cst1/openstreetmap-website
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Merge remote-tracking branch 'upstream/pull/4169'

Browse source
This commit is contained in:
Tom Hughes 2023-08-20 11:04:28 +01:00
commit 2a1689f962
14 changed files with 91 additions and 81 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
Gemfile
View file

@ -72,9 +72,9 @@ gem "omniauth-facebook"
gem "omniauth-github"
gem "omniauth-google-oauth2", ">= 0.6.0"
gem "omniauth-mediawiki", ">= 0.0.4"
gem "omniauth-microsoft_graph"
gem "omniauth-openid"
gem "omniauth-rails_csrf_protection", "~> 1.0"
gem "omniauth-windowslive"
# Doorkeeper for OAuth2
gem "doorkeeper"

8
Gemfile.lock
View file

@ -348,6 +348,9 @@ GEM
omniauth-mediawiki (0.0.4)
jwt (~> 2.0)
omniauth-oauth (~> 1.0)
omniauth-microsoft_graph (1.2.0)
omniauth (~> 2.0)
omniauth-oauth2 (~> 1.8.0)
omniauth-oauth (1.2.0)
oauth
omniauth (>= 1.0, < 3)
@ -360,9 +363,6 @@ GEM
omniauth-rails_csrf_protection (1.0.1)
actionpack (>= 4.2)
omniauth (~> 2.0)
omniauth-windowslive (0.0.12)
multi_json (~> 1.12)
omniauth-oauth2 (~> 1.4)
openstreetmap-deadlock_retry (1.3.1)
parallel (1.23.0)
parser (3.2.2.3)
@ -595,9 +595,9 @@ DEPENDENCIES
omniauth-github
omniauth-google-oauth2 (>= 0.6.0)
omniauth-mediawiki (>= 0.0.4)
omniauth-microsoft_graph
omniauth-openid
omniauth-rails_csrf_protection (~> 1.0)
omniauth-windowslive
openstreetmap-deadlock_retry (>= 1.3.1)
pg
puma (~> 5.6)

0
app/assets/images/windowslive.svg → app/assets/images/microsoft.svg
View file

Side by side Swipe Overlay

Before

Width:  |  Height:  |  Size: 494 B

After

Width:  |  Height:  |  Size: 494 B

2
app/controllers/users_controller.rb
View file

@ -250,7 +250,7 @@ class UsersController < ApplicationController
when "openid"
uid.match(%r{https://www.google.com/accounts/o8/id?(.*)}) ||
uid.match(%r{https://me.yahoo.com/(.*)})
when "google", "facebook"
when "google", "facebook", "microsoft"
true
else
false

4
app/views/sessions/new.html.erb
View file

@ -35,8 +35,8 @@
<% if Settings.key?(:facebook_auth_id) -%>
<li><%= auth_button "facebook", "facebook" %></li>
<% end -%>
<% if Settings.key?(:windowslive_auth_id) -%>
<li><%= auth_button "windowslive", "windowslive" %></li>
<% if Settings.key?(:microsoft_auth_id) -%>
<li><%= auth_button "microsoft", "microsoft" %></li>
<% end -%>
<% if Settings.key?(:github_auth_id) -%>
<li><%= auth_button "github", "github" %></li>

4
config/initializers/omniauth.rb
View file

@ -24,7 +24,7 @@ end
openid_options = { :name => "openid", :store => openid_store }
google_options = { :name => "google", :scope => "email", :access_type => "online" }
facebook_options = { :name => "facebook", :scope => "email", :client_options => { :site => "https://graph.facebook.com/v4.0", :authorize_url => "https://www.facebook.com/v4.0/dialog/oauth" } }
windowslive_options = { :name => "windowslive", :scope => "wl.signin,wl.emails" }
microsoft_options = { :name => "microsoft", :scope => "openid User.Read" }
github_options = { :name => "github", :scope => "user:email" }
wikipedia_options = { :name => "wikipedia", :client_options => { :site => "https://meta.wikimedia.org" } }
@ -34,7 +34,7 @@ Rails.application.config.middleware.use OmniAuth::Builder do
provider :openid, openid_options
provider :google_oauth2, Settings.google_auth_id, Settings.google_auth_secret, google_options if Settings.key?(:google_auth_id)
provider :facebook, Settings.facebook_auth_id, Settings.facebook_auth_secret, facebook_options if Settings.key?(:facebook_auth_id)
provider :windowslive, Settings.windowslive_auth_id, Settings.windowslive_auth_secret, windowslive_options if Settings.key?(:windowslive_auth_id)
provider :microsoft_graph, Settings.microsoft_auth_id, Settings.microsoft_auth_secret, microsoft_options if Settings.key?(:microsoft_auth_id)
provider :github, Settings.github_auth_id, Settings.github_auth_secret, github_options if Settings.key?(:github_auth_id)
provider :mediawiki, Settings.wikipedia_auth_id, Settings.wikipedia_auth_secret, wikipedia_options if Settings.key?(:wikipedia_auth_id)
end

4
config/locales/en.yml
View file

@ -212,7 +212,7 @@ en:
openid: OpenID
google: Google
facebook: Facebook
windowslive: Microsoft
microsoft: Microsoft
github: GitHub
wikipedia: Wikipedia
api:
@ -1785,7 +1785,7 @@ en:
facebook:
title: Login with Facebook
alt: Login with a Facebook Account
windowslive:
microsoft:
title: Login with Microsoft
alt: Login with a Microsoft Account
github:

4
config/settings.yml
View file

@ -104,10 +104,10 @@ fossgis_valhalla_url: "https://valhalla1.openstreetmap.de/route"
#google_openid_realm: ""
#facebook_auth_id: ""
#facebook_auth_secret: ""
#windowslive_auth_id: ""
#windowslive_auth_secret: ""
#github_auth_id: ""
#github_auth_secret: ""
#microsoft_auth_id: ""
#microsoft_auth_secret: ""
#wikipedia_auth_id: ""
#wikipedia_auth_secret: ""
# Thunderforest authentication details

4
config/settings/test.yml
View file

@ -6,8 +6,8 @@ google_auth_secret: "dummy"
google_openid_realm: "https://www.openstreetmap.org"
facebook_auth_id: "dummy"
facebook_auth_secret: "dummy"
windowslive_auth_id: "dummy"
windowslive_auth_secret: "dummy"
microsoft_auth_id: "dummy"
microsoft_auth_secret: "dummy"
github_auth_id: "dummy"
github_auth_secret: "dummy"
wikipedia_auth_id: "dummy"

9
db/migrate/20230816135800_use_microsoft_graph.rb Normal file
View file

@ -0,0 +1,9 @@
class UseMicrosoftGraph < ActiveRecord::Migration[7.0]
def self.up
User.where(:auth_provider => "windowslive").update_all(:auth_provider => "microsoft")
end
def self.down
User.where(:auth_provider => "microsoft").update_all(:auth_provider => "windowslive")
end
end

1
db/structure.sql
View file

@ -3395,6 +3395,7 @@ INSERT INTO "schema_migrations" (version) VALUES
('20211216185316'),
('20220201183346'),
('20220223140543'),
('20230816135800'),
('21'),
('22'),
('23'),

2
lib/auth.rb
View file

@ -8,7 +8,7 @@ module Auth
}.tap do |providers|
providers[I18n.t("auth.providers.google")] = "google" if Settings.key?(:google_auth_id)
providers[I18n.t("auth.providers.facebook")] = "facebook" if Settings.key?(:facebook_auth_id)
providers[I18n.t("auth.providers.windowslive")] = "windowslive" if Settings.key?(:windowslive_auth_id)
providers[I18n.t("auth.providers.microsoft")] = "microsoft" if Settings.key?(:microsoft_auth_id)
providers[I18n.t("auth.providers.github")] = "github" if Settings.key?(:github_auth_id)
providers[I18n.t("auth.providers.wikipedia")] = "wikipedia" if Settings.key?(:wikipedia_auth_id)
end.freeze

58
test/integration/user_creation_test.rb
View file

@ -11,7 +11,7 @@ class UserCreationTest < ActionDispatch::IntegrationTest
OmniAuth.config.mock_auth[:openid] = nil
OmniAuth.config.mock_auth[:google] = nil
OmniAuth.config.mock_auth[:facebook] = nil
OmniAuth.config.mock_auth[:windowslive] = nil
OmniAuth.config.mock_auth[:microsoft] = nil
OmniAuth.config.mock_auth[:github] = nil
OmniAuth.config.mock_auth[:wikipedia] = nil
OmniAuth.config.test_mode = false
@ -689,28 +689,28 @@ class UserCreationTest < ActionDispatch::IntegrationTest
assert_template "site/welcome"
end
def test_user_create_windowslive_success
new_email = "newtester-windowslive@osm.org"
display_name = "new_tester-windowslive"
def test_user_create_microsoft_success
new_email = "newtester-microsoft@osm.org"
display_name = "new_tester-microsoft"
password = "testtest"
OmniAuth.config.add_mock(:windowslive, :uid => "123454321", :info => { "email" => new_email })
OmniAuth.config.add_mock(:microsoft, :uid => "123454321", :info => { "email" => new_email })
assert_difference("User.count") do
assert_difference("ActionMailer::Base.deliveries.size", 1) do
assert_difference("ActionMailer::Base.deliveries.size", 0) do
perform_enqueued_jobs do
post "/user/new",
:params => { :user => { :email => new_email,
:email_confirmation => new_email,
:display_name => display_name,
:auth_provider => "windowslive",
:auth_provider => "microsoft",
:pass_crypt => "",
:pass_crypt_confirmation => "" } }
assert_response :redirect
assert_redirected_to auth_path(:provider => "windowslive", :origin => "/user/new")
assert_redirected_to auth_path(:provider => "microsoft", :origin => "/user/new")
post response.location
assert_response :redirect
assert_redirected_to auth_success_path(:provider => "windowslive")
assert_redirected_to auth_success_path(:provider => "microsoft")
follow_redirect!
assert_response :redirect
assert_redirected_to "/user/terms"
@ -718,13 +718,13 @@ class UserCreationTest < ActionDispatch::IntegrationTest
:params => { :user => { :email => new_email,
:email_confirmation => new_email,
:display_name => display_name,
:auth_provider => "windowslive",
:auth_provider => "microsoft",
:auth_uid => "123454321",
:pass_crypt => password,
:pass_crypt_confirmation => password },
:read_ct => 1, :read_tou => 1 }
assert_response :redirect
assert_redirected_to :controller => :confirmations, :action => :confirm, :display_name => display_name
assert_redirected_to welcome_path
follow_redirect!
end
end
@ -732,16 +732,16 @@ class UserCreationTest < ActionDispatch::IntegrationTest
# Check the page
assert_response :success
assert_template "confirmations/confirm"
assert_template "site/welcome"
ActionMailer::Base.deliveries.clear
end
def test_user_create_windowslive_failure
OmniAuth.config.mock_auth[:windowslive] = :connection_failed
def test_user_create_microsoft_failure
OmniAuth.config.mock_auth[:microsoft] = :connection_failed
new_email = "newtester-windowslive2@osm.org"
display_name = "new_tester-windowslive2"
new_email = "newtester-microsoft2@osm.org"
display_name = "new_tester-microsoft2"
assert_difference("User.count", 0) do
assert_difference("ActionMailer::Base.deliveries.size", 0) do
perform_enqueued_jobs do
@ -749,17 +749,17 @@ class UserCreationTest < ActionDispatch::IntegrationTest
:params => { :user => { :email => new_email,
:email_confirmation => new_email,
:display_name => display_name,
:auth_provider => "windowslive",
:auth_provider => "microsoft",
:pass_crypt => "",
:pass_crypt_confirmation => "" } }
assert_response :redirect
assert_redirected_to auth_path(:provider => "windowslive", :origin => "/user/new")
assert_redirected_to auth_path(:provider => "microsoft", :origin => "/user/new")
post response.location
assert_response :redirect
assert_redirected_to auth_success_path(:provider => "windowslive")
assert_redirected_to auth_success_path(:provider => "microsoft")
follow_redirect!
assert_response :redirect
assert_redirected_to auth_failure_path(:strategy => "windowslive", :message => "connection_failed", :origin => "/user/new")
assert_redirected_to auth_failure_path(:strategy => "microsoft", :message => "connection_failed", :origin => "/user/new")
follow_redirect!
assert_response :redirect
follow_redirect!
@ -772,11 +772,11 @@ class UserCreationTest < ActionDispatch::IntegrationTest
ActionMailer::Base.deliveries.clear
end
def test_user_create_windowslive_redirect
OmniAuth.config.add_mock(:windowslive, :uid => "123454321")
def test_user_create_microsoft_redirect
OmniAuth.config.add_mock(:microsoft, :uid => "123454321")
new_email = "redirect_tester_windowslive@osm.org"
display_name = "redirect_tester_windowslive"
new_email = "redirect_tester_microsoft@osm.org"
display_name = "redirect_tester_microsoft"
# nothing special about this page, just need a protected page to redirect back to.
referer = "/traces/mine"
assert_difference("User.count") do
@ -786,15 +786,15 @@ class UserCreationTest < ActionDispatch::IntegrationTest
:params => { :user => { :email => new_email,
:email_confirmation => new_email,
:display_name => display_name,
:auth_provider => "windowslive",
:auth_provider => "microsoft",
:pass_crypt => "",
:pass_crypt_confirmation => "" },
:referer => referer }
assert_response :redirect
assert_redirected_to auth_path(:provider => "windowslive", :origin => "/user/new")
assert_redirected_to auth_path(:provider => "microsoft", :origin => "/user/new")
post response.location
assert_response :redirect
assert_redirected_to auth_success_path(:provider => "windowslive")
assert_redirected_to auth_success_path(:provider => "microsoft")
follow_redirect!
assert_response :redirect
assert_redirected_to "/user/terms"
@ -802,7 +802,7 @@ class UserCreationTest < ActionDispatch::IntegrationTest
:params => { :user => { :email => new_email,
:email_confirmation => new_email,
:display_name => display_name,
:auth_provider => "windowslive",
:auth_provider => "microsoft",
:auth_uid => "http://localhost:1123/new.tester",
:pass_crypt => "testtest",
:pass_crypt_confirmation => "testtest" },
@ -817,7 +817,7 @@ class UserCreationTest < ActionDispatch::IntegrationTest
assert_equal register_email.to.first, new_email
# Check that the confirm account url is correct
confirm_regex = Regexp.new("/user/redirect_tester_windowslive/confirm\\?confirm_string=([a-zA-Z0-9]*)")
confirm_regex = Regexp.new("/user/redirect_tester_microsoft/confirm\\?confirm_string=([a-zA-Z0-9]*)")
email_text_parts(register_email).each do |part|
assert_match confirm_regex, part.body.to_s
end

70
test/integration/user_login_test.rb
View file

@ -9,7 +9,7 @@ class UserLoginTest < ActionDispatch::IntegrationTest
OmniAuth.config.mock_auth[:openid] = nil
OmniAuth.config.mock_auth[:google] = nil
OmniAuth.config.mock_auth[:facebook] = nil
OmniAuth.config.mock_auth[:windowslive] = nil
OmniAuth.config.mock_auth[:microsoft] = nil
OmniAuth.config.mock_auth[:github] = nil
OmniAuth.config.mock_auth[:wikipedia] = nil
OmniAuth.config.test_mode = false
@ -853,9 +853,9 @@ class UserLoginTest < ActionDispatch::IntegrationTest
assert_select "span.username", false
end
def test_login_windowslive_success
user = create(:user, :auth_provider => "windowslive", :auth_uid => "1234567890")
OmniAuth.config.add_mock(:windowslive, :uid => user.auth_uid)
def test_login_microsoft_success
user = create(:user, :auth_provider => "microsoft", :auth_uid => "1234567890")
OmniAuth.config.add_mock(:microsoft, :uid => user.auth_uid)
get "/login", :params => { :referer => "/history" }
assert_response :redirect
@ -863,9 +863,9 @@ class UserLoginTest < ActionDispatch::IntegrationTest
follow_redirect!
assert_response :success
assert_template "sessions/new"
post auth_path(:provider => "windowslive", :origin => "/login?referer=%2Fhistory", :referer => "/history")
post auth_path(:provider => "microsoft", :origin => "/login?referer=%2Fhistory", :referer => "/history")
assert_response :redirect
assert_redirected_to auth_success_path(:provider => "windowslive")
assert_redirected_to auth_success_path(:provider => "microsoft")
follow_redirect!
assert_response :redirect
follow_redirect!
@ -874,9 +874,9 @@ class UserLoginTest < ActionDispatch::IntegrationTest
assert_select "span.username", user.display_name
end
def test_login_windowslive_pending
user = create(:user, :pending, :auth_provider => "windowslive", :auth_uid => "1234567890")
OmniAuth.config.add_mock(:windowslive, :uid => user.auth_uid)
def test_login_microsoft_pending
user = create(:user, :pending, :auth_provider => "microsoft", :auth_uid => "1234567890")
OmniAuth.config.add_mock(:microsoft, :uid => user.auth_uid)
get "/login", :params => { :referer => "/history" }
assert_response :redirect
@ -884,9 +884,9 @@ class UserLoginTest < ActionDispatch::IntegrationTest
follow_redirect!
assert_response :success
assert_template "sessions/new"
post auth_path(:provider => "windowslive", :origin => "/login?referer=%2Fhistory", :referer => "/history")
post auth_path(:provider => "microsoft", :origin => "/login?referer=%2Fhistory", :referer => "/history")
assert_response :redirect
assert_redirected_to auth_success_path(:provider => "windowslive")
assert_redirected_to auth_success_path(:provider => "microsoft")
follow_redirect!
assert_response :redirect
follow_redirect!
@ -894,9 +894,9 @@ class UserLoginTest < ActionDispatch::IntegrationTest
assert_template "confirm"
end
def test_login_windowslive_suspended
user = create(:user, :suspended, :auth_provider => "windowslive", :auth_uid => "1234567890")
OmniAuth.config.add_mock(:windowslive, :uid => user.auth_uid)
def test_login_microsoft_suspended
user = create(:user, :suspended, :auth_provider => "microsoft", :auth_uid => "1234567890")
OmniAuth.config.add_mock(:microsoft, :uid => user.auth_uid)
get "/login", :params => { :referer => "/history" }
assert_response :redirect
@ -904,9 +904,9 @@ class UserLoginTest < ActionDispatch::IntegrationTest
follow_redirect!
assert_response :success
assert_template "sessions/new"
post auth_path(:provider => "windowslive", :origin => "/login?referer=%2Fhistory", :referer => "/history")
post auth_path(:provider => "microsoft", :origin => "/login?referer=%2Fhistory", :referer => "/history")
assert_response :redirect
assert_redirected_to auth_success_path(:provider => "windowslive")
assert_redirected_to auth_success_path(:provider => "microsoft")
follow_redirect!
assert_response :redirect
follow_redirect!
@ -918,10 +918,10 @@ class UserLoginTest < ActionDispatch::IntegrationTest
end
end
def test_login_windowslive_blocked
user = create(:user, :auth_provider => "windowslive", :auth_uid => "1234567890")
def test_login_microsoft_blocked
user = create(:user, :auth_provider => "microsoft", :auth_uid => "1234567890")
create(:user_block, :needs_view, :user => user)
OmniAuth.config.add_mock(:windowslive, :uid => user.auth_uid)
OmniAuth.config.add_mock(:microsoft, :uid => user.auth_uid)
get "/login", :params => { :referer => "/history" }
assert_response :redirect
@ -929,9 +929,9 @@ class UserLoginTest < ActionDispatch::IntegrationTest
follow_redirect!
assert_response :success
assert_template "sessions/new"
post auth_path(:provider => "windowslive", :origin => "/login?referer=%2Fhistory", :referer => "/history")
post auth_path(:provider => "microsoft", :origin => "/login?referer=%2Fhistory", :referer => "/history")
assert_response :redirect
assert_redirected_to auth_success_path(:provider => "windowslive")
assert_redirected_to auth_success_path(:provider => "microsoft")
follow_redirect!
assert_response :redirect
follow_redirect!
@ -940,8 +940,8 @@ class UserLoginTest < ActionDispatch::IntegrationTest
assert_select "span.username", user.display_name
end
def test_login_windowslive_connection_failed
OmniAuth.config.mock_auth[:windowslive] = :connection_failed
def test_login_microsoft_connection_failed
OmniAuth.config.mock_auth[:microsoft] = :connection_failed
get "/login", :params => { :referer => "/history" }
assert_response :redirect
@ -949,12 +949,12 @@ class UserLoginTest < ActionDispatch::IntegrationTest
follow_redirect!
assert_response :success
assert_template "sessions/new"
post auth_path(:provider => "windowslive", :origin => "/login?referer=%2Fhistory", :referer => "/history")
post auth_path(:provider => "microsoft", :origin => "/login?referer=%2Fhistory", :referer => "/history")
assert_response :redirect
assert_redirected_to auth_success_path(:provider => "windowslive")
assert_redirected_to auth_success_path(:provider => "microsoft")
follow_redirect!
assert_response :redirect
assert_redirected_to auth_failure_path(:strategy => "windowslive", :message => "connection_failed", :origin => "/login?referer=%2Fhistory")
assert_redirected_to auth_failure_path(:strategy => "microsoft", :message => "connection_failed", :origin => "/login?referer=%2Fhistory")
follow_redirect!
assert_response :redirect
follow_redirect!
@ -964,8 +964,8 @@ class UserLoginTest < ActionDispatch::IntegrationTest
assert_select "span.username", false
end
def test_login_windowslive_invalid_credentials
OmniAuth.config.mock_auth[:windowslive] = :invalid_credentials
def test_login_microsoft_invalid_credentials
OmniAuth.config.mock_auth[:microsoft] = :invalid_credentials
get "/login", :params => { :referer => "/history" }
assert_response :redirect
@ -973,12 +973,12 @@ class UserLoginTest < ActionDispatch::IntegrationTest
follow_redirect!
assert_response :success
assert_template "sessions/new"
post auth_path(:provider => "windowslive", :origin => "/login?referer=%2Fhistory", :referer => "/history")
post auth_path(:provider => "microsoft", :origin => "/login?referer=%2Fhistory", :referer => "/history")
assert_response :redirect
assert_redirected_to auth_success_path(:provider => "windowslive")
assert_redirected_to auth_success_path(:provider => "microsoft")
follow_redirect!
assert_response :redirect
assert_redirected_to auth_failure_path(:strategy => "windowslive", :message => "invalid_credentials", :origin => "/login?referer=%2Fhistory")
assert_redirected_to auth_failure_path(:strategy => "microsoft", :message => "invalid_credentials", :origin => "/login?referer=%2Fhistory")
follow_redirect!
assert_response :redirect
follow_redirect!
@ -988,8 +988,8 @@ class UserLoginTest < ActionDispatch::IntegrationTest
assert_select "span.username", false
end
def test_login_windowslive_unknown
OmniAuth.config.add_mock(:windowslive, :uid => "987654321")
def test_login_microsoft_unknown
OmniAuth.config.add_mock(:microsoft, :uid => "987654321")
get "/login", :params => { :referer => "/history" }
assert_response :redirect
@ -997,9 +997,9 @@ class UserLoginTest < ActionDispatch::IntegrationTest
follow_redirect!
assert_response :success
assert_template "sessions/new"
post auth_path(:provider => "windowslive", :origin => "/login?referer=%2Fhistory", :referer => "/history")
post auth_path(:provider => "microsoft", :origin => "/login?referer=%2Fhistory", :referer => "/history")
assert_response :redirect
assert_redirected_to auth_success_path(:provider => "windowslive")
assert_redirected_to auth_success_path(:provider => "microsoft")
follow_redirect!
assert_response :redirect
follow_redirect!