omniauth-outrightmental 0.1.0

data/.gitignore

@@ -0,0 +1,17 @@
+*.gem
+*.rbc
+.bundle
+.config
+.yardoc
+Gemfile.lock
+InstalledFiles
+_yardoc
+coverage
+doc/
+lib/bundler/man
+/pkg
+rdoc
+spec/reports
+test/tmp
+test/version_tmp
+tmp

data/.rspec

@@ -0,0 +1 @@
+--colour

data/Gemfile

@@ -0,0 +1,13 @@
+source 'http://rubygems.org'
+
+# Specify your gem's dependencies in omniauth-outrightmental.gemspec
+gemspec
+
+group :development, :test do
+  gem 'guard'
+  gem 'guard-rspec'
+  gem 'guard-bundler'
+  gem 'rb-fsevent'
+  gem 'growl'
+  gem 'rake'
+end

data/Guardfile

@@ -0,0 +1,10 @@
+guard 'rspec', :version => 2 do
+  watch(%r{^spec/.+_spec\.rb$})
+  watch(%r{^lib/(.+)\.rb$})     { |m| "spec/#{m[1]}_spec.rb" }
+  watch('spec/spec_helper.rb')  { "spec" }
+end
+
+guard 'bundler' do
+  watch('Gemfile')
+  watch('omniauth-outrightmental.gemspec')
+end

data/LICENSE.txt

@@ -0,0 +1,7 @@
+Copyright (c) 2011 Michael Bleigh and Intridea, Inc.
+
+Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -0,0 +1,32 @@
+[![Build Status](https://travis-ci.org/outrightmental/omniauth-outrightmental.svg)](https://travis-ci.org/outrightmental/omniauth-outrightmental)
+
+# OmniAuth: Outright Mental Inc.
+
+This is the official OmniAuth strategy for authenticating to Outright Mental Inc. To use it, you'll need to have a partner account- probably because we're building something together. Then just sign in and create an OAuth2 Application ID and Secret
+on the [Applications Page](https://ont.io/#/settings/applications).
+
+## Basic Usage
+
+    use OmniAuth::Builder do
+      provider :outrightmental, ENV['OUTRIGHTMENTAL_KEY'], ENV['OUTRIGHTMENTAL_SECRET']
+    end
+
+## Scopes
+
+Outright Mental Inc. API lets you set scopes to provide granular access to different types of data: 
+
+	use OmniAuth::Builder do
+      provider :outrightmental, ENV['OUTRIGHTMENTAL_KEY'], ENV['OUTRIGHTMENTAL_SECRET'], scope: "identity,account,contact"
+    end
+
+More info on [Scopes](https://ont.io/apidoc/#scopes).
+
+## License
+
+Copyright (c) 2015 Outright Mental Inc.
+
+Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/Rakefile

@@ -0,0 +1,8 @@
+#!/usr/bin/env rake
+require "bundler/gem_tasks"
+require 'rspec/core/rake_task'
+
+RSpec::Core::RakeTask.new
+
+desc 'Run specs'
+task :default => :spec

data/lib/omniauth/strategies/outrightmental.rb

@@ -0,0 +1,76 @@
+require 'omniauth-oauth2'
+
+module OmniAuth
+  module Strategies
+    class OutrightMental < OmniAuth::Strategies::OAuth2
+      option :client_options, {
+        :site => 'https://ont.io/api',
+        :authorize_url => 'https://ont.io/login/oauth/authorize',
+        :token_url => 'https://ont.io/login/oauth/access_token'
+      }
+
+      def request_phase
+        super
+      end
+
+      def authorize_params
+        super.tap do |params|
+          %w[scope client_options].each do |v|
+            if request.params[v]
+              params[v.to_sym] = request.params[v]
+            end
+          end
+        end
+      end
+
+      uid { raw_info['id'].to_s }
+
+      info do
+        {
+          'nickname' => raw_info['login'],
+          'email' => email,
+          'name' => raw_info['name'],
+          'image' => raw_info['avatar_url'],
+          'urls' => {
+            'OutrightMental' => raw_info['html_url'],
+            'Blog' => raw_info['blog'],
+          },
+        }
+      end
+
+      extra do
+        {:raw_info => raw_info}
+      end
+
+      def raw_info
+        access_token.options[:mode] = :query
+        @raw_info ||= access_token.get('user').parsed
+      end
+
+      def email
+        (email_access_allowed?) ? primary_email : raw_info['email']
+      end
+
+      def primary_email
+        primary = emails.find{|i| i['primary'] }
+        primary && primary['email'] || emails.first && emails.first['email']
+      end
+
+      # The new /user/emails API - https://ont.io/apidoc/#future-response
+      def emails
+        return [] unless email_access_allowed?
+        access_token.options[:mode] = :query
+        @emails ||= access_token.get('user/emails', :headers => { 'Accept' => 'application/vnd.outrightmental.v1' }).parsed
+      end
+
+      def email_access_allowed?
+        return false unless options['scope']
+        email_scopes = ['user', 'user:email']
+        scopes = options['scope'].split(',')
+        (scopes & email_scopes).any?
+      end
+    end
+  end
+end
+
+OmniAuth.config.add_camelization 'outrightmental', 'OutrightMental'

data/lib/omniauth-outrightmental/version.rb

@@ -0,0 +1,5 @@
+module OmniAuth
+  module OutrightMental
+    VERSION = "0.1.0"
+  end
+end

data/lib/omniauth-outrightmental.rb

@@ -0,0 +1,2 @@
+require "omniauth-outrightmental/version"
+require 'omniauth/strategies/outrightmental'

data/omniauth-outrightmental.gemspec

@@ -0,0 +1,27 @@
+# -*- encoding: utf-8 -*-
+require File.expand_path('../lib/omniauth-outrightmental/version', __FILE__)
+
+Gem::Specification.new do |gem|
+  gem.authors       = ["Outright Mental Inc."]
+  gem.email         = ["charney@ont.io"]
+  gem.description   = %q{Official OmniAuth strategy for Outright Mental Inc.}
+  gem.summary       = %q{Official OmniAuth strategy for Outright Mental Inc.}
+  gem.homepage      = "https://github.com/outrightmental/omniauth-outrightmental"
+  gem.license       = "MIT"
+
+  gem.executables   = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) }
+  gem.files         = `git ls-files`.split("\n")
+  gem.test_files    = `git ls-files -- {test,spec,features}/*`.split("\n")
+  gem.name          = "omniauth-outrightmental"
+  gem.require_paths = ["lib"]
+  gem.version       = OmniAuth::OutrightMental::VERSION
+
+  gem.add_dependency 'omniauth', '~> 1.0'
+  # Nothing lower than omniauth-oauth2 1.1.1
+  # http://www.rubysec.com/advisories/CVE-2012-6134/
+  gem.add_dependency 'omniauth-oauth2', '>= 1.1.1', '< 2.0'
+  gem.add_development_dependency 'rspec', '~> 2.7'
+  gem.add_development_dependency 'rack-test'
+  gem.add_development_dependency 'simplecov'
+  gem.add_development_dependency 'webmock'
+end

data/spec/omniauth/strategies/outrightmental_spec.rb

@@ -0,0 +1,142 @@
+require 'spec_helper'
+
+describe OmniAuth::Strategies::OutrightMental do
+  let(:access_token) { double('AccessToken', :options => {}) }
+  let(:parsed_response) { double('ParsedResponse') }
+  let(:response) { double('Response', :parsed => parsed_response) }
+
+  let(:enterprise_site)          { 'https://some.other.site.com/api/v3' }
+  let(:enterprise_authorize_url) { 'https://some.other.site.com/login/oauth/authorize' }
+  let(:enterprise_token_url)     { 'https://some.other.site.com/login/oauth/access_token' }
+  let(:enterprise) do
+    OmniAuth::Strategies::OutrightMental.new('OUTRIGHTMENTAL_KEY', 'OUTRIGHTMENTAL_SECRET',
+        {
+            :client_options => {
+                :site => enterprise_site,
+                :authorize_url => enterprise_authorize_url,
+                :token_url => enterprise_token_url
+            }
+        }
+    )
+  end
+
+  subject do
+    OmniAuth::Strategies::OutrightMental.new({})
+  end
+
+  before(:each) do
+    subject.stub(:access_token).and_return(access_token)
+  end
+
+  context "client options" do
+    it 'should have correct site' do
+      subject.options.client_options.site.should eq("https://ont.io/api")
+    end
+
+    it 'should have correct authorize url' do
+      subject.options.client_options.authorize_url.should eq('https://ont.io/login/oauth/authorize')
+    end
+
+    it 'should have correct token url' do
+      subject.options.client_options.token_url.should eq('https://ont.io/login/oauth/access_token')
+    end
+
+    describe "should be overrideable" do
+      it "for site" do
+        enterprise.options.client_options.site.should eq(enterprise_site)
+      end
+
+      it "for authorize url" do
+        enterprise.options.client_options.authorize_url.should eq(enterprise_authorize_url)
+      end
+
+      it "for token url" do
+        enterprise.options.client_options.token_url.should eq(enterprise_token_url)
+      end
+    end
+  end
+
+  context "#email_access_allowed?" do
+    it "should not allow email if scope is nil" do
+      subject.options['scope'].should be_nil
+      subject.should_not be_email_access_allowed
+    end
+
+    it "should allow email if scope is user" do
+      subject.options['scope'] = 'user'
+      subject.should be_email_access_allowed
+    end
+
+    it "should allow email if scope is a bunch of stuff including user" do
+      subject.options['scope'] = 'public_repo,user,repo,delete_repo,gist'
+      subject.should be_email_access_allowed
+    end
+
+    it "should not allow email if scope does not grant email access" do
+      subject.options['scope'] = 'repo,user:follow'
+      subject.should_not be_email_access_allowed
+    end
+
+    it "should assume email access not allowed if scope is something currently not documented " do
+      subject.options['scope'] = 'currently_not_documented'
+      subject.should_not be_email_access_allowed
+    end
+  end
+
+  context "#email" do
+    it "should return email from raw_info if available" do
+      subject.stub(:raw_info).and_return({'email' => 'you@example.com'})
+      subject.email.should eq('you@example.com')
+    end
+
+    it "should return nil if there is no raw_info and email access is not allowed" do
+      subject.stub(:raw_info).and_return({})
+      subject.email.should be_nil
+    end
+
+    it "should return the primary email if there is no raw_info and email access is allowed" do
+      emails = [
+        { 'email' => 'secondary@example.com', 'primary' => false },
+        { 'email' => 'primary@example.com',   'primary' => true }
+      ]
+      subject.stub(:raw_info).and_return({})
+      subject.options['scope'] = 'user'
+      subject.stub(:emails).and_return(emails)
+      subject.email.should eq('primary@example.com')
+    end
+
+    it "should return the first email if there is no raw_info and email access is allowed" do
+      emails = [
+        { 'email' => 'first@example.com',   'primary' => false },
+        { 'email' => 'second@example.com',  'primary' => false }
+      ]
+      subject.stub(:raw_info).and_return({})
+      subject.options['scope'] = 'user'
+      subject.stub(:emails).and_return(emails)
+      subject.email.should eq('first@example.com')
+    end
+  end
+
+  context "#raw_info" do
+    it "should use relative paths" do
+      access_token.should_receive(:get).with('user').and_return(response)
+      subject.raw_info.should eq(parsed_response)
+    end
+  end
+
+  context "#emails" do
+    it "should use relative paths" do
+      access_token.should_receive(:get).with('user/emails', :headers=>{"Accept"=>"application/vnd.outrightmental.v1"}).and_return(response)
+      subject.options['scope'] = 'user'
+      subject.emails.should eq(parsed_response)
+    end
+  end
+
+  context '#info.urls' do
+    it 'should use html_url from raw_info' do
+      subject.stub(:raw_info).and_return({ 'login' => 'me', 'html_url' => 'http://enterprise/me' })
+      subject.info['urls']['OutrightMental'].should == 'http://enterprise/me'
+    end
+  end
+
+end

data/spec/spec_helper.rb

@@ -0,0 +1,16 @@
+$:.unshift File.expand_path('..', __FILE__)
+$:.unshift File.expand_path('../../lib', __FILE__)
+require 'simplecov'
+SimpleCov.start
+require 'rspec'
+require 'rack/test'
+require 'webmock/rspec'
+require 'omniauth'
+require 'omniauth-outrightmental'
+
+RSpec.configure do |config|
+  config.include WebMock::API
+  config.include Rack::Test::Methods
+  config.extend  OmniAuth::Test::StrategyMacros, :type => :strategy
+end
+

metadata

@@ -0,0 +1,161 @@
+--- !ruby/object:Gem::Specification
+name: omniauth-outrightmental
+version: !ruby/object:Gem::Version
+  version: 0.1.0
+  prerelease: 
+platform: ruby
+authors:
+- Outright Mental Inc.
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2015-05-14 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: omniauth
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '1.0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '1.0'
+- !ruby/object:Gem::Dependency
+  name: omniauth-oauth2
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: 1.1.1
+    - - <
+      - !ruby/object:Gem::Version
+        version: '2.0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: 1.1.1
+    - - <
+      - !ruby/object:Gem::Version
+        version: '2.0'
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '2.7'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '2.7'
+- !ruby/object:Gem::Dependency
+  name: rack-test
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: simplecov
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: webmock
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+description: Official OmniAuth strategy for Outright Mental Inc.
+email:
+- charney@ont.io
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- .gitignore
+- .rspec
+- Gemfile
+- Guardfile
+- LICENSE.txt
+- README.md
+- Rakefile
+- lib/omniauth-outrightmental.rb
+- lib/omniauth-outrightmental/version.rb
+- lib/omniauth/strategies/outrightmental.rb
+- omniauth-outrightmental.gemspec
+- spec/omniauth/strategies/outrightmental_spec.rb
+- spec/spec_helper.rb
+homepage: https://github.com/outrightmental/omniauth-outrightmental
+licenses:
+- MIT
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 1.8.23
+signing_key: 
+specification_version: 3
+summary: Official OmniAuth strategy for Outright Mental Inc.
+test_files: []