auth 0.0.5 → 0.0.6

data/CHANGELOG

@@ -1,3 +1,7 @@
+*0.0.6*
+
+* Added a Rack middleware
+
 *0.0.4*
 
 * Fixed some problems related to exception handling

data/lib/auth/middleware.rb

@@ -0,0 +1,49 @@
+require 'rubygems'
+require 'rack'
+require 'rack/auth/abstract/handler'
+require 'rack/auth/abstract/request'
+require 'auth'
+
+module Auth
+  class Middleware < Rack::Auth::AbstractHandler
+
+    def call(env)
+      auth = Request.new(env)
+
+      return unauthorized unless auth.provided?
+      return bad_request unless auth.bearer?
+
+      if valid?(auth)
+        env['REMOTE_USER'] = auth.account_id
+        return @app.call(env)
+      end
+
+      unauthorized
+    end
+
+    private
+
+      def challenge
+        'Bearer realm="%s"' % realm
+      end
+
+      def valid?(auth)
+        auth.account_id ? true : false
+      end
+
+      class Request < Rack::Auth::AbstractRequest
+        def bearer?
+          :bearer == scheme
+        end
+
+        def access_token
+          @access_token ||= params.unpack("m*").first
+        end
+
+        def account_id
+          @account_id ||= Auth.validate_token(access_token)
+        end
+      end
+
+  end
+end

data/lib/auth/version.rb

@@ -1,3 +1,3 @@
 module Auth
-  Version = VERSION = '0.0.5'
+  Version = VERSION = '0.0.6'
 end

data/test/middleware_test.rb

@@ -0,0 +1,52 @@
+require File.expand_path('test/test_helper')
+require 'auth/middleware'
+
+class MiddlewareTest < Test::Unit::TestCase
+  include Rack::Test::Methods
+
+  def app
+    inner_app = lambda { |env| [200, {'Content-Type' => 'text/plain'}, [env['REMOTE_USER']]] }
+    Auth::Middleware.new(inner_app, 'Test realm')
+  end
+
+  def setup
+    Auth.redis.flushall
+  end
+
+  def test_unauthenticated_request
+    env = Rack::MockRequest.env_for('/test')
+    res = app.call(env)
+    assert_equal 401, res[0]
+    assert_equal 'Bearer realm="Test realm"', res[1]['WWW-Authenticate']
+    assert_empty res[2]
+  end
+
+  def test_authenticated_request
+    token = Auth.issue_token('test-user')
+    env = Rack::MockRequest.env_for('/test',
+      'HTTP_AUTHORIZATION' => "Bearer #{Base64.encode64(token)}")
+    res = app.call(env)
+    assert_equal 200, res[0]
+    assert_equal nil, res[1]['WWW-Authenticate']
+    assert_equal ['test-user'], res[2]
+  end
+
+  def test_authenticated_non_bearer_request
+    env = Rack::MockRequest.env_for('/test',
+      'HTTP_AUTHORIZATION' => "Basic #{Base64.encode64('test')}")
+    res = app.call(env)
+    assert_equal 400, res[0]
+    assert_equal nil, res[1]['WWW-Authenticate']
+    assert_empty res[2]
+  end
+
+  def test_authenticated_invalid_request
+    env = Rack::MockRequest.env_for('/test',
+      'HTTP_AUTHORIZATION' => "Bearer #{Base64.encode64('wrong')}")
+    res = app.call(env)
+    assert_equal 401, res[0]
+    assert_equal 'Bearer realm="Test realm"', res[1]['WWW-Authenticate']
+    assert_empty res[2]
+  end
+
+end

metadata

@@ -1,12 +1,8 @@
 --- !ruby/object:Gem::Specification 
 name: auth
 version: !ruby/object:Gem::Version 
-  prerelease: false
-  segments: 
-  - 0
-  - 0
-  - 5
-  version: 0.0.5
+  prerelease: 
+  version: 0.0.6
 platform: ruby
 authors: 
 - Niklas Holmgren
@@ -14,8 +10,7 @@ autorequire:
 bindir: bin
 cert_chain: []
 
-date: 2011-10-16 00:00:00 +02:00
-default_executable: 
+date: 2011-12-19 00:00:00 Z
 dependencies: 
 - !ruby/object:Gem::Dependency 
   name: json
@@ -25,10 +20,6 @@ dependencies:
     requirements: 
     - - ">"
       - !ruby/object:Gem::Version 
-        segments: 
-        - 1
-        - 0
-        - 0
         version: 1.0.0
   type: :runtime
   version_requirements: *id001
@@ -40,10 +31,6 @@ dependencies:
     requirements: 
     - - ">"
       - !ruby/object:Gem::Version 
-        segments: 
-        - 1
-        - 0
-        - 0
         version: 1.0.0
   type: :runtime
   version_requirements: *id002
@@ -55,10 +42,6 @@ dependencies:
     requirements: 
     - - ">"
       - !ruby/object:Gem::Version 
-        segments: 
-        - 1
-        - 0
-        - 0
         version: 1.0.0
   type: :runtime
   version_requirements: *id003
@@ -70,10 +53,6 @@ dependencies:
     requirements: 
     - - ">"
       - !ruby/object:Gem::Version 
-        segments: 
-        - 2
-        - 0
-        - 0
         version: 2.0.0
   type: :runtime
   version_requirements: *id004
@@ -85,10 +64,6 @@ dependencies:
     requirements: 
     - - ">"
       - !ruby/object:Gem::Version 
-        segments: 
-        - 0
-        - 8
-        - 0
         version: 0.8.0
   type: :runtime
   version_requirements: *id005
@@ -100,10 +75,6 @@ dependencies:
     requirements: 
     - - ">"
       - !ruby/object:Gem::Version 
-        segments: 
-        - 0
-        - 5
-        - 6
         version: 0.5.6
   type: :development
   version_requirements: *id006
@@ -124,16 +95,17 @@ files:
 - lib/auth/client.rb
 - lib/auth/exceptions.rb
 - lib/auth/helpers.rb
+- lib/auth/middleware.rb
 - lib/auth/sentry.rb
 - lib/auth/server/views/authorize.erb
 - lib/auth/server.rb
 - lib/auth/version.rb
 - lib/auth.rb
 - test/auth_test.rb
+- test/middleware_test.rb
 - test/redis-test.conf
 - test/server_test.rb
 - test/test_helper.rb
-has_rdoc: true
 homepage: http://github.com/sutajio/auth/
 licenses: []
 
@@ -147,21 +119,17 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements: 
   - - ">="
     - !ruby/object:Gem::Version 
-      segments: 
-      - 0
       version: "0"
 required_rubygems_version: !ruby/object:Gem::Requirement 
   none: false
   requirements: 
   - - ">="
     - !ruby/object:Gem::Version 
-      segments: 
-      - 0
       version: "0"
 requirements: []
 
 rubyforge_project: 
-rubygems_version: 1.3.7
+rubygems_version: 1.8.11
 signing_key: 
 specification_version: 3
 summary: Auth is a Redis-backed high performance OAuth2 authorization server.