devise_g5_authenticatable 0.2.5.beta → 0.3.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.travis.yml +2 -1
- data/CHANGELOG.md +6 -0
- data/Gemfile +1 -1
- data/README.md +41 -2
- data/devise_g5_authenticatable.gemspec +2 -2
- data/lib/devise_g5_authenticatable/models/g5_authenticatable.rb +34 -11
- data/lib/devise_g5_authenticatable/version.rb +1 -1
- data/spec/models/g5_authenticatable_spec.rb +80 -0
- metadata +13 -7
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 77d88c2b75b20608b04708cd0ce1d48f90a0c6ee
|
|
4
|
+
data.tar.gz: 470beef996c9d67de0dee57eaf7efaf5e009034a
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 58013eb741a22fe0bf9bd388aee212596b4257a2a73aca75870c60f248d171c92afb37b595c9530eefcb4f6dfb4e5575862f3919e8bb929b4c525027aa808e32
|
|
7
|
+
data.tar.gz: 90df8abd423ddff26f7cf60bd7cdfc4eb0957ac07981beb96fa6ef37f505488c87ac6f945ad4bd69af9c0dda73403e0b9ea5036767121a906c2a90b7aca45329
|
data/.travis.yml
CHANGED
data/CHANGELOG.md
CHANGED
|
@@ -1,3 +1,9 @@
|
|
|
1
|
+
## v0.3.0 (2016-11-03)
|
|
2
|
+
|
|
3
|
+
* Exposes callbacks for more fine-grained control over mapping auth user
|
|
4
|
+
data and roles to local models
|
|
5
|
+
([#25](https://github.com/G5/devise_g5_authenticatable/pull/25))
|
|
6
|
+
|
|
1
7
|
## v0.2.4 (2015-12-09)
|
|
2
8
|
* Same as v0.2.4.beta but not is a stable version!
|
|
3
9
|
|
data/Gemfile
CHANGED
data/README.md
CHANGED
|
@@ -10,11 +10,11 @@ G5 users.
|
|
|
10
10
|
|
|
11
11
|
## Current Version
|
|
12
12
|
|
|
13
|
-
0.
|
|
13
|
+
0.3.0
|
|
14
14
|
|
|
15
15
|
## Requirements
|
|
16
16
|
|
|
17
|
-
* [Ruby](https://github.com/ruby/ruby) >=
|
|
17
|
+
* [Ruby](https://github.com/ruby/ruby) >= 2.0.0
|
|
18
18
|
* [Rails](https://github.com/rails/rails) >= 3.2
|
|
19
19
|
* [Devise](https://github.com/plataformatec/devise) ~> 3.5
|
|
20
20
|
|
|
@@ -150,6 +150,45 @@ class User < ActiveRecord::Base
|
|
|
150
150
|
end
|
|
151
151
|
```
|
|
152
152
|
|
|
153
|
+
Several callbacks are provided in order to hook in your application-specific
|
|
154
|
+
logic for mapping the auth data to your User model. These methods will be
|
|
155
|
+
executed whenever a user logs in.
|
|
156
|
+
|
|
157
|
+
In order to set simple user attributes based on auth data, override the
|
|
158
|
+
`attributes_from_auth` method. Call `super` when you do so in order to pick
|
|
159
|
+
up the minimum set of required user attributes:
|
|
160
|
+
|
|
161
|
+
```ruby
|
|
162
|
+
class User < ActiveRecord::Base
|
|
163
|
+
devise :g5_authenticatable
|
|
164
|
+
|
|
165
|
+
def attributes_from_auth(auth_data)
|
|
166
|
+
super(auth_data).merge({
|
|
167
|
+
name: "#{auth_data.info.first_name} #{auth_data.info.last_name}"
|
|
168
|
+
})
|
|
169
|
+
end
|
|
170
|
+
end
|
|
171
|
+
```
|
|
172
|
+
|
|
173
|
+
If you want to customize the logic for mapping auth role data (which is
|
|
174
|
+
ignored by default), override the `update_roles_from_auth` method:
|
|
175
|
+
|
|
176
|
+
```ruby
|
|
177
|
+
class User < ActiveRecord::Base
|
|
178
|
+
devise :g5_authenticatable
|
|
179
|
+
|
|
180
|
+
def update_roles_from_auth(auth_data)
|
|
181
|
+
auth_data.extra.roles.each do |r|
|
|
182
|
+
# Your custom logic here, for example...
|
|
183
|
+
add_role(role.name, role.type, role.urn)
|
|
184
|
+
end
|
|
185
|
+
end
|
|
186
|
+
end
|
|
187
|
+
```
|
|
188
|
+
|
|
189
|
+
See the [omniauth-g5 documentation](https://github.com/G5/omniauth-g5#auth-hash)
|
|
190
|
+
for the structure of the auth data.
|
|
191
|
+
|
|
153
192
|
### Configuring a custom controller
|
|
154
193
|
|
|
155
194
|
You can use `devise_for` to hook in a custom controller in your routes,
|
|
@@ -20,8 +20,8 @@ Gem::Specification.new do |spec|
|
|
|
20
20
|
|
|
21
21
|
# Pinned to version 3.5.1 due https://github.com/plataformatec/devise/issues/3705
|
|
22
22
|
# "`FailureApp`s `script_name: nil` breaks route generation within mounted engines #3705"
|
|
23
|
-
spec.add_dependency 'devise', '=
|
|
24
|
-
spec.add_dependency 'g5_authentication_client', '~> 0.5'
|
|
23
|
+
spec.add_dependency 'devise', '= 3.5.1'
|
|
24
|
+
spec.add_dependency 'g5_authentication_client', '~> 0.5', '>= 0.5.4'
|
|
25
25
|
|
|
26
26
|
# Pinned to version 0.3.1 due https://github.com/G5/omniauth-g5/pull/10
|
|
27
27
|
# Omniauth-auth2 removed 'callback_url' which broke our auth workflow
|
|
@@ -70,6 +70,23 @@ module Devise
|
|
|
70
70
|
save!
|
|
71
71
|
end
|
|
72
72
|
|
|
73
|
+
def attributes_from_auth(auth_data)
|
|
74
|
+
{
|
|
75
|
+
uid: auth_data.uid,
|
|
76
|
+
provider: auth_data.provider,
|
|
77
|
+
email: auth_data.info.email
|
|
78
|
+
}.with_indifferent_access
|
|
79
|
+
end
|
|
80
|
+
|
|
81
|
+
def update_roles_from_auth(auth_data)
|
|
82
|
+
end
|
|
83
|
+
|
|
84
|
+
def update_from_auth(auth_data)
|
|
85
|
+
assign_attributes(attributes_from_auth(auth_data))
|
|
86
|
+
update_g5_credentials(auth_data)
|
|
87
|
+
update_roles_from_auth(auth_data)
|
|
88
|
+
end
|
|
89
|
+
|
|
73
90
|
module ClassMethods
|
|
74
91
|
def find_for_g5_oauth(oauth_data)
|
|
75
92
|
found_user = find_by_provider_and_uid(oauth_data.provider.to_s, oauth_data.uid.to_s)
|
|
@@ -77,24 +94,30 @@ module Devise
|
|
|
77
94
|
find_by_email_and_provider(oauth_data.info.email, oauth_data.provider.to_s)
|
|
78
95
|
end
|
|
79
96
|
|
|
80
|
-
def find_and_update_for_g5_oauth(
|
|
81
|
-
resource = find_for_g5_oauth(
|
|
97
|
+
def find_and_update_for_g5_oauth(auth_data)
|
|
98
|
+
resource = find_for_g5_oauth(auth_data)
|
|
82
99
|
if resource
|
|
83
|
-
resource.
|
|
84
|
-
resource.save!
|
|
100
|
+
resource.update_from_auth(auth_data)
|
|
101
|
+
without_auth_callback { resource.save! }
|
|
85
102
|
end
|
|
86
103
|
resource
|
|
87
104
|
end
|
|
88
105
|
|
|
89
106
|
def new_with_session(params, session)
|
|
90
|
-
|
|
91
|
-
|
|
92
|
-
|
|
93
|
-
|
|
94
|
-
|
|
95
|
-
|
|
107
|
+
auth_data = session && session['omniauth.auth']
|
|
108
|
+
|
|
109
|
+
resource = new
|
|
110
|
+
resource.update_from_auth(auth_data) if auth_data.present?
|
|
111
|
+
resource.assign_attributes(params) unless params.empty?
|
|
112
|
+
|
|
113
|
+
resource
|
|
114
|
+
end
|
|
96
115
|
|
|
97
|
-
|
|
116
|
+
private
|
|
117
|
+
def without_auth_callback
|
|
118
|
+
skip_callback :save, :before, :auth_user
|
|
119
|
+
yield
|
|
120
|
+
set_callback :save, :before, :auth_user
|
|
98
121
|
end
|
|
99
122
|
end
|
|
100
123
|
end
|
|
@@ -350,12 +350,28 @@ describe Devise::Models::G5Authenticatable do
|
|
|
350
350
|
model.reload
|
|
351
351
|
expect(model.g5_access_token).to eq(auth_data.credentials.token)
|
|
352
352
|
end
|
|
353
|
+
|
|
354
|
+
it 'should save the updated email' do
|
|
355
|
+
find_and_update
|
|
356
|
+
model.reload
|
|
357
|
+
expect(model.email).to eq(auth_data.info.email)
|
|
358
|
+
end
|
|
359
|
+
|
|
360
|
+
it 'executes the callback to update role data' do
|
|
361
|
+
expect_any_instance_of(model_class).to receive(:update_roles_from_auth).with(auth_data)
|
|
362
|
+
find_and_update
|
|
363
|
+
end
|
|
353
364
|
end
|
|
354
365
|
|
|
355
366
|
context 'when model does not exist' do
|
|
356
367
|
it 'should return nothing' do
|
|
357
368
|
expect(find_and_update).to be_nil
|
|
358
369
|
end
|
|
370
|
+
|
|
371
|
+
it 'does not execute the callback to update role data' do
|
|
372
|
+
expect_any_instance_of(model_class).to_not receive(:update_roles_from_auth)
|
|
373
|
+
find_and_update
|
|
374
|
+
end
|
|
359
375
|
end
|
|
360
376
|
end
|
|
361
377
|
|
|
@@ -511,6 +527,8 @@ describe Devise::Models::G5Authenticatable do
|
|
|
511
527
|
credentials: { token: 'abc123' })
|
|
512
528
|
end
|
|
513
529
|
|
|
530
|
+
before { allow_any_instance_of(model_class).to receive(:update_roles_from_auth) }
|
|
531
|
+
|
|
514
532
|
context 'with params' do
|
|
515
533
|
let(:params) do
|
|
516
534
|
{ 'email' => email_param }
|
|
@@ -533,6 +551,10 @@ describe Devise::Models::G5Authenticatable do
|
|
|
533
551
|
it 'should set the uid from the session' do
|
|
534
552
|
expect(new_with_session.uid).to eq(auth_data.uid)
|
|
535
553
|
end
|
|
554
|
+
|
|
555
|
+
it 'executes the callback to update role data' do
|
|
556
|
+
expect(new_with_session).to have_received(:update_roles_from_auth).with(auth_data)
|
|
557
|
+
end
|
|
536
558
|
end
|
|
537
559
|
|
|
538
560
|
context 'without session data' do
|
|
@@ -551,6 +573,11 @@ describe Devise::Models::G5Authenticatable do
|
|
|
551
573
|
it 'should not set the uid' do
|
|
552
574
|
expect(new_with_session.uid).to be_nil
|
|
553
575
|
end
|
|
576
|
+
|
|
577
|
+
it 'should not execute the callback to update role data' do
|
|
578
|
+
expect_any_instance_of(model_class).not_to receive(:update_roles_from_auth)
|
|
579
|
+
new_with_session
|
|
580
|
+
end
|
|
554
581
|
end
|
|
555
582
|
end
|
|
556
583
|
|
|
@@ -575,6 +602,10 @@ describe Devise::Models::G5Authenticatable do
|
|
|
575
602
|
it 'should set the uid from the session' do
|
|
576
603
|
expect(new_with_session.uid).to eq(auth_data.uid)
|
|
577
604
|
end
|
|
605
|
+
|
|
606
|
+
it 'executes the callback to update role data' do
|
|
607
|
+
expect(new_with_session).to have_received(:update_roles_from_auth).with(auth_data)
|
|
608
|
+
end
|
|
578
609
|
end
|
|
579
610
|
|
|
580
611
|
context 'without session data' do
|
|
@@ -593,7 +624,56 @@ describe Devise::Models::G5Authenticatable do
|
|
|
593
624
|
it 'should not set the uid' do
|
|
594
625
|
expect(new_with_session.uid).to be_nil
|
|
595
626
|
end
|
|
627
|
+
|
|
628
|
+
it 'does not execute the callback to update role data' do
|
|
629
|
+
expect_any_instance_of(model_class).not_to receive(:update_roles_from_auth)
|
|
630
|
+
new_with_session
|
|
631
|
+
end
|
|
596
632
|
end
|
|
597
633
|
end
|
|
598
634
|
end
|
|
635
|
+
|
|
636
|
+
describe '#attributes_from_auth' do
|
|
637
|
+
subject(:attributes_from_auth) { model.attributes_from_auth(auth_data) }
|
|
638
|
+
|
|
639
|
+
let(:auth_data) do
|
|
640
|
+
OmniAuth::AuthHash.new(provider: 'g5',
|
|
641
|
+
uid: '123999',
|
|
642
|
+
info: { first_name: 'Foo',
|
|
643
|
+
last_name: 'Bar',
|
|
644
|
+
email: 'foo@bar.com',
|
|
645
|
+
phone: '123-555-1212 x42'},
|
|
646
|
+
credentials: { token: 'abc123' },
|
|
647
|
+
extra: { title: 'Minister of Funny Walks',
|
|
648
|
+
organization_name: 'Dept of Redundancy Dept' })
|
|
649
|
+
end
|
|
650
|
+
|
|
651
|
+
it 'has the correct uid' do
|
|
652
|
+
expect(attributes_from_auth[:uid]).to eq(auth_data.uid)
|
|
653
|
+
end
|
|
654
|
+
|
|
655
|
+
it 'has the correct provider' do
|
|
656
|
+
expect(attributes_from_auth[:provider]).to eq(auth_data.provider)
|
|
657
|
+
end
|
|
658
|
+
|
|
659
|
+
it 'has the correct email' do
|
|
660
|
+
expect(attributes_from_auth[:email]).to eq(auth_data.info.email)
|
|
661
|
+
end
|
|
662
|
+
end
|
|
663
|
+
|
|
664
|
+
describe '#update_roles_from_auth' do
|
|
665
|
+
subject(:update_roles) { model.update_roles_from_auth(auth_data) }
|
|
666
|
+
|
|
667
|
+
let(:auth_data) do
|
|
668
|
+
OmniAuth::AuthHash.new(provider: 'g5',
|
|
669
|
+
uid: '123456',
|
|
670
|
+
extra: { roles: [
|
|
671
|
+
{ name: 'Admin', type: 'GLOBAL', urn: nil }
|
|
672
|
+
]})
|
|
673
|
+
end
|
|
674
|
+
|
|
675
|
+
it 'does not change anything on the model' do
|
|
676
|
+
expect { update_roles }.to_not change { model }
|
|
677
|
+
end
|
|
678
|
+
end
|
|
599
679
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: devise_g5_authenticatable
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.3.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Maeve Revels
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2016-
|
|
11
|
+
date: 2016-11-03 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: devise
|
|
@@ -16,14 +16,14 @@ dependencies:
|
|
|
16
16
|
requirements:
|
|
17
17
|
- - '='
|
|
18
18
|
- !ruby/object:Gem::Version
|
|
19
|
-
version:
|
|
19
|
+
version: 3.5.1
|
|
20
20
|
type: :runtime
|
|
21
21
|
prerelease: false
|
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
|
23
23
|
requirements:
|
|
24
24
|
- - '='
|
|
25
25
|
- !ruby/object:Gem::Version
|
|
26
|
-
version:
|
|
26
|
+
version: 3.5.1
|
|
27
27
|
- !ruby/object:Gem::Dependency
|
|
28
28
|
name: g5_authentication_client
|
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -31,6 +31,9 @@ dependencies:
|
|
|
31
31
|
- - "~>"
|
|
32
32
|
- !ruby/object:Gem::Version
|
|
33
33
|
version: '0.5'
|
|
34
|
+
- - ">="
|
|
35
|
+
- !ruby/object:Gem::Version
|
|
36
|
+
version: 0.5.4
|
|
34
37
|
type: :runtime
|
|
35
38
|
prerelease: false
|
|
36
39
|
version_requirements: !ruby/object:Gem::Requirement
|
|
@@ -38,6 +41,9 @@ dependencies:
|
|
|
38
41
|
- - "~>"
|
|
39
42
|
- !ruby/object:Gem::Version
|
|
40
43
|
version: '0.5'
|
|
44
|
+
- - ">="
|
|
45
|
+
- !ruby/object:Gem::Version
|
|
46
|
+
version: 0.5.4
|
|
41
47
|
- !ruby/object:Gem::Dependency
|
|
42
48
|
name: omniauth-g5
|
|
43
49
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -194,12 +200,12 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
|
194
200
|
version: '0'
|
|
195
201
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
196
202
|
requirements:
|
|
197
|
-
- - "
|
|
203
|
+
- - ">="
|
|
198
204
|
- !ruby/object:Gem::Version
|
|
199
|
-
version:
|
|
205
|
+
version: '0'
|
|
200
206
|
requirements: []
|
|
201
207
|
rubyforge_project:
|
|
202
|
-
rubygems_version: 2.
|
|
208
|
+
rubygems_version: 2.5.1
|
|
203
209
|
signing_key:
|
|
204
210
|
specification_version: 4
|
|
205
211
|
summary: Devise extension for the G5 Auth service
|