RubyGems - cbsorcery - Versions diffs - 0.8.6 - Mend

cbsorcery 0.8.6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (135) hide show

data/.document +5 -0
data/.gitignore +56 -0
data/.rspec +1 -0
data/.travis.yml +40 -0
data/CHANGELOG.md +263 -0
data/Gemfile +6 -0
data/LICENSE.txt +20 -0
data/README.md +360 -0
data/Rakefile +6 -0
data/gemfiles/active_record-rails40.gemfile +7 -0
data/gemfiles/active_record-rails41.gemfile +7 -0
data/lib/generators/sorcery/USAGE +22 -0
data/lib/generators/sorcery/helpers.rb +40 -0
data/lib/generators/sorcery/install_generator.rb +95 -0
data/lib/generators/sorcery/templates/initializer.rb +451 -0
data/lib/generators/sorcery/templates/migration/activity_logging.rb +10 -0
data/lib/generators/sorcery/templates/migration/brute_force_protection.rb +9 -0
data/lib/generators/sorcery/templates/migration/core.rb +13 -0
data/lib/generators/sorcery/templates/migration/external.rb +12 -0
data/lib/generators/sorcery/templates/migration/remember_me.rb +8 -0
data/lib/generators/sorcery/templates/migration/reset_password.rb +9 -0
data/lib/generators/sorcery/templates/migration/user_activation.rb +9 -0
data/lib/sorcery.rb +85 -0
data/lib/sorcery/adapters/active_record_adapter.rb +120 -0
data/lib/sorcery/adapters/base_adapter.rb +30 -0
data/lib/sorcery/controller.rb +157 -0
data/lib/sorcery/controller/config.rb +65 -0
data/lib/sorcery/controller/submodules/activity_logging.rb +82 -0
data/lib/sorcery/controller/submodules/brute_force_protection.rb +38 -0
data/lib/sorcery/controller/submodules/external.rb +199 -0
data/lib/sorcery/controller/submodules/http_basic_auth.rb +74 -0
data/lib/sorcery/controller/submodules/remember_me.rb +81 -0
data/lib/sorcery/controller/submodules/session_timeout.rb +56 -0
data/lib/sorcery/crypto_providers/aes256.rb +51 -0
data/lib/sorcery/crypto_providers/bcrypt.rb +97 -0
data/lib/sorcery/crypto_providers/common.rb +35 -0
data/lib/sorcery/crypto_providers/md5.rb +19 -0
data/lib/sorcery/crypto_providers/sha1.rb +28 -0
data/lib/sorcery/crypto_providers/sha256.rb +36 -0
data/lib/sorcery/crypto_providers/sha512.rb +36 -0
data/lib/sorcery/engine.rb +21 -0
data/lib/sorcery/model.rb +183 -0
data/lib/sorcery/model/config.rb +96 -0
data/lib/sorcery/model/submodules/activity_logging.rb +70 -0
data/lib/sorcery/model/submodules/brute_force_protection.rb +125 -0
data/lib/sorcery/model/submodules/external.rb +100 -0
data/lib/sorcery/model/submodules/remember_me.rb +62 -0
data/lib/sorcery/model/submodules/reset_password.rb +131 -0
data/lib/sorcery/model/submodules/user_activation.rb +149 -0
data/lib/sorcery/model/temporary_token.rb +30 -0
data/lib/sorcery/protocols/certs/ca-bundle.crt +5182 -0
data/lib/sorcery/protocols/oauth.rb +42 -0
data/lib/sorcery/protocols/oauth2.rb +47 -0
data/lib/sorcery/providers/base.rb +27 -0
data/lib/sorcery/providers/facebook.rb +63 -0
data/lib/sorcery/providers/github.rb +51 -0
data/lib/sorcery/providers/google.rb +51 -0
data/lib/sorcery/providers/jira.rb +77 -0
data/lib/sorcery/providers/linkedin.rb +66 -0
data/lib/sorcery/providers/liveid.rb +53 -0
data/lib/sorcery/providers/twitter.rb +59 -0
data/lib/sorcery/providers/vk.rb +63 -0
data/lib/sorcery/providers/xing.rb +64 -0
data/lib/sorcery/railties/tasks.rake +6 -0
data/lib/sorcery/test_helpers/internal.rb +78 -0
data/lib/sorcery/test_helpers/internal/rails.rb +68 -0
data/lib/sorcery/test_helpers/rails/controller.rb +21 -0
data/lib/sorcery/test_helpers/rails/integration.rb +26 -0
data/lib/sorcery/version.rb +3 -0
data/sorcery.gemspec +34 -0
data/spec/active_record/user_activation_spec.rb +18 -0
data/spec/active_record/user_activity_logging_spec.rb +17 -0
data/spec/active_record/user_brute_force_protection_spec.rb +16 -0
data/spec/active_record/user_oauth_spec.rb +16 -0
data/spec/active_record/user_remember_me_spec.rb +16 -0
data/spec/active_record/user_reset_password_spec.rb +16 -0
data/spec/active_record/user_spec.rb +37 -0
data/spec/controllers/controller_activity_logging_spec.rb +124 -0
data/spec/controllers/controller_brute_force_protection_spec.rb +43 -0
data/spec/controllers/controller_http_basic_auth_spec.rb +68 -0
data/spec/controllers/controller_oauth2_spec.rb +407 -0
data/spec/controllers/controller_oauth_spec.rb +240 -0
data/spec/controllers/controller_remember_me_spec.rb +117 -0
data/spec/controllers/controller_session_timeout_spec.rb +80 -0
data/spec/controllers/controller_spec.rb +215 -0
data/spec/orm/active_record.rb +21 -0
data/spec/rails_app/app/active_record/authentication.rb +3 -0
data/spec/rails_app/app/active_record/user.rb +5 -0
data/spec/rails_app/app/active_record/user_provider.rb +3 -0
data/spec/rails_app/app/controllers/sorcery_controller.rb +265 -0
data/spec/rails_app/app/helpers/application_helper.rb +2 -0
data/spec/rails_app/app/mailers/sorcery_mailer.rb +32 -0
data/spec/rails_app/app/views/application/index.html.erb +17 -0
data/spec/rails_app/app/views/layouts/application.html.erb +14 -0
data/spec/rails_app/app/views/sorcery_mailer/activation_email.html.erb +17 -0
data/spec/rails_app/app/views/sorcery_mailer/activation_email.text.erb +9 -0
data/spec/rails_app/app/views/sorcery_mailer/activation_needed_email.html.erb +17 -0
data/spec/rails_app/app/views/sorcery_mailer/activation_success_email.html.erb +17 -0
data/spec/rails_app/app/views/sorcery_mailer/activation_success_email.text.erb +9 -0
data/spec/rails_app/app/views/sorcery_mailer/reset_password_email.html.erb +16 -0
data/spec/rails_app/app/views/sorcery_mailer/reset_password_email.text.erb +8 -0
data/spec/rails_app/app/views/sorcery_mailer/send_unlock_token_email.text.erb +1 -0
data/spec/rails_app/config.ru +4 -0
data/spec/rails_app/config/application.rb +56 -0
data/spec/rails_app/config/boot.rb +4 -0
data/spec/rails_app/config/database.yml +22 -0
data/spec/rails_app/config/environment.rb +5 -0
data/spec/rails_app/config/environments/test.rb +37 -0
data/spec/rails_app/config/initializers/backtrace_silencers.rb +7 -0
data/spec/rails_app/config/initializers/inflections.rb +10 -0
data/spec/rails_app/config/initializers/mime_types.rb +5 -0
data/spec/rails_app/config/initializers/secret_token.rb +7 -0
data/spec/rails_app/config/initializers/session_store.rb +12 -0
data/spec/rails_app/config/locales/en.yml +5 -0
data/spec/rails_app/config/routes.rb +48 -0
data/spec/rails_app/db/migrate/activation/20101224223622_add_activation_to_users.rb +17 -0
data/spec/rails_app/db/migrate/activity_logging/20101224223624_add_activity_logging_to_users.rb +19 -0
data/spec/rails_app/db/migrate/brute_force_protection/20101224223626_add_brute_force_protection_to_users.rb +13 -0
data/spec/rails_app/db/migrate/core/20101224223620_create_users.rb +16 -0
data/spec/rails_app/db/migrate/external/20101224223628_create_authentications_and_user_providers.rb +22 -0
data/spec/rails_app/db/migrate/remember_me/20101224223623_add_remember_me_token_to_users.rb +15 -0
data/spec/rails_app/db/migrate/reset_password/20101224223622_add_reset_password_to_users.rb +13 -0
data/spec/rails_app/db/schema.rb +23 -0
data/spec/rails_app/db/seeds.rb +7 -0
data/spec/shared_examples/user_activation_shared_examples.rb +242 -0
data/spec/shared_examples/user_activity_logging_shared_examples.rb +97 -0
data/spec/shared_examples/user_brute_force_protection_shared_examples.rb +156 -0
data/spec/shared_examples/user_oauth_shared_examples.rb +36 -0
data/spec/shared_examples/user_remember_me_shared_examples.rb +57 -0
data/spec/shared_examples/user_reset_password_shared_examples.rb +263 -0
data/spec/shared_examples/user_shared_examples.rb +467 -0
data/spec/sorcery_crypto_providers_spec.rb +198 -0
data/spec/spec.opts +2 -0
data/spec/spec_helper.rb +41 -0
metadata +350 -0

data/lib/sorcery/protocols/oauth.rb ADDED Viewed

@@ -0,0 +1,42 @@
+require 'oauth'
+module Sorcery
+  module Protocols
+    module Oauth
+      def oauth_version
+        '1.0'
+      end
+      def get_request_token(token=nil,secret=nil)
+        return ::OAuth::RequestToken.new(get_consumer, token, secret) if token && secret
+        get_consumer.get_request_token(oauth_callback: @callback_url)
+      end
+      def authorize_url(args)
+        get_request_token(
+          args[:request_token],
+          args[:request_token_secret]
+        ).authorize_url({
+          oauth_callback: @callback_url
+        })
+      end
+      def get_access_token(args)
+        get_request_token(
+          args[:request_token],
+          args[:request_token_secret]
+        ).get_access_token({
+          oauth_verifier: args[:oauth_verifier]
+        })
+      end
+      protected
+      def get_consumer
+        ::OAuth::Consumer.new(@key, @secret, site: @site)
+      end
+    end
+  end
+end

data/lib/sorcery/protocols/oauth2.rb ADDED Viewed

@@ -0,0 +1,47 @@
+require 'oauth2'
+module Sorcery
+  module Protocols
+    module Oauth2
+      def oauth_version
+        '2.0'
+      end
+      def authorize_url(options = {})
+        client = build_client(options)
+        client.auth_code.authorize_url(
+          redirect_uri: @callback_url,
+          scope: @scope,
+          display: @display,
+          state: @state
+        )
+      end
+      def get_access_token(args, options = {})
+        client = build_client(options)
+        client.auth_code.get_token(
+          args[:code],
+          {
+            redirect_uri: @callback_url,
+            parse: options.delete(:parse)
+          },
+          options
+        )
+      end
+      def build_client(options = {})
+        defaults = {
+          site: @site,
+          ssl: { ca_file: Sorcery::Controller::Config.ca_file }
+        }
+        ::OAuth2::Client.new(
+          @key,
+          @secret,
+          defaults.merge!(options)
+        )
+      end
+    end
+  end
+end

data/lib/sorcery/providers/base.rb ADDED Viewed

@@ -0,0 +1,27 @@
+module Sorcery
+  module Providers
+    class Base
+      attr_reader   :access_token
+      attr_accessor :callback_url, :key, :original_callback_url, :secret,
+                    :site, :state, :user_info_mapping
+      def has_callback?; true; end
+      def initialize
+        @user_info_mapping = {}
+      end
+      def self.name
+        super.gsub(/Sorcery::Providers::/, '').downcase
+      end
+      # Ensure that all descendant classes are loaded before run this
+      def self.descendants
+        ObjectSpace.each_object(Class).select { |klass| klass < self }
+      end
+    end
+  end
+end

data/lib/sorcery/providers/facebook.rb ADDED Viewed

@@ -0,0 +1,63 @@
+module Sorcery
+  module Providers
+    # This class adds support for OAuth with facebook.com.
+    #
+    #   config.facebook.key = <key>
+    #   config.facebook.secret = <secret>
+    #   ...
+    #
+    class Facebook < Base
+      include Protocols::Oauth2
+      attr_reader   :mode, :param_name, :parse
+      attr_accessor :access_permissions, :display, :scope, :token_url,
+                    :user_info_path
+      def initialize
+        super
+        @site           = 'https://graph.facebook.com'
+        @user_info_path = '/me'
+        @scope          = 'email,offline_access'
+        @display        = 'page'
+        @token_url      = 'oauth/access_token'
+        @mode           = :query
+        @parse          = :query
+        @param_name     = 'access_token'
+      end
+      def get_user_hash(access_token)
+        response = access_token.get(user_info_path)
+        {}.tap do |h|
+          h[:user_info] = JSON.parse(response.body)
+          h[:uid] = h[:user_info]['id']
+        end
+      end
+      # calculates and returns the url to which the user should be redirected,
+      # to get authenticated at the external provider's site.
+      def login_url(params, session)
+        authorize_url
+      end
+      # overrides oauth2#authorize_url to allow customized scope.
+      def authorize_url
+        @scope = access_permissions.present? ? access_permissions.join(',') : scope
+        super
+      end
+      # tries to login the user from access token
+      def process_callback(params, session)
+        args = {}.tap do |a|
+          a[:code] = params[:code] if params[:code]
+        end
+        get_access_token(args, token_url: token_url, mode: mode,
+          param_name: param_name, parse: parse)
+      end
+    end
+  end
+end

data/lib/sorcery/providers/github.rb ADDED Viewed

@@ -0,0 +1,51 @@
+module Sorcery
+  module Providers
+    # This class adds support for OAuth with github.com.
+    #
+    #   config.github.key = <key>
+    #   config.github.secret = <secret>
+    #   ...
+    #
+    class Github < Base
+      include Protocols::Oauth2
+      attr_accessor :auth_path, :scope, :token_url, :user_info_path
+      def initialize
+        super
+        @scope          = nil
+        @site           = 'https://github.com/'
+        @user_info_path = 'https://api.github.com/user'
+        @auth_path      = '/login/oauth/authorize'
+        @token_url      = '/login/oauth/access_token'
+      end
+      def get_user_hash(access_token)
+        response = access_token.get(user_info_path)
+        {}.tap do |h|
+          h[:user_info] = JSON.parse(response.body)
+          h[:uid] = h[:user_info]['id']
+        end
+      end
+      # calculates and returns the url to which the user should be redirected,
+      # to get authenticated at the external provider's site.
+      def login_url(params, session)
+        authorize_url({ authorize_url: auth_path })
+      end
+      # tries to login the user from access token
+      def process_callback(params, session)
+        args = {}.tap do |a|
+          a[:code] = params[:code] if params[:code]
+        end
+        get_access_token(args, token_url: token_url, token_method: :post)
+      end
+    end
+  end
+end

data/lib/sorcery/providers/google.rb ADDED Viewed

@@ -0,0 +1,51 @@
+module Sorcery
+  module Providers
+    # This class adds support for OAuth with google.com.
+    #
+    #   config.google.key = <key>
+    #   config.google.secret = <secret>
+    #   ...
+    #
+    class Google < Base
+      include Protocols::Oauth2
+      attr_accessor :auth_url, :scope, :token_url, :user_info_url
+      def initialize
+        super
+        @site          = 'https://accounts.google.com'
+        @auth_url      = '/o/oauth2/auth'
+        @token_url     = '/o/oauth2/token'
+        @user_info_url = 'https://www.googleapis.com/oauth2/v1/userinfo'
+        @scope         = 'https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/userinfo.profile'
+      end
+      def get_user_hash(access_token)
+        response = access_token.get(user_info_url)
+        {}.tap do |h|
+          h[:user_info] = JSON.parse(response.body)
+          h[:uid] = h[:user_info]['id']
+        end
+      end
+      # calculates and returns the url to which the user should be redirected,
+      # to get authenticated at the external provider's site.
+      def login_url(params, session)
+        authorize_url({ authorize_url: auth_url })
+      end
+      # tries to login the user from access token
+      def process_callback(params, session)
+        args = {}.tap do |a|
+          a[:code] = params[:code] if params[:code]
+        end
+        get_access_token(args, token_url: token_url, token_method: :post)
+      end
+    end
+  end
+end

data/lib/sorcery/providers/jira.rb ADDED Viewed

@@ -0,0 +1,77 @@
+module Sorcery
+  module Providers
+    # This class adds support for OAuth with Jira
+    #
+    #   config.jira.key = <key>
+    #   config.jira.secret = <secret>
+    #   ...
+    #
+    class Jira < Base
+      include Protocols::Oauth
+      attr_accessor :access_token_path, :authorize_path, :request_token_path,
+                    :user_info_path, :site, :signature_method, :private_key_file, :callback_url
+      def initialize
+        @configuration = {
+            authorize_path: '/authorize',
+            request_token_path: '/request-token',
+            access_token_path: '/access-token'
+        }
+        @user_info_path = '/users/me'
+      end
+      # Override included get_consumer method to provide authorize_path
+      #read extra configurations
+      def get_consumer
+        @configuration = @configuration.merge({
+            site: site,
+            signature_method: signature_method,
+            consumer_key: key,
+            private_key_file: private_key_file
+        })
+        ::OAuth::Consumer.new(@key, @secret, @configuration)
+      end
+      def get_user_hash(access_token)
+        response = access_token.get(user_info_path)
+        {}.tap do |h|
+          h[:user_info] = JSON.parse(response.body)['users'].first
+          h[:uid] = user_hash[:user_info]['id'].to_s
+        end
+      end
+      # calculates and returns the url to which the user should be redirected,
+      # to get authenticated at the external provider's site.
+      def login_url(params, session)
+        req_token = get_request_token
+        session[:request_token]         = req_token.token
+        session[:request_token_secret]  = req_token.secret
+        #it was like that -> redirect_to authorize_url({ request_token: req_token.token, request_token_secret: req_token.secret })
+        #for some reason Jira does not need these parameters
+        get_request_token(
+          session[:request_token],
+          session[:request_token_secret]
+        ).authorize_url
+      end
+      # tries to login the user from access token
+      def process_callback(params, session)
+        args = {
+          oauth_verifier:       params[:oauth_verifier],
+          request_token:        session[:request_token],
+          request_token_secret: session[:request_token_secret]
+        }
+        args.merge!({ code: params[:code] }) if params[:code]
+        get_access_token(args)
+      end
+    end
+  end
+end

data/lib/sorcery/providers/linkedin.rb ADDED Viewed

@@ -0,0 +1,66 @@
+module Sorcery
+  module Providers
+    # This class adds support for OAuth with Linkedin.com.
+    #
+    #   config.linkedin.key = <key>
+    #   config.linkedin.secret = <secret>
+    #   ...
+    #
+    class Linkedin < Base
+      include Protocols::Oauth
+      attr_accessor :authorize_path, :access_permissions, :access_token_path,
+                    :request_token_path, :user_info_fields, :user_info_path
+      def initialize
+        @configuration = {
+          site: 'https://api.linkedin.com',
+          authorize_path: '/uas/oauth/authenticate',
+          request_token_path: '/uas/oauth/requestToken',
+          access_token_path: '/uas/oauth/accessToken'
+        }
+        @user_info_path = '/v1/people/~'
+      end
+      # Override included get_consumer method to provide authorize_path
+      def get_consumer
+        # Add access permissions to request token path
+        @configuration[:request_token_path] += '?scope=' + access_permissions.join('+') unless access_permissions.blank? or @configuration[:request_token_path].include? '?scope='
+        ::OAuth::Consumer.new(@key, @secret, @configuration)
+      end
+      def get_user_hash(access_token)
+        fields = self.user_info_fields.join(',')
+        response = access_token.get("#{@user_info_path}:(#{fields})", 'x-li-format' => 'json')
+        {}.tap do |h|
+          h[:user_info] = JSON.parse(response.body)
+          h[:uid] = h[:user_info]['id'].to_s
+        end
+      end
+      # calculates and returns the url to which the user should be redirected,
+      # to get authenticated at the external provider's site.
+      def login_url(params, session)
+        req_token = get_request_token
+        session[:request_token]         = req_token.token
+        session[:request_token_secret]  = req_token.secret
+        authorize_url({ request_token: req_token.token, request_token_secret: req_token.secret })
+      end
+      # tries to login the user from access token
+      def process_callback(params, session)
+        args = {
+          oauth_verifier:       params[:oauth_verifier],
+          request_token:        session[:request_token],
+          request_token_secret: session[:request_token_secret]
+        }
+        args.merge!({ code: params[:code] }) if params[:code]
+        get_access_token(args)
+      end
+    end
+  end
+end

data/lib/sorcery/providers/liveid.rb ADDED Viewed

@@ -0,0 +1,53 @@
+module Sorcery
+  module Providers
+    # This class adds support for OAuth with microsoft liveid.
+    #
+    #   config.liveid.key = <key>
+    #   config.liveid.secret = <secret>
+    #   ...
+    #
+    class Liveid < Base
+      include Protocols::Oauth2
+      attr_accessor :auth_url, :token_path, :user_info_url, :scope
+      def initialize
+        super
+        @site           = 'https://oauth.live.com/'
+        @auth_url       = '/authorize'
+        @token_path     = '/token'
+        @user_info_url  = 'https://apis.live.net/v5.0/me'
+        @scope          = 'wl.basic wl.emails wl.offline_access'
+      end
+      def get_user_hash(access_token)
+        access_token.token_param = 'access_token'
+        response = access_token.get(user_info_url)
+        {}.tap do |h|
+          h[:user_info] = JSON.parse(response.body)
+          h[:uid] = h[:user_info]['id']
+        end
+      end
+      # calculates and returns the url to which the user should be redirected,
+      # to get authenticated at the external provider's site.
+      def login_url(params, session)
+        self.authorize_url({ authorize_url: auth_url })
+      end
+      # tries to login the user from access token
+      def process_callback(params, session)
+        args = {}.tap do |a|
+          a[:code] = params[:code] if params[:code]
+        end
+        get_access_token(args, access_token_path: token_path,
+          access_token_method: :post)
+      end
+    end
+  end
+end