authlogic_rpx 1.1.1 → 1.2.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/CHANGELOG.rdoc +45 -38
- data/MIT-LICENSE +20 -20
- data/Manifest +37 -37
- data/README.rdoc +751 -747
- data/Rakefile +54 -47
- data/authlogic_rpx.gemspec +101 -38
- data/generators/add_authlogic_rpx_migration/USAGE +18 -18
- data/generators/add_authlogic_rpx_migration/add_authlogic_rpx_migration_generator.rb +44 -44
- data/generators/add_authlogic_rpx_migration/templates/migration_internal_mapping.rb +34 -34
- data/generators/add_authlogic_rpx_migration/templates/migration_no_mapping.rb +29 -29
- data/lib/authlogic_rpx.rb +8 -8
- data/lib/authlogic_rpx/acts_as_authentic.rb +297 -281
- data/lib/authlogic_rpx/helper.rb +53 -43
- data/lib/authlogic_rpx/rpx_identifier.rb +4 -5
- data/lib/authlogic_rpx/session.rb +224 -218
- data/lib/authlogic_rpx/version.rb +50 -50
- data/test/fixtures/rpxresponses.yml +20 -20
- data/test/fixtures/users.yml +19 -19
- data/test/integration/basic_authentication_and_registration_test.rb +52 -52
- data/test/integration/internal_mapping/basic_authentication_and_registration_test.rb +3 -3
- data/test/integration/internal_mapping/settings_test.rb +9 -9
- data/test/integration/no_mapping/basic_authentication_and_registration_test.rb +3 -3
- data/test/integration/no_mapping/settings_test.rb +9 -9
- data/test/libs/ext_test_unit.rb +30 -30
- data/test/libs/mock_rpx_now.rb +33 -33
- data/test/libs/rails_trickery.rb +40 -40
- data/test/libs/rpxresponse.rb +2 -2
- data/test/libs/user.rb +2 -2
- data/test/libs/user_session.rb +2 -2
- data/test/test_helper.rb +84 -86
- data/test/test_internal_mapping_helper.rb +93 -95
- data/test/unit/acts_as_authentic_settings_test.rb +41 -41
- data/test/unit/session_settings_test.rb +37 -37
- data/test/unit/session_validation_test.rb +15 -15
- data/test/unit/verify_rpx_mock_test.rb +28 -28
- metadata +66 -32
data/lib/authlogic_rpx.rb
CHANGED
@@ -1,9 +1,9 @@
|
|
1
|
-
require "authlogic_rpx/version"
|
2
|
-
require "authlogic_rpx/acts_as_authentic"
|
3
|
-
require "authlogic_rpx/session"
|
4
|
-
require "authlogic_rpx/helper"
|
5
|
-
require "authlogic_rpx/rpx_identifier"
|
6
|
-
|
7
|
-
ActiveRecord::Base.send(:include, AuthlogicRpx::ActsAsAuthentic)
|
8
|
-
Authlogic::Session::Base.send(:include, AuthlogicRpx::Session)
|
1
|
+
require "authlogic_rpx/version"
|
2
|
+
require "authlogic_rpx/acts_as_authentic"
|
3
|
+
require "authlogic_rpx/session"
|
4
|
+
require "authlogic_rpx/helper"
|
5
|
+
require "authlogic_rpx/rpx_identifier"
|
6
|
+
|
7
|
+
ActiveRecord::Base.send(:include, AuthlogicRpx::ActsAsAuthentic)
|
8
|
+
Authlogic::Session::Base.send(:include, AuthlogicRpx::Session)
|
9
9
|
ActionController::Base.helper AuthlogicRpx::Helper
|
@@ -1,281 +1,297 @@
|
|
1
|
-
# This module is responsible for adding RPX functionality to Authlogic. Checkout the README for more info and please
|
2
|
-
# see the sub modules for detailed documentation.
|
3
|
-
module AuthlogicRpx
|
4
|
-
# This module is responsible for adding in the RPX functionality to your models. It hooks itself into the
|
5
|
-
# acts_as_authentic method provided by Authlogic.
|
6
|
-
module ActsAsAuthentic
|
7
|
-
# Adds in the neccesary modules for acts_as_authentic to include and also disabled password validation if
|
8
|
-
# RPX is being used.
|
9
|
-
def self.included(klass)
|
10
|
-
klass.class_eval do
|
11
|
-
extend Config
|
12
|
-
add_acts_as_authentic_module(Methods, :prepend)
|
13
|
-
end
|
14
|
-
end
|
15
|
-
|
16
|
-
class GeneralError < StandardError
|
17
|
-
end
|
18
|
-
class ConfigurationError < StandardError
|
19
|
-
end
|
20
|
-
|
21
|
-
module Config
|
22
|
-
|
23
|
-
# account_merge_enabled is used to enable merging of accounts.
|
24
|
-
#
|
25
|
-
# * <tt>Default:</tt> false
|
26
|
-
# * <tt>Accepts:</tt> boolean
|
27
|
-
def account_merge_enabled(value=false)
|
28
|
-
account_merge_enabled_value(value)
|
29
|
-
end
|
30
|
-
def account_merge_enabled_value(value=nil)
|
31
|
-
rw_config(:account_merge_enabled,value,false)
|
32
|
-
end
|
33
|
-
alias_method :account_merge_enabled=,:account_merge_enabled
|
34
|
-
|
35
|
-
|
36
|
-
#
|
37
|
-
#
|
38
|
-
# * <tt>
|
39
|
-
|
40
|
-
|
41
|
-
|
42
|
-
|
43
|
-
|
44
|
-
|
45
|
-
|
46
|
-
|
47
|
-
|
48
|
-
|
49
|
-
#
|
50
|
-
|
51
|
-
|
52
|
-
|
53
|
-
|
54
|
-
|
55
|
-
|
56
|
-
:
|
57
|
-
|
58
|
-
|
59
|
-
|
60
|
-
|
61
|
-
|
62
|
-
|
63
|
-
|
64
|
-
|
65
|
-
|
66
|
-
|
67
|
-
|
68
|
-
|
69
|
-
|
70
|
-
|
71
|
-
|
72
|
-
|
73
|
-
|
74
|
-
|
75
|
-
|
76
|
-
|
77
|
-
|
78
|
-
|
79
|
-
|
80
|
-
|
81
|
-
#
|
82
|
-
def self.included(klass)
|
83
|
-
klass.class_eval do
|
84
|
-
|
85
|
-
case
|
86
|
-
when using_no_mapping?
|
87
|
-
|
88
|
-
|
89
|
-
|
90
|
-
|
91
|
-
|
92
|
-
|
93
|
-
|
94
|
-
|
95
|
-
|
96
|
-
|
97
|
-
|
98
|
-
|
99
|
-
|
100
|
-
|
101
|
-
|
102
|
-
|
103
|
-
|
104
|
-
|
105
|
-
|
106
|
-
|
107
|
-
|
108
|
-
|
109
|
-
|
110
|
-
|
111
|
-
|
112
|
-
|
113
|
-
|
114
|
-
|
115
|
-
|
116
|
-
|
117
|
-
|
118
|
-
|
119
|
-
|
120
|
-
|
121
|
-
|
122
|
-
|
123
|
-
|
124
|
-
|
125
|
-
|
126
|
-
|
127
|
-
|
128
|
-
|
129
|
-
|
130
|
-
|
131
|
-
|
132
|
-
|
133
|
-
|
134
|
-
|
135
|
-
|
136
|
-
|
137
|
-
|
138
|
-
|
139
|
-
|
140
|
-
|
141
|
-
#
|
142
|
-
def
|
143
|
-
|
144
|
-
|
145
|
-
|
146
|
-
|
147
|
-
|
148
|
-
|
149
|
-
|
150
|
-
|
151
|
-
|
152
|
-
|
153
|
-
|
154
|
-
|
155
|
-
|
156
|
-
|
157
|
-
#
|
158
|
-
|
159
|
-
|
160
|
-
|
161
|
-
|
162
|
-
|
163
|
-
|
164
|
-
|
165
|
-
|
166
|
-
|
167
|
-
|
168
|
-
|
169
|
-
|
170
|
-
|
171
|
-
|
172
|
-
|
173
|
-
|
174
|
-
|
175
|
-
|
176
|
-
|
177
|
-
|
178
|
-
|
179
|
-
|
180
|
-
|
181
|
-
|
182
|
-
|
183
|
-
|
184
|
-
|
185
|
-
|
186
|
-
|
187
|
-
|
188
|
-
|
189
|
-
|
190
|
-
|
191
|
-
|
192
|
-
|
193
|
-
|
194
|
-
#
|
195
|
-
#
|
196
|
-
#
|
197
|
-
|
198
|
-
|
199
|
-
|
200
|
-
|
201
|
-
#
|
202
|
-
|
203
|
-
|
204
|
-
|
205
|
-
|
206
|
-
|
207
|
-
|
208
|
-
|
209
|
-
|
210
|
-
|
211
|
-
|
212
|
-
|
213
|
-
|
214
|
-
|
215
|
-
|
216
|
-
|
217
|
-
|
218
|
-
|
219
|
-
|
220
|
-
|
221
|
-
|
222
|
-
|
223
|
-
|
224
|
-
|
225
|
-
|
226
|
-
|
227
|
-
|
228
|
-
|
229
|
-
|
230
|
-
|
231
|
-
|
232
|
-
|
233
|
-
|
234
|
-
|
235
|
-
|
236
|
-
|
237
|
-
|
238
|
-
|
239
|
-
|
240
|
-
|
241
|
-
|
242
|
-
|
243
|
-
|
244
|
-
|
245
|
-
|
246
|
-
|
247
|
-
|
248
|
-
|
249
|
-
|
250
|
-
|
251
|
-
|
252
|
-
|
253
|
-
|
254
|
-
|
255
|
-
|
256
|
-
|
257
|
-
|
258
|
-
|
259
|
-
|
260
|
-
|
261
|
-
|
262
|
-
|
263
|
-
|
264
|
-
|
265
|
-
|
266
|
-
|
267
|
-
|
268
|
-
|
269
|
-
|
270
|
-
|
271
|
-
|
272
|
-
|
273
|
-
|
274
|
-
|
275
|
-
|
276
|
-
|
277
|
-
|
278
|
-
|
279
|
-
|
280
|
-
|
281
|
-
|
1
|
+
# This module is responsible for adding RPX functionality to Authlogic. Checkout the README for more info and please
|
2
|
+
# see the sub modules for detailed documentation.
|
3
|
+
module AuthlogicRpx
|
4
|
+
# This module is responsible for adding in the RPX functionality to your models. It hooks itself into the
|
5
|
+
# acts_as_authentic method provided by Authlogic.
|
6
|
+
module ActsAsAuthentic
|
7
|
+
# Adds in the neccesary modules for acts_as_authentic to include and also disabled password validation if
|
8
|
+
# RPX is being used.
|
9
|
+
def self.included(klass)
|
10
|
+
klass.class_eval do
|
11
|
+
extend Config
|
12
|
+
add_acts_as_authentic_module(Methods, :prepend)
|
13
|
+
end
|
14
|
+
end
|
15
|
+
|
16
|
+
class GeneralError < StandardError
|
17
|
+
end
|
18
|
+
class ConfigurationError < StandardError
|
19
|
+
end
|
20
|
+
|
21
|
+
module Config
|
22
|
+
|
23
|
+
# account_merge_enabled is used to enable merging of accounts.
|
24
|
+
#
|
25
|
+
# * <tt>Default:</tt> false
|
26
|
+
# * <tt>Accepts:</tt> boolean
|
27
|
+
def account_merge_enabled(value=false)
|
28
|
+
account_merge_enabled_value(value)
|
29
|
+
end
|
30
|
+
def account_merge_enabled_value(value=nil)
|
31
|
+
rw_config(:account_merge_enabled,value,false)
|
32
|
+
end
|
33
|
+
alias_method :account_merge_enabled=,:account_merge_enabled
|
34
|
+
|
35
|
+
# account_mapping_mode is used to explicitly set/override the mapping behaviour.
|
36
|
+
#
|
37
|
+
# * <tt>Default:</tt> :auto
|
38
|
+
# * <tt>Accepts:</tt> :auto, :none, :internal, :rpxnow
|
39
|
+
def account_mapping_mode(value=:auto)
|
40
|
+
account_mapping_mode_value(value)
|
41
|
+
end
|
42
|
+
def account_mapping_mode_value(value=nil)
|
43
|
+
raise AuthlogicRpx::ActsAsAuthentic::ConfigurationError.new unless value.nil? || [:auto,:none,:internal].include?( value )
|
44
|
+
rw_config(:account_mapping_mode,value,:auto)
|
45
|
+
end
|
46
|
+
alias_method :account_mapping_mode=,:account_mapping_mode
|
47
|
+
|
48
|
+
# returns the actual account mapping mode in use - resolves :auto to actual mechanism
|
49
|
+
#
|
50
|
+
attr_writer :account_mapping_mode_used
|
51
|
+
def account_mapping_mode_used
|
52
|
+
@account_mapping_mode_used ||= (
|
53
|
+
account_mapping_mode_value == :auto ?
|
54
|
+
( RPXIdentifier.table_exists? ?
|
55
|
+
:internal :
|
56
|
+
( self.column_names.include?("rpx_identifier") ? :none : AuthlogicRpx::ActsAsAuthentic::ConfigurationError.new )
|
57
|
+
) :
|
58
|
+
account_mapping_mode_value
|
59
|
+
)
|
60
|
+
end
|
61
|
+
|
62
|
+
|
63
|
+
# determines if no account mapping is supported (the only behaviour in authlogic_rpx v1.0.4)
|
64
|
+
def using_no_mapping?
|
65
|
+
account_mapping_mode_used == :none
|
66
|
+
end
|
67
|
+
# determines if internal account mapping is enabled (behaviour added in authlogic_rpx v1.1.0)
|
68
|
+
def using_internal_mapping?
|
69
|
+
account_mapping_mode_used == :internal
|
70
|
+
end
|
71
|
+
# determines if rpxnow account mapping is enabled (currently not implemented)
|
72
|
+
def using_rpx_mapping?
|
73
|
+
account_mapping_mode_used == :rpxnow
|
74
|
+
end
|
75
|
+
|
76
|
+
end
|
77
|
+
|
78
|
+
module Methods
|
79
|
+
|
80
|
+
# Mix-in the required methods based on mapping mode
|
81
|
+
#
|
82
|
+
def self.included(klass)
|
83
|
+
klass.class_eval do
|
84
|
+
|
85
|
+
case
|
86
|
+
when using_no_mapping?
|
87
|
+
include AuthlogicRpx::MethodSet_NoMapping
|
88
|
+
|
89
|
+
when using_internal_mapping?
|
90
|
+
include AuthlogicRpx::MethodSet_InternalMapping
|
91
|
+
has_many :rpx_identifiers, :class_name => 'RPXIdentifier', :dependent => :destroy
|
92
|
+
|
93
|
+
# Add custom find_by_rpx_identifier class method
|
94
|
+
#
|
95
|
+
def self.find_by_rpx_identifier(id)
|
96
|
+
identifier = RPXIdentifier.find_by_identifier(id)
|
97
|
+
if identifier.nil?
|
98
|
+
if self.column_names.include? 'rpx_identifier'
|
99
|
+
# check for authentication using <=1.0.4, migrate identifier to rpx_identifiers table
|
100
|
+
user = self.find( :first, :conditions => [ "rpx_identifier = ?", id ] )
|
101
|
+
unless user.nil?
|
102
|
+
user.add_rpx_identifier( id, 'Unknown' )
|
103
|
+
end
|
104
|
+
return user
|
105
|
+
else
|
106
|
+
return nil
|
107
|
+
end
|
108
|
+
else
|
109
|
+
identifier.send( self.methods.include?(:class_name) ? self.class_name.downcase : self.to_s.classify.downcase )
|
110
|
+
end
|
111
|
+
end
|
112
|
+
|
113
|
+
else
|
114
|
+
raise AuthlogicRpx::ActsAsAuthentic::ConfigurationError.new( "invalid or unsupported account_mapping_mode" )
|
115
|
+
end
|
116
|
+
|
117
|
+
# Set up some fundamental conditional validations
|
118
|
+
validates_length_of_password_field_options validates_length_of_password_field_options.merge(:if => :validate_password_not_rpx?)
|
119
|
+
validates_confirmation_of_password_field_options validates_confirmation_of_password_field_options.merge(:if => :validate_password_not_rpx?)
|
120
|
+
validates_length_of_password_confirmation_field_options validates_length_of_password_confirmation_field_options.merge(:if => :validate_password_not_rpx?)
|
121
|
+
|
122
|
+
before_validation :adding_rpx_identifier
|
123
|
+
end
|
124
|
+
|
125
|
+
# add relations and validation to RPXIdentifier based on the actual user model class name used
|
126
|
+
#
|
127
|
+
RPXIdentifier.class_eval do
|
128
|
+
belongs_to klass.name.downcase.to_sym
|
129
|
+
validates_presence_of "#{klass.name.downcase}_id".to_sym
|
130
|
+
end
|
131
|
+
end
|
132
|
+
|
133
|
+
# test if account it using normal password authentication
|
134
|
+
def using_password?
|
135
|
+
!send(crypted_password_field).blank?
|
136
|
+
end
|
137
|
+
|
138
|
+
|
139
|
+
private
|
140
|
+
|
141
|
+
# tests if password authentication should be checked instead of rpx (i.e. if rpx is enabled but not used by this user)
|
142
|
+
def validate_password_not_rpx?
|
143
|
+
!using_rpx? && require_password?
|
144
|
+
end
|
145
|
+
|
146
|
+
# determines if account merging is enabled; delegates to class method
|
147
|
+
def account_merge_enabled?
|
148
|
+
self.class.account_merge_enabled_value
|
149
|
+
end
|
150
|
+
|
151
|
+
# hook for adding RPX identifier to an existing account. This is invoked prior to model validation.
|
152
|
+
# RPX information is plucked from the controller session object (where it was placed by the session model as a result
|
153
|
+
# of the RPX callback)
|
154
|
+
# The minimal action taken is to add an RPXIdentifier object to the user.
|
155
|
+
#
|
156
|
+
# This procedure chains to the map_added_rpx_data, which may be over-ridden in your project to perform
|
157
|
+
# additional mapping of RPX information to the user model as may be desired.
|
158
|
+
#
|
159
|
+
def adding_rpx_identifier
|
160
|
+
return true unless session_class && session_class.controller
|
161
|
+
|
162
|
+
added_rpx_data = session_class.controller.session['added_rpx_data']
|
163
|
+
unless added_rpx_data.blank?
|
164
|
+
session_class.controller.session['added_rpx_data'] = nil
|
165
|
+
rpx_id = added_rpx_data['profile']['identifier']
|
166
|
+
rpx_provider_name = added_rpx_data['profile']['providerName']
|
167
|
+
|
168
|
+
unless self.identified_by?( rpx_id )
|
169
|
+
# identifier not already set for this user..
|
170
|
+
|
171
|
+
another_user = self.class.find_by_rpx_identifier( rpx_id )
|
172
|
+
if another_user
|
173
|
+
return false unless account_merge_enabled?
|
174
|
+
# another user already has this id registered..
|
175
|
+
|
176
|
+
# merge all IDs from another_user to self, with application callbacks before/after
|
177
|
+
before_merge_rpx_data( another_user, self )
|
178
|
+
merge_user_id another_user
|
179
|
+
after_merge_rpx_data( another_user, self )
|
180
|
+
|
181
|
+
else
|
182
|
+
self.add_rpx_identifier( rpx_id, rpx_provider_name )
|
183
|
+
end
|
184
|
+
end
|
185
|
+
|
186
|
+
map_added_rpx_data( added_rpx_data )
|
187
|
+
end
|
188
|
+
end
|
189
|
+
|
190
|
+
|
191
|
+
# map_added_rpx_data maps additional fields from the RPX response into the user object during the "add RPX to existing account" process.
|
192
|
+
# Override this in your user model to perform field mapping as may be desired
|
193
|
+
# See https://rpxnow.com/docs#profile_data for the definition of available attributes
|
194
|
+
#
|
195
|
+
# "self" at this point is the user model. Map details as appropriate from the rpx_data structure provided.
|
196
|
+
#
|
197
|
+
def map_added_rpx_data( rpx_data )
|
198
|
+
|
199
|
+
end
|
200
|
+
|
201
|
+
# before_merge_rpx_data provides a hook for application developers to perform data migration prior to the merging of user accounts.
|
202
|
+
# This method is called just before authlogic_rpx merges the user registration for 'from_user' into 'to_user'
|
203
|
+
# Authlogic_RPX is responsible for merging registration data.
|
204
|
+
#
|
205
|
+
# By default, it does not merge any other details (e.g. application data ownership)
|
206
|
+
#
|
207
|
+
def before_merge_rpx_data( from_user, to_user )
|
208
|
+
|
209
|
+
end
|
210
|
+
|
211
|
+
# after_merge_rpx_data provides a hook for application developers to perform account clean-up after authlogic_rpx has
|
212
|
+
# migrated registration details.
|
213
|
+
#
|
214
|
+
# By default, does nothing. It could, for example, be used to delete or disable the 'from_user' account
|
215
|
+
#
|
216
|
+
def after_merge_rpx_data( from_user, to_user )
|
217
|
+
|
218
|
+
end
|
219
|
+
|
220
|
+
|
221
|
+
end
|
222
|
+
end
|
223
|
+
|
224
|
+
# Mix-in collection of methods that are specific to no-mapping mode of operation
|
225
|
+
#
|
226
|
+
module MethodSet_NoMapping
|
227
|
+
# test if account it using RPX authentication
|
228
|
+
#
|
229
|
+
def using_rpx?
|
230
|
+
!rpx_identifier.blank?
|
231
|
+
end
|
232
|
+
|
233
|
+
# adds RPX identification to the instance.
|
234
|
+
# Abstracts how the RPX identifier is added to allow for multiplicity of underlying implementations
|
235
|
+
#
|
236
|
+
def add_rpx_identifier( rpx_id, rpx_provider_name )
|
237
|
+
self.rpx_identifier = rpx_id
|
238
|
+
#TODO: make rpx_provider_name a std param?
|
239
|
+
end
|
240
|
+
|
241
|
+
# Checks if given identifier is an identity for this account
|
242
|
+
#
|
243
|
+
def identified_by?( id )
|
244
|
+
self.rpx_identifier == id
|
245
|
+
end
|
246
|
+
|
247
|
+
# merge_user_id is an internal method used to merge the actual RPX identifiers
|
248
|
+
#
|
249
|
+
def merge_user_id( from_user )
|
250
|
+
self.rpx_identifier = from_user.rpx_identifier
|
251
|
+
from_user.rpx_identifier = nil
|
252
|
+
from_user.save
|
253
|
+
from_user.reload
|
254
|
+
end
|
255
|
+
|
256
|
+
# Uses default find_by_rpx_identifier class method
|
257
|
+
|
258
|
+
# Add an rpx_identifier collection method
|
259
|
+
def rpx_identifiers
|
260
|
+
[{ :identifier => rpx_identifier, :provider_name => "Unknown" }]
|
261
|
+
end
|
262
|
+
end
|
263
|
+
|
264
|
+
|
265
|
+
# Mix-in collection of methods that are specific to internal mapping mode of operation
|
266
|
+
#
|
267
|
+
module MethodSet_InternalMapping
|
268
|
+
# test if account it using RPX authentication
|
269
|
+
#
|
270
|
+
def using_rpx?
|
271
|
+
!rpx_identifiers.empty?
|
272
|
+
end
|
273
|
+
|
274
|
+
# adds RPX identification to the instance.
|
275
|
+
# Abstracts how the RPX identifier is added to allow for multiplicity of underlying implementations
|
276
|
+
#
|
277
|
+
def add_rpx_identifier( rpx_id, rpx_provider_name )
|
278
|
+
self.rpx_identifiers.build(:identifier => rpx_id, :provider_name => rpx_provider_name )
|
279
|
+
end
|
280
|
+
|
281
|
+
# Checks if given identifier is an identity for this account
|
282
|
+
#
|
283
|
+
def identified_by?( id )
|
284
|
+
self.rpx_identifiers.find_by_identifier( id )
|
285
|
+
end
|
286
|
+
|
287
|
+
# merge_user_id is an internal method used to merge the actual RPX identifiers
|
288
|
+
#
|
289
|
+
def merge_user_id( from_user )
|
290
|
+
self.rpx_identifiers << from_user.rpx_identifiers
|
291
|
+
from_user.reload
|
292
|
+
end
|
293
|
+
|
294
|
+
|
295
|
+
end
|
296
|
+
|
297
|
+
end
|