foreverman-authlogic-connect 0.0.1

data/lib/authlogic_connect/openid/variables.rb

@@ -0,0 +1,19 @@
+module AuthlogicConnect::Openid::Variables
+  include AuthlogicConnect::Openid::State
+  
+  # openid_provider = "blogger", "myopenid", etc.
+  # openid_identifier = "viatropos.myopenid.com", etc.
+  # openid_key = "viatropos"
+#  def openid_attributes
+#    [:openid_provider, :openid_identifier, :openid_key]
+#  end
+  
+  def openid_identifier
+    auth_params[:openid_identifier] if auth_params?
+  end
+  
+  def openid_provider
+    from_session_or_params(:openid_provider) if auth_controller?
+  end
+  
+end

data/lib/authlogic_connect/rack_state.rb

@@ -0,0 +1,19 @@
+class AuthlogicConnect::RackState
+  def initialize(app)
+    @app = app
+  end
+  
+  # this intercepts how the browser interprets the url.
+  # so we override it and say,
+  # "if we've stored a variable in the session called :auth_callback_method,
+  # then convert that into a POST call so we re-call the original method"
+  def call(env)
+    if env["rack.session"].nil?
+      raise "Make sure you are setting the session in Rack too!  Place this in config/application.rb"
+    end
+    unless env["rack.session"][:auth_callback_method].blank?
+      env["REQUEST_METHOD"] = env["rack.session"].delete(:auth_callback_method).to_s.upcase
+    end
+    @app.call(env)
+  end
+end

data/lib/open_id_authentication.rb

@@ -0,0 +1,127 @@
+# copied from open_id_authentication plugin on github
+require 'uri'
+require 'openid'
+require 'rack/openid'
+
+module OpenIdAuthentication
+  def self.new(app)
+    store = OpenIdAuthentication.store
+    if store.nil?
+      Rails.logger.warn "OpenIdAuthentication.store is nil. Using in-memory store."
+    end
+
+    ::Rack::OpenID.new(app, OpenIdAuthentication.store)
+  end
+
+  def self.store
+    @@store
+  end
+
+  def self.store=(*store_option)
+    store, *parameters = *([ store_option ].flatten)
+
+    @@store = case store
+    when :memory
+      require 'openid/store/memory'
+      OpenID::Store::Memory.new
+    when :file
+      require 'openid/store/filesystem'
+      OpenID::Store::Filesystem.new(Rails.root.join('tmp/openids'))
+    when :memcache
+      require 'memcache'
+      require 'openid/store/memcache'
+      OpenID::Store::Memcache.new(MemCache.new(parameters))
+    else
+      store
+    end
+  end
+
+  self.store = nil
+
+  class Result
+    ERROR_MESSAGES = {
+      :missing      => "Sorry, the OpenID server couldn't be found",
+      :invalid      => "Sorry, but this does not appear to be a valid OpenID",
+      :canceled     => "OpenID verification was canceled",
+      :failed       => "OpenID verification failed",
+      :setup_needed => "OpenID verification needs setup"
+    }
+
+    def self.[](code)
+      new(code)
+    end
+
+    def initialize(code)
+      @code = code
+    end
+
+    def status
+      @code
+    end
+
+    ERROR_MESSAGES.keys.each { |state| define_method("#{state}?") { @code == state } }
+
+    def successful?
+      @code == :successful
+    end
+
+    def unsuccessful?
+      ERROR_MESSAGES.keys.include?(@code)
+    end
+
+    def message
+      ERROR_MESSAGES[@code]
+    end
+  end
+
+  protected
+    # The parameter name of "openid_identifier" is used rather than
+    # the Rails convention "open_id_identifier" because that's what
+    # the specification dictates in order to get browser auto-complete
+    # working across sites
+    def using_open_id?(identifier = nil) #:doc:
+      identifier ||= open_id_identifier
+      !identifier.blank? || request.env[Rack::OpenID::RESPONSE]
+    end
+
+    def authenticate_with_open_id(identifier = nil, options = {}, &block) #:doc:
+      identifier ||= open_id_identifier
+      if request.env[Rack::OpenID::RESPONSE]
+        complete_open_id_authentication(&block)
+      else
+        begin_open_id_authentication(identifier, options, &block)
+      end
+    end
+
+  private
+    def open_id_identifier
+      params[:openid_identifier] || params[:openid_url]
+    end
+
+    def begin_open_id_authentication(identifier, options = {})
+      options[:identifier] = identifier
+      value = Rack::OpenID.build_header(options)
+      response.headers[Rack::OpenID::AUTHENTICATE_HEADER] = value
+      head :unauthorized
+    end
+
+    def complete_open_id_authentication
+      response   = request.env[Rack::OpenID::RESPONSE]
+      identifier = response.display_identifier
+      case response.status
+      when OpenID::Consumer::SUCCESS
+        yield Result[:successful], identifier,
+          OpenID::SReg::Response.from_success_response(response)
+      when :missing
+        yield Result[:missing], identifier, nil
+      when :invalid
+        yield Result[:invalid], identifier, nil
+      when OpenID::Consumer::CANCEL
+        yield Result[:canceled], identifier, nil
+      when OpenID::Consumer::FAILURE
+        yield Result[:failed], identifier, nil
+      when OpenID::Consumer::SETUP_NEEDED
+        yield Result[:setup_needed], response.setup_url, nil
+      end
+    end
+end

data/rails/init.rb

@@ -0,0 +1,19 @@
+require "authlogic-connect"
+
+# copied from open_id_authentication plugin on github
+
+# this is the Rails 2.x equivalent.
+# Rails 3 equivalent is in authlogic_connect/engine.rb
+if Rails.version < '3'
+  config.gem 'rack-openid', :lib => 'rack/openid', :version => '>=0.2.1'
+end
+
+require 'open_id_authentication'
+
+config.middleware.use OpenIdAuthentication
+config.middleware.use AuthlogicConnect::CallbackFilter
+
+config.after_initialize do
+  OpenID::Util.logger = Rails.logger
+  ActionController::Base.send :include, OpenIdAuthentication
+end

data/test/controllers/test_users_controller.rb

@@ -0,0 +1,21 @@
+require File.dirname(__FILE__) + '/../test_helper.rb'
+
+class UsersControllerTest < ActionController::TestCase
+
+  tests UsersController
+
+  context "when signed out" do
+    # setup { sign_out }
+
+    context "on GET to #new" do
+      
+      setup { get :new }
+
+      should "do something???" do
+        puts "REQUEST: #{@user.inspect}"
+      end
+      
+    end
+    
+  end
+end

data/test/database.yml

@@ -0,0 +1,3 @@
+test:
+  adapter: sqlite3
+  database: ":memory:"

data/test/libs/database.rb

@@ -0,0 +1,47 @@
+
+begin
+  ActiveRecord::Base.establish_connection(:adapter => "sqlite3", :database => ":memory:")
+rescue ArgumentError
+  ActiveRecord::Base.establish_connection(:adapter => "sqlite3", :dbfile => ":memory:")
+end
+
+ActiveRecord::Base.configurations = true
+
+# this schema was directly copied from 
+# http://github.com/viatropos/authlogic-connect-example/blob/master/db/schema.rb
+ActiveRecord::Schema.define(:version => 1) do
+  
+  create_table :sessions, :force => true do |t|
+    t.string   :session_id, :null => false
+    t.text     :data
+    t.datetime :created_at
+    t.datetime :updated_at
+  end
+  
+  create_table :access_tokens do |t|
+    t.integer :user_id
+    t.string :type, :limit => 30
+    t.string :key # how we identify the user, in case they logout and log back in
+    t.string :token, :limit => 1024 # This has to be huge because of Yahoo's excessively large tokens
+    t.string :secret
+    t.boolean :active # whether or not it's associated with the account
+    t.timestamps
+  end
+  
+  create_table :users, :force => true do |t|
+    t.datetime :created_at
+    t.datetime :updated_at
+    t.string   :login
+    t.string   :email
+    t.string   :crypted_password
+    t.string   :password_salt
+    t.string   :persistence_token,                :null => false
+    t.integer  :login_count,       :default => 0, :null => false
+    t.datetime :last_request_at
+    t.datetime :last_login_at
+    t.datetime :current_login_at
+    t.string   :last_login_ip
+    t.string   :current_login_ip
+  end
+
+end

data/test/libs/user.rb

@@ -0,0 +1,7 @@
+class User < ActiveRecord::Base
+  acts_as_authentic do |config|
+    config.validate_email_field    = false
+    config.validate_login_field    = false
+    config.validate_password_field = false
+  end
+end

data/test/libs/user_session.rb

@@ -0,0 +1,2 @@
+class UserSession < Authlogic::Session::Base
+end

data/test/test_helper.rb

@@ -0,0 +1,178 @@
+require "rubygems"
+require "ruby-debug"
+gem 'test-unit'
+require "test/unit"
+require 'active_support'
+require 'active_support/test_case'
+require "active_record"
+require "active_record/fixtures"
+require 'action_controller'
+require 'shoulda'
+require 'mocha'
+
+require File.dirname(__FILE__) + '/libs/database'
+require File.dirname(__FILE__) + '/../lib/authlogic-connect' unless defined?(AuthlogicConnect)
+require File.dirname(__FILE__) + '/libs/user'
+require File.dirname(__FILE__) + '/libs/user_session'
+require 'authlogic/test_case'
+
+# A temporary fix to bring active record errors up to speed with rails edge.
+# I need to remove this once the new gem is released. This is only here so my tests pass.
+unless defined?(::ActiveModel)
+  class ActiveRecord::Errors
+    def [](key)
+      value = on(key)
+      value.is_a?(Array) ? value : [value].compact
+    end
+  end
+end
+
+AuthlogicConnect.config = {
+  :default => "twitter",
+  :connect => {
+    :twitter => {
+      :key => "my_key",
+      :secret => "my_secret",
+      :headers => {
+        "User-Agent" => "Safari",
+        "MyApp-Version" => "1.2"
+      },
+      :api_version => 1
+    },
+    :facebook => {
+      :key => "my_key",
+      :secret => "my_secret"
+    },
+    :foursquare => {
+      :key => "my_key",
+      :secret => "my_secret"
+    },
+    :google => {
+      :key => "my_key",
+      :secret => "my_secret"
+    },
+    :yahoo => {
+      :key => "my_key",
+      :secret => "my_secret"
+    },
+    :vimeo => {
+  
+    }
+  }
+}
+
+# want to add a "method" property!
+Authlogic::TestCase::MockRequest.class_eval do
+  def method
+    "POST"
+  end
+end
+
+module ControllerHelpers
+  def controller_name
+    "users"
+  end
+  
+  def action_name
+    "create"
+  end
+  
+  def url_for(options = {})
+    p = []
+    options.each do |k,v|
+      p << "#{k}=#{v}"
+    end
+    p = "?#{p.join("&")}"
+    url = "http://localhost:3000/users#{p}"
+  end
+  
+  def session=(value)
+    @session = value
+  end
+end
+Authlogic::ControllerAdapters::AbstractAdapter.send(:include, ControllerHelpers)
+
+Authlogic::CryptoProviders::AES256.key = "myafdsfddddddddddddddddddddddddddddddddddddddddddddddd"
+
+class ActiveSupport::TestCase
+  include ActiveRecord::TestFixtures
+  self.fixture_path = File.dirname(__FILE__) + "/fixtures"
+  self.use_transactional_fixtures = false
+  self.use_instantiated_fixtures  = false
+  self.pre_loaded_fixtures = false
+  fixtures :all
+  setup :activate_authlogic
+  
+  def create_token
+    token = OAuth::RequestToken.new("twitter", "key", "secret")
+    token.params = {
+      :oauth_callback_confirmed => "true", 
+      :oauth_token_secret => "secret",
+      :oauth_token => "key"
+    }
+    token.consumer = OAuth::Consumer.new("key", "secret",
+      :site => "http://twitter.com",
+      :proxy => nil,
+      :oauth_version => "1.0",
+      :request_token_path => "/oauth/request_token",
+      :authorize_path => "/oauth/authorize",
+      :scheme => :header,
+      :signature_method => "HMAC-SHA1",
+      :authorize_url => "http://twitter.com/oauth/authenticate",
+      :access_token_path => "/oauth/access_token"
+    )
+    token
+  end
+  
+  private
+    def password_for(user)
+      case user
+      when users(:ben)
+        "benrocks"
+      when users(:zack)
+        "zackrocks"
+      end
+    end
+    
+    def http_basic_auth_for(user = nil, &block)
+      unless user.blank?
+        controller.http_user = user.login
+        controller.http_password = password_for(user)
+      end
+      yield
+      controller.http_user = controller.http_password = nil
+    end
+    
+    def set_cookie_for(user, id = nil)
+      controller.cookies["user_credentials"] = {:value => user.persistence_token, :expires => nil}
+    end
+    
+    def unset_cookie
+      controller.cookies["user_credentials"] = nil
+    end
+    
+    def set_params_for(user, id = nil)
+      controller.params["user_credentials"] = user.single_access_token
+    end
+    
+    def unset_params
+      controller.params["user_credentials"] = nil
+    end
+    
+    def set_request_content_type(type)
+      controller.request_content_type = type
+    end
+    
+    def unset_request_content_type
+      controller.request_content_type = nil
+    end
+    
+    def set_session_for(user, id = nil)
+      controller.session["user_credentials"] = user.persistence_token
+      controller.session["user_credentials_id"] = user.id
+    end
+    
+    def unset_session
+      controller.session["user_credentials"] = controller.session["user_credentials_id"] = nil
+    end
+end