omniauth-oauth2-generic 0.2.2 → 0.2.7
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +5 -5
- data/.gitignore +3 -2
- data/.gitlab-ci.yml +44 -0
- data/.rubocop.yml +48 -0
- data/.ruby-version +1 -0
- data/CHANGELOG.md +3 -0
- data/Gemfile +4 -0
- data/Gemfile.lock +43 -0
- data/README.md +67 -29
- data/Rakefile +4 -2
- data/bin/console +4 -3
- data/lib/omniauth-oauth2-generic.rb +4 -2
- data/lib/omniauth-oauth2-generic/version.rb +3 -1
- data/lib/omniauth/strategies/oauth2_generic.rb +84 -37
- data/omniauth-oauth2-generic.gemspec +18 -21
- data/satorix/CI/deploy/rubygems.rb +83 -0
- data/satorix/CI/test/custom_bundler_audit.rb +36 -0
- data/satorix/custom.rb +27 -0
- metadata +16 -67
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
|
-
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
2
|
+
SHA256:
|
3
|
+
metadata.gz: 15aee5306061423e3962da4e902ce8af441cbf7805c0811a1cd3e71a7a2a04fe
|
4
|
+
data.tar.gz: df98466984c59d9b070125e712025e927b739cf47a2e07a129f8895c86fcc263
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: abed1e71df9fa8bdeb799162f094fbec8181d758e3407b072fd6f2210fb26b09a8404234106deab44f37580e7ca6db736c7fc9d85f5cda65bb2254dfe0c7a22a
|
7
|
+
data.tar.gz: fb5ef78a57a5f2896009ba83c33cf8b6949753ef51da1eccef6856291b3b04ab2d1261bc3e44e628f5e3560bade37dbbcd9fcc3aaef7f0e6b013a0d9c56c6bff
|
data/.gitignore
CHANGED
data/.gitlab-ci.yml
ADDED
@@ -0,0 +1,44 @@
|
|
1
|
+
image: 'satorix/base'
|
2
|
+
|
3
|
+
cache:
|
4
|
+
key: "$CI_PROJECT_ID"
|
5
|
+
paths:
|
6
|
+
- 'tmp/satorix/cache' # To cache buildpack gems between runs.
|
7
|
+
|
8
|
+
|
9
|
+
.satorix: &satorix
|
10
|
+
script:
|
11
|
+
- gem install satorix --no-document
|
12
|
+
- satorix
|
13
|
+
|
14
|
+
|
15
|
+
# bundler-audit
|
16
|
+
# Patch-level verification for Bundler
|
17
|
+
# https://github.com/rubysec/bundler-audit
|
18
|
+
# TODO : Restore original version when https://github.com/omniauth/omniauth/pull/809 is resolved
|
19
|
+
custom_bundler_audit:
|
20
|
+
<<: *satorix
|
21
|
+
|
22
|
+
|
23
|
+
# RSpec
|
24
|
+
# Behaviour Driven Development for Ruby
|
25
|
+
# http://rspec.info/
|
26
|
+
rspec:
|
27
|
+
<<: *satorix
|
28
|
+
|
29
|
+
|
30
|
+
# RuboCop
|
31
|
+
# A Ruby static code analyzer, based on the community Ruby style guide.
|
32
|
+
# https://github.com/bbatsov/rubocop
|
33
|
+
rubocop:
|
34
|
+
<<: *satorix
|
35
|
+
|
36
|
+
|
37
|
+
# This is a custom job, defined at satorix/CI/deploy/rubygems.rb
|
38
|
+
deploy_to_rubygems:
|
39
|
+
stage: deploy
|
40
|
+
only:
|
41
|
+
- tags
|
42
|
+
except:
|
43
|
+
- schedules
|
44
|
+
<<: *satorix
|
data/.rubocop.yml
ADDED
@@ -0,0 +1,48 @@
|
|
1
|
+
AllCops:
|
2
|
+
Exclude:
|
3
|
+
- 'bin/**/*'
|
4
|
+
- 'tmp/**/*'
|
5
|
+
- 'vendor/**/*'
|
6
|
+
NewCops: enable
|
7
|
+
|
8
|
+
# We develop in a higher version than is absolutely required.
|
9
|
+
Gemspec/RequiredRubyVersion:
|
10
|
+
Enabled: false
|
11
|
+
|
12
|
+
Layout/SpaceInsideStringInterpolation:
|
13
|
+
EnforcedStyle: space
|
14
|
+
|
15
|
+
# TODO - fix/enable layout lines cops ------------------------------------------------------
|
16
|
+
|
17
|
+
Layout/EmptyLines:
|
18
|
+
Enabled: false
|
19
|
+
|
20
|
+
Layout/EmptyLinesAroundClassBody:
|
21
|
+
Enabled: false
|
22
|
+
|
23
|
+
Layout/EmptyLinesAroundModuleBody:
|
24
|
+
Enabled: false
|
25
|
+
|
26
|
+
# ------------------------------------------------------------------------------------------
|
27
|
+
|
28
|
+
Layout/EmptyLineBetweenDefs:
|
29
|
+
NumberOfEmptyLines: 2
|
30
|
+
|
31
|
+
Layout/IndentationConsistency:
|
32
|
+
EnforcedStyle: indented_internal_methods
|
33
|
+
|
34
|
+
# Ignore spec for large contexts
|
35
|
+
Metrics/BlockLength:
|
36
|
+
Exclude:
|
37
|
+
- 'spec/**/*'
|
38
|
+
|
39
|
+
Naming/FileName:
|
40
|
+
Exclude:
|
41
|
+
- 'lib/omniauth-oauth2-generic.rb'
|
42
|
+
|
43
|
+
Style/Documentation:
|
44
|
+
Enabled: false
|
45
|
+
|
46
|
+
# The recommended alternative does not work for this application.
|
47
|
+
Style/ModuleFunction:
|
48
|
+
Enabled: false
|
data/.ruby-version
ADDED
@@ -0,0 +1 @@
|
|
1
|
+
ruby-2.6.6
|
data/CHANGELOG.md
ADDED
data/Gemfile
CHANGED
data/Gemfile.lock
ADDED
@@ -0,0 +1,43 @@
|
|
1
|
+
PATH
|
2
|
+
remote: .
|
3
|
+
specs:
|
4
|
+
omniauth-oauth2-generic (0.2.7)
|
5
|
+
omniauth-oauth2 (~> 1.0)
|
6
|
+
rake
|
7
|
+
|
8
|
+
GEM
|
9
|
+
remote: https://rubygems.org/
|
10
|
+
specs:
|
11
|
+
faraday (1.0.1)
|
12
|
+
multipart-post (>= 1.2, < 3)
|
13
|
+
hashie (4.1.0)
|
14
|
+
jwt (2.2.1)
|
15
|
+
multi_json (1.14.1)
|
16
|
+
multi_xml (0.6.0)
|
17
|
+
multipart-post (2.1.1)
|
18
|
+
oauth2 (1.4.4)
|
19
|
+
faraday (>= 0.8, < 2.0)
|
20
|
+
jwt (>= 1.0, < 3.0)
|
21
|
+
multi_json (~> 1.3)
|
22
|
+
multi_xml (~> 0.5)
|
23
|
+
rack (>= 1.2, < 3)
|
24
|
+
omniauth (1.9.1)
|
25
|
+
hashie (>= 3.4.6)
|
26
|
+
rack (>= 1.6.2, < 3)
|
27
|
+
omniauth-oauth2 (1.6.0)
|
28
|
+
oauth2 (~> 1.1)
|
29
|
+
omniauth (~> 1.9)
|
30
|
+
rack (2.2.3)
|
31
|
+
rake (13.0.1)
|
32
|
+
|
33
|
+
PLATFORMS
|
34
|
+
ruby
|
35
|
+
|
36
|
+
DEPENDENCIES
|
37
|
+
omniauth-oauth2-generic!
|
38
|
+
|
39
|
+
RUBY VERSION
|
40
|
+
ruby 2.6.6p146
|
41
|
+
|
42
|
+
BUNDLED WITH
|
43
|
+
1.17.3
|
data/README.md
CHANGED
@@ -2,11 +2,37 @@
|
|
2
2
|
|
3
3
|
By [Internet Exposure](https://www.iexposure.com/)
|
4
4
|
|
5
|
-
[](http://gitlab.iexposure.com/satorix/omniauth-oauth2-generic/pipelines)
|
6
|
-
[](http://gitlab.iexposure.com/satorix/omniauth-oauth2-generic/pipelines)
|
7
|
-
|
8
5
|
This gem provides an OmniAuth strategy for authenticating with an OAuth2 service using the authorization grant flow.
|
9
6
|
|
7
|
+
### Overview
|
8
|
+
Most OmniAuth gems are written either as abstractions ([omniauth-oauth2](https://github.com/intridea/omniauth-oauth2)) or for a specific provider ([omniauth-github](https://github.com/intridea/omniauth-github)), but this one is designed to be configurable enough to work with any basic OAuth2 provider. The primary differences between OAuth2 provider strategies in OmniAuth are:
|
9
|
+
|
10
|
+
1. The server's domain
|
11
|
+
2. The URL paths used to authorize, request tokens and get user info
|
12
|
+
3. The structure of the returned user information
|
13
|
+
|
14
|
+
These are all [configurable options](#configuration-options) in this gem.
|
15
|
+
There my be certain requirements/features of some providers not covered by this gem's options,
|
16
|
+
but it was designed primarily so that if you are implementing your own OAuth2 provider for your service,
|
17
|
+
you don't need to write an OmniAuth strategy as long as it is compatible with the basic options provided by this gem.
|
18
|
+
|
19
|
+
#### General Use Case
|
20
|
+
This strategy is designed to allow configuration of the simple OmniAuth SSO process outlined below:
|
21
|
+
|
22
|
+
1. OmniAuth directs client to the authorization URL (**configurable**), with specified ID and key
|
23
|
+
1. OAuth provider handles authentication of request, user, and (optionally) authorization of Application to access user's profile
|
24
|
+
1. OAuth provider directs client back to the Application, and Strategy handles negotiation of access token
|
25
|
+
1. Strategy requests user information from a **configurable** "user profile" URL
|
26
|
+
1. Strategy parses user information from the response, using a **configurable** format
|
27
|
+
1. OmniAuth returns the formatted user information
|
28
|
+
|
29
|
+
**Limitations of this Strategy:**
|
30
|
+
|
31
|
+
- It can only be used for Single Sign on, and will not provide any other access granted by any OAuth provider (such as importing projects or users, etc)
|
32
|
+
- It only supports the Authorization Grant flow (most common for client-server applications, like Rails apps)
|
33
|
+
- It is not able to fetch user information from more than one URL
|
34
|
+
- It has not been tested with user information formats other than JSON
|
35
|
+
|
10
36
|
## Installation
|
11
37
|
|
12
38
|
Add this line to your application's Gemfile:
|
@@ -27,13 +53,43 @@ Include this gem in your client app [as you would any OmniAuth strategy](https:/
|
|
27
53
|
"Your_OAuth_App_ID", "Your_OAuth_App_Secret",
|
28
54
|
client_options: {
|
29
55
|
site: 'https://your_oauth_server', # including port if necessary
|
30
|
-
user_info_url: '/api/path/to/
|
56
|
+
user_info_url: '/api/path/to/current_user/info'
|
31
57
|
},
|
32
|
-
|
58
|
+
user_response_structure: {
|
59
|
+
root_path: ['data', 'attributes'] # path to user attributes in JSON response
|
60
|
+
},
|
61
|
+
name: 'Satorix' # optional - custom name for the strategy (appears in URLs)
|
33
62
|
end
|
34
63
|
```
|
35
64
|
|
36
|
-
|
65
|
+
Now if you visit `http://yourserver/auth/oauth2_generic` (or `/auth/Satorix` for the custom name example), you should be directed to log in with your OAuth2 server.
|
66
|
+
|
67
|
+
## Configuration Options
|
68
|
+
|
69
|
+
Details about the available configuration options are provided as comments in [the OAuth2Generic class](lib/omniauth/strategies/oauth2_generic.rb).
|
70
|
+
|
71
|
+
Configuration options for this gem are:
|
72
|
+
|
73
|
+
* **client_options** - A Hash containing options for configuring the OAuth client to point to the right URLs
|
74
|
+
* **user_response_structure** - A Hash containing paths to various attributes of the user in the response that your OAuth server returns from the `user_info_url` specified in the `client_options`.
|
75
|
+
* **root_path** - An Array containing each key in the path to the node that contains the user attributes (i.e. `['data', 'attributes']` for a JsonAPI-formatted response)
|
76
|
+
* **id_path** - A String containing the name, or Array containing the keys in the path to the node that contains the user's ID (i.e. `['data', 'id']` for a JsonAPI-formatted response). Default: `'id'` (string values are assumed to be relative to the `root_path`)
|
77
|
+
* **attributes** - A Hash containing [standard Omniauth user attributes](https://github.com/omniauth/omniauth/wiki/auth-hash-schema#schema-10-and-later) and the names/paths to them in the response, if not the standard names (this hash defaults to looking for the standard names under the specified `root_path`)
|
78
|
+
|
79
|
+
**Note:** The entire raw response will also be returned in the `['extra']['raw_info']` field of the OmniAuth auth hash, regardless of the value of this option.
|
80
|
+
* **redirect_url** - The URL the client will be directed to after authentication. Defaults to `http://yourserver/auth/oauth2_generic/callback`
|
81
|
+
|
82
|
+
**Note:** Your OAuth server may restrict redirects to a specific list of URLs.
|
83
|
+
* **name** - A String. If set, this changes the name of the strategy used in the URLs and sometimes other places (the login button in Gitlab, for instance)
|
84
|
+
* **authorize_params** - A hash of additional parameters to be sent to the OAuth provider on an authorization request (special keys, or IDs, etc)
|
85
|
+
|
86
|
+
**Note:** The values of this hash can be lambdas, which will be given the [rack request](http://www.rubydoc.info/gems/rack/Rack/Request) as a parameter
|
87
|
+
|
88
|
+
The hash options have default values for all keys, and your provided configuration is merged into the default, so you do not have to re-specify nested default options (although you will need to provide at least `site` and `user_info_url` in `client_options`, unless you want to use the default/example gitlab.com configuration).
|
89
|
+
|
90
|
+
|
91
|
+
### Gitlab Config Example
|
92
|
+
As this gem was written to enable custom authentication in Gitlab, here is an example of how you would configure it in a Gitlab configuration file:
|
37
93
|
|
38
94
|
```ruby
|
39
95
|
# /etc/gitlab/gitlab.rb
|
@@ -50,6 +106,10 @@ gitlab_rails['omniauth_providers'] = [
|
|
50
106
|
'site' => 'https://your_oauth_server', # including port if necessary
|
51
107
|
'user_info_url' => '/api/path/to/fetch/current_user/info'
|
52
108
|
},
|
109
|
+
user_response_structure: {
|
110
|
+
root_path: ['data', 'user'], # i.e. if attributes are returned in JsonAPI format (in a 'user' node nested under a 'data' node)
|
111
|
+
attributes: { nickname: 'username' } # if the nickname attribute of a user is called 'username'
|
112
|
+
},
|
53
113
|
# optionally, you can add the following two lines to "white label" the display name
|
54
114
|
# of this strategy (appears in urls and Gitlab login buttons)
|
55
115
|
# If you do this, you must also replace oauth2_generic, everywhere it appears above, with the new name.
|
@@ -58,26 +118,4 @@ gitlab_rails['omniauth_providers'] = [
|
|
58
118
|
}
|
59
119
|
}
|
60
120
|
]
|
61
|
-
````
|
62
|
-
|
63
|
-
Now if you visit `http://yourserver/auth/oauth2_generic` (or `/auth/Satorix` for the custom name example), you should be directed to log in with your OAuth2 server.
|
64
|
-
|
65
|
-
## Configuration Options
|
66
|
-
|
67
|
-
Details about the available configuration options are provided as comments in [the OAuth2Generic class](lib/omniauth/strategies/oauth2_generic.rb).
|
68
|
-
|
69
|
-
Configuration options for this gem are:
|
70
|
-
|
71
|
-
* **client_options** - A Hash containing options for configuring the OAuth client to point to the right URLs
|
72
|
-
* **user_response_structure** - A Hash containing paths to various attributes of the user in the response that your OAuth server returns from the `user_info_url` specified in the `client_options`.
|
73
|
-
* **root_path** - An Array containing each key in the path to the node that contains the user attributes (i.e. `['data', 'attributes']` for a JsonAPI-formatted response)
|
74
|
-
* **id_path** - A String containing the name, or Array containing the keys in the path to the node that contains the user's ID (i.e. `['data', 'id']` for a JsonAPI-formatted response). Default: `'id'` (string values are assumed to be relative to the `root_path`)
|
75
|
-
* **attributes** - A Hash containing [standard Omniauth user attributes](https://github.com/omniauth/omniauth/wiki/auth-hash-schema#schema-10-and-later) and the names/paths to them in the response, if not the standard names (this hash defaults to looking for the standard names under the specified `root_path`)
|
76
|
-
|
77
|
-
**Note:** The entire raw response will also be returned in the `['extra']['raw_info']` field of the OmniAuth auth hash, regardless of the value of this option.
|
78
|
-
* **redirect_url** - The URL the client will be directed to after authentication. Defaults to `http://yourserver/auth/oauth2_generic/callback`
|
79
|
-
|
80
|
-
**Note:** Your OAuth server may restrict redirects to a specific list of URLs.
|
81
|
-
* **name** - A String. If set, this changes the name of the strategy used in the URLs and sometimes other places (the login button in Gitlab, for instance)
|
82
|
-
|
83
|
-
The hash options have default values for all keys, and your provided configuration is merged into the default, so you do not have to re-specify nested default options (although you will need to provide at least `site` and `user_info_url` in `client_options`, unless you want to use the default/example gitlab.com configuration).
|
121
|
+
````
|
data/Rakefile
CHANGED
data/bin/console
CHANGED
@@ -1,7 +1,8 @@
|
|
1
1
|
#!/usr/bin/env ruby
|
2
|
+
# frozen_string_literal: true
|
2
3
|
|
3
|
-
require
|
4
|
-
require
|
4
|
+
require 'bundler/setup'
|
5
|
+
require 'omniauth/satorix'
|
5
6
|
|
6
7
|
# You can add fixtures and/or initialization code here to make experimenting
|
7
8
|
# with your gem easier. You can also use a different console, if you like.
|
@@ -10,5 +11,5 @@ require "omniauth/satorix"
|
|
10
11
|
# require "pry"
|
11
12
|
# Pry.start
|
12
13
|
|
13
|
-
require
|
14
|
+
require 'irb'
|
14
15
|
IRB.start
|
@@ -1,33 +1,65 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
require 'omniauth-oauth2'
|
2
4
|
|
3
5
|
module OmniAuth
|
4
6
|
module Strategies
|
5
7
|
class OAuth2Generic < OmniAuth::Strategies::OAuth2
|
8
|
+
|
6
9
|
option :name, 'oauth2_generic'
|
7
10
|
|
8
|
-
option :client_options,
|
9
|
-
|
10
|
-
|
11
|
-
|
12
|
-
|
13
|
-
|
14
|
-
|
15
|
-
|
16
|
-
|
17
|
-
|
18
|
-
|
19
|
-
|
20
|
-
|
21
|
-
|
22
|
-
|
23
|
-
|
24
|
-
|
25
|
-
|
26
|
-
|
27
|
-
|
28
|
-
|
29
|
-
|
30
|
-
|
11
|
+
option :client_options,
|
12
|
+
{
|
13
|
+
# Defaults are set for GitLab example implementation
|
14
|
+
|
15
|
+
# The URL for your OAuth 2 server
|
16
|
+
site: 'https://gitlab.com',
|
17
|
+
# The endpoint on your OAuth 2 server that provides info for the current user
|
18
|
+
user_info_url: '/api/v3/user',
|
19
|
+
# The authorization endpoint for your OAuth server
|
20
|
+
authorize_url: '/oauth/authorize',
|
21
|
+
# The token request endpoint for your OAuth server
|
22
|
+
token_url: '/oauth/token'
|
23
|
+
}
|
24
|
+
|
25
|
+
option :user_response_structure,
|
26
|
+
{
|
27
|
+
# info about the structure of the response from the oauth server's user_info_url (specified above)
|
28
|
+
|
29
|
+
# The default path to the user attributes (i.e. ['data', 'attributes'])
|
30
|
+
root_path: [],
|
31
|
+
|
32
|
+
# The name or path to the user ID (i.e. ['data', 'id]').
|
33
|
+
# Scalars are considered relative to `root_path`, Arrays are absolute paths.
|
34
|
+
id_path: 'id',
|
35
|
+
|
36
|
+
# Alternate paths or names for any attributes that don't match the default
|
37
|
+
attributes: {
|
38
|
+
# Scalars are treated as relative (i.e. 'username' would point to
|
39
|
+
# response['data']['attributes']['username'], given a root_path of ['data', 'attributes'])
|
40
|
+
name: 'name',
|
41
|
+
|
42
|
+
# Arrays are treated as absolute paths (i.e. ['included', 'contacts', 0, 'email'] would point to
|
43
|
+
# response['included']['contacts'][0]['email'], regardless of root_path)
|
44
|
+
email: 'email',
|
45
|
+
|
46
|
+
nickname: 'nickname',
|
47
|
+
|
48
|
+
first_name: 'first_name',
|
49
|
+
|
50
|
+
last_name: 'last_name',
|
51
|
+
|
52
|
+
location: 'location',
|
53
|
+
|
54
|
+
description: 'description',
|
55
|
+
|
56
|
+
image: 'image',
|
57
|
+
|
58
|
+
phone: 'phone',
|
59
|
+
|
60
|
+
urls: 'urls'
|
61
|
+
}
|
62
|
+
}
|
31
63
|
|
32
64
|
option :redirect_url
|
33
65
|
|
@@ -36,10 +68,9 @@ module OmniAuth
|
|
36
68
|
end
|
37
69
|
|
38
70
|
info do
|
39
|
-
user_paths[:attributes].
|
71
|
+
user_paths[:attributes].each_with_object({}) do |(field, path), user_hash|
|
40
72
|
value = fetch_user_info(path)
|
41
73
|
user_hash[field] = value if value
|
42
|
-
user_hash
|
43
74
|
end
|
44
75
|
end
|
45
76
|
|
@@ -47,27 +78,43 @@ module OmniAuth
|
|
47
78
|
{ raw_info: raw_info }
|
48
79
|
end
|
49
80
|
|
81
|
+
|
50
82
|
def raw_info
|
51
83
|
@raw_info ||= access_token.get(options.client_options[:user_info_url]).parsed
|
52
84
|
end
|
53
85
|
|
54
|
-
private
|
55
86
|
|
56
|
-
def
|
57
|
-
|
87
|
+
def authorize_params
|
88
|
+
params = super
|
89
|
+
params.transform_values { |v| v.respond_to?(:call) ? v.call(request) : v }
|
58
90
|
end
|
59
91
|
|
60
|
-
def fetch_user_info(path)
|
61
|
-
return nil unless path
|
62
|
-
full_path = path.is_a?(Array) ? path : Array(user_paths[:root_path]) + [path]
|
63
|
-
full_path.inject(raw_info) { |info, key| info[key] rescue nil }
|
64
|
-
end
|
65
92
|
|
66
|
-
|
67
|
-
|
68
|
-
|
93
|
+
private
|
94
|
+
|
95
|
+
|
96
|
+
def user_paths
|
97
|
+
options.user_response_structure
|
98
|
+
end
|
99
|
+
|
100
|
+
|
101
|
+
def fetch_user_info(path)
|
102
|
+
return nil unless path
|
103
|
+
|
104
|
+
full_path = path.is_a?(Array) ? path : Array(user_paths[:root_path]) + [path]
|
105
|
+
full_path.inject(raw_info) do |info, key|
|
106
|
+
info[key]
|
107
|
+
rescue StandardError
|
108
|
+
nil
|
109
|
+
end
|
110
|
+
end
|
111
|
+
|
112
|
+
|
113
|
+
def callback_url
|
114
|
+
options.redirect_url || (full_host + script_name + callback_path)
|
115
|
+
end
|
69
116
|
end
|
70
117
|
end
|
71
118
|
end
|
72
119
|
|
73
|
-
OmniAuth.config.add_camelization 'oauth2_generic', 'OAuth2Generic'
|
120
|
+
OmniAuth.config.add_camelization 'oauth2_generic', 'OAuth2Generic'
|
@@ -1,31 +1,28 @@
|
|
1
|
-
#
|
2
|
-
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
lib = File.expand_path('lib', __dir__)
|
3
4
|
$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
|
4
5
|
require 'omniauth-oauth2-generic/version'
|
5
6
|
|
6
|
-
Gem::Specification.new do |
|
7
|
-
|
8
|
-
|
9
|
-
|
10
|
-
|
7
|
+
Gem::Specification.new do |gem|
|
8
|
+
gem.name = 'omniauth-oauth2-generic'
|
9
|
+
gem.version = Omniauth::OAuth2Generic::VERSION
|
10
|
+
gem.authors = ['Satorix']
|
11
|
+
gem.email = ['satorix@iexposure.com']
|
12
|
+
|
13
|
+
gem.summary = 'Generic, Configurable OmniAuth Strategy for OAuth2 providers'
|
14
|
+
gem.description = gem.summary
|
15
|
+
gem.homepage = 'https://gitlab.com/satorix/omniauth-oauth2-generic'
|
16
|
+
gem.license = 'MIT'
|
11
17
|
|
12
|
-
|
13
|
-
spec.description = spec.summary
|
14
|
-
spec.homepage = "https://gitlab.com/satorix/omniauth-oauth2-generic"
|
15
|
-
spec.license = "MIT"
|
18
|
+
gem.required_ruby_version = '>= 1.9'
|
16
19
|
|
17
|
-
|
20
|
+
gem.files = `git ls-files -z`.split("\x0").reject do |f|
|
18
21
|
f.match(%r{^(test|spec|features)/})
|
19
22
|
end
|
20
|
-
|
21
|
-
spec.executables = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
|
22
|
-
spec.require_paths = ["lib"]
|
23
|
+
gem.require_paths = ['lib']
|
23
24
|
|
24
|
-
|
25
|
+
gem.add_dependency 'omniauth-oauth2', '~> 1.0'
|
26
|
+
gem.add_dependency 'rake'
|
25
27
|
|
26
|
-
spec.add_development_dependency "bundler", "~> 1.13"
|
27
|
-
spec.add_development_dependency "rake", "~> 10.0"
|
28
|
-
spec.add_development_dependency "rspec", "~> 3.1"
|
29
|
-
spec.add_development_dependency "rack-test"
|
30
|
-
spec.add_development_dependency "webmock"
|
31
28
|
end
|
@@ -0,0 +1,83 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
module Satorix
|
4
|
+
module CI
|
5
|
+
module Deploy
|
6
|
+
module Rubygems
|
7
|
+
|
8
|
+
|
9
|
+
require 'fileutils'
|
10
|
+
|
11
|
+
|
12
|
+
include Satorix::Shared::Console
|
13
|
+
|
14
|
+
|
15
|
+
extend self
|
16
|
+
|
17
|
+
|
18
|
+
def go
|
19
|
+
log_bench('Generating rubygems.org configuration_file...') { generate_rubygems_configuration_file }
|
20
|
+
log_bench('Preparing gem build directory...') { prepare_gem_build_directory }
|
21
|
+
log_bench('Building gem...') { build_gem }
|
22
|
+
built_gems.each { |gem| log_bench("Publishing #{ File.basename gem }...") { publish_gem gem } }
|
23
|
+
end
|
24
|
+
|
25
|
+
|
26
|
+
private
|
27
|
+
|
28
|
+
|
29
|
+
def build_gem
|
30
|
+
Dir.chdir(Satorix.app_dir) do
|
31
|
+
run_command 'bundle exec rake build'
|
32
|
+
end
|
33
|
+
end
|
34
|
+
|
35
|
+
|
36
|
+
def built_gems
|
37
|
+
Dir.glob(File.join(gem_build_directory, '*.gem')).select { |e| File.file? e }
|
38
|
+
end
|
39
|
+
|
40
|
+
|
41
|
+
def gem_build_directory
|
42
|
+
File.join Satorix.app_dir, 'pkg'
|
43
|
+
end
|
44
|
+
|
45
|
+
|
46
|
+
def generate_rubygems_configuration_file
|
47
|
+
path = File.join(Dir.home, '.gem')
|
48
|
+
FileUtils.mkdir_p(path) unless File.exist?(path)
|
49
|
+
|
50
|
+
file = File.join(path, 'credentials')
|
51
|
+
File.open(file, 'w') { |f| f.write rubygems_configuration_file_contents }
|
52
|
+
FileUtils.chmod 0o600, file
|
53
|
+
end
|
54
|
+
|
55
|
+
|
56
|
+
def prepare_gem_build_directory
|
57
|
+
run_command "rm -rf #{ gem_build_directory }"
|
58
|
+
FileUtils.mkdir_p gem_build_directory
|
59
|
+
end
|
60
|
+
|
61
|
+
|
62
|
+
def publish_gem(gem)
|
63
|
+
run_command "gem push #{ gem } --config-file #{ File.join(Dir.home, '.gem', 'credentials') }"
|
64
|
+
rescue RuntimeError
|
65
|
+
# To prevent the display of an ugly stacktrace.
|
66
|
+
abort "\nGem was not published!"
|
67
|
+
end
|
68
|
+
|
69
|
+
|
70
|
+
def rubygems_api_key
|
71
|
+
ENV['SATORIX_CI_RUBYGEMS_API_KEY']
|
72
|
+
end
|
73
|
+
|
74
|
+
|
75
|
+
def rubygems_configuration_file_contents
|
76
|
+
"---\n:rubygems_api_key: #{ rubygems_api_key }"
|
77
|
+
end
|
78
|
+
|
79
|
+
|
80
|
+
end
|
81
|
+
end
|
82
|
+
end
|
83
|
+
end
|
@@ -0,0 +1,36 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
module Satorix
|
4
|
+
module CI
|
5
|
+
module Test
|
6
|
+
module CustomBundlerAudit
|
7
|
+
|
8
|
+
include Satorix::Shared::Console
|
9
|
+
|
10
|
+
extend self
|
11
|
+
|
12
|
+
|
13
|
+
def go
|
14
|
+
log_bench('Displaying current Ruby version...') { run_command 'ruby -v' }
|
15
|
+
log_bench('Installing bundler-audit...') { install_gem }
|
16
|
+
log_bench('Auditing Gemfile.lock...') { run_scan }
|
17
|
+
end
|
18
|
+
|
19
|
+
|
20
|
+
private
|
21
|
+
|
22
|
+
|
23
|
+
def install_gem
|
24
|
+
run_command "gem install bundler-audit --no-document --bindir #{ Satorix.bin_dir }"
|
25
|
+
end
|
26
|
+
|
27
|
+
|
28
|
+
def run_scan
|
29
|
+
run_command 'bundle-audit check --update --ignore CVE-2015-9284'
|
30
|
+
end
|
31
|
+
|
32
|
+
|
33
|
+
end
|
34
|
+
end
|
35
|
+
end
|
36
|
+
end
|
data/satorix/custom.rb
ADDED
@@ -0,0 +1,27 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
module Satorix
|
4
|
+
module Custom
|
5
|
+
|
6
|
+
# Ensure the files required by the available_jobs method are available.
|
7
|
+
require_relative 'CI/deploy/rubygems'
|
8
|
+
require_relative 'CI/test/custom_bundler_audit'
|
9
|
+
|
10
|
+
|
11
|
+
extend self
|
12
|
+
|
13
|
+
|
14
|
+
def available_jobs
|
15
|
+
{
|
16
|
+
deploy: {
|
17
|
+
deploy_to_rubygems: Satorix::CI::Deploy::Rubygems
|
18
|
+
},
|
19
|
+
test: {
|
20
|
+
custom_bundler_audit: Satorix::CI::Test::CustomBundlerAudit
|
21
|
+
}
|
22
|
+
}
|
23
|
+
end
|
24
|
+
|
25
|
+
|
26
|
+
end
|
27
|
+
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: omniauth-oauth2-generic
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.2.
|
4
|
+
version: 0.2.7
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
|
-
-
|
7
|
+
- Satorix
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2020-09-11 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: omniauth-oauth2
|
@@ -24,70 +24,14 @@ dependencies:
|
|
24
24
|
- - "~>"
|
25
25
|
- !ruby/object:Gem::Version
|
26
26
|
version: '1.0'
|
27
|
-
- !ruby/object:Gem::Dependency
|
28
|
-
name: bundler
|
29
|
-
requirement: !ruby/object:Gem::Requirement
|
30
|
-
requirements:
|
31
|
-
- - "~>"
|
32
|
-
- !ruby/object:Gem::Version
|
33
|
-
version: '1.13'
|
34
|
-
type: :development
|
35
|
-
prerelease: false
|
36
|
-
version_requirements: !ruby/object:Gem::Requirement
|
37
|
-
requirements:
|
38
|
-
- - "~>"
|
39
|
-
- !ruby/object:Gem::Version
|
40
|
-
version: '1.13'
|
41
27
|
- !ruby/object:Gem::Dependency
|
42
28
|
name: rake
|
43
|
-
requirement: !ruby/object:Gem::Requirement
|
44
|
-
requirements:
|
45
|
-
- - "~>"
|
46
|
-
- !ruby/object:Gem::Version
|
47
|
-
version: '10.0'
|
48
|
-
type: :development
|
49
|
-
prerelease: false
|
50
|
-
version_requirements: !ruby/object:Gem::Requirement
|
51
|
-
requirements:
|
52
|
-
- - "~>"
|
53
|
-
- !ruby/object:Gem::Version
|
54
|
-
version: '10.0'
|
55
|
-
- !ruby/object:Gem::Dependency
|
56
|
-
name: rspec
|
57
|
-
requirement: !ruby/object:Gem::Requirement
|
58
|
-
requirements:
|
59
|
-
- - "~>"
|
60
|
-
- !ruby/object:Gem::Version
|
61
|
-
version: '3.1'
|
62
|
-
type: :development
|
63
|
-
prerelease: false
|
64
|
-
version_requirements: !ruby/object:Gem::Requirement
|
65
|
-
requirements:
|
66
|
-
- - "~>"
|
67
|
-
- !ruby/object:Gem::Version
|
68
|
-
version: '3.1'
|
69
|
-
- !ruby/object:Gem::Dependency
|
70
|
-
name: rack-test
|
71
|
-
requirement: !ruby/object:Gem::Requirement
|
72
|
-
requirements:
|
73
|
-
- - ">="
|
74
|
-
- !ruby/object:Gem::Version
|
75
|
-
version: '0'
|
76
|
-
type: :development
|
77
|
-
prerelease: false
|
78
|
-
version_requirements: !ruby/object:Gem::Requirement
|
79
|
-
requirements:
|
80
|
-
- - ">="
|
81
|
-
- !ruby/object:Gem::Version
|
82
|
-
version: '0'
|
83
|
-
- !ruby/object:Gem::Dependency
|
84
|
-
name: webmock
|
85
29
|
requirement: !ruby/object:Gem::Requirement
|
86
30
|
requirements:
|
87
31
|
- - ">="
|
88
32
|
- !ruby/object:Gem::Version
|
89
33
|
version: '0'
|
90
|
-
type: :
|
34
|
+
type: :runtime
|
91
35
|
prerelease: false
|
92
36
|
version_requirements: !ruby/object:Gem::Requirement
|
93
37
|
requirements:
|
@@ -96,16 +40,19 @@ dependencies:
|
|
96
40
|
version: '0'
|
97
41
|
description: Generic, Configurable OmniAuth Strategy for OAuth2 providers
|
98
42
|
email:
|
99
|
-
-
|
100
|
-
executables:
|
101
|
-
- console
|
102
|
-
- setup
|
43
|
+
- satorix@iexposure.com
|
44
|
+
executables: []
|
103
45
|
extensions: []
|
104
46
|
extra_rdoc_files: []
|
105
47
|
files:
|
106
48
|
- ".gitignore"
|
49
|
+
- ".gitlab-ci.yml"
|
107
50
|
- ".rspec"
|
51
|
+
- ".rubocop.yml"
|
52
|
+
- ".ruby-version"
|
53
|
+
- CHANGELOG.md
|
108
54
|
- Gemfile
|
55
|
+
- Gemfile.lock
|
109
56
|
- LICENSE.md
|
110
57
|
- README.md
|
111
58
|
- Rakefile
|
@@ -115,6 +62,9 @@ files:
|
|
115
62
|
- lib/omniauth-oauth2-generic/version.rb
|
116
63
|
- lib/omniauth/strategies/oauth2_generic.rb
|
117
64
|
- omniauth-oauth2-generic.gemspec
|
65
|
+
- satorix/CI/deploy/rubygems.rb
|
66
|
+
- satorix/CI/test/custom_bundler_audit.rb
|
67
|
+
- satorix/custom.rb
|
118
68
|
homepage: https://gitlab.com/satorix/omniauth-oauth2-generic
|
119
69
|
licenses:
|
120
70
|
- MIT
|
@@ -127,15 +77,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
127
77
|
requirements:
|
128
78
|
- - ">="
|
129
79
|
- !ruby/object:Gem::Version
|
130
|
-
version: '
|
80
|
+
version: '1.9'
|
131
81
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
132
82
|
requirements:
|
133
83
|
- - ">="
|
134
84
|
- !ruby/object:Gem::Version
|
135
85
|
version: '0'
|
136
86
|
requirements: []
|
137
|
-
|
138
|
-
rubygems_version: 2.5.1
|
87
|
+
rubygems_version: 3.0.3
|
139
88
|
signing_key:
|
140
89
|
specification_version: 4
|
141
90
|
summary: Generic, Configurable OmniAuth Strategy for OAuth2 providers
|