omniauth-vis 0.0.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml ADDED
@@ -0,0 +1,7 @@
1
+ ---
2
+ SHA256:
3
+ metadata.gz: 629b78fabaac3afbb49bda60037485bf94fd812212b23152c92eb3edb0af57fe
4
+ data.tar.gz: d619da57ccd0602c3b81f854e5e5cf0e894ea8d872bdf55fb8ac253ab5c99978
5
+ SHA512:
6
+ metadata.gz: 9c7ff8ee0d11e59c69ae055224decc3bf17cf29bcf53f7d378406817f8d3b3090045fa890bc5f086bac60732d8d779b2b658308a7ae5e67bbe91437cc552db90
7
+ data.tar.gz: 9d78c3f003085a28194aa6cfb67750027c7b2e3dd142fecd6f8902a7b728d8a3adbdef9c1b54316ace038b8c2d2be53854befa1056180956cfea53d725b41ac8
data/.gitignore ADDED
@@ -0,0 +1 @@
1
+ *.gem
data/README.md ADDED
@@ -0,0 +1,71 @@
1
+ # omniauth-vis
2
+
3
+ This small gem will help Rails apps to connect to Vipassana Identity Server (VIS) using Auth2
4
+
5
+ It provides:
6
+ - a strategy file to be used with `omniauth` gem
7
+ - a service to request VIS APIs endpoints
8
+
9
+ ## Register your app
10
+
11
+ Contact VIS administrators (sebastian.castro@dhamma.org, ryan.johnson@dhamma.org, nilendu.jani@dhamma.org) and provide following informations about your app:
12
+
13
+ - Name
14
+ - Home page url
15
+ - Logo url
16
+ - Authorized callback urls (example: https://myapp.org/users/auth/vis/callback)
17
+
18
+ ## Install the gem
19
+
20
+ ```
21
+ gem add omniauth-vis
22
+ ```
23
+
24
+ ## Configure
25
+
26
+ ```
27
+ # config/initializers/vis.rb
28
+
29
+ Rails.application.config.vis = {
30
+ app_id: "APP_ID_PROVIDED",
31
+ app_secret: "APP_SECRET_PROVIDED",
32
+ app_url: "https://identity.server.dhamma.org/"
33
+ }
34
+ ```
35
+
36
+ ## Use omniauth strategy
37
+
38
+ You first need to install `omniauth-oauth2` gem, then add a new provider :
39
+
40
+ ```
41
+ # config/initializers/omniauth.rb
42
+
43
+ Rails.application.config.middleware.use OmniAuth::Builder do
44
+ provider :vis, Rails.application.config.vis["app_id"], Rails.application.config.vis["app_secret"],
45
+ {
46
+ scope: "default"
47
+ }
48
+ end
49
+ ```
50
+
51
+ ## Use VIS API
52
+
53
+ `Vis::Api` will implement [Oauth2 Client Credentials Flow](https://auth0.com/docs/get-started/authentication-and-authorization-flow/client-credentials-flow) behind the scene
54
+
55
+ ```
56
+ @vis_api = Vis::Api.new
57
+ @vis_service.get("api_path")
58
+ @vis_service.post("api_path", data)
59
+ ```
60
+
61
+ Documentation about available api can be found at [https://identity.server.dhamma.org/doc](https://identity.server.dhamma.org/doc)
62
+
63
+ Example
64
+
65
+ ```
66
+ Vis::Api.new.post("/api/v1/users", {
67
+ email: "email@test.com",
68
+ username: "test",
69
+ encrypted_password: "xxxxxxxxxx"
70
+ })
71
+ ```
@@ -0,0 +1,46 @@
1
+ # frozen_string_literal: true
2
+
3
+ require 'omniauth/strategies/oauth2'
4
+
5
+ module OmniAuth
6
+ module Strategies
7
+ class Vis < OmniAuth::Strategies::OAuth2
8
+ option :name, :vis
9
+
10
+ option :client_options,
11
+ site: Rails.application.config.vis['app_url'],
12
+ authorize_path: '/oauth/authorize'
13
+
14
+ def on_path?(path)
15
+ current_path.squeeze('/').casecmp(path.squeeze('/')).zero?
16
+ end
17
+
18
+ def setup_phase
19
+ # Authorize extra params
20
+ authorized_params = [:locale, :confirm_identity, :allow_sign_up,
21
+ :allowed_external_providers, :extra_agreement_title, :extra_agreement_text]
22
+ authorized_params.each do |param|
23
+ request.env['omniauth.strategy'].options[:authorize_params][param] = request.params[param.to_s]
24
+ end
25
+ end
26
+
27
+ uid do
28
+ raw_info['id']
29
+ end
30
+
31
+ info do
32
+ raw_info
33
+ end
34
+
35
+ # to fix always getting invalid_grant error
36
+ # see https://github.com/omniauth/omniauth-oauth2/issues/81#issuecomment-231442739
37
+ def callback_url
38
+ full_host + script_name + callback_path
39
+ end
40
+
41
+ def raw_info
42
+ @raw_info ||= access_token.get('/api/v1/me.json').parsed
43
+ end
44
+ end
45
+ end
46
+ end
@@ -0,0 +1,4 @@
1
+ # frozen_string_literal: true
2
+
3
+ require 'omniauth/strategies/vis'
4
+ require 'vis/api'
data/lib/vis/api.rb ADDED
@@ -0,0 +1,79 @@
1
+ # Vipassna Identity Server Service - for server to server Oauth 2 client_credentials grant flow
2
+ # gets tokens so we can use the VIS API
3
+ module Vis
4
+ class Api
5
+ def initialize
6
+ @client_id = Rails.application.config.vis["app_id"]
7
+ @client_secret = Rails.application.config.vis["app_secret"]
8
+ @vis_app_url = Rails.application.config.vis["app_url"]
9
+ @use_ssl = !Rails.env.development?
10
+ end
11
+
12
+ def token
13
+ return @token if @token && @expiry && Time.now.utc < @expiry
14
+
15
+ response = token_post
16
+ result = JSON.parse(response.body)
17
+ check_error!(response.code, result)
18
+
19
+ @expiry = (Time.now.utc + result["expires_in"] - 1)
20
+ @token = result["access_token"]
21
+ end
22
+
23
+ # we can catch VisOauthErrors in our code if we decide to use VIS API as part of any request flow or backend task
24
+ private def check_error!(response_code, response_body_hash)
25
+ return unless response_body_hash["error"].present? || !response_code.in?(["200", "202"]) # 201 ?
26
+
27
+ raise Exceptions::VisOauthError,
28
+ "#{response_code} Error requesting token from Vipassana Identity Server. "\
29
+ "#{response_body_hash['error']} #{response_body_hash['error_description']}"
30
+ end
31
+
32
+ private def token_post
33
+ # uri = URI.parse("#{@vis_app_url})
34
+ http_client, uri = http_client_and_uri "/oauth/token"
35
+ request = Net::HTTP::Post.new(uri.request_uri)
36
+ # request.set_form_data({ "client_id" => @client_id, "client_secret" => @client_secret,
37
+ request.set_form_data({ "client_id" => @client_id, "client_secret" => @client_secret,
38
+ "grant_type" => "client_credentials" })
39
+ http_client.request(request)
40
+ end
41
+
42
+ def get(path)
43
+ http_client, uri = http_client_and_uri path
44
+ response = http_client.get(uri, headers)
45
+ return_response(response)
46
+ end
47
+
48
+ def post(path, post_params_hash)
49
+ http_client, uri = http_client_and_uri path
50
+ response = http_client.post(uri, post_params_hash.to_json, headers)
51
+ return_response(response)
52
+ end
53
+
54
+ private def return_response(response)
55
+ if response.body.blank?
56
+ {} # TODO: consider also returning or checking response.status, should be 202 for forward message
57
+ else
58
+ JSON.parse(response.body) # this is sometimes a blank string which raises error if JSON.parse is done on it
59
+ end
60
+ end
61
+
62
+ private def http_client_and_uri(path)
63
+ path = "/#{path}" unless path&.starts_with?("/")
64
+ uri = URI.parse("#{@vis_app_url}#{path}")
65
+ client = Net::HTTP.new(uri.hostname, uri.port)
66
+ client.use_ssl = @use_ssl
67
+ [client, uri]
68
+ end
69
+
70
+ private def headers
71
+ auth_headers.merge({ "Content-type" => "application/json" })
72
+ end
73
+
74
+ private def auth_headers
75
+ { "Authorization" => "Bearer #{token}" }
76
+ end
77
+
78
+ end
79
+ end
@@ -0,0 +1,17 @@
1
+ # frozen_string_literal: true
2
+
3
+ Gem::Specification.new do |gem|
4
+ gem.name = 'omniauth-vis'
5
+ gem.version = '0.0.2'
6
+ # gem.license = 'MIT'
7
+ gem.summary = 'Helper to connect to Vipassna Identity Server'
8
+ gem.description = 'This allows you to connect to Vipassana identity server with your ruby app'
9
+ gem.authors = ['Dhamma workers']
10
+ gem.email = ['sebastian.castro@dhamma.org', 'ryan.johnson@dhamma.org']
11
+ # gem.homepage = 'https://identity.server.dhamma.org/'
12
+
13
+ gem.files = `git ls-files`.split("\n")
14
+ gem.require_paths = ['lib']
15
+
16
+ gem.add_runtime_dependency 'omniauth-oauth2', '~> 1.2'
17
+ end
metadata ADDED
@@ -0,0 +1,65 @@
1
+ --- !ruby/object:Gem::Specification
2
+ name: omniauth-vis
3
+ version: !ruby/object:Gem::Version
4
+ version: 0.0.2
5
+ platform: ruby
6
+ authors:
7
+ - Dhamma workers
8
+ autorequire:
9
+ bindir: bin
10
+ cert_chain: []
11
+ date: 2022-10-04 00:00:00.000000000 Z
12
+ dependencies:
13
+ - !ruby/object:Gem::Dependency
14
+ name: omniauth-oauth2
15
+ requirement: !ruby/object:Gem::Requirement
16
+ requirements:
17
+ - - "~>"
18
+ - !ruby/object:Gem::Version
19
+ version: '1.2'
20
+ type: :runtime
21
+ prerelease: false
22
+ version_requirements: !ruby/object:Gem::Requirement
23
+ requirements:
24
+ - - "~>"
25
+ - !ruby/object:Gem::Version
26
+ version: '1.2'
27
+ description: This allows you to connect to Vipassana identity server with your ruby
28
+ app
29
+ email:
30
+ - sebastian.castro@dhamma.org
31
+ - ryan.johnson@dhamma.org
32
+ executables: []
33
+ extensions: []
34
+ extra_rdoc_files: []
35
+ files:
36
+ - ".gitignore"
37
+ - README.md
38
+ - lib/omniauth/strategies/vis.rb
39
+ - lib/omniauth_vis.rb
40
+ - lib/vis/api.rb
41
+ - omniauth-vis.gemspec
42
+ homepage:
43
+ licenses: []
44
+ metadata: {}
45
+ post_install_message:
46
+ rdoc_options: []
47
+ require_paths:
48
+ - lib
49
+ required_ruby_version: !ruby/object:Gem::Requirement
50
+ requirements:
51
+ - - ">="
52
+ - !ruby/object:Gem::Version
53
+ version: '0'
54
+ required_rubygems_version: !ruby/object:Gem::Requirement
55
+ requirements:
56
+ - - ">="
57
+ - !ruby/object:Gem::Version
58
+ version: '0'
59
+ requirements: []
60
+ rubyforge_project:
61
+ rubygems_version: 2.7.6.2
62
+ signing_key:
63
+ specification_version: 4
64
+ summary: Helper to connect to Vipassna Identity Server
65
+ test_files: []