discourse
/
discourse-oauth2-basic
mirror of https://github.com/discourse/discourse-oauth2-basic.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

DEV: General cleanup (#65)

This commit is contained in:
Jarek Radosz 2022-04-06 12:19:44 +02:00 committed by GitHub
parent 84d4331403
commit 38f527fafa
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
10 changed files with 1208 additions and 883 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
.github/workflows/plugin-linting.yml vendored
View File

@ -50,7 +50,10 @@ jobs:
- name: Ember template lint
if: ${{ always() }}
run: yarn ember-template-lint assets/javascripts
run: |
if [ 0 -lt $(find assets/javascripts -type f -name "*.hbs" 2> /dev/null | wc -l) ]; then
yarn ember-template-lint assets/javascripts
fi
- name: Rubocop
if: ${{ always() }}

38
Gemfile.lock
View File

@ -1,31 +1,31 @@
GEM
remote: https://rubygems.org/
specs:
ast (2.4.1)
parallel (1.19.2)
parser (2.7.1.4)
ast (2.4.2)
parallel (1.22.1)
parser (3.1.1.0)
ast (~> 2.4.1)
rainbow (3.0.0)
regexp_parser (1.7.1)
rainbow (3.1.1)
regexp_parser (2.2.1)
rexml (3.2.5)
rubocop (0.88.0)
rubocop (1.26.1)
parallel (~> 1.10)
parser (>= 2.7.1.1)
parser (>= 3.1.0.0)
rainbow (>= 2.2.2, < 4.0)
regexp_parser (>= 1.7)
regexp_parser (>= 1.8, < 3.0)
rexml
rubocop-ast (>= 0.1.0, < 1.0)
rubocop-ast (>= 1.16.0, < 2.0)
ruby-progressbar (~> 1.7)
unicode-display_width (>= 1.4.0, < 2.0)
rubocop-ast (0.1.0)
parser (>= 2.7.0.1)
rubocop-discourse (2.2.0)
rubocop (>= 0.69.0)
rubocop-rspec (>= 1.39.0)
rubocop-rspec (1.42.0)
rubocop (>= 0.87.0)
ruby-progressbar (1.10.1)
unicode-display_width (1.7.0)
unicode-display_width (>= 1.4.0, < 3.0)
rubocop-ast (1.16.0)
parser (>= 3.1.1.0)
rubocop-discourse (2.5.0)
rubocop (>= 1.1.0)
rubocop-rspec (>= 2.0.0)
rubocop-rspec (2.9.0)
rubocop (~> 1.19)
ruby-progressbar (1.11.0)
unicode-display_width (2.1.0)
PLATFORMS
ruby

33
README.md
View File

@ -2,7 +2,7 @@
This plugin allows you to use a basic OAuth2 provider as authentication for
Discourse. It should work with many providers, with the caveat that they
must provide a JSON endpoint for retriving information about the user
must provide a JSON endpoint for retrieving information about the user
you are logging in.
This is mainly useful for people who are using login providers that aren't
@ -10,7 +10,6 @@ very popular. If you want to use Google, Facebook or Twitter, those are
included out of the box and you don't need this plugin. You can also
look for other login providers in our [Github Repo](https://github.com/discourse).
## Usage
## Part 1: Basic Configuration
@ -20,28 +19,27 @@ It will require a **Redirect URI** which should be:
`http://DISCOURSE_HOST/auth/oauth2_basic/callback`
Replace `DISCOURSE_HOST` with the approriate value, and make sure you are
Replace `DISCOURSE_HOST` with the appropriate value, and make sure you are
using `https` if enabled. The OAuth2 provider should supply you with a
client ID and secret, as well as a couple of URLs.
Visit your **Admin** > **Settings** > **Login** and fill in the basic
configuration for the OAuth2 provider:
* `oauth2_enabled` - check this off to enable the feature
- `oauth2_enabled` - check this off to enable the feature
* `oauth2_client_id` - the client ID from your provider
- `oauth2_client_id` - the client ID from your provider
* `oauth2_client_secret` - the client secret from your provider
- `oauth2_client_secret` - the client secret from your provider
* `oauth2_authorize_url` - your provider's authorization URL
- `oauth2_authorize_url` - your provider's authorization URL
* `oauth2_token_url` - your provider's token URL.
- `oauth2_token_url` - your provider's token URL.
If you can't figure out the values for the above settings, check the
developer documentation from your provider or contact their customer
support.
## Part 2: Configuring the JSON User Endpoint
Discourse is now capable of receiving an authorization token from your
@ -90,7 +88,7 @@ The `oauth2_json_user_id_path`, `oauth2_json_username_path`, `oauth2_json_name_p
`oauth2_json_email_path` variables should be set to point to the appropriate attributes
in the JSON.
The only mandatory attribute is *id* - we need that so when the user logs on in the future
The only mandatory attribute is _id_ - we need that so when the user logs on in the future
that we can pull up the correct account. The others are great if available -- they will
make the signup process faster for the user as they will be pre-populated in the form.
@ -127,9 +125,10 @@ You could use `user.id` for the `oauth2_json_user_id_path` and `user.email.addre
To test this plugin in your local dev environment you can use Google OAuth 2.0 Server. Follow [this guide](https://support.google.com/cloud/answer/6158849?hl=en) to create new OAuth client id & secret.
* While creating it choose "Web application" as "Application type".
* Add `http://localhost:3000` in "Authorized JavaScript origins" and `http://localhost:3000/auth/oauth2_basic/callback` in "Authorized redirect URIs" fields.
* Then add following site settings in your admin panel.
- While creating it choose "Web application" as "Application type".
- Add `http://localhost:3000` in "Authorized JavaScript origins" and `http://localhost:3000/auth/oauth2_basic/callback` in "Authorized redirect URIs" fields.
- Then add following site settings in your admin panel.
```json
{
"oauth2_enabled": true,
@ -146,6 +145,7 @@ To test this plugin in your local dev environment you can use Google OAuth 2.0 S
"oauth2_scope": "https://www.googleapis.com/auth/userinfo.email"
}
```
That's it! You can check it now in your browser.
Good luck setting up custom OAuth2 on your Discourse!
@ -153,14 +153,15 @@ Good luck setting up custom OAuth2 on your Discourse!
### Issues
Please use [this topic on meta](https://meta.discourse.org/t/oauth2-basic-support/33879) to discuss
issues with the plugin, including bugs and feature reqests.
issues with the plugin, including bugs and feature requests.
### How to run tests
Make sure the plugin has been installed, then from the discourse directory run:
LOAD_PLUGINS=1 bundle exec rspec plugins/discourse-oauth2-basic/spec/plugin_spec.rb
```
LOAD_PLUGINS=1 bundle exec rspec plugins/discourse-oauth2-basic/spec/plugin_spec.rb
```
### License

1
config/locales/client.en.yml
View File

@ -3,4 +3,3 @@ en:
login:
oauth2_basic:
name: "OAuth 2"

22
config/locales/server.en.yml
View File

@ -4,19 +4,19 @@ en:
site_settings:
oauth2_enabled: "Custom OAuth2 is enabled"
oauth2_client_id: 'Client ID for custom OAuth2'
oauth2_client_secret: 'Client Secret for custom OAuth2'
oauth2_authorize_url: 'Authorization URL for OAuth2'
oauth2_client_id: "Client ID for custom OAuth2"
oauth2_client_secret: "Client Secret for custom OAuth2"
oauth2_authorize_url: "Authorization URL for OAuth2"
oauth2_authorize_signup_url: '(optional) Alternative authorization URL used when the "Sign Up" button is used'
oauth2_token_url: 'Token URL for OAuth2'
oauth2_token_url_method: 'Method used to fetch the Token URL'
oauth2_callback_user_id_path: 'Path in the token response to the user id. eg: params.info.uuid'
oauth2_callback_user_info_paths: 'Paths in the token response to other user properties. Supported properties are name, username, email, email_verified and avatar. Format is property:path, eg: name:params.info.name'
oauth2_token_url: "Token URL for OAuth2"
oauth2_token_url_method: "Method used to fetch the Token URL"
oauth2_callback_user_id_path: "Path in the token response to the user id. eg: params.info.uuid"
oauth2_callback_user_info_paths: "Paths in the token response to other user properties. Supported properties are name, username, email, email_verified and avatar. Format is property:path, eg: name:params.info.name"
oauth2_fetch_user_details: "Fetch user JSON for OAuth2"
oauth2_user_json_url: 'URL to fetch user JSON for OAuth2 (note we replace :id with the id returned by OAuth call and :token with the token id)'
oauth2_user_json_url_method: 'Method used to fetch the user JSON URL'
oauth2_json_user_id_path: 'Path in the OAuth2 User JSON to the user id. eg: user.id'
oauth2_json_username_path: 'Path in the OAuth2 User JSON to the username. eg: user.username'
oauth2_user_json_url: "URL to fetch user JSON for OAuth2 (note we replace :id with the id returned by OAuth call and :token with the token id)"
oauth2_user_json_url_method: "Method used to fetch the user JSON URL"
oauth2_json_user_id_path: "Path in the OAuth2 User JSON to the user id. eg: user.id"
oauth2_json_username_path: "Path in the OAuth2 User JSON to the username. eg: user.username"
oauth2_json_name_path: "Path in the OAuth2 User JSON to the user's full. eg: user.name.full"
oauth2_json_email_path: "Path in the OAuth2 User JSON to the user's email. eg: user.email"
oauth2_json_email_verified_path: "Path in the OAuth2 User JSON to the user's email verification state. eg: user.email.verified. oauth2_email_verified must be disabled for this setting to have any effect"

38
config/settings.yml
View File

@ -2,48 +2,48 @@ login:
oauth2_enabled:
default: false
client: true
oauth2_client_id: ''
oauth2_client_secret: ''
oauth2_authorize_url: ''
oauth2_authorize_signup_url: ''
oauth2_token_url: ''
oauth2_client_id: ""
oauth2_client_secret: ""
oauth2_authorize_url: ""
oauth2_authorize_signup_url: ""
oauth2_token_url: ""
oauth2_token_url_method:
default: 'POST'
default: "POST"
type: enum
choices:
- GET
- POST
oauth2_callback_user_id_path: ''
oauth2_callback_user_id_path: ""
oauth2_callback_user_info_paths:
type: list
default: 'id'
default: "id"
oauth2_fetch_user_details:
default: true
validator: "Oauth2FetchUserDetailsValidator"
oauth2_user_json_url: ''
oauth2_user_json_url: ""
oauth2_user_json_url_method:
default: 'GET'
default: "GET"
type: enum
choices:
- GET
- POST
oauth2_json_user_id_path: ''
oauth2_json_username_path: ''
oauth2_json_name_path: ''
oauth2_json_email_path: ''
oauth2_json_email_verified_path: ''
oauth2_json_avatar_path: ''
oauth2_json_user_id_path: ""
oauth2_json_username_path: ""
oauth2_json_name_path: ""
oauth2_json_email_path: ""
oauth2_json_email_verified_path: ""
oauth2_json_avatar_path: ""
oauth2_email_verified: false
oauth2_overrides_email: false
oauth2_send_auth_header: true
oauth2_send_auth_body: true
oauth2_debug_auth: false
oauth2_authorize_options:
default: 'scope'
default: "scope"
type: list
oauth2_scope: ''
oauth2_scope: ""
oauth2_button_title:
default: 'with OAuth2'
default: "with OAuth2"
client: true
oauth2_allow_association_change:
default: false

2
package.json
View File

@ -5,6 +5,6 @@
"author": "Discourse",
"license": "MIT",
"devDependencies": {
"eslint-config-discourse": "^1.1.3"
"eslint-config-discourse": "^3.0.0"
}
}

1
plugin.rb
View File

@ -5,6 +5,7 @@
# version: 0.3
# authors: Robin Ward
# url: https://github.com/discourse/discourse-oauth2-basic
# transpile_js: true
enabled_site_setting :oauth2_enabled

6
spec/plugin_spec.rb
View File

@ -32,14 +32,14 @@ describe OAuth2BasicAuthenticator do
expect(result.email_valid).to eq(true)
end
it 'doesnt validate user email if provider hasnt verified' do
it "doesn't validate user email if provider hasn't verified" do
SiteSetting.oauth2_email_verified = false
authenticator.stubs(:fetch_user_details).returns(email: user.email, email_verified: nil)
result = authenticator.after_authenticate(auth)
expect(result.email_valid).to eq(false)
end
it 'doesnt affect the site setting' do
it "doesn't affect the site setting" do
SiteSetting.oauth2_email_verified = true
authenticator.stubs(:fetch_user_details).returns(email: user.email, email_verified: false)
result = authenticator.after_authenticate(auth)
@ -300,7 +300,7 @@ describe OAuth2BasicAuthenticator do
expect(strategy.uid).to eq 'e028b1b918853eca7fba208a9d7e9d29a6e93c57'
end
it 'can retrive user properties from access token callback' do
it 'can retrieve user properties from access token callback' do
strategy.stubs(:access_token).returns(access_token)
expect(strategy.info['name']).to eq 'Sammy the Shark'
expect(strategy.info['email']).to eq 'sammy@digitalocean.com'

1945
yarn.lock
View File

File diff suppressed because it is too large Load Diff