omniauth-oauth2-generic 0.2.3 → 0.2.4
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +3 -0
- data/README.md +29 -2
- data/lib/omniauth-oauth2-generic/version.rb +1 -1
- data/lib/omniauth/strategies/oauth2_generic.rb +5 -0
- metadata +2 -1
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: d322d524921259f9ade1b90b405ae14a9431418b
|
|
4
|
+
data.tar.gz: be960eff1effb4ba206adfa497d32519fc001e0d
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 56b3059fbdea79c3049c6d5e3ebb2b7196c7141a12a95cdfdc5c266ed043d7a1e9f83632232c637aeac73d3c621fc8e19036799602722660ddfd88fa6c905ab9
|
|
7
|
+
data.tar.gz: 7fa60c0e4e331df262aa3ab0dc12d72380c169d5eab3f8b3b48d6dd5d3636e7d4ab32b9ce9f349fba5e9c68ed316de164d85a9f693287d7a8734802594ce9829
|
data/CHANGELOG.md
ADDED
data/README.md
CHANGED
|
@@ -4,13 +4,34 @@ By [Internet Exposure](https://www.iexposure.com/)
|
|
|
4
4
|
|
|
5
5
|
This gem provides an OmniAuth strategy for authenticating with an OAuth2 service using the authorization grant flow.
|
|
6
6
|
|
|
7
|
+
### Overview
|
|
7
8
|
Most OmniAuth gems are written either as abstractions ([omniauth-oauth2](https://github.com/intridea/omniauth-oauth2)) or for a specific provider ([omniauth-github](https://github.com/intridea/omniauth-github)), but this one is designed to be configurable enough to work with any basic OAuth2 provider. The primary differences between OAuth2 provider strategies in OmniAuth are:
|
|
8
9
|
|
|
9
10
|
1. The server's domain
|
|
10
11
|
2. The URL paths used to authorize, request tokens and get user info
|
|
11
12
|
3. The structure of the returned user information
|
|
12
13
|
|
|
13
|
-
These are all [configurable options](#configuration-options) in this gem.
|
|
14
|
+
These are all [configurable options](#configuration-options) in this gem.
|
|
15
|
+
There my be certain requirements/features of some providers not covered by this gem's options,
|
|
16
|
+
but it was designed primarily so that if you are implementing your own OAuth2 provider for your service,
|
|
17
|
+
you don't need to write an OmniAuth strategy as long as it is compatible with the basic options provided by this gem.
|
|
18
|
+
|
|
19
|
+
#### General Use Case
|
|
20
|
+
This strategy is designed to allow configuration of the simple OmniAuth SSO process outlined below:
|
|
21
|
+
|
|
22
|
+
1. OmniAuth directs client to the authorization URL (**configurable**), with specified ID and key
|
|
23
|
+
1. OAuth provider handles authentication of request, user, and (optionally) authorization of Application to access user's profile
|
|
24
|
+
1. OAuth provider directs client back to the Application, and Strategy handles negotiation of access token
|
|
25
|
+
1. Strategy requests user information from a **configurable** "user profile" URL
|
|
26
|
+
1. Strategy parses user information from the response, using a **configurable** format
|
|
27
|
+
1. OmniAuth returns the formatted user information
|
|
28
|
+
|
|
29
|
+
**Limitations of this Strategy:**
|
|
30
|
+
|
|
31
|
+
- It can only be used for Single Sign on, and will not provide any other access granted by any OAuth provider (such as importing projects or users, etc)
|
|
32
|
+
- It only supports the Authorization Grant flow (most common for client-server applications, like Rails apps)
|
|
33
|
+
- It is not able to fetch user information from more than one URL
|
|
34
|
+
- It has not been tested with user information formats other than JSON
|
|
14
35
|
|
|
15
36
|
## Installation
|
|
16
37
|
|
|
@@ -32,7 +53,10 @@ Include this gem in your client app [as you would any OmniAuth strategy](https:/
|
|
|
32
53
|
"Your_OAuth_App_ID", "Your_OAuth_App_Secret",
|
|
33
54
|
client_options: {
|
|
34
55
|
site: 'https://your_oauth_server', # including port if necessary
|
|
35
|
-
user_info_url: '/api/path/to/
|
|
56
|
+
user_info_url: '/api/path/to/current_user/info'
|
|
57
|
+
},
|
|
58
|
+
user_response_structure: {
|
|
59
|
+
root_path: ['data', 'attributes'] # path to user attributes in JSON response
|
|
36
60
|
},
|
|
37
61
|
name: 'Satorix' # optional - custom name for the strategy (appears in URLs)
|
|
38
62
|
end
|
|
@@ -57,6 +81,9 @@ Configuration options for this gem are:
|
|
|
57
81
|
|
|
58
82
|
**Note:** Your OAuth server may restrict redirects to a specific list of URLs.
|
|
59
83
|
* **name** - A String. If set, this changes the name of the strategy used in the URLs and sometimes other places (the login button in Gitlab, for instance)
|
|
84
|
+
* **authorize_params** - A hash of additional parameters to be sent to the OAuth provider on an authorization request (special keys, or IDs, etc)
|
|
85
|
+
|
|
86
|
+
**Note:** The values of this hash can be lambdas, which will be given the [rack request](http://www.rubydoc.info/gems/rack/Rack/Request) as a parameter
|
|
60
87
|
|
|
61
88
|
The hash options have default values for all keys, and your provided configuration is merged into the default, so you do not have to re-specify nested default options (although you will need to provide at least `site` and `user_info_url` in `client_options`, unless you want to use the default/example gitlab.com configuration).
|
|
62
89
|
|
|
@@ -51,6 +51,11 @@ module OmniAuth
|
|
|
51
51
|
@raw_info ||= access_token.get(options.client_options[:user_info_url]).parsed
|
|
52
52
|
end
|
|
53
53
|
|
|
54
|
+
def authorize_params
|
|
55
|
+
params = super
|
|
56
|
+
Hash[params.map { |k, v| [k, v.respond_to?(:call) ? v.call(request) : v] }]
|
|
57
|
+
end
|
|
58
|
+
|
|
54
59
|
private
|
|
55
60
|
|
|
56
61
|
def user_paths
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: omniauth-oauth2-generic
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.2.
|
|
4
|
+
version: 0.2.4
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Joe Marty
|
|
@@ -105,6 +105,7 @@ extra_rdoc_files: []
|
|
|
105
105
|
files:
|
|
106
106
|
- ".gitignore"
|
|
107
107
|
- ".rspec"
|
|
108
|
+
- CHANGELOG.md
|
|
108
109
|
- Gemfile
|
|
109
110
|
- LICENSE.md
|
|
110
111
|
- README.md
|