oauth_im 0.8.1 → 0.8.2
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +38 -10
- data/lib/oauth_im/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 7c32ade2f9c543728b3946076d1f8cad2566f06f4959c20b7c67613b6c296240
|
4
|
+
data.tar.gz: ad6148ef5c4bed447ee4468ef03825a5802b9df3f3a0dd096bda20f4024b803a
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 4824f3121b1ee2e24c0f706041c0295335a9efd35317442c5e1c857836224b88713ee61d1d1ae0694d01acd8559ef363ad44047393bb2b00128af96a97b60603
|
7
|
+
data.tar.gz: 656cbad5b4111347e5b0f277fcb99d9ac794fc8defccc1d49cb0637d1971d21f900315ab731f6d3eec16b9606f4b2de2902028d8a6bb8ddc13630a74aa261b78
|
data/README.md
CHANGED
@@ -46,22 +46,24 @@ module OauthIm
|
|
46
46
|
config.client_id = ENV['FUSION_AUTH_CLIENT_ID']
|
47
47
|
config.client_secret = ENV['FUSION_AUTH_CLIENT_SECRET']
|
48
48
|
|
49
|
-
|
50
|
-
# 1. Find signing key name on the app details
|
51
|
-
# 2. Look up the key (by name) under Key Master tab under Settings:
|
52
|
-
# https://illustrativemath-dev.fusionauth.io/admin/key/
|
53
|
-
# 3. The key should be either HMAC or RSA.
|
54
|
-
# - If HMAC, view the Secret under Details. You will need to click to reveal.
|
55
|
-
# - If RSA, copy the PEM encoded public key as-is.
|
56
|
-
# Note: You don't need both keys --- TokenDecoder will use the one available.
|
57
|
-
|
49
|
+
####################################################################################
|
50
|
+
# 1. Find signing key name on the app details pane. (See RSA v. HMAC screenshots.) #
|
51
|
+
# 2. Look up the key (by name) under Key Master tab under Settings: #
|
52
|
+
# https://illustrativemath-dev.fusionauth.io/admin/key/ #
|
53
|
+
# 3. The key should be either HMAC or RSA. #
|
54
|
+
# - If HMAC, view the Secret under Details. You will need to click to reveal. #
|
55
|
+
# - If RSA, copy the PEM encoded public key as-is. #
|
56
|
+
# Note: You don't need both keys --- TokenDecoder will use the one available. #
|
57
|
+
####################################################################################
|
58
58
|
config.hmac = ENV['FUSION_AUTH_HMAC']
|
59
59
|
config.rsa_public = ENV['FUSION_AUTH_RSA_PUBLIC]
|
60
60
|
end
|
61
61
|
end
|
62
62
|
```
|
63
63
|
|
64
|
-
|
64
|
+
### Environment
|
65
|
+
|
66
|
+
The `ENV` variable values can be obtained from the OAuth provider.
|
65
67
|
* Here is [an article at FusionAuth](https://fusionauth.io/blog/2020/12/14/how-to-securely-implement-oauth-rails) describing many of these settings.
|
66
68
|
* The `callback_route` setting is used in two related ways:
|
67
69
|
* It [defines a route](https://github.com/illustrativemathematics/oauth_im/blob/main/config/routes.rb#L4) to the [`OAuthIm::ClientController#callback`
|
@@ -75,7 +77,30 @@ end
|
|
75
77
|
must be entered in the OAuth provider's list of authorized
|
76
78
|
redirect URLs.
|
77
79
|
|
80
|
+
### RSA v. HMAC
|
81
|
+
|
82
|
+
To determine the access token signing key, find the name of the key and then look it up
|
83
|
+
on the Settings|Key Master pane. (See screenshots.)
|
84
|
+
|
85
|
+
* Inspect your app settings. The screenshot shows this being done for the app
|
86
|
+
`Kendall Hunt - Terraform`.
|
87
|
+
|
88
|
+
![app settings](./docs/images/fa-app-settings.png?raw=true)
|
89
|
+
|
90
|
+
* Find the name of the token. The screenshot shows this being done for the app
|
91
|
+
`Kendall Hunt - Terraform`. You will need to scroll down the page to the `JWT` section.
|
92
|
+
|
93
|
+
![token name](./docs/images/fa-signing-key-name.png?raw=true)
|
94
|
+
|
95
|
+
* Look up this signing token under Home|Settings|Key Master. The screenshot shows this being done
|
96
|
+
for the signing token `KendallHunt-Terraform (12)`.
|
97
|
+
* For RSA tokens like this one, use the PEM encoded public key as-is.
|
98
|
+
* For HMAC tokens, view the secret under Details (click to reveal).
|
99
|
+
|
100
|
+
![token name](./docs/images/fa-access-token.png?raw=true)
|
101
|
+
|
78
102
|
## Usage
|
103
|
+
|
79
104
|
### Helpers for Logging in and Out
|
80
105
|
The engine provides [two endpoints](https://github.com/illustrativemathematics/oauth_im/blob/main/config/routes.rb#L5-L6) for logging in and out, and exposes
|
81
106
|
corresponding view helpers. These are accessible from the main app as:
|
@@ -154,6 +179,9 @@ After many false starts, this repo includes two (seemingly functional) github wo
|
|
154
179
|
|
155
180
|
## Version History
|
156
181
|
|
182
|
+
### 0.8.2
|
183
|
+
* README
|
184
|
+
|
157
185
|
### 0.8.1
|
158
186
|
* Tightened up test environment helpers.
|
159
187
|
|
data/lib/oauth_im/version.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: oauth_im
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.8.
|
4
|
+
version: 0.8.2
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Eric Connally
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2022-
|
11
|
+
date: 2022-06-08 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: jwt
|