Basic Auth0 strategy based on OAuth 2.0

- Require client_id, client_secret and domain on init
- Use auth0 paths for OAuth
- Handled non-http domain
- Guardfile and test

Author: hzalaz

.rubocop.yml

@@ -0,0 +1,5 @@
+Style/BlockLength:
+  Exclude:
+    - 'Rakefile'
+    - '**/*.rake'
+    - 'spec/**/*.rb'

Guardfile

@@ -1,5 +1,5 @@
 guard :rspec, cmd: 'bundle exec rspec' do
   watch(%r{^spec/.+_spec\.rb$})
-  watch(%r{^lib/(.+)\.rb$})     { |m| "spec/lib/#{m[1]}_spec.rb" }
+  watch(%r{^lib/(.+)\.rb$})     { |m| "spec/#{m[1]}_spec.rb" }
   watch('spec/spec_helper.rb')  { "spec" }
 end

Rakefile

@@ -26,4 +26,3 @@ task test: :spec
 task :guard do
   system 'bundle exec guard'
 end
-end

examples/sinatra/app.rb

@@ -2,11 +2,11 @@
 require 'omniauth-auth0'
 require 'dotenv/load'
 
-use Rack::Session::Cookie
 use OmniAuth::Builder do
-  provider :auth0, ENV['CLIENT_ID'], ENV['CLIENT_SECRET']
+  provider :auth0, ENV['CLIENT_ID'], ENV['CLIENT_SECRET'], ENV['DOMAIN']
 end
 
+enable :sessions
 set :session_secret, ENV['SESSION_SECRET']
 
 get '/' do

lib/omniauth/strategies/auth0.rb

@@ -1,4 +1,5 @@
 require 'base64'
+require 'uri'
 require 'omniauth-oauth2'
 
 module OmniAuth
@@ -7,17 +8,20 @@ module Strategies
     class Auth0 < OmniAuth::Strategies::OAuth2
       option :name, 'auth0'
 
-      option :client_options, {
-        authorize_url: '/authorize',
-        token_url: '/oauth/token',
-        userinfo_url: '/userinfo'
-      }
-
       args [
         :client_id,
-        :client_secret
+        :client_secret,
+        :domain
       ]
 
+      def client
+        options.client_options.site = domain_url
+        options.client_options.authorize_url = '/authorize'
+        options.client_options.token_url = '/oauth/token'
+        options.client_options.userinfo_url = '/userinfo'
+        super
+      end
+
       uid { raw_info['sub'] }
 
       extra do
@@ -27,6 +31,14 @@ class Auth0 < OmniAuth::Strategies::OAuth2
       info do
         {}
       end
+
+      private
+
+      def domain_url
+        domain_url = URI(options.domain)
+        domain_url = URI("https://#{domain_url}") if domain_url.scheme.nil?
+        domain_url.to_s
+      end
     end
   end
 end

spec/omniauth/strategies/auth0_spec.rb

@@ -0,0 +1,65 @@
+require 'spec_helper'
+
+RSpec.shared_examples 'site has valid domain url' do |url|
+  it { expect(subject.site).to eq(url) }
+end
+
+describe OmniAuth::Strategies::Auth0 do
+  let(:client_id) { 'CLIENT_ID' }
+  let(:client_secret) { 'CLIENT_SECRET' }
+  let(:domain_url) { 'https://samples.auth0.com' }
+  let(:app) do
+    lambda do
+      [200, {}, ['Hello.']]
+    end
+  end
+  let(:auth0) do
+    OmniAuth::Strategies::Auth0.new(app, client_id, client_secret, domain_url)
+  end
+
+  describe 'client_options' do
+    let(:subject) { auth0.client }
+
+    context 'domain with https' do
+      let(:domain_url) { 'https://samples.auth0.com' }
+      it_behaves_like 'site has valid domain url', 'https://samples.auth0.com'
+    end
+
+    context 'domain with http' do
+      let(:domain_url) { 'http://mydomain.com' }
+      it_behaves_like 'site has valid domain url', 'http://mydomain.com'
+    end
+
+    context 'domain with host only' do
+      let(:domain_url) { 'samples.auth0.com' }
+      it_behaves_like 'site has valid domain url', 'https://samples.auth0.com'
+    end
+
+    it 'should have correct authorize path' do
+      expect(subject.options[:authorize_url]).to eq('/authorize')
+    end
+
+    it 'should have the correct userinfo path' do
+      expect(subject.options[:userinfo_url]).to eq('/userinfo')
+    end
+
+    it 'should have the correct token path' do
+      expect(subject.options[:token_url]).to eq('/oauth/token')
+    end
+  end
+
+  describe 'options' do
+    let(:subject) { auth0.options }
+
+    it 'should have the correct client_id' do
+      expect(subject[:client_id]).to eq(client_id)
+    end
+
+    it 'should have the correct client secret' do
+      expect(subject[:client_secret]).to eq(client_secret)
+    end
+    it 'should have correct domain' do
+      expect(subject[:domain]).to eq(domain_url)
+    end
+  end
+end