rails_api_auth 0.0.8 → 0.1.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 5d0b7ae4fd9d87b7e8c46bc340021b799a5cb573
-  data.tar.gz: cffacdb178138d081f4200ef380b2151503f5237
+  metadata.gz: 6d3b332bf7ec25029ebba034d2fec9b3aacb1a84
+  data.tar.gz: 725a73434ac1a2cc8064bb64fc152f146c5c469b
 SHA512:
-  metadata.gz: a5604e3aa7352dcd1eaab660762f59e15fdc485acc80b4b59d0bbfbefeddb498c12e3ac58230618d43e34712355b9e92e8aafa4d4a0f24057977a6669e3f29d6
-  data.tar.gz: 6eb2bf72a1d4789a4e4c97265382dcd1a091f76744d7de0f2d79e2bb8fb0ad82031f7bfa47ea65a47b05ea9299a9c8681b5ed17ae4a44f1e0cf20cd3beed9db5
+  metadata.gz: b30ef6301e45b23cbcd03e27625c6a88a23c93660824986d959c886a43c81cbb2b2ab5b0be54b68e4dcc71687793d8731e4fd107d1e16e29c091fe8f41771e08
+  data.tar.gz: be7fbc8b495e9e4ff3ec77eb77491b39333636a45c62ecc91c32306990f2a2ae967896c0770043885df42753efdeeea84946e5ed93b60368c97e89b1b06a8c46

data/LICENSE

@@ -1,6 +1,6 @@
 The MIT License (MIT)
 
-Copyright (c) 2015-2017 simplabs GmbH
+Copyright (c) 2015-2018 simplabs GmbH and contributors
 
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal

data/Rakefile

@@ -4,7 +4,7 @@ rescue LoadError
   puts 'You must `gem install bundler` and `bundle install` to run rake tasks'
 end
 
-APP_RAKEFILE = File.expand_path('../spec/dummy/Rakefile', __FILE__)
+APP_RAKEFILE = File.expand_path('spec/dummy/Rakefile', __dir__)
 load 'rails/tasks/engine.rake'
 
 load 'rails/tasks/statistics.rake'

data/app/controllers/oauth2_controller.rb

@@ -18,6 +18,8 @@ class Oauth2Controller < ApplicationController
       authenticate_with_google(params[:auth_code])
     when 'edx_auth_code'
       authenticate_with_edx(params[:username], params[:auth_code])
+    when 'github_auth_code'
+      authenticate_with_github(params[:auth_state], params[:auth_code])
     else
       oauth2_error('unsupported_grant_type')
     end
@@ -76,8 +78,19 @@ class Oauth2Controller < ApplicationController
       head 502
     end
 
+    def authenticate_with_github(auth_state, auth_code)
+      oauth2_error('no_authorization_code') && return unless auth_code.present?
+      oauth2_error('no_auth_state') && return unless auth_state.present?
+
+      login = GithubAuthenticator.new(auth_state, auth_code).authenticate!
+
+      render json: { access_token: login.oauth2_token }
+    rescue GithubAuthenticator::ApiError
+      head 502
+    end
+
     def oauth2_error(error)
-      render json: { error: error }, status: 400
+      render json: { error: error }, status: :bad_request
     end
 
 end

data/app/lib/login_not_found.rb

@@ -3,7 +3,7 @@
 # @!visibility private
 class LoginNotFound
 
-  def authenticate(_)
+  def authenticate(_password)
     false
   end
 

data/app/services/edx_authenticator.rb

@@ -48,7 +48,7 @@ class EdxAuthenticator < BaseAuthenticator
 
     def get_user(access_token)
       headers = { 'Authorization' => "Bearer #{access_token}" }
-      @edx_user ||= begin
+      @get_user ||= begin
         get_request(user_url, headers).parsed_response.symbolize_keys
       end
     end

data/app/services/facebook_authenticator.rb

@@ -31,7 +31,7 @@ class FacebookAuthenticator < BaseAuthenticator
     end
 
     def get_user(access_token)
-      @facebook_user ||= begin
+      @get_user ||= begin
         parsed_response = get_request(user_url(access_token)).parsed_response
         parsed_response.symbolize_keys
       end

data/app/services/github_authenticator.rb

@@ -0,0 +1,61 @@
+require 'httparty'
+
+# Handles Github authentication
+#
+# @!visibility private
+class GithubAuthenticator < BaseAuthenticator
+
+  PROVIDER = 'github'.freeze
+  TOKEN_URL = 'https://github.com/login/oauth/access_token'.freeze
+  USER_URL = 'https://api.github.com/user?access_token=%{access_token}'.freeze
+
+  def initialize(auth_state, auth_code)
+    @auth_code = auth_code
+    @auth_state = auth_state
+  end
+
+  private
+
+    def connect_login_to_account(login, user)
+      login.update_attributes!(uid: user[:id], provider: PROVIDER)
+    end
+
+    def create_login_from_account(user)
+      login_attributes = {
+        identification: user[:email],
+        uid: user[:id],
+        provider: PROVIDER
+      }
+
+      Login.create!(login_attributes)
+    end
+
+    def access_token
+      response = HTTParty.post(TOKEN_URL, token_options)
+      response.parsed_response['access_token']
+    end
+
+    def get_user(access_token)
+      @get_user ||= begin
+        get_request(user_url(access_token)).parsed_response.symbolize_keys
+      end
+    end
+
+    def user_url(access_token)
+      USER_URL % { access_token: access_token }
+    end
+
+    def token_options
+      @token_options ||= {
+        headers: { 'Accept' => 'application/json' },
+        body: {
+          code: @auth_code,
+          client_id: RailsApiAuth.github_client_id,
+          client_secret: RailsApiAuth.github_client_secret,
+          redirect_uri: RailsApiAuth.github_redirect_uri,
+          state: @auth_state
+        }
+      }
+    end
+
+end

data/app/services/google_authenticator.rb

@@ -31,7 +31,7 @@ class GoogleAuthenticator < BaseAuthenticator
     end
 
     def get_user(access_token)
-      @google_user ||= begin
+      @get_user ||= begin
         get_request(user_url(access_token)).parsed_response.symbolize_keys
       end
     end

data/lib/rails_api_auth.rb

@@ -36,6 +36,18 @@ module RailsApiAuth
   # The Google App's redirect URI.
   mattr_accessor :google_redirect_uri
 
+  # @!attribute [rw] github_client_id
+  # The Github client ID.
+  mattr_accessor :github_client_id
+
+  # @!attribute [rw] github_client_secret
+  # The Github client secret.
+  mattr_accessor :github_client_secret
+
+  # @!attribute [rw] github_redirect_uri
+  # The Github App's redirect URI.
+  mattr_accessor :github_redirect_uri
+
   # @!attribute [rw] edx_client_id
   # The Edx client ID.
   mattr_accessor :edx_client_id

data/lib/rails_api_auth/version.rb

@@ -1,5 +1,5 @@
 module RailsApiAuth
 
-  VERSION = '0.0.8'.freeze
+  VERSION = '0.1.0'.freeze
 
 end

data/spec/dummy/Rakefile

@@ -1,6 +1,6 @@
 # Add your own tasks in files placed in lib/tasks ending in .rake,
 # for example lib/tasks/capistrano.rake, and they will automatically be available to Rake.
 
-require File.expand_path('../config/application', __FILE__)
+require File.expand_path('config/application', __dir__)
 
 Rails.application.load_tasks

data/spec/dummy/app/controllers/access_once_controller.rb

@@ -10,9 +10,9 @@ class AccessOnceController < ApplicationController
 
   def index
     if Rails::VERSION::MAJOR < 4
-      render text: 'zuper content', status: 200
+      render text: 'zuper content', status: :ok
     else
-      render plain: 'zuper content', status: 200
+      render plain: 'zuper content', status: :ok
     end
   end
 

data/spec/dummy/app/controllers/authenticated_controller.rb

@@ -10,9 +10,9 @@ class AuthenticatedController < ApplicationController
 
   def index
     if Rails::VERSION::MAJOR < 4
-      render text: 'zuper content', status: 200
+      render text: 'zuper content', status: :ok
     else
-      render plain: 'zuper content', status: 200
+      render plain: 'zuper content', status: :ok
     end
   end
 

data/spec/dummy/app/controllers/custom_authenticated_controller.rb

@@ -10,9 +10,9 @@ class CustomAuthenticatedController < ApplicationController
 
   def index
     if Rails::VERSION::MAJOR < 4
-      render text: 'zuper content', status: 200
+      render text: 'zuper content', status: :ok
     else
-      render plain: 'zuper content', status: 200
+      render plain: 'zuper content', status: :ok
     end
   end
 

data/spec/dummy/config/application.rb

@@ -1,4 +1,4 @@
-require File.expand_path('../boot', __FILE__)
+require File.expand_path('boot', __dir__)
 
 require 'active_record/railtie'
 require 'action_controller/railtie'

data/spec/dummy/config/boot.rb

@@ -1,5 +1,5 @@
 # Set up gems listed in the Gemfile.
-ENV['BUNDLE_GEMFILE'] ||= File.expand_path('../../../../Gemfile', __FILE__)
+ENV['BUNDLE_GEMFILE'] ||= File.expand_path('../../../Gemfile', __dir__)
 
 require 'bundler/setup' if File.exist?(ENV['BUNDLE_GEMFILE'])
-$LOAD_PATH.unshift File.expand_path('../../../../lib', __FILE__)
+$LOAD_PATH.unshift File.expand_path('../../../lib', __dir__)

data/spec/dummy/config/environment.rb

@@ -1,5 +1,5 @@
 # Load the Rails application.
-require File.expand_path('../application', __FILE__)
+require File.expand_path('application', __dir__)
 
 # Initialize the Rails application.
 Rails.application.initialize!

data/spec/dummy/config/initializers/rails_api_auth.rb

@@ -9,6 +9,10 @@ RailsApiAuth.tap do |raa|
   raa.google_client_secret = 'google_client_secret'
   raa.google_redirect_uri = 'google_redirect_uri'
 
+  raa.github_client_id = 'github_client_id'
+  raa.github_client_secret = 'github_client_secret'
+  raa.github_redirect_uri = 'github_redirect_uri'
+
   raa.edx_client_id     = 'edx_client_id'
   raa.edx_client_secret = 'edx_client_secret'
   raa.edx_domain        = 'edxdomain.org'

data/spec/services/github_authenticator_spec.rb

@@ -0,0 +1,12 @@
+describe GithubAuthenticator do
+  let(:uid_mapped_field) { 'id' }
+
+  let(:authenticated_user_data) do
+    {
+      email: 'user@gmail.com',
+      id: '789789789789'
+    }
+  end
+  include_context 'stubbed github requests'
+  it_behaves_like 'a authenticator'
+end

data/spec/spec_helper.rb

@@ -8,7 +8,7 @@ SimpleCov.start do
   end
 end
 
-require File.expand_path('../dummy/config/environment.rb', __FILE__)
+require File.expand_path('dummy/config/environment.rb', __dir__)
 require 'rspec/rails'
 require 'factory_girl_rails'
 require 'faker'

data/spec/support/shared_contexts/stubbed_github_requests.rb

@@ -0,0 +1,13 @@
+shared_context 'stubbed github requests' do
+  let(:auth_code) { 'authcode' }
+  let(:auth_state) { 'abc123' }
+  let(:access_token) { 'UsQfLVVKUJmSjD6gtRk9UsrZqfpL9ajB' }
+  let(:response_with_gh_token) { { body: JSON.generate({ access_token: access_token, token_type: 'bearer', scope: 'user' }), headers: { 'Content-Type' => 'application/json' } } }
+  let(:response_with_gh_user)  { { body: JSON.generate(authenticated_user_data), headers: { 'Content-Type' => 'application/json' } } }
+  let(:token_parameters) { { code: auth_code, client_id: 'app_id', client_secret: 'app_secret', redirect_uri: 'redirect_uri', state: auth_state } }
+
+  before do
+    stub_request(:post, GithubAuthenticator::TOKEN_URL % token_parameters).to_return(response_with_gh_token)
+    stub_request(:get, GithubAuthenticator::USER_URL % { access_token: access_token }).to_return(response_with_gh_user)
+  end
+end

data/spec/support/shared_examples/authenticator_shared_requests.rb

@@ -4,6 +4,8 @@ shared_examples 'a authenticator' do
 
     if described_class::PROVIDER.eql? 'edx'
       subject { described_class.new(username, auth_code).authenticate! }
+    elsif described_class::PROVIDER.eql? 'github'
+      subject { described_class.new(auth_state, auth_code).authenticate! }
     else
       subject { described_class.new(auth_code).authenticate! }
     end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: rails_api_auth
 version: !ruby/object:Gem::Version
-  version: 0.0.8
+  version: 0.1.0
 platform: ruby
 authors:
 - Marco Otte-Witte
@@ -9,7 +9,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2018-02-13 00:00:00.000000000 Z
+date: 2018-04-13 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bcrypt
@@ -77,6 +77,7 @@ files:
 - app/services/base_authenticator.rb
 - app/services/edx_authenticator.rb
 - app/services/facebook_authenticator.rb
+- app/services/github_authenticator.rb
 - app/services/google_authenticator.rb
 - config/routes.rb
 - db/migrate/20150709221755_create_logins.rb
@@ -136,12 +137,14 @@ files:
 - spec/requests/oauth2_spec.rb
 - spec/services/edx_authenticator_spec.rb
 - spec/services/facebook_authenticator_spec.rb
+- spec/services/github_authenticator_spec.rb
 - spec/services/google_authenticator_spec.rb
 - spec/spec_helper.rb
 - spec/support/factory_girl.rb
 - spec/support/shared_contexts/force_ssl.rb
 - spec/support/shared_contexts/stubbed_edx_requests.rb
 - spec/support/shared_contexts/stubbed_facebook_requests.rb
+- spec/support/shared_contexts/stubbed_github_requests.rb
 - spec/support/shared_contexts/stubbed_google_requests.rb
 - spec/support/shared_examples/authenticator_shared_requests.rb
 - spec/support/shared_examples/oauth2_edx_shared_requests.rb
@@ -166,7 +169,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.5.2
+rubygems_version: 2.4.5.1
 signing_key: 
 specification_version: 4
 summary: Engine that implements OAuth 2.0 and Facebook authentication for API projects
@@ -218,6 +221,7 @@ test_files:
 - spec/requests/authenticated_spec.rb
 - spec/requests/access_once_spec.rb
 - spec/requests/custom_authenticated_spec.rb
+- spec/support/shared_contexts/stubbed_github_requests.rb
 - spec/support/shared_contexts/force_ssl.rb
 - spec/support/shared_contexts/stubbed_facebook_requests.rb
 - spec/support/shared_contexts/stubbed_edx_requests.rb
@@ -228,6 +232,7 @@ test_files:
 - spec/support/factory_girl.rb
 - spec/factories/logins.rb
 - spec/factories/accounts.rb
+- spec/services/github_authenticator_spec.rb
 - spec/services/google_authenticator_spec.rb
 - spec/services/edx_authenticator_spec.rb
 - spec/services/facebook_authenticator_spec.rb