From: Tom Hughes Date: Mon, 8 Jun 2015 16:11:24 +0000 (+0100) Subject: Add support for GitHub authentication X-Git-Tag: live~4441 X-Git-Url: https://git.openstreetmap.org./rails.git/commitdiff_plain/c70a1fe9334cf8978ae254d712a8e445e2fa1996?ds=sidebyside Add support for GitHub authentication --- diff --git a/Gemfile b/Gemfile index ad83e3a4e..07bb60c68 100644 --- a/Gemfile +++ b/Gemfile @@ -63,6 +63,7 @@ gem "omniauth-openid" gem "omniauth-google-oauth2", ">= 0.2.7" gem "omniauth-facebook" gem "omniauth-windowslive" +gem "omniauth-github" # Markdown formatting support gem "redcarpet" diff --git a/Gemfile.lock b/Gemfile.lock index 618af37ac..d8c141f69 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -170,6 +170,9 @@ GEM rack (>= 1.0, < 3) omniauth-facebook (3.0.0) omniauth-oauth2 (~> 1.2) + omniauth-github (1.1.2) + omniauth (~> 1.0) + omniauth-oauth2 (~> 1.1) omniauth-google-oauth2 (0.4.1) jwt (~> 1.5.2) multi_json (~> 1.3) @@ -331,6 +334,7 @@ DEPENDENCIES oauth-plugin (>= 0.5.1) omniauth omniauth-facebook + omniauth-github omniauth-google-oauth2 (>= 0.2.7) omniauth-openid omniauth-windowslive diff --git a/app/assets/images/github.png b/app/assets/images/github.png new file mode 100644 index 000000000..b797e243a Binary files /dev/null and b/app/assets/images/github.png differ diff --git a/app/views/user/login.html.erb b/app/views/user/login.html.erb index e6efdc5ce..3d28a770a 100644 --- a/app/views/user/login.html.erb +++ b/app/views/user/login.html.erb @@ -55,6 +55,9 @@ <% if defined?(WINDOWSLIVE_AUTH_ID) -%>
  • <%= auth_button "windowslive", "windowslive" %>
    • <% end -%> + <% if defined?(GITHUB_AUTH_ID) -%> +
  • <%= auth_button "github", "github" %>
    • + <% end -%>
  • <%= auth_button "yahoo", "openid", :openid_url => "yahoo.com" %>
  • <%= auth_button "wordpress", "openid", :openid_url => "wordpress.com" %>
  • <%= auth_button "aol", "openid", :openid_url => "aol.com" %>
    • diff --git a/config/example.application.yml b/config/example.application.yml index 5e2014ba9..895601944 100644 --- a/config/example.application.yml +++ b/config/example.application.yml @@ -105,6 +105,8 @@ defaults: &defaults #facebook_auth_secret: "" #windowslive_auth_id: "" #windowslive_auth_secret: "" + #github_auth_id: "" + #github_auth_secret: "" # MapQuest authentication details #mapquest_key: "" # Mapzen authentication details @@ -128,3 +130,5 @@ test: facebook_auth_secret: "dummy" windowslive_auth_id: "dummy" windowslive_auth_secret: "dummy" + github_auth_id: "dummy" + github_auth_secret: "dummy" diff --git a/config/initializers/omniauth.rb b/config/initializers/omniauth.rb index 610053141..f7d0c5f6a 100644 --- a/config/initializers/omniauth.rb +++ b/config/initializers/omniauth.rb @@ -23,6 +23,7 @@ openid_options = { :name => "openid", :store => openid_store } google_options = { :name => "google", :scope => "email", :access_type => "online" } facebook_options = { :name => "facebook", :scope => "email" } windowslive_options = { :name => "windowslive", :scope => "wl.signin,wl.emails" } +github_options = { :name => "github", :scope => "user:email" } if defined?(GOOGLE_OPENID_REALM) google_options[:openid_realm] = GOOGLE_OPENID_REALM @@ -33,6 +34,7 @@ Rails.application.config.middleware.use OmniAuth::Builder do provider :google_oauth2, GOOGLE_AUTH_ID, GOOGLE_AUTH_SECRET, google_options if defined?(GOOGLE_AUTH_ID) provider :facebook, FACEBOOK_AUTH_ID, FACEBOOK_AUTH_SECRET, facebook_options if defined?(FACEBOOK_AUTH_ID) provider :windowslive, WINDOWSLIVE_AUTH_ID, WINDOWSLIVE_AUTH_SECRET, windowslive_options if defined?(WINDOWSLIVE_AUTH_ID) + provider :github, GITHUB_AUTH_ID, GITHUB_AUTH_SECRET, github_options if defined?(GITHUB_AUTH_ID) end # Pending fix for: https://github.com/intridea/omniauth/pull/795 diff --git a/config/locales/en.yml b/config/locales/en.yml index 3a42e2bb0..321821d02 100644 --- a/config/locales/en.yml +++ b/config/locales/en.yml @@ -1735,6 +1735,9 @@ en: windowslive: title: Login with Windows Live alt: Login with a Windows Live Account + github: + title: Login with GitHub + alt: Login with a GitHub Account yahoo: title: Login with Yahoo alt: Login with a Yahoo OpenID diff --git a/lib/auth.rb b/lib/auth.rb index b00df09d0..16102ed20 100644 --- a/lib/auth.rb +++ b/lib/auth.rb @@ -3,5 +3,6 @@ module Auth providers["Google"] = "google" if defined?(GOOGLE_AUTH_ID) providers["Facebook"] = "facebook" if defined?(FACEBOOK_AUTH_ID) providers["Windows Live"] = "windowslive" if defined?(WINDOWSLIVE_AUTH_ID) + providers["GitHub"] = "github" if defined?(GITHUB_AUTH_ID) end.freeze end diff --git a/test/controllers/user_controller_test.rb b/test/controllers/user_controller_test.rb index 6a2769f17..8c3b8adcd 100644 --- a/test/controllers/user_controller_test.rb +++ b/test/controllers/user_controller_test.rb @@ -1334,7 +1334,7 @@ class UserControllerTest < ActionController::TestCase get :list, :page => 3 assert_response :success assert_template :list - assert_select "table#user_list tr", :count => 22 + assert_select "table#user_list tr", :count => 23 end def test_list_post_confirm diff --git a/test/fixtures/users.yml b/test/fixtures/users.yml index cb861ab93..74365904a 100644 --- a/test/fixtures/users.yml +++ b/test/fixtures/users.yml @@ -290,3 +290,17 @@ windowslive_user: terms_agreed: "2010-01-01 11:22:33" terms_seen: true languages: en + +github_user: + id: 22 + email: github-user@example.com + status: active + pass_crypt: <%= Digest::MD5.hexdigest('test') %> + creation_time: "2008-05-01 01:23:45" + display_name: githubuser + data_public: true + auth_provider: github + auth_uid: 123456789 + terms_agreed: "2010-01-01 11:22:33" + terms_seen: true + languages: en diff --git a/test/integration/user_creation_test.rb b/test/integration/user_creation_test.rb index 2bc17f711..d999b5fb5 100644 --- a/test/integration/user_creation_test.rb +++ b/test/integration/user_creation_test.rb @@ -16,6 +16,7 @@ class UserCreationTest < ActionDispatch::IntegrationTest OmniAuth.config.mock_auth[:google] = nil OmniAuth.config.mock_auth[:facebook] = nil OmniAuth.config.mock_auth[:windowslive] = nil + OmniAuth.config.mock_auth[:github] = nil OmniAuth.config.test_mode = false end @@ -609,4 +610,117 @@ class UserCreationTest < ActionDispatch::IntegrationTest assert_response :success assert_template "site/welcome" end + + def test_user_create_github_success + OmniAuth.config.add_mock(:github, :uid => "123454321") + + new_email = "newtester-github@osm.org" + display_name = "new_tester-github" + password = "testtest" + assert_difference("User.count") do + assert_difference("ActionMailer::Base.deliveries.size", 1) do + post "/user/new", + :user => { :email => new_email, :email_confirmation => new_email, :display_name => display_name, :auth_provider => "github", :pass_crypt => "", :pass_crypt_confirmation => "" } + assert_response :redirect + assert_redirected_to auth_path(:provider => "github", :origin => "/user/new") + follow_redirect! + assert_response :redirect + assert_redirected_to auth_success_path(:provider => "github", :origin => "/user/new") + follow_redirect! + assert_response :redirect + assert_redirected_to "/user/terms" + post "/user/save", + :user => { :email => new_email, :email_confirmation => new_email, :display_name => display_name, :auth_provider => "github", :auth_uid => "123454321", :pass_crypt => password, :pass_crypt_confirmation => password } + assert_response :redirect + follow_redirect! + end + end + + # Check the page + assert_response :success + assert_template "user/confirm" + + ActionMailer::Base.deliveries.clear + end + + def test_user_create_github_failure + OmniAuth.config.mock_auth[:github] = :connection_failed + + new_email = "newtester-github2@osm.org" + display_name = "new_tester-github2" + assert_difference("User.count", 0) do + assert_difference("ActionMailer::Base.deliveries.size", 0) do + post "/user/new", + :user => { :email => new_email, :email_confirmation => new_email, :display_name => display_name, :auth_provider => "github", :pass_crypt => "", :pass_crypt_confirmation => "" } + assert_response :redirect + assert_redirected_to auth_path(:provider => "github", :origin => "/user/new") + follow_redirect! + assert_response :redirect + assert_redirected_to auth_success_path(:provider => "github", :origin => "/user/new") + follow_redirect! + assert_response :redirect + assert_redirected_to auth_failure_path(:strategy => "github", :message => "connection_failed", :origin => "/user/new") + follow_redirect! + assert_response :redirect + follow_redirect! + assert_response :success + assert_template "user/new" + end + end + + ActionMailer::Base.deliveries.clear + end + + def test_user_create_github_redirect + OmniAuth.config.add_mock(:github, :uid => "123454321") + + new_email = "redirect_tester_github@osm.org" + display_name = "redirect_tester_github" + # nothing special about this page, just need a protected page to redirect back to. + referer = "/traces/mine" + assert_difference("User.count") do + assert_difference("ActionMailer::Base.deliveries.size", 1) do + post "/user/new", + :user => { :email => new_email, :email_confirmation => new_email, :display_name => display_name, :auth_provider => "github", :pass_crypt => "", :pass_crypt_confirmation => "" }, :referer => referer + assert_response :redirect + assert_redirected_to auth_path(:provider => "github", :origin => "/user/new") + follow_redirect! + assert_response :redirect + assert_redirected_to auth_success_path(:provider => "github", :origin => "/user/new") + follow_redirect! + assert_response :redirect + assert_redirected_to "/user/terms" + post_via_redirect "/user/save", + :user => { :email => new_email, :email_confirmation => new_email, :display_name => display_name, :auth_provider => "github", :auth_uid => "http://localhost:1123/new.tester", :pass_crypt => "testtest", :pass_crypt_confirmation => "testtest" } + end + end + + # Check the e-mail + register_email = ActionMailer::Base.deliveries.first + + assert_equal register_email.to[0], new_email + # Check that the confirm account url is correct + confirm_regex = Regexp.new("/user/redirect_tester_github/confirm\\?confirm_string=([a-zA-Z0-9]*)") + register_email.parts.each do |part| + assert_match confirm_regex, part.body.to_s + end + confirm_string = register_email.parts[0].body.match(confirm_regex)[1] + + # Check the page + assert_response :success + assert_template "user/confirm" + + ActionMailer::Base.deliveries.clear + + # Go to the confirmation page + get "/user/#{display_name}/confirm", :confirm_string => confirm_string + assert_response :success + assert_template "user/confirm" + + post "/user/#{display_name}/confirm", :confirm_string => confirm_string + assert_response :redirect + follow_redirect! + assert_response :success + assert_template "site/welcome" + end end diff --git a/test/integration/user_login_test.rb b/test/integration/user_login_test.rb index 155905ca9..c13dbfaab 100644 --- a/test/integration/user_login_test.rb +++ b/test/integration/user_login_test.rb @@ -12,6 +12,7 @@ class UserLoginTest < ActionDispatch::IntegrationTest OmniAuth.config.mock_auth[:google] = nil OmniAuth.config.mock_auth[:facebook] = nil OmniAuth.config.mock_auth[:windowslive] = nil + OmniAuth.config.mock_auth[:github] = nil OmniAuth.config.test_mode = false end @@ -729,6 +730,94 @@ class UserLoginTest < ActionDispatch::IntegrationTest assert_select "span.username", false end + def test_login_github_success + OmniAuth.config.add_mock(:github, :uid => "123456789") + + get "/login", :referer => "/history" + assert_response :redirect + assert_redirected_to "controller" => "user", "action" => "login", "cookie_test" => "true", "referer" => "/history" + follow_redirect! + assert_response :success + assert_template "user/login" + get auth_path(:provider => "github", :origin => "/login?referer=%2Fhistory", :referer => "/history") + assert_response :redirect + assert_redirected_to auth_success_path(:provider => "github", :origin => "/login?referer=%2Fhistory", :referer => "/history") + follow_redirect! + assert_response :redirect + follow_redirect! + assert_response :success + assert_template "changeset/history" + assert_select "span.username", "githubuser" + end + + def test_login_github_connection_failed + OmniAuth.config.mock_auth[:github] = :connection_failed + + get "/login", :referer => "/history" + assert_response :redirect + assert_redirected_to "controller" => "user", "action" => "login", "cookie_test" => "true", "referer" => "/history" + follow_redirect! + assert_response :success + assert_template "user/login" + get auth_path(:provider => "github", :origin => "/login?referer=%2Fhistory", :referer => "/history") + assert_response :redirect + assert_redirected_to auth_success_path(:provider => "github", :origin => "/login?referer=%2Fhistory", :referer => "/history") + follow_redirect! + assert_response :redirect + assert_redirected_to auth_failure_path(:strategy => "github", :message => "connection_failed", :origin => "/login?referer=%2Fhistory") + follow_redirect! + assert_response :redirect + follow_redirect! + assert_response :success + assert_template "login" + assert_select "div.flash.error", "Connection to authentication provider failed" + assert_select "span.username", false + end + + def test_login_github_invalid_credentials + OmniAuth.config.mock_auth[:github] = :invalid_credentials + + get "/login", :referer => "/history" + assert_response :redirect + assert_redirected_to "controller" => "user", "action" => "login", "cookie_test" => "true", "referer" => "/history" + follow_redirect! + assert_response :success + assert_template "user/login" + get auth_path(:provider => "github", :origin => "/login?referer=%2Fhistory", :referer => "/history") + assert_response :redirect + assert_redirected_to auth_success_path(:provider => "github", :origin => "/login?referer=%2Fhistory", :referer => "/history") + follow_redirect! + assert_response :redirect + assert_redirected_to auth_failure_path(:strategy => "github", :message => "invalid_credentials", :origin => "/login?referer=%2Fhistory") + follow_redirect! + assert_response :redirect + follow_redirect! + assert_response :success + assert_template "login" + assert_select "div.flash.error", "Invalid authentication credentials" + assert_select "span.username", false + end + + def test_login_github_unknown + OmniAuth.config.add_mock(:github, :uid => "987654321") + + get "/login", :referer => "/history" + assert_response :redirect + assert_redirected_to "controller" => "user", "action" => "login", "cookie_test" => "true", "referer" => "/history" + follow_redirect! + assert_response :success + assert_template "user/login" + get auth_path(:provider => "github", :origin => "/login?referer=%2Fhistory", :referer => "/history") + assert_response :redirect + assert_redirected_to auth_success_path(:provider => "github", :origin => "/login?referer=%2Fhistory", :referer => "/history") + follow_redirect! + assert_response :redirect + follow_redirect! + assert_response :success + assert_template "user/new" + assert_select "span.username", false + end + private def try_password_login(username, password, remember_me = nil) diff --git a/test/models/user_test.rb b/test/models/user_test.rb index 4a8d9a894..1c58acc61 100644 --- a/test/models/user_test.rb +++ b/test/models/user_test.rb @@ -163,7 +163,7 @@ class UserTest < ActiveSupport::TestCase end def test_visible - assert_equal 19, User.visible.count + assert_equal 20, User.visible.count assert_raise ActiveRecord::RecordNotFound do User.visible.find(users(:suspended_user).id) end @@ -173,7 +173,7 @@ class UserTest < ActiveSupport::TestCase end def test_active - assert_equal 18, User.active.count + assert_equal 19, User.active.count assert_raise ActiveRecord::RecordNotFound do User.active.find(users(:inactive_user).id) end @@ -186,7 +186,7 @@ class UserTest < ActiveSupport::TestCase end def test_identifiable - assert_equal 20, User.identifiable.count + assert_equal 21, User.identifiable.count assert_raise ActiveRecord::RecordNotFound do User.identifiable.find(users(:normal_user).id) end