replace weibo_2 gem with my simple auth code

robbin · robbin · commit c7cebdadfb6c · 2013-02-24T23:23:50.000+08:00
diff --git a/Gemfile b/Gemfile
@@ -20,7 +20,7 @@ gem 'will_paginate', :require => ['will_paginate/active_record', 'will_paginate/
 gem 'sanitize'
 gem 'carrierwave', :require => ['carrierwave', 'carrierwave/orm/activerecord']
 gem 'mini_magick'
-gem 'weibo_2'
+gem "rest-client"
 
 # Production requirements
 group :production do
diff --git a/Gemfile.lock b/Gemfile.lock
@@ -57,34 +57,20 @@ GEM
     eventmachine (1.0.0)
     factory_girl (4.2.0)
       activesupport (>= 3.0.0)
-    faraday (0.8.5)
-      multipart-post (~> 1.1)
     github-markdown (0.5.3)
-    hashie (1.2.0)
     http_router (0.10.2)
       rack (>= 1.0.0)
       url_mount (~> 0.2.1)
-    httpauth (0.2.0)
     i18n (0.6.1)
-    json (1.7.7)
-    jwt (0.1.5)
-      multi_json (>= 1.0)
     kgio (2.8.0)
     method_source (0.8.1)
     mime-types (1.21)
     mini_magick (3.4)
       subexec (~> 0.2.1)
     minitest (2.6.2)
     multi_json (1.5.1)
-    multipart-post (1.1.5)
     mysql2 (0.3.11)
     nokogiri (1.5.6)
-    oauth2 (0.8.0)
-      faraday (~> 0.8)
-      httpauth (~> 0.1)
-      jwt (~> 0.1.4)
-      multi_json (~> 1.0)
-      rack (~> 1.2)
     pry (0.9.11.4)
       coderay (~> 1.0.5)
       method_source (~> 0.8)
@@ -123,11 +109,6 @@ GEM
       raindrops (~> 0.7)
     url_mount (0.2.1)
       rack
-    weibo_2 (0.1.1)
-      hashie (~> 1.2.0)
-      json (~> 1.7.3)
-      oauth2 (~> 0.8.0)
-      rest-client (~> 1.6.7)
     will_paginate (3.0.4)
 
 PLATFORMS
@@ -154,8 +135,8 @@ DEPENDENCIES
   rack-test
   rainbows
   rake
+  rest-client
   sanitize
   second_level_cache!
   thin
-  weibo_2
   will_paginate
diff --git a/app/controllers/home.rb b/app/controllers/home.rb
@@ -59,47 +59,36 @@
   # weibo authentication
   get :weibo_login do
     session[:quick_login] = true if params[:quick_login]
-    redirect WeiboOAuth2::Client.new.authorize_url
+    redirect WeiboAuth.new.authorize_url
   end
 
   get :weibo_callback do
-    client = WeiboOAuth2::Client.new
+    halt 401, "没有微博验证码" unless params[:code]
+    auth = WeiboAuth.new
     begin
-      if access_token = client.auth_code.get_token(params[:code].to_s)
-        weibo_uid = access_token.params["uid"]
-        token = client.get_token_from_hash({:access_token => access_token.token, :expires_at => access_token.expires_at})
-        if token.validated?
-          @account = Account.where(:provider => 'weibo', :uid => weibo_uid).first
-
-          # create commenter account when first weibo login
-          unless @account 
-            weibo_user = client.users.show_by_uid(weibo_uid)
-            @account = Account.create(:provider => 'weibo', :uid => weibo_uid, :name => weibo_user.screen_name, :role => 'commenter', :profile_url => weibo_user.profile_url, :profile_image_url => weibo_user.profile_image_url)
-          end
-      
-          # update weibo profile if profile is empty
-          if @account.profile_url.blank? || @account.profile_image_url.blank?
-            weibo_user = client.users.show_by_uid(weibo_uid)
-            @account.update_attributes(:profile_url => weibo_user.profile_url, :profile_image_url => weibo_user.profile_image_url)
-          end
-      
-          session[:account_id] = @account.id
-          if session[:quick_login]
-            session[:quick_login] = nil
-            render 'home/weibo_callback', :layout => false
-          else
-            flash[:notice] = '成功登录'
-            redirect_to url(:index)
-          end
-        end
+      auth.callback(params[:code])
+      user_info = auth.get_user_info
+      @account = Account.where(:provider => 'weibo', :uid => user_info['id'].to_i).first
+      # create commenter account when first weibo login
+      unless @account 
+        @account = Account.create(:provider => 'weibo', :uid => user_info['id'], :name => user_info['screen_name'], :role => 'commenter', :profile_url => user_info['profile_url'], :profile_image_url => user_info['profile_image_url'])
+      end
+      # update weibo profile if profile is empty
+      if @account.profile_url.blank? || @account.profile_image_url.blank?
+        @account.update_attributes(:profile_url => user_info['profile_url'], :profile_image_url => user_info['profile_image_url'])
+      end
+      session[:account_id] = @account.id
+      if session[:quick_login]
+        session[:quick_login] = nil
+        render 'home/weibo_callback', :layout => false
       else
-        halt 401, "授权失败，请重试几次"
+        flash[:notice] = '成功登录'
+        redirect_to url(:index)
       end
     rescue => e
       STDERR.puts e
       STDERR.puts e.backtrace.join("\n")
       halt 401, "授权失败，请重试几次"
     end
   end
-
 end
diff --git a/config/boot.rb b/config/boot.rb
@@ -69,9 +69,4 @@
 # Set carrierwave sanitize
 CarrierWave::SanitizedFile.sanitize_regexp = /[^[:word:]\.\-\+]/
 
-# Weibo config
-WeiboOAuth2::Config.api_key = APP_CONFIG['weibo_api_key']
-WeiboOAuth2::Config.api_secret = APP_CONFIG['weibo_api_secret']
-WeiboOAuth2::Config.redirect_uri = APP_CONFIG['weibo_redirect_uri']
-
 Padrino.load!
diff --git a/lib/weibo_auth.rb b/lib/weibo_auth.rb
@@ -0,0 +1,40 @@
+# encoding: utf-8
+require 'timeout'
+
+OpenSSL::SSL::VERIFY_PEER = OpenSSL::SSL::VERIFY_NONE
+
+class WeiboAuth
+  
+  def authorize_url
+    "https://api.weibo.com/oauth2/authorize?response_type=code&client_id=#{APP_CONFIG['weibo_api_key']}&redirect_uri=#{URI.escape APP_CONFIG['weibo_redirect_uri']}"    
+  end
+
+  def callback(code)
+    @uid = Timeout::timeout(20) do
+      @access_token = JSON.parse(RestClient.post('https://api.weibo.com/oauth2/access_token', 
+                                                 :client_id => APP_CONFIG['weibo_api_key'], 
+                                                 :client_secret => APP_CONFIG['weibo_api_secret'],
+                                                 :grant_type => 'authorization_code',
+                                                 :code => code,
+                                                 :redirect_uri => APP_CONFIG['weibo_redirect_uri'])
+                                )['access_token']
+      JSON.parse(RestClient.get("https://api.weibo.com/2/account/get_uid.json?access_token=#{@access_token}"))['uid']
+    end
+    raise Error, "验证失败" unless @uid
+  rescue Timeout::Error
+    raise Error, "访问超时，请稍后重试"
+  end
+
+  def get_user_info
+    user_info = Timeout::timeout(20) do
+      JSON.parse(RestClient.get("https://api.weibo.com/2/users/show.json?uid=#{@uid}&access_token=#{@access_token}"))
+    end
+    unless user_info["name"]
+      STDERR.puts "Weibo获取用户信息错误:" + user_info.inspect
+      raise Error, "获取用户信息时发生错误，请稍后重试"
+    end
+    user_info
+  rescue Timeout::Error
+    raise Error, "访问超时，请稍后重试"
+  end
+end
