atmos / hancock

An OpenID Provider with an API, written in Sinatra.

This URL has Read+Write access

name age
history
message
file .gitignore Thu Dec 03 17:03:27 -0800 2009 update to datamapper 0.10.x [Corey Donohoe]
file AUTHORS Sat Mar 07 22:37:36 -0800 2009 doc shuffling [atmos]
file Gemfile Thu Dec 03 17:03:27 -0800 2009 update to datamapper 0.10.x [Corey Donohoe]
file LICENSE Sun Mar 01 15:51:26 -0800 2009 tim too [atmos]
file README.md Fri Oct 30 01:50:13 -0700 2009 README tweak [atmos]
file Rakefile Thu Dec 03 17:03:27 -0800 2009 update to datamapper 0.10.x [Corey Donohoe]
directory examples/ Sun Dec 06 16:21:11 -0800 2009 changes required for the client to work for now [Corey Donohoe]
directory features/ Tue Nov 10 15:27:16 -0800 2009 renaming and shuffle a few things [atmos]
file hancock.graffle Tue Nov 10 15:27:16 -0800 2009 renaming and shuffle a few things [atmos]
directory lib/ Sun Dec 06 16:21:11 -0800 2009 changes required for the client to work for now [Corey Donohoe]
directory spec/ Sun Dec 06 16:21:11 -0800 2009 changes required for the client to work for now [Corey Donohoe]
README.md

hancock

It's like your John Hancock for all of your company's apps.

A lot of this is extracted from our internal single sign on server at Engine Yard. We use a different datamapper backend but it should be a great start for most people.

Features

An OpenID based Single Sign On server that provides:

  • a single authoritative source for user authentication
  • a whitelist for consumer applications
  • integration with the big ruby frameworks via rack.
  • configurable sreg parameters to consumers

Your Rackup File

require 'hancock'

DataMapper.setup(:default, "sqlite3:///#{Dir.pwd}/development.db")

class OneLove < Hancock::App
  set :views,  'views'
  set :public, 'public'

  get '/' do
    redirect '/sso/login' unless session['hancock_server_user_id']
    erb :home
  end
end
run OneLove

How it Works

SSO Handshake

This handshake seems kind of complex but it only happens when you need to validate a user session on the consumer.

Testing/Developing Locally

You need the Gem Bundler to function, and you MUST use the files in bin/ for generated gem executables.

% sudo gem install bundler
% gem bundle
% bin/rake

Deployment Setup

You can deploy hancock on any rack compatible setup. You need a database that datamapper can connect to. Generate an example rackup file for yourself based on the example above.

% irb
>> require 'rubygems'
=> false
>> require 'hancock'
=> true
>> DataMapper.setup(:default, "sqlite3:///#{Dir.pwd}/development.db")
=> #<DataMapper::Adapters::Sqlite3Adapter:0x1ae639c ...>
>> DataMapper.auto_migrate!
=> [Hancock::User, Hancock::Consumer]

Consult the datamapper documentation if you need to connect to something other than sqlite. This runs the initial user migration to bootstrap your db.

>> Hancock::Consumer.create(:url => 'http://localhost:3000/sso/login', :label => 'Local Rails Dev', :internal => false)
=> ...
>> Hancock::Consumer.create(:url => 'http://localhost:4000/sso/login', :label => 'Local Merb Dev', :internal => false)
=> ...
>> Hancock::Consumer.create(:url => 'http://localhost:4567/sso/login', :label => 'Local Sinatra Dev', :internal => false)

Here's how you setup most frameworks as consumers. In a production environment you'd lock this down

Feedback

Sponsored By