Hadley is rack middleware built on top of the excellent security authentication middleware warden. Hadley enables Rack-based web applications to easily become AFID protected resource servers.
Rails:
-
Add
gem 'hadley'
to your Gemfile -
Run
bundle
from your project root -
Run
touch config/initializers/hadley.rb
from your project root -
Add warden and hadley to your middleware stack by opening
config/initializers/hadlery.rb
in your favorite text editor and adding the following:token_store = Hadley::TokenStore.new(Rails.cache) MyApp::Application.config.middleware.insert_after ActionDispatch::Session::CookieStore, Warden::Manager do |manager| # setup authentication for the afid server to provision and revoke access tokens manager.basic(:server) do |basic| basic.hash_credentials true basic.lookup do |id, secret| [ id, secret ] == [ 'my_hashed_id', 'my_hashed_secret' ] ? id : nil end end # setup authentication for afid clients to authenticate in anonymous mode (client_credentials grant type in OAuth2 # parlance) manager.bearer(:client) do |bearer| bearer.token_store token_store bearer.anonymous_allowed true end # setup authentication for afid clients to access apis on behalf of a particular user (authorization_grant grant # type in OAuth2 parlance) manager.bearer(:user) do |bearer| bearer.token_store token_store bearer.anonymous_allowed false end end MyApp::Application.config.middleware.insert_after Warden::Manager, Hadley::Middleware, token_store: token_store
-
Run
rake middleware
from your project root and verify thatWarden::Manager
appears afterActionDispatch::Session::CookieStore
andHadley::Middleware
appears afterWarden::Manager