Hadley is rack middleware built on top of the excellent security authentication middleware warden. Hadley enables Rack-based web applications to easily become AFID protected resource servers.

Rails:

1. Add gem 'hadley' to your Gemfile

2. Run bundle from your project root

3. Run touch config/initializers/hadley.rb from your project root

4. Add warden and hadley to your middleware stack by opening config/initializers/hadlery.rb in your favorite text editor and adding the following:

   token_store = Hadley::TokenStore.new(Rails.cache)
   
   MyApp::Application.config.middleware.insert_after ActionDispatch::Session::CookieStore, Warden::Manager do |manager|
     # setup authentication for the afid server to provision and revoke access tokens
     manager.basic(:server) do |basic|
       basic.hash_credentials true
       basic.lookup do |id, secret|
         [ id, secret ] == [ 'my_hashed_id', 'my_hashed_secret' ] ? id : nil
       end
     end
     # setup authentication for afid clients to authenticate in anonymous mode (client_credentials grant type in OAuth2
     # parlance)
     manager.bearer(:client) do |bearer|
       bearer.token_store token_store
       bearer.anonymous_allowed true
     end
     # setup authentication for afid clients to access apis on behalf of a particular user (authorization_grant grant
     # type in OAuth2 parlance)
     manager.bearer(:user) do |bearer|
       bearer.token_store token_store
       bearer.anonymous_allowed false
     end
   end
   
   MyApp::Application.config.middleware.insert_after Warden::Manager, Hadley::Middleware, token_store: token_store
   

5. Run rake middleware from your project root and verify that Warden::Manager appears after ActionDispatch::Session::CookieStore and Hadley::Middleware appears after Warden::Manager