himari 0.1.0 → 0.3.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/Rakefile +2 -0
- data/lib/himari/app.rb +41 -5
- data/lib/himari/authorization_code.rb +13 -1
- data/lib/himari/config.rb +6 -2
- data/lib/himari/decisions/authorization.rb +5 -4
- data/lib/himari/decisions/base.rb +13 -7
- data/lib/himari/id_token.rb +4 -2
- data/lib/himari/rule_processor.rb +7 -2
- data/lib/himari/services/downstream_authorization.rb +5 -4
- data/lib/himari/version.rb +1 -1
- data/public/public/index.css +11 -2
- data/views/login.erb +20 -4
- metadata +3 -6
- data/Gemfile +0 -11
- data/Gemfile.lock +0 -152
- data/himari.gemspec +0 -44
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 9ef5f3bac5f8a375751669378420729ab8dbe9ce40c1e1dec0fb5a3ac938b304
|
4
|
+
data.tar.gz: ed87e0922bc863813624c34d217f02fd9f06fec442fd01a8b0c1daf760b6ca48
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 97c69604496c88d5b6e0f38cf0693cdd07ee6dd15b73d12e724efcea058a2f44492fcbe57ed5ece878f36e7bc2631a028c1464f9bc17d33f519eb2f17b8ff576
|
7
|
+
data.tar.gz: 3a9fff6c67bec527df79527f9e436c5703d95e822e0b0d3bc4cc460e003205d238a9e8ea965f2fbb931a18389282dfa2b770e60b931eaadc82dd683b413f841a
|
data/Rakefile
CHANGED
data/lib/himari/app.rb
CHANGED
@@ -1,5 +1,8 @@
|
|
1
1
|
require 'sinatra/base'
|
2
2
|
require 'addressable'
|
3
|
+
require 'base64'
|
4
|
+
|
5
|
+
require 'himari/version'
|
3
6
|
|
4
7
|
require 'himari/log_line'
|
5
8
|
|
@@ -66,7 +69,16 @@ module Himari
|
|
66
69
|
end
|
67
70
|
|
68
71
|
def cachebuster
|
69
|
-
env['himari.cachebuster']
|
72
|
+
env['himari.cachebuster'] ||= Base64.urlsafe_encode64(release_code, padding: false)
|
73
|
+
end
|
74
|
+
|
75
|
+
def release_code
|
76
|
+
env['himari.release'] ||= begin
|
77
|
+
[
|
78
|
+
Himari::VERSION,
|
79
|
+
config.release_fragment,
|
80
|
+
].compact.join(':')
|
81
|
+
end
|
70
82
|
end
|
71
83
|
|
72
84
|
def request_id
|
@@ -83,6 +95,12 @@ module Himari
|
|
83
95
|
xff: env['HTTP_X_FORWARDED_FOR'],
|
84
96
|
}
|
85
97
|
end
|
98
|
+
|
99
|
+
def msg(key, default = nil)
|
100
|
+
config.custom_messages[key] || default
|
101
|
+
end
|
102
|
+
|
103
|
+
include ERB::Util
|
86
104
|
end
|
87
105
|
|
88
106
|
before do
|
@@ -109,6 +127,7 @@ module Himari
|
|
109
127
|
authz = AuthorizationCode.make(
|
110
128
|
client_id: decision.client.id,
|
111
129
|
claims: decision.claims,
|
130
|
+
lifetime: decision.lifetime,
|
112
131
|
)
|
113
132
|
|
114
133
|
Himari::Services::OidcAuthorizationEndpoint.new(
|
@@ -119,11 +138,24 @@ module Himari
|
|
119
138
|
).call(env)
|
120
139
|
else
|
121
140
|
logger&.info(Himari::LogLine.new('authorize: prompt login', req: request_as_log, client_id: params[:client_id]))
|
122
|
-
erb :login
|
141
|
+
erb config.custom_templates[:login] || :login
|
123
142
|
end
|
124
143
|
rescue Himari::Services::DownstreamAuthorization::ForbiddenError => e
|
125
144
|
logger&.warn(Himari::LogLine.new('authorize: downstream forbidden', req: request_as_log, allowed: e.result.authz_result.allowed, err: e.class.inspect, result: e.as_log))
|
126
|
-
|
145
|
+
|
146
|
+
@notice = message_human = e.result.authz_result&.user_facing_message
|
147
|
+
|
148
|
+
case e.result.authz_result&.suggestion
|
149
|
+
when nil
|
150
|
+
# do nothing
|
151
|
+
when :reauthenticate
|
152
|
+
logger&.warn(Himari::LogLine.new('authorize: prompt login to reauthenticate', req: request_as_log, allowed: e.result.authz_result.allowed, err: e.class.inspect, result: e.as_log))
|
153
|
+
next erb(:login)
|
154
|
+
else
|
155
|
+
raise ArgumentError, "Unknown suggestion value for DownstreamAuthorization denial; #{e.as_log.inspect}"
|
156
|
+
end
|
157
|
+
|
158
|
+
halt(403, "Forbidden#{message_human ? "; #{message_human}" : nil}")
|
127
159
|
end
|
128
160
|
|
129
161
|
token_ep = proc do
|
@@ -164,9 +196,12 @@ module Himari
|
|
164
196
|
end
|
165
197
|
|
166
198
|
omniauth_callback = proc do
|
199
|
+
authhash = request.env['omniauth.auth']
|
200
|
+
next halt(400, 'Bad Request') unless authhash
|
201
|
+
|
167
202
|
# do upstream auth
|
168
203
|
authn = Himari::Services::UpstreamAuthentication.from_request(request).perform
|
169
|
-
logger&.info(Himari::LogLine.new('authentication allowed', req: request_as_log, allowed: authn.authn_result.allowed, uid:
|
204
|
+
logger&.info(Himari::LogLine.new('authentication allowed', req: request_as_log, allowed: authn.authn_result.allowed, uid: authhash[:uid], provider: authhash[:provider], result: authn.as_log))
|
170
205
|
raise unless authn.authn_result.allowed # sanity check
|
171
206
|
|
172
207
|
given_back_to = request.env['omniauth.params']&.fetch('back_to', nil)
|
@@ -185,7 +220,8 @@ module Himari
|
|
185
220
|
redirect back_to
|
186
221
|
rescue Himari::Services::UpstreamAuthentication::UnauthorizedError => e
|
187
222
|
logger&.warn(Himari::LogLine.new('authentication denied', req: request_as_log, err: e.class.inspect, allowed: e.result.authn_result.allowed, uid: request.env.fetch('omniauth.auth')[:uid], provider: request.env.fetch('omniauth.auth')[:provider], result: e.as_log))
|
188
|
-
|
223
|
+
message_human = e.result.authn_result&.user_facing_message
|
224
|
+
halt(401, "Unauthorized#{message_human ? "; #{message_human}" : nil}")
|
189
225
|
end
|
190
226
|
get '/auth/:provider/callback', &omniauth_callback
|
191
227
|
post '/auth/:provider/callback', &omniauth_callback
|
@@ -10,17 +10,25 @@ module Himari
|
|
10
10
|
nonce
|
11
11
|
code_challenge
|
12
12
|
code_challenge_method
|
13
|
+
created_at
|
14
|
+
lifetime
|
13
15
|
expiry
|
14
16
|
)
|
15
17
|
AuthorizationCode = Struct.new(*authz_attrs, keyword_init: true) do
|
16
18
|
def self.make(**kwargs)
|
17
19
|
new(
|
18
20
|
code: SecureRandom.urlsafe_base64(32),
|
19
|
-
|
21
|
+
created_at: Time.now.to_i,
|
20
22
|
**kwargs,
|
21
23
|
)
|
22
24
|
end
|
23
25
|
|
26
|
+
alias _expiry_raw expiry
|
27
|
+
private :_expiry_raw
|
28
|
+
def expiry
|
29
|
+
self._expiry_raw || (self.expiry = created_at + (lifetime || 900))
|
30
|
+
end
|
31
|
+
|
24
32
|
def valid_redirect_uri?(given_uri)
|
25
33
|
redirect_uri == given_uri
|
26
34
|
end
|
@@ -59,6 +67,8 @@ module Himari
|
|
59
67
|
claims: claims,
|
60
68
|
nonce: nonce,
|
61
69
|
openid: openid,
|
70
|
+
created_at: created_at.to_i,
|
71
|
+
lifetime: lifetime.to_i,
|
62
72
|
expiry: expiry.to_i,
|
63
73
|
pkce: pkce?,
|
64
74
|
pkce_method: code_challenge_method,
|
@@ -76,6 +86,8 @@ module Himari
|
|
76
86
|
nonce: nonce,
|
77
87
|
code_challenge: code_challenge,
|
78
88
|
code_challenge_method: code_challenge_method,
|
89
|
+
created_at: created_at.to_i,
|
90
|
+
lifetime: lifetime.to_i,
|
79
91
|
expiry: expiry.to_i,
|
80
92
|
}
|
81
93
|
end
|
data/lib/himari/config.rb
CHANGED
@@ -5,7 +5,7 @@ require 'himari/log_line'
|
|
5
5
|
|
6
6
|
module Himari
|
7
7
|
class Config
|
8
|
-
def initialize(issuer:, storage:, providers: [], log_output: $stdout, log_level: Logger::INFO, preserve_rack_logger: false)
|
8
|
+
def initialize(issuer:, storage:, providers: [], log_output: $stdout, log_level: Logger::INFO, preserve_rack_logger: false, custom_templates: {}, custom_messages: {}, release_fragment: nil)
|
9
9
|
@issuer = issuer
|
10
10
|
@providers = providers
|
11
11
|
@storage = storage
|
@@ -13,9 +13,13 @@ module Himari
|
|
13
13
|
@log_output = log_output
|
14
14
|
@log_level = log_level
|
15
15
|
@preserve_rack_logger = preserve_rack_logger
|
16
|
+
|
17
|
+
@custom_messages = custom_messages
|
18
|
+
@custom_templates = custom_templates
|
19
|
+
@release_fragment = release_fragment
|
16
20
|
end
|
17
21
|
|
18
|
-
attr_reader :issuer, :providers, :storage, :preserve_rack_logger
|
22
|
+
attr_reader :issuer, :providers, :storage, :preserve_rack_logger, :custom_messages, :custom_templates, :release_fragment
|
19
23
|
|
20
24
|
def logger
|
21
25
|
@logger ||= Logger.new(@log_output).tap do |l|
|
@@ -19,14 +19,15 @@ module Himari
|
|
19
19
|
|
20
20
|
allow_effects(:allow, :deny, :continue, :skip)
|
21
21
|
|
22
|
-
def initialize(claims: {}, allowed_claims: DEFAULT_ALLOWED_CLAIMS, lifetime: 3600
|
22
|
+
def initialize(claims: {}, allowed_claims: DEFAULT_ALLOWED_CLAIMS, lifetime: 3600)
|
23
23
|
super()
|
24
24
|
@claims = claims
|
25
25
|
@allowed_claims = allowed_claims
|
26
26
|
@lifetime = lifetime
|
27
27
|
end
|
28
28
|
|
29
|
-
attr_reader :claims, :allowed_claims
|
29
|
+
attr_reader :claims, :allowed_claims
|
30
|
+
attr_accessor :lifetime
|
30
31
|
|
31
32
|
def to_evolve_args
|
32
33
|
{
|
@@ -37,10 +38,10 @@ module Himari
|
|
37
38
|
end
|
38
39
|
|
39
40
|
def as_log
|
40
|
-
to_h.merge(claims:
|
41
|
+
to_h.merge(claims: output_claims, lifetime: @lifetime&.to_i)
|
41
42
|
end
|
42
43
|
|
43
|
-
def
|
44
|
+
def output_claims
|
44
45
|
claims.select { |k,_v| allowed_claims.include?(k) }
|
45
46
|
end
|
46
47
|
end
|
@@ -18,7 +18,7 @@ module Himari
|
|
18
18
|
raise "#{self.class.name}.valid_effects is missing [BUG]" unless self.class.valid_effects
|
19
19
|
end
|
20
20
|
|
21
|
-
attr_reader :effect, :effect_comment, :rule_name
|
21
|
+
attr_reader :effect, :effect_comment, :effect_user_facing_message, :effect_suggestion, :rule_name
|
22
22
|
|
23
23
|
def to_evolve_args
|
24
24
|
raise NotImplementedError
|
@@ -29,7 +29,10 @@ module Himari
|
|
29
29
|
rule_name: rule_name,
|
30
30
|
effect: effect,
|
31
31
|
effect_comment: effect_comment,
|
32
|
-
}
|
32
|
+
}.tap do |x|
|
33
|
+
x[:effect_user_facing_message] = effect_user_facing_message if effect_user_facing_message
|
34
|
+
x[:effect_suggestion] = effect_suggestion if effect_suggestion
|
35
|
+
end
|
33
36
|
end
|
34
37
|
|
35
38
|
def as_log
|
@@ -46,18 +49,21 @@ module Himari
|
|
46
49
|
self
|
47
50
|
end
|
48
51
|
|
49
|
-
def decide!(effect, comment = "")
|
52
|
+
def decide!(effect, comment = "", user_facing_message: nil, suggest: nil)
|
50
53
|
raise DecisionAlreadyMade, "decision can only be made once per rule (#{rule_name})" if @effect
|
51
54
|
raise InvalidEffect, "this effect is not valid under this rule. Valid effects: #{self.class.valid_effects.inspect} (#{rule_name})" unless self.class.valid_effects.include?(effect)
|
55
|
+
raise InvalidEffect, "only deny effect can have suggestion" if suggest&& effect != :deny
|
52
56
|
@effect = effect
|
53
57
|
@effect_comment = comment
|
58
|
+
@effect_user_facing_message = user_facing_message
|
59
|
+
@effect_suggestion = suggest
|
54
60
|
nil
|
55
61
|
end
|
56
62
|
|
57
|
-
def allow!(
|
58
|
-
def continue!(
|
59
|
-
def deny!(
|
60
|
-
def skip!(
|
63
|
+
def allow!(*args, **kwargs); decide!(:allow, *args, **kwargs); end
|
64
|
+
def continue!(*args, **kwargs); decide!(:continue, *args, **kwargs); end
|
65
|
+
def deny!(*args, **kwargs); decide!(:deny, *args, **kwargs); end
|
66
|
+
def skip!(*args, **kwargs); decide!(:skip, *args, **kwargs); end
|
61
67
|
end
|
62
68
|
end
|
63
69
|
end
|
data/lib/himari/id_token.rb
CHANGED
@@ -11,11 +11,12 @@ module Himari
|
|
11
11
|
claims: authz.claims,
|
12
12
|
client_id: authz.client_id,
|
13
13
|
nonce: authz.nonce,
|
14
|
+
lifetime: authz.lifetime,
|
14
15
|
**kwargs
|
15
16
|
)
|
16
17
|
end
|
17
18
|
|
18
|
-
def initialize(claims:, client_id:, nonce:, signing_key:, issuer:, access_token: nil, time: Time.now)
|
19
|
+
def initialize(claims:, client_id:, nonce:, signing_key:, issuer:, access_token: nil, time: Time.now, lifetime: 3600)
|
19
20
|
@claims = claims
|
20
21
|
@client_id = client_id
|
21
22
|
@nonce = nonce
|
@@ -23,6 +24,7 @@ module Himari
|
|
23
24
|
@issuer = issuer
|
24
25
|
@access_token = access_token
|
25
26
|
@time = time
|
27
|
+
@lifetime = lifetime
|
26
28
|
end
|
27
29
|
|
28
30
|
attr_reader :claims, :nonce, :signing_key
|
@@ -34,7 +36,7 @@ module Himari
|
|
34
36
|
aud: @client_id,
|
35
37
|
iat: @time.to_i,
|
36
38
|
nbf: @time.to_i,
|
37
|
-
exp: (@time +
|
39
|
+
exp: (@time + @lifetime).to_i,
|
38
40
|
).merge(
|
39
41
|
@nonce ? { nonce: @nonce } : {}
|
40
42
|
).merge(
|
@@ -2,7 +2,7 @@ module Himari
|
|
2
2
|
class RuleProcessor
|
3
3
|
class MissingDecisionError < StandardError; end
|
4
4
|
|
5
|
-
Result = Struct.new(:rule_name, :allowed, :explicit_deny, :decision, :decision_log, keyword_init: true) do
|
5
|
+
Result = Struct.new(:rule_name, :allowed, :explicit_deny, :decision, :decision_log, :user_facing_message, :suggestion, keyword_init: true) do
|
6
6
|
def as_log
|
7
7
|
{
|
8
8
|
rule_name: rule_name,
|
@@ -10,7 +10,9 @@ module Himari
|
|
10
10
|
explicit_deny: explicit_deny,
|
11
11
|
decision: decision&.as_log,
|
12
12
|
decision_log: decision_log.map(&:to_h),
|
13
|
-
}
|
13
|
+
}.tap do |x|
|
14
|
+
x[:suggestion] = suggestion if suggestion
|
15
|
+
end
|
14
16
|
end
|
15
17
|
end
|
16
18
|
|
@@ -47,6 +49,7 @@ module Himari
|
|
47
49
|
result.decision = decision
|
48
50
|
result.allowed = true
|
49
51
|
result.explicit_deny = false
|
52
|
+
result.user_facing_message = decision.effect_user_facing_message
|
50
53
|
|
51
54
|
when :continue
|
52
55
|
@decision = decision
|
@@ -61,6 +64,8 @@ module Himari
|
|
61
64
|
result.decision = nil
|
62
65
|
result.allowed = false
|
63
66
|
result.explicit_deny = true
|
67
|
+
result.user_facing_message = decision.effect_user_facing_message
|
68
|
+
result.suggestion = decision.effect_suggestion
|
64
69
|
|
65
70
|
else
|
66
71
|
raise "Unknown effect #{decision.effect} [BUG]"
|
@@ -21,7 +21,7 @@ module Himari
|
|
21
21
|
end
|
22
22
|
end
|
23
23
|
|
24
|
-
Result = Struct.new(:client, :claims, :authz_result) do
|
24
|
+
Result = Struct.new(:client, :claims, :lifetime, :authz_result) do
|
25
25
|
def as_log
|
26
26
|
{
|
27
27
|
client: client.as_log,
|
@@ -63,10 +63,11 @@ module Himari
|
|
63
63
|
context = Himari::Decisions::Authorization::Context.new(claims: @session.claims, user_data: @session.user_data, request: @request, client: @client).freeze
|
64
64
|
|
65
65
|
authorization = Himari::RuleProcessor.new(context, Himari::Decisions::Authorization.new(claims: @session.claims.dup)).run(@authz_rules)
|
66
|
-
raise ForbiddenError.new(Result.new(@client, nil, authorization)) unless authorization.allowed
|
66
|
+
raise ForbiddenError.new(Result.new(@client, nil, nil, authorization)) unless authorization.allowed
|
67
67
|
|
68
|
-
claims = authorization.decision.
|
69
|
-
|
68
|
+
claims = authorization.decision.output_claims
|
69
|
+
lifetime = authorization.decision.lifetime
|
70
|
+
Result.new(@client, claims, lifetime, authorization)
|
70
71
|
end
|
71
72
|
end
|
72
73
|
end
|
data/lib/himari/version.rb
CHANGED
data/public/public/index.css
CHANGED
@@ -19,10 +19,10 @@ main {
|
|
19
19
|
border: none;
|
20
20
|
}
|
21
21
|
|
22
|
-
main > header {
|
22
|
+
main > header, main > footer {
|
23
23
|
text-align: center;
|
24
24
|
}
|
25
|
-
main > header img{
|
25
|
+
main > header img, main > footer img {
|
26
26
|
max-width: 200px;
|
27
27
|
height: auto;
|
28
28
|
}
|
@@ -58,6 +58,15 @@ main > header img{
|
|
58
58
|
margin-top: 30px;
|
59
59
|
}
|
60
60
|
|
61
|
+
.notice {
|
62
|
+
background-color: white;
|
63
|
+
border: 1px #bfa88a solid;
|
64
|
+
border-radius: 4px;
|
65
|
+
padding: 4px;
|
66
|
+
margin: 12px;
|
67
|
+
margin-bottom: 24px;
|
68
|
+
}
|
69
|
+
|
61
70
|
.d-none {
|
62
71
|
display: none;
|
63
72
|
}
|
data/views/login.erb
CHANGED
@@ -2,16 +2,28 @@
|
|
2
2
|
<html lang="en">
|
3
3
|
<head>
|
4
4
|
<meta charset="utf-8">
|
5
|
-
<title
|
6
|
-
<link rel="stylesheet" href="/public/index.css?
|
5
|
+
<title><%= h(msg(:page_title, nil) || msg(:title, "Login to Himari")) %></title>
|
6
|
+
<link rel="stylesheet" href="/public/index.css?cb=<%= cachebuster %>" type="text/css" />
|
7
7
|
<meta name="viewport" content="initial-scale=1">
|
8
8
|
<meta name="robots" content="noindex, nofollow">
|
9
9
|
|
10
|
-
<meta name="himari:release" content="
|
10
|
+
<meta name="himari:release" content="<%= release_code %>">
|
11
11
|
</head>
|
12
12
|
|
13
|
-
<body class='himari-app himari-
|
13
|
+
<body class='himari-app himari-login'>
|
14
14
|
<main>
|
15
|
+
|
16
|
+
<header>
|
17
|
+
<h1><%= msg(:title, "Login to Himari") %></h1>
|
18
|
+
<%= msg(:header) %>
|
19
|
+
|
20
|
+
<% if @notice %>
|
21
|
+
<div class='notice'>
|
22
|
+
<p><%=h @notice %></p>
|
23
|
+
</div>
|
24
|
+
<% end %>
|
25
|
+
</header>
|
26
|
+
|
15
27
|
<nav class='actions'>
|
16
28
|
<fieldset id='actions-fieldset'>
|
17
29
|
<% known_providers.each do |provider| %>
|
@@ -22,6 +34,10 @@
|
|
22
34
|
<% end %>
|
23
35
|
</fieldset>
|
24
36
|
</nav>
|
37
|
+
|
38
|
+
<footer>
|
39
|
+
<%= msg(:footer) %>
|
40
|
+
</footer>
|
25
41
|
</main>
|
26
42
|
|
27
43
|
<script type='text/javascript'>
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: himari
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.3.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Sorah Fukumori
|
8
8
|
autorequire:
|
9
9
|
bindir: exe
|
10
10
|
cert_chain: []
|
11
|
-
date: 2023-03-
|
11
|
+
date: 2023-03-21 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: sinatra
|
@@ -102,11 +102,8 @@ extensions: []
|
|
102
102
|
extra_rdoc_files: []
|
103
103
|
files:
|
104
104
|
- ".rspec"
|
105
|
-
- Gemfile
|
106
|
-
- Gemfile.lock
|
107
105
|
- LICENSE.txt
|
108
106
|
- Rakefile
|
109
|
-
- himari.gemspec
|
110
107
|
- lib/himari.rb
|
111
108
|
- lib/himari/access_token.rb
|
112
109
|
- lib/himari/app.rb
|
@@ -167,7 +164,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
167
164
|
- !ruby/object:Gem::Version
|
168
165
|
version: '0'
|
169
166
|
requirements: []
|
170
|
-
rubygems_version: 3.
|
167
|
+
rubygems_version: 3.1.6
|
171
168
|
signing_key:
|
172
169
|
specification_version: 4
|
173
170
|
summary: Small OIDC IdP for small teams - Omniauth to OIDC
|
data/Gemfile
DELETED
data/Gemfile.lock
DELETED
@@ -1,152 +0,0 @@
|
|
1
|
-
PATH
|
2
|
-
remote: .
|
3
|
-
specs:
|
4
|
-
himari (0.1.0)
|
5
|
-
addressable
|
6
|
-
omniauth (>= 2.0)
|
7
|
-
openid_connect
|
8
|
-
rack-oauth2
|
9
|
-
rack-protection
|
10
|
-
sinatra (>= 3.0)
|
11
|
-
|
12
|
-
GEM
|
13
|
-
remote: https://rubygems.org/
|
14
|
-
specs:
|
15
|
-
activemodel (7.0.4.3)
|
16
|
-
activesupport (= 7.0.4.3)
|
17
|
-
activesupport (7.0.4.3)
|
18
|
-
concurrent-ruby (~> 1.0, >= 1.0.2)
|
19
|
-
i18n (>= 1.6, < 2)
|
20
|
-
minitest (>= 5.1)
|
21
|
-
tzinfo (~> 2.0)
|
22
|
-
addressable (2.8.1)
|
23
|
-
public_suffix (>= 2.0.2, < 6.0)
|
24
|
-
aes_key_wrap (1.1.0)
|
25
|
-
attr_required (1.0.1)
|
26
|
-
bindata (2.4.15)
|
27
|
-
concurrent-ruby (1.2.2)
|
28
|
-
date (3.3.3)
|
29
|
-
diff-lcs (1.5.0)
|
30
|
-
docile (1.4.0)
|
31
|
-
faraday (2.7.4)
|
32
|
-
faraday-net_http (>= 2.0, < 3.1)
|
33
|
-
ruby2_keywords (>= 0.0.4)
|
34
|
-
faraday-follow_redirects (0.3.0)
|
35
|
-
faraday (>= 1, < 3)
|
36
|
-
faraday-net_http (3.0.2)
|
37
|
-
hashie (5.0.0)
|
38
|
-
i18n (1.12.0)
|
39
|
-
concurrent-ruby (~> 1.0)
|
40
|
-
json-jwt (1.16.3)
|
41
|
-
activesupport (>= 4.2)
|
42
|
-
aes_key_wrap
|
43
|
-
bindata
|
44
|
-
faraday (~> 2.0)
|
45
|
-
faraday-follow_redirects
|
46
|
-
mail (2.8.1)
|
47
|
-
mini_mime (>= 0.1.1)
|
48
|
-
net-imap
|
49
|
-
net-pop
|
50
|
-
net-smtp
|
51
|
-
mini_mime (1.1.2)
|
52
|
-
minitest (5.18.0)
|
53
|
-
mustermann (3.0.0)
|
54
|
-
ruby2_keywords (~> 0.0.1)
|
55
|
-
net-imap (0.3.4)
|
56
|
-
date
|
57
|
-
net-protocol
|
58
|
-
net-pop (0.1.2)
|
59
|
-
net-protocol
|
60
|
-
net-protocol (0.2.1)
|
61
|
-
timeout
|
62
|
-
net-smtp (0.3.3)
|
63
|
-
net-protocol
|
64
|
-
omniauth (2.1.1)
|
65
|
-
hashie (>= 3.4.6)
|
66
|
-
rack (>= 2.2.3)
|
67
|
-
rack-protection
|
68
|
-
openid_connect (2.2.0)
|
69
|
-
activemodel
|
70
|
-
attr_required (>= 1.0.0)
|
71
|
-
faraday (~> 2.0)
|
72
|
-
faraday-follow_redirects
|
73
|
-
json-jwt (>= 1.16)
|
74
|
-
net-smtp
|
75
|
-
rack-oauth2 (~> 2.2)
|
76
|
-
swd (~> 2.0)
|
77
|
-
tzinfo
|
78
|
-
validate_email
|
79
|
-
validate_url
|
80
|
-
webfinger (~> 2.0)
|
81
|
-
public_suffix (5.0.1)
|
82
|
-
rack (2.2.6.4)
|
83
|
-
rack-oauth2 (2.2.0)
|
84
|
-
activesupport
|
85
|
-
attr_required
|
86
|
-
faraday (~> 2.0)
|
87
|
-
faraday-follow_redirects
|
88
|
-
json-jwt (>= 1.11.0)
|
89
|
-
rack (>= 2.1.0)
|
90
|
-
rack-protection (3.0.5)
|
91
|
-
rack
|
92
|
-
rack-test (2.1.0)
|
93
|
-
rack (>= 1.3)
|
94
|
-
rake (13.0.6)
|
95
|
-
rspec (3.12.0)
|
96
|
-
rspec-core (~> 3.12.0)
|
97
|
-
rspec-expectations (~> 3.12.0)
|
98
|
-
rspec-mocks (~> 3.12.0)
|
99
|
-
rspec-core (3.12.1)
|
100
|
-
rspec-support (~> 3.12.0)
|
101
|
-
rspec-expectations (3.12.2)
|
102
|
-
diff-lcs (>= 1.2.0, < 2.0)
|
103
|
-
rspec-support (~> 3.12.0)
|
104
|
-
rspec-mocks (3.12.4)
|
105
|
-
diff-lcs (>= 1.2.0, < 2.0)
|
106
|
-
rspec-support (~> 3.12.0)
|
107
|
-
rspec-support (3.12.0)
|
108
|
-
ruby2_keywords (0.0.5)
|
109
|
-
simplecov (0.22.0)
|
110
|
-
docile (~> 1.1)
|
111
|
-
simplecov-html (~> 0.11)
|
112
|
-
simplecov_json_formatter (~> 0.1)
|
113
|
-
simplecov-html (0.12.3)
|
114
|
-
simplecov_json_formatter (0.1.4)
|
115
|
-
sinatra (3.0.5)
|
116
|
-
mustermann (~> 3.0)
|
117
|
-
rack (~> 2.2, >= 2.2.4)
|
118
|
-
rack-protection (= 3.0.5)
|
119
|
-
tilt (~> 2.0)
|
120
|
-
swd (2.0.2)
|
121
|
-
activesupport (>= 3)
|
122
|
-
attr_required (>= 0.0.5)
|
123
|
-
faraday (~> 2.0)
|
124
|
-
faraday-follow_redirects
|
125
|
-
tilt (2.1.0)
|
126
|
-
timeout (0.3.2)
|
127
|
-
tzinfo (2.0.6)
|
128
|
-
concurrent-ruby (~> 1.0)
|
129
|
-
validate_email (0.1.6)
|
130
|
-
activemodel (>= 3.0)
|
131
|
-
mail (>= 2.2.5)
|
132
|
-
validate_url (1.0.15)
|
133
|
-
activemodel (>= 3.0.0)
|
134
|
-
public_suffix
|
135
|
-
webfinger (2.1.2)
|
136
|
-
activesupport
|
137
|
-
faraday (~> 2.0)
|
138
|
-
faraday-follow_redirects
|
139
|
-
|
140
|
-
PLATFORMS
|
141
|
-
ruby
|
142
|
-
|
143
|
-
DEPENDENCIES
|
144
|
-
himari!
|
145
|
-
rack-test
|
146
|
-
rake
|
147
|
-
rspec
|
148
|
-
simplecov
|
149
|
-
simplecov-html
|
150
|
-
|
151
|
-
BUNDLED WITH
|
152
|
-
2.4.8
|
data/himari.gemspec
DELETED
@@ -1,44 +0,0 @@
|
|
1
|
-
# frozen_string_literal: true
|
2
|
-
|
3
|
-
require_relative "lib/himari/version"
|
4
|
-
|
5
|
-
Gem::Specification.new do |spec|
|
6
|
-
spec.name = "himari"
|
7
|
-
spec.version = Himari::VERSION
|
8
|
-
spec.authors = ["Sorah Fukumori"]
|
9
|
-
spec.email = ["her@sorah.jp"]
|
10
|
-
|
11
|
-
spec.summary = "Small OIDC IdP for small teams - Omniauth to OIDC"
|
12
|
-
spec.homepage = "https://github.com/sorah/himari"
|
13
|
-
spec.license = "MIT"
|
14
|
-
spec.required_ruby_version = ">= 2.7.0"
|
15
|
-
|
16
|
-
spec.metadata["homepage_uri"] = spec.homepage
|
17
|
-
spec.metadata["source_code_uri"] = "https://github.com/sorah/himari"
|
18
|
-
|
19
|
-
# Specify which files should be added to the gem when it is released.
|
20
|
-
# The `git ls-files -z` loads the files in the RubyGem that have been added into git.
|
21
|
-
spec.files = Dir.chdir(__dir__) do
|
22
|
-
`git ls-files -z`.split("\x0").reject do |f|
|
23
|
-
(f == __FILE__) || f.match(%r{\A(?:(?:bin|test|spec|features)/|\.(?:git|travis|circleci)|appveyor)})
|
24
|
-
end
|
25
|
-
end
|
26
|
-
spec.bindir = "exe"
|
27
|
-
spec.executables = spec.files.grep(%r{\Aexe/}) { |f| File.basename(f) }
|
28
|
-
spec.require_paths = ["lib"]
|
29
|
-
|
30
|
-
spec.add_dependency "sinatra", '>= 3.0'
|
31
|
-
spec.add_dependency 'rack-protection'
|
32
|
-
spec.add_dependency "omniauth", ">= 2.0"
|
33
|
-
|
34
|
-
spec.add_dependency 'addressable'
|
35
|
-
|
36
|
-
spec.add_dependency "rack-oauth2"
|
37
|
-
spec.add_dependency "openid_connect"
|
38
|
-
|
39
|
-
# Uncomment to register a new dependency of your gem
|
40
|
-
# spec.add_dependency "example-gem", "~> 1.0"
|
41
|
-
|
42
|
-
# For more information and examples about making a new gem, check out our
|
43
|
-
# guide at: https://bundler.io/guides/creating_gem.html
|
44
|
-
end
|