stormpath-rails 2.1.0 → 2.2.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: db6a4d230306b6c5faf0906c6bdb1f7369ce5a57
-  data.tar.gz: 6c392883dcfb9608965a6e5866b5a291be4d26b3
+  metadata.gz: 48bb07c0dcc20fc47b52dc66c81bdd8cf8a0825b
+  data.tar.gz: 35f2d306d8993fa41f790fdf43a379830f3cf424
 SHA512:
-  metadata.gz: c5e85671ba7ab1768a3d88abb6bc2d1d2d33645389323ba49bb84c686fad51fc768ad5131ae3a8f8280d0e47bc4a3704335648fc17c6a1a2408b745d3a54e363
-  data.tar.gz: 32f1cc547828bbf8212fc8f92eea53e7ead58732d112d79e100537cfec5359ad1a5c06c26a6c26af258d916d953cda07f8b9ad8dc2088ee866fe89dc287e3f4d
+  metadata.gz: 6b25c56c5d57352816707e3f8e85df6d9f7da0f282606fc22d2b11c2ba5705c93ac3605a454d88dbc8e0fc4a08a7731b79dbceb47d1809ab6559a13e32984c8a
+  data.tar.gz: c61c4c909484d3bceaf12eeb733773989e63e6836cd7b391793ebeb772d296b2ee2750643f83ee12b1cc31ad665ca26f055041e4f07c471e6934fe52a8bba5cf

data/.travis.yml

@@ -13,28 +13,15 @@ install:
 - pip install --user sphinx
 script:
 - travis_retry rake
-# - cd docs
-# - make html
-# - cd ..
 after_success:
 - CURRENT_HASH=`git rev-parse HEAD`
-- RELEASE_VERSION=`git tag | xargs -I@ git log --format=format:"%ai @%n" -1 @ | sort | awk '{print $4}' | tail -n 1`
+- RELEASE_VERSION=`git tag | xargs -I@ git log --format=format:"%ai @%n" -1 @ | sort
+  | awk '{print $4}' | tail -n 1`
 - RELEASE_HASH=`git rev-list $RELEASE_VERSION -n 1`
 - if [ "$CURRENT_HASH" = "$RELEASE_HASH" ]; then DEPLOY_DOCS=true; fi
-#- test -z "$DEPLOY_DOCS" || git clone git@github.com:stormpath/stormpath.github.io.git
-#- test -z "$DEPLOY_DOCS" || cd stormpath.github.io
-#- test -z "$DEPLOY_DOCS" || git fetch origin source:source
-#- test -z "$DEPLOY_DOCS" || git checkout source
-#- test -z "$DEPLOY_DOCS" || mkdir -p source/ruby/rails
-#- test -z "$DEPLOY_DOCS" || rm -rf source/ruby/rails/latest
-#- test -z "$DEPLOY_DOCS" || cp -r ../docs/_build/html source/ruby/rails/latest
-#- test -z "$DEPLOY_DOCS" || cp -r ../docs/_build/html source/ruby/rails/$RELEASE_VERSION
-#- test -z "$DEPLOY_DOCS" || git add --all
-#- test -z "$DEPLOY_DOCS" || git commit -m "stormpath-rails release $RELEASE_VERSION"
-#- test -z "$DEPLOY_DOCS" || git push origin source
 env:
   global:
-  - STORMPATH_APPLICATION_URL=https://api.stormpath.com/v1/applications/3nZlLKVMIOPu71YC7TFR0o
-  - secure: WJgw02cTjVKwGJMq+n3L8e7uVTK3mnEqxArw2w/X1h4s09XIQM0B2b8PuM/2o01rkQWUfhd6lTLDEsQE916lSS8REJbnbsZ1VyH83yeHL4VgJNaJDHvEAq+iFzHnvtLwWkyWm8fEb7DCnEXXA7M3sGt1girhfs0xfITpXputCHE=
-  - secure: JpErPQAz1b/l3rpwt/N9J7SZiy4/UB1DOI+9Kq4OrC9kuq2vUw3VIAKIojqvwy+7OaKAxyWcsx1kQ3BCLOPV/OkORq1/bMpP4SL0/0KYX+WjBWZ+En+gx3aCY3kOLkkVpDS6gD2pulOeHubGNwhDrFLjKFtbuUBfZuEuAGVNnP8=
-  - secure: hgaOzbsR8H6i5gYXLpqUTsPsio39aCjaPbMwk5ylbI7HRD91qfQbJwuzsAa7+ocLi6NQ7LBL1xa317mLBO2uqWIhN85sTRIut2bO6S+8cgS7GWikMKnwkgU8gpUdNjGYh0Y8nrgwPDo5PZTv0jyUZNCeEqoa1HhDF3DjTMFrXHA=
+  - STORMPATH_APPLICATION_URL=https://api.stormpath.com/v1/applications/4BiS1Hc1LuBEbszdDrOwyz
+  - secure: VMjIMI42vIPTMPTr0fnzSPiIjzuSAnT7iNWjhAXP9WsdaCmxwHp1vOlry4QuX8DzpKHv2MQubeUN/UA227Nk1xn+CVu9mujWOqvvjmL9m20wMJvwT4ctn7zG+FJK76id9TEyx0mCTlH4ZrRoDMGfM9yzhpsg8FtSebBDdHxePaM=
+  - secure: IhR6H9qxmxCDNbLK0ebYuIXQRsGA/JhD6In4V/hnSMJ8lPi2kwRn6eKclNCHGNjcy6QF1V5vddKIfKOkFFZvIyP26reygTX1g5Mfa8SqTGKh3DAW4WP+T+yaE4z4UBDK1zZpbV0Zbkw/HC0xeD8UPnjRzERX1LVZp1qeEjhQrks=
+  - secure: a5woUmOQPRW6FBQBaxKJATfggUD/BVTBfeRaS07u1SQOpMoGJZLY0m29PVx4fHwRD1E7ho31YIeH8wk1vMMrimIHSdE1B4pm4n8bUTi/gDFwavXq9KgTdH8f6Eli37nAXZum78m4NgL9+OlrKeJKCcROdzniZPvFaLrnOwBGzVs=

data/CHANGELOG.md

@@ -1,6 +1,12 @@
 Stormpath Rails Changelog
 ============================
 
+Version 2.2.0
+-------------
+Released on Nov 07, 2016
+- Implement Authentication with Social Providers (Facebook, Google, Linkedin, Github)
+
+
 Version 2.1.0
 -------------
 Released on Nov 02, 2016

data/README.md

@@ -85,7 +85,6 @@ Check below on how to override default routes.
 ## Configuration
 
 The gem is highly configurable through it's configuration file (config/stormpath.yml).
-Currently the only configurations not working are for social logins and ID Site (because they are still not implemented in the gem).
 
 You can use embedded ruby (ERB) in the configuration file:
 
@@ -176,6 +175,12 @@ Stormpath::Rails::Profile::ShowController
 
 Stormpath::Rails::Oauth2::NewController
 Stormpath::Rails::Oauth2::CreateController
+
+Stormpath::Rails::SocialController
+Stormpath::Rails::Facebook::CreateController
+Stormpath::Rails::Github::CreateController
+Stormpath::Rails::Google::CreateController
+Stormpath::Rails::Linkedin::CreateController
 ```
 
 ### Routes
@@ -202,10 +207,67 @@ stormpath/rails/change_password/new.html.erb
 stormpath/rails/forgot_password/new.html.erb
 
 stormpath/rails/shared/_input.html.erb
+stormpath/rails/shared/_social_login.html.erb
 
 stormpath/rails/verify_email/new.html.erb
 ```
 
+## Social Authentication
+
+In order to successfully authenticate via a social provider you need to set up your directories and account stores on your application. The Social Login Providers currently supported by Stormpath are Facebook, GitHub, Google and LinkedIn.
+
+Social Directories are a kind of mirrored Directory, in that they are used to mirror user information found in an external database. This means that entities like Groups can only exist in a your Stormpath Social Directory if they are mirrored in from the external Social provider.
+
+### Google
+- create an application in the [Google Developer Console](https://console.developers.google.com/start)
+- enable Google Login for your Google application
+- copy the OAuth Credentials (Client ID and Secret) for your Google application
+- in the Credentials tab you will see the Restrictions section. Write the origin URI of your application in the Authorized JavaScript origins field. For example, if you want to test logging in via Google locally, you can write http://localhost:3000
+- In the authorized redirect URIs type in the callback URI to which Google is going to redirect after successful authentication: http://localhost:3000/callbacks/google
+- log in to [your stormpath dashboard](https://api.stormpath.com/login) and visit the Directories section
+- click on Create Directory and choose Google as the Directory Type. Name it and describe it however you want
+- paste the copied OAuth Credentials that you copied when you created the Google application in the Google Client ID and secret fields
+- paste the same authorized redirect URI as you did in the Google dashboard
+- visit the Applications section and click on the application you're using
+- click on Account Stores in the left sidebar and click on Add Account Store button
+- after you add your newly created Google directory try starting up your server and visit /login. You should see the 1-click Google login button
+
+### Facebook
+- create an application on the [Facebook Developer Site](https://developers.facebook.com/)
+- copy your OAuth credentials (App ID and App Secret)
+- add your application’s private and public root URLs. You can use http://localhost:3000 if you're testing logging in locally
+- make sure you make your application public by clicking on the App review tab in the left sidebar and activating your Facebook application
+- log in to [your stormpath dashboard](https://api.stormpath.com/login) and visit the Directories section
+- click on Create Directory and choose Facebook as the Directory Type. Name it and describe it however you want
+- paste the copied OAuth Credentials that you copied when you created the Facebook application in the Facebook Client ID and secret fields
+- visit the Applications section and click on the application you're using
+- click on Account Stores in the left sidebar and click on Add Account Store button
+- after you add your newly created Facebook directory try starting up your server and visit /login. You should see the 1-click Facebook login button
+
+### GitHub
+- create an application in the [GitHub Developer Site](https://github.com/settings/applications/new)
+- copy the OAuth Credentials (Client ID and Secret) for your GitHub application
+- add your application’s redirect URL, which is the URL the user will be returned to after successful authentication. You can use http://localhost:3000 if you're testing logging in locally
+- log in to [your stormpath dashboard](https://api.stormpath.com/login) and visit the Directories section
+- click on Create Directory and choose GitHub as the Directory Type. Name it and describe it however you want
+- paste the copied OAuth Credentials that you copied when you created the GitHub application in the GitHub Client ID and secret fields
+- visit the Applications section and click on the application you're using
+- click on Account Stores in the left sidebar and click on Add Account Store button
+- after you add your newly created GitHub directory try starting up your server and visit /login. You should see the 1-click GitHub login button
+
+### LinkedIn
+- create an application in the [LinkedIn Developer Site](https://www.linkedin.com/secure/developer?newapp=)
+- add your application’s redirect URLs, which are the URL the user will be returned to after successful authentication. If you're testing locally you can write http://localhost:3000/callbacks/linkedin
+- copy OAuth Credentials (Client ID and Secret) for your LinkedIn application
+- make sure you check r_basicprofile and r_emailaddress under the Default Application Permissions
+- log in to [your stormpath dashboard](https://api.stormpath.com/login) and visit the Directories section
+- click on Create Directory and choose LinkedIn as the Directory Type. Name it and describe it however you want
+- paste the copied OAuth Credentials that you copied when you created the LinkedIn application in the LinkedIn Client ID and secret fields
+- paste the redirect URI that you also saved in your LinkedIn dashboard http://localhost:3000/callbacks/linkedin
+- visit the Applications section and click on the application you're using
+- click on Account Stores in the left sidebar and click on Add Account Store button
+- after you add your newly created LinkedIn directory try starting up your server and visit /login. You should see the 1-click LinkedIn login button
+
 ## Migrate Devise Account information to Stormpath
 
 If you already have a Rails application that uses devise and need to transfer all users, accounts, or however you named your model there's a nifty

data/app/assets/stylesheets/stormpath.css.scss

@@ -60,6 +60,7 @@ p {
   color: #fff;
   font-size: 16px;
   border-radius: 3px;
+  padding: 9px 12px;
 }
 .btn-social:hover,
 .btn-social:focus {
@@ -93,6 +94,35 @@ p {
   filter: progid:DXImageTransform.Microsoft.gradient(GradientType=0, startColorstr=#e8503c, endColorstr=#ea604e);
   -ms-filter: "progid:DXImageTransform.Microsoft.gradient (GradientType=0, startColorstr=#e8503c, endColorstr=#ea604e)";
 }
+.btn-github {
+  background: -webkit-linear-gradient(#848282 50%, #7B7979 50%);
+  background: linear-gradient(#848282 50%, #7B7979 50%);
+  filter: progid:DXImageTransform.Microsoft.gradient(GradientType=0, startColorstr=#848282, endColorstr=#7B7979);
+  -ms-filter: "progid:DXImageTransform.Microsoft.gradient (GradientType=0, startColorstr=#848282, endColorstr=#7B7979)";
+}
+.btn-github:hover,
+.btn-github:focus {
+  color: #fff;
+  background: -webkit-linear-gradient(#8C8888 50%, #848080 50%);
+  background: linear-gradient(#8C8888 50%, #848080 50%);
+  filter: progid:DXImageTransform.Microsoft.gradient(GradientType=0, startColorstr=#8C8888, endColorstr=#848080);
+  -ms-filter: "progid:DXImageTransform.Microsoft.gradient (GradientType=0, startColorstr=#8C8888, endColorstr=#848080)";
+}
+.btn-linkedin {
+  background: -webkit-linear-gradient(#007cbc 50%, #0077B5 50%);
+  background: linear-gradient(#007cbc 50%, #0077B5 50%);
+  filter: progid:DXImageTransform.Microsoft.gradient(GradientType=0, startColorstr=#007cbc, endColorstr=#0077B5);
+  -ms-filter: "progid:DXImageTransform.Microsoft.gradient (GradientType=0, startColorstr=#007cbc, endColorstr=#0077B5)";
+}
+
+.btn-linkedin:hover,
+.btn-linkedin:focus {
+  color: #fff;
+  background: -webkit-linear-gradient(#007cbc 50%, #0077B5 50%);
+  background: linear-gradient(#007cbc 50%, #0077B5 50%);
+  filter: progid:DXImageTransform.Microsoft.gradient(GradientType=0, startColorstr=#007cbc, endColorstr=#0077B5);
+  -ms-filter: "progid:DXImageTransform.Microsoft.gradient (GradientType=0, startColorstr=#007cbc, endColorstr=#0077B5)";
+}
 .btn-register {
   font-size: 16px;
 }
@@ -274,7 +304,7 @@ p {
     padding: 0px;
   }
 }
-.login-view .social-area button {
+.login-view .social-area button, .login-view .social-area .btn {
   display: block;
   width: 100%;
   margin-bottom: 15px;

data/app/controllers/stormpath/rails/facebook/create_controller.rb

@@ -0,0 +1,30 @@
+module Stormpath
+  module Rails
+    module Facebook
+      class CreateController < Stormpath::Rails::SocialController
+        def call
+          begin
+            login_the_account(account)
+            respond_with_success
+          rescue NoFacebookAuthorizationError => error
+            respond_with_error(error)
+          end
+        end
+
+        private
+
+        def access_token
+          FacebookAuthCodeExchange.new(root_url, params[:code]).access_token
+        end
+
+        def account_request
+          Stormpath::Provider::AccountRequest.new(:facebook, :access_token, access_token)
+        end
+
+        def account
+          Stormpath::Rails::Client.application.get_provider_account(account_request).account
+        end
+      end
+    end
+  end
+end

data/app/controllers/stormpath/rails/github/create_controller.rb

@@ -0,0 +1,30 @@
+module Stormpath
+  module Rails
+    module Github
+      class CreateController < Stormpath::Rails::SocialController
+        def call
+          begin
+            login_the_account(account)
+            respond_with_success
+          rescue NoGithubAuthorizationError => error
+            respond_with_error(error)
+          end
+        end
+
+        private
+
+        def access_token
+          GithubAuthCodeExchange.new(root_url, params[:code]).access_token
+        end
+
+        def account_request
+          Stormpath::Provider::AccountRequest.new(:github, :access_token, access_token)
+        end
+
+        def account
+          Stormpath::Rails::Client.application.get_provider_account(account_request).account
+        end
+      end
+    end
+  end
+end

data/app/controllers/stormpath/rails/google/create_controller.rb

@@ -0,0 +1,26 @@
+module Stormpath
+  module Rails
+    module Google
+      class CreateController < Stormpath::Rails::SocialController
+        def call
+          begin
+            login_the_account(account)
+            respond_with_success
+          rescue InvalidSptokenError, NoSptokenError => error
+            respond_with_error(error)
+          end
+        end
+
+        private
+
+        def account_request
+          Stormpath::Provider::AccountRequest.new(:google, :code, params[:code])
+        end
+
+        def account
+          Stormpath::Rails::Client.application.get_provider_account(account_request).account
+        end
+      end
+    end
+  end
+end

data/app/controllers/stormpath/rails/linkedin/create_controller.rb

@@ -0,0 +1,26 @@
+module Stormpath
+  module Rails
+    module Linkedin
+      class CreateController < Stormpath::Rails::SocialController
+        def call
+          begin
+            login_the_account(account)
+            respond_with_success
+          rescue InvalidSptokenError, NoSptokenError => error
+            respond_with_error(error)
+          end
+        end
+
+        private
+
+        def account_request
+          Stormpath::Provider::AccountRequest.new(:linkedin, :code, params[:code])
+        end
+
+        def account
+          Stormpath::Rails::Client.application.get_provider_account(account_request).account
+        end
+      end
+    end
+  end
+end

data/app/controllers/stormpath/rails/login/create_controller.rb

@@ -7,9 +7,9 @@ module Stormpath
         def call
           begin
             form.save!
-            set_cookies
+            set_cookies unless social_login?
             respond_with_success
-          rescue Stormpath::Error, LoginForm::FormError => error
+          rescue Stormpath::Error, LoginForm::FormError, SocialLoginForm::FormError => error
             respond_with_error(error)
           end
         end
@@ -17,7 +17,11 @@ module Stormpath
         private
 
         def form
-          @form ||= LoginForm.new(params[:login], params[:password])
+          @form ||= if social_login?
+                      SocialLoginForm.new(provider, access_token, cookies)
+                    else
+                      LoginForm.new(params[:login], params[:password])
+                    end
         end
 
         def respond_with_success
@@ -44,7 +48,7 @@ module Stormpath
         end
 
         def serialized_account
-          AccountSerializer.to_h(form.authentication_result.account)
+          AccountSerializer.to_h(form.account)
         end
 
         def login_redirect_route
@@ -54,6 +58,18 @@ module Stormpath
             stormpath_config.web.login.next_uri
           end
         end
+
+        def provider
+          params[:providerData][:providerId]
+        end
+
+        def access_token
+          params[:providerData][:accessToken]
+        end
+
+        def social_login?
+          params[:providerData].present?
+        end
       end
     end
   end

data/app/controllers/stormpath/rails/social_controller.rb

@@ -0,0 +1,32 @@
+module Stormpath
+  module Rails
+    class SocialController < Stormpath::Rails::BaseController
+      def login_the_account(account)
+        AccountLoginWithStormpathToken.new(
+          cookies, account,
+          Stormpath::Rails::Client.application,
+          Stormpath::Rails::Client.client.data_store.api_key
+        ).call
+      end
+
+      def respond_with_success
+        respond_to do |format|
+          format.json { render nothing: true, status: :ok }
+          format.html { redirect_to stormpath_config.web.login.next_uri }
+        end
+      end
+
+      def respond_with_error(error)
+        respond_to do |format|
+          format.html do
+            flash.now[:error] = error.message
+            render stormpath_config.web.login.view
+          end
+          format.json do
+            render json: { status: error.status, message: error.message }, status: error.status
+          end
+        end
+      end
+    end
+  end
+end

data/app/forms/stormpath/rails/login_form.rb

@@ -3,6 +3,7 @@ module Stormpath
     class LoginForm
       attr_accessor :login, :password
       attr_accessor :authentication_result
+      delegate :account, to: :authentication_result
 
       def initialize(login, password)
         @login = login
@@ -17,17 +18,6 @@ module Stormpath
         end
       end
 
-      # def save
-      #   return false if invalid?
-      #   result = Client.authenticate_oauth(password_grant_request)
-      #
-      #   if result.success?
-      #     self.authentication_result = result.authentication_result
-      #   else
-      #     errors.add(:base, result.error_message) && false
-      #   end
-      # end
-
       def save!
         self.authentication_result = application.authenticate_oauth(password_grant_request)
       end

data/app/forms/stormpath/rails/social_login_form.rb

@@ -0,0 +1,49 @@
+module Stormpath
+  module Rails
+    class SocialLoginForm
+      attr_accessor :provider, :access_token, :cookies, :account
+
+      def initialize(provider, access_token, cookies)
+        @provider = provider
+        @access_token = access_token
+        @cookies = cookies
+        validate_provider_presence
+        validate_access_token_presence
+      end
+
+      class FormError < ArgumentError
+        def status
+          400
+        end
+      end
+
+      def save!
+        AccountLoginWithStormpathToken.new(
+          cookies, account,
+          Stormpath::Rails::Client.application,
+          Stormpath::Rails::Client.client.data_store.api_key
+        ).call
+      end
+
+      def account
+        Stormpath::Rails::Client.application.get_provider_account(request).account
+      end
+
+      private
+
+      def request
+        Stormpath::Provider::AccountRequest.new(provider.to_sym, :access_token, access_token)
+      end
+
+      def validate_provider_presence
+        return if provider.present?
+        raise FormError, "providerId can't be blank"
+      end
+
+      def validate_access_token_presence
+        return if access_token.present?
+        raise FormError, "access_token can't be blank"
+      end
+    end
+  end
+end

data/app/helpers/social_helper.rb

@@ -1,14 +1,63 @@
-# Legacy but will be used when social logins start.
 module SocialHelper
   def box_class
-    facebook_login_enabled? ? 'small col-sm-8' : 'large col-sm-12'
+    social_providers_present? ? 'small col-sm-8' : 'large col-sm-12'
   end
 
   def label_class
-    facebook_login_enabled? ? 'col-sm-12' : 'col-sm-4'
+    social_providers_present? ? 'col-sm-12' : 'col-sm-4'
   end
 
   def input_class
-    facebook_login_enabled? ? 'col-sm-12' : 'col-sm-8'
+    social_providers_present? ? 'col-sm-12' : 'col-sm-8'
+  end
+
+  def facebook_oauth_url
+    URI::HTTPS.build(
+      host: 'www.facebook.com',
+      path: '/dialog/oauth',
+      query: {
+        client_id: Stormpath::Rails.config.web.facebook_app_id,
+        redirect_uri: facebook_callback_url,
+        scope: Stormpath::Rails.config.web.social.facebook.scope
+      }.to_query
+    ).to_s
+  end
+
+  def github_oauth_url
+    URI::HTTPS.build(
+      host: 'www.github.com',
+      path: '/login/oauth/authorize',
+      query: {
+        client_id: Stormpath::Rails.config.web.github_app_id,
+        redirect_uri: github_callback_url,
+        scope: Stormpath::Rails.config.web.social.github.scope
+      }.to_query
+    ).to_s
+  end
+
+  def google_oauth_url
+    URI::HTTPS.build(
+      host: 'accounts.google.com',
+      path: '/o/oauth2/auth',
+      query: {
+        client_id: Stormpath::Rails.config.web.google_app_id,
+        redirect_uri: google_callback_url,
+        scope: Stormpath::Rails.config.web.social.google.scope,
+        response_type: 'code'
+      }.to_query
+    ).to_s
+  end
+
+  def linkedin_oauth_url
+    URI::HTTPS.build(
+      host: 'www.linkedin.com',
+      path: '/oauth/v2/authorization',
+      query: {
+        client_id: Stormpath::Rails.config.web.linkedin_app_id,
+        redirect_uri: linkedin_callback_url,
+        scope: Stormpath::Rails.config.web.social.linkedin.scope,
+        response_type: 'code'
+      }.to_query
+    ).to_s
   end
 end

data/app/views/stormpath/rails/forgot_password/new.html.erb

@@ -28,7 +28,7 @@
             <div class="form-group group-email">
               <%= form.label :email, class: "col-sm-4" %>
               <div class="col-sm-8">
-                <%= form.text_field :email, placeholder: 'Email', class: "form-control", name: :email %>
+                <%= form.email_field :email, placeholder: 'Email', class: "form-control", name: :email %>
               </div>
             </div>
             <div>

data/app/views/stormpath/rails/layouts/stormpath.html.erb

@@ -19,11 +19,6 @@
     <div class="alert alert-success"><%= flash[:success] %></div>
   <% end %>
 
-  <% if signed_in? %>
-    <p>Logged in as: <%= current_account.given_name %></p>
-    <%= link_to "Log out", logout_path, method: :post %>
-  <% end %>
-
   <%= yield %>
 
   <script src="//netdna.bootstrapcdn.com/bootstrap/3.1.1/js/bootstrap.min.js"></script>

data/app/views/stormpath/rails/login/new.html.erb

@@ -3,7 +3,12 @@
     <div class="view login-view container">
       <div class="box row">
         <%= render partial: 'stormpath/rails/login/form' %>
+
+        <% if Stormpath::Rails.config.web.has_social_providers %>
+          <%= render 'stormpath/rails/shared/social_login' %>
+        <% end %>
       </div>
+
       <% if Stormpath::Rails.config.web.forgot_password.enabled %>
         <%= link_to "Forgot Password?", new_forgot_password_path, class: "forgot" %>
       <% end %>

data/app/views/stormpath/rails/shared/_social_login.html.erb

@@ -0,0 +1,24 @@
+<div class="social-area col-xs-12 col-sm-4">
+  <div class="header">
+    &nbsp;
+  </div>
+
+  <label>Easy 1-click login:</label>
+
+  <% if Stormpath::Rails.config.web.facebook_app_id %>
+    <%= link_to 'Facebook', facebook_oauth_url, class: 'btn btn-social btn-facebook' %>
+  <% end %>
+
+  <% if Stormpath::Rails.config.web.google_app_id %>
+    <%= link_to 'Google', google_oauth_url, class: 'btn btn-social btn-google' %>
+  <% end %>
+
+  <% if Stormpath::Rails.config.web.linkedin_app_id %>
+    <%= link_to 'LinkedIn', linkedin_oauth_url, class: 'btn btn-social btn-linkedin' %>
+  <% end %>
+
+  <% if Stormpath::Rails.config.web.github_app_id %>
+    <%= link_to 'GitHub', github_oauth_url, class: 'btn btn-social btn-github' %>
+  <% end %>
+
+</div>

data/lib/stormpath/rails/config/dynamic_configuration.rb

@@ -4,6 +4,16 @@ module Stormpath
       class DynamicConfiguration
         attr_reader :static_config
 
+        delegate(
+          :facebook_app_id,
+          :facebook_app_secret,
+          :github_app_id,
+          :github_app_secret,
+          :google_app_id,
+          :linkedin_app_id,
+          to: :social_login_verification
+        )
+
         def initialize(static_config)
           @static_config = static_config
           proccess_account_store_verification
@@ -26,6 +36,10 @@ module Stormpath
           password_reset_enabled?
         end
 
+        def has_social_providers?
+          facebook_app_id || github_app_id || google_app_id || linkedin_app_id
+        end
+
         def verify_email_enabled?
           return false if static_config.stormpath.web.verify_email.enabled == false
           email_verification_enabled?
@@ -54,6 +68,10 @@ module Stormpath
             static_config.stormpath.web.register.enabled
           ).call
         end
+
+        def social_login_verification
+          @social_login_verification ||= SocialLoginVerification.new(app.href)
+        end
       end
     end
   end

data/lib/stormpath/rails/config/social_login_verification.rb

@@ -0,0 +1,41 @@
+module Stormpath
+  module Rails
+    module Config
+      class SocialLoginVerification
+        attr_reader :app,
+                    :facebook_app_id,
+                    :facebook_app_secret,
+                    :github_app_id,
+                    :github_app_secret,
+                    :google_app_id,
+                    :linkedin_app_id
+
+        def initialize(app_href)
+          @app = Stormpath::Rails::Client.client.applications.get(app_href)
+          initialize_directories
+        end
+
+        private
+
+        def initialize_directories
+          app.account_store_mappings.each do |mapping|
+            account_store = mapping.account_store
+            next unless account_store.class == Stormpath::Resource::Directory
+            case account_store.provider.provider_id
+            when 'facebook'
+              @facebook_app_id = account_store.provider.client_id
+              @facebook_app_secret = account_store.provider.client_secret
+            when 'github'
+              @github_app_id = account_store.provider.client_id
+              @github_app_secret = account_store.provider.client_secret
+            when 'google'
+              @google_app_id = account_store.provider.client_id
+            when 'linkedin'
+              @linkedin_app_id = account_store.provider.client_id
+            end
+          end
+        end
+      end
+    end
+  end
+end

data/lib/stormpath/rails/configuration.rb

@@ -26,6 +26,13 @@ module Stormpath
           config.stormpath.application.href = dynamic_config.app.href
           config.stormpath.web.forgot_password.enabled = dynamic_config.forgot_password_enabled?
           config.stormpath.web.change_password.enabled = dynamic_config.change_password_enabled?
+          config.stormpath.web.facebook_app_id = dynamic_config.facebook_app_id
+          config.stormpath.web.facebook_app_secret = dynamic_config.facebook_app_secret
+          config.stormpath.web.github_app_id = dynamic_config.github_app_id
+          config.stormpath.web.github_app_secret = dynamic_config.github_app_secret
+          config.stormpath.web.google_app_id = dynamic_config.google_app_id
+          config.stormpath.web.linkedin_app_id = dynamic_config.linkedin_app_id
+          config.stormpath.web.has_social_providers = dynamic_config.has_social_providers?
           config.stormpath.web.verify_email.enabled = dynamic_config.verify_email_enabled?
         end
       end

data/lib/stormpath/rails/controller.rb

@@ -28,7 +28,10 @@ module Stormpath
         return if signed_in?
         respond_to do |format|
           format.html { redirect_to "#{stormpath_config.web.login.uri}?next=#{request.path}" }
-          format.json { render nothing: true, status: 401 }
+          format.json do
+            response.headers['WWW-Authenticate'] = "Bearer realm=\"My Application\""
+            render nothing: true, status: 401
+          end
         end
       end
 

data/lib/stormpath/rails/errors/no_facebook_authorization_error.rb

@@ -0,0 +1,9 @@
+module Stormpath
+  module Rails
+    class NoFacebookAuthorizationError < ArgumentError
+      def message
+        'An error occured while authenticating your account on Facebook'
+      end
+    end
+  end
+end

data/lib/stormpath/rails/errors/no_github_authorization_error.rb

@@ -0,0 +1,9 @@
+module Stormpath
+  module Rails
+    class NoGithubAuthorizationError < ArgumentError
+      def message
+        'An error occured while authenticating your account on GitHub'
+      end
+    end
+  end
+end

data/lib/stormpath/rails/facebook_auth_code_exchange.rb

@@ -0,0 +1,44 @@
+module Stormpath
+  module Rails
+    class FacebookAuthCodeExchange
+      FACEBOOK_EXCHANGE_URL = URI('https://graph.facebook.com/v2.7/oauth/access_token')
+
+      attr_reader :root_url, :code
+
+      def initialize(root_url, code)
+        raise(NoFacebookAuthorizationError) if code.nil?
+        @root_url = root_url
+        @code = code
+      end
+
+      def access_token
+        @access_token ||= fetch_access_token(exchange_auth_code.body)
+      end
+
+      private
+
+      def exchange_auth_code
+        http_client.post(FACEBOOK_EXCHANGE_URL, encoded_params)
+      end
+
+      def fetch_access_token(response_body)
+        JSON.parse(response_body)['access_token']
+      end
+
+      def encoded_params
+        URI.encode_www_form(
+          client_id: Stormpath::Rails.config.web.facebook_app_id,
+          client_secret: Stormpath::Rails.config.web.facebook_app_secret,
+          redirect_uri: URI.join(root_url, Stormpath::Rails.config.web.social.facebook.uri).to_s,
+          code: code
+        )
+      end
+
+      def http_client
+        client = Net::HTTP.new(FACEBOOK_EXCHANGE_URL.host, FACEBOOK_EXCHANGE_URL.port)
+        client.use_ssl = true
+        client
+      end
+    end
+  end
+end

data/lib/stormpath/rails/github_auth_code_exchange.rb

@@ -0,0 +1,44 @@
+module Stormpath
+  module Rails
+    class GithubAuthCodeExchange
+      GITHUB_EXCHANGE_URL = URI('https://github.com/login/oauth/access_token')
+
+      attr_reader :root_url, :code
+
+      def initialize(root_url, code)
+        raise(NoGithubAuthorizationError) if code.nil?
+        @root_url = root_url
+        @code = code
+      end
+
+      def access_token
+        @access_token ||= fetch_access_token(exchange_auth_code.body)
+      end
+
+      private
+
+      def exchange_auth_code
+        http_client.post(GITHUB_EXCHANGE_URL, encoded_params, 'Accept' => 'application/json')
+      end
+
+      def fetch_access_token(response_body)
+        JSON.parse(response_body)['access_token']
+      end
+
+      def encoded_params
+        URI.encode_www_form(
+          client_id: Stormpath::Rails.config.web.github_app_id,
+          client_secret: Stormpath::Rails.config.web.github_app_secret,
+          redirect_uri: URI.join(root_url, Stormpath::Rails.config.web.social.github.uri).to_s,
+          code: code
+        )
+      end
+
+      def http_client
+        client = Net::HTTP.new(GITHUB_EXCHANGE_URL.host, GITHUB_EXCHANGE_URL.port)
+        client.use_ssl = true
+        client
+      end
+    end
+  end
+end

data/lib/stormpath/rails/router.rb

@@ -16,6 +16,10 @@ module Stormpath
         'oauth2#create' => 'stormpath/rails/oauth2/create#call',
         'verify_email#show' => 'stormpath/rails/verify_email/show#call',
         'verify_email#create' => 'stormpath/rails/verify_email/create#call',
+        'facebook#create' => 'stormpath/rails/facebook/create#call',
+        'github#create' => 'stormpath/rails/github/create#call',
+        'google#create' => 'stormpath/rails/google/create#call',
+        'linkedin#create' => 'stormpath/rails/linkedin/create#call',
         'id_site_login#new' => 'stormpath/rails/id_site_login/new#call',
         'id_site_logout#new' => 'stormpath/rails/id_site_logout/new#call'
       }.freeze
@@ -69,6 +73,23 @@ module Stormpath
             post Stormpath::Rails.config.web.verify_email.uri => actions['verify_email#create'], as: :verify_email
           end
 
+          # SOCIAL LOGINS
+          if Stormpath::Rails.config.web.facebook_app_id
+            get Stormpath::Rails.config.web.social.facebook.uri => actions['facebook#create'], as: :facebook_callback
+          end
+
+          if Stormpath::Rails.config.web.github_app_id
+            get Stormpath::Rails.config.web.social.github.uri => actions['github#create'], as: :github_callback
+          end
+
+          if Stormpath::Rails.config.web.google_app_id
+            get Stormpath::Rails.config.web.social.google.uri => actions['google#create'], as: :google_callback
+          end
+
+          if Stormpath::Rails.config.web.linkedin_app_id
+            get Stormpath::Rails.config.web.social.linkedin.uri => actions['linkedin#create'], as: :linkedin_callback
+          end
+
           # ID SITE LOGIN
           if Stormpath::Rails.config.web.id_site.enabled
             get '/id_site_result' => actions['id_site_login#new'], as: :id_site_result

data/lib/stormpath/rails/social.rb

@@ -4,30 +4,13 @@ module Stormpath
       extend ActiveSupport::Concern
 
       included do
-        helper_method :facebook_login_enabled?, :facebook_app_id,
-                      :google_login_enabled?, :google_client_id, :social_auth?
+        helper_method :social_providers_present?
       end
 
       private
 
-      def facebook_login_enabled?
-        false # facebook_app_id.present?
-      end
-
-      def google_login_enabled?
-        false # google_client_id.present?
-      end
-
-      def facebook_app_id
-        ENV['STORMPATH_FACEBOOK_APP_ID']
-      end
-
-      def google_client_id
-        ENV['STORMPATH_GOOGLE_CLIENT_ID']
-      end
-
-      def social_auth?
-        facebook_login_enabled? || google_login_enabled?
+      def social_providers_present?
+        Stormpath::Rails.config.web.has_social_providers
       end
     end
   end

data/lib/stormpath/rails/version.rb

@@ -1,6 +1,6 @@
 # frozen_string_literal: true
 module Stormpath
   module Rails
-    VERSION = '2.1.0'.freeze
+    VERSION = '2.2.0'.freeze
   end
 end

data/lib/stormpath/rails.rb

@@ -4,6 +4,7 @@ require 'stormpath/rails/config/read_file'
 require 'stormpath/rails/config/application_resolution'
 require 'stormpath/rails/config/account_store_verification'
 require 'stormpath/rails/config/dynamic_configuration'
+require 'stormpath/rails/config/social_login_verification'
 require 'stormpath/rails/configuration'
 require 'stormpath/rails/router'
 require 'virtus'
@@ -18,5 +19,9 @@ module Stormpath
     autoload :RoutingConstraint, 'stormpath/rails/routing_constraint'
     autoload :InvalidSptokenError, 'stormpath/rails/errors/invalid_sptoken_error'
     autoload :NoSptokenError, 'stormpath/rails/errors/no_sptoken_error'
+    autoload :NoFacebookAuthorizationError, 'stormpath/rails/errors/no_facebook_authorization_error'
+    autoload :NoGithubAuthorizationError, 'stormpath/rails/errors/no_github_authorization_error'
+    autoload :FacebookAuthCodeExchange, 'stormpath/rails/facebook_auth_code_exchange'
+    autoload :GithubAuthCodeExchange, 'stormpath/rails/github_auth_code_exchange'
   end
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: stormpath-rails
 version: !ruby/object:Gem::Version
-  version: 2.1.0
+  version: 2.2.0
 platform: ruby
 authors:
 - Nenad Nikolic
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2016-11-02 00:00:00.000000000 Z
+date: 2016-11-07 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: stormpath-sdk
@@ -113,10 +113,14 @@ files:
 - app/controllers/stormpath/rails/base_controller.rb
 - app/controllers/stormpath/rails/change_password/create_controller.rb
 - app/controllers/stormpath/rails/change_password/new_controller.rb
+- app/controllers/stormpath/rails/facebook/create_controller.rb
 - app/controllers/stormpath/rails/forgot_password/create_controller.rb
 - app/controllers/stormpath/rails/forgot_password/new_controller.rb
+- app/controllers/stormpath/rails/github/create_controller.rb
+- app/controllers/stormpath/rails/google/create_controller.rb
 - app/controllers/stormpath/rails/id_site_login/new_controller.rb
 - app/controllers/stormpath/rails/id_site_logout/new_controller.rb
+- app/controllers/stormpath/rails/linkedin/create_controller.rb
 - app/controllers/stormpath/rails/login/create_controller.rb
 - app/controllers/stormpath/rails/login/new_controller.rb
 - app/controllers/stormpath/rails/logout/create_controller.rb
@@ -125,11 +129,13 @@ files:
 - app/controllers/stormpath/rails/profile/show_controller.rb
 - app/controllers/stormpath/rails/register/create_controller.rb
 - app/controllers/stormpath/rails/register/new_controller.rb
+- app/controllers/stormpath/rails/social_controller.rb
 - app/controllers/stormpath/rails/verify_email/create_controller.rb
 - app/controllers/stormpath/rails/verify_email/show_controller.rb
 - app/forms/stormpath/rails/login_form.rb
 - app/forms/stormpath/rails/registration_form.rb
 - app/forms/stormpath/rails/registration_form_fields.rb
+- app/forms/stormpath/rails/social_login_form.rb
 - app/helpers/social_helper.rb
 - app/serializers/stormpath/rails/account_serializer.rb
 - app/serializers/stormpath/rails/form_serializer.rb
@@ -164,6 +170,7 @@ files:
 - app/views/stormpath/rails/register/_form.html.erb
 - app/views/stormpath/rails/register/new.html.erb
 - app/views/stormpath/rails/shared/_input.html.erb
+- app/views/stormpath/rails/shared/_social_login.html.erb
 - app/views/stormpath/rails/verify_email/new.html.erb
 - bin/console
 - bin/rails
@@ -185,12 +192,17 @@ files:
 - lib/stormpath/rails/config/application_resolution.rb
 - lib/stormpath/rails/config/dynamic_configuration.rb
 - lib/stormpath/rails/config/read_file.rb
+- lib/stormpath/rails/config/social_login_verification.rb
 - lib/stormpath/rails/configuration.rb
 - lib/stormpath/rails/content_type_negotiator.rb
 - lib/stormpath/rails/controller.rb
 - lib/stormpath/rails/engine.rb
 - lib/stormpath/rails/errors/invalid_sptoken_error.rb
+- lib/stormpath/rails/errors/no_facebook_authorization_error.rb
+- lib/stormpath/rails/errors/no_github_authorization_error.rb
 - lib/stormpath/rails/errors/no_sptoken_error.rb
+- lib/stormpath/rails/facebook_auth_code_exchange.rb
+- lib/stormpath/rails/github_auth_code_exchange.rb
 - lib/stormpath/rails/router.rb
 - lib/stormpath/rails/routing_constraint.rb
 - lib/stormpath/rails/social.rb