omniauth-your-membership-token 1.0.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- data/.gitignore +22 -0
- data/Gemfile +4 -0
- data/LICENSE.txt +22 -0
- data/README.md +157 -0
- data/Rakefile +2 -0
- data/lib/omniauth-your-membership-token.rb +3 -0
- data/lib/omniauth/strategies/your_membership_token.rb +53 -0
- data/lib/omniauth/your_membership_token/version.rb +5 -0
- data/omniauth-your-membership-token.gemspec +26 -0
- metadata +111 -0
checksums.yaml
ADDED
@@ -0,0 +1,7 @@
|
|
1
|
+
---
|
2
|
+
SHA1:
|
3
|
+
metadata.gz: 9b6cbc53f84e9388a1eb6d143ff170395d8b401f
|
4
|
+
data.tar.gz: 7977fd59d21e5b80125aeee25a73ab4acd50d791
|
5
|
+
SHA512:
|
6
|
+
metadata.gz: 3e456fe9bc3be2ff2d5bda42d621deb16c0ecb14d434c3e6ae5ee1060a7df0119f4522843681e92d4c31e9fd065407de8b0dcc414027a7f42830710312d52f7c
|
7
|
+
data.tar.gz: 87ec483b50b9a011a2042c4efc10cd14ba43980d7e29ac5a1fd5722db3797a6e95a93187b7f395b6a0bcc040cb8fc07c560db1ef373cc3c3aaa93e0f9d700e55
|
data/.gitignore
ADDED
@@ -0,0 +1,22 @@
|
|
1
|
+
*.gem
|
2
|
+
*.rbc
|
3
|
+
.bundle
|
4
|
+
.config
|
5
|
+
.yardoc
|
6
|
+
Gemfile.lock
|
7
|
+
InstalledFiles
|
8
|
+
_yardoc
|
9
|
+
coverage
|
10
|
+
doc/
|
11
|
+
lib/bundler/man
|
12
|
+
pkg
|
13
|
+
rdoc
|
14
|
+
spec/reports
|
15
|
+
test/tmp
|
16
|
+
test/version_tmp
|
17
|
+
tmp
|
18
|
+
*.bundle
|
19
|
+
*.so
|
20
|
+
*.o
|
21
|
+
*.a
|
22
|
+
mkmf.log
|
data/Gemfile
ADDED
data/LICENSE.txt
ADDED
@@ -0,0 +1,22 @@
|
|
1
|
+
Copyright (c) 2014 Nathan Flood
|
2
|
+
|
3
|
+
MIT License
|
4
|
+
|
5
|
+
Permission is hereby granted, free of charge, to any person obtaining
|
6
|
+
a copy of this software and associated documentation files (the
|
7
|
+
"Software"), to deal in the Software without restriction, including
|
8
|
+
without limitation the rights to use, copy, modify, merge, publish,
|
9
|
+
distribute, sublicense, and/or sell copies of the Software, and to
|
10
|
+
permit persons to whom the Software is furnished to do so, subject to
|
11
|
+
the following conditions:
|
12
|
+
|
13
|
+
The above copyright notice and this permission notice shall be
|
14
|
+
included in all copies or substantial portions of the Software.
|
15
|
+
|
16
|
+
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
|
17
|
+
EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
|
18
|
+
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
|
19
|
+
NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
|
20
|
+
LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
|
21
|
+
OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
|
22
|
+
WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
data/README.md
ADDED
@@ -0,0 +1,157 @@
|
|
1
|
+
# Omniauth::Strategies::YourMembershipToken
|
2
|
+
|
3
|
+
This is an OmniAuth Strategy for authenticating to YourMembership implementations using token-based authentication.
|
4
|
+
|
5
|
+
## Installation
|
6
|
+
|
7
|
+
Add these lines to your application's Gemfile:
|
8
|
+
```RUBY
|
9
|
+
gem 'omniauth'
|
10
|
+
gem 'omniauth-your-membership-token'
|
11
|
+
```
|
12
|
+
And then execute:
|
13
|
+
|
14
|
+
$ bundle install
|
15
|
+
|
16
|
+
## Usage
|
17
|
+
|
18
|
+
`OmniAuth::Strategies::YourMembershipToken` is simply a Rack middleware. Read the OmniAuth docs for detailed instructions: https://github.com/intridea/omniauth.
|
19
|
+
|
20
|
+
This strategy depends on the `your_membership` gem. You will need to configure your YourMembership environment before you can use this strategy for authentication. Read the documentation for that gem for instructions: https://github.com/ECHOInternational/your_membership
|
21
|
+
|
22
|
+
Here's a quick example, adding the middleware to a Rails app in `config/initializers/omniauth.rb:`
|
23
|
+
|
24
|
+
```RUBY
|
25
|
+
Rails.application.config.middleware.use OmniAuth::Builder do
|
26
|
+
provider :yourMembershipToken
|
27
|
+
end
|
28
|
+
```
|
29
|
+
|
30
|
+
## Auth Hash
|
31
|
+
|
32
|
+
Here's an example Auth Hash available in `request.env['omniauth.auth']`:
|
33
|
+
|
34
|
+
```RUBY
|
35
|
+
{
|
36
|
+
:provider => YourMembershipToken,
|
37
|
+
:uid => 234235D-3234-2342252-AS432, # YourMembership API Member ID
|
38
|
+
:extra => {
|
39
|
+
:access_token => 453532-D234234-234234-D2132, # YourMembership Authenticated Session ID
|
40
|
+
}
|
41
|
+
}
|
42
|
+
```
|
43
|
+
|
44
|
+
## Interacting with the returned Session ID
|
45
|
+
|
46
|
+
`request.env['omniauth.auth']['extra']['access_token']` provides the authenticated session ID as a way for the authenticated user to interact with the YourMembership API through the Ruby SDK.
|
47
|
+
|
48
|
+
Due to the fact that Rails (and most other frameworks) don't maintain object state between requests it is incumbent upon you to implement the storage and retrieval of the Session ID and an ever-incrementing call counter.
|
49
|
+
|
50
|
+
Upon authorization set the call counter to 10 or more to account for calls during authentication.
|
51
|
+
|
52
|
+
Here's an example of how to maintain a call counter in an ActiveRecord model. Your User table will need to have these fields at minimum:
|
53
|
+
+ provider
|
54
|
+
+ uid
|
55
|
+
+ remote_session_call_counter
|
56
|
+
+ remote_session
|
57
|
+
|
58
|
+
```RUBY
|
59
|
+
class User < ActiveRecord::Base
|
60
|
+
|
61
|
+
# Create user if it doesn't exist (this probably isn't necessary if you're using Devise or another Auth Framework)
|
62
|
+
def self.create_with_omniauth(auth)
|
63
|
+
create! do |user|
|
64
|
+
user.provider = auth['provider']
|
65
|
+
user.uid = auth['uid']
|
66
|
+
end
|
67
|
+
end
|
68
|
+
|
69
|
+
# An example API call
|
70
|
+
def member
|
71
|
+
# You need to increment the call_counter before every call or you'll get errors from YourMembership's API
|
72
|
+
update_remote_session_call_counter
|
73
|
+
YourMembership::Member.create_from_session ym_session
|
74
|
+
end
|
75
|
+
|
76
|
+
def ym_session
|
77
|
+
# Cache the session object so that you aren't re-creating it with every call.
|
78
|
+
@session ||= YourMembership::Session.new remote_session, remote_session_call_counter
|
79
|
+
end
|
80
|
+
|
81
|
+
def update_remote_session_call_counter
|
82
|
+
# Make the database call_counter match that which is in the session object
|
83
|
+
update(remote_session_call_counter: ym_session.call_id)
|
84
|
+
end
|
85
|
+
|
86
|
+
def abandon_remote_session
|
87
|
+
begin
|
88
|
+
update_remote_session_call_counter
|
89
|
+
ym_session.abandon
|
90
|
+
rescue YourMembership::Error => e
|
91
|
+
logger.info "YourMembership returned error #{e.error_code}: #{e.error_description}"
|
92
|
+
ensure
|
93
|
+
update(remote_session: nil)
|
94
|
+
update(remote_session_call_counter: 200)
|
95
|
+
save
|
96
|
+
end
|
97
|
+
end
|
98
|
+
end
|
99
|
+
```
|
100
|
+
|
101
|
+
And you would want to do something like this in your session controller:
|
102
|
+
|
103
|
+
```RUBY
|
104
|
+
class SessionsController < ApplicationController
|
105
|
+
# This will save you a headache when using remote authentication
|
106
|
+
skip_before_filter :verify_authenticity_token, :only => :create
|
107
|
+
|
108
|
+
# This is the standard way to access an OmniAuth strategy, this may change for your framework of choice.
|
109
|
+
def new
|
110
|
+
redirect_to '/auth/yourmembershiptoken'
|
111
|
+
end
|
112
|
+
|
113
|
+
def create
|
114
|
+
auth = request.env["omniauth.auth"]
|
115
|
+
user = User.where(:provider => auth['provider'],
|
116
|
+
:uid => auth['uid'].to_s).first || User.create_with_omniauth(auth)
|
117
|
+
|
118
|
+
#Remember the current session so you can access it later
|
119
|
+
user.remote_session = auth['extra']['access_token']
|
120
|
+
user.remote_session_call_counter = 300
|
121
|
+
user.save
|
122
|
+
|
123
|
+
reset_session
|
124
|
+
session[:user_id] = user.id
|
125
|
+
redirect_to root_url, :notice => 'Signed in!'
|
126
|
+
end
|
127
|
+
|
128
|
+
def destroy
|
129
|
+
current_user.abandon_remote_session
|
130
|
+
reset_session
|
131
|
+
redirect_to root_url, :notice => 'Signed out!'
|
132
|
+
end
|
133
|
+
|
134
|
+
def failure
|
135
|
+
redirect_to root_url, :alert => "Authentication error: #{params[:message].humanize}"
|
136
|
+
end
|
137
|
+
|
138
|
+
end
|
139
|
+
```
|
140
|
+
|
141
|
+
### Session Expiration
|
142
|
+
|
143
|
+
You'll need to watch out for sessions expiring. An easy way to recover from an expired session is to write a rescue_from method in your `application.rb`
|
144
|
+
|
145
|
+
Here's an example:
|
146
|
+
|
147
|
+
```Ruby
|
148
|
+
rescue_from YourMembership::Error do | error |
|
149
|
+
case error.error_code
|
150
|
+
when '202'
|
151
|
+
reset_session
|
152
|
+
redirect_to root_url, :notice => 'Your Session Timed Out.'
|
153
|
+
else
|
154
|
+
raise error
|
155
|
+
end
|
156
|
+
end
|
157
|
+
```
|
data/Rakefile
ADDED
@@ -0,0 +1,53 @@
|
|
1
|
+
require'omniauth'
|
2
|
+
require'your_membership'
|
3
|
+
|
4
|
+
module OmniAuth
|
5
|
+
module Strategies
|
6
|
+
class YourMembershipToken
|
7
|
+
include OmniAuth::Strategy
|
8
|
+
|
9
|
+
# The UID is going to be the member's API id (member_id)
|
10
|
+
# We'll also store the session ID
|
11
|
+
option :fields, [:member_id, :ym_session]
|
12
|
+
option :uid_field, :member_id
|
13
|
+
|
14
|
+
def request_phase
|
15
|
+
# Build an Access Token
|
16
|
+
session = YourMembership::Session.create
|
17
|
+
token_hash = session.createToken(:RetUrl => callback_url)
|
18
|
+
|
19
|
+
# Pass the YourMembership session id to the Callback
|
20
|
+
request.params[:ym_session] = session.to_s
|
21
|
+
|
22
|
+
# Redirect to token url
|
23
|
+
redirect token_hash['GoToUrl']
|
24
|
+
end
|
25
|
+
|
26
|
+
def callback_phase
|
27
|
+
# create session object
|
28
|
+
|
29
|
+
ym_session = YourMembership::Session.new(request.env['omniauth.params'][:ym_session], 100)
|
30
|
+
|
31
|
+
fail! 'Failed To Log In' unless ym_session
|
32
|
+
begin
|
33
|
+
fail! 'Failed To Log In' unless ym_session.authenticated?
|
34
|
+
rescue YourMembership::Error => e
|
35
|
+
fail! e.error_description
|
36
|
+
end
|
37
|
+
|
38
|
+
@user_id = ym_session.user_id
|
39
|
+
@access_token = ym_session.to_s
|
40
|
+
|
41
|
+
super
|
42
|
+
end
|
43
|
+
|
44
|
+
uid do
|
45
|
+
@user_id
|
46
|
+
end
|
47
|
+
|
48
|
+
extra do
|
49
|
+
{'access_token' => @access_token}
|
50
|
+
end
|
51
|
+
end
|
52
|
+
end
|
53
|
+
end
|
@@ -0,0 +1,26 @@
|
|
1
|
+
# coding: utf-8
|
2
|
+
lib = File.expand_path('../lib', __FILE__)
|
3
|
+
$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
|
4
|
+
require 'omniauth/your_membership_token/version'
|
5
|
+
|
6
|
+
Gem::Specification.new do |spec|
|
7
|
+
spec.name = "omniauth-your-membership-token"
|
8
|
+
spec.version = OmniAuth::YourMembershipToken::VERSION
|
9
|
+
spec.authors = ["Nate Flood"]
|
10
|
+
spec.email = ["nflood@echonet.org"]
|
11
|
+
spec.summary = %q{Omniauth Strategy For Authenticating To YourMembership}
|
12
|
+
spec.description = %q{This is an Omniauth Strategy for Authenticating to YourMembership. It requires the your_membership gem.}
|
13
|
+
spec.homepage = ""
|
14
|
+
spec.license = "MIT"
|
15
|
+
|
16
|
+
spec.files = `git ls-files -z`.split("\x0")
|
17
|
+
spec.executables = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
|
18
|
+
spec.test_files = spec.files.grep(%r{^(test|spec|features)/})
|
19
|
+
spec.require_paths = ["lib"]
|
20
|
+
|
21
|
+
spec.add_dependency "omniauth", "~> 1.2"
|
22
|
+
spec.add_dependency "your_membership", "~> 1.1"
|
23
|
+
|
24
|
+
spec.add_development_dependency "bundler", "~> 1.6"
|
25
|
+
spec.add_development_dependency "rake"
|
26
|
+
end
|
metadata
ADDED
@@ -0,0 +1,111 @@
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
2
|
+
name: omniauth-your-membership-token
|
3
|
+
version: !ruby/object:Gem::Version
|
4
|
+
version: 1.0.0
|
5
|
+
platform: ruby
|
6
|
+
authors:
|
7
|
+
- Nate Flood
|
8
|
+
autorequire:
|
9
|
+
bindir: bin
|
10
|
+
cert_chain: []
|
11
|
+
date: 2014-08-22 00:00:00.000000000 Z
|
12
|
+
dependencies:
|
13
|
+
- !ruby/object:Gem::Dependency
|
14
|
+
name: omniauth
|
15
|
+
requirement: !ruby/object:Gem::Requirement
|
16
|
+
requirements:
|
17
|
+
- - ~>
|
18
|
+
- !ruby/object:Gem::Version
|
19
|
+
version: '1.2'
|
20
|
+
type: :runtime
|
21
|
+
prerelease: false
|
22
|
+
version_requirements: !ruby/object:Gem::Requirement
|
23
|
+
requirements:
|
24
|
+
- - ~>
|
25
|
+
- !ruby/object:Gem::Version
|
26
|
+
version: '1.2'
|
27
|
+
- !ruby/object:Gem::Dependency
|
28
|
+
name: your_membership
|
29
|
+
requirement: !ruby/object:Gem::Requirement
|
30
|
+
requirements:
|
31
|
+
- - ~>
|
32
|
+
- !ruby/object:Gem::Version
|
33
|
+
version: '1.1'
|
34
|
+
type: :runtime
|
35
|
+
prerelease: false
|
36
|
+
version_requirements: !ruby/object:Gem::Requirement
|
37
|
+
requirements:
|
38
|
+
- - ~>
|
39
|
+
- !ruby/object:Gem::Version
|
40
|
+
version: '1.1'
|
41
|
+
- !ruby/object:Gem::Dependency
|
42
|
+
name: bundler
|
43
|
+
requirement: !ruby/object:Gem::Requirement
|
44
|
+
requirements:
|
45
|
+
- - ~>
|
46
|
+
- !ruby/object:Gem::Version
|
47
|
+
version: '1.6'
|
48
|
+
type: :development
|
49
|
+
prerelease: false
|
50
|
+
version_requirements: !ruby/object:Gem::Requirement
|
51
|
+
requirements:
|
52
|
+
- - ~>
|
53
|
+
- !ruby/object:Gem::Version
|
54
|
+
version: '1.6'
|
55
|
+
- !ruby/object:Gem::Dependency
|
56
|
+
name: rake
|
57
|
+
requirement: !ruby/object:Gem::Requirement
|
58
|
+
requirements:
|
59
|
+
- - '>='
|
60
|
+
- !ruby/object:Gem::Version
|
61
|
+
version: '0'
|
62
|
+
type: :development
|
63
|
+
prerelease: false
|
64
|
+
version_requirements: !ruby/object:Gem::Requirement
|
65
|
+
requirements:
|
66
|
+
- - '>='
|
67
|
+
- !ruby/object:Gem::Version
|
68
|
+
version: '0'
|
69
|
+
description: This is an Omniauth Strategy for Authenticating to YourMembership. It
|
70
|
+
requires the your_membership gem.
|
71
|
+
email:
|
72
|
+
- nflood@echonet.org
|
73
|
+
executables: []
|
74
|
+
extensions: []
|
75
|
+
extra_rdoc_files: []
|
76
|
+
files:
|
77
|
+
- .gitignore
|
78
|
+
- Gemfile
|
79
|
+
- LICENSE.txt
|
80
|
+
- README.md
|
81
|
+
- Rakefile
|
82
|
+
- lib/omniauth-your-membership-token.rb
|
83
|
+
- lib/omniauth/strategies/your_membership_token.rb
|
84
|
+
- lib/omniauth/your_membership_token/version.rb
|
85
|
+
- omniauth-your-membership-token.gemspec
|
86
|
+
homepage: ''
|
87
|
+
licenses:
|
88
|
+
- MIT
|
89
|
+
metadata: {}
|
90
|
+
post_install_message:
|
91
|
+
rdoc_options: []
|
92
|
+
require_paths:
|
93
|
+
- lib
|
94
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
95
|
+
requirements:
|
96
|
+
- - '>='
|
97
|
+
- !ruby/object:Gem::Version
|
98
|
+
version: '0'
|
99
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
100
|
+
requirements:
|
101
|
+
- - '>='
|
102
|
+
- !ruby/object:Gem::Version
|
103
|
+
version: '0'
|
104
|
+
requirements: []
|
105
|
+
rubyforge_project:
|
106
|
+
rubygems_version: 2.3.0
|
107
|
+
signing_key:
|
108
|
+
specification_version: 4
|
109
|
+
summary: Omniauth Strategy For Authenticating To YourMembership
|
110
|
+
test_files: []
|
111
|
+
has_rdoc:
|