omniauth-matique 0.1.1

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 980e0dc38689fb49ac61f868d081e8c167b4b5e3
+  data.tar.gz: 5f986205dfec931feebba5dcc6c4052c8dc42243
+SHA512:
+  metadata.gz: 6b767b4eb52be4f98c1a45f64c445ba0bedbb895c1dfb01511810ae62ca744a16bd4052cf965ced8ff963de5186a47bb6cad3e8195ceb63ca2fc37f550faf6a3
+  data.tar.gz: 92375956494094a3704849d11ae41e80ec3b9530428b88a37afd04974c93185411619cf0f1e7ba10d81b4a7b3adad50372fb71b2dc908f00075df9f01511702a

data/.gitignore

@@ -0,0 +1,7 @@
+.bundle/
+coverage/
+
+*.gem
+*.log
+*.lock
+*.sqlite

data/.ruby-gemset

@@ -0,0 +1 @@
+rails-5.1

data/.ruby-version

@@ -0,0 +1 @@
+ruby-2.4.1

data/.travis.yml

@@ -0,0 +1,15 @@
+language: ruby
+sudo: false
+
+bundler_args: --without production
+before_install: gem update bundler --no-document
+script: 'bundle exec rake test'
+
+rvm:
+#  - 2.0.0
+#  - 2.2.3
+  - 2.3.0
+  - 2.4.1
+
+notifications:
+  email: false

data/.watchr

@@ -0,0 +1,53 @@
+HH = '#' * 22  unless defined?(HH)
+H = '#' * 5    unless defined?(H)
+
+def usage
+  puts <<-EOS
+  Ctrl-\\ or ctrl-4   Running all tests
+  Ctrl-C             Exit
+  EOS
+end
+
+def run(cmd)
+  puts "#{HH} #{Time.now} #{HH}"
+  puts "#{H} #{cmd}"
+  system "/usr/bin/time --format '#{HH} Elapsed time %E' #{cmd}"
+end
+
+def run_it(type, file)
+  case type
+  when 'test';  run %Q{ruby -I"lib:test" -rubygems #{file}}
+  when 'spec';  run %Q{rspec -X #{file}}
+  else;         puts "#{H} unknown type: #{type}, file: #{file}"
+  end
+end
+
+def run_all_tests
+  puts "\n#{HH} Running all tests #{HH}\n"
+  %w{test}.each { |dir| run "rake #{dir} RAILS_ENV=test"  if  File.exists?(dir) }
+  %w{spec}.each { |dir| run "rake #{dir} RAILS_ENV=test"  if  File.exists?(dir) }
+end
+
+def run_matching_files(base)
+  base = base.split('_').first
+  %w{test spec}.each { |type|
+    files = Dir["#{type}/**/*.rb"].select { |file| file =~ /#{base}_.*\.rb/ }
+    run_it type, files.join(' ')  unless files.empty?
+  }
+end
+
+%w{test spec}.each { |type|
+  watch("#{type}/#{type}_helper\.rb") { run_all_tests }
+  watch("#{type}/.*/*_#{type}\.rb")   { |match| run_it type, match[0] }
+}
+%w{rb erb haml slim}.each { |type|
+  watch("app/.*/.*\.#{type}") { |m|
+    run_matching_files("#{m[0].split('/').at(2).split('.').first}")
+  }
+}
+
+# Ctrl-\ or ctrl-4
+    Signal.trap('QUIT') { run_all_tests }
+# Ctrl-C
+    Signal.trap('INT')  { abort("Interrupted\n") }
+usage

data/Gemfile

@@ -0,0 +1,10 @@
+source 'https://rubygems.org'
+gemspec
+
+group :development, :test do
+  gem 'observr'
+  gem 'simplecov', require: false
+  gem 'minitest'
+  gem 'mocha'
+  gem 'sqlite3'
+end

data/MIT-LICENSE

@@ -0,0 +1,20 @@
+Copyright 2016-2017 Dittmar Krall http://matique.de
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -0,0 +1,59 @@
+Omniauth-Matique
+================
+[![Gem Version](https://badge.fury.io/rb/omniauth-matique.svg)](https://badge.fury.io/rb/omniauth-matique)
+[![Build Status](https://travis-ci.org/matique/omniauth-matique.png?branch=master)](https://travis-ci.org/matique/omniauth-matique)
+
+# OmniAuth Matique Strategy
+
+Strategy to authenticate with matique UG via OAuth2 in OmniAuth.
+
+## Installation
+
+Add to your `Gemfile`:
+
+```ruby
+gem 'omniauth-matique'
+```
+
+Then `bundle install`.
+
+## Usage
+
+Here's an example for adding the middleware to a
+Rails app (config/initializers/omniauth.rb):
+
+```ruby
+Rails.application.config.middleware.use OmniAuth::Builder do
+  provider :matique, ENV["CLIENT_ID"], ENV["CLIENT_SECRET"]
+end
+OmniAuth.config.logger = Rails.logger
+```
+
+Here's an routing example for a Rails app (config/routes.rb):
+
+```ruby
+match '/auth/:provider/callback', to: 'sessions#create', via: [:get, :post]
+get '/auth/failure', to: 'sessions#failure'
+
+get '/auth/login', to: 'sessions#new', as: :login
+get '/auth/logout', to: 'sessions#destroy', as: :logout
+```
+
+You must take care about (see also sample "app"):
+- app/controllers/sessions_controller.rb
+- config/initializers/omniauth.rb
+
+You can now access the OmniAuth Matique URL: /auth/matique
+
+
+## Credits
+
+Inspiration from the web.
+See also:
+
+- http://intridea.github.io/omniauth/
+- http://blog.joshsoftware.com/2010/12/16/multiple-applications-with-devise-omniauth-and-single-sign-on/
+- http://codetheory.in/rails-devise-omniauth-sso/
+- https://github.com/intridea/omniauth.git
+
+Copyright (c) [Dittmar Krall], released under the MIT license.

data/Rakefile

@@ -0,0 +1,11 @@
+require 'bundler/setup'
+require 'bundler/gem_tasks'
+require 'rake/testtask'
+
+Rake::TestTask.new(:test) do |t|
+  t.libs << 'test'
+  t.pattern = 'test/**/*_test.rb'
+  t.verbose = true
+end
+
+task :default => :test

data/lib/omniauth-matique.rb

@@ -0,0 +1,2 @@
+require "omniauth-matique/version"
+require 'omniauth/strategies/matique'

data/lib/omniauth-matique/version.rb

@@ -0,0 +1,5 @@
+module OmniAuth
+  module Matique
+    VERSION = '0.1.1'
+  end
+end

data/lib/omniauth/strategies/matique.rb

@@ -0,0 +1,35 @@
+require 'omniauth-oauth2'
+
+module OmniAuth
+  module Strategies
+    class Matique < OmniAuth::Strategies::OAuth2
+# AuthUrl = ENV["HEROKU_AUTH_URL"] || "https://id.heroku.com"
+#      SITE = 'https://login.matique.de'
+      SITE = 'http://localhost:3010'
+      STRATEGY = 'matique'
+
+      option :client_options, {
+	site: SITE,
+	authorize_url: "#{SITE}/auth/#{STRATEGY}/authorize",
+	token_url: "#{SITE}/auth/#{STRATEGY}/access_token"
+      }
+
+      uid { raw_info['id'] }
+
+      info do
+	{ 'email' => raw_info['email'] }
+      end
+
+      extra do
+	{ 'raw_info' => raw_info }
+      end
+
+      def raw_info
+       @raw_info ||= access_token.get(
+	 "/auth/matique/user.json?oauth_token=#{access_token.token}").
+	 parsed || {}
+      end
+
+    end
+  end
+end

data/omniauth-matique.gemspec

@@ -0,0 +1,26 @@
+lib = File.expand_path('../lib', __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require 'omniauth-matique/version'
+
+Gem::Specification.new do |s|
+  s.name          = 'omniauth-matique'
+  s.version       = OmniAuth::Matique::VERSION
+  s.summary       = 'OmniAuth strategy for matique'
+  s.description   = <<-'END'
+    Strategy to authenticate with matique UG via OAuth2 in OmniAuth.
+  END
+  s.authors       = ['Dittmar Krall']
+  s.email         = ['dittmar.krall@matique.de']
+  s.homepage      = 'https://github.com/matique/omniauth-matique'
+
+  s.license       = 'MIT'
+  s.platform      = Gem::Platform::RUBY
+
+  s.files         = `git ls-files -z`.split("\x0")
+  s.test_files    = s.files.grep(%r{^(test|spec|features)/})
+  s.require_paths = ['lib']
+
+  s.add_development_dependency 'bundler', '~> 1'
+  s.add_development_dependency 'rake', '~> 12'
+  s.add_dependency 'omniauth-oauth2', '~> 1'
+end

data/test/matique_test.rb

@@ -0,0 +1,53 @@
+require 'test_helper'
+require 'omniauth-matique'
+
+# based on omniauth-github, omniauth-clef and others
+
+describe OmniAuth::Strategies::Matique do
+  let(:strategy) { OmniAuth::Strategies::Matique.new({}) }
+  let(:over)     { OmniAuth::Strategies::Matique.new('KEY', 'SECRET',
+      client_options: {
+	site: 'S',
+	authorize_url: 'A',
+	token_url: 'T'
+      }
+    )
+  }
+
+  it 'Client has correct default client_options' do
+#    site = "https://login.matique.de"
+    site = "http://localhost:3010"
+    assert_equal "#{site}", strategy.client.site
+    assert_equal "#{site}/auth/matique/authorize",
+	strategy.client.options[:authorize_url]
+    assert_equal "#{site}/auth/matique/access_token",
+	strategy.client.options[:token_url]
+  end
+
+  it "client options should be overwritable" do
+    assert_equal 'S', over.options.client_options.site
+    assert_equal 'A', over.options.client_options.authorize_url
+    assert_equal 'T', over.options.client_options.token_url
+  end
+
+  describe 'raw_info' do
+    def setup
+      super
+      @raw_info ||= {
+	'email' => 'test@example.com',
+	'id' => '123'
+      }
+      strategy.stubs(:raw_info).returns(@raw_info)
+    end
+
+    it 'uid returns the id from raw_info' do
+      assert_equal '123', strategy.uid
+    end
+
+    it 'access email from the raw_info' do
+      assert_equal 'test@example.com', strategy.info['email']
+     # coverage
+      refute_nil strategy.extra['raw_info']
+    end
+  end
+end

data/test/oauth2strategy_test.rb

@@ -0,0 +1,92 @@
+# adapted from gem omniauth-facebook/omniauth-clef
+
+require 'test_helper'
+
+describe OmniAuth::Strategies do
+
+  def setup
+    @request = stub('Request')
+    @request.stubs(:params).returns({})
+    @request.stubs(:cookies).returns({})
+    @request.stubs(:env).returns({})
+
+    @client_id = '123'
+    @client_secret = '53cr3tz'
+  end
+
+  def strategy
+    @strategy ||= begin
+      args = [@client_id, @client_secret, @options].compact
+      OmniAuth::Strategies::Matique.new(nil, *args).tap do |strategy|
+	strategy.stubs(:request).returns(@request)
+      end
+    end
+  end
+
+  describe "ClientTests" do
+    it 'should be initialized with symbolized client_options' do
+      @options = { client_options: { 'authorize_url' => 'https://example.com' } }
+      assert_equal 'https://example.com',
+	strategy.client.options[:authorize_url]
+    end
+  end
+
+  describe "AuthorizeParamsTests" do
+    it 'should include any authorize params passed in the :authorize_params option' do
+      @options = { :authorize_params => { :foo => 'bar', :baz => 'zip' } }
+      assert_equal 'bar', strategy.authorize_params['foo']
+      assert_equal 'zip', strategy.authorize_params['baz']
+    end
+
+    it 'should include top-level options that are marked as :authorize_options' do
+      @options = { :authorize_options => [:scope, :foo], :scope => 'bar', :foo => 'baz' }
+      assert_equal 'bar', strategy.authorize_params['scope']
+      assert_equal 'baz', strategy.authorize_params['foo']
+    end
+    
+    it 'should exclude top-level options that are not passed' do
+      @options = { :authorize_options => [:bar] }
+      refute_has_key :bar, strategy.authorize_params
+      refute_has_key 'bar', strategy.authorize_params
+    end
+  end
+
+  describe "CSRFAuthorizeParamsTests" do
+    it 'should store random state in the session when none is present in authorize or request params' do
+      assert_includes strategy.authorize_params.keys, 'state'
+      refute_empty strategy.authorize_params['state']
+      refute_empty strategy.session['omniauth.state']
+      assert_equal strategy.authorize_params['state'], strategy.session['omniauth.state']
+    end
+
+    it 'should not store state in the session when present in authorize params vs. a random one' do
+      @options = { :authorize_params => { :state => 'bar' } }
+      refute_empty strategy.authorize_params['state']
+      refute_equal 'bar', strategy.authorize_params[:state]
+      refute_empty strategy.session['omniauth.state']
+      refute_equal 'bar', strategy.session['omniauth.state']
+    end
+
+    it 'should not store state in the session when present in request params vs. a random one' do
+      @request.stubs(:params).returns({ 'state' => 'foo' })
+      refute_empty strategy.authorize_params['state']
+      refute_equal 'foo', strategy.authorize_params[:state]
+      refute_empty strategy.session['omniauth.state']
+      refute_equal 'foo', strategy.session['omniauth.state']
+    end
+  end
+
+  describe "TokenParamsTests" do
+    it 'should include any authorize params passed in the :token_params option' do
+      @options = { :token_params => { :foo => 'bar', :baz => 'zip' } }
+      assert_equal 'bar', strategy.token_params['foo']
+      assert_equal 'zip', strategy.token_params['baz']
+    end
+
+    it 'should include top-level options that are marked as :token_options' do
+      @options = { :token_options => [:scope, :foo], :scope => 'bar', :foo => 'baz' }
+      assert_equal 'bar', strategy.token_params['scope']
+      assert_equal 'baz', strategy.token_params['foo']
+    end
+  end
+end

data/test/raw_info_test.rb

@@ -0,0 +1,41 @@
+# inspired by omniauth-github, omniauth-clef and others
+
+require 'test_helper'
+require 'omniauth-matique'
+
+describe OmniAuth::Strategies::Matique, 'raw_info test' do
+  let(:strategy)     { OmniAuth::Strategies::Matique.new({}) }
+  let(:access_token) { stub('OAuth2::AccessToken') }
+  let(:get_param)    { '/auth/matique/user.json?oauth_token=123' }
+
+  def setup
+    super
+    strategy.stubs(:access_token).returns(access_token)
+    access_token.stubs(:token).returns(123)
+  end
+
+  it 'performs a GET to https://...' do
+    access_token.expects(:get).with(get_param).
+      returns(stub_everything('OAuth2::Response'))
+    strategy.raw_info
+  end
+
+  it 'returns a Hash' do
+    raw_response = stub('Faraday::Response')
+    raw_response.stubs(:body).returns('{ "ohai": "thar" }')
+    raw_response.stubs(:status).returns(200)
+    raw_response.stubs(:headers).returns({'Content-Type' => 'application/json' })
+    oauth2_response = OAuth2::Response.new(raw_response)
+    access_token.stubs(:get).with(get_param).returns(oauth2_response)
+    assert_kind_of Hash, strategy.raw_info
+    assert_equal 'thar', strategy.raw_info['ohai']
+  end
+
+  it 'returns an empty hash when the response is false' do
+    oauth2_response = stub('OAuth2::Response', :parsed => false)
+    access_token.stubs(:get).with(get_param).returns(oauth2_response)
+    access_token.stubs(:get).with(get_param).returns(oauth2_response)
+    assert_kind_of Hash, strategy.raw_info
+  end
+
+end

data/test/test_helper.rb

@@ -0,0 +1,19 @@
+require 'simplecov'
+SimpleCov.start
+
+require 'bundler/setup'
+require 'minitest/autorun'
+require 'mocha/setup'
+require 'omniauth/strategies/matique'
+
+OmniAuth.config.test_mode = true
+
+def assert_has_key(key, hash, msg = nil)
+  msg = message(msg) { "Expected #{hash.inspect} to have key #{key.inspect}" }
+  assert hash.has_key?(key), msg
+end
+
+def refute_has_key(key, hash, msg = nil)
+  msg = message(msg) { "Expected #{hash.inspect} not to have key #{key.inspect}" }
+  refute hash.has_key?(key), msg
+end

metadata

@@ -0,0 +1,107 @@
+--- !ruby/object:Gem::Specification
+name: omniauth-matique
+version: !ruby/object:Gem::Version
+  version: 0.1.1
+platform: ruby
+authors:
+- Dittmar Krall
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2017-08-30 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '12'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '12'
+- !ruby/object:Gem::Dependency
+  name: omniauth-oauth2
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1'
+description: "    Strategy to authenticate with matique UG via OAuth2 in OmniAuth.\n"
+email:
+- dittmar.krall@matique.de
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- ".gitignore"
+- ".ruby-gemset"
+- ".ruby-version"
+- ".travis.yml"
+- ".watchr"
+- Gemfile
+- MIT-LICENSE
+- README.md
+- Rakefile
+- lib/omniauth-matique.rb
+- lib/omniauth-matique/version.rb
+- lib/omniauth/strategies/matique.rb
+- omniauth-matique.gemspec
+- test/matique_test.rb
+- test/oauth2strategy_test.rb
+- test/raw_info_test.rb
+- test/test_helper.rb
+homepage: https://github.com/matique/omniauth-matique
+licenses:
+- MIT
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.6.12
+signing_key: 
+specification_version: 4
+summary: OmniAuth strategy for matique
+test_files:
+- test/matique_test.rb
+- test/oauth2strategy_test.rb
+- test/raw_info_test.rb
+- test/test_helper.rb