omniauth-open-edx 1.0.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: 9bb707284e879a220930aee4a98fa14c4a4e06a4067b8d87719ad4045628eb6d
+  data.tar.gz: fd39ed5c00099c6dd0fe100da9f95d436f5e92be21eec266ef254765115e6df9
+SHA512:
+  metadata.gz: 2ee47db6426bfa6c05725e6e08b24b97bf89def9bfa886ef64350a56653a1bba9e83d050af520f81d7172b51d65607dccaf002da7f42933cc41e8bed2ae03f5e
+  data.tar.gz: 97796ee6bca64e35c4418549dc6c2c6497aeffa7ab26a2a93ea973d1206fb51cc8fe468e1a4a80e21b38fcca9ea0f0853eb12a2309b3429ce26bfae8f1b642d8

data/.editorconfig

@@ -0,0 +1,12 @@
+# EditorConfig is awesome: https://EditorConfig.org
+
+# top-most EditorConfig file
+root = true
+
+[*]
+indent_style = space
+indent_size = 2
+end_of_line = lf
+charset = utf-8
+trim_trailing_whitespace = true
+insert_final_newline = true

data/.gitignore

@@ -0,0 +1,12 @@
+/.bundle/
+/.yardoc
+/_yardoc/
+/coverage/
+/doc/
+/pkg/
+/spec/reports/
+/tmp/
+Gemfile.lock
+
+# rspec failure tracking
+.rspec_status

data/.prettierrc.yml

@@ -0,0 +1 @@
+rubySingleQuote: false

data/.rspec

@@ -0,0 +1,3 @@
+--format documentation
+--color
+--require spec_helper

data/.rubocop.yml

@@ -0,0 +1,5 @@
+inherit_gem:
+  prettier: rubocop.yml
+
+Style/StringLiterals:
+  EnforcedStyle: double_quotes

data/Gemfile

@@ -0,0 +1,4 @@
+source "https://rubygems.org"
+
+# Specify your gem's dependencies in omniauth-open-edx.gemspec
+gemspec

data/LICENSE

@@ -0,0 +1,21 @@
+The MIT License (MIT)
+
+Copyright (c) International Business Machines Corporation
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

data/README.md

@@ -0,0 +1,41 @@
+# OmniAuth::OpenEdx
+
+This is the OmniAuth stragegy for authenticaing to Open edX.
+
+Note, this strategy only works with Open edX `juniper` release or above.
+
+## Installation
+
+Add to your `Gemfile`:
+
+```ruby
+gem "omniauth-open-edx"
+```
+
+## Open edX OAuth2 Toolkit Setup
+
+- Go to `${LMS_URL}/admin/oauth2_provider/application`
+- Add a new application
+- Enter redirect url, this depends on your setup, learn more from [examples](./examples)
+- Select `Confidential` client type, `Authorization code` authorization grant type
+- Get the `Client id` and `Client secret` and configure them in your ruby application
+
+## Usage
+
+```ruby
+use OmniAuth::Builder do
+  provider :open_edx,
+           ENV["OPEN_EDX_OAUTH_CLIENT_ID"],
+           ENV["OPEN_EDX_OAUTH_CLIENT_SECRET"],
+           {
+             scope: "profile email",
+             client_options: {
+               site: "https://courses.edx.org",
+             },
+           }
+end
+```
+
+## License
+
+[MIT License](./LICENSE).

data/Rakefile

@@ -0,0 +1,6 @@
+require "bundler/gem_tasks"
+require "rspec/core/rake_task"
+
+RSpec::Core::RakeTask.new(:spec)
+
+task default: :spec

data/bin/console

@@ -0,0 +1,14 @@
+#!/usr/bin/env ruby
+
+require "bundler/setup"
+require "omniauth-open-edx"
+
+# You can add fixtures and/or initialization code here to make experimenting
+# with your gem easier. You can also use a different console, if you like.
+
+# (If you use this, don't forget to add pry to your Gemfile!)
+# require "pry"
+# Pry.start
+
+require "irb"
+IRB.start(__FILE__)

data/bin/setup

@@ -0,0 +1,8 @@
+#!/usr/bin/env bash
+set -euo pipefail
+IFS=$'\n\t'
+set -vx
+
+bundle install
+
+# Do any other automated setup that you need to do here

data/examples/sinatra/Gemfile

@@ -0,0 +1,5 @@
+source "https://rubygems.org"
+
+git_source(:github) { |repo_name| "https://github.com/#{repo_name}" }
+
+gem "omniauth-open-edx", path: "../../"

data/examples/sinatra/app.rb

@@ -0,0 +1,38 @@
+begin
+  require "sinatra"
+  require "omniauth"
+  require "omniauth-open-edx"
+rescue LoadError
+  require "rubygems"
+  require "sinatra"
+  require "omniauth"
+  require "omniauth-open-edx"
+end
+
+use Rack::Session::Cookie
+use OmniAuth::Builder do
+  provider :open_edx,
+           ENV["OPEN_EDX_OAUTH_CLIENT_ID"],
+           ENV["OPEN_EDX_OAUTH_CLIENT_SECRET"],
+           {
+             scope: "profile email",
+             client_options: {
+               site: "https://courses.edx.org"
+             }
+           }
+end
+
+get "/" do
+  <<-HTML
+  <a href='/auth/open_edx'>Sign in with Open edX</a>
+  HTML
+end
+
+get "/auth/:name/callback" do
+  auth = request.env["omniauth.auth"]
+  <<-HTML
+  <h1>You are logged in as #{auth["info"]["email"]}</h1>
+  <div>OmniAuth::AuthHash::InfoHash</div>
+  <span>#{auth["info"].to_json}</span>
+  HTML
+end

data/lib/omniauth-open-edx.rb

@@ -0,0 +1,2 @@
+require "omniauth-open-edx/version"
+require "omniauth/strategies/open_edx"

data/lib/omniauth-open-edx/version.rb

@@ -0,0 +1,5 @@
+module OmniAuth
+  module OpenEdx
+    VERSION = "1.0.0"
+  end
+end

data/lib/omniauth/strategies/open_edx.rb

@@ -0,0 +1,67 @@
+# frozen_string_literal: true
+
+# Learn more about the Open edX JWT Oauth2 flow
+# https://github.com/edx/edx-platform/blob/master/openedx/core/djangoapps/oauth_dispatch/docs/decisions/0003-use-jwt-as-oauth-tokens-remove-openid-connect.rst
+
+require "omniauth-oauth2"
+require "jwt"
+
+module OmniAuth
+  module Strategies
+    class OpenEdx < OmniAuth::Strategies::OAuth2
+      DEFAULT_SCOPE = "profile email"
+
+      option :name, "open_edx"
+      option :client_options,
+             site: "https://courses.edx.org",
+             authorize_url: "/oauth2/authorize",
+             token_url: "/oauth2/access_token"
+      option :scope, DEFAULT_SCOPE
+      option :authorize_options, [:scope]
+
+      option :token_options, [:token_type]
+      option :token_params, token_type: "jwt"
+
+      uid { raw_info["sub"] }
+
+      info do
+        {
+          name: raw_info["name"],
+          email: raw_info["email"],
+          username: raw_info["preferred_username"],
+          first_name: raw_info["given_name"],
+          last_name: raw_info["family_name"]
+        }
+      end
+
+      extra { { raw_info: raw_info } }
+
+      def raw_info
+        @raw_info ||= jwt_payload
+      end
+
+      def callback_url
+        # overwrite this function from omniauth
+        # https://github.com/omniauth/omniauth/blob/c2380ae848ce4e0e39b4bb94c5b8e3fd0a544825/lib/omniauth/strategy.rb#L444
+        # edx greatly dislikes when query_string is part of the callback_url
+        full_host + callback_path
+      end
+
+      def authorize_params
+        super.tap do |params|
+          %w[scope].each do |v|
+            params[v.to_sym] = request.params[v] if request.params[v]
+          end
+
+          params[:scope] ||= DEFAULT_SCOPE
+        end
+      end
+
+      private
+
+      def jwt_payload
+        JWT.decode(access_token.token, nil, false)[0]
+      end
+    end
+  end
+end

data/omniauth-open-edx.gemspec

@@ -0,0 +1,42 @@
+require_relative "lib/omniauth-open-edx/version"
+
+Gem::Specification.new do |spec|
+  spec.name = "omniauth-open-edx"
+  spec.version = OmniAuth::OpenEdx::VERSION
+  spec.authors = ["Michael Lin"]
+  spec.email = ["mlzc@hey.com"]
+
+  spec.summary = "Open edX strategy for OmniAuth"
+  spec.description = "Open edX strategy for OmniAuth"
+  spec.homepage = "https://github.com/ibm-skills-network/omniauth-open-edx"
+  spec.license = "MIT"
+  spec.required_ruby_version = Gem::Requirement.new(">= 2.3.0")
+
+  spec.metadata["homepage_uri"] = spec.homepage
+  spec.metadata["source_code_uri"] =
+    "https://github.com/ibm-skills-network/omniauth-open-edx"
+
+  # Specify which files should be added to the gem when it is released.
+  # The `git ls-files -z` loads the files in the RubyGem that have been added into git.
+  spec.files =
+    Dir.chdir(File.expand_path(__dir__)) do
+      `git ls-files -z`.split("\x0").reject do |f|
+        f.match(%r{^(test|spec|features)/})
+      end
+    end
+  spec.bindir = "exe"
+  spec.executables = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
+  spec.require_paths = ["lib"]
+
+  spec.add_dependency "jwt", ">= 2.0"
+  spec.add_dependency "omniauth", [">= 1.9", "< 2"]
+  spec.add_dependency "omniauth-oauth2", ">= 1.4"
+
+  spec.add_development_dependency "bundler", ">= 2.0"
+  spec.add_development_dependency "prettier"
+  spec.add_development_dependency "rack-test"
+  spec.add_development_dependency "rake"
+  spec.add_development_dependency "rspec", ">= 3.0"
+  spec.add_development_dependency "simplecov"
+  spec.add_development_dependency "webmock"
+end

metadata

@@ -0,0 +1,208 @@
+--- !ruby/object:Gem::Specification
+name: omniauth-open-edx
+version: !ruby/object:Gem::Version
+  version: 1.0.0
+platform: ruby
+authors:
+- Michael Lin
+autorequire: 
+bindir: exe
+cert_chain: []
+date: 2021-04-18 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: jwt
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '2.0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '2.0'
+- !ruby/object:Gem::Dependency
+  name: omniauth
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '1.9'
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '2'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '1.9'
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '2'
+- !ruby/object:Gem::Dependency
+  name: omniauth-oauth2
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '1.4'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '1.4'
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '2.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '2.0'
+- !ruby/object:Gem::Dependency
+  name: prettier
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rack-test
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '3.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '3.0'
+- !ruby/object:Gem::Dependency
+  name: simplecov
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: webmock
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+description: Open edX strategy for OmniAuth
+email:
+- mlzc@hey.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- ".editorconfig"
+- ".gitignore"
+- ".prettierrc.yml"
+- ".rspec"
+- ".rubocop.yml"
+- Gemfile
+- LICENSE
+- README.md
+- Rakefile
+- bin/console
+- bin/setup
+- examples/sinatra/Gemfile
+- examples/sinatra/app.rb
+- lib/omniauth-open-edx.rb
+- lib/omniauth-open-edx/version.rb
+- lib/omniauth/strategies/open_edx.rb
+- omniauth-open-edx.gemspec
+homepage: https://github.com/ibm-skills-network/omniauth-open-edx
+licenses:
+- MIT
+metadata:
+  homepage_uri: https://github.com/ibm-skills-network/omniauth-open-edx
+  source_code_uri: https://github.com/ibm-skills-network/omniauth-open-edx
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: 2.3.0
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubygems_version: 3.1.2
+signing_key: 
+specification_version: 4
+summary: Open edX strategy for OmniAuth
+test_files: []