hancock 0.0.3 → 0.0.4
Sign up to get free protection for your applications and to get access to all the features.
- data/README.md +16 -18
- data/Rakefile +1 -1
- data/lib/sinatra/hancock/openid_server.rb +4 -4
- data/lib/sinatra/hancock/sessions.rb +6 -5
- data/lib/sinatra/hancock/users.rb +3 -3
- metadata +2 -2
data/README.md
CHANGED
|
@@ -29,6 +29,7 @@ Your Rackup File
|
|
|
29
29
|
require 'rubygems'
|
|
30
30
|
gem 'sinatra', '~>0.9.1.1'
|
|
31
31
|
require 'hancock'
|
|
32
|
+
gem 'atmos-sinatra-ditties', '~>0.0.3'
|
|
32
33
|
require 'sinatra/ditties'
|
|
33
34
|
|
|
34
35
|
DataMapper.setup(:default, "sqlite3:///#{Dir.pwd}/development.db")
|
|
@@ -42,23 +43,16 @@ Your Rackup File
|
|
|
42
43
|
:domain => "example.com" # the HELO domain provided by the client to the server
|
|
43
44
|
}
|
|
44
45
|
|
|
45
|
-
if ENV['MIGRATE_ME']
|
|
46
|
-
DataMapper.auto_migrate!
|
|
47
|
-
Hancock::Consumer.create(:url => 'http://localhost:3000/sso/login', :label => 'Local Dev', :internal => false)
|
|
48
|
-
Hancock::Consumer.create(:url => 'http://localhost:4000/sso/login', :label => 'Local Dev', :internal => false)
|
|
49
|
-
Hancock::Consumer.create(:url => 'http://localhost:5000/sso/login', :label => 'Local Dev', :internal => false)
|
|
50
|
-
end
|
|
51
|
-
|
|
52
46
|
class Dragon < Hancock::App
|
|
53
47
|
set :views, 'views'
|
|
54
48
|
set :public, 'public'
|
|
55
49
|
set :environment, :production
|
|
56
50
|
|
|
57
51
|
set :provider_name, 'Example SSO Provider'
|
|
58
|
-
set :do_not_reply,
|
|
52
|
+
set :do_not_reply, 'sso@atmos.org'
|
|
59
53
|
|
|
60
54
|
get '/' do
|
|
61
|
-
redirect '/sso/login' unless session[:
|
|
55
|
+
redirect '/sso/login' unless session[:hancock_server_user_id]
|
|
62
56
|
erb "<h2>Hello <%= session[:first_name] %><!-- <%= session.inspect %>"
|
|
63
57
|
end
|
|
64
58
|
end
|
|
@@ -76,7 +70,11 @@ Installation
|
|
|
76
70
|
You need a few gems to function
|
|
77
71
|
|
|
78
72
|
% sudo gem install dm-core do_sqlite3
|
|
79
|
-
% sudo gem install sinatra
|
|
73
|
+
% sudo gem install sinatra ruby-openid
|
|
74
|
+
% sudo gem install atmos-sinatra-ditties
|
|
75
|
+
|
|
76
|
+
You need a few extra gems to run the specs
|
|
77
|
+
% sudo gem install rspec webrat rack-test cucumber
|
|
80
78
|
|
|
81
79
|
Deployment Setup
|
|
82
80
|
================
|
|
@@ -98,14 +96,14 @@ Consult the datamapper documentation if you need to connect to something other
|
|
|
98
96
|
than sqlite. This runs the initial user migration to bootstrap your db.
|
|
99
97
|
|
|
100
98
|
>> Hancock::Consumer.create(:url => 'http://hr.example.com/sso/login', :label => 'Human Resources', :internal => true)
|
|
101
|
-
=>
|
|
102
|
-
|
|
103
|
-
|
|
104
|
-
|
|
105
|
-
|
|
106
|
-
|
|
107
|
-
|
|
108
|
-
|
|
99
|
+
=> ...
|
|
100
|
+
>> Hancock::Consumer.create(:url => 'http://localhost:3000/sso/login', :label => 'Local Rails Dev', :internal => false)
|
|
101
|
+
=> ...
|
|
102
|
+
>> Hancock::Consumer.create(:url => 'http://localhost:4000/sso/login', :label => 'Local Merb Dev', :internal => false)
|
|
103
|
+
=> ...
|
|
104
|
+
>> Hancock::Consumer.create(:url => 'http://localhost:4567/sso/login', :label => 'Local Sinatra Dev', :internal => false)
|
|
105
|
+
|
|
106
|
+
Here's how you setup most frameworks as consumers. In a production environment you'd lock this down
|
|
109
107
|
|
|
110
108
|
Possibilities
|
|
111
109
|
=============
|
data/Rakefile
CHANGED
|
@@ -6,7 +6,7 @@ require 'spec/rake/spectask'
|
|
|
6
6
|
require 'cucumber/rake/task'
|
|
7
7
|
|
|
8
8
|
GEM = "hancock"
|
|
9
|
-
GEM_VERSION = "0.0.
|
|
9
|
+
GEM_VERSION = "0.0.4"
|
|
10
10
|
AUTHOR = ["Corey Donohoe", "Tim Carey-Smith"]
|
|
11
11
|
EMAIL = [ "atmos@atmos.org", "tim@spork.in" ]
|
|
12
12
|
HOMEPAGE = "http://github.com/atmos/hancock"
|
|
@@ -28,7 +28,7 @@ module Sinatra
|
|
|
28
28
|
|
|
29
29
|
case web_response.code
|
|
30
30
|
when 302
|
|
31
|
-
session.delete(:
|
|
31
|
+
session.delete(:hancock_server_return_to)
|
|
32
32
|
redirect web_response.headers['location']
|
|
33
33
|
else
|
|
34
34
|
web_response.body
|
|
@@ -60,14 +60,14 @@ module Sinatra
|
|
|
60
60
|
begin
|
|
61
61
|
oidreq = server.decode_request(params)
|
|
62
62
|
rescue OpenID::Server::ProtocolError => e
|
|
63
|
-
oidreq = session[:
|
|
63
|
+
oidreq = session[:hancock_server_last_oidreq]
|
|
64
64
|
end
|
|
65
65
|
throw(:halt, [400, 'Bad Request']) unless oidreq
|
|
66
66
|
|
|
67
67
|
oidresp = nil
|
|
68
68
|
if oidreq.kind_of?(OpenID::Server::CheckIDRequest)
|
|
69
|
-
session[:
|
|
70
|
-
session[:
|
|
69
|
+
session[:hancock_server_last_oidreq] = oidreq
|
|
70
|
+
session[:hancock_server_return_to] = absolute_url('/sso')
|
|
71
71
|
|
|
72
72
|
ensure_authenticated
|
|
73
73
|
unless oidreq.identity == url_for_user
|
|
@@ -8,16 +8,17 @@ module Sinatra
|
|
|
8
8
|
|
|
9
9
|
module Helpers
|
|
10
10
|
def session_user
|
|
11
|
-
session['
|
|
11
|
+
session['hancock_server_user_id'].nil? ?
|
|
12
|
+
nil : ::Hancock::User.get(session['hancock_server_user_id'])
|
|
12
13
|
end
|
|
13
14
|
|
|
14
15
|
def ensure_authenticated
|
|
15
|
-
if trust_root = session['
|
|
16
|
+
if trust_root = session['hancock_server_return_to'] || params['return_to']
|
|
16
17
|
if ::Hancock::Consumer.allowed?(trust_root)
|
|
17
18
|
if session_user
|
|
18
19
|
redirect "#{trust_root}?id=#{session_user.id}"
|
|
19
20
|
else
|
|
20
|
-
session['
|
|
21
|
+
session['hancock_server_return_to'] = trust_root
|
|
21
22
|
end
|
|
22
23
|
else
|
|
23
24
|
forbidden!
|
|
@@ -37,10 +38,10 @@ module Sinatra
|
|
|
37
38
|
app.post '/sso/login' do
|
|
38
39
|
@user = ::Hancock::User.authenticate(params['email'], params['password'])
|
|
39
40
|
if @user
|
|
40
|
-
session['
|
|
41
|
+
session['hancock_server_user_id'] = @user.id
|
|
41
42
|
end
|
|
42
43
|
ensure_authenticated
|
|
43
|
-
redirect session['
|
|
44
|
+
redirect session['hancock_server_return_to'] || '/'
|
|
44
45
|
end
|
|
45
46
|
|
|
46
47
|
app.get '/sso/logout' do
|
|
@@ -10,7 +10,7 @@ module Sinatra
|
|
|
10
10
|
def user_by_token(token)
|
|
11
11
|
user = ::Hancock::User.first(:access_token => token)
|
|
12
12
|
throw(:halt, [400, 'BadRequest']) unless user
|
|
13
|
-
session['
|
|
13
|
+
session['hancock_server_user_id'] = user.id
|
|
14
14
|
user
|
|
15
15
|
end
|
|
16
16
|
|
|
@@ -49,8 +49,8 @@ HAML
|
|
|
49
49
|
:access_token => nil,
|
|
50
50
|
:password => params['password'],
|
|
51
51
|
:password_confirmation => params['password_confirmation'])
|
|
52
|
-
destination = session.delete('
|
|
53
|
-
session.reject! { |key,value| key != '
|
|
52
|
+
destination = session.delete('hancock_server_return_to') || '/'
|
|
53
|
+
session.reject! { |key,value| key != 'hancock_server_user_id' }
|
|
54
54
|
redirect destination
|
|
55
55
|
end
|
|
56
56
|
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: hancock
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.0.
|
|
4
|
+
version: 0.0.4
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Corey Donohoe
|
|
@@ -10,7 +10,7 @@ autorequire: hancock
|
|
|
10
10
|
bindir: bin
|
|
11
11
|
cert_chain: []
|
|
12
12
|
|
|
13
|
-
date: 2009-03-
|
|
13
|
+
date: 2009-03-23 00:00:00 -06:00
|
|
14
14
|
default_executable:
|
|
15
15
|
dependencies:
|
|
16
16
|
- !ruby/object:Gem::Dependency
|