slack_oauth 0.2.0 → 0.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (9) hide show
  1. checksums.yaml +4 -4
  2. data/Gemfile +1 -1
  3. data/README.md +12 -14
  4. data/lib/helper.rb +20 -5
  5. data/lib/slack_oauth.rb +2 -2
  6. data/lib/version.rb +1 -1
  7. data/sample/helper.rb +2 -3
  8. data/slack_oauth.gemspec +1 -1
  9. metadata +3 -3
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 854ea6bb849afb1579b16e1324fa30914a2540ff
4
- data.tar.gz: eb3a7718f284e9ebce134b5ec6bb3510e6e0d619
3
+ metadata.gz: de0ea259393f9c2ec042054322246580cbae1b88
4
+ data.tar.gz: 86f34f1d90ea7f376acb19ebf44904e666f638e2
5
5
  SHA512:
6
- metadata.gz: 3ed2ed608984dd91cde6a970b0754ef8159836462acceb134cd277fe17dca2a739f0da8de190139192fe55bd29900dde48693f21eda4fe7ca03c8bbfd38d2f77
7
- data.tar.gz: 93eeaad7c2eadc3614cc968fcbcaa0dbc6fd887a821fc54692456ab5e38967a16e824f6628d8d72ee8bfb1b48bbf98227d501715883066a5d723ee429128a5bc
6
+ metadata.gz: 28447d0c64a37945004ec170590adf2589d27b9d1f3e35123c31e28a541cd90f4881b420b7c0349a5374430d68e0d6cb4e11d3b70ac550f7e9749ffb8d1f3100
7
+ data.tar.gz: 85363069f748f108d4c3867189b4b6f13013fe666d9ebad5a2df9388b3e4391cc1b8b1e24ad5a8c1a55ac0931174d7ab26bb92bb8c128036b07a8bd74c83a084
data/Gemfile CHANGED
@@ -1,4 +1,4 @@
1
1
  source 'https://rubygems.org'
2
2
 
3
- # Specify your gem's dependencies in slack_oauth.gemspec
3
+ # Specify your gem's dependencies in hello.gemspec
4
4
  gemspec
data/README.md CHANGED
@@ -8,6 +8,9 @@ oauth client library for sinatra
8
8
  - team id(slack) using the authorization
9
9
  - team name(slack) using the authorization
10
10
 
11
+ # Caution
12
+ don't use Rack::Session::Cookie
13
+
11
14
  ## Installation
12
15
 
13
16
  Add this line to your application's Gemfile:
@@ -32,23 +35,18 @@ require 'slack_oauth'
32
35
 
33
36
  register SlackOauth::Driver
34
37
 
35
- use Rack::Session::Cookie,
36
- :expire_after => 3600,
37
- :secret => 'change'
38
-
39
38
  configure do
40
- set :slack_token, 'xxxxx-xxxxx-xxxx-xxxx'
41
- set :slack_client_id, 'nnnnnn.nnnnn'
42
- set :slack_secret_key, 'xxxxxxxxxxxxxxxxxx'
43
- set :logined_uri, '/'
44
- set :error_uri, '/'
39
+ set :slack_token, 'xxxxx-xxxxx-xxxx-xxxx' # required
40
+ set :slack_client_id, 'nnnnnn.nnnnn' # required
41
+ set :slack_secret_key, 'xxxxxxxxxxxxxxxxxx' # required
42
+ set :logined_uri, '/' # required if use register
43
+ set :error_uri, '/' # required if use register
45
44
  set :slack_redirect_uri, 'http://yourhost:4567/oauth'
46
45
  set :slack_team, 'your-team' # or nil
47
- set :slack_allowed_teams, ['allowed team']
48
- set :slack_scope, 'identify'
49
- use Rack::Session::Cookie,
50
- :expire_after => 3600,
51
- :secret => 'change'
46
+ set :slack_allowed_teams, ['allowed team'] # required
47
+ set :slack_scope, 'identify' # required
48
+ use Rack::Session::Pool, # slack_oauth use session
49
+ :expire_after => 3600
52
50
  end
53
51
 
54
52
  get '/' do
data/lib/helper.rb CHANGED
@@ -1,6 +1,7 @@
1
1
  require 'sinatra/base'
2
2
  require 'net/https'
3
3
  require 'json'
4
+ require 'securerandom'
4
5
 
5
6
  module SlackOauth
6
7
  module Driver
@@ -20,21 +21,27 @@ module SlackOauth
20
21
  if has_settings(:slack_redirect_uri)
21
22
  params[:redirect_uri] = settings.slack_redirect_uri
22
23
  end
23
-
24
+
24
25
  req.set_form_data(params)
25
26
  res = JSON.parse(http.request(req).body)
26
- session[:authorized] = res['ok'] && settings.slack_allowed_teams.include?(res['team_name'])
27
- if session[:authorized]
27
+
28
+ session[:slack_authorized] = res['ok'] && settings.slack_allowed_teams.include?(res['team_name'])
29
+
30
+ if session[:slack_authorized]
28
31
  session[:slack_team] = res['team_name']
29
32
  session[:slack_access_token] = res['access_token']
30
33
  session[:slack_user_id] = res['user_id']
31
34
  session[:slack_team_id] = res['team_id']
32
35
  end
33
- session[:authorized]
36
+ session[:slack_authorized]
34
37
  end
35
38
 
36
39
  def authorized?
37
- session[:authorized]
40
+ session[:slack_authorized]
41
+ end
42
+
43
+ def validate_state(state)
44
+ session[:slack_state] == state
38
45
  end
39
46
 
40
47
  def get_params
@@ -50,6 +57,14 @@ module SlackOauth
50
57
  if has_settings(:slack_redirect_uri)
51
58
  params << "redirect_uri=#{settings.slack_redirect_uri}"
52
59
  end
60
+
61
+ @slack_state_generator ||= has_settings(:slack_state_generator) ? settings.slack_state_generator : ->{
62
+ SecureRandom.hex(32)
63
+ }
64
+
65
+ session[:slack_state] = @slack_state_generator.call
66
+ params << "state=#{session[:slack_state]}"
67
+
53
68
  "?#{params.join('&')}"
54
69
  end
55
70
 
data/lib/slack_oauth.rb CHANGED
@@ -1,4 +1,4 @@
1
- require_relative 'version'
1
+ require_relative 'version.rb'
2
2
  require_relative 'helper.rb'
3
3
  require 'sinatra/base'
4
4
  require 'net/https'
@@ -16,7 +16,7 @@ module SlackOauth
16
16
  elsif !params[:error].nil?
17
17
  redirect settings.error_uri
18
18
  elsif !params[:code].nil?
19
- if authorize(params[:code])
19
+ if validate_state(params[:state]) && authorize(params[:code])
20
20
  redirect settings.logined_uri
21
21
  else
22
22
  redirect settings.error_uri
data/lib/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module SlackOauth
2
- VERSION = "0.2.0"
2
+ VERSION = "0.3.0"
3
3
  end
data/sample/helper.rb CHANGED
@@ -13,9 +13,8 @@ configure do
13
13
  set :slack_team, 'your-team' # or nil
14
14
  set :slack_allowed_teams, ['allowed team']
15
15
  set :slack_scope, 'identify'
16
- use Rack::Session::Cookie,
17
- :expire_after => 3600,
18
- :secret => 'change'
16
+ use Rack::Session::Pool,
17
+ :expire_after => 3600
19
18
  end
20
19
 
21
20
  get '/your-path' do
data/slack_oauth.gemspec CHANGED
@@ -1,7 +1,7 @@
1
1
  # coding: utf-8
2
2
  lib = File.expand_path('../lib', __FILE__)
3
3
  $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
4
- require 'slack_oauth'
4
+ require_relative 'lib/version'
5
5
 
6
6
  Gem::Specification.new do |spec|
7
7
  spec.name = "slack_oauth"
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: slack_oauth
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.2.0
4
+ version: 0.3.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - m0cchi
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2016-07-18 00:00:00.000000000 Z
11
+ date: 2016-07-26 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: sinatra
@@ -99,7 +99,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
99
99
  version: '0'
100
100
  requirements: []
101
101
  rubyforge_project:
102
- rubygems_version: 2.6.4
102
+ rubygems_version: 2.4.5
103
103
  signing_key:
104
104
  specification_version: 4
105
105
  summary: Slack OAuth driver.