heroku-bouncer 0.0.1 → 0.1.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (4) hide show
  1. data/Gemfile.lock +3 -5
  2. data/README.md +12 -5
  3. data/lib/heroku/bouncer.rb +12 -4
  4. metadata +24 -8
data/Gemfile.lock CHANGED
@@ -1,20 +1,18 @@
1
1
  PATH
2
2
  remote: .
3
3
  specs:
4
- heroku-bouncer (0.0.1)
5
- heroku-api (>= 0.0.0)
4
+ heroku-bouncer (0.0.2.pre)
5
+ faraday (~> 0.8)
6
+ multi_json (~> 1.0)
6
7
  omniauth-heroku (>= 0.1.0)
7
8
  sinatra (~> 1.0)
8
9
 
9
10
  GEM
10
11
  remote: https://rubygems.org/
11
12
  specs:
12
- excon (0.16.10)
13
13
  faraday (0.8.6)
14
14
  multipart-post (~> 1.1)
15
15
  hashie (1.2.0)
16
- heroku-api (0.3.8)
17
- excon (~> 0.16.10)
18
16
  httpauth (0.2.0)
19
17
  jwt (0.1.5)
20
18
  multi_json (>= 1.0)
data/README.md CHANGED
@@ -1,12 +1,19 @@
1
1
  # Heroku Bouncer
2
2
 
3
- Heroku Bounder is a Rack middleware (implemented in Sinatra) that
3
+ Heroku Bouncer is a Rack middleware (implemented in Sinatra) that
4
4
  requires Heroku OAuth on all requests.
5
5
 
6
6
  ## Use
7
7
 
8
- 1. Set `HEROKU_ID` and `HEROKU_SECRET` in your environment.
9
- 2. Use the middleware:
8
+ 1. Create your OAuth client using `/auth/heroku/callback` as your
9
+ callback endpoint:
10
+
11
+ ```sh
12
+ heroku clients:create likeaboss https://likeaboss.herokuapp.com/auth/heroku/callback
13
+ ```
14
+
15
+ 2. Set `HEROKU_ID` and `HEROKU_SECRET` in your environment.
16
+ 3. Use the middleware:
10
17
 
11
18
  ```ruby
12
19
  require 'heroku/bouncer'
@@ -33,7 +40,7 @@ There are 4 boolean options you can pass to the middleware:
33
40
  You use these by passing a hash to the `use` call, for example:
34
41
 
35
42
  ```ruby
36
- use Heroku::Builder, expose_token: true
43
+ use Heroku::Bouncer, expose_token: true
37
44
  ```
38
45
 
39
46
  ## How to get the data
@@ -54,7 +61,7 @@ appropriate, or `/auth/logout` if you only wish to logout of your app.
54
61
  The latter will redirect to `/`, which may result is the user being
55
62
  logging in again.
56
63
 
57
- ## Conditionally disabling the middleware
64
+ ## Conditionally enable the middleware
58
65
 
59
66
  Don't want to OAuth on every request? Use a middleware to conditionally
60
67
  enable this middleware, like
data/lib/heroku/bouncer.rb CHANGED
@@ -1,6 +1,7 @@
1
1
  require 'sinatra/base'
2
2
  require 'omniauth-heroku'
3
- require 'heroku-api'
3
+ require 'faraday'
4
+ require 'multi_json'
4
5
 
5
6
  Heroku ||= Module.new
6
7
 
@@ -26,6 +27,14 @@ class Heroku::Bouncer < Sinatra::Base
26
27
  options.has_key?(option) ? options[option] : default
27
28
  end
28
29
 
30
+ def fetch_user(token)
31
+ MultiJson.decode(
32
+ Faraday.new(ENV["HEROKU_API_URL"] || "https://api.heroku.com/").get('/account') do |r|
33
+ r.headers['Accept'] = 'application/json'
34
+ r.headers['Authorization'] = "Bearer #{token}"
35
+ end.body)
36
+ end
37
+
29
38
  def store(key, value)
30
39
  session[:store] ||= {}
31
40
  session[:store][key] = value
@@ -52,12 +61,11 @@ class Heroku::Bouncer < Sinatra::Base
52
61
  token = request.env['omniauth.auth']['credentials']['token']
53
62
  store(:token, token) if @expose_token
54
63
  if @expose_email || @expose_user || @herokai_only
55
- api = Heroku::API.new(:api_key => token)
56
- user = api.get_user.body if @expose_user
64
+ user = fetch_user(token)
57
65
  store(:user, user) if @expose_user
58
66
  store(:email, user['email']) if @expose_email
59
67
 
60
- if @herokai_only && user['email'] !~ /@heroku\.com$/
68
+ if @herokai_only && !user['email'].end_with?("@heroku.com")
61
69
  url = @herokai_only.is_a?(String) ? @herokai_only : 'https://www.heroku.com'
62
70
  redirect to(url) and return
63
71
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: heroku-bouncer
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.0.1
4
+ version: 0.1.0
5
5
  prerelease:
6
6
  platform: ruby
7
7
  authors:
@@ -9,7 +9,7 @@ authors:
9
9
  autorequire:
10
10
  bindir: bin
11
11
  cert_chain: []
12
- date: 2013-03-08 00:00:00.000000000 Z
12
+ date: 2013-03-09 00:00:00.000000000 Z
13
13
  dependencies:
14
14
  - !ruby/object:Gem::Dependency
15
15
  name: omniauth-heroku
@@ -44,21 +44,37 @@ dependencies:
44
44
  - !ruby/object:Gem::Version
45
45
  version: '1.0'
46
46
  - !ruby/object:Gem::Dependency
47
- name: heroku-api
47
+ name: faraday
48
48
  requirement: !ruby/object:Gem::Requirement
49
49
  none: false
50
50
  requirements:
51
- - - ! '>='
51
+ - - ~>
52
52
  - !ruby/object:Gem::Version
53
- version: 0.0.0
53
+ version: '0.8'
54
54
  type: :runtime
55
55
  prerelease: false
56
56
  version_requirements: !ruby/object:Gem::Requirement
57
57
  none: false
58
58
  requirements:
59
- - - ! '>='
59
+ - - ~>
60
+ - !ruby/object:Gem::Version
61
+ version: '0.8'
62
+ - !ruby/object:Gem::Dependency
63
+ name: multi_json
64
+ requirement: !ruby/object:Gem::Requirement
65
+ none: false
66
+ requirements:
67
+ - - ~>
60
68
  - !ruby/object:Gem::Version
61
- version: 0.0.0
69
+ version: '1.0'
70
+ type: :runtime
71
+ prerelease: false
72
+ version_requirements: !ruby/object:Gem::Requirement
73
+ none: false
74
+ requirements:
75
+ - - ~>
76
+ - !ruby/object:Gem::Version
77
+ version: '1.0'
62
78
  description: ID please.
63
79
  email:
64
80
  - jd@heroku.com
@@ -72,7 +88,7 @@ files:
72
88
  - Gemfile
73
89
  - Gemfile.lock
74
90
  - Rakefile
75
- homepage: http://github.com/heroku/heroku-bouncer
91
+ homepage: https://github.com/heroku/heroku-bouncer
76
92
  licenses: []
77
93
  post_install_message:
78
94
  rdoc_options: []