lib/sinatra/auth/github.rb in sinatra_auth_github-0.0.16 vs lib/sinatra/auth/github.rb in sinatra_auth_github-0.1.0
- old
+ new
@@ -3,16 +3,22 @@
require 'rest_client'
module Sinatra
module Auth
module Github
- VERSION = "0.0.14"
+ VERSION = "0.1.0"
class BadAuthentication < Sinatra::Base
+ helpers do
+ def unauthorized_template
+ @unauthenticated_template ||= File.read(File.join(File.dirname(__FILE__), "views", "401.html"))
+ end
+ end
+
get '/unauthenticated' do
status 403
- "Unable to authenticate, sorry bud."
+ unauthorized_template
end
end
module Helpers
def warden
@@ -33,38 +39,69 @@
def github_user
warden.user
end
- # API Requests
+ # Send a V3 API GET request to path
+ #
+ # path - the path on api.github.com to hit
+ #
+ # Returns a rest client response object
+ #
+ # Examples
+ # github_raw_request("/user")
+ # # => RestClient::Response
+ def github_raw_request(path)
+ RestClient.get("https://api.github.com/#{path}", :params => { :access_token => github_user.token }, :accept => :json)
+ end
+
+ # Send a V3 API GET request to path and JSON parse the response body
+ #
+ # path - the path on api.github.com to hit
+ #
+ # Returns a parsed JSON response
+ #
+ # Examples
+ # github_raw_request("/user")
+ # # => { 'login' => 'atmos', ... }
def github_request(path)
- response = RestClient.get "https://github.com/api/v2/json/#{path}", :params => { :access_token => github_user.token }, :accept => :json
- JSON.parse(response.body)
+ JSON.parse(github_raw_request(path))
end
- # Access Inquiries
+ # See if the user is a member of the named organization
+ #
+ # name - the organization name
+ #
+ # Returns: true if the uesr has access, false otherwise
def github_organization_access?(name)
- orgs = github_request("user/show/#{github_user.login}/organizations")["organizations"]
- orgs.map { |org| org["login"] }.include?(name)
+ orgs = github_request("orgs/#{name}/members")
+ orgs.map { |org| org["login"] }.include?(github_user.login)
+ rescue RestClient::Unauthorized, RestClient::ResourceNotFound => e
+ false
end
- def github_organization_team_access?(name, team)
- members = github_request("teams/#{team}/members")["users"]
+ # See if the user is a member of the team id
+ #
+ # team_id - the team's id
+ #
+ # Returns: true if the uesr has access, false otherwise
+ def github_team_access?(team_id)
+ members = github_request("teams/#{team_id}/members")
members.map { |user| user["login"] }.include?(github_user.login)
- rescue RestClient::Unauthorized => e
+ rescue RestClient::Unauthorized, RestClient::ResourceNotFound => e
false
end
# Auth only certain individuals
def github_organization_authenticate!(name)
authenticate!
halt([401, "Unauthorized User"]) unless github_organization_access?(name)
end
- def github_organization_team_authenticate!(name, team)
+ def github_team_authenticate!(team_id)
authenticate!
- halt([401, "Unauthorized User"]) unless github_organization_team_access?(name, team)
+ halt([401, "Unauthorized User"]) unless github_team_access?(team_id)
end
def _relative_url_for(path)
request.script_name + path
end
@@ -86,9 +123,13 @@
app.helpers Helpers
app.get '/auth/github/callback' do
authenticate!
redirect _relative_url_for('/')
+ end
+
+ app.get '/_images/securocat.png' do
+ send_file(File.join(File.dirname(__FILE__), "views", "securocat.png"))
end
end
end
end
end