sorcery 0.10.1 → 0.10.2

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of sorcery might be problematic. Click here for more details.

checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 4a4f8fffc57148ce88fac95615c62974067f30ab
4
- data.tar.gz: 742f040d7128342812e667e646e80d4f2dcc9119
3
+ metadata.gz: 52531921390dcbdf3af822e2042445099effba31
4
+ data.tar.gz: 0371505f7cf6d86ad0fd31fa04f6a0fe94029ade
5
5
  SHA512:
6
- metadata.gz: d5bf556539cc55cfa68727b84b2dfd69f22e6fe145d5797cdbd655360ef4cc7bc918dadca217d7d63420972d0e8f4fd86fe469d7edb10a1530eb4b9100a0c694
7
- data.tar.gz: f253c7affbe104709c0f4be6c702ae7f37cecac7ebe7bd1d0609603d8887fe6a4f1c622da5a62b4f85bf542c6e49bdeb322c06ed8d95a34e7f6d880ec4a0c961
6
+ metadata.gz: 241a97cd9ab0abf01812f9e103de6508d2abc95e7522430e845917bed47179d180bff41a8a906069e30cac5b8d188c1298879711acbd1d1347e3e73088100d36
7
+ data.tar.gz: 341766db00f2d304cbd637ec258873df61dd691e354449ba2f6c943cb581844075b135c3b522e77c19fc4cc3379d6ff0d60717b6bc19374c955288dce7abc42f
data/.gitignore CHANGED
@@ -14,6 +14,9 @@ doc
14
14
  # jeweler generated
15
15
  pkg
16
16
 
17
+ # byebug generated
18
+ .byebug_history
19
+
17
20
  # for RVM
18
21
  .rvmrc
19
22
 
@@ -1,5 +1,11 @@
1
1
  # Changelog
2
+
3
+ ## 0.10.2
4
+
5
+ * Added support for Microsoft OAuth (thanks to @athix) [#37](https://github.com/Sorcery/sorcery/pull/37)
6
+
2
7
  ## 0.10.1
8
+
3
9
  * Fixed LinkedIn bug [#36](https://github.com/Sorcery/sorcery/pull/36)
4
10
 
5
11
  ## 0.10.0
@@ -77,7 +83,7 @@
77
83
 
78
84
  ## 0.8.4
79
85
 
80
- * Few security fixes in `external` module
86
+ * Few security fixes in `external` module
81
87
 
82
88
  ## 0.8.3 (yanked because of bad Jeweler release)
83
89
 
@@ -85,38 +91,9 @@
85
91
 
86
92
  * Activity logging feature has a new column called `last_login_from_ip_address` (string type). If you use ActiveRecord, you will have to add this column to DB ([#465](https://github.com/NoamB/sorcery/issues/465))
87
93
 
88
- ## 0.8.1
89
- <!-- TO BE WRITTEN -->
90
-
91
- ## 0.8.0
92
- <!-- TO BE WRITTEN -->
93
-
94
- ## 0.7.13
95
- <!-- TO BE WRITTEN -->
96
-
97
- ## 0.7.12
98
- <!-- TO BE WRITTEN -->
99
-
100
- ## 0.7.11
101
- <!-- TO BE WRITTEN -->
102
-
103
- ## 0.7.10
104
- <!-- TO BE WRITTEN -->
105
-
106
- ## 0.7.9
107
- <!-- TO BE WRITTEN -->
108
-
109
- ## 0.7.8
110
- <!-- TO BE WRITTEN -->
111
-
112
- ## 0.7.7
113
- <!-- TO BE WRITTEN -->
114
-
115
- ## 0.7.6
116
- <!-- TO BE WRITTEN -->
94
+ ## 0.7.5-0.8.1
117
95
 
118
- ## 0.7.5
119
- <!-- TO BE WRITTEN -->
96
+ <!-- HERE BE DRAGONS (Changelogs never written) -->
120
97
 
121
98
  ## 0.7.1-0.7.4
122
99
 
@@ -131,6 +131,16 @@ Rails.application.config.sorcery.configure do |config|
131
131
  # config.google.user_info_mapping = {:email => "email", :username => "name"}
132
132
  # config.google.scope = "https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/userinfo.profile"
133
133
  #
134
+ # For Microsoft Graph, the key will be your App ID, and the secret will be your app password/public key.
135
+ # The callback URL "can't contain a query string or invalid special characters", see: https://docs.microsoft.com/en-us/azure/active-directory/active-directory-v2-limitations#restrictions-on-redirect-uris
136
+ # More information at https://graph.microsoft.io/en-us/docs
137
+ #
138
+ # config.microsoft.key = ""
139
+ # config.microsoft.secret = ""
140
+ # config.microsoft.callback_url = "http://0.0.0.0:3000/oauth/callback/microsoft"
141
+ # config.microsoft.user_info_mapping = {:email => "userPrincipalName", :username => "displayName"}
142
+ # config.microsoft.scope = "openid email https://graph.microsoft.com/User.Read"
143
+ #
134
144
  # config.vk.key = ""
135
145
  # config.vk.secret = ""
136
146
  # config.vk.callback_url = "http://0.0.0.0:3000/oauth/callback?provider=vk"
@@ -22,6 +22,7 @@ module Sorcery
22
22
  require 'sorcery/providers/paypal'
23
23
  require 'sorcery/providers/slack'
24
24
  require 'sorcery/providers/wechat'
25
+ require 'sorcery/providers/microsoft'
25
26
 
26
27
  Config.module_eval do
27
28
  class << self
@@ -0,0 +1,59 @@
1
+ module Sorcery
2
+ module Providers
3
+ # This class adds support for OAuth with Microsoft Graph.
4
+ #
5
+ # config.microsoft.key = <key>
6
+ # config.microsoft.secret = <secret>
7
+ # ...
8
+ #
9
+ class Microsoft < Base
10
+ include Protocols::Oauth2
11
+
12
+ attr_accessor :auth_url, :scope, :token_url, :user_info_url
13
+
14
+ def initialize
15
+ super
16
+
17
+ @site = 'https://login.microsoftonline.com'
18
+ @auth_url = '/common/oauth2/v2.0/authorize'
19
+ @token_url = '/common/oauth2/v2.0/token'
20
+ @user_info_url = 'https://graph.microsoft.com/v1.0/me'
21
+ @scope = 'openid email https://graph.microsoft.com/User.Read'
22
+ @state = SecureRandom.hex(16)
23
+ end
24
+
25
+ def authorize_url(options = {})
26
+ oauth_params = {
27
+ client_id: @key,
28
+ response_type: 'code'
29
+ }
30
+ options.merge!(oauth_params)
31
+ super(options)
32
+ end
33
+
34
+ def get_user_hash(access_token)
35
+ response = access_token.get(user_info_url)
36
+
37
+ auth_hash(access_token).tap do |h|
38
+ h[:user_info] = JSON.parse(response.body)
39
+ h[:uid] = h[:user_info]['id']
40
+ end
41
+ end
42
+
43
+ # calculates and returns the url to which the user should be redirected,
44
+ # to get authenticated at the external provider's site.
45
+ def login_url(_params, _session)
46
+ authorize_url(authorize_url: auth_url)
47
+ end
48
+
49
+ # tries to login the user from access token
50
+ def process_callback(params, _session)
51
+ args = {}.tap do |a|
52
+ a[:code] = params[:code] if params[:code]
53
+ end
54
+
55
+ get_access_token(args, token_url: token_url, token_method: :post)
56
+ end
57
+ end
58
+ end
59
+ end
@@ -1,3 +1,3 @@
1
1
  module Sorcery
2
- VERSION = '0.10.1'
2
+ VERSION = '0.10.2'
3
3
  end
@@ -29,4 +29,5 @@ Gem::Specification.new do |s|
29
29
  s.add_development_dependency 'simplecov', '>= 0.3.8'
30
30
  s.add_development_dependency 'rspec-rails', '~> 3.5.0'
31
31
  s.add_development_dependency 'test-unit', '~> 3.1.0'
32
+ s.add_development_dependency 'byebug', '~> 9.0.0'
32
33
  end
@@ -151,7 +151,7 @@ describe SorceryController, active_record: true, type: :controller do
151
151
  expect(flash[:notice]).to eq 'Success!'
152
152
  end
153
153
 
154
- [:github, :google, :liveid, :vk, :salesforce, :paypal, :slack, :wechat].each do |provider|
154
+ [:github, :google, :liveid, :vk, :salesforce, :paypal, :slack, :wechat, :microsoft].each do |provider|
155
155
  describe "with #{provider}" do
156
156
  it 'login_at redirects correctly' do
157
157
  get :"login_at_test_#{provider}"
@@ -201,7 +201,7 @@ describe SorceryController, active_record: true, type: :controller do
201
201
  end
202
202
 
203
203
  sorcery_reload!([:user_activation,:external], :user_activation_mailer => ::SorceryMailer)
204
- sorcery_controller_property_set(:external_providers, [:facebook, :github, :google, :liveid, :vk, :salesforce, :paypal, :slack, :wechat])
204
+ sorcery_controller_property_set(:external_providers, [:facebook, :github, :google, :liveid, :vk, :salesforce, :paypal, :slack, :wechat, :microsoft])
205
205
 
206
206
  # TODO: refactor
207
207
  sorcery_controller_external_property_set(:facebook, :key, "eYVNBjBDi33aa9GkA3w")
@@ -231,6 +231,9 @@ describe SorceryController, active_record: true, type: :controller do
231
231
  sorcery_controller_external_property_set(:wechat, :key, "eYVNBjBDi33aa9GkA3w")
232
232
  sorcery_controller_external_property_set(:wechat, :secret, "XpbeSdCoaKSmQGSeokz5qcUATClRW5u08QWNfv71N8")
233
233
  sorcery_controller_external_property_set(:wechat, :callback_url, "http://blabla.com")
234
+ sorcery_controller_external_property_set(:microsoft, :key, "eYVNBjBDi33aa9GkA3w")
235
+ sorcery_controller_external_property_set(:microsoft, :secret, "XpbeSdCoaKSmQGSeokz5qcUATClRW5u08QWNfv71N8")
236
+ sorcery_controller_external_property_set(:microsoft, :callback_url, "http://blabla.com")
234
237
  end
235
238
 
236
239
  after(:all) do
@@ -260,7 +263,7 @@ describe SorceryController, active_record: true, type: :controller do
260
263
  expect(ActionMailer::Base.deliveries.size).to eq old_size
261
264
  end
262
265
 
263
- [:github, :google, :liveid, :vk, :salesforce, :paypal, :wechat].each do |provider|
266
+ [:github, :google, :liveid, :vk, :salesforce, :paypal, :wechat, :microsoft].each do |provider|
264
267
  it "does not send activation email to external users (#{provider})" do
265
268
  old_size = ActionMailer::Base.deliveries.size
266
269
  create_new_external_user provider
@@ -409,7 +412,7 @@ describe SorceryController, active_record: true, type: :controller do
409
412
  end
410
413
 
411
414
  def set_external_property
412
- sorcery_controller_property_set(:external_providers, [:facebook, :github, :google, :liveid, :vk, :salesforce, :paypal, :slack, :wechat])
415
+ sorcery_controller_property_set(:external_providers, [:facebook, :github, :google, :liveid, :vk, :salesforce, :paypal, :slack, :wechat, :microsoft])
413
416
  sorcery_controller_external_property_set(:facebook, :key, "eYVNBjBDi33aa9GkA3w")
414
417
  sorcery_controller_external_property_set(:facebook, :secret, "XpbeSdCoaKSmQGSeokz5qcUATClRW5u08QWNfv71N8")
415
418
  sorcery_controller_external_property_set(:facebook, :callback_url, "http://blabla.com")
@@ -437,6 +440,9 @@ describe SorceryController, active_record: true, type: :controller do
437
440
  sorcery_controller_external_property_set(:wechat, :key, "eYVNBjBDi33aa9GkA3w")
438
441
  sorcery_controller_external_property_set(:wechat, :secret, "XpbeSdCoaKSmQGSeokz5qcUATClRW5u08QWNfv71N8")
439
442
  sorcery_controller_external_property_set(:wechat, :callback_url, "http://blabla.com")
443
+ sorcery_controller_external_property_set(:microsoft, :key, "eYVNBjBDi33aa9GkA3w")
444
+ sorcery_controller_external_property_set(:microsoft, :secret, "XpbeSdCoaKSmQGSeokz5qcUATClRW5u08QWNfv71N8")
445
+ sorcery_controller_external_property_set(:microsoft, :callback_url, "http://blabla.com")
440
446
  end
441
447
 
442
448
  def provider_url(provider)
@@ -448,7 +454,8 @@ describe SorceryController, active_record: true, type: :controller do
448
454
  vk: "https://oauth.vk.com/authorize?client_id=#{::Sorcery::Controller::Config.vk.key}&display&redirect_uri=http%3A%2F%2Fblabla.com&response_type=code&scope=#{::Sorcery::Controller::Config.vk.scope}&state",
449
455
  salesforce: "https://login.salesforce.com/services/oauth2/authorize?client_id=#{::Sorcery::Controller::Config.salesforce.key}&display&redirect_uri=http%3A%2F%2Fblabla.com&response_type=code&scope#{'=' + ::Sorcery::Controller::Config.salesforce.scope unless ::Sorcery::Controller::Config.salesforce.scope.nil?}&state",
450
456
  slack: "https://slack.com/oauth/authorize?client_id=#{::Sorcery::Controller::Config.slack.key}&display&redirect_uri=http%3A%2F%2Fblabla.com&response_type=code&scope=identity.basic%2C+identity.email&state",
451
- wechat: "https://open.weixin.qq.com/connect/qrconnect?appid=#{::Sorcery::Controller::Config.wechat.key}&redirect_uri=http%3A%2F%2Fblabla.com&response_type=code&scope=snsapi_login&state=#wechat_redirect"
457
+ wechat: "https://open.weixin.qq.com/connect/qrconnect?appid=#{::Sorcery::Controller::Config.wechat.key}&redirect_uri=http%3A%2F%2Fblabla.com&response_type=code&scope=snsapi_login&state=#wechat_redirect",
458
+ microsoft: "https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=#{::Sorcery::Controller::Config.microsoft.key}&display&redirect_uri=http%3A%2F%2Fblabla.com&response_type=code&scope=openid+email+https%3A%2F%2Fgraph.microsoft.com%2FUser.Read&state"
452
459
  }[provider]
453
460
  end
454
461
  end
@@ -104,6 +104,10 @@ class SorceryController < ActionController::Base
104
104
  login_at(:wechat)
105
105
  end
106
106
 
107
+ def login_at_test_microsoft
108
+ login_at(:microsoft)
109
+ end
110
+
107
111
  def login_at_test_google
108
112
  login_at(:google)
109
113
  end
@@ -174,6 +178,14 @@ class SorceryController < ActionController::Base
174
178
  end
175
179
  end
176
180
 
181
+ def test_login_from_microsoft
182
+ if @user = login_from(:microsoft)
183
+ redirect_to 'bla', notice: 'Success!'
184
+ else
185
+ redirect_to 'blu', alert: 'Failed!'
186
+ end
187
+ end
188
+
177
189
  def test_login_from_google
178
190
  if @user = login_from(:google)
179
191
  redirect_to 'bla', notice: 'Success!'
@@ -272,6 +284,14 @@ class SorceryController < ActionController::Base
272
284
  end
273
285
  end
274
286
 
287
+ def test_return_to_with_external_microsoft
288
+ if @user = login_from(:microsoft)
289
+ redirect_back_or_to 'bla', notice: 'Success!'
290
+ else
291
+ redirect_to 'blu', alert: 'Failed!'
292
+ end
293
+ end
294
+
275
295
  def test_return_to_with_external_google
276
296
  if @user = login_from(:google)
277
297
  redirect_back_or_to 'bla', notice: 'Success!'
@@ -22,6 +22,7 @@ AppRoot::Application.routes.draw do
22
22
  get :test_login_from_github
23
23
  get :test_login_from_paypal
24
24
  get :test_login_from_wechat
25
+ get :test_login_from_microsoft
25
26
  get :test_login_from_google
26
27
  get :test_login_from_liveid
27
28
  get :test_login_from_vk
@@ -34,6 +35,7 @@ AppRoot::Application.routes.draw do
34
35
  get :login_at_test_github
35
36
  get :login_at_test_paypal
36
37
  get :login_at_test_wechat
38
+ get :login_at_test_microsoft
37
39
  get :login_at_test_google
38
40
  get :login_at_test_liveid
39
41
  get :login_at_test_vk
@@ -46,6 +48,7 @@ AppRoot::Application.routes.draw do
46
48
  get :test_return_to_with_external_github
47
49
  get :test_return_to_with_external_paypal
48
50
  get :test_return_to_with_external_wechat
51
+ get :test_return_to_with_external_microsoft
49
52
  get :test_return_to_with_external_google
50
53
  get :test_return_to_with_external_liveid
51
54
  get :test_return_to_with_external_vk
@@ -11,6 +11,7 @@ SORCERY_ORM = :active_record
11
11
  require 'rails/all'
12
12
  require 'rspec/rails'
13
13
  require 'timecop'
14
+ require 'byebug'
14
15
 
15
16
  def setup_orm; end
16
17
 
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: sorcery
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.10.1
4
+ version: 0.10.2
5
5
  platform: ruby
6
6
  authors:
7
7
  - Noam Ben Ari
@@ -11,7 +11,7 @@ authors:
11
11
  autorequire:
12
12
  bindir: bin
13
13
  cert_chain: []
14
- date: 2017-01-03 00:00:00.000000000 Z
14
+ date: 2017-01-04 00:00:00.000000000 Z
15
15
  dependencies:
16
16
  - !ruby/object:Gem::Dependency
17
17
  name: oauth
@@ -137,6 +137,20 @@ dependencies:
137
137
  - - "~>"
138
138
  - !ruby/object:Gem::Version
139
139
  version: 3.1.0
140
+ - !ruby/object:Gem::Dependency
141
+ name: byebug
142
+ requirement: !ruby/object:Gem::Requirement
143
+ requirements:
144
+ - - "~>"
145
+ - !ruby/object:Gem::Version
146
+ version: 9.0.0
147
+ type: :development
148
+ prerelease: false
149
+ version_requirements: !ruby/object:Gem::Requirement
150
+ requirements:
151
+ - - "~>"
152
+ - !ruby/object:Gem::Version
153
+ version: 9.0.0
140
154
  description: Provides common authentication needs such as signing in/out, activating
141
155
  by email and resetting password.
142
156
  email: chase.gilliam@gmail.com
@@ -206,6 +220,7 @@ files:
206
220
  - lib/sorcery/providers/jira.rb
207
221
  - lib/sorcery/providers/linkedin.rb
208
222
  - lib/sorcery/providers/liveid.rb
223
+ - lib/sorcery/providers/microsoft.rb
209
224
  - lib/sorcery/providers/paypal.rb
210
225
  - lib/sorcery/providers/salesforce.rb
211
226
  - lib/sorcery/providers/slack.rb