I'm attempting to pull a request token via https://launchpad.net using sinatra, and a custom omniauth strategy
require 'omniauth-oauth'
require 'oauth/signature/plaintext'
require 'multi_json'
require 'pp'
module OmniAuth
module Strategies
class Launchpad < OmniAuth::Strategies::OAuth
option :name, "launchpad"
option :client_options, {
:authorize_url => 'https://launchpad.net/+authorize-token',
:request_token_url => 'https://launchpad.net/+request-token',
:site => 'https://api.launchpad.net',
:consumer_key => 'rubystfu',
:signature_method => 'PLAINTEXT',
:signature => '%26'
}
def request_phase
super
end
uid {
raw_info[:name]
}
info do
{
:description => raw_info['description'],
:name => raw_info['name'],
:display_name => raw_info['display_name'],
:karma => raw_info['karma'],
:self_link => raw_info['self_link'],
:email => raw_info['email']
}
end
extra do
{
:raw_info => raw_info
}
end
def raw_info
raw_info
end
end
end
end
I've setup my sinatra app in this fashion
#!/usr/bin/env ruby
require 'rubygems'
require 'bundler'
Bundler.setup :default, :development, :chonk
require 'sinatra'
require 'haml'
require 'omniauth-launchpad'
use Rack::Session::Cookie
use OmniAuth::Builder do
provider :launchpad
end
set :sessions, true
set :logging, true
class ChonkApp < Sinatra::Application
helpers do
def check_auth
redirect "/" if not session[:user]
end
end
get '/' do
redirect "/app" if session[:user]
haml :index
end
get '/app' do
check_auth
"#{session[:user]} | <a href='/logout'>logout</a>"
end
get '/logout' do
session.clear
redirect '/'
end
%w(get post).each do |method|
send(method, "/auth/:name/callback") do
auth = request.env['omniauth.auth']
a = auth.info
session[:user] = "%s %s (%s)" % [a.email, a.name, a.nickname]
redirect "/app"
end
end
get '/auth/failure' do
"I dunno wtfook happened."
end
end
The documentation states it needs 3 posted params for this to work:
To obtain a request token, send a POST request to https://launchpad.net/+request-token. (Note: not api.launchpad.net!) This is the same kind of POST a web browser does when it submits a form. You should submit the following values in form-URL-encoded format.
oauth_consumer_key: Your consumer key oauth_signature_method: The string "PLAINTEXT" oauth_signature: The string "&".
So the HTTP request might look like this:
POST /+request-token HTTP/1.1 Host: launchpad.net Content-type: application/x-www-form-urlencoded oauth_consumer_key=just+testing&oauth_signature_method=PLAINTEXT&oauth_signature=%26 The response should look something like this: 200 OK oauth_token=9kDgVhXlcVn52HGgCWxq&oauth_token_secret=jMth55Zn3pbkPGNht450XHNcHVGTJm9Cqf5ww5HlfxfhEEPKFflMqCXHNVWnj2sWgdPjqDJNRDFlt92f
The only thing I can see that may be incorrect is the signature_method and/or signature. Im pretty new to ruby so any advice is appreciated. The error that is coming back is a '401 unauthorized' and I haven't quite figured out how to print some debugging output on what exactly is being passed to https://launchpad.net during the request.
The link to the documentation for signing requests is here: https://help.launchpad.net/API/SigningRequests
thanks
p.s. the source for the omniauth-launchpad is https://github.com/battlemidget/omniauth-launchpad, and for the actual application https://github.com/battlemidget/chonk
curl --data 'oauth_consumer_key=just+testing&oauth_signature_method=PLAINTEXT&oauth_signature=%26' https://launchpad.net/+request-token– iain Feb 3 at 20:51