Use omniauth-microsoft_graph instead of omniauth-windowslive

Omniauth-microsoft_graph correctly populates 'email' and 'name' fields used by OpenStreetMap. It also uses updated endpoints for Microsoft identity provider. Use email address returned by microsoft_graph provider as a verified address. Upgrading exisiting users from windowslive to microsoft_graph: - upon next login existing `windowslive` users will have to authorizei OpenStreetMap application to "Read Your Profile," required for proper reading of display name field. The name of the identity provider in OSM is kept to 'windowslive': - the entries in users table with `provider == 'windowslive'` can be reused for microsoft_graph provider, since the uid field is preserved. Users will not need to repeat the sign up process. - OAuth2 callback is still `/auth/windowslive`, no updates to Microsoft Identity Provider portal App registration are necessary.
2023-08-14 10:32:14 +00:00 · 2023-08-14 10:32:14 +00:00 · 7428da74c2
commit 7428da74c2
parent fbe478d104
9 changed files with 17 additions and 17 deletions
--- a/2
+++ b/2
@ -72,9 +72,9 @@ gem "omniauth-facebook"
 gem "omniauth-github"
 gem "omniauth-google-oauth2", ">= 0.6.0"
 gem "omniauth-mediawiki", ">= 0.0.4"
 gem "omniauth-microsoft_graph"
 gem "omniauth-openid"
 gem "omniauth-rails_csrf_protection", "~> 1.0"
 gem "omniauth-windowslive"
 # Doorkeeper for OAuth2
 gem "doorkeeper"
--- a/Gemfile.lock
+++ b/Gemfile.lock
@ -348,6 +348,9 @@ GEM
    omniauth-mediawiki (0.0.4)
      jwt (~> 2.0)
      omniauth-oauth (~> 1.0)
    omniauth-microsoft_graph (1.2.0)
      omniauth (~> 2.0)
      omniauth-oauth2 (~> 1.8.0)
    omniauth-oauth (1.2.0)
      oauth
      omniauth (>= 1.0, < 3)
@ -360,9 +363,6 @@ GEM
    omniauth-rails_csrf_protection (1.0.1)
      actionpack (>= 4.2)
      omniauth (~> 2.0)
    omniauth-windowslive (0.0.12)
      multi_json (~> 1.12)
      omniauth-oauth2 (~> 1.4)
    openstreetmap-deadlock_retry (1.3.1)
    parallel (1.23.0)
    parser (3.2.2.3)
@ -595,9 +595,9 @@ DEPENDENCIES
  omniauth-github
  omniauth-google-oauth2 (>= 0.6.0)
  omniauth-mediawiki (>= 0.0.4)
  omniauth-microsoft_graph
  omniauth-openid
  omniauth-rails_csrf_protection (~> 1.0)
  omniauth-windowslive
  openstreetmap-deadlock_retry (>= 1.3.1)
  pg
  puma (~> 5.6)
--- a/app/controllers/users_controller.rb
+++ b/app/controllers/users_controller.rb
@ -250,7 +250,7 @@ class UsersController < ApplicationController
                     when "openid"
                       uid.match(%r{https://www.google.com/accounts/o8/id?(.*)}) ||
                       uid.match(%r{https://me.yahoo.com/(.*)})
-                     when "google", "facebook"
+                     when "google", "facebook", "windowslive"
                       true
                     else
                       false
--- a/app/views/sessions/new.html.erb
+++ b/app/views/sessions/new.html.erb
@ -35,7 +35,7 @@
        <% if Settings.key?(:facebook_auth_id) -%>
        <li><%= auth_button "facebook", "facebook" %></li>
        <% end -%>
-        <% if Settings.key?(:windowslive_auth_id) -%>
+        <% if Settings.key?(:microsoft_graph_auth_id) -%>
        <li><%= auth_button "windowslive", "windowslive" %></li>
        <% end -%>
        <% if Settings.key?(:github_auth_id) -%>
--- a/config/initializers/omniauth.rb
+++ b/config/initializers/omniauth.rb
@ -24,7 +24,7 @@ end
 openid_options = { :name => "openid", :store => openid_store }
 google_options = { :name => "google", :scope => "email", :access_type => "online" }
 facebook_options = { :name => "facebook", :scope => "email", :client_options => { :site => "https://graph.facebook.com/v4.0", :authorize_url => "https://www.facebook.com/v4.0/dialog/oauth" } }
-windowslive_options = { :name => "windowslive", :scope => "wl.signin,wl.emails" }
+microsoft_graph_options = { :name => "windowslive", :scope => "openid User.Read" }
 github_options = { :name => "github", :scope => "user:email" }
 wikipedia_options = { :name => "wikipedia", :client_options => { :site => "https://meta.wikimedia.org" } }
@ -34,7 +34,7 @@ Rails.application.config.middleware.use OmniAuth::Builder do
  provider :openid, openid_options
  provider :google_oauth2, Settings.google_auth_id, Settings.google_auth_secret, google_options if Settings.key?(:google_auth_id)
  provider :facebook, Settings.facebook_auth_id, Settings.facebook_auth_secret, facebook_options if Settings.key?(:facebook_auth_id)
-  provider :windowslive, Settings.windowslive_auth_id, Settings.windowslive_auth_secret, windowslive_options if Settings.key?(:windowslive_auth_id)
+  provider :microsoft_graph, Settings.microsoft_graph_auth_id, Settings.microsoft_graph_auth_secret, microsoft_graph_options if Settings.key?(:microsoft_graph_auth_id)
  provider :github, Settings.github_auth_id, Settings.github_auth_secret, github_options if Settings.key?(:github_auth_id)
  provider :mediawiki, Settings.wikipedia_auth_id, Settings.wikipedia_auth_secret, wikipedia_options if Settings.key?(:wikipedia_auth_id)
 end
--- a/config/settings.yml
+++ b/config/settings.yml
@ -100,8 +100,8 @@ fossgis_valhalla_url: "https://valhalla1.openstreetmap.de/route"
 #google_openid_realm: ""
 #facebook_auth_id: ""
 #facebook_auth_secret: ""
-#windowslive_auth_id: ""
+#microsoft_graph_auth_id: ""
-#windowslive_auth_secret: ""
+#microsoft_graph_auth_secret: ""
 #github_auth_id: ""
 #github_auth_secret: ""
 #wikipedia_auth_id: ""
--- a/config/settings/test.yml
+++ b/config/settings/test.yml
@ -6,8 +6,8 @@ google_auth_secret: "dummy"
 google_openid_realm: "https://www.openstreetmap.org"
 facebook_auth_id: "dummy"
 facebook_auth_secret: "dummy"
-windowslive_auth_id: "dummy"
+microsoft_graph_auth_id: "dummy"
-windowslive_auth_secret: "dummy"
+microsoft_graph_auth_secret: "dummy"
 github_auth_id: "dummy"
 github_auth_secret: "dummy"
 wikipedia_auth_id: "dummy"
--- a/lib/auth.rb
+++ b/lib/auth.rb
@ -8,7 +8,7 @@ module Auth
    }.tap do |providers|
      providers[I18n.t("auth.providers.google")] = "google" if Settings.key?(:google_auth_id)
      providers[I18n.t("auth.providers.facebook")] = "facebook" if Settings.key?(:facebook_auth_id)
-      providers[I18n.t("auth.providers.windowslive")] = "windowslive" if Settings.key?(:windowslive_auth_id)
+      providers[I18n.t("auth.providers.windowslive")] = "windowslive" if Settings.key?(:microsoft_graph_auth_id)
      providers[I18n.t("auth.providers.github")] = "github" if Settings.key?(:github_auth_id)
      providers[I18n.t("auth.providers.wikipedia")] = "wikipedia" if Settings.key?(:wikipedia_auth_id)
    end.freeze
--- a/test/integration/user_creation_test.rb
+++ b/test/integration/user_creation_test.rb
@ -697,7 +697,7 @@ class UserCreationTest < ActionDispatch::IntegrationTest
    OmniAuth.config.add_mock(:windowslive, :uid => "123454321", :info => { "email" => new_email })
    assert_difference("User.count") do
-      assert_difference("ActionMailer::Base.deliveries.size", 1) do
+      assert_difference("ActionMailer::Base.deliveries.size", 0) do
        perform_enqueued_jobs do
          post "/user/new",
               :params => { :user => { :email => new_email,
@ -724,7 +724,7 @@ class UserCreationTest < ActionDispatch::IntegrationTest
                                       :pass_crypt_confirmation => password },
                            :read_ct => 1, :read_tou => 1 }
          assert_response :redirect
-          assert_redirected_to :controller => :confirmations, :action => :confirm, :display_name => display_name
+          assert_redirected_to welcome_path
          follow_redirect!
        end
      end
@ -732,7 +732,7 @@ class UserCreationTest < ActionDispatch::IntegrationTest
    # Check the page
    assert_response :success
-    assert_template "confirmations/confirm"
+    assert_template "site/welcome"
    ActionMailer::Base.deliveries.clear
  end