Merge branch 'master' into support_client_assertion

.gitignore

@@ -17,3 +17,7 @@ Gemfile.lock
 
 # built gems
 *.gem
+
+# macOS metadata
+.DS_Store
+

CHANGELOG.md

@@ -1,5 +1,9 @@
 # Change Log
 
+## v2.4.0 (2024-10-17)
+
+Deprecation warnings for end-of-life of the gem under this name. No other changes. The GitHub repository is to be renamed and the gem released (starting at major version 3) as `omniauth-entra-id`, with some breaking changes but details of how to update will be provided in the new gem via an `UPGRADING.md` document.
+
 ## v2.3.0 (2024-07-16)
 
 [Implements](https://github.com/RIPAGlobal/omniauth-azure-activedirectory-v2/pull/29) support for on-premise Active Directory installations via the `adfs` option; see `README.md` for details - thanks @frenkel!

README.md

@@ -4,6 +4,8 @@
 [![Build Status](https://github.com/RIPAGlobal/omniauth-azure-activedirectory-v2/actions/workflows/master.yml/badge.svg)](https://github.com/RIPAGlobal/omniauth-azure-activedirectory-v2/actions)
 [![License](https://img.shields.io/github/license/RIPAGlobal/omniauth-azure-activedirectory-v2.svg)](LICENSE.txt)
 
+**IMPORTANT: V2 is end-of-life** and superseded by a renamed gem, since Microsoft in their "wisdom" renamed Azure AD to Entra ID. A gem using the old name will become increasingly hard for people to 'discover'. The major version bump provides an opportunity to fix a few things via breaking changes, too. Please switch to `omniauth-entra-id`.
+
 OAuth 2 authentication with [Azure ActiveDirectory's V2 API](https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-overview). Rationale:
 
 * https://github.com/marknadig/omniauth-azure-oauth2 is no longer maintained.

lib/omniauth/azure_activedirectory_v2.rb

@@ -1,2 +1,4 @@
+warn "[DEPRECATION] This gem has been renamed to 'omniauth-entra-id' and will no longer be supported. Please switch to 'omniauth-entra-id' as soon as possible."
+
 require File.join('omniauth', 'azure_activedirectory_v2', 'version')
 require File.join('omniauth', 'strategies', 'azure_activedirectory_v2')

lib/omniauth/azure_activedirectory_v2/version.rb

@@ -3,7 +3,7 @@ module Azure
     module Activedirectory
       module V2
         VERSION = "2.4.0"
-        DATE    = "2024-08-14"
+        DATE    = "2024-10-17"
       end
     end
   end

lib/omniauth/strategies/azure_activedirectory_v2.rb

@@ -64,15 +64,19 @@ def client
 
         options.custom_policy =
           provider.respond_to?(:custom_policy) ? provider.custom_policy : nil
+        options.tenant_name = 
+          provider.respond_to?(:tenant_name) ? provider.tenant_name : nil
 
         oauth2 = provider.respond_to?(:adfs?) && provider.adfs? ? 'oauth2' : 'oauth2/v2.0'
-        options.client_options.authorize_url = "#{options.base_azure_url}/#{options.tenant_id}/#{oauth2}/authorize"
-        options.client_options.token_url =
-          if options.custom_policy
-            "#{options.base_azure_url}/#{options.tenant_id}/#{options.custom_policy}/#{oauth2}/token"
-          else
-            "#{options.base_azure_url}/#{options.tenant_id}/#{oauth2}/token"
-          end
+
+        base_url = if options.custom_policy && options.tenant_name
+          "https://#{options.tenant_name}.b2clogin.com/#{options.tenant_name}.onmicrosoft.com/#{options.custom_policy}"
+        else
+          "#{options.base_azure_url}/#{options.tenant_id}"
+        end
+
+        options.client_options.authorize_url = "#{base_url}/#{oauth2}/authorize"
+        options.client_options.token_url = "#{base_url}/#{oauth2}/token"
 
         super
       end

omniauth-azure-activedirectory-v2.gemspec

@@ -8,6 +8,14 @@ require 'omniauth/azure_activedirectory_v2/version'
 # https://guides.rubygems.org/specification-reference/
 #
 Gem::Specification.new do |s|
+  s.post_install_message = <<-MESSAGE
+  !    The 'omniauth-azure-activedirectory-v2' gem has been deprecated and is
+  !    replaced by 'omniauth-entra-id'.
+  !
+  !    See: https://rubygems.org/gems/omniauth-entra-id
+  !    And: https://github.com/RIPAGlobal/omniauth-entra-id
+  MESSAGE
+
   s.name                  = 'omniauth-azure-activedirectory-v2'
   s.version               = OmniAuth::Azure::Activedirectory::V2::VERSION
   s.date                  = OmniAuth::Azure::Activedirectory::V2::DATE

spec/omniauth/strategies/azure_activedirectory_v2_spec.rb

@@ -40,11 +40,11 @@
         expect(subject.client.options[:token_url]).to eql('https://login.microsoftonline.com/tenant/oauth2/v2.0/token')
       end
 
-      context 'when a custom policy is present' do
-        it 'includes custom policy in token url' do
-          @options = { custom_policy: 'my_policy' }
+      context 'when a custom policy is present and start with b2c and tenant_name is present for b2c login' do
+        it 'includes custom policy and tenane name in authorize url' do
+          @options = { tenant_name: "test", custom_policy: 'my_policy' }
           allow(subject).to receive(:request) { request }
-          expect(subject.client.options[:token_url]).to eql('https://login.microsoftonline.com/tenant/my_policy/oauth2/v2.0/token')
+          expect(subject.client.options[:token_url]).to eql('https://test.b2clogin.com/test.onmicrosoft.com/my_policy/oauth2/v2.0/token')
         end
       end
 
@@ -191,6 +191,14 @@
         expect(subject.authorize_params[:scope]).to eql('openid profile email')
       end
 
+      context 'when a custom policy is present and start with b2c and tenant_name is present for b2c login' do
+        it 'includes custom policy and tenane name in authorize url' do
+          @options = { tenant_name: "test", custom_policy: 'my_policy' }
+          allow(subject).to receive(:request) { request }
+          expect(subject.client.options[:authorize_url]).to eql('https://test.b2clogin.com/test.onmicrosoft.com/my_policy/oauth2/v2.0/authorize')
+        end
+      end
+
       describe "overrides" do
         it 'should override domain_hint' do
           @options = {domain_hint: 'hint'}