devise_capturable 0.0.12 → 0.1.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +7 -4
- data/lib/assets/javascripts/devise_capturable.js +9 -11
- data/lib/devise_capturable/api.rb +12 -5
- data/lib/devise_capturable/locales/en.yml +2 -1
- data/lib/devise_capturable/strategy.rb +22 -8
- data/lib/devise_capturable/version.rb +1 -1
- data/lib/devise_capturable.rb +7 -4
- data/spec/strategy_spec.rb +60 -18
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 777eeba95a9a9dddc942098012ac44ec70f8d8bf
|
|
4
|
+
data.tar.gz: c1d90aca571ef6e8c4b74946a1ddf88df82d3f77
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 2e2625bfcb0682298219ec4d658e1a342dd9c0df7a72168b7f67ba43848ab62d97142407e82201d247fefa684d18430ea02831f8b1abdd20eda4db53ebae1f7d
|
|
7
|
+
data.tar.gz: 8306ca02c040cef24457b3ec007b48eae80dd9ae299f45b7e9647729f874eb7066efa0658da097d7e7dda03d4819a4e6020feba85d6eb2f82ad93667db2d6536
|
data/README.md
CHANGED
|
@@ -1,6 +1,8 @@
|
|
|
1
1
|
# Devise::Capturable
|
|
2
2
|
|
|
3
|
-
`Devise::Capturable` is a gem that makes it possible to use the Janrain Engage user registration widget, while still having a Devise authentication setup with a Rails `User` model.
|
|
3
|
+
`Devise::Capturable` is a gem that makes it possible to use the Janrain Engage user registration widget as a login system, while still having a Devise authentication setup with a Rails `User` model.
|
|
4
|
+
|
|
5
|
+
It can be used right out of the box with automatic user creation, or can be configured to show a "second step form", to add extra values to your user model on top of Janrain.
|
|
4
6
|
|
|
5
7
|
In the following I use the name `User` for the Devise user model, but it will work with any Devise-enabled model.
|
|
6
8
|
|
|
@@ -40,8 +42,9 @@ Devise.setup do |config|
|
|
|
40
42
|
config.capturable_server = "https://myapp.janraincapture.com"
|
|
41
43
|
config.capturable_client_id = "myclientid"
|
|
42
44
|
config.capturable_client_secret = "myclientsecret"
|
|
43
|
-
# Optional, see below
|
|
44
|
-
|
|
45
|
+
config.capturable_redirect_uri = "http://sample.com" # Optional, see below
|
|
46
|
+
config.capturable_auto_create_account = false # Optional, see below
|
|
47
|
+
config.capturable_redirect_if_no_user = "/users/sign_up" # Optional, see below
|
|
45
48
|
end
|
|
46
49
|
```
|
|
47
50
|
|
|
@@ -178,7 +181,7 @@ To do so, you'll need to write your own `janrainCaptureWidgetOnLoad` function an
|
|
|
178
181
|
janrain.capture.ui.start();
|
|
179
182
|
|
|
180
183
|
// afterJanrainLogin is provided by Devise::Capturable to assist with
|
|
181
|
-
// server-side login
|
|
184
|
+
// server-side login. It automatically makes a POST request to /users/sign_in if not configured.
|
|
182
185
|
janrain.events.onCaptureLoginSuccess.addHandler(afterJanrainLogin);
|
|
183
186
|
janrain.events.onCaptureRegistrationSuccess.addHandler(afterJanrainLogin);
|
|
184
187
|
};
|
|
@@ -1,32 +1,30 @@
|
|
|
1
1
|
function afterJanrainLogin(result, path, method)
|
|
2
2
|
{
|
|
3
3
|
path = path || "/users/sign_in";
|
|
4
|
-
method = method || "post"
|
|
4
|
+
method = method || "post";
|
|
5
5
|
|
|
6
6
|
// create form
|
|
7
|
-
var form = $('<form accept-charset="UTF-8" action="' + path + '" method="' + method +'" id="capturable-inject-form"></form>')
|
|
7
|
+
var form = $('<form accept-charset="UTF-8" action="' + path + '" method="' + method +'" id="capturable-inject-form"></form>');
|
|
8
8
|
|
|
9
9
|
// create hidden div in form
|
|
10
|
-
var hidden_els = $('<div style="margin:0;padding:0;display:inline"></div>')
|
|
10
|
+
var hidden_els = $('<div style="margin:0;padding:0;display:inline"></div>');
|
|
11
11
|
|
|
12
12
|
// add utf
|
|
13
|
-
hidden_els.append('<input name="utf8" type="hidden" value="✓">')
|
|
13
|
+
hidden_els.append('<input name="utf8" type="hidden" value="✓">');
|
|
14
14
|
|
|
15
15
|
// grab forgery token
|
|
16
|
-
var token_name = $("meta[name='csrf-param']").attr('content')
|
|
17
|
-
var token_val = $("meta[name='csrf-token']").attr('content')
|
|
16
|
+
var token_name = $("meta[name='csrf-param']").attr('content');
|
|
17
|
+
var token_val = $("meta[name='csrf-token']").attr('content');
|
|
18
18
|
if(token_name && token_val)
|
|
19
19
|
{
|
|
20
|
-
hidden_els.prepend('<input name="'+token_name +'" type="hidden" value="'+token_val+'">')
|
|
20
|
+
hidden_els.prepend('<input name="'+token_name +'" type="hidden" value="'+token_val+'">');
|
|
21
21
|
}
|
|
22
22
|
|
|
23
23
|
// append hidden els to form
|
|
24
|
-
form.append(hidden_els)
|
|
24
|
+
form.append(hidden_els);
|
|
25
25
|
|
|
26
26
|
// add oauth code to form
|
|
27
|
-
form.append('<input id="authorization-code" name="code" type="hidden" value="'+result.authorizationCode+'">')
|
|
28
|
-
|
|
29
|
-
janrain.capture.ui.modal.close();
|
|
27
|
+
form.append('<input id="authorization-code" name="code" type="hidden" value="'+result.authorizationCode+'">');
|
|
30
28
|
|
|
31
29
|
$('body').append(form);
|
|
32
30
|
form.submit()
|
|
@@ -7,19 +7,26 @@ module Devise
|
|
|
7
7
|
|
|
8
8
|
include HTTParty
|
|
9
9
|
format :json
|
|
10
|
-
|
|
11
|
-
|
|
10
|
+
|
|
12
11
|
def self.token(code)
|
|
13
|
-
redirect_uri = Devise.capturable_redirect_uri || 'http://stupidsettings.com'
|
|
14
|
-
|
|
15
12
|
post("#{Devise.capturable_server}/oauth/token", :query => {
|
|
16
13
|
code: code,
|
|
17
|
-
redirect_uri:
|
|
14
|
+
redirect_uri: Devise.capturable_redirect_uri || 'http://stupidsettings.com',
|
|
18
15
|
grant_type: 'authorization_code',
|
|
19
16
|
client_id: Devise.capturable_client_id,
|
|
20
17
|
client_secret: Devise.capturable_client_secret,
|
|
21
18
|
})
|
|
22
19
|
end
|
|
20
|
+
|
|
21
|
+
def self.refresh_token(refresh_token)
|
|
22
|
+
post("#{Devise.capturable_server}/oauth/token", :query => {
|
|
23
|
+
refresh_token: refresh_token,
|
|
24
|
+
redirect_uri: Devise.capturable_redirect_uri || 'http://stupidsettings.com',
|
|
25
|
+
grant_type: 'refresh_token',
|
|
26
|
+
client_id: Devise.capturable_client_id,
|
|
27
|
+
client_secret: Devise.capturable_client_secret,
|
|
28
|
+
})
|
|
29
|
+
end
|
|
23
30
|
|
|
24
31
|
def self.entity(token)
|
|
25
32
|
post("#{Devise.capturable_server}/entity", headers: { 'Authorization' => "OAuth #{token}" })
|
|
@@ -20,7 +20,7 @@ module Devise
|
|
|
20
20
|
|
|
21
21
|
# get an access token from an OAUTH code
|
|
22
22
|
token = Devise::Capturable::API.token(params[:code])
|
|
23
|
-
fail!(:
|
|
23
|
+
fail!(:capturable_user_error) unless token['stat'] == 'ok'
|
|
24
24
|
|
|
25
25
|
# get the user info form the access token
|
|
26
26
|
entity = Devise::Capturable::API.entity(token['access_token'])
|
|
@@ -28,21 +28,35 @@ module Devise
|
|
|
28
28
|
# find user with the capturable params
|
|
29
29
|
user = klass.find_with_capturable_params(entity["result"])
|
|
30
30
|
|
|
31
|
-
# if the user exists
|
|
31
|
+
# if the user exists, sign in
|
|
32
32
|
if user
|
|
33
33
|
user.before_capturable_sign_in(entity["result"], params)
|
|
34
|
-
|
|
35
|
-
|
|
34
|
+
success!(user)
|
|
35
|
+
|
|
36
|
+
# else if we want to auto create users
|
|
37
|
+
elsif Devise.capturable_auto_create_account
|
|
36
38
|
user = klass.new
|
|
37
39
|
user.before_capturable_create(entity["result"], params)
|
|
38
40
|
user.save!
|
|
41
|
+
success!(user)
|
|
42
|
+
|
|
43
|
+
# else redirect to a custom URL
|
|
44
|
+
elsif Devise.capturable_redirect_if_no_user
|
|
45
|
+
|
|
46
|
+
new_token = Devise::Capturable::API.refresh_token(token['refresh_token'])
|
|
47
|
+
return fail!(:capturable_user_error) unless new_token['stat'] == 'ok'
|
|
48
|
+
|
|
49
|
+
fail!(:capturable_user_missing)
|
|
50
|
+
redirect!(Devise.capturable_redirect_if_no_user, :token => new_token["access_token"])
|
|
51
|
+
|
|
52
|
+
# else fail
|
|
53
|
+
else
|
|
54
|
+
fail!(:capturable_user_missing)
|
|
39
55
|
end
|
|
40
56
|
|
|
41
|
-
# sign in the user
|
|
42
|
-
success!(user)
|
|
43
|
-
|
|
44
57
|
rescue Exception => e
|
|
45
|
-
|
|
58
|
+
puts "Devise Capturable Error: #{e}"
|
|
59
|
+
fail!(:capturable_user_error)
|
|
46
60
|
end
|
|
47
61
|
end
|
|
48
62
|
|
data/lib/devise_capturable.rb
CHANGED
|
@@ -8,13 +8,16 @@ Warden::Strategies.add(:capturable, Devise::Capturable::Strategies::Capturable)
|
|
|
8
8
|
require 'devise_capturable/view_helpers'
|
|
9
9
|
|
|
10
10
|
module Devise
|
|
11
|
-
|
|
12
|
-
|
|
13
|
-
|
|
14
|
-
|
|
11
|
+
mattr_accessor :capturable_server
|
|
12
|
+
mattr_accessor :capturable_client_id
|
|
13
|
+
mattr_accessor :capturable_client_secret
|
|
14
|
+
mattr_accessor :capturable_redirect_uri
|
|
15
15
|
mattr_accessor :capturable_auto_create_account
|
|
16
|
+
mattr_accessor :capturable_redirect_if_no_user
|
|
16
17
|
end
|
|
17
18
|
|
|
19
|
+
Devise.capturable_auto_create_account = true
|
|
20
|
+
|
|
18
21
|
I18n.load_path.unshift File.join(File.dirname(__FILE__), *%w[devise_capturable locales en.yml])
|
|
19
22
|
Devise.add_module(:capturable, :strategy => true, :controller => :sessions, :model => 'devise_capturable/model')
|
|
20
23
|
|
data/spec/strategy_spec.rb
CHANGED
|
@@ -22,39 +22,81 @@ describe 'Devise::Capturable' do
|
|
|
22
22
|
allow(Devise::Capturable::API).to receive(:entity).and_return(ENTITY)
|
|
23
23
|
end
|
|
24
24
|
|
|
25
|
-
describe "
|
|
25
|
+
describe "if user exists" do
|
|
26
26
|
|
|
27
|
-
it "should
|
|
27
|
+
it "should sign in" do
|
|
28
28
|
expect(User).to receive(:find_with_capturable_params).with(ENTITY["result"]).and_return(@user)
|
|
29
29
|
expect(@user).to receive(:before_capturable_sign_in).with(ENTITY["result"], PARAMS)
|
|
30
30
|
expect(@user).to_not receive(:save!)
|
|
31
31
|
expect(@strategy).to receive(:success!).with(@user)
|
|
32
|
-
|
|
32
|
+
@strategy.authenticate!
|
|
33
33
|
end
|
|
34
34
|
|
|
35
35
|
end
|
|
36
36
|
|
|
37
|
-
describe
|
|
37
|
+
describe "if user does not exist" do
|
|
38
38
|
|
|
39
39
|
before(:each) do
|
|
40
40
|
expect(User).to receive(:find_with_capturable_params).and_return(nil)
|
|
41
|
-
expect(User).to receive(:new).and_return(@user)
|
|
42
|
-
expect(@user).to receive(:before_capturable_create).with(ENTITY["result"], PARAMS)
|
|
43
41
|
end
|
|
44
|
-
|
|
45
|
-
|
|
46
|
-
|
|
47
|
-
|
|
48
|
-
|
|
49
|
-
|
|
42
|
+
|
|
43
|
+
describe "and capturable_auto_create_account is enabled" do
|
|
44
|
+
|
|
45
|
+
before(:each) do
|
|
46
|
+
Devise.stub(:capturable_auto_create_account).and_return(true)
|
|
47
|
+
expect(User).to receive(:new).and_return(@user)
|
|
48
|
+
expect(@user).to receive(:before_capturable_create).with(ENTITY["result"], PARAMS)
|
|
49
|
+
end
|
|
50
|
+
|
|
51
|
+
it "should fail if not saved" do
|
|
52
|
+
expect(@user).to receive(:save!).and_raise(Exception)
|
|
53
|
+
expect(@strategy).to_not receive(:success!)
|
|
54
|
+
expect(@strategy).to receive(:fail!).with(:capturable_user_error)
|
|
55
|
+
@strategy.authenticate!
|
|
56
|
+
end
|
|
57
|
+
|
|
58
|
+
it "should succeed if saved" do
|
|
59
|
+
expect(@user).to receive(:save!).and_return(true)
|
|
60
|
+
expect(@strategy).to receive(:success!).with(@user)
|
|
61
|
+
expect(@strategy).to_not receive(:fail!)
|
|
62
|
+
@strategy.authenticate!
|
|
63
|
+
end
|
|
64
|
+
|
|
50
65
|
end
|
|
51
|
-
|
|
52
|
-
|
|
53
|
-
|
|
54
|
-
|
|
55
|
-
|
|
56
|
-
|
|
66
|
+
|
|
67
|
+
describe "and capturable_redirect_if_no_user is enabled" do
|
|
68
|
+
|
|
69
|
+
before(:each) do
|
|
70
|
+
Devise.stub(:capturable_auto_create_account).and_return(false)
|
|
71
|
+
Devise.stub(:capturable_redirect_if_no_user).and_return("/users/sign_up")
|
|
72
|
+
end
|
|
73
|
+
|
|
74
|
+
it "should redirect" do
|
|
75
|
+
expect(@user).to_not receive(:save!)
|
|
76
|
+
expect(@strategy).to_not receive(:success!)
|
|
77
|
+
expect(@strategy).to receive(:fail!).with(:capturable_user_missing)
|
|
78
|
+
expect(@strategy).to receive(:redirect!).with("/users/sign_up")
|
|
79
|
+
@strategy.authenticate!
|
|
80
|
+
end
|
|
81
|
+
|
|
82
|
+
end
|
|
83
|
+
|
|
84
|
+
describe "and nothing is enabled" do
|
|
85
|
+
|
|
86
|
+
before(:each) do
|
|
87
|
+
Devise.stub(:capturable_auto_create_account).and_return(false)
|
|
88
|
+
Devise.stub(:capturable_redirect_if_no_user).and_return(false)
|
|
89
|
+
end
|
|
90
|
+
|
|
91
|
+
it "should not call user save" do
|
|
92
|
+
expect(@user).to_not receive(:save!)
|
|
93
|
+
expect(@strategy).to_not receive(:success!)
|
|
94
|
+
expect(@strategy).to receive(:fail!).with(:capturable_user_missing)
|
|
95
|
+
@strategy.authenticate!
|
|
96
|
+
end
|
|
97
|
+
|
|
57
98
|
end
|
|
99
|
+
|
|
58
100
|
end
|
|
59
101
|
|
|
60
102
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: devise_capturable
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.0
|
|
4
|
+
version: 0.1.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Rune Skjoldborg Madsen
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2014-02-
|
|
11
|
+
date: 2014-02-10 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: httparty
|