omniauth-auth0 1.3.0 → 1.4.0

data/examples/ruby-on-rails-webapp/config/secrets.yml

@@ -0,0 +1,35 @@
+# Be sure to restart your server when you modify this file.
+
+# Your secret key is used for verifying the integrity of signed cookies.
+# If you change this key, all old signed cookies will become invalid!
+
+# Make sure the secret is at least 30 characters and all random,
+# no regular words or you'll be exposed to dictionary attacks.
+# You can use `rake secret` to generate a secure secret key.
+
+# Make sure the secrets in this file are kept private
+# if you're sharing your code publicly.
+
+development:
+  secret_key_base: 44943afd8bfa7c8f48302d23a56af7a44766e516fc9b2585e9b198fb55e628e1a11ff2b876f193068f23dac95031e2d36fce28341f429076fcc322df68a4c572
+  auth0_client_id: <%= ENV["AUTH0_CLIENT_ID"] %>
+  auth0_client_secret: <%= ENV["AUTH0_CLIENT_SECRET"] %>
+  auth0_domain: <%= ENV["AUTH0_DOMAIN"] %>
+  auth0_callback_url: <%= ENV["AUTH0_CALLBACK_URL"] %>
+
+
+test:
+  secret_key_base: 730ab4e74b6278ea9ecf8da4975ce7959836fc082b4974eb3cb65e0026be59b6502082b23fcecea9c611b5e5059632f876cdc7d5b31b3e80fc7c7b76c70e85b3
+  auth0_client_id: <%= ENV["AUTH0_CLIENT_ID"] %>
+  auth0_client_secret: <%= ENV["AUTH0_CLIENT_SECRET"] %>
+  auth0_domain: <%= ENV["AUTH0_DOMAIN"] %>
+  auth0_callback_url: <%= ENV["AUTH0_CALLBACK_URL"] %>
+
+# Do not keep production secrets in the repository,
+# instead read values from the environment.
+production:
+  secret_key_base: <%= ENV["SECRET_KEY_BASE"] %>
+  auth0_client_id: <%= ENV["AUTH0_CLIENT_ID"] %>
+  auth0_client_secret: <%= ENV["AUTH0_CLIENT_SECRET"] %>
+  auth0_domain: <%= ENV["AUTH0_DOMAIN"] %>
+  auth0_callback_url: <%= ENV["AUTH0_CALLBACK_URL"] %>

data/examples/ruby-on-rails-webapp/db/seeds.rb

@@ -0,0 +1,7 @@
+# This file should contain all the record creation needed to seed the database with its default values.
+# The data can then be loaded with the rake db:seed (or created alongside the db with db:setup).
+#
+# Examples:
+#
+#   cities = City.create([{ name: 'Chicago' }, { name: 'Copenhagen' }])
+#   Mayor.create(name: 'Emanuel', city: cities.first)

data/examples/ruby-on-rails-webapp/public/404.html

@@ -0,0 +1,67 @@
+<!DOCTYPE html>
+<html>
+<head>
+  <title>The page you were looking for doesn't exist (404)</title>
+  <meta name="viewport" content="width=device-width,initial-scale=1">
+  <style>
+  body {
+    background-color: #EFEFEF;
+    color: #2E2F30;
+    text-align: center;
+    font-family: arial, sans-serif;
+    margin: 0;
+  }
+
+  div.dialog {
+    width: 95%;
+    max-width: 33em;
+    margin: 4em auto 0;
+  }
+
+  div.dialog > div {
+    border: 1px solid #CCC;
+    border-right-color: #999;
+    border-left-color: #999;
+    border-bottom-color: #BBB;
+    border-top: #B00100 solid 4px;
+    border-top-left-radius: 9px;
+    border-top-right-radius: 9px;
+    background-color: white;
+    padding: 7px 12% 0;
+    box-shadow: 0 3px 8px rgba(50, 50, 50, 0.17);
+  }
+
+  h1 {
+    font-size: 100%;
+    color: #730E15;
+    line-height: 1.5em;
+  }
+
+  div.dialog > p {
+    margin: 0 0 1em;
+    padding: 1em;
+    background-color: #F7F7F7;
+    border: 1px solid #CCC;
+    border-right-color: #999;
+    border-left-color: #999;
+    border-bottom-color: #999;
+    border-bottom-left-radius: 4px;
+    border-bottom-right-radius: 4px;
+    border-top-color: #DADADA;
+    color: #666;
+    box-shadow: 0 3px 8px rgba(50, 50, 50, 0.17);
+  }
+  </style>
+</head>
+
+<body>
+  <!-- This file lives in public/404.html -->
+  <div class="dialog">
+    <div>
+      <h1>The page you were looking for doesn't exist.</h1>
+      <p>You may have mistyped the address or the page may have moved.</p>
+    </div>
+    <p>If you are the application owner check the logs for more information.</p>
+  </div>
+</body>
+</html>

data/examples/ruby-on-rails-webapp/public/422.html

@@ -0,0 +1,67 @@
+<!DOCTYPE html>
+<html>
+<head>
+  <title>The change you wanted was rejected (422)</title>
+  <meta name="viewport" content="width=device-width,initial-scale=1">
+  <style>
+  body {
+    background-color: #EFEFEF;
+    color: #2E2F30;
+    text-align: center;
+    font-family: arial, sans-serif;
+    margin: 0;
+  }
+
+  div.dialog {
+    width: 95%;
+    max-width: 33em;
+    margin: 4em auto 0;
+  }
+
+  div.dialog > div {
+    border: 1px solid #CCC;
+    border-right-color: #999;
+    border-left-color: #999;
+    border-bottom-color: #BBB;
+    border-top: #B00100 solid 4px;
+    border-top-left-radius: 9px;
+    border-top-right-radius: 9px;
+    background-color: white;
+    padding: 7px 12% 0;
+    box-shadow: 0 3px 8px rgba(50, 50, 50, 0.17);
+  }
+
+  h1 {
+    font-size: 100%;
+    color: #730E15;
+    line-height: 1.5em;
+  }
+
+  div.dialog > p {
+    margin: 0 0 1em;
+    padding: 1em;
+    background-color: #F7F7F7;
+    border: 1px solid #CCC;
+    border-right-color: #999;
+    border-left-color: #999;
+    border-bottom-color: #999;
+    border-bottom-left-radius: 4px;
+    border-bottom-right-radius: 4px;
+    border-top-color: #DADADA;
+    color: #666;
+    box-shadow: 0 3px 8px rgba(50, 50, 50, 0.17);
+  }
+  </style>
+</head>
+
+<body>
+  <!-- This file lives in public/422.html -->
+  <div class="dialog">
+    <div>
+      <h1>The change you wanted was rejected.</h1>
+      <p>Maybe you tried to change something you didn't have access to.</p>
+    </div>
+    <p>If you are the application owner check the logs for more information.</p>
+  </div>
+</body>
+</html>

data/examples/ruby-on-rails-webapp/public/500.html

@@ -0,0 +1,66 @@
+<!DOCTYPE html>
+<html>
+<head>
+  <title>We're sorry, but something went wrong (500)</title>
+  <meta name="viewport" content="width=device-width,initial-scale=1">
+  <style>
+  body {
+    background-color: #EFEFEF;
+    color: #2E2F30;
+    text-align: center;
+    font-family: arial, sans-serif;
+    margin: 0;
+  }
+
+  div.dialog {
+    width: 95%;
+    max-width: 33em;
+    margin: 4em auto 0;
+  }
+
+  div.dialog > div {
+    border: 1px solid #CCC;
+    border-right-color: #999;
+    border-left-color: #999;
+    border-bottom-color: #BBB;
+    border-top: #B00100 solid 4px;
+    border-top-left-radius: 9px;
+    border-top-right-radius: 9px;
+    background-color: white;
+    padding: 7px 12% 0;
+    box-shadow: 0 3px 8px rgba(50, 50, 50, 0.17);
+  }
+
+  h1 {
+    font-size: 100%;
+    color: #730E15;
+    line-height: 1.5em;
+  }
+
+  div.dialog > p {
+    margin: 0 0 1em;
+    padding: 1em;
+    background-color: #F7F7F7;
+    border: 1px solid #CCC;
+    border-right-color: #999;
+    border-left-color: #999;
+    border-bottom-color: #999;
+    border-bottom-left-radius: 4px;
+    border-bottom-right-radius: 4px;
+    border-top-color: #DADADA;
+    color: #666;
+    box-shadow: 0 3px 8px rgba(50, 50, 50, 0.17);
+  }
+  </style>
+</head>
+
+<body>
+  <!-- This file lives in public/500.html -->
+  <div class="dialog">
+    <div>
+      <h1>We're sorry, but something went wrong.</h1>
+    </div>
+    <p>If you are the application owner check the logs for more information.</p>
+  </div>
+</body>
+</html>

data/examples/ruby-on-rails-webapp/public/robots.txt

@@ -0,0 +1,5 @@
+# See http://www.robotstxt.org/robotstxt.html for documentation on how to use the robots.txt file
+#
+# To ban all spiders from the entire site uncomment the next two lines:
+# User-agent: *
+# Disallow: /

data/examples/ruby-on-rails-webapp/test/controllers/callback_controller_test.rb

@@ -0,0 +1,14 @@
+require 'test_helper'
+
+class CallbackControllerTest < ActionController::TestCase
+  test "should get store" do
+    get :store
+    assert_response :success
+  end
+
+  test "should get failure" do
+    get :failure
+    assert_response :success
+  end
+
+end

data/examples/ruby-on-rails-webapp/test/controllers/dashboard_controller_test.rb

@@ -0,0 +1,9 @@
+require 'test_helper'
+
+class DashboardControllerTest < ActionController::TestCase
+  test "should get show" do
+    get :show
+    assert_response :success
+  end
+
+end

data/examples/ruby-on-rails-webapp/test/controllers/home_controller_test.rb

@@ -0,0 +1,9 @@
+require 'test_helper'
+
+class HomeControllerTest < ActionController::TestCase
+  test "should get show" do
+    get :show
+    assert_response :success
+  end
+
+end

data/examples/ruby-on-rails-webapp/test/helpers/callback_helper_test.rb

@@ -0,0 +1,4 @@
+require 'test_helper'
+
+class CallbackHelperTest < ActionView::TestCase
+end

data/examples/ruby-on-rails-webapp/test/helpers/dashboard_helper_test.rb

@@ -0,0 +1,4 @@
+require 'test_helper'
+
+class DashboardHelperTest < ActionView::TestCase
+end

data/examples/ruby-on-rails-webapp/test/helpers/home_helper_test.rb

@@ -0,0 +1,4 @@
+require 'test_helper'
+
+class HomeHelperTest < ActionView::TestCase
+end

data/examples/ruby-on-rails-webapp/test/test_helper.rb

@@ -0,0 +1,13 @@
+ENV['RAILS_ENV'] ||= 'test'
+require File.expand_path('../../config/environment', __FILE__)
+require 'rails/test_help'
+
+class ActiveSupport::TestCase
+  # Setup all fixtures in test/fixtures/*.yml for all tests in alphabetical order.
+  #
+  # Note: You'll currently still have to declare fixtures explicitly in integration tests
+  # -- they do not yet inherit this setting
+  fixtures :all
+
+  # Add more helper methods to be used by all tests here...
+end

data/lib/omniauth-auth0.rb

@@ -1,2 +1,2 @@
-require "auth0/version"
+require "omniauth-auth0/version"
 require "omniauth/strategies/auth0"

data/lib/omniauth-auth0/version.rb

@@ -0,0 +1,3 @@
+module Auth0
+  VERSION = "1.4.0"
+end

data/lib/omniauth/strategies/auth0.rb

@@ -1,3 +1,4 @@
+require "base64"
 require "omniauth-oauth2"
 
 module OmniAuth
@@ -23,8 +24,8 @@ module OmniAuth
         @options.connection = args[4] unless args[4].nil?
 
         @options.client_options.site          = "https://#{options[:namespace]}"
-        @options.client_options.authorize_url = "https://#{options[:namespace]}/authorize"
-        @options.client_options.token_url     = "https://#{options[:namespace]}/oauth/token"
+        @options.client_options.authorize_url = "https://#{options[:namespace]}/authorize?#{client_info_querystring}"
+        @options.client_options.token_url     = "https://#{options[:namespace]}/oauth/token?#{client_info_querystring}"
         @options.client_options.userinfo_url  = "https://#{options[:namespace]}/userinfo"
       end
 
@@ -70,6 +71,12 @@ module OmniAuth
       def raw_info
         @raw_info ||= access_token.get(options.client_options.userinfo_url).parsed
       end
+
+      private
+      def client_info_querystring
+        client_info = JSON.dump({name: 'omniauth-auth0', version: ::Auth0::VERSION})
+        "auth0Client=" + Base64.urlsafe_encode64(client_info)
+      end
     end
   end
 end

data/omniauth-auth0.gemspec

@@ -1,6 +1,6 @@
 # -*- encoding: utf-8 -*-
 $:.push File.expand_path("../lib", __FILE__)
-require "auth0/version"
+require "omniauth-auth0/version"
 
 Gem::Specification.new do |s|
   s.name        = "omniauth-auth0"
@@ -30,6 +30,7 @@ omniauth-auth0 is the omniauth strategy for Auth0.
   s.add_development_dependency 'simplecov', '~> 0.9', '>= 0.9.1'
   s.add_development_dependency 'webmock', '~> 1.20', '>= 1.20.4'
   s.add_development_dependency 'rake', '~> 10.3', '>= 10.3.2'
-
+  s.add_development_dependency 'gem-release', '~> 0.7'
+  
   s.license = 'MIT'
 end

data/spec/omniauth/strategies/auth0_spec.rb

@@ -9,12 +9,12 @@ describe OmniAuth::Strategies::Auth0 do
   before :each do
     OmniAuth.config.test_mode = true
     @request = double('Request')
-    @request.stub(:params) { {} }
-    @request.stub(:cookies) { {} }
-    @request.stub(:env) { {} }
+    allow(@request).to receive(:params)
+    allow(@request).to receive(:cookies)
+    allow(@request).to receive(:env)
 
     @session = double('Session')
-    @session.stub(:delete).with('omniauth.state').and_return('state')
+    allow(@session).to receive(:delete).with('omniauth.state').and_return('state')
   end
 
   after do
@@ -24,24 +24,33 @@ describe OmniAuth::Strategies::Auth0 do
   subject do
     OmniAuth::Strategies::Auth0.new(app,
         "client_id", "client_secret", "tenny.auth0.com:3000").tap do |strategy|
-      strategy.stub(:request) { @request }
+      allow(strategy).to receive(:request) { @request }
     end
   end
 
   context "initiation" do
+    let(:base64_token) {
+      Base64.urlsafe_encode64('{"name":"omniauth-auth0","version":"'+Auth0::VERSION+'"}')
+    }
+
     it "uses the correct site" do
-      subject.options.client_options.site.
-        should == "https://tenny.auth0.com:3000"
+      expect(subject.options.client_options.site).to eql "https://tenny.auth0.com:3000"
     end
 
     it "uses the correct authorize_url" do
-      subject.options.client_options.authorize_url.
-        should == "https://tenny.auth0.com:3000/authorize"
+      expect(subject.options.client_options.authorize_url).
+        to eql "https://tenny.auth0.com:3000/authorize?auth0Client=#{base64_token}"
+
     end
 
     it "uses the correct token_url" do
-      subject.options.client_options.token_url.
-        should == "https://tenny.auth0.com:3000/oauth/token"
+      expect(subject.options.client_options.token_url).
+        to eql "https://tenny.auth0.com:3000/oauth/token?auth0Client=#{base64_token}"
+    end
+
+    it "uses the correct userinfo url" do
+      expect(subject.options.client_options.userinfo_url).
+        to eql "https://tenny.auth0.com:3000/userinfo"
     end
 
     it "should raise an ArgumentError error if no namespace passed" do
@@ -59,11 +68,11 @@ describe OmniAuth::Strategies::Auth0 do
     end
 
     it "authorize params" do
-      subject.stub(:request) { double('Request', {:params => {
+      allow(subject).to receive(:request) { double('Request', {:params => {
         "connection" => "google-oauth2", "redirect_uri" => "redirect_uri" }, :env => {}}) }
-      subject.authorize_params.include?("connection").should == true
-      subject.authorize_params.include?("state").should == true
-      subject.authorize_params.include?("redirect_uri").should == true
+      expect(subject.authorize_params).to include("connection")
+      expect(subject.authorize_params).to include("state")
+      expect(subject.authorize_params).to include("redirect_uri")
     end
   end
 
@@ -90,66 +99,68 @@ describe OmniAuth::Strategies::Auth0 do
         "picture" => "pic",
         "user_id" => "google-oauth2|102835921788417079450"
       }
-      subject.stub(:raw_info) { @raw_info }
+      allow(subject).to receive(:raw_info) { @raw_info }
     end
 
     context "info" do
       it 'returns the uid (required)' do
-        subject.uid.should eq('google-oauth2|102835921788417079450')
+        expect(subject.uid).to eq('google-oauth2|102835921788417079450')
       end
 
       it 'returns the name (required)' do
-        subject.info[:name].should eq('FirstName LastName')
+        expect(subject.info[:name]).to eq('FirstName LastName')
       end
 
       it 'returns the email' do
-        subject.info[:email].should eq('user@mail.com')
+        expect(subject.info[:email]).to eq('user@mail.com')
       end
 
       it 'returns the nickname' do
-        subject.info[:nickname].should eq('nick')
+        expect(subject.info[:nickname]).to eq('nick')
       end
 
       it 'returns the last name' do
-        subject.info[:last_name].should eq('LastName')
+        expect(subject.info[:last_name]).to eq('LastName')
       end
 
       it 'returns the first name' do
-        subject.info[:first_name].should eq('FirstName')
+        expect(subject.info[:first_name]).to eq('FirstName')
       end
 
       it 'returns the location' do
-        subject.info[:location].should eq('en')
+        expect(subject.info[:location]).to eq('en')
       end
 
       it 'returns the image' do
-        subject.info[:image].should eq('pic')
+        expect(subject.info[:image]).to eq('pic')
       end
     end
 
     context "get token" do
       before :each do
         @access_token = double('OAuth2::AccessToken')
-        @access_token.stub(:token)
-        @access_token.stub(:expires?)
-        @access_token.stub(:expires_at)
-        @access_token.stub(:refresh_token)
-        @access_token.stub(:params)
-        subject.stub(:access_token) { @access_token }
+
+        allow(@access_token).to receive(:token)
+        allow(@access_token).to receive(:expires?)
+        allow(@access_token).to receive(:expires_at)
+        allow(@access_token).to receive(:refresh_token)
+        allow(@access_token).to receive(:params)
+
+        allow(subject).to receive(:access_token) { @access_token }
       end
 
       it 'returns a Hash' do
-        subject.credentials.should be_a(Hash)
+        expect(subject.credentials).to be_a(Hash)
       end
 
       it 'returns the token' do
-        @access_token.stub(:token) {
+        allow(@access_token).to receive(:token) {
           {
             :access_token => "OTqSFa9zrh0VRGAZHH4QPJISCoynRwSy9FocUazuaU950EVcISsJo3pST11iTCiI",
             :token_type => "bearer"
           } }
-        subject.credentials['token'][:access_token].should eq('OTqSFa9zrh0VRGAZHH4QPJISCoynRwSy9FocUazuaU950EVcISsJo3pST11iTCiI')
-        subject.credentials['token'][:token_type].should eq('bearer')
+        expect(subject.credentials['token'][:access_token]).to eq('OTqSFa9zrh0VRGAZHH4QPJISCoynRwSy9FocUazuaU950EVcISsJo3pST11iTCiI')
+        expect(subject.credentials['token'][:token_type]).to eq('bearer')
       end
     end
   end