sso 0.0.2 → 0.1.0.alpha1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/sso.rb +6 -0
- data/spec/dummy/Rakefile +9 -0
- data/spec/dummy/app/assets/javascripts/application.js +13 -0
- data/spec/dummy/app/assets/stylesheets/application.css +15 -0
- data/spec/dummy/app/controllers/application_controller.rb +3 -0
- data/spec/dummy/app/controllers/home_controller.rb +4 -0
- data/spec/dummy/app/controllers/sessions_controller.rb +39 -0
- data/spec/dummy/app/models/user.rb +9 -0
- data/spec/dummy/app/views/home/index.html.erb +0 -0
- data/spec/dummy/app/views/layouts/application.html.erb +14 -0
- data/spec/dummy/app/views/sessions/new.html.erb +10 -0
- data/spec/dummy/bin/bundle +3 -0
- data/spec/dummy/bin/rails +4 -0
- data/spec/dummy/bin/rake +4 -0
- data/spec/dummy/bin/setup +29 -0
- data/spec/dummy/config.ru +4 -0
- data/spec/dummy/config/application.rb +36 -0
- data/spec/dummy/config/boot.rb +4 -0
- data/spec/dummy/config/database.yml +38 -0
- data/spec/dummy/config/environment.rb +5 -0
- data/spec/dummy/config/environments/development.rb +37 -0
- data/spec/dummy/config/environments/test.rb +42 -0
- data/spec/dummy/config/initializers/assets.rb +11 -0
- data/spec/dummy/config/initializers/cookies_serializer.rb +3 -0
- data/spec/dummy/config/initializers/doorkeeper.rb +23 -0
- data/spec/dummy/config/initializers/filter_parameter_logging.rb +4 -0
- data/spec/dummy/config/initializers/secret_token.rb +10 -0
- data/spec/dummy/config/initializers/session_store.rb +3 -0
- data/spec/dummy/config/initializers/sso.rb +37 -0
- data/spec/dummy/config/initializers/warden.rb +29 -0
- data/spec/dummy/config/initializers/wrap_parameters.rb +14 -0
- data/spec/dummy/config/locales/doorkeeper.en.yml +151 -0
- data/spec/dummy/config/locales/en.yml +23 -0
- data/spec/dummy/config/routes.rb +12 -0
- data/spec/dummy/db/migrate/20150302113121_add_users.rb +14 -0
- data/spec/dummy/db/migrate/20150303054803_create_doorkeeper_tables.rb +51 -0
- data/spec/dummy/db/migrate/20150303132931_create_passports_table.rb +38 -0
- data/spec/dummy/db/schema.rb +97 -0
- data/spec/integration/oauth/after_fetch_spec.rb +43 -0
- data/spec/integration/oauth/authorization_code_spec.rb +56 -0
- data/spec/integration/oauth/password_verification_spec.rb +67 -0
- data/spec/lib/sso/logging_spec.rb +39 -0
- data/spec/spec_helper.rb +54 -0
- data/spec/support/factories/doorkeeper/application.rb +21 -0
- data/spec/support/factories/server/passport.rb +10 -0
- data/spec/support/factories/server/user.rb +14 -0
- data/spec/support/sso/test.rb +9 -0
- data/spec/support/sso/test/cookie_stripper.rb +20 -0
- data/spec/support/sso/test/helpers.rb +56 -0
- metadata +283 -17
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 502a677d0dbb1abcd9a531c018bd095e6fa2fe5e
|
4
|
+
data.tar.gz: f7e1c5290d4ea845680b4c82272e391958a36889
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 3c9f9227968a527cd8fb844ee69bacfb92041b10fc47f1937b9a578d79b1b286b83ccdc9a57183173a5637d3e093b81e4ce59a0edd5f61cf60d880264973d719
|
7
|
+
data.tar.gz: 8909701cee344d1cfb73d1e2549816a74cd580ddbd108d87ebf4c9495d9aafc93edd7eecfd66ba5e18919c2a66018636fa02543392fc23ac5c3a6e75521095e0
|
data/lib/sso.rb
ADDED
data/spec/dummy/Rakefile
ADDED
@@ -0,0 +1,13 @@
|
|
1
|
+
// This is a manifest file that'll be compiled into application.js, which will include all the files
|
2
|
+
// listed below.
|
3
|
+
//
|
4
|
+
// Any JavaScript/Coffee file within this directory, lib/assets/javascripts, vendor/assets/javascripts,
|
5
|
+
// or any plugin's vendor/assets/javascripts directory can be referenced here using a relative path.
|
6
|
+
//
|
7
|
+
// It's not advisable to add code directly here, but if you do, it'll appear at the bottom of the
|
8
|
+
// compiled file.
|
9
|
+
//
|
10
|
+
// Read Sprockets README (https://github.com/sstephenson/sprockets#sprockets-directives) for details
|
11
|
+
// about supported directives.
|
12
|
+
//
|
13
|
+
//= require_tree .
|
@@ -0,0 +1,15 @@
|
|
1
|
+
/*
|
2
|
+
* This is a manifest file that'll be compiled into application.css, which will include all the files
|
3
|
+
* listed below.
|
4
|
+
*
|
5
|
+
* Any CSS and SCSS file within this directory, lib/assets/stylesheets, vendor/assets/stylesheets,
|
6
|
+
* or any plugin's vendor/assets/stylesheets directory can be referenced here using a relative path.
|
7
|
+
*
|
8
|
+
* You're free to add application-wide styles to this file and they'll appear at the bottom of the
|
9
|
+
* compiled file so the styles you add here take precedence over styles defined in any styles
|
10
|
+
* defined in the other CSS/SCSS files in this directory. It is generally better to create a new
|
11
|
+
* file per style scope.
|
12
|
+
*
|
13
|
+
*= require_tree .
|
14
|
+
*= require_self
|
15
|
+
*/
|
@@ -0,0 +1,39 @@
|
|
1
|
+
class SessionsController < ApplicationController
|
2
|
+
include ::SSO::Logging
|
3
|
+
delegate :logout, to: :warden
|
4
|
+
|
5
|
+
before_action :not_json, only: [:new]
|
6
|
+
|
7
|
+
# POI
|
8
|
+
def new
|
9
|
+
return_path = env['warden.options'][:attempted_path]
|
10
|
+
debug { "Remembering the return path #{return_path.inspect}" }
|
11
|
+
session[:return_path] = return_path
|
12
|
+
end
|
13
|
+
|
14
|
+
# POI
|
15
|
+
def create
|
16
|
+
warden.authenticate! :password
|
17
|
+
|
18
|
+
if session[:return_path]
|
19
|
+
debug { "Sending tou back to #{session[:return_path]}" }
|
20
|
+
redirect_to session[:return_path]
|
21
|
+
session[:return_path] = nil
|
22
|
+
else
|
23
|
+
debug { "I don't know where you came from, sending you to #{root_url}" }
|
24
|
+
redirect_to root_url
|
25
|
+
end
|
26
|
+
end
|
27
|
+
|
28
|
+
private
|
29
|
+
|
30
|
+
def not_json
|
31
|
+
return unless request.format == :json
|
32
|
+
render status: :unauthorized, json: { status: :error, code: :authentication_failed }
|
33
|
+
end
|
34
|
+
|
35
|
+
def warden
|
36
|
+
request.env['warden']
|
37
|
+
end
|
38
|
+
|
39
|
+
end
|
@@ -0,0 +1,9 @@
|
|
1
|
+
class User < ActiveRecord::Base
|
2
|
+
|
3
|
+
# This is a test implementation only, do not try this at home.
|
4
|
+
def self.authenticate(username, password)
|
5
|
+
Rails.logger.debug('User') { "Checking password of user #{username.inspect}..." }
|
6
|
+
where(email: username, password: password).first
|
7
|
+
end
|
8
|
+
|
9
|
+
end
|
File without changes
|
@@ -0,0 +1,14 @@
|
|
1
|
+
<!DOCTYPE html>
|
2
|
+
<html>
|
3
|
+
<head>
|
4
|
+
<title>Dummy</title>
|
5
|
+
<%= stylesheet_link_tag 'application', media: 'all', 'data-turbolinks-track' => true %>
|
6
|
+
<%= javascript_include_tag 'application', 'data-turbolinks-track' => true %>
|
7
|
+
<%= csrf_meta_tags %>
|
8
|
+
</head>
|
9
|
+
<body>
|
10
|
+
|
11
|
+
<%= yield %>
|
12
|
+
|
13
|
+
</body>
|
14
|
+
</html>
|
data/spec/dummy/bin/rake
ADDED
@@ -0,0 +1,29 @@
|
|
1
|
+
#!/usr/bin/env ruby
|
2
|
+
require 'pathname'
|
3
|
+
|
4
|
+
# path to your application root.
|
5
|
+
APP_ROOT = Pathname.new File.expand_path('../../', __FILE__)
|
6
|
+
|
7
|
+
Dir.chdir APP_ROOT do
|
8
|
+
# This script is a starting point to setup your application.
|
9
|
+
# Add necessary setup steps to this file:
|
10
|
+
|
11
|
+
puts "== Installing dependencies =="
|
12
|
+
system "gem install bundler --conservative"
|
13
|
+
system "bundle check || bundle install"
|
14
|
+
|
15
|
+
# puts "\n== Copying sample files =="
|
16
|
+
# unless File.exist?("config/database.yml")
|
17
|
+
# system "cp config/database.yml.sample config/database.yml"
|
18
|
+
# end
|
19
|
+
|
20
|
+
puts "\n== Preparing database =="
|
21
|
+
system "bin/rake db:setup"
|
22
|
+
|
23
|
+
puts "\n== Removing old logs and tempfiles =="
|
24
|
+
system "rm -f log/*"
|
25
|
+
system "rm -rf tmp/cache"
|
26
|
+
|
27
|
+
puts "\n== Restarting application server =="
|
28
|
+
system "touch tmp/restart.txt"
|
29
|
+
end
|
@@ -0,0 +1,36 @@
|
|
1
|
+
require File.expand_path('../boot', __FILE__)
|
2
|
+
|
3
|
+
require 'active_record/railtie'
|
4
|
+
require 'action_controller/railtie'
|
5
|
+
require 'action_view/railtie'
|
6
|
+
|
7
|
+
Bundler.require(*Rails.groups)
|
8
|
+
|
9
|
+
module Dummy
|
10
|
+
class Application < Rails::Application
|
11
|
+
config.active_record.raise_in_transactional_callbacks = true
|
12
|
+
|
13
|
+
config.log_formatter = proc do |severity, _, progname, message|
|
14
|
+
severity = case severity
|
15
|
+
when 'FATAL' then "\e[#31mFATAL\e[0m"
|
16
|
+
when 'ERROR' then "\e[#31mERROR\e[0m"
|
17
|
+
when 'WARN' then "\e[#33mWARN \e[0m"
|
18
|
+
when 'INFO' then "\e[#32mINFO \e[0m"
|
19
|
+
when 'DEBUG' then "\e[#35mDEBUG\e[0m"
|
20
|
+
else severity
|
21
|
+
end
|
22
|
+
|
23
|
+
"#{severity.ljust 5} \e[34m#{progname || 'Rails'}\e[0m : #{message}\n"
|
24
|
+
end
|
25
|
+
|
26
|
+
# POI
|
27
|
+
config.middleware.insert_after ::ActionDispatch::Flash, '::Warden::Manager' do |manager|
|
28
|
+
manager.failure_app = SessionsController.action :new
|
29
|
+
manager.intercept_401 = false
|
30
|
+
|
31
|
+
manager.serialize_into_session(&:id)
|
32
|
+
manager.serialize_from_session { |id| User.find_by_id(id) }
|
33
|
+
end
|
34
|
+
|
35
|
+
end
|
36
|
+
end
|
@@ -0,0 +1,38 @@
|
|
1
|
+
<%
|
2
|
+
|
3
|
+
endpoint = ENV['SSO_DB_ENDPOINT']
|
4
|
+
database = ENV['SSO_DB_DATABASE']
|
5
|
+
username = ENV['SSO_DB_USERNAME']
|
6
|
+
password = ENV['SSO_DB_PASSWORD']
|
7
|
+
|
8
|
+
if Rails.env.development? && RbConfig::CONFIG['target_vendor'] == 'apple'
|
9
|
+
endpoint ||= '127.0.0.1'
|
10
|
+
database ||= 'sso_development'
|
11
|
+
username ||= ''
|
12
|
+
password ||= ''
|
13
|
+
sslmode = 'disable'
|
14
|
+
|
15
|
+
elsif Rails.env.test?
|
16
|
+
endpoint ||= '127.0.0.1'
|
17
|
+
database ||= 'sso_test'
|
18
|
+
username ||= ''
|
19
|
+
password ||= ''
|
20
|
+
sslmode = 'disable'
|
21
|
+
end
|
22
|
+
|
23
|
+
raise 'You must set SSO_DB_ENDPOINT' unless endpoint.present?
|
24
|
+
raise 'You must set SSO_DB_DATABASE' unless database.present?
|
25
|
+
raise 'You must set SSO_DB_USERNAME' unless username
|
26
|
+
raise 'You must set SSO_DB_PASSWORD' unless password
|
27
|
+
|
28
|
+
%>
|
29
|
+
|
30
|
+
<%= Rails.env %>:
|
31
|
+
adapter: postgresql
|
32
|
+
host: <%= endpoint %>
|
33
|
+
database: <%= database %>
|
34
|
+
username: <%= username %>
|
35
|
+
password: <%= password %>
|
36
|
+
encoding: unicode
|
37
|
+
port: 5432
|
38
|
+
sslmode: <%= sslmode %>
|
@@ -0,0 +1,37 @@
|
|
1
|
+
Rails.application.configure do
|
2
|
+
# Settings specified here will take precedence over those in config/application.rb.
|
3
|
+
|
4
|
+
# In the development environment your application's code is reloaded on
|
5
|
+
# every request. This slows down response time but is perfect for development
|
6
|
+
# since you don't have to restart the web server when you make code changes.
|
7
|
+
config.cache_classes = false
|
8
|
+
|
9
|
+
# Do not eager load code on boot.
|
10
|
+
config.eager_load = false
|
11
|
+
|
12
|
+
# Show full error reports and disable caching.
|
13
|
+
config.consider_all_requests_local = true
|
14
|
+
config.action_controller.perform_caching = false
|
15
|
+
|
16
|
+
# Don't care if the mailer can't send.
|
17
|
+
# config.action_mailer.raise_delivery_errors = false
|
18
|
+
|
19
|
+
# Print deprecation notices to the Rails logger.
|
20
|
+
config.active_support.deprecation = :log
|
21
|
+
|
22
|
+
# Raise an error on page load if there are pending migrations.
|
23
|
+
config.active_record.migration_error = :page_load
|
24
|
+
|
25
|
+
# Debug mode disables concatenation and preprocessing of assets.
|
26
|
+
# This option may cause significant delays in view rendering with a large
|
27
|
+
# number of complex assets.
|
28
|
+
config.assets.debug = true
|
29
|
+
|
30
|
+
# Adds additional error checking when serving assets at runtime.
|
31
|
+
# Checks for improperly declared sprockets dependencies.
|
32
|
+
# Raises helpful error messages.
|
33
|
+
config.assets.raise_runtime_errors = true
|
34
|
+
|
35
|
+
# Raises error for missing translations
|
36
|
+
# config.action_view.raise_on_missing_translations = true
|
37
|
+
end
|
@@ -0,0 +1,42 @@
|
|
1
|
+
Rails.application.configure do
|
2
|
+
# Settings specified here will take precedence over those in config/application.rb.
|
3
|
+
|
4
|
+
# The test environment is used exclusively to run your application's
|
5
|
+
# test suite. You never need to work with it otherwise. Remember that
|
6
|
+
# your test database is "scratch space" for the test suite and is wiped
|
7
|
+
# and recreated between test runs. Don't rely on the data there!
|
8
|
+
config.cache_classes = true
|
9
|
+
|
10
|
+
# Do not eager load code on boot. This avoids loading your whole application
|
11
|
+
# just for the purpose of running a single test. If you are using a tool that
|
12
|
+
# preloads Rails for running tests, you may have to set it to true.
|
13
|
+
config.eager_load = false
|
14
|
+
|
15
|
+
# Configure static file server for tests with Cache-Control for performance.
|
16
|
+
config.serve_static_files = true
|
17
|
+
config.static_cache_control = 'public, max-age=3600'
|
18
|
+
|
19
|
+
# Show full error reports and disable caching.
|
20
|
+
config.consider_all_requests_local = true
|
21
|
+
config.action_controller.perform_caching = false
|
22
|
+
|
23
|
+
# Raise exceptions instead of rendering exception templates.
|
24
|
+
config.action_dispatch.show_exceptions = false
|
25
|
+
|
26
|
+
# Disable request forgery protection in test environment.
|
27
|
+
config.action_controller.allow_forgery_protection = false
|
28
|
+
|
29
|
+
# Tell Action Mailer not to deliver emails to the real world.
|
30
|
+
# The :test delivery method accumulates sent emails in the
|
31
|
+
# ActionMailer::Base.deliveries array.
|
32
|
+
# config.action_mailer.delivery_method = :test
|
33
|
+
|
34
|
+
# Randomize the order test cases are executed.
|
35
|
+
config.active_support.test_order = :random
|
36
|
+
|
37
|
+
# Print deprecation notices to the stderr.
|
38
|
+
config.active_support.deprecation = :stderr
|
39
|
+
|
40
|
+
# Raises error for missing translations
|
41
|
+
# config.action_view.raise_on_missing_translations = true
|
42
|
+
end
|
@@ -0,0 +1,11 @@
|
|
1
|
+
# Be sure to restart your server when you modify this file.
|
2
|
+
|
3
|
+
# Version of your assets, change this if you want to expire all your assets.
|
4
|
+
Rails.application.config.assets.version = '1.0'
|
5
|
+
|
6
|
+
# Add additional assets to the asset load path
|
7
|
+
# Rails.application.config.assets.paths << Emoji.images_path
|
8
|
+
|
9
|
+
# Precompile additional assets.
|
10
|
+
# application.js, application.css, and all non-JS/CSS in app/assets folder are already added.
|
11
|
+
# Rails.application.config.assets.precompile += %w( search.js )
|
@@ -0,0 +1,23 @@
|
|
1
|
+
# POI
|
2
|
+
|
3
|
+
::Doorkeeper.configure do
|
4
|
+
|
5
|
+
orm :active_record
|
6
|
+
|
7
|
+
grant_flows %w(authorization_code password)
|
8
|
+
|
9
|
+
resource_owner_authenticator ::SSO::Server::Doorkeeper::ResourceOwnerAuthenticator.to_proc
|
10
|
+
resource_owner_from_credentials ::SSO::Server::Doorkeeper::ResourceOwnerAuthenticator.to_proc
|
11
|
+
|
12
|
+
default_scopes :outsider
|
13
|
+
optional_scopes :insider
|
14
|
+
|
15
|
+
skip_authorization do
|
16
|
+
true
|
17
|
+
end
|
18
|
+
|
19
|
+
admin_authenticator do
|
20
|
+
nil
|
21
|
+
end
|
22
|
+
|
23
|
+
end
|
@@ -0,0 +1,10 @@
|
|
1
|
+
secret_key_base = ENV['SSO_CONFIG_SECRET_TOKEN'].presence
|
2
|
+
|
3
|
+
if Rails.env.development? || Rails.env.test?
|
4
|
+
dummy_token = '1986c60cc8b4843e5a6426d6ef5e1c031be4f73a10b3c56aa9c0b8d2dc8e1eba385975689ca072f5e884c98d178b3e4fde47aa91a9a16173bfaad766905fb7f5'
|
5
|
+
secret_key_base ||= dummy_token
|
6
|
+
end
|
7
|
+
|
8
|
+
fail 'You must set SSO_CONFIG_SECRET_TOKEN' if secret_key_base.blank?
|
9
|
+
|
10
|
+
Rails.application.config.secret_key_base = secret_key_base
|