sinatra_auth_github 0.0.16 → 0.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/.gitignore +2 -0
- data/lib/sinatra/auth/github.rb +54 -13
- data/lib/sinatra/auth/views/401.html +10 -0
- data/lib/sinatra/auth/views/securocat.png +0 -0
- data/sinatra_auth_github.gemspec +2 -2
- data/spec/app.rb +9 -23
- metadata +9 -7
data/.gitignore
CHANGED
data/lib/sinatra/auth/github.rb
CHANGED
|
@@ -5,12 +5,18 @@ require 'rest_client'
|
|
|
5
5
|
module Sinatra
|
|
6
6
|
module Auth
|
|
7
7
|
module Github
|
|
8
|
-
VERSION = "0.0
|
|
8
|
+
VERSION = "0.1.0"
|
|
9
9
|
|
|
10
10
|
class BadAuthentication < Sinatra::Base
|
|
11
|
+
helpers do
|
|
12
|
+
def unauthorized_template
|
|
13
|
+
@unauthenticated_template ||= File.read(File.join(File.dirname(__FILE__), "views", "401.html"))
|
|
14
|
+
end
|
|
15
|
+
end
|
|
16
|
+
|
|
11
17
|
get '/unauthenticated' do
|
|
12
18
|
status 403
|
|
13
|
-
|
|
19
|
+
unauthorized_template
|
|
14
20
|
end
|
|
15
21
|
end
|
|
16
22
|
|
|
@@ -35,22 +41,53 @@ module Sinatra
|
|
|
35
41
|
warden.user
|
|
36
42
|
end
|
|
37
43
|
|
|
38
|
-
# API
|
|
44
|
+
# Send a V3 API GET request to path
|
|
45
|
+
#
|
|
46
|
+
# path - the path on api.github.com to hit
|
|
47
|
+
#
|
|
48
|
+
# Returns a rest client response object
|
|
49
|
+
#
|
|
50
|
+
# Examples
|
|
51
|
+
# github_raw_request("/user")
|
|
52
|
+
# # => RestClient::Response
|
|
53
|
+
def github_raw_request(path)
|
|
54
|
+
RestClient.get("https://api.github.com/#{path}", :params => { :access_token => github_user.token }, :accept => :json)
|
|
55
|
+
end
|
|
56
|
+
|
|
57
|
+
# Send a V3 API GET request to path and JSON parse the response body
|
|
58
|
+
#
|
|
59
|
+
# path - the path on api.github.com to hit
|
|
60
|
+
#
|
|
61
|
+
# Returns a parsed JSON response
|
|
62
|
+
#
|
|
63
|
+
# Examples
|
|
64
|
+
# github_raw_request("/user")
|
|
65
|
+
# # => { 'login' => 'atmos', ... }
|
|
39
66
|
def github_request(path)
|
|
40
|
-
|
|
41
|
-
JSON.parse(response.body)
|
|
67
|
+
JSON.parse(github_raw_request(path))
|
|
42
68
|
end
|
|
43
69
|
|
|
44
|
-
#
|
|
70
|
+
# See if the user is a member of the named organization
|
|
71
|
+
#
|
|
72
|
+
# name - the organization name
|
|
73
|
+
#
|
|
74
|
+
# Returns: true if the uesr has access, false otherwise
|
|
45
75
|
def github_organization_access?(name)
|
|
46
|
-
orgs = github_request("
|
|
47
|
-
orgs.map { |org| org["login"] }.include?(
|
|
76
|
+
orgs = github_request("orgs/#{name}/members")
|
|
77
|
+
orgs.map { |org| org["login"] }.include?(github_user.login)
|
|
78
|
+
rescue RestClient::Unauthorized, RestClient::ResourceNotFound => e
|
|
79
|
+
false
|
|
48
80
|
end
|
|
49
81
|
|
|
50
|
-
|
|
51
|
-
|
|
82
|
+
# See if the user is a member of the team id
|
|
83
|
+
#
|
|
84
|
+
# team_id - the team's id
|
|
85
|
+
#
|
|
86
|
+
# Returns: true if the uesr has access, false otherwise
|
|
87
|
+
def github_team_access?(team_id)
|
|
88
|
+
members = github_request("teams/#{team_id}/members")
|
|
52
89
|
members.map { |user| user["login"] }.include?(github_user.login)
|
|
53
|
-
rescue RestClient::Unauthorized => e
|
|
90
|
+
rescue RestClient::Unauthorized, RestClient::ResourceNotFound => e
|
|
54
91
|
false
|
|
55
92
|
end
|
|
56
93
|
|
|
@@ -60,9 +97,9 @@ module Sinatra
|
|
|
60
97
|
halt([401, "Unauthorized User"]) unless github_organization_access?(name)
|
|
61
98
|
end
|
|
62
99
|
|
|
63
|
-
def
|
|
100
|
+
def github_team_authenticate!(team_id)
|
|
64
101
|
authenticate!
|
|
65
|
-
halt([401, "Unauthorized User"]) unless
|
|
102
|
+
halt([401, "Unauthorized User"]) unless github_team_access?(team_id)
|
|
66
103
|
end
|
|
67
104
|
|
|
68
105
|
def _relative_url_for(path)
|
|
@@ -89,6 +126,10 @@ module Sinatra
|
|
|
89
126
|
authenticate!
|
|
90
127
|
redirect _relative_url_for('/')
|
|
91
128
|
end
|
|
129
|
+
|
|
130
|
+
app.get '/_images/securocat.png' do
|
|
131
|
+
send_file(File.join(File.dirname(__FILE__), "views", "securocat.png"))
|
|
132
|
+
end
|
|
92
133
|
end
|
|
93
134
|
end
|
|
94
135
|
end
|
|
Binary file
|
data/sinatra_auth_github.gemspec
CHANGED
|
@@ -3,7 +3,7 @@ $:.push File.expand_path("../lib", __FILE__)
|
|
|
3
3
|
|
|
4
4
|
Gem::Specification.new do |s|
|
|
5
5
|
s.name = "sinatra_auth_github"
|
|
6
|
-
s.version = "0.0
|
|
6
|
+
s.version = "0.1.0"
|
|
7
7
|
s.platform = Gem::Platform::RUBY
|
|
8
8
|
s.authors = ["Corey Donohoe"]
|
|
9
9
|
s.email = ["atmos@atmos.org"]
|
|
@@ -15,7 +15,7 @@ Gem::Specification.new do |s|
|
|
|
15
15
|
|
|
16
16
|
s.add_dependency "sinatra", "~>1.0"
|
|
17
17
|
s.add_dependency "rest-client", "~>1.6.1"
|
|
18
|
-
s.add_dependency "warden-github", "~>0.0
|
|
18
|
+
s.add_dependency "warden-github", "~>0.1.0"
|
|
19
19
|
|
|
20
20
|
s.add_development_dependency "rake"
|
|
21
21
|
s.add_development_dependency "rspec", "~>1.3.0"
|
data/spec/app.rb
CHANGED
|
@@ -4,31 +4,17 @@ module Example
|
|
|
4
4
|
class App < Sinatra::Base
|
|
5
5
|
enable :sessions
|
|
6
6
|
|
|
7
|
-
set
|
|
8
|
-
|
|
9
|
-
:
|
|
10
|
-
:
|
|
11
|
-
|
|
12
|
-
# How much info you need about the user
|
|
13
|
-
:scopes => 'user,offline_access,repo',
|
|
14
|
-
|
|
15
|
-
# restrict access to a members of organization named
|
|
16
|
-
:organization => "github",
|
|
17
|
-
|
|
18
|
-
# restrict access to specific team on an organization
|
|
19
|
-
:team => nil # || 42
|
|
20
|
-
}
|
|
7
|
+
set :github_options, {
|
|
8
|
+
:secret => ENV['GITHUB_CLIENT_SECRET'],
|
|
9
|
+
:client_id => ENV['GITHUB_CLIENT_ID'],
|
|
10
|
+
:scopes => 'user,offline_access,repo' # repo is need for org auth :\
|
|
11
|
+
}
|
|
21
12
|
|
|
22
13
|
register Sinatra::Auth::Github
|
|
23
14
|
|
|
24
|
-
before do
|
|
25
|
-
# authenticate!
|
|
26
|
-
# halt([401, "Unauthorized User"]) unless github_organization_member?
|
|
27
|
-
end
|
|
28
|
-
|
|
29
15
|
helpers do
|
|
30
16
|
def repos
|
|
31
|
-
github_request("repos
|
|
17
|
+
github_request("user/repos")
|
|
32
18
|
end
|
|
33
19
|
end
|
|
34
20
|
|
|
@@ -42,9 +28,9 @@ module Example
|
|
|
42
28
|
"Hello There, #{github_user.name}! You have access to the #{params['id']} organization."
|
|
43
29
|
end
|
|
44
30
|
|
|
45
|
-
get '/
|
|
46
|
-
|
|
47
|
-
"Hello There, #{github_user.name}! You have access to the #{params['id']} team
|
|
31
|
+
get '/teams/:id' do
|
|
32
|
+
github_team_authenticate!(params['id'])
|
|
33
|
+
"Hello There, #{github_user.name}! You have access to the #{params['id']} team."
|
|
48
34
|
end
|
|
49
35
|
|
|
50
36
|
get '/logout' do
|
metadata
CHANGED
|
@@ -1,13 +1,13 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: sinatra_auth_github
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
hash:
|
|
4
|
+
hash: 27
|
|
5
5
|
prerelease:
|
|
6
6
|
segments:
|
|
7
7
|
- 0
|
|
8
|
+
- 1
|
|
8
9
|
- 0
|
|
9
|
-
|
|
10
|
-
version: 0.0.16
|
|
10
|
+
version: 0.1.0
|
|
11
11
|
platform: ruby
|
|
12
12
|
authors:
|
|
13
13
|
- Corey Donohoe
|
|
@@ -15,7 +15,7 @@ autorequire:
|
|
|
15
15
|
bindir: bin
|
|
16
16
|
cert_chain: []
|
|
17
17
|
|
|
18
|
-
date: 2011-
|
|
18
|
+
date: 2011-06-22 00:00:00 -07:00
|
|
19
19
|
default_executable:
|
|
20
20
|
dependencies:
|
|
21
21
|
- !ruby/object:Gem::Dependency
|
|
@@ -57,12 +57,12 @@ dependencies:
|
|
|
57
57
|
requirements:
|
|
58
58
|
- - ~>
|
|
59
59
|
- !ruby/object:Gem::Version
|
|
60
|
-
hash:
|
|
60
|
+
hash: 27
|
|
61
61
|
segments:
|
|
62
62
|
- 0
|
|
63
|
+
- 1
|
|
63
64
|
- 0
|
|
64
|
-
|
|
65
|
-
version: 0.0.9
|
|
65
|
+
version: 0.1.0
|
|
66
66
|
type: :runtime
|
|
67
67
|
version_requirements: *id003
|
|
68
68
|
- !ruby/object:Gem::Dependency
|
|
@@ -187,6 +187,8 @@ files:
|
|
|
187
187
|
- Rakefile
|
|
188
188
|
- config.ru
|
|
189
189
|
- lib/sinatra/auth/github.rb
|
|
190
|
+
- lib/sinatra/auth/views/401.html
|
|
191
|
+
- lib/sinatra/auth/views/securocat.png
|
|
190
192
|
- lib/sinatra_auth_github.rb
|
|
191
193
|
- sinatra_auth_github.gemspec
|
|
192
194
|
- spec/app.rb
|