Merge pull request #3 from finnlabs/feature/auth_plugin

Use openproject-auth_plugins as basis

CHANGELOG.md

@@ -1,3 +1,9 @@
 # Changelog
 
+## 0.1.0
+
+* `#5558` use openproject-auth_plugins as basis
+
+## 0.0.1
+
 * `#5555` Multi-Provider login screens

README.md

@@ -6,6 +6,8 @@ Adds support for OmniAuth OpenID Connect strategy providers, most importantly Go
 
 You will have to add the following lines to your OpenProject's _Gemfile.plugins_ for the time being:
 
+    gem "openproject-plugins", :git => "git@github.com:opf/openproject-plugins.git", :branch => "dev"
+    gem "openproject-auth_plugins", :git => 'git@github.com:finnlabs/openproject-auth_plugins, :branch => 'dev'
     gem 'omniauth-openid-connect', :git => 'git@github.com:finnlabs/omniauth-openid-connect.git', :branch => 'master'
     gem 'openproject-openid_connect', :git => 'git@github.com:finnlabs/openproject-openid_connect.git', :branch => 'dev'
 
@@ -30,6 +32,15 @@ Example configuration:
   	    google:
           identifier: "9295222hfbiu2btgu3b4i.apps.googleusercontent.com"
           secret: "4z389thugh334t8h"
+          icon: "openid_connect/auth_provider-google.png"
+          display_name: "Google"
+
+The last two attributes are commonly available for all providers.
+They are used to change a provider's look.
+
+Note that `openid_connect/auth_provider-google.png` is the one custom provider icon this plugin has out of the box. Other icons you will have to add yourself.
+
+`display_name` changes a provider's label shown to the user.
 
 ### Settings
 

app/assets/stylesheets/openid_connect/openid_connect.css.sass

@@ -1,31 +0,0 @@
-/*-- copyright
- * OpenProject is a project management system.
- * Copyright (C) 2012-2014 the OpenProject Foundation (OPF)
- *
- * This program is free software; you can redistribute it and/or
- * modify it under the terms of the GNU General Public License version 3.
- *
- * OpenProject is a fork of ChiliProject, which is a fork of Redmine. The copyright follows:
- * Copyright (C) 2006-2013 Jean-Philippe Lang
- * Copyright (C) 2010-2013 the ChiliProject Team
- *
- * This program is free software; you can redistribute it and/or
- * modify it under the terms of the GNU General Public License
- * as published by the Free Software Foundation; either version 2
- * of the License, or (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
- *
- * See doc/COPYRIGHT.rdoc for more details.  ++
- */
-
-#content, #top-menu #nav-login-content
-  .login-auth-providers a.auth-provider.auth-provider-google
-    background-image: url(image-path('openid_connect/auth_provider-google.png'))

app/views/hooks/login/_providers.html.erb

@@ -1,14 +0,0 @@
-<% OmniAuth::OpenIDConnect::Provider.available.each do |pro| %>
-  <%
-    opts = {
-      :controller => '/auth',
-      :action => pro.provider_name
-    }
-    if params["back_url"]
-      opts[:origin] = params["back_url"]
-    end
-  %>
-  <a href="<%= url_for opts %>" class="auth-provider auth-provider-<%= pro.provider_name %>">
-    <span class="auth-provider-name"><%= pro.provider_name.camelize %></span>
-  </a>
-<% end %>

lib/omniauth/openid_connect/provider.rb

@@ -93,7 +93,7 @@ module OmniAuth
           {}
         end
         # Settings override configuration.yml
-        Hash(OpenProject::Configuration["openid_connect"]).merge(from_settings)
+        Hash(OpenProject::Configuration["openid_connect"]).deep_merge(from_settings)
       end
 
       def to_hash
@@ -108,10 +108,12 @@ module OmniAuth
         {
           :name => name,
           :scope => [:openid, :email, :profile],
-          :client_options => client_options.merge( # override with settings from configuration.yml
+          :icon => self.class.config["icon"],
+          :display_name => self.class.config["display_name"],
+          :client_options => client_options.merge( # override with configuration
             Hash[
               self.class.config.reject do |key, value|
-                ["identifier", "secret"].include? key
+                ["identifier", "secret", "icon", "display_name"].include? key
               end.map do |key, value|
                 [key.to_sym, value]
               end

lib/open_project/openid_connect/engine.rb

@@ -7,19 +7,18 @@ module OpenProject::OpenIDConnect
     engine_name :openproject_openid_connect
 
     include OpenProject::Plugins::ActsAsOpEngine
+    extend OpenProject::Plugins::AuthPlugin
 
     register 'openproject-openid_connect',
              :author_url => 'http://finn.de',
              :requires_openproject => '>= 3.1.0pre1',
-             :global_assets => { css: 'openid_connect/openid_connect.css' },
              :settings => { 'default' => { 'providers' => {} } }
 
     assets %w(
-      openid_connect/openid_connect.css
       openid_connect/auth_provider-google.png
     )
 
-    initializer "openid_connect.middleware" do |app|
+    register_auth_providers do
       # Loading OpenID providers manually since rails doesn't do it automatically,
       # possibly due to non trivially module-name-convertible paths.
       require 'omniauth/openid_connect/provider'
@@ -35,31 +34,10 @@ module OpenProject::OpenIDConnect
         config.ssl_config.set_default_paths
       end
 
+      strategy :openid_connect do
         OmniAuth::OpenIDConnect::Provider.load_generic_providers
-
-      app.config.middleware.use OmniAuth::Builder do
-        OmniAuth::OpenIDConnect::Provider.all.each do |pro|
-          p = pro.new
-          settings_available = if pro.available?
-            "settings available"
-          else
-            "settings missing"
-          end
-
-          Rails.logger.info "[OpenID Connect] Registering provider for #{p.name} (#{settings_available})"
-          provider :openid_connect, :name => p.name, :setup => lambda { |env|
-            Rails.logger.info "[OpenID Connect] Trying dynamic provider #{p.name}"
-            opt = env['omniauth.strategy'].options
-            p.to_hash.each do |key, value|
-              opt[key] = value
-            end
-          }
+        OmniAuth::OpenIDConnect::Provider.available.map { |p| p.new.to_hash }
       end
     end
   end
-
-    initializer 'openid_connect.register_hooks' do
-      require 'open_project/openid_connect/hooks'
-    end
-  end
 end

lib/open_project/openid_connect/version.rb

@@ -1,5 +1,5 @@
 module OpenProject
   module OpenIDConnect
-    VERSION = "0.0.1"
+    VERSION = "0.1.0"
   end
 end

openproject-openid_connect.gemspec

@@ -17,7 +17,8 @@ Gem::Specification.new do |s|
 
   s.add_dependency "rails", "~> 3.2.14"
   s.add_dependency "openproject-plugins", "~> 1.0"
-  s.add_dependency "omniauth"
+  s.add_dependency "openproject-auth_plugins", "~> 0.1"
+  s.add_dependency "omniauth", "~> 1.0"
 
   s.add_development_dependency "rspec", "~> 2.14"
   s.add_development_dependency "rspec-steps", "~> 0.4.0"

spec/requests/openid_connect_spec.rb

@@ -142,7 +142,7 @@ describe "OpenID Connect" do
       get "/login"
       expect(response.body).not_to include "Google"
 
-      expect{click_on_signin("google")}.to raise_error(ArgumentError)
+      expect{click_on_signin("google")}.to raise_error(ActionController::RoutingError)
     end
 
     it "should make providers that have been configured through settings available without requiring a restart" do