omniauth-vis 0.0.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +7 -0
- data/.gitignore +1 -0
- data/README.md +71 -0
- data/lib/omniauth/strategies/vis.rb +46 -0
- data/lib/omniauth_vis.rb +4 -0
- data/lib/vis/api.rb +79 -0
- data/omniauth-vis.gemspec +17 -0
- metadata +65 -0
checksums.yaml
ADDED
@@ -0,0 +1,7 @@
|
|
1
|
+
---
|
2
|
+
SHA256:
|
3
|
+
metadata.gz: 629b78fabaac3afbb49bda60037485bf94fd812212b23152c92eb3edb0af57fe
|
4
|
+
data.tar.gz: d619da57ccd0602c3b81f854e5e5cf0e894ea8d872bdf55fb8ac253ab5c99978
|
5
|
+
SHA512:
|
6
|
+
metadata.gz: 9c7ff8ee0d11e59c69ae055224decc3bf17cf29bcf53f7d378406817f8d3b3090045fa890bc5f086bac60732d8d779b2b658308a7ae5e67bbe91437cc552db90
|
7
|
+
data.tar.gz: 9d78c3f003085a28194aa6cfb67750027c7b2e3dd142fecd6f8902a7b728d8a3adbdef9c1b54316ace038b8c2d2be53854befa1056180956cfea53d725b41ac8
|
data/.gitignore
ADDED
@@ -0,0 +1 @@
|
|
1
|
+
*.gem
|
data/README.md
ADDED
@@ -0,0 +1,71 @@
|
|
1
|
+
# omniauth-vis
|
2
|
+
|
3
|
+
This small gem will help Rails apps to connect to Vipassana Identity Server (VIS) using Auth2
|
4
|
+
|
5
|
+
It provides:
|
6
|
+
- a strategy file to be used with `omniauth` gem
|
7
|
+
- a service to request VIS APIs endpoints
|
8
|
+
|
9
|
+
## Register your app
|
10
|
+
|
11
|
+
Contact VIS administrators (sebastian.castro@dhamma.org, ryan.johnson@dhamma.org, nilendu.jani@dhamma.org) and provide following informations about your app:
|
12
|
+
|
13
|
+
- Name
|
14
|
+
- Home page url
|
15
|
+
- Logo url
|
16
|
+
- Authorized callback urls (example: https://myapp.org/users/auth/vis/callback)
|
17
|
+
|
18
|
+
## Install the gem
|
19
|
+
|
20
|
+
```
|
21
|
+
gem add omniauth-vis
|
22
|
+
```
|
23
|
+
|
24
|
+
## Configure
|
25
|
+
|
26
|
+
```
|
27
|
+
# config/initializers/vis.rb
|
28
|
+
|
29
|
+
Rails.application.config.vis = {
|
30
|
+
app_id: "APP_ID_PROVIDED",
|
31
|
+
app_secret: "APP_SECRET_PROVIDED",
|
32
|
+
app_url: "https://identity.server.dhamma.org/"
|
33
|
+
}
|
34
|
+
```
|
35
|
+
|
36
|
+
## Use omniauth strategy
|
37
|
+
|
38
|
+
You first need to install `omniauth-oauth2` gem, then add a new provider :
|
39
|
+
|
40
|
+
```
|
41
|
+
# config/initializers/omniauth.rb
|
42
|
+
|
43
|
+
Rails.application.config.middleware.use OmniAuth::Builder do
|
44
|
+
provider :vis, Rails.application.config.vis["app_id"], Rails.application.config.vis["app_secret"],
|
45
|
+
{
|
46
|
+
scope: "default"
|
47
|
+
}
|
48
|
+
end
|
49
|
+
```
|
50
|
+
|
51
|
+
## Use VIS API
|
52
|
+
|
53
|
+
`Vis::Api` will implement [Oauth2 Client Credentials Flow](https://auth0.com/docs/get-started/authentication-and-authorization-flow/client-credentials-flow) behind the scene
|
54
|
+
|
55
|
+
```
|
56
|
+
@vis_api = Vis::Api.new
|
57
|
+
@vis_service.get("api_path")
|
58
|
+
@vis_service.post("api_path", data)
|
59
|
+
```
|
60
|
+
|
61
|
+
Documentation about available api can be found at [https://identity.server.dhamma.org/doc](https://identity.server.dhamma.org/doc)
|
62
|
+
|
63
|
+
Example
|
64
|
+
|
65
|
+
```
|
66
|
+
Vis::Api.new.post("/api/v1/users", {
|
67
|
+
email: "email@test.com",
|
68
|
+
username: "test",
|
69
|
+
encrypted_password: "xxxxxxxxxx"
|
70
|
+
})
|
71
|
+
```
|
@@ -0,0 +1,46 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require 'omniauth/strategies/oauth2'
|
4
|
+
|
5
|
+
module OmniAuth
|
6
|
+
module Strategies
|
7
|
+
class Vis < OmniAuth::Strategies::OAuth2
|
8
|
+
option :name, :vis
|
9
|
+
|
10
|
+
option :client_options,
|
11
|
+
site: Rails.application.config.vis['app_url'],
|
12
|
+
authorize_path: '/oauth/authorize'
|
13
|
+
|
14
|
+
def on_path?(path)
|
15
|
+
current_path.squeeze('/').casecmp(path.squeeze('/')).zero?
|
16
|
+
end
|
17
|
+
|
18
|
+
def setup_phase
|
19
|
+
# Authorize extra params
|
20
|
+
authorized_params = [:locale, :confirm_identity, :allow_sign_up,
|
21
|
+
:allowed_external_providers, :extra_agreement_title, :extra_agreement_text]
|
22
|
+
authorized_params.each do |param|
|
23
|
+
request.env['omniauth.strategy'].options[:authorize_params][param] = request.params[param.to_s]
|
24
|
+
end
|
25
|
+
end
|
26
|
+
|
27
|
+
uid do
|
28
|
+
raw_info['id']
|
29
|
+
end
|
30
|
+
|
31
|
+
info do
|
32
|
+
raw_info
|
33
|
+
end
|
34
|
+
|
35
|
+
# to fix always getting invalid_grant error
|
36
|
+
# see https://github.com/omniauth/omniauth-oauth2/issues/81#issuecomment-231442739
|
37
|
+
def callback_url
|
38
|
+
full_host + script_name + callback_path
|
39
|
+
end
|
40
|
+
|
41
|
+
def raw_info
|
42
|
+
@raw_info ||= access_token.get('/api/v1/me.json').parsed
|
43
|
+
end
|
44
|
+
end
|
45
|
+
end
|
46
|
+
end
|
data/lib/omniauth_vis.rb
ADDED
data/lib/vis/api.rb
ADDED
@@ -0,0 +1,79 @@
|
|
1
|
+
# Vipassna Identity Server Service - for server to server Oauth 2 client_credentials grant flow
|
2
|
+
# gets tokens so we can use the VIS API
|
3
|
+
module Vis
|
4
|
+
class Api
|
5
|
+
def initialize
|
6
|
+
@client_id = Rails.application.config.vis["app_id"]
|
7
|
+
@client_secret = Rails.application.config.vis["app_secret"]
|
8
|
+
@vis_app_url = Rails.application.config.vis["app_url"]
|
9
|
+
@use_ssl = !Rails.env.development?
|
10
|
+
end
|
11
|
+
|
12
|
+
def token
|
13
|
+
return @token if @token && @expiry && Time.now.utc < @expiry
|
14
|
+
|
15
|
+
response = token_post
|
16
|
+
result = JSON.parse(response.body)
|
17
|
+
check_error!(response.code, result)
|
18
|
+
|
19
|
+
@expiry = (Time.now.utc + result["expires_in"] - 1)
|
20
|
+
@token = result["access_token"]
|
21
|
+
end
|
22
|
+
|
23
|
+
# we can catch VisOauthErrors in our code if we decide to use VIS API as part of any request flow or backend task
|
24
|
+
private def check_error!(response_code, response_body_hash)
|
25
|
+
return unless response_body_hash["error"].present? || !response_code.in?(["200", "202"]) # 201 ?
|
26
|
+
|
27
|
+
raise Exceptions::VisOauthError,
|
28
|
+
"#{response_code} Error requesting token from Vipassana Identity Server. "\
|
29
|
+
"#{response_body_hash['error']} #{response_body_hash['error_description']}"
|
30
|
+
end
|
31
|
+
|
32
|
+
private def token_post
|
33
|
+
# uri = URI.parse("#{@vis_app_url})
|
34
|
+
http_client, uri = http_client_and_uri "/oauth/token"
|
35
|
+
request = Net::HTTP::Post.new(uri.request_uri)
|
36
|
+
# request.set_form_data({ "client_id" => @client_id, "client_secret" => @client_secret,
|
37
|
+
request.set_form_data({ "client_id" => @client_id, "client_secret" => @client_secret,
|
38
|
+
"grant_type" => "client_credentials" })
|
39
|
+
http_client.request(request)
|
40
|
+
end
|
41
|
+
|
42
|
+
def get(path)
|
43
|
+
http_client, uri = http_client_and_uri path
|
44
|
+
response = http_client.get(uri, headers)
|
45
|
+
return_response(response)
|
46
|
+
end
|
47
|
+
|
48
|
+
def post(path, post_params_hash)
|
49
|
+
http_client, uri = http_client_and_uri path
|
50
|
+
response = http_client.post(uri, post_params_hash.to_json, headers)
|
51
|
+
return_response(response)
|
52
|
+
end
|
53
|
+
|
54
|
+
private def return_response(response)
|
55
|
+
if response.body.blank?
|
56
|
+
{} # TODO: consider also returning or checking response.status, should be 202 for forward message
|
57
|
+
else
|
58
|
+
JSON.parse(response.body) # this is sometimes a blank string which raises error if JSON.parse is done on it
|
59
|
+
end
|
60
|
+
end
|
61
|
+
|
62
|
+
private def http_client_and_uri(path)
|
63
|
+
path = "/#{path}" unless path&.starts_with?("/")
|
64
|
+
uri = URI.parse("#{@vis_app_url}#{path}")
|
65
|
+
client = Net::HTTP.new(uri.hostname, uri.port)
|
66
|
+
client.use_ssl = @use_ssl
|
67
|
+
[client, uri]
|
68
|
+
end
|
69
|
+
|
70
|
+
private def headers
|
71
|
+
auth_headers.merge({ "Content-type" => "application/json" })
|
72
|
+
end
|
73
|
+
|
74
|
+
private def auth_headers
|
75
|
+
{ "Authorization" => "Bearer #{token}" }
|
76
|
+
end
|
77
|
+
|
78
|
+
end
|
79
|
+
end
|
@@ -0,0 +1,17 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
Gem::Specification.new do |gem|
|
4
|
+
gem.name = 'omniauth-vis'
|
5
|
+
gem.version = '0.0.2'
|
6
|
+
# gem.license = 'MIT'
|
7
|
+
gem.summary = 'Helper to connect to Vipassna Identity Server'
|
8
|
+
gem.description = 'This allows you to connect to Vipassana identity server with your ruby app'
|
9
|
+
gem.authors = ['Dhamma workers']
|
10
|
+
gem.email = ['sebastian.castro@dhamma.org', 'ryan.johnson@dhamma.org']
|
11
|
+
# gem.homepage = 'https://identity.server.dhamma.org/'
|
12
|
+
|
13
|
+
gem.files = `git ls-files`.split("\n")
|
14
|
+
gem.require_paths = ['lib']
|
15
|
+
|
16
|
+
gem.add_runtime_dependency 'omniauth-oauth2', '~> 1.2'
|
17
|
+
end
|
metadata
ADDED
@@ -0,0 +1,65 @@
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
2
|
+
name: omniauth-vis
|
3
|
+
version: !ruby/object:Gem::Version
|
4
|
+
version: 0.0.2
|
5
|
+
platform: ruby
|
6
|
+
authors:
|
7
|
+
- Dhamma workers
|
8
|
+
autorequire:
|
9
|
+
bindir: bin
|
10
|
+
cert_chain: []
|
11
|
+
date: 2022-10-04 00:00:00.000000000 Z
|
12
|
+
dependencies:
|
13
|
+
- !ruby/object:Gem::Dependency
|
14
|
+
name: omniauth-oauth2
|
15
|
+
requirement: !ruby/object:Gem::Requirement
|
16
|
+
requirements:
|
17
|
+
- - "~>"
|
18
|
+
- !ruby/object:Gem::Version
|
19
|
+
version: '1.2'
|
20
|
+
type: :runtime
|
21
|
+
prerelease: false
|
22
|
+
version_requirements: !ruby/object:Gem::Requirement
|
23
|
+
requirements:
|
24
|
+
- - "~>"
|
25
|
+
- !ruby/object:Gem::Version
|
26
|
+
version: '1.2'
|
27
|
+
description: This allows you to connect to Vipassana identity server with your ruby
|
28
|
+
app
|
29
|
+
email:
|
30
|
+
- sebastian.castro@dhamma.org
|
31
|
+
- ryan.johnson@dhamma.org
|
32
|
+
executables: []
|
33
|
+
extensions: []
|
34
|
+
extra_rdoc_files: []
|
35
|
+
files:
|
36
|
+
- ".gitignore"
|
37
|
+
- README.md
|
38
|
+
- lib/omniauth/strategies/vis.rb
|
39
|
+
- lib/omniauth_vis.rb
|
40
|
+
- lib/vis/api.rb
|
41
|
+
- omniauth-vis.gemspec
|
42
|
+
homepage:
|
43
|
+
licenses: []
|
44
|
+
metadata: {}
|
45
|
+
post_install_message:
|
46
|
+
rdoc_options: []
|
47
|
+
require_paths:
|
48
|
+
- lib
|
49
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
50
|
+
requirements:
|
51
|
+
- - ">="
|
52
|
+
- !ruby/object:Gem::Version
|
53
|
+
version: '0'
|
54
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
55
|
+
requirements:
|
56
|
+
- - ">="
|
57
|
+
- !ruby/object:Gem::Version
|
58
|
+
version: '0'
|
59
|
+
requirements: []
|
60
|
+
rubyforge_project:
|
61
|
+
rubygems_version: 2.7.6.2
|
62
|
+
signing_key:
|
63
|
+
specification_version: 4
|
64
|
+
summary: Helper to connect to Vipassna Identity Server
|
65
|
+
test_files: []
|