omniauth-chef 0.1.0 → 0.4.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +5 -5
- data/.gitignore +1 -0
- data/lib/omniauth-chef.rb +0 -2
- data/lib/omniauth-chef/version.rb +1 -2
- data/lib/omniauth/strategies/chef.rb +21 -5
- data/omniauth-chef.gemspec +9 -9
- data/spec/omniauth/strategies/chef_spec.rb +73 -1
- data/spec/spec_helper.rb +0 -1
- metadata +26 -22
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
|
-
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
2
|
+
SHA256:
|
3
|
+
metadata.gz: 2598a4b153d54f1fe207a2ad9c9703a0e8e68558120d28d523cd8f2b9aa65017
|
4
|
+
data.tar.gz: 4eddfaf9edd36bad38ec5097f02c931f7add9acc96b9f97e0046f18c3d9263ee
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: dfc95e35ae4a02ee6f6a46d91f2dabe13eff3dff423a2d35050f8b412781fd2d4933f05613b3264a06ae0808fc42dd861777ab3f0b43fa80795e125872d4af49
|
7
|
+
data.tar.gz: fb45ed24e9347dcc71eab6ad833a3258e138c5321ed856333c2ff66ac9edbace455b8d0fcf1513d628d91a43e3960132fd95fbfbebb635869a027ccd302b4b53
|
data/.gitignore
CHANGED
data/lib/omniauth-chef.rb
CHANGED
@@ -13,8 +13,6 @@
|
|
13
13
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
14
14
|
# See the License for the specific language governing permissions and
|
15
15
|
# limitations under the License.
|
16
|
-
#
|
17
16
|
|
18
17
|
require 'omniauth-chef/version'
|
19
|
-
|
20
18
|
require 'omniauth/strategies/chef'
|
@@ -13,10 +13,9 @@
|
|
13
13
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
14
14
|
# See the License for the specific language governing permissions and
|
15
15
|
# limitations under the License.
|
16
|
-
#
|
17
16
|
|
18
17
|
module OmniAuth
|
19
18
|
module Chef
|
20
|
-
VERSION =
|
19
|
+
VERSION = "0.4.1"
|
21
20
|
end
|
22
21
|
end
|
@@ -13,9 +13,9 @@
|
|
13
13
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
14
14
|
# See the License for the specific language governing permissions and
|
15
15
|
# limitations under the License.
|
16
|
-
#
|
17
16
|
|
18
17
|
require 'chef'
|
18
|
+
require 'chef/config'
|
19
19
|
require 'omniauth'
|
20
20
|
|
21
21
|
module OmniAuth
|
@@ -24,6 +24,7 @@ module OmniAuth
|
|
24
24
|
include OmniAuth::Strategy
|
25
25
|
|
26
26
|
option :endpoint, 'https://api.opscode.piab'
|
27
|
+
option :ssl_verify_mode, :verify_peer
|
27
28
|
option :fields, [:name, :password]
|
28
29
|
option :headers, { }
|
29
30
|
option :organization, nil
|
@@ -31,6 +32,7 @@ module OmniAuth
|
|
31
32
|
option :source, 'web'
|
32
33
|
option :superuser, 'pivotal'
|
33
34
|
option :key_path, '../../../../config/webui_priv.pem'
|
35
|
+
option :key_data, nil
|
34
36
|
option :uid, :name
|
35
37
|
|
36
38
|
def callback_phase
|
@@ -60,7 +62,17 @@ module OmniAuth
|
|
60
62
|
|
61
63
|
def authenticated_user
|
62
64
|
begin
|
63
|
-
|
65
|
+
uname = username
|
66
|
+
# Check if username is email
|
67
|
+
if (uname.include?('@'))
|
68
|
+
users = chef.get_rest(
|
69
|
+
"users?#{{ email: username }.to_query}"
|
70
|
+
)
|
71
|
+
if (users.length > 0)
|
72
|
+
uname = users.first[0]
|
73
|
+
end
|
74
|
+
end
|
75
|
+
chef.post_rest(resource, username: uname, password: password)['user']
|
64
76
|
rescue Net::HTTPServerException
|
65
77
|
|
66
78
|
end
|
@@ -71,7 +83,8 @@ module OmniAuth
|
|
71
83
|
end
|
72
84
|
|
73
85
|
def chef
|
74
|
-
::Chef::
|
86
|
+
::Chef::Config.ssl_verify_mode options.ssl_verify_mode.to_sym
|
87
|
+
::Chef::ServerAPI.new endpoint, parameters
|
75
88
|
end
|
76
89
|
|
77
90
|
def endpoint
|
@@ -83,7 +96,7 @@ module OmniAuth
|
|
83
96
|
end
|
84
97
|
|
85
98
|
def key
|
86
|
-
IO.read(File.expand_path(options.key_path, __FILE__)).strip
|
99
|
+
options.key_data || IO.read(File.expand_path(options.key_path, __FILE__)).strip
|
87
100
|
end
|
88
101
|
|
89
102
|
def organization
|
@@ -91,7 +104,10 @@ module OmniAuth
|
|
91
104
|
end
|
92
105
|
|
93
106
|
def parameters
|
94
|
-
{ headers: headers,
|
107
|
+
{ headers: headers,
|
108
|
+
client_name: options.superuser,
|
109
|
+
client_key: nil,
|
110
|
+
raw_key: key }
|
95
111
|
end
|
96
112
|
|
97
113
|
def password
|
data/omniauth-chef.gemspec
CHANGED
@@ -9,8 +9,8 @@ require 'omniauth-chef/version'
|
|
9
9
|
Gem::Specification.new do |spec|
|
10
10
|
spec.name = 'omniauth-chef'
|
11
11
|
spec.version = OmniAuth::Chef::VERSION
|
12
|
-
spec.authors = ['Allen Goodman']
|
13
|
-
spec.email = %q(a@getchef.com)
|
12
|
+
spec.authors = ['James Casey', 'Allen Goodman']
|
13
|
+
spec.email = %q(james@getchef.com a@getchef.com)
|
14
14
|
spec.description = %q{OmniAuth strategy for Chef}
|
15
15
|
spec.summary = %q{OmniAuth strategy for Chef}
|
16
16
|
spec.homepage = 'https://github.com/opscode/oc_actionlog'
|
@@ -22,13 +22,13 @@ Gem::Specification.new do |spec|
|
|
22
22
|
|
23
23
|
spec.test_files = Dir.glob 'spec/**/*.rb'
|
24
24
|
|
25
|
-
spec.require_paths =
|
25
|
+
spec.require_paths = %w(lib)
|
26
26
|
|
27
|
-
spec.add_development_dependency '
|
28
|
-
spec.add_development_dependency 'rack-test',
|
29
|
-
spec.add_development_dependency 'rake',
|
30
|
-
spec.add_development_dependency 'rspec',
|
27
|
+
spec.add_development_dependency 'guard-rspec', '~> 4.2'
|
28
|
+
spec.add_development_dependency 'rack-test', '~> 1'
|
29
|
+
spec.add_development_dependency 'rake', '~> 13'
|
30
|
+
spec.add_development_dependency 'rspec', '~> 3'
|
31
31
|
|
32
|
-
spec.add_runtime_dependency 'chef', '~>
|
33
|
-
spec.add_runtime_dependency 'omniauth', '~>
|
32
|
+
spec.add_runtime_dependency 'chef', '~> 17'
|
33
|
+
spec.add_runtime_dependency 'omniauth', '~> 2.0', '>= 2.0.4' # required for CVE-2015-9284
|
34
34
|
end
|
@@ -14,10 +14,82 @@
|
|
14
14
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
15
15
|
# See the License for the specific language governing permissions and
|
16
16
|
# limitations under the License.
|
17
|
-
#
|
18
17
|
|
19
18
|
require 'spec_helper'
|
20
19
|
|
21
20
|
describe OmniAuth::Strategies::Chef do
|
21
|
+
subject do
|
22
|
+
OmniAuth::Strategies::Chef.new({})
|
23
|
+
end
|
24
|
+
|
25
|
+
context 'options' do
|
26
|
+
describe 'option :endpoint' do
|
27
|
+
context 'default: https://api.opscode.piab' do
|
28
|
+
it do
|
29
|
+
expect(subject.options.endpoint).to eq('https://api.opscode.piab')
|
30
|
+
end
|
31
|
+
end
|
32
|
+
end
|
33
|
+
|
34
|
+
describe 'option :fields' do
|
35
|
+
context 'default: [:name, :password]' do
|
36
|
+
it { expect(subject.options.fields).to eq([:name, :password]) }
|
37
|
+
end
|
38
|
+
end
|
39
|
+
|
40
|
+
describe 'option :headers' do
|
41
|
+
context 'default: { }' do
|
42
|
+
it { expect(subject.options.headers).to eq({ }) }
|
43
|
+
end
|
44
|
+
end
|
45
|
+
|
46
|
+
describe 'option :organization' do
|
47
|
+
context 'default: nil' do
|
48
|
+
it { expect(subject.options.organization).to eq(nil) }
|
49
|
+
end
|
50
|
+
end
|
51
|
+
|
52
|
+
describe 'option :resource' do
|
53
|
+
context 'default: authenticate_user' do
|
54
|
+
it { expect(subject.options.resource).to eq('authenticate_user') }
|
55
|
+
end
|
56
|
+
end
|
57
|
+
|
58
|
+
describe 'option :source' do
|
59
|
+
context 'default: web' do
|
60
|
+
it { expect(subject.options.source).to eq('web') }
|
61
|
+
end
|
62
|
+
end
|
63
|
+
|
64
|
+
describe 'option :superuser' do
|
65
|
+
context 'default: pivotal' do
|
66
|
+
it { expect(subject.options.superuser).to eq('pivotal') }
|
67
|
+
end
|
68
|
+
end
|
69
|
+
|
70
|
+
describe 'option :key_path' do
|
71
|
+
context 'default: ../../../../config/webui_priv.pem' do
|
72
|
+
it do
|
73
|
+
default_key_path = '../../../../config/webui_priv.pem'
|
74
|
+
|
75
|
+
expect(subject.options.key_path).to eq(default_key_path)
|
76
|
+
end
|
77
|
+
end
|
78
|
+
end
|
79
|
+
|
80
|
+
describe 'option :key_data' do
|
81
|
+
context 'default: nil' do
|
82
|
+
it do
|
83
|
+
expect(subject.options.key_data).to eq(nil)
|
84
|
+
end
|
85
|
+
end
|
86
|
+
end
|
87
|
+
|
22
88
|
|
89
|
+
describe 'option :uid' do
|
90
|
+
context ':name' do
|
91
|
+
it { expect(subject.options.uid).to eq(:name) }
|
92
|
+
end
|
93
|
+
end
|
94
|
+
end
|
23
95
|
end
|
data/spec/spec_helper.rb
CHANGED
metadata
CHANGED
@@ -1,101 +1,108 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: omniauth-chef
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.1
|
4
|
+
version: 0.4.1
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
|
+
- James Casey
|
7
8
|
- Allen Goodman
|
8
9
|
autorequire:
|
9
10
|
bindir: bin
|
10
11
|
cert_chain: []
|
11
|
-
date:
|
12
|
+
date: 2021-07-22 00:00:00.000000000 Z
|
12
13
|
dependencies:
|
13
14
|
- !ruby/object:Gem::Dependency
|
14
|
-
name:
|
15
|
+
name: guard-rspec
|
15
16
|
requirement: !ruby/object:Gem::Requirement
|
16
17
|
requirements:
|
17
18
|
- - "~>"
|
18
19
|
- !ruby/object:Gem::Version
|
19
|
-
version: '
|
20
|
+
version: '4.2'
|
20
21
|
type: :development
|
21
22
|
prerelease: false
|
22
23
|
version_requirements: !ruby/object:Gem::Requirement
|
23
24
|
requirements:
|
24
25
|
- - "~>"
|
25
26
|
- !ruby/object:Gem::Version
|
26
|
-
version: '
|
27
|
+
version: '4.2'
|
27
28
|
- !ruby/object:Gem::Dependency
|
28
29
|
name: rack-test
|
29
30
|
requirement: !ruby/object:Gem::Requirement
|
30
31
|
requirements:
|
31
32
|
- - "~>"
|
32
33
|
- !ruby/object:Gem::Version
|
33
|
-
version: '
|
34
|
+
version: '1'
|
34
35
|
type: :development
|
35
36
|
prerelease: false
|
36
37
|
version_requirements: !ruby/object:Gem::Requirement
|
37
38
|
requirements:
|
38
39
|
- - "~>"
|
39
40
|
- !ruby/object:Gem::Version
|
40
|
-
version: '
|
41
|
+
version: '1'
|
41
42
|
- !ruby/object:Gem::Dependency
|
42
43
|
name: rake
|
43
44
|
requirement: !ruby/object:Gem::Requirement
|
44
45
|
requirements:
|
45
46
|
- - "~>"
|
46
47
|
- !ruby/object:Gem::Version
|
47
|
-
version: '
|
48
|
+
version: '13'
|
48
49
|
type: :development
|
49
50
|
prerelease: false
|
50
51
|
version_requirements: !ruby/object:Gem::Requirement
|
51
52
|
requirements:
|
52
53
|
- - "~>"
|
53
54
|
- !ruby/object:Gem::Version
|
54
|
-
version: '
|
55
|
+
version: '13'
|
55
56
|
- !ruby/object:Gem::Dependency
|
56
57
|
name: rspec
|
57
58
|
requirement: !ruby/object:Gem::Requirement
|
58
59
|
requirements:
|
59
60
|
- - "~>"
|
60
61
|
- !ruby/object:Gem::Version
|
61
|
-
version: '
|
62
|
+
version: '3'
|
62
63
|
type: :development
|
63
64
|
prerelease: false
|
64
65
|
version_requirements: !ruby/object:Gem::Requirement
|
65
66
|
requirements:
|
66
67
|
- - "~>"
|
67
68
|
- !ruby/object:Gem::Version
|
68
|
-
version: '
|
69
|
+
version: '3'
|
69
70
|
- !ruby/object:Gem::Dependency
|
70
71
|
name: chef
|
71
72
|
requirement: !ruby/object:Gem::Requirement
|
72
73
|
requirements:
|
73
74
|
- - "~>"
|
74
75
|
- !ruby/object:Gem::Version
|
75
|
-
version: '
|
76
|
+
version: '17'
|
76
77
|
type: :runtime
|
77
78
|
prerelease: false
|
78
79
|
version_requirements: !ruby/object:Gem::Requirement
|
79
80
|
requirements:
|
80
81
|
- - "~>"
|
81
82
|
- !ruby/object:Gem::Version
|
82
|
-
version: '
|
83
|
+
version: '17'
|
83
84
|
- !ruby/object:Gem::Dependency
|
84
85
|
name: omniauth
|
85
86
|
requirement: !ruby/object:Gem::Requirement
|
86
87
|
requirements:
|
87
88
|
- - "~>"
|
88
89
|
- !ruby/object:Gem::Version
|
89
|
-
version: '
|
90
|
+
version: '2.0'
|
91
|
+
- - ">="
|
92
|
+
- !ruby/object:Gem::Version
|
93
|
+
version: 2.0.4
|
90
94
|
type: :runtime
|
91
95
|
prerelease: false
|
92
96
|
version_requirements: !ruby/object:Gem::Requirement
|
93
97
|
requirements:
|
94
98
|
- - "~>"
|
95
99
|
- !ruby/object:Gem::Version
|
96
|
-
version: '
|
100
|
+
version: '2.0'
|
101
|
+
- - ">="
|
102
|
+
- !ruby/object:Gem::Version
|
103
|
+
version: 2.0.4
|
97
104
|
description: OmniAuth strategy for Chef
|
98
|
-
email: a@getchef.com
|
105
|
+
email: james@getchef.com a@getchef.com
|
99
106
|
executables: []
|
100
107
|
extensions: []
|
101
108
|
extra_rdoc_files: []
|
@@ -116,9 +123,7 @@ metadata: {}
|
|
116
123
|
post_install_message:
|
117
124
|
rdoc_options: []
|
118
125
|
require_paths:
|
119
|
-
- lib
|
120
|
-
- lib/omniauth-chef/version.rb
|
121
|
-
- lib/omniauth-chef.rb
|
126
|
+
- lib
|
122
127
|
required_ruby_version: !ruby/object:Gem::Requirement
|
123
128
|
requirements:
|
124
129
|
- - ">="
|
@@ -130,11 +135,10 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
130
135
|
- !ruby/object:Gem::Version
|
131
136
|
version: '0'
|
132
137
|
requirements: []
|
133
|
-
|
134
|
-
rubygems_version: 2.2.0
|
138
|
+
rubygems_version: 3.1.4
|
135
139
|
signing_key:
|
136
140
|
specification_version: 4
|
137
141
|
summary: OmniAuth strategy for Chef
|
138
142
|
test_files:
|
139
|
-
- spec/omniauth/strategies/chef_spec.rb
|
140
143
|
- spec/spec_helper.rb
|
144
|
+
- spec/omniauth/strategies/chef_spec.rb
|