omniauth 0.2.4 → 0.2.5
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of omniauth might be problematic. Click here for more details.
- data/.autotest +9 -0
- data/.document +5 -0
- data/.gitignore +36 -0
- data/.rspec +2 -0
- data/.travis.yml +7 -0
- data/.yardopts +4 -0
- data/Gemfile +6 -1
- data/README.markdown +121 -0
- data/Rakefile +50 -2
- data/lib/omniauth/version.rb +18 -4
- data/oa-basic/.gemtest +0 -0
- data/oa-basic/.rspec +3 -0
- data/oa-basic/.yardopts +4 -0
- data/oa-basic/LICENSE +19 -0
- data/oa-basic/README.rdoc +34 -0
- data/oa-basic/Rakefile +6 -0
- data/oa-basic/lib/oa-basic.rb +1 -0
- data/oa-basic/lib/omniauth/basic.rb +8 -0
- data/oa-basic/lib/omniauth/strategies/http_basic.rb +56 -0
- data/oa-basic/lib/omniauth/version.rb +19 -0
- data/oa-basic/oa-basic.gemspec +28 -0
- data/oa-basic/spec/omniauth/strategies/basic_spec.rb +7 -0
- data/oa-basic/spec/spec_helper.rb +11 -0
- data/oa-core/.gemtest +0 -0
- data/oa-core/.rspec +3 -0
- data/oa-core/.yardopts +4 -0
- data/oa-core/LICENSE +19 -0
- data/oa-core/Rakefile +6 -0
- data/oa-core/autotest/discover.rb +1 -0
- data/oa-core/lib/oa-core.rb +1 -0
- data/oa-core/lib/omniauth/builder.rb +33 -0
- data/oa-core/lib/omniauth/core.rb +135 -0
- data/oa-core/lib/omniauth/form.rb +184 -0
- data/oa-core/lib/omniauth/strategy.rb +227 -0
- data/oa-core/lib/omniauth/test.rb +12 -0
- data/oa-core/lib/omniauth/test/phony_session.rb +8 -0
- data/oa-core/lib/omniauth/test/strategy_macros.rb +34 -0
- data/oa-core/lib/omniauth/test/strategy_test_case.rb +49 -0
- data/oa-core/lib/omniauth/version.rb +19 -0
- data/oa-core/oa-core.gemspec +24 -0
- data/oa-core/spec/omniauth/builder_spec.rb +20 -0
- data/oa-core/spec/omniauth/core_spec.rb +79 -0
- data/oa-core/spec/omniauth/strategy_spec.rb +358 -0
- data/oa-core/spec/spec_helper.rb +12 -0
- data/oa-enterprise/.gemtest +0 -0
- data/oa-enterprise/.rspec +3 -0
- data/oa-enterprise/.yardopts +4 -0
- data/oa-enterprise/LICENSE +19 -0
- data/oa-enterprise/README.rdoc +82 -0
- data/oa-enterprise/Rakefile +6 -0
- data/oa-enterprise/lib/oa-enterprise.rb +1 -0
- data/oa-enterprise/lib/omniauth/enterprise.rb +8 -0
- data/oa-enterprise/lib/omniauth/strategies/cas.rb +47 -0
- data/oa-enterprise/lib/omniauth/strategies/cas/configuration.rb +98 -0
- data/oa-enterprise/lib/omniauth/strategies/cas/service_ticket_validator.rb +84 -0
- data/oa-enterprise/lib/omniauth/strategies/ldap.rb +111 -0
- data/oa-enterprise/lib/omniauth/strategies/ldap/adaptor.rb +279 -0
- data/oa-enterprise/lib/omniauth/version.rb +19 -0
- data/oa-enterprise/oa-enterprise.gemspec +32 -0
- data/oa-enterprise/spec/fixtures/cas_failure.xml +4 -0
- data/oa-enterprise/spec/fixtures/cas_success.xml +8 -0
- data/oa-enterprise/spec/omniauth/strategies/cas_spec.rb +94 -0
- data/oa-enterprise/spec/spec_helper.rb +14 -0
- data/oa-more/.gemtest +0 -0
- data/oa-more/.rspec +3 -0
- data/oa-more/.yardopts +4 -0
- data/oa-more/LICENSE +19 -0
- data/oa-more/README.rdoc +22 -0
- data/oa-more/Rakefile +6 -0
- data/oa-more/lib/oa-more.rb +1 -0
- data/oa-more/lib/omniauth/more.rb +9 -0
- data/oa-more/lib/omniauth/strategies/flickr.rb +86 -0
- data/oa-more/lib/omniauth/strategies/windows_live.rb +39 -0
- data/oa-more/lib/omniauth/strategies/windows_live/windowslivelogin.rb +1143 -0
- data/oa-more/lib/omniauth/strategies/yupoo.rb +67 -0
- data/oa-more/lib/omniauth/version.rb +19 -0
- data/oa-more/oa-more.gemspec +30 -0
- data/oa-more/spec/omniauth/strategies/flickr_spec.rb +7 -0
- data/oa-more/spec/spec_helper.rb +11 -0
- data/oa-oauth/.gemtest +0 -0
- data/oa-oauth/.rspec +3 -0
- data/oa-oauth/.yardopts +4 -0
- data/oa-oauth/LICENSE +19 -0
- data/oa-oauth/README.rdoc +35 -0
- data/oa-oauth/Rakefile +6 -0
- data/oa-oauth/autotest/discover.rb +1 -0
- data/oa-oauth/lib/oa-oauth.rb +1 -0
- data/oa-oauth/lib/omniauth/oauth.rb +53 -0
- data/oa-oauth/lib/omniauth/strategies/bitly.rb +46 -0
- data/oa-oauth/lib/omniauth/strategies/dailymile.rb +64 -0
- data/oa-oauth/lib/omniauth/strategies/doit.rb +60 -0
- data/oa-oauth/lib/omniauth/strategies/dopplr.rb +53 -0
- data/oa-oauth/lib/omniauth/strategies/douban.rb +60 -0
- data/oa-oauth/lib/omniauth/strategies/evernote.rb +54 -0
- data/oa-oauth/lib/omniauth/strategies/facebook.rb +70 -0
- data/oa-oauth/lib/omniauth/strategies/foursquare.rb +62 -0
- data/oa-oauth/lib/omniauth/strategies/github.rb +50 -0
- data/oa-oauth/lib/omniauth/strategies/goodreads.rb +44 -0
- data/oa-oauth/lib/omniauth/strategies/google.rb +80 -0
- data/oa-oauth/lib/omniauth/strategies/gowalla.rb +64 -0
- data/oa-oauth/lib/omniauth/strategies/hyves.rb +67 -0
- data/oa-oauth/lib/omniauth/strategies/identica.rb +49 -0
- data/oa-oauth/lib/omniauth/strategies/instagram.rb +56 -0
- data/oa-oauth/lib/omniauth/strategies/instapaper.rb +40 -0
- data/oa-oauth/lib/omniauth/strategies/linked_in.rb +55 -0
- data/oa-oauth/lib/omniauth/strategies/meetup.rb +56 -0
- data/oa-oauth/lib/omniauth/strategies/miso.rb +41 -0
- data/oa-oauth/lib/omniauth/strategies/mixi.rb +59 -0
- data/oa-oauth/lib/omniauth/strategies/netflix.rb +65 -0
- data/oa-oauth/lib/omniauth/strategies/oauth.rb +85 -0
- data/oa-oauth/lib/omniauth/strategies/oauth2.rb +98 -0
- data/oa-oauth/lib/omniauth/strategies/qzone.rb +69 -0
- data/oa-oauth/lib/omniauth/strategies/rdio.rb +45 -0
- data/oa-oauth/lib/omniauth/strategies/renren.rb +87 -0
- data/oa-oauth/lib/omniauth/strategies/salesforce.rb +44 -0
- data/oa-oauth/lib/omniauth/strategies/smug_mug.rb +42 -0
- data/oa-oauth/lib/omniauth/strategies/sound_cloud.rb +46 -0
- data/oa-oauth/lib/omniauth/strategies/t163.rb +57 -0
- data/oa-oauth/lib/omniauth/strategies/teambox.rb +49 -0
- data/oa-oauth/lib/omniauth/strategies/thirty_seven_signals.rb +41 -0
- data/oa-oauth/lib/omniauth/strategies/tqq.rb +64 -0
- data/oa-oauth/lib/omniauth/strategies/trade_me.rb +45 -0
- data/oa-oauth/lib/omniauth/strategies/trip_it.rb +22 -0
- data/oa-oauth/lib/omniauth/strategies/tsina.rb +79 -0
- data/oa-oauth/lib/omniauth/strategies/tsohu.rb +57 -0
- data/oa-oauth/lib/omniauth/strategies/tumblr.rb +60 -0
- data/oa-oauth/lib/omniauth/strategies/twitter.rb +57 -0
- data/oa-oauth/lib/omniauth/strategies/type_pad.rb +76 -0
- data/oa-oauth/lib/omniauth/strategies/vimeo.rb +54 -0
- data/oa-oauth/lib/omniauth/strategies/vkontakte.rb +84 -0
- data/oa-oauth/lib/omniauth/strategies/xauth.rb +67 -0
- data/oa-oauth/lib/omniauth/strategies/yahoo.rb +55 -0
- data/oa-oauth/lib/omniauth/strategies/yammer.rb +43 -0
- data/oa-oauth/lib/omniauth/strategies/you_tube.rb +73 -0
- data/oa-oauth/lib/omniauth/version.rb +19 -0
- data/oa-oauth/oa-oauth.gemspec +33 -0
- data/oa-oauth/spec/fixtures/basecamp_200.xml +24 -0
- data/oa-oauth/spec/fixtures/campfire_200.json +10 -0
- data/oa-oauth/spec/omniauth/strategies/bitly_spec.rb +5 -0
- data/oa-oauth/spec/omniauth/strategies/dailymile_spec.rb +5 -0
- data/oa-oauth/spec/omniauth/strategies/doit_spec.rb +5 -0
- data/oa-oauth/spec/omniauth/strategies/dopplr_spec.rb +5 -0
- data/oa-oauth/spec/omniauth/strategies/douban_spec.rb +5 -0
- data/oa-oauth/spec/omniauth/strategies/evernote_spec.rb +5 -0
- data/oa-oauth/spec/omniauth/strategies/facebook_spec.rb +5 -0
- data/oa-oauth/spec/omniauth/strategies/foursquare_spec.rb +18 -0
- data/oa-oauth/spec/omniauth/strategies/github_spec.rb +5 -0
- data/oa-oauth/spec/omniauth/strategies/goodreads_spec.rb +6 -0
- data/oa-oauth/spec/omniauth/strategies/google_spec.rb +5 -0
- data/oa-oauth/spec/omniauth/strategies/gowalla_spec.rb +5 -0
- data/oa-oauth/spec/omniauth/strategies/hyves_spec.rb +5 -0
- data/oa-oauth/spec/omniauth/strategies/identica_spec.rb +5 -0
- data/oa-oauth/spec/omniauth/strategies/linked_in_spec.rb +5 -0
- data/oa-oauth/spec/omniauth/strategies/meetup_spec.rb +14 -0
- data/oa-oauth/spec/omniauth/strategies/miso_spec.rb +5 -0
- data/oa-oauth/spec/omniauth/strategies/netflix_spec.rb +5 -0
- data/oa-oauth/spec/omniauth/strategies/oauth2_spec.rb +0 -0
- data/oa-oauth/spec/omniauth/strategies/oauth_spec.rb +77 -0
- data/oa-oauth/spec/omniauth/strategies/rdio_spec.rb +5 -0
- data/oa-oauth/spec/omniauth/strategies/salesforce_spec.rb +5 -0
- data/oa-oauth/spec/omniauth/strategies/smug_mug_spec.rb +5 -0
- data/oa-oauth/spec/omniauth/strategies/sound_cloud_spec.rb +5 -0
- data/oa-oauth/spec/omniauth/strategies/t163_spec.rb +5 -0
- data/oa-oauth/spec/omniauth/strategies/teambox_spec.rb +5 -0
- data/oa-oauth/spec/omniauth/strategies/thirty_seven_signals_spec.rb +5 -0
- data/oa-oauth/spec/omniauth/strategies/trade_me_spec.rb +5 -0
- data/oa-oauth/spec/omniauth/strategies/trip_it_spec.rb +5 -0
- data/oa-oauth/spec/omniauth/strategies/tsina_spec.rb +5 -0
- data/oa-oauth/spec/omniauth/strategies/tumblr_spec.rb +5 -0
- data/oa-oauth/spec/omniauth/strategies/twitter_spec.rb +20 -0
- data/oa-oauth/spec/omniauth/strategies/type_pad_spec.rb +5 -0
- data/oa-oauth/spec/omniauth/strategies/vimeo_spec.rb +5 -0
- data/oa-oauth/spec/omniauth/strategies/vkontakte_spec.rb +5 -0
- data/oa-oauth/spec/omniauth/strategies/yahoo_spec.rb +5 -0
- data/oa-oauth/spec/omniauth/strategies/yammer_spec.rb +5 -0
- data/oa-oauth/spec/omniauth/strategies/you_tube_spec.rb +5 -0
- data/oa-oauth/spec/spec_helper.rb +27 -0
- data/oa-oauth/spec/support/shared_examples.rb +29 -0
- data/oa-openid/.gemtest +0 -0
- data/oa-openid/.rspec +3 -0
- data/oa-openid/.yardopts +4 -0
- data/oa-openid/LICENSE +19 -0
- data/oa-openid/README.rdoc +51 -0
- data/oa-openid/Rakefile +6 -0
- data/oa-openid/lib/oa-openid.rb +1 -0
- data/oa-openid/lib/omniauth/openid.rb +59 -0
- data/oa-openid/lib/omniauth/openid/gapps.rb +32 -0
- data/oa-openid/lib/omniauth/strategies/google_apps.rb +23 -0
- data/oa-openid/lib/omniauth/strategies/open_id.rb +132 -0
- data/oa-openid/lib/omniauth/version.rb +19 -0
- data/oa-openid/oa-openid.gemspec +29 -0
- data/oa-openid/spec/omniauth/strategies/open_id_spec.rb +71 -0
- data/oa-openid/spec/spec_helper.rb +14 -0
- data/omniauth.gemspec +3 -3
- data/tasks/all.rb +134 -0
- metadata +199 -9
- data/README.rdoc +0 -17
@@ -0,0 +1,20 @@
|
|
1
|
+
require File.expand_path('../../../spec_helper', __FILE__)
|
2
|
+
|
3
|
+
describe OmniAuth::Strategies::Twitter do
|
4
|
+
it_should_behave_like 'an oauth strategy'
|
5
|
+
|
6
|
+
it 'should use the authenticate (sign in) path by default' do
|
7
|
+
s = strategy_class.new(app, 'abc', 'def')
|
8
|
+
s.consumer.options[:authorize_path].should == '/oauth/authenticate'
|
9
|
+
end
|
10
|
+
|
11
|
+
it 'should set options[:authorize_params] to { :force_login => "true" } if :force_login is true' do
|
12
|
+
s = strategy_class.new(app, 'abc', 'def', :force_login => true)
|
13
|
+
s.options[:authorize_params].should == { :force_login => 'true' }
|
14
|
+
end
|
15
|
+
|
16
|
+
it 'should use the authorize path if :sign_in is false' do
|
17
|
+
s = strategy_class.new(app, 'abc', 'def', :sign_in => false)
|
18
|
+
s.consumer.options[:authorize_path].should == '/oauth/authorize'
|
19
|
+
end
|
20
|
+
end
|
@@ -0,0 +1,27 @@
|
|
1
|
+
require 'simplecov'
|
2
|
+
SimpleCov.start
|
3
|
+
require 'rspec'
|
4
|
+
require 'rack/test'
|
5
|
+
require 'webmock/rspec'
|
6
|
+
require 'omniauth/core'
|
7
|
+
require 'omniauth/test'
|
8
|
+
require 'omniauth/oauth'
|
9
|
+
require File.expand_path('../support/shared_examples', __FILE__)
|
10
|
+
|
11
|
+
RSpec.configure do |config|
|
12
|
+
config.include WebMock::API
|
13
|
+
config.include Rack::Test::Methods
|
14
|
+
config.extend OmniAuth::Test::StrategyMacros, :type => :strategy
|
15
|
+
end
|
16
|
+
|
17
|
+
def strategy_class
|
18
|
+
meta = self.class.metadata
|
19
|
+
while meta.key?(:example_group)
|
20
|
+
meta = meta[:example_group]
|
21
|
+
end
|
22
|
+
meta[:describes]
|
23
|
+
end
|
24
|
+
|
25
|
+
def app
|
26
|
+
lambda{|env| [200, {}, ['Hello']]}
|
27
|
+
end
|
@@ -0,0 +1,29 @@
|
|
1
|
+
shared_examples_for "an oauth strategy" do
|
2
|
+
it 'should be initializable with only three arguments' do
|
3
|
+
lambda{ strategy_class.new(lambda{|env| [200, {}, ['Hello World']]}, 'key', 'secret') }.should_not raise_error
|
4
|
+
end
|
5
|
+
|
6
|
+
it 'should be initializable with a block' do
|
7
|
+
lambda{ strategy_class.new(lambda{|env| [200, {}, ['Hello World']]}){|s| s.consumer_key = 'abc'} }.should_not raise_error
|
8
|
+
end
|
9
|
+
|
10
|
+
it 'should handle the setting of client options' do
|
11
|
+
s = strategy_class.new(lambda{|env| [200, {}, ['Hello World']]}, 'key', 'secret', :client_options => {:abc => 'def'})
|
12
|
+
s.consumer.options[:abc].should == 'def'
|
13
|
+
end
|
14
|
+
end
|
15
|
+
|
16
|
+
shared_examples_for "an oauth2 strategy" do
|
17
|
+
it 'should be initializable with only three arguments' do
|
18
|
+
lambda{ strategy_class.new(lambda{|env| [200, {}, ['Hello World']]}, 'key', 'secret') }.should_not raise_error
|
19
|
+
end
|
20
|
+
|
21
|
+
it 'should be initializable with a block' do
|
22
|
+
lambda{ strategy_class.new(lambda{|env| [200, {}, ['Hello World']]}){|s| s.client_id = 'abc'} }.should_not raise_error
|
23
|
+
end
|
24
|
+
|
25
|
+
it 'should handle the setting of client options' do
|
26
|
+
s = strategy_class.new(lambda{|env| [200, {}, ['Hello World']]}, 'key', 'secret', :client_options => {:abc => 'def'})
|
27
|
+
s.client.options[:abc].should == 'def'
|
28
|
+
end
|
29
|
+
end
|
data/oa-openid/.gemtest
ADDED
File without changes
|
data/oa-openid/.rspec
ADDED
data/oa-openid/.yardopts
ADDED
data/oa-openid/LICENSE
ADDED
@@ -0,0 +1,19 @@
|
|
1
|
+
Copyright (c) 2010-2011 Michael Bleigh and Intridea, Inc.
|
2
|
+
|
3
|
+
Permission is hereby granted, free of charge, to any person obtaining a copy
|
4
|
+
of this software and associated documentation files (the "Software"), to deal
|
5
|
+
in the Software without restriction, including without limitation the rights
|
6
|
+
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
7
|
+
copies of the Software, and to permit persons to whom the Software is
|
8
|
+
furnished to do so, subject to the following conditions:
|
9
|
+
|
10
|
+
The above copyright notice and this permission notice shall be included in
|
11
|
+
all copies or substantial portions of the Software.
|
12
|
+
|
13
|
+
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
14
|
+
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
15
|
+
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
16
|
+
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
17
|
+
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
18
|
+
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
|
19
|
+
THE SOFTWARE.
|
@@ -0,0 +1,51 @@
|
|
1
|
+
= OmniAuth::OpenID
|
2
|
+
|
3
|
+
Provides strategies for authenticating to providers using the OpenID standard.
|
4
|
+
|
5
|
+
== Installation
|
6
|
+
|
7
|
+
To get just OpenID functionality:
|
8
|
+
|
9
|
+
gem install oa-openid
|
10
|
+
|
11
|
+
For the full auth suite:
|
12
|
+
|
13
|
+
gem install omniauth
|
14
|
+
|
15
|
+
== Stand-Alone Example
|
16
|
+
|
17
|
+
Use the strategy as a middleware in your application:
|
18
|
+
|
19
|
+
require 'omniauth/openid'
|
20
|
+
require 'openid/store/filesystem'
|
21
|
+
|
22
|
+
use Rack::Session::Cookie
|
23
|
+
use OmniAuth::Strategies::OpenID, OpenID::Store::Filesystem.new('/tmp')
|
24
|
+
|
25
|
+
Then simply direct users to '/auth/open_id' to prompt them for their OpenID identifier. You may also pre-set the identifier by passing an <tt>identifier</tt> parameter to the URL (Example: <tt>/auth/open_id?openid_url=yahoo.com</tt>).
|
26
|
+
|
27
|
+
A list of all OpenID stores is available at http://github.com/openid/ruby-openid/tree/master/lib/openid/store/
|
28
|
+
|
29
|
+
== OmniAuth Builder
|
30
|
+
|
31
|
+
If OpenID is one of several authentication strategies, use the OmniAuth Builder:
|
32
|
+
|
33
|
+
require 'omniauth/openid'
|
34
|
+
require 'omniauth/basic' # for Campfire
|
35
|
+
require 'openid/store/filesystem'
|
36
|
+
|
37
|
+
use OmniAuth::Builder do
|
38
|
+
provider :open_id, OpenID::Store::Filesystem.new('/tmp')
|
39
|
+
provider :campfire
|
40
|
+
end
|
41
|
+
|
42
|
+
== Configured Identifiers
|
43
|
+
|
44
|
+
You may pre-configure an OpenID identifier. For example, to use Google's main OpenID endpoint:
|
45
|
+
|
46
|
+
use OmniAuth::Builder do
|
47
|
+
provider :open_id, nil, :name => 'google', :identifier => 'https://www.google.com/accounts/o8/id'
|
48
|
+
end
|
49
|
+
|
50
|
+
Note the use of nil, which will trigger ruby-openid's default Memory Store.
|
51
|
+
|
data/oa-openid/Rakefile
ADDED
@@ -0,0 +1 @@
|
|
1
|
+
require 'omniauth/openid'
|
@@ -0,0 +1,59 @@
|
|
1
|
+
require 'omniauth/core'
|
2
|
+
|
3
|
+
module OmniAuth
|
4
|
+
# OmniAuth::OpenID provides strategies for authenticating to providers
|
5
|
+
# using the OpenID standard.
|
6
|
+
#
|
7
|
+
# # Installation
|
8
|
+
#
|
9
|
+
# To get just OpenID functionality:
|
10
|
+
#
|
11
|
+
# gem install oa-openid
|
12
|
+
#
|
13
|
+
# For the full auth suite:
|
14
|
+
#
|
15
|
+
# gem install omniauth
|
16
|
+
#
|
17
|
+
# # Stand-Alone Example
|
18
|
+
#
|
19
|
+
# Use the strategy as a middleware in your application:
|
20
|
+
#
|
21
|
+
# require 'omniauth/openid'
|
22
|
+
# require 'openid/store/filesystem'
|
23
|
+
#
|
24
|
+
# use Rack::Session::Cookie
|
25
|
+
# use OmniAuth::Strategies::OpenID, OpenID::Store::Filesystem.new('/tmp')
|
26
|
+
#
|
27
|
+
# Then simply direct users to '/auth/open_id' to prompt them for their OpenID identifier. You may also pre-set the identifier by passing an <tt>identifier</tt> parameter to the URL (Example: <tt>/auth/open_id?openid_url=yahoo.com</tt>).
|
28
|
+
#
|
29
|
+
# A list of all OpenID stores is available at http://github.com/openid/ruby-openid/tree/master/lib/openid/store/
|
30
|
+
#
|
31
|
+
# # OmniAuth Builder
|
32
|
+
#
|
33
|
+
# If OpenID is one of several authentication strategies, use the OmniAuth Builder:
|
34
|
+
#
|
35
|
+
# require 'omniauth/openid'
|
36
|
+
# require 'omniauth/basic' # for Campfire
|
37
|
+
# require 'openid/store/filesystem'
|
38
|
+
#
|
39
|
+
# use OmniAuth::Builder do
|
40
|
+
# provider :open_id, OpenID::Store::Filesystem.new('/tmp')
|
41
|
+
# provider :campfire
|
42
|
+
# end
|
43
|
+
#
|
44
|
+
# # Configured Identifiers
|
45
|
+
#
|
46
|
+
# You may pre-configure an OpenID identifier. For example, to use Google's main OpenID endpoint:
|
47
|
+
#
|
48
|
+
# use OmniAuth::Builder do
|
49
|
+
# provider :open_id, nil, :name => 'google', :identifier => 'https://www.google.com/accounts/o8/id'
|
50
|
+
# end
|
51
|
+
#
|
52
|
+
# Note the use of nil, which will trigger ruby-openid's default Memory Store.
|
53
|
+
module OpenID; end
|
54
|
+
|
55
|
+
module Strategies
|
56
|
+
autoload :OpenID, 'omniauth/strategies/open_id'
|
57
|
+
autoload :GoogleApps, 'omniauth/strategies/google_apps'
|
58
|
+
end
|
59
|
+
end
|
@@ -0,0 +1,32 @@
|
|
1
|
+
require 'openid/consumer'
|
2
|
+
require 'gapps_openid'
|
3
|
+
|
4
|
+
module OpenID
|
5
|
+
# Because gapps_openid changes the discovery order
|
6
|
+
# (looking first for Google Apps, then anything else),
|
7
|
+
# we need to monkeypatch it to make it play nicely
|
8
|
+
# with others.
|
9
|
+
def self.discover(uri)
|
10
|
+
discovered = self.default_discover(uri)
|
11
|
+
|
12
|
+
if discovered.last.empty?
|
13
|
+
info = discover_google_apps(uri)
|
14
|
+
return info if info
|
15
|
+
end
|
16
|
+
|
17
|
+
return discovered
|
18
|
+
rescue OpenID::DiscoveryFailure => e
|
19
|
+
info = discover_google_apps(uri)
|
20
|
+
|
21
|
+
if info.nil?
|
22
|
+
raise e
|
23
|
+
else
|
24
|
+
return info
|
25
|
+
end
|
26
|
+
end
|
27
|
+
|
28
|
+
def self.discover_google_apps(uri)
|
29
|
+
discovery = GoogleDiscovery.new
|
30
|
+
discovery.perform_discovery(uri)
|
31
|
+
end
|
32
|
+
end
|
@@ -0,0 +1,23 @@
|
|
1
|
+
require 'omniauth/openid'
|
2
|
+
|
3
|
+
module OmniAuth
|
4
|
+
module Strategies
|
5
|
+
class GoogleApps < OmniAuth::Strategies::OpenID
|
6
|
+
def initialize(app, store = nil, options = {}, &block)
|
7
|
+
options[:name] ||= 'google_apps'
|
8
|
+
super(app, store, options, &block)
|
9
|
+
end
|
10
|
+
|
11
|
+
def get_identifier
|
12
|
+
OmniAuth::Form.build(:title => 'Google Apps Authentication') do
|
13
|
+
label_field('Google Apps Domain', 'domain')
|
14
|
+
input_field('url', 'domain')
|
15
|
+
end.to_response
|
16
|
+
end
|
17
|
+
|
18
|
+
def identifier
|
19
|
+
options[:domain] || request['domain']
|
20
|
+
end
|
21
|
+
end
|
22
|
+
end
|
23
|
+
end
|
@@ -0,0 +1,132 @@
|
|
1
|
+
require 'rack/openid'
|
2
|
+
require 'omniauth/openid/gapps'
|
3
|
+
require 'omniauth/openid'
|
4
|
+
|
5
|
+
module OmniAuth
|
6
|
+
module Strategies
|
7
|
+
# OmniAuth strategy for connecting via OpenID. This allows for connection
|
8
|
+
# to a wide variety of sites, some of which are listed [on the OpenID website](http://openid.net/get-an-openid/).
|
9
|
+
class OpenID
|
10
|
+
include OmniAuth::Strategy
|
11
|
+
|
12
|
+
attr_accessor :options
|
13
|
+
|
14
|
+
IDENTIFIER_URL_PARAMETER = 'openid_url'
|
15
|
+
|
16
|
+
AX = {
|
17
|
+
:email => 'http://axschema.org/contact/email',
|
18
|
+
:name => 'http://axschema.org/namePerson',
|
19
|
+
:nickname => 'http://axschema.org/namePerson/friendly',
|
20
|
+
:first_name => 'http://axschema.org/namePerson/first',
|
21
|
+
:last_name => 'http://axschema.org/namePerson/last',
|
22
|
+
:city => 'http://axschema.org/contact/city/home',
|
23
|
+
:state => 'http://axschema.org/contact/state/home',
|
24
|
+
:website => 'http://axschema.org/contact/web/default',
|
25
|
+
:image => 'http://axschema.org/media/image/aspect11'
|
26
|
+
}
|
27
|
+
|
28
|
+
# Initialize the strategy as a Rack Middleware.
|
29
|
+
#
|
30
|
+
# @param app [Rack Application] Standard Rack middleware application argument.
|
31
|
+
# @param store [OpenID Store] The [OpenID Store](http://github.com/openid/ruby-openid/tree/master/lib/openid/store/)
|
32
|
+
# you wish to use. Defaults to OpenID::MemoryStore.
|
33
|
+
# @option options [Array] :required The identity fields that are required for the OpenID
|
34
|
+
# request. May be an ActiveExchange schema URL or an sreg identifier.
|
35
|
+
# @option options [Array] :optional The optional attributes for the OpenID request. May
|
36
|
+
# be ActiveExchange or sreg.
|
37
|
+
# @option options [Symbol, :open_id] :name The URL segment name for this provider.
|
38
|
+
def initialize(app, store = nil, options = {}, &block)
|
39
|
+
super(app, (options[:name] || :open_id), &block)
|
40
|
+
@options = options
|
41
|
+
@options[:required] ||= [AX[:email], AX[:name], AX[:first_name], AX[:last_name], 'email', 'fullname']
|
42
|
+
@options[:optional] ||= [AX[:nickname], AX[:city], AX[:state], AX[:website], AX[:image], 'postcode', 'nickname']
|
43
|
+
@store = store
|
44
|
+
end
|
45
|
+
|
46
|
+
protected
|
47
|
+
|
48
|
+
def dummy_app
|
49
|
+
lambda{|env| [401, {"WWW-Authenticate" => Rack::OpenID.build_header(
|
50
|
+
:identifier => identifier,
|
51
|
+
:return_to => callback_url,
|
52
|
+
:required => @options[:required],
|
53
|
+
:optional => @options[:optional],
|
54
|
+
:method => 'post'
|
55
|
+
)}, []]}
|
56
|
+
end
|
57
|
+
|
58
|
+
def identifier
|
59
|
+
options[:identifier] || request[IDENTIFIER_URL_PARAMETER]
|
60
|
+
end
|
61
|
+
|
62
|
+
def request_phase
|
63
|
+
identifier ? start : get_identifier
|
64
|
+
end
|
65
|
+
|
66
|
+
def start
|
67
|
+
openid = Rack::OpenID.new(dummy_app, @store)
|
68
|
+
response = openid.call(env)
|
69
|
+
case env['rack.openid.response']
|
70
|
+
when Rack::OpenID::MissingResponse, Rack::OpenID::TimeoutResponse
|
71
|
+
fail!(:connection_failed)
|
72
|
+
else
|
73
|
+
response
|
74
|
+
end
|
75
|
+
end
|
76
|
+
|
77
|
+
def get_identifier
|
78
|
+
OmniAuth::Form.build(:title => 'OpenID Authentication') do
|
79
|
+
label_field('OpenID Identifier', IDENTIFIER_URL_PARAMETER)
|
80
|
+
input_field('url', IDENTIFIER_URL_PARAMETER)
|
81
|
+
end.to_response
|
82
|
+
end
|
83
|
+
|
84
|
+
def callback_phase
|
85
|
+
openid = Rack::OpenID.new(lambda{|env| [200,{},[]]}, @store)
|
86
|
+
openid.call(env)
|
87
|
+
@openid_response = env.delete('rack.openid.response')
|
88
|
+
if @openid_response && @openid_response.status == :success
|
89
|
+
super
|
90
|
+
else
|
91
|
+
fail!(:invalid_credentials)
|
92
|
+
end
|
93
|
+
end
|
94
|
+
|
95
|
+
def auth_hash
|
96
|
+
OmniAuth::Utils.deep_merge(super(), {
|
97
|
+
'uid' => @openid_response.display_identifier,
|
98
|
+
'user_info' => user_info(@openid_response)
|
99
|
+
})
|
100
|
+
end
|
101
|
+
|
102
|
+
def user_info(response)
|
103
|
+
sreg_user_info(response).merge(ax_user_info(response))
|
104
|
+
end
|
105
|
+
|
106
|
+
def sreg_user_info(response)
|
107
|
+
sreg = ::OpenID::SReg::Response.from_success_response(response)
|
108
|
+
return {} unless sreg
|
109
|
+
{
|
110
|
+
'email' => sreg['email'],
|
111
|
+
'name' => sreg['fullname'],
|
112
|
+
'location' => sreg['postcode'],
|
113
|
+
'nickname' => sreg['nickname']
|
114
|
+
}.reject{|k,v| v.nil? || v == ''}
|
115
|
+
end
|
116
|
+
|
117
|
+
def ax_user_info(response)
|
118
|
+
ax = ::OpenID::AX::FetchResponse.from_success_response(response)
|
119
|
+
return {} unless ax
|
120
|
+
{
|
121
|
+
'email' => ax.get_single(AX[:email]),
|
122
|
+
'first_name' => ax.get_single(AX[:first_name]),
|
123
|
+
'last_name' => ax.get_single(AX[:last_name]),
|
124
|
+
'name' => (ax.get_single(AX[:name]) || [ax.get_single(AX[:first_name]), ax.get_single(AX[:last_name])].join(' ')).strip,
|
125
|
+
'location' => ("#{ax.get_single(AX[:city])}, #{ax.get_single(AX[:state])}" if Array(ax.get_single(AX[:city])).any? && Array(ax.get_single(AX[:state])).any?),
|
126
|
+
'nickname' => ax.get_single(AX[:nickname]),
|
127
|
+
'urls' => ({'Website' => Array(ax.get_single(AX[:website])).first} if Array(ax.get_single(AX[:website])).any?)
|
128
|
+
}.inject({}){|h,(k,v)| h[k] = Array(v).first; h}.reject{|k,v| v.nil? || v == ''}
|
129
|
+
end
|
130
|
+
end
|
131
|
+
end
|
132
|
+
end
|