rack-oauth2_utils 0.0.1 → 0.0.3

Sign up to get free protection for your applications and to get access to all the features.
data/Gemfile CHANGED
@@ -1,28 +1,9 @@
1
1
  source "http://rubygems.org"
2
2
 
3
3
  # Specify your gem's dependencies in rack-oauth2_utils.gemspec
4
- #gemspec
5
-
6
- gem 'rack'
4
+ gemspec
7
5
 
8
6
  group :test do
9
7
  gem 'minitest'
10
8
  gem "rack-test"
11
9
  end
12
-
13
- # use Rack::OAuth2::Access::Middleware, :store => Rack::OAuth2::Access::MemoryStore
14
- #
15
- #
16
- # run App
17
- #
18
- # before do
19
- #
20
- # end
21
- #
22
- # Rack::OAuth2::Access::AppHelpers
23
- #
24
- # before do
25
- # account = Account.find(oauth.identity)
26
- # end
27
- #
28
- # get '/' do
data/README.mkd CHANGED
@@ -5,46 +5,54 @@ Simple Rack middleware that catches OAuth2 access tokens and validates identity
5
5
  This gem only covers the simple use of "using a token". You must implement the authorization and "getting a token" part in your app.
6
6
 
7
7
  ## USAGE
8
-
9
- class API < Sinatra::Base
10
- use Rack::OAuth2Utils::Middleware, :store => SomeKeyValueStore
11
-
12
- helpers do
13
-
14
- def authorized?
15
- !!identity
16
- end
17
-
18
- def identity
19
- requets.env['oauth.identity']
20
- end
21
-
22
- def current_account
23
- Account.find(identity) if authorized?
24
- end
25
-
26
- end
27
-
28
- get '/private' do
29
- if authorized?
30
- content_type 'application/json'
31
- current_account.to_json
32
- else
33
- halt 403, 'Access forbidden'
34
- end
35
- end
8
+ ```ruby
9
+ class API < Sinatra::Base
10
+
11
+ use Rack::OAuth2Utils::Middleware do |access_token|
12
+ AccessToken.find_by_token(access_token).try :account_id
13
+ end
14
+
15
+ helpers do
36
16
 
17
+ def authorized?
18
+ !!identity
37
19
  end
38
20
 
39
- :store is anything that responds to [], []= and delete. Can be Redis, PStore, some ORM wrapper, etc.
40
-
41
- Store is expected to store access_tokens mapped to some identity string (for example account IDs).
21
+ def identity
22
+ requets.env['oauth.identity']
23
+ end
24
+
25
+ def current_account
26
+ Account.find(identity) if authorized?
27
+ end
28
+
29
+ end
30
+
31
+ get '/private' do
32
+ if authorized?
33
+ content_type 'application/json'
34
+ current_account.to_json
35
+ else
36
+ halt 403, 'Access forbidden'
37
+ end
38
+ end
39
+
40
+ end
41
+ ```
42
+
43
+ Rack::OAuth2Utils::Middleware takes a block with the request's access token. YOu can use it to resolve it to an identity string (ie a user or account id).
42
44
 
43
45
  There is a test store based on PStore (filesystem. Do no use in production):
44
46
 
45
- store = Rack::OAuth2Utils::TestStore.new('tmp/access_tokens.store')
46
-
47
- store['some_access_token'] = 'some_account_id'
47
+ ```ruby
48
+ STORE = Rack::OAuth2Utils::TestStore.new('tmp/access_tokens.store')
49
+
50
+ STORE['foobar'] = 'some_identity'
51
+
52
+ use Rack::OAuth2Utils::Middleware do |access_token|
53
+ STORE[access_token]
54
+ end
55
+ ```
48
56
 
49
57
  It is up to you how you store tokens and identities.
50
58
 
@@ -3,13 +3,11 @@ module Rack
3
3
 
4
4
  class Middleware
5
5
 
6
- attr_reader :store
7
-
8
- def initialize(app, options = {})
6
+ def initialize(app, options = {}, &resolver)
9
7
  @app = app
10
- @store = options[:store] || {}
11
8
  @realm = options[:realm]
12
9
  @logger = options[:logger]
10
+ @resolver = resolver
13
11
  end
14
12
 
15
13
  def call(env)
@@ -20,7 +18,7 @@ module Rack
20
18
  return @app.call(env) unless request.oauth?
21
19
 
22
20
  # Fetch identity
23
- if identity = store[request.access_token] # identity found, forward to backend
21
+ if identity = @resolver.call(request.access_token) # identity found, forward to backend
24
22
  env["oauth.identity"] = identity
25
23
  logger.info "RO2U: Authorized #{identity}" if logger
26
24
  else # invalid token
@@ -22,7 +22,7 @@ module Rack
22
22
  end
23
23
 
24
24
  def authorization_param
25
- @authorization_param ||= self.GET['oauth_token']
25
+ @authorization_param ||= self.GET['access_token']
26
26
  end
27
27
 
28
28
  # True if authentication scheme is OAuth.
@@ -1,5 +1,5 @@
1
1
  module Rack
2
2
  module OAuth2Utils
3
- VERSION = "0.0.1"
3
+ VERSION = "0.0.3"
4
4
  end
5
5
  end
@@ -7,14 +7,19 @@ describe Rack::OAuth2Utils::Middleware do
7
7
  OK_RESPONSE = [200, {'Content-Type' => 'text/plain'}, ['Hello world']]
8
8
  FORBIDDEN_RESPONSE = [403, {'Content-Type' => 'text/plain'}, ['Nono']]
9
9
 
10
+ IDENTITIES = {
11
+ # token # identity
12
+ 'aaaaa' => 'ismasan',
13
+ 'bbbbb' => 'sachi'
14
+ }
15
+
10
16
  def app
11
17
  @app ||= Rack::Builder.new do
12
18
  # Simple token / identity store
13
- use Rack::OAuth2Utils::Middleware, :store => {
14
- # token # identity
15
- 'aaaaa' => 'ismasan',
16
- 'bbbbb' => 'sachi'
17
- }
19
+ use Rack::OAuth2Utils::Middleware do |access_token|
20
+ IDENTITIES[access_token]
21
+ end
22
+
18
23
  # Public endpoint
19
24
  map('/public'){
20
25
  run lambda {|env| OK_RESPONSE }
@@ -122,7 +127,7 @@ describe Rack::OAuth2Utils::Middleware do
122
127
  end
123
128
 
124
129
  describe 'with valid token as query param' do
125
- before {get '/private', 'oauth_token' => 'aaaaa'}
130
+ before {get '/private', 'access_token' => 'aaaaa'}
126
131
 
127
132
  it 'should return 200 Ok' do
128
133
  last_response.status.must_equal 200
metadata CHANGED
@@ -1,61 +1,57 @@
1
- --- !ruby/object:Gem::Specification
1
+ --- !ruby/object:Gem::Specification
2
2
  name: rack-oauth2_utils
3
- version: !ruby/object:Gem::Version
3
+ version: !ruby/object:Gem::Version
4
+ version: 0.0.3
4
5
  prerelease:
5
- version: 0.0.1
6
6
  platform: ruby
7
- authors:
7
+ authors:
8
8
  - Ismael Celis
9
9
  autorequire:
10
10
  bindir: bin
11
11
  cert_chain: []
12
-
13
- date: 2011-07-07 00:00:00 +01:00
14
- default_executable:
15
- dependencies:
16
- - !ruby/object:Gem::Dependency
12
+ date: 2011-12-03 00:00:00.000000000Z
13
+ dependencies:
14
+ - !ruby/object:Gem::Dependency
17
15
  name: rack
18
- prerelease: false
19
- requirement: &id001 !ruby/object:Gem::Requirement
16
+ requirement: &2152747200 !ruby/object:Gem::Requirement
20
17
  none: false
21
- requirements:
22
- - - ">="
23
- - !ruby/object:Gem::Version
18
+ requirements:
19
+ - - ! '>='
20
+ - !ruby/object:Gem::Version
24
21
  version: 1.2.2
25
22
  type: :runtime
26
- version_requirements: *id001
27
- - !ruby/object:Gem::Dependency
28
- name: bundler
29
23
  prerelease: false
30
- requirement: &id002 !ruby/object:Gem::Requirement
24
+ version_requirements: *2152747200
25
+ - !ruby/object:Gem::Dependency
26
+ name: bundler
27
+ requirement: &2152738640 !ruby/object:Gem::Requirement
31
28
  none: false
32
- requirements:
33
- - - ">="
34
- - !ruby/object:Gem::Version
29
+ requirements:
30
+ - - ! '>='
31
+ - !ruby/object:Gem::Version
35
32
  version: 1.0.0
36
33
  type: :development
37
- version_requirements: *id002
38
- - !ruby/object:Gem::Dependency
39
- name: minitest
40
34
  prerelease: false
41
- requirement: &id003 !ruby/object:Gem::Requirement
35
+ version_requirements: *2152738640
36
+ - !ruby/object:Gem::Dependency
37
+ name: minitest
38
+ requirement: &2152737980 !ruby/object:Gem::Requirement
42
39
  none: false
43
- requirements:
44
- - - ">="
45
- - !ruby/object:Gem::Version
46
- version: "0"
40
+ requirements:
41
+ - - ! '>='
42
+ - !ruby/object:Gem::Version
43
+ version: '0'
47
44
  type: :development
48
- version_requirements: *id003
49
- description: Simple Rack middleware that catches OAuth2 access tokens and validates identity
50
- email:
45
+ prerelease: false
46
+ version_requirements: *2152737980
47
+ description: Simple Rack middleware that catches OAuth2 access tokens and validates
48
+ identity
49
+ email:
51
50
  - ismaelct@gmail.com
52
51
  executables: []
53
-
54
52
  extensions: []
55
-
56
53
  extra_rdoc_files: []
57
-
58
- files:
54
+ files:
59
55
  - .gitignore
60
56
  - Gemfile
61
57
  - README.mkd
@@ -68,34 +64,30 @@ files:
68
64
  - rack-oauth2_utils.gemspec
69
65
  - test/middleware_test.rb
70
66
  - test/test_helper.rb
71
- has_rdoc: true
72
- homepage: ""
67
+ homepage: ''
73
68
  licenses: []
74
-
75
69
  post_install_message:
76
70
  rdoc_options: []
77
-
78
- require_paths:
71
+ require_paths:
79
72
  - lib
80
- required_ruby_version: !ruby/object:Gem::Requirement
73
+ required_ruby_version: !ruby/object:Gem::Requirement
81
74
  none: false
82
- requirements:
83
- - - ">="
84
- - !ruby/object:Gem::Version
85
- version: "0"
86
- required_rubygems_version: !ruby/object:Gem::Requirement
75
+ requirements:
76
+ - - ! '>='
77
+ - !ruby/object:Gem::Version
78
+ version: '0'
79
+ required_rubygems_version: !ruby/object:Gem::Requirement
87
80
  none: false
88
- requirements:
89
- - - ">="
90
- - !ruby/object:Gem::Version
91
- version: "0"
81
+ requirements:
82
+ - - ! '>='
83
+ - !ruby/object:Gem::Version
84
+ version: '0'
92
85
  requirements: []
93
-
94
86
  rubyforge_project: rack-oauth2_utils
95
- rubygems_version: 1.6.2
87
+ rubygems_version: 1.8.10
96
88
  signing_key:
97
89
  specification_version: 3
98
90
  summary: Middleware for catching OAuth2 access tokens in Rack apps
99
- test_files:
91
+ test_files:
100
92
  - test/middleware_test.rb
101
93
  - test/test_helper.rb