Implementation based off of Ueberauth Twitter

Author: tielur

LICENSE

@@ -0,0 +1,21 @@
+The MIT License (MIT)
+
+Copyright (c) 2015 Sean Callan
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

README.md

@@ -1,19 +1,78 @@
-# UeberauthGoodreads
+# Überauth Goodreads
 
-**TODO: Add description**
+> Goodreads strategy for Überauth.
+
+_Note_: Sessions are required for this strategy.
 
 ## Installation
 
-If [available in Hex](https://hex.pm/docs/publish), the package can be installed
-by adding `ueberauth_goodreads` to your list of dependencies in `mix.exs`:
+1. Setup your application at [Gooreads Developers](https://www.goodreads.com/api/keys).
+
+1. Add `:ueberauth_goodreads` to your list of dependencies in `mix.exs`:
+
+    ```elixir
+    def deps do
+      [{:ueberauth_goodreads, "~> 0.1"},
+       {:oauth, github: "tim/erlang-oauth"}]
+    end
+    ```
+
+1. Add the strategy to your applications:
+
+    ```elixir
+    def application do
+      [applications: [:ueberauth_goodreads]]
+    end
+    ```
+
+1. Add Goodreads to your Überauth configuration:
+
+    ```elixir
+    config :ueberauth, Ueberauth,
+      providers: [
+        goodreads: {Ueberauth.Strategy.Goodreads, []}
+      ]
+    ```
+
+1.  Update your provider configuration:
+
+    ```elixir
+    config :ueberauth, Ueberauth.Strategy.Goodreads.OAuth,
+      consumer_key: System.get_env("GOODREADS_CONSUMER_KEY"),
+      consumer_secret: System.get_env("GOODREADS_CONSUMER_SECRET")
+    ```
+
+1.  Include the Überauth plug in your controller:
+
+    ```elixir
+    defmodule MyApp.AuthController do
+      use MyApp.Web, :controller
+      plug Ueberauth
+      ...
+    end
+    ```
+
+1.  Create the request and callback routes if you haven't already:
+
+    ```elixir
+    scope "/auth", MyApp do
+      pipe_through :browser
+
+      get "/:provider", AuthController, :request
+      get "/:provider/callback", AuthController, :callback
+    end
+    ```
+
+1. You controller needs to implement callbacks to deal with `Ueberauth.Auth` and `Ueberauth.Failure` responses.
+
+For an example implementation see the [Überauth Example](https://github.com/ueberauth/ueberauth_example) application.
+
+## Calling
+
+Depending on the configured url you can initial the request through:
 
-```elixir
-def deps do
-  [{:ueberauth_goodreads, "~> 0.1.0"}]
-end
-```
+    /auth/goodreads
 
-Documentation can be generated with [ExDoc](https://github.com/elixir-lang/ex_doc)
-and published on [HexDocs](https://hexdocs.pm). Once published, the docs can
-be found at [https://hexdocs.pm/ueberauth_goodreads](https://hexdocs.pm/ueberauth_goodreads).
+## License
 
+Please see [LICENSE](https://github.com/tielur/ueberauth_goodreads/blob/master/LICENSE) for licensing details.

lib/strategy/goodreads.ex

@@ -0,0 +1,118 @@
+defmodule Ueberauth.Strategy.Goodreads do
+  @moduledoc """
+  Goodreads Strategy for Überauth.
+  """
+
+  use Ueberauth.Strategy, uid_field: :id_str
+
+  alias Ueberauth.Auth.Info
+  alias Ueberauth.Auth.Credentials
+  alias Ueberauth.Auth.Extra
+  alias Ueberauth.Strategy.Goodreads
+  import SweetXml
+
+  @doc """
+  Handles initial request for Goodreads authentication.
+  """
+  def handle_request!(conn) do
+    token = Goodreads.OAuth.request_token!([], [redirect_uri: callback_url(conn)])
+    conn
+    |> put_session(:goodreads_token, token)
+    |> redirect!(Goodreads.OAuth.authorize_url!(token))
+  end
+
+  @doc """
+  Handles the callback from Goodreads.
+  """
+  def handle_callback!(%Plug.Conn{params: %{"authorize" => oauth_verifier}} = conn) do
+    token = get_session(conn, :goodreads_token)
+    case Goodreads.OAuth.access_token(token, oauth_verifier) do
+      {:ok, access_token} -> fetch_user(conn, access_token)
+      {:error, error} -> set_errors!(conn, [error(error.code, error.reason)])
+    end
+  end
+
+  @doc false
+  def handle_callback!(conn) do
+    set_errors!(conn, [error("missing_code", "No code received")])
+  end
+
+  @doc false
+  def handle_cleanup!(conn) do
+    conn
+    |> put_private(:goodreads_user, nil)
+    |> put_session(:goodreads_token, nil)
+  end
+
+  @doc """
+  Fetches the uid field from the response.
+  """
+  def uid(conn) do
+    uid_field =
+      conn
+      |> option(:uid_field)
+      |> to_string
+
+    conn.private.goodreads_user[uid_field]
+  end
+
+  @doc """
+  Includes the credentials from the Goodreads response.
+  """
+  def credentials(conn) do
+    {token, secret} = conn.private.goodreads_token
+
+    %Credentials{token: token, secret: secret}
+  end
+
+  @doc """
+  Fetches the fields to populate the info section of the `Ueberauth.Auth` struct.
+  """
+  def info(conn) do
+    user = conn.private.goodreads_user
+
+    %Info{
+      name: user["name"],
+      urls: %{
+        Goodreads: user["link"]
+      }
+    }
+  end
+
+  @doc """
+  Stores the raw information (including the token) obtained from the Goodreads callback.
+  """
+  def extra(conn) do
+    {token, _secret} = get_session(conn, :goodreads_token)
+
+    %Extra{
+      raw_info: %{
+        token: token,
+        user: conn.private.goodreads_user
+      }
+    }
+  end
+
+  defp fetch_user(conn, token) do
+    params = [include_entities: false, skip_status: true, include_email: true]
+    case Goodreads.OAuth.get("/api/auth_user", params, token) do
+      {:ok, {{_, 401, _}, _, _}} ->
+        set_errors!(conn, [error("token", "unauthorized")])
+      {:ok, {{_, status_code, _}, _, body}} when status_code in 200..399 ->
+        body = %{
+          "id" => body |> xpath(~x"//user/@id"),
+          "name" => body |> xpath(~x"//user/name/text()"),
+          "link" => body |> xpath(~x"//user/link/text()")
+        }
+        conn
+        |> put_private(:goodreads_token, token)
+        |> put_private(:goodreads_user, body)
+      {:ok, {_, _, body}} ->
+        set_errors!(conn, [error("user", "fetch user error")])
+    end
+  end
+
+  defp option(conn, key) do
+    Dict.get(options(conn), key, Dict.get(default_options, key))
+  end
+end

lib/strategy/goodreads/oauth.ex

@@ -0,0 +1,115 @@
+defmodule Ueberauth.Strategy.Goodreads.OAuth do
+  @moduledoc """
+  OAuth1 for Goodreads.
+  Add `consumer_key` and `consumer_secret` to your configuration:
+  config :ueberauth, Ueberauth.Strategy.Goodreads.OAuth,
+    consumer_key: System.get_env("GOODREADS_CONSUMER_KEY"),
+    consumer_secret: System.get_env("GOODREADS_CONSUMER_SECRET"),
+    redirect_uri: System.get_env("GOODREADS_REDIRECT_URI")
+  """
+
+  @defaults [access_token: "/oauth/access_token",
+             authorize_url: "/oauth/authorize",
+             request_token: "/oauth/request_token",
+             site: "http://www.goodreads.com"]
+
+  def access_token({token, token_secret}, verifier, opts \\ []) do
+    opts
+    |> client
+    |> to_url(:access_token)
+    |> String.to_char_list
+    |> :oauth.get([oauth_verifier: verifier], consumer(client), token, token_secret)
+    |> decode_access_response
+  end
+
+  def access_token!(access_token, verifier, opts \\ []) do
+    case access_token(access_token, verifier, opts) do
+      {:ok, token} -> token
+      {:error, error} -> raise error
+    end
+  end
+
+  def authorize_url!({token, _token_secret}, opts \\ []) do
+    opts
+    |> client
+    |> to_url(:authorize_url, %{"oauth_token" => List.to_string(token)})
+  end
+
+  def client(opts \\ []) do
+    config = Application.get_env(:ueberauth, __MODULE__)
+
+    @defaults
+    |> Keyword.merge(config)
+    |> Keyword.merge(opts)
+    |> Enum.into(%{})
+  end
+
+  def get(url, access_token), do: get(url, [], access_token)
+  def get(url, params, {token, token_secret}) do
+    client
+    |> to_url(url)
+    |> String.to_char_list
+    |> :oauth.get(params, consumer(client), token, token_secret)
+  end
+
+  def request_token(params \\ [], opts \\ []) do
+    client = client(opts)
+    params = Keyword.put_new(params, :oauth_callback, client.redirect_uri)
+
+    client
+    |> to_url(:request_token)
+    |> String.to_char_list
+    |> :oauth.get(params, consumer(client))
+    |> decode_request_response
+  end
+
+  def request_token!(params \\ [], opts \\ []) do
+    case request_token(params, opts) do
+      {:ok, token} -> token
+      {:error, error} -> raise error
+    end
+  end
+
+  defp consumer(client), do: {client.consumer_key, client.consumer_secret, :hmac_sha1}
+
+  defp decode_access_response({:ok, {{_, 200, _}, _, _} = resp}) do
+    params = :oauth.params_decode(resp)
+    token = :oauth.token(params)
+    token_secret = :oauth.token_secret(params)
+
+    {:ok, {token, token_secret}}
+  end
+  defp decode_access_response({:ok, {{_, status_code, status_description}, _, _}}), do: {:error, "#{status_code} - #{status_description}"}
+  defp decode_access_response({:error, {error, [_, {:inet, [:inet], error_reason}]}}), do: {:error, "#{error}: #{error_reason}"}
+  defp decode_access_response(error), do: {:error, error}
+
+  defp decode_request_response({:ok, {{_, 200, _}, _, _} = resp}) do
+    params = :oauth.params_decode(resp)
+    token = :oauth.token(params)
+    token_secret = :oauth.token_secret(params)
+
+    {:ok, {token, token_secret}}
+  end
+  defp decode_request_response({:ok, {{_, status_code, status_description}, _, _}}), do: {:error, "#{status_code} - #{status_description}"}
+  defp decode_request_response({:error, {error, [_, {:inet, [:inet], error_reason}]}}), do: {:error, "#{error}: #{error_reason}"}
+  defp decode_request_response(error), do: {:error, error}
+
+  defp endpoint("/" <> _path = endpoint, client), do: client.site <> endpoint
+  defp endpoint(endpoint, _client), do: endpoint
+
+  defp to_url(client, endpoint, params \\ nil) do
+    endpoint =
+      client
+      |> Map.get(endpoint, endpoint)
+      |> endpoint(client)
+
+    endpoint =
+      if params do
+        endpoint <> "?" <> URI.encode_query(params)
+      else
+        endpoint
+      end
+
+    endpoint
+  end
+end

lib/ueberauth_goodreads.ex

@@ -1,18 +1,3 @@
 defmodule UeberauthGoodreads do
-  @moduledoc """
-  Documentation for UeberauthGoodreads.
-  """
-
-  @doc """
-  Hello world.
-
-  ## Examples
-
-      iex> UeberauthGoodreads.hello
-      :world
-
-  """
-  def hello do
-    :world
-  end
-end
+  @moduledoc false
+end