nginx_omniauth_adapter 0.1.0 → 0.2.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (9) hide show
  1. checksums.yaml +4 -4
  2. data/README.md +5 -5
  3. data/config.ru +2 -2
  4. data/example/nginx-site.conf +8 -8
  5. data/example/test_backend.rb +3 -3
  6. data/lib/nginx_omniauth_adapter/app.rb +7 -7
  7. data/lib/nginx_omniauth_adapter/version.rb +1 -1
  8. data/nginx_omniauth_adapter.gemspec +1 -1
  9. metadata +3 -3
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: c3908b68bd6b56d6a923bca0dc36763e55645a03
4
- data.tar.gz: 4aaf9ce2fdb95257094210060b44fdb9e533d163
3
+ metadata.gz: da45545a31a51031b94607551c7296f3011c3769
4
+ data.tar.gz: 79f17b771dffb86ff9527b78a7fbbe14d1a71bf1
5
5
  SHA512:
6
- metadata.gz: 2b42a2d07c831778ea2b9c96e17e928cf2c5c0891edac619d89dfa74d27a14a0994469b2d8fb08e1082b3ce648659e9fbfdc7dcffe461679196621717199dc08
7
- data.tar.gz: 366cf4d330531166973f61168e0ccbebf6cbcd7939e5ebc2dd91f87d15aa6cca0ecbca9b18463ce0e44b5b5e27406b6e3c034a889e2ac904dda3185fc9386de8
6
+ metadata.gz: 84be2b3d973d457a98b52ba75498b3dd84557012dd8fc9ddadeb5e2873fd9a80efb146f2177024214eadbaf1524814869f250c5ce972fce3e5bad3f61aad7714
7
+ data.tar.gz: 432c64e9ec6b1953947d6a8ed72e6c4eb019db5cf984cd62de39361c4d594ca7800be2686f25caae168c9b14f5ec24ccf8ae58ff951916ab049129a613687a6d
data/README.md CHANGED
@@ -61,7 +61,7 @@ You can set configuration via environment variables.
61
61
 
62
62
  The following variables are only available on included config.ru:
63
63
 
64
- - `$NGX_OMNIAUTH_SESSION_COOKIE_NAME`: session cookie name (default `ngx_oauth`)
64
+ - `$NGX_OMNIAUTH_SESSION_COOKIE_NAME`: session cookie name (default `ngx_omniauth`)
65
65
  - `$NGX_OMNIAUTH_SESSION_COOKIE_TIMEOUT`: session cookie expiry (default 3 days)
66
66
  - `$NGX_OMNIAUTH_DEV=1` or `$RACK_ENV=development`
67
67
  - enable dev mode (omniauth developer provider)
@@ -100,15 +100,15 @@ run NginxOmniauthAdapter.app(
100
100
  4. _nginx_ handles 401 with `error_page`, so do internal redirection (`/_auth/initiate`)
101
101
  5. _nginx_ handles `/_auth/initiate`. It will be proxied to _adapter app_ `GET /initiate`.
102
102
  - Also _nginx_ passes some information for callback to _adapter app._
103
- - `x-ngx-oauth-initiate-back-to` URL to back after logged in
104
- - `x-ngx-oauth-initiate-callback` URL that proxies to _adapter app_ `/callback`. This must be same domain to _backend app_ for cookie.
103
+ - `x-ngx-omniauth-initiate-back-to` URL to back after logged in
104
+ - `x-ngx-omniauth-initiate-callback` URL that proxies to _adapter app_ `/callback`. This must be same domain to _backend app_ for cookie.
105
105
  6. _adapter app_ `GET /initiate` redirects to `/auth/:provider`.
106
106
  7. _Browser_ do some authenticate in _adapter app_ with Omniauth.
107
- 8. _adapter app's_ omniauth callback sets valid session, then redirects to `/_auth/callback`, where specified at `x-ngx-oauth-initiate-callback`.
107
+ 8. _adapter app's_ omniauth callback sets valid session, then redirects to `/_auth/callback`, where specified at `x-ngx-omniauth-initiate-callback`.
108
108
  - _Adapter app_ gives GET parameter named `session` on redirect. It contains encrypted session.
109
109
  9. _nginx_ handles `/_auth/callback`. It will be proxied to _adapter app_ `/callback`.
110
110
  - This decrypts given encrypted session string and set to cookie.
111
- - Then redirect to `x-ngx-oauth-initiate-back-to`.
111
+ - Then redirect to `x-ngx-omniauth-initiate-back-to`.
112
112
  10. _browser_ backs to URL where attempted to access first, at step 1.
113
113
  11. _nginx_ sends auth subrequest to _backend app_ `/test`.
114
114
  12. _backend app_ `/test` returns 200, because request has valid session cookie.
data/config.ru CHANGED
@@ -31,9 +31,9 @@ allowed_back_to_url = if ENV['NGX_OMNIAUTH_ALLOWED_BACK_TO_URL']
31
31
 
32
32
  use(
33
33
  Rack::Session::Cookie,
34
- key: ENV['NGX_OMNIAUTH_SESSION_COOKIE_NAME'] || 'ngx_oauth',
34
+ key: ENV['NGX_OMNIAUTH_SESSION_COOKIE_NAME'] || 'ngx_omniauth',
35
35
  expire_after: ENV['NGX_OMNIAUTH_SESSION_COOKIE_TIMEOUT'] ? ENV['NGX_OMNIAUTH_SESSION_COOKIE_TIMEOUT'].to_i : (60 * 60 * 24 * 3),
36
- secret: ENV['NGX_OMNIAUTH_SESSION_SECRET'] || 'ngx_oauth_secret_dev',
36
+ secret: ENV['NGX_OMNIAUTH_SESSION_SECRET'] || 'ngx_omniauth_secret_dev',
37
37
  old_secret: ENV['NGX_OMNIAUTH_SESSION_SECRET_OLD'],
38
38
  )
39
39
 
data/example/nginx-site.conf CHANGED
@@ -29,12 +29,12 @@ server {
29
29
  error_page 401 = /_auth/initiate;
30
30
 
31
31
  # Receive user info from adapter
32
- auth_request_set $ngx_oauth_provider $upstream_http_x_ngx_oauth_provider;
33
- auth_request_set $ngx_oauth_user $upstream_http_x_ngx_oauth_user;
34
- auth_request_set $ngx_oauth_info $upstream_http_x_ngx_oauth_info;
35
- proxy_set_header x-ngx-oauth-provider $ngx_oauth_provider;
36
- proxy_set_header x-ngx-oauth-user $ngx_oauth_user;
37
- proxy_set_header x-ngx-oauth-info $ngx_oauth_info;
32
+ auth_request_set $ngx_omniauth_provider $upstream_http_x_ngx_omniauth_provider;
33
+ auth_request_set $ngx_omniauth_user $upstream_http_x_ngx_omniauth_user;
34
+ auth_request_set $ngx_omniauth_info $upstream_http_x_ngx_omniauth_info;
35
+ proxy_set_header x-ngx-omniauth-provider $ngx_omniauth_provider;
36
+ proxy_set_header x-ngx-omniauth-user $ngx_omniauth_user;
37
+ proxy_set_header x-ngx-omniauth-info $ngx_omniauth_info;
38
38
 
39
39
  # pass to backend application as usual as you do.
40
40
  proxy_pass http://app;
@@ -57,8 +57,8 @@ server {
57
57
  proxy_pass_request_body off;
58
58
  proxy_set_header Content-Length "";
59
59
  proxy_set_header Host $http_host;
60
- proxy_set_header x-ngx-oauth-initiate-back-to http://$http_host$request_uri;
61
- proxy_set_header x-ngx-oauth-initiate-callback http://$http_host/_auth/callback;
60
+ proxy_set_header x-ngx-omniauth-initiate-back-to http://$http_host$request_uri;
61
+ proxy_set_header x-ngx-omniauth-initiate-callback http://$http_host/_auth/callback;
62
62
  proxy_pass http://auth_adapter/initiate;
63
63
  }
64
64
 
data/example/test_backend.rb CHANGED
@@ -5,9 +5,9 @@ get '/' do
5
5
  content_type :text
6
6
 
7
7
  {
8
- provider: request.env['HTTP_X_NGX_OAUTH_PROVIDER'],
9
- user: request.env['HTTP_X_NGX_OAUTH_USER'],
10
- info: JSON.parse(request.env['HTTP_X_NGX_OAUTH_INFO'].unpack('m*')[0]),
8
+ provider: request.env['HTTP_X_NGX_OMNIAUTH_PROVIDER'],
9
+ user: request.env['HTTP_X_NGX_OMNIAUTH_USER'],
10
+ info: JSON.parse(request.env['HTTP_X_NGX_OMNIAUTH_INFO'].unpack('m*')[0]),
11
11
  }.to_json
12
12
  end
13
13
 
data/lib/nginx_omniauth_adapter/app.rb CHANGED
@@ -6,7 +6,7 @@ require 'json'
6
6
 
7
7
  module NginxOmniauthAdapter
8
8
  class App < Sinatra::Base
9
- CONTEXT_RACK_ENV_NAME = 'nginx-oauth2-adapter'.freeze
9
+ CONTEXT_RACK_ENV_NAME = 'nginx-omniauth-adapter'.freeze
10
10
  SESSION_PASS_CIPHER_ALGORITHM = 'aes-256-gcm'.freeze
11
11
 
12
12
  set :root, File.expand_path(File.join(__dir__, '..', '..', 'app'))
@@ -224,9 +224,9 @@ module NginxOmniauthAdapter
224
224
  end
225
225
 
226
226
  headers(
227
- 'x-ngx-oauth-provider' => current_user[:provider],
228
- 'x-ngx-oauth-user' => current_user[:uid],
229
- 'x-ngx-oauth-info' => [current_user[:info].to_json].pack('m*'),
227
+ 'x-ngx-omniauth-provider' => current_user[:provider],
228
+ 'x-ngx-omniauth-user' => current_user[:uid],
229
+ 'x-ngx-omniauth-info' => [current_user[:info].to_json].pack('m*'),
230
230
  )
231
231
 
232
232
  content_type :text
@@ -234,11 +234,11 @@ module NginxOmniauthAdapter
234
234
  end
235
235
 
236
236
  get '/initiate' do
237
- back_to = URI.encode_www_form_component(request.env['HTTP_X_NGX_OAUTH_INITIATE_BACK_TO'])
238
- callback = URI.encode_www_form_component(request.env['HTTP_X_NGX_OAUTH_INITIATE_CALLBACK'])
237
+ back_to = URI.encode_www_form_component(request.env['HTTP_X_NGX_OMNIAUTH_INITIATE_BACK_TO'])
238
+ callback = URI.encode_www_form_component(request.env['HTTP_X_NGX_OMNIAUTH_INITIATE_CALLBACK'])
239
239
 
240
240
  if back_to == '' || callback == '' || back_to.nil? || callback.nil?
241
- halt 400, {'Content-Type' => 'text/plain'}, 'x-ngx-oauth-initiate-back-to and x-ngx-oauth-initiate-callback header are required'
241
+ halt 400, {'Content-Type' => 'text/plain'}, 'x-ngx-omniauth-initiate-back-to and x-ngx-omniauth-initiate-callback header are required'
242
242
  end
243
243
 
244
244
  redirect "#{adapter_host}/auth?back_to=#{back_to}&callback=#{callback}"
data/lib/nginx_omniauth_adapter/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module NginxOmniauthAdapter
2
- VERSION = "0.1.0"
2
+ VERSION = "0.2.0"
3
3
  end
data/nginx_omniauth_adapter.gemspec CHANGED
@@ -9,7 +9,7 @@ Gem::Specification.new do |spec|
9
9
  spec.authors = ["Shota Fukumori (sora_h)"]
10
10
  spec.email = ["her@sorah.jp"]
11
11
 
12
- spec.summary = %q{oauth2 adapter for ngx_http_auth_request_module}
12
+ spec.summary = %q{omniauth adapter for ngx_http_auth_request_module}
13
13
  spec.homepage = "https://github.com/sorah/nginx_omniauth_adapter"
14
14
  spec.license = "MIT"
15
15
 
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: nginx_omniauth_adapter
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.0
4
+ version: 0.2.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Shota Fukumori (sora_h)
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2015-09-01 00:00:00.000000000 Z
11
+ date: 2015-09-02 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: sinatra
@@ -157,5 +157,5 @@ rubyforge_project:
157
157
  rubygems_version: 2.5.0
158
158
  signing_key:
159
159
  specification_version: 4
160
- summary: oauth2 adapter for ngx_http_auth_request_module
160
+ summary: omniauth adapter for ngx_http_auth_request_module
161
161
  test_files: []