devise_pkcs12_authenticatable 0.0.1 → 0.0.2
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +5 -0
- data/{LICENSE.txt → LICENSE} +0 -0
- data/README.md +53 -17
- data/lib/devise_pkcs12_authenticatable/version.rb +1 -1
- metadata +4 -3
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 40ff4fa4b8851a95458b12c85b50a296a4c1821b
|
4
|
+
data.tar.gz: 68545dd286347c8eafab88f1198e1bc3d275af1a
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: aec7fb81e92c939d880c5290b5d777ed3d993a1517426d2c6d92bc837f0250cd4d9e6f87c50dbb2bb46ff00cbb4fbc02a16f58d7dd06fa8aa93d9cdefc662383
|
7
|
+
data.tar.gz: 01f1eb9cd6c97d81f6c355a2271aaf7f81ccf34549548ffe471c426ce2248f02c740903522ac59c4fdca7ace0f70c27b9073ee757e519a8b6292d55efc1aeddd
|
data/CHANGELOG.md
ADDED
data/{LICENSE.txt → LICENSE}
RENAMED
File without changes
|
data/README.md
CHANGED
@@ -1,14 +1,22 @@
|
|
1
|
-
#
|
1
|
+
# Devise PKCS #12 Authenticatable [![Gem Version](https://badge.fury.io/rb/devise_pkcs12_authenticatable.svg)](http://badge.fury.io/rb/devise_pkcs12_authenticatable)
|
2
2
|
|
3
|
-
|
3
|
+
`devise_pkcs12_authenticatable` is client side SSL certificate authentication (based on [PKCS #12](https://en.wikipedia.org/wiki/PKCS_12)) support for [Devise](https://github.com/plataformatec/devise) applications.
|
4
|
+
For authentication `devise_pkcs12_authenticatable` uses field called `CN` (Common Name) from Distinguished Name (DN) of the SSl certificate subject
|
5
|
+
and keys for any authentication mechanism from `config/initializers/devise.rb` called `config.authentication_keys`.
|
4
6
|
|
5
|
-
|
7
|
+
## Requirements
|
8
|
+
|
9
|
+
- NGINX
|
10
|
+
- Ruby 1.9.3 or greater
|
11
|
+
- Rails 4.1.8 or greater
|
12
|
+
- Devise 3.4.1 or greater
|
6
13
|
|
7
14
|
## Installation
|
8
15
|
|
9
|
-
Add this
|
16
|
+
Add this lines to your application's Gemfile:
|
10
17
|
|
11
18
|
```ruby
|
19
|
+
gem 'devise', '~> 3.4.1'
|
12
20
|
gem 'devise_pkcs12_authenticatable'
|
13
21
|
```
|
14
22
|
|
@@ -16,24 +24,52 @@ And then execute:
|
|
16
24
|
|
17
25
|
$ bundle
|
18
26
|
|
19
|
-
|
27
|
+
## Usage
|
28
|
+
|
29
|
+
1. Setup [NGINX](http://wiki.nginx.org/Install) and [Configure HTTPS](http://nginx.org/en/docs/http/configuring_https_servers.html)
|
20
30
|
|
21
|
-
|
31
|
+
Add next parameters to `/path/to/your/site.conf`, for example in Ubuntu your configuration file can be found here: `/etc/nginx/sites-enabled/your-site.conf`
|
32
|
+
```
|
33
|
+
server {
|
34
|
+
...
|
35
|
+
ssl_verify_client on;
|
36
|
+
# Root Certificate Authority(CA) that you used to sign your client certificates
|
37
|
+
ssl_client_certificate /path/to/your/ca.crt;
|
38
|
+
...
|
22
39
|
|
23
|
-
|
40
|
+
location ... {
|
41
|
+
...
|
42
|
+
proxy_set_header X-CLIENT-VERIFY $ssl_client_verify;
|
43
|
+
proxy_set_header X-SSL-CLIENT-S-DN $ssl_client_s_dn;
|
44
|
+
...
|
45
|
+
}
|
46
|
+
}
|
47
|
+
```
|
48
|
+
|
49
|
+
2. Setup [Devise](https://github.com/plataformatec/devise)
|
50
|
+
|
51
|
+
3. Setup `devise_pkcs12_authenticatable`
|
52
|
+
|
53
|
+
Add the following to your Devise model (ie. `User.rb`):
|
54
|
+
|
55
|
+
```ruby
|
56
|
+
devise :pkcs12_authenticatable # , ... and other modules, don't add :database_authenticatable as this module is intended to replace it
|
57
|
+
```
|
24
58
|
|
25
|
-
|
59
|
+
Your model needs one attribute called `cn`, migration allow you to do so:
|
26
60
|
|
27
|
-
|
61
|
+
`add_column :users, :cn, :string, null: false, index: true`
|
28
62
|
|
29
|
-
|
63
|
+
If you need to configure `devise_pkcs12_authenticatable` then add to your config/initializers/devise.rb
|
30
64
|
|
31
|
-
|
65
|
+
```ruby
|
66
|
+
Devise.setup do |config|
|
67
|
+
...
|
68
|
+
# Attribute in your model for pkcs12 authentication
|
69
|
+
config.pkcs12_common_name_field = :common_name # By default :cn
|
70
|
+
end
|
71
|
+
```
|
32
72
|
|
33
|
-
##
|
73
|
+
## License
|
34
74
|
|
35
|
-
|
36
|
-
2. Create your feature branch (`git checkout -b my-new-feature`)
|
37
|
-
3. Commit your changes (`git commit -am 'Add some feature'`)
|
38
|
-
4. Push to the branch (`git push origin my-new-feature`)
|
39
|
-
5. Create a new Pull Request
|
75
|
+
`devise_pkcs12_authenticatable` is released under the MIT License. See the LICENSE file for more information.
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: devise_pkcs12_authenticatable
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.0.
|
4
|
+
version: 0.0.2
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Alexander Grigoriev
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2015-04-
|
11
|
+
date: 2015-04-19 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: devise
|
@@ -87,8 +87,9 @@ extensions: []
|
|
87
87
|
extra_rdoc_files: []
|
88
88
|
files:
|
89
89
|
- .gitignore
|
90
|
+
- CHANGELOG.md
|
90
91
|
- Gemfile
|
91
|
-
- LICENSE
|
92
|
+
- LICENSE
|
92
93
|
- README.md
|
93
94
|
- Rakefile
|
94
95
|
- devise_pkcs12_authenticatable.gemspec
|