omniauth-auth0 1.3.0 → 1.4.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 05c5b449f7be964fb837070c954f284e432fe2f3
-  data.tar.gz: f6c37ee4ade8bc429c76f524924f5480c60f8556
+  metadata.gz: bd50cc68d4204cea39dfe9768136109b57134ea6
+  data.tar.gz: 173e0a227c26d92344b4efc4ad0e9488e661f00d
 SHA512:
-  metadata.gz: 6b7803e4c457f940eb3d236a1b356564ab14093ed6dd3fe9bdeee3ac13c57395e8a1911909ee678aa3a19ff36c9dd85305eec5569875d06c03f9d2dbee8e8b3d
-  data.tar.gz: 0daf87a9767431012304e795cdebd5c7358b4d14c469170db0ec11775dcc688edd2556df22e760e994af941da0c4fe7d80001710deba2c18067568f3660aa3dd
+  metadata.gz: 98af35c60a404d1bd132af797c1febfa0c5e652c20a34335495f448b230eabe013153699c80a51a9f9b51ce65fd559f7f925df78bb7b44dd0024504ca776ff47
+  data.tar.gz: 75972c6b9c26082ef8d1eab1fd3c111be6424b7a07c5a7fc6cfa8160353043b6e53ce4a89817d930f6c2f1459bd31c46707702522af86e90b6369612754ea83f

data/.travis.yml

@@ -0,0 +1,3 @@
+language: ruby
+rvm:
+  - 2.1.0

data/README.md

@@ -1,3 +1,5 @@
+[![Build Status](https://travis-ci.org/auth0/omniauth-auth0.svg)](https://travis-ci.org/auth0/omniauth-auth0)
+
 # OmniAuth Auth0
 
 This is the official OmniAuth strategy for authenticating to [Auth0](https://auth0.com).
@@ -22,6 +24,12 @@ Rails.application.config.middleware.use OmniAuth::Builder do
 end
 ```
 
+If you want to force an identity provider you can simply redirect to the Omniauth path like this:
+
+```ruby
+redirect_to '/auth/auth0?connection=CONNECTION_NAME'
+```
+
 ### Sinatra
 
 ```ruby
@@ -32,9 +40,15 @@ end
 
 > Optional you can set the `:provider_ignores_state` passing a fourth parameter. By default it is true.
 
+If you want to force to force an identity provider you can simply redirect to Omniauth path like this:
+
+```ruby
+redirect to('/auth/auth0?connection=CONNECTION_NAME')
+```
+
 ### Login widget
 
-Integrate the widget in one of your pages as described [here](http://docs.auth0.com/widget) or use links as described in the same link.
+Integrate the widget in one of your pages as described [here](http://auth0.com/docs/lock) or use links as described in the same link.
 
 ### Auth Hash
 
@@ -103,3 +117,11 @@ For more information about [auth0](http://auth0.com) contact our [documentation
 ## Issue Reporting
 
 If you have found a bug or if you have a feature request, please report them at this repository issues section. Please do not report security vulnerabilities on the public GitHub issue tracker. The [Responsible Disclosure Program](https://auth0.com/whitehat) details the procedure for disclosing security issues.
+
+## Author
+
+[Auth0](auth0.com)
+
+## License
+
+This project is licensed under the MIT license. See the [LICENSE](LICENSE) file for more info.

data/examples/ruby-on-rails-webapp/.gitignore

@@ -0,0 +1,17 @@
+# See https://help.github.com/articles/ignoring-files for more about ignoring files.
+#
+# If you find yourself ignoring temporary files generated by your text editor
+# or operating system, you probably want to add a global ignore instead:
+#   git config --global core.excludesfile '~/.gitignore_global'
+
+# Ignore bundler config.
+/.bundle
+
+# Ignore the default SQLite database.
+/db/*.sqlite3
+/db/*.sqlite3-journal
+
+# Ignore all logfiles and tempfiles.
+/log/*.log
+/tmp
+.env

data/examples/ruby-on-rails-webapp/Gemfile

@@ -0,0 +1,48 @@
+source 'https://rubygems.org'
+
+
+# Bundle edge Rails instead: gem 'rails', github: 'rails/rails'
+gem 'rails', '4.1.1'
+# Use sqlite3 as the database for Active Record
+gem 'sqlite3', group: :development
+gem 'pry', group: :development
+gem 'pg'
+# Use SCSS for stylesheets
+gem 'sass-rails', '~> 4.0.3'
+# Use Uglifier as compressor for JavaScript assets
+gem 'uglifier', '>= 1.3.0'
+# Use CoffeeScript for .js.coffee assets and views
+gem 'coffee-rails', '~> 4.0.0'
+# See https://github.com/sstephenson/execjs#readme for more supported runtimes
+# gem 'therubyracer',  platforms: :ruby
+
+gem 'rails_12factor', group: :production
+
+# Use jquery as the JavaScript library
+gem 'jquery-rails'
+# Turbolinks makes following links in your web application faster. Read more: https://github.com/rails/turbolinks
+gem 'turbolinks'
+# Build JSON APIs with ease. Read more: https://github.com/rails/jbuilder
+gem 'jbuilder', '~> 2.0'
+# bundle exec rake doc:rails generates the API under doc/api.
+gem 'sdoc', '~> 0.4.0',          group: :doc
+
+# Spring speeds up development by keeping your application running in the background. Read more: https://github.com/rails/spring
+gem 'spring',        group: :development
+
+gem 'omniauth', '~> 1.2'
+gem 'omniauth-auth0', '~> 1.1'
+
+gem 'dotenv', '~> 0.11.1', group: :development
+
+# Use ActiveModel has_secure_password
+# gem 'bcrypt', '~> 3.1.7'
+
+# Use unicorn as the app server
+# gem 'unicorn'
+
+# Use Capistrano for deployment
+# gem 'capistrano-rails', group: :development
+
+# Use debugger
+# gem 'debugger', group: [:development, :test]

data/examples/ruby-on-rails-webapp/README.md

@@ -0,0 +1,20 @@
+#Auth0 + Ruby on Rails WebApp Seed
+This is the seed project you need to use if you're going to create a regular WebApp with Ruby on Rails. If you want to build a Ruby On Rails API that will be used with a SPA or a Mobile device, please check this [other seed project](https://github.com/auth0/ruby-auth0/tree/master/examples/ruby-on-rails-api)
+
+This example is deployed at Heroku at http://auth0-ror-webapp-sample.herokuapp.com/
+
+#Running the example
+In order to run the example you need to have ruby installed.
+
+You also need to set the ClientSecret, ClientId, Domain and CallbackURL for your Auth0 app as enviroment variables with the following names respectively: AUTH0_CLIENT_SECRET, AUTH0_CLIENT_ID, AUTH0_DOMAIN and AUTH0_CALLBACK_URL.
+
+For that, if you just create a file named .env in the directory and set the values like the following, the app will just work:
+
+````bash
+# .env file
+AUTH0_CLIENT_SECRET=myCoolSecret
+AUTH0_CLIENT_ID=myCoolClientId
+AUTH0_DOMAIN=samples.auth0.com
+AUTH0_CALLBACK_URL=http://localhost:3000/auth/auth0/callback
+````
+Once you've set those 4 enviroment variables, just run `rails s` and try calling [http://localhost:3000/](http://localhost:3000/)

data/examples/ruby-on-rails-webapp/README.rdoc

@@ -0,0 +1,28 @@
+== README
+
+This README would normally document whatever steps are necessary to get the
+application up and running.
+
+Things you may want to cover:
+
+* Ruby version
+
+* System dependencies
+
+* Configuration
+
+* Database creation
+
+* Database initialization
+
+* How to run the test suite
+
+* Services (job queues, cache servers, search engines, etc.)
+
+* Deployment instructions
+
+* ...
+
+
+Please feel free to use a different markup language if you do not plan to run
+<tt>rake doc:app</tt>.

data/examples/ruby-on-rails-webapp/Rakefile

@@ -0,0 +1,6 @@
+# Add your own tasks in files placed in lib/tasks ending in .rake,
+# for example lib/tasks/capistrano.rake, and they will automatically be available to Rake.
+
+require File.expand_path('../config/application', __FILE__)
+
+Rails.application.load_tasks

data/examples/ruby-on-rails-webapp/app/assets/javascripts/application.js

@@ -0,0 +1,13 @@
+// This is a manifest file that'll be compiled into application.js, which will include all the files
+// listed below.
+//
+// Any JavaScript/Coffee file within this directory, lib/assets/javascripts, vendor/assets/javascripts,
+// or vendor/assets/javascripts of plugins, if any, can be referenced here using a relative path.
+//
+// It's not advisable to add code directly here, but if you do, it'll appear at the bottom of the
+// compiled file.
+//
+// Read Sprockets README (https://github.com/sstephenson/sprockets#sprockets-directives) for details
+// about supported directives.
+//
+//= require_tree .

data/examples/ruby-on-rails-webapp/app/assets/javascripts/home.js.erb

@@ -0,0 +1,10 @@
+var lock = new Auth0Lock('<%= Rails.application.secrets.auth0_client_id %>', '<%= Rails.application.secrets.auth0_domain %>');
+function signin() {
+	lock.show({
+	    callbackURL: 'http://localhost:3000/auth/auth0/callback', // use this in production  '<%= Rails.application.secrets.auth0_callback_url %>'
+	    responseType: 'code', 
+	    authParams: {
+	    	scope: 'openid profile'
+	  	}
+	});
+}

data/examples/ruby-on-rails-webapp/app/assets/stylesheets/application.css

@@ -0,0 +1,114 @@
+/*
+ * This is a manifest file that'll be compiled into application.css, which will include all the files
+ * listed below.
+ *
+ * Any CSS and SCSS file within this directory, lib/assets/stylesheets, vendor/assets/stylesheets,
+ * or vendor/assets/stylesheets of plugins, if any, can be referenced here using a relative path.
+ *
+ * You're free to add application-wide styles to this file and they'll appear at the bottom of the
+ * compiled file so the styles you add here take precedence over styles defined in any styles
+ * defined in the other CSS/SCSS files in this directory. It is generally better to create a new
+ * file per style scope.
+ *
+ *= require_tree .
+ *= require_self
+ */
+
+ body {
+  font-family: "proxima-nova", sans-serif;
+  text-align: center;
+  font-size: 300%;
+  font-weight: 100;
+}
+input[type=checkbox],
+input[type=radio] {
+  position: absolute;
+  opacity: 0;
+}
+input[type=checkbox] + label,
+input[type=radio] + label {
+  display: inline-block;
+}
+input[type=checkbox] + label:before,
+input[type=radio] + label:before {
+  content: "";
+  display: inline-block;
+  vertical-align: -0.2em;
+  width: 1em;
+  height: 1em;
+  border: 0.15em solid #0074d9;
+  border-radius: 0.2em;
+  margin-right: 0.3em;
+  background-color: white;
+}
+input[type=radio] + label:before {
+  border-radius: 50%;
+}
+input[type=radio]:checked + label:before,
+input[type=checkbox]:checked + label:before {
+  background-color: #0074d9;
+  box-shadow: inset 0 0 0 0.15em white;
+}
+input[type=radio]:focus + label:before,
+input[type=checkbox]:focus + label:before {
+  outline: 0;
+}
+.btn {
+  font-size: 140%;
+  text-transform: uppercase;
+  letter-spacing: 1px;
+  border: 0;
+  background-color: #16214D;
+  color: white;
+}
+.btn:hover {
+  background-color: #44C7F4;
+}
+.btn:focus {
+  outline: none !important;
+}
+.btn.btn-lg {
+  padding: 20px 30px;
+}
+.btn:disabled {
+  background-color: #333;
+  color: #666;
+}
+h1,
+h2,
+h3 {
+  font-weight: 100;
+}
+#logo img {
+  width: 300px;
+  margin-bottom: 60px;
+}
+.home-description {
+  font-weight: 100;
+  margin: 100px 0;
+}
+h2 {
+  margin-top: 30px;
+  margin-bottom: 40px;
+  font-size: 200%;
+}
+label {
+  font-size: 100%;
+  font-weight: 300;
+}
+.btn-next {
+  margin-top: 30px;
+}
+.answer {
+  width: 70%;
+  margin: auto;
+  text-align: left;
+  padding-left: 10%;
+  margin-bottom: 20px;
+}
+.login-page .login-box {
+  padding: 100px 0;
+}
+pre {
+  text-align: left;
+}

data/examples/ruby-on-rails-webapp/app/controllers/application_controller.rb

@@ -0,0 +1,5 @@
+class ApplicationController < ActionController::Base
+  # Prevent CSRF attacks by raising an exception.
+  # For APIs, you may want to use :null_session instead.
+  protect_from_forgery with: :exception
+end

data/examples/ruby-on-rails-webapp/app/controllers/auth0_controller.rb

@@ -0,0 +1,14 @@
+class Auth0Controller < ApplicationController
+  def callback
+     # example request.env['omniauth.auth'] in https://github.com/auth0/omniauth-auth0#auth-hash
+    # id_token = session[:userinfo]['credentials']['id_token']
+    # store the user profile in session and redirect to root
+    session[:userinfo] = request.env['omniauth.auth']
+
+    redirect_to '/dashboard'
+  end
+
+  def failure
+    @error_msg = request.params['message']
+  end
+end

data/examples/ruby-on-rails-webapp/app/controllers/dashboard_controller.rb

@@ -0,0 +1,5 @@
+class DashboardController < SecuredController
+  def show
+    @user = session[:userinfo]
+  end
+end

data/examples/ruby-on-rails-webapp/app/controllers/home_controller.rb

@@ -0,0 +1,5 @@
+class HomeController < ApplicationController
+  def show
+
+  end
+end

data/examples/ruby-on-rails-webapp/app/controllers/secured_controller.rb

@@ -0,0 +1,13 @@
+class SecuredController < ApplicationController
+
+  before_action :logged_in_using_omniauth?
+
+  private
+
+  def logged_in_using_omniauth?
+    unless session[:userinfo].present?
+      redirect_to '/'
+    end
+  end
+
+end

data/examples/ruby-on-rails-webapp/app/helpers/application_helper.rb

@@ -0,0 +1,2 @@
+module ApplicationHelper
+end

data/examples/ruby-on-rails-webapp/app/helpers/callback_helper.rb

@@ -0,0 +1,2 @@
+module CallbackHelper
+end

data/examples/ruby-on-rails-webapp/app/helpers/dashboard_helper.rb

@@ -0,0 +1,2 @@
+module DashboardHelper
+end

data/examples/ruby-on-rails-webapp/app/helpers/home_helper.rb

@@ -0,0 +1,2 @@
+module HomeHelper
+end

data/examples/ruby-on-rails-webapp/app/views/auth0/failure.html.erb

@@ -0,0 +1,4 @@
+<div class="home">
+  <h2>Error <%= @error_msg %></h2>
+  <p><%= @omniauth_error %></p>
+</div>

data/examples/ruby-on-rails-webapp/app/views/dashboard/show.html.erb

@@ -0,0 +1,12 @@
+<div class="home">
+    <div class="container">
+        <div class="login-page clearfix">
+          <div class="logged-in-box auth0-box logged-in">
+            <h1 id="logo"><img src="//cdn.auth0.com/samples/auth0_logo_final_blue_RGB.png" /></h1>
+            <img class="avatar" src="<%= @user[:info][:image] %>"/>
+            <h2>Welcome <%= @user[:info][:name] %></h2>
+            <pre><%= JSON.pretty_generate(@user[:info]) %></pre>
+          </div>
+        </div>
+    </div>
+</div>

data/examples/ruby-on-rails-webapp/app/views/home/show.html.erb

@@ -0,0 +1,17 @@
+<% content_for :cdn_code do %>
+  <%= javascript_include_tag '//cdn.auth0.com/js/lock-7.0.min.js' %>
+<% end %>
+<div class="home">
+    <div class="container">
+        <div class="login-page clearfix">
+          <div class="login-box auth0-box before">
+            <img src="https://i.cloudup.com/StzWWrY34s.png" />
+            <h3>Auth0 Example</h3>
+            <p>Zero friction identity infrastructure, built for developers</p>
+            <a class="btn btn-primary btn-lg btn-login btn-block" onclick="signin()">SignIn</a>
+          </div>
+        </div>
+    </div>
+</div>
+
+