crowd-stefanwille 0.5.10 → 0.5.11

data/.gitignore

@@ -1,4 +1,7 @@
-.DS_Store 
+**/.DS_Store 
 doc
 *~
 pkg
+lib/crowd/.DS_Store
+demo/test_token.rb
+

data/History.txt

@@ -1,6 +1,9 @@
 
-== 0.5.10 / 2010-07-26
-
+== 0.5.11 / 2010-07-26
+* 0.5.11
+  * add Crowd.crowd_cookie_tokenkey for SSO
+  * add Crowd.crowd_validation_factors_need_user_agent for SSO
+  * add Crowd.get_cookie_info
 * 0.5.10
   * fixed bug in validation factor serialization
 * 0.5.9 

data/Rakefile

@@ -33,7 +33,7 @@ begin
     gemspec.name = "crowd-stefanwille"
     gemspec.version = Crowd::Version::STRING
     gemspec.summary = "Ruby client for Atlassian Crowd 2.0"
-    gemspec.description = "A client for Atlassian[http://www.atlassian.com] Crowd[http://www.atlassian.com/crowd] v2.0. Tested with Crowd 2.0.2 and 2.0.5."
+    gemspec.description = "A client for Atlassian Crowd v2.0. Tested with Crowd 2.0.2 and 2.0.5."
     gemspec.email = "post @nospam@ stefanwille.com"
     gemspec.homepage = "http://github.com/stefanwille/crowd"
     gemspec.authors = ["Stefan Wille", "Evgeny Zislis", "Jason Rimmer & Daniel Morrison"]

data/crowd-stefanwille.gemspec

@@ -5,12 +5,12 @@
 
 Gem::Specification.new do |s|
   s.name = %q{crowd-stefanwille}
-  s.version = "0.5.10"
+  s.version = "0.5.11"
 
   s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
   s.authors = ["Stefan Wille", "Evgeny Zislis", "Jason Rimmer & Daniel Morrison"]
   s.date = %q{2010-07-26}
-  s.description = %q{A client for Atlassian[http://www.atlassian.com] Crowd[http://www.atlassian.com/crowd] v2.0. Tested with Crowd 2.0.2 and 2.0.5.}
+  s.description = %q{A client for Atlassian Crowd v2.0. Tested with Crowd 2.0.2 and 2.0.5.}
   s.email = %q{post @nospam@ stefanwille.com}
   s.extra_rdoc_files = [
     "README.rdoc"
@@ -23,9 +23,6 @@ Gem::Specification.new do |s|
      "crowd-stefanwille.gemspec",
      "demo/crowd_demo.rb",
      "lib/crowd.rb",
-     "lib/crowd/http/request.rb",
-     "lib/crowd/http/response.rb",
-     "lib/crowd/http/sso.rb",
      "lib/crowd/soap/SecurityServerClient.rb",
      "lib/crowd/soap/crowd-2.0.5.wsdl",
      "lib/crowd/soap/default.rb",

data/lib/crowd.rb

@@ -31,6 +31,8 @@ class Crowd
   @@crowd_app_name = nil
   @@crowd_app_pword = nil
   @@crowd_url = nil
+  @@crowd_validation_factors_need_user_agent = false
+  @@crowd_cookie_tokenkey = 'crowd.token_key'
   @@crowd_session_tokenkey = 'session.tokenkey'
   @@crowd_session_validationinterval = 0
   @@crowd_session_lastvalidation = 'session.lastvalidation'
@@ -41,45 +43,46 @@ class Crowd
   # Configuration      
   #
       
-  ''' 
-  The URL to use when connecting with the integration libraries to communicate with the Crowd server. 
-  '''
+  # The URL to use when connecting with the integration libraries to communicate with the Crowd server. 
   def self.crowd_url=(value); @@crowd_url = value; end
 
-  ''' 
-  The name that the application will use when authenticating with the Crowd server. 
-  This needs to match the name you specified in Crowd server.
-  '''
+  # The name that the application will use when authenticating with the Crowd server. 
+  # This needs to match the name you specified in Crowd server.
   def self.crowd_app_name=(value); @@crowd_app_name = value; end
 
-  ''' 
-  The password that the application will use when authenticating with the Crowd server. 
-  This needs to match the password you specified in Crowd server. 
-  '''
+  # The password that the application will use when authenticating with the Crowd server. 
+  # This needs to match the password you specified in Crowd server. 
   def self.crowd_app_pword=(value); @@crowd_app_pword = value; end
   
   #
   # Relevant for SSO:
   #
+
+  # This configuration depends on the Crowd java client library version that your other applications use.
+  # For crowd-integration-client-2.0.2.jar this needs to be 'true',
+  # for crowd-integration-client-2.0.5.jar this needs to be 'false'.
+  #
+  # Default is false.
+  def self.crowd_validation_factors_need_user_agent=(value); @@crowd_validation_factors_need_user_agent = value; end
   
-  ''' 
-  The number of minutes to cache authentication validation in the session. 
-  If this value is set to 0, each HTTP request will be authenticated with the Crowd server. 
-  '''
+  # The number of minutes to cache authentication validation in the session. 
+  # If this value is set to 0, each HTTP request will be authenticated with the Crowd server. 
+  # The default is 0.
   def self.crowd_session_validationinterval=(value); @@crowd_session_validationinterval = value; end
 
-  ''' 
-  The session key to use when storing a String value of the users authentication token. 
-  Has a good default.
-  '''
+  # The cookie key to use when creating or reading the SSO token.
+  # Has a good default.
+  def self.crowd_cookie_tokenkey=(value); @@crowd_cookie_tokenkey = value; end
+
+  # The session key to use when storing a String value of the users authentication token. 
+  # Has a good default.
   def self.crowd_session_tokenkey=(value); @@crowd_session_tokenkey = value; end
 
-  ''' 
-  The session key to use when storing a timestamp of the users last authentication.   
-  Has a good default.
-  '''
+  # The session key to use when storing a timestamp of the users last authentication.   
+  # Has a good default.
   def self.crowd_session_lastvalidation=(value); @@crowd_session_lastvalidation = value; end
   
+  
   # for testing
   def self.application_token=(value); @@application_token = value; end
   def self.application_token; @@application_token; end
@@ -87,7 +90,9 @@ class Crowd
   def self.crowd_app_name; @@crowd_app_name; end
   def self.crowd_app_pword; @@crowd_app_pword; end
 
+  def self.crowd_validation_factors_need_user_agent; @@crowd_validation_factors_need_user_agent; end
   def self.crowd_session_tokenkey; @@crowd_session_tokenkey; end
+  def self.crowd_cookie_tokenkey; @@crowd_cookie_tokenkey; end
   def self.crowd_session_validationinterval; @@crowd_session_validationinterval; end
   def self.crowd_session_lastvalidation; @@crowd_session_lastvalidation; end    
 
@@ -107,7 +112,6 @@ class Crowd
   # Public methods
   #
 
-  ##
   # Authenticates an application client to the Crowd security server.
   def self.authenticate_application(validation_factors = {})
     pword = PasswordCredential.new(@@crowd_app_pword, false)
@@ -122,9 +126,10 @@ class Crowd
     @@application_token = response.out
   end
   
-  ##
   # Authenticates a principal verses the calling who is in the application's assigned directory.
   #
+  # Validation factors are essential for SSO interoperable with Atlassian's Java client library.
+  #
   # To use SSO, set:
   #   validation_factors = { 'USER_AGENT' => '...', 'REMOTE_ADDRESS' => '...' }
   #   for proxy users { 'X_FORWARDED_FOR" => '...' } might be useful as well.
@@ -158,7 +163,6 @@ class Crowd
   end
     
   
-  ##
   # Authenticates a principal without validating a password.
   def self.create_principal_token(username, validation_factors = {})
     response = authenticated_connection do
@@ -169,7 +173,6 @@ class Crowd
     response.out
   end
   
-  ##
   # Checks if the principal's current token is still valid.
   def self.is_valid_principal_token?(principal_token, validation_factors = {})
     response = authenticated_connection do
@@ -186,8 +189,7 @@ class Crowd
     end
   end
   
-  ##
-  # Add Principal
+  # Add principal to the crowd directory.
   def self.add_principal(username, password, description, is_active, attributes)
     response = authenticated_connection do
       
@@ -221,8 +223,7 @@ class Crowd
     end
   end
   
-  ##
-  # Find Principal via username
+  # Find principal via username.
   def self.find_principal_by_username(username)    
     response = authenticated_connection do
       arg = FindPrincipalByName.new(@@application_token, username)
@@ -241,8 +242,7 @@ class Crowd
     raise AuthenticationObjectNotFoundException, e    
   end
   
-  ##
-  # Find Principal via token
+  # Find principal via token.
   def self.find_principal_by_token(token)
     response = authenticated_connection do
       arg = FindPrincipalByToken.new(@@application_token, token)
@@ -264,8 +264,7 @@ class Crowd
     raise AuthenticationException, e.message
   end  
   
-  ##
-  # Invalidate Principal Token
+  # Invalidate principal token.
   def self.invalidate_principal_token(token)
     response = authenticated_connection do 
       arg = InvalidatePrincipalToken.new(@@application_token, token)
@@ -280,8 +279,7 @@ class Crowd
     end
   end
   
-  ##
-  # Remove principal attribute 
+  # Remove principal attribute.
   def self.remove_attribute_principal(username, attributes)    
     if(attributes.class != Array)
       attributes = [attributes]
@@ -304,7 +302,6 @@ class Crowd
     end
   end
   
-  ##
   # Add attribute to principal
   def self.add_attribute_principal(username, attributes)
     attributes.each do |key, val|
@@ -335,7 +332,6 @@ class Crowd
     true
   end
   
-  ##
   # Update attribute on principal
   def self.update_attribute_principal(username, attributes)    
     attributes.each do |key, val|
@@ -366,7 +362,6 @@ class Crowd
     true
   end
   
-  ##
   # Remove principal
   def self.remove_principal(username)
     response = authenticated_connection do
@@ -384,7 +379,6 @@ class Crowd
     end    
   end
   
-  ##
   # Find all principal names
   def self.find_all_principal_names    
     response = authenticated_connection do
@@ -402,7 +396,6 @@ class Crowd
     end
   end
 
-  ##
   # Find all role names
   def self.find_all_role_names
     response = authenticated_connection do 
@@ -420,7 +413,6 @@ class Crowd
     end
   end
   
-  ##
   # Add Role
   def self.add_role(name, description, is_active)
     response = authenticated_connection do 
@@ -439,7 +431,6 @@ class Crowd
     end
   end
   
-  ##
   # Add Principal to Role
   def self.add_principal_to_role(username, role)    
     response = authenticated_connection do         
@@ -458,7 +449,6 @@ class Crowd
     end
   end
   
-  ##
   # Remove Principal form Role
   def self.remove_principal_from_role(username, role)
     response = authenticated_connection do 
@@ -476,7 +466,6 @@ class Crowd
     end
   end
 
-  ##
   # Is Role Member
   def self.is_role_member(username, role)
     response = authenticated_connection do 
@@ -496,7 +485,6 @@ class Crowd
   
   
   
-  ##
   # Remove Role
   def self.remove_role(role)
     response = authenticated_connection do 
@@ -514,7 +502,6 @@ class Crowd
     end
   end
   
-  ##
   # Is Group Member
   def self.is_group_member(username, group)
     response = authenticated_connection do 
@@ -664,7 +651,7 @@ class Crowd
   ##
   # Returns the domain configured in Crowd or null if no domain has been set.
   #
-  # *Deprecated:* This method has been superceded by get_cookie_config.
+  # *Deprecated:* This method has been superceded by get_cookie_info.
   def self.get_domain
     response = authenticated_connection do
       arg = GetDomain.new(@@application_token)
@@ -679,6 +666,22 @@ class Crowd
     end
   end
 
+  # Returns the sso cookie configuration.
+  # Properties: cookie_info.domain and cookie_info.secure
+  def self.get_cookie_info
+    response = authenticated_connection do
+      arg = GetCookieInfo.new(@@application_token)
+      server.getCookieInfo(arg)
+    end
+
+    case response
+    when GetCookieInfoResponse
+      return response.out
+    else
+      raise AuthenticationException, response
+    end
+  end
+
   ##
   # Updates the password credential for a principal who is in the application's assigned directory.
   def self.update_principal_credential(principal, password)

data/lib/crowd/version.rb

@@ -2,7 +2,7 @@ class Crowd #:nodoc:
   module Version #:nodoc:
     MAJOR = 0
     MINOR = 5
-    TINY = 10
+    TINY = 11
   
     STRING = [MAJOR, MINOR, TINY].join('.')
   end

data/spec/crowd_spec.rb

@@ -125,7 +125,7 @@ describe Crowd do
      token = Crowd.authenticate_principal('unittest','unittest')
      # overwrite application token
      Crowd.application_token.token = 'fake'
-     Crowd.application_token.token.should eql('fake')
+     Crowd.application_token.token.should == 'fake'
      # application should re-authenticate
      Crowd.is_valid_principal_token?(token).should be_true
    end
@@ -144,4 +144,8 @@ describe Crowd do
      Crowd.find_all_group_names.should be_true
    end
  
+   it "should get the cookie info" do
+     Crowd.get_cookie_info.should_not be_nil
+   end
+ 
 end

metadata

@@ -1,13 +1,13 @@
 --- !ruby/object:Gem::Specification 
 name: crowd-stefanwille
 version: !ruby/object:Gem::Version 
-  hash: 31
+  hash: 29
   prerelease: false
   segments: 
   - 0
   - 5
-  - 10
-  version: 0.5.10
+  - 11
+  version: 0.5.11
 platform: ruby
 authors: 
 - Stefan Wille
@@ -48,7 +48,7 @@ dependencies:
         version: "0"
   type: :development
   version_requirements: *id002
-description: A client for Atlassian[http://www.atlassian.com] Crowd[http://www.atlassian.com/crowd] v2.0. Tested with Crowd 2.0.2 and 2.0.5.
+description: A client for Atlassian Crowd v2.0. Tested with Crowd 2.0.2 and 2.0.5.
 email: post @nospam@ stefanwille.com
 executables: []
 
@@ -64,9 +64,6 @@ files:
 - crowd-stefanwille.gemspec
 - demo/crowd_demo.rb
 - lib/crowd.rb
-- lib/crowd/http/request.rb
-- lib/crowd/http/response.rb
-- lib/crowd/http/sso.rb
 - lib/crowd/soap/SecurityServerClient.rb
 - lib/crowd/soap/crowd-2.0.5.wsdl
 - lib/crowd/soap/default.rb

data/lib/crowd/http/request.rb

@@ -1,6 +0,0 @@
-##
-# An HTTP request. This class holds data from the client
-# It allows the HTTP-protocol specified header information to be
-# accessed from the SSO class.
-class Crowd::HTTP::Request < Net::HTTPRequest
-end

data/lib/crowd/http/response.rb

@@ -1,5 +0,0 @@
-##
-# An HTTP response. This class allows to manipulate HTTP-protocol
-# specified header information and return data to its client.
-class Crowd::HTTP::Response < Net::HTTPResponse
-end

data/lib/crowd/http/sso.rb

@@ -1,101 +0,0 @@
-##
-# This class is used to manage HTTP authentication. It is the fundamental class for
-# web/SSO authentication integration. For most applications, using the following
-# methods will be sufficient to achieve SSO:
-# authenticate:: authenticate a user
-# +is_authenticated?+:: determine if a request is authenticated
-# principal:: retrieve the principal for an authenticated request
-# logoff:: sign the user out
-
-class Crowd::HTTP::SSO
-  @@request = nil
-  @@response = nil
-  
-  ##
-  # Retrieve the underlying client properties used
-  # to communicate with the Crowd Security Server.
-  def client_properties
-  end
-  
-  ## 
-  # Retrieve the underlying SecurityServerClient used
-  # to communicate with the Crowd Security Server.
-  def security_server_client
-  end
-
-
-  ##
-  # Sets the underlying principal token
-  def principal_token=(token)
-  end
-
-  ##
-  # Attempts to retrive the principal from the request.
-  def principal(request)
-  end
-
-  ##
-  # Retrieve the Crowd authentication token from the request
-  def token(request)
-  end
-  
-  ##
-  # Tests whether a request is authenticated via SSO
-  def is_authenticated?
-  end
-
-  ##
-  # Authenticate a remote user using SSO
-  def authenticate(username, password)
-  end
-
-  ##
-  # Verifies the authentication of a principal's username/password,
-  #
-  # Without validation_factors,
-  # This performs an instant verification of username/password with
-  # the centralised user repository (Crowd Server).
-  # 
-  # Given a set of validation factors.
-  # This will authenticate the principal using the username and password
-  # provided, and will use the validation factors to generate an SSO
-  # token. This token can then be used by 3rd party systems to implement
-  # SSO or can be ignored to only provide centralised authentication.
-  #
-  # NOTE: This method will not provide SSO functionality directly - use the
-  # <code>authenticate</code> method instead.
-  def verify_authentication(username, password, validation_factors = {})
-  end
-
-  ##
-  # Retrieves validation factors from the request
-  # {
-  #   'USER_AGENT' => "the User-Agent HTTP header",
-  #   'REMOTE_ADDRESS' => "the source IP address of the HTTP request",
-  #   'X_FORWARDED_FOR' => Original Address, if present and distinct from the REMOTE_ADDRESS
-  # }
-  def validation_factors
-  end
-
-  ##
-  # Log off the SSO authenticated user. This will also effectively
-  # log them off from all SSO applications.
-  #
-  # This will sign out an authenticated user by invalidating their
-  # SSO token and removing it from their cookies.
-  #
-  # If the request is not authenticated, this method will have
-  # no effect and will not throw an exception.
-  #
-  def logoff
-  end
-
-  ## 
-  # Generate a PrincipalAuthenticationContext object containing the
-  # provided username and password, and validation factors from the
-  # the request.
-  # 
-  def principal_authentication_context(username, password)
-  end
-
-end