prx_auth-rails 0.0.4 → 1.2.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +5 -5
- data/.gitignore +2 -0
- data/Guardfile +8 -0
- data/README.md +24 -1
- data/Rakefile +10 -1
- data/lib/prx_auth/rails.rb +9 -2
- data/lib/prx_auth/rails/configuration.rb +17 -0
- data/lib/prx_auth/rails/ext/controller.rb +7 -1
- data/lib/prx_auth/rails/railtie.rb +2 -2
- data/lib/prx_auth/rails/token.rb +31 -0
- data/lib/prx_auth/rails/version.rb +1 -1
- data/prx_auth-rails.gemspec +13 -3
- data/test/log/development.log +0 -0
- data/test/prx_auth/rails/configuration_test.rb +30 -0
- data/test/prx_auth/rails/token_test.rb +45 -0
- data/test/test_helper.rb +24 -0
- metadata +103 -22
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
|
-
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
2
|
+
SHA256:
|
3
|
+
metadata.gz: 5204c5e69c74ec1fa4d6acf36b64c62700ba72d5308a020deee0526ff4dd5499
|
4
|
+
data.tar.gz: c5bbf5402868c36ba3e2c011eb4eb906d895e3b5237975a329099047f39a8cb3
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 0d3c3f2ba128a55921138c56e1c052ef6dfd030f720886daa5b77d831545ae9c093ac6c19cbc9887c41b17003142fe2c6eedbf18f6a102ce5e08ec7179556b49
|
7
|
+
data.tar.gz: cedc895cbe9b69bd7f87c365c7a0bf606236291e7572a7da5395c110612adf1e4164e40ed02e1f00517ee89da3e7c26563329b82bdb7026db4b563c113758fcf
|
data/.gitignore
CHANGED
data/Guardfile
ADDED
@@ -0,0 +1,8 @@
|
|
1
|
+
guard :minitest, all_after_pass: true do
|
2
|
+
watch(%r{^test/(.*)\/?test_(.*)\.rb})
|
3
|
+
watch(%r{^lib/(.*/)?([^/]+)\.rb}) { |m| "test/#{m[1]}test_#{m[2]}.rb" }
|
4
|
+
watch(%r{^lib/(.+)\.rb}) { |m| "test/#{m[1]}_test.rb" }
|
5
|
+
watch(%r{^lib/(.+)\.rb}) { |m| "test/#{m[1]}_test.rb" }
|
6
|
+
watch(%r{^test/.+_test\.rb})
|
7
|
+
watch(%r{^test/test_helper\.rb}) { 'test' }
|
8
|
+
end
|
data/README.md
CHANGED
@@ -14,7 +14,30 @@ And then execute:
|
|
14
14
|
|
15
15
|
## Usage
|
16
16
|
|
17
|
-
|
17
|
+
Installing the gem in a Rails project will automatically add the appropriate Rack middleware to your Rails application and add two methods to your controllers. These methods are:
|
18
|
+
|
19
|
+
* `prx_auth_token`: returns a token (similar to PrxAuth::Token) which automatically namespaces queries. The main methods you will be interested in are `authorized?`, `globally_authorized?` and `resources`. More information can be found in PrxAuth.
|
20
|
+
|
21
|
+
* `prx_authenticated?`: returns whether or not this request includes a valid PrxAuth token.
|
22
|
+
|
23
|
+
### Configuration
|
24
|
+
|
25
|
+
Generally, configuration is not required and the gem aims for great defaults, but you can override some settings if you need to change the default behavior.
|
26
|
+
|
27
|
+
In your rails app, add a file to config/initializers called `prx_auth.rb`:
|
28
|
+
|
29
|
+
```ruby
|
30
|
+
PrxAuth::Rails.configure do |config|
|
31
|
+
|
32
|
+
# enables automatic installation of token parser middleware
|
33
|
+
config.install_middleware = false # default: true
|
34
|
+
|
35
|
+
# automatically adds namespace to all scoped queries, e.g. .authorized?(:foo) will be treated
|
36
|
+
# as .authorized?(:my_great_ns, :foo). Has no impact on unscoped queries.
|
37
|
+
config.namespace = :my_great_ns # default: derived from Rails::Application name.
|
38
|
+
# e.g. class Feeder < Rails::Application => :feeder
|
39
|
+
end
|
40
|
+
```
|
18
41
|
|
19
42
|
## Contributing
|
20
43
|
|
data/Rakefile
CHANGED
data/lib/prx_auth/rails.rb
CHANGED
@@ -1,10 +1,17 @@
|
|
1
1
|
require "prx_auth/rails/version"
|
2
|
+
require "prx_auth/rails/configuration"
|
2
3
|
require "prx_auth/rails/railtie" if defined?(Rails)
|
4
|
+
|
3
5
|
module PrxAuth
|
4
6
|
module Rails
|
5
7
|
class << self
|
6
|
-
attr_accessor :
|
8
|
+
attr_accessor :configuration
|
9
|
+
|
10
|
+
def configure
|
11
|
+
yield configuration
|
12
|
+
end
|
7
13
|
end
|
8
|
-
|
14
|
+
|
15
|
+
self.configuration = Configuration.new
|
9
16
|
end
|
10
17
|
end
|
@@ -0,0 +1,17 @@
|
|
1
|
+
class PrxAuth::Rails::Configuration
|
2
|
+
attr_accessor :install_middleware, :namespace
|
3
|
+
|
4
|
+
def initialize
|
5
|
+
@install_middleware = true
|
6
|
+
if defined?(::Rails)
|
7
|
+
klass = ::Rails.application.class
|
8
|
+
klass_name = if klass.parent_name.present?
|
9
|
+
klass.parent_name
|
10
|
+
else
|
11
|
+
klass.name
|
12
|
+
end
|
13
|
+
|
14
|
+
@namespace = klass_name.underscore.intern
|
15
|
+
end
|
16
|
+
end
|
17
|
+
end
|
@@ -1,8 +1,14 @@
|
|
1
|
+
require 'prx_auth/rails/token'
|
2
|
+
|
1
3
|
module PrxAuth
|
2
4
|
module Rails
|
3
5
|
module Controller
|
4
6
|
def prx_auth_token
|
5
|
-
|
7
|
+
if !defined? @_prx_auth_token
|
8
|
+
@_prx_auth_token = request.env['prx.auth'] && PrxAuth::Rails::Token.new(request.env['prx.auth'])
|
9
|
+
else
|
10
|
+
@_prx_auth_token
|
11
|
+
end
|
6
12
|
end
|
7
13
|
|
8
14
|
def prx_authenticated?
|
@@ -9,8 +9,8 @@ module PrxAuth::Rails
|
|
9
9
|
end
|
10
10
|
|
11
11
|
initializer 'prx_auth.insert_middleware' do |app|
|
12
|
-
if PrxAuth::Rails.
|
13
|
-
app.config.middleware.
|
12
|
+
if PrxAuth::Rails.configuration.install_middleware
|
13
|
+
app.config.middleware.insert_after Rack::Head, Rack::PrxAuth
|
14
14
|
end
|
15
15
|
end
|
16
16
|
end
|
@@ -0,0 +1,31 @@
|
|
1
|
+
require 'rack/prx_auth'
|
2
|
+
|
3
|
+
class PrxAuth::Rails::Token
|
4
|
+
def initialize(token_data)
|
5
|
+
@token_data = token_data
|
6
|
+
@namespace = PrxAuth::Rails.configuration.namespace
|
7
|
+
end
|
8
|
+
|
9
|
+
def authorized?(resource, namespace=nil, scope=nil)
|
10
|
+
namespace, scope = @namespace, namespace if scope.nil? && !namespace.nil?
|
11
|
+
@token_data.authorized?(resource, namespace, scope)
|
12
|
+
end
|
13
|
+
|
14
|
+
def globally_authorized?(namespace, scope=nil)
|
15
|
+
namespace, scope = @namespace, namespace if scope.nil?
|
16
|
+
@token_data.globally_authorized?(namespace, scope)
|
17
|
+
end
|
18
|
+
|
19
|
+
def resources(namespace=nil, scope=nil)
|
20
|
+
namespace, scope = @namespace, namespace if scope.nil? && !namespace.nil?
|
21
|
+
@token_data.resources(namespace, scope)
|
22
|
+
end
|
23
|
+
|
24
|
+
def scopes
|
25
|
+
@token_data.scopes
|
26
|
+
end
|
27
|
+
|
28
|
+
def user_id
|
29
|
+
@token_data.user_id
|
30
|
+
end
|
31
|
+
end
|
data/prx_auth-rails.gemspec
CHANGED
@@ -15,13 +15,23 @@ Gem::Specification.new do |spec|
|
|
15
15
|
spec.homepage = "https://github.com/PRX/prx_auth-rails"
|
16
16
|
spec.license = "MIT"
|
17
17
|
|
18
|
+
spec.required_ruby_version = '>= 2.3'
|
19
|
+
|
18
20
|
spec.files = `git ls-files`.split($/)
|
19
21
|
spec.executables = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
|
20
22
|
spec.test_files = spec.files.grep(%r{^(test|spec|features)/})
|
21
23
|
spec.require_paths = ["lib"]
|
22
24
|
|
23
|
-
spec.
|
24
|
-
|
25
|
+
spec.add_runtime_dependency 'actionpack'
|
26
|
+
|
27
|
+
spec.add_development_dependency 'bundler'
|
28
|
+
spec.add_development_dependency 'rake'
|
29
|
+
spec.add_development_dependency 'coveralls', '~> 0'
|
30
|
+
spec.add_development_dependency 'guard'
|
31
|
+
spec.add_development_dependency 'guard-minitest'
|
32
|
+
spec.add_development_dependency 'rails'
|
33
|
+
|
34
|
+
|
25
35
|
|
26
|
-
spec.add_runtime_dependency
|
36
|
+
spec.add_runtime_dependency 'prx_auth', "~> 1.2"
|
27
37
|
end
|
File without changes
|
@@ -0,0 +1,30 @@
|
|
1
|
+
require 'test_helper'
|
2
|
+
|
3
|
+
describe PrxAuth::Rails::Configuration do
|
4
|
+
|
5
|
+
after(:each) { PrxAuth::Rails.configuration = PrxAuth::Rails::Configuration.new }
|
6
|
+
subject { PrxAuth::Rails::Configuration.new }
|
7
|
+
|
8
|
+
it 'initializes with a namespace defined by rails app name' do
|
9
|
+
assert subject.namespace == :test_app
|
10
|
+
end
|
11
|
+
|
12
|
+
it 'can be reconfigured using the namespace attr' do
|
13
|
+
PrxAuth::Rails.configure do |config|
|
14
|
+
config.namespace = :new_test
|
15
|
+
end
|
16
|
+
|
17
|
+
assert PrxAuth::Rails.configuration.namespace == :new_test
|
18
|
+
end
|
19
|
+
|
20
|
+
it 'defaults to enabling the middleware' do
|
21
|
+
assert PrxAuth::Rails.configuration.install_middleware
|
22
|
+
end
|
23
|
+
|
24
|
+
it 'allows overriding of the middleware automatic installation' do
|
25
|
+
PrxAuth::Rails.configure do |config|
|
26
|
+
config.install_middleware = false
|
27
|
+
end
|
28
|
+
assert !PrxAuth::Rails.configuration.install_middleware
|
29
|
+
end
|
30
|
+
end
|
@@ -0,0 +1,45 @@
|
|
1
|
+
require 'test_helper'
|
2
|
+
|
3
|
+
describe PrxAuth::Rails::Token do
|
4
|
+
let (:aur) { { "123" => "test_app:read other_namespace:write", "*" => "test_app:add" } }
|
5
|
+
let (:sub) { "123" }
|
6
|
+
let (:scope) { "one two three" }
|
7
|
+
let (:token_data) { Rack::PrxAuth::TokenData.new("aur" => aur, "scope" => scope, "sub" => sub)}
|
8
|
+
let (:mock_token_data) { Minitest::Mock.new(token_data) }
|
9
|
+
let (:token) { PrxAuth::Rails::Token.new(mock_token_data) }
|
10
|
+
|
11
|
+
it 'automatically namespaces requests' do
|
12
|
+
mock_token_data.expect(:authorized?, true, ["123", :test_app, :read])
|
13
|
+
assert token.authorized?("123", :read)
|
14
|
+
|
15
|
+
mock_token_data.expect(:resources, ["123"], [:test_app, :read])
|
16
|
+
assert token.resources(:read) === ['123']
|
17
|
+
|
18
|
+
mock_token_data.expect(:globally_authorized?, true, [:test_app, :add])
|
19
|
+
assert token.globally_authorized?(:add)
|
20
|
+
|
21
|
+
mock_token_data.verify
|
22
|
+
end
|
23
|
+
|
24
|
+
it 'allows unscoped calls to authorized?' do
|
25
|
+
assert token.authorized?("123")
|
26
|
+
end
|
27
|
+
|
28
|
+
it 'allows unscoped calls to resources' do
|
29
|
+
assert token.resources == [ "123" ]
|
30
|
+
end
|
31
|
+
|
32
|
+
it 'allows manual setting of namespace' do
|
33
|
+
assert token.authorized?("123", :other_namespace, :write)
|
34
|
+
assert !token.authorized?("123", :other_namespace, :read)
|
35
|
+
|
36
|
+
assert token.resources(:other_namespace, :write) == ["123"]
|
37
|
+
assert token.resources(:other_namespace, :read) == []
|
38
|
+
|
39
|
+
assert token.globally_authorized?(:add)
|
40
|
+
assert token.globally_authorized?(:test_app, :add)
|
41
|
+
assert !token.globally_authorized?(:other_namespace, :add)
|
42
|
+
end
|
43
|
+
|
44
|
+
|
45
|
+
end
|
data/test/test_helper.rb
ADDED
@@ -0,0 +1,24 @@
|
|
1
|
+
require 'coveralls'
|
2
|
+
Coveralls.wear!
|
3
|
+
|
4
|
+
$LOAD_PATH.unshift File.expand_path('../../lib', __FILE__)
|
5
|
+
|
6
|
+
require 'minitest/autorun'
|
7
|
+
require 'minitest/spec'
|
8
|
+
require 'minitest/pride'
|
9
|
+
require 'action_pack'
|
10
|
+
require 'action_controller'
|
11
|
+
require 'action_view'
|
12
|
+
require 'rails'
|
13
|
+
require 'rails/generators'
|
14
|
+
require 'rails/generators/test_case'
|
15
|
+
# Bundler.require(:default)
|
16
|
+
|
17
|
+
class TestApp < Rails::Application
|
18
|
+
config.root = File.dirname(__FILE__)
|
19
|
+
config.eager_load = false
|
20
|
+
end
|
21
|
+
|
22
|
+
TestApp.initialize!
|
23
|
+
|
24
|
+
require 'prx_auth/rails'
|
metadata
CHANGED
@@ -1,75 +1,153 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: prx_auth-rails
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version:
|
4
|
+
version: 1.2.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Chris Rhoden
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2020-08-10 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
|
+
- !ruby/object:Gem::Dependency
|
14
|
+
name: actionpack
|
15
|
+
requirement: !ruby/object:Gem::Requirement
|
16
|
+
requirements:
|
17
|
+
- - ">="
|
18
|
+
- !ruby/object:Gem::Version
|
19
|
+
version: '0'
|
20
|
+
type: :runtime
|
21
|
+
prerelease: false
|
22
|
+
version_requirements: !ruby/object:Gem::Requirement
|
23
|
+
requirements:
|
24
|
+
- - ">="
|
25
|
+
- !ruby/object:Gem::Version
|
26
|
+
version: '0'
|
13
27
|
- !ruby/object:Gem::Dependency
|
14
28
|
name: bundler
|
15
29
|
requirement: !ruby/object:Gem::Requirement
|
16
30
|
requirements:
|
17
|
-
- -
|
31
|
+
- - ">="
|
18
32
|
- !ruby/object:Gem::Version
|
19
|
-
version: '
|
33
|
+
version: '0'
|
20
34
|
type: :development
|
21
35
|
prerelease: false
|
22
36
|
version_requirements: !ruby/object:Gem::Requirement
|
23
37
|
requirements:
|
24
|
-
- -
|
38
|
+
- - ">="
|
25
39
|
- !ruby/object:Gem::Version
|
26
|
-
version: '
|
40
|
+
version: '0'
|
27
41
|
- !ruby/object:Gem::Dependency
|
28
42
|
name: rake
|
29
43
|
requirement: !ruby/object:Gem::Requirement
|
30
44
|
requirements:
|
31
|
-
- -
|
45
|
+
- - ">="
|
46
|
+
- !ruby/object:Gem::Version
|
47
|
+
version: '0'
|
48
|
+
type: :development
|
49
|
+
prerelease: false
|
50
|
+
version_requirements: !ruby/object:Gem::Requirement
|
51
|
+
requirements:
|
52
|
+
- - ">="
|
53
|
+
- !ruby/object:Gem::Version
|
54
|
+
version: '0'
|
55
|
+
- !ruby/object:Gem::Dependency
|
56
|
+
name: coveralls
|
57
|
+
requirement: !ruby/object:Gem::Requirement
|
58
|
+
requirements:
|
59
|
+
- - "~>"
|
60
|
+
- !ruby/object:Gem::Version
|
61
|
+
version: '0'
|
62
|
+
type: :development
|
63
|
+
prerelease: false
|
64
|
+
version_requirements: !ruby/object:Gem::Requirement
|
65
|
+
requirements:
|
66
|
+
- - "~>"
|
67
|
+
- !ruby/object:Gem::Version
|
68
|
+
version: '0'
|
69
|
+
- !ruby/object:Gem::Dependency
|
70
|
+
name: guard
|
71
|
+
requirement: !ruby/object:Gem::Requirement
|
72
|
+
requirements:
|
73
|
+
- - ">="
|
32
74
|
- !ruby/object:Gem::Version
|
33
75
|
version: '0'
|
34
76
|
type: :development
|
35
77
|
prerelease: false
|
36
78
|
version_requirements: !ruby/object:Gem::Requirement
|
37
79
|
requirements:
|
38
|
-
- -
|
80
|
+
- - ">="
|
39
81
|
- !ruby/object:Gem::Version
|
40
82
|
version: '0'
|
41
83
|
- !ruby/object:Gem::Dependency
|
42
|
-
name:
|
84
|
+
name: guard-minitest
|
43
85
|
requirement: !ruby/object:Gem::Requirement
|
44
86
|
requirements:
|
45
|
-
- -
|
87
|
+
- - ">="
|
46
88
|
- !ruby/object:Gem::Version
|
47
|
-
version: 0
|
89
|
+
version: '0'
|
90
|
+
type: :development
|
91
|
+
prerelease: false
|
92
|
+
version_requirements: !ruby/object:Gem::Requirement
|
93
|
+
requirements:
|
94
|
+
- - ">="
|
95
|
+
- !ruby/object:Gem::Version
|
96
|
+
version: '0'
|
97
|
+
- !ruby/object:Gem::Dependency
|
98
|
+
name: rails
|
99
|
+
requirement: !ruby/object:Gem::Requirement
|
100
|
+
requirements:
|
101
|
+
- - ">="
|
102
|
+
- !ruby/object:Gem::Version
|
103
|
+
version: '0'
|
104
|
+
type: :development
|
105
|
+
prerelease: false
|
106
|
+
version_requirements: !ruby/object:Gem::Requirement
|
107
|
+
requirements:
|
108
|
+
- - ">="
|
109
|
+
- !ruby/object:Gem::Version
|
110
|
+
version: '0'
|
111
|
+
- !ruby/object:Gem::Dependency
|
112
|
+
name: prx_auth
|
113
|
+
requirement: !ruby/object:Gem::Requirement
|
114
|
+
requirements:
|
115
|
+
- - "~>"
|
116
|
+
- !ruby/object:Gem::Version
|
117
|
+
version: '1.2'
|
48
118
|
type: :runtime
|
49
119
|
prerelease: false
|
50
120
|
version_requirements: !ruby/object:Gem::Requirement
|
51
121
|
requirements:
|
52
|
-
- - ~>
|
122
|
+
- - "~>"
|
53
123
|
- !ruby/object:Gem::Version
|
54
|
-
version:
|
55
|
-
description:
|
56
|
-
|
124
|
+
version: '1.2'
|
125
|
+
description: 'Rails integration for next generation PRX Authorization system.
|
126
|
+
|
127
|
+
'
|
57
128
|
email:
|
58
129
|
- carhoden@gmail.com
|
59
130
|
executables: []
|
60
131
|
extensions: []
|
61
132
|
extra_rdoc_files: []
|
62
133
|
files:
|
63
|
-
- .gitignore
|
134
|
+
- ".gitignore"
|
64
135
|
- Gemfile
|
136
|
+
- Guardfile
|
65
137
|
- LICENSE.txt
|
66
138
|
- README.md
|
67
139
|
- Rakefile
|
68
140
|
- lib/prx_auth/rails.rb
|
141
|
+
- lib/prx_auth/rails/configuration.rb
|
69
142
|
- lib/prx_auth/rails/ext/controller.rb
|
70
143
|
- lib/prx_auth/rails/railtie.rb
|
144
|
+
- lib/prx_auth/rails/token.rb
|
71
145
|
- lib/prx_auth/rails/version.rb
|
72
146
|
- prx_auth-rails.gemspec
|
147
|
+
- test/log/development.log
|
148
|
+
- test/prx_auth/rails/configuration_test.rb
|
149
|
+
- test/prx_auth/rails/token_test.rb
|
150
|
+
- test/test_helper.rb
|
73
151
|
homepage: https://github.com/PRX/prx_auth-rails
|
74
152
|
licenses:
|
75
153
|
- MIT
|
@@ -80,18 +158,21 @@ require_paths:
|
|
80
158
|
- lib
|
81
159
|
required_ruby_version: !ruby/object:Gem::Requirement
|
82
160
|
requirements:
|
83
|
-
- -
|
161
|
+
- - ">="
|
84
162
|
- !ruby/object:Gem::Version
|
85
|
-
version: '
|
163
|
+
version: '2.3'
|
86
164
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
87
165
|
requirements:
|
88
|
-
- -
|
166
|
+
- - ">="
|
89
167
|
- !ruby/object:Gem::Version
|
90
168
|
version: '0'
|
91
169
|
requirements: []
|
92
|
-
|
93
|
-
rubygems_version: 2.1.11
|
170
|
+
rubygems_version: 3.0.1
|
94
171
|
signing_key:
|
95
172
|
specification_version: 4
|
96
173
|
summary: Rails integration for next generation PRX Authorization system.
|
97
|
-
test_files:
|
174
|
+
test_files:
|
175
|
+
- test/log/development.log
|
176
|
+
- test/prx_auth/rails/configuration_test.rb
|
177
|
+
- test/prx_auth/rails/token_test.rb
|
178
|
+
- test/test_helper.rb
|