omniauth-oauth2-generic 0.2.3 → 0.2.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (6) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +3 -0
  3. data/README.md +29 -2
  4. data/lib/omniauth-oauth2-generic/version.rb +1 -1
  5. data/lib/omniauth/strategies/oauth2_generic.rb +5 -0
  6. metadata +2 -1
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 2aafc697077de64004d84a22931a24ee7fa00677
4
- data.tar.gz: 3cb369bb874ba72282ce959700d0d7a0941a39e3
3
+ metadata.gz: d322d524921259f9ade1b90b405ae14a9431418b
4
+ data.tar.gz: be960eff1effb4ba206adfa497d32519fc001e0d
5
5
  SHA512:
6
- metadata.gz: 56ad238ca00762a15b982939b98eb3e6b4834318e2b260b437ae55e37c96c7c684856f6f712a11fbc11c17d628c586a940316a13c6dcfa218c4520151a53775b
7
- data.tar.gz: 3eb8373c3a07b33bcda9a8c0958c4dac039df7c754fbcef8c884125a011eea14098699a4b7d50c2f25ee922f51f3701a8c6d61ae910fba355b6193862e68c7c1
6
+ metadata.gz: 56b3059fbdea79c3049c6d5e3ebb2b7196c7141a12a95cdfdc5c266ed043d7a1e9f83632232c637aeac73d3c621fc8e19036799602722660ddfd88fa6c905ab9
7
+ data.tar.gz: 7fa60c0e4e331df262aa3ab0dc12d72380c169d5eab3f8b3b48d6dd5d3636e7d4ab32b9ce9f349fba5e9c68ed316de164d85a9f693287d7a8734802594ce9829
data/CHANGELOG.md ADDED
@@ -0,0 +1,3 @@
1
+ ##v0.2.4
2
+ - Added Changelog
3
+ - Allow lambdas in `authorize_params` option
data/README.md CHANGED
@@ -4,13 +4,34 @@ By [Internet Exposure](https://www.iexposure.com/)
4
4
 
5
5
  This gem provides an OmniAuth strategy for authenticating with an OAuth2 service using the authorization grant flow.
6
6
 
7
+ ### Overview
7
8
  Most OmniAuth gems are written either as abstractions ([omniauth-oauth2](https://github.com/intridea/omniauth-oauth2)) or for a specific provider ([omniauth-github](https://github.com/intridea/omniauth-github)), but this one is designed to be configurable enough to work with any basic OAuth2 provider. The primary differences between OAuth2 provider strategies in OmniAuth are:
8
9
 
9
10
  1. The server's domain
10
11
  2. The URL paths used to authorize, request tokens and get user info
11
12
  3. The structure of the returned user information
12
13
 
13
- These are all [configurable options](#configuration-options) in this gem. There my be certain requirements/features of some providers not covered by this gem's options, but it was designed primarily so that if you are implementing your own OAuth2 provider for your service, you don't need to write an OmniAuth strategy as long as it is compatible with the basic options provided by this gem.
14
+ These are all [configurable options](#configuration-options) in this gem.
15
+ There my be certain requirements/features of some providers not covered by this gem's options,
16
+ but it was designed primarily so that if you are implementing your own OAuth2 provider for your service,
17
+ you don't need to write an OmniAuth strategy as long as it is compatible with the basic options provided by this gem.
18
+
19
+ #### General Use Case
20
+ This strategy is designed to allow configuration of the simple OmniAuth SSO process outlined below:
21
+
22
+ 1. OmniAuth directs client to the authorization URL (**configurable**), with specified ID and key
23
+ 1. OAuth provider handles authentication of request, user, and (optionally) authorization of Application to access user's profile
24
+ 1. OAuth provider directs client back to the Application, and Strategy handles negotiation of access token
25
+ 1. Strategy requests user information from a **configurable** "user profile" URL
26
+ 1. Strategy parses user information from the response, using a **configurable** format
27
+ 1. OmniAuth returns the formatted user information
28
+
29
+ **Limitations of this Strategy:**
30
+
31
+ - It can only be used for Single Sign on, and will not provide any other access granted by any OAuth provider (such as importing projects or users, etc)
32
+ - It only supports the Authorization Grant flow (most common for client-server applications, like Rails apps)
33
+ - It is not able to fetch user information from more than one URL
34
+ - It has not been tested with user information formats other than JSON
14
35
 
15
36
  ## Installation
16
37
 
@@ -32,7 +53,10 @@ Include this gem in your client app [as you would any OmniAuth strategy](https:/
32
53
  "Your_OAuth_App_ID", "Your_OAuth_App_Secret",
33
54
  client_options: {
34
55
  site: 'https://your_oauth_server', # including port if necessary
35
- user_info_url: '/api/path/to/fetch/current_user/info'
56
+ user_info_url: '/api/path/to/current_user/info'
57
+ },
58
+ user_response_structure: {
59
+ root_path: ['data', 'attributes'] # path to user attributes in JSON response
36
60
  },
37
61
  name: 'Satorix' # optional - custom name for the strategy (appears in URLs)
38
62
  end
@@ -57,6 +81,9 @@ Configuration options for this gem are:
57
81
 
58
82
  **Note:** Your OAuth server may restrict redirects to a specific list of URLs.
59
83
  * **name** - A String. If set, this changes the name of the strategy used in the URLs and sometimes other places (the login button in Gitlab, for instance)
84
+ * **authorize_params** - A hash of additional parameters to be sent to the OAuth provider on an authorization request (special keys, or IDs, etc)
85
+
86
+ **Note:** The values of this hash can be lambdas, which will be given the [rack request](http://www.rubydoc.info/gems/rack/Rack/Request) as a parameter
60
87
 
61
88
  The hash options have default values for all keys, and your provided configuration is merged into the default, so you do not have to re-specify nested default options (although you will need to provide at least `site` and `user_info_url` in `client_options`, unless you want to use the default/example gitlab.com configuration).
62
89
 
data/lib/omniauth-oauth2-generic/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  module Omniauth
2
2
  module OAuth2Generic
3
- VERSION = "0.2.3"
3
+ VERSION = "0.2.4"
4
4
  end
5
5
  end
data/lib/omniauth/strategies/oauth2_generic.rb CHANGED
@@ -51,6 +51,11 @@ module OmniAuth
51
51
  @raw_info ||= access_token.get(options.client_options[:user_info_url]).parsed
52
52
  end
53
53
 
54
+ def authorize_params
55
+ params = super
56
+ Hash[params.map { |k, v| [k, v.respond_to?(:call) ? v.call(request) : v] }]
57
+ end
58
+
54
59
  private
55
60
 
56
61
  def user_paths
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: omniauth-oauth2-generic
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.2.3
4
+ version: 0.2.4
5
5
  platform: ruby
6
6
  authors:
7
7
  - Joe Marty
@@ -105,6 +105,7 @@ extra_rdoc_files: []
105
105
  files:
106
106
  - ".gitignore"
107
107
  - ".rspec"
108
+ - CHANGELOG.md
108
109
  - Gemfile
109
110
  - LICENSE.md
110
111
  - README.md