authorio 0.8.0 → 0.8.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (6) hide show
  1. checksums.yaml +4 -4
  2. data/README.md +23 -4
  3. data/app/controllers/authorio/auth_controller.rb +17 -10
  4. data/app/views/authorio/auth/authorization_interface.html.erb +1 -1
  5. data/lib/authorio/version.rb +1 -1
  6. metadata +13 -13
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 9a376e3f8c81fdc53ac6c223c42fedadb43cdc02129713ca6756db1506c07f10
4
- data.tar.gz: 761c806afafae95a35e97e97b784ae4271cc09fb7cbb6eb6001571e9319cc6a2
3
+ metadata.gz: 415f389a073c49afa82e47fc8caa28fb66d5586cc81758f63e4840f953fb7950
4
+ data.tar.gz: 6184be72a5c9f999984c33d6b24e4bd09ea6f0a15469512df70c833610477a69
5
5
  SHA512:
6
- metadata.gz: 32c86c4be9a8cf949ba616797d0a7b505213687d09435ae7c8e0a5588224076c73b0aab4e7b985af74baa89963dafabdc2db7f562982165886dc8085e2fd88c7
7
- data.tar.gz: c9bbaf3bce9c291ddf5619a62caa03962d31c1e57abf0fe45baae96d2325cbd1f0d46f1d6c5477fb9cef6dafa9eb54f4ee2874820e8e74b662dd7e8c9d6aa77d
6
+ metadata.gz: fbfd300b93d372aa86257b484164be9944ce7950ebc91bfff3a1fe585f858e618e9dee0afbca33ea07953a8aea35b9c79f90cbca6b87e2b78e393cd7e1b9d810
7
+ data.tar.gz: ea5e5f5b850d0c88be5dfe2fbfd75abb747625059d544bfbd1988076a3c259bc69db8781036e4ad33d8a7d00f23577e06cc8402d11d0d126080334156048f9f1
data/README.md CHANGED
@@ -34,13 +34,18 @@ You will need to install the migrations and then run them to add these tables
34
34
  $ rails authorio:install:migrations
35
35
  Copied migration 20210703002653_create_authorio_users.authorio.rb from authorio
36
36
  Copied migration 20210703002654_create_authorio_requests.authorio.rb from authorio
37
+ Copied migration 20210710145519_create_authorio_tokens.authorio.rb from authorio
38
+
37
39
  $ rails db:migrate
38
40
  ...
39
41
  == 20210703002653 CreateAuthorioUsers: migrated (0.0038s) =====================
40
42
  ...
41
43
  == 20210703002654 CreateAuthorioRequests: migrated (0.0041s) ==================
44
+ ...
45
+ == 20210710145519 CreateAuthorioTokens: migrated (0.0037s) ====================
42
46
  ```
43
47
 
48
+
44
49
  ### 4. Install Authorio routes
45
50
  Add the following line somewhere inside the `Rails.application.routes.draw do` block in your `config/routes.rb` file
46
51
  ```ruby
@@ -83,15 +88,29 @@ Now restart your rails app, and you should be all set!
83
88
 
84
89
  ## Usage
85
90
 
86
- To test your authentication endpoint, find an IndieAuth client you can log in to. A simple test is at [Pin13](pin13.net/login). Enter your site's URL and click Sign In.
91
+ To test your authentication endpoint, find an IndieAuth client you can log in to. A simple test is to try and login
92
+ to the [IndieWeb.org website](https://indieweb.org)
87
93
 
88
- You should be then be redirected back to your own site and the Authorio
89
- login UI
94
+ - From the home page, click on *Log In* in the upper right, or visit the [login page](https://sso.indieweb.org/login?url=https%3A%2F%2Findieweb.org%2FMain_Page) directly.
95
+ - Enter your site's URL (or if you put the indieauth tag on a page other than your home page, enter that URL)
96
+ - You should be then be redirected back to your own site and the Authorio login UI
97
+ <p align="center">
90
98
  <img src="./auth-ui.png" width="400">
99
+ </p>
91
100
 
92
- Enter the password you set up when you installed Authorio. This should redirect you back to the client where you
101
+ - Enter the password you set up when you installed Authorio. This should redirect you back to the client where you
93
102
  will be logged in!
94
103
 
104
+ ## Configuration
105
+
106
+ When you installed Authorio it placed a config file in `config/initializers/authorio.rb`. If you want to change
107
+ one of the defaults you can uncomment it and specify it here.
108
+
109
+ ### TODO
110
+
111
+ - [ ] Customizing the authentication view/UI
112
+ - [ ] Customizing the authentication method
113
+
95
114
  ## Contributing
96
115
  Send pull requests to [Authorio on GitHub](https://github.com/reiterate-app/authorio)
97
116
 
data/app/controllers/authorio/auth_controller.rb CHANGED
@@ -7,14 +7,9 @@ module Authorio
7
7
 
8
8
  def authorization_interface
9
9
  p = auth_req_params
10
+ p[:me] ||= "#{host_with_protocol}/"
10
11
 
11
- path = if p[:me]
12
- URI(p[:me]).path
13
- else
14
- '/'
15
- end
16
-
17
- user = User.find_by! profile_path: path
12
+ user = User.find_by! profile_path: URI(p[:me]).path
18
13
  @user_url = p[:me] || user_url(user)
19
14
 
20
15
  # If there are any old requests from this (client, user), delete them now
@@ -30,6 +25,10 @@ module Authorio
30
25
  auth_request.save
31
26
  session[:state] = p[:state]
32
27
  session[:code_challenge] = p[:code_challenge]
28
+
29
+ rescue ActiveRecord::RecordNotFound
30
+ flash.now[:alert] = "Invalid user"
31
+ redirect_back fallback_location: Authorio.authorization_path, allow_other_host: false
33
32
  end
34
33
 
35
34
  def authorize_user
@@ -43,6 +42,9 @@ module Authorio
43
42
  flash.now[:alert] = "Incorrect password. Try again."
44
43
  redirect_back fallback_location: Authorio.authorization_path, allow_other_host: false
45
44
  end
45
+ rescue ActiveRecord::RecordNotFound
46
+ flash.now[:alert] = "Invlaid user"
47
+ redirect_back fallback_location: Authorio.authorization_path, allow_other_host: false
46
48
  end
47
49
 
48
50
  def send_profile
@@ -70,13 +72,14 @@ module Authorio
70
72
  end
71
73
 
72
74
  def verify_token
73
- token = Token.find_by auth_token: bearer_token
74
- head :bad_request and return if token.nil?
75
+ token = Token.find_by! auth_token: bearer_token
75
76
  render json: {
76
77
  'me': user_url(token.authorio_user),
77
78
  'client_id': token.client,
78
79
  'scope': 'token.scope'
79
80
  }
81
+ rescue ActiveRecord::RecordNotFound
82
+ head :bad_request
80
83
  end
81
84
 
82
85
  private
@@ -94,8 +97,12 @@ module Authorio
94
97
  params.permit(:password, :url, :client)
95
98
  end
96
99
 
100
+ def host_with_protocol
101
+ "#{request.scheme}://#{request.host}"
102
+ end
103
+
97
104
  def user_url(user)
98
- "#{request.scheme}://#{request.host}#{user.profile_path}"
105
+ "#{host_with_protocol}#{user.profile_path}"
99
106
  end
100
107
 
101
108
  def invalid_grant
data/app/views/authorio/auth/authorization_interface.html.erb CHANGED
@@ -24,7 +24,7 @@
24
24
  <%= form.label(:url, "User URL") %>
25
25
  <%= form.text_field(:url, value: @user_url, readonly: true) %>
26
26
  <%= form.label(:password, "Password") %>
27
- <%= form.password_field(:password) %>
27
+ <%= form.password_field(:password, autofocus: true) %>
28
28
  <%= form.hidden_field(:client, value: params[:client_id]) %>
29
29
  <%= form.submit("Sign in", class: 'btn btn-success') %>
30
30
  <% end %>
data/lib/authorio/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module Authorio
2
- VERSION = '0.8.0'
2
+ VERSION = '0.8.1'
3
3
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: authorio
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.8.0
4
+ version: 0.8.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Michael Meckler
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2021-07-11 00:00:00.000000000 Z
11
+ date: 2021-07-13 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: rails
@@ -36,71 +36,71 @@ dependencies:
36
36
  requirements:
37
37
  - - ">="
38
38
  - !ruby/object:Gem::Version
39
- version: '0'
39
+ version: '3.0'
40
40
  type: :runtime
41
41
  prerelease: false
42
42
  version_requirements: !ruby/object:Gem::Requirement
43
43
  requirements:
44
44
  - - ">="
45
45
  - !ruby/object:Gem::Version
46
- version: '0'
46
+ version: '3.0'
47
47
  - !ruby/object:Gem::Dependency
48
48
  name: factory_bot_rails
49
49
  requirement: !ruby/object:Gem::Requirement
50
50
  requirements:
51
51
  - - ">="
52
52
  - !ruby/object:Gem::Version
53
- version: '0'
53
+ version: '6.0'
54
54
  type: :development
55
55
  prerelease: false
56
56
  version_requirements: !ruby/object:Gem::Requirement
57
57
  requirements:
58
58
  - - ">="
59
59
  - !ruby/object:Gem::Version
60
- version: '0'
60
+ version: '6.0'
61
61
  - !ruby/object:Gem::Dependency
62
62
  name: rspec
63
63
  requirement: !ruby/object:Gem::Requirement
64
64
  requirements:
65
65
  - - ">="
66
66
  - !ruby/object:Gem::Version
67
- version: '0'
67
+ version: '3.0'
68
68
  type: :development
69
69
  prerelease: false
70
70
  version_requirements: !ruby/object:Gem::Requirement
71
71
  requirements:
72
72
  - - ">="
73
73
  - !ruby/object:Gem::Version
74
- version: '0'
74
+ version: '3.0'
75
75
  - !ruby/object:Gem::Dependency
76
76
  name: rspec-rails
77
77
  requirement: !ruby/object:Gem::Requirement
78
78
  requirements:
79
79
  - - ">="
80
80
  - !ruby/object:Gem::Version
81
- version: '0'
81
+ version: '5.0'
82
82
  type: :development
83
83
  prerelease: false
84
84
  version_requirements: !ruby/object:Gem::Requirement
85
85
  requirements:
86
86
  - - ">="
87
87
  - !ruby/object:Gem::Version
88
- version: '0'
88
+ version: '5.0'
89
89
  - !ruby/object:Gem::Dependency
90
90
  name: byebug
91
91
  requirement: !ruby/object:Gem::Requirement
92
92
  requirements:
93
93
  - - ">="
94
94
  - !ruby/object:Gem::Version
95
- version: '0'
95
+ version: '11.0'
96
96
  type: :development
97
97
  prerelease: false
98
98
  version_requirements: !ruby/object:Gem::Requirement
99
99
  requirements:
100
100
  - - ">="
101
101
  - !ruby/object:Gem::Version
102
- version: '0'
103
- description: Rails engine to add IndieAuth authentication endpoiont functionality
102
+ version: '11.0'
103
+ description: Rails engine to add IndieAuth authentication endpoint functionality
104
104
  email:
105
105
  - rattroupe@reiterate-app.com
106
106
  executables: []