Message forwarding over SSL with authentication

Library for the HTTP Authentication protocol (RFC 2617)

By configuring a set of applications authentication keys in a filestored in an S3 bucket, applications can authenticate with each otherby submitting their authentication key, which the receiver can matchagainst the key stored in S3.S3 becomes then a central authentication authority.

This gem provides bindings to the Win32 SSPI libraries, primarily to support Negotiate (i.e. SPNEGO, NTLM) authentication with a proxy server. Enough support is implemented to provide the necessary support for the authentication. A module is also provided which overrides Net::HTTP and adds support for Negotiate authentication to it. This implies that open-uri automatically gets support for it, as long as the http_proxy environment variable is set.

There are plenty of gems out there that deal with being an OAuth2 "consumer", where you redirect users to an OAuth2 "provider", allowing you to hand off authentication to a separate service. There are also plenty of gems that set you up as your own OAuth2 provider. ***BUT***, what happens when you want to separate your "authentication" server from your "resource" server? This gem is meant to be used on an API "resource" server, where you want to accept OAuth Access Tokens from a client, and validate them against a separate "authentication" server. This communication is outside the scope of the official OAuth 2 spec, but there is a need for it anyway.

A new authentication strategy named radius_authenticatable is added to the list of warden strategies when the model requests it. The radius server information is configured through the devise initializer. One or more servers may be configured. When a user attempts to authenticate via radius, the radiustar gem is used to perform the authentication with each server until a response is received. This authentication strategy can be used in place of the database_authenticatable or alongside it depending on the needs of the application.

The Postman API enables you to programmatically access data stored in your Postman account. For a comprehensive set of examples of requests and responses, see the [**Postman API** collection](https://www.postman.com/postman/workspace/postman-public-workspace/documentation/12959542-c8142d51-e97c-46b6-bd77-52bb66712c9a). ## Important - You must pass an `Accept` header with the `application/vnd.api.v10+json` value to use v10 and higher endpoints. While some of these endpoints may appear the same as the deprecated Postman v9 endpoints, they will use the v10 behavior when you send this `Accept` header. For more information, see [About v9 and v10 APIs](https://learning.postman.com/docs/developer/postman-api/intro-api/#about-v9-and-v10-apis). - To use the **API** endpoints, you must first [update your APIs to the v10 format](https://learning.postman.com/docs/designing-and-developing-your-api/creating-an-api/#upgrading-an-api). ## Getting started You can get started with the Postman API by [forking the Postman API collection](https://learning.postman.com/docs/collaborating-in-postman/version-control/#creating-a-fork) to your workspace. You can then use Postman to send requests. ## About the Postman API - You must use a valid API Key to send requests to the API endpoints. - The API has [rate and usage limits](https://learning.postman.com/docs/developer/postman-api/postman-api-rate-limits/). - The API only responds to HTTPS-secured communications. Any requests sent via HTTP return an HTTP `301` redirect to the corresponding HTTPS resources. - The API returns requests responses in [JSON format](https://en.wikipedia.org/wiki/JSON). When an API request returns an error, it is sent in the JSON response as an error key. - The request method (verb) determines the nature of action you intend to perform. A request made using the `GET` method implies that you want to fetch something from Postman. The `POST` method implies you want to save something new to Postman. - For all requests, API calls respond with their corresponding [HTTP status codes](https://en.wikipedia.org/wiki/List_of_HTTP_status_codes). In the Postman client, the status code also provides help text that details the possible meaning of the response code. ### IDs and UIDs All items in Postman, such as collections, workspaces, and APIs, have IDs and UIDs: - An ID is the unique ID assigned to a Postman item. For example, `ec29121c-5203-409f-9e84-e83ffc10f226`. - The UID is the **full** ID of a Postman item. This value is the item's unique ID concatenated with the user ID. For example, in the `12345678-ec29121c-5203-409f-9e84-e83ffc10f226` UID: - `12345678` is the user's ID. - `ec29121c-5203-409f-9e84-e83ffc10f226` is the item's ID. ### 503 response An HTTP `503 Service Unavailable` response from our servers indicates there is an unexpected spike in API access traffic. The server is usually operational within the next five minutes. If the outage persists or you receive any other form of an HTTP `5XX` error, [contact support](https://support.postman.com/hc/en-us/requests/new/). ## Authentication Postman uses API keys for authentication. The API key tells the API server that the request came from you. Everything that you have access to in Postman is accessible with your API key. You can [generate](https://learning.postman.com/docs/developer/postman-api/authentication/#generate-a-postman-api-key) a Postman API key in the [**API keys**](https://postman.postman.co/settings/me/api-keys) section of your Postman account settings. You must include an API key in each request to the Postman API with the `X-Api-Key` request header. In Postman, you can store your API key as an [environment variable](https://www.getpostman.com/docs/environments). The Postman API [collection](https://www.getpostman.com/docs/collections) will use it to make API calls. ### Authentication error response If an API key is missing, malformed, or invalid, you will receive an HTTP `401 Unauthorized` response code. ### Using the API key as a query parameter Requests that accept the `X-Api-Key` request header also accept the API key when you send it as the `apikey` query parameter. An API key sent as part of the header has a higher priority when you send the key as both a request header and a query parameter. ## Rate and usage limits API access [rate limits](https://learning.postman.com/docs/developer/postman-api/postman-api-rate-limits/) apply at a per-API key basis in unit time. The limit is **300 requests per minute**. Also, depending on your [plan](https://www.postman.com/pricing/), you may have usage limits. If you exceed either limit, your request will return an HTTP `429 Too Many Requests` status code. Each API response returns the following set of headers to help you identify your use status: | Header | Description | | ------ | ----------- | | `X-RateLimit-Limit` | The maximum number of requests that the consumer is permitted to make per minute. | | `X-RateLimit-Remaining` | The number of requests remaining in the current rate limit window. | | `X-RateLimit-Reset` | The time at which the current rate limit window resets in UTC epoch seconds. | ## Support For help regarding accessing the Postman API, you can: - Visit [Postman Support](https://support.postman.com/hc/en-us) or our [Community and Support](https://www.postman.com/community/) sites. - Reach out to the [Postman community](https://community.postman.com/). - Submit a help request to [Postman support](https://support.postman.com/hc/en-us/requests/new/). ## Policies - [Postman Terms of Service](http://www.postman.com/legal/terms/) - [Postman Privacy Policy](https://www.postman.com/legal/privacy-policy/)

The `password_auth` gem provides a simple and secure way to handle password authentication in Ruby applications. It offers a set of reusable components and utilities to handle user passwords, including password hashing, salting, and validation. Key Features: - Secure password storage: The gem uses industry-standard techniques, such as bcrypt hashing and salt generation, to securely store user passwords. - Password validation: It provides convenient methods to validate the strength and complexity of user passwords, ensuring they meet specific criteria. - Password encryption: Easily encrypt passwords for storage or comparison purposes, protecting sensitive user data. - Password reset functionality: Includes utilities for generating and handling password reset tokens, enabling users to securely reset their passwords. - Integration with popular frameworks: Seamlessly integrates with Ruby on Rails, Sinatra, and other Ruby frameworks, making it easy to incorporate password authentication into your application. By using the `password_auth` gem, developers can implement robust password authentication functionality in their Ruby applications with minimal effort, ensuring the security and integrity of user passwords.

Perform Google OAuth authentication from the CLI using redirect flows. Authentication information is saved in a file and can be used for the next authentication.

Drop in authorization and authentication suite for Rails APIs. Features include user registration, stateless authentication using OAuth2, roles and permissions, password reset workflow, guest access, policy enforcement, JSON API serialization, two-factor authentication support, and more. Designed to be extensable to support any auth or registration strategies.

Generator to quickly put CAS authentication on your Rails application. Provides a currnet_user method to controllers and views to make it work like Restful Authentication and other plugins.

Atlassian JWT Authentication provides support for handling JWT authentication as required by Atlassian when building add-ons: https://developer.atlassian.com/static/connect/docs/latest/concepts/authentication.html

Provides low-level authentication based on ROM. Provides several plugins in order to lockdown accounts on failed authentication and saving events for each authentication attempt.

Client for signing and authentication of requests and responses with mAuth authentication. Includes middleware for Rack and Faraday for incoming and outgoing requests and responses.

Simple key/secret based authentication for apis

Gem to add authentication to your application using JWT, with expirable, renewable and customizable tokens.

Rails authentication via a generator.

A reusable Grape JWT authentication concern

Plugin for omnifocus gem to provide github BTS synchronization. Support for Github Enterprise: In your git config, set the key github.accounts to a space separated list of github accounts. git config --global github.accounts "github myghe" For each account API and web end points and authentication information should be stored in the git config under a key matching the account. For example: git config --global github.user me git config --global github.password mypassword git config --global myghe.api https://ghe.mydomain.com/api/v3 git config --global myghe.api https://ghe.mydomain.com/ For each account can you specify the following parameters: * api - specify an API endpoint other than https://api.github.com. This is so you can point this at your Github Enterprise endpoint. * web - specify an API endpoint other than https://www.github.com. This is so you can point this at your Github Enterprise endpoint * user, password - A username and password pair for Basic http authentication.

Provides a thin wrapper around the excellent ruby-openid gem from JanRan. gem version is unofficial, github fork of rails's by moro