From 04820934859aaaa63499bc1076443f461e1ae022 Mon Sep 17 00:00:00 2001 From: Dario Date: Sat, 23 Nov 2024 01:00:03 +0100 Subject: [PATCH 1/5] implement oidc as a new provider --- lib/code0/identities.rb | 1 + lib/code0/identities/provider/oidc.rb | 63 ++++++++++++++++++++++++++ sig/code0/identities/provider/oidc.rbs | 17 +++++++ 3 files changed, 81 insertions(+) create mode 100644 lib/code0/identities/provider/oidc.rb create mode 100644 sig/code0/identities/provider/oidc.rbs diff --git a/lib/code0/identities.rb b/lib/code0/identities.rb index 1d397cf..8ff46ff 100644 --- a/lib/code0/identities.rb +++ b/lib/code0/identities.rb @@ -10,6 +10,7 @@ require_relative "identities/provider/google" require_relative "identities/provider/discord" require_relative "identities/provider/github" +require_relative "identities/provider/oidc" module Code0 module Identities diff --git a/lib/code0/identities/provider/oidc.rb b/lib/code0/identities/provider/oidc.rb new file mode 100644 index 0000000..a671a81 --- /dev/null +++ b/lib/code0/identities/provider/oidc.rb @@ -0,0 +1,63 @@ +# frozen_string_literal: true + +module Code0 + module Identities + module Provider + class Oidc < BaseOauth + def token_url + config[:token_url] + end + + def token_payload(code) + { code: code, + grant_type: "authorization_code", + redirect_uri: config[:redirect_uri], + client_id: config[:client_id], + client_secret: config[:client_secret] } + end + + def user_details_url + config[:user_details_url] + end + + def authorization_url + config[:user_details_url] + end + + def create_identity(response, *) + body = response.parsed_response + + Identity.new(config[:provider_name], + find_attribute(body, config[:attribute_statements][:identifier]), + find_attribute(body, config[:attribute_statements][:username]), + find_attribute(body, config[:attribute_statements][:email]), + find_attribute(body, config[:attribute_statements][:firstname]), + find_attribute(body, config[:attribute_statements][:lastname])) + end + + def config + config = super + + # rubocop:disable Layout/LineLength + config[:provider_name] ||= :oidc + config[:attribute_statements] ||= {} + config[:attribute_statements][:identifier] ||= %w[sub id identifier] + config[:attribute_statements][:username] ||= %w[username name login] + config[:attribute_statements][:email] ||= %w[email mail] + config[:attribute_statements][:firstname] ||= %w[first_name firstname firstName givenname given_name givenName] + config[:attribute_statements][:lastname] ||= %w[last_name lastname lastName family_name familyName familyname] + # rubocop:enable Layout/LineLength + + config + end + + def find_attribute(attributes, attribute_statements) + attribute_statements.each do |statement| + return attributes[statement] unless attributes[statement].nil? + end + nil + end + end + end + end +end diff --git a/sig/code0/identities/provider/oidc.rbs b/sig/code0/identities/provider/oidc.rbs new file mode 100644 index 0000000..1a6187d --- /dev/null +++ b/sig/code0/identities/provider/oidc.rbs @@ -0,0 +1,17 @@ +module Code0 + module Identities + module Provider + class Oidc < BaseOauth + def token_url: () -> String + + def token_payload: (code: String) -> { code: String, grant_type: "authorization_code", redirect_uri: String, client_id: String, client_secret: String } + + def user_details_url: () -> String + + def authorization_url: () -> String + + def create_identity: (response: Net::HTTPResponse) -> Identity + end + end + end +end From 3f7e96f6a944c2e8a3bf1afba9fe5a62635e5240 Mon Sep 17 00:00:00 2001 From: Dario Date: Sat, 23 Nov 2024 01:13:31 +0100 Subject: [PATCH 2/5] extend readme --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index 0b26ae4..1cab20c 100644 --- a/README.md +++ b/README.md @@ -10,6 +10,7 @@ OAuth: - Microsoft - Github - Gitlab +- OIDC / oAuth2 ## Installation From f2d5b57b4e3af157252c323e3b9eaa3adcb9f58e Mon Sep 17 00:00:00 2001 From: Dario Pranjic <96529060+Knerio@users.noreply.github.com> Date: Sat, 23 Nov 2024 01:24:54 +0100 Subject: [PATCH 3/5] fix wrong config key --- lib/code0/identities/provider/oidc.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/code0/identities/provider/oidc.rb b/lib/code0/identities/provider/oidc.rb index a671a81..630e24e 100644 --- a/lib/code0/identities/provider/oidc.rb +++ b/lib/code0/identities/provider/oidc.rb @@ -21,7 +21,7 @@ def user_details_url end def authorization_url - config[:user_details_url] + config[:authorization_url] end def create_identity(response, *) From d36840e81240399a7664abeddfe564e4b310359e Mon Sep 17 00:00:00 2001 From: Dario Date: Sun, 24 Nov 2024 13:30:07 +0100 Subject: [PATCH 4/5] add template string to auth url --- lib/code0/identities/provider/oidc.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/code0/identities/provider/oidc.rb b/lib/code0/identities/provider/oidc.rb index 630e24e..bb8e99d 100644 --- a/lib/code0/identities/provider/oidc.rb +++ b/lib/code0/identities/provider/oidc.rb @@ -21,7 +21,7 @@ def user_details_url end def authorization_url - config[:authorization_url] + config[:authorization_url].gsub("{client_id}", config[:client_id]).gsub("{redirect_uri}", config[:redirect_uri]) end def create_identity(response, *) From e55461b1e09a6f2ac34f9cf6c8153ac0634728c8 Mon Sep 17 00:00:00 2001 From: Dario Date: Sun, 24 Nov 2024 14:55:58 +0100 Subject: [PATCH 5/5] fix too long line --- lib/code0/identities/provider/oidc.rb | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/lib/code0/identities/provider/oidc.rb b/lib/code0/identities/provider/oidc.rb index bb8e99d..d078bde 100644 --- a/lib/code0/identities/provider/oidc.rb +++ b/lib/code0/identities/provider/oidc.rb @@ -21,7 +21,9 @@ def user_details_url end def authorization_url - config[:authorization_url].gsub("{client_id}", config[:client_id]).gsub("{redirect_uri}", config[:redirect_uri]) + config[:authorization_url] + .gsub("{client_id}", config[:client_id]) + .gsub("{redirect_uri}", config[:redirect_uri]) end def create_identity(response, *)