discourse_dev 0.0.5 → 0.2.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: b494dc262cd9afaa6f8f3906f3f9f23cb452cf852504dc095f411ece98858119
-  data.tar.gz: c98f3d163fa2e68b6bedd53984924432ecd1234534425d2cba565614d1fa3a59
+  metadata.gz: 7b049db0091c35d6b2a6cdfe9cb8edd13d6c9223fc6db11d470b63b2086ca1b6
+  data.tar.gz: 245fada164d5df70e92b0bab7a300ac9e7e1c46f45413aefa1a560f401daf45c
 SHA512:
-  metadata.gz: 37b9f8b3f1fd4a555e260de5f4470236c2f68bc9141b5b68171d210b933137e1f6364de8213a6e189af25d5f36deb26b6641bcef6e9f8518e147615f366b7b67
-  data.tar.gz: d7b3b6502018d94908f0364f191834be6000f0d4341e66504214cfa1d1b1738897f34b8534c037aa3ac8382811b97ad981b484844179c6b9bd6f83fa19fd9995
+  metadata.gz: fdfdfd17d4dfcd3296f2bd5ee33624735137b32be17fc6323744bf3a84e1342aff90d842dbcea1190cce77fca695cd7d90aae535a9885ad7cd680e0504da4823
+  data.tar.gz: f87c9a09964b560cf535e49065d58b8fc0009e0d44b391ae721fec3d78bf725a9e46bb29f559c7988792ecd37deb40f467c6cd647d95c952122677d450af9c40

data/.rubocop.yml

@@ -0,0 +1,2 @@
+inherit_gem:
+  rubocop-discourse: default.yml

data/auth/app/views/fake_discourse_connect/form.html.erb

@@ -0,0 +1,120 @@
+<%# Layout/CSS borrowed from Omniauth's Form system %>
+<!DOCTYPE html>
+<html>
+   <head>
+      <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
+      <title>Fake DiscourseConnect Provider</title>
+      <style type='text/css'>
+        body {
+          background: #ccc;
+          font-family: "Lucida Grande", "Lucida Sans", Helvetica, Arial, sans-serif;
+        }
+
+        h1 {
+          text-align: center;
+          margin: 30px auto 0px;
+          font-size: 18px;
+          padding: 10px 10px 15px;
+          background: #555;
+          color: white;
+          width: 320px;
+          border: 10px solid #444;
+          border-bottom: 0;
+          -moz-border-radius-topleft: 10px;
+          -moz-border-radius-topright: 10px;
+          -webkit-border-top-left-radius: 10px;
+          -webkit-border-top-right-radius: 10px;
+          border-top-left-radius: 10px;
+          border-top-right-radius: 10px;
+        }
+
+        h1,
+        form {
+          -moz-box-shadow: 2px 2px 7px rgba(0, 0, 0, 0.3);
+          -webkit-box-shadow: 2px 2px 7px rgba(0, 0, 0, 0.3);
+        }
+
+        form {
+          background: white;
+          border: 10px solid #eee;
+          border-top: 0;
+          padding: 20px;
+          margin: 0px auto 40px;
+          width: 300px;
+          -moz-border-radius-bottomleft: 10px;
+          -moz-border-radius-bottomright: 10px;
+          -webkit-border-bottom-left-radius: 10px;
+          -webkit-border-bottom-right-radius: 10px;
+          border-bottom-left-radius: 10px;
+          border-bottom-right-radius: 10px;
+        }
+
+        label {
+          display: block;
+          font-weight: bold;
+          margin-bottom: 5px;
+        }
+
+        input, select {
+          font-size: 18px;
+          padding: 4px 8px;
+          display: block;
+          margin-bottom: 10px;
+          width: 280px;
+        }
+
+        select {
+          width: calc(280px + 20px);
+        }
+
+        button {
+          font-size: 22px;
+          padding: 4px 8px;
+          display: block;
+          margin: 20px auto 0;
+        }
+
+        fieldset {
+          border: 1px solid #ccc;
+          border-left: 0;
+          border-right: 0;
+          padding: 10px 0;
+        }
+
+        fieldset input {
+          width: 260px;
+          font-size: 16px;
+        }
+
+        details summary {
+          cursor: pointer;
+          margin-bottom: 10px;
+        }
+      </style>
+   </head>
+   <body>
+      <h1>Fake DiscourseConnect Provider</h1>
+      <form method='post' noValidate='noValidate'>
+        <input type='hidden' name='sso_payload' value='<%= @payload %>'/>
+        <% @simple_fields.each do |f| %>
+          <label for='<%= f %>'><%= f %>:</label><input type='text' id='<%= f %>' name='<%= f %>' value='<%= @defaults[f] %>'/>
+        <% end %>
+        <details>
+          <summary>Advanced</summary>
+          <% @advanced_fields.each do |f| %>
+            <% if @bools.include? f %>
+              <label for='<%= f %>'><%= f %>:</label>
+              <select name="<%= f %>" id="<%= f %>">
+                <% ["", "true", "false"].each do |opt| %>
+                  <option <%= "selected" if @defaults[f] == opt %> value="<%= opt %>"><%= opt %></option>
+                <% end %>
+              </select>
+            <% else %>
+              <label for='<%= f %>'><%= f %>:</label><input type='text' id='<%= f %>' name='<%= f %>' value='<%= @defaults[f] %>'/>
+            <% end %>
+          <% end %>
+        </details>
+        <button type='submit'>Go</button>
+      </form>
+   </body>
+</html>

data/auth/plugin.rb

@@ -0,0 +1,219 @@
+# frozen_string_literal: true
+
+# name: discourse-development-auth
+# about: A fake authentication provider for development puposes only
+# version: 1.0
+# authors: David Taylor
+# url: https://github.com/discourse/discourse-development-auth
+
+raise "discourse-development-auth is highly insecure and should not be installed in production" if Rails.env.production?
+
+PLUGIN_NAME = "discourse-development-auth"
+
+module ::OmniAuth
+  module Strategies
+    class Development
+      include ::OmniAuth::Strategy
+
+      FIELDS = %w{
+        uid
+        name
+        email
+        email_verified
+        nickname
+        first_name
+        last_name
+        location
+        description
+        image
+      }
+
+      COOKIE = "development-auth-defaults"
+
+      def request_phase
+        return unless is_allowed?
+        if (env['REQUEST_METHOD'] == 'POST') && (request.params['uid'])
+          data = request.params.slice(*FIELDS)
+
+          r = Rack::Response.new
+          r.set_cookie(COOKIE, { value: data.to_json, path: "/", expires: 1.month.from_now })
+
+          uri = URI.parse(callback_path)
+          uri.query = URI.encode_www_form(data)
+          r.redirect(uri)
+
+          return r.finish
+        end
+
+        build_form.to_response
+      end
+
+      def build_form
+        token = begin
+          verifier = CSRFTokenVerifier.new
+          verifier.call(env)
+          verifier.form_authenticity_token
+        end
+
+        request = Rack::Request.new(env)
+        raw_defaults = request.cookies[COOKIE] || "{}"
+        defaults = JSON.parse(raw_defaults) rescue {}
+        defaults["uid"] = SecureRandom.hex(8) unless defaults["uid"].present?
+        defaults["email_verified"] = "true" unless defaults["email_verified"].present?
+
+        OmniAuth::Form.build(title: "Fake Authentication Provider") do
+          html "\n<input type='hidden' name='authenticity_token' value='#{token}'/>"
+
+          FIELDS.each do |f|
+            label_field(f, f)
+            if f == "email_verified"
+              html "<input type='checkbox' id='#{f}' name='#{f}' value='true' #{"checked" if defaults[f] == "true"}/>"
+            else
+              html "<input type='text' id='#{f}' name='#{f}' value='#{defaults[f]}'/>"
+            end
+          end
+        end
+      end
+
+      def callback_phase
+        return unless is_allowed?
+        super
+      end
+
+      def auth_hash
+        info = request.params.slice(*FIELDS)
+        uid = info.delete("uid")
+        email_verified = (info.delete("email_verified") == "true")
+        OmniAuth::Utils.deep_merge(super, {
+          'uid' => uid,
+          'info' => info,
+          'extra' => { "raw_info" => { "email_verified" => email_verified } }
+        })
+      end
+
+      def is_allowed?
+        return true if DiscourseDev.config.allow_anonymous_to_impersonate
+        fail!("Enable `allow_anonymous_to_impersonate` setting in `config/dev.yml` file.")
+        false
+      end
+    end
+  end
+end
+
+class DevelopmentAuthenticator < Auth::ManagedAuthenticator
+  def name
+    'developmentauth'
+  end
+
+  def can_revoke?
+    true
+  end
+
+  def can_connect_existing_user?
+    true
+  end
+
+  def enabled?
+    DiscourseDev.auth_plugin_enabled?
+  end
+
+  def register_middleware(omniauth)
+    omniauth.provider :development, name: :developmentauth
+  end
+
+  def primary_email_verified?(auth)
+    auth['extra']['raw_info']['email_verified']
+  end
+end
+
+auth_provider authenticator: DevelopmentAuthenticator.new
+
+### DiscourseConnect
+after_initialize do
+  module ::DevelopmentAuth
+    class Engine < ::Rails::Engine
+      engine_name PLUGIN_NAME
+      isolate_namespace ::DevelopmentAuth
+    end
+  end
+
+  class ::DevelopmentAuth::FakeDiscourseConnectController < ::ApplicationController
+    requires_plugin "discourse-development-auth"
+
+    skip_before_action :check_xhr, :preload_json, :redirect_to_login_if_required, :verify_authenticity_token
+
+    SIMPLE_FIELDS = %w{
+      external_id
+      email
+      username
+      name
+    }
+    ADVANCED_FIELDS = SingleSignOn::ACCESSORS.map(&:to_s) - SIMPLE_FIELDS
+    FIELDS = SIMPLE_FIELDS + ADVANCED_FIELDS
+
+    BOOLS = SingleSignOn::BOOLS.map(&:to_s)
+
+    COOKIE = "development-auth-discourseconnect-defaults"
+
+    def auth
+      return unless is_allowed?
+
+      params.require(:sso)
+      @payload = request.query_string
+      sso = SingleSignOn.parse(@payload, SiteSetting.discourse_connect_secret)
+
+      if request.method == "POST" && params[:external_id]
+        data = {}
+        FIELDS.each do |f|
+          sso.send(:"#{f}=", params[f])
+          data[f] = params[f]
+          cookies[COOKIE] = { value: data.to_json, path: "/", expires: 1.month.from_now }
+        end
+
+        return redirect_to sso.to_url(sso.return_sso_url)
+      end
+
+      raw_defaults = cookies[COOKIE] || "{}"
+      @defaults = JSON.parse(raw_defaults) rescue {}
+      @defaults["return_sso_url"] = sso.return_sso_url
+      @defaults["nonce"] = sso.nonce
+      @defaults["external_id"] = SecureRandom.hex(8) unless @defaults["external_id"].present?
+      render_form
+    end
+
+    private
+
+    def render_form
+      @simple_fields = SIMPLE_FIELDS
+      @advanced_fields = ADVANCED_FIELDS
+      @bools = BOOLS
+      append_view_path(File.expand_path("../app/views", __FILE__))
+      render template: "fake_discourse_connect/form", layout: false
+    end
+  end
+
+  DevelopmentAuth::Engine.routes.draw do
+    get "/fake-discourse-connect" => "fake_discourse_connect#auth"
+    post "/fake-discourse-connect" => "fake_discourse_connect#auth"
+  end
+
+  Discourse::Application.routes.append do
+    mount ::DevelopmentAuth::Engine, at: "/development-auth"
+  end
+
+  DiscourseSingleSignOn.singleton_class.prepend(Module.new do
+    def sso_url
+      if DiscourseDev.auth_plugin_enabled?
+        return "#{Discourse.base_path}/development-auth/fake-discourse-connect"
+      end
+      super
+    end
+  end)
+
+  EnableSsoValidator.prepend(Module.new do
+    def valid_value?(val)
+      return true if DiscourseDev.auth_plugin_enabled?
+      super
+    end
+  end)
+end

data/config/dev.yml

@@ -0,0 +1,38 @@
+site_settings:
+  tagging_enabled: true
+  verbose_discourse_connect_logging: true
+
+seed: 1
+start_date: 2020-01-01
+auth_plugin_enabled: true
+allow_anonymous_to_impersonate: false
+
+category:
+  count: 30
+group:
+  count: 15
+post:
+  include_images: false
+  max_likes_count: 10
+tag:
+  count: 30
+topic:
+  count: 30
+  replies:
+    # number of replies per topic between min and max
+    min: 0
+    max: 12
+    overrides:
+      # topic titles can be found in config/locales/faker.en.yml
+      - title: "Coolest thing you have seen today"
+        count: 99
+  tags:
+    # number of tags per topic between min and max
+    min: 0
+    max: 3
+user:
+  count: 30
+
+new_user:
+   username: new_user
+   email: new_user@example.com

data/config/locales/client.en.yml

@@ -0,0 +1,6 @@
+en:
+  js:
+    login:
+      developmentauth:
+        title: DevelopmentAuth
+        name: DevelopmentAuth

data/{lib/faker/locales/en.yml → config/locales/faker.en.yml}

@@ -93,7 +93,7 @@ en:
         - Totally amped about the 80s
         - Do microwave ovens kill bacteria?
         - Most inspirational movie you have ever seen?
-        - Catching all 151 in 2 hours
+        - Catching all 151 in 2 hours  😀
         - Charlie The Unicorn 4
         - Video Games for Pre-Teens?
         - Online learning

data/discourse_dev.gemspec

@@ -22,6 +22,7 @@ Gem::Specification.new do |spec|
 
   spec.add_development_dependency "bundler", "~> 2.0"
   spec.add_development_dependency "rake", ">= 12.3.3"
+  spec.add_development_dependency "rubocop-discourse"
 
   spec.required_ruby_version = '>= 2.6.0'
 end