authentication-needed-san 1.1.1
Sign up to get free protection for your applications and to get access to all the features.
- data/LICENSE +20 -0
- data/README.rdoc +42 -0
- data/Rakefile +42 -0
- data/VERSION.yml +4 -0
- data/authentication-needed-san.gemspec +45 -0
- data/lib/authentication_needed_san.rb +80 -0
- data/rails/init.rb +2 -0
- data/test/authentication_needed_san_test.rb +113 -0
- data/test/test_helper.rb +19 -0
- metadata +65 -0
data/LICENSE
ADDED
@@ -0,0 +1,20 @@
|
|
1
|
+
Copyright (c) 2009 Fingertips, Eloy Duran <eloy@fngtps.com>
|
2
|
+
|
3
|
+
Permission is hereby granted, free of charge, to any person obtaining
|
4
|
+
a copy of this software and associated documentation files (the
|
5
|
+
"Software"), to deal in the Software without restriction, including
|
6
|
+
without limitation the rights to use, copy, modify, merge, publish,
|
7
|
+
distribute, sublicense, and/or sell copies of the Software, and to
|
8
|
+
permit persons to whom the Software is furnished to do so, subject to
|
9
|
+
the following conditions:
|
10
|
+
|
11
|
+
The above copyright notice and this permission notice shall be
|
12
|
+
included in all copies or substantial portions of the Software.
|
13
|
+
|
14
|
+
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
|
15
|
+
EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
|
16
|
+
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
|
17
|
+
NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
|
18
|
+
LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
|
19
|
+
OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
|
20
|
+
WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
data/README.rdoc
ADDED
@@ -0,0 +1,42 @@
|
|
1
|
+
== AuthenticationNeededSan
|
2
|
+
|
3
|
+
A thin wrapper around the Rails ‘flash’ object, to assist in redirecting a user
|
4
|
+
‘back’ to the page she originally requested.
|
5
|
+
|
6
|
+
For more info see the AuthenticationNeededSan class documentation.
|
7
|
+
|
8
|
+
=== Example
|
9
|
+
|
10
|
+
Consider an application which uses the authorization-san plugin. The
|
11
|
+
ApplicationController would look something like the following:
|
12
|
+
|
13
|
+
class ApplicationController < ActionController::Base
|
14
|
+
# If nobody was logged in and this resource is not accessable by all,
|
15
|
+
# request authentication. Otherwise reply that the resource is forbidden.
|
16
|
+
def access_forbidden
|
17
|
+
# If the user is logged in and still can't view the page, we have to tell
|
18
|
+
# them access is forbidden.
|
19
|
+
if !@authenticated.nil?
|
20
|
+
send_response_document :forbidden
|
21
|
+
else
|
22
|
+
authentication_needed!
|
23
|
+
end
|
24
|
+
end
|
25
|
+
|
26
|
+
def when_authentication_needed
|
27
|
+
redirect_to new_session_url
|
28
|
+
end
|
29
|
+
end
|
30
|
+
|
31
|
+
Then from your sessions controller redirect the user back to the page she
|
32
|
+
requested or the default one:
|
33
|
+
|
34
|
+
class SessionsController < ApplicationController
|
35
|
+
def create
|
36
|
+
# login code...
|
37
|
+
finish_authentication_needed! or redirect_to(root_url)
|
38
|
+
end
|
39
|
+
end
|
40
|
+
|
41
|
+
The authorization-san plugin is available at:
|
42
|
+
http://github.com/Fingertips/authorization-san
|
data/Rakefile
ADDED
@@ -0,0 +1,42 @@
|
|
1
|
+
require 'rake'
|
2
|
+
require 'rake/testtask'
|
3
|
+
require 'rake/rdoctask'
|
4
|
+
|
5
|
+
desc 'Default: run unit tests.'
|
6
|
+
task :default => :test
|
7
|
+
|
8
|
+
desc 'Test the authentication_needed_san plugin.'
|
9
|
+
Rake::TestTask.new(:test) do |t|
|
10
|
+
t.libs << 'lib'
|
11
|
+
t.libs << 'test'
|
12
|
+
t.pattern = 'test/**/*_test.rb'
|
13
|
+
t.verbose = true
|
14
|
+
end
|
15
|
+
|
16
|
+
desc 'Generate documentation for the authentication_needed_san plugin.'
|
17
|
+
Rake::RDocTask.new(:rdoc) do |rdoc|
|
18
|
+
rdoc.rdoc_dir = 'rdoc'
|
19
|
+
rdoc.title = 'AuthenticationNeeded-San'
|
20
|
+
rdoc.options << '--line-numbers' << '--inline-source' << '--charset=utf-8'
|
21
|
+
rdoc.rdoc_files.include('README.rdoc', 'lib/authentication_needed_san.rb', 'LICENSE')
|
22
|
+
end
|
23
|
+
|
24
|
+
begin
|
25
|
+
require 'jeweler'
|
26
|
+
Jeweler::Tasks.new do |s|
|
27
|
+
s.name = "authentication-needed-san"
|
28
|
+
s.summary = s.description = "A thin wrapper around the Rails `flash' object to assist in redirecting the user `back' after authentication."
|
29
|
+
s.email = "eloy@fngtps.com"
|
30
|
+
s.homepage = "http://github.com/Fingertips/authentication-needed-san"
|
31
|
+
s.authors = ["Eloy Duran"]
|
32
|
+
end
|
33
|
+
rescue LoadError
|
34
|
+
end
|
35
|
+
|
36
|
+
begin
|
37
|
+
require 'jewelry_portfolio/tasks'
|
38
|
+
JewelryPortfolio::Tasks.new do |p|
|
39
|
+
p.account = 'Fingertips'
|
40
|
+
end
|
41
|
+
rescue LoadError
|
42
|
+
end
|
data/VERSION.yml
ADDED
@@ -0,0 +1,45 @@
|
|
1
|
+
# -*- encoding: utf-8 -*-
|
2
|
+
|
3
|
+
Gem::Specification.new do |s|
|
4
|
+
s.name = %q{authentication-needed-san}
|
5
|
+
s.version = "1.1.1"
|
6
|
+
|
7
|
+
s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
|
8
|
+
s.authors = ["Eloy Duran"]
|
9
|
+
s.date = %q{2009-06-11}
|
10
|
+
s.description = %q{A thin wrapper around the Rails `flash' object to assist in redirecting the user `back' after authentication.}
|
11
|
+
s.email = %q{eloy@fngtps.com}
|
12
|
+
s.extra_rdoc_files = [
|
13
|
+
"LICENSE",
|
14
|
+
"README.rdoc"
|
15
|
+
]
|
16
|
+
s.files = [
|
17
|
+
"LICENSE",
|
18
|
+
"README.rdoc",
|
19
|
+
"Rakefile",
|
20
|
+
"VERSION.yml",
|
21
|
+
"lib/authentication_needed_san.rb",
|
22
|
+
"rails/init.rb",
|
23
|
+
"test/authentication_needed_san_test.rb",
|
24
|
+
"test/test_helper.rb"
|
25
|
+
]
|
26
|
+
s.homepage = %q{http://github.com/Fingertips/authentication-needed-san}
|
27
|
+
s.rdoc_options = ["--charset=UTF-8"]
|
28
|
+
s.require_paths = ["lib"]
|
29
|
+
s.rubygems_version = %q{1.3.4}
|
30
|
+
s.summary = %q{A thin wrapper around the Rails `flash' object to assist in redirecting the user `back' after authentication.}
|
31
|
+
s.test_files = [
|
32
|
+
"test/authentication_needed_san_test.rb",
|
33
|
+
"test/test_helper.rb"
|
34
|
+
]
|
35
|
+
|
36
|
+
if s.respond_to? :specification_version then
|
37
|
+
current_version = Gem::Specification::CURRENT_SPECIFICATION_VERSION
|
38
|
+
s.specification_version = 3
|
39
|
+
|
40
|
+
if Gem::Version.new(Gem::RubyGemsVersion) >= Gem::Version.new('1.2.0') then
|
41
|
+
else
|
42
|
+
end
|
43
|
+
else
|
44
|
+
end
|
45
|
+
end
|
@@ -0,0 +1,80 @@
|
|
1
|
+
# == AuthenticationNeededSan
|
2
|
+
#
|
3
|
+
# AuthenticationNeededSan is a module which assists your controllers in dealing
|
4
|
+
# with cases where authentication is needed, but you’d like to redirect the
|
5
|
+
# user ‘back’ to the page she originally requested once the authentication flow
|
6
|
+
# has been finished.
|
7
|
+
#
|
8
|
+
# Since it uses the +flash+ internally, the data _won't_ be around after
|
9
|
+
# the user makes another request. This is becasue you do not want the user
|
10
|
+
# to be redirected ‘back’ to a page ‘out of the blue’. Which is what would
|
11
|
+
# happen if we’d use the +session+.
|
12
|
+
#
|
13
|
+
# However, sometimes you might want to keep the data around for another
|
14
|
+
# request. Use still_authentication_needed! in this case.
|
15
|
+
module AuthenticationNeededSan
|
16
|
+
class ProtocolNotImplementedError < StandardError; end
|
17
|
+
|
18
|
+
# Returns a hash of options that need to be kept around until
|
19
|
+
# finish_authentication_needed! is called.
|
20
|
+
def after_authentication
|
21
|
+
flash[:after_authentication] ||= {}
|
22
|
+
end
|
23
|
+
|
24
|
+
# Call this method when authentication is needed and you want the user to
|
25
|
+
# be redirected back to the URL she requested.
|
26
|
+
#
|
27
|
+
# Any extra +options+ given will be available as well, through the
|
28
|
+
# after_authentication accessor.
|
29
|
+
#
|
30
|
+
# Your class should implement the +when_authentication_needed+ instance
|
31
|
+
# method, which you use to define what should happen when
|
32
|
+
# authentication_needed! is called. Normally you’d probably redirect the
|
33
|
+
# user to a ‘login’ page.
|
34
|
+
def authentication_needed!(options = {})
|
35
|
+
after_authentication.merge! options
|
36
|
+
after_authentication[:redirect_to] ||= request.url
|
37
|
+
|
38
|
+
if respond_to?(:when_authentication_needed, true)
|
39
|
+
when_authentication_needed
|
40
|
+
else
|
41
|
+
raise ProtocolNotImplementedError,
|
42
|
+
"[!] The class `#{self.class.name}' should implement #when_authentication_needed to define what should be done after #authentication_needed! is called."
|
43
|
+
end
|
44
|
+
end
|
45
|
+
|
46
|
+
# Returns whether or not there currently is any after_authentication data.
|
47
|
+
def authentication_needed?
|
48
|
+
!after_authentication.blank?
|
49
|
+
end
|
50
|
+
|
51
|
+
# Force the after_authentication to be available after the next request.
|
52
|
+
#
|
53
|
+
# You’d use this if, for instance, authentication failed and the user needs
|
54
|
+
# to try it again.
|
55
|
+
def still_authentication_needed!
|
56
|
+
flash.keep :after_authentication
|
57
|
+
end
|
58
|
+
|
59
|
+
# Finish the after_authentication flow, which means the user will be
|
60
|
+
# redirected ‘back’ to the page she originally requested _before_
|
61
|
+
# authentication_needed! was called.
|
62
|
+
#
|
63
|
+
# This method returns +false+ if no authentication was needed, this way you
|
64
|
+
# can easily specify a default redirection:
|
65
|
+
#
|
66
|
+
# class SessionsController < ApplicationController
|
67
|
+
# def create
|
68
|
+
# # login code...
|
69
|
+
# finish_authentication_needed! or redirect_to(root_url)
|
70
|
+
# end
|
71
|
+
# end
|
72
|
+
def finish_authentication_needed!
|
73
|
+
if authentication_needed?
|
74
|
+
flash.discard :after_authentication
|
75
|
+
redirect_to after_authentication[:redirect_to]
|
76
|
+
else
|
77
|
+
false
|
78
|
+
end
|
79
|
+
end
|
80
|
+
end
|
data/rails/init.rb
ADDED
@@ -0,0 +1,113 @@
|
|
1
|
+
require File.expand_path('../test_helper', __FILE__)
|
2
|
+
|
3
|
+
class TestController < ApplicationController
|
4
|
+
def does_not_need_authentication
|
5
|
+
render :nothing => true
|
6
|
+
end
|
7
|
+
|
8
|
+
def needs_authentication
|
9
|
+
authentication_needed! :extra_option => "I was merged!"
|
10
|
+
end
|
11
|
+
|
12
|
+
def needs_more_authentication
|
13
|
+
still_authentication_needed!
|
14
|
+
render :nothing => true
|
15
|
+
end
|
16
|
+
|
17
|
+
def authenticate
|
18
|
+
finish_authentication_needed! or redirect_to(some_other_url)
|
19
|
+
end
|
20
|
+
|
21
|
+
private
|
22
|
+
|
23
|
+
def when_authentication_needed
|
24
|
+
redirect_to new_session_url
|
25
|
+
end
|
26
|
+
|
27
|
+
def new_session_url
|
28
|
+
"http://test/sessions/new"
|
29
|
+
end
|
30
|
+
|
31
|
+
def some_other_url
|
32
|
+
"http://test/manage/articles/new"
|
33
|
+
end
|
34
|
+
end
|
35
|
+
|
36
|
+
class AuthenticationNeededTest < ActionController::TestCase
|
37
|
+
tests TestController
|
38
|
+
|
39
|
+
test "should set a redirect_to value, which is the requested url, if authentication is needed" do
|
40
|
+
get :needs_authentication
|
41
|
+
assert_equal url_for(:needs_authentication), flash[:after_authentication][:redirect_to]
|
42
|
+
end
|
43
|
+
|
44
|
+
test "should merge extra options into the after_authentication hash" do
|
45
|
+
get :needs_authentication
|
46
|
+
assert_equal "I was merged!", flash[:after_authentication][:extra_option]
|
47
|
+
end
|
48
|
+
|
49
|
+
test "should invoke the when_authentication_needed instance method after #authentication_needed! is done" do
|
50
|
+
get :needs_authentication
|
51
|
+
assert_redirected_to new_session_url
|
52
|
+
end
|
53
|
+
|
54
|
+
test "should raise a AuthenticationNeededSan::ProtocolNotImplementedError if the class does not implement the when_authentication_needed instance method" do
|
55
|
+
class << @controller
|
56
|
+
undef :when_authentication_needed
|
57
|
+
end
|
58
|
+
|
59
|
+
assert_raises(AuthenticationNeededSan::ProtocolNotImplementedError) { get :needs_authentication }
|
60
|
+
end
|
61
|
+
|
62
|
+
test "should return `false' if authentication is not needed" do
|
63
|
+
get :does_not_need_authentication
|
64
|
+
assert !@controller.send(:authentication_needed?)
|
65
|
+
end
|
66
|
+
|
67
|
+
test "should return `true' if authentication is needed" do
|
68
|
+
get :needs_authentication
|
69
|
+
assert @controller.send(:authentication_needed?)
|
70
|
+
end
|
71
|
+
|
72
|
+
test "should allow the authentication_needed data to survive an extra request if authentication is still needed" do
|
73
|
+
flash = stubbed_flash
|
74
|
+
flash.expects(:keep).with(:after_authentication)
|
75
|
+
get :needs_more_authentication, {}, {}, flash
|
76
|
+
end
|
77
|
+
|
78
|
+
test "should redirect back to original user’s requested URL after authentication" do
|
79
|
+
get :authenticate, {}, {}, { :after_authentication => { :redirect_to => new_session_url } }
|
80
|
+
assert_redirected_to new_session_url
|
81
|
+
end
|
82
|
+
|
83
|
+
test "should discard the :after_authentication data when #finish_authentication_needed! is called" do
|
84
|
+
flash = stubbed_flash
|
85
|
+
flash.expects(:discard).with(:after_authentication)
|
86
|
+
get :authenticate, {}, {}, flash
|
87
|
+
end
|
88
|
+
|
89
|
+
test "should return `false' when #finish_authentication_needed! is called but no :after_authentication data exists so the user can do something else" do
|
90
|
+
get :authenticate
|
91
|
+
assert_redirected_to some_other_url
|
92
|
+
end
|
93
|
+
|
94
|
+
private
|
95
|
+
|
96
|
+
def url_for(action)
|
97
|
+
@controller.url_for(:action => action)
|
98
|
+
end
|
99
|
+
|
100
|
+
def new_session_url
|
101
|
+
@controller.send :new_session_url
|
102
|
+
end
|
103
|
+
|
104
|
+
def some_other_url
|
105
|
+
@controller.send :some_other_url
|
106
|
+
end
|
107
|
+
|
108
|
+
def stubbed_flash
|
109
|
+
flash = { :after_authentication => { :redirect_to => new_session_url } }
|
110
|
+
@controller.stubs(:flash).returns(flash)
|
111
|
+
flash
|
112
|
+
end
|
113
|
+
end
|
data/test/test_helper.rb
ADDED
@@ -0,0 +1,19 @@
|
|
1
|
+
$:.unshift File.expand_path('../../lib', __FILE__)
|
2
|
+
|
3
|
+
begin
|
4
|
+
require 'rubygems'
|
5
|
+
rescue LoadError
|
6
|
+
end
|
7
|
+
require 'active_support'
|
8
|
+
require 'action_controller'
|
9
|
+
require 'action_controller/test_case'
|
10
|
+
|
11
|
+
require 'test/unit'
|
12
|
+
|
13
|
+
ActionController::Base.logger = nil
|
14
|
+
ActionController::Base.ignore_missing_templates = false if ActionController::Base.respond_to?(:ignore_missing_templates)
|
15
|
+
ActionController::Routing::Routes.reload rescue nil
|
16
|
+
|
17
|
+
class ApplicationController < ActionController::Base; end
|
18
|
+
|
19
|
+
require File.expand_path('../../rails/init', __FILE__)
|
metadata
ADDED
@@ -0,0 +1,65 @@
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
2
|
+
name: authentication-needed-san
|
3
|
+
version: !ruby/object:Gem::Version
|
4
|
+
version: 1.1.1
|
5
|
+
platform: ruby
|
6
|
+
authors:
|
7
|
+
- Eloy Duran
|
8
|
+
autorequire:
|
9
|
+
bindir: bin
|
10
|
+
cert_chain: []
|
11
|
+
|
12
|
+
date: 2010-03-17 00:00:00 +01:00
|
13
|
+
default_executable:
|
14
|
+
dependencies: []
|
15
|
+
|
16
|
+
description: A thin wrapper around the Rails `flash' object to assist in redirecting the user `back' after authentication.
|
17
|
+
email: eloy@fngtps.com
|
18
|
+
executables: []
|
19
|
+
|
20
|
+
extensions: []
|
21
|
+
|
22
|
+
extra_rdoc_files:
|
23
|
+
- LICENSE
|
24
|
+
- README.rdoc
|
25
|
+
files:
|
26
|
+
- LICENSE
|
27
|
+
- README.rdoc
|
28
|
+
- Rakefile
|
29
|
+
- VERSION.yml
|
30
|
+
- authentication-needed-san.gemspec
|
31
|
+
- lib/authentication_needed_san.rb
|
32
|
+
- rails/init.rb
|
33
|
+
- test/authentication_needed_san_test.rb
|
34
|
+
- test/test_helper.rb
|
35
|
+
has_rdoc: true
|
36
|
+
homepage: http://github.com/Fingertips/authentication-needed-san
|
37
|
+
licenses: []
|
38
|
+
|
39
|
+
post_install_message:
|
40
|
+
rdoc_options:
|
41
|
+
- --charset=UTF-8
|
42
|
+
require_paths:
|
43
|
+
- lib
|
44
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
45
|
+
requirements:
|
46
|
+
- - ">="
|
47
|
+
- !ruby/object:Gem::Version
|
48
|
+
version: "0"
|
49
|
+
version:
|
50
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
51
|
+
requirements:
|
52
|
+
- - ">="
|
53
|
+
- !ruby/object:Gem::Version
|
54
|
+
version: "0"
|
55
|
+
version:
|
56
|
+
requirements: []
|
57
|
+
|
58
|
+
rubyforge_project:
|
59
|
+
rubygems_version: 1.3.5
|
60
|
+
signing_key:
|
61
|
+
specification_version: 3
|
62
|
+
summary: A thin wrapper around the Rails `flash' object to assist in redirecting the user `back' after authentication.
|
63
|
+
test_files:
|
64
|
+
- test/authentication_needed_san_test.rb
|
65
|
+
- test/test_helper.rb
|