omniauth-stripe-connect-v2 1.0.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: 3736e47722dbe9012273102dc574a3d5a634785bb317abdb2b18578ecbf21c9c
+  data.tar.gz: a58dadf99dca266d614eb9b883bc58ca092a66c2a98394adcf1ae9d5c9a94763
+SHA512:
+  metadata.gz: 625fe727bc4b5721c1ffb00ce5dba31580d903c26dee16b6024c17aa3e38862f66df901d43c98e7232eb045a09739a62769dab117b54a3d7ca5d9fbed09e4880
+  data.tar.gz: bbbf96304cf1d86538103cd516fd09441c54030c90d76bcf67af3181ffaa199903f267addcb6aabe0a22415a31d9bc86048336fb48a89b0399f44c9a7e362c8f

data/.gitignore

@@ -0,0 +1,21 @@
+*.gem
+*.rbc
+*.rvmrc
+.ruby-version
+.ruby-gemset
+.bundle
+.config
+.yardoc
+Gemfile.lock
+InstalledFiles
+_yardoc
+coverage
+doc/
+lib/bundler/man
+pkg
+rdoc
+spec_v2/reports
+test/tmp
+test/version_tmp
+tmp
+example

data/Gemfile

@@ -0,0 +1,9 @@
+source 'https://rubygems.org'
+gem 'rake'
+
+# Specify your gem's dependencies in omniauth-stripe-connect.gemspec
+gemspec
+
+group :test do
+  gem 'rspec', '>= 2.14'
+end

data/LICENSE

@@ -0,0 +1,22 @@
+Copyright (c) 2023 Gumroad
+
+MIT License
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -0,0 +1,140 @@
+# OmniAuth::StripeConnectV2
+
+Stripe Connect OAuth2 Strategy for OmniAuth 1.0.
+
+Supports the OAuth 2.0 server-side and client-side flows.
+Read the Stripe Connect docs for more details: https://stripe.com/connect
+
+## Installation
+
+Add this line to your application's Gemfile:
+
+    gem 'omniauth-stripe-connect-v2'
+
+And then execute:
+
+    $ bundle
+
+Or install it yourself as:
+
+    $ gem install omniauth-stripe-connect-v2
+
+## Usage
+
+OmniAuth::Strategies::StripeConnectV2 is simply a Rack middleware. Read the OmniAuth
+1.0 docs for detailed instructions: https://github.com/intridea/omniauth.
+
+### Non-Devise
+Here's a quick example, adding the middleware to a Rails app in
+`config/initializers/omniauth.rb`:
+
+```ruby
+Rails.application.config.middleware.use OmniAuth::Builder do
+  provider :stripe_connect, ENV['STRIPE_CONNECT_CLIENT_ID'], ENV['STRIPE_SECRET']
+end
+```
+
+### Devise
+
+You need to declare the provider in your `config/initializers/devise.rb`:
+
+```ruby
+config.omniauth :stripe_connect, "STRIPE_CONNECT_CLIENT_ID", "STRIPE_SECRET"
+```
+
+You'll also need to add some configuration to your devise model (e.g. User in `app/models/user.rb`) along with any other OmniAuth providers you might have:
+```ruby
+:omniauthable, :omniauth_providers => [:stripe_connect]
+```
+
+### General Usage
+
+Your `STRIPE_CONNECT_CLIENT_ID` is application-specific and your `STRIPE_SECRET` is account-specific and may also be known as your Stripe API key or Stripe Private key.
+
+Edit your `routes.rb` file to have:
+`devise_for :users, :controllers => { :omniauth_callbacks => "omniauth_callbacks" }`
+
+And create a file called `omniauth_callbacks_controller.rb` which should have this inside:
+```ruby
+class OmniauthCallbacksController < Devise::OmniauthCallbacksController
+
+  def stripe_connect
+    # Delete the code inside of this method and write your own.
+    # The code below is to show you where to access the data.
+    raise request.env["omniauth.auth"].to_yaml
+  end
+end
+```
+
+Make sure to go to Stripe's Account Settings > Applications and set your Redirect URL to:
+`http://localhost:3003/users/auth/stripe_connect/callback`
+
+The Webhook URL will be something similar:
+`http://www.yourdomain.com/users/auth/stripe_connect/callback`
+
+Then you can hit `/auth/stripe_connect`
+
+If you hit `/auth/stripe_connect` with any query params, they will be passed along to Stripe. You can access these params from `request.env['omniauth.params']`. Read [Stripe's OAuth Reference](https://stripe.com/docs/connect/reference) for more information.
+
+## Auth Hash
+
+Here is an example of the Auth Hash you get back from calling `request.env['omniauth.auth']`:
+
+```ruby
+{
+  "provider"=>"stripe_connect",
+  "uid"=>"<STRIPE_USER_ID>",
+  "info"=> {
+    "email"=>"email@example.com",
+    "name"=>"Name",
+    "nickname"=>"Nickname",
+    "scope"=>"read_write", # or "read_only"
+    "livemode"=>false,
+    "stripe_publishable_key"=>"<STRIPE_PUBLISHABLE_KEY>",
+  },
+  "credentials"=> {
+    "token"=>"<STRIPE_ACCESS_TOKEN>",
+    "refresh_token"=>"<STRIPE_REFRESH_TOKEN>",
+    "expires"=>false
+  },
+  "extra"=> {
+    "raw_info"=> {
+      "token_type"=>"bearer",
+      "stripe_user_id"=>"<STRIPE_USER_ID>",
+      "scope"=>"read_only",
+      "stripe_publishable_key"=>"<STRIPE_PUBLISHABLE_KEY>",
+      "livemode"=>false
+    },
+    "extra_info"=> {
+      "business_logo"=>"https://stripe.com/business_logo.png",
+      "business_name"=>"Business Name",
+      "business_url"=>"example.com",
+      "charges_enabled"=>true,
+      "country"=>"US",
+      "default_currency"=>"eur",
+      "details_submitted"=>true,
+      "display_name"=>"Business Name",
+      "email"=>"email@example.com",
+      "id"=>"<STRIPE_USER_ID>",
+      "managed"=>false,
+      "object"=>"account",
+      "statement_descriptor"=>"EXAMPLE.COM",
+      "support_email"=>"support@example.com",
+      "support_phone"=>"123456789",
+      "timezone"=>"Europe/Berlin",
+      "transfers_enabled"=>true
+    }
+  }
+}
+```
+
+## Additional Tutorials
+[Stripe Connect in Rails Tutorial](https://web.archive.org/web/20160313043319/http://www.munocreative.com/nerd-notes/winvoice)
+
+## Contributing
+
+1. Fork it
+2. Create your feature branch (`git checkout -b my-new-feature`)
+3. Commit your changes (`git commit -am 'Added some feature'`)
+4. Push to the branch (`git push origin my-new-feature`)
+5. Create new Pull Request

data/Rakefile

@@ -0,0 +1,9 @@
+#!/usr/bin/env rake
+require "bundler/gem_tasks"
+require 'rspec/core/rake_task'
+
+desc 'Default: run specs.'
+task :default => :spec
+
+desc "Run specs"
+RSpec::Core::RakeTask.new

data/lib/omniauth/strategies/stripe_connect_v2.rb

@@ -0,0 +1,100 @@
+require 'omniauth/strategies/oauth2'
+
+module OmniAuth
+  module Strategies
+    class StripeConnectV2 < OmniAuth::Strategies::OAuth2
+      option :name, :stripe_connect_v2
+
+      option :client_options, {
+        :site => 'https://connect.stripe.com'
+      }
+
+      option :authorize_options, [:scope, :stripe_landing, :always_prompt]
+      option :provider_ignores_state, true
+
+      uid { raw_info[:stripe_user_id] }
+
+      info do
+        {
+          :name => extra_info[:display_name] || extra_info[:business_name] || extra_info[:email],
+          :email => extra_info[:email],
+          :nickname => extra_info[:display_name],
+          :scope => raw_info[:scope],
+          :livemode => raw_info[:livemode],
+          :stripe_publishable_key => raw_info[:stripe_publishable_key]
+        }
+      end
+
+      extra do
+        e = {
+          :raw_info => raw_info
+        }
+        e[:extra_info] = extra_info unless skip_info?
+
+        e
+      end
+
+      credentials do
+        hash = {'token' => access_token.token}
+        hash.merge!('refresh_token' => access_token.refresh_token) if access_token.refresh_token
+        hash.merge!('expires_at' => access_token.expires_at) if access_token.expires?
+        hash.merge!('expires' => access_token.expires?)
+        hash
+      end
+
+      def raw_info
+        @raw_info ||= deep_symbolize(access_token.params)
+      end
+
+      def extra_info
+        @extra_info ||= deep_symbolize(access_token.get("https://api.stripe.com/v1/account").parsed)
+      end
+
+      def redirect_params
+        if options.key?(:callback_path) || OmniAuth.config.full_host
+          {:redirect_uri => callback_url}
+        else
+          {}
+        end
+      end
+
+      # NOTE: We call redirect_params AFTER super in these methods intentionally
+      # the OAuth2 strategy uses the authorize_params and token_params methods
+      # to set up some state for testing that we need in redirect_params
+
+      def authorize_params
+        params = super
+        params = params.merge(request_params) unless OmniAuth.config.test_mode
+        redirect_params.merge(params)
+      end
+
+      def token_params
+       params = super.to_hash(:symbolize_keys => true) \
+          .merge(:headers => { 'Authorization' => "Bearer #{client.secret}" })
+
+        redirect_params.merge(params)
+      end
+
+      def callback_url
+        full_host + script_name + callback_path
+      end
+
+      def request_phase
+        redirect client.auth_code.authorize_url(authorize_params)
+      end
+
+      def build_access_token
+        verifier = request.params['code']
+        client.auth_code.get_token(verifier, token_params)
+      end
+
+      def request_params
+        request.params.except(*request_blacklisted_params)
+      end
+
+      def request_blacklisted_params
+        %w(_method)
+      end
+    end
+  end
+end

data/lib/omniauth/stripe_connect_v2.rb

@@ -0,0 +1 @@
+require 'omniauth/strategies/stripe_connect_v2'

data/lib/omniauth-stripe-connect-v2/version.rb

@@ -0,0 +1,5 @@
+module OmniAuth
+  module StripeConnectV2
+    VERSION = "1.0.0"
+  end
+end

data/lib/omniauth-stripe-connect-v2.rb

@@ -0,0 +1,2 @@
+require "omniauth-stripe-connect/version"
+require 'omniauth/stripe_connect'

data/omniauth-stripe-connect-v2.gemspec

@@ -0,0 +1,24 @@
+# -*- encoding: utf-8 -*-
+require File.expand_path('../lib/omniauth-stripe-connect-v2/version', __FILE__)
+
+Gem::Specification.new do |gem|
+  gem.authors       = ["Hide Shidara"]
+  gem.email         = ["hshidaragumroad@gmail.com"]
+  gem.description   = %q{Stripe Connect OAuth2 Strategy for OmniAuth 2.0.}
+  gem.summary       = %q{
+Supports the OAuth 2.0 server-side and client-side flows.
+Read the Stripe Connect docs for more details: https://stripe.com/docs/connect
+}
+  gem.homepage      = "https://stripe.com/docs/connect"
+
+  gem.files         = `git ls-files | grep -v example`.split($\)
+  gem.executables   = gem.files.grep(%r{^bin/}).map{ |f| File.basename(f) }
+  gem.test_files    = gem.files.grep(%r{^(test|spec|features)/})
+  gem.name          = "omniauth-stripe-connect-v2"
+  gem.require_paths = ["lib"]
+  gem.version       = OmniAuth::StripeConnectV2::VERSION
+  gem.license       = "MIT"
+
+  gem.add_dependency 'omniauth', '~> 2.0'
+  gem.add_dependency 'omniauth-oauth2', '~> 1.4'
+end

data/spec_v2/omniauth/strategies/stripe_connect_v2_spec.rb

@@ -0,0 +1,85 @@
+require 'spec_helper'
+
+describe OmniAuth::Strategies::StripeConnectV2 do
+  let(:fresh_strategy) { Class.new(OmniAuth::Strategies::StripeConnectV2) }
+
+
+  before(:each) do
+    OmniAuth.config.test_mode = true
+    @old_host = OmniAuth.config.full_host
+  end
+
+  after(:each) do
+    OmniAuth.config.full_host = @old_host
+    OmniAuth.config.test_mode = false
+  end
+
+  describe '#authorize_params' do
+    subject { fresh_strategy }
+
+    it 'should include redirect_uri if full_host is set' do
+      OmniAuth.config.full_host = 'https://foo.com/'
+      instance = subject.new('abc', 'def')
+
+      instance.authorize_params[:redirect_uri].should =~ /\Ahttps:\/\/foo\.com/
+    end
+
+    it 'should include redirect_uri if callback_path is set' do
+      # TODO: It would be nice to grab this from the request URL
+      # instead of setting it on the config
+      OmniAuth.config.full_host = 'https://foo.com/'
+      instance = subject.new('abc', 'def', :callback_path => 'bar/baz')
+
+      instance.authorize_params[:redirect_uri].should == 'https://foo.com/bar/baz'
+    end
+
+    it 'should not include redirect_uri by default' do
+      instance = subject.new('abc', 'def')
+
+      expect(instance.authorize_params[:redirect_uri]).to be_nil
+    end
+  end
+
+  describe '#token_params' do
+    subject { fresh_strategy }
+
+    # NOTE: We call authorize_params first in each of these methods
+    # since the OAuth2 gem uses it to setup some state for testing
+
+    it 'should include redirect_uri if full_host is set' do
+      OmniAuth.config.full_host = 'https://foo.com/'
+      instance = subject.new('abc', 'def')
+
+      instance.authorize_params
+      instance.token_params[:redirect_uri].should =~ /\Ahttps:\/\/foo\.com/
+    end
+
+    it 'should include redirect_uri if callback_path is set' do
+      # TODO: It would be nice to grab this from the request URL
+      # instead of setting it on the config
+      OmniAuth.config.full_host = 'https://foo.com/'
+      instance = subject.new('abc', 'def', :callback_path => 'bar/baz')
+
+      instance.authorize_params
+      instance.token_params[:redirect_uri].should == 'https://foo.com/bar/baz'
+    end
+
+    it 'should not include redirect_uri by default' do
+      instance = subject.new('abc', 'def')
+
+      instance.authorize_params
+      expect(instance.token_params[:redirect_uri]).to be_nil
+    end
+  end
+
+  describe '#callback_url' do
+    subject { fresh_strategy }
+    OmniAuth.config.full_host = 'https://foo.com/'
+
+    it 'returns a url with the host and path' do
+      instance = subject.new('abc', 'def', :callback_path => 'bar/baz')
+      instance.authorize_params
+      expect(instance.callback_url).to eq 'https://foo.com/bar/baz'
+    end
+  end
+end

data/spec_v2/spec_helper.rb

@@ -0,0 +1,2 @@
+require 'rspec'
+require 'omniauth-stripe-connect-v2'

metadata

@@ -0,0 +1,84 @@
+--- !ruby/object:Gem::Specification
+name: omniauth-stripe-connect-v2
+version: !ruby/object:Gem::Version
+  version: 1.0.0
+platform: ruby
+authors:
+- Hide Shidara
+autorequire:
+bindir: bin
+cert_chain: []
+date: 2023-07-04 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: omniauth
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.0'
+- !ruby/object:Gem::Dependency
+  name: omniauth-oauth2
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.4'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.4'
+description: Stripe Connect OAuth2 Strategy for OmniAuth 2.0.
+email:
+- hshidaragumroad@gmail.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- ".gitignore"
+- Gemfile
+- LICENSE
+- README.md
+- Rakefile
+- lib/omniauth-stripe-connect-v2.rb
+- lib/omniauth-stripe-connect-v2/version.rb
+- lib/omniauth/strategies/stripe_connect_v2.rb
+- lib/omniauth/stripe_connect_v2.rb
+- omniauth-stripe-connect-v2.gemspec
+- spec_v2/omniauth/strategies/stripe_connect_v2_spec.rb
+- spec_v2/spec_helper.rb
+homepage: https://stripe.com/docs/connect
+licenses:
+- MIT
+metadata: {}
+post_install_message:
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubygems_version: 3.4.10
+signing_key:
+specification_version: 4
+summary: 'Supports the OAuth 2.0 server-side and client-side flows. Read the Stripe
+  Connect docs for more details: https://stripe.com/docs/connect'
+test_files: []