Project

boulangerie

0.0
Repository is archived
No commit activity in last 3 years
No release in over 3 years
boulangeriecryptosphere/boulangerieHomepageDocumentationSource CodeBug TrackerWiki
Boulangerie provides schemas, creation, and verification for the Macaroons bearer credential format
2005
2006
2007
2008
2009
2010
2011
2012
2013
2014
2015
2016
2017
2018
2019
2020
2021
2022
2023
2024
 Popularity
Downloads
3,496
Stars
8
Forks
0
Watchers
5
 Releases
Current version
0.0.0
Total releases
1
First release
2015-07-24
Latest release
2015-07-24
 Pull Requests
Open Pull Requests
0
Closed Pull Requests
0
Merged Pull Requests
8
Pull Request Acceptance Rate
100%
 Development
Primary Language
Ruby
Licenses
MIT
Average date of last 50 commits
2016-01-07
Reverse Dependencies
0

 Dependencies

Development

bundler
~> 1.10
macaroons
>= 0
rake
~> 10.0
rspec
>= 0
 Project Readme

Boulangerie

Gem Version Build Status Code Climate Coverage Status MIT licensed

Boulangerie is a Ruby gem for building authorization systems using Macaroons, a better kind of cookie.

This gem provides an opinionated, high-level interface designed to simplify integration of Macaroons into any authorization scenario.

What are Macaroons and why should I care?

Macaroons are a new cookie-like bearer credential format originally developed at Google, then popularized by the HyperDex project, which uses Macaroons for authorization.

They can be seen as a simpler yet more powerful alternative to other bearer credential formats like JWT. Unlike most other bearer credential formats, Macaroons bind credentials obtained by multiple parties together cryptographically, allowing authorization decisions to be made by many parties (3+) while eliminating the types of attacks that are typically uses against other credential formats in these scenarios.

Installation

Add this line to your application's Gemfile:

gem "boulangerie"

And then execute:

$ bundle

Or install it yourself as:

$ gem install boulangerie

Rails Support

Please see the boulangerie-rails gem for instructions on how to use Boulangerie with Rails.

Usage

Boulangerie is used best to provide domain-object specific access tokens. Where other access control systems place great focus on making everything user/identity-centric, Macaroons are authorization-centric, and work best when you describe access control in terms of properties of the objects for which the credential authorizes access.

Keyrings

Boulangerie supports the use of more than key simultaneously for the purposes of key rotation.

To create a new keyring, do the following:

keyring = Boulangerie::Keyring.new(
  keys:   YAML.load_file("mykeys.yaml")
  key_id: "k1"
)

Supported Ruby Versions

This library supports and is tested against the following Ruby versions:

  • Ruby (MRI) 2.0, 2.1, 2.2, 2.3
  • JRuby 9000

Contributing

  • Fork this repository on GitHub
  • Make your changes and send us a pull request
  • If we like them we'll merge them
  • If we've accepted a patch, feel free to ask for commit access

License

Copyright (c) 2015-2016 Tony Arcieri. Distributed under the MIT License. See LICENSE.txt for further details.