omniauth-swagger 0.1.2 → 0.1.3
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/examples/.gitignore +1 -1
- data/examples/Gemfile +0 -1
- data/examples/app.rb +26 -30
- data/examples/harvest.json +39 -0
- data/examples/providers.yml.sample +16 -0
- data/lib/omniauth/strategies/swagger.rb +59 -26
- data/lib/omniauth/swagger/default_provider_lookup.rb +41 -0
- data/lib/omniauth/swagger/oauth2_definition.rb +26 -7
- data/lib/omniauth/swagger/provider_defaults.rb +17 -0
- data/lib/omniauth/swagger/providers.yml +11 -0
- data/lib/omniauth/swagger/version.rb +1 -1
- data/omniauth-swagger.gemspec +1 -1
- metadata +10 -5
- data/examples/providers.netrc.sample +0 -9
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: c266f0f11e17f0aeb7f34f1b3f2971ef18206ffa
|
|
4
|
+
data.tar.gz: 0f9c87ee827001095f6b367bc38a44735dc0c97f
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: d87d183a03d750de7271d8d779ba6f639417f77074c0cc1e0e73bdbb4da598c2d6e2ca22cf1821123029d5ed0bf1f5c891a4da319e74f8626c514a870beb329f
|
|
7
|
+
data.tar.gz: 7b16a79d6f61e3647591941afe6060e2ca74418b6ec735da239fedc9b3cdad0f98f82ff8dc46594623c9866deff0400c3b21cb70db22cf919965ce99a10c715a
|
data/examples/.gitignore
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
providers.
|
|
1
|
+
providers.yml
|
data/examples/Gemfile
CHANGED
data/examples/app.rb
CHANGED
|
@@ -1,49 +1,37 @@
|
|
|
1
1
|
require 'sinatra'
|
|
2
2
|
require 'omniauth-swagger'
|
|
3
3
|
require 'pry'
|
|
4
|
-
|
|
4
|
+
|
|
5
|
+
# Callback URL will look like this: http://localhost:4567/auth/swagger/callback
|
|
5
6
|
|
|
6
7
|
# Store client_id as the login, secret as password
|
|
7
|
-
|
|
8
|
+
providers_config = YAML.load_file(File.join(File.dirname(__FILE__), "providers.yml"))
|
|
9
|
+
providers_config.keys.each do |key|
|
|
10
|
+
providers_config[key][:uri] = File.join(File.dirname(__FILE__), "#{key}.json")
|
|
11
|
+
end
|
|
8
12
|
|
|
9
13
|
configure do
|
|
10
14
|
enable :sessions
|
|
11
15
|
|
|
12
16
|
use OmniAuth::Builder do
|
|
13
|
-
|
|
14
|
-
|
|
15
|
-
|
|
16
|
-
|
|
17
|
-
|
|
18
|
-
scope: 'user',
|
|
19
|
-
uid: "get_user#id"
|
|
20
|
-
},
|
|
21
|
-
slack: {
|
|
22
|
-
uri: File.join(File.dirname(__FILE__), 'slack.json'),
|
|
23
|
-
client_id: n['slack'][0],
|
|
24
|
-
client_secret: n['slack'][1],
|
|
25
|
-
scope: 'identity',
|
|
26
|
-
uid: "test_auth#user_id"
|
|
27
|
-
},
|
|
28
|
-
stripe_connect: {
|
|
29
|
-
uri: File.join(File.dirname(__FILE__), 'stripe_connect.json'),
|
|
30
|
-
client_id: n['stripe_connect'][0],
|
|
31
|
-
client_secret: n['stripe_connect'][1],
|
|
32
|
-
uid: { param: "stripe_user_id" }
|
|
33
|
-
}
|
|
34
|
-
}
|
|
17
|
+
providers_config = YAML.load_file(File.join(File.dirname(__FILE__), "providers.yml"))
|
|
18
|
+
providers_config.keys.each do |key|
|
|
19
|
+
providers_config[key][:uri] = File.join(File.dirname(__FILE__), "#{key}.json")
|
|
20
|
+
end
|
|
21
|
+
provider :swagger, providers: providers_config
|
|
35
22
|
end
|
|
36
23
|
end
|
|
37
24
|
|
|
38
25
|
get '/' do
|
|
26
|
+
links = providers_config.keys.map do |key|
|
|
27
|
+
<<-HTML
|
|
28
|
+
<li><a href="/auth/swagger?provider=#{key}">#{key}</a></li>
|
|
29
|
+
HTML
|
|
30
|
+
end
|
|
39
31
|
<<-HTML
|
|
40
32
|
<html>
|
|
41
33
|
<body>
|
|
42
|
-
<ol>
|
|
43
|
-
<li><a href="/auth/swagger?provider=github">Github</a></li>
|
|
44
|
-
<li><a href="/auth/swagger?provider=slack">Slack</a></li>
|
|
45
|
-
<li><a href="/auth/swagger?provider=stripe_connect">Stripe Connect</a></li>
|
|
46
|
-
</ol>
|
|
34
|
+
<ol> #{links.join} </ol>
|
|
47
35
|
</body>
|
|
48
36
|
</html>
|
|
49
37
|
HTML
|
|
@@ -55,7 +43,15 @@ get '/auth/:provider/callback' do
|
|
|
55
43
|
<html>
|
|
56
44
|
<body>
|
|
57
45
|
Provider: #{params['provider']}<br>
|
|
58
|
-
UID: #{auth['uid']}
|
|
46
|
+
UID: #{auth['uid']}<br>
|
|
47
|
+
Token: #{auth['credentials']['token']}<br>
|
|
48
|
+
Secret: #{auth['credentials']['token']}<br>
|
|
49
|
+
Expires: #{auth['credentials']['expires']}<br>
|
|
50
|
+
Expires At: #{auth['credentials']['expires_at']}<br>
|
|
51
|
+
Raw Info:<br>
|
|
52
|
+
<pre>
|
|
53
|
+
#{auth["extra"]["raw_info"]}
|
|
54
|
+
</pre>
|
|
59
55
|
</body>
|
|
60
56
|
</html>
|
|
61
57
|
HTML
|
|
@@ -0,0 +1,39 @@
|
|
|
1
|
+
{
|
|
2
|
+
"swagger": "2.0",
|
|
3
|
+
|
|
4
|
+
"info": {
|
|
5
|
+
"title": "Mandrill",
|
|
6
|
+
"version": "1.0"
|
|
7
|
+
},
|
|
8
|
+
|
|
9
|
+
"x-base-host": "harvestapp.com",
|
|
10
|
+
|
|
11
|
+
"basePath": "/",
|
|
12
|
+
|
|
13
|
+
"schemes": ["https"],
|
|
14
|
+
|
|
15
|
+
"produces": ["application/json", "application/xml"],
|
|
16
|
+
|
|
17
|
+
"securityDefinitions": {
|
|
18
|
+
"oauth2": {
|
|
19
|
+
"type": "oauth2",
|
|
20
|
+
"flow": "accessCode",
|
|
21
|
+
"authorizationUrl": "/oauth2/authorize",
|
|
22
|
+
"tokenUrl": "/oauth2/token",
|
|
23
|
+
"scopes": {}
|
|
24
|
+
}
|
|
25
|
+
},
|
|
26
|
+
|
|
27
|
+
"security": {
|
|
28
|
+
"oauth2": []
|
|
29
|
+
},
|
|
30
|
+
|
|
31
|
+
"paths": {
|
|
32
|
+
"/account/who_am_i": {
|
|
33
|
+
"get": {
|
|
34
|
+
"summary": "User and account information for current user",
|
|
35
|
+
"operationId": "whoAmI"
|
|
36
|
+
}
|
|
37
|
+
}
|
|
38
|
+
}
|
|
39
|
+
}
|
|
@@ -0,0 +1,16 @@
|
|
|
1
|
+
---
|
|
2
|
+
github:
|
|
3
|
+
client_id: GITHUB_CLIENT_ID
|
|
4
|
+
client_secret: GITHUB_CLIENT_SECRET
|
|
5
|
+
scope: user
|
|
6
|
+
slack:
|
|
7
|
+
client_id: SLACK_CLIENT_ID
|
|
8
|
+
client_secret: SLACK_CLIENT_SECRET
|
|
9
|
+
scope: identity
|
|
10
|
+
stripe_connect:
|
|
11
|
+
client_id: STRIPE_CONNECT_CLIENT_ID
|
|
12
|
+
client_secret: STRIPE_CONNECT_CLIENT_SECRET
|
|
13
|
+
harvest
|
|
14
|
+
client_id: HARVEST_CLIENT_ID
|
|
15
|
+
client_secret: HARVEST_CLIENT_SECRET
|
|
16
|
+
subdomain: HARVEST_SUBDOMAIN
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
require 'omniauth-oauth2'
|
|
2
|
-
require 'open-uri'
|
|
3
2
|
require 'omniauth/swagger/oauth2_definition'
|
|
3
|
+
require 'omniauth/swagger/default_provider_lookup'
|
|
4
4
|
require 'diesel'
|
|
5
5
|
|
|
6
6
|
module OmniAuth
|
|
@@ -8,7 +8,15 @@ module OmniAuth
|
|
|
8
8
|
|
|
9
9
|
class Swagger < OmniAuth::Strategies::OAuth2
|
|
10
10
|
|
|
11
|
-
|
|
11
|
+
OPTION_UID = 'uid'.freeze
|
|
12
|
+
OPTION_UID_API = 'api'.freeze
|
|
13
|
+
OPTION_UID_PARAM = 'param'.freeze
|
|
14
|
+
OPTION_SPECIFICATION = 'specification'.freeze
|
|
15
|
+
OPTION_SUBDOMAIN = 'subdomain'.freeze
|
|
16
|
+
|
|
17
|
+
option :providers, nil
|
|
18
|
+
option :provider_lookup, nil
|
|
19
|
+
option :provider_param, 'provider'
|
|
12
20
|
|
|
13
21
|
def setup_phase
|
|
14
22
|
load_definition
|
|
@@ -32,45 +40,75 @@ module OmniAuth
|
|
|
32
40
|
|
|
33
41
|
def callback_url
|
|
34
42
|
url = super
|
|
35
|
-
url + (url.index('?') ? '&' : '?') + "
|
|
43
|
+
url + (url.index('?') ? '&' : '?') + "#{options[:provider_param]}=#{provider_name}"
|
|
36
44
|
end
|
|
37
45
|
|
|
38
46
|
uid do
|
|
39
|
-
|
|
40
|
-
|
|
41
|
-
|
|
42
|
-
|
|
43
|
-
|
|
44
|
-
|
|
47
|
+
if uid_api
|
|
48
|
+
operation, key = uid_api.split('#')
|
|
49
|
+
value = key.split('.').reduce(raw_info) { |memo, key| memo[key] }
|
|
50
|
+
value.to_s
|
|
51
|
+
else
|
|
52
|
+
uid_option = provider_options[OPTION_UID]
|
|
53
|
+
if uid_option[OPTION_UID_PARAM]
|
|
54
|
+
access_token.params[uid_option[OPTION_UID_PARAM]]
|
|
45
55
|
else
|
|
46
56
|
raise "Unsupported UID option: #{uid_option.inspect}"
|
|
47
57
|
end
|
|
48
|
-
else
|
|
49
|
-
uid_from_api(uid_option)
|
|
50
58
|
end
|
|
51
59
|
end
|
|
52
60
|
|
|
61
|
+
extra do
|
|
62
|
+
{ "raw_info" => raw_info }
|
|
63
|
+
end
|
|
64
|
+
|
|
53
65
|
protected
|
|
66
|
+
def provider_name
|
|
67
|
+
@provider_name ||= request.params[options[:provider_param]].to_sym
|
|
68
|
+
end
|
|
69
|
+
|
|
54
70
|
def provider_options
|
|
55
|
-
@provider_options ||=
|
|
71
|
+
@provider_options ||= provider_lookup.get(provider_name, env)
|
|
56
72
|
end
|
|
57
73
|
|
|
58
|
-
def
|
|
59
|
-
|
|
60
|
-
|
|
74
|
+
def provider_lookup
|
|
75
|
+
@provider_lookup ||= begin
|
|
76
|
+
if lookup_opt = options[:provider_lookup]
|
|
77
|
+
if lookup_opt.kind_of? Class
|
|
78
|
+
lookup_opt.new
|
|
79
|
+
else
|
|
80
|
+
lookup_opt
|
|
81
|
+
end
|
|
82
|
+
else
|
|
83
|
+
OmniAuth::Swagger::DefaultProviderLookup.new(options[:providers])
|
|
84
|
+
end
|
|
85
|
+
end
|
|
86
|
+
end
|
|
87
|
+
|
|
88
|
+
def uid_api
|
|
89
|
+
opt = provider_options[OPTION_UID]
|
|
90
|
+
opt.kind_of?(Hash) ? opt[OPTION_UID_API] : opt
|
|
61
91
|
end
|
|
62
92
|
|
|
63
93
|
def raw_info
|
|
64
|
-
|
|
65
|
-
|
|
66
|
-
|
|
67
|
-
|
|
94
|
+
if uid_api
|
|
95
|
+
api_options = {@definition.oauth2_key => {token: access_token.token}}
|
|
96
|
+
if provider_options[OPTION_SUBDOMAIN]
|
|
97
|
+
api_options[:subdomain] = provider_options[OPTION_SUBDOMAIN]
|
|
98
|
+
end
|
|
99
|
+
api_class = Diesel.build_api(specification)
|
|
100
|
+
api = api_class.new(api_options)
|
|
101
|
+
operation, key = uid_api.split('#')
|
|
102
|
+
api.__send__(operation, {})
|
|
103
|
+
else
|
|
104
|
+
{}
|
|
105
|
+
end
|
|
68
106
|
end
|
|
69
107
|
|
|
70
108
|
def load_definition
|
|
71
109
|
specification.security_definitions.each_pair do |name, definition|
|
|
72
110
|
if definition.type == 'oauth2'
|
|
73
|
-
@definition = OmniAuth::Swagger::OAuth2Definition.new(definition, provider_options)
|
|
111
|
+
@definition = OmniAuth::Swagger::OAuth2Definition.new(definition, specification, provider_options)
|
|
74
112
|
end
|
|
75
113
|
end
|
|
76
114
|
nil
|
|
@@ -81,12 +119,7 @@ module OmniAuth
|
|
|
81
119
|
end
|
|
82
120
|
|
|
83
121
|
def load_specification
|
|
84
|
-
|
|
85
|
-
spec = nil
|
|
86
|
-
open(uri) do |f|
|
|
87
|
-
spec = Diesel::Swagger::Parser.new.parse(f)
|
|
88
|
-
end
|
|
89
|
-
spec
|
|
122
|
+
provider_options[OPTION_SPECIFICATION].call
|
|
90
123
|
end
|
|
91
124
|
|
|
92
125
|
end
|
|
@@ -0,0 +1,41 @@
|
|
|
1
|
+
require 'omniauth/swagger/provider_defaults'
|
|
2
|
+
require 'open-uri'
|
|
3
|
+
|
|
4
|
+
module OmniAuth
|
|
5
|
+
module Swagger
|
|
6
|
+
|
|
7
|
+
class DefaultProviderLookup
|
|
8
|
+
include ProviderDefaults
|
|
9
|
+
|
|
10
|
+
OPTION_URI = 'uri'.freeze
|
|
11
|
+
|
|
12
|
+
def initialize(providers_config)
|
|
13
|
+
@config = providers_config
|
|
14
|
+
end
|
|
15
|
+
|
|
16
|
+
def get(provider_name, env)
|
|
17
|
+
defaults = provider_defaults[provider_name] || {}
|
|
18
|
+
if cfg = @config[provider_name]
|
|
19
|
+
opts = defaults.merge(cfg)
|
|
20
|
+
configure_spec_loader(opts)
|
|
21
|
+
opts
|
|
22
|
+
else
|
|
23
|
+
defaults
|
|
24
|
+
end
|
|
25
|
+
end
|
|
26
|
+
|
|
27
|
+
protected
|
|
28
|
+
def configure_spec_loader(opts)
|
|
29
|
+
uri = opts.delete(OPTION_URI)
|
|
30
|
+
opts[OmniAuth::Strategies::Swagger::OPTION_SPECIFICATION] = Proc.new{
|
|
31
|
+
spec = nil
|
|
32
|
+
open(uri) do |f|
|
|
33
|
+
spec = Diesel::Swagger::Parser.new.parse(f)
|
|
34
|
+
end
|
|
35
|
+
spec
|
|
36
|
+
}
|
|
37
|
+
end
|
|
38
|
+
end
|
|
39
|
+
|
|
40
|
+
end
|
|
41
|
+
end
|
|
@@ -3,18 +3,25 @@ module OmniAuth
|
|
|
3
3
|
|
|
4
4
|
class OAuth2Definition
|
|
5
5
|
|
|
6
|
+
OPTION_CLIENT_ID = 'client_id'.freeze
|
|
7
|
+
OPTION_CLIENT_SECRET = 'client_secret'.freeze
|
|
8
|
+
OPTION_AUTHORIZE_URL = 'authorize_url'.freeze
|
|
9
|
+
OPTION_TOKEN_URL = 'token_url'.freeze
|
|
10
|
+
OPTION_SCOPE = 'scope'.freeze
|
|
11
|
+
OPTION_SUBDOMAIN = 'subdomain'.freeze
|
|
12
|
+
|
|
6
13
|
attr_reader :client_id, :client_secret, :client_options
|
|
7
14
|
|
|
8
|
-
def initialize(security_def, options)
|
|
9
|
-
@security_def, @options = security_def, options
|
|
15
|
+
def initialize(security_def, spec, options)
|
|
16
|
+
@security_def, @spec, @options = security_def, spec, options
|
|
10
17
|
end
|
|
11
18
|
|
|
12
19
|
def load_options(options)
|
|
13
|
-
options[:client_id] = @options[
|
|
14
|
-
options[:client_secret] = @options[
|
|
15
|
-
options[:client_options][
|
|
16
|
-
options[:client_options][
|
|
17
|
-
options[:scope] = @options[
|
|
20
|
+
options[:client_id] = @options[OPTION_CLIENT_ID]
|
|
21
|
+
options[:client_secret] = @options[OPTION_CLIENT_SECRET]
|
|
22
|
+
options[:client_options][OPTION_AUTHORIZE_URL] = prepare_url(@security_def.authorization_url)
|
|
23
|
+
options[:client_options][OPTION_TOKEN_URL] = prepare_url(@security_def.token_url)
|
|
24
|
+
options[:scope] = @options[OPTION_SCOPE]
|
|
18
25
|
end
|
|
19
26
|
|
|
20
27
|
def oauth2_key
|
|
@@ -28,6 +35,18 @@ module OmniAuth
|
|
|
28
35
|
def authorize_params
|
|
29
36
|
@security_def.extensions[:authorize_parameters]
|
|
30
37
|
end
|
|
38
|
+
|
|
39
|
+
protected
|
|
40
|
+
|
|
41
|
+
def prepare_url(url)
|
|
42
|
+
if (base_host = @spec.extensions[:base_host]) &&
|
|
43
|
+
(subdomain = @options[OPTION_SUBDOMAIN]) &&
|
|
44
|
+
!url.match(/^https?\/\//)
|
|
45
|
+
"https://#{subdomain}.#{base_host}#{url}"
|
|
46
|
+
else
|
|
47
|
+
url
|
|
48
|
+
end
|
|
49
|
+
end
|
|
31
50
|
end
|
|
32
51
|
|
|
33
52
|
end
|
|
@@ -0,0 +1,17 @@
|
|
|
1
|
+
require 'yaml'
|
|
2
|
+
|
|
3
|
+
module OmniAuth
|
|
4
|
+
module Swagger
|
|
5
|
+
|
|
6
|
+
module ProviderDefaults
|
|
7
|
+
def provider_defaults
|
|
8
|
+
@provider_defaults ||= YAML.load_file(defaults_file)
|
|
9
|
+
end
|
|
10
|
+
|
|
11
|
+
def defaults_file
|
|
12
|
+
File.join(File.dirname(__FILE__), 'providers.yml')
|
|
13
|
+
end
|
|
14
|
+
end
|
|
15
|
+
|
|
16
|
+
end
|
|
17
|
+
end
|
data/omniauth-swagger.gemspec
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: omniauth-swagger
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.1.
|
|
4
|
+
version: 0.1.3
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Calvin Yu
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: exe
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2015-
|
|
11
|
+
date: 2015-11-04 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: bundler
|
|
@@ -58,14 +58,14 @@ dependencies:
|
|
|
58
58
|
requirements:
|
|
59
59
|
- - ">="
|
|
60
60
|
- !ruby/object:Gem::Version
|
|
61
|
-
version: 0.1.
|
|
61
|
+
version: 0.1.5
|
|
62
62
|
type: :runtime
|
|
63
63
|
prerelease: false
|
|
64
64
|
version_requirements: !ruby/object:Gem::Requirement
|
|
65
65
|
requirements:
|
|
66
66
|
- - ">="
|
|
67
67
|
- !ruby/object:Gem::Version
|
|
68
|
-
version: 0.1.
|
|
68
|
+
version: 0.1.5
|
|
69
69
|
description: Uses a spec's security definition information to build the oauth2 strategy
|
|
70
70
|
email:
|
|
71
71
|
- me@sourcebender.com
|
|
@@ -88,13 +88,17 @@ files:
|
|
|
88
88
|
- examples/Gemfile.lock
|
|
89
89
|
- examples/app.rb
|
|
90
90
|
- examples/github.json
|
|
91
|
-
- examples/
|
|
91
|
+
- examples/harvest.json
|
|
92
|
+
- examples/providers.yml.sample
|
|
92
93
|
- examples/slack.json
|
|
93
94
|
- examples/stripe_connect.json
|
|
94
95
|
- lib/omniauth-swagger.rb
|
|
95
96
|
- lib/omniauth/strategies/swagger.rb
|
|
96
97
|
- lib/omniauth/swagger.rb
|
|
98
|
+
- lib/omniauth/swagger/default_provider_lookup.rb
|
|
97
99
|
- lib/omniauth/swagger/oauth2_definition.rb
|
|
100
|
+
- lib/omniauth/swagger/provider_defaults.rb
|
|
101
|
+
- lib/omniauth/swagger/providers.yml
|
|
98
102
|
- lib/omniauth/swagger/version.rb
|
|
99
103
|
- omniauth-swagger.gemspec
|
|
100
104
|
homepage: http://github.com/incominghq/omniauth-swagger
|
|
@@ -122,3 +126,4 @@ signing_key:
|
|
|
122
126
|
specification_version: 4
|
|
123
127
|
summary: OmniAuth strategy for authenticating from Swagger specifications
|
|
124
128
|
test_files: []
|
|
129
|
+
has_rdoc:
|