invision_bridge 0.1.0

data/MIT-LICENSE

@@ -0,0 +1,20 @@
+Copyright (c) 2009 [name of plugin creator]
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.textile

@@ -0,0 +1,7 @@
+h1. InvisionBridge
+
+A Rails plugin to allow Authlogic to use an Invision Power Board database's user credentials.
+
+h2. Credits
+
+Copyright (c) 2009 Robert Speicher, released under the MIT license

data/Rakefile

@@ -0,0 +1,40 @@
+require 'rake'
+require 'rake/rdoctask'
+
+gem 'rspec-rails', '>= 1.0.0'
+require 'spec/rake/spectask'
+
+desc 'Default: run unit tests.'
+task :default => :spec
+
+desc 'Test the invision_bridge plugin.'
+Spec::Rake::SpecTask.new('spec') do |t|
+  t.spec_files = FileList['spec/**/*_spec.rb']
+  t.spec_opts = ["-c"]
+end
+
+desc 'Generate documentation for the invision_bridge plugin.'
+Rake::RDocTask.new(:rdoc) do |rdoc|
+  rdoc.rdoc_dir = 'rdoc'
+  rdoc.title    = 'InvisionBridge'
+  rdoc.options << '--line-numbers' << '--inline-source'
+  rdoc.rdoc_files.include('README')
+  rdoc.rdoc_files.include('lib/**/*.rb')
+end
+
+begin
+  require 'jeweler'
+  Jeweler::Tasks.new do |s|
+    s.name        = "invision_bridge"
+    s.summary     = "Uses Authlogic to allow your User model to use an IP.Board 3.x database."
+    s.email       = "rspeicher@gmail.com"
+    s.homepage    = "http://github.com/tsigo/invision_bridge"
+    s.description = "Uses Authlogic to allow your User model to use an IP.Board 3.x database."
+    s.authors     = ["Robert Speicher"]
+    s.files       = FileList["[A-Za-z]*", "{lib,rails,spec,config}/**/*"]
+    s.add_dependency 'authlogic'
+  end
+  Jeweler::GemcutterTasks.new
+rescue LoadError
+  puts "Jeweler, or one of its dependencies, is not available. Install it with: sudo gem install technicalpickles-jeweler -s http://gems.github.com"
+end

data/VERSION

@@ -0,0 +1 @@
+0.1.0

data/config/database.yml.example

@@ -0,0 +1,20 @@
+invision_bridge_development:
+  adapter: mysql
+  database: invision_forums_development
+  user: username
+  password: password
+  prefix: ibf_
+
+invision_bridge_test:
+  adapter: mysql
+  database: invision_forums_test
+  user: username
+  password: password
+  prefix: ibf_
+
+invision_bridge_production:
+  adapter: mysql
+  database: invision_forums
+  user: username
+  password: password
+  prefix: ibf_

data/init.rb

@@ -0,0 +1 @@
+require 'invision_bridge'

data/install.rb

@@ -0,0 +1 @@
+# Install hook code here

data/invision_bridge.gemspec

@@ -0,0 +1,61 @@
+# Generated by jeweler
+# DO NOT EDIT THIS FILE DIRECTLY
+# Instead, edit Jeweler::Tasks in Rakefile, and run the gemspec command
+# -*- encoding: utf-8 -*-
+
+Gem::Specification.new do |s|
+  s.name = %q{invision_bridge}
+  s.version = "0.1.0"
+
+  s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
+  s.authors = ["Robert Speicher"]
+  s.date = %q{2010-01-29}
+  s.description = %q{Uses Authlogic to allow your User model to use an IP.Board 3.x database.}
+  s.email = %q{rspeicher@gmail.com}
+  s.extra_rdoc_files = [
+    "README.textile"
+  ]
+  s.files = [
+    "MIT-LICENSE",
+     "README.textile",
+     "Rakefile",
+     "VERSION",
+     "config/database.yml.example",
+     "init.rb",
+     "install.rb",
+     "invision_bridge.gemspec",
+     "lib/invision_bridge.rb",
+     "lib/invision_bridge/crypto_provider.rb",
+     "lib/invision_bridge/invision_bridge.rb",
+     "lib/invision_bridge/rails.rb",
+     "lib/invision_bridge/user/base.rb",
+     "rails/init.rb",
+     "spec/invision_bridge/crypto_provider_spec.rb",
+     "spec/spec.opts",
+     "spec/spec_helper.rb",
+     "uninstall.rb"
+  ]
+  s.homepage = %q{http://github.com/tsigo/invision_bridge}
+  s.rdoc_options = ["--charset=UTF-8"]
+  s.require_paths = ["lib"]
+  s.rubygems_version = %q{1.3.5}
+  s.summary = %q{Uses Authlogic to allow your User model to use an IP.Board 3.x database.}
+  s.test_files = [
+    "spec/invision_bridge/crypto_provider_spec.rb",
+     "spec/spec_helper.rb"
+  ]
+
+  if s.respond_to? :specification_version then
+    current_version = Gem::Specification::CURRENT_SPECIFICATION_VERSION
+    s.specification_version = 3
+
+    if Gem::Version.new(Gem::RubyGemsVersion) >= Gem::Version.new('1.2.0') then
+      s.add_runtime_dependency(%q<authlogic>, [">= 0"])
+    else
+      s.add_dependency(%q<authlogic>, [">= 0"])
+    end
+  else
+    s.add_dependency(%q<authlogic>, [">= 0"])
+  end
+end
+

data/lib/invision_bridge/crypto_provider.rb

@@ -0,0 +1,49 @@
+require 'digest/md5'
+
+module Authlogic
+  module CryptoProviders
+    class InvisionPowerBoard
+      class << self
+        def encrypt(*tokens)
+          tokens = tokens.flatten
+          digest = tokens.shift
+          digest = filter_input(digest)
+          
+          # Invision's hash: MD5(MD5(salt) + MD5(raw))
+          digest = Digest::MD5.hexdigest(Digest::MD5.hexdigest(tokens.join('')) + Digest::MD5.hexdigest(digest))
+          
+          digest
+        end
+    
+        # Does the crypted password match the tokens? Uses the same tokens that were used to encrypt.
+        def matches?(crypted, *tokens)
+          encrypt(*tokens) == crypted
+        end
+        
+        private
+          def filter_input(input)
+            # Invision's input filtering replaces a bunch of characters before
+            # the password gets hashed, some of which may be used in a strong 
+            # password. We have to apply the same changes so that the md5'd 
+            # string ends up the same on our end
+            input.gsub!('&[^amp;]?', '&amp;')
+            input.gsub!('<!--', '&#60;&#33;--')
+            input.gsub!('-->', '--&#62;')
+            input.gsub!(/<script/i, '&#60;script')
+            input.gsub!('>', '&gt;')
+            input.gsub!('<', '&lt;')
+            input.gsub!('"', '&quot;')
+            input.gsub!("\\\$", '&#036;')
+            input.gsub!('!', '&#33;')
+            input.gsub!("'", '&#39;')
+
+            # NOTE: Invision does these, but I doubt they'll show up in a real user's password
+            # input.gsub!("\n", '<br />')
+            # input.gsub!("\r", '')
+
+            input
+          end
+      end
+    end
+  end
+end

data/lib/invision_bridge/invision_bridge.rb

@@ -0,0 +1,27 @@
+module InvisionBridge
+  module Base
+    def self.included(base)
+      base.extend(ClassMethods)
+    end
+
+    module ClassMethods
+      def establish_bridge()
+        if Rails
+          config = YAML::load(File.open(Rails.configuration.database_configuration_file))
+          config = config["invision_bridge_#{Rails.env}"]
+        else
+          config = YAML::load(File.open(File.join(File.dirname(__FILE__), '..', '..', 'config', 'database.yml')))
+          config = config["invision_bridge"]
+        end
+
+        config['prefix'] ||= 'ibf_'
+
+        establish_connection(config)
+
+        unloadable # http://www.dansketcher.com/2009/05/11/cant-dup-nilclass/
+        set_table_name "#{config['prefix']}members"
+        set_primary_key "member_id"
+      end
+    end
+  end
+end

data/lib/invision_bridge/rails.rb

@@ -0,0 +1,3 @@
+require 'invision_bridge'
+require 'invision_bridge/invision_bridge'
+require 'invision_bridge/user/base'

data/lib/invision_bridge/user/base.rb

@@ -0,0 +1,27 @@
+module InvisionBridge
+  module User
+    class Base < ActiveRecord::Base
+      self.abstract_class = true
+
+      include InvisionBridge::Base
+      establish_bridge
+
+      # Authlogic -----------------------------------------------------------------
+      attr_accessible :login, :password, :password_confirmation
+      acts_as_authentic do |c|
+        c.crypto_provider          = Authlogic::CryptoProviders::InvisionPowerBoard
+        c.login_field              = :name
+        c.crypted_password_field   = :members_pass_hash
+        c.password_salt_field      = :members_pass_salt
+        c.validate_password_field  = false
+      end
+
+      # ---------------------------------------------------------------------------
+      # Override some AR methods; we don't want to mess with Invision's integrity
+      def destroy; end
+      def delete; end
+      def self.destroy_all; end
+      def self.delete_all; end
+    end
+  end
+end

data/lib/invision_bridge.rb

@@ -0,0 +1,2 @@
+require 'authlogic'
+require 'invision_bridge/crypto_provider'

data/rails/init.rb

@@ -0,0 +1 @@
+require 'invision_bridge/rails'

data/spec/invision_bridge/crypto_provider_spec.rb

@@ -0,0 +1,18 @@
+require 'spec_helper'
+
+describe Authlogic::CryptoProviders::InvisionPowerBoard do
+  it "should encrypt" do
+    Authlogic::CryptoProviders::InvisionPowerBoard.encrypt("mypass").should be_true
+  end
+  
+  it "should match expected output" do
+    hash = Authlogic::CryptoProviders::InvisionPowerBoard.encrypt("mypass")
+    Authlogic::CryptoProviders::InvisionPowerBoard.matches?(hash, "mypass").should be_true
+  end
+  
+  it "should filter characters" do
+    pass = '?&amp;!&><"!\''
+    hash = Authlogic::CryptoProviders::InvisionPowerBoard.encrypt(pass)
+    Authlogic::CryptoProviders::InvisionPowerBoard.matches?(hash, pass).should be_true
+  end
+end

data/spec/spec.opts

@@ -0,0 +1,3 @@
+--colour
+--reverse
+--backtrace

data/spec/spec_helper.rb

@@ -0,0 +1,6 @@
+require 'rubygems'
+require 'spec'
+require 'invision_bridge'
+
+$: << File.join(File.dirname(__FILE__), '..', 'lib')
+require File.join(File.dirname(__FILE__), '..', 'init')

data/uninstall.rb

@@ -0,0 +1 @@
+# Uninstall hook code here

metadata

@@ -0,0 +1,82 @@
+--- !ruby/object:Gem::Specification 
+name: invision_bridge
+version: !ruby/object:Gem::Version 
+  version: 0.1.0
+platform: ruby
+authors: 
+- Robert Speicher
+autorequire: 
+bindir: bin
+cert_chain: []
+
+date: 2010-01-29 00:00:00 -05:00
+default_executable: 
+dependencies: 
+- !ruby/object:Gem::Dependency 
+  name: authlogic
+  type: :runtime
+  version_requirement: 
+  version_requirements: !ruby/object:Gem::Requirement 
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        version: "0"
+    version: 
+description: Uses Authlogic to allow your User model to use an IP.Board 3.x database.
+email: rspeicher@gmail.com
+executables: []
+
+extensions: []
+
+extra_rdoc_files: 
+- README.textile
+files: 
+- MIT-LICENSE
+- README.textile
+- Rakefile
+- VERSION
+- config/database.yml.example
+- init.rb
+- install.rb
+- invision_bridge.gemspec
+- lib/invision_bridge.rb
+- lib/invision_bridge/crypto_provider.rb
+- lib/invision_bridge/invision_bridge.rb
+- lib/invision_bridge/rails.rb
+- lib/invision_bridge/user/base.rb
+- rails/init.rb
+- spec/invision_bridge/crypto_provider_spec.rb
+- spec/spec.opts
+- spec/spec_helper.rb
+- uninstall.rb
+has_rdoc: true
+homepage: http://github.com/tsigo/invision_bridge
+licenses: []
+
+post_install_message: 
+rdoc_options: 
+- --charset=UTF-8
+require_paths: 
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement 
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      version: "0"
+  version: 
+required_rubygems_version: !ruby/object:Gem::Requirement 
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      version: "0"
+  version: 
+requirements: []
+
+rubyforge_project: 
+rubygems_version: 1.3.5
+signing_key: 
+specification_version: 3
+summary: Uses Authlogic to allow your User model to use an IP.Board 3.x database.
+test_files: 
+- spec/invision_bridge/crypto_provider_spec.rb
+- spec/spec_helper.rb