prx_auth-rails 0.3.0 → 1.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.gitignore +2 -0
- data/Guardfile +8 -0
- data/README.md +24 -1
- data/Rakefile +10 -1
- data/lib/prx_auth/rails.rb +9 -2
- data/lib/prx_auth/rails/configuration.rb +17 -0
- data/lib/prx_auth/rails/ext/controller.rb +7 -1
- data/lib/prx_auth/rails/railtie.rb +1 -1
- data/lib/prx_auth/rails/token.rb +31 -0
- data/lib/prx_auth/rails/version.rb +1 -1
- data/prx_auth-rails.gemspec +11 -3
- data/test/log/development.log +0 -0
- data/test/prx_auth/rails/configuration_test.rb +30 -0
- data/test/prx_auth/rails/token_test.rb +45 -0
- data/test/test_helper.rb +24 -0
- metadata +86 -5
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: fb5677550d3e64273eddb57f84d6dc658d3f9ed82a2cb01e6966d9267ad76b53
|
4
|
+
data.tar.gz: d6f0ec6305622e5dbdaaf747e78678361d70d92410f84f77396db5d1254de4ec
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 720cfa888bbc17b9a677bc8c1944f8735db028a8196f1f170dd18b301c547687b52f466f1c1759f09820064a8317dc4d1499855a60c80a81ba4d2dd464df84aa
|
7
|
+
data.tar.gz: 151ffa59471a1c5c7543148c93f29e02ed67cbcc2d06551f9451d1599375962685bcf460179570a5ea363a237c1958dcadba8a9b234eaf73261f4fc124a879aa
|
data/.gitignore
CHANGED
data/Guardfile
ADDED
@@ -0,0 +1,8 @@
|
|
1
|
+
guard :minitest, all_after_pass: true do
|
2
|
+
watch(%r{^test/(.*)\/?test_(.*)\.rb})
|
3
|
+
watch(%r{^lib/(.*/)?([^/]+)\.rb}) { |m| "test/#{m[1]}test_#{m[2]}.rb" }
|
4
|
+
watch(%r{^lib/(.+)\.rb}) { |m| "test/#{m[1]}_test.rb" }
|
5
|
+
watch(%r{^lib/(.+)\.rb}) { |m| "test/#{m[1]}_test.rb" }
|
6
|
+
watch(%r{^test/.+_test\.rb})
|
7
|
+
watch(%r{^test/test_helper\.rb}) { 'test' }
|
8
|
+
end
|
data/README.md
CHANGED
@@ -14,7 +14,30 @@ And then execute:
|
|
14
14
|
|
15
15
|
## Usage
|
16
16
|
|
17
|
-
|
17
|
+
Installing the gem in a Rails project will automatically add the appropriate Rack middleware to your Rails application and add two methods to your controllers. These methods are:
|
18
|
+
|
19
|
+
* `prx_auth_token`: returns a token (similar to PrxAuth::Token) which automatically namespaces queries. The main methods you will be interested in are `authorized?`, `globally_authorized?` and `resources`. More information can be found in PrxAuth.
|
20
|
+
|
21
|
+
* `prx_authenticated?`: returns whether or not this request includes a valid PrxAuth token.
|
22
|
+
|
23
|
+
### Configuration
|
24
|
+
|
25
|
+
Generally, configuration is not required and the gem aims for great defaults, but you can override some settings if you need to change the default behavior.
|
26
|
+
|
27
|
+
In your rails app, add a file to config/initializers called `prx_auth.rb`:
|
28
|
+
|
29
|
+
```ruby
|
30
|
+
PrxAuth::Rails.configure do |config|
|
31
|
+
|
32
|
+
# enables automatic installation of token parser middleware
|
33
|
+
config.install_middleware = false # default: true
|
34
|
+
|
35
|
+
# automatically adds namespace to all scoped queries, e.g. .authorized?(:foo) will be treated
|
36
|
+
# as .authorized?(:my_great_ns, :foo). Has no impact on unscoped queries.
|
37
|
+
config.namespace = :my_great_ns # default: derived from Rails::Application name.
|
38
|
+
# e.g. class Feeder < Rails::Application => :feeder
|
39
|
+
end
|
40
|
+
```
|
18
41
|
|
19
42
|
## Contributing
|
20
43
|
|
data/Rakefile
CHANGED
data/lib/prx_auth/rails.rb
CHANGED
@@ -1,10 +1,17 @@
|
|
1
1
|
require "prx_auth/rails/version"
|
2
|
+
require "prx_auth/rails/configuration"
|
2
3
|
require "prx_auth/rails/railtie" if defined?(Rails)
|
4
|
+
|
3
5
|
module PrxAuth
|
4
6
|
module Rails
|
5
7
|
class << self
|
6
|
-
attr_accessor :
|
8
|
+
attr_accessor :configuration
|
9
|
+
|
10
|
+
def configure
|
11
|
+
yield configuration
|
12
|
+
end
|
7
13
|
end
|
8
|
-
|
14
|
+
|
15
|
+
self.configuration = Configuration.new
|
9
16
|
end
|
10
17
|
end
|
@@ -0,0 +1,17 @@
|
|
1
|
+
class PrxAuth::Rails::Configuration
|
2
|
+
attr_accessor :install_middleware, :namespace
|
3
|
+
|
4
|
+
def initialize
|
5
|
+
@install_middleware = true
|
6
|
+
if defined?(::Rails)
|
7
|
+
klass = ::Rails.application.class
|
8
|
+
klass_name = if klass.parent_name.present?
|
9
|
+
klass.parent_name
|
10
|
+
else
|
11
|
+
klass.name
|
12
|
+
end
|
13
|
+
|
14
|
+
@namespace = klass_name.underscore.intern
|
15
|
+
end
|
16
|
+
end
|
17
|
+
end
|
@@ -1,8 +1,14 @@
|
|
1
|
+
require 'prx_auth/rails/token'
|
2
|
+
|
1
3
|
module PrxAuth
|
2
4
|
module Rails
|
3
5
|
module Controller
|
4
6
|
def prx_auth_token
|
5
|
-
|
7
|
+
if !defined? @_prx_auth_token
|
8
|
+
@_prx_auth_token = request.env['prx.auth'] && PrxAuth::Rails::Token.new(request.env['prx.auth'])
|
9
|
+
else
|
10
|
+
@_prx_auth_token
|
11
|
+
end
|
6
12
|
end
|
7
13
|
|
8
14
|
def prx_authenticated?
|
@@ -0,0 +1,31 @@
|
|
1
|
+
require 'rack/prx_auth'
|
2
|
+
|
3
|
+
class PrxAuth::Rails::Token
|
4
|
+
def initialize(token_data)
|
5
|
+
@token_data = token_data
|
6
|
+
@namespace = PrxAuth::Rails.configuration.namespace
|
7
|
+
end
|
8
|
+
|
9
|
+
def authorized?(resource, namespace=nil, scope=nil)
|
10
|
+
namespace, scope = @namespace, namespace if scope.nil? && !namespace.nil?
|
11
|
+
@token_data.authorized?(resource, namespace, scope)
|
12
|
+
end
|
13
|
+
|
14
|
+
def globally_authorized?(namespace, scope=nil)
|
15
|
+
namespace, scope = @namespace, namespace if scope.nil?
|
16
|
+
@token_data.globally_authorized?(namespace, scope)
|
17
|
+
end
|
18
|
+
|
19
|
+
def resources(namespace=nil, scope=nil)
|
20
|
+
namespace, scope = @namespace, namespace if scope.nil? && !namespace.nil?
|
21
|
+
@token_data.resources(namespace, scope)
|
22
|
+
end
|
23
|
+
|
24
|
+
def scopes
|
25
|
+
@token_data.scopes
|
26
|
+
end
|
27
|
+
|
28
|
+
def user_id
|
29
|
+
@token_data.user_id
|
30
|
+
end
|
31
|
+
end
|
data/prx_auth-rails.gemspec
CHANGED
@@ -22,8 +22,16 @@ Gem::Specification.new do |spec|
|
|
22
22
|
spec.test_files = spec.files.grep(%r{^(test|spec|features)/})
|
23
23
|
spec.require_paths = ["lib"]
|
24
24
|
|
25
|
-
spec.
|
26
|
-
spec.add_development_dependency "rake"
|
25
|
+
spec.add_runtime_dependency 'actionpack'
|
27
26
|
|
28
|
-
spec.
|
27
|
+
spec.add_development_dependency 'bundler'
|
28
|
+
spec.add_development_dependency 'rake'
|
29
|
+
spec.add_development_dependency 'coveralls', '~> 0'
|
30
|
+
spec.add_development_dependency 'guard'
|
31
|
+
spec.add_development_dependency 'guard-minitest'
|
32
|
+
spec.add_development_dependency 'rails'
|
33
|
+
|
34
|
+
|
35
|
+
|
36
|
+
spec.add_runtime_dependency 'rack-prx_auth', "~> 1.0"
|
29
37
|
end
|
File without changes
|
@@ -0,0 +1,30 @@
|
|
1
|
+
require 'test_helper'
|
2
|
+
|
3
|
+
describe PrxAuth::Rails::Configuration do
|
4
|
+
|
5
|
+
after(:each) { PrxAuth::Rails.configuration = PrxAuth::Rails::Configuration.new }
|
6
|
+
subject { PrxAuth::Rails::Configuration.new }
|
7
|
+
|
8
|
+
it 'initializes with a namespace defined by rails app name' do
|
9
|
+
assert subject.namespace == :test_app
|
10
|
+
end
|
11
|
+
|
12
|
+
it 'can be reconfigured using the namespace attr' do
|
13
|
+
PrxAuth::Rails.configure do |config|
|
14
|
+
config.namespace = :new_test
|
15
|
+
end
|
16
|
+
|
17
|
+
assert PrxAuth::Rails.configuration.namespace == :new_test
|
18
|
+
end
|
19
|
+
|
20
|
+
it 'defaults to enabling the middleware' do
|
21
|
+
assert PrxAuth::Rails.configuration.install_middleware
|
22
|
+
end
|
23
|
+
|
24
|
+
it 'allows overriding of the middleware automatic installation' do
|
25
|
+
PrxAuth::Rails.configure do |config|
|
26
|
+
config.install_middleware = false
|
27
|
+
end
|
28
|
+
assert !PrxAuth::Rails.configuration.install_middleware
|
29
|
+
end
|
30
|
+
end
|
@@ -0,0 +1,45 @@
|
|
1
|
+
require 'test_helper'
|
2
|
+
|
3
|
+
describe PrxAuth::Rails::Token do
|
4
|
+
let (:aur) { { "123" => "test_app:read other_namespace:write", "*" => "test_app:add" } }
|
5
|
+
let (:sub) { "123" }
|
6
|
+
let (:scope) { "one two three" }
|
7
|
+
let (:token_data) { Rack::PrxAuth::TokenData.new("aur" => aur, "scope" => scope, "sub" => sub)}
|
8
|
+
let (:mock_token_data) { Minitest::Mock.new(token_data) }
|
9
|
+
let (:token) { PrxAuth::Rails::Token.new(mock_token_data) }
|
10
|
+
|
11
|
+
it 'automatically namespaces requests' do
|
12
|
+
mock_token_data.expect(:authorized?, true, ["123", :test_app, :read])
|
13
|
+
assert token.authorized?("123", :read)
|
14
|
+
|
15
|
+
mock_token_data.expect(:resources, ["123"], [:test_app, :read])
|
16
|
+
assert token.resources(:read) === ['123']
|
17
|
+
|
18
|
+
mock_token_data.expect(:globally_authorized?, true, [:test_app, :add])
|
19
|
+
assert token.globally_authorized?(:add)
|
20
|
+
|
21
|
+
mock_token_data.verify
|
22
|
+
end
|
23
|
+
|
24
|
+
it 'allows unscoped calls to authorized?' do
|
25
|
+
assert token.authorized?("123")
|
26
|
+
end
|
27
|
+
|
28
|
+
it 'allows unscoped calls to resources' do
|
29
|
+
assert token.resources == [ "123" ]
|
30
|
+
end
|
31
|
+
|
32
|
+
it 'allows manual setting of namespace' do
|
33
|
+
assert token.authorized?("123", :other_namespace, :write)
|
34
|
+
assert !token.authorized?("123", :other_namespace, :read)
|
35
|
+
|
36
|
+
assert token.resources(:other_namespace, :write) == ["123"]
|
37
|
+
assert token.resources(:other_namespace, :read) == []
|
38
|
+
|
39
|
+
assert token.globally_authorized?(:add)
|
40
|
+
assert token.globally_authorized?(:test_app, :add)
|
41
|
+
assert !token.globally_authorized?(:other_namespace, :add)
|
42
|
+
end
|
43
|
+
|
44
|
+
|
45
|
+
end
|
data/test/test_helper.rb
ADDED
@@ -0,0 +1,24 @@
|
|
1
|
+
require 'coveralls'
|
2
|
+
Coveralls.wear!
|
3
|
+
|
4
|
+
$LOAD_PATH.unshift File.expand_path('../../lib', __FILE__)
|
5
|
+
|
6
|
+
require 'minitest/autorun'
|
7
|
+
require 'minitest/spec'
|
8
|
+
require 'minitest/pride'
|
9
|
+
require 'action_pack'
|
10
|
+
require 'action_controller'
|
11
|
+
require 'action_view'
|
12
|
+
require 'rails'
|
13
|
+
require 'rails/generators'
|
14
|
+
require 'rails/generators/test_case'
|
15
|
+
# Bundler.require(:default)
|
16
|
+
|
17
|
+
class TestApp < Rails::Application
|
18
|
+
config.root = File.dirname(__FILE__)
|
19
|
+
config.eager_load = false
|
20
|
+
end
|
21
|
+
|
22
|
+
TestApp.initialize!
|
23
|
+
|
24
|
+
require 'prx_auth/rails'
|
metadata
CHANGED
@@ -1,15 +1,29 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: prx_auth-rails
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 1.0.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Chris Rhoden
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2020-04-
|
11
|
+
date: 2020-04-14 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
|
+
- !ruby/object:Gem::Dependency
|
14
|
+
name: actionpack
|
15
|
+
requirement: !ruby/object:Gem::Requirement
|
16
|
+
requirements:
|
17
|
+
- - ">="
|
18
|
+
- !ruby/object:Gem::Version
|
19
|
+
version: '0'
|
20
|
+
type: :runtime
|
21
|
+
prerelease: false
|
22
|
+
version_requirements: !ruby/object:Gem::Requirement
|
23
|
+
requirements:
|
24
|
+
- - ">="
|
25
|
+
- !ruby/object:Gem::Version
|
26
|
+
version: '0'
|
13
27
|
- !ruby/object:Gem::Dependency
|
14
28
|
name: bundler
|
15
29
|
requirement: !ruby/object:Gem::Requirement
|
@@ -38,20 +52,76 @@ dependencies:
|
|
38
52
|
- - ">="
|
39
53
|
- !ruby/object:Gem::Version
|
40
54
|
version: '0'
|
55
|
+
- !ruby/object:Gem::Dependency
|
56
|
+
name: coveralls
|
57
|
+
requirement: !ruby/object:Gem::Requirement
|
58
|
+
requirements:
|
59
|
+
- - "~>"
|
60
|
+
- !ruby/object:Gem::Version
|
61
|
+
version: '0'
|
62
|
+
type: :development
|
63
|
+
prerelease: false
|
64
|
+
version_requirements: !ruby/object:Gem::Requirement
|
65
|
+
requirements:
|
66
|
+
- - "~>"
|
67
|
+
- !ruby/object:Gem::Version
|
68
|
+
version: '0'
|
69
|
+
- !ruby/object:Gem::Dependency
|
70
|
+
name: guard
|
71
|
+
requirement: !ruby/object:Gem::Requirement
|
72
|
+
requirements:
|
73
|
+
- - ">="
|
74
|
+
- !ruby/object:Gem::Version
|
75
|
+
version: '0'
|
76
|
+
type: :development
|
77
|
+
prerelease: false
|
78
|
+
version_requirements: !ruby/object:Gem::Requirement
|
79
|
+
requirements:
|
80
|
+
- - ">="
|
81
|
+
- !ruby/object:Gem::Version
|
82
|
+
version: '0'
|
83
|
+
- !ruby/object:Gem::Dependency
|
84
|
+
name: guard-minitest
|
85
|
+
requirement: !ruby/object:Gem::Requirement
|
86
|
+
requirements:
|
87
|
+
- - ">="
|
88
|
+
- !ruby/object:Gem::Version
|
89
|
+
version: '0'
|
90
|
+
type: :development
|
91
|
+
prerelease: false
|
92
|
+
version_requirements: !ruby/object:Gem::Requirement
|
93
|
+
requirements:
|
94
|
+
- - ">="
|
95
|
+
- !ruby/object:Gem::Version
|
96
|
+
version: '0'
|
97
|
+
- !ruby/object:Gem::Dependency
|
98
|
+
name: rails
|
99
|
+
requirement: !ruby/object:Gem::Requirement
|
100
|
+
requirements:
|
101
|
+
- - ">="
|
102
|
+
- !ruby/object:Gem::Version
|
103
|
+
version: '0'
|
104
|
+
type: :development
|
105
|
+
prerelease: false
|
106
|
+
version_requirements: !ruby/object:Gem::Requirement
|
107
|
+
requirements:
|
108
|
+
- - ">="
|
109
|
+
- !ruby/object:Gem::Version
|
110
|
+
version: '0'
|
41
111
|
- !ruby/object:Gem::Dependency
|
42
112
|
name: rack-prx_auth
|
43
113
|
requirement: !ruby/object:Gem::Requirement
|
44
114
|
requirements:
|
45
115
|
- - "~>"
|
46
116
|
- !ruby/object:Gem::Version
|
47
|
-
version:
|
117
|
+
version: '1.0'
|
48
118
|
type: :runtime
|
49
119
|
prerelease: false
|
50
120
|
version_requirements: !ruby/object:Gem::Requirement
|
51
121
|
requirements:
|
52
122
|
- - "~>"
|
53
123
|
- !ruby/object:Gem::Version
|
54
|
-
version:
|
124
|
+
version: '1.0'
|
55
125
|
description: 'Rails integration for next generation PRX Authorization system.
|
56
126
|
|
57
127
|
'
|
@@ -63,14 +133,21 @@ extra_rdoc_files: []
|
|
63
133
|
files:
|
64
134
|
- ".gitignore"
|
65
135
|
- Gemfile
|
136
|
+
- Guardfile
|
66
137
|
- LICENSE.txt
|
67
138
|
- README.md
|
68
139
|
- Rakefile
|
69
140
|
- lib/prx_auth/rails.rb
|
141
|
+
- lib/prx_auth/rails/configuration.rb
|
70
142
|
- lib/prx_auth/rails/ext/controller.rb
|
71
143
|
- lib/prx_auth/rails/railtie.rb
|
144
|
+
- lib/prx_auth/rails/token.rb
|
72
145
|
- lib/prx_auth/rails/version.rb
|
73
146
|
- prx_auth-rails.gemspec
|
147
|
+
- test/log/development.log
|
148
|
+
- test/prx_auth/rails/configuration_test.rb
|
149
|
+
- test/prx_auth/rails/token_test.rb
|
150
|
+
- test/test_helper.rb
|
74
151
|
homepage: https://github.com/PRX/prx_auth-rails
|
75
152
|
licenses:
|
76
153
|
- MIT
|
@@ -94,4 +171,8 @@ rubygems_version: 3.0.1
|
|
94
171
|
signing_key:
|
95
172
|
specification_version: 4
|
96
173
|
summary: Rails integration for next generation PRX Authorization system.
|
97
|
-
test_files:
|
174
|
+
test_files:
|
175
|
+
- test/log/development.log
|
176
|
+
- test/prx_auth/rails/configuration_test.rb
|
177
|
+
- test/prx_auth/rails/token_test.rb
|
178
|
+
- test/test_helper.rb
|