sso 0.1.0.alpha2 → 0.1.0.alpha3

Sign up to get free protection for your applications and to get access to all the features.
Files changed (6) hide show
  1. checksums.yaml +4 -4
  2. data/lib/sso/client/warden/hooks/after_fetch.rb +1 -0
  3. data/lib/sso/client.rb +1 -0
  4. data/lib/sso/server.rb +1 -0
  5. data/spec/dummy/config/initializers/warden.rb +10 -0
  6. metadata +1 -1
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: dcd7cedda8e78677b8c5ea0eff1a558659daa1c1
4
- data.tar.gz: 79fe0ceb4869c29d8a1cf886018816e76ca0d616
3
+ metadata.gz: c4a6a80459c2744400e199338c38ffbf615e1eb3
4
+ data.tar.gz: 704b504eeb29a8533990c91ad3dc94690449fba8
5
5
  SHA512:
6
- metadata.gz: 755b13e0c16bc4824e1c2bf33a0adc5a4a5078367ad0efccca69d7efc9295c44909722df80b73ca7d65bbc059f744bcf57715aa731c1d9e49a6df845e6c7957a
7
- data.tar.gz: 5237534c2a282e8fb04cffe903774526c16f347f40b9dff1e3a8f73bd1eefd09fdcb74c922a148516b4bc8a9d9cbe946c037dafd6eea0143e221b2e9ff40a260
6
+ metadata.gz: b6ecb0b90995bfb8752ae003e76686d25686f70814529ce3aa9ddbf81e6c68e3b421173626a6cff9dddd208b40b22a9bd63fc4714361bea749effab9dc9c7ea2
7
+ data.tar.gz: 291961838cee93dbb188b90b2286decacb9290b39bd10a4bf85db80e2c615dfc4f1b98583e8a6a6b8b9c96091c191d7f1176627ebedca21e47929b284b391956
data/lib/sso/client/warden/hooks/after_fetch.rb CHANGED
@@ -126,6 +126,7 @@ module SSO
126
126
  # This will be a hook for e.g. statistics, benchmarking, etc, measure everything
127
127
  end
128
128
 
129
+ # TODO Use ActionDispatch remote IP or you might get the Load Balancer's IP instead :(
129
130
  def ip
130
131
  warden.request.ip
131
132
  end
data/lib/sso/client.rb CHANGED
@@ -2,6 +2,7 @@ require 'httparty'
2
2
  require 'signature'
3
3
  require 'warden'
4
4
 
5
+ require 'sso'
5
6
  require 'sso/client/passport'
6
7
  require 'sso/client/omniauth/strategies/sso'
7
8
  require 'sso/client/warden/hooks/after_fetch'
data/lib/sso/server.rb CHANGED
@@ -6,6 +6,7 @@ require 'omniauth'
6
6
  require 'signature'
7
7
  require 'warden'
8
8
 
9
+ require 'sso'
9
10
  require 'sso/server/errors'
10
11
  require 'sso/server/passport'
11
12
  require 'sso/server/passports'
data/spec/dummy/config/initializers/warden.rb CHANGED
@@ -7,6 +7,16 @@
7
7
  def authenticate!
8
8
  Rails.logger.debug(progname) { 'Authenticating from username and password...' }
9
9
 
10
+ # Note that at this point you might want to log the end-user IP for the attempted login.
11
+ # That's up to you to solve, but remember one thing:
12
+ # If you both have an untrusted OAuth client (iPhone) and a trusted one (Alpha Rails app)
13
+ # and the login at Alpha is performed using the "Resource Owner Password Credentials Grant"
14
+ # Then you will get Alphas IP, but not the end-users IP. So you might have to pass on the
15
+ # end user IP from Alpha via params. But you cannot trust params, since the iPhone Client
16
+ # is not trusted. Thus, in this particular scenario, you cannot blindly trust params['ip']
17
+ # but you'd have to work with the "insider" and "outsider" doorkeeper application scope
18
+ # restrictions much like SSO::Server::Authentications::Passport#ip does.
19
+
10
20
  user = ::User.authenticate params['username'], params['password']
11
21
 
12
22
  if user
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: sso
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.0.alpha2
4
+ version: 0.1.0.alpha3
5
5
  platform: ruby
6
6
  authors:
7
7
  - halo