Skip to content
This repository has been archived by the owner on Nov 25, 2018. It is now read-only.

Latest commit

 

History

History
96 lines (67 loc) · 3.29 KB

README.md

File metadata and controls

96 lines (67 loc) · 3.29 KB

Boulangerie

Gem Version Build Status Code Climate Coverage Status MIT licensed

Boulangerie is a Ruby gem for building authorization systems using Macaroons, a better kind of cookie.

This gem provides an opinionated, high-level interface designed to simplify integration of Macaroons into any authorization scenario.

What are Macaroons and why should I care?

Macaroons are a new cookie-like bearer credential format originally developed at Google, then popularized by the HyperDex project, which uses Macaroons for authorization.

They can be seen as a simpler yet more powerful alternative to other bearer credential formats like JWT. Unlike most other bearer credential formats, Macaroons bind credentials obtained by multiple parties together cryptographically, allowing authorization decisions to be made by many parties (3+) while eliminating the types of attacks that are typically uses against other credential formats in these scenarios.

Installation

Add this line to your application's Gemfile:

gem "boulangerie"

And then execute:

$ bundle

Or install it yourself as:

$ gem install boulangerie

Rails Support

Please see the boulangerie-rails gem for instructions on how to use Boulangerie with Rails.

Usage

Boulangerie is used best to provide domain-object specific access tokens. Where other access control systems place great focus on making everything user/identity-centric, Macaroons are authorization-centric, and work best when you describe access control in terms of properties of the objects for which the credential authorizes access.

Keyrings

Boulangerie supports the use of more than key simultaneously for the purposes of key rotation.

To create a new keyring, do the following:

keyring = Boulangerie::Keyring.new(
  keys:   YAML.load_file("mykeys.yaml")
  key_id: "k1"
)

Supported Ruby Versions

This library supports and is tested against the following Ruby versions:

  • Ruby (MRI) 2.0, 2.1, 2.2, 2.3
  • JRuby 9000

Contributing

  • Fork this repository on GitHub
  • Make your changes and send us a pull request
  • If we like them we'll merge them
  • If we've accepted a patch, feel free to ask for commit access

License

Copyright (c) 2015-2016 Tony Arcieri. Distributed under the MIT License. See LICENSE.txt for further details.