diff --git a/lib/omniauth/openid_connect/google.rb b/lib/omniauth/openid_connect/google.rb index a9781acb5e..092835a5e5 100644 --- a/lib/omniauth/openid_connect/google.rb +++ b/lib/omniauth/openid_connect/google.rb @@ -30,23 +30,23 @@ module OmniAuth::OpenIDConnect class Google < Provider def host - "accounts.google.com" + 'accounts.google.com' end def options - super.merge({ + super.merge( client_auth_method: :not_basic, send_nonce: false, # use state instead of nonce state: lambda { SecureRandom.hex(42) } - }) + ) end def client_options - super.merge({ - authorization_endpoint: "/o/oauth2/auth", - token_endpoint: "/o/oauth2/token", - userinfo_endpoint: "https://www.googleapis.com/plus/v1/people/me/openIdConnect" - }) + super.merge( + authorization_endpoint: '/o/oauth2/auth', + token_endpoint: '/o/oauth2/token', + userinfo_endpoint: 'https://www.googleapis.com/plus/v1/people/me/openIdConnect' + ) end end end diff --git a/lib/omniauth/openid_connect/heroku.rb b/lib/omniauth/openid_connect/heroku.rb index 7e8c6dfdff..3d50e7a49d 100644 --- a/lib/omniauth/openid_connect/heroku.rb +++ b/lib/omniauth/openid_connect/heroku.rb @@ -30,15 +30,15 @@ module OmniAuth::OpenIDConnect class Heroku < Provider def host - "connect-op.heroku.com" + 'connect-op.heroku.com' end def client_options - super.merge({ - authorization_endpoint: "/authorizations/new", - token_endpoint: "/access_tokens", - userinfo_endpoint: "/user_info" - }) + super.merge( + authorization_endpoint: '/authorizations/new', + token_endpoint: '/access_tokens', + userinfo_endpoint: '/user_info' + ) end end end diff --git a/lib/omniauth/openid_connect/provider.rb b/lib/omniauth/openid_connect/provider.rb index ee8ca3c672..ce542c8acc 100644 --- a/lib/omniauth/openid_connect/provider.rb +++ b/lib/omniauth/openid_connect/provider.rb @@ -39,12 +39,12 @@ module OmniAuth end def self.load_generic_providers - providers = configs.reject do |pro, config| + providers = configs.reject do |pro, _config| all.any? { |p| p.provider_name == pro } end providers.each do |name, config| - host = config["host"] || URI.parse(config["authorization_endpoint"]).host + host = config['host'] || URI.parse(config['authorization_endpoint']).host if host create(name, host) @@ -75,11 +75,11 @@ module OmniAuth end def self.available? - !!config["secret"] && !!config["identifier"] + !!config['secret'] && !!config['identifier'] end def self.provider_name - self.name.demodulize.downcase + name.demodulize.downcase end def self.config @@ -88,12 +88,12 @@ module OmniAuth def self.configs from_settings = if Setting.plugin_openproject_openid_connect.is_a? Hash - Hash(Setting.plugin_openproject_openid_connect["providers"]) - else - {} + Hash(Setting.plugin_openproject_openid_connect['providers']) + else + {} end # Settings override configuration.yml - Hash(OpenProject::Configuration["openid_connect"]).deep_merge(from_settings) + Hash(OpenProject::Configuration['openid_connect']).deep_merge(from_settings) end def to_hash @@ -108,12 +108,12 @@ module OmniAuth { name: name, scope: [:openid, :email, :profile], - icon: config["icon"], - display_name: config["display_name"], + icon: config['icon'], + display_name: config['display_name'], client_options: client_options.merge( # override with configuration Hash[ - config.reject do |key, value| - ["identifier", "secret", "icon", "display_name"].include? key + config.reject do |key, _value| + ['identifier', 'secret', 'icon', 'display_name'].include? key end.map do |key, value| [key.to_sym, value] end @@ -125,7 +125,7 @@ module OmniAuth def client_options { port: 443, - scheme: "https", + scheme: 'https', host: host, identifier: identifier, secret: secret, @@ -134,15 +134,15 @@ module OmniAuth end def host - raise NotImplemented("Host required") + raise NotImplemented('Host required') end def identifier - config("identifier") + config('identifier') end def secret - config("secret") + config('secret') end def config(key = nil) diff --git a/lib/open_project/openid_connect.rb b/lib/open_project/openid_connect.rb index b1d6cede58..fa4c11393c 100644 --- a/lib/open_project/openid_connect.rb +++ b/lib/open_project/openid_connect.rb @@ -1,5 +1,5 @@ module OpenProject module OpenIDConnect - require "open_project/openid_connect/engine" + require 'open_project/openid_connect/engine' end end diff --git a/lib/open_project/openid_connect/engine.rb b/lib/open_project/openid_connect/engine.rb index faa506c65e..ee9121712d 100644 --- a/lib/open_project/openid_connect/engine.rb +++ b/lib/open_project/openid_connect/engine.rb @@ -43,7 +43,7 @@ module OpenProject::OpenIDConnect secure_cookie = Rails.env.production? # register an #after_login callback which sets a cookie containing the access token - OpenProject::OmniAuth::Authorization.after_login do |user, auth_hash, context| + OpenProject::OmniAuth::Authorization.after_login do |_user, auth_hash, context| # check the configuration if store_access_token? # fetch the access token if it's present @@ -65,6 +65,5 @@ module OpenProject::OpenIDConnect true end end - end end diff --git a/lib/open_project/openid_connect/version.rb b/lib/open_project/openid_connect/version.rb index af68bef3a5..9b51011e6d 100644 --- a/lib/open_project/openid_connect/version.rb +++ b/lib/open_project/openid_connect/version.rb @@ -1,5 +1,5 @@ module OpenProject module OpenIDConnect - VERSION = "4.0.0" + VERSION = '4.0.0' end end diff --git a/openproject-openid_connect.gemspec b/openproject-openid_connect.gemspec index 840d302ed4..6834e2512a 100644 --- a/openproject-openid_connect.gemspec +++ b/openproject-openid_connect.gemspec @@ -1,23 +1,23 @@ # encoding: UTF-8 -$:.push File.expand_path("../lib", __FILE__) +$:.push File.expand_path('../lib', __FILE__) require 'open_project/openid_connect/version' Gem::Specification.new do |s| - s.name = "openproject-openid_connect" + s.name = 'openproject-openid_connect' s.version = OpenProject::OpenIDConnect::VERSION - s.authors = "Finn GmbH" - s.email = "info@finn.de" - s.homepage = "https://www.openproject.org/projects/openid-connect" # TODO check this URL + s.authors = 'Finn GmbH' + s.email = 'info@finn.de' + s.homepage = 'https://www.openproject.org/projects/openid-connect' # TODO check this URL s.summary = 'OpenProject OpenID Connect' - s.description = "Adds OmniAuth OpenID Connect strategy providers to Openproject." - s.license = "GPLv3" + s.description = 'Adds OmniAuth OpenID Connect strategy providers to Openproject.' + s.license = 'GPLv3' - s.files = Dir["{app,config,db,lib}/**/*"] + %w(CHANGELOG.md README.md) + s.files = Dir['{app,config,db,lib}/**/*'] + %w(CHANGELOG.md README.md) - s.add_dependency "rails", "~> 3.2.14" - s.add_dependency "openproject-auth_plugins", "~> 4.0.0" - s.add_dependency "omniauth", "~> 1.0" + s.add_dependency 'rails', '~> 3.2.14' + s.add_dependency 'openproject-auth_plugins', '~> 4.0.0' + s.add_dependency 'omniauth', '~> 1.0' - s.add_development_dependency "rspec", "~> 2.99" + s.add_development_dependency 'rspec', '~> 2.99' end diff --git a/spec/requests/openid_connect_spec.rb b/spec/requests/openid_connect_spec.rb index 0aa74bda71..4663423473 100644 --- a/spec/requests/openid_connect_spec.rb +++ b/spec/requests/openid_connect_spec.rb @@ -33,15 +33,15 @@ RSpec.configure do |c| c.include OpenIDConnectSpecHelpers end -describe "OpenID Connect" do +describe 'OpenID Connect' do let(:provider) { OmniAuth::OpenIDConnect::Heroku.new } let(:user_info) do { - sub: "87117114115116", - name: "Hans Wurst", - email: "h.wurst@finn.de", - given_name: "Hans", - family_name: "Wurst" + sub: '87117114115116', + name: 'Hans Wurst', + email: 'h.wurst@finn.de', + given_name: 'Hans', + family_name: 'Wurst' } end @@ -49,7 +49,7 @@ describe "OpenID Connect" do # The redirect will include an authorisation code. # Since we don't actually get a valid code in the test we will stub the resulting AccessToken. OpenIDConnect::Client.any_instance.stub(:access_token!) do - OpenIDConnect::AccessToken.new client: self, access_token: "foo bar baz" + OpenIDConnect::AccessToken.new client: self, access_token: 'foo bar baz' end # Using the granted AccessToken the client then performs another request to the OpenID Connect @@ -62,17 +62,17 @@ describe "OpenID Connect" do OpenProject::Configuration['omniauth_store_access_token_in_cookie'] = true end - describe "sign-up and login" do + describe 'sign-up and login' do before do Setting.stub(:plugin_openproject_openid_connect).and_return( - { - "providers" => { - "heroku" => { - "identifier" => "does not", - "secret" => "matter" + + 'providers' => { + 'heroku' => { + 'identifier' => 'does not', + 'secret' => 'matter' } } - } + ) end @@ -92,11 +92,11 @@ describe "OpenID Connect" do expect(response.status).to be 302 expect(response.location).to match /https:\/\/#{provider.host}.*$/ - params = Rack::Utils.parse_nested_query(response.location.gsub(/^.*\?/, "")) + params = Rack::Utils.parse_nested_query(response.location.gsub(/^.*\?/, '')) - expect(params).to include "client_id" - expect(params["redirect_uri"]).to match /^.*\/auth\/#{provider.class.provider_name}\/callback$/ - expect(params["scope"]).to include "openid" + expect(params).to include 'client_id' + expect(params['redirect_uri']).to match /^.*\/auth\/#{provider.class.provider_name}\/callback$/ + expect(params['scope']).to include 'openid' ## # it should redirect back from the provider to the login page @@ -141,30 +141,30 @@ describe "OpenID Connect" do end end - context "provider configuration through the settings" do - it "should make providers that are not configured unavailable" do - get "/login" + context 'provider configuration through the settings' do + it 'should make providers that are not configured unavailable' do + get '/login' expect(response.body).not_to match /Google/i - expect{click_on_signin("google")}.to raise_error(ActionController::RoutingError) + expect { click_on_signin('google') }.to raise_error(ActionController::RoutingError) end - it "should make providers that have been configured through settings available without requiring a restart" do + it 'should make providers that have been configured through settings available without requiring a restart' do Setting.stub(:plugin_openproject_openid_connect).and_return( - { - "providers" => { - "google" => { - "identifier" => "does not", - "secret" => "matter" + + 'providers' => { + 'google' => { + 'identifier' => 'does not', + 'secret' => 'matter' } } - } + ) - get "/login" + get '/login' expect(response.body).to match /Google/i - expect{click_on_signin("google")}.not_to raise_error + expect { click_on_signin('google') }.not_to raise_error expect(response.status).to be 302 end end diff --git a/spec/requests/openid_connect_spec_helpers.rb b/spec/requests/openid_connect_spec_helpers.rb index 2b1a8beeff..992ff51728 100644 --- a/spec/requests/openid_connect_spec_helpers.rb +++ b/spec/requests/openid_connect_spec_helpers.rb @@ -2,8 +2,8 @@ module OpenIDConnectSpecHelpers def redirect_from_provider # Emulate the provider's redirect with a nonsense code. get "/auth/#{provider.class.provider_name}/callback", - code: "foobar", - redirect_uri: "http://localhost:3000/auth/#{provider.class.provider_name}/callack" + code: 'foobar', + redirect_uri: "http://localhost:3000/auth/#{provider.class.provider_name}/callack" end def click_on_signin(pro_name = provider.class.provider_name)