omniauth-dice 0.1.2 → 0.1.3

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 9f393f95195efb18da624ef331288b3f4876c997
4
- data.tar.gz: 0b45003f60b7d5b42132bfaafeb692ccf7f36a5b
3
+ metadata.gz: bcc625a7b838b312fb211a4aa76ffa8bd9c4ccc3
4
+ data.tar.gz: 17b2c9a77c4d26fe27e489ac6eaeb48fbd918d63
5
5
  SHA512:
6
- metadata.gz: 332406fca56a0c52f8885a5741c3957d12c53820ffcaab8aaace6528f143f2884befe841c27c05e48ee9b456d87f72ef1f5515493857404942209392e531d557
7
- data.tar.gz: 99604306f8bec41d99577182d0ebedfa93625b5d0ce27d602b4baeb46f654f498861b945b1711fe7ce74aadb30afdc4521c5f797c94471cd1dc6e7e06b47c362
6
+ metadata.gz: a8ab0e5c280d041f0b3499542bc1144151b4c8bc0ecf6833eee10cd05aeb82b94fd1a29d59430ae7842cd84d7ba4a813e729678ffa2b38572faae4cfe3dbb21f
7
+ data.tar.gz: 3301e4f10c98985c9fec9f84c426f90d963e55444fc8d42b9b5253bca5bd2d02a8b1570e89663aa2480feb3ad388d2f7db176c930c41a19106585f42b04a3484
checksums.yaml.gz.sig CHANGED
Binary file
@@ -1,5 +1,5 @@
1
1
  module Omniauth
2
2
  module Dice
3
- VERSION = '0.1.2'
3
+ VERSION = '0.1.3'
4
4
  end
5
5
  end
@@ -30,17 +30,10 @@ module OmniAuth
30
30
  # @option name_format [Symbol] Format for auth_hash['info']['name']
31
31
  # Defaults to attempting DN common name -> full name -> first & last name
32
32
  # Valid options are: :cn, :full_name, :first_last_name to override
33
- # @option primary_visa_str [String] String to trigger primary visa boolean
33
+ # @option primary_visa [String] String to trigger primary visa boolean
34
34
  class Dice
35
35
  include OmniAuth::Strategy
36
36
  attr_accessor :dn, :raw_dn, :data
37
- args [:cas_server, :authentication_path]
38
-
39
- def initialize(app, *args, &block)
40
- required_params_defined?(args)
41
-
42
- super
43
- end
44
37
 
45
38
  option :dnc_options, {}
46
39
  option :cas_server, nil
@@ -53,31 +46,32 @@ module OmniAuth
53
46
  option :subject_dn_header, 'HTTP_SSL_CLIENT_S_DN'
54
47
  option :issuer_dn_header, 'HTTP_SSL_CLIENT_I_DN'
55
48
  option :name_format
56
- option :primary_visa_str
49
+ option :primary_visa
57
50
 
58
51
  # Reformat DN to expected element order for CAS DN server (via dnc gem).
59
52
  def format_dn(dn_str)
60
53
  get_dn(dn_str).to_s
61
54
  end
62
55
 
63
- protected
64
-
65
- # Change Hashie indifferent access keys back to symbols
66
- def unhashie(hash)
67
- tmp_hash = {}
68
- hash.each do |key, value|
69
- tmp_hash[key.to_sym] = value
70
- end
71
-
72
- tmp_hash
56
+ # Specifies which attributes are required arguments to initialize
57
+ def required_params
58
+ [:cas_server, :authentication_path]
73
59
  end
74
60
 
75
- def setup_phase(*args)
76
- log :debug, 'setup_phase'
77
- super
61
+ # Determine if required arguments are present or fail hard
62
+ # NOTE: CANNOT call "log" method from within init block methods
63
+ def validate_required_params
64
+ log :error, '.validate_required_params'
65
+ required_params.each do |param|
66
+ unless options.send(param)
67
+ error_msg = "omniauth-dice error: #{param} is required"
68
+ fail RequiredCustomParamError, error_msg
69
+ end
70
+ end
78
71
  end
79
72
 
80
73
  def request_phase
74
+ validate_required_params
81
75
  subject_dn = get_dn_by_type('subject')
82
76
  return fail!('You need a valid DN to authenticate.') unless subject_dn
83
77
  user_dn = format_dn(subject_dn)
@@ -103,72 +97,65 @@ module OmniAuth
103
97
  log :error, response.inspect
104
98
  return fail!(:invalid_credentials)
105
99
  end
106
- @data = response.body
107
- create_auth_hash
100
+ @raw_data = response.body
101
+ @data = parse_response_data
102
+ session['omniauth.auth'] ||= auth_hash
108
103
 
109
104
  redirect request.env['omniauth.origin'] || '/'
110
105
  end
111
106
 
112
- private
113
-
114
- # Coordinate building out the auth_hash
115
- def create_auth_hash
116
- log :debug, '.create_auth_hash'
117
- init_auth_hash
118
- set_auth_uid
119
- parse_response_data
120
- create_auth_info
121
- end
122
-
123
- # Initialize the auth_hash expected fields
124
- def init_auth_hash
125
- log :debug, '.init_auth_hash'
126
- session['omniauth.auth'] ||= {
127
- 'provider' => 'Dice',
128
- 'uid' => nil,
129
- 'info' => nil,
130
- 'extra' => {
131
- 'raw_info' => nil
132
- }
107
+ def auth_hash
108
+ log :debug, '.auth_hash'
109
+ {
110
+ 'provider' => name,
111
+ 'uid' => uid,
112
+ 'info' => info,
113
+ 'extra' => extra
133
114
  }
134
115
  end
135
116
 
136
117
  # Set the user's uid field for the auth_hash
137
- def set_auth_uid
138
- log :debug, '.set_auth_uid'
139
- session['omniauth.auth']['uid'] = env['omniauth.params']['user_dn']
118
+ uid do
119
+ log :debug, '.uid'
120
+ env['omniauth.params']['user_dn']
140
121
  end
141
122
 
142
123
  # Detect data format, parse with appropriate library
143
- def parse_response_data
144
- log :debug, '.parse_response_data'
145
- session['omniauth.auth']['extra']['raw_info'] = @data
146
- log :debug, "cas_server response.body:\r\n#{@data}"
147
- unless @data.class == Hash # Webmock hack
148
- case options.format.to_sym
149
- when :json
150
- @data = JSON.parse(@data, symbolize_names: true)
151
- when :xml
152
- @data = MultiXml.parse(@data)['userinfo']
153
- end
154
- log :debug, "Formatted response.body data: #{@data}"
155
- end
156
-
157
- @data
124
+ extra do
125
+ log :debug, '.extra'
126
+ { 'raw_info' => @raw_data }
158
127
  end
159
128
 
160
-
161
129
  # Parse CAS server response and assign values as appropriate
162
- def create_auth_info
163
- log :debug, '.create_auth_info'
130
+ info do
131
+ log :debug, '.info'
164
132
  info = {}
133
+ log :debug, info.inspect
165
134
  info = auth_info_defaults(info)
135
+ log :debug, info.inspect
166
136
  info = auth_info_dynamic(info)
137
+ log :debug, info.inspect
167
138
  info = auth_info_custom(info)
139
+ log :debug, info.inspect
168
140
 
169
- session['omniauth.auth']['info'] = info
141
+ #session['omniauth.auth']['info'] = info
142
+ log :error, info.inspect
143
+ info
170
144
  end
171
145
 
146
+ private
147
+
148
+ # Change Hashie indifferent access keys back to symbols
149
+ def unhashie(hash)
150
+ tmp_hash = {}
151
+ hash.each do |key, value|
152
+ tmp_hash[key.to_sym] = value
153
+ end
154
+
155
+ tmp_hash
156
+ end
157
+
158
+ # Default ['omniauth.auth']['info'] field names
172
159
  def info_defaults
173
160
  [:dn, :email, :firstName, :lastName, :fullName, :citizenshipStatus,
174
161
  :country, :grantBy, :organizations, :uid, :dutyorg, :visas,
@@ -221,8 +208,8 @@ module OmniAuth
221
208
 
222
209
  # Determine if client has the primary visa
223
210
  def has_primary_visa?(info)
224
- return info['primary_visa?'] = nil unless info['visas']
225
- return info['primary_visa?'] = nil unless options.primary_visa
211
+ return info['primary_visa?'] = false unless info['visas']
212
+ return info['primary_visa?'] = false unless options.primary_visa
226
213
  info['primary_visa?'] = info['visas'].include?(options.primary_visa)
227
214
  end
228
215
 
@@ -333,37 +320,21 @@ module OmniAuth
333
320
  URI::encode(build_query)
334
321
  end
335
322
 
336
- # Specifies which attributes are required arguments to initialize
337
- def required_params
338
- [:cas_server, :authentication_path]
339
- end
340
-
341
- # Determine if required arguments are present or fail hard
342
- # NOTE: CANNOT call "log" method from within init block methods
343
- def required_params_defined?(args)
344
- required_hash = {}
345
- required_params.each do |key|
346
- required_hash[key] = false
347
- end
348
- args.each do |arg|
349
- if arg.class == Hash
350
- arg.each do |sub_arg, value|
351
- required_hash[sub_arg] = true if required_hash[sub_arg] == false
352
- end
353
- else
354
- required_hash[arg.to_sym] = true if required_hash[sub_arg] == false
323
+ # Detect data format, parse with appropriate library
324
+ def parse_response_data
325
+ log :debug, '.parse_response_data'
326
+ log :debug, "cas_server response.body:\r\n#{@raw_data}"
327
+ unless @raw_data.class == Hash # Webmock hack
328
+ case options.format.to_sym
329
+ when :json
330
+ formatted_data = JSON.parse(@raw_data, symbolize_names: true)
331
+ when :xml
332
+ formatted_data = MultiXml.parse(@raw_data)['userinfo']
355
333
  end
334
+ log :debug, "Formatted response.body data: #{formatted_data}"
356
335
  end
357
- required_hash.reject!{ |arg, val| arg if val == true }
358
- fail_on_invalid_params(required_hash.keys) unless required_hash.empty?
359
- end
360
336
 
361
- def fail_on_invalid_params(missing_params)
362
- error_msg = ""
363
- missing_params.each do |param|
364
- error_msg += "omniauth-dice error: #{param} is required\r\n"
365
- end
366
- fail RequiredCustomParamError, error_msg
337
+ formatted_data
367
338
  end
368
339
 
369
340
  def set_session_dn(dn_string, type='subject')
@@ -15,7 +15,7 @@ describe OmniAuth::Strategies::Dice, type: :strategy do
15
15
 
16
16
  def full_auth_hash
17
17
  {
18
- "provider"=>"Dice",
18
+ "provider"=>"dice",
19
19
  "uid"=>"cn=ruby certificate rbcert,dc=ruby-lang,dc=org",
20
20
  "extra" => {
21
21
  "raw_info" => valid_user_json
@@ -62,7 +62,6 @@ describe OmniAuth::Strategies::Dice, type: :strategy do
62
62
  self.app = Rack::Builder.app do
63
63
  use Rack::Session::Cookie, :secret => '1337geeks'
64
64
  use RackSessionAccess::Middleware
65
- ap '-'*80
66
65
  ap dice_options
67
66
  use OmniAuth::Strategies::Dice, dice_options
68
67
  run lambda{|env| [404, {'env' => env}, ["HELLO!"]]}
@@ -144,6 +143,7 @@ describe OmniAuth::Strategies::Dice, type: :strategy do
144
143
  get '/auth/dice'
145
144
  follow_redirect!
146
145
  expect(last_response.location).to eq('/')
146
+ ap last_request.env['rack.session']['omniauth.auth'].inspect
147
147
  raw_info = last_request.env['rack.session']['omniauth.auth']['extra']['raw_info']
148
148
  expect(raw_info).to eq(valid_user_json)
149
149
  end
@@ -155,10 +155,6 @@ describe OmniAuth::Strategies::Dice, type: :strategy do
155
155
  expect(last_response.location).to eq('/')
156
156
  raw_info = last_request.env['rack.session']['omniauth.auth']['extra']['raw_info']
157
157
  expect(last_request.env['rack.session']['omniauth.auth']).to be_kind_of(Hash)
158
- ap '>'*40
159
- ap last_request.env['rack.session']['omniauth.auth'].sort
160
- ap '<'*40
161
- ap auth_hash.sort
162
158
  expect(last_request.env['rack.session']['omniauth.auth'].sort).to eq(auth_hash.sort)
163
159
  end
164
160
 
@@ -25,11 +25,11 @@ describe OmniAuth::Strategies::Dice do
25
25
  let(:subject_without_authentication_path) { OmniAuth::Strategies::Dice.new(app, cas_server: 'https://dice.dev') }
26
26
 
27
27
  it 'should require a cas server url' do
28
- expect{ subject }.to raise_error(RequiredCustomParamError)
28
+ expect{ subject.request_phase }.to raise_error(RequiredCustomParamError, "omniauth-dice error: cas_server is required")
29
29
  end
30
30
 
31
31
  it 'should require an authentication path' do
32
- expect{ subject_without_authentication_path }.to raise_error(RequiredCustomParamError)
32
+ expect{ subject_without_authentication_path.request_phase }.to raise_error(RequiredCustomParamError, "omniauth-dice error: authentication_path is required")
33
33
  end
34
34
  end
35
35
 
@@ -158,4 +158,25 @@ describe OmniAuth::Strategies::Dice do
158
158
  end
159
159
  end
160
160
  end
161
+
162
+ context ".primary_visa?" do
163
+ it 'should return false if no visas are defined' do
164
+ dice = OmniAuth::Strategies::Dice.new( app, dice_default_opts.merge({primary_visa: 'EQUESTRIA'}) )
165
+ visa_present = dice.send( :has_primary_visa?, { } )
166
+ expect(visa_present).to eq(false)
167
+ end
168
+
169
+ it "should return false if the visa is not present in ['info']['visas']" do
170
+ dice = OmniAuth::Strategies::Dice.new( app, dice_default_opts.merge({primary_visa: 'EQUESTRIA'}) )
171
+ visa_present = dice.send( :has_primary_visa?, {'visas' => ['CLOUDSDALE','PONYVILLE']} )
172
+ expect(visa_present).to eq(false)
173
+ end
174
+
175
+ it "should return true if the visa is present in ['info']['visas']" do
176
+ dice = OmniAuth::Strategies::Dice.new( app, dice_default_opts.merge({primary_visa: 'EQUESTRIA'}) )
177
+ visa_present = dice.send( :has_primary_visa?, {'visas' => ['CLOUDSDALE','EQUESTRIA'] } )
178
+ expect(visa_present).to eq(true)
179
+ end
180
+ end
181
+
161
182
  end
data.tar.gz.sig CHANGED
Binary file
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: omniauth-dice
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.2
4
+ version: 0.1.3
5
5
  platform: ruby
6
6
  authors:
7
7
  - Steven Haddox
@@ -30,7 +30,7 @@ cert_chain:
30
30
  42qdwEXvvkODZAD6KAIXPdmbMfBgPbcd+B/4eUA0PyKo+4dgL1NuqX4MPWToevIZ
31
31
  O8EKLF2X7NmC6FY1bOsSj/J8r1SOkx0rxgF+geRvY1P+hfNjDfxTsjU=
32
32
  -----END CERTIFICATE-----
33
- date: 2015-01-31 00:00:00.000000000 Z
33
+ date: 2015-02-03 00:00:00.000000000 Z
34
34
  dependencies:
35
35
  - !ruby/object:Gem::Dependency
36
36
  name: awesome_print
metadata.gz.sig CHANGED
Binary file