RubyGems - casino-ldap_authenticator - Versions diffs - 2.0.3 → 3.0.0.pre1 - Mend

casino-ldap_authenticator 2.0.3 → 3.0.0.pre1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

data/casino-ldap_authenticator.gemspec +1 -1
data/lib/casino/ldap_authenticator.rb +39 -36
data/lib/casino/ldap_authenticator/version.rb +1 -1
data/spec/casino/ldap_authenticator_spec.rb +35 -6
metadata +13 -7

data/casino-ldap_authenticator.gemspec CHANGED Viewed

@@ -23,5 +23,5 @@ Gem::Specification.new do |s|
   s.add_development_dependency 'coveralls'
   s.add_runtime_dependency 'net-ldap', '~> 0.3'
-  s.add_runtime_dependency 'casino', '~> 3.0.0'
+  s.add_runtime_dependency 'casino', '>= 3.0.0', '< 5.0.0'
 end

data/lib/casino/ldap_authenticator.rb CHANGED Viewed

@@ -10,48 +10,58 @@ class CASino::LDAPAuthenticator
   end
   def validate(username, password)
-    begin
-      user_plain = authenticate(username, password)
-      if !user_plain
-        false
-      else
-        generate_user(user_plain)
-      end
-    rescue Net::LDAP::LdapError => e
-      raise CASino::Authenticator::AuthenticatorError,
-        "LDAP authentication failed with '#{e}'. Check your authenticator configuration."
-    end
+    authenticate(username, password)
+  rescue Net::LDAP::LdapError => e
+    raise CASino::Authenticator::AuthenticatorError,
+      "LDAP authentication failed with '#{e}'. Check your authenticator configuration."
+  end
+  def load_user_data(username)
+    load_user_data_with_connection(username, connect_to_ldap)
   end
   private
-  def ldap
-    return @ldap if @ldap
-    @ldap = Net::LDAP.new
-    @ldap.host = @options[:host]
-    @ldap.port = @options[:port]
-    if @options[:encryption]
-      @ldap.encryption(@options[:encryption].to_sym)
+  def connect_to_ldap
+    Net::LDAP.new.tap do |ldap|
+      ldap.host = @options[:host]
+      ldap.port = @options[:port]
+      if @options[:encryption]
+        ldap.encryption(@options[:encryption].to_sym)
+      end
+      unless @options[:admin_user].nil?
+        ldap.auth(@options[:admin_user], @options[:admin_password])
+      end
     end
-    return @ldap
   end
   def authenticate(username, password)
     # Don't allow "Unauthenticated bind" (http://www.openldap.org/doc/admin24/security.html#Authentication%20Methods)
     return false unless password && !password.empty?
-    unless @options[:admin_user].nil?
-      ldap.auth(@options[:admin_user], @options[:admin_password])
+    ldap = connect_to_ldap
+    user = ldap.bind_as(:base => @options[:base], :size => 1, :password => password, :filter => user_filter(username))
+    if user
+      load_user_data_with_connection(username, ldap)
+    else
+      false
     end
+  end
-    user_plain = ldap.bind_as(:base => @options[:base], :size => 1, :password => password, :filter => user_filter(username))
-    if user_plain
-      include_attributes = @options[:extra_attributes].values + [username_attribute]
-      user_plain = ldap.search(:base => @options[:base], :filter => user_filter(username), :attributes => include_attributes)
-      if user_plain.is_a?(Array)
-        user_plain = user_plain.first
-      end
+  def load_user_data_with_connection(username, ldap)
+    include_attributes = @options[:extra_attributes].values + [username_attribute]
+    user = ldap.search(:base => @options[:base], :filter => user_filter(username), :attributes => include_attributes)
+    return nil if user.nil?
+    if user.is_a?(Array)
+      user = user.first
     end
-    return user_plain
+    user_data(user)
+  end
+  def user_data(user)
+    {
+      username: user[username_attribute].first,
+      extra_attributes: extra_attributes(user)
+    }
   end
   def username_attribute
@@ -66,13 +76,6 @@ class CASino::LDAPAuthenticator
     filter
   end
-  def generate_user(user_plain)
-    {
-      username: user_plain[username_attribute].first,
-      extra_attributes: extra_attributes(user_plain)
-    }
-  end
   def extra_attributes(user_plain)
     if @options[:extra_attributes]
       result = {}

data/lib/casino/ldap_authenticator/version.rb CHANGED Viewed

@@ -1,5 +1,5 @@
 module CASino
   class LDAPAuthenticator
-    VERSION = '2.0.3'
+    VERSION = '3.0.0.pre1'
   end
 end

data/spec/casino/ldap_authenticator_spec.rb CHANGED Viewed

@@ -15,22 +15,51 @@ describe CASino::LDAPAuthenticator do
   before(:each) do
     Net::LDAP.stub(:new).and_return(connection)
-    [:host=, :port=, :encryption].each do |setting|
+    [:host=, :port=, :encryption, :bind_as, :search].each do |setting|
       connection.stub(setting)
     end
   end
+  describe '#load_user_data' do
+    let(:username) { 'NaNiwa' }
+    let(:email) { 'naniwa@swarmhosts.com' }
+    context 'valid username' do
+      let(:ldap_entry) {
+        Net::LDAP::Entry.new.tap do |entry|
+          entry[:uid] = username
+          entry[:mail] = email
+        end
+      }
+      before(:each) do
+        connection.stub(:search) do
+          ldap_entry
+        end
+      end
+      it 'returns the username' do
+        subject.load_user_data(username)[:username].should eq(username)
+      end
+      it 'returns the extra attributes' do
+        subject.load_user_data(username)[:extra_attributes][:email].should eq(email)
+      end
+    end
+    context 'invalid username' do
+      it 'returns nil' do
+        subject.load_user_data(username).should eq(nil)
+      end
+    end
+  end
   describe '#validate' do
     let(:username) { 'test' }
     let(:password) { 'foo' }
     let(:user_filter) { Net::LDAP::Filter.eq(options[:username_attribute], username) }
     let(:extra_attributes) { ['mail', :displayname, 'memberof'] }
-    before(:each) do
-      connection.stub(:bind_as)
-      connection.stub(:search)
-    end
     it 'does the connection setup' do
       connection.should_receive(:host=).with(options[:host])
       connection.should_receive(:port=).with(options[:port])

metadata CHANGED Viewed

@@ -1,15 +1,15 @@
 --- !ruby/object:Gem::Specification
 name: casino-ldap_authenticator
 version: !ruby/object:Gem::Version
-  version: 2.0.3
-  prerelease:
+  version: 3.0.0.pre1
+  prerelease: 6
 platform: ruby
 authors:
 - Nils Caspar
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2015-01-30 00:00:00.000000000 Z
+date: 2015-02-09 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rake
@@ -96,17 +96,23 @@ dependencies:
   requirement: !ruby/object:Gem::Requirement
     none: false
     requirements:
-    - - ~>
+    - - ! '>='
       - !ruby/object:Gem::Version
         version: 3.0.0
+    - - <
+      - !ruby/object:Gem::Version
+        version: 5.0.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     none: false
     requirements:
-    - - ~>
+    - - ! '>='
       - !ruby/object:Gem::Version
         version: 3.0.0
+    - - <
+      - !ruby/object:Gem::Version
+        version: 5.0.0
 description: This gem can be used to allow the CASino backend to authenticate against
   an LDAP server.
 email:
@@ -147,9 +153,9 @@ required_ruby_version: !ruby/object:Gem::Requirement
 required_rubygems_version: !ruby/object:Gem::Requirement
   none: false
   requirements:
-  - - ! '>='
+  - - ! '>'
     - !ruby/object:Gem::Version
-      version: '0'
+      version: 1.3.1
 requirements: []
 rubyforge_project:
 rubygems_version: 1.8.23