oxd-ruby 0.1.3

data/demosite/config/routes.rb

@@ -0,0 +1,62 @@
+Rails.application.routes.draw do
+
+  root 'home#index'
+  get '/register_site' => 'home#register_site'
+  get '/login' => 'home#login'
+  get '/logout' => 'home#logout'
+  
+  # The priority is based upon order of creation: first created -> highest priority.
+  # See how all your routes lay out with "rake routes".
+
+  # You can have the root of your site routed with "root"
+  # root 'welcome#index'
+
+  # Example of regular route:
+  #   get 'products/:id' => 'catalog#view'
+
+  # Example of named route that can be invoked with purchase_url(id: product.id)
+  #   get 'products/:id/purchase' => 'catalog#purchase', as: :purchase
+
+  # Example resource route (maps HTTP verbs to controller actions automatically):
+  #   resources :products
+
+  # Example resource route with options:
+  #   resources :products do
+  #     member do
+  #       get 'short'
+  #       post 'toggle'
+  #     end
+  #
+  #     collection do
+  #       get 'sold'
+  #     end
+  #   end
+
+  # Example resource route with sub-resources:
+  #   resources :products do
+  #     resources :comments, :sales
+  #     resource :seller
+  #   end
+
+  # Example resource route with more complex sub-resources:
+  #   resources :products do
+  #     resources :comments
+  #     resources :sales do
+  #       get 'recent', on: :collection
+  #     end
+  #   end
+
+  # Example resource route with concerns:
+  #   concern :toggleable do
+  #     post 'toggle'
+  #   end
+  #   resources :posts, concerns: :toggleable
+  #   resources :photos, concerns: :toggleable
+
+  # Example resource route within a namespace:
+  #   namespace :admin do
+  #     # Directs /admin/products/* to Admin::ProductsController
+  #     # (app/controllers/admin/products_controller.rb)
+  #     resources :products
+  #   end
+end

data/demosite/config/secrets.yml

@@ -0,0 +1,22 @@
+# Be sure to restart your server when you modify this file.
+
+# Your secret key is used for verifying the integrity of signed cookies.
+# If you change this key, all old signed cookies will become invalid!
+
+# Make sure the secret is at least 30 characters and all random,
+# no regular words or you'll be exposed to dictionary attacks.
+# You can use `rake secret` to generate a secure secret key.
+
+# Make sure the secrets in this file are kept private
+# if you're sharing your code publicly.
+
+development:
+  secret_key_base: 0f47ceb46a550829fa1fb201733c705efcf764bc393c9c98cc7e912302301dda7683732280ed3d3d4d75aba03649710e4da50149664d87275199ef40a9f154c0
+
+test:
+  secret_key_base: 0c254aef92862038a4463a9ca3f25e1856fece768c51a57ebb7e6b1e3d465536a2d7ca0322e99a397b7d399ec6139941b7a2876d42ef928b04544e5ca86a1d4a
+
+# Do not keep production secrets in the repository,
+# instead read values from the environment.
+production:
+  secret_key_base: <%= ENV["SECRET_KEY_BASE"] %>

data/demosite/db/seeds.rb

@@ -0,0 +1,7 @@
+# This file should contain all the record creation needed to seed the database with its default values.
+# The data can then be loaded with the rake db:seed (or created alongside the db with db:setup).
+#
+# Examples:
+#
+#   cities = City.create([{ name: 'Chicago' }, { name: 'Copenhagen' }])
+#   Mayor.create(name: 'Emanuel', city: cities.first)

data/demosite/public/404.html

@@ -0,0 +1,67 @@
+<!DOCTYPE html>
+<html>
+<head>
+  <title>The page you were looking for doesn't exist (404)</title>
+  <meta name="viewport" content="width=device-width,initial-scale=1">
+  <style>
+  body {
+    background-color: #EFEFEF;
+    color: #2E2F30;
+    text-align: center;
+    font-family: arial, sans-serif;
+    margin: 0;
+  }
+
+  div.dialog {
+    width: 95%;
+    max-width: 33em;
+    margin: 4em auto 0;
+  }
+
+  div.dialog > div {
+    border: 1px solid #CCC;
+    border-right-color: #999;
+    border-left-color: #999;
+    border-bottom-color: #BBB;
+    border-top: #B00100 solid 4px;
+    border-top-left-radius: 9px;
+    border-top-right-radius: 9px;
+    background-color: white;
+    padding: 7px 12% 0;
+    box-shadow: 0 3px 8px rgba(50, 50, 50, 0.17);
+  }
+
+  h1 {
+    font-size: 100%;
+    color: #730E15;
+    line-height: 1.5em;
+  }
+
+  div.dialog > p {
+    margin: 0 0 1em;
+    padding: 1em;
+    background-color: #F7F7F7;
+    border: 1px solid #CCC;
+    border-right-color: #999;
+    border-left-color: #999;
+    border-bottom-color: #999;
+    border-bottom-left-radius: 4px;
+    border-bottom-right-radius: 4px;
+    border-top-color: #DADADA;
+    color: #666;
+    box-shadow: 0 3px 8px rgba(50, 50, 50, 0.17);
+  }
+  </style>
+</head>
+
+<body>
+  <!-- This file lives in public/404.html -->
+  <div class="dialog">
+    <div>
+      <h1>The page you were looking for doesn't exist.</h1>
+      <p>You may have mistyped the address or the page may have moved.</p>
+    </div>
+    <p>If you are the application owner check the logs for more information.</p>
+  </div>
+</body>
+</html>

data/demosite/public/422.html

@@ -0,0 +1,67 @@
+<!DOCTYPE html>
+<html>
+<head>
+  <title>The change you wanted was rejected (422)</title>
+  <meta name="viewport" content="width=device-width,initial-scale=1">
+  <style>
+  body {
+    background-color: #EFEFEF;
+    color: #2E2F30;
+    text-align: center;
+    font-family: arial, sans-serif;
+    margin: 0;
+  }
+
+  div.dialog {
+    width: 95%;
+    max-width: 33em;
+    margin: 4em auto 0;
+  }
+
+  div.dialog > div {
+    border: 1px solid #CCC;
+    border-right-color: #999;
+    border-left-color: #999;
+    border-bottom-color: #BBB;
+    border-top: #B00100 solid 4px;
+    border-top-left-radius: 9px;
+    border-top-right-radius: 9px;
+    background-color: white;
+    padding: 7px 12% 0;
+    box-shadow: 0 3px 8px rgba(50, 50, 50, 0.17);
+  }
+
+  h1 {
+    font-size: 100%;
+    color: #730E15;
+    line-height: 1.5em;
+  }
+
+  div.dialog > p {
+    margin: 0 0 1em;
+    padding: 1em;
+    background-color: #F7F7F7;
+    border: 1px solid #CCC;
+    border-right-color: #999;
+    border-left-color: #999;
+    border-bottom-color: #999;
+    border-bottom-left-radius: 4px;
+    border-bottom-right-radius: 4px;
+    border-top-color: #DADADA;
+    color: #666;
+    box-shadow: 0 3px 8px rgba(50, 50, 50, 0.17);
+  }
+  </style>
+</head>
+
+<body>
+  <!-- This file lives in public/422.html -->
+  <div class="dialog">
+    <div>
+      <h1>The change you wanted was rejected.</h1>
+      <p>Maybe you tried to change something you didn't have access to.</p>
+    </div>
+    <p>If you are the application owner check the logs for more information.</p>
+  </div>
+</body>
+</html>

data/demosite/public/500.html

@@ -0,0 +1,66 @@
+<!DOCTYPE html>
+<html>
+<head>
+  <title>We're sorry, but something went wrong (500)</title>
+  <meta name="viewport" content="width=device-width,initial-scale=1">
+  <style>
+  body {
+    background-color: #EFEFEF;
+    color: #2E2F30;
+    text-align: center;
+    font-family: arial, sans-serif;
+    margin: 0;
+  }
+
+  div.dialog {
+    width: 95%;
+    max-width: 33em;
+    margin: 4em auto 0;
+  }
+
+  div.dialog > div {
+    border: 1px solid #CCC;
+    border-right-color: #999;
+    border-left-color: #999;
+    border-bottom-color: #BBB;
+    border-top: #B00100 solid 4px;
+    border-top-left-radius: 9px;
+    border-top-right-radius: 9px;
+    background-color: white;
+    padding: 7px 12% 0;
+    box-shadow: 0 3px 8px rgba(50, 50, 50, 0.17);
+  }
+
+  h1 {
+    font-size: 100%;
+    color: #730E15;
+    line-height: 1.5em;
+  }
+
+  div.dialog > p {
+    margin: 0 0 1em;
+    padding: 1em;
+    background-color: #F7F7F7;
+    border: 1px solid #CCC;
+    border-right-color: #999;
+    border-left-color: #999;
+    border-bottom-color: #999;
+    border-bottom-left-radius: 4px;
+    border-bottom-right-radius: 4px;
+    border-top-color: #DADADA;
+    color: #666;
+    box-shadow: 0 3px 8px rgba(50, 50, 50, 0.17);
+  }
+  </style>
+</head>
+
+<body>
+  <!-- This file lives in public/500.html -->
+  <div class="dialog">
+    <div>
+      <h1>We're sorry, but something went wrong.</h1>
+    </div>
+    <p>If you are the application owner check the logs for more information.</p>
+  </div>
+</body>
+</html>

data/demosite/public/robots.txt

@@ -0,0 +1,5 @@
+# See http://www.robotstxt.org/robotstxt.html for documentation on how to use the robots.txt file
+#
+# To ban all spiders from the entire site uncomment the next two lines:
+# User-agent: *
+# Disallow: /

data/demosite/test/test_helper.rb

@@ -0,0 +1,10 @@
+ENV['RAILS_ENV'] ||= 'test'
+require File.expand_path('../../config/environment', __FILE__)
+require 'rails/test_help'
+
+class ActiveSupport::TestCase
+  # Setup all fixtures in test/fixtures/*.yml for all tests in alphabetical order.
+  fixtures :all
+
+  # Add more helper methods to be used by all tests here...
+end

data/lib/generators/oxd/config_generator.rb

@@ -0,0 +1,22 @@
+module Oxd
+
+  # Generator module for oxd_config.rb
+  module Generators
+
+    # class to generate oxd config file through "rails generate" command
+    # @example
+    #   rails generate oxd:config
+    class ConfigGenerator < Rails::Generators::Base
+      source_root File.expand_path(File.join(File.dirname(__FILE__), 'templates'))
+
+      desc <<DESC
+      Description:
+          Copies Oxd configuration file to your application's initializer directory.
+DESC
+      # copies oxd_config.rb template to 'config/initializers/oxd_config.rb'
+      def copy_config_file
+        template 'oxd_config.rb', 'config/initializers/oxd_config.rb'
+      end
+    end
+  end
+end

data/lib/generators/oxd/templates/oxd_config.rb

@@ -0,0 +1,19 @@
+# Sample config file
+Oxd.configure do |config|
+  	config.oxd_host_ip                			= '127.0.0.1'
+	config.oxd_host_port      		  			= 8099
+	config.authorization_redirect_uri 			= "https://domain.example.com/callback"
+	config.logout_redirect_uri 		  			= "https://domain.example.com/callback2"
+	config.post_logout_redirect_uri	  			= "https://domain.example.com/logout"
+	config.scope					  			= [ "openid", "profile" ]
+	config.application_type       	  			= "web"
+	config.redirect_uris     		  			= ["https://domain.example.com/callback" ]
+	config.client_jwks_uri			  			= ""
+	config.client_token_endpoint_auth_method	= ""
+	config.client_request_uris					= []
+	config.contacts								= ["example-email@gmail.com"]
+	config.grant_types							= []
+	config.response_types     		  			= ["code"]
+	config.acr_values 				  			= ["basic"]
+	config.client_logout_uris		  			= ['https://domain.example.com/logout']
+end

data/lib/oxd-ruby.rb

@@ -0,0 +1,11 @@
+# load oxd components
+require 'oxd/config'
+require 'oxd/oxd_connector'
+require 'oxd/client_oxd_commands'
+
+# @author Inderpal Singh
+# Oxd Module namespace
+# oxd_version 2.4.3	
+module Oxd
+	
+end

data/lib/oxd/client_oxd_commands.rb

@@ -0,0 +1,147 @@
+# @author Inderpal Singh
+# @note supports oxd-version 2.4.3
+module Oxd
+
+	require 'json'
+
+	# This class carries out the commands to talk with the oxD server.
+	# The oxD request commands are provided as class methods that can be called to send the command 
+	# 	to the oxD server via socket and the reponse is returned as a dict by the called method.
+	class ClientOxdCommands < OxdConnector	
+
+		# class constructor
+		def initialize
+			super
+		end
+
+		# @return [String] oxd_id of the registered website
+		# method to register the website and generate a unique ID for that website
+		def register_site			
+			if(!@configuration.oxd_id.empty?) # Check if client is already registered
+				return @configuration.oxd_id
+			else
+				@command = 'register_site'
+				@configuration.scope = [ "openid", "profile","email"]
+				@params = {
+		        	"authorization_redirect_uri" => @configuration.authorization_redirect_uri,
+		            "post_logout_redirect_uri" => @configuration.post_logout_redirect_uri,
+		            "application_type" => @configuration.application_type,
+		            "redirect_uris" => @configuration.redirect_uris,
+		            "acr_values" => @configuration.acr_values,
+		            "scope" => @configuration.scope,
+		            "client_jwks_uri" => @configuration.client_jwks_uri,
+		            "client_token_endpoint_auth_method" => @configuration.client_token_endpoint_auth_method,
+		            "client_request_uris" => @configuration.client_request_uris,
+		            "contacts" => @configuration.contacts,
+		            "grant_types" => @configuration.grant_types,
+		            "response_types"=> @configuration.response_types,
+		            "client_logout_uris"=> @configuration.client_logout_uris
+		        }
+		        request
+		        @configuration.oxd_id = getResponseData['oxd_id']
+		    end	        
+		end
+
+		# @return [String] stored(in oxd_config) oxd_id of the registered website
+	    def getOxdId
+        	return @configuration.oxd_id
+	    end
+		
+		# @param acr_values [Array] OPTIONAL, list of acr values in the order of priority
+		# @return [String] authorization_url
+		# method to get authorization url that the user must be redirected to for authorization and authentication
+		def get_authorization_url(acr_values = [""])
+			@command = 'get_authorization_url'
+			@params = {
+	            "oxd_id" => @configuration.oxd_id,
+	            "acr_values" => acr_values || @configuration.acr_values
+        	}
+		    request
+		    getResponseData['authorization_url']
+		end
+
+		# @param code [String] code obtained from the authorization url callback
+		# @param scopes [Array] scopes authorized by the OP, obtained from the authorization url callback
+		# @param state [String] state key obtained from the authorization url callback
+		# @return [String] access_token
+		# method to retrieve access token. It is called after the user authorizes by visiting the authorization url.
+		def get_tokens_by_code( code, scopes, state = nil)
+            if (code.empty? || scopes.empty? || (!scopes.kind_of? Array))
+            	logger(:log_msg => "Empty/Wrong value in place of code or scope.")
+        	end
+			@command = 'get_tokens_by_code'
+			@params = {
+	            "oxd_id" => @configuration.oxd_id,
+	            "code" => code,
+	            "scopes" => scopes,
+	            "state" => state
+        	}        	
+			request
+			getResponseData['access_token']
+		end
+
+		# @param access_token [String] access token recieved from the get_tokens_by_code command
+		# @return [String] user data claims that are returned by the OP
+		# get the information about the user using the access token obtained from the OP
+		def get_user_info(access_token)
+			if access_token.empty?
+	            logger(:log_msg => "Empty access code sent for get_user_info", :error => "Empty access code")
+	        end
+			@command = 'get_user_info'
+	    	@params = {
+	            "oxd_id" => @configuration.oxd_id,
+	            "access_token" => access_token
+        	}
+        	request
+			getResponseData['claims']
+		end
+
+		# @param access_token [String] REQUIRED, oxd server will use last used access token		
+		# @param state [String] OPTIONAL, website state obtained from the authorization url callback
+		# @param session_state [String] OPTIONAL, session state obtained from the authorization url callback
+		# @return [String] uri
+		# method to retrieve logout url from OP. User must be redirected to this url to perform logout
+		def get_logout_uri(access_token, state = nil, session_state = nil)
+			@command = 'get_logout_uri'
+			@params = {
+	            "oxd_id" => @configuration.oxd_id,
+	            "id_token_hint" => access_token,	            
+	            "post_logout_redirect_uri" => @configuration.post_logout_redirect_uri, 
+	            "state" => state,
+	            "session_state" => session_state
+        	}
+        	request
+        	getResponseData['uri']
+		end
+
+		# @return [Boolean] status - if site registration was updated successfully or not
+		# method to update the website's information with OpenID Provider. 
+		# 	This should be called after changing the values in the oxd_config file.
+		def update_site_registration
+	    	@command = 'update_site_registration'
+        	@params = {
+	        	"authorization_redirect_uri" => @configuration.authorization_redirect_uri,
+	        	"oxd_id" => @configuration.oxd_id,
+	            "post_logout_redirect_uri" => @configuration.post_logout_redirect_uri,
+	            "application_type" => @configuration.application_type,
+	            "redirect_uris" => @configuration.redirect_uris,
+	            "acr_values" => @configuration.acr_values,
+	            "scope" => @configuration.scope,
+	            "client_jwks_uri" => @configuration.client_jwks_uri,
+	            "client_token_endpoint_auth_method" => @configuration.client_token_endpoint_auth_method,
+	            "client_request_uris" => @configuration.client_request_uris,
+	            "contacts" => @configuration.contacts,
+	            "grant_types" => @configuration.grant_types,
+	            "response_types"=> @configuration.response_types,
+	            "client_logout_uris"=> @configuration.client_logout_uris
+	        }
+	        request
+	        if @response_object['status'] == "ok"
+	        	@configuration.oxd_id = getResponseData['oxd_id']
+	            return true
+	        else
+	            return false
+	        end
+		end
+	end
+end