casino-moped_authenticator 0.1.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml ADDED
@@ -0,0 +1,7 @@
1
+ ---
2
+ SHA1:
3
+ metadata.gz: cc4f881350257f5e33a8d782da20cf82c70ba491
4
+ data.tar.gz: 8f064650fc86b59e5f706d713f890e42baef14a9
5
+ SHA512:
6
+ metadata.gz: b431084b22b452c0ef538e4c52b47a0e9f68b6b6460914d3b42c5c150230bf5af1f691ae6c7bc7d6852f7d9d4613bf43c3072ac63b528e595b72db8f2aa2dd9c
7
+ data.tar.gz: 81b51967183a1324e5ea2fa08a1b513904fdd38f9a4f10bb1318780b8967c238c3c601f6b1e9e3506663b45c746ed0db008e53513d7686ffbc1f4f25b2fe98a8
data/.gitignore ADDED
@@ -0,0 +1,19 @@
1
+ # rcov generated
2
+ coverage
3
+ coverage.data
4
+
5
+ # rdoc generated
6
+ rdoc
7
+
8
+ # yard generated
9
+ doc
10
+ .yardoc
11
+
12
+ # bundler
13
+ .bundle
14
+ bin/
15
+
16
+ # jeweler generated
17
+ pkg
18
+
19
+ /Gemfile.lock
data/.rspec ADDED
@@ -0,0 +1 @@
1
+ --color --format documentation
data/.travis.yml ADDED
@@ -0,0 +1,6 @@
1
+ language: ruby
2
+ rvm:
3
+ - 1.9.3
4
+ - 2.0.0
5
+ services:
6
+ - mongodb
data/Gemfile ADDED
@@ -0,0 +1,2 @@
1
+ source 'https://rubygems.org'
2
+ gemspec
data/LICENSE.txt ADDED
@@ -0,0 +1,20 @@
1
+ Copyright (c) 2013 Digital Natives
2
+
3
+ Permission is hereby granted, free of charge, to any person obtaining
4
+ a copy of this software and associated documentation files (the
5
+ "Software"), to deal in the Software without restriction, including
6
+ without limitation the rights to use, copy, modify, merge, publish,
7
+ distribute, sublicense, and/or sell copies of the Software, and to
8
+ permit persons to whom the Software is furnished to do so, subject to
9
+ the following conditions:
10
+
11
+ The above copyright notice and this permission notice shall be
12
+ included in all copies or substantial portions of the Software.
13
+
14
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
15
+ EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
16
+ MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
17
+ NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
18
+ LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
19
+ OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
20
+ WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
data/README.md ADDED
@@ -0,0 +1,40 @@
1
+ # casino-moped_authenticator
2
+ [![Build Status](https://travis-ci.org/digitalnatives/casino-moped_authenticator.svg?branch=master)](https://travis-ci.org/digitalnatives/casino-moped_authenticator)
3
+ [![Coverage Status](https://img.shields.io/coveralls/digitalnatives/casino-moped_authenticator.svg)](https://coveralls.io/r/digitalnatives/casino-moped_authenticator?branch=master)
4
+
5
+ Provides mechanism to use Moped/Mongoid as an authenticator for [CASino](https://github.com/rbCAS/CASino).
6
+
7
+ To use the Moped authenticator, configure it in your cas.yml:
8
+
9
+ authenticators:
10
+ my_company_mongo:
11
+ authenticator: "Moped"
12
+ options:
13
+ database_url: "mongodb://localhost:27017/my_db"
14
+ collection: "users"
15
+ username_column: "username"
16
+ password_column: "password"
17
+ pepper: "suffix of the password" # optional
18
+ extra_attributes:
19
+ email: "email_database_column"
20
+ fullname: "displayname_database_column"
21
+
22
+ ## Contributing to casino-moped_authenticator
23
+
24
+ * Check out the latest master to make sure the feature hasn't been implemented
25
+ or the bug hasn't been fixed yet.
26
+ * Check out the issue tracker to make sure someone already hasn't requested it
27
+ and/or contributed it.
28
+ * Fork the project.
29
+ * Start a feature/bugfix branch.
30
+ * Commit and push until you are happy with your contribution.
31
+ * Make sure to add tests for it. This is important so I don't break it in
32
+ a future version unintentionally.
33
+ * Please try not to mess with the Rakefile, version, or history. If you want to
34
+ have your own version, or is otherwise necessary, that is fine, but please
35
+ isolate to its own commit so I can cherry-pick around it.
36
+
37
+ ## Copyright
38
+
39
+ Copyright (c) 2013 Digital Natives. See LICENSE.txt for further details.
40
+
data/Rakefile ADDED
@@ -0,0 +1,11 @@
1
+ require 'bundler'
2
+ require 'rake'
3
+ require 'bundler/gem_tasks'
4
+ require 'rspec/core/rake_task'
5
+
6
+ task :default => :spec
7
+
8
+ desc 'Run all specs'
9
+ RSpec::Core::RakeTask.new(:spec) do |spec|
10
+ spec.pattern = FileList['spec/**/*_spec.rb']
11
+ end
@@ -0,0 +1,30 @@
1
+ # -*- encoding: utf-8 -*-
2
+ $:.push File.expand_path('../lib', __FILE__)
3
+ require 'casino/moped_authenticator/version'
4
+
5
+ Gem::Specification.new do |s|
6
+ s.name = 'casino-moped_authenticator'
7
+ s.version = CASino::MopedAuthenticator::VERSION
8
+ s.authors = ['Gergo Sulymosi']
9
+ s.email = ['gergo@digitalnatives.hu']
10
+ s.homepage = 'http://rbcas.org/'
11
+ s.license = 'MIT'
12
+ s.summary = 'Provides mechanism to use Moped as an authenticator for CASino.'
13
+ s.description = 'This gem can be used to allow the CASino backend to authenticate against an MongoDB server using Moped.'
14
+
15
+ s.files = `git ls-files`.split("\n")
16
+ s.test_files = `git ls-files -- {test,spec,features}/*`.split("\n")
17
+ s.executables = [] # `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) }
18
+ s.require_paths = ['lib']
19
+
20
+ s.add_development_dependency 'rake', '~> 10.0'
21
+ s.add_development_dependency 'rspec', '~> 2.12'
22
+ s.add_development_dependency 'simplecov', '~> 0.7'
23
+ s.add_development_dependency 'coveralls'
24
+
25
+ s.add_runtime_dependency 'moped', '~> 1.5'
26
+ s.add_runtime_dependency 'unix-crypt', '~> 1.1'
27
+ s.add_runtime_dependency 'bcrypt', '~> 3.0'
28
+ s.add_runtime_dependency 'casino', '~> 2.0'
29
+ s.add_runtime_dependency 'phpass-ruby', '~> 0.1'
30
+ end
@@ -0,0 +1,2 @@
1
+ require 'casino/moped_authenticator/version'
2
+ require 'casino/moped_authenticator'
@@ -0,0 +1,68 @@
1
+ require 'moped'
2
+ require 'unix_crypt'
3
+ require 'bcrypt'
4
+ require 'phpass'
5
+
6
+ class CASino::MopedAuthenticator
7
+
8
+ # @param [Hash] options
9
+ def initialize(options)
10
+ @options = options
11
+ @connection = Moped::Session.connect(options[:database_url])
12
+ end
13
+
14
+ def validate(username, password)
15
+ return false unless user = collection.find(@options[:username_column] => username).first
16
+ password_from_database = user[@options[:password_column]]
17
+
18
+ if valid_password?(password, password_from_database)
19
+ { username: user[@options[:username_column]], extra_attributes: extra_attributes(user) }
20
+ else
21
+ false
22
+ end
23
+ end
24
+
25
+ private
26
+
27
+ def valid_password?(password, password_from_database)
28
+ return false if password_from_database.to_s.strip == ''
29
+ magic = password_from_database.split('$')[1]
30
+ case magic
31
+ when /\A2a?\z/
32
+ valid_password_with_bcrypt?(password, password_from_database)
33
+ when /\AH\z/, /\AP\z/
34
+ valid_password_with_phpass?(password, password_from_database)
35
+ else
36
+ valid_password_with_unix_crypt?(password, password_from_database)
37
+ end
38
+ end
39
+
40
+ def valid_password_with_bcrypt?(password, password_from_database)
41
+ password_with_pepper = password + @options[:pepper].to_s
42
+ BCrypt::Password.new(password_from_database) == password_with_pepper
43
+ end
44
+
45
+ def valid_password_with_unix_crypt?(password, password_from_database)
46
+ UnixCrypt.valid?(password, password_from_database)
47
+ end
48
+
49
+ def valid_password_with_phpass?(password, password_from_database)
50
+ Phpass.new().check(password, password_from_database)
51
+ end
52
+
53
+ def extra_attributes(user)
54
+ attributes = {}
55
+ extra_attributes_option.each do |attribute_name, database_column|
56
+ attributes[attribute_name] = user[database_column]
57
+ end
58
+ attributes
59
+ end
60
+
61
+ def extra_attributes_option
62
+ @options[:extra_attributes] || {}
63
+ end
64
+
65
+ def collection
66
+ @connection[@options[:collection]]
67
+ end
68
+ end
@@ -0,0 +1,5 @@
1
+ module CASino
2
+ class MopedAuthenticator
3
+ VERSION = '0.1.0'
4
+ end
5
+ end
@@ -0,0 +1,128 @@
1
+ require 'spec_helper'
2
+ require 'casino/moped_authenticator'
3
+
4
+ module CASino
5
+ describe MopedAuthenticator do
6
+
7
+ let(:pepper) { nil }
8
+ let(:extra_attributes) {{ email: 'mail_address' }}
9
+ let(:options) {{
10
+ database_url: 'mongodb://localhost:27017/my_db?safe=true',
11
+ collection: 'users',
12
+ username_column: 'username',
13
+ password_column: 'password',
14
+ pepper: pepper,
15
+ extra_attributes: extra_attributes
16
+ }}
17
+
18
+ subject { described_class.new(options) }
19
+
20
+ before do
21
+ create_user(
22
+ 'test',
23
+ '$5$cegeasjoos$vPX5AwDqOTGocGjehr7k1IYp6Kt.U4FmMUa.1l6NrzD', # password: testpassword
24
+ mail_address: 'mail@example.org'
25
+ )
26
+ end
27
+ after { @session.drop }
28
+
29
+ describe '#validate' do
30
+
31
+ context 'valid username' do
32
+ context 'valid password' do
33
+ it 'returns the username' do
34
+ subject.validate('test', 'testpassword')[:username].should eq('test')
35
+ end
36
+
37
+ it 'returns the extra attributes' do
38
+ subject.validate('test', 'testpassword')[:extra_attributes][:email].should eq('mail@example.org')
39
+ end
40
+
41
+ context 'when no extra attributes given' do
42
+ let(:extra_attributes) { nil }
43
+
44
+ it 'returns an empty hash for extra attributes' do
45
+ subject.validate('test', 'testpassword')[:extra_attributes].should eq({})
46
+ end
47
+ end
48
+ end
49
+
50
+ context 'invalid password' do
51
+ it 'returns false' do
52
+ subject.validate('test', 'wrongpassword').should eq(false)
53
+ end
54
+ end
55
+
56
+ context 'NULL password field' do
57
+ it 'returns false' do
58
+ update_user_pw 'test', nil
59
+
60
+ subject.validate('test', 'wrongpassword').should eq(false)
61
+ end
62
+ end
63
+
64
+ context 'empty password field' do
65
+ it 'returns false' do
66
+ update_user_pw 'test', ''
67
+
68
+ subject.validate('test', 'wrongpassword').should eq(false)
69
+ end
70
+ end
71
+ end
72
+
73
+ context 'invalid username' do
74
+ it 'returns false' do
75
+ subject.validate('does-not-exist', 'testpassword').should eq(false)
76
+ end
77
+ end
78
+
79
+ context 'support for bcrypt' do
80
+ it 'is able to handle bcrypt password hashes' do
81
+ create_user(
82
+ 'test2',
83
+ '$2a$10$dRFLSkYedQ05sqMs3b265e0nnJSoa9RhbpKXU79FDPVeuS1qBG7Jq', # password: testpassword2
84
+ mail_address: 'mail@example.org')
85
+ subject.validate('test2', 'testpassword2').should be_instance_of(Hash)
86
+ end
87
+ end
88
+
89
+ context 'support for bcrypt with pepper' do
90
+ let(:pepper) { 'abcdefg' }
91
+
92
+ it 'is able to handle bcrypt password hashes' do
93
+ create_user(
94
+ 'test3',
95
+ '$2a$10$ndCGPWg5JFMQH/Kl6xKe.OGNaiG7CFIAVsgAOJU75Q6g5/FpY5eX6', # password: testpassword3, pepper: abcdefg
96
+ mail_address: 'mail@example.org')
97
+ subject.validate('test3', 'testpassword3').should be_instance_of(Hash)
98
+ end
99
+ end
100
+
101
+ context 'support for phpass' do
102
+ it 'is able to handle phpass password hashes' do
103
+ create_user(
104
+ 'test4',
105
+ '$P$9IQRaTwmfeRo7ud9Fh4E2PdI0S3r.L0', # password: test12345
106
+ mail_address: 'mail@example.org')
107
+ subject.validate('test4', 'test12345').should be_instance_of(Hash)
108
+ end
109
+ end
110
+
111
+ end
112
+
113
+ def create_user(username, password, extra = {})
114
+ session[options[:collection]].insert({
115
+ username: username,
116
+ password: password,
117
+ }.merge(extra))
118
+ end
119
+
120
+ def update_user_pw(username, new_password)
121
+ session[options[:collection]].find(username: username).update(password: new_password)
122
+ end
123
+
124
+ def session
125
+ @session ||= ::Moped::Session.connect(options[:database_url])
126
+ end
127
+ end
128
+ end
@@ -0,0 +1,24 @@
1
+ require 'rubygems'
2
+ require 'bundler/setup'
3
+
4
+ require 'simplecov'
5
+ require 'coveralls'
6
+ SimpleCov.formatter = Coveralls::SimpleCov::Formatter
7
+ SimpleCov.start do
8
+ add_filter '/spec'
9
+ end
10
+
11
+ require 'rspec'
12
+ require 'casino-moped_authenticator'
13
+
14
+ # Requires supporting files with custom matchers and macros, etc,
15
+ # in ./support/ and its subdirectories.
16
+ Dir["#{File.dirname(__FILE__)}/support/**/*.rb"].each {|f| require f}
17
+
18
+ RSpec.configure do |config|
19
+ # Run specs in random order to surface order dependencies. If you find an
20
+ # order dependency and want to debug it, you can fix the order by providing
21
+ # the seed, which is printed after each run.
22
+ # --seed 1234
23
+ config.order = 'random'
24
+ end
metadata ADDED
@@ -0,0 +1,186 @@
1
+ --- !ruby/object:Gem::Specification
2
+ name: casino-moped_authenticator
3
+ version: !ruby/object:Gem::Version
4
+ version: 0.1.0
5
+ platform: ruby
6
+ authors:
7
+ - Gergo Sulymosi
8
+ autorequire:
9
+ bindir: bin
10
+ cert_chain: []
11
+ date: 2014-07-07 00:00:00.000000000 Z
12
+ dependencies:
13
+ - !ruby/object:Gem::Dependency
14
+ name: rake
15
+ requirement: !ruby/object:Gem::Requirement
16
+ requirements:
17
+ - - ~>
18
+ - !ruby/object:Gem::Version
19
+ version: '10.0'
20
+ type: :development
21
+ prerelease: false
22
+ version_requirements: !ruby/object:Gem::Requirement
23
+ requirements:
24
+ - - ~>
25
+ - !ruby/object:Gem::Version
26
+ version: '10.0'
27
+ - !ruby/object:Gem::Dependency
28
+ name: rspec
29
+ requirement: !ruby/object:Gem::Requirement
30
+ requirements:
31
+ - - ~>
32
+ - !ruby/object:Gem::Version
33
+ version: '2.12'
34
+ type: :development
35
+ prerelease: false
36
+ version_requirements: !ruby/object:Gem::Requirement
37
+ requirements:
38
+ - - ~>
39
+ - !ruby/object:Gem::Version
40
+ version: '2.12'
41
+ - !ruby/object:Gem::Dependency
42
+ name: simplecov
43
+ requirement: !ruby/object:Gem::Requirement
44
+ requirements:
45
+ - - ~>
46
+ - !ruby/object:Gem::Version
47
+ version: '0.7'
48
+ type: :development
49
+ prerelease: false
50
+ version_requirements: !ruby/object:Gem::Requirement
51
+ requirements:
52
+ - - ~>
53
+ - !ruby/object:Gem::Version
54
+ version: '0.7'
55
+ - !ruby/object:Gem::Dependency
56
+ name: coveralls
57
+ requirement: !ruby/object:Gem::Requirement
58
+ requirements:
59
+ - - '>='
60
+ - !ruby/object:Gem::Version
61
+ version: '0'
62
+ type: :development
63
+ prerelease: false
64
+ version_requirements: !ruby/object:Gem::Requirement
65
+ requirements:
66
+ - - '>='
67
+ - !ruby/object:Gem::Version
68
+ version: '0'
69
+ - !ruby/object:Gem::Dependency
70
+ name: moped
71
+ requirement: !ruby/object:Gem::Requirement
72
+ requirements:
73
+ - - ~>
74
+ - !ruby/object:Gem::Version
75
+ version: '1.5'
76
+ type: :runtime
77
+ prerelease: false
78
+ version_requirements: !ruby/object:Gem::Requirement
79
+ requirements:
80
+ - - ~>
81
+ - !ruby/object:Gem::Version
82
+ version: '1.5'
83
+ - !ruby/object:Gem::Dependency
84
+ name: unix-crypt
85
+ requirement: !ruby/object:Gem::Requirement
86
+ requirements:
87
+ - - ~>
88
+ - !ruby/object:Gem::Version
89
+ version: '1.1'
90
+ type: :runtime
91
+ prerelease: false
92
+ version_requirements: !ruby/object:Gem::Requirement
93
+ requirements:
94
+ - - ~>
95
+ - !ruby/object:Gem::Version
96
+ version: '1.1'
97
+ - !ruby/object:Gem::Dependency
98
+ name: bcrypt
99
+ requirement: !ruby/object:Gem::Requirement
100
+ requirements:
101
+ - - ~>
102
+ - !ruby/object:Gem::Version
103
+ version: '3.0'
104
+ type: :runtime
105
+ prerelease: false
106
+ version_requirements: !ruby/object:Gem::Requirement
107
+ requirements:
108
+ - - ~>
109
+ - !ruby/object:Gem::Version
110
+ version: '3.0'
111
+ - !ruby/object:Gem::Dependency
112
+ name: casino
113
+ requirement: !ruby/object:Gem::Requirement
114
+ requirements:
115
+ - - ~>
116
+ - !ruby/object:Gem::Version
117
+ version: '2.0'
118
+ type: :runtime
119
+ prerelease: false
120
+ version_requirements: !ruby/object:Gem::Requirement
121
+ requirements:
122
+ - - ~>
123
+ - !ruby/object:Gem::Version
124
+ version: '2.0'
125
+ - !ruby/object:Gem::Dependency
126
+ name: phpass-ruby
127
+ requirement: !ruby/object:Gem::Requirement
128
+ requirements:
129
+ - - ~>
130
+ - !ruby/object:Gem::Version
131
+ version: '0.1'
132
+ type: :runtime
133
+ prerelease: false
134
+ version_requirements: !ruby/object:Gem::Requirement
135
+ requirements:
136
+ - - ~>
137
+ - !ruby/object:Gem::Version
138
+ version: '0.1'
139
+ description: This gem can be used to allow the CASino backend to authenticate against
140
+ an MongoDB server using Moped.
141
+ email:
142
+ - gergo@digitalnatives.hu
143
+ executables: []
144
+ extensions: []
145
+ extra_rdoc_files: []
146
+ files:
147
+ - .gitignore
148
+ - .rspec
149
+ - .travis.yml
150
+ - Gemfile
151
+ - LICENSE.txt
152
+ - README.md
153
+ - Rakefile
154
+ - casino-moped_authenticator.gemspec
155
+ - lib/casino-moped_authenticator.rb
156
+ - lib/casino/moped_authenticator.rb
157
+ - lib/casino/moped_authenticator/version.rb
158
+ - spec/casino_core/moped_authenticator_spec.rb
159
+ - spec/spec_helper.rb
160
+ homepage: http://rbcas.org/
161
+ licenses:
162
+ - MIT
163
+ metadata: {}
164
+ post_install_message:
165
+ rdoc_options: []
166
+ require_paths:
167
+ - lib
168
+ required_ruby_version: !ruby/object:Gem::Requirement
169
+ requirements:
170
+ - - '>='
171
+ - !ruby/object:Gem::Version
172
+ version: '0'
173
+ required_rubygems_version: !ruby/object:Gem::Requirement
174
+ requirements:
175
+ - - '>='
176
+ - !ruby/object:Gem::Version
177
+ version: '0'
178
+ requirements: []
179
+ rubyforge_project:
180
+ rubygems_version: 2.0.3
181
+ signing_key:
182
+ specification_version: 4
183
+ summary: Provides mechanism to use Moped as an authenticator for CASino.
184
+ test_files:
185
+ - spec/casino_core/moped_authenticator_spec.rb
186
+ - spec/spec_helper.rb