sinatra_auth_github 0.1.1 → 0.1.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
data/README.md CHANGED
@@ -3,58 +3,56 @@ sinatra_auth_github
3
3
 
4
4
  A sinatra extension that provides oauth authentication to github. Find out more about enabling your application at github's [oauth quickstart](http://gist.github.com/419219).
5
5
 
6
- To test it out on localhost set your callback url to 'http://localhost:9292/auth/github/callback'
6
+ To test it out on localhost set your callback url to 'http://localhost:9393/auth/github/callback'
7
7
 
8
- There's an example app in [spec/app.rb](/atmos/sinatra_auth_github/blob/master/spec/app.rb).
8
+ The gist of this project is to provide a few things easily:
9
+
10
+ * authenticate a user against github's oauth service
11
+ * provide an easy way to make API requests for the authenticated user
12
+ * optionally restrict users to a specific github organization
13
+ * optionally restrict users to a specific github team
14
+
15
+ Installation
16
+ ============
9
17
 
10
- There's a slightly more deployment friendly version [href](http://gist.github.com/421704).
18
+ % gem install sinatra_auth_github
11
19
 
12
- The Extension in Action
13
- =======================
20
+ Running the Example
21
+ ===================
14
22
  % gem install bundler
15
23
  % bundle install
16
- % GITHUB_CLIENT_ID="<from GH>" GITHUB_CLIENT_SECRET="<from GH>" bundle exec shotgun
24
+ % GITHUB_CLIENT_ID="<from GH>" GITHUB_CLIENT_SECRET="<from GH>" bundle exec rackup -p9393
25
+
26
+ There's an example app in [spec/app.rb](/atmos/sinatra_auth_github/blob/master/spec/app.rb).
17
27
 
18
- ```ruby
19
- module Example
20
- class App < Sinatra::Base
21
- enable :sessions
28
+ Example App Functionality
29
+ =========================
22
30
 
23
- set :github_options, {
24
- # GitHub Provided secrets
25
- :secret => ENV['GITHUB_CLIENT_SECRET'],
26
- :client_id => ENV['GITHUB_CLIENT_ID'],
31
+ You can simply authenticate via GitHub by hitting http://localhost:9292
27
32
 
28
- # How much info you need about the user
29
- :scopes => 'user,offline_access',
33
+ You can check organization membership by hitting http://localhost:9292/orgs/github
30
34
 
31
- # restrict access to a members of organization named
32
- :organization => "github",
35
+ You can check team membership by hitting http://localhost:9292/teams/42
33
36
 
34
- # restrict access to specific team on an organization
35
- :team => nil # || 42
36
- }
37
+ All unsuccessful authentication requests get sent to the securocat denied page.
37
38
 
38
- register Sinatra::Auth::Github
39
+ API Requests
40
+ ============
39
41
 
40
- before do
41
- authenticate!
42
- end
42
+ The extension also provides a simple way to do get requests against the
43
+ GitHub API as the authenticated user.
43
44
 
44
- helpers do
45
- def repos
46
- github_request("repos/show/#{github_user.login}")
47
- end
45
+ def repos
46
+ github_request("user/repos")
48
47
  end
49
48
 
50
- get '/' do
51
- "Hello There, #{github_user.name}!#{github_user.token}\n#{repos.inspect}"
52
- end
49
+ There's awesome docs on the v3 API [available here](http://developer.github.com/v3/).
53
50
 
54
- get '/logout' do
55
- logout!
56
- redirect '/'
57
- end
58
- end
59
- end
60
- ```
51
+ Extension Options
52
+ =================
53
+
54
+ * `:scopes` - The OAuth2 scopes you require, [Learn More](http://gist.github.com/419219)
55
+ * `:secret` - The client secret that GitHub provides
56
+ * `:client_id` - The client id that GitHub provides
57
+ * `:failure_app` - A Sinatra::Base class that has a route for `/authenticated`, Useful for overriding the securocat default page.
58
+ * `:callback_url` - The path that GitHub posts back to, defaults to `/auth/github/callback`.
@@ -5,14 +5,17 @@ require 'rest_client'
5
5
  module Sinatra
6
6
  module Auth
7
7
  module Github
8
- VERSION = "0.1.1"
8
+ VERSION = "0.1.2"
9
9
 
10
+ # Simple way to serve an image early in the stack and not get blocked by
11
+ # application level before filters
10
12
  class AccessDenied < Sinatra::Base
11
13
  get '/_images/securocat.png' do
12
14
  send_file(File.join(File.dirname(__FILE__), "views", "securocat.png"))
13
15
  end
14
16
  end
15
17
 
18
+ # The default failure application, this is overridable from the extension config
16
19
  class BadAuthentication < Sinatra::Base
17
20
  helpers do
18
21
  def unauthorized_template
@@ -43,6 +46,9 @@ module Sinatra
43
46
  warden.logout
44
47
  end
45
48
 
49
+ # The authenticated user object
50
+ #
51
+ # Supports a variety of methods, name, full_name, email, etc
46
52
  def github_user
47
53
  warden.user
48
54
  end
@@ -81,7 +87,7 @@ module Sinatra
81
87
  def github_organization_access?(name)
82
88
  orgs = github_request("orgs/#{name}/members")
83
89
  orgs.map { |org| org["login"] }.include?(github_user.login)
84
- rescue RestClient::Unauthorized, RestClient::ResourceNotFound => e
90
+ rescue RestClient::Forbidden, RestClient::Unauthorized, RestClient::ResourceNotFound => e
85
91
  false
86
92
  end
87
93
 
@@ -93,16 +99,25 @@ module Sinatra
93
99
  def github_team_access?(team_id)
94
100
  members = github_request("teams/#{team_id}/members")
95
101
  members.map { |user| user["login"] }.include?(github_user.login)
96
- rescue RestClient::Unauthorized, RestClient::ResourceNotFound => e
102
+ rescue RestClient::Forbidden, RestClient::Unauthorized, RestClient::ResourceNotFound => e
97
103
  false
98
104
  end
99
105
 
100
- # Auth only certain individuals
106
+ # Enforce user membership to the named organization
107
+ #
108
+ # name - the organization to test membership against
109
+ #
110
+ # Returns an execution halt if the user is not a member of the named org
101
111
  def github_organization_authenticate!(name)
102
112
  authenticate!
103
113
  halt([401, "Unauthorized User"]) unless github_organization_access?(name)
104
114
  end
105
115
 
116
+ # Enforce user membership to the team id
117
+ #
118
+ # team_id - the team_id to test membership against
119
+ #
120
+ # Returns an execution halt if the user is not a member of the team
106
121
  def github_team_authenticate!(team_id)
107
122
  authenticate!
108
123
  halt([401, "Unauthorized User"]) unless github_team_access?(team_id)
@@ -120,10 +135,9 @@ module Sinatra
120
135
 
121
136
  manager.failure_app = app.github_options[:failure_app] || BadAuthentication
122
137
 
123
- manager[:github_secret] = app.github_options[:secret]
124
- manager[:github_scopes] = app.github_options[:scopes] || 'email,offline_access'
125
- manager[:github_client_id] = app.github_options[:client_id]
126
- manager[:github_organization] = app.github_options[:organization] || nil
138
+ manager[:github_secret] = app.github_options[:secret] || ENV['GITHUB_CLIENT_SECRET']
139
+ manager[:github_scopes] = app.github_options[:scopes] || 'email,offline_access'
140
+ manager[:github_client_id] = app.github_options[:client_id] || ENV['GITHUB_CLIENT_ID']
127
141
  manager[:github_callback_url] = app.github_options[:callback_url] || '/auth/github/callback'
128
142
  end
129
143
 
@@ -131,9 +145,9 @@ module Sinatra
131
145
 
132
146
  app.get '/auth/github/callback' do
133
147
  authenticate!
134
- redirect _relative_url_for('/')
148
+ return_to = session.delete('return_to') || _relative_url_for('/')
149
+ redirect return_to
135
150
  end
136
-
137
151
  end
138
152
  end
139
153
  end
@@ -3,7 +3,7 @@ $:.push File.expand_path("../lib", __FILE__)
3
3
 
4
4
  Gem::Specification.new do |s|
5
5
  s.name = "sinatra_auth_github"
6
- s.version = "0.1.1"
6
+ s.version = "0.1.2"
7
7
  s.platform = Gem::Platform::RUBY
8
8
  s.authors = ["Corey Donohoe"]
9
9
  s.email = ["atmos@atmos.org"]
@@ -15,7 +15,7 @@ Gem::Specification.new do |s|
15
15
 
16
16
  s.add_dependency "sinatra", "~>1.0"
17
17
  s.add_dependency "rest-client", "~>1.6.1"
18
- s.add_dependency "warden-github", "~>0.1.0"
18
+ s.add_dependency "warden-github", "~>0.1.1"
19
19
 
20
20
  s.add_development_dependency "rake"
21
21
  s.add_development_dependency "rspec", "~>1.3.0"
data/spec/app.rb CHANGED
@@ -35,7 +35,7 @@ module Example
35
35
 
36
36
  get '/logout' do
37
37
  logout!
38
- redirect '/'
38
+ redirect 'https://github.com'
39
39
  end
40
40
  end
41
41
  end
metadata CHANGED
@@ -1,13 +1,13 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: sinatra_auth_github
3
3
  version: !ruby/object:Gem::Version
4
- hash: 25
4
+ hash: 31
5
5
  prerelease:
6
6
  segments:
7
7
  - 0
8
8
  - 1
9
- - 1
10
- version: 0.1.1
9
+ - 2
10
+ version: 0.1.2
11
11
  platform: ruby
12
12
  authors:
13
13
  - Corey Donohoe
@@ -15,7 +15,7 @@ autorequire:
15
15
  bindir: bin
16
16
  cert_chain: []
17
17
 
18
- date: 2011-06-22 00:00:00 -07:00
18
+ date: 2011-06-27 00:00:00 -07:00
19
19
  default_executable:
20
20
  dependencies:
21
21
  - !ruby/object:Gem::Dependency
@@ -57,12 +57,12 @@ dependencies:
57
57
  requirements:
58
58
  - - ~>
59
59
  - !ruby/object:Gem::Version
60
- hash: 27
60
+ hash: 25
61
61
  segments:
62
62
  - 0
63
63
  - 1
64
- - 0
65
- version: 0.1.0
64
+ - 1
65
+ version: 0.1.1
66
66
  type: :runtime
67
67
  version_requirements: *id003
68
68
  - !ruby/object:Gem::Dependency