merb-auth-core 1.1.0 → 1.1.1

data/Rakefile

@@ -27,7 +27,7 @@ begin
     gemspec.files       = %w(LICENSE Rakefile README.textile TODO) + Dir['{lib,spec}/**/*']
 
     # Runtime dependencies
-    gemspec.add_dependency 'merb-core', "~> #{Merb::VERSION}"
+    gemspec.add_dependency 'merb-core', '~> 1.1'
 
     # Development dependencies              
     gemspec.add_development_dependency 'rspec', ">= 1.2.9"

data/lib/merb-auth-core.rb

@@ -12,7 +12,7 @@ require "merb-auth-core/router_helper"
 require "merb-auth-core/callbacks"
 
 Merb::BootLoader.before_app_loads do
-  # require code that must be loaded before the application 
+  # require code that must be loaded before the application
   Merb::Controller.send(:include, Merb::AuthenticatedHelper)
 end
 

data/lib/merb-auth-core/authenticated_helper.rb

@@ -1,33 +1,33 @@
 module Merb
   class Controller::Unauthenticated < ControllerExceptions::Unauthorized; end
-  
-  module AuthenticatedHelper  
+
+  module AuthenticatedHelper
     protected
     # This is the main method to use as a before filter.  You can call it with options
     # and strategies to use.  It will check if a user is logged in, and failing that
-    # will run through either specified.  
-    # 
-    # @params all are optional.  A list of strategies, optionally followed by a 
-    # options hash.  
+    # will run through either specified.
+    #
+    # @params all are optional.  A list of strategies, optionally followed by a
+    # options hash.
     #
     # If used with no options, or only the hash, the default strategies will be used
-    # see Authentictaion.default_strategy_order.  
+    # see Authentictaion.default_strategy_order.
     #
     # If a list of strategies is passed in, the default strategies are ignored, and
-    # the passed in strategies are used in order until either one is found, or all fail.  
+    # the passed in strategies are used in order until either one is found, or all fail.
     #
-    # A failed login will result in an Unauthenticated exception being raised.  
+    # A failed login will result in an Unauthenticated exception being raised.
     #
     # Use the :message key in the options hash to pass in a failure message to the
     # exception.
-    # 
+    #
     # === Example
     #
     #    class MyController < Application
     #      before :ensure_authenticated, :with => [OpenID,FormPassword, :message => "Failz!"]
     #       #... <snip>
     #    end
-    # 
+    #
     def ensure_authenticated(*strategies)
       session.authenticate!(request, params, *strategies) unless session.authenticated?
       auth = session.authentication
@@ -37,6 +37,6 @@ module Merb
         throw :halt, auth.body
       end
       session.user
-    end 
+    end
   end
 end

data/lib/merb-auth-core/authentication.rb

@@ -4,11 +4,11 @@ module Merb
     include Extlib::Hook
     attr_accessor :session
     attr_writer   :error_message
-  
+
     class DuplicateStrategy < Exception; end
     class MissingStrategy < Exception; end
     class NotImplemented < Exception; end
-  
+
     # This method returns the default user class to use throughout the
     # merb-auth authentication framework.  Merb::Authentication.user_class can
     # be used by other plugins, and by default by strategies.
@@ -20,40 +20,40 @@ module Merb
     #
     # @api overwritable
     cattr_accessor :user_class
-  
+
     def initialize(session)
       @session = session
     end
-  
+
     # Returns true if there is an authenticated user attached to this session
     #
     # @return <TrueClass|FalseClass>
-    # 
+    #
     def authenticated?
       !!session[:user]
     end
-  
+
     # This method will retrieve the user object stored in the session or nil if there
     # is no user logged in.
-    # 
+    #
     # @return <User class>|NilClass
     def user
       return nil if !session[:user]
       @user ||= fetch_user(session[:user])
     end
-  
+
     # This method will store the user provided into the session
     # and set the user as the currently logged in user
     # @return <User Class>|NilClass
     def user=(user)
       session[:user] = nil && return if user.nil?
       session[:user] = store_user(user)
-      @user = session[:user] ? user : session[:user]  
+      @user = session[:user] ? user : session[:user]
     end
-  
+
     # The workhorse of the framework.  The authentiate! method is where
     # the work is done.  authenticate! will try each strategy in order
-    # either passed in, or in the default_strategy_order.  
+    # either passed in, or in the default_strategy_order.
     #
     # If a strategy returns some kind of user object, this will be stored
     # in the session, otherwise a Merb::Controller::Unauthenticated exception is raised
@@ -61,7 +61,7 @@ module Merb
     # @params Merb::Request, [List,Of,Strategies, optional_options_hash]
     #
     # Pass in a list of strategy objects to have this list take precedence over the normal defaults
-    # 
+    #
     # Use an options hash to provide an error message to be passed into the exception.
     #
     # @return user object of the verified user.  An exception is raised if no user is found
@@ -69,9 +69,9 @@ module Merb
     def authenticate!(request, params, *rest)
       opts = rest.last.kind_of?(Hash) ? rest.pop : {}
       rest = rest.flatten
-      
+
       strategies = if rest.empty?
-        if request.session[:authentication_strategies] 
+        if request.session[:authentication_strategies]
           request.session[:authentication_strategies]
         else
           Merb::Authentication.default_strategy_order
@@ -82,15 +82,15 @@ module Merb
         request.session[:authentication_strategies].flatten!.uniq!
         request.session[:authentication_strategies]
       end
-    
+
       msg = opts[:message] || error_message
-      user = nil    
+      user = nil
       # This one should find the first one that matches.  It should not run antother
       strategies.detect do |s|
         s = Merb::Authentication.lookup_strategy[s] # Get the strategy from string or class
         unless s.abstract?
           strategy = s.new(request, params)
-          user = strategy.run! 
+          user = strategy.run!
           if strategy.halted?
             self.headers, self.status, self.body = [strategy.headers, strategy.status, strategy.body]
             halt!
@@ -99,26 +99,26 @@ module Merb
           user
         end
       end
-      
+
       # Check after callbacks to make sure the user is still cool
       user = run_after_authentication_callbacks(user, request, params) if user
-      
+
       # Finally, Raise an error if there is no user found, or set it in the session if there is.
       raise Merb::Controller::Unauthenticated, msg unless user
-      session[:authentication_strategies] = nil # clear the session of Failed Strategies if login is successful      
+      session[:authentication_strategies] = nil # clear the session of Failed Strategies if login is successful
       self.user = user
     end
-  
+
     # "Logs Out" a user from the session.  Also clears out all session data
     def abandon!
       @user = nil
       session.clear
     end
-  
+
     # A simple error message mechanism to provide general information.  For more specific information
     #
     # This message is the default message passed to the Merb::Controller::Unauthenticated exception
-    # during authentication.  
+    # during authentication.
     #
     # This is a very simple mechanism for error messages.  For more detailed control see Authenticaiton#errors
     #
@@ -126,16 +126,16 @@ module Merb
     def error_message
       @error_message || "Could not log in"
     end
-  
-    # Tells the framework how to store your user object into the session so that it can be re-created 
-    # on the next login.  
+
+    # Tells the framework how to store your user object into the session so that it can be re-created
+    # on the next login.
     # You must overwrite this method for use in your projects.  Slices and plugins may set this.
     #
     # @api overwritable
     def store_user(user)
       raise NotImplemented
     end
-  
+
     # Tells the framework how to reconstitute a user from the data stored by store_user.
     #
     # You must overwrite this method for user in your projects.  Slices and plugins may set this.
@@ -144,7 +144,7 @@ module Merb
     def fetch_user(session_contents = session[:user])
       raise NotImplemented
     end
-    
+
     # Keeps track of strategies by class or string
     # When loading from string, strategies are loaded withing the Merb::Authentication::Strategies namespace
     # When loaded by class, the class is stored directly
@@ -152,26 +152,26 @@ module Merb
     def self.lookup_strategy
       @strategy_lookup || reset_strategy_lookup!
     end
-    
+
     # Restets the strategy lookup.  Useful in specs
     def self.reset_strategy_lookup!
-      @strategy_lookup = Mash.new do |h,k| 
+      @strategy_lookup = Mash.new do |h,k|
         case k
         when Class
           h[k] = k
         when String, Symbol
-          h[k] = Merb::Authentication::Strategies.full_const_get(k.to_s) 
+          h[k] = Merb::Authentication::Strategies.full_const_get(k.to_s)
         end
       end
     end
-    
-    # Maintains a list of keys to maintain when needing to keep some state 
+
+    # Maintains a list of keys to maintain when needing to keep some state
     # in the face of session.abandon! You need to maintain this state yourself
     # @public
     def self.maintain_session_keys
       @maintain_session_keys ||= [:authentication_strategies]
     end
-    
+
     private
     def run_after_authentication_callbacks(user, request, params)
       Merb::Authentication.after_callbacks.each do |cb|
@@ -185,6 +185,6 @@ module Merb
       end
       user
     end
-    
+
   end # Merb::Authentication
 end # Merb

data/lib/merb-auth-core/bootloader.rb

@@ -2,9 +2,9 @@
 # Merb::Authentication.default_customizations
 class Merb::BootLoader::MerbAuthBootLoader < Merb::BootLoader
   before Merb::BootLoader::AfterAppLoads
-  
+
   def self.run
     Merb::Authentication.default_customizations.each { |c| c.call }
   end
-  
+
 end

data/lib/merb-auth-core/callbacks.rb

@@ -2,14 +2,14 @@ module Merb
   class Authentication
     cattr_accessor :after_callbacks
     @@after_callbacks = []
-    
+
     # Use the after_authentication callbacks to setup things that should occur after the
-    # user is authenticated.  
+    # user is authenticated.
     #
     # Pass in symbols, procs and or a block to the method to setup the callbacks.
-    # Callbacks are executed in the order they are added. 
+    # Callbacks are executed in the order they are added.
     #
-    # @params 
+    # @params
     # <*callbacks:[Symbol|Proc]> The callback.. Symbol == method on the user object
     #                                           Proc will be passed the user, request and param objects
     # <&block> A block to check.  The user, request and params will be passed into the block
@@ -24,11 +24,11 @@ module Merb
     #    end
     #
     # @api public
-    
+
     def self.after_authentication(*callbacks, &block)
       self.after_callbacks = after_callbacks + callbacks.flatten unless callbacks.blank?
       after_callbacks << block if block_given?
     end
-    
+
   end
 end

data/lib/merb-auth-core/customizations.rb

@@ -1,8 +1,8 @@
 module Merb
   class Authentication
-  
+
     class << self
-    
+
       # Adds any customizations just before the after_app_loads boot loader
       # so that plugins can offer default customization.  This will still allow
       # for a user to overwrite any customizations if required in the after_app_loads
@@ -12,13 +12,13 @@ module Merb
         default_customizations << block
         default_customizations
       end
-    
+
       # Gets the list of declared customizations
       def default_customizations
         @custom_default_blocks ||= []
       end
-    
+
     end
-  
+
   end # Merb::Authentication
 end # Merb

data/lib/merb-auth-core/errors.rb

@@ -1,6 +1,6 @@
 module Merb
   class Authentication
-  
+
     def errors
       @errors ||= Errors.new
     end

data/lib/merb-auth-core/responses.rb

@@ -2,35 +2,35 @@ module Merb
   # These are not intended to be used directly
   class Authentication
     attr_accessor :body
-    
+
     def redirected?
       !!headers["Location"]
     end
-    
+
     def headers
       @headers ||= {}
     end
-  
+
     def status
       @status ||= 200
     end
-    
+
     def status=(sts)
       @status = sts
     end
-  
+
     def halted?
       !!@halt
     end
-    
+
     def headers=(headers)
       raise ArgumentError, "Need to supply a hash to headers.  Got #{headers.class}" unless headers.kind_of?(Hash)
       @headers = headers
     end
-    
+
     def halt!
       @halt = true
     end
-  
+
   end # Merb::Authentication
 end # Merb

data/lib/merb-auth-core/router_helper.rb

@@ -5,17 +5,17 @@ Merb::Router.extensions do
   # as an argument to the authenticate method.
   #
   # ===Example
-  #  
+  #
   #    authenticate(OpenID) do
   #       resource :posts
-  #      
+  #
   #       authenticate do
   #         match("/").to(:controller => "home")
   #       end
   #    end
-  # 
+  #
   # This is a simple example that shows protecting the entire set of routes for
-  # the posts resource with the OpenID strategy.  
+  # the posts resource with the OpenID strategy.
   #
   # The match on "/" is protected, _first_ by the OpenID strategy,
   # then by the dfeeault set of stratgies.  Strategies are applied from the
@@ -30,7 +30,7 @@ Merb::Router.extensions do
         else
           result = request.session.authenticate!(request, params, *strategies)
         end
-      
+
         if request.session.authentication.halted?
           auth = request.session.authentication
           [auth.status, auth.headers, auth.body]
@@ -41,5 +41,5 @@ Merb::Router.extensions do
     end
     defer(p, &block)
   end
-  
+
 end

data/lib/merb-auth-core/session_mixin.rb

@@ -1,45 +1,45 @@
 module Merb
   module Session
-      
+
     # Access to the authentication object directly.  Particularly useful
     # for accessing the errors.
-    # 
+    #
     # === Example
     #
     #    <%= error_messages_for session.authentication %>
-    # 
+    #
     def authentication
       @authentication ||= Merb::Authentication.new(self)
     end
-  
+
     # Check to see if the current session is authenticated
     # @return true if authenticated.  false otherwise
     def authenticated?
       authentication.authenticated?
     end
-  
-    # Authenticates the session via the authentication object. 
+
+    # Authenticates the session via the authentication object.
     #
     # See Merb::Authentication#authenticate for usage
     def authenticate!(request, params, *rest)
       authentication.authenticate!(request, params, *rest)
     end
-  
+
     # Provides access to the currently authenticated user.
     def user
       authentication.user
     end
-  
+
     # set the currently authenticated user manually
     # Merb::Authentication#store_user should know how to store the object into the session
     def user=(the_user)
       authentication.user = the_user
     end
-  
+
     # Remove the user from the session and clear all data.
     def abandon!
       authentication.abandon!
     end
-  
+
   end # Session
 end # Merb