auth-proxy 1.0.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- data/.gitignore +8 -0
- data/.rubocop.yml +94 -0
- data/Gemfile +7 -0
- data/Gemfile.lock +65 -0
- data/README.md +145 -0
- data/Rakefile +2 -0
- data/auth-proxy.gemspec +25 -0
- data/bin/console +14 -0
- data/bin/setup +8 -0
- data/lib/auth-proxy.rb +1 -0
- data/lib/auth_proxy.rb +59 -0
- data/lib/auth_proxy/app.rb +72 -0
- data/lib/auth_proxy/config.rb +23 -0
- data/lib/auth_proxy/errors.rb +3 -0
- data/lib/auth_proxy/version.rb +3 -0
- data/views/layout.erb +28 -0
- data/views/login.erb +9 -0
- metadata +116 -0
checksums.yaml
ADDED
@@ -0,0 +1,7 @@
|
|
1
|
+
---
|
2
|
+
SHA1:
|
3
|
+
metadata.gz: 6ec8a799dae3f536a97750c0ec0557227796d3c4
|
4
|
+
data.tar.gz: 8b091ef9d05342311a9193828a739ac942b5c705
|
5
|
+
SHA512:
|
6
|
+
metadata.gz: 5f48c6d8f308389a11e68282fdfcc6d85230233c34f43acaa68d0e62c5cbe40dc3f6edadb619f0f9d53bc3d0c48be23c0f633e659ea1eaa328d56ba836e90f22
|
7
|
+
data.tar.gz: 28ef27de81f690ba78dc29010427992290af057cbe0ec8bdfde54436104c43ef8ae7ff2121620896dca6f6ab25ee5a60e914da3c18514a3fe2ef536f16b34136
|
data/.gitignore
ADDED
data/.rubocop.yml
ADDED
@@ -0,0 +1,94 @@
|
|
1
|
+
AllCops:
|
2
|
+
TargetRubyVersion: 2.3
|
3
|
+
# RuboCop has a bunch of cops enabled by default. This setting tells RuboCop
|
4
|
+
# to ignore them, so only the ones explicitly set in this file are enabled.
|
5
|
+
DisabledByDefault: true
|
6
|
+
Exclude:
|
7
|
+
- '**/templates/**/*'
|
8
|
+
- '**/vendor/**/*'
|
9
|
+
|
10
|
+
# Prefer &&/|| over and/or.
|
11
|
+
Style/AndOr:
|
12
|
+
Enabled: true
|
13
|
+
|
14
|
+
# Do not use braces for hash literals when they are the last argument of a
|
15
|
+
# method call.
|
16
|
+
Style/BracesAroundHashParameters:
|
17
|
+
Enabled: true
|
18
|
+
|
19
|
+
# Align `when` with `case`.
|
20
|
+
Style/CaseIndentation:
|
21
|
+
Enabled: true
|
22
|
+
|
23
|
+
# No extra empty lines.
|
24
|
+
Style/EmptyLines:
|
25
|
+
Enabled: true
|
26
|
+
|
27
|
+
# In a regular class definition, no empty lines around the body.
|
28
|
+
Style/EmptyLinesAroundClassBody:
|
29
|
+
Enabled: true
|
30
|
+
|
31
|
+
# In a regular module definition, no empty lines around the body.
|
32
|
+
Style/EmptyLinesAroundModuleBody:
|
33
|
+
Enabled: true
|
34
|
+
|
35
|
+
# Use Ruby >= 1.9 syntax for hashes. Prefer { a: :b } over { :a => :b }.
|
36
|
+
Style/HashSyntax:
|
37
|
+
Enabled: true
|
38
|
+
|
39
|
+
# Method definitions after `private` or `protected` isolated calls need one
|
40
|
+
# extra level of indentation.
|
41
|
+
Style/IndentationConsistency:
|
42
|
+
Enabled: true
|
43
|
+
EnforcedStyle: normal
|
44
|
+
|
45
|
+
# Two spaces, no tabs (for indentation).
|
46
|
+
Style/IndentationWidth:
|
47
|
+
Enabled: true
|
48
|
+
|
49
|
+
# Defining a method with parameters needs parentheses.
|
50
|
+
Style/MethodDefParentheses:
|
51
|
+
Enabled: true
|
52
|
+
|
53
|
+
# Use `foo {}` not `foo{}`.
|
54
|
+
Style/SpaceBeforeBlockBraces:
|
55
|
+
Enabled: true
|
56
|
+
|
57
|
+
# Use `foo { bar }` not `foo {bar}`.
|
58
|
+
Style/SpaceInsideBlockBraces:
|
59
|
+
Enabled: true
|
60
|
+
|
61
|
+
# Use `{ a: 1 }` not `{a:1}`.
|
62
|
+
Style/SpaceInsideHashLiteralBraces:
|
63
|
+
Enabled: true
|
64
|
+
|
65
|
+
# Check quotes usage according to lint rule below.
|
66
|
+
Style/StringLiterals:
|
67
|
+
Enabled: true
|
68
|
+
EnforcedStyle: double_quotes
|
69
|
+
|
70
|
+
# Detect hard tabs, no hard tabs.
|
71
|
+
Style/Tab:
|
72
|
+
Enabled: true
|
73
|
+
|
74
|
+
# Blank lines should not have any spaces.
|
75
|
+
Style/TrailingBlankLines:
|
76
|
+
Enabled: true
|
77
|
+
|
78
|
+
# No trailing whitespace.
|
79
|
+
Style/TrailingWhitespace:
|
80
|
+
Enabled: true
|
81
|
+
|
82
|
+
# Use quotes for string literals when they are enough.
|
83
|
+
Style/UnneededPercentQ:
|
84
|
+
Enabled: true
|
85
|
+
|
86
|
+
# Align `end` with the matching keyword or starting expression except for
|
87
|
+
# assignments, where it should be aligned with the LHS.
|
88
|
+
Lint/EndAlignment:
|
89
|
+
Enabled: true
|
90
|
+
AlignWith: variable
|
91
|
+
|
92
|
+
# Use my_method(my_arg) not my_method( my_arg ) or my_method my_arg.
|
93
|
+
Lint/RequireParentheses:
|
94
|
+
Enabled: true
|
data/Gemfile
ADDED
data/Gemfile.lock
ADDED
@@ -0,0 +1,65 @@
|
|
1
|
+
PATH
|
2
|
+
remote: .
|
3
|
+
specs:
|
4
|
+
auth-proxy (1.0.0)
|
5
|
+
json
|
6
|
+
sinatra
|
7
|
+
|
8
|
+
GEM
|
9
|
+
remote: https://rubygems.org/
|
10
|
+
specs:
|
11
|
+
better_errors (2.1.1)
|
12
|
+
coderay (>= 1.0.0)
|
13
|
+
erubis (>= 2.6.6)
|
14
|
+
rack (>= 0.9.0)
|
15
|
+
binding_of_caller (0.7.2)
|
16
|
+
debug_inspector (>= 0.0.1)
|
17
|
+
coderay (1.1.1)
|
18
|
+
debug_inspector (0.0.2)
|
19
|
+
erubis (2.7.0)
|
20
|
+
faraday (0.9.2)
|
21
|
+
multipart-post (>= 1.2, < 3)
|
22
|
+
hashie (3.4.6)
|
23
|
+
json (2.0.2)
|
24
|
+
jwt (1.5.6)
|
25
|
+
multi_json (1.12.1)
|
26
|
+
multi_xml (0.6.0)
|
27
|
+
multipart-post (2.0.0)
|
28
|
+
oauth2 (1.2.0)
|
29
|
+
faraday (>= 0.8, < 0.10)
|
30
|
+
jwt (~> 1.0)
|
31
|
+
multi_json (~> 1.3)
|
32
|
+
multi_xml (~> 0.5)
|
33
|
+
rack (>= 1.2, < 3)
|
34
|
+
omniauth (1.3.1)
|
35
|
+
hashie (>= 1.2, < 4)
|
36
|
+
rack (>= 1.0, < 3)
|
37
|
+
omniauth-oauth2 (1.4.0)
|
38
|
+
oauth2 (~> 1.0)
|
39
|
+
omniauth (~> 1.2)
|
40
|
+
omniauth-vsts (0.1.0)
|
41
|
+
omniauth (~> 1.0)
|
42
|
+
omniauth-oauth2 (>= 1.1.1)
|
43
|
+
rack (1.6.5)
|
44
|
+
rack-protection (1.5.3)
|
45
|
+
rack
|
46
|
+
rake (10.5.0)
|
47
|
+
sinatra (1.4.7)
|
48
|
+
rack (~> 1.5)
|
49
|
+
rack-protection (~> 1.4)
|
50
|
+
tilt (>= 1.3, < 3)
|
51
|
+
tilt (2.0.5)
|
52
|
+
|
53
|
+
PLATFORMS
|
54
|
+
ruby
|
55
|
+
|
56
|
+
DEPENDENCIES
|
57
|
+
auth-proxy!
|
58
|
+
better_errors
|
59
|
+
binding_of_caller
|
60
|
+
bundler (~> 1.13)
|
61
|
+
omniauth-vsts
|
62
|
+
rake (~> 10.0)
|
63
|
+
|
64
|
+
BUNDLED WITH
|
65
|
+
1.13.6
|
data/README.md
ADDED
@@ -0,0 +1,145 @@
|
|
1
|
+
# Auth::Proxy
|
2
|
+
|
3
|
+
External auth for your web services.
|
4
|
+
|
5
|
+
IMPORTANT: This is still under development and untested
|
6
|
+
|
7
|
+
## Usage
|
8
|
+
|
9
|
+
Create a directorry for your auth-proxy app.
|
10
|
+
|
11
|
+
Create a Gemfile and add the auth-proxy gem and any omniauth gems you want to use:
|
12
|
+
|
13
|
+
```ruby
|
14
|
+
gem "auth-proxy"
|
15
|
+
gem "omniauth-facebook"
|
16
|
+
gem "omniauth-twitter"
|
17
|
+
```
|
18
|
+
|
19
|
+
And then execute:
|
20
|
+
|
21
|
+
$ bundle install
|
22
|
+
|
23
|
+
Create a config.ru file:
|
24
|
+
|
25
|
+
```ruby
|
26
|
+
require "auth-proxy"
|
27
|
+
require "omniauth-facebook"
|
28
|
+
|
29
|
+
AuthProxy.configure do |config|
|
30
|
+
config.ssl = true
|
31
|
+
config.register :facebook,
|
32
|
+
display_name: "Facebook",
|
33
|
+
app_id: "ID",
|
34
|
+
app_secret: "SECRET"
|
35
|
+
end
|
36
|
+
|
37
|
+
run AuthProxy.app
|
38
|
+
```
|
39
|
+
|
40
|
+
And then execute
|
41
|
+
|
42
|
+
$ AUTH_PROXY_APP_DOMAIN=auth.my.domain AUTH_PROXY_COOKIE_DOMAIN=my.domain rackup config.ru
|
43
|
+
|
44
|
+
|
45
|
+
Now you can proxy requests through this app to be authenticated. One nice way of doing this is using nginx's
|
46
|
+
`auth_request` directive. Assuming you have different services under ops.company.tld domain
|
47
|
+
(service1.ops.company.tld service2.ops.company.tld etc) you would setup auth-proxy to run under
|
48
|
+
auth.ops.company.tld and keep the cookies under ops.company.tld so they will be available on all services:
|
49
|
+
|
50
|
+
$ AUTH_PROXY_APP_DOMAIN=auth.ops.company.tld AUTH_PROXY_COOKIE_DOMAIN=ops.company.tld rackup -p 5000 config.ru
|
51
|
+
|
52
|
+
In front of the auth-proxy you will have an nginx (or more nginx loadbalancers) with the following config:
|
53
|
+
|
54
|
+
```
|
55
|
+
worker_processes 1;
|
56
|
+
|
57
|
+
events {
|
58
|
+
worker_connections 1024;
|
59
|
+
}
|
60
|
+
|
61
|
+
http {
|
62
|
+
upstream auth {
|
63
|
+
server 127.0.0.1:6000 fail_timeout=0;
|
64
|
+
}
|
65
|
+
|
66
|
+
server {
|
67
|
+
listen 80;
|
68
|
+
server_name auth.ops.company.tld;
|
69
|
+
|
70
|
+
location / {
|
71
|
+
proxy_pass http://auth;
|
72
|
+
proxy_set_header Host $http_host;
|
73
|
+
proxy_set_header X-Real-IP $remote_addr;
|
74
|
+
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
75
|
+
proxy_set_header X-Forwarded-Proto $scheme;
|
76
|
+
}
|
77
|
+
}
|
78
|
+
}
|
79
|
+
```
|
80
|
+
|
81
|
+
Now for each app that needs to be authenticated you will need a nginx in front of it with the following
|
82
|
+
config:
|
83
|
+
|
84
|
+
```
|
85
|
+
worker_processes 1;
|
86
|
+
|
87
|
+
events {
|
88
|
+
worker_connections 1024;
|
89
|
+
}
|
90
|
+
|
91
|
+
http {
|
92
|
+
upstream service1 {
|
93
|
+
server 127.0.0.1:7000 fail_timeout=0;
|
94
|
+
}
|
95
|
+
|
96
|
+
|
97
|
+
server {
|
98
|
+
listen 7000;
|
99
|
+
server_name service1.ops.company.tld;
|
100
|
+
|
101
|
+
auth_request /auth/try;
|
102
|
+
|
103
|
+
# optional - if you need to pass to your app headers set by the auth-proxy
|
104
|
+
auth_request_set $auth_proxy_user_name $upstream_http_x_auth_proxy_user_name;
|
105
|
+
auth_request_set $auth_proxy_user_email $upstream_http_x_auth_proxy_user_email;
|
106
|
+
auth_request_set $auth_proxy_user_id $upstream_http_x_auth_proxy_user_id;
|
107
|
+
auth_request_set $auth_proxy_user_provider $upstream_http_x_auth_proxy_user_provider;
|
108
|
+
auth_request_set $auth_proxy_user_token $upstream_http_x_auth_proxy_user_token;
|
109
|
+
# optional end
|
110
|
+
|
111
|
+
error_page 401 403 =200 @login;
|
112
|
+
location @login {
|
113
|
+
return 301 https://auth.ops.company.tld/login?return_to=https://$http_host$request_uri;
|
114
|
+
}
|
115
|
+
|
116
|
+
location = /auth/try {
|
117
|
+
proxy_pass http://auth..ops.company.tld;
|
118
|
+
proxy_pass_request_body off;
|
119
|
+
proxy_set_header Content-Length "";
|
120
|
+
}
|
121
|
+
|
122
|
+
location / {
|
123
|
+
proxy_pass http://service1;
|
124
|
+
proxy_set_header Host $http_host;
|
125
|
+
proxy_set_header X-Real-IP $remote_addr;
|
126
|
+
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
127
|
+
proxy_set_header X-Forwarded-Proto $scheme;
|
128
|
+
# optional - if you need to pass to your app headers set by the auth-proxy
|
129
|
+
proxy_set_header X-Auth-Proxy-User-Name $auth_proxy_user_name;
|
130
|
+
proxy_set_header X-Auth-Proxy-User-Email $auth_proxy_user_email;
|
131
|
+
proxy_set_header X-Auth-Proxy-User-ID $auth_proxy_user_id;
|
132
|
+
proxy_set_header X-Auth-Proxy-User-provider $auth_proxy_user_provider;
|
133
|
+
proxy_set_header X-Auth-Proxy-User-token $auth_proxy_user_token;
|
134
|
+
# optional end
|
135
|
+
}
|
136
|
+
}
|
137
|
+
|
138
|
+
}
|
139
|
+
```
|
140
|
+
|
141
|
+
|
142
|
+
## Contributing
|
143
|
+
|
144
|
+
Bug reports and pull requests are welcome on GitHub at https://github.com/cristianbica/auth-proxy.
|
145
|
+
|
data/Rakefile
ADDED
data/auth-proxy.gemspec
ADDED
@@ -0,0 +1,25 @@
|
|
1
|
+
# coding: utf-8
|
2
|
+
lib = File.expand_path("../lib", __FILE__)
|
3
|
+
$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
|
4
|
+
require "auth_proxy/version"
|
5
|
+
|
6
|
+
Gem::Specification.new do |spec|
|
7
|
+
spec.name = "auth-proxy"
|
8
|
+
spec.version = AuthProxy::VERSION
|
9
|
+
spec.authors = ["Cristian Bica"]
|
10
|
+
spec.email = ["cristian.bica@gmail.com"]
|
11
|
+
|
12
|
+
spec.summary = "Auth Proxy App"
|
13
|
+
spec.description = "Auth Proxy App (supports user / pass, oauth2)"
|
14
|
+
spec.homepage = "https://github.com/cristianbica/auth-proxy"
|
15
|
+
|
16
|
+
spec.files = `git ls-files -z`.split("\x0").reject do |f|
|
17
|
+
f.match(%r{^(test|spec|features)/})
|
18
|
+
end
|
19
|
+
spec.require_paths = ["lib"]
|
20
|
+
|
21
|
+
spec.add_dependency "sinatra"
|
22
|
+
spec.add_dependency "json"
|
23
|
+
spec.add_development_dependency "bundler", "~> 1.13"
|
24
|
+
spec.add_development_dependency "rake", "~> 10.0"
|
25
|
+
end
|
data/bin/console
ADDED
@@ -0,0 +1,14 @@
|
|
1
|
+
#!/usr/bin/env ruby
|
2
|
+
|
3
|
+
require "bundler/setup"
|
4
|
+
require "auth_proxy"
|
5
|
+
|
6
|
+
# You can add fixtures and/or initialization code here to make experimenting
|
7
|
+
# with your gem easier. You can also use a different console, if you like.
|
8
|
+
|
9
|
+
# (If you use this, don't forget to add pry to your Gemfile!)
|
10
|
+
# require "pry"
|
11
|
+
# Pry.start
|
12
|
+
|
13
|
+
require "irb"
|
14
|
+
IRB.start
|
data/bin/setup
ADDED
data/lib/auth-proxy.rb
ADDED
@@ -0,0 +1 @@
|
|
1
|
+
require "auth_proxy"
|
data/lib/auth_proxy.rb
ADDED
@@ -0,0 +1,59 @@
|
|
1
|
+
require "auth_proxy/version"
|
2
|
+
require "auth_proxy/config"
|
3
|
+
require "auth_proxy/errors"
|
4
|
+
require "auth_proxy/app"
|
5
|
+
|
6
|
+
module AuthProxy
|
7
|
+
def self.configure(&block)
|
8
|
+
yield @config ||= AuthProxy::Config.new
|
9
|
+
end
|
10
|
+
|
11
|
+
def self.config
|
12
|
+
@config
|
13
|
+
end
|
14
|
+
|
15
|
+
configure do |config|
|
16
|
+
config.app_domain = ENV["AUTH_PROXY_APP_DOMAIN"]
|
17
|
+
config.cookie_domain = ENV["AUTH_PROXY_COOKIE_DOMAIN"]
|
18
|
+
config.ssl = false
|
19
|
+
end
|
20
|
+
|
21
|
+
def self.root_path
|
22
|
+
File.expand_path("../../", __FILE__)
|
23
|
+
end
|
24
|
+
|
25
|
+
def self.full_url
|
26
|
+
URI::Generic.build(
|
27
|
+
scheme: config.ssl ? "https" : "http",
|
28
|
+
host: config.app_domain
|
29
|
+
).to_s
|
30
|
+
end
|
31
|
+
|
32
|
+
def self.validate_auth_request(provider, request)
|
33
|
+
validator = config.providers[provider.to_s][:validator]
|
34
|
+
validator.call(request) unless validator.nil?
|
35
|
+
end
|
36
|
+
|
37
|
+
def self.app
|
38
|
+
Sinatra.new(AuthProxy::App) do
|
39
|
+
use Rack::Session::Cookie, key: "rack.session",
|
40
|
+
domain: "." + AuthProxy.config.cookie_domain,
|
41
|
+
path: "/",
|
42
|
+
expire_after: 2592000,
|
43
|
+
secret: "a-secret"
|
44
|
+
|
45
|
+
set :views, AuthProxy.config.views_path || "#{AuthProxy.root_path}/views"
|
46
|
+
|
47
|
+
if AuthProxy.config.providers.any?
|
48
|
+
OmniAuth.config.full_host = AuthProxy.full_url
|
49
|
+
OmniAuth.config.failure_raise_out_environments = []
|
50
|
+
use OmniAuth::Builder do
|
51
|
+
AuthProxy.config.providers.each do |name, p|
|
52
|
+
provider p[:provider], p[:app_id], p[:app_secret], p[:options]
|
53
|
+
end
|
54
|
+
end
|
55
|
+
end
|
56
|
+
end
|
57
|
+
end
|
58
|
+
|
59
|
+
end
|
@@ -0,0 +1,72 @@
|
|
1
|
+
require "sinatra/base"
|
2
|
+
require "json"
|
3
|
+
|
4
|
+
class AuthProxy::App < Sinatra::Base
|
5
|
+
if ENV["RACK_ENV"] == "development"
|
6
|
+
begin
|
7
|
+
require "better_errors"
|
8
|
+
use BetterErrors::Middleware
|
9
|
+
BetterErrors.application_root = __dir__
|
10
|
+
rescue
|
11
|
+
end
|
12
|
+
|
13
|
+
set :show_exceptions, :after_handler
|
14
|
+
end
|
15
|
+
|
16
|
+
get "/auth/:provider/callback" do
|
17
|
+
AuthProxy.validate_auth_request(params[:provider], request)
|
18
|
+
oauth = request.env["omniauth.auth"]
|
19
|
+
session[:authenticated] = "true"
|
20
|
+
session[:user_name] = oauth.info.name
|
21
|
+
session[:user_email] = oauth.info.email
|
22
|
+
session[:user_id] = oauth.uid
|
23
|
+
session[:user_provider] = params[:provider]
|
24
|
+
session[:user_token] = oauth.credentials.token
|
25
|
+
redirect session[:return_to] ? session.delete(:return_to) : "/"
|
26
|
+
end
|
27
|
+
|
28
|
+
get "/auth/failure" do
|
29
|
+
session[:alert] = params[:message]
|
30
|
+
redirect "/login"
|
31
|
+
end
|
32
|
+
|
33
|
+
get "/auth/try" do
|
34
|
+
if session[:authenticated] == "true"
|
35
|
+
auth_proxy_headers = {}
|
36
|
+
%i{user_name user_email user_id user_provider user_token}.each do |key|
|
37
|
+
auth_proxy_headers["x_auth_proxy_#{key}".gsub("_", "-")] = session[key]
|
38
|
+
end
|
39
|
+
headers auth_proxy_headers
|
40
|
+
halt 200
|
41
|
+
else
|
42
|
+
halt 401
|
43
|
+
end
|
44
|
+
end
|
45
|
+
|
46
|
+
get "/login" do
|
47
|
+
session[:return_to] = params[:return_to] if params[:return_to]
|
48
|
+
if session[:authenticated] == "true"
|
49
|
+
redirect session[:return_to] ? session.delete(:return_to) : "/"
|
50
|
+
else
|
51
|
+
erb :login, layout: :layout
|
52
|
+
end
|
53
|
+
end
|
54
|
+
|
55
|
+
get "/logout" do
|
56
|
+
session.clear
|
57
|
+
redirect request.referer || "/login"
|
58
|
+
end
|
59
|
+
|
60
|
+
get "/" do
|
61
|
+
if session[:authenticated] == "true"
|
62
|
+
erb "You're authenticated. Now navigate to your app"
|
63
|
+
else
|
64
|
+
redirect "/login"
|
65
|
+
end
|
66
|
+
end
|
67
|
+
|
68
|
+
error AuthProxy::ProviderValidationError do
|
69
|
+
session[:alert] = "Could not validate your credentials"
|
70
|
+
redirect "/login"
|
71
|
+
end
|
72
|
+
end
|
@@ -0,0 +1,23 @@
|
|
1
|
+
class AuthProxy::Config
|
2
|
+
attr_accessor :app_domain
|
3
|
+
attr_accessor :cookie_domain
|
4
|
+
attr_accessor :providers
|
5
|
+
attr_accessor :ssl
|
6
|
+
attr_accessor :views_path
|
7
|
+
|
8
|
+
def initialize
|
9
|
+
self.providers = {}
|
10
|
+
end
|
11
|
+
|
12
|
+
def register(provider, display_name:, app_id:, app_secret:, options: {}, validator: nil)
|
13
|
+
options[:callback_path] ||= "/auth/#{provider}/callback"
|
14
|
+
providers[provider.to_s] = {
|
15
|
+
provider: provider,
|
16
|
+
display_name: display_name,
|
17
|
+
app_id: app_id,
|
18
|
+
app_secret: app_secret,
|
19
|
+
validator: validator,
|
20
|
+
options: options
|
21
|
+
}
|
22
|
+
end
|
23
|
+
end
|
data/views/layout.erb
ADDED
@@ -0,0 +1,28 @@
|
|
1
|
+
<!doctype html>
|
2
|
+
<html lang="en">
|
3
|
+
<head>
|
4
|
+
<meta charset="utf-8">
|
5
|
+
<meta http-equiv="X-UA-Compatible" content="IE=edge">
|
6
|
+
<meta name="viewport" content="width=device-width, initial-scale=1.0, minimum-scale=1.0">
|
7
|
+
<title>Auth</title>
|
8
|
+
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0-alpha.5/css/bootstrap.min.css" integrity="sha384-AysaV+vQoT3kOAXZkl02PThvDr8HYKPZhNT5h/CXfBThSRXQ6jW5DO2ekP5ViFdi" crossorigin="anonymous">
|
9
|
+
<script src="https://code.jquery.com/jquery-3.1.1.js" integrity="sha256-16cdPddA6VdVInumRGo6IbivbERE8p7CQR3HzTBuELA=" crossorigin="anonymous"></script>
|
10
|
+
<script src="https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0-alpha.5/js/bootstrap.min.js" integrity="sha384-BLiI7JTZm+JWlgKa0M0kGRpJbF2J8q+qreVrKBC47e3K6BW78kGLrCkeRX6I9RoK" crossorigin="anonymous"></script>
|
11
|
+
</head>
|
12
|
+
<body>
|
13
|
+
<div class="container pt-2">
|
14
|
+
<% { alert: :danger, notice: :success }.each do |flash_type, alert_class| %>
|
15
|
+
<% if flash_message = session.delete(flash_type) %>
|
16
|
+
|
17
|
+
<div class="alert alert-<%= alert_class %> alert-dismissible fade in mb-2" role="alert">
|
18
|
+
<button type="button" class="close" data-dismiss="alert" aria-label="Close">
|
19
|
+
<span aria-hidden="true">×</span>
|
20
|
+
</button>
|
21
|
+
<%= flash_message %>
|
22
|
+
</div>
|
23
|
+
<% end %>
|
24
|
+
<% end %>
|
25
|
+
<%= yield %>
|
26
|
+
</div>
|
27
|
+
</body>
|
28
|
+
</html>
|
data/views/login.erb
ADDED
@@ -0,0 +1,9 @@
|
|
1
|
+
<div class="row">
|
2
|
+
<div class="col-xs-12 text-xs-center">
|
3
|
+
<% AuthProxy.config.providers.each do |name, provider| %>
|
4
|
+
<a href="/auth/<%= provider[:provider] %>" class="btn btn-primary">
|
5
|
+
Login with <%= provider[:display_name] %>
|
6
|
+
</a>
|
7
|
+
<% end %>
|
8
|
+
</div>
|
9
|
+
</div>
|
metadata
ADDED
@@ -0,0 +1,116 @@
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
2
|
+
name: auth-proxy
|
3
|
+
version: !ruby/object:Gem::Version
|
4
|
+
version: 1.0.0
|
5
|
+
platform: ruby
|
6
|
+
authors:
|
7
|
+
- Cristian Bica
|
8
|
+
autorequire:
|
9
|
+
bindir: bin
|
10
|
+
cert_chain: []
|
11
|
+
date: 2016-12-22 00:00:00.000000000 Z
|
12
|
+
dependencies:
|
13
|
+
- !ruby/object:Gem::Dependency
|
14
|
+
name: sinatra
|
15
|
+
requirement: !ruby/object:Gem::Requirement
|
16
|
+
requirements:
|
17
|
+
- - ">="
|
18
|
+
- !ruby/object:Gem::Version
|
19
|
+
version: '0'
|
20
|
+
type: :runtime
|
21
|
+
prerelease: false
|
22
|
+
version_requirements: !ruby/object:Gem::Requirement
|
23
|
+
requirements:
|
24
|
+
- - ">="
|
25
|
+
- !ruby/object:Gem::Version
|
26
|
+
version: '0'
|
27
|
+
- !ruby/object:Gem::Dependency
|
28
|
+
name: json
|
29
|
+
requirement: !ruby/object:Gem::Requirement
|
30
|
+
requirements:
|
31
|
+
- - ">="
|
32
|
+
- !ruby/object:Gem::Version
|
33
|
+
version: '0'
|
34
|
+
type: :runtime
|
35
|
+
prerelease: false
|
36
|
+
version_requirements: !ruby/object:Gem::Requirement
|
37
|
+
requirements:
|
38
|
+
- - ">="
|
39
|
+
- !ruby/object:Gem::Version
|
40
|
+
version: '0'
|
41
|
+
- !ruby/object:Gem::Dependency
|
42
|
+
name: bundler
|
43
|
+
requirement: !ruby/object:Gem::Requirement
|
44
|
+
requirements:
|
45
|
+
- - "~>"
|
46
|
+
- !ruby/object:Gem::Version
|
47
|
+
version: '1.13'
|
48
|
+
type: :development
|
49
|
+
prerelease: false
|
50
|
+
version_requirements: !ruby/object:Gem::Requirement
|
51
|
+
requirements:
|
52
|
+
- - "~>"
|
53
|
+
- !ruby/object:Gem::Version
|
54
|
+
version: '1.13'
|
55
|
+
- !ruby/object:Gem::Dependency
|
56
|
+
name: rake
|
57
|
+
requirement: !ruby/object:Gem::Requirement
|
58
|
+
requirements:
|
59
|
+
- - "~>"
|
60
|
+
- !ruby/object:Gem::Version
|
61
|
+
version: '10.0'
|
62
|
+
type: :development
|
63
|
+
prerelease: false
|
64
|
+
version_requirements: !ruby/object:Gem::Requirement
|
65
|
+
requirements:
|
66
|
+
- - "~>"
|
67
|
+
- !ruby/object:Gem::Version
|
68
|
+
version: '10.0'
|
69
|
+
description: Auth Proxy App (supports user / pass, oauth2)
|
70
|
+
email:
|
71
|
+
- cristian.bica@gmail.com
|
72
|
+
executables: []
|
73
|
+
extensions: []
|
74
|
+
extra_rdoc_files: []
|
75
|
+
files:
|
76
|
+
- ".gitignore"
|
77
|
+
- ".rubocop.yml"
|
78
|
+
- Gemfile
|
79
|
+
- Gemfile.lock
|
80
|
+
- README.md
|
81
|
+
- Rakefile
|
82
|
+
- auth-proxy.gemspec
|
83
|
+
- bin/console
|
84
|
+
- bin/setup
|
85
|
+
- lib/auth-proxy.rb
|
86
|
+
- lib/auth_proxy.rb
|
87
|
+
- lib/auth_proxy/app.rb
|
88
|
+
- lib/auth_proxy/config.rb
|
89
|
+
- lib/auth_proxy/errors.rb
|
90
|
+
- lib/auth_proxy/version.rb
|
91
|
+
- views/layout.erb
|
92
|
+
- views/login.erb
|
93
|
+
homepage: https://github.com/cristianbica/auth-proxy
|
94
|
+
licenses: []
|
95
|
+
metadata: {}
|
96
|
+
post_install_message:
|
97
|
+
rdoc_options: []
|
98
|
+
require_paths:
|
99
|
+
- lib
|
100
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
101
|
+
requirements:
|
102
|
+
- - ">="
|
103
|
+
- !ruby/object:Gem::Version
|
104
|
+
version: '0'
|
105
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
106
|
+
requirements:
|
107
|
+
- - ">="
|
108
|
+
- !ruby/object:Gem::Version
|
109
|
+
version: '0'
|
110
|
+
requirements: []
|
111
|
+
rubyforge_project:
|
112
|
+
rubygems_version: 2.5.1
|
113
|
+
signing_key:
|
114
|
+
specification_version: 4
|
115
|
+
summary: Auth Proxy App
|
116
|
+
test_files: []
|