heroku-bouncer 0.0.1 → 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (4) hide show
  1. data/Gemfile.lock +3 -5
  2. data/README.md +12 -5
  3. data/lib/heroku/bouncer.rb +12 -4
  4. metadata +24 -8
data/Gemfile.lock CHANGED
@@ -1,20 +1,18 @@
1
1
  PATH
2
2
  remote: .
3
3
  specs:
4
- heroku-bouncer (0.0.1)
5
- heroku-api (>= 0.0.0)
4
+ heroku-bouncer (0.0.2.pre)
5
+ faraday (~> 0.8)
6
+ multi_json (~> 1.0)
6
7
  omniauth-heroku (>= 0.1.0)
7
8
  sinatra (~> 1.0)
8
9
 
9
10
  GEM
10
11
  remote: https://rubygems.org/
11
12
  specs:
12
- excon (0.16.10)
13
13
  faraday (0.8.6)
14
14
  multipart-post (~> 1.1)
15
15
  hashie (1.2.0)
16
- heroku-api (0.3.8)
17
- excon (~> 0.16.10)
18
16
  httpauth (0.2.0)
19
17
  jwt (0.1.5)
20
18
  multi_json (>= 1.0)
data/README.md CHANGED
@@ -1,12 +1,19 @@
1
1
  # Heroku Bouncer
2
2
 
3
- Heroku Bounder is a Rack middleware (implemented in Sinatra) that
3
+ Heroku Bouncer is a Rack middleware (implemented in Sinatra) that
4
4
  requires Heroku OAuth on all requests.
5
5
 
6
6
  ## Use
7
7
 
8
- 1. Set `HEROKU_ID` and `HEROKU_SECRET` in your environment.
9
- 2. Use the middleware:
8
+ 1. Create your OAuth client using `/auth/heroku/callback` as your
9
+ callback endpoint:
10
+
11
+ ```sh
12
+ heroku clients:create likeaboss https://likeaboss.herokuapp.com/auth/heroku/callback
13
+ ```
14
+
15
+ 2. Set `HEROKU_ID` and `HEROKU_SECRET` in your environment.
16
+ 3. Use the middleware:
10
17
 
11
18
  ```ruby
12
19
  require 'heroku/bouncer'
@@ -33,7 +40,7 @@ There are 4 boolean options you can pass to the middleware:
33
40
  You use these by passing a hash to the `use` call, for example:
34
41
 
35
42
  ```ruby
36
- use Heroku::Builder, expose_token: true
43
+ use Heroku::Bouncer, expose_token: true
37
44
  ```
38
45
 
39
46
  ## How to get the data
@@ -54,7 +61,7 @@ appropriate, or `/auth/logout` if you only wish to logout of your app.
54
61
  The latter will redirect to `/`, which may result is the user being
55
62
  logging in again.
56
63
 
57
- ## Conditionally disabling the middleware
64
+ ## Conditionally enable the middleware
58
65
 
59
66
  Don't want to OAuth on every request? Use a middleware to conditionally
60
67
  enable this middleware, like
data/lib/heroku/bouncer.rb CHANGED
@@ -1,6 +1,7 @@
1
1
  require 'sinatra/base'
2
2
  require 'omniauth-heroku'
3
- require 'heroku-api'
3
+ require 'faraday'
4
+ require 'multi_json'
4
5
 
5
6
  Heroku ||= Module.new
6
7
 
@@ -26,6 +27,14 @@ class Heroku::Bouncer < Sinatra::Base
26
27
  options.has_key?(option) ? options[option] : default
27
28
  end
28
29
 
30
+ def fetch_user(token)
31
+ MultiJson.decode(
32
+ Faraday.new(ENV["HEROKU_API_URL"] || "https://api.heroku.com/").get('/account') do |r|
33
+ r.headers['Accept'] = 'application/json'
34
+ r.headers['Authorization'] = "Bearer #{token}"
35
+ end.body)
36
+ end
37
+
29
38
  def store(key, value)
30
39
  session[:store] ||= {}
31
40
  session[:store][key] = value
@@ -52,12 +61,11 @@ class Heroku::Bouncer < Sinatra::Base
52
61
  token = request.env['omniauth.auth']['credentials']['token']
53
62
  store(:token, token) if @expose_token
54
63
  if @expose_email || @expose_user || @herokai_only
55
- api = Heroku::API.new(:api_key => token)
56
- user = api.get_user.body if @expose_user
64
+ user = fetch_user(token)
57
65
  store(:user, user) if @expose_user
58
66
  store(:email, user['email']) if @expose_email
59
67
 
60
- if @herokai_only && user['email'] !~ /@heroku\.com$/
68
+ if @herokai_only && !user['email'].end_with?("@heroku.com")
61
69
  url = @herokai_only.is_a?(String) ? @herokai_only : 'https://www.heroku.com'
62
70
  redirect to(url) and return
63
71
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: heroku-bouncer
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.0.1
4
+ version: 0.1.0
5
5
  prerelease:
6
6
  platform: ruby
7
7
  authors:
@@ -9,7 +9,7 @@ authors:
9
9
  autorequire:
10
10
  bindir: bin
11
11
  cert_chain: []
12
- date: 2013-03-08 00:00:00.000000000 Z
12
+ date: 2013-03-09 00:00:00.000000000 Z
13
13
  dependencies:
14
14
  - !ruby/object:Gem::Dependency
15
15
  name: omniauth-heroku
@@ -44,21 +44,37 @@ dependencies:
44
44
  - !ruby/object:Gem::Version
45
45
  version: '1.0'
46
46
  - !ruby/object:Gem::Dependency
47
- name: heroku-api
47
+ name: faraday
48
48
  requirement: !ruby/object:Gem::Requirement
49
49
  none: false
50
50
  requirements:
51
- - - ! '>='
51
+ - - ~>
52
52
  - !ruby/object:Gem::Version
53
- version: 0.0.0
53
+ version: '0.8'
54
54
  type: :runtime
55
55
  prerelease: false
56
56
  version_requirements: !ruby/object:Gem::Requirement
57
57
  none: false
58
58
  requirements:
59
- - - ! '>='
59
+ - - ~>
60
+ - !ruby/object:Gem::Version
61
+ version: '0.8'
62
+ - !ruby/object:Gem::Dependency
63
+ name: multi_json
64
+ requirement: !ruby/object:Gem::Requirement
65
+ none: false
66
+ requirements:
67
+ - - ~>
60
68
  - !ruby/object:Gem::Version
61
- version: 0.0.0
69
+ version: '1.0'
70
+ type: :runtime
71
+ prerelease: false
72
+ version_requirements: !ruby/object:Gem::Requirement
73
+ none: false
74
+ requirements:
75
+ - - ~>
76
+ - !ruby/object:Gem::Version
77
+ version: '1.0'
62
78
  description: ID please.
63
79
  email:
64
80
  - jd@heroku.com
@@ -72,7 +88,7 @@ files:
72
88
  - Gemfile
73
89
  - Gemfile.lock
74
90
  - Rakefile
75
- homepage: http://github.com/heroku/heroku-bouncer
91
+ homepage: https://github.com/heroku/heroku-bouncer
76
92
  licenses: []
77
93
  post_install_message:
78
94
  rdoc_options: []