merb-auth-core 0.9.9
Sign up to get free protection for your applications and to get access to all the features.
- data/LICENSE +20 -0
- data/README.textile +338 -0
- data/Rakefile +65 -0
- data/TODO +0 -0
- data/lib/merb-auth-core/authenticated_helper.rb +42 -0
- data/lib/merb-auth-core/authentication.rb +130 -0
- data/lib/merb-auth-core/bootloader.rb +10 -0
- data/lib/merb-auth-core/customizations.rb +24 -0
- data/lib/merb-auth-core/errors.rb +66 -0
- data/lib/merb-auth-core/merbtasks.rb +6 -0
- data/lib/merb-auth-core/responses.rb +36 -0
- data/lib/merb-auth-core/router_helper.rb +25 -0
- data/lib/merb-auth-core/session_mixin.rb +57 -0
- data/lib/merb-auth-core/strategy.rb +206 -0
- data/lib/merb-auth-core.rb +26 -0
- data/spec/helpers/authentication_helper_spec.rb +111 -0
- data/spec/merb-auth-core/activation_fixture.rb +2 -0
- data/spec/merb-auth-core/authentication_spec.rb +318 -0
- data/spec/merb-auth-core/customizations_spec.rb +22 -0
- data/spec/merb-auth-core/errors_spec.rb +51 -0
- data/spec/merb-auth-core/merb-auth-core_spec.rb +15 -0
- data/spec/merb-auth-core/router_helper_spec.rb +114 -0
- data/spec/merb-auth-core/strategy_spec.rb +274 -0
- data/spec/spec_helper.rb +93 -0
- metadata +100 -0
@@ -0,0 +1,274 @@
|
|
1
|
+
require File.join(File.dirname(__FILE__), "..", 'spec_helper.rb')
|
2
|
+
|
3
|
+
describe "Merb::Authentication::Strategy" do
|
4
|
+
|
5
|
+
before(:all) do
|
6
|
+
clear_strategies!
|
7
|
+
end
|
8
|
+
|
9
|
+
before(:each) do
|
10
|
+
clear_strategies!
|
11
|
+
end
|
12
|
+
|
13
|
+
after(:all) do
|
14
|
+
clear_strategies!
|
15
|
+
end
|
16
|
+
|
17
|
+
describe "adding a strategy" do
|
18
|
+
it "should add a strategy" do
|
19
|
+
class MyStrategy < Merb::Authentication::Strategy; end
|
20
|
+
Merb::Authentication.strategies.should include(MyStrategy)
|
21
|
+
end
|
22
|
+
|
23
|
+
it "should keep track of the strategies" do
|
24
|
+
class Sone < Merb::Authentication::Strategy; end
|
25
|
+
class Stwo < Merb::Authentication::Strategy; end
|
26
|
+
Merb::Authentication.strategies.should include(Sone, Stwo)
|
27
|
+
Merb::Authentication.default_strategy_order.pop
|
28
|
+
Merb::Authentication.strategies.should include(Sone, Stwo)
|
29
|
+
end
|
30
|
+
|
31
|
+
it "should add multiple strategies in order of decleration" do
|
32
|
+
class Sone < Merb::Authentication::Strategy; end
|
33
|
+
class Stwo < Merb::Authentication::Strategy; end
|
34
|
+
Merb::Authentication.default_strategy_order.should == [Sone, Stwo]
|
35
|
+
end
|
36
|
+
|
37
|
+
it "should allow a strategy to be inserted _before_ another strategy in the default order" do
|
38
|
+
class Sone < Merb::Authentication::Strategy; end
|
39
|
+
class Stwo < Merb::Authentication::Strategy; end
|
40
|
+
class AuthIntruder < Merb::Authentication::Strategy; before Stwo; end
|
41
|
+
Merb::Authentication.strategies.should include(AuthIntruder, Stwo, Sone)
|
42
|
+
Merb::Authentication.default_strategy_order.should == [Sone, AuthIntruder, Stwo]
|
43
|
+
end
|
44
|
+
|
45
|
+
it "should allow a strategy to be inserted _after_ another strategy in the default order" do
|
46
|
+
class Sone < Merb::Authentication::Strategy; end
|
47
|
+
class Stwo < Merb::Authentication::Strategy; end
|
48
|
+
class AuthIntruder < Merb::Authentication::Strategy; after Sone; end
|
49
|
+
Merb::Authentication.strategies.should include(AuthIntruder, Stwo, Sone)
|
50
|
+
Merb::Authentication.default_strategy_order.should == [Sone, AuthIntruder, Stwo]
|
51
|
+
end
|
52
|
+
end
|
53
|
+
|
54
|
+
describe "the default order" do
|
55
|
+
it "should allow a user to overwrite the default order" do
|
56
|
+
class Sone < Merb::Authentication::Strategy; end
|
57
|
+
class Stwo < Merb::Authentication::Strategy; end
|
58
|
+
Merb::Authentication.default_strategy_order = [Stwo]
|
59
|
+
Merb::Authentication.default_strategy_order.should == [Stwo]
|
60
|
+
end
|
61
|
+
|
62
|
+
it "should get raise an error if any strategy is not an Merb::Authentication::Strategy" do
|
63
|
+
class Sone < Merb::Authentication::Strategy; end
|
64
|
+
class Stwo < Merb::Authentication::Strategy; end
|
65
|
+
lambda do
|
66
|
+
Merb::Authentication.default_strategy_order = [Stwo, String]
|
67
|
+
end.should raise_error(ArgumentError)
|
68
|
+
end
|
69
|
+
end
|
70
|
+
|
71
|
+
it "should raise a not implemented error if the run! method is not defined in the subclass" do
|
72
|
+
class Sone < Merb::Authentication::Strategy; end
|
73
|
+
lambda do
|
74
|
+
request = fake_request
|
75
|
+
Sone.new(request, request.params).run!
|
76
|
+
end.should raise_error(Merb::Authentication::NotImplemented)
|
77
|
+
end
|
78
|
+
|
79
|
+
it "should not raise an implemented error if the run! method is defined on the subclass" do
|
80
|
+
class Sone < Merb::Authentication::Strategy; def run!; end; end
|
81
|
+
lambda do
|
82
|
+
Sone.new("controller").run!
|
83
|
+
end.should_not raise_error(Merb::Authentication::NotImplemented)
|
84
|
+
end
|
85
|
+
|
86
|
+
describe "convinience methods" do
|
87
|
+
|
88
|
+
before(:each) do
|
89
|
+
class Sone < Merb::Authentication::Strategy; def run!; end; end
|
90
|
+
@request = fake_request
|
91
|
+
@strategy = Sone.new(@request, {:params => true})
|
92
|
+
end
|
93
|
+
|
94
|
+
it "should provide a params helper that defers to the controller" do
|
95
|
+
@strategy.params.should == {:params => true }
|
96
|
+
end
|
97
|
+
|
98
|
+
it "should provide a cookies helper" do
|
99
|
+
@request.should_receive(:cookies).and_return("COOKIES")
|
100
|
+
@strategy.cookies.should == "COOKIES"
|
101
|
+
end
|
102
|
+
|
103
|
+
end
|
104
|
+
|
105
|
+
describe "#user_class" do
|
106
|
+
|
107
|
+
# This allows you to scope a particular strategy to a particular user class object
|
108
|
+
# By inheriting you can add multiple user types to the authentication process
|
109
|
+
|
110
|
+
before(:each) do
|
111
|
+
class Sone < Merb::Authentication::Strategy; def run!; end; end
|
112
|
+
class Stwo < Sone; end
|
113
|
+
|
114
|
+
class Mone < Merb::Authentication::Strategy
|
115
|
+
def user_class; String; end
|
116
|
+
def run!; end
|
117
|
+
end
|
118
|
+
class Mtwo < Mone; end
|
119
|
+
|
120
|
+
class Pone < Merb::Authentication::Strategy
|
121
|
+
abstract!
|
122
|
+
def user_class; Hash; end
|
123
|
+
def special_method; true end
|
124
|
+
end
|
125
|
+
class Ptwo < Pone; end;
|
126
|
+
|
127
|
+
@request = fake_request
|
128
|
+
end
|
129
|
+
|
130
|
+
it "should allow being set to an abstract strategy" do
|
131
|
+
Pone.abstract?.should be_true
|
132
|
+
end
|
133
|
+
|
134
|
+
it "should not set the child class of an abstract class to be abstract" do
|
135
|
+
Ptwo.abstract?.should be_false
|
136
|
+
end
|
137
|
+
|
138
|
+
it "should implement a user_class helper" do
|
139
|
+
s = Sone.new(@request, @request.params)
|
140
|
+
s.user_class.should == User
|
141
|
+
end
|
142
|
+
|
143
|
+
it "should make it into the strategies collection when subclassed from a subclass" do
|
144
|
+
Merb::Authentication.strategies.should include(Mtwo)
|
145
|
+
end
|
146
|
+
|
147
|
+
it "should make it in the default_strategy_order when subclassed from a subclass" do
|
148
|
+
Merb::Authentication.default_strategy_order.should include(Mtwo)
|
149
|
+
end
|
150
|
+
|
151
|
+
it "should defer to the Merb::Authentication.user_class if not over written" do
|
152
|
+
Merb::Authentication.should_receive(:user_class).and_return(User)
|
153
|
+
s = Sone.new(@request, @request.params)
|
154
|
+
s.user_class
|
155
|
+
end
|
156
|
+
|
157
|
+
it "should inherit the user class from it's parent by default" do
|
158
|
+
Merb::Authentication.should_receive(:user_class).and_return(User)
|
159
|
+
s = Stwo.new(@request, @request.params)
|
160
|
+
s.user_class.should == User
|
161
|
+
end
|
162
|
+
|
163
|
+
it "should inherit the user_class form it's parent when the parent defines a new one" do
|
164
|
+
Merb::Authentication.should_not_receive(:user_class)
|
165
|
+
m = Mtwo.new(@request, @request.params)
|
166
|
+
m.user_class.should == String
|
167
|
+
end
|
168
|
+
|
169
|
+
end
|
170
|
+
|
171
|
+
describe "#redirect!" do
|
172
|
+
|
173
|
+
before(:all) do
|
174
|
+
class FooController < Merb::Controller
|
175
|
+
def index; "FooController#index" end
|
176
|
+
end
|
177
|
+
end
|
178
|
+
|
179
|
+
before(:each) do
|
180
|
+
class MyStrategy < Merb::Authentication::Strategy
|
181
|
+
def run!
|
182
|
+
if params[:url]
|
183
|
+
params[:status] ? redirect!(params[:url], :status => params[:status]) : redirect!(params[:url])
|
184
|
+
else
|
185
|
+
"WINNA"
|
186
|
+
end
|
187
|
+
end
|
188
|
+
end # MyStrategy
|
189
|
+
|
190
|
+
Merb::Router.reset!
|
191
|
+
Merb::Router.prepare{ match("/").to(:controller => "foo_controller")}
|
192
|
+
@request = fake_request
|
193
|
+
@s = MyStrategy.new(@request, @request.params)
|
194
|
+
end
|
195
|
+
|
196
|
+
it "allow for a redirect!" do
|
197
|
+
@s.redirect!("/somewhere")
|
198
|
+
@s.headers["Location"].should == "/somewhere"
|
199
|
+
end
|
200
|
+
|
201
|
+
it "should provide access to setting the headers" do
|
202
|
+
@s.headers["Location"] = "/a/url"
|
203
|
+
@s.headers["Location"].should == "/a/url"
|
204
|
+
end
|
205
|
+
|
206
|
+
it "should allow access to the setting header" do
|
207
|
+
@s.status = 403
|
208
|
+
@s.status.should == 403
|
209
|
+
end
|
210
|
+
|
211
|
+
it "should return nil for the Location if it is not redirected" do
|
212
|
+
@s.should_not be_redirected
|
213
|
+
@s.headers["Location"].should be_nil
|
214
|
+
end
|
215
|
+
|
216
|
+
it "should pass through the options to the redirect options" do
|
217
|
+
@s.redirect!("/somewhere", :status => 401)
|
218
|
+
@s.headers["Location"].should == "/somewhere"
|
219
|
+
@s.status.should == 401
|
220
|
+
end
|
221
|
+
|
222
|
+
it "should set a redirect with a permanent true" do
|
223
|
+
@s.redirect!("/somewhere", :permanent => true)
|
224
|
+
@s.status.should == 301
|
225
|
+
end
|
226
|
+
|
227
|
+
it "should be redirected?" do
|
228
|
+
@s.should_not be_redirected
|
229
|
+
@s.redirect!("/somewhere")
|
230
|
+
@s.should be_redirected
|
231
|
+
end
|
232
|
+
|
233
|
+
it "should set the strategy to halted" do
|
234
|
+
@s.redirect!("/somewhere")
|
235
|
+
@s.should be_halted
|
236
|
+
end
|
237
|
+
|
238
|
+
it "should halt a strategy" do
|
239
|
+
@s.should_not be_halted
|
240
|
+
@s.halt!
|
241
|
+
@s.should be_halted
|
242
|
+
end
|
243
|
+
|
244
|
+
it "should allow a body to be set" do
|
245
|
+
@s.body = "body"
|
246
|
+
@s.body.should == "body"
|
247
|
+
end
|
248
|
+
|
249
|
+
end
|
250
|
+
|
251
|
+
describe "register strategies" do
|
252
|
+
|
253
|
+
it "should allow for a strategy to be registered" do
|
254
|
+
Merb::Authentication.register(:test_one, "/path/to/strategy")
|
255
|
+
Merb::Authentication.registered_strategies[:test_one].should == "/path/to/strategy"
|
256
|
+
end
|
257
|
+
|
258
|
+
it "should activate a strategy" do
|
259
|
+
Merb::Authentication.register(:test_activation, File.expand_path(File.dirname(__FILE__)) / "activation_fixture")
|
260
|
+
defined?(TheActivationTest).should be_nil
|
261
|
+
Merb::Authentication.activate!(:test_activation)
|
262
|
+
defined?(TheActivationTest).should_not be_nil
|
263
|
+
end
|
264
|
+
|
265
|
+
it "should raise if the strategy is not registered" do
|
266
|
+
lambda do
|
267
|
+
Merb::Authentication.activate!(:not_here)
|
268
|
+
end.should raise_error
|
269
|
+
end
|
270
|
+
|
271
|
+
|
272
|
+
end
|
273
|
+
|
274
|
+
end
|
data/spec/spec_helper.rb
ADDED
@@ -0,0 +1,93 @@
|
|
1
|
+
$TESTING=true
|
2
|
+
$:.push File.join(File.dirname(__FILE__), '..', 'lib')
|
3
|
+
|
4
|
+
require 'rubygems'
|
5
|
+
require 'merb-core'
|
6
|
+
require 'merb-core/test'
|
7
|
+
require 'merb-core/dispatch/session'
|
8
|
+
require 'spec' # Satisfies Autotest and anyone else not using the Rake tasks
|
9
|
+
require 'merb-auth-core'
|
10
|
+
|
11
|
+
Merb.start :environment => "test",
|
12
|
+
:adapter => "runner",
|
13
|
+
:session_store => "cookie",
|
14
|
+
:session_secret_key => "d3a6e6f99a25004da82b71af8b9ed0ab71d3ea21"
|
15
|
+
|
16
|
+
module StrategyHelper
|
17
|
+
def clear_strategies!
|
18
|
+
Merb::Authentication.strategies.each do |s|
|
19
|
+
begin
|
20
|
+
Object.class_eval{ remove_const(s.name) if defined?(s)}
|
21
|
+
rescue
|
22
|
+
end
|
23
|
+
end
|
24
|
+
Merb::Authentication.strategies.clear
|
25
|
+
Merb::Authentication.default_strategy_order.clear
|
26
|
+
end
|
27
|
+
end
|
28
|
+
|
29
|
+
Spec::Runner.configure do |config|
|
30
|
+
config.include(Merb::Test::ViewHelper)
|
31
|
+
config.include(Merb::Test::RouteHelper)
|
32
|
+
config.include(Merb::Test::ControllerHelper)
|
33
|
+
config.include(StrategyHelper)
|
34
|
+
end
|
35
|
+
|
36
|
+
class Exceptions < Application
|
37
|
+
def unauthenticated
|
38
|
+
session.abandon!
|
39
|
+
"Login please"
|
40
|
+
end
|
41
|
+
end
|
42
|
+
|
43
|
+
class User
|
44
|
+
attr_accessor :name, :age, :id
|
45
|
+
|
46
|
+
def initialize(opts = {})
|
47
|
+
@name = opts.fetch(:name, "NAME")
|
48
|
+
@age = opts.fetch(:age, 42)
|
49
|
+
@id = opts.fetch(:id, 24)
|
50
|
+
end
|
51
|
+
end
|
52
|
+
|
53
|
+
class Users < Application
|
54
|
+
before :ensure_authenticated
|
55
|
+
|
56
|
+
def index
|
57
|
+
"You Made It!"
|
58
|
+
end
|
59
|
+
end
|
60
|
+
|
61
|
+
class Dingbats < Application
|
62
|
+
skip_before :ensure_authenticated
|
63
|
+
def index
|
64
|
+
"You Made It!"
|
65
|
+
end
|
66
|
+
end
|
67
|
+
|
68
|
+
class Merb::Authentication
|
69
|
+
def fetch_user(id = 24)
|
70
|
+
if id.nil?
|
71
|
+
nil
|
72
|
+
else
|
73
|
+
u = User.new(:id => id)
|
74
|
+
end
|
75
|
+
end
|
76
|
+
|
77
|
+
def store_user(user)
|
78
|
+
user.nil? ? nil : 24
|
79
|
+
end
|
80
|
+
end
|
81
|
+
|
82
|
+
Merb::Authentication.user_class = User
|
83
|
+
|
84
|
+
class Viking
|
85
|
+
def self.captures
|
86
|
+
@captures ||= []
|
87
|
+
end
|
88
|
+
|
89
|
+
def self.capture(klass)
|
90
|
+
@captures ||= []
|
91
|
+
@captures << klass.name
|
92
|
+
end
|
93
|
+
end
|
metadata
ADDED
@@ -0,0 +1,100 @@
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
2
|
+
name: merb-auth-core
|
3
|
+
version: !ruby/object:Gem::Version
|
4
|
+
version: 0.9.9
|
5
|
+
platform: ruby
|
6
|
+
authors:
|
7
|
+
- Adam French, Daniel Neighman
|
8
|
+
autorequire:
|
9
|
+
bindir: bin
|
10
|
+
cert_chain: []
|
11
|
+
|
12
|
+
date: 2008-10-13 00:00:00 -07:00
|
13
|
+
default_executable:
|
14
|
+
dependencies:
|
15
|
+
- !ruby/object:Gem::Dependency
|
16
|
+
name: merb-core
|
17
|
+
type: :runtime
|
18
|
+
version_requirement:
|
19
|
+
version_requirements: !ruby/object:Gem::Requirement
|
20
|
+
requirements:
|
21
|
+
- - ~>
|
22
|
+
- !ruby/object:Gem::Version
|
23
|
+
version: 0.9.9
|
24
|
+
version:
|
25
|
+
- !ruby/object:Gem::Dependency
|
26
|
+
name: extlib
|
27
|
+
type: :runtime
|
28
|
+
version_requirement:
|
29
|
+
version_requirements: !ruby/object:Gem::Requirement
|
30
|
+
requirements:
|
31
|
+
- - ">="
|
32
|
+
- !ruby/object:Gem::Version
|
33
|
+
version: "0"
|
34
|
+
version:
|
35
|
+
description: An Authentication framework for Merb
|
36
|
+
email: has.sox@gmail.com
|
37
|
+
executables: []
|
38
|
+
|
39
|
+
extensions: []
|
40
|
+
|
41
|
+
extra_rdoc_files:
|
42
|
+
- README.textile
|
43
|
+
- LICENSE
|
44
|
+
- TODO
|
45
|
+
files:
|
46
|
+
- LICENSE
|
47
|
+
- README.textile
|
48
|
+
- Rakefile
|
49
|
+
- TODO
|
50
|
+
- lib/merb-auth-core
|
51
|
+
- lib/merb-auth-core/authenticated_helper.rb
|
52
|
+
- lib/merb-auth-core/authentication.rb
|
53
|
+
- lib/merb-auth-core/bootloader.rb
|
54
|
+
- lib/merb-auth-core/customizations.rb
|
55
|
+
- lib/merb-auth-core/errors.rb
|
56
|
+
- lib/merb-auth-core/merbtasks.rb
|
57
|
+
- lib/merb-auth-core/responses.rb
|
58
|
+
- lib/merb-auth-core/router_helper.rb
|
59
|
+
- lib/merb-auth-core/session_mixin.rb
|
60
|
+
- lib/merb-auth-core/strategy.rb
|
61
|
+
- lib/merb-auth-core.rb
|
62
|
+
- spec/helpers
|
63
|
+
- spec/helpers/authentication_helper_spec.rb
|
64
|
+
- spec/merb-auth-core
|
65
|
+
- spec/merb-auth-core/activation_fixture.rb
|
66
|
+
- spec/merb-auth-core/authentication_spec.rb
|
67
|
+
- spec/merb-auth-core/customizations_spec.rb
|
68
|
+
- spec/merb-auth-core/errors_spec.rb
|
69
|
+
- spec/merb-auth-core/merb-auth-core_spec.rb
|
70
|
+
- spec/merb-auth-core/router_helper_spec.rb
|
71
|
+
- spec/merb-auth-core/strategy_spec.rb
|
72
|
+
- spec/spec_helper.rb
|
73
|
+
has_rdoc: true
|
74
|
+
homepage: http://merbivore.com/
|
75
|
+
post_install_message:
|
76
|
+
rdoc_options: []
|
77
|
+
|
78
|
+
require_paths:
|
79
|
+
- lib
|
80
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
81
|
+
requirements:
|
82
|
+
- - ">="
|
83
|
+
- !ruby/object:Gem::Version
|
84
|
+
version: "0"
|
85
|
+
version:
|
86
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
87
|
+
requirements:
|
88
|
+
- - ">="
|
89
|
+
- !ruby/object:Gem::Version
|
90
|
+
version: "0"
|
91
|
+
version:
|
92
|
+
requirements: []
|
93
|
+
|
94
|
+
rubyforge_project: merb
|
95
|
+
rubygems_version: 1.2.0
|
96
|
+
signing_key:
|
97
|
+
specification_version: 2
|
98
|
+
summary: An Authentication framework for Merb
|
99
|
+
test_files: []
|
100
|
+
|