omniauth-oauth2-line 0.0.7
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- data/Gemfile +12 -0
- data/README.md +49 -0
- data/Rakefile +8 -0
- data/lib/omniauth-oauth2-line.rb +2 -0
- data/lib/omniauth-oauth2-line/version.rb +5 -0
- data/lib/omniauth/strategies/oauth2_line.rb +91 -0
- data/omniauth-oauth2-line.gemspec +24 -0
- data/spec/omniauth/strategies/line_spec.rb +87 -0
- data/spec/spec_helper.rb +20 -0
- metadata +96 -0
checksums.yaml
ADDED
@@ -0,0 +1,7 @@
|
|
1
|
+
---
|
2
|
+
SHA256:
|
3
|
+
metadata.gz: eb70abf402713d2b97848573c761074646b82eb3b19d8d9738d83539fe1cef1c
|
4
|
+
data.tar.gz: c77f372a56ad532e402604627b3b15ebcee6535ddf2455a993ccc0a982b40963
|
5
|
+
SHA512:
|
6
|
+
metadata.gz: 617145f360f2248a2b0d6c3d8f8bcbeeaf12f7a8e6626d6d73ec9350c9e671a7dcdea2358cfa8e990a766bf0c78facef94755938255317622df593746d2a5244
|
7
|
+
data.tar.gz: ef323f760a62556b392daa2f5d3763b7897e3489d8d7d1dbed3a5eb07e9a1ead333bc97736c18157e26e6a5ce324769e12fbc167c4f6d6a6833abb2fa0bc25e6
|
data/Gemfile
ADDED
data/README.md
ADDED
@@ -0,0 +1,49 @@
|
|
1
|
+
# OmniAuth Line
|
2
|
+
|
3
|
+
This gem contains the Line OAuth2 Strategy for OmniAuth.
|
4
|
+
|
5
|
+
Supports the OpenID Connect Web Login. Read the Line developers docs for more details: https://developers.line.me/en/docs/line-login/web/integrate-line-login/
|
6
|
+
|
7
|
+
## Using This Strategy
|
8
|
+
|
9
|
+
First start by adding this gem to your Gemfile:
|
10
|
+
|
11
|
+
```ruby
|
12
|
+
gem 'omniauth-oauth2-line'
|
13
|
+
```
|
14
|
+
|
15
|
+
Next, tell OmniAuth about this provider. For a Rails app, your `config/initializers/omniauth.rb` file should look like this:
|
16
|
+
|
17
|
+
```ruby
|
18
|
+
# PROFILE permission required!!
|
19
|
+
Rails.application.config.middleware.use OmniAuth::Builder do
|
20
|
+
provider :line_oauth2, "Channel_ID", "Channel_Secret"
|
21
|
+
end
|
22
|
+
```
|
23
|
+
|
24
|
+
## Authentication Hash
|
25
|
+
An example auth hash available in `request.env['omniauth.auth']`:
|
26
|
+
|
27
|
+
```ruby
|
28
|
+
{
|
29
|
+
:provider => "line",
|
30
|
+
:uid => "a123b4....",
|
31
|
+
:info => {
|
32
|
+
:name => "yamada tarou",
|
33
|
+
:image => "http://dl.profile.line.naver.jp/xxxxx",
|
34
|
+
:description => "breakfast now.",
|
35
|
+
:email => "foo@bar.com"
|
36
|
+
},
|
37
|
+
:credentials => {
|
38
|
+
:token => "a1b2c3d4...", # The OAuth 2.0 access token
|
39
|
+
:secret => "abcdef1234"
|
40
|
+
},
|
41
|
+
:extra => {
|
42
|
+
# nil
|
43
|
+
}
|
44
|
+
}
|
45
|
+
```
|
46
|
+
|
47
|
+
## Supported Rubies
|
48
|
+
|
49
|
+
OmniAuth Line is tested under 2.4.x
|
data/Rakefile
ADDED
@@ -0,0 +1,91 @@
|
|
1
|
+
require 'omniauth-oauth2'
|
2
|
+
require 'json'
|
3
|
+
|
4
|
+
module OmniAuth
|
5
|
+
module Strategies
|
6
|
+
class LineOauth2 < OmniAuth::Strategies::OAuth2
|
7
|
+
option :name, 'line_oauth2'
|
8
|
+
option :scope, 'profile openid email'
|
9
|
+
|
10
|
+
option :client_options, {
|
11
|
+
site: 'https://access.line.me',
|
12
|
+
authorize_url: '/oauth2/v2.1/authorize',
|
13
|
+
token_url: '/oauth2/v2.1/token'
|
14
|
+
}
|
15
|
+
|
16
|
+
def callback_url
|
17
|
+
if options.authorization_code_from_signed_request_in_cookie
|
18
|
+
''
|
19
|
+
else
|
20
|
+
# Fixes regression in omniauth-oauth2 v1.4.0 by https://github.com/intridea/omniauth-oauth2/commit/85fdbe117c2a4400d001a6368cc359d88f40abc7
|
21
|
+
options[:callback_url] || (full_host + script_name + callback_path)
|
22
|
+
end
|
23
|
+
end
|
24
|
+
# host changed
|
25
|
+
def callback_phase
|
26
|
+
options[:client_options][:site] = 'https://api.line.me'
|
27
|
+
super
|
28
|
+
end
|
29
|
+
|
30
|
+
uid { raw_info['userId'] }
|
31
|
+
|
32
|
+
info do
|
33
|
+
{
|
34
|
+
name: raw_info['displayName'],
|
35
|
+
image: raw_info['pictureUrl'],
|
36
|
+
description: raw_info['statusMessage'],
|
37
|
+
email: email_from_id_token
|
38
|
+
}
|
39
|
+
end
|
40
|
+
|
41
|
+
def email_from_id_token
|
42
|
+
if !options[:skip_jwt] && !access_token['id_token'].nil?
|
43
|
+
decoded = ::JWT.decode(access_token['id_token'], nil, false).first
|
44
|
+
payload_decoded = base64url_decode(access_token['id_token'].split(".")[1])
|
45
|
+
#Rails.logger.info "JWT decode payload =>" + payload_decoded.to_s
|
46
|
+
email = payload_decoded['email']
|
47
|
+
# We have to manually verify the claims because the third parameter to
|
48
|
+
# JWT.decode is false since no verification key is provided.
|
49
|
+
::JWT::Verify.verify_claims(decoded,
|
50
|
+
verify_iss: true,
|
51
|
+
iss: 'https://access.line.me',
|
52
|
+
verify_aud: true,
|
53
|
+
aud: options.client_id,
|
54
|
+
verify_sub: false,
|
55
|
+
# verify_expiration: true,
|
56
|
+
verify_not_before: true,
|
57
|
+
verify_iat: true,
|
58
|
+
verify_jti: false,
|
59
|
+
leeway: options[:jwt_leeway])
|
60
|
+
end
|
61
|
+
return email
|
62
|
+
end
|
63
|
+
|
64
|
+
|
65
|
+
def base64url_decode(target)
|
66
|
+
rem = (target.length) % 4
|
67
|
+
if (rem > 0)
|
68
|
+
target += '=' * (4 - rem)
|
69
|
+
end
|
70
|
+
return JSON.load(Base64.urlsafe_decode64(target))
|
71
|
+
|
72
|
+
end
|
73
|
+
|
74
|
+
def prune!(hash)
|
75
|
+
hash.delete_if do |_, v|
|
76
|
+
prune!(v) if v.is_a?(Hash)
|
77
|
+
v.nil? || (v.respond_to?(:empty?) && v.empty?)
|
78
|
+
end
|
79
|
+
end
|
80
|
+
|
81
|
+
|
82
|
+
# Require: Access token with PROFILE permission issued.
|
83
|
+
def raw_info
|
84
|
+
@raw_info ||= JSON.load(access_token.get('v2/profile').body)
|
85
|
+
rescue ::Errno::ETIMEDOUT
|
86
|
+
raise ::Timeout::Error
|
87
|
+
end
|
88
|
+
|
89
|
+
end
|
90
|
+
end
|
91
|
+
end
|
@@ -0,0 +1,24 @@
|
|
1
|
+
# -*- encoding: utf-8 -*-
|
2
|
+
$:.push File.expand_path("../lib", __FILE__)
|
3
|
+
require "omniauth-oauth2-line/version"
|
4
|
+
|
5
|
+
Gem::Specification.new do |s|
|
6
|
+
s.name = "omniauth-oauth2-line"
|
7
|
+
s.version = OmniAuth::Oauth2Line::VERSION
|
8
|
+
s.authors = ["TC Juan"]
|
9
|
+
s.email = ["tcjuan@gmail.com"]
|
10
|
+
s.homepage = "https://github.com/tcjuan/omniauth-oauth2-line"
|
11
|
+
s.description = %q{OmniAuth strategy for ominauth-oauth2 1.6 for Line}
|
12
|
+
s.summary = s.description
|
13
|
+
s.license = "MIT"
|
14
|
+
|
15
|
+
s.files = `git ls-files`.split("\n")
|
16
|
+
s.test_files = `git ls-files -- {test,spec,features}/*`.split("\n")
|
17
|
+
s.executables = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) }
|
18
|
+
s.require_paths = ["lib"]
|
19
|
+
|
20
|
+
s.add_dependency 'json', '~> 1.3'
|
21
|
+
s.add_dependency 'omniauth-oauth2', '~>1.6'
|
22
|
+
s.add_development_dependency 'bundler', '~> 1.0'
|
23
|
+
|
24
|
+
end
|
@@ -0,0 +1,87 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
|
3
|
+
describe OmniAuth::Strategies::Line do
|
4
|
+
let(:request) { double('Request', :params => {}, :cookies => {}, :env => {}) }
|
5
|
+
|
6
|
+
subject do
|
7
|
+
args = ['channel_id', 'secret', @options || {}].compact
|
8
|
+
OmniAuth::Strategies::Line.new(*args).tap do |strategy|
|
9
|
+
allow(strategy).to receive(:request) {
|
10
|
+
request
|
11
|
+
}
|
12
|
+
end
|
13
|
+
end
|
14
|
+
|
15
|
+
describe 'client options' do
|
16
|
+
it 'should have correct name' do
|
17
|
+
expect(subject.options.name).to eq('line')
|
18
|
+
end
|
19
|
+
|
20
|
+
it 'should have correct site' do
|
21
|
+
expect(subject.options.client_options.site).to eq('https://access.line.me')
|
22
|
+
end
|
23
|
+
|
24
|
+
it 'should have correct authorize url' do
|
25
|
+
expect(subject.options.client_options.authorize_url).to eq('/oauth2/v2.1/authorize')
|
26
|
+
end
|
27
|
+
|
28
|
+
it 'should have correct token url' do
|
29
|
+
expect(subject.options.client_options.token_url).to eq('/oauth2/v2.1/token')
|
30
|
+
end
|
31
|
+
end
|
32
|
+
|
33
|
+
describe 'uid' do
|
34
|
+
before do
|
35
|
+
allow(subject).to receive(:raw_info).and_return(raw_info_hash)
|
36
|
+
end
|
37
|
+
|
38
|
+
it 'should returns the uid' do
|
39
|
+
expect(subject.uid).to eq(raw_info_hash['mid'])
|
40
|
+
end
|
41
|
+
end
|
42
|
+
|
43
|
+
describe 'info' do
|
44
|
+
before do
|
45
|
+
allow(subject).to receive(:raw_info).and_return(raw_info_hash)
|
46
|
+
end
|
47
|
+
|
48
|
+
it 'should returns the name' do
|
49
|
+
expect(subject.info[:name]).to eq(raw_info_hash['displayName'])
|
50
|
+
end
|
51
|
+
|
52
|
+
it 'should returns the image' do
|
53
|
+
expect(subject.info[:image]).to eq(raw_info_hash['pictureUrl'])
|
54
|
+
end
|
55
|
+
|
56
|
+
it 'should returns the description' do
|
57
|
+
expect(subject.info[:description]).to eq(raw_info_hash['statusMessage'])
|
58
|
+
end
|
59
|
+
end
|
60
|
+
|
61
|
+
describe 'request_phase' do
|
62
|
+
context 'with no request params set' do
|
63
|
+
before do
|
64
|
+
allow(subject).to receive(:request).and_return(
|
65
|
+
double('Request', {:params => {}})
|
66
|
+
)
|
67
|
+
allow(subject).to receive(:request_phase).and_return(:whatever)
|
68
|
+
end
|
69
|
+
|
70
|
+
it 'should not break' do
|
71
|
+
expect { subject.request_phase }.not_to raise_error
|
72
|
+
end
|
73
|
+
end
|
74
|
+
end
|
75
|
+
|
76
|
+
end
|
77
|
+
|
78
|
+
private
|
79
|
+
|
80
|
+
def raw_info_hash
|
81
|
+
{
|
82
|
+
'uid' => 'hoge',
|
83
|
+
'displayName' => 'Foo Bar',
|
84
|
+
'pictureUrl' => 'http://xxx.com/aaa.jpg',
|
85
|
+
'statusMessage' => 'Developer'
|
86
|
+
}
|
87
|
+
end
|
data/spec/spec_helper.rb
ADDED
@@ -0,0 +1,20 @@
|
|
1
|
+
$:.unshift File.expand_path('..', __FILE__)
|
2
|
+
$:.unshift File.expand_path('../../lib', __FILE__)
|
3
|
+
require 'simplecov'
|
4
|
+
SimpleCov.start do
|
5
|
+
minimum_coverage(75.00)
|
6
|
+
end
|
7
|
+
require 'rspec'
|
8
|
+
require 'rack/test'
|
9
|
+
require 'webmock/rspec'
|
10
|
+
require 'omniauth'
|
11
|
+
require 'omniauth-line'
|
12
|
+
|
13
|
+
RSpec.configure do |config|
|
14
|
+
config.include WebMock::API
|
15
|
+
config.include Rack::Test::Methods
|
16
|
+
config.extend OmniAuth::Test::StrategyMacros, :type => :strategy
|
17
|
+
config.expect_with :rspec do |c|
|
18
|
+
c.syntax = :expect
|
19
|
+
end
|
20
|
+
end
|
metadata
ADDED
@@ -0,0 +1,96 @@
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
2
|
+
name: omniauth-oauth2-line
|
3
|
+
version: !ruby/object:Gem::Version
|
4
|
+
version: 0.0.7
|
5
|
+
platform: ruby
|
6
|
+
authors:
|
7
|
+
- TC Juan
|
8
|
+
autorequire:
|
9
|
+
bindir: bin
|
10
|
+
cert_chain: []
|
11
|
+
date: 2020-03-17 00:00:00.000000000 Z
|
12
|
+
dependencies:
|
13
|
+
- !ruby/object:Gem::Dependency
|
14
|
+
name: json
|
15
|
+
requirement: !ruby/object:Gem::Requirement
|
16
|
+
requirements:
|
17
|
+
- - "~>"
|
18
|
+
- !ruby/object:Gem::Version
|
19
|
+
version: '1.3'
|
20
|
+
type: :runtime
|
21
|
+
prerelease: false
|
22
|
+
version_requirements: !ruby/object:Gem::Requirement
|
23
|
+
requirements:
|
24
|
+
- - "~>"
|
25
|
+
- !ruby/object:Gem::Version
|
26
|
+
version: '1.3'
|
27
|
+
- !ruby/object:Gem::Dependency
|
28
|
+
name: omniauth-oauth2
|
29
|
+
requirement: !ruby/object:Gem::Requirement
|
30
|
+
requirements:
|
31
|
+
- - "~>"
|
32
|
+
- !ruby/object:Gem::Version
|
33
|
+
version: '1.6'
|
34
|
+
type: :runtime
|
35
|
+
prerelease: false
|
36
|
+
version_requirements: !ruby/object:Gem::Requirement
|
37
|
+
requirements:
|
38
|
+
- - "~>"
|
39
|
+
- !ruby/object:Gem::Version
|
40
|
+
version: '1.6'
|
41
|
+
- !ruby/object:Gem::Dependency
|
42
|
+
name: bundler
|
43
|
+
requirement: !ruby/object:Gem::Requirement
|
44
|
+
requirements:
|
45
|
+
- - "~>"
|
46
|
+
- !ruby/object:Gem::Version
|
47
|
+
version: '1.0'
|
48
|
+
type: :development
|
49
|
+
prerelease: false
|
50
|
+
version_requirements: !ruby/object:Gem::Requirement
|
51
|
+
requirements:
|
52
|
+
- - "~>"
|
53
|
+
- !ruby/object:Gem::Version
|
54
|
+
version: '1.0'
|
55
|
+
description: OmniAuth strategy for ominauth-oauth2 1.6 for Line
|
56
|
+
email:
|
57
|
+
- tcjuan@gmail.com
|
58
|
+
executables: []
|
59
|
+
extensions: []
|
60
|
+
extra_rdoc_files: []
|
61
|
+
files:
|
62
|
+
- Gemfile
|
63
|
+
- README.md
|
64
|
+
- Rakefile
|
65
|
+
- lib/omniauth-oauth2-line.rb
|
66
|
+
- lib/omniauth-oauth2-line/version.rb
|
67
|
+
- lib/omniauth/strategies/oauth2_line.rb
|
68
|
+
- omniauth-oauth2-line.gemspec
|
69
|
+
- spec/omniauth/strategies/line_spec.rb
|
70
|
+
- spec/spec_helper.rb
|
71
|
+
homepage: https://github.com/tcjuan/omniauth-oauth2-line
|
72
|
+
licenses:
|
73
|
+
- MIT
|
74
|
+
metadata: {}
|
75
|
+
post_install_message:
|
76
|
+
rdoc_options: []
|
77
|
+
require_paths:
|
78
|
+
- lib
|
79
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
80
|
+
requirements:
|
81
|
+
- - ">="
|
82
|
+
- !ruby/object:Gem::Version
|
83
|
+
version: '0'
|
84
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
85
|
+
requirements:
|
86
|
+
- - ">="
|
87
|
+
- !ruby/object:Gem::Version
|
88
|
+
version: '0'
|
89
|
+
requirements: []
|
90
|
+
rubygems_version: 3.0.6
|
91
|
+
signing_key:
|
92
|
+
specification_version: 4
|
93
|
+
summary: OmniAuth strategy for ominauth-oauth2 1.6 for Line
|
94
|
+
test_files:
|
95
|
+
- spec/omniauth/strategies/line_spec.rb
|
96
|
+
- spec/spec_helper.rb
|