bundle install
4. Run the generator for devise:install and devise:User to generate the User model, controller and views
rails generate devise:install rails generate devise User
The above commands generates the migration and model for User.
5. Run the oauth_provider generator
rails generate oauth_provider
This will generate the migrations, models, controllers, views and routes for the following:
- OAuthToken or AccessToken - The token used to associate the request with the resource owner.
- ClientApplication - Client application that needs access to the services offered by the Server on behalf of the Resource owner
- OAuthNonce - Used for verifying requests from the client
6. Migrate the database to create User table in the database
rake db:migrate
7.
Creating an OAuth Consumer
- Step 1
- Step 2
- Step 3