authlogic 3.4.6 → 4.2.0

data/test/session_test/session_test.rb

@@ -1,4 +1,4 @@
-require 'test_helper'
+require "test_helper"
 
 module SessionTest
   module SessionTest
@@ -23,15 +23,16 @@ module SessionTest
 
       def test_persist_persist_by_session_with_session_fixation_attack
         ben = users(:ben)
-        controller.session["user_credentials"] = 'neo'
-        controller.session["user_credentials_id"] = {:select => " *,'neo' AS persistence_token FROM users WHERE id = #{ben.id} limit 1 -- "}
+        controller.session["user_credentials"] = "neo"
+        controller.session["user_credentials_id"] = {
+          select: " *,'neo' AS persistence_token FROM users WHERE id = #{ben.id} limit 1 -- "
+        }
         @user_session = UserSession.find
         assert @user_session.blank?
       end
 
       def test_persist_persist_by_session_with_sql_injection_attack
-        ben = users(:ben)
-        controller.session["user_credentials"] = {:select => "ABRA CADABRA"}
+        controller.session["user_credentials"] = { select: "ABRA CADABRA" }
         controller.session["user_credentials_id"] = nil
         assert_nothing_raised do
           @user_session = UserSession.find
@@ -74,4 +75,4 @@ module SessionTest
       end
     end
   end
-end
+end

data/test/session_test/timeout_test.rb

@@ -1,4 +1,4 @@
-require 'test_helper'
+require "test_helper"
 
 module SessionTest
   module TimeoutTest
@@ -6,12 +6,12 @@ module SessionTest
       def test_logout_on_timeout
         UserSession.logout_on_timeout = true
         assert UserSession.logout_on_timeout
-    
+
         UserSession.logout_on_timeout false
-        assert !UserSession.logout_on_timeout
+        refute UserSession.logout_on_timeout
       end
     end
-    
+
     class InstanceMethods < ActiveSupport::TestCase
       def test_stale_state
         UserSession.logout_on_timeout = true
@@ -19,23 +19,23 @@ module SessionTest
         ben.last_request_at = 3.years.ago
         ben.save
         set_session_for(ben)
-      
+
         session = UserSession.new
         assert session.persisting?
         assert session.stale?
         assert_equal ben, session.stale_record
         assert_nil session.record
         assert_nil controller.session["user_credentials_id"]
-      
+
         set_session_for(ben)
-      
+
         ben.last_request_at = Time.now
         ben.save
-      
+
         assert session.persisting?
-        assert !session.stale?
+        refute session.stale?
         assert_nil session.stale_record
-      
+
         UserSession.logout_on_timeout = false
       end
 
@@ -63,15 +63,17 @@ module SessionTest
         assert session.save
         Timecop.freeze(Time.now + 2.months)
         assert session.persisting?
-        assert !session.stale?
+        refute session.stale?
         UserSession.remember_me = false
       end
-      
+
       def test_successful_login
         UserSession.logout_on_timeout = true
         ben = users(:ben)
-        assert UserSession.create(:login => ben.login, :password => "benrocks")
-        assert session = UserSession.find
+        session = UserSession.create(login: ben.login, password: "benrocks")
+        refute session.new_session?
+        session = UserSession.find
+        assert session
         assert_equal ben, session.record
         UserSession.logout_on_timeout = false
       end

data/test/session_test/unauthorized_record_test.rb

@@ -1,4 +1,4 @@
-require 'test_helper'
+require "test_helper"
 
 module SessionTest
   class UnauthorizedRecordTest < ActiveSupport::TestCase
@@ -7,7 +7,7 @@ module SessionTest
       session = UserSession.new
       session.credentials = [ben]
       assert_equal ben, session.unauthorized_record
-      assert_equal({:unauthorized_record => "<protected>"}, session.credentials)
+      assert_equal({ unauthorized_record: "<protected>" }, session.credentials)
     end
   end
-end
+end

data/test/session_test/validation_test.rb

@@ -1,4 +1,4 @@
-require 'test_helper'
+require "test_helper"
 
 module SessionTest
   class ValidationTest < ActiveSupport::TestCase
@@ -6,13 +6,13 @@ module SessionTest
       session = UserSession.new
       assert session.errors.is_a?(Authlogic::Session::Validation::Errors)
     end
-    
+
     def test_valid
       session = UserSession.new
-      assert !session.valid?
+      refute session.valid?
       assert_nil session.record
       assert session.errors.count > 0
-      
+
       ben = users(:ben)
       session.unauthorized_record = ben
       assert session.valid?
@@ -20,4 +20,4 @@ module SessionTest
       assert session.errors.empty?
     end
   end
-end
+end

data/test/test_helper.rb

@@ -1,24 +1,32 @@
+require "byebug"
 require "rubygems"
 require "minitest/autorun"
 require "active_record"
 require "active_record/fixtures"
 require "timecop"
 require "i18n"
+require "minitest/reporters"
 
+Minitest::Reporters.use!(Minitest::Reporters::SpecReporter.new)
 
-I18n.load_path << File.dirname(__FILE__) + '/i18n/lol.yml'
+I18n.load_path << File.dirname(__FILE__) + "/i18n/lol.yml"
 
-#ActiveRecord::Schema.verbose = false
-ActiveRecord::Base.establish_connection(:adapter => "sqlite3", :database => ":memory:")
+# ActiveRecord::Schema.verbose = false
+ActiveRecord::Base.establish_connection(adapter: "sqlite3", database: ":memory:")
 logger = Logger.new(STDOUT)
-logger.level= Logger::FATAL
+logger.level = Logger::FATAL
 ActiveRecord::Base.logger = logger
 
-if (ActiveRecord::VERSION::STRING < '4.1')
+if ActiveRecord::VERSION::STRING < "4.1"
   ActiveRecord::Base.configurations = true
 end
+
+if ActiveSupport.respond_to?(:test_order)
+  ActiveSupport.test_order = :sorted
+end
+
 ActiveRecord::Base.default_timezone = :local
-ActiveRecord::Schema.define(:version => 1) do
+ActiveRecord::Schema.define(version: 1) do
   create_table :companies do |t|
     t.datetime  :created_at
     t.datetime  :updated_at
@@ -32,7 +40,7 @@ ActiveRecord::Schema.define(:version => 1) do
     t.string    :name
   end
 
-  create_table :projects_users, :id => false do |t|
+  create_table :projects_users, id: false do |t|
     t.integer :project_id
     t.integer :user_id
   end
@@ -40,7 +48,7 @@ ActiveRecord::Schema.define(:version => 1) do
   create_table :users do |t|
     t.datetime  :created_at
     t.datetime  :updated_at
-    t.integer   :lock_version, :default => 0
+    t.integer   :lock_version, default: 0
     t.integer   :company_id
     t.string    :login
     t.string    :crypted_password
@@ -51,16 +59,16 @@ ActiveRecord::Schema.define(:version => 1) do
     t.string    :email
     t.string    :first_name
     t.string    :last_name
-    t.integer   :login_count, :default => 0, :null => false
-    t.integer   :failed_login_count, :default => 0, :null => false
+    t.integer   :login_count, default: 0, null: false
+    t.integer   :failed_login_count, default: 0, null: false
     t.datetime  :last_request_at
     t.datetime  :current_login_at
     t.datetime  :last_login_at
     t.string    :current_login_ip
     t.string    :last_login_ip
-    t.boolean   :active, :default => true
-    t.boolean   :approved, :default => true
-    t.boolean   :confirmed, :default => true
+    t.boolean   :active, default: true
+    t.boolean   :approved, default: true
+    t.boolean   :confirmed, default: true
   end
 
   create_table :employees do |t|
@@ -73,7 +81,7 @@ ActiveRecord::Schema.define(:version => 1) do
     t.string    :persistence_token
     t.string    :first_name
     t.string    :last_name
-    t.integer   :login_count, :default => 0, :null => false
+    t.integer   :login_count, default: 0, null: false
     t.datetime  :last_request_at
     t.datetime  :current_login_at
     t.datetime  :last_login_at
@@ -99,46 +107,81 @@ ActiveRecord::Schema.define(:version => 1) do
   end
 end
 
-require_relative '../lib/authlogic' unless defined?(Authlogic)
-require_relative '../lib/authlogic/test_case'
-require_relative 'libs/project'
-require_relative 'libs/affiliate'
-require_relative 'libs/employee'
-require_relative 'libs/employee_session'
-require_relative 'libs/ldaper'
-require_relative 'libs/user'
-require_relative 'libs/user_session'
-require_relative 'libs/company'
-
-Authlogic::CryptoProviders::AES256.key = "myafdsfddddddddddddddddddddddddddddddddddddddddddddddd"
-
-class ActiveSupport::TestCase
-  include ActiveRecord::TestFixtures
-  self.fixture_path = File.dirname(__FILE__) + "/fixtures"
-  self.use_transactional_fixtures = false
-  self.use_instantiated_fixtures  = false
-  self.pre_loaded_fixtures = false
-  fixtures :all
-  setup :activate_authlogic
-  setup :config_setup
-  teardown :config_teardown
-  teardown { Timecop.return } # for tests that need to freeze the time
-
-
-  private
+require "English"
+$LOAD_PATH.unshift(File.expand_path("../lib", __dir__))
+require "authlogic"
+require "authlogic/test_case"
+require "libs/project"
+require "libs/affiliate"
+require "libs/employee"
+require "libs/employee_session"
+require "libs/ldaper"
+require "libs/user"
+require "libs/user_session"
+require "libs/company"
+
+# Recent change, 2017-10-23: We had used a 54-letter string here. In the default
+# encoding, UTF-8, that's 54 bytes, which is clearly incorrect for an algorithm
+# with a 256-bit key, but I guess it worked. With the release of ruby 2.4 (and
+# thus openssl gem 2.0), it is more strict, and must be exactly 32 bytes.
+Authlogic::CryptoProviders::AES256.key = ::OpenSSL::Random.random_bytes(32)
+
+module ActiveSupport
+  class TestCase
+    include ActiveRecord::TestFixtures
+    self.fixture_path = File.dirname(__FILE__) + "/fixtures"
+
+    # use_transactional_fixtures= is deprecated and will be removed from Rails 5.1
+    # (use use_transactional_tests= instead)
+    if respond_to?(:use_transactional_tests=)
+      self.use_transactional_tests = false
+    else
+      self.use_transactional_fixtures = false
+    end
+
+    self.use_instantiated_fixtures = false
+    self.pre_loaded_fixtures = false
+    fixtures :all
+    setup :activate_authlogic
+    setup :config_setup
+    teardown :config_teardown
+    teardown { Timecop.return } # for tests that need to freeze the time
+
+    private
+
     # Many of the tests change Authlogic config for the test models. Some tests
     # were not resetting the config after tests, which didn't surface as broken
     # tests until Rails 4.1 was added for testing. This ensures that all the
     # models start tests with their original config.
     def config_setup
-      [Project, Affiliate, Employee, EmployeeSession, Ldaper, User, UserSession, Company].each do |model|
-        model.class_attribute :original_acts_as_authentic_config unless model.respond_to?(:original_acts_as_authentic_config)
+      [
+        Project,
+        Affiliate,
+        Employee,
+        EmployeeSession,
+        Ldaper,
+        User,
+        UserSession,
+        Company
+      ].each do |model|
+        unless model.respond_to?(:original_acts_as_authentic_config)
+          model.class_attribute :original_acts_as_authentic_config
+        end
         model.original_acts_as_authentic_config = model.acts_as_authentic_config
       end
     end
 
     def config_teardown
-      [Project, Affiliate, Employee, EmployeeSession, Ldaper, User, UserSession, Company].each do |model|
+      [
+        Project,
+        Affiliate,
+        Employee,
+        EmployeeSession,
+        Ldaper,
+        User,
+        UserSession,
+        Company
+      ].each do |model|
         model.acts_as_authentic_config = model.original_acts_as_authentic_config
       end
     end
@@ -154,7 +197,7 @@ class ActiveSupport::TestCase
       end
     end
 
-    def http_basic_auth_for(user = nil, &block)
+    def http_basic_auth_for(user = nil)
       unless user.blank?
         controller.http_user = user.login
         controller.http_password = password_for(user)
@@ -164,7 +207,10 @@ class ActiveSupport::TestCase
     end
 
     def set_cookie_for(user)
-      controller.cookies["user_credentials"] = {:value => "#{user.persistence_token}::#{user.id}", :expires => nil}
+      controller.cookies["user_credentials"] = {
+        value: "#{user.persistence_token}::#{user.id}",
+        expires: nil
+      }
     end
 
     def unset_cookie
@@ -187,12 +233,32 @@ class ActiveSupport::TestCase
       controller.request_content_type = nil
     end
 
-    def set_session_for(user)
-      controller.session["user_credentials"] = user.persistence_token
-      controller.session["user_credentials_id"] = user.id
+    def session_credentials_prefix(scope_record)
+      if scope_record.nil?
+        ""
+      else
+        format(
+          "%s_%d_",
+          scope_record.class.model_name.name.underscore,
+          scope_record.id
+        )
+      end
+    end
+
+    # Sets the session variables that `record` (eg. a `User`) would have after
+    # logging in.
+    #
+    # If `record` belongs to an `authenticates_many` association that uses the
+    # `scope_cookies` option, then a `scope_record` can be provided.
+    def set_session_for(record, scope_record = nil)
+      prefix = session_credentials_prefix(scope_record)
+      record_class_name = record.class.model_name.name.underscore
+      controller.session["#{prefix}#{record_class_name}_credentials"] = record.persistence_token
+      controller.session["#{prefix}#{record_class_name}_credentials_id"] = record.id
     end
 
     def unset_session
       controller.session["user_credentials"] = controller.session["user_credentials_id"] = nil
     end
+  end
 end

metadata

@@ -1,120 +1,183 @@
 --- !ruby/object:Gem::Specification
 name: authlogic
 version: !ruby/object:Gem::Version
-  version: 3.4.6
+  version: 4.2.0
 platform: ruby
 authors:
 - Ben Johnson
+- Tieg Zaharia
+- Jared Beck
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2015-07-13 00:00:00.000000000 Z
+date: 2018-07-18 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activerecord
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - '>='
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '3.2'
+        version: '4.2'
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '5.3'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - '>='
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '4.2'
+    - - "<"
       - !ruby/object:Gem::Version
-        version: '3.2'
+        version: '5.3'
 - !ruby/object:Gem::Dependency
   name: activesupport
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - '>='
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '3.2'
+        version: '4.2'
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '5.3'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - '>='
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '4.2'
+    - - "<"
       - !ruby/object:Gem::Version
-        version: '3.2'
+        version: '5.3'
 - !ruby/object:Gem::Dependency
   name: request_store
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: '1.0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: '1.0'
 - !ruby/object:Gem::Dependency
   name: scrypt
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - '>='
+    - - ">="
       - !ruby/object:Gem::Version
         version: '1.2'
-    - - <
+    - - "<"
       - !ruby/object:Gem::Version
-        version: '3.0'
+        version: '4.0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - '>='
+    - - ">="
       - !ruby/object:Gem::Version
         version: '1.2'
-    - - <
+    - - "<"
       - !ruby/object:Gem::Version
-        version: '3.0'
+        version: '4.0'
 - !ruby/object:Gem::Dependency
   name: bcrypt
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: '3.1'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: '3.1'
+- !ruby/object:Gem::Dependency
+  name: byebug
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '10.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '10.0'
+- !ruby/object:Gem::Dependency
+  name: minitest-reporters
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.3'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.3'
+- !ruby/object:Gem::Dependency
+  name: rubocop
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.58.1
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.58.1
 - !ruby/object:Gem::Dependency
   name: timecop
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: '0.7'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: '0.7'
-description: A clean, simple, and unobtrusive ruby authentication solution.
+description: 
 email:
 - bjohnson@binarylogic.com
+- tieg.zaharia@gmail.com
+- jared@jaredbeck.com
 executables: []
 extensions: []
 extra_rdoc_files: []
 files:
-- .gitignore
-- .travis.yml
+- ".github/ISSUE_TEMPLATE.md"
+- ".github/triage.md"
+- ".gitignore"
+- ".rubocop.yml"
+- ".rubocop_todo.yml"
+- ".travis.yml"
 - CHANGELOG.md
 - CONTRIBUTING.md
 - Gemfile
 - LICENSE
-- README.rdoc
+- README.md
 - Rakefile
+- UPGRADING.md
 - authlogic.gemspec
 - lib/authlogic.rb
 - lib/authlogic/acts_as_authentic/base.rb
@@ -125,6 +188,7 @@ files:
 - lib/authlogic/acts_as_authentic/password.rb
 - lib/authlogic/acts_as_authentic/perishable_token.rb
 - lib/authlogic/acts_as_authentic/persistence_token.rb
+- lib/authlogic/acts_as_authentic/queries/find_with_case.rb
 - lib/authlogic/acts_as_authentic/restful_authentication.rb
 - lib/authlogic/acts_as_authentic/session_maintenance.rb
 - lib/authlogic/acts_as_authentic/single_access_token.rb
@@ -178,6 +242,7 @@ files:
 - lib/authlogic/test_case/mock_logger.rb
 - lib/authlogic/test_case/mock_request.rb
 - lib/authlogic/test_case/rails_request_adapter.rb
+- lib/authlogic/version.rb
 - test/acts_as_authentic_test/base_test.rb
 - test/acts_as_authentic_test/email_test.rb
 - test/acts_as_authentic_test/logged_in_status_test.rb
@@ -189,6 +254,7 @@ files:
 - test/acts_as_authentic_test/restful_authentication_test.rb
 - test/acts_as_authentic_test/session_maintenance_test.rb
 - test/acts_as_authentic_test/single_access_test.rb
+- test/adapter_test.rb
 - test/authenticates_many_test.rb
 - test/config_test.rb
 - test/crypto_provider_test/aes256_test.rb
@@ -197,14 +263,16 @@ files:
 - test/crypto_provider_test/sha1_test.rb
 - test/crypto_provider_test/sha256_test.rb
 - test/crypto_provider_test/sha512_test.rb
+- test/crypto_provider_test/wordpress_test.rb
 - test/fixtures/companies.yml
 - test/fixtures/employees.yml
 - test/fixtures/projects.yml
 - test/fixtures/users.yml
-- test/gemfiles/Gemfile.rails-3.2.x
-- test/gemfiles/Gemfile.rails-4.0.x
-- test/gemfiles/Gemfile.rails-4.1.x
 - test/gemfiles/Gemfile.rails-4.2.x
+- test/gemfiles/Gemfile.rails-5.0.x
+- test/gemfiles/Gemfile.rails-5.1.x
+- test/gemfiles/Gemfile.rails-5.2.x
+- test/gemfiles/Gemfile.rails-master
 - test/i18n/lol.yml
 - test/i18n_test.rb
 - test/libs/affiliate.rb
@@ -249,17 +317,17 @@ require_paths:
 - lib
 required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
-  - - '>='
+  - - ">="
     - !ruby/object:Gem::Version
-      version: '0'
+      version: 2.2.0
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
-  - - '>='
+  - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.0.14
+rubygems_version: 2.7.6
 signing_key: 
 specification_version: 4
 summary: A clean, simple, and unobtrusive ruby authentication solution.
@@ -275,6 +343,7 @@ test_files:
 - test/acts_as_authentic_test/restful_authentication_test.rb
 - test/acts_as_authentic_test/session_maintenance_test.rb
 - test/acts_as_authentic_test/single_access_test.rb
+- test/adapter_test.rb
 - test/authenticates_many_test.rb
 - test/config_test.rb
 - test/crypto_provider_test/aes256_test.rb
@@ -283,14 +352,16 @@ test_files:
 - test/crypto_provider_test/sha1_test.rb
 - test/crypto_provider_test/sha256_test.rb
 - test/crypto_provider_test/sha512_test.rb
+- test/crypto_provider_test/wordpress_test.rb
 - test/fixtures/companies.yml
 - test/fixtures/employees.yml
 - test/fixtures/projects.yml
 - test/fixtures/users.yml
-- test/gemfiles/Gemfile.rails-3.2.x
-- test/gemfiles/Gemfile.rails-4.0.x
-- test/gemfiles/Gemfile.rails-4.1.x
 - test/gemfiles/Gemfile.rails-4.2.x
+- test/gemfiles/Gemfile.rails-5.0.x
+- test/gemfiles/Gemfile.rails-5.1.x
+- test/gemfiles/Gemfile.rails-5.2.x
+- test/gemfiles/Gemfile.rails-master
 - test/i18n/lol.yml
 - test/i18n_test.rb
 - test/libs/affiliate.rb