Skip to content
/ rack-oauth2-provider Public

A rack middleware that authenticates users based on the different profiles of oAuth 2.0 standard (right now it only has the SAML implementation for the AssertionProfile)

rack-oauth2-provider.heroku.com/
12 stars 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

johnnyhalife/rack-oauth2-provider

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

13 Commits
lib
lib
 
 
spec
spec
 
 
.gitignore
.gitignore
 
 
README.rdoc
README.rdoc
 
 
rakefile
rakefile
 
 

Repository files navigation

Rack::OAuth2::Provider, the next-gen oAuth Provider Middleware

Very quick summary of the project: We needed something similar to what .NET Access Control does with WRAP and SWT and created this simple solution.

Besides the one-liner description, Ezequiel and I have been working on establishing a baseline authentication on our applications farm, it’s been pretty cool tough to start implementing the new oAuth 2.0 working draft (available at github.com/theRazorBlade/draft-ietf-oauth).

We started implementing the SAML for SWT profile (AssertionProfile on the draft), with a pretty rough SAML validation (just signature, and others), anyway we will keep updating this project as we move forward implementing the standard.

Compatibility

This projects works perfectly (as the server side) for the project I started back on february (github.com/johnnyhalife/rack-oauth-wrap), the access_token provided is what the other project expects as WRAP access_token=. We will be migrating that project soon (since WRAP has been deprecated)

Limitations

As the current version of the middleware (gem available at gemcutter.org) everything that you would expect to be limited is limited and more limited than you think, but you’re always welcomed to contribute

Usage

First of all, as usual do

[sudo] gem install rack-oauth2-provider –source gemcutter.org

The minimal code you will see below is everything you need to put on a config.ru for racking up and have a relaying party that takes a SAML token and gets you an oAuth 2.0 Simple Web token require ‘sinatra’ require ‘rack/oauth2/assertion_profile’ # this is actually optional, but is being polite with the users get “/” do [405, [], “error=method_not_allowed”] end

use Rack::OAuth2::AssertionProfile, { :shared_secret => base64_encoded_secret, # => base64 encoded secret shared between parties :scope => scope, # => the expected audience of the recieved SAML token :audience => relying_party, # => the URI of the app you will issue the token for :issuer => identifier } # => how this RP will be identified

run Sinatra::Application

Pretty simple, hu?

TODO’s

  • Implement it, seriously

Meta

Written by Ezequiel Morito (e_eusebio14 at hotmail dot com) and Johnny G. Halife (johnny.halife at me dot com)

Released under the ‘do the fuck you want’ license.

github.com/johnnyhalife/rack-oauth2-provider

rack-oauth2-provider.heroku.com

About

A rack middleware that authenticates users based on the different profiles of oAuth 2.0 standard (right now it only has the SAML implementation for the AssertionProfile)

rack-oauth2-provider.heroku.com/

Resources

Readme
Activity

Stars

12 stars

Watchers

4 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Languages