omniauth-github-1.4.0/0000755000004100000410000000000013624442655014663 5ustar www-datawww-dataomniauth-github-1.4.0/.rspec0000644000004100000410000000001113624442655015770 0ustar www-datawww-data--colour omniauth-github-1.4.0/README.md0000644000004100000410000000440613624442655016146 0ustar www-datawww-data![Ruby](https://github.com/omniauth/omniauth-github/workflows/Ruby/badge.svg?branch=master) # OmniAuth GitHub This is the official OmniAuth strategy for authenticating to GitHub. To use it, you'll need to sign up for an OAuth2 Application ID and Secret on the [GitHub Applications Page](https://github.com/settings/applications). ## Installation ```ruby gem 'omniauth-github', github: 'omniauth/omniauth-github', branch: 'master' ``` ## Basic Usage ```ruby use OmniAuth::Builder do provider :github, ENV['GITHUB_KEY'], ENV['GITHUB_SECRET'] end ``` ## Github Enterprise Usage ```ruby provider :github, ENV['GITHUB_KEY'], ENV['GITHUB_SECRET'], { :client_options => { :site => 'https://github.YOURDOMAIN.com/api/v3', :authorize_url => 'https://github.YOURDOMAIN.com/login/oauth/authorize', :token_url => 'https://github.YOURDOMAIN.com/login/oauth/access_token', } } ``` ## Scopes GitHub API v3 lets you set scopes to provide granular access to different types of data: ```ruby use OmniAuth::Builder do provider :github, ENV['GITHUB_KEY'], ENV['GITHUB_SECRET'], scope: "user,repo,gist" end ``` More info on [Scopes](http://developer.github.com/v3/oauth/#scopes). ## License Copyright (c) 2011 Michael Bleigh and Intridea, Inc. Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. omniauth-github-1.4.0/omniauth-github.gemspec0000644000004100000410000000204613624442655021336 0ustar www-datawww-data# -*- encoding: utf-8 -*- require File.expand_path('../lib/omniauth-github/version', __FILE__) Gem::Specification.new do |gem| gem.authors = ["Michael Bleigh"] gem.email = ["michael@intridea.com"] gem.description = %q{Official OmniAuth strategy for GitHub.} gem.summary = %q{Official OmniAuth strategy for GitHub.} gem.homepage = "https://github.com/intridea/omniauth-github" gem.license = "MIT" gem.executables = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) } gem.files = `git ls-files`.split("\n") gem.test_files = `git ls-files -- {test,spec,features}/*`.split("\n") gem.name = "omniauth-github" gem.require_paths = ["lib"] gem.version = OmniAuth::GitHub::VERSION gem.add_dependency 'omniauth', '~> 1.5' gem.add_dependency 'omniauth-oauth2', '>= 1.4.0', '< 2.0' gem.add_development_dependency 'rspec', '~> 3.5' gem.add_development_dependency 'rack-test' gem.add_development_dependency 'simplecov' gem.add_development_dependency 'webmock' end omniauth-github-1.4.0/spec/0000755000004100000410000000000013624442655015615 5ustar www-datawww-dataomniauth-github-1.4.0/spec/omniauth/0000755000004100000410000000000013624442655017441 5ustar www-datawww-dataomniauth-github-1.4.0/spec/omniauth/strategies/0000755000004100000410000000000013624442655021613 5ustar www-datawww-dataomniauth-github-1.4.0/spec/omniauth/strategies/github_spec.rb0000644000004100000410000001435513624442655024444 0ustar www-datawww-datarequire 'spec_helper' describe OmniAuth::Strategies::GitHub do let(:access_token) { instance_double('AccessToken', :options => {}, :[] => 'user') } let(:parsed_response) { instance_double('ParsedResponse') } let(:response) { instance_double('Response', :parsed => parsed_response) } let(:enterprise_site) { 'https://some.other.site.com/api/v3' } let(:enterprise_authorize_url) { 'https://some.other.site.com/login/oauth/authorize' } let(:enterprise_token_url) { 'https://some.other.site.com/login/oauth/access_token' } let(:enterprise) do OmniAuth::Strategies::GitHub.new('GITHUB_KEY', 'GITHUB_SECRET', { :client_options => { :site => enterprise_site, :authorize_url => enterprise_authorize_url, :token_url => enterprise_token_url } } ) end subject do OmniAuth::Strategies::GitHub.new({}) end before(:each) do allow(subject).to receive(:access_token).and_return(access_token) end context 'client options' do it 'should have correct site' do expect(subject.options.client_options.site).to eq('https://api.github.com') end it 'should have correct authorize url' do expect(subject.options.client_options.authorize_url).to eq('https://github.com/login/oauth/authorize') end it 'should have correct token url' do expect(subject.options.client_options.token_url).to eq('https://github.com/login/oauth/access_token') end describe 'should be overrideable' do it 'for site' do expect(enterprise.options.client_options.site).to eq(enterprise_site) end it 'for authorize url' do expect(enterprise.options.client_options.authorize_url).to eq(enterprise_authorize_url) end it 'for token url' do expect(enterprise.options.client_options.token_url).to eq(enterprise_token_url) end end end context '#email_access_allowed?' do it 'should not allow email if scope is nil' do expect(subject.options['scope']).to be_nil expect(subject).to_not be_email_access_allowed end it 'should allow email if scope is user' do subject.options['scope'] = 'user' expect(subject).to be_email_access_allowed end it 'should allow email if scope is a bunch of stuff including user' do subject.options['scope'] = 'public_repo,user,repo,delete_repo,gist' expect(subject).to be_email_access_allowed end it 'should not allow email if scope does not grant email access' do subject.options['scope'] = 'repo,user:follow' expect(subject).to_not be_email_access_allowed end it 'should assume email access not allowed if scope is something currently not documented' do subject.options['scope'] = 'currently_not_documented' expect(subject).to_not be_email_access_allowed end end context '#email' do it 'should return email from raw_info if available' do allow(subject).to receive(:raw_info).and_return({ 'email' => 'you@example.com' }) expect(subject.email).to eq('you@example.com') end it 'should return nil if there is no raw_info and email access is not allowed' do allow(subject).to receive(:raw_info).and_return({}) expect(subject.email).to be_nil end it 'should not return the primary email if there is no raw_info and email access is allowed' do emails = [ { 'email' => 'secondary@example.com', 'primary' => false }, { 'email' => 'primary@example.com', 'primary' => true } ] allow(subject).to receive(:raw_info).and_return({}) subject.options['scope'] = 'user' allow(subject).to receive(:emails).and_return(emails) expect(subject.email).to be_nil end it 'should not return the first email if there is no raw_info and email access is allowed' do emails = [ { 'email' => 'first@example.com', 'primary' => false }, { 'email' => 'second@example.com', 'primary' => false } ] allow(subject).to receive(:raw_info).and_return({}) subject.options['scope'] = 'user' allow(subject).to receive(:emails).and_return(emails) expect(subject.email).to be_nil end end context '#raw_info' do it 'should use relative paths' do expect(access_token).to receive(:get).with('user').and_return(response) expect(subject.raw_info).to eq(parsed_response) end it 'should use the header auth mode' do expect(access_token).to receive(:get).with('user').and_return(response) subject.raw_info expect(access_token.options[:mode]).to eq(:header) end end context '#emails' do it 'should use relative paths' do expect(access_token).to receive(:get).with('user/emails', :headers => { 'Accept' => 'application/vnd.github.v3' }).and_return(response) subject.options['scope'] = 'user' expect(subject.emails).to eq(parsed_response) end it 'should use the header auth mode' do expect(access_token).to receive(:get).with('user/emails', :headers => { 'Accept' => 'application/vnd.github.v3' }).and_return(response) subject.options['scope'] = 'user' subject.emails expect(access_token.options[:mode]).to eq(:header) end end context '#info.email' do it 'should use any available email' do allow(subject).to receive(:raw_info).and_return({}) allow(subject).to receive(:email).and_return('you@example.com') expect(subject.info['email']).to eq('you@example.com') end end context '#info.urls' do it 'should use html_url from raw_info' do allow(subject).to receive(:raw_info).and_return({ 'login' => 'me', 'html_url' => 'http://enterprise/me' }) expect(subject.info['urls']['GitHub']).to eq('http://enterprise/me') end end context '#extra.scope' do it 'returns the scope on the returned access_token' do expect(subject.scope).to eq('user') end end describe '#callback_url' do it 'is a combination of host, script name, and callback path' do allow(subject).to receive(:full_host).and_return('https://example.com') allow(subject).to receive(:script_name).and_return('/sub_uri') expect(subject.callback_url).to eq('https://example.com/sub_uri/auth/github/callback') end end end omniauth-github-1.4.0/spec/spec_helper.rb0000644000004100000410000000062513624442655020436 0ustar www-datawww-data$:.unshift File.expand_path('..', __FILE__) $:.unshift File.expand_path('../../lib', __FILE__) require 'simplecov' SimpleCov.start require 'rspec' require 'rack/test' require 'webmock/rspec' require 'omniauth' require 'omniauth-github' RSpec.configure do |config| config.include WebMock::API config.include Rack::Test::Methods config.extend OmniAuth::Test::StrategyMacros, :type => :strategy end omniauth-github-1.4.0/.gitignore0000644000004100000410000000023313624442655016651 0ustar www-datawww-data*.gem *.rbc .bundle .config .yardoc Gemfile.lock InstalledFiles _yardoc coverage doc/ lib/bundler/man /pkg rdoc spec/reports test/tmp test/version_tmp tmp omniauth-github-1.4.0/Rakefile0000644000004100000410000000022313624442655016325 0ustar www-datawww-data#!/usr/bin/env rake require "bundler/gem_tasks" require 'rspec/core/rake_task' RSpec::Core::RakeTask.new desc 'Run specs' task :default => :spec omniauth-github-1.4.0/lib/0000755000004100000410000000000013624442655015431 5ustar www-datawww-dataomniauth-github-1.4.0/lib/omniauth-github/0000755000004100000410000000000013624442655020535 5ustar www-datawww-dataomniauth-github-1.4.0/lib/omniauth-github/version.rb0000644000004100000410000000010013624442655022536 0ustar www-datawww-datamodule OmniAuth module GitHub VERSION = "1.4.0" end end omniauth-github-1.4.0/lib/omniauth/0000755000004100000410000000000013624442655017255 5ustar www-datawww-dataomniauth-github-1.4.0/lib/omniauth/strategies/0000755000004100000410000000000013624442655021427 5ustar www-datawww-dataomniauth-github-1.4.0/lib/omniauth/strategies/github.rb0000644000004100000410000000423513624442655023242 0ustar www-datawww-datarequire 'omniauth-oauth2' module OmniAuth module Strategies class GitHub < OmniAuth::Strategies::OAuth2 option :client_options, { :site => 'https://api.github.com', :authorize_url => 'https://github.com/login/oauth/authorize', :token_url => 'https://github.com/login/oauth/access_token' } def request_phase super end def authorize_params super.tap do |params| %w[scope client_options].each do |v| if request.params[v] params[v.to_sym] = request.params[v] end end end end uid { raw_info['id'].to_s } info do { 'nickname' => raw_info['login'], 'email' => email, 'name' => raw_info['name'], 'image' => raw_info['avatar_url'], 'urls' => { 'GitHub' => raw_info['html_url'], 'Blog' => raw_info['blog'], }, } end extra do {:raw_info => raw_info, :all_emails => emails, :scope => scope } end def raw_info access_token.options[:mode] = :header @raw_info ||= access_token.get('user').parsed end def email (email_access_allowed?) ? primary_email : raw_info['email'] end def scope access_token['scope'] end def primary_email primary = emails.find{ |i| i['primary'] && i['verified'] } primary && primary['email'] || nil end # The new /user/emails API - http://developer.github.com/v3/users/emails/#future-response def emails return [] unless email_access_allowed? access_token.options[:mode] = :header @emails ||= access_token.get('user/emails', :headers => { 'Accept' => 'application/vnd.github.v3' }).parsed end def email_access_allowed? return false unless options['scope'] email_scopes = ['user', 'user:email'] scopes = options['scope'].split(',') (scopes & email_scopes).any? end def callback_url full_host + script_name + callback_path end end end end OmniAuth.config.add_camelization 'github', 'GitHub' omniauth-github-1.4.0/lib/omniauth-github.rb0000644000004100000410000000010713624442655021060 0ustar www-datawww-datarequire "omniauth-github/version" require 'omniauth/strategies/github' omniauth-github-1.4.0/Guardfile0000644000004100000410000000037413624442655016514 0ustar www-datawww-dataguard 'rspec', :version => 2 do watch(%r{^spec/.+_spec\.rb$}) watch(%r{^lib/(.+)\.rb$}) { |m| "spec/#{m[1]}_spec.rb" } watch('spec/spec_helper.rb') { "spec" } end guard 'bundler' do watch('Gemfile') watch('omniauth-github.gemspec') end omniauth-github-1.4.0/Gemfile0000644000004100000410000000035413624442655016160 0ustar www-datawww-datasource 'https://rubygems.org' # Specify your gem's dependencies in omniauth-github.gemspec gemspec group :development, :test do gem 'guard' gem 'guard-rspec' gem 'guard-bundler' gem 'rb-fsevent' gem 'growl' gem 'rake' end omniauth-github-1.4.0/.github/0000755000004100000410000000000013624442655016223 5ustar www-datawww-dataomniauth-github-1.4.0/.github/workflows/0000755000004100000410000000000013624442655020260 5ustar www-datawww-dataomniauth-github-1.4.0/.github/workflows/ruby.yml0000644000004100000410000000073013624442655021764 0ustar www-datawww-dataname: Ruby on: [push] jobs: test: runs-on: ubuntu-latest strategy: matrix: ruby-version: ['2.4', '2.5', '2.6'] steps: - uses: actions/checkout@v2 - name: Set up Ruby ${{ matrix.ruby-version }} uses: actions/setup-ruby@v1 with: ruby-version: ${{ matrix.ruby-version }} - name: Build and test with Rake run: | gem install bundler bundle install --jobs 4 --retry 3 bundle exec rake omniauth-github-1.4.0/LICENSE.txt0000644000004100000410000000206413624442655016510 0ustar www-datawww-dataCopyright (c) 2011 Michael Bleigh and Intridea, Inc. Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.