omniauth 1.2.2 → 2.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +5 -5
- data/.github/FUNDING.yml +2 -0
- data/.github/ISSUE_TEMPLATE.md +20 -0
- data/.github/workflows/main.yml +89 -0
- data/.gitignore +3 -0
- data/.rubocop.yml +43 -55
- data/Gemfile +15 -20
- data/LICENSE.md +1 -1
- data/README.md +141 -44
- data/Rakefile +38 -2
- data/SECURITY.md +17 -0
- data/lib/omniauth/auth_hash.rb +7 -8
- data/lib/omniauth/authenticity_token_protection.rb +32 -0
- data/lib/omniauth/builder.rb +5 -20
- data/lib/omniauth/failure_endpoint.rb +13 -2
- data/lib/omniauth/form.css +1 -1
- data/lib/omniauth/form.rb +3 -2
- data/lib/omniauth/key_store.rb +22 -0
- data/lib/omniauth/strategies/developer.rb +2 -2
- data/lib/omniauth/strategy.rb +141 -67
- data/lib/omniauth/test/strategy_test_case.rb +2 -2
- data/lib/omniauth/version.rb +1 -1
- data/lib/omniauth.rb +30 -22
- data/omniauth.gemspec +11 -8
- metadata +51 -45
- data/.gemtest +0 -0
- data/.travis.yml +0 -37
- data/Gemfile.rack-1.3.x +0 -25
- data/Guardfile +0 -10
- data/spec/helper.rb +0 -55
- data/spec/omniauth/auth_hash_spec.rb +0 -111
- data/spec/omniauth/builder_spec.rb +0 -50
- data/spec/omniauth/failure_endpoint_spec.rb +0 -58
- data/spec/omniauth/form_spec.rb +0 -23
- data/spec/omniauth/strategies/developer_spec.rb +0 -73
- data/spec/omniauth/strategy_spec.rb +0 -768
- data/spec/omniauth_spec.rb +0 -145
|
@@ -1,58 +0,0 @@
|
|
|
1
|
-
require 'helper'
|
|
2
|
-
|
|
3
|
-
describe OmniAuth::FailureEndpoint do
|
|
4
|
-
subject { OmniAuth::FailureEndpoint }
|
|
5
|
-
|
|
6
|
-
context 'raise-out environment' do
|
|
7
|
-
before do
|
|
8
|
-
@rack_env = ENV['RACK_ENV']
|
|
9
|
-
ENV['RACK_ENV'] = 'test'
|
|
10
|
-
|
|
11
|
-
@default = OmniAuth.config.failure_raise_out_environments
|
|
12
|
-
OmniAuth.config.failure_raise_out_environments = ['test']
|
|
13
|
-
end
|
|
14
|
-
|
|
15
|
-
it 'raises out the error' do
|
|
16
|
-
expect do
|
|
17
|
-
subject.call('omniauth.error' => StandardError.new('Blah'))
|
|
18
|
-
end.to raise_error(StandardError, 'Blah')
|
|
19
|
-
end
|
|
20
|
-
|
|
21
|
-
it 'raises out an OmniAuth::Error if no omniauth.error is set' do
|
|
22
|
-
expect { subject.call('omniauth.error.type' => 'example') }.to raise_error(OmniAuth::Error, 'example')
|
|
23
|
-
end
|
|
24
|
-
|
|
25
|
-
after do
|
|
26
|
-
ENV['RACK_ENV'] = @rack_env
|
|
27
|
-
OmniAuth.config.failure_raise_out_environments = @default
|
|
28
|
-
end
|
|
29
|
-
end
|
|
30
|
-
|
|
31
|
-
context 'non-raise-out environment' do
|
|
32
|
-
let(:env) do
|
|
33
|
-
{'omniauth.error.type' => 'invalid_request', 'omniauth.error.strategy' => ExampleStrategy.new({})}
|
|
34
|
-
end
|
|
35
|
-
|
|
36
|
-
it 'is a redirect' do
|
|
37
|
-
status, _, _ = *subject.call(env)
|
|
38
|
-
expect(status).to eq(302)
|
|
39
|
-
end
|
|
40
|
-
|
|
41
|
-
it 'includes the SCRIPT_NAME' do
|
|
42
|
-
_, head, _ = *subject.call(env.merge('SCRIPT_NAME' => '/random'))
|
|
43
|
-
expect(head['Location']).to eq('/random/auth/failure?message=invalid_request&strategy=test')
|
|
44
|
-
end
|
|
45
|
-
|
|
46
|
-
it 'respects the configured path prefix' do
|
|
47
|
-
allow(OmniAuth.config).to receive(:path_prefix).and_return('/boo')
|
|
48
|
-
_, head, _ = *subject.call(env)
|
|
49
|
-
expect(head['Location']).to eq('/boo/failure?message=invalid_request&strategy=test')
|
|
50
|
-
end
|
|
51
|
-
|
|
52
|
-
it 'includes the origin (escaped) if one is provided' do
|
|
53
|
-
env.merge! 'omniauth.origin' => '/origin-example'
|
|
54
|
-
_, head, _ = *subject.call(env)
|
|
55
|
-
expect(head['Location']).to be_include('&origin=%2Forigin-example')
|
|
56
|
-
end
|
|
57
|
-
end
|
|
58
|
-
end
|
data/spec/omniauth/form_spec.rb
DELETED
|
@@ -1,23 +0,0 @@
|
|
|
1
|
-
require 'helper'
|
|
2
|
-
|
|
3
|
-
describe OmniAuth::Form do
|
|
4
|
-
describe '.build' do
|
|
5
|
-
it 'yields the instance when called with a block and argument' do
|
|
6
|
-
OmniAuth::Form.build { |f| expect(f).to be_kind_of(OmniAuth::Form) }
|
|
7
|
-
end
|
|
8
|
-
|
|
9
|
-
it 'evaluates in the instance when called with a block and no argument' do
|
|
10
|
-
OmniAuth::Form.build { |f| expect(f.class).to eq(OmniAuth::Form) }
|
|
11
|
-
end
|
|
12
|
-
end
|
|
13
|
-
|
|
14
|
-
describe '#initialize' do
|
|
15
|
-
it 'sets the form action to the passed :url option' do
|
|
16
|
-
expect(OmniAuth::Form.new(:url => '/awesome').to_html).to be_include("action='/awesome'")
|
|
17
|
-
end
|
|
18
|
-
|
|
19
|
-
it 'sets an H1 tag from the passed :title option' do
|
|
20
|
-
expect(OmniAuth::Form.new(:title => 'Something Cool').to_html).to be_include('<h1>Something Cool</h1>')
|
|
21
|
-
end
|
|
22
|
-
end
|
|
23
|
-
end
|
|
@@ -1,73 +0,0 @@
|
|
|
1
|
-
require 'helper'
|
|
2
|
-
|
|
3
|
-
describe OmniAuth::Strategies::Developer do
|
|
4
|
-
let(:app) do
|
|
5
|
-
Rack::Builder.new do |b|
|
|
6
|
-
b.use Rack::Session::Cookie, :secret => 'abc123'
|
|
7
|
-
b.use OmniAuth::Strategies::Developer
|
|
8
|
-
b.run lambda { |_env| [200, {}, ['Not Found']] }
|
|
9
|
-
end.to_app
|
|
10
|
-
end
|
|
11
|
-
|
|
12
|
-
context 'request phase' do
|
|
13
|
-
before(:each) { get '/auth/developer' }
|
|
14
|
-
|
|
15
|
-
it 'displays a form' do
|
|
16
|
-
expect(last_response.status).to eq(200)
|
|
17
|
-
expect(last_response.body).to be_include('<form')
|
|
18
|
-
end
|
|
19
|
-
|
|
20
|
-
it 'has the callback as the action for the form' do
|
|
21
|
-
expect(last_response.body).to be_include("action='/auth/developer/callback'")
|
|
22
|
-
end
|
|
23
|
-
|
|
24
|
-
it 'has a text field for each of the fields' do
|
|
25
|
-
expect(last_response.body.scan('<input').size).to eq(2)
|
|
26
|
-
end
|
|
27
|
-
end
|
|
28
|
-
|
|
29
|
-
context 'callback phase' do
|
|
30
|
-
let(:auth_hash) { last_request.env['omniauth.auth'] }
|
|
31
|
-
|
|
32
|
-
context 'with default options' do
|
|
33
|
-
before do
|
|
34
|
-
post '/auth/developer/callback', :name => 'Example User', :email => 'user@example.com'
|
|
35
|
-
end
|
|
36
|
-
|
|
37
|
-
it 'sets the name in the auth hash' do
|
|
38
|
-
expect(auth_hash.info.name).to eq('Example User')
|
|
39
|
-
end
|
|
40
|
-
|
|
41
|
-
it 'sets the email in the auth hash' do
|
|
42
|
-
expect(auth_hash.info.email).to eq('user@example.com')
|
|
43
|
-
end
|
|
44
|
-
|
|
45
|
-
it 'sets the uid to the email' do
|
|
46
|
-
expect(auth_hash.uid).to eq('user@example.com')
|
|
47
|
-
end
|
|
48
|
-
end
|
|
49
|
-
|
|
50
|
-
context 'with custom options' do
|
|
51
|
-
let(:app) do
|
|
52
|
-
Rack::Builder.new do |b|
|
|
53
|
-
b.use Rack::Session::Cookie, :secret => 'abc123'
|
|
54
|
-
b.use OmniAuth::Strategies::Developer, :fields => [:first_name, :last_name], :uid_field => :last_name
|
|
55
|
-
b.run lambda { |_env| [200, {}, ['Not Found']] }
|
|
56
|
-
end.to_app
|
|
57
|
-
end
|
|
58
|
-
|
|
59
|
-
before do
|
|
60
|
-
@options = {:uid_field => :last_name, :fields => [:first_name, :last_name]}
|
|
61
|
-
post '/auth/developer/callback', :first_name => 'Example', :last_name => 'User'
|
|
62
|
-
end
|
|
63
|
-
|
|
64
|
-
it 'sets info fields properly' do
|
|
65
|
-
expect(auth_hash.info.name).to eq('Example User')
|
|
66
|
-
end
|
|
67
|
-
|
|
68
|
-
it 'sets the uid properly' do
|
|
69
|
-
expect(auth_hash.uid).to eq('User')
|
|
70
|
-
end
|
|
71
|
-
end
|
|
72
|
-
end
|
|
73
|
-
end
|