omniauth-osso 0.1.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: 1d06f1431dfda1ada1148f0bab1f236e31c80ed15e3e3050f1938f30dd508e9e
+  data.tar.gz: c12528d4977371f2d235cb4abcf7630655fb87efd64a4e940cf189d02adb2c5d
+SHA512:
+  metadata.gz: fca2e07d268d7d06f4146ec7cc1ddef34cf13480853e6900d5da33fa445e8512cdb222fc32d30636e9ec682df52a5802d7b8509040a4008102f41179198b153c
+  data.tar.gz: 75b3acc3b3c4af7d898e4f974295ef7d6884fd2b3d661fd3de3352d28af9524d02a250630898bd88f949c2f23d4cfbe372a80227eb08b108de07a2d4c5c2311c

data/.gitignore

@@ -0,0 +1,8 @@
+/.bundle/
+/.yardoc
+/_yardoc/
+/coverage/
+/doc/
+/pkg/
+/spec/reports/
+/tmp/

data/.rspec

@@ -0,0 +1 @@
+--require spec_helper

data/.rubocop.yml

@@ -0,0 +1,21 @@
+Layout/LineLength:
+  Max: 120
+
+Metrics/BlockLength:
+  Exclude:
+    - 'spec/**/*'
+
+Style/Documentation:
+  Exclude:
+    - 'spec/**/*'
+
+Lint/RaiseException:
+  Enabled: true
+Lint/StructNewOverride:
+  Enabled: true
+Style/HashEachMethods:
+  Enabled: true
+Style/HashTransformKeys:
+  Enabled: true
+Style/HashTransformValues:
+  Enabled: true

data/Gemfile

@@ -0,0 +1,15 @@
+# frozen_string_literal: true
+
+source 'https://rubygems.org'
+
+git_source(:github) { |repo_name| "https://github.com/#{repo_name}" }
+
+group :test do
+  gem 'pry'
+  gem 'rack-test'
+  gem 'rspec', '~> 3.2'
+  gem 'rubocop'
+  gem 'webmock', '~> 3.0'
+end
+
+gemspec

data/Gemfile.lock

@@ -0,0 +1,93 @@
+PATH
+  remote: .
+  specs:
+    omniauth-osso (0.1.0)
+      omniauth-oauth2 (~> 1.6.0)
+
+GEM
+  remote: https://rubygems.org/
+  specs:
+    addressable (2.7.0)
+      public_suffix (>= 2.0.2, < 5.0)
+    ast (2.4.0)
+    coderay (1.1.2)
+    crack (0.4.3)
+      safe_yaml (~> 1.0.0)
+    diff-lcs (1.3)
+    faraday (1.0.1)
+      multipart-post (>= 1.2, < 3)
+    hashdiff (1.0.1)
+    hashie (4.1.0)
+    jaro_winkler (1.5.4)
+    jwt (2.2.1)
+    method_source (1.0.0)
+    multi_json (1.14.1)
+    multi_xml (0.6.0)
+    multipart-post (2.1.1)
+    oauth2 (1.4.4)
+      faraday (>= 0.8, < 2.0)
+      jwt (>= 1.0, < 3.0)
+      multi_json (~> 1.3)
+      multi_xml (~> 0.5)
+      rack (>= 1.2, < 3)
+    omniauth (1.9.1)
+      hashie (>= 3.4.6)
+      rack (>= 1.6.2, < 3)
+    omniauth-oauth2 (1.6.0)
+      oauth2 (~> 1.1)
+      omniauth (~> 1.9)
+    parallel (1.19.1)
+    parser (2.7.1.0)
+      ast (~> 2.4.0)
+    pry (0.13.0)
+      coderay (~> 1.1)
+      method_source (~> 1.0)
+    public_suffix (4.0.4)
+    rack (2.2.2)
+    rack-test (1.1.0)
+      rack (>= 1.0, < 3)
+    rainbow (3.0.0)
+    rexml (3.2.4)
+    rspec (3.8.0)
+      rspec-core (~> 3.8.0)
+      rspec-expectations (~> 3.8.0)
+      rspec-mocks (~> 3.8.0)
+    rspec-core (3.8.2)
+      rspec-support (~> 3.8.0)
+    rspec-expectations (3.8.4)
+      diff-lcs (>= 1.2.0, < 2.0)
+      rspec-support (~> 3.8.0)
+    rspec-mocks (3.8.1)
+      diff-lcs (>= 1.2.0, < 2.0)
+      rspec-support (~> 3.8.0)
+    rspec-support (3.8.2)
+    rubocop (0.81.0)
+      jaro_winkler (~> 1.5.1)
+      parallel (~> 1.10)
+      parser (>= 2.7.0.1)
+      rainbow (>= 2.2.2, < 4.0)
+      rexml
+      ruby-progressbar (~> 1.7)
+      unicode-display_width (>= 1.4.0, < 2.0)
+    ruby-progressbar (1.10.1)
+    safe_yaml (1.0.5)
+    unicode-display_width (1.7.0)
+    webmock (3.8.3)
+      addressable (>= 2.3.6)
+      crack (>= 0.3.2)
+      hashdiff (>= 0.4.0, < 2.0.0)
+
+PLATFORMS
+  ruby
+
+DEPENDENCIES
+  bundler (~> 2.1)
+  omniauth-osso!
+  pry
+  rack-test
+  rspec (~> 3.2)
+  rubocop
+  webmock (~> 3.0)
+
+BUNDLED WITH
+   2.1.4

data/README.md

@@ -0,0 +1,36 @@
+# Omniauth::Osso
+
+Welcome to your new gem! In this directory, you'll find the files you need to be able to package up your Ruby library into a gem. Put your Ruby code in the file `lib/omniauth/osso`. To experiment with that code, run `bin/console` for an interactive prompt.
+
+TODO: Delete this and the text above, and describe your gem
+
+## Installation
+
+Add this line to your application's Gemfile:
+
+```ruby
+gem 'omniauth-osso'
+```
+
+And then execute:
+
+    $ bundle
+
+Or install it yourself as:
+
+    $ gem install omniauth-osso
+
+## Usage
+
+TODO: Write usage instructions here
+
+## Development
+
+After checking out the repo, run `bin/setup` to install dependencies. You can also run `bin/console` for an interactive prompt that will allow you to experiment.
+
+To install this gem onto your local machine, run `bundle exec rake install`. To release a new version, update the version number in `version.rb`, and then run `bundle exec rake release`, which will create a git tag for the version, push git commits and tags, and push the `.gem` file to [rubygems.org](https://rubygems.org).
+
+## Contributing
+
+Bug reports and pull requests are welcome on GitHub at https://github.com/[USERNAME]/omniauth-osso.
+# omniauth-osso

data/Rakefile

@@ -0,0 +1,4 @@
+# frozen_string_literal: true
+
+require 'bundler/gem_tasks'
+task default: :spec

data/bin/console

@@ -0,0 +1,8 @@
+#!/usr/bin/env ruby
+# frozen_string_literal: true
+
+require 'bundler/setup'
+require 'omniauth_osso'
+
+require 'irb'
+IRB.start(__FILE__)

data/bin/setup

@@ -0,0 +1,6 @@
+#!/usr/bin/env bash
+set -euo pipefail
+IFS=$'\n\t'
+set -vx
+
+bundle install

data/lib/omniauth-osso/version.rb

@@ -0,0 +1,7 @@
+# frozen_string_literal: true
+
+module OmniAuth
+  module Osso
+    VERSION = '0.1.0'
+  end
+end

data/lib/omniauth/strategies/osso.rb

@@ -0,0 +1,69 @@
+# frozen_string_literal: true
+
+require 'omniauth-oauth2'
+require 'pry'
+
+module OmniAuth
+  module Strategies
+    # The main source for the Osso Omniauth Strategy
+    class Osso < OmniAuth::Strategies::OAuth2
+      include OmniAuth::Strategy
+
+      option :name, 'osso'
+      option :client_id, nil
+      option :client_secret, nil
+      option :client_options, { site: ENV['OSSO_BASE_URL'] }
+      option :authorize_params, { state: SecureRandom.hex(24) }
+      option :authorize_options, %i[state domain]
+      option :token_params, {}
+      option :token_options, []
+      option :auth_token_params, {}
+      option :provider_ignores_state, false
+
+      def authorize_params
+        params = options.authorize_params.merge(options_for('authorize')) || {}
+
+        raise StandardError if params[:domain].nil?
+
+        if OmniAuth.config.test_mode
+          @env ||= {}
+          @env['rack.session'] ||= {}
+        end
+
+        session['omniauth.state'] = params[:state]
+
+        params
+      end
+
+      uid { raw_info['id'] }
+
+      info do
+        {
+          email: raw_info['email']
+        }
+      end
+
+      extra do
+        {
+          idp: raw_info['idp']
+        }
+      end
+
+      def raw_info
+        @raw_info ||= access_token.get("/oauth/me?access_token=#{access_token.token}").parsed
+      end
+
+      protected
+
+      def options_for(option)
+        options_for = options.send(:"#{option}_options")
+        params_for = options.send(:"#{option}_params")
+
+        options_for.each_with_object({}) do |key, hash|
+          value = params_for[key] || options[key]
+          hash[key.to_sym] = value.respond_to?(:call) ? value.call : value
+        end
+      end
+    end
+  end
+end

data/lib/omniauth_osso.rb

@@ -0,0 +1,4 @@
+# frozen_string_literal: true
+
+require 'omniauth-osso/version'
+require 'omniauth/strategies/osso'

data/omniauth-osso.gemspec

@@ -0,0 +1,22 @@
+# frozen_string_literal: true
+
+require File.expand_path('lib/omniauth-osso/version', __dir__)
+
+Gem::Specification.new do |gem|
+  gem.authors       = ['Sam Bauch']
+  gem.email         = ['sbauch@gmail.com']
+  gem.description   = 'An OAuth 2.0 OmniAuth provider for Osso SSO.'
+  gem.summary       = gem.description
+  gem.homepage      = 'https://github.com/enterprise-oss/omniauth-osso'
+  gem.license       = 'MIT'
+
+  gem.add_dependency 'omniauth-oauth2', '~> 1.6.0'
+  gem.add_development_dependency 'bundler', '~> 2.1'
+
+  gem.executables   = `git ls-files -- bin/*`.split("\n").map { |f| File.basename(f) }
+  gem.files         = `git ls-files`.split("\n")
+  gem.test_files    = `git ls-files -- {test,spec,features}/*`.split("\n")
+  gem.name          = 'omniauth-osso'
+  gem.require_paths = ['lib']
+  gem.version       = OmniAuth::Osso::VERSION
+end

data/spec/omniauth/strategies/osso_spec.rb

@@ -0,0 +1,114 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+describe OmniAuth::Strategies::Osso do
+  let(:fresh_strategy) { Class.new(OmniAuth::Strategies::Osso) }
+
+  before do
+    OmniAuth.config.test_mode = true
+  end
+
+  after do
+    OmniAuth.config.test_mode = false
+  end
+
+  describe 'Subclassing Behavior' do
+    subject { fresh_strategy }
+
+    it 'performs the OmniAuth::Strategy included hook' do
+      expect(OmniAuth.strategies).to include(OmniAuth::Strategies::Osso)
+      expect(OmniAuth.strategies).to include(subject)
+    end
+  end
+
+  describe '#client' do
+    subject { fresh_strategy }
+
+    it 'is initialized with symbolized client_options' do
+      instance = subject.new(app, client_options: { 'authorize_url' => 'https://example.com' })
+      expect(instance.client.options[:authorize_url]).to eq('https://example.com')
+    end
+
+    it 'sets ssl options as connection options' do
+      instance = subject.new(app, client_options: { 'ssl' => { 'ca_path' => 'foo' } })
+      expect(instance.client.options[:connection_opts][:ssl]).to eq(ca_path: 'foo')
+    end
+  end
+
+  describe '#authorize_params' do
+    subject { fresh_strategy }
+
+    it 'includes the domain authorize param passed in the :authorize_params option' do
+      instance = subject.new('abc', 'def', authorize_params: { domain: 'bar.com' })
+      expect(instance.authorize_params['domain']).to eq('bar.com')
+    end
+
+    it 'includes top-level domain' do
+      instance = subject.new('abc', 'def', domain: 'bar.com')
+      expect(instance.authorize_params['domain']).to eq('bar.com')
+      expect(instance.authorize_params['state']).not_to be_empty
+    end
+
+    it 'includes random state in the authorize params' do
+      instance = subject.new('abc', 'def', authorize_params: { domain: 'bar.com' })
+      expect(instance.authorize_params.keys).to include('state')
+      expect(instance.session['omniauth.state']).not_to be_empty
+    end
+
+    it 'includes custom state in the authorize params' do
+      instance = subject.new('abc', 'def', authorize_params: { state: proc { 'qux' }, domain: 'foo.com' })
+      expect(instance.authorize_params.keys).to include('state')
+      expect(instance.session['omniauth.state']).to eq('qux')
+    end
+
+    it 'includes state and domain as authorize options' do
+      instance = subject.new('abc', 'def', domain: 'foo.com')
+      expect(instance.authorize_params.keys).to eq(%w[state domain])
+    end
+  end
+
+  describe '#token_params' do
+    subject { fresh_strategy }
+
+    it 'includes any authorize params passed in the :authorize_params option' do
+      instance = subject.new('abc', 'def', token_params: { foo: 'bar', baz: 'zip' })
+      expect(instance.token_params).to eq('foo' => 'bar', 'baz' => 'zip')
+    end
+
+    it 'includes top-level options that are marked as :authorize_options' do
+      instance = subject.new('abc', 'def', token_options: %i[scope foo], scope: 'bar', foo: 'baz')
+      expect(instance.token_params).to eq('scope' => 'bar', 'foo' => 'baz')
+    end
+  end
+
+  describe '#callback_phase' do
+    subject { fresh_strategy }
+    it 'calls fail with the client error received' do
+      instance = subject.new('abc', 'def')
+      allow(instance).to receive(:request) do
+        double('Request', params: { 'error_reason' => 'user_denied', 'error' => 'access_denied' })
+      end
+
+      expect(instance).to receive(:fail!).with('user_denied', anything)
+      instance.callback_phase
+    end
+  end
+end
+
+describe OmniAuth::Strategies::Osso::CallbackError do
+  let(:error) { Class.new(OmniAuth::Strategies::Osso::CallbackError) }
+  describe '#message' do
+    subject { error }
+    it 'includes all of the attributes' do
+      instance = subject.new('error', 'description', 'uri')
+      expect(instance.message).to match(/error/)
+      expect(instance.message).to match(/description/)
+      expect(instance.message).to match(/uri/)
+    end
+    it 'includes all of the attributes' do
+      instance = subject.new(nil, :symbol)
+      expect(instance.message).to eq('symbol')
+    end
+  end
+end

data/spec/spec_helper.rb

@@ -0,0 +1,45 @@
+# frozen_string_literal: true
+
+$LOAD_PATH.unshift File.expand_path(__dir__)
+$LOAD_PATH.unshift File.expand_path('../lib', __dir__)
+
+require 'omniauth_osso'
+
+require 'omniauth'
+require 'omniauth-oauth2'
+require 'rack/test'
+require 'rspec'
+require 'webmock/rspec'
+
+ENV['RACK_ENV'] = 'test'
+ENV['SESSION_SECRET'] = 'supersecret'
+
+module RSpecMixin
+  include Rack::Test::Methods
+
+  def app
+    Rack::Builder.new do
+      use OmniAuth::Test::PhonySession
+      use OmniAuth::Builder do
+        provider :osso, 'abc', 'def', client_options: { site: 'https://api.example.org' }, name: 'example.org'
+      end
+      run ->(env) { [404, { 'Content-Type' => 'text/plain' }, [env.key?('omniauth.auth').to_s]] }
+    end.to_app
+  end
+
+  def session
+    last_request.env['rack.session']
+  end
+
+  def last_json_response
+    JSON.parse(last_response.body, symbolize_names: true)
+  end
+end
+
+RSpec.configure do |config|
+  config.include RSpecMixin
+
+  # OmniAuth.config.test_mode = true
+  # OmniAuth.config.logger = Logger.new('/dev/null')
+  WebMock.disable_net_connect!(allow_localhost: true)
+end

metadata

@@ -0,0 +1,91 @@
+--- !ruby/object:Gem::Specification
+name: omniauth-osso
+version: !ruby/object:Gem::Version
+  version: 0.1.0
+platform: ruby
+authors:
+- Sam Bauch
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2020-05-01 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: omniauth-oauth2
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 1.6.0
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 1.6.0
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.1'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.1'
+description: An OAuth 2.0 OmniAuth provider for Osso SSO.
+email:
+- sbauch@gmail.com
+executables:
+- console
+- setup
+extensions: []
+extra_rdoc_files: []
+files:
+- ".gitignore"
+- ".rspec"
+- ".rubocop.yml"
+- Gemfile
+- Gemfile.lock
+- README.md
+- Rakefile
+- bin/console
+- bin/setup
+- lib/omniauth-osso/version.rb
+- lib/omniauth/strategies/osso.rb
+- lib/omniauth_osso.rb
+- omniauth-osso.gemspec
+- spec/omniauth/strategies/osso_spec.rb
+- spec/spec_helper.rb
+homepage: https://github.com/enterprise-oss/omniauth-osso
+licenses:
+- MIT
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.7.6.2
+signing_key: 
+specification_version: 4
+summary: An OAuth 2.0 OmniAuth provider for Osso SSO.
+test_files:
+- spec/omniauth/strategies/osso_spec.rb
+- spec/spec_helper.rb