Coder Social home page Coder Social logo

omniauth_crowd's Introduction

omniauth_crowd

The omniauth_crowd library is an OmniAuth provider that supports authentication against Atlassian Crowd REST apis.

Build Status

Helpful links

Install and use

1. Add the OmniAuth Crowd REST plugin to your Gemfile

gem 'omniauth', '>= 1.0.0'  # We depend on this
gem "omniauth_crowd"

2. You will need to configure OmniAuth to use your crowd authentication. This is generally done in Rails in the config/initializers/omniauth.rb with...

Rails.application.config.middleware.use OmniAuth::Builder do
  provider :crowd, :crowd_server_url=>"https://crowd.mycompanyname.com/crowd", :application_name=>"app", :application_password=>"password"
end

You will need to supply the correct server URL, application name and password

Contributing to omniauth_crowd

  • Check out the latest master to make sure the feature hasn't been implemented or the bug hasn't been fixed yet
  • Check out the issue tracker to make sure someone already hasn't requested it and/or contributed it
  • Fork the project
  • Start a feature/bugfix branch
  • Commit and push until you are happy with your contribution
  • Make sure to add tests for it. This is important so I don't break it in a future version unintentionally.
  • Please try not to mess with the Rakefile, version, or history. If you want to have your own version, or is otherwise necessary, that is fine, but please isolate to its own commit so I can cherry-pick around it.

Copyright

Copyright (c) 2011-14 Rob Di Marco. See LICENSE.txt for further details.

omniauth_crowd's People

Contributors

combhua avatar davepkennedy avatar grossws avatar natlibfi-arlehiko avatar robdimarco avatar samplacette avatar zoly avatar

Stargazers

 avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar

Watchers

 avatar  avatar  avatar

omniauth_crowd's Issues

Adding custom fields in OmniAuth::Form

It would be nide to have an option to add custom fields /text, hidden/ to the login form.
The gitlab added CSRF protection for omniauth providers, see my MR #23.

As I'm no ruby expert, is there any other way to push custom fields into the form or the code needed to be changed?

Can't seem to connect : keep getting "invalid_credentials"

Hey there,

So on a former app I use the old crowd_rails gem by stefanwille. It keeps working.

However, using this gem as an auth strategy with the latest devise, no dice. The server URL, app name and app passwords have been duly checked, and all the FQDNs + IPs I use for the Rails app are greenlighted in my Crowd app config. Ah, and of course, the credentials I use to log in interactively work fine (including in the Crowd app authentication test, and in the other Rails app I use, based on crowd_rails).

Is there a way to make the gem log more details? Like, request/response streams with the Crowd server? Because I'm blind here!

Thanks

callback_path with sub uri

When comparing to twitter and facebook as OmniAuth providers, "omniauth_crowd" appears to be returning me to the incorrect url only when deploying the application to a sub-uri.

==Working Setup running application in stand-alone rails server==
When working on the application and starting the webbrick server on port 3000, the effective url for the application is http://server/auth/crowd to get the login prompt. After providing my credentials, I am returned to the correct callback_url, which is http://server/auth/crowd/callback.
Login URL: http://server/auth/crowd
Callback URL: http://server/auth/crowd/callback

==Failing Setup==
When deploying the application to our typical in-house setup of using a sub-uri, the effective url is http://server/subdirectory/auth/crowd to get the login prompt. After providing credentials, I am returned to the incorrect callback_url, which is: http://server/auth/crowd/callback.
Login URL: http://server/subdirectory/auth/crowd
Callback URL: http://server/auth/crowd/callback

==Working Setup using facebook provider==
Login URL: http://server/subdirectory/auth/facebook
Callback URL: http://server/subdirectory/auth/facebook/callback

==Working Setup using twitter provider==
Login URL: http://server/subdirectory/auth/twitter
Callback URL: http://server/subdirectory/auth/facebook/twitter

The issue is the failing setup drops the subdirectory/sub-uri. I found a similar problem fixed previously by omniauth. I have confirmed I am using the updated code with the fix
omniauth/omniauth#212

Thanks very much for your time and maintenance of this gem!

Tests failing

This is the output I get when I run bundle install and bundle exec rake. Can you help fix them?

$ bundle install

Resolving dependencies...
Using rake 10.3.2
Using i18n 0.6.11
Using json 1.8.1
Using minitest 5.4.0
Using thread_safe 0.3.4
Using tzinfo 1.2.2
Using activesupport 4.1.4
Using addressable 2.3.6
Using bundler 1.10.6
Using safe_yaml 1.0.3
Using crack 0.4.2
Using diff-lcs 1.2.5
Using hashie 3.2.0
Using mini_portile 0.6.0
Using nokogiri 1.6.3.1
Using rack 1.5.2
Using omniauth 1.2.2
Using omniauth_crowd 2.2.3 from source at .
Using rack-test 0.6.2
Using rspec-support 3.0.3
Using rspec-core 3.0.3
Using rspec-expectations 3.0.3
Using rspec-mocks 3.0.3
Using rspec 3.0.0
Using webmock 1.18.0
Bundle complete! 7 Gemfile dependencies, 25 gems now installed.
Use `bundle show [gemname]` to see where a bundled gem is installed.

$ bundle exec rake

/usr/bin/ruby2.2 -I/var/lib/gems/2.2.0/gems/rspec-core-3.0.3/lib:/var/lib/gems/2.2.0/gems/rspec-support-3.0.3/lib -S /var/lib/gems/2.2.0/gems/rspec-core-3.0.3/exe/rspec ./spec/omniauth/strategies/crowd_spec.rb
/var/lib/gems/2.2.0/gems/safe_yaml-1.0.3/lib/safe_yaml/load.rb:43:in `<module:SafeYAML>': undefined method `tagged_classes' for Psych:Module (NoMethodError)
    from /var/lib/gems/2.2.0/gems/safe_yaml-1.0.3/lib/safe_yaml/load.rb:26:in `<top (required)>'
    from /var/lib/gems/2.2.0/gems/crack-0.4.2/lib/crack/json.rb:6:in `require'
    from /var/lib/gems/2.2.0/gems/crack-0.4.2/lib/crack/json.rb:6:in `<top (required)>'
    from /var/lib/gems/2.2.0/gems/crack-0.4.2/lib/crack.rb:6:in `require'
    from /var/lib/gems/2.2.0/gems/crack-0.4.2/lib/crack.rb:6:in `<top (required)>'
    from /var/lib/gems/2.2.0/gems/webmock-1.18.0/lib/webmock.rb:5:in `require'
    from /var/lib/gems/2.2.0/gems/webmock-1.18.0/lib/webmock.rb:5:in `<top (required)>'
    from /home/balasankarc/packaging/trying/omniauth-crowd/source/omniauth_crowd/spec/spec_helper.rb:4:in `require'
    from /home/balasankarc/packaging/trying/omniauth-crowd/source/omniauth_crowd/spec/spec_helper.rb:4:in `<top (required)>'
    from /home/balasankarc/packaging/trying/omniauth-crowd/source/omniauth_crowd/spec/omniauth/strategies/crowd_spec.rb:1:in `require'
    from /home/balasankarc/packaging/trying/omniauth-crowd/source/omniauth_crowd/spec/omniauth/strategies/crowd_spec.rb:1:in `<top (required)>'
    from /var/lib/gems/2.2.0/gems/rspec-core-3.0.3/lib/rspec/core/configuration.rb:1057:in `load'
    from /var/lib/gems/2.2.0/gems/rspec-core-3.0.3/lib/rspec/core/configuration.rb:1057:in `block in load_spec_files'
    from /var/lib/gems/2.2.0/gems/rspec-core-3.0.3/lib/rspec/core/configuration.rb:1057:in `each'
    from /var/lib/gems/2.2.0/gems/rspec-core-3.0.3/lib/rspec/core/configuration.rb:1057:in `load_spec_files'
    from /var/lib/gems/2.2.0/gems/rspec-core-3.0.3/lib/rspec/core/runner.rb:97:in `setup'
    from /var/lib/gems/2.2.0/gems/rspec-core-3.0.3/lib/rspec/core/runner.rb:85:in `run'
    from /var/lib/gems/2.2.0/gems/rspec-core-3.0.3/lib/rspec/core/runner.rb:70:in `run'
    from /var/lib/gems/2.2.0/gems/rspec-core-3.0.3/lib/rspec/core/runner.rb:38:in `invoke'
    from /var/lib/gems/2.2.0/gems/rspec-core-3.0.3/exe/rspec:4:in `<main>'
/usr/bin/ruby2.2 -I/var/lib/gems/2.2.0/gems/rspec-core-3.0.3/lib:/var/lib/gems/2.2.0/gems/rspec-support-3.0.3/lib -S /var/lib/gems/2.2.0/gems/rspec-core-3.0.3/exe/rspec ./spec/omniauth/strategies/crowd_spec.rb failed

OmniAuth v2.0.0rc1

Hello, maintainer of OmniAuth here.

I just wanted to make the maintainers of this gem aware of the discussion that I have opened regarding v2.0.0 of OmniAuth. I invite you to join in and voice any concerns you may have here: omniauth/omniauth#1017

Style login page

I see this gem doesn't use the CrowdID OpenID provider; it uses the Crowd REST API. So therefore this needs to have its own login form, which I understand. It looks like it can't be customized, because it uses OmniAuth::Form, and the OmniAuth::Strategies::Crowd#get_credentials method from omniauth_crowd creates it. Am I missing something here? The default form, which I think is otherwise only used for the development strategy is ugly (not your fault πŸ˜„ )

Missing application_name

omniauth_crowd works as expected on my local machine, but when I deploy application to the Debian server it is missing the application_name.

From my crowd_access.log:

from local machine (where example_app is an application name)

example_app [06/Apr/2013:06:12:59 +0400] "POST /crowd/rest/usermanagement/latest/authentication?username=a.smolov HTTP/1.1" 200 653 "-" "Ruby"

from server (application name is missing)

- [06/Apr/2013:05:45:47 +0400] "POST /crowd/rest/usermanagement/latest/authentication?username=a.smolov HTTP/1.1" 401 45 "-" "Ruby"

NameError uninitialized constant

After putting in my credentials and clicking connect I get the following error:

NameError (uninitialized constant OmniAuth::Strategies::Crowd::CrowdValidator::Net)

I have made sure I have my source IP in Crowd and that the app name and password are correct. Any ideas?

OmniAuth 1.0 released

OmniAuth 1.0 was just released.

So for now you have to change your Gemfile

`gem 'omniauth', '~> 0.3.2'``

Any plans on upgrading omniauth_crowd to work with the newer version?

Problem with being redirected to reauthenticate after login

I could successfully login into crowd using this plugin, but if I will login in some other our crowd resource and
then will try to redirect on /auth/crowd/ in my application then I will have the 'login into crowd' screen again, while I expecting
already being logged (like using twitter provider for omniauth).

No matter logged I somewhere on not in crowd it everytimes asks me to login again from my app. Is this is a limitation of this plugin or I am doing something
wrong ?

Crowd Login-Form and AssetPipeline

I am now on Rails 3.1 and the Login-Form for OmniAuth-Crowd stopped looking fine. Obviously there is something wrong with the referrencing of the stylesheets and images. Sounds like a AssetPipeline problem to me.

I really don't know how the login form is rendered. I did not find any action or template that is handling this.

Can someone help me? I anyone using Crowd and Rails 3.1 with AssetPipeline?

Thanks in advance,
Torsten

not working with omniauth 1.1.4 ?

Hi,

I tried to setup the crowd provider for gitlab project. It will not pass the object construction, so the initialize method has wrong number of parameters. Is the 2.1.1 version compatible with the 1.1.4 of the omniauth?

root@source:/home/phudec# gem list | grep omni
gitlab_omniauth-ldap (1.0.3)
omniauth (1.1.4)
omniauth-github (1.1.1)
omniauth-google-oauth2 (0.2.0)
omniauth-oauth (1.0.1)
omniauth-oauth2 (1.1.1)
omniauth-twitter (1.0.0)
omniauth_crowd (2.1.1)

Cannot authenticate with password with special characters

I attempted to address this problem with pull request #13 , but it appears that even with the fix applied the problem remains outstanding. I believe the issue is due to a special character ("<") in my password.

My fix attempt in pull request #13 included tests, but it appears that the tests did not fully describe the necessary behavior to avoid the problem. I can try to fix again, but I'll have to set up a full stack locally to do integration testing since I can't verify through simple unit tests. If someone else already has such a test environment and can take this issue that would be helpful, since I've already invested quite a bit of time into this issue and I have other more pressing concerns to attend to. Otherwise I will set up an integration testing environment and attempt to fix it, probably later this week.

Here is the logged output from an attempt to log in, using omniauth_crowd v2.1.2:

[ 2013-08-14 16:19:02.7204 23253/7f1a6010c700 Pool2/Implementation.cpp:1182 ]: [App 23374 stdout] I, [2013-08-14T16:19
:02.719136 #23374]  INFO -- omniauth: (crowd) Request phase initiated.                                                
[ 2013-08-14 16:19:02.7600 23253/7f1a6010c700 Pool2/Implementation.cpp:1182 ]: [App 23374 stdout] I, [2013-08-14T16:19
:02.759924 #23374]  INFO -- omniauth: (crowd) Callback phase initiated.                                               
[ 2013-08-14 16:19:03.9487 23253/7f1a6010c700 Pool2/Implementation.cpp:1182 ]: [App 23374 stdout] W, [2013-08-14T16:19
:03.948583 #23374]  WARN -- omniauth: (crowd) [retrieve_user_info!] response code: 400                                
[ 2013-08-14 16:19:03.9488 23253/7f1a6010c700 Pool2/Implementation.cpp:1182 ]: [App 23374 stdout] W, [2013-08-14T16:19
:03.948820 #23374]  WARN -- omniauth: (crowd) [retrieve_user_info!] response body: <?xml version="1.0" encoding="UTF-8
" standalone="yes"?><error><reason>INVALID_USER_AUTHENTICATION</reason><message>Account with name &lt;vplacsa&gt; fail
ed to authenticate: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C0903A9, comment: AcceptSecurityContext error, dat
a 52e, v1db1\u0000]; nested exception is javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308: LdapEr
r: DSID-0C0903A9, comment: AcceptSecurityContext error, data 52e, v1db1\u0000]</message></error>                      
[ 2013-08-14 16:19:03.9490 23253/7f1a6010c700 Pool2/Implementation.cpp:1182 ]: [App 23374 stdout] E, [2013-08-14T16:19
:03.948983 #23374] ERROR -- omniauth: (crowd) Authentication failure! invalid_credentials encountered.   

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    πŸ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. πŸ“ŠπŸ“ˆπŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❀️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.