himari 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (47) hide show
  1. checksums.yaml +7 -0
  2. data/.rspec +3 -0
  3. data/Gemfile +11 -0
  4. data/Gemfile.lock +152 -0
  5. data/LICENSE.txt +21 -0
  6. data/Rakefile +8 -0
  7. data/himari.gemspec +44 -0
  8. data/lib/himari/access_token.rb +119 -0
  9. data/lib/himari/app.rb +193 -0
  10. data/lib/himari/authorization_code.rb +83 -0
  11. data/lib/himari/client_registration.rb +47 -0
  12. data/lib/himari/config.rb +39 -0
  13. data/lib/himari/decisions/authentication.rb +16 -0
  14. data/lib/himari/decisions/authorization.rb +48 -0
  15. data/lib/himari/decisions/base.rb +63 -0
  16. data/lib/himari/decisions/claims.rb +58 -0
  17. data/lib/himari/id_token.rb +57 -0
  18. data/lib/himari/item_provider.rb +11 -0
  19. data/lib/himari/item_providers/static.rb +20 -0
  20. data/lib/himari/log_line.rb +9 -0
  21. data/lib/himari/middlewares/authentication_rule.rb +24 -0
  22. data/lib/himari/middlewares/authorization_rule.rb +24 -0
  23. data/lib/himari/middlewares/claims_rule.rb +24 -0
  24. data/lib/himari/middlewares/client.rb +24 -0
  25. data/lib/himari/middlewares/config.rb +24 -0
  26. data/lib/himari/middlewares/signing_key.rb +24 -0
  27. data/lib/himari/provider_chain.rb +26 -0
  28. data/lib/himari/rule.rb +7 -0
  29. data/lib/himari/rule_processor.rb +81 -0
  30. data/lib/himari/services/downstream_authorization.rb +73 -0
  31. data/lib/himari/services/jwks_endpoint.rb +40 -0
  32. data/lib/himari/services/oidc_authorization_endpoint.rb +82 -0
  33. data/lib/himari/services/oidc_provider_metadata_endpoint.rb +56 -0
  34. data/lib/himari/services/oidc_token_endpoint.rb +86 -0
  35. data/lib/himari/services/oidc_userinfo_endpoint.rb +73 -0
  36. data/lib/himari/services/upstream_authentication.rb +106 -0
  37. data/lib/himari/session_data.rb +7 -0
  38. data/lib/himari/signing_key.rb +128 -0
  39. data/lib/himari/storages/base.rb +57 -0
  40. data/lib/himari/storages/filesystem.rb +36 -0
  41. data/lib/himari/storages/memory.rb +31 -0
  42. data/lib/himari/version.rb +5 -0
  43. data/lib/himari.rb +4 -0
  44. data/public/public/index.css +74 -0
  45. data/sig/himari.rbs +4 -0
  46. data/views/login.erb +37 -0
  47. metadata +174 -0
@@ -0,0 +1,31 @@
1
+ require 'himari/storages/base'
2
+
3
+ module Himari
4
+ module Storages
5
+ class Memory
6
+ include Himari::Storages::Base
7
+
8
+ def initialize
9
+ @memory = {}
10
+ end
11
+
12
+ private def write(kind, key, content, overwrite: false)
13
+ path = File.join(kind, key)
14
+ raise Himari::Storages::Base::Conflict if @memory.key?(path)
15
+ @memory[path] = JSON.pretty_generate(content)
16
+ nil
17
+ end
18
+
19
+ private def read(kind, key)
20
+ path = File.join(kind, key)
21
+ @memory[path]&.then { |v| JSON.parse(v, symbolize_names: true) } || nil
22
+ end
23
+
24
+ private def delete(kind, key)
25
+ path = File.join(kind, key)
26
+ @memory.delete(path)
27
+ nil
28
+ end
29
+ end
30
+ end
31
+ end
@@ -0,0 +1,5 @@
1
+ # frozen_string_literal: true
2
+
3
+ module Himari
4
+ VERSION = "0.1.0"
5
+ end
data/lib/himari.rb ADDED
@@ -0,0 +1,4 @@
1
+ # frozen_string_literal: true
2
+
3
+ require_relative 'himari/version'
4
+ require_relative 'himari/app'
@@ -0,0 +1,74 @@
1
+ body {
2
+ font-family: "Segoe UI", Helvetica, sans-serif;
3
+ font-size: 16px;
4
+ background-color: #FDF7EF;
5
+ text-align: center;
6
+ color: #2C2C31;
7
+ }
8
+ * {
9
+ box-sizing: border-box;
10
+ }
11
+ main {
12
+ width: 100%;
13
+ max-width: 800px;
14
+ margin-left: auto;
15
+ margin-right: auto;
16
+ text-align: left;
17
+ }
18
+ .himari-app fieldset {
19
+ border: none;
20
+ }
21
+
22
+ main > header {
23
+ text-align: center;
24
+ }
25
+ main > header img{
26
+ max-width: 200px;
27
+ height: auto;
28
+ }
29
+
30
+ .actions {
31
+ display: flex;
32
+ flex-direction: row;
33
+ justify-content: center;
34
+ }
35
+ .actions form {
36
+ margin-bottom: 8px;
37
+ }
38
+ .actions button {
39
+ font-size: 20px;
40
+ font-weight: 700;
41
+ text-decoration: none;
42
+ border: 1px solid #4E6994;
43
+ border-radius: 4px;
44
+ background: #4E6994;
45
+ color: #FFF;
46
+ padding: 12px 28px;
47
+ cursor: pointer;
48
+ }
49
+ .actions button:disabled {
50
+ color: #eee;
51
+ background: #2a384f;
52
+ }
53
+
54
+ .spinner {
55
+ text-align: center;
56
+ font-size: 60px;
57
+ font-weight: 600;
58
+ margin-top: 30px;
59
+ }
60
+
61
+ .d-none {
62
+ display: none;
63
+ }
64
+ .sr-only {
65
+ position: absolute !important;
66
+ width: 1px !important;
67
+ height: 1px !important;
68
+ padding: 0 !important;
69
+ margin: -1px !important;
70
+ overflow: hidden !important;
71
+ clip: rect(0, 0, 0, 0) !important;
72
+ white-space: nowrap !important;
73
+ border-width: 0 !important;
74
+ }
data/sig/himari.rbs ADDED
@@ -0,0 +1,4 @@
1
+ module Himari
2
+ VERSION: String
3
+ # See the writing guide of rbs: https://github.com/ruby/rbs#guides
4
+ end
data/views/login.erb ADDED
@@ -0,0 +1,37 @@
1
+ <!DOCTYPE html>
2
+ <html lang="en">
3
+ <head>
4
+ <meta charset="utf-8">
5
+ <title>Himari Login</title>
6
+ <link rel="stylesheet" href="/public/index.css?v=<%= cachebuster %>" type="text/css" />
7
+ <meta name="viewport" content="initial-scale=1">
8
+ <meta name="robots" content="noindex, nofollow">
9
+
10
+ <meta name="himari:release" content="TODO:">
11
+ </head>
12
+
13
+ <body class='himari-app himari-loading'>
14
+ <main>
15
+ <nav class='actions'>
16
+ <fieldset id='actions-fieldset'>
17
+ <% known_providers.each do |provider| %>
18
+ <form action="<%= provider.action %>" method="POST" class="provider-<%= provider.name %>">
19
+ <input type="hidden" name="<%= csrf_token_name %>" value="<%= csrf_token_value %>" />
20
+ <button type='submit'><%= provider.button %></button>
21
+ </form>
22
+ <% end %>
23
+ </fieldset>
24
+ </nav>
25
+ </main>
26
+
27
+ <script type='text/javascript'>
28
+ const fieldset = document.getElementById('actions-fieldset');
29
+ document.querySelectorAll('.actions-fieldset form').forEach((v) => {
30
+ v.addEventListener('submit', () => {
31
+ fieldset.disabled = true;
32
+ });
33
+ });
34
+ </script>
35
+ </body>
36
+ </html>
37
+
metadata ADDED
@@ -0,0 +1,174 @@
1
+ --- !ruby/object:Gem::Specification
2
+ name: himari
3
+ version: !ruby/object:Gem::Version
4
+ version: 0.1.0
5
+ platform: ruby
6
+ authors:
7
+ - Sorah Fukumori
8
+ autorequire:
9
+ bindir: exe
10
+ cert_chain: []
11
+ date: 2023-03-20 00:00:00.000000000 Z
12
+ dependencies:
13
+ - !ruby/object:Gem::Dependency
14
+ name: sinatra
15
+ requirement: !ruby/object:Gem::Requirement
16
+ requirements:
17
+ - - ">="
18
+ - !ruby/object:Gem::Version
19
+ version: '3.0'
20
+ type: :runtime
21
+ prerelease: false
22
+ version_requirements: !ruby/object:Gem::Requirement
23
+ requirements:
24
+ - - ">="
25
+ - !ruby/object:Gem::Version
26
+ version: '3.0'
27
+ - !ruby/object:Gem::Dependency
28
+ name: rack-protection
29
+ requirement: !ruby/object:Gem::Requirement
30
+ requirements:
31
+ - - ">="
32
+ - !ruby/object:Gem::Version
33
+ version: '0'
34
+ type: :runtime
35
+ prerelease: false
36
+ version_requirements: !ruby/object:Gem::Requirement
37
+ requirements:
38
+ - - ">="
39
+ - !ruby/object:Gem::Version
40
+ version: '0'
41
+ - !ruby/object:Gem::Dependency
42
+ name: omniauth
43
+ requirement: !ruby/object:Gem::Requirement
44
+ requirements:
45
+ - - ">="
46
+ - !ruby/object:Gem::Version
47
+ version: '2.0'
48
+ type: :runtime
49
+ prerelease: false
50
+ version_requirements: !ruby/object:Gem::Requirement
51
+ requirements:
52
+ - - ">="
53
+ - !ruby/object:Gem::Version
54
+ version: '2.0'
55
+ - !ruby/object:Gem::Dependency
56
+ name: addressable
57
+ requirement: !ruby/object:Gem::Requirement
58
+ requirements:
59
+ - - ">="
60
+ - !ruby/object:Gem::Version
61
+ version: '0'
62
+ type: :runtime
63
+ prerelease: false
64
+ version_requirements: !ruby/object:Gem::Requirement
65
+ requirements:
66
+ - - ">="
67
+ - !ruby/object:Gem::Version
68
+ version: '0'
69
+ - !ruby/object:Gem::Dependency
70
+ name: rack-oauth2
71
+ requirement: !ruby/object:Gem::Requirement
72
+ requirements:
73
+ - - ">="
74
+ - !ruby/object:Gem::Version
75
+ version: '0'
76
+ type: :runtime
77
+ prerelease: false
78
+ version_requirements: !ruby/object:Gem::Requirement
79
+ requirements:
80
+ - - ">="
81
+ - !ruby/object:Gem::Version
82
+ version: '0'
83
+ - !ruby/object:Gem::Dependency
84
+ name: openid_connect
85
+ requirement: !ruby/object:Gem::Requirement
86
+ requirements:
87
+ - - ">="
88
+ - !ruby/object:Gem::Version
89
+ version: '0'
90
+ type: :runtime
91
+ prerelease: false
92
+ version_requirements: !ruby/object:Gem::Requirement
93
+ requirements:
94
+ - - ">="
95
+ - !ruby/object:Gem::Version
96
+ version: '0'
97
+ description:
98
+ email:
99
+ - her@sorah.jp
100
+ executables: []
101
+ extensions: []
102
+ extra_rdoc_files: []
103
+ files:
104
+ - ".rspec"
105
+ - Gemfile
106
+ - Gemfile.lock
107
+ - LICENSE.txt
108
+ - Rakefile
109
+ - himari.gemspec
110
+ - lib/himari.rb
111
+ - lib/himari/access_token.rb
112
+ - lib/himari/app.rb
113
+ - lib/himari/authorization_code.rb
114
+ - lib/himari/client_registration.rb
115
+ - lib/himari/config.rb
116
+ - lib/himari/decisions/authentication.rb
117
+ - lib/himari/decisions/authorization.rb
118
+ - lib/himari/decisions/base.rb
119
+ - lib/himari/decisions/claims.rb
120
+ - lib/himari/id_token.rb
121
+ - lib/himari/item_provider.rb
122
+ - lib/himari/item_providers/static.rb
123
+ - lib/himari/log_line.rb
124
+ - lib/himari/middlewares/authentication_rule.rb
125
+ - lib/himari/middlewares/authorization_rule.rb
126
+ - lib/himari/middlewares/claims_rule.rb
127
+ - lib/himari/middlewares/client.rb
128
+ - lib/himari/middlewares/config.rb
129
+ - lib/himari/middlewares/signing_key.rb
130
+ - lib/himari/provider_chain.rb
131
+ - lib/himari/rule.rb
132
+ - lib/himari/rule_processor.rb
133
+ - lib/himari/services/downstream_authorization.rb
134
+ - lib/himari/services/jwks_endpoint.rb
135
+ - lib/himari/services/oidc_authorization_endpoint.rb
136
+ - lib/himari/services/oidc_provider_metadata_endpoint.rb
137
+ - lib/himari/services/oidc_token_endpoint.rb
138
+ - lib/himari/services/oidc_userinfo_endpoint.rb
139
+ - lib/himari/services/upstream_authentication.rb
140
+ - lib/himari/session_data.rb
141
+ - lib/himari/signing_key.rb
142
+ - lib/himari/storages/base.rb
143
+ - lib/himari/storages/filesystem.rb
144
+ - lib/himari/storages/memory.rb
145
+ - lib/himari/version.rb
146
+ - public/public/index.css
147
+ - sig/himari.rbs
148
+ - views/login.erb
149
+ homepage: https://github.com/sorah/himari
150
+ licenses:
151
+ - MIT
152
+ metadata:
153
+ homepage_uri: https://github.com/sorah/himari
154
+ source_code_uri: https://github.com/sorah/himari
155
+ post_install_message:
156
+ rdoc_options: []
157
+ require_paths:
158
+ - lib
159
+ required_ruby_version: !ruby/object:Gem::Requirement
160
+ requirements:
161
+ - - ">="
162
+ - !ruby/object:Gem::Version
163
+ version: 2.7.0
164
+ required_rubygems_version: !ruby/object:Gem::Requirement
165
+ requirements:
166
+ - - ">="
167
+ - !ruby/object:Gem::Version
168
+ version: '0'
169
+ requirements: []
170
+ rubygems_version: 3.4.0.dev
171
+ signing_key:
172
+ specification_version: 4
173
+ summary: Small OIDC IdP for small teams - Omniauth to OIDC
174
+ test_files: []