sorcery 0.15.0 → 0.16.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.github/PULL_REQUEST_TEMPLATE.md +5 -0
- data/.github/workflows/ruby.yml +23 -0
- data/.rubocop_todo.yml +36 -26
- data/.travis.yml +10 -1
- data/CHANGELOG.md +10 -0
- data/CODE_OF_CONDUCT.md +14 -0
- data/Gemfile +2 -2
- data/README.md +2 -2
- data/SECURITY.md +18 -0
- data/gemfiles/rails_52.gemfile +7 -0
- data/gemfiles/rails_60.gemfile +7 -0
- data/lib/generators/sorcery/helpers.rb +4 -0
- data/lib/generators/sorcery/templates/initializer.rb +13 -1
- data/lib/generators/sorcery/templates/migration/activity_logging.rb +5 -5
- data/lib/generators/sorcery/templates/migration/brute_force_protection.rb +4 -4
- data/lib/generators/sorcery/templates/migration/core.rb +2 -2
- data/lib/generators/sorcery/templates/migration/external.rb +1 -1
- data/lib/generators/sorcery/templates/migration/magic_login.rb +4 -4
- data/lib/generators/sorcery/templates/migration/remember_me.rb +3 -3
- data/lib/generators/sorcery/templates/migration/reset_password.rb +5 -5
- data/lib/generators/sorcery/templates/migration/user_activation.rb +4 -4
- data/lib/sorcery/adapters/active_record_adapter.rb +2 -2
- data/lib/sorcery/controller/config.rb +6 -6
- data/lib/sorcery/controller/submodules/activity_logging.rb +5 -10
- data/lib/sorcery/controller/submodules/brute_force_protection.rb +3 -7
- data/lib/sorcery/controller/submodules/external.rb +4 -0
- data/lib/sorcery/controller/submodules/http_basic_auth.rb +2 -4
- data/lib/sorcery/controller/submodules/remember_me.rb +3 -7
- data/lib/sorcery/controller/submodules/session_timeout.rb +4 -7
- data/lib/sorcery/providers/battlenet.rb +51 -0
- data/lib/sorcery/providers/line.rb +20 -4
- data/lib/sorcery/version.rb +1 -1
- data/sorcery.gemspec +1 -2
- data/spec/controllers/controller_oauth2_spec.rb +23 -5
- data/spec/controllers/controller_oauth_spec.rb +6 -0
- data/spec/rails_app/app/controllers/application_controller.rb +2 -0
- data/spec/rails_app/app/controllers/sorcery_controller.rb +21 -1
- data/spec/rails_app/config/routes.rb +3 -0
- data/spec/shared_examples/user_shared_examples.rb +2 -2
- data/spec/support/migration_helper.rb +12 -2
- metadata +18 -11
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 44ff0a756fa8a8379e9333f116a72be359847bd3f9611f643e2f2200180dd4f6
|
|
4
|
+
data.tar.gz: 8e4bcf9034cac0cac8eddaf296df1a64757272d99c9954e35f99f45d2c9d2836
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: e6ef63584276452138f36a8cc1f22928d79f9e5998d4ade707c116e825f63e114a8219a5157c13508116caf4a7b46e08670b34b0ee7ea2e84e673f5f68e1f092
|
|
7
|
+
data.tar.gz: f5d3599a90e6a50896d19c67434e9ac9cf250f8357685d48426745da7bd210e8b3238a6b026243b5ea045f83c973914f505a77c000004b50ba40d721a51eb182
|
|
@@ -0,0 +1,23 @@
|
|
|
1
|
+
name: Ruby
|
|
2
|
+
|
|
3
|
+
on:
|
|
4
|
+
push:
|
|
5
|
+
branches: [ master ]
|
|
6
|
+
pull_request:
|
|
7
|
+
branches: [ master ]
|
|
8
|
+
|
|
9
|
+
jobs:
|
|
10
|
+
test:
|
|
11
|
+
|
|
12
|
+
runs-on: ubuntu-latest
|
|
13
|
+
|
|
14
|
+
steps:
|
|
15
|
+
- uses: actions/checkout@v2
|
|
16
|
+
- name: Set up Ruby
|
|
17
|
+
uses: ruby/setup-ruby@v1
|
|
18
|
+
with:
|
|
19
|
+
ruby-version: 2.6
|
|
20
|
+
- name: Install dependencies
|
|
21
|
+
run: bundle install
|
|
22
|
+
- name: Run tests
|
|
23
|
+
run: bundle exec rake
|
data/.rubocop_todo.yml
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
# This configuration was generated by
|
|
2
2
|
# `rubocop --auto-gen-config`
|
|
3
|
-
# on
|
|
3
|
+
# on 2021-01-02 07:53:19 UTC using RuboCop version 0.88.0.
|
|
4
4
|
# The point is for the user to remove these configuration records
|
|
5
5
|
# one by one as the offenses are removed from the code base.
|
|
6
6
|
# Note that changes in the inspected code, or installation of new
|
|
@@ -13,12 +13,12 @@ Gemspec/RequiredRubyVersion:
|
|
|
13
13
|
Exclude:
|
|
14
14
|
- 'sorcery.gemspec'
|
|
15
15
|
|
|
16
|
-
# Offense count:
|
|
16
|
+
# Offense count: 2
|
|
17
17
|
# Cop supports --auto-correct.
|
|
18
|
-
# Configuration parameters:
|
|
19
|
-
|
|
20
|
-
|
|
21
|
-
|
|
18
|
+
# Configuration parameters: IndentationWidth.
|
|
19
|
+
# SupportedStyles: special_inside_parentheses, consistent, align_braces
|
|
20
|
+
Layout/FirstHashElementIndentation:
|
|
21
|
+
EnforcedStyle: consistent
|
|
22
22
|
|
|
23
23
|
# Offense count: 83
|
|
24
24
|
# Cop supports --auto-correct.
|
|
@@ -29,6 +29,13 @@ Layout/EmptyLineBetweenDefs:
|
|
|
29
29
|
Layout/HashAlignment:
|
|
30
30
|
Enabled: false
|
|
31
31
|
|
|
32
|
+
# Offense count: 3
|
|
33
|
+
# Cop supports --auto-correct.
|
|
34
|
+
# Configuration parameters: AllowInHeredoc.
|
|
35
|
+
Layout/TrailingWhitespace:
|
|
36
|
+
Exclude:
|
|
37
|
+
- 'lib/sorcery/controller/submodules/external.rb'
|
|
38
|
+
|
|
32
39
|
# Offense count: 2
|
|
33
40
|
# Configuration parameters: AllowSafeAssignment.
|
|
34
41
|
Lint/AssignmentInCondition:
|
|
@@ -58,15 +65,6 @@ Lint/SendWithMixinArgument:
|
|
|
58
65
|
- 'lib/sorcery/engine.rb'
|
|
59
66
|
- 'lib/sorcery/test_helpers/internal/rails.rb'
|
|
60
67
|
|
|
61
|
-
# Offense count: 4
|
|
62
|
-
# Configuration parameters: AllowComments.
|
|
63
|
-
Lint/SuppressedException:
|
|
64
|
-
Exclude:
|
|
65
|
-
- 'lib/sorcery/controller.rb'
|
|
66
|
-
- 'lib/sorcery/model.rb'
|
|
67
|
-
- 'spec/rails_app/config/application.rb'
|
|
68
|
-
- 'spec/shared_examples/user_shared_examples.rb'
|
|
69
|
-
|
|
70
68
|
# Offense count: 2
|
|
71
69
|
# Cop supports --auto-correct.
|
|
72
70
|
# Configuration parameters: IgnoreEmptyBlocks, AllowUnusedKeywordArguments.
|
|
@@ -74,6 +72,20 @@ Lint/UnusedBlockArgument:
|
|
|
74
72
|
Exclude:
|
|
75
73
|
- 'spec/shared_examples/user_shared_examples.rb'
|
|
76
74
|
|
|
75
|
+
# Offense count: 1
|
|
76
|
+
# Cop supports --auto-correct.
|
|
77
|
+
# Configuration parameters: EnforcedStyle, SingleLineConditionsOnly, IncludeTernaryExpressions.
|
|
78
|
+
# SupportedStyles: assign_to_condition, assign_inside_condition
|
|
79
|
+
Style/ConditionalAssignment:
|
|
80
|
+
Exclude:
|
|
81
|
+
- 'lib/sorcery/adapters/active_record_adapter.rb'
|
|
82
|
+
|
|
83
|
+
# Offense count: 1
|
|
84
|
+
# Cop supports --auto-correct.
|
|
85
|
+
Style/ExpandPathArguments:
|
|
86
|
+
Exclude:
|
|
87
|
+
- 'spec/rails_app/config.ru'
|
|
88
|
+
|
|
77
89
|
# Offense count: 1
|
|
78
90
|
# Configuration parameters: EnforcedStyle.
|
|
79
91
|
# SupportedStyles: annotated, template, unannotated
|
|
@@ -81,21 +93,13 @@ Style/FormatStringToken:
|
|
|
81
93
|
Exclude:
|
|
82
94
|
- 'lib/generators/sorcery/install_generator.rb'
|
|
83
95
|
|
|
84
|
-
# Offense count:
|
|
96
|
+
# Offense count: 125
|
|
85
97
|
# Cop supports --auto-correct.
|
|
86
98
|
# Configuration parameters: EnforcedStyle.
|
|
87
|
-
# SupportedStyles: always, never
|
|
99
|
+
# SupportedStyles: always, always_true, never
|
|
88
100
|
Style/FrozenStringLiteralComment:
|
|
89
101
|
Enabled: false
|
|
90
102
|
|
|
91
|
-
# Offense count: 3
|
|
92
|
-
# Configuration parameters: MinBodyLength.
|
|
93
|
-
Style/GuardClause:
|
|
94
|
-
Exclude:
|
|
95
|
-
- 'lib/sorcery/controller/submodules/brute_force_protection.rb'
|
|
96
|
-
- 'lib/sorcery/controller/submodules/http_basic_auth.rb'
|
|
97
|
-
- 'lib/sorcery/controller/submodules/remember_me.rb'
|
|
98
|
-
|
|
99
103
|
# Offense count: 3
|
|
100
104
|
# Cop supports --auto-correct.
|
|
101
105
|
# Configuration parameters: EnforcedStyle, UseHashRocketsWithSymbolValues, PreferHashRocketsForNonAlnumEndingSymbols.
|
|
@@ -105,11 +109,17 @@ Style/HashSyntax:
|
|
|
105
109
|
- 'lib/sorcery/adapters/active_record_adapter.rb'
|
|
106
110
|
- 'lib/sorcery/test_helpers/rails/integration.rb'
|
|
107
111
|
|
|
108
|
-
# Offense count:
|
|
112
|
+
# Offense count: 34
|
|
109
113
|
# Cop supports --auto-correct.
|
|
110
114
|
Style/IfUnlessModifier:
|
|
111
115
|
Enabled: false
|
|
112
116
|
|
|
117
|
+
# Offense count: 1
|
|
118
|
+
# Cop supports --auto-correct.
|
|
119
|
+
Style/MultilineIfModifier:
|
|
120
|
+
Exclude:
|
|
121
|
+
- 'lib/sorcery/providers/line.rb'
|
|
122
|
+
|
|
113
123
|
# Offense count: 2
|
|
114
124
|
# Cop supports --auto-correct.
|
|
115
125
|
Style/RedundantBegin:
|
data/.travis.yml
CHANGED
|
@@ -1,8 +1,17 @@
|
|
|
1
1
|
language: ruby
|
|
2
|
+
cache: bundler
|
|
3
|
+
|
|
2
4
|
rvm:
|
|
3
5
|
- 2.4.9
|
|
4
6
|
- 2.5.7
|
|
5
7
|
- 2.6.5
|
|
8
|
+
- 2.7.1
|
|
6
9
|
|
|
7
10
|
gemfile:
|
|
8
|
-
-
|
|
11
|
+
- gemfiles/rails_52.gemfile
|
|
12
|
+
- gemfiles/rails_60.gemfile
|
|
13
|
+
|
|
14
|
+
jobs:
|
|
15
|
+
exclude:
|
|
16
|
+
- rvm: 2.4.9
|
|
17
|
+
gemfile: gemfiles/rails_60.gemfile
|
data/CHANGELOG.md
CHANGED
|
@@ -1,6 +1,16 @@
|
|
|
1
1
|
# Changelog
|
|
2
2
|
## HEAD
|
|
3
3
|
|
|
4
|
+
## 0.16.0
|
|
5
|
+
|
|
6
|
+
* Add BattleNet Provider [#260](https://github.com/Sorcery/sorcery/pull/260)
|
|
7
|
+
* Fix failing isolated tests [#249](https://github.com/Sorcery/sorcery/pull/249)
|
|
8
|
+
* Support LINE login v2.1 [#251](https://github.com/Sorcery/sorcery/pull/251)
|
|
9
|
+
* Update generators to better support namespaces [#237](https://github.com/Sorcery/sorcery/pull/237)
|
|
10
|
+
* Add support for Rails 6 [#238](https://github.com/Sorcery/sorcery/pull/238)
|
|
11
|
+
* Fix ruby 2.7 deprecation warnings [#241](https://github.com/Sorcery/sorcery/pull/241)
|
|
12
|
+
* Use set to ensure unique arrays [#233](https://github.com/Sorcery/sorcery/pull/233)
|
|
13
|
+
|
|
4
14
|
## 0.15.0
|
|
5
15
|
|
|
6
16
|
* Fix brute force vuln due to callbacks no being ran [#235](https://github.com/Sorcery/sorcery/pull/235)
|
data/CODE_OF_CONDUCT.md
ADDED
|
@@ -0,0 +1,14 @@
|
|
|
1
|
+
# The Sorcery Community Code of Conduct
|
|
2
|
+
|
|
3
|
+
This document provides a few simple community guidelines for a safe, respectful,
|
|
4
|
+
productive, and collaborative place for any person who is willing to contribute
|
|
5
|
+
to the Sorcery community. It applies to all "collaborative spaces", which are
|
|
6
|
+
defined as community communications channels (such as mailing lists, submitted
|
|
7
|
+
patches, commit comments, etc.).
|
|
8
|
+
|
|
9
|
+
* Participants will be tolerant of opposing views.
|
|
10
|
+
* Participants must ensure that their language and actions are free of personal
|
|
11
|
+
attacks and disparaging personal remarks.
|
|
12
|
+
* When interpreting the words and actions of others, participants should always
|
|
13
|
+
assume good intentions.
|
|
14
|
+
* Behaviour which can be reasonably considered harassment will not be tolerated.
|
data/Gemfile
CHANGED
data/README.md
CHANGED
|
@@ -238,14 +238,14 @@ Feel free to ask questions using these contact details:
|
|
|
238
238
|
|
|
239
239
|
**Current Maintainers:**
|
|
240
240
|
|
|
241
|
-
-
|
|
242
|
-
- Josh Buker ([@athix](https://github.com/athix)) | [Email](mailto:jbuker@aeonsplice.com)
|
|
241
|
+
- Josh Buker ([@athix](https://github.com/athix)) | [Email](mailto:crypto+sorcery@joshbuker.com?subject=Sorcery)
|
|
243
242
|
|
|
244
243
|
**Past Maintainers:**
|
|
245
244
|
|
|
246
245
|
- Noam Ben-Ari ([@NoamB](https://github.com/NoamB)) | [Email](mailto:nbenari@gmail.com) | [Twitter](https://twitter.com/nbenari)
|
|
247
246
|
- Kir Shatrov ([@kirs](https://github.com/kirs)) | [Email](mailto:shatrov@me.com) | [Twitter](https://twitter.com/Kiiiir)
|
|
248
247
|
- Grzegorz Witek ([@arnvald](https://github.com/arnvald)) | [Email](mailto:arnvald.to@gmail.com) | [Twitter](https://twitter.com/arnvald)
|
|
248
|
+
- Chase Gilliam ([@Ch4s3](https://github.com/Ch4s3)) | [Email](mailto:chase.gilliam@gmail.com)
|
|
249
249
|
|
|
250
250
|
## License
|
|
251
251
|
|
data/SECURITY.md
ADDED
|
@@ -0,0 +1,18 @@
|
|
|
1
|
+
# Security Policy
|
|
2
|
+
|
|
3
|
+
## Supported Versions
|
|
4
|
+
|
|
5
|
+
| Version | Supported |
|
|
6
|
+
| -------- | ------------------ |
|
|
7
|
+
| 0.15.0 | :white_check_mark: |
|
|
8
|
+
| < 0.15.0 | :x: |
|
|
9
|
+
|
|
10
|
+
## Reporting a Vulnerability
|
|
11
|
+
|
|
12
|
+
Email the current maintainer(s) with a description of the vulnerability. You
|
|
13
|
+
should expect a response within 48 hours. If the vulnerability is accepted, a
|
|
14
|
+
Github advisory will be created and eventually released with a CVE corresponding
|
|
15
|
+
to the issue found.
|
|
16
|
+
|
|
17
|
+
A list of the current maintainers can be found on the README under the contact
|
|
18
|
+
section. See: [README.md](https://github.com/Sorcery/sorcery#contact)
|
|
@@ -12,6 +12,10 @@ module Sorcery
|
|
|
12
12
|
options[:model] ? options[:model].classify : 'User'
|
|
13
13
|
end
|
|
14
14
|
|
|
15
|
+
def tableized_model_class
|
|
16
|
+
options[:model] ? options[:model].gsub(/::/, '').tableize : 'User'
|
|
17
|
+
end
|
|
18
|
+
|
|
15
19
|
def model_path
|
|
16
20
|
@model_path ||= File.join('app', 'models', "#{file_path}.rb")
|
|
17
21
|
end
|
|
@@ -222,13 +222,25 @@ Rails.application.config.sorcery.configure do |config|
|
|
|
222
222
|
# config.line.key = ""
|
|
223
223
|
# config.line.secret = ""
|
|
224
224
|
# config.line.callback_url = "http://mydomain.com:3000/oauth/callback?provider=line"
|
|
225
|
+
# config.line.scope = "profile"
|
|
226
|
+
# config.line.bot_prompt = "normal"
|
|
227
|
+
# config.line.user_info_mapping = {name: 'displayName'}
|
|
225
228
|
|
|
226
|
-
|
|
229
|
+
|
|
230
|
+
# For information about Discord API
|
|
227
231
|
# https://discordapp.com/developers/docs/topics/oauth2
|
|
228
232
|
# config.discord.key = "xxxxxx"
|
|
229
233
|
# config.discord.secret = "xxxxxx"
|
|
230
234
|
# config.discord.callback_url = "http://localhost:3000/oauth/callback?provider=discord"
|
|
231
235
|
# config.discord.scope = "email guilds"
|
|
236
|
+
|
|
237
|
+
# For information about Battlenet API
|
|
238
|
+
# https://develop.battle.net/documentation/guides/using-oauth
|
|
239
|
+
# config.battlenet.site = "https://eu.battle.net/" #See Website for other Regional Domains
|
|
240
|
+
# config.battlenet.key = "xxxxxx"
|
|
241
|
+
# config.battlenet.secret = "xxxxxx"
|
|
242
|
+
# config.battlenet.callback_url = "http://localhost:3000/oauth/callback?provider=battlenet"
|
|
243
|
+
# config.battlenet.scope = "openid"
|
|
232
244
|
# --- user config ---
|
|
233
245
|
config.user_config do |user|
|
|
234
246
|
# -- core --
|
|
@@ -1,10 +1,10 @@
|
|
|
1
1
|
class SorceryActivityLogging < <%= migration_class_name %>
|
|
2
2
|
def change
|
|
3
|
-
add_column :<%=
|
|
4
|
-
add_column :<%=
|
|
5
|
-
add_column :<%=
|
|
6
|
-
add_column :<%=
|
|
3
|
+
add_column :<%= tableized_model_class %>, :last_login_at, :datetime, default: nil
|
|
4
|
+
add_column :<%= tableized_model_class %>, :last_logout_at, :datetime, default: nil
|
|
5
|
+
add_column :<%= tableized_model_class %>, :last_activity_at, :datetime, default: nil
|
|
6
|
+
add_column :<%= tableized_model_class %>, :last_login_from_ip_address, :string, default: nil
|
|
7
7
|
|
|
8
|
-
add_index :<%=
|
|
8
|
+
add_index :<%= tableized_model_class %>, [:last_logout_at, :last_activity_at]
|
|
9
9
|
end
|
|
10
10
|
end
|
|
@@ -1,9 +1,9 @@
|
|
|
1
1
|
class SorceryBruteForceProtection < <%= migration_class_name %>
|
|
2
2
|
def change
|
|
3
|
-
add_column :<%=
|
|
4
|
-
add_column :<%=
|
|
5
|
-
add_column :<%=
|
|
3
|
+
add_column :<%= tableized_model_class %>, :failed_logins_count, :integer, default: 0
|
|
4
|
+
add_column :<%= tableized_model_class %>, :lock_expires_at, :datetime, default: nil
|
|
5
|
+
add_column :<%= tableized_model_class %>, :unlock_token, :string, default: nil
|
|
6
6
|
|
|
7
|
-
add_index :<%=
|
|
7
|
+
add_index :<%= tableized_model_class %>, :unlock_token
|
|
8
8
|
end
|
|
9
9
|
end
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
class SorceryCore < <%= migration_class_name %>
|
|
2
2
|
def change
|
|
3
|
-
create_table :<%=
|
|
3
|
+
create_table :<%= tableized_model_class %> do |t|
|
|
4
4
|
t.string :email, null: false
|
|
5
5
|
t.string :crypted_password
|
|
6
6
|
t.string :salt
|
|
@@ -8,6 +8,6 @@ class SorceryCore < <%= migration_class_name %>
|
|
|
8
8
|
t.timestamps null: false
|
|
9
9
|
end
|
|
10
10
|
|
|
11
|
-
add_index :<%=
|
|
11
|
+
add_index :<%= tableized_model_class %>, :email, unique: true
|
|
12
12
|
end
|
|
13
13
|
end
|
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
class SorceryExternal < <%= migration_class_name %>
|
|
2
2
|
def change
|
|
3
3
|
create_table :authentications do |t|
|
|
4
|
-
t.integer :<%=
|
|
4
|
+
t.integer :<%= tableized_model_class.singularize %>_id, null: false
|
|
5
5
|
t.string :provider, :uid, null: false
|
|
6
6
|
|
|
7
7
|
t.timestamps null: false
|
|
@@ -1,9 +1,9 @@
|
|
|
1
1
|
class SorceryMagicLogin < <%= migration_class_name %>
|
|
2
2
|
def change
|
|
3
|
-
add_column :<%=
|
|
4
|
-
add_column :<%=
|
|
5
|
-
add_column :<%=
|
|
3
|
+
add_column :<%= tableized_model_class %>, :magic_login_token, :string, default: nil
|
|
4
|
+
add_column :<%= tableized_model_class %>, :magic_login_token_expires_at, :datetime, default: nil
|
|
5
|
+
add_column :<%= tableized_model_class %>, :magic_login_email_sent_at, :datetime, default: nil
|
|
6
6
|
|
|
7
|
-
add_index :<%=
|
|
7
|
+
add_index :<%= tableized_model_class %>, :magic_login_token
|
|
8
8
|
end
|
|
9
9
|
end
|
|
@@ -1,8 +1,8 @@
|
|
|
1
1
|
class SorceryRememberMe < <%= migration_class_name %>
|
|
2
2
|
def change
|
|
3
|
-
add_column :<%=
|
|
4
|
-
add_column :<%=
|
|
3
|
+
add_column :<%= tableized_model_class %>, :remember_me_token, :string, default: nil
|
|
4
|
+
add_column :<%= tableized_model_class %>, :remember_me_token_expires_at, :datetime, default: nil
|
|
5
5
|
|
|
6
|
-
add_index :<%=
|
|
6
|
+
add_index :<%= tableized_model_class %>, :remember_me_token
|
|
7
7
|
end
|
|
8
8
|
end
|
|
@@ -1,10 +1,10 @@
|
|
|
1
1
|
class SorceryResetPassword < <%= migration_class_name %>
|
|
2
2
|
def change
|
|
3
|
-
add_column :<%=
|
|
4
|
-
add_column :<%=
|
|
5
|
-
add_column :<%=
|
|
6
|
-
add_column :<%=
|
|
3
|
+
add_column :<%= tableized_model_class %>, :reset_password_token, :string, default: nil
|
|
4
|
+
add_column :<%= tableized_model_class %>, :reset_password_token_expires_at, :datetime, default: nil
|
|
5
|
+
add_column :<%= tableized_model_class %>, :reset_password_email_sent_at, :datetime, default: nil
|
|
6
|
+
add_column :<%= tableized_model_class %>, :access_count_to_reset_password_page, :integer, default: 0
|
|
7
7
|
|
|
8
|
-
add_index :<%=
|
|
8
|
+
add_index :<%= tableized_model_class %>, :reset_password_token
|
|
9
9
|
end
|
|
10
10
|
end
|
|
@@ -1,9 +1,9 @@
|
|
|
1
1
|
class SorceryUserActivation < <%= migration_class_name %>
|
|
2
2
|
def change
|
|
3
|
-
add_column :<%=
|
|
4
|
-
add_column :<%=
|
|
5
|
-
add_column :<%=
|
|
3
|
+
add_column :<%= tableized_model_class %>, :activation_state, :string, default: nil
|
|
4
|
+
add_column :<%= tableized_model_class %>, :activation_token, :string, default: nil
|
|
5
|
+
add_column :<%= tableized_model_class %>, :activation_token_expires_at, :datetime, default: nil
|
|
6
6
|
|
|
7
|
-
add_index :<%=
|
|
7
|
+
add_index :<%= tableized_model_class %>, :activation_token
|
|
8
8
|
end
|
|
9
9
|
end
|
|
@@ -12,7 +12,7 @@ module Sorcery
|
|
|
12
12
|
|
|
13
13
|
def save(options = {})
|
|
14
14
|
mthd = options.delete(:raise_on_failure) ? :save! : :save
|
|
15
|
-
@model.send(mthd, options)
|
|
15
|
+
@model.send(mthd, **options)
|
|
16
16
|
end
|
|
17
17
|
|
|
18
18
|
def increment(field)
|
|
@@ -35,7 +35,7 @@ module Sorcery
|
|
|
35
35
|
end
|
|
36
36
|
|
|
37
37
|
def define_callback(time, event, method_name, options = {})
|
|
38
|
-
@klass.send "#{time}_#{event}", method_name, options.slice(:if, :on)
|
|
38
|
+
@klass.send "#{time}_#{event}", method_name, **options.slice(:if, :on)
|
|
39
39
|
end
|
|
40
40
|
|
|
41
41
|
def find_by_oauth_credentials(provider, uid)
|
|
@@ -25,12 +25,12 @@ module Sorcery
|
|
|
25
25
|
:@user_class => nil,
|
|
26
26
|
:@submodules => [],
|
|
27
27
|
:@not_authenticated_action => :not_authenticated,
|
|
28
|
-
:@login_sources =>
|
|
29
|
-
:@after_login =>
|
|
30
|
-
:@after_failed_login =>
|
|
31
|
-
:@before_logout =>
|
|
32
|
-
:@after_logout =>
|
|
33
|
-
:@after_remember_me =>
|
|
28
|
+
:@login_sources => Set.new,
|
|
29
|
+
:@after_login => Set.new,
|
|
30
|
+
:@after_failed_login => Set.new,
|
|
31
|
+
:@before_logout => Set.new,
|
|
32
|
+
:@after_logout => Set.new,
|
|
33
|
+
:@after_remember_me => Set.new,
|
|
34
34
|
:@save_return_to_url => true,
|
|
35
35
|
:@cookie_domain => nil
|
|
36
36
|
}
|
|
@@ -30,16 +30,11 @@ module Sorcery
|
|
|
30
30
|
end
|
|
31
31
|
merge_activity_logging_defaults!
|
|
32
32
|
end
|
|
33
|
-
|
|
34
|
-
|
|
35
|
-
|
|
36
|
-
|
|
37
|
-
|
|
38
|
-
Config.after_login << :register_last_ip_address
|
|
39
|
-
end
|
|
40
|
-
unless Config.before_logout.include?(:register_logout_time_to_db)
|
|
41
|
-
Config.before_logout << :register_logout_time_to_db
|
|
42
|
-
end
|
|
33
|
+
|
|
34
|
+
Config.after_login << :register_login_time_to_db
|
|
35
|
+
Config.after_login << :register_last_ip_address
|
|
36
|
+
Config.before_logout << :register_logout_time_to_db
|
|
37
|
+
|
|
43
38
|
base.after_action :register_last_activity_time_to_db
|
|
44
39
|
end
|
|
45
40
|
|
|
@@ -10,13 +10,9 @@ module Sorcery
|
|
|
10
10
|
module BruteForceProtection
|
|
11
11
|
def self.included(base)
|
|
12
12
|
base.send(:include, InstanceMethods)
|
|
13
|
-
|
|
14
|
-
|
|
15
|
-
|
|
16
|
-
end
|
|
17
|
-
unless Config.after_failed_login.include?(:update_failed_logins_count!)
|
|
18
|
-
Config.after_failed_login << :update_failed_logins_count!
|
|
19
|
-
end
|
|
13
|
+
|
|
14
|
+
Config.after_login << :reset_failed_logins_count!
|
|
15
|
+
Config.after_failed_login << :update_failed_logins_count!
|
|
20
16
|
end
|
|
21
17
|
|
|
22
18
|
module InstanceMethods
|
|
@@ -19,10 +19,8 @@ module Sorcery
|
|
|
19
19
|
end
|
|
20
20
|
merge_http_basic_auth_defaults!
|
|
21
21
|
end
|
|
22
|
-
|
|
23
|
-
|
|
24
|
-
Config.login_sources << :login_from_basic_auth
|
|
25
|
-
end
|
|
22
|
+
|
|
23
|
+
Config.login_sources << :login_from_basic_auth
|
|
26
24
|
end
|
|
27
25
|
|
|
28
26
|
module InstanceMethods
|
|
@@ -17,13 +17,9 @@ module Sorcery
|
|
|
17
17
|
end
|
|
18
18
|
merge_remember_me_defaults!
|
|
19
19
|
end
|
|
20
|
-
|
|
21
|
-
|
|
22
|
-
|
|
23
|
-
end
|
|
24
|
-
unless Config.before_logout.include?(:forget_me!)
|
|
25
|
-
Config.before_logout << :forget_me!
|
|
26
|
-
end
|
|
20
|
+
|
|
21
|
+
Config.login_sources << :login_from_cookie
|
|
22
|
+
Config.before_logout << :forget_me!
|
|
27
23
|
end
|
|
28
24
|
|
|
29
25
|
module InstanceMethods
|
|
@@ -23,13 +23,10 @@ module Sorcery
|
|
|
23
23
|
end
|
|
24
24
|
merge_session_timeout_defaults!
|
|
25
25
|
end
|
|
26
|
-
|
|
27
|
-
|
|
28
|
-
|
|
29
|
-
|
|
30
|
-
unless Config.after_remember_me.include?(:register_login_time)
|
|
31
|
-
Config.after_remember_me << :register_login_time
|
|
32
|
-
end
|
|
26
|
+
|
|
27
|
+
Config.after_login << :register_login_time
|
|
28
|
+
Config.after_remember_me << :register_login_time
|
|
29
|
+
|
|
33
30
|
base.prepend_before_action :validate_session
|
|
34
31
|
end
|
|
35
32
|
|
|
@@ -0,0 +1,51 @@
|
|
|
1
|
+
module Sorcery
|
|
2
|
+
module Providers
|
|
3
|
+
# This class adds support for OAuth with BattleNet
|
|
4
|
+
|
|
5
|
+
class Battlenet < Base
|
|
6
|
+
include Protocols::Oauth2
|
|
7
|
+
|
|
8
|
+
attr_accessor :auth_path, :scope, :token_url, :user_info_path
|
|
9
|
+
|
|
10
|
+
def initialize
|
|
11
|
+
super
|
|
12
|
+
|
|
13
|
+
@scope = 'openid'
|
|
14
|
+
@site = 'https://eu.battle.net/'
|
|
15
|
+
@auth_path = '/oauth/authorize'
|
|
16
|
+
@token_url = '/oauth/token'
|
|
17
|
+
@user_info_path = '/oauth/userinfo'
|
|
18
|
+
@state = SecureRandom.hex(16)
|
|
19
|
+
end
|
|
20
|
+
|
|
21
|
+
def get_user_hash(access_token)
|
|
22
|
+
response = access_token.get(user_info_path)
|
|
23
|
+
body = JSON.parse(response.body)
|
|
24
|
+
auth_hash(access_token).tap do |h|
|
|
25
|
+
h[:user_info] = body
|
|
26
|
+
h[:battletag] = body['battletag']
|
|
27
|
+
h[:uid] = body['id']
|
|
28
|
+
end
|
|
29
|
+
end
|
|
30
|
+
|
|
31
|
+
# calculates and returns the url to which the user should be redirected,
|
|
32
|
+
# to get authenticated at the external provider's site.
|
|
33
|
+
def login_url(_params, _session)
|
|
34
|
+
authorize_url(authorize_url: auth_path)
|
|
35
|
+
end
|
|
36
|
+
|
|
37
|
+
# tries to login the user from access token
|
|
38
|
+
def process_callback(params, _session)
|
|
39
|
+
args = { code: params[:code] }
|
|
40
|
+
get_access_token(
|
|
41
|
+
args,
|
|
42
|
+
token_url: token_url,
|
|
43
|
+
client_id: @key,
|
|
44
|
+
client_secret: @secret,
|
|
45
|
+
grant_type: 'authorization_code',
|
|
46
|
+
token_method: :post
|
|
47
|
+
)
|
|
48
|
+
end
|
|
49
|
+
end
|
|
50
|
+
end
|
|
51
|
+
end
|
|
@@ -9,15 +9,16 @@ module Sorcery
|
|
|
9
9
|
class Line < Base
|
|
10
10
|
include Protocols::Oauth2
|
|
11
11
|
|
|
12
|
-
attr_accessor :token_url, :user_info_path, :auth_path
|
|
12
|
+
attr_accessor :token_url, :user_info_path, :auth_path, :scope, :bot_prompt
|
|
13
13
|
|
|
14
14
|
def initialize
|
|
15
15
|
super
|
|
16
16
|
|
|
17
17
|
@site = 'https://access.line.me'
|
|
18
18
|
@user_info_path = 'https://api.line.me/v2/profile'
|
|
19
|
-
@token_url = 'https://api.line.me/v2/
|
|
20
|
-
@auth_path = '
|
|
19
|
+
@token_url = 'https://api.line.me/oauth2/v2.1/token'
|
|
20
|
+
@auth_path = 'oauth2/v2.1/authorize'
|
|
21
|
+
@scope = 'profile'
|
|
21
22
|
end
|
|
22
23
|
|
|
23
24
|
def get_user_hash(access_token)
|
|
@@ -34,13 +35,28 @@ module Sorcery
|
|
|
34
35
|
@state = SecureRandom.hex(16)
|
|
35
36
|
authorize_url(authorize_url: auth_path)
|
|
36
37
|
end
|
|
38
|
+
|
|
39
|
+
# overrides oauth2#authorize_url to add bot_prompt query.
|
|
40
|
+
def authorize_url(options = {})
|
|
41
|
+
options.merge!({
|
|
42
|
+
connection_opts: { params: { bot_prompt: bot_prompt } }
|
|
43
|
+
}) if bot_prompt.present?
|
|
44
|
+
|
|
45
|
+
super(options)
|
|
46
|
+
end
|
|
47
|
+
|
|
37
48
|
# tries to login the user from access token
|
|
38
49
|
def process_callback(params, _session)
|
|
39
50
|
args = {}.tap do |a|
|
|
40
51
|
a[:code] = params[:code] if params[:code]
|
|
41
52
|
end
|
|
42
53
|
|
|
43
|
-
get_access_token(
|
|
54
|
+
get_access_token(
|
|
55
|
+
args,
|
|
56
|
+
token_url: token_url,
|
|
57
|
+
token_method: :post,
|
|
58
|
+
grant_type: 'authorization_code'
|
|
59
|
+
)
|
|
44
60
|
end
|
|
45
61
|
end
|
|
46
62
|
end
|
data/lib/sorcery/version.rb
CHANGED
data/sorcery.gemspec
CHANGED
|
@@ -116,12 +116,21 @@ describe SorceryController, active_record: true, type: :controller do
|
|
|
116
116
|
end
|
|
117
117
|
|
|
118
118
|
context 'when callback_url begin with http://' do
|
|
119
|
+
before do
|
|
120
|
+
sorcery_controller_external_property_set(:facebook, :callback_url, '/oauth/twitter/callback')
|
|
121
|
+
sorcery_controller_external_property_set(:facebook, :api_version, 'v2.2')
|
|
122
|
+
end
|
|
123
|
+
|
|
119
124
|
it 'login_at redirects correctly' do
|
|
120
125
|
create_new_user
|
|
121
126
|
get :login_at_test_facebook
|
|
122
127
|
expect(response).to be_a_redirect
|
|
123
128
|
expect(response).to redirect_to("https://www.facebook.com/v2.2/dialog/oauth?client_id=#{::Sorcery::Controller::Config.facebook.key}&display=page&redirect_uri=http%3A%2F%2Ftest.host%2Foauth%2Ftwitter%2Fcallback&response_type=code&scope=email&state")
|
|
124
129
|
end
|
|
130
|
+
|
|
131
|
+
after do
|
|
132
|
+
sorcery_controller_external_property_set(:facebook, :callback_url, 'http://blabla.com')
|
|
133
|
+
end
|
|
125
134
|
end
|
|
126
135
|
|
|
127
136
|
it "'login_from' logins if user exists" do
|
|
@@ -155,7 +164,7 @@ describe SorceryController, active_record: true, type: :controller do
|
|
|
155
164
|
expect(flash[:notice]).to eq 'Success!'
|
|
156
165
|
end
|
|
157
166
|
|
|
158
|
-
%i[github google liveid vk salesforce paypal slack wechat microsoft instagram auth0 discord].each do |provider|
|
|
167
|
+
%i[github google liveid vk salesforce paypal slack wechat microsoft instagram auth0 discord battlenet].each do |provider|
|
|
159
168
|
describe "with #{provider}" do
|
|
160
169
|
it 'login_at redirects correctly' do
|
|
161
170
|
get :"login_at_test_#{provider}"
|
|
@@ -218,6 +227,7 @@ describe SorceryController, active_record: true, type: :controller do
|
|
|
218
227
|
auth0
|
|
219
228
|
line
|
|
220
229
|
discord
|
|
230
|
+
battlenet
|
|
221
231
|
]
|
|
222
232
|
)
|
|
223
233
|
|
|
@@ -265,6 +275,9 @@ describe SorceryController, active_record: true, type: :controller do
|
|
|
265
275
|
sorcery_controller_external_property_set(:discord, :key, 'eYVNBjBDi33aa9GkA3w')
|
|
266
276
|
sorcery_controller_external_property_set(:discord, :secret, 'XpbeSdCoaKSmQGSeokz5qcUATClRW5u08QWNfv71N8')
|
|
267
277
|
sorcery_controller_external_property_set(:discord, :callback_url, 'http://blabla.com')
|
|
278
|
+
sorcery_controller_external_property_set(:battlenet, :key, '4c43d4862c774ca5bbde89873bf0d338')
|
|
279
|
+
sorcery_controller_external_property_set(:battlenet, :secret, 'TxY7IwKOykACd8kUxPyVGTqBs44UBDdX')
|
|
280
|
+
sorcery_controller_external_property_set(:battlenet, :callback_url, 'http://blabla.com')
|
|
268
281
|
end
|
|
269
282
|
|
|
270
283
|
after(:each) do
|
|
@@ -287,7 +300,7 @@ describe SorceryController, active_record: true, type: :controller do
|
|
|
287
300
|
expect(ActionMailer::Base.deliveries.size).to eq old_size
|
|
288
301
|
end
|
|
289
302
|
|
|
290
|
-
%i[github google liveid vk salesforce paypal wechat microsoft instagram auth0 discord].each do |provider|
|
|
303
|
+
%i[github google liveid vk salesforce paypal wechat microsoft instagram auth0 discord battlenet].each do |provider|
|
|
291
304
|
it "does not send activation email to external users (#{provider})" do
|
|
292
305
|
old_size = ActionMailer::Base.deliveries.size
|
|
293
306
|
create_new_external_user provider
|
|
@@ -311,7 +324,7 @@ describe SorceryController, active_record: true, type: :controller do
|
|
|
311
324
|
sorcery_reload!(%i[activity_logging external])
|
|
312
325
|
end
|
|
313
326
|
|
|
314
|
-
%w[facebook github google liveid vk salesforce slack discord].each do |provider|
|
|
327
|
+
%w[facebook github google liveid vk salesforce slack discord battlenet].each do |provider|
|
|
315
328
|
context "when #{provider}" do
|
|
316
329
|
before(:each) do
|
|
317
330
|
sorcery_controller_property_set(:register_login_time, true)
|
|
@@ -350,7 +363,7 @@ describe SorceryController, active_record: true, type: :controller do
|
|
|
350
363
|
|
|
351
364
|
let(:user) { double('user', id: 42) }
|
|
352
365
|
|
|
353
|
-
%w[facebook github google liveid vk salesforce slack discord].each do |provider|
|
|
366
|
+
%w[facebook github google liveid vk salesforce slack discord battlenet].each do |provider|
|
|
354
367
|
context "when #{provider}" do
|
|
355
368
|
before(:each) do
|
|
356
369
|
sorcery_model_property_set(:authentications_class, Authentication)
|
|
@@ -484,6 +497,7 @@ describe SorceryController, active_record: true, type: :controller do
|
|
|
484
497
|
auth0
|
|
485
498
|
line
|
|
486
499
|
discord
|
|
500
|
+
battlenet
|
|
487
501
|
]
|
|
488
502
|
)
|
|
489
503
|
sorcery_controller_external_property_set(:facebook, :key, 'eYVNBjBDi33aa9GkA3w')
|
|
@@ -529,6 +543,9 @@ describe SorceryController, active_record: true, type: :controller do
|
|
|
529
543
|
sorcery_controller_external_property_set(:discord, :key, 'eYVNBjBDi33aa9GkA3w')
|
|
530
544
|
sorcery_controller_external_property_set(:discord, :secret, 'XpbeSdCoaKSmQGSeokz5qcUATClRW5u08QWNfv71N8')
|
|
531
545
|
sorcery_controller_external_property_set(:discord, :callback_url, 'http://blabla.com')
|
|
546
|
+
sorcery_controller_external_property_set(:battlenet, :key, '4c43d4862c774ca5bbde89873bf0d338')
|
|
547
|
+
sorcery_controller_external_property_set(:battlenet, :secret, 'TxY7IwKOykACd8kUxPyVGTqBs44UBDdX')
|
|
548
|
+
sorcery_controller_external_property_set(:battlenet, :callback_url, 'http://blabla.com')
|
|
532
549
|
end
|
|
533
550
|
|
|
534
551
|
def provider_url(provider)
|
|
@@ -544,7 +561,8 @@ describe SorceryController, active_record: true, type: :controller do
|
|
|
544
561
|
microsoft: "https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=#{::Sorcery::Controller::Config.microsoft.key}&display&redirect_uri=http%3A%2F%2Fblabla.com&response_type=code&scope=openid+email+https%3A%2F%2Fgraph.microsoft.com%2FUser.Read&state",
|
|
545
562
|
instagram: "https://api.instagram.com/oauth/authorize?client_id=#{::Sorcery::Controller::Config.instagram.key}&display&redirect_uri=http%3A%2F%2Fblabla.com&response_type=code&scope=#{::Sorcery::Controller::Config.instagram.scope}&state",
|
|
546
563
|
auth0: "https://sorcery-test.auth0.com/authorize?client_id=#{::Sorcery::Controller::Config.auth0.key}&display&redirect_uri=http%3A%2F%2Fblabla.com&response_type=code&scope=openid+profile+email&state",
|
|
547
|
-
discord: "https://discordapp.com/api/oauth2/authorize?client_id=#{::Sorcery::Controller::Config.discord.key}&display&redirect_uri=http%3A%2F%2Fblabla.com&response_type=code&scope=identify&state"
|
|
564
|
+
discord: "https://discordapp.com/api/oauth2/authorize?client_id=#{::Sorcery::Controller::Config.discord.key}&display&redirect_uri=http%3A%2F%2Fblabla.com&response_type=code&scope=identify&state",
|
|
565
|
+
battlenet: "https://eu.battle.net/oauth/authorize?client_id=#{::Sorcery::Controller::Config.battlenet.key}&display&redirect_uri=http%3A%2F%2Fblabla.com&response_type=code&scope=openid&state"
|
|
548
566
|
}[provider]
|
|
549
567
|
end
|
|
550
568
|
end
|
|
@@ -84,11 +84,17 @@ describe SorceryController, type: :controller do
|
|
|
84
84
|
end
|
|
85
85
|
|
|
86
86
|
context 'when callback_url begin with http://' do
|
|
87
|
+
before do
|
|
88
|
+
sorcery_controller_external_property_set(:twitter, :callback_url, '/oauth/twitter/callback')
|
|
89
|
+
end
|
|
87
90
|
it 'login_at redirects correctly', pending: true do
|
|
88
91
|
get :login_at_test
|
|
89
92
|
expect(response).to be_a_redirect
|
|
90
93
|
expect(response).to redirect_to('http://myapi.com/oauth/authorize?oauth_callback=http%3A%2F%2Fblabla.com&oauth_token=')
|
|
91
94
|
end
|
|
95
|
+
after do
|
|
96
|
+
sorcery_controller_external_property_set(:twitter, :callback_url, 'http://blabla.com')
|
|
97
|
+
end
|
|
92
98
|
end
|
|
93
99
|
|
|
94
100
|
it 'logins if user exists' do
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
require 'oauth'
|
|
2
2
|
|
|
3
|
-
class SorceryController <
|
|
3
|
+
class SorceryController < ApplicationController
|
|
4
4
|
protect_from_forgery
|
|
5
5
|
|
|
6
6
|
before_action :require_login_from_http_basic, only: [:test_http_basic_auth]
|
|
@@ -170,6 +170,10 @@ class SorceryController < ActionController::Base
|
|
|
170
170
|
login_at(:discord)
|
|
171
171
|
end
|
|
172
172
|
|
|
173
|
+
def login_at_test_battlenet
|
|
174
|
+
login_at(:battlenet)
|
|
175
|
+
end
|
|
176
|
+
|
|
173
177
|
def test_login_from_twitter
|
|
174
178
|
if (@user = login_from(:twitter))
|
|
175
179
|
redirect_to 'bla', notice: 'Success!'
|
|
@@ -300,6 +304,14 @@ class SorceryController < ActionController::Base
|
|
|
300
304
|
end
|
|
301
305
|
end
|
|
302
306
|
|
|
307
|
+
def test_login_from_battlenet
|
|
308
|
+
if (@user = login_from(:battlenet))
|
|
309
|
+
redirect_to 'bla', notice: 'Success!'
|
|
310
|
+
else
|
|
311
|
+
redirect_to 'blu', alert: 'Failed!'
|
|
312
|
+
end
|
|
313
|
+
end
|
|
314
|
+
|
|
303
315
|
def test_return_to_with_external_twitter
|
|
304
316
|
if (@user = login_from(:twitter))
|
|
305
317
|
redirect_back_or_to 'bla', notice: 'Success!'
|
|
@@ -430,6 +442,14 @@ class SorceryController < ActionController::Base
|
|
|
430
442
|
end
|
|
431
443
|
end
|
|
432
444
|
|
|
445
|
+
def test_return_to_with_external_battlenet
|
|
446
|
+
if (@user = login_from(:battlenet))
|
|
447
|
+
redirect_back_or_to 'bla', notice: 'Success!'
|
|
448
|
+
else
|
|
449
|
+
redirect_to 'blu', alert: 'Failed!'
|
|
450
|
+
end
|
|
451
|
+
end
|
|
452
|
+
|
|
433
453
|
def test_create_from_provider
|
|
434
454
|
provider = params[:provider]
|
|
435
455
|
login_from(provider)
|
|
@@ -35,6 +35,7 @@ AppRoot::Application.routes.draw do
|
|
|
35
35
|
get :test_login_from_auth0
|
|
36
36
|
get :test_login_from_line
|
|
37
37
|
get :test_login_from_discord
|
|
38
|
+
get :test_login_from_battlenet
|
|
38
39
|
get :login_at_test
|
|
39
40
|
get :login_at_test_twitter
|
|
40
41
|
get :login_at_test_facebook
|
|
@@ -52,6 +53,7 @@ AppRoot::Application.routes.draw do
|
|
|
52
53
|
get :login_at_test_auth0
|
|
53
54
|
get :login_at_test_line
|
|
54
55
|
get :login_at_test_discord
|
|
56
|
+
get :login_at_test_battlenet
|
|
55
57
|
get :test_return_to_with_external
|
|
56
58
|
get :test_return_to_with_external_twitter
|
|
57
59
|
get :test_return_to_with_external_facebook
|
|
@@ -69,6 +71,7 @@ AppRoot::Application.routes.draw do
|
|
|
69
71
|
get :test_return_to_with_external_auth0
|
|
70
72
|
get :test_return_to_with_external_line
|
|
71
73
|
get :test_return_to_with_external_discord
|
|
74
|
+
get :test_return_to_with_external_battlenet
|
|
72
75
|
get :test_http_basic_auth
|
|
73
76
|
get :some_action_making_a_non_persisted_change_to_the_user
|
|
74
77
|
post :test_login_with_remember
|
|
@@ -511,7 +511,7 @@ shared_examples_for 'rails_3_core_model' do
|
|
|
511
511
|
|
|
512
512
|
# password comparison is done using BCrypt::Password#==(raw_token), not String#==
|
|
513
513
|
bcrypt_password = BCrypt::Password.new(user.crypted_password)
|
|
514
|
-
allow(::BCrypt::Password).to receive(:create) do |token,
|
|
514
|
+
allow(::BCrypt::Password).to receive(:create) do |token, options = {}|
|
|
515
515
|
# need to use common BCrypt's salt when genarating BCrypt::Password objects
|
|
516
516
|
# so that any generated password hashes can be compared each other
|
|
517
517
|
::BCrypt::Engine.hash_secret(token, bcrypt_password.salt)
|
|
@@ -535,7 +535,7 @@ shared_examples_for 'rails_3_core_model' do
|
|
|
535
535
|
|
|
536
536
|
# password comparison is done using BCrypt::Password#==(raw_token), not String#==
|
|
537
537
|
bcrypt_password = BCrypt::Password.new(user.crypted_password)
|
|
538
|
-
allow(::BCrypt::Password).to receive(:create) do |token,
|
|
538
|
+
allow(::BCrypt::Password).to receive(:create) do |token, options = {}|
|
|
539
539
|
# need to use common BCrypt's salt when genarating BCrypt::Password objects
|
|
540
540
|
# so that any generated password hashes can be compared each other
|
|
541
541
|
::BCrypt::Engine.hash_secret(token, bcrypt_password.salt)
|
|
@@ -1,7 +1,9 @@
|
|
|
1
1
|
class MigrationHelper
|
|
2
2
|
class << self
|
|
3
3
|
def migrate(path)
|
|
4
|
-
if ActiveRecord.version >= Gem::Version.new('
|
|
4
|
+
if ActiveRecord.version >= Gem::Version.new('6.0.0')
|
|
5
|
+
ActiveRecord::MigrationContext.new(path, schema_migration).migrate
|
|
6
|
+
elsif ActiveRecord.version >= Gem::Version.new('5.2.0')
|
|
5
7
|
ActiveRecord::MigrationContext.new(path).migrate
|
|
6
8
|
else
|
|
7
9
|
ActiveRecord::Migrator.migrate(path)
|
|
@@ -9,11 +11,19 @@ class MigrationHelper
|
|
|
9
11
|
end
|
|
10
12
|
|
|
11
13
|
def rollback(path)
|
|
12
|
-
if ActiveRecord.version >= Gem::Version.new('
|
|
14
|
+
if ActiveRecord.version >= Gem::Version.new('6.0.0')
|
|
15
|
+
ActiveRecord::MigrationContext.new(path, schema_migration).rollback
|
|
16
|
+
elsif ActiveRecord.version >= Gem::Version.new('5.2.0')
|
|
13
17
|
ActiveRecord::MigrationContext.new(path).rollback
|
|
14
18
|
else
|
|
15
19
|
ActiveRecord::Migrator.rollback(path)
|
|
16
20
|
end
|
|
17
21
|
end
|
|
22
|
+
|
|
23
|
+
private
|
|
24
|
+
|
|
25
|
+
def schema_migration
|
|
26
|
+
ActiveRecord::Base.connection.schema_migration
|
|
27
|
+
end
|
|
18
28
|
end
|
|
19
29
|
end
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: sorcery
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.16.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Noam Ben Ari
|
|
@@ -12,7 +12,7 @@ authors:
|
|
|
12
12
|
autorequire:
|
|
13
13
|
bindir: bin
|
|
14
14
|
cert_chain: []
|
|
15
|
-
date:
|
|
15
|
+
date: 2021-02-16 00:00:00.000000000 Z
|
|
16
16
|
dependencies:
|
|
17
17
|
- !ruby/object:Gem::Dependency
|
|
18
18
|
name: bcrypt
|
|
@@ -52,22 +52,22 @@ dependencies:
|
|
|
52
52
|
name: oauth2
|
|
53
53
|
requirement: !ruby/object:Gem::Requirement
|
|
54
54
|
requirements:
|
|
55
|
-
- - ">="
|
|
56
|
-
- !ruby/object:Gem::Version
|
|
57
|
-
version: 0.8.0
|
|
58
55
|
- - "~>"
|
|
59
56
|
- !ruby/object:Gem::Version
|
|
60
57
|
version: '1.0'
|
|
58
|
+
- - ">="
|
|
59
|
+
- !ruby/object:Gem::Version
|
|
60
|
+
version: 0.8.0
|
|
61
61
|
type: :runtime
|
|
62
62
|
prerelease: false
|
|
63
63
|
version_requirements: !ruby/object:Gem::Requirement
|
|
64
64
|
requirements:
|
|
65
|
-
- - ">="
|
|
66
|
-
- !ruby/object:Gem::Version
|
|
67
|
-
version: 0.8.0
|
|
68
65
|
- - "~>"
|
|
69
66
|
- !ruby/object:Gem::Version
|
|
70
67
|
version: '1.0'
|
|
68
|
+
- - ">="
|
|
69
|
+
- !ruby/object:Gem::Version
|
|
70
|
+
version: 0.8.0
|
|
71
71
|
- !ruby/object:Gem::Dependency
|
|
72
72
|
name: byebug
|
|
73
73
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -189,24 +189,29 @@ dependencies:
|
|
|
189
189
|
description: Provides common authentication needs such as signing in/out, activating
|
|
190
190
|
by email and resetting password.
|
|
191
191
|
email:
|
|
192
|
-
-
|
|
193
|
-
- contact@joshbuker.com
|
|
192
|
+
- crypto@joshbuker.com
|
|
194
193
|
executables: []
|
|
195
194
|
extensions: []
|
|
196
195
|
extra_rdoc_files: []
|
|
197
196
|
files:
|
|
198
197
|
- ".document"
|
|
199
198
|
- ".github/ISSUE_TEMPLATE.md"
|
|
199
|
+
- ".github/PULL_REQUEST_TEMPLATE.md"
|
|
200
|
+
- ".github/workflows/ruby.yml"
|
|
200
201
|
- ".gitignore"
|
|
201
202
|
- ".rspec"
|
|
202
203
|
- ".rubocop.yml"
|
|
203
204
|
- ".rubocop_todo.yml"
|
|
204
205
|
- ".travis.yml"
|
|
205
206
|
- CHANGELOG.md
|
|
207
|
+
- CODE_OF_CONDUCT.md
|
|
206
208
|
- Gemfile
|
|
207
209
|
- LICENSE.md
|
|
208
210
|
- README.md
|
|
209
211
|
- Rakefile
|
|
212
|
+
- SECURITY.md
|
|
213
|
+
- gemfiles/rails_52.gemfile
|
|
214
|
+
- gemfiles/rails_60.gemfile
|
|
210
215
|
- lib/generators/sorcery/USAGE
|
|
211
216
|
- lib/generators/sorcery/helpers.rb
|
|
212
217
|
- lib/generators/sorcery/install_generator.rb
|
|
@@ -254,6 +259,7 @@ files:
|
|
|
254
259
|
- lib/sorcery/protocols/oauth2.rb
|
|
255
260
|
- lib/sorcery/providers/auth0.rb
|
|
256
261
|
- lib/sorcery/providers/base.rb
|
|
262
|
+
- lib/sorcery/providers/battlenet.rb
|
|
257
263
|
- lib/sorcery/providers/discord.rb
|
|
258
264
|
- lib/sorcery/providers/facebook.rb
|
|
259
265
|
- lib/sorcery/providers/github.rb
|
|
@@ -303,6 +309,7 @@ files:
|
|
|
303
309
|
- spec/rails_app/app/active_record/user.rb
|
|
304
310
|
- spec/rails_app/app/active_record/user_provider.rb
|
|
305
311
|
- spec/rails_app/app/assets/config/manifest.js
|
|
312
|
+
- spec/rails_app/app/controllers/application_controller.rb
|
|
306
313
|
- spec/rails_app/app/controllers/sorcery_controller.rb
|
|
307
314
|
- spec/rails_app/app/helpers/application_helper.rb
|
|
308
315
|
- spec/rails_app/app/mailers/sorcery_mailer.rb
|
|
@@ -379,7 +386,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
379
386
|
- !ruby/object:Gem::Version
|
|
380
387
|
version: '0'
|
|
381
388
|
requirements: []
|
|
382
|
-
rubygems_version: 3.
|
|
389
|
+
rubygems_version: 3.1.2
|
|
383
390
|
signing_key:
|
|
384
391
|
specification_version: 4
|
|
385
392
|
summary: Magical authentication for Rails applications
|