omniauth-stripe-connect 2.2.0 → 2.3.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: c53f51f69f299d64286948df5aaa531558368bbb
+  data.tar.gz: 276f6ecc06181e31af0dd72d232a58158c8d8a25
+SHA512:
+  metadata.gz: 6ad3c0a7cc75cdc97606be199786dcefa1dec2c8cf0c3ccf71133ad542467a8a1a8e0675f4a4e60e873c110eb2154437868b652a15c55cfa03669399347ac65f
+  data.tar.gz: ff36566a2298eb57a9be768291f3e058fdcf76cf4db7c6877759b4bea6edcdb15900bb2d601ac02a093f54d9d2a8dbc34cd59208d9b9838d9288c8580a94986f

data/Gemfile

@@ -3,3 +3,7 @@ gem 'rake'
 
 # Specify your gem's dependencies in omniauth-stripe-connect.gemspec
 gemspec
+
+group :test do
+  gem 'rspec', '>= 2.14'
+end

data/README.md

@@ -35,13 +35,34 @@ end
 
 Your `STRIPE_CONNECT_CLIENT_ID` is application-specific and your `STRIPE_SECRET` is account-specific and may also be known as your Stripe API key or Stripe Private key.
 
+Edit your routes.rb file to have:
+`devise_for :users, :controllers => { :omniauth_callbacks => "omniauth_callbacks" }`
+
+And create a file called `omniauth_callbacks_controller.rb` which should have this inside:
+```ruby
+class OmniauthCallbacksController < Devise::OmniauthCallbacksController
+
+  def stripe_connect
+    # Delete the code inside of this method and write your own.
+    # The code below is to show you where to access the data.
+    raise request.env["omniauth.auth"].to_yaml
+  end
+end
+```
+
+Make sure to go to Stripe's Account Settings > Applications and set your Redirect URL to:
+`http://localhost:3003/users/auth/stripe_connect/callback`
+
+The Webhook URL will be something similar:
+`http://www.yourdomain.com/users/auth/stripe_connect/callback`
+
 Then you can hit `/auth/stripe_connect`
 
 If you hit `/auth/stripe_connect` with any query params, they will be passed along to Stripe. Read [Stripe's OAuth Reference](https://stripe.com/docs/connect/reference) for more information.
 
 ### Ruby on Rails apps with Devise
 
-After setting up Devise to use OmniAuth, you only need to add the following line of code to handle the OAuth2 part of Stripe Connect.
+After setting up Devise to use OmniAuth, you only need to add the following line of code to handle the OAuth2 part of Stripe Connect. Since this Devise initializer code takes care of OmniAuth, do not use a separate OmniAuth initializer.
 
 ```ruby
 # Put this in config/initializers/devise.rb with the rest of your Devise configuration

data/Rakefile

@@ -1,2 +1,9 @@
 #!/usr/bin/env rake
 require "bundler/gem_tasks"
+require 'rspec/core/rake_task'
+
+desc 'Default: run specs.'
+task :default => :spec
+
+desc "Run specs"
+RSpec::Core::RakeTask.new

data/lib/omniauth-stripe-connect/version.rb

@@ -1,5 +1,5 @@
 module OmniAuth
   module StripeConnect
-    VERSION = "2.2.0"
+    VERSION = "2.3.0"
   end
 end

data/lib/omniauth/strategies/stripe_connect.rb

@@ -32,18 +32,38 @@ module OmniAuth
         @raw_info ||= deep_symbolize(access_token.params)
       end
 
+      def redirect_params
+        if options.key?(:callback_path) || OmniAuth.config.full_host
+          {:redirect_uri => callback_url}
+        else
+          {}
+        end
+      end
+
+      # NOTE: We call redirect_params AFTER super in these methods intentionally
+      # the OAuth2 strategy uses the authorize_params and token_params methods
+      # to set up some state for testing that we need in redirect_params
+
+      def authorize_params
+        params = super
+        params = params.merge(request.params) unless OmniAuth.config.test_mode
+        redirect_params.merge(params)
+      end
+
+      def token_params
+       params = super.to_hash(:symbolize_keys => true) \
+          .merge(:headers => { 'Authorization' => "Bearer #{client.secret}" })
+
+        redirect_params.merge(params)
+      end
+
       def request_phase
-        redirect client.auth_code.authorize_url({:redirect_uri => callback_url}.merge(authorize_params.merge(request.params)))
+        redirect client.auth_code.authorize_url(authorize_params)
       end
 
       def build_access_token
-        headers = {
-          :headers => {
-            'Authorization' => "Bearer #{client.secret}"
-          }
-        }
         verifier = request.params['code']
-        client.auth_code.get_token(verifier, {:redirect_uri => callback_url}.merge(token_params.to_hash(:symbolize_keys => true)).merge(headers))
+        client.auth_code.get_token(verifier, token_params)
       end
     end
   end

data/spec/omniauth/strategies/stripe_connect_spec.rb

@@ -0,0 +1,74 @@
+require 'spec_helper'
+
+describe OmniAuth::Strategies::StripeConnect do
+  let(:fresh_strategy){ Class.new(OmniAuth::Strategies::StripeConnect) }
+
+
+  before(:each) do
+    OmniAuth.config.test_mode = true
+    @old_host = OmniAuth.config.full_host
+  end
+
+  after(:each) do
+    OmniAuth.config.full_host = @old_host
+    OmniAuth.config.test_mode = false
+  end
+
+  describe '#authorize_params' do
+    subject { fresh_strategy }
+
+    it 'should include redirect_uri if full_host is set' do
+      OmniAuth.config.full_host = 'https://foo.com/'
+      instance = subject.new('abc', 'def')
+
+      instance.authorize_params[:redirect_uri].should =~ /\Ahttps:\/\/foo\.com/
+    end
+
+    it 'should include redirect_uri if callback_path is set' do
+      # TODO: It would be nice to grab this from the request URL
+      # instead of setting it on the config
+      OmniAuth.config.full_host = 'https://foo.com/'
+      instance = subject.new('abc', 'def', :callback_path => 'bar/baz')
+
+      instance.authorize_params[:redirect_uri].should == 'https://foo.com/bar/baz'
+    end
+
+    it 'should not include redirect_uri by default' do
+      instance = subject.new('abc', 'def')
+
+      expect(instance.authorize_params[:redirect_uri]).to be_nil
+    end
+  end
+
+  describe '#token_params' do
+    subject { fresh_strategy }
+
+    # NOTE: We call authorize_params first in each of these methods
+    # since the OAuth2 gem uses it to setup some state for testing
+
+    it 'should include redirect_uri if full_host is set' do
+      OmniAuth.config.full_host = 'https://foo.com/'
+      instance = subject.new('abc', 'def')
+
+      instance.authorize_params
+      instance.token_params[:redirect_uri].should =~ /\Ahttps:\/\/foo\.com/
+    end
+
+    it 'should include redirect_uri if callback_path is set' do
+      # TODO: It would be nice to grab this from the request URL
+      # instead of setting it on the config
+      OmniAuth.config.full_host = 'https://foo.com/'
+      instance = subject.new('abc', 'def', :callback_path => 'bar/baz')
+
+      instance.authorize_params
+      instance.token_params[:redirect_uri].should == 'https://foo.com/bar/baz'
+    end
+
+    it 'should not include redirect_uri by default' do
+      instance = subject.new('abc', 'def')
+
+      instance.authorize_params
+      expect(instance.token_params[:redirect_uri]).to be_nil
+    end
+  end
+end

data/spec/spec_helper.rb

@@ -0,0 +1,2 @@
+require 'rspec'
+require 'omniauth-stripe-connect'

metadata

@@ -1,20 +1,18 @@
 --- !ruby/object:Gem::Specification
 name: omniauth-stripe-connect
 version: !ruby/object:Gem::Version
-  version: 2.2.0
-  prerelease: 
+  version: 2.3.0
 platform: ruby
 authors:
 - Isaac Sanders
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2013-01-02 00:00:00.000000000 Z
+date: 2013-09-19 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: omniauth
   requirement: !ruby/object:Gem::Requirement
-    none: false
     requirements:
     - - ~>
       - !ruby/object:Gem::Version
@@ -22,7 +20,6 @@ dependencies:
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
-    none: false
     requirements:
     - - ~>
       - !ruby/object:Gem::Version
@@ -30,17 +27,15 @@ dependencies:
 - !ruby/object:Gem::Dependency
   name: omniauth-oauth2
   requirement: !ruby/object:Gem::Requirement
-    none: false
     requirements:
-    - - ! '>='
+    - - '>='
       - !ruby/object:Gem::Version
         version: 1.0.3
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
-    none: false
     requirements:
-    - - ! '>='
+    - - '>='
       - !ruby/object:Gem::Version
         version: 1.0.3
 description: Stripe Connect OAuth2 Strategy for OmniAuth 1.0.
@@ -60,35 +55,32 @@ files:
 - lib/omniauth/strategies/stripe_connect.rb
 - lib/omniauth/stripe_connect.rb
 - omniauth-stripe-connect.gemspec
+- spec/omniauth/strategies/stripe_connect_spec.rb
+- spec/spec_helper.rb
 homepage: https://stripe.com/docs/connect
 licenses: []
+metadata: {}
 post_install_message: 
 rdoc_options: []
 require_paths:
 - lib
 required_ruby_version: !ruby/object:Gem::Requirement
-  none: false
   requirements:
-  - - ! '>='
+  - - '>='
     - !ruby/object:Gem::Version
       version: '0'
-      segments:
-      - 0
-      hash: 3075695850396348084
 required_rubygems_version: !ruby/object:Gem::Requirement
-  none: false
   requirements:
-  - - ! '>='
+  - - '>='
     - !ruby/object:Gem::Version
       version: '0'
-      segments:
-      - 0
-      hash: 3075695850396348084
 requirements: []
 rubyforge_project: 
-rubygems_version: 1.8.24
+rubygems_version: 2.0.3
 signing_key: 
-specification_version: 3
-summary: ! 'Supports the OAuth 2.0 server-side and client-side flows. Read the Stripe
+specification_version: 4
+summary: 'Supports the OAuth 2.0 server-side and client-side flows. Read the Stripe
   Connect docs for more details: https://stripe.com/docs/connect'
-test_files: []
+test_files:
+- spec/omniauth/strategies/stripe_connect_spec.rb
+- spec/spec_helper.rb