hassox-warden 0.3.1 → 0.3.2
Sign up to get free protection for your applications and to get access to all the features.
- data/.gitignore +2 -1
- data/VERSION +1 -1
- data/lib/warden.rb +1 -0
- data/lib/warden/authentication/hooks.rb +1 -0
- data/lib/warden/authentication/strategies.rb +1 -0
- data/lib/warden/authentication/strategy_base.rb +1 -0
- data/lib/warden/errors.rb +1 -0
- data/lib/warden/manager.rb +27 -26
- data/lib/warden/mixins/common.rb +13 -5
- data/lib/warden/proxy.rb +49 -49
- data/spec/spec_helper.rb +2 -2
- data/spec/warden/authenticated_data_store_spec.rb +15 -15
- data/spec/warden/proxy_spec.rb +47 -36
- data/warden.gemspec +6 -3
- metadata +3 -4
data/.gitignore
CHANGED
data/VERSION
CHANGED
@@ -1 +1 @@
|
|
1
|
-
0.3.
|
1
|
+
0.3.2
|
data/lib/warden.rb
CHANGED
data/lib/warden/errors.rb
CHANGED
data/lib/warden/manager.rb
CHANGED
@@ -1,26 +1,27 @@
|
|
1
|
+
# encoding: utf-8
|
1
2
|
module Warden
|
2
3
|
# The middleware for Rack Authentication
|
3
4
|
# The middlware requires that there is a session upstream
|
4
|
-
# The middleware injects an authentication object into
|
5
|
+
# The middleware injects an authentication object into
|
5
6
|
# the rack environment hash
|
6
7
|
class Manager
|
7
|
-
attr_accessor :config, :failure_app
|
8
|
-
|
8
|
+
attr_accessor :config, :failure_app
|
9
|
+
|
9
10
|
# initialize the middleware.
|
10
11
|
# Provide a :failure_app in the options to setup an application to run when there is a failure
|
11
12
|
# The manager is yielded when initialized with a block. This is useful when declaring it in Rack::Builder
|
12
|
-
# :api: public
|
13
|
+
# :api: public
|
13
14
|
def initialize(app, config = {})
|
14
15
|
@app = app
|
15
16
|
@config = config
|
16
17
|
yield self if block_given?
|
17
|
-
|
18
|
+
|
18
19
|
# should ensure there is a failure application defined.
|
19
20
|
@failure_app = config[:failure_app] if config[:failure_app]
|
20
21
|
raise "No Failure App provided" unless @failure_app
|
21
22
|
self
|
22
|
-
end
|
23
|
-
|
23
|
+
end
|
24
|
+
|
24
25
|
# Set the default strategies to use.
|
25
26
|
# :api: public
|
26
27
|
def default_strategies(*strategies)
|
@@ -30,12 +31,12 @@ module Warden
|
|
30
31
|
@config[:default_strategies] = strategies.flatten
|
31
32
|
end
|
32
33
|
end
|
33
|
-
|
34
|
+
|
34
35
|
# :api: private
|
35
36
|
def call(env) # :nodoc:
|
36
37
|
# if this is downstream from another warden instance, don't do anything.
|
37
|
-
return @app.call(env) unless env['warden'].nil?
|
38
|
-
|
38
|
+
return @app.call(env) unless env['warden'].nil?
|
39
|
+
|
39
40
|
env['warden'] = Proxy.new(env, @config)
|
40
41
|
result = catch(:warden) do
|
41
42
|
@app.call(env)
|
@@ -55,17 +56,17 @@ module Warden
|
|
55
56
|
end # case result
|
56
57
|
end
|
57
58
|
end
|
58
|
-
|
59
|
-
class << self
|
60
|
-
|
61
|
-
|
59
|
+
|
60
|
+
class << self
|
61
|
+
|
62
|
+
|
62
63
|
# Does the work of storing the user in the session
|
63
64
|
# :api: private
|
64
|
-
def _store_user(user, session, scope = :default) # :nodoc:
|
65
|
+
def _store_user(user, session, scope = :default) # :nodoc:
|
65
66
|
return nil if user.nil?
|
66
67
|
session["warden.user.#{scope}.key"] = serialize_into_session.call(user)
|
67
68
|
end
|
68
|
-
|
69
|
+
|
69
70
|
# Does the work of fetching the user from the session
|
70
71
|
# :api: private
|
71
72
|
def _fetch_user(session, scope = :default) # :nodoc:
|
@@ -73,10 +74,10 @@ module Warden
|
|
73
74
|
return nil if key.nil?
|
74
75
|
serialize_from_session.call(key)
|
75
76
|
end
|
76
|
-
|
77
|
+
|
77
78
|
# Prepares the user to serialize into the session.
|
78
79
|
# Any object that can be serialized into the session in some way can be used as a "user" object
|
79
|
-
# Generally however complex object should not be stored in the session.
|
80
|
+
# Generally however complex object should not be stored in the session.
|
80
81
|
# If possible store only a "key" of the user object that will allow you to reconstitute it.
|
81
82
|
#
|
82
83
|
# Example:
|
@@ -87,10 +88,10 @@ module Warden
|
|
87
88
|
@serialize_into_session = block if block_given?
|
88
89
|
@serialize_into_session ||= lambda{|user| user}
|
89
90
|
end
|
90
|
-
|
91
|
+
|
91
92
|
# Reconstitues the user from the session.
|
92
93
|
# Use the results of user_session_key to reconstitue the user from the session on requests after the initial login
|
93
|
-
#
|
94
|
+
#
|
94
95
|
# Example:
|
95
96
|
# Warden::Manager.serialize_from_session{ |id| User.get(id) }
|
96
97
|
#
|
@@ -98,11 +99,11 @@ module Warden
|
|
98
99
|
def serialize_from_session(&blk)
|
99
100
|
@serialize_from_session = blk if block_given?
|
100
101
|
@serialize_from_session ||= lambda{|key| key}
|
101
|
-
end
|
102
|
+
end
|
102
103
|
end
|
103
|
-
|
104
|
+
|
104
105
|
private
|
105
|
-
# When a request is unauthentiated, here's where the processing occurs.
|
106
|
+
# When a request is unauthentiated, here's where the processing occurs.
|
106
107
|
# It looks at the result of the proxy to see if it's been executed and what action to take.
|
107
108
|
# :api: private
|
108
109
|
def process_unauthenticated(result, env)
|
@@ -117,7 +118,7 @@ module Warden
|
|
117
118
|
call_failure_app(env, result)
|
118
119
|
end # case env['warden'].result
|
119
120
|
end
|
120
|
-
|
121
|
+
|
121
122
|
# Calls the failure app.
|
122
123
|
# The before_failure hooks are run on each failure
|
123
124
|
# :api: private
|
@@ -127,10 +128,10 @@ module Warden
|
|
127
128
|
else
|
128
129
|
env["PATH_INFO"] = "/#{opts[:action]}"
|
129
130
|
env["warden.options"] = opts
|
130
|
-
|
131
|
+
|
131
132
|
# Call the before failure callbacks
|
132
133
|
Warden::Manager._before_failure.each{|hook| hook.call(env,opts)}
|
133
|
-
|
134
|
+
|
134
135
|
@failure_app.call(env).to_a
|
135
136
|
end
|
136
137
|
end # call_failure_app
|
data/lib/warden/mixins/common.rb
CHANGED
@@ -1,25 +1,33 @@
|
|
1
|
+
# encoding: utf-8
|
1
2
|
module Warden
|
2
3
|
module Mixins
|
3
4
|
module Common
|
4
|
-
|
5
|
+
|
5
6
|
# Convinience method to access the session
|
6
7
|
# :api: public
|
7
8
|
def session
|
8
|
-
|
9
|
+
env['rack.session']
|
9
10
|
end # session
|
10
|
-
|
11
|
+
alias_method :raw_session, :session
|
12
|
+
|
11
13
|
# Convenience method to access the rack request
|
12
14
|
# :api: public
|
13
15
|
def request
|
14
16
|
@request ||= Rack::Request.new(@env)
|
15
17
|
end # request
|
16
|
-
|
18
|
+
|
17
19
|
# Convenience method to access the rack request params
|
18
20
|
# :api: public
|
19
21
|
def params
|
20
22
|
request.params
|
21
23
|
end # params
|
22
|
-
|
24
|
+
|
25
|
+
# Resets the session. By using this non-hash like sessions can
|
26
|
+
# be cleared by overwriting this method in a plugin
|
27
|
+
# @api overwritable
|
28
|
+
def reset_session!
|
29
|
+
raw_session.clear
|
30
|
+
end
|
23
31
|
end # Common
|
24
32
|
end # Mixins
|
25
33
|
end # Warden
|
data/lib/warden/proxy.rb
CHANGED
@@ -1,18 +1,18 @@
|
|
1
|
+
# encoding: utf-8
|
1
2
|
module Warden
|
2
3
|
class UserNotSet < RuntimeError; end
|
3
4
|
|
4
5
|
class Proxy
|
5
6
|
# :api: private
|
6
7
|
attr_accessor :winning_strategy
|
7
|
-
|
8
|
+
|
8
9
|
# An accessor to the rack env hash
|
9
10
|
# :api: public
|
10
11
|
attr_reader :env
|
11
|
-
|
12
|
+
|
12
13
|
extend ::Forwardable
|
13
14
|
include ::Warden::Mixins::Common
|
14
|
-
|
15
|
-
|
15
|
+
|
16
16
|
# :api: private
|
17
17
|
def_delegators :winning_strategy, :headers, :_status, :custom_response
|
18
18
|
|
@@ -26,25 +26,25 @@ module Warden
|
|
26
26
|
|
27
27
|
# Check to see if there is an authenticated user for the given scope.
|
28
28
|
# When scope is not specified, :default is assumed.
|
29
|
-
# This will not try to reconstitute the user from the session and will simply check for the
|
29
|
+
# This will not try to reconstitute the user from the session and will simply check for the
|
30
30
|
# existance of a session key
|
31
|
-
#
|
32
|
-
# Parameters:
|
31
|
+
#
|
32
|
+
# Parameters:
|
33
33
|
# scope - the scope to check for authentication. Defaults to :default
|
34
34
|
#
|
35
|
-
# Example:
|
35
|
+
# Example:
|
36
36
|
# env['warden'].authenticated?(:admin)
|
37
37
|
# :api: public
|
38
38
|
def authenticated?(scope = :default)
|
39
|
-
!
|
39
|
+
!raw_session["warden.user.#{scope}.key"].nil?
|
40
40
|
end # authenticated?
|
41
|
-
|
42
|
-
# Run the authentiation strategies for the given strategies.
|
41
|
+
|
42
|
+
# Run the authentiation strategies for the given strategies.
|
43
43
|
# If there is already a user logged in for a given scope, the strategies are not run
|
44
44
|
# This does not halt the flow of control and is a passive attempt to authenticate only
|
45
45
|
# When scope is not specified, :default is assumed.
|
46
|
-
#
|
47
|
-
# Parameters:
|
46
|
+
#
|
47
|
+
# Parameters:
|
48
48
|
# args - a list of symbols (labels) that name the strategies to attempt
|
49
49
|
# opts - an options hash that contains the :scope of the user to check
|
50
50
|
#
|
@@ -56,11 +56,11 @@ module Warden
|
|
56
56
|
_perform_authentication(*args)
|
57
57
|
user(scope)
|
58
58
|
end
|
59
|
-
|
59
|
+
|
60
60
|
# The same as +authenticate+ except on failure it will throw an :warden symbol causing the request to be halted
|
61
61
|
# and rendered through the +failure_app+
|
62
|
-
#
|
63
|
-
# Example
|
62
|
+
#
|
63
|
+
# Example
|
64
64
|
# env['warden'].authenticate!(:password, :scope => :publisher) # throws if it cannot authenticate
|
65
65
|
#
|
66
66
|
# :api: public
|
@@ -71,38 +71,38 @@ module Warden
|
|
71
71
|
throw(:warden, opts.merge(:action => :unauthenticated)) if !user(scope)
|
72
72
|
user(scope)
|
73
73
|
end
|
74
|
-
|
74
|
+
|
75
75
|
# Manually set the user into the session and auth proxy
|
76
|
-
#
|
76
|
+
#
|
77
77
|
# Parameters:
|
78
78
|
# user - An object that has been setup to serialize into and out of the session.
|
79
79
|
# opts - An options hash. Use the :scope option to set the scope of the user
|
80
80
|
# :api: public
|
81
81
|
def set_user(user, opts = {})
|
82
82
|
scope = (opts[:scope] ||= :default)
|
83
|
-
Warden::Manager._store_user(user,
|
84
|
-
|
83
|
+
Warden::Manager._store_user(user, raw_session, scope) # Get the user into the session
|
84
|
+
|
85
85
|
# Run the after hooks for setting the user
|
86
86
|
Warden::Manager._after_set_user.each{|hook| hook.call(user, self, opts)}
|
87
|
-
|
87
|
+
|
88
88
|
@users[scope] = user # Store the user in the proxy user object
|
89
89
|
end
|
90
|
-
|
90
|
+
|
91
91
|
# Provides acccess to the user object in a given scope for a request.
|
92
92
|
# will be nil if not logged in
|
93
|
-
#
|
93
|
+
#
|
94
94
|
# Example:
|
95
95
|
# # without scope (default user)
|
96
96
|
# env['warden'].user
|
97
97
|
#
|
98
|
-
# # with scope
|
98
|
+
# # with scope
|
99
99
|
# env['warden'].user(:admin)
|
100
100
|
#
|
101
101
|
# :api: public
|
102
102
|
def user(scope = :default)
|
103
103
|
@users[scope] ||= lookup_user_from_session(scope)
|
104
104
|
end
|
105
|
-
|
105
|
+
|
106
106
|
# Provides a scoped session data for authenticated users.
|
107
107
|
# Warden manages clearing out this data when a user logs out
|
108
108
|
#
|
@@ -116,10 +116,10 @@ module Warden
|
|
116
116
|
# :api: public
|
117
117
|
def session(scope = :default)
|
118
118
|
raise NotAuthenticated, "#{scope.inspect} user is not logged in" unless authenticated?(scope)
|
119
|
-
|
119
|
+
raw_session["warden.user.#{scope}.session"] ||= {}
|
120
120
|
end
|
121
|
-
|
122
|
-
# Provides logout functionality.
|
121
|
+
|
122
|
+
# Provides logout functionality.
|
123
123
|
# The logout also manages any authenticated data storage and clears it when a user logs out.
|
124
124
|
#
|
125
125
|
# Parameters:
|
@@ -134,57 +134,57 @@ module Warden
|
|
134
134
|
#
|
135
135
|
# # Logout the :publisher and :admin user
|
136
136
|
# env['warden'].logout(:publisher, :admin)
|
137
|
-
#
|
137
|
+
#
|
138
138
|
# :api: public
|
139
139
|
def logout(*scopes)
|
140
140
|
if scopes.empty?
|
141
|
-
|
141
|
+
reset_session!
|
142
142
|
@users.clear
|
143
143
|
else
|
144
144
|
scopes.each do |s|
|
145
|
-
|
146
|
-
|
145
|
+
raw_session["warden.user.#{s}.key"] = nil
|
146
|
+
raw_session["warden.user.#{s}.session"] = nil
|
147
147
|
@users.delete(s)
|
148
148
|
end
|
149
149
|
end
|
150
150
|
end
|
151
|
-
|
151
|
+
|
152
152
|
# proxy methods through to the winning strategy
|
153
153
|
# :api: private
|
154
|
-
def result # :nodoc:
|
154
|
+
def result # :nodoc:
|
155
155
|
winning_strategy.nil? ? nil : winning_strategy.result
|
156
156
|
end
|
157
|
-
|
157
|
+
|
158
158
|
# Proxy through to the authentication strategy to find out the message that was generated.
|
159
159
|
# :api: public
|
160
160
|
def message
|
161
161
|
winning_strategy.nil? ? "" : winning_strategy.message
|
162
162
|
end
|
163
|
-
|
163
|
+
|
164
164
|
# Provides a way to return a 401 without warden defering to the failure app
|
165
165
|
# The result is a direct passthrough of your own response
|
166
166
|
# :api: public
|
167
167
|
def custom_failure!
|
168
168
|
@custom_failure = true
|
169
169
|
end
|
170
|
-
|
170
|
+
|
171
171
|
# Check to see if the custom failur flag has been set
|
172
172
|
# :api: public
|
173
173
|
def custom_failure?
|
174
174
|
!!@custom_failure
|
175
175
|
end
|
176
|
-
|
177
|
-
private
|
176
|
+
|
177
|
+
private
|
178
178
|
# :api: private
|
179
179
|
def _perform_authentication(*args)
|
180
180
|
scope = scope_from_args(args)
|
181
181
|
opts = opts_from_args(args)
|
182
|
-
|
182
|
+
|
183
183
|
# Look for an existing user in the session for this scope
|
184
184
|
if the_user = user(scope)
|
185
185
|
return the_user
|
186
186
|
end
|
187
|
-
|
187
|
+
|
188
188
|
# If there was no user in the session. See if we can get one from the request
|
189
189
|
strategies = args.empty? ? @strategies : args
|
190
190
|
raise "No Strategies Found" if strategies.empty? || !(strategies - Warden::Strategies._strategies.keys).empty?
|
@@ -195,23 +195,23 @@ module Warden
|
|
195
195
|
strategy._run!
|
196
196
|
break if strategy.halted?
|
197
197
|
end
|
198
|
-
|
199
|
-
|
198
|
+
|
199
|
+
|
200
200
|
if winning_strategy && winning_strategy.user
|
201
201
|
set_user(winning_strategy.user, opts)
|
202
|
-
|
202
|
+
|
203
203
|
# Run the after_authentication hooks
|
204
204
|
Warden::Manager._after_authentication.each{|hook| hook.call(winning_strategy.user, self, opts)}
|
205
205
|
end
|
206
|
-
|
206
|
+
|
207
207
|
winning_strategy
|
208
208
|
end
|
209
|
-
|
209
|
+
|
210
210
|
# :api: private
|
211
211
|
def scope_from_args(args)
|
212
212
|
Hash === args.last ? args.last.fetch(:scope, :default) : :default
|
213
213
|
end
|
214
|
-
|
214
|
+
|
215
215
|
# :api: private
|
216
216
|
def opts_from_args(args)
|
217
217
|
Hash === args.last ? args.pop : {}
|
@@ -219,7 +219,7 @@ module Warden
|
|
219
219
|
|
220
220
|
# :api: private
|
221
221
|
def lookup_user_from_session(scope)
|
222
|
-
set_user(Warden::Manager._fetch_user(
|
222
|
+
set_user(Warden::Manager._fetch_user(raw_session, scope), :scope => scope)
|
223
223
|
end
|
224
224
|
end # Proxy
|
225
|
-
end # Warden
|
225
|
+
end # Warden
|
data/spec/spec_helper.rb
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
$TESTING=true
|
2
|
-
$:.push File.join(File.dirname(__FILE__), '..', 'lib')
|
3
2
|
require 'rubygems'
|
4
3
|
require 'rack'
|
4
|
+
$:.unshift File.join(File.dirname(__FILE__), '..', 'lib')
|
5
5
|
require 'warden'
|
6
6
|
|
7
7
|
Dir[File.join(File.dirname(__FILE__), "warden", "strategies", "**/*.rb")].each do |f|
|
@@ -13,4 +13,4 @@ end
|
|
13
13
|
|
14
14
|
Spec::Runner.configure do |config|
|
15
15
|
config.include(Warden::Spec::Helpers)
|
16
|
-
end
|
16
|
+
end
|
@@ -1,23 +1,23 @@
|
|
1
1
|
require File.dirname(__FILE__) + '/../spec_helper'
|
2
2
|
|
3
3
|
describe "authenticated data store" do
|
4
|
-
|
4
|
+
|
5
5
|
before(:each) do
|
6
6
|
@env = env_with_params
|
7
7
|
@env['rack.session'] = {
|
8
|
-
"warden.user.foo.key" => "foo user",
|
9
|
-
"warden.user.default.key" => "default user",
|
8
|
+
"warden.user.foo.key" => "foo user",
|
9
|
+
"warden.user.default.key" => "default user",
|
10
10
|
:foo => "bar"
|
11
11
|
}
|
12
12
|
end
|
13
|
-
|
13
|
+
|
14
14
|
it "should store data for the default scope" do
|
15
15
|
app = lambda do |e|
|
16
16
|
e['warden'].authenticate(:pass)
|
17
17
|
e['warden'].authenticate(:pass, :scope => :foo)
|
18
18
|
e['warden'].should be_authenticated
|
19
19
|
e['warden'].should be_authenticated(:foo)
|
20
|
-
|
20
|
+
|
21
21
|
# Store the data for :deafult
|
22
22
|
e['warden'].session[:key] = "value"
|
23
23
|
valid_response
|
@@ -26,7 +26,7 @@ describe "authenticated data store" do
|
|
26
26
|
@env['rack.session']['warden.user.default.session'].should == {:key => "value"}
|
27
27
|
@env['rack.session']['warden.user.foo.session'].should be_nil
|
28
28
|
end
|
29
|
-
|
29
|
+
|
30
30
|
it "should store data for the foo user" do
|
31
31
|
app = lambda do |e|
|
32
32
|
e['warden'].session(:foo)[:key] = "value"
|
@@ -35,7 +35,7 @@ describe "authenticated data store" do
|
|
35
35
|
setup_rack(app).call(@env)
|
36
36
|
@env['rack.session']['warden.user.foo.session'].should == {:key => "value"}
|
37
37
|
end
|
38
|
-
|
38
|
+
|
39
39
|
it "should store the data seperately" do
|
40
40
|
app = lambda do |e|
|
41
41
|
e['warden'].session[:key] = "value"
|
@@ -46,7 +46,7 @@ describe "authenticated data store" do
|
|
46
46
|
@env['rack.session']['warden.user.default.session'].should == {:key => "value"}
|
47
47
|
@env['rack.session']['warden.user.foo.session' ].should == {:key => "another value"}
|
48
48
|
end
|
49
|
-
|
49
|
+
|
50
50
|
it "should clear the foo scoped data when foo logs out" do
|
51
51
|
app = lambda do |e|
|
52
52
|
e['warden'].session[:key] = "value"
|
@@ -58,7 +58,7 @@ describe "authenticated data store" do
|
|
58
58
|
@env['rack.session']['warden.user.default.session'].should == {:key => "value"}
|
59
59
|
@env['rack.session']['warden.user.foo.session' ].should be_nil
|
60
60
|
end
|
61
|
-
|
61
|
+
|
62
62
|
it "should clear out the default data when :default logs out" do
|
63
63
|
app = lambda do |e|
|
64
64
|
e['warden'].session[:key] = "value"
|
@@ -70,7 +70,7 @@ describe "authenticated data store" do
|
|
70
70
|
@env['rack.session']['warden.user.default.session'].should be_nil
|
71
71
|
@env['rack.session']['warden.user.foo.session' ].should == {:key => "another value"}
|
72
72
|
end
|
73
|
-
|
73
|
+
|
74
74
|
it "should clear out all data when a general logout is performed" do
|
75
75
|
app = lambda do |e|
|
76
76
|
e['warden'].session[:key] = "value"
|
@@ -82,10 +82,10 @@ describe "authenticated data store" do
|
|
82
82
|
@env['rack.session']['warden.user.default.session'].should be_nil
|
83
83
|
@env['rack.session']['warden.user.foo.session' ].should be_nil
|
84
84
|
end
|
85
|
-
|
85
|
+
|
86
86
|
it "should logout multuiple personas at once" do
|
87
87
|
@env['rack.session']['warden.user.bar.key'] = "bar user"
|
88
|
-
|
88
|
+
|
89
89
|
app = lambda do |e|
|
90
90
|
e['warden'].session[:key] = "value"
|
91
91
|
e['warden'].session(:foo)[:key] = "another value"
|
@@ -98,16 +98,16 @@ describe "authenticated data store" do
|
|
98
98
|
@env['rack.session']['warden.user.foo.session' ].should == {:key => "another value"}
|
99
99
|
@env['rack.session']['warden.user.bar.session' ].should be_nil
|
100
100
|
end
|
101
|
-
|
101
|
+
|
102
102
|
it "should not store data for a user who is not logged in" do
|
103
103
|
@env['rack.session']
|
104
104
|
app = lambda do |e|
|
105
105
|
e['warden'].session(:not_here)[:key] = "value"
|
106
106
|
valid_response
|
107
107
|
end
|
108
|
-
|
108
|
+
|
109
109
|
lambda do
|
110
110
|
setup_rack(app).call(@env)
|
111
111
|
end.should raise_error(Warden::NotAuthenticated)
|
112
112
|
end
|
113
|
-
end
|
113
|
+
end
|
data/spec/warden/proxy_spec.rb
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
require File.dirname(__FILE__) + '/../spec_helper'
|
2
2
|
|
3
3
|
describe Warden::Proxy do
|
4
|
-
|
4
|
+
|
5
5
|
before(:all) do
|
6
6
|
Dir[File.join(File.dirname(__FILE__), "strategies/**/*.rb")].each{|f| load f}
|
7
7
|
end
|
8
8
|
|
9
9
|
before(:each) do
|
10
10
|
@basic_app = lambda{|env| [200,{'Content-Type' => 'text/plain'},'OK']}
|
11
|
-
@authd_app = lambda do |e|
|
11
|
+
@authd_app = lambda do |e|
|
12
12
|
e['warden'].authenticate
|
13
13
|
if e['warden'].authenticated?
|
14
14
|
[200,{'Content-Type' => 'text/plain'},"OK"]
|
@@ -19,7 +19,7 @@ describe Warden::Proxy do
|
|
19
19
|
@env = Rack::MockRequest.
|
20
20
|
env_for('/', 'HTTP_VERSION' => '1.1', 'REQUEST_METHOD' => 'GET')
|
21
21
|
end # before(:each)
|
22
|
-
|
22
|
+
|
23
23
|
describe "authentication" do
|
24
24
|
|
25
25
|
it "should not check the authentication if it is not checked" do
|
@@ -45,9 +45,9 @@ describe Warden::Proxy do
|
|
45
45
|
resp = app.call(env)
|
46
46
|
resp.first.should == 200
|
47
47
|
end
|
48
|
-
|
48
|
+
|
49
49
|
describe "authenticate!" do
|
50
|
-
|
50
|
+
|
51
51
|
it "should allow authentication in my application" do
|
52
52
|
env = env_with_params('/', :username => "fred", :password => "sekrit")
|
53
53
|
app = lambda do |env|
|
@@ -56,7 +56,7 @@ describe Warden::Proxy do
|
|
56
56
|
env['warden.spec.strategies'].should == [:password]
|
57
57
|
end
|
58
58
|
end
|
59
|
-
|
59
|
+
|
60
60
|
it "should be false in my application" do
|
61
61
|
env = env_with_params("/", :foo => "bar")
|
62
62
|
app = lambda do |env|
|
@@ -67,7 +67,7 @@ describe Warden::Proxy do
|
|
67
67
|
end
|
68
68
|
setup_rack(app).call(env)
|
69
69
|
end
|
70
|
-
|
70
|
+
|
71
71
|
it "should allow me to select which strategies I use in my appliction" do
|
72
72
|
env = env_with_params("/", :foo => "bar")
|
73
73
|
app = lambda do |env|
|
@@ -78,7 +78,7 @@ describe Warden::Proxy do
|
|
78
78
|
end
|
79
79
|
setup_rack(app).call(env)
|
80
80
|
end
|
81
|
-
|
81
|
+
|
82
82
|
it "should allow me to get access to the user at warden.user." do
|
83
83
|
env = env_with_params("/")
|
84
84
|
app = lambda do |env|
|
@@ -89,7 +89,7 @@ describe Warden::Proxy do
|
|
89
89
|
end
|
90
90
|
setup_rack(app).call(env)
|
91
91
|
end
|
92
|
-
|
92
|
+
|
93
93
|
it "should try multiple authentication strategies" do
|
94
94
|
env = env_with_params("/")
|
95
95
|
app = lambda do |env|
|
@@ -100,7 +100,7 @@ describe Warden::Proxy do
|
|
100
100
|
end
|
101
101
|
setup_rack(app).call(env)
|
102
102
|
end
|
103
|
-
|
103
|
+
|
104
104
|
it "should look for an active user in the session with authenticate!" do
|
105
105
|
app = lambda do |env|
|
106
106
|
env['rack.session']["warden.user.default.key"] = "foo as a user"
|
@@ -111,7 +111,7 @@ describe Warden::Proxy do
|
|
111
111
|
setup_rack(app).call(env)
|
112
112
|
env['warden'].user.should == "foo as a user"
|
113
113
|
end
|
114
|
-
|
114
|
+
|
115
115
|
it "should look for an active user in the session with authenticate?" do
|
116
116
|
app = lambda do |env|
|
117
117
|
env['rack.session']['warden.user.foo_scope.key'] = "a foo user"
|
@@ -123,7 +123,7 @@ describe Warden::Proxy do
|
|
123
123
|
setup_rack(app).call(env)
|
124
124
|
env['warden'].user(:foo_scope).should == "a foo user"
|
125
125
|
end
|
126
|
-
|
126
|
+
|
127
127
|
it "should login 2 different users from the session" do
|
128
128
|
app = lambda do |env|
|
129
129
|
env['rack.session']['warden.user.foo.key'] = 'foo user'
|
@@ -144,7 +144,7 @@ describe Warden::Proxy do
|
|
144
144
|
end
|
145
145
|
end
|
146
146
|
end # describe "authentication"
|
147
|
-
|
147
|
+
|
148
148
|
describe "set user" do
|
149
149
|
it "should store the user into the session" do
|
150
150
|
env = env_with_params("/")
|
@@ -158,13 +158,13 @@ describe Warden::Proxy do
|
|
158
158
|
setup_rack(app).call(env)
|
159
159
|
end
|
160
160
|
end
|
161
|
-
|
161
|
+
|
162
162
|
describe "get user" do
|
163
163
|
before(:each) do
|
164
164
|
@env['rack.session'] ||= {}
|
165
165
|
@env['rack.session'].delete("warden.user.default.key")
|
166
166
|
end
|
167
|
-
|
167
|
+
|
168
168
|
it "should return nil when not logged in" do
|
169
169
|
app = lambda do |env|
|
170
170
|
env['warden'].user.should be_nil
|
@@ -172,7 +172,7 @@ describe Warden::Proxy do
|
|
172
172
|
end
|
173
173
|
setup_rack(app).call(@env)
|
174
174
|
end
|
175
|
-
|
175
|
+
|
176
176
|
it "should not run strategies when not logged in" do
|
177
177
|
app = lambda do |env|
|
178
178
|
env['warden'].user.should be_nil
|
@@ -181,13 +181,13 @@ describe Warden::Proxy do
|
|
181
181
|
end
|
182
182
|
setup_rack(app).call(@env)
|
183
183
|
end
|
184
|
-
|
184
|
+
|
185
185
|
describe "previously logged in" do
|
186
|
-
|
186
|
+
|
187
187
|
before(:each) do
|
188
188
|
@env['rack.session']['warden.user.default.key'] = "A Previous User"
|
189
189
|
end
|
190
|
-
|
190
|
+
|
191
191
|
it "should take the user from the session when logged in" do
|
192
192
|
app = lambda do |env|
|
193
193
|
env['warden'].user.should == "A Previous User"
|
@@ -195,7 +195,7 @@ describe Warden::Proxy do
|
|
195
195
|
end
|
196
196
|
setup_rack(app).call(@env)
|
197
197
|
end
|
198
|
-
|
198
|
+
|
199
199
|
it "should not run strategies when the user exists in the session"
|
200
200
|
end
|
201
201
|
end
|
@@ -211,7 +211,7 @@ describe Warden::Proxy do
|
|
211
211
|
end
|
212
212
|
@app = setup_rack(app)
|
213
213
|
end
|
214
|
-
|
214
|
+
|
215
215
|
it "should logout only the scoped foo user" do
|
216
216
|
@env['warden.spec.which_logout'] = :foo
|
217
217
|
@app.call(@env)
|
@@ -219,15 +219,15 @@ describe Warden::Proxy do
|
|
219
219
|
@env['rack.session']['warden.user.foo.key'].should be_nil
|
220
220
|
@env['rack.session'][:foo].should == "bar"
|
221
221
|
end
|
222
|
-
|
223
|
-
it "should logout only the scoped default user" do
|
222
|
+
|
223
|
+
it "should logout only the scoped default user" do
|
224
224
|
@env['warden.spec.which_logout'] = :default
|
225
225
|
@app.call(@env)
|
226
226
|
@env['rack.session']['warden.user.default.key'].should be_nil
|
227
227
|
@env['rack.session']['warden.user.foo.key'].should == "foo key"
|
228
228
|
@env['rack.session'][:foo].should == "bar"
|
229
229
|
end
|
230
|
-
|
230
|
+
|
231
231
|
it "should clear the session when no argument is given to logout" do
|
232
232
|
@env['rack.session'].should_not be_nil
|
233
233
|
app = lambda do |e|
|
@@ -237,7 +237,7 @@ describe Warden::Proxy do
|
|
237
237
|
setup_rack(app).call(@env)
|
238
238
|
@env['rack.session'].should be_empty
|
239
239
|
end
|
240
|
-
|
240
|
+
|
241
241
|
it "should clear the user when logging out" do
|
242
242
|
@env['rack.session'].should_not be_nil
|
243
243
|
app = lambda do |e|
|
@@ -249,7 +249,7 @@ describe Warden::Proxy do
|
|
249
249
|
end
|
250
250
|
setup_rack(app).call(@env)
|
251
251
|
@env['warden'].user.should be_nil
|
252
|
-
|
252
|
+
|
253
253
|
end
|
254
254
|
|
255
255
|
it "should clear the session data when logging out" do
|
@@ -263,10 +263,21 @@ describe Warden::Proxy do
|
|
263
263
|
end
|
264
264
|
setup_rack(app).call(@env)
|
265
265
|
end
|
266
|
+
|
267
|
+
it "should clear out the session by calling reset_session! so that plugins can setup their own session clearing" do
|
268
|
+
@env['rack.session'].should_not be_nil
|
269
|
+
app = lambda do |e|
|
270
|
+
e['warden'].user.should_not be_nil
|
271
|
+
e['warden'].should_receive(:reset_session!)
|
272
|
+
e['warden'].logout
|
273
|
+
valid_response
|
274
|
+
end
|
275
|
+
setup_rack(app).call(@env)
|
276
|
+
end
|
266
277
|
end
|
267
|
-
|
278
|
+
|
268
279
|
describe "messages" do
|
269
|
-
|
280
|
+
|
270
281
|
it "should allow access to the failure message" do
|
271
282
|
failure = lambda do |e|
|
272
283
|
[401, {"Content-Type" => "text/plain"}, [e['warden'].message]]
|
@@ -277,7 +288,7 @@ describe Warden::Proxy do
|
|
277
288
|
result = setup_rack(app, :failure_app => failure).call(env_with_params)
|
278
289
|
result.last.should == ["The Fails Strategy Has Failed You"]
|
279
290
|
end
|
280
|
-
|
291
|
+
|
281
292
|
it "should not die when accessing a message from a source where no authentication has occured" do
|
282
293
|
app = lambda do |e|
|
283
294
|
[200, {"Content-Type" => "text/plain"}, [e['warden'].message]]
|
@@ -286,7 +297,7 @@ describe Warden::Proxy do
|
|
286
297
|
result[2].should == [""]
|
287
298
|
end
|
288
299
|
end
|
289
|
-
|
300
|
+
|
290
301
|
describe "when all strategies are not valid?" do
|
291
302
|
it "should return false for authenticated when there are no valid? strategies" do
|
292
303
|
@env['rack.session'] = {}
|
@@ -295,7 +306,7 @@ describe Warden::Proxy do
|
|
295
306
|
end
|
296
307
|
setup_rack(app).call(@env)
|
297
308
|
end
|
298
|
-
|
309
|
+
|
299
310
|
it "should return nil for authenticate when there are no valid strategies" do
|
300
311
|
@env['rack.session'] = {}
|
301
312
|
app = lambda do |e|
|
@@ -303,18 +314,18 @@ describe Warden::Proxy do
|
|
303
314
|
end
|
304
315
|
setup_rack(app).call(@env)
|
305
316
|
end
|
306
|
-
|
317
|
+
|
307
318
|
it "should respond with a 401 when authenticate! cannot find any valid strategies" do
|
308
319
|
@env['rack.session'] = {}
|
309
|
-
app = lambda do |e|
|
320
|
+
app = lambda do |e|
|
310
321
|
e['warden'].authenticate!(:invalid)
|
311
322
|
end
|
312
323
|
result = setup_rack(app).call(@env)
|
313
324
|
result.first.should == 401
|
314
325
|
end
|
315
|
-
|
326
|
+
|
316
327
|
end
|
317
|
-
|
318
328
|
|
319
|
-
|
329
|
+
|
330
|
+
|
320
331
|
end
|
data/warden.gemspec
CHANGED
@@ -1,12 +1,15 @@
|
|
1
|
+
# Generated by jeweler
|
2
|
+
# DO NOT EDIT THIS FILE
|
3
|
+
# Instead, edit Jeweler::Tasks in Rakefile, and run `rake gemspec`
|
1
4
|
# -*- encoding: utf-8 -*-
|
2
5
|
|
3
6
|
Gem::Specification.new do |s|
|
4
7
|
s.name = %q{warden}
|
5
|
-
s.version = "0.3.
|
8
|
+
s.version = "0.3.2"
|
6
9
|
|
7
10
|
s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
|
8
11
|
s.authors = ["Daniel Neighman"]
|
9
|
-
s.date = %q{2009-
|
12
|
+
s.date = %q{2009-09-05}
|
10
13
|
s.email = %q{has.sox@gmail.com}
|
11
14
|
s.extra_rdoc_files = [
|
12
15
|
"LICENSE",
|
@@ -50,7 +53,7 @@ Gem::Specification.new do |s|
|
|
50
53
|
s.rdoc_options = ["--charset=UTF-8"]
|
51
54
|
s.require_paths = ["lib"]
|
52
55
|
s.rubyforge_project = %q{warden}
|
53
|
-
s.rubygems_version = %q{1.3.
|
56
|
+
s.rubygems_version = %q{1.3.5}
|
54
57
|
s.summary = %q{Rack middleware that provides authentication for rack applications}
|
55
58
|
s.test_files = [
|
56
59
|
"spec/helpers/request_helper.rb",
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: hassox-warden
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.3.
|
4
|
+
version: 0.3.2
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Daniel Neighman
|
@@ -9,7 +9,7 @@ autorequire:
|
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
11
|
|
12
|
-
date: 2009-
|
12
|
+
date: 2009-09-05 00:00:00 -07:00
|
13
13
|
default_executable:
|
14
14
|
dependencies:
|
15
15
|
- !ruby/object:Gem::Dependency
|
@@ -66,7 +66,6 @@ files:
|
|
66
66
|
- warden.gemspec
|
67
67
|
has_rdoc: false
|
68
68
|
homepage: http://github.com/hassox/warden
|
69
|
-
licenses:
|
70
69
|
post_install_message:
|
71
70
|
rdoc_options:
|
72
71
|
- --charset=UTF-8
|
@@ -87,7 +86,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
87
86
|
requirements: []
|
88
87
|
|
89
88
|
rubyforge_project: warden
|
90
|
-
rubygems_version: 1.
|
89
|
+
rubygems_version: 1.2.0
|
91
90
|
signing_key:
|
92
91
|
specification_version: 3
|
93
92
|
summary: Rack middleware that provides authentication for rack applications
|