omniauth-geni 1.0.0

data/Gemfile

@@ -0,0 +1,5 @@
+source :rubygems
+
+gemspec
+
+gem 'jruby-openssl', :platform => :jruby

data/Gemfile.lock

@@ -0,0 +1,46 @@
+PATH
+  remote: .
+  specs:
+    omniauth-geni (1.0.0)
+      omniauth-oauth2 (~> 1.0.0)
+
+GEM
+  remote: http://rubygems.org/
+  specs:
+    addressable (2.2.6)
+    diff-lcs (1.1.3)
+    faraday (0.7.6)
+      addressable (~> 2.2)
+      multipart-post (~> 1.1)
+      rack (~> 1.1)
+    hashie (1.2.0)
+    multi_json (1.0.4)
+    multipart-post (1.1.4)
+    oauth2 (0.5.2)
+      faraday (~> 0.7)
+      multi_json (~> 1.0)
+    omniauth (1.0.2)
+      hashie (~> 1.2)
+      rack
+    omniauth-oauth2 (1.0.0)
+      oauth2 (~> 0.5.0)
+      omniauth (~> 1.0)
+    rack (1.4.1)
+    rake (0.9.2.2)
+    rspec (2.7.0)
+      rspec-core (~> 2.7.0)
+      rspec-expectations (~> 2.7.0)
+      rspec-mocks (~> 2.7.0)
+    rspec-core (2.7.1)
+    rspec-expectations (2.7.0)
+      diff-lcs (~> 1.1.2)
+    rspec-mocks (2.7.0)
+
+PLATFORMS
+  ruby
+
+DEPENDENCIES
+  jruby-openssl
+  omniauth-geni!
+  rake
+  rspec (~> 2.7.0)

data/README.md

@@ -0,0 +1,75 @@
+# OmniAuth Geni
+
+Geni OAuth2 Strategy for OmniAuth 1.0.
+
+Supports the OAuth 2.0 server-side. Read the Geni docs for more details: http://www.geni.com/platform/developer/help
+
+## Installing
+
+Add to your `Gemfile`:
+
+```ruby
+gem 'omniauth-geni'
+```
+
+Then `bundle install`.
+
+## Usage
+
+`OmniAuth::Strategies::Geni` is simply a Rack middleware. Read the OmniAuth 1.0 docs for detailed instructions: https://github.com/intridea/omniauth.
+
+Here's a quick example, adding the middleware to a Rails app in `config/initializers/omniauth.rb`:
+
+```ruby
+Rails.application.config.middleware.use OmniAuth::Builder do
+  provider :geni, ENV['GENI_KEY'], ENV['GENI_SECRET']
+end
+```
+
+## Configuring
+
+You can configure several options, which you pass in to the `provider` method via a `Hash`:
+
+* `scope`: A comma-separated list of permissions you want to request from the user. See the Geni docs for a full list of available permissions. Default: `email`.
+* `display`: The display context to show the authentication page. Options are: `web`, `desktop` and `mobile`. Default: `web`.
+
+For example, to request `email` permission and display the authorization page in a mobile app:
+ 
+```ruby
+Rails.application.config.middleware.use OmniAuth::Builder do
+  provider :geni, ENV['GENI_KEY'], ENV['GENI_SECRET'], :scope => 'email', :display => 'mobile'
+end
+```
+
+If you want to set the `display` format on a per-request basis, you can just pass it to the OmniAuth request phase URL, for example: `/auth/geni?display=popup`.
+
+## Authentication Hash
+
+Here's an example *Authentication Hash* available in `request.env['omniauth.auth']`:
+
+```ruby
+{
+  :provider => 'geni',
+  :uid => '123',
+  :info => {
+    :first_name => 'Alex',
+    :last_name => 'Thompson',
+    :email => 'alex@sample.com',
+    :name => 'Alex Thompson'
+  },
+  :credentials => {
+    :token => 'ABCDEF...', 			# OAuth 2.0 access_token
+    :expires_at => 1321747205 	# when the access token expires
+  },
+  :extra => {
+    :profile => {
+      :id => '1234567',
+      :name => 'Alex Thompson',
+      :first_name => 'Alex',
+      :last_name => 'Thompson'
+    }
+  }
+}
+```
+
+The precise information available may depend on the permissions which you request.

data/Rakefile

@@ -0,0 +1,6 @@
+require 'bundler/gem_tasks'
+require 'rspec/core/rake_task'
+
+RSpec::Core::RakeTask.new(:spec)
+
+task :default => :spec

data/example/Gemfile

@@ -0,0 +1,6 @@
+source :rubygems
+
+gem 'rack', '~> 1.3.6'
+
+gem 'sinatra'
+gem 'omniauth-geni', :path => '../'

data/example/Gemfile.lock

@@ -0,0 +1,42 @@
+PATH
+  remote: ../
+  specs:
+    omniauth-geni (1.0.0)
+      omniauth-oauth2 (~> 1.0.0)
+
+GEM
+  remote: http://rubygems.org/
+  specs:
+    addressable (2.2.6)
+    faraday (0.7.6)
+      addressable (~> 2.2)
+      multipart-post (~> 1.1)
+      rack (~> 1.1)
+    hashie (1.2.0)
+    multi_json (1.0.4)
+    multipart-post (1.1.4)
+    oauth2 (0.5.2)
+      faraday (~> 0.7)
+      multi_json (~> 1.0)
+    omniauth (1.0.2)
+      hashie (~> 1.2)
+      rack
+    omniauth-oauth2 (1.0.0)
+      oauth2 (~> 0.5.0)
+      omniauth (~> 1.0)
+    rack (1.3.6)
+    rack-protection (1.2.0)
+      rack
+    sinatra (1.3.2)
+      rack (~> 1.3, >= 1.3.6)
+      rack-protection (~> 1.2)
+      tilt (~> 1.3, >= 1.3.3)
+    tilt (1.3.3)
+
+PLATFORMS
+  ruby
+
+DEPENDENCIES
+  omniauth-geni!
+  rack (~> 1.3.6)
+  sinatra

data/example/config.ru

@@ -0,0 +1,31 @@
+require 'bundler/setup'
+require 'sinatra/base'
+require 'omniauth-geni'
+
+SCOPE = 'email'
+
+class App < Sinatra::Base
+
+  get '/' do
+    redirect '/auth/geni'
+  end
+
+  get '/auth/:provider/callback' do
+    content_type 'application/json'
+    MultiJson.encode(request.env)
+  end
+  
+  get '/auth/failure' do
+    content_type 'application/json'
+    MultiJson.encode(request.env)
+  end
+
+end
+
+use Rack::Session::Cookie
+
+use OmniAuth::Builder do
+  provider :geni, ENV['APP_ID'], ENV['APP_SECRET'], :scope => SCOPE
+end
+
+run App.new

data/lib/omniauth/geni/version.rb

@@ -0,0 +1,5 @@
+module OmniAuth
+  module Geni
+    VERSION = "1.0.0"
+  end
+end

data/lib/omniauth/geni.rb

@@ -0,0 +1,2 @@
+require 'omniauth/geni/version'
+require 'omniauth/strategies/geni'

data/lib/omniauth/strategies/geni.rb

@@ -0,0 +1,84 @@
+require 'omniauth-oauth2'
+
+module OmniAuth
+  module Strategies
+    class Geni < OmniAuth::Strategies::OAuth2
+
+      option :client_options, {
+        :site => 'https://www.geni.com',
+        :authorize_url => '/platform/oauth/authorize',
+        :token_url => '/platform/oauth/request_token'
+      }
+
+      option :authorize_params, {
+        
+      }
+
+      option :name, 'geni'
+
+      option :access_token_options, {
+        :header_format => 'OAuth %s',
+        :param_name => 'access_token'
+      }
+      
+      option :authorize_options, [:scope, :display]
+
+      def request_phase
+        super
+      end
+
+      def build_access_token
+        token_params = {
+          :code => request.params['code'],
+          :redirect_uri => callback_url,
+          :client_id => client.id,
+          :client_secret => client.secret
+        }
+        client.get_token(token_params)
+      end
+      
+      uid { raw_info['id'] }
+      
+      info do
+        prune!({
+          'name'           => raw_info['name'],
+          'first_name'     => raw_info['first_name'],
+          'last_name'      => raw_info['last_name'],
+          'email'          => raw_info['email'],
+          'gender'         => raw_info['gender'],
+          'mugshot_urls'   => raw_info['mugshot_urls'],
+          'name'           => raw_info['name'],
+          'url'            => raw_info['url'],
+        })
+      end
+      
+      extra do 
+        { 'profile' =>  prune!(raw_info) }
+      end
+      
+      def raw_info
+        @raw_info ||= access_token.get('/api/profile').parsed
+      end
+
+      def authorize_params
+        super.tap do |params|
+          params.merge!(:display => request.params['display']) if request.params['display']
+          params.merge!(:state => request.params['state']) if request.params['state']
+          params[:scope] ||= 'email'
+        end
+      end
+
+      private
+
+      def prune!(hash)
+        hash.delete_if do |_, value|
+          prune!(value) if value.is_a?(Hash)
+          value.nil? || (value.respond_to?(:empty?) && value.empty?)
+        end
+      end
+
+    end
+  end
+end
+
+OmniAuth.config.add_camelization 'geni', 'Geni'

data/lib/omniauth-geni.rb

@@ -0,0 +1 @@
+require 'omniauth/geni'

data/omniauth-geni.gemspec

@@ -0,0 +1,22 @@
+# -*- encoding: utf-8 -*-
+$:.push File.expand_path('../lib', __FILE__)
+require 'omniauth/geni/version'
+
+Gem::Specification.new do |s|
+  s.name     = 'omniauth-geni'
+  s.version  = OmniAuth::Geni::VERSION
+  s.authors  = ['Michael Berkovich']
+  s.email    = ['theiceberk@gmail.com']
+  s.summary  = 'Geni strategy for OmniAuth'
+  s.homepage = 'https://github.com/berk/omniauth-geni'
+
+  s.files         = `git ls-files`.split("\n")
+  s.test_files    = `git ls-files -- {test,spec,features}/*`.split("\n")
+  s.executables   = `git ls-files -- bin/*`.split("\n").map { |f| File.basename(f) }
+  s.require_paths = ['lib']
+
+  s.add_runtime_dependency 'omniauth-oauth2', '~> 1.0.0'
+
+  s.add_development_dependency 'rspec', '~> 2.7.0'
+  s.add_development_dependency 'rake'
+end

data/spec/omniauth/strategies/geni_spec.rb

@@ -0,0 +1,180 @@
+require 'spec_helper'
+require 'omniauth-geni'
+
+describe OmniAuth::Strategies::Geni do
+  before :each do
+    @request = double('Request')
+    @request.stub(:params) { {} }
+    @request.stub(:cookies) { {} }
+    
+    @client_id = 'abc'
+    @client_secret = 'def'
+  end
+  
+  subject do
+    args = [@client_id, @client_secret, @options].compact
+    OmniAuth::Strategies::Geni.new(nil, *args).tap do |strategy|
+      strategy.stub(:request) { @request }
+    end
+  end
+
+  it_should_behave_like 'an oauth2 strategy'
+
+  describe '#client' do
+    it 'has correct site' do
+      subject.client.site.should eq('https://www.geni.com')
+    end
+
+    it 'has correct authorize url' do
+      subject.client.options[:authorize_url].should eq('/platform/oauth/authorize')
+    end
+
+    it 'has correct token url' do
+      subject.client.options[:token_url].should eq('/platform/oauth/request_token')
+    end
+  end
+
+  describe '#authorize_params' do
+    it 'includes display parameter from request when present' do
+      @request.stub(:params) { { 'display' => 'mobile' } }
+      subject.authorize_params.should be_a(Hash)
+      subject.authorize_params[:display].should eq('mobile')
+    end
+
+    it 'includes state parameter from request when present' do
+      @request.stub(:params) { { 'state' => 'some_state' } }
+      subject.authorize_params.should be_a(Hash)
+      subject.authorize_params[:state].should eq('some_state')
+    end
+  end
+  
+  describe '#uid' do
+    before :each do
+      subject.stub(:raw_info) { { 'id' => '123' } }
+    end
+    
+    it 'returns the id from raw_info' do
+      subject.uid.should eq('123')
+    end
+  end
+  
+  describe '#info' do
+    before :each do
+      @raw_info ||= { 'first_name' => 'Alex' }
+      subject.stub(:raw_info) { @raw_info }
+    end
+    
+    context 'when optional data is not present in raw info' do
+      it 'has no email key' do
+        subject.info.should_not have_key('email')
+      end
+    
+      it 'has no last name key' do
+        subject.info.should_not have_key('last_name')
+      end
+    end
+    
+    context 'when data is present in raw info' do
+      it 'returns first name' do
+        subject.info['first_name'].should eq('Alex')
+      end
+    
+      it 'returns the email' do
+        @raw_info['email'] = 'fred@smith.com'
+        subject.info['email'].should eq('fred@smith.com')
+      end
+    end
+  end
+  
+  describe '#raw_info' do
+    before :each do
+      @access_token = double('OAuth2::AccessToken')
+      subject.stub(:access_token) { @access_token }
+    end
+    
+    it 'performs a GET to https://www.geni.com/api/profile' do
+      @access_token.stub(:get) { double('OAuth2::Response').as_null_object }
+      @access_token.should_receive(:get).with('/api/profile')
+      subject.raw_info
+    end
+    
+    it 'returns a Hash' do
+      @access_token.stub(:get).with('/api/profile') do
+        raw_response = double('Faraday::Response')
+        raw_response.stub(:body) { '{ "ohai": "thar" }' }
+        raw_response.stub(:status) { 200 }
+        raw_response.stub(:headers) { { 'Content-Type' => 'application/json' } }
+        OAuth2::Response.new(raw_response)
+      end
+      subject.raw_info.should be_a(Hash)
+      subject.raw_info['ohai'].should eq('thar')
+    end
+  end
+
+  describe '#credentials' do
+    before :each do
+      @access_token = double('OAuth2::AccessToken')
+      @access_token.stub(:token)
+      @access_token.stub(:expires?)
+      @access_token.stub(:expires_at)
+      @access_token.stub(:refresh_token)
+      subject.stub(:access_token) { @access_token }
+    end
+    
+    it 'returns a Hash' do
+      subject.credentials.should be_a(Hash)
+    end
+    
+    it 'returns the token' do
+      @access_token.stub(:token) { '123' }
+      subject.credentials['token'].should eq('123')
+    end
+    
+    it 'returns the expiry status' do
+      @access_token.stub(:expires?) { true }
+      subject.credentials['expires'].should eq(true)
+      
+      @access_token.stub(:expires?) { false }
+      subject.credentials['expires'].should eq(false)
+    end
+    
+    it 'returns the refresh token and expiry time when expiring' do
+      ten_mins_from_now = (Time.now + 600).to_i
+      @access_token.stub(:expires?) { true }
+      @access_token.stub(:refresh_token) { '321' }
+      @access_token.stub(:expires_at) { ten_mins_from_now }
+      subject.credentials['refresh_token'].should eq('321')
+      subject.credentials['expires_at'].should eq(ten_mins_from_now)
+    end
+    
+    it 'does not return the refresh token when it is nil and expiring' do
+      @access_token.stub(:expires?) { true }
+      @access_token.stub(:refresh_token) { nil }
+      subject.credentials['refresh_token'].should be_nil
+      subject.credentials.should_not have_key('refresh_token')
+    end
+    
+    it 'does not return the refresh token when not expiring' do
+      @access_token.stub(:expires?) { false }
+      @access_token.stub(:refresh_token) { 'XXX' }
+      subject.credentials['refresh_token'].should be_nil
+      subject.credentials.should_not have_key('refresh_token')
+    end
+  end
+  
+  describe '#extra' do
+    before :each do
+      @raw_info = { 'name' => 'Fred Smith' }
+      subject.stub(:raw_info) { @raw_info }
+    end
+    
+    it 'returns a Hash' do
+      subject.extra.should be_a(Hash)
+    end
+    
+    it 'contains raw info' do
+      subject.extra.should eq({ 'profile' => @raw_info })
+    end
+  end
+
+end

data/spec/spec_helper.rb

@@ -0,0 +1,6 @@
+require 'bundler/setup'
+require 'rspec'
+Dir[File.expand_path('../support/**/*', __FILE__)].each { |f| require f }
+
+RSpec.configure do |config|
+end

data/spec/support/shared_examples.rb

@@ -0,0 +1,37 @@
+# NOTE it would be useful if this lived in omniauth-oauth2 eventually
+shared_examples 'an oauth2 strategy' do
+  describe '#client' do
+    it 'should be initialized with symbolized client_options' do
+      @options = { :client_options => { 'authorize_url' => 'https://example.com' } }
+      subject.client.options[:authorize_url].should == 'https://example.com'
+    end
+  end
+
+  describe '#authorize_params' do
+    it 'should include any authorize params passed in the :authorize_params option' do
+      @options = { :authorize_params => { :foo => 'bar', :baz => 'zip' } }
+      subject.authorize_params['foo'].should eq('bar')
+      subject.authorize_params['baz'].should eq('zip')
+    end
+
+    it 'should include top-level options that are marked as :authorize_options' do
+      @options = { :authorize_options => [:scope, :foo], :scope => 'bar', :foo => 'baz' }
+      subject.authorize_params['scope'].should eq('bar')
+      subject.authorize_params['foo'].should eq('baz')
+    end
+  end
+
+  describe '#token_params' do
+    it 'should include any authorize params passed in the :authorize_params option' do
+      @options = { :token_params => { :foo => 'bar', :baz => 'zip' } }
+      subject.token_params['foo'].should eq('bar')
+      subject.token_params['baz'].should eq('zip')
+    end
+
+    it 'should include top-level options that are marked as :authorize_options' do
+      @options = { :token_options => [:scope, :foo], :scope => 'bar', :foo => 'baz' }
+      subject.token_params['scope'].should eq('bar')
+      subject.token_params['foo'].should eq('baz')
+    end
+  end
+end

metadata

@@ -0,0 +1,96 @@
+--- !ruby/object:Gem::Specification
+name: omniauth-geni
+version: !ruby/object:Gem::Version
+  version: 1.0.0
+  prerelease: 
+platform: ruby
+authors:
+- Michael Berkovich
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2012-02-09 00:00:00.000000000Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: omniauth-oauth2
+  requirement: &70128714570740 !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 1.0.0
+  type: :runtime
+  prerelease: false
+  version_requirements: *70128714570740
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: &70128714570100 !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 2.7.0
+  type: :development
+  prerelease: false
+  version_requirements: *70128714570100
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: &70128714569340 !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: *70128714569340
+description: 
+email:
+- theiceberk@gmail.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- Gemfile
+- Gemfile.lock
+- README.md
+- Rakefile
+- example/Gemfile
+- example/Gemfile.lock
+- example/config.ru
+- lib/omniauth-geni.rb
+- lib/omniauth/geni.rb
+- lib/omniauth/geni/version.rb
+- lib/omniauth/strategies/geni.rb
+- omniauth-geni.gemspec
+- spec/omniauth/strategies/geni_spec.rb
+- spec/spec_helper.rb
+- spec/support/shared_examples.rb
+homepage: https://github.com/berk/omniauth-geni
+licenses: []
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 1.8.10
+signing_key: 
+specification_version: 3
+summary: Geni strategy for OmniAuth
+test_files:
+- spec/omniauth/strategies/geni_spec.rb
+- spec/spec_helper.rb
+- spec/support/shared_examples.rb