Current section
Files
Jump to
Current section
Files
lib/ueberauth/strategy/weibo.ex
defmodule Ueberauth.Strategy.Weibo do
@moduledoc """
Provides an Ueberauth strategy for authenticating with Weibo.
### Setup
Create an application in Weib for you to use.
Register a new application at: [weibo open platform page](http://open.weibo.com/apps)
and get the `client_id` and `client_secret`.
Include the provider in your configuration for Ueberauth
config :ueberauth, Ueberauth,
providers: [
weibo: { Ueberauth.Strategy.Weibo, [] }
]
Then include the configuration for weibo.
config :ueberauth, Ueberauth.Strategy.Weibo.OAuth,
client_id: System.get_env("WEIBO_CLIENT_ID"),
client_secret: System.get_env("WEIBO_CLIENT_SECRET")
If you haven't already, create a pipeline and setup routes for your callback handler
pipeline :auth do
Ueberauth.plug "/auth"
end
scope "/auth" do
pipe_through [:browser, :auth]
get "/:provider/callback", AuthController, :callback
end
Create an endpoint for the callback where you will handle the `Ueberauth.Auth` struct
defmodule MyApp.AuthController do
use MyApp.Web, :controller
def callback_phase(%{ assigns: %{ ueberauth_failure: fails } } = conn, _params) do
# do things with the failure
end
def callback_phase(%{ assigns: %{ ueberauth_auth: auth } } = conn, params) do
# do things with the auth
end
end
"""
use Ueberauth.Strategy, oauth2_module: Ueberauth.Strategy.Weibo.OAuth
alias Ueberauth.Auth.Info
alias Ueberauth.Auth.Credentials
alias Ueberauth.Auth.Extra
@doc """
Handles the initial redirect to the weibo authentication page.
request url:
"/auth/weibo"
You can also include a `state` param that weibo will return to you.
"""
def handle_request!(conn) do
opts = []
if conn.params["state"], do: opts = Keyword.put(opts, :state, conn.params["state"])
opts = Keyword.put(opts, :redirect_uri, callback_url(conn))
module = option(conn, :oauth2_module)
redirect!(conn, apply(module, :authorize_url!, [opts]))
end
@doc """
Handles the callback from Weibo. When there is a failure from Weibo the failure is included in the
`ueberauth_failure` struct. Otherwise the information returned from Weibo is returned in the `Ueberauth.Auth` struct.
"""
def handle_callback!(%Plug.Conn{ params: %{ "code" => code } } = conn) do
module = option(conn, :oauth2_module)
token = apply(module, :get_token!, [[code: code]])
if token.access_token == nil do
set_errors!(conn, [error(token.other_params["error"], token.other_params["error_description"])])
else
fetch_user(conn, token)
end
end
@doc false
def handle_callback!(conn) do
set_errors!(conn, [error("missing_code", "No code received")])
end
@doc """
Cleans up the private area of the connection used for passing the raw Weibo response around during the callback.
"""
def handle_cleanup!(conn) do
conn
|> put_private(:weibo_user, nil)
|> put_private(:weibo_token, nil)
end
@doc """
Fetches the uid field from the Weibo response.
"""
def uid(conn) do
conn.private.weibo_user["idstr"]
end
@doc """
Includes the credentials from the Weibo response.
"""
def credentials(conn) do
token = conn.private.weibo_token
scopes = (token.other_params["scope"] || "")
|> String.split(",")
%Credentials{
token: token.access_token,
refresh_token: token.refresh_token,
expires_at: token.expires_at,
token_type: token.token_type,
expires: !!token.expires_at,
scopes: scopes
}
end
@doc """
Fetches the fields to populate the info section of the `Ueberauth.Auth` struct.
"""
def info(conn) do
user = conn.private.weibo_user
%Info{
name: user["name"],
nickname: user["screen_name"],
location: user["location"],
description: user["description"],
image: image_url(conn),
urls: %{
blog: user["url"],
weibo: weibo_url(conn)
}
}
end
defp weibo_url(conn) do
user = conn.private.weibo_user
domain = user["domain"]
uid = user["idstr"]
if domain, do: "http://weibo.com/#{domain}", else: "http://weibo.com/u/#{uid}"
end
defp image_url(conn) do
user = conn.private.weibo_user
user["avatar_hd"] || user["avatar_large"] || user["profile_image_url"]
end
@doc """
Stores the raw information (including the token) obtained from the Weibo callback.
"""
def extra(conn) do
%Extra {
raw_info: %{
token: conn.private.weibo_token,
user: conn.private.weibo_user
}
}
end
defp fetch_user(conn, token) do
conn = put_private(conn, :weibo_token, token)
uid = token.other_params["uid"]
access_token = token.access_token
fetch_user_url = "/2/users/show.json?uid=#{uid}&access_token=#{access_token}"
case OAuth2.AccessToken.get(token, fetch_user_url) do
{ :ok, %OAuth2.Response{status_code: 401, body: _body}} ->
set_errors!(conn, [error("token", "unauthorized")])
{ :ok, %OAuth2.Response{status_code: status_code, body: user} } when status_code in 200..399 ->
put_private(conn, :weibo_user, user)
{ :error, %OAuth2.Error{reason: reason} } ->
set_errors!(conn, [error("OAuth2", reason)])
end
end
defp option(conn, key) do
Dict.get(options(conn), key, Dict.get(default_options, key))
end
end