go_sso 0.1.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- data/MIT-LICENSE +20 -0
- data/Rakefile +32 -0
- data/app/assets/config/go_sso_manifest.js +1 -0
- data/app/assets/stylesheets/go_sso/application.css +15 -0
- data/app/controllers/go_sso/application_controller.rb +44 -0
- data/app/helpers/go_sso/application_helper.rb +4 -0
- data/app/jobs/go_sso/application_job.rb +4 -0
- data/app/mailers/go_sso/application_mailer.rb +6 -0
- data/app/models/go_sso/application_record.rb +5 -0
- data/app/views/layouts/go_sso/application.html.erb +15 -0
- data/config/routes.rb +7 -0
- data/lib/go_sso.rb +53 -0
- data/lib/go_sso/controllers/helpers.rb +37 -0
- data/lib/go_sso/current.rb +3 -0
- data/lib/go_sso/engine.rb +13 -0
- data/lib/go_sso/user.rb +33 -0
- data/lib/go_sso/version.rb +3 -0
- data/lib/tasks/go_sso_tasks.rake +4 -0
- metadata +159 -0
checksums.yaml
ADDED
@@ -0,0 +1,7 @@
|
|
1
|
+
---
|
2
|
+
SHA256:
|
3
|
+
metadata.gz: 94692c360a28d7beff1f95900b6b798d2bee7a554e988f003623ed8675969751
|
4
|
+
data.tar.gz: 63990eb7c21d4f8d4316d143abad2596a9533b43576021e00b441595664b076b
|
5
|
+
SHA512:
|
6
|
+
metadata.gz: eb726512139fcae3835d644f31304ae509509eefab7a19bcdba264eba04601ea76bc3d4b674480ceead8757e0a9d9bbdd0bc21b5654011c2fa4fcea6c4c78da7
|
7
|
+
data.tar.gz: f77a159bf650f9a855a059cbb416954b22a39d96a76477834fbd88b1f8584e1a454ce7126662751c8796d592e40bd1f71d9ce9a56294696b8dcfe9c7947057cb
|
data/MIT-LICENSE
ADDED
@@ -0,0 +1,20 @@
|
|
1
|
+
Copyright 2019 Yi Feng
|
2
|
+
|
3
|
+
Permission is hereby granted, free of charge, to any person obtaining
|
4
|
+
a copy of this software and associated documentation files (the
|
5
|
+
"Software"), to deal in the Software without restriction, including
|
6
|
+
without limitation the rights to use, copy, modify, merge, publish,
|
7
|
+
distribute, sublicense, and/or sell copies of the Software, and to
|
8
|
+
permit persons to whom the Software is furnished to do so, subject to
|
9
|
+
the following conditions:
|
10
|
+
|
11
|
+
The above copyright notice and this permission notice shall be
|
12
|
+
included in all copies or substantial portions of the Software.
|
13
|
+
|
14
|
+
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
|
15
|
+
EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
|
16
|
+
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
|
17
|
+
NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
|
18
|
+
LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
|
19
|
+
OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
|
20
|
+
WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
data/Rakefile
ADDED
@@ -0,0 +1,32 @@
|
|
1
|
+
begin
|
2
|
+
require 'bundler/setup'
|
3
|
+
rescue LoadError
|
4
|
+
puts 'You must `gem install bundler` and `bundle install` to run rake tasks'
|
5
|
+
end
|
6
|
+
|
7
|
+
require 'rdoc/task'
|
8
|
+
|
9
|
+
RDoc::Task.new(:rdoc) do |rdoc|
|
10
|
+
rdoc.rdoc_dir = 'rdoc'
|
11
|
+
rdoc.title = 'GoSso'
|
12
|
+
rdoc.options << '--line-numbers'
|
13
|
+
rdoc.rdoc_files.include('README.md')
|
14
|
+
rdoc.rdoc_files.include('lib/**/*.rb')
|
15
|
+
end
|
16
|
+
|
17
|
+
APP_RAKEFILE = File.expand_path("test/dummy/Rakefile", __dir__)
|
18
|
+
load 'rails/tasks/engine.rake'
|
19
|
+
|
20
|
+
load 'rails/tasks/statistics.rake'
|
21
|
+
|
22
|
+
require 'bundler/gem_tasks'
|
23
|
+
|
24
|
+
require 'rake/testtask'
|
25
|
+
|
26
|
+
Rake::TestTask.new(:test) do |t|
|
27
|
+
t.libs << 'test'
|
28
|
+
t.pattern = 'test/**/*_test.rb'
|
29
|
+
t.verbose = false
|
30
|
+
end
|
31
|
+
|
32
|
+
task default: :test
|
@@ -0,0 +1 @@
|
|
1
|
+
//= link_directory ../stylesheets/go_sso .css
|
@@ -0,0 +1,15 @@
|
|
1
|
+
/*
|
2
|
+
* This is a manifest file that'll be compiled into application.css, which will include all the files
|
3
|
+
* listed below.
|
4
|
+
*
|
5
|
+
* Any CSS and SCSS file within this directory, lib/assets/stylesheets, vendor/assets/stylesheets,
|
6
|
+
* or any plugin's vendor/assets/stylesheets directory can be referenced here using a relative path.
|
7
|
+
*
|
8
|
+
* You're free to add application-wide styles to this file and they'll appear at the bottom of the
|
9
|
+
* compiled file so the styles you add here take precedence over styles defined in any other CSS/SCSS
|
10
|
+
* files in this directory. Styles in this file should be added after the last require_* statement.
|
11
|
+
* It is generally better to create a new file per style scope.
|
12
|
+
*
|
13
|
+
*= require_tree .
|
14
|
+
*= require_self
|
15
|
+
*/
|
@@ -0,0 +1,44 @@
|
|
1
|
+
module GoSso
|
2
|
+
class ApplicationController < ActionController::Base
|
3
|
+
protect_from_forgery with: :exception
|
4
|
+
|
5
|
+
before_action do
|
6
|
+
GoSso::Current.host = request.base_url
|
7
|
+
end
|
8
|
+
|
9
|
+
def auth
|
10
|
+
session[:go_sso_referrer] = params[:redirect_url] || request.referrer || request.base_url
|
11
|
+
redirect_to GoSso.authorize_url
|
12
|
+
end
|
13
|
+
|
14
|
+
def callback
|
15
|
+
token = GoSso.get_token(params[:code])
|
16
|
+
set_sso_token(token.token, expires_at: token.expires_at)
|
17
|
+
redirect_to session.delete(:go_sso_referrer) || request.base_url
|
18
|
+
rescue OAuth2::Error => error
|
19
|
+
render json: {
|
20
|
+
code: error.code,
|
21
|
+
description: error.description
|
22
|
+
}
|
23
|
+
end
|
24
|
+
|
25
|
+
def logout
|
26
|
+
set_sso_token(nil)
|
27
|
+
redirect_to params[:redirect_url] || request.referrer || request.base_url
|
28
|
+
end
|
29
|
+
|
30
|
+
private
|
31
|
+
def set_sso_token(token, expires_at: nil)
|
32
|
+
if token
|
33
|
+
session[:go_sso_token] = token
|
34
|
+
session[:go_sso_token_expires_at] = expires_at
|
35
|
+
else
|
36
|
+
session[:go_sso_token] = session[:go_sso_token_expires_at] = nil
|
37
|
+
end
|
38
|
+
end
|
39
|
+
|
40
|
+
def sso_token_expired?
|
41
|
+
session[:go_sso_token_expires_at] < Time.now.to_i
|
42
|
+
end
|
43
|
+
end
|
44
|
+
end
|
data/config/routes.rb
ADDED
data/lib/go_sso.rb
ADDED
@@ -0,0 +1,53 @@
|
|
1
|
+
require "oauth2"
|
2
|
+
|
3
|
+
module GoSso
|
4
|
+
autoload :User, 'go_sso/user'
|
5
|
+
autoload :Current, 'go_sso/current'
|
6
|
+
|
7
|
+
module Controllers
|
8
|
+
autoload :Helpers, 'go_sso/controllers/helpers'
|
9
|
+
end
|
10
|
+
|
11
|
+
mattr_accessor :client_id
|
12
|
+
mattr_accessor :client_secret
|
13
|
+
mattr_accessor :site
|
14
|
+
mattr_accessor :user_json_url, default: 'api/me'
|
15
|
+
mattr_accessor :user_cache_ttl, default: 1.minute
|
16
|
+
mattr_accessor :main_app_module_name
|
17
|
+
mattr_accessor :host
|
18
|
+
|
19
|
+
def self.setup
|
20
|
+
yield self
|
21
|
+
end
|
22
|
+
|
23
|
+
def self.set_default_options!
|
24
|
+
self.client_id = ENV['GO_SSO_CLIENT_ID']
|
25
|
+
self.client_secret = ENV['GO_SSO_CLIENT_SECRET']
|
26
|
+
self.site = ENV['GO_SSO_CLIENT_SITE']
|
27
|
+
self.main_app_module_name = if Rails::VERSION::MAJOR == 6
|
28
|
+
Rails.application.class.module_parent.to_s
|
29
|
+
else
|
30
|
+
Rails.application.class.parent.to_s
|
31
|
+
end
|
32
|
+
end
|
33
|
+
|
34
|
+
def self.client
|
35
|
+
@client ||= OAuth2::Client.new(client_id, client_secret, site: site)
|
36
|
+
end
|
37
|
+
|
38
|
+
def self.authorize_url
|
39
|
+
client.auth_code.authorize_url(redirect_uri: Rails.application.routes.url_helpers.go_sso_callback_url(host: current_host))
|
40
|
+
end
|
41
|
+
|
42
|
+
def self.get_token(code)
|
43
|
+
client.auth_code.get_token(code, redirect_uri: Rails.application.routes.url_helpers.go_sso_callback_url(host: current_host))
|
44
|
+
end
|
45
|
+
|
46
|
+
def self.current_host
|
47
|
+
host || Current.host
|
48
|
+
end
|
49
|
+
|
50
|
+
class FailedToOpenConnection < Exception; end
|
51
|
+
end
|
52
|
+
|
53
|
+
require "go_sso/engine"
|
@@ -0,0 +1,37 @@
|
|
1
|
+
module GoSso
|
2
|
+
module Controllers
|
3
|
+
module Helpers
|
4
|
+
extend ActiveSupport::Concern
|
5
|
+
|
6
|
+
included do
|
7
|
+
helper_method :current_sso_user
|
8
|
+
|
9
|
+
rescue_from GoSso::FailedToOpenConnection do
|
10
|
+
render json: {
|
11
|
+
message: 'Failed to open connection to SSO server. Try again later.'
|
12
|
+
}, status: 500
|
13
|
+
end
|
14
|
+
end
|
15
|
+
|
16
|
+
def current_sso_user
|
17
|
+
@current_sso_user ||= begin
|
18
|
+
return nil unless session[:go_sso_token]
|
19
|
+
return nil if sso_token_expired?
|
20
|
+
GoSso::User.from_token(session[:go_sso_token])
|
21
|
+
end
|
22
|
+
rescue OAuth2::Error
|
23
|
+
nil
|
24
|
+
end
|
25
|
+
|
26
|
+
def authenticate_sso_user_permission
|
27
|
+
unless current_sso_user
|
28
|
+
return redirect_to(go_sso_auth_url(redirect_url: request.url))
|
29
|
+
end
|
30
|
+
|
31
|
+
unless current_sso_user.can_access?(GoSso.main_app_module_name)
|
32
|
+
render json: { message: 'access denied' }, status: 401
|
33
|
+
end
|
34
|
+
end
|
35
|
+
end
|
36
|
+
end
|
37
|
+
end
|
@@ -0,0 +1,13 @@
|
|
1
|
+
module GoSso
|
2
|
+
class Engine < ::Rails::Engine
|
3
|
+
initializer "go_sso.configs", before: :load_config_initializers do
|
4
|
+
GoSso.set_default_options!
|
5
|
+
end
|
6
|
+
|
7
|
+
initializer "go_sso.helpers" do
|
8
|
+
ActiveSupport.on_load(:action_controller) do
|
9
|
+
include Controllers::Helpers
|
10
|
+
end
|
11
|
+
end
|
12
|
+
end
|
13
|
+
end
|
data/lib/go_sso/user.rb
ADDED
@@ -0,0 +1,33 @@
|
|
1
|
+
class GoSso::User
|
2
|
+
def initialize(attrs)
|
3
|
+
@attrs = attrs
|
4
|
+
end
|
5
|
+
|
6
|
+
def can_access?(app_name)
|
7
|
+
applications.include?(app_name.to_s)
|
8
|
+
end
|
9
|
+
|
10
|
+
def applications
|
11
|
+
@attrs['applications'] || []
|
12
|
+
end
|
13
|
+
|
14
|
+
def method_missing(m, *args, &block)
|
15
|
+
method_name = m.to_s
|
16
|
+
if @attrs.has_key?(method_name)
|
17
|
+
@attrs[method_name]
|
18
|
+
else
|
19
|
+
super
|
20
|
+
end
|
21
|
+
end
|
22
|
+
|
23
|
+
def self.from_token(token)
|
24
|
+
o_token = OAuth2::AccessToken.new(GoSso.client, token)
|
25
|
+
json_str = Rails.cache.fetch([:go_sso_user, token], expires_in: GoSso.user_cache_ttl) do
|
26
|
+
o_token.get(GoSso.user_json_url).body
|
27
|
+
end
|
28
|
+
attrs = JSON.parse(json_str)
|
29
|
+
new(attrs)
|
30
|
+
rescue Faraday::ConnectionFailed
|
31
|
+
raise GoSso::FailedToOpenConnection
|
32
|
+
end
|
33
|
+
end
|
metadata
ADDED
@@ -0,0 +1,159 @@
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
2
|
+
name: go_sso
|
3
|
+
version: !ruby/object:Gem::Version
|
4
|
+
version: 0.1.0
|
5
|
+
platform: ruby
|
6
|
+
authors:
|
7
|
+
- Yi Feng
|
8
|
+
autorequire:
|
9
|
+
bindir: bin
|
10
|
+
cert_chain: []
|
11
|
+
date: 2019-10-24 00:00:00.000000000 Z
|
12
|
+
dependencies:
|
13
|
+
- !ruby/object:Gem::Dependency
|
14
|
+
name: oauth2
|
15
|
+
requirement: !ruby/object:Gem::Requirement
|
16
|
+
requirements:
|
17
|
+
- - "~>"
|
18
|
+
- !ruby/object:Gem::Version
|
19
|
+
version: 1.4.0
|
20
|
+
type: :runtime
|
21
|
+
prerelease: false
|
22
|
+
version_requirements: !ruby/object:Gem::Requirement
|
23
|
+
requirements:
|
24
|
+
- - "~>"
|
25
|
+
- !ruby/object:Gem::Version
|
26
|
+
version: 1.4.0
|
27
|
+
- !ruby/object:Gem::Dependency
|
28
|
+
name: sqlite3
|
29
|
+
requirement: !ruby/object:Gem::Requirement
|
30
|
+
requirements:
|
31
|
+
- - ">="
|
32
|
+
- !ruby/object:Gem::Version
|
33
|
+
version: '0'
|
34
|
+
type: :development
|
35
|
+
prerelease: false
|
36
|
+
version_requirements: !ruby/object:Gem::Requirement
|
37
|
+
requirements:
|
38
|
+
- - ">="
|
39
|
+
- !ruby/object:Gem::Version
|
40
|
+
version: '0'
|
41
|
+
- !ruby/object:Gem::Dependency
|
42
|
+
name: pry
|
43
|
+
requirement: !ruby/object:Gem::Requirement
|
44
|
+
requirements:
|
45
|
+
- - ">="
|
46
|
+
- !ruby/object:Gem::Version
|
47
|
+
version: '0'
|
48
|
+
type: :development
|
49
|
+
prerelease: false
|
50
|
+
version_requirements: !ruby/object:Gem::Requirement
|
51
|
+
requirements:
|
52
|
+
- - ">="
|
53
|
+
- !ruby/object:Gem::Version
|
54
|
+
version: '0'
|
55
|
+
- !ruby/object:Gem::Dependency
|
56
|
+
name: simplecov
|
57
|
+
requirement: !ruby/object:Gem::Requirement
|
58
|
+
requirements:
|
59
|
+
- - ">="
|
60
|
+
- !ruby/object:Gem::Version
|
61
|
+
version: '0'
|
62
|
+
type: :development
|
63
|
+
prerelease: false
|
64
|
+
version_requirements: !ruby/object:Gem::Requirement
|
65
|
+
requirements:
|
66
|
+
- - ">="
|
67
|
+
- !ruby/object:Gem::Version
|
68
|
+
version: '0'
|
69
|
+
- !ruby/object:Gem::Dependency
|
70
|
+
name: mocha
|
71
|
+
requirement: !ruby/object:Gem::Requirement
|
72
|
+
requirements:
|
73
|
+
- - ">="
|
74
|
+
- !ruby/object:Gem::Version
|
75
|
+
version: '0'
|
76
|
+
type: :development
|
77
|
+
prerelease: false
|
78
|
+
version_requirements: !ruby/object:Gem::Requirement
|
79
|
+
requirements:
|
80
|
+
- - ">="
|
81
|
+
- !ruby/object:Gem::Version
|
82
|
+
version: '0'
|
83
|
+
- !ruby/object:Gem::Dependency
|
84
|
+
name: appraisal
|
85
|
+
requirement: !ruby/object:Gem::Requirement
|
86
|
+
requirements:
|
87
|
+
- - ">="
|
88
|
+
- !ruby/object:Gem::Version
|
89
|
+
version: '0'
|
90
|
+
type: :development
|
91
|
+
prerelease: false
|
92
|
+
version_requirements: !ruby/object:Gem::Requirement
|
93
|
+
requirements:
|
94
|
+
- - ">="
|
95
|
+
- !ruby/object:Gem::Version
|
96
|
+
version: '0'
|
97
|
+
- !ruby/object:Gem::Dependency
|
98
|
+
name: dotenv-rails
|
99
|
+
requirement: !ruby/object:Gem::Requirement
|
100
|
+
requirements:
|
101
|
+
- - ">="
|
102
|
+
- !ruby/object:Gem::Version
|
103
|
+
version: '0'
|
104
|
+
type: :development
|
105
|
+
prerelease: false
|
106
|
+
version_requirements: !ruby/object:Gem::Requirement
|
107
|
+
requirements:
|
108
|
+
- - ">="
|
109
|
+
- !ruby/object:Gem::Version
|
110
|
+
version: '0'
|
111
|
+
description: Description of GoSso.
|
112
|
+
email:
|
113
|
+
- yfxie@me.com
|
114
|
+
executables: []
|
115
|
+
extensions: []
|
116
|
+
extra_rdoc_files: []
|
117
|
+
files:
|
118
|
+
- MIT-LICENSE
|
119
|
+
- Rakefile
|
120
|
+
- app/assets/config/go_sso_manifest.js
|
121
|
+
- app/assets/stylesheets/go_sso/application.css
|
122
|
+
- app/controllers/go_sso/application_controller.rb
|
123
|
+
- app/helpers/go_sso/application_helper.rb
|
124
|
+
- app/jobs/go_sso/application_job.rb
|
125
|
+
- app/mailers/go_sso/application_mailer.rb
|
126
|
+
- app/models/go_sso/application_record.rb
|
127
|
+
- app/views/layouts/go_sso/application.html.erb
|
128
|
+
- config/routes.rb
|
129
|
+
- lib/go_sso.rb
|
130
|
+
- lib/go_sso/controllers/helpers.rb
|
131
|
+
- lib/go_sso/current.rb
|
132
|
+
- lib/go_sso/engine.rb
|
133
|
+
- lib/go_sso/user.rb
|
134
|
+
- lib/go_sso/version.rb
|
135
|
+
- lib/tasks/go_sso_tasks.rake
|
136
|
+
homepage: https://github.com/yfxie/go_sso
|
137
|
+
licenses:
|
138
|
+
- MIT
|
139
|
+
metadata: {}
|
140
|
+
post_install_message:
|
141
|
+
rdoc_options: []
|
142
|
+
require_paths:
|
143
|
+
- lib
|
144
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
145
|
+
requirements:
|
146
|
+
- - ">="
|
147
|
+
- !ruby/object:Gem::Version
|
148
|
+
version: '0'
|
149
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
150
|
+
requirements:
|
151
|
+
- - ">="
|
152
|
+
- !ruby/object:Gem::Version
|
153
|
+
version: '0'
|
154
|
+
requirements: []
|
155
|
+
rubygems_version: 3.0.3
|
156
|
+
signing_key:
|
157
|
+
specification_version: 4
|
158
|
+
summary: Summary of GoSso.
|
159
|
+
test_files: []
|