devise_oam 0.0.2 → 0.0.3

data/README.md

@@ -8,7 +8,7 @@ integration with Oracle Access Manager.
 ## Installation
 In **Rails 3**, add this to your Gemfile and run the `bundle` command.
 
-    gem "devise_oam", github: "whatthewhat/devise_oam"
+    gem "devise_oam", "~> 0.0.3"
 
 ## Usage
 1) Add the `HeaderAuthenticatable` strategy in devise initializer `config/initializers/devise.rb`:
@@ -38,7 +38,10 @@ end
 * `create_user_if_not_found` - if set to true this will create a new user if no user was found
 * `create_user_method` - method in the `user_class` to handle new user creation
 * `ldap_header` - HTTP header for LDAP roles
-* `roles_setter` - method in the `user_class` to handle updating user roles
+* `update_user_method` - method in the `user_class` to handle updating user roles and additional attributes
+* `attr_headers` - headers with additional attributes that are passed to `update_user_method`
+
+`roles_setter` should still work, but is deprecated
 
 ### Automatic user creation
 If you need to automatically create new users based on `oam_header` you need to do the following:
@@ -54,7 +57,7 @@ To use LDAP roles parsing:
 
 1. Set `ldap_header` setting to the HTTP header with roles (should be a comma separated string)
 2. Add a method to your user class that will accept an array with roles and update the user
-3. In the initializer set `roles_setter` setting to the method you've just created
+3. In the initializer set `update_user_method` setting to the method you've just created
 
 For an example see `test/dummy` app.
 

data/lib/devise_oam/authenticatable_entity.rb

@@ -1,10 +1,11 @@
 module DeviseOam
   class AuthenticatableEntity
-    attr_accessor :login, :ldap_roles
+    attr_accessor :login, :ldap_roles, :attributes
     
-    def initialize(login, ldap_roles = nil)
+    def initialize(login, ldap_roles = nil, attributes = {})
       @login = login
       @ldap_roles = parse_ldap_roles(ldap_roles) if ldap_roles
+      @attributes = attributes
     end
     
     private
@@ -12,4 +13,4 @@ module DeviseOam
       ldap_roles.strip.downcase.split(',')
     end
   end
-end
+end

data/lib/devise_oam/strategies/header_authenticatable.rb

@@ -4,24 +4,20 @@ module DeviseOam
       class HeaderAuthenticatable < ::Devise::Strategies::Base
         attr_reader :authenticatable
         
+        # strategy is only valid if there is a DeviseOam.oam_header header in the request
         def valid?
-          # this strategy is only valid if there is a DeviseOam.oam_header header in the request
           request.headers[DeviseOam.oam_header]
         end
 
         def authenticate!         
-          failure_message = "OAM authentication failed"
-          
           oam_data = request.headers[DeviseOam.oam_header]
-          if DeviseOam.ldap_header
-            ldap_data = request.headers[DeviseOam.ldap_header] || ""
-          end
+          ldap_data = request.headers[DeviseOam.ldap_header] if DeviseOam.ldap_header
+          attributes = get_attributes if DeviseOam.attr_headers
 
           if oam_data.blank?
-            fail!(failure_message)
+            fail!("OAM authentication failed")
           else
-            @authenticatable = AuthenticatableEntity.new(oam_data, ldap_data)
-            
+            @authenticatable = AuthenticatableEntity.new(oam_data, ldap_data, attributes)
             user = find_or_create_user
             success!(user)
           end
@@ -34,17 +30,42 @@ module DeviseOam
         private
         
         def find_or_create_user
-          user = DeviseOam.user_class.where({ DeviseOam.user_login_field.to_sym => @authenticatable.login }).first
-          
+          user = find_user
           if user.nil? && DeviseOam.create_user_if_not_found
-            user = DeviseOam.user_class.send(DeviseOam.create_user_method, { DeviseOam.user_login_field.to_sym => @authenticatable.login, :roles => @authenticatable.ldap_roles })
+            user = create_user
           elsif user && set_roles?
-            user.send(DeviseOam.roles_setter, @authenticatable.ldap_roles)
+            update_user(user)
           end
           
           user
         end
+
+        def find_user
+          DeviseOam.user_class.where({ DeviseOam.user_login_field.to_sym => @authenticatable.login }).first
+        end
+
+        def create_user
+          DeviseOam.user_class.send(DeviseOam.create_user_method, {
+            DeviseOam.user_login_field.to_sym => @authenticatable.login,
+            roles: @authenticatable.ldap_roles 
+          })
+        end
+
+        def update_user(user)
+          if @authenticatable.attributes.any?
+            user.send(DeviseOam.update_user_method, @authenticatable.ldap_roles, @authenticatable.attributes)
+          else
+            user.send(DeviseOam.update_user_method, @authenticatable.ldap_roles)
+          end
+        end
+
+        def get_attributes
+          hash = DeviseOam.attr_headers.inject({}) {|attr_hash, attr_header|
+            attr_hash[attr_header.underscore] = request.headers[attr_header] if request.headers[attr_header]
+            attr_hash
+          }
+        end
       end
     end
   end
-end
+end

data/lib/devise_oam/version.rb

@@ -1,3 +1,3 @@
 module DeviseOam
-  VERSION = "0.0.2"
+  VERSION = "0.0.3"
 end

data/lib/devise_oam.rb

@@ -3,7 +3,6 @@ require "devise_oam/strategies/header_authenticatable"
 require "devise_oam/authenticatable_entity"
 
 module DeviseOam
-  
   # Settings
   mattr_accessor :oam_header
   mattr_accessor :user_class
@@ -12,6 +11,10 @@ module DeviseOam
   mattr_accessor :create_user_method
   mattr_accessor :ldap_header
   mattr_accessor :roles_setter
+  mattr_accessor :attr_headers
+  mattr_writer :update_user_method
+
+  @@update_user_method = nil
   
   def self.setup
     yield self
@@ -20,4 +23,8 @@ module DeviseOam
   def self.user_class
     @@user_class.constantize
   end
+
+  def self.update_user_method
+    @@update_user_method || @@roles_setter
+  end
 end

data/test/authenticatable_entity_test.rb

@@ -0,0 +1,21 @@
+require 'test_helper'
+include TestHelpers
+
+class DeviseOamTest < ActiveSupport::TestCase
+  test "correctly parses ldap roles" do
+    ldap_roles = 'role-1,Role-2'
+    roles = ["role-1", "role-2"]
+
+    authenticatable = DeviseOam::AuthenticatableEntity.new("login", ldap_roles)
+
+    assert_equal authenticatable.ldap_roles, roles
+  end
+  
+  test "login is case sensitive" do
+    auth1 = DeviseOam::AuthenticatableEntity.new("Login")
+    auth2 = DeviseOam::AuthenticatableEntity.new("loGin")
+    
+    assert_equal auth1.login, "Login"
+    assert_equal auth2.login, "loGin"
+  end
+end

data/test/device_oam_test.rb

@@ -0,0 +1,20 @@
+require 'test_helper'
+include TestHelpers
+
+class DeviseOamTest < ActiveSupport::TestCase
+  test "truth" do
+    assert_kind_of Module, DeviseOam
+  end
+
+  test "setup block yields self" do
+    DeviseOam.setup do |config|
+      assert_equal DeviseOam, config
+    end
+  end
+
+  test "update_user_method is set to roles_setter by default" do
+    DeviseOam.update_user_method = nil
+    DeviseOam.roles_setter = :roles_setter
+    assert_equal DeviseOam.update_user_method, :roles_setter
+  end
+end

data/test/dummy/app/models/user.rb

@@ -32,4 +32,10 @@ class User < ActiveRecord::Base
     self.roles = roles
     self.save validate:false
   end
+
+  def update_user(roles, additional_attributes)
+    self.roles = roles
+    self.email = additional_attributes['user_email']
+    self.save validate:false
+  end
 end

data/test/dummy/log/development.log

@@ -0,0 +1,153 @@
+Connecting to database specified by database.yml
+
+
+Started GET "/" for 127.0.0.1 at 2012-09-19 17:26:30 +0400
+Processing by UsersController#index as HTML
+Completed 401 Unauthorized in 9ms
+
+
+Started GET "/users/sign_in" for 127.0.0.1 at 2012-09-19 17:26:30 +0400
+Processing by Devise::SessionsController#new as HTML
+Completed 500 Internal Server Error in 46ms
+
+ActiveRecord::StatementInvalid (Could not find table 'users'):
+  activerecord (3.2.5) lib/active_record/connection_adapters/sqlite_adapter.rb:472:in `table_structure'
+  activerecord (3.2.5) lib/active_record/connection_adapters/sqlite_adapter.rb:346:in `columns'
+  activerecord (3.2.5) lib/active_record/connection_adapters/schema_cache.rb:12:in `block in initialize'
+  activerecord (3.2.5) lib/active_record/model_schema.rb:228:in `yield'
+  activerecord (3.2.5) lib/active_record/model_schema.rb:228:in `default'
+  activerecord (3.2.5) lib/active_record/model_schema.rb:228:in `columns'
+  activerecord (3.2.5) lib/active_record/model_schema.rb:243:in `column_defaults'
+  activerecord (3.2.5) lib/active_record/base.rb:482:in `initialize'
+  devise (2.1.2) app/controllers/devise_controller.rb:102:in `new'
+  devise (2.1.2) app/controllers/devise_controller.rb:102:in `build_resource'
+  devise (2.1.2) app/controllers/devise/sessions_controller.rb:8:in `new'
+  actionpack (3.2.5) lib/action_controller/metal/implicit_render.rb:4:in `send_action'
+  actionpack (3.2.5) lib/abstract_controller/base.rb:167:in `process_action'
+  actionpack (3.2.5) lib/action_controller/metal/rendering.rb:10:in `process_action'
+  actionpack (3.2.5) lib/abstract_controller/callbacks.rb:18:in `block in process_action'
+  activesupport (3.2.5) lib/active_support/callbacks.rb:458:in `_run__3322301534199686528__process_action__3654599336353534351__callbacks'
+  activesupport (3.2.5) lib/active_support/callbacks.rb:405:in `__run_callback'
+  activesupport (3.2.5) lib/active_support/callbacks.rb:385:in `_run_process_action_callbacks'
+  activesupport (3.2.5) lib/active_support/callbacks.rb:81:in `run_callbacks'
+  actionpack (3.2.5) lib/abstract_controller/callbacks.rb:17:in `process_action'
+  actionpack (3.2.5) lib/action_controller/metal/rescue.rb:29:in `process_action'
+  actionpack (3.2.5) lib/action_controller/metal/instrumentation.rb:30:in `block in process_action'
+  activesupport (3.2.5) lib/active_support/notifications.rb:123:in `block in instrument'
+  activesupport (3.2.5) lib/active_support/notifications/instrumenter.rb:20:in `instrument'
+  activesupport (3.2.5) lib/active_support/notifications.rb:123:in `instrument'
+  actionpack (3.2.5) lib/action_controller/metal/instrumentation.rb:29:in `process_action'
+  actionpack (3.2.5) lib/action_controller/metal/params_wrapper.rb:206:in `process_action'
+  activerecord (3.2.5) lib/active_record/railties/controller_runtime.rb:18:in `process_action'
+  actionpack (3.2.5) lib/abstract_controller/base.rb:121:in `process'
+  actionpack (3.2.5) lib/abstract_controller/rendering.rb:45:in `process'
+  actionpack (3.2.5) lib/action_controller/metal.rb:203:in `dispatch'
+  actionpack (3.2.5) lib/action_controller/metal/rack_delegation.rb:14:in `dispatch'
+  actionpack (3.2.5) lib/action_controller/metal.rb:246:in `block in action'
+  actionpack (3.2.5) lib/action_dispatch/routing/route_set.rb:73:in `call'
+  actionpack (3.2.5) lib/action_dispatch/routing/route_set.rb:73:in `dispatch'
+  actionpack (3.2.5) lib/action_dispatch/routing/route_set.rb:36:in `call'
+  actionpack (3.2.5) lib/action_dispatch/routing/mapper.rb:42:in `call'
+  journey (1.0.3) lib/journey/router.rb:68:in `block in call'
+  journey (1.0.3) lib/journey/router.rb:56:in `each'
+  journey (1.0.3) lib/journey/router.rb:56:in `call'
+  actionpack (3.2.5) lib/action_dispatch/routing/route_set.rb:600:in `call'
+  warden (1.2.1) lib/warden/manager.rb:35:in `block in call'
+  warden (1.2.1) lib/warden/manager.rb:34:in `catch'
+  warden (1.2.1) lib/warden/manager.rb:34:in `call'
+  actionpack (3.2.5) lib/action_dispatch/middleware/best_standards_support.rb:17:in `call'
+  rack (1.4.1) lib/rack/etag.rb:23:in `call'
+  rack (1.4.1) lib/rack/conditionalget.rb:25:in `call'
+  actionpack (3.2.5) lib/action_dispatch/middleware/head.rb:14:in `call'
+  actionpack (3.2.5) lib/action_dispatch/middleware/params_parser.rb:21:in `call'
+  actionpack (3.2.5) lib/action_dispatch/middleware/flash.rb:238:in `call'
+  rack (1.4.1) lib/rack/session/abstract/id.rb:205:in `context'
+  rack (1.4.1) lib/rack/session/abstract/id.rb:200:in `call'
+  actionpack (3.2.5) lib/action_dispatch/middleware/cookies.rb:338:in `call'
+  activerecord (3.2.5) lib/active_record/query_cache.rb:64:in `call'
+  activerecord (3.2.5) lib/active_record/connection_adapters/abstract/connection_pool.rb:473:in `call'
+  actionpack (3.2.5) lib/action_dispatch/middleware/callbacks.rb:28:in `block in call'
+  activesupport (3.2.5) lib/active_support/callbacks.rb:405:in `_run__2963724873740439576__call__167442707437893209__callbacks'
+  activesupport (3.2.5) lib/active_support/callbacks.rb:405:in `__run_callback'
+  activesupport (3.2.5) lib/active_support/callbacks.rb:385:in `_run_call_callbacks'
+  activesupport (3.2.5) lib/active_support/callbacks.rb:81:in `run_callbacks'
+  actionpack (3.2.5) lib/action_dispatch/middleware/callbacks.rb:27:in `call'
+  actionpack (3.2.5) lib/action_dispatch/middleware/reloader.rb:65:in `call'
+  actionpack (3.2.5) lib/action_dispatch/middleware/remote_ip.rb:31:in `call'
+  actionpack (3.2.5) lib/action_dispatch/middleware/debug_exceptions.rb:16:in `call'
+  actionpack (3.2.5) lib/action_dispatch/middleware/show_exceptions.rb:56:in `call'
+  railties (3.2.5) lib/rails/rack/logger.rb:26:in `call_app'
+  railties (3.2.5) lib/rails/rack/logger.rb:16:in `call'
+  actionpack (3.2.5) lib/action_dispatch/middleware/request_id.rb:22:in `call'
+  rack (1.4.1) lib/rack/methodoverride.rb:21:in `call'
+  rack (1.4.1) lib/rack/runtime.rb:17:in `call'
+  activesupport (3.2.5) lib/active_support/cache/strategy/local_cache.rb:72:in `call'
+  rack (1.4.1) lib/rack/lock.rb:15:in `call'
+  actionpack (3.2.5) lib/action_dispatch/middleware/static.rb:62:in `call'
+  railties (3.2.5) lib/rails/engine.rb:479:in `call'
+  railties (3.2.5) lib/rails/application.rb:220:in `call'
+  rack (1.4.1) lib/rack/content_length.rb:14:in `call'
+  railties (3.2.5) lib/rails/rack/log_tailer.rb:17:in `call'
+  rack (1.4.1) lib/rack/handler/webrick.rb:59:in `service'
+  /Users/whatthewhat/.rvm/rubies/ruby-1.9.3-p125/lib/ruby/1.9.1/webrick/httpserver.rb:138:in `service'
+  /Users/whatthewhat/.rvm/rubies/ruby-1.9.3-p125/lib/ruby/1.9.1/webrick/httpserver.rb:94:in `run'
+  /Users/whatthewhat/.rvm/rubies/ruby-1.9.3-p125/lib/ruby/1.9.1/webrick/server.rb:191:in `block in start_thread'
+
+
+  Rendered /Users/whatthewhat/.rvm/gems/ruby-1.9.3-p125/gems/actionpack-3.2.5/lib/action_dispatch/middleware/templates/rescues/_trace.erb (2.8ms)
+  Rendered /Users/whatthewhat/.rvm/gems/ruby-1.9.3-p125/gems/actionpack-3.2.5/lib/action_dispatch/middleware/templates/rescues/_request_and_response.erb (1.2ms)
+  Rendered /Users/whatthewhat/.rvm/gems/ruby-1.9.3-p125/gems/actionpack-3.2.5/lib/action_dispatch/middleware/templates/rescues/diagnostics.erb within rescues/layout (13.3ms)
+Connecting to database specified by database.yml
+   (0.1ms)  select sqlite_version(*)
+   (1.6ms)  CREATE TABLE "schema_migrations" ("version" varchar(255) NOT NULL) 
+   (0.0ms)  PRAGMA index_list("schema_migrations")
+   (1.2ms)  CREATE UNIQUE INDEX "unique_schema_migrations" ON "schema_migrations" ("version")
+   (0.1ms)  SELECT "schema_migrations"."version" FROM "schema_migrations" 
+Migrating to DeviseCreateUsers (20120514070218)
+   (0.0ms)  begin transaction
+   (0.5ms)  CREATE TABLE "users" ("id" INTEGER PRIMARY KEY AUTOINCREMENT NOT NULL, "email" varchar(255) DEFAULT '' NOT NULL, "encrypted_password" varchar(255) DEFAULT '' NOT NULL, "reset_password_token" varchar(255), "reset_password_sent_at" datetime, "remember_created_at" datetime, "sign_in_count" integer DEFAULT 0, "current_sign_in_at" datetime, "last_sign_in_at" datetime, "current_sign_in_ip" varchar(255), "last_sign_in_ip" varchar(255), "created_at" datetime NOT NULL, "updated_at" datetime NOT NULL) 
+   (0.1ms)  PRAGMA index_list("users")
+   (0.4ms)  CREATE UNIQUE INDEX "index_users_on_email" ON "users" ("email")
+   (0.1ms)  PRAGMA index_list("users")
+   (0.0ms)  PRAGMA index_info('index_users_on_email')
+   (0.2ms)  CREATE UNIQUE INDEX "index_users_on_reset_password_token" ON "users" ("reset_password_token")
+   (0.2ms)  INSERT INTO "schema_migrations" ("version") VALUES ('20120514070218')
+   (1.1ms)  commit transaction
+Migrating to AddRolesMaskToUsers (20120521064519)
+   (0.0ms)  begin transaction
+   (0.9ms)  ALTER TABLE "users" ADD "roles_mask" integer
+   (0.2ms)  INSERT INTO "schema_migrations" ("version") VALUES ('20120521064519')
+   (0.8ms)  commit transaction
+   (0.4ms)  select sqlite_version(*)
+   (0.2ms)  SELECT "schema_migrations"."version" FROM "schema_migrations" 
+   (0.1ms)  PRAGMA index_list("users")
+   (0.0ms)  PRAGMA index_info('index_users_on_reset_password_token')
+   (0.0ms)  PRAGMA index_info('index_users_on_email')
+Connecting to database specified by database.yml
+
+
+Started GET "/users/sign_in" for 127.0.0.1 at 2012-09-19 17:27:00 +0400
+Processing by Devise::SessionsController#new as HTML
+  Rendered /Users/whatthewhat/.rvm/gems/ruby-1.9.3-p125/gems/devise-2.1.2/app/views/devise/shared/_links.erb (1.9ms)
+  Rendered /Users/whatthewhat/.rvm/gems/ruby-1.9.3-p125/gems/devise-2.1.2/app/views/devise/sessions/new.html.erb within layouts/application (16.6ms)
+Compiled application.css  (0ms)  (pid 5431)
+Compiled jquery.js  (3ms)  (pid 5431)
+Compiled jquery_ujs.js  (0ms)  (pid 5431)
+Compiled application.js  (51ms)  (pid 5431)
+Completed 200 OK in 247ms (Views: 187.3ms | ActiveRecord: 2.3ms)
+
+
+Started GET "/assets/application.css?body=1" for 127.0.0.1 at 2012-09-19 17:27:00 +0400
+Served asset /application.css - 200 OK (4ms)
+
+
+Started GET "/assets/application.js?body=1" for 127.0.0.1 at 2012-09-19 17:27:00 +0400
+Served asset /application.js - 200 OK (9ms)
+
+
+Started GET "/assets/jquery.js?body=1" for 127.0.0.1 at 2012-09-19 17:27:00 +0400
+Served asset /jquery.js - 200 OK (5ms)
+
+
+Started GET "/assets/jquery_ujs.js?body=1" for 127.0.0.1 at 2012-09-19 17:27:00 +0400
+Served asset /jquery_ujs.js - 200 OK (4ms)