heroku-bouncer 0.2.1 → 0.3.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/Gemfile.lock +2 -0
- data/README.md +4 -3
- data/lib/heroku/bouncer.rb +8 -2
- metadata +16 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 6758e63ada289a67c98dfdd75ac078539adf76b1
|
4
|
+
data.tar.gz: 42bd2f4be9cda6bbb7adf8079fe5d256c9be5e7c
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: eea8f556d0c0b6fa6fe9894a0d7e75ff7a24a2ad468a6612a8b3a704aae32f32f89f23074bbfa2b4fbfdb45e40a80d8f58532d3df0ef18f09c451ec82df859af
|
7
|
+
data.tar.gz: 6c67c0eeac7851fb9702e04f6565c0e08d02341820768470f580392cc811c38329ed33ca64b4776e3b04aa5eaf9e16bb471dd1d80206c1a85ab5bde5482f6e61
|
data/Gemfile.lock
CHANGED
@@ -2,6 +2,7 @@ PATH
|
|
2
2
|
remote: .
|
3
3
|
specs:
|
4
4
|
heroku-bouncer (0.2.1)
|
5
|
+
encrypted_cookie (~> 0.0.4)
|
5
6
|
faraday (~> 0.8)
|
6
7
|
multi_json (~> 1.0)
|
7
8
|
omniauth-heroku (>= 0.1.0)
|
@@ -10,6 +11,7 @@ PATH
|
|
10
11
|
GEM
|
11
12
|
remote: https://rubygems.org/
|
12
13
|
specs:
|
14
|
+
encrypted_cookie (0.0.4)
|
13
15
|
faraday (0.8.7)
|
14
16
|
multipart-post (~> 1.1)
|
15
17
|
hashie (2.0.5)
|
data/README.md
CHANGED
@@ -13,7 +13,10 @@ requires Heroku OAuth on all requests.
|
|
13
13
|
```
|
14
14
|
|
15
15
|
2. Set `HEROKU_OAUTH_ID` and `HEROKU_OAUTH_SECRET` in your environment.
|
16
|
-
3.
|
16
|
+
3. Optionally, set the `COOKIE_SECRET` environment variable to a long
|
17
|
+
random string. Otherwise, the OAuth ID and secret are concatenated
|
18
|
+
for use as a secret.
|
19
|
+
4. Use the middleware:
|
17
20
|
|
18
21
|
```ruby
|
19
22
|
require 'heroku/bouncer'
|
@@ -85,7 +88,5 @@ you like](https://gist.github.com/wuputah/5534428).
|
|
85
88
|
|
86
89
|
## There be dragons
|
87
90
|
|
88
|
-
* This middleware uses a session stored in a cookie. The cookie secret
|
89
|
-
is `HEROKU_ID + HEROKU_SECRET`. So keep these secret.
|
90
91
|
* There's no tests yet. You may encounter bugs. Please report them (or
|
91
92
|
fix them in a pull request).
|
data/lib/heroku/bouncer.rb
CHANGED
@@ -2,6 +2,7 @@ require 'sinatra/base'
|
|
2
2
|
require 'omniauth-heroku'
|
3
3
|
require 'faraday'
|
4
4
|
require 'multi_json'
|
5
|
+
require 'encrypted_cookie'
|
5
6
|
|
6
7
|
Heroku ||= Module.new
|
7
8
|
|
@@ -13,8 +14,13 @@ class Heroku::Bouncer < Sinatra::Base
|
|
13
14
|
ID = (ENV['HEROKU_OAUTH_ID'] || ENV['HEROKU_ID']).to_s
|
14
15
|
SECRET = (ENV['HEROKU_OAUTH_SECRET'] || ENV['HEROKU_SECRET']).to_s
|
15
16
|
|
16
|
-
enable :
|
17
|
-
|
17
|
+
enable :raise_errors
|
18
|
+
disable :show_exceptions
|
19
|
+
|
20
|
+
use Rack::Session::EncryptedCookie,
|
21
|
+
:secret => (ENV['COOKIE_SECRET'] || (ID + SECRET)).to_s,
|
22
|
+
:expire_after => 8 * 60 * 60,
|
23
|
+
:key => (ENV['COOKIE_NAME'] || '_bouncer_session').to_s
|
18
24
|
|
19
25
|
# sets up the /auth/heroku endpoint
|
20
26
|
unless ID.empty? || SECRET.empty?
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: heroku-bouncer
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.3.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Jonathan Dance
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2013-06-
|
11
|
+
date: 2013-06-21 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: omniauth-heroku
|
@@ -66,6 +66,20 @@ dependencies:
|
|
66
66
|
- - ~>
|
67
67
|
- !ruby/object:Gem::Version
|
68
68
|
version: '1.0'
|
69
|
+
- !ruby/object:Gem::Dependency
|
70
|
+
name: encrypted_cookie
|
71
|
+
requirement: !ruby/object:Gem::Requirement
|
72
|
+
requirements:
|
73
|
+
- - ~>
|
74
|
+
- !ruby/object:Gem::Version
|
75
|
+
version: 0.0.4
|
76
|
+
type: :runtime
|
77
|
+
prerelease: false
|
78
|
+
version_requirements: !ruby/object:Gem::Requirement
|
79
|
+
requirements:
|
80
|
+
- - ~>
|
81
|
+
- !ruby/object:Gem::Version
|
82
|
+
version: 0.0.4
|
69
83
|
description: ID please.
|
70
84
|
email:
|
71
85
|
- jd@heroku.com
|