omniauth-kakao-oauth2 1.0.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: bdb7d8c8577bf0111c0a068980a2f294443a66b758c45a6b07f745a99c108baa
+  data.tar.gz: d0c1b17d0aa0f5f28d323d76eabe40e87f3342780548b9a1d8eece6f939fbb5d
+SHA512:
+  metadata.gz: 9a0012e1303940ef9b98444a448c3c2f095ad1187e489f756615e115c346ff1541e2158f7ab2d3ad58cd7dacf485a89412280f129888559080b1b1985c37b108
+  data.tar.gz: 1e109ce2e2b817bb863613f6a5b300ff104c7578eba88020bf4376bd8ff7ab06808d0ff325141e6272f79ff98015969478a4c25fed8b70caef52fddd58f1d595

data/.rubocop.yml

@@ -0,0 +1,8 @@
+AllCops:
+  TargetRubyVersion: 3.1
+
+Style/StringLiterals:
+  EnforcedStyle: double_quotes
+
+Style/StringLiteralsInInterpolation:
+  EnforcedStyle: double_quotes

data/.vscode/tasks.json

@@ -0,0 +1,13 @@
+{
+  "version": "2.0.0",
+  "tasks": [
+    {
+      "label": "build gem",
+      "type": "shell",
+      "command": "bundle exec rake build",
+      "group": "build",
+      "problemMatcher": [],
+      "isBackground": false
+    }
+  ]
+}

data/CHANGELOG.md

@@ -0,0 +1,12 @@
+## [Unreleased]
+
+## [1.0.0] - 2025-08-04
+
+### Added
+- Initial release of omniauth-kakao-oauth2
+- Standard OmniAuth OAuth2 strategy for Kakao authentication
+- Proper client_secret handling in request body (not headers)
+- Support for Kakao profile scopes: profile_nickname, profile_image, account_email
+- Comprehensive user information extraction
+- Modern Ruby 3.1+ support
+- Full test coverage

data/LICENSE.txt

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2025 GoCoder
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

data/README.md

@@ -0,0 +1,75 @@
+# OmniAuth Kakao OAuth2
+
+카카오 인증을 위한 올바른 OmniAuth OAuth2 strategy를 제공하는 Ruby gem입니다. 카카오 API 명세에 따라, `client_secret`을 헤더가 아닌 요청 본문에 포함합니다.
+
+
+## 설치
+```shell
+gem install omniauth-kakao-oauth2
+```
+
+## 사용법
+
+### Rails 설정
+
+```ruby
+# config/initializers/omniauth.rb
+Rails.application.config.middleware.use OmniAuth::Builder do
+  # 기본
+  provider :kakao, ENV['KAKAO_CLIENT_ID']
+  
+  # + Options
+  provider :kakao, ENV['KAKAO_CLIENT_ID'], {
+    scope: 'profile_nickname,profile_image,account_email',
+    redirect_url: 'http://localhost:3000/auth/kakao/callback'
+  }
+  
+  # + Client Secret
+  provider :kakao, ENV['KAKAO_CLIENT_ID'], ENV['KAKAO_CLIENT_SECRET']
+  
+  # + Client Secret & Options
+  provider :kakao, ENV['KAKAO_CLIENT_ID'], ENV['KAKAO_CLIENT_SECRET'], {
+    scope: 'profile_nickname,profile_image,account_email',
+    redirect_url: 'http://localhost:3000/auth/kakao/callback'
+  }
+
+end
+```
+
+
+### 인증 해시
+
+```ruby
+# request.env['omniauth.auth']
+{
+  provider: 'kakao',
+  uid: '123456789',
+  info: {
+    name: 'John Doe',
+    username: 'john@example.com', # 이메일이 username으로도 제공됨
+    email: 'john@example.com',
+    image: 'https://...',
+    nickname: 'johndoe'
+  },
+  credentials: {
+    token: 'ACCESS_TOKEN',
+    expires_at: 1234567890,
+    expires: true
+  },
+  extra: {
+    raw_info: { ... },
+    kakao_account: { ... },
+    properties: { ... }
+  }
+}
+```
+
+
+## Contribute
+
+버그 신고와 PR은 https://github.com/GoCoder7/omniauth-kakao-oauth2 로 부탁드립니다.
+
+
+## License
+
+[MIT](https://opensource.org/licenses/MIT)

data/Rakefile

@@ -0,0 +1,12 @@
+# frozen_string_literal: true
+
+require "bundler/gem_tasks"
+require "minitest/test_task"
+
+Minitest::TestTask.create
+
+require "rubocop/rake_task"
+
+RuboCop::RakeTask.new
+
+task default: %i[test rubocop]

data/example/README.md

@@ -0,0 +1,88 @@
+# Example Usage of omniauth-kakao-oauth2
+
+This directory contains a simple example demonstrating how to use the omniauth-kakao-oauth2 gem in a Rails application.
+
+## Setup
+
+1. **Install the gem locally:**
+   ```bash
+   cd ..
+   bundle exec rake install
+   ```
+
+2. **Create a new Rails app:**
+   ```bash
+   rails new kakao_auth_example
+   cd kakao_auth_example
+   ```
+
+3. **Add to Gemfile:**
+   ```ruby
+   gem 'omniauth-kakao-oauth2'
+   gem 'omniauth-rails_csrf_protection'
+   ```
+
+4. **Configure OmniAuth (config/initializers/omniauth.rb):**
+   ```ruby
+   Rails.application.config.middleware.use OmniAuth::Builder do
+     # client_secret 없이 사용 (기본) | Without client_secret (basic)
+     provider :kakao, ENV['KAKAO_CLIENT_ID']
+     
+     # client_secret과 함께 사용 | With client_secret
+     provider :kakao, ENV['KAKAO_CLIENT_ID'], ENV['KAKAO_CLIENT_SECRET']
+     
+     # 옵션과 함께 사용 | With options
+     provider :kakao, 
+              ENV['KAKAO_CLIENT_ID'], 
+              ENV['KAKAO_CLIENT_SECRET'], # optional
+              {
+                scope: 'profile_nickname,profile_image,account_email',
+                redirect_url: 'http://localhost:3000/auth/kakao/callback'
+              }
+   end
+   ```
+
+5. **Add routes (config/routes.rb):**
+   ```ruby
+   get '/auth/:provider/callback', to: 'sessions#omniauth'
+   ```
+
+6. **Add controller (app/controllers/sessions_controller.rb):**
+   ```ruby
+   class SessionsController < ApplicationController
+     def omniauth
+       auth = request.env['omniauth.auth']
+       render json: {
+         provider: auth.provider,
+         uid: auth.uid,
+         info: auth.info,
+         credentials: auth.credentials
+       }
+     end
+   end
+   ```
+
+## Testing
+
+Navigate to `http://localhost:3000/auth/kakao` to start the authentication flow.
+
+## Expected Response
+
+```json
+{
+  "provider": "kakao",
+  "uid": "123456789",
+  "info": {
+    "name": "John Doe",
+    "username": "john@example.com",
+    "email": "john@example.com",
+    "image": "https://...",
+    "nickname": "johndoe"
+  },
+  "credentials": {
+    "token": "ACCESS_TOKEN",
+    "expires_at": 1234567890,
+    "expires": true
+  }
+}
+```

data/examples/rails_integration.rb

@@ -0,0 +1,78 @@
+# Rails Integration Example for omniauth-kakao-oauth2
+# Rails에서 omniauth-kakao-oauth2 사용 예제
+
+# Gemfile에 추가 | Add to Gemfile
+# gem 'omniauth-kakao-oauth2'
+# gem 'omniauth-rails_csrf_protection'
+
+# config/initializers/omniauth.rb
+Rails.application.config.middleware.use OmniAuth::Builder do
+  # 기본 사용법 (client_secret 없이) | Basic usage (without client_secret)
+  provider :kakao, ENV['KAKAO_CLIENT_ID']
+  
+  # client_secret과 함께 사용 | With client_secret
+  provider :kakao, ENV['KAKAO_CLIENT_ID'], ENV['KAKAO_CLIENT_SECRET']
+  
+  # 옵션과 함께 사용 | With options
+  provider :kakao, ENV['KAKAO_CLIENT_ID'], ENV['KAKAO_CLIENT_SECRET'], {
+    scope: 'profile_nickname,profile_image,account_email',
+    redirect_url: 'http://localhost:3000/auth/kakao/callback'
+  }
+end
+
+# config/routes.rb
+Rails.application.routes.draw do
+  get '/auth/kakao/callback', to: 'sessions#omniauth'
+  # 기타 라우트들...
+end
+
+# app/controllers/sessions_controller.rb
+class SessionsController < ApplicationController
+  def omniauth
+    auth = request.env['omniauth.auth']
+    
+    # 사용자 찾기 또는 생성 | Find or create user
+    user = User.find_or_create_by(uid: auth.uid, provider: auth.provider) do |u|
+      u.name = auth.info.name
+      u.username = auth.info.username # 이메일이 username으로도 제공됨
+      u.email = auth.info.email
+      u.image = auth.info.image
+      u.nickname = auth.info.nickname
+    end
+    
+    if user.persisted?
+      session[:user_id] = user.id
+      redirect_to root_path, notice: '카카오 로그인이 완료되었습니다!'
+    else
+      redirect_to login_path, alert: '로그인 중 오류가 발생했습니다.'
+    end
+  end
+end
+
+# app/models/user.rb
+class User < ApplicationRecord
+  validates :uid, presence: true
+  validates :provider, presence: true
+  validates :email, presence: true, uniqueness: true
+  
+  def self.from_kakao_omniauth(auth)
+    where(uid: auth.uid, provider: auth.provider).first_or_create! do |user|
+      user.name = auth.info.name
+      user.username = auth.info.username
+      user.email = auth.info.email
+      user.image = auth.info.image
+      user.nickname = auth.info.nickname
+    end
+  end
+end
+
+# 마이그레이션 예제 | Migration example
+# rails generate migration CreateUsers uid:string provider:string name:string username:string email:string image:string nickname:string
+# rails db:migrate
+
+# 환경 변수 설정 예제 (.env 파일)
+# KAKAO_CLIENT_ID=your_kakao_rest_api_key
+# KAKAO_CLIENT_SECRET=your_kakao_client_secret # optional
+
+# 뷰 예제 | View example
+# <%= link_to "카카오로 로그인", "/auth/kakao", method: :post, class: "btn btn-warning" %>

data/lib/omniauth/kakao/oauth2/version.rb

@@ -0,0 +1,9 @@
+# frozen_string_literal: true
+
+module Omniauth
+  module Kakao
+    module Oauth2
+      VERSION = "1.0.0"
+    end
+  end
+end

data/lib/omniauth/kakao/oauth2.rb

@@ -0,0 +1,12 @@
+# frozen_string_literal: true
+
+require_relative "oauth2/version"
+require_relative "../strategies/kakao_oauth2"
+
+module Omniauth
+  module Kakao
+    module Oauth2
+      class Error < StandardError; end
+    end
+  end
+end

data/lib/omniauth/strategies/kakao_oauth2.rb

@@ -0,0 +1,95 @@
+# frozen_string_literal: true
+
+require "omniauth-oauth2"
+
+module OmniAuth
+  module Strategies
+    # OmniAuth OAuth2 strategy for Kakao authentication
+    # This strategy properly handles client_secret in the request body as required by Kakao's API
+    class KakaoOauth2 < OmniAuth::Strategies::OAuth2
+      option :name, :kakao
+
+      option :client_options,
+             site: "https://kauth.kakao.com",
+             authorize_url: "/oauth/authorize",
+             token_url: "/oauth/token"
+
+      option :scope, "profile_nickname,profile_image"
+
+      # User ID from Kakao
+      uid { raw_info["id"].to_s }
+
+      # User information mapping
+      info do
+        {
+          name: raw_info.dig("properties", "nickname"),
+          username: kakao_email, # 이메일을 username으로도 제공
+          email: kakao_email,
+          image: raw_info.dig("properties", "profile_image") || raw_info.dig("properties", "thumbnail_image"),
+          nickname: raw_info.dig("properties", "nickname")
+        }
+      end
+
+      # Extra information (sb-omniauth-kakao 호환성을 위해 properties 추가)
+      extra do
+        {
+          raw_info: raw_info,
+          kakao_account: raw_info["kakao_account"],
+          properties: raw_info["properties"] # sb-omniauth-kakao 호환성
+        }
+      end
+
+      # Override to include client_secret in request body instead of header
+      def build_access_token
+        verifier = request.params["code"]
+        
+        # Build token parameters with optional client_secret in the body
+        token_params = {
+          redirect_uri: callback_url,
+          client_id: options.client_id,
+          grant_type: "authorization_code"
+        }
+        
+        # Include client_secret only if provided (optional parameter)
+        token_params[:client_secret] = options.client_secret if options.client_secret
+        
+        # Merge any additional token parameters
+        token_params.merge!(options.token_params || {})
+
+        client.auth_code.get_token(verifier, token_params, deep_symbolize(options.auth_token_params || {}))
+      end
+
+      private
+
+      # Get user information from Kakao API
+      def raw_info
+        @raw_info ||= access_token.get("https://kapi.kakao.com/v2/user/me").parsed
+      end
+
+      # Extract email if available and verified
+      def kakao_email
+        account = raw_info["kakao_account"]
+        return nil unless account
+
+        if account["has_email"] && account["is_email_verified"] && account["is_email_valid"]
+          account["email"]
+        end
+      end
+
+      # Callback URL for OAuth flow (redirect_url 옵션 지원)
+      def callback_url
+        options.redirect_url || options.redirect_path || (full_host + callback_path)
+      end
+
+      # Deep symbolize hash keys (from omniauth-oauth2)
+      def deep_symbolize(options)
+        options.each_with_object({}) do |(key, value), hash|
+          hash[key.to_sym] = value.is_a?(Hash) ? deep_symbolize(value) : value
+        end
+      end
+    end
+  end
+end
+
+# Register the strategy with OmniAuth
+OmniAuth.config.add_camelization "kakao", "KakaoOauth2"

data/lib/omniauth-kakao-oauth2.rb

@@ -0,0 +1,3 @@
+# frozen_string_literal: true
+
+require_relative "omniauth/kakao/oauth2"

data/sig/omniauth/kakao/oauth2.rbs

@@ -0,0 +1,8 @@
+module Omniauth
+  module Kakao
+    module Oauth2
+      VERSION: String
+      # See the writing guide of rbs: https://github.com/ruby/rbs#guides
+    end
+  end
+end

metadata

@@ -0,0 +1,143 @@
+--- !ruby/object:Gem::Specification
+name: omniauth-kakao-oauth2
+version: !ruby/object:Gem::Version
+  version: 1.0.0
+platform: ruby
+authors:
+- GoCoder
+bindir: exe
+cert_chain: []
+date: 1980-01-02 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: omniauth
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.1'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.1'
+- !ruby/object:Gem::Dependency
+  name: omniauth-oauth2
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.8'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.8'
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.0'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '13.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '13.0'
+- !ruby/object:Gem::Dependency
+  name: minitest
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '5.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '5.0'
+- !ruby/object:Gem::Dependency
+  name: rubocop
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.21'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.21'
+description: A Ruby gem providing OmniAuth OAuth2 strategy for Kakao authentication.
+  Unlike other Kakao OAuth gems, this properly includes client_secret in the request
+  body as required by Kakao's API specification.
+email:
+- gocoder7@gmail.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- ".rubocop.yml"
+- ".vscode/tasks.json"
+- CHANGELOG.md
+- LICENSE.txt
+- README.md
+- Rakefile
+- example/README.md
+- examples/rails_integration.rb
+- lib/omniauth-kakao-oauth2.rb
+- lib/omniauth/kakao/oauth2.rb
+- lib/omniauth/kakao/oauth2/version.rb
+- lib/omniauth/strategies/kakao_oauth2.rb
+- sig/omniauth/kakao/oauth2.rbs
+homepage: https://github.com/GoCoder7/omniauth-kakao-oauth2
+licenses:
+- MIT
+metadata:
+  allowed_push_host: https://rubygems.org
+  homepage_uri: https://github.com/GoCoder7/omniauth-kakao-oauth2
+  source_code_uri: https://github.com/GoCoder7/omniauth-kakao-oauth2
+  changelog_uri: https://github.com/GoCoder7/omniauth-kakao-oauth2/blob/main/CHANGELOG.md
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: 3.1.0
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubygems_version: 3.6.9
+specification_version: 4
+summary: OmniAuth OAuth2 strategy for Kakao with proper client_secret handling
+test_files: []