omniauth-seznam-cz 0.0.1 → 0.1.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: f009f7470aef979d8104389d3beb5e477bd09fa974da325913c22dbaafa84959
-  data.tar.gz: 495f8ce948f74219cda3be1df8eb6465a3bd3b5be36b72405f712242c73cc8ca
+  metadata.gz: c648d155cac9a61f968db43ea6fc26ff6d665921fec222a48b66211673f9b7ad
+  data.tar.gz: 6c9334d0ff6cea90af56f1f2f24203ce9b655f7548f2aa76f6b0bcaabe2f9c9c
 SHA512:
-  metadata.gz: '09c096615acd0f366d707812bc2e1faf78277b57636db68dd2f31e1b9fe3dc1a06931e32c6a40f59fc2f0f6a32a769365ccc0fc58075482ae911b69c5516fed4'
-  data.tar.gz: ab3cb2cb209b02e19f7e7d39aa8a9cc3e283f1de54b446f5f6ef2bd4acbd06ee67025fa96aa2156519b90eeaf20d6f5be2e73f20f5c299fd86c5658ab54961ae
+  metadata.gz: ca5180f1309200a762c9fd2c1fdad9d346730b96c2b43a4f4c186e8b8675c35edb689ca27cae35e91ae95fa55052b71a0e5eaad576685b92cd2beabfe0e2d8ea
+  data.tar.gz: 6651969510ae8717ed2e8018d2585198ed09ede87dfbdbeda4691094e00b4b5ca86573eafee8feb549831bd3e13917ea53ad3f5a746687e331ac1b8c91057341

data/.gitignore

@@ -1,22 +1,13 @@
 *.gem
-*.rbc
 .bundle
 .config
-.yardoc
 .ruby-gemset
 .ruby-version
 .rvmrc
-Gemfile.lock
-InstalledFiles
-_yardoc
-coverage
-doc/
-lib/bundler/man
-pkg
 rdoc
 spec/reports
 test/tmp
 test/version_tmp
 tmp
-.powenv
 .idea/
+Gemfile.lock

data/.travis.yml

@@ -1,6 +1,5 @@
 language: ruby
 cache: bundler
 rvm:
-  - '2.7.2'
-  - '2.7.6'
+  - '2.7.4'
   - '3.0.0'

data/README.md

@@ -1,5 +1,5 @@
 [![Gem Version](https://badge.fury.io/rb/omniauth-seznam-cz.svg)](https://badge.fury.io/rb/omniauth-seznam-cz)
-[![Build Status](https://travis-ci.com/zquestz/omniauth-seznam-cz.svg)](https://travis-ci.com/zquestz/omniauth-seznam-cz)
+[![Build Status](https://app.travis-ci.com/honzasterba/omniauth-seznam-cz.svg?branch=main)](https://app.travis-ci.com/honzasterba/omniauth-seznam-cz)
 
 # OmniAuth Seznam.cz Strategy
 

data/bin/publish-gem.sh

@@ -0,0 +1,5 @@
+#!/bin/bash
+
+rm *.gem
+gem build omniauth-seznam-cz.gemspec
+gem push omniauth-seznam-cz-*.gem

data/lib/omniauth/seznam_cz/version.rb

@@ -2,6 +2,6 @@
 
 module OmniAuth
   module SeznamCz
-    VERSION = '0.0.1'
+    VERSION = '0.1.0'
   end
 end

data/lib/omniauth/strategies/seznam_cz.rb

@@ -6,23 +6,22 @@ require 'uri'
 
 module OmniAuth
   module Strategies
-    # Main class for Seznam.cz strategy.
     class SeznamCz < OmniAuth::Strategies::OAuth2
       ALLOWED_ISSUERS = ['login.szn.cz'].freeze
       BASE_SCOPES = %w[identity contact-phone avatar].freeze
       DEFAULT_SCOPE = 'identity'
       USER_INFO_URL = 'https://login.szn.cz/api/v1/user'
-      IMAGE_SIZE_REGEXP = /(s\d+(-c)?)|(w\d+-h\d+(-c)?)|(w\d+(-c)?)|(h\d+(-c)?)|c/
 
       option :name, 'seznam_cz'
       option :skip_image_info, true
-      option :authorize_options, %i[redirect_uri]
+      option :authorize_options, %i[scope state redirect_uri]
       option :authorized_client_ids, []
 
       option :client_options,
-             site: 'https://login.szn.cz/api/v1/oauth',
-             authorize_url: 'https://login.szn.cz/api/v1/oauth/auth',
-             token_url: '/token'
+             site: 'https://login.szn.cz',
+             authorize_url: '/api/v1/oauth/auth',
+             token_url: '/api/v1/oauth/token',
+             auth_scheme: :request_body
 
       def authorize_params
         super.tap do |params|

data/spec/omniauth/strategies/seznam_cz_spec.rb

@@ -31,15 +31,15 @@ describe OmniAuth::Strategies::SeznamCz do
 
   describe '#client_options' do
     it 'has correct site' do
-      expect(subject.client.site).to eq('https://oauth2.googleapis.com')
+      expect(subject.client.site).to eq('https://login.szn.cz')
     end
 
     it 'has correct authorize_url' do
-      expect(subject.client.options[:authorize_url]).to eq('https://accounts.google.com/o/oauth2/auth')
+      expect(subject.client.options[:authorize_url]).to eq('/api/v1/oauth/auth')
     end
 
     it 'has correct token_url' do
-      expect(subject.client.options[:token_url]).to eq('/token')
+      expect(subject.client.options[:token_url]).to eq('/api/v1/oauth/token')
     end
 
     describe 'overrides' do
@@ -80,13 +80,6 @@ describe OmniAuth::Strategies::SeznamCz do
   end
 
   describe '#authorize_options' do
-    %i[access_type hd login_hint prompt scope state device_id device_name].each do |k|
-      it "should support #{k}" do
-        @options = { k => 'http://someval' }
-        expect(subject.authorize_params[k.to_s]).to eq('http://someval')
-      end
-    end
-
     describe 'redirect_uri' do
       it 'should default to nil' do
         @options = {}
@@ -99,116 +92,24 @@ describe OmniAuth::Strategies::SeznamCz do
       end
     end
 
-    describe 'access_type' do
-      it 'should default to "offline"' do
-        @options = {}
-        expect(subject.authorize_params['access_type']).to eq('offline')
-      end
-
-      it 'should set the access_type parameter if present' do
-        @options = { access_type: 'online' }
-        expect(subject.authorize_params['access_type']).to eq('online')
-      end
-    end
-
-    describe 'hd' do
-      it 'should default to nil' do
-        expect(subject.authorize_params['hd']).to eq(nil)
-      end
-
-      it 'should set the hd (hosted domain) parameter if present' do
-        @options = { hd: 'example.com' }
-        expect(subject.authorize_params['hd']).to eq('example.com')
-      end
-
-      it 'should set the hd parameter and work with nil hd (gmail)' do
-        @options = { hd: nil }
-        expect(subject.authorize_params['hd']).to eq(nil)
-      end
-
-      it 'should set the hd parameter to * if set (only allows G Suite emails)' do
-        @options = { hd: '*' }
-        expect(subject.authorize_params['hd']).to eq('*')
-      end
-    end
-
-    describe 'login_hint' do
-      it 'should default to nil' do
-        expect(subject.authorize_params['login_hint']).to eq(nil)
-      end
-
-      it 'should set the login_hint parameter if present' do
-        @options = { login_hint: 'john@example.com' }
-        expect(subject.authorize_params['login_hint']).to eq('john@example.com')
-      end
-    end
-
-    describe 'prompt' do
-      it 'should default to nil' do
-        expect(subject.authorize_params['prompt']).to eq(nil)
-      end
-
-      it 'should set the prompt parameter if present' do
-        @options = { prompt: 'consent select_account' }
-        expect(subject.authorize_params['prompt']).to eq('consent select_account')
-      end
-    end
-
-    describe 'request_visible_actions' do
-      it 'should default to nil' do
-        expect(subject.authorize_params['request_visible_actions']).to eq(nil)
-      end
-
-      it 'should set the request_visible_actions parameter if present' do
-        @options = { request_visible_actions: 'something' }
-        expect(subject.authorize_params['request_visible_actions']).to eq('something')
-      end
-    end
-
-    describe 'include_granted_scopes' do
-      it 'should default to nil' do
-        expect(subject.authorize_params['include_granted_scopes']).to eq(nil)
-      end
-
-      it 'should set the include_granted_scopes parameter if present' do
-        @options = { include_granted_scopes: 'true' }
-        expect(subject.authorize_params['include_granted_scopes']).to eq('true')
-      end
-    end
-
     describe 'scope' do
-      it 'should expand scope shortcuts' do
-        @options = { scope: 'calendar' }
-        expect(subject.authorize_params['scope']).to eq('https://www.googleapis.com/auth/calendar')
-      end
-
-      it 'should leave base scopes as is' do
-        @options = { scope: 'profile' }
-        expect(subject.authorize_params['scope']).to eq('profile')
-      end
-
       it 'should join scopes' do
         @options = { scope: 'profile,email' }
-        expect(subject.authorize_params['scope']).to eq('profile email')
+        expect(subject.authorize_params['scope']).to eq('profile,email')
       end
 
       it 'should deal with whitespace when joining scopes' do
         @options = { scope: 'profile, email' }
-        expect(subject.authorize_params['scope']).to eq('profile email')
+        expect(subject.authorize_params['scope']).to eq('profile,email')
       end
 
-      it 'should set default scope to email,profile' do
-        expect(subject.authorize_params['scope']).to eq('email profile')
+      it 'should set default scope to identity' do
+        expect(subject.authorize_params['scope']).to eq('identity')
       end
 
       it 'should support space delimited scopes' do
         @options = { scope: 'profile email' }
-        expect(subject.authorize_params['scope']).to eq('profile email')
-      end
-
-      it 'should support extremely badly formed scopes' do
-        @options = { scope: 'profile email,foo,steve yeah http://example.com' }
-        expect(subject.authorize_params['scope']).to eq('profile email https://www.googleapis.com/auth/foo https://www.googleapis.com/auth/steve https://www.googleapis.com/auth/yeah http://example.com')
+        expect(subject.authorize_params['scope']).to eq('profile,email')
       end
     end
 
@@ -238,7 +139,7 @@ describe OmniAuth::Strategies::SeznamCz do
       end
 
       describe 'request overrides' do
-        %i[access_type hd login_hint prompt scope state].each do |k|
+        %i[scope state].each do |k|
           context "authorize option #{k}" do
             let(:request) { double('Request', params: { k.to_s => 'http://example.com' }, cookies: {}, env: {}) }
 
@@ -267,7 +168,6 @@ describe OmniAuth::Strategies::SeznamCz do
       expect(subject.authorize_params['request_visible_actions']).to eq('something')
       expect(subject.authorize_params['foo']).to eq('bar')
       expect(subject.authorize_params['baz']).to eq('zip')
-      expect(subject.authorize_params['hd']).to eq('wow')
       expect(subject.authorize_params['bad']).to eq(nil)
     end
   end
@@ -288,138 +188,4 @@ describe OmniAuth::Strategies::SeznamCz do
       expect(subject.token_params['bad']).to eq(nil)
     end
   end
-
-  describe '#callback_url' do
-    let(:base_url) { 'https://example.com' }
-
-    it 'has the correct default callback path' do
-      allow(subject).to receive(:full_host) { base_url }
-      allow(subject).to receive(:script_name) { '' }
-      expect(subject.send(:callback_url)).to eq(base_url + '/auth/google_oauth2/callback')
-    end
-
-    it 'should set the callback path with script_name if present' do
-      allow(subject).to receive(:full_host) { base_url }
-      allow(subject).to receive(:script_name) { '/v1' }
-      expect(subject.send(:callback_url)).to eq(base_url + '/v1/auth/google_oauth2/callback')
-    end
-
-    it 'should set the callback_path parameter if present' do
-      @options = { callback_path: '/auth/foo/callback' }
-      allow(subject).to receive(:full_host) { base_url }
-      allow(subject).to receive(:script_name) { '' }
-      expect(subject.send(:callback_url)).to eq(base_url + '/auth/foo/callback')
-    end
-  end
-
-  describe '#info' do
-    let(:client) do
-      OAuth2::Client.new('abc', 'def') do |builder|
-        builder.request :url_encoded
-        builder.adapter :test do |stub|
-          stub.get('/oauth2/v3/userinfo') { [200, { 'content-type' => 'application/json' }, response_hash.to_json] }
-        end
-      end
-    end
-    let(:access_token) { OAuth2::AccessToken.from_hash(client, {}) }
-    before { allow(subject).to receive(:access_token).and_return(access_token) }
-
-    context 'with verified email' do
-      let(:response_hash) do
-        { email: 'something@domain.invalid', email_verified: true }
-      end
-
-      it 'should return equal email and unverified_email' do
-        expect(subject.info[:email]).to eq('something@domain.invalid')
-        expect(subject.info[:unverified_email]).to eq('something@domain.invalid')
-      end
-    end
-
-    context 'with unverified email' do
-      let(:response_hash) do
-        { email: 'something@domain.invalid', email_verified: false }
-      end
-
-      it 'should return nil email, and correct unverified email' do
-        expect(subject.info[:email]).to eq(nil)
-        expect(subject.info[:unverified_email]).to eq('something@domain.invalid')
-      end
-    end
-  end
-
-  describe '#extra' do
-    let(:client) do
-      OAuth2::Client.new('abc', 'def') do |builder|
-        builder.request :url_encoded
-        builder.adapter :test do |stub|
-          stub.get('/oauth2/v3/userinfo') { [200, { 'content-type' => 'application/json' }, '{"sub": "12345"}'] }
-        end
-      end
-    end
-    let(:access_token) { OAuth2::AccessToken.from_hash(client, {}) }
-
-    before { allow(subject).to receive(:access_token).and_return(access_token) }
-
-    describe 'id_token' do
-      shared_examples 'id_token issued by valid issuer' do |issuer|
-        context 'when the id_token is passed into the access token' do
-          let(:token_info) do
-            {
-              'abc' => 'xyz',
-              'exp' => Time.now.to_i + 3600,
-              'nbf' => Time.now.to_i - 60,
-              'iat' => Time.now.to_i,
-              'aud' => 'appid',
-              'iss' => issuer
-            }
-          end
-          let(:id_token) { JWT.encode(token_info, 'secret') }
-          let(:access_token) { OAuth2::AccessToken.from_hash(client, 'id_token' => id_token) }
-
-          it 'should include id_token when set on the access_token' do
-            expect(subject.extra).to include(id_token: id_token)
-          end
-
-
-
-          it 'should include id_info when id_token is set on the access_token by default' do
-            expect(subject.extra).to include(id_info: token_info)
-          end
-        end
-      end
-
-      it_behaves_like 'id_token issued by valid issuer', 'accounts.google.com'
-      it_behaves_like 'id_token issued by valid issuer', 'https://accounts.google.com'
-
-      context 'when the id_token is missing' do
-        it 'should not include id_token' do
-          expect(subject.extra).not_to have_key(:id_token)
-        end
-
-        it 'should not include id_info' do
-          expect(subject.extra).not_to have_key(:id_info)
-        end
-      end
-    end
-
-    describe 'raw_info' do
-      context 'when skip_info is true' do
-        before { subject.options[:skip_info] = true }
-
-        it 'should not include raw_info' do
-          expect(subject.extra).not_to have_key(:raw_info)
-        end
-      end
-
-      context 'when skip_info is false' do
-        before { subject.options[:skip_info] = false }
-
-        it 'should include raw_info' do
-          expect(subject.extra[:raw_info]).to eq('sub' => '12345')
-        end
-      end
-    end
-  end
-
-
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: omniauth-seznam-cz
 version: !ruby/object:Gem::Version
-  version: 0.0.1
+  version: 0.1.0
 platform: ruby
 authors:
 - Jan Sterba
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2022-01-02 00:00:00.000000000 Z
+date: 2022-01-03 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: oauth2
@@ -109,6 +109,7 @@ files:
 - Gemfile
 - README.md
 - Rakefile
+- bin/publish-gem.sh
 - lib/omniauth-seznam-cz.rb
 - lib/omniauth/seznam_cz.rb
 - lib/omniauth/seznam_cz/version.rb