secretkeeper 0.1.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 84593075dabb8014b00ac2efb375f56c5fdbc7db
+  data.tar.gz: 9bf59fb59e734f7c4bbe77b93bbe4e8d991475ca
+SHA512:
+  metadata.gz: ce4af121133d3dd16483d845f601f769259528aee732d71101973dc06f73b4c9dde33c088ac9939df7bad2903b57331c5bc5fc3d950be34cfbb71ca49e9dde63
+  data.tar.gz: bb5a2be005753e563a499b46c0ba81792035c53cb1c06b07127381a80dae13e46dddf0ecfc1ac39273966d794d6fc6aaf808306838065032da71f89f8ecf0631

data/MIT-LICENSE

@@ -0,0 +1,20 @@
+Copyright 2017 Igor
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -0,0 +1,30 @@
+# Secretkeeper
+Short description and motivation.
+
+## Usage
+How to use my plugin.
+
+## Installation
+Add this line to your application's Gemfile:
+
+```ruby
+gem 'secretkeeper'
+```
+
+And then execute:
+```bash
+$ bundle
+```
+
+Or install it yourself as:
+```bash
+$ gem install secretkeeper
+```
+
+Run the installation generator with:
+```bash
+rails generate secretkeeper:install
+```
+
+## License
+The gem is available as open source under the terms of the [MIT License](http://opensource.org/licenses/MIT).

data/Rakefile

@@ -0,0 +1,41 @@
+require "bundler/setup"
+require "rspec/core/rake_task"
+
+# begin
+#   require 'bundler/setup'
+# rescue LoadError
+#   puts 'You must `gem install bundler` and `bundle install` to run rake tasks'
+# end
+
+# require 'rdoc/task'
+
+# RDoc::Task.new(:rdoc) do |rdoc|
+#   rdoc.rdoc_dir = 'rdoc'
+#   rdoc.title    = 'Secretkeeper'
+#   rdoc.options << '--line-numbers'
+#   rdoc.rdoc_files.include('README.md')
+#   rdoc.rdoc_files.include('lib/**/*.rb')
+# end
+
+
+
+
+
+
+# require 'bundler/gem_tasks'
+
+# require 'rake/testtask'
+
+# Rake::TestTask.new(:test) do |t|
+#   t.libs << 'test'
+#   t.pattern = 'test/**/*_test.rb'
+#   t.verbose = false
+# end
+
+desc "Default: run specs."
+task default: :spec
+
+desc "Run all specs"
+RSpec::Core::RakeTask.new(:spec) do |config|
+  config.verbose = false
+end

data/app/controllers/secretkeeper/auth_controller.rb

@@ -0,0 +1,41 @@
+module Secretkeeper
+  class AuthController < ActionController::Metal
+    include AbstractController::Rendering
+    include ActionController::Rendering
+    include ActionController::Renderers
+    include ActionController::Head
+
+    use_renderers :json
+
+    def create_token
+      resource_owner = Secretkeeper.reflection_resource_owner.call(params)
+      if resource_owner.present?
+        access_token = Secretkeeper::AccessToken.create(owner: resource_owner)
+        render json: {
+          access_token: access_token.token,
+          expires_in: access_token.expires_in,
+          refresh_token: access_token.refresh_token,
+          created_at: access_token.created_at.to_i
+        }, status: 201
+      else
+        head 401
+      end
+    end
+
+    def refresh_token
+      token = Secretkeeper::AccessToken.find_by(refresh_token: params[:refresh_token])
+      if token.present? && token.refreshable?
+        token.revoke!
+        new_token = Secretkeeper::AccessToken.create(owner: token.owner)
+        render json: {
+          access_token: new_token.token,
+          expires_in: new_token.expires_in,
+          refresh_token: new_token.refresh_token,
+          created_at: DateTime.now.to_i
+        }
+      else
+        head 403
+      end
+    end
+  end
+end

data/lib/generators/secretkeeper/install_generator.rb

@@ -0,0 +1,28 @@
+require "rails/generators/active_record"
+
+class Secretkeeper::InstallGenerator < ::Rails::Generators::Base
+  include Rails::Generators::Migration
+
+  source_root File.expand_path("../templates", __FILE__)
+
+  def install
+    copy_file "initializer.rb", "config/initializers/secretkeeper.rb"
+    migration_template(
+      "migration.rb",
+      "db/migrate/create_secretkeeper_tables.rb",
+      migration_version: migration_version
+    )
+    route "secretkeeper"
+  end
+
+  def self.next_migration_number(dirname)
+    next_migration_number = current_migration_number(dirname) + 1
+    ActiveRecord::Migration.next_migration_number(next_migration_number)
+  end
+
+  def migration_version
+    if Rails.version >= "5.0.0"
+      "[#{Rails::VERSION::MAJOR}.#{Rails::VERSION::MINOR}]"
+    end
+  end
+end

data/lib/generators/secretkeeper/templates/initializer.rb

@@ -0,0 +1,9 @@
+Secretkeeper.configure do |config|
+  config.access_token_expires_in = 12.hours
+end
+
+Secretkeeper.reflect do |on|
+  on.resource_owner do |params|
+    User.authenticate!(params[:name], params[:password])
+  end
+end

data/lib/generators/secretkeeper/templates/migration.rb

@@ -0,0 +1,12 @@
+class CreateSecretkeeperTables < ActiveRecord::Migration<%= migration_version %>
+  def change
+    create_table :secretkeeper_access_tokens do |t|
+      t.references :owner, polymorphic: true, index: true
+      t.string     :token, null: false, index: true, unique: true
+      t.string     :refresh_token, null: false, index: true, unique: true
+      t.integer    :expires_in
+      t.datetime   :revoked_at
+      t.timestamps null: false
+    end
+  end
+end

data/lib/secretkeeper/access_token.rb

@@ -0,0 +1,43 @@
+module Secretkeeper
+  class AccessToken < ::ActiveRecord::Base
+    self.table_name = "secretkeeper_access_tokens"
+    belongs_to :owner, polymorphic: true
+
+    def initialize(attributes = {})
+      access_token, refresh_token, expires_in = nil
+      loop do
+        access_token = AccessToken.generate
+        refresh_token = AccessToken.generate
+        break unless AccessToken.exists?(token: access_token, refresh_token: refresh_token)
+      end
+      expires_in = Secretkeeper.configuration.access_token_expires_in
+      super((attributes || {}).merge({
+        token: access_token, refresh_token: refresh_token, expires_in: expires_in
+      }))
+    end
+
+    def revoke!
+      revoked_at.nil? && update_attribute(:revoked_at, DateTime.now)
+    end
+
+    def accessible?
+      !revoked? && !expired?
+    end
+
+    def revoked?
+      revoked_at.present?
+    end
+
+    def expired?
+      created_at + expires_in.seconds <= DateTime.now
+    end
+
+    def refreshable?
+      !revoked?
+    end
+
+    def self.generate
+      SecureRandom.hex(32)
+    end
+  end
+end

data/lib/secretkeeper/config.rb

@@ -0,0 +1,30 @@
+module Secretkeeper
+  class << self
+    attr_accessor :configuration
+    attr_accessor :reflection_resource_owner
+  end
+
+  def self.configuration
+    @configuration ||= Configuration.new
+  end
+
+  def self.configure
+    yield(configuration)
+  end
+
+  def self.reflect(&block)
+    class_eval(&block)
+  end
+
+  def self.resource_owner(&block)
+    @reflection_resource_owner = block
+  end
+
+  class Configuration
+    attr_accessor :access_token_expires_in
+
+    def initialize
+      @access_token_expires_in = 1.hour
+    end
+  end
+end

data/lib/secretkeeper/engine.rb

@@ -0,0 +1,11 @@
+require "secretkeeper/rails/helpers"
+
+module Secretkeeper
+  class Engine < ::Rails::Engine
+    initializer "secretkeeper.controller_helpers" do
+      ActiveSupport.on_load(:action_controller) do
+        include Secretkeeper::Rails::Helpers
+      end
+    end
+  end
+end

data/lib/secretkeeper/rails/helpers.rb

@@ -0,0 +1,19 @@
+module Secretkeeper
+  module Rails
+    module Helpers
+      extend ActiveSupport::Concern
+
+      def secretkeeper_authorize!
+        header = request.headers["Authorization"]
+        if header && header.start_with?("Bearer ")
+          token = Secretkeeper::AccessToken.find_by(token: header[7..-1])
+          if token.present? && token.accessible?
+            @resource_owner = token.owner
+            return true 
+          end
+        end
+        head 401
+      end
+    end
+  end
+end

data/lib/secretkeeper/rails/router.rb

@@ -0,0 +1,14 @@
+module ActionDispatch
+  module Routing
+    class Mapper
+      def secretkeeper
+        resources :auth, module: "secretkeeper", only: [] do
+          collection do
+            post :create_token
+            post :refresh_token
+          end
+        end
+      end
+    end
+  end
+end

data/lib/secretkeeper/version.rb

@@ -0,0 +1,3 @@
+module Secretkeeper
+  VERSION = '0.1.0'
+end

data/lib/secretkeeper.rb

@@ -0,0 +1,4 @@
+require "secretkeeper/config"
+require "secretkeeper/access_token"
+require "secretkeeper/engine"
+require "secretkeeper/rails/router"

metadata

@@ -0,0 +1,128 @@
+--- !ruby/object:Gem::Specification
+name: secretkeeper
+version: !ruby/object:Gem::Version
+  version: 0.1.0
+platform: ruby
+authors:
+- Igor Korepanov
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2017-11-13 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: rails
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '4'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '4'
+- !ruby/object:Gem::Dependency
+  name: rspec-rails
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.6'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.6'
+- !ruby/object:Gem::Dependency
+  name: rspec-activemodel-mocks
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.0'
+- !ruby/object:Gem::Dependency
+  name: factory_girl_rails
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '4.8'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '4.8'
+- !ruby/object:Gem::Dependency
+  name: generator_spec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.9.4
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.9.4
+description: 
+email:
+- secretkeeper.gem@gmail.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- MIT-LICENSE
+- README.md
+- Rakefile
+- app/controllers/secretkeeper/auth_controller.rb
+- lib/generators/secretkeeper/install_generator.rb
+- lib/generators/secretkeeper/templates/initializer.rb
+- lib/generators/secretkeeper/templates/migration.rb
+- lib/secretkeeper.rb
+- lib/secretkeeper/access_token.rb
+- lib/secretkeeper/config.rb
+- lib/secretkeeper/engine.rb
+- lib/secretkeeper/rails/helpers.rb
+- lib/secretkeeper/rails/router.rb
+- lib/secretkeeper/version.rb
+homepage: https://github.com/igorkorepanov/secretkeeper
+licenses:
+- MIT
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.6.14
+signing_key: 
+specification_version: 4
+summary: Token based authentication
+test_files: []