solidus_social 1.0.0

data/config/locales/nl.yml

@@ -0,0 +1,26 @@
+---
+nl:
+  devise:
+    omniauth_callbacks:
+      success: "U bent nu aangemeld met uw %{kind}-account."
+  spree:
+    user_was_not_valid: Gebruiker was niet geldig.
+    add_another_service: 'Nog een log-in dienst toevoegen:'
+    authentications:
+      destroy: "Met succes vernietigd authenticatiemethode."
+    back_to_authentication_methods_list: "Terug naar de lijst verificatiemethoden"
+    edit_social_method: 'Bewerk Social Authenticatie Methodes'
+    new_social_method: 'Nieuwe Authenticatie Methode'
+    no_authentication_methods_found: "Geen verificatiemethoden gevonden"
+    one_more_step: 'Laatste stap om registratie met %{kind} te voltooien'
+    remove_authentication_option_confirmation: 'Weet je zeker dat je deze authenticatie methode wilt verwijderen?'
+    sign_into_account: 'Je kunt bij deze account inlogen met:'
+    sign_in_through_one_of_these_services: 'Log in met een van de volgende diensten:'
+    social_api_key: 'API Key'
+    social_api_secret: 'API Secret'
+    social_authentication_methods: 'Social Authenticatie Methodes'
+    social_authentication_methods_description: 'OAuth Authenticatie Methodes Instellen'
+    social_provider: 'Social Provider'
+    please_confirm_your_email: 'Bevestig je email adres om verder te gaan'
+    sign_in_with: 'Login met %{provider}'
+    you_have_signed_in_with_these_services: "Je hebt in deze diensten ondertekend"

data/config/locales/pt-BR.yml

@@ -0,0 +1,26 @@
+---
+pt-BR:
+  devise:
+    omniauth_callbacks:
+      success: "Você está logado agora com a sua conta do %{kind}."
+  spree:
+    user_was_not_valid: "Usuário não era válido."
+    add_another_service: "Adicione outro serviço para se logar:"
+    authentications:
+      destroy: 'Método de autenticação destruído com sucesso.'
+    back_to_authentication_methods_list: "Voltar Para Lista de Métodos de Autenticação"
+    edit_social_method: "Editando Método de Autenticação Social"
+    new_social_method: "Novo Método de Autenticação"
+    no_authentication_methods_found: "Métodos de Autenticação Não Encontrados"
+    one_more_step: 'Um passo apenas para completar seu registro pelo %{kind}'
+    remove_authentication_option_confirmation: "Você tem certeza que deseja remover este método de autenticação ?"
+    sign_into_account: "Você pode acessar esta conta usando:"
+    sign_in_through_one_of_these_services: "Acesse através de um destes serviços:"
+    social_api_key: "Chave API"
+    social_api_secret: "Segredo API"
+    social_authentication_methods: "Métodos de Autenticação Social"
+    social_authentication_methods_description: "Configure Métodos de Autenticação OAuth"
+    social_provider: "Provedor Social"
+    please_confirm_your_email: "Por favor confirme seu endereço de e-mail para continuar"
+    sign_in_with: "Login com %{provider}"
+    you_have_signed_in_with_these_services: "Você se cadastrou com estes serviços"

data/config/locales/sv.yml

@@ -0,0 +1,26 @@
+---
+sv:
+  devise:
+    omniauth_callbacks:
+      success: "Du är nu inloggad med ditt %{kind} konto."
+  spree:
+    user_was_not_valid: "Användaren var inte giltigt."
+    add_another_service: "Lägg en annan tjänst för att logga in med:"
+    authentications:
+      destroy: "Autentiseringsmetoden har nu blivit borttagen."
+    back_to_authentication_methods_list: "Tillbaka till listan med autentiseringsmetoder"
+    edit_social_method: "Redigera social autentiseringsmetod"
+    new_social_method: "Ny autentiseringsmetod"
+    no_authentication_methods_found: "Inga autentiseringsmetoder funna"
+    one_more_step: "Ett steg från att slutföra din registrering från %{kind}"
+    remove_authentication_option_confirmation: "Är du säker på att du vill ta bort denna autentiseringsmetod?"
+    sign_into_account: "Du kan logga in på detta konto med hjälp av:"
+    sign_in_through_one_of_these_services: "Logga in genom en av dessa tjänster:"
+    social_api_key: "API-nyckel"
+    social_api_secret: "API lösenord"
+    social_authentication_methods: "Sociala autentiseringsmetoder"
+    social_authentication_methods_description: "Sätt upp OAuth autentiseringsmetoder"
+    social_provider: "Social tjänst"
+    please_confirm_your_email: "Bekräfta din e-postadress för att fortsätta"
+    sign_in_with: "Logga in med %{provider}"
+    you_have_signed_in_with_these_services: "Du har loggat in via dessa tjänster"

data/config/routes.rb

@@ -0,0 +1,14 @@
+Spree::Core::Engine.add_routes do
+  devise_for :spree_user,
+             class_name: Spree::User,
+             only: [:omniauth_callbacks],
+             controllers: { omniauth_callbacks: 'spree/omniauth_callbacks' },
+             path: Spree::SocialConfig[:path_prefix]
+  resources :user_authentications
+
+  get 'account' => 'users#show', as: 'user_root'
+
+  namespace :admin do
+    resources :authentication_methods
+  end
+end

data/db/migrate/20120120163432_create_user_authentications.rb

@@ -0,0 +1,10 @@
+class CreateUserAuthentications < ActiveRecord::Migration
+  def change
+    create_table :spree_user_authentications do |t|
+      t.integer :user_id
+      t.string :provider
+      t.string :uid
+      t.timestamps
+    end
+  end
+end

data/db/migrate/20120123163222_create_authentication_methods.rb

@@ -0,0 +1,13 @@
+class CreateAuthenticationMethods < ActiveRecord::Migration
+  def change
+    create_table :spree_authentication_methods do |t|
+      t.string :environment
+      t.string :provider
+      t.string :api_key
+      t.string :api_secret
+      t.boolean :active
+
+      t.timestamps
+    end
+  end
+end

data/lib/generators/solidus_social/install/install_generator.rb

@@ -0,0 +1,24 @@
+module SolidusSocial
+  module Generators
+    class InstallGenerator < Rails::Generators::Base
+      class_option :auto_run_migrations, type: :boolean, default: false
+
+      def add_stylesheets
+        inject_into_file 'vendor/assets/stylesheets/spree/frontend/all.css', " *= require spree/frontend/solidus_social\n", before: /\*\//, verbose: true
+      end
+
+      def add_migrations
+        run 'bundle exec rake railties:install:migrations FROM=solidus_social'
+      end
+
+      def run_migrations
+        run_migrations = options[:auto_run_migrations] || ['', 'y', 'Y'].include?(ask 'Would you like to run the migrations now? [Y/n]')
+        if run_migrations
+          run 'bundle exec rake db:migrate'
+        else
+          puts 'Skipping rake db:migrate, don\'t forget to run it!'
+        end
+      end
+    end
+  end
+end

data/lib/solidus_social.rb

@@ -0,0 +1,10 @@
+require 'spree_core'
+require 'solidus_auth_devise'
+require 'omniauth-twitter'
+require 'omniauth-facebook'
+require 'omniauth-github'
+require 'omniauth-google-oauth2'
+require 'omniauth-amazon'
+require 'solidus_social/engine'
+require 'solidus_social/version'
+require 'coffee_script'

data/lib/solidus_social/engine.rb

@@ -0,0 +1,70 @@
+module SolidusSocial
+  OAUTH_PROVIDERS = [
+    %w(Facebook facebook),
+    %w(Twitter twitter),
+    %w(Github github),
+    %w(Google google_oauth2),
+    %w(Amazon amazon)
+  ]
+
+  class Engine < Rails::Engine
+    engine_name 'solidus_social'
+
+    config.autoload_paths += %W(#{config.root}/lib)
+
+    initializer 'solidus_social.environment', before: 'spree.environment' do
+      Spree::SocialConfig = Spree::SocialConfiguration.new
+    end
+
+    def self.activate
+      Dir.glob(File.join(File.dirname(__FILE__), '../../app/**/*_decorator*.rb')) do |c|
+        Rails.configuration.cache_classes ? require(c) : load(c)
+      end
+    end
+
+    config.to_prepare(&method(:activate).to_proc)
+  end
+
+  # Setup all OAuth providers
+  def self.init_provider(provider)
+    return unless ActiveRecord::Base.connection.table_exists?('spree_authentication_methods')
+    key, secret = nil
+    Spree::AuthenticationMethod.where(environment: ::Rails.env).each do |auth_method|
+      next unless auth_method.provider == provider
+      key = auth_method.api_key
+      secret = auth_method.api_secret
+      Rails.logger.info("[Spree Social] Loading #{auth_method.provider.capitalize} as authentication source")
+    end
+    setup_key_for(provider.to_sym, key, secret)
+  end
+
+  def self.setup_key_for(provider, key, secret)
+    Devise.setup do |config|
+      config.omniauth provider, key, secret, setup: true
+    end
+  end
+end
+
+module OmniAuth
+  module Strategies
+    class Facebook < OAuth2
+      MOBILE_USER_AGENTS =  'palm|blackberry|nokia|phone|midp|mobi|symbian|chtml|ericsson|minimo|' \
+                            'audiovox|motorola|samsung|telit|upg1|windows ce|ucweb|astel|plucker|' \
+                            'x320|x240|j2me|sgh|portable|sprint|docomo|kddi|softbank|android|mmp|' \
+                            'pdxgw|netfront|xiino|vodafone|portalmmm|sagem|mot-|sie-|ipod|up\\.b|' \
+                            'webos|amoi|novarra|cdm|alcatel|pocket|ipad|iphone|mobileexplorer|' \
+                            'mobile'
+      def request_phase
+        options[:scope] ||= 'email'
+        options[:info_fields] ||= 'email'
+        options[:display] = mobile_request? ? 'touch' : 'page'
+        super
+      end
+
+      def mobile_request?
+        ua = Rack::Request.new(@env).user_agent.to_s
+        ua.downcase =~ Regexp.new(MOBILE_USER_AGENTS)
+      end
+    end
+  end
+end

data/lib/solidus_social/version.rb

@@ -0,0 +1,18 @@
+module SolidusSocial
+  module_function
+
+  # Returns the version of the currently loaded SolidusSocial as a
+  # <tt>Gem::Version</tt>.
+  def version
+    Gem::Version.new VERSION::STRING
+  end
+
+  module VERSION
+    MAJOR = 1
+    MINOR = 0
+    TINY  = 0
+    PRE   = nil
+
+    STRING = [MAJOR, MINOR, TINY, PRE].compact.join('.')
+  end
+end

data/solidus_social.gemspec

@@ -0,0 +1,47 @@
+lib = File.expand_path('../lib/', __FILE__)
+$LOAD_PATH.unshift lib unless $LOAD_PATH.include?(lib)
+
+require 'solidus_social/version'
+
+Gem::Specification.new do |s|
+  s.platform    = Gem::Platform::RUBY
+  s.name        = 'solidus_social'
+  s.version     = SolidusSocial.version
+  s.summary     = 'Adds social network login services (OAuth) to Spree'
+  s.description = s.summary
+  s.required_ruby_version = '>= 1.9.3'
+
+  s.author   = 'John Dyer'
+  s.email    = 'jdyer@spreecommerce.com'
+  s.homepage = 'http://www.spreecommerce.com'
+  s.license  = 'BSD-3'
+
+  s.files        = `git ls-files`.split("\n")
+  s.test_files   = `git ls-files -- spec/*`.split("\n")
+  s.require_path = 'lib'
+  s.requirements << 'none'
+
+  s.add_runtime_dependency 'solidus_core', ["~> 1.0"]
+  s.add_runtime_dependency 'omniauth'
+  s.add_runtime_dependency 'oa-core'
+  s.add_runtime_dependency 'omniauth-twitter'
+  s.add_runtime_dependency 'omniauth-facebook'
+  s.add_runtime_dependency 'omniauth-github'
+  s.add_runtime_dependency 'omniauth-google-oauth2'
+  s.add_runtime_dependency 'omniauth-amazon'
+
+  s.add_development_dependency 'capybara', '~> 2.4.1'
+  s.add_development_dependency 'database_cleaner', '1.3.0'
+  s.add_development_dependency 'rspec-rails', '~> 3.1.0'
+  s.add_development_dependency 'factory_girl', '~> 4.4'
+  s.add_development_dependency 'pry-rails'
+  s.add_development_dependency 'selenium-webdriver', '>= 2.41.0'
+  s.add_development_dependency 'poltergeist', '~> 1.5.0'
+  s.add_development_dependency 'simplecov', '~> 0.9.0'
+  s.add_development_dependency 'sqlite3', '~> 1.3.10'
+  s.add_development_dependency 'coffee-rails'
+  s.add_development_dependency 'sass-rails'
+  s.add_development_dependency 'guard-rspec'
+  s.add_development_dependency 'rubocop', '>= 0.24.1'
+  s.add_development_dependency 'rake', '< 11'
+end

data/spec/controllers/spree/omniauth_callbacks_controller_spec.rb

@@ -0,0 +1,160 @@
+RSpec.describe Spree::OmniauthCallbacksController, type: :controller do
+  let(:user) { create(:user) }
+  let(:omni_params) { double('omni', :[] => nil).as_null_object }
+  let(:order) { double('Spree::Order', associate_user: nil) }
+
+  before do
+    Rails.application.routes.default_url_options[:host] = 'test.host'
+    request.env['omniauth.auth'] = omni_params
+    allow(controller).to receive(:sign_in_and_redirect)
+    allow(controller).to receive(:redirect_back_or_default)
+    allow(Spree::User).to receive(:anonymous!).with(user)
+  end
+
+  shared_examples_for 'denied_permissions' do
+    before { request.env['omniauth.error'] = 'FAIL' }
+
+    it 'redirects properly' do
+      expect(controller).to receive(:redirect_back_or_default)
+      controller.twitter
+    end
+
+    it 'displays an error message' do
+      controller.twitter
+      expect(flash[:error]).not_to be_blank
+    end
+
+    it 'does not attempt authentication' do
+      expect(controller).not_to receive(:sign_in_and_redirect)
+      controller.twitter
+    end
+  end
+
+  shared_examples_for 'associate_order' do
+    before { allow(controller).to receive(:current_order).and_return(order) }
+
+    it 'associates the order with the user' do
+      expect(order).to receive(:associate_user!).with(user)
+      controller.twitter
+    end
+  end
+
+  shared_examples_for 'authenticate_as_user' do
+    it 'authenticates as that user' do
+      expect(controller).to receive(:sign_in_and_redirect).with(user, event: :authentication)
+    end
+  end
+
+  context '#callback' do
+    context 'when user is authenticated' do
+      before do
+        allow(controller).to receive(:spree_current_user).and_return(user)
+      end
+
+      it_should_behave_like 'denied_permissions'
+
+      context 'when existing user_authentication' do
+        let(:user_authentication) { double('user_authentication', user: user) }
+        before do
+          allow(Spree::UserAuthentication).to receive(:find_by_provider_and_uid).and_return(user_authentication)
+        end
+
+        it 'does not need to create the user_authentication' do
+          expect(user.user_authentications).not_to receive(:create!)
+          controller.twitter
+        end
+
+        it 'sets the flash notice' do
+          controller.twitter
+          expect(flash[:notice]).not_to be_blank
+        end
+
+        it 'authenticates as that user' do
+          expect(controller).to receive(:sign_in_and_redirect)
+          controller.twitter
+        end
+      end
+
+      context 'when no existing user_authentication' do
+        before do
+          allow(Spree::UserAuthentication).to receive(:find_by_provider_and_uid).and_return(nil)
+        end
+
+        it 'creates a new user_authentication' do
+          expect(user).to receive(:apply_omniauth)
+          expect(user).to receive(:save!)
+          controller.twitter
+        end
+
+        it 'sets the flash notice' do
+          controller.twitter
+          expect(flash[:notice]).not_to be_blank
+        end
+
+        it 'redirects properly' do
+          expect(controller).to receive(:redirect_back_or_default)
+          controller.twitter
+        end
+
+        it_should_behave_like 'associate_order'
+      end
+    end
+
+    context 'when user is not authenticated' do
+      before do
+        allow(controller).to receive(:spree_current_user).and_return(nil)
+      end
+
+      it_should_behave_like 'denied_permissions'
+
+      context 'when existing user_authentication' do
+        let(:user_authentication) { double('user_authentication', user: user) }
+        before do
+          allow(Spree::UserAuthentication).to receive(:find_by_provider_and_uid).and_return(user_authentication)
+        end
+
+        it 'does not need to create the user_authentication' do
+          expect(user.user_authentications).not_to receive(:create!)
+          controller.twitter
+        end
+
+        it 'does not create a new user account' do
+          expect(Spree::User).not_to receive :new
+          controller.twitter
+        end
+
+        it 'authenticates as that user' do
+          expect(controller).to receive(:sign_in_and_redirect).with(:spree_user, user)
+          controller.twitter
+        end
+      end
+
+      context 'when no existing user_authentication' do
+        let(:user) { Spree::User.new }
+        before do
+          allow(Spree::UserAuthentication).to receive(:find_by_provider_and_uid).and_return(nil)
+          allow(controller).to receive(:auth_hash).and_return('provider' => 'facebook', 'info' => { 'email' => 'spree@gmail.com' }, 'uid' => '123')
+        end
+
+        context "email doesn't belongs to anyone" do
+          it 'creates a new user' do
+            expect(controller).to receive(:sign_in_and_redirect)
+            expect { controller.twitter }.to change(Spree::User, :count).by(1)
+          end
+        end
+
+        context 'email belongs to existing user' do
+          before { @user = create(:user, email: 'spree@gmail.com') }
+
+          it 'does not create new user' do
+            expect { controller.twitter }.to_not change(Spree::User, :count)
+          end
+
+          it 'assigns authentication to existing user' do
+            expect { controller.twitter }.to change(@user.user_authentications, :count).by(1)
+          end
+        end
+      end
+    end
+  end
+end