omniauth-azure_activedirectory_v3 1.0.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml ADDED
@@ -0,0 +1,7 @@
1
+ ---
2
+ SHA256:
3
+ metadata.gz: cd656beba4e05dbd17378383745d4a9aaa0e4067b5245e48f685db478ac83aa3
4
+ data.tar.gz: f8efb0aa3eee77f695d7a997f89e52abb72bee8fe2672a031e2f461ed5e2b020
5
+ SHA512:
6
+ metadata.gz: f54e32fdfb123657547a9a35399cc7aa62c85ece6058266cc1c3676b9e52830397a60462abcb49d4466bc713e76084d8982a6131bc889ec4a5a1ac31ad86f1c2
7
+ data.tar.gz: ab19efb1e3b190cc12bc9d2794a1c69e371628d339405a03bec11ad6159009fb7e588203ef40419f839c8dfd4c6caca4889f5ba0f180bf580ce4010b078ddb23
data/CHANGELOG.md ADDED
@@ -0,0 +1,26 @@
1
+ # Change Log
2
+
3
+ ## v1.0.0 (2020-09-25)
4
+
5
+ Removes use of the https://graph.microsoft.com/v1.0/me API.
6
+
7
+ * One of the key differences for the V3 API vs V1 is the differences
8
+ between who can sign with the addition of Personal Accounts - see:
9
+ https://nicolgit.github.io/AzureAD-Endopoint-V1-vs-V3-comparison/
10
+
11
+ - In testing we found that these accounts may not have access to
12
+ this endpoint
13
+ - All the data provided in `info` exists in the JWT anyway, so this
14
+ cuts down on API calls
15
+
16
+ * Conforms to the Omniauth Auth Hash Schema (1.0 and later) - see:
17
+ https://github.com/omniauth/omniauth/wiki/Auth-Hash-Schema
18
+
19
+ - Expose `raw_info`
20
+ - Remove `id` from `info`
21
+ - *NB: This could be a breaking change for some, but most will
22
+ already be using the correct property name of `uid`.*
23
+
24
+ ## v0.1.1 (2020-09-23)
25
+
26
+ - First release.
@@ -0,0 +1,74 @@
1
+ # Contributor Covenant Code of Conduct
2
+
3
+ ## Our Pledge
4
+
5
+ In the interest of fostering an open and welcoming environment, we as
6
+ contributors and maintainers pledge to making participation in our project and
7
+ our community a harassment-free experience for everyone, regardless of age, body
8
+ size, disability, ethnicity, gender identity and expression, level of experience,
9
+ nationality, personal appearance, race, religion, or sexual identity and
10
+ orientation.
11
+
12
+ ## Our Standards
13
+
14
+ Examples of behavior that contributes to creating a positive environment
15
+ include:
16
+
17
+ * Using welcoming and inclusive language
18
+ * Being respectful of differing viewpoints and experiences
19
+ * Gracefully accepting constructive criticism
20
+ * Focusing on what is best for the community
21
+ * Showing empathy towards other community members
22
+
23
+ Examples of unacceptable behavior by participants include:
24
+
25
+ * The use of sexualized language or imagery and unwelcome sexual attention or
26
+ advances
27
+ * Trolling, insulting/derogatory comments, and personal or political attacks
28
+ * Public or private harassment
29
+ * Publishing others' private information, such as a physical or electronic
30
+ address, without explicit permission
31
+ * Other conduct which could reasonably be considered inappropriate in a
32
+ professional setting
33
+
34
+ ## Our Responsibilities
35
+
36
+ Project maintainers are responsible for clarifying the standards of acceptable
37
+ behavior and are expected to take appropriate and fair corrective action in
38
+ response to any instances of unacceptable behavior.
39
+
40
+ Project maintainers have the right and responsibility to remove, edit, or
41
+ reject comments, commits, code, wiki edits, issues, and other contributions
42
+ that are not aligned to this Code of Conduct, or to ban temporarily or
43
+ permanently any contributor for other behaviors that they deem inappropriate,
44
+ threatening, offensive, or harmful.
45
+
46
+ ## Scope
47
+
48
+ This Code of Conduct applies both within project spaces and in public spaces
49
+ when an individual is representing the project or its community. Examples of
50
+ representing a project or community include using an official project e-mail
51
+ address, posting via an official social media account, or acting as an appointed
52
+ representative at an online or offline event. Representation of a project may be
53
+ further defined and clarified by project maintainers.
54
+
55
+ ## Enforcement
56
+
57
+ Instances of abusive, harassing, or otherwise unacceptable behavior may be
58
+ reported by contacting the project team at dev@ripglobal.com. All
59
+ complaints will be reviewed and investigated and will result in a response that
60
+ is deemed necessary and appropriate to the circumstances. The project team is
61
+ obligated to maintain confidentiality with regard to the reporter of an incident.
62
+ Further details of specific enforcement policies may be posted separately.
63
+
64
+ Project maintainers who do not follow or enforce the Code of Conduct in good
65
+ faith may face temporary or permanent repercussions as determined by other
66
+ members of the project's leadership.
67
+
68
+ ## Attribution
69
+
70
+ This Code of Conduct is adapted from the [Contributor Covenant][homepage], version 1.4,
71
+ available at [https://contributor-covenant.org/version/1/4][version]
72
+
73
+ [homepage]: https://contributor-covenant.org
74
+ [version]: https://contributor-covenant.org/version/1/4/
data/Gemfile ADDED
@@ -0,0 +1,7 @@
1
+ source 'https://rubygems.org'
2
+
3
+ # Specify your gem's dependencies in omniauth-azure-activedirectory-v3.gemspec
4
+ gemspec
5
+
6
+ gem 'rake', '~> 12.0'
7
+ gem 'rspec', '~> 3.0'
data/LICENSE.txt ADDED
@@ -0,0 +1,21 @@
1
+ The MIT License (MIT)
2
+
3
+ Copyright (c) 2020 Jesse Whitham
4
+
5
+ Permission is hereby granted, free of charge, to any person obtaining a copy
6
+ of this software and associated documentation files (the "Software"), to deal
7
+ in the Software without restriction, including without limitation the rights
8
+ to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
9
+ copies of the Software, and to permit persons to whom the Software is
10
+ furnished to do so, subject to the following conditions:
11
+
12
+ The above copyright notice and this permission notice shall be included in
13
+ all copies or substantial portions of the Software.
14
+
15
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16
+ IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17
+ FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18
+ AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19
+ LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20
+ OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
21
+ THE SOFTWARE.
data/README.md ADDED
@@ -0,0 +1,61 @@
1
+ # Omniauth::Azure::Activedirectory::V3
2
+
3
+ ## Notice
4
+ - This gem is EXACTLY the same as [RIPAGlobal's](https://github.com/RIPAGlobal/omniauth-azure-activedirectory-v3)
5
+ - For reasons I don't want to get into, I needed the gem to be called `omniauth-azure_activedirectory_v3` instead of `omniauth-azure-activedirectory-v3`.
6
+ - That is all.
7
+
8
+ [![Gem Version](https://badge.fury.io/rb/omniauth-azure-activedirectory-v3.svg)](https://badge.fury.io/rb/omniauth-azure-activedirectory-v3)
9
+ [![Build Status](https://travis-ci.org/RIPGlobal/omniauth-azure-activedirectory-v3.svg)](https://travis-ci.org/RIPGlobal/omniauth-azure-activedirectory-v3)
10
+ [![License](https://img.shields.io/github/license/RIPGlobal/omniauth-azure-activedirectory-v3.svg)](LICENSE.md)
11
+
12
+ OAuth 2 authentication with [Azure ActiveDirectory's V3 API](https://docs.microsoft.com/en-us/azure/active-directory/develop/v3-overview). Rationale:
13
+
14
+ * https://github.com/marknadig/omniauth-azure-oauth2 is no longer maintained.
15
+ * https://github.com/marknadig/omniauth-azure-oauth2/pull/29 contains important additions.
16
+
17
+ This gem combines the two and makes some changes to support the full V3 API.
18
+
19
+ The ActiveDirectory V1 auth API used OpenID Connect. If you need this, a gem from Microsoft [is available here](https://github.com/AzureAD/omniauth-azure-activedirectory), but seems to be abandoned.
20
+
21
+
22
+
23
+ ## Installation
24
+
25
+ Add this line to your application's Gemfile:
26
+
27
+ ```ruby
28
+ gem 'omniauth-azure-activedirectory-v3'
29
+ ```
30
+
31
+ And then execute:
32
+
33
+ $ bundle install
34
+
35
+ Or install it yourself as:
36
+
37
+ $ gem install omniauth-azure-activedirectory-v3
38
+
39
+
40
+
41
+ ## Usage
42
+
43
+ See https://github.com/marknadig/omniauth-azure-oauth2 for background information.
44
+
45
+
46
+
47
+ ## Contributing
48
+
49
+ Bug reports and pull requests are welcome on GitHub at https://github.com/RIPGlobal/omniauth-azure-activedirectory-v3. This project is intended to be a safe, welcoming space for collaboration so contributors must adhere to the [code of conduct](https://github.com/RIPGlobal/omniauth-azure-activedirectory-v3/blob/master/CODE_OF_CONDUCT.md).
50
+
51
+
52
+
53
+ ## License
54
+
55
+ The gem is available as open source under the terms of the [MIT License](https://opensource.org/licenses/MIT).
56
+
57
+
58
+
59
+ ## Code of Conduct
60
+
61
+ Everyone interacting in this project's codebases, issue trackers, chat rooms and mailing lists must follow the [code of conduct](https://github.com/RIPGlobal/omniauth-azure-activedirectory-v3/blob/master/CODE_OF_CONDUCT.md).
data/bin/console ADDED
@@ -0,0 +1,14 @@
1
+ #!/usr/bin/env ruby
2
+
3
+ require 'bundler/setup'
4
+ require 'omniauth/azure/activedirectory/v3'
5
+
6
+ # You can add fixtures and/or initialization code here to make experimenting
7
+ # with your gem easier. You can also use a different console, if you like.
8
+
9
+ # (If you use this, don't forget to add pry to your Gemfile!)
10
+ # require "pry"
11
+ # Pry.start
12
+
13
+ require 'irb'
14
+ IRB.start(__FILE__)
data/bin/setup ADDED
@@ -0,0 +1,8 @@
1
+ #!/usr/bin/env bash
2
+ set -euo pipefail
3
+ IFS=$'\n\t'
4
+ set -vx
5
+
6
+ bundle install
7
+
8
+ # Do any other automated setup that you need to do here
@@ -0,0 +1,10 @@
1
+ module Omniauth
2
+ module Azure
3
+ module Activedirectory
4
+ module V3
5
+ VERSION = '1.0.0'
6
+ DATE = '2022-02-22'
7
+ end
8
+ end
9
+ end
10
+ end
@@ -0,0 +1,2 @@
1
+ require File.join('omniauth', 'azure_activedirectory_v3', 'version')
2
+ require File.join('omniauth', 'strategies', 'azure_activedirectory_v3')
@@ -0,0 +1,98 @@
1
+ require 'omniauth-oauth2'
2
+
3
+ module OmniAuth
4
+ module Strategies
5
+ class AzureActivedirectoryV3 < OmniAuth::Strategies::OAuth2
6
+ BASE_AZURE_URL = 'https://login.microsoftonline.com'
7
+
8
+ option :name, 'azure_activedirectory_v3'
9
+ option :tenant_provider, nil
10
+
11
+ DEFAULT_SCOPE = 'openid profile email'
12
+
13
+ # tenant_provider must return client_id, client_secret and optionally tenant_id and base_azure_url
14
+ args [:tenant_provider]
15
+
16
+ def client
17
+ provider = if options.tenant_provider
18
+ options.tenant_provider.new(self)
19
+ else
20
+ options # if pass has to config, get mapped right on to options
21
+ end
22
+
23
+ options.client_id = provider.client_id
24
+ options.client_secret = provider.client_secret
25
+ options.tenant_id =
26
+ provider.respond_to?(:tenant_id) ? provider.tenant_id : 'common'
27
+ options.base_azure_url =
28
+ provider.respond_to?(:base_azure_url) ? provider.base_azure_url : BASE_AZURE_URL
29
+
30
+ options.authorize_params = provider.authorize_params if provider.respond_to?(:authorize_params)
31
+ if provider.respond_to?(:domain_hint) && provider.domain_hint
32
+ options.authorize_params.domain_hint = provider.domain_hint
33
+ end
34
+ options.authorize_params.prompt = request.params['prompt'] if defined? request && request.params['prompt']
35
+ options.authorize_params.scope = (if provider.respond_to?(:scope) && provider.scope
36
+ provider.scope
37
+ end) || DEFAULT_SCOPE
38
+
39
+ options.client_options.authorize_url = "#{options.base_azure_url}/#{options.tenant_id}/oauth2/v3.0/authorize"
40
+ options.client_options.token_url = "#{options.base_azure_url}/#{options.tenant_id}/oauth2/v3.0/token"
41
+
42
+ super
43
+ end
44
+
45
+ uid do
46
+ raw_info['oid']
47
+ end
48
+
49
+ info do
50
+ {
51
+ name: raw_info['name'],
52
+ email: raw_info['email'] || raw_info['upn'],
53
+ nickname: raw_info['unique_name'],
54
+ first_name: raw_info['given_name'],
55
+ last_name: raw_info['family_name']
56
+ }
57
+ end
58
+
59
+ extra do
60
+ { raw_info: raw_info }
61
+ end
62
+
63
+ def callback_url
64
+ full_host + script_name + callback_path
65
+ end
66
+
67
+ # https://docs.microsoft.com/en-us/azure/active-directory/develop/id-tokens
68
+ #
69
+ # Some account types from Microsoft seem to only have a decodable ID token,
70
+ # with JWT unable to decode the access token. Information is limited in those
71
+ # cases. Other account types provide an expanded set of data inside the auth
72
+ # token, which does decode as a JWT.
73
+ #
74
+ # Merge the two, allowing the expanded auth token data to overwrite the ID
75
+ # token data if keys collide, and use this as raw info.
76
+ #
77
+ def raw_info
78
+ if @raw_info.nil?
79
+ id_token_data = begin
80
+ ::JWT.decode(access_token.params['id_token'], nil, false).first
81
+ rescue StandardError
82
+ {}
83
+ end
84
+ auth_token_data = begin
85
+ ::JWT.decode(access_token.token, nil, false).first
86
+ rescue StandardError
87
+ {}
88
+ end
89
+
90
+ id_token_data.merge!(auth_token_data)
91
+ @raw_info = id_token_data
92
+ end
93
+
94
+ @raw_info
95
+ end
96
+ end
97
+ end
98
+ end
@@ -0,0 +1 @@
1
+ require File.join('omniauth', 'azure_activedirectory_v3')
@@ -0,0 +1,48 @@
1
+ # frozen_string_literal: true
2
+
3
+ # stub: omniauth-azure-activedirectory-v3 1.0.0 ruby lib
4
+
5
+ $:.push File.expand_path('lib', __dir__)
6
+ require 'omniauth/azure_activedirectory_v3/version'
7
+
8
+ # https://guides.rubygems.org/specification-reference/
9
+ #
10
+ Gem::Specification.new do |s|
11
+ s.name = 'omniauth-azure_activedirectory_v3'
12
+ s.version = Omniauth::Azure::Activedirectory::V3::VERSION
13
+ s.date = Omniauth::Azure::Activedirectory::V3::DATE
14
+ s.summary = 'OAuth 2 authentication with the Azure ActiveDirectory V3 API.'
15
+ s.authors = ['Leo Policastro']
16
+ s.email = ['lpolicastro@valleyforgefabrics.com']
17
+ s.licenses = ['MIT']
18
+ s.homepage = 'https://github.com/ValleyForgeFabrics/omniauth-azure-activedirectory-v3'
19
+
20
+ s.required_ruby_version = Gem::Requirement.new('>= 2.5.0')
21
+ s.require_paths = ['lib']
22
+ s.bindir = 'exe'
23
+ s.files = %w[
24
+ README.md
25
+ CHANGELOG.md
26
+ CODE_OF_CONDUCT.md
27
+ LICENSE.txt
28
+
29
+ Gemfile
30
+ bin/console
31
+ bin/setup
32
+
33
+ lib/omniauth-azure_activedirectory_v3.rb
34
+ lib/omniauth/azure_activedirectory_v3.rb
35
+ lib/omniauth/azure_activedirectory_v3/version.rb
36
+ lib/omniauth/strategies/azure_activedirectory_v3.rb
37
+
38
+ omniauth-azure_activedirectory_v3.gemspec
39
+ ]
40
+
41
+ s.metadata = {
42
+ 'bug_tracker_uri' => 'https://github.com/ValleyForgeFabrics/omniauth-azure-activedirectory-v3/issues/',
43
+ 'changelog_uri' => 'https://github.com/ValleyForgeFabrics/omniauth-azure-activedirectory-v3/blob/master/CHANGELOG.md',
44
+ 'source_code_uri' => 'https://github.com/ValleyForgeFabrics/omniauth-azure-activedirectory-v3'
45
+ }
46
+
47
+ s.add_runtime_dependency('omniauth-oauth2', '~> 1.7')
48
+ end
metadata ADDED
@@ -0,0 +1,72 @@
1
+ --- !ruby/object:Gem::Specification
2
+ name: omniauth-azure_activedirectory_v3
3
+ version: !ruby/object:Gem::Version
4
+ version: 1.0.0
5
+ platform: ruby
6
+ authors:
7
+ - Leo Policastro
8
+ autorequire:
9
+ bindir: exe
10
+ cert_chain: []
11
+ date: 2022-02-22 00:00:00.000000000 Z
12
+ dependencies:
13
+ - !ruby/object:Gem::Dependency
14
+ name: omniauth-oauth2
15
+ requirement: !ruby/object:Gem::Requirement
16
+ requirements:
17
+ - - "~>"
18
+ - !ruby/object:Gem::Version
19
+ version: '1.7'
20
+ type: :runtime
21
+ prerelease: false
22
+ version_requirements: !ruby/object:Gem::Requirement
23
+ requirements:
24
+ - - "~>"
25
+ - !ruby/object:Gem::Version
26
+ version: '1.7'
27
+ description:
28
+ email:
29
+ - lpolicastro@valleyforgefabrics.com
30
+ executables: []
31
+ extensions: []
32
+ extra_rdoc_files: []
33
+ files:
34
+ - CHANGELOG.md
35
+ - CODE_OF_CONDUCT.md
36
+ - Gemfile
37
+ - LICENSE.txt
38
+ - README.md
39
+ - bin/console
40
+ - bin/setup
41
+ - lib/omniauth-azure_activedirectory_v3.rb
42
+ - lib/omniauth/azure_activedirectory_v3.rb
43
+ - lib/omniauth/azure_activedirectory_v3/version.rb
44
+ - lib/omniauth/strategies/azure_activedirectory_v3.rb
45
+ - omniauth-azure_activedirectory_v3.gemspec
46
+ homepage: https://github.com/ValleyForgeFabrics/omniauth-azure-activedirectory-v3
47
+ licenses:
48
+ - MIT
49
+ metadata:
50
+ bug_tracker_uri: https://github.com/ValleyForgeFabrics/omniauth-azure-activedirectory-v3/issues/
51
+ changelog_uri: https://github.com/ValleyForgeFabrics/omniauth-azure-activedirectory-v3/blob/master/CHANGELOG.md
52
+ source_code_uri: https://github.com/ValleyForgeFabrics/omniauth-azure-activedirectory-v3
53
+ post_install_message:
54
+ rdoc_options: []
55
+ require_paths:
56
+ - lib
57
+ required_ruby_version: !ruby/object:Gem::Requirement
58
+ requirements:
59
+ - - ">="
60
+ - !ruby/object:Gem::Version
61
+ version: 2.5.0
62
+ required_rubygems_version: !ruby/object:Gem::Requirement
63
+ requirements:
64
+ - - ">="
65
+ - !ruby/object:Gem::Version
66
+ version: '0'
67
+ requirements: []
68
+ rubygems_version: 3.3.7
69
+ signing_key:
70
+ specification_version: 4
71
+ summary: OAuth 2 authentication with the Azure ActiveDirectory V3 API.
72
+ test_files: []