omniauth-infinum 0.9.7

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 34c9a53f0a650d22f963c93f462ecd28c26d74de
+  data.tar.gz: a54cbc44da5bcbddafa1a13ae66dfb42dfa938d1
+SHA512:
+  metadata.gz: 2998ecce1785a94e4a19f6d0b9d80993373abc64aa145aba31e283c104635ce469ca19fc6361b277d3333b35671f46c863a2e57a643e18950fd3cabf9886cc04
+  data.tar.gz: 5ec424bc25650101372ee5ec4c9179ad7ac11f2f2c9b1f7c09352b3569505bfe4d3c121a707396f3ea439c934af8fc2f3ad1a002cfdd48a19b8bbeff53d73c87

data/.gitignore

@@ -0,0 +1 @@
+*.gem

data/Readme.md

@@ -0,0 +1,176 @@
+# Introduction
+
+omniauth-infinum is a gem for integrating the Infinum ID Single Sign On system in a Ruby on Rails web application.
+
+Anybody can register for an Infinum ID by visiting [https://accounts.infinum.co](https://accounts.infinum.co)
+
+# Gem installation
+
+The gem isn't hosted on Gemcutter, but rather on a private gem server, [http://gems.infinum.co](http://gems.infinum.co).
+
+To use this private gem server, you need to add a new gem source
+
+    gem sources -a http://gems.infinum.co
+
+Afer that, install the gem.
+
+    gem install omniauth-infinum
+
+If you're including the gem in your Gemfile, you need to also manually specify the source
+
+    source 'http://gems.infinum.co'
+    gem "omniauth-infinum"
+    
+    
+# Implementation
+
+There is a possibility to implement the omniauth-infinum gem with a generator, or manually. If your model will be called other than User (such as Admin or similar), we advise you create everything manually.
+Otherwise we reccommend you use the generator:
+
+
+# Omniauth-infinum gem implementation with a generator:
+
+
+Run the generator with:
+
+    rails g omniauth_infinum:install
+    
+Go to your config/initializers/omniauth-infinum.rb file and update the APP_ID and APP_SECRET.
+
+Run the migration
+
+    rake db:migrate
+
+And finish the implementation with adding the .new_from_omniauth class method to the User model:
+
+      def self.new_from_omniauth(omniauth)
+        user = User.find_by_uid(omniauth['uid']) || User.find_by_email(omniauth[:extra][:email]) || User.new(:uid => omniauth['uid'])     
+        # refresh info
+          user.uid = omniauth['uid']
+          user.first_name = omniauth[:extra][:first_name]
+          user.last_name = omniauth[:extra][:last_name]
+          user.email = omniauth[:extra][:email]
+          user.avatar_url = omniauth[:extra][:avatar_url]
+          user.save
+        user
+      end
+
+# Omniauth-infinum gem implementation manually:
+
+
+## Initializing
+
+To initialize the omniauth provider, you need to add an initializer with a given secret and access key. Add this to <tt>config/initializers/omniauth.rb</tt>:
+
+    OmniAuth::Strategies::Infinum.setup do |config|
+      config.url = "http://accounts.infinum.co#{Rails.env.development? ? '.dev' : ''}"
+    end
+    
+    APP_ID = 'some_key' 
+    APP_SECRET = 'some_secret'
+
+    Rails.application.config.middleware.use OmniAuth::Builder do
+      provider :infinum, APP_ID, APP_SECRET
+    end
+
+## Routes
+
+For the success/failure callbacks and logout functionality, you need to add some routes to the application:
+
+    get '/auth/:provider/callback', :to => 'omniauth#success'
+    get '/auth/failure', :to => 'omniauth#failure'
+    get '/logout', :to => 'omniauth#logout'
+
+You'll also need to add a controller to handle the callbacks
+
+    class OmniauthController < ApplicationController
+      before_filter :authenticate_user!, :only => [ :logout ]
+
+      def success
+        session[:user_id] = env['omniauth.auth']
+        user = User.new_from_omniauth(session[:user_id])
+        redirect_to request.env['omniauth.origin'] || root_path, notice: "Successfully logged in"
+      end
+
+      def failure
+        flash[:alert] = params[:message]
+        #remember to add a template to render out or redirect to somewhere
+      end
+
+      # logout - Clear our rack session BUT essentially redirect to the provider to clean up the Devise session from there too !
+      def logout
+        session[:user_id] = nil
+        redirect_to "#{OmniAuth::Strategies::Infinum.url}/users/sign_out?redirect_to=#{root_url}", notice: 'You have successfully signed out!'
+      end
+    end
+
+## Model implementation
+
+In the <tt>User</tt> model, you'll need to implement the <tt>new_from_omniauth</tt> method like so:
+
+    class User < ActiveRecord::Base
+      def self.new_from_omniauth(omniauth)
+        user = User.find_by_uid(omniauth['uid']) || User.find_by_email(omniauth[:extra][:email]) || User.new(:uid => omniauth['uid'])     
+        # refresh info
+        user.uid = omniauth['uid']
+        user.first_name = omniauth[:extra][:first_name]
+        user.last_name = omniauth[:extra][:last_name]
+        user.email = omniauth[:extra][:email]
+        user.avatar_url = omniauth[:extra][:avatar_url]
+        user.save
+      end
+    end
+
+## Migrations
+
+Your <tt>User</tt> model will also need to have a <tt>string</tt> field called <tt>uid</tt> which hold the user ide from the <tt>accounts.infinum.co</tt> database
+
+    rails g migration add_uid_to_users uid:string
+    rake db:migrate
+
+## Important notice
+
+If the provider type is **private** the Infinum ID administrator will need to manually assign each user to each particular service when they register.
+
+If the provider type is **public**, this is not necessary.
+
+# That's it!
+
+Give it a spin!
+
+# Updating to 0.9.5 or higher
+
+If you wish to change the development address of accounts.infinum.co, add this line to your <tt>config/initializers/omniauth.rb</tt> file:
+
+    OmniAuth::Strategies::Infinum.setup do |config|
+      config.url = Rails.env.development? ? "http://accounts.infinum.co.dev" :"http://accounts.infinum.co"
+    end
+    
+    
+# TestHelpers
+
+Omniauth-infinum provides two test helpers, <tt>sign_in(user)</tt> and <tt>sign_out</tt>
+
+Require the test_helper file:
+
+    require 'omniauth-infinum/test_helpers'
+
+Add the following to your `test/test_helper.rb` file:
+
+```ruby
+class ActionController::TestCase
+  include OmniAuth::Infinum::TestHelpers
+end
+```
+
+If you're using RSpec, you can put the following inside a file named `spec/spec_helper.rb`:
+
+```ruby
+RSpec.configure do |config|
+  config.include OmniAuth::Infinum::TestHelpers
+end
+```
+    
+# Copyright
+
+Copyright © 2013 Tomislav Car, Infinum

data/lib/generators/omniauth_infinum/install_generator.rb

@@ -0,0 +1,35 @@
+module OmniauthInfinum
+	class InstallGenerator < Rails::Generators::Base
+		source_root File.expand_path("../templates", __FILE__)
+
+		def create_a_config_file
+			copy_file "config/initializers/omniauth-infinum.rb", "config/initializers/omniauth-infinum.rb"
+		end
+
+		def create_the_omniauth_controller
+			copy_file "app/controllers/omniauth_controller.rb", "app/controllers/omniauth_controller.rb"
+		end
+
+		def add_routes
+			routes = "  get '/auth/:provider/callback', :to => 'omniauth#success'\n" +
+					 "  get '/auth/failure'	, :to => 'omniauth#failure'\n" +
+			 		 "  get '/logout', :to => 'omniauth#logout'\n"
+
+			file_content = File.read('config/routes.rb')
+			file_content.sub!("routes.draw do\n", "routes.draw do\n\n#{routes}")
+			File.open("config/routes.rb", 'w') { |file| file.write(file_content)}	
+			say_status "insert", "routes.rb file -> 'Success, failure and logout routes added.'", :green
+		end
+
+		def rails_generate_migration
+			copy_file "db/migrate/add_uid_to_users.rb", "db/migrate/#{migrationNumber}_add_uid_to_users.rb"
+		end
+
+	private
+
+		def migrationNumber
+			Time.now.utc.strftime("%Y%m%d%H%M%S")
+		end
+
+	end
+end

data/lib/generators/omniauth_infinum/templates/app/controllers/omniauth_controller.rb

@@ -0,0 +1,20 @@
+class OmniauthController < ApplicationController
+  before_filter :authenticate_user!, :only => [ :logout ]
+
+  def success
+    session[:user_id] = env['omniauth.auth']
+    user = User.new_from_omniauth(session[:user_id])
+    redirect_to request.env['omniauth.origin'] || root_path, notice: "Successfully logged in"
+  end
+
+  def failure
+    flash[:alert] = params[:message]
+    #remember to add a template to render out or redirect to somewhere
+  end
+
+  # logout - Clear our rack session BUT essentially redirect to the provider to clean up the Devise session from there too !
+  def logout
+    session[:user_id] = nil
+    redirect_to "#{OmniAuth::Strategies::Infinum.url}/users/sign_out?redirect_to=#{root_url}", notice: 'You have successfully signed out!'
+  end
+end

data/lib/generators/omniauth_infinum/templates/config/initializers/omniauth-infinum.rb

@@ -0,0 +1,10 @@
+OmniAuth::Strategies::Infinum.setup do |config|
+  config.url = "http://accounts.infinum.co#{Rails.env.development? ? '.dev' : ''}"
+end
+
+APP_ID = 'your_app_id'
+APP_SECRET = 'your_app_secret'
+
+Rails.application.config.middleware.use OmniAuth::Builder do
+  provider :infinum, APP_ID, APP_SECRET
+end

data/lib/generators/omniauth_infinum/templates/db/migrate/add_uid_to_users.rb

@@ -0,0 +1,5 @@
+class AddUidToUsers < ActiveRecord::Migration
+  def change
+    add_column :users, :uid, :string
+  end
+end

data/lib/omniauth-infinum.rb

@@ -0,0 +1,7 @@
+require "omniauth-infinum/version"
+require "omniauth-infinum/controller"
+require 'omniauth/strategies/infinum'
+
+if defined? ActionController::Base
+  ActionController::Base.send(:include, OmniAuth::Infinum::Controller)
+end

data/lib/omniauth-infinum/controller.rb

@@ -0,0 +1,28 @@
+module OmniAuth::Infinum::Controller
+  module InstanceMethods
+    def authenticate_user!
+      if current_user.blank?
+        respond_to do |format|
+          format.html  {
+            redirect_to "/auth/infinum?origin=#{request.url}"
+          }
+          format.json {
+            render :json => { 'error' => 'Access Denied' }.to_json
+          }
+        end
+      end
+    end
+
+    def current_user
+      return nil unless session[:user_id]
+
+      @current_user ||= User.new_from_omniauth(session[:user_id])
+    end    
+  end
+
+  def self.included(receiver)
+    receiver.send :include, InstanceMethods
+
+    receiver.helper_method :current_user
+  end
+end

data/lib/omniauth-infinum/test_helpers.rb

@@ -0,0 +1,22 @@
+module OmniAuth::Infinum
+  module TestHelpers
+
+    def sign_in(user)
+      session[:user_id] = OmniAuth::AuthHash.new({
+        :provider => 'infinum',
+        :uid => (user.try(:uid) || '75'),
+        :extra => {
+          :first_name => user.try(:first_name),
+          :last_name => user.try(:last_name), 
+          :email => user.try(:email),
+          :avatar_url => user.try(:avatar_url)
+          }
+        }) 
+    end
+
+    def sign_out
+      session[:user_id] = nil
+    end
+
+  end
+end

data/lib/omniauth-infinum/version.rb

@@ -0,0 +1,5 @@
+module OmniAuth
+  module Infinum
+    VERSION = "0.9.7"
+  end
+end

data/lib/omniauth/strategies/infinum.rb

@@ -0,0 +1,66 @@
+require 'omniauth-oauth2'
+
+module OmniAuth
+  module Strategies
+    class Infinum < OmniAuth::Strategies::OAuth2
+
+      # mattr_accessor :url
+      def self.url
+        @@url
+      end
+
+      def self.url=(some_value)
+        @@url = some_value
+      end
+      
+      def self.development_environment?
+        if defined? Rails
+          Rails.env.development?
+        else
+          ENV['RACK_ENV'].nil? || ENV['RACK_ENV'] == "development"
+        end
+      end
+
+      @@url = "http://accounts.infinum.co#{development_environment? ? '.dev' : ''}"
+      
+      def self.setup
+        yield self if block_given?
+
+        option :client_options, {
+          :site =>  @@url,
+          :authorize_url => "#{@@url}/auth/infinum/authorize",
+          :access_token_url => "#{@@url}/auth/infinum/access_token"
+        }
+      end
+
+      option :client_options, {
+        :site =>  @@url,
+        :authorize_url => "#{@@url}/auth/infinum/authorize",
+        :access_token_url => "#{@@url}/auth/infinum/access_token"
+      }
+
+      uid { raw_info['id'] }
+
+      info do
+        {
+          :email => raw_info['email']
+        }
+      end
+
+      extra do
+        {
+          :first_name => raw_info['extra']['first_name'],
+          :last_name  => raw_info['extra']['last_name'],
+          :email  => raw_info['extra']['email'],
+          :avatar_url => raw_info['extra']['avatar_url']
+        }
+      end
+
+      def raw_info
+        @raw_info ||= access_token.get("/auth/infinum/user.json?oauth_token=#{access_token.token}").parsed
+      end
+
+
+    end
+  end
+end

data/lib/omniauth/strategies/oauth2.rb

@@ -0,0 +1,118 @@
+require 'cgi'
+require 'uri'
+require 'oauth2'
+require 'omniauth'
+require 'timeout'
+require 'securerandom'
+require 'omniauth-oauth2'
+
+
+module OmniAuth
+  module Strategies
+    class OAuth2
+      include OmniAuth::Strategy
+
+      args [:client_id, :client_secret]
+
+      option :client_id, nil
+      option :client_secret, nil
+      option :client_options, {}
+      option :authorize_params, {}
+      option :authorize_options, [:scope]
+      option :token_params, {}
+      option :token_options, []
+      option :provider_ignores_state, false
+
+      attr_accessor :access_token
+
+      def client
+        ::OAuth2::Client.new(options.client_id, options.client_secret, deep_symbolize(options.client_options))
+      end
+
+      def callback_url
+        full_host + script_name + callback_path
+      end
+
+      credentials do
+        hash = {'token' => access_token.token}
+        hash.merge!('refresh_token' => access_token.refresh_token) if access_token.expires? && access_token.refresh_token
+        hash.merge!('expires_at' => access_token.expires_at) if access_token.expires?
+        hash.merge!('expires' => access_token.expires?)
+        hash
+      end
+
+      def request_phase
+        redirect client.auth_code.authorize_url({:redirect_uri => callback_url}.merge(authorize_params))
+      end
+
+      def authorize_params
+        options.authorize_params[:state] = SecureRandom.hex(24)
+        params = options.authorize_params.merge(options.authorize_options.inject({}){|h,k| h[k.to_sym] = options[k] if options[k]; h})
+        if OmniAuth.config.test_mode
+          @env ||= {}
+          @env['rack.session'] ||= {}
+        end
+        session['omniauth.state'] = params[:state]
+        params
+      end
+
+      def token_params
+        options.token_params.merge(options.token_options.inject({}){|h,k| h[k.to_sym] = options[k] if options[k]; h})
+      end
+
+
+
+      def callback_phase
+        if request.params['error'] || request.params['error_reason']
+          raise CallbackError.new(request.params['error'], request.params['error_description'] || request.params['error_reason'], request.params['error_uri'])
+        end
+        if !options.provider_ignores_state && (request.params['state'].to_s.empty? || request.params['state'] != session.delete('omniauth.state'))
+          raise CallbackError.new(nil, :csrf_detected)
+        end
+
+        self.access_token = build_access_token
+        self.access_token = access_token.refresh! if access_token.expired?
+
+         super
+        rescue ::OAuth2::Error => e
+          fail!(e.code, e)
+        rescue CallbackError => e
+          fail!(e.error_reason,e)
+        rescue ::MultiJson::DecodeError => e
+          fail!(:invalid_response, e)
+        rescue ::Timeout::Error, ::Errno::ETIMEDOUT => e
+          fail!(:timeout, e)
+        rescue ::SocketError => e
+          fail!(:failed_to_connect, e)
+      end
+
+      protected
+
+      def deep_symbolize(hash)
+        hash.inject({}) do |h, (k,v)|
+          h[k.to_sym] = v.is_a?(Hash) ? deep_symbolize(v) : v
+          h
+        end
+      end
+
+      def build_access_token
+        verifier = request.params['code']
+        client.auth_code.get_token(verifier, {:redirect_uri => callback_url}.merge(token_params.to_hash(:symbolize_keys => true)))
+      end
+
+      # An error that is indicated in the OAuth 2.0 callback.
+      # This could be a `redirect_uri_mismatch` or other
+      class CallbackError < StandardError
+        attr_accessor :error, :error_reason, :error_uri
+
+        def initialize(error, error_reason=nil, error_uri=nil)
+          self.error = error
+          self.error_reason = error_reason
+          self.error_uri = error_uri
+        end
+      end
+
+    end
+  end
+end
+OmniAuth.config.add_camelization 'oauth2', 'OAuth2'

data/omniauth-infinum.gemspec

@@ -0,0 +1,23 @@
+require File.expand_path('../lib/omniauth-infinum/version', __FILE__)
+
+Gem::Specification.new do |gem|
+  gem.authors       = ["Tomislav Car"]
+  gem.email         = ["tomislav@infinum.hr"]
+  gem.description   = %q{Official OmniAuth strategy for Infinum.}
+  gem.summary       = %q{Official OmniAuth strategy for Infinum.}
+  gem.homepage      = "https://infinum.codebasehq.com/projects/infinum-accounts/repositories/omniauth-infinum"
+
+  gem.executables   = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) }
+  gem.files         = `git ls-files`.split("\n")
+  gem.test_files    = `git ls-files -- {test,spec,features}/*`.split("\n")
+  gem.name          = "omniauth-infinum"
+  gem.require_paths = ["lib"]
+  gem.version       = OmniAuth::Infinum::VERSION
+
+  gem.add_dependency 'omniauth', '~> 1.0'
+  gem.add_dependency 'omniauth-oauth2', '~> 1.1'
+  #gem.add_development_dependency 'rspec', '~> 2.7'
+  #gem.add_development_dependency 'rack-test'
+  #gem.add_development_dependency 'simplecov'
+  #gem.add_development_dependency 'webmock'
+end

metadata

@@ -0,0 +1,85 @@
+--- !ruby/object:Gem::Specification
+name: omniauth-infinum
+version: !ruby/object:Gem::Version
+  version: 0.9.7
+platform: ruby
+authors:
+- Tomislav Car
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2015-09-18 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: omniauth
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.0'
+- !ruby/object:Gem::Dependency
+  name: omniauth-oauth2
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.1'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.1'
+description: Official OmniAuth strategy for Infinum.
+email:
+- tomislav@infinum.hr
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- ".gitignore"
+- Readme.md
+- lib/generators/omniauth_infinum/install_generator.rb
+- lib/generators/omniauth_infinum/templates/app/controllers/omniauth_controller.rb
+- lib/generators/omniauth_infinum/templates/config/initializers/omniauth-infinum.rb
+- lib/generators/omniauth_infinum/templates/db/migrate/add_uid_to_users.rb
+- lib/omniauth-infinum.rb
+- lib/omniauth-infinum/controller.rb
+- lib/omniauth-infinum/test_helpers.rb
+- lib/omniauth-infinum/version.rb
+- lib/omniauth/strategies/infinum.rb
+- lib/omniauth/strategies/oauth2.rb
+- omniauth-infinum.gemspec
+homepage: https://infinum.codebasehq.com/projects/infinum-accounts/repositories/omniauth-infinum
+licenses: []
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.4.5
+signing_key: 
+specification_version: 4
+summary: Official OmniAuth strategy for Infinum.
+test_files: []
+has_rdoc: