prx_auth-rails 1.2.0 → 1.6.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.gitignore +4 -0
- data/README.md +25 -6
- data/Rakefile +12 -4
- data/app/assets/config/prx_auth-rails_manifest.js +3 -0
- data/app/assets/images/prx_auth-rails/user.svg +5 -0
- data/app/assets/javascripts/prx_auth-rails/user_widget.js.erb +44 -0
- data/app/assets/stylesheets/prx_auth-rails/user_widget.css +69 -0
- data/app/controllers/prx_auth/rails/sessions_controller.rb +121 -0
- data/app/views/prx_auth/rails/sessions/auth_error.html.erb +15 -0
- data/app/views/prx_auth/rails/sessions/show.html.erb +38 -0
- data/config/initializers/assets.rb +1 -0
- data/config/routes.rb +7 -0
- data/lib/prx_auth/rails.rb +1 -0
- data/lib/prx_auth/rails/configuration.rb +15 -4
- data/lib/prx_auth/rails/engine.rb +9 -0
- data/lib/prx_auth/rails/ext/controller.rb +81 -4
- data/lib/prx_auth/rails/token.rb +5 -1
- data/lib/prx_auth/rails/version.rb +1 -1
- data/prx_auth-rails.gemspec +3 -1
- data/test/dummy/Rakefile +6 -0
- data/test/dummy/app/assets/config/manifest.js +2 -0
- data/test/dummy/app/assets/images/.keep +0 -0
- data/test/dummy/app/assets/stylesheets/application.css +15 -0
- data/test/dummy/app/channels/application_cable/channel.rb +4 -0
- data/test/dummy/app/channels/application_cable/connection.rb +4 -0
- data/test/dummy/app/controllers/application_controller.rb +8 -0
- data/test/dummy/app/controllers/concerns/.keep +0 -0
- data/test/dummy/app/helpers/application_helper.rb +2 -0
- data/test/dummy/app/javascript/packs/application.js +15 -0
- data/test/dummy/app/jobs/application_job.rb +7 -0
- data/test/dummy/app/mailers/application_mailer.rb +4 -0
- data/test/dummy/app/models/application_record.rb +3 -0
- data/test/dummy/app/models/concerns/.keep +0 -0
- data/test/dummy/app/views/layouts/application.html.erb +15 -0
- data/test/dummy/app/views/layouts/mailer.html.erb +13 -0
- data/test/dummy/app/views/layouts/mailer.text.erb +1 -0
- data/test/dummy/bin/rails +5 -0
- data/test/dummy/bin/rake +5 -0
- data/test/dummy/bin/setup +33 -0
- data/test/dummy/bin/spring +10 -0
- data/test/dummy/config.ru +6 -0
- data/test/dummy/config/application.rb +22 -0
- data/test/dummy/config/boot.rb +5 -0
- data/test/dummy/config/cable.yml +10 -0
- data/test/dummy/config/database.yml +25 -0
- data/test/dummy/config/environment.rb +5 -0
- data/test/dummy/config/environments/development.rb +76 -0
- data/test/dummy/config/environments/production.rb +120 -0
- data/test/dummy/config/environments/test.rb +60 -0
- data/test/dummy/config/initializers/application_controller_renderer.rb +8 -0
- data/test/dummy/config/initializers/assets.rb +12 -0
- data/test/dummy/config/initializers/backtrace_silencers.rb +8 -0
- data/test/dummy/config/initializers/content_security_policy.rb +28 -0
- data/test/dummy/config/initializers/cookies_serializer.rb +5 -0
- data/test/dummy/config/initializers/filter_parameter_logging.rb +6 -0
- data/test/dummy/config/initializers/inflections.rb +16 -0
- data/test/dummy/config/initializers/mime_types.rb +4 -0
- data/test/dummy/config/initializers/permissions_policy.rb +11 -0
- data/test/dummy/config/initializers/prx_auth.rb +8 -0
- data/test/dummy/config/initializers/wrap_parameters.rb +14 -0
- data/test/dummy/config/locales/en.yml +33 -0
- data/test/dummy/config/puma.rb +43 -0
- data/test/dummy/config/routes.rb +3 -0
- data/test/dummy/config/spring.rb +6 -0
- data/test/dummy/config/storage.yml +34 -0
- data/test/dummy/lib/assets/.keep +0 -0
- data/test/dummy/log/.keep +0 -0
- data/test/dummy/public/404.html +67 -0
- data/test/dummy/public/422.html +67 -0
- data/test/dummy/public/500.html +66 -0
- data/test/dummy/public/apple-touch-icon-precomposed.png +0 -0
- data/test/dummy/public/apple-touch-icon.png +0 -0
- data/test/dummy/public/favicon.ico +0 -0
- data/test/dummy/storage/.keep +0 -0
- data/test/prx_auth/rails/configuration_test.rb +18 -12
- data/test/prx_auth/rails/sessions_controller_test.rb +104 -0
- data/test/prx_auth/rails/token_test.rb +1 -1
- data/test/test_helper.rb +20 -9
- metadata +158 -7
@@ -1,19 +1,96 @@
|
|
1
1
|
require 'prx_auth/rails/token'
|
2
|
+
require 'open-uri'
|
2
3
|
|
3
4
|
module PrxAuth
|
4
5
|
module Rails
|
5
6
|
module Controller
|
7
|
+
|
8
|
+
PRX_ACCOUNT_NAME_MAPPING_KEY = 'prx.account.name.mapping'.freeze
|
9
|
+
PRX_TOKEN_SESSION_KEY = 'prx.auth'.freeze
|
10
|
+
|
6
11
|
def prx_auth_token
|
12
|
+
rack_auth_token = env_prx_auth_token
|
13
|
+
return rack_auth_token if rack_auth_token.present?
|
14
|
+
|
15
|
+
session[PRX_TOKEN_SESSION_KEY] && Rack::PrxAuth::TokenData.new(session[PRX_TOKEN_SESSION_KEY])
|
16
|
+
end
|
17
|
+
|
18
|
+
def prx_authenticated?
|
19
|
+
!!prx_auth_token
|
20
|
+
end
|
21
|
+
|
22
|
+
def authenticate!
|
23
|
+
return true if current_user.present?
|
24
|
+
|
25
|
+
redirect_to PrxAuth::Rails::Engine.routes.url_helpers.new_sessions_path
|
26
|
+
end
|
27
|
+
|
28
|
+
def current_user
|
29
|
+
return if prx_auth_token.nil?
|
30
|
+
|
31
|
+
PrxAuth::Rails::Token.new(prx_auth_token)
|
32
|
+
end
|
33
|
+
|
34
|
+
def lookup_and_register_accounts_names
|
35
|
+
session[PRX_ACCOUNT_NAME_MAPPING_KEY] =
|
36
|
+
lookup_account_names_mapping
|
37
|
+
end
|
38
|
+
|
39
|
+
def account_name_for(id)
|
40
|
+
id = id.to_i
|
41
|
+
|
42
|
+
session[PRX_ACCOUNT_NAME_MAPPING_KEY] ||= {}
|
43
|
+
|
44
|
+
name =
|
45
|
+
if session[PRX_ACCOUNT_NAME_MAPPING_KEY].has_key?(id)
|
46
|
+
session[PRX_ACCOUNT_NAME_MAPPING_KEY][id]
|
47
|
+
else
|
48
|
+
session[PRX_ACCOUNT_NAME_MAPPING_KEY][id] = lookup_account_name_for(id)
|
49
|
+
end
|
50
|
+
|
51
|
+
name = "[#{id}] Unknown Account Name" unless name.present?
|
52
|
+
|
53
|
+
name
|
54
|
+
end
|
55
|
+
|
56
|
+
def sign_in_user(token)
|
57
|
+
session[PRX_TOKEN_SESSION_KEY] = token
|
58
|
+
end
|
59
|
+
|
60
|
+
def sign_out_user
|
61
|
+
session.delete(PRX_TOKEN_SESSION_KEY)
|
62
|
+
end
|
63
|
+
|
64
|
+
private
|
65
|
+
|
66
|
+
def lookup_account_name_for(id)
|
67
|
+
id = id.to_i
|
68
|
+
|
69
|
+
res = lookup_account_names_mapping([id])
|
70
|
+
res[id]
|
71
|
+
end
|
72
|
+
|
73
|
+
def lookup_account_names_mapping(ids=current_user.resources)
|
74
|
+
id_host = PrxAuth::Rails.configuration.id_host
|
75
|
+
ids_param = ids.map(&:to_s).join(',')
|
76
|
+
|
77
|
+
options = {}
|
78
|
+
options[:ssl_verify_mode] = OpenSSL::SSL::VERIFY_NONE if ::Rails.env.development?
|
79
|
+
|
80
|
+
accounts = URI.open("https://#{id_host}/api/v1/accounts?account_ids=#{ids_param}", options).read
|
81
|
+
|
82
|
+
mapping = JSON.parse(accounts)['accounts'].map { |acct| [acct['id'], acct['display_name']] }.to_h
|
83
|
+
|
84
|
+
mapping
|
85
|
+
end
|
86
|
+
|
87
|
+
def env_prx_auth_token
|
7
88
|
if !defined? @_prx_auth_token
|
8
89
|
@_prx_auth_token = request.env['prx.auth'] && PrxAuth::Rails::Token.new(request.env['prx.auth'])
|
9
90
|
else
|
10
91
|
@_prx_auth_token
|
11
92
|
end
|
12
93
|
end
|
13
|
-
|
14
|
-
def prx_authenticated?
|
15
|
-
!!prx_auth_token
|
16
|
-
end
|
17
94
|
end
|
18
95
|
end
|
19
96
|
end
|
data/lib/prx_auth/rails/token.rb
CHANGED
data/prx_auth-rails.gemspec
CHANGED
@@ -29,7 +29,9 @@ Gem::Specification.new do |spec|
|
|
29
29
|
spec.add_development_dependency 'coveralls', '~> 0'
|
30
30
|
spec.add_development_dependency 'guard'
|
31
31
|
spec.add_development_dependency 'guard-minitest'
|
32
|
-
spec.add_development_dependency
|
32
|
+
spec.add_development_dependency "rails", "~> 6.1.0"
|
33
|
+
spec.add_development_dependency 'pry'
|
34
|
+
spec.add_development_dependency 'sqlite3'
|
33
35
|
|
34
36
|
|
35
37
|
|
data/test/dummy/Rakefile
ADDED
File without changes
|
@@ -0,0 +1,15 @@
|
|
1
|
+
/*
|
2
|
+
* This is a manifest file that'll be compiled into application.css, which will include all the files
|
3
|
+
* listed below.
|
4
|
+
*
|
5
|
+
* Any CSS and SCSS file within this directory, lib/assets/stylesheets, vendor/assets/stylesheets,
|
6
|
+
* or any plugin's vendor/assets/stylesheets directory can be referenced here using a relative path.
|
7
|
+
*
|
8
|
+
* You're free to add application-wide styles to this file and they'll appear at the bottom of the
|
9
|
+
* compiled file so the styles you add here take precedence over styles defined in any other CSS/SCSS
|
10
|
+
* files in this directory. Styles in this file should be added after the last require_* statement.
|
11
|
+
* It is generally better to create a new file per style scope.
|
12
|
+
*
|
13
|
+
*= require_tree .
|
14
|
+
*= require_self
|
15
|
+
*/
|
File without changes
|
@@ -0,0 +1,15 @@
|
|
1
|
+
// This is a manifest file that'll be compiled into application.js, which will include all the files
|
2
|
+
// listed below.
|
3
|
+
//
|
4
|
+
// Any JavaScript/Coffee file within this directory, lib/assets/javascripts, vendor/assets/javascripts,
|
5
|
+
// or any plugin's vendor/assets/javascripts directory can be referenced here using a relative path.
|
6
|
+
//
|
7
|
+
// It's not advisable to add code directly here, but if you do, it'll appear at the bottom of the
|
8
|
+
// compiled file. JavaScript code in this file should be added after the last require_* statement.
|
9
|
+
//
|
10
|
+
// Read Sprockets README (https://github.com/rails/sprockets#sprockets-directives) for details
|
11
|
+
// about supported directives.
|
12
|
+
//
|
13
|
+
//= require rails-ujs
|
14
|
+
//= require activestorage
|
15
|
+
//= require_tree .
|
@@ -0,0 +1,7 @@
|
|
1
|
+
class ApplicationJob < ActiveJob::Base
|
2
|
+
# Automatically retry jobs that encountered a deadlock
|
3
|
+
# retry_on ActiveRecord::Deadlocked
|
4
|
+
|
5
|
+
# Most jobs are safe to ignore if the underlying records are no longer available
|
6
|
+
# discard_on ActiveJob::DeserializationError
|
7
|
+
end
|
File without changes
|
@@ -0,0 +1,15 @@
|
|
1
|
+
<!DOCTYPE html>
|
2
|
+
<html>
|
3
|
+
<head>
|
4
|
+
<title>Dummy</title>
|
5
|
+
<meta name="viewport" content="width=device-width,initial-scale=1">
|
6
|
+
<%= csrf_meta_tags %>
|
7
|
+
<%= csp_meta_tag %>
|
8
|
+
|
9
|
+
<%= stylesheet_link_tag 'application', media: 'all' %>
|
10
|
+
</head>
|
11
|
+
|
12
|
+
<body>
|
13
|
+
<%= yield %>
|
14
|
+
</body>
|
15
|
+
</html>
|
@@ -0,0 +1 @@
|
|
1
|
+
<%= yield %>
|
data/test/dummy/bin/rake
ADDED
@@ -0,0 +1,33 @@
|
|
1
|
+
#!/usr/bin/env ruby
|
2
|
+
require "fileutils"
|
3
|
+
|
4
|
+
# path to your application root.
|
5
|
+
APP_ROOT = File.expand_path('..', __dir__)
|
6
|
+
|
7
|
+
def system!(*args)
|
8
|
+
system(*args) || abort("\n== Command #{args} failed ==")
|
9
|
+
end
|
10
|
+
|
11
|
+
FileUtils.chdir APP_ROOT do
|
12
|
+
# This script is a way to set up or update your development environment automatically.
|
13
|
+
# This script is idempotent, so that you can run it at any time and get an expectable outcome.
|
14
|
+
# Add necessary setup steps to this file.
|
15
|
+
|
16
|
+
puts '== Installing dependencies =='
|
17
|
+
system! 'gem install bundler --conservative'
|
18
|
+
system('bundle check') || system!('bundle install')
|
19
|
+
|
20
|
+
# puts "\n== Copying sample files =="
|
21
|
+
# unless File.exist?('config/database.yml')
|
22
|
+
# FileUtils.cp 'config/database.yml.sample', 'config/database.yml'
|
23
|
+
# end
|
24
|
+
|
25
|
+
puts "\n== Preparing database =="
|
26
|
+
system! 'bin/rails db:prepare'
|
27
|
+
|
28
|
+
puts "\n== Removing old logs and tempfiles =="
|
29
|
+
system! 'bin/rails log:clear tmp:clear'
|
30
|
+
|
31
|
+
puts "\n== Restarting application server =="
|
32
|
+
system! 'bin/rails restart'
|
33
|
+
end
|
@@ -0,0 +1,10 @@
|
|
1
|
+
#!/usr/bin/env ruby
|
2
|
+
if !defined?(Spring) && [nil, "development", "test"].include?(ENV["RAILS_ENV"])
|
3
|
+
# Load Spring without loading other gems in the Gemfile, for speed.
|
4
|
+
require "bundler"
|
5
|
+
Bundler.locked_gems.specs.find { |spec| spec.name == "spring" }&.tap do |spring|
|
6
|
+
Gem.use_paths Gem.dir, Bundler.bundle_path.to_s, *Gem.path
|
7
|
+
gem "spring", spring.version
|
8
|
+
require "spring/binstub"
|
9
|
+
end
|
10
|
+
end
|
@@ -0,0 +1,22 @@
|
|
1
|
+
require_relative "boot"
|
2
|
+
|
3
|
+
require "rails/all"
|
4
|
+
|
5
|
+
# Require the gems listed in Gemfile, including any gems
|
6
|
+
# you've limited to :test, :development, or :production.
|
7
|
+
Bundler.require(*Rails.groups)
|
8
|
+
require "prx_auth/rails"
|
9
|
+
|
10
|
+
module Dummy
|
11
|
+
class Application < Rails::Application
|
12
|
+
config.load_defaults Rails::VERSION::STRING.to_f
|
13
|
+
|
14
|
+
# Configuration for the application, engines, and railties goes here.
|
15
|
+
#
|
16
|
+
# These settings can be overridden in specific environments using the files
|
17
|
+
# in config/environments, which are processed later.
|
18
|
+
#
|
19
|
+
# config.time_zone = "Central Time (US & Canada)"
|
20
|
+
# config.eager_load_paths << Rails.root.join("extras")
|
21
|
+
end
|
22
|
+
end
|
@@ -0,0 +1,25 @@
|
|
1
|
+
# SQLite. Versions 3.8.0 and up are supported.
|
2
|
+
# gem install sqlite3
|
3
|
+
#
|
4
|
+
# Ensure the SQLite 3 gem is defined in your Gemfile
|
5
|
+
# gem 'sqlite3'
|
6
|
+
#
|
7
|
+
default: &default
|
8
|
+
adapter: sqlite3
|
9
|
+
pool: <%= ENV.fetch("RAILS_MAX_THREADS") { 5 } %>
|
10
|
+
timeout: 5000
|
11
|
+
|
12
|
+
development:
|
13
|
+
<<: *default
|
14
|
+
database: db/development.sqlite3
|
15
|
+
|
16
|
+
# Warning: The database defined as "test" will be erased and
|
17
|
+
# re-generated from your development database when you run "rake".
|
18
|
+
# Do not set this db to the same as development or production.
|
19
|
+
test:
|
20
|
+
<<: *default
|
21
|
+
database: db/test.sqlite3
|
22
|
+
|
23
|
+
production:
|
24
|
+
<<: *default
|
25
|
+
database: db/production.sqlite3
|
@@ -0,0 +1,76 @@
|
|
1
|
+
require "active_support/core_ext/integer/time"
|
2
|
+
|
3
|
+
Rails.application.configure do
|
4
|
+
# Settings specified here will take precedence over those in config/application.rb.
|
5
|
+
|
6
|
+
# In the development environment your application's code is reloaded any time
|
7
|
+
# it changes. This slows down response time but is perfect for development
|
8
|
+
# since you don't have to restart the web server when you make code changes.
|
9
|
+
config.cache_classes = false
|
10
|
+
|
11
|
+
# Do not eager load code on boot.
|
12
|
+
config.eager_load = false
|
13
|
+
|
14
|
+
# Show full error reports.
|
15
|
+
config.consider_all_requests_local = true
|
16
|
+
|
17
|
+
# Enable/disable caching. By default caching is disabled.
|
18
|
+
# Run rails dev:cache to toggle caching.
|
19
|
+
if Rails.root.join('tmp', 'caching-dev.txt').exist?
|
20
|
+
config.action_controller.perform_caching = true
|
21
|
+
config.action_controller.enable_fragment_cache_logging = true
|
22
|
+
|
23
|
+
config.cache_store = :memory_store
|
24
|
+
config.public_file_server.headers = {
|
25
|
+
'Cache-Control' => "public, max-age=#{2.days.to_i}"
|
26
|
+
}
|
27
|
+
else
|
28
|
+
config.action_controller.perform_caching = false
|
29
|
+
|
30
|
+
config.cache_store = :null_store
|
31
|
+
end
|
32
|
+
|
33
|
+
# Store uploaded files on the local file system (see config/storage.yml for options).
|
34
|
+
config.active_storage.service = :local
|
35
|
+
|
36
|
+
# Don't care if the mailer can't send.
|
37
|
+
config.action_mailer.raise_delivery_errors = false
|
38
|
+
|
39
|
+
config.action_mailer.perform_caching = false
|
40
|
+
|
41
|
+
# Print deprecation notices to the Rails logger.
|
42
|
+
config.active_support.deprecation = :log
|
43
|
+
|
44
|
+
# Raise exceptions for disallowed deprecations.
|
45
|
+
config.active_support.disallowed_deprecation = :raise
|
46
|
+
|
47
|
+
# Tell Active Support which deprecation messages to disallow.
|
48
|
+
config.active_support.disallowed_deprecation_warnings = []
|
49
|
+
|
50
|
+
# Raise an error on page load if there are pending migrations.
|
51
|
+
config.active_record.migration_error = :page_load
|
52
|
+
|
53
|
+
# Highlight code that triggered database queries in logs.
|
54
|
+
config.active_record.verbose_query_logs = true
|
55
|
+
|
56
|
+
# Debug mode disables concatenation and preprocessing of assets.
|
57
|
+
# This option may cause significant delays in view rendering with a large
|
58
|
+
# number of complex assets.
|
59
|
+
config.assets.debug = true
|
60
|
+
|
61
|
+
# Suppress logger output for asset requests.
|
62
|
+
config.assets.quiet = true
|
63
|
+
|
64
|
+
# Raises error for missing translations.
|
65
|
+
# config.i18n.raise_on_missing_translations = true
|
66
|
+
|
67
|
+
# Annotate rendered view with file names.
|
68
|
+
# config.action_view.annotate_rendered_view_with_filenames = true
|
69
|
+
|
70
|
+
# Use an evented file watcher to asynchronously detect changes in source code,
|
71
|
+
# routes, locales, etc. This feature depends on the listen gem.
|
72
|
+
# config.file_watcher = ActiveSupport::EventedFileUpdateChecker
|
73
|
+
|
74
|
+
# Uncomment if you wish to allow Action Cable access from any origin.
|
75
|
+
# config.action_cable.disable_request_forgery_protection = true
|
76
|
+
end
|