devise_pam_authenticatable2 3.0.0 → 4.0.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 16387d390e7ee4a8e8c85d26e353126718a25e07
4
- data.tar.gz: 0ed2cccb98705bdf0144e8b5a0c08df4d76e58d0
3
+ metadata.gz: 4f9628d3cf2664bae5f639899ba105b4c7bbcfb2
4
+ data.tar.gz: b7be5e5d0e46c978b11952d5b760a13779c53493
5
5
  SHA512:
6
- metadata.gz: c8ed07a8892ddbb2ac01d182dfc439f0f062a0384098e88ac1002423f532bc8183a93fdfb60538ca98f6cfb67e88638ca3d1381de4f4da7c76d5bdaf35b70234
7
- data.tar.gz: ba2e9ec56067359e235c1d729a8c18f0a5c1ed27d883a80fc0adc59d1f89fdcd0964643de2b38e7efa406ce04c148bd0e31cb0792256f62ab0ea68e0e3bf946e
6
+ metadata.gz: 2c3ba8094e16ece90da12a97d38ff4ea0b867fceb42a81293accdfe0c0fe20a1a1773ad4892e44ae75c445e068d5cdb9519f5b742a9ebe1536c4d0b784a91e36
7
+ data.tar.gz: 53bfd564175eb464ebadfc3e89baeabcf0e3a56eb4e38504df28faa73d82fbd2326f45c6ab7e149d742e4d600d0b13aee1a95cf5e196e6b20dcf45ed8bf628bc
data/README.md CHANGED
@@ -51,6 +51,7 @@ Options:
51
51
  * config.pam_default_suffix = "pam" # username@pam = username
52
52
  * config.emailfield = "email" # set emailfield, set to nil if not available
53
53
  * config.usernamefield = "username" # set to nil to disable username (only email extraction)
54
+ * config.check_at_sign = false # detect if email field contains username by @ sign (make sure names cannot contain @ signs)
54
55
 
55
56
  References
56
57
  ----------
data/VERSION CHANGED
@@ -1 +1 @@
1
- 3.0.0
1
+ 4.0.0
@@ -2,16 +2,16 @@
2
2
  # DO NOT EDIT THIS FILE DIRECTLY
3
3
  # Instead, edit Jeweler::Tasks in Rakefile, and run 'rake gemspec'
4
4
  # -*- encoding: utf-8 -*-
5
- # stub: devise_pam_authenticatable2 3.0.0 ruby lib
5
+ # stub: devise_pam_authenticatable2 4.0.0 ruby lib
6
6
 
7
7
  Gem::Specification.new do |s|
8
8
  s.name = "devise_pam_authenticatable2".freeze
9
- s.version = "3.0.0"
9
+ s.version = "4.0.0"
10
10
 
11
11
  s.required_rubygems_version = Gem::Requirement.new(">= 0".freeze) if s.respond_to? :required_rubygems_version=
12
12
  s.require_paths = ["lib".freeze]
13
13
  s.authors = ["James Wilson".freeze, "Alexander Kaftan".freeze]
14
- s.date = "2017-11-28"
14
+ s.date = "2018-01-16"
15
15
  s.description = "For authenticating against PAM (Pluggable Authentication Modules)".freeze
16
16
  s.email = "devkral@web.de".freeze
17
17
  s.extra_rdoc_files = [
@@ -5,16 +5,18 @@ require 'devise_pam_authenticatable/model'
5
5
  require 'devise_pam_authenticatable/strategy'
6
6
  module Devise
7
7
  mattr_accessor :pam_default_service
8
- @@pam_default_service = "rpam"
8
+ @@pam_default_service = 'rpam'
9
9
  mattr_accessor :pam_default_suffix
10
10
  @@pam_default_suffix = nil
11
11
  mattr_accessor :emailfield
12
- @@emailfield = "email"
12
+ @@emailfield = 'email'
13
13
  mattr_accessor :usernamefield
14
- @@usernamefield = "username"
14
+ @@usernamefield = 'username'
15
+ mattr_accessor :check_at_sign
16
+ @@check_at_sign = false
15
17
  end
16
18
  Devise.add_module(:pam_authenticatable,
17
19
  :route => :session,
18
20
  :strategy => true,
19
21
  :controller => :sessions,
20
- :model => "devise_pam_authenticatable/model")
22
+ :model => 'devise_pam_authenticatable/model')
@@ -3,33 +3,18 @@ require 'devise_pam_authenticatable/strategy'
3
3
  module Devise
4
4
  module Models
5
5
  module PamAuthenticatable
6
- def self.included(base)
7
- base.class_eval do
8
- extend ClassMethods
9
- attr_accessor :password
10
- end
11
- end
12
-
13
- def self.required_fields(klass)
14
- []
15
- end
16
-
17
- # Set password to nil
18
- def clean_up_passwords
19
- self.password = nil
20
- end
21
6
 
22
7
  def get_service
23
- return self.class.pam_service if self.class.instance_variable_defined?("@pam_service")
24
- ::Devise::pam_default_service
8
+ return self.class.pam_service if self.class.instance_variable_defined?('@pam_service')
9
+ ::Devise.pam_default_service
25
10
  end
26
11
 
27
12
  def get_suffix
28
- return self.class.pam_suffix if self.class.instance_variable_defined?("@pam_suffix")
29
- ::Devise::pam_default_suffix
13
+ return self.class.pam_suffix if self.class.instance_variable_defined?('@pam_suffix')
14
+ ::Devise.pam_default_suffix
30
15
  end
31
16
 
32
- def pam_on_filled_pw(attributes)
17
+ def pam_on_filled_pw(_attributes)
33
18
  # use blank password as discriminator between traditional login and pam login?
34
19
  # to disable login with pam return nil elsewise return a (different?) user object
35
20
  # as default assume there is no conflict and return user object
@@ -37,68 +22,70 @@ module Devise
37
22
  end
38
23
 
39
24
  def pam_setup(attributes)
40
- return unless ::Devise::emailfield && ::Devise::usernamefield
41
- self[::Devise::emailfield] = Rpam2.getenv(get_service, get_pam_name, attributes[:password], "email", false)
42
- self[::Devise::emailfield] = attributes[::Devise::emailfield] if self[::Devise::emailfield].nil?
43
- self[::Devise::emailfield] = "#{self[::Devise::usernamefield]}@#{get_suffix}" if self[::Devise::emailfield].nil? && get_suffix
25
+ return unless ::Devise.emailfield && ::Devise.usernamefield
26
+ self[::Devise.emailfield] = Rpam2.getenv(get_service, get_pam_name, attributes[:password], 'email', false)
27
+ self[::Devise.emailfield] = attributes[::Devise.emailfield] if self[::Devise.emailfield].nil?
28
+ self[::Devise.emailfield] = "#{self[::Devise.usernamefield]}@#{get_suffix}" if self[::Devise.emailfield].nil? && get_suffix
44
29
  end
45
30
 
46
31
  def password_required?
47
- return false
32
+ false
48
33
  end
49
34
 
50
35
  def get_pam_name
51
- return self[::Devise::usernamefield] if ::Devise::usernamefield
52
- suffix = get_suffix()
53
- return nil unless suffix && ::Devise::emailfield
54
- email = "#{self[::Devise::emailfield]}\n"
36
+ return self[::Devise.usernamefield] if ::Devise.usernamefield && self[::Devise.usernamefield]
37
+ suffix = get_suffix
38
+ return nil unless suffix && ::Devise.emailfield
39
+ email = "#{self[::Devise.emailfield]}\n"
55
40
  pos = email.index("@#{suffix}\n")
56
41
  return nil unless pos
57
42
  email.slice(0, pos)
58
43
  end
59
44
 
60
45
  # Checks if a resource is valid upon authentication.
61
- def valid_pam_authentication?(password)
62
- Rpam2.auth(get_service, get_pam_name, password)
46
+ def valid_pam_authentication?(pw)
47
+ return nil unless get_pam_name
48
+ Rpam2.auth(get_service, get_pam_name, pw)
63
49
  end
64
50
 
65
51
  module ClassMethods
66
52
  Devise::Models.config(self, :pam_service, :pam_suffix)
67
53
 
68
- def authenticate_with_pam(attributes={})
69
- if ::Devise::usernamefield && attributes[::Devise::usernamefield]
70
- resource = where(::Devise::usernamefield => attributes[::Devise::usernamefield]).first
54
+ def authenticate_with_pam(attributes = {})
55
+ return nil unless attributes[:password]
56
+ if ::Devise.usernamefield && attributes[:username]
57
+ resource = find_by(::Devise.usernamefield => attributes[:username])
71
58
 
72
59
  if resource.blank?
73
60
  resource = new
74
- resource[::Devise::usernamefield] = attributes[::Devise::usernamefield]
61
+ resource[::Devise.usernamefield] = attributes[:username]
75
62
  end
76
- elsif ::Devise::emailfield
77
- return nil unless attributes[::Devise::emailfield]
78
- resource = where(::Devise::emailfield => attributes[::Devise::emailfield]).first
63
+ elsif ::Devise.emailfield
64
+ return nil unless attributes[:email]
65
+ resource = find_by(::Devise.emailfield => attributes[:email])
79
66
 
80
- if resource.blank? && ::Devise::usernamefield.nil?
67
+ if resource.blank?
81
68
  resource = new
82
- resource[::Devise::emailfield] = attributes[::Devise::emailfield]
83
- elsif resource.blank?
84
- return nil
69
+ if ::Devise.check_at_sign && ::Devise.usernamefield && attributes[:email].index('@').nil?
70
+ # use email as username
71
+ resource[::Devise.usernamefield] = attributes[:email]
72
+ else
73
+ resource[::Devise.emailfield] = attributes[:email]
74
+ end
85
75
  end
86
76
  else
87
77
  return nil
88
78
  end
89
79
 
90
80
  # potential conflict detected
91
- resource = resource.pam_on_filled_pw(attributes) unless resource.password.blank?
81
+ resource = resource.pam_on_filled_pw(attributes) if resource.respond_to?('password') && resource.password.present?
92
82
 
93
- if resource && resource.try(:valid_pam_authentication?, attributes[:password])
94
- if resource.new_record?
95
- resource.pam_setup(attributes)
96
- resource.save!
97
- end
98
- return resource
99
- else
100
- return nil
83
+ return nil unless resource && resource.try(:valid_pam_authentication?, attributes[:password])
84
+ if resource.new_record?
85
+ resource.pam_setup(attributes)
86
+ resource.save!
101
87
  end
88
+ resource
102
89
  end
103
90
  end
104
91
  end
@@ -1,15 +1,18 @@
1
1
  require 'devise/strategies/base'
2
2
 
3
+
3
4
  class Devise::Strategies::PamAuthenticatable < Devise::Strategies::Authenticatable
5
+ def valid?
6
+ super && (::Devise.emailfield || ::Devise.usernamefield)
7
+ end
4
8
 
5
9
  def authenticate!
6
- if resource = mapping.to.authenticate_with_pam(params[scope])
10
+ if (resource = mapping.to.authenticate_with_pam(params[scope].clone))
7
11
  success!(resource)
8
12
  else
9
13
  fail(:invalid)
10
14
  end
11
15
  end
12
-
13
16
  end
14
17
 
15
18
  Warden::Strategies.add(:pam_authenticatable, Devise::Strategies::PamAuthenticatable)
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: devise_pam_authenticatable2
3
3
  version: !ruby/object:Gem::Version
4
- version: 3.0.0
4
+ version: 4.0.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - James Wilson
@@ -9,7 +9,7 @@ authors:
9
9
  autorequire:
10
10
  bindir: bin
11
11
  cert_chain: []
12
- date: 2017-11-28 00:00:00.000000000 Z
12
+ date: 2018-01-16 00:00:00.000000000 Z
13
13
  dependencies:
14
14
  - !ruby/object:Gem::Dependency
15
15
  name: devise