mongo_kerberos 1.12.5-java → 2.0.0.beta-java

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: b1a96618adbff5e3eba74960e086d929b6e2da17
-  data.tar.gz: d1ed5019a34bdf2f2e5f796f1f78deccdbb56ad1
+  metadata.gz: 0e24de2cf749c7b910ba00ac06bc770902c9f0d9
+  data.tar.gz: 49a7528188114ebb5d4dcc2dd3c86bde0c728216
 SHA512:
-  metadata.gz: 2e74e9a3dd4868c41f224f8221b0212ef296e5b725fbfe3b3f41b2e1a8747dd7cc0a97615995855a3c877b2a1fc0bb3c8a0f41f22a2a1f8814672b19401c9950
-  data.tar.gz: 148805433e7de506d21c956482f02ecee9171fe3442ab77f685cc8b479dc48f0cdc1a91cc24bf522c13c9dada8a83699fa875910917fd25a15f931a4f5336221
+  metadata.gz: 20432d514d9d0ccdc1cd4fea3f26d5097e203cfb0bddd12f4be7dabde31385388989ae0832fc4358c4f50fd43390e12d0e68179b75231cd8aa02ffd2682e88db
+  data.tar.gz: 9da06f8806a88fd33bddb6727d79cd377814acf2b32463ef707d5d86c9340f4cebdde4647ada3fc8e910e724dd0c9a575ad10df558cb09f721a32eaa41b5da70

data/CONTRIBUTING.md

@@ -0,0 +1,42 @@
+Contributing
+============
+
+Code Conventions
+----------------
+
+Code style should fall in line with the style guide outlined by
+[Github](https://github.com/styleguide/ruby)
+
+Testing
+-------
+
+Bug fixes and new features should always have the appropriate specs, and the
+specs should follow the following guidelines:
+
+- Prefer `let` and `let!` over the use of instance variables and `subject`.
+- Prefer `expect(...).to eq(...) syntax over `...should eq(...)`.
+- Use shared examples to reduce duplication.
+- Use `describe "#method"` for instance method specs.
+- Use `describe ".method"` for class method specs.
+- Use `context` blocks to set up conditions.
+- Always provide descriptive specifications via `it`.
+
+Specs can be automatically run with Guard, via `bundle exec guard`
+
+Before commiting, run `rake` to ensure all specs pass with both pure Ruby and
+the native extensions.
+
+Git Etiquette
+-------------
+
+Please follow the commit message guidelines as outlined
+[in this blog post](http://tbaggery.com/2008/04/19/a-note-about-git-commit-messages.html).
+
+If the commit fixes a bug, please add the JIRA number on the last line:
+
+```
+[ close RUBY-492 ]
+```
+
+Please ensure that only one feature/bug fix is in each pull request, and
+that it is squashed into a single commit.

data/LICENSE

@@ -175,7 +175,7 @@
 
    END OF TERMS AND CONDITIONS
 
-   Copyright (C) 2008-2013 MongoDB, Inc.
+   Copyright (C) 2008-2015 MongoDB, Inc.
 
    Licensed under the Apache License, Version 2.0 (the "License");
    you may not use this file except in compliance with the License.

data/NOTICE

@@ -0,0 +1,2 @@
+Ruby Mongo Kerberos Support
+Copyright (C) 2014-2015 MongoDB, Inc.

data/README.md

@@ -0,0 +1,43 @@
+Mongo Kerberos [![Build Status](https://secure.travis-ci.org/mongodb/mongo-ruby-kerberos.png?branch=master&.png)](http://travis-ci.org/mongodb/mongo-ruby-kerberos) [![Code Climate](https://codeclimate.com/github/mongodb/mongo-ruby-kerberos.png)](https://codeclimate.com/github/mongodb/mongo-ruby-kerberos) [![Coverage Status](https://coveralls.io/repos/mongodb/mongo-ruby-kerberos/badge.png?branch=master)](https://coveralls.io/r/mongodb/mongo-ruby-kerberos?branch=master)
+====
+
+Provides Kerberos authentication support to the Mongo Ruby Driver.
+
+Compatibility
+-------------
+
+mongo_kerberos is tested against MRI (1.9.2+) and JRuby (1.7.0+)
+
+Installation
+------------
+
+libsasl is a requirement to be able to install the mongo_kerberos gem. Please see the
+[Cyrus documentation](http://cyrusimap.web.cmu.edu/docs/cyrus-sasl/2.1.25/) for more
+information.
+
+With bundler, add the `mongo_kerberos` gem to your `Gemfile`.
+
+```ruby
+gem "mongo_kerberos", "~> 2.0"
+```
+
+Require the `mongo_kerberos` gem in your application.
+
+```ruby
+require "mongo_kerberos"
+```
+
+Usage
+-----
+
+
+API Documentation
+-----------------
+
+The [API Documentation](http://rdoc.info/github/mongodb/mongo-ruby-kerberos/master/frames) is
+located at rdoc.info.
+
+Versioning
+----------
+
+As of 2.0.0, this project adheres to the [Semantic Versioning Specification](http://semver.org/).

data/Rakefile

@@ -0,0 +1,96 @@
+# Copyright (C) 2009-2013 MongoDB Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#   http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+require "bundler"
+Bundler.setup
+
+$LOAD_PATH.unshift(File.expand_path("../lib", __FILE__))
+
+require "rake"
+require "rake/extensiontask"
+require "rspec/core/rake_task"
+
+def jruby?
+  defined?(JRUBY_VERSION)
+end
+
+if jruby?
+  require "rake/javaextensiontask"
+  Rake::JavaExtensionTask.new do |ext|
+    ext.name = "native"
+    ext.ext_dir = "src"
+    ext.lib_dir = "lib/mongo/auth/kerberos"
+  end
+else
+  require "rake/extensiontask"
+  Rake::ExtensionTask.new do |ext|
+    ext.name = "native"
+    ext.ext_dir = "ext/mongo/kerberos"
+    ext.lib_dir = "lib/mongo/auth/kerberos"
+  end
+end
+
+require "mongo/auth/kerberos/version"
+
+def extension
+  RUBY_PLATFORM =~ /darwin/ ? "bundle" : "so"
+end
+
+RSpec::Core::RakeTask.new(:rspec)
+
+if jruby?
+  task :build => [ :clean_all, :compile ] do
+    system "gem build mongo_kerberos.gemspec"
+  end
+else
+  task :build => :clean_all do
+    system "gem build mongo_kerberos.gemspec"
+  end
+end
+
+task :clean_all => :clean do
+  begin
+    Dir.chdir(Pathname(__FILE__).dirname + "lib") do
+      `rm native.#{extension}`
+      `rm native.o`
+      `rm native.jar`
+    end
+  rescue Exception => e
+    puts e.message
+  end
+end
+
+task :spec => :compile do
+  Rake::Task["rspec"].invoke
+end
+
+# Run bundle exec rake release with mri and jruby. Ex:
+#
+# rvm use 2.1.0@mongo_kerberos
+# bundle exec rake release
+# rvm use jruby@mongo_kerberos
+# bundle exec rake release
+task :release => :build do
+  system "git tag -a #{Mongo::Auth::Kerberos::VERSION} -m 'Tagging release: #{Mongo::Auth::Kerberos::VERSION}'"
+  system "git push --tags"
+  if jruby?
+    system "gem push mongo_kerberos-#{Mongo::Auth::Kerberos::VERSION}-java.gem"
+    system "rm mongo_kerberos-#{Mongo::Auth::Kerberos::VERSION}-java.gem"
+  else
+    system "gem push mongo_kerberos-#{Mongo::Auth::Kerberos::VERSION}.gem"
+    system "rm mongo_kerberos-#{Mongo::Auth::Kerberos::VERSION}.gem"
+  end
+end
+
+task :default => [ :clean_all, :spec ]

data/lib/mongo/auth/kerberos.rb

@@ -0,0 +1,53 @@
+# Copyright (C) 2014-2015 MongoDB, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+require 'mongo/auth/kerberos/conversation'
+require 'mongo/auth/kerberos/version'
+
+module Mongo
+  module Auth
+
+    # Defines behaviour for Kerberos authentication.
+    #
+    # @since 2.0.0
+    class Kerberos
+      include Executable
+
+      # The authentication mechinism string.
+      #
+      # @since 2.0.0
+      MECHANISM = 'GSSAPI'.freeze
+
+      # Log the user in on the given connection.
+      #
+      # @example Log the user in.
+      #   user.login(connection)
+      #
+      # @param [ Mongo::Connection ] connection The connection to log into.
+      #   on.
+      #
+      # @return [ Protocol::Reply ] The authentication response.
+      #
+      # @since 2.0.0
+      def login(connection)
+        conversation = Conversation.new(user, connection.address.host)
+        reply = connection.dispatch([ conversation.start ])
+        until reply.documents[0][Conversation::DONE]
+          reply = connection.dispatch([ conversation.finalize(reply) ])
+        end
+        reply
+      end
+    end
+  end
+end

data/lib/mongo/auth/kerberos/conversation.rb

@@ -0,0 +1,160 @@
+# Copyright (C) 2015 MongoDB Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#   http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+if BSON::Environment.jruby?
+  require 'mongo/auth/kerberos/jruby/authenticator'
+else
+  require 'mongo/auth/kerberos/mri/authenticator'
+end
+
+module Mongo
+  module Auth
+    class Kerberos
+
+      # Defines behaviour around a single GSSAPI conversation between the
+      # client and server.
+      #
+      # @since 2.0.0
+      class Conversation
+
+        # The base client continue message.
+        #
+        # @since 2.0.0
+        CONTINUE_MESSAGE = { saslContinue: 1 }.freeze
+
+        # The key for the done field in the responses.
+        #
+        # @since 2.0.0
+        DONE = 'done'.freeze
+
+        # The conversation id field.
+        #
+        # @since 2.0.0
+        ID = 'conversationId'.freeze
+
+        # The payload field.
+        #
+        # @since 2.0.0
+        PAYLOAD = 'payload'.freeze
+
+        # The base client first message.
+        #
+        # @since 2.0.0
+        START_MESSAGE = { saslStart: 1, autoAuthorize: 1 }.freeze
+
+        # @return [ Protocol::Reply ] reply The current reply in the conversation.
+        attr_reader :reply
+
+        # @return [ Authenticator ] authenticator The native SASL authenticator.
+        attr_reader :authenticator
+
+        # @return [ Mongo::Auth::User ] user The user to authenticate.
+        attr_reader :user
+
+        # Finalize the conversation.
+        #
+        # @example Finalize the conversation.
+        #   conversation.finalize(reply)
+        #
+        # @param [ Protocol::Reply ] reply The response from the server.
+        #
+        # @return [ Protocol::Query ] The next query to execute.
+        #
+        # @since 2.0.0
+        def finalize(reply)
+          validate!(reply)
+          Protocol::Query.new(
+            Auth::EXTERNAL,
+            Database::COMMAND,
+            CONTINUE_MESSAGE.merge(payload: continue_token, conversationId: id),
+            limit: -1
+          )
+        end
+
+        # Start the authentication conversation.
+        #
+        # @example Start the conversation.
+        #   conversation.start
+        #
+        # @return [ Protocol::Query ] The command to execute.
+        #
+        # @since 2.0.0
+        def start
+          Protocol::Query.new(
+            Auth::EXTERNAL,
+            Database::COMMAND,
+            START_MESSAGE.merge(mechanism: Kerberos::MECHANISM, payload: start_token),
+            limit: -1
+          )
+        end
+
+        # Get the id of the conversation.
+        #
+        # @example Get the id of the conversation.
+        #   conversation.id
+        #
+        # @return [ Integer ] The conversation id.
+        #
+        # @since 2.0.0
+        def id
+          reply.documents[0][ID]
+        end
+
+        # Create the new conversation.
+        #
+        # @example Create the new coversation.
+        #   Conversation.new(user, 'test.example.com')
+        #
+        # @param [ Auth::User ] user The user to converse about.
+        # @param [ String ] host The host to talk to.
+        #
+        # @since 2.0.0
+        def initialize(user, host)
+          @user = user
+          @authenticator = Authenticator.new(user, host)
+        end
+
+        private
+
+        if BSON::Environment.jruby?
+
+          def start_token
+            BSON::Binary.new(authenticator.initialize_challenge)
+          end
+
+          def continue_token
+            payload = reply.documents[0][PAYLOAD]
+            BSON::Binary.new(authenticator.evaluate_challenge(payload.data))
+          end
+        else
+
+          def start_token
+            authenticator.initialize_challenge
+          end
+
+          def continue_token
+            authenticator.evaluate_challenge(reply.documents[0][PAYLOAD])
+          end
+        end
+
+        def validate!(reply)
+          unless reply.documents[0][Operation::Result::OK] == 1
+            raise Unauthorized.new(user)
+          end
+          @reply = reply
+        end
+      end
+    end
+  end
+end

data/lib/mongo/auth/kerberos/jruby/authenticator.rb

@@ -0,0 +1,53 @@
+# Copyright (C) 2014 MongoDB, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+require 'java'
+require 'mongo/auth/kerberos/jsasl.jar'
+require 'mongo/auth/kerberos/native.jar'
+
+module Mongo
+  module Auth
+    class Kerberos
+
+      # Wraps authenticator construction for JRuby.
+      #
+      # @since 2.0.0
+      class Authenticator
+        extend Forwardable
+
+        # Delegate to the wrapped authenticator.
+        def_delegators :@wrapped, :initialize_challenge, :evaluate_challenge
+
+        # Crate the new authenticator.
+        #
+        # @example Create the authenticator.
+        #   Authenticator.new(user, host)
+        #
+        # @param [ Mongo::Auth::User ] user The user.
+        # @param [ String ] host The host.
+        #
+        # @since 2.0.0
+        def initialize(user, host)
+          @wrapped = org.mongodb.sasl.GSSAPIAuthenticator.new(
+            JRuby.runtime,
+            user.name,
+            host,
+            user.auth_mech_properties[:service_name] || 'mongodb',
+            user.auth_mech_properties[:canonicalize_host_name] || false
+          )
+        end
+      end
+    end
+  end
+end

data/lib/mongo/auth/kerberos/mri/authenticator.rb

@@ -0,0 +1,50 @@
+# Copyright (C) 2014 MongoDB, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+require 'mongo/auth/kerberos/native'
+
+module Mongo
+  module Auth
+    class Kerberos
+
+      # Wraps authenticator construction for MRI.
+      #
+      # @since 2.0.0
+      class Authenticator
+        extend Forwardable
+
+        # Delegate to the wrapped authenticator.
+        def_delegators :@wrapped, :initialize_challenge, :evaluate_challenge
+
+        # Crate the new authenticator.
+        #
+        # @example Create the authenticator.
+        #   Authenticator.new(user, host)
+        #
+        # @param [ Mongo::Auth::User ] user The user.
+        # @param [ String ] host The host.
+        #
+        # @since 2.0.0
+        def initialize(user, host)
+          @wrapped = GSSAPIAuthenticator.new(
+            user.name,
+            host,
+            user.auth_mech_properties[:service_name] || 'mongodb',
+            user.auth_mech_properties[:canonicalize_host_name] || false
+          )
+        end
+      end
+    end
+  end
+end

data/lib/mongo/auth/kerberos/version.rb

@@ -0,0 +1,23 @@
+# Copyright (C) 2015 MongoDB, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+module Mongo
+  module Auth
+    class Kerberos
+
+      # The gem version number.
+      VERSION = '2.0.0.beta'.freeze
+    end
+  end
+end

data/lib/mongo_kerberos.rb

@@ -4,7 +4,7 @@
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
 #
-#   http://www.apache.org/licenses/LICENSE-2.0
+# http://www.apache.org/licenses/LICENSE-2.0
 #
 # Unless required by applicable law or agreed to in writing, software
 # distributed under the License is distributed on an "AS IS" BASIS,
@@ -12,30 +12,14 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
+require 'forwardable'
 require 'mongo'
+require 'mongo/auth/kerberos'
 
-begin
-  if RUBY_PLATFORM =~ /java/
-    require 'mongo_kerberos/sasl_java'
-  else
-    require 'mongo_kerberos/sasl_c'
-    require "csasl/csasl"
-  end
-end
-
-module Mongo
-  module Authentication
-
-    private
+# Add the Kerberos authentication mechanism.
+#
+# @since 2.0.0
+Mongo::Auth::SOURCES[:gssapi] = Mongo::Auth::Kerberos
 
-    # Handles issuing authentication commands for the GSSAPI auth mechanism.
-    #
-    # @param auth [Hash] The authentication credentials to be used.
-    # @param opts [Hash] Hash of optional settings and configuration values.
-    #
-    # @private
-    def issue_gssapi(auth, opts={})
-      Mongo::Sasl::GSSAPI.authenticate(auth[:username], self, opts[:socket], auth[:extra] || {})
-    end
-  end
-end
+# @note Prevent any further modifications.
+Mongo::Auth::SOURCES.freeze

data/spec/mongo/auth/kerberos/conversation_spec.rb

@@ -0,0 +1,131 @@
+require 'spec_helper'
+
+describe Mongo::Auth::Kerberos::Conversation do
+
+  let(:user) do
+    Mongo::Auth::User.new(user: 'test')
+  end
+
+  let(:conversation) do
+    described_class.new(user, 'test.example.com')
+  end
+
+  let(:authenticator) do
+    double('authenticator')
+  end
+
+  before do
+    expect(Mongo::Auth::Kerberos::Authenticator).to receive(:new).
+      with(user, 'test.example.com').
+      and_return(authenticator)
+  end
+
+  describe '#start' do
+
+    let(:query) do
+      conversation.start
+    end
+
+    let(:selector) do
+      query.selector
+    end
+
+    before do
+      expect(authenticator).to receive(:initialize_challenge).and_return('test')
+    end
+
+    it 'sets the sasl start flag' do
+      expect(selector[:saslStart]).to eq(1)
+    end
+
+    it 'sets the auto authorize flag' do
+      expect(selector[:autoAuthorize]).to eq(1)
+    end
+
+    it 'sets the mechanism' do
+      expect(selector[:mechanism]).to eq('GSSAPI')
+    end
+
+    it 'sets the payload', unless: BSON::Environment.jruby? do
+      expect(selector[:payload]).to start_with('test')
+    end
+
+    it 'sets the payload', if: BSON::Environment.jruby? do
+      expect(selector[:payload].data).to start_with('test')
+    end
+  end
+
+  describe '#finalize' do
+
+    let(:reply) do
+      Mongo::Protocol::Reply.new
+    end
+
+    let(:continue_token) do
+      BSON::Environment.jruby? ? BSON::Binary.new('testing') : 'testing'
+    end
+
+    context 'when the conversation is a success' do
+
+      let(:documents) do
+        [{
+          'conversationId' => 1,
+          'done' => false,
+          'payload' => continue_token,
+          'ok' => 1.0
+        }]
+      end
+
+      let(:query) do
+        conversation.finalize(reply)
+      end
+
+      let(:selector) do
+        query.selector
+      end
+
+      before do
+        expect(authenticator).to receive(:evaluate_challenge).
+          with('testing').and_return(continue_token)
+        reply.instance_variable_set(:@documents, documents)
+      end
+
+      it 'sets the conversation id' do
+        expect(selector[:conversationId]).to eq(1)
+      end
+
+      it 'sets the payload', unless: BSON::Environment.jruby? do
+        expect(selector[:payload]).to eq(continue_token)
+      end
+
+      it 'sets the payload', if: BSON::Environment.jruby? do
+        expect(selector[:payload].data).to eq(continue_token)
+      end
+
+      it 'sets the continue flag' do
+        expect(selector[:saslContinue]).to eq(1)
+      end
+    end
+
+    context 'when the auth failed' do
+
+      let(:documents) do
+        [{
+          'conversationId' => 1,
+          'done' => false,
+          'ok' => 0.0
+        }]
+      end
+
+      before do
+        reply.instance_variable_set(:@documents, documents)
+      end
+
+      it 'raises an error' do
+        expect {
+          conversation.finalize(reply)
+        }.to raise_error(Mongo::Auth::Unauthorized)
+      end
+    end
+  end
+end

data/spec/mongo/auth/kerberos/mri/authenticator_spec.rb

@@ -0,0 +1,23 @@
+require 'spec_helper'
+
+describe Mongo::Auth::Kerberos::Authenticator do
+
+  describe '#initialize' do
+
+    let(:user) do
+      Mongo::Auth::User.new(user: 'drivers@LDAPTEST.10GEN.CC')
+    end
+
+    let(:authenticator) do
+      described_class.new(user, '127.0.0.1')
+    end
+
+    let(:wrapped) do
+      authenticator.instance_variable_get(:@wrapped)
+    end
+
+    it 'wraps the c extension authenticator', unless: BSON::Environment.jruby? do
+      expect(wrapped).to be_a(Mongo::Auth::GSSAPIAuthenticator)
+    end
+  end
+end

data/spec/spec_helper.rb

@@ -0,0 +1,30 @@
+# Copyright (C) 2014 MongoDB Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#   http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+$LOAD_PATH.unshift(File.dirname(__FILE__))
+$LOAD_PATH.unshift(File.join(File.dirname(__FILE__), "..", "lib"))
+
+if ENV["CI"] && !ENV["WITH_EXT"]
+  require "simplecov"
+  require "coveralls"
+  SimpleCov.formatter = Coveralls::SimpleCov::Formatter
+  SimpleCov.start do
+    add_filter "spec"
+  end
+end
+
+require "mongo_kerberos"
+require "rspec"
+
+# Dir["./spec/support/**/*.rb"].each { |file| require file }

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: mongo_kerberos
 version: !ruby/object:Gem::Version
-  version: 1.12.5
+  version: 2.0.0.beta
 platform: java
 authors:
 - Emily Stolfo
@@ -13,7 +13,7 @@ cert_chain:
   -----BEGIN CERTIFICATE-----
   MIIDfDCCAmSgAwIBAgIBATANBgkqhkiG9w0BAQUFADBCMRQwEgYDVQQDDAtkcml2
   ZXItcnVieTEVMBMGCgmSJomT8ixkARkWBTEwZ2VuMRMwEQYKCZImiZPyLGQBGRYD
-  Y29tMB4XDTE1MDMzMTA5NDIzNVoXDTE2MDMzMDA5NDIzNVowQjEUMBIGA1UEAwwL
+  Y29tMB4XDTE0MTEyMDE1NTYxOVoXDTE1MTEyMDE1NTYxOVowQjEUMBIGA1UEAwwL
   ZHJpdmVyLXJ1YnkxFTATBgoJkiaJk/IsZAEZFgUxMGdlbjETMBEGCgmSJomT8ixk
   ARkWA2NvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANFdSAa8fRm1
   bAM9za6Z0fAH4g02bqM1NGnw8zJQrE/PFrFfY6IFCT2AsLfOwr1maVm7iU1+kdVI
@@ -24,42 +24,53 @@ cert_chain:
   u8KAcPHm5KkCAwEAAaN9MHswCQYDVR0TBAIwADALBgNVHQ8EBAMCBLAwHQYDVR0O
   BBYEFFt3WbF+9JpUjAoj62cQBgNb8HzXMCAGA1UdEQQZMBeBFWRyaXZlci1ydWJ5
   QDEwZ2VuLmNvbTAgBgNVHRIEGTAXgRVkcml2ZXItcnVieUAxMGdlbi5jb20wDQYJ
-  KoZIhvcNAQEFBQADggEBAH+jEbhVRjZke7ZgM3EjERSblLM8RtHZBczjQKuG0Eor
-  HUF/hyq7D+mz75Ch7K8m5NRwvppePbBV4lAF+DzuDGjh+V6cz4wNKaWWFIL8eNCY
-  F+0vDVtGok06CXnb2swHEtd1Z8zpQviJ3xpSGAvF88+glzvPQmCyA071kPUAmDvd
-  5og5x3Bv8IxaxmEpFndXhT3NHL/tOBeT9VJuJWMCxOXRCv4y9bBBTrxoRVuos59Z
-  XZOS48LlWh15EG4yZo/gRzqNAW2LUIkYA5eMS2Kp6r+KV8IBUO/LaHdrXbdilpa8
-  BRsuCo7UZDbFVRns04HLyjVvkj+K/ywIcdKdS0csz5M=
+  KoZIhvcNAQEFBQADggEBAKjvumG2Fy9zAoSc1OEcmAqqOfzx1U+isGyEsz1rs5eT
+  HAIHsxaEdZTjSwDuqyelLDWJHWspeWU5pV5lepfI4cop29wwoPJIJ9Az2RMMbtdv
+  gFApVb6QX61OMenFeOdJ/QZ3n9xcrxJZFdvrXQ5GjEU2anq3dJhFeESwIMlfVJC7
+  7XrlMxizzH712DPfy65dMj0Y39qHdoWYKeCkEoj5UWNcHRK9xgaHJR6prlXrIhgb
+  o2UXDbWtz5PqoFd8EgNJAn3+BG1pwC9S9pVFG3WPucfAx/bE8iq/vvchHei5Y/Vo
+  aAz5f/hY4zFeYWvGDBHYEXE1rTN2hhMSyJscPcFbmz0=
   -----END CERTIFICATE-----
-date: 2015-12-01 00:00:00.000000000 Z
+date: 2015-03-02 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
+  name: mongo
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 2.0.0.beta
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - '='
+    - - ~>
       - !ruby/object:Gem::Version
-        version: 1.12.5
-  name: mongo
+        version: 2.0.0.beta
   prerelease: false
   type: :runtime
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - '='
-      - !ruby/object:Gem::Version
-        version: 1.12.5
-description: Adds kerberos authentication via libsasl to the MongoDB Ruby Driver on MRI and JRuby
-email: mongodb-dev@googlegroups.com
+description: Adds Kerberos authentication via libsasl to the MongoDB Ruby Driver on MRI and JRuby
+email:
+- mongodb-dev@googlegroups.com
 executables: []
 extensions: []
 extra_rdoc_files: []
 files:
+- CONTRIBUTING.md
 - LICENSE
-- VERSION
-- ext/jsasl/target/jsasl.jar
+- NOTICE
+- README.md
+- Rakefile
 - lib/mongo_kerberos.rb
-- lib/mongo_kerberos/sasl_c.rb
-- lib/mongo_kerberos/sasl_java.rb
-- mongo_kerberos.gemspec
+- lib/mongo/auth/kerberos.rb
+- lib/mongo/auth/kerberos/conversation.rb
+- lib/mongo/auth/kerberos/jsasl.jar
+- lib/mongo/auth/kerberos/native.bundle
+- lib/mongo/auth/kerberos/native.jar
+- lib/mongo/auth/kerberos/version.rb
+- lib/mongo/auth/kerberos/jruby/authenticator.rb
+- lib/mongo/auth/kerberos/mri/authenticator.rb
+- spec/spec_helper.rb
+- spec/mongo/auth/kerberos/conversation_spec.rb
+- spec/mongo/auth/kerberos/mri/authenticator_spec.rb
 homepage: http://www.mongodb.org
 licenses:
 - Apache License Version 2.0
@@ -72,16 +83,19 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - '>='
     - !ruby/object:Gem::Version
-      version: '0'
+      version: 1.9.3
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - '>='
     - !ruby/object:Gem::Version
-      version: '0'
+      version: 1.3.6
 requirements: []
 rubyforge_project: mongo_kerberos
-rubygems_version: 2.4.8
+rubygems_version: 2.1.9
 signing_key:
 specification_version: 4
 summary: Kerberos authentication support for the MongoDB Ruby driver
-test_files: []
+test_files:
+- spec/spec_helper.rb
+- spec/mongo/auth/kerberos/conversation_spec.rb
+- spec/mongo/auth/kerberos/mri/authenticator_spec.rb

data/VERSION

@@ -1 +0,0 @@
-1.12.5

data/lib/mongo_kerberos/sasl_c.rb

@@ -1,43 +0,0 @@
-# Copyright (C) 2009-2014 MongoDB, Inc.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#   http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-module Mongo
-  module Sasl
-    module GSSAPI
-
-      def self.authenticate(username, client, socket, opts={})
-        db           = client.db('$external')
-        hostname     = socket.pool.host
-        servicename  = opts[:service_name] || 'mongodb'
-        canonicalize = opts[:canonicalize_host_name] ? opts[:canonicalize_host_name] : false
-        username     += "@#{opts[:service_realm]}" if opts[:service_realm]
-        authenticator = Mongo::Sasl::GSSAPIAuthenticator.new(username, hostname, servicename, canonicalize)
-
-        return { } unless authenticator.valid?
-
-        token    = authenticator.initialize_challenge
-        cmd      = BSON::OrderedHash['saslStart', 1, 'mechanism', 'GSSAPI', 'payload', token, 'autoAuthorize', 1]
-        response = db.command(cmd, :check_response => false, :socket => socket)
-
-        until response['done'] do
-          break unless Support.ok?(response)
-          token    = authenticator.evaluate_challenge(response['payload'])
-          cmd      = BSON::OrderedHash['saslContinue', 1, 'conversationId', response['conversationId'], 'payload', token]
-          response = db.command(cmd, :check_response => false, :socket => socket)
-        end
-        response
-      end
-    end
-  end
-end

data/lib/mongo_kerberos/sasl_java.rb

@@ -1,52 +0,0 @@
-# Copyright (C) 2009-2014 MongoDB, Inc.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#   http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-require 'jruby'
-
-include Java
-
-jar_dir = File.expand_path(File.join(File.dirname(__FILE__), '../../ext/jsasl'))
-require File.join(jar_dir, 'target/jsasl.jar')
-
-module Mongo
-  module Sasl
-    module GSSAPI
-
-      def self.authenticate(username, client, socket, opts={})
-        db            = client.db('$external')
-        hostname      = socket.pool.host
-        servicename   = opts[:service_name] || 'mongodb'
-        username      += "@#{opts[:service_realm]}" if opts[:service_realm]
-        canonicalize  = opts[:canonicalize_host_name] ? opts[:canonicalize_host_name] : false
-
-        begin
-          authenticator = org.mongodb.sasl.GSSAPIAuthenticator.new(JRuby.runtime, username, hostname, servicename, canonicalize)
-          token         = BSON::Binary.new(authenticator.initialize_challenge)
-          cmd           = BSON::OrderedHash['saslStart', 1, 'mechanism', 'GSSAPI', 'payload', token, 'autoAuthorize', 1]
-          response      = db.command(cmd, :check_response => false, :socket => socket)
-
-          until response['done'] do
-            break unless Support.ok?(response)
-            token    = BSON::Binary.new(authenticator.evaluate_challenge(response['payload'].to_s))
-            cmd      = BSON::OrderedHash['saslContinue', 1, 'conversationId', response['conversationId'], 'payload', token]
-            response = db.command(cmd, :check_response => false, :socket => socket)
-          end
-          response
-        rescue Java::OrgMongodbSasl::MongoSecurityException
-          return { }
-        end
-      end
-    end
-  end
-end

data/mongo_kerberos.gemspec

@@ -1,35 +0,0 @@
-Gem::Specification.new do |s|
-  s.name = 'mongo_kerberos'
-  s.version = File.read(File.join(File.dirname(__FILE__), 'VERSION'))
-  s.platform = Gem::Platform::RUBY
-  s.authors = [ 'Emily Stolfo', 'Durran Jordan' ]
-  s.email = 'mongodb-dev@googlegroups.com'
-  s.homepage = 'http://www.mongodb.org'
-  s.summary = 'Kerberos authentication support for the MongoDB Ruby driver'
-  s.description = 'Adds kerberos authentication via libsasl to the MongoDB Ruby Driver on MRI and JRuby'
-  s.rubyforge_project = 'mongo_kerberos'
-  s.license = 'Apache License Version 2.0'
-
-  if File.exists?('gem-private_key.pem')
-    s.signing_key = 'gem-private_key.pem'
-    s.cert_chain  = ['gem-public_cert.pem']
-  else
-    warn 'Warning: No private key present, creating unsigned gem.'
-  end
-
-  s.files = [ 'mongo_kerberos.gemspec', 'LICENSE', 'VERSION' ]
-  s.files += [ 'lib/mongo_kerberos.rb' ]
-  s.files += Dir[ 'lib/mongo_kerberos/**/*.rb' ]
-
-  if RUBY_PLATFORM =~ /java/
-    s.platform = 'java'
-    s.files << 'ext/jsasl/target/jsasl.jar'
-  else
-    s.files += Dir.glob('ext/csasl/**/*.{c,h,rb}')
-    s.extensions = [ 'ext/csasl/extconf.rb' ]
-  end
-
-  s.add_dependency('mongo', "#{s.version}")
-  s.require_paths = ['lib']
-  s.has_rdoc = 'yard'
-end