leash_provider 0.0.1 → 0.0.2

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 0c0be375cbb6253ccc5da502a1a99ae947a35374
4
- data.tar.gz: 632504ad3d0dc3cfc9dc572c97821c5b040b8487
3
+ metadata.gz: 719aa56e5c33922ca6caed10ca92a02ae808a864
4
+ data.tar.gz: 50e40b8c38cdb84f49862fb8798b2b95cf994920
5
5
  SHA512:
6
- metadata.gz: 11b1cee0a728b76afe7b9ad1111e3644efda0ee25dde08d6d33ae87766c088ab35e96cad127368fea7d23a81ba04df6e1e1aa2056a4a950df57af3fdead22a9f
7
- data.tar.gz: 8245c45f44f494691f2df264471feee46d72925999e99779af3235f6ea82de0561560af0b10f356817e62c982822d9b48d77157df9a0a8af6e7b5769f2bfdb9f
6
+ metadata.gz: a6f8662caac58d9057afa3d84458e4cc3e1120a5424376c6b2f16b1cbc5ff8f2f84a7100bd665035dd134557c17b667cf1964c8c11525eeb84a99fbed4a9ff70
7
+ data.tar.gz: de659561c9cae229f1d9a7278148699f03578d040a6571140d6eed40f3c44b386d5b8fe8b6606c7194ffda2f9608b53427652886d7e7594f8960c261b27d3c27
@@ -24,15 +24,21 @@ class Leash::Provider::AuthorizeController < Leash::ProviderController
24
24
  access_token = Leash::Provider::AccessToken.assign! @app_name, current_owner
25
25
  end
26
26
 
27
- Rails.logger.info "[Leash::Provider] Authorize ok: response_type=#{@response_type} app_name=#{@app_name} current_owner=#{current_owner} access_token=#{access_token} request_ip=#{request.remote_ip} request_user_agent=#{request.user_agent}"
27
+ Rails.logger.info "[Leash::Provider] Authorize ok: response_type=#{@response_type} app_name=#{@app_name} current_owner=#{current_owner.class.name}##{current_owner.id} access_token=#{access_token} request_ip=#{request.remote_ip} request_user_agent=#{request.user_agent}"
28
28
  redirect_to params[:redirect_uri] + "#access_token=#{URI.encode(access_token)}"
29
29
 
30
30
  when "code"
31
31
  auth_code = Leash::Provider::AuthCode.assign! @app_name, current_owner
32
-
33
- Rails.logger.info "[Leash::Provider] Authorize ok: response_type=#{@response_type} current_owner=#{current_owner} auth_code=#{auth_code} request_ip=#{request.remote_ip} request_user_agent=#{request.user_agent}"
34
- redirect_to params[:redirect_uri] + "?code=#{URI.encode(auth_code)}"
35
32
 
33
+ Rails.logger.info "[Leash::Provider] Authorize ok: response_type=#{@response_type} current_owner=#{current_owner.class.name}##{current_owner.id} auth_code=#{auth_code} request_ip=#{request.remote_ip} request_user_agent=#{request.user_agent}"
34
+
35
+ if params.has_key? :state
36
+ redirect_to params[:redirect_uri] + "?code=#{URI.encode(auth_code)}&state=#{URI.encode(params[:state])}"
37
+
38
+ else
39
+ redirect_to params[:redirect_uri] + "?code=#{URI.encode(auth_code)}"
40
+ end
41
+
36
42
  else
37
43
  fail "Should not be reached"
38
44
  end
@@ -55,7 +61,7 @@ class Leash::Provider::AuthorizeController < Leash::ProviderController
55
61
 
56
62
  when "code"
57
63
  render text: error_code, status: :unprocessable_entity
58
-
64
+
59
65
  else
60
66
  fail "Should not be reached"
61
67
  end
@@ -89,4 +95,4 @@ class Leash::Provider::AuthorizeController < Leash::ProviderController
89
95
  def authenticate_user_by_role!
90
96
  send "authenticate_#{@user_role_underscored}!"
91
97
  end
92
- end
98
+ end
@@ -2,8 +2,6 @@ class Leash::Provider::TokenController < Leash::ProviderController
2
2
  GRANT_TYPES = [ "authorization_code" ].freeze
3
3
 
4
4
  before_action :determine_grant_type!
5
- before_action :determine_client_id!
6
- before_action :determine_client_secret!
7
5
 
8
6
 
9
7
  def token
@@ -11,10 +9,10 @@ class Leash::Provider::TokenController < Leash::ProviderController
11
9
  when "authorization_code"
12
10
  params.require("code")
13
11
 
14
- if Leash::AuthCode.valid?(params[:code])
12
+ if Leash::Provider::AuthCode.valid?(params[:code])
15
13
  access_token = Leash::Provider::AccessToken.assign_from_auth_code! Leash::Provider::AuthCode.find_by_auth_code(params[:code])
16
-
17
- render json: { access_token: access_token }
14
+
15
+ render json: { access_token: access_token, token_type: "bearer" }
18
16
  end
19
17
 
20
18
  else
@@ -28,7 +26,7 @@ class Leash::Provider::TokenController < Leash::ProviderController
28
26
 
29
27
  def callback_with_error(error_code, message)
30
28
  Rails.logger.warn "[Leash::Provider] Token error: #{error_code} (#{message})"
31
-
29
+
32
30
  case @grant_type
33
31
  when "authorization_code"
34
32
  render json: { error: error_code }, status: :unprocessable_entity
@@ -45,4 +43,4 @@ class Leash::Provider::TokenController < Leash::ProviderController
45
43
  callback_with_error "unknown_grant_type", "Unknown grant type of '#{params[:grant_type]}'"
46
44
  end
47
45
  end
48
- end
46
+ end
@@ -0,0 +1,25 @@
1
+ class Leash::Provider::UserInfoController < Leash::ProviderController
2
+ def info
3
+ render text: "missing_authorization_header", status: :unauthorized unless request.headers["Authorization"]
4
+ render text: "missing_authorization_bearer", status: :unauthorized unless request.headers["Authorization"].starts_with? "Bearer "
5
+
6
+ access_token_raw = request.headers["Authorization"].split(" ", 2).last
7
+
8
+ render text: "invalid_access_token", status: :forbidden unless Leash::Provider::AccessToken.valid?(access_token_raw)
9
+
10
+ access_token = Leash::Provider::AccessToken.find_by_access_token(access_token_raw)
11
+ owner = access_token.owner_instance
12
+
13
+ if owner.respond_to? :for_leash_provider
14
+ data = owner.for_leash_provider
15
+ else
16
+ data = owner
17
+ end
18
+
19
+ respond_to do |format|
20
+ format.json do
21
+ render json: data
22
+ end
23
+ end
24
+ end
25
+ end
@@ -1,6 +1,6 @@
1
1
  class Leash::ProviderController < LeashController
2
2
  include Devise::Controllers::Helpers
3
-
3
+
4
4
  CLIENT_ID_REGEXP = /\AAPP\_([A-Z0-9\_]+)\_OAUTH2\_CLIENT\_ID\z/.freeze
5
5
 
6
6
  protected
@@ -36,7 +36,7 @@ class Leash::ProviderController < LeashController
36
36
  unless @redirect_urls.include? params[:redirect_uri]
37
37
  callback_with_error "invalid_redirect_uri", "Redirect URL mismatch (should be '#{@redirect_url}', given '#{params[:redirect_uri]}'"
38
38
  end
39
-
39
+
40
40
  else
41
41
  callback_with_error "unknown_redirect_uri", "Unable to find redirect URL associated with app '#{@app_name}'"
42
42
  end
@@ -50,7 +50,7 @@ class Leash::ProviderController < LeashController
50
50
  if @client_secret
51
51
  unless @client_secret == params[:client_secret]
52
52
  callback_with_error "invalid_secret", "Secret mismatch"
53
- end
53
+ end
54
54
  else
55
55
  callback_with_error "unknown_secret", "Unable to find secret associated with app '#{@app_name}'"
56
56
  end
@@ -60,4 +60,4 @@ class Leash::ProviderController < LeashController
60
60
  def callback_with_error(error_code, message)
61
61
  fail "Please override this method"
62
62
  end
63
- end
63
+ end
@@ -20,7 +20,7 @@ class Leash::Provider::AccessToken < Ohm::Model
20
20
 
21
21
  loop do
22
22
  begin
23
- access_token = SecureRandom.hex(24)
23
+ access_token = SecureRandom.urlsafe_base64(32)
24
24
  timestamp = Time.now.to_i
25
25
  self.create app_name: app_name, owner: owner_key(owner), access_token: access_token, created_at: timestamp, accessed_at: timestamp
26
26
  break
@@ -65,4 +65,16 @@ class Leash::Provider::AccessToken < Ohm::Model
65
65
  owner
66
66
  end
67
67
  end
68
+
69
+
70
+ def owner_instance
71
+ owner_klass, owner_id = owner.split("#", 2)
72
+
73
+ owner_klass.classify.constantize.find(owner_id)
74
+ end
75
+
76
+
77
+ def touch!
78
+ update accessed_at: Time.now.to_i
79
+ end
68
80
  end
@@ -17,11 +17,11 @@ class Leash::Provider::AuthCode < Ohm::Model
17
17
 
18
18
  loop do
19
19
  begin
20
- auth_code = SecureRandom.hex(24)
20
+ auth_code = SecureRandom.urlsafe_base64(32)
21
21
  timestamp = Time.now.to_i
22
- self.create app_name: app_name, owner: owner, auth_code: auth_code, created_at: timestamp
22
+ self.create app_name: app_name, owner: owner_key(owner), auth_code: auth_code, created_at: timestamp
23
23
  break
24
-
24
+
25
25
  rescue Ohm::UniqueIndexViolation => e
26
26
  tries += 1
27
27
 
@@ -41,4 +41,20 @@ class Leash::Provider::AuthCode < Ohm::Model
41
41
  def self.find_by_auth_code(auth_code)
42
42
  self.find(auth_code: auth_code).first
43
43
  end
44
- end
44
+
45
+
46
+ def self.owner_key(owner)
47
+ if owner.is_a? ActiveRecord::Base
48
+ "#{owner.class.name}##{owner.id}"
49
+ else
50
+ owner
51
+ end
52
+ end
53
+
54
+
55
+ def owner_instance
56
+ owner_klass, owner_id = owner.split("#", 2)
57
+
58
+ owner_klass.classify.constantize.find(owner_id)
59
+ end
60
+ end
@@ -8,8 +8,9 @@ Gem::Specification.new do |s|
8
8
  s.authors = ["Marcin Lewandowski"]
9
9
  s.email = ["marcin@saepia.net"]
10
10
  s.homepage = "http://github.com/mspanc/leash-provider"
11
- s.summary = "High-performance OAuth2 provider for a closed set of trusted apps with multiple roles support"
12
- s.description = "Leash allows you to build an OAuth2 provider for closed set of trusted apps. I can support multiple user types and is designed with high load in mind."
11
+ s.summary = "High-performance Ruby on Rails OAuth2 provider for a closed set of trusted apps with multiple user roles."
12
+ s.description = "Leash allows you to build an OAuth2 provider for a closed set of trusted client apps. It can support multiple user roles and is designed to handle high load."
13
+ s.license = "MIT"
13
14
 
14
15
  s.add_dependency "rails", "~> 4.2"
15
16
  s.add_dependency "ohm"
@@ -4,7 +4,7 @@ module Leash
4
4
  module Provider
5
5
  module Generators
6
6
  class InstallGenerator < Rails::Generators::Base
7
- source_root File.expand_path("../../templates", __FILE__)
7
+ source_root File.expand_path("../../../templates", __FILE__)
8
8
 
9
9
  desc "Creates a Leash initializer and route."
10
10
 
@@ -2,10 +2,10 @@ module ActionDispatch::Routing
2
2
  class Mapper
3
3
  def leash_provider
4
4
  scope :oauth do
5
- get "authorize", to: "leash/provider/authorize#authorize", as: "leash_provider_authorize"
6
- post "token", to: "leash/provider/token#token", as: "leash_provider_token"
5
+ get "authorize/:user_role", to: "leash/provider/authorize#authorize", as: "leash_provider_authorize"
6
+ post "token", to: "leash/provider/token#token", as: "leash_provider_token"
7
+ get "user_info", to: "leash/provider/user_info#info", as: "leash_provider_user_info"
7
8
  end
8
9
  end
9
10
  end
10
11
  end
11
-
@@ -1,5 +1,5 @@
1
1
  module Leash
2
2
  module Provider
3
- VERSION = "0.0.1"
3
+ VERSION = "0.0.2"
4
4
  end
5
- end
5
+ end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: leash_provider
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.0.1
4
+ version: 0.0.2
5
5
  platform: ruby
6
6
  authors:
7
7
  - Marcin Lewandowski
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2015-05-14 00:00:00.000000000 Z
11
+ date: 2015-05-21 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: rails
@@ -136,8 +136,8 @@ dependencies:
136
136
  - - "~>"
137
137
  - !ruby/object:Gem::Version
138
138
  version: 0.5.3
139
- description: Leash allows you to build an OAuth2 provider for closed set of trusted
140
- apps. I can support multiple user types and is designed with high load in mind.
139
+ description: Leash allows you to build an OAuth2 provider for a closed set of trusted
140
+ client apps. It can support multiple user roles and is designed to handle high load.
141
141
  email:
142
142
  - marcin@saepia.net
143
143
  executables: []
@@ -153,13 +153,13 @@ files:
153
153
  - Rakefile
154
154
  - app/controllers/leash/provider/authorize_controller.rb
155
155
  - app/controllers/leash/provider/token_controller.rb
156
+ - app/controllers/leash/provider/user_info_controller.rb
156
157
  - app/controllers/leash/provider_controller.rb
157
158
  - app/controllers/leash_controller.rb
158
159
  - app/models/leash/provider/access_token.rb
159
160
  - app/models/leash/provider/auth_code.rb
160
161
  - config.ru
161
162
  - leash_provider.gemspec
162
- - lib/generators/leash/install_generator.rb
163
163
  - lib/generators/leash/provider/install_generator.rb
164
164
  - lib/generators/templates/leash_provider.rb
165
165
  - lib/leash/provider/engine.rb
@@ -177,7 +177,8 @@ files:
177
177
  - spec/internal/public/favicon.ico
178
178
  - spec/spec_helper.rb
179
179
  homepage: http://github.com/mspanc/leash-provider
180
- licenses: []
180
+ licenses:
181
+ - MIT
181
182
  metadata: {}
182
183
  post_install_message:
183
184
  rdoc_options: []
@@ -198,6 +199,6 @@ rubyforge_project:
198
199
  rubygems_version: 2.4.6
199
200
  signing_key:
200
201
  specification_version: 4
201
- summary: High-performance OAuth2 provider for a closed set of trusted apps with multiple
202
- roles support
202
+ summary: High-performance Ruby on Rails OAuth2 provider for a closed set of trusted
203
+ apps with multiple user roles.
203
204
  test_files: []
@@ -1,20 +0,0 @@
1
- require 'rails/generators/base'
2
-
3
- module Leash
4
- module Generators
5
- class InstallGenerator < Rails::Generators::Base
6
- source_root File.expand_path("../../templates", __FILE__)
7
-
8
- desc "Creates a Leash initializer and copy locale files to your application."
9
-
10
- def copy_initializer
11
- template "leash.rb", "config/initializers/leash.rb"
12
- end
13
-
14
-
15
- def add_route
16
- route "leash"
17
- end
18
- end
19
- end
20
- end