I'm struggling finding a usable gem which provides the following for a Rails 2.3.5 application:
我正在努力寻找一个可用的gem,它为Rails 2.3.5应用程序提供了以下功能:
- we want to protect out API with oAuth 2; therefore a Controller for creating access/request Tokens and the models (Client, Token,...) are required
- 我们想用oAuth 2保护API;因此需要一个控制器来创建访问/请求令牌和模型(客户端、令牌、…)
- we want to consume oAuth2 Services like Facebook and Twitter
- 我们想要消费oAuth2服务,比如Facebook和Twitter
It would also be nice to have support for 3 legged and 2 legged authentication.
支持三条腿和两条腿的身份验证也很好。
I found those gems, but they all have major drawbacks:
我发现了这些宝石,但它们都有主要的缺点:
- oauth-ruby (github.com/oauth/oauth-ruby)
- i'm not quite sure if it already implements oauth2 mechanisms
- 我不太确定它是否已经实现了oauth2机制
- more like a basic lib for services on top
- 更像是顶部服务的基本库
- 我不太确定它是否已经实现了oauth2机制,它更像是*服务的基本库。
- oauth-plugin (github.com/pelle/oauth-plugin)
- looks convenient BUT oauth2 only supported in rails3 branch :(
- 看起来很方便,但oauth2只在rails3分支中:(
- oauth-plugin (github.com/pelle/oauth-plugin)看上去很方便,但oauth2仅在rails3分支中得到支持:(
- oauth2 (github.com/intridea/oauth2)
- only for oAuth2 Consumers / no Provider Functionality
- 只针对oAuth2使用者/无提供程序功能
- oauth2仅用于oauth2使用者/无提供者功能
- oauth2-ruby (github.com/aflatter/oauth2-ruby/tree/)
- last Commit: 16.07.10 "DESCTRUCTIVE COMMIT" :(
- 最后承诺:16.07.10“承诺承诺”:(
- based on oAuth2 Draft 00 (old!)
- 基于oAuth2 Draft 00 (old!)
- oAuth2 -ruby (github.com/aflatter/oauth2-ruby/tree/)最后提交:16.07.10“DESCTRUCTIVE Commit”(基于oAuth2 Draft 00 (old!)
- oauth2-provider (github.com/ThoughtWorksStudios/oauth2_provider)
- last Commit: 21.10.10 - good
- 最后一次承诺:21.10.10 -好的
- only Provider functionality :(
- 只有提供者功能:(
- based on oAuth2 Draft 09 (quite recent)
- 基于oAuth2草案09(最近)
- oAuth2提供者(github.com/thoughtworksstudios/oauth2_provider)最后一次提交:21.10.10——优秀的唯一提供者功能:(基于oAuth2草案09(最近))
Did anybody achieve those requirenments with one or a combination of those gems? Could you please provide me a direction?
有没有人用这些宝石来实现这些要求?你能给我指路吗?
Any help is much appreciated!
非常感谢您的帮助!
3 个解决方案
#1
1
I can't help with your search. But I'll just say that that's a pretty large number of implementations for a protocol that is still in very active development :)
我帮不了你的忙。但我要说的是,对于一个仍在积极开发中的协议来说,这是相当多的实现:)
See my pointers to the current OAuth 2.0 status, as of draft 11, at https://security.stackexchange.com/questions/1187/what-were-the-specific-security-flaws-with-oauth-1-0-how-are-they-being-addresse/1201#1201
请参见我在https://security.stackexchange.com/questions/1187/ were-the-specific- security-security- -with-oauth-1-0- how-the-being-addresse/1201 #1201中给出的当前OAuth 2.0状态的指示
(Can anyone characterize the degree of interoperability between the different drafts of 2.0?)
(谁能描述2.0的不同草案之间的互操作性程度?)
#2
1
Wanted to add a couple more libraries that I've come across. I haven't used either, but I thought they should be on this post for people to compare:
我还想添加一些我遇到过的库。我也没用过,但是我认为他们应该在这篇文章上让人们来比较:
- https://github.com/songkick/oauth2-provider
- https://github.com/songkick/oauth2-provider
- https://github.com/flowtown/rack-oauth2-server
- https://github.com/flowtown/rack-oauth2-server
#3
1
I've evaluated most of the gems listed in this thread, and in my (biased) opinion the devise_oauth2_providable gem is the best oauth2 provider backend for a rails app. it's goal is to be the easiest integration for existing rails apps and I'd recommend giving it a look over.
我已经评估了这个线程中列出的大多数gem,并且在我(有偏见的)看来,devise_oauth2_providable gem是rails应用程序的最佳oauth2提供程序后端。
https://github.com/socialcast/devise_oauth2_providable
https://github.com/socialcast/devise_oauth2_providable
You can mix and match a different gem for oauth2 consumers since they are different enough responsibilities.
您可以为oauth2消费者混合并匹配不同的gem,因为它们的职责不同。
#1
1
I can't help with your search. But I'll just say that that's a pretty large number of implementations for a protocol that is still in very active development :)
我帮不了你的忙。但我要说的是,对于一个仍在积极开发中的协议来说,这是相当多的实现:)
See my pointers to the current OAuth 2.0 status, as of draft 11, at https://security.stackexchange.com/questions/1187/what-were-the-specific-security-flaws-with-oauth-1-0-how-are-they-being-addresse/1201#1201
请参见我在https://security.stackexchange.com/questions/1187/ were-the-specific- security-security- -with-oauth-1-0- how-the-being-addresse/1201 #1201中给出的当前OAuth 2.0状态的指示
(Can anyone characterize the degree of interoperability between the different drafts of 2.0?)
(谁能描述2.0的不同草案之间的互操作性程度?)
#2
1
Wanted to add a couple more libraries that I've come across. I haven't used either, but I thought they should be on this post for people to compare:
我还想添加一些我遇到过的库。我也没用过,但是我认为他们应该在这篇文章上让人们来比较:
- https://github.com/songkick/oauth2-provider
- https://github.com/songkick/oauth2-provider
- https://github.com/flowtown/rack-oauth2-server
- https://github.com/flowtown/rack-oauth2-server
#3
1
I've evaluated most of the gems listed in this thread, and in my (biased) opinion the devise_oauth2_providable gem is the best oauth2 provider backend for a rails app. it's goal is to be the easiest integration for existing rails apps and I'd recommend giving it a look over.
我已经评估了这个线程中列出的大多数gem,并且在我(有偏见的)看来,devise_oauth2_providable gem是rails应用程序的最佳oauth2提供程序后端。
https://github.com/socialcast/devise_oauth2_providable
https://github.com/socialcast/devise_oauth2_providable
You can mix and match a different gem for oauth2 consumers since they are different enough responsibilities.
您可以为oauth2消费者混合并匹配不同的gem,因为它们的职责不同。