omniauth-scalus-oauth2 1.0.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 27b7808c4cf45ad0b7b7c83236a35260905b6e84
+  data.tar.gz: b42ffd12f573939198e782785e8f44d329fda7a6
+SHA512:
+  metadata.gz: b50cd40f95d04eb2ed3ae24d8ee08fca743978764ffd2096ae17dbbaf56779e3167c14eda064450050a1d913cfb2797792e9d567e47e0a2b626055ad39976f31
+  data.tar.gz: 33cc5a0f50bb686d506c18812b793a2b6b2cae48b389f13af4dfcecc3c274dfc8d3b55549abb81f04be2a44b35178310698e955217e1b0d0ce4decdd57dfaf48

data/.gitignore

@@ -0,0 +1,2 @@
+pkg/*
+Gemfile.lock

data/Gemfile

@@ -0,0 +1,3 @@
+source "https://rubygems.org"
+
+gemspec

data/README.md

@@ -0,0 +1,63 @@
+# OmniAuth Scalus
+
+Scalus OAuth2 Strategy for OmniAuth 1.0.
+
+## Installing
+
+Add to your `Gemfile`:
+
+```ruby
+gem 'omniauth-scalus-oauth2'
+```
+
+Then `bundle install`.
+
+## Usage
+
+`OmniAuth::Strategies::Scalus` is simply a Rack middleware. Read [the OmniAuth 1.0 docs](https://github.com/intridea/omniauth) for detailed instructions.
+
+Here's a quick example, adding the middleware to a Rails app in `config/initializers/omniauth.rb`:
+
+```ruby
+Rails.application.config.middleware.use OmniAuth::Builder do
+  provider :scalus, ENV['SCALUS_API_KEY'], ENV['SCALUS_SHARED_SECRET']
+end
+```
+
+## Configuring
+
+You can configure the scope, which you pass in to the `provider` method via a `Hash`:
+
+* `scope`: A comma-separated list of permissions you want to request from the user. See [the Scalus API docs](http://docs.scalus.com/api/tutorials/oauth) for a full list of available permissions.
+
+For example, to request `read_products`, `read_orders` and `write_content` permissions and display the authentication page:
+
+```ruby
+Rails.application.config.middleware.use OmniAuth::Builder do
+  provider :scalus, ENV['SCALUS_API_KEY'], ENV['SCALUS_SHARED_SECRET'], :scope => 'read_products,read_orders,write_content'
+end
+```
+
+## Authentication Hash
+
+Here's an example *Authentication Hash* available in `request.env['omniauth.auth']`:
+
+```ruby
+{
+  :provider => 'scalus',
+  :uid => 'example.myscalus.com',
+  :credentials => {
+    :token => 'afasd923kjh0934kf', # OAuth 2.0 access_token, which you store and use to authenticate API requests
+  }
+}
+```
+
+## License
+
+Copyright (c) 2015 by Scalus Inc
+
+Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/Rakefile

@@ -0,0 +1,9 @@
+require 'bundler/gem_tasks'
+require 'rake/testtask'
+
+task :default => :test
+
+Rake::TestTask.new(:test) do |t|
+  t.pattern = 'test/**/*_test.rb'
+  t.verbose = true
+end

data/example/Gemfile

@@ -0,0 +1,6 @@
+source 'https://rubygems.org/'
+
+gem 'rack', '~> 1.6'
+
+gem 'sinatra', '~> 1.4'
+gem 'omniauth-scalus-oauth2', :path => '../'

data/example/config.ru

@@ -0,0 +1,67 @@
+require 'bundler/setup'
+require 'sinatra/base'
+require 'omniauth-scalus-oauth2'
+
+SCOPE = 'read_products,read_orders,read_customers,write_shipping'
+SCALUS_API_KEY = ENV['SCALUS_API_KEY']
+SCALUS_SHARED_SECRET = ENV['SCALUS_SHARED_SECRET']
+
+unless SCALUS_API_KEY && SCALUS_SHARED_SECRET
+  abort("SCALUS_API_KEY and SCALUS_SHARED_SECRET environment variables must be set")
+end
+
+class App < Sinatra::Base
+  get '/' do
+    <<-HTML
+    <html>
+    <head>
+      <title>Scalus Oauth2</title>
+    </head>
+    <body>
+      <form action="/auth/scalus" method="get">
+      <label for="shop">Enter your store's URL:</label>
+      <input type="text" name="shop" placeholder="your-shop-url.myscalus.com">
+      <button type="submit">Log In</button>
+      </form>
+    </body>
+    </html>
+    HTML
+  end
+
+  get '/auth/:provider/callback' do
+    <<-HTML
+    <html>
+    <head>
+      <title>Scalus Oauth2</title>
+    </head>
+    <body>
+      <h3>Authorized</h3>
+      <p>Shop: #{request.env['omniauth.auth'].uid}</p>
+      <p>Token: #{request.env['omniauth.auth']['credentials']['token']}</p>
+    </body>
+    </html>
+    HTML
+  end
+
+  get '/auth/failure' do
+    <<-HTML
+    <html>
+    <head>
+      <title>Scalus Oauth2</title>
+    </head>
+    <body>
+      <h3>Failed Authorization</h3>
+      <p>Message: #{params[:message]}</p>
+    </body>
+    </html>
+    HTML
+  end
+end
+
+use Rack::Session::Cookie, secret: SecureRandom.hex(64)
+
+use OmniAuth::Builder do
+  provider :scalus, SCALUS_API_KEY, SCALUS_SHARED_SECRET, :scope => SCOPE
+end
+
+run App.new

data/lib/omniauth/scalus/version.rb

@@ -0,0 +1,5 @@
+module OmniAuth
+  module Scalus
+    VERSION = "1.0.0"
+  end
+end

data/lib/omniauth/scalus.rb

@@ -0,0 +1,2 @@
+require 'omniauth/scalus/version'
+require 'omniauth/strategies/scalus'

data/lib/omniauth/strategies/scalus.rb

@@ -0,0 +1,90 @@
+require 'omniauth/strategies/oauth2'
+
+module OmniAuth
+  module Strategies
+    class Scalus < OmniAuth::Strategies::OAuth2
+      # Available scopes: content themes products customers orders script_tags shipping
+      # read_*  or write_*
+      DEFAULT_SCOPE = 'read_products'
+      MINUTE = 60
+      CODE_EXPIRES_AFTER = 10 * MINUTE
+
+      option :client_options, {
+        :authorize_url => '/admin/oauth/authorize',
+        :token_url => '/admin/oauth/access_token'
+      }
+
+      option :callback_url
+      option :myscalus_domain, 'myscalus.com'
+
+      option :setup, proc { |env|
+        request = Rack::Request.new(env)
+        env['omniauth.strategy'].options[:client_options][:site] = "https://#{request.GET['shop']}"
+      }
+
+      uid { URI.parse(options[:client_options][:site]).host }
+
+      def valid_site?
+        !!(/\A(https|http)\:\/\/[a-zA-Z0-9][a-zA-Z0-9\-]*\.#{Regexp.quote(options[:myscalus_domain])}[\/]?\z/ =~ options[:client_options][:site])
+      end
+
+      def valid_signature?
+        return false unless request.POST.empty?
+
+        params = request.GET
+        signature = params['hmac']
+        timestamp = params['timestamp']
+        return false unless signature && timestamp
+
+        return false unless timestamp.to_i > Time.now.to_i - CODE_EXPIRES_AFTER
+
+        calculated_signature = self.class.hmac_sign(self.class.encoded_params_for_signature(params), options.client_secret)
+        Rack::Utils.secure_compare(calculated_signature, signature)
+      end
+
+      def self.encoded_params_for_signature(params)
+        params = params.dup
+        params.delete('hmac')
+        params.delete('signature') # deprecated signature
+        params.map{|k,v| "#{URI.escape(k.to_s, '&=%')}=#{URI.escape(v.to_s, '&%')}"}.sort.join('&')
+      end
+
+      def self.hmac_sign(encoded_params, secret)
+        OpenSSL::HMAC.hexdigest(OpenSSL::Digest::SHA256.new, secret, encoded_params)
+      end
+
+      def fix_https
+        options[:client_options][:site].gsub!(/\Ahttp\:/, 'https:')
+      end
+
+      def setup_phase
+        super
+        fix_https
+      end
+
+      def request_phase
+        if valid_site?
+          super
+        else
+          fail!(:invalid_site)
+        end
+      end
+
+      def callback_phase
+        return fail!(:invalid_site) unless valid_site?
+        return fail!(:invalid_signature) unless valid_signature?
+        super
+      end
+
+      def authorize_params
+        super.tap do |params|
+          params[:scope] ||= DEFAULT_SCOPE
+        end
+      end
+
+      def callback_url
+        options[:callback_url] || full_host + script_name + callback_path
+      end
+    end
+  end
+end

data/lib/omniauth-scalus-oauth2.rb

@@ -0,0 +1 @@
+require 'omniauth/scalus'

data/omniauth-scalus-oauth2.gemspec

@@ -0,0 +1,24 @@
+# -*- encoding: utf-8 -*-
+$:.push File.expand_path('../lib', __FILE__)
+require 'omniauth/scalus/version'
+
+Gem::Specification.new do |s|
+  s.name     = 'omniauth-scalus-oauth2'
+  s.version  = OmniAuth::Scalus::VERSION
+  s.authors  = ['David Henner']
+  s.email    = ['drhenner@scalus.com']
+  s.summary  = 'Scalus strategy for OmniAuth'
+  s.homepage = 'https://github.com/scalus/omniauth-scalus-oauth2'
+  s.license = 'MIT'
+
+  s.files         = `git ls-files`.split("\n")
+  s.test_files    = `git ls-files -- {test,spec,features}/*`.split("\n")
+  s.executables   = `git ls-files -- bin/*`.split("\n").map { |f| File.basename(f) }
+  s.require_paths = ['lib']
+
+  s.add_runtime_dependency 'omniauth-oauth2', '~> 1.2'
+
+  s.add_development_dependency 'minitest', '~> 5.6'
+  s.add_development_dependency 'fakeweb', '~> 1.3'
+  s.add_development_dependency 'rake'
+end

data/shipit.rubygems.yml

@@ -0,0 +1 @@
+# using the default shipit config

data/spec/omniauth/strategies/scalus_spec.rb

@@ -0,0 +1,138 @@
+require 'spec_helper'
+require 'omniauth-scalus-oauth2'
+require 'base64'
+
+describe OmniAuth::Strategies::Scalus do
+  before :each do
+    @request = double('Request',
+                      :env => { })
+    @request.stub(:params) { {} }
+    @request.stub(:cookies) { {} }
+
+    @client_id = '123'
+    @client_secret = '53cr3tz'
+    @options = {:client_options => {:site => 'https://example.myscalus.com'}}
+  end
+
+  subject do
+    args = [@client_id, @client_secret, @options].compact
+    OmniAuth::Strategies::Scalus.new(nil, *args).tap do |strategy|
+      strategy.stub(:request) { @request }
+      strategy.stub(:session) { {} }
+    end
+  end
+
+  describe '#fix_https' do
+    it 'replaces http scheme by https' do
+      @options = {:client_options => {:site => 'http://foo.bar/'}}
+      subject.fix_https
+      subject.options[:client_options][:site].should eq('https://foo.bar/')
+    end
+
+    it 'does not replace https scheme' do
+      @options = {:client_options => {:site => 'https://foo.bar/'}}
+      subject.fix_https
+      subject.options[:client_options][:site].should eq('https://foo.bar/')
+    end
+  end
+
+  describe '#client' do
+    it 'has correct scalus site' do
+      subject.client.site.should eq('https://example.myscalus.com')
+    end
+
+    it 'has correct authorize url' do
+      subject.client.options[:authorize_url].should eq('/admin/oauth/authorize')
+    end
+
+    it 'has correct token url' do
+      subject.client.options[:token_url].should eq('/admin/oauth/access_token')
+    end
+  end
+
+  describe '#callback_url' do
+    it "returns value from #callback_url" do
+      url = 'http://auth.myapp.com/auth/callback'
+      @options = {:callback_url => url}
+      subject.callback_url.should eq(url)
+    end
+
+    it "defaults to callback" do
+      url_base = 'http://auth.request.com'
+      @request.stub(:url) { "#{url_base}/page/path" }
+      @request.stub(:scheme) { 'http' }
+      subject.stub(:script_name) { "" } # to not depend from Rack env
+      subject.callback_url.should eq("#{url_base}/auth/scalus/callback")
+    end
+  end
+
+  describe '#authorize_params' do
+    it 'includes default scope for read_products' do
+      subject.authorize_params.should be_a(Hash)
+      subject.authorize_params[:scope].should eq('read_products')
+    end
+
+    it 'includes custom scope' do
+      @options = {:scope => 'write_products'}
+      subject.authorize_params.should be_a(Hash)
+      subject.authorize_params[:scope].should eq('write_products')
+    end
+  end
+
+  describe '#uid' do
+    it 'returns the shop' do
+      subject.uid.should eq('example.myscalus.com')
+    end
+  end
+
+  describe '#credentials' do
+    before :each do
+      @access_token = double('OAuth2::AccessToken')
+      @access_token.stub(:token)
+      @access_token.stub(:expires?)
+      @access_token.stub(:expires_at)
+      @access_token.stub(:refresh_token)
+      subject.stub(:access_token) { @access_token }
+    end
+
+    it 'returns a Hash' do
+      subject.credentials.should be_a(Hash)
+    end
+
+    it 'returns the token' do
+      @access_token.stub(:token) { '123' }
+      subject.credentials['token'].should eq('123')
+    end
+
+    it 'returns the expiry status' do
+      @access_token.stub(:expires?) { true }
+      subject.credentials['expires'].should eq(true)
+
+      @access_token.stub(:expires?) { false }
+      subject.credentials['expires'].should eq(false)
+    end
+
+  end
+
+  describe '#valid_site?' do
+    it 'returns true if the site contains .myscalus.com' do
+      @options = {:client_options => {:site => 'http://foo.myscalus.com/'}}
+      subject.valid_site?.should eq(true)
+    end
+
+    it 'returns false if the site does not contain .myscalus.com' do
+      @options = {:client_options => {:site => 'http://foo.example.com/'}}
+      subject.valid_site?.should eq(false)
+    end
+
+    it 'uses configurable option for myscalus_domain' do
+      @options = {:client_options => {:site => 'http://foo.example.com/'}, :myscalus_domain => 'example.com'}
+      subject.valid_site?.should eq(true)
+    end
+
+    it 'allows custom port for myscalus_domain' do
+      @options = {:client_options => {:site => 'http://foo.example.com:3456/'}, :myscalus_domain => 'example.com:3456'}
+      subject.valid_site?.should eq(true)
+    end
+  end
+end

data/test/integration_test.rb

@@ -0,0 +1,218 @@
+require_relative 'test_helper'
+
+class IntegrationTest < Minitest::Test
+  def setup
+    build_app
+  end
+
+  def teardown
+    FakeWeb.clean_registry
+    FakeWeb.last_request = nil
+  end
+
+  def test_authorize
+    response = authorize('snowdevil.myscalus.com')
+    assert_equal 302, response.status
+    assert_match /\A#{Regexp.quote("https://snowdevil.myscalus.com/admin/oauth/authorize?")}/, response.location
+    redirect_params = Rack::Utils.parse_query(URI(response.location).query)
+    assert_equal "123", redirect_params['client_id']
+    assert_equal "https://app.example.com/auth/scalus/callback", redirect_params['redirect_uri']
+    assert_equal "read_products", redirect_params['scope']
+  end
+
+  def test_authorize_overrides_site_with_https_scheme
+    build_app setup: lambda { |env|
+      params = Rack::Utils.parse_query(env['QUERY_STRING'])
+      env['omniauth.strategy'].options[:client_options][:site] = "http://#{params['shop']}"
+    }
+
+    response = authorize('snowdevil.myscalus.com')
+    assert_match /\A#{Regexp.quote("https://snowdevil.myscalus.com/admin/oauth/authorize?")}/, response.location
+  end
+
+  def test_site_validation
+    code = SecureRandom.hex(16)
+
+    [
+      'foo.example.com',                # shop doesn't end with .myscalus.com
+      'http://snowdevil.myscalus.com', # shop contains protocol
+      'snowdevil.myscalus.com/path',   # shop contains path
+      'user@snowdevil.myscalus.com',   # shop contains user
+      'snowdevil.myscalus.com:22',     # shop contains port
+    ].each do |shop, valid|
+      response = authorize(shop)
+      assert_auth_failure(response, 'invalid_site')
+
+      response = callback(sign_params(shop: shop, code: code))
+      assert_auth_failure(response, 'invalid_site')
+    end
+  end
+
+  def test_callback
+    access_token = SecureRandom.hex(16)
+    code = SecureRandom.hex(16)
+    expect_access_token_request(access_token)
+
+    response = callback(sign_params(shop: 'snowdevil.myscalus.com', code: code, state: opts["rack.session"]["omniauth.state"]))
+
+    assert_callback_success(response, access_token, code)
+  end
+
+  def test_callback_with_legacy_signature
+    access_token = SecureRandom.hex(16)
+    code = SecureRandom.hex(16)
+    expect_access_token_request(access_token)
+
+    response = callback(sign_params(shop: 'snowdevil.myscalus.com', code: code, state: opts["rack.session"]["omniauth.state"]).merge(signature: 'ignored'))
+
+    assert_callback_success(response, access_token, code)
+  end
+
+  def test_callback_custom_params
+    access_token = SecureRandom.hex(16)
+    code = SecureRandom.hex(16)
+    FakeWeb.register_uri(:post, "https://snowdevil.myscalus.com/admin/oauth/access_token",
+                         body: JSON.dump(access_token: access_token),
+                         content_type: 'application/json')
+
+    now = Time.now.to_i
+    params = { shop: 'snowdevil.myscalus.com', code: code, timestamp: now, next: '/products?page=2&q=red%20shirt', state: opts["rack.session"]["omniauth.state"] }
+    encoded_params = "code=#{code}&next=/products?page=2%26q=red%2520shirt&shop=snowdevil.myscalus.com&state=#{opts["rack.session"]["omniauth.state"]}&timestamp=#{now}"
+    params[:hmac] = OpenSSL::HMAC.hexdigest(OpenSSL::Digest::SHA256.new, @secret, encoded_params)
+
+    response = callback(params)
+
+    assert_callback_success(response, access_token, code)
+  end
+
+  def test_callback_rejects_invalid_hmac
+    @secret = 'wrong_secret'
+    response = callback(sign_params(shop: 'snowdevil.myscalus.com', code: SecureRandom.hex(16)))
+
+    assert_auth_failure(response, 'invalid_signature')
+  end
+
+  def test_callback_rejects_old_timestamps
+    expired_timestamp = Time.now.to_i - OmniAuth::Strategies::Scalus::CODE_EXPIRES_AFTER - 1
+    response = callback(sign_params(shop: 'snowdevil.myscalus.com', code: SecureRandom.hex(16), timestamp: expired_timestamp))
+
+    assert_auth_failure(response, 'invalid_signature')
+  end
+
+  def test_callback_rejects_missing_hmac
+    code = SecureRandom.hex(16)
+
+    response = callback(shop: 'snowdevil.myscalus.com', code: code, timestamp: Time.now.to_i)
+
+    assert_auth_failure(response, 'invalid_signature')
+  end
+
+  def test_callback_rejects_body_params
+    code = SecureRandom.hex(16)
+    params = sign_params(shop: 'snowdevil.myscalus.com', code: code)
+    body = Rack::Utils.build_nested_query(unsigned: 'value')
+
+    response = request.get("https://app.example.com/auth/scalus/callback?#{Rack::Utils.build_query(params)}",
+                           input: body,
+                           "CONTENT_TYPE" => 'application/x-www-form-urlencoded')
+
+    assert_auth_failure(response, 'invalid_signature')
+  end
+
+  def test_provider_options
+    build_app scope: 'read_products,read_orders,write_content',
+              callback_path: '/admin/auth/legacy/callback',
+              myscalus_domain: 'myscalus.dev:3000',
+              setup: lambda { |env|
+                shop = Rack::Request.new(env).GET['shop']
+                shop += ".myscalus.dev:3000" unless shop.include?(".")
+                env['omniauth.strategy'].options[:client_options][:site] = "https://#{shop}"
+              }
+
+    response = authorize('snowdevil')
+    assert_equal 302, response.status
+    assert_match /\A#{Regexp.quote("https://snowdevil.myscalus.dev:3000/admin/oauth/authorize?")}/, response.location
+    redirect_params = Rack::Utils.parse_query(URI(response.location).query)
+    assert_equal 'read_products,read_orders,write_content', redirect_params['scope']
+    assert_equal 'https://app.example.com/admin/auth/legacy/callback', redirect_params['redirect_uri']
+  end
+  def test_callback_with_invalid_state_fails
+    access_token = SecureRandom.hex(16)
+    code = SecureRandom.hex(16)
+    FakeWeb.register_uri(:post, "https://snowdevil.myscalus.com/admin/oauth/access_token",
+                         body: JSON.dump(access_token: access_token),
+                         content_type: 'application/json')
+
+    response = callback(sign_params(shop: 'snowdevil.myscalus.com', code: code, state: 'invalid'))
+
+    assert_equal 302, response.status
+    assert_equal '/auth/failure?message=csrf_detected&strategy=scalus', response.location
+  end
+  private
+
+  def sign_params(params)
+    params = params.dup
+
+    params[:timestamp] ||= Time.now.to_i
+
+    encoded_params = OmniAuth::Strategies::Scalus.encoded_params_for_signature(params)
+    params['hmac'] = OmniAuth::Strategies::Scalus.hmac_sign(encoded_params, @secret)
+    params
+  end
+
+  def expect_access_token_request(access_token)
+    FakeWeb.register_uri(:post, "https://snowdevil.myscalus.com/admin/oauth/access_token",
+                         body: JSON.dump(access_token: access_token),
+                         content_type: 'application/json')
+  end
+
+  def assert_callback_success(response, access_token, code)
+    token_request_params = Rack::Utils.parse_query(FakeWeb.last_request.body)
+    assert_equal token_request_params['client_id'], '123'
+    assert_equal token_request_params['client_secret'], @secret
+    assert_equal token_request_params['code'], code
+
+    assert_equal 'snowdevil.myscalus.com', @omniauth_result.uid
+    assert_equal access_token, @omniauth_result.credentials.token
+    assert_equal false, @omniauth_result.credentials.expires
+
+    assert_equal 200, response.status
+    assert_equal "OK", response.body
+  end
+
+  def assert_auth_failure(response, reason)
+    assert_nil FakeWeb.last_request
+    assert_equal 302, response.status
+    assert_match /\A#{Regexp.quote("/auth/failure?message=#{reason}")}/, response.location
+  end
+
+  def build_app(options={})
+    app = proc { |env|
+      @omniauth_result = env['omniauth.auth']
+      [200, {Rack::CONTENT_TYPE => "text/plain"}, "OK"]
+    }
+
+    opts["rack.session"]["omniauth.state"] = SecureRandom.hex(32)
+    app = OmniAuth::Builder.new(app) do
+      provider :scalus, '123', '53cr3tz', options
+    end
+    @secret = '53cr3tz'
+    @app = Rack::Session::Cookie.new(app, secret: SecureRandom.hex(64))
+  end
+
+  def authorize(shop)
+    request.get("https://app.example.com/auth/scalus?shop=#{CGI.escape(shop)}", opts)
+  end
+
+  def callback(params)
+    request.get("https://app.example.com/auth/scalus/callback?#{Rack::Utils.build_query(params)}", opts)
+  end
+
+  def opts
+    @opts ||= { "rack.session" => {} }
+  end
+
+  def request
+    Rack::MockRequest.new(@app)
+  end
+end

data/test/test_helper.rb

@@ -0,0 +1,10 @@
+$: << File.expand_path("../../lib", __FILE__)
+require 'bundler/setup'
+require 'omniauth-scalus-oauth2'
+
+require 'minitest/autorun'
+require 'fakeweb'
+require 'json'
+
+OmniAuth.config.logger = Logger.new(nil)
+FakeWeb.allow_net_connect = false

metadata

@@ -0,0 +1,118 @@
+--- !ruby/object:Gem::Specification
+name: omniauth-scalus-oauth2
+version: !ruby/object:Gem::Version
+  version: 1.0.0
+platform: ruby
+authors:
+- David Henner
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2015-11-24 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: omniauth-oauth2
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.2'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.2'
+- !ruby/object:Gem::Dependency
+  name: minitest
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '5.6'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '5.6'
+- !ruby/object:Gem::Dependency
+  name: fakeweb
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.3'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.3'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+description: 
+email:
+- drhenner@scalus.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- ".gitignore"
+- Gemfile
+- README.md
+- Rakefile
+- example/Gemfile
+- example/config.ru
+- lib/omniauth-scalus-oauth2.rb
+- lib/omniauth/scalus.rb
+- lib/omniauth/scalus/version.rb
+- lib/omniauth/strategies/scalus.rb
+- omniauth-scalus-oauth2.gemspec
+- shipit.rubygems.yml
+- spec/omniauth/strategies/scalus_spec.rb
+- test/integration_test.rb
+- test/test_helper.rb
+homepage: https://github.com/scalus/omniauth-scalus-oauth2
+licenses:
+- MIT
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.2.2
+signing_key: 
+specification_version: 4
+summary: Scalus strategy for OmniAuth
+test_files:
+- spec/omniauth/strategies/scalus_spec.rb
+- test/integration_test.rb
+- test/test_helper.rb