devise_g5_authenticatable 0.2.5.beta → 0.3.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.travis.yml +2 -1
- data/CHANGELOG.md +6 -0
- data/Gemfile +1 -1
- data/README.md +41 -2
- data/devise_g5_authenticatable.gemspec +2 -2
- data/lib/devise_g5_authenticatable/models/g5_authenticatable.rb +34 -11
- data/lib/devise_g5_authenticatable/version.rb +1 -1
- data/spec/models/g5_authenticatable_spec.rb +80 -0
- metadata +13 -7
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 77d88c2b75b20608b04708cd0ce1d48f90a0c6ee
|
|
4
|
+
data.tar.gz: 470beef996c9d67de0dee57eaf7efaf5e009034a
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 58013eb741a22fe0bf9bd388aee212596b4257a2a73aca75870c60f248d171c92afb37b595c9530eefcb4f6dfb4e5575862f3919e8bb929b4c525027aa808e32
|
|
7
|
+
data.tar.gz: 90df8abd423ddff26f7cf60bd7cdfc4eb0957ac07981beb96fa6ef37f505488c87ac6f945ad4bd69af9c0dda73403e0b9ea5036767121a906c2a90b7aca45329
|
data/.travis.yml
CHANGED
data/CHANGELOG.md
CHANGED
|
@@ -1,3 +1,9 @@
|
|
|
1
|
+
## v0.3.0 (2016-11-03)
|
|
2
|
+
|
|
3
|
+
* Exposes callbacks for more fine-grained control over mapping auth user
|
|
4
|
+
data and roles to local models
|
|
5
|
+
([#25](https://github.com/G5/devise_g5_authenticatable/pull/25))
|
|
6
|
+
|
|
1
7
|
## v0.2.4 (2015-12-09)
|
|
2
8
|
* Same as v0.2.4.beta but not is a stable version!
|
|
3
9
|
|
data/Gemfile
CHANGED
data/README.md
CHANGED
|
@@ -10,11 +10,11 @@ G5 users.
|
|
|
10
10
|
|
|
11
11
|
## Current Version
|
|
12
12
|
|
|
13
|
-
0.
|
|
13
|
+
0.3.0
|
|
14
14
|
|
|
15
15
|
## Requirements
|
|
16
16
|
|
|
17
|
-
* [Ruby](https://github.com/ruby/ruby) >=
|
|
17
|
+
* [Ruby](https://github.com/ruby/ruby) >= 2.0.0
|
|
18
18
|
* [Rails](https://github.com/rails/rails) >= 3.2
|
|
19
19
|
* [Devise](https://github.com/plataformatec/devise) ~> 3.5
|
|
20
20
|
|
|
@@ -150,6 +150,45 @@ class User < ActiveRecord::Base
|
|
|
150
150
|
end
|
|
151
151
|
```
|
|
152
152
|
|
|
153
|
+
Several callbacks are provided in order to hook in your application-specific
|
|
154
|
+
logic for mapping the auth data to your User model. These methods will be
|
|
155
|
+
executed whenever a user logs in.
|
|
156
|
+
|
|
157
|
+
In order to set simple user attributes based on auth data, override the
|
|
158
|
+
`attributes_from_auth` method. Call `super` when you do so in order to pick
|
|
159
|
+
up the minimum set of required user attributes:
|
|
160
|
+
|
|
161
|
+
```ruby
|
|
162
|
+
class User < ActiveRecord::Base
|
|
163
|
+
devise :g5_authenticatable
|
|
164
|
+
|
|
165
|
+
def attributes_from_auth(auth_data)
|
|
166
|
+
super(auth_data).merge({
|
|
167
|
+
name: "#{auth_data.info.first_name} #{auth_data.info.last_name}"
|
|
168
|
+
})
|
|
169
|
+
end
|
|
170
|
+
end
|
|
171
|
+
```
|
|
172
|
+
|
|
173
|
+
If you want to customize the logic for mapping auth role data (which is
|
|
174
|
+
ignored by default), override the `update_roles_from_auth` method:
|
|
175
|
+
|
|
176
|
+
```ruby
|
|
177
|
+
class User < ActiveRecord::Base
|
|
178
|
+
devise :g5_authenticatable
|
|
179
|
+
|
|
180
|
+
def update_roles_from_auth(auth_data)
|
|
181
|
+
auth_data.extra.roles.each do |r|
|
|
182
|
+
# Your custom logic here, for example...
|
|
183
|
+
add_role(role.name, role.type, role.urn)
|
|
184
|
+
end
|
|
185
|
+
end
|
|
186
|
+
end
|
|
187
|
+
```
|
|
188
|
+
|
|
189
|
+
See the [omniauth-g5 documentation](https://github.com/G5/omniauth-g5#auth-hash)
|
|
190
|
+
for the structure of the auth data.
|
|
191
|
+
|
|
153
192
|
### Configuring a custom controller
|
|
154
193
|
|
|
155
194
|
You can use `devise_for` to hook in a custom controller in your routes,
|
|
@@ -20,8 +20,8 @@ Gem::Specification.new do |spec|
|
|
|
20
20
|
|
|
21
21
|
# Pinned to version 3.5.1 due https://github.com/plataformatec/devise/issues/3705
|
|
22
22
|
# "`FailureApp`s `script_name: nil` breaks route generation within mounted engines #3705"
|
|
23
|
-
spec.add_dependency 'devise', '=
|
|
24
|
-
spec.add_dependency 'g5_authentication_client', '~> 0.5'
|
|
23
|
+
spec.add_dependency 'devise', '= 3.5.1'
|
|
24
|
+
spec.add_dependency 'g5_authentication_client', '~> 0.5', '>= 0.5.4'
|
|
25
25
|
|
|
26
26
|
# Pinned to version 0.3.1 due https://github.com/G5/omniauth-g5/pull/10
|
|
27
27
|
# Omniauth-auth2 removed 'callback_url' which broke our auth workflow
|
|
@@ -70,6 +70,23 @@ module Devise
|
|
|
70
70
|
save!
|
|
71
71
|
end
|
|
72
72
|
|
|
73
|
+
def attributes_from_auth(auth_data)
|
|
74
|
+
{
|
|
75
|
+
uid: auth_data.uid,
|
|
76
|
+
provider: auth_data.provider,
|
|
77
|
+
email: auth_data.info.email
|
|
78
|
+
}.with_indifferent_access
|
|
79
|
+
end
|
|
80
|
+
|
|
81
|
+
def update_roles_from_auth(auth_data)
|
|
82
|
+
end
|
|
83
|
+
|
|
84
|
+
def update_from_auth(auth_data)
|
|
85
|
+
assign_attributes(attributes_from_auth(auth_data))
|
|
86
|
+
update_g5_credentials(auth_data)
|
|
87
|
+
update_roles_from_auth(auth_data)
|
|
88
|
+
end
|
|
89
|
+
|
|
73
90
|
module ClassMethods
|
|
74
91
|
def find_for_g5_oauth(oauth_data)
|
|
75
92
|
found_user = find_by_provider_and_uid(oauth_data.provider.to_s, oauth_data.uid.to_s)
|
|
@@ -77,24 +94,30 @@ module Devise
|
|
|
77
94
|
find_by_email_and_provider(oauth_data.info.email, oauth_data.provider.to_s)
|
|
78
95
|
end
|
|
79
96
|
|
|
80
|
-
def find_and_update_for_g5_oauth(
|
|
81
|
-
resource = find_for_g5_oauth(
|
|
97
|
+
def find_and_update_for_g5_oauth(auth_data)
|
|
98
|
+
resource = find_for_g5_oauth(auth_data)
|
|
82
99
|
if resource
|
|
83
|
-
resource.
|
|
84
|
-
resource.save!
|
|
100
|
+
resource.update_from_auth(auth_data)
|
|
101
|
+
without_auth_callback { resource.save! }
|
|
85
102
|
end
|
|
86
103
|
resource
|
|
87
104
|
end
|
|
88
105
|
|
|
89
106
|
def new_with_session(params, session)
|
|
90
|
-
|
|
91
|
-
|
|
92
|
-
|
|
93
|
-
|
|
94
|
-
|
|
95
|
-
|
|
107
|
+
auth_data = session && session['omniauth.auth']
|
|
108
|
+
|
|
109
|
+
resource = new
|
|
110
|
+
resource.update_from_auth(auth_data) if auth_data.present?
|
|
111
|
+
resource.assign_attributes(params) unless params.empty?
|
|
112
|
+
|
|
113
|
+
resource
|
|
114
|
+
end
|
|
96
115
|
|
|
97
|
-
|
|
116
|
+
private
|
|
117
|
+
def without_auth_callback
|
|
118
|
+
skip_callback :save, :before, :auth_user
|
|
119
|
+
yield
|
|
120
|
+
set_callback :save, :before, :auth_user
|
|
98
121
|
end
|
|
99
122
|
end
|
|
100
123
|
end
|
|
@@ -350,12 +350,28 @@ describe Devise::Models::G5Authenticatable do
|
|
|
350
350
|
model.reload
|
|
351
351
|
expect(model.g5_access_token).to eq(auth_data.credentials.token)
|
|
352
352
|
end
|
|
353
|
+
|
|
354
|
+
it 'should save the updated email' do
|
|
355
|
+
find_and_update
|
|
356
|
+
model.reload
|
|
357
|
+
expect(model.email).to eq(auth_data.info.email)
|
|
358
|
+
end
|
|
359
|
+
|
|
360
|
+
it 'executes the callback to update role data' do
|
|
361
|
+
expect_any_instance_of(model_class).to receive(:update_roles_from_auth).with(auth_data)
|
|
362
|
+
find_and_update
|
|
363
|
+
end
|
|
353
364
|
end
|
|
354
365
|
|
|
355
366
|
context 'when model does not exist' do
|
|
356
367
|
it 'should return nothing' do
|
|
357
368
|
expect(find_and_update).to be_nil
|
|
358
369
|
end
|
|
370
|
+
|
|
371
|
+
it 'does not execute the callback to update role data' do
|
|
372
|
+
expect_any_instance_of(model_class).to_not receive(:update_roles_from_auth)
|
|
373
|
+
find_and_update
|
|
374
|
+
end
|
|
359
375
|
end
|
|
360
376
|
end
|
|
361
377
|
|
|
@@ -511,6 +527,8 @@ describe Devise::Models::G5Authenticatable do
|
|
|
511
527
|
credentials: { token: 'abc123' })
|
|
512
528
|
end
|
|
513
529
|
|
|
530
|
+
before { allow_any_instance_of(model_class).to receive(:update_roles_from_auth) }
|
|
531
|
+
|
|
514
532
|
context 'with params' do
|
|
515
533
|
let(:params) do
|
|
516
534
|
{ 'email' => email_param }
|
|
@@ -533,6 +551,10 @@ describe Devise::Models::G5Authenticatable do
|
|
|
533
551
|
it 'should set the uid from the session' do
|
|
534
552
|
expect(new_with_session.uid).to eq(auth_data.uid)
|
|
535
553
|
end
|
|
554
|
+
|
|
555
|
+
it 'executes the callback to update role data' do
|
|
556
|
+
expect(new_with_session).to have_received(:update_roles_from_auth).with(auth_data)
|
|
557
|
+
end
|
|
536
558
|
end
|
|
537
559
|
|
|
538
560
|
context 'without session data' do
|
|
@@ -551,6 +573,11 @@ describe Devise::Models::G5Authenticatable do
|
|
|
551
573
|
it 'should not set the uid' do
|
|
552
574
|
expect(new_with_session.uid).to be_nil
|
|
553
575
|
end
|
|
576
|
+
|
|
577
|
+
it 'should not execute the callback to update role data' do
|
|
578
|
+
expect_any_instance_of(model_class).not_to receive(:update_roles_from_auth)
|
|
579
|
+
new_with_session
|
|
580
|
+
end
|
|
554
581
|
end
|
|
555
582
|
end
|
|
556
583
|
|
|
@@ -575,6 +602,10 @@ describe Devise::Models::G5Authenticatable do
|
|
|
575
602
|
it 'should set the uid from the session' do
|
|
576
603
|
expect(new_with_session.uid).to eq(auth_data.uid)
|
|
577
604
|
end
|
|
605
|
+
|
|
606
|
+
it 'executes the callback to update role data' do
|
|
607
|
+
expect(new_with_session).to have_received(:update_roles_from_auth).with(auth_data)
|
|
608
|
+
end
|
|
578
609
|
end
|
|
579
610
|
|
|
580
611
|
context 'without session data' do
|
|
@@ -593,7 +624,56 @@ describe Devise::Models::G5Authenticatable do
|
|
|
593
624
|
it 'should not set the uid' do
|
|
594
625
|
expect(new_with_session.uid).to be_nil
|
|
595
626
|
end
|
|
627
|
+
|
|
628
|
+
it 'does not execute the callback to update role data' do
|
|
629
|
+
expect_any_instance_of(model_class).not_to receive(:update_roles_from_auth)
|
|
630
|
+
new_with_session
|
|
631
|
+
end
|
|
596
632
|
end
|
|
597
633
|
end
|
|
598
634
|
end
|
|
635
|
+
|
|
636
|
+
describe '#attributes_from_auth' do
|
|
637
|
+
subject(:attributes_from_auth) { model.attributes_from_auth(auth_data) }
|
|
638
|
+
|
|
639
|
+
let(:auth_data) do
|
|
640
|
+
OmniAuth::AuthHash.new(provider: 'g5',
|
|
641
|
+
uid: '123999',
|
|
642
|
+
info: { first_name: 'Foo',
|
|
643
|
+
last_name: 'Bar',
|
|
644
|
+
email: 'foo@bar.com',
|
|
645
|
+
phone: '123-555-1212 x42'},
|
|
646
|
+
credentials: { token: 'abc123' },
|
|
647
|
+
extra: { title: 'Minister of Funny Walks',
|
|
648
|
+
organization_name: 'Dept of Redundancy Dept' })
|
|
649
|
+
end
|
|
650
|
+
|
|
651
|
+
it 'has the correct uid' do
|
|
652
|
+
expect(attributes_from_auth[:uid]).to eq(auth_data.uid)
|
|
653
|
+
end
|
|
654
|
+
|
|
655
|
+
it 'has the correct provider' do
|
|
656
|
+
expect(attributes_from_auth[:provider]).to eq(auth_data.provider)
|
|
657
|
+
end
|
|
658
|
+
|
|
659
|
+
it 'has the correct email' do
|
|
660
|
+
expect(attributes_from_auth[:email]).to eq(auth_data.info.email)
|
|
661
|
+
end
|
|
662
|
+
end
|
|
663
|
+
|
|
664
|
+
describe '#update_roles_from_auth' do
|
|
665
|
+
subject(:update_roles) { model.update_roles_from_auth(auth_data) }
|
|
666
|
+
|
|
667
|
+
let(:auth_data) do
|
|
668
|
+
OmniAuth::AuthHash.new(provider: 'g5',
|
|
669
|
+
uid: '123456',
|
|
670
|
+
extra: { roles: [
|
|
671
|
+
{ name: 'Admin', type: 'GLOBAL', urn: nil }
|
|
672
|
+
]})
|
|
673
|
+
end
|
|
674
|
+
|
|
675
|
+
it 'does not change anything on the model' do
|
|
676
|
+
expect { update_roles }.to_not change { model }
|
|
677
|
+
end
|
|
678
|
+
end
|
|
599
679
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: devise_g5_authenticatable
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.3.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Maeve Revels
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2016-
|
|
11
|
+
date: 2016-11-03 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: devise
|
|
@@ -16,14 +16,14 @@ dependencies:
|
|
|
16
16
|
requirements:
|
|
17
17
|
- - '='
|
|
18
18
|
- !ruby/object:Gem::Version
|
|
19
|
-
version:
|
|
19
|
+
version: 3.5.1
|
|
20
20
|
type: :runtime
|
|
21
21
|
prerelease: false
|
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
|
23
23
|
requirements:
|
|
24
24
|
- - '='
|
|
25
25
|
- !ruby/object:Gem::Version
|
|
26
|
-
version:
|
|
26
|
+
version: 3.5.1
|
|
27
27
|
- !ruby/object:Gem::Dependency
|
|
28
28
|
name: g5_authentication_client
|
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -31,6 +31,9 @@ dependencies:
|
|
|
31
31
|
- - "~>"
|
|
32
32
|
- !ruby/object:Gem::Version
|
|
33
33
|
version: '0.5'
|
|
34
|
+
- - ">="
|
|
35
|
+
- !ruby/object:Gem::Version
|
|
36
|
+
version: 0.5.4
|
|
34
37
|
type: :runtime
|
|
35
38
|
prerelease: false
|
|
36
39
|
version_requirements: !ruby/object:Gem::Requirement
|
|
@@ -38,6 +41,9 @@ dependencies:
|
|
|
38
41
|
- - "~>"
|
|
39
42
|
- !ruby/object:Gem::Version
|
|
40
43
|
version: '0.5'
|
|
44
|
+
- - ">="
|
|
45
|
+
- !ruby/object:Gem::Version
|
|
46
|
+
version: 0.5.4
|
|
41
47
|
- !ruby/object:Gem::Dependency
|
|
42
48
|
name: omniauth-g5
|
|
43
49
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -194,12 +200,12 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
|
194
200
|
version: '0'
|
|
195
201
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
196
202
|
requirements:
|
|
197
|
-
- - "
|
|
203
|
+
- - ">="
|
|
198
204
|
- !ruby/object:Gem::Version
|
|
199
|
-
version:
|
|
205
|
+
version: '0'
|
|
200
206
|
requirements: []
|
|
201
207
|
rubyforge_project:
|
|
202
|
-
rubygems_version: 2.
|
|
208
|
+
rubygems_version: 2.5.1
|
|
203
209
|
signing_key:
|
|
204
210
|
specification_version: 4
|
|
205
211
|
summary: Devise extension for the G5 Auth service
|