AuthOriginControl

Authenticate your apis in server - to - server operations

is based on api-auth gem

---

In your omniauth provider

Gemfile

gem ‘auth_origin_control’

config/initializers/auth_origin_control

BorderPatrol.setup do |config|

config.clients_model = "Doorkeeper::Application"  # assuming you use Doorkeeper gem

end

controllers

before_filter :origin_control

routes

mount AuthOriginControl::Engine => “YOUR DESIRED PATH”

---

In your intermediary api

Gemfile

gem ‘auth_origin_control’ gem “api-auth”, github: “NicoArbogast/api_auth”, branch: ‘temp’ # needed until merged into mgomes/api_auth

config/initializers/auth_origin_control

AuthOriginControl.setup do |config|

config.local_or_remote_authority = 'remote'
config.self_identity = {:access_id => ACCESS_ID_REGISTERED_FOR_THIS_APP, :secret_key => ACCESS_SECRET_REGISTERED_FOR_THIS_APP}

end

controllers

before_filter :origin_control

---

In your client api

Gemfile

gem ‘auth_origin_control’ gem “api-auth”, github: “NicoArbogast/api_auth”, branch: ‘temp’ # needed until merged into mgomes/api_auth

config/initializers/auth_origin_control

AuthOriginControl.setup do |config|

config.self_identity = {:access_id => ACCESS_ID_REGISTERED_FOR_THIS_APP, :secret_key => ACCESS_SECRET_REGISTERED_FOR_THIS_APP}

end

In your http Interfaces to your apis

AuthOriginControl::SignedRequest.new