omniauth 1.2.2 → 2.1.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +5 -5
- data/.github/FUNDING.yml +2 -0
- data/.github/ISSUE_TEMPLATE.md +20 -0
- data/.github/workflows/main.yml +89 -0
- data/.gitignore +3 -0
- data/.rubocop.yml +43 -55
- data/Gemfile +15 -20
- data/LICENSE.md +1 -1
- data/README.md +141 -44
- data/Rakefile +38 -2
- data/SECURITY.md +17 -0
- data/lib/omniauth/auth_hash.rb +7 -8
- data/lib/omniauth/authenticity_token_protection.rb +32 -0
- data/lib/omniauth/builder.rb +5 -20
- data/lib/omniauth/failure_endpoint.rb +13 -2
- data/lib/omniauth/form.css +1 -1
- data/lib/omniauth/form.rb +3 -2
- data/lib/omniauth/key_store.rb +22 -0
- data/lib/omniauth/strategies/developer.rb +2 -2
- data/lib/omniauth/strategy.rb +141 -67
- data/lib/omniauth/test/strategy_test_case.rb +2 -2
- data/lib/omniauth/version.rb +1 -1
- data/lib/omniauth.rb +30 -22
- data/omniauth.gemspec +11 -8
- metadata +51 -45
- data/.gemtest +0 -0
- data/.travis.yml +0 -37
- data/Gemfile.rack-1.3.x +0 -25
- data/Guardfile +0 -10
- data/spec/helper.rb +0 -55
- data/spec/omniauth/auth_hash_spec.rb +0 -111
- data/spec/omniauth/builder_spec.rb +0 -50
- data/spec/omniauth/failure_endpoint_spec.rb +0 -58
- data/spec/omniauth/form_spec.rb +0 -23
- data/spec/omniauth/strategies/developer_spec.rb +0 -73
- data/spec/omniauth/strategy_spec.rb +0 -768
- data/spec/omniauth_spec.rb +0 -145
@@ -1,58 +0,0 @@
|
|
1
|
-
require 'helper'
|
2
|
-
|
3
|
-
describe OmniAuth::FailureEndpoint do
|
4
|
-
subject { OmniAuth::FailureEndpoint }
|
5
|
-
|
6
|
-
context 'raise-out environment' do
|
7
|
-
before do
|
8
|
-
@rack_env = ENV['RACK_ENV']
|
9
|
-
ENV['RACK_ENV'] = 'test'
|
10
|
-
|
11
|
-
@default = OmniAuth.config.failure_raise_out_environments
|
12
|
-
OmniAuth.config.failure_raise_out_environments = ['test']
|
13
|
-
end
|
14
|
-
|
15
|
-
it 'raises out the error' do
|
16
|
-
expect do
|
17
|
-
subject.call('omniauth.error' => StandardError.new('Blah'))
|
18
|
-
end.to raise_error(StandardError, 'Blah')
|
19
|
-
end
|
20
|
-
|
21
|
-
it 'raises out an OmniAuth::Error if no omniauth.error is set' do
|
22
|
-
expect { subject.call('omniauth.error.type' => 'example') }.to raise_error(OmniAuth::Error, 'example')
|
23
|
-
end
|
24
|
-
|
25
|
-
after do
|
26
|
-
ENV['RACK_ENV'] = @rack_env
|
27
|
-
OmniAuth.config.failure_raise_out_environments = @default
|
28
|
-
end
|
29
|
-
end
|
30
|
-
|
31
|
-
context 'non-raise-out environment' do
|
32
|
-
let(:env) do
|
33
|
-
{'omniauth.error.type' => 'invalid_request', 'omniauth.error.strategy' => ExampleStrategy.new({})}
|
34
|
-
end
|
35
|
-
|
36
|
-
it 'is a redirect' do
|
37
|
-
status, _, _ = *subject.call(env)
|
38
|
-
expect(status).to eq(302)
|
39
|
-
end
|
40
|
-
|
41
|
-
it 'includes the SCRIPT_NAME' do
|
42
|
-
_, head, _ = *subject.call(env.merge('SCRIPT_NAME' => '/random'))
|
43
|
-
expect(head['Location']).to eq('/random/auth/failure?message=invalid_request&strategy=test')
|
44
|
-
end
|
45
|
-
|
46
|
-
it 'respects the configured path prefix' do
|
47
|
-
allow(OmniAuth.config).to receive(:path_prefix).and_return('/boo')
|
48
|
-
_, head, _ = *subject.call(env)
|
49
|
-
expect(head['Location']).to eq('/boo/failure?message=invalid_request&strategy=test')
|
50
|
-
end
|
51
|
-
|
52
|
-
it 'includes the origin (escaped) if one is provided' do
|
53
|
-
env.merge! 'omniauth.origin' => '/origin-example'
|
54
|
-
_, head, _ = *subject.call(env)
|
55
|
-
expect(head['Location']).to be_include('&origin=%2Forigin-example')
|
56
|
-
end
|
57
|
-
end
|
58
|
-
end
|
data/spec/omniauth/form_spec.rb
DELETED
@@ -1,23 +0,0 @@
|
|
1
|
-
require 'helper'
|
2
|
-
|
3
|
-
describe OmniAuth::Form do
|
4
|
-
describe '.build' do
|
5
|
-
it 'yields the instance when called with a block and argument' do
|
6
|
-
OmniAuth::Form.build { |f| expect(f).to be_kind_of(OmniAuth::Form) }
|
7
|
-
end
|
8
|
-
|
9
|
-
it 'evaluates in the instance when called with a block and no argument' do
|
10
|
-
OmniAuth::Form.build { |f| expect(f.class).to eq(OmniAuth::Form) }
|
11
|
-
end
|
12
|
-
end
|
13
|
-
|
14
|
-
describe '#initialize' do
|
15
|
-
it 'sets the form action to the passed :url option' do
|
16
|
-
expect(OmniAuth::Form.new(:url => '/awesome').to_html).to be_include("action='/awesome'")
|
17
|
-
end
|
18
|
-
|
19
|
-
it 'sets an H1 tag from the passed :title option' do
|
20
|
-
expect(OmniAuth::Form.new(:title => 'Something Cool').to_html).to be_include('<h1>Something Cool</h1>')
|
21
|
-
end
|
22
|
-
end
|
23
|
-
end
|
@@ -1,73 +0,0 @@
|
|
1
|
-
require 'helper'
|
2
|
-
|
3
|
-
describe OmniAuth::Strategies::Developer do
|
4
|
-
let(:app) do
|
5
|
-
Rack::Builder.new do |b|
|
6
|
-
b.use Rack::Session::Cookie, :secret => 'abc123'
|
7
|
-
b.use OmniAuth::Strategies::Developer
|
8
|
-
b.run lambda { |_env| [200, {}, ['Not Found']] }
|
9
|
-
end.to_app
|
10
|
-
end
|
11
|
-
|
12
|
-
context 'request phase' do
|
13
|
-
before(:each) { get '/auth/developer' }
|
14
|
-
|
15
|
-
it 'displays a form' do
|
16
|
-
expect(last_response.status).to eq(200)
|
17
|
-
expect(last_response.body).to be_include('<form')
|
18
|
-
end
|
19
|
-
|
20
|
-
it 'has the callback as the action for the form' do
|
21
|
-
expect(last_response.body).to be_include("action='/auth/developer/callback'")
|
22
|
-
end
|
23
|
-
|
24
|
-
it 'has a text field for each of the fields' do
|
25
|
-
expect(last_response.body.scan('<input').size).to eq(2)
|
26
|
-
end
|
27
|
-
end
|
28
|
-
|
29
|
-
context 'callback phase' do
|
30
|
-
let(:auth_hash) { last_request.env['omniauth.auth'] }
|
31
|
-
|
32
|
-
context 'with default options' do
|
33
|
-
before do
|
34
|
-
post '/auth/developer/callback', :name => 'Example User', :email => 'user@example.com'
|
35
|
-
end
|
36
|
-
|
37
|
-
it 'sets the name in the auth hash' do
|
38
|
-
expect(auth_hash.info.name).to eq('Example User')
|
39
|
-
end
|
40
|
-
|
41
|
-
it 'sets the email in the auth hash' do
|
42
|
-
expect(auth_hash.info.email).to eq('user@example.com')
|
43
|
-
end
|
44
|
-
|
45
|
-
it 'sets the uid to the email' do
|
46
|
-
expect(auth_hash.uid).to eq('user@example.com')
|
47
|
-
end
|
48
|
-
end
|
49
|
-
|
50
|
-
context 'with custom options' do
|
51
|
-
let(:app) do
|
52
|
-
Rack::Builder.new do |b|
|
53
|
-
b.use Rack::Session::Cookie, :secret => 'abc123'
|
54
|
-
b.use OmniAuth::Strategies::Developer, :fields => [:first_name, :last_name], :uid_field => :last_name
|
55
|
-
b.run lambda { |_env| [200, {}, ['Not Found']] }
|
56
|
-
end.to_app
|
57
|
-
end
|
58
|
-
|
59
|
-
before do
|
60
|
-
@options = {:uid_field => :last_name, :fields => [:first_name, :last_name]}
|
61
|
-
post '/auth/developer/callback', :first_name => 'Example', :last_name => 'User'
|
62
|
-
end
|
63
|
-
|
64
|
-
it 'sets info fields properly' do
|
65
|
-
expect(auth_hash.info.name).to eq('Example User')
|
66
|
-
end
|
67
|
-
|
68
|
-
it 'sets the uid properly' do
|
69
|
-
expect(auth_hash.uid).to eq('User')
|
70
|
-
end
|
71
|
-
end
|
72
|
-
end
|
73
|
-
end
|