omniauth-xauth 0.0.1 → 0.0.2

data/.gitignore

@@ -1,4 +1,17 @@
 *.gem
+*.rbc
 .bundle
+.config
+.yardoc
 Gemfile.lock
-pkg/*
+InstalledFiles
+_yardoc
+coverage
+doc/
+lib/bundler/man
+pkg
+rdoc
+spec/reports
+test/tmp
+test/version_tmp
+tmp

data/.rspec

@@ -0,0 +1,2 @@
+--color
+--format=doc

data/README.md

@@ -0,0 +1,53 @@
+# OmniAuth XAuth
+
+OmniAuth XAuth strategy for use in [OmniAuth](https://github.com/intridea/omniauth) 1.0 strategy development.
+
+This gem contains a generic XAuth strategy for OmniAuth. It is meant to
+serve as a building block strategy for other strategies and not to be
+used independently (since it has no inherent way to gather uid and user
+info).
+
+The XAuth form is rendered as an [OmniAuth Form](http://rubydoc.info/github/intridea/omniauth/master/OmniAuth/Form)
+and can be styled as such.
+
+## Creating an XAuth Strategy
+
+To create an OmniAuth XAuth strategy using this gem, you can simply
+subclass it and add a few extra methods like so:
+
+    require 'omniauth-xauth'
+
+    module OmniAuth
+      module Strategies
+        class SomeSite < OmniAuth::Strategies::XAuth
+          option :client_options, {
+            :site               => 'http://www.service.com/',
+            :access_token_url   => 'https://www.service.com/oauth/access_token'
+          }
+          option :xauth_options, { :title => 'XAuth Login Form Header'}
+
+
+          # This is where you pass the options you would pass when
+          # initializing your consumer from the OAuth gem.
+
+
+          uid { raw_info['uid'] }
+          info do
+            {
+              :name => raw_info['name'],
+              :email => raw_info['email']
+            }
+          end
+
+          extra do
+            {
+              'raw_info' => raw_info
+            }
+          end
+
+          def raw_info
+            @raw_info ||= MultiJson.decode(access_token.get('/me.json').body)
+          end
+        end
+      end
+    end

data/lib/omniauth-xauth/version.rb

@@ -1,5 +1,5 @@
 module OmniAuth
   module XAuth
-    VERSION = "0.0.1"
+    VERSION = "0.0.2"
   end
 end

data/lib/omniauth/strategies/xauth.rb

@@ -1,19 +1,22 @@
-require 'omniauth/oauth'
+require 'omniauth'
 require 'multi_json'
+require 'oauth'
 
 module OmniAuth
   module Strategies
-
-    # This code is originally from oa-omniauth.gem and applied some fixes for OmniAuth 1.0.
     class XAuth
       include OmniAuth::Strategy
 
       args [:consumer_key, :consumer_secret]
-
+      option :consumer_key, nil
+      option :consumer_secret, nil
+      option :client_options, {}
       option :consumer_options, {}
+      option :xauth_options, { :title => 'OmniAuth XAuth' }
+
+      attr_reader :access_token
 
       def request_phase
-        session['oauth'] ||= {}
         if env['REQUEST_METHOD'] == 'GET'
           get_credentials
         else
@@ -23,25 +26,34 @@ module OmniAuth
       end
 
       def get_credentials
-        OmniAuth::Form.build(consumer_options[:title] || "xAuth Credentials") do
+        OmniAuth::Form.build(options.xauth_options) do
           text_field 'Username', 'username'
           password_field 'Password', 'password'
         end.to_response
       end
 
       def consumer
-        ::OAuth::Consumer.new(consumer_key, consumer_secret, consumer_options.merge(options[:client_options] || options[:consumer_options] || {}))
+        consumer = ::OAuth::Consumer.new(options.consumer_key, options.consumer_secret, options.client_options)
+        consumer.http.open_timeout = options.open_timeout if options.open_timeout
+        consumer.http.read_timeout = options.read_timeout if options.read_timeout
+        consumer
       end
 
       def callback_phase
+        raise OmniAuth::NoSessionError.new("Session Expired") if session['omniauth.xauth'].nil?
+
         @access_token = consumer.get_access_token(nil, {}, session['omniauth.xauth'])
         super
-      rescue ::Net::HTTPFatalError => e
+      rescue ::Net::HTTPFatalError, ::OpenSSL::SSL::SSLError => e
         fail!(:service_unavailable, e)
       rescue ::OAuth::Unauthorized => e
         fail!(:invalid_credentials, e)
       rescue ::MultiJson::DecodeError => e
         fail!(:invalid_response, e)
+      rescue ::OmniAuth::NoSessionError => e
+        fail!(:session_expired, e)
+      rescue => e
+        puts e.backtrace
       ensure
         session['omniauth.xauth'] = nil
       end

data/omniauth-xauth.gemspec

@@ -1,6 +1,5 @@
 # -*- encoding: utf-8 -*-
-$:.push File.expand_path("../lib", __FILE__)
-require "omniauth-xauth/version"
+require File.expand_path('../lib/omniauth-xauth/version', __FILE__)
 
 Gem::Specification.new do |s|
   s.name        = "omniauth-xauth"
@@ -18,7 +17,10 @@ Gem::Specification.new do |s|
   s.executables   = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) }
   s.require_paths = ["lib"]
 
-  s.add_runtime_dependency 'omniauth'
-  s.add_runtime_dependency 'oauth'
-  s.add_runtime_dependency 'multi_json'
+  s.add_runtime_dependency     'omniauth', '~> 1.0'
+  s.add_runtime_dependency     'oauth'
+  s.add_development_dependency 'rspec', '~> 2.8'
+  s.add_development_dependency 'webmock'
+  s.add_development_dependency 'simplecov'
+  s.add_development_dependency 'rack-test'
 end

data/spec/omniauth/strategies/xauth_spec.rb

@@ -0,0 +1,148 @@
+require 'spec_helper'
+
+describe "OmniAuth::Strategies::XAuth" do
+  class MyOAuthProvider < OmniAuth::Strategies::XAuth
+    option :client_options, { :site => 'https://api.example.org', :title => 'xAuth', :access_token_url   => 'https://api.example.org/oauth/access_token' }
+    option :consumer_options, {}
+    uid { 1 }
+    info{ { 'name' => 'ohai' } }
+  end
+
+  def app
+    Rack::Builder.new {
+      use OmniAuth::Test::PhonySession
+      use OmniAuth::Builder do
+        provider MyOAuthProvider, 'abc', 'def', :name => 'example.org'
+      end
+      run lambda { |env| [404, {'Content-Type' => 'text/plain'}, [env.key?('omniauth.auth').to_s]] }
+    }.to_app
+  end
+
+  def session
+    last_request.env['rack.session']
+  end
+
+  it 'should add a camelization for itself' do
+    OmniAuth::Utils.camelize('xauth').should == 'XAuth'
+  end
+
+  describe '/auth/{name}' do
+    context 'GET' do
+      before do
+        get '/auth/example.org'
+      end
+
+      it 'should render an Omniauth::Form' do
+        last_response.should be_ok
+        last_response.body.should include('Username')
+        last_response.body.should include('Password')
+      end
+    end
+
+    context 'POST' do
+      before do
+        post '/auth/example.org', :username => 'joe', :password => 'passw0rd'
+      end
+
+      it 'should redirect to the callback url' do
+        last_response.should be_redirect
+        last_response.headers['Location'].should eq('/auth/example.org/callback')
+      end
+
+      it 'sets the xauth credentials to the "omniauth.xauth" session' do
+        session['omniauth.xauth'].should be
+        session['omniauth.xauth']['x_auth_username'].should eq('joe')
+        session['omniauth.xauth']['x_auth_password'].should eq('passw0rd')
+
+      end
+    end
+  end
+
+  describe '/auth/{name}/callback' do
+    context 'Success' do
+      before do
+        stub_request(:post, 'https://api.example.org/oauth/access_token').
+          to_return(:body => "oauth_token=yourtoken&oauth_token_secret=yoursecret")
+        get '/auth/example.org/callback', {}, {'rack.session' => { 'omniauth.xauth' => { 'x_auth_mode' => 'client_auth', 'x_auth_username' => 'username', 'x_auth_password' => 'password' }}}
+      end
+
+      it 'should clear "omniauth.xauth" from the session' do
+        session['omniauth.xauth'].should be_nil
+      end
+
+      it 'should exchange the request token for an access token' do
+        last_request.env['omniauth.auth']['provider'].should == 'example.org'
+        last_request.env['omniauth.auth']['extra']['access_token'].should be_kind_of(OAuth::AccessToken)
+      end
+
+      it 'should call through to the master app' do
+        last_response.body.should == 'true'
+      end
+    end
+
+    context "bad gateway (or any 5xx) for access_token" do
+      before do
+        stub_request(:post, 'https://api.example.org/oauth/access_token').
+           to_raise(::Net::HTTPFatalError.new(%Q{502 "Bad Gateway"}, nil))
+        get '/auth/example.org/callback', {:oauth_verifier => 'dudeman'}, {'rack.session' => { 'omniauth.xauth' => { 'x_auth_mode' => 'client_auth', 'x_auth_username' => 'username', 'x_auth_password' => 'password' }}}
+      end
+
+      it 'should call fail! with :service_unavailable' do
+        last_request.env['omniauth.error'].should be_kind_of(::Net::HTTPFatalError)
+        last_request.env['omniauth.error.type'] = :service_unavailable
+      end
+    end
+
+    context "SSL failure" do
+      before do
+        stub_request(:post, 'https://api.example.org/oauth/access_token').
+           to_raise(::OpenSSL::SSL::SSLError.new("SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed"))
+        get '/auth/example.org/callback', {:oauth_verifier => 'dudeman'}, {'rack.session' => { 'omniauth.xauth' => { 'x_auth_mode' => 'client_auth', 'x_auth_username' => 'username', 'x_auth_password' => 'password' }}}
+      end
+
+      it 'should call fail! with :service_unavailable' do
+        last_request.env['omniauth.error'].should be_kind_of(::OpenSSL::SSL::SSLError)
+        last_request.env['omniauth.error.type'] = :service_unavailable
+      end
+    end
+
+    context 'Unauthorized failure' do
+      before do
+        stub_request(:post, 'https://api.example.org/oauth/access_token').
+           to_raise(::OAuth::Unauthorized.new("Unauthorized"))
+        get '/auth/example.org/callback', {}, {'rack.session' => { 'omniauth.xauth' => { 'x_auth_mode' => 'client_auth', 'x_auth_username' => 'username', 'x_auth_password' => 'password' }}}
+      end
+
+      it 'should call fail! with :service_unavailable' do
+        last_request.env['omniauth.error'].should be_kind_of(::OAuth::Unauthorized)
+        last_request.env['omniauth.error.type'] = :invalid_credentials
+      end
+    end
+
+    context 'JSON Parse error' do
+      before do
+        stub_request(:post, 'https://api.example.org/oauth/access_token').
+           to_raise(::MultiJson::DecodeError.new("Parse Error", 'foo', 'bar'))
+        get '/auth/example.org/callback', {}, {'rack.session' => { 'omniauth.xauth' => { 'x_auth_mode' => 'client_auth', 'x_auth_username' => 'username', 'x_auth_password' => 'password' }}}
+      end
+
+      it 'should call fail! with :service_unavailable' do
+        last_request.env['omniauth.error'].should be_kind_of(::MultiJson::DecodeError)
+        last_request.env['omniauth.error.type'] = :invalid_response
+      end
+    end
+  end
+
+  describe '/auth/{name}/callback with expired session' do
+    before do
+      stub_request(:post, 'https://api.example.org/oauth/access_token').
+         to_return(:body => "oauth_token=yourtoken&oauth_token_secret=yoursecret")
+      get '/auth/example.org/callback', {:oauth_verifier => 'dudeman'}, {'rack.session' => {}}
+    end
+
+    it 'should call fail! with :session_expired' do
+      last_request.env['omniauth.error'].should be_kind_of(::OmniAuth::NoSessionError)
+      last_request.env['omniauth.error.type'] = :session_expired
+    end
+  end
+end

data/spec/spec_helper.rb

@@ -0,0 +1,16 @@
+$:.unshift File.expand_path('..', __FILE__)
+$:.unshift File.expand_path('../../lib', __FILE__)
+require 'simplecov'
+SimpleCov.start
+require 'rspec'
+require 'rack/test'
+require 'webmock/rspec'
+require 'omniauth'
+require 'omniauth-xauth'
+
+RSpec.configure do |config|
+  config.include WebMock::API
+  config.include Rack::Test::Methods
+  config.extend  OmniAuth::Test::StrategyMacros, :type => :strategy
+end
+

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: omniauth-xauth
 version: !ruby/object:Gem::Version
-  version: 0.0.1
+  version: 0.0.2
   prerelease: 
 platform: ruby
 authors:
@@ -9,22 +9,22 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2011-12-05 00:00:00.000000000Z
+date: 2012-02-23 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: omniauth
-  requirement: &70139320703060 !ruby/object:Gem::Requirement
+  requirement: &70135755385160 !ruby/object:Gem::Requirement
     none: false
     requirements:
-    - - ! '>='
+    - - ~>
       - !ruby/object:Gem::Version
-        version: '0'
+        version: '1.0'
   type: :runtime
   prerelease: false
-  version_requirements: *70139320703060
+  version_requirements: *70135755385160
 - !ruby/object:Gem::Dependency
   name: oauth
-  requirement: &70139320702020 !ruby/object:Gem::Requirement
+  requirement: &70135755383940 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ! '>='
@@ -32,18 +32,51 @@ dependencies:
         version: '0'
   type: :runtime
   prerelease: false
-  version_requirements: *70139320702020
+  version_requirements: *70135755383940
 - !ruby/object:Gem::Dependency
-  name: multi_json
-  requirement: &70139320701480 !ruby/object:Gem::Requirement
+  name: rspec
+  requirement: &70135755383300 !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '2.8'
+  type: :development
+  prerelease: false
+  version_requirements: *70135755383300
+- !ruby/object:Gem::Dependency
+  name: webmock
+  requirement: &70135755382480 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ! '>='
       - !ruby/object:Gem::Version
         version: '0'
-  type: :runtime
+  type: :development
+  prerelease: false
+  version_requirements: *70135755382480
+- !ruby/object:Gem::Dependency
+  name: simplecov
+  requirement: &70135755381180 !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: *70135755381180
+- !ruby/object:Gem::Dependency
+  name: rack-test
+  requirement: &70135755380380 !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
   prerelease: false
-  version_requirements: *70139320701480
+  version_requirements: *70135755380380
 description: Abstract XAuth strategy for OmniAuth
 email:
 - aereal@kerare.org
@@ -52,12 +85,16 @@ extensions: []
 extra_rdoc_files: []
 files:
 - .gitignore
+- .rspec
 - Gemfile
+- README.md
 - Rakefile
 - lib/omniauth-xauth.rb
 - lib/omniauth-xauth/version.rb
 - lib/omniauth/strategies/xauth.rb
 - omniauth-xauth.gemspec
+- spec/omniauth/strategies/xauth_spec.rb
+- spec/spec_helper.rb
 homepage: https://github.com/aereal/omniauth-xauth
 licenses: []
 post_install_message: 
@@ -78,8 +115,11 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project: omniauth-xauth
-rubygems_version: 1.8.12
+rubygems_version: 1.8.17
 signing_key: 
 specification_version: 3
 summary: Abstract XAuth strategy for OmniAuth
-test_files: []
+test_files:
+- spec/omniauth/strategies/xauth_spec.rb
+- spec/spec_helper.rb
+has_rdoc: