oa-cadun 3.2.0 → 3.2.1

data/lib/oa-cadun.rb

@@ -7,4 +7,4 @@ require 'nokogiri'
 require 'date'
 require 'oa-core'
 require 'cadun'
-require 'omni_auth/strategies/cadun'
+require 'omni_auth/strategies/cadun'

data/lib/oa-cadun/version.rb

@@ -2,7 +2,7 @@ module OACadun
   module VERSION
     MAJOR = 3
     MINOR = 2
-    TINY  = 0
+    TINY  = 1
     
     STRING = [MAJOR, MINOR, TINY] * '.'
   end

data/lib/omni_auth/strategies/cadun.rb

@@ -6,16 +6,15 @@ module OmniAuth
   module Strategies
     class Cadun
       include OmniAuth::Strategy
-      include ::Cadun
       
       def initialize(app, options = {})
-        Config.load_file(options[:config])
+        ::Cadun::Config.load_file(options[:config])
         
         super(app, :cadun, options)
       end
       
       def request_phase
-        redirect "#{Config.login_url}/#{service_id}?url=#{callback_url}"
+        redirect "#{::Cadun::Config.login_url}/#{service_id}?url=#{callback_url}"
       end
       
       def callback_phase
@@ -30,16 +29,8 @@ module OmniAuth
         self.class.build_auth_hash(user, request)
       end
       
-      def self.build_auth_hash(user, request = nil)
-        hash = { :provider => "cadun", :uid => user.id, :user_info => user.to_hash.merge(:birthday =>  user.birthday.strftime('%d/%m/%Y')) }
-        hash[:user_info].merge!(:GLBID => request.params['GLBID'], :url => request.params['url']) if request
-        
-        hash
-      end
-      
-      protected
       def user
-        @user ||= User.new(:glb_id => request.params['GLBID'], :ip => env['REMOTE_ADDR'], :service_id => service_id)
+        @user ||= ::Cadun::User.new(:glb_id => request.params['GLBID'], :ip => client_ip, :service_id => service_id)
       end
       
       def service_id
@@ -54,6 +45,21 @@ module OmniAuth
         callback_url = "#{scheme}://#{uri}#{port}/auth/cadun/callback"
         URI.escape(callback_url, Regexp.new("[^#{URI::PATTERN::UNRESERVED}]"))
       end
+      
+      def client_ip
+        if env['HTTP_X_FORWARDED_FOR'] and not env['HTTP_X_FORWARDED_FOR'].empty?
+          env['HTTP_X_FORWARDED_FOR'].split(',').last.strip
+        else
+          env['REMOTE_ADDR']
+        end
+      end
+      
+      def self.build_auth_hash(user, request = nil)
+        hash = { :provider => "cadun", :uid => user.id, :user_info => user.to_hash.merge(:birthday =>  user.birthday.strftime('%d/%m/%Y')) }
+        hash[:user_info].merge!(:GLBID => request.params['GLBID'], :url => request.params['url']) if request
+        
+        hash
+      end
     end
   end
-end
+end

data/oa-cadun.gemspec

@@ -16,7 +16,7 @@ Gem::Specification.new do |s|
   s.require_paths = %w(lib)
   
   s.add_dependency 'oa-core'
-  s.add_dependency 'cadun', '0.3.0'
+  s.add_dependency 'cadun', '0.3.3'
   s.add_development_dependency 'rack'
   s.add_development_dependency 'rspec'
   s.add_development_dependency 'rr'

data/spec/omni_auth/strategies/cadun_spec.rb

@@ -15,13 +15,11 @@ describe OmniAuth::Strategies::Cadun do
       end
 
       describe "status" do
-        subject { @status }
-        specify { should == 302 }
+        it { @status.should == 302 }
       end
 
       describe "headers" do
-        subject { @headers }
-        specify { should include("Location" => "https://login.dev.globoi.com/login/1?url=http%3A%2F%2Ftest.localhost%2Fauth%2Fcadun%2Fcallback") }
+        it { @headers.should include("Location" => "https://login.dev.globoi.com/login/1?url=http%3A%2F%2Ftest.localhost%2Fauth%2Fcadun%2Fcallback") }
       end
     end
     
@@ -33,13 +31,11 @@ describe OmniAuth::Strategies::Cadun do
       end
 
       describe "status" do
-        subject { @status }
-        specify { should == 302 }
+        it { @status.should == 302 }
       end
 
       describe "headers" do
-        subject { @headers }
-        specify { should include("Location" => "https://login.dev.globoi.com/login/1?url=http%3A%2F%2Ftest.localhost%3A8080%2Fauth%2Fcadun%2Fcallback") }
+        it { @headers.should include("Location" => "https://login.dev.globoi.com/login/1?url=http%3A%2F%2Ftest.localhost%3A8080%2Fauth%2Fcadun%2Fcallback") }
       end
     end
   end
@@ -47,69 +43,92 @@ describe OmniAuth::Strategies::Cadun do
   describe "#callback_phase" do
     context "when the authorization fails" do
       before do
-        FakeWeb.register_uri :put, "http://isp-authenticator.dev.globoi.com:8280/ws/rest/autorizacao",
-                             :body => nil
-
-        strategy.call! Rack::MockRequest.env_for("http://localhost/auth/cadun/callback", "rack.session" => {})
+        stub_fail_requests
+        strategy.call! Rack::MockRequest.env_for("http://localhost/auth/cadun/callback?GLBID=GLBID", "rack.session" => {}, "REMOTE_ADDR" => "127.0.0.1")
       end
 
-      subject { strategy.callback_phase }
-
-      specify { strategy.env['omniauth.auth'].should be_nil }
-      specify { strategy.env['omniauth.error.type'].should == :invalid_credentials }
+      it { strategy.env['omniauth.auth'].should be_nil }
+      it { strategy.env['omniauth.error'].message.should == "not authorized" }
+      it { strategy.env['omniauth.error.type'].should == :invalid_credentials }
     end
     
     context "when the authorization succeeds" do
       before do
         stub_requests
-        strategy.call! Rack::MockRequest.env_for("http://localhost/auth/cadun/callback", "rack.session" => {})
+        strategy.call! Rack::MockRequest.env_for("http://localhost/auth/cadun/callback?GLBID=GLBID", "rack.session" => {}, "REMOTE_ADDR" => "127.0.0.1")
       end
 
-      subject { strategy.callback_phase }
-
-      specify { strategy.env['omniauth.auth'].should_not be_nil }
-      specify { strategy.env['omniauth.error.type'].should be_nil }
+      it { strategy.env['omniauth.auth'].should_not be_nil }
+      it { strategy.env['omniauth.error'].should be_nil }
+      it { strategy.env['omniauth.error.type'].should be_nil }
     end
   end
   
   describe "#auth_hash" do
     before do
       stub_requests
-      strategy.call! Rack::MockRequest.env_for("http://localhost?GLBID=GLBID&url=/go_back", "rack.session" => {})
+      strategy.call! Rack::MockRequest.env_for("http://localhost?GLBID=GLBID&url=/go_back", "rack.session" => {}, "REMOTE_ADDR" => "127.0.0.1")
     end
     
-    subject { strategy.auth_hash }
-    
     describe ":uid" do
-      specify { subject[:uid].should == "21737810" }
+      it { strategy.auth_hash[:uid].should == "21737810" }
     end
     
     describe ":provider" do
-      specify { subject[:provider].should == "cadun" }
+      it { strategy.auth_hash[:provider].should == "cadun" }
     end
     
     describe ":user_info" do
-      specify { subject[:user_info].should include(:address => "Rua Uruguai, 59") }
-      specify { subject[:user_info].should include(:birthday => "22/02/1983") }
-      specify { subject[:user_info].should include(:city => "Rio de Janeiro") }
-      specify { subject[:user_info].should include(:country => "Brasil") }
-      specify { subject[:user_info].should include(:cpf => "09532034765") }
-      specify { subject[:user_info].should include(:email => "fab1@spam.la") }
-      specify { subject[:user_info].should include(:gender => "MASCULINO") }
-      specify { subject[:user_info].should include(:GLBID => "GLBID") }
-      specify { subject[:user_info].should include(:cadun_id => "21737810") }
-      specify { subject[:user_info].should include(:mobile => "21 99999999") }
-      specify { subject[:user_info].should include(:name => "Fabricio Rodrigo Lopes") }
-      specify { subject[:user_info].should include(:neighborhood => "Andaraí") }
-      specify { subject[:user_info].should include(:login => "fabricio_fab1") }
-      specify { subject[:user_info].should include(:phone => "21 22881060") }
-      specify { subject[:user_info].should include(:state => "RJ") }
-      specify { subject[:user_info].should include(:status => "ATIVO") }
-      specify { subject[:user_info].should include(:url => "/go_back") }
-      specify { subject[:user_info].should include(:user_type => "NAO_ASSINANTE") }
-      specify { subject[:user_info].should include(:zipcode => "20510060") }
-      specify { subject[:user_info].should include(:complement => "807") }
+      subject { strategy.auth_hash[:user_info] }
+      
+      it { should include(:address => "Rua Uruguai, 59") }
+      it { should include(:birthday => "22/02/1983") }
+      it { should include(:city => "Rio de Janeiro") }
+      it { should include(:country => "Brasil") }
+      it { should include(:cpf => "09532034765") }
+      it { should include(:email => "fab1@spam.la") }
+      it { should include(:gender => "MASCULINO") }
+      it { should include(:GLBID => "GLBID") }
+      it { should include(:cadun_id => "21737810") }
+      it { should include(:mobile => "21 99999999") }
+      it { should include(:name => "Fabricio Rodrigo Lopes") }
+      it { should include(:neighborhood => "Andaraí") }
+      it { should include(:login => "fabricio_fab1") }
+      it { should include(:phone => "21 22881060") }
+      it { should include(:state => "RJ") }
+      it { should include(:status => "ATIVO") }
+      it { should include(:url => "/go_back") }
+      it { should include(:user_type => "NAO_ASSINANTE") }
+      it { should include(:zipcode => "20510060") }
+      it { should include(:complement => "807") }
+    end
+  end
+  
+  describe "#client_ip" do
+    it 'should return ip from REMOTE_ADDR when it comes alone' do
+      strategy.call! Rack::MockRequest.env_for("http://test.localhost/auth/cadun", "rack.session" => {}, 'REMOTE_ADDR' =>  '200.201.0.15')
+      strategy.client_ip.should == '200.201.0.15'
+    end
+
+    it 'should return ip from REMOTE_ADDR when HTTP_X_FORWARDED_FOR is empty' do
+      strategy.call! Rack::MockRequest.env_for("http://test.localhost/auth/cadun", "rack.session" => {}, 'REMOTE_ADDR' =>  '200.201.0.20', 'HTTP_X_FORWARDED_FOR' => '')
+      strategy.client_ip.should == '200.201.0.20'
+    end
+
+    it 'should return ip from HTTP_X_FORWARDED_FOR when it comes alone' do
+      strategy.call! Rack::MockRequest.env_for("http://test.localhost/auth/cadun", "rack.session" => {}, 'HTTP_X_FORWARDED_FOR' =>  '201.10.0.15')
+      strategy.client_ip.should == '201.10.0.15'
+    end
+
+    it 'should return ip from HTTP_X_FORWARDED_FOR even if REMOTE_ADDR is present' do
+      strategy.call! Rack::MockRequest.env_for("http://test.localhost/auth/cadun", "rack.session" => {}, 'REMOTE_ADDR' =>  '200.201.0.15', 'HTTP_X_FORWARDED_FOR' =>  '201.10.0.16')
+      strategy.client_ip.should == '201.10.0.16'
+    end
+
+    it 'should always return the last ip from HTTP_X_FORWARDED_FOR' do
+      strategy.call! Rack::MockRequest.env_for("http://test.localhost/auth/cadun", "rack.session" => {}, 'HTTP_X_FORWARDED_FOR' =>  '201.10.0.15, 201.10.0.16, 201.10.0.17')
+      strategy.client_ip.should == '201.10.0.17'
     end
   end
 
-end
+end

data/spec/spec_helper.rb

@@ -24,4 +24,12 @@ def stub_requests
 
   FakeWeb.register_uri :get, "http://isp-authenticator.dev.globoi.com:8280/cadunii/ws/resources/pessoa/21737810", 
                        :body => File.join(File.dirname(__FILE__), "support", "fixtures", "pessoa.xml")
-end
+end
+
+def stub_fail_requests
+  FakeWeb.register_uri :put, "http://isp-authenticator.dev.globoi.com:8280/ws/rest/autorizacao",
+                       :body => File.join(File.dirname(__FILE__), "support", "fixtures", "autorizacao_fail.xml")
+
+  FakeWeb.register_uri :get, "http://isp-authenticator.dev.globoi.com:8280/cadunii/ws/resources/pessoa/21737810", 
+                       :body => File.join(File.dirname(__FILE__), "support", "fixtures", "pessoa.xml")
+end

data/spec/support/fixtures/autorizacao_fail.xml

@@ -0,0 +1,13 @@
+<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
+  <usuarioAutorizado>
+    <emailPrincipal>fab1@spam.la</emailPrincipal>
+            <glbId>1484e00106ea401d57902541631200e8a6d44556132366c754c4261655666625537614531655252536e6262626c63676676436c6c316744544d5636617651707a6d417a49756b6e3830415a4a394f36773a303a66616231407370616d2e6c61</glbId>
+    <ip>10.2.25.160</ip>
+    <login>fab1@spam.la</login>
+    <servicoID>2626</servicoID>
+    <status>NAO_AUTORIZADO</status>
+    <statusUsuario>ATIVO</statusUsuario>
+    <tipoUsuario>NAO_ASSINANTE</tipoUsuario>
+    <username>fabricio_fab1</username>
+    <usuarioID>21737810</usuarioID>
+  </usuarioAutorizado>

metadata

@@ -2,7 +2,7 @@
 name: oa-cadun
 version: !ruby/object:Gem::Version 
   prerelease: 
-  version: 3.2.0
+  version: 3.2.1
 platform: ruby
 authors: 
 - Bruno
@@ -12,7 +12,7 @@ autorequire:
 bindir: bin
 cert_chain: []
 
-date: 2011-05-30 00:00:00 Z
+date: 2011-06-08 00:00:00 Z
 dependencies: 
 - !ruby/object:Gem::Dependency 
   name: oa-core
@@ -33,7 +33,7 @@ dependencies:
     requirements: 
     - - "="
       - !ruby/object:Gem::Version 
-        version: 0.3.0
+        version: 0.3.3
   type: :runtime
   version_requirements: *id002
 - !ruby/object:Gem::Dependency 
@@ -104,6 +104,7 @@ files:
 - spec/omni_auth/strategies/cadun_spec.rb
 - spec/spec_helper.rb
 - spec/support/fixtures/autorizacao.xml
+- spec/support/fixtures/autorizacao_fail.xml
 - spec/support/fixtures/config.yml
 - spec/support/fixtures/pessoa.xml
 homepage: https://github.com/azisaka/oa-cadun