omniauth-bunq 0.1.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 54a43ec596604ce0b297e07d08a46061c7fced02
+  data.tar.gz: c6923968989fdf21a36fbb607cf1e2c2d2bd9c19
+SHA512:
+  metadata.gz: 67a6dc047dbec1df554d7a2d18bbbc92d0ca4657c41a25110d0e704706561a07bbc2d05cd09104976fdfec2b1f42776124ef4a21bdbc98d650f72947bbf3e8e0
+  data.tar.gz: c934b168107d7012b132143ef45a1bfa85781f446effee1b4e8e473b9d55caf3c0d04b32b38a0dbeb69293e9ce2619973d6f8b094983582723a694720e996290

data/.gitignore

@@ -0,0 +1,17 @@
+*.gem
+*.rbc
+.bundle
+.config
+.yardoc
+Gemfile.lock
+InstalledFiles
+_yardoc
+coverage
+doc/
+lib/bundler/man
+/pkg
+rdoc
+spec/reports
+test/tmp
+test/version_tmp
+tmp

data/.rspec

@@ -0,0 +1 @@
+--colour

data/Gemfile

@@ -0,0 +1,13 @@
+source 'https://rubygems.org'
+
+# Specify your gem's dependencies in omniauth-github.gemspec
+gemspec
+
+group :development, :test do
+  gem 'guard'
+  gem 'guard-rspec'
+  gem 'guard-bundler'
+  gem 'rb-fsevent'
+  gem 'growl'
+  gem 'rake'
+end

data/Guardfile

@@ -0,0 +1,10 @@
+guard 'rspec', :version => 2 do
+  watch(%r{^spec/.+_spec\.rb$})
+  watch(%r{^lib/(.+)\.rb$})     { |m| "spec/#{m[1]}_spec.rb" }
+  watch('spec/spec_helper.rb')  { "spec" }
+end
+
+guard 'bundler' do
+  watch('Gemfile')
+  watch('omniauth-rabobank.gemspec')
+end

data/README.md

@@ -0,0 +1,13 @@
+# OmniAuth Bunq
+
+This is the official OmniAuth strategy for authenticating to Rabobank. To
+use it, you'll need to sign up for an OAuth2 Application ID and Secret
+on the [Bunq Applications Page]().
+
+## Basic Usage
+
+```ruby
+use OmniAuth::Builder do
+  provider :bunq, ENV['BUNQ_KEY'], ENV['BUNQ_SECRET']
+end
+```

data/Rakefile

@@ -0,0 +1,8 @@
+#!/usr/bin/env rake
+require "bundler/gem_tasks"
+require 'rspec/core/rake_task'
+
+RSpec::Core::RakeTask.new
+
+desc 'Run specs'
+task :default => :spec

data/lib/omniauth-bunq.rb

@@ -0,0 +1,2 @@
+require "omniauth-bunq/version"
+require 'omniauth/strategies/bunq'

data/lib/omniauth-bunq/version.rb

@@ -0,0 +1,5 @@
+module OmniAuth
+  module Bunq
+    VERSION = "0.1.0"
+  end
+end

data/lib/omniauth/strategies/bunq.rb

@@ -0,0 +1,80 @@
+require 'omniauth-oauth2'
+
+module OmniAuth
+  module Strategies
+    class Bunq < OmniAuth::Strategies::OAuth2
+      option :client_options, {
+        :site => 'https://api-sandbox.rabobank.nl',
+        :authorize_url => 'https://api-sandbox.rabobank.nl/openapi/sandbox/oauth2/authorize',
+        :token_url => 'https://api-sandbox.rabobank.nl/openapi/sandbox/oauth2/token'
+      }
+
+      def request_phase
+        super
+      end
+
+      def authorize_params
+        super.tap do |params|
+          %w[scope client_options].each do |v|
+            if request.params[v]
+              params[v.to_sym] = request.params[v]
+            end
+          end
+        end
+      end
+
+      uid { raw_info['id'].to_s }
+
+      info do
+        {
+          'nickname' => raw_info['login'],
+          'email' => email,
+          'name' => raw_info['name'],
+          'image' => raw_info['avatar_url'],
+          'urls' => {
+            'GitHub' => raw_info['html_url'],
+            'Blog' => raw_info['blog'],
+          },
+        }
+      end
+
+      extra do
+        {:raw_info => raw_info, :all_emails => emails}
+      end
+
+      def raw_info
+        access_token.options[:mode] = :query
+        @raw_info ||= access_token.get('user').parsed
+      end
+
+      def email
+        (email_access_allowed?) ? primary_email : raw_info['email']
+      end
+
+      def primary_email
+        primary = emails.find{ |i| i['primary'] && i['verified'] }
+        primary && primary['email'] || nil
+      end
+
+      # The new /user/emails API - http://developer.github.com/v3/users/emails/#future-response
+      def emails
+        return [] unless email_access_allowed?
+        access_token.options[:mode] = :query
+        @emails ||= access_token.get('user/emails', :headers => { 'Accept' => 'application/vnd.github.v3' }).parsed
+      end
+
+      def email_access_allowed?
+        return false unless options['scope']
+        email_scopes = ['user', 'user:email']
+        scopes = options['scope'].split(',')
+        (scopes & email_scopes).any?
+      end
+
+      def callback_url
+        full_host + script_name + callback_path
+      end
+    end
+  end
+end
+
+OmniAuth.config.add_camelization 'bunq', 'Bunq'

data/omniauth-bunq.gemspec

@@ -0,0 +1,25 @@
+# -*- encoding: utf-8 -*-
+require File.expand_path('../lib/omniauth-bunq/version', __FILE__)
+
+Gem::Specification.new do |gem|
+  gem.authors       = ["Dunya Kirkali"]
+  gem.email         = ["dunyakirkali@gmail.com"]
+  gem.description   = %q{Official OmniAuth strategy for Bunq.}
+  gem.summary       = %q{Official OmniAuth strategy for Bunq.}
+  gem.homepage      = "https://github.com/ahtung/omniauth-bunq"
+  gem.license       = "MIT"
+
+  gem.executables   = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) }
+  gem.files         = `git ls-files`.split("\n")
+  gem.test_files    = `git ls-files -- {test,spec,features}/*`.split("\n")
+  gem.name          = "omniauth-bunq"
+  gem.require_paths = ["lib"]
+  gem.version       = OmniAuth::Bunq::VERSION
+
+  gem.add_dependency 'omniauth', '~> 1.5'
+  gem.add_dependency 'omniauth-oauth2', '>= 1.4.0', '< 2.0'
+  gem.add_development_dependency 'rspec', '~> 3.5'
+  gem.add_development_dependency 'rack-test'
+  gem.add_development_dependency 'simplecov'
+  gem.add_development_dependency 'webmock'
+end

data/spec/omniauth/strategies/bunq_spec.rb

@@ -0,0 +1,161 @@
+require 'spec_helper'
+
+describe OmniAuth::Strategies::Bunq do
+  let(:access_token) { instance_double('AccessToken', :options => {}) }
+  let(:parsed_response) { instance_double('ParsedResponse') }
+  let(:response) { instance_double('Response', :parsed => parsed_response) }
+
+  let(:enterprise_site)          { 'https://some.other.site.com/api/v3' }
+  let(:enterprise_authorize_url) { 'https://some.other.site.com/login/oauth/authorize' }
+  let(:enterprise_token_url)     { 'https://some.other.site.com/login/oauth/access_token' }
+  let(:enterprise) do
+    OmniAuth::Strategies::Bunq.new('BUNQ_KEY', 'BUNQ_SECRET',
+        {
+            :client_options => {
+                :site => enterprise_site,
+                :authorize_url => enterprise_authorize_url,
+                :token_url => enterprise_token_url
+            }
+        }
+    )
+  end
+
+  subject do
+    OmniAuth::Strategies::Bunq.new({})
+  end
+
+  before(:each) do
+    allow(subject).to receive(:access_token).and_return(access_token)
+  end
+
+  context 'client options' do
+    it 'should have correct site' do
+      expect(subject.options.client_options.site).to eq('https://api-sandbox.rabobank.nl')
+    end
+
+    it 'should have correct authorize url' do
+      expect(subject.options.client_options.authorize_url).to eq('https://api-sandbox.rabobank.nl/openapi/sandbox/oauth2/authorize')
+    end
+
+    it 'should have correct token url' do
+      expect(subject.options.client_options.token_url).to eq('https://api-sandbox.rabobank.nl/openapi/sandbox/oauth2/token')
+    end
+
+    describe 'should be overrideable' do
+      it 'for site' do
+        expect(enterprise.options.client_options.site).to eq(enterprise_site)
+      end
+
+      it 'for authorize url' do
+        expect(enterprise.options.client_options.authorize_url).to eq(enterprise_authorize_url)
+      end
+
+      it 'for token url' do
+        expect(enterprise.options.client_options.token_url).to eq(enterprise_token_url)
+      end
+    end
+  end
+
+  context '#email_access_allowed?' do
+    it 'should not allow email if scope is nil' do
+      expect(subject.options['scope']).to be_nil
+      expect(subject).to_not be_email_access_allowed
+    end
+
+    it 'should allow email if scope is user' do
+      subject.options['scope'] = 'user'
+      expect(subject).to be_email_access_allowed
+    end
+
+    it 'should allow email if scope is a bunch of stuff including user' do
+      subject.options['scope'] = 'public_repo,user,repo,delete_repo,gist'
+      expect(subject).to be_email_access_allowed
+    end
+
+    it 'should not allow email if scope does not grant email access' do
+      subject.options['scope'] = 'repo,user:follow'
+      expect(subject).to_not be_email_access_allowed
+    end
+
+    it 'should assume email access not allowed if scope is something currently not documented' do
+      subject.options['scope'] = 'currently_not_documented'
+      expect(subject).to_not be_email_access_allowed
+    end
+  end
+
+  context '#email' do
+    it 'should return email from raw_info if available' do
+      allow(subject).to receive(:raw_info).and_return({ 'email' => 'you@example.com' })
+      expect(subject.email).to eq('you@example.com')
+    end
+
+    it 'should return nil if there is no raw_info and email access is not allowed' do
+      allow(subject).to receive(:raw_info).and_return({})
+      expect(subject.email).to be_nil
+    end
+
+    it 'should not return the primary email if there is no raw_info and email access is allowed' do
+      emails = [
+        { 'email' => 'secondary@example.com', 'primary' => false },
+        { 'email' => 'primary@example.com',   'primary' => true }
+      ]
+      allow(subject).to receive(:raw_info).and_return({})
+      subject.options['scope'] = 'user'
+      allow(subject).to receive(:emails).and_return(emails)
+      expect(subject.email).to be_nil
+    end
+
+    it 'should not return the first email if there is no raw_info and email access is allowed' do
+      emails = [
+        { 'email' => 'first@example.com',   'primary' => false },
+        { 'email' => 'second@example.com',  'primary' => false }
+      ]
+      allow(subject).to receive(:raw_info).and_return({})
+      subject.options['scope'] = 'user'
+      allow(subject).to receive(:emails).and_return(emails)
+      expect(subject.email).to be_nil
+    end
+  end
+
+  context '#raw_info' do
+    it 'should use relative paths' do
+      expect(access_token).to receive(:get).with('user').and_return(response)
+      expect(subject.raw_info).to eq(parsed_response)
+    end
+  end
+
+  context '#emails' do
+    it 'should use relative paths' do
+      expect(access_token).to receive(:get).with('user/emails', :headers => {
+        'Accept' => 'application/vnd.github.v3'
+      }).and_return(response)
+
+      subject.options['scope'] = 'user'
+      expect(subject.emails).to eq(parsed_response)
+    end
+  end
+
+  context '#info.email' do
+    it 'should use any available email' do
+      allow(subject).to receive(:raw_info).and_return({})
+      allow(subject).to receive(:email).and_return('you@example.com')
+      expect(subject.info['email']).to eq('you@example.com')
+    end
+  end
+
+  context '#info.urls' do
+    it 'should use html_url from raw_info' do
+      allow(subject).to receive(:raw_info).and_return({ 'login' => 'me', 'html_url' => 'http://enterprise/me' })
+      expect(subject.info['urls']['GitHub']).to eq('http://enterprise/me')
+    end
+  end
+
+  describe '#callback_url' do
+    it 'is a combination of host, script name, and callback path' do
+      allow(subject).to receive(:full_host).and_return('https://example.com')
+      allow(subject).to receive(:script_name).and_return('/sub_uri')
+
+      expect(subject.callback_url).to eq('https://example.com/sub_uri/auth/bunq/callback')
+    end
+  end
+end

data/spec/spec_helper.rb

@@ -0,0 +1,15 @@
+$:.unshift File.expand_path('..', __FILE__)
+$:.unshift File.expand_path('../../lib', __FILE__)
+require 'simplecov'
+SimpleCov.start
+require 'rspec'
+require 'rack/test'
+require 'webmock/rspec'
+require 'omniauth'
+require 'omniauth-bunq'
+
+RSpec.configure do |config|
+  config.include WebMock::API
+  config.include Rack::Test::Methods
+  config.extend  OmniAuth::Test::StrategyMacros, :type => :strategy
+end

metadata

@@ -0,0 +1,148 @@
+--- !ruby/object:Gem::Specification
+name: omniauth-bunq
+version: !ruby/object:Gem::Version
+  version: 0.1.0
+platform: ruby
+authors:
+- Dunya Kirkali
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2018-09-22 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: omniauth
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.5'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.5'
+- !ruby/object:Gem::Dependency
+  name: omniauth-oauth2
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 1.4.0
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '2.0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 1.4.0
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '2.0'
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.5'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.5'
+- !ruby/object:Gem::Dependency
+  name: rack-test
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: simplecov
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: webmock
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+description: Official OmniAuth strategy for Bunq.
+email:
+- dunyakirkali@gmail.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- ".gitignore"
+- ".rspec"
+- Gemfile
+- Guardfile
+- README.md
+- Rakefile
+- lib/omniauth-bunq.rb
+- lib/omniauth-bunq/version.rb
+- lib/omniauth/strategies/bunq.rb
+- omniauth-bunq.gemspec
+- spec/omniauth/strategies/bunq_spec.rb
+- spec/spec_helper.rb
+homepage: https://github.com/ahtung/omniauth-bunq
+licenses:
+- MIT
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.5.1
+signing_key: 
+specification_version: 4
+summary: Official OmniAuth strategy for Bunq.
+test_files:
+- spec/omniauth/strategies/bunq_spec.rb
+- spec/spec_helper.rb