omniauth-google-id-token 1.0.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- data/.gitignore +18 -0
- data/.rspec +2 -0
- data/Dockerfile +24 -0
- data/Gemfile +18 -0
- data/Guardfile +8 -0
- data/LICENSE.txt +22 -0
- data/README.md +83 -0
- data/Rakefile +6 -0
- data/build.sh +9 -0
- data/docker-compose.yml +8 -0
- data/lib/omniauth/google_id_token/version.rb +5 -0
- data/lib/omniauth/google_id_token.rb +2 -0
- data/lib/omniauth/strategies/google_id_token.rb +91 -0
- data/lib/omniauth-google-id-token.rb +1 -0
- data/omniauth-google-id-token.gemspec +28 -0
- data/rspec.sh +3 -0
- data/spec/lib/omniauth/strategies/google_id_token_spec.rb +99 -0
- data/spec/spec_helper.rb +35 -0
- metadata +176 -0
checksums.yaml
ADDED
@@ -0,0 +1,7 @@
|
|
1
|
+
---
|
2
|
+
SHA256:
|
3
|
+
metadata.gz: 425802e1587c5e8afa16a3e4b61d535dcd330eb359160c57208b5ab888e3cf8b
|
4
|
+
data.tar.gz: 3e31bc2a0abd6ba90fc88f5b2cff2bbbca22343ca7e89e281f42020aa9de3665
|
5
|
+
SHA512:
|
6
|
+
metadata.gz: fbf39583b5f0ee0570d4cef96349168ee8884c9179a48c5f35260a34c22f223382fab9fa7223eef9729a6eb8e37b0e8659f4514e3f7a053e5a022a1c7919b31a
|
7
|
+
data.tar.gz: f18ed904fe16a8aaa6636a1c5ae31412e1824de327aebe38ea632c9170d7db65819905cf69ab8d6d16cc68eca55b4638a3f93dee32d91099932fd3ccc8ad7efb
|
data/.gitignore
ADDED
data/.rspec
ADDED
data/Dockerfile
ADDED
@@ -0,0 +1,24 @@
|
|
1
|
+
FROM ruby:2.3
|
2
|
+
|
3
|
+
RUN mkdir -p /src
|
4
|
+
WORKDIR /src
|
5
|
+
|
6
|
+
COPY Gemfile /src/Gemfile
|
7
|
+
COPY Gemfile.lock /src/Gemfile.lock
|
8
|
+
COPY omniauth-google-id-token.gemspec /src/omniauth-google-id-token.gemspec
|
9
|
+
COPY lib /src/lib
|
10
|
+
|
11
|
+
ENV BUNDLE_GEMFILE=/src/Gemfile \
|
12
|
+
BUNDLE_JOBS=2 \
|
13
|
+
BUNDLE_PATH=/src/vendor/bundle \
|
14
|
+
GEM_PATH=/src/vendor/bundle \
|
15
|
+
BUNDLE_APP_CONFIG=/src/vendor/bundle \
|
16
|
+
BUNDLE_BIN=/src/vendor/bundle/bin \
|
17
|
+
BUNDLE_BINSTUBS=/src/vendor/bundle/binstubs \
|
18
|
+
PATH=/src/vendor/bundle/bin:$PATH
|
19
|
+
|
20
|
+
RUN bundle install
|
21
|
+
|
22
|
+
COPY . .
|
23
|
+
|
24
|
+
CMD ["rspec"]
|
data/Gemfile
ADDED
@@ -0,0 +1,18 @@
|
|
1
|
+
source 'https://rubygems.org'
|
2
|
+
|
3
|
+
# Specify your gem's dependencies in omniauth-google-id-token.gemspec
|
4
|
+
gemspec
|
5
|
+
|
6
|
+
group :test, :development do
|
7
|
+
gem 'googleauth'
|
8
|
+
gem 'jwt' # For testing
|
9
|
+
gem 'multi_json' # For testing
|
10
|
+
gem 'omniauth'
|
11
|
+
|
12
|
+
gem 'coveralls_reborn'
|
13
|
+
gem 'rack-test'
|
14
|
+
gem 'rest-client', '~> 1.8.0'
|
15
|
+
gem 'rubocop', require: false
|
16
|
+
gem 'simplecov-lcov'
|
17
|
+
gem 'webmock'
|
18
|
+
end
|
data/Guardfile
ADDED
data/LICENSE.txt
ADDED
@@ -0,0 +1,22 @@
|
|
1
|
+
Copyright (c) 2018 MasteryConnect Inc.
|
2
|
+
|
3
|
+
MIT License
|
4
|
+
|
5
|
+
Permission is hereby granted, free of charge, to any person obtaining
|
6
|
+
a copy of this software and associated documentation files (the
|
7
|
+
"Software"), to deal in the Software without restriction, including
|
8
|
+
without limitation the rights to use, copy, modify, merge, publish,
|
9
|
+
distribute, sublicense, and/or sell copies of the Software, and to
|
10
|
+
permit persons to whom the Software is furnished to do so, subject to
|
11
|
+
the following conditions:
|
12
|
+
|
13
|
+
The above copyright notice and this permission notice shall be
|
14
|
+
included in all copies or substantial portions of the Software.
|
15
|
+
|
16
|
+
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
|
17
|
+
EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
|
18
|
+
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
|
19
|
+
NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
|
20
|
+
LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
|
21
|
+
OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
|
22
|
+
WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
data/README.md
ADDED
@@ -0,0 +1,83 @@
|
|
1
|
+
# OmniAuth::GoogleIdToken
|
2
|
+
|
3
|
+
A [omnitauth](https://github.com/omniauth/omniauth) strategy primarily used for validating Google ID tokens
|
4
|
+
(JWT encoded) generated by Google authentication servers. As with other Omniauth strategies, it can also
|
5
|
+
redirect to Google's Sign In page.
|
6
|
+
|
7
|
+
As a validation strategy only this used by backend servers to validate Google ID tokens (Google
|
8
|
+
authenticated users) passed on by mobile or webapps e.g.
|
9
|
+
[ios](https://developers.google.com/identity/sign-in/ios/backend-auth),
|
10
|
+
[Android](https://developers.google.com/identity/sign-in/android/backend-auth),
|
11
|
+
[websites](https://developers.google.com/identity/sign-in/web/backend-auth).
|
12
|
+
|
13
|
+
This makes use of [google-id-token](https://github.com/google/google-id-token) for validating the ID token.
|
14
|
+
|
15
|
+
## Installation
|
16
|
+
|
17
|
+
Add this line to your application's Gemfile:
|
18
|
+
|
19
|
+
gem 'omniauth-google-id-token'
|
20
|
+
|
21
|
+
And then execute:
|
22
|
+
|
23
|
+
$ bundle
|
24
|
+
|
25
|
+
Or install it yourself as:
|
26
|
+
|
27
|
+
$ gem install omniauth-google-id-token
|
28
|
+
|
29
|
+
## Usage
|
30
|
+
|
31
|
+
You use OmniAuth::Strategies::GoogleIdToken just like you do any other OmniAuth strategy:
|
32
|
+
|
33
|
+
```ruby
|
34
|
+
use OmniAuth::Strategies::GoogleIdToken, aud_claim: '123.apps.googleusercontent.com', azp_claim: '123.apps.googleusercontent.com'
|
35
|
+
```
|
36
|
+
|
37
|
+
If this strategy is used primarily for validating a Google ID token, then the only required fields are
|
38
|
+
aud_claim and azp_claim.
|
39
|
+
|
40
|
+
If this strategy is also used for redirecting a user to the Google Sign In page before validation,
|
41
|
+
then a client_id is also required. An example of the URL can be found at
|
42
|
+
https://developers.google.com/identity/protocols/OAuth2WebServer#handlingresponse Sample OAuth 2.0 server
|
43
|
+
response section.
|
44
|
+
|
45
|
+
* **name:** The name of the strategy. The default name is `google_id_token` but it can be changed to any value, for
|
46
|
+
example `google`. The OmniAuth URL will thus change to `/auth/google` and the `provider` key in the auth hash will
|
47
|
+
then return `google`.
|
48
|
+
* **cert:** the x509 certificate can be provided to manually define a certificate to validate the tokens.
|
49
|
+
* **expiry:** Expiry defines the the time (in seconds) in which the cached Google certificates are valid.
|
50
|
+
* **uid_claim:** this determines which claim will be used to uniquely identify the user. Defaults
|
51
|
+
to `email`
|
52
|
+
* **client_id:** The client ID string that you obtain from the [API Console](https://console.developers.google.com/),
|
53
|
+
as described in [Obtain OAuth 2.0 credentials](https://developers.google.com/identity/protocols/OpenIDConnect#getcredentials)
|
54
|
+
* **aud_claim:** Identifies the audience that this ID token is intended for. It must be one of the OAuth 2.0 client
|
55
|
+
IDs of your application
|
56
|
+
* **azp_claim:** The client_id of the authorized presenter. This claim is only needed when the party requesting the
|
57
|
+
ID token is not the same as the audience of the ID token. This may be the case at Google for hybrid apps where a
|
58
|
+
web application and Android app have a different client_id but share the same project.
|
59
|
+
* **required_claims:** array of claims that are required to make this a valid authentication call.
|
60
|
+
Defaults to `['name', 'email']`
|
61
|
+
* **info_map:** array mapping claim values to info hash values. Defaults to mapping `name` and `email`
|
62
|
+
to the same in the info hash.
|
63
|
+
|
64
|
+
### Authentication Process
|
65
|
+
|
66
|
+
When you authenticate through `omniauth-google-id-token` you can send users to `/auth/googleidtoken`
|
67
|
+
and it will redirect them to the URL https://accounts.google.com/o/oauth2/auth (and example can be
|
68
|
+
found at https://developers.google.com/identity/protocols/OAuth2WebServer#handlingresponse
|
69
|
+
Sample OAuth 2.0 server response).
|
70
|
+
|
71
|
+
From there, Google generates a ID token and sends to the redirect_uri passed in URL query params.
|
72
|
+
The redirect_uri will look like '/auth/googleidtoken/callback`. This is the endpoint to send the id token
|
73
|
+
to if coming from a mobile or web app looking to validate a user with the backend server:
|
74
|
+
|
75
|
+
/auth/googleidtoken/callback?id_token=ENCODEDJWTGOESHERE
|
76
|
+
|
77
|
+
## Contributing
|
78
|
+
|
79
|
+
1. Fork it
|
80
|
+
2. Create your feature branch (`git checkout -b my-new-feature`)
|
81
|
+
3. Commit your changes (`git commit -am 'Add some feature'`)
|
82
|
+
4. Push to the branch (`git push origin my-new-feature`)
|
83
|
+
5. Create new Pull Request
|
data/Rakefile
ADDED
data/build.sh
ADDED
@@ -0,0 +1,9 @@
|
|
1
|
+
#!/bin/bash
|
2
|
+
|
3
|
+
if [ ! -f Gemfile.lock ]; then
|
4
|
+
docker run --rm -v "$PWD":/src -w /src ruby:2.5 bundle install --binstubs=/src/vendor/bundle/bin --path=/src/vendor/bundle
|
5
|
+
fi
|
6
|
+
|
7
|
+
docker build -t omniauth-google-id-token .
|
8
|
+
|
9
|
+
docker run --rm -v "$PWD":/src -w /src omniauth-google-id-token bundle install
|
data/docker-compose.yml
ADDED
@@ -0,0 +1,91 @@
|
|
1
|
+
require 'omniauth'
|
2
|
+
require 'googleauth'
|
3
|
+
module OmniAuth
|
4
|
+
module Strategies
|
5
|
+
class GoogleIdToken
|
6
|
+
include OmniAuth::Strategy
|
7
|
+
|
8
|
+
class ClaimInvalid < StandardError; end
|
9
|
+
|
10
|
+
def self.inherited(subclass) # rubocop:disable Lint/MissingSuper
|
11
|
+
OmniAuth::Strategy.included(subclass)
|
12
|
+
end
|
13
|
+
|
14
|
+
BASE_SCOPES = %w[profile email openid].freeze
|
15
|
+
RESPONSE_TYPES = %w[token id_token].freeze
|
16
|
+
|
17
|
+
option :name, 'google_id_token'
|
18
|
+
option :uid_claim, 'sub'
|
19
|
+
option :client_id, nil # Required for request_phase e.g. redirect to auth page
|
20
|
+
option :aud_claim, nil
|
21
|
+
option :azp_claim, nil
|
22
|
+
option :iss_claim, nil
|
23
|
+
option :required_claims, %w[email]
|
24
|
+
option :info_map, { 'name' => 'name', 'email' => 'email' }
|
25
|
+
|
26
|
+
def request_phase
|
27
|
+
redirect URI::HTTPS.build(host: 'accounts.google.com', path: '/o/oauth2/auth', query: URI.encode_www_form(authorize_params)).to_s.gsub( # rubocop:disable Layout/LineLength
|
28
|
+
/\+/, '%20'
|
29
|
+
)
|
30
|
+
end
|
31
|
+
|
32
|
+
def authorize_params # rubocop:disable Metrics/AbcSize
|
33
|
+
params = {}
|
34
|
+
params[:scope] = BASE_SCOPES.join(' ')
|
35
|
+
params[:access_type] = 'offline'
|
36
|
+
params[:include_granted_scopes] = true
|
37
|
+
params[:state] = SecureRandom.hex(24)
|
38
|
+
session['omniauth.state'] = params[:state]
|
39
|
+
params[:redirect_uri] = callback_url
|
40
|
+
params[:response_type] = RESPONSE_TYPES.join(' ')
|
41
|
+
params[:client_id] = options.client_id
|
42
|
+
params
|
43
|
+
end
|
44
|
+
|
45
|
+
def decoded # rubocop:disable Metrics/AbcSize,Metrics/MethodLength
|
46
|
+
unless @decoded
|
47
|
+
begin
|
48
|
+
@decoded = validator.verify_oidc(request.params['id_token'], aud: options.aud_claim, azp: options.azp_claim)
|
49
|
+
rescue StandardError => e
|
50
|
+
raise ClaimInvalid, e.message
|
51
|
+
end
|
52
|
+
end
|
53
|
+
|
54
|
+
(options.required_claims || []).each do |field|
|
55
|
+
raise ClaimInvalid, "Missing required '#{field}' claim." unless @decoded.key?(field.to_s)
|
56
|
+
end
|
57
|
+
@decoded
|
58
|
+
end
|
59
|
+
|
60
|
+
def callback_phase
|
61
|
+
super
|
62
|
+
rescue ClaimInvalid => e
|
63
|
+
fail! :claim_invalid, e
|
64
|
+
end
|
65
|
+
|
66
|
+
uid do
|
67
|
+
decoded[options.uid_claim]
|
68
|
+
end
|
69
|
+
|
70
|
+
extra do
|
71
|
+
{ raw_info: decoded }
|
72
|
+
end
|
73
|
+
|
74
|
+
info do
|
75
|
+
options.info_map.each_with_object({}) do |(k, v), h|
|
76
|
+
h[k.to_s] = decoded[v.to_s]
|
77
|
+
end
|
78
|
+
end
|
79
|
+
|
80
|
+
private
|
81
|
+
|
82
|
+
def validator
|
83
|
+
::Google::Auth::IDTokens::Verifier
|
84
|
+
end
|
85
|
+
|
86
|
+
def uid_lookup
|
87
|
+
@uid_lookup ||= options.uid_claim.new(request)
|
88
|
+
end
|
89
|
+
end
|
90
|
+
end
|
91
|
+
end
|
@@ -0,0 +1 @@
|
|
1
|
+
require "omniauth/google_id_token"
|
@@ -0,0 +1,28 @@
|
|
1
|
+
lib = File.expand_path('lib', __dir__)
|
2
|
+
$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
|
3
|
+
require 'omniauth/google_id_token/version'
|
4
|
+
|
5
|
+
Gem::Specification.new do |spec|
|
6
|
+
spec.name = 'omniauth-google-id-token'
|
7
|
+
spec.version = OmniAuth::GoogleIdToken::VERSION
|
8
|
+
spec.authors = ['Joshua Morris', 'Ho Trung Nhan']
|
9
|
+
spec.email = ['hotrungnhan29@gmail.com']
|
10
|
+
spec.description = 'An OmniAuth strategy to validate Google id tokens.'
|
11
|
+
spec.summary = 'An OmniAuth strategy to validate Google id tokens.'
|
12
|
+
spec.homepage = 'https://github.com/hotrungnhan/omniauth-google-id-token'
|
13
|
+
spec.license = 'MIT'
|
14
|
+
|
15
|
+
spec.files = `git ls-files`.split("\n")
|
16
|
+
spec.test_files = spec.files.grep(%r{^(test|spec|features)/})
|
17
|
+
spec.require_paths = ['lib']
|
18
|
+
|
19
|
+
spec.add_development_dependency 'bundler', '~> 2.4.21'
|
20
|
+
spec.add_development_dependency 'guard', '~> 2.14'
|
21
|
+
spec.add_development_dependency 'guard-rspec', '~> 4.7'
|
22
|
+
spec.add_development_dependency 'rack-test', '~> 0.8'
|
23
|
+
spec.add_development_dependency 'rake', '~> 12.3'
|
24
|
+
spec.add_development_dependency 'rspec', '~> 3.7'
|
25
|
+
|
26
|
+
spec.add_runtime_dependency 'googleauth', '~> 1.8.1'
|
27
|
+
spec.add_runtime_dependency 'omniauth', '~> 1.9.2'
|
28
|
+
end
|
data/rspec.sh
ADDED
@@ -0,0 +1,99 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
require 'multi_json'
|
3
|
+
require 'jwt'
|
4
|
+
|
5
|
+
describe OmniAuth::Strategies::GoogleIdToken do # rubocop:disable Metrics/BlockLength
|
6
|
+
let(:rsa_private) { OpenSSL::PKey::RSA.generate 512 }
|
7
|
+
let(:rsa_public) { rsa_private.public_key }
|
8
|
+
|
9
|
+
let(:response_json) { MultiJson.load(last_response.body) }
|
10
|
+
let(:id_token) { 'tokensss' }
|
11
|
+
let(:payload) do
|
12
|
+
{ 'iss' => 'https://accounts.google.com',
|
13
|
+
'nbf' => 161_803_398_874,
|
14
|
+
'aud' => 'http://example.com',
|
15
|
+
'sub' => '3141592653589793238',
|
16
|
+
'hd' => 'gmail.com',
|
17
|
+
'email' => 'bob@example.com',
|
18
|
+
'email_verified' => true,
|
19
|
+
'azp' => '314159265-pi.apps.googleusercontent.com',
|
20
|
+
'name' => 'Elisa Beckett',
|
21
|
+
'picture' => 'https://lh3.googleusercontent.com/a-/e2718281828459045235360uler',
|
22
|
+
'given_name' => 'Elisa',
|
23
|
+
'family_name' => 'Beckett',
|
24
|
+
'iat' => 1_596_474_000,
|
25
|
+
'exp' => 1_596_477_600,
|
26
|
+
'jti' => 'abc161803398874def' }
|
27
|
+
end
|
28
|
+
let(:aud_claim) { payload[:aud] }
|
29
|
+
let(:azp_claim) { payload[:azp] }
|
30
|
+
|
31
|
+
let(:client_id) { 'test_client_id' }
|
32
|
+
let(:args) do
|
33
|
+
[
|
34
|
+
{
|
35
|
+
aud_claim: payload[:aud],
|
36
|
+
azp_claim: payload[:azp],
|
37
|
+
client_id: client_id
|
38
|
+
}
|
39
|
+
]
|
40
|
+
end
|
41
|
+
|
42
|
+
let(:app) do
|
43
|
+
the_args = args
|
44
|
+
Rack::Builder.new do |b|
|
45
|
+
b.use Rack::Session::Cookie, secret: 'sekrit'
|
46
|
+
b.use OmniAuth::Strategies::GoogleIdToken, *the_args
|
47
|
+
b.run ->(env) { [200, {}, [(env['omniauth.auth'] || {}).to_json]] }
|
48
|
+
end
|
49
|
+
end
|
50
|
+
|
51
|
+
let(:api_url) { '/auth/google_id_token' }
|
52
|
+
|
53
|
+
describe 'Subclassing Behavior' do
|
54
|
+
subject { fresh_strategy }
|
55
|
+
|
56
|
+
it 'performs the OmniAuth::Strategy included hook' do
|
57
|
+
expect(OmniAuth.strategies).to include(OmniAuth::Strategies::GoogleIdToken)
|
58
|
+
end
|
59
|
+
end
|
60
|
+
|
61
|
+
describe 'request phase' do
|
62
|
+
it 'should redirect to the configured login url' do
|
63
|
+
post api_url
|
64
|
+
expect(last_response.status).to eq(302)
|
65
|
+
expect(last_response.headers['Location'].gsub(/&state=[0-9a-z]*/,
|
66
|
+
'')).to eq('https://accounts.google.com/o/oauth2/auth?scope=profile%20email%20openid&access_type=offline&include_granted_scopes=true&redirect_uri=http%3A%2F%2Fexample.org%2Fauth%2Fgoogle_id_token%2Fcallback&response_type=token%20id_token&client_id=test_client_id')
|
67
|
+
# Removed state random field
|
68
|
+
end
|
69
|
+
end
|
70
|
+
|
71
|
+
context 'callback phase' do
|
72
|
+
it 'should decode the response' do
|
73
|
+
allow(::Google::Auth::IDTokens::Verifier).to receive(:verify_oidc)
|
74
|
+
.with(id_token, aud: aud_claim, azp: azp_claim)
|
75
|
+
.and_return(payload)
|
76
|
+
|
77
|
+
post "#{api_url}/callback", id_token: id_token
|
78
|
+
expect(response_json['info']['email']).to eq('bob@example.com')
|
79
|
+
end
|
80
|
+
|
81
|
+
it 'should not work without required fields' do
|
82
|
+
payload.delete('email')
|
83
|
+
allow(::Google::Auth::IDTokens::Verifier).to receive(:verify_oidc)
|
84
|
+
.with(id_token, aud: aud_claim, azp: azp_claim)
|
85
|
+
.and_return(payload)
|
86
|
+
|
87
|
+
post "#{api_url}/callback", id_token: id_token
|
88
|
+
expect(last_response.status).to eq(302)
|
89
|
+
end
|
90
|
+
|
91
|
+
it 'should assign the uid' do
|
92
|
+
allow(::Google::Auth::IDTokens::Verifier).to receive(:verify_oidc)
|
93
|
+
.with(id_token, aud: aud_claim, azp: azp_claim)
|
94
|
+
.and_return(payload)
|
95
|
+
post "#{api_url}/callback", id_token: id_token
|
96
|
+
expect(response_json['uid']).to eq('3141592653589793238')
|
97
|
+
end
|
98
|
+
end
|
99
|
+
end
|
data/spec/spec_helper.rb
ADDED
@@ -0,0 +1,35 @@
|
|
1
|
+
$LOAD_PATH.unshift File.expand_path(__dir__)
|
2
|
+
$LOAD_PATH.unshift File.expand_path('../lib', __dir__)
|
3
|
+
|
4
|
+
if RUBY_VERSION >= '1.9'
|
5
|
+
require 'simplecov'
|
6
|
+
require 'simplecov-lcov'
|
7
|
+
require 'coveralls'
|
8
|
+
|
9
|
+
SimpleCov::Formatter::LcovFormatter.config.report_with_single_file = true
|
10
|
+
|
11
|
+
SimpleCov.formatters = [
|
12
|
+
SimpleCov::Formatter::HTMLFormatter,
|
13
|
+
SimpleCov::Formatter::LcovFormatter,
|
14
|
+
Coveralls::SimpleCov::Formatter
|
15
|
+
]
|
16
|
+
|
17
|
+
SimpleCov.start do
|
18
|
+
minimum_coverage(78.48)
|
19
|
+
end
|
20
|
+
end
|
21
|
+
|
22
|
+
require 'rspec'
|
23
|
+
require 'rack/test'
|
24
|
+
require 'webmock/rspec'
|
25
|
+
require 'omniauth'
|
26
|
+
require 'omniauth-google-id-token'
|
27
|
+
|
28
|
+
RSpec.configure do |config|
|
29
|
+
config.expect_with :rspec do |c|
|
30
|
+
c.syntax = :expect
|
31
|
+
end
|
32
|
+
config.extend OmniAuth::Test::StrategyMacros, type: :strategy
|
33
|
+
config.include Rack::Test::Methods
|
34
|
+
config.include WebMock::API
|
35
|
+
end
|
metadata
ADDED
@@ -0,0 +1,176 @@
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
2
|
+
name: omniauth-google-id-token
|
3
|
+
version: !ruby/object:Gem::Version
|
4
|
+
version: 1.0.0
|
5
|
+
platform: ruby
|
6
|
+
authors:
|
7
|
+
- Joshua Morris
|
8
|
+
- Ho Trung Nhan
|
9
|
+
autorequire:
|
10
|
+
bindir: bin
|
11
|
+
cert_chain: []
|
12
|
+
date: 2023-11-09 00:00:00.000000000 Z
|
13
|
+
dependencies:
|
14
|
+
- !ruby/object:Gem::Dependency
|
15
|
+
name: bundler
|
16
|
+
requirement: !ruby/object:Gem::Requirement
|
17
|
+
requirements:
|
18
|
+
- - "~>"
|
19
|
+
- !ruby/object:Gem::Version
|
20
|
+
version: 2.4.21
|
21
|
+
type: :development
|
22
|
+
prerelease: false
|
23
|
+
version_requirements: !ruby/object:Gem::Requirement
|
24
|
+
requirements:
|
25
|
+
- - "~>"
|
26
|
+
- !ruby/object:Gem::Version
|
27
|
+
version: 2.4.21
|
28
|
+
- !ruby/object:Gem::Dependency
|
29
|
+
name: guard
|
30
|
+
requirement: !ruby/object:Gem::Requirement
|
31
|
+
requirements:
|
32
|
+
- - "~>"
|
33
|
+
- !ruby/object:Gem::Version
|
34
|
+
version: '2.14'
|
35
|
+
type: :development
|
36
|
+
prerelease: false
|
37
|
+
version_requirements: !ruby/object:Gem::Requirement
|
38
|
+
requirements:
|
39
|
+
- - "~>"
|
40
|
+
- !ruby/object:Gem::Version
|
41
|
+
version: '2.14'
|
42
|
+
- !ruby/object:Gem::Dependency
|
43
|
+
name: guard-rspec
|
44
|
+
requirement: !ruby/object:Gem::Requirement
|
45
|
+
requirements:
|
46
|
+
- - "~>"
|
47
|
+
- !ruby/object:Gem::Version
|
48
|
+
version: '4.7'
|
49
|
+
type: :development
|
50
|
+
prerelease: false
|
51
|
+
version_requirements: !ruby/object:Gem::Requirement
|
52
|
+
requirements:
|
53
|
+
- - "~>"
|
54
|
+
- !ruby/object:Gem::Version
|
55
|
+
version: '4.7'
|
56
|
+
- !ruby/object:Gem::Dependency
|
57
|
+
name: rack-test
|
58
|
+
requirement: !ruby/object:Gem::Requirement
|
59
|
+
requirements:
|
60
|
+
- - "~>"
|
61
|
+
- !ruby/object:Gem::Version
|
62
|
+
version: '0.8'
|
63
|
+
type: :development
|
64
|
+
prerelease: false
|
65
|
+
version_requirements: !ruby/object:Gem::Requirement
|
66
|
+
requirements:
|
67
|
+
- - "~>"
|
68
|
+
- !ruby/object:Gem::Version
|
69
|
+
version: '0.8'
|
70
|
+
- !ruby/object:Gem::Dependency
|
71
|
+
name: rake
|
72
|
+
requirement: !ruby/object:Gem::Requirement
|
73
|
+
requirements:
|
74
|
+
- - "~>"
|
75
|
+
- !ruby/object:Gem::Version
|
76
|
+
version: '12.3'
|
77
|
+
type: :development
|
78
|
+
prerelease: false
|
79
|
+
version_requirements: !ruby/object:Gem::Requirement
|
80
|
+
requirements:
|
81
|
+
- - "~>"
|
82
|
+
- !ruby/object:Gem::Version
|
83
|
+
version: '12.3'
|
84
|
+
- !ruby/object:Gem::Dependency
|
85
|
+
name: rspec
|
86
|
+
requirement: !ruby/object:Gem::Requirement
|
87
|
+
requirements:
|
88
|
+
- - "~>"
|
89
|
+
- !ruby/object:Gem::Version
|
90
|
+
version: '3.7'
|
91
|
+
type: :development
|
92
|
+
prerelease: false
|
93
|
+
version_requirements: !ruby/object:Gem::Requirement
|
94
|
+
requirements:
|
95
|
+
- - "~>"
|
96
|
+
- !ruby/object:Gem::Version
|
97
|
+
version: '3.7'
|
98
|
+
- !ruby/object:Gem::Dependency
|
99
|
+
name: googleauth
|
100
|
+
requirement: !ruby/object:Gem::Requirement
|
101
|
+
requirements:
|
102
|
+
- - "~>"
|
103
|
+
- !ruby/object:Gem::Version
|
104
|
+
version: 1.8.1
|
105
|
+
type: :runtime
|
106
|
+
prerelease: false
|
107
|
+
version_requirements: !ruby/object:Gem::Requirement
|
108
|
+
requirements:
|
109
|
+
- - "~>"
|
110
|
+
- !ruby/object:Gem::Version
|
111
|
+
version: 1.8.1
|
112
|
+
- !ruby/object:Gem::Dependency
|
113
|
+
name: omniauth
|
114
|
+
requirement: !ruby/object:Gem::Requirement
|
115
|
+
requirements:
|
116
|
+
- - "~>"
|
117
|
+
- !ruby/object:Gem::Version
|
118
|
+
version: 1.9.2
|
119
|
+
type: :runtime
|
120
|
+
prerelease: false
|
121
|
+
version_requirements: !ruby/object:Gem::Requirement
|
122
|
+
requirements:
|
123
|
+
- - "~>"
|
124
|
+
- !ruby/object:Gem::Version
|
125
|
+
version: 1.9.2
|
126
|
+
description: An OmniAuth strategy to validate Google id tokens.
|
127
|
+
email:
|
128
|
+
- hotrungnhan29@gmail.com
|
129
|
+
executables: []
|
130
|
+
extensions: []
|
131
|
+
extra_rdoc_files: []
|
132
|
+
files:
|
133
|
+
- ".gitignore"
|
134
|
+
- ".rspec"
|
135
|
+
- Dockerfile
|
136
|
+
- Gemfile
|
137
|
+
- Guardfile
|
138
|
+
- LICENSE.txt
|
139
|
+
- README.md
|
140
|
+
- Rakefile
|
141
|
+
- build.sh
|
142
|
+
- docker-compose.yml
|
143
|
+
- lib/omniauth-google-id-token.rb
|
144
|
+
- lib/omniauth/google_id_token.rb
|
145
|
+
- lib/omniauth/google_id_token/version.rb
|
146
|
+
- lib/omniauth/strategies/google_id_token.rb
|
147
|
+
- omniauth-google-id-token.gemspec
|
148
|
+
- rspec.sh
|
149
|
+
- spec/lib/omniauth/strategies/google_id_token_spec.rb
|
150
|
+
- spec/spec_helper.rb
|
151
|
+
homepage: https://github.com/hotrungnhan/omniauth-google-id-token
|
152
|
+
licenses:
|
153
|
+
- MIT
|
154
|
+
metadata: {}
|
155
|
+
post_install_message:
|
156
|
+
rdoc_options: []
|
157
|
+
require_paths:
|
158
|
+
- lib
|
159
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
160
|
+
requirements:
|
161
|
+
- - ">="
|
162
|
+
- !ruby/object:Gem::Version
|
163
|
+
version: '0'
|
164
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
165
|
+
requirements:
|
166
|
+
- - ">="
|
167
|
+
- !ruby/object:Gem::Version
|
168
|
+
version: '0'
|
169
|
+
requirements: []
|
170
|
+
rubygems_version: 3.4.21
|
171
|
+
signing_key:
|
172
|
+
specification_version: 4
|
173
|
+
summary: An OmniAuth strategy to validate Google id tokens.
|
174
|
+
test_files:
|
175
|
+
- spec/lib/omniauth/strategies/google_id_token_spec.rb
|
176
|
+
- spec/spec_helper.rb
|