omniauth-qualtrics 1.0.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: 4e547cc2a8845f20bfccd272c57e7f5fbe8e6461cd249e0221193dd0d5cba3b2
+  data.tar.gz: a4b5d6caee4fa545284f1e0135024e293a663dfc85c78d4282729fba8c0a037c
+SHA512:
+  metadata.gz: 495d24603adb303e8219efbd23cbf91279c85dfdd2a0d3fc1d399bde42a0139a9e303257cd825dc6d502f6a967f194cc72bac8fc3ca8126b8d720085e7625b9b
+  data.tar.gz: 5ccbb3f91ffb510beaafbb83ce5dd4e43780637fcf28229339ff73f3d95eca1a64da854cc12d77496794d128a47900332330f7b18e79fffbe1e6f17c9d598d1e

data/README.md

@@ -0,0 +1,167 @@
+# OmniAuth Qualtrics [![Build Status](https://travis-ci.org/atomicjolt/omniauth-qualtrics.svg?branch=master)](https://travis-ci.org/atomicjolt/omniauth-qualtrics)
+Gem to authenticate with Qualtrics via OAuth2
+
+# Setup
+Contact Qualtrics administrator to get an OAuth key and secret and OAuth endpoint
+https://api.qualtrics.com/instructions/docs/Instructions/oauth-authentication-authorization-code.md
+
+
+**NOTE**: you will need to set `env['rack.session']['oauth_site']` to the current
+Qualtrics instance that you wish to OAuth with. By default this is https://co1.qualtrics.com
+
+-- OR --
+
+to dynamically set the qualtrics site url do one of the following.
+
+## Standard setup
+
+```ruby
+use OmniAuth::Builder do
+  provider :qualtrics, 'qualtrics_key', 'qualtrics_secret', :setup => lambda{|env|
+    request = Rack::Request.new(env)
+    env['omniauth.strategy'].options[:client_options].site = env['rack.session']['oauth_site']
+  }
+end
+```
+
+## Setup with Devise
+
+```ruby
+config.omniauth :qualtrics, 'qualtrics_key', 'qualtrics_secret', :setup => lambda{|env|
+  request = Rack::Request.new(env)
+  env['omniauth.strategy'].options[:client_options].site = env['rack.session']['oauth_site']
+}
+```
+
+## Alternative Setup
+
+In this setup, you do not have to set `env['rack.session']['oauth_site']`
+
+```ruby
+Rails.application.config.middleware.use OmniAuth::Builder do
+  provider :qualtrics, APP_CONFIG['qualtrics_client_id'], APP_CONFIG['qualtrics_client_secret'],
+  {
+    :client_options => {
+      :site => APP_CONFIG['qualtrics_host']
+    }
+  }
+end
+```
+
+# State
+
+In most cases your application will need to restore state after handling the OAuth process
+with Qualtrics. Since many applications that integrate with Qualtrics will be launched via the LTI
+protocol inside of an iframe sessions may not be available. To restore application state the
+omniauth-qualtrics gem uses the "state" parameter provided by the LTI proctocol. You will need
+to add the following code to your application to take advantage of this functionality:
+
+
+Add the following initializer in `config/initializers/omniauth.rb`:
+
+```ruby
+OmniAuth.config.before_request_phase do |env|
+  request = Rack::Request.new(env)
+  state = "#{SecureRandom.hex(24)}#{DateTime.now.to_i}"
+  OauthState.create!(state: state, payload: request.params.to_json)
+  env["omniauth.strategy"].options[:authorize_params].state = state
+
+  # Bye default omniauth will store all params in the session. The code above
+  # stores the values in the database so we remove the values from the session
+  # since the amount of data in the original params object will overflow the
+  # allowed cookie size
+  env["rack.session"].delete("omniauth.params")
+end
+```
+
+Add the following middleware to `lib/middlware/oauth_state_middleware.rb`:
+
+```ruby
+class OauthStateMiddleware
+  def initialize(app)
+    @app = app
+  end
+
+  def call(env)
+    request = Rack::Request.new(env)
+    if request.params["state"] && request.params["code"]
+      if oauth_state = OauthState.find_by(state: request.params["state"])
+        # Restore the param from before the OAuth dance
+        state_params = JSON.parse(oauth_state.payload) || {}
+        state_params.each do |key, value|
+          request.update_param(key, value)
+        end
+        application_instance = ApplicationInstance.find_by(lti_key: state_params["oauth_consumer_key"])
+        env["qualtrics.url"] = application_instance.lti_consumer_uri
+        oauth_state.destroy
+      else
+        raise OauthStateMiddlewareException, "Invalid state in OAuth callback"
+      end
+    end
+    @app.call(env)
+  end
+end
+
+class OauthStateMiddlewareException < RuntimeError
+end
+```
+
+This middleware relies upon two models - OauthState and ApplicationInstance. OauthState is used to
+store relevant state before sending the user to Qualtrics to finish the OAuth. ApplicationInstance is
+model used in Atomic Jolt projects that is used to store the Qualtrics Url so that it can be reset in
+the environment. You don't need to implement the same model, but you will need to store the user's
+Qualtrics URL somewhere before sending the user to OAuth with Qualtrics. Change the following lines in the
+above code to recover the Qualtrics URL from where ever it is stored:
+
+```
+application_instance = ApplicationInstance.find_by(lti_key: state_params["oauth_consumer_key"])
+env["qualtrics.url"] = application_instance.lti_consumer_uri
+```
+
+The OauthState model looks like this:
+```
+class OauthState < ActiveRecord::Base
+  validates :state, presence: true, uniqueness: true
+end
+```
+
+With the following schema:
+```
+create_table "oauth_states", force: :cascade do |t|
+  t.string   "state"
+  t.text     "payload"
+  t.datetime "created_at", null: false
+  t.datetime "updated_at", null: false
+  t.index ["state"], name: "index_oauth_states_on_state", using: :btree
+end
+```
+
+Last, enable the middleware by adding the following to `config/application.rb`:
+
+```ruby
+# Middleware that can restore state after an OAuth request
+config.middleware.insert_before 0, "OauthStateMiddleware"
+```
+
+
+# License
+
+Copyright (C) 2012-2021  Atomic Jolt.
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.

data/Rakefile

@@ -0,0 +1,16 @@
+#!/usr/bin/env rake
+$: << File.dirname(__FILE__)
+
+require 'bundler'
+require 'rake'
+require 'rspec/core/rake_task'
+
+Bundler::GemHelper.install_tasks
+
+task :default => [:spec]
+task :test => [:spec]
+
+desc "run spec tests"
+RSpec::Core::RakeTask.new('spec') do |t|
+  t.pattern = 'spec/**/*_spec.rb'
+end

data/lib/omniauth-qualtrics.rb

@@ -0,0 +1,2 @@
+require "omniauth-qualtrics/version"
+require "omniauth/strategies/qualtrics"

data/lib/omniauth-qualtrics/version.rb

@@ -0,0 +1,5 @@
+module OmniAuth
+  module Qualtrics
+    VERSION = "1.0.0".freeze
+  end
+end

data/lib/omniauth/strategies/qualtrics.rb

@@ -0,0 +1,44 @@
+require "omniauth-oauth2"
+
+module OmniAuth
+  module Strategies
+    class Qualtrics < OmniAuth::Strategies::OAuth2
+
+      option :name, "qualtrics"
+
+      option :client_options,
+            site:          "https://co1.qualtrics.com",
+            authorize_url: "/oauth2/auth",
+            token_url:     "/oauth2/token"
+
+      # Qualtrics does use state but we want to control it rather than letting
+      # omniauth-oauth2 handle it.
+      option :provider_ignores_state, true
+
+      option :token_params, parse: :json
+
+      info do
+        {
+          "url" => access_token.client.site
+        }
+      end
+
+      # Override authorize_params so that we can be deliberate about the value for state
+      # and not use the session which is unavailable inside of an iframe for some
+      # browsers (ie Safari)
+      def authorize_params
+        # Only set state if it hasn't already been set
+        options.authorize_params[:state] ||= SecureRandom.hex(24)
+        params = options.authorize_params.merge(options_for("authorize"))
+        if OmniAuth.config.test_mode
+          @env ||= {}
+          @env["rack.session"] ||= {}
+        end
+        params
+      end
+
+    end
+  end
+end
+
+OmniAuth.config.add_camelization "qualtrics", "Qualtrics"

metadata

@@ -0,0 +1,131 @@
+--- !ruby/object:Gem::Specification
+name: omniauth-qualtrics
+version: !ruby/object:Gem::Version
+  version: 1.0.0
+platform: ruby
+authors:
+- Justin Ball
+autorequire:
+bindir: bin
+cert_chain: []
+date: 2021-04-07 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: omniauth
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.3'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.3'
+- !ruby/object:Gem::Dependency
+  name: omniauth-oauth2
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.4'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.4'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rack-test
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: byebug
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+description: OmniAuth Oauth2 strategy for Qualtrics.
+email: justin.ball@atomicjolt.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- README.md
+- Rakefile
+- lib/omniauth-qualtrics.rb
+- lib/omniauth-qualtrics/version.rb
+- lib/omniauth/strategies/qualtrics.rb
+homepage: https://github.com/atomicjolt/omniauth-qualtrics
+licenses:
+- MIT
+metadata: {}
+post_install_message:
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '2.0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubygems_version: 3.1.4
+signing_key:
+specification_version: 4
+summary: OmniAuth Oauth2 strategy for Qualtrics.
+test_files: []