myobie-rails-auth 0.0.2 → 0.0.3

data/README.markdown

@@ -87,14 +87,14 @@ There is a lot of digest and other crap that encrypts the passwords. We save an
 
 There is also some remember/forget stuff in there.
 
-[examples]: http://github.com/myobie/rails-auth/tree/6ba96559b3f83aef3f705bc63d0895b710f27095/examples
-[init]: http://github.com/myobie/rails-auth/blob/6ba96559b3f83aef3f705bc63d0895b710f27095/examples/initializers/authentication.rb
-[a-simple]: http://github.com/myobie/rails-auth/blob/6ba96559b3f83aef3f705bc63d0895b710f27095/examples/controllers/application_controller_simple.rb
-[a-complex]: http://github.com/myobie/rails-auth/blob/6ba96559b3f83aef3f705bc63d0895b710f27095/examples/controllers/application_controller_complex.rb
-[s-simple]: http://github.com/myobie/rails-auth/blob/6ba96559b3f83aef3f705bc63d0895b710f27095/examples/controllers/sessions_controller_simple.rb
-[s-complex]: http://github.com/myobie/rails-auth/blob/6ba96559b3f83aef3f705bc63d0895b710f27095/examples/controllers/sessions_controller_complex.rb
-[m-simple]: http://github.com/myobie/rails-auth/blob/6ba96559b3f83aef3f705bc63d0895b710f27095/examples/models/user_simple.rb
-[m-complex]: http://github.com/myobie/rails-auth/blob/6ba96559b3f83aef3f705bc63d0895b710f27095/examples/models/user_complex.rb
+[examples]: http://github.com/myobie/rails-auth/tree/master/examples
+[init]: http://github.com/myobie/rails-auth/blob/master/examples/initializers/authentication.rb
+[a-simple]: http://github.com/myobie/rails-auth/blob/master/examples/controllers/application_controller_simple.rb
+[a-complex]: http://github.com/myobie/rails-auth/blob/master/examples/controllers/application_controller_complex.rb
+[s-simple]: http://github.com/myobie/rails-auth/blob/master/examples/controllers/sessions_controller_simple.rb
+[s-complex]: http://github.com/myobie/rails-auth/blob/master/examples/controllers/sessions_controller_complex.rb
+[m-simple]: http://github.com/myobie/rails-auth/blob/master/examples/models/user_simple.rb
+[m-complex]: http://github.com/myobie/rails-auth/blob/master/examples/models/user_complex.rb
 
 TODO
 ====

data/VERSION.yml

@@ -1,4 +1,4 @@
 --- 
 :minor: 0
-:patch: 2
+:patch: 3
 :major: 0

data/lib/rails-auth.rb

@@ -1,6 +1,6 @@
 class String
   def /(other)
-    "#{self}/#{other}"
+    File.join(self, other.to_s)
   end
 end
 
@@ -17,5 +17,5 @@ require 'rails-auth/strategy'
 basic_path = "rails-auth/strategies"
 
 # Rails::Authentication.register(:basic_auth,    basic_path / "basic_auth.rb")
-# Rails::Authentication.register(:openid,        basic_path / "openid.rb")
+Rails::Authentication.register(:openid,        basic_path / "openid.rb")
 Rails::Authentication.register(:password_form, basic_path / "password_form.rb")

data/lib/rails-auth/authenticated_helper.rb

@@ -8,7 +8,7 @@ module Rails
     
     protected
     def ensure_authenticated(*strategies)
-      session.authenticate!(request, params, *strategies) unless session.authenticated?
+      session.authenticate!(self, *strategies) unless session.authenticated?
       auth = session.authentication
       if auth.halted?
         response.headers.merge!(auth.headers)

data/lib/rails-auth/authentication.rb

@@ -10,7 +10,7 @@ module Rails
     class NotImplemented < Exception; end
   
     # This method returns the default user class to use throughout the
-    # merb-auth authentication framework.  Rails::Authentication.user_class can
+    # rails-auth authentication framework.  Rails::Authentication.user_class can
     # be used by other plugins, and by default by strategies.
     #
     # By Default it is set to User class.  If you need a different class
@@ -19,7 +19,16 @@ module Rails
     # @return <User Class Object>
     #
     # @api overwritable
-    cattr_accessor :user_class
+    cattr_writer :user_class
+    
+    def self.user_class
+      case @@user_class
+      when String
+        @@user_class && @@user_class.constantize
+      when Class
+        @@user_class
+      end
+    end
     
     
     ### copied from restful authentication
@@ -59,6 +68,17 @@ module Rails
       session[:user] = store_user(user)
       @user = session[:user] ? user : session[:user]  
     end
+    
+    def selected_strategy
+      return nil if session[:selected_strategy].nil?
+      @selected_strategy ||= session[:selected_strategy].constantize
+    end
+
+    def selected_strategy=(strategy)
+      session[:selected_strategy] = nil && return if strategy.nil?
+      session[:selected_strategy] = strategy.name
+      @selected_strategy = strategy
+    end
 
     # The workhorse of the framework.  The authentiate! method is where
     # the work is done.  authenticate! will try each strategy in order
@@ -78,25 +98,26 @@ module Rails
       rest = rest.flatten
     
       strategies = if rest.empty?
-        if request.session[:authentication_strategies] 
-          request.session[:authentication_strategies]
+        if session[:authentication_strategies] 
+          session[:authentication_strategies]
         else
           Rails::Authentication.default_strategy_order
         end
       else
-        request.session[:authentication_strategies] ||= []
-        request.session[:authentication_strategies] << rest
-        request.session[:authentication_strategies].flatten!.uniq!
-        request.session[:authentication_strategies]
+        session[:authentication_strategies] ||= []
+        session[:authentication_strategies] << rest
+        session[:authentication_strategies].flatten!.uniq!
+        session[:authentication_strategies]
       end
   
       msg = opts[:message] || error_message
       user = nil
+      strategy = nil
       # This one should find the first one that matches.  It should not run any other
       strategies.detect do |s|
-        s = Rails::Authentication.lookup_strategy[s] # Get the strategy from string or class
-        unless s.abstract?
-          strategy = s.new(request, params)
+        _s = Rails::Authentication.lookup_strategy[s] # Get the strategy from string or class
+        unless _s.abstract?
+          strategy = _s.new(request, params)
           user = strategy.run! 
           if strategy.halted?
             self.headers, self.status, self.body = [strategy.headers, strategy.status, strategy.body]
@@ -106,9 +127,14 @@ module Rails
           user
         end
       end
-    
+      
+      self.selected_strategy = strategy.class
+      
+      user = run_after_authentication_callbacks(user, request, params) if user
+      
       # Finally, Raise an error if there is no user found, or set it in the session if there is.
       raise Rails::Authentication::Unauthenticated, msg unless user
+      
       session[:authentication_strategies] = nil # clear the session of Failed Strategies if login is successful      
       self.user = user
     end
@@ -116,6 +142,7 @@ module Rails
     # "Logs Out" a user from the session.  Also clears out all session data
     def abandon!
       @user = nil
+      @selected_strategy = nil
       session.clear
     end
 
@@ -164,7 +191,7 @@ module Rails
         when Class
           h[k] = k
         when String, Symbol
-          h[k] = Rails::Authentication::Strategies.full_const_get(k.to_s) 
+          h[k] = ("%s::%s" % ["Rails::Authentication::Strategies", k]).constantize
         end
       end
     end

data/lib/rails-auth/session_mixin.rb

@@ -1,5 +1,4 @@
-class ActionController::Session::AbstractStore::SessionHash
-  
+module Rails::Authentication::SessionMixin
   # Access to the authentication object directly.  Particularly useful
   # for accessing the errors.
   # 
@@ -39,5 +38,13 @@ class ActionController::Session::AbstractStore::SessionHash
   def abandon!
     authentication.abandon!
   end
-  
-end
+
+end
+
+class ActionController::Session::AbstractStore::SessionHash
+  include Rails::Authentication::SessionMixin
+end
+
+class ActionController::TestSession < Hash
+  include Rails::Authentication::SessionMixin
+end

data/lib/rails-auth/strategies/openid.rb

@@ -0,0 +1,150 @@
+# The openid strategy attempts to login users based on the OpenID protocol 
+# http://openid.net/
+# 
+# Overwrite the on_sucess!, on_failure!, on_setup_needed!, and on_cancel! to customize events.
+#
+# Overwite the required_reg_fields method to require different sreg fields.  Default is email and nickname
+#
+# Overwrite the openid_store method to customize your session store
+#
+# == Requirments
+#
+# === Routes:
+#   :openid - an action that is accessilbe via http GET and protected via ensure_authenticated
+#   :signup - a url accessed via GET that takes a user to a signup form (overwritable)
+#
+# === Attributes
+#   :identity_url - A string for holding the identity_url associated with this user (overwritable)
+#
+# install the ruby-openid gem
+require 'openid'
+require 'openid/store/filesystem'
+require 'openid/extensions/sreg'
+
+class Rails::Authentication
+  module Strategies
+    module Basic
+      class OpenID < Rails::Authentication::Strategy
+
+        def run!
+          if request.params[:'openid.mode']
+            params_with_path = params.reject { |key, value| request.path_parameters[key] }
+            params_with_path.delete(:format)
+
+            response = consumer.complete(params_with_path, "#{request.protocol}#{request.host_with_port}" + request.path)
+            case response.status.to_s
+            when 'success'
+              sreg_response = ::OpenID::SReg::Response.from_success_response(response)
+              result = on_success!(response, sreg_response)
+              Rails.logger.info "\n\n#{result.inspect}\n\n"
+              result
+            when 'failure'
+              on_failure!(response)
+            when  'setup_needed'
+              on_setup_needed!(response)
+            when 'cancel'
+              on_cancel!(response)
+            end
+          elsif identity_url = params[:identity_url]
+            begin
+              openid_request = consumer.begin(identity_url)
+              openid_reg = ::OpenID::SReg::Request.new
+              openid_reg.request_fields(required_reg_fields)
+              openid_request.add_extension(openid_reg)
+              customize_openid_request!(openid_request)
+              redirect!(openid_request.redirect_url([request.protocol, request.host_with_port].join, openid_callback_url))
+            rescue ::OpenID::OpenIDError => e
+              request.session.authentication.errors.clear!
+              request.session.authentication.errors.add(:openid, 'The OpenID verification failed')
+              nil
+            end
+          end
+        end # run!
+        
+        
+        # Overwrite this to add extra options to the OpenID request before it is made.
+        # 
+        # @example request.return_to_args["remember_me"] = 1 # remember_me=1 is added when returning from the OpenID provider.
+        # 
+        # @api overwritable
+        def customize_openid_request!(openid_request)
+        end
+        
+        # Used to define the callback url for the openid provider.  By default it
+        # is set to the named :openid route.
+        # 
+        # @api overwritable
+        def openid_callback_url
+          "#{[request.protocol, request.host_with_port].join}/login"
+        end
+        
+        # Overwrite the on_success! method with the required behavior for successful logins
+        #
+        # @api overwritable
+        def on_success!(response, sreg_response)
+          if user = find_user_by_identity_url(response.identity_url)
+            user
+          else
+            session[:openid] = {:identity_url => response.identity_url}
+            required_reg_fields.each do |f|
+              session[:openid][f.to_sym] = sreg_response.data[f] if sreg_response.data[f]
+            end if sreg_response
+            #redirect!(Rails::Router.url(:signup))
+            redirect!("#{[request.protocol, request.host_with_port].join}/signup")
+          end
+        end
+        
+        # Overwrite the on_failure! method with the required behavior for failed logins
+        #
+        # @api overwritable
+        def on_failure!(response)
+          session.authentication.errors.clear!
+          session.authentication.errors.add(:openid, 'OpenID verification failed, maybe the provider is down? Or the session timed out')
+          nil
+        end
+        
+        #
+        # @api overwritable
+        def on_setup_needed!(response)
+          session.authentication.errors.clear!
+          session.authentication.errors.add(:openid, 'OpenID does not seem to be configured correctly')
+          nil
+        end
+        
+        #
+        # @api overwritable
+        def on_cancel!(response)
+          session.authentication.errors.clear!
+          session.authentication.errors.add(:openid, 'OpenID rejected our request')
+          nil
+        end
+        
+        #
+        # @api overwritable
+        def required_reg_fields
+          ['nickname', 'email']
+        end
+        
+        # Overwrite this to properly support your user model
+        #
+        # @api overwritable
+        def find_user_by_identity_url(url)
+          user_class.first(:conditions => {:identity_url => url})
+        end
+        
+        # Overwrite this method to set your store
+        #
+        # @api overwritable
+        def openid_store
+          ::OpenID::Store::Filesystem.new("#{Rails.root}/tmp/openid")
+        end
+        
+        private
+        def consumer
+          @consumer ||= ::OpenID::Consumer.new(request.session, openid_store)
+        end
+              
+      end # OpenID
+    end # Basic
+  end # Strategies
+end # Rails::Authentication

data/lib/rails-auth/strategy.rb

@@ -43,7 +43,7 @@ module Rails
       require path
     end
   
-    # The Rails::Authentication::Strategy is where all the action happens in the merb-auth framework.
+    # The Rails::Authentication::Strategy is where all the action happens in the rails-auth framework.
     # Inherit from this class to setup your own strategy.  The strategy will automatically
     # be placed in the default_strategy_order array, and will be included in the strategy runs.
     #
@@ -62,7 +62,7 @@ module Rails
     #
     #
     class Strategy
-      attr_accessor :request
+      attr_accessor :request, :params
       attr_writer   :body
     
       class << self
@@ -105,7 +105,8 @@ module Rails
     
       end # End class << self
     
-      def initialize(request, params)
+      def initialize(request, params = {})
+        # @controller = controller
         @request = request
         @params  = params
       end
@@ -139,8 +140,8 @@ module Rails
         self.headers["Location"] = url
         self.status = opts[:permanent] ? 301 : 302
         self.status = opts[:status] if opts[:status]
-        self.body   = opts[:message] || "<div>You are being redirected to <a href='#{url}'>#{url}</a></div>"
         halt!
+        # @controller.send(:redirect_to, url)
         return true
       end
     
@@ -198,7 +199,7 @@ module Rails
       #
       # @api overwritable
       def user_class
-        Rails::Authentication.user_class.constantize
+        Rails::Authentication.user_class
       end
       
     end # Strategy

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification 
 name: myobie-rails-auth
 version: !ruby/object:Gem::Version 
-  version: 0.0.2
+  version: 0.0.3
 platform: ruby
 authors: 
 - Nathan Herald
@@ -42,6 +42,7 @@ files:
 - lib/rails-auth/strategies
 - lib/rails-auth/strategies/abstract_password.rb
 - lib/rails-auth/strategies/password_form.rb
+- lib/rails-auth/strategies/openid.rb
 - lib/rails-auth/strategy.rb
 - lib/rails-auth.rb
 - test/rails-auth_test.rb

data/test/rails-auth_test.rb

@@ -1,7 +0,0 @@
-require File.dirname(__FILE__) + '/test_helper'
-
-class RailsAuthTest < Test::Unit::TestCase
-  should "probably rename this file and start testing for real" do
-    flunk "hey buddy, you should probably rename this file and start testing for real"
-  end
-end

data/test/test_helper.rb

@@ -1,9 +0,0 @@
-require 'rubygems'
-require 'bacon'
-require 'mocha'
-
-$LOAD_PATH.unshift(File.dirname(__FILE__))
-require 'rails-auth'
-
-class Test::Unit::TestCase
-end