omnigollum 0.1.1

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 6433e6d7b91b97428df0d818edad425d84b13e12
+  data.tar.gz: 54e215475b725c404151388c7179666019d61dbe
+SHA512:
+  metadata.gz: f62358d2eb2bfc45fb6d4ebedc223c82f538d49a8801a1caaab8637f810853ae8597c0cfe4d7529ad338583f628a9dbb16e334d606f0b4132d0c1a371898dee8
+  data.tar.gz: 1ef15b097f7833ff8f987b730e62dceb9d2ade100681183e7fc9e3d0559fd60bf596489372967220a06abfe6a36c6acdd797a15e1c1139021a6c108c699352eb

data/LICENSE

@@ -0,0 +1,21 @@
+(The MIT License)
+
+Copyright (c) 2012-2013 Arran Cudbard-Bell
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the 'Software'), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED 'AS IS', WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

data/Readme.md

@@ -0,0 +1,103 @@
+# omnigollum - omniauth meets gollum
+
+## Quick Installation/Configuration
+
+```
+$ git clone https://github.com/arr2036/omnigollum.git
+$ cd omnigollum
+$ gem build omnigollum.gemspec
+$ gem install omnigollum*.gem
+```
+
+```sh
+$ cp config.rb.example config.rb
+```
+Customize config.rb to use your preferred omniauth strategy.
+
+Execute via Gollum
+```sh
+$ gollum --config config.rb
+```
+
+## Installation
+
+### Manual
+
+Clone into your ruby library path.
+
+    git clone git://github.com/arr2036/omnigollum.git
+
+## Configuration
+
+Omnigollum executes an OmniAuth::Builder proc/block to figure out which providers you've configured,
+then passes it on to omniauth to create the actual omniauth configuration.
+
+To configure both omniauth and omnigollum you should add the following to your config.ru file.
+
+### Load omnigollum library
+```ruby
+require 'omnigollum'
+```
+
+### Load individual provider libraries
+```ruby
+require 'omniauth/strategies/twitter'
+require 'omniauth/strategies/open_id'
+```
+
+### Set configuration
+```ruby
+options = {
+  # OmniAuth::Builder block is passed as a proc
+  :providers => Proc.new do
+    provider :twitter, 'CONSUMER_KEY', 'CONSUMER_SECRET'
+    provider :open_id, OpenID::Store::Filesystem.new('/tmp')
+  end,
+  :dummy_auth => false
+}
+
+# :omnigollum options *must* be set before the Omnigollum extension is registered
+Precious::App.set(:omnigollum, options)
+```
+
+### Access control
+
+By default, any authenticated user will be able to access the protected routes. Restrict this by setting the `authorized_users` option.
+
+`authorized_users` accepts an array of emails. Users must authenticate with one of these authorized emails in order to be allowed access.
+
+```ruby
+options[:authorized_users] = ["example0@example.org", "example1@example.org", "example2@example.org"]
+```
+
+Instead of setting these directly, you can use an [env var](http://www.12factor.net/config), maybe like this:
+
+```ruby
+# in .env, or other
+# OMNIGOLLUM_AUTHORIZED_USERS=example0@example.org,example1@example.org,example2@example.org
+
+options[:authorized_users] = ENV["OMNIGOLLUM_AUTHORIZED_USERS"].split(",")
+```
+
+### Register omnigollum extension with sinatra
+```ruby
+Precious::App.register Omnigollum::Sinatra
+```
+
+## Required patches
+
+### mustache
+
+https://github.com/defunkt/mustache
+
+Must be at v0.99.5 (currently unreleased), replace the gem version with 6c4e12d58844d99909df or
+the current HEAD.
+
+Feel free to complain loudly that the maintainer should roll a new gem.
+
+### Gollum
+You can also (optionally) apply the patches here, to get a neat little auth
+status widget in the top right corner of the page https://github.com/arr2036/gollum/commit/32de2cad920ccc6e955b8e19f6e23c2b3b4c8964
+
+
+

data/lib/omnigollum.rb

@@ -0,0 +1,297 @@
+require 'cgi'
+require 'omniauth'
+require 'mustache/sinatra'
+require 'sinatra/base'
+
+module Omnigollum
+  module Views; class Layout < Mustache; end; end
+  module Models
+    class OmniauthUserInitError < StandardError; end
+
+    class User
+      attr_reader :uid, :name, :email, :nickname, :provider
+    end
+
+    class OmniauthUser < User
+      def initialize (hash, options)
+        # Validity checks, don't trust providers
+        @uid = hash['uid'].to_s.strip
+        raise OmniauthUserInitError, "Insufficient data from authentication provider, uid not provided or empty" if @uid.empty?
+
+        @name = hash['info']['name'].to_s.strip if hash['info'].has_key?('name')
+        @name = options[:default_name] if !@name || @name.empty?
+
+        raise OmniauthUserInitError, "Insufficient data from authentication provider, name not provided or empty" if !@name || @name.empty?
+
+        @email = hash['info']['email'].to_s.strip if hash['info'].has_key?('email')
+        @email = options[:default_email] if !@email || @email.empty?
+
+        raise OmniauthUserInitError, "Insufficient data from authentication provider, email not provided or empty" if !@email || @email.empty?
+
+        @nickname = hash['info']['nickname'].to_s.strip if hash['info'].has_key?('nickname')
+
+        @provider = hash['provider']
+
+        self
+      end
+    end
+  end
+
+  module Helpers
+    def user_authed?
+      session.has_key? :omniauth_user
+    end
+
+    def user_auth
+      @title   = 'Authentication is required'
+      @subtext = 'Please choose a login service'
+      show_login
+    end
+
+    def kick_back
+      redirect !request.referrer.nil? && request.referrer !~ /#{Regexp.escape(settings.send(:omnigollum)[:route_prefix])}\/.*/ ?
+        request.referrer:
+        '/'
+      halt
+    end
+
+    def get_user
+      session[:omniauth_user]
+    end
+
+    def user_deauth
+      session.delete :omniauth_user
+    end
+
+    def auth_config
+      options = settings.send(:omnigollum)
+
+      @auth = {
+        :route_prefix => options[:route_prefix],
+        :providers    => options[:provider_names],
+        :path_images  => options[:path_images],
+        :logo_suffix  => options[:logo_suffix],
+        :logo_missing => options[:logo_missing]
+      }
+    end
+
+    def show_login
+      options = settings.send(:omnigollum)
+
+      # Don't bother showing the login screen, just redirect
+      if options[:provider_names].count == 1
+        if !request.params['origin'].nil?
+          origin = request.params['origin']
+        elsif !request.path.nil?
+          origin = request.path
+        else
+          origin = '/'
+        end
+
+        redirect options[:route_prefix] + '/auth/' + options[:provider_names].first.to_s + "?origin=" +
+           CGI.escape(origin)
+      else
+         auth_config
+         require options[:path_views] + '/login'
+         halt mustache Omnigollum::Views::Login
+      end
+    end
+
+    def commit_message
+      if user_authed?
+        user = get_user
+        return { :message => params[:message], :name => user.name, :email => user.email}
+      else
+        return { :message => params[:message]}
+      end
+    end
+  end
+
+  # Config class provides default values for omnigollum configuration, and an array
+  # of all providers which have been enabled if a omniauth config block is passed to
+  # eval_omniauth_config.
+  class Config
+    attr_accessor :default_options
+    class << self; attr_accessor :default_options; end
+
+    @default_options = {
+      :protected_routes => [
+        '/revert/*',
+        '/revert',
+        '/create/*',
+        '/create',
+        '/edit/*',
+        '/edit',
+        '/delete/*',
+        '/delete'],
+
+      :route_prefix => '/__omnigollum__',
+      :dummy_auth   => true,
+      :providers    => Proc.new { provider :github, '', '' },
+      :path_base    => dir = File.expand_path(File.dirname(__FILE__) + '/..'),
+      :logo_suffix  => "_logo.png",
+      :logo_missing => "omniauth", # Set to false to disable missing logos
+      :path_images  => "#{dir}/public/images",
+      :path_views   => "#{dir}/views",
+      :path_templates => "#{dir}/templates",
+      :default_name   => nil,
+      :default_email  => nil,
+      :provider_names => [],
+      :authorized_users => [],
+      :author_format => Proc.new { |user| user.nickname ? user.name + ' (' + user.nickname + ')' : user.name },
+    }
+
+    def initialize
+      @default_options = self.class.default_options
+    end
+
+    # Register provider name
+    #
+    # name - Provider symbol
+    # args - Arbitrary arguments
+    def provider(name, *args)
+      @default_options[:provider_names].push name
+    end
+
+    # Evaluate procedure calls in an omniauth config block/proc in the context
+    # of this class.
+    #
+    # This allows us to learn about omniauth config items that would otherwise be inaccessible.
+    #
+    # block - Omniauth proc or block
+    def eval_omniauth_config(&block)
+      self.instance_eval(&block)
+    end
+
+    # Catches missing methods we haven't implemented, but which omniauth accepts
+    # in its config block.
+    #
+    # args - Arbitrary list of arguments
+    def method_missing(*args); end
+  end
+
+  module Sinatra
+    def self.registered(app)
+      # As options determine which routes are created, they must be set before registering omniauth
+      config  = Omnigollum::Config.new
+
+      options = app.settings.respond_to?(:omnigollum) ?
+        config.default_options.merge(app.settings.send(:omnigollum)) :
+        config.default_options
+
+      # Set omniauth path prefix based on options
+      OmniAuth.config.path_prefix = options[:route_prefix] + OmniAuth.config.path_prefix
+
+      # Setup test_mode options
+      if options[:dummy_auth]
+        OmniAuth.config.test_mode = true
+        OmniAuth.config.mock_auth[:default] = {
+          'uid' => '12345',
+          "info" => {
+            "email"  => "user@example.com",
+            "name"   => "example user"
+            },
+            'provider' => 'local'
+          }
+        end
+      # Register helpers
+      app.helpers Helpers
+
+      # Enable sinatra session support
+      app.set :sessions,  true
+
+      # Setup omniauth providers
+      if !options[:providers].nil?
+        app.use OmniAuth::Builder, &options[:providers]
+
+        # You told omniauth, now tell us!
+        config.eval_omniauth_config &options[:providers] if options[:provider_names].count == 0
+      end
+
+      # Populates instance variables used to display currently logged in user
+      app.before '/*' do
+        @user_authed = user_authed?
+        @user        = get_user
+      end
+
+      # Stop browsers from screwing up our referrer information
+      # FIXME: This is hacky...
+      app.before '/favicon.ico' do
+        halt 403 unless user_authed?
+      end
+
+      # Explicit login (user followed login link) clears previous redirect info
+      app.before options[:route_prefix] + '/login' do
+        kick_back if user_authed?
+        @auth_params = "?origin=#{CGI.escape(request.referrer)}" unless request.referrer.nil?
+        user_auth
+      end
+
+      app.before options[:route_prefix] + '/logout' do
+        user_deauth
+        kick_back
+      end
+
+      app.before options[:route_prefix] + '/auth/failure' do
+        user_deauth
+        @title    = 'Authentication failed'
+        @subtext = "Provider did not validate your credentials (#{params[:message]}) - please retry or choose another login service"
+        @auth_params = "?origin=#{CGI.escape(request.env['omniauth.origin'])}" unless request.env['omniauth.origin'].nil?
+        show_login
+      end
+
+      app.before options[:route_prefix] + '/auth/:name/callback' do
+        begin
+          if !request.env['omniauth.auth'].nil?
+            user = Omnigollum::Models::OmniauthUser.new(request.env['omniauth.auth'], options)
+
+            # Check authorized users
+            if !options[:authorized_users].empty? && !options[:authorized_users].include?(user.email) &&
+               !options[:authorized_users].include?(user.nickname)
+              @title   = 'Authorization failed'
+              @subtext = 'User was not found in the authorized users list'
+              @auth_params = "?origin=#{CGI.escape(request.env['omniauth.origin'])}" unless request.env['omniauth.origin'].nil?
+              show_login
+            end
+
+            session[:omniauth_user] = user
+
+            # Update gollum's author hash, so commits are recorded correctly
+            session['gollum.author'] = {
+              :name => options[:author_format].call(user),
+              :email => user.email
+            }
+
+            redirect request.env['omniauth.origin']
+          elsif !user_authed?
+            @title   = 'Authentication failed'
+            @subtext = 'Omniauth experienced an error processing your request'
+            @auth_params = "?origin=#{CGI.escape(request.env['omniauth.origin'])}" unless request.env['omniauth.origin'].nil?
+            show_login
+          end
+        rescue StandardError => fail_reason
+          @title   = 'Authentication failed'
+          @subtext = fail_reason
+          @auth_params = "?origin=#{CGI.escape(request.env['omniauth.origin'])}" unless request.env['omniauth.origin'].nil?
+          show_login
+        end
+      end
+
+      app.before options[:route_prefix] + '/images/:image.png' do
+        content_type :png
+        send_file options[:path_images] + '/' + params[:image] + '.png'
+      end
+
+      # Stop sinatra processing and hand off to omniauth
+      app.before options[:route_prefix] + '/auth/:provider' do
+        halt 404
+      end
+
+      # Pre-empt protected routes
+      options[:protected_routes].each {|route| app.before(route) {user_auth unless user_authed?}}
+
+      # Write the actual config back to the app instance
+      app.set(:omnigollum, options)
+    end
+  end
+end

data/templates/Login.mustache

@@ -0,0 +1,18 @@
+<div id="wiki-wrapper" class="markdown-body">
+<h2>{{title}}</h2>
+<div id="login" class="login_form"> 
+  <h3>{{subtext}}</h3>  
+  <ul class="actions">
+    {{#providers_active}}
+      <li class="minibutton">
+          <a style="height:auto" href="{{{provider_url}}}">
+            {{#image}}
+              <img src="{{{image}}}" alt="{{image_alt}}" title="{{image_title}}"/>
+            {{/image}}
+            <div style="text-align: center">{{{name}}}</div>
+          </a>
+      </li>
+    {{/providers_active}}
+  </ul>
+</div>
+</div>

data/views/login.rb

@@ -0,0 +1,42 @@
+module Omnigollum
+  module Views
+    class Login < Mustache
+      self.template_path = File.expand_path("../../templates", __FILE__)
+      self.template_name = 'Login'
+      
+      def title
+        @title
+      end
+      
+      def subtext
+        @subtext
+      end
+      
+      def providers_active
+        providers = []
+          @auth[:providers].each do |name|
+            provider_attr = {
+              :name => OmniAuth::Utils.camelize(name),
+              :provider_url => @auth[:route_prefix] + "/auth/#{name}" + (defined?(@auth_params) ? @auth_params : '') 
+            }
+            name = name.to_s
+            if has_logo?(logo_name = name) || (logo_name = @auth[:logo_missing])
+              provider_attr[:image] = get_logo logo_name
+              provider_attr[:image_alt]   = "#{provider_attr[:name]} logo"
+              provider_attr[:image_title] = "Connect with #{provider_attr[:name]}"
+            end
+            providers.push provider_attr
+          end
+        providers
+      end
+      
+      def has_logo?(name)
+        File.exists?(@auth[:path_images] + '/' + name + @auth[:logo_suffix])
+      end
+      
+      def get_logo(name)
+        @auth[:route_prefix] + "/images/#{name}" + @auth[:logo_suffix]
+      end
+    end
+  end
+end

metadata

@@ -0,0 +1,106 @@
+--- !ruby/object:Gem::Specification
+name: omnigollum
+version: !ruby/object:Gem::Version
+  version: 0.1.1
+platform: ruby
+authors:
+- Arran Cudbard-Bell
+- Tenshi Hinanawi
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2013-09-28 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: gollum
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: omniauth
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: mustache
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+description: |
+  Omnigollum adds support for OmniAuth in Gollum. It executes an OmniAuth::Builder proc/block to figure out which providers you've configured, then passes it on to omniauth to create the actual omniauth configuration.
+
+  See https://github.com/arr2036/omnigollum for usage instructions.
+email: a.cudbardb@gmail.com
+executables: []
+extensions: []
+extra_rdoc_files:
+- Readme.md
+- LICENSE
+files:
+- Readme.md
+- LICENSE
+- lib/omnigollum.rb
+- public/images/bitly_logo.png
+- public/images/blogger_logo.png
+- public/images/facebook_logo.png
+- public/images/github_logo.png
+- public/images/google_logo.png
+- public/images/omniauth_logo.png
+- public/images/open_id_logo.png
+- public/images/twitter_logo.png
+- public/images/youtube_logo.png
+- templates/Login.mustache
+- views/login.rb
+homepage: https://github.com/arr2036/omnigollum
+licenses:
+- MIT
+metadata: {}
+post_install_message: 
+rdoc_options:
+- --charset=UTF-8
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.1.5
+signing_key: 
+specification_version: 4
+summary: Omnigollum makes it easy to use OmniAuth with Gollum
+test_files: []