kennedy 0.0.1
Sign up to get free protection for your applications and to get access to all the features.
- data/.document +5 -0
- data/.gitignore +21 -0
- data/.yardoc +0 -0
- data/LICENSE +20 -0
- data/MAIN.rdoc +23 -0
- data/README.markdown +17 -0
- data/Rakefile +52 -0
- data/VERSION +1 -0
- data/bin/kennedy-gen +13 -0
- data/doc/Kennedy.html +98 -0
- data/doc/Kennedy/Backends.html +94 -0
- data/doc/Kennedy/Backends/LDAP.html +471 -0
- data/doc/Kennedy/BadTicketException.html +92 -0
- data/doc/Kennedy/Granter.html +570 -0
- data/doc/Kennedy/Server.html +258 -0
- data/doc/Kennedy/Ticket.html +875 -0
- data/doc/_index.html +170 -0
- data/doc/class_list.html +97 -0
- data/doc/css/common.css +1 -0
- data/doc/css/full_list.css +23 -0
- data/doc/css/style.css +261 -0
- data/doc/file.README.html +69 -0
- data/doc/file_list.html +29 -0
- data/doc/index.html +69 -0
- data/doc/js/app.js +91 -0
- data/doc/js/full_list.js +39 -0
- data/doc/js/jquery.js +19 -0
- data/doc/method_list.html +152 -0
- data/doc/top-level-namespace.html +80 -0
- data/kennedy.gemspec +114 -0
- data/lib/kennedy.rb +2 -0
- data/lib/kennedy/backends/ldap.rb +35 -0
- data/lib/kennedy/generator.rb +69 -0
- data/lib/kennedy/granter.rb +52 -0
- data/lib/kennedy/instance_configuration.rb +58 -0
- data/lib/kennedy/server.rb +164 -0
- data/lib/kennedy/ticket.rb +97 -0
- data/logo.png +0 -0
- data/template/config.ru.erb +22 -0
- data/template/config/api_keys.yml.erb +1 -0
- data/template/config/backend.rb +0 -0
- data/template/config/encryption.yml.erb +2 -0
- data/template/config/sessions.yml.erb +1 -0
- data/test/granter_test.rb +93 -0
- data/test/ldap_backend_test.rb +66 -0
- data/test/server_test.rb +285 -0
- data/test/teststrap.rb +34 -0
- data/test/ticket_test.rb +84 -0
- metadata +177 -0
data/test/teststrap.rb
ADDED
|
@@ -0,0 +1,34 @@
|
|
|
1
|
+
require 'rubygems'
|
|
2
|
+
require 'riot'
|
|
3
|
+
require 'kennedy'
|
|
4
|
+
require 'rack'
|
|
5
|
+
|
|
6
|
+
class StubBackend
|
|
7
|
+
attr_reader :credentials
|
|
8
|
+
def authenticate(identifier, password)
|
|
9
|
+
@credentials = [identifier, password]
|
|
10
|
+
password == 'bar'
|
|
11
|
+
end
|
|
12
|
+
end
|
|
13
|
+
|
|
14
|
+
class StubLDAP
|
|
15
|
+
attr_reader :bind_as_arguments
|
|
16
|
+
def initialize(return_val)
|
|
17
|
+
@return_val = return_val
|
|
18
|
+
end
|
|
19
|
+
|
|
20
|
+
def bind_as(args)
|
|
21
|
+
@bind_as_arguments = args
|
|
22
|
+
@return_val
|
|
23
|
+
end
|
|
24
|
+
end
|
|
25
|
+
|
|
26
|
+
class SSLMockRequest < Rack::MockRequest
|
|
27
|
+
|
|
28
|
+
def self.env_for(*args)
|
|
29
|
+
env = super(*args)
|
|
30
|
+
env["rack.url_scheme"] = "https"
|
|
31
|
+
env
|
|
32
|
+
end
|
|
33
|
+
|
|
34
|
+
end
|
data/test/ticket_test.rb
ADDED
|
@@ -0,0 +1,84 @@
|
|
|
1
|
+
require 'teststrap'
|
|
2
|
+
require 'digest/sha1'
|
|
3
|
+
|
|
4
|
+
context "kennedy ticket" do
|
|
5
|
+
should "not allow calling new" do
|
|
6
|
+
Kennedy::Ticket.new
|
|
7
|
+
end.raises(NoMethodError)
|
|
8
|
+
|
|
9
|
+
context "creating a new ticket" do
|
|
10
|
+
should "raise an exception if not given an identifier" do
|
|
11
|
+
Kennedy::Ticket.create({})
|
|
12
|
+
end.raises(ArgumentError, "Ticket identifier must be given as :identifier")
|
|
13
|
+
|
|
14
|
+
should "raise an exception if no IV is given" do
|
|
15
|
+
Kennedy::Ticket.create(:identifier => "foo@example.com", :passphrase => "foo")
|
|
16
|
+
end.raises(ArgumentError, "Ticket encryption IV must be given as :iv")
|
|
17
|
+
|
|
18
|
+
should "raise an exception if no passphrase is given" do
|
|
19
|
+
Kennedy::Ticket.create(:identifier => "foo@example.com", :iv => "foo")
|
|
20
|
+
end.raises(ArgumentError, "Ticket encryption passphrase must be given as :passphrase")
|
|
21
|
+
|
|
22
|
+
should "be encryptable with all args given" do
|
|
23
|
+
ticket = Kennedy::Ticket.create(:identifier => "foo@example.com", :iv => Digest::SHA1.hexdigest(Time.now.to_i.to_s),
|
|
24
|
+
:passphrase => Digest::SHA1.hexdigest(Time.now.to_i.to_s))
|
|
25
|
+
ticket.to_encrypted
|
|
26
|
+
end.kind_of(String)
|
|
27
|
+
end # building a new ticket
|
|
28
|
+
|
|
29
|
+
context "reading in an encrypted ticket" do
|
|
30
|
+
|
|
31
|
+
should "raise an exception if no IV is given" do
|
|
32
|
+
Kennedy::Ticket.from_encrypted(:data => "foo", :passphrase => "foo")
|
|
33
|
+
end.raises(ArgumentError, "Ticket encryption IV must be given as :iv")
|
|
34
|
+
|
|
35
|
+
should "raise an exception if no passphrase is given" do
|
|
36
|
+
Kennedy::Ticket.from_encrypted(:data => "foo", :iv => "foo")
|
|
37
|
+
end.raises(ArgumentError, "Ticket encryption passphrase must be given as :passphrase")
|
|
38
|
+
|
|
39
|
+
should "raise an exception if no data is given" do
|
|
40
|
+
Kennedy::Ticket.from_encrypted(:iv => "foo", :passphrase => "bar")
|
|
41
|
+
end.raises(ArgumentError, "Data must be given as :data")
|
|
42
|
+
|
|
43
|
+
context "with valid encryption credentials" do
|
|
44
|
+
setup do
|
|
45
|
+
iv, passphrase = Digest::SHA1.hexdigest(Time.now.to_i.to_s), Digest::SHA1.hexdigest(Time.now.to_i.to_s)
|
|
46
|
+
ticket = Kennedy::Ticket.create(:identifier => "foo@example.com", :iv => iv,
|
|
47
|
+
:passphrase => passphrase)
|
|
48
|
+
encrypted = ticket.to_encrypted
|
|
49
|
+
decrypted = Kennedy::Ticket.from_encrypted(:data => encrypted, :iv => iv, :passphrase => passphrase)
|
|
50
|
+
end
|
|
51
|
+
|
|
52
|
+
should "not be expired" do
|
|
53
|
+
!topic.expired?
|
|
54
|
+
end
|
|
55
|
+
|
|
56
|
+
should "contain the identifier" do
|
|
57
|
+
topic.identifier
|
|
58
|
+
end.equals("foo@example.com")
|
|
59
|
+
end # with valid encryption credentials
|
|
60
|
+
|
|
61
|
+
context "with a gibberish ticket" do
|
|
62
|
+
should "raise Kennedy::BadTicketException" do
|
|
63
|
+
Kennedy::Ticket.from_encrypted(:data => "bzzt", :iv => Digest::SHA1.hexdigest(Time.now.to_i.to_s),
|
|
64
|
+
:passphrase => Digest::SHA1.hexdigest(Time.now.to_i.to_s))
|
|
65
|
+
end.raises(Kennedy::BadTicketException)
|
|
66
|
+
end
|
|
67
|
+
|
|
68
|
+
context "with an expired ticket" do
|
|
69
|
+
setup do
|
|
70
|
+
iv, passphrase = Digest::SHA1.hexdigest(Time.now.to_i.to_s), Digest::SHA1.hexdigest(Time.now.to_i.to_s)
|
|
71
|
+
ticket = Kennedy::Ticket.create(:identifier => "foo@example.com", :iv => iv, :expiry => -30,
|
|
72
|
+
:passphrase => passphrase)
|
|
73
|
+
encrypted = ticket.to_encrypted
|
|
74
|
+
decrypted = Kennedy::Ticket.from_encrypted(:data => encrypted, :iv => iv, :passphrase => passphrase)
|
|
75
|
+
end
|
|
76
|
+
|
|
77
|
+
should "be expired" do
|
|
78
|
+
topic.expired?
|
|
79
|
+
end
|
|
80
|
+
end
|
|
81
|
+
end # reading in an encrypted ticket
|
|
82
|
+
end
|
|
83
|
+
|
|
84
|
+
|
metadata
ADDED
|
@@ -0,0 +1,177 @@
|
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
|
2
|
+
name: kennedy
|
|
3
|
+
version: !ruby/object:Gem::Version
|
|
4
|
+
version: 0.0.1
|
|
5
|
+
platform: ruby
|
|
6
|
+
authors:
|
|
7
|
+
- gabrielg
|
|
8
|
+
autorequire:
|
|
9
|
+
bindir: bin
|
|
10
|
+
cert_chain: []
|
|
11
|
+
|
|
12
|
+
date: 2009-12-09 00:00:00 -06:00
|
|
13
|
+
default_executable:
|
|
14
|
+
dependencies:
|
|
15
|
+
- !ruby/object:Gem::Dependency
|
|
16
|
+
name: riot
|
|
17
|
+
type: :development
|
|
18
|
+
version_requirement:
|
|
19
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
20
|
+
requirements:
|
|
21
|
+
- - ">="
|
|
22
|
+
- !ruby/object:Gem::Version
|
|
23
|
+
version: "0"
|
|
24
|
+
version:
|
|
25
|
+
- !ruby/object:Gem::Dependency
|
|
26
|
+
name: maruku
|
|
27
|
+
type: :development
|
|
28
|
+
version_requirement:
|
|
29
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
30
|
+
requirements:
|
|
31
|
+
- - ">="
|
|
32
|
+
- !ruby/object:Gem::Version
|
|
33
|
+
version: "0"
|
|
34
|
+
version:
|
|
35
|
+
- !ruby/object:Gem::Dependency
|
|
36
|
+
name: yard
|
|
37
|
+
type: :development
|
|
38
|
+
version_requirement:
|
|
39
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
40
|
+
requirements:
|
|
41
|
+
- - ">="
|
|
42
|
+
- !ruby/object:Gem::Version
|
|
43
|
+
version: "0"
|
|
44
|
+
version:
|
|
45
|
+
- !ruby/object:Gem::Dependency
|
|
46
|
+
name: ruby-net-ldap
|
|
47
|
+
type: :runtime
|
|
48
|
+
version_requirement:
|
|
49
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
50
|
+
requirements:
|
|
51
|
+
- - ">="
|
|
52
|
+
- !ruby/object:Gem::Version
|
|
53
|
+
version: "0"
|
|
54
|
+
version:
|
|
55
|
+
- !ruby/object:Gem::Dependency
|
|
56
|
+
name: json
|
|
57
|
+
type: :runtime
|
|
58
|
+
version_requirement:
|
|
59
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
60
|
+
requirements:
|
|
61
|
+
- - ">="
|
|
62
|
+
- !ruby/object:Gem::Version
|
|
63
|
+
version: "0"
|
|
64
|
+
version:
|
|
65
|
+
- !ruby/object:Gem::Dependency
|
|
66
|
+
name: sinatra
|
|
67
|
+
type: :runtime
|
|
68
|
+
version_requirement:
|
|
69
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
70
|
+
requirements:
|
|
71
|
+
- - ">="
|
|
72
|
+
- !ruby/object:Gem::Version
|
|
73
|
+
version: "0"
|
|
74
|
+
version:
|
|
75
|
+
- !ruby/object:Gem::Dependency
|
|
76
|
+
name: rack
|
|
77
|
+
type: :runtime
|
|
78
|
+
version_requirement:
|
|
79
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
80
|
+
requirements:
|
|
81
|
+
- - ">="
|
|
82
|
+
- !ruby/object:Gem::Version
|
|
83
|
+
version: "0"
|
|
84
|
+
version:
|
|
85
|
+
description: Kennedy is out for Castronaut. A simple single-sign-on client and server library.
|
|
86
|
+
email: gabriel.gironda@gmail.com
|
|
87
|
+
executables:
|
|
88
|
+
- kennedy-gen
|
|
89
|
+
- kennedy-gen
|
|
90
|
+
extensions: []
|
|
91
|
+
|
|
92
|
+
extra_rdoc_files:
|
|
93
|
+
- LICENSE
|
|
94
|
+
- README.markdown
|
|
95
|
+
files:
|
|
96
|
+
- .document
|
|
97
|
+
- .gitignore
|
|
98
|
+
- .yardoc
|
|
99
|
+
- LICENSE
|
|
100
|
+
- MAIN.rdoc
|
|
101
|
+
- README.markdown
|
|
102
|
+
- Rakefile
|
|
103
|
+
- VERSION
|
|
104
|
+
- bin/kennedy-gen
|
|
105
|
+
- doc/Kennedy.html
|
|
106
|
+
- doc/Kennedy/Backends.html
|
|
107
|
+
- doc/Kennedy/Backends/LDAP.html
|
|
108
|
+
- doc/Kennedy/BadTicketException.html
|
|
109
|
+
- doc/Kennedy/Granter.html
|
|
110
|
+
- doc/Kennedy/Server.html
|
|
111
|
+
- doc/Kennedy/Ticket.html
|
|
112
|
+
- doc/_index.html
|
|
113
|
+
- doc/class_list.html
|
|
114
|
+
- doc/css/common.css
|
|
115
|
+
- doc/css/full_list.css
|
|
116
|
+
- doc/css/style.css
|
|
117
|
+
- doc/file.README.html
|
|
118
|
+
- doc/file_list.html
|
|
119
|
+
- doc/index.html
|
|
120
|
+
- doc/js/app.js
|
|
121
|
+
- doc/js/full_list.js
|
|
122
|
+
- doc/js/jquery.js
|
|
123
|
+
- doc/method_list.html
|
|
124
|
+
- doc/top-level-namespace.html
|
|
125
|
+
- kennedy.gemspec
|
|
126
|
+
- lib/kennedy.rb
|
|
127
|
+
- lib/kennedy/backends/ldap.rb
|
|
128
|
+
- lib/kennedy/generator.rb
|
|
129
|
+
- lib/kennedy/granter.rb
|
|
130
|
+
- lib/kennedy/instance_configuration.rb
|
|
131
|
+
- lib/kennedy/server.rb
|
|
132
|
+
- lib/kennedy/ticket.rb
|
|
133
|
+
- logo.png
|
|
134
|
+
- template/config.ru.erb
|
|
135
|
+
- template/config/api_keys.yml.erb
|
|
136
|
+
- template/config/backend.rb
|
|
137
|
+
- template/config/encryption.yml.erb
|
|
138
|
+
- template/config/sessions.yml.erb
|
|
139
|
+
- test/granter_test.rb
|
|
140
|
+
- test/ldap_backend_test.rb
|
|
141
|
+
- test/server_test.rb
|
|
142
|
+
- test/teststrap.rb
|
|
143
|
+
- test/ticket_test.rb
|
|
144
|
+
has_rdoc: true
|
|
145
|
+
homepage: http://github.com/gabrielg/kennedy
|
|
146
|
+
licenses: []
|
|
147
|
+
|
|
148
|
+
post_install_message:
|
|
149
|
+
rdoc_options:
|
|
150
|
+
- --charset=UTF-8
|
|
151
|
+
require_paths:
|
|
152
|
+
- lib
|
|
153
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
|
154
|
+
requirements:
|
|
155
|
+
- - ">="
|
|
156
|
+
- !ruby/object:Gem::Version
|
|
157
|
+
version: "0"
|
|
158
|
+
version:
|
|
159
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
160
|
+
requirements:
|
|
161
|
+
- - ">="
|
|
162
|
+
- !ruby/object:Gem::Version
|
|
163
|
+
version: "0"
|
|
164
|
+
version:
|
|
165
|
+
requirements: []
|
|
166
|
+
|
|
167
|
+
rubyforge_project:
|
|
168
|
+
rubygems_version: 1.3.5
|
|
169
|
+
signing_key:
|
|
170
|
+
specification_version: 3
|
|
171
|
+
summary: A simple single-sign-on client and server library.
|
|
172
|
+
test_files:
|
|
173
|
+
- test/granter_test.rb
|
|
174
|
+
- test/ldap_backend_test.rb
|
|
175
|
+
- test/server_test.rb
|
|
176
|
+
- test/teststrap.rb
|
|
177
|
+
- test/ticket_test.rb
|