Permalink
Browse files

Add oauth2 test app

The oauth2 service will not be installed in any
dev or staging environments yet, so the app is
only needed by the people testing it explicitly.

Change-Id: Ibab8926ae1e4a6c1cb24b20ba386c5ffdff3d492
  • Loading branch information...
dsyer committed Nov 14, 2012
1 parent e13b8fa commit 9d6eb68abb7108f401e1a4056f872a686cb81bea
Showing with 199 additions and 0 deletions.
  1. +2 −0 .gitignore
  2. +10 −0 sinatra/oauth2_app/Gemfile
  3. +71 −0 sinatra/oauth2_app/Gemfile.lock
  4. +116 −0 sinatra/oauth2_app/app.rb
View
@@ -5,3 +5,5 @@ dist
.project
.settings
*~
+\#*\#
+.#*
View
@@ -0,0 +1,10 @@
+source :rubygems
+
+gem "sinatra"
+gem "rest-client"
+gem "yajl-ruby"
+gem "thin"
+gem 'cf-uaa-client', :git => 'git://github.com/cloudfoundry/uaa.git', :ref => '1.2.5'
+gem 'omniauth-uaa-oauth2', :git => 'git://github.com/cloudfoundry/omniauth-uaa-oauth2.git', :ref => 'd9f725091'
+
+
@@ -0,0 +1,71 @@
+GIT
+ remote: git://github.com/cloudfoundry/omniauth-uaa-oauth2.git
+ revision: d9f725091eff8e514396df54598a60f49b37dd56
+ ref: d9f725091
+ specs:
+ omniauth-uaa-oauth2 (0.0.1)
+ cf-uaa-client
+ cf-uaa-client (~> 1.2)
+ omniauth (~> 1.0)
+
+GIT
+ remote: git://github.com/cloudfoundry/uaa.git
+ revision: 5427095904b814605b765f1b78787f51972a10c5
+ ref: 1.2.5
+ specs:
+ cf-uaa-client (1.2.5)
+ em-http-request (>= 1.0.0.beta.3)
+ eventmachine
+ highline
+ launchy
+ rest-client
+ yajl-ruby
+
+GEM
+ remote: http://rubygems.org/
+ specs:
+ addressable (2.3.2)
+ daemons (1.1.9)
+ em-http-request (1.0.0.beta.3)
+ addressable (>= 2.2.3)
+ em-socksify
+ eventmachine
+ http_parser.rb (>= 0.5.1)
+ em-socksify (0.1.0)
+ eventmachine
+ eventmachine (0.12.10)
+ hashie (1.2.0)
+ highline (1.6.15)
+ http_parser.rb (0.5.3)
+ launchy (2.1.2)
+ addressable (~> 2.3)
+ mime-types (1.19)
+ omniauth (1.1.1)
+ hashie (~> 1.2)
+ rack
+ rack (1.4.1)
+ rack-protection (1.2.0)
+ rack
+ rest-client (1.6.7)
+ mime-types (>= 1.16)
+ sinatra (1.3.2)
+ rack (~> 1.3, >= 1.3.6)
+ rack-protection (~> 1.2)
+ tilt (~> 1.3, >= 1.3.3)
+ thin (1.3.1)
+ daemons (>= 1.0.9)
+ eventmachine (>= 0.12.6)
+ rack (>= 1.0.0)
+ tilt (1.3.3)
+ yajl-ruby (1.1.0)
+
+PLATFORMS
+ ruby
+
+DEPENDENCIES
+ cf-uaa-client!
+ omniauth-uaa-oauth2!
+ rest-client
+ sinatra
+ thin
+ yajl-ruby
View
@@ -0,0 +1,116 @@
+require 'sinatra'
+require 'base64'
+require 'yajl'
+require 'omniauth-uaa-oauth2'
+require 'restclient'
+
+enable :sessions
+
+config = {}
+
+config = {:token_server_url => "http://localhost:8080/uaa",
+:cloud_controller => "http://localhost:8080/api", :client_id => "app",
+:client_secret => "appclientsecret"}
+
+SERVICE_LABEL = 'oauth2-1.0'.to_sym
+services = JSON.parse(ENV['VCAP_SERVICES']||"{}", :symbolize_keys=>true)
+if services[SERVICE_LABEL] && services[SERVICE_LABEL].length>0
+ config.merge!(services[SERVICE_LABEL][0][:credentials])
+ config[:cloud_controller] = config[:auth_server_url].sub(/\/\/[^.]*\./,"//api.") if config[:auth_server_url]
+end
+
+puts "Config: #{config.inspect}"
+
+# URL of the uaa token server
+config[:token_server_url] = ENV['UAA_TOKEN_SERVER'] if ENV['UAA_TOKEN_SERVER']
+# URL of the uaa login (SSO) server
+config[:auth_server_url] = ENV['UAA_LOGIN_SERVER'] if ENV['UAA_LOGIN_SERVER']
+config[:auth_server_url] ||= config[:token_server_url]
+# URL of the cloud_controller
+config[:cloud_controller] = ENV['CLOUD_CONTROLLER_SERVER'] if ENV['CLOUD_CONTROLLER_SERVER']
+# CLIENT_ID
+config[:client_id] = ENV['CLIENT_ID'] if ENV['CLIENT_ID']
+# CLIENT_SECRET
+config[:client_secret] = ENV['CLIENT_SECRET'] if ENV['CLIENT_SECRET']
+
+puts "Services: #{services.inspect}"
+puts "Config: #{config.inspect}"
+
+use OmniAuth::Builder do
+ provider :cloudfoundry, config[:client_id], config[:client_secret], {:auth_server_url => config[:auth_server_url], :token_server_url => config[:token_server_url]}
+end
+
+before do
+ unprotected = ['/auth/cloudfoundry/callback', '/logout']
+ if !unprotected.include?(request.path_info) then
+ redirect '/auth/cloudfoundry' unless session[:auth]
+ end
+end
+
+get '/' do
+ <<-HTML
+<html>
+<body>
+ <h1>Sample Home Page</h1>
+ <p>Welcome #{session[:user]["name"]}</p>
+ <ul>
+ <li><a href="/apps">Apps</a></li>
+ <li><a href="/logout">Logout</a></li>
+ <li><a href="/">Home</a></li>
+ </ul>
+ <h3>Technical Information</h3>
+ <p>Your principal object is....: #{session[:user].to_hash}</p>
+ <p>Your authentication is....: #{session[:auth].to_hash}</p>
+</body>
+</html>
+ HTML
+end
+
+get '/apps' do
+ token = session[:auth][:credentials][:token]
+ apps = JSON.parse(RestClient.get("#{config[:cloud_controller]}/apps", :authorization=>"#{token}"), :symbolize_keys=>true)
+ tree = ""
+ apps.each do |app|
+ body = ""
+ app.each do |k,v|
+ body << "<li>#{k}: #{v}</li>"
+ end
+ tree << "<li>#{app[:name]}<ul>#{body}</ul></li>"
+ end
+ <<-HTML
+<html>
+<body>
+<h1>Your Apps</h1>
+ <ul>
+ <li><a href="/">Home</a></li>
+ </ul>
+Your Apps:
+ <ul id="tree" class="treeview">#{tree}</ul>
+</body>
+</html>
+ HTML
+end
+
+get '/logout' do
+ session.delete(:auth)
+ <<-HTML
+<html>
+<body>
+ <h1>Logged Out</h1>
+ <ul>
+ <li><a href="#{config[:auth_server_url]}/logout.do?redirect=#{url('logout')}">Logout</a> of Cloud Foundry</li>
+ <li><a href="/">Home</a></li>
+ </ul>
+</body>
+</html>
+ HTML
+end
+
+get '/auth/cloudfoundry/callback' do
+ auth = request.env['omniauth.auth']
+ session[:auth] = auth
+ token = auth[:credentials][:token]
+ session[:user] = auth[:info]
+ status, headers, body = call env.merge("PATH_INFO" => '/')
+ [status, headers, body]
+end

0 comments on commit 9d6eb68

Please sign in to comment.