faker-ruby · jclusso · Dec 9, 2025
diff --git a/doc/default/omniauth.md b/doc/default/omniauth.md
@@ -321,4 +321,87 @@ Faker::Omniauth.auth0 #=>
     }
   }
 }
+
+Faker::Omniauth.microsoft #=>
+{
+  :provider => "entra_id",
+  :uid => "a1b2c3d4e5f6a1b2c3d4e5f6a1b2c3d4e5f6a1b2c3d4e5f6a1b2c3d4e5f6a1b2",
+  :info => {
+    :name => "Jane Smith",
+    :email => "jane.smith@example.com",
+    :nickname => "jane.smith",
+    :first_name => "Jane",
+    :last_name => "Smith"
+  },
+  :credentials => {
+    :token => "8e668c5b994f3bfc38e3067e6ed960c5",
+    :refresh_token => "19f82075f7c69133452614bd177f4380",
+    :expires_at => 1654345109,
+    :expires => true
+  },
+  :extra => {
+    :raw_info => {
+      :iss => "https://login.microsoftonline.com/a1b2c3d4e5f6a1b2c3d4e5f6a1b2c3d4/v2.0",
+      :sub => "1234567890abcdef1234567890ab",
+      :aud => "client_id",
+      :exp => 1654345109,
+      :iat => 1654341509,
+      :nbf => 1654341509,
+      :name => "Jane Smith",
+      :preferred_username => "jane.smith@example.com",
+      :oid => "e5f6a1b2c3d4e5f6a1b2c3d4e5f6a1b2",
+      :tid => "a1b2c3d4e5f6a1b2c3d4e5f6a1b2c3d4",
+      :email => "jane.smith@example.com",
+      :email_verified => true,
+      :given_name => "Jane",
+      :family_name => "Smith"
+    }
+  }
+}
+
+Faker::Omniauth.oidc #=>
+{
+  :provider => "openid_connect",
+  :uid => "1234567890abcdef1234567890abcdef",
+  :info => {
+    :name => "John Doe",
+    :email => "john.doe@example.com",
+    :email_verified => true,
+    :nickname => "john.doe",
+    :first_name => "John",
+    :last_name => "Doe",
+    :gender => "male",
+    :image => "https://via.placeholder.com/300x300.png",
+    :phone => "+1-555-123-4567",
+    :urls => {
+      :website => "https://example.com"
+    }
+  },
+  :credentials => {
+    :id_token => "fcc25a5b606dbf3211b792b634cf92f3857da4cce725a019b2c492c4845fd63f",
+    :token => "8e668c5b994f3bfc38e3067e6ed960c5",
+    :refresh_token => "19f82075f7c69133452614bd177f4380",
+    :expires_in => 3600,
+    :scope => "openid profile email"
+  },
+  :extra => {
+    :raw_info => {
+      :sub => "1234567890abcdef1234567890abcdef",
+      :name => "John Doe",
+      :email => "john.doe@example.com",
+      :email_verified => true,
+      :preferred_username => "john.doe@example.com",
+      :given_name => "John",
+      :family_name => "Doe",
+      :gender => "male",
+      :picture => "https://via.placeholder.com/300x300.png",
+      :phone_number => "+1-555-123-4567",
+      :website => "https://example.com",
+      :iss => "https://example.com",
+      :aud => "client_id",
+      :exp => 1654345109,
+      :iat => 1654341509
+    }
+  }
+}
 ```
diff --git a/lib/faker/default/omniauth.rb b/lib/faker/default/omniauth.rb
@@ -27,10 +27,10 @@ class << self
       # @return [Hash] An auth hash in the format provided by omniauth-google.
       #
       # @faker.version 1.8.0
-      def google(name: nil, email: nil, uid: Number.number(digits: 9).to_s)
+      def google(provider: 'google_oauth2', name: nil, email: nil, uid: Number.number(digits: 9).to_s)
         auth = Omniauth.new(name: name, email: email)
         {
-          provider: 'google_oauth2',
+          provider: provider,
           uid: uid,
           info: {
             name: auth.name,
@@ -87,11 +87,11 @@ def google(name: nil, email: nil, uid: Number.number(digits: 9).to_s)
       # @return [Hash] An auth hash in the format provided by omniauth-facebook.
       #
       # @faker.version 1.8.0
-      def facebook(name: nil, email: nil, username: nil, uid: Number.number(digits: 7).to_s)
+      def facebook(provider: 'facebook', name: nil, email: nil, username: nil, uid: Number.number(digits: 7).to_s)
         auth = Omniauth.new(name: name, email: email)
         username ||= "#{auth.first_name.downcase[0]}#{auth.last_name.downcase}"
         {
-          provider: 'facebook',
+          provider: provider,
           uid: uid,
           info: {
             email: auth.email,
@@ -139,13 +139,13 @@ def facebook(name: nil, email: nil, username: nil, uid: Number.number(digits: 7)
       # @return [Hash] An auth hash in the format provided by omniauth-twitter.
       #
       # @faker.version 1.8.0
-      def twitter(name: nil, nickname: nil, uid: Number.number(digits: 6).to_s)
+      def twitter(provider: 'twitter', name: nil, nickname: nil, uid: Number.number(digits: 6).to_s)
         auth = Omniauth.new(name: name)
         nickname ||= auth.name.downcase.delete(' ')
         location = city_state
         description = Lorem.sentence
         {
-          provider: 'twitter',
+          provider: provider,
           uid: uid,
           info: {
             nickname: nickname,
@@ -222,7 +222,7 @@ def twitter(name: nil, nickname: nil, uid: Number.number(digits: 6).to_s)
       # @return [Hash] An auth hash in the format provided by omniauth-linkedin.
       #
       # @faker.version 1.8.0
-      def linkedin(name: nil, email: nil, uid: Number.number(digits: 6).to_s)
+      def linkedin(provider: 'linkedin', name: nil, email: nil, uid: Number.number(digits: 6).to_s)
         auth = Omniauth.new(name: name, email: email)
         first_name = auth.first_name.downcase
         last_name = auth.last_name.downcase
@@ -233,7 +233,7 @@ def linkedin(name: nil, email: nil, uid: Number.number(digits: 6).to_s)
         industry = Commerce.department
         url = "http://www.linkedin.com/in/#{first_name}#{last_name}"
         {
-          provider: 'linkedin',
+          provider: provider,
           uid: uid,
           info: {
             name: auth.name,
@@ -295,13 +295,13 @@ def linkedin(name: nil, email: nil, uid: Number.number(digits: 6).to_s)
       # @return [Hash] An auth hash in the format provided by omniauth-github.
       #
       # @faker.version 1.8.0
-      def github(name: nil, email: nil, uid: Number.number(digits: 8).to_s)
+      def github(provider: 'github', name: nil, email: nil, uid: Number.number(digits: 8).to_s)
         auth = Omniauth.new(name: name, email: email)
         login = auth.name.downcase.tr(' ', '-')
         html_url = "https://github.com/#{login}"
         api_url = "https://api.github.com/users/#{login}"
         {
-          provider: 'github',
+          provider: provider,
           uid: uid,
           info: {
             nickname: login,
@@ -363,11 +363,11 @@ def github(name: nil, email: nil, uid: Number.number(digits: 8).to_s)
       # @return [Hash] An auth hash in the format provided by omniauth-apple.
       #
       # @faker.version 2.3.0
-      def apple(name: nil, email: nil, uid: nil)
+      def apple(provider: 'apple', name: nil, email: nil, uid: nil)
         uid ||= "#{Number.number(digits: 6)}.#{Number.hexadecimal(digits: 32)}.#{Number.number(digits: 4)}"
         auth = Omniauth.new(name: name, email: email)
         {
-          provider: 'apple',
+          provider: provider,
           uid: uid,
           info: {
             sub: uid,
@@ -407,11 +407,11 @@ def apple(name: nil, email: nil, uid: nil)
       # @return [Hash] An auth hash in the format provided by omniauth-auth0.
       #
       # @faker.version next
-      def auth0(name: nil, email: nil, uid: nil)
+      def auth0(provider: 'auth0', name: nil, email: nil, uid: nil)
         uid ||= "auth0|#{Number.hexadecimal(digits: 24)}"
         auth = Omniauth.new(name: name, email: email)
         {
-          provider: 'auth0',
+          provider: provider,
           uid: uid,
           info: {
             name: uid,
@@ -441,6 +441,117 @@ def auth0(name: nil, email: nil, uid: nil)
         }
       end
 
+      ##
+      # Generate a mock Omniauth response from Microsoft Entra ID (Azure AD).
+      #
+      # @param name [String] A specific name to return in the response.
+      # @param email [String] A specific email to return in the response.
+      # @param uid [String] A specific UID to return in the response.
+      #
+      # @return [Hash] An auth hash in the format provided by omniauth-entra-id.
+      #
+      # @faker.version next
+      def microsoft(provider: 'entra_id', name: nil, email: nil, uid: nil)
+        auth = Omniauth.new(name: name, email: email)
+        tenant_id = Number.hexadecimal(digits: 32)
+        object_id = Number.hexadecimal(digits: 32)
+        uid ||= tenant_id + object_id
+        {
+          provider: provider,
+          uid: uid,
+          info: {
+            name: auth.name,
+            email: auth.email,
+            nickname: auth.name.downcase.tr(' ', '.'),
+            first_name: auth.first_name,
+            last_name: auth.last_name
+          },
+          credentials: {
+            token: Crypto.md5,
+            refresh_token: Crypto.md5,
+            expires_at: Time.forward.to_i,
+            expires: true
+          },
+          extra: {
+            raw_info: {
+              iss: "https://login.microsoftonline.com/#{tenant_id}/v2.0",
+              sub: Number.hexadecimal(digits: 28),
+              aud: 'client_id',
+              exp: Time.forward.to_i,
+              iat: Time.forward.to_i,
+              nbf: Time.forward.to_i,
+              name: auth.name,
+              preferred_username: auth.email,
+              oid: object_id,
+              tid: tenant_id,
+              email: auth.email,
+              email_verified: random_boolean,
+              given_name: auth.first_name,
+              family_name: auth.last_name
+            }
+          }
+        }
+      end
+
+      ##
+      # Generate a mock Omniauth response from OpenID Connect.
+      #
+      # @param name [String] A specific name to return in the response.
+      # @param email [String] A specific email to return in the response.
+      # @param uid [String] A specific UID to return in the response.
+      #
+      # @return [Hash] An auth hash in the format provided by omniauth-openid-connect.
+      #
+      # @faker.version next
+      def oidc(provider: 'openid_connect', name: nil, email: nil, uid: nil)
+        auth = Omniauth.new(name: name, email: email)
+        uid ||= Number.hexadecimal(digits: 32)
+        {
+          provider: provider,
+          uid: uid,
+          info: {
+            name: auth.name,
+            email: auth.email,
+            email_verified: random_boolean,
+            nickname: auth.name.downcase.tr(' ', '.'),
+            first_name: auth.first_name,
+            last_name: auth.last_name,
+            gender: gender,
+            image: image,
+            phone: PhoneNumber.phone_number,
+            urls: {
+              website: Internet.url
+            }
+          },
+          credentials: {
+            id_token: Crypto.sha256,
+            token: Crypto.md5,
+            refresh_token: Crypto.md5,
+            expires_in: 3600,
+            scope: 'openid profile email'
+          },
+          extra: {
+            raw_info: {
+              sub: uid,
+              name: auth.name,
+              email: auth.email,
+              email_verified: random_boolean,
+              preferred_username: auth.email,
+              given_name: auth.first_name,
+              family_name: auth.last_name,
+              gender: gender,
+              picture: image,
+              phone_number: PhoneNumber.phone_number,
+              website: Internet.url,
+              iss: 'https://example.com',
+              aud: 'client_id',
+              exp: Time.forward.to_i,
+              iat: Time.forward.to_i
+            }
+          }
+        }
+      end
+
       private
 
       def gender