omniauth-redmine-oauth2 0.1.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 29dc07377a60b0d0887f761b20d860bedbb14ab3
+  data.tar.gz: 6f6864ed841d365486abdcc44cf71454542fbf7a
+SHA512:
+  metadata.gz: 617d1574712a1ffb75671797185a8e4d0e8a452d6eff8ffad76fc2e81b63e95d5a228cd9b1c02af2fc839d1ba33713900d6b9d5c1e3cda4bee310060a9936f16
+  data.tar.gz: a2342137fe4aa6a79bb226c9ba3f10f7db3a1190d1ee73d0aa911c595ca5824b1134960e875e521a8b4556354009125b398d30cf91b0e7a34a0187651d92a8c9

data/Gemfile

@@ -0,0 +1,4 @@
+source 'https://rubygems.org'
+
+gemspec
+

data/Gemfile.lock

@@ -0,0 +1,71 @@
+PATH
+  remote: .
+  specs:
+    omniauth-redmine-oauth2 (0.1.0)
+      omniauth (~> 1.8)
+      omniauth-oauth2 (~> 1.5)
+
+GEM
+  remote: https://rubygems.org/
+  specs:
+    addressable (2.7.0)
+      public_suffix (>= 2.0.2, < 5.0)
+    crack (0.4.3)
+      safe_yaml (~> 1.0.0)
+    diff-lcs (1.4.4)
+    faraday (1.0.1)
+      multipart-post (>= 1.2, < 3)
+    hashdiff (1.0.1)
+    hashie (4.1.0)
+    jwt (2.2.2)
+    multi_json (1.15.0)
+    multi_xml (0.6.0)
+    multipart-post (2.1.1)
+    oauth2 (1.4.4)
+      faraday (>= 0.8, < 2.0)
+      jwt (>= 1.0, < 3.0)
+      multi_json (~> 1.3)
+      multi_xml (~> 0.5)
+      rack (>= 1.2, < 3)
+    omniauth (1.9.1)
+      hashie (>= 3.4.6)
+      rack (>= 1.6.2, < 3)
+    omniauth-oauth2 (1.7.0)
+      oauth2 (~> 1.4)
+      omniauth (~> 1.9)
+    public_suffix (4.0.5)
+    rack (2.2.3)
+    rack-test (1.1.0)
+      rack (>= 1.0, < 3)
+    rake (13.0.1)
+    rspec (3.9.0)
+      rspec-core (~> 3.9.0)
+      rspec-expectations (~> 3.9.0)
+      rspec-mocks (~> 3.9.0)
+    rspec-core (3.9.2)
+      rspec-support (~> 3.9.3)
+    rspec-expectations (3.9.2)
+      diff-lcs (>= 1.2.0, < 2.0)
+      rspec-support (~> 3.9.0)
+    rspec-mocks (3.9.1)
+      diff-lcs (>= 1.2.0, < 2.0)
+      rspec-support (~> 3.9.0)
+    rspec-support (3.9.3)
+    safe_yaml (1.0.5)
+    webmock (3.8.3)
+      addressable (>= 2.3.6)
+      crack (>= 0.3.2)
+      hashdiff (>= 0.4.0, < 2.0.0)
+
+PLATFORMS
+  ruby
+
+DEPENDENCIES
+  omniauth-redmine-oauth2!
+  rack-test
+  rake
+  rspec (~> 3.5)
+  webmock
+
+BUNDLED WITH
+   1.17.3

data/README.md

@@ -0,0 +1,59 @@
+# OAuth 2 OmniAuth strategy for Redmine
+
+Allows client applications to access Redmine resources. For now, you will need
+to apply [this patch](https://www.redmine.org/issues/24808).
+
+## Usage
+
+Add the Gem to your Gemfile. Exact usage depends on your environment, here are
+some examples:
+
+### Rails, plain OmniAuth
+
+In an initializer, do
+
+~~~ruby
+Rails.application.config.middleware.use OmniAuth::Builder do
+  provider :redmine_oauth2,
+    ENV['REDMINE_APP_ID'],
+    ENV['REDMINE_APP_SECRET'],
+    client_options: { site: 'https://redmine.yourcompany.com' },
+    scope: 'view_issues'
+end
+~~~
+
+### Rails, with Devise
+
+~~~ruby
+Devise.setup do |config|
+  config.omniauth :redmine_oauth2,
+    ENV['REDMINE_APP_ID'],
+    ENV['REDMINE_APP_SECRET'],
+    client_options: { site: 'https://redmine.yourcompany.com' },
+    scope: 'view_issues'
+end
+~~~
+
+
+
+## License
+
+Copyright (c) 2020 by Jens Kraemer, Planio GmbH
+
+Permission is hereby granted, free of charge, to any person obtaining a copy of
+this software and associated documentation files (the "Software"), to deal in
+the Software without restriction, including without limitation the rights to
+use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies
+of the Software, and to permit persons to whom the Software is furnished to do
+so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

data/Rakefile

@@ -0,0 +1,8 @@
+#!/usr/bin/env rake
+require "bundler/gem_tasks"
+require 'rspec/core/rake_task'
+
+RSpec::Core::RakeTask.new
+
+desc 'Run specs'
+task default: :spec

data/lib/omniauth-redmine-oauth2.rb

@@ -0,0 +1,2 @@
+require "omniauth/redmine_oauth2/version"
+require "omniauth/strategies/redmine_oauth2"

data/lib/omniauth/redmine_oauth2/version.rb

@@ -0,0 +1,7 @@
+# frozen_string_literal: true
+
+module OmniAuth
+  module RedmineOauth2
+    VERSION = '0.1.0'
+  end
+end

data/lib/omniauth/strategies/redmine_oauth2.rb

@@ -0,0 +1,56 @@
+# frozen_string_literal: true
+
+require "omniauth-oauth2"
+
+module OmniAuth
+  module Strategies
+    class RedmineOauth2 < OmniAuth::Strategies::OAuth2
+
+      USER_INFO_PATH = "users/current.json"
+
+      option :name, "redmine_oauth2"
+
+      option :client_options, {
+        site: "https://redmine.example.org",
+        authorize_url: "/oauth/authorize",
+        token_url: "/oauth/token"
+      }
+
+      uid { raw_info["id"] }
+
+      info do
+        {
+          email: email,
+          login: raw_info["login"],
+          last_name: raw_info["lastname"],
+          first_name: raw_info["firstname"]
+        }
+      end
+
+      extra do
+        { raw_info: raw_info, scope: scope }
+      end
+
+      def email
+        raw_info['mail']
+      end
+
+      def scope
+        access_token['scope']
+      end
+
+      def raw_info
+        access_token.options[:mode] = :header
+        @raw_info ||= access_token.get(USER_INFO_PATH).parsed['user']
+      end
+
+      private
+
+      # https://github.com/omniauth/omniauth-oauth2/issues/81
+      def callback_url
+        full_host + script_name + callback_path
+      end
+    end
+  end
+end
+

data/omniauth-redmine-oauth2.gemspec

@@ -0,0 +1,31 @@
+# frozen_string_literal: true
+
+require File.expand_path(
+  File.join('..', 'lib', 'omniauth', 'redmine_oauth2', 'version'),
+  __FILE__
+)
+
+Gem::Specification.new do |gem|
+  gem.name          = 'omniauth-redmine-oauth2'
+  gem.version       = OmniAuth::RedmineOauth2::VERSION
+  gem.license       = 'MIT'
+  gem.summary       = %(A Redmine OAuth2 strategy for OmniAuth 1.x)
+  gem.description   = %(A Redmine OAuth2 strategy for OmniAuth 1.x. This allows you to login to OAuth enabled Redmine with your Ruby app.)
+  gem.authors       = ['Jens Kraemer']
+  gem.email         = ['jens@planio.com']
+  gem.homepage      = 'https://github.com/planio-gmbh/omniauth-redmine-oauth2'
+
+  gem.files         = `git ls-files`.split("\n")
+  gem.require_paths = ['lib']
+
+  gem.required_ruby_version = '>= 2.4'
+
+  gem.add_runtime_dependency 'omniauth', '~> 1.8'
+  gem.add_runtime_dependency 'omniauth-oauth2', '~> 1.5'
+
+  gem.add_development_dependency 'rspec', '~> 3.5'
+  gem.add_development_dependency 'rake'
+  gem.add_development_dependency 'rack-test'
+  gem.add_development_dependency 'webmock'
+end
+

data/spec/omniauth/strategies/redmine_oauth2_spec.rb

@@ -0,0 +1,84 @@
+require 'spec_helper'
+
+describe OmniAuth::Strategies::RedmineOauth2 do
+  let(:access_token) { instance_double('AccessToken', :options => {}, :[] => 'view_issues') }
+  let(:parsed_response) { instance_double('ParsedResponse') }
+  let(:response) { instance_double('Response', :parsed => parsed_response) }
+
+  let(:redmine_site)          { 'https://some.redmine.com' }
+
+  subject do
+    OmniAuth::Strategies::RedmineOauth2.new('REDMINE_KEY', 'REDMINE_SECRET',
+        {
+            :client_options => {
+                :site => redmine_site
+            }
+        }
+    )
+  end
+
+  before(:each) do
+    allow(subject).to receive(:access_token).and_return(access_token)
+  end
+
+  context 'client options' do
+    it 'should have correct authorize url' do
+      expect(subject.options.client_options.authorize_url).to eq('/oauth/authorize')
+    end
+
+    it 'should have correct token url' do
+      expect(subject.options.client_options.token_url).to eq('/oauth/token')
+    end
+
+    it 'should have configured site' do
+      expect(subject.options.client_options.site).to eq(redmine_site)
+    end
+  end
+
+  context '#email' do
+    it 'should return email from raw_info if available' do
+      allow(subject).to receive(:raw_info).and_return({ 'mail' => 'you@example.com' })
+      expect(subject.email).to eq('you@example.com')
+    end
+  end
+
+  context '#raw_info' do
+    it 'should use relative paths' do
+      expect(access_token).to receive(:get).with('users/current.json').and_return(response)
+      expect(subject.raw_info).to eq(parsed_response)
+    end
+
+    it 'should use the header auth mode' do
+      expect(access_token).to receive(:get).with('users/current.json').and_return(response)
+      subject.raw_info
+      expect(access_token.options[:mode]).to eq(:header)
+    end
+  end
+
+  context '#info' do
+    it 'should contain email' do
+      allow(subject).to receive(:raw_info).and_return({ 'mail' => 'you@example.com' })
+      expect(subject.info[:email]).to eq('you@example.com')
+    end
+    it 'should contain login' do
+      allow(subject).to receive(:raw_info).and_return({ 'login' => 'bob' })
+      expect(subject.info[:login]).to eq('bob')
+    end
+  end
+
+  context '#extra.scope' do
+    it 'returns the scope on the returned access_token' do
+      expect(subject.scope).to eq('view_issues')
+    end
+  end
+
+  describe '#callback_url' do
+    it 'is a combination of host, script name, and callback path' do
+      allow(subject).to receive(:full_host).and_return('https://example.com')
+      allow(subject).to receive(:script_name).and_return('/sub_uri')
+
+      expect(subject.send :callback_url).to eq('https://example.com/sub_uri/auth/redmine_oauth2/callback')
+    end
+  end
+end
+

data/spec/spec_helper.rb

@@ -0,0 +1,16 @@
+$:.unshift File.expand_path('..', __FILE__)
+$:.unshift File.expand_path('../../lib', __FILE__)
+
+require 'rspec'
+require 'rack/test'
+require 'webmock/rspec'
+require 'omniauth'
+require 'omniauth-redmine-oauth2'
+
+RSpec.configure do |config|
+  config.include WebMock::API
+  config.include Rack::Test::Methods
+  config.extend  OmniAuth::Test::StrategyMacros, type: :strategy
+end
+
+

metadata

@@ -0,0 +1,139 @@
+--- !ruby/object:Gem::Specification
+name: omniauth-redmine-oauth2
+version: !ruby/object:Gem::Version
+  version: 0.1.0
+platform: ruby
+authors:
+- Jens Kraemer
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2020-08-24 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: omniauth
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.8'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.8'
+- !ruby/object:Gem::Dependency
+  name: omniauth-oauth2
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.5'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.5'
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.5'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.5'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rack-test
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: webmock
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+description: A Redmine OAuth2 strategy for OmniAuth 1.x. This allows you to login
+  to OAuth enabled Redmine with your Ruby app.
+email:
+- jens@planio.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- Gemfile
+- Gemfile.lock
+- README.md
+- Rakefile
+- lib/omniauth-redmine-oauth2.rb
+- lib/omniauth/redmine_oauth2/version.rb
+- lib/omniauth/strategies/redmine_oauth2.rb
+- omniauth-redmine-oauth2.gemspec
+- spec/omniauth/strategies/redmine_oauth2_spec.rb
+- spec/spec_helper.rb
+homepage: https://github.com/planio-gmbh/omniauth-redmine-oauth2
+licenses:
+- MIT
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '2.4'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.6.14.4
+signing_key: 
+specification_version: 4
+summary: A Redmine OAuth2 strategy for OmniAuth 1.x
+test_files: []