devise_openid_authenticatable 1.0.0.alpha6 → 1.0.0.alpha7

data/.gitignore

@@ -3,3 +3,4 @@ log/
 Gemfile.lock
 .bundle
 spec/scenario/db/*.sqlite3
+spec/scenario/tmp/*

data/CHANGELOG.rdoc

@@ -1,3 +1,8 @@
+== 1.0.0.alpha7
+
+* GH-3: Add support for rememberable.
+  * This requires an upgrade to rack-openid 1.2.0 or higher.
+
 == 1.0.0.alpha5
 
 * GH-5: Don't try to convert returned values to strings from AX providers
@@ -18,4 +23,4 @@
 
 == 1.0.0.alpha1
 
-* Initial version, basically just a packaged-up version of my OpenID strategy for Devise
+* Initial version, basically just a packaged-up version of my OpenID strategy for Devise

data/Gemfile

@@ -1,9 +1,13 @@
 source "http://rubygems.org"
 
-gem 'rails', '3.0.0.rc'
-gem "devise", ">= 1.1.1"
+gem 'rails', '3.0.0'
+gem "devise", ">= 1.1.2"
 gem "rspec", ">= 2.0.0.beta.17"
 gem "rspec-rails", ">= 2.0.0.beta.17"
-gem "rack-openid", ">= 1.0.3"
+gem "rack-openid", ">= 1.2.0"
 gem "mocha"
 gem "sqlite3-ruby"
+gem "rots", :git => "http://github.com/roman/rots.git"
+gem "sham_rack"
+gem "webrat"
+gem "ruby-debug"

data/README.md

@@ -62,11 +62,14 @@ aren't using database_authenticatable:
       <p><%= f.submit "Sign in" %></p>
     <% end -%>
 
-Finally, you'll need to wire up Rack::OpenID in your Rails configuration.  If you're using Devise 1.0, you can do:
+Finally, you'll need to wire up Rack::OpenID in your Rails configuration.  The way to do this varies depending on which version of Rails you're using.  If you're on Rails 2.3 (and Devise 1.0), you must initialize it like this:
 
-    config.middleware.use "Rack::OpenID"
+    require 'openid/store/memory'
+    config.middleware.use "Rack::OpenID", OpenID::Store::Memory.new
 
-If you're using Devise 1.1 or a later version, you'll need to do this instead, to ensure that Rack::OpenID sits above Warden in the Rack middleware stack:
+(Specifying an OpenID store instance is necessary because Rails 2.3 reinitializes the middleware objects on each request, so in order to ensure that the stored OpenID data is persistent between subsequent requests, we initialize the Memory store upfront and pass in the same instance each time.  If you prefer to use a different store, such as the Memcached store, feel free to substitute in the appropriate class here.)
+
+If you're using Rails 3, you'll need to do this instead, to ensure that Rack::OpenID sits above Warden in the Rack middleware stack:
 
     config.middleware.insert_before(Warden::Manager, Rack::OpenID)
 

data/Rakefile

@@ -27,7 +27,7 @@ begin
     gemspec.homepage = "http://github.com/nbudin/devise_openid_authenticatable"
     gemspec.authors = ["Nat Budin"]
     gemspec.add_runtime_dependency "devise", ">= 1.0.6"
-    gemspec.add_runtime_dependency "rack-openid", ">= 1.0.3"
+    gemspec.add_runtime_dependency "rack-openid", ">= 1.2.0"
   end
   Jeweler::GemcutterTasks.new
 rescue LoadError

data/VERSION

@@ -1 +1 @@
-1.0.0.alpha6
+1.0.0.alpha7

data/devise_openid_authenticatable.gemspec

@@ -5,11 +5,11 @@
 
 Gem::Specification.new do |s|
   s.name = %q{devise_openid_authenticatable}
-  s.version = "1.0.0.alpha6"
+  s.version = "1.0.0.alpha7"
 
   s.required_rubygems_version = Gem::Requirement.new("> 1.3.1") if s.respond_to? :required_rubygems_version=
   s.authors = ["Nat Budin"]
-  s.date = %q{2010-08-19}
+  s.date = %q{2010-09-08}
   s.description = %q{OpenID authentication module for Devise using Rack::OpenID}
   s.email = %q{natbudin@gmail.com}
   s.extra_rdoc_files = [
@@ -34,6 +34,7 @@ Gem::Specification.new do |s|
      "spec/scenario/app/controllers/home_controller.rb",
      "spec/scenario/app/controllers/sessions_controller.rb",
      "spec/scenario/app/models/user.rb",
+     "spec/scenario/app/views/layouts/application.html.erb",
      "spec/scenario/app/views/sessions/new.html.erb",
      "spec/scenario/config.ru",
      "spec/scenario/config/application.rb",
@@ -50,8 +51,7 @@ Gem::Specification.new do |s|
      "spec/scenario/db/schema.rb",
      "spec/spec_helper.rb",
      "spec/strategy_spec.rb",
-     "spec/support/migrations.rb",
-     "spec/support/patches.rb"
+     "spec/support/migrations.rb"
   ]
   s.homepage = %q{http://github.com/nbudin/devise_openid_authenticatable}
   s.rdoc_options = ["--charset=UTF-8"]
@@ -77,8 +77,7 @@ Gem::Specification.new do |s|
      "spec/scenario/db/schema.rb",
      "spec/spec_helper.rb",
      "spec/strategy_spec.rb",
-     "spec/support/migrations.rb",
-     "spec/support/patches.rb"
+     "spec/support/migrations.rb"
   ]
 
   if s.respond_to? :specification_version then
@@ -87,14 +86,14 @@ Gem::Specification.new do |s|
 
     if Gem::Version.new(Gem::VERSION) >= Gem::Version.new('1.2.0') then
       s.add_runtime_dependency(%q<devise>, [">= 1.0.6"])
-      s.add_runtime_dependency(%q<rack-openid>, [">= 1.0.3"])
+      s.add_runtime_dependency(%q<rack-openid>, [">= 1.2.0"])
     else
       s.add_dependency(%q<devise>, [">= 1.0.6"])
-      s.add_dependency(%q<rack-openid>, [">= 1.0.3"])
+      s.add_dependency(%q<rack-openid>, [">= 1.2.0"])
     end
   else
     s.add_dependency(%q<devise>, [">= 1.0.6"])
-    s.add_dependency(%q<rack-openid>, [">= 1.0.3"])
+    s.add_dependency(%q<rack-openid>, [">= 1.2.0"])
   end
 end
 

data/lib/devise_openid_authenticatable/strategy.rb

@@ -1,99 +1,112 @@
 require 'devise/strategies/base'
 require 'rack/openid'
 
-module Devise
-  module Strategies
-    class OpenidAuthenticatable < Base
+base_class = begin
+  Devise::Strategies::Authenticatable
+rescue
+  Devise::Strategies::Base
+end
 
-      def valid?
-        valid_mapping? && ( provider_response? || identity_param? )
-      end
+class Devise::Strategies::OpenidAuthenticatable < base_class
 
-      def authenticate!
-        logger.debug("Authenticating with OpenID for mapping #{mapping.to}")
+  def valid?
+    valid_mapping? && ( provider_response? || identity_param? )
+  end
 
-        if provider_response
-          handle_response!
-        else # Delegate authentication to Rack::OpenID by throwing a 401
-          opts = { :identifier => params[scope]["identity_url"] }
-          opts[:optional] = mapping.to.openid_optional_fields if mapping.to.respond_to?(:openid_optional_fields)
-          opts[:required] = mapping.to.openid_required_fields if mapping.to.respond_to?(:openid_required_fields)
-          custom! [401, { Rack::OpenID::AUTHENTICATE_HEADER => Rack::OpenID.build_header(opts) }, "Sign in with OpenID"]
-        end
-      end
+  def authenticate!
+    logger.debug("Authenticating with OpenID for mapping #{mapping.to}")
 
-      protected
-
-        # Handles incoming provider response
-        def handle_response!
-          logger.debug "Attempting OpenID auth: #{provider_response.inspect}"
-
-          case provider_response.status
-          when :success
-            resource = mapping.to.find_by_identity_url(provider_response.identity_url)
-            if resource.nil? && mapping.to.respond_to?(:create_from_identity_url)
-              resource = mapping.to.create_from_identity_url(provider_response.identity_url)
-            end
-
-            if resource
-              update_resource!(resource)
-              success!(resource)
-            else
-              fail! "This OpenID URL is not associated with any registered user"
-            end
-
-          when :cancel
-            fail! "OpenID authentication cancelled"
-          when :failure
-            fail! "OpenID authentication failed"
-          end
-        end
+    if provider_response
+      handle_response!
+    else # Delegate authentication to Rack::OpenID by throwing a 401
+      opts = { :identifier => params[scope]["identity_url"], :return_to => return_url, :method => 'post' }
+      opts[:optional] = mapping.to.openid_optional_fields if mapping.to.respond_to?(:openid_optional_fields)
+      opts[:required] = mapping.to.openid_required_fields if mapping.to.respond_to?(:openid_required_fields)
+      custom! [401, { Rack::OpenID::AUTHENTICATE_HEADER => Rack::OpenID.build_header(opts) }, "Sign in with OpenID"]
+    end
+  end
 
-      private
+  protected
 
-        def provider_response?
-          !!provider_response
-        end
+    # Handles incoming provider response
+    def handle_response!
+      logger.debug "Attempting OpenID auth: #{provider_response.inspect}"
 
-        def provider_response
-          env[Rack::OpenID::RESPONSE]
+      case provider_response.status
+      when :success
+        resource = mapping.to.find_by_identity_url(provider_response.identity_url)
+        if resource.nil? && mapping.to.respond_to?(:create_from_identity_url)
+          resource = mapping.to.create_from_identity_url(provider_response.identity_url)
         end
 
-        def valid_mapping?
-          mapping.to.respond_to?(:find_by_identity_url)
+        if resource
+          update_resource!(resource)
+          success!(resource)
+        else
+          fail! "This OpenID URL is not associated with any registered user"
         end
 
-        def identity_param?
-          params[scope].try(:[], 'identity_url').present?
-        end
+      when :cancel
+        fail! "OpenID authentication cancelled"
+      when :failure
+        fail! "OpenID authentication failed"
+      end
+    end
 
-        def update_resource!(resource)
-          return unless resource.respond_to?(:openid_fields=)
-
-          fields = nil
-          if axr = OpenID::AX::FetchResponse.from_success_response(provider_response)
-            fields = axr.data
-          else
-            provider_response.message.namespaces.each do |uri, ns_alias|
-              if ns_alias.to_s == "sreg"
-                fields = provider_response.extension_response(uri, true)
-                break
-              end
-            end
-          end
+  private
+
+    def provider_response?
+      !!provider_response
+    end
+
+    def provider_response
+      env[Rack::OpenID::RESPONSE]
+    end
+
+    def valid_mapping?
+      mapping.to.respond_to?(:find_by_identity_url)
+    end
+
+    def identity_param?
+      params[scope].try(:[], 'identity_url').present?
+    end
 
-          if fields
-            resource.openid_fields = fields
-            resource.save
+    def update_resource!(resource)
+      return unless resource.respond_to?(:openid_fields=)
+
+      fields = nil
+      if axr = OpenID::AX::FetchResponse.from_success_response(provider_response)
+        fields = axr.data
+      else
+        provider_response.message.namespaces.each do |uri, ns_alias|
+          if ns_alias.to_s == "sreg"
+            fields = provider_response.extension_response(uri, true)
+            break
           end
         end
+      end
 
-        def logger
-          @logger ||= ((Rails && Rails.logger) || RAILS_DEFAULT_LOGGER)
-        end
+      if fields
+        resource.openid_fields = fields
+        resource.save
+      end
+    end
 
+    def logger
+      @logger ||= ((Rails && Rails.logger) || RAILS_DEFAULT_LOGGER)
     end
-  end
+    
+    def return_url
+      return_to = URI.parse(request.url)
+      scope_params = params[scope].inject({}) do |return_params, pair|
+        param, value = pair
+        return_params["#{scope}[#{param}]"] = value
+        return_params
+      end
+      return_to.query = Rack::Utils.build_query(scope_params)
+      return_to.to_s
+    end
+
 end
 
 Warden::Strategies.add :openid_authenticatable, Devise::Strategies::OpenidAuthenticatable

data/spec/scenario/app/models/user.rb

@@ -1,5 +1,5 @@
 class User < ActiveRecord::Base
-  devise :openid_authenticatable
+  devise :openid_authenticatable, :rememberable
 
   def self.create_from_identity_url(identity_url)
     create do |user|

data/spec/scenario/app/views/layouts/application.html.erb

@@ -0,0 +1,8 @@
+<html>
+  <body>
+    <p class="alert"><%= alert %></p>
+    <p class="notice"><%= notice %></p>
+  
+    <%= yield %>
+  </body>
+</html>

data/spec/scenario/db/migrate/20100401102949_create_tables.rb

@@ -2,6 +2,7 @@ class CreateTables < ActiveRecord::Migration
   def self.up
     create_table :users do |t|
       t.openid_authenticatable
+      t.rememberable
       t.string :email
       t.timestamps
     end

data/spec/spec_helper.rb

@@ -5,10 +5,44 @@ $:.unshift File.expand_path('../../lib', __FILE__)
 require "scenario/config/environment"
 require "rails/test_help"
 require 'rspec/rails'
+require 'sham_rack'
+require 'rots'
 
 Webrat.configure do |config|
   config.mode = :rails
   config.open_error_files = false
 end
 
+RSpec.configure do |config| 
+  config.mock_with :mocha 
+end
+
+# This is mostly copied in from bin/rots; they don't provide a single app class we could just reuse, unfortunately
+
+rots_config = YAML.load(<<-ROTS_CONFIG)
+# Default configuration file
+identity: myid
+sreg:
+  nickname: jdoe
+  fullname: John Doe
+  email: jhon@doe.com
+  dob: 1985-09-21
+  gender: M
+ROTS_CONFIG
+
+rots_server_options = {
+  :storage => File.join(File.dirname(__FILE__), 'scenario', 'tmp', 'rots')
+}
+rots_server = Rack::Builder.new do 
+  use Rack::Lint
+  map ("/%s" % rots_config['identity']) do
+    run Rots::IdentityPageApp.new(rots_config, rots_server_options)
+  end
+  map "/server" do
+    run Rots::ServerApp.new(rots_config, rots_server_options)
+  end
+end
+
+ShamRack.mount(rots_server, 'openid.example.org')
+
 Dir["#{File.dirname(__FILE__)}/support/**/*.rb"].each { |f| require f }

data/spec/strategy_spec.rb

@@ -25,7 +25,8 @@ describe Devise::Strategies::OpenidAuthenticatable do
     ax_info  = mock('AXInfo', :data => { "http://axschema.org/contact/email" => ["dimitrij@example.com"] })
     OpenID::AX::FetchResponse.stubs(:from_success_response).returns(ax_info)
 
-    endpoint = mock('EndPoint', :claimed_id => identity)
+    endpoint = mock('EndPoint')
+    endpoint.stubs(:claimed_id).returns(identity)
     success  = OpenID::Consumer::SuccessResponse.new(endpoint, OpenID::Message.new, "ANY")
     OpenID::Consumer.any_instance.stubs(:complete_id_res).returns(success)
   end
@@ -82,13 +83,31 @@ describe Devise::Strategies::OpenidAuthenticatable do
 
   describe "POST /users/sign_in (with a valid identity URL param)" do
     before do
-      Rack::OpenID.any_instance.stubs(:begin_authentication).returns([302, {'location' => 'http://openid.example.org/auth'}, ''])
+      Rack::OpenID.any_instance.stubs(:begin_authentication).returns([302, {'location' => 'http://openid.example.org/server'}, ''])
       post '/users/sign_in', 'user' => { 'identity_url' => 'http://openid.example.org/myid' }
     end
 
     it 'should forward request to provider' do
       response.should be_redirect
-      response.should redirect_to('http://openid.example.org/auth')
+      response.should redirect_to('http://openid.example.org/server')
+    end
+  end
+  
+  describe "POST /users/sign_in (with rememberable)" do
+    before do
+      post '/users/sign_in', 'user' => { 'identity_url' => 'http://openid.example.org/myid', 'remember_me' => 1 }
+    end
+    
+    it 'should forward request to provider, with params preserved' do
+      response.should be_redirect
+      redirect_uri = URI.parse(response.header['Location'])
+      redirect_uri.host.should == "openid.example.org"
+      redirect_uri.path.should match(/^\/server/)
+      
+      # Crack open the redirect URI and extract the return parameter from it, then parse it too
+      req = Rack::Request.new(Rack::MockRequest.env_for(redirect_uri.to_s))
+      return_req = Rack::Request.new(Rack::MockRequest.env_for(req.params['openid.return_to']))
+      return_req.params['user']['remember_me'].to_i.should == 1
     end
   end
 
@@ -136,6 +155,26 @@ describe Devise::Strategies::OpenidAuthenticatable do
       User.first.email.should == 'dimitrij@example.com'
     end
   end
+  
+  describe "POST /users/sign_in (from OpenID provider, success, rememberable)" do
+
+    before do
+      stub_completion
+      post '/users/sign_in', openid_params.merge("_method"=>"post", "user" => { "remember_me" => 1 })
+    end
+
+    it 'should accept authentication with success' do
+      response.should be_redirect
+      response.should redirect_to('http://www.example.com/')
+      flash[:notice].should match(/success/i)
+    end
+
+    it 'should update user-records with retrieved information and remember token' do
+      User.should have(1).record
+      User.first.email.should == 'dimitrij@example.com'
+      User.first.remember_token.should_not be_nil
+    end
+  end
 
   describe "POST /users/sign_in (from OpenID provider, success, new user)" do
 

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification 
 name: devise_openid_authenticatable
 version: !ruby/object:Gem::Version 
-  hash: -1710980388
+  hash: -1710980387
   prerelease: true
   segments: 
   - 1
   - 0
   - 0
-  - alpha6
-  version: 1.0.0.alpha6
+  - alpha7
+  version: 1.0.0.alpha7
 platform: ruby
 authors: 
 - Nat Budin
@@ -16,7 +16,7 @@ autorequire:
 bindir: bin
 cert_chain: []
 
-date: 2010-08-19 00:00:00 -04:00
+date: 2010-09-08 00:00:00 -04:00
 default_executable: 
 dependencies: 
 - !ruby/object:Gem::Dependency 
@@ -43,12 +43,12 @@ dependencies:
     requirements: 
     - - ">="
       - !ruby/object:Gem::Version 
-        hash: 17
+        hash: 31
         segments: 
         - 1
+        - 2
         - 0
-        - 3
-        version: 1.0.3
+        version: 1.2.0
   type: :runtime
   version_requirements: *id002
 description: OpenID authentication module for Devise using Rack::OpenID
@@ -78,6 +78,7 @@ files:
 - spec/scenario/app/controllers/home_controller.rb
 - spec/scenario/app/controllers/sessions_controller.rb
 - spec/scenario/app/models/user.rb
+- spec/scenario/app/views/layouts/application.html.erb
 - spec/scenario/app/views/sessions/new.html.erb
 - spec/scenario/config.ru
 - spec/scenario/config/application.rb
@@ -95,7 +96,6 @@ files:
 - spec/spec_helper.rb
 - spec/strategy_spec.rb
 - spec/support/migrations.rb
-- spec/support/patches.rb
 has_rdoc: true
 homepage: http://github.com/nbudin/devise_openid_authenticatable
 licenses: []
@@ -152,4 +152,3 @@ test_files:
 - spec/spec_helper.rb
 - spec/strategy_spec.rb
 - spec/support/migrations.rb
-- spec/support/patches.rb

data/spec/support/patches.rb

@@ -1,4 +0,0 @@
-# Patch Webrat
-Webrat::Methods.module_eval do
-  undef_method :response
-end