grnds-sso 0.0.3

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: ddb4c8c687ce1b47dc636537155a39a3e15162e1
+  data.tar.gz: daf7628fb44d0f7f1420a15b113eec8a4c7899b3
+SHA512:
+  metadata.gz: 4c850adfe04cf8a13f63fc6014ba00e818b5ad6c729c8d27ed2af256a9536e85a577a7ab73c0c2cf569df0a50a024533a74402cdf4faff19018ab480ca1c0e4a
+  data.tar.gz: 4c89b94fc9a3a39a6f24d7814348447d3f7ad545f3595375052db89875501a0e2088d906647193f0bd704e65505ea579b45f352f82e3e230ca6664ba82f20e86

data/ChangeLog

@@ -0,0 +1,11 @@
+0.0.3
+=====
+ - added VpnConstraint class for use in routes.rb to protect console URLs.
+
+0.0.2
+=====
+ - changed sso_development vars to only set test data if no data previously existed.
+
+0.0.1
+=====
+ - initial push

data/README.md

@@ -0,0 +1,43 @@
+grnds-sso
+=========
+
+
+# Adding SSO to your application.
+
+- copy the sample config(below) to your app at `config/initializers/grnds_sso.rb`
+
+```
+Rails.application.config.action_dispatch.cookies_serializer = :marshal
+
+Grnds::Sso.configure do |config|
+  case Rails.env
+  when 'development', 'test'
+    config.base_site = 'http://localhost:3000'
+  when 'uat'
+    config.base_site = 'https://www.uat.grandroundshealth.com'
+  when 'production'
+    config.base_site = 'https://www.grandroundshealth.com'
+  end
+  config.sign_in_post_fix = '/app/users/sign_in'
+  config.sign_out_post_fix = '/app/users/sign_out'
+end
+```
+
+- Configure your session store to use the GrandRounds session cookie. Add `config/initializers/session_store.rb`:
+```
+  if Rails.env == 'test' or Rails.env == 'development'
+    Frick::Application.config.session_store :cookie_store, key: "_GrandRounds_session_#{Rails.env}", :domain => :all
+  elsif Rails.env == 'production'
+    Frick::Application.config.session_store :cookie_store, key: "_GrandRounds_session", :domain => ".#{ConsultingMD::Application.config.website_domain}"
+  else
+    Frick::Application.config.session_store :cookie_store, key: "_GrandRounds_session_#{Rails.env}", :domain => ".#{ConsultingMD::Application.config.website_domain}"
+  end
+```
+
+- In your application.rb, set up the cookie secret (and pay attention to your deployment environment variables):
+```
+    config.website_domain   = 'grandroundshealth.com'
+    config.secret_token = ENV['RAILS_COOKIE_SECRET'] || copy_it_yourself_from_tim_or_tp
+```
+
+- Make sure you don't also have a secret_token initializer.

data/grnds-sso.gemspec

@@ -0,0 +1,15 @@
+lib = File.expand_path('../lib', __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require 'grnds/sso/version'
+
+Gem::Specification.new do |s|
+  s.name        = 'grnds-sso'
+  s.version     = Grnds::Sso::VERSION
+  s.date        = '2014-12-29'
+  s.summary     = "SSO for Grand Rounds"
+  s.description = "A simple way to expose SSO on Grand Rounds projects"
+  s.authors     = ["Justin Ahn", "Rick Cobb"]
+  s.email       = 'justin@grandroundshealth.com'
+  s.files       = `git ls-files`.split($/)
+  s.license     = 'MIT'
+end

data/lib/grnds/sso.rb

@@ -0,0 +1,5 @@
+require 'grnds/sso/version'
+require 'grnds/sso/configuration'
+require 'grnds/sso/view_helpers' if defined?(Rails)
+require 'grnds/sso/authentication' if defined?(Rails)
+require 'grnds/sso/vpn_constraint' if defined?(Rails)

data/lib/grnds/sso/authentication.rb

@@ -0,0 +1,38 @@
+module Grnds
+  module Sso
+    module Authentication
+      extend ActiveSupport::Concern
+
+      module ClassMethods
+        def grnds_sso_access(options = {})
+          include Grnds::Sso::Authentication
+          include Grnds::Sso::ViewHelpers
+          before_filter :authenticate_user, options
+        end
+      end
+
+      protected
+
+      def set_development_credentials
+        session['customer_name'] ||= 'Grand Rounds'
+        session['uid'] ||= '57'
+        session['first_name'] ||= 'Kenneth'
+        session['last_name'] ||= 'Berland'
+      end
+
+      def authenticate_user
+        set_development_credentials if %w[test].include?(Rails.env)
+        redirect_to Grnds::Sso.sign_in_url unless authenticated?
+      end
+
+      def authenticated?
+        session[:init] = true unless session.loaded?
+        current_user.present?
+      end
+    end
+  end
+end
+
+ActionController::Base.class_eval do
+  extend Grnds::Sso::Authentication::ClassMethods
+end

data/lib/grnds/sso/configuration.rb

@@ -0,0 +1,31 @@
+module Grnds
+  module Sso
+    def self.configure
+      yield configuration
+    end
+
+    def self.configuration
+      @configuration ||= Grnds::Sso::Configuration.new
+    end
+
+    class Configuration
+      attr_accessor :base_site, :sign_in_post_fix, :sign_out_post_fix
+
+      def vpn
+        Grnds::Sso::VpnConstraint.instance
+      end
+    end
+
+    class << self
+      def sign_in_url
+        configuration = Grnds::Sso.configuration
+        configuration.base_site + configuration.sign_in_post_fix
+      end
+
+      def sign_out_url
+        configuration = Grnds::Sso.configuration
+        configuration.base_site + configuration.sign_out_post_fix
+      end
+    end
+  end
+end

data/lib/grnds/sso/version.rb

@@ -0,0 +1,5 @@
+module Grnds
+  module Sso
+    VERSION = '0.0.3'
+  end
+end

data/lib/grnds/sso/view_helpers.rb

@@ -0,0 +1,28 @@
+module Grnds
+  module Sso
+    module ViewHelpers
+      extend ActiveSupport::Concern
+      included do
+        helper_method :current_user
+        helper_method :current_customer
+        helper_method :current_first_name
+        helper_method :current_last_name
+      end
+      def current_user
+        session['uid']
+      end
+
+      def current_customer
+        session['customer_name']
+      end
+
+      def current_first_name
+        session['first_name']
+      end
+
+      def current_last_name
+        session['last_name']
+      end
+    end
+  end
+end

data/lib/grnds/sso/vpn_constraint.rb

@@ -0,0 +1,53 @@
+module Grnds::Sso
+  class VpnConstraint
+    include Singleton
+
+    LOCALHOST = '127.0.0.1'.freeze
+    VPN = %r{^10\.}.freeze
+
+    class << self
+      delegate :configure, :matches?, to: :instance
+    end
+
+    attr_accessor :require_login, :pattern
+    alias :require_login? :require_login
+
+    def initialize
+      self.require_login = (Rails.env != 'development')
+
+      case Rails.env
+      when 'development', 'test' then
+        self.pattern = LOCALHOST
+      else
+        self.pattern = VPN
+      end
+    end
+
+    def configure
+      yield self
+    end
+
+    def matches?(request)
+      return false unless !require_login? || authenticated?(request)
+
+      return on_the_vpn?(request)
+    end
+
+    def authenticated?(request)
+      session = request.session
+      session[:init] = true unless session.loaded?
+
+      return session['uid'].present?
+    end
+
+    def on_the_vpn?(request)
+      case pattern
+      when String
+        return pattern == request.remote_ip
+      else
+        return pattern.match(request.remote_ip)
+      end
+      raise "VPN not defined"
+    end
+  end
+end

metadata

@@ -0,0 +1,53 @@
+--- !ruby/object:Gem::Specification
+name: grnds-sso
+version: !ruby/object:Gem::Version
+  version: 0.0.3
+platform: ruby
+authors:
+- Justin Ahn
+- Rick Cobb
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2014-12-29 00:00:00.000000000 Z
+dependencies: []
+description: A simple way to expose SSO on Grand Rounds projects
+email: justin@grandroundshealth.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- ChangeLog
+- README.md
+- grnds-sso.gemspec
+- lib/grnds/sso.rb
+- lib/grnds/sso/authentication.rb
+- lib/grnds/sso/configuration.rb
+- lib/grnds/sso/version.rb
+- lib/grnds/sso/view_helpers.rb
+- lib/grnds/sso/vpn_constraint.rb
+homepage: 
+licenses:
+- MIT
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.4.3
+signing_key: 
+specification_version: 4
+summary: SSO for Grand Rounds
+test_files: []