omniauth-discourse 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (13) hide show
  1. checksums.yaml +7 -0
  2. data/.gitignore +17 -0
  3. data/.rubocop.yml +52 -0
  4. data/Gemfile +11 -0
  5. data/LICENSE +21 -0
  6. data/README.md +2 -0
  7. data/Rakefile +16 -0
  8. data/lib/omniauth-discourse.rb +2 -0
  9. data/lib/omniauth-discourse/version.rb +5 -0
  10. data/lib/omniauth/strategies/discourse.rb +54 -0
  11. data/lib/omniauth/strategies/discourse/sso.rb +86 -0
  12. data/omniauth-discourse.gemspec +20 -0
  13. metadata +85 -0
checksums.yaml ADDED
@@ -0,0 +1,7 @@
1
+ ---
2
+ SHA1:
3
+ metadata.gz: 4f61a5877fb60d7830421987d8f197ae16d975af
4
+ data.tar.gz: 9e9c4dd107e329bacf9038e1be00f611d2639fb4
5
+ SHA512:
6
+ metadata.gz: eeb010c4df0d42a400baaee162e52efaa111564c4dcbc4767d6dbf4dd6e61c2c4a87b315bd0675a49a38f5294987da4043bf20c7489dc4dd7fe8b57fa085758f
7
+ data.tar.gz: 39c5aae8a5e8d070fb0a439c9ae18159cee26b7e6d7a62ca503ae532b9a5d02d62854d3dba01321be6c29411609cf3ad2bfa5fe82da258d04af3023a86e662a7
data/.gitignore ADDED
@@ -0,0 +1,17 @@
1
+ *.gem
2
+ *.rbc
3
+ .bundle
4
+ .config
5
+ .yardoc
6
+ Gemfile.lock
7
+ InstalledFiles
8
+ _yardoc
9
+ coverage
10
+ doc/
11
+ lib/bundler/man
12
+ pkg
13
+ rdoc
14
+ spec/reports
15
+ test/tmp
16
+ test/version_tmp
17
+ tmp
data/.rubocop.yml ADDED
@@ -0,0 +1,52 @@
1
+ Metrics/AbcSize:
2
+ Enabled: false
3
+
4
+ Metrics/BlockNesting:
5
+ Max: 2
6
+
7
+ Metrics/LineLength:
8
+ AllowURI: true
9
+ Enabled: false
10
+
11
+ Metrics/MethodLength:
12
+ CountComments: false
13
+ Max: 10
14
+
15
+ Metrics/ParameterLists:
16
+ Max: 4
17
+ CountKeywordArgs: true
18
+
19
+ Style/AccessModifierIndentation:
20
+ EnforcedStyle: outdent
21
+
22
+ Style/CollectionMethods:
23
+ PreferredMethods:
24
+ map: 'collect'
25
+ reduce: 'inject'
26
+ find: 'detect'
27
+ find_all: 'select'
28
+
29
+ Style/Documentation:
30
+ Enabled: false
31
+
32
+ Style/DotPosition:
33
+ EnforcedStyle: trailing
34
+
35
+ Style/DoubleNegation:
36
+ Enabled: false
37
+
38
+ Style/FileName:
39
+ Exclude:
40
+ - 'lib/omniauth-oauth.rb'
41
+
42
+ Style/HashSyntax:
43
+ EnforcedStyle: hash_rockets
44
+
45
+ Style/Lambda:
46
+ Enabled: false
47
+
48
+ Style/SpaceInsideHashLiteralBraces:
49
+ EnforcedStyle: no_space
50
+
51
+ Style/StringLiterals:
52
+ EnforcedStyle: double_quotes
data/Gemfile ADDED
@@ -0,0 +1,11 @@
1
+ source "http://rubygems.org"
2
+
3
+ gemspec
4
+
5
+ gem "rake"
6
+
7
+ group :test do
8
+ gem "rack-test"
9
+ gem "rspec", "~> 3.2"
10
+ gem "rubocop", ">= 0.30", :platforms => [:ruby_19, :ruby_20, :ruby_21, :ruby_22]
11
+ end
data/LICENSE ADDED
@@ -0,0 +1,21 @@
1
+ The MIT License (MIT)
2
+
3
+ Copyright (c) 2016 Noah Lackstein
4
+
5
+ Permission is hereby granted, free of charge, to any person obtaining a copy
6
+ of this software and associated documentation files (the "Software"), to deal
7
+ in the Software without restriction, including without limitation the rights
8
+ to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
9
+ copies of the Software, and to permit persons to whom the Software is
10
+ furnished to do so, subject to the following conditions:
11
+
12
+ The above copyright notice and this permission notice shall be included in all
13
+ copies or substantial portions of the Software.
14
+
15
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16
+ IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17
+ FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18
+ AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19
+ LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20
+ OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
21
+ SOFTWARE.
data/README.md ADDED
@@ -0,0 +1,2 @@
1
+ # OmniAuth Discourse
2
+ ...
data/Rakefile ADDED
@@ -0,0 +1,16 @@
1
+ #!/usr/bin/env rake
2
+ require "bundler/gem_tasks"
3
+ require "rspec/core/rake_task"
4
+
5
+ RSpec::Core::RakeTask.new
6
+
7
+ begin
8
+ require "rubocop/rake_task"
9
+ RuboCop::RakeTask.new
10
+ rescue LoadError
11
+ task :rubocop do
12
+ $stderr.puts "Rubocop is disabled"
13
+ end
14
+ end
15
+
16
+ task :default => [:spec, :rubocop]
data/lib/omniauth-discourse.rb ADDED
@@ -0,0 +1,2 @@
1
+ require "omniauth-discourse/version"
2
+ require "omniauth/strategies/discourse"
data/lib/omniauth-discourse/version.rb ADDED
@@ -0,0 +1,5 @@
1
+ module OmniAuth
2
+ module Discourse
3
+ VERSION = "1.0.0"
4
+ end
5
+ end
data/lib/omniauth/strategies/discourse.rb ADDED
@@ -0,0 +1,54 @@
1
+ require "omniauth"
2
+ require "omniauth/strategies/discourse/sso"
3
+
4
+ module OmniAuth
5
+ module Strategies
6
+ class Discourse
7
+ include OmniAuth::Strategy
8
+
9
+ args [:sso_secret, :sso_url]
10
+ option :sso_secret, nil
11
+ option :sso_url, nil
12
+
13
+ attr_reader :user_info
14
+
15
+ def request_phase
16
+ sso = SSO.new(options.sso_secret, options.sso_url, callback_url)
17
+ session[:sso_nonce] = sso.nonce
18
+
19
+ redirect sso.request_url
20
+ end
21
+
22
+ def callback_phase
23
+ sso = SSO.new(options.sso_secret, options.sso_url, callback_url, session[:sso_nonce])
24
+ sso.parse(request.params)
25
+ raise OmniAuth::NoSessionError, "Username or password are not valid" if sso.status == "error"
26
+
27
+ @user_info = sso.user_info
28
+
29
+ super
30
+ rescue OmniAuth::NoSessionError => e
31
+ fail!(:invalid_credentials, e)
32
+ end
33
+
34
+ uid do
35
+ user_info[:external_id]
36
+ end
37
+
38
+ info do
39
+ {
40
+ "name" => user_info[:name],
41
+ "email" => user_info[:email],
42
+ "nickname" => user_info[:username]
43
+ }
44
+ end
45
+
46
+ extra do
47
+ {
48
+ "admin" => user_info[:admin] == "true",
49
+ "moderator" => user_info[:moderator] == "true"
50
+ }
51
+ end
52
+ end
53
+ end
54
+ end
data/lib/omniauth/strategies/discourse/sso.rb ADDED
@@ -0,0 +1,86 @@
1
+ require "securerandom"
2
+
3
+ module OmniAuth
4
+ module Strategies
5
+ class Discourse
6
+ class SSO
7
+ attr_accessor :nonce, :user_info, :status, :message
8
+
9
+ def initialize(sso_secret, sso_url, return_url, nonce = nil)
10
+ @sso_secret, @sso_url, @return_url = sso_secret, sso_url, return_url
11
+ @nonce = nonce ? nonce : generate_nonce!
12
+ end
13
+
14
+ def generate_nonce!
15
+ SecureRandom.hex()
16
+ end
17
+
18
+ def request_url
19
+ "#{ @sso_url }?sso=#{ url_encoded_payload }&sig=#{ hex_signature }"
20
+ end
21
+
22
+ def parse(params)
23
+ #params should be something that looks like: {"sso": "xxxxxx", "sig": "yyyyyy"}
24
+ if get_hmac_hex_string(params["sso"]) == params["sig"]
25
+ if base64? params["sso"]
26
+ decoded_hash = Rack::Utils.parse_query(Base64.decode64(params["sso"]))
27
+ decoded_hash.symbolize_keys!
28
+ if decoded_hash[:nonce] == @nonce
29
+ @status = "success"
30
+ decoded_hash.delete(:nonce)
31
+ @user_info = decoded_hash
32
+ @message = "SSO verification passed."
33
+ return self
34
+ else
35
+ @status = "error"
36
+ @user_info = nil
37
+ @message = "SSO verification failed. Nonce mismatch."
38
+ return nil
39
+ end
40
+ else
41
+ @status = "error"
42
+ @user_info = nil
43
+ @message = "The sso string is supposed to be encoded in Base64."
44
+ return nil
45
+ end
46
+ else
47
+ @status = "error"
48
+ @user_info = nil
49
+ @message = "HMAC mismatch. The message may have been tampered with."
50
+ return nil
51
+ end
52
+ end
53
+
54
+ private
55
+ def raw_payload
56
+ unless @nonce
57
+ raise "You must generate a nonce by calling generate_nonce! first."
58
+ else
59
+ "nonce=#{ @nonce }&return_sso_url=#{ @return_url }"
60
+ end
61
+ end
62
+
63
+ def base64_encoded_payload
64
+ Base64.encode64(raw_payload)
65
+ end
66
+
67
+ def url_encoded_payload
68
+ URI.escape(base64_encoded_payload)
69
+ end
70
+
71
+ def hex_signature
72
+ get_hmac_hex_string base64_encoded_payload
73
+ end
74
+
75
+ def get_hmac_hex_string payload
76
+ OpenSSL::HMAC.hexdigest("sha256", @sso_secret, payload)
77
+ end
78
+
79
+ def base64? data
80
+ !(data =~ /[^a-zA-Z0-9=\r\n\/+]/m)
81
+ end
82
+
83
+ end
84
+ end
85
+ end
86
+ end
data/omniauth-discourse.gemspec ADDED
@@ -0,0 +1,20 @@
1
+ require File.expand_path("../lib/omniauth-discourse/version", __FILE__)
2
+
3
+ Gem::Specification.new do |gem|
4
+ gem.authors = ["Noah Lackstein"]
5
+ gem.email = ["noah@lackstein.com"]
6
+ gem.description = "A generic strategy for OmniAuth to authenticate against Discourse forum's SSO."
7
+ gem.summary = gem.description
8
+ gem.homepage = "https://github.com/lackstein/omniauth-discourse"
9
+ gem.license = "MIT"
10
+
11
+ gem.add_dependency "omniauth", "~> 1.0"
12
+ gem.add_development_dependency "bundler", "~> 1.9"
13
+
14
+ gem.executables = `git ls-files -- bin/*`.split("\n").map { |f| File.basename(f) }
15
+ gem.files = `git ls-files`.split("\n")
16
+ gem.test_files = `git ls-files -- {test,spec,features}/*`.split("\n")
17
+ gem.name = "omniauth-discourse"
18
+ gem.require_paths = ["lib"]
19
+ gem.version = OmniAuth::Discourse::VERSION
20
+ end
metadata ADDED
@@ -0,0 +1,85 @@
1
+ --- !ruby/object:Gem::Specification
2
+ name: omniauth-discourse
3
+ version: !ruby/object:Gem::Version
4
+ version: 1.0.0
5
+ platform: ruby
6
+ authors:
7
+ - Noah Lackstein
8
+ autorequire:
9
+ bindir: bin
10
+ cert_chain: []
11
+ date: 2016-05-20 00:00:00.000000000 Z
12
+ dependencies:
13
+ - !ruby/object:Gem::Dependency
14
+ name: omniauth
15
+ requirement: !ruby/object:Gem::Requirement
16
+ requirements:
17
+ - - "~>"
18
+ - !ruby/object:Gem::Version
19
+ version: '1.0'
20
+ type: :runtime
21
+ prerelease: false
22
+ version_requirements: !ruby/object:Gem::Requirement
23
+ requirements:
24
+ - - "~>"
25
+ - !ruby/object:Gem::Version
26
+ version: '1.0'
27
+ - !ruby/object:Gem::Dependency
28
+ name: bundler
29
+ requirement: !ruby/object:Gem::Requirement
30
+ requirements:
31
+ - - "~>"
32
+ - !ruby/object:Gem::Version
33
+ version: '1.9'
34
+ type: :development
35
+ prerelease: false
36
+ version_requirements: !ruby/object:Gem::Requirement
37
+ requirements:
38
+ - - "~>"
39
+ - !ruby/object:Gem::Version
40
+ version: '1.9'
41
+ description: A generic strategy for OmniAuth to authenticate against Discourse forum's
42
+ SSO.
43
+ email:
44
+ - noah@lackstein.com
45
+ executables: []
46
+ extensions: []
47
+ extra_rdoc_files: []
48
+ files:
49
+ - ".gitignore"
50
+ - ".rubocop.yml"
51
+ - Gemfile
52
+ - LICENSE
53
+ - README.md
54
+ - Rakefile
55
+ - lib/omniauth-discourse.rb
56
+ - lib/omniauth-discourse/version.rb
57
+ - lib/omniauth/strategies/discourse.rb
58
+ - lib/omniauth/strategies/discourse/sso.rb
59
+ - omniauth-discourse.gemspec
60
+ homepage: https://github.com/lackstein/omniauth-discourse
61
+ licenses:
62
+ - MIT
63
+ metadata: {}
64
+ post_install_message:
65
+ rdoc_options: []
66
+ require_paths:
67
+ - lib
68
+ required_ruby_version: !ruby/object:Gem::Requirement
69
+ requirements:
70
+ - - ">="
71
+ - !ruby/object:Gem::Version
72
+ version: '0'
73
+ required_rubygems_version: !ruby/object:Gem::Requirement
74
+ requirements:
75
+ - - ">="
76
+ - !ruby/object:Gem::Version
77
+ version: '0'
78
+ requirements: []
79
+ rubyforge_project:
80
+ rubygems_version: 2.5.1
81
+ signing_key:
82
+ specification_version: 4
83
+ summary: A generic strategy for OmniAuth to authenticate against Discourse forum's
84
+ SSO.
85
+ test_files: []