omniauth 1.1.4 → 1.2.1

data/lib/omniauth/auth_hash.rb

@@ -6,7 +6,9 @@ module OmniAuth
   # is able to provide into the InfoHash (stored as the `'info'`
   # key).
   class AuthHash < Hashie::Mash
-    def self.subkey_class; Hashie::Mash end
+    def self.subkey_class
+      Hashie::Mash
+    end
 
     # Tells you if this is considered to be a valid
     # OmniAuth AuthHash. The requirements for that
@@ -25,7 +27,9 @@ module OmniAuth
     end
 
     class InfoHash < Hashie::Mash
-      def self.subkey_class; Hashie::Mash end
+      def self.subkey_class
+        Hashie::Mash
+      end
 
       def name
         return self[:name] if self[:name]
@@ -35,11 +39,10 @@ module OmniAuth
         nil
       end
 
-      def name?; !!name end
-
-      def valid?
-        name?
+      def name?
+        !!name
       end
+      alias_method :valid?, :name?
 
       def to_hash
         hash = super

data/lib/omniauth/builder.rb

@@ -1,5 +1,3 @@
-require 'omniauth'
-
 module OmniAuth
   class Builder < ::Rack::Builder
     def initialize(app, &block)
@@ -21,6 +19,18 @@ module OmniAuth
       OmniAuth.config.on_failure = block
     end
 
+    def before_options_phase(&block)
+      OmniAuth.config.before_options_phase = block
+    end
+
+    def before_request_phase(&block)
+      OmniAuth.config.before_request_phase = block
+    end
+
+    def before_callback_phase(&block)
+      OmniAuth.config.before_callback_phase = block
+    end
+
     def configure(&block)
       OmniAuth.configure(&block)
     end

data/lib/omniauth/failure_endpoint.rb

@@ -17,27 +17,27 @@ module OmniAuth
     end
 
     def call
-      raise_out! if ENV['RACK_ENV'].to_s == 'development'
+      raise_out! if OmniAuth.config.failure_raise_out_environments.include?(ENV['RACK_ENV'].to_s)
       redirect_to_failure
     end
 
     def raise_out!
-      raise env['omniauth.error'] || OmniAuth::Error.new(env['omniauth.error.type'])
+      fail(env['omniauth.error'] || OmniAuth::Error.new(env['omniauth.error.type']))
     end
 
     def redirect_to_failure
       message_key = env['omniauth.error.type']
       new_path = "#{env['SCRIPT_NAME']}#{OmniAuth.config.path_prefix}/failure?message=#{message_key}#{origin_query_param}#{strategy_name_query_param}"
-      Rack::Response.new(["302 Moved"], 302, 'Location' => new_path).finish
+      Rack::Response.new(['302 Moved'], 302, 'Location' => new_path).finish
     end
 
     def strategy_name_query_param
-      return "" unless env['omniauth.error.strategy']
+      return '' unless env['omniauth.error.strategy']
       "&strategy=#{env['omniauth.error.strategy'].name}"
     end
 
     def origin_query_param
-      return "" unless env['omniauth.origin']
+      return '' unless env['omniauth.origin']
       "&origin=#{Rack::Utils.escape(env['omniauth.origin'])}"
     end
   end

data/lib/omniauth/form.css

@@ -0,0 +1,81 @@
+body {
+  background: #ccc;
+  font-family: "Lucida Grande", "Lucida Sans", Helvetica, Arial, sans-serif;
+}
+
+h1 {
+  text-align: center;
+  margin: 30px auto 0px;
+  font-size: 18px;
+  padding: 10px 10px 15px;
+  background: #555;
+  color: white;
+  width: 320px;
+  border: 10px solid #444;
+  border-bottom: 0;
+  -moz-border-radius-topleft: 10px;
+  -moz-border-radius-topright: 10px;
+  -webkit-border-top-left-radius: 10px;
+  -webkit-border-top-right-radius: 10px;
+  border-top-left-radius: 10px;
+  border-top-right-radius: 10px;
+}
+
+h1, form {
+  -moz-box-shadow: 2px 2px 7px rgba(0,0,0,0.3);
+  -webkit-box-shadow: 2px 2px 7px rgba(0,0,0,0.3);
+}
+
+form {
+  background: white;
+  border: 10px solid #eee;
+  border-top: 0;
+  padding: 20px;
+  margin: 0px auto 40px;
+  width: 300px;
+  -moz-border-radius-bottomleft: 10px;
+  -moz-border-radius-bottomright: 10px;
+  -webkit-border-bottom-left-radius: 10px;
+  -webkit-border-bottom-right-radius: 10px;
+  border-bottom-left-radius: 10px;
+  border-bottom-right-radius: 10px;
+}
+
+label {
+  display: block;
+  font-weight: bold;
+  margin-bottom: 5px;
+}
+
+input {
+  font-size: 18px;
+  padding: 4px 8px;
+  display: block;
+  margin-bottom: 10px;
+  width: 280px;
+}
+
+input#identifier, input#openid_url {
+  background: url(http://openid.net/login-bg.gif) no-repeat;
+  background-position: 0 50%;
+  padding-left: 18px;
+}
+
+button {
+  font-size: 22px;
+  padding: 4px 8px;
+  display: block;
+  margin: 20px auto 0;
+}
+
+fieldset {
+  border: 1px solid #ccc;
+  border-left: 0;
+  border-right: 0;
+  padding: 10px 0;
+}
+
+fieldset input {
+  width: 260px;
+  font-size: 16px;
+}

data/lib/omniauth/form.rb

@@ -1,105 +1,21 @@
-require 'omniauth'
-
 module OmniAuth
-  class Form
-    DEFAULT_CSS = <<-CSS
-    body {
-      background: #ccc;
-      font-family: "Lucida Grande", "Lucida Sans", Helvetica, Arial, sans-serif;
-    }
-
-    h1 {
-      text-align: center;
-      margin: 30px auto 0px;
-      font-size: 18px;
-      padding: 10px 10px 15px;
-      background: #555;
-      color: white;
-      width: 320px;
-      border: 10px solid #444;
-      border-bottom: 0;
-      -moz-border-radius-topleft: 10px;
-      -moz-border-radius-topright: 10px;
-      -webkit-border-top-left-radius: 10px;
-      -webkit-border-top-right-radius: 10px;
-      border-top-left-radius: 10px;
-      border-top-right-radius: 10px;
-    }
-
-    h1, form {
-      -moz-box-shadow: 2px 2px 7px rgba(0,0,0,0.3);
-      -webkit-box-shadow: 2px 2px 7px rgba(0,0,0,0.3);
-    }
-
-    form {
-      background: white;
-      border: 10px solid #eee;
-      border-top: 0;
-      padding: 20px;
-      margin: 0px auto 40px;
-      width: 300px;
-      -moz-border-radius-bottomleft: 10px;
-      -moz-border-radius-bottomright: 10px;
-      -webkit-border-bottom-left-radius: 10px;
-      -webkit-border-bottom-right-radius: 10px;
-      border-bottom-left-radius: 10px;
-      border-bottom-right-radius: 10px;
-    }
-
-    label {
-      display: block;
-      font-weight: bold;
-      margin-bottom: 5px;
-    }
-
-    input {
-      font-size: 18px;
-      padding: 4px 8px;
-      display: block;
-      margin-bottom: 10px;
-      width: 280px;
-    }
-
-    input#identifier, input#openid_url {
-      background: url(http://openid.net/login-bg.gif) no-repeat;
-      background-position: 0 50%;
-      padding-left: 18px;
-    }
-
-    button {
-      font-size: 22px;
-      padding: 4px 8px;
-      display: block;
-      margin: 20px auto 0;
-    }
-
-    fieldset {
-      border: 1px solid #ccc;
-      border-left: 0;
-      border-right: 0;
-      padding: 10px 0;
-    }
-
-    fieldset input {
-      width: 260px;
-      font-size: 16px;
-    }
-    CSS
+  class Form # rubocop:disable ClassLength
+    DEFAULT_CSS = File.read(File.expand_path('../form.css', __FILE__))
 
     attr_accessor :options
 
     def initialize(options = {})
-      options[:title] ||= "Authentication Info Required"
-      options[:header_info] ||= ""
+      options[:title] ||= 'Authentication Info Required'
+      options[:header_info] ||= ''
       self.options = options
 
-      @html = ""
+      @html = ''
       @with_custom_button = false
       @footer = nil
-      header(options[:title],options[:header_info])
+      header(options[:title], options[:header_info])
     end
 
-    def self.build(options = {},&block)
+    def self.build(options = {}, &block)
       form = OmniAuth::Form.new(options)
       if block.arity > 0
         yield form
@@ -142,12 +58,12 @@ module OmniAuth
 
     def fieldset(legend, options = {}, &block)
       @html << "\n<fieldset#{" style='#{options[:style]}'" if options[:style]}#{" id='#{options[:id]}'" if options[:id]}>\n  <legend>#{legend}</legend>\n"
-      self.instance_eval(&block)
+      instance_eval(&block)
       @html << "\n</fieldset>"
       self
     end
 
-    def header(title,header_info)
+    def header(title, header_info)
       @html << <<-HTML
       <!DOCTYPE html>
       <html>
@@ -183,10 +99,10 @@ module OmniAuth
 
     def to_response
       footer
-      Rack::Response.new(@html, 200, {"content-type" => "text/html"}).finish
+      Rack::Response.new(@html, 200, 'content-type' => 'text/html').finish
     end
 
-    protected
+  protected
 
     def css
       "\n<style type='text/css'>#{OmniAuth.config.form_css}</style>"

data/lib/omniauth/strategies/developer.rb

@@ -1,5 +1,3 @@
-require 'omniauth'
-
 module OmniAuth
   module Strategies
     # The Developer strategy is a very simple strategy that can be used as a
@@ -37,11 +35,11 @@ module OmniAuth
       option :uid_field, :email
 
       def request_phase
-        form = OmniAuth::Form.new(:title => "User Info", :url => callback_path)
+        form = OmniAuth::Form.new(:title => 'User Info', :url => callback_path)
         options.fields.each do |field|
-          form.text_field field.to_s.capitalize.gsub("_", " "), field.to_s
+          form.text_field field.to_s.capitalize.gsub('_', ' '), field.to_s
         end
-        form.button "Sign In"
+        form.button 'Sign In'
         form.to_response
       end
 

data/lib/omniauth/strategy.rb

@@ -1,4 +1,3 @@
-require 'omniauth'
 require 'hashie/mash'
 
 module OmniAuth
@@ -85,7 +84,7 @@ module OmniAuth
           return
         end
         existing = superclass.respond_to?(:args) ? superclass.args : []
-        return (instance_variable_defined?(:@args) && @args) || existing
+        (instance_variable_defined?(:@args) && @args) || existing
       end
 
       %w(uid info extra credentials).each do |fetcher|
@@ -136,11 +135,12 @@ module OmniAuth
       options.name ||= self.class.to_s.split('::').last.downcase
 
       self.class.args.each do |arg|
+        break if args.empty?
         options[arg] = args.shift
       end
 
       # Make sure that all of the args have been dealt with, otherwise error out.
-      raise ArgumentError, "Received wrong number of arguments. #{args.inspect}" unless args.empty?
+      fail(ArgumentError, "Received wrong number of arguments. #{args.inspect}") unless args.empty?
 
       yield options if block_given?
     end
@@ -169,14 +169,16 @@ module OmniAuth
     # the request path is recognized.
     #
     # @param env [Hash] The Rack environment.
-    def call!(env)
-      raise OmniAuth::NoSessionError.new("You must provide a session to use OmniAuth.") unless env['rack.session']
+    def call!(env) # rubocop:disable CyclomaticComplexity
+      unless env['rack.session']
+        error = OmniAuth::NoSessionError.new('You must provide a session to use OmniAuth.')
+        fail(error)
+      end
 
       @env = env
       @env['omniauth.strategy'] = self if on_auth_path?
 
       return mock_call!(env) if OmniAuth.config.test_mode
-
       return options_call if on_auth_path? && options_request?
       return request_call if on_request_path? && OmniAuth.config.allowed_request_methods.include?(request.request_method.downcase.to_sym)
       return callback_call if on_callback_path?
@@ -186,24 +188,23 @@ module OmniAuth
 
     # Responds to an OPTIONS request.
     def options_call
-      verbs = OmniAuth.config.allowed_request_methods.map(&:to_s).map(&:upcase).join(', ')
-      return [ 200, { 'Allow' => verbs }, [] ]
+      OmniAuth.config.before_options_phase.call(env) if OmniAuth.config.before_options_phase
+      verbs = OmniAuth.config.allowed_request_methods.collect(&:to_s).collect(&:upcase).join(', ')
+      [200, {'Allow' => verbs}, []]
     end
 
     # Performs the steps necessary to run the request phase of a strategy.
-    def request_call
+    def request_call # rubocop:disable CyclomaticComplexity, MethodLength
       setup_phase
-
-      log :info, "Request phase initiated."
-
-      #store query params from the request url, extracted in the callback_phase
+      log :info, 'Request phase initiated.'
+      # store query params from the request url, extracted in the callback_phase
       session['omniauth.params'] = request.params
-
+      OmniAuth.config.before_request_phase.call(env) if OmniAuth.config.before_request_phase
       if options.form.respond_to?(:call)
-        log :info, "Rendering form from supplied Rack endpoint."
+        log :info, 'Rendering form from supplied Rack endpoint.'
         options.form.call(env)
       elsif options.form
-        log :info, "Rendering form from underlying application."
+        log :info, 'Rendering form from underlying application.'
         call_app!
       else
         if request.params['origin']
@@ -218,11 +219,11 @@ module OmniAuth
     # Performs the steps necessary to run the callback phase of a strategy.
     def callback_call
       setup_phase
-
-      log :info, "Callback phase initiated."
+      log :info, 'Callback phase initiated.'
       @env['omniauth.origin'] = session.delete('omniauth.origin')
       @env['omniauth.origin'] = nil if env['omniauth.origin'] == ''
       @env['omniauth.params'] = session.delete('omniauth.params') || {}
+      OmniAuth.config.before_callback_phase.call(@env) if OmniAuth.config.before_callback_phase
       callback_phase
     end
 
@@ -241,11 +242,7 @@ module OmniAuth
     end
 
     def on_callback_path?
-      if options.callback_path.respond_to?(:call)
-        options.callback_path.call(env)
-      else
-        on_path?(callback_path)
-      end
+      on_path?(callback_path)
     end
 
     def on_path?(path)
@@ -269,13 +266,14 @@ module OmniAuth
       setup_phase
 
       session['omniauth.params'] = request.params
-
+      OmniAuth.config.before_request_phase.call(env) if OmniAuth.config.before_request_phase
       if request.params['origin']
         @env['rack.session']['omniauth.origin'] = request.params['origin']
       elsif env['HTTP_REFERER'] && !env['HTTP_REFERER'].match(/#{request_path}$/)
         @env['rack.session']['omniauth.origin'] = env['HTTP_REFERER']
       end
-      redirect(script_name + callback_path + query_string)
+
+      redirect(callback_url)
     end
 
     def mock_callback_call
@@ -288,6 +286,7 @@ module OmniAuth
         @env['omniauth.params'] = session.delete('omniauth.params') || {}
         @env['omniauth.origin'] = session.delete('omniauth.origin')
         @env['omniauth.origin'] = nil if env['omniauth.origin'] == ''
+        OmniAuth.config.before_callback_phase.call(@env) if OmniAuth.config.before_callback_phase
         call_app!
       end
     end
@@ -298,10 +297,10 @@ module OmniAuth
     # underlying application. This will default to `/auth/:provider/setup`.
     def setup_phase
       if options[:setup].respond_to?(:call)
-        log :info, "Setup endpoint detected, running now."
+        log :info, 'Setup endpoint detected, running now.'
         options[:setup].call(env)
       elsif options.setup?
-        log :info, "Calling through to underlying application for setup."
+        log :info, 'Calling through to underlying application for setup.'
         setup_env = env.merge('PATH_INFO' => setup_path, 'REQUEST_METHOD' => 'GET')
         call_app!(setup_env)
       end
@@ -311,7 +310,7 @@ module OmniAuth
     # perform any information gathering you need to be able to authenticate
     # the user in this phase.
     def request_phase
-      raise NotImplementedError
+      fail(NotImplementedError)
     end
 
     def uid
@@ -359,7 +358,7 @@ module OmniAuth
     end
 
     def callback_phase
-      self.env['omniauth.auth'] = auth_hash
+      env['omniauth.auth'] = auth_hash
       call_app!
     end
 
@@ -382,7 +381,11 @@ module OmniAuth
     end
 
     def callback_path
-      options[:callback_path].is_a?(String) ? options[:callback_path] : (custom_path(:request_path) || "#{path_prefix}/#{name}/callback")
+      path = options[:callback_path] if options[:callback_path].is_a?(String)
+      path ||= current_path if options[:callback_path].respond_to?(:call) && options[:callback_path].call(env)
+      path ||= custom_path(:request_path)
+      path ||= "#{path_prefix}/#{name}/callback"
+      path
     end
 
     def setup_path
@@ -390,11 +393,11 @@ module OmniAuth
     end
 
     def current_path
-      request.path_info.downcase.sub(/\/$/,'')
+      request.path_info.downcase.sub(/\/$/, '')
     end
 
     def query_string
-      request.query_string.empty? ? "" : "?#{request.query_string}"
+      request.query_string.empty? ? '' : "?#{request.query_string}"
     end
 
     def call_app!(env = @env)
@@ -403,16 +406,21 @@ module OmniAuth
 
     def full_host
       case OmniAuth.config.full_host
-        when String
-          OmniAuth.config.full_host
-        when Proc
-          OmniAuth.config.full_host.call(env)
-        else
-          uri = URI.parse(request.url.gsub(/\?.*$/,''))
+      when String
+        OmniAuth.config.full_host
+      when Proc
+        OmniAuth.config.full_host.call(env)
+      else
+        # in Rack 1.3.x, request.url explodes if scheme is nil
+        if request.scheme && request.url.match(URI::ABS_URI)
+          uri = URI.parse(request.url.gsub(/\?.*$/, ''))
           uri.path = ''
-          #sometimes the url is actually showing http inside rails because the other layers (like nginx) have handled the ssl termination.
-          uri.scheme = 'https' if ssl?
+          # sometimes the url is actually showing http inside rails because the
+          # other layers (like nginx) have handled the ssl termination.
+          uri.scheme = 'https' if ssl? # rubocop:disable BlockNesting
           uri.to_s
+        else ''
+        end
       end
     end
 
@@ -449,12 +457,14 @@ module OmniAuth
       r.finish
     end
 
-    def user_info; {} end
+    def user_info
+      {}
+    end
 
     def fail!(message_key, exception = nil)
-      self.env['omniauth.error'] = exception
-      self.env['omniauth.error.type'] = message_key.to_sym
-      self.env['omniauth.error.strategy'] = self
+      env['omniauth.error'] = exception
+      env['omniauth.error.type'] = message_key.to_sym
+      env['omniauth.error.strategy'] = self
 
       if exception
         log :error, "Authentication failure! #{message_key}: #{exception.class.to_s}, #{exception.message}"
@@ -462,16 +472,20 @@ module OmniAuth
         log :error, "Authentication failure! #{message_key} encountered."
       end
 
-      OmniAuth.config.on_failure.call(self.env)
+      OmniAuth.config.on_failure.call(env)
     end
 
     class Options < Hashie::Mash; end
 
-    protected
+  protected
 
     def merge_stack(stack)
-      stack.inject({}){|c,h| c.merge!(h); c}
+      stack.inject({}) do |a, e|
+        a.merge!(e)
+        a
+      end
     end
+
     def ssl?
       request.env['HTTPS'] == 'on' ||
       request.env['HTTP_X_FORWARDED_SSL'] == 'on' ||