auth_passport_checkpoint 0.0.1

checksums.yaml

@@ -0,0 +1,15 @@
+---
+!binary "U0hBMQ==":
+  metadata.gz: !binary |-
+    NjQyMjdlNzUyYjY2NDhhNTIzOTRhMzk3N2E1ZTBmMGJmMGZmNzcyYw==
+  data.tar.gz: !binary |-
+    NzRjNTkxMWViYjcxN2VkZTA1ZGZmYmYxYzA2YTAyNzViZTk3NGYyZQ==
+!binary "U0hBNTEy":
+  metadata.gz: !binary |-
+    OGY0YTk5Y2VlYWYxOWQ5Mjg1ZmE1NTRlOTU3NDE2NDg1MjliMGRiZDcwNDE5
+    NzJjZjZmNmQyZjM4MzBhZjlkNmFiNTM5MDIyMzNkYjRjN2E4N2ZmYzEwN2I3
+    Mjc4ZGFmYzk5N2I3MDA3MmVmM2FiZjExYjVlNjdjNDYzZTNlMTY=
+  data.tar.gz: !binary |-
+    NTNjNmJhNDk1NTVmOGFjYjg1YmM0ZDhjM2U4Nzc1ZDM4NWJiYmJhYzA3MmM3
+    NGJjZDMxNjhjMzU3YjBiMmY5NzkzZjZlM2Q4NDU3ZWQzN2VjM2JmMDA0NWVi
+    OTNiZGY5ZDc2YWM3MGZjZWQ2MGVhY2RjNjVmODM5NTBjYzQ4ZDA=

data/MIT-LICENSE

@@ -0,0 +1,20 @@
+Copyright 2013 YOURNAME
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.rdoc

@@ -0,0 +1,59 @@
+= AuthPassportCheckpoint
+
+== Setup Sso Clyent
+
+== Setup AuthOriginControl
+
+== Usage
+
+=== end client app
+
+==== get current_user 
+# # Store token in session
+# # Send request to ominauth with session token on each request,
+# # Sign request to omniauth using auth_origin_control
+
+before_filter :login_required
+
+==== request sent to intermediary api
+#   -> send token + sign request with auth_origin_control
+#   -> if auth refused => 
+#     -> if app unidentified => no access to api
+#     -> if user unidentified => send to sso
+
+# in controllers
+signed_request_result(request_uri, options = {})
+
+# Possible to override this in order to force request to force authentication on each request
+#
+# def login_required     
+#   if !current_user
+#     respond_to do |format|       
+#       format.html { redirect_to "#{SsoClyent.path}/auth/sso" }       
+#       format.json { render :json => { 'error' => 'Access Denied' }.to_json }       
+#     end       
+#   end       
+# end       
+# 
+# def current_user
+#   return nil unless session[:user_id]
+#   users = user_klass
+#   uid = userid
+#   if users.respond_to?(:"find_by_#{uid}")
+#     @current_user ||= users.send(:"find_by_#{uid}", session[:user_id]['uid'])
+#   end       
+# end
+#
+# def current_access_token
+#   return nil unless session[:user_id]
+#   session[:user_id]['access_token']
+# end
+#
+
+=== intermediary api
+# # current_user 
+#   -> get token from request
+#   -> get original client app from request
+#     => check original_client and user on each request
+#     => sign request to omniauth using auth origin_control 
+before_filter :login_required

data/Rakefile

@@ -0,0 +1,27 @@
+#!/usr/bin/env rake
+begin
+  require 'bundler/setup'
+rescue LoadError
+  puts 'You must `gem install bundler` and `bundle install` to run rake tasks'
+end
+begin
+  require 'rdoc/task'
+rescue LoadError
+  require 'rdoc/rdoc'
+  require 'rake/rdoctask'
+  RDoc::Task = Rake::RDocTask
+end
+
+RDoc::Task.new(:rdoc) do |rdoc|
+  rdoc.rdoc_dir = 'rdoc'
+  rdoc.title    = 'AuthPassportCheckpoint'
+  rdoc.options << '--line-numbers'
+  rdoc.rdoc_files.include('README.rdoc')
+  rdoc.rdoc_files.include('lib/**/*.rb')
+end
+
+
+
+
+Bundler::GemHelper.install_tasks
+

data/app/assets/javascripts/auth_passport_checkpoint/application.js

@@ -0,0 +1,15 @@
+// This is a manifest file that'll be compiled into application.js, which will include all the files
+// listed below.
+//
+// Any JavaScript/Coffee file within this directory, lib/assets/javascripts, vendor/assets/javascripts,
+// or vendor/assets/javascripts of plugins, if any, can be referenced here using a relative path.
+//
+// It's not advisable to add code directly here, but if you do, it'll appear at the bottom of the
+// the compiled file.
+//
+// WARNING: THE FIRST BLANK LINE MARKS THE END OF WHAT'S TO BE PROCESSED, ANY BLANK LINE SHOULD
+// GO AFTER THE REQUIRES BELOW.
+//
+//= require jquery
+//= require jquery_ujs
+//= require_tree .

data/app/assets/stylesheets/auth_passport_checkpoint/application.css

@@ -0,0 +1,13 @@
+/*
+ * This is a manifest file that'll be compiled into application.css, which will include all the files
+ * listed below.
+ *
+ * Any CSS and SCSS file within this directory, lib/assets/stylesheets, vendor/assets/stylesheets,
+ * or vendor/assets/stylesheets of plugins, if any, can be referenced here using a relative path.
+ *
+ * You're free to add application-wide styles to this file and they'll appear at the top of the
+ * compiled file, but it's generally better to create a new file per style scope.
+ *
+ *= require_self
+ *= require_tree .
+ */

data/app/controllers/auth_passport_checkpoint/application_controller.rb

@@ -0,0 +1,4 @@
+module AuthPassportCheckpoint
+  class ApplicationController < ActionController::Base
+  end
+end

data/app/helpers/auth_passport_checkpoint/application_helper.rb

@@ -0,0 +1,4 @@
+module AuthPassportCheckpoint
+  module ApplicationHelper
+  end
+end

data/app/views/layouts/auth_passport_checkpoint/application.html.erb

@@ -0,0 +1,14 @@
+<!DOCTYPE html>
+<html>
+<head>
+  <title>AuthPassportCheckpoint</title>
+  <%= stylesheet_link_tag    "auth_passport_checkpoint/application", :media => "all" %>
+  <%= javascript_include_tag "auth_passport_checkpoint/application" %>
+  <%= csrf_meta_tags %>
+</head>
+<body>
+
+<%= yield %>
+
+</body>
+</html>

data/config/routes.rb

@@ -0,0 +1,6 @@
+AuthPassportCheckpoint::Engine.routes.draw do
+  unless AuthPassportCheckpoint.is_intermediary_api?
+    mount SsoClyent::Engine => "/sso" 
+  end
+  
+end

data/lib/auth_passport_checkpoint/engine.rb

@@ -0,0 +1,26 @@
+module AuthPassportCheckpoint
+  class Engine < ::Rails::Engine
+    isolate_namespace AuthPassportCheckpoint
+
+
+    config.auth_passport_checkpoint = ActiveSupport::OrderedOptions.new
+
+    initializer "auth_passport_checkpoint.configure" do |app|
+      AuthPassportCheckpoint.configure(app.config.auth_passport_checkpoint)
+      
+      require 'auth_passport_checkpoint/frontend_app/access_token_helper'
+      require 'auth_passport_checkpoint/intermediary_api/access_token_helper'
+      require 'auth_passport_checkpoint/intermediary_api/current_user_helper'
+      require 'auth_passport_checkpoint/signed_request'
+      
+      
+      if ::AuthPassportCheckpoint.is_intermediary_api?
+        ::AuthOriginControl.setup do |config|
+          config.local_or_remote_authority = "remote"
+        end
+      else
+        ::Object.send(:require,'sso_clyent') 
+      end
+    end
+  end
+end

data/lib/auth_passport_checkpoint/frontend_app/access_token_helper.rb

@@ -0,0 +1,22 @@
+# module AccessTokenHelper
+#   extend ActiveSupport::Concern
+#   
+#   def current_access_token
+#     return nil unless session[:user_id]
+#     session[:user_id]['access_token']
+#   end
+# end
+# if !AuthPassportCheckpoint.is_intermediary_api?
+#   ActionController::Base.send :include, AccessTokenHelper
+# end
+
+if !AuthPassportCheckpoint.is_intermediary_api?
+  module AuthPassportCheckpoint
+    module Helper
+      def current_access_token
+        return nil unless session['user_id']
+        session['user_id'].try(:credentials).try(:token)
+      end
+    end
+  end
+end

data/lib/auth_passport_checkpoint/intermediary_api/access_token_helper.rb

@@ -0,0 +1,18 @@
+module AuthPassportCheckpoint
+  module IntermediaryApi
+    module AccessTokenHelper
+      
+      def current_access_token
+        params[:access_token]
+      end
+      
+    end
+  end
+end
+if AuthPassportCheckpoint.is_intermediary_api?
+  module AuthPassportCheckpoint
+    module Helper
+      include AuthPassportCheckpoint::IntermediaryApi::AccessTokenHelper
+    end
+  end
+end

data/lib/auth_passport_checkpoint/intermediary_api/current_user_helper.rb

@@ -0,0 +1,24 @@
+module AuthPassportCheckpoint
+  module IntermediaryApi
+    module CurrentUserHelper
+      
+      def login_required     
+        if !current_user
+          render :json => { 'error' => 'Access Denied' }.to_json
+        end       
+      end       
+    
+      def current_user
+        @current_user ||= signed_request_result(AuthPassportCheckpoint.current_user_url)
+      end
+    end
+  end
+end
+
+if AuthPassportCheckpoint.is_intermediary_api?
+  module AuthPassportCheckpoint
+    module Helper
+      include AuthPassportCheckpoint::IntermediaryApi::CurrentUserHelper
+    end
+  end
+end

data/lib/auth_passport_checkpoint/signed_request.rb

@@ -0,0 +1,25 @@
+module SignedRequestHelper
+  extend ActiveSupport::Concern
+  
+  def signed_request_result(request_uri, args = {})
+    result = signed_request(request_uri, args = {}).result
+    result
+  end
+  
+  def signed_request(request_uri, args = {})
+    request_params = (args[:params] || {}).merge({access_token: current_access_token})
+    AuthOriginControl::SignedRequest.new(request_uri, args.merge({:params => request_params}))
+  end
+end
+
+module AuthPassportCheckpoint
+  module Helper
+    include AuthOriginControl::Helpers # from AuthOriginControl
+    include SignedRequestHelper
+  end
+end
+
+class ActionController::Base
+  include AuthPassportCheckpoint::Helper
+end
+

data/lib/auth_passport_checkpoint/version.rb

@@ -0,0 +1,3 @@
+module AuthPassportCheckpoint
+  VERSION = "0.0.1"
+end

data/lib/auth_passport_checkpoint.rb

@@ -0,0 +1,20 @@
+require "auth_passport_checkpoint/engine"
+
+module AuthPassportCheckpoint
+  
+  mattr_accessor :is_intermediary_api
+  def self.is_intermediary_api?
+    @@is_intermediary_api ||= false
+  end
+
+  mattr_accessor :current_user_url
+  def self.current_user_url
+    @@current_user_url ||= "http://localhost:3000/auth_passport_office/user"
+  end
+  
+  def self.configure(args = {})
+    @@is_intermediary_api = args[:is_intermediary_api] || false
+    @@current_user_url = args[:current_user_url]
+  end
+  
+end

data/lib/tasks/auth_passport_checkpoint_tasks.rake

@@ -0,0 +1,4 @@
+# desc "Explaining what the task does"
+# task :auth_passport_checkpoint do
+#   # Task goes here
+# end

metadata

@@ -0,0 +1,118 @@
+--- !ruby/object:Gem::Specification
+name: auth_passport_checkpoint
+version: !ruby/object:Gem::Version
+  version: 0.0.1
+platform: ruby
+authors:
+- NicoArboagst
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2013-08-28 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: rails
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 3.2.12
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 3.2.12
+- !ruby/object:Gem::Dependency
+  name: auth_origin_control
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: sso_clyent
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: mysql2
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+description: ! 'Checks id at entry: id of users on client apps and on intermediary
+  apps (sso_clyent), id of apps on intermediary apps (auth_origin_control), id '
+email:
+- nicolas@rbogast.me
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- app/assets/javascripts/auth_passport_checkpoint/application.js
+- app/assets/stylesheets/auth_passport_checkpoint/application.css
+- app/controllers/auth_passport_checkpoint/application_controller.rb
+- app/helpers/auth_passport_checkpoint/application_helper.rb
+- app/views/layouts/auth_passport_checkpoint/application.html.erb
+- config/routes.rb
+- lib/auth_passport_checkpoint/engine.rb
+- lib/auth_passport_checkpoint/frontend_app/access_token_helper.rb
+- lib/auth_passport_checkpoint/intermediary_api/access_token_helper.rb
+- lib/auth_passport_checkpoint/intermediary_api/current_user_helper.rb
+- lib/auth_passport_checkpoint/signed_request.rb
+- lib/auth_passport_checkpoint/version.rb
+- lib/auth_passport_checkpoint.rb
+- lib/tasks/auth_passport_checkpoint_tasks.rake
+- MIT-LICENSE
+- Rakefile
+- README.rdoc
+homepage: https://github.com/NicoArbogast/auth_passport_checkpoint
+licenses: []
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.0.7
+signing_key: 
+specification_version: 4
+summary: ! 'Checks id at entry: users and apps on both end client apps and intermediary
+  apis'
+test_files: []