omniauth 1.2.2 → 1.9.2

data/lib/omniauth/strategy.rb

@@ -1,4 +1,4 @@
-require 'hashie/mash'
+require 'omniauth/key_store'
 
 module OmniAuth
   class NoSessionError < StandardError; end
@@ -6,7 +6,7 @@ module OmniAuth
   # wrangle multiple providers. Each strategy provided by
   # OmniAuth includes this mixin to gain the default functionality
   # necessary to be compatible with the OmniAuth library.
-  module Strategy
+  module Strategy # rubocop:disable ModuleLength
     def self.included(base)
       OmniAuth.strategies << base
 
@@ -14,6 +14,7 @@ module OmniAuth
       base.class_eval do
         option :setup, false
         option :skip_info, false
+        option :origin_param, 'origin'
       end
     end
 
@@ -21,9 +22,9 @@ module OmniAuth
       # Returns an inherited set of default options set at the class-level
       # for each strategy.
       def default_options
-        return @default_options if instance_variable_defined?(:@default_options) && @default_options
+        # existing = superclass.default_options if superclass.respond_to?(:default_options)
         existing = superclass.respond_to?(:default_options) ? superclass.default_options : {}
-        @default_options = OmniAuth::Strategy::Options.new(existing)
+        @default_options ||= OmniAuth::Strategy::Options.new(existing)
       end
 
       # This allows for more declarative subclassing of strategies by allowing
@@ -87,10 +88,13 @@ module OmniAuth
         (instance_variable_defined?(:@args) && @args) || existing
       end
 
-      %w(uid info extra credentials).each do |fetcher|
-        class_eval <<-RUBY
+      %w[uid info extra credentials].each do |fetcher|
+        class_eval <<-RUBY, __FILE__, __LINE__ + 1
+          attr_reader :#{fetcher}_proc
+          private :#{fetcher}_proc
+
           def #{fetcher}(&block)
-            return @#{fetcher}_proc unless block_given?
+            return #{fetcher}_proc unless block_given?
             @#{fetcher}_proc = block
           end
 
@@ -132,15 +136,16 @@ module OmniAuth
       @options = self.class.default_options.dup
 
       options.deep_merge!(args.pop) if args.last.is_a?(Hash)
-      options.name ||= self.class.to_s.split('::').last.downcase
+      options[:name] ||= self.class.to_s.split('::').last.downcase
 
       self.class.args.each do |arg|
         break if args.empty?
+
         options[arg] = args.shift
       end
 
       # Make sure that all of the args have been dealt with, otherwise error out.
-      fail(ArgumentError.new("Received wrong number of arguments. #{args.inspect}")) unless args.empty?
+      raise(ArgumentError.new("Received wrong number of arguments. #{args.inspect}")) unless args.empty?
 
       yield options if block_given?
     end
@@ -169,10 +174,10 @@ module OmniAuth
     # the request path is recognized.
     #
     # @param env [Hash] The Rack environment.
-    def call!(env) # rubocop:disable CyclomaticComplexity
+    def call!(env) # rubocop:disable CyclomaticComplexity, PerceivedComplexity
       unless env['rack.session']
         error = OmniAuth::NoSessionError.new('You must provide a session to use OmniAuth.')
-        fail(error)
+        raise(error)
       end
 
       @env = env
@@ -183,6 +188,7 @@ module OmniAuth
       return request_call if on_request_path? && OmniAuth.config.allowed_request_methods.include?(request.request_method.downcase.to_sym)
       return callback_call if on_callback_path?
       return other_phase if respond_to?(:other_phase)
+
       @app.call(env)
     end
 
@@ -194,24 +200,29 @@ module OmniAuth
     end
 
     # Performs the steps necessary to run the request phase of a strategy.
-    def request_call # rubocop:disable CyclomaticComplexity, MethodLength
+    def request_call # rubocop:disable CyclomaticComplexity, MethodLength, PerceivedComplexity
       setup_phase
       log :info, 'Request phase initiated.'
+
       # store query params from the request url, extracted in the callback_phase
-      session['omniauth.params'] = request.params
+      session['omniauth.params'] = request.GET
       OmniAuth.config.before_request_phase.call(env) if OmniAuth.config.before_request_phase
+
       if options.form.respond_to?(:call)
         log :info, 'Rendering form from supplied Rack endpoint.'
         options.form.call(env)
       elsif options.form
         log :info, 'Rendering form from underlying application.'
         call_app!
+      elsif !options.origin_param
+        request_phase
       else
-        if request.params['origin']
-          env['rack.session']['omniauth.origin'] = request.params['origin']
+        if request.params[options.origin_param]
+          env['rack.session']['omniauth.origin'] = request.params[options.origin_param]
         elsif env['HTTP_REFERER'] && !env['HTTP_REFERER'].match(/#{request_path}$/)
           env['rack.session']['omniauth.origin'] = env['HTTP_REFERER']
         end
+
         request_phase
       end
     end
@@ -234,8 +245,8 @@ module OmniAuth
     end
 
     def on_request_path?
-      if options.request_path.respond_to?(:call)
-        options.request_path.call(env)
+      if options[:request_path].respond_to?(:call)
+        options[:request_path].call(env)
       else
         on_path?(request_path)
       end
@@ -246,7 +257,7 @@ module OmniAuth
     end
 
     def on_path?(path)
-      current_path.casecmp(path) == 0
+      current_path.casecmp(path).zero?
     end
 
     def options_request?
@@ -257,20 +268,23 @@ module OmniAuth
     # in the event that OmniAuth has been configured to be
     # in test mode.
     def mock_call!(*)
-      return mock_request_call if on_request_path?
+      return mock_request_call if on_request_path? && OmniAuth.config.allowed_request_methods.include?(request.request_method.downcase.to_sym)
       return mock_callback_call if on_callback_path?
+
       call_app!
     end
 
     def mock_request_call
       setup_phase
 
-      session['omniauth.params'] = request.params
+      session['omniauth.params'] = request.GET
       OmniAuth.config.before_request_phase.call(env) if OmniAuth.config.before_request_phase
-      if request.params['origin']
-        @env['rack.session']['omniauth.origin'] = request.params['origin']
-      elsif env['HTTP_REFERER'] && !env['HTTP_REFERER'].match(/#{request_path}$/)
-        @env['rack.session']['omniauth.origin'] = env['HTTP_REFERER']
+      if options.origin_param
+        if request.params[options.origin_param]
+          session['omniauth.origin'] = request.params[options.origin_param]
+        elsif env['HTTP_REFERER'] && !env['HTTP_REFERER'].match(/#{request_path}$/)
+          session['omniauth.origin'] = env['HTTP_REFERER']
+        end
       end
 
       redirect(callback_url)
@@ -278,14 +292,15 @@ module OmniAuth
 
     def mock_callback_call
       setup_phase
+      @env['omniauth.origin'] = session.delete('omniauth.origin')
+      @env['omniauth.origin'] = nil if env['omniauth.origin'] == ''
+      @env['omniauth.params'] = session.delete('omniauth.params') || {}
+
       mocked_auth = OmniAuth.mock_auth_for(name.to_s)
       if mocked_auth.is_a?(Symbol)
         fail!(mocked_auth)
       else
         @env['omniauth.auth'] = mocked_auth
-        @env['omniauth.params'] = session.delete('omniauth.params') || {}
-        @env['omniauth.origin'] = session.delete('omniauth.origin')
-        @env['omniauth.origin'] = nil if env['omniauth.origin'] == ''
         OmniAuth.config.before_callback_phase.call(@env) if OmniAuth.config.before_callback_phase
         call_app!
       end
@@ -299,7 +314,7 @@ module OmniAuth
       if options[:setup].respond_to?(:call)
         log :info, 'Setup endpoint detected, running now.'
         options[:setup].call(env)
-      elsif options.setup?
+      elsif options[:setup]
         log :info, 'Calling through to underlying application for setup.'
         setup_env = env.merge('PATH_INFO' => setup_path, 'REQUEST_METHOD' => 'GET')
         call_app!(setup_env)
@@ -310,7 +325,7 @@ module OmniAuth
     # perform any information gathering you need to be able to authenticate
     # the user in this phase.
     def request_phase
-      fail(NotImplementedError)
+      raise(NotImplementedError)
     end
 
     def uid
@@ -347,14 +362,10 @@ module OmniAuth
     #
     #   use MyStrategy, :skip_info => lambda{|uid| User.find_by_uid(uid)}
     def skip_info?
-      if options.skip_info?
-        if options.skip_info.respond_to?(:call)
-          return options.skip_info.call(uid)
-        else
-          return true
-        end
-      end
-      false
+      return false unless options.skip_info?
+      return true unless options.skip_info.respond_to?(:call)
+
+      options.skip_info.call(uid)
     end
 
     def callback_phase
@@ -370,6 +381,7 @@ module OmniAuth
       if options[kind].respond_to?(:call)
         result = options[kind].call(env)
         return nil unless result.is_a?(String)
+
         result
       else
         options[kind]
@@ -377,23 +389,27 @@ module OmniAuth
     end
 
     def request_path
-      options[:request_path].is_a?(String) ? options[:request_path] : "#{path_prefix}/#{name}"
+      @request_path ||= options[:request_path].is_a?(String) ? options[:request_path] : "#{path_prefix}/#{name}"
     end
 
     def callback_path
-      path = options[:callback_path] if options[:callback_path].is_a?(String)
-      path ||= current_path if options[:callback_path].respond_to?(:call) && options[:callback_path].call(env)
-      path ||= custom_path(:request_path)
-      path ||= "#{path_prefix}/#{name}/callback"
-      path
+      @callback_path ||= begin
+        path = options[:callback_path] if options[:callback_path].is_a?(String)
+        path ||= current_path if options[:callback_path].respond_to?(:call) && options[:callback_path].call(env)
+        path ||= custom_path(:request_path)
+        path ||= "#{path_prefix}/#{name}/callback"
+        path
+      end
     end
 
     def setup_path
       options[:setup_path] || "#{path_prefix}/#{name}/setup"
     end
 
+    CURRENT_PATH_REGEX = %r{/$}.freeze
+    EMPTY_STRING       = ''.freeze
     def current_path
-      request.path_info.downcase.sub(/\/$/, '')
+      @current_path ||= request.path_info.downcase.sub(CURRENT_PATH_REGEX, EMPTY_STRING)
     end
 
     def query_string
@@ -441,7 +457,7 @@ module OmniAuth
     end
 
     def name
-      options.name
+      options[:name]
     end
 
     def redirect(uri)
@@ -475,7 +491,13 @@ module OmniAuth
       OmniAuth.config.on_failure.call(env)
     end
 
-    class Options < Hashie::Mash; end
+    def dup
+      super.tap do
+        @options = @options.dup
+      end
+    end
+
+    class Options < OmniAuth::KeyStore; end
 
   protected
 
@@ -488,10 +510,10 @@ module OmniAuth
 
     def ssl?
       request.env['HTTPS'] == 'on' ||
-      request.env['HTTP_X_FORWARDED_SSL'] == 'on' ||
-      request.env['HTTP_X_FORWARDED_SCHEME'] == 'https' ||
-      (request.env['HTTP_X_FORWARDED_PROTO'] && request.env['HTTP_X_FORWARDED_PROTO'].split(',')[0] == 'https') ||
-      request.env['rack.url_scheme'] == 'https'
+        request.env['HTTP_X_FORWARDED_SSL'] == 'on' ||
+        request.env['HTTP_X_FORWARDED_SCHEME'] == 'https' ||
+        (request.env['HTTP_X_FORWARDED_PROTO'] && request.env['HTTP_X_FORWARDED_PROTO'].split(',')[0] == 'https') ||
+        request.env['rack.url_scheme'] == 'https'
     end
   end
 end

data/lib/omniauth/test/strategy_test_case.rb

@@ -10,7 +10,7 @@ module OmniAuth
     #     include OmniAuth::Test::StrategyTestCase
     #     def strategy
     #       # return the parameters to a Rack::Builder map call:
-    #       [MyStrategy.new, :some, :configuration, :options => 'here']
+    #       [MyStrategy, :some, :configuration, :options => 'here']
     #     end
     #     setup do
     #       post '/auth/my_strategy/callback', :user => { 'name' => 'Dylan', 'id' => '445' }
@@ -37,7 +37,7 @@ module OmniAuth
 
       def strategy
         error = NotImplementedError.new('Including specs must define #strategy')
-        fail(error)
+        raise(error)
       end
     end
   end

data/lib/omniauth/version.rb

@@ -1,3 +1,3 @@
 module OmniAuth
-  VERSION = '1.2.2'
+  VERSION = '1.9.2'.freeze
 end

data/lib/omniauth.rb

@@ -41,7 +41,7 @@ module OmniAuth
         :form_css => Form::DEFAULT_CSS,
         :test_mode => false,
         :logger => default_logger,
-        :allowed_request_methods => [:get, :post],
+        :allowed_request_methods => %i[get post],
         :mock_auth => {:default => AuthHash.new('provider' => 'default', 'uid' => '1234', 'info' => {'name' => 'Example User'})}
       }
     end
@@ -82,19 +82,15 @@ module OmniAuth
       end
     end
 
-    def add_mock(provider, mock = {})
-      # Stringify keys recursively one level.
-      mock.keys.each do |key|
-        mock[key.to_s] = mock.delete(key)
-      end
-      mock.each_pair do |_key, val|
-        if val.is_a? Hash
-          val.keys.each do |subkey|
-            val[subkey.to_s] = val.delete(subkey)
-          end
-        else
-          next
-        end
+    def add_mock(provider, original = {})
+      # Create key-stringified new hash from given auth hash
+      mock = {}
+      original.each_pair do |key, val|
+        mock[key.to_s] = if val.is_a? Hash
+                           Hash[val.each_pair { |k, v| [k.to_s, v] }]
+                         else
+                           val
+                         end
       end
 
       # Merge with the default mock and ensure provider is correct.
@@ -136,7 +132,7 @@ module OmniAuth
   end
 
   module Utils
-    module_function
+  module_function # rubocop:disable Layout/IndentationWidth
 
     def form_css
       "<style type='text/css'>#{OmniAuth.config.form_css}</style>"
@@ -145,7 +141,7 @@ module OmniAuth
     def deep_merge(hash, other_hash)
       target = hash.dup
 
-      other_hash.keys.each do |key|
+      other_hash.each_key do |key|
         if other_hash[key].is_a?(::Hash) && hash[key].is_a?(::Hash)
           target[key] = deep_merge(target[key], other_hash[key])
           next
@@ -161,7 +157,7 @@ module OmniAuth
       return OmniAuth.config.camelizations[word.to_s] if OmniAuth.config.camelizations[word.to_s]
 
       if first_letter_in_uppercase
-        word.to_s.gsub(/\/(.?)/) { '::' + Regexp.last_match[1].upcase }.gsub(/(^|_)(.)/) { Regexp.last_match[2].upcase }
+        word.to_s.gsub(%r{/(.?)}) { '::' + Regexp.last_match[1].upcase }.gsub(/(^|_)(.)/) { Regexp.last_match[2].upcase }
       else
         word.first + camelize(word)[1..-1]
       end

data/omniauth.gemspec

@@ -1,22 +1,24 @@
 # coding: utf-8
+
 lib = File.expand_path('../lib', __FILE__)
 $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
 require 'omniauth/version'
 
 Gem::Specification.new do |spec|
-  spec.add_dependency 'hashie', ['>= 1.2', '< 4']
-  spec.add_dependency 'rack', '~> 1.0'
-  spec.add_development_dependency 'bundler', '~> 1.0'
+  spec.add_dependency 'hashie', ['>= 3.4.6']
+  spec.add_dependency 'rack', ['>= 1.6.2', '< 3']
+  spec.add_development_dependency 'bundler', '~> 1.14'
+  spec.add_development_dependency 'rake', '~> 12.0'
   spec.authors       = ['Michael Bleigh', 'Erik Michaels-Ober', 'Tom Milewski']
   spec.description   = 'A generalized Rack framework for multiple-provider authentication.'
   spec.email         = ['michael@intridea.com', 'sferik@gmail.com', 'tmilewski@gmail.com']
-  spec.files         = `git ls-files`.split($INPUT_RECORD_SEPARATOR)
-  spec.homepage      = 'http://github.com/intridea/omniauth'
-  spec.licenses      = %w(MIT)
+  spec.files         = `git ls-files -z`.split("\x0").reject { |f| f.start_with?('spec/') }
+  spec.homepage      = 'https://github.com/omniauth/omniauth'
+  spec.licenses      = %w[MIT]
   spec.name          = 'omniauth'
-  spec.require_paths = %w(lib)
+  spec.require_paths = %w[lib]
   spec.required_rubygems_version = '>= 1.3.5'
+  spec.required_ruby_version = '>= 2.2'
   spec.summary       = spec.description
-  spec.test_files    = spec.files.grep(/^spec\//)
   spec.version       = OmniAuth::VERSION
 end

metadata

@@ -1,16 +1,16 @@
 --- !ruby/object:Gem::Specification
 name: omniauth
 version: !ruby/object:Gem::Version
-  version: 1.2.2
+  version: 1.9.2
 platform: ruby
 authors:
 - Michael Bleigh
 - Erik Michaels-Ober
 - Tom Milewski
-autorequire: 
+autorequire:
 bindir: bin
 cert_chain: []
-date: 2014-07-09 00:00:00.000000000 Z
+date: 2022-08-18 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: hashie
@@ -18,48 +18,62 @@ dependencies:
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '1.2'
+        version: 3.4.6
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 3.4.6
+- !ruby/object:Gem::Dependency
+  name: rack
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 1.6.2
     - - "<"
       - !ruby/object:Gem::Version
-        version: '4'
+        version: '3'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '1.2'
+        version: 1.6.2
     - - "<"
       - !ruby/object:Gem::Version
-        version: '4'
+        version: '3'
 - !ruby/object:Gem::Dependency
-  name: rack
+  name: bundler
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.0'
-  type: :runtime
+        version: '1.14'
+  type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.0'
+        version: '1.14'
 - !ruby/object:Gem::Dependency
-  name: bundler
+  name: rake
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.0'
+        version: '12.0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.0'
+        version: '12.0'
 description: A generalized Rack framework for multiple-provider authentication.
 email:
 - michael@intridea.com
@@ -69,15 +83,13 @@ executables: []
 extensions: []
 extra_rdoc_files: []
 files:
-- ".gemtest"
+- ".github/ISSUE_TEMPLATE.md"
 - ".gitignore"
 - ".rspec"
 - ".rubocop.yml"
 - ".travis.yml"
 - ".yardopts"
 - Gemfile
-- Gemfile.rack-1.3.x
-- Guardfile
 - LICENSE.md
 - README.md
 - Rakefile
@@ -87,6 +99,7 @@ files:
 - lib/omniauth/failure_endpoint.rb
 - lib/omniauth/form.css
 - lib/omniauth/form.rb
+- lib/omniauth/key_store.rb
 - lib/omniauth/strategies/developer.rb
 - lib/omniauth/strategy.rb
 - lib/omniauth/test.rb
@@ -95,19 +108,11 @@ files:
 - lib/omniauth/test/strategy_test_case.rb
 - lib/omniauth/version.rb
 - omniauth.gemspec
-- spec/helper.rb
-- spec/omniauth/auth_hash_spec.rb
-- spec/omniauth/builder_spec.rb
-- spec/omniauth/failure_endpoint_spec.rb
-- spec/omniauth/form_spec.rb
-- spec/omniauth/strategies/developer_spec.rb
-- spec/omniauth/strategy_spec.rb
-- spec/omniauth_spec.rb
-homepage: http://github.com/intridea/omniauth
+homepage: https://github.com/omniauth/omniauth
 licenses:
 - MIT
 metadata: {}
-post_install_message: 
+post_install_message:
 rdoc_options: []
 require_paths:
 - lib
@@ -115,25 +120,15 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: '0'
+      version: '2.2'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
       version: 1.3.5
 requirements: []
-rubyforge_project: 
-rubygems_version: 2.2.2
-signing_key: 
+rubygems_version: 3.2.32
+signing_key:
 specification_version: 4
 summary: A generalized Rack framework for multiple-provider authentication.
-test_files:
-- spec/helper.rb
-- spec/omniauth/auth_hash_spec.rb
-- spec/omniauth/builder_spec.rb
-- spec/omniauth/failure_endpoint_spec.rb
-- spec/omniauth/form_spec.rb
-- spec/omniauth/strategies/developer_spec.rb
-- spec/omniauth/strategy_spec.rb
-- spec/omniauth_spec.rb
-has_rdoc: 
+test_files: []

data/Gemfile.rack-1.3.x

@@ -1,25 +0,0 @@
-source 'https://rubygems.org'
-
-gem 'jruby-openssl', :platforms => :jruby
-gem 'rack', '~> 1.3.0'
-gem 'rake'
-gem 'yard'
-
-group :test do
-  gem 'coveralls', :require => false
-  gem 'json', '>= 1.8.1', :platforms => [:jruby, :rbx, :ruby_18, :ruby_19]
-  gem 'mime-types', '~> 1.25', :platforms => [:jruby, :ruby_18]
-  gem 'rack-test'
-  gem 'rest-client', '~> 1.6.0', :platforms => [:jruby, :ruby_18]
-  gem 'rspec', '>= 2.14'
-  gem 'rubocop', '>= 0.23', :platforms => [:ruby_19, :ruby_20, :ruby_21]
-  gem 'simplecov', :require => false
-end
-
-platforms :rbx do
-  gem 'racc'
-  gem 'rubinius-coverage', '~> 2.0'
-  gem 'rubysl', '~> 2.0'
-end
-
-gemspec

data/Guardfile

@@ -1,10 +0,0 @@
-guard 'rspec', :version => 2 do
-  watch(%r{^spec/.+_spec\.rb$})
-  watch(%r{^lib/(.+)\.rb$})     { |m| "spec/#{m[1]}_spec.rb" }
-  watch('spec/spec_helper.rb')  { "spec/" }
-end
-
-guard 'bundler' do
-  watch('Gemfile')
-  watch(/^.+\.gemspec/)
-end