omniauth-auth0 2.0.0 → 3.1.0

data/EXAMPLES.md

@@ -0,0 +1,167 @@
+* [Example of the resulting authentication hash](#example-of-the-resulting-authentication-hash)
+* [Send additional authentication parameters](#send-additional-authentication-parameters)
+* [Query Parameter Options](#query-parameter-options)
+* [Auth0 Organizations](#auth0-organizations)
+  - [Logging in with an Organization](#logging-in-with-an-organization)
+  - [Validating Organizations when using Organization Login Prompt](#validating-organizations-when-using-organization-login-prompt)
+  - [Accepting user invitations](#accepting-user-invitations)
+
+### Example of the resulting authentication hash
+
+The Auth0 strategy will provide the standard OmniAuth hash attributes:
+
+- `:provider` - the name of the strategy, in this case `auth0`
+- `:uid` - the user identifier
+- `:info` - the result of the call to `/userinfo` using OmniAuth standard attributes
+- `:credentials` - tokens requested and data
+- `:extra` - Additional info obtained from calling `/userinfo` in the `:raw_info` property
+
+```ruby
+{
+  :provider => 'auth0',
+  :uid => 'auth0|USER_ID',
+  :info => {
+    :name => 'John Foo',
+    :email => 'johnfoo@example.org',
+    :nickname => 'john',
+    :image => 'https://example.org/john.jpg'
+  },
+  :credentials => {
+    :token => 'ACCESS_TOKEN',
+    :expires_at => 1485373937,
+    :expires => true,
+    :refresh_token => 'REFRESH_TOKEN',
+    :id_token => 'JWT_ID_TOKEN',
+    :token_type => 'bearer',
+  },
+  :extra => {
+    :raw_info => {
+      :email => 'johnfoo@example.org',
+      :email_verified => 'true',
+      :name => 'John Foo',
+      :picture => 'https://example.org/john.jpg',
+      :user_id => 'auth0|USER_ID',
+      :nickname => 'john',
+      :created_at => '2014-07-15T17:19:50.387Z'
+    }
+  }
+}
+```
+
+## Send additional authentication parameters
+
+To send additional parameters during login, you can specify them when you register the provider:
+
+```ruby
+provider
+  :auth0,
+  ENV['AUTH0_CLIENT_ID'],
+  ENV['AUTH0_CLIENT_SECRET'],
+  ENV['AUTH0_DOMAIN'],
+  {
+    authorize_params: {
+      scope: 'openid read:users write:order',
+      audience: 'https://mydomain/api',
+      max_age: 3600 # time in seconds authentication is valid
+    }
+  }
+```
+
+This will tell the strategy to send those parameters on every authentication request.
+
+## Query Parameter Options
+
+In some scenarios, you may need to pass specific query parameters to `/authorize`. The following parameters are available to enable this:
+
+- `connection`
+- `connection_scope`
+- `prompt`
+- `screen_hint` (only relevant to New Universal Login Experience)
+- `organization`
+- `invitation`
+
+Simply pass these query parameters to your OmniAuth redirect endpoint to enable their behavior.
+
+## Auth0 Organizations
+
+[Organizations](https://auth0.com/docs/organizations) is a set of features that provide better support for developers who build and maintain SaaS and Business-to-Business (B2B) applications.
+
+Note that Organizations is currently only available to customers on our Enterprise and Startup subscription plans.
+
+### Logging in with an Organization
+
+Logging in with an Organization is as easy as passing the parameters to the authorize endpoint. You can do this with
+
+```ruby
+<%=
+    button_to 'Login', 'auth/auth0',
+    method: :post,
+    params: {
+      # Found in your Auth0 dashboard, under Organization settings:
+      organization: '{AUTH0_ORGANIZATION}'
+    }
+%>
+```
+
+Alternatively you can configure the organization when you register the provider:
+
+```ruby
+provider
+  :auth0,
+  ENV['AUTH0_CLIENT_ID'],
+  ENV['AUTH0_CLIENT_SECRET'],
+  ENV['AUTH0_DOMAIN']
+  {
+    authorize_params: {
+      scope: 'openid read:users',
+      audience: 'https://{AUTH0_DOMAIN}/api',
+      organization: '{AUTH0_ORGANIZATION}'
+    }
+  }
+```
+
+When passing `openid` to the scope and `organization` to the authorize params, you will receive an ID token on callback with the `org_id` claim. This claim is validated for you by the SDK.
+
+### Validating Organizations when using Organization Login Prompt
+
+When Organization login prompt is enabled on your application, but you haven't specified an Organization for the application's authorization endpoint, the `org_id` claim will be present on the ID token, and should be validated to ensure that the value received is expected or known.
+
+Normally, validating the issuer would be enough to ensure that the token was issued by Auth0, and this check is performed by the SDK. However, in the case of organizations, additional checks should be made so that the organization within an Auth0 tenant is expected.
+
+In particular, the `org_id` claim should be checked to ensure it is a value that is already known to the application. This could be validated against a known list of organization IDs, or perhaps checked in conjunction with the current request URL. e.g. the sub-domain may hint at what organization should be used to validate the ID Token.
+
+Here is an example using it in your `callback` method
+
+```ruby
+  def callback
+    claims = request.env['omniauth.auth']['extra']['raw_info']
+
+    if claims["org"] && claims["org"] !== expected_org
+      redirect_to '/unauthorized', status: 401
+    else
+      session[:userinfo] = claims
+      redirect_to '/dashboard'
+    end
+  end
+```
+
+For more information, please read [Work with Tokens and Organizations](https://auth0.com/docs/organizations/using-tokens) on Auth0 Docs.
+
+### Accepting user invitations
+
+Auth0 Organizations allow users to be invited using emailed links, which will direct a user back to your application. The URL the user will arrive at is based on your configured `Application Login URI`, which you can change from your Application's settings inside the Auth0 dashboard.
+
+When the user arrives at your application using an invite link, you can expect three query parameters to be provided: `invitation`, `organization`, and `organization_name`. These will always be delivered using a GET request.
+
+You can then supply those parametrs to a `button_to` or `link_to` helper
+
+```ruby
+<%=
+    button_to 'Login', 'auth/auth0',
+    method: :post,
+    params: {
+      organization: '{YOUR_ORGANIZATION_ID}',
+      invitation: '{INVITE_CODE}'
+    }
+%>
+```

data/Gemfile

@@ -1,26 +1,26 @@
-source 'http://rubygems.org'
+source 'https://rubygems.org'
 
 gemspec
 
-gem 'gem-release'
-gem 'rake'
+gem 'gem-release', '~> 2'
+gem 'jwt', '~> 2'
+gem 'rake', '~> 13'
 
 group :development do
-  gem 'dotenv'
-  gem 'pry'
-  gem 'shotgun'
-  gem 'sinatra'
-  gem 'thin'
+  gem 'dotenv', '~> 2'
+  gem 'pry', '~> 0'
+  gem 'rubocop', '~> 1', require: false
+  gem 'shotgun', '~> 0'
+  gem 'sinatra', '~> 2'
+  gem 'thin', '~> 1'
 end
 
 group :test do
-  gem 'guard-rspec', require: false
-  gem 'listen', '~> 3.1.5'
-  gem 'rack-test'
-  gem 'rspec', '~> 3.5'
-  gem 'rubocop', '>= 0.30', platforms: [
-    :ruby_19, :ruby_20, :ruby_21, :ruby_22
-  ]
-  gem 'simplecov'
-  gem 'webmock'
+  gem 'guard-rspec', '~> 4', require: false
+  gem 'listen', '~> 3'
+  gem 'rack-test', '~> 2'
+  gem 'rspec', '~> 3'
+  gem 'simplecov-cobertura', '~> 2'
+  gem 'webmock', '~> 3'
+  gem 'multi_json', '~> 1'
 end

data/Gemfile.lock

@@ -0,0 +1,180 @@
+PATH
+  remote: .
+  specs:
+    omniauth-auth0 (3.1.0)
+      omniauth (~> 2)
+      omniauth-oauth2 (~> 1)
+
+GEM
+  remote: https://rubygems.org/
+  specs:
+    addressable (2.8.1)
+      public_suffix (>= 2.0.2, < 6.0)
+    ast (2.4.2)
+    coderay (1.1.3)
+    crack (0.4.5)
+      rexml
+    daemons (1.4.1)
+    diff-lcs (1.5.0)
+    docile (1.4.0)
+    dotenv (2.8.1)
+    eventmachine (1.2.7)
+    faraday (2.7.1)
+      faraday-net_http (>= 2.0, < 3.1)
+      ruby2_keywords (>= 0.0.4)
+    faraday-net_http (3.0.2)
+    ffi (1.15.5)
+    formatador (1.1.0)
+    gem-release (2.2.2)
+    guard (2.18.0)
+      formatador (>= 0.2.4)
+      listen (>= 2.7, < 4.0)
+      lumberjack (>= 1.0.12, < 2.0)
+      nenv (~> 0.1)
+      notiffany (~> 0.0)
+      pry (>= 0.13.0)
+      shellany (~> 0.0)
+      thor (>= 0.18.1)
+    guard-compat (1.2.1)
+    guard-rspec (4.7.3)
+      guard (~> 2.1)
+      guard-compat (~> 1.1)
+      rspec (>= 2.99.0, < 4.0)
+    hashdiff (1.0.1)
+    hashie (5.0.0)
+    json (2.6.3)
+    jwt (2.5.0)
+    listen (3.7.1)
+      rb-fsevent (~> 0.10, >= 0.10.3)
+      rb-inotify (~> 0.9, >= 0.9.10)
+    lumberjack (1.2.8)
+    method_source (1.0.0)
+    multi_json (1.15.0)
+    multi_xml (0.6.0)
+    mustermann (2.0.2)
+      ruby2_keywords (~> 0.0.1)
+    nenv (0.3.0)
+    notiffany (0.1.3)
+      nenv (~> 0.1)
+      shellany (~> 0.0)
+    oauth2 (2.0.9)
+      faraday (>= 0.17.3, < 3.0)
+      jwt (>= 1.0, < 3.0)
+      multi_xml (~> 0.5)
+      rack (>= 1.2, < 4)
+      snaky_hash (~> 2.0)
+      version_gem (~> 1.1)
+    omniauth (2.1.0)
+      hashie (>= 3.4.6)
+      rack (>= 2.2.3)
+      rack-protection
+    omniauth-oauth2 (1.8.0)
+      oauth2 (>= 1.4, < 3)
+      omniauth (~> 2.0)
+    parallel (1.22.1)
+    parser (3.1.3.0)
+      ast (~> 2.4.1)
+    pry (0.14.1)
+      coderay (~> 1.1)
+      method_source (~> 1.0)
+    public_suffix (5.0.0)
+    rack (2.2.4)
+    rack-protection (2.2.3)
+      rack
+    rack-test (2.0.2)
+      rack (>= 1.3)
+    rainbow (3.1.1)
+    rake (13.0.6)
+    rb-fsevent (0.11.2)
+    rb-inotify (0.10.1)
+      ffi (~> 1.0)
+    regexp_parser (2.6.1)
+    rexml (3.2.5)
+    rspec (3.12.0)
+      rspec-core (~> 3.12.0)
+      rspec-expectations (~> 3.12.0)
+      rspec-mocks (~> 3.12.0)
+    rspec-core (3.12.0)
+      rspec-support (~> 3.12.0)
+    rspec-expectations (3.12.0)
+      diff-lcs (>= 1.2.0, < 2.0)
+      rspec-support (~> 3.12.0)
+    rspec-mocks (3.12.0)
+      diff-lcs (>= 1.2.0, < 2.0)
+      rspec-support (~> 3.12.0)
+    rspec-support (3.12.0)
+    rubocop (1.39.0)
+      json (~> 2.3)
+      parallel (~> 1.10)
+      parser (>= 3.1.2.1)
+      rainbow (>= 2.2.2, < 4.0)
+      regexp_parser (>= 1.8, < 3.0)
+      rexml (>= 3.2.5, < 4.0)
+      rubocop-ast (>= 1.23.0, < 2.0)
+      ruby-progressbar (~> 1.7)
+      unicode-display_width (>= 1.4.0, < 3.0)
+    rubocop-ast (1.24.0)
+      parser (>= 3.1.1.0)
+    ruby-progressbar (1.11.0)
+    ruby2_keywords (0.0.5)
+    shellany (0.0.1)
+    shotgun (0.9.2)
+      rack (>= 1.0)
+    simplecov (0.21.2)
+      docile (~> 1.1)
+      simplecov-html (~> 0.11)
+      simplecov_json_formatter (~> 0.1)
+    simplecov-cobertura (2.1.0)
+      rexml
+      simplecov (~> 0.19)
+    simplecov-html (0.12.3)
+    simplecov_json_formatter (0.1.4)
+    sinatra (2.2.3)
+      mustermann (~> 2.0)
+      rack (~> 2.2)
+      rack-protection (= 2.2.3)
+      tilt (~> 2.0)
+    snaky_hash (2.0.1)
+      hashie
+      version_gem (~> 1.1, >= 1.1.1)
+    thin (1.8.1)
+      daemons (~> 1.0, >= 1.0.9)
+      eventmachine (~> 1.0, >= 1.0.4)
+      rack (>= 1, < 3)
+    thor (1.2.1)
+    tilt (2.0.11)
+    unicode-display_width (2.3.0)
+    version_gem (1.1.1)
+    webmock (3.18.1)
+      addressable (>= 2.8.0)
+      crack (>= 0.3.2)
+      hashdiff (>= 0.4.0, < 2.0.0)
+
+PLATFORMS
+  arm64-darwin-21
+  x86_64-darwin-20
+  x86_64-darwin-21
+  x86_64-linux
+
+DEPENDENCIES
+  bundler
+  dotenv (~> 2)
+  gem-release (~> 2)
+  guard-rspec (~> 4)
+  jwt (~> 2)
+  listen (~> 3)
+  multi_json (~> 1)
+  omniauth-auth0!
+  pry (~> 0)
+  rack-test (~> 2)
+  rake (~> 13)
+  rspec (~> 3)
+  rubocop (~> 1)
+  shotgun (~> 0)
+  simplecov-cobertura (~> 2)
+  sinatra (~> 2)
+  thin (~> 1)
+  webmock (~> 3)
+
+BUNDLED WITH
+   2.3.7

data/README.md

@@ -1,143 +1,168 @@
-[![Build Status](https://travis-ci.org/auth0/omniauth-auth0.svg)](https://travis-ci.org/auth0/omniauth-auth0)
+![Omniauth-auth0](https://cdn.auth0.com/website/sdks/banners/omniauth-auth0-banner.png)
 
-# OmniAuth Auth0
 
-This is the official [OmniAuth](https://github.com/intridea/omniauth) strategy for authenticating to [Auth0](https://auth0.com).
+[![CircleCI](https://img.shields.io/circleci/project/github/auth0/omniauth-auth0/master.svg)](https://circleci.com/gh/auth0/omniauth-auth0)
+[![codecov](https://codecov.io/gh/auth0/omniauth-auth0/branch/master/graph/badge.svg)](https://codecov.io/gh/auth0/omniauth-auth0)
+[![Gem Version](https://badge.fury.io/rb/omniauth-auth0.svg)](https://badge.fury.io/rb/omniauth-auth0)
+[![MIT licensed](https://img.shields.io/dub/l/vibe-d.svg?style=flat)](https://github.com/auth0/omniauth-auth0/blob/master/LICENSE)
 
-## Installing
+<div>
+📚 <a href="#documentation">Documentation</a> - 🚀 <a href="#getting-started">Getting started</a> - 💻 <a href="https://www.rubydoc.info/gems/omniauth-auth0">API reference</a> - 💬 <a href="#feedback">Feedback</a>
+</div>
 
-Add to your `Gemfile`:
+## Documentation
 
-```ruby
-gem 'omniauth-auth0'
-```
+- [Ruby on Rails Quickstart](https://auth0.com/docs/quickstart/webapp/rails)
+- [Sample projects](https://github.com/auth0-samples/auth0-rubyonrails-sample)
+- [API Reference](https://www.rubydoc.info/gems/omniauth-auth0)
 
-Then `bundle install`.
+## Getting started
 
-## Usage
+### Installation
 
-### Rails
+Add the following line to your `Gemfile`:
 
 ```ruby
-Rails.application.config.middleware.use OmniAuth::Builder do
-  provider :auth0, ENV['AUTH0_CLIENT_ID'], ENV['AUTH0_CLIENT_SECRET'], ENV['AUTH0_DOMAIN']
-end
+gem 'omniauth-auth0'
 ```
 
-Then to redirect to your tenant's hosted login page:
+If you're using this strategy with Rails, also add the following for CSRF protection:
 
 ```ruby
-redirect_to '/auth/auth0'
+gem 'omniauth-rails_csrf_protection'
 ```
 
-### Sinatra
+Then install:
 
-```ruby
-use OmniAuth::Builder do
-  provider :auth0, ENV['AUTH0_CLIENT_ID'], ENV['AUTH0_CLIENT_SECRET'], ENV['AUTH0_DOMAIN']
-end
+```bash
+$ bundle install
 ```
 
-Then to redirect to your tenant's hosted login page:
+See our [contributing guide](CONTRIBUTING.md) for information on local installation for development.
 
-```ruby
-redirect to('/auth/auth0')
-```
+## Configure the SDK
+
+Adding the SDK to your Rails app requires a few steps:
 
-> You can customize your hosted login page in your [Auth0 Dashboard](https://manage.auth0.com/#/login_page)
+- [Create the configuration file](#create-the-configuration-file)
+- [Create the initializer](#create-the-initializer)
+- [Create the callback controller](#create-the-callback-controller)
+- [Add routes](#add-routes)
 
-### Auth parameters
+### Create the configuration file
 
-To send additional parameters during login you can specify them when you register the provider
+Create the file `./config/auth0.yml` within your application directory with the following content:
+
+```yml
+development:
+  auth0_domain: <YOUR_DOMAIN>
+  auth0_client_id: <YOUR_CLIENT_ID>
+  auth0_client_secret: <YOUR AUTH0 CLIENT SECRET>
+```
+
+### Create the initializer
+
+Create a new Ruby file in `./config/initializers/auth0.rb` to configure the OmniAuth middleware:
 
 ```ruby
-provider 
-  :auth0,
-  ENV['AUTH0_CLIENT_ID'],
-  ENV['AUTH0_CLIENT_SECRET'],
-  ENV['AUTH0_DOMAIN'],
-  {
+AUTH0_CONFIG = Rails.application.config_for(:auth0)
+
+Rails.application.config.middleware.use OmniAuth::Builder do
+  provider(
+    :auth0,
+    AUTH0_CONFIG['auth0_client_id'],
+    AUTH0_CONFIG['auth0_client_secret'],
+    AUTH0_CONFIG['auth0_domain'],
+    callback_path: '/auth/auth0/callback',
     authorize_params: {
-      scope: 'openid read:users write:order',
-      audience: 'https://mydomain/api'
+      scope: 'openid profile'
     }
-  }
+  )
+end
 ```
 
-that will tell it to send those parameters on every Auth request.
+### Create the callback controller
 
-Or you can do it for a specific Auth request by adding them in the query parameter of the redirect url:
+Create a new controller `./app/controllers/auth0_controller.rb` to handle the callback from Auth0.
+
+> You can also run `rails generate controller auth0 callback failure logout --skip-assets --skip-helper --skip-routes --skip-template-engine` to scaffold this controller for you.
 
 ```ruby
-redirect_to '/auth/auth0?connection=google-oauth2'
+# ./app/controllers/auth0_controller.rb
+class Auth0Controller < ApplicationController
+  def callback
+    # OmniAuth stores the information returned from Auth0 and the IdP in request.env['omniauth.auth'].
+    # In this code, you will pull the raw_info supplied from the id_token and assign it to the session.
+    # Refer to https://github.com/auth0/omniauth-auth0/blob/master/EXAMPLES.md#example-of-the-resulting-authentication-hash for complete information on 'omniauth.auth' contents.
+    auth_info = request.env['omniauth.auth']
+    session[:userinfo] = auth_info['extra']['raw_info']
+
+    # Redirect to the URL you want after successful auth
+    redirect_to '/dashboard'
+  end
+
+  def failure
+    # Handles failed authentication -- Show a failure page (you can also handle with a redirect)
+    @error_msg = request.params['message']
+  end
+
+  def logout
+    # you will finish this in a later step
+  end
+end
 ```
 
-### Auth Hash
-
-Auth0 strategy will have the standard OmniAuth hash attributes:
+### Add routes
 
-- provider: the name of the strategy, in this case `auth0`
-- uid: the user identifier
-- info: the result of the call to /userinfo using OmniAuth standard attributes
-- credentials: Auth0 tokens, at least will have an access_token but can eventually have refresh_token and/or id_token
-- extra: Additional info obtained from calling /userinfo in the attribute `raw_info`
+Finally, add the following routes to your `./config/routes.rb` file:
 
 ```ruby
-	{
-	  :provider => 'auth0',
-	  :uid => 'google-oauth2|this-is-the-google-id',
-	  :info => {
-	    :name => 'John Foo',
-	    :email => 'johnfoo@example.org',
-	    :nickname => 'john',
-	    :image => 'https://example.org/john.jpg'
-	  },
-	  :credentials => {
-	    :token => 'XdDadllcas2134rdfdsI',
-	    :expires_at => 1485373937,
-        :expires => true,
-        :refresh_token => 'aKNajdjfj123nBasd',
-	    :id_token => 'eyJhbGciOiJIUzI1NiIsImN0eSI6IkpXVCJ9.eyJuYW1lIjoiSm9obiBGb28ifQ.lxAiy1rqve8ZHQEQVehUlP1sommPHVJDhgPgFPnDosg',
-	    :token_type => 'bearer',
-	  },
-	  :extra => {
-	    :raw_info => {
-	      :email => 'johnfoo@example.org',
-	      :email_verified => 'true',
-	      :name => 'John Foo',
-	      :picture => 'https://example.org/john.jpg',
-	      :user_id => 'google-oauth2|this-is-the-google-id',
-	      :nickname => 'john',
-	      :created_at: '2014-07-15T17:19:50.387Z'
-	    }
-	  }
-	}
+Rails.application.routes.draw do
+  # ..
+  get '/auth/auth0/callback' => 'auth0#callback'
+  get '/auth/failure' => 'auth0#failure'
+  get '/auth/logout' => 'auth0#logout'
+end
 ```
 
-### ActionDispatch::Cookies::CookieOverflow issue
+## Logging in
 
-If you are getting this error it means that you are using Cookie sessions and since you are storing the whole profile it overflows the max-size of 4K.
+To redirect your users to Auth0 for authentication, redirect your users to the `/auth/auth0` endpoint of your app. One way to do this is to use a link or button on a page:
 
-You can change to use In-Memory store for development as follows:
+```html
+<%= button_to 'Login', '/auth/auth0', method: :post %>
+```
 
-	# /config/initializers/session_store.rb
-	CrazyApp::Application.config.session_store :cache_store
+## Feedback
 
-	# /config/environments/development.rb
-	config.cache_store = :memory_store
+### Contributing
 
-## Documentation
+We appreciate feedback and contribution to this repo! Before you get started, please see the following:
 
-For more information about [auth0](http://auth0.com) contact our [documentation page](http://docs.auth0.com/).
+- [Auth0's general contribution guidelines](https://github.com/auth0/open-source-template/blob/master/GENERAL-CONTRIBUTING.md)
+- [Auth0's code of conduct guidelines](https://github.com/auth0/open-source-template/blob/master/CODE-OF-CONDUCT.md)
+- [This repo's contribution guide](https://github.com/auth0/omniauth-auth0/blob/master/CONTRIBUTING.md)
 
-## Issue Reporting
+### Raise an issue
 
-If you have found a bug or if you have a feature request, please report them at this repository issues section. Please do not report security vulnerabilities on the public GitHub issue tracker. The [Responsible Disclosure Program](https://auth0.com/whitehat) details the procedure for disclosing security issues.
+To provide feedback or report a bug, please [raise an issue on our issue tracker](https://github.com/auth0/omniauth-auth0/issues).
 
-## Author
+### Vulnerability Reporting
 
-[Auth0](https://auth0.com)
+Please do not report security vulnerabilities on the public GitHub issue tracker. The [Responsible Disclosure Program](https://auth0.com/whitehat) details the procedure for disclosing security issues.
 
-## License
+---
 
-This project is licensed under the MIT license. See the [LICENSE](LICENSE) file for more info.
+<p align="center">
+  <picture>
+    <source media="(prefers-color-scheme: dark)" srcset="https://cdn.auth0.com/website/sdks/logos/auth0_dark_mode.png" width="150">
+    <source media="(prefers-color-scheme: light)" srcset="https://cdn.auth0.com/website/sdks/logos/auth0_light_mode.png" width="150">
+    <img alt="Auth0 Logo" src="https://cdn.auth0.com/website/sdks/logos/auth0_light_mode.png" width="150">
+  </picture>
+</p>
+<p align="center">
+  Auth0 is an easy to implement, adaptable authentication and authorization platform. To learn more checkout <a href="https://auth0.com/why-auth0">Why Auth0?</a>
+</p>
+<p align="center">
+  This project is licensed under the MIT license. See the <a href="https://github.com/auth0/omniauth-auth0/blob/master/LICENSE"> LICENSE</a> file for more info.
+</p>

data/Rakefile

@@ -10,7 +10,7 @@ begin
   RuboCop::RakeTask.new
 rescue LoadError
   task :rubocop do
-    $stderr.puts 'Rubocop is disabled'
+    warn 'Rubocop is disabled'
   end
 end
 
@@ -23,7 +23,7 @@ namespace :sinatra do
 end
 
 desc 'Run specs'
-task default: [:spec, :rubocop]
+task default: %i[spec rubocop]
 task test: :spec
 task :guard do
   system 'bundle exec guard'