rack-auth-gitlabapi 0.2.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: ebe645ba2b6fac7e9b44a65824c25797cf4bb844e1424b4e8c9a9f77bb643300
+  data.tar.gz: 564c1bfaff0384ee4d8fedd63eb0455fa49f5e7e9f1ad219b20b59f9db18d218
+SHA512:
+  metadata.gz: 80f474b9928d129a4b92a66ef11308215ed4e57f153edb5bc59b0a263dac2197ed9407c87b8278b74f3ee25351ae1e286a27367cb3cc109438da2cb901df1ced
+  data.tar.gz: f05f6f7d7a69a08032512416bed021301d47900a6600e365d42bfa1f267ad55a54aea7b6aac9eedd22bb78998e64c15ae0c3298b33f6b0b4530e165741e5c9e5

data/MIT-LICENSE

@@ -0,0 +1,20 @@
+Copyright 2018 iXmedia
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -0,0 +1,79 @@
+# rack-auth-gitlabapi
+
+Rack Middleware for GitLab API authentication
+
+## Presentation
+
+Rack::Auth::Gitlabapi is a basic authentication module with GitLab API authentication support.
+
+It's based on Rack:Auth::Basic from the Rack main Project.
+
+This is an additional module for Rack to authenticate users against the GitLab API.
+
+## Installation
+
+In your Gemfile, add :
+
+```ruby
+gem "rack-auth-gitlabapi"
+```
+
+Create a gitlab.yml at the same level as the config.ru file :
+
+```yml
+endpoint: https://example.net/api/v4
+```
+
+In you config.ru, simply add :
+
+```ruby
+require 'rubygems'
+require 'bundler'
+require 'rack'
+
+Bundler.require
+
+require File.dirname(__FILE__) + '/your_app.rb'
+
+use Rack::Auth::Gitlabapi
+run Sinatra::Application
+```
+
+This configuration activate the Basic Authentication for the entire application.
+
+To use custom configuration file :
+```ruby
+use Rack::Auth::Gitlabapi, file: '/path/to/my/gitlab.yml'
+```
+
+## Advanced
+
+To protect some routes according to the parameters of the Gitlab user :
+
+```ruby
+require 'rubygems'
+require 'bundler'
+require 'rack'
+
+Bundler.require
+
+require File.dirname(__FILE__) + '/myapp.rb'
+
+class CustomGitlabapi < Rack::Auth::Gitlabapi
+   def call(env)
+      request = Rack::Request.new(env)
+      response = super(env)
+
+      return unauthorized if user.nil?
+
+      if request.path == '/upload' or request.post?
+         return unauthorized if (!user.can_create_project || user.external)
+      end
+
+      return response
+   end
+end
+
+use CustomGitlabapi
+run Sinatra::Application
+```

data/Rakefile

@@ -0,0 +1,36 @@
+begin
+  require 'bundler/setup'
+rescue LoadError
+  puts 'You must `gem install bundler` and `bundle install` to run rake tasks'
+end
+
+require 'rdoc/task'
+
+RDoc::Task.new(:rdoc) do |rdoc|
+  rdoc.rdoc_dir = 'rdoc'
+  rdoc.title    = 'rack-auth-gitlabapi'
+  rdoc.options << '--line-numbers'
+  rdoc.rdoc_files.include('README.md')
+  rdoc.rdoc_files.include('lib/**/*.rb')
+end
+
+APP_RAKEFILE = File.expand_path("../test/dummy/Rakefile", __FILE__)
+load 'rails/tasks/engine.rake'
+
+
+load 'rails/tasks/statistics.rake'
+
+
+
+require 'bundler/gem_tasks'
+
+require 'rake/testtask'
+
+Rake::TestTask.new(:test) do |t|
+  t.libs << 'test'
+  t.pattern = 'test/**/*_test.rb'
+  t.verbose = false
+end
+
+
+task default: :test

data/lib/rack/auth/gitlabapi.rb

@@ -0,0 +1,75 @@
+require 'rack'
+require 'rack/auth/abstract/handler'
+require 'rack/auth/abstract/request'
+require 'gitlab'
+require 'yaml'
+
+module Rack
+  module Auth
+
+    class Config
+      def initialize(options = { file: './gitlab.yml'})
+        @values = ::YAML.load_file(::File.expand_path(options[:file], Dir.pwd))
+        @values.keys.each do |key|
+          @values[key.to_sym] = @values.delete(key)
+        end
+        @values.keys.each do |meth|
+          bloc = Proc.new  {@values[meth] }
+            self.class.send :define_method, meth, &bloc
+        end
+      end
+    end
+
+    class Gitlabapi < Basic
+
+      attr_reader :config
+
+      def initialize(app, config_options = {})
+        super(app)
+        @config = Config.new(config_options)
+      end
+
+      def call(env)
+        auth = Gitlabapi::Request.new(env)
+        return unauthorized unless auth.provided?
+        return bad_request unless auth.basic?
+        if valid?(auth)
+          env['REMOTE_USER'] = auth.username
+          return @app.call(env)
+        end
+        unauthorized
+      end
+
+      private
+
+      def valid?(auth)
+        Gitlab.configure do |config|
+          config.endpoint       = @config.endpoint
+          config.private_token  = auth.password
+        end
+
+        begin
+          @user = Gitlab.user
+          if @user.username == auth.username || @user.email == auth.username
+            return true
+          else
+            return false
+          end
+        rescue
+          return false
+        end
+      end
+
+      def user
+        return @user
+      end
+
+      class Request < Basic::Request
+        def password
+          credentials.last
+        end
+      end
+
+    end
+  end
+end

data/lib/rack/auth/gitlabapi/version.rb

@@ -0,0 +1,5 @@
+module Rack
+  module Auth
+    GITLABAPI_VERSION = '0.2.0'
+  end
+end

metadata

@@ -0,0 +1,76 @@
+--- !ruby/object:Gem::Specification
+name: rack-auth-gitlabapi
+version: !ruby/object:Gem::Version
+  version: 0.2.0
+platform: ruby
+authors:
+- iXmedia
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2018-10-04 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: rack
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '='
+      - !ruby/object:Gem::Version
+        version: 2.0.5
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '='
+      - !ruby/object:Gem::Version
+        version: 2.0.5
+- !ruby/object:Gem::Dependency
+  name: gitlab
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '='
+      - !ruby/object:Gem::Version
+        version: 4.4.0
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '='
+      - !ruby/object:Gem::Version
+        version: 4.4.0
+description: 'rack-auth-gitlabapi : provide GitLab API authentication for Rack middleware'
+email: suivi@ixmedia.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- MIT-LICENSE
+- README.md
+- Rakefile
+- lib/rack/auth/gitlabapi.rb
+- lib/rack/auth/gitlabapi/version.rb
+homepage: https://github.com/ixmedia/rack-auth-gitlabapi
+licenses:
+- MIT
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.7.6
+signing_key: 
+specification_version: 4
+summary: Rack middleware providing GitLab API authentication
+test_files: []