omniauth-krb5 0.0.1
Sign up to get free protection for your applications and to get access to all the features.
- data/.gitignore +20 -0
- data/Gemfile +11 -0
- data/Guardfile +11 -0
- data/LICENSE +19 -0
- data/README.rdoc +14 -0
- data/Rakefile +10 -0
- data/lib/omniauth-krb5.rb +2 -0
- data/lib/omniauth-krb5/version.rb +5 -0
- data/lib/omniauth/strategies/krb5.rb +66 -0
- data/omniauth-krb5.gemspec +25 -0
- data/spec/omniauth/strategies/krb5_spec.rb +51 -0
- data/spec/spec_helper.rb +16 -0
- metadata +137 -0
data/.gitignore
ADDED
data/Gemfile
ADDED
data/Guardfile
ADDED
data/LICENSE
ADDED
@@ -0,0 +1,19 @@
|
|
1
|
+
Copyright (c) 2011-2012 Dave Naffis <dave@intridea.com> and Intridea
|
2
|
+
|
3
|
+
Permission is hereby granted, free of charge, to any person obtaining a copy
|
4
|
+
of this software and associated documentation files (the "Software"), to deal
|
5
|
+
in the Software without restriction, including without limitation the rights
|
6
|
+
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
7
|
+
copies of the Software, and to permit persons to whom the Software is
|
8
|
+
furnished to do so, subject to the following conditions:
|
9
|
+
|
10
|
+
The above copyright notice and this permission notice shall be included in
|
11
|
+
all copies or substantial portions of the Software.
|
12
|
+
|
13
|
+
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
14
|
+
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
15
|
+
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
16
|
+
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
17
|
+
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
18
|
+
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
|
19
|
+
THE SOFTWARE.
|
data/README.rdoc
ADDED
@@ -0,0 +1,14 @@
|
|
1
|
+
= OmniAuth::Krb5
|
2
|
+
|
3
|
+
OmniAuth strategy for authenticating with Kerberos.
|
4
|
+
|
5
|
+
Install manually or using Bundler:
|
6
|
+
|
7
|
+
gem 'omniauth-krb5', :git => 'https://github.com/naffis/omniauth-krb5.git'
|
8
|
+
|
9
|
+
Add Kerberos provider to omniauth builder:
|
10
|
+
|
11
|
+
use OmniAuth::Builder do
|
12
|
+
provider :krb5, "CUSTOM.REALM.COM"
|
13
|
+
# provider ...
|
14
|
+
end
|
data/Rakefile
ADDED
@@ -0,0 +1,66 @@
|
|
1
|
+
require 'omniauth'
|
2
|
+
require 'rkerberos'
|
3
|
+
|
4
|
+
module OmniAuth
|
5
|
+
module Strategies
|
6
|
+
class Krb5
|
7
|
+
include OmniAuth::Strategy
|
8
|
+
|
9
|
+
args [:realm]
|
10
|
+
option :title, "Kerberos Authentication"
|
11
|
+
|
12
|
+
def initialize( app, *args, &block )
|
13
|
+
super
|
14
|
+
@krb5 = Kerberos::Krb5.new
|
15
|
+
@krb5.set_default_realm(options.realm)
|
16
|
+
end
|
17
|
+
|
18
|
+
def request_phase
|
19
|
+
OmniAuth::Form.build(:title => options.title, :url => callback_path) do
|
20
|
+
text_field 'Username', 'username'
|
21
|
+
password_field 'Password', 'password'
|
22
|
+
end.to_response
|
23
|
+
end
|
24
|
+
|
25
|
+
def callback_phase
|
26
|
+
begin
|
27
|
+
return fail!(:invalid_credentials) unless username && password
|
28
|
+
@krb5.get_init_creds_password(username_with_realm, password)
|
29
|
+
super
|
30
|
+
rescue Exception => e
|
31
|
+
return fail!(:invalid_credentials, e)
|
32
|
+
ensure
|
33
|
+
@krb5.close
|
34
|
+
end
|
35
|
+
end
|
36
|
+
|
37
|
+
uid do
|
38
|
+
username_with_realm
|
39
|
+
end
|
40
|
+
|
41
|
+
info do
|
42
|
+
{ :name => username }
|
43
|
+
end
|
44
|
+
|
45
|
+
def realm
|
46
|
+
@krb5.get_default_realm
|
47
|
+
end
|
48
|
+
|
49
|
+
protected
|
50
|
+
|
51
|
+
def username_with_realm
|
52
|
+
user_with_realm = username.dup
|
53
|
+
user_with_realm += "@#{realm}" unless username.include?('@')
|
54
|
+
end
|
55
|
+
|
56
|
+
def username
|
57
|
+
request['username']
|
58
|
+
end
|
59
|
+
|
60
|
+
def password
|
61
|
+
request['password']
|
62
|
+
end
|
63
|
+
|
64
|
+
end
|
65
|
+
end
|
66
|
+
end
|
@@ -0,0 +1,25 @@
|
|
1
|
+
# encoding: utf-8
|
2
|
+
require File.expand_path('../lib/omniauth-krb5/version', __FILE__)
|
3
|
+
|
4
|
+
Gem::Specification.new do |gem|
|
5
|
+
gem.add_dependency 'omniauth', '~> 1.0'
|
6
|
+
gem.add_dependency 'rkerberos'
|
7
|
+
|
8
|
+
gem.add_development_dependency 'rspec', '~> 2.7'
|
9
|
+
gem.add_development_dependency 'rack-test'
|
10
|
+
gem.add_development_dependency 'simplecov'
|
11
|
+
gem.add_development_dependency 'webmock'
|
12
|
+
gem.add_development_dependency 'yard'
|
13
|
+
|
14
|
+
gem.authors = ['Dave Naffis']
|
15
|
+
gem.email = ['dave@intridea.com']
|
16
|
+
gem.description = %q{Kerberos strategy for OmniAuth.}
|
17
|
+
gem.summary = gem.description
|
18
|
+
gem.homepage = 'http://github.com/naffis/omniauth-krb5'
|
19
|
+
|
20
|
+
gem.name = 'omniauth-krb5'
|
21
|
+
gem.require_paths = ['lib']
|
22
|
+
gem.files = `git ls-files`.split("\n")
|
23
|
+
gem.test_files = `git ls-files -- {test,spec,features}/*`.split("\n")
|
24
|
+
gem.version = OmniAuth::Krb5::VERSION
|
25
|
+
end
|
@@ -0,0 +1,51 @@
|
|
1
|
+
require File.expand_path('../../../spec_helper', __FILE__)
|
2
|
+
|
3
|
+
describe OmniAuth::Strategies::Krb5 do
|
4
|
+
|
5
|
+
def app
|
6
|
+
Rack::Builder.new {
|
7
|
+
use OmniAuth::Test::PhonySession
|
8
|
+
run lambda { |env| [404, {'Content-Type' => 'text/plain'}, [env.key?('omniauth.auth').to_s]] }
|
9
|
+
}.to_app
|
10
|
+
end
|
11
|
+
|
12
|
+
let(:fresh_strategy) { Class.new OmniAuth::Strategies::Krb5 }
|
13
|
+
subject { fresh_strategy }
|
14
|
+
|
15
|
+
it 'should be initialized with default realm' do
|
16
|
+
instance = subject.new(app)
|
17
|
+
instance.realm.should == Kerberos::Krb5.new.get_default_realm
|
18
|
+
end
|
19
|
+
|
20
|
+
it 'should be initialized with custom realm' do
|
21
|
+
instance = subject.new(app, "EXAMPLE.COM")
|
22
|
+
instance.options.realm.should == "EXAMPLE.COM"
|
23
|
+
instance.realm.should == "EXAMPLE.COM"
|
24
|
+
end
|
25
|
+
|
26
|
+
it 'should set name in info hash' do
|
27
|
+
instance = subject.new(app)
|
28
|
+
instance.stub!(:request).and_return({'username' => 'test1234', 'password' => '1234'})
|
29
|
+
instance.info[:name].should == 'test1234'
|
30
|
+
end
|
31
|
+
|
32
|
+
it 'should add realm to uid' do
|
33
|
+
instance = subject.new(app)
|
34
|
+
instance.stub!(:request).and_return({'username' => 'test1234', 'password' => '1234'})
|
35
|
+
realm = Kerberos::Krb5.new.get_default_realm
|
36
|
+
instance.uid.should == "test1234@#{realm}"
|
37
|
+
end
|
38
|
+
|
39
|
+
describe 'GET /auth/krb5' do
|
40
|
+
before do
|
41
|
+
get '/auth/krb5'
|
42
|
+
end
|
43
|
+
|
44
|
+
end
|
45
|
+
|
46
|
+
describe 'POST /auth/krb5/callback' do
|
47
|
+
|
48
|
+
|
49
|
+
end
|
50
|
+
|
51
|
+
end
|
data/spec/spec_helper.rb
ADDED
@@ -0,0 +1,16 @@
|
|
1
|
+
$:.unshift File.expand_path('..', __FILE__)
|
2
|
+
$:.unshift File.expand_path('../../lib', __FILE__)
|
3
|
+
|
4
|
+
require 'simplecov'
|
5
|
+
SimpleCov.start
|
6
|
+
require 'rspec'
|
7
|
+
require 'rack/test'
|
8
|
+
require 'webmock/rspec'
|
9
|
+
require 'omniauth'
|
10
|
+
require 'omniauth-krb5'
|
11
|
+
|
12
|
+
RSpec.configure do |config|
|
13
|
+
config.include WebMock::API
|
14
|
+
config.include Rack::Test::Methods
|
15
|
+
config.extend OmniAuth::Test::StrategyMacros, :type => :strategy
|
16
|
+
end
|
metadata
ADDED
@@ -0,0 +1,137 @@
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
2
|
+
name: omniauth-krb5
|
3
|
+
version: !ruby/object:Gem::Version
|
4
|
+
version: 0.0.1
|
5
|
+
prerelease:
|
6
|
+
platform: ruby
|
7
|
+
authors:
|
8
|
+
- Dave Naffis
|
9
|
+
autorequire:
|
10
|
+
bindir: bin
|
11
|
+
cert_chain: []
|
12
|
+
date: 2012-03-20 00:00:00.000000000 Z
|
13
|
+
dependencies:
|
14
|
+
- !ruby/object:Gem::Dependency
|
15
|
+
name: omniauth
|
16
|
+
requirement: &70129794953020 !ruby/object:Gem::Requirement
|
17
|
+
none: false
|
18
|
+
requirements:
|
19
|
+
- - ~>
|
20
|
+
- !ruby/object:Gem::Version
|
21
|
+
version: '1.0'
|
22
|
+
type: :runtime
|
23
|
+
prerelease: false
|
24
|
+
version_requirements: *70129794953020
|
25
|
+
- !ruby/object:Gem::Dependency
|
26
|
+
name: rkerberos
|
27
|
+
requirement: &70129794952360 !ruby/object:Gem::Requirement
|
28
|
+
none: false
|
29
|
+
requirements:
|
30
|
+
- - ! '>='
|
31
|
+
- !ruby/object:Gem::Version
|
32
|
+
version: '0'
|
33
|
+
type: :runtime
|
34
|
+
prerelease: false
|
35
|
+
version_requirements: *70129794952360
|
36
|
+
- !ruby/object:Gem::Dependency
|
37
|
+
name: rspec
|
38
|
+
requirement: &70129794951620 !ruby/object:Gem::Requirement
|
39
|
+
none: false
|
40
|
+
requirements:
|
41
|
+
- - ~>
|
42
|
+
- !ruby/object:Gem::Version
|
43
|
+
version: '2.7'
|
44
|
+
type: :development
|
45
|
+
prerelease: false
|
46
|
+
version_requirements: *70129794951620
|
47
|
+
- !ruby/object:Gem::Dependency
|
48
|
+
name: rack-test
|
49
|
+
requirement: &70129794951080 !ruby/object:Gem::Requirement
|
50
|
+
none: false
|
51
|
+
requirements:
|
52
|
+
- - ! '>='
|
53
|
+
- !ruby/object:Gem::Version
|
54
|
+
version: '0'
|
55
|
+
type: :development
|
56
|
+
prerelease: false
|
57
|
+
version_requirements: *70129794951080
|
58
|
+
- !ruby/object:Gem::Dependency
|
59
|
+
name: simplecov
|
60
|
+
requirement: &70129794935340 !ruby/object:Gem::Requirement
|
61
|
+
none: false
|
62
|
+
requirements:
|
63
|
+
- - ! '>='
|
64
|
+
- !ruby/object:Gem::Version
|
65
|
+
version: '0'
|
66
|
+
type: :development
|
67
|
+
prerelease: false
|
68
|
+
version_requirements: *70129794935340
|
69
|
+
- !ruby/object:Gem::Dependency
|
70
|
+
name: webmock
|
71
|
+
requirement: &70129794928180 !ruby/object:Gem::Requirement
|
72
|
+
none: false
|
73
|
+
requirements:
|
74
|
+
- - ! '>='
|
75
|
+
- !ruby/object:Gem::Version
|
76
|
+
version: '0'
|
77
|
+
type: :development
|
78
|
+
prerelease: false
|
79
|
+
version_requirements: *70129794928180
|
80
|
+
- !ruby/object:Gem::Dependency
|
81
|
+
name: yard
|
82
|
+
requirement: &70129794857160 !ruby/object:Gem::Requirement
|
83
|
+
none: false
|
84
|
+
requirements:
|
85
|
+
- - ! '>='
|
86
|
+
- !ruby/object:Gem::Version
|
87
|
+
version: '0'
|
88
|
+
type: :development
|
89
|
+
prerelease: false
|
90
|
+
version_requirements: *70129794857160
|
91
|
+
description: Kerberos strategy for OmniAuth.
|
92
|
+
email:
|
93
|
+
- dave@intridea.com
|
94
|
+
executables: []
|
95
|
+
extensions: []
|
96
|
+
extra_rdoc_files: []
|
97
|
+
files:
|
98
|
+
- .gitignore
|
99
|
+
- Gemfile
|
100
|
+
- Guardfile
|
101
|
+
- LICENSE
|
102
|
+
- README.rdoc
|
103
|
+
- Rakefile
|
104
|
+
- lib/omniauth-krb5.rb
|
105
|
+
- lib/omniauth-krb5/version.rb
|
106
|
+
- lib/omniauth/strategies/krb5.rb
|
107
|
+
- omniauth-krb5.gemspec
|
108
|
+
- spec/omniauth/strategies/krb5_spec.rb
|
109
|
+
- spec/spec_helper.rb
|
110
|
+
homepage: http://github.com/naffis/omniauth-krb5
|
111
|
+
licenses: []
|
112
|
+
post_install_message:
|
113
|
+
rdoc_options: []
|
114
|
+
require_paths:
|
115
|
+
- lib
|
116
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
117
|
+
none: false
|
118
|
+
requirements:
|
119
|
+
- - ! '>='
|
120
|
+
- !ruby/object:Gem::Version
|
121
|
+
version: '0'
|
122
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
123
|
+
none: false
|
124
|
+
requirements:
|
125
|
+
- - ! '>='
|
126
|
+
- !ruby/object:Gem::Version
|
127
|
+
version: '0'
|
128
|
+
requirements: []
|
129
|
+
rubyforge_project:
|
130
|
+
rubygems_version: 1.8.15
|
131
|
+
signing_key:
|
132
|
+
specification_version: 3
|
133
|
+
summary: Kerberos strategy for OmniAuth.
|
134
|
+
test_files:
|
135
|
+
- spec/omniauth/strategies/krb5_spec.rb
|
136
|
+
- spec/spec_helper.rb
|
137
|
+
has_rdoc:
|