glogin 0.1 → 0.2
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.simplecov +1 -1
- data/README.md +9 -5
- data/lib/glogin/auth.rb +3 -0
- data/lib/glogin/cookie.rb +1 -1
- data/lib/glogin/version.rb +1 -1
- data/test/glogin/test_cookie.rb +4 -4
- metadata +1 -1
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 5a6930e668b924c169ed5c02ac91b366edfa64cb
|
4
|
+
data.tar.gz: ad7c1628b4e3508c39b5c6c14c36a4deb79d04fd
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 2504f72c9222bcd65676148017cd18d4e0ff985f42fc2f3967544eced7e8928b67ec5e3abec0c2b481c20799d8274b82e3d6a9cd1b08de6bf130472a297e3617
|
7
|
+
data.tar.gz: 815f03f93317871b300a72432edb448a77a223a1912ca1ad4f0c9ad7451e18702673d4fde83b6da0f3c573ad76e7e96805f1126e42458d08f5123cf2e852f5ed
|
data/.simplecov
CHANGED
data/README.md
CHANGED
@@ -12,8 +12,10 @@
|
|
12
12
|
## GitHub Login for Ruby web app
|
13
13
|
|
14
14
|
This simple gem will help you enable login/logout through
|
15
|
-
GitHub OAuth
|
16
|
-
|
15
|
+
[GitHub OAuth](https://developer.github.com/apps/building-integrations/setting-up-and-registering-oauth-apps/)
|
16
|
+
for your web application. This is how it works with
|
17
|
+
[Sinatra](http://www.sinatrarb.com/),
|
18
|
+
but you can do something similar in any framework.
|
17
19
|
|
18
20
|
First, somewhere in the global space, before the app starts:
|
19
21
|
|
@@ -24,8 +26,9 @@ configure do
|
|
24
26
|
// Make sure their values are coming from a secure
|
25
27
|
// place and are not visible in the source code:
|
26
28
|
client_id, client_secret,
|
27
|
-
// This is what you will register in GitHub as
|
28
|
-
|
29
|
+
// This is what you will register in GitHub as an
|
30
|
+
// authorization callback URL:
|
31
|
+
'http://www.example.com/github-callback'
|
29
32
|
)
|
30
33
|
end
|
31
34
|
```
|
@@ -34,6 +37,7 @@ Next, for all web pages we need to parse a cookie, if it exists,
|
|
34
37
|
and convert it into a user:
|
35
38
|
|
36
39
|
```ruby
|
40
|
+
require 'sinatra/cookies'
|
37
41
|
before '/*' do
|
38
42
|
if cookies[:glogin]
|
39
43
|
begin
|
@@ -60,7 +64,7 @@ a local variable `@user` will be set to something like this:
|
|
60
64
|
Next, we need a URL for GitHub OAuth callback:
|
61
65
|
|
62
66
|
```ruby
|
63
|
-
get '/github-
|
67
|
+
get '/github-callback' do
|
64
68
|
cookies[:glogin] = Cookie::Open.new(
|
65
69
|
settings.glogin.user(params[:code]),
|
66
70
|
// The same encryption secret that we were using above:
|
data/lib/glogin/auth.rb
CHANGED
@@ -36,7 +36,9 @@ module GLogin
|
|
36
36
|
#
|
37
37
|
class Auth
|
38
38
|
def initialize(id, secret, redirect)
|
39
|
+
raise "GitHub client ID can't be nil" if id.nil?
|
39
40
|
@id = id
|
41
|
+
raise "GitHub client secret can't be nil" if secret.nil?
|
40
42
|
@secret = secret
|
41
43
|
@redirect = redirect
|
42
44
|
end
|
@@ -57,6 +59,7 @@ module GLogin
|
|
57
59
|
req['Accept-Header'] = 'application/json'
|
58
60
|
req['Authorization'] = "token #{access_token(code)}"
|
59
61
|
res = http.request(req)
|
62
|
+
raise "Error (#{res.code}): #{res.body}" unless res.code == '200'
|
60
63
|
JSON.parse(res.body)
|
61
64
|
end
|
62
65
|
|
data/lib/glogin/cookie.rb
CHANGED
@@ -66,7 +66,7 @@ module GLogin
|
|
66
66
|
cpr = Cookie.cipher
|
67
67
|
cpr.encrypt
|
68
68
|
cpr.key = Digest::SHA1.hexdigest(@secret)
|
69
|
-
encrypted = cpr.update("#{@json['login']}|#{@json['
|
69
|
+
encrypted = cpr.update("#{@json['login']}|#{@json['avatar_url']}")
|
70
70
|
encrypted << cpr.final
|
71
71
|
Base64.encode64(encrypted.to_s)
|
72
72
|
end
|
data/lib/glogin/version.rb
CHANGED
data/test/glogin/test_cookie.rb
CHANGED
@@ -30,21 +30,21 @@ class TestCookie < Minitest::Test
|
|
30
30
|
GLogin::Cookie::Open.new(
|
31
31
|
JSON.parse(
|
32
32
|
"{\"login\":\"yegor256\",\
|
33
|
-
\"
|
33
|
+
\"avatar_url\":\"https://avatars1.githubusercontent.com/u/526301\"}"
|
34
34
|
),
|
35
35
|
secret
|
36
36
|
).to_s,
|
37
37
|
secret
|
38
38
|
).to_user
|
39
|
-
|
40
|
-
|
39
|
+
assert_equal(user[:login], 'yegor256')
|
40
|
+
assert_equal(user[:avatar], 'https://avatars1.githubusercontent.com/u/526301')
|
41
41
|
end
|
42
42
|
|
43
43
|
def test_fails_on_broken_text
|
44
44
|
assert_raises OpenSSL::Cipher::CipherError do
|
45
45
|
GLogin::Cookie::Closed.new(
|
46
46
|
GLogin::Cookie::Open.new(
|
47
|
-
JSON.parse('{"login":"x","
|
47
|
+
JSON.parse('{"login":"x","avatar_url":"x"}'),
|
48
48
|
'secret-1'
|
49
49
|
).to_s,
|
50
50
|
'secret-2'
|