omniauth-oauth2-generic 0.2.2 → 0.2.8
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +5 -5
- data/.gitignore +3 -2
- data/.gitlab-ci.yml +44 -0
- data/.rubocop.yml +48 -0
- data/.ruby-version +1 -0
- data/CHANGELOG.md +3 -0
- data/Gemfile +4 -0
- data/Gemfile.lock +43 -0
- data/README.md +67 -29
- data/Rakefile +4 -2
- data/bin/console +4 -3
- data/lib/omniauth/strategies/oauth2_generic.rb +86 -37
- data/lib/omniauth-oauth2-generic/version.rb +3 -1
- data/lib/omniauth-oauth2-generic.rb +4 -2
- data/omniauth-oauth2-generic.gemspec +18 -21
- data/satorix/CI/deploy/rubygems.rb +83 -0
- data/satorix/CI/test/custom_bundler_audit.rb +36 -0
- data/satorix/custom.rb +27 -0
- metadata +16 -67
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
|
-
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
2
|
+
SHA256:
|
3
|
+
metadata.gz: 0efe33dc7457a9d0e6b34debc3c1870f2c37d2a8d07567cac1cbb752176bfa38
|
4
|
+
data.tar.gz: 9300826d8c5252d814c1fef2674ed3a6e31d096bb1f0518d4fd0a70b0bf70209
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 1104761bcc9f0e95e71ef281f1aa66f2e1b708b4e5875af112cd8bebc2483857173b4d69b9982b90e86bcbaf46a0bbb111cb4d4b98311dcc6ec7d36b90e06a2f
|
7
|
+
data.tar.gz: 2e61fdff85258367f9d0cdf598c7af13bcb04ae11bd9b6cfef29f99ea99b4306e886fa4fd2a91c0426a1cec36a85bd6b605db1245b91f0c5b5f7f87040077717
|
data/.gitignore
CHANGED
data/.gitlab-ci.yml
ADDED
@@ -0,0 +1,44 @@
|
|
1
|
+
image: 'satorix/base'
|
2
|
+
|
3
|
+
cache:
|
4
|
+
key: "$CI_PROJECT_ID"
|
5
|
+
paths:
|
6
|
+
- 'tmp/satorix/cache' # To cache buildpack gems between runs.
|
7
|
+
|
8
|
+
|
9
|
+
.satorix: &satorix
|
10
|
+
script:
|
11
|
+
- gem install satorix --no-document
|
12
|
+
- satorix
|
13
|
+
|
14
|
+
|
15
|
+
# bundler-audit
|
16
|
+
# Patch-level verification for Bundler
|
17
|
+
# https://github.com/rubysec/bundler-audit
|
18
|
+
# TODO : Restore original version when https://github.com/omniauth/omniauth/pull/809 is resolved
|
19
|
+
custom_bundler_audit:
|
20
|
+
<<: *satorix
|
21
|
+
|
22
|
+
|
23
|
+
# RSpec
|
24
|
+
# Behaviour Driven Development for Ruby
|
25
|
+
# http://rspec.info/
|
26
|
+
rspec:
|
27
|
+
<<: *satorix
|
28
|
+
|
29
|
+
|
30
|
+
# RuboCop
|
31
|
+
# A Ruby static code analyzer, based on the community Ruby style guide.
|
32
|
+
# https://github.com/bbatsov/rubocop
|
33
|
+
rubocop:
|
34
|
+
<<: *satorix
|
35
|
+
|
36
|
+
|
37
|
+
# This is a custom job, defined at satorix/CI/deploy/rubygems.rb
|
38
|
+
deploy_to_rubygems:
|
39
|
+
stage: deploy
|
40
|
+
only:
|
41
|
+
- tags
|
42
|
+
except:
|
43
|
+
- schedules
|
44
|
+
<<: *satorix
|
data/.rubocop.yml
ADDED
@@ -0,0 +1,48 @@
|
|
1
|
+
AllCops:
|
2
|
+
Exclude:
|
3
|
+
- 'bin/**/*'
|
4
|
+
- 'tmp/**/*'
|
5
|
+
- 'vendor/**/*'
|
6
|
+
NewCops: enable
|
7
|
+
|
8
|
+
# We develop in a higher version than is absolutely required.
|
9
|
+
Gemspec/RequiredRubyVersion:
|
10
|
+
Enabled: false
|
11
|
+
|
12
|
+
Layout/SpaceInsideStringInterpolation:
|
13
|
+
EnforcedStyle: space
|
14
|
+
|
15
|
+
# TODO - fix/enable layout lines cops ------------------------------------------------------
|
16
|
+
|
17
|
+
Layout/EmptyLines:
|
18
|
+
Enabled: false
|
19
|
+
|
20
|
+
Layout/EmptyLinesAroundClassBody:
|
21
|
+
Enabled: false
|
22
|
+
|
23
|
+
Layout/EmptyLinesAroundModuleBody:
|
24
|
+
Enabled: false
|
25
|
+
|
26
|
+
# ------------------------------------------------------------------------------------------
|
27
|
+
|
28
|
+
Layout/EmptyLineBetweenDefs:
|
29
|
+
NumberOfEmptyLines: 2
|
30
|
+
|
31
|
+
Layout/IndentationConsistency:
|
32
|
+
EnforcedStyle: indented_internal_methods
|
33
|
+
|
34
|
+
# Ignore spec for large contexts
|
35
|
+
Metrics/BlockLength:
|
36
|
+
Exclude:
|
37
|
+
- 'spec/**/*'
|
38
|
+
|
39
|
+
Naming/FileName:
|
40
|
+
Exclude:
|
41
|
+
- 'lib/omniauth-oauth2-generic.rb'
|
42
|
+
|
43
|
+
Style/Documentation:
|
44
|
+
Enabled: false
|
45
|
+
|
46
|
+
# The recommended alternative does not work for this application.
|
47
|
+
Style/ModuleFunction:
|
48
|
+
Enabled: false
|
data/.ruby-version
ADDED
@@ -0,0 +1 @@
|
|
1
|
+
ruby-2.6.6
|
data/CHANGELOG.md
ADDED
data/Gemfile
CHANGED
data/Gemfile.lock
ADDED
@@ -0,0 +1,43 @@
|
|
1
|
+
PATH
|
2
|
+
remote: .
|
3
|
+
specs:
|
4
|
+
omniauth-oauth2-generic (0.2.8)
|
5
|
+
omniauth-oauth2 (~> 1.0)
|
6
|
+
rake
|
7
|
+
|
8
|
+
GEM
|
9
|
+
remote: https://rubygems.org/
|
10
|
+
specs:
|
11
|
+
faraday (1.0.1)
|
12
|
+
multipart-post (>= 1.2, < 3)
|
13
|
+
hashie (4.1.0)
|
14
|
+
jwt (2.2.1)
|
15
|
+
multi_json (1.14.1)
|
16
|
+
multi_xml (0.6.0)
|
17
|
+
multipart-post (2.1.1)
|
18
|
+
oauth2 (1.4.4)
|
19
|
+
faraday (>= 0.8, < 2.0)
|
20
|
+
jwt (>= 1.0, < 3.0)
|
21
|
+
multi_json (~> 1.3)
|
22
|
+
multi_xml (~> 0.5)
|
23
|
+
rack (>= 1.2, < 3)
|
24
|
+
omniauth (1.9.1)
|
25
|
+
hashie (>= 3.4.6)
|
26
|
+
rack (>= 1.6.2, < 3)
|
27
|
+
omniauth-oauth2 (1.6.0)
|
28
|
+
oauth2 (~> 1.1)
|
29
|
+
omniauth (~> 1.9)
|
30
|
+
rack (2.2.3)
|
31
|
+
rake (13.0.1)
|
32
|
+
|
33
|
+
PLATFORMS
|
34
|
+
ruby
|
35
|
+
|
36
|
+
DEPENDENCIES
|
37
|
+
omniauth-oauth2-generic!
|
38
|
+
|
39
|
+
RUBY VERSION
|
40
|
+
ruby 2.6.6p146
|
41
|
+
|
42
|
+
BUNDLED WITH
|
43
|
+
1.17.3
|
data/README.md
CHANGED
@@ -2,11 +2,37 @@
|
|
2
2
|
|
3
3
|
By [Internet Exposure](https://www.iexposure.com/)
|
4
4
|
|
5
|
-
[![build](http://gitlab.iexposure.com/satorix/omniauth-oauth2-generic/badges/master/build.svg)](http://gitlab.iexposure.com/satorix/omniauth-oauth2-generic/pipelines)
|
6
|
-
[![coverage](http://gitlab.iexposure.com/satorix/omniauth-oauth2-generic/badges/master/coverage.svg)](http://gitlab.iexposure.com/satorix/omniauth-oauth2-generic/pipelines)
|
7
|
-
|
8
5
|
This gem provides an OmniAuth strategy for authenticating with an OAuth2 service using the authorization grant flow.
|
9
6
|
|
7
|
+
### Overview
|
8
|
+
Most OmniAuth gems are written either as abstractions ([omniauth-oauth2](https://github.com/intridea/omniauth-oauth2)) or for a specific provider ([omniauth-github](https://github.com/intridea/omniauth-github)), but this one is designed to be configurable enough to work with any basic OAuth2 provider. The primary differences between OAuth2 provider strategies in OmniAuth are:
|
9
|
+
|
10
|
+
1. The server's domain
|
11
|
+
2. The URL paths used to authorize, request tokens and get user info
|
12
|
+
3. The structure of the returned user information
|
13
|
+
|
14
|
+
These are all [configurable options](#configuration-options) in this gem.
|
15
|
+
There my be certain requirements/features of some providers not covered by this gem's options,
|
16
|
+
but it was designed primarily so that if you are implementing your own OAuth2 provider for your service,
|
17
|
+
you don't need to write an OmniAuth strategy as long as it is compatible with the basic options provided by this gem.
|
18
|
+
|
19
|
+
#### General Use Case
|
20
|
+
This strategy is designed to allow configuration of the simple OmniAuth SSO process outlined below:
|
21
|
+
|
22
|
+
1. OmniAuth directs client to the authorization URL (**configurable**), with specified ID and key
|
23
|
+
1. OAuth provider handles authentication of request, user, and (optionally) authorization of Application to access user's profile
|
24
|
+
1. OAuth provider directs client back to the Application, and Strategy handles negotiation of access token
|
25
|
+
1. Strategy requests user information from a **configurable** "user profile" URL
|
26
|
+
1. Strategy parses user information from the response, using a **configurable** format
|
27
|
+
1. OmniAuth returns the formatted user information
|
28
|
+
|
29
|
+
**Limitations of this Strategy:**
|
30
|
+
|
31
|
+
- It can only be used for Single Sign on, and will not provide any other access granted by any OAuth provider (such as importing projects or users, etc)
|
32
|
+
- It only supports the Authorization Grant flow (most common for client-server applications, like Rails apps)
|
33
|
+
- It is not able to fetch user information from more than one URL
|
34
|
+
- It has not been tested with user information formats other than JSON
|
35
|
+
|
10
36
|
## Installation
|
11
37
|
|
12
38
|
Add this line to your application's Gemfile:
|
@@ -27,13 +53,43 @@ Include this gem in your client app [as you would any OmniAuth strategy](https:/
|
|
27
53
|
"Your_OAuth_App_ID", "Your_OAuth_App_Secret",
|
28
54
|
client_options: {
|
29
55
|
site: 'https://your_oauth_server', # including port if necessary
|
30
|
-
user_info_url: '/api/path/to/
|
56
|
+
user_info_url: '/api/path/to/current_user/info'
|
31
57
|
},
|
32
|
-
|
58
|
+
user_response_structure: {
|
59
|
+
root_path: ['data', 'attributes'] # path to user attributes in JSON response
|
60
|
+
},
|
61
|
+
name: 'Satorix' # optional - custom name for the strategy (appears in URLs)
|
33
62
|
end
|
34
63
|
```
|
35
64
|
|
36
|
-
|
65
|
+
Now if you visit `http://yourserver/auth/oauth2_generic` (or `/auth/Satorix` for the custom name example), you should be directed to log in with your OAuth2 server.
|
66
|
+
|
67
|
+
## Configuration Options
|
68
|
+
|
69
|
+
Details about the available configuration options are provided as comments in [the OAuth2Generic class](lib/omniauth/strategies/oauth2_generic.rb).
|
70
|
+
|
71
|
+
Configuration options for this gem are:
|
72
|
+
|
73
|
+
* **client_options** - A Hash containing options for configuring the OAuth client to point to the right URLs
|
74
|
+
* **user_response_structure** - A Hash containing paths to various attributes of the user in the response that your OAuth server returns from the `user_info_url` specified in the `client_options`.
|
75
|
+
* **root_path** - An Array containing each key in the path to the node that contains the user attributes (i.e. `['data', 'attributes']` for a JsonAPI-formatted response)
|
76
|
+
* **id_path** - A String containing the name, or Array containing the keys in the path to the node that contains the user's ID (i.e. `['data', 'id']` for a JsonAPI-formatted response). Default: `'id'` (string values are assumed to be relative to the `root_path`)
|
77
|
+
* **attributes** - A Hash containing [standard Omniauth user attributes](https://github.com/omniauth/omniauth/wiki/auth-hash-schema#schema-10-and-later) and the names/paths to them in the response, if not the standard names (this hash defaults to looking for the standard names under the specified `root_path`)
|
78
|
+
|
79
|
+
**Note:** The entire raw response will also be returned in the `['extra']['raw_info']` field of the OmniAuth auth hash, regardless of the value of this option.
|
80
|
+
* **redirect_url** - The URL the client will be directed to after authentication. Defaults to `http://yourserver/auth/oauth2_generic/callback`
|
81
|
+
|
82
|
+
**Note:** Your OAuth server may restrict redirects to a specific list of URLs.
|
83
|
+
* **name** - A String. If set, this changes the name of the strategy used in the URLs and sometimes other places (the login button in Gitlab, for instance)
|
84
|
+
* **authorize_params** - A hash of additional parameters to be sent to the OAuth provider on an authorization request (special keys, or IDs, etc)
|
85
|
+
|
86
|
+
**Note:** The values of this hash can be lambdas, which will be given the [rack request](http://www.rubydoc.info/gems/rack/Rack/Request) as a parameter
|
87
|
+
|
88
|
+
The hash options have default values for all keys, and your provided configuration is merged into the default, so you do not have to re-specify nested default options (although you will need to provide at least `site` and `user_info_url` in `client_options`, unless you want to use the default/example gitlab.com configuration).
|
89
|
+
|
90
|
+
|
91
|
+
### Gitlab Config Example
|
92
|
+
As this gem was written to enable custom authentication in Gitlab, here is an example of how you would configure it in a Gitlab configuration file:
|
37
93
|
|
38
94
|
```ruby
|
39
95
|
# /etc/gitlab/gitlab.rb
|
@@ -50,6 +106,10 @@ gitlab_rails['omniauth_providers'] = [
|
|
50
106
|
'site' => 'https://your_oauth_server', # including port if necessary
|
51
107
|
'user_info_url' => '/api/path/to/fetch/current_user/info'
|
52
108
|
},
|
109
|
+
user_response_structure: {
|
110
|
+
root_path: ['data', 'user'], # i.e. if attributes are returned in JsonAPI format (in a 'user' node nested under a 'data' node)
|
111
|
+
attributes: { nickname: 'username' } # if the nickname attribute of a user is called 'username'
|
112
|
+
},
|
53
113
|
# optionally, you can add the following two lines to "white label" the display name
|
54
114
|
# of this strategy (appears in urls and Gitlab login buttons)
|
55
115
|
# If you do this, you must also replace oauth2_generic, everywhere it appears above, with the new name.
|
@@ -58,26 +118,4 @@ gitlab_rails['omniauth_providers'] = [
|
|
58
118
|
}
|
59
119
|
}
|
60
120
|
]
|
61
|
-
````
|
62
|
-
|
63
|
-
Now if you visit `http://yourserver/auth/oauth2_generic` (or `/auth/Satorix` for the custom name example), you should be directed to log in with your OAuth2 server.
|
64
|
-
|
65
|
-
## Configuration Options
|
66
|
-
|
67
|
-
Details about the available configuration options are provided as comments in [the OAuth2Generic class](lib/omniauth/strategies/oauth2_generic.rb).
|
68
|
-
|
69
|
-
Configuration options for this gem are:
|
70
|
-
|
71
|
-
* **client_options** - A Hash containing options for configuring the OAuth client to point to the right URLs
|
72
|
-
* **user_response_structure** - A Hash containing paths to various attributes of the user in the response that your OAuth server returns from the `user_info_url` specified in the `client_options`.
|
73
|
-
* **root_path** - An Array containing each key in the path to the node that contains the user attributes (i.e. `['data', 'attributes']` for a JsonAPI-formatted response)
|
74
|
-
* **id_path** - A String containing the name, or Array containing the keys in the path to the node that contains the user's ID (i.e. `['data', 'id']` for a JsonAPI-formatted response). Default: `'id'` (string values are assumed to be relative to the `root_path`)
|
75
|
-
* **attributes** - A Hash containing [standard Omniauth user attributes](https://github.com/omniauth/omniauth/wiki/auth-hash-schema#schema-10-and-later) and the names/paths to them in the response, if not the standard names (this hash defaults to looking for the standard names under the specified `root_path`)
|
76
|
-
|
77
|
-
**Note:** The entire raw response will also be returned in the `['extra']['raw_info']` field of the OmniAuth auth hash, regardless of the value of this option.
|
78
|
-
* **redirect_url** - The URL the client will be directed to after authentication. Defaults to `http://yourserver/auth/oauth2_generic/callback`
|
79
|
-
|
80
|
-
**Note:** Your OAuth server may restrict redirects to a specific list of URLs.
|
81
|
-
* **name** - A String. If set, this changes the name of the strategy used in the URLs and sometimes other places (the login button in Gitlab, for instance)
|
82
|
-
|
83
|
-
The hash options have default values for all keys, and your provided configuration is merged into the default, so you do not have to re-specify nested default options (although you will need to provide at least `site` and `user_info_url` in `client_options`, unless you want to use the default/example gitlab.com configuration).
|
121
|
+
````
|
data/Rakefile
CHANGED
data/bin/console
CHANGED
@@ -1,7 +1,8 @@
|
|
1
1
|
#!/usr/bin/env ruby
|
2
|
+
# frozen_string_literal: true
|
2
3
|
|
3
|
-
require
|
4
|
-
require
|
4
|
+
require 'bundler/setup'
|
5
|
+
require 'omniauth/satorix'
|
5
6
|
|
6
7
|
# You can add fixtures and/or initialization code here to make experimenting
|
7
8
|
# with your gem easier. You can also use a different console, if you like.
|
@@ -10,5 +11,5 @@ require "omniauth/satorix"
|
|
10
11
|
# require "pry"
|
11
12
|
# Pry.start
|
12
13
|
|
13
|
-
require
|
14
|
+
require 'irb'
|
14
15
|
IRB.start
|
@@ -1,33 +1,65 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
require 'omniauth-oauth2'
|
2
4
|
|
3
5
|
module OmniAuth
|
4
6
|
module Strategies
|
5
7
|
class OAuth2Generic < OmniAuth::Strategies::OAuth2
|
8
|
+
|
6
9
|
option :name, 'oauth2_generic'
|
7
10
|
|
8
|
-
option :client_options,
|
9
|
-
|
10
|
-
|
11
|
-
|
12
|
-
|
13
|
-
|
14
|
-
|
15
|
-
|
16
|
-
|
17
|
-
|
18
|
-
|
19
|
-
|
20
|
-
|
21
|
-
|
22
|
-
|
23
|
-
|
24
|
-
|
25
|
-
|
26
|
-
|
27
|
-
|
28
|
-
|
29
|
-
|
30
|
-
|
11
|
+
option :client_options,
|
12
|
+
{
|
13
|
+
# Defaults are set for GitLab example implementation
|
14
|
+
|
15
|
+
# The URL for your OAuth 2 server
|
16
|
+
site: 'https://gitlab.com',
|
17
|
+
# The endpoint on your OAuth 2 server that provides info for the current user
|
18
|
+
user_info_url: '/api/v3/user',
|
19
|
+
# The authorization endpoint for your OAuth server
|
20
|
+
authorize_url: '/oauth/authorize',
|
21
|
+
# The token request endpoint for your OAuth server
|
22
|
+
token_url: '/oauth/token'
|
23
|
+
}
|
24
|
+
|
25
|
+
option :user_response_structure,
|
26
|
+
{
|
27
|
+
# info about the structure of the response from the oauth server's user_info_url (specified above)
|
28
|
+
|
29
|
+
# The default path to the user attributes (i.e. ['data', 'attributes'])
|
30
|
+
root_path: [],
|
31
|
+
|
32
|
+
# The name or path to the user ID (i.e. ['data', 'id]').
|
33
|
+
# Scalars are considered relative to `root_path`, Arrays are absolute paths.
|
34
|
+
id_path: 'id',
|
35
|
+
|
36
|
+
# Alternate paths or names for any attributes that don't match the default
|
37
|
+
attributes: {
|
38
|
+
# Scalars are treated as relative (i.e. 'username' would point to
|
39
|
+
# response['data']['attributes']['username'], given a root_path of ['data', 'attributes'])
|
40
|
+
name: 'name',
|
41
|
+
|
42
|
+
# Arrays are treated as absolute paths (i.e. ['included', 'contacts', 0, 'email'] would point to
|
43
|
+
# response['included']['contacts'][0]['email'], regardless of root_path)
|
44
|
+
email: 'email',
|
45
|
+
|
46
|
+
nickname: 'nickname',
|
47
|
+
|
48
|
+
first_name: 'first_name',
|
49
|
+
|
50
|
+
last_name: 'last_name',
|
51
|
+
|
52
|
+
location: 'location',
|
53
|
+
|
54
|
+
description: 'description',
|
55
|
+
|
56
|
+
image: 'image',
|
57
|
+
|
58
|
+
phone: 'phone',
|
59
|
+
|
60
|
+
urls: 'urls'
|
61
|
+
}
|
62
|
+
}
|
31
63
|
|
32
64
|
option :redirect_url
|
33
65
|
|
@@ -36,10 +68,9 @@ module OmniAuth
|
|
36
68
|
end
|
37
69
|
|
38
70
|
info do
|
39
|
-
user_paths[:attributes].
|
71
|
+
user_paths[:attributes].each_with_object({}) do |(field, path), user_hash|
|
40
72
|
value = fetch_user_info(path)
|
41
73
|
user_hash[field] = value if value
|
42
|
-
user_hash
|
43
74
|
end
|
44
75
|
end
|
45
76
|
|
@@ -47,27 +78,45 @@ module OmniAuth
|
|
47
78
|
{ raw_info: raw_info }
|
48
79
|
end
|
49
80
|
|
81
|
+
|
50
82
|
def raw_info
|
51
83
|
@raw_info ||= access_token.get(options.client_options[:user_info_url]).parsed
|
52
84
|
end
|
53
85
|
|
54
|
-
private
|
55
86
|
|
56
|
-
def
|
57
|
-
|
87
|
+
def authorize_params
|
88
|
+
params = super
|
89
|
+
params.transform_values { |v| v.respond_to?(:call) ? v.call(request) : v }
|
58
90
|
end
|
59
91
|
|
60
|
-
def fetch_user_info(path)
|
61
|
-
return nil unless path
|
62
|
-
full_path = path.is_a?(Array) ? path : Array(user_paths[:root_path]) + [path]
|
63
|
-
full_path.inject(raw_info) { |info, key| info[key] rescue nil }
|
64
|
-
end
|
65
92
|
|
66
|
-
|
67
|
-
|
68
|
-
|
93
|
+
private
|
94
|
+
|
95
|
+
|
96
|
+
def user_paths
|
97
|
+
options.user_response_structure
|
98
|
+
end
|
99
|
+
|
100
|
+
|
101
|
+
def fetch_user_info(path)
|
102
|
+
return nil unless path
|
103
|
+
|
104
|
+
full_path = path.is_a?(Array) ? path : Array(user_paths[:root_path]) + [path]
|
105
|
+
full_path.inject(raw_info) do |info, key|
|
106
|
+
begin # rubocop:disable Style/RedundantBegin
|
107
|
+
info[key]
|
108
|
+
rescue StandardError
|
109
|
+
nil
|
110
|
+
end
|
111
|
+
end
|
112
|
+
end
|
113
|
+
|
114
|
+
|
115
|
+
def callback_url
|
116
|
+
options.redirect_url || (full_host + script_name + callback_path)
|
117
|
+
end
|
69
118
|
end
|
70
119
|
end
|
71
120
|
end
|
72
121
|
|
73
|
-
OmniAuth.config.add_camelization 'oauth2_generic', 'OAuth2Generic'
|
122
|
+
OmniAuth.config.add_camelization 'oauth2_generic', 'OAuth2Generic'
|
@@ -1,31 +1,28 @@
|
|
1
|
-
#
|
2
|
-
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
lib = File.expand_path('lib', __dir__)
|
3
4
|
$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
|
4
5
|
require 'omniauth-oauth2-generic/version'
|
5
6
|
|
6
|
-
Gem::Specification.new do |
|
7
|
-
|
8
|
-
|
9
|
-
|
10
|
-
|
7
|
+
Gem::Specification.new do |gem|
|
8
|
+
gem.name = 'omniauth-oauth2-generic'
|
9
|
+
gem.version = Omniauth::OAuth2Generic::VERSION
|
10
|
+
gem.authors = ['Satorix']
|
11
|
+
gem.email = ['satorix@iexposure.com']
|
12
|
+
|
13
|
+
gem.summary = 'Generic, Configurable OmniAuth Strategy for OAuth2 providers'
|
14
|
+
gem.description = gem.summary
|
15
|
+
gem.homepage = 'https://gitlab.com/satorix/omniauth-oauth2-generic'
|
16
|
+
gem.license = 'MIT'
|
11
17
|
|
12
|
-
|
13
|
-
spec.description = spec.summary
|
14
|
-
spec.homepage = "https://gitlab.com/satorix/omniauth-oauth2-generic"
|
15
|
-
spec.license = "MIT"
|
18
|
+
gem.required_ruby_version = '>= 1.9'
|
16
19
|
|
17
|
-
|
20
|
+
gem.files = `git ls-files -z`.split("\x0").reject do |f|
|
18
21
|
f.match(%r{^(test|spec|features)/})
|
19
22
|
end
|
20
|
-
|
21
|
-
spec.executables = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
|
22
|
-
spec.require_paths = ["lib"]
|
23
|
+
gem.require_paths = ['lib']
|
23
24
|
|
24
|
-
|
25
|
+
gem.add_dependency 'omniauth-oauth2', '~> 1.0'
|
26
|
+
gem.add_dependency 'rake'
|
25
27
|
|
26
|
-
spec.add_development_dependency "bundler", "~> 1.13"
|
27
|
-
spec.add_development_dependency "rake", "~> 10.0"
|
28
|
-
spec.add_development_dependency "rspec", "~> 3.1"
|
29
|
-
spec.add_development_dependency "rack-test"
|
30
|
-
spec.add_development_dependency "webmock"
|
31
28
|
end
|
@@ -0,0 +1,83 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
module Satorix
|
4
|
+
module CI
|
5
|
+
module Deploy
|
6
|
+
module Rubygems
|
7
|
+
|
8
|
+
|
9
|
+
require 'fileutils'
|
10
|
+
|
11
|
+
|
12
|
+
include Satorix::Shared::Console
|
13
|
+
|
14
|
+
|
15
|
+
extend self
|
16
|
+
|
17
|
+
|
18
|
+
def go
|
19
|
+
log_bench('Generating rubygems.org configuration_file...') { generate_rubygems_configuration_file }
|
20
|
+
log_bench('Preparing gem build directory...') { prepare_gem_build_directory }
|
21
|
+
log_bench('Building gem...') { build_gem }
|
22
|
+
built_gems.each { |gem| log_bench("Publishing #{ File.basename gem }...") { publish_gem gem } }
|
23
|
+
end
|
24
|
+
|
25
|
+
|
26
|
+
private
|
27
|
+
|
28
|
+
|
29
|
+
def build_gem
|
30
|
+
Dir.chdir(Satorix.app_dir) do
|
31
|
+
run_command 'bundle exec rake build'
|
32
|
+
end
|
33
|
+
end
|
34
|
+
|
35
|
+
|
36
|
+
def built_gems
|
37
|
+
Dir.glob(File.join(gem_build_directory, '*.gem')).select { |e| File.file? e }
|
38
|
+
end
|
39
|
+
|
40
|
+
|
41
|
+
def gem_build_directory
|
42
|
+
File.join Satorix.app_dir, 'pkg'
|
43
|
+
end
|
44
|
+
|
45
|
+
|
46
|
+
def generate_rubygems_configuration_file
|
47
|
+
path = File.join(Dir.home, '.gem')
|
48
|
+
FileUtils.mkdir_p(path) unless File.exist?(path)
|
49
|
+
|
50
|
+
file = File.join(path, 'credentials')
|
51
|
+
File.open(file, 'w') { |f| f.write rubygems_configuration_file_contents }
|
52
|
+
FileUtils.chmod 0o600, file
|
53
|
+
end
|
54
|
+
|
55
|
+
|
56
|
+
def prepare_gem_build_directory
|
57
|
+
run_command "rm -rf #{ gem_build_directory }"
|
58
|
+
FileUtils.mkdir_p gem_build_directory
|
59
|
+
end
|
60
|
+
|
61
|
+
|
62
|
+
def publish_gem(gem)
|
63
|
+
run_command "gem push #{ gem } --config-file #{ File.join(Dir.home, '.gem', 'credentials') }"
|
64
|
+
rescue RuntimeError
|
65
|
+
# To prevent the display of an ugly stacktrace.
|
66
|
+
abort "\nGem was not published!"
|
67
|
+
end
|
68
|
+
|
69
|
+
|
70
|
+
def rubygems_api_key
|
71
|
+
ENV['SATORIX_CI_RUBYGEMS_API_KEY']
|
72
|
+
end
|
73
|
+
|
74
|
+
|
75
|
+
def rubygems_configuration_file_contents
|
76
|
+
"---\n:rubygems_api_key: #{ rubygems_api_key }"
|
77
|
+
end
|
78
|
+
|
79
|
+
|
80
|
+
end
|
81
|
+
end
|
82
|
+
end
|
83
|
+
end
|
@@ -0,0 +1,36 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
module Satorix
|
4
|
+
module CI
|
5
|
+
module Test
|
6
|
+
module CustomBundlerAudit
|
7
|
+
|
8
|
+
include Satorix::Shared::Console
|
9
|
+
|
10
|
+
extend self
|
11
|
+
|
12
|
+
|
13
|
+
def go
|
14
|
+
log_bench('Displaying current Ruby version...') { run_command 'ruby -v' }
|
15
|
+
log_bench('Installing bundler-audit...') { install_gem }
|
16
|
+
log_bench('Auditing Gemfile.lock...') { run_scan }
|
17
|
+
end
|
18
|
+
|
19
|
+
|
20
|
+
private
|
21
|
+
|
22
|
+
|
23
|
+
def install_gem
|
24
|
+
run_command "gem install bundler-audit --no-document --bindir #{ Satorix.bin_dir }"
|
25
|
+
end
|
26
|
+
|
27
|
+
|
28
|
+
def run_scan
|
29
|
+
run_command 'bundle-audit check --update --ignore CVE-2015-9284'
|
30
|
+
end
|
31
|
+
|
32
|
+
|
33
|
+
end
|
34
|
+
end
|
35
|
+
end
|
36
|
+
end
|
data/satorix/custom.rb
ADDED
@@ -0,0 +1,27 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
module Satorix
|
4
|
+
module Custom
|
5
|
+
|
6
|
+
# Ensure the files required by the available_jobs method are available.
|
7
|
+
require_relative 'CI/deploy/rubygems'
|
8
|
+
require_relative 'CI/test/custom_bundler_audit'
|
9
|
+
|
10
|
+
|
11
|
+
extend self
|
12
|
+
|
13
|
+
|
14
|
+
def available_jobs
|
15
|
+
{
|
16
|
+
deploy: {
|
17
|
+
deploy_to_rubygems: Satorix::CI::Deploy::Rubygems
|
18
|
+
},
|
19
|
+
test: {
|
20
|
+
custom_bundler_audit: Satorix::CI::Test::CustomBundlerAudit
|
21
|
+
}
|
22
|
+
}
|
23
|
+
end
|
24
|
+
|
25
|
+
|
26
|
+
end
|
27
|
+
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: omniauth-oauth2-generic
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.2.
|
4
|
+
version: 0.2.8
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
|
-
-
|
7
|
+
- Satorix
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2020-09-14 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: omniauth-oauth2
|
@@ -24,70 +24,14 @@ dependencies:
|
|
24
24
|
- - "~>"
|
25
25
|
- !ruby/object:Gem::Version
|
26
26
|
version: '1.0'
|
27
|
-
- !ruby/object:Gem::Dependency
|
28
|
-
name: bundler
|
29
|
-
requirement: !ruby/object:Gem::Requirement
|
30
|
-
requirements:
|
31
|
-
- - "~>"
|
32
|
-
- !ruby/object:Gem::Version
|
33
|
-
version: '1.13'
|
34
|
-
type: :development
|
35
|
-
prerelease: false
|
36
|
-
version_requirements: !ruby/object:Gem::Requirement
|
37
|
-
requirements:
|
38
|
-
- - "~>"
|
39
|
-
- !ruby/object:Gem::Version
|
40
|
-
version: '1.13'
|
41
27
|
- !ruby/object:Gem::Dependency
|
42
28
|
name: rake
|
43
|
-
requirement: !ruby/object:Gem::Requirement
|
44
|
-
requirements:
|
45
|
-
- - "~>"
|
46
|
-
- !ruby/object:Gem::Version
|
47
|
-
version: '10.0'
|
48
|
-
type: :development
|
49
|
-
prerelease: false
|
50
|
-
version_requirements: !ruby/object:Gem::Requirement
|
51
|
-
requirements:
|
52
|
-
- - "~>"
|
53
|
-
- !ruby/object:Gem::Version
|
54
|
-
version: '10.0'
|
55
|
-
- !ruby/object:Gem::Dependency
|
56
|
-
name: rspec
|
57
|
-
requirement: !ruby/object:Gem::Requirement
|
58
|
-
requirements:
|
59
|
-
- - "~>"
|
60
|
-
- !ruby/object:Gem::Version
|
61
|
-
version: '3.1'
|
62
|
-
type: :development
|
63
|
-
prerelease: false
|
64
|
-
version_requirements: !ruby/object:Gem::Requirement
|
65
|
-
requirements:
|
66
|
-
- - "~>"
|
67
|
-
- !ruby/object:Gem::Version
|
68
|
-
version: '3.1'
|
69
|
-
- !ruby/object:Gem::Dependency
|
70
|
-
name: rack-test
|
71
|
-
requirement: !ruby/object:Gem::Requirement
|
72
|
-
requirements:
|
73
|
-
- - ">="
|
74
|
-
- !ruby/object:Gem::Version
|
75
|
-
version: '0'
|
76
|
-
type: :development
|
77
|
-
prerelease: false
|
78
|
-
version_requirements: !ruby/object:Gem::Requirement
|
79
|
-
requirements:
|
80
|
-
- - ">="
|
81
|
-
- !ruby/object:Gem::Version
|
82
|
-
version: '0'
|
83
|
-
- !ruby/object:Gem::Dependency
|
84
|
-
name: webmock
|
85
29
|
requirement: !ruby/object:Gem::Requirement
|
86
30
|
requirements:
|
87
31
|
- - ">="
|
88
32
|
- !ruby/object:Gem::Version
|
89
33
|
version: '0'
|
90
|
-
type: :
|
34
|
+
type: :runtime
|
91
35
|
prerelease: false
|
92
36
|
version_requirements: !ruby/object:Gem::Requirement
|
93
37
|
requirements:
|
@@ -96,16 +40,19 @@ dependencies:
|
|
96
40
|
version: '0'
|
97
41
|
description: Generic, Configurable OmniAuth Strategy for OAuth2 providers
|
98
42
|
email:
|
99
|
-
-
|
100
|
-
executables:
|
101
|
-
- console
|
102
|
-
- setup
|
43
|
+
- satorix@iexposure.com
|
44
|
+
executables: []
|
103
45
|
extensions: []
|
104
46
|
extra_rdoc_files: []
|
105
47
|
files:
|
106
48
|
- ".gitignore"
|
49
|
+
- ".gitlab-ci.yml"
|
107
50
|
- ".rspec"
|
51
|
+
- ".rubocop.yml"
|
52
|
+
- ".ruby-version"
|
53
|
+
- CHANGELOG.md
|
108
54
|
- Gemfile
|
55
|
+
- Gemfile.lock
|
109
56
|
- LICENSE.md
|
110
57
|
- README.md
|
111
58
|
- Rakefile
|
@@ -115,6 +62,9 @@ files:
|
|
115
62
|
- lib/omniauth-oauth2-generic/version.rb
|
116
63
|
- lib/omniauth/strategies/oauth2_generic.rb
|
117
64
|
- omniauth-oauth2-generic.gemspec
|
65
|
+
- satorix/CI/deploy/rubygems.rb
|
66
|
+
- satorix/CI/test/custom_bundler_audit.rb
|
67
|
+
- satorix/custom.rb
|
118
68
|
homepage: https://gitlab.com/satorix/omniauth-oauth2-generic
|
119
69
|
licenses:
|
120
70
|
- MIT
|
@@ -127,15 +77,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
127
77
|
requirements:
|
128
78
|
- - ">="
|
129
79
|
- !ruby/object:Gem::Version
|
130
|
-
version: '
|
80
|
+
version: '1.9'
|
131
81
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
132
82
|
requirements:
|
133
83
|
- - ">="
|
134
84
|
- !ruby/object:Gem::Version
|
135
85
|
version: '0'
|
136
86
|
requirements: []
|
137
|
-
|
138
|
-
rubygems_version: 2.5.1
|
87
|
+
rubygems_version: 3.0.3
|
139
88
|
signing_key:
|
140
89
|
specification_version: 4
|
141
90
|
summary: Generic, Configurable OmniAuth Strategy for OAuth2 providers
|