oauth-bwergemn 1.0.1

data/lib/oauth_bwergemn/auth_strategies/hub.rb

@@ -0,0 +1,45 @@
+# frozen_string_literal: true
+
+module OauthBwergemn
+  module AuthStrategies
+    class Hub < OauthBwergemn::BaseStrategy
+      def optional_endpoint?
+        has_authorizations? && !!optional_oauth2
+      end
+
+      def endpoint_protected?
+        has_authorizations? && !!authorization_type_oauth2
+      end
+
+      def has_auth_scopes?
+        endpoint_protected? && !authorization_type_oauth2.empty?
+      end
+
+      def auth_scopes
+        if optional_endpoint?
+          optional_oauth2.map { |s| s.is_a?(String) || s.is_a?(Symbol) ? s.to_sym : s }
+        else
+          authorization_type_oauth2.map { |s| s.is_a?(String) || s.is_a?(Symbol) ? s.to_sym : s }
+        end
+      end
+
+      private
+
+      def has_authorizations?
+        !!endpoint_authorizations
+      end
+
+      def endpoint_authorizations
+        api_context.options[:route_options][:auth][:scopes]
+      end
+
+      def authorization_type_oauth2
+        endpoint_authorizations
+      end
+
+      def optional_oauth2
+        endpoint_authorizations
+      end
+    end
+  end
+end

data/lib/oauth_bwergemn/base_strategy.rb

@@ -0,0 +1,7 @@
+# frozen_string_literal: true
+
+module OauthBwergemn
+  class BaseStrategy
+    attr_accessor :api_context
+  end
+end

data/lib/oauth_bwergemn/configuration.rb

@@ -0,0 +1,29 @@
+# frozen_string_literal: true
+
+module OauthBwergemn
+  module Configuration
+    def setup
+      yield self
+    end
+
+    def define_setting(name, default = nil)
+      class_variable_set("@@#{name}", default)
+
+      define_class_method "#{name}=" do |value|
+        class_variable_set("@@#{name}", value)
+      end
+
+      define_class_method name do
+        class_variable_get("@@#{name}")
+      end
+    end
+
+    private
+
+    def define_class_method(name, &block)
+      (class << self; self; end).instance_eval do
+        define_method name, &block
+      end
+    end
+  end
+end

data/lib/oauth_bwergemn/errors/invalid_scope.rb

@@ -0,0 +1,11 @@
+# frozen_string_literal: true
+
+module OauthBwergemn
+  module Errors
+    class InvalidScope < StandardError
+      def initialize msg = 'Invalid scope'
+        super
+      end
+    end
+  end
+end

data/lib/oauth_bwergemn/errors/invalid_token.rb

@@ -0,0 +1,11 @@
+# frozen_string_literal: true
+
+module OauthBwergemn
+  module Errors
+    class InvalidToken < StandardError
+      def initialize msg = 'Invalid token'
+        super
+      end
+    end
+  end
+end

data/lib/oauth_bwergemn/extension.rb

@@ -0,0 +1,28 @@
+# frozen_string_literal: true
+
+module OauthBwergemn
+  module Extension
+    def oauth2(*scopes)
+      description = if respond_to?(:route_setting) # >= grape-0.10.0
+        route_setting(:description) || route_setting(:description, {})
+      else
+        @last_description ||= {}
+      end
+
+      description[:auth] = { scopes: scopes }
+      description[:authorizations] = { oauth2: scopes.map { |x| { scope: x } } }
+    end
+
+    def optional_oauth2(*scopes)
+      description = if respond_to?(:route_setting) # >= grape-0.10.0
+        route_setting(:description) || route_setting(:description, {})
+      else
+        @last_description ||= {}
+      end
+
+      description[:authorizations] = { optional_oauth2: scopes.map { |x| { scope: x } } }
+    end
+
+    Grape::API.extend self
+  end
+end

data/lib/oauth_bwergemn/helpers.rb

@@ -0,0 +1,6 @@
+# frozen_string_literal: true
+
+module OauthBwergemn
+  module Helpers
+  end
+end

data/lib/oauth_bwergemn/oauth2.rb

@@ -0,0 +1,125 @@
+# frozen_string_literal: true
+
+require 'rack/auth/abstract/request'
+
+module OauthBwergemn
+  class Oauth2 < Grape::Middleware::Base
+    attr_reader :auth_strategy
+
+    def context
+      env['api.endpoint']
+    end
+
+    def the_request=(env)
+      @_the_request = ActionDispatch::Request.new(env)
+    end
+
+    def request
+      @_the_request
+    end
+
+    def token
+      token = if request.headers['Authorization'].present?
+        if request.headers['Authorization'].include?('bearer')
+          request.headers['Authorization'].try('split', 'bearer').try(:last).try(:strip)
+        elsif request.headers['Authorization'].include?('Bearer')
+          request.headers['Authorization'].try('split', 'Bearer').try(:last).try(:strip)
+        else
+          request.headers['Authorization']
+        end
+      else
+        request.parameters['access_token']
+      end
+      token
+    end
+
+    ############
+    # Authorization control.
+    ############
+
+    def endpoint_protected?
+      auth_strategy.endpoint_protected?
+    end
+
+    def optional_endpoint?
+      auth_strategy.optional_endpoint?
+    end
+
+    def args
+      results = {}
+      auth_strategy.auth_scopes.map { |s| (results = results.merge(s)) if s.is_a?(Hash) }
+      results
+    end
+
+    def scopes
+      results = []
+      auth_strategy.auth_scopes.map { |s| (results << s) unless s.is_a?(Hash) }
+      results
+    end
+
+    def authorize!
+      access = Doorkeeper::AccessToken.find_by(token: token)
+      unless access.present?
+        raise OauthBwergemn::Errors::InvalidToken
+      end
+      resource = begin
+                   # rubocop:disable Security/Eval
+                   eval(OauthBwergemn.resources[args[:as].to_sym]).find_by(id: access.resource_owner_id)
+                 # rubocop:enable Security/Eval
+                 rescue
+                   nil
+                 end
+      {
+        resource_owner:      resource,
+        resource_credential: {
+          access_token:  access.token,
+          scopes:        scopes,
+          token_type:    'bearer',
+          expires_in:    access.expires_in,
+          refresh_token: access.refresh_token,
+          created_at:    access.created_at.to_i
+        }
+      }
+    end
+
+    ############
+    # Grape middleware methods
+    ############
+
+    def before
+      set_auth_strategy(OauthBwergemn.auth_strategy)
+      auth_strategy.api_context = context
+      context.extend(OauthBwergemn::AuthMethods)
+
+      context.protected_endpoint = endpoint_protected?
+      context.optional_endpoint  = optional_endpoint?
+
+      return unless context.protected_endpoint? || context.optional_endpoint?
+
+      self.the_request = env
+
+      if token.present? && (context.protected_endpoint? || context.optional_endpoint?)
+        response                     = authorize!
+        context.resource_token       = token
+        context.resource_owner       = begin
+                                         response[:resource_owner]
+                                       rescue
+                                         nil
+                                       end
+        context.resource_credentials = begin
+                                         response[:resource_credentials]
+                                       rescue
+                                         nil
+                                       end
+      elsif token.nil? && context.protected_endpoint?
+        raise OauthBwergemn::Errors::InvalidToken
+      end
+    end
+
+    private
+
+    def set_auth_strategy(strategy)
+      @auth_strategy = OauthBwergemn::AuthStrategies.const_get(strategy.to_s.capitalize.to_s).new
+    end
+  end
+end

data/lib/oauth_bwergemn/version.rb

@@ -0,0 +1,6 @@
+# frozen_string_literal: true
+
+module OauthBwergemn
+  VERSION = '1.0.1'
+  public_constant :VERSION
+end

data/oauth-bwergemn.gemspec

@@ -0,0 +1,42 @@
+# frozen_string_literal: true
+
+lib = File.expand_path('../lib', __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require 'oauth_bwergemn/version'
+
+Gem::Specification.new do |spec|
+  spec.name    = 'oauth-bwergemn'
+  spec.version = OauthBwergemn::VERSION
+  spec.authors = ['Alam Ybs']
+  spec.email   = ['namakukingkong@gmail.com']
+
+  spec.summary     = 'Oauth Bwergemn is a Grape middleware for your API authenticator'
+  spec.description = 'Oauth Bwergemn is a Grape middleware to connect your API resources with your API authenticator.'
+  spec.homepage    = 'https://github.com/namakukingkong/oauth-bwergemn'
+  spec.license     = 'MIT'
+
+  # Prevent pushing this gem to RubyGems.org. To allow pushes either set the 'allowed_push_host'
+  # to allow pushing to a single host or delete this section to allow pushing to any host.
+  if spec.respond_to?(:metadata)
+    spec.metadata['allowed_push_host'] = 'https://rubygems.org/'
+  else
+    raise 'RubyGems 2.0 or newer is required to protect against ' \
+      'public gem pushes.'
+  end
+
+  # Specify which files should be added to the gem when it is released.
+  # The `git ls-files -z` loads the files in the RubyGem that have been added into git.
+  spec.files = Dir.chdir(File.expand_path('..', __FILE__)) do
+    `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(test|spec|features)/}) }
+  end
+  spec.bindir        = 'exe'
+  spec.executables   = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
+  spec.require_paths = ['lib']
+
+  spec.add_development_dependency 'bundler', '~> 2.1.0'
+  spec.add_development_dependency 'rake', '~> 10.0'
+  spec.add_development_dependency 'rspec', '~> 3.7.0'
+  spec.add_development_dependency 'rubocop', '~> 0.79.0'
+  spec.add_development_dependency 'rubocop-performance', '~> 1.5.2'
+  spec.add_dependency 'grape', '~> 1.1.0'
+end

metadata

@@ -0,0 +1,155 @@
+--- !ruby/object:Gem::Specification
+name: oauth-bwergemn
+version: !ruby/object:Gem::Version
+  version: 1.0.1
+platform: ruby
+authors:
+- Alam Ybs
+autorequire: 
+bindir: exe
+cert_chain: []
+date: 2020-01-10 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 2.1.0
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 2.1.0
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '10.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '10.0'
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 3.7.0
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 3.7.0
+- !ruby/object:Gem::Dependency
+  name: rubocop
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.79.0
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.79.0
+- !ruby/object:Gem::Dependency
+  name: rubocop-performance
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 1.5.2
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 1.5.2
+- !ruby/object:Gem::Dependency
+  name: grape
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 1.1.0
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 1.1.0
+description: Oauth Bwergemn is a Grape middleware to connect your API resources with
+  your API authenticator.
+email:
+- namakukingkong@gmail.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- ".gitignore"
+- ".rspec"
+- ".rubocop.yml"
+- ".travis.yml"
+- CODE_OF_CONDUCT.md
+- Gemfile
+- Gemfile.lock
+- LICENSE.txt
+- README.md
+- Rakefile
+- bin/console
+- bin/setup
+- lib/generators/oauth_bwergemn/install_generator.rb
+- lib/generators/templates/initializer.rb
+- lib/oauth-bwergemn.rb
+- lib/oauth_bwergemn/auth_methods/auth_methods.rb
+- lib/oauth_bwergemn/auth_strategies/hub.rb
+- lib/oauth_bwergemn/base_strategy.rb
+- lib/oauth_bwergemn/configuration.rb
+- lib/oauth_bwergemn/errors/invalid_scope.rb
+- lib/oauth_bwergemn/errors/invalid_token.rb
+- lib/oauth_bwergemn/extension.rb
+- lib/oauth_bwergemn/helpers.rb
+- lib/oauth_bwergemn/oauth2.rb
+- lib/oauth_bwergemn/version.rb
+- oauth-bwergemn.gemspec
+homepage: https://github.com/namakukingkong/oauth-bwergemn
+licenses:
+- MIT
+metadata:
+  allowed_push_host: https://rubygems.org/
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubygems_version: 3.1.1
+signing_key: 
+specification_version: 4
+summary: Oauth Bwergemn is a Grape middleware for your API authenticator
+test_files: []