Skip to content
This repository

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP

rack middleware that enables rack applications as afid resource servers

branch: master

Fetching latest commit…

Octocat-spinner-32-eaf2f5

Cannot retrieve the latest commit at this time

Octocat-spinner-32 lib
Octocat-spinner-32 .gitignore
Octocat-spinner-32 .yardopts
Octocat-spinner-32 Gemfile
Octocat-spinner-32 LICENSE.txt
Octocat-spinner-32 README.rdoc
Octocat-spinner-32 Rakefile
Octocat-spinner-32 config.ru
Octocat-spinner-32 hadley.gemspec
README.rdoc

Welcome to Hadley

Hadley is rack middleware built on top of the excellent security authentication middleware warden. Hadley enables Rack-based web applications to easily become AFID protected resource servers.

Getting Started

Rails:

  1. Add gem 'hadley' to your Gemfile

  2. Run bundle from your project root

  3. Run touch config/initializers/hadley.rb from your project root

  4. Add warden and hadley to your middleware stack by opening config/initializers/hadlery.rb in your favorite text editor and adding the following:

    token_store = Hadley::TokenStore.new(Rails.cache)
    
    MyApp::Application.config.middleware.insert_after ActionDispatch::Session::CookieStore, Warden::Manager do |manager|
      # setup authentication for the afid server to provision and revoke access tokens
      manager.basic(:server) do |basic|
        basic.hash_credentials true
        basic.lookup do |id, secret|
          [ id, secret ] == [ 'my_hashed_id', 'my_hashed_secret' ] ? id : nil
        end
      end
      # setup authentication for afid clients to authenticate in anonymous mode (client_credentials grant type in OAuth2 
      # parlance)
      manager.bearer(:client) do |bearer|
        bearer.token_store token_store
        bearer.anonymous_allowed true
      end
      # setup authentication for afid clients to access apis on behalf of a particular user (authorization_grant grant 
      # type in OAuth2 parlance)
      manager.bearer(:user) do |bearer|
        bearer.token_store token_store
        bearer.anonymous_allowed false
      end
    end
    
    MyApp::Application.config.middleware.insert_after Warden::Manager, Hadley::Middleware, token_store: token_store
  5. Run rake middleware from your project root and verify that Warden::Manager appears after ActionDispatch::Session::CookieStore and Hadley::Middleware appears after Warden::Manager

Something went wrong with that request. Please try again.