simple_google_auth 0.2.1 → 0.3.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
-SHA1:
-  metadata.gz: 063892b7a2bdb416f268b27488fa1e8e2840158e
-  data.tar.gz: b3d5ba6529437ef499cb7bd3c62d3649eae38480
+SHA256:
+  metadata.gz: 8dd8d1cf6e697eb5d635b3118923e4f916ca5de03847c78143fb7ce8ece9c8c5
+  data.tar.gz: 61cf025ca623785b3c150f79c5035eabd5b4606e5e95f47a48affd0bc090d790
 SHA512:
-  metadata.gz: 7717ae68ba9fa21754210ec1476e18be3224da1491ce62282b1c2853a8001897e94a63a8f0eb44e89f57138f6ade1d30f01e08c6c2f18f6f3a3b6093889e21fb
-  data.tar.gz: a83f0ecdbf1bdb8b9b5560c2540458f6ac5922bc0ffe3ca5520429ba774f15afde1c077a713da43f5e2ff796f0b80b7e98c294c4f9ab52b3af6a82ea932191a4
+  metadata.gz: 1c4a1060d4eda6cc1bdf1acc2609e40766019254c8165d756495bb145b253f3bec4ab769a69656ac6f0af46ec93330491527da2a2611ad86bead167fa381243b
+  data.tar.gz: 870f90edbed191d998ffb364cf474a40776c436ea4ec8c25b33c5f27881edfa3c60f6f86d2e07981c362112658b9d1548155898daa1ab3eda495dcb82e0513d5

data/MIT-LICENSE

@@ -1,4 +1,5 @@
-Copyright 2014 Roger Nesbitt
+Copyright 2014-2016 Roger Nesbitt
+Copyright 2020 Flux Federation Ltd
 
 Permission is hereby granted, free of charge, to any person obtaining
 a copy of this software and associated documentation files (the

data/README.md

@@ -122,14 +122,20 @@ data_session_key_name | `"simple-google-auth.data"` | The name of the session va
 request_parameters | `{scope: "openid email"}` | Parameters to use when requesting a login from Google
 open_timeout | `15` | The maximum time, in seconds, to wait connecting to Google before giving up
 read_timeout | `15` | The maximum time, in seconds, to wait for a response from Google before giving up
+authentication_uri_state_builder | ->(request) { SecureRandom.hex + request.path } | The lambda used to create the state param for the oauth uri.
+authentication_uri_state_path_extractor | ->(state) { state[32..-1] } | The lambda used to extract the request path from the state param.
 
 Items marked with * may be a lambda, which will be called when that config item is required.
 
+Note that when customising the oauth uri state param, you will need to configure both authentication_uri_state_builder and authentication_uri_state_path_extractor. The builder must include the request path when creating the state param, otherwise simple_google_auth will always redirect back to '/'. This feature can be used to encode other information into the state parameter.
+
 ## Licence
 
 MIT.  Copyright 2014-2016 Roger Nesbitt, Powershop New Zealand Limited.
+MIT.  Copyright 2020 Flux Federation Ltd
 
 ## Authors and contributors
 
  - Roger Nesbitt
  - Andy Newport
+ - Flux Federation

data/Rakefile

@@ -14,7 +14,14 @@ RDoc::Task.new(:rdoc) do |rdoc|
   rdoc.rdoc_files.include('lib/**/*.rb')
 end
 
+Bundler::GemHelper.install_tasks
 
+begin
+  require 'rspec/core/rake_task'
 
+  RSpec::Core::RakeTask.new(:spec)
 
-Bundler::GemHelper.install_tasks
+  task :default => :spec
+rescue LoadError
+  # no rspec available
+ end

data/lib/simple_google_auth.rb

@@ -36,4 +36,6 @@ SimpleGoogleAuth.configure do |config|
   config.authenticate = lambda {|data| raise "You must define an authenticate lambda that determines whether a user should be allowed access or not"}
   config.open_timeout = SimpleGoogleAuth::HttpClient::DEFAULT_OPEN_TIMEOUT
   config.read_timeout = SimpleGoogleAuth::HttpClient::DEFAULT_READ_TIMEOUT
+  config.authentication_uri_state_builder = ->(request) { SecureRandom.hex + request.path }
+  config.authentication_uri_state_path_extractor = ->(state) { state[32..-1] }
 end

data/lib/simple_google_auth/config.rb

@@ -14,6 +14,8 @@ module SimpleGoogleAuth
     :refresh_stale_tokens,
     :open_timeout,
     :read_timeout,
+    :authentication_uri_state_builder,
+    :authentication_uri_state_path_extractor,
   ]
 
   class Config < Struct.new(*config_fields)
@@ -30,9 +32,19 @@ module SimpleGoogleAuth
     end
 
     def authenticate=(value)
-      if !value.respond_to?(:call)
-        raise Error, "Your SimpleGoogleAuth authenticator must be an object that responds to :call, normally a lambda.  See documentation for configuration details."
-      end
+      raise Error, "Your SimpleGoogleAuth authenticator must be an object that responds to :call, normally a lambda.  See documentation for configuration details." unless value.respond_to?(:call)
+
+      super
+    end
+
+    def authentication_uri_state_builder=(value)
+      raise Error, "Your SimpleGoogleAuth authentication_uri_state_builder must be an object that responds to :call, normally a lambda.  See documentation for configuration details." unless value.respond_to?(:call)
+
+      super
+    end
+
+    def authentication_uri_state_path_extractor=(value)
+      raise Error, "Your SimpleGoogleAuth authentication_uri_state_path_extractor must be an object that responds to :call, normally a lambda.  See documentation for configuration details." unless value.respond_to?(:call)
 
       super
     end

data/lib/simple_google_auth/controller.rb

@@ -7,7 +7,7 @@ module SimpleGoogleAuth
     end
 
     def google_authentication_uri
-      state = session[SimpleGoogleAuth.config.state_session_key_name] = SecureRandom.hex + request.path
+      state = session[SimpleGoogleAuth.config.state_session_key_name] = SimpleGoogleAuth.config.authentication_uri_state_builder.call(request)
       SimpleGoogleAuth::AuthorizationUriBuilder.new(state).uri
     end
 

data/lib/simple_google_auth/engine.rb

@@ -1,8 +1,10 @@
 module SimpleGoogleAuth
   class Engine < ::Rails::Engine
     initializer "simple_google_auth.load_helpers" do
-      ActionController::Base.send :include, SimpleGoogleAuth::Controller
-      ActionController::Base.send :helper_method, :google_auth_data
+      ActiveSupport.on_load(:action_controller) do
+        ActionController::Base.include(SimpleGoogleAuth::Controller)
+        ActionController::Base.helper_method(:google_auth_data)
+      end
     end
   end
 end

data/lib/simple_google_auth/receiver.rb

@@ -13,7 +13,7 @@ module SimpleGoogleAuth
 
       request.session[config.data_session_key_name] = auth_data
 
-      path = request.session[config.state_session_key_name][32..-1]
+      path = config.authentication_uri_state_path_extractor.call(request.session[config.state_session_key_name])
       path = "/" if path.blank?
       [302, {"Location" => path}, [" "]]
 

data/lib/simple_google_auth/version.rb

@@ -1,3 +1,3 @@
 module SimpleGoogleAuth
-  VERSION = "0.2.1"
+  VERSION = "0.3.0"
 end

data/spec/simple_google_auth/config_spec.rb

@@ -36,4 +36,20 @@ describe SimpleGoogleAuth::Config do
       subject.ca_path = "/etc/certs"
     end
   end
+
+  describe "#authentication_uri_state_builder=" do
+    it "raises if the value isn't callable" do
+      expect {
+        subject.authentication_uri_state_builder = "not a lambda"
+      }.to raise_error(SimpleGoogleAuth::Error, /responds to :call/)
+    end
+  end
+
+  describe "#authentication_uri_state_path_extractor=" do
+    it "raises if the value isn't callable" do
+      expect {
+        subject.authentication_uri_state_path_extractor = "not a lambda"
+      }.to raise_error(SimpleGoogleAuth::Error, /responds to :call/)
+    end
+  end
 end

data/spec/simple_google_auth/controller_spec.rb

@@ -24,8 +24,9 @@ describe SimpleGoogleAuth::Controller do
 
   describe "#redirect_if_not_google_authenticated" do
     it "redirects if not authenticated" do
-      expect(SecureRandom).to receive(:hex).and_return("abcd")
-      expect(subject).to receive(:redirect_to).with("https://accounts.google.com/o/oauth2/auth?scope=openid+email&response_type=code&client_id=123&redirect_uri=%2Fabc&state=abcd%2Fsomepath")
+      SimpleGoogleAuth.config.authentication_uri_state_builder = ->(request) { 'prefix-/somepath' }
+
+      expect(subject).to receive(:redirect_to).with("https://accounts.google.com/o/oauth2/auth?scope=openid+email&response_type=code&client_id=123&redirect_uri=%2Fabc&state=prefix-%2Fsomepath")
       subject.send(:redirect_if_not_google_authenticated)
     end
 

data/spec/simple_google_auth/receiver_spec.rb

@@ -12,6 +12,7 @@ describe SimpleGoogleAuth::Receiver do
   let(:auth_data) { double }
   let(:env) { double }
   let(:auth_data_presenter) { instance_double(SimpleGoogleAuth::AuthDataPresenter) }
+  let(:authentication_uri_state_path_extractor) { double(:call => '') }
 
   before do
     expect(Rack::Request).to receive(:new).with(env).and_return(request)
@@ -19,6 +20,7 @@ describe SimpleGoogleAuth::Receiver do
 
     SimpleGoogleAuth.config.authenticate = authenticator
     SimpleGoogleAuth.config.failed_login_path = '/error'
+    SimpleGoogleAuth.config.authentication_uri_state_path_extractor = authentication_uri_state_path_extractor
   end
 
   subject { SimpleGoogleAuth::Receiver.new.call(env) }
@@ -38,6 +40,8 @@ describe SimpleGoogleAuth::Receiver do
       end
 
       it "redirects to the URL specified in the session" do
+        expect(authentication_uri_state_path_extractor).to receive(:call).with(state).and_return('/place')
+
         expect(subject).to eq [302, {"Location" => "/place"}, [" "]]
       end
     end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: simple_google_auth
 version: !ruby/object:Gem::Version
-  version: 0.2.1
+  version: 0.3.0
 platform: ruby
 authors:
 - Roger Nesbitt
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2016-09-12 00:00:00.000000000 Z
+date: 2020-02-04 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails
@@ -16,28 +16,28 @@ dependencies:
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 3.2.0
+        version: '5.2'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 3.2.0
+        version: '5.2'
 - !ruby/object:Gem::Dependency
   name: rspec-rails
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '3.2'
+        version: '3.9'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '3.2'
+        version: '3.9'
 description: An extremely easy way to protect your site by requiring Google logins
   without having to set up a traditional authentication system
 email:
@@ -89,17 +89,17 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.5.1
+rubygems_version: 2.7.6
 signing_key: 
 specification_version: 4
 summary: Super simple Google authentication for your Rails site
 test_files:
-- spec/simple_google_auth/auth_data_presenter_spec.rb
-- spec/simple_google_auth/authorization_uri_builder_spec.rb
-- spec/simple_google_auth/config_spec.rb
-- spec/simple_google_auth/controller_spec.rb
+- spec/spec_helper.rb
 - spec/simple_google_auth/http_client_spec.rb
+- spec/simple_google_auth/config_spec.rb
+- spec/simple_google_auth/auth_data_presenter_spec.rb
 - spec/simple_google_auth/oauth_spec.rb
 - spec/simple_google_auth/receiver_spec.rb
+- spec/simple_google_auth/authorization_uri_builder_spec.rb
+- spec/simple_google_auth/controller_spec.rb
 - spec/simple_google_auth_spec.rb
-- spec/spec_helper.rb