omniauth-github-2.0.1/0000755000004100000410000000000014327653024014654 5ustar www-datawww-dataomniauth-github-2.0.1/.rspec0000644000004100000410000000001114327653024015761 0ustar www-datawww-data--colour omniauth-github-2.0.1/README.md0000644000004100000410000000527114327653024016140 0ustar www-datawww-data![Ruby](https://github.com/omniauth/omniauth-github/workflows/Ruby/badge.svg?branch=master) # OmniAuth GitHub This is the official OmniAuth strategy for authenticating to GitHub. To use it, you'll need to sign up for an OAuth2 Application ID and Secret on the [GitHub Applications Page](https://github.com/settings/applications). ## Installation ```ruby gem 'omniauth-github', github: 'omniauth/omniauth-github', branch: 'master' ``` ## Basic Usage ```ruby use OmniAuth::Builder do provider :github, ENV['GITHUB_KEY'], ENV['GITHUB_SECRET'] end ``` ## Basic Usage Rails In `config/initializers/github.rb` ```ruby Rails.application.config.middleware.use OmniAuth::Builder do provider :github, ENV['GITHUB_KEY'], ENV['GITHUB_SECRET'] end ``` ## Github Enterprise Usage ```ruby provider :github, ENV['GITHUB_KEY'], ENV['GITHUB_SECRET'], { :client_options => { :site => 'https://github.YOURDOMAIN.com/api/v3', :authorize_url => 'https://github.YOURDOMAIN.com/login/oauth/authorize', :token_url => 'https://github.YOURDOMAIN.com/login/oauth/access_token', } } ``` ## Scopes GitHub API v3 lets you set scopes to provide granular access to different types of data: ```ruby use OmniAuth::Builder do provider :github, ENV['GITHUB_KEY'], ENV['GITHUB_SECRET'], scope: "user,repo,gist" end ``` More info on [Scopes](https://docs.github.com/en/developers/apps/scopes-for-oauth-apps). ## Semver This project adheres to Semantic Versioning 2.0.0. Any violations of this scheme are considered to be bugs. All changes will be tracked [here](https://github.com/omniauth/omniauth-github/releases). ## License Copyright (c) 2011 Michael Bleigh and Intridea, Inc. Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. omniauth-github-2.0.1/omniauth-github.gemspec0000644000004100000410000000203314327653024021323 0ustar www-datawww-data# -*- encoding: utf-8 -*- require File.expand_path('../lib/omniauth-github/version', __FILE__) Gem::Specification.new do |gem| gem.authors = ["Michael Bleigh"] gem.email = ["michael@intridea.com"] gem.description = %q{Official OmniAuth strategy for GitHub.} gem.summary = %q{Official OmniAuth strategy for GitHub.} gem.homepage = "https://github.com/intridea/omniauth-github" gem.license = "MIT" gem.executables = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) } gem.files = `git ls-files`.split("\n") gem.test_files = `git ls-files -- {test,spec,features}/*`.split("\n") gem.name = "omniauth-github" gem.require_paths = ["lib"] gem.version = OmniAuth::GitHub::VERSION gem.add_dependency 'omniauth', '~> 2.0' gem.add_dependency 'omniauth-oauth2', '~> 1.8' gem.add_development_dependency 'rspec', '~> 3.5' gem.add_development_dependency 'rack-test' gem.add_development_dependency 'simplecov' gem.add_development_dependency 'webmock' end omniauth-github-2.0.1/spec/0000755000004100000410000000000014327653024015606 5ustar www-datawww-dataomniauth-github-2.0.1/spec/omniauth/0000755000004100000410000000000014327653024017432 5ustar www-datawww-dataomniauth-github-2.0.1/spec/omniauth/strategies/0000755000004100000410000000000014327653024021604 5ustar www-datawww-dataomniauth-github-2.0.1/spec/omniauth/strategies/github_spec.rb0000644000004100000410000001435514327653024024435 0ustar www-datawww-datarequire 'spec_helper' describe OmniAuth::Strategies::GitHub do let(:access_token) { instance_double('AccessToken', :options => {}, :[] => 'user') } let(:parsed_response) { instance_double('ParsedResponse') } let(:response) { instance_double('Response', :parsed => parsed_response) } let(:enterprise_site) { 'https://some.other.site.com/api/v3' } let(:enterprise_authorize_url) { 'https://some.other.site.com/login/oauth/authorize' } let(:enterprise_token_url) { 'https://some.other.site.com/login/oauth/access_token' } let(:enterprise) do OmniAuth::Strategies::GitHub.new('GITHUB_KEY', 'GITHUB_SECRET', { :client_options => { :site => enterprise_site, :authorize_url => enterprise_authorize_url, :token_url => enterprise_token_url } } ) end subject do OmniAuth::Strategies::GitHub.new({}) end before(:each) do allow(subject).to receive(:access_token).and_return(access_token) end context 'client options' do it 'should have correct site' do expect(subject.options.client_options.site).to eq('https://api.github.com') end it 'should have correct authorize url' do expect(subject.options.client_options.authorize_url).to eq('https://github.com/login/oauth/authorize') end it 'should have correct token url' do expect(subject.options.client_options.token_url).to eq('https://github.com/login/oauth/access_token') end describe 'should be overrideable' do it 'for site' do expect(enterprise.options.client_options.site).to eq(enterprise_site) end it 'for authorize url' do expect(enterprise.options.client_options.authorize_url).to eq(enterprise_authorize_url) end it 'for token url' do expect(enterprise.options.client_options.token_url).to eq(enterprise_token_url) end end end context '#email_access_allowed?' do it 'should not allow email if scope is nil' do expect(subject.options['scope']).to be_nil expect(subject).to_not be_email_access_allowed end it 'should allow email if scope is user' do subject.options['scope'] = 'user' expect(subject).to be_email_access_allowed end it 'should allow email if scope is a bunch of stuff including user' do subject.options['scope'] = 'public_repo,user,repo,delete_repo,gist' expect(subject).to be_email_access_allowed end it 'should not allow email if scope does not grant email access' do subject.options['scope'] = 'repo,user:follow' expect(subject).to_not be_email_access_allowed end it 'should assume email access not allowed if scope is something currently not documented' do subject.options['scope'] = 'currently_not_documented' expect(subject).to_not be_email_access_allowed end end context '#email' do it 'should return email from raw_info if available' do allow(subject).to receive(:raw_info).and_return({ 'email' => 'you@example.com' }) expect(subject.email).to eq('you@example.com') end it 'should return nil if there is no raw_info and email access is not allowed' do allow(subject).to receive(:raw_info).and_return({}) expect(subject.email).to be_nil end it 'should not return the primary email if there is no raw_info and email access is allowed' do emails = [ { 'email' => 'secondary@example.com', 'primary' => false }, { 'email' => 'primary@example.com', 'primary' => true } ] allow(subject).to receive(:raw_info).and_return({}) subject.options['scope'] = 'user' allow(subject).to receive(:emails).and_return(emails) expect(subject.email).to be_nil end it 'should not return the first email if there is no raw_info and email access is allowed' do emails = [ { 'email' => 'first@example.com', 'primary' => false }, { 'email' => 'second@example.com', 'primary' => false } ] allow(subject).to receive(:raw_info).and_return({}) subject.options['scope'] = 'user' allow(subject).to receive(:emails).and_return(emails) expect(subject.email).to be_nil end end context '#raw_info' do it 'should use relative paths' do expect(access_token).to receive(:get).with('user').and_return(response) expect(subject.raw_info).to eq(parsed_response) end it 'should use the header auth mode' do expect(access_token).to receive(:get).with('user').and_return(response) subject.raw_info expect(access_token.options[:mode]).to eq(:header) end end context '#emails' do it 'should use relative paths' do expect(access_token).to receive(:get).with('user/emails', :headers => { 'Accept' => 'application/vnd.github.v3' }).and_return(response) subject.options['scope'] = 'user' expect(subject.emails).to eq(parsed_response) end it 'should use the header auth mode' do expect(access_token).to receive(:get).with('user/emails', :headers => { 'Accept' => 'application/vnd.github.v3' }).and_return(response) subject.options['scope'] = 'user' subject.emails expect(access_token.options[:mode]).to eq(:header) end end context '#info.email' do it 'should use any available email' do allow(subject).to receive(:raw_info).and_return({}) allow(subject).to receive(:email).and_return('you@example.com') expect(subject.info['email']).to eq('you@example.com') end end context '#info.urls' do it 'should use html_url from raw_info' do allow(subject).to receive(:raw_info).and_return({ 'login' => 'me', 'html_url' => 'http://enterprise/me' }) expect(subject.info['urls']['GitHub']).to eq('http://enterprise/me') end end context '#extra.scope' do it 'returns the scope on the returned access_token' do expect(subject.scope).to eq('user') end end describe '#callback_url' do it 'is a combination of host, script name, and callback path' do allow(subject).to receive(:full_host).and_return('https://example.com') allow(subject).to receive(:script_name).and_return('/sub_uri') expect(subject.callback_url).to eq('https://example.com/sub_uri/auth/github/callback') end end end omniauth-github-2.0.1/spec/spec_helper.rb0000644000004100000410000000062514327653024020427 0ustar www-datawww-data$:.unshift File.expand_path('..', __FILE__) $:.unshift File.expand_path('../../lib', __FILE__) require 'simplecov' SimpleCov.start require 'rspec' require 'rack/test' require 'webmock/rspec' require 'omniauth' require 'omniauth-github' RSpec.configure do |config| config.include WebMock::API config.include Rack::Test::Methods config.extend OmniAuth::Test::StrategyMacros, :type => :strategy end omniauth-github-2.0.1/.gitignore0000644000004100000410000000023314327653024016642 0ustar www-datawww-data*.gem *.rbc .bundle .config .yardoc Gemfile.lock InstalledFiles _yardoc coverage doc/ lib/bundler/man /pkg rdoc spec/reports test/tmp test/version_tmp tmp omniauth-github-2.0.1/Rakefile0000644000004100000410000000022314327653024016316 0ustar www-datawww-data#!/usr/bin/env rake require "bundler/gem_tasks" require 'rspec/core/rake_task' RSpec::Core::RakeTask.new desc 'Run specs' task :default => :spec omniauth-github-2.0.1/lib/0000755000004100000410000000000014327653024015422 5ustar www-datawww-dataomniauth-github-2.0.1/lib/omniauth-github/0000755000004100000410000000000014327653024020526 5ustar www-datawww-dataomniauth-github-2.0.1/lib/omniauth-github/version.rb0000644000004100000410000000010014327653024022527 0ustar www-datawww-datamodule OmniAuth module GitHub VERSION = "2.0.1" end end omniauth-github-2.0.1/lib/omniauth/0000755000004100000410000000000014327653024017246 5ustar www-datawww-dataomniauth-github-2.0.1/lib/omniauth/strategies/0000755000004100000410000000000014327653024021420 5ustar www-datawww-dataomniauth-github-2.0.1/lib/omniauth/strategies/github.rb0000644000004100000410000000421714327653024023233 0ustar www-datawww-datarequire 'omniauth-oauth2' module OmniAuth module Strategies class GitHub < OmniAuth::Strategies::OAuth2 option :client_options, { :site => 'https://api.github.com', :authorize_url => 'https://github.com/login/oauth/authorize', :token_url => 'https://github.com/login/oauth/access_token' } def request_phase super end def authorize_params super.tap do |params| %w[scope client_options].each do |v| if request.params[v] params[v.to_sym] = request.params[v] end end end end uid { raw_info['id'].to_s } info do { 'nickname' => raw_info['login'], 'email' => email, 'name' => raw_info['name'], 'image' => raw_info['avatar_url'], 'urls' => { 'GitHub' => raw_info['html_url'], 'Blog' => raw_info['blog'], }, } end extra do {:raw_info => raw_info, :all_emails => emails, :scope => scope } end def raw_info access_token.options[:mode] = :header @raw_info ||= access_token.get('user').parsed end def email (email_access_allowed?) ? primary_email : raw_info['email'] end def scope access_token['scope'] end def primary_email primary = emails.find{ |i| i['primary'] && i['verified'] } primary && primary['email'] || nil end # The new /user/emails API - http://developer.github.com/v3/users/emails/#future-response def emails return [] unless email_access_allowed? access_token.options[:mode] = :header @emails ||= access_token.get('user/emails', :headers => { 'Accept' => 'application/vnd.github.v3' }).parsed end def email_access_allowed? return false unless options['scope'] email_scopes = ['user', 'user:email'] scopes = options['scope'].split(',') (scopes & email_scopes).any? end def callback_url full_host + callback_path end end end end OmniAuth.config.add_camelization 'github', 'GitHub' omniauth-github-2.0.1/lib/omniauth-github.rb0000644000004100000410000000010714327653024021051 0ustar www-datawww-datarequire "omniauth-github/version" require 'omniauth/strategies/github' omniauth-github-2.0.1/Guardfile0000644000004100000410000000037414327653024016505 0ustar www-datawww-dataguard 'rspec', :version => 2 do watch(%r{^spec/.+_spec\.rb$}) watch(%r{^lib/(.+)\.rb$}) { |m| "spec/#{m[1]}_spec.rb" } watch('spec/spec_helper.rb') { "spec" } end guard 'bundler' do watch('Gemfile') watch('omniauth-github.gemspec') end omniauth-github-2.0.1/Gemfile0000644000004100000410000000035414327653024016151 0ustar www-datawww-datasource 'https://rubygems.org' # Specify your gem's dependencies in omniauth-github.gemspec gemspec group :development, :test do gem 'guard' gem 'guard-rspec' gem 'guard-bundler' gem 'rb-fsevent' gem 'growl' gem 'rake' end omniauth-github-2.0.1/.github/0000755000004100000410000000000014327653024016214 5ustar www-datawww-dataomniauth-github-2.0.1/.github/workflows/0000755000004100000410000000000014327653024020251 5ustar www-datawww-dataomniauth-github-2.0.1/.github/workflows/ruby.yml0000644000004100000410000000110114327653024021746 0ustar www-datawww-dataname: Ruby on: push: branches: [ master ] pull_request: branches: [ master ] jobs: test: runs-on: ubuntu-latest strategy: matrix: ruby-version: ['2.4', '2.5', '2.6', '2.7', '3.0', '3.1', 'truffleruby-head'] steps: - uses: actions/checkout@v2 - name: Set up Ruby ${{ matrix.ruby-version }} uses: ruby/setup-ruby@v1 with: ruby-version: ${{ matrix.ruby-version }} - name: Build and test with Rake run: | gem install bundler bundle install --jobs 4 --retry 3 bundle exec rake omniauth-github-2.0.1/LICENSE.txt0000644000004100000410000000206414327653024016501 0ustar www-datawww-dataCopyright (c) 2011 Michael Bleigh and Intridea, Inc. Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.