omniauth-azure-activedirectory 1.0.0

data/examples/rails-todo-list-app/app/controllers/tasks_controller.rb

@@ -0,0 +1,33 @@
+class TasksController < SignedInController
+
+  def index
+    @new_task = Task.new
+    @tasks = (current_user.tasks if current_user.respond_to? :tasks) || {}
+    super
+  end
+
+  def create
+    return unless params['task']['description']   # We don't store empty tasks.
+    task = Task.create!(description: params['task']['description'],
+                        user_id: current_user.id,
+                        user: current_user)
+    current_user.tasks.append task
+    task.save!
+    redirect_to tasks_path
+  end
+
+  def destroy
+    Task.find(params[:id]).destroy
+    redirect_to tasks_path
+  end
+
+  private
+
+  def current_user
+    User.find_by_id(session['user_id'])
+  end
+
+  def task_params
+    params.require(:task).permit(:description)
+  end
+end

data/examples/rails-todo-list-app/app/models/task.rb

@@ -0,0 +1,10 @@
+class Task < ActiveRecord::Base
+  belongs_to :user
+  validates :user_id, :description, presence: true
+
+  # When a task is completed, we remove it from the database.
+  # This cannot be undone.
+  def complete
+    Task.find(id).destroy
+  end
+end

data/examples/rails-todo-list-app/app/models/user.rb

@@ -0,0 +1,58 @@
+class User < ActiveRecord::Base
+  has_many :tasks
+  validates :provider, :uid, presence: true
+
+  AUTH_CTX = ADAL::AuthenticationContext.new(
+    'login.windows.net', ENV['TENANT'])
+  CLIENT_CRED = ADAL::ClientCredential.new(ENV['CLIENT_ID'], ENV['CLIENT_SECRET'])
+  GRAPH_RESOURCE = 'https://graph.windows.net'
+
+  def self.from_omniauth(auth_hash)
+    user = User.where(provider: auth_hash[:provider],
+                      uid: auth_hash[:uid]).first_or_create
+    user.name = auth_hash[:info]['name']
+    user.email = auth_hash[:info]['email']
+
+    # Note that this is the first part that is AAD specific.
+    if auth_hash[:credentials]['code']
+      user.redeem_code(
+        auth_hash[:credentials]['code'],
+        'https://localhost:9292/auth/azureactivedirectory/callback')
+    end
+    user.save!
+    user
+  end
+
+  def graph_access_token
+    AUTH_CTX.acquire_token_for_user(GRAPH_RESOURCE, CLIENT_CRED, adal_user_identifier).access_token
+  end
+
+  def redeem_code(auth_code, reply_url)
+    adal_user = AUTH_CTX.acquire_token_with_authorization_code(
+                  auth_code,
+                  reply_url,
+                  CLIENT_CRED,
+                  GRAPH_RESOURCE
+                ).user_info
+    self.adal_unique_id = adal_user.unique_id
+    self.adal_displayable_id = adal_user.displayable_id
+    self.save!
+  end
+
+  def self.authorization_request_url
+    AUTH_CTX.authorization_request_url(
+      GRAPH_RESOURCE,
+      ENV['CLIENT_ID'], 
+      'https://localhost:9292/authorize')
+  end
+
+  private
+
+  def adal_user_identifier
+    if adal_displayable_id
+      ADAL::UserIdentifier.new(adal_displayable_id, :DISPLAYABLE_ID)
+    else
+      ADAL::UserIdentifier.new(adal_unique_id, :UNIQUE_ID)
+    end
+  end
+end

data/examples/rails-todo-list-app/app/views/home/index.html.haml

@@ -0,0 +1,4 @@
+%p
+  To use this Todo List Manager, you will need to sign in with your Azure Active Directory credentials
+
+= link_to "Sign in", sign_in_path

data/examples/rails-todo-list-app/app/views/layouts/application.html.haml

@@ -0,0 +1,12 @@
+!!!
+%html
+  %head
+    %title RailsTodoListApp
+    = stylesheet_link_tag "application", media: "all"
+    = javascript_include_tag "application"
+    = csrf_meta_tags
+  %body
+    %h1
+      Todo List
+    #main
+      = yield

data/examples/rails-todo-list-app/app/views/layouts/signed_in.html.haml

@@ -0,0 +1,18 @@
+!!!
+%html
+  %head
+    %title RailsTodoListApp
+    = stylesheet_link_tag "application", media: "all"
+    = javascript_include_tag "application"
+    = csrf_meta_tags
+  %body
+    %h1
+      Todo List
+    %p
+      #{@current_user.name} &lt#{@current_user.email}&gt.
+      %br
+      = link_to "Todo List", tasks_path
+      = link_to "Profile", profile_index_path
+      = link_to "Sign out", session_path, method: :delete
+    #main
+      = yield

data/examples/rails-todo-list-app/app/views/profile/index.html.haml

@@ -0,0 +1,13 @@
+%h4 This is your personal information from the AzureAD graph
+%br
+= label_tag :name, "Name: #{@profile['displayName']}"
+%br
+= label_tag :phone, "Phone: #{@profile['mobile']}"
+%br
+= label_tag :position, "Position: #{@profile['jobTitle']}"
+%br
+= label_tag :address, "Address: #{@profile['streetAddress']}"
+%br
+= label_tag :postal_code, "Postal code: #{@profile['postalCode']}"
+%br
+= label_tag :country, "Country: #{@profile['country']}"

data/examples/rails-todo-list-app/app/views/tasks/index.html.haml

@@ -0,0 +1,11 @@
+#task_index
+  %h3 Add a new task
+  = form_for(@new_task) do |form|
+    = form.text_field :description
+    = form.submit
+
+  %h3 Your tasks
+  - @tasks.each do |task|
+    %li.task
+      = button_to 'Delete', task_path(task), method: :delete, data: { confirm: 'Are you sure?' }, form: { style: 'display:inline-block;' }
+      = label :description, task.description

data/examples/rails-todo-list-app/bin/bundle

@@ -0,0 +1,3 @@
+#!/usr/bin/env ruby
+ENV['BUNDLE_GEMFILE'] ||= File.expand_path('../../Gemfile', __FILE__)
+load Gem.bin_path('bundler', 'bundle')

data/examples/rails-todo-list-app/bin/rails

@@ -0,0 +1,4 @@
+#!/usr/bin/env ruby
+APP_PATH = File.expand_path('../../config/application', __FILE__)
+require_relative '../config/boot'
+require 'rails/commands'

data/examples/rails-todo-list-app/bin/rake

@@ -0,0 +1,4 @@
+#!/usr/bin/env ruby
+require_relative '../config/boot'
+require 'rake'
+Rake.application.run

data/examples/rails-todo-list-app/bin/setup

@@ -0,0 +1,29 @@
+#!/usr/bin/env ruby
+require 'pathname'
+
+# path to your application root.
+APP_ROOT = Pathname.new File.expand_path('../../',  __FILE__)
+
+Dir.chdir APP_ROOT do
+  # This script is a starting point to setup your application.
+  # Add necessary setup steps to this file:
+
+  puts "== Installing dependencies =="
+  system "gem install bundler --conservative"
+  system "bundle check || bundle install"
+
+  # puts "\n== Copying sample files =="
+  # unless File.exist?("config/database.yml")
+  #   system "cp config/database.yml.sample config/database.yml"
+  # end
+
+  puts "\n== Preparing database =="
+  system "bin/rake db:setup"
+
+  puts "\n== Removing old logs and tempfiles =="
+  system "rm -f log/*"
+  system "rm -rf tmp/cache"
+
+  puts "\n== Restarting application server =="
+  system "touch tmp/restart.txt"
+end

data/examples/rails-todo-list-app/config.ru

@@ -0,0 +1,4 @@
+# This file is used by Rack-based servers to start the application.
+
+require ::File.expand_path('../config/environment', __FILE__)
+run Rails.application

data/examples/rails-todo-list-app/config/application.rb

@@ -0,0 +1,29 @@
+require File.expand_path('../boot', __FILE__)
+
+require 'rails/all'
+
+# Require the gems listed in Gemfile, including any gems
+# you've limited to :test, :development, or :production.
+Bundler.require(*Rails.groups)
+
+module RailsTodoListApp
+  class Application < Rails::Application
+    # Settings in config/environments/* take precedence over those specified here.
+    # Application configuration should go into files in config/initializers
+    # -- all .rb files in that directory are automatically loaded.
+
+    # Set Time.zone default to the specified zone and make Active Record auto-convert to this zone.
+    # Run "rake -D time" for a list of tasks for finding time zone names. Default is UTC.
+    # config.time_zone = 'Central Time (US & Canada)'
+
+    # The default locale is :en and all translations from config/locales/*.rb,yml are auto loaded.
+    # config.i18n.load_path += Dir[Rails.root.join('my', 'locales', '*.{rb,yml}').to_s]
+    # config.i18n.default_locale = :de
+
+    # Do not swallow errors in after_commit/after_rollback callbacks.
+    config.active_record.raise_in_transactional_callbacks = true
+
+    # All traffic must be HTTPS.
+    config.force_ssl = true
+  end
+end

data/examples/rails-todo-list-app/config/boot.rb

@@ -0,0 +1,3 @@
+ENV['BUNDLE_GEMFILE'] ||= File.expand_path('../../Gemfile', __FILE__)
+
+require 'bundler/setup' # Set up gems listed in the Gemfile.

data/examples/rails-todo-list-app/config/database.yml

@@ -0,0 +1,25 @@
+# SQLite version 3.x
+#   gem install sqlite3
+#
+#   Ensure the SQLite 3 gem is defined in your Gemfile
+#   gem 'sqlite3'
+#
+default: &default
+  adapter: sqlite3
+  pool: 5
+  timeout: 5000
+
+development:
+  <<: *default
+  database: db/development.sqlite3
+
+# Warning: The database defined as "test" will be erased and
+# re-generated from your development database when you run "rake".
+# Do not set this db to the same as development or production.
+test:
+  <<: *default
+  database: db/test.sqlite3
+
+production:
+  <<: *default
+  database: db/production.sqlite3

data/examples/rails-todo-list-app/config/environment.rb

@@ -0,0 +1,13 @@
+# You may want to specify these keys separately for production and test
+# environments.
+ENV['CLIENT_ID'] = 'YOUR CLIENT ID HERE'
+ENV['CLIENT_SECRET'] = 'YOUR CLIENT SECRET HERE'
+ENV['TENANT'] ='YOUR TENANT HERE'
+
+# Load the Rails application.
+require File.expand_path('../application', __FILE__)
+
+ADAL::Logging.log_level = ADAL::Logger::VERBOSE
+
+# Initialize the Rails application.
+Rails.application.initialize!

data/examples/rails-todo-list-app/config/environments/development.rb

@@ -0,0 +1,41 @@
+Rails.application.configure do
+  # Settings specified here will take precedence over those in config/application.rb.
+
+  # In the development environment your application's code is reloaded on
+  # every request. This slows down response time but is perfect for development
+  # since you don't have to restart the web server when you make code changes.
+  config.cache_classes = false
+
+  # Do not eager load code on boot.
+  config.eager_load = false
+
+  # Show full error reports and disable caching.
+  config.consider_all_requests_local       = true
+  config.action_controller.perform_caching = false
+
+  # Don't care if the mailer can't send.
+  config.action_mailer.raise_delivery_errors = false
+
+  # Print deprecation notices to the Rails logger.
+  config.active_support.deprecation = :log
+
+  # Raise an error on page load if there are pending migrations.
+  config.active_record.migration_error = :page_load
+
+  # Debug mode disables concatenation and preprocessing of assets.
+  # This option may cause significant delays in view rendering with a large
+  # number of complex assets.
+  config.assets.debug = true
+
+  # Asset digests allow you to set far-future HTTP expiration dates on all assets,
+  # yet still be able to expire them through the digest params.
+  config.assets.digest = true
+
+  # Adds additional error checking when serving assets at runtime.
+  # Checks for improperly declared sprockets dependencies.
+  # Raises helpful error messages.
+  config.assets.raise_runtime_errors = true
+
+  # Raises error for missing translations
+  # config.action_view.raise_on_missing_translations = true
+end

data/examples/rails-todo-list-app/config/environments/production.rb

@@ -0,0 +1,79 @@
+Rails.application.configure do
+  # Settings specified here will take precedence over those in config/application.rb.
+
+  # Code is not reloaded between requests.
+  config.cache_classes = true
+
+  # Eager load code on boot. This eager loads most of Rails and
+  # your application in memory, allowing both threaded web servers
+  # and those relying on copy on write to perform better.
+  # Rake tasks automatically ignore this option for performance.
+  config.eager_load = true
+
+  # Full error reports are disabled and caching is turned on.
+  config.consider_all_requests_local       = false
+  config.action_controller.perform_caching = true
+
+  # Enable Rack::Cache to put a simple HTTP cache in front of your application
+  # Add `rack-cache` to your Gemfile before enabling this.
+  # For large-scale production use, consider using a caching reverse proxy like
+  # NGINX, varnish or squid.
+  # config.action_dispatch.rack_cache = true
+
+  # Disable serving static files from the `/public` folder by default since
+  # Apache or NGINX already handles this.
+  config.serve_static_files = ENV['RAILS_SERVE_STATIC_FILES'].present?
+
+  # Compress JavaScripts and CSS.
+  config.assets.js_compressor = :uglifier
+  # config.assets.css_compressor = :sass
+
+  # Do not fallback to assets pipeline if a precompiled asset is missed.
+  config.assets.compile = false
+
+  # Asset digests allow you to set far-future HTTP expiration dates on all assets,
+  # yet still be able to expire them through the digest params.
+  config.assets.digest = true
+
+  # `config.assets.precompile` and `config.assets.version` have moved to config/initializers/assets.rb
+
+  # Specifies the header that your server uses for sending files.
+  # config.action_dispatch.x_sendfile_header = 'X-Sendfile' # for Apache
+  # config.action_dispatch.x_sendfile_header = 'X-Accel-Redirect' # for NGINX
+
+  # Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies.
+  # config.force_ssl = true
+
+  # Use the lowest log level to ensure availability of diagnostic information
+  # when problems arise.
+  config.log_level = :debug
+
+  # Prepend all log lines with the following tags.
+  # config.log_tags = [ :subdomain, :uuid ]
+
+  # Use a different logger for distributed setups.
+  # config.logger = ActiveSupport::TaggedLogging.new(SyslogLogger.new)
+
+  # Use a different cache store in production.
+  # config.cache_store = :mem_cache_store
+
+  # Enable serving of images, stylesheets, and JavaScripts from an asset server.
+  # config.action_controller.asset_host = 'http://assets.example.com'
+
+  # Ignore bad email addresses and do not raise email delivery errors.
+  # Set this to true and configure the email server for immediate delivery to raise delivery errors.
+  # config.action_mailer.raise_delivery_errors = false
+
+  # Enable locale fallbacks for I18n (makes lookups for any locale fall back to
+  # the I18n.default_locale when a translation cannot be found).
+  config.i18n.fallbacks = true
+
+  # Send deprecation notices to registered listeners.
+  config.active_support.deprecation = :notify
+
+  # Use default logging formatter so that PID and timestamp are not suppressed.
+  config.log_formatter = ::Logger::Formatter.new
+
+  # Do not dump schema after migrations.
+  config.active_record.dump_schema_after_migration = false
+end

data/examples/rails-todo-list-app/config/environments/test.rb

@@ -0,0 +1,42 @@
+Rails.application.configure do
+  # Settings specified here will take precedence over those in config/application.rb.
+
+  # The test environment is used exclusively to run your application's
+  # test suite. You never need to work with it otherwise. Remember that
+  # your test database is "scratch space" for the test suite and is wiped
+  # and recreated between test runs. Don't rely on the data there!
+  config.cache_classes = true
+
+  # Do not eager load code on boot. This avoids loading your whole application
+  # just for the purpose of running a single test. If you are using a tool that
+  # preloads Rails for running tests, you may have to set it to true.
+  config.eager_load = false
+
+  # Configure static file server for tests with Cache-Control for performance.
+  config.serve_static_files   = true
+  config.static_cache_control = 'public, max-age=3600'
+
+  # Show full error reports and disable caching.
+  config.consider_all_requests_local       = true
+  config.action_controller.perform_caching = false
+
+  # Raise exceptions instead of rendering exception templates.
+  config.action_dispatch.show_exceptions = false
+
+  # Disable request forgery protection in test environment.
+  config.action_controller.allow_forgery_protection = false
+
+  # Tell Action Mailer not to deliver emails to the real world.
+  # The :test delivery method accumulates sent emails in the
+  # ActionMailer::Base.deliveries array.
+  config.action_mailer.delivery_method = :test
+
+  # Randomize the order test cases are executed.
+  config.active_support.test_order = :random
+
+  # Print deprecation notices to the stderr.
+  config.active_support.deprecation = :stderr
+
+  # Raises error for missing translations
+  # config.action_view.raise_on_missing_translations = true
+end