Merge pull request #2 from andyquinterom/GT1

Improves README

.github/workflows/pkgdown.yaml

@@ -0,0 +1,48 @@
+# Workflow derived from https://github.com/r-lib/actions/tree/v2/examples
+# Need help debugging build failures? Start at https://github.com/r-lib/actions#where-to-find-help
+on:
+  push:
+    branches: [main, master]
+  pull_request:
+    branches: [main, master]
+  release:
+    types: [published]
+  workflow_dispatch:
+
+name: pkgdown
+
+jobs:
+  pkgdown:
+    runs-on: ubuntu-latest
+    # Only restrict concurrency for non-PR jobs
+    concurrency:
+      group: pkgdown-${{ github.event_name != 'pull_request' || github.run_id }}
+    env:
+      GITHUB_PAT: ${{ secrets.GITHUB_TOKEN }}
+    permissions:
+      contents: write
+    steps:
+      - uses: actions/checkout@v3
+
+      - uses: r-lib/actions/setup-pandoc@v2
+
+      - uses: r-lib/actions/setup-r@v2
+        with:
+          use-public-rspm: true
+
+      - uses: r-lib/actions/setup-r-dependencies@v2
+        with:
+          extra-packages: any::pkgdown, local::.
+          needs: website
+
+      - name: Build site
+        run: pkgdown::build_site_github_pages(new_process = FALSE, install = FALSE)
+        shell: Rscript {0}
+
+      - name: Deploy to GitHub pages 🚀
+        if: github.event_name != 'pull_request'
+        uses: JamesIves/[email protected]
+        with:
+          clean: false
+          branch: gh-pages
+          folder: docs

DESCRIPTION

@@ -1,6 +1,6 @@
 Package: tapLock
 Title: Seamless SSO for R applications
-Version: 0.1.0.9000
+Version: 0.1.0
 Authors@R: 
     c(person(given = "ixpantia, SRL",
              role = "cph",

README.md

@@ -1,55 +1,84 @@
-# tapLock
+# tapLock <img src="man/figures/tapLock.png" align="right" width=120 height=139 alt="" />
 
-## Example Shiny App with Entra ID Authentication
+Secure your R applications with OpenID Connect and OAuth 2.0.
 
-```R
-library(shiny)
-library(tapLock)
+## Summary
+
+tapLock is an R library that provides a simple interface to
+integrate OpenID Connect / OAuth 2.0 authentication into you Shiny
+applications and Plumber APIs. tapLock uses a unique approach to
+effectively secure your applications without the need to write almost
+any code.
+
+## Authentication providers
+
+tapLock supports the following authentication providers:
+
+- [Google](https://developers.google.com/identity/protocols/oauth2/openid-connect)
+- [Microsoft Entra ID](https://www.microsoft.com/en-us/security/business/identity-access/microsoft-entra-id)
+
+> If you need support for other providers, please contact us at
+> [[email protected]](mailto:[email protected]). Or, if you are a
+> developer, you can contribute to the project by adding support for
+> additional providers.
+
+## Security Model
+
+tapLock is unique in its approach to securing Shiny applications and
+Plumber APIs. tapLock utilizes middlewares that intercept all incoming
+requests (both HTTP and WebSocket requests) and validates the
+authentication token. This approach allows tapLock to be lean and
+efficient since no expensive WebSocket connections are started until
+the user is authenticated. It also prevents sensitive data in the UI
+portion of the application from being exposed to unauthenticated users.
+
+## How to use tapLock with Shiny
+
+#### 1. Install tapLock
+
+``` r
+pak::pak("ixpantia/taplock")
+```
+
+#### 2. Create an authentication configuration
+
+``` r
+library(taplock)
 
 auth_config <- new_openid_config(
   provider = "entra_id",
+  # The following values are obtained from the authentication provider
   tenant_id = Sys.getenv("TENANT_ID"),
   client_id = Sys.getenv("CLIENT_ID"),
   client_secret = Sys.getenv("CLIENT_SECRET"),
+  # This should be the URL of your application
   app_url = Sys.getenv("APP_URL")
 )
+```
 
-ui <- fluidPage(
-  tags$h1("tapLock example"),
-  textOutput("user")
-)
-
-server <- function(input, output, session) {
+#### 3. Secure your Shiny application
 
-  output$user <- renderText({
-    given_name <- get_token_field(token(), "given_name")
-    family_name <- get_token_field(token(), "family_name")
-    expires_at <- expires_at(token())
-    glue::glue(
-      "Hello {given_name} {family_name}!",
-      "Your authenticated session will expire at {expires_at}.",
-      .sep = " "
-    )
-  })
-
-}
-```
+To secure your Shiny Application you will simply need to expose
+an `sso_shiny_app` instead of a regular `shinyApp` at the end of your
+`app.R` file.
 
-## Example Shiny App with Google Authentication
+Here is an example of a Shiny application that uses tapLock to secure
+itself:
 
-```R
+``` r
 library(shiny)
 library(tapLock)
 
 auth_config <- new_openid_config(
-  provider = "google",
+  provider = "entra_id",
+  tenant_id = Sys.getenv("TENANT_ID"),
   client_id = Sys.getenv("CLIENT_ID"),
   client_secret = Sys.getenv("CLIENT_SECRET"),
   app_url = Sys.getenv("APP_URL")
 )
 
 ui <- fluidPage(
-  tags$h1("tapLock example"),
+  tags$h1("r.sso example"),
   textOutput("user")
 )
 
@@ -67,5 +96,6 @@ server <- function(input, output, session) {
   })
 
 }
-```
 
+sso_shiny_app(auth_config, ui, server)
+```