jekyll-auth 2.1.0 → 2.1.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (49) hide show
  1. checksums.yaml +5 -5
  2. data/.github/CODEOWNERS +3 -0
  3. data/.github/ISSUE_TEMPLATE/bug_report.md +28 -0
  4. data/.github/ISSUE_TEMPLATE/feature_request.md +21 -0
  5. data/.github/config.yml +23 -0
  6. data/.github/dependabot.yml +10 -0
  7. data/.github/funding.yml +1 -0
  8. data/.github/no-response.yml +15 -0
  9. data/.github/release-drafter.yml +4 -0
  10. data/.github/settings.yml +33 -0
  11. data/.github/stale.yml +29 -0
  12. data/.github/workflows/ci.yml +24 -0
  13. data/.github/workflows/codeql-analysis.yml +70 -0
  14. data/.rubocop.yml +13 -4
  15. data/.travis.yml +3 -3
  16. data/Gemfile +3 -1
  17. data/Rakefile +13 -11
  18. data/bin/jekyll-auth +8 -8
  19. data/docs/CODE_OF_CONDUCT.md +46 -0
  20. data/docs/CONTRIBUTING.md +88 -0
  21. data/docs/README.md +37 -0
  22. data/docs/SECURITY.md +3 -0
  23. data/docs/_config.yml +2 -0
  24. data/docs/configuring.md +36 -0
  25. data/docs/getting-started.md +63 -0
  26. data/docs/running-locally.md +24 -0
  27. data/docs/troubleshooting.md +31 -0
  28. data/jekyll-auth.gemspec +30 -25
  29. data/lib/jekyll-auth.rb +3 -0
  30. data/lib/jekyll_auth/auth_site.rb +2 -0
  31. data/lib/jekyll_auth/commands.rb +5 -1
  32. data/lib/jekyll_auth/config.rb +15 -8
  33. data/lib/jekyll_auth/config_error.rb +2 -0
  34. data/lib/jekyll_auth/helpers.rb +3 -0
  35. data/lib/jekyll_auth/jekyll_site.rb +4 -2
  36. data/lib/jekyll_auth/sinatra/auth/github.rb +8 -4
  37. data/lib/jekyll_auth/version.rb +3 -1
  38. data/spec/jekyll_auth_auth_site_spec.rb +2 -0
  39. data/spec/jekyll_auth_bin_spec.rb +2 -0
  40. data/spec/jekyll_auth_commands_spec.rb +2 -0
  41. data/spec/jekyll_auth_helpers_spec.rb +2 -0
  42. data/spec/jekyll_auth_jekyll_site_spec.rb +3 -1
  43. data/spec/jekyll_auth_spec.rb +2 -0
  44. data/spec/spec_helper.rb +3 -0
  45. data/templates/.gitignore +0 -1
  46. data/templates/Rakefile +3 -1
  47. data/templates/config.ru +3 -1
  48. metadata +143 -52
  49. data/README.md +0 -179
@@ -0,0 +1,63 @@
1
+ ## Getting Started
2
+
3
+ ### Create a GitHub Application
4
+
5
+ 1. Navigate to [the GitHub app registration page](https://github.com/settings/applications/new)
6
+ 2. Give your app a name
7
+ 3. Tell GitHub the URL you want the app to eventually live at. If using a free Heroku account, this will be something like <http://my-site.herokuapp.com>
8
+ 4. Specify the callback URL; should be like this: <https://my-site.herokuapp.com/auth/github/callback>; note that this is **https**, not http.
9
+ 5. Hit Save, but leave the page open, you'll need some of the information in a moment
10
+
11
+ Remember the 'my-site' part for later on when using `heroku create`. Also, my-site is often called 'app-name' in Heroku documentation.
12
+
13
+ ### Add Jekyll Auth to your site
14
+
15
+ 1. Within your new site repository or orphaned github [branch](https://help.github.com/articles/creating-project-pages-manually/) (the branch could be named anything except 'gh-pages' since this would then be public on GitHub!), add `gem 'jekyll-auth'` to your `Gemfile` or if you don't already have a `Gemfile`, create a file called `Gemfile` in the root of your site's repository with the following content:
16
+
17
+ ```ruby
18
+ source "https://rubygems.org"
19
+
20
+ gem 'jekyll-auth'
21
+ ```
22
+
23
+ 2. `cd` into your project's directory and run `bundle install`. If you get an error using `bundle install`, see Troubleshooting below.
24
+
25
+ 3. Run `bundle exec jekyll-auth new` which will copy the necessary files to set up the server
26
+
27
+
28
+ ### Setting up hosting with Heroku
29
+
30
+ #### Automatically
31
+
32
+ Run `bundle exec jekyll-auth setup --client_id XXX --client_secret XXX --org_name XXX`
33
+
34
+ (or `--team_id XXX`)
35
+
36
+ #### Manually
37
+
38
+ 1. You may need to add and commit the files generated by `jekyll-auth new` to Git before continuing
39
+ 2. Make sure you have [the Heroku toolbelt](https://toolbelt.heroku.com/) installed
40
+ 3. Run `heroku create my-site` from your site's directory; make sure my-site matches what you specified in the GitHub application registration above.
41
+ 4. `heroku config:set GITHUB_CLIENT_ID=XXX GITHUB_CLIENT_SECRET=XXX GITHUB_ORG_NAME=XXX` (or `GITHUB_TEAM_ID`)
42
+ 5. `git push heroku`, or if you are maintaining the site in an orphaned branch of your GitHub repo (say 'heroku-pages'), do `git push heroku heroku-pages:master`
43
+ 6. `heroku open` to open the site in your browser
44
+
45
+ #### Find the Organization ID (needed to find Team ID)
46
+
47
+ If you need to find an organization's ID, you can use the following cURL command:
48
+
49
+ ```
50
+ curl https://api.github.com/orgs/{org_name}
51
+ ```
52
+
53
+ #### Finding the Team ID
54
+
55
+ If you need help finding a team's numeric ID, you can use the `jekyll-auth team_id` command.
56
+
57
+ For example, to find the team ID for @jekyll/maintainers you'd run the command:
58
+
59
+ ```
60
+ jekyll-auth team_id --org jekyll --team maintainers
61
+ ```
62
+
63
+ You'll want to add a [personal access token](https://github.com/settings/tokens/new) to your `.env` file so that Jekyll-Auth can make the necessary API request, but the command will run you through the process if you do not provide this.
@@ -0,0 +1,24 @@
1
+ ## Running locally
2
+
3
+ Want to run it locally?
4
+
5
+ ### Without authentication
6
+
7
+ Just run `jekyll serve` as you would normally.
8
+
9
+ ### With authentication
10
+
11
+ 1. `export GITHUB_CLIENT_ID=[your github app client id]`
12
+ 2. `export GITHUB_CLIENT_SECRET=[your github app client secret]`
13
+ 3. `export GITHUB_ORG_NAME=[org name]` or `export GITHUB_TEAM_ID=[team id]` or `export GITHUB_TEAM_IDS=1234,5678`
14
+ 4. `jekyll-auth serve`
15
+
16
+ *Pro-tip #1:* For sanity's sake, and to avoid problems with your callback URL, you may want to have two apps, one with a local Oauth callback, and one for production if you're going to be testing auth locally.
17
+
18
+ *Pro-tip #2*: Jekyll Auth supports [dotenv](https://github.com/bkeepers/dotenv) out of the box. You can create a `.env` file in the root of site and add your configuration variables there. It's ignored by `.gitignore` if you use `jekyll-auth new`, but be sure not to accidentally commit your `.env` file. Here's what your `.env` file might look like:
19
+
20
+ ```
21
+ GITHUB_CLIENT_SECRET=abcdefghijklmnopqrstuvwxyz0123456789
22
+ GITHUB_CLIENT_ID=qwertyuiop0001
23
+ GITHUB_TEAM_ID=12345
24
+ ```
@@ -0,0 +1,31 @@
1
+ ## Troubleshooting
2
+
3
+ ### `ERROR: YOUR SITE COULD NOT BE BUILT` During install, either locally or on Heroku.
4
+
5
+ You likely need to add `exclude: [vendor]` to `_config.yml` in your branch's root directory (create the file if it does not exist already). If you still have problems on the *local* install, you may have better luck using `bundle install --deployment`, but be sure to add the resulting 'vendor' directory to .gitignore. For completeness, the full error may look something like this:
6
+
7
+
8
+ ```
9
+ remote: Configuration file: none
10
+ remote: ERROR: YOUR SITE COULD NOT BE BUILT:
11
+ remote: ------------------------------------
12
+ remote: Invalid date '0000-00-00': Post '/vendor/bundle/ruby/2.0.0/gems/jekyll-2.5.3/lib/site_template/_posts/0000-00-00-welcome-to-jekyll.markdown.erb' does not have a valid date in the filename.
13
+ ```
14
+
15
+ ### Pushing to heroku
16
+
17
+ If you are working from a new GitHub-cloned repo (where you have not run `heroku create`), you may also want to push to Heroku. Instead of adding the remote in the standard way with Git, do this:
18
+
19
+
20
+ ```
21
+ heroku git:remote -a my-site
22
+ ```
23
+
24
+ ### Upgrading from Jekyll Auth &lt; 0.1.0
25
+
26
+ 1. `cd` to your project directory
27
+ 2. `rm config.ru`
28
+ 3. `rm Procfile`
29
+ 4. Remove any Jekyll Auth specific requirements from your `Gemfile`
30
+ 5. Follow [the instructions above](https://github.com/benbalter/jekyll-auth#add-jekyll-auth-to-your-site) to get started
31
+ 6. When prompted, select "n" if Heroku is already set up
data/jekyll-auth.gemspec CHANGED
@@ -1,33 +1,38 @@
1
- require './lib/jekyll_auth/version'
1
+ # frozen_string_literal: true
2
+
3
+ require "./lib/jekyll_auth/version"
2
4
 
3
5
  Gem::Specification.new do |s|
4
- s.name = 'jekyll-auth'
6
+ s.name = "jekyll-auth"
5
7
  s.version = JekyllAuth::VERSION
6
- s.summary = 'A simple way to use GitHub OAuth to serve a protected jekyll site to your GitHub organization'
7
- s.description = 'A simple way to use GitHub OAuth to serve a protected jekyll site to your GitHub organization.'
8
- s.authors = 'Ben Balter'
9
- s.email = 'ben@balter.com'
10
- s.homepage = 'https://github.com/benbalter/jekyll-auth'
11
- s.license = 'MIT'
8
+ s.summary = "A simple way to use GitHub OAuth to serve a protected jekyll site to your GitHub organization"
9
+ s.description = "A simple way to use GitHub OAuth to serve a protected jekyll site to your GitHub organization."
10
+ s.authors = "Ben Balter"
11
+ s.email = "ben@balter.com"
12
+ s.homepage = "https://github.com/benbalter/jekyll-auth"
13
+ s.license = "MIT"
12
14
  s.files = `git ls-files`.split("\n")
13
15
  s.test_files = `git ls-files -- {test,spec,features}/*`.split("\n")
14
16
  s.executables = `git ls-files -- bin/*`.split("\n").map { |f| File.basename(f) }
15
- s.require_paths = ['lib']
17
+ s.require_paths = ["lib"]
16
18
 
17
- s.add_dependency 'jekyll', '~> 3.0'
18
- s.add_dependency 'sinatra-index', '~> 0.0'
19
- s.add_dependency 'sinatra_auth_github', '~> 1.1'
20
- s.add_dependency 'rack', '~> 1.6'
21
- s.add_dependency 'dotenv', '~> 2.0'
22
- s.add_dependency 'rake', '~> 10.3'
23
- s.add_dependency 'rack-ssl-enforcer', '~> 0.2'
24
- s.add_dependency 'mercenary', '~> 0.3'
25
- s.add_dependency 'safe_yaml', '~> 1.0'
26
- s.add_dependency 'colorator', '~> 1.0'
27
- s.add_dependency 'activesupport', '~> 4.0'
28
- s.add_development_dependency 'rspec', '~> 3.1'
29
- s.add_development_dependency 'rack-test', '~> 0.6'
30
- s.add_development_dependency 'webmock', '~> 1.2 '
31
- s.add_development_dependency 'pry', '~> 0.10'
32
- s.add_development_dependency 'rubocop', '~> 0.35'
19
+ s.add_dependency "activesupport", ">= 5", "< 8"
20
+ s.add_dependency "colorator", "~> 1.0"
21
+ s.add_dependency "dotenv", "~> 2.0"
22
+ s.add_dependency "jekyll", "~> 4.0"
23
+ s.add_dependency "mercenary", "~> 0.3"
24
+ s.add_dependency "rack", ">= 1.6", "< 3.0"
25
+ s.add_dependency "rack-protection", ">= 1.5.5", "< 3.0"
26
+ s.add_dependency "rack-ssl-enforcer", "~> 0.2"
27
+ s.add_dependency "rake", "~> 13.0"
28
+ s.add_dependency "safe_yaml", "~> 1.0"
29
+ s.add_dependency "sinatra-index", "~> 0.0"
30
+ s.add_dependency "sinatra_auth_github", ">= 1.1", "< 3.0"
31
+ s.add_development_dependency "pry", "~> 0.10"
32
+ s.add_development_dependency "rack-test", "~> 2.0"
33
+ s.add_development_dependency "rspec", "~> 3.1"
34
+ s.add_development_dependency "rubocop", "~> 0.49", ">= 0.49.0"
35
+ s.add_development_dependency "rubocop-jekyll", "~> 0.11.0"
36
+ s.add_development_dependency "rubocop-performance", "~> 1.0"
37
+ s.add_development_dependency "webmock", "~> 2.3 "
33
38
  end
data/lib/jekyll-auth.rb CHANGED
@@ -1,3 +1,5 @@
1
+ # frozen_string_literal: true
2
+
1
3
  require "sinatra-index"
2
4
  require "sinatra_auth_github"
3
5
  require "dotenv"
@@ -11,6 +13,7 @@ require_relative "jekyll_auth/auth_site"
11
13
  require_relative "jekyll_auth/jekyll_site"
12
14
  require_relative "jekyll_auth/config_error"
13
15
  require_relative "jekyll_auth/commands"
16
+ require_relative "jekyll_auth/sinatra/auth/github"
14
17
 
15
18
  Dotenv.load
16
19
 
@@ -1,3 +1,5 @@
1
+ # frozen_string_literal: true
2
+
1
3
  class JekyllAuth
2
4
  class AuthSite < Sinatra::Base
3
5
  configure :production do
@@ -1,3 +1,5 @@
1
+ # frozen_string_literal: true
2
+
1
3
  class JekyllAuth
2
4
  class Commands
3
5
  FILES = %w(Rakefile config.ru .gitignore .env).freeze
@@ -13,13 +15,14 @@ class JekyllAuth
13
15
 
14
16
  def self.changed?
15
17
  !execute_command("git", "status", destination, "--porcelain").empty?
16
- rescue
18
+ rescue StandardError
17
19
  false
18
20
  end
19
21
 
20
22
  def self.execute_command(*args)
21
23
  output, status = Open3.capture2e(*args)
22
24
  raise "Command `#{args.join(" ")}` failed: #{output}" unless status.exitstatus.zero?
25
+
23
26
  output
24
27
  end
25
28
 
@@ -50,6 +53,7 @@ class JekyllAuth
50
53
  execute_command "git", "init", destination
51
54
  FILES.each do |file|
52
55
  next if file == ".env"
56
+
53
57
  execute_command("git", "add", "--", "#{destination}/#{file}")
54
58
  end
55
59
  end
@@ -1,23 +1,30 @@
1
+ # frozen_string_literal: true
2
+
1
3
  class JekyllAuth
2
4
  def self.config_file
3
5
  File.join(Dir.pwd, "_config.yml")
4
6
  end
5
7
 
8
+ def self.jekyll_config
9
+ @config ||= YAML.safe_load_file(config_file)
10
+ rescue StandardError
11
+ {}
12
+ end
13
+
6
14
  def self.config
7
- @config ||= begin
8
- config = YAML.safe_load_file(config_file)
9
- config["jekyll_auth"] || {}
10
- rescue
11
- {}
12
- end
15
+ jekyll_config.fetch("jekyll_auth", {})
16
+ end
17
+
18
+ def self.destination
19
+ jekyll_config.fetch("destination", File.expand_path("_site", Dir.pwd))
13
20
  end
14
21
 
15
22
  def self.whitelist
16
- whitelist = JekyllAuth.config["whitelist"]
23
+ whitelist = config["whitelist"]
17
24
  Regexp.new(whitelist.join("|")) unless whitelist.nil?
18
25
  end
19
26
 
20
27
  def self.ssl?
21
- !!JekyllAuth.config["ssl"]
28
+ !!config["ssl"]
22
29
  end
23
30
  end
@@ -1,3 +1,5 @@
1
+ # frozen_string_literal: true
2
+
1
3
  class JekyllAuth
2
4
  class ConfigError < RuntimeError
3
5
  def message
@@ -1,7 +1,10 @@
1
+ # frozen_string_literal: true
2
+
1
3
  class JekyllAuth
2
4
  module Helpers
3
5
  def whitelisted?
4
6
  return true if request.path_info == "/logout"
7
+
5
8
  !!(JekyllAuth.whitelist && JekyllAuth.whitelist.match(request.path_info))
6
9
  end
7
10
 
@@ -1,12 +1,14 @@
1
+ # frozen_string_literal: true
2
+
1
3
  class JekyllAuth
2
4
  class JekyllSite < Sinatra::Base
3
5
  register Sinatra::Index
4
- set :public_folder, File.expand_path("_site", Dir.pwd)
6
+ set :public_folder, File.expand_path(JekyllAuth.destination, Dir.pwd)
5
7
  use_static_index "index.html"
6
8
 
7
9
  not_found do
8
10
  status 404
9
- four_oh_four = File.expand_path("_site/404.html", Dir.pwd)
11
+ four_oh_four = File.expand_path(settings.public_folder + "/404.html", Dir.pwd)
10
12
  File.read(four_oh_four) if File.exist?(four_oh_four)
11
13
  end
12
14
  end
@@ -1,10 +1,14 @@
1
+ # frozen_string_literal: true
2
+
1
3
  module Sinatra
2
4
  module Auth
3
5
  module Github
4
- # Like the native github_team_authenticate! but accepts an array of team ids
5
- def github_teams_authenticate!(teams)
6
- authenticate!
7
- halt([401, "Unauthorized User"]) unless teams.any? { |team_id| github_team_access?(team_id) }
6
+ module Helpers
7
+ # Like the native github_team_authenticate! but accepts an array of team ids
8
+ def github_teams_authenticate!(teams)
9
+ authenticate!
10
+ halt([401, "Unauthorized User"]) unless teams.any? { |team_id| github_team_access?(team_id) }
11
+ end
8
12
  end
9
13
  end
10
14
  end
@@ -1,3 +1,5 @@
1
+ # frozen_string_literal: true
2
+
1
3
  class JekyllAuth
2
- VERSION = "2.1.0".freeze
4
+ VERSION = "2.1.3"
3
5
  end
@@ -1,3 +1,5 @@
1
+ # frozen_string_literal: true
2
+
1
3
  require "spec_helper"
2
4
 
3
5
  describe "logged in user" do
@@ -1,3 +1,5 @@
1
+ # frozen_string_literal: true
2
+
1
3
  require "spec_helper"
2
4
 
3
5
  describe "bin" do
@@ -1,3 +1,5 @@
1
+ # frozen_string_literal: true
2
+
1
3
  require "spec_helper"
2
4
 
3
5
  describe "commands" do
@@ -1,3 +1,5 @@
1
+ # frozen_string_literal: true
2
+
1
3
  require "spec_helper"
2
4
 
3
5
  describe "strategies" do
@@ -1,3 +1,5 @@
1
+ # frozen_string_literal: true
2
+
1
3
  require "spec_helper"
2
4
 
3
5
  describe "jekyll site" do
@@ -31,7 +33,7 @@ describe "jekyll site" do
31
33
  it "serves the default 404" do
32
34
  get "/a-bad-path"
33
35
  expect(last_response.status).to eql(404)
34
- expect(last_response.body).to eql("<h1>Not Found</h1>")
36
+ expect(last_response.body).to match(%r!Not ?Found!i)
35
37
  end
36
38
 
37
39
  it "serves a custom 404" do
@@ -1,3 +1,5 @@
1
+ # frozen_string_literal: true
2
+
1
3
  require "spec_helper"
2
4
 
3
5
  describe "JekyllAuth" do
data/spec/spec_helper.rb CHANGED
@@ -1,3 +1,5 @@
1
+ # frozen_string_literal: true
2
+
1
3
  require "bundler/setup"
2
4
  require "fileutils"
3
5
 
@@ -46,6 +48,7 @@ end
46
48
  def execute_bin(env, *args)
47
49
  output, status = Open3.capture2e(env, bin_path, *args)
48
50
  raise "Command `#{bin_path} #{args.join(" ")}` failed: #{output}" if status != 0
51
+
49
52
  output
50
53
  end
51
54
 
data/templates/.gitignore CHANGED
@@ -1,3 +1,2 @@
1
1
  _site
2
2
  .env
3
- /Gemfile.lock
data/templates/Rakefile CHANGED
@@ -1,9 +1,11 @@
1
+ # frozen_string_literal: true
2
+
1
3
  # This file is auto-generated by Jekyll Auth
2
4
  # Feel free to add additional Rake tasks so long as
3
5
  # `rake assets:precompile` continues to generate the jekyll site
4
6
 
5
7
  namespace :assets do
6
8
  task :precompile do
7
- sh 'bundle exec jekyll-auth build'
9
+ sh "bundle exec jekyll-auth build"
8
10
  end
9
11
  end
data/templates/config.ru CHANGED
@@ -1,5 +1,7 @@
1
+ # frozen_string_literal: true
2
+
1
3
  # This file is auto-generated by Jekyll Auth
2
4
  # It tells Heroku how to launch our site
3
5
 
4
- require 'jekyll-auth'
6
+ require "jekyll-auth"
5
7
  run JekyllAuth.site