omniauth-dingtalk-oauth2-1.0.1/0000755000004100000410000000000014256367660016377 5ustar www-datawww-dataomniauth-dingtalk-oauth2-1.0.1/Gemfile.lock0000644000004100000410000000356114256367660020626 0ustar www-datawww-dataPATH remote: . specs: omniauth-dingtalk-oauth2 (1.0.1) omniauth-oauth2 (~> 1.7) GEM remote: https://rubygems.org/ specs: diff-lcs (1.5.0) faraday (1.10.0) faraday-em_http (~> 1.0) faraday-em_synchrony (~> 1.0) faraday-excon (~> 1.1) faraday-httpclient (~> 1.0) faraday-multipart (~> 1.0) faraday-net_http (~> 1.0) faraday-net_http_persistent (~> 1.0) faraday-patron (~> 1.0) faraday-rack (~> 1.0) faraday-retry (~> 1.0) ruby2_keywords (>= 0.0.4) faraday-em_http (1.0.0) faraday-em_synchrony (1.0.0) faraday-excon (1.1.0) faraday-httpclient (1.0.1) faraday-multipart (1.0.3) multipart-post (>= 1.2, < 3) faraday-net_http (1.0.1) faraday-net_http_persistent (1.2.0) faraday-patron (1.0.0) faraday-rack (1.0.0) faraday-retry (1.0.3) hashie (4.1.0) jwt (2.3.0) multi_json (1.15.0) multi_xml (0.6.0) multipart-post (2.1.1) oauth2 (1.4.7) faraday (>= 0.8, < 2.0) jwt (>= 1.0, < 3.0) multi_json (~> 1.3) multi_xml (~> 0.5) rack (>= 1.2, < 3) omniauth (2.0.4) hashie (>= 3.4.6) rack (>= 1.6.2, < 3) rack-protection omniauth-oauth2 (1.7.2) oauth2 (~> 1.4) omniauth (>= 1.9, < 3) rack (2.2.3) rack-protection (2.1.0) rack rake (12.3.3) rspec (3.11.0) rspec-core (~> 3.11.0) rspec-expectations (~> 3.11.0) rspec-mocks (~> 3.11.0) rspec-core (3.11.0) rspec-support (~> 3.11.0) rspec-expectations (3.11.0) diff-lcs (>= 1.2.0, < 2.0) rspec-support (~> 3.11.0) rspec-mocks (3.11.0) diff-lcs (>= 1.2.0, < 2.0) rspec-support (~> 3.11.0) rspec-support (3.11.0) ruby2_keywords (0.0.5) PLATFORMS ruby DEPENDENCIES omniauth-dingtalk-oauth2! rake (~> 12.0) rspec (~> 3.0) BUNDLED WITH 2.2.31 omniauth-dingtalk-oauth2-1.0.1/.rspec0000644000004100000410000000006514256367660017515 0ustar www-datawww-data--format documentation --color --require spec_helper omniauth-dingtalk-oauth2-1.0.1/README.md0000644000004100000410000000212514256367660017656 0ustar www-datawww-data# Omniauth DingTalk This project forked from [https://github.com/jinhucheung/omniauth-dingding](https://github.com/jinhucheung/omniauth-dingding). To use it, you'll need to sign up for an OAuth2 Application ID and Secret on the [DingTalk Applications Page](https://open-dev.dingtalk.com/). ## Installation Add this line to your application's Gemfile: ```ruby gem 'omniauth-dingtalk-oauth2' ``` And then execute: ``` $ bundle install ``` ## Usage `OmniAuth::Strategies::Dingtalk` is simply a Rack middleware. Read the OmniAuth docs for detailed instructions: https://github.com/intridea/omniauth. Here's a quick example, adding the middleware to a Rails app in `config/initializers/omniauth.rb`: ```ruby Rails.application.config.middleware.use OmniAuth::Builder do provider :dingtalk, ENV['DINGTALK_APP_ID'], ENV['DINGTALK_APP_SECRET'] end ``` ## Contributing Bug reports and pull requests are welcome on GitLab at https://gitlab.com/gitlab-jh/jh-team/omniauth-dingtalk. ## License The gem is available as open source under the terms of the [MIT License](https://opensource.org/licenses/MIT). omniauth-dingtalk-oauth2-1.0.1/bin/0000755000004100000410000000000014256367660017147 5ustar www-datawww-dataomniauth-dingtalk-oauth2-1.0.1/bin/console0000755000004100000410000000015414256367660020537 0ustar www-datawww-data#!/usr/bin/env ruby require "bundler/setup" require "omniauth/dingtalk" require "irb" IRB.start(__FILE__) omniauth-dingtalk-oauth2-1.0.1/bin/setup0000755000004100000410000000011314256367660020230 0ustar www-datawww-data#!/usr/bin/env bash set -euo pipefail IFS=$'\n\t' set -vx bundle install omniauth-dingtalk-oauth2-1.0.1/.gitignore0000644000004100000410000000016614256367660020372 0ustar www-datawww-data/.bundle/ /.yardoc /_yardoc/ /coverage/ /doc/ /pkg/ /spec/reports/ /tmp/ # rspec failure tracking .rspec_status *.gemomniauth-dingtalk-oauth2-1.0.1/omniauth-dingtalk-oauth2.gemspec0000644000004100000410000000235714256367660024572 0ustar www-datawww-datarequire_relative 'lib/omniauth-dingtalk/version' Gem::Specification.new do |spec| spec.name = "omniauth-dingtalk-oauth2" spec.version = OmniAuth::Dingtalk::VERSION spec.authors = ["JiHu(GitLab)"] spec.email = ["dev@jihulab.com"] spec.summary = %q{Omniauth strategy for DingTalk} spec.description = %q{Wrapper the DingTalk Oauth2 API} spec.homepage = "https://gitlab.com/gitlab-jh/jh-team/omniauth-dingtalk" spec.license = "MIT" spec.metadata["homepage_uri"] = spec.homepage spec.metadata["source_code_uri"] = "https://gitlab.com/gitlab-jh/jh-team/omniauth-dingtalk" # Specify which files should be added to the gem when it is released. # The `git ls-files -z` loads the files in the RubyGem that have been added into git. spec.files = Dir.chdir(File.expand_path('..', __FILE__)) do `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(test|spec|features)/}) } end spec.bindir = "exe" spec.executables = spec.files.grep(%r{^exe/}) { |f| File.basename(f) } spec.require_paths = ["lib"] spec.add_runtime_dependency 'omniauth-oauth2', '~> 1.7' spec.add_development_dependency 'rake', '~> 12.0' spec.add_development_dependency 'rspec', '~> 3.0' end omniauth-dingtalk-oauth2-1.0.1/Rakefile0000644000004100000410000000016514256367660020046 0ustar www-datawww-datarequire "bundler/gem_tasks" require "rspec/core/rake_task" RSpec::Core::RakeTask.new(:spec) task :default => :spec omniauth-dingtalk-oauth2-1.0.1/lib/0000755000004100000410000000000014256367660017145 5ustar www-datawww-dataomniauth-dingtalk-oauth2-1.0.1/lib/omniauth-dingtalk/0000755000004100000410000000000014256367660022564 5ustar www-datawww-dataomniauth-dingtalk-oauth2-1.0.1/lib/omniauth-dingtalk/client/0000755000004100000410000000000014256367660024042 5ustar www-datawww-dataomniauth-dingtalk-oauth2-1.0.1/lib/omniauth-dingtalk/client/base.rb0000644000004100000410000000460614256367660025307 0ustar www-datawww-data# frozen_string_literal: true require 'openssl' require 'base64' require 'cgi' require 'json' module OmniAuth module Dingtalk module Client class Base < ::OAuth2::Client AUTHORIZE_URL = { 'qrcode' => '/connect/qrconnect', 'account' => '/connect/oauth2/sns_authorize' }.freeze GET_USER_INFO_BY_CODE_URL = '/sns/getuserinfo_bycode' GET_USER_ID_BY_UNIONID_URL = '/topapi/user/getbyunionid' GET_USER_INFO_BY_ID_URL = '/topapi/v2/user/get' def initialize(client_id, client_secret, options = {}, &block) opts = { authorize_url: AUTHORIZE_URL.fetch(options[:authorize_method].to_s, AUTHORIZE_URL['qrcode']), token_url: token_url, token_method: :get }.merge(options) super(client_id, client_secret, opts, &block) end def get_user_info_by_code(code) t = (Time.now.to_f * 1000).to_i.to_s raw_sign = Base64.encode64(OpenSSL::HMAC.digest('SHA256', secret, t)).strip sign = CGI.escape(raw_sign) url = "#{GET_USER_INFO_BY_CODE_URL}?accessKey=#{id}×tamp=#{t}&signature=#{sign}" request(:post, url, headers: { 'Content-Type' => 'application/json' }, body: { tmp_auth_code: code }.to_json ).parsed end def get_user_id_by_unionid(access_token, unionid) request(:post, GET_USER_ID_BY_UNIONID_URL, headers: { 'Content-Type' => 'application/json' }, body: { unionid: unionid }.to_json, params: { access_token: access_token } ).parsed end def get_user_info_by_id(access_token, id) request(:post, GET_USER_INFO_BY_ID_URL, headers: { 'Content-Type' => 'application/json' }, body: { userid: id }.to_json, params: { access_token: access_token } ).parsed end def get_user_info(params = {}) raise NotImplementedError end def token_url self.class.const_get(:TOKEN_URL) rescue nil end def token_params { appid: id, appsecret: secret } end def get_token(params, access_token_opts = {}, extract_access_token = options[:extract_access_token]) super(token_params.merge(params), access_token_opts, extract_access_token) end end end end end omniauth-dingtalk-oauth2-1.0.1/lib/omniauth-dingtalk/client/enterprise_internal.rb0000644000004100000410000000150214256367660030441 0ustar www-datawww-data# frozen_string_literal: true require 'omniauth-dingtalk/client/base' module OmniAuth module Dingtalk module Client class EnterpriseInternal < ::OmniAuth::Dingtalk::Client::Base TOKEN_URL = '/gettoken' def token_params { appkey: id, appsecret: secret } end def get_user_info(params = {}) resp = get_user_info_by_code(params[:code]) user_info = resp['user_info'] || {} return user_info if user_info['unionid'].to_s.empty? user_id = get_user_id_by_unionid(params[:access_token], user_info['unionid']).dig('result', 'userid') return user_info if user_id.to_s.empty? result = get_user_info_by_id(params[:access_token], user_id)['result'] user_info.merge(result || {}) end end end end end omniauth-dingtalk-oauth2-1.0.1/lib/omniauth-dingtalk/client/third_party_personal.rb0000644000004100000410000000061414256367660030624 0ustar www-datawww-data# frozen_string_literal: true require 'omniauth-dingtalk/client/base' module OmniAuth module Dingtalk module Client class ThirdPartyPersonal < ::OmniAuth::Dingtalk::Client::Base TOKEN_URL = '/sns/gettoken' def get_user_info(params = {}) resp = get_user_info_by_code(params[:code]) resp['user_info'] || {} end end end end end omniauth-dingtalk-oauth2-1.0.1/lib/omniauth-dingtalk/version.rb0000644000004100000410000000014114256367660024572 0ustar www-datawww-data# frozen_string_literal: true module OmniAuth module Dingtalk VERSION = '1.0.1' end end omniauth-dingtalk-oauth2-1.0.1/lib/omniauth-dingtalk/client.rb0000644000004100000410000000072014256367660024366 0ustar www-datawww-data# frozen_string_literal: true require 'omniauth-dingtalk/client/third_party_personal' require 'omniauth-dingtalk/client/enterprise_internal' module OmniAuth module Dingtalk module Client def self.get(client_type) case client_type.to_s when 'third_party_personal' ::OmniAuth::Dingtalk::Client::ThirdPartyPersonal else ::OmniAuth::Dingtalk::Client::EnterpriseInternal end end end end end omniauth-dingtalk-oauth2-1.0.1/lib/omniauth-dingtalk-oauth2.rb0000644000004100000410000000020414256367660024305 0ustar www-datawww-data# frozen_string_literal: true require 'omniauth-oauth2' require 'omniauth-dingtalk/version' require 'omniauth/strategies/dingtalk' omniauth-dingtalk-oauth2-1.0.1/lib/omniauth/0000755000004100000410000000000014256367660020771 5ustar www-datawww-dataomniauth-dingtalk-oauth2-1.0.1/lib/omniauth/strategies/0000755000004100000410000000000014256367660023143 5ustar www-datawww-dataomniauth-dingtalk-oauth2-1.0.1/lib/omniauth/strategies/dingtalk.rb0000644000004100000410000000361514256367660025272 0ustar www-datawww-data# frozen_string_literal: true require 'omniauth-dingtalk/client' module OmniAuth module Strategies class Dingtalk < OmniAuth::Strategies::OAuth2 option :name, 'dingtalk' option :client_options, { site: 'https://oapi.dingtalk.com', # one of qrcode, account, default is qrcode authorize_method: :qrcode } # one of enterprise_internal, third_party_personal, default is enterprise_internal option :client_type, :enterprise_internal # one of snsapi_login, snsapi_auth, default is snsapi_login option :authorize_params, scope: 'snsapi_login' uid do user_info['openid'] end info do { unionid: user_info['unionid'], ding_id: user_info['dingId'], name: user_info['nick'], username: user_info['nick'] }.merge(user_info) end extra do { raw_info: user_info } end def request_phase params = client.auth_code.authorize_params.merge(redirect_uri: callback_url).merge(authorize_params) params['appid'] = params.delete('client_id') redirect client.authorize_url(params) end protected def client ::OmniAuth::Dingtalk::Client.get(options.client_type).new( options.client_id, options.client_secret, deep_symbolize(options.client_options) ) end def build_access_token verifier = request.params['code'] access_token_options = { redirect_uri: callback_url }.merge(token_params.to_hash(symbolize_keys: true)) client.auth_code.get_token(verifier, access_token_options, deep_symbolize(options.auth_token_params)) end def user_info @user_info ||= client.get_user_info(code: request.params['code'], access_token: access_token.token) end end end end OmniAuth.config.add_camelization 'dingtalk', 'Dingtalk' omniauth-dingtalk-oauth2-1.0.1/Gemfile0000644000004100000410000000004714256367660017673 0ustar www-datawww-datasource "https://rubygems.org" gemspec omniauth-dingtalk-oauth2-1.0.1/LICENSE.txt0000644000004100000410000000206414256367660020224 0ustar www-datawww-dataThe MIT License (MIT) Copyright (c) 2021 jimcheung Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. omniauth-dingtalk-oauth2-1.0.1/.gitlab-ci.yml0000644000004100000410000000052114256367660021031 0ustar www-datawww-datastages: - test .base: image: ruby:2.7.5 cache: key: gems_and_packages paths: - apt-cache/ - vendor/ruby policy: pull before_script: - ruby -v - gem install bundler --no-document - bundle install --path=vendor/ruby test:rspec: extends: .base stage: test script: - bundle exec rspec