google_sign_in 0.1.4 → 1.0.0

data/test/dummy/config/initializers/wrap_parameters.rb

@@ -0,0 +1,14 @@
+# Be sure to restart your server when you modify this file.
+
+# This file contains settings for ActionController::ParamsWrapper which
+# is enabled by default.
+
+# Enable parameter wrapping for JSON. You can disable this by setting :format to an empty array.
+ActiveSupport.on_load(:action_controller) do
+  wrap_parameters format: [:json]
+end
+
+# To enable root element in JSON for ActiveRecord objects.
+# ActiveSupport.on_load(:active_record) do
+#   self.include_root_in_json = true
+# end

data/test/dummy/config/locales/en.yml

@@ -0,0 +1,33 @@
+# Files in the config/locales directory are used for internationalization
+# and are automatically loaded by Rails. If you want to use locales other
+# than English, add the necessary files in this directory.
+#
+# To use the locales, use `I18n.t`:
+#
+#     I18n.t 'hello'
+#
+# In views, this is aliased to just `t`:
+#
+#     <%= t('hello') %>
+#
+# To use a different locale, set it with `I18n.locale`:
+#
+#     I18n.locale = :es
+#
+# This would use the information in config/locales/es.yml.
+#
+# The following keys must be escaped otherwise they will not be retrieved by
+# the default I18n backend:
+#
+# true, false, on, off, yes, no
+#
+# Instead, surround them with single quotes.
+#
+# en:
+#   'true': 'foo'
+#
+# To learn more, please read the Rails Internationalization guide
+# available at http://guides.rubyonrails.org/i18n.html.
+
+en:
+  hello: "Hello world"

data/test/dummy/config/puma.rb

@@ -0,0 +1,34 @@
+# Puma can serve each request in a thread from an internal thread pool.
+# The `threads` method setting takes two numbers: a minimum and maximum.
+# Any libraries that use thread pools should be configured to match
+# the maximum value specified for Puma. Default is set to 5 threads for minimum
+# and maximum; this matches the default thread size of Active Record.
+#
+threads_count = ENV.fetch("RAILS_MAX_THREADS") { 5 }
+threads threads_count, threads_count
+
+# Specifies the `port` that Puma will listen on to receive requests; default is 3000.
+#
+port        ENV.fetch("PORT") { 3000 }
+
+# Specifies the `environment` that Puma will run in.
+#
+environment ENV.fetch("RAILS_ENV") { "development" }
+
+# Specifies the number of `workers` to boot in clustered mode.
+# Workers are forked webserver processes. If using threads and workers together
+# the concurrency of the application would be max `threads` * `workers`.
+# Workers do not work on JRuby or Windows (both of which do not support
+# processes).
+#
+# workers ENV.fetch("WEB_CONCURRENCY") { 2 }
+
+# Use the `preload_app!` method when specifying a `workers` number.
+# This directive tells Puma to first boot the application and load code
+# before forking the application. This takes advantage of Copy On Write
+# process behavior so workers use less memory.
+#
+# preload_app!
+
+# Allow puma to be restarted by `rails restart` command.
+plugin :tmp_restart

data/test/dummy/config/routes.rb

@@ -0,0 +1,2 @@
+Rails.application.routes.draw do
+end

data/test/dummy/config/spring.rb

@@ -0,0 +1,6 @@
+%w[
+  .ruby-version
+  .rbenv-vars
+  tmp/restart.txt
+  tmp/caching-dev.txt
+].each { |path| Spring.watch(path) }

data/test/dummy/config/storage.yml

@@ -0,0 +1,34 @@
+test:
+  service: Disk
+  root: <%= Rails.root.join("tmp/storage") %>
+
+local:
+  service: Disk
+  root: <%= Rails.root.join("storage") %>
+
+# Use rails credentials:edit to set the AWS secrets (as aws:access_key_id|secret_access_key)
+# amazon:
+#   service: S3
+#   access_key_id: <%= Rails.application.credentials.dig(:aws, :access_key_id) %>
+#   secret_access_key: <%= Rails.application.credentials.dig(:aws, :secret_access_key) %>
+#   region: us-east-1
+#   bucket: your_own_bucket
+
+# Remember not to checkin your GCS keyfile to a repository
+# google:
+#   service: GCS
+#   project: your_project
+#   credentials: <%= Rails.root.join("path/to/gcs.keyfile") %>
+#   bucket: your_own_bucket
+
+# Use rails credentials:edit to set the Azure Storage secret (as azure_storage:storage_access_key)
+# microsoft:
+#   service: AzureStorage
+#   storage_account_name: your_account_name
+#   storage_access_key: <%= Rails.application.credentials.dig(:azure_storage, :storage_access_key) %>
+#   container: your_container_name
+
+# mirror:
+#   service: Mirror
+#   primary: local
+#   mirrors: [ amazon, google, microsoft ]

data/test/dummy/package.json

@@ -0,0 +1,5 @@
+{
+  "name": "dummy",
+  "private": true,
+  "dependencies": {}
+}

data/test/dummy/public/404.html

@@ -0,0 +1,67 @@
+<!DOCTYPE html>
+<html>
+<head>
+  <title>The page you were looking for doesn't exist (404)</title>
+  <meta name="viewport" content="width=device-width,initial-scale=1">
+  <style>
+  .rails-default-error-page {
+    background-color: #EFEFEF;
+    color: #2E2F30;
+    text-align: center;
+    font-family: arial, sans-serif;
+    margin: 0;
+  }
+
+  .rails-default-error-page div.dialog {
+    width: 95%;
+    max-width: 33em;
+    margin: 4em auto 0;
+  }
+
+  .rails-default-error-page div.dialog > div {
+    border: 1px solid #CCC;
+    border-right-color: #999;
+    border-left-color: #999;
+    border-bottom-color: #BBB;
+    border-top: #B00100 solid 4px;
+    border-top-left-radius: 9px;
+    border-top-right-radius: 9px;
+    background-color: white;
+    padding: 7px 12% 0;
+    box-shadow: 0 3px 8px rgba(50, 50, 50, 0.17);
+  }
+
+  .rails-default-error-page h1 {
+    font-size: 100%;
+    color: #730E15;
+    line-height: 1.5em;
+  }
+
+  .rails-default-error-page div.dialog > p {
+    margin: 0 0 1em;
+    padding: 1em;
+    background-color: #F7F7F7;
+    border: 1px solid #CCC;
+    border-right-color: #999;
+    border-left-color: #999;
+    border-bottom-color: #999;
+    border-bottom-left-radius: 4px;
+    border-bottom-right-radius: 4px;
+    border-top-color: #DADADA;
+    color: #666;
+    box-shadow: 0 3px 8px rgba(50, 50, 50, 0.17);
+  }
+  </style>
+</head>
+
+<body class="rails-default-error-page">
+  <!-- This file lives in public/404.html -->
+  <div class="dialog">
+    <div>
+      <h1>The page you were looking for doesn't exist.</h1>
+      <p>You may have mistyped the address or the page may have moved.</p>
+    </div>
+    <p>If you are the application owner check the logs for more information.</p>
+  </div>
+</body>
+</html>

data/test/dummy/public/422.html

@@ -0,0 +1,67 @@
+<!DOCTYPE html>
+<html>
+<head>
+  <title>The change you wanted was rejected (422)</title>
+  <meta name="viewport" content="width=device-width,initial-scale=1">
+  <style>
+  .rails-default-error-page {
+    background-color: #EFEFEF;
+    color: #2E2F30;
+    text-align: center;
+    font-family: arial, sans-serif;
+    margin: 0;
+  }
+
+  .rails-default-error-page div.dialog {
+    width: 95%;
+    max-width: 33em;
+    margin: 4em auto 0;
+  }
+
+  .rails-default-error-page div.dialog > div {
+    border: 1px solid #CCC;
+    border-right-color: #999;
+    border-left-color: #999;
+    border-bottom-color: #BBB;
+    border-top: #B00100 solid 4px;
+    border-top-left-radius: 9px;
+    border-top-right-radius: 9px;
+    background-color: white;
+    padding: 7px 12% 0;
+    box-shadow: 0 3px 8px rgba(50, 50, 50, 0.17);
+  }
+
+  .rails-default-error-page h1 {
+    font-size: 100%;
+    color: #730E15;
+    line-height: 1.5em;
+  }
+
+  .rails-default-error-page div.dialog > p {
+    margin: 0 0 1em;
+    padding: 1em;
+    background-color: #F7F7F7;
+    border: 1px solid #CCC;
+    border-right-color: #999;
+    border-left-color: #999;
+    border-bottom-color: #999;
+    border-bottom-left-radius: 4px;
+    border-bottom-right-radius: 4px;
+    border-top-color: #DADADA;
+    color: #666;
+    box-shadow: 0 3px 8px rgba(50, 50, 50, 0.17);
+  }
+  </style>
+</head>
+
+<body class="rails-default-error-page">
+  <!-- This file lives in public/422.html -->
+  <div class="dialog">
+    <div>
+      <h1>The change you wanted was rejected.</h1>
+      <p>Maybe you tried to change something you didn't have access to.</p>
+    </div>
+    <p>If you are the application owner check the logs for more information.</p>
+  </div>
+</body>
+</html>

data/test/dummy/public/500.html

@@ -0,0 +1,66 @@
+<!DOCTYPE html>
+<html>
+<head>
+  <title>We're sorry, but something went wrong (500)</title>
+  <meta name="viewport" content="width=device-width,initial-scale=1">
+  <style>
+  .rails-default-error-page {
+    background-color: #EFEFEF;
+    color: #2E2F30;
+    text-align: center;
+    font-family: arial, sans-serif;
+    margin: 0;
+  }
+
+  .rails-default-error-page div.dialog {
+    width: 95%;
+    max-width: 33em;
+    margin: 4em auto 0;
+  }
+
+  .rails-default-error-page div.dialog > div {
+    border: 1px solid #CCC;
+    border-right-color: #999;
+    border-left-color: #999;
+    border-bottom-color: #BBB;
+    border-top: #B00100 solid 4px;
+    border-top-left-radius: 9px;
+    border-top-right-radius: 9px;
+    background-color: white;
+    padding: 7px 12% 0;
+    box-shadow: 0 3px 8px rgba(50, 50, 50, 0.17);
+  }
+
+  .rails-default-error-page h1 {
+    font-size: 100%;
+    color: #730E15;
+    line-height: 1.5em;
+  }
+
+  .rails-default-error-page div.dialog > p {
+    margin: 0 0 1em;
+    padding: 1em;
+    background-color: #F7F7F7;
+    border: 1px solid #CCC;
+    border-right-color: #999;
+    border-left-color: #999;
+    border-bottom-color: #999;
+    border-bottom-left-radius: 4px;
+    border-bottom-right-radius: 4px;
+    border-top-color: #DADADA;
+    color: #666;
+    box-shadow: 0 3px 8px rgba(50, 50, 50, 0.17);
+  }
+  </style>
+</head>
+
+<body class="rails-default-error-page">
+  <!-- This file lives in public/500.html -->
+  <div class="dialog">
+    <div>
+      <h1>We're sorry, but something went wrong.</h1>
+    </div>
+    <p>If you are the application owner check the logs for more information.</p>
+  </div>
+</body>
+</html>

data/test/helpers/button_helper_test.rb

@@ -0,0 +1,36 @@
+require "test_helper"
+
+class GoogleSignIn::ButtonHelperTest < ActionView::TestCase
+  test "generating a login button with text content" do
+    assert_dom_equal <<-HTML, google_sign_in_button("Log in with Google", proceed_to: "https://www.example.com/login")
+      <form action="/google_sign_in/authorization" accept-charset="UTF-8" data-remote="true" method="post">
+        <input name="utf8" type="hidden" value="&#x2713;" />
+        <input name="proceed_to" type="hidden" value="https://www.example.com/login" />
+        <button type="submit">Log in with Google</button>
+      </form>
+    HTML
+  end
+
+  test "generating a login button with HTML content" do
+    assert_dom_equal <<-HTML, google_sign_in_button(proceed_to: "https://www.example.com/login") { image_tag("google.png") }
+      <form action="/google_sign_in/authorization" accept-charset="UTF-8" data-remote="true" method="post">
+        <input name="utf8" type="hidden" value="&#x2713;" />
+        <input name="proceed_to" type="hidden" value="https://www.example.com/login" />
+        <button type="submit"><img src="/images/google.png"></button>
+      </form>
+    HTML
+  end
+
+  test "generating a login button with custom attributes" do
+    button = google_sign_in_button("Log in with Google", proceed_to: "https://www.example.com/login",
+      class: "login-button", data: { disable_with: "Loading Google login…" })
+
+    assert_dom_equal <<-HTML, button
+      <form action="/google_sign_in/authorization" accept-charset="UTF-8" data-remote="true" method="post">
+        <input name="utf8" type="hidden" value="&#x2713;" />
+        <input name="proceed_to" type="hidden" value="https://www.example.com/login" />
+        <button type="submit" class="login-button" data-disable-with="Loading Google login…">Log in with Google</button>
+      </form>
+    HTML
+  end
+end

data/test/key.pem

@@ -0,0 +1,27 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIEowIBAAKCAQEArZztTnC23cY+H+iP2lDCZAiX6wzb6dL9pY1CaGquoalj5qGY
+HJfdp4wb7fdZ6ST3xmgstGWC34s1DQUSpH6OrtzF77m5LWKpN0lQno8tE1BNdT8E
+cdbv8dHNqwk2umO6aQKDvVK98qHHA5pHHj/DKaHx1nra3WscoZLZasuoKTO1fpI4
+/mp8kkJOF6gyZReBVx7fNhzDSt8W41ychKMjLnRlCEgQ5/6xvG9y8RCmsFIi1QiO
+eIN/i/zouJ2QhFzQnf5r1qVRaD6RUBjKClt0vSsRaML35A0sVmMIGJ1p7DtLnl0v
+lmDC/PCjtUH+1ZhGfdbu8NfxIjFcYrnM8cnEnwIDAQABAoIBAQCFsPlg1RVMlJNU
+eP8Fq/j1lVR/UYird6mRacUAqV5O6SUf/cIoCp5Knm8Hgdl/2tLeu2vpgt4UDJvO
+qeBgQYDYkPPvlcJOe9I428E0SKb6X3U2W0+t5kkhm2FYWyEEyTVMFf6itOvGwuOB
+F7W6SnmcPrP/aN3PceM7XN0GC0w0ZPOgpsKO4zJiXyA+NQhOdV/xsUtAgM/zXPVb
+UzJyixPDqJfBHBNCkP6FcJxkc+cLlxnZaG7ug2qfWzvj0l2EepcWQ3R/E56mixcN
+nIoha07jBMJhX0KbRgcZsMmvR0/Z2sLkUgphTI/EdIsPQ/zvfqSQTQAKjDB4Orsi
+quaIerupAoGBANVfWh+d4GnhcxtHYb1CCS6CU1dJDh6vGifeLvAAxuiAOBAepQUs
+9+ewVaS7ARnZ7jwtqOOKRDvAZpEukh7lqFj5haqzuRrImTO6v/Lk8XAA2RC7hY6v
+b65WszIYgGemSubJot7Tevk/lu8lhdkZKp+OZdPU9NS2cEPCcQ3zDchbAoGBANBM
+IVJuQHutAzCTKfjhbZCn78e7AA/eQGMycZUM6i60muYC7L57P0W++ycK6A1cJ49X
+XJ9VvKtjtfqITbIUGuvaFii7XAaGMV85LffJ5t1DjucLScIBDxYp5EJz5/Qj2RDw
+hWJZ+IF0Z4+k1jmIM+eyoNzmjWyYvgpmhFfhx0gNAoGAHcRyt0x4PW1FeL3JpfSr
+gUCPTfMUNDWriXpWxAbnuRICQEV2MjWm1DzmhdfM/IVJ1j1sfWoRwOBDrud3XTYe
++WK+QiVWoqTvsqbQFpvYDw8fOVVf+ZsCEqln0IpYh51Mf8wLm9iXJGS5st1iQfpf
+1uivzhC8o1xcZyeeTBrnhlcCgYBHp7ja04SpRwZO4oFQ1bPMTIlHC0RlMQ6zUToT
+jULOWGDk+WKZ0GoewylA8BaN6gLN477ALU1fJEkI63TW6uWr9vUig/mPYQCBAnmW
+wUUDHud9AbwY2iZneHfGiHrl2KMmmac5AzxixDmQB6OOXRWGAkQmWcWS8ySFDWk/
+ljLozQKBgE1gv+PXyxFOsuKNAylj2h8SlfzyOReS7XgPOX3x27yhp18Y8Wq9jeBr
+INjRFL7CpydZZOB5B8i4CLqa3B0dA/lIYbc5FaLefBY+mt82YtpMsYP1I4bAe/ub
+K7fp2z10/eKfa2e5mcTS2WBwJmVz0cR8Plqd2zPb3+yE+JMiU/k7
+-----END RSA PRIVATE KEY-----

data/test/models/identity_test.rb

@@ -0,0 +1,76 @@
+require 'test_helper'
+require 'jwt'
+
+class GoogleSignIn::IdentityTest < ActiveSupport::TestCase
+  test "client_id must be set" do
+    switch_client_id_to nil do
+      assert_raises(ArgumentError) { GoogleSignIn::Identity.new("some_fake_token") }
+    end
+  end
+
+  test "client_id must be in the token audience" do
+    assert_raises GoogleSignIn::Identity::ValidationError do
+      GoogleSignIn::Identity.new(token_with(aud: "invalid"))
+    end
+  end
+
+  test "token must have a valid issuer" do
+    assert_raises GoogleSignIn::Identity::ValidationError do
+      GoogleSignIn::Identity.new(token_with(iss: "invalid"))
+    end
+  end
+
+  test "token must be signed with the correct key" do
+    assert_raises GoogleSignIn::Identity::ValidationError do
+      GoogleSignIn::Identity.new(token_with(key: OpenSSL::PKey::RSA.new(2048)))
+    end
+  end
+
+  test "token must not be expired" do
+    freeze_time do
+      assert_raises GoogleSignIn::Identity::ValidationError do
+        GoogleSignIn::Identity.new(token_with(iat: 10.minutes.ago.to_i, exp: 5.minutes.ago.to_i))
+      end
+    end
+  end
+
+  test "extracting user ID" do
+    assert_equal "573222559223877", GoogleSignIn::Identity.new(token_with(sub: "573222559223877")).user_id
+  end
+
+  test "extracting name" do
+    assert_equal "George Claghorn", GoogleSignIn::Identity.new(token_with(name: "George Claghorn")).name
+  end
+
+  test "extracting email address" do
+    assert_equal "george@basecamp.com", GoogleSignIn::Identity.new(token_with(email: "george@basecamp.com")).email_address
+  end
+
+  test "extracting email verification status" do
+    assert GoogleSignIn::Identity.new(token_with(email: "george@basecamp.com", email_verified: true)).email_verified?
+    assert_not GoogleSignIn::Identity.new(token_with(email: "george@basecamp.com", email_verified: false)).email_verified?
+    assert_not GoogleSignIn::Identity.new(token_with(email: "george@basecamp.com")).email_verified?
+  end
+
+  test "extracting avatar URL" do
+    assert_equal "https://example.com/avatar.png",
+      GoogleSignIn::Identity.new(token_with(picture: "https://example.com/avatar.png")).avatar_url
+  end
+
+  test "extracting locale" do
+    assert_equal "en-US", GoogleSignIn::Identity.new(token_with(locale: "en-US")).locale
+  end
+
+  private
+    def switch_client_id_to(value)
+      previous_value = GoogleSignIn.client_id
+      GoogleSignIn.client_id = value
+      yield
+    ensure
+      GoogleSignIn.client_id = previous_value
+    end
+
+    def token_with(aud: FAKE_GOOGLE_CLIENT_ID, iss: "https://accounts.google.com", key: GOOGLE_PRIVATE_KEY, **payload)
+      JWT.encode(payload.merge(aud: aud, iss: iss), key, "RS256")
+    end
+end