omniauth 0.3.2 → 1.0.0.beta1
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of omniauth might be problematic. Click here for more details.
- data/Gemfile +11 -0
- data/Guardfile +10 -0
- data/{LICENSE.md → LICENSE} +1 -1
- data/README.md +136 -152
- data/Rakefile +6 -0
- data/lib/omniauth.rb +137 -6
- data/lib/omniauth/auth_hash.rb +51 -0
- data/lib/omniauth/builder.rb +33 -0
- data/lib/omniauth/form.rb +191 -0
- data/lib/omniauth/strategies/developer.rb +60 -0
- data/lib/omniauth/strategy.rb +429 -0
- data/lib/omniauth/test.rb +12 -0
- data/lib/omniauth/test/phony_session.rb +8 -0
- data/lib/omniauth/test/strategy_macros.rb +34 -0
- data/lib/omniauth/test/strategy_test_case.rb +49 -0
- data/lib/omniauth/version.rb +1 -17
- data/omniauth.gemspec +28 -0
- data/spec/omniauth/auth_hash_spec.rb +108 -0
- data/spec/omniauth/builder_spec.rb +20 -0
- data/spec/omniauth/strategies/developer_spec.rb +69 -0
- data/spec/omniauth/strategy_spec.rb +601 -0
- data/spec/omniauth_spec.rb +82 -0
- data/spec/spec_helper.rb +12 -0
- metadata +142 -132
data/Gemfile
ADDED
data/Guardfile
ADDED
data/{LICENSE.md → LICENSE}
RENAMED
@@ -1,4 +1,4 @@
|
|
1
|
-
Copyright (c) 2010-2011 Michael Bleigh
|
1
|
+
Copyright (c) 2010-2011 Michael Bleigh and Intridea, Inc.
|
2
2
|
|
3
3
|
Permission is hereby granted, free of charge, to any person obtaining a copy
|
4
4
|
of this software and associated documentation files (the "Software"), to deal
|
data/README.md
CHANGED
@@ -1,155 +1,139 @@
|
|
1
1
|
# OmniAuth: Standardized Multi-Provider Authentication
|
2
|
-
|
3
|
-
|
4
|
-
|
5
|
-
|
6
|
-
|
7
|
-
|
8
|
-
|
9
|
-
|
10
|
-
|
11
|
-
|
12
|
-
|
13
|
-
|
14
|
-
|
15
|
-
|
16
|
-
|
17
|
-
|
18
|
-
|
19
|
-
|
20
|
-
|
21
|
-
|
22
|
-
|
23
|
-
|
24
|
-
|
25
|
-
|
26
|
-
|
27
|
-
|
28
|
-
|
29
|
-
|
30
|
-
|
31
|
-
|
32
|
-
|
33
|
-
|
34
|
-
|
35
|
-
|
36
|
-
|
37
|
-
|
38
|
-
|
39
|
-
|
40
|
-
|
41
|
-
|
42
|
-
|
43
|
-
|
44
|
-
|
45
|
-
|
46
|
-
|
47
|
-
|
48
|
-
|
49
|
-
|
50
|
-
|
51
|
-
|
52
|
-
|
53
|
-
|
54
|
-
|
55
|
-
|
56
|
-
|
57
|
-
|
58
|
-
|
59
|
-
|
60
|
-
|
61
|
-
|
62
|
-
|
63
|
-
|
64
|
-
|
65
|
-
|
66
|
-
|
67
|
-
|
68
|
-
|
69
|
-
|
70
|
-
|
71
|
-
|
72
|
-
|
73
|
-
|
74
|
-
|
75
|
-
|
76
|
-
|
77
|
-
|
78
|
-
|
79
|
-
|
80
|
-
|
81
|
-
|
82
|
-
|
83
|
-
|
84
|
-
|
85
|
-
|
86
|
-
|
87
|
-
|
88
|
-
|
89
|
-
|
90
|
-
|
91
|
-
|
92
|
-
|
93
|
-
|
94
|
-
|
95
|
-
|
96
|
-
|
97
|
-
|
98
|
-
get '/auth/twitter/callback' do
|
99
|
-
auth_hash = request.env['omniauth.auth']
|
2
|
+
|
3
|
+
**NOTICE:** This documentation and code is for OmniAuth 1.0 in which
|
4
|
+
each provider will become its own separate gem. If you're looking for
|
5
|
+
the current released version, please visit [OmniAuth 0.3 Stable
|
6
|
+
Branch](https://github.com/intridea/omniauth/tree/0-3-stable).
|
7
|
+
|
8
|
+
## An Introduction
|
9
|
+
|
10
|
+
OmniAuth is a libary that standardizes multi-provider authentication for
|
11
|
+
web applications. It was created to be powerful, flexible, and do as
|
12
|
+
little as possible. Any developer can create **strategies** for OmniAuth
|
13
|
+
that can authenticate users via disparate systems. OmniAuth strategies
|
14
|
+
have been created for everything from Facebook to LDAP.
|
15
|
+
|
16
|
+
In order to use OmniAuth in your applications, you will need to leverage
|
17
|
+
one or more strategies. These strategies are generally released
|
18
|
+
individually as RubyGems, and you can see a [community maintained list](https://github.com/intridea/omniauth/wiki/List-of-Strategies)
|
19
|
+
on the wiki for this project.
|
20
|
+
|
21
|
+
One strategy, called `Developer`, is included with OmniAuth and provides
|
22
|
+
a completely unsecure, non-production-usable strategy that directly
|
23
|
+
prompts a user for authentication information and then passes it
|
24
|
+
straight through. You can use it as a placeholder when you start
|
25
|
+
development and easily swap in other strategies later.
|
26
|
+
|
27
|
+
## Getting Started
|
28
|
+
|
29
|
+
Each OmniAuth strategy is a Rack Middleware. That means that you can use
|
30
|
+
it the same way that you use any other Rack middleware. For example, to
|
31
|
+
use the built-in Developer strategy in a Sinatra application I might do
|
32
|
+
this:
|
33
|
+
|
34
|
+
require 'sinatra'
|
35
|
+
require 'omniauth'
|
36
|
+
|
37
|
+
class MyApplication < Sinatra::Base
|
38
|
+
use Rack::Session
|
39
|
+
use OmniAuth::Strategies::Developer
|
40
|
+
end
|
41
|
+
|
42
|
+
Because OmniAuth is built for *multi-provider* authentication, I may
|
43
|
+
want to leave room to run multiple strategies. For this, the built-in
|
44
|
+
`OmniAuth::Builder` class gives you an easy way to specify multiple
|
45
|
+
strategies. Note that there is **no difference** between the following
|
46
|
+
code and using each strategy individually as middleware. This is an
|
47
|
+
example that you might put into a Rails initializer at
|
48
|
+
`config/initializers/omniauth.rb`:
|
49
|
+
|
50
|
+
Rails.application.config.middleware.use OmniAuth::Builder do
|
51
|
+
provider :developer unless Rails.env.production?
|
52
|
+
provider :twitter, ENV['TWITTER_KEY'], ENV['TWITTER_SECRET']
|
53
|
+
end
|
54
|
+
|
55
|
+
You should look to the documentation for each provider you use for
|
56
|
+
specific initialization requirements.
|
57
|
+
|
58
|
+
## Integrating OmniAuth Into Your Application
|
59
|
+
|
60
|
+
OmniAuth is an extremely low-touch library. It is designed to be a
|
61
|
+
black box that you can send your application's users into when you need
|
62
|
+
authentication and then get information back. OmniAuth was intentionally
|
63
|
+
built not to automatically associate with a User model or make
|
64
|
+
assumptions about how many authentication methods you might want to use
|
65
|
+
or what you might want to do with the data once a user has
|
66
|
+
authenticated. This makes OmniAuth incredibly flexible. To use OmniAuth,
|
67
|
+
you need only to redirect users to `/auth/:provider`, where `:provider`
|
68
|
+
is the name of the strategy (for example, `developer` or `twitter`).
|
69
|
+
From there, OmniAuth will take over and take the user through the
|
70
|
+
necessary steps to authenticate them with the chosen strategy.
|
71
|
+
|
72
|
+
Once the user has authenticated, what do you do next? OmniAuth simply
|
73
|
+
sets a special hash called the Authentication Hash on the Rack
|
74
|
+
environment of a request to `/auth/:provider/callback`. This hash
|
75
|
+
contains as much information about the user as OmniAuth was able to
|
76
|
+
glean from the utilized strategy. You should set up an endpoint in your
|
77
|
+
application that matches to the callback URL and then performs whatever
|
78
|
+
steps are necessary for your application. For example, in a Rails app I
|
79
|
+
would add a line in my `routes.rb` file like this:
|
80
|
+
|
81
|
+
match '/auth/:provider/callback', to: 'sessions#create'
|
82
|
+
|
83
|
+
And I might then have a `SessionsController` with code that looks
|
84
|
+
something like this:
|
85
|
+
|
86
|
+
class SessionsController < ApplicationController
|
87
|
+
def create
|
88
|
+
@user = User.find_or_create_from_auth_hash(auth_hash)
|
89
|
+
self.current_user = @user
|
90
|
+
redirect_to '/'
|
91
|
+
end
|
92
|
+
|
93
|
+
protected
|
94
|
+
|
95
|
+
def auth_hash
|
96
|
+
request.env['omniauth.auth']
|
97
|
+
end
|
100
98
|
end
|
101
99
|
|
102
|
-
The
|
103
|
-
|
104
|
-
|
105
|
-
|
106
|
-
|
107
|
-
|
108
|
-
|
109
|
-
|
110
|
-
|
111
|
-
|
112
|
-
|
113
|
-
|
114
|
-
|
115
|
-
|
116
|
-
|
117
|
-
|
118
|
-
|
119
|
-
|
120
|
-
|
121
|
-
|
122
|
-
|
123
|
-
|
124
|
-
|
125
|
-
|
126
|
-
|
127
|
-
|
128
|
-
|
129
|
-
|
130
|
-
|
131
|
-
|
132
|
-
|
133
|
-
|
134
|
-
|
135
|
-
|
136
|
-
|
137
|
-
|
138
|
-
|
139
|
-
|
140
|
-
|
141
|
-
|
142
|
-
|
143
|
-
This library may inadvertently work (or seem to work) on other Ruby
|
144
|
-
implementations, however support will only be provided for the versions listed
|
145
|
-
above.
|
146
|
-
|
147
|
-
If you would like this library to support another Ruby version, you may
|
148
|
-
volunteer to be a maintainer. Being a maintainer entails making sure all tests
|
149
|
-
run and pass on that implementation. When something breaks on your
|
150
|
-
implementation, you will be personally responsible for providing patches in a
|
151
|
-
timely fashion. If critical issues for a particular implementation exist at the
|
152
|
-
time of a major release, support for that Ruby version may be dropped.
|
153
|
-
|
154
|
-
## <a name="license">License</a>
|
155
|
-
OmniAuth is released under the MIT License.
|
100
|
+
The `omniauth.auth` key in the environment hash gives me my
|
101
|
+
Authentication Hash which will contain information about the just
|
102
|
+
authenticated user including a unique id, the strategy they just used
|
103
|
+
for authentication, and personal details such as name and email address
|
104
|
+
as available. For an in-depth description of what the authentication
|
105
|
+
hash might contain, see the [Auth Hash Schema wiki page](https://github.com/intridea/omniauth/wiki/Auth-Hash-Schema).
|
106
|
+
|
107
|
+
Note that OmniAuth does not perform any actions beyond setting some
|
108
|
+
environment information on the callback request. It is entirely up to
|
109
|
+
you how you want to implement the particulars of your application's
|
110
|
+
authentication flow.
|
111
|
+
|
112
|
+
## Resources
|
113
|
+
|
114
|
+
The [OmniAuth Wiki](https://github.com/intridea/omniauth/wiki) has
|
115
|
+
actively maintained in-depth documentation for OmniAuth. It should be
|
116
|
+
your first stop if you are wondering about a more in-depth look at
|
117
|
+
OmniAuth, how it works, and how to use it.
|
118
|
+
|
119
|
+
## License
|
120
|
+
|
121
|
+
Copyright (c) 2011 Intridea, Inc.
|
122
|
+
|
123
|
+
Permission is hereby granted, free of charge, to any person obtaining a
|
124
|
+
copy of this software and associated documentation files (the "Software"),
|
125
|
+
to deal in the Software without restriction, including without limitation
|
126
|
+
the rights to use, copy, modify, merge, publish, distribute, sublicense,
|
127
|
+
and/or sell copies of the Software, and to permit persons to whom the
|
128
|
+
Software is furnished to do so, subject to the following conditions:
|
129
|
+
|
130
|
+
The above copyright notice and this permission notice shall be included
|
131
|
+
in all copies or substantial portions of the Software.
|
132
|
+
|
133
|
+
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
|
134
|
+
OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
135
|
+
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
|
136
|
+
THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
137
|
+
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
|
138
|
+
FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
|
139
|
+
DEALINGS IN THE SOFTWARE.
|
data/Rakefile
ADDED
data/lib/omniauth.rb
CHANGED
@@ -1,6 +1,137 @@
|
|
1
|
-
require '
|
2
|
-
require '
|
3
|
-
|
4
|
-
|
5
|
-
|
6
|
-
|
1
|
+
require 'rack'
|
2
|
+
require 'singleton'
|
3
|
+
|
4
|
+
module OmniAuth
|
5
|
+
module Strategies
|
6
|
+
autoload :Developer, 'omniauth/strategies/developer'
|
7
|
+
end
|
8
|
+
|
9
|
+
autoload :Builder, 'omniauth/builder'
|
10
|
+
autoload :Strategy, 'omniauth/strategy'
|
11
|
+
autoload :Test, 'omniauth/test'
|
12
|
+
autoload :Form, 'omniauth/form'
|
13
|
+
autoload :AuthHash, 'omniauth/auth_hash'
|
14
|
+
|
15
|
+
def self.strategies
|
16
|
+
@@strategies ||= []
|
17
|
+
end
|
18
|
+
|
19
|
+
class Configuration
|
20
|
+
include Singleton
|
21
|
+
|
22
|
+
@@defaults = {
|
23
|
+
:camelizations => {},
|
24
|
+
:path_prefix => '/auth',
|
25
|
+
:on_failure => Proc.new do |env|
|
26
|
+
message_key = env['omniauth.error.type']
|
27
|
+
new_path = "#{OmniAuth.config.path_prefix}/failure?message=#{message_key}"
|
28
|
+
[302, {'Location' => new_path, 'Content-Type'=> 'text/html'}, []]
|
29
|
+
end,
|
30
|
+
:form_css => Form::DEFAULT_CSS,
|
31
|
+
:test_mode => false,
|
32
|
+
:allowed_request_methods => [:get, :post],
|
33
|
+
:mock_auth => {
|
34
|
+
:default => {
|
35
|
+
'provider' => 'default',
|
36
|
+
'uid' => '1234',
|
37
|
+
'name' => 'Bob Example'
|
38
|
+
}
|
39
|
+
}
|
40
|
+
}
|
41
|
+
|
42
|
+
def self.defaults
|
43
|
+
@@defaults
|
44
|
+
end
|
45
|
+
|
46
|
+
def initialize
|
47
|
+
@@defaults.each_pair{|k,v| self.send("#{k}=",v)}
|
48
|
+
end
|
49
|
+
|
50
|
+
def on_failure(&block)
|
51
|
+
if block_given?
|
52
|
+
@on_failure = block
|
53
|
+
else
|
54
|
+
@on_failure
|
55
|
+
end
|
56
|
+
end
|
57
|
+
|
58
|
+
def add_mock(provider, mock={})
|
59
|
+
# Stringify keys recursively one level.
|
60
|
+
mock.keys.each do |key|
|
61
|
+
mock[key.to_s] = mock.delete(key)
|
62
|
+
end
|
63
|
+
mock.each_pair do |key, val|
|
64
|
+
if val.is_a? Hash
|
65
|
+
val.keys.each do |subkey|
|
66
|
+
val[subkey.to_s] = val.delete(subkey)
|
67
|
+
end
|
68
|
+
end
|
69
|
+
end
|
70
|
+
|
71
|
+
# Merge with the default mock and ensure provider is correct.
|
72
|
+
mock = self.mock_auth[:default].dup.merge(mock)
|
73
|
+
mock["provider"] = provider.to_s
|
74
|
+
|
75
|
+
# Add it to the mocks.
|
76
|
+
self.mock_auth[provider.to_sym] = mock
|
77
|
+
end
|
78
|
+
|
79
|
+
# This is a convenience method to be used by strategy authors
|
80
|
+
# so that they can add special cases to the camelization utility
|
81
|
+
# method that allows OmniAuth::Builder to work.
|
82
|
+
#
|
83
|
+
# @param name [String] The underscored name, e.g. `oauth`
|
84
|
+
# @param camelized [String] The properly camelized name, e.g. 'OAuth'
|
85
|
+
def add_camelization(name, camelized)
|
86
|
+
self.camelizations[name.to_s] = camelized.to_s
|
87
|
+
end
|
88
|
+
|
89
|
+
attr_writer :on_failure
|
90
|
+
attr_accessor :path_prefix, :allowed_request_methods, :form_css, :test_mode, :mock_auth, :full_host, :camelizations
|
91
|
+
end
|
92
|
+
|
93
|
+
def self.config
|
94
|
+
Configuration.instance
|
95
|
+
end
|
96
|
+
|
97
|
+
def self.configure
|
98
|
+
yield config
|
99
|
+
end
|
100
|
+
|
101
|
+
def self.mock_auth_for(provider)
|
102
|
+
config.mock_auth[provider.to_sym] || config.mock_auth[:default]
|
103
|
+
end
|
104
|
+
|
105
|
+
module Utils
|
106
|
+
module_function
|
107
|
+
|
108
|
+
def form_css
|
109
|
+
"<style type='text/css'>#{OmniAuth.config.form_css}</style>"
|
110
|
+
end
|
111
|
+
|
112
|
+
def deep_merge(hash, other_hash)
|
113
|
+
target = hash.dup
|
114
|
+
|
115
|
+
other_hash.keys.each do |key|
|
116
|
+
if other_hash[key].is_a? ::Hash and hash[key].is_a? ::Hash
|
117
|
+
target[key] = deep_merge(target[key],other_hash[key])
|
118
|
+
next
|
119
|
+
end
|
120
|
+
|
121
|
+
target[key] = other_hash[key]
|
122
|
+
end
|
123
|
+
|
124
|
+
target
|
125
|
+
end
|
126
|
+
|
127
|
+
def camelize(word, first_letter_in_uppercase = true)
|
128
|
+
return OmniAuth.config.camelizations[word.to_s] if OmniAuth.config.camelizations[word.to_s]
|
129
|
+
|
130
|
+
if first_letter_in_uppercase
|
131
|
+
word.to_s.gsub(/\/(.?)/) { "::" + $1.upcase }.gsub(/(^|_)(.)/) { $2.upcase }
|
132
|
+
else
|
133
|
+
word.first + camelize(word)[1..-1]
|
134
|
+
end
|
135
|
+
end
|
136
|
+
end
|
137
|
+
end
|