warden-ory-kratos 0.0.3 → 0.0.4
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +89 -14
- metadata +16 -3
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 327ba67cccc5fb8923caba02491f6850e5071e08b8daa17a8b49f82f2b930125
|
4
|
+
data.tar.gz: 47ad3267a65ac83fcd6da29925a734de4cf305c7db4f8fa9bec47576a4b78d2f
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: cef1d8bde29d189b8c435aaaa5068ac05bc5c25564bdab813d7258f47db38fa16a806b1227933b3478eeb6d7380dbacd668f8f43ed636a3e69168e94f11bbc5b
|
7
|
+
data.tar.gz: 0edbf61a696b308a9ba0a57ecaeda6a089c942630e41a2685bff4920b1106f296d139fb2b064d5ed509339b045d1fd297d1b4f617d4e98755c32678c905a7400
|
data/README.md
CHANGED
@@ -1,35 +1,110 @@
|
|
1
1
|
# Warden::OryKratos
|
2
2
|
|
3
|
-
|
3
|
+
`warden-ory-kratos` is a [Warden](https://github.com/hassox/warden) extension that integrates with [Ory Kratos](https://www.ory.sh/kratos/).
|
4
4
|
|
5
|
-
|
5
|
+
[Ory Kratos](https://www.ory.sh/kratos/) is an open-source, API-first identity and user management service.
|
6
|
+
|
7
|
+
## Installation
|
8
|
+
|
9
|
+
Add this line to your application's Gemfile:
|
10
|
+
|
11
|
+
```ruby
|
12
|
+
gem 'warden-ory-kratos'
|
13
|
+
```
|
14
|
+
|
15
|
+
## Usage with Rails Warden
|
16
|
+
|
17
|
+
See [RailsWarden](https://github.com/wardencommunity/rails_warden).
|
18
|
+
|
19
|
+
### Inject RailsWarden into Rails
|
20
|
+
|
21
|
+
Create a new Rails initializer and inject RailsWarden.
|
22
|
+
Configure which of the strategies your application will use.
|
23
|
+
|
24
|
+
```ruby
|
25
|
+
# config/initializers/warden.rb
|
26
|
+
require 'rails_warden'
|
27
|
+
require 'warden/ory_kratos'
|
28
|
+
|
29
|
+
Rails.configuration.middleware.use RailsWarden::Manager do |manager|
|
30
|
+
manager.failure_app = Warden::OryKratos::FailureApps::UnAuthorized
|
31
|
+
manager.default_strategies [:SessionToken, :SessionCookie]
|
32
|
+
# :JWTHeader strategy also available
|
33
|
+
end
|
34
|
+
```
|
35
|
+
|
36
|
+
### Configure Warden::OryKratos
|
37
|
+
|
38
|
+
Environment specific configuration for OryKratos.
|
6
39
|
|
7
40
|
```ruby
|
8
|
-
#
|
41
|
+
# config/environments/development.rb
|
42
|
+
Warden::OryKratos.configure do |config|
|
43
|
+
config.kratos_external_api = 'https://yourhostedproject.projects.oryapis.com'
|
44
|
+
config.logger = Logger.new(STDOUT)
|
45
|
+
# config.kratos_proxy_jwks = 'http://localhost:4000/.ory/proxy/jwks.json'
|
46
|
+
end
|
47
|
+
```
|
48
|
+
|
49
|
+
### Add RailsWarden application mixin
|
50
|
+
Add the auth mixin to the base controller class of your choosing.
|
51
|
+
|
52
|
+
```ruby
|
53
|
+
# app/controllers/application_controller.rb
|
54
|
+
class ApplicationController < ActionController::Base
|
55
|
+
# Mixins were deprecated on master branch
|
56
|
+
# include RailsWarden::Mixins
|
57
|
+
include RailsWarden::Authentication
|
58
|
+
end
|
59
|
+
```
|
60
|
+
|
61
|
+
### Add auth to the controller
|
62
|
+
|
63
|
+
```ruby
|
64
|
+
# app/controllers/articles_controller.rb
|
65
|
+
class ArticlesController < ApplicationController
|
66
|
+
prepend_before_action :authenticate!
|
67
|
+
def index
|
68
|
+
@articles = Article.all
|
69
|
+
end
|
70
|
+
# ...
|
71
|
+
end
|
9
72
|
```
|
10
73
|
|
11
74
|
## Strategies
|
12
75
|
|
13
|
-
|
76
|
+
There are three strategies available. When combined, the `:SessionToken`, and `:SessionCookie` strategies make up a "Kratos native" implementation. While the `:JWTHeader` strategy provides compatibility with the Ory cli proxy.
|
14
77
|
|
15
78
|
### SessionCookie Strategy
|
16
79
|
|
80
|
+
- Looks for an `ory_session` cookie in the rack request.
|
81
|
+
- Makes an external request to Kratos for the user session.
|
82
|
+
- Accepts or rejects the request based on the user session information.
|
83
|
+
|
17
84
|
### SessionToken Strategy
|
18
85
|
|
86
|
+
- Looks within the rack request for a token in both `Authorization` and `X_Session_Token` headers.
|
87
|
+
- Makes an external request to Kratos for the user session.
|
88
|
+
- Accepts or rejects the request based on the user session information.
|
89
|
+
|
19
90
|
### JWTHeader Strategy
|
20
91
|
|
92
|
+
- Loads the Ory cli proxy's JSON web key set (JWKS).
|
93
|
+
- Looks for an `Authorization` header holding a JSON web token (JWT).
|
94
|
+
- Uses the JWKS to cryptographically verify the JWT was issued by the Ory cli proxy.
|
95
|
+
- Extracts the user session from the valid JWT.
|
96
|
+
- Accepts or rejects the request based on the user session information.
|
97
|
+
|
98
|
+
## Development
|
21
99
|
|
22
|
-
###
|
100
|
+
### Install development dependencies
|
101
|
+
|
102
|
+
```shell
|
103
|
+
gem install --dev warden-ory-kratos
|
104
|
+
```
|
23
105
|
|
24
|
-
###
|
106
|
+
### Run yard documentation server
|
25
107
|
|
26
108
|
```shell
|
27
|
-
|
28
|
-
curl -s -X GET -H "Accept: application/json" \
|
29
|
-
"https://playground.projects.oryapis.com/self-service/login/api" \
|
30
|
-
| jq -r '.ui.action'\
|
31
|
-
)
|
32
|
-
sessionToken=$(curl -s -X POST -H "Accept: application/json" -H "Content-Type: application/json" \
|
33
|
-
-d '{"identifier": "bob@example.com", "password": "bobsyouruncle", "method": "password"}' \
|
34
|
-
"$actionUrl" | jq -r '.session_token')
|
109
|
+
yard server --reload
|
35
110
|
```
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: warden-ory-kratos
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.0.
|
4
|
+
version: 0.0.4
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- ScoreVision
|
@@ -9,7 +9,7 @@ authors:
|
|
9
9
|
autorequire:
|
10
10
|
bindir: bin
|
11
11
|
cert_chain: []
|
12
|
-
date: 2022-09-
|
12
|
+
date: 2022-09-10 00:00:00.000000000 Z
|
13
13
|
dependencies:
|
14
14
|
- !ruby/object:Gem::Dependency
|
15
15
|
name: warden
|
@@ -95,10 +95,23 @@ dependencies:
|
|
95
95
|
- - ">="
|
96
96
|
- !ruby/object:Gem::Version
|
97
97
|
version: '0'
|
98
|
+
- !ruby/object:Gem::Dependency
|
99
|
+
name: yard
|
100
|
+
requirement: !ruby/object:Gem::Requirement
|
101
|
+
requirements:
|
102
|
+
- - ">="
|
103
|
+
- !ruby/object:Gem::Version
|
104
|
+
version: '0'
|
105
|
+
type: :development
|
106
|
+
prerelease: false
|
107
|
+
version_requirements: !ruby/object:Gem::Requirement
|
108
|
+
requirements:
|
109
|
+
- - ">="
|
110
|
+
- !ruby/object:Gem::Version
|
111
|
+
version: '0'
|
98
112
|
description: Ory Kratos strategies for Warden. Strategies include Kratos native sessions,
|
99
113
|
and JWT support for Ory proxy.
|
100
114
|
email:
|
101
|
-
- support@scorevision.com
|
102
115
|
- znorris+gems@gmail.com
|
103
116
|
executables: []
|
104
117
|
extensions: []
|