avdt_ldap_legacy 1.1.0

data/.gitignore

@@ -0,0 +1,4 @@
+*.gem
+.bundle
+Gemfile.lock
+pkg/*

data/Gemfile

@@ -0,0 +1,4 @@
+source "http://rubygems.org"
+
+# Specify your gem's dependencies in avdt_ldap_legacy.gemspec
+gemspec

data/LICENSE

@@ -0,0 +1,19 @@
+Copyright (c) 2011 Alessandro Verlato, Davide Targa
+
+Permission is hereby granted, free of charge, to any person obtaining a copy 
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights 
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 
+copies of the Software, and to permit persons to whom the Software is 
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in 
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 
+SOFTWARE.

data/README.rdoc

@@ -0,0 +1,118 @@
+= AvdtLdapLegacy
+
+avdt_ldap version for Ruby 1.8.6
+
+This gem supports LDAP authentication both on sigle and multiple LDAP servers with a minimal configuration.
+It requires 'ruby-net-ldap' gem (automatically installed)
+
+== Installation
+
+=== Rails 3
+
+This gem doesn't work with Rails 3 because it requires Ruby >= 1.8.7
+If you use Rails 3 you have to install avdt_ldap. Documentation[https://github.com/davide-targa/avdt_ldap] RubyGem[https://rubygems.org/gems/avdt_ldap]
+
+=== Rails 2
+
+Add this to your environment.rb file:
+
+  config.gem "avdt_ldap_legacy"
+
+== Usage
+
+Just add a config file named ldap.yml in config/ directory.
+
+You can change default file name by setting +ldap_config_file+ configuration parameter.
+For example, inside the avdt_ldap initializer:
+
+  AvdtLdapLegacy.configure do |c|
+    c.ldap_config_file = "#{Rails.root}/config/foobar.yml"
+  end
+
+== ldap.yml
+
+Inside this file you have to specify connection parameters for all the directories on which to verify users credentials
+
+Example file:
+
+  # All the directory attributes (except "base") are optional. Defaults are specified in the example below.
+
+  development:
+    dir1:
+      host: ldap.foobar.com		# defaults to "127.0.0.1"
+      base: ou=People,dc=foobar,dc=com  # REQUIRED
+     port: 123				# defaults to 389
+      ssl: true				# defaults to false
+      attribute: cn			# defaults to "uid"
+
+
+    dir2:
+      host: ldap.goofy.foobar.com
+      base: ou=People,dc=goofy,dc=foobar,dc=com
+
+  test:
+    dir1:
+      host: ldap.test.foobar.com
+      base: ou=People,dc=foobar,dc=com
+
+    dir2:
+      host: ldap.goofy.foobar.com
+      base: ou=People,dc=goofy,dc=foobar,dc=com
+
+  production:
+    dir2:
+      host: ldap.live.foobar.com
+      base: ou=People,dc=foobar,dc=com
+      attribute: cn
+
+    new_dir:
+      host: donald.duck.com
+      attribute: foo
+      base: ou=Ducks,dc=foobar,dc=com
+
+
+Not specified parameters (except for "base" which is required) will be set to the default values:
+
+  host: "127.0.0.1"
+  port: 389
+  attribute: uid
+  base: %s
+  ssl: false
+
+== Authentication
+
+To verify user's credentials on ALL the specified directories (default) simply do this:
+
+  AvdtLdap.new.valid?(login, password)
+
+As mentioned this will try to authenticate the user on all the directories specified on ldap.yml and will return true or false.
+If authentication fails an error message, containing directory response (error message and code), will be displayed on server's logs.
+
+=== Authentication only on specified directories
+
+If you have to check user's credentials only on some specific directories, you can pass an hash to AvdtLdap.new(), specifying on which to do the check.
+
+  a = AvdtLdap.new(:directories => [:dir1,dir3])
+  a.valid?(login,password)
+  => true   (false)
+
+NOTE: The authentication process stops as soon as one positive match is found, so it's possible that not all the directories are queried.
+
+=== User's attributes access
+
+If the authentication process is successfull, you can access user's attributes simply calling a method on your AvdtLdap object, with the same name of the desired attribute. For example let's suppose we want the user's name and surname (+givenName+ and +sn+ attributes on the directory), then you can do this:
+
+  username = a.givenname
+  surname = a.cn
+
+Note: theese methods must be called on lowercase
+
+You can also access the whole attributes hash by calling:
+
+  a.user_attributes
+
+==== On which directory is located the user ?
+
+You can know it by calling the +user_location+ method on your AvdtLdap object:
+
+  location = a.user_location

data/Rakefile

@@ -0,0 +1 @@
+require 'bundler/gem_tasks'

data/avdt_ldap_legacy.gemspec

@@ -0,0 +1,22 @@
+# -*- encoding: utf-8 -*-
+$:.push File.expand_path("../lib", __FILE__)
+require "avdt_ldap_legacy/version"
+
+Gem::Specification.new do |s|
+  s.name        = "avdt_ldap_legacy"
+  s.version     = AvdtLdapLegacy::VERSION
+  s.authors     = ["Alessandro Verlato","Davide Targa"]
+  s.email       = ["averlato@gmail.com","davide.targa@gmail.com"]
+  s.homepage    = "https://rubygems.org/gems/avdt_ldap_legacy"
+  s.summary     = %q{avdt_ldap for Ruby 1.8.6}
+  s.description = %q{avdt_ldap is a simple LDAP authentication library for user authentication on multiple LDAP directories}
+  s.required_ruby_version = "~> 1.8.6"
+
+  s.rubyforge_project = "avdt_ldap_legacy"
+
+  s.files         = `git ls-files`.split("\n")
+  s.test_files    = `git ls-files -- {test,spec,features}/*`.split("\n")
+  s.executables   = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) }
+  s.require_paths = ["lib"]
+  s.add_dependency "ruby-net-ldap"
+end

data/ldap.example.yml

@@ -0,0 +1,34 @@
+# All the directory attributes (except "base") are optional. Defaults are specified in the example below.
+
+development:
+  dir1:
+    host: ldap.foobar.com		# defaults to "127.0.0.1"
+    base: ou=People,dc=foobar,dc=com    # REQUIRED
+    port: 123				# defaults to 389
+    ssl: true				# defaults to false
+    attribute: cn			# defaults to "uid"
+    
+
+  dir2:
+    host: ldap.goofy.foobar.com
+    base: ou=People,dc=goofy,dc=foobar,dc=com
+
+test:
+  dir1: 
+    host: ldap.test.foobar.com
+    base: ou=People,dc=foobar,dc=com
+ 
+  dir2:
+    host: ldap.goofy.foobar.com
+    base: ou=People,dc=goofy,dc=foobar,dc=com
+
+production:
+  dir2:
+    host: ldap.live.foobar.com
+    base: ou=People,dc=foobar,dc=com
+    attribute: cn
+
+  new_dir:
+    host: donald.duck.com
+    attribute: foo
+    base: ou=Ducks,dc=foobar,dc=com

data/lib/avdt_ldap_legacy.rb

@@ -0,0 +1,4 @@
+# avdt init file
+require 'avdt_ldap_legacy/hash'
+require 'avdt_ldap_legacy/avdt_ldap_legacy'
+require 'avdt_ldap_legacy/configuration'

data/lib/avdt_ldap_legacy/avdt_ldap_legacy.rb

@@ -0,0 +1,155 @@
+# AvdtLdapLegacy
+
+# This gem supports LDAP authentication both on sigle and multiple LDAP servers
+# with a minimal configuration.
+# It requires 'ruby-net-ldap' gem.
+# 
+# USAGE
+# Authentication
+
+# To verify user's credentials on ALL the specified directories (default) simply do this:
+#
+# AvdtLdapLegacy.new.valid?(login, password)
+#
+# As mentioned this will try to authenticate the user on all the directories specified on ldap.yml and will return true or false.
+# If authentication fails an error message, containing directory response (error message and code), will be displayed on server's logs.
+#
+# Authentication only on specified directories
+#
+# If you have to check user's credentials only on some specific directories, you can pass an hash to AvdtLdapLegacy.new(), specifying on which to do the check.
+#
+# a = AvdtLdapLegacy.new(:directories => [:dir1,dir3])
+# a.valid?(login,password)
+# => true   (false)
+#
+# NOTE: The authentication process stops as soon as one positive match is found, so it's possible that not all the directories are queried.
+#
+# User's attributes access:
+# If you have to access (read) user's attributes from the directory you can
+# use the handy methods provided by the gem. Let's suppose we need two attributes,
+# the user's name and surname ("givenName" and "sn" attributes on the directory).
+# Simply access attributes as in the example below:
+#
+# a = AvdtLdapLegacy.new.valid?(login, password)
+# name = a.givenname
+# surname = a.cn
+#
+# As you can see methods names reflects attribute's name (but always in downcase).
+# You can also access the whole attributes hash by calling:
+
+# a.user_attributes
+#
+# On which directory is located the user ?
+# You can know it by calling the +user_location+ method on your AvdtLdapLegacy object:
+#
+# location = a.user_location
+
+require 'net/ldap'
+
+class AvdtLdapLegacy
+
+  # Used to simplify configuration from rails initializers.
+  # Works with the methods configuration and configure defined below.
+  class << self
+    attr_accessor :configuration
+  end
+
+  attr_accessor :directories, :include_default, :user_attributes, :user_location
+
+  # Loads ldap configuration file and sets up the object's parameters
+  def initialize(args = {})
+    if File.exist?(AvdtLdapLegacy.configuration.ldap_config_file)
+      @LDAP = YAML.load_file(AvdtLdapLegacy.configuration.ldap_config_file).symbolize_keys!
+    else
+      raise "AvdtLdapLegacy: File #{AvdtLdapLegacy.configuration.ldap_config_file} not found, maybe you forgot to define it ?"
+    end
+    @directories = args[:directories] || @LDAP[env].keys
+  end
+
+  # Checks for user's existance on specified directories. Just pass "login" and
+  # "password" parameters to chech if a user resides on one of the directories.
+  # After this method calling, if the user is authenticated, his (directory)
+  # attributes are availaible.
+  def valid? login, password
+    @directories.each do |ldap|
+      ldap = ldap.to_sym
+      unless @LDAP[env][ldap].nil?
+        conn = connection(ldap)
+        conn.authenticate("#{attribute(ldap)}=#{login.to_s},#{base(ldap)}", password.to_s)
+        begin
+          # if bind => OK
+          if conn.bind
+            logger.info("Authenticated #{login.to_s} by #{host(ldap)}") if logger
+            @user_attributes = conn.search(:base => base(ldap),:filter => Net::LDAP::Filter.eq(attribute(ldap),login.to_s)).first.each do |k,v|
+              class_eval "attr_reader :#{k}"
+              self.instance_variable_set "@#{k}".to_sym, v
+            end
+            @user_location = ldap
+            return true
+          else
+            logger.info("Error attempting to authenticate #{login.to_s} by #{host(ldap)}: #{conn.get_operation_result.code} #{conn.get_operation_result.message}") if logger
+          end
+        rescue Net::LDAP::LdapError => error
+          logger.info("Error attempting to authenticate #{login.to_s} by #{host(ldap)}: #{error.message}") if logger
+          return false
+        end
+      else
+        logger.info "ERROR ! \"#{ldap}\" directory data are missing in ldap.yml" if logger
+        raise Net::LDAP::LdapError, "\"#{ldap}\" directory data are missing in ldap.yml"
+      end
+    end
+    false
+  end
+
+  # Adds configuration ability to the gem
+  def self.configuration
+    @configuration ||= Configuration.new
+  end
+
+  def self.configure
+    yield(configuration)
+  end
+
+  private
+
+  # Given a directory name returns a connection to that server using parameters
+  # specified in ldap.yml
+  def connection(which_ldap)
+    Net::LDAP.new(:host => host(which_ldap), :port => port(which_ldap), :encryption => (:simple_tls if ssl?(which_ldap)))
+  end
+
+  # Given a directory return it's host name
+  def host(which_ldap)
+    @LDAP[env][which_ldap][:host] || "127.0.0.1"
+  end
+
+  # Given a directory returns it's host port
+  def port(which_ldap)
+    ssl?(which_ldap) ? (@LDAP[env][which_ldap][:port] || 636) : (@LDAP[env][which_ldap][:port] || 389)
+  end
+
+  # Given a directory returns it's attribute (example: uid)
+  def attribute(which_ldap)
+    @LDAP[env][which_ldap][:attribute] || "uid"
+  end
+
+  # Given a directory returns it's base path (example ou=People,dc=foo,dc=bar)
+  def base(which_ldap)
+    @LDAP[env][which_ldap][:base] || "%s"
+  end
+
+  # Given a directory returns if connection should use ssl
+  def ssl?(which_ldap)
+    @LDAP[env][which_ldap][:ssl] ? true : false
+  end
+
+  # Returns Rails Default logger
+  def logger
+    Rails.logger
+  end
+
+  def env
+    Rails.env.to_sym
+  end
+
+end

data/lib/avdt_ldap_legacy/configuration.rb

@@ -0,0 +1,7 @@
+class Configuration
+  attr_accessor :ldap_config_file
+
+  def initialize
+    @ldap_config_file = "#{Rails.root}/config/ldap.yml"
+  end
+end

data/lib/avdt_ldap_legacy/hash.rb

@@ -0,0 +1,20 @@
+class Hash
+    
+  # Transforms all the hash keys from strings to symbols.
+  # Example:
+  # {"one" => "two", "three" => "four"}.symbolize_keys
+  # => {:one=>"two", :three=>"four"}
+  #
+  def symbolize_keys!
+    t = self.dup
+    self.clear
+    t.each_pair do |k,v|
+      self[k.to_sym] = v
+      if v.kind_of?(Hash)
+        v.symbolize_keys!
+      end
+      self
+    end
+    self
+  end
+end

data/lib/avdt_ldap_legacy/version.rb

@@ -0,0 +1,3 @@
+module AvdtLdapLegacy
+  VERSION = "1.1.0"
+end

metadata

@@ -0,0 +1,96 @@
+--- !ruby/object:Gem::Specification 
+name: avdt_ldap_legacy
+version: !ruby/object:Gem::Version 
+  hash: 19
+  prerelease: false
+  segments: 
+  - 1
+  - 1
+  - 0
+  version: 1.1.0
+platform: ruby
+authors: 
+- Alessandro Verlato
+- Davide Targa
+autorequire: 
+bindir: bin
+cert_chain: []
+
+date: 2011-06-22 00:00:00 +02:00
+default_executable: 
+dependencies: 
+- !ruby/object:Gem::Dependency 
+  name: ruby-net-ldap
+  prerelease: false
+  requirement: &id001 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        hash: 3
+        segments: 
+        - 0
+        version: "0"
+  type: :runtime
+  version_requirements: *id001
+description: avdt_ldap is a simple LDAP authentication library for user authentication on multiple LDAP directories
+email: 
+- averlato@gmail.com
+- davide.targa@gmail.com
+executables: []
+
+extensions: []
+
+extra_rdoc_files: []
+
+files: 
+- .gitignore
+- Gemfile
+- LICENSE
+- README.rdoc
+- Rakefile
+- avdt_ldap_legacy.gemspec
+- ldap.example.yml
+- lib/avdt_ldap_legacy.rb
+- lib/avdt_ldap_legacy/avdt_ldap_legacy.rb
+- lib/avdt_ldap_legacy/configuration.rb
+- lib/avdt_ldap_legacy/hash.rb
+- lib/avdt_ldap_legacy/version.rb
+has_rdoc: true
+homepage: https://rubygems.org/gems/avdt_ldap_legacy
+licenses: []
+
+post_install_message: 
+rdoc_options: []
+
+require_paths: 
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement 
+  none: false
+  requirements: 
+  - - ~>
+    - !ruby/object:Gem::Version 
+      hash: 59
+      segments: 
+      - 1
+      - 8
+      - 6
+      version: 1.8.6
+required_rubygems_version: !ruby/object:Gem::Requirement 
+  none: false
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      hash: 3
+      segments: 
+      - 0
+      version: "0"
+requirements: []
+
+rubyforge_project: avdt_ldap_legacy
+rubygems_version: 1.3.7
+signing_key: 
+specification_version: 3
+summary: avdt_ldap for Ruby 1.8.6
+test_files: []
+