eric1234-sinatra-authorization 1.1

data/README.rdoc

@@ -0,0 +1,25 @@
+= Sinatra Authorization
+
+HTTP Authorization helpers for Sinatra.
+
+== Example
+
+require "sinatra/authorization"
+
+set :authorization_realm, "Protected zone"
+
+helpers do
+  def authorize(login, password)
+    login == "admin" && password == "secret"
+  end
+end
+
+get "/" do
+  "Hello"
+end
+
+get "/admin" do
+  login_required
+
+  "Welcome in protected zone"
+end

data/Rakefile

@@ -0,0 +1,14 @@
+gem "sr-mg", "0.0.2"
+
+task :default => :test
+
+desc "Run tests"
+task :test do
+  ruby "-r rubygems test/authorization_test.rb"
+end
+
+begin
+  require "mg"
+  MG.new("sinatra-authorization.gemspec")
+rescue LoadError
+end

data/lib/sinatra/authorization.rb

@@ -0,0 +1,93 @@
+require "sinatra/base"
+
+module Sinatra
+  # HTTP Authorization helpers for Sinatra.
+  #
+  # In your helpers module, include Sinatra::Authorization and then define
+  # an #authorize(user, password) method to handle user provided
+  # credentials.
+  #
+  # Inside your events, call #login_required to trigger the HTTP
+  # Authorization window to pop up in the browser.
+  #
+  # Code adapted from {Ryan Tomayko}[http://tomayko.com/about] and
+  # {Christopher Schneid}[http://gittr.com], shared under an MIT License
+  module Authorization
+    module Helpers
+      # Redefine this method on your helpers block to actually contain
+      # your authorization logic.
+      def authorize(username, password)
+        false
+      end
+
+      # From you app, call set :authorization_realm, "my app" to set this
+      # or define a #authorization_realm method in your helpers block.
+      def authorization_realm
+        options.authorization_realm
+      end
+
+      # Call in any event that requires authentication
+      def login_required
+        return if authorized?
+        unauthorized! unless auth.provided?
+        bad_request!  unless auth.basic?
+        unauthorized! unless authorize(*auth.credentials)
+        request.env['REMOTE_USER'] = auth.username
+      end
+
+      # Convenience method to determine if a user is logged in
+      def authorized?
+        !!current_user
+      end
+      alias :logged_in? :authorized?
+
+      # Name provided by the current user to log in
+      def current_user
+        request.env['REMOTE_USER'] = auth.username if
+          auth.provided? && auth.basic? && authorize(*auth.credentials)
+        request.env['REMOTE_USER']
+      end
+
+      private
+        def auth
+          @auth ||= Rack::Auth::Basic::Request.new(request.env)
+        end
+
+        def unauthorized!(realm=authorization_realm)
+          response["WWW-Authenticate"] = %(Basic realm="#{realm}")
+          throw :halt, [ 401, 'Authorization Required' ]
+        end
+
+        def bad_request!
+          throw :halt, [ 400, 'Bad Request' ]
+        end
+    end
+
+    module DSL
+      def protecting(*patterns)
+        @protected_routes = []
+        @protected_routes += patterns
+      end
+
+      def protecting?(path)
+        @protected_routes && @protected_routes.any? { |pattern| path =~ pattern }
+      end
+
+      def authorize(realm="app", &block)
+        define_method(:authorization_realm) { realm }
+        define_method(:authorize, &block)
+        
+        before do
+          login_required if self.class.protecting?(request.path_info)
+        end
+      end
+    end
+
+    def self.registered(app)
+      Sinatra.register(DSL)
+      app.helpers Helpers
+    end
+  end
+
+  register Authorization
+end

data/sinatra-authorization.gemspec

@@ -0,0 +1,20 @@
+Gem::Specification.new do |s|
+  s.name     = "sinatra-authorization"
+  s.rubyforge_project = "integrity"
+  s.version  = "1.1"
+  s.date     = "2009-04-19"
+  s.summary  = "HTTP Authorization helpers for Sinatra."
+  s.description  = "HTTP Authorization helpers for Sinatra."
+  s.homepage = "http://github.com/integrity/sinatra-authorization"
+  s.email    = "info@integrityapp.com"
+  s.authors  = ["Nicolás Sanguinetti", "Simon Rozet"]
+  s.has_rdoc = false
+  s.files    = %w[
+README.rdoc
+Rakefile
+sinatra-authorization.gemspec
+lib/sinatra/authorization.rb
+test/authorization_test.rb
+]
+  s.add_dependency("sinatra", [">= 0.9.1.1"])
+end

data/test/authorization_test.rb

@@ -0,0 +1,157 @@
+require "test/unit"
+require "rack/test"
+
+gem 'jeremymcanally-context', '0.5.5'
+require "context"
+gem 'jeremymcanally-pending', '0.1'
+require "pending"
+
+require File.dirname(__FILE__) + "/../lib/sinatra/authorization"
+
+class AuthorizationApp < Sinatra::Default
+  set :environment, :test
+
+  get "/" do
+    login_required
+
+    "Welcome #{current_user} to the protected zone (#{authorized?.to_s})"
+  end
+
+  get '/public' do
+    if authorized?
+      "#{current_user} is logged in!"
+    else
+      "Some anonymous user"
+    end
+  end
+
+  def authorize(username, password)
+    username == "user" && password = "test"
+  end
+
+  def authorization_realm
+    "Move on"
+  end
+end
+
+class AnotherAuthApp < Sinatra::Default
+  set :environment, :test
+  set :authorization_realm, 'Continue'
+
+  get "/" do
+    login_required
+
+    "Welcome in protected zone"
+  end
+
+  def authorize(username, password)
+    username == "user" && password = "test"
+  end
+end
+
+class SugarApp < Sinatra::Default
+  set :environment, :test
+
+  authorize 'The Sugar App' do |*credentials|
+    credentials == ['fizz', 'buzz']
+  end
+
+  protecting %r|/sekret|
+
+  get '/' do
+    login_required
+    'ok'
+  end
+
+  get '/ok' do
+    'ok'
+  end
+
+  get '/sekret' do
+    'ok'
+  end
+end
+
+class SinatraAuthorizationTest < Test::Unit::TestCase
+  before do
+    @session = Rack::Test::Session.new(AuthorizationApp)
+  end
+
+  def basic_auth(user="user", password="test")
+    credentials = ["#{user}:#{password}"].pack("m*")
+
+    { "HTTP_AUTHORIZATION" => "Basic #{credentials}" }
+  end
+
+  it "is authorized with correct credentials" do
+    @session.get "/", {}, basic_auth
+    assert_equal 200, @session.last_response.status
+    assert_equal 'user', @session.last_request.env['REMOTE_USER']
+
+    # Ensure current_user and authorized? works. The body indicates this
+    assert_equal "Welcome user to the protected zone (true)",
+      @session.last_response.body
+
+    # Request a public page in the same session still logged in
+    @session.get "/public", {}, basic_auth
+    assert_equal 200, @session.last_response.status
+    assert_equal 'user', @session.last_request.env['REMOTE_USER']
+    assert_equal "user is logged in!", @session.last_response.body
+  end
+
+  it "can access a public page" do
+    @session.get "/public"
+    assert_equal "Some anonymous user", @session.last_response.body
+  end
+
+  it "is unauthorized without credentials" do
+    @session.get "/"
+    assert_equal 401, @session.last_response.status
+  end
+
+  it "is unauthorized with incorrect credentials" do
+    @session.get "/", {}, basic_auth("evil", "wrong")
+    assert_equal 401, @session.last_response.status
+  end
+
+  it "returns specified realm" do
+    @session.get "/"
+    assert_equal %Q(Basic realm="Move on"), @session.last_response["WWW-Authenticate"]
+
+    @session = Rack::Test::Session.new(AnotherAuthApp)
+    @session.get "/"
+    assert_equal %Q(Basic realm="Continue"), @session.last_response["WWW-Authenticate"]
+  end
+
+  it "returns a 400, Bad Request if not basic auth" do
+    @session.get "/", {}, { "HTTP_AUTHORIZATION" => "Foo bar" }
+    assert_equal 400, @session.last_response.status
+  end
+
+  describe "sugarly" do
+    before do
+      @session = Rack::Test::Session.new(SugarApp)
+    end
+
+    it "generates #authorize method via DSL" do
+      @session.get '/'
+      assert_equal 401, @session.last_response.status
+
+      @session.get '/', {}, basic_auth('fizz', 'buzz')
+      assert_equal 200, @session.last_response.status
+    end
+
+    it "allows realm to be specified" do
+      @session.get '/'
+      assert_equal %Q(Basic realm="The Sugar App"), @session.last_response["WWW-Authenticate"]
+    end
+
+    it "allows protected actions to be specified" do
+      @session.get '/ok'
+      assert_equal 200, @session.last_response.status
+
+      @session.get '/sekret'
+      assert_equal 401, @session.last_response.status
+    end
+  end
+end

metadata

@@ -0,0 +1,68 @@
+--- !ruby/object:Gem::Specification 
+name: eric1234-sinatra-authorization
+version: !ruby/object:Gem::Version 
+  version: "1.1"
+platform: ruby
+authors: 
+- "Nicol\xC3\xA1s Sanguinetti"
+- Simon Rozet
+autorequire: 
+bindir: bin
+cert_chain: []
+
+date: 2009-04-19 00:00:00 -07:00
+default_executable: 
+dependencies: 
+- !ruby/object:Gem::Dependency 
+  name: sinatra
+  type: :runtime
+  version_requirement: 
+  version_requirements: !ruby/object:Gem::Requirement 
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        version: 0.9.1.1
+    version: 
+description: HTTP Authorization helpers for Sinatra.
+email: info@integrityapp.com
+executables: []
+
+extensions: []
+
+extra_rdoc_files: []
+
+files: 
+- README.rdoc
+- Rakefile
+- sinatra-authorization.gemspec
+- lib/sinatra/authorization.rb
+- test/authorization_test.rb
+has_rdoc: false
+homepage: http://github.com/integrity/sinatra-authorization
+licenses: 
+post_install_message: 
+rdoc_options: []
+
+require_paths: 
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement 
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      version: "0"
+  version: 
+required_rubygems_version: !ruby/object:Gem::Requirement 
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      version: "0"
+  version: 
+requirements: []
+
+rubyforge_project: integrity
+rubygems_version: 1.3.5
+signing_key: 
+specification_version: 2
+summary: HTTP Authorization helpers for Sinatra.
+test_files: []
+