omniauth-azure-oauth2 0.0.2 → 0.0.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +4 -0
- data/README.md +23 -3
- data/lib/omniauth/azure_oauth2/version.rb +1 -1
- data/lib/omniauth/strategies/azure_oauth2.rb +6 -4
- data/omniauth-azure-oauth2.gemspec +1 -1
- data/spec/omniauth/strategies/azure_oauth2_spec.rb +47 -0
- metadata +4 -4
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: d9c73b1998879a637805a6e9bb99e474877b44f1
|
|
4
|
+
data.tar.gz: e6f364fd018413ca5ed2fb58cb26f63e946ccd9c
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 1ae29a25456cbae45d709dbd5d3fd125afcb6ff19d6169e0ea8a8d27a931e7221d4f40b271edd230fbdfb6988222c84dac9980553f805f9ef34c3e4ba9f23159
|
|
7
|
+
data.tar.gz: f9b8ddaa179edf69138b303afc33582b7809563f52c11e6c6c7814cb6e6ab515659541c6dbc85c51fa7a589812c3a56b7bd0175a92d3abf3303c75c05f2e08b3
|
data/CHANGELOG.md
CHANGED
data/README.md
CHANGED
|
@@ -29,20 +29,40 @@ Permissions need Delegated Permissions to at least have "Enable sign-on and read
|
|
|
29
29
|
|
|
30
30
|
Note: Seems like the terminology is still fluid, so follow the MS guidance (buwahaha) to set this up.
|
|
31
31
|
|
|
32
|
-
The TenantInfo information can be a hash or class. It must provide client_id
|
|
33
|
-
Optionally a domain_hint. For a simple single-tenant app, this could be:
|
|
32
|
+
The TenantInfo information can be a hash or class. It must provide client_id and client_secret.
|
|
33
|
+
Optionally a domain_hint and tenant_id. For a simple single-tenant app, this could be:
|
|
34
34
|
|
|
35
35
|
```ruby
|
|
36
36
|
use OmniAuth::Builder do
|
|
37
37
|
provider :azure_oauth2,
|
|
38
38
|
{
|
|
39
39
|
client_id: ENV['AZURE_CLIENT_ID'],
|
|
40
|
-
client_secret: ENV['
|
|
40
|
+
client_secret: ENV['AZURE_CLIENT_SECRET'],
|
|
41
41
|
tenant_id: ENV['AZURE_TENANT_ID']
|
|
42
42
|
}
|
|
43
43
|
end
|
|
44
44
|
```
|
|
45
45
|
|
|
46
|
+
Or the alternative format for use with [devise](https://github.com/plataformatec/devise):
|
|
47
|
+
|
|
48
|
+
```ruby
|
|
49
|
+
config.omniauth :azure_oauth2, client_id: ENV['AZURE_CLIENT_ID'],
|
|
50
|
+
client_secret: ENV['AZURE_CLIENT_SECRET'], tenant_id: ENV['AZURE_TENANT_ID']
|
|
51
|
+
```
|
|
52
|
+
|
|
53
|
+
For multi-tenant apps where you don't know the tenant_id in advance, simply leave out the tenant_id to use the
|
|
54
|
+
[common endpoint](http://msdn.microsoft.com/en-us/library/azure/dn645542.aspx).
|
|
55
|
+
|
|
56
|
+
```ruby
|
|
57
|
+
use OmniAuth::Builder do
|
|
58
|
+
provider :azure_oauth2,
|
|
59
|
+
{
|
|
60
|
+
client_id: ENV['AZURE_CLIENT_ID'],
|
|
61
|
+
client_secret: ENV['AZURE_CLIENT_SECRET']
|
|
62
|
+
}
|
|
63
|
+
end
|
|
64
|
+
```
|
|
65
|
+
|
|
46
66
|
For dynamic tenant assignment, pass a class that supports those same attributes and accepts the strategy as a parameter
|
|
47
67
|
|
|
48
68
|
```ruby
|
|
@@ -13,7 +13,7 @@ module OmniAuth
|
|
|
13
13
|
# AD resource identifier
|
|
14
14
|
option :resource, '00000002-0000-0000-c000-000000000000'
|
|
15
15
|
|
|
16
|
-
# tenant_provider must return client_id, client_secret
|
|
16
|
+
# tenant_provider must return client_id, client_secret and optionally tenant_id
|
|
17
17
|
args [:tenant_provider]
|
|
18
18
|
|
|
19
19
|
def client
|
|
@@ -25,7 +25,8 @@ module OmniAuth
|
|
|
25
25
|
|
|
26
26
|
options.client_id = provider.client_id
|
|
27
27
|
options.client_secret = provider.client_secret
|
|
28
|
-
options.tenant_id =
|
|
28
|
+
options.tenant_id =
|
|
29
|
+
provider.respond_to?(:tenant_id) ? provider.tenant_id : 'common'
|
|
29
30
|
|
|
30
31
|
options.authorize_params.domain_hint = provider.domain_hint if provider.respond_to?(:domain_hint) && provider.domain_hint
|
|
31
32
|
options.client_options.authorize_url = "#{BASE_AZURE_URL}/#{options.tenant_id}/oauth2/authorize"
|
|
@@ -44,14 +45,15 @@ module OmniAuth
|
|
|
44
45
|
name: raw_info['unique_name'],
|
|
45
46
|
first_name: raw_info['given_name'],
|
|
46
47
|
last_name: raw_info['family_name'],
|
|
47
|
-
email: raw_info['email'] || raw_info['upn']
|
|
48
|
+
email: raw_info['email'] || raw_info['upn'],
|
|
49
|
+
oid: raw_info['oid']
|
|
48
50
|
}
|
|
49
51
|
end
|
|
50
52
|
|
|
51
53
|
|
|
52
54
|
def raw_info
|
|
53
55
|
# it's all here in JWT http://msdn.microsoft.com/en-us/library/azure/dn195587.aspx
|
|
54
|
-
@raw_info ||= JWT.decode(access_token.token, nil, false)
|
|
56
|
+
@raw_info ||= JWT.decode(access_token.token, nil, false).first
|
|
55
57
|
end
|
|
56
58
|
|
|
57
59
|
end
|
|
@@ -53,6 +53,22 @@ describe OmniAuth::Strategies::AzureOauth2 do
|
|
|
53
53
|
|
|
54
54
|
end
|
|
55
55
|
|
|
56
|
+
describe 'static common configuration' do
|
|
57
|
+
let(:options) { @options || {} }
|
|
58
|
+
subject do
|
|
59
|
+
OmniAuth::Strategies::AzureOauth2.new(app, {client_id: 'id', client_secret: 'secret'}.merge(options))
|
|
60
|
+
end
|
|
61
|
+
|
|
62
|
+
describe '#client' do
|
|
63
|
+
it 'has correct authorize url' do
|
|
64
|
+
expect(subject.client.options[:authorize_url]).to eql('https://login.windows.net/common/oauth2/authorize')
|
|
65
|
+
end
|
|
66
|
+
|
|
67
|
+
it 'has correct token url' do
|
|
68
|
+
expect(subject.client.options[:token_url]).to eql('https://login.windows.net/common/oauth2/token')
|
|
69
|
+
end
|
|
70
|
+
end
|
|
71
|
+
end
|
|
56
72
|
|
|
57
73
|
describe 'dynamic configuration' do
|
|
58
74
|
let(:provider_klass) {
|
|
@@ -109,4 +125,35 @@ describe OmniAuth::Strategies::AzureOauth2 do
|
|
|
109
125
|
end
|
|
110
126
|
|
|
111
127
|
end
|
|
128
|
+
|
|
129
|
+
describe 'dynamic common configuration' do
|
|
130
|
+
let(:provider_klass) {
|
|
131
|
+
Class.new {
|
|
132
|
+
def initialize(strategy)
|
|
133
|
+
end
|
|
134
|
+
|
|
135
|
+
def client_id
|
|
136
|
+
'id'
|
|
137
|
+
end
|
|
138
|
+
|
|
139
|
+
def client_secret
|
|
140
|
+
'secret'
|
|
141
|
+
end
|
|
142
|
+
}
|
|
143
|
+
}
|
|
144
|
+
|
|
145
|
+
subject do
|
|
146
|
+
OmniAuth::Strategies::AzureOauth2.new(app, provider_klass)
|
|
147
|
+
end
|
|
148
|
+
|
|
149
|
+
describe '#client' do
|
|
150
|
+
it 'has correct authorize url' do
|
|
151
|
+
expect(subject.client.options[:authorize_url]).to eql('https://login.windows.net/common/oauth2/authorize')
|
|
152
|
+
end
|
|
153
|
+
|
|
154
|
+
it 'has correct token url' do
|
|
155
|
+
expect(subject.client.options[:token_url]).to eql('https://login.windows.net/common/oauth2/token')
|
|
156
|
+
end
|
|
157
|
+
end
|
|
158
|
+
end
|
|
112
159
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: omniauth-azure-oauth2
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.0.
|
|
4
|
+
version: 0.0.3
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Mark Nadig
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2014-05
|
|
11
|
+
date: 2014-11-05 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: omniauth
|
|
@@ -30,14 +30,14 @@ dependencies:
|
|
|
30
30
|
requirements:
|
|
31
31
|
- - ~>
|
|
32
32
|
- !ruby/object:Gem::Version
|
|
33
|
-
version:
|
|
33
|
+
version: 1.0.0
|
|
34
34
|
type: :runtime
|
|
35
35
|
prerelease: false
|
|
36
36
|
version_requirements: !ruby/object:Gem::Requirement
|
|
37
37
|
requirements:
|
|
38
38
|
- - ~>
|
|
39
39
|
- !ruby/object:Gem::Version
|
|
40
|
-
version:
|
|
40
|
+
version: 1.0.0
|
|
41
41
|
- !ruby/object:Gem::Dependency
|
|
42
42
|
name: omniauth-oauth2
|
|
43
43
|
requirement: !ruby/object:Gem::Requirement
|