sinatra_persona 0.0.1

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: c1ba1fe80f2488f91d18942203c55ebe077f9174
+  data.tar.gz: 31bc6216e5469b6606a0837e7c29881e6b715255
+SHA512:
+  metadata.gz: 7dc897d527acf83713bb2a5118a753aa1f287a3cb86d29ae347e05b8ee9a006974957b7c5aec4494fee55c404eb0697ebb736433c6896f9c86473fdfd42fb214
+  data.tar.gz: 7e3b522355335e81ff034bfcd01baeb379c706eeb88fc405b470be03a59e93d2367564e0a39ba3c0b37b4382efa1bc23e64582764c1b6d933fbf1dd596f4821b

data/.gitignore

@@ -0,0 +1,17 @@
+*.gem
+*.rbc
+.bundle
+.config
+.yardoc
+Gemfile.lock
+InstalledFiles
+_yardoc
+coverage
+doc/
+lib/bundler/man
+pkg
+rdoc
+spec/reports
+test/tmp
+test/version_tmp
+tmp

data/Gemfile

@@ -0,0 +1,4 @@
+source 'https://rubygems.org'
+
+# Specify your gem's dependencies in sinatra_persona.gemspec
+gemspec

data/LICENSE.txt

@@ -0,0 +1,22 @@
+Copyright (c) 2014 Colin J. Fuller
+
+MIT License
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -0,0 +1,93 @@
+# SinatraPersona
+
+A Sinatra extension for logging in with [persona](https://persona.org/about) and verifying persona assertions.
+
+## Installation
+
+Add this line to your application's Gemfile:
+
+    gem 'sinatra_persona'
+
+And then execute:
+
+    $ bundle
+
+Or install it yourself as:
+
+    $ gem install sinatra_persona
+
+## Usage
+
+### Include the extension in your app.
+
+For a classic-style app:
+```ruby
+require 'sinatra_persona'
+enable :sessions
+```
+
+For a modular-style app:
+```ruby
+require 'sinatra/base'
+require 'sinatra_persona'
+
+class MyApp < Sinatra::Base
+  enable :sessions
+  register Sinatra::Persona
+  # Application code here
+end
+```
+
+### URL handlers
+
+The extension defines a POST handler at `/auth/perona_verifier` to which the
+assertions to be verified are sent.  You don't need to use this explicitly if
+you use the supplied login button helper and scripts helper.
+
+### Interface
+
+Several helpers are available for interacting with persona:
+
+- `persona` gets the e-mail by which a user has identified or nil if not
+  identified.
+- `persona?` is an alias for `persona` (if you want to use it to check if
+  someone has identified and follow the boolean-with-question-mark convention)
+- `clear_persona!` clears out the persona information from the session. This
+  will require users to log in again.
+- `persona_button` returns a string containing an html button element that will
+  trigger login. This is not styled by default, but has id
+  `persona-login-button` so you can style it however you like.
+- `persona_scripts` returns a string containing html script tags that will
+  include the persona scripts from persona.org, a script to set the click
+  action of the persona button on the page, and jQuery hosted by google.  See
+  the settings section below if don't want to inlcude the default jQuery and
+  instead supply your own self-hosted one.
+
+### Settings
+
+Several optional settings are available via the normal Sinatra settings
+mechanism (i.e. to set setting `foo` to `'value'`, do `set :foo, 'value'` in
+your app.
+
+- `persona_login_button_text`: the text to display on the login button returned
+  by the `persona_button` helper.  Defaults to "Log in with Persona".
+
+- `persona_verifier_uri`: a stdlib URI (not a string) that is a location that
+  verifies persona assertions.  Defaults to
+  "https://verifier.login.persona.org/verify". Make sure this uses https.
+
+- `after_persona_redirect`: a string that is the location to redirect to after
+  verifying the persona assertion.  Defaults to '/'.
+
+- `persona_no_jquery`: set to true if you don't want to use the google-hosted
+  jQuery version.  At the moment, the scripts returned by the `persona_scripts`
+  helper require jQuery, so you'll need to supply your own if you turn this
+  off.
+
+## Contributing
+
+License: MIT.  See LICENSE.txt for the full text.
+
+Pull requests welcome!
+
+

data/Rakefile

@@ -0,0 +1 @@
+require "bundler/gem_tasks"

data/lib/sinatra_persona/js.rb

@@ -0,0 +1,33 @@
+module PersonaJS
+  BUTTON_SCRIPT = <<SCRIPT
+$(function() {
+  $('#persona-login-button').click(function() {
+    navigator.id.get(verifyAssertion);
+  });
+
+  function verifyAssertion(assertion) {
+    $.ajax({
+      type: 'POST',
+      url: '/auth/persona_verifier',
+      data: {assertion: assertion},
+      success: function(res, status, xhr) {window.location.reload();},
+      failure: function(res, status, xhr) {window.location.reload();}
+    });
+  }
+});
+SCRIPT
+
+  def self.scripts_no_jquery
+<<SCRIPTS
+<script type="text/javascript">
+#{BUTTON_SCRIPT}
+</script>
+<script src="https://login.persona.org/include.js"></script>
+SCRIPTS
+  end
+
+  def self.scripts
+    jquery = '<script src="//ajax.googleapis.com/ajax/libs/jquery/2.1.0/jquery.min.js"></script>'
+    jquery + scripts_no_jquery
+  end
+end

data/lib/sinatra_persona/verifier.rb

@@ -0,0 +1,29 @@
+require 'sinatra/base'
+require 'json'
+require 'net/https'
+
+module Persona
+  module Verifier
+
+    DEFAULT_VERIFIER_URI = URI("https://verifier.login.persona.org/verify")
+
+    def self.verify_assertion(assertion, audience, verifier_uri: nil)
+      verifier_uri ||= DEFAULT_VERIFIER_URI
+      Net::HTTP.start(verifier_uri.host, verifier_uri.port, use_ssl: true) do |conn|
+        params = {assertion: assertion, audience: audience}
+        verifier_uri.query = URI.encode_www_form(params)
+        request = Net::HTTP::Post.new verifier_uri
+        response = conn.request request
+        if not response.code == '200' or response.body.nil? then
+          return nil
+        end
+        parsed = JSON.parse response.body
+        if parsed['status'] == 'okay' then
+          parsed['email']
+        else
+          nil
+        end
+      end
+    end
+  end
+end

data/lib/sinatra_persona/version.rb

@@ -0,0 +1,3 @@
+module SinatraPersona
+  VERSION = "0.0.1"
+end

data/lib/sinatra_persona.rb

@@ -0,0 +1,64 @@
+require 'sinatra_persona/version'
+require 'sinatra_persona/verifier'
+require 'sinatra_persona/js'
+require 'sinatra/base'
+
+module Sinatra
+  module Persona
+    def self.registered(app)
+      app.helpers Persona::Helpers
+      app.post '/auth/persona_verifier' do
+        assertion = params[:assertion]
+        audience = request.host_with_port
+        verifier_uri = settings.respond_to? :persona_verifier_uri ? settings.persona_verifier_uri : nil
+        email = ::Persona::Verifier.verify_assertion(assertion, audience)
+        if email.nil?
+          session.delete(:persona)
+        else
+          session[:persona] = email
+        end
+        if session.respond_to? :after_persona_redirect
+          redirect to settings.after_persona_redirect
+        else
+          redirect to '/'
+        end
+      end
+    end
+
+    module Helpers
+
+      DEFAULT_LOGIN_TEXT = "Log in with Persona"
+
+      def persona?
+        session[:persona]
+      end
+      
+      def persona
+        session[:persona]
+      end
+
+      def clear_persona!
+        session[:persona] = nil
+      end
+
+      def persona_button
+        login_text = DEFAULT_LOGIN_TEXT
+        if settings.respond_to? :persona_login_button_text
+          login_text = settings.persona_login_button_text
+        end
+        "<button id='persona-login-button'>Log in with Persona</button>"
+      end
+      
+      def persona_scripts
+        if settings.respond_to? :persona_no_jquery and settings.persona_no_jquery
+          PersonaJS.scripts_no_jquery
+        else
+          PersonaJS.scripts
+        end
+      end
+    end
+  end
+  register Persona
+end
+
+

data/sinatra_persona.gemspec

@@ -0,0 +1,26 @@
+# coding: utf-8
+lib = File.expand_path('../lib', __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require 'sinatra_persona/version'
+
+Gem::Specification.new do |spec|
+  spec.name          = "sinatra_persona"
+  spec.version       = SinatraPersona::VERSION
+  spec.authors       = ["Colin J. Fuller"]
+  spec.email         = ["cjfuller@gmail.com"]
+  spec.summary       = %q{Persona verifier for Sinatra}
+  spec.homepage      = ""
+  spec.license       = "MIT"
+
+  spec.files         = `git ls-files -z`.split("\x0")
+  spec.executables   = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
+  spec.test_files    = spec.files.grep(%r{^(test|spec|features)/})
+  spec.require_paths = ["lib"]
+
+  spec.add_development_dependency "bundler", "~> 1.5"
+  spec.add_development_dependency "rake"
+  spec.add_dependency "haml"
+  spec.add_dependency "sinatra"
+end
+
+

metadata

@@ -0,0 +1,110 @@
+--- !ruby/object:Gem::Specification
+name: sinatra_persona
+version: !ruby/object:Gem::Version
+  version: 0.0.1
+platform: ruby
+authors:
+- Colin J. Fuller
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2014-03-02 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.5'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.5'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: haml
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: sinatra
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+description: 
+email:
+- cjfuller@gmail.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- ".gitignore"
+- Gemfile
+- LICENSE.txt
+- README.md
+- Rakefile
+- lib/sinatra_persona.rb
+- lib/sinatra_persona/js.rb
+- lib/sinatra_persona/verifier.rb
+- lib/sinatra_persona/version.rb
+- sinatra_persona.gemspec
+homepage: ''
+licenses:
+- MIT
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.2.1
+signing_key: 
+specification_version: 4
+summary: Persona verifier for Sinatra
+test_files: []