oauth_token_verifier 0.1.1

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml ADDED
@@ -0,0 +1,7 @@
1
+ ---
2
+ SHA1:
3
+ metadata.gz: ec509c6ef623d7c5f4c3e99bcc9998f6add0f3d9
4
+ data.tar.gz: e3df41224d4579a2561340036465f8ffc3679a81
5
+ SHA512:
6
+ metadata.gz: 19b23a9dd996aa58c8f138af2475248902e3695470a3b3bbf13530386cdf7dd23e8870a5e558a8af2831c1043c8e5c0335671221323c6afe8debbeaeb4d5159d
7
+ data.tar.gz: 5be231ec627f88e026a9c59edcb399eff45f2b66908df1d4e247230ae82d9047285241ec96c2446afc5709736ff313ee5463c47eb8bdbb338fdf73244c333f1b
data/.gitignore ADDED
@@ -0,0 +1,12 @@
1
+ /.bundle/
2
+ /.yardoc
3
+ /Gemfile.lock
4
+ /_yardoc/
5
+ /coverage/
6
+ /doc/
7
+ /pkg/
8
+ /spec/reports/
9
+ /tmp/
10
+
11
+ # rspec failure tracking
12
+ .rspec_status
data/.rspec ADDED
@@ -0,0 +1,2 @@
1
+ --format documentation
2
+ --color
data/.travis.yml ADDED
@@ -0,0 +1,5 @@
1
+ sudo: false
2
+ language: ruby
3
+ rvm:
4
+ - 2.3.3
5
+ before_install: gem install bundler -v 1.15.1
data/Gemfile ADDED
@@ -0,0 +1,4 @@
1
+ source 'https://rubygems.org'
2
+
3
+ # Specify your gem's dependencies in oauth_token_verifier.gemspec
4
+ gemspec
data/LICENSE.txt ADDED
@@ -0,0 +1,21 @@
1
+ The MIT License (MIT)
2
+
3
+ Copyright (c) 2017 Shkrt
4
+
5
+ Permission is hereby granted, free of charge, to any person obtaining a copy
6
+ of this software and associated documentation files (the "Software"), to deal
7
+ in the Software without restriction, including without limitation the rights
8
+ to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
9
+ copies of the Software, and to permit persons to whom the Software is
10
+ furnished to do so, subject to the following conditions:
11
+
12
+ The above copyright notice and this permission notice shall be included in
13
+ all copies or substantial portions of the Software.
14
+
15
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16
+ IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17
+ FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18
+ AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19
+ LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20
+ OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
21
+ THE SOFTWARE.
data/README.md ADDED
@@ -0,0 +1,47 @@
1
+ # OauthTokenVerifier
2
+
3
+ This library helps to verify oauth2 access tokens that have been obtained from third party, i.e. mobile application.
4
+
5
+ ## Installation
6
+
7
+ `gem install oauth_token_verifier`
8
+
9
+ `gem oauth_token_verifier`
10
+
11
+ ## Configuration
12
+
13
+ ```
14
+ OauthTokenVerifier.configure do |c|
15
+
16
+ # You should configure enabled providers first, only three providers are supported by now
17
+ c.enabled_providers = [:google, :facebook, :vk]
18
+
19
+ # then goes separate configuration for each provider
20
+ # provider name to be returned
21
+ c.facebook.name = 'facebook'
22
+
23
+ # id field - this used to uniquely identify user
24
+ c.facebook.id_field = 'id'
25
+
26
+ # mapping of other returned fields. By default, no fields parameter passed when querying a provider. Feel free to add any field supported by chosen provider
27
+ c.facebook.fields_mapping = { first_name: :name }
28
+
29
+ c.vk.name = 'vkontakte'
30
+ c.vk.id_field = 'uid'
31
+ c.vk.fields_mapping = { sex: :gender, photo_id: :avatar }
32
+
33
+ c.google.name = 'google'
34
+ c.google.id_field = 'email'
35
+ c.google.fields_mapping = { given_name: :first_name, picture: :avatar }
36
+
37
+ end
38
+ ```
39
+
40
+ ## Usage
41
+
42
+ `include OauthTokenVerifier`
43
+
44
+ `verify(:google, 'qweqweqwLKJNlknlknlk343=')`
45
+
46
+ The response will either return a struct, containing profile info fields, or raise an exception with error explanation
47
+
data/Rakefile ADDED
@@ -0,0 +1,6 @@
1
+ require 'bundler/gem_tasks'
2
+ require 'rspec/core/rake_task'
3
+
4
+ RSpec::Core::RakeTask.new(:spec)
5
+
6
+ task default: :spec
data/bin/console ADDED
@@ -0,0 +1,14 @@
1
+ #!/usr/bin/env ruby
2
+
3
+ require 'bundler/setup'
4
+ require 'oauth_token_verifier'
5
+
6
+ # You can add fixtures and/or initialization code here to make experimenting
7
+ # with your gem easier. You can also use a different console, if you like.
8
+
9
+ # (If you use this, don't forget to add pry to your Gemfile!)
10
+ # require "pry"
11
+ # Pry.start
12
+
13
+ require 'irb'
14
+ IRB.start(__FILE__)
data/bin/setup ADDED
@@ -0,0 +1,8 @@
1
+ #!/usr/bin/env bash
2
+ set -euo pipefail
3
+ IFS=$'\n\t'
4
+ set -vx
5
+
6
+ bundle install
7
+
8
+ # Do any other automated setup that you need to do here
@@ -0,0 +1,24 @@
1
+ module OauthTokenVerifier
2
+ class Configuration
3
+ attr_accessor :enabled_providers, :google, :vk, :facebook
4
+ ProviderSettings = Struct.new(:fields_mapping, :name, :id_field)
5
+
6
+ def initialize
7
+ @enabled_providers = []
8
+
9
+ @google = ProviderSettings.new({
10
+ 'first_name' => 'given_name',
11
+ 'last_name' => 'family_name'
12
+ }, 'google', 'email')
13
+
14
+ @vk = ProviderSettings.new({
15
+ 'first_name' => 'first_name',
16
+ 'last_name' => 'last_name'
17
+ }, 'vk', 'uid')
18
+
19
+ @facebook = ProviderSettings.new({
20
+ 'first_name' => 'name',
21
+ }, 'facebook', 'id')
22
+ end
23
+ end
24
+ end
@@ -0,0 +1,51 @@
1
+ # frozen_string_literal: true
2
+
3
+ module OauthTokenVerifier::Providers
4
+ class Facebook
5
+ BaseFields = Struct.new(:uid, :provider, :info)
6
+
7
+ def initialize
8
+ @data_fields = Struct.new(*config.fields_mapping.values)
9
+ @request_fields = config.fields_mapping.keys.join(',')
10
+ end
11
+
12
+ def verify_token(context)
13
+ uri = build_uri(context.token)
14
+ response = check_response(uri)
15
+ parse_response(response)
16
+ end
17
+
18
+ private
19
+
20
+ def config
21
+ OauthTokenVerifier.configuration.facebook
22
+ end
23
+
24
+ def build_uri(token)
25
+ URI::HTTPS.build(host: 'graph.facebook.com',
26
+ path: '/me',
27
+ query: { access_token: token,
28
+ fields: @request_fields
29
+ }.to_query)
30
+ end
31
+
32
+ def check_response(uri)
33
+ response = JSON.parse(Net::HTTP.get(uri))
34
+ if error = response['error']
35
+ raise TokenVerifier::TokenCheckError, error['message']
36
+ else
37
+ response
38
+ end
39
+ end
40
+
41
+ def parse_response(data)
42
+ BaseFields.new(
43
+ data[config.id_field],
44
+ config.name,
45
+ @data_fields.new(
46
+ *data.values_at(*config.fields_mapping.keys.map(&:to_s))
47
+ )
48
+ )
49
+ end
50
+ end
51
+ end
@@ -0,0 +1,48 @@
1
+ # frozen_string_literal: true
2
+
3
+ module OauthTokenVerifier::Providers
4
+ class Google
5
+ BaseFields = Struct.new(:uid, :provider, :info)
6
+
7
+ def initialize
8
+ @data_fields = Struct.new(*config.fields_mapping.values)
9
+ end
10
+
11
+ def verify_token(context)
12
+ uri = build_uri(context.token)
13
+ response = check_response(uri)
14
+ parse_response(response)
15
+ end
16
+
17
+ private
18
+
19
+ def config
20
+ OauthTokenVerifier.configuration.google
21
+ end
22
+
23
+ def build_uri(token)
24
+ URI::HTTPS.build(host: 'www.googleapis.com',
25
+ path: '/oauth2/v3/tokeninfo',
26
+ query: { id_token: token }.to_query)
27
+ end
28
+
29
+ def check_response(uri)
30
+ response = JSON.parse(Net::HTTP.get(uri))
31
+ if error = response['error_description']
32
+ raise TokenVerifier::TokenCheckError, error
33
+ else
34
+ response
35
+ end
36
+ end
37
+
38
+ def parse_response(data)
39
+ BaseFields.new(
40
+ data[config.id_field],
41
+ config.name,
42
+ @data_fields.new(
43
+ *data.values_at(*config.fields_mapping.keys.map(&:to_s))
44
+ )
45
+ )
46
+ end
47
+ end
48
+ end
@@ -0,0 +1,51 @@
1
+ # frozen_string_literal: true
2
+
3
+ module OauthTokenVerifier::Providers
4
+ class Vk
5
+ BaseFields = Struct.new(:uid, :provider, :info)
6
+
7
+ def initialize
8
+ @data_fields = Struct.new(*config.fields_mapping.values)
9
+ @request_fields = config.fields_mapping.keys.join(',')
10
+ end
11
+
12
+ def verify_token(context)
13
+ uri = build_uri(context.token)
14
+ response = check_response(uri)
15
+ parse_response(response)
16
+ end
17
+
18
+ private
19
+
20
+ def config
21
+ OauthTokenVerifier.configuration.vk
22
+ end
23
+
24
+ def build_uri(token)
25
+ URI::HTTPS.build(host: 'api.vk.com',
26
+ path: '/method/users.get',
27
+ query: { access_token: token,
28
+ fields: @request_fields
29
+ }.to_query)
30
+ end
31
+
32
+ def check_response(uri)
33
+ response = JSON.parse(Net::HTTP.get(uri))
34
+ if error = response['error']
35
+ raise TokenVerifier::TokenCheckError, error['error_msg']
36
+ else
37
+ response['response'].first
38
+ end
39
+ end
40
+
41
+ def parse_response(data)
42
+ BaseFields.new(
43
+ data[config.id_field],
44
+ config.name,
45
+ @data_fields.new(
46
+ *data.values_at(*config.fields_mapping.keys.map(&:to_s))
47
+ )
48
+ )
49
+ end
50
+ end
51
+ end
@@ -0,0 +1,3 @@
1
+ module OauthTokenVerifier
2
+ VERSION = '0.1.1'.freeze
3
+ end
@@ -0,0 +1,57 @@
1
+ require 'oauth_token_verifier/version'
2
+ require 'oauth_token_verifier/configuration'
3
+ require 'oauth_token_verifier/providers/google'
4
+ require 'oauth_token_verifier/providers/facebook'
5
+ require 'oauth_token_verifier/providers/vk'
6
+
7
+ module OauthTokenVerifier
8
+ def verify(provider_name, payload)
9
+ TokenVerifier.new(provider_name, payload[:token]).verify_token
10
+ end
11
+
12
+ def configure
13
+ yield configuration
14
+ end
15
+
16
+ def configuration
17
+ @configuration ||= Configuration.new
18
+ end
19
+ module_function :configuration, :configure
20
+
21
+ class TokenVerifier
22
+ attr_reader :token
23
+ attr_accessor :provider
24
+
25
+ # TODO: Factor out errors to separate module with inheritance
26
+ class TokenCheckError < StandardError
27
+ def initialize(msg)
28
+ super(msg)
29
+ end
30
+ end
31
+
32
+ class NoProviderFoundError < StandardError
33
+ def initialize(msg)
34
+ super(msg)
35
+ end
36
+ end
37
+
38
+ def initialize(provider_name, token)
39
+ @provider = find_provider(provider_name).new
40
+ @token = token
41
+ end
42
+
43
+ def verify_token
44
+ @provider.verify_token(self)
45
+ end
46
+
47
+ private
48
+
49
+ def find_provider(name)
50
+ unless OauthTokenVerifier.configuration.enabled_providers.include? name
51
+ raise NoProviderFoundError, "Oauth provider #{name} is not enabled in configuration"
52
+ end
53
+
54
+ "OauthTokenVerifier::Providers::#{name.to_s.camelize}".constantize
55
+ end
56
+ end
57
+ end
@@ -0,0 +1,28 @@
1
+ # coding: utf-8
2
+
3
+ lib = File.expand_path('../lib', __FILE__)
4
+ $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
5
+ require 'oauth_token_verifier/version'
6
+
7
+ Gem::Specification.new do |spec|
8
+ spec.name = 'oauth_token_verifier'
9
+ spec.version = OauthTokenVerifier::VERSION
10
+ spec.authors = ['Shkrt']
11
+ spec.email = ['zxcgpppmnn@gmail.com']
12
+
13
+ spec.summary = 'Oauth2 token verification'
14
+ spec.description = 'This library provides possibility of verifying oauth2 access tokens, obtained from third party'
15
+ spec.homepage = "https://github.com/Shkrt/oauth_token_verifier"
16
+ spec.license = 'MIT'
17
+
18
+ spec.files = `git ls-files -z`.split("\x0").reject do |f|
19
+ f.match(%r{^(test|spec|features)/})
20
+ end
21
+ spec.bindir = 'exe'
22
+ spec.executables = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
23
+ spec.require_paths = ['lib']
24
+
25
+ spec.add_development_dependency 'bundler', '~> 1.15'
26
+ spec.add_development_dependency 'rake', '~> 10.0'
27
+ spec.add_development_dependency 'rspec', '~> 3.0'
28
+ end
metadata ADDED
@@ -0,0 +1,103 @@
1
+ --- !ruby/object:Gem::Specification
2
+ name: oauth_token_verifier
3
+ version: !ruby/object:Gem::Version
4
+ version: 0.1.1
5
+ platform: ruby
6
+ authors:
7
+ - Shkrt
8
+ autorequire:
9
+ bindir: exe
10
+ cert_chain: []
11
+ date: 2017-07-03 00:00:00.000000000 Z
12
+ dependencies:
13
+ - !ruby/object:Gem::Dependency
14
+ name: bundler
15
+ requirement: !ruby/object:Gem::Requirement
16
+ requirements:
17
+ - - "~>"
18
+ - !ruby/object:Gem::Version
19
+ version: '1.15'
20
+ type: :development
21
+ prerelease: false
22
+ version_requirements: !ruby/object:Gem::Requirement
23
+ requirements:
24
+ - - "~>"
25
+ - !ruby/object:Gem::Version
26
+ version: '1.15'
27
+ - !ruby/object:Gem::Dependency
28
+ name: rake
29
+ requirement: !ruby/object:Gem::Requirement
30
+ requirements:
31
+ - - "~>"
32
+ - !ruby/object:Gem::Version
33
+ version: '10.0'
34
+ type: :development
35
+ prerelease: false
36
+ version_requirements: !ruby/object:Gem::Requirement
37
+ requirements:
38
+ - - "~>"
39
+ - !ruby/object:Gem::Version
40
+ version: '10.0'
41
+ - !ruby/object:Gem::Dependency
42
+ name: rspec
43
+ requirement: !ruby/object:Gem::Requirement
44
+ requirements:
45
+ - - "~>"
46
+ - !ruby/object:Gem::Version
47
+ version: '3.0'
48
+ type: :development
49
+ prerelease: false
50
+ version_requirements: !ruby/object:Gem::Requirement
51
+ requirements:
52
+ - - "~>"
53
+ - !ruby/object:Gem::Version
54
+ version: '3.0'
55
+ description: This library provides possibility of verifying oauth2 access tokens,
56
+ obtained from third party
57
+ email:
58
+ - zxcgpppmnn@gmail.com
59
+ executables: []
60
+ extensions: []
61
+ extra_rdoc_files: []
62
+ files:
63
+ - ".gitignore"
64
+ - ".rspec"
65
+ - ".travis.yml"
66
+ - Gemfile
67
+ - LICENSE.txt
68
+ - README.md
69
+ - Rakefile
70
+ - bin/console
71
+ - bin/setup
72
+ - lib/oauth_token_verifier.rb
73
+ - lib/oauth_token_verifier/configuration.rb
74
+ - lib/oauth_token_verifier/providers/facebook.rb
75
+ - lib/oauth_token_verifier/providers/google.rb
76
+ - lib/oauth_token_verifier/providers/vk.rb
77
+ - lib/oauth_token_verifier/version.rb
78
+ - oauth_token_verifier.gemspec
79
+ homepage: https://github.com/Shkrt/oauth_token_verifier
80
+ licenses:
81
+ - MIT
82
+ metadata: {}
83
+ post_install_message:
84
+ rdoc_options: []
85
+ require_paths:
86
+ - lib
87
+ required_ruby_version: !ruby/object:Gem::Requirement
88
+ requirements:
89
+ - - ">="
90
+ - !ruby/object:Gem::Version
91
+ version: '0'
92
+ required_rubygems_version: !ruby/object:Gem::Requirement
93
+ requirements:
94
+ - - ">="
95
+ - !ruby/object:Gem::Version
96
+ version: '0'
97
+ requirements: []
98
+ rubyforge_project:
99
+ rubygems_version: 2.5.2
100
+ signing_key:
101
+ specification_version: 4
102
+ summary: Oauth2 token verification
103
+ test_files: []