RubyGems - cbsorcery - Versions diffs - 0.8.6 - Mend

cbsorcery 0.8.6

Files changed (135) hide show

data/.document +5 -0
data/.gitignore +56 -0
data/.rspec +1 -0
data/.travis.yml +40 -0
data/CHANGELOG.md +263 -0
data/Gemfile +6 -0
data/LICENSE.txt +20 -0
data/README.md +360 -0
data/Rakefile +6 -0
data/gemfiles/active_record-rails40.gemfile +7 -0
data/gemfiles/active_record-rails41.gemfile +7 -0
data/lib/generators/sorcery/USAGE +22 -0
data/lib/generators/sorcery/helpers.rb +40 -0
data/lib/generators/sorcery/install_generator.rb +95 -0
data/lib/generators/sorcery/templates/initializer.rb +451 -0
data/lib/generators/sorcery/templates/migration/activity_logging.rb +10 -0
data/lib/generators/sorcery/templates/migration/brute_force_protection.rb +9 -0
data/lib/generators/sorcery/templates/migration/core.rb +13 -0
data/lib/generators/sorcery/templates/migration/external.rb +12 -0
data/lib/generators/sorcery/templates/migration/remember_me.rb +8 -0
data/lib/generators/sorcery/templates/migration/reset_password.rb +9 -0
data/lib/generators/sorcery/templates/migration/user_activation.rb +9 -0
data/lib/sorcery.rb +85 -0
data/lib/sorcery/adapters/active_record_adapter.rb +120 -0
data/lib/sorcery/adapters/base_adapter.rb +30 -0
data/lib/sorcery/controller.rb +157 -0
data/lib/sorcery/controller/config.rb +65 -0
data/lib/sorcery/controller/submodules/activity_logging.rb +82 -0
data/lib/sorcery/controller/submodules/brute_force_protection.rb +38 -0
data/lib/sorcery/controller/submodules/external.rb +199 -0
data/lib/sorcery/controller/submodules/http_basic_auth.rb +74 -0
data/lib/sorcery/controller/submodules/remember_me.rb +81 -0
data/lib/sorcery/controller/submodules/session_timeout.rb +56 -0
data/lib/sorcery/crypto_providers/aes256.rb +51 -0
data/lib/sorcery/crypto_providers/bcrypt.rb +97 -0
data/lib/sorcery/crypto_providers/common.rb +35 -0
data/lib/sorcery/crypto_providers/md5.rb +19 -0
data/lib/sorcery/crypto_providers/sha1.rb +28 -0
data/lib/sorcery/crypto_providers/sha256.rb +36 -0
data/lib/sorcery/crypto_providers/sha512.rb +36 -0
data/lib/sorcery/engine.rb +21 -0
data/lib/sorcery/model.rb +183 -0
data/lib/sorcery/model/config.rb +96 -0
data/lib/sorcery/model/submodules/activity_logging.rb +70 -0
data/lib/sorcery/model/submodules/brute_force_protection.rb +125 -0
data/lib/sorcery/model/submodules/external.rb +100 -0
data/lib/sorcery/model/submodules/remember_me.rb +62 -0
data/lib/sorcery/model/submodules/reset_password.rb +131 -0
data/lib/sorcery/model/submodules/user_activation.rb +149 -0
data/lib/sorcery/model/temporary_token.rb +30 -0
data/lib/sorcery/protocols/certs/ca-bundle.crt +5182 -0
data/lib/sorcery/protocols/oauth.rb +42 -0
data/lib/sorcery/protocols/oauth2.rb +47 -0
data/lib/sorcery/providers/base.rb +27 -0
data/lib/sorcery/providers/facebook.rb +63 -0
data/lib/sorcery/providers/github.rb +51 -0
data/lib/sorcery/providers/google.rb +51 -0
data/lib/sorcery/providers/jira.rb +77 -0
data/lib/sorcery/providers/linkedin.rb +66 -0
data/lib/sorcery/providers/liveid.rb +53 -0
data/lib/sorcery/providers/twitter.rb +59 -0
data/lib/sorcery/providers/vk.rb +63 -0
data/lib/sorcery/providers/xing.rb +64 -0
data/lib/sorcery/railties/tasks.rake +6 -0
data/lib/sorcery/test_helpers/internal.rb +78 -0
data/lib/sorcery/test_helpers/internal/rails.rb +68 -0
data/lib/sorcery/test_helpers/rails/controller.rb +21 -0
data/lib/sorcery/test_helpers/rails/integration.rb +26 -0
data/lib/sorcery/version.rb +3 -0
data/sorcery.gemspec +34 -0
data/spec/active_record/user_activation_spec.rb +18 -0
data/spec/active_record/user_activity_logging_spec.rb +17 -0
data/spec/active_record/user_brute_force_protection_spec.rb +16 -0
data/spec/active_record/user_oauth_spec.rb +16 -0
data/spec/active_record/user_remember_me_spec.rb +16 -0
data/spec/active_record/user_reset_password_spec.rb +16 -0
data/spec/active_record/user_spec.rb +37 -0
data/spec/controllers/controller_activity_logging_spec.rb +124 -0
data/spec/controllers/controller_brute_force_protection_spec.rb +43 -0
data/spec/controllers/controller_http_basic_auth_spec.rb +68 -0
data/spec/controllers/controller_oauth2_spec.rb +407 -0
data/spec/controllers/controller_oauth_spec.rb +240 -0
data/spec/controllers/controller_remember_me_spec.rb +117 -0
data/spec/controllers/controller_session_timeout_spec.rb +80 -0
data/spec/controllers/controller_spec.rb +215 -0
data/spec/orm/active_record.rb +21 -0
data/spec/rails_app/app/active_record/authentication.rb +3 -0
data/spec/rails_app/app/active_record/user.rb +5 -0
data/spec/rails_app/app/active_record/user_provider.rb +3 -0
data/spec/rails_app/app/controllers/sorcery_controller.rb +265 -0
data/spec/rails_app/app/helpers/application_helper.rb +2 -0
data/spec/rails_app/app/mailers/sorcery_mailer.rb +32 -0
data/spec/rails_app/app/views/application/index.html.erb +17 -0
data/spec/rails_app/app/views/layouts/application.html.erb +14 -0
data/spec/rails_app/app/views/sorcery_mailer/activation_email.html.erb +17 -0
data/spec/rails_app/app/views/sorcery_mailer/activation_email.text.erb +9 -0
data/spec/rails_app/app/views/sorcery_mailer/activation_needed_email.html.erb +17 -0
data/spec/rails_app/app/views/sorcery_mailer/activation_success_email.html.erb +17 -0
data/spec/rails_app/app/views/sorcery_mailer/activation_success_email.text.erb +9 -0
data/spec/rails_app/app/views/sorcery_mailer/reset_password_email.html.erb +16 -0
data/spec/rails_app/app/views/sorcery_mailer/reset_password_email.text.erb +8 -0
data/spec/rails_app/app/views/sorcery_mailer/send_unlock_token_email.text.erb +1 -0
data/spec/rails_app/config.ru +4 -0
data/spec/rails_app/config/application.rb +56 -0
data/spec/rails_app/config/boot.rb +4 -0
data/spec/rails_app/config/database.yml +22 -0
data/spec/rails_app/config/environment.rb +5 -0
data/spec/rails_app/config/environments/test.rb +37 -0
data/spec/rails_app/config/initializers/backtrace_silencers.rb +7 -0
data/spec/rails_app/config/initializers/inflections.rb +10 -0
data/spec/rails_app/config/initializers/mime_types.rb +5 -0
data/spec/rails_app/config/initializers/secret_token.rb +7 -0
data/spec/rails_app/config/initializers/session_store.rb +12 -0
data/spec/rails_app/config/locales/en.yml +5 -0
data/spec/rails_app/config/routes.rb +48 -0
data/spec/rails_app/db/migrate/activation/20101224223622_add_activation_to_users.rb +17 -0
data/spec/rails_app/db/migrate/activity_logging/20101224223624_add_activity_logging_to_users.rb +19 -0
data/spec/rails_app/db/migrate/brute_force_protection/20101224223626_add_brute_force_protection_to_users.rb +13 -0
data/spec/rails_app/db/migrate/core/20101224223620_create_users.rb +16 -0
data/spec/rails_app/db/migrate/external/20101224223628_create_authentications_and_user_providers.rb +22 -0
data/spec/rails_app/db/migrate/remember_me/20101224223623_add_remember_me_token_to_users.rb +15 -0
data/spec/rails_app/db/migrate/reset_password/20101224223622_add_reset_password_to_users.rb +13 -0
data/spec/rails_app/db/schema.rb +23 -0
data/spec/rails_app/db/seeds.rb +7 -0
data/spec/shared_examples/user_activation_shared_examples.rb +242 -0
data/spec/shared_examples/user_activity_logging_shared_examples.rb +97 -0
data/spec/shared_examples/user_brute_force_protection_shared_examples.rb +156 -0
data/spec/shared_examples/user_oauth_shared_examples.rb +36 -0
data/spec/shared_examples/user_remember_me_shared_examples.rb +57 -0
data/spec/shared_examples/user_reset_password_shared_examples.rb +263 -0
data/spec/shared_examples/user_shared_examples.rb +467 -0
data/spec/sorcery_crypto_providers_spec.rb +198 -0
data/spec/spec.opts +2 -0
data/spec/spec_helper.rb +41 -0
metadata +350 -0

data/lib/sorcery/protocols/oauth.rb ADDED Viewed

@@ -0,0 +1,42 @@
+require 'oauth'
+module Sorcery
+  module Protocols
+    module Oauth
+      def oauth_version
+        '1.0'
+      end
+      def get_request_token(token=nil,secret=nil)
+        return ::OAuth::RequestToken.new(get_consumer, token, secret) if token && secret
+        get_consumer.get_request_token(oauth_callback: @callback_url)
+      end
+      def authorize_url(args)
+        get_request_token(
+          args[:request_token],
+          args[:request_token_secret]
+        ).authorize_url({
+          oauth_callback: @callback_url
+        })
+      end
+      def get_access_token(args)
+        get_request_token(
+          args[:request_token],
+          args[:request_token_secret]
+        ).get_access_token({
+          oauth_verifier: args[:oauth_verifier]
+        })
+      end
+      protected
+      def get_consumer
+        ::OAuth::Consumer.new(@key, @secret, site: @site)
+      end
+    end
+  end
+end

data/lib/sorcery/protocols/oauth2.rb ADDED Viewed

@@ -0,0 +1,47 @@
+require 'oauth2'
+module Sorcery
+  module Protocols
+    module Oauth2
+      def oauth_version
+        '2.0'
+      end
+      def authorize_url(options = {})
+        client = build_client(options)
+        client.auth_code.authorize_url(
+          redirect_uri: @callback_url,
+          scope: @scope,
+          display: @display,
+          state: @state
+        )
+      end
+      def get_access_token(args, options = {})
+        client = build_client(options)
+        client.auth_code.get_token(
+          args[:code],
+          {
+            redirect_uri: @callback_url,
+            parse: options.delete(:parse)
+          },
+          options
+        )
+      end
+      def build_client(options = {})
+        defaults = {
+          site: @site,
+          ssl: { ca_file: Sorcery::Controller::Config.ca_file }
+        }
+        ::OAuth2::Client.new(
+          @key,
+          @secret,
+          defaults.merge!(options)
+        )
+      end
+    end
+  end
+end

data/lib/sorcery/providers/base.rb ADDED Viewed

@@ -0,0 +1,27 @@
+module Sorcery
+  module Providers
+    class Base
+      attr_reader   :access_token
+      attr_accessor :callback_url, :key, :original_callback_url, :secret,
+                    :site, :state, :user_info_mapping
+      def has_callback?; true; end
+      def initialize
+        @user_info_mapping = {}
+      end
+      def self.name
+        super.gsub(/Sorcery::Providers::/, '').downcase
+      end
+      # Ensure that all descendant classes are loaded before run this
+      def self.descendants
+        ObjectSpace.each_object(Class).select { |klass| klass < self }
+      end
+    end
+  end
+end

data/lib/sorcery/providers/facebook.rb ADDED Viewed

@@ -0,0 +1,63 @@
+module Sorcery
+  module Providers
+    # This class adds support for OAuth with facebook.com.
+    #
+    #   config.facebook.key = <key>
+    #   config.facebook.secret = <secret>
+    #   ...
+    #
+    class Facebook < Base
+      include Protocols::Oauth2
+      attr_reader   :mode, :param_name, :parse
+      attr_accessor :access_permissions, :display, :scope, :token_url,
+                    :user_info_path
+      def initialize
+        super
+        @site           = 'https://graph.facebook.com'
+        @user_info_path = '/me'
+        @scope          = 'email,offline_access'
+        @display        = 'page'
+        @token_url      = 'oauth/access_token'
+        @mode           = :query
+        @parse          = :query
+        @param_name     = 'access_token'
+      end
+      def get_user_hash(access_token)
+        response = access_token.get(user_info_path)
+        {}.tap do |h|
+          h[:user_info] = JSON.parse(response.body)
+          h[:uid] = h[:user_info]['id']
+        end
+      end
+      # calculates and returns the url to which the user should be redirected,
+      # to get authenticated at the external provider's site.
+      def login_url(params, session)
+        authorize_url
+      end
+      # overrides oauth2#authorize_url to allow customized scope.
+      def authorize_url
+        @scope = access_permissions.present? ? access_permissions.join(',') : scope
+        super
+      end
+      # tries to login the user from access token
+      def process_callback(params, session)
+        args = {}.tap do |a|
+          a[:code] = params[:code] if params[:code]
+        end
+        get_access_token(args, token_url: token_url, mode: mode,
+          param_name: param_name, parse: parse)
+      end
+    end
+  end
+end

data/lib/sorcery/providers/github.rb ADDED Viewed

@@ -0,0 +1,51 @@
+module Sorcery
+  module Providers
+    # This class adds support for OAuth with github.com.
+    #
+    #   config.github.key = <key>
+    #   config.github.secret = <secret>
+    #   ...
+    #
+    class Github < Base
+      include Protocols::Oauth2
+      attr_accessor :auth_path, :scope, :token_url, :user_info_path
+      def initialize
+        super
+        @scope          = nil
+        @site           = 'https://github.com/'
+        @user_info_path = 'https://api.github.com/user'
+        @auth_path      = '/login/oauth/authorize'
+        @token_url      = '/login/oauth/access_token'
+      end
+      def get_user_hash(access_token)
+        response = access_token.get(user_info_path)
+        {}.tap do |h|
+          h[:user_info] = JSON.parse(response.body)
+          h[:uid] = h[:user_info]['id']
+        end
+      end
+      # calculates and returns the url to which the user should be redirected,
+      # to get authenticated at the external provider's site.
+      def login_url(params, session)
+        authorize_url({ authorize_url: auth_path })
+      end
+      # tries to login the user from access token
+      def process_callback(params, session)
+        args = {}.tap do |a|
+          a[:code] = params[:code] if params[:code]
+        end
+        get_access_token(args, token_url: token_url, token_method: :post)
+      end
+    end
+  end
+end

data/lib/sorcery/providers/google.rb ADDED Viewed

@@ -0,0 +1,51 @@
+module Sorcery
+  module Providers
+    # This class adds support for OAuth with google.com.
+    #
+    #   config.google.key = <key>
+    #   config.google.secret = <secret>
+    #   ...
+    #
+    class Google < Base
+      include Protocols::Oauth2
+      attr_accessor :auth_url, :scope, :token_url, :user_info_url
+      def initialize
+        super
+        @site          = 'https://accounts.google.com'
+        @auth_url      = '/o/oauth2/auth'
+        @token_url     = '/o/oauth2/token'
+        @user_info_url = 'https://www.googleapis.com/oauth2/v1/userinfo'
+        @scope         = 'https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/userinfo.profile'
+      end
+      def get_user_hash(access_token)
+        response = access_token.get(user_info_url)
+        {}.tap do |h|
+          h[:user_info] = JSON.parse(response.body)
+          h[:uid] = h[:user_info]['id']
+        end
+      end
+      # calculates and returns the url to which the user should be redirected,
+      # to get authenticated at the external provider's site.
+      def login_url(params, session)
+        authorize_url({ authorize_url: auth_url })
+      end
+      # tries to login the user from access token
+      def process_callback(params, session)
+        args = {}.tap do |a|
+          a[:code] = params[:code] if params[:code]
+        end
+        get_access_token(args, token_url: token_url, token_method: :post)
+      end
+    end
+  end
+end

data/lib/sorcery/providers/jira.rb ADDED Viewed

@@ -0,0 +1,77 @@
+module Sorcery
+  module Providers
+    # This class adds support for OAuth with Jira
+    #
+    #   config.jira.key = <key>
+    #   config.jira.secret = <secret>
+    #   ...
+    #
+    class Jira < Base
+      include Protocols::Oauth
+      attr_accessor :access_token_path, :authorize_path, :request_token_path,
+                    :user_info_path, :site, :signature_method, :private_key_file, :callback_url
+      def initialize
+        @configuration = {
+            authorize_path: '/authorize',
+            request_token_path: '/request-token',
+            access_token_path: '/access-token'
+        }
+        @user_info_path = '/users/me'
+      end
+      # Override included get_consumer method to provide authorize_path
+      #read extra configurations
+      def get_consumer
+        @configuration = @configuration.merge({
+            site: site,
+            signature_method: signature_method,
+            consumer_key: key,
+            private_key_file: private_key_file
+        })
+        ::OAuth::Consumer.new(@key, @secret, @configuration)
+      end
+      def get_user_hash(access_token)
+        response = access_token.get(user_info_path)
+        {}.tap do |h|
+          h[:user_info] = JSON.parse(response.body)['users'].first
+          h[:uid] = user_hash[:user_info]['id'].to_s
+        end
+      end
+      # calculates and returns the url to which the user should be redirected,
+      # to get authenticated at the external provider's site.
+      def login_url(params, session)
+        req_token = get_request_token
+        session[:request_token]         = req_token.token
+        session[:request_token_secret]  = req_token.secret
+        #it was like that -> redirect_to authorize_url({ request_token: req_token.token, request_token_secret: req_token.secret })
+        #for some reason Jira does not need these parameters
+        get_request_token(
+          session[:request_token],
+          session[:request_token_secret]
+        ).authorize_url
+      end
+      # tries to login the user from access token
+      def process_callback(params, session)
+        args = {
+          oauth_verifier:       params[:oauth_verifier],
+          request_token:        session[:request_token],
+          request_token_secret: session[:request_token_secret]
+        }
+        args.merge!({ code: params[:code] }) if params[:code]
+        get_access_token(args)
+      end
+    end
+  end
+end

data/lib/sorcery/providers/linkedin.rb ADDED Viewed

@@ -0,0 +1,66 @@
+module Sorcery
+  module Providers
+    # This class adds support for OAuth with Linkedin.com.
+    #
+    #   config.linkedin.key = <key>
+    #   config.linkedin.secret = <secret>
+    #   ...
+    #
+    class Linkedin < Base
+      include Protocols::Oauth
+      attr_accessor :authorize_path, :access_permissions, :access_token_path,
+                    :request_token_path, :user_info_fields, :user_info_path
+      def initialize
+        @configuration = {
+          site: 'https://api.linkedin.com',
+          authorize_path: '/uas/oauth/authenticate',
+          request_token_path: '/uas/oauth/requestToken',
+          access_token_path: '/uas/oauth/accessToken'
+        }
+        @user_info_path = '/v1/people/~'
+      end
+      # Override included get_consumer method to provide authorize_path
+      def get_consumer
+        # Add access permissions to request token path
+        @configuration[:request_token_path] += '?scope=' + access_permissions.join('+') unless access_permissions.blank? or @configuration[:request_token_path].include? '?scope='
+        ::OAuth::Consumer.new(@key, @secret, @configuration)
+      end
+      def get_user_hash(access_token)
+        fields = self.user_info_fields.join(',')
+        response = access_token.get("#{@user_info_path}:(#{fields})", 'x-li-format' => 'json')
+        {}.tap do |h|
+          h[:user_info] = JSON.parse(response.body)
+          h[:uid] = h[:user_info]['id'].to_s
+        end
+      end
+      # calculates and returns the url to which the user should be redirected,
+      # to get authenticated at the external provider's site.
+      def login_url(params, session)
+        req_token = get_request_token
+        session[:request_token]         = req_token.token
+        session[:request_token_secret]  = req_token.secret
+        authorize_url({ request_token: req_token.token, request_token_secret: req_token.secret })
+      end
+      # tries to login the user from access token
+      def process_callback(params, session)
+        args = {
+          oauth_verifier:       params[:oauth_verifier],
+          request_token:        session[:request_token],
+          request_token_secret: session[:request_token_secret]
+        }
+        args.merge!({ code: params[:code] }) if params[:code]
+        get_access_token(args)
+      end
+    end
+  end
+end

data/lib/sorcery/providers/liveid.rb ADDED Viewed

@@ -0,0 +1,53 @@
+module Sorcery
+  module Providers
+    # This class adds support for OAuth with microsoft liveid.
+    #
+    #   config.liveid.key = <key>
+    #   config.liveid.secret = <secret>
+    #   ...
+    #
+    class Liveid < Base
+      include Protocols::Oauth2
+      attr_accessor :auth_url, :token_path, :user_info_url, :scope
+      def initialize
+        super
+        @site           = 'https://oauth.live.com/'
+        @auth_url       = '/authorize'
+        @token_path     = '/token'
+        @user_info_url  = 'https://apis.live.net/v5.0/me'
+        @scope          = 'wl.basic wl.emails wl.offline_access'
+      end
+      def get_user_hash(access_token)
+        access_token.token_param = 'access_token'
+        response = access_token.get(user_info_url)
+        {}.tap do |h|
+          h[:user_info] = JSON.parse(response.body)
+          h[:uid] = h[:user_info]['id']
+        end
+      end
+      # calculates and returns the url to which the user should be redirected,
+      # to get authenticated at the external provider's site.
+      def login_url(params, session)
+        self.authorize_url({ authorize_url: auth_url })
+      end
+      # tries to login the user from access token
+      def process_callback(params, session)
+        args = {}.tap do |a|
+          a[:code] = params[:code] if params[:code]
+        end
+        get_access_token(args, access_token_path: token_path,
+          access_token_method: :post)
+      end
+    end
+  end
+end