omniauth-dice 0.1.7 → 0.1.8
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- checksums.yaml.gz.sig +0 -0
- data.tar.gz.sig +0 -0
- data/README.md +36 -3
- data/lib/omniauth/dice/version.rb +1 -1
- data/lib/omniauth/strategies/dice.rb +1 -1
- data/spec/omniauth/strategies/dice_spec.rb +14 -0
- metadata +3 -3
- metadata.gz.sig +0 -0
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 154d96bc38ba5c4c2dfe1a7facf22892ce61ae26
|
|
4
|
+
data.tar.gz: 45e25aea48dd2454a1bf0720e8859b360e09c141
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 9b876975f32c4b617ddf876371876ad3265671658b41807d00d3d6295e5ee3907b1eba5c18747929936bef112c55104034c1dd41cb706f457fc70c97c6b21d44
|
|
7
|
+
data.tar.gz: 111cd2f06332c91b1eb18230e6a650c03e358b9063add3754015c028faadd7f7467a1d10eb406acf316ffee440d0a587d193574a71dc642d4bfb6ba89f7622ff
|
checksums.yaml.gz.sig
CHANGED
|
Binary file
|
data.tar.gz.sig
CHANGED
|
Binary file
|
data/README.md
CHANGED
|
@@ -10,8 +10,8 @@ a user's X509 certificate DN string to an Enterprise CAS server via REST.
|
|
|
10
10
|
## Installation
|
|
11
11
|
|
|
12
12
|
Add this line to your application's Gemfile:
|
|
13
|
-
|
|
14
|
-
gem 'omniauth-dice'
|
|
13
|
+
|
|
14
|
+
gem 'omniauth-dice', '~> 0.1'
|
|
15
15
|
|
|
16
16
|
And then execute:
|
|
17
17
|
|
|
@@ -20,7 +20,6 @@ And then execute:
|
|
|
20
20
|
Or install it yourself with:
|
|
21
21
|
|
|
22
22
|
$ gem install omniauth-dice
|
|
23
|
-
```
|
|
24
23
|
|
|
25
24
|
## Usage
|
|
26
25
|
|
|
@@ -80,6 +79,40 @@ Full configuration options are as follows:
|
|
|
80
79
|
Defaults to attempting DN common name -> full name -> first & last name
|
|
81
80
|
Valid options are: :cn, :full_name, :first_last_name to override
|
|
82
81
|
|
|
82
|
+
## auth_hash Results
|
|
83
|
+
|
|
84
|
+
The session's omniauth['auth'] hash will resond with the following structure:
|
|
85
|
+
|
|
86
|
+
```
|
|
87
|
+
{
|
|
88
|
+
"provider"=>"dice",
|
|
89
|
+
"uid"=>"cn=steven haddox,ou=rails,ou=ruby,ou=a,o=developer,c=us",
|
|
90
|
+
"info"=>{
|
|
91
|
+
"dn"=>"cn=steven haddox,ou=rails,ou=ruby,ou=a,o=developer,c=us",
|
|
92
|
+
"email"=>"steven.haddox@example.org",
|
|
93
|
+
"name"=>"steven haddox",
|
|
94
|
+
"primary_visa?"=>false,
|
|
95
|
+
"likely_npe?"=>false
|
|
96
|
+
# ...<other fields dynamically inserted>...
|
|
97
|
+
},
|
|
98
|
+
"extra"=>{
|
|
99
|
+
"raw_info"=>{
|
|
100
|
+
# ...parsed response from CAS server...
|
|
101
|
+
}
|
|
102
|
+
}
|
|
103
|
+
}
|
|
104
|
+
```
|
|
105
|
+
|
|
106
|
+
The `provider`, `uid`, `info`, and `extra` fields follow omniauth best
|
|
107
|
+
practices but there are a few computed fields from omniauth-dice worth being
|
|
108
|
+
aware of:
|
|
109
|
+
|
|
110
|
+
* `likely_npe?`: [Boolean] This field tries to detect if the client
|
|
111
|
+
certificate / DN comes from a non-person entity (e.g., server) or a person.
|
|
112
|
+
* `primary_visa?`: [Boolean] If the CAS server responds with an array of
|
|
113
|
+
`visas`, this attribute will indicate if a specific visa is present.
|
|
114
|
+
* `name`: [String] Returns the client's name as configured or uses defaults.
|
|
115
|
+
|
|
83
116
|
### SSL Client Certificate Notes
|
|
84
117
|
|
|
85
118
|
`Faraday` (the HTTP library used by OmniAuth) can accept certificate paths:
|
|
@@ -217,7 +217,7 @@ module OmniAuth
|
|
|
217
217
|
|
|
218
218
|
# Identify if there's a domain w/ TLD in the common_name
|
|
219
219
|
def auth_cn_with_tld?(common_name)
|
|
220
|
-
!!( common_name =~ /\w{
|
|
220
|
+
!!( common_name =~ /\w{2}\.\w+(\.\w{3,}+)?/ )
|
|
221
221
|
end
|
|
222
222
|
|
|
223
223
|
# Determine if the auth_hash does not have an email address
|
|
@@ -157,6 +157,20 @@ describe OmniAuth::Strategies::Dice do
|
|
|
157
157
|
expect(npe).to eq(false)
|
|
158
158
|
end
|
|
159
159
|
end
|
|
160
|
+
|
|
161
|
+
it "should identify sample DNs as NPE / non-NPE properly" do
|
|
162
|
+
samples = [
|
|
163
|
+
{dn: '/C=US/O=A.D. Velopment/OU=AaA/OU=BBB/OU=C001/CN=JACKELOPE JERRY JR. 2B3C4D', result: false},
|
|
164
|
+
{dn: '/C=US/O=A.D. Velopment/OU=AaA/OU=BBB/OU=C001/CN=AARDVARK A.ALAN-A- 1A2B3C', result: false},
|
|
165
|
+
{dn: '/C=US/O=A.D. Velopment/OU=AaA/OU=BBB/OU=C001/CN=uc-1-100-10-100.vm.openstack.example.org', result: true},
|
|
166
|
+
{dn: '/C=US/O=A.D. Velopment/OU=AaA/OU=BBB/OU=C001/CN=aa.2-200-20-200.vm.openstack.example.org', result: true},
|
|
167
|
+
{dn: '/C=US/O=A.D. Velopment/OU=AaA/OU=BBB/OU=C001/CN=go.vm', result: true}
|
|
168
|
+
]
|
|
169
|
+
samples.each do |dn_pair|
|
|
170
|
+
npe = @dice.send( :identify_npe, @all_info.merge({'common_name' => dn_pair[:dn]}) )
|
|
171
|
+
expect(npe).to eq(dn_pair[:result])
|
|
172
|
+
end
|
|
173
|
+
end
|
|
160
174
|
end
|
|
161
175
|
|
|
162
176
|
context ".primary_visa?" do
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: omniauth-dice
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.1.
|
|
4
|
+
version: 0.1.8
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Steven Haddox
|
|
@@ -30,7 +30,7 @@ cert_chain:
|
|
|
30
30
|
42qdwEXvvkODZAD6KAIXPdmbMfBgPbcd+B/4eUA0PyKo+4dgL1NuqX4MPWToevIZ
|
|
31
31
|
O8EKLF2X7NmC6FY1bOsSj/J8r1SOkx0rxgF+geRvY1P+hfNjDfxTsjU=
|
|
32
32
|
-----END CERTIFICATE-----
|
|
33
|
-
date: 2015-02-
|
|
33
|
+
date: 2015-02-12 00:00:00.000000000 Z
|
|
34
34
|
dependencies:
|
|
35
35
|
- !ruby/object:Gem::Dependency
|
|
36
36
|
name: awesome_print
|
|
@@ -407,7 +407,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
407
407
|
version: '0'
|
|
408
408
|
requirements: []
|
|
409
409
|
rubyforge_project:
|
|
410
|
-
rubygems_version: 2.
|
|
410
|
+
rubygems_version: 2.4.4
|
|
411
411
|
signing_key:
|
|
412
412
|
specification_version: 4
|
|
413
413
|
summary: DN Interoperable Conversion Expert Strategy
|
metadata.gz.sig
CHANGED
|
Binary file
|