rack-oauth2_utils 0.0.1 → 0.0.3
Sign up to get free protection for your applications and to get access to all the features.
- data/Gemfile +1 -20
- data/README.mkd +42 -34
- data/lib/rack-oauth2_utils/middleware.rb +3 -5
- data/lib/rack-oauth2_utils/oauth_request.rb +1 -1
- data/lib/rack-oauth2_utils/version.rb +1 -1
- data/test/middleware_test.rb +11 -6
- metadata +46 -54
data/Gemfile
CHANGED
|
@@ -1,28 +1,9 @@
|
|
|
1
1
|
source "http://rubygems.org"
|
|
2
2
|
|
|
3
3
|
# Specify your gem's dependencies in rack-oauth2_utils.gemspec
|
|
4
|
-
|
|
5
|
-
|
|
6
|
-
gem 'rack'
|
|
4
|
+
gemspec
|
|
7
5
|
|
|
8
6
|
group :test do
|
|
9
7
|
gem 'minitest'
|
|
10
8
|
gem "rack-test"
|
|
11
9
|
end
|
|
12
|
-
|
|
13
|
-
# use Rack::OAuth2::Access::Middleware, :store => Rack::OAuth2::Access::MemoryStore
|
|
14
|
-
#
|
|
15
|
-
#
|
|
16
|
-
# run App
|
|
17
|
-
#
|
|
18
|
-
# before do
|
|
19
|
-
#
|
|
20
|
-
# end
|
|
21
|
-
#
|
|
22
|
-
# Rack::OAuth2::Access::AppHelpers
|
|
23
|
-
#
|
|
24
|
-
# before do
|
|
25
|
-
# account = Account.find(oauth.identity)
|
|
26
|
-
# end
|
|
27
|
-
#
|
|
28
|
-
# get '/' do
|
data/README.mkd
CHANGED
|
@@ -5,46 +5,54 @@ Simple Rack middleware that catches OAuth2 access tokens and validates identity
|
|
|
5
5
|
This gem only covers the simple use of "using a token". You must implement the authorization and "getting a token" part in your app.
|
|
6
6
|
|
|
7
7
|
## USAGE
|
|
8
|
-
|
|
9
|
-
|
|
10
|
-
|
|
11
|
-
|
|
12
|
-
|
|
13
|
-
|
|
14
|
-
|
|
15
|
-
|
|
16
|
-
end
|
|
17
|
-
|
|
18
|
-
def identity
|
|
19
|
-
requets.env['oauth.identity']
|
|
20
|
-
end
|
|
21
|
-
|
|
22
|
-
def current_account
|
|
23
|
-
Account.find(identity) if authorized?
|
|
24
|
-
end
|
|
25
|
-
|
|
26
|
-
end
|
|
27
|
-
|
|
28
|
-
get '/private' do
|
|
29
|
-
if authorized?
|
|
30
|
-
content_type 'application/json'
|
|
31
|
-
current_account.to_json
|
|
32
|
-
else
|
|
33
|
-
halt 403, 'Access forbidden'
|
|
34
|
-
end
|
|
35
|
-
end
|
|
8
|
+
```ruby
|
|
9
|
+
class API < Sinatra::Base
|
|
10
|
+
|
|
11
|
+
use Rack::OAuth2Utils::Middleware do |access_token|
|
|
12
|
+
AccessToken.find_by_token(access_token).try :account_id
|
|
13
|
+
end
|
|
14
|
+
|
|
15
|
+
helpers do
|
|
36
16
|
|
|
17
|
+
def authorized?
|
|
18
|
+
!!identity
|
|
37
19
|
end
|
|
38
20
|
|
|
39
|
-
|
|
40
|
-
|
|
41
|
-
|
|
21
|
+
def identity
|
|
22
|
+
requets.env['oauth.identity']
|
|
23
|
+
end
|
|
24
|
+
|
|
25
|
+
def current_account
|
|
26
|
+
Account.find(identity) if authorized?
|
|
27
|
+
end
|
|
28
|
+
|
|
29
|
+
end
|
|
30
|
+
|
|
31
|
+
get '/private' do
|
|
32
|
+
if authorized?
|
|
33
|
+
content_type 'application/json'
|
|
34
|
+
current_account.to_json
|
|
35
|
+
else
|
|
36
|
+
halt 403, 'Access forbidden'
|
|
37
|
+
end
|
|
38
|
+
end
|
|
39
|
+
|
|
40
|
+
end
|
|
41
|
+
```
|
|
42
|
+
|
|
43
|
+
Rack::OAuth2Utils::Middleware takes a block with the request's access token. YOu can use it to resolve it to an identity string (ie a user or account id).
|
|
42
44
|
|
|
43
45
|
There is a test store based on PStore (filesystem. Do no use in production):
|
|
44
46
|
|
|
45
|
-
|
|
46
|
-
|
|
47
|
-
|
|
47
|
+
```ruby
|
|
48
|
+
STORE = Rack::OAuth2Utils::TestStore.new('tmp/access_tokens.store')
|
|
49
|
+
|
|
50
|
+
STORE['foobar'] = 'some_identity'
|
|
51
|
+
|
|
52
|
+
use Rack::OAuth2Utils::Middleware do |access_token|
|
|
53
|
+
STORE[access_token]
|
|
54
|
+
end
|
|
55
|
+
```
|
|
48
56
|
|
|
49
57
|
It is up to you how you store tokens and identities.
|
|
50
58
|
|
|
@@ -3,13 +3,11 @@ module Rack
|
|
|
3
3
|
|
|
4
4
|
class Middleware
|
|
5
5
|
|
|
6
|
-
|
|
7
|
-
|
|
8
|
-
def initialize(app, options = {})
|
|
6
|
+
def initialize(app, options = {}, &resolver)
|
|
9
7
|
@app = app
|
|
10
|
-
@store = options[:store] || {}
|
|
11
8
|
@realm = options[:realm]
|
|
12
9
|
@logger = options[:logger]
|
|
10
|
+
@resolver = resolver
|
|
13
11
|
end
|
|
14
12
|
|
|
15
13
|
def call(env)
|
|
@@ -20,7 +18,7 @@ module Rack
|
|
|
20
18
|
return @app.call(env) unless request.oauth?
|
|
21
19
|
|
|
22
20
|
# Fetch identity
|
|
23
|
-
if identity =
|
|
21
|
+
if identity = @resolver.call(request.access_token) # identity found, forward to backend
|
|
24
22
|
env["oauth.identity"] = identity
|
|
25
23
|
logger.info "RO2U: Authorized #{identity}" if logger
|
|
26
24
|
else # invalid token
|
data/test/middleware_test.rb
CHANGED
|
@@ -7,14 +7,19 @@ describe Rack::OAuth2Utils::Middleware do
|
|
|
7
7
|
OK_RESPONSE = [200, {'Content-Type' => 'text/plain'}, ['Hello world']]
|
|
8
8
|
FORBIDDEN_RESPONSE = [403, {'Content-Type' => 'text/plain'}, ['Nono']]
|
|
9
9
|
|
|
10
|
+
IDENTITIES = {
|
|
11
|
+
# token # identity
|
|
12
|
+
'aaaaa' => 'ismasan',
|
|
13
|
+
'bbbbb' => 'sachi'
|
|
14
|
+
}
|
|
15
|
+
|
|
10
16
|
def app
|
|
11
17
|
@app ||= Rack::Builder.new do
|
|
12
18
|
# Simple token / identity store
|
|
13
|
-
use Rack::OAuth2Utils::Middleware
|
|
14
|
-
|
|
15
|
-
|
|
16
|
-
|
|
17
|
-
}
|
|
19
|
+
use Rack::OAuth2Utils::Middleware do |access_token|
|
|
20
|
+
IDENTITIES[access_token]
|
|
21
|
+
end
|
|
22
|
+
|
|
18
23
|
# Public endpoint
|
|
19
24
|
map('/public'){
|
|
20
25
|
run lambda {|env| OK_RESPONSE }
|
|
@@ -122,7 +127,7 @@ describe Rack::OAuth2Utils::Middleware do
|
|
|
122
127
|
end
|
|
123
128
|
|
|
124
129
|
describe 'with valid token as query param' do
|
|
125
|
-
before {get '/private', '
|
|
130
|
+
before {get '/private', 'access_token' => 'aaaaa'}
|
|
126
131
|
|
|
127
132
|
it 'should return 200 Ok' do
|
|
128
133
|
last_response.status.must_equal 200
|
metadata
CHANGED
|
@@ -1,61 +1,57 @@
|
|
|
1
|
-
--- !ruby/object:Gem::Specification
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: rack-oauth2_utils
|
|
3
|
-
version: !ruby/object:Gem::Version
|
|
3
|
+
version: !ruby/object:Gem::Version
|
|
4
|
+
version: 0.0.3
|
|
4
5
|
prerelease:
|
|
5
|
-
version: 0.0.1
|
|
6
6
|
platform: ruby
|
|
7
|
-
authors:
|
|
7
|
+
authors:
|
|
8
8
|
- Ismael Celis
|
|
9
9
|
autorequire:
|
|
10
10
|
bindir: bin
|
|
11
11
|
cert_chain: []
|
|
12
|
-
|
|
13
|
-
|
|
14
|
-
|
|
15
|
-
dependencies:
|
|
16
|
-
- !ruby/object:Gem::Dependency
|
|
12
|
+
date: 2011-12-03 00:00:00.000000000Z
|
|
13
|
+
dependencies:
|
|
14
|
+
- !ruby/object:Gem::Dependency
|
|
17
15
|
name: rack
|
|
18
|
-
|
|
19
|
-
requirement: &id001 !ruby/object:Gem::Requirement
|
|
16
|
+
requirement: &2152747200 !ruby/object:Gem::Requirement
|
|
20
17
|
none: false
|
|
21
|
-
requirements:
|
|
22
|
-
- -
|
|
23
|
-
- !ruby/object:Gem::Version
|
|
18
|
+
requirements:
|
|
19
|
+
- - ! '>='
|
|
20
|
+
- !ruby/object:Gem::Version
|
|
24
21
|
version: 1.2.2
|
|
25
22
|
type: :runtime
|
|
26
|
-
version_requirements: *id001
|
|
27
|
-
- !ruby/object:Gem::Dependency
|
|
28
|
-
name: bundler
|
|
29
23
|
prerelease: false
|
|
30
|
-
|
|
24
|
+
version_requirements: *2152747200
|
|
25
|
+
- !ruby/object:Gem::Dependency
|
|
26
|
+
name: bundler
|
|
27
|
+
requirement: &2152738640 !ruby/object:Gem::Requirement
|
|
31
28
|
none: false
|
|
32
|
-
requirements:
|
|
33
|
-
- -
|
|
34
|
-
- !ruby/object:Gem::Version
|
|
29
|
+
requirements:
|
|
30
|
+
- - ! '>='
|
|
31
|
+
- !ruby/object:Gem::Version
|
|
35
32
|
version: 1.0.0
|
|
36
33
|
type: :development
|
|
37
|
-
version_requirements: *id002
|
|
38
|
-
- !ruby/object:Gem::Dependency
|
|
39
|
-
name: minitest
|
|
40
34
|
prerelease: false
|
|
41
|
-
|
|
35
|
+
version_requirements: *2152738640
|
|
36
|
+
- !ruby/object:Gem::Dependency
|
|
37
|
+
name: minitest
|
|
38
|
+
requirement: &2152737980 !ruby/object:Gem::Requirement
|
|
42
39
|
none: false
|
|
43
|
-
requirements:
|
|
44
|
-
- -
|
|
45
|
-
- !ruby/object:Gem::Version
|
|
46
|
-
version:
|
|
40
|
+
requirements:
|
|
41
|
+
- - ! '>='
|
|
42
|
+
- !ruby/object:Gem::Version
|
|
43
|
+
version: '0'
|
|
47
44
|
type: :development
|
|
48
|
-
|
|
49
|
-
|
|
50
|
-
|
|
45
|
+
prerelease: false
|
|
46
|
+
version_requirements: *2152737980
|
|
47
|
+
description: Simple Rack middleware that catches OAuth2 access tokens and validates
|
|
48
|
+
identity
|
|
49
|
+
email:
|
|
51
50
|
- ismaelct@gmail.com
|
|
52
51
|
executables: []
|
|
53
|
-
|
|
54
52
|
extensions: []
|
|
55
|
-
|
|
56
53
|
extra_rdoc_files: []
|
|
57
|
-
|
|
58
|
-
files:
|
|
54
|
+
files:
|
|
59
55
|
- .gitignore
|
|
60
56
|
- Gemfile
|
|
61
57
|
- README.mkd
|
|
@@ -68,34 +64,30 @@ files:
|
|
|
68
64
|
- rack-oauth2_utils.gemspec
|
|
69
65
|
- test/middleware_test.rb
|
|
70
66
|
- test/test_helper.rb
|
|
71
|
-
|
|
72
|
-
homepage: ""
|
|
67
|
+
homepage: ''
|
|
73
68
|
licenses: []
|
|
74
|
-
|
|
75
69
|
post_install_message:
|
|
76
70
|
rdoc_options: []
|
|
77
|
-
|
|
78
|
-
require_paths:
|
|
71
|
+
require_paths:
|
|
79
72
|
- lib
|
|
80
|
-
required_ruby_version: !ruby/object:Gem::Requirement
|
|
73
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
|
81
74
|
none: false
|
|
82
|
-
requirements:
|
|
83
|
-
- -
|
|
84
|
-
- !ruby/object:Gem::Version
|
|
85
|
-
version:
|
|
86
|
-
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
75
|
+
requirements:
|
|
76
|
+
- - ! '>='
|
|
77
|
+
- !ruby/object:Gem::Version
|
|
78
|
+
version: '0'
|
|
79
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
87
80
|
none: false
|
|
88
|
-
requirements:
|
|
89
|
-
- -
|
|
90
|
-
- !ruby/object:Gem::Version
|
|
91
|
-
version:
|
|
81
|
+
requirements:
|
|
82
|
+
- - ! '>='
|
|
83
|
+
- !ruby/object:Gem::Version
|
|
84
|
+
version: '0'
|
|
92
85
|
requirements: []
|
|
93
|
-
|
|
94
86
|
rubyforge_project: rack-oauth2_utils
|
|
95
|
-
rubygems_version: 1.
|
|
87
|
+
rubygems_version: 1.8.10
|
|
96
88
|
signing_key:
|
|
97
89
|
specification_version: 3
|
|
98
90
|
summary: Middleware for catching OAuth2 access tokens in Rack apps
|
|
99
|
-
test_files:
|
|
91
|
+
test_files:
|
|
100
92
|
- test/middleware_test.rb
|
|
101
93
|
- test/test_helper.rb
|