commit fa5561e6eb3d5fe684afba88b67b3d505997eaa0 Author: Ilya Zverev Date: Tue Aug 30 12:42:28 2016 -0400 First commit diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..b7e7725 --- /dev/null +++ b/.gitignore @@ -0,0 +1,10 @@ +/.bundle/ +/.yardoc +/Gemfile.lock +/_yardoc/ +/coverage/ +/doc/ +/pkg/ +/spec/reports/ +/tmp/ +*.gem diff --git a/Gemfile b/Gemfile new file mode 100644 index 0000000..0758a3c --- /dev/null +++ b/Gemfile @@ -0,0 +1,4 @@ +source 'https://rubygems.org' + +# Specify your gem's dependencies in omniauth-mapsme.gemspec +gemspec diff --git a/LICENSE.txt b/LICENSE.txt new file mode 100644 index 0000000..0990ee8 --- /dev/null +++ b/LICENSE.txt @@ -0,0 +1,21 @@ +The MIT License (MIT) + +Copyright (c) 2016 MAPS.ME + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in +all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN +THE SOFTWARE. diff --git a/README.md b/README.md new file mode 100644 index 0000000..5cd16c4 --- /dev/null +++ b/README.md @@ -0,0 +1,19 @@ +# Omniauth MAPS.ME + +This is a gem to connect to the MAPS.ME passport service via OAuth2. It requires OmniAuth. + +## Usage + +I'm too lazy to write this section, please use the code from [omniauth-osm examples](https://github.com/sozialhelden/omniauth-osm#how-to-use-it), +replacing `osm` with `mapsme`. + +## Development + +After checking out the repo, run `bin/setup` to install dependencies. You can also run `bin/console` for an interactive prompt that will allow you to experiment. + +To install this gem onto your local machine, run `bundle exec rake install`. To release a new version, update the version number in `version.rb`, and then run `bundle exec rake release`, which will create a git tag for the version, push git commits and tags, and push the `.gem` file to [rubygems.org](https://rubygems.org). + +## License + +The gem is available as open source under the terms of the [MIT License](http://opensource.org/licenses/MIT). + diff --git a/Rakefile b/Rakefile new file mode 100644 index 0000000..43022f7 --- /dev/null +++ b/Rakefile @@ -0,0 +1,2 @@ +require "bundler/gem_tasks" +task :default => :spec diff --git a/lib/omniauth-mapsme.rb b/lib/omniauth-mapsme.rb new file mode 100644 index 0000000..7c46a19 --- /dev/null +++ b/lib/omniauth-mapsme.rb @@ -0,0 +1,2 @@ +require "omniauth-mapsme/version" +require "omniauth/strategies/mapsme" diff --git a/lib/omniauth-mapsme/omniauth/strategies/mapsme.rb b/lib/omniauth-mapsme/omniauth/strategies/mapsme.rb new file mode 100644 index 0000000..3cc0e66 --- /dev/null +++ b/lib/omniauth-mapsme/omniauth/strategies/mapsme.rb @@ -0,0 +1,130 @@ +require 'oauth2' +require 'omniauth' + +module OmniAuth + module Strategies + class MapsMeToken + include OmniAuth::Strategy + + option :name, 'mapsme-token' + + args [:client_id, :client_secret] + + option :client_id, nil + option :client_secret, nil + + option :client_options, { + :site => 'https://passport.maps.me', + :authorize_url => 'https://passport.maps.me/authorize', + :token_url => 'https://passport.maps.me/access_token' + } + + option :access_token_options, { + :header_format => 'OAuth %s', + :param_name => 'access_token' + } + + attr_accessor :access_token + + uid { raw_info['id'] } + + info do + prune!({ + 'email' => raw_info['email'], + 'name' => raw_info['name'], + 'verified' => raw_info['verified'] + }) + end + + extra do + hash = {} + hash['raw_info'] = raw_info unless skip_info? + prune! hash + end + + credentials do + hash = {'token' => access_token.token} + hash.merge!('refresh_token' => access_token.refresh_token) if access_token.expires? && access_token.refresh_token + hash.merge!('expires_at' => access_token.expires_at) if access_token.expires? + hash.merge!('expires' => access_token.expires?) + hash + end + + def raw_info + @raw_info ||= access_token.get('/me', info_options).parsed || {} + end + + def info_options + options[:info_fields] ? {:params => {:fields => options[:info_fields]}} : {} + end + + def client + ::OAuth2::Client.new(options.client_id, options.client_secret, deep_symbolize(options.client_options)) + end + + def request_phase + form = OmniAuth::Form.new(:title => "User Token", :url => callback_path) + form.text_field "Access Token", "access_token" + form.button "Sign In" + form.to_response + end + + def callback_phase + if !request.params['access_token'] || request.params['access_token'].to_s.empty? + raise ArgumentError.new("No access token provided.") + end + + self.access_token = build_access_token + self.access_token = self.access_token.refresh! if self.access_token.expired? + + # Validate that the token belong to the application + app_raw = self.access_token.get('/app').parsed + if app_raw["id"] != options.client_id.to_s + raise ArgumentError.new("Access token doesn't belong to the client.") + end + + # Instead of calling super, duplicate the functionlity, but change the provider to 'mapsme'. + # In case we someday publish a mapsme auth provider. + hash = auth_hash + hash[:provider] = "mapsme" + self.env['omniauth.auth'] = hash + call_app! + + rescue ::OAuth2::Error => e + fail!(:invalid_credentials, e) + rescue ::MultiJson::DecodeError => e + fail!(:invalid_response, e) + rescue ::Timeout::Error, ::Errno::ETIMEDOUT => e + fail!(:timeout, e) + rescue ::SocketError => e + fail!(:failed_to_connect, e) + end + + protected + + def deep_symbolize(hash) + hash.inject({}) do |h, (k,v)| + h[k.to_sym] = v.is_a?(Hash) ? deep_symbolize(v) : v + h + end + end + + def build_access_token + # Options supported by `::OAuth2::AccessToken#initialize` and not overridden by `access_token_options` + hash = request.params.slice("access_token", "expires_at", "expires_in", "refresh_token") + hash.update(options.access_token_options) + ::OAuth2::AccessToken.from_hash( + client, + hash + ) + end + + def prune!(hash) + hash.delete_if do |_, value| + prune!(value) if value.is_a?(Hash) + value.nil? || (value.respond_to?(:empty?) && value.empty?) + end + end + end + end +end diff --git a/lib/omniauth-mapsme/version.rb b/lib/omniauth-mapsme/version.rb new file mode 100644 index 0000000..65615f5 --- /dev/null +++ b/lib/omniauth-mapsme/version.rb @@ -0,0 +1,5 @@ +module Omniauth + module Mapsme + VERSION = "0.1.0" + end +end diff --git a/omniauth-mapsme.gemspec b/omniauth-mapsme.gemspec new file mode 100644 index 0000000..b9f5509 --- /dev/null +++ b/omniauth-mapsme.gemspec @@ -0,0 +1,21 @@ +# coding: utf-8 +lib = File.expand_path('../lib', __FILE__) +$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib) +require 'omniauth-mapsme/version' + +Gem::Specification.new do |spec| + spec.name = "omniauth-mapsme" + spec.version = Omniauth::Mapsme::VERSION + spec.authors = ["Ilya Zverev"] + spec.email = ["ilya@zverev.info"] + + spec.summary = %q{MAPS.ME passport strategy for OmniAuth} + spec.description = %q{MAPS.ME passport strategy for OmniAuth. Uses provided access token.} + spec.homepage = "http://maps.me" + spec.license = "MIT" + + spec.files = `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(test|spec|features)/}) } + spec.require_paths = ["lib"] + + spec.add_dependency "omniauth-oauth2", ">= 1.1.1" +end