omniauth-salesforce 1.0.3 → 1.0.4

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 09b903072b7e9b94e366fb7ff1a22b3c058a87d1
+  data.tar.gz: 20caac8cc1e94b718387f0744e265a6e457763cc
+SHA512:
+  metadata.gz: 2058ec807e22afc966995ae504ec7ecefef72980812690d226795d125c9c27f5521a20dbf4b4146ef1d9feb609e75326c676b7a11b6c7fcca75871caab7d2278
+  data.tar.gz: 65662fa728868aec3a07786bcc77b471e1994af2ca33c495b618a4150ec354f8efd76a85b34c844c497026a694583f8e2d1d2b6b770267d993ebf66077e35158

data/.rvmrc

@@ -0,0 +1 @@
+rvm use 1.9.2-p290@omniauth-salesforce --create

data/Gemfile

@@ -1,4 +1,4 @@
-source 'http://rubygems.org'
+source 'https://rubygems.org'
 
 # Specify your gem's dependencies in omniauth-salesforce.gemspec
 gemspec

data/LICENSE.md

@@ -0,0 +1,5 @@
+Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -2,6 +2,8 @@
 
 [OmniAuth](https://github.com/intridea/omniauth) Strategy for [salesforce.com](salesforce.com).
 
+Note: This is a fork of the [original](https://github.com/richardvanhook/omniauth-salesforce) project and is now the main repository for the omniauth-salesforce gem.
+
 ## See it in action
 
 [http://omniauth-salesforce-example.herokuapp.com](http://omniauth-salesforce-example.herokuapp.com)
@@ -10,14 +12,38 @@
 
 ## Basic Usage
 
-    require "sinatra"
-    require "omniauth"
-    require "omniauth-salesforce"
-
-    class MyApplication < Sinatra::Base
-      use Rack::Session
-      use OmniAuth::Builder do
-        provider :salesforce, ENV['SALESFORCE_KEY'], ENV['SALESFORCE_SECRET']
-      end
-    end
-
+```ruby
+require "sinatra"
+require "omniauth"
+require "omniauth-salesforce"
+
+class MyApplication < Sinatra::Base
+  use Rack::Session
+  use OmniAuth::Builder do
+    provider :salesforce, ENV['SALESFORCE_KEY'], ENV['SALESFORCE_SECRET']
+  end
+end
+```
+
+## Including other sites
+
+```ruby
+use OmniAuth::Builder do
+    provider :salesforce, 
+             ENV['SALESFORCE_KEY'], 
+             ENV['SALESFORCE_SECRET']
+    provider OmniAuth::Strategies::SalesforceSandbox, 
+             ENV['SALESFORCE_SANDBOX_KEY'], 
+             ENV['SALESFORCE_SANDBOX_SECRET']
+    provider OmniAuth::Strategies::SalesforcePreRelease, 
+             ENV['SALESFORCE_PRERELEASE_KEY'], 
+             ENV['SALESFORCE_PRERELEASE_SECRET']
+    provider OmniAuth::Strategies::DatabaseDotCom, 
+             ENV['DATABASE_DOT_COM_KEY'], 
+             ENV['DATABASE_DOT_COM_SECRET']
+end
+```
+
+## Resources
+
+* [Article: Digging Deeper into OAuth 2.0 on Force.com](http://wiki.developerforce.com/index.php/Digging_Deeper_into_OAuth_2.0_on_Force.com)

data/lib/omniauth-salesforce/version.rb

@@ -1,5 +1,5 @@
 module OmniAuth
   module Salesforce
-    VERSION = "1.0.3"
+    VERSION = "1.0.4"
   end
 end

data/lib/omniauth/strategies/salesforce.rb

@@ -1,10 +1,12 @@
 require 'omniauth-oauth2'
+require 'openssl'
+require 'base64'
 
 module OmniAuth
   module Strategies
     class Salesforce < OmniAuth::Strategies::OAuth2
 
-      MOBILE_USER_AGENTS =  'webos|ipod|iphone|mobile'
+      MOBILE_USER_AGENTS =  'webos|ipod|iphone|ipad|android|blackberry|mobile'
 
       option :client_options, {
         :site          => 'https://login.salesforce.com',
@@ -15,7 +17,8 @@ module OmniAuth
         :scope,
         :display,
         :immediate,
-        :state
+        :state,
+        :prompt
       ]
 
       def request_phase
@@ -29,6 +32,15 @@ module OmniAuth
         super
       end
 
+      def auth_hash
+        signed_value = access_token.params['id'] + access_token.params['issued_at']
+        raw_expected_signature = OpenSSL::HMAC.digest('sha256', options.client_secret, signed_value)
+        expected_signature = Base64.strict_encode64 raw_expected_signature
+        signature = access_token.params['signature']
+        fail! "Salesforce user id did not match signature!" unless signature == expected_signature
+        super
+      end
+
       uid { raw_info['id'] }
 
       info do
@@ -62,7 +74,9 @@ module OmniAuth
       extra do
         raw_info.merge({
           'instance_url' => access_token.params['instance_url'],
-          'pod' => access_token.params['instance_url']
+          'pod' => access_token.params['instance_url'],
+          'signature' => access_token.params['signature'],
+          'issued_at' => access_token.params['issued_at']
         })
       end
       

data/omniauth-salesforce.gemspec

@@ -6,7 +6,7 @@ Gem::Specification.new do |gem|
   gem.email         = ["rvanhook@salesforce.com"]
   gem.description   = %q{OmniAuth strategy for salesforce.com.}
   gem.summary       = %q{OmniAuth strategy for salesforce.com.}
-  gem.homepage      = "https://github.com/richardvanhook/omniauth-salesforce"
+  gem.homepage      = "https://github.com/realdoug/omniauth-salesforce"
 
   gem.executables   = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) }
   gem.files         = `git ls-files`.split("\n")
@@ -14,6 +14,7 @@ Gem::Specification.new do |gem|
   gem.name          = "omniauth-salesforce"
   gem.require_paths = ["lib"]
   gem.version       = OmniAuth::Salesforce::VERSION
+  gem.license       = "MIT"
 
   gem.add_dependency 'omniauth', '~> 1.0'
   gem.add_dependency 'omniauth-oauth2', '~> 1.0'

data/spec/omniauth/strategies/salesforce_spec.rb

@@ -1,7 +1,217 @@
 require 'spec_helper'
 
 describe OmniAuth::Strategies::Salesforce do
-  it 'should do some testing' do
-    pending
-  end
+	strategy = nil
+	before do
+		OmniAuth.config.test_mode = true
+		rack_app = []
+		rack_app.stub :call
+		strategy = OmniAuth::Strategies::Salesforce.new rack_app, 'Consumer Key', 'Consumer Secret'
+	end
+	describe "request_phase" do
+		env = nil
+		before do
+			env = {
+				'rack.session' => {},
+				'HTTP_USER_AGENT' => 'unknown',
+				'REQUEST_METHOD' => 'GET',
+				'rack.input' => '',
+				'rack.url_scheme' => 'http',
+				'SERVER_NAME' => 'server.example', 
+				'QUERY_STRING' => 'code=xxxx', 
+				'SCRIPT_NAME' => '', 
+				'SERVER_PORT' => 80
+			}
+		end
+		context "when using a mobile browser" do
+			user_agents = {
+				:Pre => "Mozilla/5.0 (webOS/1.4.0; U; en-US) AppleWebKit/532.2 (KHTML, like Gecko) Version/1.0 Safari/532.2 Pre/1.1",
+				:iPod => "Mozilla/5.0 (iPod; U; CPU like Mac OS X; en) AppleWebKit/420.1 (KHTML, like Gecko) Version/3.0 Mobile/4A93 Safari/419.3",
+				:iPhone => "Mozilla/5.0 (iPhone; U; CPU like Mac OS X; en) AppleWebKit/420+ (KHTML, like Gecko) Version/3.0 Mobile/1A543 Safari/419.3",
+				:iPad => "Mozilla/5.0 (iPad; U; CPU OS 3_2 like Mac OS X; en-us) AppleWebKit/531.21.10 (KHTML, like Gecko) Version/4.0.4 Mobile/7B334b Safari/531.21.10",
+				:Nexus => "Mozilla/5.0 (Linux; U; Android 2.2; en-us; Nexus One Build/FRF91) AppleWebKit/533.1 (KHTML, like Gecko) Version/4.0 Mobile Safari/533.1",
+				:myTouch => "Mozilla/5.0 (Linux; U; Android 1.6; en-us; WOWMobile myTouch 3G Build/unknown) AppleWebKit/528.5+ (KHTML, like Gecko) Version/3.1.2 Mobile Safari/525.20.1",
+				:Storm => "BlackBerry9530/4.7.0.148 Profile/MIDP-2.0 Configuration/CLDC-1.1 VendorID/105",
+				:Torch => "Mozilla/5.0 (BlackBerry; U; BlackBerry 9810; en-US) AppleWebKit/534.11+ (KHTML, like Gecko) Version/7.0.0 Mobile Safari/534.11+",
+				:generic_mobile => "some mobile device"
+			}
+			user_agents.each_pair do |name, agent|
+				context "with the user agent from a #{name.to_s}" do
+					before do
+						env['HTTP_USER_AGENT'] = agent
+						strategy.call!(env)
+						strategy.request_phase
+					end
+					subject {strategy.options}
+					it "sets the :display option to 'touch'" do
+						subject[:display].should == 'touch'
+					end
+				end
+			end
+		end
+		context "when using a desktop browser" do
+			user_agents = {
+				:Chrome => "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/535.21 (KHTML, like Gecko) Chrome/19.0.1042.0 Safari/535.21",
+				:Safari => "Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_8; de-at) AppleWebKit/533.21.1 (KHTML, like Gecko) Version/5.0.5 Safari/533.21.1",
+				:IE => "Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.0; Trident/4.0; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET CLR 1.0.3705; .NET CLR 1.1.4322)",
+				:anything_else => "unknown"
+			}
+			user_agents.each_pair do |name, agent|
+				context "with the user agent from #{name.to_s}" do
+					before do
+						env['HTTP_USER_AGENT'] = agent
+						strategy.call!(env)
+						strategy.request_phase
+					end
+					subject {strategy.options}
+					it "sets the :display option to 'page'" do
+						subject[:display].should == 'page'
+					end
+				end
+			end
+		end
+	end
+	describe "callback phase" do
+		raw_info = nil
+		before do
+			raw_info = {
+				'id' => 'salesforce id',
+				'display_name' => 'display name',
+				'email' => 'email',
+				'nick_name' => 'nick name',
+				'first_name' => 'first name',
+				'last_name' => 'last name',
+				'photos' => {'thumbnail' => '/thumbnail/url'},
+				'urls'=> {
+					"enterprise" => "https://salesforce.example/services",
+					"metadata" => "https://salesforce.example/services"
+				}
+			}
+			client = OAuth2::Client.new 'id', 'secret', {:site => 'example.com'}
+			access_token = OAuth2::AccessToken.from_hash client, {
+				'access_token' => 'token',
+				'instance_url' => 'http://instance.salesforce.example',
+				'signature' => 'invalid',
+				'issued_at' => '1296458209517'
+			}
+			strategy.stub(:raw_info) { raw_info }
+			strategy.stub(:access_token) { access_token }
+		end
+		describe "uid" do
+			it "sets the id" do
+				strategy.uid.should == raw_info['id']
+			end
+		end
+		describe "info" do
+			subject { strategy.info }
+			it "returns an info hash" do
+				subject.should_not be_nil
+			end
+			it "sets name" do 
+				subject['name'].should == raw_info['display_name']
+			end
+			it "sets email" do
+				subject['email'].should == raw_info['email']
+			end
+			it "sets nickname" do
+				subject['nickname'].should == raw_info['nick_name']
+			end
+			it "sets first_name" do
+				subject['first_name'].should == raw_info['first_name']
+			end
+			it "sets last_name" do
+				subject['last_name'].should == raw_info['last_name']
+			end
+			it "sets location" do
+				subject['location'].should == ''
+			end
+			it "sets description" do
+				subject['description'].should == ''
+			end
+			it "sets image" do
+				subject['image'].should == raw_info['photos']['thumbnail'] + "?oauth_token=#{strategy.access_token.token}"
+			end
+			it "sets phone" do
+				subject['phone'].should == ''
+			end
+			it "sets urls" do
+				subject['urls'].should == raw_info['urls']
+			end
+		end
+		describe "credentials" do
+			subject { strategy.credentials }
+			it "sets token" do 
+				subject['token'].should == strategy.access_token.token
+			end
+			it "sets instance_url" do
+				subject['instance_url'].should == strategy.access_token.params["instance_url"]
+			end
+			context "given a refresh token" do
+				it "sets refresh_token" do
+					subject['refresh_token'].should == strategy.access_token.refresh_token
+				end
+			end
+			context "when not given a refresh token" do
+				it "does not set a refresh token" do
+					subject['refresh_token'].should be_nil
+				end
+			end
+		end
+		describe "extra" do
+			subject { strategy.extra }
+			it "sets instance_url" do
+				subject['instance_url'].should == strategy.access_token.params['instance_url']
+			end
+			it "sets pod" do
+				subject['pod'].should == strategy.access_token.params['instance_url']
+			end
+			it "sets signature" do
+				subject['signature'].should == strategy.access_token.params['signature']
+			end
+			it "sets issued_at" do
+				subject['issued_at'].should == strategy.access_token.params['issued_at']
+			end
+		end
+		describe "user id validation" do
+			client_id = nil
+			issued_at = nil
+			signature = nil
+			instance_url = 'http://instance.salesforce.example'
+			before do
+					client_id = "https://login.salesforce.com/id/00Dd0000000d45TEBQ/005d0000000fyGPCCY"
+					issued_at = "1331142541514"
+					signature = Base64.strict_encode64(OpenSSL::HMAC.digest('sha256', strategy.options.client_secret, client_id + issued_at))
+			end
+			context "when the signature does not match" do
+				before do
+					access_token = OAuth2::AccessToken.from_hash strategy.access_token.client, {
+						'id' => 'forged client id',
+						'issued_at' => issued_at,
+						'instance_url' => 'http://instance.salesforce.example',
+						'signature' => signature
+					}
+					strategy.stub(:access_token) { access_token }
+				end
+				it "should call fail!" do
+					strategy.should_receive(:fail!)
+					strategy.auth_hash
+				end
+			end
+			context "when the signature does match" do
+				before do
+					access_token = OAuth2::AccessToken.from_hash strategy.access_token.client, {
+						'id' => client_id,
+						'issued_at' => issued_at,
+						'instance_url' => 'http://instance.salesforce.example',
+						'signature' => signature
+					}
+					strategy.stub(:access_token) { access_token }
+				end
+				it "should not fail" do
+					strategy.should_not_receive(:fail!)
+					strategy.auth_hash
+				end
+			end
+		end
+	end
 end

metadata

@@ -1,82 +1,99 @@
 --- !ruby/object:Gem::Specification
 name: omniauth-salesforce
 version: !ruby/object:Gem::Version
-  version: 1.0.3
-  prerelease: 
+  version: 1.0.4
 platform: ruby
 authors:
 - Richard Vanhook
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2011-12-08 00:00:00.000000000 Z
+date: 2013-05-27 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: omniauth
-  requirement: &2156089220 !ruby/object:Gem::Requirement
-    none: false
+  requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ~>
       - !ruby/object:Gem::Version
         version: '1.0'
   type: :runtime
   prerelease: false
-  version_requirements: *2156089220
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '1.0'
 - !ruby/object:Gem::Dependency
   name: omniauth-oauth2
-  requirement: &2156088020 !ruby/object:Gem::Requirement
-    none: false
+  requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ~>
       - !ruby/object:Gem::Version
         version: '1.0'
   type: :runtime
   prerelease: false
-  version_requirements: *2156088020
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '1.0'
 - !ruby/object:Gem::Dependency
   name: rspec
-  requirement: &2156087100 !ruby/object:Gem::Requirement
-    none: false
+  requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ~>
       - !ruby/object:Gem::Version
         version: '2.7'
   type: :development
   prerelease: false
-  version_requirements: *2156087100
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '2.7'
 - !ruby/object:Gem::Dependency
   name: rack-test
-  requirement: &2156086240 !ruby/object:Gem::Requirement
-    none: false
+  requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ! '>='
+    - - '>='
       - !ruby/object:Gem::Version
         version: '0'
   type: :development
   prerelease: false
-  version_requirements: *2156086240
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: simplecov
-  requirement: &2156085680 !ruby/object:Gem::Requirement
-    none: false
+  requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ! '>='
+    - - '>='
       - !ruby/object:Gem::Version
         version: '0'
   type: :development
   prerelease: false
-  version_requirements: *2156085680
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: webmock
-  requirement: &2156085120 !ruby/object:Gem::Requirement
-    none: false
+  requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ! '>='
+    - - '>='
       - !ruby/object:Gem::Version
         version: '0'
   type: :development
   prerelease: false
-  version_requirements: *2156085120
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
 description: OmniAuth strategy for salesforce.com.
 email:
 - rvanhook@salesforce.com
@@ -86,8 +103,10 @@ extra_rdoc_files: []
 files:
 - .gitignore
 - .rspec
+- .rvmrc
 - Gemfile
 - Guardfile
+- LICENSE.md
 - README.md
 - Rakefile
 - lib/omniauth-salesforce.rb
@@ -96,29 +115,29 @@ files:
 - omniauth-salesforce.gemspec
 - spec/omniauth/strategies/salesforce_spec.rb
 - spec/spec_helper.rb
-homepage: https://github.com/richardvanhook/omniauth-salesforce
-licenses: []
+homepage: https://github.com/realdoug/omniauth-salesforce
+licenses:
+- MIT
+metadata: {}
 post_install_message: 
 rdoc_options: []
 require_paths:
 - lib
 required_ruby_version: !ruby/object:Gem::Requirement
-  none: false
   requirements:
-  - - ! '>='
+  - - '>='
     - !ruby/object:Gem::Version
       version: '0'
 required_rubygems_version: !ruby/object:Gem::Requirement
-  none: false
   requirements:
-  - - ! '>='
+  - - '>='
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 1.8.5
+rubygems_version: 2.0.3
 signing_key: 
-specification_version: 3
+specification_version: 4
 summary: OmniAuth strategy for salesforce.com.
 test_files:
 - spec/omniauth/strategies/salesforce_spec.rb