devise-auth0 0.0.2

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 09d2c52435f4724971a7010be7afdeb821f2c179
+  data.tar.gz: fefa985762c18269d3df02d61d2522a0842fdf62
+SHA512:
+  metadata.gz: e250b8ae551213bf6f78900f838db70d369530068485b19e92710b93a5a6fcfef56e50674b167d7d1bbde974bb81a5d8713a14aa9fd47c4a5ad59ee0c603a240
+  data.tar.gz: fc954f7f8ecab7a2b0604e343b26bc332c5fd3ed9c38498ba7806f80c4ef77abf2463e77f303010ed68210c29111679c2697f26b9d7fc999608c44f31a9e564e

data/.gitignore

@@ -0,0 +1,14 @@
+/.bundle/
+/.yardoc
+/Gemfile.lock
+/_yardoc/
+/coverage/
+/doc/
+/pkg/
+/spec/reports/
+/tmp/
+*.bundle
+*.so
+*.o
+*.a
+mkmf.log

data/CHANGELOG

@@ -0,0 +1,7 @@
+0.0.2 / 2014-04-17
+
+  * Better support for oauth-based login
+
+0.0.1 / 2014-10-24
+
+  * Initial version

data/Gemfile

@@ -0,0 +1,4 @@
+source 'https://rubygems.org'
+
+# Specify your gem's dependencies in devise-auth0.gemspec
+gemspec

data/LICENSE.txt

@@ -0,0 +1,22 @@
+Copyright (c) 2014 Derek Kastner
+
+MIT License
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -0,0 +1,41 @@
+# Devise::Auth0
+
+Allow signed-in auth0 users to areas protected by devise.
+
+## Installation
+
+Add this line to your application's Gemfile:
+
+```ruby
+gem 'devise-auth0'
+```
+
+And then execute:
+
+    $ bundle
+
+Or install it yourself as:
+
+    $ gem install devise-auth0
+
+## Configuration
+
+In `config/initializers/devise.rb`:
+
+``` ruby
+require 'devise/strategies/auth0_authenticatable'
+
+Devise.setup do |config|
+  config.mailer_sender = 'please-change-me-at-config-initializers-devise@example.com'
+
+  require 'devise/orm/active_record'
+
+  # this lets you use the login_as helper in tests
+  config.skip_session_storage = [:auth0_authenticatable] unless Rails.env.test?
+
+  config.warden do |manager|
+    manager.strategies.add(:auth0_authenticatable, Devise::Strategies::Auth0Authenticatable)
+    manager.default_strategies(scope: :user).unshift :auth0_authenticatable
+  end
+end
+```

data/Rakefile

@@ -0,0 +1,2 @@
+require "bundler/gem_tasks"
+

data/devise-auth0.gemspec

@@ -0,0 +1,23 @@
+# coding: utf-8
+lib = File.expand_path('../lib', __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require 'devise/auth0/version'
+
+Gem::Specification.new do |spec|
+  spec.name          = "devise-auth0"
+  spec.version       = Devise::Auth0::VERSION
+  spec.authors       = ["Derek Kastner"]
+  spec.email         = ["dkastner@gmail.com"]
+  spec.summary       = %q{Integrate devise with auth0}
+  spec.description   = %q{Allow logged-in auth0 users to access protected areas}
+  spec.homepage      = ""
+  spec.license       = "MIT"
+
+  spec.files         = `git ls-files -z`.split("\x0")
+  spec.executables   = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
+  spec.test_files    = spec.files.grep(%r{^(test|spec|features)/})
+  spec.require_paths = ["lib"]
+
+  spec.add_development_dependency "bundler", "~> 1.6"
+  spec.add_development_dependency "rake", "~> 10.0"
+end

data/lib/devise/auth0.rb

@@ -0,0 +1,10 @@
+require "devise/auth0/version"
+require 'devise/models/auth0_authenticatable'
+require 'devise/strategies/auth0_authenticatable'
+
+module Devise
+  module Auth0
+    CLIENT_ID = ENV.fetch 'AUTH0_CLIENT_ID'
+    SECRET = Base64.decode64 ENV.fetch('AUTH0_SECRET').gsub('-', '+').gsub('_','/')
+  end
+end

data/lib/devise/auth0/failure_app.rb

@@ -0,0 +1,21 @@
+module Devise
+  module Auth0
+
+    class FailureApp < Devise::FailureApp
+      def respond
+        if request.format == :json
+          json_failure
+        else
+          super
+        end
+      end
+
+      def json_failure
+        self.status = 401
+        self.content_type = 'application/json'
+        self.response_body = { error: warden.message }.to_json
+      end
+    end
+
+  end
+end

data/lib/devise/auth0/version.rb

@@ -0,0 +1,5 @@
+module Devise
+  module Auth0
+    VERSION = "0.0.2"
+  end
+end

data/lib/devise/models/auth0_authenticatable.rb

@@ -0,0 +1,35 @@
+require 'devise'
+
+module Devise
+  module Models
+
+    module Auth0Authenticatable
+      extend ActiveSupport::Concern
+
+      class MissingAuth0Id < StandardError; end
+      class MissingAccount < StandardError; end
+
+      module ClassMethods
+
+        def find_or_sync_auth0(info)
+          unless uid = info['user_id']
+            raise MissingAuth0Id.new(info),
+              "Expected auth0_user_id, got none inside of #{@info.inspect}"
+          end
+
+          if user = User.find_by(auth0_user_id: uid)
+            # cool
+          elsif user = User.find_by(email: info['email'])
+            name = user.name || info['name']
+            user.update! auth0_user_id: uid, name: name
+          end
+
+          user
+        end
+
+      end
+
+    end
+  end
+end
+

data/lib/devise/strategies/auth0_authenticatable.rb

@@ -0,0 +1,46 @@
+require 'devise'
+
+module Devise
+  module Strategies
+
+    class Auth0Authenticatable < Base
+
+      def authenticate!
+        token = env['HTTP_AUTHORIZATION'].to_s.gsub('Bearer ', '')
+
+        begin
+          decoded_token, header = JWT.decode(token, Devise::Auth0::SECRET)
+        rescue JWT::DecodeError
+          Rails.logger.warn 'Unreadable Auth0 token'
+          fail! 'Unreadable Auth0 token'
+          return
+        end
+
+        if not decoded_token.is_a?(Hash)
+          Rails.logger.warn "Unexpected Auth0 token structure: expected Hash, got #{decoded_token.inspect}"
+          fail! "Unexpected Auth0 token structure: expected Hash, got #{decoded_token.inspect}"
+          return
+        end
+
+        if decoded_token['aud'] == Auth0::CLIENT_ID
+          user = mapping.to.find_or_sync_auth0(decoded_token)
+          success! user
+          return
+        end
+
+        Rails.logger.info "Invalid token"
+        fail! 'Invalid token'
+      end
+
+      def store?
+        false
+      end
+
+      def valid?
+        env['HTTP_AUTHORIZATION'].present?
+      end
+
+    end
+
+  end
+end

metadata

@@ -0,0 +1,84 @@
+--- !ruby/object:Gem::Specification
+name: devise-auth0
+version: !ruby/object:Gem::Version
+  version: 0.0.2
+platform: ruby
+authors:
+- Derek Kastner
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2015-04-17 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.6'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.6'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '10.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '10.0'
+description: Allow logged-in auth0 users to access protected areas
+email:
+- dkastner@gmail.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- ".gitignore"
+- CHANGELOG
+- Gemfile
+- LICENSE.txt
+- README.md
+- Rakefile
+- devise-auth0.gemspec
+- lib/devise/auth0.rb
+- lib/devise/auth0/failure_app.rb
+- lib/devise/auth0/version.rb
+- lib/devise/models/auth0_authenticatable.rb
+- lib/devise/strategies/auth0_authenticatable.rb
+homepage: ''
+licenses:
+- MIT
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.2.2
+signing_key: 
+specification_version: 4
+summary: Integrate devise with auth0
+test_files: []