devise_ichain_authenticatable 0.1

checksums.yaml

@@ -0,0 +1,15 @@
+---
+!binary "U0hBMQ==":
+  metadata.gz: !binary |-
+    MWNiYWNhMjM4N2ZmMmZlMzViMGYxOTExMjdjN2VhYTlhNjNlYWZmOQ==
+  data.tar.gz: !binary |-
+    YjkzOTBjMjg0NGRhNzA0NjgzMmRkNzQwNGYyODJkOWFiZTNkNDJiZg==
+!binary "U0hBNTEy":
+  metadata.gz: !binary |-
+    MDc5ZTJlMjViODRmOWFmZTMyODVlMGE0NzAzN2UxMjAyYzgxOGZmZjQ2NmMw
+    MGI1MDdlMmNiZTkwZWQ4NDY3OTI2Mzg3MDAxNjViODQ0NWI2MGY5YmZmYTFh
+    Y2E1YmZhYzQ3YzIwOTg5YzY2OTYwNTc5Mzc5YmJiZDMxOWYzOGI=
+  data.tar.gz: !binary |-
+    M2Y2YzE2NTJhMzg4MmJlMzMzYmQwODgxZDk5ZjFhZmY1NzBlNmQ3ZGE4MzA4
+    OTQ3NGFiNDM3OWZkNTJmNDEzMDA4YzI3NWFmNTQ4MWZjMWI3ZWFlNjhhYjAw
+    ODE0ODZmZjU4MWQ2ZGJmZDgzNGEyZWVhNDg1MzUzODcyMDI2YWY=

data/Gemfile

@@ -0,0 +1,3 @@
+source "http://rubygems.org"
+
+gemspec

data/MIT-LICENSE

@@ -0,0 +1,20 @@
+Copyright (c) 2013 Ancor González
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -0,0 +1,5 @@
+Devise iChain Authenticatable
+=============================
+
+Devise extension to allow authentication via iChain. Proper documentation is on
+the way.

data/app/controllers/devise/ichain_registrations_controller.rb

@@ -0,0 +1,56 @@
+class Devise::IchainRegistrationsController < DeviseController
+  prepend_before_filter :require_no_authentication, :only => [ :new ]
+  prepend_before_filter :authenticate_scope!, :only => [:edit, :update]
+
+  def new
+    redirect_url = base_url + after_sign_up_path_for(resource_name)
+    if ::Devise.ichain_test_mode
+      set_flash_message :notice, :in_test_mode
+      redirect_to redirect_url
+    else
+      sign_up_url = ::Devise.ichain_base_url + "/ICSLogin"
+      sign_up_url += "?" + {:url => redirect_url}.to_query
+      redirect_to sign_up_url
+    end
+  end
+
+  # GET /resource/edit
+  def edit
+    render :edit
+  end
+
+  # PUT /resource
+  # We need to use a copy of the resource because we don't want to change
+  # the current user in place.
+  def update
+    #self.resource = resource_class.to_adapter.get!(send(:"current_#{resource_name}").to_key)
+    resource.update_attributes(resource_params)
+    respond_with resource, :location => after_update_path_for(resource)
+  end
+
+  protected
+
+  # The default url to be used after updating a resource. You need to overwrite
+  # this method in your own RegistrationsController.
+  def after_update_path_for(resource)
+    signed_in_root_path(resource)
+  end
+
+  # Authenticates the current scope and gets the current resource from the session.
+  def authenticate_scope!
+    send(:"authenticate_#{resource_name}!", :force => true)
+    self.resource = send(:"current_#{resource_name}")
+  end
+
+  # The path used after sign up. You need to overwrite this method
+  # in your own RegistrationsController.
+  def after_sign_up_path_for(resource)
+    after_sign_in_path_for(resource)
+  end
+
+  def base_url
+    url = "#{request.protocol}#{request.host}"
+    url += ":#{request.port}" unless request.port.blank?
+    url
+  end
+end

data/app/controllers/devise/ichain_sessions_controller.rb

@@ -0,0 +1,52 @@
+class Devise::IchainSessionsController < DeviseController
+  prepend_before_filter :require_no_authentication, :only => [ :new, :test ]
+
+  # GET /resource/sign_in
+  def new
+    return new_test if ::Devise.ichain_test_mode
+    self.resource = build_resource(nil, :unsafe => true)
+    @back_url = base_url + after_sign_in_path_for(resource_name)
+    @login_url = (::Devise.ichain_base_url || "") + "/ICSLogin/auth-up"
+    @context = ::Devise.ichain_context
+    @proxypath = ::Devise.ichain_proxypath
+    respond_with resource
+  end
+
+  # DELETE /resource/sign_out
+  def destroy
+    redirect_url = base_url + after_sign_out_path_for(resource_name)
+    if ::Devise.ichain_test_mode
+      session.delete :ichain_test_username
+      session.delete :ichain_test_attributes
+      signed_out = (Devise.sign_out_all_scopes ? sign_out : sign_out(resource_name))
+      set_flash_message :notice, :signed_out if signed_out && is_navigational_format?
+      redirect_to redirect_url
+    else
+      logout_url = ::Devise.ichain_base_url + "/ICHAINLogout"
+      logout_url += "?" + {:url => redirect_url}.to_query
+      redirect_to logout_url
+    end
+  end
+
+  def test
+    redirect_to(:new) unless Devise::ichain_test_mode
+    session[:ichain_test_username] = params[:username]
+    session[:ichain_test_attributes] = params[:attributes]
+    redirect_to after_sign_in_path_for(resource_name)
+  end
+
+  protected
+
+  def new_test
+    self.resource = build_resource(nil, :unsafe => true)
+    @fields = (::Devise.ichain_attribute_headers.keys rescue [])
+    @login_url = test_ichain_session_path(resource_name)
+    render :new_test
+  end
+
+  def base_url
+    url = "#{request.protocol}#{request.host}"
+    url += ":#{request.port}" unless request.port.blank?
+    url
+  end
+end

data/app/views/devise/ichain_registrations/edit.html.erb

@@ -0,0 +1,12 @@
+<h2>Edit <%= resource_name.to_s.humanize %></h2>
+
+<%= form_for(resource, :as => resource_name, :url => ichain_registration_path(resource_name), :html => { :method => :put }) do |f| %>
+  <%= devise_error_messages! %>
+
+  <div><%= f.label :email %><br />
+  <%= f.email_field :email, :autofocus => true %></div>
+
+  <div><%= f.submit "Update" %></div>
+<% end %>
+
+<%= link_to "Back", :back %>

data/app/views/devise/ichain_sessions/new.html.erb

@@ -0,0 +1,19 @@
+<h2>Sign in</h2>
+
+<%= form_tag(@login_url, :method => :post, :enctype => 'application/x-www-form-urlencoded') do %>
+  <%= hidden_field_tag :url, @back_url %>
+  <%= hidden_field_tag :context, @context %>
+  <%= hidden_field_tag :proxypath, @proxypath %>
+
+  <div><%= label_tag :username,  "Username" %><br />
+  <%= text_field_tag :username, "", :autofocus => true %></div>
+
+  <div><%= label_tag :Password,  "Password" %><br />
+  <%= text_field_tag :password, "" %></div>
+
+  <div><%= submit_tag "Sign in" %></div>
+<% end %>
+
+<%- if devise_mapping.ichain_registerable? %>
+  <%= link_to "Sign up", new_ichain_registration_path(resource_name) %><br />
+<% end -%>

data/app/views/devise/ichain_sessions/new_test.html.erb

@@ -0,0 +1,12 @@
+<h2>Sign in (TEST MODE)</h2>
+
+<%= form_tag(@login_url, :method => :post, :enctype => 'application/x-www-form-urlencoded') do %>
+  <div><%= label_tag :username, "Username" %><br />
+  <%= text_field_tag :username, "" %></div>
+  <%- @fields.each do |field| %>
+    <div><%= label_tag "attributes[#{field}]",  field.to_s.humanize %><br />
+    <%= text_field_tag "attributes[#{field}]", "" %></div>
+  <%- end -%>
+
+  <div><%= submit_tag "Sign in" %></div>
+<% end %>

data/devise_ichain_authenticatable.gemspec

@@ -0,0 +1,22 @@
+# -*- encoding: utf-8 -*-
+$:.push File.expand_path("../lib", __FILE__)
+require "devise_ichain_authenticatable/version"
+
+Gem::Specification.new do |s|
+  s.name     = 'devise_ichain_authenticatable'
+  s.version  = DeviseIchainAuthenticatable::VERSION.dup
+  s.platform = Gem::Platform::RUBY
+  s.summary  = 'Devise extension to allow authentication via iChain'
+  s.email = 'ancor@suse.de'
+  s.homepage = 'https://github.com/openSUSE/devise_ichain_authenticatable'
+  s.description = s.summary
+  s.authors = ['Ancor González Sosa']
+  s.license = 'MIT'
+
+  s.files         = `git ls-files`.split("\n")
+  s.test_files    = `git ls-files -- {test,spec,features}/*`.split("\n")
+  s.executables   = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) }
+  s.require_paths = ["lib"]
+
+  s.add_runtime_dependency(%q<devise>, ['>= 2.2'])
+end

data/lib/devise/ichain_failure_app.rb

@@ -0,0 +1,29 @@
+require "devise/failure_app"
+
+class ::Devise::IchainFailureApp < ::Devise::FailureApp
+  protected
+
+  # TODO: find a better way to do that (or even open an issue for Devise)
+  # Add ichain_session as a fallback to session
+  def scope_path
+    opts  = {}
+    route = :"new_#{scope}_session_path"
+    alt_route = :"new_#{scope}_ichain_session_path"
+    opts[:format] = request_format unless skip_format?
+
+    config = Rails.application.config
+    opts[:script_name] = (config.relative_url_root if config.respond_to?(:relative_url_root))
+
+    context = send(Devise.available_router_name)
+
+    if context.respond_to?(route)
+      context.send(route, opts)
+    elsif context.respond_to?(alt_route)
+      context.send(alt_route, opts)
+    elsif respond_to?(:root_path)
+      root_path(opts)
+    else
+      "/"
+    end
+  end
+end

data/lib/devise_ichain_authenticatable.rb

@@ -0,0 +1,31 @@
+require 'devise'
+require 'devise_ichain_authenticatable/routes'
+require 'devise_ichain_authenticatable/strategy'
+require 'devise_ichain_authenticatable/models'
+require 'devise_ichain_authenticatable/rails'
+
+module Devise
+
+  autoload :IchainFailureApp, 'devise/ichain_failure_app'
+
+  # Configuration params
+  @@ichain_test_mode = false
+  @@ichain_base_url = nil
+  @@ichain_context = "default"
+  @@ichain_proxypath = "reverse"
+  @@ichain_username_header = "HTTP_X_USERNAME"
+  @@ichain_attribute_headers = {:email => "HTTP_X_EMAIL"}
+
+  mattr_accessor :ichain_test_mode, :ichain_base_url, :ichain_context,
+    :ichain_proxypath, :ichain_username_header, :ichain_attribute_headers
+end
+
+Devise.add_module :ichain_authenticatable,
+  :strategy => true,
+  :controller => :ichain_sessions,
+  :route => {:ichain_session => [nil, :new, :test, :destroy]}
+
+Devise.add_module :ichain_registerable,
+  :strategy => false,
+  :controller => :ichain_registrations,
+  :route => {:ichain_registration => [nil, :new, :edit]}

data/lib/devise_ichain_authenticatable/models.rb

@@ -0,0 +1,24 @@
+module Devise
+  module Models
+    module IchainAuthenticatable
+      def self.included(base)
+        base.extend ClassMethods
+      end
+
+      module ClassMethods
+      end
+
+      def signed_in_by_ichain!
+        @signed_in_by_ichain = true
+      end
+
+      def signed_in_by_ichain?
+        @signed_in_by_ichain == true
+      end
+    end
+
+    # Empty, but Devise seems to require a model per module
+    module IchainRegisterable
+    end
+  end
+end

data/lib/devise_ichain_authenticatable/rails.rb

@@ -0,0 +1,4 @@
+module DeviseIchainAuthenticatable
+  class Engine < ::Rails::Engine
+  end
+end

data/lib/devise_ichain_authenticatable/routes.rb

@@ -0,0 +1,21 @@
+ActionDispatch::Routing::Mapper.class_eval do
+  protected
+
+  def devise_ichain_session(mapping, controllers)
+    resource :ichain_session, :only => [], :controller => controllers[:ichain_sessions], :path => "" do
+      get :new, :path => mapping.path_names[:ichain_sign_in], :as => "new"
+      post :test, :as => "test"
+      match :destroy, :path => mapping.path_names[:ichain_sign_out], :as => "destroy", :via => mapping.sign_out_via
+    end
+  end
+
+  def devise_ichain_registration(mapping, controllers)
+    options = {
+      :only => [:new, :edit, :update],
+      :path => mapping.path_names[:ichain_registration],
+      :path_names => {:new => mapping.path_names[:ichain_sign_up] },
+      :controller => controllers[:ichain_registrations]
+    }
+    resource :ichain_registration, options
+  end
+end

data/lib/devise_ichain_authenticatable/strategy.rb

@@ -0,0 +1,37 @@
+require 'devise/strategies/authenticatable'
+
+class Devise::Strategies::IchainAuthenticatable < Devise::Strategies::Authenticatable
+
+  def store?
+    false
+  end
+
+  def valid?
+    ::Devise.ichain_test_mode || !request.env[::Devise.ichain_username_header].blank?
+  end
+
+  def authenticate!
+    if ::Devise.ichain_test_mode
+      unless session[:ichain_test_username].blank?
+        proxy_user = session[:ichain_test_username]
+        attributes = session[:ichain_test_attributes] || {}
+      end
+    else
+      proxy_user = request.env[::Devise.ichain_username_header]
+      attributes = {}
+      ::Devise.ichain_attribute_headers.each do |k,v|
+        attributes[k.to_sym] = request.env[v]
+      end
+    end
+    if proxy_user
+      resource = mapping.to.for_ichain_username(proxy_user, attributes)
+      return fail! unless resource
+      resource.signed_in_by_ichain!
+      success!(resource)
+    else
+      fail!
+    end
+  end
+end
+
+Warden::Strategies.add :ichain_authenticatable, Devise::Strategies::IchainAuthenticatable

data/lib/devise_ichain_authenticatable/version.rb

@@ -0,0 +1,3 @@
+module DeviseIchainAuthenticatable
+    VERSION = "0.1".freeze
+end

data/rails/init.rb

@@ -0,0 +1 @@
+require "devise_ichain_authenticatable"

metadata

@@ -0,0 +1,75 @@
+--- !ruby/object:Gem::Specification
+name: devise_ichain_authenticatable
+version: !ruby/object:Gem::Version
+  version: '0.1'
+platform: ruby
+authors:
+- Ancor González Sosa
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2013-07-22 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: devise
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '2.2'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '2.2'
+description: Devise extension to allow authentication via iChain
+email: ancor@suse.de
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- Gemfile
+- MIT-LICENSE
+- README.md
+- app/controllers/devise/ichain_registrations_controller.rb
+- app/controllers/devise/ichain_sessions_controller.rb
+- app/views/devise/ichain_registrations/edit.html.erb
+- app/views/devise/ichain_sessions/new.html.erb
+- app/views/devise/ichain_sessions/new_test.html.erb
+- devise_ichain_authenticatable.gemspec
+- lib/devise/ichain_failure_app.rb
+- lib/devise_ichain_authenticatable.rb
+- lib/devise_ichain_authenticatable/models.rb
+- lib/devise_ichain_authenticatable/rails.rb
+- lib/devise_ichain_authenticatable/routes.rb
+- lib/devise_ichain_authenticatable/strategy.rb
+- lib/devise_ichain_authenticatable/version.rb
+- rails/init.rb
+homepage: https://github.com/openSUSE/devise_ichain_authenticatable
+licenses:
+- MIT
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.0.3
+signing_key: 
+specification_version: 4
+summary: Devise extension to allow authentication via iChain
+test_files: []
+has_rdoc: