devise_capturable 0.0.12 → 0.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +7 -4
- data/lib/assets/javascripts/devise_capturable.js +9 -11
- data/lib/devise_capturable/api.rb +12 -5
- data/lib/devise_capturable/locales/en.yml +2 -1
- data/lib/devise_capturable/strategy.rb +22 -8
- data/lib/devise_capturable/version.rb +1 -1
- data/lib/devise_capturable.rb +7 -4
- data/spec/strategy_spec.rb +60 -18
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 777eeba95a9a9dddc942098012ac44ec70f8d8bf
|
|
4
|
+
data.tar.gz: c1d90aca571ef6e8c4b74946a1ddf88df82d3f77
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 2e2625bfcb0682298219ec4d658e1a342dd9c0df7a72168b7f67ba43848ab62d97142407e82201d247fefa684d18430ea02831f8b1abdd20eda4db53ebae1f7d
|
|
7
|
+
data.tar.gz: 8306ca02c040cef24457b3ec007b48eae80dd9ae299f45b7e9647729f874eb7066efa0658da097d7e7dda03d4819a4e6020feba85d6eb2f82ad93667db2d6536
|
data/README.md
CHANGED
|
@@ -1,6 +1,8 @@
|
|
|
1
1
|
# Devise::Capturable
|
|
2
2
|
|
|
3
|
-
`Devise::Capturable` is a gem that makes it possible to use the Janrain Engage user registration widget, while still having a Devise authentication setup with a Rails `User` model.
|
|
3
|
+
`Devise::Capturable` is a gem that makes it possible to use the Janrain Engage user registration widget as a login system, while still having a Devise authentication setup with a Rails `User` model.
|
|
4
|
+
|
|
5
|
+
It can be used right out of the box with automatic user creation, or can be configured to show a "second step form", to add extra values to your user model on top of Janrain.
|
|
4
6
|
|
|
5
7
|
In the following I use the name `User` for the Devise user model, but it will work with any Devise-enabled model.
|
|
6
8
|
|
|
@@ -40,8 +42,9 @@ Devise.setup do |config|
|
|
|
40
42
|
config.capturable_server = "https://myapp.janraincapture.com"
|
|
41
43
|
config.capturable_client_id = "myclientid"
|
|
42
44
|
config.capturable_client_secret = "myclientsecret"
|
|
43
|
-
# Optional, see below
|
|
44
|
-
|
|
45
|
+
config.capturable_redirect_uri = "http://sample.com" # Optional, see below
|
|
46
|
+
config.capturable_auto_create_account = false # Optional, see below
|
|
47
|
+
config.capturable_redirect_if_no_user = "/users/sign_up" # Optional, see below
|
|
45
48
|
end
|
|
46
49
|
```
|
|
47
50
|
|
|
@@ -178,7 +181,7 @@ To do so, you'll need to write your own `janrainCaptureWidgetOnLoad` function an
|
|
|
178
181
|
janrain.capture.ui.start();
|
|
179
182
|
|
|
180
183
|
// afterJanrainLogin is provided by Devise::Capturable to assist with
|
|
181
|
-
// server-side login
|
|
184
|
+
// server-side login. It automatically makes a POST request to /users/sign_in if not configured.
|
|
182
185
|
janrain.events.onCaptureLoginSuccess.addHandler(afterJanrainLogin);
|
|
183
186
|
janrain.events.onCaptureRegistrationSuccess.addHandler(afterJanrainLogin);
|
|
184
187
|
};
|
|
@@ -1,32 +1,30 @@
|
|
|
1
1
|
function afterJanrainLogin(result, path, method)
|
|
2
2
|
{
|
|
3
3
|
path = path || "/users/sign_in";
|
|
4
|
-
method = method || "post"
|
|
4
|
+
method = method || "post";
|
|
5
5
|
|
|
6
6
|
// create form
|
|
7
|
-
var form = $('<form accept-charset="UTF-8" action="' + path + '" method="' + method +'" id="capturable-inject-form"></form>')
|
|
7
|
+
var form = $('<form accept-charset="UTF-8" action="' + path + '" method="' + method +'" id="capturable-inject-form"></form>');
|
|
8
8
|
|
|
9
9
|
// create hidden div in form
|
|
10
|
-
var hidden_els = $('<div style="margin:0;padding:0;display:inline"></div>')
|
|
10
|
+
var hidden_els = $('<div style="margin:0;padding:0;display:inline"></div>');
|
|
11
11
|
|
|
12
12
|
// add utf
|
|
13
|
-
hidden_els.append('<input name="utf8" type="hidden" value="✓">')
|
|
13
|
+
hidden_els.append('<input name="utf8" type="hidden" value="✓">');
|
|
14
14
|
|
|
15
15
|
// grab forgery token
|
|
16
|
-
var token_name = $("meta[name='csrf-param']").attr('content')
|
|
17
|
-
var token_val = $("meta[name='csrf-token']").attr('content')
|
|
16
|
+
var token_name = $("meta[name='csrf-param']").attr('content');
|
|
17
|
+
var token_val = $("meta[name='csrf-token']").attr('content');
|
|
18
18
|
if(token_name && token_val)
|
|
19
19
|
{
|
|
20
|
-
hidden_els.prepend('<input name="'+token_name +'" type="hidden" value="'+token_val+'">')
|
|
20
|
+
hidden_els.prepend('<input name="'+token_name +'" type="hidden" value="'+token_val+'">');
|
|
21
21
|
}
|
|
22
22
|
|
|
23
23
|
// append hidden els to form
|
|
24
|
-
form.append(hidden_els)
|
|
24
|
+
form.append(hidden_els);
|
|
25
25
|
|
|
26
26
|
// add oauth code to form
|
|
27
|
-
form.append('<input id="authorization-code" name="code" type="hidden" value="'+result.authorizationCode+'">')
|
|
28
|
-
|
|
29
|
-
janrain.capture.ui.modal.close();
|
|
27
|
+
form.append('<input id="authorization-code" name="code" type="hidden" value="'+result.authorizationCode+'">');
|
|
30
28
|
|
|
31
29
|
$('body').append(form);
|
|
32
30
|
form.submit()
|
|
@@ -7,19 +7,26 @@ module Devise
|
|
|
7
7
|
|
|
8
8
|
include HTTParty
|
|
9
9
|
format :json
|
|
10
|
-
|
|
11
|
-
|
|
10
|
+
|
|
12
11
|
def self.token(code)
|
|
13
|
-
redirect_uri = Devise.capturable_redirect_uri || 'http://stupidsettings.com'
|
|
14
|
-
|
|
15
12
|
post("#{Devise.capturable_server}/oauth/token", :query => {
|
|
16
13
|
code: code,
|
|
17
|
-
redirect_uri:
|
|
14
|
+
redirect_uri: Devise.capturable_redirect_uri || 'http://stupidsettings.com',
|
|
18
15
|
grant_type: 'authorization_code',
|
|
19
16
|
client_id: Devise.capturable_client_id,
|
|
20
17
|
client_secret: Devise.capturable_client_secret,
|
|
21
18
|
})
|
|
22
19
|
end
|
|
20
|
+
|
|
21
|
+
def self.refresh_token(refresh_token)
|
|
22
|
+
post("#{Devise.capturable_server}/oauth/token", :query => {
|
|
23
|
+
refresh_token: refresh_token,
|
|
24
|
+
redirect_uri: Devise.capturable_redirect_uri || 'http://stupidsettings.com',
|
|
25
|
+
grant_type: 'refresh_token',
|
|
26
|
+
client_id: Devise.capturable_client_id,
|
|
27
|
+
client_secret: Devise.capturable_client_secret,
|
|
28
|
+
})
|
|
29
|
+
end
|
|
23
30
|
|
|
24
31
|
def self.entity(token)
|
|
25
32
|
post("#{Devise.capturable_server}/entity", headers: { 'Authorization' => "OAuth #{token}" })
|
|
@@ -20,7 +20,7 @@ module Devise
|
|
|
20
20
|
|
|
21
21
|
# get an access token from an OAUTH code
|
|
22
22
|
token = Devise::Capturable::API.token(params[:code])
|
|
23
|
-
fail!(:
|
|
23
|
+
fail!(:capturable_user_error) unless token['stat'] == 'ok'
|
|
24
24
|
|
|
25
25
|
# get the user info form the access token
|
|
26
26
|
entity = Devise::Capturable::API.entity(token['access_token'])
|
|
@@ -28,21 +28,35 @@ module Devise
|
|
|
28
28
|
# find user with the capturable params
|
|
29
29
|
user = klass.find_with_capturable_params(entity["result"])
|
|
30
30
|
|
|
31
|
-
# if the user exists
|
|
31
|
+
# if the user exists, sign in
|
|
32
32
|
if user
|
|
33
33
|
user.before_capturable_sign_in(entity["result"], params)
|
|
34
|
-
|
|
35
|
-
|
|
34
|
+
success!(user)
|
|
35
|
+
|
|
36
|
+
# else if we want to auto create users
|
|
37
|
+
elsif Devise.capturable_auto_create_account
|
|
36
38
|
user = klass.new
|
|
37
39
|
user.before_capturable_create(entity["result"], params)
|
|
38
40
|
user.save!
|
|
41
|
+
success!(user)
|
|
42
|
+
|
|
43
|
+
# else redirect to a custom URL
|
|
44
|
+
elsif Devise.capturable_redirect_if_no_user
|
|
45
|
+
|
|
46
|
+
new_token = Devise::Capturable::API.refresh_token(token['refresh_token'])
|
|
47
|
+
return fail!(:capturable_user_error) unless new_token['stat'] == 'ok'
|
|
48
|
+
|
|
49
|
+
fail!(:capturable_user_missing)
|
|
50
|
+
redirect!(Devise.capturable_redirect_if_no_user, :token => new_token["access_token"])
|
|
51
|
+
|
|
52
|
+
# else fail
|
|
53
|
+
else
|
|
54
|
+
fail!(:capturable_user_missing)
|
|
39
55
|
end
|
|
40
56
|
|
|
41
|
-
# sign in the user
|
|
42
|
-
success!(user)
|
|
43
|
-
|
|
44
57
|
rescue Exception => e
|
|
45
|
-
|
|
58
|
+
puts "Devise Capturable Error: #{e}"
|
|
59
|
+
fail!(:capturable_user_error)
|
|
46
60
|
end
|
|
47
61
|
end
|
|
48
62
|
|
data/lib/devise_capturable.rb
CHANGED
|
@@ -8,13 +8,16 @@ Warden::Strategies.add(:capturable, Devise::Capturable::Strategies::Capturable)
|
|
|
8
8
|
require 'devise_capturable/view_helpers'
|
|
9
9
|
|
|
10
10
|
module Devise
|
|
11
|
-
|
|
12
|
-
|
|
13
|
-
|
|
14
|
-
|
|
11
|
+
mattr_accessor :capturable_server
|
|
12
|
+
mattr_accessor :capturable_client_id
|
|
13
|
+
mattr_accessor :capturable_client_secret
|
|
14
|
+
mattr_accessor :capturable_redirect_uri
|
|
15
15
|
mattr_accessor :capturable_auto_create_account
|
|
16
|
+
mattr_accessor :capturable_redirect_if_no_user
|
|
16
17
|
end
|
|
17
18
|
|
|
19
|
+
Devise.capturable_auto_create_account = true
|
|
20
|
+
|
|
18
21
|
I18n.load_path.unshift File.join(File.dirname(__FILE__), *%w[devise_capturable locales en.yml])
|
|
19
22
|
Devise.add_module(:capturable, :strategy => true, :controller => :sessions, :model => 'devise_capturable/model')
|
|
20
23
|
|
data/spec/strategy_spec.rb
CHANGED
|
@@ -22,39 +22,81 @@ describe 'Devise::Capturable' do
|
|
|
22
22
|
allow(Devise::Capturable::API).to receive(:entity).and_return(ENTITY)
|
|
23
23
|
end
|
|
24
24
|
|
|
25
|
-
describe "
|
|
25
|
+
describe "if user exists" do
|
|
26
26
|
|
|
27
|
-
it "should
|
|
27
|
+
it "should sign in" do
|
|
28
28
|
expect(User).to receive(:find_with_capturable_params).with(ENTITY["result"]).and_return(@user)
|
|
29
29
|
expect(@user).to receive(:before_capturable_sign_in).with(ENTITY["result"], PARAMS)
|
|
30
30
|
expect(@user).to_not receive(:save!)
|
|
31
31
|
expect(@strategy).to receive(:success!).with(@user)
|
|
32
|
-
|
|
32
|
+
@strategy.authenticate!
|
|
33
33
|
end
|
|
34
34
|
|
|
35
35
|
end
|
|
36
36
|
|
|
37
|
-
describe
|
|
37
|
+
describe "if user does not exist" do
|
|
38
38
|
|
|
39
39
|
before(:each) do
|
|
40
40
|
expect(User).to receive(:find_with_capturable_params).and_return(nil)
|
|
41
|
-
expect(User).to receive(:new).and_return(@user)
|
|
42
|
-
expect(@user).to receive(:before_capturable_create).with(ENTITY["result"], PARAMS)
|
|
43
41
|
end
|
|
44
|
-
|
|
45
|
-
|
|
46
|
-
|
|
47
|
-
|
|
48
|
-
|
|
49
|
-
|
|
42
|
+
|
|
43
|
+
describe "and capturable_auto_create_account is enabled" do
|
|
44
|
+
|
|
45
|
+
before(:each) do
|
|
46
|
+
Devise.stub(:capturable_auto_create_account).and_return(true)
|
|
47
|
+
expect(User).to receive(:new).and_return(@user)
|
|
48
|
+
expect(@user).to receive(:before_capturable_create).with(ENTITY["result"], PARAMS)
|
|
49
|
+
end
|
|
50
|
+
|
|
51
|
+
it "should fail if not saved" do
|
|
52
|
+
expect(@user).to receive(:save!).and_raise(Exception)
|
|
53
|
+
expect(@strategy).to_not receive(:success!)
|
|
54
|
+
expect(@strategy).to receive(:fail!).with(:capturable_user_error)
|
|
55
|
+
@strategy.authenticate!
|
|
56
|
+
end
|
|
57
|
+
|
|
58
|
+
it "should succeed if saved" do
|
|
59
|
+
expect(@user).to receive(:save!).and_return(true)
|
|
60
|
+
expect(@strategy).to receive(:success!).with(@user)
|
|
61
|
+
expect(@strategy).to_not receive(:fail!)
|
|
62
|
+
@strategy.authenticate!
|
|
63
|
+
end
|
|
64
|
+
|
|
50
65
|
end
|
|
51
|
-
|
|
52
|
-
|
|
53
|
-
|
|
54
|
-
|
|
55
|
-
|
|
56
|
-
|
|
66
|
+
|
|
67
|
+
describe "and capturable_redirect_if_no_user is enabled" do
|
|
68
|
+
|
|
69
|
+
before(:each) do
|
|
70
|
+
Devise.stub(:capturable_auto_create_account).and_return(false)
|
|
71
|
+
Devise.stub(:capturable_redirect_if_no_user).and_return("/users/sign_up")
|
|
72
|
+
end
|
|
73
|
+
|
|
74
|
+
it "should redirect" do
|
|
75
|
+
expect(@user).to_not receive(:save!)
|
|
76
|
+
expect(@strategy).to_not receive(:success!)
|
|
77
|
+
expect(@strategy).to receive(:fail!).with(:capturable_user_missing)
|
|
78
|
+
expect(@strategy).to receive(:redirect!).with("/users/sign_up")
|
|
79
|
+
@strategy.authenticate!
|
|
80
|
+
end
|
|
81
|
+
|
|
82
|
+
end
|
|
83
|
+
|
|
84
|
+
describe "and nothing is enabled" do
|
|
85
|
+
|
|
86
|
+
before(:each) do
|
|
87
|
+
Devise.stub(:capturable_auto_create_account).and_return(false)
|
|
88
|
+
Devise.stub(:capturable_redirect_if_no_user).and_return(false)
|
|
89
|
+
end
|
|
90
|
+
|
|
91
|
+
it "should not call user save" do
|
|
92
|
+
expect(@user).to_not receive(:save!)
|
|
93
|
+
expect(@strategy).to_not receive(:success!)
|
|
94
|
+
expect(@strategy).to receive(:fail!).with(:capturable_user_missing)
|
|
95
|
+
@strategy.authenticate!
|
|
96
|
+
end
|
|
97
|
+
|
|
57
98
|
end
|
|
99
|
+
|
|
58
100
|
end
|
|
59
101
|
|
|
60
102
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: devise_capturable
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.0
|
|
4
|
+
version: 0.1.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Rune Skjoldborg Madsen
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2014-02-
|
|
11
|
+
date: 2014-02-10 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: httparty
|