From 69b967c9ff7c185f99ba881a8b8591c02c809628 Mon Sep 17 00:00:00 2001 From: Tom Hughes Date: Fri, 17 Jun 2016 16:47:03 +0100 Subject: [PATCH] Add support for Wikimedia authentication Closes #1146 --- Gemfile | 1 + Gemfile.lock | 7 ++ app/assets/images/wikipedia.png | Bin 0 -> 2854 bytes app/views/user/login.html.erb | 3 + config/example.application.yml | 4 + config/initializers/omniauth.rb | 2 + config/locales/en.yml | 3 + lib/auth.rb | 1 + test/controllers/user_controller_test.rb | 2 +- test/fixtures/users.yml | 14 +++ test/integration/user_creation_test.rb | 114 +++++++++++++++++++++++ test/integration/user_login_test.rb | 89 ++++++++++++++++++ test/models/user_test.rb | 6 +- 13 files changed, 242 insertions(+), 4 deletions(-) create mode 100644 app/assets/images/wikipedia.png diff --git a/Gemfile b/Gemfile index 829403819..ef93f0d8f 100644 --- a/Gemfile +++ b/Gemfile @@ -64,6 +64,7 @@ gem "omniauth-google-oauth2", ">= 0.2.7" gem "omniauth-facebook" gem "omniauth-windowslive" gem "omniauth-github" +gem "omniauth-mediawiki", ">= 0.0.3" # Markdown formatting support gem "redcarpet" diff --git a/Gemfile.lock b/Gemfile.lock index 181da7f09..5ad974190 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -190,6 +190,12 @@ GEM multi_json (~> 1.3) omniauth (>= 1.1.1) omniauth-oauth2 (>= 1.3.1) + omniauth-mediawiki (0.0.3) + jwt (~> 1.0) + omniauth-oauth (~> 1.0) + omniauth-oauth (1.1.0) + oauth + omniauth (~> 1.0) omniauth-oauth2 (1.4.0) oauth2 (~> 1.0) omniauth (~> 1.2) @@ -353,6 +359,7 @@ DEPENDENCIES omniauth-facebook omniauth-github omniauth-google-oauth2 (>= 0.2.7) + omniauth-mediawiki (>= 0.0.3) omniauth-openid omniauth-windowslive paperclip (~> 4.0) diff --git a/app/assets/images/wikipedia.png b/app/assets/images/wikipedia.png new file mode 100644 index 0000000000000000000000000000000000000000..784c18477bca31ab5dbad93478fa1950a19859e6 GIT binary patch literal 2854 zcmV+>3)%FEP) zK~z}7&6w?P9M^TmfA`Mp%q+Pi#rHQ^BqdssEh|!NNRAadfnD2hoC0kPHw^-$K-<5l zK)x8MKeuq&phg|HK!c*To1kq9TC^nUT_P>6_=RD^K=bYnrXvr_zbk3o)rjsPU^&d4F4K_BmzVe*^Wt*RWevekG#l7|W zeE)mj`@(ZsmZ5dQz(DQbMT(-}{`xwbo7+rIjPvQmWvp{7E*|5|>1Xgf@3GGkk8@e8 z)n;X7g)Gl;!1L$M(cjfW?ewytz!-s|* zYnh@b$g&I}1ofRd^?IG9r6o2tHn@4?20;)I1Oa)LffO8>o5NVck@*FtXJ$ydUH;`? zKW1lV=kYFc&atyorzkX@=V6Uy`SNAnc>T4<0@6xz>((s>hX&DFBZOpaZIwgABdo2i zvADQMH|vsRSV=a`Wa*Zr{Gm*|Xndaq$?r(x^PgI)^caLKk$B1ZxdN zVNhCwv!rQO?i)j=6Lak70^fP*#fN~j)@*KW5yvstR#v$1;Hc;b7Kl}kf5R{~j;|{BL?{eqP9iDscIfV51_>+I*!GmoozE2c|EG;cjsZ@Hz zSA=1RwHDv^F~%UJ1P4+|f*`tyZzt9)zZ~meJ8so__i%78jpnWMmXm6og@fvz9xzZ=<#5pZ@Vf z-u}U#kfvP~-vfe>`NDF}%Wf`NfS*4OWIbnzGh$KKu^+YcTf;y8Bgb{ioCLP$JM za_{~+YpZt|8ahN61}rZxv$V9tTW`I^n{U2(U?HtFTU%R9OiW^o;o7yU+_`m|k+CsE zk5|V}o?v@>8*3bCH^q|@q=(iTr8HUAMdgZStHrmTKVMoXZpTc|Orw-WO3CcZ3@461 zS^Bytc=z3R0odK$Jtzy#xiWmMLx?hko;>*!)u_scAACSmt@5o47Z6AW2ZzYBoFEKI zk_3mtIfvG&EIoOSl!E)~>xf39;g&BhbMezp`LnFH^bG%X`a7ZgQNMqal|H%-vG0O^tE8F3sF zw_`>|N0815lv2zuERZBAS{Hbp1Oxz{=X34qRW>#@_^Y4(luD&Snxq^#a)g=L8KS7# zvk*83#uUuV%n-*hrqEy=X_^2fhm^|k{0c!Bl{Yv@lazYBj#dh3j3x{t+U*u$6yp0n zK@b8CAtitN-g_LGo8#R1^K7hduyW-J)oPV`z0S_g4m&#!$g+H2u;5%-Rw|VWVHhE# zAkT8T-GnHt5=DLN*Yh&N3$kvCDGCr0DTLtAp&{ny=W*7N=Na8@igONUEo0;3T)naa zz|_RpH z#uVlNjB}1oJI3=poD&G3QE%|x-~2V!mSpxk4`UqNw9IpZgM;+fYE+{TKL~;Y(v_wZ zNGWj6Vy(dQe5R(Sc>2^S{_-b3!4!r#Zey)wKdEZ1NYk{eS;o*`tKppEv(G-`?wz|l z``oi-notUaz&X%5$Cv_ZOKMcBeT~nR%y3mJWpbbMJbIj25Su`pL&`w zj7T~ic6WE_>+8ew{9Y9LWLZWShNYW(nOtkl?CdNzZ`|OXV;o!C+no8v>4%DOaBzs>kztflSZfgoGL;j@F-qkGL5Op3 z`O+m?%_i5cU+cNE72t92CWNZuLMcYCs!G!C@2bpDGJgg;e`tqsMQ7@)zs6|)6@nAFvj4VBTW(t zV~|2(t)o$I^xWxD2`cRD?DPPYZj0j>&#z#NExQb3C`@sn7PZzm>(II&NfP3A8)Gc% z>-YJiKl}rv6pwZtK@c!GIZ3nGEM4Io72l`gdsu6E=JaXW?KV*qaqiqX;&x1$rbsC< z#()r{Ns8x5v@S438Ks`*^Y=gh8M}=Jue|m;)>)L+SnEiVHh=o#A2TyM^TmDH+S=#j zc}}hrz9)P9aUj51M;L|_MFB#P=Q$PMFRfA(v|25qs7$O{YjUN~TGMK^xOMX;6O$7- z1WA&RXBnrSImMfAyzxJ>_hVY=xw#|k?d_3t60F^q8fAmFuaBK`#O*dXhf*4)6}r#_ zLBP&V9i&tIP3uY>l;<2ie3;i?{k=!Pd|~HmjNzC6{7Wi9NUhdSf9+w5 zT2_0crFi!2 zSzdnmyI(jb5MMQpX|>wiym^!Q?k-XY!XRXGYYTzH^L-v{Z!B)yd3dQHKrufD?Q$jH|k+lc?`z$%VAY;11QZnfz28p-C~9?fQx$*C!#C?X6) zMn^}OpPN4z(R|${ewzu}eiGfkq?8BO|96SswUOR`15d=>obQ!+r2qf`07*qoM6N<$ Eg8fl*asU7T literal 0 HcmV?d00001 diff --git a/app/views/user/login.html.erb b/app/views/user/login.html.erb index 3d28a770a..26bb80895 100644 --- a/app/views/user/login.html.erb +++ b/app/views/user/login.html.erb @@ -58,6 +58,9 @@ <% if defined?(GITHUB_AUTH_ID) -%>
  • <%= auth_button "github", "github" %>
  • <% end -%> + <% if defined?(WIKIPEDIA_AUTH_ID) -%> +
  • <%= auth_button "wikipedia", "wikipedia" %>
  • + <% end -%>
  • <%= auth_button "yahoo", "openid", :openid_url => "yahoo.com" %>
  • <%= auth_button "wordpress", "openid", :openid_url => "wordpress.com" %>
  • <%= auth_button "aol", "openid", :openid_url => "aol.com" %>
  • diff --git a/config/example.application.yml b/config/example.application.yml index b5d4db363..fd388ad88 100644 --- a/config/example.application.yml +++ b/config/example.application.yml @@ -107,6 +107,8 @@ defaults: &defaults #windowslive_auth_secret: "" #github_auth_id: "" #github_auth_secret: "" + #wikipedia_auth_id: "" + #wikipedia_auth_secret: "" # MapQuest authentication details #mapquest_key: "" # Mapzen authentication details @@ -134,3 +136,5 @@ test: windowslive_auth_secret: "dummy" github_auth_id: "dummy" github_auth_secret: "dummy" + wikipedia_auth_id: "dummy" + wikipedia_auth_secret: "dummy" diff --git a/config/initializers/omniauth.rb b/config/initializers/omniauth.rb index f7d0c5f6a..790413721 100644 --- a/config/initializers/omniauth.rb +++ b/config/initializers/omniauth.rb @@ -24,6 +24,7 @@ google_options = { :name => "google", :scope => "email", :access_type => "online facebook_options = { :name => "facebook", :scope => "email" } windowslive_options = { :name => "windowslive", :scope => "wl.signin,wl.emails" } github_options = { :name => "github", :scope => "user:email" } +wikipedia_options = { :name => "wikipedia", :client_options => { :site => "https://commons.wikimedia.org" } } if defined?(GOOGLE_OPENID_REALM) google_options[:openid_realm] = GOOGLE_OPENID_REALM @@ -35,6 +36,7 @@ Rails.application.config.middleware.use OmniAuth::Builder do provider :facebook, FACEBOOK_AUTH_ID, FACEBOOK_AUTH_SECRET, facebook_options if defined?(FACEBOOK_AUTH_ID) provider :windowslive, WINDOWSLIVE_AUTH_ID, WINDOWSLIVE_AUTH_SECRET, windowslive_options if defined?(WINDOWSLIVE_AUTH_ID) provider :github, GITHUB_AUTH_ID, GITHUB_AUTH_SECRET, github_options if defined?(GITHUB_AUTH_ID) + provider :mediawiki, WIKIPEDIA_AUTH_ID, WIKIPEDIA_AUTH_SECRET, wikipedia_options if defined?(WIKIPEDIA_AUTH_ID) end # Pending fix for: https://github.com/intridea/omniauth/pull/795 diff --git a/config/locales/en.yml b/config/locales/en.yml index 2681fde86..1b7c113b0 100644 --- a/config/locales/en.yml +++ b/config/locales/en.yml @@ -1746,6 +1746,9 @@ en: github: title: Login with GitHub alt: Login with a GitHub Account + wikipedia: + title: Login with Wikipedia + alt: Login with a Wikipedia Account yahoo: title: Login with Yahoo alt: Login with a Yahoo OpenID diff --git a/lib/auth.rb b/lib/auth.rb index 16102ed20..434994329 100644 --- a/lib/auth.rb +++ b/lib/auth.rb @@ -4,5 +4,6 @@ module Auth providers["Facebook"] = "facebook" if defined?(FACEBOOK_AUTH_ID) providers["Windows Live"] = "windowslive" if defined?(WINDOWSLIVE_AUTH_ID) providers["GitHub"] = "github" if defined?(GITHUB_AUTH_ID) + providers["Wikipedia"] = "wikipedia" if defined?(WIKIPEDIA_AUTH_ID) end.freeze end diff --git a/test/controllers/user_controller_test.rb b/test/controllers/user_controller_test.rb index e309b1662..95eccb2c5 100644 --- a/test/controllers/user_controller_test.rb +++ b/test/controllers/user_controller_test.rb @@ -1384,7 +1384,7 @@ class UserControllerTest < ActionController::TestCase get :list, :page => 3 assert_response :success assert_template :list - assert_select "table#user_list tr", :count => 25 + assert_select "table#user_list tr", :count => 26 end def test_list_post_confirm diff --git a/test/fixtures/users.yml b/test/fixtures/users.yml index bee5aa282..18b33f6bf 100644 --- a/test/fixtures/users.yml +++ b/test/fixtures/users.yml @@ -333,3 +333,17 @@ second_gravatar_user: terms_agreed: "2010-01-01 11:22:33" terms_seen: true creation_ip: "1.2.3.4" + +wikipedia_user: + id: 25 + email: wikipedia-user@example.com + status: active + pass_crypt: <%= Digest::MD5.hexdigest('test') %> + creation_time: "2008-05-01 01:23:45" + display_name: wikipediauser + data_public: true + auth_provider: wikipedia + auth_uid: 123456789 + terms_agreed: "2010-01-01 11:22:33" + terms_seen: true + languages: en diff --git a/test/integration/user_creation_test.rb b/test/integration/user_creation_test.rb index cdf4fcfe9..db35be5f3 100644 --- a/test/integration/user_creation_test.rb +++ b/test/integration/user_creation_test.rb @@ -19,6 +19,7 @@ class UserCreationTest < ActionDispatch::IntegrationTest OmniAuth.config.mock_auth[:facebook] = nil OmniAuth.config.mock_auth[:windowslive] = nil OmniAuth.config.mock_auth[:github] = nil + OmniAuth.config.mock_auth[:wikipedia] = nil OmniAuth.config.test_mode = false end @@ -725,4 +726,117 @@ class UserCreationTest < ActionDispatch::IntegrationTest assert_response :success assert_template "site/welcome" end + + def test_user_create_wikipedia_success + OmniAuth.config.add_mock(:wikipedia, :uid => "123454321") + + new_email = "newtester-wikipedia@osm.org" + display_name = "new_tester-wikipedia" + password = "testtest" + assert_difference("User.count") do + assert_difference("ActionMailer::Base.deliveries.size", 1) do + post "/user/new", + :user => { :email => new_email, :email_confirmation => new_email, :display_name => display_name, :auth_provider => "wikipedia", :pass_crypt => "", :pass_crypt_confirmation => "" } + assert_response :redirect + assert_redirected_to auth_path(:provider => "wikipedia", :origin => "/user/new") + follow_redirect! + assert_response :redirect + assert_redirected_to auth_success_path(:provider => "wikipedia", :origin => "/user/new") + follow_redirect! + assert_response :redirect + assert_redirected_to "/user/terms" + post "/user/save", + :user => { :email => new_email, :email_confirmation => new_email, :display_name => display_name, :auth_provider => "wikipedia", :auth_uid => "123454321", :pass_crypt => password, :pass_crypt_confirmation => password } + assert_response :redirect + follow_redirect! + end + end + + # Check the page + assert_response :success + assert_template "user/confirm" + + ActionMailer::Base.deliveries.clear + end + + def test_user_create_wikipedia_failure + OmniAuth.config.mock_auth[:wikipedia] = :connection_failed + + new_email = "newtester-wikipedia2@osm.org" + display_name = "new_tester-wikipedia2" + assert_difference("User.count", 0) do + assert_difference("ActionMailer::Base.deliveries.size", 0) do + post "/user/new", + :user => { :email => new_email, :email_confirmation => new_email, :display_name => display_name, :auth_provider => "wikipedia", :pass_crypt => "", :pass_crypt_confirmation => "" } + assert_response :redirect + assert_redirected_to auth_path(:provider => "wikipedia", :origin => "/user/new") + follow_redirect! + assert_response :redirect + assert_redirected_to auth_success_path(:provider => "wikipedia", :origin => "/user/new") + follow_redirect! + assert_response :redirect + assert_redirected_to auth_failure_path(:strategy => "wikipedia", :message => "connection_failed", :origin => "/user/new") + follow_redirect! + assert_response :redirect + follow_redirect! + assert_response :success + assert_template "user/new" + end + end + + ActionMailer::Base.deliveries.clear + end + + def test_user_create_wikipedia_redirect + OmniAuth.config.add_mock(:wikipedia, :uid => "123454321") + + new_email = "redirect_tester_wikipedia@osm.org" + display_name = "redirect_tester_wikipedia" + # nothing special about this page, just need a protected page to redirect back to. + referer = "/traces/mine" + assert_difference("User.count") do + assert_difference("ActionMailer::Base.deliveries.size", 1) do + post "/user/new", + :user => { :email => new_email, :email_confirmation => new_email, :display_name => display_name, :auth_provider => "wikipedia", :pass_crypt => "", :pass_crypt_confirmation => "" }, :referer => referer + assert_response :redirect + assert_redirected_to auth_path(:provider => "wikipedia", :origin => "/user/new") + follow_redirect! + assert_response :redirect + assert_redirected_to auth_success_path(:provider => "wikipedia", :origin => "/user/new") + follow_redirect! + assert_response :redirect + assert_redirected_to "/user/terms" + post_via_redirect "/user/save", + :user => { :email => new_email, :email_confirmation => new_email, :display_name => display_name, :auth_provider => "wikipedia", :auth_uid => "http://localhost:1123/new.tester", :pass_crypt => "testtest", :pass_crypt_confirmation => "testtest" } + end + end + + # Check the e-mail + register_email = ActionMailer::Base.deliveries.first + + assert_equal register_email.to[0], new_email + # Check that the confirm account url is correct + confirm_regex = Regexp.new("/user/redirect_tester_wikipedia/confirm\\?confirm_string=([a-zA-Z0-9]*)") + register_email.parts.each do |part| + assert_match confirm_regex, part.body.to_s + end + confirm_string = register_email.parts[0].body.match(confirm_regex)[1] + + # Check the page + assert_response :success + assert_template "user/confirm" + + ActionMailer::Base.deliveries.clear + + # Go to the confirmation page + get "/user/#{display_name}/confirm", :confirm_string => confirm_string + assert_response :success + assert_template "user/confirm" + + post "/user/#{display_name}/confirm", :confirm_string => confirm_string + assert_response :redirect + follow_redirect! + assert_response :success + assert_template "site/welcome" + end end diff --git a/test/integration/user_login_test.rb b/test/integration/user_login_test.rb index d027334d0..e442eba68 100644 --- a/test/integration/user_login_test.rb +++ b/test/integration/user_login_test.rb @@ -13,6 +13,7 @@ class UserLoginTest < ActionDispatch::IntegrationTest OmniAuth.config.mock_auth[:facebook] = nil OmniAuth.config.mock_auth[:windowslive] = nil OmniAuth.config.mock_auth[:github] = nil + OmniAuth.config.mock_auth[:wikipedia] = nil OmniAuth.config.test_mode = false end @@ -824,6 +825,94 @@ class UserLoginTest < ActionDispatch::IntegrationTest assert_select "span.username", false end + def test_login_wikipedia_success + OmniAuth.config.add_mock(:wikipedia, :uid => "123456789") + + get "/login", :referer => "/history" + assert_response :redirect + assert_redirected_to "controller" => "user", "action" => "login", "cookie_test" => "true", "referer" => "/history" + follow_redirect! + assert_response :success + assert_template "user/login" + get auth_path(:provider => "wikipedia", :origin => "/login?referer=%2Fhistory", :referer => "/history") + assert_response :redirect + assert_redirected_to auth_success_path(:provider => "wikipedia", :origin => "/login?referer=%2Fhistory", :referer => "/history") + follow_redirect! + assert_response :redirect + follow_redirect! + assert_response :success + assert_template "changeset/history" + assert_select "span.username", "wikipediauser" + end + + def test_login_wikipedia_connection_failed + OmniAuth.config.mock_auth[:wikipedia] = :connection_failed + + get "/login", :referer => "/history" + assert_response :redirect + assert_redirected_to "controller" => "user", "action" => "login", "cookie_test" => "true", "referer" => "/history" + follow_redirect! + assert_response :success + assert_template "user/login" + get auth_path(:provider => "wikipedia", :origin => "/login?referer=%2Fhistory", :referer => "/history") + assert_response :redirect + assert_redirected_to auth_success_path(:provider => "wikipedia", :origin => "/login?referer=%2Fhistory", :referer => "/history") + follow_redirect! + assert_response :redirect + assert_redirected_to auth_failure_path(:strategy => "wikipedia", :message => "connection_failed", :origin => "/login?referer=%2Fhistory") + follow_redirect! + assert_response :redirect + follow_redirect! + assert_response :success + assert_template "login" + assert_select "div.flash.error", "Connection to authentication provider failed" + assert_select "span.username", false + end + + def test_login_wikipedia_invalid_credentials + OmniAuth.config.mock_auth[:wikipedia] = :invalid_credentials + + get "/login", :referer => "/history" + assert_response :redirect + assert_redirected_to "controller" => "user", "action" => "login", "cookie_test" => "true", "referer" => "/history" + follow_redirect! + assert_response :success + assert_template "user/login" + get auth_path(:provider => "wikipedia", :origin => "/login?referer=%2Fhistory", :referer => "/history") + assert_response :redirect + assert_redirected_to auth_success_path(:provider => "wikipedia", :origin => "/login?referer=%2Fhistory", :referer => "/history") + follow_redirect! + assert_response :redirect + assert_redirected_to auth_failure_path(:strategy => "wikipedia", :message => "invalid_credentials", :origin => "/login?referer=%2Fhistory") + follow_redirect! + assert_response :redirect + follow_redirect! + assert_response :success + assert_template "login" + assert_select "div.flash.error", "Invalid authentication credentials" + assert_select "span.username", false + end + + def test_login_wikipedia_unknown + OmniAuth.config.add_mock(:wikipedia, :uid => "987654321") + + get "/login", :referer => "/history" + assert_response :redirect + assert_redirected_to "controller" => "user", "action" => "login", "cookie_test" => "true", "referer" => "/history" + follow_redirect! + assert_response :success + assert_template "user/login" + get auth_path(:provider => "wikipedia", :origin => "/login?referer=%2Fhistory", :referer => "/history") + assert_response :redirect + assert_redirected_to auth_success_path(:provider => "wikipedia", :origin => "/login?referer=%2Fhistory", :referer => "/history") + follow_redirect! + assert_response :redirect + follow_redirect! + assert_response :success + assert_template "user/new" + assert_select "span.username", false + end + private def try_password_login(username, password, remember_me = nil) diff --git a/test/models/user_test.rb b/test/models/user_test.rb index b7b37d3b4..f8f46cfaf 100644 --- a/test/models/user_test.rb +++ b/test/models/user_test.rb @@ -161,7 +161,7 @@ class UserTest < ActiveSupport::TestCase end def test_visible - assert_equal 22, User.visible.count + assert_equal 23, User.visible.count assert_raise ActiveRecord::RecordNotFound do User.visible.find(users(:suspended_user).id) end @@ -171,7 +171,7 @@ class UserTest < ActiveSupport::TestCase end def test_active - assert_equal 21, User.active.count + assert_equal 22, User.active.count assert_raise ActiveRecord::RecordNotFound do User.active.find(users(:inactive_user).id) end @@ -184,7 +184,7 @@ class UserTest < ActiveSupport::TestCase end def test_identifiable - assert_equal 23, User.identifiable.count + assert_equal 24, User.identifiable.count assert_raise ActiveRecord::RecordNotFound do User.identifiable.find(users(:normal_user).id) end -- 2.39.5