jpablobr-sinatra-authorization 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (7) hide show
  1. data/.gitignore +1 -0
  2. data/README.rdoc +25 -0
  3. data/Rakefile +19 -0
  4. data/VERSION +1 -0
  5. data/lib/sinatra/authorization.rb +64 -0
  6. data/test/authorization_test.rb +66 -0
  7. metadata +67 -0
data/.gitignore ADDED
@@ -0,0 +1 @@
1
+ dist
data/README.rdoc ADDED
@@ -0,0 +1,25 @@
1
+ = Sinatra Authorization
2
+
3
+ HTTP Authorization helpers for Sinatra.
4
+
5
+ == Example
6
+
7
+ require "sinatra/authorization"
8
+
9
+ set :authorization_realm, "Protected zone"
10
+
11
+ helpers do
12
+ def authorize(login, password)
13
+ login == "admin" && password == "secret"
14
+ end
15
+ end
16
+
17
+ get "/" do
18
+ "Hello"
19
+ end
20
+
21
+ get "/admin" do
22
+ login_required
23
+
24
+ "Welcome in protected zone"
25
+ end
data/Rakefile ADDED
@@ -0,0 +1,19 @@
1
+ require 'rubygems'
2
+ require 'rake'
3
+
4
+ begin
5
+ require 'jeweler'
6
+ Jeweler::Tasks.new do |gemspec|
7
+ gemspec.name = "jpablobr-sinatra-authorization"
8
+ gemspec.summary = "jpablobr-sinatra-authorization HTTP Authorization helpers for Sinatra."
9
+ gemspec.description = "jpablobr-sinatra-authorization HTTP Authorization helpers for Sinatra."
10
+ gemspec.email = "xjpablobrx@gmail.com"
11
+ gemspec.homepage = "http://github.com/jpablobr/sinatra-authorization"
12
+ gemspec.authors = ["Jose Pablo Barrantes"]
13
+ end
14
+ Jeweler::GemcutterTasks.new
15
+ rescue LoadError
16
+ puts "Jeweler not available. Install it with: sudo gem install jeweler -s http://gemcutter.org"
17
+ end
18
+
19
+ Dir["#{File.dirname(__FILE__)}/tasks/*.rake"].sort.each { |ext| load ext }
data/VERSION ADDED
@@ -0,0 +1 @@
1
+ 0.1.0
data/lib/sinatra/authorization.rb ADDED
@@ -0,0 +1,64 @@
1
+ require "sinatra/base"
2
+
3
+ module Sinatra
4
+ # HTTP Authorization helpers for Sinatra.
5
+ #
6
+ # In your helpers module, include Sinatra::Authorization and then define
7
+ # an #authorize(user, password) method to handle user provided
8
+ # credentials.
9
+ #
10
+ # Inside your events, call #login_required to trigger the HTTP
11
+ # Authorization window to pop up in the browser.
12
+ #
13
+ # Code adapted from {Ryan Tomayko}[http://tomayko.com/about] and
14
+ # {Christopher Schneid}[http://gittr.com], shared under an MIT License
15
+ module Authorization
16
+ # Redefine this method on your helpers block to actually contain
17
+ # your authorization logic.
18
+ def authorize(username, password)
19
+ false
20
+ end
21
+
22
+ # From you app, call set :authorization_realm, "my app" to set this
23
+ # or define a #authorization_realm method in your helpers block.
24
+ def authorization_realm
25
+ Sinatra::Default.authorization_realm
26
+ end
27
+
28
+ # Call in any event that requires authentication
29
+ def login_required
30
+ return if authorized?
31
+ unauthorized! unless auth.provided?
32
+ bad_request! unless auth.basic?
33
+ unauthorized! unless authorize(*auth.credentials)
34
+ request.env['REMOTE_USER'] = auth.username
35
+ end
36
+
37
+ # Convenience method to determine if a user is logged in
38
+ def authorized?
39
+ !!request.env['REMOTE_USER']
40
+ end
41
+ alias :logged_in? :authorized?
42
+
43
+ # Name provided by the current user to log in
44
+ def current_user
45
+ request.env['REMOTE_USER']
46
+ end
47
+
48
+ private
49
+ def auth
50
+ @auth ||= Rack::Auth::Basic::Request.new(request.env)
51
+ end
52
+
53
+ def unauthorized!(realm=authorization_realm)
54
+ response["WWW-Authenticate"] = %(Basic realm="#{realm}")
55
+ throw :halt, [ 401, 'Authorization Required' ]
56
+ end
57
+
58
+ def bad_request!
59
+ throw :halt, [ 400, 'Bad Request' ]
60
+ end
61
+ end
62
+
63
+ helpers Authorization
64
+ end
data/test/authorization_test.rb ADDED
@@ -0,0 +1,66 @@
1
+ require "test/unit"
2
+ require "rack/test"
3
+ require "context"
4
+ require "pending"
5
+
6
+ require File.dirname(__FILE__) + "/../lib/sinatra/authorization"
7
+
8
+ class AuthorizationApp < Sinatra::Default
9
+ set :environment, :test
10
+
11
+ get "/" do
12
+ login_required
13
+
14
+ "Welcome in protected zone"
15
+ end
16
+
17
+ def authorize(username, password)
18
+ username == "user" && password = "test"
19
+ end
20
+
21
+ def authorization_realm
22
+ "Move on"
23
+ end
24
+ end
25
+
26
+ class SinatraAuthorizationTest < Test::Unit::TestCase
27
+ before do
28
+ @session = Rack::Test::Session.new(AuthorizationApp)
29
+ end
30
+
31
+ def basic_auth(user="user", password="test")
32
+ credentials = ["#{user}:#{password}"].pack("m*")
33
+
34
+ { "HTTP_AUTHORIZATION" => "Basic #{credentials}" }
35
+ end
36
+
37
+ it "is authorized with correct credentials" do
38
+ @session.get "/", {}, basic_auth
39
+ assert_equal 200, @session.last_response.status
40
+ assert_equal ["Welcome in protected zone"], @session.last_response.body
41
+ end
42
+
43
+ it "sets REMOTE_USER" do
44
+ pending "TODO"
45
+ end
46
+
47
+ it "is unauthorized without credentials" do
48
+ @session.get "/"
49
+ assert_equal 401, @session.last_response.status
50
+ end
51
+
52
+ it "is unauthorized with incorrect credentials" do
53
+ @session.get "/", {}, basic_auth("evil", "wrong")
54
+ assert_equal 401, @session.last_response.status
55
+ end
56
+
57
+ it "returns specified realm" do
58
+ @session.get "/"
59
+ assert_equal %Q(Basic realm="Move on"), @session.last_response["WWW-Authenticate"]
60
+ end
61
+
62
+ it "returns a 400, Bad Request if not basic auth" do
63
+ @session.get "/", {}, { "HTTP_AUTHORIZATION" => "Foo bar" }
64
+ assert_equal 400, @session.last_response.status
65
+ end
66
+ end
metadata ADDED
@@ -0,0 +1,67 @@
1
+ --- !ruby/object:Gem::Specification
2
+ name: jpablobr-sinatra-authorization
3
+ version: !ruby/object:Gem::Version
4
+ prerelease: false
5
+ segments:
6
+ - 0
7
+ - 1
8
+ - 0
9
+ version: 0.1.0
10
+ platform: ruby
11
+ authors:
12
+ - Jose Pablo Barrantes
13
+ autorequire:
14
+ bindir: bin
15
+ cert_chain: []
16
+
17
+ date: 2010-04-25 00:00:00 -06:00
18
+ default_executable:
19
+ dependencies: []
20
+
21
+ description: jpablobr-sinatra-authorization HTTP Authorization helpers for Sinatra.
22
+ email: xjpablobrx@gmail.com
23
+ executables: []
24
+
25
+ extensions: []
26
+
27
+ extra_rdoc_files:
28
+ - README.rdoc
29
+ files:
30
+ - .gitignore
31
+ - README.rdoc
32
+ - Rakefile
33
+ - VERSION
34
+ - lib/sinatra/authorization.rb
35
+ - test/authorization_test.rb
36
+ has_rdoc: true
37
+ homepage: http://github.com/jpablobr/sinatra-authorization
38
+ licenses: []
39
+
40
+ post_install_message:
41
+ rdoc_options:
42
+ - --charset=UTF-8
43
+ require_paths:
44
+ - lib
45
+ required_ruby_version: !ruby/object:Gem::Requirement
46
+ requirements:
47
+ - - ">="
48
+ - !ruby/object:Gem::Version
49
+ segments:
50
+ - 0
51
+ version: "0"
52
+ required_rubygems_version: !ruby/object:Gem::Requirement
53
+ requirements:
54
+ - - ">="
55
+ - !ruby/object:Gem::Version
56
+ segments:
57
+ - 0
58
+ version: "0"
59
+ requirements: []
60
+
61
+ rubyforge_project:
62
+ rubygems_version: 1.3.6
63
+ signing_key:
64
+ specification_version: 3
65
+ summary: jpablobr-sinatra-authorization HTTP Authorization helpers for Sinatra.
66
+ test_files:
67
+ - test/authorization_test.rb