omniauth-identity 1.0.0.beta1

data/.gitignore

@@ -0,0 +1,4 @@
+/coverage
+/pkg
+/doc
+

data/.rspec

@@ -0,0 +1,2 @@
+--format=nested
+--colour

data/Gemfile

@@ -0,0 +1,11 @@
+source "http://rubygems.org"
+
+gemspec
+
+group :development, :test do
+  gem 'guard'
+  gem 'guard-rspec'
+  gem 'guard-bundler'
+  gem 'growl'
+  gem 'rb-fsevent'
+end

data/Gemfile.lock

@@ -0,0 +1,77 @@
+PATH
+  remote: .
+  specs:
+    omniauth-identity (1.0.0.beta1)
+      omniauth (= 1.0.0.beta1)
+
+GEM
+  remote: http://rubygems.org/
+  specs:
+    activemodel (3.0.10)
+      activesupport (= 3.0.10)
+      builder (~> 2.1.2)
+      i18n (~> 0.5.0)
+    activerecord (3.0.10)
+      activemodel (= 3.0.10)
+      activesupport (= 3.0.10)
+      arel (~> 2.0.10)
+      tzinfo (~> 0.3.23)
+    activesupport (3.0.10)
+    arel (2.0.10)
+    bcrypt-ruby (2.1.4)
+    builder (2.1.2)
+    diff-lcs (1.1.3)
+    growl (1.0.3)
+    guard (0.8.4)
+      thor (~> 0.14.6)
+    guard-bundler (0.1.3)
+      bundler (>= 1.0.0)
+      guard (>= 0.2.2)
+    guard-rspec (0.4.5)
+      guard (>= 0.4.0)
+    hashie (1.2.0)
+    i18n (0.5.0)
+    maruku (0.6.0)
+      syntax (>= 1.0.0)
+    multi_json (1.0.3)
+    omniauth (1.0.0.beta1)
+      hashie (~> 1.2)
+      rack
+    rack (1.3.5)
+    rack-test (0.6.1)
+      rack (>= 1.0)
+    rake (0.9.2)
+    rb-fsevent (0.4.3.1)
+    rspec (2.6.0)
+      rspec-core (~> 2.6.0)
+      rspec-expectations (~> 2.6.0)
+      rspec-mocks (~> 2.6.0)
+    rspec-core (2.6.4)
+    rspec-expectations (2.6.0)
+      diff-lcs (~> 1.1.2)
+    rspec-mocks (2.6.0)
+    simplecov (0.5.3)
+      multi_json (~> 1.0.3)
+      simplecov-html (~> 0.5.3)
+    simplecov-html (0.5.3)
+    syntax (1.0.0)
+    thor (0.14.6)
+    tzinfo (0.3.30)
+
+PLATFORMS
+  ruby
+
+DEPENDENCIES
+  activerecord (~> 3.0)
+  bcrypt-ruby (~> 2.1.4)
+  growl
+  guard
+  guard-bundler
+  guard-rspec
+  maruku (~> 0.6)
+  omniauth-identity!
+  rack-test (~> 0.5)
+  rake (~> 0.8)
+  rb-fsevent
+  rspec (~> 2.5)
+  simplecov (~> 0.4)

data/Guardfile

@@ -0,0 +1,10 @@
+guard 'rspec', :version => 2 do
+  watch(%r{^spec/.+_spec\.rb$})
+  watch(%r{^lib/(.+)\.rb$})     { |m| "spec/#{m[1]}_spec.rb" }
+  watch('spec/spec_helper.rb')  { "spec" }
+end
+
+guard 'bundler' do
+  watch('Gemfile')
+  watch(/^.+\.gemspec/)
+end

data/README.markdown

@@ -0,0 +1,90 @@
+# OmniAuth Identity
+
+The OmniAuth Identity gem provides a way for applications to utilize a
+traditional login/password based authentication system without the need
+to give up the simple authentication flow provided by OmniAuth. Identity
+is designed on purpose to be as featureless as possible: it provides the
+basic construct for user management and then gets out of the way.
+
+## Usage
+
+You use `oa-identity` just like you would any other OmniAuth provider: as a
+Rack middleware. The basic setup for a email/password authentication would
+look something like this:
+
+    use OmniAuth::Builder do
+      provider :identity, :fields => [:email]
+    end
+
+Next, you need to create a model (called `Identity by default`) that will be
+able to persist the information provided by the user. Luckily for you, there
+are pre-built models for popular ORMs that make this dead simple. You just
+need to subclass the relevant class:
+
+    class Identity < OmniAuth::Identity::Models::ActiveRecord
+      # Add whatever you like!
+    end
+
+Adapters are provided for `ActiveRecord` and `MongoMapper` and are
+autoloaded on request (but not loaded by default so no dependencies are
+injected).
+
+Once you've got an Identity persistence model and the strategy up and
+running, you can point users to `/auth/identity` and it will request
+that they log in or give them the opportunity to sign up for an account.
+Once they have authenticated with their identity, OmniAuth will call
+through to `/auth/identity/callback` with the same kinds of information
+it would had the user authenticated through an external provider.
+Simple!
+
+## Custom Auth Model
+
+To use a class other than the default, specify the <tt>:model</tt> option to a
+different class.
+
+    use OmniAuth::Builder do
+      provider :identity, :fields => [:email], :model => MyCustomClass
+    end
+
+## Customizing Registration Failure
+
+To use your own custom registration form, create a form that POSTs to
+'/auth/identity/register' with 'password', 'password_confirmation', and your
+other fields.
+
+    <%= form_tag '/auth/identity/register' do |f| %>
+      <h1>Create an Account</h1>
+      <%= text_field_tag :email %>
+      <%= password_field_tag, :password %>
+      <%= password_field_tag, :password_confirmation %>
+      <%= submit_tag %>
+    <% end %>
+
+Beware not to nest your form parameters within a namespace. This strategy
+looks for the form parameters at the top level of the post params. If you are
+using [simple\_form](https://github.com/plataformatec/simple_form), then you
+can avoid the params nesting by specifying <tt>:input_html</tt>.
+
+    <%= simple_form_for @identity, :url => '/auth/identity/register' do |f| %>
+      <h1>Create an Account</h1>
+      <%# specify :input_html to avoid params nesting %>
+      <%= f.input :email, :input_html => {:name => 'email'} %>
+      <%= f.input :password, :as => 'password', :input_html => {:name => 'password'} %>
+      <%= f.input :password_confirmation, :label => "Confirm Password", :as => 'password', :input_html => {:name => 'password_confirmation'} %>
+      <button type='submit'>Sign Up</button>
+    <% end %>
+
+Next you'll need to let OmniAuth know what action to call when a registration
+fails. In your OmniAuth configuration, specify any valid rack endpoint in the
+<tt>:on_failed_registration</tt> option.
+
+    use OmniAuth::Builder do
+      provider :identity,
+        :fields => [:email],
+        :on_failed_registration => UsersController.action(:new)
+    end
+
+For more information on rack endpoints, check out [this
+introduction](http://library.edgecase.com/Rails/2011/01/04/rails-routing-and-rack-endpoints.html)
+and
+[ActionController::Metal](http://rubydoc.info/docs/rails/ActionController/Metal)

data/Rakefile

@@ -0,0 +1,9 @@
+require 'bundler'
+Bundler::GemHelper.install_tasks
+
+require 'rspec/core/rake_task'
+desc "Run specs."
+RSpec::Core::RakeTask.new(:spec)
+
+task :default => :spec
+task :test => :spec

data/lib/omniauth/identity/model.rb

@@ -0,0 +1,115 @@
+module OmniAuth
+  module Identity
+    # This module provides an includable interface for implementing the
+    # necessary API for OmniAuth Identity to properly locate identities
+    # and provide all necessary information. All methods marked as
+    # abstract must be implemented in the including class for things to
+    # work properly.
+    module Model
+      def self.included(base)
+        base.extend ClassMethods
+      end
+
+      module ClassMethods
+        # Locate an identity given its unique login key.
+        #
+        # @abstract
+        # @param [String] key The unique login key.
+        # @return [Model] An instance of the identity model class.
+        def locate(key)
+          raise NotImplementedError
+        end
+
+        # Authenticate a user with the given key and password.
+        #
+        # @param [String] key The unique login key provided for a given identity.
+        # @param [String] password The presumed password for the identity. 
+        # @return [Model] An instance of the identity model class.
+        def authenticate(key, password)
+          instance = locate(key)
+          return false unless instance
+          instance.authenticate(password)
+        end
+        
+        # Used to set or retrieve the method that will be used to get
+        # and set the user-supplied authentication key.
+        # @return [String] The method name.
+        def auth_key(method = false)
+          @auth_key = method.to_s unless method == false
+          @auth_key = nil if @auth_key == ''
+
+          @auth_key || 'email'
+        end
+      end
+
+      # Returns self if the provided password is correct, false
+      # otherwise.
+      #
+      # @abstract
+      # @param [String] password The password to check.
+      # @return [self or false] Self if authenticated, false if not.
+      def authenticate(password)
+        raise NotImplementedError
+      end
+
+      SCHEMA_ATTRIBUTES = %w(name email nickname first_name last_name location description image phone)
+      # A hash of as much of the standard OmniAuth schema as is stored
+      # in this particular model. By default, this will call instance
+      # methods for each of the attributes it needs in turn, ignoring
+      # any for which `#respond_to?` is `false`.
+      #
+      # If `first_name`, `nickname`, and/or `last_name` is provided but 
+      # `name` is not, it will be automatically calculated.
+      #
+      # @return [Hash] A string-keyed hash of user information.
+      def info
+        info = SCHEMA_ATTRIBUTES.inject({}) do |hash,attribute|
+          hash[attribute] = send(attribute) if respond_to?(attribute)
+          hash
+        end
+        info
+      end
+
+      # An identifying string that must be globally unique to the
+      # application. Defaults to stringifying the `id` method.
+      #
+      # @return [String] An identifier string unique to this identity.
+      def uid
+        if respond_to?('id')
+          return nil if self.id.nil?
+          self.id.to_s
+        else
+          raise NotImplementedError 
+        end
+      end
+
+      # Used to retrieve the user-supplied authentication key (e.g. a
+      # username or email). Determined using the class method of the same name,
+      # defaults to `:email`. 
+      #
+      # @return [String] An identifying string that will be entered by
+      #   users upon sign in.
+      def auth_key
+        if respond_to?(self.class.auth_key)
+          send(self.class.auth_key)
+        else
+          raise NotImplementedError
+        end
+      end
+
+      # Used to set the user-supplied authentication key (e.g. a
+      # username or email. Determined using the `.auth_key` class
+      # method.
+      #
+      # @param [String] value The value to which the auth key should be
+      #   set.
+      def auth_key=(value)
+        if respond_to?(self.class.auth_key + '=')
+          send(self.class.auth_key + '=', value)
+        else
+          raise NotImplementedError
+        end
+      end
+    end
+  end
+end

data/lib/omniauth/identity/models/active_record.rb

@@ -0,0 +1,24 @@
+require 'active_record'
+
+module OmniAuth
+  module Identity
+    module Models
+      class ActiveRecord < ::ActiveRecord::Base
+        include OmniAuth::Identity::Model
+        include OmniAuth::Identity::SecurePassword
+
+        self.abstract_class = true
+        has_secure_password
+       
+        def self.auth_key=(key)
+          super
+          validates_uniqueness_of key, :case_sensitive => false
+        end
+
+        def self.locate(key)
+          where(auth_key => key).first
+        end
+      end
+    end
+  end
+end

data/lib/omniauth/identity/secure_password.rb

@@ -0,0 +1,78 @@
+require 'bcrypt'
+
+module OmniAuth
+  module Identity
+    # This is taken directly from Rails 3.1 code and is used if
+    # the version of ActiveModel that's being used does not
+    # include SecurePassword. The only difference is that instead of
+    # using ActiveSupport::Concern, it checks to see if there is already
+    # a has_secure_password method.
+    module SecurePassword
+      def self.included(base)
+        unless base.respond_to?(:has_secure_password)
+          base.extend ClassMethods
+        end
+      end
+
+      module ClassMethods
+        # Adds methods to set and authenticate against a BCrypt password.
+        # This mechanism requires you to have a password_digest attribute.
+        #
+        # Validations for presence of password, confirmation of password (using
+        # a "password_confirmation" attribute) are automatically added.
+        # You can add more validations by hand if need be.
+        #
+        # Example using Active Record (which automatically includes ActiveModel::SecurePassword):
+        #
+        #   # Schema: User(name:string, password_digest:string)
+        #   class User < ActiveRecord::Base
+        #     has_secure_password
+        #   end
+        #
+        #   user = User.new(:name => "david", :password => "", :password_confirmation => "nomatch")
+        #   user.save                                                      # => false, password required
+        #   user.password = "mUc3m00RsqyRe"
+        #   user.save                                                      # => false, confirmation doesn't match
+        #   user.password_confirmation = "mUc3m00RsqyRe"
+        #   user.save                                                      # => true
+        #   user.authenticate("notright")                                  # => false
+        #   user.authenticate("mUc3m00RsqyRe")                             # => user
+        #   User.find_by_name("david").try(:authenticate, "notright")      # => nil
+        #   User.find_by_name("david").try(:authenticate, "mUc3m00RsqyRe") # => user
+        def has_secure_password
+          attr_reader   :password
+
+          validates_confirmation_of :password
+          validates_presence_of     :password_digest
+
+          include InstanceMethodsOnActivation
+
+          if respond_to?(:attributes_protected_by_default)
+            def self.attributes_protected_by_default
+              super + ['password_digest']
+            end
+          end
+        end
+      end
+
+      module InstanceMethodsOnActivation
+        # Returns self if the password is correct, otherwise false.
+        def authenticate(unencrypted_password)
+          if BCrypt::Password.new(password_digest) == unencrypted_password
+            self
+          else
+            false
+          end
+        end
+
+        # Encrypts the password into the password_digest attribute.
+        def password=(unencrypted_password)
+          @password = unencrypted_password
+          unless unencrypted_password.blank?
+            self.password_digest = BCrypt::Password.create(unencrypted_password)
+          end
+        end
+      end
+    end
+  end
+end

data/lib/omniauth/identity.rb

@@ -0,0 +1,17 @@
+require 'omniauth'
+
+module OmniAuth
+  module Strategies
+    autoload :Identity, 'omniauth/strategies/identity'
+  end
+
+  module Identity
+    autoload :Model,            'omniauth/identity/model'
+    autoload :SecurePassword,   'omniauth/identity/secure_password'
+    module Models
+      autoload :ActiveRecord,   'omniauth/identity/models/active_record'
+      # autoload :MongoMapper,  'omniauth/identity/models/mongo_mapper'
+      # autoload :Mongoid,      'omniauth/identity/models/mongoid'
+    end
+  end
+end

data/lib/omniauth/strategies/identity.rb

@@ -0,0 +1,86 @@
+module OmniAuth
+  module Strategies
+    # The identity strategy allows you to provide simple internal 
+    # user authentication using the same process flow that you
+    # use for external OmniAuth providers.
+    class Identity
+      include OmniAuth::Strategy
+
+      option :fields, [:name, :email]
+      option :on_failed_registration, nil
+
+      def request_phase
+        OmniAuth::Form.build(
+          :title => (options[:title] || "Identity Verification"),
+          :url => callback_path
+        ) do |f|
+          f.text_field 'Login', 'auth_key'
+          f.password_field 'Password', 'password'
+          f.html "<p align='center'><a href='#{registration_path}'>Create an Identity</a></p>"
+        end.to_response 
+      end
+
+      def callback_phase
+        return fail!(:invalid_credentials) unless identity
+        super
+      end
+
+      def other_phase
+        if on_registration_path?
+          if request.get?
+            registration_form
+          elsif request.post?
+            registration_phase
+          end
+        else
+          call_app!
+        end
+      end
+
+      def registration_form
+        OmniAuth::Form.build(:title => 'Register Identity') do |f|
+          options[:fields].each do |field|
+            f.text_field field.to_s.capitalize, field.to_s
+          end
+          f.password_field 'Password', 'password'
+          f.password_field 'Confirm Password', 'password_confirmation'
+        end.to_response
+      end
+
+      def registration_phase
+        attributes = (options[:fields] + [:password, :password_confirmation]).inject({}){|h,k| h[k] = request[k.to_s]; h}
+        @identity = model.create(attributes)
+        if @identity.persisted?
+          env['PATH_INFO'] = callback_path
+          callback_phase
+        else
+          if options[:on_failed_registration]
+            self.env['omniauth.identity'] = @identity
+            options[:on_failed_registration].call(self.env)
+          else
+            registration_form
+          end
+        end
+      end
+
+      uid{ identity.uid }
+      info{ identity.info }
+
+      def registration_path
+        options[:registration_path] || "#{path_prefix}/#{name}/register"
+      end
+
+      def on_registration_path?
+        on_path?(registration_path)
+      end
+
+      def identity
+        @identity ||= model.authenticate(request['auth_key'], request['password'])
+      end
+
+      def model
+        options[:model] || ::Identity
+      end
+    end
+  end
+end

data/lib/omniauth-identity/version.rb

@@ -0,0 +1,5 @@
+module OmniAuth
+  module Identity
+    VERSION = '1.0.0.beta1'
+  end
+end

data/lib/omniauth-identity.rb

@@ -0,0 +1,2 @@
+require 'omniauth-identity/version'
+require 'omniauth/identity'

data/omniauth-identity.gemspec

@@ -0,0 +1,27 @@
+# -*- encoding: utf-8 -*-
+require File.dirname(__FILE__) + '/lib/omniauth-identity/version'
+
+Gem::Specification.new do |gem|
+  gem.add_runtime_dependency 'omniauth', '1.0.0.beta1'
+
+  gem.add_development_dependency 'maruku', '~> 0.6'
+  gem.add_development_dependency 'simplecov', '~> 0.4'
+  gem.add_development_dependency 'rack-test', '~> 0.5'
+  gem.add_development_dependency 'rake', '~> 0.8'
+  gem.add_development_dependency 'rspec', '~> 2.5'
+  gem.add_development_dependency 'bcrypt-ruby', '~> 2.1.4'
+  gem.add_development_dependency 'activerecord', '~> 3.0'
+
+  gem.name = 'omniauth-identity'
+  gem.version = OmniAuth::Identity::VERSION
+  gem.description = %q{Internal authentication handlers for OmniAuth.}
+  gem.summary = gem.description
+  gem.email = ['michael@intridea.com']
+  gem.homepage = 'http://github.com/intridea/omniauth-identity'
+  gem.authors = ['Michael Bleigh']
+  gem.executables = `git ls-files -- bin/*`.split("\n").map{|f| File.basename(f)}
+  gem.files = `git ls-files`.split("\n")
+  gem.test_files = `git ls-files -- {test,spec,features}/*`.split("\n")
+  gem.require_paths = ['lib']
+  gem.required_rubygems_version = Gem::Requirement.new('>= 1.3.6') if gem.respond_to? :required_rubygems_version=
+end

data/spec/omniauth/identity/model_spec.rb

@@ -0,0 +1,117 @@
+require 'spec_helper'
+
+class ExampleModel
+  include OmniAuth::Identity::Model
+end
+
+describe OmniAuth::Identity::Model do
+  context 'Class Methods' do
+    subject{ ExampleModel }
+
+    describe '.locate' do
+      it('should be abstract'){ lambda{ subject.locate('abc') }.should raise_error(NotImplementedError) }
+    end
+
+    describe '.authenticate' do
+      it 'should call locate and then authenticate' do
+        mocked_instance = mock('ExampleModel', :authenticate => 'abbadoo')
+        subject.should_receive(:locate).with('example').and_return(mocked_instance)
+        subject.authenticate('example','pass').should == 'abbadoo'
+      end
+
+      it 'should recover gracefully if locate is nil' do
+        subject.stub!(:locate).and_return(nil)
+        subject.authenticate('blah','foo').should be_false
+      end
+    end
+  end
+
+  context 'Instance Methods' do
+    subject{ ExampleModel.new }
+
+    describe '#authenticate' do
+      it('should be abstract'){ lambda{ subject.authenticate('abc') }.should raise_error(NotImplementedError) }
+    end
+
+    describe '#uid' do
+      it 'should default to #id' do
+        subject.should_receive(:respond_to?).with('id').and_return(true)
+        subject.stub!(:id).and_return 'wakka-do'
+        subject.uid.should == 'wakka-do'
+      end
+
+      it 'should stringify it' do
+        subject.stub!(:id).and_return 123
+        subject.uid.should == '123'
+      end
+
+      it 'should raise NotImplementedError if #id is not defined' do
+        subject.should_receive(:respond_to?).with('id').and_return(false)
+        lambda{ subject.uid }.should raise_error(NotImplementedError)
+      end
+    end
+
+    describe '#auth_key' do
+      it 'should default to #email' do
+        subject.should_receive(:respond_to?).with('email').and_return(true)
+        subject.stub!(:email).and_return('bob@bob.com')
+        subject.auth_key.should == 'bob@bob.com'
+      end
+
+      it 'should use the class .auth_key' do
+        subject.class.auth_key 'login'
+        subject.stub!(:login).and_return 'bob'
+        subject.auth_key.should == 'bob'
+        subject.class.auth_key nil
+      end
+
+      it 'should raise a NotImplementedError if the auth_key method is not defined' do
+        lambda{ subject.auth_key }.should raise_error(NotImplementedError)
+      end
+    end
+
+    describe '#auth_key=' do
+      it 'should default to setting email' do
+        subject.should_receive(:respond_to?).with('email=').and_return(true)
+        subject.should_receive(:email=).with 'abc'
+        
+        subject.auth_key = 'abc'
+      end
+
+      it 'should use a custom .auth_key if one is provided' do
+        subject.class.auth_key 'login'
+        subject.should_receive(:respond_to?).with('login=').and_return(true)
+        subject.should_receive('login=').with('abc')
+
+        subject.auth_key = 'abc'
+      end
+
+      it 'should raise a NotImplementedError if the autH_key method is not defined' do
+        lambda{ subject.auth_key = 'broken' }.should raise_error(NotImplementedError)
+      end
+    end
+
+    describe '#info' do
+      it 'should include attributes that are set' do
+        subject.stub!(:name).and_return('Bob Bobson')
+        subject.stub!(:nickname).and_return('bob')
+
+        subject.info.should == {
+          'name' => 'Bob Bobson',
+          'nickname' => 'bob'
+        }
+      end
+
+      it 'should automatically set name off of nickname' do
+        subject.stub!(:nickname).and_return('bob')
+        subject.info['name'] == 'bob'
+      end
+
+      it 'should not overwrite a provided name' do
+        subject.stub!(:name).and_return('Awesome Dude')
+        subject.stub!(:first_name).and_return('Frank')
+        subject.info['name'].should == 'Awesome Dude'
+      end
+    end
+  end
+end

data/spec/omniauth/identity/models/active_record_spec.rb

@@ -0,0 +1,16 @@
+require 'spec_helper'
+
+describe(OmniAuth::Identity::Models::ActiveRecord, :db => true) do
+  class TestIdentity < OmniAuth::Identity::Models::ActiveRecord
+    auth_key :ham_sandwich
+  end
+
+  it 'should locate using the auth key using a where query' do
+    TestIdentity.should_receive(:where).with('ham_sandwich' => 'open faced').and_return(['wakka'])
+    TestIdentity.locate('open faced').should == 'wakka'
+  end
+  
+  it 'should not use STI rules for its table name' do
+    TestIdentity.table_name.should == 'test_identities'
+  end
+end

data/spec/omniauth/identity/secure_password_spec.rb

@@ -0,0 +1,27 @@
+require 'spec_helper'
+
+class HasTheMethod
+  def self.has_secure_password; end
+end
+
+class DoesNotHaveTheMethod
+end
+
+describe OmniAuth::Identity::SecurePassword do
+  it 'should extend with the class methods if it does not have the method' do
+    DoesNotHaveTheMethod.should_receive(:extend).with(OmniAuth::Identity::SecurePassword::ClassMethods)
+    DoesNotHaveTheMethod.send(:include, OmniAuth::Identity::SecurePassword)
+  end
+
+  it 'should not extend if the method is already defined' do
+    HasTheMethod.should_not_receive(:extend)
+    HasTheMethod.send(:include, OmniAuth::Identity::SecurePassword)
+  end
+
+  it 'should respond to has_secure_password afterwards' do
+    [HasTheMethod,DoesNotHaveTheMethod].each do |klass|
+      klass.send(:include, OmniAuth::Identity::SecurePassword)
+      klass.should be_respond_to(:has_secure_password)
+    end
+  end
+end

data/spec/omniauth/strategies/identity_spec.rb

@@ -0,0 +1,130 @@
+require 'spec_helper'
+
+class MockIdentity; end
+
+describe OmniAuth::Strategies::Identity do
+  attr_accessor :app
+
+  let(:auth_hash){ last_response.headers['env']['omniauth.auth'] }
+  let(:identity_hash){ last_response.headers['env']['omniauth.identity'] }
+
+  # customize rack app for testing, if block is given, reverts to default
+  # rack app after testing is done
+  def set_app!(identity_options = {})
+    identity_options = {:model => MockIdentity}.merge(identity_options)
+    old_app = self.app
+    self.app = Rack::Builder.app do
+      use Rack::Session::Cookie
+      use OmniAuth::Strategies::Identity, identity_options
+      run lambda{|env| [404, {'env' => env}, ["HELLO!"]]}
+    end
+    if block_given?
+      yield
+      self.app = old_app
+    end
+    self.app
+  end
+
+  before(:all) do
+    set_app!
+  end
+
+  describe '#request_phase' do
+    it 'should display a form' do
+      get '/auth/identity'
+      last_response.body.should be_include("<form")
+    end
+  end
+
+  describe '#callback_phase' do
+    let(:user){ mock(:uid => 'user1', :info => {'name' => 'Rockefeller'})}
+
+    context 'with valid credentials' do
+      before do
+        MockIdentity.should_receive('authenticate').with('john','awesome').and_return(user)
+        post '/auth/identity/callback', :auth_key => 'john', :password => 'awesome'
+      end
+
+      it 'should populate the auth hash' do
+        auth_hash.should be_kind_of(Hash)
+      end
+
+      it 'should populate the uid' do
+        auth_hash['uid'].should == 'user1'
+      end
+
+      it 'should populate the info hash' do
+        auth_hash['info'].should == {'name' => 'Rockefeller'}
+      end
+    end
+
+    context 'with invalid credentials' do
+      before do
+        OmniAuth.config.on_failure = lambda{|env| [401, {}, [env['omniauth.error.type'].inspect]]}
+        MockIdentity.should_receive(:authenticate).with('wrong','login').and_return(false)
+        post '/auth/identity/callback', :auth_key => 'wrong', :password => 'login'
+      end
+
+      it 'should fail with :invalid_credentials' do
+        last_response.body.should == ':invalid_credentials'
+      end
+    end
+  end
+
+  describe '#registration_form' do
+    it 'should trigger from /auth/identity/register by default' do
+      get '/auth/identity/register'
+      last_response.body.should be_include("Register Identity")
+    end
+  end
+
+  describe '#registration_phase' do
+    context 'with successful creation' do
+      let(:properties){ {
+        :name => 'Awesome Dude', 
+        :email => 'awesome@example.com',
+        :password => 'face',
+        :password_confirmation => 'face'
+      } }
+
+      before do
+        m = mock(:uid => 'abc', :name => 'Awesome Dude', :email => 'awesome@example.com', :info => {:name => 'DUUUUDE!'}, :persisted? => true)
+        MockIdentity.should_receive(:create).with(properties).and_return(m)
+      end
+
+      it 'should set the auth hash' do
+        post '/auth/identity/register', properties
+        auth_hash['uid'].should == 'abc'
+      end
+    end
+
+    context 'with invalid identity' do
+      let(:properties) { {
+        :name => 'Awesome Dude', 
+        :email => 'awesome@example.com',
+        :password => 'NOT',
+        :password_confirmation => 'MATCHING'
+      } }
+
+      before do
+        MockIdentity.should_receive(:create).with(properties).and_return(mock(:persisted? => false))
+      end
+
+      context 'default' do
+        it 'should show registration form' do
+          post '/auth/identity/register', properties
+          last_response.body.should be_include("Register Identity")
+        end
+      end
+
+      context 'custom on_failed_registration endpoint' do
+        it 'should set the identity hash' do
+          set_app!(:on_failed_registration => lambda{|env| [404, {'env' => env}, ["HELLO!"]]}) do
+            post '/auth/identity/register', properties
+            identity_hash.should_not be_nil
+          end
+        end
+      end
+    end
+  end
+end

data/spec/spec_helper.rb

@@ -0,0 +1,14 @@
+require 'rubygems'
+require 'bundler'
+Bundler.setup :default, :development, :test
+
+require 'simplecov'
+SimpleCov.start
+
+require 'rack/test'
+require 'omniauth/identity'
+
+RSpec.configure do |config|
+  config.include Rack::Test::Methods
+end
+

metadata

@@ -0,0 +1,158 @@
+--- !ruby/object:Gem::Specification
+name: omniauth-identity
+version: !ruby/object:Gem::Version
+  version: 1.0.0.beta1
+  prerelease: 6
+platform: ruby
+authors:
+- Michael Bleigh
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2011-10-19 00:00:00.000000000Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: omniauth
+  requirement: &70239729775760 !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - =
+      - !ruby/object:Gem::Version
+        version: 1.0.0.beta1
+  type: :runtime
+  prerelease: false
+  version_requirements: *70239729775760
+- !ruby/object:Gem::Dependency
+  name: maruku
+  requirement: &70239729775260 !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '0.6'
+  type: :development
+  prerelease: false
+  version_requirements: *70239729775260
+- !ruby/object:Gem::Dependency
+  name: simplecov
+  requirement: &70239729774800 !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '0.4'
+  type: :development
+  prerelease: false
+  version_requirements: *70239729774800
+- !ruby/object:Gem::Dependency
+  name: rack-test
+  requirement: &70239729774340 !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '0.5'
+  type: :development
+  prerelease: false
+  version_requirements: *70239729774340
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: &70239729790260 !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '0.8'
+  type: :development
+  prerelease: false
+  version_requirements: *70239729790260
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: &70239729789800 !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '2.5'
+  type: :development
+  prerelease: false
+  version_requirements: *70239729789800
+- !ruby/object:Gem::Dependency
+  name: bcrypt-ruby
+  requirement: &70239729789340 !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 2.1.4
+  type: :development
+  prerelease: false
+  version_requirements: *70239729789340
+- !ruby/object:Gem::Dependency
+  name: activerecord
+  requirement: &70239729788880 !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '3.0'
+  type: :development
+  prerelease: false
+  version_requirements: *70239729788880
+description: Internal authentication handlers for OmniAuth.
+email:
+- michael@intridea.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- .gitignore
+- .rspec
+- Gemfile
+- Gemfile.lock
+- Guardfile
+- README.markdown
+- Rakefile
+- lib/omniauth-identity.rb
+- lib/omniauth-identity/version.rb
+- lib/omniauth/identity.rb
+- lib/omniauth/identity/model.rb
+- lib/omniauth/identity/models/active_record.rb
+- lib/omniauth/identity/secure_password.rb
+- lib/omniauth/strategies/identity.rb
+- omniauth-identity.gemspec
+- spec/omniauth/identity/model_spec.rb
+- spec/omniauth/identity/models/active_record_spec.rb
+- spec/omniauth/identity/secure_password_spec.rb
+- spec/omniauth/strategies/identity_spec.rb
+- spec/spec_helper.rb
+homepage: http://github.com/intridea/omniauth-identity
+licenses: []
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: 1.3.6
+requirements: []
+rubyforge_project: 
+rubygems_version: 1.8.10
+signing_key: 
+specification_version: 3
+summary: Internal authentication handlers for OmniAuth.
+test_files:
+- spec/omniauth/identity/model_spec.rb
+- spec/omniauth/identity/models/active_record_spec.rb
+- spec/omniauth/identity/secure_password_spec.rb
+- spec/omniauth/strategies/identity_spec.rb
+- spec/spec_helper.rb