heroku-bouncer 0.3.0 → 0.3.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +32 -11
- data/lib/heroku/bouncer.rb +7 -3
- metadata +3 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 46e27351842e97990f1f62956aeded88e3f0bae4
|
|
4
|
+
data.tar.gz: 541142e69b9b117107cb279b06a89126912ff139
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: c16e1aef5ea19f40c9f74f5d289281b30c6454d982ead1523f942a9c698359e46f091161d1ddeb1638f5057e2902f4cfebfe16a9381212f6c2d9a2aa17aa4751
|
|
7
|
+
data.tar.gz: d4fff1844530e8e057f885d46616de7d9ad36e401a2718abd5680f34d91b21f9605187eb5c6e3345d0655d2f6120dae2432f4ecbfd3c042e92e3f724b32bc1f5
|
data/README.md
CHANGED
|
@@ -3,27 +3,47 @@
|
|
|
3
3
|
Heroku Bouncer is a Rack middleware (implemented in Sinatra) that
|
|
4
4
|
requires Heroku OAuth on all requests.
|
|
5
5
|
|
|
6
|
+
## Demo
|
|
7
|
+
|
|
8
|
+
[heroku-bouncer-demo](https://github.com/schneems/heroku-bouncer-demo) is a
|
|
9
|
+
Sinatra app that uses heroku-bouncer.
|
|
10
|
+
|
|
6
11
|
## Use
|
|
7
12
|
|
|
8
13
|
1. Create your OAuth client using `/auth/heroku/callback` as your
|
|
9
|
-
callback endpoint:
|
|
14
|
+
callback endpoint. Use `http://localhost:5000/auth/heroku/callback`
|
|
15
|
+
for local development with Foreman.
|
|
10
16
|
|
|
11
17
|
```sh
|
|
12
|
-
heroku clients:
|
|
18
|
+
heroku clients:register localhost http://localhost:5000/auth/heroku/callback
|
|
19
|
+
heroku clients:register myapp https://myapp.herokuapp.com/auth/heroku/callback
|
|
13
20
|
```
|
|
14
21
|
|
|
15
22
|
2. Set `HEROKU_OAUTH_ID` and `HEROKU_OAUTH_SECRET` in your environment.
|
|
16
|
-
3.
|
|
17
|
-
|
|
18
|
-
|
|
19
|
-
|
|
23
|
+
3. Set the `COOKIE_SECRET` environment variable to a long random string.
|
|
24
|
+
Otherwise, the OAuth ID and secret are concatenated for use as a secret.
|
|
25
|
+
4. Use the middleware.
|
|
26
|
+
|
|
27
|
+
**Rack, Sinatra, and Rails 4**
|
|
28
|
+
|
|
29
|
+
Add a `use` line to `config.ru`:
|
|
20
30
|
|
|
21
31
|
```ruby
|
|
22
|
-
require '
|
|
23
|
-
|
|
32
|
+
require ::File.expand_path('../config/environment', __FILE__)
|
|
33
|
+
|
|
34
|
+
use ::Heroku::Bouncer
|
|
35
|
+
run Rails.application
|
|
36
|
+
```
|
|
37
|
+
|
|
38
|
+
The middleware does not work properly when configured inside
|
|
39
|
+
Rails 4.
|
|
40
|
+
|
|
41
|
+
**Rails 3**
|
|
24
42
|
|
|
25
|
-
|
|
26
|
-
|
|
43
|
+
Add a middleware configuration line to `config/application.rb`:
|
|
44
|
+
|
|
45
|
+
```ruby
|
|
46
|
+
config.middleware.use ::Heroku::Bouncer
|
|
27
47
|
```
|
|
28
48
|
|
|
29
49
|
## Options
|
|
@@ -55,7 +75,8 @@ the following keys to your request environment:
|
|
|
55
75
|
* `bouncer.email`
|
|
56
76
|
* `bouncer.user`
|
|
57
77
|
|
|
58
|
-
You can access this in
|
|
78
|
+
You can access this in Sinatra and Rails by `request.env[key]`, e.g.
|
|
79
|
+
`request.env['bouncer.token']`.
|
|
59
80
|
|
|
60
81
|
## Using the Heroku API
|
|
61
82
|
|
data/lib/heroku/bouncer.rb
CHANGED
|
@@ -76,25 +76,29 @@ class Heroku::Bouncer < Sinatra::Base
|
|
|
76
76
|
|
|
77
77
|
# something went wrong
|
|
78
78
|
get '/auth/failure' do
|
|
79
|
-
|
|
79
|
+
destroy_session
|
|
80
80
|
redirect to("/")
|
|
81
81
|
end
|
|
82
82
|
|
|
83
83
|
# logout, single sign-on style
|
|
84
84
|
get '/auth/sso-logout' do
|
|
85
|
-
|
|
85
|
+
destroy_session
|
|
86
86
|
auth_url = ENV["HEROKU_AUTH_URL"] || "https://id.heroku.com"
|
|
87
87
|
redirect to("#{auth_url}/logout")
|
|
88
88
|
end
|
|
89
89
|
|
|
90
90
|
# logout but only locally
|
|
91
91
|
get '/auth/logout' do
|
|
92
|
-
|
|
92
|
+
destroy_session
|
|
93
93
|
redirect to("/")
|
|
94
94
|
end
|
|
95
95
|
|
|
96
96
|
private
|
|
97
97
|
|
|
98
|
+
def destroy_session
|
|
99
|
+
session = nil if session
|
|
100
|
+
end
|
|
101
|
+
|
|
98
102
|
def extract_option(options, option, default = nil)
|
|
99
103
|
options.has_key?(option) ? options[option] : default
|
|
100
104
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: heroku-bouncer
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.3.
|
|
4
|
+
version: 0.3.1
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Jonathan Dance
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2013-
|
|
11
|
+
date: 2013-08-01 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: omniauth-heroku
|
|
@@ -112,7 +112,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
112
112
|
version: '0'
|
|
113
113
|
requirements: []
|
|
114
114
|
rubyforge_project:
|
|
115
|
-
rubygems_version: 2.0.
|
|
115
|
+
rubygems_version: 2.0.3
|
|
116
116
|
signing_key:
|
|
117
117
|
specification_version: 4
|
|
118
118
|
summary: Requires Heroku OAuth on all requests.
|