kennedy 0.0.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/.document +5 -0
- data/.gitignore +21 -0
- data/.yardoc +0 -0
- data/LICENSE +20 -0
- data/MAIN.rdoc +23 -0
- data/README.markdown +17 -0
- data/Rakefile +52 -0
- data/VERSION +1 -0
- data/bin/kennedy-gen +13 -0
- data/doc/Kennedy.html +98 -0
- data/doc/Kennedy/Backends.html +94 -0
- data/doc/Kennedy/Backends/LDAP.html +471 -0
- data/doc/Kennedy/BadTicketException.html +92 -0
- data/doc/Kennedy/Granter.html +570 -0
- data/doc/Kennedy/Server.html +258 -0
- data/doc/Kennedy/Ticket.html +875 -0
- data/doc/_index.html +170 -0
- data/doc/class_list.html +97 -0
- data/doc/css/common.css +1 -0
- data/doc/css/full_list.css +23 -0
- data/doc/css/style.css +261 -0
- data/doc/file.README.html +69 -0
- data/doc/file_list.html +29 -0
- data/doc/index.html +69 -0
- data/doc/js/app.js +91 -0
- data/doc/js/full_list.js +39 -0
- data/doc/js/jquery.js +19 -0
- data/doc/method_list.html +152 -0
- data/doc/top-level-namespace.html +80 -0
- data/kennedy.gemspec +114 -0
- data/lib/kennedy.rb +2 -0
- data/lib/kennedy/backends/ldap.rb +35 -0
- data/lib/kennedy/generator.rb +69 -0
- data/lib/kennedy/granter.rb +52 -0
- data/lib/kennedy/instance_configuration.rb +58 -0
- data/lib/kennedy/server.rb +164 -0
- data/lib/kennedy/ticket.rb +97 -0
- data/logo.png +0 -0
- data/template/config.ru.erb +22 -0
- data/template/config/api_keys.yml.erb +1 -0
- data/template/config/backend.rb +0 -0
- data/template/config/encryption.yml.erb +2 -0
- data/template/config/sessions.yml.erb +1 -0
- data/test/granter_test.rb +93 -0
- data/test/ldap_backend_test.rb +66 -0
- data/test/server_test.rb +285 -0
- data/test/teststrap.rb +34 -0
- data/test/ticket_test.rb +84 -0
- metadata +177 -0
data/test/teststrap.rb
ADDED
|
@@ -0,0 +1,34 @@
|
|
|
1
|
+
require 'rubygems'
|
|
2
|
+
require 'riot'
|
|
3
|
+
require 'kennedy'
|
|
4
|
+
require 'rack'
|
|
5
|
+
|
|
6
|
+
class StubBackend
|
|
7
|
+
attr_reader :credentials
|
|
8
|
+
def authenticate(identifier, password)
|
|
9
|
+
@credentials = [identifier, password]
|
|
10
|
+
password == 'bar'
|
|
11
|
+
end
|
|
12
|
+
end
|
|
13
|
+
|
|
14
|
+
class StubLDAP
|
|
15
|
+
attr_reader :bind_as_arguments
|
|
16
|
+
def initialize(return_val)
|
|
17
|
+
@return_val = return_val
|
|
18
|
+
end
|
|
19
|
+
|
|
20
|
+
def bind_as(args)
|
|
21
|
+
@bind_as_arguments = args
|
|
22
|
+
@return_val
|
|
23
|
+
end
|
|
24
|
+
end
|
|
25
|
+
|
|
26
|
+
class SSLMockRequest < Rack::MockRequest
|
|
27
|
+
|
|
28
|
+
def self.env_for(*args)
|
|
29
|
+
env = super(*args)
|
|
30
|
+
env["rack.url_scheme"] = "https"
|
|
31
|
+
env
|
|
32
|
+
end
|
|
33
|
+
|
|
34
|
+
end
|
data/test/ticket_test.rb
ADDED
|
@@ -0,0 +1,84 @@
|
|
|
1
|
+
require 'teststrap'
|
|
2
|
+
require 'digest/sha1'
|
|
3
|
+
|
|
4
|
+
context "kennedy ticket" do
|
|
5
|
+
should "not allow calling new" do
|
|
6
|
+
Kennedy::Ticket.new
|
|
7
|
+
end.raises(NoMethodError)
|
|
8
|
+
|
|
9
|
+
context "creating a new ticket" do
|
|
10
|
+
should "raise an exception if not given an identifier" do
|
|
11
|
+
Kennedy::Ticket.create({})
|
|
12
|
+
end.raises(ArgumentError, "Ticket identifier must be given as :identifier")
|
|
13
|
+
|
|
14
|
+
should "raise an exception if no IV is given" do
|
|
15
|
+
Kennedy::Ticket.create(:identifier => "foo@example.com", :passphrase => "foo")
|
|
16
|
+
end.raises(ArgumentError, "Ticket encryption IV must be given as :iv")
|
|
17
|
+
|
|
18
|
+
should "raise an exception if no passphrase is given" do
|
|
19
|
+
Kennedy::Ticket.create(:identifier => "foo@example.com", :iv => "foo")
|
|
20
|
+
end.raises(ArgumentError, "Ticket encryption passphrase must be given as :passphrase")
|
|
21
|
+
|
|
22
|
+
should "be encryptable with all args given" do
|
|
23
|
+
ticket = Kennedy::Ticket.create(:identifier => "foo@example.com", :iv => Digest::SHA1.hexdigest(Time.now.to_i.to_s),
|
|
24
|
+
:passphrase => Digest::SHA1.hexdigest(Time.now.to_i.to_s))
|
|
25
|
+
ticket.to_encrypted
|
|
26
|
+
end.kind_of(String)
|
|
27
|
+
end # building a new ticket
|
|
28
|
+
|
|
29
|
+
context "reading in an encrypted ticket" do
|
|
30
|
+
|
|
31
|
+
should "raise an exception if no IV is given" do
|
|
32
|
+
Kennedy::Ticket.from_encrypted(:data => "foo", :passphrase => "foo")
|
|
33
|
+
end.raises(ArgumentError, "Ticket encryption IV must be given as :iv")
|
|
34
|
+
|
|
35
|
+
should "raise an exception if no passphrase is given" do
|
|
36
|
+
Kennedy::Ticket.from_encrypted(:data => "foo", :iv => "foo")
|
|
37
|
+
end.raises(ArgumentError, "Ticket encryption passphrase must be given as :passphrase")
|
|
38
|
+
|
|
39
|
+
should "raise an exception if no data is given" do
|
|
40
|
+
Kennedy::Ticket.from_encrypted(:iv => "foo", :passphrase => "bar")
|
|
41
|
+
end.raises(ArgumentError, "Data must be given as :data")
|
|
42
|
+
|
|
43
|
+
context "with valid encryption credentials" do
|
|
44
|
+
setup do
|
|
45
|
+
iv, passphrase = Digest::SHA1.hexdigest(Time.now.to_i.to_s), Digest::SHA1.hexdigest(Time.now.to_i.to_s)
|
|
46
|
+
ticket = Kennedy::Ticket.create(:identifier => "foo@example.com", :iv => iv,
|
|
47
|
+
:passphrase => passphrase)
|
|
48
|
+
encrypted = ticket.to_encrypted
|
|
49
|
+
decrypted = Kennedy::Ticket.from_encrypted(:data => encrypted, :iv => iv, :passphrase => passphrase)
|
|
50
|
+
end
|
|
51
|
+
|
|
52
|
+
should "not be expired" do
|
|
53
|
+
!topic.expired?
|
|
54
|
+
end
|
|
55
|
+
|
|
56
|
+
should "contain the identifier" do
|
|
57
|
+
topic.identifier
|
|
58
|
+
end.equals("foo@example.com")
|
|
59
|
+
end # with valid encryption credentials
|
|
60
|
+
|
|
61
|
+
context "with a gibberish ticket" do
|
|
62
|
+
should "raise Kennedy::BadTicketException" do
|
|
63
|
+
Kennedy::Ticket.from_encrypted(:data => "bzzt", :iv => Digest::SHA1.hexdigest(Time.now.to_i.to_s),
|
|
64
|
+
:passphrase => Digest::SHA1.hexdigest(Time.now.to_i.to_s))
|
|
65
|
+
end.raises(Kennedy::BadTicketException)
|
|
66
|
+
end
|
|
67
|
+
|
|
68
|
+
context "with an expired ticket" do
|
|
69
|
+
setup do
|
|
70
|
+
iv, passphrase = Digest::SHA1.hexdigest(Time.now.to_i.to_s), Digest::SHA1.hexdigest(Time.now.to_i.to_s)
|
|
71
|
+
ticket = Kennedy::Ticket.create(:identifier => "foo@example.com", :iv => iv, :expiry => -30,
|
|
72
|
+
:passphrase => passphrase)
|
|
73
|
+
encrypted = ticket.to_encrypted
|
|
74
|
+
decrypted = Kennedy::Ticket.from_encrypted(:data => encrypted, :iv => iv, :passphrase => passphrase)
|
|
75
|
+
end
|
|
76
|
+
|
|
77
|
+
should "be expired" do
|
|
78
|
+
topic.expired?
|
|
79
|
+
end
|
|
80
|
+
end
|
|
81
|
+
end # reading in an encrypted ticket
|
|
82
|
+
end
|
|
83
|
+
|
|
84
|
+
|
metadata
ADDED
|
@@ -0,0 +1,177 @@
|
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
|
2
|
+
name: kennedy
|
|
3
|
+
version: !ruby/object:Gem::Version
|
|
4
|
+
version: 0.0.1
|
|
5
|
+
platform: ruby
|
|
6
|
+
authors:
|
|
7
|
+
- gabrielg
|
|
8
|
+
autorequire:
|
|
9
|
+
bindir: bin
|
|
10
|
+
cert_chain: []
|
|
11
|
+
|
|
12
|
+
date: 2009-12-09 00:00:00 -06:00
|
|
13
|
+
default_executable:
|
|
14
|
+
dependencies:
|
|
15
|
+
- !ruby/object:Gem::Dependency
|
|
16
|
+
name: riot
|
|
17
|
+
type: :development
|
|
18
|
+
version_requirement:
|
|
19
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
20
|
+
requirements:
|
|
21
|
+
- - ">="
|
|
22
|
+
- !ruby/object:Gem::Version
|
|
23
|
+
version: "0"
|
|
24
|
+
version:
|
|
25
|
+
- !ruby/object:Gem::Dependency
|
|
26
|
+
name: maruku
|
|
27
|
+
type: :development
|
|
28
|
+
version_requirement:
|
|
29
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
30
|
+
requirements:
|
|
31
|
+
- - ">="
|
|
32
|
+
- !ruby/object:Gem::Version
|
|
33
|
+
version: "0"
|
|
34
|
+
version:
|
|
35
|
+
- !ruby/object:Gem::Dependency
|
|
36
|
+
name: yard
|
|
37
|
+
type: :development
|
|
38
|
+
version_requirement:
|
|
39
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
40
|
+
requirements:
|
|
41
|
+
- - ">="
|
|
42
|
+
- !ruby/object:Gem::Version
|
|
43
|
+
version: "0"
|
|
44
|
+
version:
|
|
45
|
+
- !ruby/object:Gem::Dependency
|
|
46
|
+
name: ruby-net-ldap
|
|
47
|
+
type: :runtime
|
|
48
|
+
version_requirement:
|
|
49
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
50
|
+
requirements:
|
|
51
|
+
- - ">="
|
|
52
|
+
- !ruby/object:Gem::Version
|
|
53
|
+
version: "0"
|
|
54
|
+
version:
|
|
55
|
+
- !ruby/object:Gem::Dependency
|
|
56
|
+
name: json
|
|
57
|
+
type: :runtime
|
|
58
|
+
version_requirement:
|
|
59
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
60
|
+
requirements:
|
|
61
|
+
- - ">="
|
|
62
|
+
- !ruby/object:Gem::Version
|
|
63
|
+
version: "0"
|
|
64
|
+
version:
|
|
65
|
+
- !ruby/object:Gem::Dependency
|
|
66
|
+
name: sinatra
|
|
67
|
+
type: :runtime
|
|
68
|
+
version_requirement:
|
|
69
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
70
|
+
requirements:
|
|
71
|
+
- - ">="
|
|
72
|
+
- !ruby/object:Gem::Version
|
|
73
|
+
version: "0"
|
|
74
|
+
version:
|
|
75
|
+
- !ruby/object:Gem::Dependency
|
|
76
|
+
name: rack
|
|
77
|
+
type: :runtime
|
|
78
|
+
version_requirement:
|
|
79
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
80
|
+
requirements:
|
|
81
|
+
- - ">="
|
|
82
|
+
- !ruby/object:Gem::Version
|
|
83
|
+
version: "0"
|
|
84
|
+
version:
|
|
85
|
+
description: Kennedy is out for Castronaut. A simple single-sign-on client and server library.
|
|
86
|
+
email: gabriel.gironda@gmail.com
|
|
87
|
+
executables:
|
|
88
|
+
- kennedy-gen
|
|
89
|
+
- kennedy-gen
|
|
90
|
+
extensions: []
|
|
91
|
+
|
|
92
|
+
extra_rdoc_files:
|
|
93
|
+
- LICENSE
|
|
94
|
+
- README.markdown
|
|
95
|
+
files:
|
|
96
|
+
- .document
|
|
97
|
+
- .gitignore
|
|
98
|
+
- .yardoc
|
|
99
|
+
- LICENSE
|
|
100
|
+
- MAIN.rdoc
|
|
101
|
+
- README.markdown
|
|
102
|
+
- Rakefile
|
|
103
|
+
- VERSION
|
|
104
|
+
- bin/kennedy-gen
|
|
105
|
+
- doc/Kennedy.html
|
|
106
|
+
- doc/Kennedy/Backends.html
|
|
107
|
+
- doc/Kennedy/Backends/LDAP.html
|
|
108
|
+
- doc/Kennedy/BadTicketException.html
|
|
109
|
+
- doc/Kennedy/Granter.html
|
|
110
|
+
- doc/Kennedy/Server.html
|
|
111
|
+
- doc/Kennedy/Ticket.html
|
|
112
|
+
- doc/_index.html
|
|
113
|
+
- doc/class_list.html
|
|
114
|
+
- doc/css/common.css
|
|
115
|
+
- doc/css/full_list.css
|
|
116
|
+
- doc/css/style.css
|
|
117
|
+
- doc/file.README.html
|
|
118
|
+
- doc/file_list.html
|
|
119
|
+
- doc/index.html
|
|
120
|
+
- doc/js/app.js
|
|
121
|
+
- doc/js/full_list.js
|
|
122
|
+
- doc/js/jquery.js
|
|
123
|
+
- doc/method_list.html
|
|
124
|
+
- doc/top-level-namespace.html
|
|
125
|
+
- kennedy.gemspec
|
|
126
|
+
- lib/kennedy.rb
|
|
127
|
+
- lib/kennedy/backends/ldap.rb
|
|
128
|
+
- lib/kennedy/generator.rb
|
|
129
|
+
- lib/kennedy/granter.rb
|
|
130
|
+
- lib/kennedy/instance_configuration.rb
|
|
131
|
+
- lib/kennedy/server.rb
|
|
132
|
+
- lib/kennedy/ticket.rb
|
|
133
|
+
- logo.png
|
|
134
|
+
- template/config.ru.erb
|
|
135
|
+
- template/config/api_keys.yml.erb
|
|
136
|
+
- template/config/backend.rb
|
|
137
|
+
- template/config/encryption.yml.erb
|
|
138
|
+
- template/config/sessions.yml.erb
|
|
139
|
+
- test/granter_test.rb
|
|
140
|
+
- test/ldap_backend_test.rb
|
|
141
|
+
- test/server_test.rb
|
|
142
|
+
- test/teststrap.rb
|
|
143
|
+
- test/ticket_test.rb
|
|
144
|
+
has_rdoc: true
|
|
145
|
+
homepage: http://github.com/gabrielg/kennedy
|
|
146
|
+
licenses: []
|
|
147
|
+
|
|
148
|
+
post_install_message:
|
|
149
|
+
rdoc_options:
|
|
150
|
+
- --charset=UTF-8
|
|
151
|
+
require_paths:
|
|
152
|
+
- lib
|
|
153
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
|
154
|
+
requirements:
|
|
155
|
+
- - ">="
|
|
156
|
+
- !ruby/object:Gem::Version
|
|
157
|
+
version: "0"
|
|
158
|
+
version:
|
|
159
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
160
|
+
requirements:
|
|
161
|
+
- - ">="
|
|
162
|
+
- !ruby/object:Gem::Version
|
|
163
|
+
version: "0"
|
|
164
|
+
version:
|
|
165
|
+
requirements: []
|
|
166
|
+
|
|
167
|
+
rubyforge_project:
|
|
168
|
+
rubygems_version: 1.3.5
|
|
169
|
+
signing_key:
|
|
170
|
+
specification_version: 3
|
|
171
|
+
summary: A simple single-sign-on client and server library.
|
|
172
|
+
test_files:
|
|
173
|
+
- test/granter_test.rb
|
|
174
|
+
- test/ldap_backend_test.rb
|
|
175
|
+
- test/server_test.rb
|
|
176
|
+
- test/teststrap.rb
|
|
177
|
+
- test/ticket_test.rb
|