casino_core-authenticator-activerecord 1.1.4 → 1.1.6

data/.gitignore

@@ -15,35 +15,4 @@ doc
 # jeweler generated
 pkg
 
-# Have editor/IDE/OS specific files you need to ignore? Consider using a global gitignore: 
-#
-# * Create a file at ~/.gitignore
-# * Include files you want ignored
-# * Run: git config --global core.excludesfile ~/.gitignore
-#
-# After doing this, these files will be ignored in all your git projects,
-# saving you from having to 'pollute' every project you touch with them
-#
-# Not sure what to needs to be ignored for particular editors/OSes? Here's some ideas to get you started. (Remember, remove the leading # of the line)
-#
-# For MacOS:
-#
-#.DS_Store
-
-# For TextMate
-#*.tmproj
-#tmtags
-
-# For emacs:
-#*~
-#\#*
-#.\#*
-
-# For vim:
-#*.swp
-
-# For redcar:
-#.redcar
-
-# For rubinius:
-#*.rbc
+/Gemfile.lock

data/.rspec

@@ -0,0 +1 @@
+--color --format Fivemat

data/.ruby-version

@@ -1 +1 @@
-ruby-1.9.3-p194
+1.9.3-p194

data/.travis.yml

@@ -0,0 +1,4 @@
+language: ruby
+rvm:
+  - 1.9.3
+  - 2.0.0

data/README.md

@@ -19,6 +19,7 @@ To use the ActiveRecord authenticator, configure it in your cas.yml:
           table: "users"
           username_column: "username"
           password_column: "password"
+          pepper: "suffix of the password"            # optional
           extra_attributes:
             email: "email_database_column"
             fullname: "displayname_database_column"

data/casino_core-authenticator-activerecord.gemspec

@@ -22,6 +22,7 @@ Gem::Specification.new do |s|
   s.add_development_dependency 'simplecov', '~> 0.7'
   s.add_development_dependency 'sqlite3', '~> 1.3.7'
   s.add_development_dependency 'coveralls'
+  s.add_development_dependency 'fivemat'
 
   s.add_runtime_dependency 'activerecord', '~> 3.2.12'
   s.add_runtime_dependency 'unix-crypt', '~> 1.1'

data/lib/casino_core/authenticator/activerecord.rb

@@ -38,6 +38,7 @@ class CASinoCore::Authenticator::ActiveRecord
 
   private
   def valid_password?(password, password_from_database)
+    return false if password_from_database.blank?
     magic = password_from_database.split('$')[1]
     case magic
     when /\A2a?\z/
@@ -48,7 +49,8 @@ class CASinoCore::Authenticator::ActiveRecord
   end
 
   def valid_password_with_bcrypt?(password, password_from_database)
-    BCrypt::Password.new(password_from_database) == password
+    password_with_pepper = password + @options[:pepper].to_s
+    BCrypt::Password.new(password_from_database) == password_with_pepper
   end
 
   def valid_password_with_unix_crypt?(password, password_from_database)
@@ -57,9 +59,13 @@ class CASinoCore::Authenticator::ActiveRecord
 
   def extra_attributes(user)
     attributes = {}
-    @options[:extra_attributes].each do |attribute_name, database_column|
+    extra_attributes_option.each do |attribute_name, database_column|
       attributes[attribute_name] = user.send(database_column)
     end
     attributes
   end
+
+  def extra_attributes_option
+    @options[:extra_attributes] || {}
+  end
 end

data/lib/casino_core/authenticator/activerecord/version.rb

@@ -1,7 +1,7 @@
 module CASinoCore
   class Authenticator
     class ActiveRecord
-      VERSION = '1.1.4'
+      VERSION = '1.1.6'
     end
   end
 end

data/spec/casino_core/authenticator/activerecord_spec.rb

@@ -3,6 +3,8 @@ require 'casino_core/authenticator/activerecord'
 
 describe CASinoCore::Authenticator::ActiveRecord do
 
+  let(:pepper) { nil }
+  let(:extra_attributes) {{ email: 'mail_address' }}
   let(:options) do
     {
       connection: {
@@ -12,9 +14,8 @@ describe CASinoCore::Authenticator::ActiveRecord do
       table: 'users',
       username_column: 'username',
       password_column: 'password',
-      extra_attributes: {
-        email: 'mail_address'
-      }
+      pepper: pepper,
+      extra_attributes: extra_attributes
     }
   end
 
@@ -58,6 +59,14 @@ describe CASinoCore::Authenticator::ActiveRecord do
         it 'returns the extra attributes' do
           @authenticator.validate('test', 'testpassword')[:extra_attributes][:email].should eq('mail@example.org')
         end
+
+        context 'when no extra attributes given' do
+          let(:extra_attributes) { nil }
+
+          it 'returns an empty hash for extra attributes' do
+            @authenticator.validate('test', 'testpassword')[:extra_attributes].should eq({})
+          end
+        end
       end
 
       context 'invalid password' do
@@ -65,6 +74,26 @@ describe CASinoCore::Authenticator::ActiveRecord do
           @authenticator.validate('test', 'wrongpassword').should eq(false)
         end
       end
+
+      context 'NULL password field' do
+        it 'returns false' do
+          user = CASinoCore::Authenticator::ActiveRecord::User.first
+          user.password = nil
+          user.save!
+
+          @authenticator.validate('test', 'wrongpassword').should eq(false)
+        end
+      end
+
+      context 'empty password field' do
+        it 'returns false' do
+          user = CASinoCore::Authenticator::ActiveRecord::User.first
+          user.password = ''
+          user.save!
+
+          @authenticator.validate('test', 'wrongpassword').should eq(false)
+        end
+      end
     end
 
     context 'invalid username' do
@@ -86,6 +115,21 @@ describe CASinoCore::Authenticator::ActiveRecord do
       end
     end
 
+    context 'support for bcrypt with pepper' do
+      let(:pepper) { 'abcdefg' }
+
+      before do
+        CASinoCore::Authenticator::ActiveRecord::User.create!(
+          username: 'test3',
+          password: '$2a$10$ndCGPWg5JFMQH/Kl6xKe.OGNaiG7CFIAVsgAOJU75Q6g5/FpY5eX6', # password: testpassword3, pepper: abcdefg
+          mail_address: 'mail@example.org')
+      end
+
+      it 'is able to handle bcrypt password hashes' do
+        @authenticator.validate('test3', 'testpassword3').should be_instance_of(Hash)
+      end
+    end
+
   end
 
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: casino_core-authenticator-activerecord
 version: !ruby/object:Gem::Version
-  version: 1.1.4
+  version: 1.1.6
   prerelease: 
 platform: ruby
 authors:
@@ -10,7 +10,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2013-05-07 00:00:00.000000000 Z
+date: 2013-07-16 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rake
@@ -92,6 +92,22 @@ dependencies:
     - - ! '>='
       - !ruby/object:Gem::Version
         version: '0'
+- !ruby/object:Gem::Dependency
+  name: fivemat
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: activerecord
   requirement: !ruby/object:Gem::Requirement
@@ -150,10 +166,11 @@ extensions: []
 extra_rdoc_files: []
 files:
 - .gitignore
+- .rspec
 - .ruby-gemset
 - .ruby-version
+- .travis.yml
 - Gemfile
-- Gemfile.lock
 - LICENSE.txt
 - README.md
 - Rakefile

data/Gemfile.lock

@@ -1,66 +0,0 @@
-PATH
-  remote: .
-  specs:
-    casino_core-authenticator-activerecord (1.1.3)
-      activerecord (~> 3.2.12)
-      bcrypt-ruby (~> 3.0)
-      unix-crypt (~> 1.1)
-
-GEM
-  remote: https://rubygems.org/
-  specs:
-    activemodel (3.2.13)
-      activesupport (= 3.2.13)
-      builder (~> 3.0.0)
-    activerecord (3.2.13)
-      activemodel (= 3.2.13)
-      activesupport (= 3.2.13)
-      arel (~> 3.0.2)
-      tzinfo (~> 0.3.29)
-    activesupport (3.2.13)
-      i18n (= 0.6.1)
-      multi_json (~> 1.0)
-    arel (3.0.2)
-    bcrypt-ruby (3.0.1)
-    builder (3.0.4)
-    colorize (0.5.8)
-    coveralls (0.6.4)
-      colorize
-      multi_json (~> 1.3)
-      rest-client
-      simplecov (>= 0.7)
-      thor
-    diff-lcs (1.2.2)
-    i18n (0.6.1)
-    mime-types (1.22)
-    multi_json (1.7.2)
-    rake (10.0.4)
-    rest-client (1.6.7)
-      mime-types (>= 1.16)
-    rspec (2.13.0)
-      rspec-core (~> 2.13.0)
-      rspec-expectations (~> 2.13.0)
-      rspec-mocks (~> 2.13.0)
-    rspec-core (2.13.1)
-    rspec-expectations (2.13.0)
-      diff-lcs (>= 1.1.3, < 2.0)
-    rspec-mocks (2.13.0)
-    simplecov (0.7.1)
-      multi_json (~> 1.0)
-      simplecov-html (~> 0.7.1)
-    simplecov-html (0.7.1)
-    sqlite3 (1.3.7)
-    thor (0.18.1)
-    tzinfo (0.3.37)
-    unix-crypt (1.1.0)
-
-PLATFORMS
-  ruby
-
-DEPENDENCIES
-  casino_core-authenticator-activerecord!
-  coveralls
-  rake (~> 10.0)
-  rspec (~> 2.12)
-  simplecov (~> 0.7)
-  sqlite3 (~> 1.3.7)