omniauth-twitter 1.4.0 → 1.5.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
- SHA1:
3
- metadata.gz: dc9119404c4a402c342aec3bfa812d34a8183b9f
4
- data.tar.gz: '084e1b33e9441f66fb13d397f3887f9deafea987'
2
+ SHA256:
3
+ metadata.gz: 7041fe0565e3aff9b7421e6db607d081e62cb1ab8eb47478447d68bf3e304cfa
4
+ data.tar.gz: c04b4b63074646f9d9dc35214b245b3ecd236821ddb51e5ed1535aeb1a96fdf8
5
5
  SHA512:
6
- metadata.gz: d1b25d26296524e0a65ae5fe48e9fdc3c6595ff7bedfca31c0d10fcdecb0e059a9210649816b92ac037b2bc0eedfd92e22404c0f021c2f98b46d59db769065eb
7
- data.tar.gz: b09fe1f1a3b7c20cf7705335fbba740da4c022399434b6992b02b77db9e33bae1477a8aa9576cb4b045d633c74cb3d5e42b442312a2c722476d24b24f5fe2fa8
6
+ metadata.gz: 37b81593611123a03a8ab9c6f714834f90a01decaf0dad271a5d87a78bf1348d5e575a83a3ea899e0ec0b483578c7bee82a5f08b3ba1b5eac85be05bda02f85d
7
+ data.tar.gz: dd9828708654ee10d759e655d459f84c25449c3c8f7f3f78b6f30b447d4af5806b96bb555943affde72cb711ab1d13c8c3201e7fa19d6cc5ffb50e4133b86c15
@@ -0,0 +1,24 @@
1
+ name: CI
2
+
3
+ on: [push, pull_request]
4
+
5
+ jobs:
6
+ test:
7
+ strategy:
8
+ matrix:
9
+ ruby: ['2.6', '2.7', '3.0', '3.1', '3.2', '3.3', '3.4', '4.0', 'jruby']
10
+ fail-fast: false
11
+ max-parallel: 10
12
+ runs-on: ubuntu-latest
13
+
14
+ env:
15
+ CI: true
16
+
17
+ name: ${{ matrix.ruby }}
18
+ steps:
19
+ - uses: actions/checkout@v4
20
+ - uses: ruby/setup-ruby@v1
21
+ with:
22
+ bundler-cache: true # 'bundle install' and cache
23
+ ruby-version: ${{ matrix.ruby }}
24
+ - run: bundle exec rake
data/CHANGELOG.md ADDED
@@ -0,0 +1,11 @@
1
+ # CHANGELOG
2
+
3
+ ## [1.5.0] - Jul 6, 2026
4
+ - Switch the API site from `api.twitter.com` to `api.x.com`, see https://github.com/arunagw/omniauth-twitter/pull/150
5
+ - Bump `omniauth-oauth` dependency to `~> 1.2`, see https://github.com/arunagw/omniauth-twitter/pull/158
6
+ - Add `cgi` as a runtime dependency
7
+ - Remove `bundler` development dependency from the gemspec, see https://github.com/arunagw/omniauth-twitter/pull/155
8
+ - Test against Ruby 3.3, 3.4 and 4.0 in CI
9
+
10
+ ## [1.4.0] - Feb 17, 2017
11
+ - Allow passing a callback_url param, see https://github.com/arunagw/omniauth-twitter/pull/107
data/CONTRIBUTING.md CHANGED
@@ -19,8 +19,7 @@ new line in each of your commit messages:
19
19
  [ci skip]
20
20
  ```
21
21
 
22
- This will signal [Travis](https://travis-ci.org) that running the test suite is
23
- not necessary for these changes.
22
+ This will signal [GitHub Actions](https://docs.github.com/en/actions) that running the test suite is not necessary for these changes.
24
23
 
25
24
  # Reporting Bugs
26
25
 
data/README.md CHANGED
@@ -1,20 +1,20 @@
1
1
  # OmniAuth Twitter
2
2
 
3
- [![Gem Version](https://badge.fury.io/rb/omniauth-twitter.svg)](http://badge.fury.io/rb/omniauth-twitter)
4
- [![CI Build Status](https://secure.travis-ci.org/arunagw/omniauth-twitter.svg?branch=master)](http://travis-ci.org/arunagw/omniauth-twitter)
5
- [![Code Climate](https://codeclimate.com/github/arunagw/omniauth-twitter.png)](https://codeclimate.com/github/arunagw/omniauth-twitter)
3
+ This gem contains the X (formerly Twitter) strategy for OmniAuth.
6
4
 
7
- This gem contains the Twitter strategy for OmniAuth.
5
+ X supports a few different methods of integration. This strategy implements the browser variant of the "Sign in with Twitter" flow.
8
6
 
9
- Twitter offers a few different methods of integration. This strategy implements the browser variant of the "[Sign in with Twitter](https://dev.twitter.com/docs/auth/implementing-sign-twitter)" flow.
7
+ This strategy implements X's OAuth 1.0a flow and returns an OAuth access token and access token secret for the authenticated user.
10
8
 
11
- Twitter uses OAuth 1.0a. Twitter's developer area contains ample documentation on how it implements this, so check that out if you are really interested in the details.
9
+ X's developer documentation contains detailed information about its OAuth implementation if you are interested in the protocol details.
12
10
 
13
11
  ## Before You Begin
14
12
 
15
- You should have already installed OmniAuth into your app; if not, read the [OmniAuth README](https://github.com/intridea/omniauth) to get started.
13
+ You should have already installed OmniAuth into your app; if not, read the OmniAuth README(https://github.com/omniauth/omniauth) to get started.
16
14
 
17
- Now sign in into the [Twitter developer area](https://dev.twitter.com/apps) and create an application. Take note of your API Key and API Secret (not the Access Token and Access Token Secret) because that is what your web application will use to authenticate against the Twitter API. Make sure to set a callback URL or else you may get authentication errors. (It doesn't matter what it is, just that it is set.)
15
+ Now sign in to the X Developer Portal(https://developer.x.com/apps) and create an application. Take note of your API Key and API Secret (not the Access Token and Access Token Secret) because that is what your web application will use to authenticate against the X API. Make sure to configure a callback URL in the X Developer Portal or else you may get authentication errors. The configured callback URL should match the callback URL used by your application.
16
+
17
+ For production applications, it is recommended to store API credentials using Rails credentials, environment variables, or another secure secret management solution.
18
18
 
19
19
  ## Using This Strategy
20
20
 
@@ -27,7 +27,7 @@ gem 'omniauth-twitter'
27
27
  If you need to use the latest HEAD version, you can do so with:
28
28
 
29
29
  ```ruby
30
- gem 'omniauth-twitter', :github => 'arunagw/omniauth-twitter'
30
+ gem 'omniauth-twitter', github: 'arunagw/omniauth-twitter'
31
31
  ```
32
32
 
33
33
  Next, tell OmniAuth about this provider. For a Rails app, your `config/initializers/omniauth.rb` file should look like this:
@@ -38,29 +38,39 @@ Rails.application.config.middleware.use OmniAuth::Builder do
38
38
  end
39
39
  ```
40
40
 
41
- Replace `"API_KEY"` and `"API_SECRET"` with the appropriate values you obtained [earlier](https://apps.twitter.com).
41
+ Alternatively, you may use environment variables:
42
+
43
+ ```ruby
44
+ Rails.application.config.middleware.use OmniAuth::Builder do
45
+ provider :twitter,
46
+ ENV.fetch("TWITTER_API_KEY"),
47
+ ENV.fetch("TWITTER_API_SECRET")
48
+ end
49
+ ```
50
+
51
+ Replace `"API_KEY"` and `"API_SECRET"` with the appropriate values you obtained earlier.
42
52
 
43
53
  ## Authentication Options
44
54
 
45
- Twitter supports a [few options](https://dev.twitter.com/docs/api/1/get/oauth/authenticate) when authenticating. Usually you would specify these options as query parameters to the Twitter API authentication url (`https://api.twitter.com/oauth/authenticate` by default). With OmniAuth, of course, you use `http://yourapp.com/auth/twitter` instead. Because of this, this OmniAuth provider will pick up the query parameters you pass to the `/auth/twitter` URL and re-use them when making the call to the Twitter API.
55
+ X supports a [few options](https://docs.x.com/fundamentals/authentication/api-reference) when authenticating. Usually you would specify these options as query parameters to the X API authentication URL (`https://api.x.com/oauth/authenticate` by default). With OmniAuth, of course, you use `http://yourapp.com/auth/twitter` instead. Because of this, this OmniAuth provider will pick up the query parameters you pass to the `/auth/twitter` URL and re-use them when making the call to the X API.
46
56
 
47
57
  The options are:
48
58
 
49
- * **force_login** - This option sends the user to a sign-in screen to enter their Twitter credentials, even if they are already signed in. This is handy when your application supports multiple Twitter accounts and you want to ensure the correct user is signed in. *Example:* `http://yoursite.com/auth/twitter?force_login=true`
59
+ - **force_login** - This option sends the user to a sign-in screen to enter their X credentials, even if they are already signed in. This is handy when your application supports multiple X accounts and you want to ensure the correct user is signed in. _Example:_ `http://yoursite.com/auth/twitter?force_login=true`
50
60
 
51
- * **screen_name** - This option implies **force_login**, except the screen name field is pre-filled with a particular value. *Example:* `http://yoursite.com/auth/twitter?screen_name=jim`
61
+ - **screen_name** - This option implies **force_login**, except the screen name field is pre-filled with a particular value. _Example:_ `http://yoursite.com/auth/twitter?screen_name=jim`
52
62
 
53
- * **lang** - The language used in the Twitter prompt. This is useful for adding i18n support since the language of the prompt can be dynamically set for each user. *Example:* `http://yoursite.com/auth/twitter?lang=pt`
63
+ - **lang** - The language used in the X prompt. This is useful for adding i18n support since the language of the prompt can be dynamically set for each user. _Example:_ `http://yoursite.com/auth/twitter?lang=pt`
54
64
 
55
- * **secure_image_url** - Set to `true` to use https for the user's image url. Default is `false`.
65
+ - **secure_image_url** - Set to `true` to use https for the user's image URL. Default is `false`.
56
66
 
57
- * **image_size**: This option defines the size of the user's image. Valid options include `mini` (24x24), `normal` (48x48), `bigger` (73x73) and `original` (the size of the image originally uploaded). Default is `normal`.
67
+ - **image_size**: This option defines the size of the user's image. Valid options include `mini` (24x24), `normal` (48x48), `bigger` (73x73) and `original` (the size of the image originally uploaded). Default is `normal`.
58
68
 
59
- * **x_auth_access_type** - This option (described [here](https://dev.twitter.com/docs/api/1/post/oauth/request_token)) lets you request the level of access that your app will have to the Twitter account in question. *Example:* `http://yoursite.com/auth/twitter?x_auth_access_type=read`
69
+ - **x_auth_access_type** - This option (described in the X API documentation) lets you request the level of access that your app will have to the X account in question. _Example:_ `http://yoursite.com/auth/twitter?x_auth_access_type=read`
60
70
 
61
- * **use_authorize** - There are actually two URLs you can use against the Twitter API. As mentioned, the default is `https://api.twitter.com/oauth/authenticate`, but you also have `https://api.twitter.com/oauth/authorize`. Passing this option as `true` will use the second URL rather than the first. What's the difference? As described [here](https://dev.twitter.com/docs/api/1/get/oauth/authenticate), with `authenticate`, if your user has already granted permission to your application, Twitter will redirect straight back to your application, whereas `authorize` forces the user to go through the "grant permission" screen again. For certain use cases this may be necessary. *Example:* `http://yoursite.com/auth/twitter?use_authorize=true`. *Note:* You must have "Allow this application to be used to Sign in with Twitter" checked in [your application's settings](https://dev.twitter.com/apps) - without it your user will be asked to authorize your application each time they log in.
71
+ - **use_authorize** - There are actually two URLs you can use against the X API. As mentioned, the default is `https://api.x.com/oauth/authenticate`, but you also have `https://api.x.com/oauth/authorize`. Passing this option as `true` will use the second URL rather than the first. With authenticate, if your user has already granted permission to your application, X may redirect straight back to your application, whereas authorize forces the user to go through the authorization screen again. For certain use cases this may be necessary. _Example:_ `http://yoursite.com/auth/twitter?use_authorize=true`.
62
72
 
63
- Here's an example of a possible configuration where the the user's original profile picture is returned over https, the user is always prompted to sign-in and the default language of the Twitter prompt is changed:
73
+ Here's an example of a possible configuration where the user's original profile picture is returned over https, the user is always prompted to sign-in and the default language of the the X authentication prompt:
64
74
 
65
75
  ```ruby
66
76
  Rails.application.config.middleware.use OmniAuth::Builder do
@@ -77,15 +87,17 @@ end
77
87
  ```
78
88
 
79
89
  ## Authentication Hash
80
- An example auth hash available in `request.env['omniauth.auth']`:
90
+
91
+ The structure below is a representative example of the authentication hash available in `request.env['omniauth.auth']`. Fields returned by X may vary depending on API permissions, user settings, and platform changes.
81
92
 
82
93
  ```ruby
83
94
  {
84
95
  :provider => "twitter",
85
96
  :uid => "123456",
86
97
  :info => {
87
- :nickname => "johnqpublic",
98
+ :nickname => "johnqpublic", # screen name
88
99
  :name => "John Q Public",
100
+ :email => "john@example.com", # only present if your app has email permission and the user has granted it
89
101
  :location => "Anytown, USA",
90
102
  :image => "http://si0.twimg.com/sticky/default_profile_images/default_profile_2_normal.png",
91
103
  :description => "a very normal guy.",
@@ -95,7 +107,7 @@ An example auth hash available in `request.env['omniauth.auth']`:
95
107
  }
96
108
  },
97
109
  :credentials => {
98
- :token => "a1b2c3d4...", # The OAuth 2.0 access token
110
+ :token => "a1b2c3d4...", # The OAuth 1.0a access token
99
111
  :secret => "abcdef1234"
100
112
  },
101
113
  :extra => {
@@ -117,7 +129,7 @@ An example auth hash available in `request.env['omniauth.auth']`:
117
129
  :profile_sidebar_fill_color => "666666",
118
130
  :followers_count => 1,
119
131
  :default_profile_image => false,
120
- :screen_name => "",
132
+ :screen_name => "johnqpublic",
121
133
  :following => false,
122
134
  :utc_offset => -3600,
123
135
  :verified => false,
@@ -156,9 +168,7 @@ Ryan Bates has put together an excellent RailsCast on OmniAuth:
156
168
 
157
169
  ## Supported Rubies
158
170
 
159
- OmniAuth Twitter is tested under 2.1.x, 2.2.x and JRuby.
160
-
161
- If you use its gem on ruby 1.9.x, 2.0.x, or Rubinius use version v1.2.1 .
171
+ OmniAuth Twitter is tested under Ruby 2.6 through 4.0 and JRuby.
162
172
 
163
173
  ## Contributing
164
174
 
@@ -7,7 +7,7 @@ module OmniAuth
7
7
  option :name, 'twitter'
8
8
 
9
9
  option :client_options, {:authorize_path => '/oauth/authenticate',
10
- :site => 'https://api.twitter.com',
10
+ :site => 'https://api.x.com',
11
11
  :proxy => ENV['http_proxy'] ? URI(ENV['http_proxy']) : nil}
12
12
 
13
13
  uid { access_token.params[:user_id] }
@@ -1,5 +1,5 @@
1
1
  module OmniAuth
2
2
  module Twitter
3
- VERSION = "1.4.0"
3
+ VERSION = "1.5.0"
4
4
  end
5
5
  end
@@ -17,7 +17,7 @@ Gem::Specification.new do |s|
17
17
  s.executables = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) }
18
18
  s.require_paths = ["lib"]
19
19
  s.required_ruby_version = Gem::Requirement.new('>= 1.9.3')
20
- s.add_dependency 'omniauth-oauth', '~> 1.1'
20
+ s.add_dependency 'omniauth-oauth', '~> 1.2'
21
21
  s.add_dependency 'rack'
22
- s.add_development_dependency 'bundler', '~> 1.0'
22
+ s.add_dependency 'cgi'
23
23
  end
@@ -18,7 +18,7 @@ describe OmniAuth::Strategies::Twitter do
18
18
  end
19
19
 
20
20
  it 'should have correct site' do
21
- expect(subject.options.client_options.site).to eq('https://api.twitter.com')
21
+ expect(subject.options.client_options.site).to eq('https://api.x.com')
22
22
  end
23
23
 
24
24
  it 'should have correct authorize url' do
data/spec/spec_helper.rb CHANGED
@@ -2,7 +2,7 @@ $:.unshift File.expand_path('..', __FILE__)
2
2
  $:.unshift File.expand_path('../../lib', __FILE__)
3
3
  require 'simplecov'
4
4
  SimpleCov.start do
5
- minimum_coverage(94.59)
5
+ minimum_coverage(90)
6
6
  end
7
7
  require 'rspec'
8
8
  require 'rack/test'
metadata CHANGED
@@ -1,14 +1,13 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: omniauth-twitter
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.4.0
4
+ version: 1.5.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Arun Agrawal
8
- autorequire:
9
8
  bindir: bin
10
9
  cert_chain: []
11
- date: 2017-02-07 00:00:00.000000000 Z
10
+ date: 1980-01-02 00:00:00.000000000 Z
12
11
  dependencies:
13
12
  - !ruby/object:Gem::Dependency
14
13
  name: omniauth-oauth
@@ -16,14 +15,14 @@ dependencies:
16
15
  requirements:
17
16
  - - "~>"
18
17
  - !ruby/object:Gem::Version
19
- version: '1.1'
18
+ version: '1.2'
20
19
  type: :runtime
21
20
  prerelease: false
22
21
  version_requirements: !ruby/object:Gem::Requirement
23
22
  requirements:
24
23
  - - "~>"
25
24
  - !ruby/object:Gem::Version
26
- version: '1.1'
25
+ version: '1.2'
27
26
  - !ruby/object:Gem::Dependency
28
27
  name: rack
29
28
  requirement: !ruby/object:Gem::Requirement
@@ -39,19 +38,19 @@ dependencies:
39
38
  - !ruby/object:Gem::Version
40
39
  version: '0'
41
40
  - !ruby/object:Gem::Dependency
42
- name: bundler
41
+ name: cgi
43
42
  requirement: !ruby/object:Gem::Requirement
44
43
  requirements:
45
- - - "~>"
44
+ - - ">="
46
45
  - !ruby/object:Gem::Version
47
- version: '1.0'
48
- type: :development
46
+ version: '0'
47
+ type: :runtime
49
48
  prerelease: false
50
49
  version_requirements: !ruby/object:Gem::Requirement
51
50
  requirements:
52
- - - "~>"
51
+ - - ">="
53
52
  - !ruby/object:Gem::Version
54
- version: '1.0'
53
+ version: '0'
55
54
  description: OmniAuth strategy for Twitter
56
55
  email:
57
56
  - arunagw@gmail.com
@@ -59,9 +58,10 @@ executables: []
59
58
  extensions: []
60
59
  extra_rdoc_files: []
61
60
  files:
61
+ - ".github/workflows/main.yml"
62
62
  - ".gitignore"
63
63
  - ".rspec"
64
- - ".travis.yml"
64
+ - CHANGELOG.md
65
65
  - CONTRIBUTING.md
66
66
  - Gemfile
67
67
  - README.md
@@ -76,7 +76,6 @@ homepage: https://github.com/arunagw/omniauth-twitter
76
76
  licenses:
77
77
  - MIT
78
78
  metadata: {}
79
- post_install_message:
80
79
  rdoc_options: []
81
80
  require_paths:
82
81
  - lib
@@ -91,9 +90,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
91
90
  - !ruby/object:Gem::Version
92
91
  version: '0'
93
92
  requirements: []
94
- rubyforge_project:
95
- rubygems_version: 2.6.8
96
- signing_key:
93
+ rubygems_version: 3.7.2
97
94
  specification_version: 4
98
95
  summary: OmniAuth strategy for Twitter
99
96
  test_files:
data/.travis.yml DELETED
@@ -1,13 +0,0 @@
1
- dist: trusty
2
-
3
- rvm:
4
- - 2.1.10
5
- - 2.2.6
6
- - 2.3.3
7
- - 2.4.0
8
- - jruby-1.7.26
9
- - rbx-3
10
-
11
- matrix:
12
- allow_failures:
13
- - rvm: rbx-3