google_sign_in 0.1.4 → 1.0.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.gitignore +12 -0
- data/.travis.yml +18 -0
- data/Gemfile.lock +130 -10
- data/README.md +114 -47
- data/Rakefile +31 -1
- data/SECURITY.md +15 -0
- data/app/controllers/google_sign_in/authorizations_controller.rb +17 -0
- data/app/controllers/google_sign_in/base_controller.rb +15 -0
- data/app/controllers/google_sign_in/callbacks_controller.rb +27 -0
- data/app/helpers/google_sign_in/button_helper.rb +7 -0
- data/bin/rails +16 -0
- data/config/routes.rb +4 -0
- data/google_sign_in.gemspec +9 -6
- data/lib/google_sign_in.rb +9 -1
- data/lib/google_sign_in/engine.rb +28 -0
- data/lib/google_sign_in/identity.rb +10 -21
- data/lib/google_sign_in/redirect_protector.rb +25 -0
- data/test/certificate.pem +19 -0
- data/test/controllers/authorizations_controller_test.rb +26 -0
- data/test/controllers/callbacks_controller_test.rb +36 -0
- data/test/dummy/.ruby-version +1 -0
- data/test/dummy/Rakefile +6 -0
- data/test/dummy/app/assets/config/manifest.js +3 -0
- data/test/dummy/app/assets/images/.keep +0 -0
- data/test/dummy/app/assets/javascripts/application.js +15 -0
- data/test/dummy/app/assets/javascripts/cable.js +13 -0
- data/test/dummy/app/assets/javascripts/channels/.keep +0 -0
- data/test/dummy/app/assets/stylesheets/application.css +15 -0
- data/test/dummy/app/channels/application_cable/channel.rb +4 -0
- data/test/dummy/app/channels/application_cable/connection.rb +4 -0
- data/test/dummy/app/controllers/application_controller.rb +2 -0
- data/test/dummy/app/controllers/concerns/.keep +0 -0
- data/test/dummy/app/helpers/application_helper.rb +2 -0
- data/test/dummy/app/jobs/application_job.rb +2 -0
- data/test/dummy/app/mailers/application_mailer.rb +4 -0
- data/test/dummy/app/models/application_record.rb +3 -0
- data/test/dummy/app/models/concerns/.keep +0 -0
- data/test/dummy/app/views/layouts/application.html.erb +15 -0
- data/test/dummy/app/views/layouts/mailer.html.erb +13 -0
- data/test/dummy/app/views/layouts/mailer.text.erb +1 -0
- data/test/dummy/bin/bundle +3 -0
- data/test/dummy/bin/rails +4 -0
- data/test/dummy/bin/rake +4 -0
- data/test/dummy/bin/setup +36 -0
- data/test/dummy/bin/update +31 -0
- data/test/dummy/bin/yarn +11 -0
- data/test/dummy/config.ru +5 -0
- data/test/dummy/config/application.rb +20 -0
- data/test/dummy/config/boot.rb +5 -0
- data/test/dummy/config/cable.yml +10 -0
- data/test/dummy/config/database.yml +25 -0
- data/test/dummy/config/environment.rb +5 -0
- data/test/dummy/config/environments/development.rb +32 -0
- data/test/dummy/config/environments/production.rb +57 -0
- data/test/dummy/config/environments/test.rb +33 -0
- data/test/dummy/config/initializers/application_controller_renderer.rb +8 -0
- data/test/dummy/config/initializers/backtrace_silencers.rb +7 -0
- data/test/dummy/config/initializers/content_security_policy.rb +25 -0
- data/test/dummy/config/initializers/cookies_serializer.rb +5 -0
- data/test/dummy/config/initializers/filter_parameter_logging.rb +4 -0
- data/test/dummy/config/initializers/google_sign_in.rb +4 -0
- data/test/dummy/config/initializers/inflections.rb +16 -0
- data/test/dummy/config/initializers/mime_types.rb +4 -0
- data/test/dummy/config/initializers/wrap_parameters.rb +14 -0
- data/test/dummy/config/locales/en.yml +33 -0
- data/test/dummy/config/puma.rb +34 -0
- data/test/dummy/config/routes.rb +2 -0
- data/test/dummy/config/spring.rb +6 -0
- data/test/dummy/config/storage.yml +34 -0
- data/test/dummy/lib/assets/.keep +0 -0
- data/test/dummy/log/.keep +0 -0
- data/test/dummy/package.json +5 -0
- data/test/dummy/public/404.html +67 -0
- data/test/dummy/public/422.html +67 -0
- data/test/dummy/public/500.html +66 -0
- data/test/dummy/public/apple-touch-icon-precomposed.png +0 -0
- data/test/dummy/public/apple-touch-icon.png +0 -0
- data/test/dummy/public/favicon.ico +0 -0
- data/test/helpers/button_helper_test.rb +36 -0
- data/test/key.pem +27 -0
- data/test/models/identity_test.rb +76 -0
- data/test/models/redirect_protector_test.rb +34 -0
- data/test/test_helper.rb +27 -3
- metadata +200 -10
- data/lib/google_sign_in/helper.rb +0 -76
- data/lib/google_sign_in/railtie.rb +0 -12
- data/test/identity_test.rb +0 -13
@@ -0,0 +1,14 @@
|
|
1
|
+
# Be sure to restart your server when you modify this file.
|
2
|
+
|
3
|
+
# This file contains settings for ActionController::ParamsWrapper which
|
4
|
+
# is enabled by default.
|
5
|
+
|
6
|
+
# Enable parameter wrapping for JSON. You can disable this by setting :format to an empty array.
|
7
|
+
ActiveSupport.on_load(:action_controller) do
|
8
|
+
wrap_parameters format: [:json]
|
9
|
+
end
|
10
|
+
|
11
|
+
# To enable root element in JSON for ActiveRecord objects.
|
12
|
+
# ActiveSupport.on_load(:active_record) do
|
13
|
+
# self.include_root_in_json = true
|
14
|
+
# end
|
@@ -0,0 +1,33 @@
|
|
1
|
+
# Files in the config/locales directory are used for internationalization
|
2
|
+
# and are automatically loaded by Rails. If you want to use locales other
|
3
|
+
# than English, add the necessary files in this directory.
|
4
|
+
#
|
5
|
+
# To use the locales, use `I18n.t`:
|
6
|
+
#
|
7
|
+
# I18n.t 'hello'
|
8
|
+
#
|
9
|
+
# In views, this is aliased to just `t`:
|
10
|
+
#
|
11
|
+
# <%= t('hello') %>
|
12
|
+
#
|
13
|
+
# To use a different locale, set it with `I18n.locale`:
|
14
|
+
#
|
15
|
+
# I18n.locale = :es
|
16
|
+
#
|
17
|
+
# This would use the information in config/locales/es.yml.
|
18
|
+
#
|
19
|
+
# The following keys must be escaped otherwise they will not be retrieved by
|
20
|
+
# the default I18n backend:
|
21
|
+
#
|
22
|
+
# true, false, on, off, yes, no
|
23
|
+
#
|
24
|
+
# Instead, surround them with single quotes.
|
25
|
+
#
|
26
|
+
# en:
|
27
|
+
# 'true': 'foo'
|
28
|
+
#
|
29
|
+
# To learn more, please read the Rails Internationalization guide
|
30
|
+
# available at http://guides.rubyonrails.org/i18n.html.
|
31
|
+
|
32
|
+
en:
|
33
|
+
hello: "Hello world"
|
@@ -0,0 +1,34 @@
|
|
1
|
+
# Puma can serve each request in a thread from an internal thread pool.
|
2
|
+
# The `threads` method setting takes two numbers: a minimum and maximum.
|
3
|
+
# Any libraries that use thread pools should be configured to match
|
4
|
+
# the maximum value specified for Puma. Default is set to 5 threads for minimum
|
5
|
+
# and maximum; this matches the default thread size of Active Record.
|
6
|
+
#
|
7
|
+
threads_count = ENV.fetch("RAILS_MAX_THREADS") { 5 }
|
8
|
+
threads threads_count, threads_count
|
9
|
+
|
10
|
+
# Specifies the `port` that Puma will listen on to receive requests; default is 3000.
|
11
|
+
#
|
12
|
+
port ENV.fetch("PORT") { 3000 }
|
13
|
+
|
14
|
+
# Specifies the `environment` that Puma will run in.
|
15
|
+
#
|
16
|
+
environment ENV.fetch("RAILS_ENV") { "development" }
|
17
|
+
|
18
|
+
# Specifies the number of `workers` to boot in clustered mode.
|
19
|
+
# Workers are forked webserver processes. If using threads and workers together
|
20
|
+
# the concurrency of the application would be max `threads` * `workers`.
|
21
|
+
# Workers do not work on JRuby or Windows (both of which do not support
|
22
|
+
# processes).
|
23
|
+
#
|
24
|
+
# workers ENV.fetch("WEB_CONCURRENCY") { 2 }
|
25
|
+
|
26
|
+
# Use the `preload_app!` method when specifying a `workers` number.
|
27
|
+
# This directive tells Puma to first boot the application and load code
|
28
|
+
# before forking the application. This takes advantage of Copy On Write
|
29
|
+
# process behavior so workers use less memory.
|
30
|
+
#
|
31
|
+
# preload_app!
|
32
|
+
|
33
|
+
# Allow puma to be restarted by `rails restart` command.
|
34
|
+
plugin :tmp_restart
|
@@ -0,0 +1,34 @@
|
|
1
|
+
test:
|
2
|
+
service: Disk
|
3
|
+
root: <%= Rails.root.join("tmp/storage") %>
|
4
|
+
|
5
|
+
local:
|
6
|
+
service: Disk
|
7
|
+
root: <%= Rails.root.join("storage") %>
|
8
|
+
|
9
|
+
# Use rails credentials:edit to set the AWS secrets (as aws:access_key_id|secret_access_key)
|
10
|
+
# amazon:
|
11
|
+
# service: S3
|
12
|
+
# access_key_id: <%= Rails.application.credentials.dig(:aws, :access_key_id) %>
|
13
|
+
# secret_access_key: <%= Rails.application.credentials.dig(:aws, :secret_access_key) %>
|
14
|
+
# region: us-east-1
|
15
|
+
# bucket: your_own_bucket
|
16
|
+
|
17
|
+
# Remember not to checkin your GCS keyfile to a repository
|
18
|
+
# google:
|
19
|
+
# service: GCS
|
20
|
+
# project: your_project
|
21
|
+
# credentials: <%= Rails.root.join("path/to/gcs.keyfile") %>
|
22
|
+
# bucket: your_own_bucket
|
23
|
+
|
24
|
+
# Use rails credentials:edit to set the Azure Storage secret (as azure_storage:storage_access_key)
|
25
|
+
# microsoft:
|
26
|
+
# service: AzureStorage
|
27
|
+
# storage_account_name: your_account_name
|
28
|
+
# storage_access_key: <%= Rails.application.credentials.dig(:azure_storage, :storage_access_key) %>
|
29
|
+
# container: your_container_name
|
30
|
+
|
31
|
+
# mirror:
|
32
|
+
# service: Mirror
|
33
|
+
# primary: local
|
34
|
+
# mirrors: [ amazon, google, microsoft ]
|
File without changes
|
File without changes
|
@@ -0,0 +1,67 @@
|
|
1
|
+
<!DOCTYPE html>
|
2
|
+
<html>
|
3
|
+
<head>
|
4
|
+
<title>The page you were looking for doesn't exist (404)</title>
|
5
|
+
<meta name="viewport" content="width=device-width,initial-scale=1">
|
6
|
+
<style>
|
7
|
+
.rails-default-error-page {
|
8
|
+
background-color: #EFEFEF;
|
9
|
+
color: #2E2F30;
|
10
|
+
text-align: center;
|
11
|
+
font-family: arial, sans-serif;
|
12
|
+
margin: 0;
|
13
|
+
}
|
14
|
+
|
15
|
+
.rails-default-error-page div.dialog {
|
16
|
+
width: 95%;
|
17
|
+
max-width: 33em;
|
18
|
+
margin: 4em auto 0;
|
19
|
+
}
|
20
|
+
|
21
|
+
.rails-default-error-page div.dialog > div {
|
22
|
+
border: 1px solid #CCC;
|
23
|
+
border-right-color: #999;
|
24
|
+
border-left-color: #999;
|
25
|
+
border-bottom-color: #BBB;
|
26
|
+
border-top: #B00100 solid 4px;
|
27
|
+
border-top-left-radius: 9px;
|
28
|
+
border-top-right-radius: 9px;
|
29
|
+
background-color: white;
|
30
|
+
padding: 7px 12% 0;
|
31
|
+
box-shadow: 0 3px 8px rgba(50, 50, 50, 0.17);
|
32
|
+
}
|
33
|
+
|
34
|
+
.rails-default-error-page h1 {
|
35
|
+
font-size: 100%;
|
36
|
+
color: #730E15;
|
37
|
+
line-height: 1.5em;
|
38
|
+
}
|
39
|
+
|
40
|
+
.rails-default-error-page div.dialog > p {
|
41
|
+
margin: 0 0 1em;
|
42
|
+
padding: 1em;
|
43
|
+
background-color: #F7F7F7;
|
44
|
+
border: 1px solid #CCC;
|
45
|
+
border-right-color: #999;
|
46
|
+
border-left-color: #999;
|
47
|
+
border-bottom-color: #999;
|
48
|
+
border-bottom-left-radius: 4px;
|
49
|
+
border-bottom-right-radius: 4px;
|
50
|
+
border-top-color: #DADADA;
|
51
|
+
color: #666;
|
52
|
+
box-shadow: 0 3px 8px rgba(50, 50, 50, 0.17);
|
53
|
+
}
|
54
|
+
</style>
|
55
|
+
</head>
|
56
|
+
|
57
|
+
<body class="rails-default-error-page">
|
58
|
+
<!-- This file lives in public/404.html -->
|
59
|
+
<div class="dialog">
|
60
|
+
<div>
|
61
|
+
<h1>The page you were looking for doesn't exist.</h1>
|
62
|
+
<p>You may have mistyped the address or the page may have moved.</p>
|
63
|
+
</div>
|
64
|
+
<p>If you are the application owner check the logs for more information.</p>
|
65
|
+
</div>
|
66
|
+
</body>
|
67
|
+
</html>
|
@@ -0,0 +1,67 @@
|
|
1
|
+
<!DOCTYPE html>
|
2
|
+
<html>
|
3
|
+
<head>
|
4
|
+
<title>The change you wanted was rejected (422)</title>
|
5
|
+
<meta name="viewport" content="width=device-width,initial-scale=1">
|
6
|
+
<style>
|
7
|
+
.rails-default-error-page {
|
8
|
+
background-color: #EFEFEF;
|
9
|
+
color: #2E2F30;
|
10
|
+
text-align: center;
|
11
|
+
font-family: arial, sans-serif;
|
12
|
+
margin: 0;
|
13
|
+
}
|
14
|
+
|
15
|
+
.rails-default-error-page div.dialog {
|
16
|
+
width: 95%;
|
17
|
+
max-width: 33em;
|
18
|
+
margin: 4em auto 0;
|
19
|
+
}
|
20
|
+
|
21
|
+
.rails-default-error-page div.dialog > div {
|
22
|
+
border: 1px solid #CCC;
|
23
|
+
border-right-color: #999;
|
24
|
+
border-left-color: #999;
|
25
|
+
border-bottom-color: #BBB;
|
26
|
+
border-top: #B00100 solid 4px;
|
27
|
+
border-top-left-radius: 9px;
|
28
|
+
border-top-right-radius: 9px;
|
29
|
+
background-color: white;
|
30
|
+
padding: 7px 12% 0;
|
31
|
+
box-shadow: 0 3px 8px rgba(50, 50, 50, 0.17);
|
32
|
+
}
|
33
|
+
|
34
|
+
.rails-default-error-page h1 {
|
35
|
+
font-size: 100%;
|
36
|
+
color: #730E15;
|
37
|
+
line-height: 1.5em;
|
38
|
+
}
|
39
|
+
|
40
|
+
.rails-default-error-page div.dialog > p {
|
41
|
+
margin: 0 0 1em;
|
42
|
+
padding: 1em;
|
43
|
+
background-color: #F7F7F7;
|
44
|
+
border: 1px solid #CCC;
|
45
|
+
border-right-color: #999;
|
46
|
+
border-left-color: #999;
|
47
|
+
border-bottom-color: #999;
|
48
|
+
border-bottom-left-radius: 4px;
|
49
|
+
border-bottom-right-radius: 4px;
|
50
|
+
border-top-color: #DADADA;
|
51
|
+
color: #666;
|
52
|
+
box-shadow: 0 3px 8px rgba(50, 50, 50, 0.17);
|
53
|
+
}
|
54
|
+
</style>
|
55
|
+
</head>
|
56
|
+
|
57
|
+
<body class="rails-default-error-page">
|
58
|
+
<!-- This file lives in public/422.html -->
|
59
|
+
<div class="dialog">
|
60
|
+
<div>
|
61
|
+
<h1>The change you wanted was rejected.</h1>
|
62
|
+
<p>Maybe you tried to change something you didn't have access to.</p>
|
63
|
+
</div>
|
64
|
+
<p>If you are the application owner check the logs for more information.</p>
|
65
|
+
</div>
|
66
|
+
</body>
|
67
|
+
</html>
|
@@ -0,0 +1,66 @@
|
|
1
|
+
<!DOCTYPE html>
|
2
|
+
<html>
|
3
|
+
<head>
|
4
|
+
<title>We're sorry, but something went wrong (500)</title>
|
5
|
+
<meta name="viewport" content="width=device-width,initial-scale=1">
|
6
|
+
<style>
|
7
|
+
.rails-default-error-page {
|
8
|
+
background-color: #EFEFEF;
|
9
|
+
color: #2E2F30;
|
10
|
+
text-align: center;
|
11
|
+
font-family: arial, sans-serif;
|
12
|
+
margin: 0;
|
13
|
+
}
|
14
|
+
|
15
|
+
.rails-default-error-page div.dialog {
|
16
|
+
width: 95%;
|
17
|
+
max-width: 33em;
|
18
|
+
margin: 4em auto 0;
|
19
|
+
}
|
20
|
+
|
21
|
+
.rails-default-error-page div.dialog > div {
|
22
|
+
border: 1px solid #CCC;
|
23
|
+
border-right-color: #999;
|
24
|
+
border-left-color: #999;
|
25
|
+
border-bottom-color: #BBB;
|
26
|
+
border-top: #B00100 solid 4px;
|
27
|
+
border-top-left-radius: 9px;
|
28
|
+
border-top-right-radius: 9px;
|
29
|
+
background-color: white;
|
30
|
+
padding: 7px 12% 0;
|
31
|
+
box-shadow: 0 3px 8px rgba(50, 50, 50, 0.17);
|
32
|
+
}
|
33
|
+
|
34
|
+
.rails-default-error-page h1 {
|
35
|
+
font-size: 100%;
|
36
|
+
color: #730E15;
|
37
|
+
line-height: 1.5em;
|
38
|
+
}
|
39
|
+
|
40
|
+
.rails-default-error-page div.dialog > p {
|
41
|
+
margin: 0 0 1em;
|
42
|
+
padding: 1em;
|
43
|
+
background-color: #F7F7F7;
|
44
|
+
border: 1px solid #CCC;
|
45
|
+
border-right-color: #999;
|
46
|
+
border-left-color: #999;
|
47
|
+
border-bottom-color: #999;
|
48
|
+
border-bottom-left-radius: 4px;
|
49
|
+
border-bottom-right-radius: 4px;
|
50
|
+
border-top-color: #DADADA;
|
51
|
+
color: #666;
|
52
|
+
box-shadow: 0 3px 8px rgba(50, 50, 50, 0.17);
|
53
|
+
}
|
54
|
+
</style>
|
55
|
+
</head>
|
56
|
+
|
57
|
+
<body class="rails-default-error-page">
|
58
|
+
<!-- This file lives in public/500.html -->
|
59
|
+
<div class="dialog">
|
60
|
+
<div>
|
61
|
+
<h1>We're sorry, but something went wrong.</h1>
|
62
|
+
</div>
|
63
|
+
<p>If you are the application owner check the logs for more information.</p>
|
64
|
+
</div>
|
65
|
+
</body>
|
66
|
+
</html>
|
File without changes
|
File without changes
|
File without changes
|
@@ -0,0 +1,36 @@
|
|
1
|
+
require "test_helper"
|
2
|
+
|
3
|
+
class GoogleSignIn::ButtonHelperTest < ActionView::TestCase
|
4
|
+
test "generating a login button with text content" do
|
5
|
+
assert_dom_equal <<-HTML, google_sign_in_button("Log in with Google", proceed_to: "https://www.example.com/login")
|
6
|
+
<form action="/google_sign_in/authorization" accept-charset="UTF-8" data-remote="true" method="post">
|
7
|
+
<input name="utf8" type="hidden" value="✓" />
|
8
|
+
<input name="proceed_to" type="hidden" value="https://www.example.com/login" />
|
9
|
+
<button type="submit">Log in with Google</button>
|
10
|
+
</form>
|
11
|
+
HTML
|
12
|
+
end
|
13
|
+
|
14
|
+
test "generating a login button with HTML content" do
|
15
|
+
assert_dom_equal <<-HTML, google_sign_in_button(proceed_to: "https://www.example.com/login") { image_tag("google.png") }
|
16
|
+
<form action="/google_sign_in/authorization" accept-charset="UTF-8" data-remote="true" method="post">
|
17
|
+
<input name="utf8" type="hidden" value="✓" />
|
18
|
+
<input name="proceed_to" type="hidden" value="https://www.example.com/login" />
|
19
|
+
<button type="submit"><img src="/images/google.png"></button>
|
20
|
+
</form>
|
21
|
+
HTML
|
22
|
+
end
|
23
|
+
|
24
|
+
test "generating a login button with custom attributes" do
|
25
|
+
button = google_sign_in_button("Log in with Google", proceed_to: "https://www.example.com/login",
|
26
|
+
class: "login-button", data: { disable_with: "Loading Google login…" })
|
27
|
+
|
28
|
+
assert_dom_equal <<-HTML, button
|
29
|
+
<form action="/google_sign_in/authorization" accept-charset="UTF-8" data-remote="true" method="post">
|
30
|
+
<input name="utf8" type="hidden" value="✓" />
|
31
|
+
<input name="proceed_to" type="hidden" value="https://www.example.com/login" />
|
32
|
+
<button type="submit" class="login-button" data-disable-with="Loading Google login…">Log in with Google</button>
|
33
|
+
</form>
|
34
|
+
HTML
|
35
|
+
end
|
36
|
+
end
|
data/test/key.pem
ADDED
@@ -0,0 +1,27 @@
|
|
1
|
+
-----BEGIN RSA PRIVATE KEY-----
|
2
|
+
MIIEowIBAAKCAQEArZztTnC23cY+H+iP2lDCZAiX6wzb6dL9pY1CaGquoalj5qGY
|
3
|
+
HJfdp4wb7fdZ6ST3xmgstGWC34s1DQUSpH6OrtzF77m5LWKpN0lQno8tE1BNdT8E
|
4
|
+
cdbv8dHNqwk2umO6aQKDvVK98qHHA5pHHj/DKaHx1nra3WscoZLZasuoKTO1fpI4
|
5
|
+
/mp8kkJOF6gyZReBVx7fNhzDSt8W41ychKMjLnRlCEgQ5/6xvG9y8RCmsFIi1QiO
|
6
|
+
eIN/i/zouJ2QhFzQnf5r1qVRaD6RUBjKClt0vSsRaML35A0sVmMIGJ1p7DtLnl0v
|
7
|
+
lmDC/PCjtUH+1ZhGfdbu8NfxIjFcYrnM8cnEnwIDAQABAoIBAQCFsPlg1RVMlJNU
|
8
|
+
eP8Fq/j1lVR/UYird6mRacUAqV5O6SUf/cIoCp5Knm8Hgdl/2tLeu2vpgt4UDJvO
|
9
|
+
qeBgQYDYkPPvlcJOe9I428E0SKb6X3U2W0+t5kkhm2FYWyEEyTVMFf6itOvGwuOB
|
10
|
+
F7W6SnmcPrP/aN3PceM7XN0GC0w0ZPOgpsKO4zJiXyA+NQhOdV/xsUtAgM/zXPVb
|
11
|
+
UzJyixPDqJfBHBNCkP6FcJxkc+cLlxnZaG7ug2qfWzvj0l2EepcWQ3R/E56mixcN
|
12
|
+
nIoha07jBMJhX0KbRgcZsMmvR0/Z2sLkUgphTI/EdIsPQ/zvfqSQTQAKjDB4Orsi
|
13
|
+
quaIerupAoGBANVfWh+d4GnhcxtHYb1CCS6CU1dJDh6vGifeLvAAxuiAOBAepQUs
|
14
|
+
9+ewVaS7ARnZ7jwtqOOKRDvAZpEukh7lqFj5haqzuRrImTO6v/Lk8XAA2RC7hY6v
|
15
|
+
b65WszIYgGemSubJot7Tevk/lu8lhdkZKp+OZdPU9NS2cEPCcQ3zDchbAoGBANBM
|
16
|
+
IVJuQHutAzCTKfjhbZCn78e7AA/eQGMycZUM6i60muYC7L57P0W++ycK6A1cJ49X
|
17
|
+
XJ9VvKtjtfqITbIUGuvaFii7XAaGMV85LffJ5t1DjucLScIBDxYp5EJz5/Qj2RDw
|
18
|
+
hWJZ+IF0Z4+k1jmIM+eyoNzmjWyYvgpmhFfhx0gNAoGAHcRyt0x4PW1FeL3JpfSr
|
19
|
+
gUCPTfMUNDWriXpWxAbnuRICQEV2MjWm1DzmhdfM/IVJ1j1sfWoRwOBDrud3XTYe
|
20
|
+
+WK+QiVWoqTvsqbQFpvYDw8fOVVf+ZsCEqln0IpYh51Mf8wLm9iXJGS5st1iQfpf
|
21
|
+
1uivzhC8o1xcZyeeTBrnhlcCgYBHp7ja04SpRwZO4oFQ1bPMTIlHC0RlMQ6zUToT
|
22
|
+
jULOWGDk+WKZ0GoewylA8BaN6gLN477ALU1fJEkI63TW6uWr9vUig/mPYQCBAnmW
|
23
|
+
wUUDHud9AbwY2iZneHfGiHrl2KMmmac5AzxixDmQB6OOXRWGAkQmWcWS8ySFDWk/
|
24
|
+
ljLozQKBgE1gv+PXyxFOsuKNAylj2h8SlfzyOReS7XgPOX3x27yhp18Y8Wq9jeBr
|
25
|
+
INjRFL7CpydZZOB5B8i4CLqa3B0dA/lIYbc5FaLefBY+mt82YtpMsYP1I4bAe/ub
|
26
|
+
K7fp2z10/eKfa2e5mcTS2WBwJmVz0cR8Plqd2zPb3+yE+JMiU/k7
|
27
|
+
-----END RSA PRIVATE KEY-----
|
@@ -0,0 +1,76 @@
|
|
1
|
+
require 'test_helper'
|
2
|
+
require 'jwt'
|
3
|
+
|
4
|
+
class GoogleSignIn::IdentityTest < ActiveSupport::TestCase
|
5
|
+
test "client_id must be set" do
|
6
|
+
switch_client_id_to nil do
|
7
|
+
assert_raises(ArgumentError) { GoogleSignIn::Identity.new("some_fake_token") }
|
8
|
+
end
|
9
|
+
end
|
10
|
+
|
11
|
+
test "client_id must be in the token audience" do
|
12
|
+
assert_raises GoogleSignIn::Identity::ValidationError do
|
13
|
+
GoogleSignIn::Identity.new(token_with(aud: "invalid"))
|
14
|
+
end
|
15
|
+
end
|
16
|
+
|
17
|
+
test "token must have a valid issuer" do
|
18
|
+
assert_raises GoogleSignIn::Identity::ValidationError do
|
19
|
+
GoogleSignIn::Identity.new(token_with(iss: "invalid"))
|
20
|
+
end
|
21
|
+
end
|
22
|
+
|
23
|
+
test "token must be signed with the correct key" do
|
24
|
+
assert_raises GoogleSignIn::Identity::ValidationError do
|
25
|
+
GoogleSignIn::Identity.new(token_with(key: OpenSSL::PKey::RSA.new(2048)))
|
26
|
+
end
|
27
|
+
end
|
28
|
+
|
29
|
+
test "token must not be expired" do
|
30
|
+
freeze_time do
|
31
|
+
assert_raises GoogleSignIn::Identity::ValidationError do
|
32
|
+
GoogleSignIn::Identity.new(token_with(iat: 10.minutes.ago.to_i, exp: 5.minutes.ago.to_i))
|
33
|
+
end
|
34
|
+
end
|
35
|
+
end
|
36
|
+
|
37
|
+
test "extracting user ID" do
|
38
|
+
assert_equal "573222559223877", GoogleSignIn::Identity.new(token_with(sub: "573222559223877")).user_id
|
39
|
+
end
|
40
|
+
|
41
|
+
test "extracting name" do
|
42
|
+
assert_equal "George Claghorn", GoogleSignIn::Identity.new(token_with(name: "George Claghorn")).name
|
43
|
+
end
|
44
|
+
|
45
|
+
test "extracting email address" do
|
46
|
+
assert_equal "george@basecamp.com", GoogleSignIn::Identity.new(token_with(email: "george@basecamp.com")).email_address
|
47
|
+
end
|
48
|
+
|
49
|
+
test "extracting email verification status" do
|
50
|
+
assert GoogleSignIn::Identity.new(token_with(email: "george@basecamp.com", email_verified: true)).email_verified?
|
51
|
+
assert_not GoogleSignIn::Identity.new(token_with(email: "george@basecamp.com", email_verified: false)).email_verified?
|
52
|
+
assert_not GoogleSignIn::Identity.new(token_with(email: "george@basecamp.com")).email_verified?
|
53
|
+
end
|
54
|
+
|
55
|
+
test "extracting avatar URL" do
|
56
|
+
assert_equal "https://example.com/avatar.png",
|
57
|
+
GoogleSignIn::Identity.new(token_with(picture: "https://example.com/avatar.png")).avatar_url
|
58
|
+
end
|
59
|
+
|
60
|
+
test "extracting locale" do
|
61
|
+
assert_equal "en-US", GoogleSignIn::Identity.new(token_with(locale: "en-US")).locale
|
62
|
+
end
|
63
|
+
|
64
|
+
private
|
65
|
+
def switch_client_id_to(value)
|
66
|
+
previous_value = GoogleSignIn.client_id
|
67
|
+
GoogleSignIn.client_id = value
|
68
|
+
yield
|
69
|
+
ensure
|
70
|
+
GoogleSignIn.client_id = previous_value
|
71
|
+
end
|
72
|
+
|
73
|
+
def token_with(aud: FAKE_GOOGLE_CLIENT_ID, iss: "https://accounts.google.com", key: GOOGLE_PRIVATE_KEY, **payload)
|
74
|
+
JWT.encode(payload.merge(aud: aud, iss: iss), key, "RS256")
|
75
|
+
end
|
76
|
+
end
|