omniauth-dex-energy 0.1.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: ab01bbe6688b0dbe03fa53e4e219a6fb90ef2cc922c49626b682c4394de9e1a9
+  data.tar.gz: 4b596e91ef5070d7744bd82caa22314234c3020ba7b567a874be35c3bb934b21
+SHA512:
+  metadata.gz: b145dff303792f5ff20aa64c9647951efddd66f9a521f101318ae8d6fcc57337ff88b9d546dce9487e711c25afe2f731bb34d22bbac491255278bfc1c5cd1cbd
+  data.tar.gz: d14725cff0d870f6e47472564d4db35da086240aea94d53b625998d458ff03ce1650acd24e0129663878d54c8445a5930dd29af7b9c4bc6c46940a7c3c494995

data/README.md

@@ -0,0 +1,71 @@
+# omniauth-dex-energy
+
+![CI](https://github.com/greensync/omniauth-dex-energy/workflows/CI/badge.svg)
+
+An OmniAuth strategy to authenticate with deX.
+
+## Table of Contents
+
+- [omniauth-dex-energy](#omniauth-dex-energy)
+  - [Table of Contents](#table-of-contents)
+  - [Installation](#installation)
+  - [Usage](#usage)
+    - [First Steps](#first-steps)
+    - [Sinatra](#sinatra)
+  - [Development](#development)
+  - [Contributing](#contributing)
+  - [License](#license)
+
+## Installation
+
+Add this line to your application's Gemfile:
+
+```ruby
+gem 'omniauth-dex-energy'
+```
+
+And then execute:
+
+    $ bundle install
+
+Or install it yourself as:
+
+    $ gem install omniauth-dex-energy
+
+## Usage
+
+### First Steps
+
+Regardless of your web framework, you will need to provision an OAuth2 Client in the IdP through the [GreenSync Platform Team](mailto:internalplatform@greensync.com.au). You'll be provided with a Client ID and Client Secret that can be used to configure this gem.
+
+Contact the [GreenSync Platform Team].
+
+### Sinatra
+
+See [`examples/sinatra/app.rb`](examples/sinatra/app.rb) for example usage.
+
+To run the example application:
+
+```bash
+export OAUTH2_CLIENT_ID='my-client-id'
+export OAUTH2_CLIENT_SECRET='my-client-secret'
+
+cd examples/sinatra
+bundle install
+bundle exec foreman start
+```
+
+## Development
+
+After checking out the repo, run `bin/setup` to install dependencies. You can also run `bin/console` for an interactive prompt that will allow you to experiment.
+
+To install this gem onto your local machine, run `bundle exec rake install`. To release a new version, update the version number in `version.rb`, and then run `bundle exec rake release`, which will create a git tag for the version, push git commits and tags, and push the `.gem` file to [rubygems.org](https://rubygems.org).
+
+## Contributing
+
+Bug reports and pull requests are welcome on GitHub at https://github.com/greensync/omniauth-dex-energy.
+
+
+## License
+
+The gem is available as open source under the terms of the [MIT License](https://opensource.org/licenses/MIT).

data/bin/console

@@ -0,0 +1,9 @@
+#!/usr/bin/env ruby
+# frozen_string_literal: true
+
+require 'bundler/setup'
+require 'omniauth/strategies/dex_energy'
+
+require 'pry-byebug'
+
+Pry.start

data/bin/publish-gem

@@ -0,0 +1,10 @@
+#!/bin/bash
+
+set -Eeuo pipefail
+
+set -x
+
+version=$(cat $(dirname $0)/../VERSION)
+
+gem build omniauth-dex-energy
+gem push omniauth-dex-energy-${version}.gem

data/bin/setup

@@ -0,0 +1,6 @@
+#!/usr/bin/env bash
+set -euo pipefail
+IFS=$'\n\t'
+set -vx
+
+bundle install

data/examples/sinatra/Gemfile

@@ -0,0 +1,8 @@
+gem 'omniauth-dex-energy'
+gem 'puma'
+gem 'sinatra'
+gem 'slim'
+
+group 'development' do
+  gem 'foreman'
+end

data/examples/sinatra/Gemfile.lock

@@ -0,0 +1,56 @@
+GEM
+  specs:
+    faraday (1.0.0)
+      multipart-post (>= 1.2, < 3)
+    foreman (0.86.0)
+    hashie (3.6.0)
+    jwt (2.2.1)
+    multi_json (1.14.1)
+    multi_xml (0.6.0)
+    multipart-post (2.1.1)
+    mustermann (1.1.0)
+      ruby2_keywords (~> 0.0.1)
+    nio4r (2.5.2)
+    oauth2 (1.4.3)
+      faraday (>= 0.8, < 2.0)
+      jwt (>= 1.0, < 3.0)
+      multi_json (~> 1.3)
+      multi_xml (~> 0.5)
+      rack (>= 1.2, < 3)
+    omniauth (1.9.0)
+      hashie (>= 3.4.6, < 3.7.0)
+      rack (>= 1.6.2, < 3)
+    omniauth-dex-energy (0.1.0)
+      omniauth-oauth2 (~> 1.6.0)
+    omniauth-oauth2 (1.6.0)
+      oauth2 (~> 1.1)
+      omniauth (~> 1.9)
+    puma (4.3.1)
+      nio4r (~> 2.0)
+    rack (2.2.2)
+    rack-protection (2.0.8.1)
+      rack
+    ruby2_keywords (0.0.1)
+    sinatra (2.0.8.1)
+      mustermann (~> 1.0)
+      rack (~> 2.0)
+      rack-protection (= 2.0.8.1)
+      tilt (~> 2.0)
+    slim (4.0.1)
+      temple (>= 0.7.6, < 0.9)
+      tilt (>= 2.0.6, < 2.1)
+    temple (0.8.2)
+    tilt (2.0.10)
+
+PLATFORMS
+  ruby
+
+DEPENDENCIES
+  foreman
+  omniauth-dex-energy
+  puma
+  sinatra
+  slim
+
+BUNDLED WITH
+   2.1.2

data/examples/sinatra/Procfile

@@ -0,0 +1 @@
+web: proc/web

data/examples/sinatra/app.rb

@@ -0,0 +1,37 @@
+# frozen_string_literal: true
+
+require 'omniauth/strategies/dex_energy'
+require 'sinatra'
+require 'slim'
+
+oauth2_client_id = ENV['OAUTH2_CLIENT_ID']
+oauth2_client_secret = ENV['OAUTH2_CLIENT_SECRET']
+
+use Rack::Session::Cookie
+
+use OmniAuth::Builder do
+  provider :dex_energy, oauth2_client_id, oauth2_client_secret
+end
+
+get '/' do
+  @user = session[:user]
+  slim :hello
+end
+
+get '/login' do
+  # Redirect the user to the endpoint provided by OmniAuth.
+  redirect to("/auth/dex_energy?origin=#{URI.encode_www_form_component(request.referrer)}")
+end
+
+get '/auth/dex_energy/callback' do
+  # Handle a completed OAuth2 login flow.
+  logger.warn(request.env['omniauth.auth'].to_h)
+  session[:user] = request.env.fetch('omniauth.auth').uid
+  redirect params.fetch(:origin, '/')
+end
+
+get '/logout' do
+  # Log the user out of their session in the app - but not in the Identity Provider.
+  session.delete(:user)
+  redirect request.referrer
+end

data/examples/sinatra/config.ru

@@ -0,0 +1,3 @@
+require_relative 'app'
+
+run Sinatra::Application

data/examples/sinatra/proc/web

@@ -0,0 +1,4 @@
+#! /bin/bash -eu
+
+cd $(dirname $0)/..
+exec bundle exec puma --port ${PORT:-5000}

data/examples/sinatra/views/hello.slim

@@ -0,0 +1,8 @@
+p Hello, #{@user || 'stranger'}!
+
+ul
+  li
+    - if @user
+      a href="/logout" Log out
+    - else
+      a href="/login" Log in

data/examples/sinatra/views/layout.slim

@@ -0,0 +1,6 @@
+doctype html
+html
+  head
+    title deX Auth Test Sinatra App
+  body
+    == yield

data/lib/omniauth/strategies/dex_energy.rb

@@ -0,0 +1,89 @@
+# frozen_string_literal: true
+
+require 'jwt'
+require 'omniauth-oauth2'
+
+module OmniAuth
+  module Strategies
+    class DexEnergy < OmniAuth::Strategies::OAuth2
+      option :name, 'dex_energy'
+
+      option :client_options, site: 'https://who.dex.energy', auth_scheme: :basic_auth
+
+      uid do
+        raw_info['sub']
+      end
+
+      info do
+        {
+          email: raw_info['email'],
+        }
+      end
+
+      extra do
+        {
+          'raw_info' => raw_info,
+        }
+      end
+
+      private
+
+      def raw_info
+        @raw_info ||= extract_raw_info(access_token)
+      end
+
+      def issuer_url
+        options['client_options']['site']
+      end
+
+      def oidc_well_known
+        if @well_known.nil?
+          uri = URI.parse("#{issuer_url}/.well-known/openid-configuration")
+          response = Net::HTTP.get(uri)
+          @well_known = JSON.parse(response, symbolize_names: true)
+        end
+
+        @well_known
+      end
+
+      def algorithms
+        oidc_well_known[:id_token_signing_alg_values_supported]
+      end
+
+      def jwks
+        jwks_uri = oidc_well_known[:jwks_uri]
+        uri = URI.parse(jwks_uri)
+        response = Net::HTTP.get(uri)
+        JSON.parse(response, symbolize_names: true)
+      end
+
+      def jwk_loader
+        lambda do |options|
+          if @cached_keys.nil? || options[:invalidate]
+            # we need to load the keys
+            @cached_keys = jwks
+          end
+
+          @cached_keys
+        end
+      end
+
+      def extract_raw_info(access_token)
+        id_token = access_token.params.fetch('id_token')
+
+        decoded = JWT.decode(id_token, nil, true,
+                             algorithms: algorithms,
+                             jwks: jwk_loader,
+                             verify_aud: true,
+                             verify_expiration: true,
+                             verify_iat: true,
+                             verify_iss: true,
+                             verify_jti: true,
+                             verify_not_before: true,
+                             verify_sub: true)
+
+        decoded.first
+      end
+    end
+  end
+end

data/omniauth-dex-energy.gemspec

@@ -0,0 +1,39 @@
+# frozen_string_literal: true
+
+Gem::Specification.new do |spec|
+  spec.name          = 'omniauth-dex-energy'
+  spec.version       = File.read('VERSION').strip
+  spec.authors       = ['Cera Davies', 'Nick Burgin', 'Mike Williams']
+  spec.email         = [
+    'internalplatform@greensync.com.au',
+  ]
+
+  spec.summary       = 'an OmniAuth strategy for authenticating with deX'
+  spec.description   = 'an OmniAuth strategy for authenticating with deX'
+  spec.homepage      = 'https://github.com/greensync/omniauth-dex-energy'
+  spec.license       = 'MIT'
+
+  spec.files         = Dir.chdir(File.expand_path(__dir__)) do
+    Dir.glob('{bin,doc,examples,lib}/**/*') + %w[
+      README.md omniauth-dex-energy.gemspec
+    ]
+  end
+
+  spec.bindir        = 'exe'
+  spec.executables   = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
+  spec.require_paths = ['lib']
+
+  spec.metadata['homepage_uri'] = spec.homepage
+  spec.metadata['source_code_uri'] = spec.homepage
+  spec.metadata['changelog_uri'] = "#{spec.homepage}/releases"
+
+  spec.add_dependency 'omniauth-oauth2', '~> 1.6'
+
+  spec.add_development_dependency 'bundler', '~> 2.0'
+  spec.add_development_dependency 'pry-byebug', '~> 3.8.0'
+  spec.add_development_dependency 'rack', '~> 1.6.0'
+  spec.add_development_dependency 'rake', '~> 12.0'
+  spec.add_development_dependency 'rspec', '~> 3.0'
+  spec.add_development_dependency 'rubocop', '~> 0.77'
+  spec.add_development_dependency 'rubocop-rspec', '~> 1.37.0'
+end

metadata

@@ -0,0 +1,174 @@
+--- !ruby/object:Gem::Specification
+name: omniauth-dex-energy
+version: !ruby/object:Gem::Version
+  version: 0.1.0
+platform: ruby
+authors:
+- Cera Davies
+- Nick Burgin
+- Mike Williams
+autorequire: 
+bindir: exe
+cert_chain: []
+date: 2020-02-28 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: omniauth-oauth2
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.6'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.6'
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.0'
+- !ruby/object:Gem::Dependency
+  name: pry-byebug
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 3.8.0
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 3.8.0
+- !ruby/object:Gem::Dependency
+  name: rack
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 1.6.0
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 1.6.0
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '12.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '12.0'
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.0'
+- !ruby/object:Gem::Dependency
+  name: rubocop
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.77'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.77'
+- !ruby/object:Gem::Dependency
+  name: rubocop-rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 1.37.0
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 1.37.0
+description: an OmniAuth strategy for authenticating with deX
+email:
+- internalplatform@greensync.com.au
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- README.md
+- bin/console
+- bin/publish-gem
+- bin/setup
+- examples/sinatra/Gemfile
+- examples/sinatra/Gemfile.lock
+- examples/sinatra/Procfile
+- examples/sinatra/app.rb
+- examples/sinatra/config.ru
+- examples/sinatra/proc/web
+- examples/sinatra/views/hello.slim
+- examples/sinatra/views/layout.slim
+- lib/omniauth/strategies/dex_energy.rb
+- omniauth-dex-energy.gemspec
+homepage: https://github.com/greensync/omniauth-dex-energy
+licenses:
+- MIT
+metadata:
+  homepage_uri: https://github.com/greensync/omniauth-dex-energy
+  source_code_uri: https://github.com/greensync/omniauth-dex-energy
+  changelog_uri: https://github.com/greensync/omniauth-dex-energy/releases
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubygems_version: 3.0.3
+signing_key: 
+specification_version: 4
+summary: an OmniAuth strategy for authenticating with deX
+test_files: []