omniauth-mixin 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml ADDED
@@ -0,0 +1,7 @@
1
+ ---
2
+ SHA256:
3
+ metadata.gz: ae416877ae5adbc3caa01a07735133f4594fa480320d06b0c8e4f2500b09c2d6
4
+ data.tar.gz: b71d2bf24f520a7435cde90f1489292050adcfee2a922b426c36482a660472c2
5
+ SHA512:
6
+ metadata.gz: 178808a26b48feb8e95a1b5a7f23c69a2c56b8cf0c95890aca4457a98f99f63bb03b5c64c5fcc2dedd39608f194b50b517b18e7014561995d87ff613b4c6fadc
7
+ data.tar.gz: '094b8e4d23d32de702bfc9a65c2e53ffd3e3218518754abf7d93d1526b5a8f572a0ff2941f9f323c5b48e7cee7c94f027ad55776661fe2d4ed2eea641be5381c'
data/LICENSE.txt ADDED
@@ -0,0 +1,21 @@
1
+ The MIT License (MIT)
2
+
3
+ Copyright (c) 2025 an-lee
4
+
5
+ Permission is hereby granted, free of charge, to any person obtaining a copy
6
+ of this software and associated documentation files (the "Software"), to deal
7
+ in the Software without restriction, including without limitation the rights
8
+ to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
9
+ copies of the Software, and to permit persons to whom the Software is
10
+ furnished to do so, subject to the following conditions:
11
+
12
+ The above copyright notice and this permission notice shall be included in
13
+ all copies or substantial portions of the Software.
14
+
15
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16
+ IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17
+ FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18
+ AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19
+ LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20
+ OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
21
+ THE SOFTWARE.
data/README.md ADDED
@@ -0,0 +1,65 @@
1
+ # Omniauth::Mixin
2
+
3
+ OmniAuth OAuth2 strategy for Mixin authentication.
4
+
5
+ ## Installation
6
+
7
+ Add this line to your application's Gemfile:
8
+
9
+ ```ruby
10
+ gem 'omniauth-mixin'
11
+ ```
12
+
13
+ And then execute:
14
+
15
+ ```bash
16
+ bundle install
17
+ ```
18
+
19
+ ## Usage
20
+
21
+ ```ruby
22
+ use OmniAuth::Builder do
23
+ provider :mixin, ENV['MIXIN_CLIENT_ID'], ENV['MIXIN_CLIENT_SECRET']
24
+ end
25
+ ```
26
+
27
+ ## Configuration
28
+
29
+ You need to register your application in Mixin Developer Dashboard to get the client ID and client secret.
30
+
31
+ Required parameters:
32
+
33
+ - `client_id`: Your Mixin application's client ID
34
+ - `client_secret`: Your Mixin application's client secret
35
+
36
+ ### Auth Hash
37
+
38
+ Here's an example of the Auth Hash available in `request.env['omniauth.auth']`:
39
+
40
+ ```ruby
41
+ {
42
+ "provider"=>"mixin",
43
+ "uid"=>"1234567890",
44
+ "info"=>{"name"=>"John Doe", "email"=>"john.doe@example.com", "nickname"=>"john_doe"},
45
+ "extra"=>{"raw_info"=>{"user_id"=>"1234567890", "full_name"=>"John Doe", "identity_number"=>"1234567890", "avatar_url"=>"https://example.com/avatar.png"}}
46
+ }
47
+ ```
48
+
49
+ ## Development
50
+
51
+ After checking out the repo, run `bin/setup` to install dependencies. Then, run `rake test` to run the tests. You can also run `bin/console` for an interactive prompt that will allow you to experiment.
52
+
53
+ To install this gem onto your local machine, run `bundle exec rake install`. To release a new version, update the version number in `version.rb`, and then run `bundle exec rake release`, which will create a git tag for the version, push git commits and the created tag, and push the `.gem` file to [rubygems.org](https://rubygems.org).
54
+
55
+ ## Contributing
56
+
57
+ Bug reports and pull requests are welcome on GitHub at <https://github.com/an-lee/omniauth-mixin>. This project is intended to be a safe, welcoming space for collaboration, and contributors are expected to adhere to the [code of conduct](https://github.com/an-lee/omniauth-mixin/blob/main/CODE_OF_CONDUCT.md).
58
+
59
+ ## License
60
+
61
+ The gem is available as open source under the terms of the [MIT License](https://opensource.org/licenses/MIT).
62
+
63
+ ## Code of Conduct
64
+
65
+ Everyone interacting in the Omniauth::Mixin project's codebases, issue trackers, chat rooms and mailing lists is expected to follow the [code of conduct](https://github.com/an-lee/omniauth-mixin/blob/main/CODE_OF_CONDUCT.md).
@@ -0,0 +1,34 @@
1
+ # frozen_string_literal: true
2
+
3
+ # OmniAuth strategy for Mixin authentication
4
+ # Provides OAuth2 based authentication for Mixin Network
5
+ module OmniAuth
6
+ # Mixin module for OmniAuth
7
+ module Mixin
8
+ # Configuration class for OmniAuth Mixin strategy
9
+ # Handles customizable options for the authentication process
10
+ class Configuration
11
+ attr_accessor :scope, :prompt, :state_handler
12
+
13
+ def initialize
14
+ @scope = "PROFILE:READ"
15
+ @prompt = nil
16
+ @state_handler = -> { SecureRandom.hex(16) }
17
+ end
18
+ end
19
+
20
+ class << self
21
+ def configuration
22
+ Thread.current[:omniauth_mixin_configuration] ||= Configuration.new
23
+ end
24
+
25
+ def configure
26
+ yield(configuration)
27
+ end
28
+
29
+ def reset_configuration!
30
+ Thread.current[:omniauth_mixin_configuration] = nil
31
+ end
32
+ end
33
+ end
34
+ end
@@ -0,0 +1,7 @@
1
+ # frozen_string_literal: true
2
+
3
+ module Omniauth
4
+ module Mixin
5
+ VERSION = "0.1.0"
6
+ end
7
+ end
@@ -0,0 +1,12 @@
1
+ # frozen_string_literal: true
2
+
3
+ require_relative "mixin/version"
4
+ require "omniauth/strategies/mixin"
5
+ require "omniauth/strategies/mixin/client"
6
+ require "omniauth/mixin/configuration"
7
+
8
+ module Omniauth
9
+ module Mixin
10
+ class Error < StandardError; end
11
+ end
12
+ end
@@ -0,0 +1,47 @@
1
+ # frozen_string_literal: true
2
+
3
+ require "omniauth-oauth2"
4
+ require "json"
5
+
6
+ module OmniAuth
7
+ module Strategies
8
+ class Mixin
9
+ # OAuth2 client implementation for Mixin Network authentication.
10
+ # Handles token exchange and API communication with Mixin endpoints.
11
+ class Client < ::OAuth2::Client
12
+ def get_token(params, access_token_opts = {}, _extract_access_token = nil)
13
+ response = request(:post, token_url, token_params(params))
14
+ parsed = JSON.parse(response.body)
15
+
16
+ if parsed["error"]
17
+ error = parsed["error"]
18
+ raise ::OAuth2::Error,
19
+ "Mixin API Error: #{error["description"]} (Status: #{error["status"]}, Code: #{error["code"]})"
20
+ end
21
+
22
+ token_data = parsed["data"]
23
+ raise ::OAuth2::Error, "Invalid response format from Mixin API: missing data field" unless token_data
24
+
25
+ ::OAuth2::AccessToken.new(
26
+ self,
27
+ token_data["access_token"],
28
+ {
29
+ refresh_token: token_data["refresh_token"],
30
+ expires_in: token_data["expires_in"],
31
+ token_type: token_data["token_type"] || "Bearer"
32
+ }.merge(access_token_opts)
33
+ )
34
+ end
35
+
36
+ private
37
+
38
+ def token_params(params)
39
+ {
40
+ headers: { "Content-Type" => "application/json" },
41
+ body: params.to_json
42
+ }
43
+ end
44
+ end
45
+ end
46
+ end
47
+ end
@@ -0,0 +1,137 @@
1
+ # frozen_string_literal: true
2
+
3
+ require "omniauth-oauth2"
4
+ require "json"
5
+ require "uri"
6
+ require "securerandom"
7
+
8
+ module OmniAuth
9
+ module Strategies
10
+ # OmniAuth strategy for authenticating with Mixin using OAuth2
11
+ class Mixin < OmniAuth::Strategies::OAuth2
12
+ option :name, "mixin"
13
+
14
+ option :client_options, {
15
+ site: "https://api.mixin.one",
16
+ authorize_url: "https://mixin.one/oauth/authorize",
17
+ token_url: "https://api.mixin.one/oauth/token"
18
+ }
19
+
20
+ uid { raw_info&.dig("user_id") }
21
+
22
+ info do
23
+ {
24
+ name: raw_info["full_name"],
25
+ email: raw_info["identity_number"],
26
+ nickname: raw_info["full_name"],
27
+ avatar: raw_info["avatar_url"]
28
+ }
29
+ end
30
+
31
+ extra do
32
+ {
33
+ raw_info: raw_info
34
+ }
35
+ end
36
+
37
+ credentials do
38
+ hash = {
39
+ "token" => access_token.token
40
+ }
41
+ hash["refresh_token"] = access_token.refresh_token if access_token.refresh_token
42
+ hash["expires_at"] = access_token.expires_at if access_token.expires_at
43
+ hash["expires"] = access_token.expires?
44
+ hash["scope"] = access_token.params["scope"] || options[:scope] || OmniAuth::Mixin.configuration.scope
45
+ hash
46
+ end
47
+
48
+ def build_access_token
49
+ verifier = request.params["code"]
50
+ client.get_token(
51
+ {
52
+ client_id: options.client_id,
53
+ client_secret: options.client_secret,
54
+ code: verifier,
55
+ grant_type: "authorization_code",
56
+ redirect_uri: callback_url
57
+ }
58
+ )
59
+ rescue ::OAuth2::Error => e
60
+ raise e # Simply re-raise the error for testing purposes
61
+ rescue StandardError => e
62
+ raise ::OAuth2::Error, e.message
63
+ end
64
+
65
+ def raw_info
66
+ @raw_info ||= begin
67
+ response = access_token.get("/me")
68
+ parse_nested_response(response)
69
+ rescue ::OAuth2::Error, JSON::ParserError => e
70
+ handle_raw_info_error(e)
71
+ end
72
+ end
73
+
74
+ # Override callback_url to use modern URI parsing
75
+ def callback_url
76
+ full_host + callback_path
77
+ end
78
+
79
+ def client
80
+ @client ||= ::OmniAuth::Strategies::Mixin::Client.new(
81
+ options.client_id,
82
+ options.client_secret,
83
+ deep_symbolize(options.client_options).merge(
84
+ connection_opts: {
85
+ request: { timeout: 5, open_timeout: 2 }
86
+ }
87
+ )
88
+ )
89
+ end
90
+
91
+ def valid_request?
92
+ return false unless request.params["state"]
93
+ return false unless session["omniauth.state"]
94
+
95
+ request.params["state"] == session["omniauth.state"]
96
+ end
97
+
98
+ def authorize_params
99
+ super.tap do |params|
100
+ params[:state] = SecureRandom.hex(16)
101
+ session["omniauth.state"] = params[:state]
102
+ end
103
+ end
104
+
105
+ private
106
+
107
+ def full_host
108
+ uri = URI.parse(request.url)
109
+ uri.path = ""
110
+ uri.query = nil
111
+ uri.fragment = nil
112
+ uri.to_s
113
+ end
114
+
115
+ def parse_nested_response(response)
116
+ parsed = JSON.parse(response.body)
117
+ parsed["data"] || {}
118
+ end
119
+
120
+ def handle_token_error(error)
121
+ error_hash = error.response.is_a?(Hash) ? error.response : JSON.parse(error.response.body)
122
+ fail!(:invalid_credentials, error_hash)
123
+ end
124
+
125
+ def handle_raw_info_error(error)
126
+ log(:error, "Failed to get user info: #{error.message}")
127
+ nil
128
+ end
129
+
130
+ def deep_symbolize(hash)
131
+ hash.each_with_object({}) do |(key, value), result|
132
+ result[key.to_sym] = value.is_a?(Hash) ? deep_symbolize(value) : value
133
+ end
134
+ end
135
+ end
136
+ end
137
+ end
metadata ADDED
@@ -0,0 +1,82 @@
1
+ --- !ruby/object:Gem::Specification
2
+ name: omniauth-mixin
3
+ version: !ruby/object:Gem::Version
4
+ version: 0.1.0
5
+ platform: ruby
6
+ authors:
7
+ - an-lee
8
+ autorequire:
9
+ bindir: exe
10
+ cert_chain: []
11
+ date: 2025-02-16 00:00:00.000000000 Z
12
+ dependencies:
13
+ - !ruby/object:Gem::Dependency
14
+ name: omniauth
15
+ requirement: !ruby/object:Gem::Requirement
16
+ requirements:
17
+ - - "~>"
18
+ - !ruby/object:Gem::Version
19
+ version: '2.0'
20
+ type: :runtime
21
+ prerelease: false
22
+ version_requirements: !ruby/object:Gem::Requirement
23
+ requirements:
24
+ - - "~>"
25
+ - !ruby/object:Gem::Version
26
+ version: '2.0'
27
+ - !ruby/object:Gem::Dependency
28
+ name: omniauth-oauth2
29
+ requirement: !ruby/object:Gem::Requirement
30
+ requirements:
31
+ - - "~>"
32
+ - !ruby/object:Gem::Version
33
+ version: '1.8'
34
+ type: :runtime
35
+ prerelease: false
36
+ version_requirements: !ruby/object:Gem::Requirement
37
+ requirements:
38
+ - - "~>"
39
+ - !ruby/object:Gem::Version
40
+ version: '1.8'
41
+ description: A Ruby gem for OmniAuth OAuth2 strategy for Mixin authentication
42
+ email:
43
+ - an.lee.work@gmail.com
44
+ executables: []
45
+ extensions: []
46
+ extra_rdoc_files: []
47
+ files:
48
+ - LICENSE.txt
49
+ - README.md
50
+ - lib/omniauth/mixin.rb
51
+ - lib/omniauth/mixin/configuration.rb
52
+ - lib/omniauth/mixin/version.rb
53
+ - lib/omniauth/strategies/mixin.rb
54
+ - lib/omniauth/strategies/mixin/client.rb
55
+ homepage: https://github.com/an-lee/omniauth-mixin
56
+ licenses:
57
+ - MIT
58
+ metadata:
59
+ homepage_uri: https://github.com/an-lee/omniauth-mixin
60
+ source_code_uri: https://github.com/an-lee/omniauth-mixin
61
+ changelog_uri: https://github.com/an-lee/omniauth-mixin/blob/main/CHANGELOG.md
62
+ rubygems_mfa_required: 'true'
63
+ post_install_message:
64
+ rdoc_options: []
65
+ require_paths:
66
+ - lib
67
+ required_ruby_version: !ruby/object:Gem::Requirement
68
+ requirements:
69
+ - - ">="
70
+ - !ruby/object:Gem::Version
71
+ version: 3.0.0
72
+ required_rubygems_version: !ruby/object:Gem::Requirement
73
+ requirements:
74
+ - - ">="
75
+ - !ruby/object:Gem::Version
76
+ version: '0'
77
+ requirements: []
78
+ rubygems_version: 3.5.20
79
+ signing_key:
80
+ specification_version: 4
81
+ summary: OmniAuth OAuth2 strategy for Mixin
82
+ test_files: []