omniauth-rightsignature 0.0.1 → 0.0.2

data/lib/omniauth/builder.rb

@@ -0,0 +1,62 @@
+module OmniAuth
+  class Builder < ::Rack::Builder
+    def initialize(app, &block)
+      @options = nil
+      if rack14?
+        super
+      else
+        @app = app
+        super(&block)
+        @ins << @app
+      end
+    end
+
+    def rack14?
+      Rack.release.split('.')[1].to_i >= 4
+    end
+
+    def on_failure(&block)
+      OmniAuth.config.on_failure = block
+    end
+
+    def before_options_phase(&block)
+      OmniAuth.config.before_options_phase = block
+    end
+
+    def before_request_phase(&block)
+      OmniAuth.config.before_request_phase = block
+    end
+
+    def before_callback_phase(&block)
+      OmniAuth.config.before_callback_phase = block
+    end
+
+    def configure(&block)
+      OmniAuth.configure(&block)
+    end
+
+    def options(options = false)
+      return @options || {} if options == false
+      @options = options
+    end
+
+    def provider(klass, *args, &block)
+      if klass.is_a?(Class)
+        middleware = klass
+      else
+        begin
+          middleware = OmniAuth::Strategies.const_get("#{OmniAuth::Utils.camelize(klass.to_s)}")
+        rescue NameError
+          raise(LoadError.new("Could not find matching strategy for #{klass.inspect}. You may need to install an additional gem (such as omniauth-#{klass})."))
+        end
+      end
+
+      args.last.is_a?(Hash) ? args.push(options.merge(args.pop)) : args.push(options)
+      use middleware, *args, &block
+    end
+
+    def call(env)
+      to_app.call(env)
+    end
+  end
+end

data/lib/omniauth/failure_endpoint.rb

@@ -0,0 +1,44 @@
+module OmniAuth
+  # This simple Rack endpoint that serves as the default
+  # 'failure' mechanism for OmniAuth. If a strategy fails for
+  # any reason this endpoint will be invoked. The default behavior
+  # is to redirect to `/auth/failure` except in the case of
+  # a development `RACK_ENV`, in which case an exception will
+  # be raised.
+  class FailureEndpoint
+    attr_reader :env
+
+    def self.call(env)
+      new(env).call
+    end
+
+    def initialize(env)
+      @env = env
+    end
+
+    def call
+      raise_out! if OmniAuth.config.failure_raise_out_environments.include?(ENV['RACK_ENV'].to_s)
+      redirect_to_failure
+    end
+
+    def raise_out!
+      fail(env['omniauth.error'] || OmniAuth::Error.new(env['omniauth.error.type']))
+    end
+
+    def redirect_to_failure
+      message_key = env['omniauth.error.type']
+      new_path = "#{env['SCRIPT_NAME']}#{OmniAuth.config.path_prefix}/failure?message=#{message_key}#{origin_query_param}#{strategy_name_query_param}"
+      Rack::Response.new(['302 Moved'], 302, 'Location' => new_path).finish
+    end
+
+    def strategy_name_query_param
+      return '' unless env['omniauth.error.strategy']
+      "&strategy=#{env['omniauth.error.strategy'].name}"
+    end
+
+    def origin_query_param
+      return '' unless env['omniauth.origin']
+      "&origin=#{Rack::Utils.escape(env['omniauth.origin'])}"
+    end
+  end
+end

data/lib/omniauth/form.css

@@ -0,0 +1,81 @@
+body {
+  background: #ccc;
+  font-family: "Lucida Grande", "Lucida Sans", Helvetica, Arial, sans-serif;
+}
+
+h1 {
+  text-align: center;
+  margin: 30px auto 0px;
+  font-size: 18px;
+  padding: 10px 10px 15px;
+  background: #555;
+  color: white;
+  width: 320px;
+  border: 10px solid #444;
+  border-bottom: 0;
+  -moz-border-radius-topleft: 10px;
+  -moz-border-radius-topright: 10px;
+  -webkit-border-top-left-radius: 10px;
+  -webkit-border-top-right-radius: 10px;
+  border-top-left-radius: 10px;
+  border-top-right-radius: 10px;
+}
+
+h1, form {
+  -moz-box-shadow: 2px 2px 7px rgba(0,0,0,0.3);
+  -webkit-box-shadow: 2px 2px 7px rgba(0,0,0,0.3);
+}
+
+form {
+  background: white;
+  border: 10px solid #eee;
+  border-top: 0;
+  padding: 20px;
+  margin: 0px auto 40px;
+  width: 300px;
+  -moz-border-radius-bottomleft: 10px;
+  -moz-border-radius-bottomright: 10px;
+  -webkit-border-bottom-left-radius: 10px;
+  -webkit-border-bottom-right-radius: 10px;
+  border-bottom-left-radius: 10px;
+  border-bottom-right-radius: 10px;
+}
+
+label {
+  display: block;
+  font-weight: bold;
+  margin-bottom: 5px;
+}
+
+input {
+  font-size: 18px;
+  padding: 4px 8px;
+  display: block;
+  margin-bottom: 10px;
+  width: 280px;
+}
+
+input#identifier, input#openid_url {
+  background: url(http://openid.net/login-bg.gif) no-repeat;
+  background-position: 0 50%;
+  padding-left: 18px;
+}
+
+button {
+  font-size: 22px;
+  padding: 4px 8px;
+  display: block;
+  margin: 20px auto 0;
+}
+
+fieldset {
+  border: 1px solid #ccc;
+  border-left: 0;
+  border-right: 0;
+  padding: 10px 0;
+}
+
+fieldset input {
+  width: 260px;
+  font-size: 16px;
+}

data/lib/omniauth/form.rb

@@ -0,0 +1,111 @@
+module OmniAuth
+  class Form # rubocop:disable ClassLength
+    DEFAULT_CSS = File.read(File.expand_path('../form.css', __FILE__))
+
+    attr_accessor :options
+
+    def initialize(options = {})
+      options[:title] ||= 'Authentication Info Required'
+      options[:header_info] ||= ''
+      self.options = options
+
+      @html = ''
+      @with_custom_button = false
+      @footer = nil
+      header(options[:title], options[:header_info])
+    end
+
+    def self.build(options = {}, &block)
+      form = OmniAuth::Form.new(options)
+      if block.arity > 0
+        yield form
+      else
+        form.instance_eval(&block)
+      end
+      form
+    end
+
+    def label_field(text, target)
+      @html << "\n<label for='#{target}'>#{text}:</label>"
+      self
+    end
+
+    def input_field(type, name)
+      @html << "\n<input type='#{type}' id='#{name}' name='#{name}'/>"
+      self
+    end
+
+    def text_field(label, name)
+      label_field(label, name)
+      input_field('text', name)
+      self
+    end
+
+    def password_field(label, name)
+      label_field(label, name)
+      input_field('password', name)
+      self
+    end
+
+    def button(text)
+      @with_custom_button = true
+      @html << "\n<button type='submit'>#{text}</button>"
+    end
+
+    def html(html)
+      @html << html
+    end
+
+    def fieldset(legend, options = {}, &block)
+      @html << "\n<fieldset#{" style='#{options[:style]}'" if options[:style]}#{" id='#{options[:id]}'" if options[:id]}>\n  <legend>#{legend}</legend>\n"
+      instance_eval(&block)
+      @html << "\n</fieldset>"
+      self
+    end
+
+    def header(title, header_info)
+      @html << <<-HTML
+      <!DOCTYPE html>
+      <html>
+      <head>
+        <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
+        <title>#{title}</title>
+        #{css}
+        #{header_info}
+      </head>
+      <body>
+      <h1>#{title}</h1>
+      <form method='post' #{"action='#{options[:url]}' " if options[:url]}noValidate='noValidate'>
+      HTML
+      self
+    end
+
+    def footer
+      return self if @footer
+      @html << "\n<button type='submit'>Connect</button>" unless @with_custom_button
+      @html << <<-HTML
+      </form>
+      </body>
+      </html>
+      HTML
+      @footer = true
+      self
+    end
+
+    def to_html
+      footer
+      @html
+    end
+
+    def to_response
+      footer
+      Rack::Response.new(@html, 200, 'content-type' => 'text/html').finish
+    end
+
+  protected
+
+    def css
+      "\n<style type='text/css'>#{OmniAuth.config.form_css}</style>"
+    end
+  end
+end

data/lib/omniauth/rightsignature/version.rb

@@ -0,0 +1,5 @@
+module OmniAuth
+	module Rightsignature
+		VERSION = "0.0.2"
+	end
+end

data/lib/omniauth/strategies/rightsignature.rb

@@ -0,0 +1,44 @@
+# oa-oauth/lib/omniauth/strategies/rdio.rb
+require 'omniauth-oauth'
+require 'multi_json'
+
+module OmniAuth
+  module Strategies
+    #
+    # Authenticate to RightSignature via OAuth and retrieve basic user information.
+    # Usage:
+    #    use OmniAuth::Strategies::RightSignature, 'consumerkey', 'consumersecret'
+    #
+    class Rightsignature < OmniAuth::Strategies::OAuth
+      args [:consumer_key, :consumer_secret]
+      option :client_options, {
+        :site               => 'https://rightsignature.com',
+        :request_token_path => '/oauth/request_token',
+        :access_token_path  => '/oauth/access_token',
+        :authorize_url      => 'https://rightsignature.com/oauth/authorize' 
+      }
+      option :name, 'rightsignature'
+      
+      #raise 'Error'
+      uid {access_token.params['user_id']}
+      
+      info do
+        {
+          :name => raw_info['name'],
+          :email => raw_info['email']
+        }  
+      end  
+
+      extra do
+        {
+          'raw_info' => raw_info
+        }
+      end
+
+      def raw_info
+        @raw_info ||= MultiJson.decode(access_token.get('https://rightsignature.com/api/users/user_details.json').body)
+           
+      end  
+    end
+  end
+end

data/lib/omniauth/strategy.rb

@@ -0,0 +1,501 @@
+require 'hashie/mash'
+
+module OmniAuth
+  class NoSessionError < StandardError; end
+  # The Strategy is the base unit of OmniAuth's ability to
+  # wrangle multiple providers. Each strategy provided by
+  # OmniAuth includes this mixin to gain the default functionality
+  # necessary to be compatible with the OmniAuth library.
+  module Strategy
+    def self.included(base)
+      OmniAuth.strategies << base
+
+      base.extend ClassMethods
+      base.class_eval do
+        option :setup, false
+        option :skip_info, false
+      end
+    end
+
+    module ClassMethods
+      # Returns an inherited set of default options set at the class-level
+      # for each strategy.
+      def default_options
+        return @default_options if instance_variable_defined?(:@default_options) && @default_options
+        existing = superclass.respond_to?(:default_options) ? superclass.default_options : {}
+        @default_options = OmniAuth::Strategy::Options.new(existing)
+      end
+
+      # This allows for more declarative subclassing of strategies by allowing
+      # default options to be set using a simple configure call.
+      #
+      # @param options [Hash] If supplied, these will be the default options (deep-merged into the superclass's default options).
+      # @yield [Options] The options Mash that allows you to set your defaults as you'd like.
+      #
+      # @example Using a yield to configure the default options.
+      #
+      #   class MyStrategy
+      #     include OmniAuth::Strategy
+      #
+      #     configure do |c|
+      #       c.foo = 'bar'
+      #     end
+      #   end
+      #
+      # @example Using a hash to configure the default options.
+      #
+      #   class MyStrategy
+      #     include OmniAuth::Strategy
+      #     configure foo: 'bar'
+      #   end
+      def configure(options = nil)
+        if block_given?
+          yield default_options
+        else
+          default_options.deep_merge!(options)
+        end
+      end
+
+      # Directly declare a default option for your class. This is a useful from
+      # a documentation perspective as it provides a simple line-by-line analysis
+      # of the kinds of options your strategy provides by default.
+      #
+      # @param name [Symbol] The key of the default option in your configuration hash.
+      # @param value [Object] The value your object defaults to. Nil if not provided.
+      #
+      # @example
+      #
+      #   class MyStrategy
+      #     include OmniAuth::Strategy
+      #
+      #     option :foo, 'bar'
+      #     option
+      #   end
+      def option(name, value = nil)
+        default_options[name] = value
+      end
+
+      # Sets (and retrieves) option key names for initializer arguments to be
+      # recorded as. This takes care of 90% of the use cases for overriding
+      # the initializer in OmniAuth Strategies.
+      def args(args = nil)
+        if args
+          @args = Array(args)
+          return
+        end
+        existing = superclass.respond_to?(:args) ? superclass.args : []
+        (instance_variable_defined?(:@args) && @args) || existing
+      end
+
+      %w(uid info extra credentials).each do |fetcher|
+        class_eval <<-RUBY
+          def #{fetcher}(&block)
+            return @#{fetcher}_proc unless block_given?
+            @#{fetcher}_proc = block
+          end
+
+          def #{fetcher}_stack(context)
+            compile_stack(self.ancestors, :#{fetcher}, context)
+          end
+        RUBY
+      end
+
+      def compile_stack(ancestors, method, context)
+        stack = ancestors.inject([]) do |a, ancestor|
+          a << context.instance_eval(&ancestor.send(method)) if ancestor.respond_to?(method) && ancestor.send(method)
+          a
+        end
+        stack.reverse!
+      end
+    end
+
+    attr_reader :app, :env, :options, :response
+
+    # Initializes the strategy by passing in the Rack endpoint,
+    # the unique URL segment name for this strategy, and any
+    # additional arguments. An `options` hash is automatically
+    # created from the last argument if it is a hash.
+    #
+    # @param app [Rack application] The application on which this middleware is applied.
+    #
+    # @overload new(app, options = {})
+    #   If nothing but a hash is supplied, initialized with the supplied options
+    #   overriding the strategy's default options via a deep merge.
+    # @overload new(app, *args, options = {})
+    #   If the strategy has supplied custom arguments that it accepts, they may
+    #   will be passed through and set to the appropriate values.
+    #
+    # @yield [Options] Yields options to block for further configuration.
+    def initialize(app, *args, &block) # rubocop:disable UnusedMethodArgument
+      @app = app
+      @env = nil
+      @options = self.class.default_options.dup
+
+      options.deep_merge!(args.pop) if args.last.is_a?(Hash)
+      options.name ||= self.class.to_s.split('::').last.downcase
+
+      self.class.args.each do |arg|
+        break if args.empty?
+        options[arg] = args.shift
+      end
+
+      # Make sure that all of the args have been dealt with, otherwise error out.
+      fail(ArgumentError.new("Received wrong number of arguments. #{args.inspect}")) unless args.empty?
+
+      yield options if block_given?
+    end
+
+    def inspect
+      "#<#{self.class}>"
+    end
+
+    # Direct access to the OmniAuth logger, automatically prefixed
+    # with this strategy's name.
+    #
+    # @example
+    #   log :warn, "This is a warning."
+    def log(level, message)
+      OmniAuth.logger.send(level, "(#{name}) #{message}")
+    end
+
+    # Duplicates this instance and runs #call! on it.
+    # @param [Hash] The Rack environment.
+    def call(env)
+      dup.call!(env)
+    end
+
+    # The logic for dispatching any additional actions that need
+    # to be taken. For instance, calling the request phase if
+    # the request path is recognized.
+    #
+    # @param env [Hash] The Rack environment.
+    def call!(env) # rubocop:disable CyclomaticComplexity, PerceivedComplexity
+      unless env['rack.session']
+        error = OmniAuth::NoSessionError.new('You must provide a session to use OmniAuth.')
+        fail(error)
+      end
+
+      @env = env
+      @env['omniauth.strategy'] = self if on_auth_path?
+
+      return mock_call!(env) if OmniAuth.config.test_mode
+      return options_call if on_auth_path? && options_request?
+      return request_call if on_request_path? && OmniAuth.config.allowed_request_methods.include?(request.request_method.downcase.to_sym)
+      return callback_call if on_callback_path?
+      return other_phase if respond_to?(:other_phase)
+      @app.call(env)
+    end
+
+    # Responds to an OPTIONS request.
+    def options_call
+      OmniAuth.config.before_options_phase.call(env) if OmniAuth.config.before_options_phase
+      verbs = OmniAuth.config.allowed_request_methods.collect(&:to_s).collect(&:upcase).join(', ')
+      [200, {'Allow' => verbs}, []]
+    end
+
+    # Performs the steps necessary to run the request phase of a strategy.
+    def request_call # rubocop:disable CyclomaticComplexity, MethodLength, PerceivedComplexity
+      setup_phase
+      log :info, 'Request phase initiated.'
+      # store query params from the request url, extracted in the callback_phase
+      session['omniauth.params'] = request.params
+      OmniAuth.config.before_request_phase.call(env) if OmniAuth.config.before_request_phase
+      if options.form.respond_to?(:call)
+        log :info, 'Rendering form from supplied Rack endpoint.'
+        options.form.call(env)
+      elsif options.form
+        log :info, 'Rendering form from underlying application.'
+        call_app!
+      else
+        if request.params['origin']
+          env['rack.session']['omniauth.origin'] = request.params['origin']
+        elsif env['HTTP_REFERER'] && !env['HTTP_REFERER'].match(/#{request_path}$/)
+          env['rack.session']['omniauth.origin'] = env['HTTP_REFERER']
+        end
+        request_phase
+      end
+    end
+
+    # Performs the steps necessary to run the callback phase of a strategy.
+    def callback_call
+      setup_phase
+      log :info, 'Callback phase initiated.'
+      @env['omniauth.origin'] = session.delete('omniauth.origin')
+      @env['omniauth.origin'] = nil if env['omniauth.origin'] == ''
+      @env['omniauth.params'] = session.delete('omniauth.params') || {}
+      OmniAuth.config.before_callback_phase.call(@env) if OmniAuth.config.before_callback_phase
+      callback_phase
+    end
+
+    # Returns true if the environment recognizes either the
+    # request or callback path.
+    def on_auth_path?
+      on_request_path? || on_callback_path?
+    end
+
+    def on_request_path?
+      if options.request_path.respond_to?(:call)
+        options.request_path.call(env)
+      else
+        on_path?(request_path)
+      end
+    end
+
+    def on_callback_path?
+      on_path?(callback_path)
+    end
+
+    def on_path?(path)
+      current_path.casecmp(path) == 0
+    end
+
+    def options_request?
+      request.request_method == 'OPTIONS'
+    end
+
+    # This is called in lieu of the normal request process
+    # in the event that OmniAuth has been configured to be
+    # in test mode.
+    def mock_call!(*)
+      return mock_request_call if on_request_path?
+      return mock_callback_call if on_callback_path?
+      call_app!
+    end
+
+    def mock_request_call
+      setup_phase
+
+      session['omniauth.params'] = request.params
+      OmniAuth.config.before_request_phase.call(env) if OmniAuth.config.before_request_phase
+      if request.params['origin']
+        @env['rack.session']['omniauth.origin'] = request.params['origin']
+      elsif env['HTTP_REFERER'] && !env['HTTP_REFERER'].match(/#{request_path}$/)
+        @env['rack.session']['omniauth.origin'] = env['HTTP_REFERER']
+      end
+
+      redirect(callback_url)
+    end
+
+    def mock_callback_call
+      setup_phase
+      mocked_auth = OmniAuth.mock_auth_for(name.to_s)
+      if mocked_auth.is_a?(Symbol)
+        fail!(mocked_auth)
+      else
+        @env['omniauth.auth'] = mocked_auth
+        @env['omniauth.params'] = session.delete('omniauth.params') || {}
+        @env['omniauth.origin'] = session.delete('omniauth.origin')
+        @env['omniauth.origin'] = nil if env['omniauth.origin'] == ''
+        OmniAuth.config.before_callback_phase.call(@env) if OmniAuth.config.before_callback_phase
+        call_app!
+      end
+    end
+
+    # The setup phase looks for the `:setup` option to exist and,
+    # if it is, will call either the Rack endpoint supplied to the
+    # `:setup` option or it will call out to the setup path of the
+    # underlying application. This will default to `/auth/:provider/setup`.
+    def setup_phase
+      if options[:setup].respond_to?(:call)
+        log :info, 'Setup endpoint detected, running now.'
+        options[:setup].call(env)
+      elsif options.setup?
+        log :info, 'Calling through to underlying application for setup.'
+        setup_env = env.merge('PATH_INFO' => setup_path, 'REQUEST_METHOD' => 'GET')
+        call_app!(setup_env)
+      end
+    end
+
+    # @abstract This method is called when the user is on the request path. You should
+    # perform any information gathering you need to be able to authenticate
+    # the user in this phase.
+    def request_phase
+      fail(NotImplementedError)
+    end
+
+    def uid
+      self.class.uid_stack(self).last
+    end
+
+    def info
+      merge_stack(self.class.info_stack(self))
+    end
+
+    def credentials
+      merge_stack(self.class.credentials_stack(self))
+    end
+
+    def extra
+      merge_stack(self.class.extra_stack(self))
+    end
+
+    def auth_hash
+      hash = AuthHash.new(:provider => name, :uid => uid)
+      hash.info = info unless skip_info?
+      hash.credentials = credentials if credentials
+      hash.extra = extra if extra
+      hash
+    end
+
+    # Determines whether or not user info should be retrieved. This
+    # allows some strategies to save a call to an external API service
+    # for existing users. You can use it either by setting the `:skip_info`
+    # to true or by setting `:skip_info` to a Proc that takes a uid and
+    # evaluates to true when you would like to skip info.
+    #
+    # @example
+    #
+    #   use MyStrategy, :skip_info => lambda{|uid| User.find_by_uid(uid)}
+    def skip_info?
+      if options.skip_info?
+        if options.skip_info.respond_to?(:call)
+          return options.skip_info.call(uid)
+        else
+          return true
+        end
+      end
+      false
+    end
+
+    def callback_phase
+      env['omniauth.auth'] = auth_hash
+      call_app!
+    end
+
+    def path_prefix
+      options[:path_prefix] || OmniAuth.config.path_prefix
+    end
+
+    def custom_path(kind)
+      if options[kind].respond_to?(:call)
+        result = options[kind].call(env)
+        return nil unless result.is_a?(String)
+        result
+      else
+        options[kind]
+      end
+    end
+
+    def request_path
+      @request_path ||= options[:request_path].is_a?(String) ? options[:request_path] : "#{path_prefix}/#{name}"
+    end
+
+    def callback_path
+      @callback_path ||= begin
+        path = options[:callback_path] if options[:callback_path].is_a?(String)
+        path ||= current_path if options[:callback_path].respond_to?(:call) && options[:callback_path].call(env)
+        path ||= custom_path(:request_path)
+        path ||= "#{path_prefix}/#{name}/callback"
+        path
+      end
+    end
+
+    def setup_path
+      options[:setup_path] || "#{path_prefix}/#{name}/setup"
+    end
+
+    CURRENT_PATH_REGEX = /\/$/
+    EMPTY_STRING       = ''.freeze
+    def current_path
+      @current_path ||= request.path_info.downcase.sub(CURRENT_PATH_REGEX, EMPTY_STRING)
+    end
+
+    def query_string
+      request.query_string.empty? ? '' : "?#{request.query_string}"
+    end
+
+    def call_app!(env = @env)
+      @app.call(env)
+    end
+
+    def full_host
+      case OmniAuth.config.full_host
+      when String
+        OmniAuth.config.full_host
+      when Proc
+        OmniAuth.config.full_host.call(env)
+      else
+        # in Rack 1.3.x, request.url explodes if scheme is nil
+        if request.scheme && request.url.match(URI::ABS_URI)
+          uri = URI.parse(request.url.gsub(/\?.*$/, ''))
+          uri.path = ''
+          # sometimes the url is actually showing http inside rails because the
+          # other layers (like nginx) have handled the ssl termination.
+          uri.scheme = 'https' if ssl? # rubocop:disable BlockNesting
+          uri.to_s
+        else ''
+        end
+      end
+    end
+
+    def callback_url
+      full_host + script_name + callback_path + query_string
+    end
+
+    def script_name
+      @env['SCRIPT_NAME'] || ''
+    end
+
+    def session
+      @env['rack.session']
+    end
+
+    def request
+      @request ||= Rack::Request.new(@env)
+    end
+
+    def name
+      options.name
+    end
+
+    def redirect(uri)
+      r = Rack::Response.new
+
+      if options[:iframe]
+        r.write("<script type='text/javascript' charset='utf-8'>top.location.href = '#{uri}';</script>")
+      else
+        r.write("Redirecting to #{uri}...")
+        r.redirect(uri)
+      end
+
+      r.finish
+    end
+
+    def user_info
+      {}
+    end
+
+    def fail!(message_key, exception = nil)
+      env['omniauth.error'] = exception
+      env['omniauth.error.type'] = message_key.to_sym
+      env['omniauth.error.strategy'] = self
+
+      if exception
+        log :error, "Authentication failure! #{message_key}: #{exception.class}, #{exception.message}"
+      else
+        log :error, "Authentication failure! #{message_key} encountered."
+      end
+
+      OmniAuth.config.on_failure.call(env)
+    end
+
+    class Options < Hashie::Mash; end
+
+  protected
+
+    def merge_stack(stack)
+      stack.inject({}) do |a, e|
+        a.merge!(e)
+        a
+      end
+    end
+
+    def ssl?
+      request.env['HTTPS'] == 'on' ||
+        request.env['HTTP_X_FORWARDED_SSL'] == 'on' ||
+        request.env['HTTP_X_FORWARDED_SCHEME'] == 'https' ||
+        (request.env['HTTP_X_FORWARDED_PROTO'] && request.env['HTTP_X_FORWARDED_PROTO'].split(',')[0] == 'https') ||
+        request.env['rack.url_scheme'] == 'https'
+    end
+  end
+end