omniauth-azure-activedirectory-v2 2.0.0 → 2.0.1

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 6292ee8af704acb7005d47fa78c9ebae4ae9e49bc677dcaff08e087560004013
4
- data.tar.gz: 418effa55080e12e2371804f2634c67977c782c7fa9a4bbb3fafbae253e69307
3
+ metadata.gz: c7b7178785e2c99c41ee6151625a0fe7015b6d739b6acec990869170ccc9279b
4
+ data.tar.gz: 212532541fef751fb142fc03c6bcc52edf120300732f0b475c05ee0ac22ee7e1
5
5
  SHA512:
6
- metadata.gz: 89d6e827e31cb60be2c30fbc464360bc355b0381ec653874535125da81fa596e7c2ec43134183417c8ff29ce631737e0ce2bb79ff1876354a67a45fd1eccbef6
7
- data.tar.gz: 5e551b04a716d10745cd913af183ba1997c705f16edb39e925c2cdff59b4905a39b113c333fa2f1b927179eef58383be150c6012f31627e5f14776830f6dacf5
6
+ metadata.gz: 27831a75a2ced722e99022c230d1c2fa9beaeaafc692ccb4248ad58532321895e1b95764a9f25ee031d6c58e8a5dbae6ec4aa1b937988f65a7d43928b32611b2
7
+ data.tar.gz: decf7f79d5998bce54df815bf286f681101a8bcdbac134e6c9856c53c619bcd5e218fe9643724f5caaca415911c24f576da25eafe6f76422998d284fc426819a
data/CHANGELOG.md CHANGED
@@ -1,12 +1,21 @@
1
1
  # Change Log
2
2
 
3
+ ## v2.0.1 (2023-01-11)
4
+
5
+ Renames:
6
+
7
+ * RIPGlobal -> RIPAGlobal
8
+ * Omniauth -> OmniAuth
9
+
10
+ _No functional change._
11
+
3
12
  ## v2.0.0 (2022-09-14)
4
13
 
5
14
  Makes compatible with OmniAuth 2 and requires it.
6
15
 
7
16
  Note: https://github.com/RIPAGlobal/omniauth-azure-activedirectory-v2/pull/6 for reasoning - Thanks @jessieay
8
17
 
9
- _Major version bump as no longer supports Omniauth 1._
18
+ _Major version bump as no longer supports OmniAuth 1._
10
19
 
11
20
  ## v1.0.0 (2020-09-25)
12
21
 
@@ -21,7 +30,7 @@ Removes use of the https://graph.microsoft.com/v1.0/me API.
21
30
  - All the data provided in `info` exists in the JWT anyway, so this
22
31
  cuts down on API calls
23
32
 
24
- * Conforms to the Omniauth Auth Hash Schema (1.0 and later) - see:
33
+ * Conforms to the OmniAuth Auth Hash Schema (1.0 and later) - see:
25
34
  https://github.com/omniauth/omniauth/wiki/Auth-Hash-Schema
26
35
 
27
36
  - Expose `raw_info`
data/CODE_OF_CONDUCT.md CHANGED
@@ -55,7 +55,7 @@ further defined and clarified by project maintainers.
55
55
  ## Enforcement
56
56
 
57
57
  Instances of abusive, harassing, or otherwise unacceptable behavior may be
58
- reported by contacting the project team at dev@ripglobal.com. All
58
+ reported by contacting the project team at dev@ripaglobal.com. All
59
59
  complaints will be reviewed and investigated and will result in a response that
60
60
  is deemed necessary and appropriate to the circumstances. The project team is
61
61
  obligated to maintain confidentiality with regard to the reporter of an incident.
data/README.md CHANGED
@@ -1,8 +1,8 @@
1
- # Omniauth::Azure::Activedirectory::V2
1
+ # OmniAuth::Azure::Activedirectory::V2
2
2
 
3
3
  [![Gem Version](https://badge.fury.io/rb/omniauth-azure-activedirectory-v2.svg)](https://badge.fury.io/rb/omniauth-azure-activedirectory-v2)
4
- [![Build Status](https://travis-ci.org/RIPGlobal/omniauth-azure-activedirectory-v2.svg)](https://travis-ci.org/RIPGlobal/omniauth-azure-activedirectory-v2)
5
- [![License](https://img.shields.io/github/license/RIPGlobal/omniauth-azure-activedirectory-v2.svg)](LICENSE.md)
4
+ [![Build Status](https://app.travis-ci.com/RIPAGlobal/omniauth-azure-activedirectory-v2.svg?branch=master)](https://app.travis-ci.com/github/RIPAGlobal/omniauth-azure-activedirectory-v2)
5
+ [![License](https://img.shields.io/github/license/RIPAGlobal/omniauth-azure-activedirectory-v2.svg)](LICENSE.md)
6
6
 
7
7
  OAuth 2 authentication with [Azure ActiveDirectory's V2 API](https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-overview). Rationale:
8
8
 
@@ -35,13 +35,126 @@ Or install it yourself as:
35
35
 
36
36
  ## Usage
37
37
 
38
- See https://github.com/marknadig/omniauth-azure-oauth2 for background information.
38
+ Please start by reading https://github.com/marknadig/omniauth-azure-oauth2 for basic configuration and background information. Note that with this gem, you must use strategy name `azure_activedirectory_v2` rather than `azure_oauth2`. Additional configuration information is given below.
39
+
40
+ ### Configuration
41
+
42
+ #### With `OmniAuth::Builder`
43
+
44
+ You can do something like this for a static / fixed configuration:
45
+
46
+ ```ruby
47
+ use OmniAuth::Builder do
48
+ provider(
49
+ :azure_activedirectory_v2,
50
+ {
51
+ client_id: ENV['AZURE_CLIENT_ID'],
52
+ client_secret: ENV['AZURE_CLIENT_SECRET']
53
+ }
54
+ )
55
+ end
56
+ ```
57
+
58
+ ...or, if using a custom provider class (called `YouTenantProvider` in this example):
59
+
60
+ ```ruby
61
+ use OmniAuth::Builder do
62
+ provider(
63
+ :azure_activedirectory_v2,
64
+ YouTenantProvider
65
+ )
66
+ end
67
+ ```
68
+
69
+ #### With Devise
70
+
71
+ In your `config/initializers/devise.rb` file you can do something like this for a static / fixed configuration:
72
+
73
+ ```ruby
74
+ config.omniauth(
75
+ :azure_activedirectory_v2,
76
+ {
77
+ client_id: ENV['AZURE_CLIENT_ID'],
78
+ client_secret: ENV['AZURE_CLIENT_SECRET']
79
+ }
80
+ )
81
+ ```
82
+
83
+ ...or, if using a custom provider class (called `YouTenantProvider` in this example):
84
+
85
+ ```ruby
86
+ config.omniauth(
87
+ :azure_activedirectory_v2,
88
+ YouTenantProvider
89
+ )
90
+ ```
91
+
92
+ ### Configuration options
93
+
94
+ All of the items listed below are optional, unless noted otherwise. They can be provided either in a static configuration Hash as shown in examples above, or via *read accessor instance methods* in a provider class (more on this later).
95
+
96
+ | Option | Use |
97
+ | ------ | --- |
98
+ | `client_id` | **Mandatory.** Client ID for the 'application' (integration) configured on the Azure side. Found via the Azure UI. |
99
+ | `client_secret` | **Mandatory.** Client secret for the 'application' (integration) configured on the Azure side. Found via the Azure UI. |
100
+ | `base_azure_url` | Location of Azure login page, for specialised requirements; default is `OmniAuth::Strategies::AzureActivedirectoryV2::BASE_AZURE_URL` (at the time of writing, this is `https://login.microsoftonline.com`). |
101
+ | `tenant_id` | _Azure_ tenant ID for multi-tenanted use. Default is `common`. Forms part of the Azure OAuth URL - `{base}/{tenant_id}/oauth2/v2.0/...` |
102
+ | `authorize_params` | Additional parameters passed as URL query data in the initial OAuth redirection to Microsoft. See below for more. Empty Hash default. |
103
+ | `domain_hint` | If defined, sets (overwriting, if already present) `domain_hint` inside `authorize_params`. Default `nil` / none. |
104
+ | `scope` | If defined, sets (overwriting, if already present) `scope` inside `authorize_params`. Default is `OmniAuth::Strategies::AzureActivedirectoryV2::DEFAULT_SCOPE` (at the time of writing, this is `'openid profile email'`). |
105
+
106
+ In addition, as a special case, if the request URL contains a query parameter `prompt`, then this will be written into `authorize_params` under that key, overwriting if present any other value there. Note that this comes from the current request URL at the time OAuth flow is commencing, _not_ via static options Hash data or via a custom provider class - but you _could_ just as easily set `scope` inside a custom `authorize_params` returned from a provider class, as shown in an example later; the request URL query mechanism is just another way of doing the same thing.
107
+
108
+ #### Explaining `authorize_params`
109
+
110
+ The `authorize_params` hash-like object contains key-value pairs which are transformed into URL query string data and added to existing standard OAuth query data in the URL used for the initial redirection from your web site, to the Microsoft Azure AD login page, at the start of OAuth flow. You can find these listed some way down the table just below an OAuth URL example at:
111
+
112
+ * https://learn.microsoft.com/en-us/azure/active-directory/develop/v2-oauth2-auth-code-flow#code-try-1
113
+
114
+ ...looking for in particular items from `prompt` onwards.
115
+
116
+ #### Dynamic options via a custom provider class
117
+
118
+ Documentation mentioned earlier at https://github.com/marknadig/omniauth-azure-oauth2#usage gives an example of setting tenant ID dynamically via a custom provider class. We can also use that class in other ways. For example, let's rewrite it thus:
119
+
120
+ ```ruby
121
+ class YouTenantProvider
122
+ def initialize(strategy)
123
+ @strategy = strategy
124
+ end
125
+
126
+ def client_id
127
+ ENV['AZURE_CLIENT_ID']
128
+ end
129
+
130
+ def client_secret
131
+ ENV['AZURE_CLIENT_SECRET']
132
+ end
133
+
134
+ def authorize_params
135
+ ap = {}
136
+
137
+ if @strategy.request && @strategy.request.params['login_hint']
138
+ ap['login_hint'] = @strategy.request.params['login_hint']
139
+ end
140
+
141
+ return ap
142
+ end
143
+ end
144
+ ```
145
+
146
+ In this example, we're providing custom `authorize_params`. You can just return a standard Ruby Hash here, using lower case String or Symbol keys. The `strategy` value given to the initializer is an instance of [`OmniAuth::StrategiesAzureActivedirectoryV2`](https://github.com/RIPAGlobal/omniauth-azure-activedirectory-v2/blob/master/lib/omniauth/strategies/azure_activedirectory_v2.rb) which is a subclass of [`OmniAuth::Strategies::OAuth2`](https://www.rubydoc.info/gems/omniauth-oauth2/1.8.0/OmniAuth/Strategies/OAuth2), but that's not all that helpful! What's more useful is to know that **the Rails `request` object is available via `@strategy.request` and, likewise, the session store via `@strategy.session`**. This gives you a lot of flexibility for responding to an inbound request or user session, varying the parameters used for the Azure OAuth flow.
147
+
148
+ In method `#authorize_params` above, the request object is used to look for a `login_hint` query string entry, set in whichever view(s) is/are presented by your application for use when your users need to be redirected to the OmniAuth controller in order to kick off OAuth with Azure. The value is copied into the `authorize_params` Hash. Earlier, it was mentioned that there was a special case of `prompt` being pulled from the request URL query data, but that this could also be done via a custom provider - here, you can see how; just check `@strategy.request.params['prompt']` and copy that into `authorize_params` if preset.
149
+
150
+ > **NB:** Naming things is hard! The predecessor gem used the name `YouTenantProvider` since it was focused on custom tenant provision, but if using this in a more generic way, perhaps consider a more generic name such as, say, `CustomOmniAuthAzureProvider`.
151
+
39
152
 
40
153
 
41
154
 
42
155
  ## Contributing
43
156
 
44
- Bug reports and pull requests are welcome on GitHub at https://github.com/RIPGlobal/omniauth-azure-activedirectory-v2. This project is intended to be a safe, welcoming space for collaboration so contributors must adhere to the [code of conduct](https://github.com/RIPGlobal/omniauth-azure-activedirectory-v2/blob/master/CODE_OF_CONDUCT.md).
157
+ Bug reports and pull requests are welcome on GitHub at https://github.com/RIPAGlobal/omniauth-azure-activedirectory-v2. This project is intended to be a safe, welcoming space for collaboration so contributors must adhere to the [code of conduct](https://github.com/RIPAGlobal/omniauth-azure-activedirectory-v2/blob/master/CODE_OF_CONDUCT.md).
45
158
 
46
159
 
47
160
 
@@ -53,4 +166,4 @@ The gem is available as open source under the terms of the [MIT License](https:/
53
166
 
54
167
  ## Code of Conduct
55
168
 
56
- Everyone interacting in this project's codebases, issue trackers, chat rooms and mailing lists must follow the [code of conduct](https://github.com/RIPGlobal/omniauth-azure-activedirectory-v2/blob/master/CODE_OF_CONDUCT.md).
169
+ Everyone interacting in this project's codebases, issue trackers, chat rooms and mailing lists must follow the [code of conduct](https://github.com/RIPAGlobal/omniauth-azure-activedirectory-v2/blob/master/CODE_OF_CONDUCT.md).
@@ -1,9 +1,9 @@
1
- module Omniauth
1
+ module OmniAuth
2
2
  module Azure
3
3
  module Activedirectory
4
4
  module V2
5
- VERSION = "2.0.0"
6
- DATE = "2022-09-14"
5
+ VERSION = "2.0.1"
6
+ DATE = "2023-01-11"
7
7
  end
8
8
  end
9
9
  end
@@ -9,13 +9,13 @@ require 'omniauth/azure_activedirectory_v2/version'
9
9
  #
10
10
  Gem::Specification.new do |s|
11
11
  s.name = 'omniauth-azure-activedirectory-v2'
12
- s.version = Omniauth::Azure::Activedirectory::V2::VERSION
13
- s.date = Omniauth::Azure::Activedirectory::V2::DATE
12
+ s.version = OmniAuth::Azure::Activedirectory::V2::VERSION
13
+ s.date = OmniAuth::Azure::Activedirectory::V2::DATE
14
14
  s.summary = 'OAuth 2 authentication with the Azure ActiveDirectory V2 API.'
15
- s.authors = [ 'RIP Global' ]
16
- s.email = [ 'dev@ripglobal.com' ]
15
+ s.authors = [ 'RIPA Global' ]
16
+ s.email = [ 'dev@ripaglobal.com' ]
17
17
  s.licenses = [ 'MIT' ]
18
- s.homepage = 'https://github.com/RIPGlobal/omniauth-azure-activedirectory-v2'
18
+ s.homepage = 'https://github.com/RIPAGlobal/omniauth-azure-activedirectory-v2'
19
19
 
20
20
  s.required_ruby_version = Gem::Requirement.new('>= 2.3.0')
21
21
  s.require_paths = ['lib']
@@ -39,10 +39,10 @@ Gem::Specification.new do |s|
39
39
  }
40
40
 
41
41
  s.metadata = {
42
- 'homepage_uri' => 'https://www.ripglobal.com/',
43
- 'bug_tracker_uri' => 'https://github.com/RIPGlobal/omniauth-azure-activedirectory-v2/issues/',
44
- 'changelog_uri' => 'https://github.com/RIPGlobal/omniauth-azure-activedirectory-v2/blob/master/CHANGELOG.md',
45
- 'source_code_uri' => 'https://github.com/RIPGlobal/omniauth-azure-activedirectory-v2'
42
+ 'homepage_uri' => 'https://www.ripaglobal.com/',
43
+ 'bug_tracker_uri' => 'https://github.com/RIPAGlobal/omniauth-azure-activedirectory-v2/issues/',
44
+ 'changelog_uri' => 'https://github.com/RIPAGlobal/omniauth-azure-activedirectory-v2/blob/master/CHANGELOG.md',
45
+ 'source_code_uri' => 'https://github.com/RIPAGlobal/omniauth-azure-activedirectory-v2'
46
46
  }
47
47
 
48
48
  s.add_runtime_dependency('omniauth-oauth2', '~> 1.8')
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: omniauth-azure-activedirectory-v2
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.0.0
4
+ version: 2.0.1
5
5
  platform: ruby
6
6
  authors:
7
- - RIP Global
7
+ - RIPA Global
8
8
  autorequire:
9
9
  bindir: exe
10
10
  cert_chain: []
11
- date: 2022-09-14 00:00:00.000000000 Z
11
+ date: 2023-01-11 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: omniauth-oauth2
@@ -26,7 +26,7 @@ dependencies:
26
26
  version: '1.8'
27
27
  description:
28
28
  email:
29
- - dev@ripglobal.com
29
+ - dev@ripaglobal.com
30
30
  executables: []
31
31
  extensions: []
32
32
  extra_rdoc_files: []
@@ -43,14 +43,14 @@ files:
43
43
  - lib/omniauth/azure_activedirectory_v2/version.rb
44
44
  - lib/omniauth/strategies/azure_activedirectory_v2.rb
45
45
  - omniauth-azure-activedirectory-v2.gemspec
46
- homepage: https://github.com/RIPGlobal/omniauth-azure-activedirectory-v2
46
+ homepage: https://github.com/RIPAGlobal/omniauth-azure-activedirectory-v2
47
47
  licenses:
48
48
  - MIT
49
49
  metadata:
50
- homepage_uri: https://www.ripglobal.com/
51
- bug_tracker_uri: https://github.com/RIPGlobal/omniauth-azure-activedirectory-v2/issues/
52
- changelog_uri: https://github.com/RIPGlobal/omniauth-azure-activedirectory-v2/blob/master/CHANGELOG.md
53
- source_code_uri: https://github.com/RIPGlobal/omniauth-azure-activedirectory-v2
50
+ homepage_uri: https://www.ripaglobal.com/
51
+ bug_tracker_uri: https://github.com/RIPAGlobal/omniauth-azure-activedirectory-v2/issues/
52
+ changelog_uri: https://github.com/RIPAGlobal/omniauth-azure-activedirectory-v2/blob/master/CHANGELOG.md
53
+ source_code_uri: https://github.com/RIPAGlobal/omniauth-azure-activedirectory-v2
54
54
  post_install_message:
55
55
  rdoc_options: []
56
56
  require_paths: