omniauth-idcat_mobil 0.2.0 → 0.2.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: dbf3f54bf96b95e6be09b01991e5f0cea7c9582c38d62b45c38b559e0e57a289
4
- data.tar.gz: 8bef3908b2ea44db626ced6a622e2270358b92249fad23d295ad46de744e7bfd
3
+ metadata.gz: c8300ff0763d3f698d9554aaea9af39888e587e27ebe5a0932833dccf7540da0
4
+ data.tar.gz: 17ec09c05d66d34b82ba663b1947d0db218b91bacc47894278eef36bf9b8cf8c
5
5
  SHA512:
6
- metadata.gz: b1521288cb619e74e7bf7f6b54c5a3fc3781df601e03d13b0eeb96b68666e1c4eef97760508ca7165ce59cadc6101a75419468156d1871c7796c31f6d50f9fe2
7
- data.tar.gz: b09d10e923f2c89d65cf872124709e37faba3e14301b9712c37f307328fef80761dd86ad422d0a05987203b917cad1dc42ad907d9a87bad7eccadc27d0782c3b
6
+ metadata.gz: a96b0fa966251a2ae1e8247e49e811584f6010dce67f7f9931b35d08e9beb31c08ac47c27ee80975e12acc931d6e4e6d3d526fff946c772c81517637c2592743
7
+ data.tar.gz: a3c684b87be83c364752e7c528e848259003f5a9cd1ab9edaf7e5c93d805e6ef15f78c5a366a8d60b5687eb28c8d2bea16fc65aa8ed7012a1afa7e6d259e8a08
data/.ruby-version ADDED
@@ -0,0 +1 @@
1
+ 2.7.3
data/CHANGELOG.md CHANGED
@@ -2,7 +2,11 @@
2
2
 
3
3
  ## next version:
4
4
 
5
- ## Version 0.2.0 (PATCH)
5
+ ## Version 0.2.1 (PATCH)
6
+ - Apply security upgrades
7
+ - Add a .ruby-version file
8
+
9
+ ## Version 0.2.0 (MINOR)
6
10
  - Remove Gemfile.lock to avoid forcing the versioning of apps using this gem.
7
11
 
8
12
  ## Version 0.1.1 (PATCH)
data/Gemfile CHANGED
@@ -6,7 +6,7 @@ git_source(:github) {|repo_name| "https://github.com/#{repo_name}" }
6
6
  gemspec
7
7
 
8
8
  group :test do
9
- gem "rack", ">= 1.6.2"
9
+ gem "rack", ">= 2.1.4"
10
10
  gem "rack-test"
11
11
  gem "rspec", "~> 3.0"
12
12
  end
data/README.md CHANGED
@@ -39,6 +39,24 @@ end
39
39
 
40
40
  `omniauth-idcat_mobil` is a standard OAuth2 strategy. It is based on `omniauth-oauth2` that is just an `omniauth` extension. Thus, you can also integrate it using [`omniauth` integrating guide](https://github.com/omniauth/omniauth).
41
41
 
42
+ ## Request/callback workflow
43
+
44
+ This is a quasi standard omniauth Strategy. It is not 100% standard because the standard is to have two phases. A +request_phase+, where our client application delegates the user authentication to the authentication provider (IdCat mòbil in this case), and a +callback_phase+, where the authentication provider invokes our application back with the result of the authentication and we negotiate the final access_token.
45
+ For IdCat mòbil we still need to perform an extra step during the +callback_phase+ to fetch users' data.
46
+
47
+ ### request_phase
48
+
49
+ `omniauth-idcat_mobil` does not implement this method, instead we rely in the default implementation in `OmniAuth::Strategies::OAuth2`.
50
+ It simply redirects the user to the authentiction provider to authenticate.
51
+ When users finish with the authentication workflow in IdCat mòbil, this authentication provider redirects them to our `callback_phase`.
52
+
53
+ ### callback_phase
54
+
55
+ This phase starts by checking the result of the authentication in the provider's site.
56
+ When users get authenticated, we still need to negotiate the access_token that we will need to perform extra requests to the provider system.
57
+ The access_token is obtained by performing a POST request to the provider. If this succeeds then we're ready to go and perform te `getUserInfo` request. This request is implemented in the `raw_info` method.
58
+ After a successful `getUserInfo` the superclass of this strategy fills the `info` so that our host application can access it and finishes with its authentication task.
59
+
42
60
  ## Incon assets
43
61
  We're including _IdCat mòbil_ icons in lib/decidim/idcat_mobil for the joy of the developer. They can be used to complement the OAuth2 button or alike.
44
62
 
@@ -1,5 +1,5 @@
1
1
  module Omniauth
2
2
  module IdCatMobil
3
- VERSION = "0.2.0"
3
+ VERSION = "0.2.1"
4
4
  end
5
5
  end
@@ -12,7 +12,7 @@ module OmniAuth
12
12
  # IdCat mòbil references:
13
13
  # - https://www.aoc.cat/wp-content/uploads/2016/01/di-valid-1.pdf
14
14
  class IdCatMobil < OmniAuth::Strategies::OAuth2
15
- # constructor arguments after `app` the first argument that should be a RackApp
15
+ # constructor arguments after `app`, the first argument, that should be a RackApp
16
16
  args [:client_id, :client_secret, :site]
17
17
 
18
18
  option :name, :idcat_mobil
@@ -70,9 +70,37 @@ module OmniAuth
70
70
  super
71
71
  end
72
72
 
73
+ # The +request_phase+ is the first phase after the setup/initialization phase.
74
+ #
75
+ # It is implemented in the OAuth2 superclass, and does the follwing:
76
+ # redirect client.auth_code.authorize_url({:redirect_uri => callback_url}.merge(options.authorize_params))
77
+ #
78
+ # We're overriding solely to log.
79
+ def request_phase
80
+ log("In `request_phase`, with params: redirect_uri=>#{callback_url}, options=>#{options.authorize_params}")
81
+ log("`request_phase`, redirecting the user to AOC...")
82
+ super
83
+ end
84
+
85
+ # The +callback_phase+ is the second phase, after the user returns from the authentication provider site.
86
+ #
87
+ # The result of the authentication may have ended in error, or success.
88
+ # In case of success we still have to ask the authentication provider for the access_token.
89
+ # That's what we do in this callback.
90
+ def callback_phase
91
+ log("In `callback_phase` with request params: #{request.params}")
92
+ log("Both should be equal otherwise a 'CSRF detected' error is raised: params state[#{request.params["state"]}] =? [#{session.delete("omniauth.state")}] session state.")
93
+ super
94
+ end
95
+
73
96
  def raw_info
97
+ log("Access token response was: #{access_token.response}")
98
+ log("Performing getUserInfo...")
74
99
  unless @raw_info
75
- @raw_info= access_token.get(options.user_info_path).parsed
100
+ response= access_token.get(options.user_info_path)
101
+ result= %i(status headers body).collect {|m| response.send(m)}
102
+ log("getUserInfo response status/headers/body: #{result}")
103
+ @raw_info= response.parsed
76
104
  # Logout to avoid problems with IdCat mòbil's cookie session when trying to login again.
77
105
  logout_url= URI.join(options.site, "/o/oauth2/logout?token=#{access_token.token}").to_s
78
106
  access_token.get(logout_url)
@@ -80,10 +108,19 @@ module OmniAuth
80
108
  @raw_info
81
109
  end
82
110
 
111
+ # The url where the provider should redirect the users to after authenticating.
83
112
  # https://github.com/intridea/omniauth-oauth2/issues/81
84
113
  def callback_url
85
114
  full_host + script_name + callback_path
86
115
  end
116
+
117
+ def log(msg)
118
+ logger.debug(msg)
119
+ end
120
+
121
+ def logger
122
+ @logger||= defined?(Rails.logger) ? Rails.logger : Logger.new(STDOUT, progname: 'idcat_mobil')
123
+ end
87
124
  end
88
125
  end
89
126
  end
@@ -25,6 +25,6 @@ Gem::Specification.new do |spec|
25
25
 
26
26
  spec.add_dependency "omniauth", "~> 1.5"
27
27
  spec.add_dependency "omniauth-oauth2", ">= 1.4.0", "< 2.0"
28
- spec.add_development_dependency "bundler", "~> 1.16"
29
- spec.add_development_dependency "rake", "~> 10.0"
28
+ spec.add_development_dependency "bundler", "~> 2.2", ">= 2.2.10"
29
+ spec.add_development_dependency "rake", "~> 12.3", ">= 12.3.3"
30
30
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: omniauth-idcat_mobil
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.2.0
4
+ version: 0.2.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Oliver Valls
8
8
  autorequire:
9
9
  bindir: exe
10
10
  cert_chain: []
11
- date: 2019-03-29 00:00:00.000000000 Z
11
+ date: 2021-06-21 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: omniauth
@@ -50,28 +50,40 @@ dependencies:
50
50
  requirements:
51
51
  - - "~>"
52
52
  - !ruby/object:Gem::Version
53
- version: '1.16'
53
+ version: '2.2'
54
+ - - ">="
55
+ - !ruby/object:Gem::Version
56
+ version: 2.2.10
54
57
  type: :development
55
58
  prerelease: false
56
59
  version_requirements: !ruby/object:Gem::Requirement
57
60
  requirements:
58
61
  - - "~>"
59
62
  - !ruby/object:Gem::Version
60
- version: '1.16'
63
+ version: '2.2'
64
+ - - ">="
65
+ - !ruby/object:Gem::Version
66
+ version: 2.2.10
61
67
  - !ruby/object:Gem::Dependency
62
68
  name: rake
63
69
  requirement: !ruby/object:Gem::Requirement
64
70
  requirements:
65
71
  - - "~>"
66
72
  - !ruby/object:Gem::Version
67
- version: '10.0'
73
+ version: '12.3'
74
+ - - ">="
75
+ - !ruby/object:Gem::Version
76
+ version: 12.3.3
68
77
  type: :development
69
78
  prerelease: false
70
79
  version_requirements: !ruby/object:Gem::Requirement
71
80
  requirements:
72
81
  - - "~>"
73
82
  - !ruby/object:Gem::Version
74
- version: '10.0'
83
+ version: '12.3'
84
+ - - ">="
85
+ - !ruby/object:Gem::Version
86
+ version: 12.3.3
75
87
  description: Authentication method that uses OAuth 2.0 protocol.
76
88
  email:
77
89
  - oliver.vh@coditramuntana.com
@@ -80,7 +92,7 @@ extensions: []
80
92
  extra_rdoc_files: []
81
93
  files:
82
94
  - ".gitignore"
83
- - ".travis.yml"
95
+ - ".ruby-version"
84
96
  - CHANGELOG.md
85
97
  - CODE_OF_CONDUCT.md
86
98
  - Gemfile
@@ -115,8 +127,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
115
127
  - !ruby/object:Gem::Version
116
128
  version: '0'
117
129
  requirements: []
118
- rubyforge_project:
119
- rubygems_version: 2.7.6
130
+ rubygems_version: 3.1.6
120
131
  signing_key:
121
132
  specification_version: 4
122
133
  summary: User registration and login through IdCat mòbil.
data/.travis.yml DELETED
@@ -1,7 +0,0 @@
1
- ---
2
- sudo: false
3
- language: ruby
4
- cache: bundler
5
- rvm:
6
- - 2.5.1
7
- before_install: gem install bundler -v 1.16.4