authorio 0.8.0 → 0.8.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +23 -4
- data/app/controllers/authorio/auth_controller.rb +17 -10
- data/app/views/authorio/auth/authorization_interface.html.erb +1 -1
- data/lib/authorio/version.rb +1 -1
- metadata +13 -13
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 415f389a073c49afa82e47fc8caa28fb66d5586cc81758f63e4840f953fb7950
|
|
4
|
+
data.tar.gz: 6184be72a5c9f999984c33d6b24e4bd09ea6f0a15469512df70c833610477a69
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: fbfd300b93d372aa86257b484164be9944ce7950ebc91bfff3a1fe585f858e618e9dee0afbca33ea07953a8aea35b9c79f90cbca6b87e2b78e393cd7e1b9d810
|
|
7
|
+
data.tar.gz: ea5e5f5b850d0c88be5dfe2fbfd75abb747625059d544bfbd1988076a3c259bc69db8781036e4ad33d8a7d00f23577e06cc8402d11d0d126080334156048f9f1
|
data/README.md
CHANGED
|
@@ -34,13 +34,18 @@ You will need to install the migrations and then run them to add these tables
|
|
|
34
34
|
$ rails authorio:install:migrations
|
|
35
35
|
Copied migration 20210703002653_create_authorio_users.authorio.rb from authorio
|
|
36
36
|
Copied migration 20210703002654_create_authorio_requests.authorio.rb from authorio
|
|
37
|
+
Copied migration 20210710145519_create_authorio_tokens.authorio.rb from authorio
|
|
38
|
+
|
|
37
39
|
$ rails db:migrate
|
|
38
40
|
...
|
|
39
41
|
== 20210703002653 CreateAuthorioUsers: migrated (0.0038s) =====================
|
|
40
42
|
...
|
|
41
43
|
== 20210703002654 CreateAuthorioRequests: migrated (0.0041s) ==================
|
|
44
|
+
...
|
|
45
|
+
== 20210710145519 CreateAuthorioTokens: migrated (0.0037s) ====================
|
|
42
46
|
```
|
|
43
47
|
|
|
48
|
+
|
|
44
49
|
### 4. Install Authorio routes
|
|
45
50
|
Add the following line somewhere inside the `Rails.application.routes.draw do` block in your `config/routes.rb` file
|
|
46
51
|
```ruby
|
|
@@ -83,15 +88,29 @@ Now restart your rails app, and you should be all set!
|
|
|
83
88
|
|
|
84
89
|
## Usage
|
|
85
90
|
|
|
86
|
-
To test your authentication endpoint, find an IndieAuth client you can log in to. A simple test is
|
|
91
|
+
To test your authentication endpoint, find an IndieAuth client you can log in to. A simple test is to try and login
|
|
92
|
+
to the [IndieWeb.org website](https://indieweb.org)
|
|
87
93
|
|
|
88
|
-
|
|
89
|
-
|
|
94
|
+
- From the home page, click on *Log In* in the upper right, or visit the [login page](https://sso.indieweb.org/login?url=https%3A%2F%2Findieweb.org%2FMain_Page) directly.
|
|
95
|
+
- Enter your site's URL (or if you put the indieauth tag on a page other than your home page, enter that URL)
|
|
96
|
+
- You should be then be redirected back to your own site and the Authorio login UI
|
|
97
|
+
<p align="center">
|
|
90
98
|
<img src="./auth-ui.png" width="400">
|
|
99
|
+
</p>
|
|
91
100
|
|
|
92
|
-
Enter the password you set up when you installed Authorio. This should redirect you back to the client where you
|
|
101
|
+
- Enter the password you set up when you installed Authorio. This should redirect you back to the client where you
|
|
93
102
|
will be logged in!
|
|
94
103
|
|
|
104
|
+
## Configuration
|
|
105
|
+
|
|
106
|
+
When you installed Authorio it placed a config file in `config/initializers/authorio.rb`. If you want to change
|
|
107
|
+
one of the defaults you can uncomment it and specify it here.
|
|
108
|
+
|
|
109
|
+
### TODO
|
|
110
|
+
|
|
111
|
+
- [ ] Customizing the authentication view/UI
|
|
112
|
+
- [ ] Customizing the authentication method
|
|
113
|
+
|
|
95
114
|
## Contributing
|
|
96
115
|
Send pull requests to [Authorio on GitHub](https://github.com/reiterate-app/authorio)
|
|
97
116
|
|
|
@@ -7,14 +7,9 @@ module Authorio
|
|
|
7
7
|
|
|
8
8
|
def authorization_interface
|
|
9
9
|
p = auth_req_params
|
|
10
|
+
p[:me] ||= "#{host_with_protocol}/"
|
|
10
11
|
|
|
11
|
-
|
|
12
|
-
URI(p[:me]).path
|
|
13
|
-
else
|
|
14
|
-
'/'
|
|
15
|
-
end
|
|
16
|
-
|
|
17
|
-
user = User.find_by! profile_path: path
|
|
12
|
+
user = User.find_by! profile_path: URI(p[:me]).path
|
|
18
13
|
@user_url = p[:me] || user_url(user)
|
|
19
14
|
|
|
20
15
|
# If there are any old requests from this (client, user), delete them now
|
|
@@ -30,6 +25,10 @@ module Authorio
|
|
|
30
25
|
auth_request.save
|
|
31
26
|
session[:state] = p[:state]
|
|
32
27
|
session[:code_challenge] = p[:code_challenge]
|
|
28
|
+
|
|
29
|
+
rescue ActiveRecord::RecordNotFound
|
|
30
|
+
flash.now[:alert] = "Invalid user"
|
|
31
|
+
redirect_back fallback_location: Authorio.authorization_path, allow_other_host: false
|
|
33
32
|
end
|
|
34
33
|
|
|
35
34
|
def authorize_user
|
|
@@ -43,6 +42,9 @@ module Authorio
|
|
|
43
42
|
flash.now[:alert] = "Incorrect password. Try again."
|
|
44
43
|
redirect_back fallback_location: Authorio.authorization_path, allow_other_host: false
|
|
45
44
|
end
|
|
45
|
+
rescue ActiveRecord::RecordNotFound
|
|
46
|
+
flash.now[:alert] = "Invlaid user"
|
|
47
|
+
redirect_back fallback_location: Authorio.authorization_path, allow_other_host: false
|
|
46
48
|
end
|
|
47
49
|
|
|
48
50
|
def send_profile
|
|
@@ -70,13 +72,14 @@ module Authorio
|
|
|
70
72
|
end
|
|
71
73
|
|
|
72
74
|
def verify_token
|
|
73
|
-
token = Token.find_by auth_token: bearer_token
|
|
74
|
-
head :bad_request and return if token.nil?
|
|
75
|
+
token = Token.find_by! auth_token: bearer_token
|
|
75
76
|
render json: {
|
|
76
77
|
'me': user_url(token.authorio_user),
|
|
77
78
|
'client_id': token.client,
|
|
78
79
|
'scope': 'token.scope'
|
|
79
80
|
}
|
|
81
|
+
rescue ActiveRecord::RecordNotFound
|
|
82
|
+
head :bad_request
|
|
80
83
|
end
|
|
81
84
|
|
|
82
85
|
private
|
|
@@ -94,8 +97,12 @@ module Authorio
|
|
|
94
97
|
params.permit(:password, :url, :client)
|
|
95
98
|
end
|
|
96
99
|
|
|
100
|
+
def host_with_protocol
|
|
101
|
+
"#{request.scheme}://#{request.host}"
|
|
102
|
+
end
|
|
103
|
+
|
|
97
104
|
def user_url(user)
|
|
98
|
-
"#{
|
|
105
|
+
"#{host_with_protocol}#{user.profile_path}"
|
|
99
106
|
end
|
|
100
107
|
|
|
101
108
|
def invalid_grant
|
|
@@ -24,7 +24,7 @@
|
|
|
24
24
|
<%= form.label(:url, "User URL") %>
|
|
25
25
|
<%= form.text_field(:url, value: @user_url, readonly: true) %>
|
|
26
26
|
<%= form.label(:password, "Password") %>
|
|
27
|
-
<%= form.password_field(:password) %>
|
|
27
|
+
<%= form.password_field(:password, autofocus: true) %>
|
|
28
28
|
<%= form.hidden_field(:client, value: params[:client_id]) %>
|
|
29
29
|
<%= form.submit("Sign in", class: 'btn btn-success') %>
|
|
30
30
|
<% end %>
|
data/lib/authorio/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: authorio
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.8.
|
|
4
|
+
version: 0.8.1
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Michael Meckler
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2021-07-
|
|
11
|
+
date: 2021-07-13 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: rails
|
|
@@ -36,71 +36,71 @@ dependencies:
|
|
|
36
36
|
requirements:
|
|
37
37
|
- - ">="
|
|
38
38
|
- !ruby/object:Gem::Version
|
|
39
|
-
version: '0'
|
|
39
|
+
version: '3.0'
|
|
40
40
|
type: :runtime
|
|
41
41
|
prerelease: false
|
|
42
42
|
version_requirements: !ruby/object:Gem::Requirement
|
|
43
43
|
requirements:
|
|
44
44
|
- - ">="
|
|
45
45
|
- !ruby/object:Gem::Version
|
|
46
|
-
version: '0'
|
|
46
|
+
version: '3.0'
|
|
47
47
|
- !ruby/object:Gem::Dependency
|
|
48
48
|
name: factory_bot_rails
|
|
49
49
|
requirement: !ruby/object:Gem::Requirement
|
|
50
50
|
requirements:
|
|
51
51
|
- - ">="
|
|
52
52
|
- !ruby/object:Gem::Version
|
|
53
|
-
version: '0'
|
|
53
|
+
version: '6.0'
|
|
54
54
|
type: :development
|
|
55
55
|
prerelease: false
|
|
56
56
|
version_requirements: !ruby/object:Gem::Requirement
|
|
57
57
|
requirements:
|
|
58
58
|
- - ">="
|
|
59
59
|
- !ruby/object:Gem::Version
|
|
60
|
-
version: '0'
|
|
60
|
+
version: '6.0'
|
|
61
61
|
- !ruby/object:Gem::Dependency
|
|
62
62
|
name: rspec
|
|
63
63
|
requirement: !ruby/object:Gem::Requirement
|
|
64
64
|
requirements:
|
|
65
65
|
- - ">="
|
|
66
66
|
- !ruby/object:Gem::Version
|
|
67
|
-
version: '0'
|
|
67
|
+
version: '3.0'
|
|
68
68
|
type: :development
|
|
69
69
|
prerelease: false
|
|
70
70
|
version_requirements: !ruby/object:Gem::Requirement
|
|
71
71
|
requirements:
|
|
72
72
|
- - ">="
|
|
73
73
|
- !ruby/object:Gem::Version
|
|
74
|
-
version: '0'
|
|
74
|
+
version: '3.0'
|
|
75
75
|
- !ruby/object:Gem::Dependency
|
|
76
76
|
name: rspec-rails
|
|
77
77
|
requirement: !ruby/object:Gem::Requirement
|
|
78
78
|
requirements:
|
|
79
79
|
- - ">="
|
|
80
80
|
- !ruby/object:Gem::Version
|
|
81
|
-
version: '0'
|
|
81
|
+
version: '5.0'
|
|
82
82
|
type: :development
|
|
83
83
|
prerelease: false
|
|
84
84
|
version_requirements: !ruby/object:Gem::Requirement
|
|
85
85
|
requirements:
|
|
86
86
|
- - ">="
|
|
87
87
|
- !ruby/object:Gem::Version
|
|
88
|
-
version: '0'
|
|
88
|
+
version: '5.0'
|
|
89
89
|
- !ruby/object:Gem::Dependency
|
|
90
90
|
name: byebug
|
|
91
91
|
requirement: !ruby/object:Gem::Requirement
|
|
92
92
|
requirements:
|
|
93
93
|
- - ">="
|
|
94
94
|
- !ruby/object:Gem::Version
|
|
95
|
-
version: '0'
|
|
95
|
+
version: '11.0'
|
|
96
96
|
type: :development
|
|
97
97
|
prerelease: false
|
|
98
98
|
version_requirements: !ruby/object:Gem::Requirement
|
|
99
99
|
requirements:
|
|
100
100
|
- - ">="
|
|
101
101
|
- !ruby/object:Gem::Version
|
|
102
|
-
version: '0'
|
|
103
|
-
description: Rails engine to add IndieAuth authentication
|
|
102
|
+
version: '11.0'
|
|
103
|
+
description: Rails engine to add IndieAuth authentication endpoint functionality
|
|
104
104
|
email:
|
|
105
105
|
- rattroupe@reiterate-app.com
|
|
106
106
|
executables: []
|