omniauth-identity 1.0.0.rc1 → 2.0.0

data/lib/omniauth/identity/models/mongoid.rb

@@ -19,8 +19,8 @@ module OmniAuth
               validates_uniqueness_of key, :case_sensitive => false
             end
 
-            def self.locate(key)
-              where(auth_key => key).first
+            def self.locate(search_hash)
+              where(search_hash).first
             end
 
           end

data/lib/omniauth/identity/secure_password.rb

@@ -68,7 +68,7 @@ module OmniAuth
         # Encrypts the password into the password_digest attribute.
         def password=(unencrypted_password)
           @password = unencrypted_password
-          unless unencrypted_password.blank?
+          if unencrypted_password && !unencrypted_password.empty?
             self.password_digest = BCrypt::Password.create(unencrypted_password)
           end
         end

data/lib/omniauth/strategies/identity.rb

@@ -1,23 +1,30 @@
 module OmniAuth
   module Strategies
-    # The identity strategy allows you to provide simple internal 
+    # The identity strategy allows you to provide simple internal
     # user authentication using the same process flow that you
     # use for external OmniAuth providers.
     class Identity
       include OmniAuth::Strategy
 
       option :fields, [:name, :email]
+      option :on_login, nil
+      option :on_registration, nil
       option :on_failed_registration, nil
+      option :locate_conditions, lambda{|req| {model.auth_key => req['auth_key']} }
 
       def request_phase
-        OmniAuth::Form.build(
-          :title => (options[:title] || "Identity Verification"),
-          :url => callback_path
-        ) do |f|
-          f.text_field 'Login', 'auth_key'
-          f.password_field 'Password', 'password'
-          f.html "<p align='center'><a href='#{registration_path}'>Create an Identity</a></p>"
-        end.to_response 
+        if options[:on_login]
+          options[:on_login].call(self.env)
+        else
+          OmniAuth::Form.build(
+            :title => (options[:title] || "Identity Verification"),
+            :url => callback_path
+          ) do |f|
+            f.text_field 'Login', 'auth_key'
+            f.password_field 'Password', 'password'
+            f.html "<p align='center'><a href='#{registration_path}'>Create an Identity</a></p>"
+          end.to_response
+        end
       end
 
       def callback_phase
@@ -38,13 +45,17 @@ module OmniAuth
       end
 
       def registration_form
-        OmniAuth::Form.build(:title => 'Register Identity') do |f|
-          options[:fields].each do |field|
-            f.text_field field.to_s.capitalize, field.to_s
-          end
-          f.password_field 'Password', 'password'
-          f.password_field 'Confirm Password', 'password_confirmation'
-        end.to_response
+        if options[:on_registration]
+          options[:on_registration].call(self.env)
+        else
+          OmniAuth::Form.build(:title => 'Register Identity') do |f|
+            options[:fields].each do |field|
+              f.text_field field.to_s.capitalize, field.to_s
+            end
+            f.password_field 'Password', 'password'
+            f.password_field 'Confirm Password', 'password_confirmation'
+          end.to_response
+        end
       end
 
       def registration_phase
@@ -75,7 +86,13 @@ module OmniAuth
       end
 
       def identity
-        @identity ||= model.authenticate(request['auth_key'], request['password'])
+        if options.locate_conditions.is_a? Proc
+          conditions = instance_exec(request, &options.locate_conditions)
+          conditions.to_hash
+        else
+          conditions = options.locate_conditions.to_hash
+        end
+        @identity ||= model.authenticate(conditions, request['password'] )
       end
 
       def model

data/omniauth-identity.gemspec

@@ -2,25 +2,28 @@
 require File.dirname(__FILE__) + '/lib/omniauth-identity/version'
 
 Gem::Specification.new do |gem|
-  gem.add_runtime_dependency 'omniauth', '1.0.0.beta1'
+  gem.add_runtime_dependency 'omniauth'
+  gem.add_runtime_dependency 'bcrypt'
 
-  gem.add_development_dependency 'maruku', '~> 0.6'
-  gem.add_development_dependency 'simplecov', '~> 0.4'
-  gem.add_development_dependency 'rack-test', '~> 0.5'
-  gem.add_development_dependency 'rake', '~> 0.8'
-  gem.add_development_dependency 'rspec', '~> 2.5'
-  gem.add_development_dependency 'bcrypt-ruby', '~> 3.0'
-  gem.add_development_dependency 'activerecord', '~> 3.1'
-  gem.add_development_dependency 'mongoid', '~> 2.3'
-  gem.add_development_dependency 'bson_ext', '~> 1.4'
+  gem.add_development_dependency 'maruku'
+  gem.add_development_dependency 'simplecov'
+  gem.add_development_dependency 'rack-test'
+  gem.add_development_dependency 'rake'
+  gem.add_development_dependency 'rspec', '~> 3'
+  gem.add_development_dependency 'activerecord'
+  gem.add_development_dependency 'mongoid'
+  gem.add_development_dependency 'datamapper'
+  gem.add_development_dependency 'bson_ext'
+  gem.add_development_dependency 'byebug'
+  gem.add_development_dependency 'couch_potato'
 
   gem.name = 'omniauth-identity'
   gem.version = OmniAuth::Identity::VERSION
   gem.description = %q{Internal authentication handlers for OmniAuth.}
   gem.summary = gem.description
-  gem.email = ['michael@intridea.com']
-  gem.homepage = 'http://github.com/intridea/omniauth-identity'
-  gem.authors = ['Michael Bleigh']
+  gem.homepage = 'http://github.com/omniauth/omniauth-identity'
+  gem.authors = ['Andrew Roberts', 'Michael Bleigh']
+  gem.license     = 'MIT'
   gem.executables = `git ls-files -- bin/*`.split("\n").map{|f| File.basename(f)}
   gem.files = `git ls-files`.split("\n")
   gem.test_files = `git ls-files -- {test,spec,features}/*`.split("\n")

data/spec/omniauth/identity/model_spec.rb

@@ -1,5 +1,3 @@
-require 'spec_helper'
-
 class ExampleModel
   include OmniAuth::Identity::Model
 end
@@ -9,19 +7,25 @@ describe OmniAuth::Identity::Model do
     subject{ ExampleModel }
 
     describe '.locate' do
-      it('should be abstract'){ lambda{ subject.locate('abc') }.should raise_error(NotImplementedError) }
+      it('should be abstract'){ expect{ subject.locate('abc') }.to raise_error(NotImplementedError) }
     end
 
     describe '.authenticate' do
       it 'should call locate and then authenticate' do
-        mocked_instance = mock('ExampleModel', :authenticate => 'abbadoo')
-        subject.should_receive(:locate).with('example').and_return(mocked_instance)
-        subject.authenticate('example','pass').should == 'abbadoo'
+        mocked_instance = double('ExampleModel', :authenticate => 'abbadoo')
+        allow(subject).to receive(:locate).with('email' => 'example').and_return(mocked_instance)
+        expect(subject.authenticate({'email' => 'example'},'pass')).to eq('abbadoo')
+      end
+
+      it 'should call locate with additional scopes when provided' do
+        mocked_instance = double('ExampleModel', :authenticate => 'abbadoo')
+        allow(subject).to receive(:locate).with('email' => 'example', 'user_type' => 'admin').and_return(mocked_instance)
+        expect(subject.authenticate({'email' => 'example', 'user_type' => 'admin'}, 'pass')).to eq('abbadoo')
       end
 
       it 'should recover gracefully if locate is nil' do
-        subject.stub!(:locate).and_return(nil)
-        subject.authenticate('blah','foo').should be_false
+        allow(subject).to receive(:locate).and_return(nil)
+        expect(subject.authenticate('blah','foo')).to be false
       end
     end
   end
@@ -30,87 +34,87 @@ describe OmniAuth::Identity::Model do
     subject{ ExampleModel.new }
 
     describe '#authenticate' do
-      it('should be abstract'){ lambda{ subject.authenticate('abc') }.should raise_error(NotImplementedError) }
+      it('should be abstract'){ expect{ subject.authenticate('abc') }.to raise_error(NotImplementedError) }
     end
 
     describe '#uid' do
       it 'should default to #id' do
-        subject.should_receive(:respond_to?).with('id').and_return(true)
-        subject.stub!(:id).and_return 'wakka-do'
-        subject.uid.should == 'wakka-do'
+        allow(subject).to receive(:respond_to?).with(:id).and_return(true)
+        allow(subject).to receive(:id).and_return 'wakka-do'
+        expect(subject.uid).to eq('wakka-do')
       end
 
       it 'should stringify it' do
-        subject.stub!(:id).and_return 123
-        subject.uid.should == '123'
+        allow(subject).to receive(:id).and_return 123
+        expect(subject.uid).to eq('123')
       end
 
       it 'should raise NotImplementedError if #id is not defined' do
-        subject.should_receive(:respond_to?).with('id').and_return(false)
-        lambda{ subject.uid }.should raise_error(NotImplementedError)
+        allow(subject).to receive(:respond_to?).with(:id).and_return(false)
+        expect{ subject.uid }.to raise_error(NotImplementedError)
       end
     end
 
     describe '#auth_key' do
       it 'should default to #email' do
-        subject.should_receive(:respond_to?).with('email').and_return(true)
-        subject.stub!(:email).and_return('bob@bob.com')
-        subject.auth_key.should == 'bob@bob.com'
+        allow(subject).to receive(:respond_to?).with(:email).and_return(true)
+        allow(subject).to receive(:email).and_return('bob@bob.com')
+        expect(subject.auth_key).to eq('bob@bob.com')
       end
 
       it 'should use the class .auth_key' do
         subject.class.auth_key 'login'
-        subject.stub!(:login).and_return 'bob'
-        subject.auth_key.should == 'bob'
+        allow(subject).to receive(:login).and_return 'bob'
+        expect(subject.auth_key).to eq('bob')
         subject.class.auth_key nil
       end
 
       it 'should raise a NotImplementedError if the auth_key method is not defined' do
-        lambda{ subject.auth_key }.should raise_error(NotImplementedError)
+        expect{ subject.auth_key }.to raise_error(NotImplementedError)
       end
     end
 
     describe '#auth_key=' do
       it 'should default to setting email' do
-        subject.should_receive(:respond_to?).with('email=').and_return(true)
-        subject.should_receive(:email=).with 'abc'
+        allow(subject).to receive(:respond_to?).with(:email=).and_return(true)
+        expect(subject).to receive(:email=).with 'abc'
         
         subject.auth_key = 'abc'
       end
 
       it 'should use a custom .auth_key if one is provided' do
         subject.class.auth_key 'login'
-        subject.should_receive(:respond_to?).with('login=').and_return(true)
-        subject.should_receive('login=').with('abc')
+        allow(subject).to receive(:respond_to?).with(:login=).and_return(true)
+        expect(subject).to receive(:login=).with('abc')
 
         subject.auth_key = 'abc'
       end
 
       it 'should raise a NotImplementedError if the autH_key method is not defined' do
-        lambda{ subject.auth_key = 'broken' }.should raise_error(NotImplementedError)
+        expect{ subject.auth_key = 'broken' }.to raise_error(NotImplementedError)
       end
     end
 
     describe '#info' do
       it 'should include attributes that are set' do
-        subject.stub!(:name).and_return('Bob Bobson')
-        subject.stub!(:nickname).and_return('bob')
+        allow(subject).to receive(:name).and_return('Bob Bobson')
+        allow(subject).to receive(:nickname).and_return('bob')
 
-        subject.info.should == {
+        expect(subject.info).to eq({
           'name' => 'Bob Bobson',
           'nickname' => 'bob'
-        }
+        })
       end
 
       it 'should automatically set name off of nickname' do
-        subject.stub!(:nickname).and_return('bob')
+        allow(subject).to receive(:nickname).and_return('bob')
         subject.info['name'] == 'bob'
       end
 
       it 'should not overwrite a provided name' do
-        subject.stub!(:name).and_return('Awesome Dude')
-        subject.stub!(:first_name).and_return('Frank')
-        subject.info['name'].should == 'Awesome Dude'
+        allow(subject).to receive(:name).and_return('Awesome Dude')
+        allow(subject).to receive(:first_name).and_return('Frank')
+        expect(subject.info['name']).to eq('Awesome Dude')
       end
     end
   end

data/spec/omniauth/identity/models/active_record_spec.rb

@@ -1,16 +1,16 @@
-require 'spec_helper'
-
 describe(OmniAuth::Identity::Models::ActiveRecord, :db => true) do
-  class TestIdentity < OmniAuth::Identity::Models::ActiveRecord
-    auth_key :ham_sandwich
-  end
+  class TestIdentity < OmniAuth::Identity::Models::ActiveRecord; end
 
-  it 'should locate using the auth key using a where query' do
-    TestIdentity.should_receive(:where).with('ham_sandwich' => 'open faced').and_return(['wakka'])
-    TestIdentity.locate('open faced').should == 'wakka'
-  end
-  
-  it 'should not use STI rules for its table name' do
-    TestIdentity.table_name.should == 'test_identities'
+  describe "model", type: :model do
+    subject { TestIdentity }
+
+    it 'should delegate locate to the where query method' do
+      allow(subject).to receive(:where).with('ham_sandwich' => 'open faced', 'category' => 'sandwiches').and_return(['wakka'])
+      expect(subject.locate('ham_sandwich' => 'open faced', 'category' => 'sandwiches')).to eq('wakka')
+    end
+
+    it 'should not use STI rules for its table name' do
+      expect(subject.table_name).to eq('test_identities')
+    end
   end
 end

data/spec/omniauth/identity/models/couch_potato_spec.rb

@@ -0,0 +1,16 @@
+describe(OmniAuth::Identity::Models::CouchPotatoModule, :db => true) do
+  class CouchPotatoTestIdentity
+    include CouchPotato::Persistence
+    include OmniAuth::Identity::Models::CouchPotatoModule
+    auth_key :ham_sandwich
+  end
+
+  describe 'model', type: :model do
+    subject { CouchPotatoTestIdentity }
+
+    it 'should delegate locate to the where query method' do
+      allow(subject).to receive(:where).with('ham_sandwich' => 'open faced', 'category' => 'sandwiches').and_return(['wakka'])
+      expect(subject.locate('ham_sandwich' => 'open faced', 'category' => 'sandwiches')).to eq('wakka')
+    end
+  end
+end

data/spec/omniauth/identity/models/data_mapper_spec.rb

@@ -0,0 +1,24 @@
+describe(OmniAuth::Identity::Models::DataMapper, :db => true) do
+  class DataMapperTestIdentity
+    include DataMapper::Resource
+    include OmniAuth::Identity::Models::DataMapper
+
+    property :id,              Serial
+    auth_key :ham_sandwich
+  end
+
+
+  before :all do
+    DataMapper.finalize
+    @resource = DataMapperTestIdentity.new
+  end
+
+  describe 'model', type: :model do
+    subject { DataMapperTestIdentity }
+
+    it 'should delegate locate to the all query method' do
+      allow(subject).to receive(:all).with('ham_sandwich' => 'open faced', 'category' => 'sandwiches').and_return(['wakka'])
+      expect(subject.locate('ham_sandwich' => 'open faced', 'category' => 'sandwiches')).to eq('wakka')
+    end
+  end
+end

data/spec/omniauth/identity/models/mongoid_spec.rb

@@ -1,18 +1,23 @@
-require 'spec_helper'
-
 describe(OmniAuth::Identity::Models::Mongoid, :db => true) do
   class MongoidTestIdentity
     include Mongoid::Document
     include OmniAuth::Identity::Models::Mongoid
     auth_key :ham_sandwich
+    store_in database: 'db1', collection: 'mongoid_test_identities', client: 'secondary'
   end
 
-  it 'should locate using the auth key using a where query' do
-    MongoidTestIdentity.should_receive(:where).with('ham_sandwich' => 'open faced').and_return(['wakka'])
-    MongoidTestIdentity.locate('open faced').should == 'wakka'
-  end
-  
-  it 'should not use STI rules for its collection name' do
-    MongoidTestIdentity.collection.name.should == 'mongoid_test_identities'
+  describe "model", type: :model do
+    subject { MongoidTestIdentity }
+
+    it { is_expected.to be_mongoid_document }
+
+    it 'does not munge collection name' do
+      is_expected.to be_stored_in(database: 'db1', collection: 'mongoid_test_identities', client: 'secondary')
+    end
+
+    it 'should delegate locate to the where query method' do
+      allow(subject).to receive(:where).with('ham_sandwich' => 'open faced', 'category' => 'sandwiches').and_return(['wakka'])
+      expect(subject.locate('ham_sandwich' => 'open faced', 'category' => 'sandwiches')).to eq('wakka')
+    end
   end
 end

data/spec/omniauth/identity/secure_password_spec.rb

@@ -1,5 +1,3 @@
-require 'spec_helper'
-
 class HasTheMethod
   def self.has_secure_password; end
 end
@@ -9,19 +7,19 @@ end
 
 describe OmniAuth::Identity::SecurePassword do
   it 'should extend with the class methods if it does not have the method' do
-    DoesNotHaveTheMethod.should_receive(:extend).with(OmniAuth::Identity::SecurePassword::ClassMethods)
+    expect(DoesNotHaveTheMethod).to receive(:extend).with(OmniAuth::Identity::SecurePassword::ClassMethods)
     DoesNotHaveTheMethod.send(:include, OmniAuth::Identity::SecurePassword)
   end
 
   it 'should not extend if the method is already defined' do
-    HasTheMethod.should_not_receive(:extend)
+    expect(HasTheMethod).not_to receive(:extend)
     HasTheMethod.send(:include, OmniAuth::Identity::SecurePassword)
   end
 
   it 'should respond to has_secure_password afterwards' do
     [HasTheMethod,DoesNotHaveTheMethod].each do |klass|
       klass.send(:include, OmniAuth::Identity::SecurePassword)
-      klass.should be_respond_to(:has_secure_password)
+      expect(klass).to be_respond_to(:has_secure_password)
     end
   end
 end

data/spec/omniauth/strategies/identity_spec.rb

@@ -1,5 +1,3 @@
-require 'spec_helper'
-
 class MockIdentity; end
 
 describe OmniAuth::Strategies::Identity do
@@ -14,7 +12,7 @@ describe OmniAuth::Strategies::Identity do
     identity_options = {:model => MockIdentity}.merge(identity_options)
     old_app = self.app
     self.app = Rack::Builder.app do
-      use Rack::Session::Cookie
+      use Rack::Session::Cookie, secret: '1234567890qwertyuiop'
       use OmniAuth::Strategies::Identity, identity_options
       run lambda{|env| [404, {'env' => env}, ["HELLO!"]]}
     end
@@ -32,41 +30,53 @@ describe OmniAuth::Strategies::Identity do
   describe '#request_phase' do
     it 'should display a form' do
       get '/auth/identity'
-      last_response.body.should be_include("<form")
+      expect(last_response.body).to be_include("<form")
     end
   end
 
   describe '#callback_phase' do
-    let(:user){ mock(:uid => 'user1', :info => {'name' => 'Rockefeller'})}
+    let(:user){ double(:uid => 'user1', :info => {'name' => 'Rockefeller'})}
 
     context 'with valid credentials' do
       before do
-        MockIdentity.should_receive('authenticate').with('john','awesome').and_return(user)
+        allow(MockIdentity).to receive('auth_key').and_return('email')
+        expect(MockIdentity).to receive('authenticate').with({'email' => 'john'},'awesome').and_return(user)
         post '/auth/identity/callback', :auth_key => 'john', :password => 'awesome'
       end
 
       it 'should populate the auth hash' do
-        auth_hash.should be_kind_of(Hash)
+        expect(auth_hash).to be_kind_of(Hash)
       end
 
       it 'should populate the uid' do
-        auth_hash['uid'].should == 'user1'
+        expect(auth_hash['uid']).to eq('user1')
       end
 
       it 'should populate the info hash' do
-        auth_hash['info'].should == {'name' => 'Rockefeller'}
+        expect(auth_hash['info']).to eq({'name' => 'Rockefeller'})
       end
     end
 
     context 'with invalid credentials' do
       before do
+        allow(MockIdentity).to receive('auth_key').and_return('email')
         OmniAuth.config.on_failure = lambda{|env| [401, {}, [env['omniauth.error.type'].inspect]]}
-        MockIdentity.should_receive(:authenticate).with('wrong','login').and_return(false)
+        expect(MockIdentity).to receive(:authenticate).with({'email' => 'wrong'},'login').and_return(false)
         post '/auth/identity/callback', :auth_key => 'wrong', :password => 'login'
       end
 
       it 'should fail with :invalid_credentials' do
-        last_response.body.should == ':invalid_credentials'
+        expect(last_response.body).to eq(':invalid_credentials')
+      end
+    end
+
+    context 'with auth scopes' do
+
+      it 'should evaluate and pass through conditions proc' do
+        allow(MockIdentity).to receive('auth_key').and_return('email')
+        set_app!( :locate_conditions => lambda{|req| {model.auth_key => req['auth_key'], 'user_type' => 'admin'} } )
+        expect(MockIdentity).to receive('authenticate').with( {'email' => 'john', 'user_type' => 'admin'}, 'awesome' ).and_return(user)
+        post '/auth/identity/callback', :auth_key => 'john', :password => 'awesome'
       end
     end
   end
@@ -74,27 +84,28 @@ describe OmniAuth::Strategies::Identity do
   describe '#registration_form' do
     it 'should trigger from /auth/identity/register by default' do
       get '/auth/identity/register'
-      last_response.body.should be_include("Register Identity")
+      expect(last_response.body).to be_include("Register Identity")
     end
   end
 
   describe '#registration_phase' do
     context 'with successful creation' do
       let(:properties){ {
-        :name => 'Awesome Dude', 
+        :name => 'Awesome Dude',
         :email => 'awesome@example.com',
         :password => 'face',
         :password_confirmation => 'face'
       } }
 
       before do
-        m = mock(:uid => 'abc', :name => 'Awesome Dude', :email => 'awesome@example.com', :info => {:name => 'DUUUUDE!'}, :persisted? => true)
-        MockIdentity.should_receive(:create).with(properties).and_return(m)
+        allow(MockIdentity).to receive('auth_key').and_return('email')
+        m = double(:uid => 'abc', :name => 'Awesome Dude', :email => 'awesome@example.com', :info => {:name => 'DUUUUDE!'}, :persisted? => true)
+        expect(MockIdentity).to receive(:create).with(properties).and_return(m)
       end
 
       it 'should set the auth hash' do
         post '/auth/identity/register', properties
-        auth_hash['uid'].should == 'abc'
+        expect(auth_hash['uid']).to eq('abc')
       end
     end
 
@@ -107,13 +118,13 @@ describe OmniAuth::Strategies::Identity do
       } }
 
       before do
-        MockIdentity.should_receive(:create).with(properties).and_return(mock(:persisted? => false))
+        expect(MockIdentity).to receive(:create).with(properties).and_return(double(:persisted? => false))
       end
 
       context 'default' do
         it 'should show registration form' do
           post '/auth/identity/register', properties
-          last_response.body.should be_include("Register Identity")
+          expect(last_response.body).to be_include("Register Identity")
         end
       end
 
@@ -121,7 +132,7 @@ describe OmniAuth::Strategies::Identity do
         it 'should set the identity hash' do
           set_app!(:on_failed_registration => lambda{|env| [404, {'env' => env}, ["HELLO!"]]}) do
             post '/auth/identity/register', properties
-            identity_hash.should_not be_nil
+            expect(identity_hash).not_to be_nil
           end
         end
       end