gamora 0.11.0 → 0.13.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: e35b31caf66937012f903a789beed12bac91e7e7a809a3e08fd3f1afc69cad19
-  data.tar.gz: f4ec146d7b34b0e6f011f923998d4abfefac5c6ebb421eb4b6eb650d40f63898
+  metadata.gz: 5e104c740e37e365b1a0026c7cc35c4484bfe4e3546f2ecc7f29cdc2d983b1c8
+  data.tar.gz: 4e5386d4a3d3cb3541c9d1b6c67ac648ea33bd0d088aa77c6b598a612e155501
 SHA512:
-  metadata.gz: c71974d1b67d1d7ba20cebc8d5df51b1a948400a18aa74f3e39d37f4cd74f80c8675ab1388d067f8917d69ca31efca6893396a4efcddf3bcc1a95a0241267731
-  data.tar.gz: b1c6c5a879a035bc768e4c98a9f67d42d5f8e80aa9e0f42aff1fd6dfeacb02bd2611967b171471f328595cf38a73c676bfd08bc51087614dd83380eeb2a95f6b
+  metadata.gz: 3fe807fc7d017463448981f708a68f3e3a0ae6d61ae1985d794230af707cdf0d76e1da05f267afccbe564262273b520e70229548f9f06edafc7e2305573b3a6e
+  data.tar.gz: 2827ef0787c8e7ccbf7462be3b921c7a82e699f35d91b48c34528db9526209ef34a9ca0aac32e180027ce6fb564cb65e9f37a3117916c787b5c99fa169d5e785

data/README.md

@@ -132,6 +132,23 @@ Gamora.setup do |config|
 end
 ```
 
+## Authorization
+
+In order to inform if a user's access token is granted to access the IDP
+client, it is possible to configure the authorization method in the initializer
+that will be used in the `/auth/amco/authorized` endpoint.
+
+```ruby
+Gamora.setup do |config|
+  ...
+
+  config.authorization_method = -> (user) { MyAuthorizationService.call(user) }
+end
+```
+
+Then implement the `MyAuthorizationService` based on your needs and return
+true if the user is granted, otherwise return false.
+
 ## Development
 
 After checking out the repo, run `bin/setup` to install dependencies. Then,

data/app/controllers/concerns/gamora/authorization_url.rb

@@ -2,6 +2,18 @@
 
 module Gamora
   module AuthorizationUrl
+    ALLOWED_PARAMS = %i[
+      scope
+      state
+      theme
+      prompt
+      max_age
+      strategy
+      branding
+      ui_locales
+      allow_create
+    ].freeze
+
     def authorization_url(params, extra_params = {})
       data =
         default_params
@@ -21,21 +33,13 @@ module Gamora
         prompt: Configuration.default_prompt,
         strategy: Configuration.default_strategy,
         branding: Configuration.default_branding,
-        ui_locales: Configuration.ui_locales.call
+        ui_locales: Configuration.ui_locales.call,
+        allow_create: Configuration.allow_create
       }
     end
 
     def authorization_params(params)
-      params.permit(
-        :scope,
-        :state,
-        :theme,
-        :prompt,
-        :max_age,
-        :strategy,
-        :branding,
-        :ui_locales
-      )
+      params.permit(*ALLOWED_PARAMS)
     end
   end
 end

data/app/controllers/gamora/authorization_controller.rb

@@ -0,0 +1,15 @@
+# frozen_string_literal: true
+
+module Gamora
+  class AuthorizationController < ApplicationController
+    include Gamora::Authentication::Headers
+
+    before_action :authenticate_user!
+
+    def show
+      Configuration.authorization_method.call(current_user) ?
+        render(json: { message: "Authorized user" }, status: :ok) :
+        render(json: { error: "Unauthorized user" }, status: :forbidden)
+    end
+  end
+end

data/config/routes.rb

@@ -2,6 +2,7 @@
 
 Gamora::Engine.routes.draw do
   get "amco", to: "authentication#show", as: :authentication
-  get "logout", to: "unauthentication#show", as: :logout
+  get "amco/logout", to: "unauthentication#show", as: :logout
+  get "amco/authorized", to: "authorization#show", as: :authorized
   get "amco/callback", to: "callback#show", as: :callback
 end

data/lib/gamora/configuration.rb

@@ -17,8 +17,10 @@ module Gamora
     mattr_accessor :default_branding, default: "amco"
     mattr_accessor :default_theme, default: "default"
     mattr_accessor :ui_locales, default: -> { I18n.locale }
+    mattr_accessor :allow_create, default: true
     mattr_accessor :userinfo_cache_expires_in, default: 1.minute
     mattr_accessor :introspect_cache_expires_in, default: 0.seconds
+    mattr_accessor :authorization_method, default: -> (user) { !!user }
 
     def setup
       yield(self) if block_given?

data/lib/gamora/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Gamora
-  VERSION = "0.11.0"
+  VERSION = "0.13.0"
 end

data/lib/generators/gamora/templates/gamora.rb

@@ -19,6 +19,8 @@ Gamora.setup do |config|
   # config.default_branding = "amco"
   # config.default_theme = "default"
   # config.ui_locales = -> { I18n.locale }
+  # config.allow_create = true
   # config.userinfo_cache_expires_in = 1.minute
   # config.introspect_cache_expires_in = 0.seconds
+  # config.authorization_method = -> (user) { user.authorized? }
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: gamora
 version: !ruby/object:Gem::Version
-  version: 0.11.0
+  version: 0.13.0
 platform: ruby
 authors:
 - Alejandro Gutiérrez
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2024-02-21 00:00:00.000000000 Z
+date: 2024-10-09 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: oauth2
@@ -52,6 +52,7 @@ files:
 - app/controllers/concerns/gamora/authorization_url.rb
 - app/controllers/gamora/application_controller.rb
 - app/controllers/gamora/authentication_controller.rb
+- app/controllers/gamora/authorization_controller.rb
 - app/controllers/gamora/callback_controller.rb
 - app/controllers/gamora/unauthentication_controller.rb
 - app/models/gamora/application_record.rb
@@ -91,7 +92,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.4.17
+rubygems_version: 3.5.11
 signing_key:
 specification_version: 4
 summary: OpenID Connect Relying Party for rails apps.