authlogic 2.1.2 → 2.1.3

data/.gitignore

@@ -6,4 +6,4 @@ pkg/*
 coverage/*
 doc/*
 benchmarks/*
-
+.specification

data/README.rdoc

@@ -68,6 +68,7 @@ If you find a bug or a problem please post it in the issues section. If you need
 * <b>Authlogic LDAP addon:</b> http://github.com/binarylogic/authlogic_ldap
 * <b>Authlogic Facebook Connect:</b> http://github.com/kalasjocke/authlogic_facebook_connect
 * <b>Authlogic OAuth (Twitter):</b> http://github.com/jrallison/authlogic_oauth
+* <b>Authlogic PAM:</b> http://github.com/nbudin/authlogic_pam
 
 If you create one of your own, please let me know about it so I can add it to this list. Or just fork the project, add your link, and send me a pull request.
 
@@ -242,4 +243,4 @@ What inspired me to create Authlogic was the messiness of the current authentica
 6. <b>Easily extendable.</b> One of the distinct advantages of using a library is the ability to use its API, assuming it has one. Authlogic has an *excellent* public API, meaning it can easily be extended and grow beyond the core library. Checkout the "add ons" list above to see what I mean.
 
 
-Copyright (c) 2009 {Ben Johnson of Binary Logic}[http://www.binarylogic.com], released under the MIT license
+Copyright (c) 2009 {Ben Johnson of Binary Logic}[http://www.binarylogic.com], released under the MIT license

data/VERSION.yml

@@ -1,4 +1,5 @@
 --- 
-:patch: 2
-:major: 2
 :minor: 1
+:patch: 3
+:build: 
+:major: 2

data/authlogic.gemspec

@@ -1,15 +1,15 @@
 # Generated by jeweler
-# DO NOT EDIT THIS FILE
-# Instead, edit Jeweler::Tasks in Rakefile, and run `rake gemspec`
+# DO NOT EDIT THIS FILE DIRECTLY
+# Instead, edit Jeweler::Tasks in Rakefile, and run the gemspec command
 # -*- encoding: utf-8 -*-
 
 Gem::Specification.new do |s|
   s.name = %q{authlogic}
-  s.version = "2.1.2"
+  s.version = "2.1.3"
 
   s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
   s.authors = ["Ben Johnson of Binary Logic"]
-  s.date = %q{2009-09-12}
+  s.date = %q{2009-11-12}
   s.email = %q{bjohnson@binarylogic.com}
   s.extra_rdoc_files = [
     "LICENSE",
@@ -49,7 +49,9 @@ Gem::Specification.new do |s|
      "lib/authlogic/crypto_providers/bcrypt.rb",
      "lib/authlogic/crypto_providers/md5.rb",
      "lib/authlogic/crypto_providers/sha1.rb",
+     "lib/authlogic/crypto_providers/sha256.rb",
      "lib/authlogic/crypto_providers/sha512.rb",
+     "lib/authlogic/crypto_providers/wordpress.rb",
      "lib/authlogic/i18n.rb",
      "lib/authlogic/i18n/translator.rb",
      "lib/authlogic/random.rb",
@@ -100,6 +102,7 @@ Gem::Specification.new do |s|
      "test/crypto_provider_test/aes256_test.rb",
      "test/crypto_provider_test/bcrypt_test.rb",
      "test/crypto_provider_test/sha1_test.rb",
+     "test/crypto_provider_test/sha256_test.rb",
      "test/crypto_provider_test/sha512_test.rb",
      "test/fixtures/companies.yml",
      "test/fixtures/employees.yml",
@@ -161,6 +164,7 @@ Gem::Specification.new do |s|
      "test/crypto_provider_test/aes256_test.rb",
      "test/crypto_provider_test/bcrypt_test.rb",
      "test/crypto_provider_test/sha1_test.rb",
+     "test/crypto_provider_test/sha256_test.rb",
      "test/crypto_provider_test/sha512_test.rb",
      "test/i18n_test.rb",
      "test/libs/affiliate.rb",
@@ -210,3 +214,4 @@ Gem::Specification.new do |s|
     s.add_dependency(%q<activesupport>, [">= 0"])
   end
 end
+

data/lib/authlogic.rb

@@ -11,6 +11,7 @@ require File.dirname(__FILE__) + "/authlogic/controller_adapters/sinatra_adapter
 
 require File.dirname(__FILE__) + "/authlogic/crypto_providers/md5"
 require File.dirname(__FILE__) + "/authlogic/crypto_providers/sha1"
+require File.dirname(__FILE__) + "/authlogic/crypto_providers/sha256"
 require File.dirname(__FILE__) + "/authlogic/crypto_providers/sha512"
 require File.dirname(__FILE__) + "/authlogic/crypto_providers/bcrypt"
 require File.dirname(__FILE__) + "/authlogic/crypto_providers/aes256"

data/lib/authlogic/crypto_providers/bcrypt.rb

@@ -1,6 +1,7 @@
 begin
   require "bcrypt"
 rescue LoadError
+  "sudo gem install bcrypt-ruby"
 end
 
 module Authlogic

data/lib/authlogic/crypto_providers/sha256.rb

@@ -0,0 +1,50 @@
+require "digest/sha2"
+
+module Authlogic
+  # The acts_as_authentic method has a crypto_provider option. This allows you to use any type of encryption you like.
+  # Just create a class with a class level encrypt and matches? method. See example below.
+  #
+  # === Example
+  #
+  #   class MyAwesomeEncryptionMethod
+  #     def self.encrypt(*tokens)
+  #       # the tokens passed will be an array of objects, what type of object is irrelevant,
+  #       # just do what you need to do with them and return a single encrypted string.
+  #       # for example, you will most likely join all of the objects into a single string and then encrypt that string
+  #     end
+  #
+  #     def self.matches?(crypted, *tokens)
+  #       # return true if the crypted string matches the tokens.
+  #       # depending on your algorithm you might decrypt the string then compare it to the token, or you might
+  #       # encrypt the tokens and make sure it matches the crypted string, its up to you
+  #     end
+  #   end
+  module CryptoProviders
+    # = Sha256
+    #
+    # Uses the Sha256 hash algorithm to encrypt passwords.
+    class Sha256
+      class << self
+        attr_accessor :join_token
+        
+        # The number of times to loop through the encryption. This is ten because that is what restful_authentication defaults to.
+        def stretches
+          @stretches ||= 20
+        end
+        attr_writer :stretches
+        
+        # Turns your raw password into a Sha256 hash.
+        def encrypt(*tokens)
+          digest = tokens.flatten.join(join_token)
+          stretches.times { digest = Digest::SHA256.hexdigest(digest) }
+          digest
+        end
+        
+        # Does the crypted password match the tokens? Uses the same tokens that were used to encrypt.
+        def matches?(crypted, *tokens)
+          encrypt(*tokens) == crypted
+        end
+      end
+    end
+  end
+end

data/lib/authlogic/crypto_providers/wordpress.rb

@@ -0,0 +1,43 @@
+require 'digest/md5'
+module Authlogic
+  module CryptoProviders
+    class Wordpress
+      class << self
+        ITOA64 = './0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz';
+
+        def matches?(crypted, *tokens)
+          stretches = 1 << ITOA64.index(crypted[3,1])
+          plain, salt = *tokens 
+          hashed = Digest::MD5.digest(salt+plain)
+          stretches.times do |i|
+            hashed = Digest::MD5.digest(hashed+plain)
+          end
+          crypted[0,12]+encode_64(hashed, 16) == crypted
+        end
+
+        def encode_64(input, length)
+          output = "" 
+          i = 0
+          while i < length
+            value = input[i] 
+            i+=1
+            break if value.nil?
+            output += ITOA64[value & 0x3f, 1]
+            value |= input[i] << 8 if i < length
+            output += ITOA64[(value >> 6) & 0x3f, 1]
+
+            i+=1
+            break if i >= length
+            value |= input[i] << 16 if i < length
+            output += ITOA64[(value >> 12) & 0x3f,1]
+
+            i+=1
+            break if i >= length
+            output += ITOA64[(value >> 18) & 0x3f,1]
+          end
+          output
+        end
+      end
+    end
+  end
+end

data/lib/authlogic/regex.rb

@@ -13,13 +13,13 @@ module Authlogic
       email_name_regex  = '[A-Z0-9_\.%\+\-]+'
       domain_head_regex = '(?:[A-Z0-9\-]+\.)+'
       domain_tld_regex  = '(?:[A-Z]{2,4}|museum|travel)'
-      @email_regex = /\A#{email_name_regex}@#{domain_head_regex}#{domain_tld_regex}\z/i
+      @email_regex = /^#{email_name_regex}@#{domain_head_regex}#{domain_tld_regex}$/i
     end
     
     # A simple regular expression that only allows for letters, numbers, spaces, and .-_@. Just a standard login / username
     # regular expression.
     def self.login
-      /\A\w[\w\.+\-_@ ]+\z/
+      /\A\w[\w\.+\-_@ ]+$/
     end
   end
-end
+end

data/lib/authlogic/session/cookies.rb

@@ -23,10 +23,10 @@ module Authlogic
         #   session = UserSession.new(:super_high_secret)
         #   session.cookie_key => "super_high_secret_user_credentials"
         #
-        # * <tt>Default:</tt> "#{klass_name.underscore}_credentials"
+        # * <tt>Default:</tt> "#{guessed_klass_name.underscore}_credentials"
         # * <tt>Accepts:</tt> String
         def cookie_key(value = nil)
-          rw_config(:cookie_key, value, "#{klass_name.underscore}_credentials")
+          rw_config(:cookie_key, value, "#{guessed_klass_name.underscore}_credentials")
         end
         alias_method :cookie_key=, :cookie_key
         

data/lib/authlogic/session/klass.rb

@@ -38,10 +38,13 @@ module Authlogic
         
         # Same as klass, just returns a string instead of the actual constant.
         def klass_name
-          @klass_name ||= 
-            if guessed_name = name.scan(/(.*)Session/)[0]
-              @klass_name = guessed_name[0]
-            end
+          @klass_name ||= guessed_klass_name
+        end
+        
+        # The string of the model name class guessed from the actual session class name.
+        def guessed_klass_name
+          guessed_name = name.scan(/(.*)Session/)[0]
+          guessed_name[0] if guessed_name
         end
       end
       

data/lib/authlogic/test_case.rb

@@ -100,6 +100,12 @@ module Authlogic
     #
     #   setup :activate_authlogic
     def activate_authlogic
+      if @request && ! @request.respond_to?(:params)
+        class <<@request
+          alias_method :params, :parameters
+        end
+      end
+
       Authlogic::Session::Base.controller = (@request && Authlogic::TestCase::RailsRequestAdapter.new(@request)) || controller
     end
     
@@ -111,4 +117,4 @@ module Authlogic
   end
   
   ::Test::Unit::TestCase.send(:include, TestCase) if defined?(::Test::Unit::TestCase)
-end
+end

data/shoulda_macros/authlogic.rb

@@ -1,13 +1,69 @@
+# Test::Unit
+# Place this file into your test/shoulda_macros directory
+#
+# Example:
+# 
+# class UserTest
+#   should_have_authlogic
+# end
+#
+# Rspec
+# Place this file into your spec/support/shoulda directory
+#
+# Example:
+#
+# describe User do
+#   it { should have_authlogic }
+# end
+
 module Authlogic
-  module ShouldaMacros
-    class Test::Unit::TestCase
-      def self.should_be_authentic
+  module Shoulda
+
+    module Matchers
+      def have_authlogic
+        HaveAuthlogic.new
+      end
+      alias_method :be_authentic, :have_authlogic
+
+      class HaveAuthlogic
+
+        def matches?(subject)
+          subject.respond_to?(:password=) && subject.respond_to?(:valid_password?)
+        end
+
+        def failure_message
+          "Add the line 'acts_as_authentic' to your model"
+        end
+
+        def description
+          "have Authlogic"
+        end
+      end
+      
+    end
+    
+    module Macros
+      include Matchers
+      
+      def should_have_authlogic
         klass = described_type rescue model_class
-        should "acts as authentic" do
-          assert klass.new.respond_to?(:password=)
-          assert klass.new.respond_to?(:valid_password?)
+        matcher = HaveAuthlogic.new
+        
+        should matcher.description do
+          assert matcher.matches?(klass.new), matcher.failure_message
         end
       end
+      alias_method :should_be_authentic, :should_have_authlogic
+      
     end
+    
+  end
+end
+
+if defined? Spec
+  Spec::Runner.configure do |config|
+    config.include(Authlogic::Shoulda::Matchers)
   end
-end
+else
+  Test::Unit::TestCase.class_eval { extend Authlogic::Shoulda::Macros }
+end

data/test/acts_as_authentic_test/email_test.rb

@@ -67,15 +67,15 @@ module ActsAsAuthenticTest
     def test_validates_format_of_email_field
       u = User.new
       u.email = "aaaaaaaaaaaaa"
-      assert !u.valid?
+      u.valid?
       assert u.errors[:email].size > 0 
       
       u.email = "a@a.com"
-      assert !u.valid?
+      u.valid?
       assert u.errors[:email].size == 0
       
       u.email = "dakota.dux+1@gmail.com"
-      assert !u.valid?
+      u.valid?
       assert u.errors[:email].size == 0
     end
     

data/test/acts_as_authentic_test/login_test.rb

@@ -33,7 +33,7 @@ module ActsAsAuthenticTest
     end
     
     def test_validates_format_of_login_field_options_config
-      default = {:with => /\A\w[\w\.+\-_@ ]+\z/, :message => I18n.t('error_messages.login_invalid', :default => "should use only letters, numbers, spaces, and .-_@ please.")}
+      default = {:with => /\A\w[\w\.+\-_@ ]+$/, :message => I18n.t('error_messages.login_invalid', :default => "should use only letters, numbers, spaces, and .-_@ please.")}
       assert_equal default, User.validates_format_of_login_field_options
       assert_equal default, Employee.validates_format_of_login_field_options
       

data/test/crypto_provider_test/sha256_test.rb

@@ -0,0 +1,14 @@
+require File.dirname(__FILE__) + '/../test_helper.rb'
+
+module CryptoProviderTest
+  class Sha256Test < ActiveSupport::TestCase
+    def test_encrypt
+      assert Authlogic::CryptoProviders::Sha256.encrypt("mypass")
+    end
+    
+    def test_matches
+      hash = Authlogic::CryptoProviders::Sha256.encrypt("mypass")
+      assert Authlogic::CryptoProviders::Sha256.matches?(hash, "mypass")
+    end
+  end
+end

data/test/libs/user_session.rb

@@ -1,2 +1,6 @@
 class UserSession < Authlogic::Session::Base
-end
+end
+
+class BackOfficeUserSession < Authlogic::Session::Base
+  authenticate_with User
+end

data/test/session_test/cookies_test.rb

@@ -11,6 +11,11 @@ module SessionTest
         assert_equal "user_credentials", UserSession.cookie_key
       end
     
+      def test_default_cookie_key
+        assert_equal "user_credentials", UserSession.cookie_key
+        assert_equal "back_office_user_credentials", BackOfficeUserSession.cookie_key
+      end
+    
       def test_remember_me
         UserSession.remember_me = true
         assert_equal true, UserSession.remember_me

data/test/session_test/klass_test.rb

@@ -20,6 +20,11 @@ module SessionTest
       def test_klass_name
         assert_equal "User", UserSession.klass_name
       end
+      
+      def test_guessed_klass_name
+        assert_equal "User", UserSession.guessed_klass_name
+        assert_equal "BackOfficeUser", BackOfficeUserSession.guessed_klass_name
+      end
     end
     
     class InstanceMethodsTest < ActiveSupport::TestCase

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification 
 name: authlogic
 version: !ruby/object:Gem::Version 
-  version: 2.1.2
+  version: 2.1.3
 platform: ruby
 authors: 
 - Ben Johnson of Binary Logic
@@ -9,7 +9,7 @@ autorequire:
 bindir: bin
 cert_chain: []
 
-date: 2009-09-12 00:00:00 -04:00
+date: 2009-11-12 00:00:00 -05:00
 default_executable: 
 dependencies: 
 - !ruby/object:Gem::Dependency 
@@ -65,7 +65,9 @@ files:
 - lib/authlogic/crypto_providers/bcrypt.rb
 - lib/authlogic/crypto_providers/md5.rb
 - lib/authlogic/crypto_providers/sha1.rb
+- lib/authlogic/crypto_providers/sha256.rb
 - lib/authlogic/crypto_providers/sha512.rb
+- lib/authlogic/crypto_providers/wordpress.rb
 - lib/authlogic/i18n.rb
 - lib/authlogic/i18n/translator.rb
 - lib/authlogic/random.rb
@@ -116,6 +118,7 @@ files:
 - test/crypto_provider_test/aes256_test.rb
 - test/crypto_provider_test/bcrypt_test.rb
 - test/crypto_provider_test/sha1_test.rb
+- test/crypto_provider_test/sha256_test.rb
 - test/crypto_provider_test/sha512_test.rb
 - test/fixtures/companies.yml
 - test/fixtures/employees.yml
@@ -198,6 +201,7 @@ test_files:
 - test/crypto_provider_test/aes256_test.rb
 - test/crypto_provider_test/bcrypt_test.rb
 - test/crypto_provider_test/sha1_test.rb
+- test/crypto_provider_test/sha256_test.rb
 - test/crypto_provider_test/sha512_test.rb
 - test/i18n_test.rb
 - test/libs/affiliate.rb