simple_google_auth 0.2.0 → 0.2.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +5 -3
- data/lib/simple_google_auth.rb +2 -0
- data/lib/simple_google_auth/config.rb +3 -1
- data/lib/simple_google_auth/http_client.rb +12 -2
- data/lib/simple_google_auth/oauth.rb +5 -1
- data/lib/simple_google_auth/version.rb +1 -1
- data/spec/simple_google_auth/http_client_spec.rb +3 -1
- data/spec/simple_google_auth/oauth_spec.rb +5 -3
- data/spec/simple_google_auth/receiver_spec.rb +5 -5
- metadata +4 -4
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 063892b7a2bdb416f268b27488fa1e8e2840158e
|
4
|
+
data.tar.gz: b3d5ba6529437ef499cb7bd3c62d3649eae38480
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 7717ae68ba9fa21754210ec1476e18be3224da1491ce62282b1c2853a8001897e94a63a8f0eb44e89f57138f6ade1d30f01e08c6c2f18f6f3a3b6093889e21fb
|
7
|
+
data.tar.gz: a83f0ecdbf1bdb8b9b5560c2540458f6ac5922bc0ffe3ca5520429ba774f15afde1c077a713da43f5e2ff796f0b80b7e98c294c4f9ab52b3af6a82ea932191a4
|
data/README.md
CHANGED
@@ -7,7 +7,7 @@ You can allow any user with a Google account, or limit access to certain users b
|
|
7
7
|
Google e-mail address.
|
8
8
|
|
9
9
|
Being simple, it's limited in what it can do. But if your goal is to put your site
|
10
|
-
behind a Google login instead of a crusty basic auth box, it'll do the trick.
|
10
|
+
behind a Google login instead of a crusty basic auth box, it'll do the trick.
|
11
11
|
If you're after more power, there are quite a few gems that'll do what you're looking for,
|
12
12
|
such as OmniAuth's Google strategy.
|
13
13
|
|
@@ -100,7 +100,7 @@ send you the refresh token every time your users authenticate.
|
|
100
100
|
config.request_parameters.merge!(approval_prompt: "force")
|
101
101
|
end
|
102
102
|
|
103
|
-
For more details on offline mode and approval_prompt refer to the
|
103
|
+
For more details on offline mode and approval_prompt refer to the
|
104
104
|
[Google OAuth documentation](https://developers.google.com/accounts/docs/OAuth2WebServer).
|
105
105
|
|
106
106
|
## Configuring
|
@@ -120,12 +120,14 @@ google_token_url | `"https://accounts.google.com/o/oauth2/token"` | Google's tok
|
|
120
120
|
state_session_key_name | `"simple-google-auth.state"` | The name of the session variable used to store a random string used to prevent CSRF attacks during authentication.
|
121
121
|
data_session_key_name | `"simple-google-auth.data"` | The name of the session variable used to store identification data from Google.
|
122
122
|
request_parameters | `{scope: "openid email"}` | Parameters to use when requesting a login from Google
|
123
|
+
open_timeout | `15` | The maximum time, in seconds, to wait connecting to Google before giving up
|
124
|
+
read_timeout | `15` | The maximum time, in seconds, to wait for a response from Google before giving up
|
123
125
|
|
124
126
|
Items marked with * may be a lambda, which will be called when that config item is required.
|
125
127
|
|
126
128
|
## Licence
|
127
129
|
|
128
|
-
MIT. Copyright 2014-
|
130
|
+
MIT. Copyright 2014-2016 Roger Nesbitt, Powershop New Zealand Limited.
|
129
131
|
|
130
132
|
## Authors and contributors
|
131
133
|
|
data/lib/simple_google_auth.rb
CHANGED
@@ -34,4 +34,6 @@ SimpleGoogleAuth.configure do |config|
|
|
34
34
|
config.failed_login_path = "/"
|
35
35
|
config.request_parameters = {scope: "openid email"}
|
36
36
|
config.authenticate = lambda {|data| raise "You must define an authenticate lambda that determines whether a user should be allowed access or not"}
|
37
|
+
config.open_timeout = SimpleGoogleAuth::HttpClient::DEFAULT_OPEN_TIMEOUT
|
38
|
+
config.read_timeout = SimpleGoogleAuth::HttpClient::DEFAULT_READ_TIMEOUT
|
37
39
|
end
|
@@ -1,8 +1,13 @@
|
|
1
1
|
module SimpleGoogleAuth
|
2
2
|
class HttpClient
|
3
|
-
|
3
|
+
DEFAULT_OPEN_TIMEOUT = 15
|
4
|
+
DEFAULT_READ_TIMEOUT = 15
|
5
|
+
|
6
|
+
def initialize(url, open_timeout: DEFAULT_OPEN_TIMEOUT, read_timeout: DEFAULT_READ_TIMEOUT)
|
4
7
|
@uri = URI(url)
|
5
8
|
@http = Net::HTTP.new(@uri.host, @uri.port)
|
9
|
+
@http.open_timeout = open_timeout
|
10
|
+
@http.read_timeout = read_timeout
|
6
11
|
|
7
12
|
if @uri.scheme == "https"
|
8
13
|
@http.use_ssl = true
|
@@ -13,7 +18,12 @@ module SimpleGoogleAuth
|
|
13
18
|
def request(params)
|
14
19
|
request = Net::HTTP::Post.new(@uri.request_uri)
|
15
20
|
request.set_form_data(params)
|
16
|
-
|
21
|
+
|
22
|
+
response = begin
|
23
|
+
@http.request(request)
|
24
|
+
rescue Net::OpenTimeout, Net::ReadTimeout => e
|
25
|
+
raise ProviderError, "A #{e.class.name} occurred while communicating with the server"
|
26
|
+
end
|
17
27
|
|
18
28
|
if response.content_type != 'application/json'
|
19
29
|
raise NonJsonResponseError, "The server responded with non-JSON content"
|
@@ -2,7 +2,11 @@ module SimpleGoogleAuth
|
|
2
2
|
class OAuth
|
3
3
|
def initialize(config)
|
4
4
|
@config = config
|
5
|
-
@client = HttpClient.new(
|
5
|
+
@client = HttpClient.new(
|
6
|
+
@config.google_token_url,
|
7
|
+
open_timeout: config.open_timeout,
|
8
|
+
read_timeout: config.read_timeout
|
9
|
+
)
|
6
10
|
end
|
7
11
|
|
8
12
|
def exchange_code_for_auth_token!(code)
|
@@ -7,6 +7,8 @@ describe SimpleGoogleAuth::HttpClient do
|
|
7
7
|
|
8
8
|
before do
|
9
9
|
expect(Net::HTTP).to receive(:new).with("some.host", 443).and_return(http)
|
10
|
+
expect(http).to receive(:open_timeout=).with(12)
|
11
|
+
expect(http).to receive(:read_timeout=).with(13)
|
10
12
|
expect(http).to receive(:use_ssl=).with(true)
|
11
13
|
expect(http).to receive(:verify_mode=).with(OpenSSL::SSL::VERIFY_PEER)
|
12
14
|
expect(http).to receive(:request).with(request).and_return(response)
|
@@ -15,7 +17,7 @@ describe SimpleGoogleAuth::HttpClient do
|
|
15
17
|
expect(request).to receive(:set_form_data).with('some' => 'data')
|
16
18
|
end
|
17
19
|
|
18
|
-
subject { SimpleGoogleAuth::HttpClient.new("https://some.host/somepath") }
|
20
|
+
subject { SimpleGoogleAuth::HttpClient.new("https://some.host/somepath", open_timeout: 12, read_timeout: 13) }
|
19
21
|
|
20
22
|
context "when the call is successful" do
|
21
23
|
let(:response) do
|
@@ -7,19 +7,21 @@ describe SimpleGoogleAuth::OAuth do
|
|
7
7
|
google_token_url: "/token/url",
|
8
8
|
client_id: '12345',
|
9
9
|
client_secret: 'abcde',
|
10
|
-
redirect_uri: '/ok'
|
10
|
+
redirect_uri: '/ok',
|
11
|
+
open_timeout: 12,
|
12
|
+
read_timeout: 13
|
11
13
|
)
|
12
14
|
end
|
13
15
|
|
14
16
|
let(:client) { instance_double(SimpleGoogleAuth::HttpClient) }
|
15
17
|
let(:response) { {"id_token" => "sometoken", "expires_in" => 1200, "other" => "data"} }
|
16
18
|
let(:expires_at) { Time.now + 1200 - 5 }
|
17
|
-
|
19
|
+
|
18
20
|
before do
|
19
21
|
now = Time.now
|
20
22
|
allow(Time).to receive(:now).and_return(now)
|
21
23
|
|
22
|
-
expect(SimpleGoogleAuth::HttpClient).to receive(:new).with(config.google_token_url).and_return(client)
|
24
|
+
expect(SimpleGoogleAuth::HttpClient).to receive(:new).with(config.google_token_url, open_timeout: 12, read_timeout: 13).and_return(client)
|
23
25
|
end
|
24
26
|
|
25
27
|
subject { SimpleGoogleAuth::OAuth.new(config) }
|
@@ -38,7 +38,7 @@ describe SimpleGoogleAuth::Receiver do
|
|
38
38
|
end
|
39
39
|
|
40
40
|
it "redirects to the URL specified in the session" do
|
41
|
-
expect(subject).to eq [302, {"Location" => "/place"}, [" "]]
|
41
|
+
expect(subject).to eq [302, {"Location" => "/place"}, [" "]]
|
42
42
|
end
|
43
43
|
end
|
44
44
|
|
@@ -46,7 +46,7 @@ describe SimpleGoogleAuth::Receiver do
|
|
46
46
|
let(:authentication_result) { false }
|
47
47
|
|
48
48
|
it "redirects to the failed login path with a message" do
|
49
|
-
expect(subject).to eq [302, {"Location" => "/error?message=Authentication+failed"}, [" "]]
|
49
|
+
expect(subject).to eq [302, {"Location" => "/error?message=Authentication+failed"}, [" "]]
|
50
50
|
end
|
51
51
|
end
|
52
52
|
end
|
@@ -55,7 +55,7 @@ describe SimpleGoogleAuth::Receiver do
|
|
55
55
|
let(:params) { {"state" => "doesnotmatch", "code" => code} }
|
56
56
|
|
57
57
|
it "redirects to the failed login path with a message" do
|
58
|
-
expect(subject).to eq [302, {"Location" => "/error?message=Invalid+state+returned+from+Google"}, [" "]]
|
58
|
+
expect(subject).to eq [302, {"Location" => "/error?message=Invalid+state+returned+from+Google"}, [" "]]
|
59
59
|
end
|
60
60
|
end
|
61
61
|
|
@@ -63,7 +63,7 @@ describe SimpleGoogleAuth::Receiver do
|
|
63
63
|
let(:params) { {"state" => state, "error" => "bad stuff"} }
|
64
64
|
|
65
65
|
it "redirects to the failed login path with a message" do
|
66
|
-
expect(subject).to eq [302, {"Location" => "/error?message=Authentication+failed%3A+bad+stuff"}, [" "]]
|
66
|
+
expect(subject).to eq [302, {"Location" => "/error?message=Authentication+failed%3A+bad+stuff"}, [" "]]
|
67
67
|
end
|
68
68
|
end
|
69
69
|
|
@@ -71,7 +71,7 @@ describe SimpleGoogleAuth::Receiver do
|
|
71
71
|
let(:params) { {"state" => state} }
|
72
72
|
|
73
73
|
it "redirects to the failed login path with a message" do
|
74
|
-
expect(subject).to eq [302, {"Location" => "/error?message=No+authentication+code+returned"}, [" "]]
|
74
|
+
expect(subject).to eq [302, {"Location" => "/error?message=No+authentication+code+returned"}, [" "]]
|
75
75
|
end
|
76
76
|
end
|
77
77
|
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: simple_google_auth
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.2.
|
4
|
+
version: 0.2.1
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Roger Nesbitt
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2016-09-12 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: rails
|
@@ -81,7 +81,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
81
81
|
requirements:
|
82
82
|
- - ">="
|
83
83
|
- !ruby/object:Gem::Version
|
84
|
-
version:
|
84
|
+
version: 2.0.0
|
85
85
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
86
86
|
requirements:
|
87
87
|
- - ">="
|
@@ -89,7 +89,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
89
89
|
version: '0'
|
90
90
|
requirements: []
|
91
91
|
rubyforge_project:
|
92
|
-
rubygems_version: 2.
|
92
|
+
rubygems_version: 2.5.1
|
93
93
|
signing_key:
|
94
94
|
specification_version: 4
|
95
95
|
summary: Super simple Google authentication for your Rails site
|