RubyGems - merb-auth-core - Versions diffs - 1.1.0 → 1.1.1 - Mend

merb-auth-core 1.1.0 → 1.1.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (24) hide show

data/Rakefile +1 -1
data/lib/merb-auth-core.rb +1 -1
data/lib/merb-auth-core/authenticated_helper.rb +12 -12
data/lib/merb-auth-core/authentication.rb +35 -35
data/lib/merb-auth-core/bootloader.rb +2 -2
data/lib/merb-auth-core/callbacks.rb +6 -6
data/lib/merb-auth-core/customizations.rb +5 -5
data/lib/merb-auth-core/errors.rb +1 -1
data/lib/merb-auth-core/responses.rb +8 -8
data/lib/merb-auth-core/router_helper.rb +6 -6
data/lib/merb-auth-core/session_mixin.rb +10 -10
data/lib/merb-auth-core/strategy.rb +37 -37
data/lib/merb-auth-core/version.rb +1 -1
data/spec/helpers/authentication_helper_spec.rb +22 -22
data/spec/merb-auth-core/authentication_spec.rb +66 -66
data/spec/merb-auth-core/callbacks_spec.rb +16 -16
data/spec/merb-auth-core/customizations_spec.rb +5 -5
data/spec/merb-auth-core/errors_spec.rb +9 -9
data/spec/merb-auth-core/failed_login_spec.rb +16 -16
data/spec/merb-auth-core/merb-auth-core_spec.rb +1 -1
data/spec/merb-auth-core/router_helper_spec.rb +23 -23
data/spec/merb-auth-core/strategy_spec.rb +54 -54
data/spec/spec_helper.rb +7 -7
metadata +14 -6

data/lib/merb-auth-core/strategy.rb CHANGED

@@ -2,13 +2,13 @@ module Merb
   class Authentication
     cattr_reader   :strategies, :default_strategy_order, :registered_strategies
     @@strategies, @@default_strategy_order, @@registered_strategies = [], [], {}
-    # Use this to set the default order of strategies
+    # Use this to set the default order of strategies
     # if you need to in your application.  You don't need to use all avaiable strategies
     # in this array, but you may not include a strategy that has not yet been defined.
-    #
+    #
     # @params [Merb::Authentiation::Strategy,Merb::Authentication::Strategy]
-    #
+    #
     # @public
     def self.default_strategy_order=(*order)
       order = order.flatten
@@ -16,18 +16,18 @@ module Merb
       raise ArgumentError, "#{bad.join(",")} do not inherit from Merb::Authentication::Strategy" unless bad.empty?
       @@default_strategy_order = order
     end
     # Allows for the registration of strategies.
     # @params <Symbol, String>
     #   +label+ The label is the label to identify this strategy
     #   +path+  The path to the file containing the strategy.  This must be an absolute path!
-    #
+    #
     # Registering a strategy does not add it to the list of strategies to use
     # it simply makes it available through the Merb::Authentication.activate method
-    #
+    #
     # This is for plugin writers to make a strategy availalbe but this should not
     # stop you from declaring your own strategies
-    #
+    #
     # @plugin
     def self.register(label, path)
       self.registered_strategies[label] = path
@@ -42,7 +42,7 @@ module Merb
       raise "The #{label} Strategy is not registered" unless path
       require path
     end
     # The Merb::Authentication::Strategy is where all the action happens in the merb-auth framework.
     # Inherit from this class to setup your own strategy.  The strategy will automatically
     # be placed in the default_strategy_order array, and will be included in the strategy runs.
@@ -64,13 +64,13 @@ module Merb
     class Strategy
       attr_accessor :request
       attr_writer   :body
       class << self
         def inherited(klass)
           Merb::Authentication.strategies << klass
           Merb::Authentication.default_strategy_order << klass
         end
         # Use this to declare the strategy should run before another strategy
         def before(strategy)
           order =  Merb::Authentication.default_strategy_order
@@ -78,7 +78,7 @@ module Merb
           index = order.index(strategy)
           order.insert(index,self)
         end
         # Use this to declare the strategy should run after another strategy
         def after(strategy)
           order = Merb::Authentication.default_strategy_order
@@ -86,50 +86,50 @@ module Merb
           index = order.index(strategy)
           index == order.size ? order << self : order.insert(index + 1, self)
         end
         # Mark a strategy as abstract.  This means that a strategy will not
-        # ever be run as part of the authentication.  Instead this
+        # ever be run as part of the authentication.  Instead this
         # will be available to inherit from as a way to share code.
-        #
+        #
         # You could for example setup a strategy to check for a particular kind of login
         # and then have a subclass for each class type of user in your system.
         # i.e. Customer / Staff, Student / Staff etc
         def abstract!
           @abstract = true
         end
         # Asks is this strategy abstract. i.e. can it be run as part of the authentication
         def abstract?
           !!@abstract
         end
       end # End class << self
       def initialize(request, params)
         @request = request
         @params  = params
       end
       # An alias to the request.params hash
       # Only rely on this hash to find any router params you are looking for.
       # If looking for paramteres use request.params
       def params
         @params
       end
       # An alials to the request.cookies hash
       def cookies
         request.cookies
       end
       # An alias to the request.session hash
       def session
         request.session
       end
       # Redirects causes the strategy to signal a redirect
       # to the provided url.
-      #
+      #
       # ====Parameters
       # url<String>:: The url to redirect to
       # options<Hash>:: An options hash with the following keys:
@@ -143,64 +143,64 @@ module Merb
         halt!
         return true
       end
       # Returns ture if the strategy redirected
       def redirected?
         !!headers["Location"]
       end
       # Provides a place to put the status of the response
       attr_accessor :status
       # Provides a place to put headers
       def headers
         @headers ||={}
       end
       # Mark this strategy as complete for this request.  Will cause that no other
-      # strategies will be executed.
+      # strategies will be executed.
       def halt!
         @halt = true
       end
       # Checks to see if this strategy has been halted
       def halted?
         !!@halt
       end
       # Allows you to provide a body of content to return when halting
       def body
         @body || ""
       end
       # This is the method that is called as the test for authentication and is where
       # you put your code.
-      #
+      #
       # You must overwrite this method in your strategy
       #
       # @api overwritable
       def run!
         raise NotImplemented
       end
       # Overwrite this method to scope a strategy to a particular user type
       # you can use this with inheritance for example to try the same strategy
       # on different user types
       #
-      # By default, Merb::Authentication.user_class is used.  This method allows for
+      # By default, Merb::Authentication.user_class is used.  This method allows for
       # particular strategies to deal with a different type of user class.
       #
       # For example.  If Merb::Authentication.user_class is Customer
       # and you have a PasswordStrategy, you can subclass the PasswordStrategy
       # and change this method to return Staff.  Giving you a PasswordStrategy strategy
-      # for first Customer(s) and then Staff.
+      # for first Customer(s) and then Staff.
       #
       # @api overwritable
       def user_class
         Merb::Authentication.user_class
       end
     end # Strategy
   end # Merb::Authentication
 end # Merb

data/lib/merb-auth-core/version.rb CHANGED

@@ -1,7 +1,7 @@
 module Merb
   module Auth
     module Core
-      VERSION = '1.1.0'.freeze
+      VERSION = '1.1.1'.freeze
     end
   end
 end

data/spec/helpers/authentication_helper_spec.rb CHANGED

@@ -1,11 +1,11 @@
 require 'spec_helper'
 describe "Merb::AuthenticationHelper" do
   class ControllerMock < Merb::Controller
     before :ensure_authenticated
   end
   before(:each) do
     clear_strategies!
     @controller = ControllerMock.new(fake_request)
@@ -13,31 +13,31 @@ describe "Merb::AuthenticationHelper" do
     @session = @controller.session
     @session.user = "WINNA"
     Viking.captures.clear
     class Kone < Merb::Authentication::Strategy
       def run!
         Viking.capture(self.class)
         params[self.class.name]
       end
     end
     class Ktwo < Kone; end
   end
   it "should not raise and Unauthenticated error" do
     lambda do
       @controller.send(:ensure_authenticated)
     end.should_not raise_error(Merb::Controller::Unauthenticated)
   end
   it "should raise an Unauthenticated error" do
     @controller = ControllerMock.new(Merb::Request.new({}))
     lambda do
       @controller.send(:ensure_authenticated)
     end.should raise_error(Merb::Controller::Unauthenticated)
   end
   it "should run the authentication when testing if it is authenticated" do
     @controller = ControllerMock.new(fake_request)
     @controller.session.should_receive(:authenticated?).and_return(false)
@@ -45,7 +45,7 @@ describe "Merb::AuthenticationHelper" do
     @controller.session.authentication.should_receive(:authenticate!).and_return("WINNA")
     @controller.send(:ensure_authenticated)
   end
   it "should accept and execute the provided strategies" do
     # This allows using a before filter with specific arguments
     # before :ensure_authenticated, :with => [Authenticaiton::OAuth, Merb::Authentication::BasicAuth]
@@ -54,17 +54,17 @@ describe "Merb::AuthenticationHelper" do
     controller.send(:ensure_authenticated, Kone, Ktwo)
     Viking.captures.should == %w( Kone Ktwo )
   end
   describe "redirection" do
     before(:all) do
       class FooController < Merb::Controller
         before :ensure_authenticated
         def index; "FooController#index" end
       end
     end
     before(:each) do
       class MyStrategy < Merb::Authentication::Strategy
         def run!
@@ -80,32 +80,32 @@ describe "Merb::AuthenticationHelper" do
           end
         end
       end # MyStrategy
       Merb::Router.reset!
       Merb::Router.prepare{ match("/").to(:controller => "foo_controller")}
     end
     it "should redirect the controller to a Location if the strategy redirects" do
-      controller = get "/", :url => "/some/url"
+      controller = get "/", :url => "/some/url"
       controller.headers["Location"].should == "/some/url"
     end
     it "should use a 302 redirection by default" do
       c = get "/", :url => "/some/url"
       c.status.should == 302
     end
     it "should use a 301 when marked as permanent" do
       c = get "/", :url => "/some/url", :permanent => "true"
       c.status.should == 301
     end
     it "should use a custom status" do
       c = get "/", :url => "/some/url", :status => 401
       c.status.should == 401
     end
   end
 end

data/spec/merb-auth-core/authentication_spec.rb CHANGED

@@ -1,7 +1,7 @@
 require 'spec_helper'
 describe "Merb::Authentication Session" do
   before(:each) do
     @session_class = Merb::CookieSession
     @session = @session_class.generate
@@ -12,14 +12,14 @@ describe "Merb::Authentication Session" do
       @m = mock("mock")
       clear_strategies!
     end
     after(:all) do
       clear_strategies!
     end
     describe "store_user" do
       it{@session.authentication.should respond_to(:store_user)}
       it "should raise a NotImplemented error by default" do
         pending "How to spec this when we need to overwrite it for the specs to work?"
         lambda do
@@ -27,50 +27,50 @@ describe "Merb::Authentication Session" do
         end.should raise_error(Merb::Authentication::NotImplemented)
       end
     end
     describe "fetch_user" do
       it{@session.authentication.should respond_to(:fetch_user)}
       it "should raise a NotImplemented error by defualt" do
         pending "How to spec this when we need to overwrite it for the specs to work?"
-        lambda do
+        lambda do
           @session.authentication.fetch_user
         end.should raise_error(Merb::Authentication::NotImplemented)
       end
     end
   end
   describe "error_message" do
     before(:each) do
       @request = fake_request
       @auth = Merb::Authentication.new(@request.session)
     end
     it "should be 'Could not log in' by default" do
       @auth.error_message.should == "Could not log in"
     end
     it "should allow a user to set the error message" do
       @auth.error_message = "No You Don't"
       @auth.error_message.should == "No You Don't"
     end
   end
   describe "user" do
     it "should call fetch_user with the session contents to load the user" do
       @session[:user] = 42
       @session.authentication.should_receive(:fetch_user).with(42)
       @session.user
     end
     it "should set the @user instance variable" do
       @session[:user] = 42
       @session.authentication.should_receive(:fetch_user).and_return("THE USER")
       @session.user
       @session.authentication.assigns(:user).should == "THE USER"
     end
     it "should cache the user in an instance variable" do
       @session[:user] = 42
       @session.authentication.should_receive(:fetch_user).once.and_return("THE USER")
@@ -78,37 +78,37 @@ describe "Merb::Authentication Session" do
       @session.authentication.assigns(:user).should == "THE USER"
       @session.user
     end
     it "should set the ivar to nil if the session is nil" do
       @session[:user] = nil
       @session.user.should be_nil
     end
   end
   describe "user=" do
     before(:each) do
       @user = mock("user")
       @session.authentication.stub!(:fetch_user).and_return(@user)
     end
     it "should call store_user on the session to get the value to store in the session" do
       @session.authentication.should_receive(:store_user).with(@user)
       @session.user = @user
     end
     it "should set the instance variable to nil if the return of store_user is nil" do
       @session.authentication.should_receive(:store_user).and_return(nil)
       @session.user = @user
       @session.user.should be_nil
     end
     it "should set the instance varaible to nil if the return of store_user is false" do
       @session.authentication.should_receive(:store_user).and_return(false)
       @session.user = @user
       @session.user.should be_nil
     end
     it "should set the instance variable to the value of user if store_user is not nil or false" do
       @session.authentication.should_receive(:store_user).and_return(42)
       @session.user = @user
@@ -116,9 +116,9 @@ describe "Merb::Authentication Session" do
       @session[:user].should == 42
     end
   end
   describe "abandon!" do
     before(:each) do
       @user = mock("user")
       @session.authentication.stub!(:fetch_user).and_return(@user)
@@ -126,36 +126,36 @@ describe "Merb::Authentication Session" do
       @session[:user] = 42
       @session.user
     end
     it "should delete the session" do
       @session.should_receive(:clear)
       @session.abandon!
     end
     it "should not have a user after it is abandoned" do
       @session.user.should == @user
       @session.abandon!
       @session.user.should be_nil
     end
   end
   describe "Merb::Authentication" do
     it "Should be hookable" do
       Merb::Authentication.should include(Extlib::Hook)
     end
   end
   describe "#authenticate" do
     before(:all) do
       clear_strategies!
     end
     after(:all) do
       clear_strategies!
     end
     before(:each) do
       class Sone < Merb::Authentication::Strategy
         def run!
@@ -165,119 +165,119 @@ describe "Merb::Authentication Session" do
       end
       class Stwo < Merb::Authentication::Strategy
         def run!
-          Viking.capture(Stwo)
+          Viking.capture(Stwo)
           params[:pass_2]
         end
       end
       class Sthree < Merb::Authentication::Strategy
         def run!
           Viking.capture(Sthree)
-          params[:pass_3]
+          params[:pass_3]
         end
       end
       class Sfour < Merb::Authentication::Strategy
         abstract!
         def run!
            "BAD MAN"
         end
       end
       Sfour.should_not_receive(:run!)
       @request = Users.new(fake_request)
       @auth = Merb::Authentication.new(@request.session)
       Viking.captures.clear
     end
     it "should execute the strategies in the default order" do
       @request.params[:pass_3] = true
       @auth.authenticate!(@request, @request.params)
       Viking.captures.should == %w( Sone Stwo Sthree )
     end
     it "should run the strategeis until if finds a non nil non false" do
       @request.params[:pass_2] = true
       @auth.authenticate!(@request, @request.params)
       Viking.captures.should == %w( Sone Stwo )
     end
     it "should raise an Unauthenticated exception if no 'user' is found" do
       lambda do
         @auth.authenticate!(@request, @request.params)
       end.should raise_error(Merb::Controller::Unauthenticated)
     end
     it "should store the user into the session if one is found" do
       @auth.should_receive(:user=).with("WINNA")
       @request.params[:pass_1] = "WINNA"
       @auth.authenticate!(@request, @request.params)
     end
     it "should use the Authentiation#error_message as the error message" do
       @auth.should_receive(:error_message).and_return("BAD BAD BAD")
       lambda do
         @auth.authenticate!(@request, @request.params)
       end.should raise_error(Merb::Controller::Unauthenticated, "BAD BAD BAD")
     end
     it "should execute the strategies as passed into the authenticate! method" do
       @request.params[:pass_1] = true
       @auth.authenticate!(@request, @request.params, Stwo, Sone)
       Viking.captures.should == ["Stwo", "Sone"]
     end
     describe "Strategy loading as strings" do
       before :each do
         Merb::Authentication.reset_strategy_lookup!
         class Merb::Authentication::Strategies::Zone < Merb::Authentication::Strategy
           def run!
             Viking.capture(Merb::Authentication::Strategies::Zone)
-            params[:z_one]
+            params[:z_one]
           end
         end
       end
       it "should allow for loading the strategies as strings" do
         @request.params[:z_one] = "z_one"
         @request.session.authenticate!(@request, @request.params, "Zone")
         @request.session.user.should == "z_one"
       end
       it "should raise a const misisng error when the error is not namespaced" do
         @request.params[:pass_1] = "s_one"
         lambda do
           @request.session.authenticate!(@request, @request.params, "Sone")
         end.should raise_error(NameError)
       end
       it "should allow a mix of strategies as strings or classes" do
         @request.params[:pass_2] = "s_two"
         @request.session.authenticate!(@request, @request.params, "Zone", Sone, Stwo)
         Viking.captures.should == %w(Merb::Authentication::Strategies::Zone Sone Stwo)
       end
     end
   end
   describe "user_class" do
     it "should have User as the default user class if requested" do
       Merb::Authentication.user_class.should == User
-    end
+    end
   end
   describe "redirection" do
     before(:all) do
       class FooController < Merb::Controller
         before :ensure_authenticated
         def index; "FooController#index" end
       end
     end
     before(:each) do
       class MyStrategy < Merb::Authentication::Strategy
         def run!
@@ -289,37 +289,37 @@ describe "Merb::Authentication Session" do
           end
         end
       end # MyStrategy
       class FailStrategy < Merb::Authentication::Strategy
         def run!
           request.params[:should_not_be_here] = true
         end
       end
       Merb::Router.reset!
       Merb::Router.prepare{ match("/").to(:controller => "foo_controller")}
       @request = mock_request("/")
       @s = MyStrategy.new(@request, @request.params)
       @a = Merb::Authentication.new(@request.session)
     end
     it "should answer redirected false if the strategy did not redirect" do
       @a.authenticate! @request, @request.params
       @a.should_not be_redirected
     end
     it "should answer redirected true if the strategy did redirect" do
       @request.params[:url] = "/some/url"
       @a.authenticate! @request, @request.params
       @a.halted?
     end
     it "should provide access to the Headers" do
       @request.params[:url] = "/some/url"
       @a.authenticate! @request, @request.params
       @a.headers.should == {"Location" => "/some/url"}
     end
     it "should provide access to the status" do
       @request.params[:url] = "/some/url"
       @request.params[:status] = 401
@@ -327,7 +327,7 @@ describe "Merb::Authentication Session" do
       @a.should be_halted
       @a.status.should == 401
     end
     it "should stop processing the strategies if one redirects" do
       @request.params[:url] = "/some/url"
       lambda do
@@ -336,18 +336,18 @@ describe "Merb::Authentication Session" do
       @a.should be_halted
       @request.params[:should_not_be_here].should be_nil
     end
     it "should allow you to set the body" do
       @a.body = "body"
       @a.body.should == "body"
     end
     it "should put the body of the strategy as the response body of the controller" do
       controller = request "/", :params => {:url => "/some/url"}
       controller.should redirect_to("/some/url")
     end
   end