cogitate 0.0.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- data/LICENSE +14 -0
- data/README.md +159 -0
- data/lib/cogitate.rb +11 -0
- metadata +62 -0
checksums.yaml
ADDED
@@ -0,0 +1,7 @@
|
|
1
|
+
---
|
2
|
+
SHA1:
|
3
|
+
metadata.gz: b72f297200afd3bfebdda28808cde1bd0c23a105
|
4
|
+
data.tar.gz: 2096455e488ce567637e4762e187fa511cd9ac29
|
5
|
+
SHA512:
|
6
|
+
metadata.gz: a7819b9a0cc1b86e7c232f6662182ec5f69fc8e739360f501a0aada1bfef9437e01ee3126dcab49f24db78c8eeb8a7ba47bfdeaa72d37c5691fda7c1134d35d0
|
7
|
+
data.tar.gz: b20bb82409bb415fb3434d3c04ec14ca0b47b81544bb435f506b7026c331f88f1e872ec0c1ad3eaf2045428aa7955ceeae609c9417d2424e044c2bddae57ea4e
|
data/LICENSE
ADDED
@@ -0,0 +1,14 @@
|
|
1
|
+
##########################################################################
|
2
|
+
# Copyright 2015 University of Notre Dame
|
3
|
+
#
|
4
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
5
|
+
# you may not use this file except in compliance with the License.
|
6
|
+
# You may obtain a copy of the License at
|
7
|
+
#
|
8
|
+
# http://www.apache.org/licenses/LICENSE-2.0
|
9
|
+
#
|
10
|
+
# Unless required by applicable law or agreed to in writing, software
|
11
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
12
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
13
|
+
# See the License for the specific language governing permissions and
|
14
|
+
# limitations under the License.
|
data/README.md
ADDED
@@ -0,0 +1,159 @@
|
|
1
|
+
# Cogitate
|
2
|
+
|
3
|
+
[![Build Status](https://travis-ci.org/ndlib/cogitate.png?branch=master)](https://travis-ci.org/ndlib/cogitate)
|
4
|
+
[![Code Climate](https://codeclimate.com/github/ndlib/cogitate.png)](https://codeclimate.com/github/ndlib/cogitate)
|
5
|
+
[![Test Coverage](https://codeclimate.com/github/ndlib/cogitate/badges/coverage.svg)](https://codeclimate.com/github/ndlib/cogitate)
|
6
|
+
[![Dependency Status](https://gemnasium.com/ndlib/cogitate.svg)](https://gemnasium.com/ndlib/cogitate)
|
7
|
+
[![Documentation Status](http://inch-ci.org/github/ndlib/cogitate.svg?branch=master)](http://inch-ci.org/github/ndlib/cogitate)
|
8
|
+
[![APACHE 2 License](http://img.shields.io/badge/APACHE2-license-blue.svg)](./LICENSE)
|
9
|
+
|
10
|
+
Welcome to Cogitate, a federated identity management system for managing:
|
11
|
+
|
12
|
+
* User identities through:
|
13
|
+
* Group membership
|
14
|
+
* Alternate authentication strategies (ORCID, email, etc.)
|
15
|
+
* Non-verifiable identities (Preferred Name, Scopus, etc.)
|
16
|
+
* Parroted identities (ask for the identity of a Kroger Card number, you'll get back a Kroger card number)
|
17
|
+
* User authentication through various providers
|
18
|
+
|
19
|
+
## Documentation and Semantic Versioning
|
20
|
+
|
21
|
+
A note on documentation and semantic versioning.
|
22
|
+
|
23
|
+
### Public API (via Yardoc tags)
|
24
|
+
|
25
|
+
A Public API means that we are committing to preserving the method
|
26
|
+
signature, return value, and existence of the method. If we want to
|
27
|
+
remove this method, we will need to bump to a major version. We should
|
28
|
+
also provide a deprecation warning and guidance on what to do.
|
29
|
+
|
30
|
+
```ruby
|
31
|
+
# @api public
|
32
|
+
def method_signature_and_return_value_must_be_preserved
|
33
|
+
end
|
34
|
+
```
|
35
|
+
|
36
|
+
### Private API (via Yardoc tags)
|
37
|
+
|
38
|
+
A Private API means that we are not making promises to preserve
|
39
|
+
the method signature, return value, or even existence of the
|
40
|
+
method.
|
41
|
+
|
42
|
+
In other words, beware, this method may not be around for the long-haul.
|
43
|
+
|
44
|
+
```ruby
|
45
|
+
# @api private
|
46
|
+
def method_signature_and_return_value_may_be_changed
|
47
|
+
end
|
48
|
+
```
|
49
|
+
|
50
|
+
## API
|
51
|
+
|
52
|
+
### GET /auth?after_authentication_callback_url=<cgi escaped URL>
|
53
|
+
|
54
|
+
```console
|
55
|
+
GET /auth?after_authentication_callback_url=https%3A%2F%2Fdeposit.library.nd.edu%2Fafter_authenticate
|
56
|
+
```
|
57
|
+
|
58
|
+
This resource is responsible for brokering the actual authentication service.
|
59
|
+
Assuming a valid `after_authentication_callback_url`, it will respond with a 302 response (and redirect) to the CAS authentication service.
|
60
|
+
If an invalid `after_authentication_callback_url` is provided, a 403 response will be given as a response.
|
61
|
+
|
62
|
+
Once you have authenticated via an authentication strategy (i.e. CAS),
|
63
|
+
Cogitate will redirect to the URL specified in the `GET /auth` request's `after_authentication_callback_url` query parameter.
|
64
|
+
The payload will be a JSON Web Token.
|
65
|
+
That token should contain enough information for your application to adjudicate authorization questions.
|
66
|
+
|
67
|
+
### GET Agents
|
68
|
+
|
69
|
+
#### Request
|
70
|
+
|
71
|
+
```console
|
72
|
+
GET /api/agents/:urlsafe_base64_encoded_identifiers
|
73
|
+
Accept application/vnd.api+json
|
74
|
+
```
|
75
|
+
|
76
|
+
The `:urlsafe_base64_encoded_identifiers` follow the format:
|
77
|
+
|
78
|
+
```ruby
|
79
|
+
require 'base64'
|
80
|
+
identifier = ":strategy\t:identifying_value"
|
81
|
+
urlsafe_base64_encoded_identifiers = Base64.urlsafe_encode64(identifier)
|
82
|
+
```
|
83
|
+
|
84
|
+
* `:strategy` is the identifying type (i.e. Netid, Orcid, Email).
|
85
|
+
* `:urlsafe_base64_encoded_identifiers` is the value/string for that identying type.
|
86
|
+
|
87
|
+
```ruby
|
88
|
+
require 'base64'
|
89
|
+
Base64.urlsafe_encode64("orcid\t0000-0002-1191-0873")
|
90
|
+
=> "b3JjaWQJMDAwMC0wMDAyLTExOTEtMDg3Mw=="
|
91
|
+
```
|
92
|
+
|
93
|
+
**Note:** Delimit multiple identifiers with a new line (i.e. `\n`).
|
94
|
+
|
95
|
+
#### Response
|
96
|
+
|
97
|
+
```json
|
98
|
+
{
|
99
|
+
"links": {
|
100
|
+
"self": "http://localhost:3000/api/agents/b3JjaWQJMDAwMC0wMDAyLTExOTEtMDg3Mw=="
|
101
|
+
},
|
102
|
+
"data": [{
|
103
|
+
"type": "agents",
|
104
|
+
"id": "b3JjaWQJMDAwMC0wMDAyLTExOTEtMDg3Mw==",
|
105
|
+
"attributes": {
|
106
|
+
"strategy": "orcid",
|
107
|
+
"identifying_value": "0000-0002-1191-0873"
|
108
|
+
},
|
109
|
+
"relationships": {
|
110
|
+
"identities": [{
|
111
|
+
"type": "unverified/orcid",
|
112
|
+
"id": "0000-0002-1191-0873"
|
113
|
+
}],
|
114
|
+
"verified_identities": []
|
115
|
+
}
|
116
|
+
}]
|
117
|
+
}
|
118
|
+
```
|
119
|
+
|
120
|
+
## Roadmap
|
121
|
+
|
122
|
+
As we looked to break apart our monolith applications, it became clear that we needed a centralized authentication and identity service.
|
123
|
+
It was also clear that our institutional service was inadequate due to the nature of scholarly collaboration crossing boundaries of institutions and individuals.
|
124
|
+
|
125
|
+
### Phase 1
|
126
|
+
|
127
|
+
* Agent Identifiers
|
128
|
+
* ~~Verified Netid~~
|
129
|
+
* ~~Unverified Netid~~
|
130
|
+
* ~~Unverified "Parrot" identity (i.e. ask for any identity and you'll at least get it back)~~
|
131
|
+
* ~~Verified group~~
|
132
|
+
* ~~Unverified group~~ Skip groups associated with unverified identifiers
|
133
|
+
* Authentication
|
134
|
+
* ~~Campus Authentication Service (CAS)~~
|
135
|
+
* ~~Handle a request for Cogitate to broker the authentication~~
|
136
|
+
* ~~Passback a ticket to the primary application~~
|
137
|
+
* Communication Channels
|
138
|
+
* ~~Extract email from NetID identifier~~
|
139
|
+
* Client library
|
140
|
+
* Decode the JSON Web Token (JWT) into a "User" object and related information
|
141
|
+
* Levarage RSA public key for decoding the JWT
|
142
|
+
|
143
|
+
### Phase 2
|
144
|
+
|
145
|
+
* Agent Identifiers
|
146
|
+
* Verified OAuth2 account (i.e. Orcid)
|
147
|
+
* Unverified OAuth2 account (i.e. Orcid)
|
148
|
+
* Verified email address
|
149
|
+
* Unverified email address
|
150
|
+
* Authentication
|
151
|
+
* OAuth2 provider
|
152
|
+
* One-time URL (for emails)
|
153
|
+
* Communication Channels
|
154
|
+
* For a given Agent what are their communication vectors (i.e. Email, Phone #, Twitter handle)
|
155
|
+
|
156
|
+
## Tasks and Automation
|
157
|
+
|
158
|
+
* Generating documentation: `$ bundle exec yardoc --plugin contracts`
|
159
|
+
* Running the test suite: `$ rake`
|
data/lib/cogitate.rb
ADDED
@@ -0,0 +1,11 @@
|
|
1
|
+
# Cogitate is a federated identity management system for managing:
|
2
|
+
# * User identities through:
|
3
|
+
# * Group membership
|
4
|
+
# * Alternate authentication strategies (ORCID, email, etc.)
|
5
|
+
# * Non-verifiable identities (Preferred Name, Scopus, etc.)
|
6
|
+
# * Parroted identities (ask for the identity of a Kroger Card number, you'll get back a Kroger card number)
|
7
|
+
# * User authentication through various providers
|
8
|
+
module Cogitate
|
9
|
+
# Used as a namespace grab
|
10
|
+
VERSION = '0.0.1'.freeze
|
11
|
+
end
|
metadata
ADDED
@@ -0,0 +1,62 @@
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
2
|
+
name: cogitate
|
3
|
+
version: !ruby/object:Gem::Version
|
4
|
+
version: 0.0.1
|
5
|
+
platform: ruby
|
6
|
+
authors:
|
7
|
+
- Jeremy Friesen
|
8
|
+
autorequire:
|
9
|
+
bindir: exe
|
10
|
+
cert_chain: []
|
11
|
+
date: 2015-08-10 00:00:00.000000000 Z
|
12
|
+
dependencies:
|
13
|
+
- !ruby/object:Gem::Dependency
|
14
|
+
name: bundler
|
15
|
+
requirement: !ruby/object:Gem::Requirement
|
16
|
+
requirements:
|
17
|
+
- - "~>"
|
18
|
+
- !ruby/object:Gem::Version
|
19
|
+
version: '1.8'
|
20
|
+
type: :development
|
21
|
+
prerelease: false
|
22
|
+
version_requirements: !ruby/object:Gem::Requirement
|
23
|
+
requirements:
|
24
|
+
- - "~>"
|
25
|
+
- !ruby/object:Gem::Version
|
26
|
+
version: '1.8'
|
27
|
+
description: A client library for the Cogitate service.
|
28
|
+
email:
|
29
|
+
- jeremy.n.friesen@gmail.com
|
30
|
+
executables: []
|
31
|
+
extensions: []
|
32
|
+
extra_rdoc_files: []
|
33
|
+
files:
|
34
|
+
- LICENSE
|
35
|
+
- README.md
|
36
|
+
- lib/cogitate.rb
|
37
|
+
homepage: https://github.com/ndlib/cogitate
|
38
|
+
licenses:
|
39
|
+
- APACHE2
|
40
|
+
metadata: {}
|
41
|
+
post_install_message:
|
42
|
+
rdoc_options: []
|
43
|
+
require_paths:
|
44
|
+
- lib
|
45
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
46
|
+
requirements:
|
47
|
+
- - ">="
|
48
|
+
- !ruby/object:Gem::Version
|
49
|
+
version: '0'
|
50
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
51
|
+
requirements:
|
52
|
+
- - ">="
|
53
|
+
- !ruby/object:Gem::Version
|
54
|
+
version: '0'
|
55
|
+
requirements: []
|
56
|
+
rubyforge_project:
|
57
|
+
rubygems_version: 2.4.7
|
58
|
+
signing_key:
|
59
|
+
specification_version: 4
|
60
|
+
summary: A client library for the Cogitate service.
|
61
|
+
test_files: []
|
62
|
+
has_rdoc:
|