warden-ory-kratos 0.0.3 → 0.0.4

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 70df75b615a76accfbad8d7cab08f204bca2eaed5770bfab3744434d97ca94d7
-  data.tar.gz: 3b088a8f64a904353ebcd8b688f6871a8751b407c71c1d48c7c41024cb0901b6
+  metadata.gz: 327ba67cccc5fb8923caba02491f6850e5071e08b8daa17a8b49f82f2b930125
+  data.tar.gz: 47ad3267a65ac83fcd6da29925a734de4cf305c7db4f8fa9bec47576a4b78d2f
 SHA512:
-  metadata.gz: 206c7a5b9595b236610b7f3c51a7c3223f039ffb92552386d47ffc74c7b61ffced6e08e8fe07e246c55a9f11bbc6022bbae822efb9d8761c2a672dedee17e950
-  data.tar.gz: 0606a6893ddf0e17c1abdc379a8dfd29e0046f54e5d858fb3b8858581a45ec213d5c8ffbe678f8beae89b2a23e63c52acea432a7c18412e5795703fc39810a4b
+  metadata.gz: cef1d8bde29d189b8c435aaaa5068ac05bc5c25564bdab813d7258f47db38fa16a806b1227933b3478eeb6d7380dbacd668f8f43ed636a3e69168e94f11bbc5b
+  data.tar.gz: 0edbf61a696b308a9ba0a57ecaeda6a089c942630e41a2685bff4920b1106f296d139fb2b064d5ed509339b045d1fd297d1b4f617d4e98755c32678c905a7400

data/README.md

@@ -1,35 +1,110 @@
 # Warden::OryKratos
 
-A module providing Warden authentication strategies that integrate with [Ory Kratos](https://www.ory.sh/kratos/).
+`warden-ory-kratos` is a [Warden](https://github.com/hassox/warden) extension that integrates with [Ory Kratos](https://www.ory.sh/kratos/).
 
-## Module configuration
+[Ory Kratos](https://www.ory.sh/kratos/) is an open-source, API-first identity and user management service.
+
+## Installation
+
+Add this line to your application's Gemfile:
+
+```ruby
+gem 'warden-ory-kratos'
+```
+
+## Usage with Rails Warden
+
+See [RailsWarden](https://github.com/wardencommunity/rails_warden).
+
+### Inject RailsWarden into Rails
+
+Create a new Rails initializer and inject RailsWarden.
+Configure which of the strategies your application will use.
+
+```ruby
+# config/initializers/warden.rb
+require 'rails_warden'
+require 'warden/ory_kratos'
+
+Rails.configuration.middleware.use RailsWarden::Manager do |manager|
+  manager.failure_app = Warden::OryKratos::FailureApps::UnAuthorized
+  manager.default_strategies [:SessionToken, :SessionCookie]
+  # :JWTHeader strategy also available
+end
+```
+
+### Configure Warden::OryKratos
+
+Environment specific configuration for OryKratos.
 
 ```ruby
-# TODO: Add module configuration example here
+# config/environments/development.rb
+Warden::OryKratos.configure do |config|
+  config.kratos_external_api  = 'https://yourhostedproject.projects.oryapis.com'
+  config.logger               = Logger.new(STDOUT)
+  # config.kratos_proxy_jwks    = 'http://localhost:4000/.ory/proxy/jwks.json'
+end
+```
+
+### Add RailsWarden application mixin
+Add the auth mixin to the base controller class of your choosing.
+
+```ruby
+# app/controllers/application_controller.rb
+class ApplicationController < ActionController::Base
+  # Mixins were deprecated on master branch
+  # include RailsWarden::Mixins
+  include RailsWarden::Authentication
+end
+```
+
+### Add auth to the controller
+
+```ruby
+# app/controllers/articles_controller.rb
+class ArticlesController < ApplicationController
+  prepend_before_action :authenticate!
+  def index
+    @articles = Article.all
+  end
+  # ...
+end
 ```
 
 ## Strategies
 
-TODO: Add configuration instructions for each strategy as required. 
+There are three strategies available. When combined, the `:SessionToken`, and `:SessionCookie` strategies make up a "Kratos native" implementation. While the `:JWTHeader` strategy provides compatibility with the Ory cli proxy.
 
 ### SessionCookie Strategy
 
+- Looks for an `ory_session` cookie in the rack request.
+- Makes an external request to Kratos for the user session.
+- Accepts or rejects the request based on the user session information.
+
 ### SessionToken Strategy
 
+- Looks within the rack request for a token in both `Authorization` and `X_Session_Token` headers.
+- Makes an external request to Kratos for the user session.
+- Accepts or rejects the request based on the user session information.
+
 ### JWTHeader Strategy
 
+- Loads the Ory cli proxy's JSON web key set (JWKS).
+- Looks for an `Authorization` header holding a JSON web token (JWT).
+- Uses the JWKS to cryptographically verify the JWT was issued by the Ory cli proxy.
+- Extracts the user session from the valid JWT.
+- Accepts or rejects the request based on the user session information.
+
+## Development
 
-### Example
+### Install development dependencies
+
+```shell
+gem install --dev warden-ory-kratos
+```
 
-### Get Token
+### Run yard documentation server
 
 ```shell
-actionUrl=$(\
-  curl -s -X GET -H "Accept: application/json" \
-    "https://playground.projects.oryapis.com/self-service/login/api" \
-    | jq -r '.ui.action'\
-)
-sessionToken=$(curl -s -X POST -H  "Accept: application/json" -H "Content-Type: application/json" \
-    -d '{"identifier": "bob@example.com", "password": "bobsyouruncle", "method": "password"}' \
-    "$actionUrl" | jq -r '.session_token')
+yard server --reload
 ```

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: warden-ory-kratos
 version: !ruby/object:Gem::Version
-  version: 0.0.3
+  version: 0.0.4
 platform: ruby
 authors:
 - ScoreVision
@@ -9,7 +9,7 @@ authors:
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2022-09-09 00:00:00.000000000 Z
+date: 2022-09-10 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: warden
@@ -95,10 +95,23 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: '0'
+- !ruby/object:Gem::Dependency
+  name: yard
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
 description: Ory Kratos strategies for Warden. Strategies include Kratos native sessions,
   and JWT support for Ory proxy.
 email:
-- support@scorevision.com
 - znorris+gems@gmail.com
 executables: []
 extensions: []