devise-remote-user 0.3.0 → 1.1.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
-SHA1:
-  metadata.gz: 5c22c1528b31943554d224bf190fcc0ff7abb81c
-  data.tar.gz: c5dd7031e1926d72301aac9694ae375e317802a3
+SHA256:
+  metadata.gz: b0bc0c09a06a85bf6f7687427ed0d69edbbc88ba8226e7f2bac9681f32899b32
+  data.tar.gz: 9c33250b5d3030529833b9f201400dbdc7ff665bca38fb752746d7cfa2915afa
 SHA512:
-  metadata.gz: 75dac7385bbdb025cac7159f6e14b6ab40d28ca3eaa3cc0abd520b05a3161cc2da80f9f8c03d622f7b5ee6fdf6a849ec8c7670c472ad76b7d97651bc2fc945fb
-  data.tar.gz: 526eb0280f61dc90f3d7cd3261a4528af94c31d8548a2b8881ed2e55e6ddf2c6d544e87ec082baf1f7775b98fe3ff314234495e71d2fd19532d31ced3483d01b
+  metadata.gz: fac419491667ab37ac90bb2e12902bd10288567ddc5ee9bf879651702fb0b19bce14cdd254e07c82f9f8aab4f40f3bc50980852205b49b52c76fef6b4d80c586
+  data.tar.gz: 2e1c68da7663909782cce96a34d5b1e58b648c46f35adb388e655534dc346b4bbac81cb550034d30a2e0968fa17da08fee2756ac98b992ace040d3be2fc07833

data/.github/workflows/ruby.yml

@@ -0,0 +1,53 @@
+# This workflow uses actions that are not certified by GitHub.
+# They are provided by a third-party and are governed by
+# separate terms of service, privacy policy, and support
+# documentation.
+# This workflow will download a prebuilt Ruby version, install dependencies and run tests with Rake
+# For more information see: https://github.com/marketplace/actions/setup-ruby-jruby-and-truffleruby
+
+name: CI
+
+on:
+  push:
+    branches: [ master ]
+  pull_request:
+    branches: [ master ]
+
+jobs:
+  test:
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        ruby: [2.6, 2.7]
+    steps:
+    - uses: actions/checkout@v2
+    - name: Set up Ruby
+      uses: ruby/setup-ruby@v1
+      with:
+        ruby-version: ${{ matrix.ruby }}
+    - name: Install dependencies
+      run: bundle install
+    - name: Run tests
+      run: bundle exec rake ci
+      env:
+        ENGINE_CART_RAILS_OPTIONS: '--skip-git --skip-listen --skip-spring --skip-keeps --skip-action-cable --skip-coffee --skip-test'
+  test_rails5:
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        ruby: [2.6, 2.7]
+    steps:
+    - uses: actions/checkout@v2
+    - name: Set up Ruby
+      uses: ruby/setup-ruby@v1
+      with:
+        ruby-version: ${{ matrix.ruby }}
+    - name: Install dependencies
+      run: bundle install
+      env:
+        RAILS_VERSION: 5.2.4.4
+    - name: Run tests
+      run: bundle exec rake ci
+      env:
+        RAILS_VERSION: 5.2.4.4
+        ENGINE_CART_RAILS_OPTIONS: '--skip-git --skip-listen --skip-spring --skip-keeps --skip-action-cable --skip-coffee --skip-test'

data/.gitignore

@@ -21,3 +21,4 @@ tmp
 .yardoc
 _yardoc
 doc/
+.internal_test_app

data/Gemfile

@@ -1,3 +1,39 @@
 source 'https://rubygems.org'
 
-gemspec
+gemspec
+
+gem "coveralls", require: false
+
+# BEGIN ENGINE_CART BLOCK
+# engine_cart: 0.10.0
+# engine_cart stanza: 0.10.0
+# the below comes from engine_cart, a gem used to test this Rails engine gem in the context of a Rails app.
+file = File.expand_path('Gemfile', ENV['ENGINE_CART_DESTINATION'] || ENV['RAILS_ROOT'] || File.expand_path('.internal_test_app', File.dirname(__FILE__)))
+if File.exist?(file)
+  begin
+    eval_gemfile file
+  rescue Bundler::GemfileError => e
+    Bundler.ui.warn '[EngineCart] Skipping Rails application dependencies:'
+    Bundler.ui.warn e.message
+  end
+else
+  Bundler.ui.warn "[EngineCart] Unable to find test application dependencies in #{file}, using placeholder dependencies"
+
+  if ENV['RAILS_VERSION']
+    if ENV['RAILS_VERSION'] == 'edge'
+      gem 'rails', github: 'rails/rails'
+      ENV['ENGINE_CART_RAILS_OPTIONS'] = '--edge --skip-turbolinks'
+    else
+      gem 'rails', ENV['RAILS_VERSION']
+    end
+  end
+
+  case ENV['RAILS_VERSION']
+  when /^6.0/
+    gem 'sass-rails', '>= 6'
+    # gem 'webpacker', '~> 4.0'
+  when /^5.[12]/
+    gem 'sass-rails', '~> 5.0'
+  end
+end
+# END ENGINE_CART BLOCK

data/LICENSE

@@ -1,4 +1,4 @@
-Copyright (c) 2013, Duke University Libraries
+Copyright (c) Duke University.
 All rights reserved.
 
 Redistribution and use in source and binary forms, with or without modification,
@@ -11,7 +11,7 @@ are permitted provided that the following conditions are met:
   list of conditions and the following disclaimer in the documentation and/or
   other materials provided with the distribution.
 
-  Neither the name of the {organization} nor the names of its
+  Neither the name of Duke University nor the names of its
   contributors may be used to endorse or promote products derived from
   this software without specific prior written permission.
 

data/README.md

@@ -3,6 +3,11 @@ devise-remote-user
 
 A devise extension for remote user authentication.
 
+[![Gem Version](https://badge.fury.io/rb/devise-remote-user.svg)](http://badge.fury.io/rb/devise-remote-user)
+[![Build Status](https://github.com/duke-libraries/devise-remote-user/workflows/CI/badge.svg)](https://github.com/duke-libraries/devise-remote-user/actions?query=branch%3Amaster)
+[![Coverage Status](https://coveralls.io/repos/duke-libraries/devise-remote-user/badge.png?branch=master)](https://coveralls.io/r/duke-libraries/devise-remote-user?branch=master)
+[![Code Climate](https://codeclimate.com/github/duke-libraries/devise-remote-user/badges/gpa.svg)](https://codeclimate.com/github/duke-libraries/devise-remote-user)
+
 ## Installation
 
 Add to Gemfile:
@@ -24,7 +29,7 @@ Sorry, there are no generators yet, so ...
 
 Configuration options:
 
-- `env_var` - String (default: `'REMOTE_USER'`).  Request environment key for the remote user id.
+- `env_key` - String (default: `'REMOTE_USER'`).  Request environment key for the remote user id.
 - `attribute_map` - Hash (default: `{}`).  Map of User model attributes to request environment keys for updating the local user when auto-creation is enabled.
 - `auto_create` - Boolean (default: `false`). Whether to auto-create a local user from the remote user attributes.  Note: Also requires adding the Warden callbacks as shown below.
 - `auto_update` - Boolean (default: `false`). Whether to auto-update authenticated user attributes from remote user attributes.
@@ -46,4 +51,4 @@ end
 
 ## Tests
 
-`rake spec` runs the test suite.
+`rake ci` runs the test suite.

data/Rakefile

@@ -4,17 +4,13 @@ rescue LoadError
   puts 'You must `gem install bundler` and `bundle install` to run rake tasks'
 end
 
-APP_RAKEFILE = File.expand_path("../spec/dummy/Rakefile", __FILE__)
-load 'rails/tasks/engine.rake'
-
 Bundler::GemHelper.install_tasks
 
-Dir[File.join(File.dirname(__FILE__), 'tasks/**/*.rake')].each {|f| load f }
+task default: :ci
 
-require 'rspec/core'
 require 'rspec/core/rake_task'
+RSpec::Core::RakeTask.new(:spec)
 
-desc "Run all specs in spec directory (excluding plugin specs)"
-RSpec::Core::RakeTask.new(:spec => 'app:db:test:prepare')
+require 'engine_cart/rake_task'
 
-task :default => :spec
+task ci: ['engine_cart:generate', 'spec']

data/{devise_remote_user.gemspec → devise-remote-user.gemspec}

@@ -18,10 +18,10 @@ Gem::Specification.new do |s|
   s.test_files = Dir["spec/**/*"]
   s.extra_rdoc_files = ["LICENSE", "README.md"]
   s.require_paths = ["lib"]
-  s.add_dependency "rails", ">= 3.2", "< 5.0"
   s.add_dependency "devise"
   s.add_development_dependency "sqlite3"
-  s.add_development_dependency "rspec-rails", "~> 2.14.1"
+  s.add_development_dependency "rspec-rails", "~> 3.4"
   s.add_development_dependency "factory_girl_rails"
   s.add_development_dependency "capybara"
-end
+  s.add_development_dependency "engine_cart", "~> 2.0"
+end

data/lib/devise-remote-user.rb

@@ -0,0 +1 @@
+require 'devise_remote_user'

data/lib/devise_remote_user.rb

@@ -3,38 +3,45 @@ require 'devise_remote_user/engine'
 require 'devise_remote_user/controller_behavior'
 
 module DeviseRemoteUser
+  class << self
+    attr_accessor :env_key, :auto_create, :auto_update, :auth_key, :attribute_map, :logout_url
+  end
 
   # request.env key for remote user name
   # Set to 'HTTP_REMOTE_USER' in config/initializers/devise.rb if behind reverse proxy
-  mattr_accessor :env_key
-  @@env_key = 'REMOTE_USER'
-  
+  self.env_key = 'REMOTE_USER'
+
   # Enable user auto-creation of user from remote user attributes
-  mattr_accessor :auto_create
-  @@auto_create = false
+  self.auto_create = false
 
   # Enable user auto-update of user attributes from remote user attributes
-  mattr_accessor :auto_update
-  @@auto_update = false
+  self.auto_update = false
 
   # User attribute used for lookup of remote user
   # Defaults to Devise.authentication_keys.first
-  mattr_accessor :auth_key
-  @@auth_key = nil
+  self.auth_key = nil
 
   # Map of User model attributes to request.env keys for updating a local user when auto-creation is enabled.
-  mattr_accessor :attribute_map
-  @@attribute_map = {}
+  self.attribute_map = {}
 
   # Settings for redirecting to the remote user logout URL
   # Enable by including DeviseRemoteUser::Controllers::Helpers in ApplicationController
   # (it overrides Devise's after_sign_out_path_for method).
-  mattr_accessor :logout_url
-  @@logout_url = '/'
+  self.logout_url = '/'
+
 
   def self.configure
     yield self
   end
+  
+  def self.remote_user_id env
+    case env_key
+    when Proc
+      env_key.call(env)
+    else
+      env[env_key]
+    end
+  end
 
 end
 
@@ -42,4 +49,3 @@ Devise.add_module(:remote_user_authenticatable,
                   :strategy => true,
                   :controller => :sessions,
                   :model => 'devise_remote_user/model')
-

data/lib/devise_remote_user/controller_behavior.rb

@@ -9,7 +9,7 @@ module DeviseRemoteUser
     private 
 
     def remote_user_authenticated?
-      request.env[DeviseRemoteUser.env_key].present?
+      DeviseRemoteUser.remote_user_id(request.env).present?
     end
 
   end

data/lib/devise_remote_user/manager.rb

@@ -1,14 +1,15 @@
 module DeviseRemoteUser
 
   #
-  # The Manager class is responsible for connecting the appliation's User 
+  # The Manager class is responsible for connecting the appliation's User
   # class with remote user information in the request environment.
   #
   class Manager
 
-    attr_reader :env
-    
-    def initialize(env)
+    attr_reader :klass, :env
+
+    def initialize(klass, env)
+      @klass = klass
       @env = env
     end
 
@@ -22,21 +23,25 @@ module DeviseRemoteUser
     end
 
     def find_user
-      User.where(user_criterion).first
+      klass.where(user_criterion).first
     end
 
     def create_user
+      unless Devise.mappings[:user].strategies.include?(:database_authenticatable)
+        return klass.create(user_criterion)
+      end
+
       random_password = SecureRandom.hex(16)
       attrs = user_criterion.merge({password: random_password, password_confirmation: random_password})
-      User.create(attrs)
+      klass.create(attrs)
     end
 
     def update_user(user)
-      user.update_attributes(remote_user_attributes)
+      user.update(remote_user_attributes)
     end
 
     protected
-    
+
     def remote_user_attributes
       DeviseRemoteUser.attribute_map.inject({}) { |h, (k, v)| h[k] = env[v] if env.has_key?(v); h }
     end
@@ -46,13 +51,13 @@ module DeviseRemoteUser
     end
 
     def remote_user_id
-      env[DeviseRemoteUser.env_key]
+      DeviseRemoteUser.remote_user_id(env)
     end
 
     def auth_key
       DeviseRemoteUser.auth_key || Devise.authentication_keys.first
     end
-    
+
   end
 
 end

data/lib/devise_remote_user/model.rb

@@ -5,13 +5,11 @@ module Devise::Models
   module RemoteUserAuthenticatable
     extend ActiveSupport::Concern
 
-    module ClassMethods
-
-      def find_for_remote_user_authentication(env)
-        manager = DeviseRemoteUser::Manager.new(env)
+    included do
+      def self.find_for_remote_user_authentication(env)
+        manager = DeviseRemoteUser::Manager.new(self, env)
         manager.find_or_create_user
       end
-
     end
 
   end

data/lib/devise_remote_user/strategy.rb

@@ -6,7 +6,7 @@ module Devise
     class RemoteUserAuthenticatable < Authenticatable
 
       def valid?
-        env[DeviseRemoteUser.env_key].present?
+        DeviseRemoteUser.remote_user_id(env).present?
       end
 
       def authenticate!

data/lib/devise_remote_user/version.rb

@@ -1,3 +1,3 @@
 module DeviseRemoteUser
-  VERSION = '0.3.0'
+  VERSION = '1.1.0'
 end

data/spec/controllers/application_controller_spec.rb

@@ -1,6 +1,6 @@
 require 'spec_helper'
 
-describe ApplicationController do
+RSpec.describe ApplicationController, type: :controller do
 
   controller do
     def remote_user_name=(user_name)
@@ -21,7 +21,7 @@ describe ApplicationController do
       before { controller.remote_user_name = user.email }
       it "should login the remote user" do
         get :index
-        expect(controller.user_signed_in?).to be_true
+        expect(controller.user_signed_in?).to eq true
         expect(controller.current_user).to eq(user)
       end
     end
@@ -30,7 +30,7 @@ describe ApplicationController do
       before { controller.remote_user_name = nil }
       it "should do nothing" do
         get :index
-        expect(controller.user_signed_in?).to be_false
+        expect(controller.user_signed_in?).to eq false
       end
     end
 
@@ -43,18 +43,18 @@ describe ApplicationController do
         it "should create and sign in a new user" do
           get :index
           expect(response).to be_successful
-          expect(controller.user_signed_in?).to be_true
+          expect(controller.user_signed_in?).to eq true
           expect(User.find_by_email(email)).to eq(controller.current_user)
         end
       end
 
       describe "and auto-creation is disabled" do
-        before { allow(DeviseRemoteUser).to receive(:auto_create) { false } }
+        before { allow(DeviseRemoteUser).to receive(:auto_create).and_return(false) }
         it "should not create a user for the remote user" do
           get :index
-          response.should_not be_successful
-          controller.user_signed_in?.should be_false
-          User.find_by_email(email).should be_nil
+          expect(response).to_not be_successful
+          expect(controller.user_signed_in?).to eq false
+          expect(User.find_by_email(email)).to be_nil
         end
       end
     end
@@ -62,7 +62,7 @@ describe ApplicationController do
     describe "when a local database user is already signed in" do
       let(:local_user) { FactoryGirl.create(:user) }
       before do
-        allow(DeviseRemoteUser).to receive(:auto_create) { true }
+        allow(DeviseRemoteUser).to receive(:auto_create).and_return(true)
         controller.remote_user_name = remote_user.email
         sign_in local_user
       end
@@ -100,7 +100,7 @@ describe ApplicationController do
 
       describe "when auto-creation is disabled" do
         before do
-          allow(DeviseRemoteUser).to receive(:auto_update) { false } 
+          allow(DeviseRemoteUser).to receive(:auto_update).and_return(false)
           controller.remote_user_name = user.email
           controller.remote_user_attributes = {
             'givenName' => 'Fleece',
@@ -121,7 +121,7 @@ describe ApplicationController do
 
       describe "when auto-creation is enabled" do
         before do
-          allow(DeviseRemoteUser).to receive(:auto_update) { true }
+          allow(DeviseRemoteUser).to receive(:auto_update).and_return(true)
           controller.remote_user_attributes = {
             'givenName' => 'Fleece',
             'sn' => 'Vest',

data/spec/controllers/devise/sessions_controller_spec.rb

@@ -1,6 +1,6 @@
 require 'spec_helper'
 
-describe Devise::SessionsController do
+RSpec.describe Devise::SessionsController, type: :controller do
   before { @request.env["devise.mapping"] = Devise.mappings[:user] }
   describe "logout" do
     let(:user) { FactoryGirl.create(:user) }
@@ -12,9 +12,8 @@ describe Devise::SessionsController do
     end
     describe "when user is not remotely authenticated" do
       it "should redirect to the root path (Devise default)" do
-        expect(get :destroy).to redirect_to(root_path)
+        expect(get :destroy).to redirect_to('/')
       end
     end
   end
-
 end