contour 0.0.0 → 0.1.1

data/app/views/devise/passwords/edit.html.erb

@@ -0,0 +1,16 @@
+<h2>Change your password</h2>
+
+<%= form_for(resource, :as => resource_name, :url => password_path(resource_name), :html => { :method => :put }) do |f| %>
+  <%= devise_error_messages! %>
+  <%= f.hidden_field :reset_password_token %>
+
+  <p><%= f.label :password %><br />
+  <%= f.password_field :password %></p>
+
+  <p><%= f.label :password_confirmation %><br />
+  <%= f.password_field :password_confirmation %></p>
+
+  <p><%= f.submit "Change my password" %></p>
+<% end %>
+
+<%= render :partial => "devise/shared/links" %>

data/app/views/devise/passwords/new.html.erb

@@ -0,0 +1,12 @@
+<h2>Forgot your password?</h2>
+
+<%= form_for(resource, :as => resource_name, :url => password_path(resource_name), :html => { :method => :post }) do |f| %>
+  <%= devise_error_messages! %>
+
+  <p><%= f.label :email %><br />
+  <%= f.text_field :email %></p>
+
+  <p><%= f.submit "Send me reset password instructions" %></p>
+<% end %>
+
+<%= render :partial => "devise/shared/links" %>

data/contour.gemspec

@@ -0,0 +1,27 @@
+# Compiling the Gem
+# gem build contour.gemspec
+# [sudo] gem install ./contour-x.x.x.gem
+#
+# gem push contour-x.x.x.gem
+# gem list -r contour
+# gem install contour
+
+$:.push File.expand_path("../lib", __FILE__)
+require "contour/version"
+
+Gem::Specification.new do |s|
+  s.name = "contour"
+  s.version = Contour::VERSION.dup
+  s.platform = Gem::Platform::RUBY
+  s.summary = "Basic Rails framework files and assets for layout and authentication"
+  s.email = "remosm@gmail.com"
+  s.homepage = "https://github.com/remomueller"
+  s.authors = ["Remo Mueller"]
+  s.description = "Basic Rails Framework files and assets for layout and authentication"
+
+  # s.add_development_dependency "rails",   "~> 3.0"
+  s.add_dependency("devise", "~> 1.3.4")
+  s.add_dependency("omniauth", "~> 0.2.6")
+  
+  s.files = `git ls-files`.split("\n")
+end

data/lib/contour.rb

@@ -1,5 +1,41 @@
+require 'contour/engine' if defined?(Rails)
 require 'contour/version'
 
 module Contour
+  # Default Application Name
+  mattr_accessor :application_name
+  @@application_name = nil
+
+  # Default Application Version
+  mattr_accessor :application_version
+  @@application_version = nil
+
+  # Default Application Version
+  mattr_accessor :header_background_image
+  @@header_background_image = 'rails.png'
+  
+  # Default Application Version
+  mattr_accessor :header_title_image
+  @@header_title_image = nil
   
+  # Default Menu Items
+  mattr_accessor :menu_items
+  @@menu_items = [
+    {
+      :name => 'Login', :id => 'auth', :display => 'not_signed_in', :position => 'right', :position_class => 'right',
+      :links => [{:name => 'Login', :path => 'new_user_session_path'}, {:html => "<hr>"}, {:name => 'Sign Up', :path => 'new_user_registration_path'}]
+    },
+    {
+      :name => 'current_user.name', :eval => true, :id => 'auth', :display => 'signed_in', :position => 'right', :position_class => 'right',
+      :links => [{:html => '"<div style=\"white-space:nowrap\">"+current_user.name+"</div>"', :eval => true}, {:html => '"<div class=\"small quiet\">"+current_user.email+"</div>"', :eval => true}, {:name => 'Authentications', :path => 'authentications_path'}, {:html => "<hr>"}, {:name => 'Logout', :path => 'destroy_user_session_path'}]
+    },
+    {
+      :name => 'Home', :id => 'home', :display => 'always', :position => 'left', :position_class => 'left',
+      :links => [{:name => 'Home', :path => 'root_path'}, {:html => "<hr>"}, {:name => 'About', :path => 'about_path'}]
+    }
+  ]
+    
+  def self.setup
+    yield self
+  end
 end

data/lib/contour/engine.rb

@@ -0,0 +1,8 @@
+require "contour"
+require "rails"
+
+module Contour
+  class Engine < Rails::Engine
+    engine_name :contour
+  end
+end

data/lib/contour/version.rb

@@ -1,3 +1,3 @@
 module Contour
-  VERSION = "0.0.0"
+  VERSION = "0.1.1"
 end

data/lib/generators/contour/install_generator.rb

@@ -0,0 +1,38 @@
+module Contour
+  module Generators
+    class InstallGenerator < Rails::Generators::Base
+      source_root File.expand_path("../../templates", __FILE__)
+
+      desc "Creates a Contour initializer"
+      class_option :orm
+
+      def copy_initializer
+        template "contour.rb", "config/initializers/contour.rb"
+      end
+
+      def copy_devise
+        template "devise.rb", "config/initializers/devise.rb"
+      end
+
+      def copy_omniauth
+        template "omniauth.rb", "config/initializers/omniauth.rb"
+      end
+
+      def copy_omniauth_fix
+        template "omniauth_fix.rb", "config/initializers/omniauth_fix.rb"
+      end
+      
+      def copy_rack_fix
+        template "rack_fix.rb", "config/initializers/rack_fix.rb"
+      end
+      
+      # def copy_locale
+      #   copy_file "../../../config/locales/en.yml", "config/locales/contour.en.yml"
+      # end
+      # 
+      # def show_readme
+      #   readme "README" if behavior == :invoke
+      # end
+    end
+  end
+end

data/lib/generators/templates/contour.rb

@@ -0,0 +1,30 @@
+# Use to configure basic appearance of template
+Contour.setup do |config|
+  
+  # Enter your application name here. The name will be displayed in the title of all pages, ex: AppName - PageTitle
+  # config.application_name = ''
+  
+  # Enter your application version here. Do not include a trailing backslash. Recommend using a predefined constant
+  # config.application_version = ''
+  
+  # Enter your application header background image here.
+  # config.header_background_image = 'rails.png'
+
+  # Enter your application header title image here.
+  # config.header_title_image = ''
+  
+  # Enter the items you wish to see in the menu
+  # config.menu_items = [{
+  #   :name => 'Login', :id => 'auth', :display => 'not_signed_in', :position => 'right', :position_class => 'right',
+  #   :links => [{:name => 'Login', :path => 'new_user_session_path'}, {:html => "<hr>"}, {:name => 'Sign Up', :path => 'new_user_registration_path'}]
+  # },
+  # {
+  #   :name => 'current_user.name', :eval => true, :id => 'auth', :display => 'signed_in', :position => 'right', :position_class => 'right',
+  #   :links => [{:html => '"<div style=\"white-space:nowrap\">"+current_user.name+"</div>"', :eval => true}, {:html => '"<div class=\"small quiet\">"+current_user.email+"</div>"', :eval => true}, {:name => 'Authentications', :path => 'authentications_path'}, {:html => "<hr>"}, {:name => 'Logout', :path => 'destroy_user_session_path'}]
+  # },
+  # {
+  #   :name => 'Home', :id => 'home', :display => 'always', :position => 'left', :position_class => 'left',
+  #   :links => [{:name => 'Home', :path => 'root_path'}, {:html => "<hr>"}, {:name => 'About', :path => 'about_path'}]
+  # }]
+  
+end

data/lib/generators/templates/devise.rb

@@ -0,0 +1,153 @@
+# Use this hook to configure devise mailer, warden hooks and so forth. The first
+# four configuration values can also be set straight in your models.
+Devise.setup do |config|
+  # ==> Mailer Configuration
+  # Configure the e-mail address which will be shown in DeviseMailer.
+  config.mailer_sender = "please-change-me@config-initializers-devise.com"
+
+  # Configure the class responsible to send e-mails.
+  # config.mailer = "Devise::Mailer"
+
+  # ==> ORM configuration
+  # Load and configure the ORM. Supports :active_record (default) and
+  # :mongoid (bson_ext recommended) by default. Other ORMs may be
+  # available as additional gems.
+  require 'devise/orm/active_record'
+
+  # ==> Configuration for any authentication mechanism
+  # Configure which keys are used when authenticating an user. By default is
+  # just :email. You can configure it to use [:username, :subdomain], so for
+  # authenticating an user, both parameters are required. Remember that those
+  # parameters are used only when authenticating and not when retrieving from
+  # session. If you need permissions, you should implement that in a before filter.
+  # config.authentication_keys = [ :email ]
+
+  # Tell if authentication through request.params is enabled. True by default.
+  # config.params_authenticatable = true
+
+  # Tell if authentication through HTTP Basic Auth is enabled. True by default.
+  # config.http_authenticatable = true
+
+  # Set this to true to use Basic Auth for AJAX requests.  True by default.
+  # config.http_authenticatable_on_xhr = true
+
+  # The realm used in Http Basic Authentication
+  # config.http_authentication_realm = "Application"
+
+  # ==> Configuration for :database_authenticatable
+  # For bcrypt, this is the cost for hashing the password and defaults to 10. If
+  # using other encryptors, it sets how many times you want the password re-encrypted.
+  config.stretches = Rails.env.test? ? 1 : 10
+
+  # Define which will be the encryption algorithm. Devise also supports encryptors
+  # from others authentication tools as :clearance_sha1, :authlogic_sha512 (then
+  # you should set stretches above to 20 for default behavior) and :restful_authentication_sha1
+  # (then you should set stretches to 10, and copy REST_AUTH_SITE_KEY to pepper)
+  config.encryptor = :bcrypt
+
+  # Setup a pepper to generate the encrypted password.
+  config.pepper = "c4ee59fb687661675e930b1394e179db1bbe9147766f161a450e5f6dcdd4110195c0496be28b5321f68a29a2c6fb5728db87b32779231dae57b4c93460406e16"
+
+  # ==> Configuration for :confirmable
+  # The time you want to give your user to confirm his account. During this time
+  # he will be able to access your application without confirming. Default is nil.
+  # When confirm_within is zero, the user won't be able to sign in without confirming. 
+  # You can use this to let your user access some features of your application 
+  # without confirming the account, but blocking it after a certain period 
+  # (ie 2 days). 
+  # config.confirm_within = 2.days
+
+  # ==> Configuration for :rememberable
+  # The time the user will be remembered without asking for credentials again.
+  # config.remember_for = 2.weeks
+
+  # If true, a valid remember token can be re-used between multiple browsers.
+  # config.remember_across_browsers = true
+
+  # If true, extends the user's remember period when remembered via cookie.
+  # config.extend_remember_period = false
+
+  # ==> Configuration for :validatable
+  # Range for password length
+  # config.password_length = 6..20
+
+  # Regex to use to validate the email address
+  # config.email_regexp = /^([\w\.%\+\-]+)@([\w\-]+\.)+([\w]{2,})$/i
+
+  # ==> Configuration for :timeoutable
+  # The time you want to timeout the user session without activity. After this
+  # time the user will be asked for credentials again.
+  config.timeout_in = 8.hours
+
+  # ==> Configuration for :lockable
+  # Defines which strategy will be used to lock an account.
+  # :failed_attempts = Locks an account after a number of failed attempts to sign in.
+  # :none            = No lock strategy. You should handle locking by yourself.
+  # config.lock_strategy = :failed_attempts
+
+  # Defines which strategy will be used to unlock an account.
+  # :email = Sends an unlock link to the user email
+  # :time  = Re-enables login after a certain amount of time (see :unlock_in below)
+  # :both  = Enables both strategies
+  # :none  = No unlock strategy. You should handle unlocking by yourself.
+  # config.unlock_strategy = :both
+
+  # Number of authentication tries before locking an account if lock_strategy
+  # is failed attempts.
+  # config.maximum_attempts = 20
+
+  # Time interval to unlock the account if :time is enabled as unlock_strategy.
+  # config.unlock_in = 1.hour
+
+  # ==> Configuration for :token_authenticatable
+  # Defines name of the authentication token params key
+  # config.token_authentication_key = :auth_token
+
+  # ==> Scopes configuration
+  # Turn scoped views on. Before rendering "sessions/new", it will first check for
+  # "users/sessions/new". It's turned off by default because it's slower if you
+  # are using only default views.
+  # config.scoped_views = true
+
+  # Configure the default scope given to Warden. By default it's the first
+  # devise role declared in your routes.
+  # config.default_scope = :user
+
+  # Configure sign_out behavior. 
+  # By default sign_out is scoped (i.e. /users/sign_out affects only :user scope).
+  # In case of sign_out_all_scopes set to true any logout action will sign out all active scopes.
+  # config.sign_out_all_scopes = false
+
+  # ==> Navigation configuration
+  # Lists the formats that should be treated as navigational. Formats like
+  # :html, should redirect to the sign in page when the user does not have
+  # access, but formats like :xml or :json, should return 401.
+  # If you have any extra navigational formats, like :iphone or :mobile, you
+  # should add them to the navigational formats lists. Default is [:html]
+  # config.navigational_formats = [:html, :iphone]
+
+  # ==> Warden configuration
+  # If you want to use other strategies, that are not (yet) supported by Devise,
+  # you can configure them inside the config.warden block. The example below
+  # allows you to setup OAuth, using http://github.com/roman/warden_oauth
+  #
+  # config.warden do |manager|
+  #   manager.oauth(:twitter) do |twitter|
+  #     twitter.consumer_secret = <YOUR CONSUMER SECRET>
+  #     twitter.consumer_key  = <YOUR CONSUMER KEY>
+  #     twitter.options :site => 'http://twitter.com'
+  #   end
+  #   manager.default_strategies(:scope => :user).unshift :twitter_oauth
+  # end
+end
+
+module Devise
+  class FailureApp < ActionController::Metal
+    def http_auth
+      self.status = 403
+      self.headers["WWW-Authenticate"] = %(Basic realm=#{Devise.http_authentication_realm.inspect})
+      self.content_type = request.format.to_s
+      self.response_body = http_auth_body
+    end
+  end
+end

data/lib/generators/templates/omniauth.rb

@@ -0,0 +1,22 @@
+require 'openid/store/filesystem'
+Rails.application.config.middleware.use OmniAuth::Builder do
+  provider :google_apps, OpenID::Store::Filesystem.new('/tmp')
+  provider :twitter, 'CONSUMER_KEY', 'CONSUMER_SECRET'
+  provider :facebook, 'APP_ID', 'APP_SECRET'
+  provider :linked_in, 'CONSUMER_KEY', 'CONSUMER_SECRET'
+  provider :open_id, OpenID::Store::Filesystem.new('/tmp')
+  provider :CAS, :cas_server => 'https://www.example.com/cas'
+  provider :LDAP, :host => 'ldap.example.com', :port => 389, :method => :simple, :base => 'cn=users,dc=example,dc=com', :uid => 'sAMAccountName', :try_sasl => true, :sasl_mechanisms => "GSS-SPNEGO", :domain => ''
+end
+
+# This list will show the first choice as the default, and the rest as potential secondary login methods.
+PROVIDERS = [:google_apps, :twitter, :facebook, :linked_in, :open_id, :CAS, :LDAP]
+
+# LDAP
+# :port (required) - The LDAP server port.
+# :method (required) - May be :plain, :ssl, or :tls.
+# :base (required) - The distinguished name (DN) for your organization; all users should be searchable under this base.
+# :uid (required) - The LDAP attribute name for the user name in the login form. Typically AD would be 'sAMAccountName' or 'UniquePersonalIdentifier', while OpenLDAP is 'uid'. You can also use 'dn' for the user to put in the dn in the login form (but usually is too long for user to remember or know).
+# :try_sasl - Try to use SASL connection to server.
+# :sasl_mechanisms - Mechanisms supported are 'DIGEST-MD5' and 'GSS-SPNEGO'
+# :domain - Enter to keep users from having to enter the LDAP domain, usually in the form domain\username. Backslash will be appended automatically.

data/lib/generators/templates/omniauth_fix.rb

@@ -0,0 +1,98 @@
+module OmniAuth
+  module Strategies
+    class LDAP
+      
+      def initialize(app, options = {}, &block)
+        super(app, options[:name] || :ldap, options.dup, &block)
+        @name_proc = (@options.delete(:name_proc) || Proc.new {|name| name})
+        @adaptor = OmniAuth::Strategies::LDAP::Adaptor.new(options)
+        @domain = options[:domain] # Added
+      end
+      
+      protected
+      
+      # Reroutes directly to callback_phase instead of redirecting to callback_path
+      # TODO: Possibility that this could be removed in the future.
+      def request_phase
+        Rails.logger.info "Request Phase Hook"
+        if env['REQUEST_METHOD'] == 'GET'
+          get_credentials
+        else
+          session['omniauth.ldap'] = {'username' => request['username'], 'password' => request['password']}
+          if true
+            Rails.logger.info "Skipping Redirect"
+            callback_phase # Added
+          else
+            redirect callback_path
+          end
+        end
+      end
+      
+      # Includes addition of a "domain"
+      def callback_phase
+        begin
+          creds = session['omniauth.ldap']
+          session.delete 'omniauth.ldap'
+          @ldap_user_info = {}
+          begin
+            creds['username'] = @domain.to_s + '\\' + creds['username'] unless @domain.blank?
+            @adaptor.bind(:bind_dn => creds['username'], :password => creds['password'])
+          rescue Exception => e
+            Rails.logger.info "Exception #{e.inspect}"
+            Rails.logger.info "failed to bind with the default credentials: " + e.message
+            return fail!(:invalid_credentials, e)
+          end
+          
+          @ldap_user_info = @adaptor.search(:base => @adaptor.base, :filter => Net::LDAP::Filter.eq(@adaptor.uid, creds['username'].split('\\').last.to_s),:limit => 1)
+          @ldap_user_info.each do |key, val|
+            @ldap_user_info[key] = val.first if val.class == Array and val.size == 1
+          end
+          
+          @user_info = self.class.map_user(@@config, @ldap_user_info)
+
+          @env['REQUEST_METHOD'] = 'GET'
+          # @env['PATH_INFO'] = callback_path
+          @env['PATH_INFO'] = "#{OmniAuth.config.path_prefix.split('/').last}/#{name}/callback"
+          
+          @env['omniauth.auth'] = {'provider' => 'ldap', 'uid' => @user_info['uid'], 'user_info' => @user_info, 'bla' => 5}
+        rescue Exception => e
+          Rails.logger.info "Exception #{e.inspect}"
+          return fail!(:invalid_credentials, e)
+        end
+        
+        call_app!
+      end
+      
+      def self.map_user mapper, object
+        user = {}
+        mapper.each do |key, value|
+          case value
+            when String
+              if object[value.downcase.to_sym]
+                if object[value.downcase.to_sym].kind_of?(Array)
+                  user[key] = object[value.downcase.to_sym].join(', ')
+                else
+                  user[key] = object[value.downcase.to_sym].to_s 
+                end
+              end
+            when Array
+              # value.each {|v| (user[key] = object[v.downcase.to_sym].to_s; break;) if object[v.downcase.to_sym]}
+              value.each {|v| (user[key] = object[v.downcase.to_sym].join(', '); break;) if object[v.downcase.to_sym]}
+            when Hash
+              value.map do |key1, value1|
+                pattern = key1.dup
+                value1.each_with_index do |v,i|
+                  part = '';
+                  v.each {|v1| (part = object[v1.downcase.to_sym].to_s; break;) if object[v1.downcase.to_sym]}
+                  pattern.gsub!("%#{i}",part||'') 
+                end 
+                user[key] = pattern
+              end
+            end
+          end
+        user
+      end
+      
+    end
+  end
+end