cogitate 0.0.1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (5) hide show
  1. checksums.yaml +7 -0
  2. data/LICENSE +14 -0
  3. data/README.md +159 -0
  4. data/lib/cogitate.rb +11 -0
  5. metadata +62 -0
checksums.yaml ADDED
@@ -0,0 +1,7 @@
1
+ ---
2
+ SHA1:
3
+ metadata.gz: b72f297200afd3bfebdda28808cde1bd0c23a105
4
+ data.tar.gz: 2096455e488ce567637e4762e187fa511cd9ac29
5
+ SHA512:
6
+ metadata.gz: a7819b9a0cc1b86e7c232f6662182ec5f69fc8e739360f501a0aada1bfef9437e01ee3126dcab49f24db78c8eeb8a7ba47bfdeaa72d37c5691fda7c1134d35d0
7
+ data.tar.gz: b20bb82409bb415fb3434d3c04ec14ca0b47b81544bb435f506b7026c331f88f1e872ec0c1ad3eaf2045428aa7955ceeae609c9417d2424e044c2bddae57ea4e
data/LICENSE ADDED
@@ -0,0 +1,14 @@
1
+ ##########################################################################
2
+ # Copyright 2015 University of Notre Dame
3
+ #
4
+ # Licensed under the Apache License, Version 2.0 (the "License");
5
+ # you may not use this file except in compliance with the License.
6
+ # You may obtain a copy of the License at
7
+ #
8
+ # http://www.apache.org/licenses/LICENSE-2.0
9
+ #
10
+ # Unless required by applicable law or agreed to in writing, software
11
+ # distributed under the License is distributed on an "AS IS" BASIS,
12
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13
+ # See the License for the specific language governing permissions and
14
+ # limitations under the License.
data/README.md ADDED
@@ -0,0 +1,159 @@
1
+ # Cogitate
2
+
3
+ [![Build Status](https://travis-ci.org/ndlib/cogitate.png?branch=master)](https://travis-ci.org/ndlib/cogitate)
4
+ [![Code Climate](https://codeclimate.com/github/ndlib/cogitate.png)](https://codeclimate.com/github/ndlib/cogitate)
5
+ [![Test Coverage](https://codeclimate.com/github/ndlib/cogitate/badges/coverage.svg)](https://codeclimate.com/github/ndlib/cogitate)
6
+ [![Dependency Status](https://gemnasium.com/ndlib/cogitate.svg)](https://gemnasium.com/ndlib/cogitate)
7
+ [![Documentation Status](http://inch-ci.org/github/ndlib/cogitate.svg?branch=master)](http://inch-ci.org/github/ndlib/cogitate)
8
+ [![APACHE 2 License](http://img.shields.io/badge/APACHE2-license-blue.svg)](./LICENSE)
9
+
10
+ Welcome to Cogitate, a federated identity management system for managing:
11
+
12
+ * User identities through:
13
+ * Group membership
14
+ * Alternate authentication strategies (ORCID, email, etc.)
15
+ * Non-verifiable identities (Preferred Name, Scopus, etc.)
16
+ * Parroted identities (ask for the identity of a Kroger Card number, you'll get back a Kroger card number)
17
+ * User authentication through various providers
18
+
19
+ ## Documentation and Semantic Versioning
20
+
21
+ A note on documentation and semantic versioning.
22
+
23
+ ### Public API (via Yardoc tags)
24
+
25
+ A Public API means that we are committing to preserving the method
26
+ signature, return value, and existence of the method. If we want to
27
+ remove this method, we will need to bump to a major version. We should
28
+ also provide a deprecation warning and guidance on what to do.
29
+
30
+ ```ruby
31
+ # @api public
32
+ def method_signature_and_return_value_must_be_preserved
33
+ end
34
+ ```
35
+
36
+ ### Private API (via Yardoc tags)
37
+
38
+ A Private API means that we are not making promises to preserve
39
+ the method signature, return value, or even existence of the
40
+ method.
41
+
42
+ In other words, beware, this method may not be around for the long-haul.
43
+
44
+ ```ruby
45
+ # @api private
46
+ def method_signature_and_return_value_may_be_changed
47
+ end
48
+ ```
49
+
50
+ ## API
51
+
52
+ ### GET /auth?after_authentication_callback_url=<cgi escaped URL>
53
+
54
+ ```console
55
+ GET /auth?after_authentication_callback_url=https%3A%2F%2Fdeposit.library.nd.edu%2Fafter_authenticate
56
+ ```
57
+
58
+ This resource is responsible for brokering the actual authentication service.
59
+ Assuming a valid `after_authentication_callback_url`, it will respond with a 302 response (and redirect) to the CAS authentication service.
60
+ If an invalid `after_authentication_callback_url` is provided, a 403 response will be given as a response.
61
+
62
+ Once you have authenticated via an authentication strategy (i.e. CAS),
63
+ Cogitate will redirect to the URL specified in the `GET /auth` request's `after_authentication_callback_url` query parameter.
64
+ The payload will be a JSON Web Token.
65
+ That token should contain enough information for your application to adjudicate authorization questions.
66
+
67
+ ### GET Agents
68
+
69
+ #### Request
70
+
71
+ ```console
72
+ GET /api/agents/:urlsafe_base64_encoded_identifiers
73
+ Accept application/vnd.api+json
74
+ ```
75
+
76
+ The `:urlsafe_base64_encoded_identifiers` follow the format:
77
+
78
+ ```ruby
79
+ require 'base64'
80
+ identifier = ":strategy\t:identifying_value"
81
+ urlsafe_base64_encoded_identifiers = Base64.urlsafe_encode64(identifier)
82
+ ```
83
+
84
+ * `:strategy` is the identifying type (i.e. Netid, Orcid, Email).
85
+ * `:urlsafe_base64_encoded_identifiers` is the value/string for that identying type.
86
+
87
+ ```ruby
88
+ require 'base64'
89
+ Base64.urlsafe_encode64("orcid\t0000-0002-1191-0873")
90
+ => "b3JjaWQJMDAwMC0wMDAyLTExOTEtMDg3Mw=="
91
+ ```
92
+
93
+ **Note:** Delimit multiple identifiers with a new line (i.e. `\n`).
94
+
95
+ #### Response
96
+
97
+ ```json
98
+ {
99
+ "links": {
100
+ "self": "http://localhost:3000/api/agents/b3JjaWQJMDAwMC0wMDAyLTExOTEtMDg3Mw=="
101
+ },
102
+ "data": [{
103
+ "type": "agents",
104
+ "id": "b3JjaWQJMDAwMC0wMDAyLTExOTEtMDg3Mw==",
105
+ "attributes": {
106
+ "strategy": "orcid",
107
+ "identifying_value": "0000-0002-1191-0873"
108
+ },
109
+ "relationships": {
110
+ "identities": [{
111
+ "type": "unverified/orcid",
112
+ "id": "0000-0002-1191-0873"
113
+ }],
114
+ "verified_identities": []
115
+ }
116
+ }]
117
+ }
118
+ ```
119
+
120
+ ## Roadmap
121
+
122
+ As we looked to break apart our monolith applications, it became clear that we needed a centralized authentication and identity service.
123
+ It was also clear that our institutional service was inadequate due to the nature of scholarly collaboration crossing boundaries of institutions and individuals.
124
+
125
+ ### Phase 1
126
+
127
+ * Agent Identifiers
128
+ * ~~Verified Netid~~
129
+ * ~~Unverified Netid~~
130
+ * ~~Unverified "Parrot" identity (i.e. ask for any identity and you'll at least get it back)~~
131
+ * ~~Verified group~~
132
+ * ~~Unverified group~~ Skip groups associated with unverified identifiers
133
+ * Authentication
134
+ * ~~Campus Authentication Service (CAS)~~
135
+ * ~~Handle a request for Cogitate to broker the authentication~~
136
+ * ~~Passback a ticket to the primary application~~
137
+ * Communication Channels
138
+ * ~~Extract email from NetID identifier~~
139
+ * Client library
140
+ * Decode the JSON Web Token (JWT) into a "User" object and related information
141
+ * Levarage RSA public key for decoding the JWT
142
+
143
+ ### Phase 2
144
+
145
+ * Agent Identifiers
146
+ * Verified OAuth2 account (i.e. Orcid)
147
+ * Unverified OAuth2 account (i.e. Orcid)
148
+ * Verified email address
149
+ * Unverified email address
150
+ * Authentication
151
+ * OAuth2 provider
152
+ * One-time URL (for emails)
153
+ * Communication Channels
154
+ * For a given Agent what are their communication vectors (i.e. Email, Phone #, Twitter handle)
155
+
156
+ ## Tasks and Automation
157
+
158
+ * Generating documentation: `$ bundle exec yardoc --plugin contracts`
159
+ * Running the test suite: `$ rake`
data/lib/cogitate.rb ADDED
@@ -0,0 +1,11 @@
1
+ # Cogitate is a federated identity management system for managing:
2
+ # * User identities through:
3
+ # * Group membership
4
+ # * Alternate authentication strategies (ORCID, email, etc.)
5
+ # * Non-verifiable identities (Preferred Name, Scopus, etc.)
6
+ # * Parroted identities (ask for the identity of a Kroger Card number, you'll get back a Kroger card number)
7
+ # * User authentication through various providers
8
+ module Cogitate
9
+ # Used as a namespace grab
10
+ VERSION = '0.0.1'.freeze
11
+ end
metadata ADDED
@@ -0,0 +1,62 @@
1
+ --- !ruby/object:Gem::Specification
2
+ name: cogitate
3
+ version: !ruby/object:Gem::Version
4
+ version: 0.0.1
5
+ platform: ruby
6
+ authors:
7
+ - Jeremy Friesen
8
+ autorequire:
9
+ bindir: exe
10
+ cert_chain: []
11
+ date: 2015-08-10 00:00:00.000000000 Z
12
+ dependencies:
13
+ - !ruby/object:Gem::Dependency
14
+ name: bundler
15
+ requirement: !ruby/object:Gem::Requirement
16
+ requirements:
17
+ - - "~>"
18
+ - !ruby/object:Gem::Version
19
+ version: '1.8'
20
+ type: :development
21
+ prerelease: false
22
+ version_requirements: !ruby/object:Gem::Requirement
23
+ requirements:
24
+ - - "~>"
25
+ - !ruby/object:Gem::Version
26
+ version: '1.8'
27
+ description: A client library for the Cogitate service.
28
+ email:
29
+ - jeremy.n.friesen@gmail.com
30
+ executables: []
31
+ extensions: []
32
+ extra_rdoc_files: []
33
+ files:
34
+ - LICENSE
35
+ - README.md
36
+ - lib/cogitate.rb
37
+ homepage: https://github.com/ndlib/cogitate
38
+ licenses:
39
+ - APACHE2
40
+ metadata: {}
41
+ post_install_message:
42
+ rdoc_options: []
43
+ require_paths:
44
+ - lib
45
+ required_ruby_version: !ruby/object:Gem::Requirement
46
+ requirements:
47
+ - - ">="
48
+ - !ruby/object:Gem::Version
49
+ version: '0'
50
+ required_rubygems_version: !ruby/object:Gem::Requirement
51
+ requirements:
52
+ - - ">="
53
+ - !ruby/object:Gem::Version
54
+ version: '0'
55
+ requirements: []
56
+ rubyforge_project:
57
+ rubygems_version: 2.4.7
58
+ signing_key:
59
+ specification_version: 4
60
+ summary: A client library for the Cogitate service.
61
+ test_files: []
62
+ has_rdoc: