omniauth-orcid 0.6 → 1.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 0ede20a0539d30bcbe25b46fd7a809208b01ec57
+  data.tar.gz: c3258e160fd3f4716810e6ca021302bde2157706
+SHA512:
+  metadata.gz: 06f5b7f7610aec0fc91254d5ed04e1a37c9ffabf6618dbd77354401c3d5d0d0340d3939772524b2acaaa820187604a61678d211149e681be8f365e1fda9f6eec
+  data.tar.gz: 8028010218d38d7ff715b5772e01a06de1d6acd7a6695c410a85ce0ff2e4b87940c9f87567247bc61a1743e2f80c29d2208a710c2c04774f5e641d11a373517d

data/CHANGELOG.md

@@ -0,0 +1,7 @@
+## v.1.0 (July 25, 2015)
+
+[onmiauth-orcid 1.0](https://github.com/datacite/omniauth-orcid/releases/tag/v.1.0) was released on July 25, 2015 with the following changes:
+
+* changed default scope to `authenticate`, and use the public API `https://pub.orcid.org` by default. These settings work for non-members.
+* added `name` and `email` to the `info` hash returned by omniauth (`email` will be empty in almost all cases)
+* cleaned up documentation in `README.md`

data/LICENSE.txt

@@ -1,6 +1,6 @@
 The MIT License
 
-Copyright (C) 2012, Gudmundur A. Thorisson
+Copyright (C) 2012-2015, Gudmundur A. Thorisson
 
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal

data/README.md

@@ -1,13 +1,14 @@
 # OmniAuth ORCID
 
-ORCID OAuth 2.0 Strategy for the wonderful [OmniAuth Ruby authentication framework](http://www.omniauth.org).
+[![DOI](https://zenodo.org/badge/15088/datacite/omniauth-orcid.svg)](https://zenodo.org/badge/latestdoi/15088/datacite/omniauth-orcid)
+
+ORCID OAuth 2.0 Strategy for the [OmniAuth Ruby authentication framework](http://www.omniauth.org).
 
 Provides basic support for connecting a client application to the [Open Researcher & Contributor ID registry service](http://orcid.org).
 
 Originally created for the [ORCID example client application in Rails](https://github.com/gthorisson/ORCID-example-client-app-rails), then turned into a gem.
 
 
-
 ## Installation
 
 The usual way with Bundler: add the following to your `Gemfile` to install the current version of the gem:
@@ -16,66 +17,63 @@ The usual way with Bundler: add the following to your `Gemfile` to install the c
 gem 'omniauth-orcid'
 ```
 
-Or, if you're impatient, you can install straight from GitHub
-
-```ruby
-gem 'omniauth-orcid' , :git => 'git://github.com/gthorisson/omniauth-orcid.git'
-```
-
 Then run `bundle install` to install into your environment.
 
 You can also install the gem system-wide in the usual way:
 
 ```bash
-[mummi@nfmac07]gem install omniauth-orcid
+gem install omniauth-orcid
 ```
 
+
 ## Getting started
 
 Like other OmniAuth strategies, `OmniAuth::Strategies::ORCID` is a piece of Rack middleware. Please read the OmniAuth documentation for detailed instructions: https://github.com/intridea/omniauth.
 
-
 By default the module connects to the live ORCID service. In the very simplest usage, all you have to provide are your client app credentials ([see more here](http://support.orcid.org/knowledgebase/articles/116739)):
 
 ```ruby
 use OmniAuth::Builder do
-  provider :orcid, ENV['ORCID_KEY'], ENV['ORCID_SECRET']
+  provider :orcid, ENV['ORCID_CLIENT_ID'], ENV['ORCID_CLIENT_SECRET']
 end
 ```
 
+There are three ways to register a client application and obtain client app credentials (`client_id` and `client_secret`) as well as a `site URL`:
+
+* for non-members (the default): Register your client application in the `Developer Tools` section of your ORCID profile. Use `https://pub.orcid.org` as `site URL`
+* for members (production): Register your client application [here](http://orcid.org/content/register-client-application). Use https://api.orcid.org as `site URL`
+* for development (sandbox): Register your client application [here](https://orcid.org/content/register-client-application-sandbox). Use https://sandbox.orcid.org as `site URL`
+
 OmniAuth takes care of the OAuth external-authentication handshake or "dance". All that the gem does is grab the identifier and tokens at the end of the dance and stick it into the OmniAuth hash which is subsequently accessible to your app via `request.env['omniauth.auth']` (see [AuthHashSchema](https://github.com/intridea/omniauth/wiki/Auth-Hash-Schema)). The hash looks something like this:
 
 ```json
 {
-  provider: "orcid",
-  uid: "0000-0003-2012-0010",
-  info: {
-  name: null
-},
-credentials: {
-  token: "e82938fa-a287-42cf-a2ce-f48ef68c9a35",
-  refresh_token: "f94c58dd-b452-44f4-8863-0bf8486a0071",
-  expires_at: 1979903874,
-  expires: true
-},
-extra: { }
+  "provider": "orcid",
+  "uid": "0000-0003-2012-0010",
+  "info": {
+    "name": "John Smith",
+    "email": null
+  },
+  "credentials": {
+    "token": "e82938fa-a287-42cf-a2ce-f48ef68c9a35",
+    "refresh_token": "f94c58dd-b452-44f4-8863-0bf8486a0071",
+    "expires_at": 1979903874,
+    "expires": true
+  },
+  "extra": {
+  }
 }
 ```
 
-You have to implement a callback handler to grab at least the `uid` from the hash and (typically) save it in a session. This effectively provides basic "Log in with your ORCiD" functionality.
-
-Most likely, with the token in hand, you'll want to do something more sophisticated with the API, like retrieving profile data and do something cool with it. See the API guide for more details:
-
-http://support.orcid.org/knowledgebase/articles/116874-orcid-api-guide
-
+You have to implement a callback handler to grab at least the `uid` from the hash and (typically) save it in a session. This effectively provides basic **Log in with your ORCID** functionality.
 
+Most likely, with the token in hand, you'll want to do something more sophisticated with the API, like retrieving profile data and do something cool with it. See the [API documentation](http://members.orcid.org/api/api-calls) for more details:
 
 Here's how to get going with a couple of popular Rack-based frameworks:
 
 
 ### Sinatra
 
-
 Configure the strategy and implement a callback routine in your app:
 
 ```ruby
@@ -85,7 +83,7 @@ require 'omniauth-orcid'
 enable :sessions
 
 use OmniAuth::Builder do
-  provider :orcid, ENV['ORCID_KEY'], ENV['ORCID_SECRET']
+  provider :orcid, ENV['ORCID_CLIENT_ID'], ENV['ORCID_CLIENT_SECRET']
 end
 ...
 get '/auth/orcid/callback' do
@@ -94,7 +92,7 @@ get '/auth/orcid/callback' do
 end
 
 get '/' do
-  
+
   if session[:omniauth]
     @orcid = session[:omniauth][:uid]
   end
@@ -114,7 +112,7 @@ ruby demo.rb
 ```
 
 
-### Rails 
+### Rails
 
 
 Add this to `config/initializers/omniauth.rb` to configure the strategy:
@@ -123,7 +121,7 @@ Add this to `config/initializers/omniauth.rb` to configure the strategy:
 require 'omniauth-orcid'
 
 Rails.application.config.middleware.use OmniAuth::Builder do
-  provider :orcid, ENV['ORCID_KEY'], ENV['ORCID_SECRET']
+  provider :orcid, ENV['ORCID_CLIENT_ID'], ENV['ORCID_CLIENT_SECRET']
 end
 ```
 
@@ -151,68 +149,35 @@ class AuthenticationsController < ApplicationController
 
 ## Configuration
 
-You can also grab parameters from a config file (recommended) and pass
-to the strategy, along with other options specific to your app. The OAuth scope or
+You can also grab parameters from a environment variables (e.g. using the [dotenv](https://github.com/bkeepers/dotenv) gem) and pass to the strategy, along with other options specific to your app. The OAuth scope or
 scopes in particular frequently need to be customized. Here's an example from the bundled Sinatra app in `demo.rb`:
 
-*UPDATE The [omniauth-oauth2 gem](https://github.com/intridea/omniauth-oauth2)  was recently been updated to process options slightly differently. The `:scope` string must now be passed in via  `:authorize_params`, see below*
-
 ```ruby
-config_file 'config.yml'
 use OmniAuth::Builder do
-  provider :orcid, settings.client_id, settings.client_secret, 
-    :authorize_params => {
-      :scope => '/orcid-profile/read-limited'
+  provider :orcid, ENV['ORCID_CLIENT_ID'], ENV['ORCID_CLIENT_SECRET'],
+    authorize_params: {
+      scope: '/orcid-profile/read-limited'
     },
-  :client_options => {
-    :site => settings.site, 
-    :authorize_url => settings.authorize_url,
-    :token_url => settings.token_url
+  client_options: {
+    site: ENV['ORCID_URL'],
+    authorize_url: "#{ENV['ORCID_URL']}/oauth/authorize",
+    token_url: "#{ENV['ORCID_URL']}/oauth/token",
   }
 end
 
 ```
+Where `ENV['ORCID_CLIENT_ID']` and `ENV['ORCID_CLIENT_SECRET']` are provided by ORCID when registering the application, and `ENV['ORCID_URL']` depends on the API you are using (see above).
 
-Different sets of params from `config.yml` are used for production environment (points to live ORCID service) vs. development environment (points to ORCID sandbox service).
-
-You can do something similar with in Rails with the same config file, or something . See a working example here: https://github.com/gthorisson/ORCID-example-client-app-rails
-
-
-
-## More information 
 
-ORCID Open Source Project - https://github.com/ORCID/ORCID-Source
-Developer Wiki - https://github.com/ORCID/ORCID-Source/wiki
-Technical community - http://orcid.org/about/community/orcid-technical-community
+## More information
 
+* [ORCID Open Source Project](https://github.com/ORCID/ORCID-Source)
+* [Developer Wiki](https://github.com/ORCID/ORCID-Source/wiki)
+* [Technical community](http://orcid.org/about/community/orcid-technical-community)
 
 
 ## License
 
-The MIT License (OSI approved, see more at http://www.opensource.org/licenses/mit-license.php)
-
-=============================================================================
-
-Copyright (C) 2012 by Gudmundur A. Thorisson
-
-Permission is hereby granted, free of charge, to any person obtaining a copy
-of this software and associated documentation files (the "Software"), to deal
-in the Software without restriction, including without limitation the rights
-to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-copies of the Software, and to permit persons to whom the Software is
-furnished to do so, subject to the following conditions:
-
-The above copyright notice and this permission notice shall be included in
-all copies or substantial portions of the Software.
-
-THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-THE SOFTWARE.
-
-=============================================================================
+The [MIT License](license.txt) (OSI approved, see more at http://www.opensource.org/licenses/mit-license.php)
 
 ![Open Source Initiative Approved License](http://www.opensource.org/trademarks/opensource/web/opensource-110x95.jpg)

data/demo.rb

@@ -4,7 +4,6 @@
 
 require 'rubygems'
 require 'sinatra'
-require 'sinatra/config_file'
 require 'haml'
 require 'omniauth-orcid'
 require 'oauth2'
@@ -13,22 +12,24 @@ require 'json'
 enable :sessions
 use Rack::Session::Cookie
 
-config_file 'config.yml'
 if development?
   puts "Sinatra running in development mode"
 elsif production?
-  puts "Sinatra running in production mode"  
+  puts "Sinatra running in production mode"
 end
 
 puts "Connecting to ORCID API at " + settings.site + " as client app #{settings.client_id}"
 
 # Configure the ORCID strategy
 use OmniAuth::Builder do
-  provider :orcid, settings.client_id, settings.client_secret, 
-  :client_options => {
-    :site => settings.site, 
-    :authorize_url => settings.authorize_url,
-    :token_url => settings.token_url
+  provider :orcid, ENV['ORCID_CLIENT_ID'], ENV['ORCID_CLIENT_SECRET'],
+    authorize_params: {
+      scope: '/orcid-profile/read-limited'
+    },
+  client_options: {
+    site: ENV['ORCID_URL'],
+    authorize_url: "#{ENV['ORCID_URL']}/oauth/authorize",
+    token_url: "#{ENV['ORCID_URL']}/oauth/token",
   }
 end
 
@@ -38,7 +39,7 @@ end
 get '/' do
 
   @orcid = ''
-  
+
   if session[:omniauth]
     @orcid = session[:omniauth][:uid]
   end

data/lib/omniauth-orcid.rb

@@ -1,2 +1 @@
-require "omniauth-orcid/version"
-require 'omniauth/strategies/orcid'
+require 'omniauth/orcid'

data/lib/omniauth/orcid.rb

@@ -0,0 +1,2 @@
+require "omniauth/orcid/version"
+require 'omniauth/strategies/orcid'

data/lib/omniauth/orcid/version.rb

@@ -0,0 +1,5 @@
+module OmniAuth
+  module Orcid
+    VERSION = "1.0"
+  end
+end

data/lib/omniauth/strategies/orcid.rb

@@ -6,27 +6,29 @@ module OmniAuth
   module Strategies
     class ORCID < OmniAuth::Strategies::OAuth2
 
-      DEFAULT_SCOPE = '/orcid-bio/read-limited'
+      DEFAULT_SCOPE = '/authenticate'
 
       option :client_options, {
         :site => 'http://api.orcid.org',
         :authorize_url => 'http://orcid.org/oauth/authorize',
-        :token_url => 'https://api.orcid.org/oauth/token',
-        :scope => '/orcid-profile/read-limited',
+        :token_url => 'https://pub.orcid.org/oauth/token',
+        :scope => '/authenticate',
         :response_type => 'code',
         :mode => :header
       }
 
-
       # Pull out unique ID for the user in the external system
-      uid {  access_token.params["orcid"] }
+      uid { access_token.params["orcid"] }
 
-      info do{} end
+      info do
+        { name: access_token.params["name"],
+          email: access_token.params["email"] }
+      end
 
       # Customize the parameters passed to the OAuth provider in the authorization phase
       def authorize_params
-        
-        # Trick shamelessly borrowed from the omniauth-facebook gem! 
+
+        # Trick shamelessly borrowed from the omniauth-facebook gem!
         super.tap do |params|
           %w[scope].each { |v| params[v.to_sym] = request.params[v] if request.params[v] }
           params[:scope] ||= DEFAULT_SCOPE # ensure that we're always request *some* default scope

data/omniauth-orcid.gemspec

@@ -1,18 +1,19 @@
 require "date"
-require File.expand_path("../lib/omniauth-orcid/version", __FILE__)
+require File.expand_path("../lib/omniauth/orcid/version", __FILE__)
 
 Gem::Specification.new do |s|
-  s.authors       = ["Gudmundur A. Thorisson"]
-  s.email         = %q{gthorisson@gmail.com}
+  s.authors       = ["Gudmundur A. Thorisson", "Martin Fenner"]
+  s.email         = ["gthorisson@gmail.com", "martin.fenner@datacite.org"]
   s.name          = "omniauth-orcid"
-  s.homepage      = %q{https://github.com/gthorisson/omniauth-orcid}
+  s.homepage      = %q{https://github.com/datacite/omniauth-orcid}
   s.summary       = %q{ORCID OAuth 2.0 Strategy for OmniAuth 1.0}
   s.date          = Date.today
   s.description   = %q{Enables third-party client apps to connect to the ORCID API and access/update protected profile data }
-  s.files         = Dir["{lib}/**/*.rb", "bin/*", "LICENSE.txt", "*.md", "Rakefile", "Gemfile", "demo.rb", "config.yml", "omniauth-orcid.gemspec"]
+  s.files         = Dir["{lib}/**/*.rb", "bin/*", "LICENSE.txt", "*.md", "Rakefile", "Gemfile", "demo.rb", "omniauth-orcid.gemspec"]
   s.require_paths = ["lib"]
-  s.version       = OmniAuth::ORCID::VERSION
+  s.version       = OmniAuth::Orcid::VERSION
   s.extra_rdoc_files = ["README.md"]
+  s.license       = 'MIT'
 
 
   # Declary dependencies here, rather than in the Gemfile

metadata

@@ -1,88 +1,87 @@
 --- !ruby/object:Gem::Specification
 name: omniauth-orcid
 version: !ruby/object:Gem::Version
-  version: '0.6'
-  prerelease: 
+  version: '1.0'
 platform: ruby
 authors:
 - Gudmundur A. Thorisson
+- Martin Fenner
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2013-04-22 00:00:00.000000000 Z
+date: 2015-07-27 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: omniauth
   requirement: !ruby/object:Gem::Requirement
-    none: false
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: '1.0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
-    none: false
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: '1.0'
 - !ruby/object:Gem::Dependency
   name: omniauth-oauth2
   requirement: !ruby/object:Gem::Requirement
-    none: false
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: '1.1'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
-    none: false
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: '1.1'
-description: ! 'Enables third-party client apps to connect to the ORCID API and access/update
+description: 'Enables third-party client apps to connect to the ORCID API and access/update
   protected profile data '
-email: gthorisson@gmail.com
+email:
+- gthorisson@gmail.com
+- martin.fenner@datacite.org
 executables: []
 extensions: []
 extra_rdoc_files:
 - README.md
 files:
-- lib/omniauth/strategies/orcid.rb
-- lib/omniauth-orcid/version.rb
-- lib/omniauth-orcid.rb
+- CHANGELOG.md
+- Gemfile
 - LICENSE.txt
 - README.md
 - Rakefile
-- Gemfile
 - demo.rb
-- config.yml
+- lib/omniauth-orcid.rb
+- lib/omniauth/orcid.rb
+- lib/omniauth/orcid/version.rb
+- lib/omniauth/strategies/orcid.rb
 - omniauth-orcid.gemspec
-homepage: https://github.com/gthorisson/omniauth-orcid
-licenses: []
+homepage: https://github.com/datacite/omniauth-orcid
+licenses:
+- MIT
+metadata: {}
 post_install_message: 
 rdoc_options: []
 require_paths:
 - lib
 required_ruby_version: !ruby/object:Gem::Requirement
-  none: false
   requirements:
-  - - ! '>='
+  - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 required_rubygems_version: !ruby/object:Gem::Requirement
-  none: false
   requirements:
-  - - ! '>='
+  - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 1.8.25
+rubygems_version: 2.4.5
 signing_key: 
-specification_version: 3
+specification_version: 4
 summary: ORCID OAuth 2.0 Strategy for OmniAuth 1.0
 test_files: []

data/config.yml

@@ -1,15 +0,0 @@
-# Default endpoint URLs for the ORCID OAuth API
-
-production:
-  site: https://api.orcid.org
-  authorize_url: https://orcid.org/oauth/authorize
-  token_url: https://api.orcid.org/oauth/token
-  client_id: 
-  client_secret: 
-
-development:
-  site: http://api.sandbox-1.orcid.org
-  authorize_url: http://sandbox-1.orcid.org/oauth/authorize
-  token_url: http://api.sandbox-1.orcid.org/oauth/token
-  client_id: 0000-0002-8831-0104
-  client_secret: 7fb56071-0c68-4d42-af00-5a52804ae645

data/lib/omniauth-orcid/version.rb

@@ -1,5 +0,0 @@
-module OmniAuth
-  module ORCID
-    VERSION = "0.6"
-  end
-end