omniauth-auth0 2.4.0 → 3.0.0

data/spec/omniauth/strategies/auth0_spec.rb

@@ -3,6 +3,8 @@
 require 'spec_helper'
 require 'jwt'
 
+OmniAuth.config.allowed_request_methods = [:get, :post]
+
 RSpec.shared_examples 'site has valid domain url' do |url|
   it { expect(subject.site).to eq(url) }
 end
@@ -26,7 +28,12 @@ describe OmniAuth::Strategies::Auth0 do
   end
 
   describe 'client_options' do
-    let(:subject) { auth0.client }
+    let(:subject) { OmniAuth::Strategies::Auth0.new(
+      application,
+      client_id,
+      client_secret,
+      domain_url
+    ).client }
 
     context 'domain with https' do
       let(:domain_url) { 'https://samples.auth0.com' }
@@ -86,6 +93,9 @@ describe OmniAuth::Strategies::Auth0 do
       expect(redirect_url).not_to have_query('connection_scope')
       expect(redirect_url).not_to have_query('prompt')
       expect(redirect_url).not_to have_query('screen_hint')
+      expect(redirect_url).not_to have_query('login_hint')
+      expect(redirect_url).not_to have_query('organization')
+      expect(redirect_url).not_to have_query('invitation')
     end
 
     it 'redirects to hosted login page' do
@@ -102,6 +112,9 @@ describe OmniAuth::Strategies::Auth0 do
       expect(redirect_url).not_to have_query('connection_scope')
       expect(redirect_url).not_to have_query('prompt')
       expect(redirect_url).not_to have_query('screen_hint')
+      expect(redirect_url).not_to have_query('login_hint')
+      expect(redirect_url).not_to have_query('organization')
+      expect(redirect_url).not_to have_query('invitation')
     end
 
     it 'redirects to the hosted login page with connection_scope' do
@@ -125,6 +138,9 @@ describe OmniAuth::Strategies::Auth0 do
       expect(redirect_url).to have_query('prompt', 'login')
       expect(redirect_url).not_to have_query('auth0Client')
       expect(redirect_url).not_to have_query('connection')
+      expect(redirect_url).not_to have_query('login_hint')
+      expect(redirect_url).not_to have_query('organization')
+      expect(redirect_url).not_to have_query('invitation')
     end
 
     it 'redirects to hosted login page with screen_hint=signup' do
@@ -139,6 +155,47 @@ describe OmniAuth::Strategies::Auth0 do
       expect(redirect_url).to have_query('screen_hint', 'signup')
       expect(redirect_url).not_to have_query('auth0Client')
       expect(redirect_url).not_to have_query('connection')
+      expect(redirect_url).not_to have_query('login_hint')
+      expect(redirect_url).not_to have_query('organization')
+      expect(redirect_url).not_to have_query('invitation')
+    end
+
+    it 'redirects to hosted login page with organization=TestOrg and invitation=TestInvite' do
+      get 'auth/auth0?organization=TestOrg&invitation=TestInvite'
+      expect(last_response.status).to eq(302)
+      redirect_url = last_response.headers['Location']
+      expect(redirect_url).to start_with('https://samples.auth0.com/authorize')
+      expect(redirect_url).to have_query('response_type', 'code')
+      expect(redirect_url).to have_query('state')
+      expect(redirect_url).to have_query('client_id')
+      expect(redirect_url).to have_query('redirect_uri')
+      expect(redirect_url).to have_query('organization', 'TestOrg')
+      expect(redirect_url).to have_query('invitation', 'TestInvite')
+      expect(redirect_url).not_to have_query('auth0Client')
+      expect(redirect_url).not_to have_query('connection')
+      expect(redirect_url).not_to have_query('connection_scope')
+      expect(redirect_url).not_to have_query('prompt')
+      expect(redirect_url).not_to have_query('screen_hint')
+      expect(redirect_url).not_to have_query('login_hint')
+    end
+
+    it 'redirects to hosted login page with login_hint=example@mail.com' do
+      get 'auth/auth0?login_hint=example@mail.com'
+      expect(last_response.status).to eq(302)
+      redirect_url = last_response.headers['Location']
+      expect(redirect_url).to start_with('https://samples.auth0.com/authorize')
+      expect(redirect_url).to have_query('response_type', 'code')
+      expect(redirect_url).to have_query('state')
+      expect(redirect_url).to have_query('client_id')
+      expect(redirect_url).to have_query('redirect_uri')
+      expect(redirect_url).to have_query('login_hint', 'example@mail.com')
+      expect(redirect_url).not_to have_query('auth0Client')
+      expect(redirect_url).not_to have_query('connection')
+      expect(redirect_url).not_to have_query('connection_scope')
+      expect(redirect_url).not_to have_query('prompt')
+      expect(redirect_url).not_to have_query('screen_hint')
+      expect(redirect_url).not_to have_query('organization')
+      expect(redirect_url).not_to have_query('invitation')
     end
 
     describe 'callback' do
@@ -161,12 +218,17 @@ describe OmniAuth::Strategies::Auth0 do
         payload['sub'] = user_id
         payload['iss'] = "#{domain_url}/"
         payload['aud'] = client_id
+        payload['name'] = name
+        payload['nickname'] = nickname
+        payload['picture'] = picture
+        payload['email'] = email
+        payload['email_verified'] = email_verified
+
         JWT.encode payload, client_secret, 'HS256'
       end
 
       let(:oauth_response) do
         {
-          id_token: id_token,
           access_token: access_token,
           expires_in: expires_in,
           token_type: token_type
@@ -182,17 +244,7 @@ describe OmniAuth::Strategies::Auth0 do
         }
       end
 
-      let(:basic_user_info) { { sub: user_id } }
-      let(:oidc_user_info) do
-        {
-          sub: user_id,
-          name: name,
-          nickname: nickname,
-          email: email,
-          picture: picture,
-          email_verified: email_verified
-        }
-      end
+      let(:basic_user_info) { { "sub" => user_id, "name" => name } }
 
       def stub_auth(body)
         stub_request(:post, 'https://samples.auth0.com/oauth/token')
@@ -220,7 +272,9 @@ describe OmniAuth::Strategies::Auth0 do
         WebMock.reset!
       end
 
-      let(:subject) { MultiJson.decode(last_response.body) }
+      let(:subject) do
+        MultiJson.decode(last_response.body)
+      end
 
       context 'basic oauth' do
         before do
@@ -239,10 +293,14 @@ describe OmniAuth::Strategies::Auth0 do
           expect(subject['credentials']['expires_at']).to_not be_nil
         end
 
-        it 'has basic values' do
+        it 'has basic values'  do
           expect(subject['provider']).to eq('auth0')
           expect(subject['uid']).to eq(user_id)
-          expect(subject['info']['name']).to eq(user_id)
+          expect(subject['info']['name']).to eq(name)
+        end
+
+        it 'should use the user info endpoint' do
+          expect(subject['extra']['raw_info']).to eq(basic_user_info)
         end
       end
 
@@ -268,7 +326,6 @@ describe OmniAuth::Strategies::Auth0 do
       context 'oidc' do
         before do
           stub_auth(oidc_response)
-          stub_userinfo(oidc_user_info)
           trigger_callback
         end
 

metadata

@@ -1,43 +1,57 @@
 --- !ruby/object:Gem::Specification
 name: omniauth-auth0
 version: !ruby/object:Gem::Version
-  version: 2.4.0
+  version: 3.0.0
 platform: ruby
 authors:
 - Auth0
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2020-09-23 00:00:00.000000000 Z
+date: 2021-04-19 00:00:00.000000000 Z
 dependencies:
+- !ruby/object:Gem::Dependency
+  name: omniauth
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.0'
 - !ruby/object:Gem::Dependency
   name: omniauth-oauth2
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.5'
+        version: '1.7'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.5'
+        version: '1.7'
 - !ruby/object:Gem::Dependency
   name: bundler
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '1.9'
+        version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '1.9'
+        version: '0'
 description: |
   Auth0 is an authentication broker that supports social identity providers as well as enterprise identity providers such as Active Directory, LDAP, Google Apps, Salesforce.
 
@@ -53,7 +67,9 @@ files:
 - ".circleci/config.yml"
 - ".gemrelease"
 - ".github/CODEOWNERS"
-- ".github/ISSUE_TEMPLATE.md"
+- ".github/ISSUE_TEMPLATE/config.yml"
+- ".github/ISSUE_TEMPLATE/feature_request.md"
+- ".github/ISSUE_TEMPLATE/report_a_bug.md"
 - ".github/PULL_REQUEST_TEMPLATE.md"
 - ".github/stale.yml"
 - ".gitignore"
@@ -64,7 +80,6 @@ files:
 - CODE_OF_CONDUCT.md
 - CONTRIBUTING.md
 - Gemfile
-- Gemfile.lock
 - Guardfile
 - LICENSE
 - README.md
@@ -103,7 +118,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.1.2
+rubygems_version: 3.2.16
 signing_key:
 specification_version: 4
 summary: OmniAuth OAuth2 strategy for the Auth0 platform.

data/.github/ISSUE_TEMPLATE.md

@@ -1,39 +0,0 @@
-In order to efficiently and accurately address your issue or feature request, please read through the template below and answer all relevant questions. Your additional work here is greatly appreciated and will help us respond as quickly as possible. Please delete any sections or questions below that do not pertain to this request.
-
-For general support or usage questions, please use the [Auth0 Community](https://community.auth0.com/) or [Auth0 Support](https://support.auth0.com.).
-
-### Description
-
-Description of the bug or feature request and why it's a problem. Consider including:
-
-- The use case or overall problem you're trying to solve
-- Information about when the problem started
-
-### Prerequisites
-
-* [ ] I have read the [Auth0 contribution guidelines](https://github.com/auth0/open-source-template/blob/master/GENERAL-CONTRIBUTING.md)
-* [ ] I have read the [Auth0 Code of Conduct](https://github.com/auth0/open-source-template/blob/master/CODE-OF-CONDUCT.md)
-* [ ] Did you check the [documentation](https://auth0.com/docs/quickstart/webapp/rails)?
-* [ ] Did you check [Auth0 Community](https://community.auth0.com/tags/rails)?
-* [ ] Are you reporting this to the correct repository? This strategy relies on [OmniAuth](https://github.com/omniauth/omniauth) and the [OmniAuth OAuth2](https://github.com/omniauth/omniauth-oauth2) strategy. 
-* [ ] Are there any related or duplicate [Issues](https://github.com/auth0/omniauth-auth0/issues) or [PRs](https://github.com/auth0/omniauth-auth0/pulls) for this issue?
-
-### Environment
-
-Please provide the following:
-
-* OmniAuth-Auth0 version:
-* Ruby version:
-* Rails veresion:
-* Browser version, if applicable:
-* Additional gems that might be affecting your instance:
-
-### Reproduction
-
-Detail the steps taken to reproduce this error and note if this issue can be reproduced consistently or if it is intermittent.
-
-Please include:
-
-- Log files (redact/remove sensitive information)
-- Application settings (redact/remove sensitive information)
-- Screenshots, if helpful

data/Gemfile.lock

@@ -1,167 +0,0 @@
-PATH
-  remote: .
-  specs:
-    omniauth-auth0 (2.4.0)
-      omniauth-oauth2 (~> 1.5)
-
-GEM
-  remote: https://rubygems.org/
-  specs:
-    addressable (2.7.0)
-      public_suffix (>= 2.0.2, < 5.0)
-    ast (2.4.1)
-    codecov (0.2.11)
-      json
-      simplecov
-    coderay (1.1.3)
-    crack (0.4.4)
-    daemons (1.3.1)
-    diff-lcs (1.4.4)
-    docile (1.3.2)
-    dotenv (2.7.6)
-    eventmachine (1.2.7)
-    faraday (1.0.1)
-      multipart-post (>= 1.2, < 3)
-    ffi (1.13.1)
-    formatador (0.2.5)
-    gem-release (2.1.1)
-    guard (2.16.2)
-      formatador (>= 0.2.4)
-      listen (>= 2.7, < 4.0)
-      lumberjack (>= 1.0.12, < 2.0)
-      nenv (~> 0.1)
-      notiffany (~> 0.0)
-      pry (>= 0.9.12)
-      shellany (~> 0.0)
-      thor (>= 0.18.1)
-    guard-compat (1.2.1)
-    guard-rspec (4.7.3)
-      guard (~> 2.1)
-      guard-compat (~> 1.1)
-      rspec (>= 2.99.0, < 4.0)
-    hashdiff (1.0.1)
-    hashie (4.1.0)
-    json (2.3.1)
-    jwt (2.2.2)
-    listen (3.1.5)
-      rb-fsevent (~> 0.9, >= 0.9.4)
-      rb-inotify (~> 0.9, >= 0.9.7)
-      ruby_dep (~> 1.2)
-    lumberjack (1.2.8)
-    method_source (1.0.0)
-    multi_json (1.15.0)
-    multi_xml (0.6.0)
-    multipart-post (2.1.1)
-    mustermann (1.1.1)
-      ruby2_keywords (~> 0.0.1)
-    nenv (0.3.0)
-    notiffany (0.1.3)
-      nenv (~> 0.1)
-      shellany (~> 0.0)
-    oauth2 (1.4.4)
-      faraday (>= 0.8, < 2.0)
-      jwt (>= 1.0, < 3.0)
-      multi_json (~> 1.3)
-      multi_xml (~> 0.5)
-      rack (>= 1.2, < 3)
-    omniauth (1.9.1)
-      hashie (>= 3.4.6)
-      rack (>= 1.6.2, < 3)
-    omniauth-oauth2 (1.7.0)
-      oauth2 (~> 1.4)
-      omniauth (~> 1.9)
-    parallel (1.19.2)
-    parser (2.7.1.4)
-      ast (~> 2.4.1)
-    pry (0.13.1)
-      coderay (~> 1.1)
-      method_source (~> 1.0)
-    public_suffix (4.0.6)
-    rack (2.2.3)
-    rack-protection (2.1.0)
-      rack
-    rack-test (1.1.0)
-      rack (>= 1.0, < 3)
-    rainbow (3.0.0)
-    rake (13.0.1)
-    rb-fsevent (0.10.4)
-    rb-inotify (0.10.1)
-      ffi (~> 1.0)
-    regexp_parser (1.8.0)
-    rexml (3.2.4)
-    rspec (3.9.0)
-      rspec-core (~> 3.9.0)
-      rspec-expectations (~> 3.9.0)
-      rspec-mocks (~> 3.9.0)
-    rspec-core (3.9.2)
-      rspec-support (~> 3.9.3)
-    rspec-expectations (3.9.2)
-      diff-lcs (>= 1.2.0, < 2.0)
-      rspec-support (~> 3.9.0)
-    rspec-mocks (3.9.1)
-      diff-lcs (>= 1.2.0, < 2.0)
-      rspec-support (~> 3.9.0)
-    rspec-support (3.9.3)
-    rubocop (0.91.0)
-      parallel (~> 1.10)
-      parser (>= 2.7.1.1)
-      rainbow (>= 2.2.2, < 4.0)
-      regexp_parser (>= 1.7)
-      rexml
-      rubocop-ast (>= 0.4.0, < 1.0)
-      ruby-progressbar (~> 1.7)
-      unicode-display_width (>= 1.4.0, < 2.0)
-    rubocop-ast (0.4.2)
-      parser (>= 2.7.1.4)
-    ruby-progressbar (1.10.1)
-    ruby2_keywords (0.0.2)
-    ruby_dep (1.5.0)
-    shellany (0.0.1)
-    shotgun (0.9.2)
-      rack (>= 1.0)
-    simplecov (0.19.0)
-      docile (~> 1.1)
-      simplecov-html (~> 0.11)
-    simplecov-html (0.12.2)
-    sinatra (2.1.0)
-      mustermann (~> 1.0)
-      rack (~> 2.2)
-      rack-protection (= 2.1.0)
-      tilt (~> 2.0)
-    thin (1.7.2)
-      daemons (~> 1.0, >= 1.0.9)
-      eventmachine (~> 1.0, >= 1.0.4)
-      rack (>= 1, < 3)
-    thor (1.0.1)
-    tilt (2.0.10)
-    unicode-display_width (1.7.0)
-    webmock (3.9.1)
-      addressable (>= 2.3.6)
-      crack (>= 0.3.2)
-      hashdiff (>= 0.4.0, < 2.0.0)
-
-PLATFORMS
-  ruby
-
-DEPENDENCIES
-  bundler (~> 1.9)
-  codecov
-  dotenv
-  gem-release
-  guard-rspec
-  jwt
-  listen (~> 3.1.5)
-  omniauth-auth0!
-  pry
-  rack-test
-  rake
-  rspec (~> 3.5)
-  rubocop
-  shotgun
-  simplecov
-  sinatra
-  thin
-  webmock
-
-BUNDLED WITH
-   1.17.3