omniauth-telegram 0.2.0 → 0.2.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.github/workflows/build.yaml +21 -0
- data/.gitignore +1 -0
- data/.ruby-version +1 -0
- data/CHANGELOG.md +5 -0
- data/Gemfile +2 -0
- data/Gemfile.lock +4 -2
- data/lib/omniauth/strategies/telegram.rb +30 -24
- data/lib/omniauth/telegram/version.rb +1 -1
- metadata +8 -6
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: e7a6840649262f7c541cb7d5874c0fdc6903a7bff13cedae8677f0199babc247
|
4
|
+
data.tar.gz: 3235f56261bf529536361492fbc614764467a9a4a4eae6cf14763916a867b425
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: d9b0a49b715999609a482c7df16c9b26d1c6ef1bbda0a4f605627c08b020ee0a3e88143035755be7db32106001e1b9cfd13230041a9445bfffa50462db59cfb1
|
7
|
+
data.tar.gz: a40fce3cb58c390be9d0d8d3e89cdc46514461a86f28b06bf585ef7715c016d0b3dda4871323acff954fe39396c5743451d219704b588c5507c46706fe6710e5
|
@@ -0,0 +1,21 @@
|
|
1
|
+
name: build
|
2
|
+
|
3
|
+
on:
|
4
|
+
push:
|
5
|
+
branches:
|
6
|
+
- master
|
7
|
+
pull_request:
|
8
|
+
branches:
|
9
|
+
- master
|
10
|
+
|
11
|
+
jobs:
|
12
|
+
build:
|
13
|
+
runs-on: ubuntu-latest
|
14
|
+
|
15
|
+
steps:
|
16
|
+
- uses: actions/checkout@v1
|
17
|
+
- uses: ruby/setup-ruby@v1
|
18
|
+
with:
|
19
|
+
bundler-cache: true # runs 'bundle install' and caches installed gems automatically
|
20
|
+
- name: Run Tests
|
21
|
+
run: bundle exec rake
|
data/.gitignore
CHANGED
data/.ruby-version
ADDED
@@ -0,0 +1 @@
|
|
1
|
+
2.7.3
|
data/CHANGELOG.md
CHANGED
@@ -1,3 +1,8 @@
|
|
1
|
+
## 0.2.1
|
2
|
+
|
3
|
+
* fix 'missing-field' param issue @phoet https://github.com/yurijmi/omniauth-telegram/pull/7
|
4
|
+
* fix 'invalid_signature' with missing username issue @phoet https://github.com/yurijmi/omniauth-telegram/pull/7
|
5
|
+
|
1
6
|
## 0.2.0
|
2
7
|
|
3
8
|
* update gem requirements for compatibility with OmniAuth 2.0 @phoet https://github.com/yurijmi/omniauth-telegram/pull/7
|
data/Gemfile
CHANGED
data/Gemfile.lock
CHANGED
@@ -1,15 +1,16 @@
|
|
1
1
|
PATH
|
2
2
|
remote: .
|
3
3
|
specs:
|
4
|
-
omniauth-telegram (0.2.
|
4
|
+
omniauth-telegram (0.2.1)
|
5
5
|
omniauth (>= 1.0)
|
6
6
|
|
7
7
|
GEM
|
8
8
|
remote: https://rubygems.org/
|
9
9
|
specs:
|
10
|
+
byebug (11.1.3)
|
10
11
|
diff-lcs (1.4.4)
|
11
12
|
hashie (4.1.0)
|
12
|
-
omniauth (2.0.
|
13
|
+
omniauth (2.0.4)
|
13
14
|
hashie (>= 3.4.6)
|
14
15
|
rack (>= 1.6.2, < 3)
|
15
16
|
rack-protection
|
@@ -36,6 +37,7 @@ PLATFORMS
|
|
36
37
|
|
37
38
|
DEPENDENCIES
|
38
39
|
bundler (>= 1.16)
|
40
|
+
byebug
|
39
41
|
omniauth-telegram!
|
40
42
|
rake (>= 10.0)
|
41
43
|
rspec (>= 3.0)
|
@@ -6,17 +6,17 @@ module OmniAuth
|
|
6
6
|
module Strategies
|
7
7
|
class Telegram
|
8
8
|
include OmniAuth::Strategy
|
9
|
-
|
9
|
+
|
10
10
|
args [:bot_name, :bot_secret]
|
11
|
-
|
11
|
+
|
12
12
|
option :name, 'telegram'
|
13
13
|
option :bot_name, nil
|
14
14
|
option :bot_secret, nil
|
15
15
|
option :button_config, {}
|
16
|
-
|
17
|
-
|
18
|
-
HASH_FIELDS
|
19
|
-
|
16
|
+
|
17
|
+
REQUIRED_FIELDS = %w[id hash]
|
18
|
+
HASH_FIELDS = %w[auth_date first_name id last_name photo_url username]
|
19
|
+
|
20
20
|
def request_phase
|
21
21
|
html = <<-HTML
|
22
22
|
<!DOCTYPE html>
|
@@ -27,23 +27,23 @@ module OmniAuth
|
|
27
27
|
</head>
|
28
28
|
<body>
|
29
29
|
HTML
|
30
|
-
|
30
|
+
|
31
31
|
data_attrs = options.button_config.map { |k,v| "data-#{k}=\"#{v}\"" }.join(" ")
|
32
|
-
|
32
|
+
|
33
33
|
html << "<script async
|
34
34
|
src=\"https://telegram.org/js/telegram-widget.js?4\"
|
35
35
|
data-telegram-login=\"#{options.bot_name}\"
|
36
36
|
data-auth-url=\"#{callback_url}\"
|
37
37
|
#{data_attrs}></script>"
|
38
|
-
|
38
|
+
|
39
39
|
html << <<-HTML
|
40
40
|
</body>
|
41
41
|
</html>
|
42
42
|
HTML
|
43
|
-
|
43
|
+
|
44
44
|
Rack::Response.new(html, 200, 'content-type' => 'text/html').finish
|
45
45
|
end
|
46
|
-
|
46
|
+
|
47
47
|
def callback_phase
|
48
48
|
if error = check_errors
|
49
49
|
fail!(error)
|
@@ -51,11 +51,11 @@ module OmniAuth
|
|
51
51
|
super
|
52
52
|
end
|
53
53
|
end
|
54
|
-
|
54
|
+
|
55
55
|
uid do
|
56
56
|
request.params["id"]
|
57
57
|
end
|
58
|
-
|
58
|
+
|
59
59
|
info do
|
60
60
|
{
|
61
61
|
name: "#{request.params["first_name"]} #{request.params["last_name"]}",
|
@@ -65,36 +65,42 @@ module OmniAuth
|
|
65
65
|
image: request.params["photo_url"]
|
66
66
|
}
|
67
67
|
end
|
68
|
-
|
68
|
+
|
69
69
|
extra do
|
70
70
|
{
|
71
71
|
auth_date: Time.at(request.params["auth_date"].to_i)
|
72
72
|
}
|
73
73
|
end
|
74
|
-
|
74
|
+
|
75
75
|
private
|
76
76
|
|
77
77
|
def check_errors
|
78
|
-
return :field_missing unless
|
78
|
+
return :field_missing unless check_required_fields
|
79
79
|
return :signature_mismatch unless check_signature
|
80
80
|
return :session_expired unless check_session
|
81
81
|
end
|
82
82
|
|
83
|
-
def
|
84
|
-
|
83
|
+
def check_required_fields
|
84
|
+
REQUIRED_FIELDS.all? { |f| request.params.include?(f) }
|
85
85
|
end
|
86
|
-
|
86
|
+
|
87
87
|
def check_signature
|
88
|
-
|
89
|
-
signature = HASH_FIELDS.map { |f| "%s=%s" % [f, request.params[f]] }.join("\n")
|
90
|
-
hashed_signature = OpenSSL::HMAC.hexdigest(OpenSSL::Digest::SHA256.new, secret, signature)
|
91
|
-
|
92
|
-
request.params["hash"] == hashed_signature
|
88
|
+
request.params["hash"] == self.class.calculate_signature(options[:bot_secret], request.params)
|
93
89
|
end
|
94
90
|
|
95
91
|
def check_session
|
96
92
|
Time.now.to_i - request.params["auth_date"].to_i <= 86400
|
97
93
|
end
|
94
|
+
|
95
|
+
def self.calculate_signature(secret, params)
|
96
|
+
secret = OpenSSL::Digest::SHA256.digest(secret)
|
97
|
+
signature = generate_comparison_string(params)
|
98
|
+
OpenSSL::HMAC.hexdigest(OpenSSL::Digest::SHA256.new, secret, signature)
|
99
|
+
end
|
100
|
+
|
101
|
+
def self.generate_comparison_string(params)
|
102
|
+
(params.keys & HASH_FIELDS).sort.map { |field| "%s=%s" % [field, params[field]] }.join("\n")
|
103
|
+
end
|
98
104
|
end
|
99
105
|
end
|
100
106
|
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: omniauth-telegram
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.2.
|
4
|
+
version: 0.2.1
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Yuri Mikhaylov
|
8
|
-
autorequire:
|
8
|
+
autorequire:
|
9
9
|
bindir: exe
|
10
10
|
cert_chain: []
|
11
|
-
date: 2021-
|
11
|
+
date: 2021-04-10 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: omniauth
|
@@ -73,8 +73,10 @@ executables: []
|
|
73
73
|
extensions: []
|
74
74
|
extra_rdoc_files: []
|
75
75
|
files:
|
76
|
+
- ".github/workflows/build.yaml"
|
76
77
|
- ".gitignore"
|
77
78
|
- ".rspec"
|
79
|
+
- ".ruby-version"
|
78
80
|
- ".travis.yml"
|
79
81
|
- CHANGELOG.md
|
80
82
|
- Gemfile
|
@@ -90,7 +92,7 @@ files:
|
|
90
92
|
homepage: https://github.com/yurijmi/omniauth-telegram
|
91
93
|
licenses: []
|
92
94
|
metadata: {}
|
93
|
-
post_install_message:
|
95
|
+
post_install_message:
|
94
96
|
rdoc_options: []
|
95
97
|
require_paths:
|
96
98
|
- lib
|
@@ -105,8 +107,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
105
107
|
- !ruby/object:Gem::Version
|
106
108
|
version: '0'
|
107
109
|
requirements: []
|
108
|
-
rubygems_version: 3.1.
|
109
|
-
signing_key:
|
110
|
+
rubygems_version: 3.1.6
|
111
|
+
signing_key:
|
110
112
|
specification_version: 4
|
111
113
|
summary: An OmniAuth strategy for Telegram
|
112
114
|
test_files: []
|