pax_global_header00006660000000000000000000000064121561031370014511gustar00rootroot0000000000000052 comment=e685fd4939bbc48b80454458d8789096b681619d ruby-omniauth-oauth2-1.1.1/000077500000000000000000000000001215610313700155145ustar00rootroot00000000000000ruby-omniauth-oauth2-1.1.1/.gitignore000066400000000000000000000002401215610313700175000ustar00rootroot00000000000000*.gem *.rbc .bundle .config .yardoc Gemfile.lock InstalledFiles _yardoc coverage doc/ lib/bundler/man pkg rdoc spec/reports test/tmp test/version_tmp tmp *.swp ruby-omniauth-oauth2-1.1.1/.rspec000066400000000000000000000000331215610313700166250ustar00rootroot00000000000000--colour --format=progress ruby-omniauth-oauth2-1.1.1/Gemfile000066400000000000000000000003361215610313700170110ustar00rootroot00000000000000source 'http://rubygems.org' # Specify your gem's dependencies in omniauth-oauth2.gemspec gemspec group :development, :test do gem 'guard' gem 'guard-rspec' gem 'guard-bundler' gem 'growl' gem 'rb-fsevent' end ruby-omniauth-oauth2-1.1.1/Guardfile000066400000000000000000000003621215610313700173420ustar00rootroot00000000000000guard 'rspec', :version => 2 do watch(%r{^spec/.+_spec\.rb$}) watch(%r{^lib/(.+)\.rb$}) { |m| "spec/#{m[1]}_spec.rb" } watch('spec/spec_helper.rb') { "spec" } end guard 'bundler' do watch('Gemfile') watch(/^.+\.gemspec/) end ruby-omniauth-oauth2-1.1.1/README.md000066400000000000000000000050661215610313700170020ustar00rootroot00000000000000# OmniAuth OAuth2 This gem contains a generic OAuth2 strategy for OmniAuth. It is meant to serve as a building block strategy for other strategies and not to be used independently (since it has no inherent way to gather uid and user info). ## Creating an OAuth2 Strategy To create an OmniAuth OAuth2 strategy using this gem, you can simply subclass it and add a few extra methods like so: require 'omniauth-oauth2' module OmniAuth module Strategies class SomeSite < OmniAuth::Strategies::OAuth2 # Give your strategy a name. option :name, "some_site" # This is where you pass the options you would pass when # initializing your consumer from the OAuth gem. option :client_options, {:site => "https://api.somesite.com"} # These are called after authentication has succeeded. If # possible, you should try to set the UID without making # additional calls (if the user id is returned with the token # or as a URI parameter). This may not be possible with all # providers. uid{ raw_info['id'] } info do { :name => raw_info['name'], :email => raw_info['email'] } end extra do { 'raw_info' => raw_info } end def raw_info @raw_info ||= access_token.get('/me').parsed end end end end That's pretty much it! ## License Copyright (C) 2011 by Michael Bleigh and Intridea, Inc. Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. ruby-omniauth-oauth2-1.1.1/Rakefile000066400000000000000000000002561215610313700171640ustar00rootroot00000000000000#!/usr/bin/env rake require "bundler/gem_tasks" require 'rspec/core/rake_task' desc 'Default: run specs.' task :default => :spec desc "Run specs" RSpec::Core::RakeTask.new ruby-omniauth-oauth2-1.1.1/lib/000077500000000000000000000000001215610313700162625ustar00rootroot00000000000000ruby-omniauth-oauth2-1.1.1/lib/omniauth-oauth2.rb000066400000000000000000000001071215610313700216310ustar00rootroot00000000000000require "omniauth-oauth2/version" require 'omniauth/strategies/oauth2' ruby-omniauth-oauth2-1.1.1/lib/omniauth-oauth2/000077500000000000000000000000001215610313700213065ustar00rootroot00000000000000ruby-omniauth-oauth2-1.1.1/lib/omniauth-oauth2/version.rb000066400000000000000000000001001215610313700233070ustar00rootroot00000000000000module OmniAuth module OAuth2 VERSION = "1.1.1" end end ruby-omniauth-oauth2-1.1.1/lib/omniauth/000077500000000000000000000000001215610313700201065ustar00rootroot00000000000000ruby-omniauth-oauth2-1.1.1/lib/omniauth/strategies/000077500000000000000000000000001215610313700222605ustar00rootroot00000000000000ruby-omniauth-oauth2-1.1.1/lib/omniauth/strategies/oauth2.rb000066400000000000000000000076131215610313700240160ustar00rootroot00000000000000require 'cgi' require 'uri' require 'oauth2' require 'omniauth' require 'timeout' require 'securerandom' module OmniAuth module Strategies # Authentication strategy for connecting with APIs constructed using # the [OAuth 2.0 Specification](http://tools.ietf.org/html/draft-ietf-oauth-v2-10). # You must generally register your application with the provider and # utilize an application id and secret in order to authenticate using # OAuth 2.0. class OAuth2 include OmniAuth::Strategy args [:client_id, :client_secret] option :client_id, nil option :client_secret, nil option :client_options, {} option :authorize_params, {} option :authorize_options, [:scope] option :token_params, {} option :token_options, [] option :provider_ignores_state, false attr_accessor :access_token def client ::OAuth2::Client.new(options.client_id, options.client_secret, deep_symbolize(options.client_options)) end def callback_url full_host + script_name + callback_path end credentials do hash = {'token' => access_token.token} hash.merge!('refresh_token' => access_token.refresh_token) if access_token.expires? && access_token.refresh_token hash.merge!('expires_at' => access_token.expires_at) if access_token.expires? hash.merge!('expires' => access_token.expires?) hash end def request_phase redirect client.auth_code.authorize_url({:redirect_uri => callback_url}.merge(authorize_params)) end def authorize_params options.authorize_params[:state] = SecureRandom.hex(24) params = options.authorize_params.merge(options.authorize_options.inject({}){|h,k| h[k.to_sym] = options[k] if options[k]; h}) if OmniAuth.config.test_mode @env ||= {} @env['rack.session'] ||= {} end session['omniauth.state'] = params[:state] params end def token_params options.token_params.merge(options.token_options.inject({}){|h,k| h[k.to_sym] = options[k] if options[k]; h}) end def callback_phase if request.params['error'] || request.params['error_reason'] raise CallbackError.new(request.params['error'], request.params['error_description'] || request.params['error_reason'], request.params['error_uri']) end if !options.provider_ignores_state && (request.params['state'].to_s.empty? || request.params['state'] != session.delete('omniauth.state')) raise CallbackError.new(nil, :csrf_detected) end self.access_token = build_access_token self.access_token = access_token.refresh! if access_token.expired? super rescue ::OAuth2::Error, CallbackError => e fail!(:invalid_credentials, e) rescue ::MultiJson::DecodeError => e fail!(:invalid_response, e) rescue ::Timeout::Error, ::Errno::ETIMEDOUT => e fail!(:timeout, e) rescue ::SocketError => e fail!(:failed_to_connect, e) end protected def deep_symbolize(hash) hash.inject({}) do |h, (k,v)| h[k.to_sym] = v.is_a?(Hash) ? deep_symbolize(v) : v h end end def build_access_token verifier = request.params['code'] client.auth_code.get_token(verifier, {:redirect_uri => callback_url}.merge(token_params.to_hash(:symbolize_keys => true))) end # An error that is indicated in the OAuth 2.0 callback. # This could be a `redirect_uri_mismatch` or other class CallbackError < StandardError attr_accessor :error, :error_reason, :error_uri def initialize(error, error_reason=nil, error_uri=nil) self.error = error self.error_reason = error_reason self.error_uri = error_uri end end end end end OmniAuth.config.add_camelization 'oauth2', 'OAuth2' ruby-omniauth-oauth2-1.1.1/metadata.yml000066400000000000000000000070321215610313700200210ustar00rootroot00000000000000--- !ruby/object:Gem::Specification name: omniauth-oauth2 version: !ruby/object:Gem::Version version: 1.1.1 prerelease: platform: ruby authors: - Michael Bleigh autorequire: bindir: bin cert_chain: [] date: 2012-09-18 00:00:00.000000000 Z dependencies: - !ruby/object:Gem::Dependency name: omniauth requirement: !ruby/object:Gem::Requirement none: false requirements: - - ~> - !ruby/object:Gem::Version version: '1.0' type: :runtime prerelease: false version_requirements: !ruby/object:Gem::Requirement none: false requirements: - - ~> - !ruby/object:Gem::Version version: '1.0' - !ruby/object:Gem::Dependency name: oauth2 requirement: !ruby/object:Gem::Requirement none: false requirements: - - ~> - !ruby/object:Gem::Version version: 0.8.0 type: :runtime prerelease: false version_requirements: !ruby/object:Gem::Requirement none: false requirements: - - ~> - !ruby/object:Gem::Version version: 0.8.0 - !ruby/object:Gem::Dependency name: rspec requirement: !ruby/object:Gem::Requirement none: false requirements: - - ~> - !ruby/object:Gem::Version version: '2.7' type: :development prerelease: false version_requirements: !ruby/object:Gem::Requirement none: false requirements: - - ~> - !ruby/object:Gem::Version version: '2.7' - !ruby/object:Gem::Dependency name: rack-test requirement: !ruby/object:Gem::Requirement none: false requirements: - - ! '>=' - !ruby/object:Gem::Version version: '0' type: :development prerelease: false version_requirements: !ruby/object:Gem::Requirement none: false requirements: - - ! '>=' - !ruby/object:Gem::Version version: '0' - !ruby/object:Gem::Dependency name: webmock requirement: !ruby/object:Gem::Requirement none: false requirements: - - ! '>=' - !ruby/object:Gem::Version version: '0' type: :development prerelease: false version_requirements: !ruby/object:Gem::Requirement none: false requirements: - - ! '>=' - !ruby/object:Gem::Version version: '0' - !ruby/object:Gem::Dependency name: simplecov requirement: !ruby/object:Gem::Requirement none: false requirements: - - ! '>=' - !ruby/object:Gem::Version version: '0' type: :development prerelease: false version_requirements: !ruby/object:Gem::Requirement none: false requirements: - - ! '>=' - !ruby/object:Gem::Version version: '0' description: An abstract OAuth2 strategy for OmniAuth. email: - michael@intridea.com executables: [] extensions: [] extra_rdoc_files: [] files: - .gitignore - .rspec - Gemfile - Guardfile - README.md - Rakefile - lib/omniauth-oauth2.rb - lib/omniauth-oauth2/version.rb - lib/omniauth/strategies/oauth2.rb - omniauth-oauth2.gemspec - spec/omniauth/strategies/oauth2_spec.rb - spec/spec_helper.rb homepage: https://github.com/intridea/omniauth-oauth2 licenses: [] post_install_message: rdoc_options: [] require_paths: - lib required_ruby_version: !ruby/object:Gem::Requirement none: false requirements: - - ! '>=' - !ruby/object:Gem::Version version: '0' required_rubygems_version: !ruby/object:Gem::Requirement none: false requirements: - - ! '>=' - !ruby/object:Gem::Version version: '0' requirements: [] rubyforge_project: rubygems_version: 1.8.24 signing_key: specification_version: 3 summary: An abstract OAuth2 strategy for OmniAuth. test_files: [] has_rdoc: ruby-omniauth-oauth2-1.1.1/omniauth-oauth2.gemspec000066400000000000000000000017771215610313700221210ustar00rootroot00000000000000# -*- encoding: utf-8 -*- require File.expand_path('../lib/omniauth-oauth2/version', __FILE__) Gem::Specification.new do |gem| gem.add_dependency 'omniauth', '~> 1.0' gem.add_dependency 'oauth2', '~> 0.8.0' gem.add_development_dependency 'rspec', '~> 2.7' gem.add_development_dependency 'rack-test' gem.add_development_dependency 'webmock' gem.add_development_dependency 'simplecov' gem.authors = ["Michael Bleigh"] gem.email = ["michael@intridea.com"] gem.description = %q{An abstract OAuth2 strategy for OmniAuth.} gem.summary = %q{An abstract OAuth2 strategy for OmniAuth.} gem.homepage = "https://github.com/intridea/omniauth-oauth2" gem.executables = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) } gem.files = `git ls-files`.split("\n") gem.test_files = `git ls-files -- {test,spec,features}/*`.split("\n") gem.name = "omniauth-oauth2" gem.require_paths = ["lib"] gem.version = OmniAuth::OAuth2::VERSION end ruby-omniauth-oauth2-1.1.1/spec/000077500000000000000000000000001215610313700164465ustar00rootroot00000000000000ruby-omniauth-oauth2-1.1.1/spec/omniauth/000077500000000000000000000000001215610313700202725ustar00rootroot00000000000000ruby-omniauth-oauth2-1.1.1/spec/omniauth/strategies/000077500000000000000000000000001215610313700224445ustar00rootroot00000000000000ruby-omniauth-oauth2-1.1.1/spec/omniauth/strategies/oauth2_spec.rb000066400000000000000000000046471215610313700252200ustar00rootroot00000000000000require 'spec_helper' describe OmniAuth::Strategies::OAuth2 do def app; lambda{|env| [200, {}, ["Hello."]]} end let(:fresh_strategy){ Class.new(OmniAuth::Strategies::OAuth2) } before do OmniAuth.config.test_mode = true end after do OmniAuth.config.test_mode = false end describe '#client' do subject{ fresh_strategy } it 'should be initialized with symbolized client_options' do instance = subject.new(app, :client_options => {'authorize_url' => 'https://example.com'}) instance.client.options[:authorize_url].should == 'https://example.com' end it 'should set ssl options as connection options' do instance = subject.new(app, :client_options => {'ssl' => {'ca_path' => 'foo'}}) instance.client.options[:connection_opts][:ssl] =~ {:ca_path => 'foo'} end end describe '#authorize_params' do subject { fresh_strategy } it 'should include any authorize params passed in the :authorize_params option' do instance = subject.new('abc', 'def', :authorize_params => {:foo => 'bar', :baz => 'zip', :state => '123'}) instance.authorize_params.should == {'foo' => 'bar', 'baz' => 'zip', 'state' => '123'} end it 'should include top-level options that are marked as :authorize_options' do instance = subject.new('abc', 'def', :authorize_options => [:scope, :foo], :scope => 'bar', :foo => 'baz', :authorize_params => {:state => '123'}) instance.authorize_params.should == {'scope' => 'bar', 'foo' => 'baz', 'state' => '123'} end it 'should include random state in the authorize params' do instance = subject.new('abc', 'def') instance.authorize_params.keys.should == ['state'] instance.session['omniauth.state'].should_not be_empty instance.session['omniauth.state'].should == instance.authorize_params['state'] end end describe '#token_params' do subject { fresh_strategy } it 'should include any authorize params passed in the :authorize_params option' do instance = subject.new('abc', 'def', :token_params => {:foo => 'bar', :baz => 'zip'}) instance.token_params.should == {'foo' => 'bar', 'baz' => 'zip'} end it 'should include top-level options that are marked as :authorize_options' do instance = subject.new('abc', 'def', :token_options => [:scope, :foo], :scope => 'bar', :foo => 'baz') instance.token_params.should == {'scope' => 'bar', 'foo' => 'baz'} end end end ruby-omniauth-oauth2-1.1.1/spec/spec_helper.rb000066400000000000000000000006251215610313700212670ustar00rootroot00000000000000$:.unshift File.expand_path('..', __FILE__) $:.unshift File.expand_path('../../lib', __FILE__) require 'simplecov' SimpleCov.start require 'rspec' require 'rack/test' require 'webmock/rspec' require 'omniauth' require 'omniauth-oauth2' RSpec.configure do |config| config.include WebMock::API config.include Rack::Test::Methods config.extend OmniAuth::Test::StrategyMacros, :type => :strategy end