intra 0.1.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml ADDED
@@ -0,0 +1,7 @@
1
+ ---
2
+ SHA256:
3
+ metadata.gz: 71b212549b87ebf7d644679ddb73557f7ea92c092468988ef2fd51610f0583f2
4
+ data.tar.gz: eaa8f0594f1827952c614c8ac157869803e2506cdc703760ef46196a5dd5c2d3
5
+ SHA512:
6
+ metadata.gz: 63fc6a4fe9910999a29e7df5c81d766ce53641b148883e655438320fbf6e5cd572f2c005f729343de54e41b7b0d4bfb07cce2dfa7865062133549d91eb886ccf
7
+ data.tar.gz: 678e67a4427842ec8bf5d6fe5256d169cb03ccb0f445bc373cb37e6b5dfa5142d490257f1f3bdecc79e63f728ff13e14a4e574fc16d86cc9f165bc96a1efbbe2
data/.env.example ADDED
@@ -0,0 +1,2 @@
1
+ GOOGLE_CLIENT_ID=clientid
2
+ GOOGLE_CLIENT_SECRET=secret
data/.gitignore ADDED
@@ -0,0 +1,11 @@
1
+ /.bundle/
2
+ /.yardoc
3
+ /_yardoc/
4
+ /coverage/
5
+ /doc/
6
+ /pkg/
7
+ /spec/reports/
8
+ /tmp/
9
+ /tags
10
+ /.byebug_history
11
+ *.log
data/.travis.yml ADDED
@@ -0,0 +1,7 @@
1
+ ---
2
+ sudo: false
3
+ language: ruby
4
+ cache: bundler
5
+ rvm:
6
+ - 2.6.3
7
+ before_install: gem install bundler -v 2.0.1
@@ -0,0 +1,74 @@
1
+ # Contributor Covenant Code of Conduct
2
+
3
+ ## Our Pledge
4
+
5
+ In the interest of fostering an open and welcoming environment, we as
6
+ contributors and maintainers pledge to making participation in our project and
7
+ our community a harassment-free experience for everyone, regardless of age, body
8
+ size, disability, ethnicity, gender identity and expression, level of experience,
9
+ nationality, personal appearance, race, religion, or sexual identity and
10
+ orientation.
11
+
12
+ ## Our Standards
13
+
14
+ Examples of behavior that contributes to creating a positive environment
15
+ include:
16
+
17
+ * Using welcoming and inclusive language
18
+ * Being respectful of differing viewpoints and experiences
19
+ * Gracefully accepting constructive criticism
20
+ * Focusing on what is best for the community
21
+ * Showing empathy towards other community members
22
+
23
+ Examples of unacceptable behavior by participants include:
24
+
25
+ * The use of sexualized language or imagery and unwelcome sexual attention or
26
+ advances
27
+ * Trolling, insulting/derogatory comments, and personal or political attacks
28
+ * Public or private harassment
29
+ * Publishing others' private information, such as a physical or electronic
30
+ address, without explicit permission
31
+ * Other conduct which could reasonably be considered inappropriate in a
32
+ professional setting
33
+
34
+ ## Our Responsibilities
35
+
36
+ Project maintainers are responsible for clarifying the standards of acceptable
37
+ behavior and are expected to take appropriate and fair corrective action in
38
+ response to any instances of unacceptable behavior.
39
+
40
+ Project maintainers have the right and responsibility to remove, edit, or
41
+ reject comments, commits, code, wiki edits, issues, and other contributions
42
+ that are not aligned to this Code of Conduct, or to ban temporarily or
43
+ permanently any contributor for other behaviors that they deem inappropriate,
44
+ threatening, offensive, or harmful.
45
+
46
+ ## Scope
47
+
48
+ This Code of Conduct applies both within project spaces and in public spaces
49
+ when an individual is representing the project or its community. Examples of
50
+ representing a project or community include using an official project e-mail
51
+ address, posting via an official social media account, or acting as an appointed
52
+ representative at an online or offline event. Representation of a project may be
53
+ further defined and clarified by project maintainers.
54
+
55
+ ## Enforcement
56
+
57
+ Instances of abusive, harassing, or otherwise unacceptable behavior may be
58
+ reported by contacting the project team at scott@renofi.com. All
59
+ complaints will be reviewed and investigated and will result in a response that
60
+ is deemed necessary and appropriate to the circumstances. The project team is
61
+ obligated to maintain confidentiality with regard to the reporter of an incident.
62
+ Further details of specific enforcement policies may be posted separately.
63
+
64
+ Project maintainers who do not follow or enforce the Code of Conduct in good
65
+ faith may face temporary or permanent repercussions as determined by other
66
+ members of the project's leadership.
67
+
68
+ ## Attribution
69
+
70
+ This Code of Conduct is adapted from the [Contributor Covenant][homepage], version 1.4,
71
+ available at [http://contributor-covenant.org/version/1/4][version]
72
+
73
+ [homepage]: http://contributor-covenant.org
74
+ [version]: http://contributor-covenant.org/version/1/4/
data/Gemfile ADDED
@@ -0,0 +1,4 @@
1
+ source "https://rubygems.org"
2
+
3
+ # Specify your gem's dependencies in intra.gemspec
4
+ gemspec
data/Gemfile.lock ADDED
@@ -0,0 +1,157 @@
1
+ PATH
2
+ remote: .
3
+ specs:
4
+ intra (0.1.0)
5
+ omniauth
6
+ omniauth-google-oauth2
7
+ rails
8
+
9
+ GEM
10
+ remote: https://rubygems.org/
11
+ specs:
12
+ actioncable (5.2.3)
13
+ actionpack (= 5.2.3)
14
+ nio4r (~> 2.0)
15
+ websocket-driver (>= 0.6.1)
16
+ actionmailer (5.2.3)
17
+ actionpack (= 5.2.3)
18
+ actionview (= 5.2.3)
19
+ activejob (= 5.2.3)
20
+ mail (~> 2.5, >= 2.5.4)
21
+ rails-dom-testing (~> 2.0)
22
+ actionpack (5.2.3)
23
+ actionview (= 5.2.3)
24
+ activesupport (= 5.2.3)
25
+ rack (~> 2.0)
26
+ rack-test (>= 0.6.3)
27
+ rails-dom-testing (~> 2.0)
28
+ rails-html-sanitizer (~> 1.0, >= 1.0.2)
29
+ actionview (5.2.3)
30
+ activesupport (= 5.2.3)
31
+ builder (~> 3.1)
32
+ erubi (~> 1.4)
33
+ rails-dom-testing (~> 2.0)
34
+ rails-html-sanitizer (~> 1.0, >= 1.0.3)
35
+ activejob (5.2.3)
36
+ activesupport (= 5.2.3)
37
+ globalid (>= 0.3.6)
38
+ activemodel (5.2.3)
39
+ activesupport (= 5.2.3)
40
+ activerecord (5.2.3)
41
+ activemodel (= 5.2.3)
42
+ activesupport (= 5.2.3)
43
+ arel (>= 9.0)
44
+ activestorage (5.2.3)
45
+ actionpack (= 5.2.3)
46
+ activerecord (= 5.2.3)
47
+ marcel (~> 0.3.1)
48
+ activesupport (5.2.3)
49
+ concurrent-ruby (~> 1.0, >= 1.0.2)
50
+ i18n (>= 0.7, < 2)
51
+ minitest (~> 5.1)
52
+ tzinfo (~> 1.1)
53
+ arel (9.0.0)
54
+ builder (3.2.3)
55
+ byebug (11.0.1)
56
+ concurrent-ruby (1.1.5)
57
+ crass (1.0.4)
58
+ erubi (1.8.0)
59
+ faraday (0.15.4)
60
+ multipart-post (>= 1.2, < 3)
61
+ globalid (0.4.2)
62
+ activesupport (>= 4.2.0)
63
+ hashie (3.6.0)
64
+ i18n (1.6.0)
65
+ concurrent-ruby (~> 1.0)
66
+ jwt (2.2.1)
67
+ loofah (2.2.3)
68
+ crass (~> 1.0.2)
69
+ nokogiri (>= 1.5.9)
70
+ mail (2.7.1)
71
+ mini_mime (>= 0.1.1)
72
+ marcel (0.3.3)
73
+ mimemagic (~> 0.3.2)
74
+ method_source (0.9.2)
75
+ mimemagic (0.3.3)
76
+ mini_mime (1.0.1)
77
+ mini_portile2 (2.4.0)
78
+ minitest (5.11.3)
79
+ multi_json (1.13.1)
80
+ multi_xml (0.6.0)
81
+ multipart-post (2.1.1)
82
+ nio4r (2.3.1)
83
+ nokogiri (1.10.3)
84
+ mini_portile2 (~> 2.4.0)
85
+ oauth2 (1.4.1)
86
+ faraday (>= 0.8, < 0.16.0)
87
+ jwt (>= 1.0, < 3.0)
88
+ multi_json (~> 1.3)
89
+ multi_xml (~> 0.5)
90
+ rack (>= 1.2, < 3)
91
+ omniauth (1.9.0)
92
+ hashie (>= 3.4.6, < 3.7.0)
93
+ rack (>= 1.6.2, < 3)
94
+ omniauth-google-oauth2 (0.7.0)
95
+ jwt (>= 2.0)
96
+ omniauth (>= 1.1.1)
97
+ omniauth-oauth2 (>= 1.5)
98
+ omniauth-oauth2 (1.6.0)
99
+ oauth2 (~> 1.1)
100
+ omniauth (~> 1.9)
101
+ rack (2.0.7)
102
+ rack-test (1.1.0)
103
+ rack (>= 1.0, < 3)
104
+ rails (5.2.3)
105
+ actioncable (= 5.2.3)
106
+ actionmailer (= 5.2.3)
107
+ actionpack (= 5.2.3)
108
+ actionview (= 5.2.3)
109
+ activejob (= 5.2.3)
110
+ activemodel (= 5.2.3)
111
+ activerecord (= 5.2.3)
112
+ activestorage (= 5.2.3)
113
+ activesupport (= 5.2.3)
114
+ bundler (>= 1.3.0)
115
+ railties (= 5.2.3)
116
+ sprockets-rails (>= 2.0.0)
117
+ rails-dom-testing (2.0.3)
118
+ activesupport (>= 4.2.0)
119
+ nokogiri (>= 1.6)
120
+ rails-html-sanitizer (1.0.4)
121
+ loofah (~> 2.2, >= 2.2.2)
122
+ railties (5.2.3)
123
+ actionpack (= 5.2.3)
124
+ activesupport (= 5.2.3)
125
+ method_source
126
+ rake (>= 0.8.7)
127
+ thor (>= 0.19.0, < 2.0)
128
+ rake (10.5.0)
129
+ sprockets (3.7.2)
130
+ concurrent-ruby (~> 1.0)
131
+ rack (> 1, < 3)
132
+ sprockets-rails (3.2.1)
133
+ actionpack (>= 4.0)
134
+ activesupport (>= 4.0)
135
+ sprockets (>= 3.0.0)
136
+ sqlite3 (1.4.1)
137
+ thor (0.20.3)
138
+ thread_safe (0.3.6)
139
+ tzinfo (1.2.5)
140
+ thread_safe (~> 0.1)
141
+ websocket-driver (0.7.1)
142
+ websocket-extensions (>= 0.1.0)
143
+ websocket-extensions (0.1.4)
144
+
145
+ PLATFORMS
146
+ ruby
147
+
148
+ DEPENDENCIES
149
+ bundler (~> 2.0)
150
+ byebug
151
+ intra!
152
+ minitest (~> 5.0)
153
+ rake (~> 10.0)
154
+ sqlite3
155
+
156
+ BUNDLED WITH
157
+ 2.0.1
data/LICENSE.txt ADDED
@@ -0,0 +1,21 @@
1
+ The MIT License (MIT)
2
+
3
+ Copyright (c) 2019 Scott Serok
4
+
5
+ Permission is hereby granted, free of charge, to any person obtaining a copy
6
+ of this software and associated documentation files (the "Software"), to deal
7
+ in the Software without restriction, including without limitation the rights
8
+ to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
9
+ copies of the Software, and to permit persons to whom the Software is
10
+ furnished to do so, subject to the following conditions:
11
+
12
+ The above copyright notice and this permission notice shall be included in
13
+ all copies or substantial portions of the Software.
14
+
15
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16
+ IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17
+ FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18
+ AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19
+ LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20
+ OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
21
+ THE SOFTWARE.
data/README.md ADDED
@@ -0,0 +1,77 @@
1
+ # Intra
2
+
3
+ A relatively quick way to add Omniauth strategies to authenticate users on your
4
+ internal Rails apps. No username/password authentication.
5
+
6
+ ## Installation
7
+
8
+ Add this line to your application's Gemfile:
9
+
10
+ ```ruby
11
+ gem 'intra'
12
+ ```
13
+
14
+ And then execute:
15
+
16
+ $ bundle
17
+
18
+ Or install it yourself as:
19
+
20
+ $ gem install intra
21
+
22
+ Then install the initializer and user migration
23
+
24
+ $ bin/rails intra:install
25
+
26
+ ## Usage
27
+
28
+ The rake task adds an initializer in `config/initializers/intra.rb` and a
29
+ migration for a basic user model. Customize and run the migration if you need
30
+ to.
31
+
32
+ The `GOOGLE_OPTIONS[:hd]` in the initializer allows you to limit sign-in to a
33
+ particular Google Apps hosted domain. This can be simply string 'domain.com' or
34
+ an array %w(domain.com domain.co). More information at:
35
+ https://developers.google.com/accounts/docs/OpenIDConnect#hd-param
36
+
37
+ The Rack middleware assumes you have a model to record users with at least the
38
+ following schema.
39
+
40
+ ```ruby
41
+ t.string :uuid, null: false
42
+ t.string :email
43
+ t.string :remember_token
44
+ t.string :first_name
45
+ t.string :last_name
46
+ t.string :image_url
47
+ ```
48
+
49
+ You may want to add an index on `remember_token` (and maybe `uuid`) because on
50
+ first authentication, `uuid` is used while `remember_token` is used on each
51
+ subsequent HTTP request.
52
+
53
+ Configure the user model in the initializer and include the `Authenticatable`
54
+ module into that class.
55
+
56
+ ```ruby
57
+ class User < ApplicationRecord
58
+ include Intra::Authenticatable
59
+ end
60
+ ```
61
+
62
+ You can customize the default sign in screen by creating your own view at
63
+ `app/views/intra/sessions/new.html.erb`
64
+
65
+ ## Development
66
+
67
+ After checking out the repo, run `bin/setup` to install dependencies. Then, run `rake test` to run the tests. You can also run `bin/console` for an interactive prompt that will allow you to experiment.
68
+
69
+ To install this gem onto your local machine, run `bundle exec rake install`. To release a new version, update the version number in `version.rb`, and then run `bundle exec rake release`, which will create a git tag for the version, push git commits and tags, and push the `.gem` file to [rubygems.org](https://rubygems.org).
70
+
71
+ ## Contributing
72
+
73
+ Bug reports and pull requests are welcome on GitHub at https://github.com/[USERNAME]/intra. This project is intended to be a safe, welcoming space for collaboration, and contributors are expected to adhere to the [Contributor Covenant](http://contributor-covenant.org) code of conduct.
74
+
75
+ ## License
76
+
77
+ The gem is available as open source under the terms of the [MIT License](https://opensource.org/licenses/MIT).
data/Rakefile ADDED
@@ -0,0 +1,10 @@
1
+ require "bundler/gem_tasks"
2
+ require "rake/testtask"
3
+
4
+ Rake::TestTask.new(:test) do |t|
5
+ t.libs << "test"
6
+ t.libs << "lib"
7
+ t.test_files = FileList["test/**/*_test.rb"]
8
+ end
9
+
10
+ task :default => :test
@@ -0,0 +1,29 @@
1
+ # frozen_string_literal: true
2
+
3
+ module Intra
4
+ class SessionsController < ActionController::Base
5
+ include Authentication
6
+
7
+ skip_before_action :verify_authenticity_token, only: :create
8
+
9
+ # GET /sign_in
10
+ def new
11
+ end
12
+
13
+ # GET /auth/:provider/callback
14
+ def create
15
+ sign_in request.env['omniauth.auth']
16
+ redirect_to main_app.root_path
17
+ end
18
+
19
+ # GET /sign_out
20
+ def destroy
21
+ sign_out if signed_in?
22
+ redirect_to Intra.sign_in_path
23
+ end
24
+
25
+ def failure
26
+ redirect_to Intra.sign_in_path, error: request.params['message']
27
+ end
28
+ end
29
+ end
@@ -0,0 +1,22 @@
1
+ <article style="font-family: Arial; border: 1px solid #ddd; width: 600px; text-align: center; margin: auto; margin-top: 5em;">
2
+ <header style="border-bottom: 1px solid #ddd;">
3
+ <h1>Log in</h1>
4
+ </header>
5
+ <% if flash[:error] %>
6
+ <section>
7
+ <p style="color: red;"><%= flash[:error] %></p>
8
+ </section>
9
+ <% end %>
10
+ <section>
11
+ <div style="padding: 3em;">
12
+ <%= link_to 'Log in with Developer',
13
+ '/auth/developer',
14
+ style: 'padding: 1em 2em; background-color: #44f; border-radius: 3px; color: white;' %>
15
+ </div>
16
+ <div style="padding: 3em;">
17
+ <%= link_to 'Log in with Google',
18
+ '/auth/google',
19
+ style: 'padding: 1em 2em; background-color: #f44; border-radius: 3px; color: white;' %>
20
+ </div>
21
+ </section>
22
+ </article>
data/bin/console ADDED
@@ -0,0 +1,14 @@
1
+ #!/usr/bin/env ruby
2
+
3
+ require "bundler/setup"
4
+ require "intra"
5
+
6
+ # You can add fixtures and/or initialization code here to make experimenting
7
+ # with your gem easier. You can also use a different console, if you like.
8
+
9
+ # (If you use this, don't forget to add pry to your Gemfile!)
10
+ # require "pry"
11
+ # Pry.start
12
+
13
+ require "irb"
14
+ IRB.start(__FILE__)
data/bin/setup ADDED
@@ -0,0 +1,8 @@
1
+ #!/usr/bin/env bash
2
+ set -euo pipefail
3
+ IFS=$'\n\t'
4
+ set -vx
5
+
6
+ bundle install
7
+
8
+ # Do any other automated setup that you need to do here
data/config/routes.rb ADDED
@@ -0,0 +1,7 @@
1
+ Rails.application.routes.draw do
2
+ get 'sign_in' => 'intra/sessions#new'
3
+ get 'sign_out' => 'intra/sessions#destroy'
4
+ get '/auth/:provider/callback' => 'intra/sessions#create'
5
+ post '/auth/:provider/callback' => 'intra/sessions#create'
6
+ get '/auth/failure' => 'intra/sessions#failure'
7
+ end
data/intra.gemspec ADDED
@@ -0,0 +1,38 @@
1
+ lib = File.expand_path("../lib", __FILE__)
2
+ $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
3
+ require "intra/version"
4
+
5
+ Gem::Specification.new do |spec|
6
+ spec.name = "intra"
7
+ spec.version = Intra::VERSION
8
+ spec.authors = ["Scott Serok"]
9
+ spec.email = ["scott@serok.us"]
10
+
11
+ spec.summary = %q{Add OAuth support to your internal Rack app.}
12
+ spec.description = %q{Many companies have internal apps to support their day to day operations. This library is a drop-in Google OAuth authentication and session management library so you don't have to install Devise.}
13
+ spec.homepage = "https://github.com/scottserok/intra"
14
+ spec.license = "MIT"
15
+
16
+ if spec.respond_to?(:metadata)
17
+ spec.metadata["homepage_uri"] = spec.homepage
18
+ spec.metadata["source_code_uri"] = spec.homepage
19
+ spec.metadata["changelog_uri"] = spec.homepage
20
+ else
21
+ raise "RubyGems 2.0 or newer is required to protect against " \
22
+ "public gem pushes."
23
+ end
24
+
25
+ spec.files = Dir.chdir(File.expand_path('..', __FILE__)) do
26
+ `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(test|spec|features)/}) }
27
+ end
28
+ spec.require_paths = ["lib"]
29
+
30
+ spec.add_dependency 'rails'
31
+ spec.add_dependency 'omniauth'
32
+ spec.add_dependency 'omniauth-google-oauth2'
33
+ spec.add_development_dependency "bundler", "~> 2.0"
34
+ spec.add_development_dependency "rake", "~> 10.0"
35
+ spec.add_development_dependency "minitest", "~> 5.0"
36
+ spec.add_development_dependency "sqlite3"
37
+ spec.add_development_dependency "byebug"
38
+ end
@@ -0,0 +1,33 @@
1
+ module Intra
2
+ module Authenticatable
3
+ def self.included(base)
4
+ base.extend ClassMethods
5
+ base.class_eval do
6
+ def reset_remember_token!
7
+ update remember_token: SecureRandom.hex
8
+ end
9
+ end
10
+ end
11
+
12
+ module ClassMethods
13
+ # process the omniauth hash sent from provider to /oauth/:provider/callback
14
+ # returns an instance of a User
15
+ def authenticate(hash)
16
+ params = {
17
+ uuid: hash[:provider] + '|' + hash[:uid],
18
+ email: hash.dig(:info, :email).presence || hash.dig(:info, :name),
19
+ image_url: hash.dig(:info, :image),
20
+ remember_token: SecureRandom.hex
21
+ }
22
+ Intra.logger.debug 'omniauth response to params=' + params.to_s
23
+ user = find_by uuid: params[:uuid]
24
+ if user
25
+ user.update! params
26
+ else
27
+ user = create! params
28
+ end
29
+ user
30
+ end
31
+ end
32
+ end
33
+ end
@@ -0,0 +1,58 @@
1
+ module Intra
2
+ module Authentication
3
+ def self.included(base)
4
+ base.class_eval do
5
+ if respond_to?(:helper_method)
6
+ helper_method :current_user, :signed_in?, :signed_out?
7
+ end
8
+
9
+ private(
10
+ :authenticate!,
11
+ :current_user,
12
+ :handle_unverified_request,
13
+ :sign_in,
14
+ :sign_out,
15
+ :signed_in?,
16
+ :signed_out?
17
+ )
18
+ end
19
+ end
20
+
21
+ def authenticate!
22
+ Intra.logger.debug 'Intra::Authentication authenticate!'
23
+ redirect_to Intra.sign_in_path unless signed_in?
24
+ end
25
+
26
+ def current_user
27
+ intra_session&.current_user
28
+ end
29
+
30
+ def sign_in(hash)
31
+ Intra.logger.debug 'Intra::Authentication sign_in'
32
+ user = Intra.user_class.constantize.authenticate(hash)
33
+ intra_session.sign_in user
34
+ end
35
+
36
+ def sign_out
37
+ Intra.logger.debug 'Intra::Authentication sign_out'
38
+ intra_session&.sign_out
39
+ end
40
+
41
+ def signed_in?
42
+ intra_session&.signed_in?
43
+ end
44
+
45
+ def signed_out?
46
+ intra_session&.signed_out?
47
+ end
48
+
49
+ def handle_unverified_request
50
+ super
51
+ sign_out
52
+ end
53
+
54
+ def intra_session
55
+ request.env[:intra]
56
+ end
57
+ end
58
+ end
@@ -0,0 +1,14 @@
1
+ module Intra
2
+ class Engine < Rails::Engine
3
+ isolate_namespace Intra
4
+
5
+ initializer 'intra.initializer' do |app|
6
+ app.config.filter_parameters += [:uid]
7
+ app.config.middleware.use RackSession
8
+ end
9
+
10
+ rake_tasks do
11
+ load File.join(File.expand_path(__dir__), 'tasks', 'install.rake')
12
+ end
13
+ end
14
+ end
@@ -0,0 +1,27 @@
1
+ module Intra
2
+ class OmniAuthFailureApp
3
+ attr_reader :env
4
+
5
+ def initialize(env)
6
+ @env = env
7
+ end
8
+
9
+ def call
10
+ Logger.logger.info "OmniAuthFailureApp #{message_key}=#{error_description}"
11
+ Rack::Response.new(['302 Moved'], 302, 'Location' => new_path).finish
12
+ end
13
+
14
+ def new_path
15
+ "#{env['SCRIPT_NAME']}#{OmniAuth.config.path_prefix}/failure?" \
16
+ "message=#{message_key}&error_description=#{error_description}"
17
+ end
18
+
19
+ def message_key
20
+ env['omniauth.error.type']
21
+ end
22
+
23
+ def error_description
24
+ Rack::Utils.escape(env['omniauth.error'].error_reason)
25
+ end
26
+ end
27
+ end
@@ -0,0 +1,15 @@
1
+ module Intra
2
+ class RackSession
3
+ def initialize(app)
4
+ @app = app
5
+ end
6
+
7
+ def call(env)
8
+ session = Session.new env
9
+ env[:intra] = session
10
+ response = @app.call env
11
+ session.add_cookie_to_headers response[1]
12
+ response
13
+ end
14
+ end
15
+ end
@@ -0,0 +1,67 @@
1
+ module Intra
2
+ class Session
3
+ def initialize(env)
4
+ @env = env
5
+ @current_user = nil
6
+ @cookies = nil
7
+ end
8
+
9
+ def add_cookie_to_headers(headers)
10
+ if current_user&.remember_token
11
+ options = cookie_options.merge value: current_user.remember_token
12
+ Rack::Utils.set_cookie_header! headers, COOKIE_NAME, options
13
+ end
14
+ end
15
+
16
+ def current_user
17
+ if remember_token.present?
18
+ @current_user ||= user_model.find_by(remember_token: remember_token)
19
+ end
20
+ @current_user
21
+ end
22
+
23
+ def sign_in(user)
24
+ @current_user = user
25
+ end
26
+
27
+ def sign_out
28
+ current_user.reset_remember_token! if signed_in?
29
+
30
+ @current_user = nil
31
+ cookies.delete COOKIE_NAME
32
+ end
33
+
34
+ def signed_in?
35
+ current_user.present?
36
+ end
37
+
38
+ def signed_out?
39
+ !signed_in?
40
+ end
41
+
42
+ private
43
+
44
+ def user_model
45
+ Intra.user_class.constantize
46
+ end
47
+
48
+ def cookies
49
+ @cookies ||= ActionDispatch::Request.new(@env).cookie_jar
50
+ end
51
+
52
+ def remember_token
53
+ cookies[COOKIE_NAME]
54
+ end
55
+
56
+ def cookie_options
57
+ {
58
+ expires: 1.week.from_now,
59
+ path: '/',
60
+ secure: Rails.env.production?,
61
+ value: remember_token
62
+ }
63
+ end
64
+
65
+ COOKIE_NAME = 'remember_token'.freeze
66
+ end
67
+ end
@@ -0,0 +1,51 @@
1
+ namespace :intra do
2
+ desc 'Install Intra initializer and migration file'
3
+ task :install do
4
+ filename = 'config/initializers/intra.rb'
5
+ File.write filename, INITIALIZER
6
+ puts 'Added initializer to ' + filename
7
+ time = Time.now.strftime("%Y%m%d%H%M%S")
8
+ filename = "db/migrate/#{time}_create_users.rb"
9
+ File.write filename, MIGRATION
10
+ puts 'Added migration to ' + filename
11
+ puts 'Done'
12
+ end
13
+
14
+ INITIALIZER = <<-RUBY
15
+ Intra.logger = Rails.logger
16
+ OmniAuth.config.logger = Rails.logger
17
+
18
+ GOOGLE_OPTIONS = {
19
+ name: 'google',
20
+ prompt: 'select_account',
21
+ image_aspect_ratio: 'square',
22
+ image_size: 50,
23
+ hd: 'mydomain.com'
24
+ }
25
+
26
+ Rails.application.config.middleware.use OmniAuth::Builder do
27
+ provider :developer unless Rails.env.production?
28
+ provider :google_oauth2,
29
+ ENV['GOOGLE_CLIENT_ID'],
30
+ ENV['GOOGLE_CLIENT_SECRET'],
31
+ GOOGLE_OPTIONS
32
+ end
33
+ RUBY
34
+
35
+ MIGRATION = <<-RUBY
36
+ class CreateUsers < ActiveRecord::Migration[5.2]
37
+ def change
38
+ create_table :users do |t|
39
+ t.string :uuid, null: false
40
+ t.string :remember_token
41
+ t.string :email
42
+ t.string :first_name
43
+ t.string :last_name
44
+ t.string :image_url
45
+
46
+ t.timestamps
47
+ end
48
+ end
49
+ end
50
+ RUBY
51
+ end
@@ -0,0 +1,3 @@
1
+ module Intra
2
+ VERSION = "0.1.0"
3
+ end
data/lib/intra.rb ADDED
@@ -0,0 +1,41 @@
1
+ require 'logger' unless defined?(Logger)
2
+ require 'rails/engine' unless defined?(Rails::Engine)
3
+ require 'omniauth'
4
+ require 'omniauth-google-oauth2'
5
+ require 'action_dispatch'
6
+
7
+ require 'intra/version'
8
+ require 'intra/session'
9
+ require 'intra/rack_session'
10
+ require 'intra/authenticatable'
11
+ require 'intra/authentication'
12
+ require 'intra/engine'
13
+
14
+ module Intra
15
+ # Configure the path to redirect unauthenticated session. Default '/sign_in'
16
+ def self.sign_in_path(path)
17
+ @@sign_in_path = path
18
+ end
19
+
20
+ def self.sign_in_path
21
+ @@sign_in_path ||= '/sign_in'
22
+ end
23
+
24
+ # Configure the user class. Default 'User'
25
+ def self.user_class=(user_class)
26
+ @@user_class = user_class
27
+ end
28
+
29
+ def self.user_class
30
+ @@user_class ||= 'User'
31
+ end
32
+
33
+ # Configure the logger Intra will use. Defaults to Logger.new($STDOUT)
34
+ def self.logger=(logger)
35
+ @@logger = logger
36
+ end
37
+
38
+ def self.logger
39
+ @@logger ||= Logger.new($STDOUT)
40
+ end
41
+ end
metadata ADDED
@@ -0,0 +1,184 @@
1
+ --- !ruby/object:Gem::Specification
2
+ name: intra
3
+ version: !ruby/object:Gem::Version
4
+ version: 0.1.0
5
+ platform: ruby
6
+ authors:
7
+ - Scott Serok
8
+ autorequire:
9
+ bindir: bin
10
+ cert_chain: []
11
+ date: 2019-06-11 00:00:00.000000000 Z
12
+ dependencies:
13
+ - !ruby/object:Gem::Dependency
14
+ name: rails
15
+ requirement: !ruby/object:Gem::Requirement
16
+ requirements:
17
+ - - ">="
18
+ - !ruby/object:Gem::Version
19
+ version: '0'
20
+ type: :runtime
21
+ prerelease: false
22
+ version_requirements: !ruby/object:Gem::Requirement
23
+ requirements:
24
+ - - ">="
25
+ - !ruby/object:Gem::Version
26
+ version: '0'
27
+ - !ruby/object:Gem::Dependency
28
+ name: omniauth
29
+ requirement: !ruby/object:Gem::Requirement
30
+ requirements:
31
+ - - ">="
32
+ - !ruby/object:Gem::Version
33
+ version: '0'
34
+ type: :runtime
35
+ prerelease: false
36
+ version_requirements: !ruby/object:Gem::Requirement
37
+ requirements:
38
+ - - ">="
39
+ - !ruby/object:Gem::Version
40
+ version: '0'
41
+ - !ruby/object:Gem::Dependency
42
+ name: omniauth-google-oauth2
43
+ requirement: !ruby/object:Gem::Requirement
44
+ requirements:
45
+ - - ">="
46
+ - !ruby/object:Gem::Version
47
+ version: '0'
48
+ type: :runtime
49
+ prerelease: false
50
+ version_requirements: !ruby/object:Gem::Requirement
51
+ requirements:
52
+ - - ">="
53
+ - !ruby/object:Gem::Version
54
+ version: '0'
55
+ - !ruby/object:Gem::Dependency
56
+ name: bundler
57
+ requirement: !ruby/object:Gem::Requirement
58
+ requirements:
59
+ - - "~>"
60
+ - !ruby/object:Gem::Version
61
+ version: '2.0'
62
+ type: :development
63
+ prerelease: false
64
+ version_requirements: !ruby/object:Gem::Requirement
65
+ requirements:
66
+ - - "~>"
67
+ - !ruby/object:Gem::Version
68
+ version: '2.0'
69
+ - !ruby/object:Gem::Dependency
70
+ name: rake
71
+ requirement: !ruby/object:Gem::Requirement
72
+ requirements:
73
+ - - "~>"
74
+ - !ruby/object:Gem::Version
75
+ version: '10.0'
76
+ type: :development
77
+ prerelease: false
78
+ version_requirements: !ruby/object:Gem::Requirement
79
+ requirements:
80
+ - - "~>"
81
+ - !ruby/object:Gem::Version
82
+ version: '10.0'
83
+ - !ruby/object:Gem::Dependency
84
+ name: minitest
85
+ requirement: !ruby/object:Gem::Requirement
86
+ requirements:
87
+ - - "~>"
88
+ - !ruby/object:Gem::Version
89
+ version: '5.0'
90
+ type: :development
91
+ prerelease: false
92
+ version_requirements: !ruby/object:Gem::Requirement
93
+ requirements:
94
+ - - "~>"
95
+ - !ruby/object:Gem::Version
96
+ version: '5.0'
97
+ - !ruby/object:Gem::Dependency
98
+ name: sqlite3
99
+ requirement: !ruby/object:Gem::Requirement
100
+ requirements:
101
+ - - ">="
102
+ - !ruby/object:Gem::Version
103
+ version: '0'
104
+ type: :development
105
+ prerelease: false
106
+ version_requirements: !ruby/object:Gem::Requirement
107
+ requirements:
108
+ - - ">="
109
+ - !ruby/object:Gem::Version
110
+ version: '0'
111
+ - !ruby/object:Gem::Dependency
112
+ name: byebug
113
+ requirement: !ruby/object:Gem::Requirement
114
+ requirements:
115
+ - - ">="
116
+ - !ruby/object:Gem::Version
117
+ version: '0'
118
+ type: :development
119
+ prerelease: false
120
+ version_requirements: !ruby/object:Gem::Requirement
121
+ requirements:
122
+ - - ">="
123
+ - !ruby/object:Gem::Version
124
+ version: '0'
125
+ description: Many companies have internal apps to support their day to day operations.
126
+ This library is a drop-in Google OAuth authentication and session management library
127
+ so you don't have to install Devise.
128
+ email:
129
+ - scott@serok.us
130
+ executables: []
131
+ extensions: []
132
+ extra_rdoc_files: []
133
+ files:
134
+ - ".env.example"
135
+ - ".gitignore"
136
+ - ".travis.yml"
137
+ - CODE_OF_CONDUCT.md
138
+ - Gemfile
139
+ - Gemfile.lock
140
+ - LICENSE.txt
141
+ - README.md
142
+ - Rakefile
143
+ - app/controllers/intra/sessions_controller.rb
144
+ - app/views/intra/sessions/new.html.erb
145
+ - bin/console
146
+ - bin/setup
147
+ - config/routes.rb
148
+ - intra.gemspec
149
+ - lib/intra.rb
150
+ - lib/intra/authenticatable.rb
151
+ - lib/intra/authentication.rb
152
+ - lib/intra/engine.rb
153
+ - lib/intra/omniauth_failure_app.rb
154
+ - lib/intra/rack_session.rb
155
+ - lib/intra/session.rb
156
+ - lib/intra/tasks/install.rake
157
+ - lib/intra/version.rb
158
+ homepage: https://github.com/scottserok/intra
159
+ licenses:
160
+ - MIT
161
+ metadata:
162
+ homepage_uri: https://github.com/scottserok/intra
163
+ source_code_uri: https://github.com/scottserok/intra
164
+ changelog_uri: https://github.com/scottserok/intra
165
+ post_install_message:
166
+ rdoc_options: []
167
+ require_paths:
168
+ - lib
169
+ required_ruby_version: !ruby/object:Gem::Requirement
170
+ requirements:
171
+ - - ">="
172
+ - !ruby/object:Gem::Version
173
+ version: '0'
174
+ required_rubygems_version: !ruby/object:Gem::Requirement
175
+ requirements:
176
+ - - ">="
177
+ - !ruby/object:Gem::Version
178
+ version: '0'
179
+ requirements: []
180
+ rubygems_version: 3.0.3
181
+ signing_key:
182
+ specification_version: 4
183
+ summary: Add OAuth support to your internal Rack app.
184
+ test_files: []