blueauth 0.0.5

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 59aac8d5b398a5a4eca4c258b8cea6c4ea55522b
+  data.tar.gz: 5bf67c57e5e13373f728b2d7b2eb10b4709e1fbe
+SHA512:
+  metadata.gz: df93080542f4398640c7de6fe6bb7a4902a8b78fe7d99adcf75b3e4476dd4e7952a75bb119fb51075cbaad82aab81b978e4ce970ec0ef9d58f2220c1018edd6f
+  data.tar.gz: 2519db022a4d4f7aa80b16f811663ff5617e34981f38f77f0724ff8d0c5e7438d3288fc93cb50cb47d40a25c0718482101ee79e2e23d6201d031ec281262e807

data/.gitignore

@@ -0,0 +1,10 @@
+/.bundle/
+/.yardoc
+/Gemfile.lock
+/_yardoc/
+/coverage/
+/doc/
+/pkg/
+/spec/reports/
+/tmp/
+/.idea

data/.rspec

@@ -0,0 +1,2 @@
+--format documentation
+--color

data/.travis.yml

@@ -0,0 +1,4 @@
+language: ruby
+rvm:
+  - 2.2.3
+before_install: gem install bundler -v 1.11.2

data/Gemfile

@@ -0,0 +1,4 @@
+source 'https://rubygems.org'
+
+# Specify your gem's dependencies in blueauth.gemspec
+gemspec

data/LICENSE.txt

@@ -0,0 +1,21 @@
+The MIT License (MIT)
+
+Copyright (c) 2016 mawwerik
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.

data/README.md

@@ -0,0 +1,55 @@
+# Blueauth
+
+The purpose of this gem is to allow IBMers to search and authenticate user that are registered in IBM's Enterprise Directory. This gem can only be used in IBM's Intranet network. Every IBM employee can be searched based on his/her Intraned ID, or Notes ID, or Common name. 
+
+## Installation
+
+Add this line to your application's Gemfile:
+
+```ruby
+gem 'blueauth'
+```
+
+And then execute:
+
+    $ bundle install
+
+Or install it yourself as:
+
+    $ gem install blueauth
+
+## Usage
+
+#### Search for a user if she/he exists in IBM's Enterprise Directory
+    
+The userid can be Intranet ID or Notes ID or Common name
+    
+      Blueauth::search 'istvan.kovacs@hu.ibm.com'
+      Blueauth::search 'Istvan Kovacs/Hungary/IBM'
+      Blueauth::search 'Istvan Kovacs'
+
+If the user is found, then the returned object will be a hash: {:name, :country, :intranetid, :dn}. If the user is not found, then nil
+
+
+#### Search for a user's Bluegroups
+    
+First, the user must exist in Enterprise Directory, and the Bluegroup can be queried based on the DN of the user
+    
+      user = Blueauth::search 'istvan.kovacs@hu.ibm.com'
+      Blueauth::bluegroups user[:dn]
+
+Returned object will be an Array of strings containing the names of Bluegroups where the user is assigned to.
+
+#### Authenticate a user with his/her password
+    
+The userid can be Intranet ID or Notes ID or Common name
+    
+      Blueauth::authenticate 'istvan.kovacs@hu.ibm.com', 'password'
+      Blueauth::authenticate 'Istvan Kovacs/Hungary/IBM', 'password'
+      Blueauth::authenticate 'Istvan Kovacs', 'password'
+
+If the user is found, then the returned object will be a hash: {:name, :country, :intranetid, :dn, :groups}. Groups is an array containing all Bluegroups. If the user is not found, then nil
+
+#### In case of any problem with LDAP server will throw an Exception
+
+    Blueauth::BlueError

data/Rakefile

@@ -0,0 +1,6 @@
+require "bundler/gem_tasks"
+require "rspec/core/rake_task"
+
+RSpec::Core::RakeTask.new(:spec)
+
+task :default => :spec

data/bin/console

@@ -0,0 +1,14 @@
+#!/usr/bin/env ruby
+
+require "bundler/setup"
+require "blueauth"
+
+# You can add fixtures and/or initialization code here to make experimenting
+# with your gem easier. You can also use a different console, if you like.
+
+# (If you use this, don't forget to add pry to your Gemfile!)
+# require "pry"
+# Pry.start
+
+require "irb"
+IRB.start

data/bin/setup

@@ -0,0 +1,8 @@
+#!/usr/bin/env bash
+set -euo pipefail
+IFS=$'\n\t'
+set -vx
+
+bundle install
+
+# Do any other automated setup that you need to do here

data/blueauth.gemspec

@@ -0,0 +1,37 @@
+# coding: utf-8
+lib = File.expand_path('../lib', __FILE__)
+original_verbose, $VERBOSE = $VERBOSE, nil
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+$VERBOSE = original_verbose
+require 'blueauth/version'
+
+Gem::Specification.new do |spec|
+  spec.name          = "blueauth"
+  spec.version       = Blueauth::VERSION
+  spec.authors       = ["zoltan-izso"]
+  spec.email         = ["zoltan.izso@hu.ibm.com"]
+
+  spec.summary       = %q{Bluepages Authentication for IBMers within IBM's Intranet}
+  spec.description   = %q{Bluepages Authentication for IBMers within IBM's Intranet}
+  #spec.homepage      = "Currently there is no homepage specified"
+  spec.license       = "MIT"
+
+  # Prevent pushing this gem to RubyGems.org by setting 'allowed_push_host', or
+  # delete this section to allow pushing this gem to any host.
+  if spec.respond_to?(:metadata)
+    spec.metadata['allowed_push_host'] = 'https://rubygems.org'
+  else
+    raise "RubyGems 2.0 or newer is required to protect against public gem pushes."
+  end
+
+  spec.files         = `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(test|spec|features)/}) }
+  spec.bindir        = "exe"
+  spec.executables   = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
+  spec.require_paths = ["lib"]
+
+  spec.add_dependency 'net-ldap', '~>0.11'
+
+  spec.add_development_dependency "bundler", "~> 1.11"
+  spec.add_development_dependency "rake", "~> 10.0"
+  spec.add_development_dependency "rspec", "~> 3.0"
+end

data/lib/blueauth.rb

@@ -0,0 +1,96 @@
+require "blueauth/version"
+require "blueauth/error"
+require 'net-ldap'
+
+module Blueauth
+
+  Net::LDAP::LDAPControls::PAGED_RESULTS = FALSE
+
+  BPHOST = "bluepages.ibm.com"
+  BGHOST = "bluegroups.ibm.com"
+  BPBASE = "ou=bluepages,o=ibm.com"
+  BGBASE = "ou=memberlist,ou=ibmgroups,o=ibm.com"
+
+  # using this method a user can be authenticated
+  # Intraned ID, password are mandatory
+  def self.authenticate id, password
+    ldap = Net::LDAP.new host: BPHOST, port: 636, base: BPBASE, :encryption => :simple_tls
+    user = search id.strip
+    unless user.nil?
+      ldap.auth user[:dn], password.strip
+      begin
+        auth = ldap.bind
+      rescue => e
+        raise Blueauth::BlueError, "BluePages Bind issue -> #{e.message}"
+      end
+      if auth
+        groups = bluegroups user[:dn]
+        return user.merge({groups: groups})
+      else
+        return nil
+      end
+    end
+  end
+
+  # Tries to find the given user id in Enterprise Directory and the result will be an LDAP object
+  # user id can be
+  #   - Intranet ID (must contain '@' sign)
+  #   - Notes ID (must contain '/' sign)
+  #   - Common name (none of the previous two)
+  # return object contains
+  # :name, :country, :intranetid, :dn
+  def self.search id
+    ldap = Net::LDAP.new host: BPHOST, port: 636, base: BPBASE, :encryption => :simple_tls
+    if id.include? '@'
+      searchfield = 'mail'
+    elsif id.include? '/'
+      searchfield = 'notesid'
+      email_parts = id.split('/')
+      id = ''
+      c = 1
+      email_parts.each do |part|
+        case c
+          when 1
+            id = 'CN='+part
+          when email_parts.count
+            id = id + '/O='+part
+          else
+            id = id + '/OU='+part
+        end
+        c += 1
+      end
+    else
+      searchfield = 'cn'
+    end
+    filter = Net::LDAP::Filter.eq(searchfield, id) & Net::LDAP::Filter.eq('objectclass', "ibmPerson")
+    begin
+      user_array = ldap.search(base: BPBASE, filter: filter, size: 1)
+    rescue => e
+      raise Blueauth::BlueError, "BluePages Search issue -> #{e.message}"
+    end
+
+    if user_array.count == 0
+      result = nil
+    else
+      user = user_array.first
+      result = {name: user.cn.first, country: user.co.first, intranetid: user.preferredidentity.first, dn: user.dn}
+    end
+
+    return result
+  end
+
+  def self.bluegroups dn
+    result = []
+    bg = Net::LDAP.new host: BGHOST, port: 389, base: BGBASE
+    bgf = Net::LDAP::Filter.eq('uniquemember', dn)
+    begin
+      bgres = bg.search(base: BGBASE, filter: bgf, attributes: ['cn'])
+    rescue => e
+      raise Blueauth::BlueError, "BlueGroup Search issue -> #{e.message}"
+    end
+    bgres.each {|g| result << g.cn.first}
+
+    return result
+  end
+
+end

data/lib/blueauth/error.rb

@@ -0,0 +1,19 @@
+module Blueauth
+  class Error < StandardError
+
+    def initialize(options = {})
+      options.is_a?(String) ? @options = {:message => options} : @options = options
+    end
+
+    def message
+      @options[:message]
+    end
+
+    def options
+      @options
+    end
+  end
+
+  class BlueError < Error
+  end
+end

data/lib/blueauth/version.rb

@@ -0,0 +1,3 @@
+module Blueauth
+  VERSION = "0.0.5"
+end

metadata

@@ -0,0 +1,115 @@
+--- !ruby/object:Gem::Specification
+name: blueauth
+version: !ruby/object:Gem::Version
+  version: 0.0.5
+platform: ruby
+authors:
+- zoltan-izso
+autorequire: 
+bindir: exe
+cert_chain: []
+date: 2016-04-15 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: net-ldap
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.11'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.11'
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.11'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.11'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '10.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '10.0'
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.0'
+description: Bluepages Authentication for IBMers within IBM's Intranet
+email:
+- zoltan.izso@hu.ibm.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- ".gitignore"
+- ".idea/vcs.xml"
+- ".rspec"
+- ".travis.yml"
+- Gemfile
+- LICENSE.txt
+- README.md
+- Rakefile
+- bin/console
+- bin/setup
+- blueauth.gemspec
+- lib/blueauth.rb
+- lib/blueauth/error.rb
+- lib/blueauth/version.rb
+homepage: 
+licenses:
+- MIT
+metadata:
+  allowed_push_host: https://rubygems.org
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.4.5.1
+signing_key: 
+specification_version: 4
+summary: Bluepages Authentication for IBMers within IBM's Intranet
+test_files: []