omniauth-openid-connect 0.0.1

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: c06273038d8fe51a789022cd928d7f0edd330811
+  data.tar.gz: da7b7244bb7d098a8842cb9dceb4e357f0a81873
+SHA512:
+  metadata.gz: ce5cb62f58c8fb800649351deb20ce149481dbefa2e875044dd5b27af0208970c6802fac5353c9990138672b5442679d3e4df45bb60e39ff2558baa896027726
+  data.tar.gz: 2deac035829987f8da5ded262db5e453bfd26d88e4a7e3df33629d27bd099bba7e6c2c76dd89522ee257116bdd5f1620c50dd35d437588da5a31b16f4aebef6c

data/.gitignore

@@ -0,0 +1,18 @@
+*.gem
+*.rbc
+.bundle
+.config
+.yardoc
+Gemfile.lock
+InstalledFiles
+_yardoc
+coverage
+doc/
+lib/bundler/man
+pkg
+rdoc
+spec/reports
+test/tmp
+test/version_tmp
+tmp
+.ruby-version

data/.travis.yml

@@ -0,0 +1,6 @@
+rvm:
+  - 1.9.3
+  - 2.0.0
+  - 2.1.0
+  - jruby
+  - rbx

data/Gemfile

@@ -0,0 +1,2 @@
+source 'https://rubygems.org'
+gemspec

data/Guardfile

@@ -0,0 +1,14 @@
+# A sample Guardfile
+# More info at https://github.com/guard/guard#readme
+
+guard 'minitest' do
+  # with Minitest::Unit
+  watch(%r|^test/(.*)\/(.*)_test\.rb|)
+  watch(%r|^lib/(.*)\.rb|)     { |m| "test/lib/#{m[1]}_test.rb" }
+  watch(%r|^test/test_helper\.rb|)    { "test" }
+end
+
+guard :bundler do
+  watch('Gemfile')
+  watch(/^.+\.gemspec/)
+end

data/LICENSE.txt

@@ -0,0 +1,22 @@
+Copyright (c) 2014 John Bohn
+
+MIT License
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -0,0 +1,34 @@
+# OmniAuth::OpenIDConnect
+
+OpenID Connect strategy for OmniAuth
+[![Build Status](https://travis-ci.org/jjbohn/omniauth-openid-connect.png?branch=master)](https://travis-ci.org/jjbohn/omniauth-openid-connect)
+[![Coverage Status](https://coveralls.io/repos/jjbohn/omniauth-openid-connect/badge.png?branch=master)](https://coveralls.io/r/jjbohn/omniauth-openid-connect?branch=master)
+[![Code Climate](https://codeclimate.com/github/jjbohn/omniauth-openid-connect.png)](https://codeclimate.com/github/jjbohn/omniauth-openid-connect)
+
+## Installation
+
+Add this line to your application's Gemfile:
+
+    gem 'omniauth-openid-connect'
+
+And then execute:
+
+    $ bundle
+
+Or install it yourself as:
+
+    $ gem install omniauth-openid-connect
+
+## Usage
+
+Still quite a bit of work to get this gem ready for real production usage.
+Hoping to have a good working version by mid March 2014. If you'd like to help
+out, I'd love some contributions.
+
+## Contributing
+
+1. Fork it ( http://github.com/jjbohn/omniauth-openid-connect/fork )
+2. Create your feature branch (`git checkout -b my-new-feature`)
+3. Commit your changes (`git commit -am 'Add some feature'`)
+4. Push to the branch (`git push origin my-new-feature`)
+5. Create new Pull Request

data/Rakefile

@@ -0,0 +1,10 @@
+require 'bundler/gem_tasks'
+require 'rake/testtask'
+
+Rake::TestTask.new do |t|
+  t.libs << 'lib/omniauth-openid-connect'
+  t.test_files = FileList['test/lib/omniauth/**/*_test.rb']
+  t.verbose = true
+end
+
+task default: :test

data/lib/omniauth-openid-connect.rb

@@ -0,0 +1 @@
+require "omniauth/openid_connect"

data/lib/omniauth/openid_connect.rb

@@ -0,0 +1,2 @@
+require "omniauth/openid_connect/version"
+require "omniauth/strategies/openid_connect"

data/lib/omniauth/openid_connect/version.rb

@@ -0,0 +1,5 @@
+module OmniAuth
+  module OpenIDConnect
+    VERSION = "0.0.1"
+  end
+end

data/lib/omniauth/strategies/openid_connect.rb

@@ -0,0 +1,112 @@
+require 'addressable/uri'
+require "net/http"
+require 'omniauth'
+require "openid_connect"
+
+module OmniAuth
+  module Strategies
+    class OpenIDConnect
+      include OmniAuth::Strategy
+
+      attr_accessor :access_token
+
+      option :client_options, {
+        identifier: nil,
+        secret: nil,
+        redirect_uri: nil,
+        scheme: "https",
+        host: nil,
+        port: 443,
+        authorization_endpoint: "/authorize",
+        token_endpoint: "/token",
+        userinfo_endpoint: "/userinfo"
+      }
+      option :scope, [:openid]
+      option :response_type, "code"
+      option :state
+      option :response_mode
+      option :display, nil#, [:page, :popup, :touch, :wap]
+      option :prompt, nil#, [:none, :login, :consent, :select_account]
+      option :max_age
+      option :ui_locales
+      option :id_token_hint
+      option :login_hint
+      option :acr_values
+
+      uid { user_info.sub }
+
+      info do
+        {
+          name: user_info.name,
+          email: user_info.email,
+          nickname: user_info.nickname,
+          first_name: user_info.given_name,
+          last_name: user_info.family_name,
+          image: user_info.picture,
+          phone: user_info.phone_number,
+          urls: { website: user_info.website }
+        }
+      end
+
+      extra do
+        { raw_info: user_info.as_json } # UserInfo#as_json actually returns a hash
+      end
+
+      credentials do
+        { token: access_token.access_token }
+      end
+
+      def client
+        @client ||= ::OpenIDConnect::Client.new(client_options)
+      end
+
+      def request_phase
+        redirect authorize_uri
+      end
+
+      def callback_phase
+        client.redirect_uri = client_options.redirect_uri
+        client.authorization_code = authorization_code
+        access_token
+        super
+      end
+
+      def authorization_code
+        request.params["code"]
+      end
+
+      private
+
+      def user_info
+        @user_info ||= access_token.userinfo!
+      end
+
+      def access_token
+        @access_token ||= client.access_token!
+      end
+
+      def authorize_uri
+        client.redirect_uri = client_options.redirect_uri
+        client.authorization_uri(
+          response_type: options.response_type,
+          scope: options.scope,
+          nonce: nonce,
+        )
+      end
+
+      def client_options
+        options.client_options
+      end
+
+      def nonce
+        session[:nonce] = SecureRandom.hex(16)
+      end
+
+      def session
+        @env.nil? ? {} : super
+      end
+    end
+  end
+end
+
+OmniAuth.config.add_camelization 'openid_connect', 'OpenIDConnect'

data/omniauth-openid-connect.gemspec

@@ -0,0 +1,35 @@
+# coding: utf-8
+lib = File.expand_path('../lib', __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require 'omniauth/openid_connect/version'
+
+Gem::Specification.new do |spec|
+  spec.name          = "omniauth-openid-connect"
+  spec.version       = OmniAuth::OpenIDConnect::VERSION
+  spec.authors       = ["John Bohn"]
+  spec.email         = ["jjbohn@gmail.com"]
+  spec.summary       = %q{OpenID Connect Strategy for OmniAuth}
+  spec.description   = %q{OpenID Connect Strategy for OmniAuth}
+  spec.homepage      = "https://github.com/jjbohn/omniauth-openid-connect"
+  spec.license       = "MIT"
+
+  spec.files         = `git ls-files -z`.split("\x0")
+  spec.executables   = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
+  spec.test_files    = spec.files.grep(%r{^(test|spec|features)/})
+  spec.require_paths = ["lib"]
+
+  spec.add_dependency 'omniauth', '~> 1.1'
+  spec.add_dependency 'openid_connect', '= 0.7.3'
+  spec.add_dependency 'addressable', '~> 2.3'
+  spec.add_development_dependency "bundler", "~> 1.5"
+  spec.add_development_dependency "minitest"
+  spec.add_development_dependency "mocha"
+  spec.add_development_dependency "guard"
+  spec.add_development_dependency "guard-minitest"
+  spec.add_development_dependency "guard-bundler"
+  spec.add_development_dependency "rake"
+  spec.add_development_dependency "simplecov"
+  spec.add_development_dependency "pry"
+  spec.add_development_dependency "coveralls"
+  spec.add_development_dependency "faker"
+end

data/test/lib/omniauth/openid_connect/version_test.rb

@@ -0,0 +1,7 @@
+require_relative '../../../test_helper'
+
+class OmniAuth::OpenIDConnect::VersionTest < MiniTest::Test
+  def test_version_defined
+    refute_nil OmniAuth::OpenIDConnect::VERSION
+  end
+end

data/test/lib/omniauth/strategies/openid_connect_test.rb

@@ -0,0 +1,60 @@
+require_relative '../../../test_helper'
+
+class OmniAuth::Strategies::OpenIDConnectTest < StrategyTestCase
+  def test_client_options_defaults
+    assert_equal "https", strategy.options.client_options.scheme
+    assert_equal 443, strategy.options.client_options.port
+    assert_equal "/authorize", strategy.options.client_options.authorization_endpoint
+    assert_equal "/token", strategy.options.client_options.token_endpoint
+  end
+
+  def test_request_phase
+    expected_redirect = /^https:\/\/example\.com\/authorize\?client_id=1234&nonce=[\w\d]{32}&response_type=code&scope=openid$/
+    strategy.options.client_options.host = "example.com"
+    strategy.expects(:redirect).with(regexp_matches(expected_redirect))
+    strategy.request_phase
+  end
+
+  def test_uid
+    assert_equal user_info.sub, strategy.uid
+  end
+
+  def test_callback_phase
+    code = SecureRandom.hex(16)
+    request.stubs(:params).returns({"code" => code})
+    request.stubs(:path_info).returns("")
+
+    strategy.unstub(:user_info)
+    access_token = stub('OpenIDConnect::AccessToken')
+    access_token.stubs(:access_token)
+    client.expects(:access_token!).returns(access_token)
+    access_token.expects(:userinfo!).returns(user_info)
+
+    strategy.call!({"rack.session" => {}})
+    strategy.callback_phase
+  end
+
+  def test_info
+    info = strategy.info
+    assert_equal user_info.name, info[:name]
+    assert_equal user_info.email, info[:email]
+    assert_equal user_info.nickname, info[:nickname]
+    assert_equal user_info.given_name, info[:first_name]
+    assert_equal user_info.family_name, info[:last_name]
+    assert_equal user_info.picture, info[:image]
+    assert_equal user_info.phone_number, info[:phone]
+    assert_equal({ website: user_info.website }, info[:urls])
+  end
+
+  def test_extra
+    assert_equal({ raw_info: user_info.as_json }, strategy.extra)
+  end
+
+  def test_credentials
+    access_token = stub('OpenIDConnect::AccessToken')
+    access_token.stubs(:access_token).returns(SecureRandom.hex(16))
+    client.expects(:access_token!).returns(access_token)
+
+    assert_equal({ token: access_token.access_token }, strategy.credentials)
+  end
+end

data/test/test_helper.rb

@@ -0,0 +1,63 @@
+require 'simplecov'
+SimpleCov.command_name 'test'
+SimpleCov.start
+
+require 'coveralls'
+Coveralls.wear!
+
+require 'minitest/autorun'
+require 'mocha/mini_test'
+require 'faker'
+require_relative '../lib/omniauth-openid-connect'
+
+OmniAuth.config.test_mode = true
+
+class StrategyTestCase < MiniTest::Test
+  class DummyApp
+    def call(env); end
+  end
+
+  attr_accessor :identifier, :secret
+
+  def setup
+    @identifier = "1234"
+    @secret = "1234asdgat3"
+  end
+
+  def client
+    strategy.client
+  end
+
+  def user_info
+    @user_info ||= OpenIDConnect::ResponseObject::UserInfo::OpenID.new(
+      sub: SecureRandom.hex(16),
+      name: Faker::Name.name,
+      email: Faker::Internet.email,
+      nickname: Faker::Internet.user_name,
+      given_name: Faker::Name.first_name,
+      family_name: Faker::Name.last_name,
+      picture: Faker::Internet.url + ".png",
+      phone_number: Faker::PhoneNumber.phone_number,
+      website: Faker::Internet.url,
+    )
+  end
+
+  def request
+    @request ||= stub('Request').tap do |request|
+      request.stubs(:params).returns({})
+      request.stubs(:cookies).returns({})
+      request.stubs(:env).returns({})
+      request.stubs(:scheme).returns({})
+      request.stubs(:ssl?).returns(false)
+    end
+  end
+
+  def strategy
+    @strategy ||= OmniAuth::Strategies::OpenIDConnect.new(DummyApp.new).tap do |strategy|
+      strategy.options.client_options.identifier = @identifier
+      strategy.options.client_options.secret = @secret
+      strategy.stubs(:request).returns(request)
+      strategy.stubs(:user_info).returns(user_info)
+    end
+  end
+end

metadata

@@ -0,0 +1,258 @@
+--- !ruby/object:Gem::Specification
+name: omniauth-openid-connect
+version: !ruby/object:Gem::Version
+  version: 0.0.1
+platform: ruby
+authors:
+- John Bohn
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2014-02-25 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: omniauth
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.1'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.1'
+- !ruby/object:Gem::Dependency
+  name: openid_connect
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '='
+      - !ruby/object:Gem::Version
+        version: 0.7.3
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '='
+      - !ruby/object:Gem::Version
+        version: 0.7.3
+- !ruby/object:Gem::Dependency
+  name: addressable
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.3'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.3'
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.5'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.5'
+- !ruby/object:Gem::Dependency
+  name: minitest
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: mocha
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: guard
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: guard-minitest
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: guard-bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: simplecov
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: pry
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: coveralls
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: faker
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+description: OpenID Connect Strategy for OmniAuth
+email:
+- jjbohn@gmail.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- ".gitignore"
+- ".travis.yml"
+- Gemfile
+- Guardfile
+- LICENSE.txt
+- README.md
+- Rakefile
+- lib/omniauth-openid-connect.rb
+- lib/omniauth/openid_connect.rb
+- lib/omniauth/openid_connect/version.rb
+- lib/omniauth/strategies/openid_connect.rb
+- omniauth-openid-connect.gemspec
+- test/lib/omniauth/openid_connect/version_test.rb
+- test/lib/omniauth/strategies/openid_connect_test.rb
+- test/test_helper.rb
+homepage: https://github.com/jjbohn/omniauth-openid-connect
+licenses:
+- MIT
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.2.0
+signing_key: 
+specification_version: 4
+summary: OpenID Connect Strategy for OmniAuth
+test_files:
+- test/lib/omniauth/openid_connect/version_test.rb
+- test/lib/omniauth/strategies/openid_connect_test.rb
+- test/test_helper.rb