prx_auth-rails 1.2.0 → 1.6.0

data/lib/prx_auth/rails/engine.rb

@@ -0,0 +1,9 @@
+module PrxAuth
+  module Rails
+    class Engine < ::Rails::Engine
+      config.to_prepare do
+        ::ApplicationController.helper_method [:current_user, :account_name_for]
+      end
+    end
+  end
+end

data/lib/prx_auth/rails/ext/controller.rb

@@ -1,19 +1,96 @@
 require 'prx_auth/rails/token'
+require 'open-uri'
 
 module PrxAuth
   module Rails
     module Controller
+
+      PRX_ACCOUNT_NAME_MAPPING_KEY = 'prx.account.name.mapping'.freeze
+      PRX_TOKEN_SESSION_KEY = 'prx.auth'.freeze
+
       def prx_auth_token
+        rack_auth_token = env_prx_auth_token
+        return rack_auth_token if rack_auth_token.present?
+
+        session[PRX_TOKEN_SESSION_KEY] && Rack::PrxAuth::TokenData.new(session[PRX_TOKEN_SESSION_KEY])
+      end
+
+      def prx_authenticated?
+        !!prx_auth_token
+      end
+
+      def authenticate!
+        return true if current_user.present?
+
+        redirect_to PrxAuth::Rails::Engine.routes.url_helpers.new_sessions_path
+      end
+
+      def current_user
+        return if prx_auth_token.nil?
+
+        PrxAuth::Rails::Token.new(prx_auth_token)
+      end
+
+      def lookup_and_register_accounts_names
+        session[PRX_ACCOUNT_NAME_MAPPING_KEY] =
+          lookup_account_names_mapping
+      end
+
+      def account_name_for(id)
+        id = id.to_i
+
+        session[PRX_ACCOUNT_NAME_MAPPING_KEY] ||= {}
+
+        name =
+          if session[PRX_ACCOUNT_NAME_MAPPING_KEY].has_key?(id)
+            session[PRX_ACCOUNT_NAME_MAPPING_KEY][id]
+          else
+            session[PRX_ACCOUNT_NAME_MAPPING_KEY][id] = lookup_account_name_for(id)
+          end
+
+        name = "[#{id}] Unknown Account Name" unless name.present?
+
+        name
+      end
+
+      def sign_in_user(token)
+        session[PRX_TOKEN_SESSION_KEY] = token
+      end
+
+      def sign_out_user
+        session.delete(PRX_TOKEN_SESSION_KEY)
+      end
+
+      private
+
+      def lookup_account_name_for(id)
+        id = id.to_i
+
+        res = lookup_account_names_mapping([id])
+        res[id]
+      end
+
+      def lookup_account_names_mapping(ids=current_user.resources)
+        id_host = PrxAuth::Rails.configuration.id_host
+        ids_param = ids.map(&:to_s).join(',')
+
+        options = {}
+        options[:ssl_verify_mode] = OpenSSL::SSL::VERIFY_NONE if ::Rails.env.development?
+
+        accounts = URI.open("https://#{id_host}/api/v1/accounts?account_ids=#{ids_param}", options).read
+
+        mapping = JSON.parse(accounts)['accounts'].map { |acct| [acct['id'], acct['display_name']] }.to_h
+
+        mapping
+      end
+
+      def env_prx_auth_token
         if !defined? @_prx_auth_token
           @_prx_auth_token = request.env['prx.auth'] && PrxAuth::Rails::Token.new(request.env['prx.auth'])
         else
           @_prx_auth_token
         end
       end
-
-      def prx_authenticated?
-        !!prx_auth_token
-      end
     end
   end
 end

data/lib/prx_auth/rails/token.rb

@@ -28,4 +28,8 @@ class PrxAuth::Rails::Token
   def user_id
     @token_data.user_id
   end
-end
+
+  def authorized_account_ids(scope)
+    @token_data.authorized_account_ids(scope)
+  end
+end

data/lib/prx_auth/rails/version.rb

@@ -1,5 +1,5 @@
 module PrxAuth
   module Rails
-    VERSION = "1.2.0"
+    VERSION = "1.6.0"
   end
 end

data/prx_auth-rails.gemspec

@@ -29,7 +29,9 @@ Gem::Specification.new do |spec|
   spec.add_development_dependency 'coveralls', '~> 0'
   spec.add_development_dependency 'guard'
   spec.add_development_dependency 'guard-minitest'
-  spec.add_development_dependency 'rails'
+  spec.add_development_dependency "rails", "~> 6.1.0"
+  spec.add_development_dependency 'pry'
+  spec.add_development_dependency 'sqlite3'
 
 
 

data/test/dummy/Rakefile

@@ -0,0 +1,6 @@
+# Add your own tasks in files placed in lib/tasks ending in .rake,
+# for example lib/tasks/capistrano.rake, and they will automatically be available to Rake.
+
+require_relative "config/application"
+
+Rails.application.load_tasks

data/test/dummy/app/assets/config/manifest.js

@@ -0,0 +1,2 @@
+//= link_tree ../images
+//= link_directory ../stylesheets .css

data/test/dummy/app/assets/stylesheets/application.css

@@ -0,0 +1,15 @@
+/*
+ * This is a manifest file that'll be compiled into application.css, which will include all the files
+ * listed below.
+ *
+ * Any CSS and SCSS file within this directory, lib/assets/stylesheets, vendor/assets/stylesheets,
+ * or any plugin's vendor/assets/stylesheets directory can be referenced here using a relative path.
+ *
+ * You're free to add application-wide styles to this file and they'll appear at the bottom of the
+ * compiled file so the styles you add here take precedence over styles defined in any other CSS/SCSS
+ * files in this directory. Styles in this file should be added after the last require_* statement.
+ * It is generally better to create a new file per style scope.
+ *
+ *= require_tree .
+ *= require_self
+ */

data/test/dummy/app/channels/application_cable/channel.rb

@@ -0,0 +1,4 @@
+module ApplicationCable
+  class Channel < ActionCable::Channel::Base
+  end
+end

data/test/dummy/app/channels/application_cable/connection.rb

@@ -0,0 +1,4 @@
+module ApplicationCable
+  class Connection < ActionCable::Connection::Base
+  end
+end

data/test/dummy/app/controllers/application_controller.rb

@@ -0,0 +1,8 @@
+class ApplicationController < ActionController::Base
+
+  before_action :authenticate!
+
+  def after_sign_in_path_for(_resource)
+    '/after-sign-in-path'
+  end
+end

data/test/dummy/app/helpers/application_helper.rb

@@ -0,0 +1,2 @@
+module ApplicationHelper
+end

data/test/dummy/app/javascript/packs/application.js

@@ -0,0 +1,15 @@
+// This is a manifest file that'll be compiled into application.js, which will include all the files
+// listed below.
+//
+// Any JavaScript/Coffee file within this directory, lib/assets/javascripts, vendor/assets/javascripts,
+// or any plugin's vendor/assets/javascripts directory can be referenced here using a relative path.
+//
+// It's not advisable to add code directly here, but if you do, it'll appear at the bottom of the
+// compiled file. JavaScript code in this file should be added after the last require_* statement.
+//
+// Read Sprockets README (https://github.com/rails/sprockets#sprockets-directives) for details
+// about supported directives.
+//
+//= require rails-ujs
+//= require activestorage
+//= require_tree .

data/test/dummy/app/jobs/application_job.rb

@@ -0,0 +1,7 @@
+class ApplicationJob < ActiveJob::Base
+  # Automatically retry jobs that encountered a deadlock
+  # retry_on ActiveRecord::Deadlocked
+
+  # Most jobs are safe to ignore if the underlying records are no longer available
+  # discard_on ActiveJob::DeserializationError
+end

data/test/dummy/app/mailers/application_mailer.rb

@@ -0,0 +1,4 @@
+class ApplicationMailer < ActionMailer::Base
+  default from: 'from@example.com'
+  layout 'mailer'
+end

data/test/dummy/app/models/application_record.rb

@@ -0,0 +1,3 @@
+class ApplicationRecord < ActiveRecord::Base
+  self.abstract_class = true
+end

data/test/dummy/app/views/layouts/application.html.erb

@@ -0,0 +1,15 @@
+<!DOCTYPE html>
+<html>
+  <head>
+    <title>Dummy</title>
+    <meta name="viewport" content="width=device-width,initial-scale=1">
+    <%= csrf_meta_tags %>
+    <%= csp_meta_tag %>
+
+    <%= stylesheet_link_tag 'application', media: 'all' %>
+  </head>
+
+  <body>
+    <%= yield %>
+  </body>
+</html>

data/test/dummy/app/views/layouts/mailer.html.erb

@@ -0,0 +1,13 @@
+<!DOCTYPE html>
+<html>
+  <head>
+    <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+    <style>
+      /* Email styles need to be inline */
+    </style>
+  </head>
+
+  <body>
+    <%= yield %>
+  </body>
+</html>

data/test/dummy/app/views/layouts/mailer.text.erb

@@ -0,0 +1 @@
+<%= yield %>

data/test/dummy/bin/rails

@@ -0,0 +1,5 @@
+#!/usr/bin/env ruby
+load File.expand_path("spring", __dir__)
+APP_PATH = File.expand_path('../config/application', __dir__)
+require_relative "../config/boot"
+require "rails/commands"

data/test/dummy/bin/rake

@@ -0,0 +1,5 @@
+#!/usr/bin/env ruby
+load File.expand_path("spring", __dir__)
+require_relative "../config/boot"
+require "rake"
+Rake.application.run

data/test/dummy/bin/setup

@@ -0,0 +1,33 @@
+#!/usr/bin/env ruby
+require "fileutils"
+
+# path to your application root.
+APP_ROOT = File.expand_path('..', __dir__)
+
+def system!(*args)
+  system(*args) || abort("\n== Command #{args} failed ==")
+end
+
+FileUtils.chdir APP_ROOT do
+  # This script is a way to set up or update your development environment automatically.
+  # This script is idempotent, so that you can run it at any time and get an expectable outcome.
+  # Add necessary setup steps to this file.
+
+  puts '== Installing dependencies =='
+  system! 'gem install bundler --conservative'
+  system('bundle check') || system!('bundle install')
+
+  # puts "\n== Copying sample files =="
+  # unless File.exist?('config/database.yml')
+  #   FileUtils.cp 'config/database.yml.sample', 'config/database.yml'
+  # end
+
+  puts "\n== Preparing database =="
+  system! 'bin/rails db:prepare'
+
+  puts "\n== Removing old logs and tempfiles =="
+  system! 'bin/rails log:clear tmp:clear'
+
+  puts "\n== Restarting application server =="
+  system! 'bin/rails restart'
+end

data/test/dummy/bin/spring

@@ -0,0 +1,10 @@
+#!/usr/bin/env ruby
+if !defined?(Spring) && [nil, "development", "test"].include?(ENV["RAILS_ENV"])
+  # Load Spring without loading other gems in the Gemfile, for speed.
+  require "bundler"
+  Bundler.locked_gems.specs.find { |spec| spec.name == "spring" }&.tap do |spring|
+    Gem.use_paths Gem.dir, Bundler.bundle_path.to_s, *Gem.path
+    gem "spring", spring.version
+    require "spring/binstub"
+  end
+end

data/test/dummy/config.ru

@@ -0,0 +1,6 @@
+# This file is used by Rack-based servers to start the application.
+
+require_relative "config/environment"
+
+run Rails.application
+Rails.application.load_server

data/test/dummy/config/application.rb

@@ -0,0 +1,22 @@
+require_relative "boot"
+
+require "rails/all"
+
+# Require the gems listed in Gemfile, including any gems
+# you've limited to :test, :development, or :production.
+Bundler.require(*Rails.groups)
+require "prx_auth/rails"
+
+module Dummy
+  class Application < Rails::Application
+    config.load_defaults Rails::VERSION::STRING.to_f
+
+    # Configuration for the application, engines, and railties goes here.
+    #
+    # These settings can be overridden in specific environments using the files
+    # in config/environments, which are processed later.
+    #
+    # config.time_zone = "Central Time (US & Canada)"
+    # config.eager_load_paths << Rails.root.join("extras")
+  end
+end

data/test/dummy/config/boot.rb

@@ -0,0 +1,5 @@
+# Set up gems listed in the Gemfile.
+ENV['BUNDLE_GEMFILE'] ||= File.expand_path('../../../Gemfile', __dir__)
+
+require "bundler/setup" if File.exist?(ENV["BUNDLE_GEMFILE"])
+$LOAD_PATH.unshift File.expand_path('../../../lib', __dir__)

data/test/dummy/config/cable.yml

@@ -0,0 +1,10 @@
+development:
+  adapter: async
+
+test:
+  adapter: test
+
+production:
+  adapter: redis
+  url: <%= ENV.fetch("REDIS_URL") { "redis://localhost:6379/1" } %>
+  channel_prefix: dummy_production

data/test/dummy/config/database.yml

@@ -0,0 +1,25 @@
+# SQLite. Versions 3.8.0 and up are supported.
+#   gem install sqlite3
+#
+#   Ensure the SQLite 3 gem is defined in your Gemfile
+#   gem 'sqlite3'
+#
+default: &default
+  adapter: sqlite3
+  pool: <%= ENV.fetch("RAILS_MAX_THREADS") { 5 } %>
+  timeout: 5000
+
+development:
+  <<: *default
+  database: db/development.sqlite3
+
+# Warning: The database defined as "test" will be erased and
+# re-generated from your development database when you run "rake".
+# Do not set this db to the same as development or production.
+test:
+  <<: *default
+  database: db/test.sqlite3
+
+production:
+  <<: *default
+  database: db/production.sqlite3

data/test/dummy/config/environment.rb

@@ -0,0 +1,5 @@
+# Load the Rails application.
+require_relative "application"
+
+# Initialize the Rails application.
+Rails.application.initialize!

data/test/dummy/config/environments/development.rb

@@ -0,0 +1,76 @@
+require "active_support/core_ext/integer/time"
+
+Rails.application.configure do
+  # Settings specified here will take precedence over those in config/application.rb.
+
+  # In the development environment your application's code is reloaded any time
+  # it changes. This slows down response time but is perfect for development
+  # since you don't have to restart the web server when you make code changes.
+  config.cache_classes = false
+
+  # Do not eager load code on boot.
+  config.eager_load = false
+
+  # Show full error reports.
+  config.consider_all_requests_local = true
+
+  # Enable/disable caching. By default caching is disabled.
+  # Run rails dev:cache to toggle caching.
+  if Rails.root.join('tmp', 'caching-dev.txt').exist?
+    config.action_controller.perform_caching = true
+    config.action_controller.enable_fragment_cache_logging = true
+
+    config.cache_store = :memory_store
+    config.public_file_server.headers = {
+      'Cache-Control' => "public, max-age=#{2.days.to_i}"
+    }
+  else
+    config.action_controller.perform_caching = false
+
+    config.cache_store = :null_store
+  end
+
+  # Store uploaded files on the local file system (see config/storage.yml for options).
+  config.active_storage.service = :local
+
+  # Don't care if the mailer can't send.
+  config.action_mailer.raise_delivery_errors = false
+
+  config.action_mailer.perform_caching = false
+
+  # Print deprecation notices to the Rails logger.
+  config.active_support.deprecation = :log
+
+  # Raise exceptions for disallowed deprecations.
+  config.active_support.disallowed_deprecation = :raise
+
+  # Tell Active Support which deprecation messages to disallow.
+  config.active_support.disallowed_deprecation_warnings = []
+
+  # Raise an error on page load if there are pending migrations.
+  config.active_record.migration_error = :page_load
+
+  # Highlight code that triggered database queries in logs.
+  config.active_record.verbose_query_logs = true
+
+  # Debug mode disables concatenation and preprocessing of assets.
+  # This option may cause significant delays in view rendering with a large
+  # number of complex assets.
+  config.assets.debug = true
+
+  # Suppress logger output for asset requests.
+  config.assets.quiet = true
+
+  # Raises error for missing translations.
+  # config.i18n.raise_on_missing_translations = true
+
+  # Annotate rendered view with file names.
+  # config.action_view.annotate_rendered_view_with_filenames = true
+
+  # Use an evented file watcher to asynchronously detect changes in source code,
+  # routes, locales, etc. This feature depends on the listen gem.
+  # config.file_watcher = ActiveSupport::EventedFileUpdateChecker
+
+  # Uncomment if you wish to allow Action Cable access from any origin.
+  # config.action_cable.disable_request_forgery_protection = true
+end