jekyll-auth 2.1.0 → 2.1.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
-SHA1:
-  metadata.gz: 5252fb3ba4db62cb22f5f9949f54a2e0612ed060
-  data.tar.gz: ae51f402692073b5b79942f62af6885533bf41fc
+SHA256:
+  metadata.gz: c136d94831d0eeebe7d76abafa627651c9e4cf1fd62b6a3ad52e29504790d1e6
+  data.tar.gz: 6044ef25f707107669ae9611ae92b4cf6683ffdbe7c104533dcebf0e84f4b4e5
 SHA512:
-  metadata.gz: c85daf40909c0eca989d2c468fd68edc67d4fea09b197f64dd06194f9bfb6a045849e8766720427ba683023b80ba58e154de8d9952c2a65cd3054640e13291d8
-  data.tar.gz: 1409e332aca6db366fa2dc1c4c8a00aea75e5dbd38f78800b21eb78f4c71ffe64d94790f8b5903758c427ba7de188db89bd2f8b1898f9c0165989d3f423e57c3
+  metadata.gz: 1e3f69f15ad1e609bcc6ad7533b7e1ce776c6357885fdd1cd8aefd9d028f5534329777fe236da3b236a1ace64ecdc74a30f8fa0e44ea0d6478c4d075190039f7
+  data.tar.gz: f3a380a463ca7529350e95c41eef356cf50a1041874d3e3f538b50d1cbe11ab80d0ec747aaecbd57fe6ba842ffbbbc79596823f240c7779ed5e0c4f656ea46d6

data/.github/CODEOWNERS

@@ -0,0 +1,3 @@
+# Require @benbalter's :+1: for changes to the .github repo-config files
+# mainly due to https://github.com/probot/settings privilege escalation
+.github/* @benbalter

data/.github/config.yml

@@ -0,0 +1,20 @@
+# Behaviorbot config. See https://github.com/behaviorbot/ for more information.
+# Note: Please Don't edit this file directly.
+# Edit https://github.com/benbalter/behaviorbot-config instead.
+
+# Configuration for update-docs - https://github.com/behaviorbot/update-docs
+updateDocsComment: "Thanks for the pull request! If you are making any changes to the user-facing functionality, please be sure to update the documentation in the `README` or `docs/` folder alongside your change. :heart:"
+
+# Configuration for request-info - https://github.com/behaviorbot/request-info
+requestInfoReplyComment: Thanks for this. Do you mind providing a bit more information about what problem you're trying to solve?
+requestInfoLabelToAdd: more-information-needed
+
+# Configuration for new-issue-welcome - https://github.com/behaviorbot/new-issue-welcome
+#newIssueWelcomeComment: >
+#  Welcome!
+
+# Configuration for new-pr-welcome - https://github.com/behaviorbot/new-pr-welcome
+newPRWelcomeComment: Welcome! Congrats on your first pull request to Jekyll Auth. If you haven't already, please be sure to check out [the contributing guidelines](https://github.com/benbalter/jekyll-auth/blob/master/docs/CONTRIBUTING.md).
+
+# Configuration for first-pr-merge - https://github.com/behaviorbot/first-pr-merge
+firstPRMergeComment: "Congrats on getting your first pull request to Jekyll Auth merged! Without amazing humans like you submitting pull requests, we couldn’t run this project. You rock! :tada:<br /><br />If you're interested in tackling another bug or feature, take a look at [the open issues](https://github.com/benbalter/jekyll-auth/issues), especially those [labeled `help wanted`](https://github.com/benbalter/jekyll-auth/issues?q=is%3Aopen+is%3Aissue+label%3A%22help+wanted%22)."

data/.github/no-response.yml

@@ -0,0 +1,13 @@
+# Configuration for probot-no-response - https://github.com/probot/no-response
+
+# Number of days of inactivity before an Issue is closed for lack of response
+daysUntilClose: 14
+# Label requiring a response
+responseRequiredLabel: more-information-needed
+# Comment to post when closing an Issue for lack of response. Set to `false` to disable
+closeComment: >
+  This issue has been automatically closed because there has been no response
+  to our request for more information from the original author. With only the
+  information that is currently in the issue, we don't have enough information
+  to take action. Please reach out if you have or find the answers we need so
+  that we can investigate further.

data/.github/settings.yml

@@ -0,0 +1,31 @@
+# Repository settings set via https://github.com/probot/settings
+
+repository:
+  has_issues: true
+  has_wiki: false
+  has_projects: false
+  has_downloads: false
+
+labels:
+  - name: help wanted
+    oldname: help-wanted
+    color: 0e8a16
+  - name: more-information-needed
+    color: d93f0b
+  - name: bug
+    color: b60205
+  - name: feature
+    color: 1d76db
+  - name: good first issue
+    color: "5319e7"
+
+# Not currently implemented by probot/settings, but manually implemented in script/deploy
+branch_protection:
+  restrictions: null
+  enforce_admins: false
+  required_status_checks:
+    strict: true
+    contexts:
+      - "continuous-integration/travis-ci"
+  required_pull_request_reviews:
+    require_code_owner_reviews: true

data/.github/stale.yml

@@ -0,0 +1,27 @@
+# Configuration for probot-stale - https://github.com/probot/stale
+
+# Number of days of inactivity before an Issue or Pull Request becomes stale
+daysUntilStale: 60
+
+# Number of days of inactivity before a stale Issue or Pull Request is closed
+daysUntilClose: 7
+
+# Issues or Pull Requests with these labels will never be considered stale
+exemptLabels:
+  - pinned
+  - security
+
+# Label to use when marking as stale
+staleLabel: wontfix
+
+# Comment to post when marking as stale. Set to `false` to disable
+markComment: >
+  This issue has been automatically marked as stale because it has not had
+  recent activity. It will be closed if no further activity occurs. Thank you
+  for your contributions.
+
+# Comment to post when closing a stale Issue or Pull Request. Set to `false` to disable
+closeComment: false
+
+# Limit to only `issues` or `pulls`
+# only: issues

data/.rubocop.yml

@@ -12,9 +12,16 @@ Metrics/LineLength:
 
 Style/FileName:
   Enabled: false
-  
+
 Metrics/BlockLength:
   Enabled: false
 
 Style/DoubleNegation:
   Enabled: false
+
+AllCops:
+  Exclude:
+    - vendor/**/*
+
+Jekyll/NoPutsAllowed:
+  Enabled: false

data/Gemfile

@@ -1,3 +1,5 @@
-source 'https://rubygems.org'
+# frozen_string_literal: true
+
+source "https://rubygems.org"
 
 gemspec

data/Rakefile

@@ -1,20 +1,22 @@
-require 'rubygems/package_task'
-require 'rubygems/specification'
-require 'bundler'
-require 'fileutils'
-require 'dotenv'
+# frozen_string_literal: true
 
-task default: [:spec]
+require "rubygems/package_task"
+require "rubygems/specification"
+require "bundler"
+require "fileutils"
+require "dotenv"
+
+task :default => [:spec]
 
 task :site do
   Dotenv.load
-  FileUtils.chdir 'templates'
+  FileUtils.chdir "templates"
   `bundle exec jekyll-auth`
 end
 
-require 'rspec/core/rake_task'
-desc 'Run specs'
+require "rspec/core/rake_task"
+desc "Run specs"
 RSpec::Core::RakeTask.new do |t|
-  t.pattern = 'spec/**/*_spec.rb'
-  t.rspec_opts = ['--order', 'rand', '--color']
+  t.pattern = "spec/**/*_spec.rb"
+  t.rspec_opts = ["--order", "rand", "--color"]
 end

data/bin/jekyll-auth

@@ -1,4 +1,6 @@
 #!/usr/bin/env ruby
+# frozen_string_literal: true
+
 # Command-line interface for jekyll-auth
 
 require "mercenary"
@@ -105,7 +107,7 @@ Mercenary.program("jekyll-auth") do |p|
     c.option "org_name", "--org_name", "An organization to authenticate against"
     c.action do |_args, options|
       if find_executable("heroku").nil?
-        say "Looks like we're missing the Heroku client. Let's see if we can't install it..."
+        puts "Looks like we're missing the Heroku client. Let's see if we can't install it..."
         JekyllAuth::Commands.execute_command "wget", "-qO-", "https://toolbelt.heroku.com/install.sh", "|", "sh"
       end
 

data/docs/CODE_OF_CONDUCT.md

@@ -0,0 +1,46 @@
+# Contributor Covenant Code of Conduct
+
+## Our Pledge
+
+In the interest of fostering an open and welcoming environment, we as contributors and maintainers pledge to making participation in our project and our community a harassment-free experience for everyone, regardless of age, body size, disability, ethnicity, gender identity and expression, level of experience, nationality, personal appearance, race, religion, or sexual identity and orientation.
+
+## Our Standards
+
+Examples of behavior that contributes to creating a positive environment include:
+
+* Using welcoming and inclusive language
+* Being respectful of differing viewpoints and experiences
+* Gracefully accepting constructive criticism
+* Focusing on what is best for the community
+* Showing empathy towards other community members
+
+Examples of unacceptable behavior by participants include:
+
+* The use of sexualized language or imagery and unwelcome sexual attention or advances
+* Trolling, insulting/derogatory comments, and personal or political attacks
+* Public or private harassment
+* Publishing others' private information, such as a physical or electronic address, without explicit permission
+* Other conduct which could reasonably be considered inappropriate in a professional setting
+
+## Our Responsibilities
+
+Project maintainers are responsible for clarifying the standards of acceptable behavior and are expected to take appropriate and fair corrective action in response to any instances of unacceptable behavior.
+
+Project maintainers have the right and responsibility to remove, edit, or reject comments, commits, code, wiki edits, issues, and other contributions that are not aligned to this Code of Conduct, or to ban temporarily or permanently any contributor for other behaviors that they deem inappropriate, threatening, offensive, or harmful.
+
+## Scope
+
+This Code of Conduct applies both within project spaces and in public spaces when an individual is representing the project or its community. Examples of representing a project or community include using an official project e-mail address, posting via an official social media account, or acting as an appointed representative at an online or offline event. Representation of a project may be further defined and clarified by project maintainers.
+
+## Enforcement
+
+Instances of abusive, harassing, or otherwise unacceptable behavior may be reported by contacting the project team at ben@balter.com. The project team will review and investigate all complaints, and will respond in a way that it deems appropriate to the circumstances. The project team is obligated to maintain confidentiality with regard to the reporter of an incident. Further details of specific enforcement policies may be posted separately.
+
+Project maintainers who do not follow or enforce the Code of Conduct in good faith may face temporary or permanent repercussions as determined by other members of the project's leadership.
+
+## Attribution
+
+This Code of Conduct is adapted from the [Contributor Covenant][homepage], version 1.4, available at [http://contributor-covenant.org/version/1/4][version]
+
+[homepage]: http://contributor-covenant.org
+[version]: http://contributor-covenant.org/version/1/4/

data/docs/CONTRIBUTING.md

@@ -0,0 +1,88 @@
+# Contributing to Jekyll Auth
+
+Hi there! We're thrilled that you'd like to contribute to Jekyll Auth. Your help is essential for keeping it great.
+
+Jekyll Auth is an open source project supported by the efforts of an entire community and built one contribution at a time by users like you. We'd love for you to get involved. Whatever your level of skill or however much time you can give, your contribution is greatly appreciated. There are many ways to contribute, from writing tutorials or blog posts, improving the documentation, submitting bug reports and feature requests, helping other users by commenting on issues, or writing code which can be incorporated into Jekyll Auth itself.
+
+Following these guidelines helps to communicate that you respect the time of the developers managing and developing this open source project. In return, they should reciprocate that respect in addressing your issue, assessing changes, and helping you finalize your pull requests.
+
+## Troubleshooting
+
+Having trouble with Jekyll Auth? Check out [the troubleshooting guidelines](troubleshooting.md) for solutions to common problems.
+
+
+## How to report a bug
+
+Think you found a bug? Please check [the list of open issues](https://github.com/benbalter/jekyll-auth/issues) to see if your bug has already been reported. If it hasn't please [submit a new issue](https://github.com/benbalter/jekyll-auth/issues/new).
+
+Here are a few tips for writing *great* bug reports:
+
+* Describe the specific problem (e.g., "widget doesn't turn clockwise" versus "getting an error")
+* Include the steps to reproduce the bug, what you expected to happen, and what happened instead
+* Check that you are using the latest version of the project and its dependencies
+* Include what version of the project your using, as well as any relevant dependencies
+* Only include one bug per issue. If you have discovered two bugs, please file two issues
+* Include screenshots or screencasts whenever possible
+* Even if you don't know how to fix the bug, including a failing test may help others track it down
+
+**If you find a security vulnerability, do not open an issue. Please email ben@balter.com instead.**
+
+## How to suggest a feature or enhancement
+
+If you find yourself wishing for a feature that doesn't exist in Jekyll Auth, you are probably not alone. There are bound to be others out there with similar needs. Many of the features that Jekyll Auth has today have been added because our users saw the need.
+
+Feature requests are welcome. But take a moment to find out whether your idea fits with the scope and goals of the project. It's up to you to make a strong case to convince the project's developers of the merits of this feature. Please provide as much detail and context as possible, including describing the problem you're trying to solve.
+
+[Open an issue](https://github.com/benbalter/jekyll-auth/issues/new) which describes the feature you would like to see, why you want it, how it should work, etc.
+
+
+
+## Your first contribution
+
+We'd love for you to contribute to the project. Unsure where to begin contributing to Jekyll Auth? You can start by looking through these "good first issue" and "help wanted" issues:
+
+* [Good first issues](https://github.com/benbalter/jekyll-auth/issues?q=is%3Aissue+is%3Aopen+label%3A%22good+first+issue%22) - issues which should only require a few lines of code and a test or two
+* [Help wanted issues](https://github.com/benbalter/jekyll-auth/issues?q=is%3Aissue+is%3Aopen+label%3A%22help+wanted%22) - issues which may be a bit more involved, but are specifically seeking community contributions
+
+*p.s. Feel free to ask for help; everyone is a beginner at first* :smiley_cat:
+
+## How to propose changes
+
+Here's a few general guidelines for proposing changes:
+
+* If you are changing any user-facing functionality, please be sure to update the documentation
+* If you are adding a new behavior or changing an existing behavior, please be sure to update the corresponding test(s)
+* Each pull request should implement **one** feature or bug fix. If you want to add or fix more than one thing, submit more than one pull request
+* Do not commit changes to files that are irrelevant to your feature or bug fix
+* Don't bump the version number in your pull request (it will be bumped prior to release)
+* Write [a good commit message](http://tbaggery.com/2008/04/19/a-note-about-git-commit-messages.html)
+
+At a high level, [the process for proposing changes](https://guides.github.com/introduction/flow/) is:
+
+1. [Fork](https://github.com/benbalter/jekyll-auth/fork) and clone the project
+2. Configure and install the dependencies: `script/bootstrap`
+3. Make sure the tests pass on your machine: `script/cibuild`
+4. Create a descriptively named branch: `git checkout -b my-branch-name`
+5. Make your change, add tests and documentation, and make sure the tests still pass
+6. Push to your fork and [submit a pull request](https://github.com/benbalter/jekyll-auth/compare) describing your change
+7. Pat your self on the back and wait for your pull request to be reviewed and merged
+
+**Interesting in submitting your first Pull Request?** It's easy! You can learn how from this *free* series [How to Contribute to an Open Source Project on GitHub](https://egghead.io/series/how-to-contribute-to-an-open-source-project-on-github)
+
+## Bootstrapping your local development environment
+
+`script/bootstrap`
+
+## Running tests
+
+`script/cibuild`
+
+## Code of conduct
+
+This project is governed by [the Contributor Covenant Code of Conduct](CODE_OF_CONDUCT.md). By participating, you are expected to uphold this code.
+
+## Additional Resources
+
+* [Contributing to Open Source on GitHub](https://guides.github.com/activities/contributing-to-open-source/)
+* [Using Pull Requests](https://help.github.com/articles/using-pull-requests/)
+* [GitHub Help](https://help.github.com)

data/docs/README.md

@@ -0,0 +1,33 @@
+# Jekyll Auth
+
+*A simple way to use GitHub OAuth to serve a protected Jekyll site to your GitHub organization*
+
+[![Gem Version](https://badge.fury.io/rb/jekyll-auth.png)](http://badge.fury.io/rb/jekyll-auth) [![Build Status](https://travis-ci.org/benbalter/jekyll-auth.png?branch=master)](https://travis-ci.org/benbalter/jekyll-auth) [![PRs Welcome](https://img.shields.io/badge/PRs-welcome-brightgreen.svg?style=flat-square)](http://makeapullrequest.com)
+
+## The problem
+
+[Jekyll](http://github.com/mojombo/jekyll) and [GitHub Pages](http://pages.github.com) are awesome, right? Static site, lightning fast, everything versioned in Git. What else could you ask for?
+
+But what if you only want to share that site with a select number of people? Before, you were SOL. Now, simply host the site on a free, [Heroku](http://heroku.com) Dyno, and whenever someone tries to access it, it will Oauth them against GitHub, and make sure they're a member of your Organization. Pretty cool, huh?
+
+## Requirements
+
+1. A GitHub account (one per user)
+2. A GitHub Organization (of which members will have access to the Jekyll site)
+3. A GitHub Application (you can [register one](https://github.com/settings/applications/new) for free)
+4. A Heroku account (you can technically use this elsewhere, but the instructions are for Heroku)
+
+## Under the hood
+
+Every time you push to Heroku, we take advantage of the fact that Heroku automatically runs the `rake assets:precompile` command (normally used for Rails sites) to build our Jekyll site and store it statically, just like GitHub pages would.
+
+Anytime a request comes in for a page, we run it through [Sinatra](http://www.sinatrarb.com/) (using the `_site` folder as the static file folder, just as `public` would be normally), and authenticate it using [sinatra\_auth\_github](https://github.com/atmos/sinatra_auth_github).
+
+If they're in the org, they get the page. Otherwise, all they ever get is [the bouncer](http://octodex.github.com/bouncer/).
+
+## Further reading
+
+* [Configuring](configuring.md)
+* [Getting started](getting-started.md)
+* [Running locally](running-locally.md)
+* [Troubleshooting](troubleshooting.md)

data/docs/_config.yml

@@ -0,0 +1,2 @@
+title: Jekyll Auth
+permalink: pretty

data/docs/configuring.md

@@ -0,0 +1,36 @@
+## Configuration
+
+### Whitelisting
+
+Don't want to require authentication for every part of your site? Fine! Add a whitelist to your Jekyll's **config.yml** file:
+
+```yaml
+jekyll_auth:
+  whitelist:
+    - drafts?
+```
+
+`jekyll_auth.whitelist` takes an array of regular expressions as strings. The default auth behavior checks (and blocks) against root (`/`). Any path defined in the whitelist won't require authentication on your site.
+
+What if you want to go the other way, and unauthenticate the entire site *except* for certain portions? You can define some regex magic for that:
+
+```yaml
+jekyll_auth:
+  whitelist:
+    - "^((?!draft).)*$"
+```
+
+There is also a more [extensive article containing installation instructions for Jekyll-Auth](http://fabian-kostadinov.github.io/2014/11/13/installation-of-jekyll-auth/) and a second one on [how to find your GitHub team ID](http://fabian-kostadinov.github.io/2015/01/16/how-to-find-a-github-team-id/).
+
+### Requiring SSL
+
+If [you've got SSL set up](https://devcenter.heroku.com/articles/ssl-endpoint), simply add the following your your `_config.yml` file to ensure SSL is enforced.
+
+```yaml
+jekyll_auth:
+  ssl: true
+```
+
+### Using a custom 404
+
+Just like GitHub Pages, Jekyll Auth will honor a custom 404 page, if it's generated as `/404.html` in the built site.

data/docs/getting-started.md

@@ -0,0 +1,63 @@
+## Getting Started
+
+### Create a GitHub Application
+
+1. Navigate to [the GitHub app registration page](https://github.com/settings/applications/new)
+2. Give your app a name
+3. Tell GitHub the URL you want the app to eventually live at. If using a free Heroku account, this will be something like <http://my-site.herokuapp.com>
+4. Specify the callback URL; should be like this: <https://my-site.herokuapp.com/auth/github/callback>; note that this is **https**, not http.
+5. Hit Save, but leave the page open, you'll need some of the information in a moment
+
+Remember the 'my-site' part for later on when using `heroku create`. Also, my-site is often called 'app-name' in Heroku documentation.
+
+### Add Jekyll Auth to your site
+
+1. Within your new site repository or orphaned github [branch](https://help.github.com/articles/creating-project-pages-manually/) (the branch could be named anything except 'gh-pages' since this would then be public on GitHub!), add `gem 'jekyll-auth'` to your `Gemfile` or if you don't already have a `Gemfile`, create a file called `Gemfile` in the root of your site's repository with the following content:
+
+   ```ruby
+   source "https://rubygems.org"
+
+   gem 'jekyll-auth'
+   ```
+
+2. `cd` into your project's directory and run `bundle install`. If you get an error using `bundle install`, see Troubleshooting below.
+
+3. Run `bundle exec jekyll-auth new` which will copy the necessary files to set up the server
+
+
+### Setting up hosting with Heroku
+
+#### Automatically
+
+Run `bundle exec jekyll-auth setup --client_id XXX --client_secret XXX --org_name XXX`
+
+(or `--team_id XXX`)
+
+#### Manually
+
+1. You may need to add and commit the files generated by `jekyll-auth new` to Git before continuing
+2. Make sure you have [the Heroku toolbelt](https://toolbelt.heroku.com/) installed
+3. Run `heroku create my-site` from your site's directory; make sure my-site matches what you specified in the GitHub application registration above.
+4. `heroku config:set GITHUB_CLIENT_ID=XXX GITHUB_CLIENT_SECRET=XXX GITHUB_ORG_NAME=XXX` (or `GITHUB_TEAM_ID`)
+5. `git push heroku`, or if you are maintaining the site in an orphaned branch of your GitHub repo (say 'heroku-pages'), do `git push heroku heroku-pages:master`
+6. `heroku open` to open the site in your browser
+
+#### Find the Organization ID (needed to find Team ID)
+
+If you need to find an organization's ID, you can use the following cURL command:
+
+```
+curl https://api.github.com/orgs/{org_name}
+```
+
+#### Finding the Team ID
+
+If you need help finding a team's numeric ID, you can use the `jekyll-auth team_id` command.
+
+For example, to find the team ID for @jekyll/maintainers you'd run the command:
+
+```
+jekyll-auth team_id --org jekyll --team maintainers
+```
+
+You'll want to add a [personal access token](https://github.com/settings/tokens/new) to your `.env` file so that Jekyll-Auth can make the necessary API request, but the command will run you through the process if you do not provide this.