authlogic_crowd_rest 1.0.1 → 1.0.2

data/VERSION

@@ -1 +1 @@
-1.0.1
+1.0.2

data/authlogic_crowd_rest.gemspec

@@ -5,11 +5,11 @@
 
 Gem::Specification.new do |s|
   s.name = %q{authlogic_crowd_rest}
-  s.version = "1.0.1"
+  s.version = "1.0.2"
 
   s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
   s.authors = ["Rob Di Marco"]
-  s.date = %q{2011-02-26}
+  s.date = %q{2011-03-07}
   s.description = %q{Foo}
   s.email = %q{rob.dimarco@416software.com}
   s.extra_rdoc_files = [
@@ -39,7 +39,7 @@ Gem::Specification.new do |s|
   s.homepage = %q{http://github.com/robdimarco/authlogic_crowd_rest}
   s.licenses = ["MIT"]
   s.require_paths = ["lib"]
-  s.rubygems_version = %q{1.5.2}
+  s.rubygems_version = %q{1.6.0}
   s.summary = %q{An Authlogic plugin to connect with Atlassian Crowd REST APIs}
   s.test_files = [
     "test/acts_as_authentic_test.rb",

data/lib/authlogic_crowd_rest/acts_as_authentic.rb

@@ -8,13 +8,32 @@ module AuthlogicCrowdRest
     end
 
     module Config
+      # Whether or not to validate the crowd_login field. If set to false ALL crowd validation will need to be
+      # handled by you.
+      #
+      # * <tt>Default:</tt> true
+      # * <tt>Accepts:</tt> Boolean
+      def validate_crowd_login(value = nil)
+        rw_config(:validate_crowd_login, value, true)
+      end
+      alias_method :validate_crowd_login=, :validate_crowd_login
     end
 
     module Methods
       def self.included(klass)
+        return if !klass.column_names.include?("crowd_login")
         klass.class_eval do
+          attr_accessor :crowd_password
+
+          if validate_crowd_login
+            validates_uniqueness_of :crowd_login, :scope => validations_scope, :if => :using_crowd?
+          end
         end
       end
+      private
+      def using_crowd?
+        respond_to?(:crowd_login) && !crowd_login.blank?
+      end
     end
   end
 end

data/lib/authlogic_crowd_rest/session.rb

@@ -35,12 +35,56 @@ module AuthlogicCrowdRest
         rw_config(:crowd_application_password, value)
       end
       alias_method :crowd_application_password=, :crowd_application_password
+
+      # Once Crowd authentication has succeeded we need to find the user in the database. By default this just calls the
+      # find_by_crowd_login method provided by ActiveRecord. If you have a more advanced set up and need to find users
+      # differently specify your own method and define your logic in there.
+      #
+      # For example, if you allow users to store multiple crowd logins with their account, you might do something like:
+      #
+      #   class User < ActiveRecord::Base
+      #     def self.find_by_crowd_login(login)
+      #       first(:conditions => ["#{CrowdLogin.table_name}.login = ?", login], :join => :crowd_logins)
+      #     end
+      #   end
+      #
+      # * <tt>Default:</tt> :find_by_crowd_login
+      # * <tt>Accepts:</tt> Symbol
+      def find_by_crowd_login_method(value = nil)
+        rw_config(:find_by_crowd_login_method, value, :find_by_crowd_login)
+      end
+      alias_method :find_by_crowd_login_method=, :find_by_crowd_login_method
     end
 
     module Methods
       def self.included(klass)
         klass.class_eval do
           validate :validate_by_crowd_rest, :if => :authenticating_with_crowd_rest?
+          attr_accessor :crowd_login
+          attr_accessor :crowd_password
+        end
+      end
+
+      # Hooks into credentials so that you can pass an :ldap_login and :ldap_password key.
+      # Hooks into credentials to print out meaningful credentials for LDAP authentication.
+      def credentials
+        if authenticating_with_crowd_rest?
+          details = {}
+          details[:crowd_login] = send(login_field)
+          details[:crowd_password] = "<protected>"
+          details
+        else
+          super
+        end
+      end
+
+      def credentials=(value)
+        super
+        values = value.is_a?(Array) ? value : [value]
+        hash = values.first.is_a?(Hash) ? values.first.with_indifferent_access : nil
+        if !hash.nil?
+          self.crowd_login = hash[:crowd_login] if hash.key?(:crowd_login)
+          self.crowd_password = hash[:crowd_password] if hash.key?(:crowd_password)
         end
       end
 
@@ -51,41 +95,40 @@ module AuthlogicCrowdRest
 
         def validate_by_crowd_rest
           self.invalid_password = false
-          errors.add(login_field, I18n.t('error_messages.login_blank', :default => "cannot be blank")) if send(login_field).blank?
-          errors.add(password_field, I18n.t('error_messages.password_blank', :default => "cannot be blank")) if send("protected_#{password_field}").blank?
+
+          errors.add(:crowd_login, I18n.t('error_messages.crowd_login_blank', :default => "can not be blank")) if crowd_login.blank?
+          errors.add(:crowd_password, I18n.t('error_messages.crowd_password_blank', :default => "can not be blank")) if crowd_password.blank?
           return if errors.count > 0
 
-          self.attempted_record = search_for_record(find_by_login_method, send(login_field))
+          self.attempted_record = search_for_record(find_by_crowd_login_method, crowd_login)
           if attempted_record.blank?
             generalize_credentials_error_messages? ?
             add_general_credentials_error :
-              errors.add(login_field, I18n.t('error_messages.login_not_found', :default => "is not valid"))
+              errors.add("crowd_login", I18n.t('error_messages.crowd_login_not_found', :default => "is not valid"))
             return
           end
 
           if !(send( :verify_crowd_password, attempted_record))
-            puts "Invalid!"
             self.invalid_password = true
             generalize_credentials_error_messages? ?
             add_general_credentials_error :
-              errors.add(password_field, I18n.t('error_messages.password_invalid', :default => "is not valid"))
+              errors.add("crowd_password", I18n.t('error_messages.crowd_password_invalid', :default => "is not valid"))
             return
           end
         end
 
         def verify_crowd_password(attempted_record)
-          password = attempted_record.send(verify_password_method, send("protected_#{password_field}"))
           require 'net/http'
           require 'net/https'
-          uri = URI.parse(send("crowd_base_url"))
+          uri = URI.parse(send("crowd_base_url") + "/rest/usermanagement/latest/authentication")
 
           begin
             http = Net::HTTP.new(uri.host, uri.port)
             http.use_ssl = uri.scheme == "https"
             http.start {|http|
-              req = Net::HTTP::Post.new(uri.path + "?" + "username=#{send(login_field)}")
+              req = Net::HTTP::Post.new(uri.path + "?" + "username=#{crowd_login}")
               req.basic_auth send("crowd_application_name"), send("crowd_application_password")
-              req.body="<password><value>#{send("protected_#{password_field}")}</value></password>"
+              req.body="<password><value>#{crowd_password}</value></password>"
               req.add_field 'Content-Type', 'text/xml'
               resp, data = http.request(req)
               resp.code.to_i == 200
@@ -105,6 +148,9 @@ module AuthlogicCrowdRest
         def crowd_base_url
           self.class.crowd_base_url
         end
+        def find_by_crowd_login_method
+          self.class.find_by_crowd_login_method
+        end
     end
   end
 end

data/test/session_test.rb

@@ -4,42 +4,43 @@ class SessionTest < ActiveSupport::TestCase
   setup :setup_http_stubs, :setup_users
 
   def setup_http_stubs
-    stub_request(:post, "http://example:bogus@localhost/crowd/console?username=ben").
-      with(:body => "<password><value>benrocks</value></password>", 
+    stub_request(:post, "http://example:bogus@localhost/crowd/console/rest/usermanagement/latest/authentication?username=ben").
+      with(:body => "<password><value>benrocks</value></password>",
            :headers => {'Accept'=>'*/*', 'Content-Type'=>'text/xml'}).
       to_return(:status => 200, :body => %q[<?xml version="1.0" encoding="UTF-8" standalone="yes"?><user name="ben" expand="attributes"><link rel="self" href="http://localhost/crowd/rest/usermanagement/latest/user?username=ben"/><first-name>Ben</first-name><last-name>Johnson</last-name><display-name>Rob Dimarco</display-name><email>ben@foo.com</email><password><link rel="edit" href="http://localhost/crowd/rest/usermanagement/latest/user/password?username=ben"/></password><active>true</active><attributes><link rel="self" href="http://localhost/crowd/rest/usermanagement/latest/user/attribute?username=ben"/></attributes></user>], :headers => {})
-    
-    stub_request(:post, "http://example:bogus@localhost/crowd/console?username=ben").
-      with(:body => "<password><value>bogus</value></password>", 
+
+    stub_request(:post, "http://example:bogus@localhost/crowd/console/rest/usermanagement/latest/authentication?username=ben").
+      with(:body => "<password><value>bogus</value></password>",
            :headers => {'Accept'=>'*/*', 'Content-Type'=>'text/xml'}).
       to_return(:status => 400, :body => %q[Incorrect], :headers => {})
   end
-  
+
   def setup_users
-    User.find_or_create_by_login :login=>"ben", :email=>"foo@bar.com", :password=>"benrocks", :password_confirmation => "benrocks"
+    u = User.find_or_create_by_crowd_login :crowd_login=>"ben", :email=>"foo@bar.com"
+    raise "Problem creating user...#{u.errors.inspect}" unless u.valid?
   end
-  
+
   def test_use_crowd_rest_authentication
-    assert_not_nil User.find_by_login 'ben'
+    assert_not_nil User.find_by_crowd_login 'ben'
 
     UserSession.crowd_base_url = "http://localhost/crowd/console"
     UserSession.crowd_application_name = "example"
     UserSession.crowd_application_password = "bogus"
-    
-    session = UserSession.new(:login => 'ben', :password => "benrocks")
+
+    session = UserSession.new(:crowd_login => 'ben', :crowd_password => "benrocks")
 
     assert session.save
   end
 
   def test_invalid_password
-    assert_not_nil User.find_by_login 'ben'
+    assert_not_nil User.find_by_crowd_login 'ben'
     UserSession.crowd_base_url = "http://localhost/crowd/console"
     UserSession.crowd_application_name = "example"
     UserSession.crowd_application_password = "bogus"
-    
-    session = UserSession.new(:login => 'ben', :password => "bogus")
+
+    session = UserSession.new(:crowd_login => 'ben', :crowd_password => "bogus")
 
     assert !session.save
-    assert_equal ["Password is not valid"], session.errors.full_messages
+    assert_equal ["Crowd password is not valid"], session.errors.full_messages
   end
 end

data/test/test_helper.rb

@@ -32,15 +32,13 @@ ActiveRecord::Schema.define(:version => 1) do
     t.datetime  :created_at
     t.datetime  :updated_at
     t.integer   :lock_version, :default => 0
-    t.string    :login
-    t.string    :crypted_password
-    t.string    :password_salt
     t.string    :persistence_token
     t.string    :single_access_token
     t.string    :perishable_token
     t.string    :email
     t.string    :first_name
     t.string    :last_name
+    t.string    :crowd_login
     t.integer   :login_count, :default => 0, :null => false
     t.integer   :failed_login_count, :default => 0, :null => false
     t.datetime  :last_request_at

metadata

@@ -1,13 +1,13 @@
 --- !ruby/object:Gem::Specification 
 name: authlogic_crowd_rest
 version: !ruby/object:Gem::Version 
-  hash: 21
+  hash: 19
   prerelease: 
   segments: 
   - 1
   - 0
-  - 1
-  version: 1.0.1
+  - 2
+  version: 1.0.2
 platform: ruby
 authors: 
 - Rob Di Marco
@@ -15,7 +15,7 @@ autorequire:
 bindir: bin
 cert_chain: []
 
-date: 2011-02-26 00:00:00 -05:00
+date: 2011-03-07 00:00:00 -05:00
 default_executable: 
 dependencies: 
 - !ruby/object:Gem::Dependency 
@@ -29,8 +29,8 @@ dependencies:
         segments: 
         - 0
         version: "0"
-  name: authlogic
   version_requirements: *id001
+  name: authlogic
   prerelease: false
 - !ruby/object:Gem::Dependency 
   type: :development
@@ -45,8 +45,8 @@ dependencies:
         - 0
         - 0
         version: 1.0.0
-  name: bundler
   version_requirements: *id002
+  name: bundler
   prerelease: false
 - !ruby/object:Gem::Dependency 
   type: :development
@@ -61,8 +61,8 @@ dependencies:
         - 5
         - 2
         version: 1.5.2
-  name: jeweler
   version_requirements: *id003
+  name: jeweler
   prerelease: false
 - !ruby/object:Gem::Dependency 
   type: :development
@@ -75,8 +75,8 @@ dependencies:
         segments: 
         - 0
         version: "0"
-  name: rcov
   version_requirements: *id004
+  name: rcov
   prerelease: false
 - !ruby/object:Gem::Dependency 
   type: :development
@@ -89,8 +89,8 @@ dependencies:
         segments: 
         - 0
         version: "0"
-  name: actionpack
   version_requirements: *id005
+  name: actionpack
   prerelease: false
 - !ruby/object:Gem::Dependency 
   type: :development
@@ -103,8 +103,8 @@ dependencies:
         segments: 
         - 0
         version: "0"
-  name: activerecord
   version_requirements: *id006
+  name: activerecord
   prerelease: false
 - !ruby/object:Gem::Dependency 
   type: :development
@@ -117,8 +117,8 @@ dependencies:
         segments: 
         - 0
         version: "0"
-  name: sqlite3
   version_requirements: *id007
+  name: sqlite3
   prerelease: false
 - !ruby/object:Gem::Dependency 
   type: :development
@@ -131,8 +131,8 @@ dependencies:
         segments: 
         - 0
         version: "0"
-  name: webmock
   version_requirements: *id008
+  name: webmock
   prerelease: false
 description: Foo
 email: rob.dimarco@416software.com
@@ -192,7 +192,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
 requirements: []
 
 rubyforge_project: 
-rubygems_version: 1.5.2
+rubygems_version: 1.6.0
 signing_key: 
 specification_version: 3
 summary: An Authlogic plugin to connect with Atlassian Crowd REST APIs