Codebase list ruby-omniauth-facebook / upstream/8.0.0
Import upstream version 8.0.0 Debian Janitor 2 years ago
13 changed file(s) with 159 addition(s) and 90 deletion(s). Raw diff Collapse all Expand all
0 name: Mark stale issues and pull requests
1
2 on:
3 schedule:
4 - cron: "0 0 * * *"
5
6 jobs:
7 stale:
8
9 runs-on: ubuntu-latest
10
11 steps:
12 - uses: actions/stale@v1
13 with:
14 repo-token: ${{ secrets.GITHUB_TOKEN }}
15 stale-issue-message: 'This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.'
16 stale-pr-message: 'This pull request has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.'
17 stale-issue-label: 'no-issue-activity'
18 stale-pr-label: 'no-pr-activity'
19 days-before-stale: 30
20 days-before-close: 5
21 exempt-pr-label: 'pinned'
22 exempt-issue-label: 'pinned'
0 before_install:
1 - gem update bundler
2 - bundle --version
3 - gem update --system
4 - gem --version
0 language: ruby
1 cache: bundler
52 rvm:
6 - 2.3.0
7 - 2.2
8 - 2.1
9 - 2.0
10 - 1.9.3
11 - jruby-19mode
12 - rbx-2
3 - 2.7
4 - 2.6
5 - 2.5
0 ## 8.0.0 (2020-10-20)
1
2 Changes:
3
4 - user profile picture link includes access token (#344, @anklos)
5
6 ## 7.0.0 (2020-08-03)
7
8 Changes:
9
10 - bumped version of FB Graph API to v4.0
11
12 ## 6.0.0 (2020-01-27)
13
14 Changes:
15
16 - bumped version of FB Graph API to v3.0
17
18 ## 5.0.0 (2018-03-29)
19
20 Changes:
21
22 - bumped version of FB Graph API to v2.10 (#297, @piotrjaworski)
23 - use only CRuby 2.0+ on CI (#298, @simi)
24
025 ## 4.0.0 (2016-07-26)
126
227 Changes:
530 - switch to versioned FB APIs, currently using v2.6 (#245, @printercu, @mkdynamic)
631 - remove deprecated :nickname field from README example (#223, @abelorian)
732 - add Ruby 2.2 + 2.3.0 to CI (#225, @tricknotes, @mkdynamic, @anoraak)
8 - update example app (@mkynamic)
33 - update example app (@mkdynamic)
934
1035 ## 3.0.0 (2015-10-26)
1136
11
22 gemspec
33
4 gem 'rack', RUBY_VERSION < '2.2.2' ? '~> 1.6' : '>= 2.0'
5
46 platforms :rbx do
57 gem 'rubysl', '~> 2.0'
68 end
0 # OmniAuth Facebook &nbsp;[![Build Status](https://secure.travis-ci.org/mkdynamic/omniauth-facebook.svg?branch=master)](https://travis-ci.org/mkdynamic/omniauth-facebook) [![Gem Version](https://img.shields.io/gem/v/omniauth-facebook.svg)](https://rubygems.org/gems/omniauth-facebook)
0 # OmniAuth Facebook &nbsp;[![Build Status](https://secure.travis-ci.org/simi/omniauth-facebook.svg?branch=master)](https://travis-ci.org/simi/omniauth-facebook) [![Gem Version](https://img.shields.io/gem/v/omniauth-facebook.svg)](https://rubygems.org/gems/omniauth-facebook)
1
2 📣 **NOTICE** We’re looking for maintainers to help keep this project up-to-date. If you are interested in helping please open an Issue expressing your interest. Thanks! 📣
13
24 **These notes are based on master, please see tags for README pertaining to specific releases.**
35
2325
2426 ```ruby
2527 Rails.application.config.middleware.use OmniAuth::Builder do
26 provider :facebook, ENV['FACEBOOK_KEY'], ENV['FACEBOOK_SECRET']
28 provider :facebook, ENV['FACEBOOK_APP_ID'], ENV['FACEBOOK_APP_SECRET']
2729 end
2830 ```
2931
30 [See the example Sinatra app for full examples](https://github.com/mkdynamic/omniauth-facebook/blob/master/example/config.ru) of both the server and client-side flows (including using the Facebook Javascript SDK).
32 [See the example Sinatra app for full examples](https://github.com/simi/omniauth-facebook/blob/master/example/config.ru) of both the server and client-side flows (including using the Facebook Javascript SDK).
3133
3234 ## Configuring
3335
3840 `scope` | `email` | A comma-separated list of permissions you want to request from the user. See the Facebook docs for a full list of available permissions: https://developers.facebook.com/docs/reference/login/
3941 `display` | `page` | The display context to show the authentication page. Options are: `page`, `popup` and `touch`. Read the Facebook docs for more details: https://developers.facebook.com/docs/reference/dialogs/oauth/
4042 `image_size` | `square` | Set the size for the returned image url in the auth hash. Valid options include `square` (50x50), `small` (50 pixels wide, variable height), `normal` (100 pixels wide, variable height), or `large` (about 200 pixels wide, variable height). Additionally, you can request a picture of a specific size by setting this option to a hash with `:width` and `:height` as keys. This will return an available profile picture closest to the requested size and requested aspect ratio. If only `:width` or `:height` is specified, we will return a picture whose width or height is closest to the requested size, respectively.
41 `info_fields` | 'name,email' | Specify exactly which fields should be returned when getting the user's info. Value should be a comma-separated string as per https://developers.facebook.com/docs/graph-api/reference/user/ (only `/me` endpoint).
43 `info_fields` | `name,email` | Specify exactly which fields should be returned when getting the user's info. Value should be a comma-separated string as per https://developers.facebook.com/docs/graph-api/reference/user/ (only `/me` endpoint).
4244 `locale` | | Specify locale which should be used when getting the user's info. Value should be locale string as per https://developers.facebook.com/docs/reference/api/locale/.
4345 `auth_type` | | Optionally specifies the requested authentication features as a comma-separated list, as per https://developers.facebook.com/docs/facebook-login/reauthentication/. Valid values are `https` (checks for the presence of the secure cookie and asks for re-authentication if it is not present), and `reauthenticate` (asks the user to re-authenticate unconditionally). Use 'rerequest' when you want to request premissions. Default is `nil`.
4446 `secure_image_url` | `false` | Set to `true` to use https for the avatar image url returned in the auth hash.
4850
4951 ```ruby
5052 Rails.application.config.middleware.use OmniAuth::Builder do
51 provider :facebook, ENV['APP_ID'], ENV['APP_SECRET'],
53 provider :facebook, ENV['FACEBOOK_APP_ID'], ENV['FACEBOOK_APP_SECRET'],
5254 scope: 'email,user_birthday,read_stream', display: 'popup'
5355 end
5456 ```
5557
5658 ### API Version
5759
58 OmniAuth Facebook uses versioned API endpoints by default (current v2.6). You can configure a different version via `client_options` hash passed to `provider`, specifically you should change the version in the `site` and `authorize_url` parameters. For example, to change to v3.0 (assuming that exists):
60 OmniAuth Facebook uses versioned API endpoints by default (current v4.0). You can configure a different version via `client_options` hash passed to `provider`, specifically you should change the version in the `site` and `authorize_url` parameters. For example, to change to v7.0 (assuming that exists):
5961
6062 ```ruby
6163 use OmniAuth::Builder do
62 provider :facebook, ENV['APP_ID'], ENV['APP_SECRET'],
64 provider :facebook, ENV['FACEBOOK_APP_ID'], ENV['FACEBOOK_APP_SECRET'],
6365 client_options: {
64 site: 'https://graph.facebook.com/v3.0',
65 authorize_url: "https://www.facebook.com/v3.0/dialog/oauth"
66 site: 'https://graph.facebook.com/v7.0',
67 authorize_url: "https://www.facebook.com/v7.0/dialog/oauth"
6668 }
6769 end
6870 ```
8587 first_name: 'Joe',
8688 last_name: 'Bloggs',
8789 image: 'http://graph.facebook.com/1234567/picture?type=square',
88 urls: { Facebook: 'http://www.facebook.com/jbloggs' },
89 location: 'Palo Alto, California',
9090 verified: true
9191 },
9292 credentials: {
151151
152152 ## Supported Rubies
153153
154 - Ruby MRI (1.9.3+)
155 - JRuby (1.9 mode)
156 - RBX (2.1.1+)
154 - Ruby MRI (2.3, 2.4, 2.5, 2.6)
157155
158156 ## License
159157
00 PATH
1 remote: ../
1 remote: ..
22 specs:
3 omniauth-facebook (3.0.0)
3 omniauth-facebook (6.0.0)
44 omniauth-oauth2 (~> 1.2)
55
66 GEM
77 remote: https://rubygems.org/
88 specs:
9 backports (3.6.8)
10 faraday (0.9.2)
9 backports (3.15.0)
10 faraday (1.0.0)
1111 multipart-post (>= 1.2, < 3)
12 hashie (3.4.4)
13 jwt (1.5.1)
14 multi_json (1.12.1)
15 multi_xml (0.5.5)
16 multipart-post (2.0.0)
17 oauth2 (1.1.0)
18 faraday (>= 0.8, < 0.10)
19 jwt (~> 1.0, < 1.5.2)
12 hashie (3.6.0)
13 jwt (2.2.1)
14 multi_json (1.14.1)
15 multi_xml (0.6.0)
16 multipart-post (2.1.1)
17 mustermann (1.1.1)
18 ruby2_keywords (~> 0.0.1)
19 oauth2 (1.4.2)
20 faraday (>= 0.8, < 2.0)
21 jwt (>= 1.0, < 3.0)
2022 multi_json (~> 1.3)
2123 multi_xml (~> 0.5)
2224 rack (>= 1.2, < 3)
23 omniauth (1.3.1)
24 hashie (>= 1.2, < 4)
25 rack (>= 1.0, < 3)
26 omniauth-oauth2 (1.4.0)
27 oauth2 (~> 1.0)
28 omniauth (~> 1.2)
29 rack (1.6.4)
30 rack-protection (1.5.3)
25 omniauth (1.9.0)
26 hashie (>= 3.4.6, < 3.7.0)
27 rack (>= 1.6.2, < 3)
28 omniauth-oauth2 (1.6.0)
29 oauth2 (~> 1.1)
30 omniauth (~> 1.9)
31 rack (2.1.1)
32 rack-protection (2.0.8.1)
3133 rack
32 rack-test (0.6.3)
33 rack (>= 1.0)
34 sinatra (1.4.7)
35 rack (~> 1.5)
36 rack-protection (~> 1.4)
37 tilt (>= 1.3, < 3)
38 sinatra-contrib (1.4.7)
39 backports (>= 2.0)
34 ruby2_keywords (0.0.2)
35 sinatra (2.0.8.1)
36 mustermann (~> 1.0)
37 rack (~> 2.0)
38 rack-protection (= 2.0.8.1)
39 tilt (~> 2.0)
40 sinatra-contrib (2.0.8.1)
41 backports (>= 2.8.2)
4042 multi_json
41 rack-protection
42 rack-test
43 sinatra (~> 1.4.0)
44 tilt (>= 1.3, < 3)
43 mustermann (~> 1.0)
44 rack-protection (= 2.0.8.1)
45 sinatra (= 2.0.8.1)
46 tilt (~> 2.0)
4547 sinatra-reloader (1.0)
4648 sinatra-contrib
47 tilt (2.0.5)
49 tilt (2.0.10)
4850
4951 PLATFORMS
5052 ruby
53 x64-mingw32
5154
5255 DEPENDENCIES
5356 omniauth-facebook!
5558 sinatra-reloader
5659
5760 BUNDLED WITH
58 1.12.5
61 1.17.2
00 require 'sinatra'
11 require "sinatra/reloader"
22 require 'yaml'
3 require 'json'
34
45 # configure sinatra
56 set :run, false
2627 <script type="text/javascript">
2728 window.fbAsyncInit = function() {
2829 FB.init({
29 appId: '#{ENV['APP_ID']}',
30 version: 'v2.6',
30 appId: '#{ENV['FACEBOOK_APP_ID']}',
31 version: 'v4.0',
3132 cookie: true // IMPORTANT must enable cookies to allow the server to access the session
3233 });
3334 console.log("fb init");
8081 # - ajax request made here for client-side flow
8182 get '/auth/:provider/callback' do
8283 content_type 'application/json'
83 MultiJson.encode(request.env)
84 JSON.dump(request.env)
8485 end
44 use Rack::Session::Cookie, secret: 'abc123'
55
66 use OmniAuth::Builder do
7 provider :facebook, ENV['APP_ID'], ENV['APP_SECRET']
7 provider :facebook, ENV['FACEBOOK_APP_ID'], ENV['FACEBOOK_APP_SECRET']
88 end
99
1010 run Sinatra::Application
00 module OmniAuth
11 module Facebook
2 VERSION = "4.0.0"
2 VERSION = '8.0.0'
33 end
44 end
1111 DEFAULT_SCOPE = 'email'
1212
1313 option :client_options, {
14 site: 'https://graph.facebook.com/v2.6',
15 authorize_url: "https://www.facebook.com/v2.6/dialog/oauth",
14 site: 'https://graph.facebook.com/v4.0',
15 authorize_url: "https://www.facebook.com/v4.0/dialog/oauth",
1616 token_url: 'oauth/access_token'
1717 }
1818
2020 header_format: 'OAuth %s',
2121 param_name: 'access_token'
2222 }
23
24 option :authorization_code_from_signed_request_in_cookie, nil
2325
2426 option :authorize_options, [:scope, :display, :auth_type]
2527
7577 # phase and it must match during the access_token phase:
7678 # https://github.com/facebook/facebook-php-sdk/blob/master/src/base_facebook.php#L477
7779 def callback_url
78 if @authorization_code_from_signed_request_in_cookie
80 if options.authorization_code_from_signed_request_in_cookie
7981 ''
8082 else
8183 # Fixes regression in omniauth-oauth2 v1.4.0 by https://github.com/intridea/omniauth-oauth2/commit/85fdbe117c2a4400d001a6368cc359d88f40abc7
130132 yield
131133 elsif code_from_signed_request = signed_request_from_cookie && signed_request_from_cookie['code']
132134 request.params['code'] = code_from_signed_request
133 @authorization_code_from_signed_request_in_cookie = true
135 options.authorization_code_from_signed_request_in_cookie = true
134136 # NOTE The code from the signed fbsr_XXX cookie is set by the FB JS SDK will confirm that the identity of the
135137 # user contained in the signed request matches the user loading the app.
136138 original_provider_ignores_state = options.provider_ignores_state
139141 yield
140142 ensure
141143 request.params.delete('code')
142 @authorization_code_from_signed_request_in_cookie = false
144 options.authorization_code_from_signed_request_in_cookie = false
143145 options.provider_ignores_state = original_provider_ignores_state
144146 end
145147 else
158160 uri_class = options[:secure_image_url] ? URI::HTTPS : URI::HTTP
159161 site_uri = URI.parse(client.site)
160162 url = uri_class.build({host: site_uri.host, path: "#{site_uri.path}/#{uid}/picture"})
163 query = { access_token: access_token.token }
161164
162 query = if options[:image_size].is_a?(String) || options[:image_size].is_a?(Symbol)
163 { type: options[:image_size] }
165 if options[:image_size].is_a?(String) || options[:image_size].is_a?(Symbol)
166 query[:type] = options[:image_size]
164167 elsif options[:image_size].is_a?(Hash)
165 options[:image_size]
168 query.merge!(options[:image_size])
166169 end
167 url.query = Rack::Utils.build_query(query) if query
170
171 url.query = Rack::Utils.build_query(query)
168172
169173 url.to_s
170174 end
77 s.authors = ['Mark Dodwell', 'Josef Šimánek']
88 s.email = ['mark@madeofcode.com', 'retro@ballgag.cz']
99 s.summary = 'Facebook OAuth2 Strategy for OmniAuth'
10 s.homepage = 'https://github.com/mkdynamic/omniauth-facebook'
10 s.homepage = 'https://github.com/simi/omniauth-facebook'
1111 s.license = 'MIT'
1212
1313 s.files = `git ls-files`.split("\n")
4040
4141 @client_id = '123'
4242 @client_secret = '53cr3tz'
43 @options = {}
4344 end
4445
4546 def strategy
5253 end
5354 end
5455
55 Dir[File.expand_path('../support/**/*', __FILE__)].each &method(:require)
56 Dir[File.expand_path('../support/**/*', __FILE__)].each(&method(:require))
88
99 class ClientTest < StrategyTestCase
1010 test 'has correct Facebook site' do
11 assert_equal 'https://graph.facebook.com/v2.6', strategy.client.site
11 assert_equal 'https://graph.facebook.com/v4.0', strategy.client.site
1212 end
1313
1414 test 'has correct authorize url' do
15 assert_equal 'https://www.facebook.com/v2.6/dialog/oauth', strategy.client.options[:authorize_url]
15 assert_equal 'https://www.facebook.com/v4.0/dialog/oauth', strategy.client.options[:authorize_url]
1616 end
1717
1818 test 'has correct token url with versioning' do
9494 end
9595
9696 class InfoTest < StrategyTestCase
97 def setup
98 super
99 @access_token = stub('OAuth2::AccessToken')
100 @access_token.stubs(:token).returns('test_access_token')
101 end
102
97103 test 'returns the secure facebook avatar url when `secure_image_url` option is specified' do
98104 @options = { secure_image_url: true }
99105 raw_info = { 'name' => 'Fred Smith', 'id' => '321' }
100106 strategy.stubs(:raw_info).returns(raw_info)
101 assert_equal 'https://graph.facebook.com/v2.6/321/picture', strategy.info['image']
107 strategy.stubs(:access_token).returns(@access_token)
108 assert_equal 'https://graph.facebook.com/v4.0/321/picture?access_token=test_access_token', strategy.info['image']
102109 end
103110
104111 test 'returns the image_url based of the client site' do
105112 @options = { secure_image_url: true, client_options: {site: "https://blah.facebook.com/v2.2"}}
106113 raw_info = { 'name' => 'Fred Smith', 'id' => '321' }
107114 strategy.stubs(:raw_info).returns(raw_info)
108 assert_equal 'https://blah.facebook.com/v2.2/321/picture', strategy.info['image']
115 strategy.stubs(:access_token).returns(@access_token)
116 assert_equal "https://blah.facebook.com/v2.2/321/picture?access_token=test_access_token", strategy.info['image']
109117 end
110118
111119 test 'returns the image with size specified in the `image_size` option' do
112120 @options = { image_size: 'normal' }
113121 raw_info = { 'name' => 'Fred Smith', 'id' => '321' }
114122 strategy.stubs(:raw_info).returns(raw_info)
115 assert_equal 'http://graph.facebook.com/v2.6/321/picture?type=normal', strategy.info['image']
123 strategy.stubs(:access_token).returns(@access_token)
124 assert_equal 'http://graph.facebook.com/v4.0/321/picture?access_token=test_access_token&type=normal', strategy.info['image']
116125 end
117126
118127 test 'returns the image with size specified as a symbol in the `image_size` option' do
119128 @options = { image_size: :normal }
120129 raw_info = { 'name' => 'Fred Smith', 'id' => '321' }
121130 strategy.stubs(:raw_info).returns(raw_info)
122 assert_equal 'http://graph.facebook.com/v2.6/321/picture?type=normal', strategy.info['image']
131 strategy.stubs(:access_token).returns(@access_token)
132 assert_equal 'http://graph.facebook.com/v4.0/321/picture?access_token=test_access_token&type=normal', strategy.info['image']
123133 end
124134
125135 test 'returns the image with width and height specified in the `image_size` option' do
126136 @options = { image_size: { width: 123, height: 987 } }
127137 raw_info = { 'name' => 'Fred Smith', 'id' => '321' }
128138 strategy.stubs(:raw_info).returns(raw_info)
139 strategy.stubs(:access_token).returns(@access_token)
129140 assert_match 'width=123', strategy.info['image']
130141 assert_match 'height=987', strategy.info['image']
131 assert_match 'http://graph.facebook.com/v2.6/321/picture?', strategy.info['image']
142 assert_match 'http://graph.facebook.com/v4.0/321/picture?access_token=test_access_token', strategy.info['image']
132143 end
133144 end
134145
137148 super
138149 @raw_info ||= { 'name' => 'Fred Smith' }
139150 strategy.stubs(:raw_info).returns(@raw_info)
151
152 access_token = stub('OAuth2::AccessToken')
153 access_token.stubs(:token).returns('test_access_token')
154 strategy.stubs(:access_token).returns(access_token)
140155 end
141156
142157 test 'returns the name' do
175190
176191 test 'returns the facebook avatar url' do
177192 @raw_info['id'] = '321'
178 assert_equal 'http://graph.facebook.com/v2.6/321/picture', strategy.info['image']
193 assert_equal 'http://graph.facebook.com/v4.0/321/picture?access_token=test_access_token', strategy.info['image']
179194 end
180195
181196 test 'returns the Facebook link as the Facebook url' do
214229 super
215230 @raw_info ||= { 'name' => 'Fred Smith' }
216231 strategy.stubs(:raw_info).returns(@raw_info)
232
233 access_token = stub('OAuth2::AccessToken')
234 access_token.stubs(:token).returns('test_access_token')
235 strategy.stubs(:access_token).returns(access_token)
217236 end
218237
219238 test 'has no email key' do
257276 @options = {appsecret_proof: @appsecret_proof, fields: 'name,email'}
258277 end
259278
260 test 'performs a GET to https://graph.facebook.com/v2.6/me' do
279 test 'performs a GET to https://graph.facebook.com/v4.0/me' do
261280 strategy.stubs(:appsecret_proof).returns(@appsecret_proof)
262281 strategy.stubs(:access_token).returns(@access_token)
263282 params = {params: @options}
265284 strategy.raw_info
266285 end
267286
268 test 'performs a GET to https://graph.facebook.com/v2.6/me with locale' do
287 test 'performs a GET to https://graph.facebook.com/v4.0/me with locale' do
269288 @options.merge!({ locale: 'cs_CZ' })
270289 strategy.stubs(:access_token).returns(@access_token)
271290 strategy.stubs(:appsecret_proof).returns(@appsecret_proof)
274293 strategy.raw_info
275294 end
276295
277 test 'performs a GET to https://graph.facebook.com/v2.6/me with info_fields' do
296 test 'performs a GET to https://graph.facebook.com/v4.0/me with info_fields' do
278297 @options.merge!({info_fields: 'about'})
279298 strategy.stubs(:access_token).returns(@access_token)
280299 strategy.stubs(:appsecret_proof).returns(@appsecret_proof)
283302 strategy.raw_info
284303 end
285304
286 test 'performs a GET to https://graph.facebook.com/v2.6/me with default info_fields' do
305 test 'performs a GET to https://graph.facebook.com/v4.0/me with default info_fields' do
287306 strategy.stubs(:access_token).returns(@access_token)
288307 strategy.stubs(:appsecret_proof).returns(@appsecret_proof)
289308 params = {params: {appsecret_proof: @appsecret_proof, fields: 'name,email'}}
451470 end
452471
453472 test 'empty param' do
454 assert_equal nil, strategy.send(:signed_request_from_cookie)
473 assert_nil strategy.send(:signed_request_from_cookie)
455474 end
456475 end
457476