glogin 0.1 → 0.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.simplecov +1 -1
- data/README.md +9 -5
- data/lib/glogin/auth.rb +3 -0
- data/lib/glogin/cookie.rb +1 -1
- data/lib/glogin/version.rb +1 -1
- data/test/glogin/test_cookie.rb +4 -4
- metadata +1 -1
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 5a6930e668b924c169ed5c02ac91b366edfa64cb
|
4
|
+
data.tar.gz: ad7c1628b4e3508c39b5c6c14c36a4deb79d04fd
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 2504f72c9222bcd65676148017cd18d4e0ff985f42fc2f3967544eced7e8928b67ec5e3abec0c2b481c20799d8274b82e3d6a9cd1b08de6bf130472a297e3617
|
7
|
+
data.tar.gz: 815f03f93317871b300a72432edb448a77a223a1912ca1ad4f0c9ad7451e18702673d4fde83b6da0f3c573ad76e7e96805f1126e42458d08f5123cf2e852f5ed
|
data/.simplecov
CHANGED
data/README.md
CHANGED
@@ -12,8 +12,10 @@
|
|
12
12
|
## GitHub Login for Ruby web app
|
13
13
|
|
14
14
|
This simple gem will help you enable login/logout through
|
15
|
-
GitHub OAuth
|
16
|
-
|
15
|
+
[GitHub OAuth](https://developer.github.com/apps/building-integrations/setting-up-and-registering-oauth-apps/)
|
16
|
+
for your web application. This is how it works with
|
17
|
+
[Sinatra](http://www.sinatrarb.com/),
|
18
|
+
but you can do something similar in any framework.
|
17
19
|
|
18
20
|
First, somewhere in the global space, before the app starts:
|
19
21
|
|
@@ -24,8 +26,9 @@ configure do
|
|
24
26
|
// Make sure their values are coming from a secure
|
25
27
|
// place and are not visible in the source code:
|
26
28
|
client_id, client_secret,
|
27
|
-
// This is what you will register in GitHub as
|
28
|
-
|
29
|
+
// This is what you will register in GitHub as an
|
30
|
+
// authorization callback URL:
|
31
|
+
'http://www.example.com/github-callback'
|
29
32
|
)
|
30
33
|
end
|
31
34
|
```
|
@@ -34,6 +37,7 @@ Next, for all web pages we need to parse a cookie, if it exists,
|
|
34
37
|
and convert it into a user:
|
35
38
|
|
36
39
|
```ruby
|
40
|
+
require 'sinatra/cookies'
|
37
41
|
before '/*' do
|
38
42
|
if cookies[:glogin]
|
39
43
|
begin
|
@@ -60,7 +64,7 @@ a local variable `@user` will be set to something like this:
|
|
60
64
|
Next, we need a URL for GitHub OAuth callback:
|
61
65
|
|
62
66
|
```ruby
|
63
|
-
get '/github-
|
67
|
+
get '/github-callback' do
|
64
68
|
cookies[:glogin] = Cookie::Open.new(
|
65
69
|
settings.glogin.user(params[:code]),
|
66
70
|
// The same encryption secret that we were using above:
|
data/lib/glogin/auth.rb
CHANGED
@@ -36,7 +36,9 @@ module GLogin
|
|
36
36
|
#
|
37
37
|
class Auth
|
38
38
|
def initialize(id, secret, redirect)
|
39
|
+
raise "GitHub client ID can't be nil" if id.nil?
|
39
40
|
@id = id
|
41
|
+
raise "GitHub client secret can't be nil" if secret.nil?
|
40
42
|
@secret = secret
|
41
43
|
@redirect = redirect
|
42
44
|
end
|
@@ -57,6 +59,7 @@ module GLogin
|
|
57
59
|
req['Accept-Header'] = 'application/json'
|
58
60
|
req['Authorization'] = "token #{access_token(code)}"
|
59
61
|
res = http.request(req)
|
62
|
+
raise "Error (#{res.code}): #{res.body}" unless res.code == '200'
|
60
63
|
JSON.parse(res.body)
|
61
64
|
end
|
62
65
|
|
data/lib/glogin/cookie.rb
CHANGED
@@ -66,7 +66,7 @@ module GLogin
|
|
66
66
|
cpr = Cookie.cipher
|
67
67
|
cpr.encrypt
|
68
68
|
cpr.key = Digest::SHA1.hexdigest(@secret)
|
69
|
-
encrypted = cpr.update("#{@json['login']}|#{@json['
|
69
|
+
encrypted = cpr.update("#{@json['login']}|#{@json['avatar_url']}")
|
70
70
|
encrypted << cpr.final
|
71
71
|
Base64.encode64(encrypted.to_s)
|
72
72
|
end
|
data/lib/glogin/version.rb
CHANGED
data/test/glogin/test_cookie.rb
CHANGED
@@ -30,21 +30,21 @@ class TestCookie < Minitest::Test
|
|
30
30
|
GLogin::Cookie::Open.new(
|
31
31
|
JSON.parse(
|
32
32
|
"{\"login\":\"yegor256\",\
|
33
|
-
\"
|
33
|
+
\"avatar_url\":\"https://avatars1.githubusercontent.com/u/526301\"}"
|
34
34
|
),
|
35
35
|
secret
|
36
36
|
).to_s,
|
37
37
|
secret
|
38
38
|
).to_user
|
39
|
-
|
40
|
-
|
39
|
+
assert_equal(user[:login], 'yegor256')
|
40
|
+
assert_equal(user[:avatar], 'https://avatars1.githubusercontent.com/u/526301')
|
41
41
|
end
|
42
42
|
|
43
43
|
def test_fails_on_broken_text
|
44
44
|
assert_raises OpenSSL::Cipher::CipherError do
|
45
45
|
GLogin::Cookie::Closed.new(
|
46
46
|
GLogin::Cookie::Open.new(
|
47
|
-
JSON.parse('{"login":"x","
|
47
|
+
JSON.parse('{"login":"x","avatar_url":"x"}'),
|
48
48
|
'secret-1'
|
49
49
|
).to_s,
|
50
50
|
'secret-2'
|