omniauth-mydigipass 1.0.0 → 1.1.0

Sign up to get free protection for your applications and to get access to all the features.
data/.gitignore CHANGED
@@ -16,3 +16,5 @@ test/tmp
16
16
  test/version_tmp
17
17
  tmp
18
18
  .idea
19
+ .rvmrc
20
+ .ruby-version
data/Gemfile CHANGED
@@ -1,5 +1,4 @@
1
1
  source 'http://rubygems.org'
2
2
 
3
3
  # Specify your gem's dependencies in omniauth-mydigipass.gemspec
4
- gemspec
5
-
4
+ gemspec
data/README.md CHANGED
@@ -1,82 +1,191 @@
1
- # OmniAuth Mydigipass.com
1
+ # OmniAuth Mydigipass
2
2
 
3
3
  This is an OmniAuth strategy for authenticating with MYDIGIPASS.COM.
4
4
 
5
5
  If you want to integrate your website with MYDIGIPASS.COM, you will need to
6
- sign up on http://developer.mydigipass.com and connect your site there.
7
- There you will get a `client_id` and `client_secret` you need to fill in here.
6
+ sign up on [developer.mydigipass.com](http://developer.mydigipass.com) and
7
+ connect your site there. Then you will get a `client_id` and `client_secret`
8
+ you need to fill in here.
9
+
10
+ It is recommended to use the OAuth `state` parameter to prevent CSRF
11
+ attacks. Omniauth actually enables this behaviour by default. Usage of the
12
+ state parameter is illustrated in the example app.
8
13
 
9
14
 
10
15
  ## Basic Usage
11
16
 
12
- If you are testing your application in the sandbox environment, write
17
+ If you are testing your application in the sandbox environment, initialize
18
+ the strategy as follows:
13
19
 
14
- use OmniAuth::Builder do
15
- provider :mydigipass, ENV['MYDIGIPASS_CLIENT_ID'], ENV['MYDIGIPASS_CLIENT_SECRET'],
16
- :client_options => OmniAuth::Strategies::Mydigipass.default_client_urls(:sandbox => true)
17
- end
20
+ ```ruby
21
+ use OmniAuth::Builder do
22
+ provider :mydigipass, ENV['MYDIGIPASS_CLIENT_ID'], ENV['MYDIGIPASS_CLIENT_SECRET'],
23
+ :client_options => OmniAuth::Strategies::Mydigipass.default_client_urls(:sandbox => true)
24
+ end
25
+ ```
18
26
 
19
27
  Once your application goes in production, you can just write:
20
28
 
21
- use OmniAuth::Builder do
22
- provider :mydigipass, ENV['MYDIGIPASS_CLIENT_ID'], ENV['MYDIGIPASS_CLIENT_SECRET']
23
- end
29
+ ```ruby
30
+ use OmniAuth::Builder do
31
+ provider :mydigipass, ENV['MYDIGIPASS_CLIENT_ID'], ENV['MYDIGIPASS_CLIENT_SECRET']
32
+ end
33
+ ```
24
34
 
25
- ## Example Application
26
35
 
27
- I have added a small working example application, check it out how it should work. To integrate into rails you should
36
+ ## Example Integrating with Rails
28
37
 
29
- * add the
38
+ Add an initializer `mydigipass.rb` containing your application specific configuration:
30
39
 
31
- ## Example Integrating with Rails
40
+ ```ruby
41
+ # MYDIGIPASS.COM OAuth configuration
42
+
43
+ MDP_JS_SRC="https://static.mydigipass.com/en/dp_connect.js"
44
+
45
+ if Rails.env.production?
46
+ MDP_CLIENT_ID="<your-production-client-id>"
47
+ MDP_CLIENT_SECRET="<your-production-client-secret>"
48
+ MDP_CALLBACK_URL="<your-production-base-url>/auth/mydigipass/callback"
49
+ MDP_ORIGIN="https://www.mydigipass.com"
50
+ else
51
+ MDP_CLIENT_ID="<your-sandbox-client-id>"
52
+ MDP_CLIENT_SECRET="<your-sandbox-client-secret>"
53
+ MDP_CALLBACK_URL="http://localhost:3000/auth/mydigipass/callback"
54
+ MDP_ORIGIN="https://sandbox.mydigipass.com"
55
+ end
56
+ ```
32
57
 
33
58
  Inside your `config/application.rb` add the following (e.g. at the bottom, inside the configuration block) :
34
59
 
35
- # enable omniauth strategies
36
- Rails.application.config.middleware.use OmniAuth::Builder do
37
- provider :mydigipass, APP_CONFIG[:client_id], APP_CONFIG[:client_secret]
38
- end
60
+ ```ruby
61
+ # enable omniauth strategies
62
+ Rails.application.config.middleware.use OmniAuth::Builder do
63
+ if Rails.env.production?
64
+ provider :mydigipass, MDP_CLIENT_ID, MDP_CLIENT_SECRET
65
+ else
66
+ provider :mydigipass, MDP_CLIENT_ID, MDP_CLIENT_SECRET,
67
+ :client_options => OmniAuth::Strategies::Mydigipass.default_client_urls(:sandbox => true)
68
+ end
69
+ end
70
+ ```
39
71
 
40
72
  And then you just have to make sure you have something listening at `/auth/:provider/callback`.
41
73
  Suppose you add the following routes:
42
74
 
43
- match '/auth/:provider/callback', :to => 'home#auth_create'
44
- match '/auth/failure', :to => 'home#auth_failure'
75
+ ```ruby
76
+ match '/auth/:provider/callback', :to => 'home#auth_create'
77
+ match '/auth/failure', :to => 'home#auth_failure'
78
+ ```
79
+
80
+
81
+ ### Rendering the button
82
+
83
+ On the login page and/or signup page, you can show the MYDIGIPASS.COM button
84
+ as follows:
85
+
86
+ ```ruby
87
+ = link_to("connect with mydigipass.com", "#", :class => "dpplus-connect",
88
+ :"data-origin" => MDP_ORIGIN,
89
+ :"data-client-id" => MDP_CLIENT_ID,
90
+ :"data-redirect-uri" => MDP_CALLBACK_URL,
91
+ :"data-state" => @state)
92
+ ```
93
+
94
+ and also include the `dp_connect.js` Javascript file:
95
+
96
+ ```ruby
97
+ %script{:type => 'text/javascript', :src => MDP_JS_SRC}
98
+ ```
99
+
100
+ Since you can potentially link a MYDIGIPASS.COM account to an
101
+ existing account on your site, you have to protect against CSRF attacks.
102
+ For this reason, every time you render a view with the above link,
103
+ you have to generate a new random CSRF-protection `state` token.
104
+ This token must be stored in two places:
105
+
106
+ 1. in the `data-state` attribute of the link itself (see above code),
107
+ 2. in the `omniauth.state` session variable.
108
+
109
+ To generate a suitable token, you can put the following code in the
110
+ controller action or even in the view itself:
111
+
112
+ ```ruby
113
+ @state = session['omniauth.state'] = SecureRandom.hex(24)
114
+ ```
115
+
116
+ When Omniauth is processing the OAuth call, it will compare the
117
+ `state` parameter passed back in by MIDIGPASS.COM to the `omniauth.state`
118
+ parameter stored in the user's session. If the tokens do not match, Omniauth
119
+ will conclude that the authentication was originally initiated in another
120
+ browser session and abort the remainder of the flow.
121
+
122
+ > Note: If you use the `state` parameter for CSRF protection, you must
123
+ > register a separate autoconnect URL (which is usually the URL of the
124
+ > login page of your application) with MYDIGIPASS.COM to enable users to
125
+ > sign in from our launchpad.
126
+
127
+
128
+ ### Handling the callback
129
+
130
+ To handle the actual callback, you can use something like the following
131
+ `auth_create` implementation inside your `HomeController`:
132
+
133
+ ```ruby
134
+ def auth_failure
135
+ set_flash_message(:notice, "OAuth error: #{params[:message]}")
136
+ redirect_to root_path
137
+ end
138
+
139
+ def auth_create
140
+ user = User.find_or_create_from_auth_hash(request.env['omniauth.auth'].with_indifferent_access)
141
+ logger.debug "Found or created user: #{user.email} [#{user.id}]"
142
+ if user.sign_in_count == 0
143
+ set_flash_message(:notice, "Welcome #{user.email}, thank you for signing up using your dP+ account!")
144
+ else
145
+ set_flash_message(:notice, "Succesfully logged in!")
146
+ end
147
+ sign_in(:user, user, :bypass => true)
148
+ redirect_to dashboard_path
149
+ end
150
+ ```
151
+
152
+ When a user signs in through MYDIGIPASS.COM, it could be a new user
153
+ (signing up), or an existing user. The function `find_or_create_from_auth_hash`
154
+ handles that for me:
155
+
156
+ ```ruby
157
+ def self.find_or_create_from_auth_hash(auth_hash)
158
+ logger.debug "User.find_or_create_from_auth_hash: auth_hash = #{auth_hash.inspect} "
159
+ received_uuid = auth_hash[:extra][:raw_info][:uuid]
160
+ received_email = auth_hash[:extra][:raw_info][:email]
161
+
162
+ user = User.find_by_uuid(received_uuid) || User.find_by_email(received_email)
163
+ user = user.nil? ? create_from_auth_hash(received_uuid, received_email) : prevent_login_with_normal_password(user, received_uuid)
164
+ end
165
+ ```
166
+
167
+ I try to find the user, by `uuid` or `email`. If I find the user by `uuid`,
168
+ she has logged on before with MYDIGIPASS.COM If I find a matching mail,
169
+ link the uuid to that user. If I do not find a user, create one with the
170
+ given `email` and `uuid`. I also made sure that users can then only login
171
+ with their MYDIGIPASS.COM and no longer normally, but that is optional
172
+ of course.
45
173
 
46
- Then, inside your `HomeController` you could write:
47
174
 
48
- def auth_failure
49
- set_flash_message(:notice, "OAuth error: #{params[:message]}")
50
- redirect_to root_path
51
- end
175
+ ## Example Application
52
176
 
53
- def auth_create
54
- user = User.find_or_create_from_auth_hash(request.env['omniauth.auth'].with_indifferent_access)
55
- logger.debug "Found or created user: #{user.email} [#{user.id}]"
56
- if user.sign_in_count == 0
57
- set_flash_message(:notice, "Welcome #{user.email}, thank you for signing up using your dP+ account!")
58
- else
59
- set_flash_message(:notice, "Succesfully logged in!")
60
- end
61
- sign_in(:user, user, :bypass => true)
62
- redirect_to dashboard_path
63
- end
177
+ I have added a small working example application, using Sinatra. Check it out
178
+ in the `example` folder. To make it work just type `rackup` in the folder.
64
179
 
65
- When a user signs in through MYDIGIPASS.COM, it could be a new user (signing up), or an existing user.
66
- The function `find_or_create_from_auth_hash` handles that for me:
180
+ Aside from signing in with MYDIGIPASS.COM, the example application also
181
+ shows how to use the Connect API through a simple HTTParty wrapper that can
182
+ be found in `lib/mydigipass/connect_api.rb`.
67
183
 
68
- def self.from_auth_hash(auth_hash)
69
- logger.debug "User.from_auth_hash: auth_hash = #{auth_hash.inspect} "
70
- received_uuid = auth_hash[:extra][:raw_info][:uuid]
71
- received_email = auth_hash[:extra][:raw_info][:email]
184
+ The Connect API and its purpose is described in more detail in the
185
+ [MDP Developer documentation](https://developer.mydigipass.com/).
72
186
 
73
- user = User.find_by_uuid(received_uuid) || User.find_by_email(received_email)
74
- user = user.nil? ? create_from_auth_hash(received_uuid, received_email) : prevent_login_with_normal_password(user, received_uuid)
75
- end
187
+ Hope this helps.
76
188
 
77
- I try to find the user, by `uuid` or `email`. If I find the user by `uuid`, she has logged on before with MYDIGIPASS.COM
78
- If I find a matching mail, link the uuid to that user. If I do not find a user, create one with the given `email` and `uuid`.
79
- I also made sure that users can then only login with their MYDIGIPASS.COM and no longer normally, but that is optional of course.
80
189
 
81
190
  ## License
82
191
 
@@ -86,4 +195,4 @@ Permission is hereby granted, free of charge, to any person obtaining a copy of
86
195
 
87
196
  The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
88
197
 
89
- THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
198
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
data/example/config.ru CHANGED
@@ -2,33 +2,61 @@ require 'bundler/setup'
2
2
  require 'sinatra'
3
3
  require 'omniauth'
4
4
  require 'omniauth-mydigipass'
5
+ require 'mydigipass'
5
6
 
7
+ # Replace these with your own credentials.
8
+ CLIENT_ID = '5o67b0giz20pttdcjenjtyyj5'
9
+ CLIENT_SECRET = '39fcfebcwfegu1sqedxq8f8vt'
10
+
11
+ OMNIAUTH_CLIENT_OPTIONS = OmniAuth::Strategies::Mydigipass.default_client_urls(:sandbox => true)
12
+ CONNECT_API_OPTIONS = { :client_id => CLIENT_ID, :client_secret => CLIENT_SECRET, :sandbox => true }
6
13
 
7
14
  class App < Sinatra::Base
8
15
  get '/' do
9
- content_type 'text/html'
10
- <<-HTML
11
- <h1>Test OAuth2 with MYDIGIPASS.COM</h1>
12
- <script type="text/javascript" src="https://sandbox.mydigipass.com/dp_connect.js"></script>
13
- <a class="dpplus-connect" data-client-id="2z4z3zn6ezuov82e4dfu73q3z" data-redirect-uri="http://localhost:3002/auth/mydigipass/callback" href="#">connect with mydigipass.com</a>
14
- HTML
16
+ @auth = session['auth']
17
+ if @auth.nil?
18
+ redirect '/signin'
19
+ else
20
+ @users = Mydigipass::ConnectApi.new(CONNECT_API_OPTIONS).all_connected
21
+ erb :index
22
+ end
23
+ end
24
+
25
+ get '/signin' do
26
+ @state = session['omniauth.state'] = SecureRandom.hex(24)
27
+ erb :signin
28
+ end
29
+
30
+ get '/signout' do
31
+ session['auth'] = nil
32
+ redirect '/signin'
15
33
  end
16
34
 
17
35
  get '/auth/:name/callback' do
18
- @auth = request.env['omniauth.auth']
19
- erb :callback
36
+ session['auth'] = request.env['omniauth.auth']
37
+ redirect '/'
20
38
  end
21
39
 
22
40
  get '/auth/failure' do
41
+ session['auth'] = nil
23
42
  @request = request
24
43
  erb :failure
25
44
  end
45
+
46
+ get '/connect/:uuid' do
47
+ Mydigipass::ConnectApi.new(CONNECT_API_OPTIONS).connected(params[:uuid])
48
+ redirect '/'
49
+ end
50
+
51
+ get '/disconnect/:uuid' do
52
+ Mydigipass::ConnectApi.new(CONNECT_API_OPTIONS).disconnected(params[:uuid])
53
+ redirect '/'
54
+ end
26
55
  end
27
56
 
28
57
  use Rack::Session::Cookie
29
58
  use OmniAuth::Builder do
30
- provider :mydigipass, '2z4z3zn6ezuov82e4dfu73q3z', '1mcskxim7nomrafvfg7s36pjv',
31
- :client_options => OmniAuth::Strategies::Mydigipass.default_client_urls(:sandbox => true)
59
+ provider :mydigipass, CLIENT_ID, CLIENT_SECRET, :client_options => OMNIAUTH_CLIENT_OPTIONS
32
60
  end
33
61
 
34
62
  run App.new
@@ -0,0 +1,31 @@
1
+ <html>
2
+ <body>
3
+ <h1>Authenticated via provider '<%= @auth.provider %>'</h1>
4
+ <h2>Info</h2>
5
+ <ul>
6
+ <%- @auth.info.each do |key, value| %>
7
+ <li><strong><%= key %>:</strong> <%= value.inspect %></li>
8
+ <% end %>
9
+ </ul>
10
+
11
+ <a href="/signout" class="dpplus-logout" data-origin="<%= OMNIAUTH_CLIENT_OPTIONS[:site] %>" data-client-id="<%= CLIENT_ID %>">Sign out</a>
12
+
13
+ <h2>Raw auth information</h2>
14
+ <pre style="white-space: pre-wrap"><%= Rack::Utils.escape_html @auth.inspect %></pre>
15
+
16
+ <h2>Connected users</h2>
17
+ <p>
18
+ Users connected to your application:
19
+ </p>
20
+ <ul>
21
+ <% if @users.empty? %>
22
+ <li>No users connected</li>
23
+ <% else %>
24
+ <% @users.each do |user| %>
25
+ <li><b><%= user %></b> (<a href="/disconnect/<%= user %>">disconnect</a>)</li>
26
+ <% end %>
27
+ <% end %>
28
+ </ul>
29
+ <a href='/connect/<%= @auth.uid %>'>Connect the current user (<b><%= @auth.uid %></b>)</a>
30
+ </body>
31
+ </html>
@@ -0,0 +1,7 @@
1
+ <html>
2
+ <body>
3
+ <h1>Test OAuth2 with MYDIGIPASS.COM</h1>
4
+ <script type="text/javascript" src="https://static.mydigipass.com/en/dp_connect.js"></script>
5
+ <a class="dpplus-connect" data-origin="<%= OMNIAUTH_CLIENT_OPTIONS[:site] %>" data-client-id="<%= CLIENT_ID %>" data-redirect-uri="http://localhost:9292/auth/mydigipass/callback" data-state="<%= @state %>" href="#">connect with mydigipass.com</a>
6
+ </body>
7
+ </html>
data/lib/mydigipass.rb ADDED
@@ -0,0 +1,2 @@
1
+ require 'mydigipass/tools'
2
+ require 'mydigipass/connect_api'
@@ -0,0 +1,24 @@
1
+ require 'httparty'
2
+ require 'mydigipass/tools'
3
+
4
+ module Mydigipass
5
+ class ConnectApi
6
+ def initialize(options)
7
+ @base_uri = Mydigipass::Tools.extract_base_uri_from_options(options)
8
+ @auth = { :username => options[:client_id], :password => options[:client_secret] }
9
+ end
10
+
11
+ def all_connected
12
+ response = HTTParty.get("#{@base_uri}/api/uuids/connected", { :basic_auth => @auth })
13
+ response['uuids'] || [ ]
14
+ end
15
+
16
+ def connected(uuid)
17
+ HTTParty.post("#{@base_uri}/api/uuids/connected", { :body => { :uuids => [ uuid ] }, :basic_auth => @auth })
18
+ end
19
+
20
+ def disconnected(uuid)
21
+ HTTParty.post("#{@base_uri}/api/uuids/disconnected", { :body => { :uuids => [ uuid ] }, :basic_auth => @auth })
22
+ end
23
+ end
24
+ end
@@ -0,0 +1,13 @@
1
+ module Mydigipass
2
+ module Tools
3
+ def self.extract_base_uri_from_options(options = { })
4
+ if options.has_key? :base_uri
5
+ options[:base_uri]
6
+ elsif options.has_key? :sandbox
7
+ 'https://sandbox.mydigipass.com'
8
+ else
9
+ 'https://www.mydigipass.com'
10
+ end
11
+ end
12
+ end
13
+ end
@@ -1,2 +1,2 @@
1
- require "omniauth-mydigipass/version"
1
+ require 'omniauth-mydigipass/version'
2
2
  require 'omniauth/strategies/mydigipass'
@@ -1,5 +1,5 @@
1
1
  module OmniAuth
2
2
  module Mydigipass
3
- VERSION = "1.0.0"
3
+ VERSION = "1.1.0"
4
4
  end
5
5
  end
@@ -1,34 +1,21 @@
1
1
  require 'omniauth-oauth2'
2
+ require 'mydigipass/tools'
2
3
 
3
4
  module OmniAuth
4
5
  module Strategies
5
6
  class Mydigipass < OmniAuth::Strategies::OAuth2
6
-
7
- def self.default_client_urls(options = {})
8
- local_base_uri = options[:sandbox] ? 'https://sandbox.mydigipass.com' : 'https://mydigipass.com'
7
+ def self.default_client_urls(options = { })
8
+ base_uri = ::Mydigipass::Tools.extract_base_uri_from_options(options)
9
9
  {
10
- :site => local_base_uri,
11
- :authorize_url => local_base_uri + '/oauth/authenticate',
12
- :token_url => local_base_uri + '/oauth/token'
10
+ :site => base_uri,
11
+ :authorize_url => base_uri + '/oauth/authenticate',
12
+ :token_url => base_uri + '/oauth/token'
13
13
  }
14
14
  end
15
15
 
16
-
17
- # Give your strategy a name.
18
- option :name, "mydigipass"
19
-
20
- # for the sandbox environment, use http://sandbox.mydigipass.com
21
- option :base_uri, "https://mydigipass.com"
22
-
23
- #option :client_options, {
24
- # :site => base_uri,
25
- # :authorize_url => base_uri + '/oauth/authenticate',
26
- # :token_url => base_uri + '/oauth/token'
27
- # }
28
-
16
+ option :name, 'mydigipass'
29
17
  option :client_options, default_client_urls
30
18
 
31
-
32
19
  # These are called after authentication has succeeded.
33
20
  uid { raw_info['uuid'] }
34
21
 
@@ -44,18 +31,12 @@ module OmniAuth
44
31
  end
45
32
 
46
33
  extra do
47
- {'raw_info' => raw_info}
34
+ { 'raw_info' => raw_info }
48
35
  end
49
36
 
50
37
  def raw_info
51
38
  @raw_info ||= access_token.get('/oauth/user_data').parsed
52
39
  end
53
-
54
- def base_uri
55
- default_options[:base_uri]
56
- end
57
-
58
-
59
40
  end
60
41
  end
61
- end
42
+ end
@@ -15,8 +15,9 @@ Gem::Specification.new do |gem|
15
15
  gem.require_paths = ["lib"]
16
16
  gem.version = OmniAuth::Mydigipass::VERSION
17
17
 
18
- gem.add_dependency 'omniauth', '~> 1.0'
19
- gem.add_dependency 'omniauth-oauth2', '~> 1.0'
18
+ gem.add_dependency 'httparty'
19
+ gem.add_dependency 'omniauth', '~> 1.1'
20
+ gem.add_dependency 'omniauth-oauth2', '~> 1.1'
20
21
  gem.add_development_dependency 'rspec', '~> 2.7'
21
22
  gem.add_development_dependency 'rack-test'
22
23
  gem.add_development_dependency 'simplecov'
@@ -0,0 +1,40 @@
1
+ require 'spec_helper'
2
+ require 'mydigipass/connect_api'
3
+
4
+ describe Mydigipass::ConnectApi do
5
+ let(:client_id) { 'abc' }
6
+ let(:client_secret) { 'def' }
7
+ let(:uuid) { 'ghi' }
8
+
9
+ let(:basic_auth) { { :username => client_id, :password => client_secret } }
10
+
11
+ before :each do
12
+ @api = Mydigipass::ConnectApi.new(:client_id => client_id, :client_secret => client_secret, :base_uri => 'https://www.foo.com')
13
+ HTTParty.stub(:get)
14
+ HTTParty.stub(:post)
15
+ end
16
+
17
+ describe '#all_connected' do
18
+ it 'performs GET and returns array' do
19
+ params = { :basic_auth => basic_auth }
20
+ HTTParty.should_receive(:get).with('https://www.foo.com/api/uuids/connected', params).and_return({ 'uuids' => [ '123', '456' ] })
21
+ @api.all_connected.should == [ '123', '456' ]
22
+ end
23
+ end
24
+
25
+ describe '#connected' do
26
+ it 'performs POST' do
27
+ params = { :body => { :uuids => [ uuid ] }, :basic_auth => basic_auth }
28
+ HTTParty.should_receive(:post).with('https://www.foo.com/api/uuids/connected', params)
29
+ @api.connected(uuid)
30
+ end
31
+ end
32
+
33
+ describe '#disconnected' do
34
+ it 'performs POST' do
35
+ params = { :body => { :uuids => [ uuid ] }, :basic_auth => basic_auth }
36
+ HTTParty.should_receive(:post).with('https://www.foo.com/api/uuids/disconnected', params)
37
+ @api.disconnected(uuid)
38
+ end
39
+ end
40
+ end
@@ -0,0 +1,22 @@
1
+ require 'spec_helper'
2
+ require 'mydigipass/tools'
3
+
4
+ describe Mydigipass::Tools do
5
+ describe '.extract_base_uri_from_options' do
6
+ context 'with no options parameter' do
7
+ Mydigipass::Tools.extract_base_uri_from_options().should == 'https://www.mydigipass.com'
8
+ end
9
+
10
+ context 'with empty hash' do
11
+ Mydigipass::Tools.extract_base_uri_from_options({}).should == 'https://www.mydigipass.com'
12
+ end
13
+
14
+ context 'with explicit base_uri' do
15
+ Mydigipass::Tools.extract_base_uri_from_options({ :base_uri => 'https://www.foo.com', :sandbox => true }).should == 'https://www.foo.com'
16
+ end
17
+
18
+ context 'with sandbox option' do
19
+ Mydigipass::Tools.extract_base_uri_from_options({ :sandbox => true }).should == 'https://sandbox.mydigipass.com'
20
+ end
21
+ end
22
+ end
@@ -3,22 +3,30 @@ require 'omniauth-mydigipass'
3
3
 
4
4
  describe OmniAuth::Strategies::Mydigipass do
5
5
  subject do
6
- OmniAuth::Strategies::Mydigipass.new(nil, @options || {})
6
+ OmniAuth::Strategies::Mydigipass.new('abc', 'def', @options || {})
7
+ end
8
+
9
+ before do
10
+ OmniAuth.config.test_mode = true
11
+ end
12
+
13
+ after do
14
+ OmniAuth.config.test_mode = false
7
15
  end
8
16
 
9
17
  it_should_behave_like 'an oauth2 strategy'
10
18
 
11
19
  describe '#client' do
12
20
  it 'should have the correct mydigipass.com site' do
13
- subject.client.site.should eq("https://mydigipass.com")
21
+ subject.client.site.should == 'https://www.mydigipass.com'
14
22
  end
15
23
 
16
24
  it 'should have the correct authorization url' do
17
- subject.client.options[:authorize_url].should eq("https://mydigipass.com/oauth/authenticate")
25
+ subject.client.options[:authorize_url].should == 'https://www.mydigipass.com/oauth/authenticate'
18
26
  end
19
27
 
20
28
  it 'should have the correct token url' do
21
- subject.client.options[:token_url].should eq('https://mydigipass.com/oauth/token')
29
+ subject.client.options[:token_url].should == 'https://www.mydigipass.com/oauth/token'
22
30
  end
23
31
  end
24
32
 
@@ -28,11 +36,10 @@ describe OmniAuth::Strategies::Mydigipass do
28
36
  end
29
37
  end
30
38
 
31
- context "when connecting to the sandbox" do
39
+ context 'when connecting to the sandbox' do
32
40
  it 'should have the correct mydigipass.com site' do
33
41
  @options = { :client_options => OmniAuth::Strategies::Mydigipass.default_client_urls(:sandbox => true) }
34
- subject.client.site.should eq("https://sandbox.mydigipass.com")
42
+ subject.client.site.should == 'https://sandbox.mydigipass.com'
35
43
  end
36
-
37
44
  end
38
45
  end
@@ -12,28 +12,28 @@ shared_examples 'an oauth2 strategy' do
12
12
  describe '#authorize_params' do
13
13
  it 'should include any authorize params passed in the :authorize_params option' do
14
14
  @options = { :authorize_params => { :foo => 'bar', :baz => 'zip' } }
15
- subject.authorize_params['foo'].should eq('bar')
16
- subject.authorize_params['baz'].should eq('zip')
15
+ subject.authorize_params['foo'].should == 'bar'
16
+ subject.authorize_params['baz'].should == 'zip'
17
17
  end
18
18
 
19
19
  it 'should include top-level options that are marked as :authorize_options' do
20
20
  @options = { :authorize_options => [:scope, :foo], :scope => 'bar', :foo => 'baz' }
21
- subject.authorize_params['scope'].should eq('bar')
22
- subject.authorize_params['foo'].should eq('baz')
21
+ subject.authorize_params['scope'].should == 'bar'
22
+ subject.authorize_params['foo'].should == 'baz'
23
23
  end
24
24
  end
25
25
 
26
26
  describe '#token_params' do
27
27
  it 'should include any token params passed in the :token_params option' do
28
28
  @options = { :token_params => { :foo => 'bar', :baz => 'zip' } }
29
- subject.token_params['foo'].should eq('bar')
30
- subject.token_params['baz'].should eq('zip')
29
+ subject.token_params['foo'].should == 'bar'
30
+ subject.token_params['baz'].should == 'zip'
31
31
  end
32
32
 
33
33
  it 'should include top-level options that are marked as :token_options' do
34
34
  @options = { :token_options => [:scope, :foo], :scope => 'bar', :foo => 'baz' }
35
- subject.token_params['scope'].should eq('bar')
36
- subject.token_params['foo'].should eq('baz')
35
+ subject.token_params['scope'].should == 'bar'
36
+ subject.token_params['foo'].should == 'baz'
37
37
  end
38
38
  end
39
39
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: omniauth-mydigipass
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.0.0
4
+ version: 1.1.0
5
5
  prerelease:
6
6
  platform: ruby
7
7
  authors:
@@ -9,33 +9,59 @@ authors:
9
9
  autorequire:
10
10
  bindir: bin
11
11
  cert_chain: []
12
- date: 2012-03-10 00:00:00.000000000 Z
12
+ date: 2014-02-10 00:00:00.000000000 Z
13
13
  dependencies:
14
+ - !ruby/object:Gem::Dependency
15
+ name: httparty
16
+ requirement: !ruby/object:Gem::Requirement
17
+ none: false
18
+ requirements:
19
+ - - ! '>='
20
+ - !ruby/object:Gem::Version
21
+ version: '0'
22
+ type: :runtime
23
+ prerelease: false
24
+ version_requirements: !ruby/object:Gem::Requirement
25
+ none: false
26
+ requirements:
27
+ - - ! '>='
28
+ - !ruby/object:Gem::Version
29
+ version: '0'
14
30
  - !ruby/object:Gem::Dependency
15
31
  name: omniauth
16
- requirement: &15842580 !ruby/object:Gem::Requirement
32
+ requirement: !ruby/object:Gem::Requirement
17
33
  none: false
18
34
  requirements:
19
35
  - - ~>
20
36
  - !ruby/object:Gem::Version
21
- version: '1.0'
37
+ version: '1.1'
22
38
  type: :runtime
23
39
  prerelease: false
24
- version_requirements: *15842580
40
+ version_requirements: !ruby/object:Gem::Requirement
41
+ none: false
42
+ requirements:
43
+ - - ~>
44
+ - !ruby/object:Gem::Version
45
+ version: '1.1'
25
46
  - !ruby/object:Gem::Dependency
26
47
  name: omniauth-oauth2
27
- requirement: &15842000 !ruby/object:Gem::Requirement
48
+ requirement: !ruby/object:Gem::Requirement
28
49
  none: false
29
50
  requirements:
30
51
  - - ~>
31
52
  - !ruby/object:Gem::Version
32
- version: '1.0'
53
+ version: '1.1'
33
54
  type: :runtime
34
55
  prerelease: false
35
- version_requirements: *15842000
56
+ version_requirements: !ruby/object:Gem::Requirement
57
+ none: false
58
+ requirements:
59
+ - - ~>
60
+ - !ruby/object:Gem::Version
61
+ version: '1.1'
36
62
  - !ruby/object:Gem::Dependency
37
63
  name: rspec
38
- requirement: &15841420 !ruby/object:Gem::Requirement
64
+ requirement: !ruby/object:Gem::Requirement
39
65
  none: false
40
66
  requirements:
41
67
  - - ~>
@@ -43,10 +69,15 @@ dependencies:
43
69
  version: '2.7'
44
70
  type: :development
45
71
  prerelease: false
46
- version_requirements: *15841420
72
+ version_requirements: !ruby/object:Gem::Requirement
73
+ none: false
74
+ requirements:
75
+ - - ~>
76
+ - !ruby/object:Gem::Version
77
+ version: '2.7'
47
78
  - !ruby/object:Gem::Dependency
48
79
  name: rack-test
49
- requirement: &15840960 !ruby/object:Gem::Requirement
80
+ requirement: !ruby/object:Gem::Requirement
50
81
  none: false
51
82
  requirements:
52
83
  - - ! '>='
@@ -54,10 +85,15 @@ dependencies:
54
85
  version: '0'
55
86
  type: :development
56
87
  prerelease: false
57
- version_requirements: *15840960
88
+ version_requirements: !ruby/object:Gem::Requirement
89
+ none: false
90
+ requirements:
91
+ - - ! '>='
92
+ - !ruby/object:Gem::Version
93
+ version: '0'
58
94
  - !ruby/object:Gem::Dependency
59
95
  name: simplecov
60
- requirement: &15840420 !ruby/object:Gem::Requirement
96
+ requirement: !ruby/object:Gem::Requirement
61
97
  none: false
62
98
  requirements:
63
99
  - - ! '>='
@@ -65,7 +101,12 @@ dependencies:
65
101
  version: '0'
66
102
  type: :development
67
103
  prerelease: false
68
- version_requirements: *15840420
104
+ version_requirements: !ruby/object:Gem::Requirement
105
+ none: false
106
+ requirements:
107
+ - - ! '>='
108
+ - !ruby/object:Gem::Version
109
+ version: '0'
69
110
  description: OmniAuth strategy for MYDIGIPASS.COM, which can be used for sandbox or
70
111
  production
71
112
  email:
@@ -81,12 +122,18 @@ files:
81
122
  - Rakefile
82
123
  - example/Gemfile
83
124
  - example/config.ru
84
- - example/views/callback.erb
85
125
  - example/views/failure.erb
126
+ - example/views/index.erb
127
+ - example/views/signin.erb
128
+ - lib/mydigipass.rb
129
+ - lib/mydigipass/connect_api.rb
130
+ - lib/mydigipass/tools.rb
86
131
  - lib/omniauth-mydigipass.rb
87
132
  - lib/omniauth-mydigipass/version.rb
88
133
  - lib/omniauth/strategies/mydigipass.rb
89
134
  - omniauth-mydigipass.gemspec
135
+ - spec/mydigipass/connect_api_spec.rb
136
+ - spec/mydigipass/tools_spec.rb
90
137
  - spec/omniauth/strategies/mydigipass_spec.rb
91
138
  - spec/spec_helper.rb
92
139
  - spec/support/shared_examples.rb
@@ -110,8 +157,13 @@ required_rubygems_version: !ruby/object:Gem::Requirement
110
157
  version: '0'
111
158
  requirements: []
112
159
  rubyforge_project:
113
- rubygems_version: 1.8.15
160
+ rubygems_version: 1.8.23
114
161
  signing_key:
115
162
  specification_version: 3
116
163
  summary: OmniAuth strategy for MYDIGIPASS.COM
117
- test_files: []
164
+ test_files:
165
+ - spec/mydigipass/connect_api_spec.rb
166
+ - spec/mydigipass/tools_spec.rb
167
+ - spec/omniauth/strategies/mydigipass_spec.rb
168
+ - spec/spec_helper.rb
169
+ - spec/support/shared_examples.rb
@@ -1,14 +0,0 @@
1
- <html>
2
- <body>
3
- <h1>Authentication Successfull via <%= @auth.provider %></h1>
4
- <h2>info:</h2>
5
- <ul>
6
- <%- @auth.info.each do |key, value| %>
7
- <li><strong><%= key %>:</strong> <%= value.inspect %></li>
8
- <% end %>
9
- </ul>
10
- <a href='/'>Sign out</a>
11
- <h2>raw auth:</h2>
12
- <pre style="white-space: pre-wrap"><%= Rack::Utils.escape_html @auth.inspect %></pre>
13
- </body>
14
- </html>