omniauth-oauth-1.2.0/0000755000004100000410000000000014016221047014501 5ustar www-datawww-dataomniauth-oauth-1.2.0/.travis.yml0000644000004100000410000000055114016221047016613 0ustar www-datawww-databefore_install: gem install bundler env: global: - JRUBY_OPTS="$JRUBY_OPTS --debug" language: ruby rvm: - 2.3 - 2.4 - 2.5 - 2.6 - 2.7 - 3.0 - jruby-18mode - jruby-19mode - jruby-head - rbx-2 - ruby-head matrix: allow_failures: - rvm: jruby-head - rvm: ruby-head - rvm: rbx-2 # TODO: Fix fast_finish: true sudo: false omniauth-oauth-1.2.0/.rspec0000644000004100000410000000003214016221047015611 0ustar www-datawww-data--color --format=progress omniauth-oauth-1.2.0/README.md0000644000004100000410000000261114016221047015760 0ustar www-datawww-data# OmniAuth OAuth This gem contains a generic OAuth strategy for OmniAuth. It is meant to serve as a building block strategy for other strategies and not to be used independently (since it has no inherent way to gather uid and user info). ## Creating an OAuth Strategy To create an OmniAuth OAuth strategy using this gem, you can simply subclass it and add a few extra methods like so: ```ruby require 'json' require 'omniauth-oauth' module OmniAuth module Strategies class SomeSite < OmniAuth::Strategies::OAuth # Give your strategy a name. option :name, "some_site" # This is where you pass the options you would pass when # initializing your consumer from the OAuth gem. option :client_options, {:site => "https://api.somesite.com"} # These are called after authentication has succeeded. If # possible, you should try to set the UID without making # additional calls (if the user id is returned with the token # or as a URI parameter). This may not be possible with all # providers. uid{ request.params['user_id'] } info do { :name => raw_info['name'], :location => raw_info['city'] } end extra do { 'raw_info' => raw_info } end def raw_info @raw_info ||= JSON.load(access_token.get('/me.json')).body end end end end ``` omniauth-oauth-1.2.0/LICENSE.md0000644000004100000410000000211114016221047016100 0ustar www-datawww-dataCopyright (C) 2014 Michael Bleigh, Erik Michaels-Ober and Intridea, Inc. Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. omniauth-oauth-1.2.0/spec/0000755000004100000410000000000014016221047015433 5ustar www-datawww-dataomniauth-oauth-1.2.0/spec/helper.rb0000644000004100000410000000104514016221047017237 0ustar www-datawww-data$LOAD_PATH.unshift File.expand_path("..", __FILE__) $LOAD_PATH.unshift File.expand_path("../../lib", __FILE__) require "simplecov" SimpleCov.start do minimum_coverage(89.79) end require "rspec" require "rack/test" require "webmock/rspec" require "omniauth" require "omniauth-oauth" OmniAuth.config.request_validation_phase = nil RSpec.configure do |config| config.include WebMock::API config.include Rack::Test::Methods config.extend OmniAuth::Test::StrategyMacros, :type => :strategy end OmniAuth.config.logger = Logger.new("/dev/null") omniauth-oauth-1.2.0/spec/omniauth/0000755000004100000410000000000014016221047017257 5ustar www-datawww-dataomniauth-oauth-1.2.0/spec/omniauth/strategies/0000755000004100000410000000000014016221047021431 5ustar www-datawww-dataomniauth-oauth-1.2.0/spec/omniauth/strategies/oauth_spec.rb0000644000004100000410000001452614016221047024120 0ustar www-datawww-datarequire "helper" describe "OmniAuth::Strategies::OAuth" do class MyOAuthProvider < OmniAuth::Strategies::OAuth uid { access_token.token } info { {"name" => access_token.token} } end def app Rack::Builder.new do use OmniAuth::Test::PhonySession use OmniAuth::Builder do provider MyOAuthProvider, "abc", "def", :client_options => {:site => "https://api.example.org"}, :name => "example.org" provider MyOAuthProvider, "abc", "def", :client_options => {:site => "https://api.example.org"}, :authorize_params => {:abc => "def"}, :name => "example.org_with_authorize_params" provider MyOAuthProvider, "abc", "def", :client_options => {:site => "https://api.example.org"}, :request_params => {:scope => "http://foobar.example.org"}, :name => "example.org_with_request_params" end run lambda { |env| [404, {"Content-Type" => "text/plain"}, [env.key?("omniauth.auth").to_s]] } end.to_app end def session last_request.env["rack.session"] end before do stub_request(:post, "https://api.example.org/oauth/request_token"). to_return(:body => "oauth_token=yourtoken&oauth_token_secret=yoursecret&oauth_callback_confirmed=true") end it "should add a camelization for itself" do expect(OmniAuth::Utils.camelize("oauth")).to eq("OAuth") end describe "/auth/{name}" do context "successful" do before do post "/auth/example.org" end it "should redirect to authorize_url" do expect(last_response).to be_redirect expect(last_response.headers["Location"]).to eq("https://api.example.org/oauth/authorize?oauth_token=yourtoken") end it "should redirect to authorize_url with authorize_params when set" do post "/auth/example.org_with_authorize_params" expect(last_response).to be_redirect expect([ "https://api.example.org/oauth/authorize?abc=def&oauth_token=yourtoken", "https://api.example.org/oauth/authorize?oauth_token=yourtoken&abc=def", ]).to be_include(last_response.headers["Location"]) end it "should set appropriate session variables" do expect(session["oauth"]).to eq("example.org" => {"callback_confirmed" => true, "request_token" => "yourtoken", "request_secret" => "yoursecret"}) end it "should pass request_params to get_request_token" do post "/auth/example.org_with_request_params" expect(WebMock).to have_requested(:post, "https://api.example.org/oauth/request_token"). with { |req| req.body == "scope=http%3A%2F%2Ffoobar.example.org" } end end context "unsuccessful" do before do stub_request(:post, "https://api.example.org/oauth/request_token"). to_raise(::Net::HTTPFatalError.new('502 "Bad Gateway"', nil)) post "/auth/example.org" end it "should call fail! with :service_unavailable" do expect(last_request.env["omniauth.error"]).to be_kind_of(::Net::HTTPFatalError) last_request.env["omniauth.error.type"] = :service_unavailable end context "SSL failure" do before do stub_request(:post, "https://api.example.org/oauth/request_token"). to_raise(::OpenSSL::SSL::SSLError.new("SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed")) post "/auth/example.org" end it "should call fail! with :service_unavailable" do expect(last_request.env["omniauth.error"]).to be_kind_of(::OpenSSL::SSL::SSLError) last_request.env["omniauth.error.type"] = :service_unavailable end end end end describe "/auth/{name}/callback" do before do stub_request(:post, "https://api.example.org/oauth/access_token"). to_return(:body => "oauth_token=yourtoken&oauth_token_secret=yoursecret") get "/auth/example.org/callback", {:oauth_verifier => "dudeman"}, "rack.session" => {"oauth" => {"example.org" => {"callback_confirmed" => true, "request_token" => "yourtoken", "request_secret" => "yoursecret"}}} end it "should exchange the request token for an access token" do expect(last_request.env["omniauth.auth"]["provider"]).to eq("example.org") expect(last_request.env["omniauth.auth"]["extra"]["access_token"]).to be_kind_of(OAuth::AccessToken) end it "should call through to the master app" do expect(last_response.body).to eq("true") end context "bad gateway (or any 5xx) for access_token" do before do stub_request(:post, "https://api.example.org/oauth/access_token") . to_raise(::Net::HTTPFatalError.new('502 "Bad Gateway"', nil)) get "/auth/example.org/callback", {:oauth_verifier => "dudeman"}, "rack.session" => {"oauth" => {"example.org" => {"callback_confirmed" => true, "request_token" => "yourtoken", "request_secret" => "yoursecret"}}} end it "should call fail! with :service_unavailable" do expect(last_request.env["omniauth.error"]).to be_kind_of(::Net::HTTPFatalError) last_request.env["omniauth.error.type"] = :service_unavailable end end context "SSL failure" do before do stub_request(:post, "https://api.example.org/oauth/access_token") . to_raise(::OpenSSL::SSL::SSLError.new("SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed")) get "/auth/example.org/callback", {:oauth_verifier => "dudeman"}, "rack.session" => {"oauth" => {"example.org" => {"callback_confirmed" => true, "request_token" => "yourtoken", "request_secret" => "yoursecret"}}} end it "should call fail! with :service_unavailable" do expect(last_request.env["omniauth.error"]).to be_kind_of(::OpenSSL::SSL::SSLError) last_request.env["omniauth.error.type"] = :service_unavailable end end end describe "/auth/{name}/callback with expired session" do before do stub_request(:post, "https://api.example.org/oauth/access_token"). to_return(:body => "oauth_token=yourtoken&oauth_token_secret=yoursecret") get "/auth/example.org/callback", {:oauth_verifier => "dudeman"}, "rack.session" => {} end it "should call fail! with :session_expired" do expect(last_request.env["omniauth.error"]).to be_kind_of(::OmniAuth::NoSessionError) last_request.env["omniauth.error.type"] = :session_expired end end end omniauth-oauth-1.2.0/.rubocop.yml0000644000004100000410000000155214016221047016756 0ustar www-datawww-dataMetrics/AbcSize: Enabled: false Metrics/BlockNesting: Max: 2 Metrics/LineLength: AllowURI: true Enabled: false Metrics/MethodLength: CountComments: false Max: 10 Metrics/ParameterLists: Max: 4 CountKeywordArgs: true Style/AccessModifierIndentation: EnforcedStyle: outdent Style/CollectionMethods: PreferredMethods: map: 'collect' reduce: 'inject' find: 'detect' find_all: 'select' Style/Documentation: Enabled: false Style/DotPosition: EnforcedStyle: trailing Style/DoubleNegation: Enabled: false Style/FileName: Exclude: - 'lib/omniauth-oauth.rb' Style/HashSyntax: EnforcedStyle: hash_rockets Style/Lambda: Enabled: false Style/SpaceInsideHashLiteralBraces: EnforcedStyle: no_space Style/StringLiterals: EnforcedStyle: double_quotes Style/TrailingComma: EnforcedStyleForMultiline: 'comma' omniauth-oauth-1.2.0/omniauth-oauth.gemspec0000644000004100000410000000152114016221047021007 0ustar www-datawww-datarequire File.expand_path("../lib/omniauth-oauth/version", __FILE__) Gem::Specification.new do |gem| gem.authors = ["Michael Bleigh", "Erik Michaels-Ober"] gem.email = ["michael@intridea.com", "sferik@gmail.com"] gem.description = "A generic OAuth (1.0/1.0a) strategy for OmniAuth." gem.summary = gem.description gem.homepage = "https://github.com/intridea/omniauth-oauth" gem.license = "MIT" gem.add_dependency "omniauth", ">= 1.0", "< 3" gem.add_dependency "oauth" gem.executables = `git ls-files -- bin/*`.split("\n").map { |f| File.basename(f) } gem.files = `git ls-files`.split("\n") gem.test_files = `git ls-files -- {test,spec,features}/*`.split("\n") gem.name = "omniauth-oauth" gem.require_paths = ["lib"] gem.version = OmniAuth::OAuth::VERSION end omniauth-oauth-1.2.0/.gitignore0000644000004100000410000000023214016221047016466 0ustar www-datawww-data*.gem *.rbc .bundle .config .yardoc Gemfile.lock InstalledFiles _yardoc coverage doc/ lib/bundler/man pkg rdoc spec/reports test/tmp test/version_tmp tmp omniauth-oauth-1.2.0/Rakefile0000644000004100000410000000044014016221047016144 0ustar www-datawww-data#!/usr/bin/env rake require "bundler/gem_tasks" require "rspec/core/rake_task" RSpec::Core::RakeTask.new begin require "rubocop/rake_task" RuboCop::RakeTask.new rescue LoadError task :rubocop do $stderr.puts "Rubocop is disabled" end end task :default => [:spec, :rubocop] omniauth-oauth-1.2.0/lib/0000755000004100000410000000000014016221047015247 5ustar www-datawww-dataomniauth-oauth-1.2.0/lib/omniauth-oauth.rb0000644000004100000410000000010514016221047020532 0ustar www-datawww-datarequire "omniauth-oauth/version" require "omniauth/strategies/oauth" omniauth-oauth-1.2.0/lib/omniauth-oauth/0000755000004100000410000000000014016221047020211 5ustar www-datawww-dataomniauth-oauth-1.2.0/lib/omniauth-oauth/version.rb0000644000004100000410000000007714016221047022227 0ustar www-datawww-datamodule OmniAuth module OAuth VERSION = "1.2.0" end end omniauth-oauth-1.2.0/lib/omniauth/0000755000004100000410000000000014016221047017073 5ustar www-datawww-dataomniauth-oauth-1.2.0/lib/omniauth/strategies/0000755000004100000410000000000014016221047021245 5ustar www-datawww-dataomniauth-oauth-1.2.0/lib/omniauth/strategies/oauth.rb0000644000004100000410000000526614016221047022723 0ustar www-datawww-datarequire "oauth" require "omniauth" module OmniAuth module Strategies class OAuth include OmniAuth::Strategy args [:consumer_key, :consumer_secret] option :consumer_key, nil option :consumer_secret, nil option :client_options, {} option :open_timeout, 30 option :read_timeout, 30 option :authorize_params, {} option :request_params, {} attr_reader :access_token def consumer consumer = ::OAuth::Consumer.new(options.consumer_key, options.consumer_secret, options.client_options) consumer.http.open_timeout = options.open_timeout if options.open_timeout consumer.http.read_timeout = options.read_timeout if options.read_timeout consumer end def request_phase # rubocop:disable MethodLength request_token = consumer.get_request_token({:oauth_callback => callback_url}, options.request_params) session["oauth"] ||= {} session["oauth"][name.to_s] = {"callback_confirmed" => request_token.callback_confirmed?, "request_token" => request_token.token, "request_secret" => request_token.secret} if request_token.callback_confirmed? redirect request_token.authorize_url(options[:authorize_params]) else redirect request_token.authorize_url(options[:authorize_params].merge(:oauth_callback => callback_url)) end rescue ::Timeout::Error => e fail!(:timeout, e) rescue ::Net::HTTPFatalError, ::OpenSSL::SSL::SSLError => e fail!(:service_unavailable, e) end def callback_phase # rubocop:disable MethodLength fail(OmniAuth::NoSessionError, "Session Expired") if session["oauth"].nil? request_token = ::OAuth::RequestToken.new(consumer, session["oauth"][name.to_s].delete("request_token"), session["oauth"][name.to_s].delete("request_secret")) opts = {} if session["oauth"][name.to_s]["callback_confirmed"] opts[:oauth_verifier] = request["oauth_verifier"] else opts[:oauth_callback] = callback_url end @access_token = request_token.get_access_token(opts) super rescue ::Timeout::Error => e fail!(:timeout, e) rescue ::Net::HTTPFatalError, ::OpenSSL::SSL::SSLError => e fail!(:service_unavailable, e) rescue ::OAuth::Unauthorized => e fail!(:invalid_credentials, e) rescue ::OmniAuth::NoSessionError => e fail!(:session_expired, e) end credentials do {"token" => access_token.token, "secret" => access_token.secret} end extra do {"access_token" => access_token} end end end end OmniAuth.config.add_camelization "oauth", "OAuth" omniauth-oauth-1.2.0/Gemfile0000644000004100000410000000034514016221047015776 0ustar www-datawww-datasource "http://rubygems.org" gemspec gem "rake" group :test do gem "rack-test" gem "rspec", "~> 3.2" gem "rubocop", ">= 0.30", :platforms => [:ruby_19, :ruby_20, :ruby_21, :ruby_22] gem "simplecov" gem "webmock" end