mc-openid 0.0.1

data/.gitignore

@@ -0,0 +1,3 @@
+pkg/*
+*.gem
+.bundle

data/Gemfile

@@ -0,0 +1,12 @@
+source "http://rubygems.org"
+
+# Specify your gem's dependencies in mc-openid.gemspec
+gemspec
+
+gem "ruby-openid-apps-discovery", :require => 'gapps_openid'
+gem "ruby-openid"
+
+#test
+gem 'rspec'
+gem 'activesupport'
+gem 'mocha'

data/Gemfile.lock

@@ -0,0 +1,35 @@
+PATH
+  remote: .
+  specs:
+    mc-openid (0.0.1.pre)
+
+GEM
+  remote: http://rubygems.org/
+  specs:
+    activesupport (3.0.3)
+    diff-lcs (1.1.2)
+    mocha (0.9.10)
+      rake
+    rake (0.8.7)
+    rspec (2.4.0)
+      rspec-core (~> 2.4.0)
+      rspec-expectations (~> 2.4.0)
+      rspec-mocks (~> 2.4.0)
+    rspec-core (2.4.0)
+    rspec-expectations (2.4.0)
+      diff-lcs (~> 1.1.2)
+    rspec-mocks (2.4.0)
+    ruby-openid (2.1.8)
+    ruby-openid-apps-discovery (1.2.0)
+      ruby-openid (>= 2.1.7)
+
+PLATFORMS
+  ruby
+
+DEPENDENCIES
+  activesupport
+  mc-openid!
+  mocha
+  rspec
+  ruby-openid
+  ruby-openid-apps-discovery

data/Rakefile

@@ -0,0 +1,23 @@
+require 'bundler'
+Bundler::GemHelper.install_tasks
+
+##TEST UNIT
+require 'rake'
+require 'rake/testtask'
+
+
+desc 'Test the open_id_authentication plugin.'
+Rake::TestTask.new(:test) do |t|
+  t.libs << 'lib/'
+  t.pattern = 'test/**/*_test.rb'
+  t.verbose = false
+end
+
+###RSPEC
+require 'rspec/core/rake_task'
+
+RSpec::Core::RakeTask.new('spec')
+
+desc 'Default: run unit tests.'
+task :default => [:test, :spec]
+

data/lib/mc-openid.rb

@@ -0,0 +1,27 @@
+require 'open_id_authentication/lib/open_id_authentication'
+
+module ModCloth
+  module OpenID
+    include ::OpenIdAuthentication
+
+    protected
+
+    def check_openid
+    unless session && session[:user_email]
+        open_id_authentication("https://www.google.com/accounts/o8/site-xrds?hd=modcloth.com")
+      else
+        session
+      end
+    end
+
+    def open_id_authentication(openid_url)
+      authenticate_with_open_id(openid_url, [{:name => :email, :uri => 'http://axschema.org/contact/email'}]) do |result, identity_url, registration|
+        if result.successful?
+          session[:user_email] = registration.data['http://axschema.org/contact/email'].first
+        end
+      end
+    end
+  end
+end
+
+

data/lib/mc-openid/version.rb

@@ -0,0 +1,5 @@
+module ModCloth
+  module OpenID
+  VERSION = "0.0.1"
+  end
+end

data/lib/open_id_authentication/lib/open_id_authentication.rb

@@ -0,0 +1,175 @@
+require 'uri'
+require 'openid/extensions/sreg'
+require 'openid/extensions/ax'
+require 'openid/store/filesystem'
+
+module OpenIdAuthentication
+  OPEN_ID_AUTHENTICATION_DIR = "tmp/openids"
+  @@logger = Logger.new(STDERR)
+
+  def self.store
+    @@store
+  end
+
+  def self.store=(value)
+    @@store = value
+  end
+
+  self.store = :file
+
+  def store
+    OpenIdAuthentication.store
+  end
+
+  class InvalidOpenId < StandardError
+  end
+
+  class Result
+    ERROR_MESSAGES = {
+      :missing      => "Sorry, the OpenID server couldn't be found",
+      :canceled     => "OpenID verification was canceled",
+      :failed       => "OpenID verification failed",
+      :setup_needed => "OpenID verification needs setup"
+    }
+
+    def self.[](code)
+      new(code)
+    end
+
+    def initialize(code)
+      @code = code
+    end
+
+    def ===(code)
+      if code == :unsuccessful && unsuccessful?
+        true
+      else
+        @code == code
+      end
+    end
+
+    ERROR_MESSAGES.keys.each { |state| define_method("#{state}?") { @code == state } }
+
+    def successful?
+      @code == :successful
+    end
+
+    def unsuccessful?
+      ERROR_MESSAGES.keys.include?(@code)
+    end
+
+    def message
+      ERROR_MESSAGES[@code]
+    end
+  end
+
+  def self.normalize_url(url)
+    uri = URI.parse(url.to_s.strip)
+    uri = URI.parse("http://#{uri}") unless uri.scheme
+    uri.scheme = uri.scheme.downcase  # URI should do this
+    uri.normalize.to_s
+  rescue URI::InvalidURIError
+    raise InvalidOpenId.new("#{url} is not an OpenID URL")
+  end
+
+  protected
+    def normalize_url(url)
+      OpenIdAuthentication.normalize_url(url)
+    end
+
+    # The parameter name of "openid_url" is used rather than the Rails convention "open_id_url"
+    # because that's what the specification dictates in order to get browser auto-complete working across sites
+    def using_open_id?(identity_url = params[:openid_url]) #:doc:
+      !identity_url.blank? || params[:open_id_complete]
+    end
+
+    def authenticate_with_open_id(identity_url = params[:openid_url], options = {}, &block) #:doc:
+      if params[:open_id_complete].nil?
+        begin_open_id_authentication(normalize_url(identity_url), options, &block)
+      else
+        complete_open_id_authentication(&block)
+      end
+    end
+
+  private
+    def begin_open_id_authentication(identity_url, options = {})
+      return_to = options.delete(:return_to)
+      open_id_request = open_id_consumer.begin(identity_url)
+      # use AX instead of SREG
+      # add_simple_registration_fields(open_id_request, options)
+      add_attribute_exchange_fields(open_id_request, options)
+      redirect_to(open_id_redirect_url(open_id_request, return_to))
+    rescue OpenID::OpenIDError, Timeout::Error => e
+      @@logger.error("[OPENID] #{e}")
+      yield Result[:missing], identity_url, nil
+    end
+
+    def complete_open_id_authentication
+      params_with_path = params.reject { |key, value| request.path_parameters[key.to_sym] }
+      params_with_path.delete(:format)
+      open_id_response = timeout_protection_from_identity_server { open_id_consumer.complete(params_with_path, requested_url) }
+      identity_url     = normalize_url(open_id_response.endpoint.claimed_id) if open_id_response.endpoint.claimed_id
+      case open_id_response.status
+      when OpenID::Consumer::SUCCESS
+        # we need to use AX that's why I commented out this line(it looks like google open id is not recognizing the SREG params)
+        #yield Result[:successful], identity_url, OpenID::SReg::Response.from_success_response(open_id_response)
+        yield Result[:successful], identity_url, OpenID::AX::FetchResponse.from_success_response(open_id_response)
+      when OpenID::Consumer::CANCEL
+        yield Result[:canceled], identity_url, nil
+      when OpenID::Consumer::FAILURE
+        yield Result[:failed], identity_url, nil
+      when OpenID::Consumer::SETUP_NEEDED
+        yield Result[:setup_needed], open_id_response.setup_url, nil
+      end
+    end
+
+    def open_id_consumer
+      OpenID::Consumer.new(session, open_id_store)
+    end
+
+    def open_id_store
+      OpenID::Store::Filesystem.new(OPEN_ID_AUTHENTICATION_DIR)
+    end
+
+    # this method is to use AX(Attribute Exchange) instead of SRGE(Simple Registration) that comes with this plugin.
+    def add_attribute_exchange_fields(open_id_request, fields)
+      ax_request = OpenID::AX::FetchRequest.new
+      fields.each {|field| ax_request.add(OpenID::AX::AttrInfo.new(field[:uri],field[:name].to_s,true)) }
+      open_id_request.add_extension(ax_request)
+    end
+
+    def add_simple_registration_fields(open_id_request, fields)
+      sreg_request = OpenID::SReg::Request.new
+      sreg_request.request_fields(Array(fields[:required]).map(&:to_s), true) if fields[:required]
+      sreg_request.request_fields(Array(fields[:optional]).map(&:to_s), false) if fields[:optional]
+      sreg_request.policy_url = fields[:policy_url] if fields[:policy_url]
+      open_id_request.add_extension(sreg_request)
+    end
+
+    def open_id_redirect_url(open_id_request, return_to = nil)
+      open_id_request.return_to_args['open_id_complete'] = '1'
+      open_id_request.redirect_url(realm, return_to || requested_url)
+    end
+
+    def requested_url
+      "#{request.protocol + request.host_with_port + request.path}"
+    end
+
+    def realm
+      respond_to?(:root_url) ? root_url : "#{request.protocol + request.host_with_port}"
+    end
+
+    def timeout_protection_from_identity_server
+      yield
+    rescue Timeout::Error
+      Class.new do
+        def status
+          OpenID::FAILURE
+        end
+
+        def msg
+          "Identity server timed out"
+        end
+      end.new
+    end
+end

data/mc-openid.gemspec

@@ -0,0 +1,21 @@
+# -*- encoding: utf-8 -*-
+$:.push File.expand_path("../lib", __FILE__)
+require "mc-openid/version"
+
+Gem::Specification.new do |s|
+  s.name        = "mc-openid"
+  s.version     = ModCloth::OpenID::VERSION
+  s.platform    = Gem::Platform::RUBY
+  s.authors     = ["Luis Flores, Juan Esparza, Rudy Sombillo, Sergio Figueroa"]
+  s.email       = ["l.flores@modcloth, juan.esparza@crowdint.com, r.sombillo@modcloth.com, sergio.figueroa@crowdint.com"]
+  s.homepage    = ""
+  s.summary     = %q{summary}
+  s.description = %q{description}
+
+  s.rubyforge_project = "mc-openid"
+
+  s.files         = `git ls-files`.split("\n")
+  s.test_files    = `git ls-files -- {test,spec,features,lib/open_id_authentication/test}/*`.split("\n")
+  s.executables   = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) }
+  s.require_paths = ["lib"]
+end

data/spec/mc-openid_spec.rb

@@ -0,0 +1,34 @@
+require 'spec_helper'
+
+class Fake
+  include ModCloth::OpenID
+
+  def params()
+    {}
+  end
+
+end
+
+describe ModCloth::OpenID do
+  include OpenIdAuthentication
+
+  before(:each) do
+    @controller = Fake.new
+  end
+
+  describe "authentication" do
+    it "return successful if open id authentication passes" do
+      open_id_consumer = mock()
+      @controller.stub!(:session).and_return({})
+      @controller.stub!(:open_id_consumer).and_return(open_id_consumer)
+      @controller.stub!(:begin_open_id_authentication).and_return({:user_email => "test@modcloth.com"})
+      @controller.check_openid.should == {:user_email => "test@modcloth.com"}
+    end
+
+    it "return successful if exist a session" do
+      session = {:user_email =>"test@modcloth.com"}
+      @controller.stub!(:session).and_return(session)
+      @controller.check_openid.should == session
+    end
+  end
+end

data/spec/spec_helper.rb

@@ -0,0 +1,8 @@
+require 'rubygems'
+require 'bundler/setup'
+
+require 'mc-openid'
+
+RSpec.configure do |config|
+
+end

data/test/normalize_test.rb

@@ -0,0 +1,32 @@
+require File.dirname(__FILE__) + '/test_helper'
+
+class NormalizeTest < Test::Unit::TestCase
+  include OpenIdAuthentication
+
+  NORMALIZATIONS = {
+    "openid.aol.com/nextangler"             => "http://openid.aol.com/nextangler",
+    "http://openid.aol.com/nextangler"      => "http://openid.aol.com/nextangler",
+    "https://openid.aol.com/nextangler"     => "https://openid.aol.com/nextangler",
+    "HTTP://OPENID.AOL.COM/NEXTANGLER"      => "http://openid.aol.com/NEXTANGLER",
+    "HTTPS://OPENID.AOL.COM/NEXTANGLER"     => "https://openid.aol.com/NEXTANGLER",
+    "loudthinking.com"                      => "http://loudthinking.com/",
+    "http://loudthinking.com"               => "http://loudthinking.com/",
+    "http://loudthinking.com:80"            => "http://loudthinking.com/",
+    "https://loudthinking.com:443"          => "https://loudthinking.com/",
+    "http://loudthinking.com:8080"          => "http://loudthinking.com:8080/",
+    "techno-weenie.net"                     => "http://techno-weenie.net/",
+    "http://techno-weenie.net"              => "http://techno-weenie.net/",
+    "http://techno-weenie.net  "            => "http://techno-weenie.net/"
+  }
+
+  def test_normalizations
+    NORMALIZATIONS.each do |from, to|
+      assert_equal to, normalize_url(from)
+    end
+  end
+  
+  def test_broken_open_id
+    assert_raises(InvalidOpenId) { normalize_url(nil) }
+    assert_raises(InvalidOpenId) { normalize_url("=name") }
+  end
+end

data/test/open_id_authentication_test.rb

@@ -0,0 +1,38 @@
+require File.dirname(__FILE__) + '/test_helper'
+
+class OpenIdAuthenticationTest < Test::Unit::TestCase
+  def setup
+    @controller = Class.new do
+      include OpenIdAuthentication
+      def params() {} end
+    end.new
+  end
+
+  def test_authentication_should_fail_when_the_identity_server_is_missing
+    open_id_consumer = mock()
+    open_id_consumer.expects(:begin).raises(OpenID::OpenIDError)
+    @controller.stubs(:open_id_consumer).returns(open_id_consumer)
+
+    @controller.send(:authenticate_with_open_id, "http://someone.example.com") do |result, identity_url|
+      assert result.missing?
+      assert_equal "Sorry, the OpenID server couldn't be found", result.message
+    end
+  end
+
+  def test_authentication_should_fail_when_the_identity_server_times_out
+    open_id_consumer = mock()
+    open_id_consumer.expects(:begin).raises(Timeout::Error, "Identity Server took too long.")
+    @controller.stubs(:open_id_consumer).returns(open_id_consumer)
+
+    @controller.send(:authenticate_with_open_id, "http://someone.example.com") do |result, identity_url|
+      assert result.missing?
+      assert_equal "Sorry, the OpenID server couldn't be found", result.message
+    end
+  end
+
+  def test_authentication_should_begin_when_the_identity_server_is_present
+    @controller.stubs(:open_id_consumer).returns(stub(:begin => true))
+    @controller.expects(:begin_open_id_authentication)
+    @controller.send(:authenticate_with_open_id, "http://someone.example.com")
+  end
+end

data/test/status_test.rb

@@ -0,0 +1,19 @@
+require File.dirname(__FILE__) + '/test_helper'
+
+class StatusTest < Test::Unit::TestCase
+  include OpenIdAuthentication
+
+  def test_all_error_codes_should_compare_to_unsuccessful
+    assert Result[:missing] === :unsuccessful
+    assert Result[:missing] === :missing
+  end
+
+  def test_state_conditional
+    assert Result[:missing].missing?
+    assert Result[:missing].unsuccessful?
+    assert !Result[:missing].successful?
+
+    assert Result[:successful].successful?
+    assert !Result[:successful].unsuccessful?
+  end
+end

data/test/test_helper.rb

@@ -0,0 +1,14 @@
+require 'test/unit'
+require 'rubygems'
+
+gem 'activesupport'
+require 'active_support'
+
+gem 'mocha'
+require 'mocha'
+
+gem 'ruby-openid'
+require 'openid'
+
+RAILS_ROOT = File.dirname(__FILE__) unless defined? RAILS_ROOT
+require File.dirname(__FILE__) + "/../lib/open_id_authentication/lib/open_id_authentication"

metadata

@@ -0,0 +1,87 @@
+--- !ruby/object:Gem::Specification 
+name: mc-openid
+version: !ruby/object:Gem::Version 
+  hash: 29
+  prerelease: false
+  segments: 
+  - 0
+  - 0
+  - 1
+  version: 0.0.1
+platform: ruby
+authors: 
+- Luis Flores, Juan Esparza, Rudy Sombillo, Sergio Figueroa
+autorequire: 
+bindir: bin
+cert_chain: []
+
+date: 2011-01-24 00:00:00 -08:00
+default_executable: 
+dependencies: []
+
+description: description
+email: 
+- l.flores@modcloth, juan.esparza@crowdint.com, r.sombillo@modcloth.com, sergio.figueroa@crowdint.com
+executables: []
+
+extensions: []
+
+extra_rdoc_files: []
+
+files: 
+- .gitignore
+- Gemfile
+- Gemfile.lock
+- README
+- Rakefile
+- lib/mc-openid.rb
+- lib/mc-openid/version.rb
+- lib/open_id_authentication/lib/open_id_authentication.rb
+- mc-openid.gemspec
+- spec/mc-openid_spec.rb
+- spec/spec_helper.rb
+- test/normalize_test.rb
+- test/open_id_authentication_test.rb
+- test/status_test.rb
+- test/test_helper.rb
+has_rdoc: true
+homepage: ""
+licenses: []
+
+post_install_message: 
+rdoc_options: []
+
+require_paths: 
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement 
+  none: false
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      hash: 3
+      segments: 
+      - 0
+      version: "0"
+required_rubygems_version: !ruby/object:Gem::Requirement 
+  none: false
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      hash: 3
+      segments: 
+      - 0
+      version: "0"
+requirements: []
+
+rubyforge_project: mc-openid
+rubygems_version: 1.3.7
+signing_key: 
+specification_version: 3
+summary: summary
+test_files: 
+- spec/mc-openid_spec.rb
+- spec/spec_helper.rb
+- test/normalize_test.rb
+- test/open_id_authentication_test.rb
+- test/status_test.rb
+- test/test_helper.rb