From d0cb0834684b2b90516f7cf53ebc9fd580242725 Mon Sep 17 00:00:00 2001 From: Erik Michaels-Ober Date: Mon, 8 Apr 2013 04:55:50 -0700 Subject: [PATCH 1/9] Suppress rack security warnings No secret option provided to Rack::Session::Cookie. --- spec/omniauth/strategies/developer_spec.rb | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/spec/omniauth/strategies/developer_spec.rb b/spec/omniauth/strategies/developer_spec.rb index 1a112b9..5d8cbb6 100644 --- a/spec/omniauth/strategies/developer_spec.rb +++ b/spec/omniauth/strategies/developer_spec.rb @@ -2,7 +2,7 @@ require 'helper' describe OmniAuth::Strategies::Developer do let(:app){ Rack::Builder.new do |b| - b.use Rack::Session::Cookie + b.use Rack::Session::Cookie, {:secret => "abc123"} b.use OmniAuth::Strategies::Developer b.run lambda{|env| [200, {}, ['Not Found']]} end.to_app } @@ -47,7 +47,7 @@ describe OmniAuth::Strategies::Developer do context "with custom options" do let(:app){ Rack::Builder.new do |b| - b.use Rack::Session::Cookie + b.use Rack::Session::Cookie, {:secret => "abc123"} b.use OmniAuth::Strategies::Developer, :fields => [:first_name, :last_name], :uid_field => :last_name b.run lambda{|env| [200, {}, ['Not Found']]} end.to_app } From fe14887737882825dae7011ad76f5e0b8410d5c6 Mon Sep 17 00:00:00 2001 From: Erik Michaels-Ober Date: Mon, 8 Apr 2013 04:57:22 -0700 Subject: [PATCH 2/9] Bump version to 1.1.4 --- lib/omniauth/version.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/omniauth/version.rb b/lib/omniauth/version.rb index 0aeab8d..f0f569b 100644 --- a/lib/omniauth/version.rb +++ b/lib/omniauth/version.rb @@ -1,3 +1,3 @@ module OmniAuth - VERSION = "1.1.3" unless defined?(OmniAuth::VERSION) + VERSION = "1.1.4" unless defined?(OmniAuth::VERSION) end From effe836042d4be62c6c3c6cc72010190157c9160 Mon Sep 17 00:00:00 2001 From: Howard Wilson Date: Wed, 10 Apr 2013 12:07:00 +0200 Subject: [PATCH 3/9] Correctly report callback path when custom callback path evaluator is truthy --- lib/omniauth/strategy.rb | 11 +++++------ spec/omniauth/strategy_spec.rb | 9 +++++++++ 2 files changed, 14 insertions(+), 6 deletions(-) diff --git a/lib/omniauth/strategy.rb b/lib/omniauth/strategy.rb index a03c588..9586948 100644 --- a/lib/omniauth/strategy.rb +++ b/lib/omniauth/strategy.rb @@ -241,11 +241,7 @@ module OmniAuth end def on_callback_path? - if options.callback_path.respond_to?(:call) - options.callback_path.call(env) - else - on_path?(callback_path) - end + on_path?(callback_path) end def on_path?(path) @@ -382,7 +378,10 @@ module OmniAuth end def callback_path - options[:callback_path].is_a?(String) ? options[:callback_path] : (custom_path(:request_path) || "#{path_prefix}/#{name}/callback") + path = options[:callback_path] if options[:callback_path].is_a?(String) + path ||= current_path if options[:callback_path].respond_to?(:call) && options[:callback_path].call(env) + path ||= custom_path(:request_path) + path ||= "#{path_prefix}/#{name}/callback" end def setup_path diff --git a/spec/omniauth/strategy_spec.rb b/spec/omniauth/strategy_spec.rb index 694986a..eb4134a 100644 --- a/spec/omniauth/strategy_spec.rb +++ b/spec/omniauth/strategy_spec.rb @@ -384,6 +384,15 @@ describe OmniAuth::Strategy do strategy_instance = fresh_strategy.new(nil, :request_path => lambda{|env| "/auth/boo/callback/22" }) expect(strategy_instance.callback_path).to eq('/auth/boo/callback/22') end + + it "correctly reports the callback path when the custom callback path evaluator is truthy" do + strategy_instance = ExampleStrategy.new(app, + :callback_path => lambda{|env| env['PATH_INFO'] == "/auth/bish/bosh/callback"} + ) + + expect{strategy_instance.call(make_env('/auth/bish/bosh/callback')) }.to raise_error("Callback Phase") + expect(strategy_instance.callback_path).to eq('/auth/bish/bosh/callback') + end end context "custom paths" do From 037adc974d5f6645406d6daa0783ed3faf0b618a Mon Sep 17 00:00:00 2001 From: Hank Stoever Date: Tue, 16 Apr 2013 11:25:18 -0700 Subject: [PATCH 4/9] change readme instructions to use `get` in routes Rails 4 deprecates `match` in routes, and this redirect will always be a `get`, so I think it would be helpful to start promoting this method. --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index cc40ff7..6f60e30 100644 --- a/README.md +++ b/README.md @@ -93,7 +93,7 @@ steps are necessary for your application. For example, in a Rails app I would add a line in my `routes.rb` file like this: ```ruby -match '/auth/:provider/callback', to: 'sessions#create' +get '/auth/:provider/callback', to: 'sessions#create' ``` And I might then have a `SessionsController` with code that looks From 0a617357d71fff38a301a14733439025f167ad87 Mon Sep 17 00:00:00 2001 From: Erik Michaels-Ober Date: Mon, 6 May 2013 05:27:53 -0700 Subject: [PATCH 5/9] Loosen required_rubygems_version for compatibility with Ubuntu 10.04 --- omniauth.gemspec | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/omniauth.gemspec b/omniauth.gemspec index 30c3077..e83261e 100644 --- a/omniauth.gemspec +++ b/omniauth.gemspec @@ -18,7 +18,7 @@ Gem::Specification.new do |spec| spec.licenses = ['MIT'] spec.name = 'omniauth' spec.require_paths = ['lib'] - spec.required_rubygems_version = '>= 1.3.6' + spec.required_rubygems_version = '>= 1.3.5' spec.signing_key = File.expand_path("~/.gem/private_key.pem") if $0 =~ /gem\z/ spec.summary = spec.description spec.test_files = Dir.glob("spec/**/*") From 51ea384f8be81d8c81377491d8c3c8ec623b54b3 Mon Sep 17 00:00:00 2001 From: Dan Miller Date: Tue, 7 May 2013 01:28:11 -0300 Subject: [PATCH 6/9] Add Ruby 2 to the list of supported Ruby versions. --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 6f60e30..42e69ff 100644 --- a/README.md +++ b/README.md @@ -143,7 +143,7 @@ your first stop if you are wondering about a more in-depth look at OmniAuth, how it works, and how to use it. ## Supported Ruby Versions -OmniAuth is tested under 1.8.7, 1.9.2, 1.9.3, JRuby (1.8 mode), and Rubinius +OmniAuth is tested under 1.8.7, 1.9.2, 1.9.3, 2.0.0, JRuby (1.8 mode), and Rubinius (1.8 and 1.9 modes). ## Versioning From cb5d6ccdb59d4b68559abf94eeef46e1276aeb26 Mon Sep 17 00:00:00 2001 From: Erik Michaels-Ober Date: Tue, 9 Jul 2013 10:09:12 +0200 Subject: [PATCH 7/9] Replace stub! with stub --- spec/omniauth/strategy_spec.rb | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/spec/omniauth/strategy_spec.rb b/spec/omniauth/strategy_spec.rb index eb4134a..153c5f3 100644 --- a/spec/omniauth/strategy_spec.rb +++ b/spec/omniauth/strategy_spec.rb @@ -152,8 +152,8 @@ describe OmniAuth::Strategy do end it "returns an AuthHash" do - instance.stub!(:uid).and_return('123') - instance.stub!(:info).and_return(:name => 'Hal Awesome') + instance.stub(:uid).and_return('123') + instance.stub(:info).and_return(:name => 'Hal Awesome') hash = instance.auth_hash expect(hash).to be_kind_of(OmniAuth::AuthHash) expect(hash.uid).to eq('123') @@ -168,7 +168,7 @@ describe OmniAuth::Strategy do end it "is the default options if any are provided" do - ExampleStrategy.stub!(:default_options).and_return(OmniAuth::Strategy::Options.new(:abc => 123)) + ExampleStrategy.stub(:default_options).and_return(OmniAuth::Strategy::Options.new(:abc => 123)) expect(ExampleStrategy.new(app).options.abc).to eq(123) end end @@ -212,8 +212,8 @@ describe OmniAuth::Strategy do it "sets the auth hash" do env = make_env - subject.stub!(:env).and_return(env) - subject.stub!(:auth_hash).and_return("AUTH HASH") + subject.stub(:env).and_return(env) + subject.stub(:auth_hash).and_return("AUTH HASH") subject.callback_phase expect(env['omniauth.auth']).to eq("AUTH HASH") end From 3befe4c4e601f44635dbe5ba30b20a28533419a0 Mon Sep 17 00:00:00 2001 From: Erik Michaels-Ober Date: Tue, 9 Jul 2013 10:08:41 +0200 Subject: [PATCH 8/9] Replace stub with allow...to receive --- Gemfile | 2 +- README.md | 1 - spec/omniauth/failure_endpoint_spec.rb | 2 +- spec/omniauth/strategy_spec.rb | 18 +++++++++--------- spec/omniauth_spec.rb | 2 +- 5 files changed, 12 insertions(+), 13 deletions(-) diff --git a/Gemfile b/Gemfile index 46c4a9e..8128e4d 100644 --- a/Gemfile +++ b/Gemfile @@ -19,7 +19,7 @@ end group :test do gem 'coveralls', :require => false gem 'rack-test' - gem 'rspec', '>= 2.11' + gem 'rspec', '>= 2.14' gem 'simplecov', :require => false end diff --git a/README.md b/README.md index 42e69ff..ff40f5a 100644 --- a/README.md +++ b/README.md @@ -6,7 +6,6 @@ [![Code Climate](https://codeclimate.com/github/intridea/omniauth.png)][codeclimate] [![Coverage Status](https://coveralls.io/repos/intridea/omniauth/badge.png?branch=master)][coveralls] - [gem]: https://rubygems.org/gems/omniauth [travis]: http://travis-ci.org/intridea/omniauth [gemnasium]: https://gemnasium.com/intridea/omniauth diff --git a/spec/omniauth/failure_endpoint_spec.rb b/spec/omniauth/failure_endpoint_spec.rb index eb75124..9a26e82 100644 --- a/spec/omniauth/failure_endpoint_spec.rb +++ b/spec/omniauth/failure_endpoint_spec.rb @@ -39,7 +39,7 @@ describe OmniAuth::FailureEndpoint do end it "respects the configured path prefix" do - OmniAuth.config.stub(:path_prefix => '/boo') + allow(OmniAuth.config).to receive(:path_prefix).and_return('/boo') _, head, _ = *subject.call(env) expect(head["Location"]).to eq('/boo/failure?message=invalid_request&strategy=test') end diff --git a/spec/omniauth/strategy_spec.rb b/spec/omniauth/strategy_spec.rb index 153c5f3..7f9520a 100644 --- a/spec/omniauth/strategy_spec.rb +++ b/spec/omniauth/strategy_spec.rb @@ -152,8 +152,8 @@ describe OmniAuth::Strategy do end it "returns an AuthHash" do - instance.stub(:uid).and_return('123') - instance.stub(:info).and_return(:name => 'Hal Awesome') + allow(instance).to receive(:uid).and_return('123') + allow(instance).to receive(:info).and_return(:name => 'Hal Awesome') hash = instance.auth_hash expect(hash).to be_kind_of(OmniAuth::AuthHash) expect(hash.uid).to eq('123') @@ -168,7 +168,7 @@ describe OmniAuth::Strategy do end it "is the default options if any are provided" do - ExampleStrategy.stub(:default_options).and_return(OmniAuth::Strategy::Options.new(:abc => 123)) + allow(ExampleStrategy).to receive(:default_options).and_return(OmniAuth::Strategy::Options.new(:abc => 123)) expect(ExampleStrategy.new(app).options.abc).to eq(123) end end @@ -212,8 +212,8 @@ describe OmniAuth::Strategy do it "sets the auth hash" do env = make_env - subject.stub(:env).and_return(env) - subject.stub(:auth_hash).and_return("AUTH HASH") + allow(subject).to receive(:env).and_return(env) + allow(subject).to receive(:auth_hash).and_return("AUTH HASH") subject.callback_phase expect(env['omniauth.auth']).to eq("AUTH HASH") end @@ -340,7 +340,7 @@ describe OmniAuth::Strategy do end it "preserves the query parameters" do - strategy.stub(:full_host).and_return('http://example.com') + allow(strategy).to receive(:full_host).and_return('http://example.com') begin strategy.call(make_env('/auth/test', 'QUERY_STRING' => 'id=5')) rescue RuntimeError; end @@ -348,7 +348,7 @@ describe OmniAuth::Strategy do end it "consider script name" do - strategy.stub(:full_host).and_return('http://example.com') + allow(strategy).to receive(:full_host).and_return('http://example.com') begin strategy.call(make_env('/auth/test', 'SCRIPT_NAME' => '/sub_uri')) rescue RuntimeError; end @@ -418,7 +418,7 @@ describe OmniAuth::Strategy do it "preserves the query parameters" do @options = {:callback_path => '/radical'} - strategy.stub(:full_host).and_return('http://example.com') + allow(strategy).to receive(:full_host).and_return('http://example.com') begin strategy.call(make_env('/auth/test', 'QUERY_STRING' => 'id=5')) rescue RuntimeError; end @@ -450,7 +450,7 @@ describe OmniAuth::Strategy do end it "preserves the query parameters" do - strategy.stub(:full_host).and_return('http://example.com') + allow(strategy).to receive(:full_host).and_return('http://example.com') begin strategy.call(make_env('/auth/test', 'QUERY_STRING' => 'id=5')) rescue RuntimeError; end diff --git a/spec/omniauth_spec.rb b/spec/omniauth_spec.rb index 99107fd..d55765e 100644 --- a/spec/omniauth_spec.rb +++ b/spec/omniauth_spec.rb @@ -80,7 +80,7 @@ describe OmniAuth do describe ".logger" do it "calls through to the configured logger" do - OmniAuth.stub(:config => mock(:logger => "foo")) + allow(OmniAuth).to receive(:config).and_return(mock(:logger => "foo")) expect(OmniAuth.logger).to eq("foo") end end From cce54a8eb8b3bd10dc658b51a708d345d9e159d2 Mon Sep 17 00:00:00 2001 From: Erik Michaels-Ober Date: Tue, 9 Jul 2013 10:16:55 +0200 Subject: [PATCH 9/9] Replace mock with double --- spec/omniauth_spec.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/spec/omniauth_spec.rb b/spec/omniauth_spec.rb index d55765e..f679b20 100644 --- a/spec/omniauth_spec.rb +++ b/spec/omniauth_spec.rb @@ -80,7 +80,7 @@ describe OmniAuth do describe ".logger" do it "calls through to the configured logger" do - allow(OmniAuth).to receive(:config).and_return(mock(:logger => "foo")) + allow(OmniAuth).to receive(:config).and_return(double(:logger => "foo")) expect(OmniAuth.logger).to eq("foo") end end