shimmer 0.0.12 → 0.0.13

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: '038bb182d1dad60da8ef884f677bf291baed9ffb2e4a14959cd20e55c43f7ff0'
-  data.tar.gz: d5f6c1489a4b285202c2d93d3c9bfd7e8a5ac4b3a17688452e3315782b694511
+  metadata.gz: aa623a504a48b7e6f3a1c0d4ccf748b2068b8934288094524a8039c52588c384
+  data.tar.gz: 67ccb1224024c812aad171ddca3437c3d130fb1bbf71dc5c9326da143061be1c
 SHA512:
-  metadata.gz: f10bade660c8ef17b62388e7ea9ac5d9b7bf40c658e744a1b9050a70bbabb7e2a360d1d10fdceb6fbffa43a002d94113efb3a794d8c233ad75387840f62d60bd
-  data.tar.gz: fbdba908476796302ef9db666285fe57e39a69ae095374d11291cf2ea43c7bfe3bc1c5a6d74c23f2d46e815806ff6f95fe3b1c594834196d7169fe171b605f8a
+  metadata.gz: 9de1f128d5baafb0c5effb645c59ccecec08b7c7319761802cfb8ed7bbeb55cc01abb9f365f85e0397ceff692e835dc5131683bac01f514619bf1623be831c37
+  data.tar.gz: 856718e8800d539c1c31c9b867768c9db4939fe979019f44e6eebf6203cb1d60f8daca6ce42d3b21cab1027d00106345a531cb28bd912bcdea31028885042803

data/lib/shimmer/auth/apple_provider.rb

@@ -0,0 +1,30 @@
+# frozen_string_literal: true
+
+module Shimmer
+  module Auth
+    class AppleProvider < Provider
+      self.token_column = :apple_id
+
+      private
+
+      def request_details(params)
+        name = params[:user] ? JSON.parse(params[:user])["name"] : {}
+        headers = {
+          'Content-Type': "application/x-www-form-urlencoded"
+        }
+        form = {
+          grant_type: "authorization_code",
+          code: params[:code],
+          client_id: ENV.fetch("APPLE_BUNDLE_ID"),
+          client_secret: ENV.fetch("APPLE_CLIENT_SECRET"),
+          scope: "name email"
+        }
+        response = HTTParty.post("https://appleid.apple.com/auth/token", body: URI.encode_www_form(form), headers: headers)
+        raise InvalidTokenError, "Login check failed: #{response.body}" unless response.ok?
+
+        token = JWT.decode(response["id_token"], nil, false).first
+        UserDetails.new token: token["sub"], email: token["email"], first_name: name["firstName"], last_name: name["lastName"]
+      end
+    end
+  end
+end

data/lib/shimmer/auth/authenticating.rb

@@ -0,0 +1,37 @@
+# frozen_string_literal: true
+
+module Shimmer
+  module Auth
+    module Authenticating
+      extend ActiveSupport::Concern
+
+      included do
+        before_action :authenticate
+        helper_method :current_user
+
+        def require_login
+          redirect_to login_path unless current_user
+        end
+
+        def current_user
+          ::Current.user
+        end
+
+        def login(device:)
+          ::Current.device = device
+          cookies.encrypted[:device_token] = {value: device.token, expires: 2.years.from_now}
+        end
+
+        def logout
+          cookies.delete :device_token
+        end
+
+        private
+
+        def authenticate
+          ::Current.device = cookies.encrypted[:device_token].presence&.then { |e| ::Device.find_by token: e }
+        end
+      end
+    end
+  end
+end

data/lib/shimmer/auth/current.rb

@@ -0,0 +1,15 @@
+# frozen_string_literal: true
+
+module Shimmer
+  module Auth
+    module Current
+      extend ActiveSupport::Concern
+
+      included do
+        attribute :device
+
+        delegate :user, to: :device, allow_nil: true
+      end
+    end
+  end
+end

data/lib/shimmer/auth/dev_provider.rb

@@ -0,0 +1,14 @@
+# frozen_string_literal: true
+
+module Shimmer
+  module Auth
+    class DevProvider < Provider
+      def login(email:, user_agent: nil, ip: nil)
+        user = model.find_or_create_by!(email: email)
+        device = user.devices.create! user_agent: user_agent
+        log_login(user, device_id: device.id, user_agent: user_agent, ip: ip)
+        device
+      end
+    end
+  end
+end

data/lib/shimmer/auth/device.rb

@@ -0,0 +1,23 @@
+# frozen_string_literal: true
+
+module Shimmer
+  module Auth
+    module Device
+      extend ActiveSupport::Concern
+
+      included do
+        has_secure_token
+
+        def name
+          [browser.platform.name, browser.name].join(" ")
+        end
+
+        private
+
+        def browser
+          @browser ||= Browser.new user_agent
+        end
+      end
+    end
+  end
+end

data/lib/shimmer/auth/google_provider.rb

@@ -0,0 +1,16 @@
+# frozen_string_literal: true
+
+module Shimmer
+  module Auth
+    class GoogleProvider < Provider
+      self.token_column = :google_id
+
+      private
+
+      def request_details(params)
+        payload = GoogleIDToken::Validator.new.check(params[:credential], ENV.fetch("GOOGLE_CLIENT_ID"))
+        UserDetails.new token: payload["sub"], email: payload["email"], first_name: payload["given_name"].presence, last_name: payload["family_name"].presence
+      end
+    end
+  end
+end

data/lib/shimmer/auth/user.rb

@@ -0,0 +1,22 @@
+# frozen_string_literal: true
+
+module Shimmer
+  module Auth
+    module User
+      extend ActiveSupport::Concern
+
+      included do
+        def authenticate!(user_agent: nil, ip: nil)
+          Provider.new(self.class).create_device(user: self, user_agent: user_agent, ip: ip)
+        end
+      end
+
+      class_methods do
+        def login!(provider:, **attributes)
+          "Shimmer::Auth::#{provider.to_s.classify}Provider".constantize
+            .new(self).login(**attributes)
+        end
+      end
+    end
+  end
+end

data/lib/shimmer/auth.rb

@@ -0,0 +1,47 @@
+# frozen_string_literal: true
+
+module Shimmer
+  module Auth
+    class Provider
+      class InvalidTokenError < StandardError; end
+      UserDetails = Struct.new(:token, :email, :first_name, :last_name, keyword_init: true)
+      attr_reader :model
+      cattr_accessor :token_column
+
+      def initialize(model)
+        @model = model
+      end
+
+      def login(params:, user_agent: nil, ip: nil)
+        user = fetch_user request_details(params)
+        create_device user: user, user_agent: user_agent, ip: ip
+      end
+
+      def create_device(user:, user_agent: nil, ip: nil)
+        user.devices.create!(user_agent: user_agent).tap do |device|
+          log_login(user, device_id: device.id, user_agent: user_agent, ip: ip)
+        end
+      end
+
+      private
+
+      def log_login(user, device_id:, user_agent: nil, ip: nil)
+        return unless user.respond_to? :publish
+
+        user.publish :login, provider: self.class.name.demodulize.underscore, device_id: device_id, user_agent: user_agent, ip: ip
+      end
+
+      def fetch_user(details)
+        user = model.find_by(token_column => details.token) || model.find_by(email: details.email) || model.new
+        user[token_column] ||= details.token
+        user.email ||= details.email
+        user.first_name ||= details.first_name
+        user.last_name ||= details.last_name
+        user.save! if user.changed?
+        user
+      end
+    end
+  end
+end
+
+Dir["#{File.expand_path("./auth", __dir__)}/*"].sort.each { |e| require e }

data/lib/shimmer/tasks/auth.rake

@@ -0,0 +1,19 @@
+# frozen_string_literal: true
+
+namespace :auth do
+  desc "Generates a Sign in with Apple Token"
+  task :apple_token do
+    ecdsa_key = OpenSSL::PKey::EC.new IO.read ".apple-key.p8"
+    headers = {
+      "kid" => Shimmer::Config.instance.apple_key_id!
+    }
+    claims = {
+      "iss" => Shimmer::Config.instance.apple_team_id!,
+      "iat" => Time.now.to_i,
+      "exp" => 180.days.from_now.to_i,
+      "aud" => "https://appleid.apple.com",
+      "sub" => Shimmer::Config.instance.apple_bundle_id!
+    }
+    puts JWT.encode claims, ecdsa_key, "ES256", headers
+  end
+end

data/lib/shimmer/utils/config.rb

@@ -0,0 +1,33 @@
+# frozen_string_literal: true
+
+module Shimmer
+  class Config
+    include Singleton
+    class MissingConfigError < StandardError; end
+
+    def method_missing(method_name)
+      method_name = method_name.to_s
+      type = :string
+      key = method_name.delete_suffix("!").delete_suffix("?")
+      required = method_name.end_with?("!")
+      type = :bool if method_name.end_with?("?")
+      value = ENV[key.upcase].presence
+      value ||= Rails.application.credentials.send(key)
+      raise MissingConfigError, "#{key.upcase} environment value is missing" if required && value.blank?
+
+      coerce value, type
+    end
+
+    def respond_to_missing?(method_name)
+      true
+    end
+
+    private
+
+    def coerce(value, type)
+      return !value.in?(["n", "0", "no", "false"]) if type == :bool && value.is_a?(String)
+
+      value
+    end
+  end
+end

data/lib/shimmer/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Shimmer
-  VERSION = "0.0.12"
+  VERSION = "0.0.13"
 end

data/lib/shimmer.rb

@@ -6,6 +6,7 @@ Dir["#{File.expand_path("../lib/shimmer/middlewares", __dir__)}/*"].sort.each {
 Dir["#{File.expand_path("../lib/shimmer/controllers", __dir__)}/*"].sort.each { |e| require e }
 Dir["#{File.expand_path("../lib/shimmer/jobs", __dir__)}/*"].sort.each { |e| require e }
 Dir["#{File.expand_path("../lib/shimmer/utils", __dir__)}/*"].sort.each { |e| require e }
+require_relative "shimmer/auth"
 
 module Shimmer
   class Error < StandardError; end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: shimmer
 version: !ruby/object:Gem::Version
-  version: 0.0.12
+  version: 0.0.13
 platform: ruby
 authors:
 - Jens Ravens
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2022-06-08 00:00:00.000000000 Z
+date: 2022-06-16 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rake
@@ -135,13 +135,23 @@ files:
 - bin/solargraph
 - config/rubocop_base.yml
 - lib/shimmer.rb
+- lib/shimmer/auth.rb
+- lib/shimmer/auth/apple_provider.rb
+- lib/shimmer/auth/authenticating.rb
+- lib/shimmer/auth/current.rb
+- lib/shimmer/auth/dev_provider.rb
+- lib/shimmer/auth/device.rb
+- lib/shimmer/auth/google_provider.rb
+- lib/shimmer/auth/user.rb
 - lib/shimmer/controllers/files_controller.rb
 - lib/shimmer/controllers/sitemaps_controller.rb
 - lib/shimmer/jobs/sitemap_job.rb
 - lib/shimmer/middlewares/cloudflare.rb
 - lib/shimmer/railtie.rb
+- lib/shimmer/tasks/auth.rake
 - lib/shimmer/tasks/db.rake
 - lib/shimmer/tasks/lint.rake
+- lib/shimmer/utils/config.rb
 - lib/shimmer/utils/file_helper.rb
 - lib/shimmer/utils/file_proxy.rb
 - lib/shimmer/utils/localizable.rb