Commit 82325df3267f6ea4caf4895fe7453e4a405ac8eb
1 parent
445b9833
Exists in
master
and in
29 other branches
Add oauth client plugin
Showing
23 changed files
with
700 additions
and
0 deletions
Show diff stats
| ... | ... | @@ -0,0 +1,72 @@ |
| 1 | +README - Oauth Client Plugin | |
| 2 | +================================ | |
| 3 | + | |
| 4 | +OauthClient is a plugin which allow users to login/signup to noosfero with some oauth providers (for now, google, facebook and noosfero itself). | |
| 5 | + | |
| 6 | +Install | |
| 7 | +======= | |
| 8 | + | |
| 9 | +Enable Plugin | |
| 10 | +------------- | |
| 11 | + | |
| 12 | +cd <your_noosfero_dir> | |
| 13 | +./script/noosfero-plugins enable oauth_client | |
| 14 | + | |
| 15 | +Active Plugin | |
| 16 | +------------- | |
| 17 | + | |
| 18 | +As a Noosfero administrator user, go to administrator panel: | |
| 19 | + | |
| 20 | +- Click on "Enable/disable plugins" option | |
| 21 | +- Click on "Oauth Client Plugin" check-box | |
| 22 | + | |
| 23 | +Provider Settings | |
| 24 | +================= | |
| 25 | + | |
| 26 | +Goggle | |
| 27 | +------ | |
| 28 | + | |
| 29 | +[Create Google+ application](https://developers.google.com/+/web/signin/javascript-flow) | |
| 30 | + | |
| 31 | ||
| 32 | +-------- | |
| 33 | + | |
| 34 | +[Create Facebook application](https://developers.facebook.com/docs/facebook-login/v2.1) | |
| 35 | + | |
| 36 | +Varnish Settings | |
| 37 | +================ | |
| 38 | +If varnish has been used in your stack, you've to bypass the cache for signup page and prevent cookies to be removed when calling the oauth_client plugin callback. E.g.: | |
| 39 | + | |
| 40 | +``` | |
| 41 | +if (req.url !~ "^/account/*" && req.url !~ "^/plugin/oauth_provider/*" && req.url !~ "^/plugin/oauth_client/*" && req.http.cookie !~ "_noosfero_.*") { | |
| 42 | + unset req.http.cookie; | |
| 43 | + return(lookup); | |
| 44 | +} | |
| 45 | +``` | |
| 46 | + | |
| 47 | +Using Oauth Provider Plugin | |
| 48 | +=========================== | |
| 49 | +The oauth_provider plugin may be used as a provider in the same noosfero installation that hosts your oauth_client plugin (this is usefull in a multi environment setup). | |
| 50 | + | |
| 51 | +However, you've to use a distinct set of thin processes to handle the authorization requests (to avoid deadlock). | |
| 52 | + | |
| 53 | +Apache settings example: | |
| 54 | +``` | |
| 55 | +RewriteRule ^/oauth_provider/oauth/(authorize|token).*$ balancer://noosfero-oauth-provider%{REQUEST_URI} [P,QSA,L] | |
| 56 | +``` | |
| 57 | + | |
| 58 | + | |
| 59 | +Development | |
| 60 | +=========== | |
| 61 | + | |
| 62 | +Running OauthClient tests | |
| 63 | +-------------------- | |
| 64 | + | |
| 65 | +$ rake test:noosfero_plugins:oauth_client | |
| 66 | + | |
| 67 | +License | |
| 68 | +======= | |
| 69 | + | |
| 70 | +Copyright (c) The Author developers. | |
| 71 | + | |
| 72 | +See Noosfero license. | ... | ... |
plugins/oauth_client/controllers/oauth_client_plugin_admin_controller.rb
0 → 100644
| ... | ... | @@ -0,0 +1,27 @@ |
| 1 | +class OauthClientPluginAdminController < AdminController | |
| 2 | + | |
| 3 | + def index | |
| 4 | + end | |
| 5 | + | |
| 6 | + def new | |
| 7 | + @provider = environment.oauth_providers.new | |
| 8 | + render :file => 'oauth_client_plugin_admin/edit' | |
| 9 | + end | |
| 10 | + | |
| 11 | + def remove | |
| 12 | + environment.oauth_providers.find(params[:id]).destroy | |
| 13 | + redirect_to :action => 'index' | |
| 14 | + end | |
| 15 | + | |
| 16 | + def edit | |
| 17 | + @provider = params[:id] ? environment.oauth_providers.find(params[:id]) : environment.oauth_providers.new | |
| 18 | + if request.post? | |
| 19 | + if @provider.update_attributes(params['oauth_client_plugin_provider']) | |
| 20 | + session[:notice] = _('Saved!') | |
| 21 | + else | |
| 22 | + session[:notice] = _('Error!') | |
| 23 | + end | |
| 24 | + end | |
| 25 | + end | |
| 26 | + | |
| 27 | +end | ... | ... |
plugins/oauth_client/controllers/public/oauth_client_plugin_public_controller.rb
0 → 100644
| ... | ... | @@ -0,0 +1,46 @@ |
| 1 | +class OauthClientPluginPublicController < PublicController | |
| 2 | + | |
| 3 | + skip_before_filter :login_required | |
| 4 | + | |
| 5 | + def callback | |
| 6 | + auth = request.env["omniauth.auth"] | |
| 7 | + user = environment.users.find_by_email(auth.info.email) | |
| 8 | + user ? login(user) : signup(auth) | |
| 9 | + end | |
| 10 | + | |
| 11 | + def failure | |
| 12 | + session[:notice] = _('Failed to login') | |
| 13 | + redirect_to root_url | |
| 14 | + end | |
| 15 | + | |
| 16 | + def destroy | |
| 17 | + session[:user] = nil | |
| 18 | + redirect_to root_url | |
| 19 | + end | |
| 20 | + | |
| 21 | + protected | |
| 22 | + | |
| 23 | + def login(user) | |
| 24 | + provider = OauthClientPlugin::Provider.find(session[:provider_id]) | |
| 25 | + user_provider = user.oauth_user_providers.find_by_provider_id(provider.id) | |
| 26 | + unless user_provider | |
| 27 | + user_provider = user.oauth_user_providers.create(:user => user, :provider => provider, :enabled => true) | |
| 28 | + end | |
| 29 | + if user_provider.enabled? && provider.enabled? | |
| 30 | + session[:user] = user.id | |
| 31 | + else | |
| 32 | + session[:notice] = _("Can't login with #{provider.name}") | |
| 33 | + end | |
| 34 | + | |
| 35 | + redirect_to :controller => :account, :action => :login | |
| 36 | + end | |
| 37 | + | |
| 38 | + def signup(auth) | |
| 39 | + login = auth.info.email.split('@').first | |
| 40 | + session[:oauth_data] = auth | |
| 41 | + name = auth.info.name | |
| 42 | + name ||= auth.extra && auth.extra.raw_info ? auth.extra.raw_info.name : '' | |
| 43 | + redirect_to :controller => :account, :action => :signup, :user => {:login => login, :email => auth.info.email}, :profile_data => {:name => name} | |
| 44 | + end | |
| 45 | + | |
| 46 | +end | ... | ... |
plugins/oauth_client/db/migrate/20141010135314_create_oauth_client_plugin_provider.rb
0 → 100644
| ... | ... | @@ -0,0 +1,19 @@ |
| 1 | +class CreateOauthClientPluginProvider < ActiveRecord::Migration | |
| 2 | + | |
| 3 | + def self.up | |
| 4 | + create_table :oauth_client_plugin_providers do |t| | |
| 5 | + t.integer :environment_id | |
| 6 | + t.string :strategy | |
| 7 | + t.string :name | |
| 8 | + t.text :options | |
| 9 | + t.boolean :enabled | |
| 10 | + t.integer :image_id | |
| 11 | + | |
| 12 | + t.timestamps | |
| 13 | + end | |
| 14 | + end | |
| 15 | + | |
| 16 | + def self.down | |
| 17 | + drop_table :oauth_client_plugin_providers | |
| 18 | + end | |
| 19 | +end | ... | ... |
plugins/oauth_client/db/migrate/20141014162710_create_oauth_client_user_providers.rb
0 → 100644
| ... | ... | @@ -0,0 +1,14 @@ |
| 1 | +class CreateOauthClientUserProviders < ActiveRecord::Migration | |
| 2 | + def self.up | |
| 3 | + create_table :oauth_client_plugin_user_providers do |t| | |
| 4 | + t.references :user | |
| 5 | + t.references :provider | |
| 6 | + t.boolean :enabled | |
| 7 | + t.timestamps | |
| 8 | + end | |
| 9 | + end | |
| 10 | + | |
| 11 | + def self.down | |
| 12 | + drop_table :oauth_client_plugin_user_providers | |
| 13 | + end | |
| 14 | +end | ... | ... |
| ... | ... | @@ -0,0 +1,31 @@ |
| 1 | +require_dependency 'user' | |
| 2 | + | |
| 3 | +class User | |
| 4 | + | |
| 5 | + has_many :oauth_user_providers, :class_name => 'OauthClientPlugin::UserProvider' | |
| 6 | + has_many :oauth_providers, :through => :oauth_user_providers, :source => :provider | |
| 7 | + | |
| 8 | + def password_required_with_oauth? | |
| 9 | + password_required_without_oauth? && oauth_providers.empty? | |
| 10 | + end | |
| 11 | + | |
| 12 | + alias_method_chain :password_required?, :oauth | |
| 13 | + | |
| 14 | + after_create :activate_oauth_user | |
| 15 | + | |
| 16 | + def activate_oauth_user | |
| 17 | + unless oauth_providers.empty? | |
| 18 | + activate | |
| 19 | + oauth_providers.each do |provider| | |
| 20 | + OauthClientPlugin::UserProvider.create!(:user => self, :provider => provider, :enabled => true) | |
| 21 | + end | |
| 22 | + end | |
| 23 | + end | |
| 24 | + | |
| 25 | + def make_activation_code_with_oauth | |
| 26 | + oauth_providers.blank? ? make_activation_code_without_oauth : nil | |
| 27 | + end | |
| 28 | + | |
| 29 | + alias_method_chain :make_activation_code, :oauth | |
| 30 | + | |
| 31 | +end | ... | ... |
| ... | ... | @@ -0,0 +1,95 @@ |
| 1 | +require 'omniauth/strategies/noosfero_oauth2' | |
| 2 | + | |
| 3 | +class OauthClientPlugin < Noosfero::Plugin | |
| 4 | + | |
| 5 | + def self.plugin_name | |
| 6 | + "Oauth Client Plugin" | |
| 7 | + end | |
| 8 | + | |
| 9 | + def self.plugin_description | |
| 10 | + _("Login with Oauth.") | |
| 11 | + end | |
| 12 | + | |
| 13 | + def login_extra_contents | |
| 14 | + plugin = self | |
| 15 | + proc do | |
| 16 | + render :partial => 'auth/oauth_login', :locals => {:providers => environment.oauth_providers.enabled} | |
| 17 | + end | |
| 18 | + end | |
| 19 | + | |
| 20 | + def signup_extra_contents | |
| 21 | + plugin = self | |
| 22 | + | |
| 23 | + proc do | |
| 24 | + if plugin.context.session[:oauth_data].present? | |
| 25 | + render :partial => 'account/oauth_signup' | |
| 26 | + else | |
| 27 | + '' | |
| 28 | + end | |
| 29 | + end | |
| 30 | + end | |
| 31 | + | |
| 32 | + PROVIDERS = { | |
| 33 | + :facebook => { | |
| 34 | + :name => 'Facebook' | |
| 35 | + }, | |
| 36 | + :google_oauth2 => { | |
| 37 | + :name => 'Google' | |
| 38 | + }, | |
| 39 | + :noosfero_oauth2 => { | |
| 40 | + :name => 'Noosfero' | |
| 41 | + } | |
| 42 | + } | |
| 43 | + | |
| 44 | + def stylesheet? | |
| 45 | + true | |
| 46 | + end | |
| 47 | + | |
| 48 | + OmniAuth.config.on_failure = OauthClientPluginPublicController.action(:failure) | |
| 49 | + | |
| 50 | + Rails.application.config.middleware.use OmniAuth::Builder do | |
| 51 | + PROVIDERS.each do |provider, options| | |
| 52 | + setup = lambda { |env| | |
| 53 | + request = Rack::Request.new(env) | |
| 54 | + strategy = env['omniauth.strategy'] | |
| 55 | + | |
| 56 | + Noosfero::MultiTenancy.setup!(request.host) | |
| 57 | + domain = Domain.find_by_name(request.host) | |
| 58 | + environment = domain.environment rescue Environment.default | |
| 59 | + | |
| 60 | + provider_id = request.params['id'] | |
| 61 | + provider_id ||= request.session['omniauth.params']['id'] if request.session['omniauth.params'] | |
| 62 | + provider = environment.oauth_providers.find(provider_id) | |
| 63 | + strategy.options.merge!(provider.options.symbolize_keys) | |
| 64 | + | |
| 65 | + request.session[:provider_id] = provider_id | |
| 66 | + } | |
| 67 | + | |
| 68 | + provider provider, :setup => setup, | |
| 69 | + :path_prefix => '/plugin/oauth_client', | |
| 70 | + :callback_path => "/plugin/oauth_client/public/callback/#{provider}", | |
| 71 | + :client_options => { :connection_opts => { :proxy => ENV["OAUTH_HTTP_PROXY"] } } | |
| 72 | + end | |
| 73 | + | |
| 74 | + unless Rails.env.production? | |
| 75 | + provider :developer, :path_prefix => "/plugin/oauth_client", :callback_path => "/plugin/oauth_client/public/callback/developer" | |
| 76 | + end | |
| 77 | + end | |
| 78 | + | |
| 79 | + def account_controller_filters | |
| 80 | + { | |
| 81 | + :type => 'before_filter', :method_name => 'signup', | |
| 82 | + :block => proc { | |
| 83 | + auth = session[:oauth_data] | |
| 84 | + | |
| 85 | + if auth.present? && params[:user].present? | |
| 86 | + params[:user][:oauth_providers] = [OauthClientPlugin::Provider.find(session[:provider_id])] | |
| 87 | + if request.post? && auth.info.email != params[:user][:email] | |
| 88 | + raise "Wrong email for oauth signup" | |
| 89 | + end | |
| 90 | + end | |
| 91 | + } | |
| 92 | + } | |
| 93 | + end | |
| 94 | + | |
| 95 | +end | ... | ... |
plugins/oauth_client/lib/oauth_client_plugin/provider.rb
0 → 100644
| ... | ... | @@ -0,0 +1,20 @@ |
| 1 | +class OauthClientPlugin::Provider < Noosfero::Plugin::ActiveRecord | |
| 2 | + | |
| 3 | + belongs_to :environment | |
| 4 | + | |
| 5 | + validates_presence_of :name, :strategy | |
| 6 | + | |
| 7 | + acts_as_having_image | |
| 8 | + acts_as_having_settings :field => :options | |
| 9 | + | |
| 10 | + settings_items :client_id, :type => :string | |
| 11 | + settings_items :client_secret, :type => :string | |
| 12 | + settings_items :client_options, :type => Hash | |
| 13 | + | |
| 14 | + attr_accessible :name, :environment, :strategy, :client_id, :client_secret, :enabled, :client_options, :image_builder | |
| 15 | + | |
| 16 | + scope :enabled, :conditions => {:enabled => true} | |
| 17 | + | |
| 18 | + acts_as_having_image | |
| 19 | + | |
| 20 | +end | ... | ... |
plugins/oauth_client/lib/oauth_client_plugin/user_provider.rb
0 → 100644
| ... | ... | @@ -0,0 +1,10 @@ |
| 1 | +class OauthClientPlugin::UserProvider < Noosfero::Plugin::ActiveRecord | |
| 2 | + | |
| 3 | + belongs_to :user, :class_name => 'User' | |
| 4 | + belongs_to :provider, :class_name => 'OauthClientPlugin::Provider' | |
| 5 | + | |
| 6 | + set_table_name :oauth_client_plugin_user_providers | |
| 7 | + | |
| 8 | + attr_accessible :user, :provider, :enabled | |
| 9 | + | |
| 10 | +end | ... | ... |
plugins/oauth_client/lib/omniauth/strategies/noosfero_oauth2.rb
0 → 100644
| ... | ... | @@ -0,0 +1,26 @@ |
| 1 | +require 'omniauth/strategies/oauth2' | |
| 2 | + | |
| 3 | +module OmniAuth | |
| 4 | + module Strategies | |
| 5 | + class NoosferoOauth2 < OmniAuth::Strategies::OAuth2 | |
| 6 | + option :name, :noosfero_oauth2 | |
| 7 | + option :client_options, { | |
| 8 | + :authorize_url => '/oauth_provider/oauth/authorize', | |
| 9 | + :token_url => '/oauth_provider/oauth/token' | |
| 10 | + } | |
| 11 | + | |
| 12 | + uid { raw_info["id"] } | |
| 13 | + | |
| 14 | + info do | |
| 15 | + { | |
| 16 | + :email => raw_info["email"] | |
| 17 | + } | |
| 18 | + end | |
| 19 | + | |
| 20 | + def raw_info | |
| 21 | + #FIXME access the noosfero api (coming soon) | |
| 22 | + @raw_info ||= access_token.get('/plugin/oauth_provider/public/me').parsed | |
| 23 | + end | |
| 24 | + end | |
| 25 | + end | |
| 26 | +end | ... | ... |
| ... | ... | @@ -0,0 +1,18 @@ |
| 1 | +.oauth-login .provider a { | |
| 2 | + min-width: 20px; | |
| 3 | + min-height: 20px; | |
| 4 | + background-size: 20px; | |
| 5 | + display: inline-block; | |
| 6 | + text-decoration: none; | |
| 7 | + background-repeat: no-repeat; | |
| 8 | + line-height: 20px; | |
| 9 | +} | |
| 10 | +.oauth-login .provider a img { | |
| 11 | + max-width: 40px; | |
| 12 | +} | |
| 13 | +.oauth-login .provider a:hover { | |
| 14 | + opacity: 0.7; | |
| 15 | +} | |
| 16 | +.oauth-login .provider .developer { | |
| 17 | + display: none; | |
| 18 | +} | ... | ... |
plugins/oauth_client/test/functional/oauth_client_plugin_public_controller_test.rb
0 → 100644
| ... | ... | @@ -0,0 +1,80 @@ |
| 1 | +require File.dirname(__FILE__) + '/../test_helper' | |
| 2 | + | |
| 3 | +class OauthClientPluginPublicControllerTest < ActionController::TestCase | |
| 4 | + | |
| 5 | + def setup | |
| 6 | + @auth = mock | |
| 7 | + @auth.stubs(:info).returns(mock) | |
| 8 | + request.env["omniauth.auth"] = @auth | |
| 9 | + @environment = Environment.default | |
| 10 | + @provider = OauthClientPlugin::Provider.create!(:name => 'provider', :strategy => 'provider', :enabled => true) | |
| 11 | + end | |
| 12 | + attr_reader :auth, :environment, :provider | |
| 13 | + | |
| 14 | + should 'redirect to signup when user is not found' do | |
| 15 | + auth.info.stubs(:email).returns("xyz123@noosfero.org") | |
| 16 | + auth.info.stubs(:name).returns('xyz123') | |
| 17 | + session[:provider_id] = provider.id | |
| 18 | + | |
| 19 | + get :callback | |
| 20 | + assert_match /.*\/account\/signup/, @response.redirect_url | |
| 21 | + end | |
| 22 | + | |
| 23 | + should 'redirect to login when user is found' do | |
| 24 | + user = fast_create(User, :environment_id => environment.id) | |
| 25 | + auth.info.stubs(:email).returns(user.email) | |
| 26 | + auth.info.stubs(:name).returns(user.name) | |
| 27 | + session[:provider_id] = provider.id | |
| 28 | + | |
| 29 | + get :callback | |
| 30 | + assert_redirected_to :controller => :account, :action => :login | |
| 31 | + assert_equal user.id, session[:user] | |
| 32 | + end | |
| 33 | + | |
| 34 | + should 'do not login when the provider is disabled' do | |
| 35 | + user = fast_create(User, :environment_id => environment.id) | |
| 36 | + auth.info.stubs(:email).returns(user.email) | |
| 37 | + auth.info.stubs(:name).returns(user.name) | |
| 38 | + session[:provider_id] = provider.id | |
| 39 | + provider.update_attribute(:enabled, false) | |
| 40 | + | |
| 41 | + get :callback | |
| 42 | + assert_redirected_to :controller => :account, :action => :login | |
| 43 | + assert_equal nil, session[:user] | |
| 44 | + end | |
| 45 | + | |
| 46 | + should 'do not login when the provider is disabled for a user' do | |
| 47 | + user = fast_create(User, :environment_id => environment.id) | |
| 48 | + auth.info.stubs(:email).returns(user.email) | |
| 49 | + auth.info.stubs(:name).returns(user.name) | |
| 50 | + session[:provider_id] = provider.id | |
| 51 | + user.oauth_user_providers.create(:user => user, :provider => provider, :enabled => false) | |
| 52 | + | |
| 53 | + get :callback | |
| 54 | + assert_redirected_to :controller => :account, :action => :login | |
| 55 | + assert_equal nil, session[:user] | |
| 56 | + end | |
| 57 | + | |
| 58 | + should 'save provider when an user login with it' do | |
| 59 | + user = fast_create(User, :environment_id => environment.id) | |
| 60 | + auth.info.stubs(:email).returns(user.email) | |
| 61 | + auth.info.stubs(:name).returns(user.name) | |
| 62 | + session[:provider_id] = provider.id | |
| 63 | + | |
| 64 | + get :callback | |
| 65 | + assert_equal [provider], user.oauth_providers | |
| 66 | + end | |
| 67 | + | |
| 68 | + should 'do not duplicate relations between an user and a provider when the same provider was used again in a login' do | |
| 69 | + user = fast_create(User, :environment_id => environment.id) | |
| 70 | + auth.info.stubs(:email).returns(user.email) | |
| 71 | + auth.info.stubs(:name).returns(user.name) | |
| 72 | + session[:provider_id] = provider.id | |
| 73 | + | |
| 74 | + get :callback | |
| 75 | + assert_no_difference 'user.oauth_user_providers.count' do | |
| 76 | + 3.times { get :callback } | |
| 77 | + end | |
| 78 | + end | |
| 79 | + | |
| 80 | +end | ... | ... |
| ... | ... | @@ -0,0 +1 @@ |
| 1 | +require File.dirname(__FILE__) + '/../../../test/test_helper' | ... | ... |
| ... | ... | @@ -0,0 +1,10 @@ |
| 1 | +require File.dirname(__FILE__) + '/../test_helper' | |
| 2 | + | |
| 3 | +class UserTest < ActiveSupport::TestCase | |
| 4 | + | |
| 5 | + should 'be able to add oauth providers in a environment' do | |
| 6 | + env = fast_create(Environment) | |
| 7 | + env.oauth_providers << OauthClientPlugin::Provider.new(:name => 'test', :strategy => 'test') | |
| 8 | + end | |
| 9 | + | |
| 10 | +end | ... | ... |
plugins/oauth_client/test/unit/oauth_client_plugin_test.rb
0 → 100644
| ... | ... | @@ -0,0 +1,86 @@ |
| 1 | +require File.dirname(__FILE__) + '/../test_helper' | |
| 2 | + | |
| 3 | +class OauthClientPluginTest < ActiveSupport::TestCase | |
| 4 | + | |
| 5 | + def setup | |
| 6 | + @plugin = OauthClientPlugin.new(self) | |
| 7 | + @params = {} | |
| 8 | + @plugin.stubs(:context).returns(self) | |
| 9 | + @environment = Environment.default | |
| 10 | + @session = {} | |
| 11 | + @request = mock | |
| 12 | + @provider = OauthClientPlugin::Provider.create!(:name => 'name', :strategy => 'strategy') | |
| 13 | + end | |
| 14 | + | |
| 15 | + attr_reader :params, :plugin, :environment, :session, :request, :provider | |
| 16 | + | |
| 17 | + should 'has extra contents for login' do | |
| 18 | + assert plugin.login_extra_contents | |
| 19 | + end | |
| 20 | + | |
| 21 | + should 'has no signup extra contents if no provider was enabled' do | |
| 22 | + assert_equal '', instance_eval(&plugin.signup_extra_contents) | |
| 23 | + end | |
| 24 | + | |
| 25 | + should 'has signup extra contents if oauth_data exists in session' do | |
| 26 | + session[:oauth_data] = {:oauth => 'test'} | |
| 27 | + expects(:render).with(:partial => 'account/oauth_signup').once | |
| 28 | + instance_eval(&plugin.signup_extra_contents) | |
| 29 | + end | |
| 30 | + | |
| 31 | + should 'define before filter for account controller' do | |
| 32 | + assert plugin.account_controller_filters | |
| 33 | + end | |
| 34 | + | |
| 35 | + should 'raise error if oauth email was changed' do | |
| 36 | + request.expects(:post?).returns(true) | |
| 37 | + | |
| 38 | + oauth_data = mock | |
| 39 | + info = mock | |
| 40 | + oauth_data.stubs(:info).returns(info) | |
| 41 | + oauth_data.stubs(:uid).returns('uid') | |
| 42 | + oauth_data.stubs(:provider).returns('provider') | |
| 43 | + info.stubs(:email).returns('test@example.com') | |
| 44 | + session[:oauth_data] = oauth_data | |
| 45 | + session[:provider_id] = provider.id | |
| 46 | + | |
| 47 | + params[:user] = {:email => 'test2@example.com'} | |
| 48 | + assert_raises RuntimeError do | |
| 49 | + instance_eval(&plugin.account_controller_filters[:block]) | |
| 50 | + end | |
| 51 | + end | |
| 52 | + | |
| 53 | + should 'do not raise error if oauth email was not changed' do | |
| 54 | + request.expects(:post?).returns(true) | |
| 55 | + | |
| 56 | + oauth_data = mock | |
| 57 | + info = mock | |
| 58 | + oauth_data.stubs(:info).returns(info) | |
| 59 | + oauth_data.stubs(:uid).returns('uid') | |
| 60 | + oauth_data.stubs(:provider).returns('provider') | |
| 61 | + info.stubs(:email).returns('test@example.com') | |
| 62 | + session[:oauth_data] = oauth_data | |
| 63 | + session[:provider_id] = provider.id | |
| 64 | + | |
| 65 | + params[:user] = {:email => 'test@example.com'} | |
| 66 | + instance_eval(&plugin.account_controller_filters[:block]) | |
| 67 | + end | |
| 68 | + | |
| 69 | + should 'do not raise error if oauth session is not set' do | |
| 70 | + instance_eval(&plugin.account_controller_filters[:block]) | |
| 71 | + end | |
| 72 | + | |
| 73 | + should 'do not raise error if it is not a post' do | |
| 74 | + request.expects(:post?).returns(false) | |
| 75 | + params[:user] = {:email => 'test2@example.com'} | |
| 76 | + | |
| 77 | + oauth_data = mock | |
| 78 | + oauth_data.stubs(:uid).returns('uid') | |
| 79 | + oauth_data.stubs(:provider).returns('provider') | |
| 80 | + session[:provider_id] = provider.id | |
| 81 | + | |
| 82 | + session[:oauth_data] = oauth_data | |
| 83 | + instance_eval(&plugin.account_controller_filters[:block]) | |
| 84 | + end | |
| 85 | + | |
| 86 | +end | ... | ... |
| ... | ... | @@ -0,0 +1,40 @@ |
| 1 | +require File.dirname(__FILE__) + '/../test_helper' | |
| 2 | + | |
| 3 | +class UserTest < ActiveSupport::TestCase | |
| 4 | + | |
| 5 | + def setup | |
| 6 | + @provider = OauthClientPlugin::Provider.create!(:name => 'name', :strategy => 'strategy') | |
| 7 | + end | |
| 8 | + attr_reader :provider | |
| 9 | + | |
| 10 | + should 'password is not required if there is a oauth provider' do | |
| 11 | + User.create!(:email => 'testoauth@example.com', :login => 'testoauth', :oauth_providers => [provider]) | |
| 12 | + end | |
| 13 | + | |
| 14 | + should 'password is required if there is a oauth provider' do | |
| 15 | + user = User.new(:email => 'testoauth@example.com', :login => 'testoauth') | |
| 16 | + user.save | |
| 17 | + assert user.errors[:password].present? | |
| 18 | + end | |
| 19 | + | |
| 20 | + should 'activate user when created with oauth' do | |
| 21 | + user = User.create!(:email => 'testoauth@example.com', :login => 'testoauth', :oauth_providers => [provider]) | |
| 22 | + assert user.activated? | |
| 23 | + end | |
| 24 | + | |
| 25 | + should 'not activate user when created without oauth' do | |
| 26 | + user = fast_create(User) | |
| 27 | + assert !user.activated? | |
| 28 | + end | |
| 29 | + | |
| 30 | + should 'not make activation code when created with oauth' do | |
| 31 | + user = User.create!(:email => 'testoauth@example.com', :login => 'testoauth', :oauth_providers => [provider]) | |
| 32 | + assert !user.activation_code | |
| 33 | + end | |
| 34 | + | |
| 35 | + should 'make activation code when created without oauth' do | |
| 36 | + user = User.create!(:email => 'testoauth@example.com', :login => 'testoauth', :password => 'test', :password_confirmation => 'test') | |
| 37 | + assert user.activation_code | |
| 38 | + end | |
| 39 | + | |
| 40 | +end | ... | ... |
plugins/oauth_client/views/account/_oauth_signup.html.erb
0 → 100644
| ... | ... | @@ -0,0 +1,11 @@ |
| 1 | +<%= hidden_field_tag 'return_to', '/' %> | |
| 2 | + | |
| 3 | +<style> | |
| 4 | + #signup-password, #signup-password-confirmation, #signup-email { | |
| 5 | + display: none; | |
| 6 | + } | |
| 7 | +</style> | |
| 8 | + | |
| 9 | +<div id='signup-email-readonly'> | |
| 10 | + <%= labelled_form_field(_('Email'), text_field(:user, :email, :class => "disabled", :readonly => true)) %> | |
| 11 | +</div> | ... | ... |
| ... | ... | @@ -0,0 +1,16 @@ |
| 1 | +<div class="oauth-login"> | |
| 2 | + <% unless providers.empty? %> | |
| 3 | + <%= _('Login with:') %> | |
| 4 | + <% end %> | |
| 5 | + <% providers.each do |provider| %> | |
| 6 | + <span class="provider"> | |
| 7 | + <%= link_to provider.image ? image_tag(provider.image.public_filename) : provider.name, "/plugin/oauth_client/#{provider.strategy}?id=#{provider.id}", :class => provider.strategy, :title => provider.name %> | |
| 8 | + </span> | |
| 9 | + <% end %> | |
| 10 | + | |
| 11 | + <span class="provider"> | |
| 12 | + <% unless Rails.env.production? %> | |
| 13 | + <%= link_to _('Developer Login'), "/plugin/oauth_client/developer", :class => 'developer' %> | |
| 14 | + <% end %> | |
| 15 | + </span> | |
| 16 | +</div> | ... | ... |
plugins/oauth_client/views/oauth_client_plugin_admin/_noosfero_oauth2.html.erb
0 → 100644
plugins/oauth_client/views/oauth_client_plugin_admin/edit.html.erb
0 → 100644
| ... | ... | @@ -0,0 +1,39 @@ |
| 1 | +<h1><%= _('Oauth Client Settings') %></h1> | |
| 2 | +<h3><%= _('Edit Provider') %></h3> | |
| 3 | + | |
| 4 | +<%= form_for @provider, :url => {:action => 'edit'}, :method => 'post' do |f| %> | |
| 5 | + | |
| 6 | + <div class="enabled"> | |
| 7 | + <%= labelled_form_field f.check_box(:enabled) + _('Enabled'), '' %> | |
| 8 | + </div> | |
| 9 | + | |
| 10 | + <div class="name"> | |
| 11 | + <%= labelled_form_field _('Name'), f.text_field(:name) %> | |
| 12 | + </div> | |
| 13 | + | |
| 14 | + <div class="strategy"> | |
| 15 | + <%= labelled_form_field _('Strategy'), f.select(:strategy, OauthClientPlugin::PROVIDERS) %> | |
| 16 | + </div> | |
| 17 | + | |
| 18 | + <div class="client-id"> | |
| 19 | + <%= labelled_form_field _('Client Id'), f.text_field(:client_id) %> | |
| 20 | + </div> | |
| 21 | + | |
| 22 | + <div class="client-secret"> | |
| 23 | + <%= labelled_form_field _('Client Secret'), f.text_field(:client_secret) %> | |
| 24 | + </div> | |
| 25 | + | |
| 26 | + <% if File.exists?(File.join(File.dirname(__FILE__), "_#{@provider.strategy}.html.erb")) %> | |
| 27 | + <%= render :partial => "#{@provider.strategy}", :locals => {:f => f, :provider => @provider} %> | |
| 28 | + <% end %> | |
| 29 | + | |
| 30 | + <div class="image-icon"> | |
| 31 | + <%= f.fields_for :image_builder, @provider.image do |i| %> | |
| 32 | + <%= file_field_or_thumbnail(_('Image:'), @provider.image, i) %><%= _("Max size: %s (.jpg, .gif, .png)")% Image.max_size.to_humanreadable %> | |
| 33 | + <% end %> | |
| 34 | + </div> | |
| 35 | + | |
| 36 | + <% button_bar do %> | |
| 37 | + <%= submit_button(:save, _('Save'), :cancel => {:action => 'index'}) %> | |
| 38 | + <% end %> | |
| 39 | +<% end %> | ... | ... |
plugins/oauth_client/views/oauth_client_plugin_admin/index.html.erb
0 → 100644
| ... | ... | @@ -0,0 +1,24 @@ |
| 1 | +<h1><%= _('Oauth Client Settings') %></h1> | |
| 2 | +<h3><%= _('Providers') %></h3> | |
| 3 | +<%= button :add, _('New'), {:action => 'new'} %> | |
| 4 | +<table> | |
| 5 | + <tr> | |
| 6 | + <th><%= _('Name') %></th> | |
| 7 | + <th><%= _('Strategy') %></th> | |
| 8 | + <th><%= _('Actions') %></th> | |
| 9 | + </tr> | |
| 10 | + | |
| 11 | + <% environment.oauth_providers.each do |provider| %> | |
| 12 | + <tr> | |
| 13 | + <td><%= provider.name %></td> | |
| 14 | + <td><%= provider.strategy %></td> | |
| 15 | + <td> | |
| 16 | + <%= link_to _('Edit'), {:action => 'edit', :id => provider.id} %> | |
| 17 | + <%= link_to _('Remove'), {:action => 'remove', :id => provider.id} %> | |
| 18 | + </td> | |
| 19 | + </tr> | |
| 20 | + <% end %> | |
| 21 | +</table> | |
| 22 | +<div class="actions"> | |
| 23 | + <%= button(:back, _('Go back'), {:controller => 'plugins', :action => 'index'}) %> | |
| 24 | +</div> | ... | ... |