omniauth-oauth2-generic 0.2.2 → 0.2.3
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +39 -28
- data/lib/omniauth-oauth2-generic/version.rb +1 -1
- metadata +3 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 2aafc697077de64004d84a22931a24ee7fa00677
|
|
4
|
+
data.tar.gz: 3cb369bb874ba72282ce959700d0d7a0941a39e3
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 56ad238ca00762a15b982939b98eb3e6b4834318e2b260b437ae55e37c96c7c684856f6f712a11fbc11c17d628c586a940316a13c6dcfa218c4520151a53775b
|
|
7
|
+
data.tar.gz: 3eb8373c3a07b33bcda9a8c0958c4dac039df7c754fbcef8c884125a011eea14098699a4b7d50c2f25ee922f51f3701a8c6d61ae910fba355b6193862e68c7c1
|
data/README.md
CHANGED
|
@@ -2,11 +2,16 @@
|
|
|
2
2
|
|
|
3
3
|
By [Internet Exposure](https://www.iexposure.com/)
|
|
4
4
|
|
|
5
|
-
[](http://gitlab.iexposure.com/satorix/omniauth-oauth2-generic/pipelines)
|
|
6
|
-
[](http://gitlab.iexposure.com/satorix/omniauth-oauth2-generic/pipelines)
|
|
7
|
-
|
|
8
5
|
This gem provides an OmniAuth strategy for authenticating with an OAuth2 service using the authorization grant flow.
|
|
9
6
|
|
|
7
|
+
Most OmniAuth gems are written either as abstractions ([omniauth-oauth2](https://github.com/intridea/omniauth-oauth2)) or for a specific provider ([omniauth-github](https://github.com/intridea/omniauth-github)), but this one is designed to be configurable enough to work with any basic OAuth2 provider. The primary differences between OAuth2 provider strategies in OmniAuth are:
|
|
8
|
+
|
|
9
|
+
1. The server's domain
|
|
10
|
+
2. The URL paths used to authorize, request tokens and get user info
|
|
11
|
+
3. The structure of the returned user information
|
|
12
|
+
|
|
13
|
+
These are all [configurable options](#configuration-options) in this gem. There my be certain requirements/features of some providers not covered by this gem's options, but it was designed primarily so that if you are implementing your own OAuth2 provider for your service, you don't need to write an OmniAuth strategy as long as it is compatible with the basic options provided by this gem.
|
|
14
|
+
|
|
10
15
|
## Installation
|
|
11
16
|
|
|
12
17
|
Add this line to your application's Gemfile:
|
|
@@ -29,11 +34,35 @@ Include this gem in your client app [as you would any OmniAuth strategy](https:/
|
|
|
29
34
|
site: 'https://your_oauth_server', # including port if necessary
|
|
30
35
|
user_info_url: '/api/path/to/fetch/current_user/info'
|
|
31
36
|
},
|
|
32
|
-
name: 'Satorix' # optional -
|
|
37
|
+
name: 'Satorix' # optional - custom name for the strategy (appears in URLs)
|
|
33
38
|
end
|
|
34
39
|
```
|
|
35
40
|
|
|
36
|
-
|
|
41
|
+
Now if you visit `http://yourserver/auth/oauth2_generic` (or `/auth/Satorix` for the custom name example), you should be directed to log in with your OAuth2 server.
|
|
42
|
+
|
|
43
|
+
## Configuration Options
|
|
44
|
+
|
|
45
|
+
Details about the available configuration options are provided as comments in [the OAuth2Generic class](lib/omniauth/strategies/oauth2_generic.rb).
|
|
46
|
+
|
|
47
|
+
Configuration options for this gem are:
|
|
48
|
+
|
|
49
|
+
* **client_options** - A Hash containing options for configuring the OAuth client to point to the right URLs
|
|
50
|
+
* **user_response_structure** - A Hash containing paths to various attributes of the user in the response that your OAuth server returns from the `user_info_url` specified in the `client_options`.
|
|
51
|
+
* **root_path** - An Array containing each key in the path to the node that contains the user attributes (i.e. `['data', 'attributes']` for a JsonAPI-formatted response)
|
|
52
|
+
* **id_path** - A String containing the name, or Array containing the keys in the path to the node that contains the user's ID (i.e. `['data', 'id']` for a JsonAPI-formatted response). Default: `'id'` (string values are assumed to be relative to the `root_path`)
|
|
53
|
+
* **attributes** - A Hash containing [standard Omniauth user attributes](https://github.com/omniauth/omniauth/wiki/auth-hash-schema#schema-10-and-later) and the names/paths to them in the response, if not the standard names (this hash defaults to looking for the standard names under the specified `root_path`)
|
|
54
|
+
|
|
55
|
+
**Note:** The entire raw response will also be returned in the `['extra']['raw_info']` field of the OmniAuth auth hash, regardless of the value of this option.
|
|
56
|
+
* **redirect_url** - The URL the client will be directed to after authentication. Defaults to `http://yourserver/auth/oauth2_generic/callback`
|
|
57
|
+
|
|
58
|
+
**Note:** Your OAuth server may restrict redirects to a specific list of URLs.
|
|
59
|
+
* **name** - A String. If set, this changes the name of the strategy used in the URLs and sometimes other places (the login button in Gitlab, for instance)
|
|
60
|
+
|
|
61
|
+
The hash options have default values for all keys, and your provided configuration is merged into the default, so you do not have to re-specify nested default options (although you will need to provide at least `site` and `user_info_url` in `client_options`, unless you want to use the default/example gitlab.com configuration).
|
|
62
|
+
|
|
63
|
+
|
|
64
|
+
### Gitlab Config Example
|
|
65
|
+
As this gem was written to enable custom authentication in Gitlab, here is an example of how you would configure it in a Gitlab configuration file:
|
|
37
66
|
|
|
38
67
|
```ruby
|
|
39
68
|
# /etc/gitlab/gitlab.rb
|
|
@@ -50,6 +79,10 @@ gitlab_rails['omniauth_providers'] = [
|
|
|
50
79
|
'site' => 'https://your_oauth_server', # including port if necessary
|
|
51
80
|
'user_info_url' => '/api/path/to/fetch/current_user/info'
|
|
52
81
|
},
|
|
82
|
+
user_response_structure: {
|
|
83
|
+
root_path: ['data', 'user'], # i.e. if attributes are returned in JsonAPI format (in a 'user' node nested under a 'data' node)
|
|
84
|
+
attributes: { nickname: 'username' } # if the nickname attribute of a user is called 'username'
|
|
85
|
+
},
|
|
53
86
|
# optionally, you can add the following two lines to "white label" the display name
|
|
54
87
|
# of this strategy (appears in urls and Gitlab login buttons)
|
|
55
88
|
# If you do this, you must also replace oauth2_generic, everywhere it appears above, with the new name.
|
|
@@ -58,26 +91,4 @@ gitlab_rails['omniauth_providers'] = [
|
|
|
58
91
|
}
|
|
59
92
|
}
|
|
60
93
|
]
|
|
61
|
-
````
|
|
62
|
-
|
|
63
|
-
Now if you visit `http://yourserver/auth/oauth2_generic` (or `/auth/Satorix` for the custom name example), you should be directed to log in with your OAuth2 server.
|
|
64
|
-
|
|
65
|
-
## Configuration Options
|
|
66
|
-
|
|
67
|
-
Details about the available configuration options are provided as comments in [the OAuth2Generic class](lib/omniauth/strategies/oauth2_generic.rb).
|
|
68
|
-
|
|
69
|
-
Configuration options for this gem are:
|
|
70
|
-
|
|
71
|
-
* **client_options** - A Hash containing options for configuring the OAuth client to point to the right URLs
|
|
72
|
-
* **user_response_structure** - A Hash containing paths to various attributes of the user in the response that your OAuth server returns from the `user_info_url` specified in the `client_options`.
|
|
73
|
-
* **root_path** - An Array containing each key in the path to the node that contains the user attributes (i.e. `['data', 'attributes']` for a JsonAPI-formatted response)
|
|
74
|
-
* **id_path** - A String containing the name, or Array containing the keys in the path to the node that contains the user's ID (i.e. `['data', 'id']` for a JsonAPI-formatted response). Default: `'id'` (string values are assumed to be relative to the `root_path`)
|
|
75
|
-
* **attributes** - A Hash containing [standard Omniauth user attributes](https://github.com/omniauth/omniauth/wiki/auth-hash-schema#schema-10-and-later) and the names/paths to them in the response, if not the standard names (this hash defaults to looking for the standard names under the specified `root_path`)
|
|
76
|
-
|
|
77
|
-
**Note:** The entire raw response will also be returned in the `['extra']['raw_info']` field of the OmniAuth auth hash, regardless of the value of this option.
|
|
78
|
-
* **redirect_url** - The URL the client will be directed to after authentication. Defaults to `http://yourserver/auth/oauth2_generic/callback`
|
|
79
|
-
|
|
80
|
-
**Note:** Your OAuth server may restrict redirects to a specific list of URLs.
|
|
81
|
-
* **name** - A String. If set, this changes the name of the strategy used in the URLs and sometimes other places (the login button in Gitlab, for instance)
|
|
82
|
-
|
|
83
|
-
The hash options have default values for all keys, and your provided configuration is merged into the default, so you do not have to re-specify nested default options (although you will need to provide at least `site` and `user_info_url` in `client_options`, unless you want to use the default/example gitlab.com configuration).
|
|
94
|
+
````
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: omniauth-oauth2-generic
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.2.
|
|
4
|
+
version: 0.2.3
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Joe Marty
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2017-
|
|
11
|
+
date: 2017-11-17 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: omniauth-oauth2
|
|
@@ -135,7 +135,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
135
135
|
version: '0'
|
|
136
136
|
requirements: []
|
|
137
137
|
rubyforge_project:
|
|
138
|
-
rubygems_version: 2.
|
|
138
|
+
rubygems_version: 2.6.13
|
|
139
139
|
signing_key:
|
|
140
140
|
specification_version: 4
|
|
141
141
|
summary: Generic, Configurable OmniAuth Strategy for OAuth2 providers
|