heroku-bouncer 0.3.0 → 0.3.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +32 -11
- data/lib/heroku/bouncer.rb +7 -3
- metadata +3 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 46e27351842e97990f1f62956aeded88e3f0bae4
|
|
4
|
+
data.tar.gz: 541142e69b9b117107cb279b06a89126912ff139
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: c16e1aef5ea19f40c9f74f5d289281b30c6454d982ead1523f942a9c698359e46f091161d1ddeb1638f5057e2902f4cfebfe16a9381212f6c2d9a2aa17aa4751
|
|
7
|
+
data.tar.gz: d4fff1844530e8e057f885d46616de7d9ad36e401a2718abd5680f34d91b21f9605187eb5c6e3345d0655d2f6120dae2432f4ecbfd3c042e92e3f724b32bc1f5
|
data/README.md
CHANGED
|
@@ -3,27 +3,47 @@
|
|
|
3
3
|
Heroku Bouncer is a Rack middleware (implemented in Sinatra) that
|
|
4
4
|
requires Heroku OAuth on all requests.
|
|
5
5
|
|
|
6
|
+
## Demo
|
|
7
|
+
|
|
8
|
+
[heroku-bouncer-demo](https://github.com/schneems/heroku-bouncer-demo) is a
|
|
9
|
+
Sinatra app that uses heroku-bouncer.
|
|
10
|
+
|
|
6
11
|
## Use
|
|
7
12
|
|
|
8
13
|
1. Create your OAuth client using `/auth/heroku/callback` as your
|
|
9
|
-
callback endpoint:
|
|
14
|
+
callback endpoint. Use `http://localhost:5000/auth/heroku/callback`
|
|
15
|
+
for local development with Foreman.
|
|
10
16
|
|
|
11
17
|
```sh
|
|
12
|
-
heroku clients:
|
|
18
|
+
heroku clients:register localhost http://localhost:5000/auth/heroku/callback
|
|
19
|
+
heroku clients:register myapp https://myapp.herokuapp.com/auth/heroku/callback
|
|
13
20
|
```
|
|
14
21
|
|
|
15
22
|
2. Set `HEROKU_OAUTH_ID` and `HEROKU_OAUTH_SECRET` in your environment.
|
|
16
|
-
3.
|
|
17
|
-
|
|
18
|
-
|
|
19
|
-
|
|
23
|
+
3. Set the `COOKIE_SECRET` environment variable to a long random string.
|
|
24
|
+
Otherwise, the OAuth ID and secret are concatenated for use as a secret.
|
|
25
|
+
4. Use the middleware.
|
|
26
|
+
|
|
27
|
+
**Rack, Sinatra, and Rails 4**
|
|
28
|
+
|
|
29
|
+
Add a `use` line to `config.ru`:
|
|
20
30
|
|
|
21
31
|
```ruby
|
|
22
|
-
require '
|
|
23
|
-
|
|
32
|
+
require ::File.expand_path('../config/environment', __FILE__)
|
|
33
|
+
|
|
34
|
+
use ::Heroku::Bouncer
|
|
35
|
+
run Rails.application
|
|
36
|
+
```
|
|
37
|
+
|
|
38
|
+
The middleware does not work properly when configured inside
|
|
39
|
+
Rails 4.
|
|
40
|
+
|
|
41
|
+
**Rails 3**
|
|
24
42
|
|
|
25
|
-
|
|
26
|
-
|
|
43
|
+
Add a middleware configuration line to `config/application.rb`:
|
|
44
|
+
|
|
45
|
+
```ruby
|
|
46
|
+
config.middleware.use ::Heroku::Bouncer
|
|
27
47
|
```
|
|
28
48
|
|
|
29
49
|
## Options
|
|
@@ -55,7 +75,8 @@ the following keys to your request environment:
|
|
|
55
75
|
* `bouncer.email`
|
|
56
76
|
* `bouncer.user`
|
|
57
77
|
|
|
58
|
-
You can access this in
|
|
78
|
+
You can access this in Sinatra and Rails by `request.env[key]`, e.g.
|
|
79
|
+
`request.env['bouncer.token']`.
|
|
59
80
|
|
|
60
81
|
## Using the Heroku API
|
|
61
82
|
|
data/lib/heroku/bouncer.rb
CHANGED
|
@@ -76,25 +76,29 @@ class Heroku::Bouncer < Sinatra::Base
|
|
|
76
76
|
|
|
77
77
|
# something went wrong
|
|
78
78
|
get '/auth/failure' do
|
|
79
|
-
|
|
79
|
+
destroy_session
|
|
80
80
|
redirect to("/")
|
|
81
81
|
end
|
|
82
82
|
|
|
83
83
|
# logout, single sign-on style
|
|
84
84
|
get '/auth/sso-logout' do
|
|
85
|
-
|
|
85
|
+
destroy_session
|
|
86
86
|
auth_url = ENV["HEROKU_AUTH_URL"] || "https://id.heroku.com"
|
|
87
87
|
redirect to("#{auth_url}/logout")
|
|
88
88
|
end
|
|
89
89
|
|
|
90
90
|
# logout but only locally
|
|
91
91
|
get '/auth/logout' do
|
|
92
|
-
|
|
92
|
+
destroy_session
|
|
93
93
|
redirect to("/")
|
|
94
94
|
end
|
|
95
95
|
|
|
96
96
|
private
|
|
97
97
|
|
|
98
|
+
def destroy_session
|
|
99
|
+
session = nil if session
|
|
100
|
+
end
|
|
101
|
+
|
|
98
102
|
def extract_option(options, option, default = nil)
|
|
99
103
|
options.has_key?(option) ? options[option] : default
|
|
100
104
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: heroku-bouncer
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.3.
|
|
4
|
+
version: 0.3.1
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Jonathan Dance
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2013-
|
|
11
|
+
date: 2013-08-01 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: omniauth-heroku
|
|
@@ -112,7 +112,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
112
112
|
version: '0'
|
|
113
113
|
requirements: []
|
|
114
114
|
rubyforge_project:
|
|
115
|
-
rubygems_version: 2.0.
|
|
115
|
+
rubygems_version: 2.0.3
|
|
116
116
|
signing_key:
|
|
117
117
|
specification_version: 4
|
|
118
118
|
summary: Requires Heroku OAuth on all requests.
|