Code Monkey home page Code Monkey logo

omniauth-paypal-oauth2's Introduction

OmniAuth PayPal OAuth2 Strategy

Strategy to authenticate with PayPal via OmniAuth.

Get your API key at: https://developer.paypal.com/developer/applications/ in the section RESTApps. Note the Client ID and the Client Secret.

Note: You generate separate keys for development (sandbox) and production (live) with each application you register. Use the config Gem to organize your keys and keep them safe.

For more details, read the PayPal docs: https://developer.paypal.com/docs/integration/direct/identity/

Table of Contents

Installation

Add to your Gemfile:

gem 'omniauth-paypal-oauth2'

And then execute:

$ bundle

Or install it yourself as:

$ gem install omniauth-paypal-oauth2

If you always want to be up to date fetch the latest from GitHub in your Gemfile:

gem 'omniauth-paypal-oauth2', github: 'jonhue/omniauth-paypal-oauth2'

Usage

PayPal API Setup

  • Go to 'https://developer.paypal.com/developer/applications/'
  • Select your project.
  • Scroll down to 'APP SETTINGS' for each 'SANDBOX' and 'LIVE'.
  • Set <YOURDOMAIN>/users/auth/paypal_oauth2/callback as Return URL.
  • Make sure "Log In with PayPal" is enabled and Save.
  • Go to Credentials, then select the "OAuth consent screen" tab on top, and provide an 'EMAIL ADDRESS' and a 'PRODUCT NAME'
  • Wait 10 minutes for changes to take effect.

Rails middleware

Here's an example for adding the middleware to a Rails app in config/initializers/omniauth.rb:

Rails.application.config.middleware.use OmniAuth::Builder do
  provider :paypal_oauth2, ENV['PAYPAL_CLIENT_ID'], ENV['PAYPAL_CLIENT_SECRET']
end

You can now access the OmniAuth PayPal OAuth2 URL: /auth/paypal_oauth2

Note: While developing your application, if you change the scope in the initializer you will need to restart your app server. Remember that either the 'email' or 'profile' scope is required!

Devise

First define your application id and secret in config/initializers/devise.rb. Do not use the snippet mentioned in the Usage section.

require 'omniauth-paypal-oauth2'
config.omniauth :paypal_oauth2, 'PAYPAL_CLIENT_ID', 'PAYPAL_CLIENT_SECRET'

Then add the following to 'config/routes.rb' so the callback routes are defined.

devise_for :users, controllers: { omniauth_callbacks: 'users/omniauth_callbacks' }

Make sure your model is omniauthable. Generally this is '/app/models/user.rb'

devise :omniauthable, omniauth_providers: [:paypal_oauth2]

Then make sure your callbacks controller is setup.

class Users::OmniauthCallbacksController < Devise::OmniauthCallbacksController
  def paypal_oauth2
    # You need to implement the method below in your model (e.g. app/models/user.rb)
    @user = User.from_omniauth(request.env['omniauth.auth'])

    if @user.persisted?
      flash[:notice] = I18n.t('devise.omniauth_callbacks.success', kind: 'PayPal')
      sign_in_and_redirect(@user, event: :authentication)
    else
      session['devise.paypal_data'] = request.env['omniauth.auth']
      redirect_to new_user_registration_url
    end
  end
end

and bind to or create the user

def self.from_omniauth(access_token)
  data = access_token.info
  user = User.where(email: data['email']).first

  # Uncomment the section below if you want users to be created if they don't exist
  # unless user
  #   user = User.create(name: data['name'],
  #      email: data['email'],
  #      password: Devise.friendly_token[0,20]
  #   )
  # end
  user
end

For your views you can login using:

<%= link_to 'Sign in with PayPal', user_paypal_oauth2_omniauth_authorize_path %>

<%# Devise prior 4.1.0: %>
<%= link_to 'Sign in with PayPal', user_omniauth_authorize_path(:paypal_oauth2) %>

An overview is available at https://github.com/plataformatec/devise/wiki/OmniAuth:-Overview

Configuration

If you click from your Applications Dashboard in your Application on "Advanced Options" in the "APP SETTINGS" section and "Log In with PayPal" subsection, you can configure several options:

  • Basic authentication: The unique identifier PPID (PayPal ID) is provided. No additional customer information. Not customizable.

  • Personal Information:

    • Full name: Permits the Name of the customer.

  • Address Information:

    • Email address: Permits the email address of the customer.
    • Street address: Permits the street address of the customer (Street name, House number).
    • City: Permits the city name where the customer resides.
    • State: Permits the state in which the city is located.
    • Country: Permits the country in which both state and city are located.
    • Zip code: Permits the Zip code of the customer.

  • Account Information:

    • Account status (verified): Permits a boolean which indicates whether the customer is verified by PayPal or not.

Auth Hash

Here's an example of an authentication hash available in the callback by accessing request.env['omniauth.auth']:

{
  provider: 'paypal',
  uid: 'bathjJwvdhKjgfgh8Jd745J7dh5Qkgflbnczd65dfnw',
  info: {
    name: 'John Smith',
    email: '[email protected]',
    location: 'Moscow'
  },
  credentials: {
    token: 'token',
    refresh_token: 'refresh_token',
    expires_at: 1355082790,
    expires: true
  },
  extra: {
    account_creation_date: '2008-04-21',
    account_type: 'PERSONAL',
    user_id: 'https://www.paypal.com/webapps/auth/identity/user/bathjJwvdhKjgfgh8Jd745J7dh5Qkgflbnczd65dfnw',
    address: {
      country: 'US',
      locality: 'San Jose',
      postal_code: '95131',
      region: 'CA',
      street_address: '1 Main St'
    },
    language: 'en_US',
    locale: 'en_US',
    verified_account: true,
    zoneinfo: 'America/Los_Angeles'
  }
}

For more details see the PayPal List Of Attributes.

Testing

  1. Fork this repository

  2. Clone your forked git locally

  3. Install dependencies

    $ bundle install

  4. Run specs

    $ bundle exec rspec

  5. Run RuboCop

    $ bundle exec rubocop

Release

  1. Review breaking changes and deprecations in CHANGELOG.md
  2. Change the gem version in lib/omniauth/paypal_oauth2/version.rb
  3. Reset CHANGELOG.md
  4. Create a pull request to merge the changes into master
  5. After the pull request was merged, create a new release listing the breaking changes and commits on master since the last release.
  6. The release workflow will publish the gems to RubyGems and the GitHub Package Registry

To Do

We use GitHub projects to coordinate the work on this project.

To propose your ideas, initiate the discussion by adding a new issue.

Contributing

We hope that you will consider contributing to OmniAuth PayPal OAuth2 Strategy. Please read this short overview for some information about how to get started:

Learn more about contributing to this repository, Code of Conduct

Semantic Versioning

omniauth-paypal-oauth2 follows Semantic Versioning 2.0 as defined at http://semver.org.

omniauth-paypal-oauth2's People

Contributors

cortlandd avatar dependabot[bot] avatar depfu[bot] avatar jonhue avatar nelsonwittwer avatar paulca avatar scttdavs avatar tswayne avatar

Stargazers

avatar avatar avatar avatar avatar avatar

Watchers

avatar avatar avatar

Forkers

vipulnsward sina-s sharang-d deandeblock etison nelsonwittwer cortlandd paulca simplywine scttdavs the-actual-damien jimmy2822 donaronline

omniauth-paypal-oauth2's Issues

invalid_request: redirect uri mismatch between auth code and token

First of all thanks for the great Gem.

I'm using
gem 'omniauth', '> 1.6.1'
gem 'omniauth-oauth2', '> 1.3.1'
gem 'omniauth-facebook', '~> 4.0.0'

During the callback phase, I get an "invalid_request: redirect URI mismatch between auth code and token" error. The issue seems to be introduced in omniauth-oauth2 1.4.0: omniauth/omniauth-oauth2#93
And the callback_url method redefinition proposed in the thread solves the issue.
Since the beginning, this gem has been dependent on omniauth-oauth2 1.4.0. Wondering if there is a work around that it's working with 1.4.0 or can the dependency downgraded to omniauth-oauth2 1.3.1 or possibly defining callback_url in the strategy?

Release 2.0.2

d685b22 Update rubocop-rspec to version 1.37.1 (#63)
2c9e14d [#54] Setup auto-merge (#65)
01a6102 Update rubocop: 0.77.0 → 0.78.0 (major) (#64)
7acaffa Update json to version 2.3.0 (#62)
a524921 Update rubocop to version 0.77.0 (#61)
e591e38 Update rubocop-rspec to version 1.37.0 (#60)
35868bf Update rubocop to version 0.76.0 (#59)
c90062d Update rubocop to version 0.75.1 (#58)
c0ac839 Update rspec to version 3.9.0 (#57)
67e79c3 Update rubocop to version 0.75.0 (#56)
b910890 Update rubocop-rspec to version 1.36.0 (#55)
a183f72 Update rubocop-rspec to version 1.35.0 (#53)
622d3a2 Update rubocop-rspec to version 1.34.1 (#52)
e6e96ac Update rubocop-rspec to version 1.34.0 (#51)
4e2ab19 Update rubocop to version 0.73.0 (#50)
5fc0af8 Relax json dependency (#49)
39ac92f Update rubocop to version 0.72.0 (#47)
0a4ebf8 Update rubocop to version 0.71.0 (#46)
b4d831e Update rubocop to version 0.70.0 (#45)
084e11c Update rubocop-rspec to version 1.33.0 (#44)

Could not find matching strategy for "paypal_oauth2"

Versions:

Ruby: 2.3.0p0
oauth2: 1.1.0
omniauth: 1.6.1
omniauth-oauth2: 1.4.0
omniauth-paypal-oauth2: 1.4.10

Logs:

/Users/evgeny/.rvm/gems/ruby-2.3.0/gems/omniauth-1.6.1/lib/omniauth/builder.rb:54:in `rescue in provider': Could not find matching strategy for "paypal_oauth2". You may need to install an additional gem (such as omniauth-paypal_oauth2). (LoadError)
	from /Users/evgeny/.rvm/gems/ruby-2.3.0/gems/omniauth-1.6.1/lib/omniauth/builder.rb:51:in `provider'
	from /Users/evgeny/Documents/Projects/houndandco/config/initializers/08_omniauth.rb:4:in `block in <top (required)>'
	from /Users/evgeny/.rvm/gems/ruby-2.3.0/gems/rack-1.6.5/lib/rack/builder.rb:55:in `instance_eval'
	from /Users/evgeny/.rvm/gems/ruby-2.3.0/gems/rack-1.6.5/lib/rack/builder.rb:55:in `initialize'
	from /Users/evgeny/.rvm/gems/ruby-2.3.0/gems/omniauth-1.6.1/lib/omniauth/builder.rb:6:in `initialize'

initializer:

Rails.application.config.middleware.use OmniAuth::Builder do
  provider :facebook, FACEBOOK_CONFIG['app_id'], FACEBOOK_CONFIG['app_secret'], :scope => 'email'
  provider :paypal_oauth2, PAYPAL_CONFIG['client_id'], PAYPAL_CONFIG['client_secret'], :strategy_class => OmniAuth::Strategies::PayPalOauth2
end

Scope variable is incorrect

Describe the bug
The scope defined at line 8 is incorrectly formatted. Paypal api requires is to contain openid and separated with spaces as specified here.

To Reproduce
Steps to reproduce the behavior:

  1. Go to 'YOURDOMAIN/users/auth/paypal_oauth2'
  2. See error: Invalid scope

Expected behavior
Updating the scope here to the following below will resolve the issue. And will be redirected to a paypal login

DEFAULT_SCOPE = 'openid email profile'

Desktop (please complete the following information):

  • Any Browser

Could not find a strategy with name `PayPal'

Logs:

c:/RailsInstaller/Ruby2.2.0/lib/ruby/gems/2.2.0/gems/devise-4.2.0/lib/devise/omniauth/config.rb:40:in autoload_strategy': Could not find a strategy with name PayPal'. Please ensure it is required or explicitly set it using the :strategy_class option. (Devise::OmniAuth::StrategyNotFound)

`raw_info['emails']` sometimes causes `undefined method detect for nil:NilClass`

Describe the bug
raw_info['emails'] sometimes causes undefined method detect for nil:NilClass

omniauth-paypal-oauth2/lib/omniauth/strategies/paypal_oauth2.rb

Line 33 in 1f62140

'email' => (raw_info['emails'].detect do |email|

To Reproduce
Not sure, I don't know what they users do to come back with that data, I also don't know what raw_data contained, just that 'emails' is nil.

First occurrence: 2020-01-31 15:46:39 UTC
Last occurrence: 2020-05-16 13:02:39 UTC
Occurrence count: 75

Expected behavior
Not raise an exception (I guess omniauth behavior is "OmniAuth will catch the response and then redirect the request to the path /auth/failure")

Desktop (please complete the following information):
Smartphone (please complete the following information):
The issue happened so far 75 times, these are the unique UAs:

Mozilla/5.0 (Android 10; Mobile; rv:68.0) Gecko/68.0 Firefox/68.0
Mozilla/5.0 (Android 9; Mobile; rv:68.0) Gecko/68.0 Firefox/68.0
Mozilla/5.0 (iPhone; CPU iPhone OS 13_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.0.4 Mobile/15E148 Safari/604.1
Mozilla/5.0 (iPhone; CPU iPhone OS 13_3_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.0.5 Mobile/15E148 Safari/604.1
Mozilla/5.0 (iPhone; CPU iPhone OS 13_4_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.1 Mobile/15E148 Safari/604.1
Mozilla/5.0 (Linux; Android 10; Pixel 3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.96 Mobile Safari/537.36
Mozilla/5.0 (Linux; Android 10; SAMSUNG SM-G973F/G973FXXU4BTA8) AppleWebKit/537.36 (KHTML, like Gecko) SamsungBrowser/11.1 Chrome/75.0.3770.143 Mobile Safari/537.36
Mozilla/5.0 (Linux; Android 10; SM-G960F) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.111 Mobile Safari/537.36
Mozilla/5.0 (Linux; Android 9; SAMSUNG SM-G950F) AppleWebKit/537.36 (KHTML, like Gecko) SamsungBrowser/11.1 Chrome/75.0.3770.143 Mobile Safari/537.36
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_4) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.1 Safari/605.1.15
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.18362
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.18363
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.106 Safari/537.36
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.116 Safari/537.36
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.122 Safari/537.36
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36 OPR/67.0.3575.115
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36 Edg/80.0.361.111
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36 OPR/67.0.3575.137
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.87 Safari/537.36
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.113 Safari/537.36
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.92 Safari/537.36
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:72.0) Gecko/20100101 Firefox/72.0
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:74.0) Gecko/20100101 Firefox/74.0
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:75.0) Gecko/20100101 Firefox/75.0
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Additional context

/GEM_ROOT/gems/omniauth-paypal-oauth2-2.0.2/lib/omniauth/strategies/paypal_oauth2.rb:33→ block in <class:PaypalOauth2>
/GEM_ROOT/gems/omniauth-1.9.0/lib/omniauth/strategy.rb:109→ instance_eval
/GEM_ROOT/gems/omniauth-1.9.0/lib/omniauth/strategy.rb:109→ block in compile_stack
/GEM_ROOT/gems/omniauth-1.9.0/lib/omniauth/strategy.rb:108→ each
/GEM_ROOT/gems/omniauth-1.9.0/lib/omniauth/strategy.rb:108→ inject
/GEM_ROOT/gems/omniauth-1.9.0/lib/omniauth/strategy.rb:108→ compile_stack
/GEM_ROOT/gems/omniauth-1.9.0/lib/omniauth/strategy.rb:102→ info_stack
/GEM_ROOT/gems/omniauth-1.9.0/lib/omniauth/strategy.rb:336→ info
/GEM_ROOT/gems/omniauth-1.9.0/lib/omniauth/strategy.rb:349→ auth_hash
/GEM_ROOT/gems/omniauth-1.9.0/lib/omniauth/strategy.rb:372→ callback_phase
/GEM_ROOT/gems/omniauth-oauth2-1.6.0/lib/omniauth/strategies/oauth2.rb:75→ callback_phase
/GEM_ROOT/gems/omniauth-1.9.0/lib/omniauth/strategy.rb:238→ callback_call

Relying Party Validation error

PayPal Error Message:

Sorry about that
Relying Party Validation error: client_id or redirect_uri provided in the request does not match any of the registered clients. Please check the request.

Relax json version requirement

Hi there,

In version 1.4.15, the dependency on json went from ~> 1.7 to ~> 2.1.

I have a bunch of other omniauth strategies that also depend on json ~> 1.7, so when I installed a later version of this gem, I couldn't bundle.

Does the dependency on json have to be strict? Is there divergence in the json API between 1.7 and 2.x? Would it be possible to depend maybe on something like '> 1.7', '< 3'?

—P

Paypal updating identity API

Is your feature request related to a problem? Please describe.
Yes, my company noticed that paypal is updating their identity api - "PayPal will make a change to the Identity API ... Depending upon how your integration consumes the API, you may need to make changes by March 4, 2019". Looking at the docs they linked us to (https://developer.paypal.com/docs/api/identity/v1/#userinfo) it looks like the route to /userinfo has changed from /v1/identity/openidconnect/userinfo to /v1/identity/oauth2/userinfo

Describe the solution you'd like
The load_identity method needs to reference the new api endpoint and consume the updated raw_info

Describe alternatives you've considered
N/A

Additional context
N/A

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.