himari 0.1.0

data/lib/himari/storages/memory.rb

@@ -0,0 +1,31 @@
+require 'himari/storages/base'
+
+module Himari
+  module Storages
+    class Memory
+      include Himari::Storages::Base
+
+      def initialize
+        @memory = {}
+      end
+
+      private def write(kind, key, content, overwrite: false)
+        path = File.join(kind, key)
+        raise Himari::Storages::Base::Conflict if @memory.key?(path)
+        @memory[path] = JSON.pretty_generate(content)
+        nil
+      end
+
+      private def read(kind, key)
+        path = File.join(kind, key)
+        @memory[path]&.then { |v| JSON.parse(v, symbolize_names: true) } || nil
+      end
+
+      private def delete(kind, key)
+        path = File.join(kind, key)
+        @memory.delete(path)
+        nil
+      end
+    end
+  end
+end

data/lib/himari/version.rb

@@ -0,0 +1,5 @@
+# frozen_string_literal: true
+
+module Himari
+  VERSION = "0.1.0"
+end

data/lib/himari.rb

@@ -0,0 +1,4 @@
+# frozen_string_literal: true
+
+require_relative 'himari/version'
+require_relative 'himari/app'

data/public/public/index.css

@@ -0,0 +1,74 @@
+body {
+  font-family: "Segoe UI", Helvetica, sans-serif;
+  font-size: 16px;
+  background-color: #FDF7EF;
+  text-align: center;
+  color: #2C2C31;
+}
+* {
+  box-sizing: border-box;
+}
+main {
+  width: 100%;
+  max-width: 800px;
+  margin-left: auto;
+  margin-right: auto;
+  text-align: left;
+}
+.himari-app fieldset {
+  border: none;
+}
+
+main > header {
+  text-align: center;
+}
+main > header img{
+  max-width: 200px;
+  height: auto;
+}
+
+.actions {
+  display: flex;
+  flex-direction: row;
+  justify-content: center;
+}
+.actions form {
+  margin-bottom: 8px;
+}
+.actions button {
+  font-size: 20px;
+  font-weight: 700;
+  text-decoration: none;
+  border: 1px solid #4E6994;
+  border-radius: 4px;
+  background: #4E6994;
+  color: #FFF;
+  padding: 12px 28px;
+  cursor: pointer;
+}
+.actions button:disabled {
+  color: #eee;
+  background: #2a384f;
+}
+
+.spinner {
+  text-align: center;
+  font-size: 60px;
+  font-weight: 600;
+  margin-top: 30px;
+}
+
+.d-none {
+  display: none;
+}
+.sr-only {
+  position: absolute !important;
+  width: 1px !important;
+  height: 1px !important;
+  padding: 0 !important;
+  margin: -1px !important;
+  overflow: hidden !important;
+  clip: rect(0, 0, 0, 0) !important;
+  white-space: nowrap !important;
+  border-width: 0 !important;
+}

data/sig/himari.rbs

@@ -0,0 +1,4 @@
+module Himari
+  VERSION: String
+  # See the writing guide of rbs: https://github.com/ruby/rbs#guides
+end

data/views/login.erb

@@ -0,0 +1,37 @@
+<!DOCTYPE html>
+<html lang="en">
+  <head>
+    <meta charset="utf-8">
+    <title>Himari Login</title>
+    <link rel="stylesheet" href="/public/index.css?v=<%= cachebuster %>" type="text/css" />
+    <meta name="viewport" content="initial-scale=1">
+    <meta name="robots" content="noindex, nofollow">
+
+    <meta name="himari:release" content="TODO:">
+  </head>
+
+  <body class='himari-app himari-loading'>
+    <main>
+      <nav class='actions'>
+        <fieldset id='actions-fieldset'>
+          <% known_providers.each do |provider| %>
+            <form action="<%= provider.action %>" method="POST" class="provider-<%= provider.name %>">
+              <input type="hidden" name="<%= csrf_token_name %>" value="<%= csrf_token_value %>" />
+                <button type='submit'><%= provider.button %></button>
+            </form>
+          <% end %>
+        </fieldset>
+      </nav>
+    </main>
+
+    <script type='text/javascript'>
+      const fieldset = document.getElementById('actions-fieldset');
+      document.querySelectorAll('.actions-fieldset form').forEach((v) => {
+        v.addEventListener('submit', () => {
+          fieldset.disabled = true;
+        });
+      });
+    </script>
+  </body>
+</html>
+

metadata

@@ -0,0 +1,174 @@
+--- !ruby/object:Gem::Specification
+name: himari
+version: !ruby/object:Gem::Version
+  version: 0.1.0
+platform: ruby
+authors:
+- Sorah Fukumori
+autorequire:
+bindir: exe
+cert_chain: []
+date: 2023-03-20 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: sinatra
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '3.0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '3.0'
+- !ruby/object:Gem::Dependency
+  name: rack-protection
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: omniauth
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '2.0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '2.0'
+- !ruby/object:Gem::Dependency
+  name: addressable
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rack-oauth2
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: openid_connect
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+description:
+email:
+- her@sorah.jp
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- ".rspec"
+- Gemfile
+- Gemfile.lock
+- LICENSE.txt
+- Rakefile
+- himari.gemspec
+- lib/himari.rb
+- lib/himari/access_token.rb
+- lib/himari/app.rb
+- lib/himari/authorization_code.rb
+- lib/himari/client_registration.rb
+- lib/himari/config.rb
+- lib/himari/decisions/authentication.rb
+- lib/himari/decisions/authorization.rb
+- lib/himari/decisions/base.rb
+- lib/himari/decisions/claims.rb
+- lib/himari/id_token.rb
+- lib/himari/item_provider.rb
+- lib/himari/item_providers/static.rb
+- lib/himari/log_line.rb
+- lib/himari/middlewares/authentication_rule.rb
+- lib/himari/middlewares/authorization_rule.rb
+- lib/himari/middlewares/claims_rule.rb
+- lib/himari/middlewares/client.rb
+- lib/himari/middlewares/config.rb
+- lib/himari/middlewares/signing_key.rb
+- lib/himari/provider_chain.rb
+- lib/himari/rule.rb
+- lib/himari/rule_processor.rb
+- lib/himari/services/downstream_authorization.rb
+- lib/himari/services/jwks_endpoint.rb
+- lib/himari/services/oidc_authorization_endpoint.rb
+- lib/himari/services/oidc_provider_metadata_endpoint.rb
+- lib/himari/services/oidc_token_endpoint.rb
+- lib/himari/services/oidc_userinfo_endpoint.rb
+- lib/himari/services/upstream_authentication.rb
+- lib/himari/session_data.rb
+- lib/himari/signing_key.rb
+- lib/himari/storages/base.rb
+- lib/himari/storages/filesystem.rb
+- lib/himari/storages/memory.rb
+- lib/himari/version.rb
+- public/public/index.css
+- sig/himari.rbs
+- views/login.erb
+homepage: https://github.com/sorah/himari
+licenses:
+- MIT
+metadata:
+  homepage_uri: https://github.com/sorah/himari
+  source_code_uri: https://github.com/sorah/himari
+post_install_message:
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: 2.7.0
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubygems_version: 3.4.0.dev
+signing_key:
+specification_version: 4
+summary: Small OIDC IdP for small teams - Omniauth to OIDC
+test_files: []