shixian-omniauth-wechat-oauth2 0.1.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: 03a9288ec04e9a150a4bbc48d7396c02ba1a9ec6731f02a1ec070b4fc5170da9
+  data.tar.gz: 35e02686ca02b72e9b817c8789a36b92cd4fa219a3918ee7b6a1c73ada28cbf7
+SHA512:
+  metadata.gz: f7bde7e94dcfa347d368651577ba23fa08bac07a2ec4d5d946d41471c34b878159680f533d2de6cfd6ec10bad490d47ab6cb44a644495f9cf702302d09673b4e
+  data.tar.gz: 3336a1ae018deaa95e73966598766ce95b324e0eea4170e2f3fcc5eb8737f3bf973593e26fbcfb8f3a55dd85eda7a0a7567996c3f87a4850eb60f8da1951ec9d

data/README.md

@@ -0,0 +1,86 @@
+Omniauth-wechat-oauth2
+======================
+
+[![Build Status](https://travis-ci.org/skinnyworm/omniauth-wechat-oauth2.svg)](https://travis-ci.org/skinnyworm/omniauth-wechat-oauth2) [![Gem Version](https://badge.fury.io/rb/omniauth-wechat-oauth2.png)](http://badge.fury.io/rb/omniauth-wechat-oauth2)
+
+Wechat OAuth2 Strategy for OmniAuth 1.0. 
+
+You need to get a wechat API key at: http://mp.weixin.qq.com
+
+Wechat oauth2 specification can be found at: http://mp.weixin.qq.com/wiki/index.php?title=网页授权获取用户基本信息
+
+## Installation
+
+Add to your `Gemfile`:
+
+```ruby
+gem "omniauth-wechat-oauth2"
+```
+
+Then `bundle install`.
+
+
+## Usage
+
+Here's an example for adding the middleware to a Rails app in `config/initializers/omniauth.rb`:
+
+```ruby
+Rails.application.config.middleware.use OmniAuth::Builder do
+  provider :wechat, ENV["WECHAT_APP_ID"], ENV["WECHAT_APP_SECRET"]
+end
+```
+
+You can now access the OmniAuth Wechat OAuth2 URL: `/auth/wechat`
+
+## Configuration
+
+You can configure several options, which you pass in to the `provider` method via a hash:
+
+* `scope`: Default is "snsapi_userinfo". It can either be *snsapi_base* or *snsapi_userinfo*. When scope is "snsapi_userinfo", after wechat user is authenticated, app can query userinfo using the acquired access_token.
+
+For devise user, you can set up scope in your devise.rb as following.
+
+```ruby
+config.omniauth :wechat, ENV["WECHAT_APP_ID"], ENV["WECHAT_APP_SECRET"],
+    :authorize_params => {:scope => "snsapi_base"}
+```
+
+## Auth Hash
+
+Here's an example of an authentication hash available in the callback by accessing `request.env["omniauth.auth"]`:
+
+```ruby
+{
+    :provider => "wechat",
+    :uid => "123456789",
+    :info => {
+      nickname:   "Nickname",
+      sex:        1,
+      province:   "Changning",
+      city:       "Shanghai",
+      country:    "China",
+      headimgurl: "http://image_url"
+    },
+    :credentials => {
+        :token => "token",
+        :refresh_token => "another_token",
+        :expires_at => 7200,
+        :expires => true
+    },
+    :extra => {
+        :raw_info => {
+          openid:     "openid"
+          nickname:   "Nickname",
+          sex:        1,
+          province:   "Changning",
+          city:       "Shanghai",
+          country:    "China",
+          headimgurl: "http://image_url"
+        }
+    }
+}
+```
+
+
+
+

data/lib/omniauth/strategies/wechat.rb

@@ -0,0 +1,70 @@
+require "omniauth-oauth2"
+
+module OmniAuth
+  module Strategies
+    class Wechat < OmniAuth::Strategies::OAuth2
+      option :name, "wechat"
+
+      option :client_options, {
+        site:          "https://api.weixin.qq.com",
+        authorize_url: "https://open.weixin.qq.com/connect/oauth2/authorize#wechat_redirect",
+        token_url:     "/sns/oauth2/access_token",
+        token_method:  :get
+      }
+
+      option :authorize_params, {scope: "snsapi_userinfo"}
+
+      option :token_params, {parse: :json}
+
+      uid do
+        raw_info['unionid']
+      end
+
+      info do
+        {
+          nickname:   raw_info['nickname'],
+          sex:        raw_info['sex'],
+          province:   raw_info['province'],
+          city:       raw_info['city'],
+          country:    raw_info['country'],
+          headimgurl: raw_info['headimgurl']
+        }
+      end
+
+      extra do
+        {raw_info: raw_info}
+      end
+
+      def request_phase
+        params = client.auth_code.authorize_params.merge(redirect_uri: callback_url).merge(authorize_params)
+        params["appid"] = params.delete("client_id")
+        redirect client.authorize_url(params)
+      end
+
+      def raw_info
+        @uid ||= access_token["openid"]
+        @raw_info ||= begin
+          access_token.options[:mode] = :query
+          if access_token["scope"] == "snsapi_userinfo"
+            response = access_token.get("/sns/userinfo", :params => {"openid" => @uid}, parse: :text)
+            @raw_info = JSON.parse(response.body.gsub(/[\u0000-\u001f]+/, ''))
+          else
+            @raw_info = {"openid" => @uid }
+          end
+        end
+      end
+
+      protected
+      def build_access_token
+        params = {
+          'appid' => client.id, 
+          'secret' => client.secret,
+          'code' => request.params['code'],
+          'grant_type' => 'authorization_code' 
+          }.merge(token_params.to_hash(symbolize_keys: true))
+        client.get_token(params, deep_symbolize(options.auth_token_params))
+      end
+
+    end
+  end
+end

data/lib/omniauth/strategies/wechat_qiye.rb

@@ -0,0 +1,80 @@
+require "omniauth-oauth2"
+
+module OmniAuth
+  module Strategies
+    class WechatQiye < OmniAuth::Strategies::OAuth2
+      option :name, "wechat_qiye"
+
+      option :client_options, {
+                                :site => "https://qyapi.weixin.qq.com",
+                                authorize_url: "https://open.weixin.qq.com/connect/oauth2/authorize#wechat_redirect",
+                                token_url:     "/cgi-bin/gettoken",
+                                token_method:  :get,
+                                connection_opts: {
+                                    ssl: { verify: false }
+                                }
+                              }
+
+      option :authorize_params, {scope: "snsapi_userinfo"}
+      option :token_params, {parse: :json}
+
+      uid do
+        raw_info['userid']
+      end
+
+      info do
+        {
+            userid:     raw_info['userid'],
+            name:       raw_info['name'],
+            department: raw_info['department'],
+            gender:     raw_info['gender'],
+            weixinid:   raw_info['weixinid'],
+            avatar:     raw_info['avatar'],
+            status:     raw_info['status'],
+            extattr:    raw_info['extattr']
+        }
+      end
+
+      extra do
+        { raw_info: raw_info }
+      end
+
+      def request_phase
+        params = client.auth_code.authorize_params.merge(redirect_uri: callback_url).merge(authorize_params)
+        params["appid"] = params.delete("client_id")
+        redirect client.authorize_url(params)
+      end
+
+      def raw_info
+        # step 2: get userid via code and access_token
+        @code ||= access_token[:code]
+
+        # step 3: get user info via userid
+        @uid ||= begin
+          access_token.options[:mode] = :query
+          response = access_token.get('/cgi-bin/user/getuserinfo', :params => {'code' => @code}, parse: :json)
+          response.parsed['UserId']
+        end
+
+        @raw_info ||= begin
+          access_token.options[:mode] = :query
+          response = access_token.get("/cgi-bin/user/get", :params => {"userid" => @uid}, parse: :json)
+          response.parsed
+        end
+      end
+
+      protected
+      def build_access_token
+        # step 0: wechat respond code
+        code = request.params['code']
+
+        # step 1: get access token
+        params = {
+            'corpid' => client.id,
+            'corpsecret' => client.secret,
+        }.merge(token_params.to_hash(symbolize_keys: true))
+        client.get_token(params, deep_symbolize(options.auth_token_params.merge({code: code})))
+      end
+    end
+  end
+end

data/lib/omniauth-wechat-oauth2.rb

@@ -0,0 +1,2 @@
+require "omniauth/strategies/wechat"
+require "omniauth/strategies/wechat_qiye"

metadata

@@ -0,0 +1,89 @@
+--- !ruby/object:Gem::Specification
+name: shixian-omniauth-wechat-oauth2
+version: !ruby/object:Gem::Version
+  version: 0.1.0
+platform: ruby
+authors:
+- Skinnyworm
+autorequire:
+bindir: bin
+cert_chain: []
+date: 2025-07-05 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: omniauth
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.0'
+- !ruby/object:Gem::Dependency
+  name: omniauth-oauth2
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.0'
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.7'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.7'
+description: Using OAuth2 to authenticate wechat user when web resources being viewed
+  within wechat(weixin) client.
+email: askinnyworm@gmail.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- README.md
+- lib/omniauth-wechat-oauth2.rb
+- lib/omniauth/strategies/wechat.rb
+- lib/omniauth/strategies/wechat_qiye.rb
+homepage: https://github.com/shixiancom/omniauth-wechat-oauth2
+licenses: []
+metadata: {}
+post_install_message:
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: 1.9.3
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: 1.8.23
+requirements:
+- none
+rubygems_version: 3.5.18
+signing_key:
+specification_version: 4
+summary: Omniauth strategy for wechat(weixin)
+test_files: []