devise_auth0 1.0.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: c18b3f8598776472a2f76cf1b1dfa63b00f53cf0490a8088d663a4f54ecbef5b
+  data.tar.gz: 04a20bad11da869d3b9724f68d66a4b2382e3c26c98d481f9425c1589a756330
+SHA512:
+  metadata.gz: 8efc4197e1280051359ba69c9ddb8ed62fc70617eeaf65ddb518256ad6e1f11711cfee3651154cd4f9930e3401cc3ad29c68d8e0ad512df80a8e32e3b0c0d72d
+  data.tar.gz: b373a943d168c14277870c54eff0227077a5c8cfc6c14aaaab60de05a5782068aaf9efc3e5a769ccd87e840db54509385552f01cc53c8ac8c0dcfd352aab786b

data/CHANGELOG.md

@@ -0,0 +1,30 @@
+# Changelog
+
+## 1.0.0 (2023-09-08)
+
+
+### Tests
+
+* Fixes rspec-rails issues on rails edge ([ea4a050](https://github.com/itsmechlark/devise-auth0/commit/ea4a050528196936960d38b29edfb36a6e6cfcf1))
+
+
+### Miscellaneous
+
+* Bump changelog-enforcer to v3 ([5ffcab8](https://github.com/itsmechlark/devise-auth0/commit/5ffcab87952644b40cf73f45bce8cb2bd82ab534))
+* Bump rubocop-shopify to v2.14 ([9102709](https://github.com/itsmechlark/devise-auth0/commit/91027094bbc243ef05fb10bfe2b9da91189ca8a4))
+* Change Rubocop code scanning name ([ccae036](https://github.com/itsmechlark/devise-auth0/commit/ccae036e25f8f5d3d9fe0341e81d6b5b53af2df9))
+* CI/CD workflow ([b82655d](https://github.com/itsmechlark/devise-auth0/commit/b82655d9a7af844f1a62d558e65799ef796951fc))
+* Code scanning ([a2f9d1b](https://github.com/itsmechlark/devise-auth0/commit/a2f9d1b98994be941abfdba41346976cb717ba5a))
+* Configure version file on release config ([53b3b5b](https://github.com/itsmechlark/devise-auth0/commit/53b3b5b4b88bc52bddee7bcee4cba1e889d21eda))
+* Fixes Code Scanning permissions ([765f698](https://github.com/itsmechlark/devise-auth0/commit/765f698abe70f30a16b84549bb6256c22379d0fd))
+* Fixes release please config ([fb8aba4](https://github.com/itsmechlark/devise-auth0/commit/fb8aba487088409c783c7022845be9677e22dd04))
+* Fixes rubocop lint ([e02858b](https://github.com/itsmechlark/devise-auth0/commit/e02858b561f3d99691524795d43ae84fd5d8b978))
+* Install bundler on DevContainer startup ([9ad89e4](https://github.com/itsmechlark/devise-auth0/commit/9ad89e43b1b1a99f06250c7bdc5b6006cd505cca))
+* Move changelog type to release config ([01b4d9e](https://github.com/itsmechlark/devise-auth0/commit/01b4d9e02c981a3adc6c69fd64e9331838c3f618))
+* Release Please config ([08af26d](https://github.com/itsmechlark/devise-auth0/commit/08af26d4002d3e89cb210cabd89ea768039193bc))
+* Remove changelog ([bb7befe](https://github.com/itsmechlark/devise-auth0/commit/bb7befec90baad2c9f6f4671cb830a9e42491e11))
+* Remove old changelog ([fae0a6c](https://github.com/itsmechlark/devise-auth0/commit/fae0a6cdad32a043c53820c78277df2c6acc872a))
+* Support DevContainers ([5b937c9](https://github.com/itsmechlark/devise-auth0/commit/5b937c9696fea630eabaa9f4d745e4c64418e753))
+* Test against Ruby 3.2 ([185bae5](https://github.com/itsmechlark/devise-auth0/commit/185bae5d12b17409e6ed62d0aa7be9870ca9c424))
+* Update Changelog ([6df1d33](https://github.com/itsmechlark/devise-auth0/commit/6df1d33cf6810b752efc5bc4bf6d3f8691117847))
+* Use Python 3.8 for codespell ([a6a8f35](https://github.com/itsmechlark/devise-auth0/commit/a6a8f3556ae54dd1ed0608eaa431772ef2ff1977))

data/LICENSE.md

@@ -0,0 +1,22 @@
+The MIT License (MIT)
+
+Copyright (c) 2023 John Chlark Sumatra
+Copyright (c) 2022 First Circle Growth Finance Corp.
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.

data/app/controllers/devise/auth0_callbacks_controller.rb

@@ -0,0 +1,23 @@
+# frozen_string_literal: true
+
+module Devise
+  class Auth0CallbacksController < Devise::OmniauthCallbacksController
+    def callback
+      user = resource_class.from_auth0_omniauth(request.env["omniauth.auth"])
+
+      if user&.persisted?
+        set_flash_message(:notice, :success, kind: "Auth0") if is_navigational_format?
+        sign_in_and_redirect(user, event: :authentication)
+      else
+        session["devise.auth0_data"] = request.env["omniauth.auth"].except(:extra)
+        redirect_to(after_omniauth_callback_path_for(resource_name))
+      end
+    end
+
+    private
+
+    def after_omniauth_callback_path_for(scope)
+      new_session_path(scope)
+    end
+  end
+end

data/lib/devise/auth0/client.rb

@@ -0,0 +1,17 @@
+# frozen_string_literal: true
+
+require "auth0"
+
+module Devise
+  module Auth0
+    class Client < ::Auth0::Client
+      def initialize(config)
+        super(
+          client_id: config.client_id,
+          client_secret: config.client_secret,
+          domain: config.domain,
+        )
+      end
+    end
+  end
+end

data/lib/devise/auth0/controllers/helpers.rb

@@ -0,0 +1,43 @@
+# frozen_string_literal: true
+
+require "devise/auth0/exceptions"
+
+module Devise
+  module Auth0
+    module Controllers
+      # Those helpers are convenience methods added to ApplicationController.
+      module Helpers
+        extend ActiveSupport::Concern
+
+        included do
+          if respond_to?(:devise_group)
+            devise_group :auth0, contains: Devise.mappings.keys
+          end
+
+          if respond_to?(:helper_method)
+            helper_method :can?, :cannot?
+          end
+        end
+
+        def authorize!(*args)
+          options = args.extract_options!
+          message = options[:message]
+
+          if cannot?(*args)
+            raise AccessDenied.new(message, *args)
+          end
+
+          args
+        end
+
+        def can?(*args)
+          !!current_auth0&.can?(*args)
+        end
+
+        def cannot?(*args)
+          !!current_auth0&.cannot?(*args)
+        end
+      end
+    end
+  end
+end

data/lib/devise/auth0/exceptions.rb

@@ -0,0 +1,23 @@
+# frozen_string_literal: true
+
+module Devise
+  module Auth0
+    # A general CanCan exception
+    class Error < StandardError; end
+
+    class AccessDenied < Error
+      attr_reader :action, :subject
+
+      def initialize(message = nil, action = nil, resource_class = nil)
+        @message = message.presence || I18n.t(
+          :"unauthorized.default",
+          default: "You are not authorized to access this page.",
+        )
+        @action = action
+        @resource_class = resource_class
+
+        super(@message)
+      end
+    end
+  end
+end

data/lib/devise/auth0/helpers.rb

@@ -0,0 +1,25 @@
+# frozen_string_literal: true
+
+module Devise
+  module Auth0
+    # Helpers to parse token from a request and to a response
+    module Helpers
+      AUTH_METHOD = "Bearer"
+
+      class << self
+        # Parses the token from a rack request
+        #
+        # @param env [Hash] rack env hash
+        # @return [String] JWT token
+        # @return [nil] if token is not present
+        def get_auth(env)
+          auth = env["HTTP_AUTHORIZATION"].presence
+          return unless auth
+
+          method, token = auth.split
+          method == AUTH_METHOD ? token : nil
+        end
+      end
+    end
+  end
+end

data/lib/devise/auth0/rails/routes.rb

@@ -0,0 +1,37 @@
+# frozen_string_literal: true
+
+module ActionDispatch
+  module Routing
+    class Mapper
+      protected
+
+      def devise_auth0_callback(mapping, controllers) # :nodoc:
+        return unless mapping.to.auth0_config.omniauth
+
+        path_prefix = Devise.omniauth_path_prefix || "/#{mapping.fullpath}/auth".squeeze("/")
+        set_omniauth_path_prefix!(path_prefix)
+
+        match(
+          "/auth/auth0",
+          to: "#{controllers[:auth0_callbacks]}#passthru",
+          as: :auth0_omniauth_authorize,
+          via: [:get, :post],
+        )
+
+        match(
+          "/auth/auth0/failure",
+          to: "#{controllers[:auth0_callbacks]}#failure",
+          as: :auth0_omniauth_failure,
+          via: [:get, :post],
+        )
+
+        match(
+          "/auth/auth0/callback",
+          to: "#{controllers[:auth0_callbacks]}#callback",
+          as: :auth0_omniauth_callback,
+          via: [:get, :post],
+        )
+      end
+    end
+  end
+end

data/lib/devise/auth0/rails.rb

@@ -0,0 +1,50 @@
+# frozen_string_literal: true
+
+require "omniauth-auth0"
+require "omniauth/rails_csrf_protection"
+
+require "devise/auth0/rails/routes"
+require "devise/auth0/controllers/helpers"
+
+module Devise
+  module Auth0
+    class Engine < ::Rails::Engine
+      initializer "devise.auth0.cache", after: "initialize_cache" do |_app|
+        Devise.auth0.cache = Rails.cache
+      end
+
+      initializer "devise.auth0", before: "devise.omniauth" do |_app|
+        config = Devise.auth0
+        if config.omniauth
+          Devise.setup do |devise|
+            devise.omniauth(
+              :auth0,
+              config.client_id,
+              config.client_secret,
+              config.custom_domain,
+              {
+                authorize_params: {
+                  audience: config.aud.join(","),
+                  scope: config.scope,
+                },
+              },
+            )
+          end
+
+          # Patches the existing devise failure app to ensure a right mapping is used.
+          # Read more: devise/omniauth.rb
+          ::OmniAuth.config.on_failure = proc do |env|
+            env["devise.mapping"] = ::Devise::Mapping.find_by_path!(env["PATH_INFO"], :fullpath)
+            controller_name  = ActiveSupport::Inflector.camelize(env["devise.mapping"].controllers[:omniauth_callbacks])
+            controller_klass = ActiveSupport::Inflector.constantize("#{controller_name}Controller")
+            controller_klass.action(:failure).call(env)
+          end
+        end
+
+        ActiveSupport.on_load(:action_controller) do
+          include Devise::Auth0::Controllers::Helpers
+        end
+      end
+    end
+  end
+end

data/lib/devise/auth0/token.rb

@@ -0,0 +1,126 @@
+# frozen_string_literal: true
+
+require "faraday"
+require "faraday/http_cache"
+require "jwt"
+
+module Devise
+  module Auth0
+    # Helpers to parse token from a request and to a response
+    class Token
+      class << self
+        def parse(auth, resource_class)
+          token = new(auth, resource_class)
+          token.verify
+          token
+        end
+      end
+
+      def initialize(auth, resource_class)
+        @auth = auth.presence
+        @resource_class = resource_class
+      end
+
+      def provider
+        auth0_id&.split("|")&.first
+      end
+
+      def uid
+        auth0_id&.split("|")&.last
+      end
+
+      def auth0_id
+        return if verify.nil?
+        return "auth0|#{verify[0]["azp"]}" if bot?
+
+        verify[0]["sub"]
+      end
+
+      def user
+        @user ||= if bot?
+          {
+            "user_id" => uid,
+            "email" => "#{uid}@#{config.domain}",
+          }
+        else
+          ::Devise.auth0.cache.fetch("devise-auth0/#{auth0_id}", expires_in: ::Devise.auth0.cache_expires_in) do
+            client.user(auth0_id)
+          end
+        end
+      end
+
+      def bot?
+        return false if verify.nil?
+
+        verify[0]["gty"] == "client-credentials"
+      end
+
+      def scopes
+        return [] if verify.nil?
+
+        verify[0]["scope"].to_s.split(" ")
+      end
+
+      def permissions
+        return [] if verify.nil?
+
+        verify[0]["permissions"].presence || []
+      end
+
+      def verify
+        @payload ||= JWT.decode(
+          @auth,
+          nil,
+          true, # Verify the signature of this token
+          algorithms: config.algorithm,
+          iss: issuer,
+          verify_iss: true,
+          aud: config.aud,
+          verify_aud: true,
+        ) do |header|
+          jwks_hash[header["kid"]]
+        end
+      rescue JWT::DecodeError
+        nil
+      end
+
+      def valid?
+        !verify.nil?
+      end
+
+      private
+
+      def config
+        @resource_class.auth0_config
+      end
+
+      def client
+        @resource_class.auth0_client
+      end
+
+      def issuer
+        "https://#{config.custom_domain.presence || config.domain.presence}/"
+      end
+
+      def jwks_hash
+        conn = ::Faraday.new("https://#{config.custom_domain}") do |f|
+          f.use(:http_cache, store: ::Devise.auth0.cache)
+          f.request(:retry, max: 3)
+          f.adapter(::Faraday.default_adapter)
+        end
+        jwks_keys = JSON.parse(conn.get("/.well-known/jwks.json").body)["keys"]
+        Hash[
+          jwks_keys
+            .map do |k|
+            [
+              k["kid"],
+              OpenSSL::X509::Certificate.new(
+                Base64.decode64(k["x5c"].first),
+              ).public_key,
+            ]
+          end
+        ]
+      end
+    end
+  end
+end

data/lib/devise/auth0/version.rb

@@ -0,0 +1,13 @@
+# frozen_string_literal: true
+
+module Devise
+  module Auth0
+    VERSION = "1.0.0"
+
+    class << self
+      def gem_version
+        Gem::Version.new(VERSION)
+      end
+    end
+  end
+end

data/lib/devise/auth0.rb

@@ -0,0 +1,62 @@
+# frozen_string_literal: true
+
+require "devise"
+require "dry-configurable"
+
+require "devise/auth0/client"
+
+# Authentication library
+module Devise
+  # Yields to Devise::Auth0.config
+  class << self
+    def auth0
+      return Devise::Auth0.config unless block_given?
+
+      yield(Devise::Auth0.config)
+    end
+  end
+
+  module Models
+    autoload :Auth0, "devise/models/auth0"
+  end
+
+  module Strategies
+    autoload :Auth0, "devise/strategies/auth0"
+  end
+
+  # Auth0 extension for devise
+  module Auth0
+    extend ::Dry::Configurable
+
+    setting(:algorithm, default: "RS256")
+    setting(
+      :aud,
+      default: ENV["AUTH0_AUDIENCE"].presence,
+      constructor: ->(aud) { aud.is_a?(Array) ? aud : aud.to_s.split(",") },
+    )
+    setting(:client_id, default: ENV["AUTH0_CLIENT_ID"].presence)
+    setting(:client_secret, default: ENV["AUTH0_CLIENT_SECRET"].presence)
+    setting(:custom_domain, default: ENV["AUTH0_CUSTOM_DOMAIN"].presence)
+    setting(:domain, default: ENV["AUTH0_DOMAIN"].presence)
+    setting(:omniauth, default: false)
+    setting(:scope, default: "openid")
+    setting(:email_domains_allowlist, default: [])
+    setting(:email_domains_blocklist, default: [])
+    setting(:cache)
+    setting(:cache_expires_in, default: 15.minutes)
+
+    class << self
+      def logout(record)
+        record.class.auth0_client.grants(user_id: record.auth0_id).each do |grant|
+          record.class.auth0_client.delete_grant(grant["id"], record.auth0_id)
+        end
+      end
+    end
+  end
+
+  add_module(:auth0, strategy: true, controller: :auth0_callbacks, route: { auth0_callback: [:callback] })
+end
+
+require "devise/auth0/version"
+require "devise/auth0/rails"
+require "devise/strategies/auth0"

data/lib/devise/hooks/auth0.rb

@@ -0,0 +1,7 @@
+# frozen_string_literal: true
+
+Warden::Manager.before_logout do |record, _warden, _options|
+  if record.respond_to?(:auth0_id)
+    Devise::Auth0.logout(record)
+  end
+end

data/lib/devise/models/auth0.rb

@@ -0,0 +1,210 @@
+# frozen_string_literal: true
+
+require "mail"
+require "devise/hooks/auth0"
+
+module Devise
+  module Models
+    module Auth0
+      extend ActiveSupport::Concern
+
+      included do
+        validates :uid, allow_blank: true, uniqueness: { scope: :provider, message: "should happen once per provider" }
+        with_options if: -> { respond_to?(:email) } do
+          validates :email, uniqueness: true
+          validate :email_domain_allowed, :email_domain_disallowed
+        end
+      end
+
+      class << self
+        def required_fields(klass)
+          []
+        end
+      end
+
+      def email_domain_allowed
+        return if self.class.auth0_config.email_domains_allowlist.empty?
+
+        m = Mail::Address.new(email)
+        return if m.domain.nil?
+
+        unless self.class.auth0_config.email_domains_allowlist.include?(m.domain)
+          errors.add(:email, :not_allowed)
+        end
+      end
+
+      def email_domain_disallowed
+        return if self.class.auth0_config.email_domains_blocklist.empty?
+
+        m = Mail::Address.new(email)
+        return if m.domain.nil?
+
+        if self.class.auth0_config.email_domains_blocklist.include?(m.domain)
+          errors.add(:email, :not_allowed)
+        end
+      end
+
+      def can?(action, resource_class = nil)
+        scope = [action]
+        if resource_class.is_a?(String)
+          scope << resource_class
+        elsif resource_class
+          resource_name = resource_class.name.underscore.split("/")
+          resource_name[-1] = resource_name[-1].pluralize
+          scope << resource_name.join("/")
+        end
+        auth0_scopes.include?(scope.join(":"))
+      end
+
+      # Convenience method which works the same as "can?" but returns the opposite value.
+      #
+      #   cannot? :destroy, @project
+      #
+      def cannot?(*args)
+        !can?(*args)
+      end
+
+      def auth0_scopes=(scopes)
+        ::Devise.auth0.cache.write(
+          "devise-auth0/#{auth0_id}/scopes",
+          scopes,
+          expires_in: ::Devise.auth0.cache_expires_in,
+        )
+      end
+
+      def auth0_scopes
+        ::Devise.auth0.cache.fetch("devise-auth0/#{auth0_id}/scopes", expires_in: ::Devise.auth0.cache_expires_in) do
+          if bot?
+            self.class.auth0_client.client_grants(
+              client_id: uid,
+              audience: self.class.auth0_config.aud,
+            ).first.try(:[], "scope")
+          else
+            user = self.class.auth0_client.users_by_email(email).find do |u|
+              u["identities"].any? { |i| i["user_id"] == uid }
+            end
+            return [] if user.nil?
+
+            permissions = []
+            page = 0
+            loop do
+              response_data = self.class.auth0_client
+                .get_user_permissions(
+                  user["user_id"],
+                  { page: page, per_page: 100, include_totals: true },
+                )
+
+              response_data["permissions"].select do |permission|
+                self.class.auth0_config.aud.include?(permission["resource_server_identifier"])
+              end.each do |permission|
+                permissions << permission["permission_name"]
+              end
+
+              break if response_data["start"] / 100 == response_data["total"] / 100
+
+              page += 1
+            end
+            permissions
+          end
+        end
+      end
+
+      def auth0_id
+        "#{provider}|#{uid}"
+      end
+
+      def after_auth0_token_created(token)
+      end
+
+      def after_auth0_token(token)
+        set_auth_id(token.provider, token.uid)
+      end
+
+      def after_auth0_omniauth_created(auth)
+      end
+
+      def after_auth0_omniauth(auth)
+        set_auth_id(auth.provider, auth.uid)
+      end
+
+      private
+
+      def set_auth_id(provider, uid)
+        return if self.provider == provider && self.uid == uid
+
+        self.provider = provider
+        self.uid = uid.include?("|") ? uid.split("|").last : uid
+        save
+      end
+
+      module ClassMethods
+        Devise::Models.config(self, :auth0_options)
+
+        def from_auth0_token(token)
+          user = where(
+            auth0_where_conditions(
+              provider: token.provider,
+              uid: token.uid,
+              email: token.user["email"],
+            ),
+          ).first_or_create do |user|
+            user.provider = token.provider
+            user.uid = token.uid
+            user.email = token.user["email"] if user.respond_to?(:email=)
+            user.password = Devise.friendly_token[0, 20] if user.respond_to?(:password=)
+            user.bot = token.bot? if user.respond_to?(:bot=)
+            user.after_auth0_token_created(token)
+          end
+          user.auth0_scopes = token.scopes.dup.concat(token.permissions).uniq
+          user.after_auth0_token(token)
+          user
+        end
+
+        def parse_auth0_token(token)
+          ::Devise::Auth0::Token.parse(token, self)
+        end
+
+        def from_auth0_omniauth(auth)
+          return unless auth0_config.omniauth
+
+          uid = auth.uid.include?("|") ? auth.uid.split("|").last : auth.uid
+          user = where(
+            auth0_where_conditions(
+              provider: auth.provider,
+              uid: uid,
+              email: auth.info.email,
+            ),
+          ).first_or_create do |user|
+            user.provider = auth.provider
+            user.uid = uid
+            user.email = auth.info.email if user.respond_to?(:email=)
+            user.password = Devise.friendly_token[0, 20] if user.respond_to?(:password=)
+            user.after_auth0_omniauth_created(auth)
+          end
+          user.after_auth0_omniauth(auth)
+          user
+        end
+
+        def auth0_where_conditions(provider:, uid:, email: nil)
+          sql = arel_table[:provider].eq(provider).and(arel_table[:uid].eq(uid))
+          sql = sql.or(arel_table[:email].eq(email)) if email && column_names.include?("email")
+          sql
+        end
+
+        def auth0_config
+          return @auth0_config unless @auth0_config.nil?
+
+          @auth0_config ||= ::Devise.auth0.pristine
+          @auth0_config.update(::Devise.auth0.values)
+          @auth0_config.update(auth0_options) if defined?(@auth0_options)
+          @auth0_config.finalize!
+          @auth0_config
+        end
+
+        def auth0_client
+          @auth0_client ||= ::Devise::Auth0::Client.new(auth0_config)
+        end
+      end
+    end
+  end
+end

data/lib/devise/strategies/auth0.rb

@@ -0,0 +1,43 @@
+# frozen_string_literal: true
+
+require "devise/strategies/base"
+
+require_relative "../auth0/helpers"
+require_relative "../auth0/token"
+
+module Devise
+  module Strategies
+    # Warden strategy to authenticate an user through a JWT token in the
+    # `Authorization` request header
+    class Auth0 < Devise::Strategies::Base
+      def valid?
+        !auth.nil?
+      end
+
+      def store?
+        false
+      end
+
+      def authenticate!
+        if token.valid?
+          resource = mapping.to.from_auth0_token(token)
+          return success!(resource) if resource.persisted?
+        end
+
+        fail!(:invalid)
+      end
+
+      private
+
+      def token
+        @token ||= mapping.to.parse_auth0_token(auth)
+      end
+
+      def auth
+        @auth ||= ::Devise::Auth0::Helpers.get_auth(env)
+      end
+    end
+  end
+end
+
+Warden::Strategies.add(:auth0, Devise::Strategies::Auth0)

data/lib/devise_auth0.rb

@@ -0,0 +1,3 @@
+# frozen_string_literal: true
+
+require "devise/auth0"

metadata

@@ -0,0 +1,484 @@
+--- !ruby/object:Gem::Specification
+name: devise_auth0
+version: !ruby/object:Gem::Version
+  version: 1.0.0
+platform: ruby
+authors:
+- John Chlark Sumatra
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2023-09-09 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: auth0
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '5.6'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '5.6'
+- !ruby/object:Gem::Dependency
+  name: devise
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '4.8'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '4.8'
+- !ruby/object:Gem::Dependency
+  name: dry-configurable
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.13'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.13'
+- !ruby/object:Gem::Dependency
+  name: faraday
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 1.10.0
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 1.10.0
+- !ruby/object:Gem::Dependency
+  name: faraday-http-cache
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: jwt
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.3'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.3'
+- !ruby/object:Gem::Dependency
+  name: mail
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: net-smtp
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: omniauth-auth0
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.0'
+- !ruby/object:Gem::Dependency
+  name: omniauth-rails_csrf_protection
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: appraisal
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.4'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.4'
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.0'
+- !ruby/object:Gem::Dependency
+  name: code-scanning-rubocop
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: dotenv
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: faker
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.0'
+- !ruby/object:Gem::Dependency
+  name: multi_json
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: multipart-parser
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.1.1
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.1.1
+- !ruby/object:Gem::Dependency
+  name: pry-byebug
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.7'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.7'
+- !ruby/object:Gem::Dependency
+  name: rack_session_access
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '13.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '13.0'
+- !ruby/object:Gem::Dependency
+  name: rspec-rails
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rubocop-performance
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rubocop-rails
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rubocop-rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rubocop-rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rubocop-shopify
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.14'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.14'
+- !ruby/object:Gem::Dependency
+  name: simplecov
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 0.21.2
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 0.21.2
+- !ruby/object:Gem::Dependency
+  name: timecop
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: vcr
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '6.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '6.0'
+- !ruby/object:Gem::Dependency
+  name: webmock
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.4'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.4'
+description: Auth0 authentication for devise
+email:
+- clark@sumatra.com.ph
+executables: []
+extensions: []
+extra_rdoc_files:
+- LICENSE.md
+files:
+- CHANGELOG.md
+- LICENSE.md
+- app/controllers/devise/auth0_callbacks_controller.rb
+- lib/devise/auth0.rb
+- lib/devise/auth0/client.rb
+- lib/devise/auth0/controllers/helpers.rb
+- lib/devise/auth0/exceptions.rb
+- lib/devise/auth0/helpers.rb
+- lib/devise/auth0/rails.rb
+- lib/devise/auth0/rails/routes.rb
+- lib/devise/auth0/token.rb
+- lib/devise/auth0/version.rb
+- lib/devise/hooks/auth0.rb
+- lib/devise/models/auth0.rb
+- lib/devise/strategies/auth0.rb
+- lib/devise_auth0.rb
+homepage: https://github.com/itsmechlark/devise_auth0
+licenses:
+- MIT
+metadata:
+  homepage_uri: https://github.com/itsmechlark/devise_auth0
+  changelog_uri: https://github.com/itsmechlark/devise_auth0/releases/tag/v1.0.0
+  source_code_uri: https://github.com/itsmechlark/devise_auth0/tree/v1.0.0
+  bug_tracker_uri: https://github.com/itsmechlark/devise_auth0/issues
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubygems_version: 3.2.3
+signing_key: 
+specification_version: 4
+summary: Auth0 authentication for devise
+test_files: []