authorio 0.8.1 → 0.8.5
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +29 -0
- data/app/assets/stylesheets/authorio/auth.css +55 -1
- data/app/controllers/authorio/auth_controller.rb +69 -102
- data/app/controllers/authorio/authorio_controller.rb +78 -0
- data/app/controllers/authorio/sessions_controller.rb +33 -0
- data/app/controllers/authorio/users_controller.rb +34 -0
- data/app/helpers/authorio/tag_helper.rb +17 -0
- data/app/jobs/authorio/application_job.rb +2 -0
- data/app/models/authorio/application_record.rb +2 -0
- data/app/models/authorio/request.rb +48 -1
- data/app/models/authorio/session.rb +43 -0
- data/app/models/authorio/token.rb +23 -1
- data/app/models/authorio/user.rb +14 -0
- data/app/views/authorio/auth/authorization_interface.html.erb +14 -35
- data/app/views/authorio/auth/issue_token.json.jbuilder +7 -0
- data/app/views/authorio/auth/send_profile.json.jbuilder +3 -0
- data/app/views/authorio/auth/verify_token.json.jbuilder +5 -0
- data/app/views/authorio/sessions/new.html.erb +14 -0
- data/app/views/authorio/users/_profile.json.jbuilder +10 -0
- data/app/views/authorio/users/edit.html.erb +25 -0
- data/app/views/authorio/users/show.html.erb +18 -0
- data/app/views/authorio/users/verify.html.erb +1 -0
- data/app/views/layouts/authorio/main.html.erb +38 -0
- data/app/views/shared/_login_form.html.erb +41 -0
- data/config/routes.rb +15 -5
- data/db/migrate/20210723161041_add_expiry_to_tokens.rb +5 -0
- data/db/migrate/20210726164625_create_authorio_sessions.rb +12 -0
- data/db/migrate/20210801184120_add_profile_to_users.rb +8 -0
- data/db/migrate/20210817010101_change_path_to_username_in_users.rb +7 -0
- data/db/migrate/20210831155106_add_code_challenge_to_requests.rb +5 -0
- data/lib/authorio/configuration.rb +14 -9
- data/lib/authorio/engine.rb +11 -8
- data/lib/authorio/exceptions.rb +20 -3
- data/lib/authorio/routes.rb +10 -7
- data/lib/authorio/version.rb +3 -1
- data/lib/authorio.rb +15 -21
- data/lib/generators/authorio/install/install_generator.rb +3 -3
- data/lib/generators/authorio/install/templates/authorio.rb +22 -8
- data/lib/tasks/authorio_tasks.rake +15 -14
- metadata +49 -20
- data/app/controllers/authorio/application_controller.rb +0 -4
- data/app/controllers/authorio/helpers.rb +0 -17
- data/app/helpers/authorio/application_helper.rb +0 -4
- data/app/helpers/authorio/test_helper.rb +0 -4
- data/app/views/layouts/authorio/application.html.erb +0 -15
@@ -0,0 +1,12 @@
|
|
1
|
+
class CreateAuthorioSessions < ActiveRecord::Migration[6.1]
|
2
|
+
def change
|
3
|
+
create_table :authorio_sessions do |t|
|
4
|
+
t.references :authorio_user, null: false, foreign_key: true
|
5
|
+
t.string :selector
|
6
|
+
t.string :hashed_token
|
7
|
+
t.datetime :expires_at
|
8
|
+
t.timestamps
|
9
|
+
end
|
10
|
+
end
|
11
|
+
end
|
12
|
+
|
@@ -1,12 +1,17 @@
|
|
1
|
-
|
2
|
-
class Configuration
|
1
|
+
# frozen_string_literal: true
|
3
2
|
|
4
|
-
|
3
|
+
module Authorio
|
4
|
+
class Configuration
|
5
|
+
attr_accessor :authorization_endpoint, :token_endpoint, :mount_point, :token_expiration,
|
6
|
+
:local_session_lifetime, :multiuser
|
5
7
|
|
6
|
-
|
7
|
-
|
8
|
-
|
9
|
-
|
10
|
-
|
11
|
-
|
8
|
+
def initialize
|
9
|
+
@authorization_endpoint = 'auth'
|
10
|
+
@token_endpoint = 'token'
|
11
|
+
@mount_point = 'authorio'
|
12
|
+
@token_expiration = 4.weeks
|
13
|
+
@local_session_lifetime = nil
|
14
|
+
@multiuser = false
|
15
|
+
end
|
16
|
+
end
|
12
17
|
end
|
data/lib/authorio/engine.rb
CHANGED
@@ -1,14 +1,17 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
module Authorio
|
2
4
|
class Engine < ::Rails::Engine
|
3
|
-
|
4
|
-
|
5
|
-
initializer "authorio.load_helpers" do |app|
|
6
|
-
ActionController::Base.send :include, Authorio::Helpers
|
7
|
-
end
|
5
|
+
isolate_namespace Authorio
|
8
6
|
|
9
|
-
|
10
|
-
|
11
|
-
|
7
|
+
initializer 'authorio.load_helpers' do
|
8
|
+
Rails.application.reloader.to_prepare do
|
9
|
+
ActionView::Base.send :include, Authorio::TagHelper
|
10
|
+
end
|
11
|
+
end
|
12
12
|
|
13
|
+
initializer 'authorio.assets.precompile' do |app|
|
14
|
+
app.config.assets.precompile += %w[authorio/auth.css authorio/application.css]
|
15
|
+
end
|
13
16
|
end
|
14
17
|
end
|
data/lib/authorio/exceptions.rb
CHANGED
@@ -1,5 +1,22 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
module Authorio
|
2
|
-
|
3
|
-
|
4
|
-
|
4
|
+
module Exceptions
|
5
|
+
class InvalidGrant < RuntimeError; end
|
6
|
+
|
7
|
+
class InvalidPassword < RuntimeError; end
|
8
|
+
|
9
|
+
class SessionReplayAttack < StandardError
|
10
|
+
attr_accessor :session
|
11
|
+
|
12
|
+
def initialize(session)
|
13
|
+
super("Session replay attack on user account #{session.authorio_user.id}")
|
14
|
+
@session = session
|
15
|
+
end
|
16
|
+
end
|
17
|
+
|
18
|
+
class UserNotFound < StandardError; end
|
19
|
+
|
20
|
+
class TokenExpired < StandardError; end
|
21
|
+
end
|
5
22
|
end
|
data/lib/authorio/routes.rb
CHANGED
@@ -1,9 +1,12 @@
|
|
1
|
-
|
2
|
-
class Mapper
|
1
|
+
# frozen_string_literal: true
|
3
2
|
|
4
|
-
|
5
|
-
|
6
|
-
|
7
|
-
|
8
|
-
|
3
|
+
module ActionDispatch
|
4
|
+
module Routing
|
5
|
+
class Mapper
|
6
|
+
# Provide a custom mounting command, just so we can track our own mount point
|
7
|
+
def authorio_routes
|
8
|
+
mount Authorio::Engine, at: Authorio.configuration.mount_point
|
9
|
+
end
|
10
|
+
end
|
11
|
+
end
|
9
12
|
end
|
data/lib/authorio/version.rb
CHANGED
data/lib/authorio.rb
CHANGED
@@ -1,27 +1,21 @@
|
|
1
|
-
|
2
|
-
require "authorio/engine"
|
3
|
-
require "authorio/configuration"
|
4
|
-
require "authorio/routes"
|
5
|
-
require "authorio/exceptions"
|
1
|
+
# frozen_string_literal: true
|
6
2
|
|
7
|
-
|
8
|
-
class << self
|
9
|
-
attr_accessor :configuration, :authorization_path
|
10
|
-
end
|
3
|
+
Dir[File.join(__dir__, 'authorio', '*.rb')].sort.each { |f| require f }
|
11
4
|
|
12
|
-
|
13
|
-
|
14
|
-
|
5
|
+
module Authorio
|
6
|
+
def self.configuration
|
7
|
+
@configuration ||= Configuration.new
|
8
|
+
end
|
15
9
|
|
16
|
-
|
17
|
-
|
18
|
-
|
10
|
+
def self.configure
|
11
|
+
yield configuration
|
12
|
+
end
|
19
13
|
|
20
|
-
|
21
|
-
|
22
|
-
|
14
|
+
def self.authorization_path
|
15
|
+
[Authorio.configuration.mount_point, Authorio.configuration.authorization_endpoint].join('/')
|
16
|
+
end
|
23
17
|
|
24
|
-
|
25
|
-
|
26
|
-
|
18
|
+
def self.token_path
|
19
|
+
[Authorio.configuration.mount_point, Authorio.configuration.token_endpoint].join('/')
|
20
|
+
end
|
27
21
|
end
|
@@ -1,17 +1,17 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
module Authorio
|
2
4
|
class InstallGenerator < Rails::Generators::Base
|
3
|
-
|
4
5
|
def self.source_paths
|
5
6
|
paths = []
|
6
7
|
paths << File.expand_path('../templates', "../../#{__FILE__}")
|
7
8
|
paths << File.expand_path('../templates', "../#{__FILE__}")
|
8
|
-
paths << File.expand_path('
|
9
|
+
paths << File.expand_path('templates', __dir__)
|
9
10
|
paths.flatten
|
10
11
|
end
|
11
12
|
|
12
13
|
def add_files
|
13
14
|
template 'authorio.rb', 'config/initializers/authorio.rb'
|
14
15
|
end
|
15
|
-
|
16
16
|
end
|
17
17
|
end
|
@@ -1,15 +1,29 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
# Configuration for Authorio IndieAuth authentication
|
2
4
|
|
3
5
|
Authorio.configure do |config|
|
6
|
+
# Mount point for Authorio URLs. Typically you would call this in your routes.rb
|
7
|
+
# as mount Authorio::Engine, at: mount_point
|
8
|
+
# But Authorio needs to know its own mount point, so we define it here and use a custom mount command in the config
|
9
|
+
# config.mount_point = "authorio"
|
10
|
+
|
11
|
+
# The path where clients will be redirected to provide authentication
|
12
|
+
# config.authorization_endpoint = "auth"
|
13
|
+
|
14
|
+
# The path for token requests
|
15
|
+
# config.token_endpoint = "token"
|
4
16
|
|
5
|
-
|
6
|
-
|
7
|
-
|
8
|
-
# config.mount_point = "authorio"
|
17
|
+
# Set to true to enable multiple user accounts. By default (in single user mode)
|
18
|
+
# there is only one user, and therefore you do not need to enter a username
|
19
|
+
# config.multiuser = false
|
9
20
|
|
10
|
-
|
11
|
-
|
21
|
+
# How long tokens will last before expiring
|
22
|
+
# config.token_expiration = 4.weeks
|
12
23
|
|
13
|
-
|
14
|
-
|
24
|
+
# Enable local session lifetime to keep yourself "logged in" to your own server
|
25
|
+
# If set to eg:
|
26
|
+
# config.local_session_lifetime = 30.days
|
27
|
+
# then you will only have to enter your password every 30 days. Default is off (nil)
|
28
|
+
# config.local_session_lifetime = nil
|
15
29
|
end
|
@@ -1,18 +1,19 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
namespace :authorio do
|
2
|
-
|
3
|
-
|
4
|
+
desc 'Set password for initial Authorio user'
|
5
|
+
require 'io/console'
|
4
6
|
|
5
|
-
|
6
|
-
|
7
|
-
|
8
|
-
|
7
|
+
def input_no_echo(prompt)
|
8
|
+
print("\n#{prompt}")
|
9
|
+
$stdin.noecho(&:gets).chop
|
10
|
+
end
|
9
11
|
|
10
|
-
|
11
|
-
|
12
|
-
|
13
|
-
|
14
|
-
|
15
|
-
|
16
|
-
|
17
|
-
end
|
12
|
+
task password: :environment do
|
13
|
+
passwd = input_no_echo('Enter new password: ')
|
14
|
+
passwd_confirm = input_no_echo('Confirm password: ')
|
15
|
+
Authorio::User.create_with(password: passwd, password_confirmation: passwd_confirm)
|
16
|
+
.find_or_create_by!(profile_path: '/')
|
17
|
+
puts("\nPassword set")
|
18
|
+
end
|
18
19
|
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: authorio
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.8.
|
4
|
+
version: 0.8.5
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Michael Meckler
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2021-
|
11
|
+
date: 2021-09-10 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: rails
|
@@ -34,70 +34,84 @@ dependencies:
|
|
34
34
|
name: bcrypt
|
35
35
|
requirement: !ruby/object:Gem::Requirement
|
36
36
|
requirements:
|
37
|
-
- - "
|
37
|
+
- - "~>"
|
38
38
|
- !ruby/object:Gem::Version
|
39
39
|
version: '3.0'
|
40
40
|
type: :runtime
|
41
41
|
prerelease: false
|
42
42
|
version_requirements: !ruby/object:Gem::Requirement
|
43
43
|
requirements:
|
44
|
-
- - "
|
44
|
+
- - "~>"
|
45
45
|
- !ruby/object:Gem::Version
|
46
46
|
version: '3.0'
|
47
|
+
- !ruby/object:Gem::Dependency
|
48
|
+
name: jbuilder
|
49
|
+
requirement: !ruby/object:Gem::Requirement
|
50
|
+
requirements:
|
51
|
+
- - "~>"
|
52
|
+
- !ruby/object:Gem::Version
|
53
|
+
version: '2.0'
|
54
|
+
type: :runtime
|
55
|
+
prerelease: false
|
56
|
+
version_requirements: !ruby/object:Gem::Requirement
|
57
|
+
requirements:
|
58
|
+
- - "~>"
|
59
|
+
- !ruby/object:Gem::Version
|
60
|
+
version: '2.0'
|
47
61
|
- !ruby/object:Gem::Dependency
|
48
62
|
name: factory_bot_rails
|
49
63
|
requirement: !ruby/object:Gem::Requirement
|
50
64
|
requirements:
|
51
|
-
- - "
|
65
|
+
- - "~>"
|
52
66
|
- !ruby/object:Gem::Version
|
53
67
|
version: '6.0'
|
54
68
|
type: :development
|
55
69
|
prerelease: false
|
56
70
|
version_requirements: !ruby/object:Gem::Requirement
|
57
71
|
requirements:
|
58
|
-
- - "
|
72
|
+
- - "~>"
|
59
73
|
- !ruby/object:Gem::Version
|
60
74
|
version: '6.0'
|
61
75
|
- !ruby/object:Gem::Dependency
|
62
76
|
name: rspec
|
63
77
|
requirement: !ruby/object:Gem::Requirement
|
64
78
|
requirements:
|
65
|
-
- - "
|
79
|
+
- - "~>"
|
66
80
|
- !ruby/object:Gem::Version
|
67
81
|
version: '3.0'
|
68
82
|
type: :development
|
69
83
|
prerelease: false
|
70
84
|
version_requirements: !ruby/object:Gem::Requirement
|
71
85
|
requirements:
|
72
|
-
- - "
|
86
|
+
- - "~>"
|
73
87
|
- !ruby/object:Gem::Version
|
74
88
|
version: '3.0'
|
75
89
|
- !ruby/object:Gem::Dependency
|
76
90
|
name: rspec-rails
|
77
91
|
requirement: !ruby/object:Gem::Requirement
|
78
92
|
requirements:
|
79
|
-
- - "
|
93
|
+
- - "~>"
|
80
94
|
- !ruby/object:Gem::Version
|
81
95
|
version: '5.0'
|
82
96
|
type: :development
|
83
97
|
prerelease: false
|
84
98
|
version_requirements: !ruby/object:Gem::Requirement
|
85
99
|
requirements:
|
86
|
-
- - "
|
100
|
+
- - "~>"
|
87
101
|
- !ruby/object:Gem::Version
|
88
102
|
version: '5.0'
|
89
103
|
- !ruby/object:Gem::Dependency
|
90
104
|
name: byebug
|
91
105
|
requirement: !ruby/object:Gem::Requirement
|
92
106
|
requirements:
|
93
|
-
- - "
|
107
|
+
- - "~>"
|
94
108
|
- !ruby/object:Gem::Version
|
95
109
|
version: '11.0'
|
96
110
|
type: :development
|
97
111
|
prerelease: false
|
98
112
|
version_requirements: !ruby/object:Gem::Requirement
|
99
113
|
requirements:
|
100
|
-
- - "
|
114
|
+
- - "~>"
|
101
115
|
- !ruby/object:Gem::Version
|
102
116
|
version: '11.0'
|
103
117
|
description: Rails engine to add IndieAuth authentication endpoint functionality
|
@@ -113,22 +127,37 @@ files:
|
|
113
127
|
- app/assets/config/authorio_manifest.js
|
114
128
|
- app/assets/stylesheets/authorio/application.css
|
115
129
|
- app/assets/stylesheets/authorio/auth.css
|
116
|
-
- app/controllers/authorio/application_controller.rb
|
117
130
|
- app/controllers/authorio/auth_controller.rb
|
118
|
-
- app/controllers/authorio/
|
119
|
-
- app/
|
120
|
-
- app/
|
131
|
+
- app/controllers/authorio/authorio_controller.rb
|
132
|
+
- app/controllers/authorio/sessions_controller.rb
|
133
|
+
- app/controllers/authorio/users_controller.rb
|
134
|
+
- app/helpers/authorio/tag_helper.rb
|
121
135
|
- app/jobs/authorio/application_job.rb
|
122
136
|
- app/models/authorio/application_record.rb
|
123
137
|
- app/models/authorio/request.rb
|
138
|
+
- app/models/authorio/session.rb
|
124
139
|
- app/models/authorio/token.rb
|
125
140
|
- app/models/authorio/user.rb
|
126
141
|
- app/views/authorio/auth/authorization_interface.html.erb
|
127
|
-
- app/views/
|
142
|
+
- app/views/authorio/auth/issue_token.json.jbuilder
|
143
|
+
- app/views/authorio/auth/send_profile.json.jbuilder
|
144
|
+
- app/views/authorio/auth/verify_token.json.jbuilder
|
145
|
+
- app/views/authorio/sessions/new.html.erb
|
146
|
+
- app/views/authorio/users/_profile.json.jbuilder
|
147
|
+
- app/views/authorio/users/edit.html.erb
|
148
|
+
- app/views/authorio/users/show.html.erb
|
149
|
+
- app/views/authorio/users/verify.html.erb
|
150
|
+
- app/views/layouts/authorio/main.html.erb
|
151
|
+
- app/views/shared/_login_form.html.erb
|
128
152
|
- config/routes.rb
|
129
153
|
- db/migrate/20210627230156_create_authorio_users.rb
|
130
154
|
- db/migrate/20210627230416_create_authorio_requests.rb
|
131
155
|
- db/migrate/20210707230416_create_authorio_tokens.rb
|
156
|
+
- db/migrate/20210723161041_add_expiry_to_tokens.rb
|
157
|
+
- db/migrate/20210726164625_create_authorio_sessions.rb
|
158
|
+
- db/migrate/20210801184120_add_profile_to_users.rb
|
159
|
+
- db/migrate/20210817010101_change_path_to_username_in_users.rb
|
160
|
+
- db/migrate/20210831155106_add_code_challenge_to_requests.rb
|
132
161
|
- lib/authorio.rb
|
133
162
|
- lib/authorio/configuration.rb
|
134
163
|
- lib/authorio/engine.rb
|
@@ -138,12 +167,12 @@ files:
|
|
138
167
|
- lib/generators/authorio/install/install_generator.rb
|
139
168
|
- lib/generators/authorio/install/templates/authorio.rb
|
140
169
|
- lib/tasks/authorio_tasks.rake
|
141
|
-
homepage:
|
170
|
+
homepage:
|
142
171
|
licenses:
|
143
172
|
- MIT
|
144
173
|
metadata:
|
145
|
-
homepage_uri: https://rubygems.org/gems/authorio
|
146
174
|
source_code_uri: https://github.com/reiterate-app/authorio
|
175
|
+
changelog_uri: https://github.com/reiterate-app/authorio/blob/master/CHANGELOG.md
|
147
176
|
post_install_message:
|
148
177
|
rdoc_options: []
|
149
178
|
require_paths:
|
@@ -159,7 +188,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
159
188
|
- !ruby/object:Gem::Version
|
160
189
|
version: '0'
|
161
190
|
requirements: []
|
162
|
-
rubygems_version: 3.
|
191
|
+
rubygems_version: 3.1.6
|
163
192
|
signing_key:
|
164
193
|
specification_version: 4
|
165
194
|
summary: Indieauth Authentication endpoint for Rails
|