omniauth-nate 0.1.0

data/.gitignore

@@ -0,0 +1,5 @@
+*.gem
+.bundle
+Gemfile.lock
+pkg/*
+*.swp

data/Gemfile

@@ -0,0 +1,8 @@
+source "http://rubygems.org"
+
+group :development do
+  gem 'omniauth', :git => 'https://github.com/intridea/omniauth.git'
+end
+
+# Specify your gem's dependencies in omniauth-nate.gemspec
+gemspec

data/README.ko.md

@@ -0,0 +1,110 @@
+omniauth-nate
+=============
+
+네이트 인증을 위한 omniauth strategy입니다. 네이트/싸이월드/엠파스 계정을 이용한 인증이 가능하도록 합니다.
+
+http://www.nate.com
+
+Nate의 인증 API는 OAuth 1.0를 따릅니다.
+
+http://devsquare.nate.com/openApi/nateAuthAPIGuide
+
+설치
+----
+
+Gemfile 에 추가 후,
+
+```ruby
+gem 'omniauth-nate'
+```
+
+`bundle install`
+
+사용 절차
+---------
+
+Nate의 devsquare에서 consumer key를 발급 받습니다.
+
+http://devsquare.nate.com/
+
+발급 확인 메일을 통해 `GetNateMemberInfo` API 의 결과를 복호화하는 필요한 
+encryption key와 IV를 함께 할당받게 됩니다.
+
+### Usage
+
+OAuth를 위한 consumer key, secret과 함께 발급 확인 메일을 통해 부여받은
+encryption key를 기재합니다.
+
+```ruby
+Rails.application.config.middleware.use OmniAuth::Builder do
+  provider :nate, consumer_key, consumer_secret, 
+      :encryption => {
+        :key => key,                  # Required.
+        :iv  => 0.chr * 8,            # Optional. Default: 0.chr * 8
+        :algorithm => 'des-ede3-cbc'  # Optional. Default: des-ede3-cbc
+      }
+end
+```
+
+### Devise 에서의 설정
+
+```ruby
+Devise.setup do |config|
+  config.omniauth :nate, consumer_key, consumer_secret,
+      :encryption => {
+        :key => key,                  # Required.
+        :iv  => 0.chr * 8,            # Optional. Default: 0.chr * 8
+        :algorithm => 'des-ede3-cbc'  # Optional. Default: des-ede3-cbc
+      }
+end
+```
+
+Authentication Hash
+-------------------
+
+이메일 주소가 User identifier로 사용됩니다.
+
+```ruby
+{
+  :provider => 'nate',
+  :uid      => 'your-mail@nate.com',
+  :info     => {
+    :name   => 'your name',
+    :email  => 'your-mail@nate.com'
+  }
+}
+```
+
+Contributing to omniauth-nate
+-----------------------------
+
+* Check out the latest master to make sure the feature hasn't been implemented or the bug hasn't been fixed yet
+* Check out the issue tracker to make sure someone already hasn't requested it and/or contributed it
+* Fork the project
+* Start a feature/bugfix branch
+* Commit and push until you are happy with your contribution
+* Make sure to add tests for it. This is important so I don't break it in a future version unintentionally.
+* Please try not to mess with the Rakefile, version, or history. If you want to have your own version, or is otherwise necessary, that is fine, but please isolate to its own commit so I can cherry-pick around it.
+
+License
+-------
+Copyright (c) 2012 Junegunn Choi
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -0,0 +1,110 @@
+omniauth-nate
+=============
+
+Omniauth strategy for a Korean web portal nate.com which is a conglomerate of Nate, Cyworld and Empas.
+This allows users to authenticate themselves with their Nate/Cyworld/Empas accounts.
+
+http://www.nate.com
+
+Nate Open Authentication API follows OAuth 1.0 protocol.
+
+http://devsquare.nate.com/openApi/nateAuthAPIGuide
+
+Installation
+------------
+
+Add to your Gemfile
+
+```ruby
+gem 'omniauth-nate'
+```
+
+Then `bundle install`
+
+How to use
+----------
+
+Register your application in the following page to obtain consumer key and secret.
+
+http://devsquare.nate.com/
+
+In the confirmation mail, you will additionally receive encryption key and IV required
+to decrypt the member information retrieved via their `GetNateMemberInfo` API.
+
+### Usage
+
+Along with the usual consumer key and secret, encryption key must be specified.
+
+```ruby
+Rails.application.config.middleware.use OmniAuth::Builder do
+  provider :nate, consumer_key, consumer_secret, 
+      :encryption => {
+        :key => key,                  # Required.
+        :iv  => 0.chr * 8,            # Optional. Default: 0.chr * 8
+        :algorithm => 'des-ede3-cbc'  # Optional. Default: des-ede3-cbc
+      }
+end
+```
+
+### With Devise
+
+```ruby
+Devise.setup do |config|
+  config.omniauth :nate, consumer_key, consumer_secret,
+      :encryption => {
+        :key => key,                  # Required.
+        :iv  => 0.chr * 8,            # Optional. Default: 0.chr * 8
+        :algorithm => 'des-ede3-cbc'  # Optional. Default: des-ede3-cbc
+      }
+end
+```
+
+Authentication Hash
+-------------------
+
+Email address is used as the user identifier.
+
+```ruby
+{
+  :provider => 'nate',
+  :uid      => 'your-mail@nate.com',
+  :info     => {
+    :name   => 'your name',
+    :email  => 'your-mail@nate.com'
+  }
+}
+```
+
+Contributing to omniauth-nate
+-----------------------------
+
+* Check out the latest master to make sure the feature hasn't been implemented or the bug hasn't been fixed yet
+* Check out the issue tracker to make sure someone already hasn't requested it and/or contributed it
+* Fork the project
+* Start a feature/bugfix branch
+* Commit and push until you are happy with your contribution
+* Make sure to add tests for it. This is important so I don't break it in a future version unintentionally.
+* Please try not to mess with the Rakefile, version, or history. If you want to have your own version, or is otherwise necessary, that is fine, but please isolate to its own commit so I can cherry-pick around it.
+
+License
+-------
+Copyright (c) 2012 Junegunn Choi
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/Rakefile

@@ -0,0 +1,8 @@
+require "bundler/gem_tasks"
+require 'rake/testtask'
+
+Rake::TestTask.new do |t|
+  t.libs << 'lib'
+  t.pattern = 'test/**/test_*.rb'
+  t.verbose = true
+end

data/lib/omniauth-nate.rb

@@ -0,0 +1,3 @@
+require 'omniauth-nate/version'
+require 'omniauth/strategies/nate'
+

data/lib/omniauth-nate/version.rb

@@ -0,0 +1,5 @@
+module Omniauth
+  module Nate
+    VERSION = "0.1.0"
+  end
+end

data/lib/omniauth/strategies/nate.rb

@@ -0,0 +1,73 @@
+require 'omniauth-oauth'
+require 'rexml/document'
+require 'openssl'
+require 'base64'
+require 'insensitive_hash/minimal'
+
+module OmniAuth
+  module Strategies
+    class Nate < OmniAuth::Strategies::OAuth
+      option :name, 'nate'
+      option :client_options, {
+        :site => 'https://oauth.nate.com',
+        :request_token_path => '/OAuth/GetRequestToken/V1a',
+        :authorize_path     => '/OAuth/Authorize/V1a',
+        :access_token_path  => '/OAuth/GetAccessToken/V1a',
+      }
+      option :member_info_path, '/OAuth/GetNateMemberInfo/V1a'
+      option :encryption, {
+        :key => nil,
+        :iv  => 0.chr * 8,
+        :algorithm => 'des-ede3-cbc'
+      }
+
+      uid do
+        raw_info[:nid]
+      end
+
+      info do
+        {
+          :name  => raw_info[:name],
+          :email => raw_info[:nid]
+        }
+      end
+
+      def initialize app, *args, &block
+        super
+        unless options[:encryption][:key]
+          raise ArgumentError.new("encryption key must be given")
+        end
+      end
+
+      def encryption
+        options[:encryption]
+      end
+
+    private
+      def raw_info
+        return @raw_info if @raw_info
+
+        @raw_info = InsensitiveHash.new
+        xml_data = access_token.get(options[:member_info_path]).body
+        doc = REXML::Document.new xml_data
+        %w[nid name].each do |elem|
+          doc.elements.each("response/minfo/#{elem}") do |nid|
+            @raw_info[elem] = decrypt nid.text
+          end
+        end
+        @raw_info
+      end
+
+      def decrypt val
+        c = OpenSSL::Cipher.new options[:encryption][:algorithm]
+        c.decrypt
+        c.key = options[:encryption][:key]
+        c.iv = options[:encryption][:iv]
+        text = c.update(Base64.decode64 val)
+        text << c.final
+        text.force_encoding("UTF-8")
+      end
+    end
+  end
+end
+

data/omniauth-nate.gemspec

@@ -0,0 +1,30 @@
+# -*- encoding: utf-8 -*-
+$:.push File.expand_path("../lib", __FILE__)
+require "omniauth-nate/version"
+
+Gem::Specification.new do |s|
+  s.name        = "omniauth-nate"
+  s.version     = Omniauth::Nate::VERSION
+  s.authors     = ["Junegunn Choi"]
+  s.email       = ["junegunn.c@gmail.com"]
+  s.homepage    = "https://github.com/junegunn/omniauth-nate"
+  s.summary     = %q{OmniAuth strategy for nate.com}
+  s.description = %q{OmniAuth strategy for nate.com (Korean web portal site which is a conglomerate of Nate, Cyworld and Empas)}
+
+  s.rubyforge_project = "omniauth-nate"
+
+  s.files         = `git ls-files`.split("\n")
+  s.test_files    = `git ls-files -- {test,spec,features}/*`.split("\n")
+  s.executables   = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) }
+  s.require_paths = ["lib"]
+
+  # specify any dependencies here; for example:
+  # s.add_development_dependency "rspec"
+  # s.add_runtime_dependency "rest-client"
+  s.add_development_dependency "rack-test"
+  s.add_development_dependency "mocha"
+  s.add_development_dependency "webmock"
+  s.add_runtime_dependency "omniauth-oauth", "~> 1.0"
+  s.add_runtime_dependency "multi_json"
+  s.add_runtime_dependency "insensitive_hash", ">= 0.1.0"
+end

data/test/test_omniauth-nate.rb

@@ -0,0 +1,127 @@
+require 'rubygems'
+require 'bundler'
+Bundler.require(:default, :development)
+
+$LOAD_PATH.unshift(File.join(File.dirname(__FILE__), '..', 'lib'))
+require 'test/unit'
+require 'mocha'
+require 'omniauth-nate'
+require 'rack/test'
+require 'webmock'
+
+class OmniauthNateTest < Test::Unit::TestCase
+  include Rack::Test::Methods
+  include WebMock::API
+
+  def setup
+    @consumer_key = 'consumer key'
+    @consumer_secret = 'consumer secret'
+
+    @iv = 0.chr * 8
+    @key = 'encryption key for triple des'
+    @algorithm = 'des-ede3-cbc'
+
+    @email = "you@and.me"
+    @name = "yam"
+  end
+
+  # Borrowed from omniauth-oauth spec
+  def app
+    Rack::Builder.new {
+      use OmniAuth::Test::PhonySession
+      use OmniAuth::Builder do
+        provider :nate, 'consumer key', 'consumer secret',
+          :encryption => { :key => 'encryption key for triple des' }
+      end
+      run lambda { |env| [404, {'Content-Type' => 'text/plain'}, [env.key?('omniauth.auth').to_s]] }
+    }.to_app
+  end
+
+  def session
+    last_request.env['rack.session']
+  end
+
+  def encrypt str
+    c = OpenSSL::Cipher.new(@algorithm)
+    c.encrypt
+    c.key = @key
+    c.iv = @iv
+    text = c.update(str)
+    text << c.final
+    Base64.encode64 text
+  end
+
+  def decrypt str
+    c = OpenSSL::Cipher.new(@algorithm)
+    c.decrypt
+    c.key = @key
+    c.iv = @iv
+    text = c.update(Base64.decode64 str)
+    text << c.final
+    text
+  end
+
+  def test_encrypt_decrypt
+    str = "Meta-test: Testing encryption and decryption methods used in the test"
+    assert_equal str, decrypt(encrypt(str))
+  end
+
+  def test_encryption_key_is_required
+    assert_raise(ArgumentError) do
+      nate = OmniAuth::Strategies::Nate.new(nil, @consumer_key, @consumer_secret)
+    end
+  end
+
+  def test_encryption_parameters
+    nate = OmniAuth::Strategies::Nate.new(nil, @consumer_key, @consumer_secret, 
+                :encryption => { 
+                  :key => @key,
+                  :iv => @iv,
+                  :algorithm => 'des3'
+                })
+    assert_equal @key,   nate.encryption[:key]
+    assert_equal @iv,    nate.encryption[:iv]
+    assert_equal 'des3', nate.encryption[:algorithm]
+  end
+
+  def test_name
+    nate = OmniAuth::Strategies::Nate.new(nil, @consumer_key, @consumer_secret, 
+                :encryption => { :key => @key })
+    assert_equal 'nate', nate.name
+  end
+
+  def test_request
+    stub_request(:post, "https://oauth.nate.com/OAuth/GetRequestToken/V1a").
+        to_return(:body => "oauth_token=yourtoken&oauth_token_secret=yoursecret&oauth_callback_confirmed=true")
+    get "/auth/nate"
+
+    assert last_response.redirect?
+    assert_equal 'https://oauth.nate.com/OAuth/Authorize/V1a?oauth_token=yourtoken',
+                  last_response.headers['Location'].to_s
+    assert_equal 'yourtoken', session['oauth']['nate']['request_token']
+    assert_equal 'yoursecret', session['oauth']['nate']['request_secret']
+
+    assert_requested :post, 'https://oauth.nate.com/OAuth/GetRequestToken/V1a'
+
+    stub_request(:post, "https://oauth.nate.com/OAuth/GetAccessToken/V1a").
+        to_return(:body => "oauth_token=yourtoken&oauth_token_secret=yoursecret")
+
+    stub_request(:get, "https://oauth.nate.com/OAuth/GetNateMemberInfo/V1a").
+        to_return(:body => "<response><rcode>RET0000</rcode><rmsg>SUCCESS</rmsg><class>1</class><minfo><nid>#{encrypt @email}</nid><name>#{encrypt @name}</name></minfo></response>")
+
+    get '/auth/nate/callback', { :oauth_verifier => 'verifier' }
+    assert_requested :post, 'https://oauth.nate.com/OAuth/GetAccessToken/V1a'
+    assert_requested :get, 'https://oauth.nate.com/OAuth/GetNateMemberInfo/V1a'
+
+    assert_equal 'true', last_response.body
+    assert_equal @email, last_request.env['omniauth.auth']['uid']
+    assert_equal @email, last_request.env['omniauth.auth']['info']['email']
+    assert_equal @name,  last_request.env['omniauth.auth']['info']['name']
+    assert_equal Encoding::UTF_8, last_request.env['omniauth.auth']['info']['name'].encoding
+  end
+
+  def test_basic
+    nate = OmniAuth::Strategies::Nate.new(nil, @consumer_key, @consumer_secret, :encryption => { :key => @key })
+  end
+end
+

metadata

@@ -0,0 +1,124 @@
+--- !ruby/object:Gem::Specification
+name: omniauth-nate
+version: !ruby/object:Gem::Version
+  version: 0.1.0
+  prerelease: 
+platform: ruby
+authors:
+- Junegunn Choi
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2012-01-15 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: rack-test
+  requirement: &2153764780 !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: *2153764780
+- !ruby/object:Gem::Dependency
+  name: mocha
+  requirement: &2153764320 !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: *2153764320
+- !ruby/object:Gem::Dependency
+  name: webmock
+  requirement: &2153763900 !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: *2153763900
+- !ruby/object:Gem::Dependency
+  name: omniauth-oauth
+  requirement: &2153763380 !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '1.0'
+  type: :runtime
+  prerelease: false
+  version_requirements: *2153763380
+- !ruby/object:Gem::Dependency
+  name: multi_json
+  requirement: &2153762960 !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: *2153762960
+- !ruby/object:Gem::Dependency
+  name: insensitive_hash
+  requirement: &2153762420 !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: 0.1.0
+  type: :runtime
+  prerelease: false
+  version_requirements: *2153762420
+description: OmniAuth strategy for nate.com (Korean web portal site which is a conglomerate
+  of Nate, Cyworld and Empas)
+email:
+- junegunn.c@gmail.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- .gitignore
+- Gemfile
+- README.ko.md
+- README.md
+- Rakefile
+- lib/omniauth-nate.rb
+- lib/omniauth-nate/version.rb
+- lib/omniauth/strategies/nate.rb
+- omniauth-nate.gemspec
+- test/test_omniauth-nate.rb
+homepage: https://github.com/junegunn/omniauth-nate
+licenses: []
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: omniauth-nate
+rubygems_version: 1.8.10
+signing_key: 
+specification_version: 3
+summary: OmniAuth strategy for nate.com
+test_files:
+- test/test_omniauth-nate.rb
+has_rdoc: