auth_passport_checkpoint 0.0.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +15 -0
- data/MIT-LICENSE +20 -0
- data/README.rdoc +59 -0
- data/Rakefile +27 -0
- data/app/assets/javascripts/auth_passport_checkpoint/application.js +15 -0
- data/app/assets/stylesheets/auth_passport_checkpoint/application.css +13 -0
- data/app/controllers/auth_passport_checkpoint/application_controller.rb +4 -0
- data/app/helpers/auth_passport_checkpoint/application_helper.rb +4 -0
- data/app/views/layouts/auth_passport_checkpoint/application.html.erb +14 -0
- data/config/routes.rb +6 -0
- data/lib/auth_passport_checkpoint/engine.rb +26 -0
- data/lib/auth_passport_checkpoint/frontend_app/access_token_helper.rb +22 -0
- data/lib/auth_passport_checkpoint/intermediary_api/access_token_helper.rb +18 -0
- data/lib/auth_passport_checkpoint/intermediary_api/current_user_helper.rb +24 -0
- data/lib/auth_passport_checkpoint/signed_request.rb +25 -0
- data/lib/auth_passport_checkpoint/version.rb +3 -0
- data/lib/auth_passport_checkpoint.rb +20 -0
- data/lib/tasks/auth_passport_checkpoint_tasks.rake +4 -0
- metadata +118 -0
checksums.yaml
ADDED
@@ -0,0 +1,15 @@
|
|
1
|
+
---
|
2
|
+
!binary "U0hBMQ==":
|
3
|
+
metadata.gz: !binary |-
|
4
|
+
NjQyMjdlNzUyYjY2NDhhNTIzOTRhMzk3N2E1ZTBmMGJmMGZmNzcyYw==
|
5
|
+
data.tar.gz: !binary |-
|
6
|
+
NzRjNTkxMWViYjcxN2VkZTA1ZGZmYmYxYzA2YTAyNzViZTk3NGYyZQ==
|
7
|
+
!binary "U0hBNTEy":
|
8
|
+
metadata.gz: !binary |-
|
9
|
+
OGY0YTk5Y2VlYWYxOWQ5Mjg1ZmE1NTRlOTU3NDE2NDg1MjliMGRiZDcwNDE5
|
10
|
+
NzJjZjZmNmQyZjM4MzBhZjlkNmFiNTM5MDIyMzNkYjRjN2E4N2ZmYzEwN2I3
|
11
|
+
Mjc4ZGFmYzk5N2I3MDA3MmVmM2FiZjExYjVlNjdjNDYzZTNlMTY=
|
12
|
+
data.tar.gz: !binary |-
|
13
|
+
NTNjNmJhNDk1NTVmOGFjYjg1YmM0ZDhjM2U4Nzc1ZDM4NWJiYmJhYzA3MmM3
|
14
|
+
NGJjZDMxNjhjMzU3YjBiMmY5NzkzZjZlM2Q4NDU3ZWQzN2VjM2JmMDA0NWVi
|
15
|
+
OTNiZGY5ZDc2YWM3MGZjZWQ2MGVhY2RjNjVmODM5NTBjYzQ4ZDA=
|
data/MIT-LICENSE
ADDED
@@ -0,0 +1,20 @@
|
|
1
|
+
Copyright 2013 YOURNAME
|
2
|
+
|
3
|
+
Permission is hereby granted, free of charge, to any person obtaining
|
4
|
+
a copy of this software and associated documentation files (the
|
5
|
+
"Software"), to deal in the Software without restriction, including
|
6
|
+
without limitation the rights to use, copy, modify, merge, publish,
|
7
|
+
distribute, sublicense, and/or sell copies of the Software, and to
|
8
|
+
permit persons to whom the Software is furnished to do so, subject to
|
9
|
+
the following conditions:
|
10
|
+
|
11
|
+
The above copyright notice and this permission notice shall be
|
12
|
+
included in all copies or substantial portions of the Software.
|
13
|
+
|
14
|
+
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
|
15
|
+
EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
|
16
|
+
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
|
17
|
+
NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
|
18
|
+
LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
|
19
|
+
OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
|
20
|
+
WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
data/README.rdoc
ADDED
@@ -0,0 +1,59 @@
|
|
1
|
+
= AuthPassportCheckpoint
|
2
|
+
|
3
|
+
== Setup Sso Clyent
|
4
|
+
|
5
|
+
== Setup AuthOriginControl
|
6
|
+
|
7
|
+
== Usage
|
8
|
+
|
9
|
+
=== end client app
|
10
|
+
|
11
|
+
==== get current_user
|
12
|
+
# # Store token in session
|
13
|
+
# # Send request to ominauth with session token on each request,
|
14
|
+
# # Sign request to omniauth using auth_origin_control
|
15
|
+
|
16
|
+
before_filter :login_required
|
17
|
+
|
18
|
+
==== request sent to intermediary api
|
19
|
+
# -> send token + sign request with auth_origin_control
|
20
|
+
# -> if auth refused =>
|
21
|
+
# -> if app unidentified => no access to api
|
22
|
+
# -> if user unidentified => send to sso
|
23
|
+
|
24
|
+
# in controllers
|
25
|
+
signed_request_result(request_uri, options = {})
|
26
|
+
|
27
|
+
# Possible to override this in order to force request to force authentication on each request
|
28
|
+
#
|
29
|
+
# def login_required
|
30
|
+
# if !current_user
|
31
|
+
# respond_to do |format|
|
32
|
+
# format.html { redirect_to "#{SsoClyent.path}/auth/sso" }
|
33
|
+
# format.json { render :json => { 'error' => 'Access Denied' }.to_json }
|
34
|
+
# end
|
35
|
+
# end
|
36
|
+
# end
|
37
|
+
#
|
38
|
+
# def current_user
|
39
|
+
# return nil unless session[:user_id]
|
40
|
+
# users = user_klass
|
41
|
+
# uid = userid
|
42
|
+
# if users.respond_to?(:"find_by_#{uid}")
|
43
|
+
# @current_user ||= users.send(:"find_by_#{uid}", session[:user_id]['uid'])
|
44
|
+
# end
|
45
|
+
# end
|
46
|
+
#
|
47
|
+
# def current_access_token
|
48
|
+
# return nil unless session[:user_id]
|
49
|
+
# session[:user_id]['access_token']
|
50
|
+
# end
|
51
|
+
#
|
52
|
+
|
53
|
+
=== intermediary api
|
54
|
+
# # current_user
|
55
|
+
# -> get token from request
|
56
|
+
# -> get original client app from request
|
57
|
+
# => check original_client and user on each request
|
58
|
+
# => sign request to omniauth using auth origin_control
|
59
|
+
before_filter :login_required
|
data/Rakefile
ADDED
@@ -0,0 +1,27 @@
|
|
1
|
+
#!/usr/bin/env rake
|
2
|
+
begin
|
3
|
+
require 'bundler/setup'
|
4
|
+
rescue LoadError
|
5
|
+
puts 'You must `gem install bundler` and `bundle install` to run rake tasks'
|
6
|
+
end
|
7
|
+
begin
|
8
|
+
require 'rdoc/task'
|
9
|
+
rescue LoadError
|
10
|
+
require 'rdoc/rdoc'
|
11
|
+
require 'rake/rdoctask'
|
12
|
+
RDoc::Task = Rake::RDocTask
|
13
|
+
end
|
14
|
+
|
15
|
+
RDoc::Task.new(:rdoc) do |rdoc|
|
16
|
+
rdoc.rdoc_dir = 'rdoc'
|
17
|
+
rdoc.title = 'AuthPassportCheckpoint'
|
18
|
+
rdoc.options << '--line-numbers'
|
19
|
+
rdoc.rdoc_files.include('README.rdoc')
|
20
|
+
rdoc.rdoc_files.include('lib/**/*.rb')
|
21
|
+
end
|
22
|
+
|
23
|
+
|
24
|
+
|
25
|
+
|
26
|
+
Bundler::GemHelper.install_tasks
|
27
|
+
|
@@ -0,0 +1,15 @@
|
|
1
|
+
// This is a manifest file that'll be compiled into application.js, which will include all the files
|
2
|
+
// listed below.
|
3
|
+
//
|
4
|
+
// Any JavaScript/Coffee file within this directory, lib/assets/javascripts, vendor/assets/javascripts,
|
5
|
+
// or vendor/assets/javascripts of plugins, if any, can be referenced here using a relative path.
|
6
|
+
//
|
7
|
+
// It's not advisable to add code directly here, but if you do, it'll appear at the bottom of the
|
8
|
+
// the compiled file.
|
9
|
+
//
|
10
|
+
// WARNING: THE FIRST BLANK LINE MARKS THE END OF WHAT'S TO BE PROCESSED, ANY BLANK LINE SHOULD
|
11
|
+
// GO AFTER THE REQUIRES BELOW.
|
12
|
+
//
|
13
|
+
//= require jquery
|
14
|
+
//= require jquery_ujs
|
15
|
+
//= require_tree .
|
@@ -0,0 +1,13 @@
|
|
1
|
+
/*
|
2
|
+
* This is a manifest file that'll be compiled into application.css, which will include all the files
|
3
|
+
* listed below.
|
4
|
+
*
|
5
|
+
* Any CSS and SCSS file within this directory, lib/assets/stylesheets, vendor/assets/stylesheets,
|
6
|
+
* or vendor/assets/stylesheets of plugins, if any, can be referenced here using a relative path.
|
7
|
+
*
|
8
|
+
* You're free to add application-wide styles to this file and they'll appear at the top of the
|
9
|
+
* compiled file, but it's generally better to create a new file per style scope.
|
10
|
+
*
|
11
|
+
*= require_self
|
12
|
+
*= require_tree .
|
13
|
+
*/
|
@@ -0,0 +1,14 @@
|
|
1
|
+
<!DOCTYPE html>
|
2
|
+
<html>
|
3
|
+
<head>
|
4
|
+
<title>AuthPassportCheckpoint</title>
|
5
|
+
<%= stylesheet_link_tag "auth_passport_checkpoint/application", :media => "all" %>
|
6
|
+
<%= javascript_include_tag "auth_passport_checkpoint/application" %>
|
7
|
+
<%= csrf_meta_tags %>
|
8
|
+
</head>
|
9
|
+
<body>
|
10
|
+
|
11
|
+
<%= yield %>
|
12
|
+
|
13
|
+
</body>
|
14
|
+
</html>
|
data/config/routes.rb
ADDED
@@ -0,0 +1,26 @@
|
|
1
|
+
module AuthPassportCheckpoint
|
2
|
+
class Engine < ::Rails::Engine
|
3
|
+
isolate_namespace AuthPassportCheckpoint
|
4
|
+
|
5
|
+
|
6
|
+
config.auth_passport_checkpoint = ActiveSupport::OrderedOptions.new
|
7
|
+
|
8
|
+
initializer "auth_passport_checkpoint.configure" do |app|
|
9
|
+
AuthPassportCheckpoint.configure(app.config.auth_passport_checkpoint)
|
10
|
+
|
11
|
+
require 'auth_passport_checkpoint/frontend_app/access_token_helper'
|
12
|
+
require 'auth_passport_checkpoint/intermediary_api/access_token_helper'
|
13
|
+
require 'auth_passport_checkpoint/intermediary_api/current_user_helper'
|
14
|
+
require 'auth_passport_checkpoint/signed_request'
|
15
|
+
|
16
|
+
|
17
|
+
if ::AuthPassportCheckpoint.is_intermediary_api?
|
18
|
+
::AuthOriginControl.setup do |config|
|
19
|
+
config.local_or_remote_authority = "remote"
|
20
|
+
end
|
21
|
+
else
|
22
|
+
::Object.send(:require,'sso_clyent')
|
23
|
+
end
|
24
|
+
end
|
25
|
+
end
|
26
|
+
end
|
@@ -0,0 +1,22 @@
|
|
1
|
+
# module AccessTokenHelper
|
2
|
+
# extend ActiveSupport::Concern
|
3
|
+
#
|
4
|
+
# def current_access_token
|
5
|
+
# return nil unless session[:user_id]
|
6
|
+
# session[:user_id]['access_token']
|
7
|
+
# end
|
8
|
+
# end
|
9
|
+
# if !AuthPassportCheckpoint.is_intermediary_api?
|
10
|
+
# ActionController::Base.send :include, AccessTokenHelper
|
11
|
+
# end
|
12
|
+
|
13
|
+
if !AuthPassportCheckpoint.is_intermediary_api?
|
14
|
+
module AuthPassportCheckpoint
|
15
|
+
module Helper
|
16
|
+
def current_access_token
|
17
|
+
return nil unless session['user_id']
|
18
|
+
session['user_id'].try(:credentials).try(:token)
|
19
|
+
end
|
20
|
+
end
|
21
|
+
end
|
22
|
+
end
|
@@ -0,0 +1,18 @@
|
|
1
|
+
module AuthPassportCheckpoint
|
2
|
+
module IntermediaryApi
|
3
|
+
module AccessTokenHelper
|
4
|
+
|
5
|
+
def current_access_token
|
6
|
+
params[:access_token]
|
7
|
+
end
|
8
|
+
|
9
|
+
end
|
10
|
+
end
|
11
|
+
end
|
12
|
+
if AuthPassportCheckpoint.is_intermediary_api?
|
13
|
+
module AuthPassportCheckpoint
|
14
|
+
module Helper
|
15
|
+
include AuthPassportCheckpoint::IntermediaryApi::AccessTokenHelper
|
16
|
+
end
|
17
|
+
end
|
18
|
+
end
|
@@ -0,0 +1,24 @@
|
|
1
|
+
module AuthPassportCheckpoint
|
2
|
+
module IntermediaryApi
|
3
|
+
module CurrentUserHelper
|
4
|
+
|
5
|
+
def login_required
|
6
|
+
if !current_user
|
7
|
+
render :json => { 'error' => 'Access Denied' }.to_json
|
8
|
+
end
|
9
|
+
end
|
10
|
+
|
11
|
+
def current_user
|
12
|
+
@current_user ||= signed_request_result(AuthPassportCheckpoint.current_user_url)
|
13
|
+
end
|
14
|
+
end
|
15
|
+
end
|
16
|
+
end
|
17
|
+
|
18
|
+
if AuthPassportCheckpoint.is_intermediary_api?
|
19
|
+
module AuthPassportCheckpoint
|
20
|
+
module Helper
|
21
|
+
include AuthPassportCheckpoint::IntermediaryApi::CurrentUserHelper
|
22
|
+
end
|
23
|
+
end
|
24
|
+
end
|
@@ -0,0 +1,25 @@
|
|
1
|
+
module SignedRequestHelper
|
2
|
+
extend ActiveSupport::Concern
|
3
|
+
|
4
|
+
def signed_request_result(request_uri, args = {})
|
5
|
+
result = signed_request(request_uri, args = {}).result
|
6
|
+
result
|
7
|
+
end
|
8
|
+
|
9
|
+
def signed_request(request_uri, args = {})
|
10
|
+
request_params = (args[:params] || {}).merge({access_token: current_access_token})
|
11
|
+
AuthOriginControl::SignedRequest.new(request_uri, args.merge({:params => request_params}))
|
12
|
+
end
|
13
|
+
end
|
14
|
+
|
15
|
+
module AuthPassportCheckpoint
|
16
|
+
module Helper
|
17
|
+
include AuthOriginControl::Helpers # from AuthOriginControl
|
18
|
+
include SignedRequestHelper
|
19
|
+
end
|
20
|
+
end
|
21
|
+
|
22
|
+
class ActionController::Base
|
23
|
+
include AuthPassportCheckpoint::Helper
|
24
|
+
end
|
25
|
+
|
@@ -0,0 +1,20 @@
|
|
1
|
+
require "auth_passport_checkpoint/engine"
|
2
|
+
|
3
|
+
module AuthPassportCheckpoint
|
4
|
+
|
5
|
+
mattr_accessor :is_intermediary_api
|
6
|
+
def self.is_intermediary_api?
|
7
|
+
@@is_intermediary_api ||= false
|
8
|
+
end
|
9
|
+
|
10
|
+
mattr_accessor :current_user_url
|
11
|
+
def self.current_user_url
|
12
|
+
@@current_user_url ||= "http://localhost:3000/auth_passport_office/user"
|
13
|
+
end
|
14
|
+
|
15
|
+
def self.configure(args = {})
|
16
|
+
@@is_intermediary_api = args[:is_intermediary_api] || false
|
17
|
+
@@current_user_url = args[:current_user_url]
|
18
|
+
end
|
19
|
+
|
20
|
+
end
|
metadata
ADDED
@@ -0,0 +1,118 @@
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
2
|
+
name: auth_passport_checkpoint
|
3
|
+
version: !ruby/object:Gem::Version
|
4
|
+
version: 0.0.1
|
5
|
+
platform: ruby
|
6
|
+
authors:
|
7
|
+
- NicoArboagst
|
8
|
+
autorequire:
|
9
|
+
bindir: bin
|
10
|
+
cert_chain: []
|
11
|
+
date: 2013-08-28 00:00:00.000000000 Z
|
12
|
+
dependencies:
|
13
|
+
- !ruby/object:Gem::Dependency
|
14
|
+
name: rails
|
15
|
+
requirement: !ruby/object:Gem::Requirement
|
16
|
+
requirements:
|
17
|
+
- - ~>
|
18
|
+
- !ruby/object:Gem::Version
|
19
|
+
version: 3.2.12
|
20
|
+
type: :runtime
|
21
|
+
prerelease: false
|
22
|
+
version_requirements: !ruby/object:Gem::Requirement
|
23
|
+
requirements:
|
24
|
+
- - ~>
|
25
|
+
- !ruby/object:Gem::Version
|
26
|
+
version: 3.2.12
|
27
|
+
- !ruby/object:Gem::Dependency
|
28
|
+
name: auth_origin_control
|
29
|
+
requirement: !ruby/object:Gem::Requirement
|
30
|
+
requirements:
|
31
|
+
- - ! '>='
|
32
|
+
- !ruby/object:Gem::Version
|
33
|
+
version: '0'
|
34
|
+
type: :runtime
|
35
|
+
prerelease: false
|
36
|
+
version_requirements: !ruby/object:Gem::Requirement
|
37
|
+
requirements:
|
38
|
+
- - ! '>='
|
39
|
+
- !ruby/object:Gem::Version
|
40
|
+
version: '0'
|
41
|
+
- !ruby/object:Gem::Dependency
|
42
|
+
name: sso_clyent
|
43
|
+
requirement: !ruby/object:Gem::Requirement
|
44
|
+
requirements:
|
45
|
+
- - ! '>='
|
46
|
+
- !ruby/object:Gem::Version
|
47
|
+
version: '0'
|
48
|
+
type: :runtime
|
49
|
+
prerelease: false
|
50
|
+
version_requirements: !ruby/object:Gem::Requirement
|
51
|
+
requirements:
|
52
|
+
- - ! '>='
|
53
|
+
- !ruby/object:Gem::Version
|
54
|
+
version: '0'
|
55
|
+
- !ruby/object:Gem::Dependency
|
56
|
+
name: mysql2
|
57
|
+
requirement: !ruby/object:Gem::Requirement
|
58
|
+
requirements:
|
59
|
+
- - ! '>='
|
60
|
+
- !ruby/object:Gem::Version
|
61
|
+
version: '0'
|
62
|
+
type: :development
|
63
|
+
prerelease: false
|
64
|
+
version_requirements: !ruby/object:Gem::Requirement
|
65
|
+
requirements:
|
66
|
+
- - ! '>='
|
67
|
+
- !ruby/object:Gem::Version
|
68
|
+
version: '0'
|
69
|
+
description: ! 'Checks id at entry: id of users on client apps and on intermediary
|
70
|
+
apps (sso_clyent), id of apps on intermediary apps (auth_origin_control), id '
|
71
|
+
email:
|
72
|
+
- nicolas@rbogast.me
|
73
|
+
executables: []
|
74
|
+
extensions: []
|
75
|
+
extra_rdoc_files: []
|
76
|
+
files:
|
77
|
+
- app/assets/javascripts/auth_passport_checkpoint/application.js
|
78
|
+
- app/assets/stylesheets/auth_passport_checkpoint/application.css
|
79
|
+
- app/controllers/auth_passport_checkpoint/application_controller.rb
|
80
|
+
- app/helpers/auth_passport_checkpoint/application_helper.rb
|
81
|
+
- app/views/layouts/auth_passport_checkpoint/application.html.erb
|
82
|
+
- config/routes.rb
|
83
|
+
- lib/auth_passport_checkpoint/engine.rb
|
84
|
+
- lib/auth_passport_checkpoint/frontend_app/access_token_helper.rb
|
85
|
+
- lib/auth_passport_checkpoint/intermediary_api/access_token_helper.rb
|
86
|
+
- lib/auth_passport_checkpoint/intermediary_api/current_user_helper.rb
|
87
|
+
- lib/auth_passport_checkpoint/signed_request.rb
|
88
|
+
- lib/auth_passport_checkpoint/version.rb
|
89
|
+
- lib/auth_passport_checkpoint.rb
|
90
|
+
- lib/tasks/auth_passport_checkpoint_tasks.rake
|
91
|
+
- MIT-LICENSE
|
92
|
+
- Rakefile
|
93
|
+
- README.rdoc
|
94
|
+
homepage: https://github.com/NicoArbogast/auth_passport_checkpoint
|
95
|
+
licenses: []
|
96
|
+
metadata: {}
|
97
|
+
post_install_message:
|
98
|
+
rdoc_options: []
|
99
|
+
require_paths:
|
100
|
+
- lib
|
101
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
102
|
+
requirements:
|
103
|
+
- - ! '>='
|
104
|
+
- !ruby/object:Gem::Version
|
105
|
+
version: '0'
|
106
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
107
|
+
requirements:
|
108
|
+
- - ! '>='
|
109
|
+
- !ruby/object:Gem::Version
|
110
|
+
version: '0'
|
111
|
+
requirements: []
|
112
|
+
rubyforge_project:
|
113
|
+
rubygems_version: 2.0.7
|
114
|
+
signing_key:
|
115
|
+
specification_version: 4
|
116
|
+
summary: ! 'Checks id at entry: users and apps on both end client apps and intermediary
|
117
|
+
apis'
|
118
|
+
test_files: []
|