RubyGems - active_directory_login - Versions diffs - 0.0.2 - Mend

active_directory_login 0.0.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (18) hide show

checksums.yaml +7 -0
data/.gitignore +19 -0
data/Gemfile +6 -0
data/LICENSE.txt +22 -0
data/README.md +29 -0
data/Rakefile +1 -0
data/active_directory_login.gemspec +35 -0
data/lib/active_directory_login.rb +54 -0
data/lib/active_directory_login/client.rb +302 -0
data/lib/active_directory_login/group_resource.rb +41 -0
data/lib/active_directory_login/health_check.rb +37 -0
data/lib/active_directory_login/version.rb +3 -0
data/lib/devise/strategies/active_directory_authenticatable.rb +35 -0
data/spec/active_directory_login_spec.rb +94 -0
data/spec/client_spec.rb +52 -0
data/spec/models/user.rb +23 -0
data/spec/spec_helper.rb +27 -0
metadata +218 -0

checksums.yaml ADDED Viewed

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 63d211b6c19283ade2b7a91ecde8921897628c65
+  data.tar.gz: 86cbf612ecbe3cae984232fad88e0407b10b5ad2
+SHA512:
+  metadata.gz: 3ef4e694e3546391df61ac16852e7648189e0f2673f40d336d9d8aed19ac89051560eff7c896436bcdeff9c2a16271d7c4e04b04be20bed1798aef31c997a536
+  data.tar.gz: f0a7c74005dbb3b6de2127611ba9013ddad988a788f5a16ae8ca3b1e0ce947dfa68525df1426e95cc1c2171029f191d6aa91d8acc48e7701923ab1664c4e839b

data/.gitignore ADDED Viewed

@@ -0,0 +1,19 @@
+*.gem
+*.rbc
+.bundle
+.config
+.yardoc
+Gemfile.lock
+InstalledFiles
+_yardoc
+coverage
+doc/
+lib/bundler/man
+pkg
+rdoc
+spec/reports
+test/tmp
+test/version_tmp
+tmp
+.rvmrc

data/Gemfile ADDED Viewed

@@ -0,0 +1,6 @@
+source 'https://rubygems.org'
+gemspec
+gem 'datacom_active_directory'
+gem 'datacom-net-ldap'

data/LICENSE.txt ADDED Viewed

@@ -0,0 +1,22 @@
+Copyright (c) 2014 Brad Murray
+MIT License
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md ADDED Viewed

@@ -0,0 +1,29 @@
+# ActiveDirectoryLogin
+TODO: Write a gem description
+## Installation
+Add this line to your application's Gemfile:
+    gem 'active_directory_login'
+And then execute:
+    $ bundle
+Or install it yourself as:
+    $ gem install active_directory_login
+## Usage
+TODO: Write usage instructions here
+## Contributing
+1. Fork it
+2. Create your feature branch (`git checkout -b my-new-feature`)
+3. Commit your changes (`git commit -am 'Add some feature'`)
+4. Push to the branch (`git push origin my-new-feature`)
+5. Create new Pull Request

data/Rakefile ADDED Viewed

	@@ -0,0 +1 @@
1	+ require "bundler/gem_tasks"

data/active_directory_login.gemspec ADDED Viewed

@@ -0,0 +1,35 @@
+# coding: utf-8
+lib = File.expand_path('../lib', __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require 'active_directory_login/version'
+Gem::Specification.new do |spec|
+  spec.name          = "active_directory_login"
+  spec.version       = ActiveDirectoryLogin::VERSION
+  spec.authors       = ["Brad Murray"]
+  spec.email         = ["wyaeld@gmail.com"]
+  spec.description   = "Devise based AD User Logins"
+  spec.summary       = "Devise based AD User Logins"
+  spec.homepage      = %q{http://github.com/datacom/active_directory_login}
+  spec.license       = "MIT"
+  spec.files         = `git ls-files`.split($/)
+  spec.executables   = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
+  spec.test_files    = spec.files.grep(%r{^(test|spec|features)/})
+  spec.require_paths = ["lib"]
+  spec.add_development_dependency "bundler", "~> 1.3"
+  spec.add_development_dependency "rake"
+  spec.add_development_dependency "rails", "~> 4.0"
+  spec.add_development_dependency "devise", "3.0.0"
+  spec.add_development_dependency "warden"
+  spec.add_development_dependency 'rspec', '~> 2.14'
+  spec.add_development_dependency 'rspec-rails', '~> 2.14'
+  spec.add_development_dependency 'flexmock'
+  spec.add_development_dependency 'pry'
+  spec.add_dependency "datacom_active_directory", '1.5.5.datacom'
+  spec.add_dependency "datacom-net-ldap", '0.5.0.datacom'
+end

data/lib/active_directory_login.rb ADDED Viewed

@@ -0,0 +1,54 @@
+autoload 'Logger', 'logger'
+require 'forwardable'
+require "active_directory"
+require "active_directory_login/client"
+require 'warden'
+require 'devise/strategies/authenticatable'
+require 'devise/strategies/active_directory_authenticatable'
+module ActiveDirectoryLogin
+  class Error < RuntimeError; end
+  class AuthenticationError < Error; end
+  class NoUserError < Error; end
+  class ConfigurationError < Error; end
+  class NoSearchKey < Error; end
+  class << self
+    extend Forwardable
+    def_delegators :default_client, :auth_method, :username, :password, :host, :port, :base, :auth
+    def_delegators :default_client, :auth_method=, :username=, :password=, :host=, :port=, :base=, :auth=
+    def_delegators :default_client, :staff_dn, :superuser_dn, :user_dn
+    def_delegators :default_client, :staff_dn=, :superuser_dn=, :user_dn=
+    def_delegators :default_client, :validate!, :sync_groups, :benched
+    def_delegators :default_client, :with_user, :lock_user, :authenticate_user, :has_member_access?, :create_or_update_user
+    #logger modelled on https://github.com/pusher/pusher-gem/blob/master/lib/pusher.rb
+    attr_writer :logger
+    def logger
+      @logger ||= begin
+        log = Logger.new($stdout)
+        log.level = Logger::INFO
+        log
+      end
+    end
+    def default_client
+      @default_client ||= ActiveDirectoryLogin::Client.new
+    end
+  end
+end
+require "active_directory_login/version"
+require "active_directory_login/health_check"
+Warden::Strategies.add(:active_directory_authenticatable, Devise::Strategies::ActiveDirectoryAuthenticatable)

data/lib/active_directory_login/client.rb ADDED Viewed

@@ -0,0 +1,302 @@
+require 'active_directory'
+# require 'secure_random'
+module ActiveDirectoryLogin
+  class Client
+    attr_accessor :host, :auth_method, :username, :password, :port, :base
+    attr_accessor :staff_dn, :superuser_dn, :user_dn
+    attr_reader  :auth
+    def initialize(options = {})
+      options = {
+        auth_method: 'anonymous',
+        port: '389',
+      }.merge(options)
+      @host, @port, @base, @auth_method, @password, @username, @staff_dn, @superuser_dn, @user_dn = options.values_at(
+        :host, :port, :base, :auth_method, :password, :username, :staff_dn, :superuser_dn, :user_dn
+        )
+    end
+    def validate!
+      %W(
+        host
+        port
+        base
+        auth_method
+        username
+        password
+        staff_dn
+        superuser_dn
+        user_dn
+      ).each do |key|
+        # puts "KEY #{key} VALUE #{self.send(key)}"
+        raise ConfigurationError if self.send(key).nil?
+      end
+      true
+    end
+    def settings
+      {
+        host: host,
+        port: port,
+        base: base,
+        auth: {
+          method: auth_method.to_sym,
+          username: username,
+          password: password
+        }
+      }
+    end
+    def ensure_connection
+      if !ActiveDirectory::Base.connected?
+        validate!
+        ActiveDirectory::Base.setup(settings)
+        # ActiveDirectory::Base.enable_cache
+      end
+    end
+    def with_user(username_or_email, password, &block)
+      raise Error, "block required" if block.nil?
+      @ad_user = find_user(username_or_email)
+      @ad_user_password = password
+      @query = query(username_or_email)
+      @app_user = @query.first
+      value = block.call
+      reset_ivars
+      return value
+    end
+    def reset_ivars
+      @ad_user = nil
+      @app_user = nil
+      @query = nil
+      @groups = nil
+      @ad_user_password = nil
+    end
+    def lock_user
+      raise NoUserError, "need to call inside a .with_user block" if @ad_user.nil?
+      @app_user.try(:lock_access!) #its ok if no user
+    end
+    def authenticate_user
+      raise NoUserError, "need to call inside a .with_user block" if @ad_user.nil?
+      @ad_user.try(:authenticate, @ad_user_password)
+    end
+    def query(username_or_email)
+      @query ||= (username_or_email =~ /@/) ?
+        User.where { (provider == User::LDAP) & (email =~ username_or_email) } :
+        User.where { (provider == User::LDAP) & (username =~ username_or_email) }
+    end
+    def create_or_update_user
+      user = @query.first_or_initialize(
+        name:      "#{@ad_user.givenname} #{@ad_user.sn}",
+        email:     @ad_user.mail.downcase,
+        username:  @ad_user[:sAMAccountName]
+      )
+      # Update the user's password and permissions (can't use update_attributes as it might not be saved yet)
+      user.password              = @ad_user_password
+      user.password_confirmation = @ad_user_password
+      user.staff                 = staff_access?
+      user.superuser             = superuser_access?
+      user.locked_at             = nil # unlock_access! saves without validating so no good
+      user.save! # only saves if changed or new
+      return user
+    end
+    def find_user username_or_email
+      ensure_connection
+      raise NoSearchKey unless username_or_email && !username_or_email.empty?
+      ad_key  = (username_or_email =~ /@/) ? :mail : :sAMAccountName
+      ad_user = ActiveDirectory::User.find(:first, ad_key => username_or_email)
+    end
+    def find_group group_dn
+      ensure_connection
+      raise NoSearchKey unless group_dn && !group_dn.empty?
+      ActiveDirectory::Group.find(:first, distinguishedname: group_dn)
+    end
+    # def groups
+    #   @staff_group ||= ActiveDirectory::Group.find(:first, distinguishedname: staff_dn)
+    #   @superuser_group ||= ActiveDirectory::Group.find(:first, distinguishedname: superuser_dn)
+    #   @user_group ||= ActiveDirectory::Group.find(:first, distinguishedname: user_dn)
+    #   [@staff_group, @superuser_group, @user_group]
+    # end
+    def has_member_access?
+      raise NoUserError, "need to call inside a .with_user block" if @ad_user.nil?
+      staff_access? || superuser_access? || user_access?
+    end
+    def sync_all
+      [staff_dn, superuser_dn, user_dn].each do |dn|
+        sync_group(dn)
+      end
+    end
+    def benched
+      bench = Benchmark.realtime{   Devise.stretches = 2; sync_groups }
+      ActiveDirectoryLogin.logger.info "Benchmark"
+      ActiveDirectoryLogin.logger.info bench
+    end
+    def sync_groups
+      ensure_connection
+      ActiveRecord::Base.transaction do
+        # update staff
+        staff_group = find_group(staff_dn)
+        staff_member_emails = staff_group.member.collect(&:mail).map(&:downcase)
+        allowed = User.where(email: staff_member_emails, staff: false)
+        staff_allowed_emails = allowed.collect(&:email)
+        allowed.update_all(staff: true)
+        pending = staff_member_emails - staff_allowed_emails
+        disallowed = User.where.not(email: staff_member_emails).where(staff: true)
+        staff_disallowed_emails = disallowed.collect(&:email)
+        disallowed.update_all(staff: false)
+        pending = pending - staff_disallowed_emails
+        staff_unchanged = User.where(email: staff_member_emails, staff: true)
+        staff_unchanged_emails = staff_unchanged.collect(&:email)
+        pending = pending - staff_unchanged_emails
+        # create any new staff
+        pending.each do |pending_email|
+          with_user(pending_email, SecureRandom.hex){ create_or_update_user }
+        end
+        staff_created_emails = pending
+        ## update superuser
+        superuser_group = find_group(superuser_dn)
+        superuser_member_emails = superuser_group.member.collect(&:mail).map(&:downcase)
+        superuser_member_emails = superuser_member_emails - staff_member_emails
+        allowed = User.where(email: superuser_member_emails, superuser: false)
+        superuser_allowed_emails = allowed.collect(&:email)
+        allowed.update_all(superuser: true)
+        pending = superuser_member_emails - superuser_allowed_emails
+        disallowed = User.where.not(email: superuser_member_emails).where(superuser: true)
+        superuser_disallowed_emails = disallowed.collect(&:email)
+        disallowed.update_all(superuser: false)
+        pending = pending - superuser_disallowed_emails
+        superuser_unchanged = User.where(email: superuser_member_emails, superuser: true)
+        superuser_unchanged_emails = superuser_unchanged.collect(&:email)
+        pending = pending - superuser_unchanged_emails
+        # create any new superuser
+        pending.each do |pending_email|
+          with_user(pending_email, SecureRandom.hex){ create_or_update_user }
+        end
+        superuser_created_emails = pending
+        ## update users
+        user_group = find_group(user_dn)
+        # member_cns = user_group.entry[:member]
+        member_emails = user_group.member.collect(&:mail).map(&:downcase)
+        member_emails = member_emails - superuser_member_emails - staff_member_emails
+        allowed = User.where(email: member_emails, staff: false, superuser: false).where.not(locked_at: nil)
+        user_allowed_emails = allowed.collect(&:email)
+        allowed.update_all(locked_at: nil)
+        pending = member_emails - user_allowed_emails
+        disallowed = User.where.not(email: member_emails, staff: false, superuser: false)
+        user_disallowed_emails = disallowed.collect(&:email)
+        disallowed.each {|u| u.lock_access! }
+        user_unchanged = User.where(email: member_emails, staff: false, superuser: false)
+        user_unchanged_emails = user_unchanged.collect(&:email)
+        pending = pending - user_unchanged_emails
+        # binding.pry
+        #create any new superuser
+        pending.each do |pending_email|
+          with_user(pending_email, SecureRandom.hex){ create_or_update_user }
+        end
+        user_created_emails = pending
+        #report on changes
+        ActiveDirectoryLogin.logger.info "Staff allowed: #{staff_allowed_emails}"
+        ActiveDirectoryLogin.logger.info "Staff disallowed: #{staff_disallowed_emails}"
+        ActiveDirectoryLogin.logger.info "Staff created: #{staff_created_emails}"
+        ActiveDirectoryLogin.logger.info "Staff unchanged: #{staff_unchanged_emails}"
+        ActiveDirectoryLogin.logger.info "Superusers allowed: #{superuser_allowed_emails}"
+        ActiveDirectoryLogin.logger.info "Superusers disallowed: #{superuser_disallowed_emails}"
+        ActiveDirectoryLogin.logger.info "Superusers created: #{superuser_created_emails}"
+        ActiveDirectoryLogin.logger.info "Superusers unchanged: #{superuser_unchanged_emails}"
+        ActiveDirectoryLogin.logger.info "User allowed: #{user_allowed_emails}"
+        ActiveDirectoryLogin.logger.info "User disallowed: #{user_disallowed_emails}"
+        ActiveDirectoryLogin.logger.info "User created: #{user_created_emails}"
+        ActiveDirectoryLogin.logger.info "User unchanged: #{user_unchanged_emails}"
+      end
+      ActiveDirectoryLogin.logger.info "Staff: #{User.staff.count}"
+      ActiveDirectoryLogin.logger.info "Superusers: #{User.superusers.count}"
+      ActiveDirectoryLogin.logger.info "Users: #{User.normals.count}"
+    end
+    private
+    def group_names
+      @groups ||= @ad_user.entry[:memberof]
+    end
+    def staff_access?
+      group_names.include? staff_dn
+    end
+    def superuser_access?
+      group_names.include? superuser_dn
+    end
+    def user_access?
+      group_names.include? user_dn
+    end
+  end #class
+end

data/lib/active_directory_login/group_resource.rb ADDED Viewed

@@ -0,0 +1,41 @@
+module ActiveDirectoryLogin
+  class GroupResource
+    def initialize(client)
+      @client = client
+    end
+    def self.find group_name
+      ActiveDirectory::Group.find(:first, distinguishedname: group_name)
+    end
+    def self.member_names group
+      group.member.map &:name
+    end
+    def self.member_emails group
+      group.member.map &:mail
+    end
+    def self.has_group_access? groups
+      staff = staff_group? groups
+      system = system_group? groups
+      general = general_group? groups
+      staff || system || general
+    end
+    def self.staff_group? groups
+      groups.include? ENV['DG_STAFF_DN']
+    end
+    def self.system_group? groups
+      groups.include? ENV['DG_SYSTEM_DN']
+    end
+    def self.general_group? groups
+      groups.include? ENV['DG_USER_DN']
+    end
+  end
+end

data/lib/active_directory_login/health_check.rb ADDED Viewed

@@ -0,0 +1,37 @@
+module ActiveDirectoryLogin
+  module HealthCheck
+    def self.valid_config?
+      ActiveDirectoryLogin.default_client.validate!
+    end
+    def self.health_check_errors
+      # We use these twice
+      output = []
+      begin
+        ActiveDirectoryLogin.default_client.ensure_connection
+      rescue => e
+        output << "LDAP: Connecting: #{e.message}"
+      end
+      begin
+        ActiveDirectoryLogin.default_client.ensure_connection
+      rescue => e
+        output << "LDAP: Authorizing: #{e.message}" unless output.include?("LDAP: Connecting: #{e.message}")
+      end
+      output << "LDAP: Authorizing: #{ActiveDirectory::Base.error}" if ActiveDirectory::Base.error?
+      begin
+        ActiveDirectory::Group.find(:first, distinguishedname: ActiveDirectoryLogin.user_dn)
+      rescue
+        output << 'LDAP: Searching failed; check base and authorisation config'
+      end
+      output.to_sentence
+    end
+    def self.healthy?
+      health_check_errors.empty?
+    end
+  end
+end

data/lib/active_directory_login/version.rb ADDED Viewed

@@ -0,0 +1,3 @@
+module ActiveDirectoryLogin
+  VERSION = "0.0.2"
+end

data/lib/devise/strategies/active_directory_authenticatable.rb ADDED Viewed

@@ -0,0 +1,35 @@
+require 'devise/strategies/authenticatable'
+require 'pry'
+module Devise
+  module Strategies
+    class ActiveDirectoryAuthenticatable < Authenticatable
+      def authenticate!
+        #FIXME enterprise mode was here
+        if params[:user]
+          username_or_email = params[:user][:login]
+          ActiveDirectoryLogin.with_user(username_or_email, params[:user][:password]) do
+            if ActiveDirectoryLogin.authenticate_user
+              if ActiveDirectoryLogin.has_member_access?
+                user = ActiveDirectoryLogin.create_or_update_user
+                success!(user)
+              else
+                ActiveDirectoryLogin.lock_user
+                fail(:locked)
+              end
+            else
+              fail(:invalid)
+            end
+          end #with_user
+        end
+      end
+    end
+  end
+end

data/spec/active_directory_login_spec.rb ADDED Viewed

@@ -0,0 +1,94 @@
+require 'spec_helper'
+require 'active_directory_login'
+require 'active_directory_login/group_resource'
+require 'active_directory_login/user_resource'
+require 'devise/strategies/authenticatable'
+require 'devise'
+describe ActiveDirectoryLogin do
+  before do
+    @client = ActiveDirectoryLogin::Client.new({
+     auth_method: 'simple',
+     username: 'svcdgauth',
+     password: 'Friday10',
+     host: 'dnzdc3.datacom.co.nz',
+     port: '389',
+     base: 'DC=datacom,DC=co,DC=nz'
+     })
+    @client.connect!
+    @user_resource = ActiveDirectoryLogin::UserResource
+    @group_resource = ActiveDirectoryLogin::GroupResource
+  end
+  let(:staff_group) {"CN=DocGenie-Staff,OU=Datacom Systems Wellington,OU=Datacom Systems,OU=Groups - Universal Distribution Lists,DC=datacom,DC=co,DC=nz"}
+  describe '.user' do
+    it 'requires a value' do
+      expect { @user_resource.find nil
+       }.to raise_error ActiveDirectoryLogin::NoSearchKey
+     end
+     it 'requires a value' do
+      expect { @user_resource.find ''
+       }.to raise_error ActiveDirectoryLogin::NoSearchKey
+     end
+   end
+   it 'finds me by username' do
+    login = 'bradmu'
+    user = @user_resource.find login
+    user[:cn].should == "Brad Murray [DATACOM]"
+  end
+  it 'finds me by email' do
+    login = 'brad.murray@datacom.co.nz'
+    user = @user_resource.find login
+    user[:cn].should == "Brad Murray [DATACOM]"
+  end
+  it 'finds me by email' do
+    login = 'brad.murray@datacom.co.nz'
+    user = @user_resource.find login
+    user[:cn].should == "Brad Murray [DATACOM]"
+  end
+  it 'finds DocGenie staff group' do
+    group = @group_resource.find staff_group
+    group.name.should == "DocGenie-Staff"
+  end
+  it 'can get members of DocGenie staff group' do
+    group = @group_resource.find staff_group
+    group.member.count.should == 5
+    @group_resource.member_names(group).should == ["Patrick Copeland [DATACOM]",
+    "Owen Bannister [DATACOM]",
+    "Tatyana Kudiyarova [DATACOM]",
+    "Brad Murray [DATACOM]",
+    "Blair Nilsson [DATACOM]"]
+  end
+  it 'can find user groups' do
+    login = 'owen.bannister@datacom.co.nz'
+    user = @user_resource.find login
+    groups = @user_resource.groups user
+    groups.count.should > 0
+    groups.include?(staff_group).should == true
+  end
+    # let(:User) { stub 'User'}
+  it 'can validate me by my groups' do
+    login = 'owen.bannister@datacom.co.nz'
+    user = @user_resource.find login
+    permission = @group_resource.has_group_access? @user_resource.groups(user)
+    permission.should == false
+    ENV['DG_STAFF_DN'] =  staff_group
+    permission = @group_resource.has_group_access? @user_resource.groups(user)
+    permission.should == true
+  end
+end

data/spec/client_spec.rb ADDED Viewed

@@ -0,0 +1,52 @@
+require 'spec_helper'
+require 'active_directory_login/client'
+describe ActiveDirectoryLogin::Client do
+  def valid_options
+    options = {}
+    options[:auth_method] = 'simple'
+    options[:username] = 'foo'
+    options[:password] = 'bar'
+    options[:host] = 'ldap.example.com'
+    options[:port] = '633'
+    options[:base] = 'DC=example,DC=com'
+    options
+  end
+  describe 'initialize' do
+    subject { ActiveDirectoryLogin::Client.new options}
+    describe 'with defaults' do
+      let(:options) { Hash.new }
+      its(:host) { should == nil}
+      its(:port) { should == '389'}
+      its(:base) { should == nil}
+      its(:username) { should == nil }
+      its(:password) { should == nil}
+      its(:auth_method) { should == 'anonymous'}
+    end
+    describe 'with values' do
+      let(:options) { valid_options }
+      its(:host) { should == 'ldap.example.com'}
+      its(:port) { should == '633'}
+      its(:base) { should == 'DC=example,DC=com'}
+      its(:username) { should == 'foo'}
+      its(:password) { should == 'bar'}
+      its(:auth_method) { should == 'simple'}
+    end
+  end
+end

data/spec/models/user.rb ADDED Viewed

@@ -0,0 +1,23 @@
+# require 'active_model/naming'
+# require 'active_model/model'
+require 'active_model'
+class User
+  include ActiveModel::Model
+  # after_initialize :defaults
+  # def defaults
+  #   binding.pry
+  # end
+  # def init(args)
+  #   args.each_pair do |k,v|
+  #     self[k] = v
+  #   end
+  # end
+  attr_accessor :name, :email, :staff
+  alias_method :staff?, :staff
+end

data/spec/spec_helper.rb ADDED Viewed

@@ -0,0 +1,27 @@
+begin
+  require 'bundler/setup'
+rescue LoadError
+  puts 'although not required, it is recommended that you use bundler when running the tests'
+end
+require 'rails'
+require 'rspec'
+# require 'rspec/rails'
+require 'rspec/autorun'
+# require 'flexmock/rspec/configure'
+require 'pry'
+unless Object.const_defined? 'User'
+	# binding.pry
+  require 'models/user'
+  # mock_model 'User'
+end
+RSpec.configure do |config|
+	# co
+end

metadata ADDED Viewed

@@ -0,0 +1,218 @@
+--- !ruby/object:Gem::Specification
+name: active_directory_login
+version: !ruby/object:Gem::Version
+  version: 0.0.2
+platform: ruby
+authors:
+- Brad Murray
+autorequire:
+bindir: bin
+cert_chain: []
+date: 2014-03-11 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '1.3'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '1.3'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rails
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '4.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '4.0'
+- !ruby/object:Gem::Dependency
+  name: devise
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '='
+      - !ruby/object:Gem::Version
+        version: 3.0.0
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '='
+      - !ruby/object:Gem::Version
+        version: 3.0.0
+- !ruby/object:Gem::Dependency
+  name: warden
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '2.14'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '2.14'
+- !ruby/object:Gem::Dependency
+  name: rspec-rails
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '2.14'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '2.14'
+- !ruby/object:Gem::Dependency
+  name: flexmock
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: pry
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: datacom_active_directory
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '='
+      - !ruby/object:Gem::Version
+        version: 1.5.5.datacom
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '='
+      - !ruby/object:Gem::Version
+        version: 1.5.5.datacom
+- !ruby/object:Gem::Dependency
+  name: datacom-net-ldap
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '='
+      - !ruby/object:Gem::Version
+        version: 0.5.0.datacom
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '='
+      - !ruby/object:Gem::Version
+        version: 0.5.0.datacom
+description: Devise based AD User Logins
+email:
+- wyaeld@gmail.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- .gitignore
+- Gemfile
+- LICENSE.txt
+- README.md
+- Rakefile
+- active_directory_login.gemspec
+- lib/active_directory_login.rb
+- lib/active_directory_login/client.rb
+- lib/active_directory_login/group_resource.rb
+- lib/active_directory_login/health_check.rb
+- lib/active_directory_login/version.rb
+- lib/devise/strategies/active_directory_authenticatable.rb
+- spec/active_directory_login_spec.rb
+- spec/client_spec.rb
+- spec/models/user.rb
+- spec/spec_helper.rb
+homepage: http://github.com/datacom/active_directory_login
+licenses:
+- MIT
+metadata: {}
+post_install_message:
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project:
+rubygems_version: 2.2.2
+signing_key:
+specification_version: 4
+summary: Devise based AD User Logins
+test_files:
+- spec/active_directory_login_spec.rb
+- spec/client_spec.rb
+- spec/models/user.rb
+- spec/spec_helper.rb