omniauth 0.2.4 → 0.2.5
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of omniauth might be problematic. Click here for more details.
- data/.autotest +9 -0
- data/.document +5 -0
- data/.gitignore +36 -0
- data/.rspec +2 -0
- data/.travis.yml +7 -0
- data/.yardopts +4 -0
- data/Gemfile +6 -1
- data/README.markdown +121 -0
- data/Rakefile +50 -2
- data/lib/omniauth/version.rb +18 -4
- data/oa-basic/.gemtest +0 -0
- data/oa-basic/.rspec +3 -0
- data/oa-basic/.yardopts +4 -0
- data/oa-basic/LICENSE +19 -0
- data/oa-basic/README.rdoc +34 -0
- data/oa-basic/Rakefile +6 -0
- data/oa-basic/lib/oa-basic.rb +1 -0
- data/oa-basic/lib/omniauth/basic.rb +8 -0
- data/oa-basic/lib/omniauth/strategies/http_basic.rb +56 -0
- data/oa-basic/lib/omniauth/version.rb +19 -0
- data/oa-basic/oa-basic.gemspec +28 -0
- data/oa-basic/spec/omniauth/strategies/basic_spec.rb +7 -0
- data/oa-basic/spec/spec_helper.rb +11 -0
- data/oa-core/.gemtest +0 -0
- data/oa-core/.rspec +3 -0
- data/oa-core/.yardopts +4 -0
- data/oa-core/LICENSE +19 -0
- data/oa-core/Rakefile +6 -0
- data/oa-core/autotest/discover.rb +1 -0
- data/oa-core/lib/oa-core.rb +1 -0
- data/oa-core/lib/omniauth/builder.rb +33 -0
- data/oa-core/lib/omniauth/core.rb +135 -0
- data/oa-core/lib/omniauth/form.rb +184 -0
- data/oa-core/lib/omniauth/strategy.rb +227 -0
- data/oa-core/lib/omniauth/test.rb +12 -0
- data/oa-core/lib/omniauth/test/phony_session.rb +8 -0
- data/oa-core/lib/omniauth/test/strategy_macros.rb +34 -0
- data/oa-core/lib/omniauth/test/strategy_test_case.rb +49 -0
- data/oa-core/lib/omniauth/version.rb +19 -0
- data/oa-core/oa-core.gemspec +24 -0
- data/oa-core/spec/omniauth/builder_spec.rb +20 -0
- data/oa-core/spec/omniauth/core_spec.rb +79 -0
- data/oa-core/spec/omniauth/strategy_spec.rb +358 -0
- data/oa-core/spec/spec_helper.rb +12 -0
- data/oa-enterprise/.gemtest +0 -0
- data/oa-enterprise/.rspec +3 -0
- data/oa-enterprise/.yardopts +4 -0
- data/oa-enterprise/LICENSE +19 -0
- data/oa-enterprise/README.rdoc +82 -0
- data/oa-enterprise/Rakefile +6 -0
- data/oa-enterprise/lib/oa-enterprise.rb +1 -0
- data/oa-enterprise/lib/omniauth/enterprise.rb +8 -0
- data/oa-enterprise/lib/omniauth/strategies/cas.rb +47 -0
- data/oa-enterprise/lib/omniauth/strategies/cas/configuration.rb +98 -0
- data/oa-enterprise/lib/omniauth/strategies/cas/service_ticket_validator.rb +84 -0
- data/oa-enterprise/lib/omniauth/strategies/ldap.rb +111 -0
- data/oa-enterprise/lib/omniauth/strategies/ldap/adaptor.rb +279 -0
- data/oa-enterprise/lib/omniauth/version.rb +19 -0
- data/oa-enterprise/oa-enterprise.gemspec +32 -0
- data/oa-enterprise/spec/fixtures/cas_failure.xml +4 -0
- data/oa-enterprise/spec/fixtures/cas_success.xml +8 -0
- data/oa-enterprise/spec/omniauth/strategies/cas_spec.rb +94 -0
- data/oa-enterprise/spec/spec_helper.rb +14 -0
- data/oa-more/.gemtest +0 -0
- data/oa-more/.rspec +3 -0
- data/oa-more/.yardopts +4 -0
- data/oa-more/LICENSE +19 -0
- data/oa-more/README.rdoc +22 -0
- data/oa-more/Rakefile +6 -0
- data/oa-more/lib/oa-more.rb +1 -0
- data/oa-more/lib/omniauth/more.rb +9 -0
- data/oa-more/lib/omniauth/strategies/flickr.rb +86 -0
- data/oa-more/lib/omniauth/strategies/windows_live.rb +39 -0
- data/oa-more/lib/omniauth/strategies/windows_live/windowslivelogin.rb +1143 -0
- data/oa-more/lib/omniauth/strategies/yupoo.rb +67 -0
- data/oa-more/lib/omniauth/version.rb +19 -0
- data/oa-more/oa-more.gemspec +30 -0
- data/oa-more/spec/omniauth/strategies/flickr_spec.rb +7 -0
- data/oa-more/spec/spec_helper.rb +11 -0
- data/oa-oauth/.gemtest +0 -0
- data/oa-oauth/.rspec +3 -0
- data/oa-oauth/.yardopts +4 -0
- data/oa-oauth/LICENSE +19 -0
- data/oa-oauth/README.rdoc +35 -0
- data/oa-oauth/Rakefile +6 -0
- data/oa-oauth/autotest/discover.rb +1 -0
- data/oa-oauth/lib/oa-oauth.rb +1 -0
- data/oa-oauth/lib/omniauth/oauth.rb +53 -0
- data/oa-oauth/lib/omniauth/strategies/bitly.rb +46 -0
- data/oa-oauth/lib/omniauth/strategies/dailymile.rb +64 -0
- data/oa-oauth/lib/omniauth/strategies/doit.rb +60 -0
- data/oa-oauth/lib/omniauth/strategies/dopplr.rb +53 -0
- data/oa-oauth/lib/omniauth/strategies/douban.rb +60 -0
- data/oa-oauth/lib/omniauth/strategies/evernote.rb +54 -0
- data/oa-oauth/lib/omniauth/strategies/facebook.rb +70 -0
- data/oa-oauth/lib/omniauth/strategies/foursquare.rb +62 -0
- data/oa-oauth/lib/omniauth/strategies/github.rb +50 -0
- data/oa-oauth/lib/omniauth/strategies/goodreads.rb +44 -0
- data/oa-oauth/lib/omniauth/strategies/google.rb +80 -0
- data/oa-oauth/lib/omniauth/strategies/gowalla.rb +64 -0
- data/oa-oauth/lib/omniauth/strategies/hyves.rb +67 -0
- data/oa-oauth/lib/omniauth/strategies/identica.rb +49 -0
- data/oa-oauth/lib/omniauth/strategies/instagram.rb +56 -0
- data/oa-oauth/lib/omniauth/strategies/instapaper.rb +40 -0
- data/oa-oauth/lib/omniauth/strategies/linked_in.rb +55 -0
- data/oa-oauth/lib/omniauth/strategies/meetup.rb +56 -0
- data/oa-oauth/lib/omniauth/strategies/miso.rb +41 -0
- data/oa-oauth/lib/omniauth/strategies/mixi.rb +59 -0
- data/oa-oauth/lib/omniauth/strategies/netflix.rb +65 -0
- data/oa-oauth/lib/omniauth/strategies/oauth.rb +85 -0
- data/oa-oauth/lib/omniauth/strategies/oauth2.rb +98 -0
- data/oa-oauth/lib/omniauth/strategies/qzone.rb +69 -0
- data/oa-oauth/lib/omniauth/strategies/rdio.rb +45 -0
- data/oa-oauth/lib/omniauth/strategies/renren.rb +87 -0
- data/oa-oauth/lib/omniauth/strategies/salesforce.rb +44 -0
- data/oa-oauth/lib/omniauth/strategies/smug_mug.rb +42 -0
- data/oa-oauth/lib/omniauth/strategies/sound_cloud.rb +46 -0
- data/oa-oauth/lib/omniauth/strategies/t163.rb +57 -0
- data/oa-oauth/lib/omniauth/strategies/teambox.rb +49 -0
- data/oa-oauth/lib/omniauth/strategies/thirty_seven_signals.rb +41 -0
- data/oa-oauth/lib/omniauth/strategies/tqq.rb +64 -0
- data/oa-oauth/lib/omniauth/strategies/trade_me.rb +45 -0
- data/oa-oauth/lib/omniauth/strategies/trip_it.rb +22 -0
- data/oa-oauth/lib/omniauth/strategies/tsina.rb +79 -0
- data/oa-oauth/lib/omniauth/strategies/tsohu.rb +57 -0
- data/oa-oauth/lib/omniauth/strategies/tumblr.rb +60 -0
- data/oa-oauth/lib/omniauth/strategies/twitter.rb +57 -0
- data/oa-oauth/lib/omniauth/strategies/type_pad.rb +76 -0
- data/oa-oauth/lib/omniauth/strategies/vimeo.rb +54 -0
- data/oa-oauth/lib/omniauth/strategies/vkontakte.rb +84 -0
- data/oa-oauth/lib/omniauth/strategies/xauth.rb +67 -0
- data/oa-oauth/lib/omniauth/strategies/yahoo.rb +55 -0
- data/oa-oauth/lib/omniauth/strategies/yammer.rb +43 -0
- data/oa-oauth/lib/omniauth/strategies/you_tube.rb +73 -0
- data/oa-oauth/lib/omniauth/version.rb +19 -0
- data/oa-oauth/oa-oauth.gemspec +33 -0
- data/oa-oauth/spec/fixtures/basecamp_200.xml +24 -0
- data/oa-oauth/spec/fixtures/campfire_200.json +10 -0
- data/oa-oauth/spec/omniauth/strategies/bitly_spec.rb +5 -0
- data/oa-oauth/spec/omniauth/strategies/dailymile_spec.rb +5 -0
- data/oa-oauth/spec/omniauth/strategies/doit_spec.rb +5 -0
- data/oa-oauth/spec/omniauth/strategies/dopplr_spec.rb +5 -0
- data/oa-oauth/spec/omniauth/strategies/douban_spec.rb +5 -0
- data/oa-oauth/spec/omniauth/strategies/evernote_spec.rb +5 -0
- data/oa-oauth/spec/omniauth/strategies/facebook_spec.rb +5 -0
- data/oa-oauth/spec/omniauth/strategies/foursquare_spec.rb +18 -0
- data/oa-oauth/spec/omniauth/strategies/github_spec.rb +5 -0
- data/oa-oauth/spec/omniauth/strategies/goodreads_spec.rb +6 -0
- data/oa-oauth/spec/omniauth/strategies/google_spec.rb +5 -0
- data/oa-oauth/spec/omniauth/strategies/gowalla_spec.rb +5 -0
- data/oa-oauth/spec/omniauth/strategies/hyves_spec.rb +5 -0
- data/oa-oauth/spec/omniauth/strategies/identica_spec.rb +5 -0
- data/oa-oauth/spec/omniauth/strategies/linked_in_spec.rb +5 -0
- data/oa-oauth/spec/omniauth/strategies/meetup_spec.rb +14 -0
- data/oa-oauth/spec/omniauth/strategies/miso_spec.rb +5 -0
- data/oa-oauth/spec/omniauth/strategies/netflix_spec.rb +5 -0
- data/oa-oauth/spec/omniauth/strategies/oauth2_spec.rb +0 -0
- data/oa-oauth/spec/omniauth/strategies/oauth_spec.rb +77 -0
- data/oa-oauth/spec/omniauth/strategies/rdio_spec.rb +5 -0
- data/oa-oauth/spec/omniauth/strategies/salesforce_spec.rb +5 -0
- data/oa-oauth/spec/omniauth/strategies/smug_mug_spec.rb +5 -0
- data/oa-oauth/spec/omniauth/strategies/sound_cloud_spec.rb +5 -0
- data/oa-oauth/spec/omniauth/strategies/t163_spec.rb +5 -0
- data/oa-oauth/spec/omniauth/strategies/teambox_spec.rb +5 -0
- data/oa-oauth/spec/omniauth/strategies/thirty_seven_signals_spec.rb +5 -0
- data/oa-oauth/spec/omniauth/strategies/trade_me_spec.rb +5 -0
- data/oa-oauth/spec/omniauth/strategies/trip_it_spec.rb +5 -0
- data/oa-oauth/spec/omniauth/strategies/tsina_spec.rb +5 -0
- data/oa-oauth/spec/omniauth/strategies/tumblr_spec.rb +5 -0
- data/oa-oauth/spec/omniauth/strategies/twitter_spec.rb +20 -0
- data/oa-oauth/spec/omniauth/strategies/type_pad_spec.rb +5 -0
- data/oa-oauth/spec/omniauth/strategies/vimeo_spec.rb +5 -0
- data/oa-oauth/spec/omniauth/strategies/vkontakte_spec.rb +5 -0
- data/oa-oauth/spec/omniauth/strategies/yahoo_spec.rb +5 -0
- data/oa-oauth/spec/omniauth/strategies/yammer_spec.rb +5 -0
- data/oa-oauth/spec/omniauth/strategies/you_tube_spec.rb +5 -0
- data/oa-oauth/spec/spec_helper.rb +27 -0
- data/oa-oauth/spec/support/shared_examples.rb +29 -0
- data/oa-openid/.gemtest +0 -0
- data/oa-openid/.rspec +3 -0
- data/oa-openid/.yardopts +4 -0
- data/oa-openid/LICENSE +19 -0
- data/oa-openid/README.rdoc +51 -0
- data/oa-openid/Rakefile +6 -0
- data/oa-openid/lib/oa-openid.rb +1 -0
- data/oa-openid/lib/omniauth/openid.rb +59 -0
- data/oa-openid/lib/omniauth/openid/gapps.rb +32 -0
- data/oa-openid/lib/omniauth/strategies/google_apps.rb +23 -0
- data/oa-openid/lib/omniauth/strategies/open_id.rb +132 -0
- data/oa-openid/lib/omniauth/version.rb +19 -0
- data/oa-openid/oa-openid.gemspec +29 -0
- data/oa-openid/spec/omniauth/strategies/open_id_spec.rb +71 -0
- data/oa-openid/spec/spec_helper.rb +14 -0
- data/omniauth.gemspec +3 -3
- data/tasks/all.rb +134 -0
- metadata +199 -9
- data/README.rdoc +0 -17
@@ -0,0 +1,358 @@
|
|
1
|
+
require File.expand_path('../../spec_helper', __FILE__)
|
2
|
+
|
3
|
+
class ExampleStrategy
|
4
|
+
include OmniAuth::Strategy
|
5
|
+
def call(env); self.call!(env) end
|
6
|
+
attr_reader :last_env
|
7
|
+
def request_phase
|
8
|
+
@fail = fail!(options[:failure]) if options[:failure]
|
9
|
+
@last_env = env
|
10
|
+
return @fail if @fail
|
11
|
+
raise "Request Phase"
|
12
|
+
end
|
13
|
+
def callback_phase
|
14
|
+
@fail = fail!(options[:failure]) if options[:failure]
|
15
|
+
@last_env = env
|
16
|
+
return @fail if @fail
|
17
|
+
raise "Callback Phase"
|
18
|
+
end
|
19
|
+
end
|
20
|
+
|
21
|
+
def make_env(path = '/auth/test', props = {})
|
22
|
+
{
|
23
|
+
'REQUEST_METHOD' => 'GET',
|
24
|
+
'PATH_INFO' => path,
|
25
|
+
'rack.session' => {},
|
26
|
+
'rack.input' => StringIO.new('test=true')
|
27
|
+
}.merge(props)
|
28
|
+
end
|
29
|
+
|
30
|
+
describe OmniAuth::Strategy do
|
31
|
+
let(:app){ lambda{|env| [404, {}, ['Awesome']]}}
|
32
|
+
describe '#initialize' do
|
33
|
+
context 'options extraction' do
|
34
|
+
it 'should be the last argument if the last argument is a Hash' do
|
35
|
+
ExampleStrategy.new(app, 'test', :abc => 123).options[:abc].should == 123
|
36
|
+
end
|
37
|
+
|
38
|
+
it 'should be a blank hash if none are provided' do
|
39
|
+
ExampleStrategy.new(app, 'test').options.should == {}
|
40
|
+
end
|
41
|
+
end
|
42
|
+
end
|
43
|
+
|
44
|
+
describe '#full_host' do
|
45
|
+
let(:strategy){ ExampleStrategy.new(app, 'test', {}) }
|
46
|
+
it 'should not freak out if there is a pipe in the URL' do
|
47
|
+
strategy.call!(make_env('/whatever', 'rack.url_scheme' => 'http', 'SERVER_NAME' => 'facebook.lame', 'QUERY_STRING' => 'code=asofibasf|asoidnasd', 'SCRIPT_NAME' => '', 'SERVER_PORT' => 80))
|
48
|
+
lambda{ strategy.full_host }.should_not raise_error
|
49
|
+
end
|
50
|
+
end
|
51
|
+
|
52
|
+
describe '#call' do
|
53
|
+
let(:strategy){ ExampleStrategy.new(app, 'test', @options) }
|
54
|
+
|
55
|
+
context 'omniauth.origin' do
|
56
|
+
it 'should be set on the request phase' do
|
57
|
+
lambda{ strategy.call(make_env('/auth/test', 'HTTP_REFERER' => 'http://example.com/origin')) }.should raise_error("Request Phase")
|
58
|
+
strategy.last_env['rack.session']['omniauth.origin'].should == 'http://example.com/origin'
|
59
|
+
end
|
60
|
+
|
61
|
+
it 'should be turned into an env variable on the callback phase' do
|
62
|
+
lambda{ strategy.call(make_env('/auth/test/callback', 'rack.session' => {'omniauth.origin' => 'http://example.com/origin'})) }.should raise_error("Callback Phase")
|
63
|
+
strategy.last_env['omniauth.origin'].should == 'http://example.com/origin'
|
64
|
+
end
|
65
|
+
|
66
|
+
it 'should set from the params if provided' do
|
67
|
+
lambda{ strategy.call(make_env('/auth/test', 'QUERY_STRING' => 'origin=/foo')) }.should raise_error('Request Phase')
|
68
|
+
strategy.last_env['rack.session']['omniauth.origin'].should == '/foo'
|
69
|
+
end
|
70
|
+
|
71
|
+
it 'should be set on the failure env' do
|
72
|
+
OmniAuth.config.should_receive(:on_failure).and_return(lambda{|env| env})
|
73
|
+
@options = {:failure => :forced_fail}
|
74
|
+
strategy.call(make_env('/auth/test/callback', 'rack.session' => {'omniauth.origin' => '/awesome'}))
|
75
|
+
end
|
76
|
+
|
77
|
+
context "with script_name" do
|
78
|
+
it 'should be set on the request phase, containing full path' do
|
79
|
+
env = {'HTTP_REFERER' => 'http://example.com/sub_uri/origin', 'SCRIPT_NAME' => '/sub_uri' }
|
80
|
+
lambda{ strategy.call(make_env('/auth/test', env)) }.should raise_error("Request Phase")
|
81
|
+
strategy.last_env['rack.session']['omniauth.origin'].should == 'http://example.com/sub_uri/origin'
|
82
|
+
end
|
83
|
+
|
84
|
+
it 'should be turned into an env variable on the callback phase, containing full path' do
|
85
|
+
env = {
|
86
|
+
'rack.session' => {'omniauth.origin' => 'http://example.com/sub_uri/origin'},
|
87
|
+
'SCRIPT_NAME' => '/sub_uri'
|
88
|
+
}
|
89
|
+
|
90
|
+
lambda{ strategy.call(make_env('/auth/test/callback', env)) }.should raise_error("Callback Phase")
|
91
|
+
strategy.last_env['omniauth.origin'].should == 'http://example.com/sub_uri/origin'
|
92
|
+
end
|
93
|
+
|
94
|
+
end
|
95
|
+
end
|
96
|
+
|
97
|
+
context 'default paths' do
|
98
|
+
it 'should use the default request path' do
|
99
|
+
lambda{ strategy.call(make_env) }.should raise_error("Request Phase")
|
100
|
+
end
|
101
|
+
|
102
|
+
it 'should be case insensitive on request path' do
|
103
|
+
lambda{ strategy.call(make_env('/AUTH/Test'))}.should raise_error("Request Phase")
|
104
|
+
end
|
105
|
+
|
106
|
+
it 'should be case insensitive on callback path' do
|
107
|
+
lambda{ strategy.call(make_env('/AUTH/TeSt/CaLlBAck'))}.should raise_error("Callback Phase")
|
108
|
+
end
|
109
|
+
|
110
|
+
it 'should use the default callback path' do
|
111
|
+
lambda{ strategy.call(make_env('/auth/test/callback')) }.should raise_error("Callback Phase")
|
112
|
+
end
|
113
|
+
|
114
|
+
it 'should strip trailing spaces on request' do
|
115
|
+
lambda{ strategy.call(make_env('/auth/test/')) }.should raise_error("Request Phase")
|
116
|
+
end
|
117
|
+
|
118
|
+
it 'should strip trailing spaces on callback' do
|
119
|
+
lambda{ strategy.call(make_env('/auth/test/callback/')) }.should raise_error("Callback Phase")
|
120
|
+
end
|
121
|
+
|
122
|
+
context 'callback_url' do
|
123
|
+
it 'uses the default callback_path' do
|
124
|
+
strategy.should_receive(:full_host).and_return('http://example.com')
|
125
|
+
|
126
|
+
lambda{ strategy.call(make_env) }.should raise_error("Request Phase")
|
127
|
+
|
128
|
+
strategy.callback_url.should == 'http://example.com/auth/test/callback'
|
129
|
+
end
|
130
|
+
|
131
|
+
it 'preserves the query parameters' do
|
132
|
+
strategy.stub(:full_host).and_return('http://example.com')
|
133
|
+
begin
|
134
|
+
strategy.call(make_env('/auth/test', 'QUERY_STRING' => 'id=5'))
|
135
|
+
rescue RuntimeError; end
|
136
|
+
strategy.callback_url.should == 'http://example.com/auth/test/callback?id=5'
|
137
|
+
end
|
138
|
+
|
139
|
+
it 'consider script name' do
|
140
|
+
strategy.stub(:full_host).and_return('http://example.com')
|
141
|
+
begin
|
142
|
+
strategy.call(make_env('/auth/test', 'SCRIPT_NAME' => '/sub_uri'))
|
143
|
+
rescue RuntimeError; end
|
144
|
+
strategy.callback_url.should == 'http://example.com/sub_uri/auth/test/callback'
|
145
|
+
end
|
146
|
+
end
|
147
|
+
end
|
148
|
+
|
149
|
+
context 'pre-request call through' do
|
150
|
+
subject { ExampleStrategy.new(app, 'test') }
|
151
|
+
let(:app){ lambda{|env| env['omniauth.boom'] = true; [env['test.status'] || 404, {}, ['Whatev']] } }
|
152
|
+
it 'should be able to modify the env on the fly before the request_phase' do
|
153
|
+
lambda{ subject.call(make_env) }.should raise_error("Request Phase")
|
154
|
+
subject.response.status.should == 404
|
155
|
+
subject.last_env.should be_key('omniauth.boom')
|
156
|
+
end
|
157
|
+
|
158
|
+
it 'should call through to the app instead if a non-404 response is received' do
|
159
|
+
lambda{ subject.call(make_env('/auth/test', 'test.status' => 200)) }.should_not raise_error
|
160
|
+
subject.response.body.should == ['Whatev']
|
161
|
+
end
|
162
|
+
end
|
163
|
+
|
164
|
+
context 'custom paths' do
|
165
|
+
it 'should use a custom request_path if one is provided' do
|
166
|
+
@options = {:request_path => '/awesome'}
|
167
|
+
lambda{ strategy.call(make_env('/awesome')) }.should raise_error("Request Phase")
|
168
|
+
end
|
169
|
+
|
170
|
+
it 'should use a custom callback_path if one is provided' do
|
171
|
+
@options = {:callback_path => '/radical'}
|
172
|
+
lambda{ strategy.call(make_env('/radical')) }.should raise_error("Callback Phase")
|
173
|
+
end
|
174
|
+
|
175
|
+
context 'callback_url' do
|
176
|
+
it 'uses a custom callback_path if one is provided' do
|
177
|
+
@options = {:callback_path => '/radical'}
|
178
|
+
strategy.should_receive(:full_host).and_return('http://example.com')
|
179
|
+
|
180
|
+
lambda{ strategy.call(make_env('/radical')) }.should raise_error("Callback Phase")
|
181
|
+
|
182
|
+
strategy.callback_url.should == 'http://example.com/radical'
|
183
|
+
end
|
184
|
+
|
185
|
+
it 'preserves the query parameters' do
|
186
|
+
@options = {:callback_path => '/radical'}
|
187
|
+
strategy.stub(:full_host).and_return('http://example.com')
|
188
|
+
begin
|
189
|
+
strategy.call(make_env('/auth/test', 'QUERY_STRING' => 'id=5'))
|
190
|
+
rescue RuntimeError; end
|
191
|
+
strategy.callback_url.should == 'http://example.com/radical?id=5'
|
192
|
+
end
|
193
|
+
end
|
194
|
+
end
|
195
|
+
|
196
|
+
context 'custom prefix' do
|
197
|
+
before do
|
198
|
+
@options = {:path_prefix => '/wowzers'}
|
199
|
+
end
|
200
|
+
|
201
|
+
it 'should use a custom prefix for request' do
|
202
|
+
lambda{ strategy.call(make_env('/wowzers/test')) }.should raise_error("Request Phase")
|
203
|
+
end
|
204
|
+
|
205
|
+
it 'should use a custom prefix for callback' do
|
206
|
+
lambda{ strategy.call(make_env('/wowzers/test/callback')) }.should raise_error("Callback Phase")
|
207
|
+
end
|
208
|
+
|
209
|
+
context 'callback_url' do
|
210
|
+
it 'uses a custom prefix' do
|
211
|
+
strategy.should_receive(:full_host).and_return('http://example.com')
|
212
|
+
|
213
|
+
lambda{ strategy.call(make_env('/wowzers/test')) }.should raise_error("Request Phase")
|
214
|
+
|
215
|
+
strategy.callback_url.should == 'http://example.com/wowzers/test/callback'
|
216
|
+
end
|
217
|
+
|
218
|
+
it 'preserves the query parameters' do
|
219
|
+
strategy.stub(:full_host).and_return('http://example.com')
|
220
|
+
begin
|
221
|
+
strategy.call(make_env('/auth/test', 'QUERY_STRING' => 'id=5'))
|
222
|
+
rescue RuntimeError; end
|
223
|
+
strategy.callback_url.should == 'http://example.com/wowzers/test/callback?id=5'
|
224
|
+
end
|
225
|
+
end
|
226
|
+
end
|
227
|
+
|
228
|
+
context 'request method restriction' do
|
229
|
+
before do
|
230
|
+
OmniAuth.config.allowed_request_methods = [:post]
|
231
|
+
end
|
232
|
+
|
233
|
+
it 'should not allow a request method of the wrong type' do
|
234
|
+
lambda{ strategy.call(make_env)}.should_not raise_error
|
235
|
+
end
|
236
|
+
|
237
|
+
it 'should allow a request method of the correct type' do
|
238
|
+
lambda{ strategy.call(make_env('/auth/test', 'REQUEST_METHOD' => 'POST'))}.should raise_error("Request Phase")
|
239
|
+
end
|
240
|
+
|
241
|
+
after do
|
242
|
+
OmniAuth.config.allowed_request_methods = [:get, :post]
|
243
|
+
end
|
244
|
+
end
|
245
|
+
|
246
|
+
context 'test mode' do
|
247
|
+
before do
|
248
|
+
OmniAuth.config.test_mode = true
|
249
|
+
end
|
250
|
+
|
251
|
+
it 'should short circuit the request phase entirely' do
|
252
|
+
response = strategy.call(make_env)
|
253
|
+
response[0].should == 302
|
254
|
+
response[1]['Location'].should == '/auth/test/callback'
|
255
|
+
end
|
256
|
+
|
257
|
+
it 'should be case insensitive on request path' do
|
258
|
+
strategy.call(make_env('/AUTH/Test'))[0].should == 302
|
259
|
+
end
|
260
|
+
|
261
|
+
it 'should be case insensitive on callback path' do
|
262
|
+
strategy.call(make_env('/AUTH/TeSt/CaLlBAck')).should == strategy.call(make_env('/auth/test/callback'))
|
263
|
+
end
|
264
|
+
|
265
|
+
it 'should not short circuit requests outside of authentication' do
|
266
|
+
strategy.call(make_env('/')).should == app.call(make_env('/'))
|
267
|
+
end
|
268
|
+
|
269
|
+
it 'should respond with the default hash if none is set' do
|
270
|
+
strategy.call make_env('/auth/test/callback')
|
271
|
+
strategy.env['omniauth.auth']['uid'].should == '1234'
|
272
|
+
end
|
273
|
+
|
274
|
+
it 'should respond with a provider-specific hash if one is set' do
|
275
|
+
OmniAuth.config.mock_auth[:test] = {
|
276
|
+
'uid' => 'abc'
|
277
|
+
}
|
278
|
+
|
279
|
+
strategy.call make_env('/auth/test/callback')
|
280
|
+
strategy.env['omniauth.auth']['uid'].should == 'abc'
|
281
|
+
end
|
282
|
+
|
283
|
+
it 'should simulate login failure if mocked data is set as a symbol' do
|
284
|
+
OmniAuth.config.mock_auth[:test] = :invalid_credentials
|
285
|
+
|
286
|
+
strategy.call make_env('/auth/test/callback')
|
287
|
+
strategy.env['omniauth.error.type'].should == :invalid_credentials
|
288
|
+
end
|
289
|
+
|
290
|
+
it 'should set omniauth.origin on the request phase' do
|
291
|
+
strategy.call(make_env('/auth/test', 'HTTP_REFERER' => 'http://example.com/origin'))
|
292
|
+
strategy.env['rack.session']['omniauth.origin'].should == 'http://example.com/origin'
|
293
|
+
end
|
294
|
+
|
295
|
+
it 'should set omniauth.origin from the params if provided' do
|
296
|
+
strategy.call(make_env('/auth/test', 'QUERY_STRING' => 'origin=/foo'))
|
297
|
+
strategy.env['rack.session']['omniauth.origin'].should == '/foo'
|
298
|
+
end
|
299
|
+
|
300
|
+
it 'should turn omniauth.origin into an env variable on the callback phase' do
|
301
|
+
OmniAuth.config.mock_auth[:test] = {}
|
302
|
+
|
303
|
+
strategy.call(make_env('/auth/test/callback', 'rack.session' => {'omniauth.origin' => 'http://example.com/origin'}))
|
304
|
+
strategy.env['omniauth.origin'].should == 'http://example.com/origin'
|
305
|
+
end
|
306
|
+
end
|
307
|
+
|
308
|
+
context 'custom full_host' do
|
309
|
+
it 'should be the string when a string is there' do
|
310
|
+
OmniAuth.config.full_host = 'my.host.com'
|
311
|
+
strategy.full_host.should == 'my.host.com'
|
312
|
+
end
|
313
|
+
|
314
|
+
it 'should run the proc with the env when it is a proc' do
|
315
|
+
OmniAuth.config.full_host = Proc.new{|env| env['HOST']}
|
316
|
+
strategy.call(make_env('/auth/test', 'HOST' => 'my.host.net'))
|
317
|
+
strategy.full_host.should == 'my.host.net'
|
318
|
+
end
|
319
|
+
end
|
320
|
+
end
|
321
|
+
|
322
|
+
context 'setup phase' do
|
323
|
+
context 'when options[:setup] = true' do
|
324
|
+
let(:strategy){ ExampleStrategy.new(app, 'test', :setup => true) }
|
325
|
+
let(:app){lambda{|env| env['omniauth.strategy'].options[:awesome] = 'sauce' if env['PATH_INFO'] == '/auth/test/setup'; [404, {}, 'Awesome'] }}
|
326
|
+
|
327
|
+
it 'should call through to /auth/:provider/setup' do
|
328
|
+
strategy.call(make_env('/auth/test'))
|
329
|
+
strategy.options[:awesome].should == 'sauce'
|
330
|
+
end
|
331
|
+
|
332
|
+
it 'should not call through on a non-omniauth endpoint' do
|
333
|
+
strategy.call(make_env('/somewhere/else'))
|
334
|
+
strategy.options[:awesome].should_not == 'sauce'
|
335
|
+
end
|
336
|
+
end
|
337
|
+
|
338
|
+
context 'when options[:setup] is an app' do
|
339
|
+
let(:setup_proc) do
|
340
|
+
Proc.new do |env|
|
341
|
+
env['omniauth.strategy'].options[:awesome] = 'sauce'
|
342
|
+
end
|
343
|
+
end
|
344
|
+
|
345
|
+
let(:strategy){ ExampleStrategy.new(app, 'test', :setup => setup_proc) }
|
346
|
+
|
347
|
+
it 'should not call the app on a non-omniauth endpoint' do
|
348
|
+
strategy.call(make_env('/somehwere/else'))
|
349
|
+
strategy.options[:awesome].should_not == 'sauce'
|
350
|
+
end
|
351
|
+
|
352
|
+
it 'should call the rack app' do
|
353
|
+
strategy.call(make_env('/auth/test'))
|
354
|
+
strategy.options[:awesome].should == 'sauce'
|
355
|
+
end
|
356
|
+
end
|
357
|
+
end
|
358
|
+
end
|
@@ -0,0 +1,12 @@
|
|
1
|
+
require 'simplecov'
|
2
|
+
SimpleCov.start
|
3
|
+
require 'rspec'
|
4
|
+
require 'rack/test'
|
5
|
+
require 'omniauth/core'
|
6
|
+
require 'omniauth/test'
|
7
|
+
|
8
|
+
RSpec.configure do |config|
|
9
|
+
config.include Rack::Test::Methods
|
10
|
+
config.extend OmniAuth::Test::StrategyMacros, :type => :strategy
|
11
|
+
end
|
12
|
+
|
File without changes
|
@@ -0,0 +1,19 @@
|
|
1
|
+
Copyright (c) 2010-2011 Michael Bleigh and Intridea, Inc.
|
2
|
+
|
3
|
+
Permission is hereby granted, free of charge, to any person obtaining a copy
|
4
|
+
of this software and associated documentation files (the "Software"), to deal
|
5
|
+
in the Software without restriction, including without limitation the rights
|
6
|
+
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
7
|
+
copies of the Software, and to permit persons to whom the Software is
|
8
|
+
furnished to do so, subject to the following conditions:
|
9
|
+
|
10
|
+
The above copyright notice and this permission notice shall be included in
|
11
|
+
all copies or substantial portions of the Software.
|
12
|
+
|
13
|
+
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
14
|
+
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
15
|
+
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
16
|
+
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
17
|
+
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
18
|
+
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
|
19
|
+
THE SOFTWARE.
|
@@ -0,0 +1,82 @@
|
|
1
|
+
= OmniAuth::Enterprise
|
2
|
+
|
3
|
+
OmniAuth strategies for use in your intranet.
|
4
|
+
|
5
|
+
== Installation
|
6
|
+
|
7
|
+
To get just enterprise functionality:
|
8
|
+
|
9
|
+
gem install oa-enterprise
|
10
|
+
|
11
|
+
For the full auth suite:
|
12
|
+
|
13
|
+
gem install omniauth
|
14
|
+
|
15
|
+
== CAS
|
16
|
+
|
17
|
+
Use the CAS strategy as a middleware in your application:
|
18
|
+
|
19
|
+
require 'omniauth/enterprise'
|
20
|
+
|
21
|
+
use OmniAuth::Strategies::CAS, :server => 'http://cas.mycompany.com/cas'
|
22
|
+
|
23
|
+
Then simply direct users to '/auth/cas' to have them sign in via your company's CAS server.
|
24
|
+
See OmniAuth::Strategies::CAS::Configuration for more configuration options.
|
25
|
+
|
26
|
+
== LDAP
|
27
|
+
|
28
|
+
Use the LDAP strategy as a middleware in your application:
|
29
|
+
|
30
|
+
require 'omniauth/enterprise'
|
31
|
+
use OmniAuth::Strategies::LDAP,
|
32
|
+
:title => "My LDAP",
|
33
|
+
:host => '10.101.10.1',
|
34
|
+
:port => 389,
|
35
|
+
:method => :plain,
|
36
|
+
:base => 'dc=intridea, dc=com',
|
37
|
+
:uid => 'sAMAccountName',
|
38
|
+
:name_proc => Proc.new {|name| name.gsub(/@.*$/,'')}
|
39
|
+
:bind_dn => 'default_bind_dn'
|
40
|
+
:password => 'password'
|
41
|
+
|
42
|
+
All of the listed options are required, with the exception of :name_proc, :bind_dn, and :password
|
43
|
+
Allowed values of :method are: :plain, :ssl, :tls.
|
44
|
+
|
45
|
+
:bind_dn and :password are used to perform the initial binding if user lookup is
|
46
|
+
needed. If the user lookup returns result, the DN attribute from the result set is used
|
47
|
+
to perform the final binding. This is needed only when the LDAP server requires
|
48
|
+
DN to be used for binding and you may only want user to using email or username
|
49
|
+
in the login form.
|
50
|
+
|
51
|
+
:uid is the LDAP attribute name for the user name in the login form. typically
|
52
|
+
AD would be 'sAMAccountName' or 'UserPrincipalName', while OpenLDAP is 'uid'.
|
53
|
+
You can also use 'dn', if your user choose the put in the dn in the login form
|
54
|
+
(but usually is too long for user to remember or know).
|
55
|
+
|
56
|
+
:name_proc allows you to match the user name entered with the format of the
|
57
|
+
:uid attributes. For example, value of 'sAMAccountName' in AD contains only the
|
58
|
+
windows user name. If your user prefers use email to login, a name_proc as
|
59
|
+
above will trim the email string down to just the windows name. In summary,
|
60
|
+
:name_proc helps you to fill the gap between the authentication and user lookup
|
61
|
+
process.
|
62
|
+
|
63
|
+
:try_sasl and :sasl_mechanisms are optional. Use them to initialize a SASL
|
64
|
+
connection to server. Allowed values are 'DIGEST-MD5' and 'GSS-SPNEGO'. If you
|
65
|
+
are not familiar with these authentication methods, please just avoid them.
|
66
|
+
|
67
|
+
Direct users to '/auth/ldap' to have them authenticated via your
|
68
|
+
company's LDAP server.
|
69
|
+
|
70
|
+
== Multiple Strategies
|
71
|
+
|
72
|
+
If you're using multiple strategies together, use OmniAuth's Builder. That's
|
73
|
+
what it's there for:
|
74
|
+
|
75
|
+
require 'omniauth/enterprise'
|
76
|
+
require 'omniauth/oauth' # for Campfire
|
77
|
+
require 'openid/store/filesystem'
|
78
|
+
|
79
|
+
use OmniAuth::Builder do
|
80
|
+
provider :cas, :server => 'http://cas.mycompany.com/cas'
|
81
|
+
provider :campfire
|
82
|
+
end
|