RubyGems - omniauth-heroku-sso - Versions diffs - 1.0.0 - Mend

omniauth-heroku-sso 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (12) hide show

data/Gemfile +3 -0
data/Gemfile.lock +52 -0
data/Guardfile +5 -0
data/README.md +31 -0
data/Rakefile +8 -0
data/lib/omniauth-heroku-sso.rb +2 -0
data/lib/omniauth-heroku-sso/version.rb +5 -0
data/lib/omniauth/strategies/heroku-sso.rb +55 -0
data/omniauth-heroku-sso.gemspec +27 -0
data/spec/lib/omniauth_heroku_sso_spec.rb +63 -0
data/spec/spec_helper.rb +10 -0
metadata +136 -0

data/Gemfile ADDED

@@ -0,0 +1,3 @@
+source "http://rubygems.org"
+gemspec

data/Gemfile.lock ADDED

@@ -0,0 +1,52 @@
+PATH
+  remote: .
+  specs:
+    omniauth-heroku-sso (1.0.0)
+      omniauth
+GEM
+  remote: http://rubygems.org/
+  specs:
+    coderay (1.0.6)
+    diff-lcs (1.1.3)
+    ffi (1.0.11)
+    guard (1.0.1)
+      ffi (>= 0.5.0)
+      thor (~> 0.14.6)
+    guard-rspec (0.7.0)
+      guard (>= 0.10.0)
+    hashie (1.2.0)
+    method_source (0.7.1)
+    omniauth (1.1.0)
+      hashie (~> 1.2)
+      rack
+    pry (0.9.9.3)
+      coderay (~> 1.0.5)
+      method_source (~> 0.7.1)
+      slop (>= 2.4.4, < 3)
+    rack (1.4.1)
+    rack-test (0.6.1)
+      rack (>= 1.0)
+    rake (0.9.2.2)
+    rspec (2.9.0)
+      rspec-core (~> 2.9.0)
+      rspec-expectations (~> 2.9.0)
+      rspec-mocks (~> 2.9.0)
+    rspec-core (2.9.0)
+    rspec-expectations (2.9.1)
+      diff-lcs (~> 1.1.3)
+    rspec-mocks (2.9.0)
+    slop (2.4.4)
+    thor (0.14.6)
+PLATFORMS
+  ruby
+DEPENDENCIES
+  guard
+  guard-rspec
+  omniauth-heroku-sso!
+  pry
+  rack-test
+  rake
+  rspec

data/Guardfile ADDED

@@ -0,0 +1,5 @@
+guard 'rspec', :version => 2 do
+  watch(%r{^spec/.+_spec\.rb$})
+  watch(%r{^lib/}) { "spec" }
+  watch('spec/spec_helper.rb') { "spec" }
+end

data/README.md ADDED

@@ -0,0 +1,31 @@
+omniauth-heroku-sso
+===================
+`omniauth-heroku-sso` provides an [OmniAuth][omniauth] strategy for Heroku's single-sign-on, which is part of the [Heroku Provider Program][heroku_provider].
+Usage
+-----
+Add it to your Gemfile:
+    gem 'omniauth-heroku-sso`
+For use in Rails, add `config/initializers/omniauth.rb`:
+    Rails.application.config.middleware.use OmniAuth::Builder do
+      provider :heroku_sso, "HEROKU_SALT"
+    end
+Or, for Sinatra:
+    use OmniAuth::Builder do
+      provider :heroku_sso, "HEROKU_SALT"
+    end
+    post "/auth/heroku_sso/callback" do
+      auth = request.env['omniauth.auth]
+      # Use the auth info
+    end
+[omniauth]: https://github.com/intridea/omniauth
+[heroku_provider]: https://addons.heroku.com/provider

data/Rakefile ADDED

@@ -0,0 +1,8 @@
+require "bundler/gem_tasks"
+require 'rspec/core/rake_task'
+desc 'Default: run specs.'
+task :default => :spec
+desc "Run specs"
+RSpec::Core::RakeTask.new

data/lib/omniauth-heroku-sso.rb ADDED

	@@ -0,0 +1,2 @@
1	+ require 'omniauth-heroku-sso/version'
2	+ require 'omniauth/strategies/heroku-sso'

data/lib/omniauth-heroku-sso/version.rb ADDED

@@ -0,0 +1,5 @@
+module OmniAuth
+  module HerokuSSO
+    VERSION = '1.0.0'
+  end
+end

data/lib/omniauth/strategies/heroku-sso.rb ADDED

@@ -0,0 +1,55 @@
+require 'omniauth'
+require 'digest/sha1'
+module OmniAuth
+  module Strategies
+    class HerokuSSO
+      include OmniAuth::Strategy
+      args [:salt]
+      option :name, 'heroku_sso'
+      option :salt, nil
+      option :heroku_url, "https://api.heroku.com/myapps"
+      def request_phase
+        response = Rack::Response.new
+        response.redirect( options.heroku_url )
+        response.finish
+      end
+      def callback_phase
+        resource_id = request.params['id']
+        provided_token = request.params['token']
+        timestamp = request.params['timestamp'].to_i
+        return fail!( :session_expired ) unless current?( timestamp )
+        return fail!( :invalid_credentials ) unless token_matches?( provided_token, resource_id, timestamp )
+        super
+      end
+      uid do
+        request.params['email']
+      end
+      info do
+        {
+          resource_id: request.params['id']
+        }
+      end
+      protected
+      def current?( timestamp )
+        timestamp > (Time.now - 2*60).to_i
+      end
+      def token_matches?( token, resource_id, timestamp )
+        token_verify = Digest::SHA1.hexdigest( "#{resource_id}:#{options.salt}:#{timestamp}" ).to_s
+        token == token_verify
+      end
+    end
+  end
+end
+OmniAuth.config.add_camelization 'heroku_sso', 'HerokuSSO'

data/omniauth-heroku-sso.gemspec ADDED

@@ -0,0 +1,27 @@
+# -*- encoding: utf-8 -*-
+require File.dirname(__FILE__) + '/lib/omniauth-heroku-sso/version'
+Gem::Specification.new do |s|
+  s.name        = "omniauth-heroku-sso"
+  s.version     = OmniAuth::HerokuSSO::VERSION
+  s.authors     = ["Tyson Tate"]
+  s.email       = ["tyson@tysontate.com"]
+  s.homepage    = "http://github.com/stvp/omniauth-heroku-sso"
+  s.summary     = "Heroku SSO OmniAuth strategy"
+  s.description = "Provides an OmniAuth strategy for Heroku's single-sign-on functionality for service providers."
+  s.rubyforge_project = "omniauth-heroku-sso"
+  s.files         = `git ls-files`.split("\n")
+  s.test_files    = `git ls-files -- {test,spec,features}/*`.split("\n")
+  s.executables   = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) }
+  s.require_paths = ["lib"]
+  s.add_development_dependency "rspec"
+  s.add_development_dependency "guard"
+  s.add_development_dependency "guard-rspec"
+  s.add_development_dependency "pry"
+  s.add_development_dependency "rake"
+  s.add_development_dependency "rack-test"
+  s.add_runtime_dependency "omniauth"
+end

data/spec/lib/omniauth_heroku_sso_spec.rb ADDED

@@ -0,0 +1,63 @@
+require_relative '../spec_helper'
+describe OmniAuth::Strategies::HerokuSSO do
+  include OmniAuth::Test::StrategyTestCase
+  def strategy
+    [OmniAuth::Strategies::HerokuSSO, 'SALTY']
+  end
+  def auth_hash
+    last_request.env['omniauth.auth']
+  end
+  it 'can be camel-cased' do
+    OmniAuth::Utils.camelize( 'heroku_sso' ).should == 'HerokuSSO'
+  end
+  describe 'request' do
+    it 'redirects to heroku' do
+      get '/auth/heroku_sso'
+      last_response.should be_redirect
+      last_response.headers['Location'].should == 'https://api.heroku.com/myapps'
+    end
+  end
+  describe 'callback' do
+    it 'succeeds with the correct parameters' do
+      post '/auth/heroku_sso/callback', {
+        id: 'omg',
+        token: '6fa76206645479b5cc8ad6371584c1d281dd034b',
+        timestamp: 9999999999,
+        email: "test@user.com"
+      }
+      last_response.body.should == 'true'
+      auth_hash.info.should == { 'resource_id' => 'omg' }
+      auth_hash.uid = 'test@user.com'
+    end
+    it 'fails with an old timestamp' do
+      post '/auth/heroku_sso/callback', {
+        id: 'omg',
+        token: 'ff7c07eff889491317b120e0f778c88f80a93f59',
+        timestamp: 1,
+        email: "test@user.com"
+      }
+      last_response.should be_redirect
+      last_response.headers['Location'].should == '/auth/failure?message=session_expired&strategy=heroku_sso'
+      auth_hash.should be_nil
+    end
+    it 'fails with an incorrect token' do
+      post '/auth/heroku_sso/callback', {
+        id: 'omg',
+        token: 'l33t',
+        timestamp: 9999999999,
+        email: "test@user.com"
+      }
+      last_response.should be_redirect
+      last_response.headers['Location'].should == '/auth/failure?message=invalid_credentials&strategy=heroku_sso'
+      auth_hash.should be_nil
+    end
+  end
+end

data/spec/spec_helper.rb ADDED

@@ -0,0 +1,10 @@
+require 'rubygems'
+require 'bundler'
+Bundler.require
+require 'pry'
+require 'rack/test'
+RSpec.configure do |config|
+  config.include Rack::Test::Methods
+end

metadata ADDED

@@ -0,0 +1,136 @@
+--- !ruby/object:Gem::Specification
+name: omniauth-heroku-sso
+version: !ruby/object:Gem::Version
+  version: 1.0.0
+  prerelease:
+platform: ruby
+authors:
+- Tyson Tate
+autorequire:
+bindir: bin
+cert_chain: []
+date: 2012-04-25 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: &70344073538380 !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: *70344073538380
+- !ruby/object:Gem::Dependency
+  name: guard
+  requirement: &70344073537960 !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: *70344073537960
+- !ruby/object:Gem::Dependency
+  name: guard-rspec
+  requirement: &70344073553880 !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: *70344073553880
+- !ruby/object:Gem::Dependency
+  name: pry
+  requirement: &70344073553440 !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: *70344073553440
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: &70344073553000 !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: *70344073553000
+- !ruby/object:Gem::Dependency
+  name: rack-test
+  requirement: &70344073552580 !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: *70344073552580
+- !ruby/object:Gem::Dependency
+  name: omniauth
+  requirement: &70344073552160 !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: *70344073552160
+description: Provides an OmniAuth strategy for Heroku's single-sign-on functionality
+  for service providers.
+email:
+- tyson@tysontate.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- Gemfile
+- Gemfile.lock
+- Guardfile
+- README.md
+- Rakefile
+- lib/omniauth-heroku-sso.rb
+- lib/omniauth-heroku-sso/version.rb
+- lib/omniauth/strategies/heroku-sso.rb
+- omniauth-heroku-sso.gemspec
+- spec/lib/omniauth_heroku_sso_spec.rb
+- spec/spec_helper.rb
+homepage: http://github.com/stvp/omniauth-heroku-sso
+licenses: []
+post_install_message:
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: omniauth-heroku-sso
+rubygems_version: 1.8.11
+signing_key:
+specification_version: 3
+summary: Heroku SSO OmniAuth strategy
+test_files:
+- spec/lib/omniauth_heroku_sso_spec.rb
+- spec/spec_helper.rb