sso 0.1.0.alpha2 → 0.1.0.alpha3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (6) hide show
  1. checksums.yaml +4 -4
  2. data/lib/sso/client/warden/hooks/after_fetch.rb +1 -0
  3. data/lib/sso/client.rb +1 -0
  4. data/lib/sso/server.rb +1 -0
  5. data/spec/dummy/config/initializers/warden.rb +10 -0
  6. metadata +1 -1
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: dcd7cedda8e78677b8c5ea0eff1a558659daa1c1
4
- data.tar.gz: 79fe0ceb4869c29d8a1cf886018816e76ca0d616
3
+ metadata.gz: c4a6a80459c2744400e199338c38ffbf615e1eb3
4
+ data.tar.gz: 704b504eeb29a8533990c91ad3dc94690449fba8
5
5
  SHA512:
6
- metadata.gz: 755b13e0c16bc4824e1c2bf33a0adc5a4a5078367ad0efccca69d7efc9295c44909722df80b73ca7d65bbc059f744bcf57715aa731c1d9e49a6df845e6c7957a
7
- data.tar.gz: 5237534c2a282e8fb04cffe903774526c16f347f40b9dff1e3a8f73bd1eefd09fdcb74c922a148516b4bc8a9d9cbe946c037dafd6eea0143e221b2e9ff40a260
6
+ metadata.gz: b6ecb0b90995bfb8752ae003e76686d25686f70814529ce3aa9ddbf81e6c68e3b421173626a6cff9dddd208b40b22a9bd63fc4714361bea749effab9dc9c7ea2
7
+ data.tar.gz: 291961838cee93dbb188b90b2286decacb9290b39bd10a4bf85db80e2c615dfc4f1b98583e8a6a6b8b9c96091c191d7f1176627ebedca21e47929b284b391956
data/lib/sso/client/warden/hooks/after_fetch.rb CHANGED
@@ -126,6 +126,7 @@ module SSO
126
126
  # This will be a hook for e.g. statistics, benchmarking, etc, measure everything
127
127
  end
128
128
 
129
+ # TODO Use ActionDispatch remote IP or you might get the Load Balancer's IP instead :(
129
130
  def ip
130
131
  warden.request.ip
131
132
  end
data/lib/sso/client.rb CHANGED
@@ -2,6 +2,7 @@ require 'httparty'
2
2
  require 'signature'
3
3
  require 'warden'
4
4
 
5
+ require 'sso'
5
6
  require 'sso/client/passport'
6
7
  require 'sso/client/omniauth/strategies/sso'
7
8
  require 'sso/client/warden/hooks/after_fetch'
data/lib/sso/server.rb CHANGED
@@ -6,6 +6,7 @@ require 'omniauth'
6
6
  require 'signature'
7
7
  require 'warden'
8
8
 
9
+ require 'sso'
9
10
  require 'sso/server/errors'
10
11
  require 'sso/server/passport'
11
12
  require 'sso/server/passports'
data/spec/dummy/config/initializers/warden.rb CHANGED
@@ -7,6 +7,16 @@
7
7
  def authenticate!
8
8
  Rails.logger.debug(progname) { 'Authenticating from username and password...' }
9
9
 
10
+ # Note that at this point you might want to log the end-user IP for the attempted login.
11
+ # That's up to you to solve, but remember one thing:
12
+ # If you both have an untrusted OAuth client (iPhone) and a trusted one (Alpha Rails app)
13
+ # and the login at Alpha is performed using the "Resource Owner Password Credentials Grant"
14
+ # Then you will get Alphas IP, but not the end-users IP. So you might have to pass on the
15
+ # end user IP from Alpha via params. But you cannot trust params, since the iPhone Client
16
+ # is not trusted. Thus, in this particular scenario, you cannot blindly trust params['ip']
17
+ # but you'd have to work with the "insider" and "outsider" doorkeeper application scope
18
+ # restrictions much like SSO::Server::Authentications::Passport#ip does.
19
+
10
20
  user = ::User.authenticate params['username'], params['password']
11
21
 
12
22
  if user
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: sso
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.0.alpha2
4
+ version: 0.1.0.alpha3
5
5
  platform: ruby
6
6
  authors:
7
7
  - halo