casino-ldap_authenticator 2.0.3 → 3.0.0.pre1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (5) hide show
  1. data/casino-ldap_authenticator.gemspec +1 -1
  2. data/lib/casino/ldap_authenticator.rb +39 -36
  3. data/lib/casino/ldap_authenticator/version.rb +1 -1
  4. data/spec/casino/ldap_authenticator_spec.rb +35 -6
  5. metadata +13 -7
data/casino-ldap_authenticator.gemspec CHANGED
@@ -23,5 +23,5 @@ Gem::Specification.new do |s|
23
23
  s.add_development_dependency 'coveralls'
24
24
 
25
25
  s.add_runtime_dependency 'net-ldap', '~> 0.3'
26
- s.add_runtime_dependency 'casino', '~> 3.0.0'
26
+ s.add_runtime_dependency 'casino', '>= 3.0.0', '< 5.0.0'
27
27
  end
data/lib/casino/ldap_authenticator.rb CHANGED
@@ -10,48 +10,58 @@ class CASino::LDAPAuthenticator
10
10
  end
11
11
 
12
12
  def validate(username, password)
13
- begin
14
- user_plain = authenticate(username, password)
15
- if !user_plain
16
- false
17
- else
18
- generate_user(user_plain)
19
- end
20
- rescue Net::LDAP::LdapError => e
21
- raise CASino::Authenticator::AuthenticatorError,
22
- "LDAP authentication failed with '#{e}'. Check your authenticator configuration."
23
- end
13
+ authenticate(username, password)
14
+ rescue Net::LDAP::LdapError => e
15
+ raise CASino::Authenticator::AuthenticatorError,
16
+ "LDAP authentication failed with '#{e}'. Check your authenticator configuration."
17
+ end
18
+
19
+ def load_user_data(username)
20
+ load_user_data_with_connection(username, connect_to_ldap)
24
21
  end
25
22
 
26
23
  private
27
- def ldap
28
- return @ldap if @ldap
29
- @ldap = Net::LDAP.new
30
- @ldap.host = @options[:host]
31
- @ldap.port = @options[:port]
32
- if @options[:encryption]
33
- @ldap.encryption(@options[:encryption].to_sym)
24
+ def connect_to_ldap
25
+ Net::LDAP.new.tap do |ldap|
26
+ ldap.host = @options[:host]
27
+ ldap.port = @options[:port]
28
+ if @options[:encryption]
29
+ ldap.encryption(@options[:encryption].to_sym)
30
+ end
31
+ unless @options[:admin_user].nil?
32
+ ldap.auth(@options[:admin_user], @options[:admin_password])
33
+ end
34
34
  end
35
- return @ldap
36
35
  end
37
36
 
38
37
  def authenticate(username, password)
39
38
  # Don't allow "Unauthenticated bind" (http://www.openldap.org/doc/admin24/security.html#Authentication%20Methods)
40
39
  return false unless password && !password.empty?
41
40
 
42
- unless @options[:admin_user].nil?
43
- ldap.auth(@options[:admin_user], @options[:admin_password])
41
+ ldap = connect_to_ldap
42
+ user = ldap.bind_as(:base => @options[:base], :size => 1, :password => password, :filter => user_filter(username))
43
+ if user
44
+ load_user_data_with_connection(username, ldap)
45
+ else
46
+ false
44
47
  end
48
+ end
45
49
 
46
- user_plain = ldap.bind_as(:base => @options[:base], :size => 1, :password => password, :filter => user_filter(username))
47
- if user_plain
48
- include_attributes = @options[:extra_attributes].values + [username_attribute]
49
- user_plain = ldap.search(:base => @options[:base], :filter => user_filter(username), :attributes => include_attributes)
50
- if user_plain.is_a?(Array)
51
- user_plain = user_plain.first
52
- end
50
+ def load_user_data_with_connection(username, ldap)
51
+ include_attributes = @options[:extra_attributes].values + [username_attribute]
52
+ user = ldap.search(:base => @options[:base], :filter => user_filter(username), :attributes => include_attributes)
53
+ return nil if user.nil?
54
+ if user.is_a?(Array)
55
+ user = user.first
53
56
  end
54
- return user_plain
57
+ user_data(user)
58
+ end
59
+
60
+ def user_data(user)
61
+ {
62
+ username: user[username_attribute].first,
63
+ extra_attributes: extra_attributes(user)
64
+ }
55
65
  end
56
66
 
57
67
  def username_attribute
@@ -66,13 +76,6 @@ class CASino::LDAPAuthenticator
66
76
  filter
67
77
  end
68
78
 
69
- def generate_user(user_plain)
70
- {
71
- username: user_plain[username_attribute].first,
72
- extra_attributes: extra_attributes(user_plain)
73
- }
74
- end
75
-
76
79
  def extra_attributes(user_plain)
77
80
  if @options[:extra_attributes]
78
81
  result = {}
data/lib/casino/ldap_authenticator/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  module CASino
2
2
  class LDAPAuthenticator
3
- VERSION = '2.0.3'
3
+ VERSION = '3.0.0.pre1'
4
4
  end
5
5
  end
data/spec/casino/ldap_authenticator_spec.rb CHANGED
@@ -15,22 +15,51 @@ describe CASino::LDAPAuthenticator do
15
15
 
16
16
  before(:each) do
17
17
  Net::LDAP.stub(:new).and_return(connection)
18
- [:host=, :port=, :encryption].each do |setting|
18
+ [:host=, :port=, :encryption, :bind_as, :search].each do |setting|
19
19
  connection.stub(setting)
20
20
  end
21
21
  end
22
22
 
23
+ describe '#load_user_data' do
24
+ let(:username) { 'NaNiwa' }
25
+ let(:email) { 'naniwa@swarmhosts.com' }
26
+
27
+ context 'valid username' do
28
+ let(:ldap_entry) {
29
+ Net::LDAP::Entry.new.tap do |entry|
30
+ entry[:uid] = username
31
+ entry[:mail] = email
32
+ end
33
+ }
34
+
35
+ before(:each) do
36
+ connection.stub(:search) do
37
+ ldap_entry
38
+ end
39
+ end
40
+
41
+ it 'returns the username' do
42
+ subject.load_user_data(username)[:username].should eq(username)
43
+ end
44
+
45
+ it 'returns the extra attributes' do
46
+ subject.load_user_data(username)[:extra_attributes][:email].should eq(email)
47
+ end
48
+ end
49
+
50
+ context 'invalid username' do
51
+ it 'returns nil' do
52
+ subject.load_user_data(username).should eq(nil)
53
+ end
54
+ end
55
+ end
56
+
23
57
  describe '#validate' do
24
58
  let(:username) { 'test' }
25
59
  let(:password) { 'foo' }
26
60
  let(:user_filter) { Net::LDAP::Filter.eq(options[:username_attribute], username) }
27
61
  let(:extra_attributes) { ['mail', :displayname, 'memberof'] }
28
62
 
29
- before(:each) do
30
- connection.stub(:bind_as)
31
- connection.stub(:search)
32
- end
33
-
34
63
  it 'does the connection setup' do
35
64
  connection.should_receive(:host=).with(options[:host])
36
65
  connection.should_receive(:port=).with(options[:port])
metadata CHANGED
@@ -1,15 +1,15 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: casino-ldap_authenticator
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.0.3
5
- prerelease:
4
+ version: 3.0.0.pre1
5
+ prerelease: 6
6
6
  platform: ruby
7
7
  authors:
8
8
  - Nils Caspar
9
9
  autorequire:
10
10
  bindir: bin
11
11
  cert_chain: []
12
- date: 2015-01-30 00:00:00.000000000 Z
12
+ date: 2015-02-09 00:00:00.000000000 Z
13
13
  dependencies:
14
14
  - !ruby/object:Gem::Dependency
15
15
  name: rake
@@ -96,17 +96,23 @@ dependencies:
96
96
  requirement: !ruby/object:Gem::Requirement
97
97
  none: false
98
98
  requirements:
99
- - - ~>
99
+ - - ! '>='
100
100
  - !ruby/object:Gem::Version
101
101
  version: 3.0.0
102
+ - - <
103
+ - !ruby/object:Gem::Version
104
+ version: 5.0.0
102
105
  type: :runtime
103
106
  prerelease: false
104
107
  version_requirements: !ruby/object:Gem::Requirement
105
108
  none: false
106
109
  requirements:
107
- - - ~>
110
+ - - ! '>='
108
111
  - !ruby/object:Gem::Version
109
112
  version: 3.0.0
113
+ - - <
114
+ - !ruby/object:Gem::Version
115
+ version: 5.0.0
110
116
  description: This gem can be used to allow the CASino backend to authenticate against
111
117
  an LDAP server.
112
118
  email:
@@ -147,9 +153,9 @@ required_ruby_version: !ruby/object:Gem::Requirement
147
153
  required_rubygems_version: !ruby/object:Gem::Requirement
148
154
  none: false
149
155
  requirements:
150
- - - ! '>='
156
+ - - ! '>'
151
157
  - !ruby/object:Gem::Version
152
- version: '0'
158
+ version: 1.3.1
153
159
  requirements: []
154
160
  rubyforge_project:
155
161
  rubygems_version: 1.8.23