authrocket 1.0.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 180feb604cb15ff4e7e37c7165dd82dfe8be07e7
+  data.tar.gz: b1fed38444acc277dbdad9750f4ec065af2d7114
+SHA512:
+  metadata.gz: 17f94dff2a42d7c832278009e12a55664dee8167cd42cff41e39eb6b909d62823f32cb0871494966f3933f607d61c7950fe8b8191ddaa4b7f9c62b349cedf404
+  data.tar.gz: 6cdee5088181c2ca12a4988b9d204455fc85a77b2d3e27ed9de5230179d8a64147dca3d33e691b2f98d3f84e8b78c43190f56109af3885528b8c3da7601ba334

data/.gitignore

@@ -0,0 +1,19 @@
+*.gem
+*.rbc
+.bundle
+.config
+.yardoc
+Gemfile.lock
+InstalledFiles
+_yardoc
+coverage
+doc/
+lib/bundler/man
+pkg
+rdoc
+spec/reports
+test/tmp
+test/version_tmp
+tmp
+*.tmproj
+.rvmrc

data/Gemfile

@@ -0,0 +1,4 @@
+source 'https://rubygems.org'
+
+# Specify your gem's dependencies in authrocket.gemspec
+gemspec

data/LICENSE

@@ -0,0 +1,22 @@
+Copyright (c) 2014 Notioneer, Inc.
+
+MIT License
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -0,0 +1,144 @@
+# AuthRocket
+
+[AuthRocket](http://authrocket.com/) provides Auth as a Service, making it quick and easy to add signups, logins, a full user management UI, and much more to your app.
+
+This gem works with both Rails and plain Ruby. It will auto-detect Rails and enable a couple Rails-specific features as appropriate.
+
+
+## Usage
+
+For installation, add `gem 'authrocket'` to your Gemfile. More details are below.
+
+
+### Configuration
+
+By default, AuthRocket automatically loads your credentials from environment variables. For such hosting environments, including Heroku, just configure these:
+
+    AUTHROCKET_ACCOUNT = org_SAMPLE
+    AUTHROCKET_API_KEY = key_SAMPLE
+    AUTHROCKET_URL     = https://api-e1.authrocket.com/v1
+    AUTHROCKET_REALM   = rl_SAMPLE   # optional
+
+`AUTHROCKET_URL` must be updated based on what cluster your account is provisioned on.
+
+`AUTHROCKET_REALM` is optional. If you're using a single Realm, it's easiest to add it here as an application-wide default. If you're using multiple Realms with your app, we recommend leaving it out here and setting it as you go.
+
+It's possible to configure AuthRocket using a Rails initializer (or other initializaiton code) too.
+
+    AuthRocket::Api.credentials = {
+      account: 'org_SAMPLE',
+      api_key: 'key_SAMPLE',
+      url: 'https://api-e1.authrocket.com/v1',
+      realm: 'rl_SAMPLE'
+    }
+
+
+### Hosted Logins
+
+AuthRocket has a few options to handle logins. One option is to let AuthRocket handle the login process completely, which is what's shown here. Your app only needs to verify the final login token. This example is specific to Rails, but adapt accordingly for Sinatra or any other framework.
+
+To get started, login to AuthRocket and add a Login Policy (under Logins/Signups) for your chosen Realm (create your first Realm if you haven't already). 
+
+Be sure to enable Hosted Logins (a separate step) and specify a Login Handler URL. For development purposes, we'll point the Login Handler URL to your local app. Assuming your Rails app is running on port 3000, you'd enter `http://localhost:3000/login`.
+
+After enabling Hosted Logins, take note of the LoginRocket URL. You'll need this below.
+
+Let's add a couple methods to your Application Controller, substituting the correct value for `LOGIN_URL`:
+
+    class ApplicationController < ActionController::Base
+      before_filter :require_user
+      # This protects *all* of your app. If that's not what
+      #   you want, then just add this to the controllers
+      #   that need to be protected.
+
+      private
+
+      LOGIN_URL = 'https://sample.e1.loginrocket.com/
+      # This should be your app's own LoginRocket URL, as
+      #   shown in the Login Policy details.
+
+      def require_user
+        unless session[:ar_user_id]
+          flash.keep
+          redirect_to LOGIN_URL
+        end
+      end
+
+      def current_user
+        @_current_user ||= session[:ar_user_id] && AuthRocket::User.find(session[:ar_user_id])
+      end
+
+      def current_user_name
+        session[:name]
+      end
+    end
+
+Create a Login or Session controller if you don't have one already:
+
+    rails g controller logins
+
+Then add login and logout methods:
+
+    class LoginsController < ApplicationController
+      skip_before_filter :require_user
+
+      def login
+        flash.keep
+        if params[:token]
+          if login_rec = AuthRocket::Event.validate_token(params[:token])
+            user = login_rec.user
+            session[:ar_user_id] = user.id
+            session[:name] = user.name
+            redirect_to root_path
+            return
+          end
+        end
+        require_user
+      end
+
+      def logout
+        session[:ar_user_id] = nil
+        redirect_to root_path, notice: 'You have been logged out.'
+      end
+    end
+
+Finally, update `config/routes.rb`:
+
+    get '/login' => 'logins#login'
+    get '/logout' => 'logins#logout'
+
+That's it. You're all done!
+
+
+### Other Methods
+
+For full details on the AuthRocket API, including examples for Ruby, see our [documentation](http://authrocket.com/docs).
+
+
+## Installation
+
+Add this line to your application's Gemfile:
+
+    gem 'authrocket'
+
+And then execute:
+
+    $ bundle
+
+Or install it yourself as:
+
+    $ gem install authrocket
+
+
+## Contributing
+
+1. Fork it
+2. Create your feature branch (`git checkout -b my-new-feature`)
+3. Commit your changes (`git commit -am 'Add some feature'`)
+4. Push to the branch (`git push origin my-new-feature`)
+5. Create new Pull Request
+
+
+## License
+
+MIT

data/Rakefile

@@ -0,0 +1 @@
+require "bundler/gem_tasks"

data/authrocket.gemspec

@@ -0,0 +1,25 @@
+# -*- encoding: utf-8 -*-
+lib = File.expand_path('../lib', __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require 'authrocket/api/version'
+
+Gem::Specification.new do |gem|
+  gem.name          = "authrocket"
+  gem.version       = AuthRocket::VERSION
+  gem.authors       = ["thomas morgan"]
+  gem.email         = ["tm@notioneer.com"]
+  gem.description   = %q{AuthRocket client for Ruby.}
+  gem.summary       = %q{AuthRocket client for Ruby}
+  gem.homepage      = "https://github.com/authrocket/authrocket-ruby"
+  gem.license       = 'MIT'
+
+  gem.files         = `git ls-files`.split($/)
+  gem.executables   = gem.files.grep(%r{^bin/}).map{ |f| File.basename(f) }
+  gem.test_files    = gem.files.grep(%r{^(test|spec|features)/})
+  gem.require_paths = ["lib"]
+
+  gem.add_dependency 'ncore', '~> 1.0'
+
+  gem.add_development_dependency "bundler", "~> 1.3"
+  gem.add_development_dependency "rake"
+end

data/lib/authrocket.rb

@@ -0,0 +1,11 @@
+require 'ncore'
+
+%w(version api_config).each do |f|
+  require "authrocket/api/#{f}"
+end
+
+%w(app_hook event login_policy membership org realm user user_token).each do |f|
+  require "authrocket/#{f}"
+end
+
+require 'authrocket/api/railtie' if defined?(Rails)

data/lib/authrocket/api/api_config.rb

@@ -0,0 +1,78 @@
+module AuthRocket
+  include NCore::Builder
+
+  configure do
+    self.default_url = ENV['AUTHROCKET_URL']
+
+    self.default_headers = {
+      accept: 'application/json',
+      content_type: 'application/json',
+      user_agent: "AuthRocket/ruby v#{VERSION} [nc #{NCore::VERSION}]"
+    }
+
+    if ENV['AUTHROCKET_URI']
+      self.credentials = parse_credentials ENV['AUTHROCKET_URI']
+    elsif ENV['AUTHROCKET_API_KEY']
+      self.credentials = {
+        api_key: ENV['AUTHROCKET_API_KEY'],
+        account: ENV['AUTHROCKET_ACCOUNT'],
+        realm:   ENV['AUTHROCKET_REALM']
+      }
+    end
+
+    self.debug = false
+
+    self.strict_attributes = true
+
+
+    self.instrument_key = 'request.authrocket'
+
+    self.status_page = 'http://status.notioneer.com/'
+
+    self.auth_header_prefix = 'X-Authrocket'
+
+    self.credentials_error_message = %Q{Missing API credentials or URL. Set default credentials using "AuthRocket::Api.credentials = {api_key: YOUR_API_KEY, account: YOUR_ACCOUNT_ID, url: AR_REGION_URL}"}
+  end
+
+
+  class << self
+    # makes AuthRocket::Realm.model_name.param_key do the right thing
+    def use_relative_model_naming?
+      true
+    end
+
+
+    private
+
+    def parse_credentials(creds)
+      case creds
+      when String
+        url = URI.parse creds rescue nil
+        if url
+          o = {}
+          [url.password, url.user].each do |part|
+            case part
+            when /^key_/
+              o[:api_key] = part
+            when /^org_/
+              o[:account] = part
+            when /^rl_/
+              o[:realm] = part
+            end
+          end
+          url.user = url.password = nil
+          o[:url] = url.to_s
+          o
+        else
+          raise Error, 'Unable to parse AuthRocket credentials URI'
+        end
+
+      when NilClass
+        {}
+      else
+        creds
+      end.with_indifferent_access
+    end
+
+  end
+end

data/lib/authrocket/api/log_subscriber.rb

@@ -0,0 +1,10 @@
+require 'ncore/rails/log_subscriber'
+
+module AuthRocket
+  class LogSubscriber < ActiveSupport::LogSubscriber
+    include NCore::LogSubscriber
+    self.runtime_variable = 'authrocket_runtime'
+  end
+end
+
+AuthRocket::LogSubscriber.attach_to :authrocket

data/lib/authrocket/api/railtie.rb

@@ -0,0 +1,13 @@
+module AuthRocket
+  class Railtie < Rails::Railtie
+
+    initializer "authrocket.log_runtime" do |app|
+      require 'authrocket/api/log_subscriber'
+      ActiveSupport.on_load(:action_controller) do
+        include NCore::ControllerRuntime
+        register_api_runtime AuthRocket::LogSubscriber, 'AuthRocket'
+      end
+    end
+
+  end
+end

data/lib/authrocket/api/version.rb

@@ -0,0 +1,3 @@
+module AuthRocket
+  VERSION = '1.0.0'
+end

data/lib/authrocket/app_hook.rb

@@ -0,0 +1,25 @@
+module AuthRocket
+  class AppHook < Resource
+    crud :all, :find, :create, :update, :delete
+
+    belongs_to :realm
+    has_many :events
+
+    attr :event_type, :hook_type, :destination, :email_from, :user_type, :email_subject, :email_template
+
+    def self.event_types
+      %w( *
+          realm.*  realm.created  realm.updated  realm.deleted
+          user.*  user.created  user.updated  user.deleted
+            user.login.*  user.login.succeeded  user.login.failed
+            user.password_token.*  user.password_token.created  user.password_token.consumed  user.password_token.failed
+          org.*  org.created  org.updated  org.deleted
+          membership.*  membership.created  membership.updated  membership.deleted
+          app_hook.*  app_hook.created  app_hook.updated  app_hook.deleted
+          login_policy.*  login_policy.created  login_policy.updated  login_policy.deleted
+        ).sort
+    end
+
+
+  end
+end

data/lib/authrocket/event.rb

@@ -0,0 +1,24 @@
+module AuthRocket
+  class Event < Resource
+    crud :all, :find
+
+    belongs_to :app_hook
+    belongs_to :login_policy
+    belongs_to :membership
+    belongs_to :org
+    belongs_to :realm
+    belongs_to :user
+
+    attr :event_type, :ip
+    attr_datetime :event_at
+
+
+    def self.validate_token(token, params={}, api_creds=nil)
+      parsed, creds = request(:get, "#{url}/login/#{CGI.escape token}", api_creds, params)
+      new(parsed, creds)
+    rescue RecordNotFound
+      nil
+    end
+
+  end
+end

data/lib/authrocket/login_policy.rb

@@ -0,0 +1,14 @@
+module AuthRocket
+  class LoginPolicy < Resource
+    crud :all, :find, :create, :update, :delete
+
+    belongs_to :realm
+    has_many :events
+
+    attr :custom_domains, :enable_logins, :enable_signups, :external_css
+    attr :footer, :header, :login_handler, :name, :name_field, :primary_domain
+    attr :signup_handler, :subdomain
+    attr :base_domain, :domains # readonly
+
+  end
+end

data/lib/authrocket/membership.rb

@@ -0,0 +1,26 @@
+module AuthRocket
+  class Membership < Resource
+    crud :all, :find, :create, :update, :delete
+
+    belongs_to :org
+    belongs_to :user
+    has_many :events
+
+    attr_datetime :expires_at
+
+
+    def any_permission?(*perms)
+      perms.any? do |p|
+        case p
+        when String
+          permissions.include? p
+        when Regexp
+          permissions.any?{|m| p =~ m}
+        else
+          false
+        end
+      end
+    end
+
+  end
+end

data/lib/authrocket/org.rb

@@ -0,0 +1,22 @@
+module AuthRocket
+  class Org < Resource
+    crud :all, :find, :create, :update, :delete
+
+    belongs_to :realm
+    has_many :events
+    has_many :memberships
+
+    attr :realm_id, :name, :state, :reference
+    attr_datetime :created_at
+
+
+    def users
+      memberships.map(&:user).compact
+    end
+
+    def find_user(uid)
+      users.detect{|u| u.id == uid } || raise(RecordNotFound)
+    end
+
+  end
+end

data/lib/authrocket/realm.rb

@@ -0,0 +1,22 @@
+module AuthRocket
+  class Realm < Resource
+    crud :all, :find, :create, :update, :delete
+
+    has_many :app_hooks
+    has_many :events
+    has_many :login_policies
+    has_many :orgs
+    has_many :users
+
+    attr :api_key_policy, :api_key_prefix, :name, :require_unique_emails, :state
+    attr :username_validation_human
+
+
+    def reset!(params={})
+      parsed, _ = request(:post, "#{url}/reset", api_creds, params)
+      load(parsed)
+      errors.empty? ? self : false
+    end
+
+  end
+end

data/lib/authrocket/user.rb

@@ -0,0 +1,76 @@
+module AuthRocket
+  class User < Resource
+    crud :all, :find, :create, :update, :delete
+
+    belongs_to :realm
+    has_many :events
+    has_many :memberships
+
+    attr :user_type, :username, :state, :reference
+    attr :first_name, :last_name, :password, :password_confirmation
+    attr :name, :api_key, :email
+    attr_datetime :created_at, :last_login_on
+
+
+    def orgs
+      memberships.map(&:org).compact
+    end
+
+    def find_org(id)
+      orgs.detect{|o| o.id == id } || raise(RecordNotFound)
+    end
+
+    def human? ; user_type=='human' ; end
+    def api?   ; user_type=='api'   ; end
+
+
+    class << self
+
+      def authenticate(username, password, params={}, api_creds=nil)
+        params = params.merge(password: password)
+        parsed, creds = request(:post, "#{url}/#{CGI.escape username}/authenticate", api_creds, params)
+        if parsed[:errors].any?
+          raise ValidationError, parsed[:errors]
+        end
+        new(parsed, creds)
+      end
+
+      def authenticate_key(api_key, params={}, api_creds=nil)
+        params = params.merge(api_key: api_key)
+        parsed, creds = request(:post, "#{url}/authenticate_key", api_creds, params)
+        if parsed[:errors].any?
+          raise ValidationError, parsed[:errors]
+        end
+        new(parsed, creds)
+      end
+
+      def generate_password_token(username, params={}, api_creds=nil)
+        parsed, creds = request(:post, "#{url}/#{CGI.escape username}/generate_password_token", api_creds, params)
+        if parsed[:errors].any?
+          raise ValidationError, parsed[:errors]
+        end
+        new(parsed, creds)
+      end
+
+      def reset_password_with_token(username, token, new_pw, new_pw_2, params={}, api_creds=nil)
+        params = params.with_indifferent_access.merge(user: {token: token, password: new_pw, password_confirmation: new_pw_2})
+        parsed, creds = request(:post, "#{url}/#{CGI.escape username}/reset_password_with_token", api_creds, params)
+        if parsed[:errors].any?
+          raise ValidationError, parsed[:errors]
+        end
+        new(parsed, creds)
+      end
+
+    end
+
+    # params - {current_password: 'old', password: 'new', password_confirmation: 'new'}
+    def update_password(params)
+      params = {user: params}
+      parsed, _ = request(:put, "#{url}/update_password", api_creds, params)
+      load(parsed)
+      errors.empty? ? self : false
+    end
+
+
+  end
+end

data/lib/authrocket/user_token.rb

@@ -0,0 +1,10 @@
+module AuthRocket
+  class UserToken < Resource
+    crud :find, :create
+
+    attr :username
+    attr :first_name, :last_name, :password, :password_confirmation
+    attr :email
+
+  end
+end

metadata

@@ -0,0 +1,105 @@
+--- !ruby/object:Gem::Specification
+name: authrocket
+version: !ruby/object:Gem::Version
+  version: 1.0.0
+platform: ruby
+authors:
+- thomas morgan
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2014-08-01 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: ncore
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '1.0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '1.0'
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '1.3'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '1.3'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+description: AuthRocket client for Ruby.
+email:
+- tm@notioneer.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- .gitignore
+- Gemfile
+- LICENSE
+- README.md
+- Rakefile
+- authrocket.gemspec
+- lib/authrocket.rb
+- lib/authrocket/api/api_config.rb
+- lib/authrocket/api/log_subscriber.rb
+- lib/authrocket/api/railtie.rb
+- lib/authrocket/api/version.rb
+- lib/authrocket/app_hook.rb
+- lib/authrocket/event.rb
+- lib/authrocket/login_policy.rb
+- lib/authrocket/membership.rb
+- lib/authrocket/org.rb
+- lib/authrocket/realm.rb
+- lib/authrocket/user.rb
+- lib/authrocket/user_token.rb
+homepage: https://github.com/authrocket/authrocket-ruby
+licenses:
+- MIT
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.0.6
+signing_key: 
+specification_version: 4
+summary: AuthRocket client for Ruby
+test_files: []