Skip to content
warden strategy for google apps federated login
Ruby
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Failed to load latest commit information.
lib
spec
.gitignore
Gemfile
LICENSE
README.md
Rakefile
warden-googleapps.gemspec

README.md

warden-googleapps

A Warden middleware for google apps. It needs a little work but definitely authenticates you just fine in Rack apps.

Example

Gemfile

source :gemcutter

gem 'haml',                '~>2.2.0'
gem 'warden-googleapps',    '=0.0.3'

group :development do
  gem 'shotgun'
end

app.rb

module DirectoryAdmin
  class App < Sinatra::Default
    disable :show_errors
    disable :show_exceptions

    use Warden::Manager do |manager|
      manager.default_strategies :google_apps
      manager.failure_app = BadAuthentication

      manager[:google_apps_domain]   = 'example.org'
      # manager[:google_apps_endpoint]      = 'http://www.google.com/accounts/o8/id' # this is gmail
      # manager[:google_apps_redirect_url]  = 'http://example.org/verify_url' # endpoint where google apps redirects to after successful authentication
    end

    helpers do
      def ensure_authenticated
        unless env['warden'].authenticate!
          throw(:warden)
        end
      end

      def user
        env['warden'].user
      end
    end

    get '/' do
      ensure_authenticated
      haml "%h2= 'Hello There, #{user.full_name}!'"
    end

    get '/logout' do
      env['warden'].logout
      haml "%h2= 'Peace!'"
    end
  end

  class BadAuthentication < Sinatra::Default
    get '/unauthenticated' do
      status 403
      haml "%h3= 'Unable to authenticate, sorry bud.'"
    end
  end
end

Enabling on GMail

It should just work, even for localhost.

Also checkout sinatra-auth-gmail.

Enabling on Google Apps for Domains

Be sure you have Federated Login using OpenID enabled under your Advanced Settings Tab

Your Google Apps Admin Dashboard

Developing

% gem install bundler
% bundle install
% bundle exec rake repackage
Something went wrong with that request. Please try again.