masks 0.3.2 → 0.4.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (71) hide show
  1. checksums.yaml +4 -4
  2. data/app/assets/builds/masks/application.css +1 -1
  3. data/app/assets/builds/masks/application.js +90 -3
  4. data/app/assets/builds/masks/application.js.map +4 -4
  5. data/app/assets/javascripts/controllers/application.js +1 -1
  6. data/app/assets/javascripts/controllers/index.js +9 -0
  7. data/app/assets/javascripts/controllers/table_controller.js +15 -0
  8. data/app/assets/stylesheets/application.css +12 -4
  9. data/app/controllers/concerns/masks/controller.rb +1 -1
  10. data/app/controllers/masks/manage/actors_controller.rb +72 -1
  11. data/app/controllers/masks/manage/base_controller.rb +10 -2
  12. data/app/controllers/masks/manage/clients_controller.rb +84 -0
  13. data/app/controllers/masks/manage/dashboard_controller.rb +15 -0
  14. data/app/controllers/masks/manage/devices_controller.rb +19 -0
  15. data/app/controllers/masks/openid/authorizations_controller.rb +45 -0
  16. data/app/controllers/masks/openid/discoveries_controller.rb +55 -0
  17. data/app/controllers/masks/openid/tokens_controller.rb +45 -0
  18. data/app/controllers/masks/openid/userinfo_controller.rb +28 -0
  19. data/app/controllers/masks/sessions_controller.rb +1 -1
  20. data/app/models/concerns/masks/access.rb +2 -2
  21. data/app/models/masks/access/actor_password.rb +2 -1
  22. data/app/models/masks/access/actor_signup.rb +1 -2
  23. data/app/models/masks/credentials/access_token.rb +60 -0
  24. data/app/models/masks/credentials/key.rb +1 -1
  25. data/app/models/masks/credentials/return_to.rb +27 -0
  26. data/app/models/masks/mask.rb +12 -1
  27. data/app/models/masks/openid/authorization.rb +116 -0
  28. data/app/models/masks/openid/token.rb +56 -0
  29. data/app/models/masks/rails/actor.rb +23 -1
  30. data/app/models/masks/rails/openid/access_token.rb +55 -0
  31. data/app/models/masks/rails/openid/authorization.rb +45 -0
  32. data/app/models/masks/rails/openid/client.rb +186 -0
  33. data/app/models/masks/rails/openid/id_token.rb +43 -0
  34. data/app/models/masks/sessions/access.rb +2 -1
  35. data/app/resources/masks/session_resource.rb +1 -1
  36. data/app/views/layouts/masks/manage.html.erb +22 -5
  37. data/app/views/masks/actor_mailer/recover_credentials.html.erb +2 -3
  38. data/app/views/masks/actor_mailer/verify_email.html.erb +2 -3
  39. data/app/views/masks/actors/current.html.erb +7 -14
  40. data/app/views/masks/application/_header.html.erb +3 -4
  41. data/app/views/masks/backup_codes/new.html.erb +34 -20
  42. data/app/views/masks/emails/new.html.erb +14 -8
  43. data/app/views/masks/keys/new.html.erb +7 -7
  44. data/app/views/masks/manage/actors/index.html.erb +101 -37
  45. data/app/views/masks/manage/{actor → actors}/show.html.erb +63 -17
  46. data/app/views/masks/manage/clients/index.html.erb +102 -0
  47. data/app/views/masks/manage/clients/show.html.erb +156 -0
  48. data/app/views/masks/manage/dashboard/index.html.erb +10 -0
  49. data/app/views/masks/manage/devices/index.html.erb +47 -0
  50. data/app/views/masks/one_time_code/new.html.erb +41 -24
  51. data/app/views/masks/openid/authorizations/error.html.erb +23 -0
  52. data/app/views/masks/openid/authorizations/new.html.erb +46 -0
  53. data/app/views/masks/passwords/edit.html.erb +20 -7
  54. data/app/views/masks/recoveries/new.html.erb +2 -4
  55. data/app/views/masks/recoveries/password.html.erb +2 -3
  56. data/app/views/masks/sessions/new.html.erb +22 -23
  57. data/config/initializers/inflections.rb +5 -0
  58. data/config/locales/en.yml +23 -2
  59. data/config/routes.rb +40 -3
  60. data/db/migrate/20240329182422_support_openid.rb +64 -0
  61. data/lib/generators/masks/install/templates/masks.json +4 -1
  62. data/lib/masks/configuration.rb +22 -9
  63. data/lib/masks/version.rb +1 -1
  64. data/lib/masks.rb +1 -0
  65. data/lib/tasks/masks_tasks.rake +2 -2
  66. data/masks.json +44 -6
  67. metadata +59 -11
  68. data/app/assets/builds/application.css +0 -4764
  69. data/app/assets/builds/application.js +0 -8236
  70. data/app/assets/builds/application.js.map +0 -7
  71. data/app/controllers/masks/manage/actor_controller.rb +0 -35
@@ -41,8 +41,7 @@
41
41
  type="radio"
42
42
  role="tab"
43
43
  class="tab whitespace-nowrap"
44
- aria-label="<%= t('.tab.one_time_code') %>"
45
- />
44
+ aria-label="<%= t('.tab.one_time_code') %>">
46
45
  <div role="tabpanel" class="tab-content p-4 bg-base-100 rounded-b">
47
46
  <p class="flex items-center gap-4 text-sm mb-4">
48
47
  <%= lucide_icon("qr-code") %>
@@ -55,8 +54,7 @@
55
54
  data-session-target="oneTimeCode"
56
55
  placeholder="<%= t('.placeholder.one_time_code') %>"
57
56
  name="session[one_time_code]"
58
- class="input input-bordered w-full"
59
- />
57
+ class="input input-bordered w-full">
60
58
  </label>
61
59
  </div>
62
60
  <% end %>
@@ -67,8 +65,7 @@
67
65
  name="factor2"
68
66
  role="tab"
69
67
  class="tab whitespace-nowrap"
70
- aria-label="<%= t('.tab.backup_code') %>"
71
- />
68
+ aria-label="<%= t('.tab.backup_code') %>">
72
69
  <div role="tabpanel" class="tab-content p-4 bg-base-100 rounded-b">
73
70
  <p class="flex items-center gap-4 text-sm mb-4">
74
71
  <%= lucide_icon("rotate-cw") %>
@@ -81,8 +78,7 @@
81
78
  data-session-target="backupCode"
82
79
  placeholder="<%= t('.placeholder.backup_code') %>"
83
80
  name="session[backup_code]"
84
- class="input input-bordered w-full"
85
- />
81
+ class="input input-bordered w-full">
86
82
  </label>
87
83
  </div>
88
84
  <% end %>
@@ -97,31 +93,34 @@
97
93
  data-session-target="nickname"
98
94
  placeholder="<%= t('.placeholder.nickname') %>"
99
95
  name="session[nickname]"
100
- class="input input-bordered w-full"
101
- />
96
+ class="input input-bordered w-full">
102
97
  </label>
103
- <label class="form-control w-full">
98
+ <label class="form-control input input-bordered w-full flex flex-row items-center gap-2" data-controller="password-visibility">
104
99
  <input
105
100
  type="password"
106
101
  data-action="session#updatePassword"
107
102
  data-session-target="password"
103
+ data-password-visibility-target="input"
104
+ spellcheck="false"
108
105
  placeholder="<%= t('.placeholder.password') %>"
109
106
  name="session[password]"
110
- class="input input-bordered w-full"
111
- />
112
- <% if @config.site_links[:recover] %>
113
- <div class="label">
114
- <span class="label-text-alt opacity-60 hover:opacity-100"><a
115
- class="hover:underline"
116
- href="<%= @config.site_links[:recover] %>"
117
- ><%= t(".recover_credentials") %></a></span>
118
- </div>
119
- <% end %>
107
+ class="flex-grow">
108
+
109
+ <button data-action="password-visibility#toggle" type="button" class="btn btn-sm btn-ghost -mr-2">
110
+ <span data-password-visibility-target="icon"><%= lucide_icon('eye') %></span>
111
+ <span data-password-visibility-target="icon" class="hidden"><%= lucide_icon('eye-off') %></span>
112
+ </button>
120
113
  </label>
114
+ <% if @config.site_links[:recover] %>
115
+ <div class="label">
116
+ <span class="label-text-alt opacity-60 hover:opacity-100"><a
117
+ class="hover:underline"
118
+ href="<%= @config.site_links[:recover] %>"><%= t(".recover_credentials") %></a></span>
119
+ </div>
120
+ <% end %>
121
121
  </div>
122
122
  <% end %>
123
123
 
124
-
125
124
  <% unless logged_in? %>
126
125
  <div class="flex items-center gap-4">
127
126
  <%= form.submit t(".submit"),
@@ -131,7 +130,7 @@
131
130
  } %>
132
131
  <div class="form-control" data-session-target="remember">
133
132
  <label class="label cursor-pointer">
134
- <input type="checkbox" name="session[remember_me]" class="toggle toggle-sm"/>
133
+ <input type="checkbox" name="session[remember_me]" class="toggle toggle-sm">
135
134
  <span class="label-text pl-2"><%= t(".remember_me") %></span>
136
135
  </label>
137
136
  </div>
@@ -0,0 +1,5 @@
1
+ # frozen_string_literal: true
2
+ ActiveSupport::Inflector.inflections(:en) do |inflect|
3
+ inflect.acronym "OpenID"
4
+ inflect.acronym "UserInfo"
5
+ end
@@ -28,6 +28,15 @@
28
28
  # enabled: "ON"
29
29
 
30
30
  en:
31
+ scope:
32
+ openid_name: account
33
+ openid_desc: your account identifier
34
+ profile_name: profile
35
+ profile_desc: your name, email, and other personal details
36
+ phone_name: phone
37
+ phone_desc: your phone number
38
+ address_name: address
39
+ address_desc: your physical address
31
40
  layouts:
32
41
  masks:
33
42
  application:
@@ -109,7 +118,7 @@ en:
109
118
  secret: secret
110
119
  submit: enable
111
120
  delete: disable
112
- delete_div: disable one-time code
121
+ delete_div: disable one-time codes
113
122
  backup_codes: save backup codes...
114
123
  reset_codes: view backup codes...
115
124
  backup_codes:
@@ -242,7 +251,7 @@ en:
242
251
  enter_factor2: enter a secondary credential to continue...
243
252
  enter_credentials: "enter your credentials to continue..."
244
253
  enter_password: "enter your password to continue..."
245
- continue: "press continue to access things..."
254
+ continue: "press continue to authorize..."
246
255
  one_time_code: enter a 6-digit one-time code from your authenticator app...
247
256
  backup_code: enter one of your saved 10-digit backup codes...
248
257
  logged_in: welcome!
@@ -254,6 +263,18 @@ en:
254
263
  password: password...
255
264
  one_time_code: one-time code...
256
265
  backup_code: backup code...
266
+ openid:
267
+ authorizations:
268
+ new:
269
+ authorize_client: "authorize %{name}?"
270
+ authorize_account: "%{name} wants access to your account."
271
+ authorize_scoped: "%{name} wants access to your account and the following data:"
272
+ approve: approve
273
+ deny: deny
274
+ error:
275
+ title: authorization failed
276
+ description: an unrecoverable error occurred during authorization...
277
+ home: go home
257
278
  activerecord:
258
279
  attributes:
259
280
  masks/rails/actor:
data/config/routes.rb CHANGED
@@ -39,8 +39,45 @@ Masks::Engine.routes.draw do
39
39
  get "backup-codes", to: "backup_codes#new", as: :backup_codes
40
40
  post "backup-codes", to: "backup_codes#create"
41
41
 
42
+ # OAuth/OpenID support
43
+ get "client/:id/.well-known/openid-configuration",
44
+ to: "openid/discoveries#new",
45
+ as: :openid_discovery
46
+ get "client/:id/jwks.json", to: "openid/discoveries#jwks", as: :openid_jwks
47
+ get "client/:id",
48
+ to:
49
+ redirect { |params, _|
50
+ "client/#{params[:id]}/.well-known/openid-configuration"
51
+ },
52
+ as: :openid_issuer
53
+ get "authorize", to: "openid/authorizations#new", as: :openid_authorization
54
+ post "authorize", to: "openid/authorizations#create"
55
+ post "token",
56
+ to: proc { |env| Masks::OpenID::Token.new.call(env) },
57
+ as: :openid_token
58
+ match "userinfo",
59
+ to: "openid/userinfo#show",
60
+ via: %i[get post],
61
+ as: :openid_userinfo
62
+
42
63
  # managers-only section
43
- get "actors", to: "manage/actors#index", as: :actors
44
- get "actors/:actor", to: "manage/actor#show", as: :actor
45
- patch "actors/:actor", to: "manage/actor#update"
64
+ namespace :manage do
65
+ get "/", to: "dashboard#index"
66
+
67
+ # manage clients
68
+ get "clients", to: "clients#index", as: :clients
69
+ post "clients", to: "clients#create"
70
+ get "clients/:id", to: "clients#show", as: :client
71
+ patch "clients/:id", to: "clients#update"
72
+ delete "clients/:id", to: "clients#destroy"
73
+
74
+ # manage actors
75
+ get "actors", to: "actors#index", as: :actors
76
+ get "actors/:actor", to: "actors#show", as: :actor
77
+ post "actors", to: "actors#create"
78
+ patch "actors/:actor", to: "actors#update"
79
+
80
+ # manage devices
81
+ get "devices", to: "devices#index", as: :devices
82
+ end
46
83
  end
@@ -0,0 +1,64 @@
1
+ # frozen_string_literal: true
2
+ class SupportOpenID < ActiveRecord::Migration[7.1]
3
+ def change
4
+ create_table :openid_clients do |t|
5
+ t.string :name
6
+ t.string :key
7
+ t.string :secret
8
+ t.string :client_type
9
+ t.text :redirect_uris
10
+ t.text :scopes
11
+ t.boolean :consent
12
+ t.string :subject_type
13
+ t.string :sector_identifier
14
+ t.string :code_expires_in
15
+ t.string :token_expires_in
16
+ t.string :refresh_expires_in
17
+ t.text :rsa_private_key
18
+
19
+ t.timestamps
20
+
21
+ t.index :key, unique: true
22
+ end
23
+
24
+ create_table :openid_authorizations do |t|
25
+ t.string :code
26
+ t.string :nonce
27
+ t.string :redirect_uri
28
+ t.text :scopes
29
+
30
+ t.references :actor
31
+ t.references :openid_client
32
+ t.datetime :expires_at
33
+ t.timestamps
34
+
35
+ t.index :code, unique: true
36
+ end
37
+
38
+ create_table :openid_access_tokens do |t|
39
+ t.string :token
40
+ t.string :refresh_token
41
+ t.string :refreshed_token
42
+ t.text :scopes
43
+
44
+ t.references :actor, null: true
45
+ t.references :openid_client
46
+ t.datetime :expires_at
47
+ t.datetime :revoked_at
48
+ t.timestamps
49
+
50
+ t.index :token, unique: true
51
+ t.index :refresh_token, unique: true
52
+ t.index :refreshed_token, unique: true
53
+ end
54
+
55
+ create_table :openid_id_tokens do |t|
56
+ t.string :nonce
57
+ t.datetime :expires_at
58
+
59
+ t.references :actor
60
+ t.references :openid_client
61
+ t.timestamps
62
+ end
63
+ end
64
+ end
@@ -2,5 +2,8 @@
2
2
  "name": "<%= Rails.application.name %>",
3
3
  "url": "http://localhost:3000",
4
4
  "extend": "masks",
5
- "masks": []
5
+ "masks": [],
6
+ "openid": {
7
+ "pairwise_salt": "<%= SecureRandom.uuid %>"
8
+ }
6
9
  }
@@ -20,6 +20,7 @@ module Masks
20
20
  attribute :site_links
21
21
  attribute :site_logo
22
22
  attribute :lifetimes
23
+ attribute :openid
23
24
  attribute :masks
24
25
  attribute :models
25
26
  attribute :version
@@ -67,6 +68,23 @@ module Masks
67
68
  super || data.fetch(:url, nil)
68
69
  end
69
70
 
71
+ # Returns a string to use as the "issuer" for various secrets—TOTP, JWT, etc.
72
+ # @return [String]
73
+ def openid
74
+ {
75
+ scopes: %w[openid profile email address phone],
76
+ subject_types: %w[nickname email pairwise],
77
+ response_types: %w[code token id_token],
78
+ grant_types: %w[
79
+ client_credentials
80
+ authorization_code
81
+ implicit
82
+ refresh_token
83
+ ],
84
+ pairwise_salt: "masks"
85
+ }.merge(super || data.fetch(:openid, {}))
86
+ end
87
+
70
88
  # A hash of links—urls to various places on the frontend.
71
89
  #
72
90
  # These default to generated rails routes, but can be overridden
@@ -103,14 +121,6 @@ module Masks
103
121
 
104
122
  # A hash of default models the app relies on.
105
123
  #
106
- # The following keys are available:
107
- #
108
- # actor: +Masks::Rails::Actor+
109
- # role: +Masks::Rails::Role+
110
- # scope: +Masks::Rails::Scope+
111
- # email: +Masks::Rails::Email+
112
- # recovery: +Masks::Rails::Recovery+
113
- #
114
124
  # This makes it easy to provide a substitute for key models
115
125
  # while still relying on the base active record implementation.
116
126
  #
@@ -124,6 +134,10 @@ module Masks
124
134
  recovery: "Masks::Rails::Recovery",
125
135
  device: "Masks::Rails::Device",
126
136
  key: "Masks::Rails::Key",
137
+ openid_client: "Masks::Rails::OpenID::Client",
138
+ openid_access_token: "Masks::Rails::OpenID::AccessToken",
139
+ openid_id_token: "Masks::Rails::OpenID::IdToken",
140
+ openid_authorization: "Masks::Rails::OpenID::Authorization",
127
141
  session_json: "Masks::SessionResource",
128
142
  request: "Masks::Sessions::Request",
129
143
  inline: "Masks::Sessions::Inline",
@@ -145,7 +159,6 @@ module Masks
145
159
  def mask(type)
146
160
  config = data.dig(:types, type.to_sym)
147
161
  raise Masks::Error::InvalidConfiguration, type unless config
148
-
149
162
  config
150
163
  end
151
164
 
data/lib/masks/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module Masks
4
- VERSION = Gem::Version.new("0.3.2")
4
+ VERSION = Gem::Version.new("0.4.0")
5
5
  end
data/lib/masks.rb CHANGED
@@ -12,6 +12,7 @@ require "alba"
12
12
  require "pagy"
13
13
  require "device_detector"
14
14
  require "active_model"
15
+ require "chronic_duration"
15
16
 
16
17
  # Top-level module for masks.
17
18
  #
@@ -37,7 +37,7 @@ namespace :masks do
37
37
  exit 1
38
38
  end
39
39
 
40
- scopes = args[:scopes].split(';')
40
+ scopes = args[:scopes].split(";")
41
41
  access = cli_access("actor.scopes", as: args[:actor])
42
42
  access&.assign_scopes(scopes)
43
43
 
@@ -47,7 +47,7 @@ namespace :masks do
47
47
  puts "failed to assign scopes to '#{access.actor.nickname}'"
48
48
  puts "error: #{access.actor.errors.full_messages.join(", ")}"
49
49
  else
50
- puts "assigned scopes '#{scopes.join(', ')}' to '#{access.actor.nickname}'"
50
+ puts "assigned scopes '#{scopes.join(", ")}' to '#{access.actor.nickname}'"
51
51
  end
52
52
  end
53
53
 
data/masks.json CHANGED
@@ -27,10 +27,31 @@
27
27
  "anon": true,
28
28
  "fail": false
29
29
  },
30
+ {
31
+ "type": "access_token",
32
+ "request": {
33
+ "method": ["get", "post"],
34
+ "path": "/userinfo"
35
+ }
36
+ },
37
+ {
38
+ "skip": true,
39
+ "request": {
40
+ "method": "post",
41
+ "path": "/token"
42
+ }
43
+ },
44
+ {
45
+ "skip": true,
46
+ "request": {
47
+ "method": "get",
48
+ "path": "/client/*"
49
+ }
50
+ },
30
51
  {
31
52
  "type": "api",
32
53
  "request": {
33
- "path": ["*"],
54
+ "path": "*",
34
55
  "header": "Authorization"
35
56
  }
36
57
  },
@@ -48,7 +69,8 @@
48
69
  "method": ["get", "delete"],
49
70
  "path": "/session"
50
71
  },
51
- "fail": false
72
+ "fail": false,
73
+ "return_to": false
52
74
  },
53
75
  {
54
76
  "type": "recovery",
@@ -146,10 +168,19 @@
146
168
  {
147
169
  "type": "manage",
148
170
  "request": {
149
- "path": ["/actors", "/actors/*"]
171
+ "path": ["/manage", "/manage/*"]
150
172
  },
173
+ "access": ["actor.password", "actor.signup"],
151
174
  "fail": "/session"
152
175
  },
176
+ {
177
+ "type": "session",
178
+ "request": {
179
+ "method": "get",
180
+ "path": "/authorize"
181
+ },
182
+ "fail": false
183
+ },
153
184
  {
154
185
  "type": "session",
155
186
  "request": {
@@ -235,7 +266,7 @@
235
266
  },
236
267
  "device": {}
237
268
  },
238
- "credentials": ["Session", "Device"]
269
+ "credentials": ["Session", "Device", "ReturnTo"]
239
270
  },
240
271
  "manage": {
241
272
  "checks": {
@@ -251,8 +282,8 @@
251
282
  },
252
283
  "device": {}
253
284
  },
254
- "credentials": ["Session", "Device"],
255
- "scopes": "masks:manager"
285
+ "credentials": ["Session", "Device", "ReturnTo"],
286
+ "scopes": ["masks:manage"]
256
287
  },
257
288
  "recovery": {
258
289
  "checks": {
@@ -260,6 +291,13 @@
260
291
  },
261
292
  "credentials": ["Session", "Recovery", "Device"]
262
293
  },
294
+ "access_token": {
295
+ "checks": {
296
+ "access_token": {},
297
+ "device": {}
298
+ },
299
+ "credentials": ["AccessToken", "Device"]
300
+ },
263
301
  "api": {
264
302
  "checks": {
265
303
  "key": {},
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: masks
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.3.2
4
+ version: 0.4.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - geiger-to
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2024-03-30 00:00:00.000000000 Z
11
+ date: 2024-04-11 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: alba
@@ -38,6 +38,20 @@ dependencies:
38
38
  - - "~>"
39
39
  - !ruby/object:Gem::Version
40
40
  version: '3.1'
41
+ - !ruby/object:Gem::Dependency
42
+ name: chronic_duration
43
+ requirement: !ruby/object:Gem::Requirement
44
+ requirements:
45
+ - - "~>"
46
+ - !ruby/object:Gem::Version
47
+ version: '0.10'
48
+ type: :runtime
49
+ prerelease: false
50
+ version_requirements: !ruby/object:Gem::Requirement
51
+ requirements:
52
+ - - "~>"
53
+ - !ruby/object:Gem::Version
54
+ version: '0.10'
41
55
  - !ruby/object:Gem::Dependency
42
56
  name: cssbundling-rails
43
57
  requirement: !ruby/object:Gem::Requirement
@@ -94,6 +108,20 @@ dependencies:
94
108
  - - "~>"
95
109
  - !ruby/object:Gem::Version
96
110
  version: '1.2'
111
+ - !ruby/object:Gem::Dependency
112
+ name: openid_connect
113
+ requirement: !ruby/object:Gem::Requirement
114
+ requirements:
115
+ - - "~>"
116
+ - !ruby/object:Gem::Version
117
+ version: '2.3'
118
+ type: :runtime
119
+ prerelease: false
120
+ version_requirements: !ruby/object:Gem::Requirement
121
+ requirements:
122
+ - - "~>"
123
+ - !ruby/object:Gem::Version
124
+ version: '2.3'
97
125
  - !ruby/object:Gem::Dependency
98
126
  name: pagy
99
127
  requirement: !ruby/object:Gem::Requirement
@@ -244,16 +272,16 @@ dependencies:
244
272
  name: valid_email
245
273
  requirement: !ruby/object:Gem::Requirement
246
274
  requirements:
247
- - - ">="
275
+ - - "~>"
248
276
  - !ruby/object:Gem::Version
249
- version: '0'
277
+ version: '0.2'
250
278
  type: :runtime
251
279
  prerelease: false
252
280
  version_requirements: !ruby/object:Gem::Requirement
253
281
  requirements:
254
- - - ">="
282
+ - - "~>"
255
283
  - !ruby/object:Gem::Version
256
- version: '0'
284
+ version: '0.2'
257
285
  description: masks is a ruby library and rails engine that adds simple, extensible
258
286
  auth to most applications. DO NOT USE
259
287
  email:
@@ -265,9 +293,6 @@ files:
265
293
  - MIT-LICENSE
266
294
  - README.md
267
295
  - Rakefile
268
- - app/assets/builds/application.css
269
- - app/assets/builds/application.js
270
- - app/assets/builds/application.js.map
271
296
  - app/assets/builds/masks/application.css
272
297
  - app/assets/builds/masks/application.js
273
298
  - app/assets/builds/masks/application.js.map
@@ -280,6 +305,7 @@ files:
280
305
  - app/assets/javascripts/controllers/recover_controller.js
281
306
  - app/assets/javascripts/controllers/recover_password_controller.js
282
307
  - app/assets/javascripts/controllers/session_controller.js
308
+ - app/assets/javascripts/controllers/table_controller.js
283
309
  - app/assets/manifest.js
284
310
  - app/assets/masks_manifest.js
285
311
  - app/assets/stylesheets/application.css
@@ -292,10 +318,16 @@ files:
292
318
  - app/controllers/masks/emails_controller.rb
293
319
  - app/controllers/masks/error_controller.rb
294
320
  - app/controllers/masks/keys_controller.rb
295
- - app/controllers/masks/manage/actor_controller.rb
296
321
  - app/controllers/masks/manage/actors_controller.rb
297
322
  - app/controllers/masks/manage/base_controller.rb
323
+ - app/controllers/masks/manage/clients_controller.rb
324
+ - app/controllers/masks/manage/dashboard_controller.rb
325
+ - app/controllers/masks/manage/devices_controller.rb
298
326
  - app/controllers/masks/one_time_code_controller.rb
327
+ - app/controllers/masks/openid/authorizations_controller.rb
328
+ - app/controllers/masks/openid/discoveries_controller.rb
329
+ - app/controllers/masks/openid/tokens_controller.rb
330
+ - app/controllers/masks/openid/userinfo_controller.rb
299
331
  - app/controllers/masks/passwords_controller.rb
300
332
  - app/controllers/masks/recoveries_controller.rb
301
333
  - app/controllers/masks/sessions_controller.rb
@@ -320,6 +352,7 @@ files:
320
352
  - app/models/masks/application_record.rb
321
353
  - app/models/masks/check.rb
322
354
  - app/models/masks/credential.rb
355
+ - app/models/masks/credentials/access_token.rb
323
356
  - app/models/masks/credentials/backup_code.rb
324
357
  - app/models/masks/credentials/device.rb
325
358
  - app/models/masks/credentials/email.rb
@@ -331,16 +364,23 @@ files:
331
364
  - app/models/masks/credentials/one_time_code.rb
332
365
  - app/models/masks/credentials/password.rb
333
366
  - app/models/masks/credentials/recovery.rb
367
+ - app/models/masks/credentials/return_to.rb
334
368
  - app/models/masks/credentials/session.rb
335
369
  - app/models/masks/device.rb
336
370
  - app/models/masks/error.rb
337
371
  - app/models/masks/event.rb
338
372
  - app/models/masks/mask.rb
373
+ - app/models/masks/openid/authorization.rb
374
+ - app/models/masks/openid/token.rb
339
375
  - app/models/masks/rails/actor.rb
340
376
  - app/models/masks/rails/actor_role.rb
341
377
  - app/models/masks/rails/device.rb
342
378
  - app/models/masks/rails/email.rb
343
379
  - app/models/masks/rails/key.rb
380
+ - app/models/masks/rails/openid/access_token.rb
381
+ - app/models/masks/rails/openid/authorization.rb
382
+ - app/models/masks/rails/openid/client.rb
383
+ - app/models/masks/rails/openid/id_token.rb
344
384
  - app/models/masks/rails/recovery.rb
345
385
  - app/models/masks/rails/role.rb
346
386
  - app/models/masks/rails/scope.rb
@@ -364,17 +404,25 @@ files:
364
404
  - app/views/masks/emails/new.html.erb
365
405
  - app/views/masks/emails/verify.html.erb
366
406
  - app/views/masks/keys/new.html.erb
367
- - app/views/masks/manage/actor/show.html.erb
368
407
  - app/views/masks/manage/actors/index.html.erb
408
+ - app/views/masks/manage/actors/show.html.erb
409
+ - app/views/masks/manage/clients/index.html.erb
410
+ - app/views/masks/manage/clients/show.html.erb
411
+ - app/views/masks/manage/dashboard/index.html.erb
412
+ - app/views/masks/manage/devices/index.html.erb
369
413
  - app/views/masks/one_time_code/new.html.erb
414
+ - app/views/masks/openid/authorizations/error.html.erb
415
+ - app/views/masks/openid/authorizations/new.html.erb
370
416
  - app/views/masks/passwords/edit.html.erb
371
417
  - app/views/masks/recoveries/new.html.erb
372
418
  - app/views/masks/recoveries/password.html.erb
373
419
  - app/views/masks/sessions/new.html.erb
374
420
  - config/brakeman.ignore
421
+ - config/initializers/inflections.rb
375
422
  - config/locales/en.yml
376
423
  - config/routes.rb
377
424
  - db/migrate/20231205173845_create_actors.rb
425
+ - db/migrate/20240329182422_support_openid.rb
378
426
  - lib/generators/masks/install/USAGE
379
427
  - lib/generators/masks/install/install_generator.rb
380
428
  - lib/generators/masks/install/templates/initializer.rb