omniauth-salesforce-modern 1.1.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- data/.github/workflows/ci.yml +30 -0
- data/.gitignore +17 -0
- data/.rspec +1 -0
- data/.rubocop.yml +11 -0
- data/.rubocop_todo.yml +57 -0
- data/.ruby-version +1 -0
- data/Gemfile +9 -0
- data/LICENSE.md +5 -0
- data/README.md +62 -0
- data/lib/omniauth/salesforce/version.rb +5 -0
- data/lib/omniauth/salesforce.rb +1 -0
- data/lib/omniauth/strategies/salesforce.rb +96 -0
- data/omniauth-salesforce-modern.gemspec +20 -0
- data/spec/omniauth/strategies/salesforce_spec.rb +254 -0
- data/spec/spec_helper.rb +10 -0
- metadata +87 -0
checksums.yaml
ADDED
@@ -0,0 +1,7 @@
|
|
1
|
+
---
|
2
|
+
SHA256:
|
3
|
+
metadata.gz: de3e1b74f291b64ce36752c2c59de56f94f4da262a5d607b388d95920588cd7c
|
4
|
+
data.tar.gz: 040daedb36dd0e675a9aab893e2c46d183e8a3b5b6a3694bbc63344791d52fbe
|
5
|
+
SHA512:
|
6
|
+
metadata.gz: 70151309f12d81c3204687258cfa44934c40888ee4708c91329e14d13acb6fe086d3917bb9f884733b38494b304dff282f1db188e0df332045f82e1f1834cf2a
|
7
|
+
data.tar.gz: c9f570707ffe398b7a0e72248e004cfbcad5a2ba8406b35dc3288a3ea74b739e5d774774318936037a243e5f12b2764468f1231961551157b7b9d7316f5f5316
|
@@ -0,0 +1,30 @@
|
|
1
|
+
name: CI
|
2
|
+
|
3
|
+
on: [push, pull_request]
|
4
|
+
|
5
|
+
jobs:
|
6
|
+
test:
|
7
|
+
runs-on: ubuntu-latest
|
8
|
+
strategy:
|
9
|
+
matrix:
|
10
|
+
ruby-version: ['2.6', '2.7', '3.0', '3.1', '3.2']
|
11
|
+
|
12
|
+
steps:
|
13
|
+
- uses: actions/checkout@v3
|
14
|
+
- name: Set up Ruby ${{ matrix.ruby-version }}
|
15
|
+
uses: ruby/setup-ruby@v1
|
16
|
+
with:
|
17
|
+
ruby-version: ${{ matrix.ruby-version }}
|
18
|
+
bundler-cache: true # 'bundle install' and cache
|
19
|
+
- name: Run specs
|
20
|
+
run: |
|
21
|
+
bundle exec rspec
|
22
|
+
rubocop:
|
23
|
+
runs-on: ubuntu-latest
|
24
|
+
steps:
|
25
|
+
- uses: actions/checkout@v3
|
26
|
+
- uses: ruby/setup-ruby@v1
|
27
|
+
with:
|
28
|
+
ruby-version: 3.2
|
29
|
+
bundler-cache: true # 'bundle install' and cache
|
30
|
+
- run: bundle exec rubocop
|
data/.gitignore
ADDED
data/.rspec
ADDED
@@ -0,0 +1 @@
|
|
1
|
+
--colour
|
data/.rubocop.yml
ADDED
data/.rubocop_todo.yml
ADDED
@@ -0,0 +1,57 @@
|
|
1
|
+
# This configuration was generated by
|
2
|
+
# `rubocop --auto-gen-config`
|
3
|
+
# on 2023-05-18 20:50:49 UTC using RuboCop version 1.48.1.
|
4
|
+
# The point is for the user to remove these configuration records
|
5
|
+
# one by one as the offenses are removed from the code base.
|
6
|
+
# Note that changes in the inspected code, or installation of new
|
7
|
+
# versions of RuboCop, may require this file to be generated again.
|
8
|
+
|
9
|
+
# Offense count: 1
|
10
|
+
Lint/UselessAssignment:
|
11
|
+
Exclude:
|
12
|
+
- 'spec/omniauth/strategies/salesforce_spec.rb'
|
13
|
+
|
14
|
+
# Offense count: 1
|
15
|
+
# Configuration parameters: Prefixes, AllowedPatterns.
|
16
|
+
# Prefixes: when, with, without
|
17
|
+
RSpec/ContextWording:
|
18
|
+
Exclude:
|
19
|
+
- 'spec/omniauth/strategies/salesforce_spec.rb'
|
20
|
+
|
21
|
+
# Offense count: 1
|
22
|
+
# Configuration parameters: Include, CustomTransform, IgnoreMethods, SpecSuffixOnly.
|
23
|
+
# Include: **/*_spec*rb*, **/spec/**/*
|
24
|
+
RSpec/FilePath:
|
25
|
+
Exclude:
|
26
|
+
- 'spec/omniauth/strategies/salesforce_spec.rb'
|
27
|
+
|
28
|
+
# Offense count: 21
|
29
|
+
# Configuration parameters: EnforcedStyle, IgnoreSharedExamples.
|
30
|
+
# SupportedStyles: always, named_only
|
31
|
+
RSpec/NamedSubject:
|
32
|
+
Exclude:
|
33
|
+
- 'spec/omniauth/strategies/salesforce_spec.rb'
|
34
|
+
|
35
|
+
# Offense count: 6
|
36
|
+
# Configuration parameters: AllowedGroups.
|
37
|
+
RSpec/NestedGroups:
|
38
|
+
Max: 4
|
39
|
+
|
40
|
+
# Offense count: 22
|
41
|
+
# Configuration parameters: AllowedPatterns.
|
42
|
+
# AllowedPatterns: ^expect_, ^assert_
|
43
|
+
RSpec/NoExpectationExample:
|
44
|
+
Exclude:
|
45
|
+
- 'spec/omniauth/strategies/salesforce_spec.rb'
|
46
|
+
|
47
|
+
# Offense count: 2
|
48
|
+
RSpec/PendingWithoutReason:
|
49
|
+
Exclude:
|
50
|
+
- 'spec/omniauth/strategies/salesforce_spec.rb'
|
51
|
+
|
52
|
+
# Offense count: 10
|
53
|
+
# This cop supports safe autocorrection (--autocorrect).
|
54
|
+
# Configuration parameters: AllowHeredoc, AllowURI, URISchemes, IgnoreCopDirectives, AllowedPatterns.
|
55
|
+
# URISchemes: http, https
|
56
|
+
Layout/LineLength:
|
57
|
+
Max: 203
|
data/.ruby-version
ADDED
@@ -0,0 +1 @@
|
|
1
|
+
2.1
|
data/Gemfile
ADDED
data/LICENSE.md
ADDED
@@ -0,0 +1,5 @@
|
|
1
|
+
Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
|
2
|
+
|
3
|
+
The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
|
4
|
+
|
5
|
+
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
data/README.md
ADDED
@@ -0,0 +1,62 @@
|
|
1
|
+
# OmniAuth Salesforce Strategy
|
2
|
+
|
3
|
+
Strategy to authenticate with Gong via OAuth2 in OmniAuth.
|
4
|
+
|
5
|
+
Salesforce OAuth docs - <https://developer.salesforce.com/docs/atlas.en-us.api_rest.meta/api_rest/intro_oauth_and_connected_apps.htm>
|
6
|
+
|
7
|
+
Note: This is a fork of an [abandoned fork](https://github.com/realdoug/omniauth-salesforce) of the [original](https://github.com/richardvanhook/omniauth-salesforce) project.
|
8
|
+
|
9
|
+
## Installation
|
10
|
+
|
11
|
+
Add to your Gemfile:
|
12
|
+
|
13
|
+
```ruby
|
14
|
+
gem 'omniauth-salesforce-modern'
|
15
|
+
```
|
16
|
+
|
17
|
+
Then `bundle install`.
|
18
|
+
|
19
|
+
## Salesforce API Setup
|
20
|
+
|
21
|
+
1. Follow the instructions in
|
22
|
+
<https://help.gong.io/hc/en-us/articles/360056677792-Create-an-app-for-Gong>
|
23
|
+
to create a "Connected app"
|
24
|
+
|
25
|
+
## Usage
|
26
|
+
|
27
|
+
Here's an example for adding the middleware to a Rails app in `config/initializers/salesforce.rb`:
|
28
|
+
|
29
|
+
```ruby
|
30
|
+
Rails.application.config.middleware.use OmniAuth::Builder do
|
31
|
+
provider :salesforce,
|
32
|
+
Rails.application.credentials.dig(:salesforce, :key),
|
33
|
+
Rails.application.credentials.dig(:salesforce, :secret)
|
34
|
+
end
|
35
|
+
```
|
36
|
+
|
37
|
+
You can now access the OmniAuth Salesforce URL: /auth/salesforce
|
38
|
+
|
39
|
+
NOTE: While developing your application, if you change the scope in the initializer you will need to restart your app server.
|
40
|
+
|
41
|
+
## Configuration
|
42
|
+
|
43
|
+
You can configure several options, which you pass in to the provider method via a hash:
|
44
|
+
|
45
|
+
- `client_options`: A hash of options to pass to the OAuth client
|
46
|
+
|
47
|
+
Here's an example of a possible configuration
|
48
|
+
|
49
|
+
```ruby
|
50
|
+
Rails.application.config.middleware.use OmniAuth::Builder do
|
51
|
+
provider :salesforce,
|
52
|
+
Rails.application.credentials.dig(:gong, :key),
|
53
|
+
Rails.application.credentials.dig(:gong, :secret),
|
54
|
+
client_options: {
|
55
|
+
auth_scheme: :request_body
|
56
|
+
}
|
57
|
+
end
|
58
|
+
```
|
59
|
+
|
60
|
+
## License
|
61
|
+
|
62
|
+
See [LICENSE](LICENSE.md)
|
@@ -0,0 +1 @@
|
|
1
|
+
require 'omniauth/strategies/salesforce'
|
@@ -0,0 +1,96 @@
|
|
1
|
+
require 'omniauth-oauth2'
|
2
|
+
require 'openssl'
|
3
|
+
require 'base64'
|
4
|
+
|
5
|
+
module OmniAuth
|
6
|
+
module Strategies
|
7
|
+
class Salesforce < OmniAuth::Strategies::OAuth2
|
8
|
+
MOBILE_USER_AGENTS = 'webos|ipod|iphone|ipad|android|blackberry|mobile'.freeze
|
9
|
+
|
10
|
+
option :client_options, {
|
11
|
+
site: 'https://login.salesforce.com',
|
12
|
+
authorize_url: '/services/oauth2/authorize',
|
13
|
+
token_url: '/services/oauth2/token'
|
14
|
+
}
|
15
|
+
option :authorize_options, %i[
|
16
|
+
scope
|
17
|
+
display
|
18
|
+
immediate
|
19
|
+
state
|
20
|
+
prompt
|
21
|
+
redirect_uri
|
22
|
+
login_hint
|
23
|
+
]
|
24
|
+
|
25
|
+
def request_phase
|
26
|
+
req = Rack::Request.new(@env)
|
27
|
+
options.update(req.params)
|
28
|
+
ua = req.user_agent.to_s
|
29
|
+
unless options.key?(:display)
|
30
|
+
mobile_request = ua.downcase =~ Regexp.new(MOBILE_USER_AGENTS)
|
31
|
+
options[:display] = mobile_request ? 'touch' : 'page'
|
32
|
+
end
|
33
|
+
super
|
34
|
+
end
|
35
|
+
|
36
|
+
def auth_hash
|
37
|
+
signed_value = access_token.params['id'] + access_token.params['issued_at']
|
38
|
+
raw_expected_signature = OpenSSL::HMAC.digest('sha256', options.client_secret.to_s, signed_value)
|
39
|
+
expected_signature = Base64.strict_encode64 raw_expected_signature
|
40
|
+
signature = access_token.params['signature']
|
41
|
+
fail! 'Salesforce user id did not match signature!' unless signature == expected_signature
|
42
|
+
super
|
43
|
+
end
|
44
|
+
|
45
|
+
uid { raw_info['id'] }
|
46
|
+
|
47
|
+
info do
|
48
|
+
{
|
49
|
+
'name' => raw_info['display_name'],
|
50
|
+
'email' => raw_info['email'],
|
51
|
+
'nickname' => raw_info['nick_name'],
|
52
|
+
'first_name' => raw_info['first_name'],
|
53
|
+
'last_name' => raw_info['last_name'],
|
54
|
+
'location' => '',
|
55
|
+
'description' => '',
|
56
|
+
'image' => raw_info['photos']['thumbnail'] + "?oauth_token=#{access_token.token}",
|
57
|
+
'phone' => '',
|
58
|
+
'urls' => raw_info['urls']
|
59
|
+
}
|
60
|
+
end
|
61
|
+
|
62
|
+
credentials do
|
63
|
+
hash = { 'token' => access_token.token }
|
64
|
+
hash.merge!('instance_url' => access_token.params['instance_url'])
|
65
|
+
hash.merge!('refresh_token' => access_token.refresh_token) if access_token.refresh_token
|
66
|
+
hash
|
67
|
+
end
|
68
|
+
|
69
|
+
def raw_info
|
70
|
+
access_token.options[:mode] = :header
|
71
|
+
@raw_info ||= access_token.post(access_token['id']).parsed
|
72
|
+
end
|
73
|
+
|
74
|
+
extra do
|
75
|
+
raw_info.merge({
|
76
|
+
'instance_url' => access_token.params['instance_url'],
|
77
|
+
'pod' => access_token.params['instance_url'],
|
78
|
+
'signature' => access_token.params['signature'],
|
79
|
+
'issued_at' => access_token.params['issued_at']
|
80
|
+
})
|
81
|
+
end
|
82
|
+
end
|
83
|
+
|
84
|
+
class SalesforceSandbox < OmniAuth::Strategies::Salesforce
|
85
|
+
default_options[:client_options][:site] = 'https://test.salesforce.com'
|
86
|
+
end
|
87
|
+
|
88
|
+
class DatabaseDotCom < OmniAuth::Strategies::Salesforce
|
89
|
+
default_options[:client_options][:site] = 'https://login.database.com'
|
90
|
+
end
|
91
|
+
|
92
|
+
class SalesforcePreRelease < OmniAuth::Strategies::Salesforce
|
93
|
+
default_options[:client_options][:site] = 'https://prerellogin.pre.salesforce.com/'
|
94
|
+
end
|
95
|
+
end
|
96
|
+
end
|
@@ -0,0 +1,20 @@
|
|
1
|
+
require File.expand_path('lib/omniauth/salesforce/version', __dir__)
|
2
|
+
|
3
|
+
Gem::Specification.new do |gem|
|
4
|
+
gem.authors = ['Richard Vanhook']
|
5
|
+
gem.email = ['rvanhook@salesforce.com']
|
6
|
+
gem.description = 'OmniAuth strategy for salesforce.com.'
|
7
|
+
gem.summary = 'OmniAuth strategy for salesforce.com.'
|
8
|
+
gem.homepage = 'https://github.com/matteeyah/omniauth-salesforce'
|
9
|
+
|
10
|
+
gem.files = `git ls-files`.split("\n")
|
11
|
+
gem.name = 'omniauth-salesforce-modern'
|
12
|
+
gem.require_paths = ['lib']
|
13
|
+
gem.version = OmniAuth::Salesforce::VERSION
|
14
|
+
gem.license = 'MIT'
|
15
|
+
|
16
|
+
gem.add_dependency 'omniauth', '~> 2.0'
|
17
|
+
gem.add_dependency 'omniauth-oauth2', '>= 1.7.1'
|
18
|
+
gem.required_ruby_version = '>= 2.1.0'
|
19
|
+
gem.metadata['rubygems_mfa_required'] = 'true'
|
20
|
+
end
|
@@ -0,0 +1,254 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
|
3
|
+
describe OmniAuth::Strategies::Salesforce do
|
4
|
+
strategy = nil
|
5
|
+
before do
|
6
|
+
OmniAuth.config.test_mode = true
|
7
|
+
rack_app = []
|
8
|
+
rack_app.stub :call
|
9
|
+
strategy = described_class.new rack_app, 'Consumer Key', 'Consumer Secret'
|
10
|
+
end
|
11
|
+
|
12
|
+
describe 'request_phase' do
|
13
|
+
env = nil
|
14
|
+
before do
|
15
|
+
env = {
|
16
|
+
'rack.session' => {},
|
17
|
+
'HTTP_USER_AGENT' => 'unknown',
|
18
|
+
'REQUEST_METHOD' => 'GET',
|
19
|
+
'rack.input' => '',
|
20
|
+
'rack.url_scheme' => 'http',
|
21
|
+
'SERVER_NAME' => 'server.example',
|
22
|
+
'QUERY_STRING' => 'code=xxxx',
|
23
|
+
'SCRIPT_NAME' => '',
|
24
|
+
'SERVER_PORT' => 80
|
25
|
+
}
|
26
|
+
end
|
27
|
+
|
28
|
+
context 'when using a mobile browser' do
|
29
|
+
user_agents = {
|
30
|
+
Pre: 'Mozilla/5.0 (webOS/1.4.0; U; en-US) AppleWebKit/532.2 (KHTML, like Gecko) Version/1.0 Safari/532.2 Pre/1.1',
|
31
|
+
iPod: 'Mozilla/5.0 (iPod; U; CPU like Mac OS X; en) AppleWebKit/420.1 (KHTML, like Gecko) Version/3.0 Mobile/4A93 Safari/419.3',
|
32
|
+
iPhone: 'Mozilla/5.0 (iPhone; U; CPU like Mac OS X; en) AppleWebKit/420+ (KHTML, like Gecko) Version/3.0 Mobile/1A543 Safari/419.3',
|
33
|
+
iPad: 'Mozilla/5.0 (iPad; U; CPU OS 3_2 like Mac OS X; en-us) AppleWebKit/531.21.10 (KHTML, like Gecko) Version/4.0.4 Mobile/7B334b Safari/531.21.10',
|
34
|
+
Nexus: 'Mozilla/5.0 (Linux; U; Android 2.2; en-us; Nexus One Build/FRF91) AppleWebKit/533.1 (KHTML, like Gecko) Version/4.0 Mobile Safari/533.1',
|
35
|
+
myTouch: 'Mozilla/5.0 (Linux; U; Android 1.6; en-us; WOWMobile myTouch 3G Build/unknown) AppleWebKit/528.5+ (KHTML, like Gecko) Version/3.1.2 Mobile Safari/525.20.1',
|
36
|
+
Storm: 'BlackBerry9530/4.7.0.148 Profile/MIDP-2.0 Configuration/CLDC-1.1 VendorID/105',
|
37
|
+
Torch: 'Mozilla/5.0 (BlackBerry; U; BlackBerry 9810; en-US) AppleWebKit/534.11+ (KHTML, like Gecko) Version/7.0.0 Mobile Safari/534.11+',
|
38
|
+
generic_mobile: 'some mobile device'
|
39
|
+
}
|
40
|
+
user_agents.each_pair do |name, agent|
|
41
|
+
context "with the user agent from a #{name}" do
|
42
|
+
subject { strategy.options }
|
43
|
+
|
44
|
+
before do
|
45
|
+
env['HTTP_USER_AGENT'] = agent
|
46
|
+
strategy.call!(env)
|
47
|
+
strategy.request_phase
|
48
|
+
end
|
49
|
+
|
50
|
+
it "sets the :display option to 'touch'" do
|
51
|
+
subject[:display].should == 'touch'
|
52
|
+
end
|
53
|
+
end
|
54
|
+
end
|
55
|
+
end
|
56
|
+
|
57
|
+
context 'when using a desktop browser' do
|
58
|
+
user_agents = {
|
59
|
+
Chrome: 'Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/535.21 (KHTML, like Gecko) Chrome/19.0.1042.0 Safari/535.21',
|
60
|
+
Safari: 'Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_8; de-at) AppleWebKit/533.21.1 (KHTML, like Gecko) Version/5.0.5 Safari/533.21.1',
|
61
|
+
IE: 'Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.0; Trident/4.0; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET CLR 1.0.3705; .NET CLR 1.1.4322)',
|
62
|
+
anything_else: 'unknown'
|
63
|
+
}
|
64
|
+
user_agents.each_pair do |name, agent|
|
65
|
+
context "with the user agent from #{name}" do
|
66
|
+
subject { strategy.options }
|
67
|
+
|
68
|
+
before do
|
69
|
+
env['HTTP_USER_AGENT'] = agent
|
70
|
+
strategy.call!(env)
|
71
|
+
strategy.request_phase
|
72
|
+
end
|
73
|
+
|
74
|
+
it "sets the :display option to 'page'" do
|
75
|
+
subject[:display].should == 'page'
|
76
|
+
end
|
77
|
+
end
|
78
|
+
end
|
79
|
+
end
|
80
|
+
end
|
81
|
+
|
82
|
+
describe 'callback phase' do
|
83
|
+
raw_info = nil
|
84
|
+
before do
|
85
|
+
raw_info = {
|
86
|
+
'id' => 'salesforce id',
|
87
|
+
'display_name' => 'display name',
|
88
|
+
'email' => 'email',
|
89
|
+
'nick_name' => 'nick name',
|
90
|
+
'first_name' => 'first name',
|
91
|
+
'last_name' => 'last name',
|
92
|
+
'photos' => { 'thumbnail' => '/thumbnail/url' },
|
93
|
+
'urls' => {
|
94
|
+
'enterprise' => 'https://salesforce.example/services',
|
95
|
+
'metadata' => 'https://salesforce.example/services'
|
96
|
+
}
|
97
|
+
}
|
98
|
+
client = OAuth2::Client.new 'id', 'secret', { site: 'example.com' }
|
99
|
+
access_token = OAuth2::AccessToken.from_hash client, {
|
100
|
+
'access_token' => 'token',
|
101
|
+
'instance_url' => 'http://instance.salesforce.example',
|
102
|
+
'signature' => 'invalid',
|
103
|
+
'issued_at' => '1296458209517'
|
104
|
+
}
|
105
|
+
strategy.stub(:raw_info) { raw_info }
|
106
|
+
strategy.stub(:access_token) { access_token }
|
107
|
+
end
|
108
|
+
|
109
|
+
describe 'uid' do
|
110
|
+
it 'sets the id' do
|
111
|
+
strategy.uid.should == raw_info['id']
|
112
|
+
end
|
113
|
+
end
|
114
|
+
|
115
|
+
describe 'info' do
|
116
|
+
subject { strategy.info }
|
117
|
+
|
118
|
+
it 'returns an info hash' do
|
119
|
+
subject.should_not be_nil
|
120
|
+
end
|
121
|
+
|
122
|
+
it 'sets name' do
|
123
|
+
subject['name'].should == raw_info['display_name']
|
124
|
+
end
|
125
|
+
|
126
|
+
it 'sets email' do
|
127
|
+
subject['email'].should == raw_info['email']
|
128
|
+
end
|
129
|
+
|
130
|
+
it 'sets nickname' do
|
131
|
+
subject['nickname'].should == raw_info['nick_name']
|
132
|
+
end
|
133
|
+
|
134
|
+
it 'sets first_name' do
|
135
|
+
subject['first_name'].should == raw_info['first_name']
|
136
|
+
end
|
137
|
+
|
138
|
+
it 'sets last_name' do
|
139
|
+
subject['last_name'].should == raw_info['last_name']
|
140
|
+
end
|
141
|
+
|
142
|
+
it 'sets location' do
|
143
|
+
subject['location'].should == ''
|
144
|
+
end
|
145
|
+
|
146
|
+
it 'sets description' do
|
147
|
+
subject['description'].should == ''
|
148
|
+
end
|
149
|
+
|
150
|
+
it 'sets image' do
|
151
|
+
subject['image'].should == raw_info['photos']['thumbnail'] + "?oauth_token=#{strategy.access_token.token}"
|
152
|
+
end
|
153
|
+
|
154
|
+
it 'sets phone' do
|
155
|
+
subject['phone'].should == ''
|
156
|
+
end
|
157
|
+
|
158
|
+
it 'sets urls' do
|
159
|
+
subject['urls'].should == raw_info['urls']
|
160
|
+
end
|
161
|
+
end
|
162
|
+
|
163
|
+
describe 'credentials' do
|
164
|
+
subject { strategy.credentials }
|
165
|
+
|
166
|
+
it 'sets token' do
|
167
|
+
subject['token'].should == strategy.access_token.token
|
168
|
+
end
|
169
|
+
|
170
|
+
it 'sets instance_url' do
|
171
|
+
subject['instance_url'].should == strategy.access_token.params['instance_url']
|
172
|
+
end
|
173
|
+
|
174
|
+
context 'given a refresh token' do
|
175
|
+
it 'sets refresh_token' do
|
176
|
+
subject['refresh_token'].should == strategy.access_token.refresh_token
|
177
|
+
end
|
178
|
+
end
|
179
|
+
|
180
|
+
context 'when not given a refresh token' do
|
181
|
+
it 'does not set a refresh token' do
|
182
|
+
subject['refresh_token'].should be_nil
|
183
|
+
end
|
184
|
+
end
|
185
|
+
end
|
186
|
+
|
187
|
+
describe 'extra' do
|
188
|
+
subject { strategy.extra }
|
189
|
+
|
190
|
+
it 'sets instance_url' do
|
191
|
+
subject['instance_url'].should == strategy.access_token.params['instance_url']
|
192
|
+
end
|
193
|
+
|
194
|
+
it 'sets pod' do
|
195
|
+
subject['pod'].should == strategy.access_token.params['instance_url']
|
196
|
+
end
|
197
|
+
|
198
|
+
it 'sets signature' do
|
199
|
+
subject['signature'].should == strategy.access_token.params['signature']
|
200
|
+
end
|
201
|
+
|
202
|
+
it 'sets issued_at' do
|
203
|
+
subject['issued_at'].should == strategy.access_token.params['issued_at']
|
204
|
+
end
|
205
|
+
end
|
206
|
+
|
207
|
+
describe 'user id validation' do
|
208
|
+
client_id = nil
|
209
|
+
issued_at = nil
|
210
|
+
signature = nil
|
211
|
+
instance_url = 'http://instance.salesforce.example'
|
212
|
+
before do
|
213
|
+
client_id = 'https://login.salesforce.com/id/00Dd0000000d45TEBQ/005d0000000fyGPCCY'
|
214
|
+
issued_at = '1331142541514'
|
215
|
+
signature = Base64.strict_encode64(OpenSSL::HMAC.digest('sha256', strategy.options.client_secret.to_s,
|
216
|
+
client_id + issued_at))
|
217
|
+
end
|
218
|
+
|
219
|
+
context 'when the signature does not match' do
|
220
|
+
before do
|
221
|
+
access_token = OAuth2::AccessToken.from_hash strategy.access_token.client, {
|
222
|
+
'id' => 'forged client id',
|
223
|
+
'issued_at' => issued_at,
|
224
|
+
'instance_url' => 'http://instance.salesforce.example',
|
225
|
+
'signature' => signature
|
226
|
+
}
|
227
|
+
strategy.stub(:access_token) { access_token }
|
228
|
+
end
|
229
|
+
|
230
|
+
xit 'should call fail!' do
|
231
|
+
strategy.should_receive(:fail!)
|
232
|
+
strategy.auth_hash
|
233
|
+
end
|
234
|
+
end
|
235
|
+
|
236
|
+
context 'when the signature does match' do
|
237
|
+
before do
|
238
|
+
access_token = OAuth2::AccessToken.from_hash strategy.access_token.client, {
|
239
|
+
'id' => client_id,
|
240
|
+
'issued_at' => issued_at,
|
241
|
+
'instance_url' => 'http://instance.salesforce.example',
|
242
|
+
'signature' => signature
|
243
|
+
}
|
244
|
+
strategy.stub(:access_token) { access_token }
|
245
|
+
end
|
246
|
+
|
247
|
+
xit 'should not fail' do
|
248
|
+
strategy.should_not_receive(:fail!)
|
249
|
+
strategy.auth_hash
|
250
|
+
end
|
251
|
+
end
|
252
|
+
end
|
253
|
+
end
|
254
|
+
end
|
data/spec/spec_helper.rb
ADDED
@@ -0,0 +1,10 @@
|
|
1
|
+
$LOAD_PATH.unshift File.expand_path(__dir__)
|
2
|
+
$LOAD_PATH.unshift File.expand_path('../lib', __dir__)
|
3
|
+
|
4
|
+
require 'rspec'
|
5
|
+
require 'omniauth'
|
6
|
+
require 'omniauth/salesforce'
|
7
|
+
|
8
|
+
RSpec.configure do |config|
|
9
|
+
config.extend OmniAuth::Test::StrategyMacros, type: :strategy
|
10
|
+
end
|
metadata
ADDED
@@ -0,0 +1,87 @@
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
2
|
+
name: omniauth-salesforce-modern
|
3
|
+
version: !ruby/object:Gem::Version
|
4
|
+
version: 1.1.1
|
5
|
+
platform: ruby
|
6
|
+
authors:
|
7
|
+
- Richard Vanhook
|
8
|
+
autorequire:
|
9
|
+
bindir: bin
|
10
|
+
cert_chain: []
|
11
|
+
date: 2023-05-19 00:00:00.000000000 Z
|
12
|
+
dependencies:
|
13
|
+
- !ruby/object:Gem::Dependency
|
14
|
+
name: omniauth
|
15
|
+
requirement: !ruby/object:Gem::Requirement
|
16
|
+
requirements:
|
17
|
+
- - "~>"
|
18
|
+
- !ruby/object:Gem::Version
|
19
|
+
version: '2.0'
|
20
|
+
type: :runtime
|
21
|
+
prerelease: false
|
22
|
+
version_requirements: !ruby/object:Gem::Requirement
|
23
|
+
requirements:
|
24
|
+
- - "~>"
|
25
|
+
- !ruby/object:Gem::Version
|
26
|
+
version: '2.0'
|
27
|
+
- !ruby/object:Gem::Dependency
|
28
|
+
name: omniauth-oauth2
|
29
|
+
requirement: !ruby/object:Gem::Requirement
|
30
|
+
requirements:
|
31
|
+
- - ">="
|
32
|
+
- !ruby/object:Gem::Version
|
33
|
+
version: 1.7.1
|
34
|
+
type: :runtime
|
35
|
+
prerelease: false
|
36
|
+
version_requirements: !ruby/object:Gem::Requirement
|
37
|
+
requirements:
|
38
|
+
- - ">="
|
39
|
+
- !ruby/object:Gem::Version
|
40
|
+
version: 1.7.1
|
41
|
+
description: OmniAuth strategy for salesforce.com.
|
42
|
+
email:
|
43
|
+
- rvanhook@salesforce.com
|
44
|
+
executables: []
|
45
|
+
extensions: []
|
46
|
+
extra_rdoc_files: []
|
47
|
+
files:
|
48
|
+
- ".github/workflows/ci.yml"
|
49
|
+
- ".gitignore"
|
50
|
+
- ".rspec"
|
51
|
+
- ".rubocop.yml"
|
52
|
+
- ".rubocop_todo.yml"
|
53
|
+
- ".ruby-version"
|
54
|
+
- Gemfile
|
55
|
+
- LICENSE.md
|
56
|
+
- README.md
|
57
|
+
- lib/omniauth/salesforce.rb
|
58
|
+
- lib/omniauth/salesforce/version.rb
|
59
|
+
- lib/omniauth/strategies/salesforce.rb
|
60
|
+
- omniauth-salesforce-modern.gemspec
|
61
|
+
- spec/omniauth/strategies/salesforce_spec.rb
|
62
|
+
- spec/spec_helper.rb
|
63
|
+
homepage: https://github.com/matteeyah/omniauth-salesforce
|
64
|
+
licenses:
|
65
|
+
- MIT
|
66
|
+
metadata:
|
67
|
+
rubygems_mfa_required: 'true'
|
68
|
+
post_install_message:
|
69
|
+
rdoc_options: []
|
70
|
+
require_paths:
|
71
|
+
- lib
|
72
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
73
|
+
requirements:
|
74
|
+
- - ">="
|
75
|
+
- !ruby/object:Gem::Version
|
76
|
+
version: 2.1.0
|
77
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
78
|
+
requirements:
|
79
|
+
- - ">="
|
80
|
+
- !ruby/object:Gem::Version
|
81
|
+
version: '0'
|
82
|
+
requirements: []
|
83
|
+
rubygems_version: 3.4.6
|
84
|
+
signing_key:
|
85
|
+
specification_version: 4
|
86
|
+
summary: OmniAuth strategy for salesforce.com.
|
87
|
+
test_files: []
|