omniauth-wechat-oauth2 0.1.0 → 0.2.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
-SHA1:
-  metadata.gz: 8ce6f400f236ade461b6de6f0475e29d6efa2663
-  data.tar.gz: 7406fddc873587f98f976085265bccee6c450d4c
+SHA256:
+  metadata.gz: 6887df3d9cb9e1d0af5f77a80ceb353ed99e45c4aded5802b94f8ff06c2b44b7
+  data.tar.gz: 45081ea29f1423808a236d5d708ac21b0b76aa86fa6032add3f06de1b1251168
 SHA512:
-  metadata.gz: 324edff8a03b06a2eec788c5a612efef7ca2099be123fe721f6d77995a94a59f9a35e2adc5a52599d21cd1a00d880a5e7522155d1fa447e0cdecd67c91f3645e
-  data.tar.gz: a2cdacfde5eb3c2f0d87a7a5f30bde685315d242f6dbc5c9247a43a42502b60996b2d7702adb4031f9f8f62fc4564181afa391977a46a31b38479f8004bb6dea
+  metadata.gz: 91ca3a9a3ff98631767e7f54f16206a08ca488fe5a0a24709ad9c8f07e4e3a1483960326a256f7b36acaefae293f01e2cd57a672d9fe3d69205bc3d3be575a51
+  data.tar.gz: 7a0d38a8a9e51213e3d7981a45b599cc12b5f35ce8f85da86e04acb9c5b2b8c91084c6971beb1fe87ad834376e03875c94566f8725ad1cadc7583fc680a34a13

data/README.md

@@ -1,11 +1,21 @@
 Omniauth-wechat-oauth2
 ======================
 
-Wechat OAuth2 Strategy for OmniAuth 1.0. 
+[![Gem Version](https://img.shields.io/gem/v/omniauth-wechat-oauth2.svg)][gem]
+[![Security Check](https://hakiri.io/github/NeverMin/omniauth-wechat-oauth2/master.svg)][security]
+[![Build Status](https://travis-ci.org/NeverMin/omniauth-wechat-oauth2.svg)][travis]
 
-You need to get a wechat API key at: http://mp.weixin.qq.com
+[gem]: https://rubygems.org/gems/omniauth-wechat-oauth2
+[security]: https://hakiri.io/github/NeverMin/omniauth-wechat-oauth2/master
+[travis]: https://travis-ci.org/NeverMin/omniauth-wechat-oauth2
 
-Wechat oauth2 specification can be found at: http://mp.weixin.qq.com/wiki/index.php?title=网页授权获取用户基本信息
+
+Wechat OAuth2 Strategy for OmniAuth 1.0.
+
+You need to get a wechat API key at: https://mp.weixin.qq.com
+
+* Wechat oauth2 specification can be found at: https://mp.weixin.qq.com/wiki/index.php?title=网页授权获取用户基本信息
+* Wechat Qiye oauth2 specification can be found at: http://qydev.weixin.qq.com/wiki/index.php?title=OAuth验证接口
 
 ## Installation
 
@@ -57,7 +67,8 @@ Here's an example of an authentication hash available in the callback by accessi
       province:   "Changning",
       city:       "Shanghai",
       country:    "China",
-      headimgurl: "http://image_url"
+      headimgurl: "http://image_url",
+      unionid:    'unionid'
     },
     :credentials => {
         :token => "token",
@@ -73,12 +84,55 @@ Here's an example of an authentication hash available in the callback by accessi
           province:   "Changning",
           city:       "Shanghai",
           country:    "China",
-          headimgurl: "http://image_url"
+          headimgurl: "http://image_url",
+          unionid:    'unionid'
         }
     }
 }
 ```
 
+## Wechat Qiye OAuth2
 
+Wechat Qiey usage and configuration are the same with normal account above.
+
+```ruby
+config.omniauth :wechat_qiye, ENV["WECHAT_APP_ID"], ENV["WECHAT_APP_SECRET"],
+    :authorize_params => {:scope => "snsapi_base"}
+```
 
+Auth hash `request.env["omniauth.auth"]`
 
+```ruby
+{
+    :provider => "wechat_qiye",
+    :uid => "123456789",
+    :info => {
+      userid: "userid",
+      name: "name",
+      department: [2],
+      gender: "1",
+      weixinid: "weixinid",
+      avatar: "avatar",
+      status: 1,
+      extattr: {"foo" => "bar"}
+    },
+    :credentials => {
+        :token => "token",
+        :refresh_token => "another_token",
+        :expires_at => 7200,
+        :expires => true
+    },
+    :extra => {
+        :raw_info => {
+          userid: "userid",
+          name: "name",
+          department: [2],
+          gender: "1",
+          weixinid: "weixinid",
+          avatar: "avatar",
+          status: 1,
+          extattr: {"foo" => "bar"}}
+        }
+    }
+}
+```

data/lib/omniauth-wechat-oauth2.rb

@@ -1 +1 @@
-require "omniauth/strategies/wechat"
+require "omniauth/wechat"

data/lib/omniauth/strategies/wechat.rb

@@ -7,15 +7,19 @@ module OmniAuth
 
       option :client_options, {
         site:          "https://api.weixin.qq.com",
-        authorize_url: "https://open.weixin.qq.com/connect/oauth2/authorize#wechat_redirect",
+        authorize_url: "https://open.weixin.qq.com/connect/qrconnect?#wechat_redirect",
         token_url:     "/sns/oauth2/access_token",
         token_method:  :get
       }
 
-      option :authorize_params, {scope: "snsapi_userinfo"}
+      option :authorize_params, {scope: "snsapi_login"}
 
       option :token_params, {parse: :json}
 
+      def callback_url
+        full_host + script_name + callback_path
+      end
+
       uid do
         raw_info['openid']
       end
@@ -27,7 +31,9 @@ module OmniAuth
           province:   raw_info['province'],
           city:       raw_info['city'],
           country:    raw_info['country'],
-          headimgurl: raw_info['headimgurl']
+          headimgurl: raw_info['headimgurl'],
+          image:      raw_info['headimgurl'],
+          unionid:    raw_info['unionid']
         }
       end
 
@@ -36,8 +42,9 @@ module OmniAuth
       end
 
       def request_phase
-        params = client.auth_code.authorize_params.merge(redirect_uri: callback_url).merge(authorize_params)
+        params = client.auth_code.authorize_params.merge(authorize_params)
         params["appid"] = params.delete("client_id")
+        params["redirect_uri"] = callback_url
         redirect client.authorize_url(params)
       end
 
@@ -45,25 +52,27 @@ module OmniAuth
         @uid ||= access_token["openid"]
         @raw_info ||= begin
           access_token.options[:mode] = :query
-          if access_token["scope"] == "snsapi_userinfo"
-            @raw_info = access_token.get("/sns/userinfo", :params => {"openid" => @uid}, parse: :json).parsed
+          if access_token["scope"]&.include?("snsapi_login")
+            access_token.get("/sns/userinfo", :params => { "openid" => @uid, "lang" => "zh_CN" }, parse: :json).parsed
           else
-            @raw_info = {"openid" => @uid }
+            { "openid" => @uid }
           end
         end
+        @raw_info
       end
 
       protected
       def build_access_token
         params = {
-          'appid' => client.id, 
-          'secret' => client.secret,
-          'code' => request.params['code'],
-          'grant_type' => 'authorization_code' 
+          'appid'        => client.id,
+          'secret'       => client.secret,
+          'code'         => request.params['code'],
+          'grant_type'   => 'authorization_code',
+          'redirect_uri' => callback_url
           }.merge(token_params.to_hash(symbolize_keys: true))
         client.get_token(params, deep_symbolize(options.auth_token_params))
       end
 
     end
   end
-end
+end

data/lib/omniauth/strategies/wechat_qiye.rb

@@ -0,0 +1,80 @@
+require "omniauth-oauth2"
+
+module OmniAuth
+  module Strategies
+    class WechatQiye < OmniAuth::Strategies::OAuth2
+      option :name, "wechat_qiye"
+
+      option :client_options, {
+                                :site => "https://qyapi.weixin.qq.com",
+                                authorize_url: "https://open.weixin.qq.com/connect/oauth2/authorize#wechat_redirect",
+                                token_url:     "/cgi-bin/gettoken",
+                                token_method:  :get,
+                                connection_opts: {
+                                    ssl: { verify: false }
+                                }
+                              }
+
+      option :authorize_params, {scope: "snsapi_userinfo"}
+      option :token_params, {parse: :json}
+
+      uid do
+        raw_info['userid']
+      end
+
+      info do
+        {
+            userid:     raw_info['userid'],
+            name:       raw_info['name'],
+            department: raw_info['department'],
+            gender:     raw_info['gender'],
+            weixinid:   raw_info['weixinid'],
+            avatar:     raw_info['avatar'],
+            status:     raw_info['status'],
+            extattr:    raw_info['extattr']
+        }
+      end
+
+      extra do
+        { raw_info: raw_info }
+      end
+
+      def request_phase
+        params = client.auth_code.authorize_params.merge(redirect_uri: callback_url).merge(authorize_params)
+        params["appid"] = params.delete("client_id")
+        redirect client.authorize_url(params)
+      end
+
+      def raw_info
+        # step 2: get userid via code and access_token
+        @code ||= access_token[:code]
+
+        # step 3: get user info via userid
+        @uid ||= begin
+          access_token.options[:mode] = :query
+          response = access_token.get('/cgi-bin/user/getuserinfo', :params => {'code' => @code}, parse: :json)
+          response.parsed['UserId']
+        end
+
+        @raw_info ||= begin
+          access_token.options[:mode] = :query
+          response = access_token.get("/cgi-bin/user/get", :params => {"userid" => @uid}, parse: :json)
+          response.parsed
+        end
+      end
+
+      protected
+      def build_access_token
+        # step 0: wechat respond code
+        code = request.params['code']
+
+        # step 1: get access token
+        params = {
+            'corpid' => client.id,
+            'corpsecret' => client.secret,
+        }.merge(token_params.to_hash(symbolize_keys: true))
+        client.get_token(params, deep_symbolize(options.auth_token_params.merge({code: code})))
+      end
+    end
+  end
+end

data/lib/omniauth/wechat.rb

@@ -0,0 +1,2 @@
+require "omniauth/strategies/wechat"
+require "omniauth/strategies/wechat_qiye"

metadata

@@ -1,60 +1,65 @@
 --- !ruby/object:Gem::Specification
 name: omniauth-wechat-oauth2
 version: !ruby/object:Gem::Version
-  version: 0.1.0
+  version: 0.2.1
 platform: ruby
 authors:
-- Skinnyworm
-autorequire: 
+- Alex Hu
+- Never Min
+- Eric Guo
+autorequire:
 bindir: bin
 cert_chain: []
-date: 2014-03-27 00:00:00.000000000 Z
+date: 2020-06-11 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: omniauth
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '1.0'
+        version: 1.3.2
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '1.0'
+        version: 1.3.2
 - !ruby/object:Gem::Dependency
   name: omniauth-oauth2
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '1.0'
+        version: 1.1.1
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '1.0'
+        version: 1.1.1
 - !ruby/object:Gem::Dependency
   name: rspec
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '2.7'
+        version: '2.99'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '2.7'
+        version: '2.99'
 description: Using OAuth2 to authenticate wechat user when web resources being viewed
   within wechat(weixin) client.
-email: askinnyworm@gmail.com
+email:
+- askinnyworm@gmail.com
+- Never.Min@gmail.com
+- eric@cloud-mes.com
 executables: []
 extensions: []
 extra_rdoc_files: []
@@ -62,28 +67,30 @@ files:
 - README.md
 - lib/omniauth-wechat-oauth2.rb
 - lib/omniauth/strategies/wechat.rb
-homepage: https://github.com/skinnyworm/omniauth-wechat-oauth2
-licenses: []
+- lib/omniauth/strategies/wechat_qiye.rb
+- lib/omniauth/wechat.rb
+homepage: https://github.com/nevermin/omniauth-wechat-oauth2
+licenses:
+- MIT
 metadata: {}
-post_install_message: 
+post_install_message:
 rdoc_options: []
 require_paths:
 - lib
 required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
-  - - '>='
+  - - ">="
     - !ruby/object:Gem::Version
-      version: 1.9.3
+      version: 2.4.0
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
-  - - '>='
+  - - ">="
     - !ruby/object:Gem::Version
-      version: 1.8.23
+      version: '0'
 requirements:
 - none
-rubyforge_project: 
-rubygems_version: 2.2.1
-signing_key: 
+rubygems_version: 3.1.4
+signing_key:
 specification_version: 4
 summary: Omniauth strategy for wechat(weixin)
 test_files: []