linkedin_sign_in 0.3

data/test/helpers/button_helper_test.rb

@@ -0,0 +1,36 @@
+require "test_helper"
+
+class LinkedinSignIn::ButtonHelperTest < ActionView::TestCase
+  test "generating a login button with text content" do
+    assert_dom_equal <<-HTML, linkedin_sign_in_button("Log in with Linkedin", proceed_to: "https://www.example.com/login")
+      <form action="/linkedin_sign_in/authorization" accept-charset="UTF-8" method="post">
+        <input name="utf8" type="hidden" value="&#x2713;" />
+        <input name="proceed_to" type="hidden" value="https://www.example.com/login" />
+        <button type="submit">Log in with Linkedin</button>
+      </form>
+    HTML
+  end
+
+  test "generating a login button with HTML content" do
+    assert_dom_equal <<-HTML, linkedin_sign_in_button(proceed_to: "https://www.example.com/login") { image_tag("linkedin.png") }
+      <form action="/linkedin_sign_in/authorization" accept-charset="UTF-8" method="post">
+        <input name="utf8" type="hidden" value="&#x2713;" />
+        <input name="proceed_to" type="hidden" value="https://www.example.com/login" />
+        <button type="submit"><img src="/images/linkedin.png"></button>
+      </form>
+    HTML
+  end
+
+  test "generating a login button with custom attributes" do
+    button = linkedin_sign_in_button("Log in with Linkedin", proceed_to: "https://www.example.com/login",
+      class: "login-button", data: { disable_with: "Loading Linkedin login…" })
+
+    assert_dom_equal <<-HTML, button
+      <form action="/linkedin_sign_in/authorization" accept-charset="UTF-8" method="post">
+        <input name="utf8" type="hidden" value="&#x2713;" />
+        <input name="proceed_to" type="hidden" value="https://www.example.com/login" />
+        <button type="submit" class="login-button" data-disable-with="Loading Linkedin login…">Log in with Linkedin</button>
+      </form>
+    HTML
+  end
+end

data/test/key.pem

@@ -0,0 +1,27 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIEowIBAAKCAQEArZztTnC23cY+H+iP2lDCZAiX6wzb6dL9pY1CaGquoalj5qGY
+HJfdp4wb7fdZ6ST3xmgstGWC34s1DQUSpH6OrtzF77m5LWKpN0lQno8tE1BNdT8E
+cdbv8dHNqwk2umO6aQKDvVK98qHHA5pHHj/DKaHx1nra3WscoZLZasuoKTO1fpI4
+/mp8kkJOF6gyZReBVx7fNhzDSt8W41ychKMjLnRlCEgQ5/6xvG9y8RCmsFIi1QiO
+eIN/i/zouJ2QhFzQnf5r1qVRaD6RUBjKClt0vSsRaML35A0sVmMIGJ1p7DtLnl0v
+lmDC/PCjtUH+1ZhGfdbu8NfxIjFcYrnM8cnEnwIDAQABAoIBAQCFsPlg1RVMlJNU
+eP8Fq/j1lVR/UYird6mRacUAqV5O6SUf/cIoCp5Knm8Hgdl/2tLeu2vpgt4UDJvO
+qeBgQYDYkPPvlcJOe9I428E0SKb6X3U2W0+t5kkhm2FYWyEEyTVMFf6itOvGwuOB
+F7W6SnmcPrP/aN3PceM7XN0GC0w0ZPOgpsKO4zJiXyA+NQhOdV/xsUtAgM/zXPVb
+UzJyixPDqJfBHBNCkP6FcJxkc+cLlxnZaG7ug2qfWzvj0l2EepcWQ3R/E56mixcN
+nIoha07jBMJhX0KbRgcZsMmvR0/Z2sLkUgphTI/EdIsPQ/zvfqSQTQAKjDB4Orsi
+quaIerupAoGBANVfWh+d4GnhcxtHYb1CCS6CU1dJDh6vGifeLvAAxuiAOBAepQUs
+9+ewVaS7ARnZ7jwtqOOKRDvAZpEukh7lqFj5haqzuRrImTO6v/Lk8XAA2RC7hY6v
+b65WszIYgGemSubJot7Tevk/lu8lhdkZKp+OZdPU9NS2cEPCcQ3zDchbAoGBANBM
+IVJuQHutAzCTKfjhbZCn78e7AA/eQGMycZUM6i60muYC7L57P0W++ycK6A1cJ49X
+XJ9VvKtjtfqITbIUGuvaFii7XAaGMV85LffJ5t1DjucLScIBDxYp5EJz5/Qj2RDw
+hWJZ+IF0Z4+k1jmIM+eyoNzmjWyYvgpmhFfhx0gNAoGAHcRyt0x4PW1FeL3JpfSr
+gUCPTfMUNDWriXpWxAbnuRICQEV2MjWm1DzmhdfM/IVJ1j1sfWoRwOBDrud3XTYe
++WK+QiVWoqTvsqbQFpvYDw8fOVVf+ZsCEqln0IpYh51Mf8wLm9iXJGS5st1iQfpf
+1uivzhC8o1xcZyeeTBrnhlcCgYBHp7ja04SpRwZO4oFQ1bPMTIlHC0RlMQ6zUToT
+jULOWGDk+WKZ0GoewylA8BaN6gLN477ALU1fJEkI63TW6uWr9vUig/mPYQCBAnmW
+wUUDHud9AbwY2iZneHfGiHrl2KMmmac5AzxixDmQB6OOXRWGAkQmWcWS8ySFDWk/
+ljLozQKBgE1gv+PXyxFOsuKNAylj2h8SlfzyOReS7XgPOX3x27yhp18Y8Wq9jeBr
+INjRFL7CpydZZOB5B8i4CLqa3B0dA/lIYbc5FaLefBY+mt82YtpMsYP1I4bAe/ub
+K7fp2z10/eKfa2e5mcTS2WBwJmVz0cR8Plqd2zPb3+yE+JMiU/k7
+-----END RSA PRIVATE KEY-----

data/test/models/identity_test.rb

@@ -0,0 +1,48 @@
+require 'test_helper'
+require 'jwt'
+
+class LinkedinSignIn::IdentityTest < ActiveSupport::TestCase
+  setup do
+    stub_request(:get, "https://api.linkedin.com/v1/people/~:(id,firstName,lastName,picture-url,email-address,positions)?format=json").
+    to_return \
+      status: 200,
+      body: {
+        id: "573222559223877",
+        firstName: "Vincent",
+        lastName: "Robert",
+        emailAddress: "vincent@genezys.net",
+        pictureUrl: "https://example.com/avatar.png",
+        positions: {
+          values: [
+            { isCurrent: true, company: { name: "Touch & Sell" } },
+            { isCurrent: false, company: { name: "Cantor" } }
+          ]
+        }
+      }.to_json
+  end
+
+  test "extracting user ID" do
+    assert_equal "573222559223877", LinkedinSignIn::Identity.new("fake_token").user_id
+  end
+
+  test "extracting first name" do
+    assert_equal "Vincent", LinkedinSignIn::Identity.new("fake_token").first_name
+  end
+
+  test "extracting last name" do
+    assert_equal "Robert", LinkedinSignIn::Identity.new("fake_token").last_name
+  end
+
+  test "extracting email address" do
+    assert_equal "vincent@genezys.net", LinkedinSignIn::Identity.new("fake_token").email_address
+  end
+
+  test "extracting avatar URL" do
+    assert_equal "https://example.com/avatar.png",
+      LinkedinSignIn::Identity.new("fake_token").avatar_url
+  end
+
+  test "extracting current company name" do
+    assert_equal "Touch & Sell", LinkedinSignIn::Identity.new("fake_token").current_company_name
+  end
+end

data/test/models/redirect_protector_test.rb

@@ -0,0 +1,34 @@
+require 'test_helper'
+require 'linkedin_sign_in/redirect_protector'
+
+class LinkedinSignIn::RedirectProtectorTest < ActiveSupport::TestCase
+  test "disallows URL target with different host than source" do
+    assert_raises LinkedinSignIn::RedirectProtector::Violation do
+      LinkedinSignIn::RedirectProtector.ensure_same_origin 'https://malicious.example.com', 'https://genezys.net'
+    end
+  end
+
+  test "disallows URL target with different port than source" do
+    assert_raises LinkedinSignIn::RedirectProtector::Violation do
+      LinkedinSignIn::RedirectProtector.ensure_same_origin 'https://genezys.net:10443', 'https://genezys.net'
+    end
+  end
+
+  test "disallows URL target with different protocol than source" do
+    assert_raises LinkedinSignIn::RedirectProtector::Violation do
+      LinkedinSignIn::RedirectProtector.ensure_same_origin 'http://genezys.net', 'https://genezys.net'
+    end
+  end
+
+  test "allows URL target with same origin as source" do
+    assert_nothing_raised do
+      LinkedinSignIn::RedirectProtector.ensure_same_origin 'https://genezys.net', 'https://genezys.net'
+    end
+  end
+
+  test "allows path target" do
+    assert_nothing_raised do
+      LinkedinSignIn::RedirectProtector.ensure_same_origin '/callback', 'https://genezys.net'
+    end
+  end
+end

data/test/test_helper.rb

@@ -0,0 +1,28 @@
+ENV['RAILS_ENV'] = 'test'
+
+FAKE_LINKEDIN_CLIENT_ID = '86179201039-eks5VfVc46WoFYyZVUDpQHeZFDRCqno3.apps.linkedinusercontent.com'
+FAKE_LINKEDIN_CLIENT_SECRET = 'r(XsBajmyMddruvf$jDgLyPK'
+
+require_relative '../test/dummy/config/environment'
+
+require 'rails/test_help'
+require 'webmock/minitest'
+require 'byebug'
+
+require 'openssl'
+LINKEDIN_PRIVATE_KEY = OpenSSL::PKey::RSA.new(File.read(File.expand_path('key.pem', __dir__)))
+LINKEDIN_X509_CERTIFICATE = OpenSSL::X509::Certificate.new(File.read(File.expand_path('certificate.pem', __dir__)))
+
+if LINKEDIN_X509_CERTIFICATE.not_after <= Time.now
+  raise "Test certificate is expired. Generate a new one and run the tests again: `bundle exec rake test:certificate:generate`."
+end
+
+require 'linkedin-id-token'
+# LinkedinSignIn::Identity.validator = Validator.new(x509_cert: LINKEDIN_X509_CERTIFICATE)
+
+class ActionView::TestCase
+  private
+    def assert_dom_equal(expected, actual, message = nil)
+      super expected.remove(/(\A|\n)\s*/), actual, message
+    end
+end

metadata

@@ -0,0 +1,267 @@
+--- !ruby/object:Gem::Specification
+name: linkedin_sign_in
+version: !ruby/object:Gem::Version
+  version: '0.3'
+platform: ruby
+authors:
+- Vincent Robert
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2018-11-02 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: rails
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 5.2.0
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 5.2.0
+- !ruby/object:Gem::Dependency
+  name: oauth2
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 1.4.0
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 1.4.0
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.15'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.15'
+- !ruby/object:Gem::Dependency
+  name: jwt
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 1.5.6
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 1.5.6
+- !ruby/object:Gem::Dependency
+  name: webmock
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 3.4.2
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 3.4.2
+description: 
+email:
+- vincent.robert@genezys.net
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- ".gitignore"
+- ".travis.yml"
+- CHANGELOG.md
+- Gemfile
+- Gemfile.lock
+- MIT-LICENSE
+- README.md
+- Rakefile
+- SECURITY.md
+- app/controllers/linkedin_sign_in/authorizations_controller.rb
+- app/controllers/linkedin_sign_in/base_controller.rb
+- app/controllers/linkedin_sign_in/callbacks_controller.rb
+- app/helpers/linkedin_sign_in/button_helper.rb
+- bin/rails
+- config/routes.rb
+- lib/linkedin-id-token.rb
+- lib/linkedin_sign_in.rb
+- lib/linkedin_sign_in/engine.rb
+- lib/linkedin_sign_in/identity.rb
+- lib/linkedin_sign_in/redirect_protector.rb
+- linkedin_sign_in.gemspec
+- test/certificate.pem
+- test/controllers/authorizations_controller_test.rb
+- test/controllers/callbacks_controller_test.rb
+- test/dummy/.ruby-version
+- test/dummy/Rakefile
+- test/dummy/app/assets/config/manifest.js
+- test/dummy/app/assets/images/.keep
+- test/dummy/app/assets/javascripts/application.js
+- test/dummy/app/assets/javascripts/cable.js
+- test/dummy/app/assets/javascripts/channels/.keep
+- test/dummy/app/assets/stylesheets/application.css
+- test/dummy/app/channels/application_cable/channel.rb
+- test/dummy/app/channels/application_cable/connection.rb
+- test/dummy/app/controllers/application_controller.rb
+- test/dummy/app/controllers/concerns/.keep
+- test/dummy/app/helpers/application_helper.rb
+- test/dummy/app/jobs/application_job.rb
+- test/dummy/app/mailers/application_mailer.rb
+- test/dummy/app/models/application_record.rb
+- test/dummy/app/models/concerns/.keep
+- test/dummy/app/views/layouts/application.html.erb
+- test/dummy/app/views/layouts/mailer.html.erb
+- test/dummy/app/views/layouts/mailer.text.erb
+- test/dummy/bin/bundle
+- test/dummy/bin/rails
+- test/dummy/bin/rake
+- test/dummy/bin/setup
+- test/dummy/bin/update
+- test/dummy/bin/yarn
+- test/dummy/config.ru
+- test/dummy/config/application.rb
+- test/dummy/config/boot.rb
+- test/dummy/config/cable.yml
+- test/dummy/config/database.yml
+- test/dummy/config/environment.rb
+- test/dummy/config/environments/development.rb
+- test/dummy/config/environments/production.rb
+- test/dummy/config/environments/test.rb
+- test/dummy/config/initializers/application_controller_renderer.rb
+- test/dummy/config/initializers/backtrace_silencers.rb
+- test/dummy/config/initializers/content_security_policy.rb
+- test/dummy/config/initializers/cookies_serializer.rb
+- test/dummy/config/initializers/filter_parameter_logging.rb
+- test/dummy/config/initializers/inflections.rb
+- test/dummy/config/initializers/linkedin_sign_in.rb
+- test/dummy/config/initializers/mime_types.rb
+- test/dummy/config/initializers/wrap_parameters.rb
+- test/dummy/config/locales/en.yml
+- test/dummy/config/puma.rb
+- test/dummy/config/routes.rb
+- test/dummy/config/spring.rb
+- test/dummy/config/storage.yml
+- test/dummy/lib/assets/.keep
+- test/dummy/log/.keep
+- test/dummy/package.json
+- test/dummy/public/404.html
+- test/dummy/public/422.html
+- test/dummy/public/500.html
+- test/dummy/public/apple-touch-icon-precomposed.png
+- test/dummy/public/apple-touch-icon.png
+- test/dummy/public/favicon.ico
+- test/helpers/button_helper_test.rb
+- test/key.pem
+- test/models/identity_test.rb
+- test/models/redirect_protector_test.rb
+- test/test_helper.rb
+homepage: https://github.com/genezys/linkedin_sign_in
+licenses:
+- MIT
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: 1.9.3
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.7.6
+signing_key: 
+specification_version: 4
+summary: Sign in (or up) with Linkedin for Rails applications
+test_files:
+- test/certificate.pem
+- test/controllers/authorizations_controller_test.rb
+- test/controllers/callbacks_controller_test.rb
+- test/dummy/.ruby-version
+- test/dummy/Rakefile
+- test/dummy/app/assets/config/manifest.js
+- test/dummy/app/assets/images/.keep
+- test/dummy/app/assets/javascripts/application.js
+- test/dummy/app/assets/javascripts/cable.js
+- test/dummy/app/assets/javascripts/channels/.keep
+- test/dummy/app/assets/stylesheets/application.css
+- test/dummy/app/channels/application_cable/channel.rb
+- test/dummy/app/channels/application_cable/connection.rb
+- test/dummy/app/controllers/application_controller.rb
+- test/dummy/app/controllers/concerns/.keep
+- test/dummy/app/helpers/application_helper.rb
+- test/dummy/app/jobs/application_job.rb
+- test/dummy/app/mailers/application_mailer.rb
+- test/dummy/app/models/application_record.rb
+- test/dummy/app/models/concerns/.keep
+- test/dummy/app/views/layouts/application.html.erb
+- test/dummy/app/views/layouts/mailer.html.erb
+- test/dummy/app/views/layouts/mailer.text.erb
+- test/dummy/bin/bundle
+- test/dummy/bin/rails
+- test/dummy/bin/rake
+- test/dummy/bin/setup
+- test/dummy/bin/update
+- test/dummy/bin/yarn
+- test/dummy/config.ru
+- test/dummy/config/application.rb
+- test/dummy/config/boot.rb
+- test/dummy/config/cable.yml
+- test/dummy/config/database.yml
+- test/dummy/config/environment.rb
+- test/dummy/config/environments/development.rb
+- test/dummy/config/environments/production.rb
+- test/dummy/config/environments/test.rb
+- test/dummy/config/initializers/application_controller_renderer.rb
+- test/dummy/config/initializers/backtrace_silencers.rb
+- test/dummy/config/initializers/content_security_policy.rb
+- test/dummy/config/initializers/cookies_serializer.rb
+- test/dummy/config/initializers/filter_parameter_logging.rb
+- test/dummy/config/initializers/inflections.rb
+- test/dummy/config/initializers/linkedin_sign_in.rb
+- test/dummy/config/initializers/mime_types.rb
+- test/dummy/config/initializers/wrap_parameters.rb
+- test/dummy/config/locales/en.yml
+- test/dummy/config/puma.rb
+- test/dummy/config/routes.rb
+- test/dummy/config/spring.rb
+- test/dummy/config/storage.yml
+- test/dummy/lib/assets/.keep
+- test/dummy/log/.keep
+- test/dummy/package.json
+- test/dummy/public/404.html
+- test/dummy/public/422.html
+- test/dummy/public/500.html
+- test/dummy/public/apple-touch-icon-precomposed.png
+- test/dummy/public/apple-touch-icon.png
+- test/dummy/public/favicon.ico
+- test/helpers/button_helper_test.rb
+- test/key.pem
+- test/models/identity_test.rb
+- test/models/redirect_protector_test.rb
+- test/test_helper.rb