authlogic_rpx 1.0.4 → 1.1.0

data/lib/authlogic_rpx/helper.rb

@@ -22,20 +22,28 @@ module AuthlogicRpx
 		#   * <tt>add_rpx:</tt> if true, requests RPX callback to add to current session. Else runs normal authentication process (default)
 		#   * <tt>unobtrusive:</tt> true/false; sets javascript style for link. Default: true
 		#
-		# NB: i18n considerations? supports a :language parameter (not tested)
+		# The options hash may include other options as supported by rpx_now (see http://github.com/grosser/rpx_now)
+		#
 		def rpx_popup(options = {})
-			params = (
-				{ :authenticity_token => form_authenticity_token, :add_rpx => options[:add_rpx] }.collect { |n| "#{n[0]}=#{ u(n[1]) }" if n[1] }
-			).compact.join('&')
-			unobtrusive = options[:unobtrusive].nil? ? true : options[:unobtrusive]
-			return_url = options[:return_url] + '?' + params 
-			return_url = u( return_url ) if unobtrusive # double-encoding required only if unobtrusive mode used
-			RPXNow.popup_code(
-  				options[:link_text], 
-  				options[:app_name],
-  				return_url,
-  				:unobtrusive=>unobtrusive
-  			) 
+			options = { :unobtrusive => true, :add_rpx => false }.merge( options )
+			unobtrusive = options[:unobtrusive]
+			add_rpx = options.delete( :add_rpx )
+			app_name = options.delete( :app_name )
+			link_text = options.delete( :link_text )
+			return_url = options.delete( :return_url ) + '?' + (
+				{ :authenticity_token => form_authenticity_token, :add_rpx => add_rpx }.collect { |n| "#{n[0]}=#{ u(n[1]) }" if n[1] }
+			).compact.join('&') 
+			
+			# as of rpx_now 0.6.11, there is still an issue with url-encoding of the return path containing additional parameters 
+			# (as we are using here to get the form_authenticity_token returned.
+			# To get around this, we need to ensure hrefs are url-encoded, 
+			# while the link provided to the rpx_now javascript popup should _not_ be url-encoded
+			if unobtrusive
+  			RPXNow.popup_code( link_text, app_name,	u( return_url ), options	)
+			else
+  			RPXNow.popup_code( link_text, app_name,	u( return_url ), options.merge( :unobtrusive => true )	) +
+        RPXNow.popup_source(app_name, return_url, options ) 
+      end
 		end
 
 	end

data/lib/authlogic_rpx/rpx_identifier.rb

@@ -0,0 +1,5 @@
+class RPXIdentifier < ActiveRecord::Base
+	validates_presence_of :identifier
+	validates_uniqueness_of :identifier
+	validates_presence_of :user_id
+end

data/lib/authlogic_rpx/session.rb

@@ -10,7 +10,7 @@ module AuthlogicRpx
 		end
 		
 		module Config
-		  
+
 			def find_by_rpx_identifier_method(value = nil)
 				rw_config(:find_by_rpx_identifier_method, value, :find_by_rpx_identifier)
 			end
@@ -34,7 +34,7 @@ module AuthlogicRpx
 				rpx_key_value(value)
 			end
 			def rpx_key_value(value=nil)
-				if ! inheritable_attributes.include?(:rpx_key) 
+				if !inheritable_attributes.include?(:rpx_key) 
 					RPXNow.api_key = value 
 				end
 				rw_config(:rpx_key,value,false)
@@ -61,7 +61,6 @@ module AuthlogicRpx
 			def self.included(klass)
 				klass.class_eval do
 					attr_accessor :new_registration
-					attr_accessor :rpx_identifier
 					after_persisting :add_rpx_identifier, :if => :adding_rpx_identifier?
 					validate :validate_by_rpx, :if => :authenticating_with_rpx?
 				end
@@ -71,7 +70,7 @@ module AuthlogicRpx
 			# For use in the session controller to help direct the most appropriate action to follow.
 			# 
 			def new_registration?
-				new_registration
+				new_registration || !new_registration.nil?
 			end
 			
 			# Determines if the authenticated user has a complete registration (no validation errors)
@@ -88,8 +87,8 @@ module AuthlogicRpx
 				controller.params[:token] && !controller.params[:add_rpx]
 			end
 
-      # hook instance finder method to class
-      #
+			# hook instance finder method to class
+			#
 			def find_by_rpx_identifier_method
 				self.class.find_by_rpx_identifier_method
 			end
@@ -134,35 +133,43 @@ module AuthlogicRpx
 			# to determine the most appropriate action
 			#
 			def validate_by_rpx
-				@rpx_data = RPXNow.user_data(controller.params[:token], :extended=> rpx_extended_info? ) {|raw| raw }
+				@rpx_data = RPXNow.user_data(
+					controller.params[:token],
+					:extended => rpx_extended_info?) { |raw| raw }
+				
 				# If we don't have a valid sign-in, give-up at this point
-				if @rpx_data.nil?
+				if @rpx_data.nil? || @rpx_data['profile'].nil?
 					errors.add_to_base("Authentication failed. Please try again.")
 					return false
 				end
+				
 				rpx_id = @rpx_data['profile']['identifier']
+				rpx_provider_name = @rpx_data['profile']['providerName']
 				if rpx_id.blank?
 					errors.add_to_base("Authentication failed. Please try again.")
 					return false
-				end		
+				end
 				
 				self.attempted_record = klass.send(find_by_rpx_identifier_method, rpx_id)
 				
-				# so what do we do if we can't find an existing user matching the RPX authentication..
+				# so what do we do if we can't find an existing user matching the RPX authentication...
 				if !attempted_record
-					if auto_register?   
-						self.attempted_record = klass.new( :rpx_identifier=> rpx_id )     
+					if auto_register?
+						self.attempted_record = klass.new()
 						map_rpx_data
-						# save the new user record - without session maintenance else we get caught in a self-referential hell,
-						# since both session and user objects invoke each other upon save
-						self.new_registration=true
+						
+						# save the new user record - without session maintenance else we
+						# get caught in a self-referential hell, since both session and
+						# user objects invoke each other upon save
+						self.new_registration = true
+						self.attempted_record.add_rpx_identifier( rpx_id, rpx_provider_name)
 						self.attempted_record.save_without_session_maintenance
 					else
 						errors.add_to_base("We did not find any accounts with that login. Enter your details and create an account.")
 						return false
 					end
 				else
-				  map_rpx_data_each_login
+					map_rpx_data_each_login
 				end
 			
 			end

data/lib/authlogic_rpx/version.rb

@@ -40,8 +40,8 @@ module AuthlogicRpx
     end
 
     MAJOR = 1
-    MINOR = 0
-    TINY  = 4
+    MINOR = 1
+    TINY  = 0
 
     # The current version as a Version instance
     CURRENT = new(MAJOR, MINOR, TINY)

data/test/fixtures/rpxresponses.yml

@@ -0,0 +1,20 @@
+valid_rpx_auth_user_one:
+  identifier : http://provider.one/valid_rpx_auth_user_one
+  provider_name: provider.one
+  username: valid_rpx_auth_user_one
+  verified_email: valid_rpx_auth_user_one@provider.one
+  display_name: valid rpx auth user one
+
+valid_rpx_auth_user_two:
+  identifier : http://provider.one/valid_rpx_auth_user_two
+  provider_name: provider.one
+  username: valid_rpx_auth_user_two
+  verified_email: valid_rpx_auth_user_two@provider.one
+  display_name: valid rpx auth user two
+
+unregistered_rpx_auth_user_one:
+  identifier : http://provider.one/unregistered_rpx_auth_user_one
+  provider_name: provider.one
+  username: unregistered_rpx_auth_user_one
+  verified_email: unregistered_rpx_auth_user_one@provider.one
+  display_name: unregistered rpx auth user one

data/test/fixtures/users.yml

@@ -1,5 +1,20 @@
-john:
-  persistence_token: 6cde0674657a8a313ce952df979de2830309aa4c11ca65805dd00bfdc65dbcc2f5e36718660a1d2e68c1a08c276d996763985d2f06fd3d076eb7bc4d97b1e317
-  single_access_token: <%= Authlogic::Random.friendly_token %>
-  perishable_token: <%= Authlogic::Random.friendly_token %>
-  rpx_identifier : johns_rpx_identifier
+valid_rpx_auth_user_one:
+  login: valid_rpx_auth_user_one
+  email: valid_rpx_auth_user_one@provider.one
+  persistence_token: 6cde0674657a8a313ce952df979de2830309aa4c11ca65805dd00bfdc65dbcc2f5e36718660a1d2e68c1a08c276d996763985d2f06fd3d076eb7bc4d97b1e317
+  single_access_token: <%= Authlogic::Random.friendly_token %>
+  perishable_token: <%= Authlogic::Random.friendly_token %>
+  rpx_identifier : http://provider.one/valid_rpx_auth_user_one
+  
+valid_rpx_auth_user_two:
+  login: valid_rpx_auth_user_two
+  email: valid_rpx_auth_user_two@provider.one
+  persistence_token: 6cde0674657a8a313ce952df979de2830309aa4c11ca65805dd00bfdc65dbcc2f5e36718660a1d2e68c1a08c276d996763985d2f06fd3d076eb7bc4d97b1e317
+  single_access_token: <%= Authlogic::Random.friendly_token %>
+  perishable_token: <%= Authlogic::Random.friendly_token %>
+  rpx_identifier : http://provider.one/valid_rpx_auth_user_two 
+  
+invalid_rpx_auth_user_one:
+  login: invalid_rpx_auth_user_one
+
+ 

data/test/integration/basic_authentication_and_registration_test.rb

@@ -0,0 +1,53 @@
+# requires test_helper to be loaded first
+
+class BasicAuthenticationAndRegistrationTest < ActiveSupport::TestCase
+
+  must "authenticate valid existing user" do
+    test_user = users(:valid_rpx_auth_user_one)
+    controller.params[:token] = test_user.login
+    session = UserSession.new
+    assert_true session.save, "should be a valid session"
+    assert_false session.new_registration?, "should not be a new registration"
+    assert_true session.registration_complete?, "registration should be complete"
+    assert_equal test_user, session.record
+  end
+ 
+  must "do not authenticate invalidate non-existent user" do
+    controller.params[:token] = ''
+    session = UserSession.new
+    assert_false session.save, "should not be a valid session"
+  end
+
+
+  must "auto-register an unregistered user" do
+    # enforce Authlogic settings required for test
+    UserSession.auto_register true
+    User.account_merge_enabled false
+    User.account_mapping_mode :none
+    
+    # get response template. set the controller token (used by RPX mock to match mock response)
+    test_user = rpxresponses(:unregistered_rpx_auth_user_one)
+    controller.params[:token] = test_user.username
+    
+    session = UserSession.new
+    assert_true session.save, "should be a valid session"
+    assert_true session.new_registration?, "should be a new registration"
+    assert_true session.registration_complete?, "registration should be complete"
+  end
+ 
+
+  must "auto-register disabled for an unregistered user" do
+    # enforce Authlogic settings required for test
+    UserSession.auto_register false
+    User.account_merge_enabled false
+    User.account_mapping_mode :none
+    
+    # get response template. set the controller token (used by RPX mock to match mock response)
+    test_user = rpxresponses(:unregistered_rpx_auth_user_one)
+    controller.params[:token] = test_user.username
+    
+    session = UserSession.new
+    assert_false session.save, "should not be a valid session"
+  end
+
+end

data/test/integration/internal_mapping/basic_authentication_and_registration_test.rb

@@ -0,0 +1,3 @@
+require File.dirname(__FILE__) + '/../../test_internal_mapping_helper.rb'
+require File.dirname(__FILE__) + '/../basic_authentication_and_registration_test.rb'
+

data/test/integration/internal_mapping/settings_test.rb

@@ -0,0 +1,10 @@
+require File.dirname(__FILE__) + '/../../test_internal_mapping_helper.rb'
+
+class SettingsTest < ActiveSupport::TestCase
+
+  must "account_mapping_mode :auto should resolve to :internal" do
+    assert_equal :auto, User.account_mapping_mode
+    assert_equal :internal, User.account_mapping_mode_used
+  end 
+ 
+end

data/test/integration/no_mapping/basic_authentication_and_registration_test.rb

@@ -0,0 +1,3 @@
+require File.dirname(__FILE__) + '/../../test_helper.rb'
+require File.dirname(__FILE__) + '/../basic_authentication_and_registration_test.rb'
+

data/test/integration/no_mapping/settings_test.rb

@@ -0,0 +1,10 @@
+require File.dirname(__FILE__) + '/../../test_helper.rb'
+
+class SettingsTest < ActiveSupport::TestCase
+
+  must "account_mapping_mode :auto should resolve to :none" do
+    assert_equal :auto, User.account_mapping_mode
+    assert_equal :none, User.account_mapping_mode_used
+  end 
+ 
+end

data/test/libs/ext_test_unit.rb

@@ -0,0 +1,30 @@
+module Test::Unit
+ 
+  class TestCase
+   
+    def self.must(name, &block)
+      test_name = "test_#{name.gsub(/\s+/,'_')}".to_sym
+      defined = instance_method(test_name) rescue false
+      raise "#{test_name} is already defined in #{self}" if defined
+      if block_given?
+        define_method(test_name, &block)
+      else
+        define_method(test_name) do
+          flunk "No implementation provided for #{name}"
+        end
+      end
+    end
+ 
+  end
+end
+
+
+module Test::Unit::Assertions
+  def assert_false(object, message="")
+    assert_equal(false, object, message)
+  end
+  def assert_true(object, message="")
+    assert_equal(true, object, message)
+  end
+end
+

data/test/libs/mock_rpx_now.rb

@@ -0,0 +1,34 @@
+require File.dirname(__FILE__) + '/rpxresponse.rb'
+
+module RPXNow
+
+  def self.user_data(token, options={})
+    data = get_test_data(token)
+    if block_given? then yield(data) else parse_user_data(data) end
+  end
+
+  def self.parse_user_data(data)
+    data
+  end
+  
+  def self.get_test_data(token)
+
+    response = Rpxresponse.find_by_username(token)    
+    if response
+      data = {}
+      data['profile'] = {}
+      data['profile']['identifier'] = response.identifier
+      data['profile']['providerName'] = response.provider_name
+      data['profile']['preferredUsername'] = response.username
+      data['profile']['email'] = response.verified_email
+      
+      data[:identifier] = data['profile']['identifier']
+      data[:providerName] = data['profile']['providerName']
+      data[:email] = response.verified_email
+      data[:username] = data['profile']['preferredUsername']
+      data[:name] = response.display_name
+    end
+    
+    data
+  end
+end

data/test/libs/rails_trickery.rb

@@ -2,9 +2,9 @@
 # these constants be present. The only other alternative is to use an entire rails application for testing
 # which is a little too overboard for this, I think.
 
-RAILS_ROOT = ''
+#RAILS_ROOT = ''
 
-class ActionController < Authlogic::TestCase::MockController
+class ActionControllerEx < Authlogic::TestCase::MockController
   class Request < Authlogic::TestCase::MockRequest
     def request_method
       ""

data/test/libs/rpxresponse.rb

@@ -0,0 +1,3 @@
+class Rpxresponse < ActiveRecord::Base
+
+end

data/test/libs/user_session.rb

@@ -1,3 +1,3 @@
 class UserSession < Authlogic::Session::Base
-  
+  rpx_key RPX_API_KEY
 end

data/test/test_helper.rb

@@ -1,14 +1,37 @@
-require "test/unit"
 require "rubygems"
+begin
+  gem 'test-unit'
+  require "test/unit"
+  require File.dirname(__FILE__) + "/libs/ext_test_unit"
+rescue Gem::LoadError
+  # assume using stdlib Test:Unit
+  require "test/unit"
+  require File.dirname(__FILE__) + "/libs/ext_test_unit"
+end
+
 require "ruby-debug"
 require "active_record"
 require "action_controller"
 
 ActiveRecord::Schema.verbose = false
-ActiveRecord::Base.establish_connection(:adapter => "sqlite3", :database => ":memory:")
+
+begin
+  ActiveRecord::Base.establish_connection(:adapter => "sqlite3", :database => ":memory:")
+rescue ArgumentError
+  ActiveRecord::Base.establish_connection(:adapter => "sqlite3", :dbfile => ":memory:")
+end
+
 ActiveRecord::Base.configurations = true
 ActiveRecord::Schema.define(:version => 1) do
-  
+
+  create_table :rpxresponses do |t|
+    t.string    :identifier
+    t.string    :provider_name
+    t.string    :username
+    t.string    :verified_email
+    t.string    :display_name
+  end
+    
   create_table :users do |t|
     t.datetime  :created_at
     t.datetime  :updated_at
@@ -31,24 +54,24 @@ ActiveRecord::Schema.define(:version => 1) do
     t.string    :current_login_ip
     t.string    :last_login_ip
   end
+
 end
 
 require "active_record/fixtures"
-Rails = true
-
+require "authlogic"
 require "authlogic/test_case"
 
-include Authlogic::TestCase
+require "rpx_now"
+RPX_API_KEY = 'abcdefghijklmnopqrstuvwxyz' unless defined? RPX_API_KEY
 
+require File.dirname(__FILE__) + "/../lib/authlogic_rpx"
 
-#require File.dirname(__FILE__) + "/../../authlogic/lib/authlogic"
-#require File.dirname(__FILE__) + "/../../authlogic/lib/authlogic/test_case"
-#require File.dirname(__FILE__) + "/libs/rails_trickery"
+require File.dirname(__FILE__) + "/libs/rails_trickery"
+require File.dirname(__FILE__) + '/libs/rpxresponse'
+require File.dirname(__FILE__) + '/libs/mock_rpx_now'
 require File.dirname(__FILE__) + '/libs/user'
 require File.dirname(__FILE__) + '/libs/user_session'
 
-require File.dirname(__FILE__) + "./../rails/init.rb"
-
 class ActiveSupport::TestCase
   include ActiveRecord::TestFixtures
   self.fixture_path = File.dirname(__FILE__) + "/fixtures"
@@ -59,15 +82,6 @@ class ActiveSupport::TestCase
   setup :activate_authlogic
   
   private
-    def activate_authlogic
-      Authlogic::Session::Base.controller = controller
-    end
-    
-    def controller
-      @controller ||= Authlogic::TestCase::ControllerAdapter.new(ActionController.new)
-    end
 
-    def redirecting_to_rpx?
-      controller.redirecting_to.to_s =~ /^http:\/\/rpxnow.com/
-    end    
+    
 end