crowd-stefanwille 0.5.10 → 0.5.11
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/.gitignore +4 -1
- data/History.txt +5 -2
- data/Rakefile +1 -1
- data/crowd-stefanwille.gemspec +2 -5
- data/lib/crowd.rb +52 -49
- data/lib/crowd/version.rb +1 -1
- data/spec/crowd_spec.rb +5 -1
- metadata +4 -7
- data/lib/crowd/http/request.rb +0 -6
- data/lib/crowd/http/response.rb +0 -5
- data/lib/crowd/http/sso.rb +0 -101
data/.gitignore
CHANGED
data/History.txt
CHANGED
@@ -1,6 +1,9 @@
|
|
1
1
|
|
2
|
-
== 0.5.
|
3
|
-
|
2
|
+
== 0.5.11 / 2010-07-26
|
3
|
+
* 0.5.11
|
4
|
+
* add Crowd.crowd_cookie_tokenkey for SSO
|
5
|
+
* add Crowd.crowd_validation_factors_need_user_agent for SSO
|
6
|
+
* add Crowd.get_cookie_info
|
4
7
|
* 0.5.10
|
5
8
|
* fixed bug in validation factor serialization
|
6
9
|
* 0.5.9
|
data/Rakefile
CHANGED
@@ -33,7 +33,7 @@ begin
|
|
33
33
|
gemspec.name = "crowd-stefanwille"
|
34
34
|
gemspec.version = Crowd::Version::STRING
|
35
35
|
gemspec.summary = "Ruby client for Atlassian Crowd 2.0"
|
36
|
-
gemspec.description = "A client for Atlassian
|
36
|
+
gemspec.description = "A client for Atlassian Crowd v2.0. Tested with Crowd 2.0.2 and 2.0.5."
|
37
37
|
gemspec.email = "post @nospam@ stefanwille.com"
|
38
38
|
gemspec.homepage = "http://github.com/stefanwille/crowd"
|
39
39
|
gemspec.authors = ["Stefan Wille", "Evgeny Zislis", "Jason Rimmer & Daniel Morrison"]
|
data/crowd-stefanwille.gemspec
CHANGED
@@ -5,12 +5,12 @@
|
|
5
5
|
|
6
6
|
Gem::Specification.new do |s|
|
7
7
|
s.name = %q{crowd-stefanwille}
|
8
|
-
s.version = "0.5.
|
8
|
+
s.version = "0.5.11"
|
9
9
|
|
10
10
|
s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
|
11
11
|
s.authors = ["Stefan Wille", "Evgeny Zislis", "Jason Rimmer & Daniel Morrison"]
|
12
12
|
s.date = %q{2010-07-26}
|
13
|
-
s.description = %q{A client for Atlassian
|
13
|
+
s.description = %q{A client for Atlassian Crowd v2.0. Tested with Crowd 2.0.2 and 2.0.5.}
|
14
14
|
s.email = %q{post @nospam@ stefanwille.com}
|
15
15
|
s.extra_rdoc_files = [
|
16
16
|
"README.rdoc"
|
@@ -23,9 +23,6 @@ Gem::Specification.new do |s|
|
|
23
23
|
"crowd-stefanwille.gemspec",
|
24
24
|
"demo/crowd_demo.rb",
|
25
25
|
"lib/crowd.rb",
|
26
|
-
"lib/crowd/http/request.rb",
|
27
|
-
"lib/crowd/http/response.rb",
|
28
|
-
"lib/crowd/http/sso.rb",
|
29
26
|
"lib/crowd/soap/SecurityServerClient.rb",
|
30
27
|
"lib/crowd/soap/crowd-2.0.5.wsdl",
|
31
28
|
"lib/crowd/soap/default.rb",
|
data/lib/crowd.rb
CHANGED
@@ -31,6 +31,8 @@ class Crowd
|
|
31
31
|
@@crowd_app_name = nil
|
32
32
|
@@crowd_app_pword = nil
|
33
33
|
@@crowd_url = nil
|
34
|
+
@@crowd_validation_factors_need_user_agent = false
|
35
|
+
@@crowd_cookie_tokenkey = 'crowd.token_key'
|
34
36
|
@@crowd_session_tokenkey = 'session.tokenkey'
|
35
37
|
@@crowd_session_validationinterval = 0
|
36
38
|
@@crowd_session_lastvalidation = 'session.lastvalidation'
|
@@ -41,45 +43,46 @@ class Crowd
|
|
41
43
|
# Configuration
|
42
44
|
#
|
43
45
|
|
44
|
-
|
45
|
-
The URL to use when connecting with the integration libraries to communicate with the Crowd server.
|
46
|
-
'''
|
46
|
+
# The URL to use when connecting with the integration libraries to communicate with the Crowd server.
|
47
47
|
def self.crowd_url=(value); @@crowd_url = value; end
|
48
48
|
|
49
|
-
|
50
|
-
|
51
|
-
This needs to match the name you specified in Crowd server.
|
52
|
-
'''
|
49
|
+
# The name that the application will use when authenticating with the Crowd server.
|
50
|
+
# This needs to match the name you specified in Crowd server.
|
53
51
|
def self.crowd_app_name=(value); @@crowd_app_name = value; end
|
54
52
|
|
55
|
-
|
56
|
-
|
57
|
-
This needs to match the password you specified in Crowd server.
|
58
|
-
'''
|
53
|
+
# The password that the application will use when authenticating with the Crowd server.
|
54
|
+
# This needs to match the password you specified in Crowd server.
|
59
55
|
def self.crowd_app_pword=(value); @@crowd_app_pword = value; end
|
60
56
|
|
61
57
|
#
|
62
58
|
# Relevant for SSO:
|
63
59
|
#
|
60
|
+
|
61
|
+
# This configuration depends on the Crowd java client library version that your other applications use.
|
62
|
+
# For crowd-integration-client-2.0.2.jar this needs to be 'true',
|
63
|
+
# for crowd-integration-client-2.0.5.jar this needs to be 'false'.
|
64
|
+
#
|
65
|
+
# Default is false.
|
66
|
+
def self.crowd_validation_factors_need_user_agent=(value); @@crowd_validation_factors_need_user_agent = value; end
|
64
67
|
|
65
|
-
|
66
|
-
|
67
|
-
|
68
|
-
'''
|
68
|
+
# The number of minutes to cache authentication validation in the session.
|
69
|
+
# If this value is set to 0, each HTTP request will be authenticated with the Crowd server.
|
70
|
+
# The default is 0.
|
69
71
|
def self.crowd_session_validationinterval=(value); @@crowd_session_validationinterval = value; end
|
70
72
|
|
71
|
-
|
72
|
-
|
73
|
-
|
74
|
-
|
73
|
+
# The cookie key to use when creating or reading the SSO token.
|
74
|
+
# Has a good default.
|
75
|
+
def self.crowd_cookie_tokenkey=(value); @@crowd_cookie_tokenkey = value; end
|
76
|
+
|
77
|
+
# The session key to use when storing a String value of the users authentication token.
|
78
|
+
# Has a good default.
|
75
79
|
def self.crowd_session_tokenkey=(value); @@crowd_session_tokenkey = value; end
|
76
80
|
|
77
|
-
|
78
|
-
|
79
|
-
Has a good default.
|
80
|
-
'''
|
81
|
+
# The session key to use when storing a timestamp of the users last authentication.
|
82
|
+
# Has a good default.
|
81
83
|
def self.crowd_session_lastvalidation=(value); @@crowd_session_lastvalidation = value; end
|
82
84
|
|
85
|
+
|
83
86
|
# for testing
|
84
87
|
def self.application_token=(value); @@application_token = value; end
|
85
88
|
def self.application_token; @@application_token; end
|
@@ -87,7 +90,9 @@ class Crowd
|
|
87
90
|
def self.crowd_app_name; @@crowd_app_name; end
|
88
91
|
def self.crowd_app_pword; @@crowd_app_pword; end
|
89
92
|
|
93
|
+
def self.crowd_validation_factors_need_user_agent; @@crowd_validation_factors_need_user_agent; end
|
90
94
|
def self.crowd_session_tokenkey; @@crowd_session_tokenkey; end
|
95
|
+
def self.crowd_cookie_tokenkey; @@crowd_cookie_tokenkey; end
|
91
96
|
def self.crowd_session_validationinterval; @@crowd_session_validationinterval; end
|
92
97
|
def self.crowd_session_lastvalidation; @@crowd_session_lastvalidation; end
|
93
98
|
|
@@ -107,7 +112,6 @@ class Crowd
|
|
107
112
|
# Public methods
|
108
113
|
#
|
109
114
|
|
110
|
-
##
|
111
115
|
# Authenticates an application client to the Crowd security server.
|
112
116
|
def self.authenticate_application(validation_factors = {})
|
113
117
|
pword = PasswordCredential.new(@@crowd_app_pword, false)
|
@@ -122,9 +126,10 @@ class Crowd
|
|
122
126
|
@@application_token = response.out
|
123
127
|
end
|
124
128
|
|
125
|
-
##
|
126
129
|
# Authenticates a principal verses the calling who is in the application's assigned directory.
|
127
130
|
#
|
131
|
+
# Validation factors are essential for SSO interoperable with Atlassian's Java client library.
|
132
|
+
#
|
128
133
|
# To use SSO, set:
|
129
134
|
# validation_factors = { 'USER_AGENT' => '...', 'REMOTE_ADDRESS' => '...' }
|
130
135
|
# for proxy users { 'X_FORWARDED_FOR" => '...' } might be useful as well.
|
@@ -158,7 +163,6 @@ class Crowd
|
|
158
163
|
end
|
159
164
|
|
160
165
|
|
161
|
-
##
|
162
166
|
# Authenticates a principal without validating a password.
|
163
167
|
def self.create_principal_token(username, validation_factors = {})
|
164
168
|
response = authenticated_connection do
|
@@ -169,7 +173,6 @@ class Crowd
|
|
169
173
|
response.out
|
170
174
|
end
|
171
175
|
|
172
|
-
##
|
173
176
|
# Checks if the principal's current token is still valid.
|
174
177
|
def self.is_valid_principal_token?(principal_token, validation_factors = {})
|
175
178
|
response = authenticated_connection do
|
@@ -186,8 +189,7 @@ class Crowd
|
|
186
189
|
end
|
187
190
|
end
|
188
191
|
|
189
|
-
|
190
|
-
# Add Principal
|
192
|
+
# Add principal to the crowd directory.
|
191
193
|
def self.add_principal(username, password, description, is_active, attributes)
|
192
194
|
response = authenticated_connection do
|
193
195
|
|
@@ -221,8 +223,7 @@ class Crowd
|
|
221
223
|
end
|
222
224
|
end
|
223
225
|
|
224
|
-
|
225
|
-
# Find Principal via username
|
226
|
+
# Find principal via username.
|
226
227
|
def self.find_principal_by_username(username)
|
227
228
|
response = authenticated_connection do
|
228
229
|
arg = FindPrincipalByName.new(@@application_token, username)
|
@@ -241,8 +242,7 @@ class Crowd
|
|
241
242
|
raise AuthenticationObjectNotFoundException, e
|
242
243
|
end
|
243
244
|
|
244
|
-
|
245
|
-
# Find Principal via token
|
245
|
+
# Find principal via token.
|
246
246
|
def self.find_principal_by_token(token)
|
247
247
|
response = authenticated_connection do
|
248
248
|
arg = FindPrincipalByToken.new(@@application_token, token)
|
@@ -264,8 +264,7 @@ class Crowd
|
|
264
264
|
raise AuthenticationException, e.message
|
265
265
|
end
|
266
266
|
|
267
|
-
|
268
|
-
# Invalidate Principal Token
|
267
|
+
# Invalidate principal token.
|
269
268
|
def self.invalidate_principal_token(token)
|
270
269
|
response = authenticated_connection do
|
271
270
|
arg = InvalidatePrincipalToken.new(@@application_token, token)
|
@@ -280,8 +279,7 @@ class Crowd
|
|
280
279
|
end
|
281
280
|
end
|
282
281
|
|
283
|
-
|
284
|
-
# Remove principal attribute
|
282
|
+
# Remove principal attribute.
|
285
283
|
def self.remove_attribute_principal(username, attributes)
|
286
284
|
if(attributes.class != Array)
|
287
285
|
attributes = [attributes]
|
@@ -304,7 +302,6 @@ class Crowd
|
|
304
302
|
end
|
305
303
|
end
|
306
304
|
|
307
|
-
##
|
308
305
|
# Add attribute to principal
|
309
306
|
def self.add_attribute_principal(username, attributes)
|
310
307
|
attributes.each do |key, val|
|
@@ -335,7 +332,6 @@ class Crowd
|
|
335
332
|
true
|
336
333
|
end
|
337
334
|
|
338
|
-
##
|
339
335
|
# Update attribute on principal
|
340
336
|
def self.update_attribute_principal(username, attributes)
|
341
337
|
attributes.each do |key, val|
|
@@ -366,7 +362,6 @@ class Crowd
|
|
366
362
|
true
|
367
363
|
end
|
368
364
|
|
369
|
-
##
|
370
365
|
# Remove principal
|
371
366
|
def self.remove_principal(username)
|
372
367
|
response = authenticated_connection do
|
@@ -384,7 +379,6 @@ class Crowd
|
|
384
379
|
end
|
385
380
|
end
|
386
381
|
|
387
|
-
##
|
388
382
|
# Find all principal names
|
389
383
|
def self.find_all_principal_names
|
390
384
|
response = authenticated_connection do
|
@@ -402,7 +396,6 @@ class Crowd
|
|
402
396
|
end
|
403
397
|
end
|
404
398
|
|
405
|
-
##
|
406
399
|
# Find all role names
|
407
400
|
def self.find_all_role_names
|
408
401
|
response = authenticated_connection do
|
@@ -420,7 +413,6 @@ class Crowd
|
|
420
413
|
end
|
421
414
|
end
|
422
415
|
|
423
|
-
##
|
424
416
|
# Add Role
|
425
417
|
def self.add_role(name, description, is_active)
|
426
418
|
response = authenticated_connection do
|
@@ -439,7 +431,6 @@ class Crowd
|
|
439
431
|
end
|
440
432
|
end
|
441
433
|
|
442
|
-
##
|
443
434
|
# Add Principal to Role
|
444
435
|
def self.add_principal_to_role(username, role)
|
445
436
|
response = authenticated_connection do
|
@@ -458,7 +449,6 @@ class Crowd
|
|
458
449
|
end
|
459
450
|
end
|
460
451
|
|
461
|
-
##
|
462
452
|
# Remove Principal form Role
|
463
453
|
def self.remove_principal_from_role(username, role)
|
464
454
|
response = authenticated_connection do
|
@@ -476,7 +466,6 @@ class Crowd
|
|
476
466
|
end
|
477
467
|
end
|
478
468
|
|
479
|
-
##
|
480
469
|
# Is Role Member
|
481
470
|
def self.is_role_member(username, role)
|
482
471
|
response = authenticated_connection do
|
@@ -496,7 +485,6 @@ class Crowd
|
|
496
485
|
|
497
486
|
|
498
487
|
|
499
|
-
##
|
500
488
|
# Remove Role
|
501
489
|
def self.remove_role(role)
|
502
490
|
response = authenticated_connection do
|
@@ -514,7 +502,6 @@ class Crowd
|
|
514
502
|
end
|
515
503
|
end
|
516
504
|
|
517
|
-
##
|
518
505
|
# Is Group Member
|
519
506
|
def self.is_group_member(username, group)
|
520
507
|
response = authenticated_connection do
|
@@ -664,7 +651,7 @@ class Crowd
|
|
664
651
|
##
|
665
652
|
# Returns the domain configured in Crowd or null if no domain has been set.
|
666
653
|
#
|
667
|
-
# *Deprecated:* This method has been superceded by
|
654
|
+
# *Deprecated:* This method has been superceded by get_cookie_info.
|
668
655
|
def self.get_domain
|
669
656
|
response = authenticated_connection do
|
670
657
|
arg = GetDomain.new(@@application_token)
|
@@ -679,6 +666,22 @@ class Crowd
|
|
679
666
|
end
|
680
667
|
end
|
681
668
|
|
669
|
+
# Returns the sso cookie configuration.
|
670
|
+
# Properties: cookie_info.domain and cookie_info.secure
|
671
|
+
def self.get_cookie_info
|
672
|
+
response = authenticated_connection do
|
673
|
+
arg = GetCookieInfo.new(@@application_token)
|
674
|
+
server.getCookieInfo(arg)
|
675
|
+
end
|
676
|
+
|
677
|
+
case response
|
678
|
+
when GetCookieInfoResponse
|
679
|
+
return response.out
|
680
|
+
else
|
681
|
+
raise AuthenticationException, response
|
682
|
+
end
|
683
|
+
end
|
684
|
+
|
682
685
|
##
|
683
686
|
# Updates the password credential for a principal who is in the application's assigned directory.
|
684
687
|
def self.update_principal_credential(principal, password)
|
data/lib/crowd/version.rb
CHANGED
data/spec/crowd_spec.rb
CHANGED
@@ -125,7 +125,7 @@ describe Crowd do
|
|
125
125
|
token = Crowd.authenticate_principal('unittest','unittest')
|
126
126
|
# overwrite application token
|
127
127
|
Crowd.application_token.token = 'fake'
|
128
|
-
Crowd.application_token.token.should
|
128
|
+
Crowd.application_token.token.should == 'fake'
|
129
129
|
# application should re-authenticate
|
130
130
|
Crowd.is_valid_principal_token?(token).should be_true
|
131
131
|
end
|
@@ -144,4 +144,8 @@ describe Crowd do
|
|
144
144
|
Crowd.find_all_group_names.should be_true
|
145
145
|
end
|
146
146
|
|
147
|
+
it "should get the cookie info" do
|
148
|
+
Crowd.get_cookie_info.should_not be_nil
|
149
|
+
end
|
150
|
+
|
147
151
|
end
|
metadata
CHANGED
@@ -1,13 +1,13 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: crowd-stefanwille
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
hash:
|
4
|
+
hash: 29
|
5
5
|
prerelease: false
|
6
6
|
segments:
|
7
7
|
- 0
|
8
8
|
- 5
|
9
|
-
-
|
10
|
-
version: 0.5.
|
9
|
+
- 11
|
10
|
+
version: 0.5.11
|
11
11
|
platform: ruby
|
12
12
|
authors:
|
13
13
|
- Stefan Wille
|
@@ -48,7 +48,7 @@ dependencies:
|
|
48
48
|
version: "0"
|
49
49
|
type: :development
|
50
50
|
version_requirements: *id002
|
51
|
-
description: A client for Atlassian
|
51
|
+
description: A client for Atlassian Crowd v2.0. Tested with Crowd 2.0.2 and 2.0.5.
|
52
52
|
email: post @nospam@ stefanwille.com
|
53
53
|
executables: []
|
54
54
|
|
@@ -64,9 +64,6 @@ files:
|
|
64
64
|
- crowd-stefanwille.gemspec
|
65
65
|
- demo/crowd_demo.rb
|
66
66
|
- lib/crowd.rb
|
67
|
-
- lib/crowd/http/request.rb
|
68
|
-
- lib/crowd/http/response.rb
|
69
|
-
- lib/crowd/http/sso.rb
|
70
67
|
- lib/crowd/soap/SecurityServerClient.rb
|
71
68
|
- lib/crowd/soap/crowd-2.0.5.wsdl
|
72
69
|
- lib/crowd/soap/default.rb
|
data/lib/crowd/http/request.rb
DELETED
data/lib/crowd/http/response.rb
DELETED
data/lib/crowd/http/sso.rb
DELETED
@@ -1,101 +0,0 @@
|
|
1
|
-
##
|
2
|
-
# This class is used to manage HTTP authentication. It is the fundamental class for
|
3
|
-
# web/SSO authentication integration. For most applications, using the following
|
4
|
-
# methods will be sufficient to achieve SSO:
|
5
|
-
# authenticate:: authenticate a user
|
6
|
-
# +is_authenticated?+:: determine if a request is authenticated
|
7
|
-
# principal:: retrieve the principal for an authenticated request
|
8
|
-
# logoff:: sign the user out
|
9
|
-
|
10
|
-
class Crowd::HTTP::SSO
|
11
|
-
@@request = nil
|
12
|
-
@@response = nil
|
13
|
-
|
14
|
-
##
|
15
|
-
# Retrieve the underlying client properties used
|
16
|
-
# to communicate with the Crowd Security Server.
|
17
|
-
def client_properties
|
18
|
-
end
|
19
|
-
|
20
|
-
##
|
21
|
-
# Retrieve the underlying SecurityServerClient used
|
22
|
-
# to communicate with the Crowd Security Server.
|
23
|
-
def security_server_client
|
24
|
-
end
|
25
|
-
|
26
|
-
|
27
|
-
##
|
28
|
-
# Sets the underlying principal token
|
29
|
-
def principal_token=(token)
|
30
|
-
end
|
31
|
-
|
32
|
-
##
|
33
|
-
# Attempts to retrive the principal from the request.
|
34
|
-
def principal(request)
|
35
|
-
end
|
36
|
-
|
37
|
-
##
|
38
|
-
# Retrieve the Crowd authentication token from the request
|
39
|
-
def token(request)
|
40
|
-
end
|
41
|
-
|
42
|
-
##
|
43
|
-
# Tests whether a request is authenticated via SSO
|
44
|
-
def is_authenticated?
|
45
|
-
end
|
46
|
-
|
47
|
-
##
|
48
|
-
# Authenticate a remote user using SSO
|
49
|
-
def authenticate(username, password)
|
50
|
-
end
|
51
|
-
|
52
|
-
##
|
53
|
-
# Verifies the authentication of a principal's username/password,
|
54
|
-
#
|
55
|
-
# Without validation_factors,
|
56
|
-
# This performs an instant verification of username/password with
|
57
|
-
# the centralised user repository (Crowd Server).
|
58
|
-
#
|
59
|
-
# Given a set of validation factors.
|
60
|
-
# This will authenticate the principal using the username and password
|
61
|
-
# provided, and will use the validation factors to generate an SSO
|
62
|
-
# token. This token can then be used by 3rd party systems to implement
|
63
|
-
# SSO or can be ignored to only provide centralised authentication.
|
64
|
-
#
|
65
|
-
# NOTE: This method will not provide SSO functionality directly - use the
|
66
|
-
# <code>authenticate</code> method instead.
|
67
|
-
def verify_authentication(username, password, validation_factors = {})
|
68
|
-
end
|
69
|
-
|
70
|
-
##
|
71
|
-
# Retrieves validation factors from the request
|
72
|
-
# {
|
73
|
-
# 'USER_AGENT' => "the User-Agent HTTP header",
|
74
|
-
# 'REMOTE_ADDRESS' => "the source IP address of the HTTP request",
|
75
|
-
# 'X_FORWARDED_FOR' => Original Address, if present and distinct from the REMOTE_ADDRESS
|
76
|
-
# }
|
77
|
-
def validation_factors
|
78
|
-
end
|
79
|
-
|
80
|
-
##
|
81
|
-
# Log off the SSO authenticated user. This will also effectively
|
82
|
-
# log them off from all SSO applications.
|
83
|
-
#
|
84
|
-
# This will sign out an authenticated user by invalidating their
|
85
|
-
# SSO token and removing it from their cookies.
|
86
|
-
#
|
87
|
-
# If the request is not authenticated, this method will have
|
88
|
-
# no effect and will not throw an exception.
|
89
|
-
#
|
90
|
-
def logoff
|
91
|
-
end
|
92
|
-
|
93
|
-
##
|
94
|
-
# Generate a PrincipalAuthenticationContext object containing the
|
95
|
-
# provided username and password, and validation factors from the
|
96
|
-
# the request.
|
97
|
-
#
|
98
|
-
def principal_authentication_context(username, password)
|
99
|
-
end
|
100
|
-
|
101
|
-
end
|