omniauth-ldap 1.0.0.beta1

Sign up to get free protection for your applications and to get access to all the features.
data/.gitignore ADDED
@@ -0,0 +1,2 @@
1
+ .project
2
+ coverage
data/.rspec ADDED
@@ -0,0 +1 @@
1
+ --colour
data/Gemfile ADDED
@@ -0,0 +1,11 @@
1
+ source 'http://rubygems.org'
2
+
3
+ gemspec
4
+
5
+ group :development, :test do
6
+ gem 'guard'
7
+ gem 'guard-rspec'
8
+ gem 'guard-bundler'
9
+ gem 'growl'
10
+ gem 'rb-fsevent'
11
+ end
data/Gemfile.lock ADDED
@@ -0,0 +1,79 @@
1
+ PATH
2
+ remote: .
3
+ specs:
4
+ omniauth-ldap (1.0.0.beta1)
5
+ net-ldap (~> 0.2.2)
6
+ omniauth (~> 1.0.0.beta1)
7
+ pyu-ruby-sasl (~> 0.0.3.1)
8
+ rubyntlm (~> 0.1.1)
9
+
10
+ GEM
11
+ remote: http://rubygems.org/
12
+ specs:
13
+ archive-tar-minitar (0.5.2)
14
+ columnize (0.3.4)
15
+ diff-lcs (1.1.3)
16
+ ffi (1.0.9)
17
+ growl (1.0.3)
18
+ guard (0.8.8)
19
+ thor (~> 0.14.6)
20
+ guard-bundler (0.1.3)
21
+ bundler (>= 1.0.0)
22
+ guard (>= 0.2.2)
23
+ guard-rspec (0.5.0)
24
+ guard (>= 0.8.4)
25
+ hashie (1.2.0)
26
+ libnotify (0.5.7)
27
+ ffi (= 1.0.9)
28
+ linecache19 (0.5.12)
29
+ ruby_core_source (>= 0.1.4)
30
+ multi_json (1.0.3)
31
+ net-ldap (0.2.2)
32
+ omniauth (1.0.0.beta1)
33
+ hashie
34
+ rack
35
+ pyu-ruby-sasl (0.0.3.3)
36
+ rack (1.3.5)
37
+ rack-test (0.6.1)
38
+ rack (>= 1.0)
39
+ rb-fsevent (0.4.3.1)
40
+ rspec (2.7.0)
41
+ rspec-core (~> 2.7.0)
42
+ rspec-expectations (~> 2.7.0)
43
+ rspec-mocks (~> 2.7.0)
44
+ rspec-core (2.7.1)
45
+ rspec-expectations (2.7.0)
46
+ diff-lcs (~> 1.1.2)
47
+ rspec-mocks (2.7.0)
48
+ ruby-debug-base19 (0.11.25)
49
+ columnize (>= 0.3.1)
50
+ linecache19 (>= 0.5.11)
51
+ ruby_core_source (>= 0.1.4)
52
+ ruby-debug19 (0.11.6)
53
+ columnize (>= 0.3.1)
54
+ linecache19 (>= 0.5.11)
55
+ ruby-debug-base19 (>= 0.11.19)
56
+ ruby_core_source (0.1.5)
57
+ archive-tar-minitar (>= 0.5.2)
58
+ rubyntlm (0.1.1)
59
+ simplecov (0.5.4)
60
+ multi_json (~> 1.0.3)
61
+ simplecov-html (~> 0.5.3)
62
+ simplecov-html (0.5.3)
63
+ thor (0.14.6)
64
+
65
+ PLATFORMS
66
+ ruby
67
+
68
+ DEPENDENCIES
69
+ growl
70
+ guard
71
+ guard-bundler
72
+ guard-rspec
73
+ libnotify
74
+ omniauth-ldap!
75
+ rack-test
76
+ rb-fsevent
77
+ rspec (~> 2.6)
78
+ ruby-debug19
79
+ simplecov
data/Guardfile ADDED
@@ -0,0 +1,11 @@
1
+ guard 'rspec', :version => 2 do
2
+ watch(%r{^spec/.+_spec\.rb$})
3
+ watch(%r{^lib/(.+)\.rb$}) { |m| "spec/#{m[1]}_spec.rb" }
4
+ watch('spec/spec_helper.rb') { "spec" }
5
+ end
6
+
7
+
8
+ guard 'bundler' do
9
+ watch('Gemfile')
10
+ watch(/^.+\.gemspec/)
11
+ end
data/README.md ADDED
@@ -0,0 +1,68 @@
1
+ # OmniAuth LDAP
2
+
3
+ **Note:** This gem is designed to work with the in-beta OmniAuth 1.0
4
+ library. It will not be officially released on RubyGems.org until
5
+ OmniAuth 1.0 is released.
6
+
7
+ == LDAP
8
+
9
+ Use the LDAP strategy as a middleware in your application:
10
+
11
+ use OmniAuth::Strategies::LDAP,
12
+ :title => "My LDAP",
13
+ :host => '10.101.10.1',
14
+ :port => 389,
15
+ :method => :plain,
16
+ :base => 'dc=intridea, dc=com',
17
+ :uid => 'sAMAccountName',
18
+ :name_proc => Proc.new {|name| name.gsub(/@.*$/,'')}
19
+ :bind_dn => 'default_bind_dn'
20
+ :password => 'password'
21
+
22
+ All of the listed options are required, with the exception of :name_proc, :bind_dn, and :password.
23
+ Allowed values of :method are: :plain, :ssl, :tls.
24
+
25
+ :bind_dn and :password is the default credentials to perform user lookup.
26
+ most LDAP servers require that you supply a complete DN as a binding-credential, along with an authenticator
27
+ such as a password. But for many applications, you often don’t have a full DN to identify the user.
28
+ You usually get a simple identifier like a username or an email address, along with a password.
29
+ Since many LDAP servers don't allow anonymous access, search function will require a bound connection,
30
+ :bind_dn and :password will be required for searching on the username or email to retrieve the DN attribute
31
+ for the user. If the LDAP server allows anonymous access, you don't need to provide these two parameters.
32
+
33
+ :uid is the LDAP attribute name for the user name in the login form.
34
+ typically AD would be 'sAMAccountName' or 'UserPrincipalName', while OpenLDAP is 'uid'.
35
+
36
+ :name_proc allows you to match the user name entered with the format of the :uid attributes.
37
+ For example, value of 'sAMAccountName' in AD contains only the windows user name. If your user prefers using
38
+ email to login, a name_proc as above will trim the email string down to just the windows login name.
39
+ In summary, use :name_proc to fill the gap between the submitted username and LDAP uid attribute value.
40
+
41
+ :try_sasl and :sasl_mechanisms are optional. :try_sasl [true | false], :sasl_mechanisms ['DIGEST-MD5' | 'GSS-SPNEGO']
42
+ Use them to initialize a SASL connection to server. If you are not familiar with these authentication methods,
43
+ please just avoid them.
44
+
45
+ Direct users to '/auth/ldap' to have them authenticated via your company's LDAP server.
46
+
47
+
48
+ ## License
49
+
50
+ Copyright (C) 2011 by Ping Yu and Intridea, Inc.
51
+
52
+ Permission is hereby granted, free of charge, to any person obtaining a copy
53
+ of this software and associated documentation files (the "Software"), to deal
54
+ in the Software without restriction, including without limitation the rights
55
+ to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
56
+ copies of the Software, and to permit persons to whom the Software is
57
+ furnished to do so, subject to the following conditions:
58
+
59
+ The above copyright notice and this permission notice shall be included in
60
+ all copies or substantial portions of the Software.
61
+
62
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
63
+ IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
64
+ FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
65
+ AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
66
+ LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
67
+ OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
68
+ THE SOFTWARE.
data/Rakefile ADDED
@@ -0,0 +1,9 @@
1
+ #!/usr/bin/env rake
2
+ require "bundler/gem_tasks"
3
+ require 'rspec/core/rake_task'
4
+
5
+ desc 'Default: run specs.'
6
+ task :default => :spec
7
+
8
+ desc "Run specs"
9
+ RSpec::Core::RakeTask.new
@@ -0,0 +1,90 @@
1
+ require 'omniauth'
2
+ require 'ruby-debug'
3
+
4
+ module OmniAuth
5
+ module Strategies
6
+ class LDAP
7
+ class MissingCredentialsError < StandardError; end
8
+ include OmniAuth::Strategy
9
+ @@config = {
10
+ 'name' => 'cn',
11
+ 'first_name' => 'givenName',
12
+ 'last_name' => 'sn',
13
+ 'email' => ['mail', "email", 'userPrincipalName'],
14
+ 'phone' => ['telephoneNumber', 'homePhone', 'facsimileTelephoneNumber'],
15
+ 'mobile' => ['mobile', 'mobileTelephoneNumber'],
16
+ 'nickname' => ['uid', 'userid', 'sAMAccountName'],
17
+ 'title' => 'title',
18
+ 'location' => {"%0, %1, %2, %3 %4" => [['address', 'postalAddress', 'homePostalAddress', 'street', 'streetAddress'], ['l'], ['st'],['co'],['postOfficeBox']]},
19
+ 'uid' => 'dn',
20
+ 'url' => ['wwwhomepage'],
21
+ 'image' => 'jpegPhoto',
22
+ 'description' => 'description'
23
+ }
24
+ option :title, "LDAP Authentication" #default title for authentication form
25
+ option :port, 389
26
+ option :method, :plain
27
+ option :uid, 'sAMAccountName'
28
+ option :name_proc, lambda {|n| n}
29
+ def initialize(app, *args, &block)
30
+ super
31
+ @adaptor = OmniAuth::LDAP::Adaptor.new @options
32
+ end
33
+ def request_phase
34
+ f = OmniAuth::Form.new(:title => (options[:title] || "LDAP Authentication"), :url => callback_path)
35
+ f.text_field 'Login', 'username'
36
+ f.password_field 'Password', 'password'
37
+ f.button "Sign In"
38
+ f.to_response
39
+ end
40
+
41
+ def callback_phase
42
+ raise MissingCredentialsError.new("Missing login credentials") if request['username'].nil? || request['password'].nil?
43
+ begin
44
+ creds = {'username' => request['username'], 'password' => request['password']}
45
+ @ldap_user_info = @adaptor.bind_as(:filter => Net::LDAP::Filter.eq(@adaptor.uid, @options.name_proc.call(creds['username'])),:size => 1)
46
+ return fail!(:invalid_credentials) if !@ldap_user_info
47
+
48
+ @user_info = self.class.map_user(@@config, @ldap_user_info)
49
+ super
50
+ rescue Exception => e
51
+ return fail!(:ldap_error, e)
52
+ end
53
+ end
54
+
55
+ uid {
56
+ @user_info["uid"]
57
+ }
58
+ info {
59
+ @user_info
60
+ }
61
+ extra {
62
+ @ldap_user_info
63
+ }
64
+
65
+ def self.map_user(mapper, object)
66
+ user = {}
67
+ mapper.each do |key, value|
68
+ case value
69
+ when String
70
+ user[key] = object[value.downcase.to_sym].to_s if object[value.downcase.to_sym]
71
+ when Array
72
+ value.each {|v| (user[key] = object[v.downcase.to_sym].to_s; break;) if object[v.downcase.to_sym]}
73
+ when Hash
74
+ value.map do |key1, value1|
75
+ pattern = key1.dup
76
+ value1.each_with_index do |v,i|
77
+ part = ''; v.collect(&:downcase).collect(&:to_sym).each {|v1| (part = object[v1].to_s; break;) if object[v1]}
78
+ pattern.gsub!("%#{i}",part||'')
79
+ end
80
+ user[key] = pattern
81
+ end
82
+ end
83
+ end
84
+ user
85
+ end
86
+ end
87
+ end
88
+ end
89
+
90
+ OmniAuth.config.add_camelization 'ldap', 'LDAP'
@@ -0,0 +1,158 @@
1
+ #this code borrowed pieces from activeldap and net-ldap
2
+
3
+ require 'rack'
4
+ require 'net/ldap'
5
+ require 'net/ntlm'
6
+ require 'uri'
7
+
8
+ module OmniAuth
9
+ module LDAP
10
+ class Adaptor
11
+ class LdapError < StandardError; end
12
+ class ConfigurationError < StandardError; end
13
+ class AuthenticationError < StandardError; end
14
+ class ConnectionError < StandardError; end
15
+
16
+ VALID_ADAPTER_CONFIGURATION_KEYS = [:host, :port, :method, :bind_dn, :password, :try_sasl, :sasl_mechanisms, :uid, :base, :allow_anonymous]
17
+
18
+ MUST_HAVE_KEYS = [:host, :port, :method, :uid, :base]
19
+
20
+ METHOD = {
21
+ :ssl => :simple_tls,
22
+ :tls => :start_tls,
23
+ :plain => nil,
24
+ }
25
+
26
+ attr_accessor :bind_dn, :password
27
+ attr_reader :connection, :uid, :base
28
+
29
+ def initialize(configuration={})
30
+ @disconnected = false
31
+ @bound = false
32
+ @configuration = configuration.dup
33
+ @configuration[:allow_anonymous] ||= false
34
+ @logger = @configuration.delete(:logger)
35
+ message = []
36
+ MUST_HAVE_KEYS.each do |name|
37
+ message << name if configuration[name].nil?
38
+ end
39
+ raise ArgumentError.new(message.join(",") +" MUST be provided") unless message.empty?
40
+ VALID_ADAPTER_CONFIGURATION_KEYS.each do |name|
41
+ instance_variable_set("@#{name}", configuration[name])
42
+ end
43
+
44
+ method = ensure_method(@method)
45
+ config = {
46
+ :host => @host,
47
+ :port => @port,
48
+ :encryption => method
49
+ }
50
+ @uri = construct_uri(@host, @port, @method != :plain)
51
+
52
+ @bind_method = @try_sasl ? "sasl" : @allow_anonymous ? 'anonymous' : 'simple'
53
+ @bind_method = 'anonymous' unless @bind_dn && @password
54
+
55
+ @auth = sasl_auths.first if @bind_method == 'sasl'
56
+ @bind_method = 'simple' unless @auth
57
+ @auth ||= { :method => @bind_method,
58
+ :username => @bind_dn,
59
+ :password => @passowrd
60
+ }
61
+ config[:auth] = @auth
62
+ @connection = Net::LDAP.new(config)
63
+ end
64
+
65
+ #:base => "dc=yourcompany, dc=com",
66
+ # :filter => "(mail=#{user})",
67
+ # :password => psw
68
+ def bind_as(args = {})
69
+ result = false
70
+ @connection.open { |me|
71
+ rs = search args
72
+ if rs and rs.first and dn = rs.first.dn
73
+ password = args[:password]
74
+ method = args[:method]
75
+ password = password.call if password.respond_to?(:call)
76
+ if method == 'sasl'
77
+ result = rs if bind(sasl_auths(args))
78
+ else
79
+ result = rs if bind(:method => :simple, :username => dn,
80
+ :password => password)
81
+ end
82
+ end
83
+ }
84
+ result
85
+ end
86
+
87
+ private
88
+
89
+ def ensure_port(method)
90
+ if method == :ssl
91
+ URI::LDAPS::DEFAULT_PORT
92
+ else
93
+ URI::LDAP::DEFAULT_PORT
94
+ end
95
+ end
96
+
97
+ def ensure_method(method)
98
+ method ||= "plain"
99
+ normalized_method = method.to_s.downcase.to_sym
100
+ return METHOD[normalized_method] if METHOD.has_key?(normalized_method)
101
+
102
+ available_methods = METHOD.keys.collect {|m| m.inspect}.join(", ")
103
+ format = "%s is not one of the available connect methods: %s"
104
+ raise ConfigurationError, format % [method.inspect, available_methods]
105
+ end
106
+
107
+ def sasl_auths(options={})
108
+ auths = []
109
+ sasl_mechanisms = options[:sasl_mechanisms] || @sasl_mechanisms
110
+ sasl_mechanisms.each do |mechanism|
111
+ normalized_mechanism = mechanism.downcase.gsub(/-/, '_')
112
+ sasl_bind_setup = "sasl_bind_setup_#{normalized_mechanism}"
113
+ next unless respond_to?(sasl_bind_setup, true)
114
+ initial_credential, challenge_response = send(sasl_bind_setup, options)
115
+
116
+ auths << {
117
+ :method => :sasl,
118
+ :initial_credential => initial_credential,
119
+ :mechanism => mechanism,
120
+ :challenge_response => challenge_response,
121
+ }
122
+ end
123
+ end
124
+
125
+ def sasl_bind_setup_digest_md5(options)
126
+ bind_dn = options[:username]
127
+ initial_credential = ""
128
+ challenge_response = Proc.new do |cred|
129
+ pref = SASL::Preferences.new :digest_uri => "ldap/#{@host}", :username => bind_dn, :has_password? => true, :password => options[:password]||@password
130
+ sasl = SASL.new("DIGEST-MD5", pref)
131
+ response = sasl.receive("challenge", cred)
132
+ response[1]
133
+ end
134
+ [initial_credential, challenge_response]
135
+ end
136
+
137
+ def sasl_bind_setup_gss_spnego(options)
138
+ bind_dn = options[:username]
139
+ psw = [bind_dn, options[:password]||@password]
140
+ raise LdapError.new( "invalid binding information" ) unless (bind_dn && psw)
141
+
142
+ nego = proc {|challenge|
143
+ t2_msg = Net::NTLM::Message.parse( challenge )
144
+ bind_dn, domain = bind_dn.split('\\').reverse
145
+ t2_msg.target_name = Net::NTLM::encode_utf16le(domain) if domain
146
+ t3_msg = t2_msg.response( {:user => bind_dn, :password => psw}, {:ntlmv2 => true} )
147
+ t3_msg.serialize
148
+ }
149
+ [Net::NTLM::Message::Type1.new.serialize, nego]
150
+ end
151
+
152
+ def construct_uri(host, port, ssl)
153
+ protocol = ssl ? "ldaps" : "ldap"
154
+ URI.parse("#{protocol}://#{host}:#{port}").to_s
155
+ end
156
+ end
157
+ end
158
+ end
@@ -0,0 +1,5 @@
1
+ module OmniAuth
2
+ module LDAP
3
+ VERSION = "1.0.0.beta1"
4
+ end
5
+ end
@@ -0,0 +1,4 @@
1
+ require "omniauth-ldap/version"
2
+ require "omniauth-ldap/adaptor"
3
+ require 'omniauth/strategies/ldap'
4
+
@@ -0,0 +1,27 @@
1
+ # -*- encoding: utf-8 -*-
2
+ require File.expand_path('../lib/omniauth-ldap/version', __FILE__)
3
+
4
+ Gem::Specification.new do |gem|
5
+ gem.authors = ["Ping Yu"]
6
+ gem.email = ["ping@intridea.com"]
7
+ gem.description = %q{A LDAP strategy for OmniAuth.}
8
+ gem.summary = %q{A LDAP strategy for OmniAuth.}
9
+ gem.homepage = "https://github.com/intridea/omniauth-ldap"
10
+
11
+ gem.add_runtime_dependency 'omniauth', '1.0.0.beta1'
12
+ gem.add_runtime_dependency 'net-ldap', '~>0.2.2'
13
+ gem.add_runtime_dependency 'pyu-ruby-sasl', '~> 0.0.3.1'
14
+ gem.add_runtime_dependency 'rubyntlm', '~> 0.1.1'
15
+ gem.add_development_dependency 'rspec', '~> 2.6'
16
+ gem.add_development_dependency 'simplecov'
17
+ gem.add_development_dependency 'rack-test'
18
+ gem.add_development_dependency 'libnotify'
19
+ gem.add_development_dependency 'ruby-debug19'
20
+
21
+ gem.executables = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) }
22
+ gem.files = `git ls-files`.split("\n")
23
+ gem.test_files = `git ls-files -- {test,spec,features}/*`.split("\n")
24
+ gem.name = "omniauth-ldap"
25
+ gem.require_paths = ["lib"]
26
+ gem.version = OmniAuth::LDAP::VERSION
27
+ end
@@ -0,0 +1,104 @@
1
+ require 'spec_helper'
2
+ describe "OmniAuth::Strategies::LDAP" do
3
+ # :title => "My LDAP",
4
+ # :host => '10.101.10.1',
5
+ # :port => 389,
6
+ # :method => :plain,
7
+ # :base => 'dc=intridea, dc=com',
8
+ # :uid => 'sAMAccountName',
9
+ # :name_proc => Proc.new {|name| name.gsub(/@.*$/,'')}
10
+ # :bind_dn => 'default_bind_dn'
11
+ # :password => 'password'
12
+ class MyLdapProvider < OmniAuth::Strategies::LDAP; end
13
+ def app
14
+ Rack::Builder.new {
15
+ use OmniAuth::Test::PhonySession
16
+ use MyLdapProvider, :name => 'ldap', :title => 'MyLdap Form', :host => '192.168.1.145', :base => 'dc=score, dc=local', :name_proc => Proc.new {|name| name.gsub(/@.*$/,'')}
17
+ run lambda { |env| [404, {'Content-Type' => 'text/plain'}, [env.key?('omniauth.auth').to_s]] }
18
+ }.to_app
19
+ end
20
+
21
+ def session
22
+ last_request.env['rack.session']
23
+ end
24
+
25
+ it 'should add a camelization for itself' do
26
+ OmniAuth::Utils.camelize('ldap').should == 'LDAP'
27
+ end
28
+
29
+ describe '/auth/ldap' do
30
+ before(:each){ get '/auth/ldap' }
31
+
32
+ it 'should display a form' do
33
+ last_response.status.should == 200
34
+ last_response.body.should be_include("<form")
35
+ end
36
+
37
+ it 'should have the callback as the action for the form' do
38
+ last_response.body.should be_include("action='/auth/ldap/callback'")
39
+ end
40
+
41
+ it 'should have a text field for each of the fields' do
42
+ last_response.body.scan('<input').size.should == 2
43
+ end
44
+ it 'should have a label of the form title' do
45
+ last_response.body.scan('MyLdap Form').size.should > 1
46
+ end
47
+
48
+ end
49
+
50
+ describe 'post /auth/ldap/callback' do
51
+ before(:each) do
52
+ @adaptor = mock(OmniAuth::LDAP::Adaptor, {:uid => 'ping'})
53
+ OmniAuth::LDAP::Adaptor.stub(:new).and_return(@adaptor)
54
+ end
55
+ context 'failure' do
56
+ before(:each) do
57
+ @adaptor.stub(:bind_as).and_return(false)
58
+ end
59
+ it 'should raise MissingCredentialsError' do
60
+ lambda{post('/auth/ldap/callback', {})}.should raise_error OmniAuth::Strategies::LDAP::MissingCredentialsError
61
+ end
62
+ it 'should redirect to error page' do
63
+ post('/auth/ldap/callback', {:username => 'ping', :password => 'password'})
64
+ last_response.should be_redirect
65
+ last_response.headers['Location'].should =~ %r{invalid_credentials}
66
+ end
67
+ it 'should redirect to error page when there is exception' do
68
+ @adaptor.stub(:bind_as).and_throw(Exception.new('connection_error'))
69
+ post('/auth/ldap/callback', {:username => 'ping', :password => 'password'})
70
+ last_response.should be_redirect
71
+ last_response.headers['Location'].should =~ %r{ldap_error}
72
+ end
73
+ end
74
+
75
+ context 'success' do
76
+ let(:auth_hash){ last_request.env['omniauth.auth'] }
77
+ before(:each) do
78
+ @adaptor.stub(:bind_as).and_return({:dn => 'cn=ping, dc=intridea, dc=com', :mail => 'ping@intridea.com', :givenname => 'Ping', :sn => 'Yu',
79
+ :telephonenumber => '555-555-5555', :mobile => '444-444-4444', :uid => 'ping', :title => 'dev', :address => 'k street',
80
+ :l => 'Washington', :st => 'DC', :co => "U.S.A", :postofficebox => '20001', :wwwhomepage => 'www.intridea.com',
81
+ :jpegphoto => 'http://www.intridea.com/ping.jpg', :description => 'omniauth-ldap'})
82
+ post('/auth/ldap/callback', {:username => 'ping', :password => 'password'})
83
+ end
84
+
85
+ it 'should raise MissingCredentialsError' do
86
+ should_not raise_error OmniAuth::Strategies::LDAP::MissingCredentialsError
87
+ end
88
+ it 'should map user info' do
89
+ auth_hash.uid.should == 'cn=ping, dc=intridea, dc=com'
90
+ auth_hash.info.email.should == 'ping@intridea.com'
91
+ auth_hash.info.first_name.should == 'Ping'
92
+ auth_hash.info.last_name.should == 'Yu'
93
+ auth_hash.info.phone.should == '555-555-5555'
94
+ auth_hash.info.mobile.should == '444-444-4444'
95
+ auth_hash.info.nickname.should == 'ping'
96
+ auth_hash.info.title.should == 'dev'
97
+ auth_hash.info.location.should == 'k street, Washington, DC, U.S.A 20001'
98
+ auth_hash.info.url.should == 'www.intridea.com'
99
+ auth_hash.info.image.should == 'http://www.intridea.com/ping.jpg'
100
+ auth_hash.info.description.should == 'omniauth-ldap'
101
+ end
102
+ end
103
+ end
104
+ end
@@ -0,0 +1,14 @@
1
+ $:.unshift File.expand_path('..', __FILE__)
2
+ $:.unshift File.expand_path('../../lib', __FILE__)
3
+ require 'simplecov'
4
+ SimpleCov.start
5
+ require 'rspec'
6
+ require 'rack/test'
7
+ require 'omniauth'
8
+ require 'omniauth-ldap'
9
+
10
+ RSpec.configure do |config|
11
+ config.include Rack::Test::Methods
12
+ config.extend OmniAuth::Test::StrategyMacros, :type => :strategy
13
+ end
14
+
metadata ADDED
@@ -0,0 +1,160 @@
1
+ --- !ruby/object:Gem::Specification
2
+ name: omniauth-ldap
3
+ version: !ruby/object:Gem::Version
4
+ version: 1.0.0.beta1
5
+ prerelease: 6
6
+ platform: ruby
7
+ authors:
8
+ - Ping Yu
9
+ autorequire:
10
+ bindir: bin
11
+ cert_chain: []
12
+ date: 2011-10-26 00:00:00.000000000Z
13
+ dependencies:
14
+ - !ruby/object:Gem::Dependency
15
+ name: omniauth
16
+ requirement: &70115828190020 !ruby/object:Gem::Requirement
17
+ none: false
18
+ requirements:
19
+ - - =
20
+ - !ruby/object:Gem::Version
21
+ version: 1.0.0.beta1
22
+ type: :runtime
23
+ prerelease: false
24
+ version_requirements: *70115828190020
25
+ - !ruby/object:Gem::Dependency
26
+ name: net-ldap
27
+ requirement: &70115828189260 !ruby/object:Gem::Requirement
28
+ none: false
29
+ requirements:
30
+ - - ~>
31
+ - !ruby/object:Gem::Version
32
+ version: 0.2.2
33
+ type: :runtime
34
+ prerelease: false
35
+ version_requirements: *70115828189260
36
+ - !ruby/object:Gem::Dependency
37
+ name: pyu-ruby-sasl
38
+ requirement: &70115828188580 !ruby/object:Gem::Requirement
39
+ none: false
40
+ requirements:
41
+ - - ~>
42
+ - !ruby/object:Gem::Version
43
+ version: 0.0.3.1
44
+ type: :runtime
45
+ prerelease: false
46
+ version_requirements: *70115828188580
47
+ - !ruby/object:Gem::Dependency
48
+ name: rubyntlm
49
+ requirement: &70115828187920 !ruby/object:Gem::Requirement
50
+ none: false
51
+ requirements:
52
+ - - ~>
53
+ - !ruby/object:Gem::Version
54
+ version: 0.1.1
55
+ type: :runtime
56
+ prerelease: false
57
+ version_requirements: *70115828187920
58
+ - !ruby/object:Gem::Dependency
59
+ name: rspec
60
+ requirement: &70115828187460 !ruby/object:Gem::Requirement
61
+ none: false
62
+ requirements:
63
+ - - ~>
64
+ - !ruby/object:Gem::Version
65
+ version: '2.6'
66
+ type: :development
67
+ prerelease: false
68
+ version_requirements: *70115828187460
69
+ - !ruby/object:Gem::Dependency
70
+ name: simplecov
71
+ requirement: &70115828187080 !ruby/object:Gem::Requirement
72
+ none: false
73
+ requirements:
74
+ - - ! '>='
75
+ - !ruby/object:Gem::Version
76
+ version: '0'
77
+ type: :development
78
+ prerelease: false
79
+ version_requirements: *70115828187080
80
+ - !ruby/object:Gem::Dependency
81
+ name: rack-test
82
+ requirement: &70115828186600 !ruby/object:Gem::Requirement
83
+ none: false
84
+ requirements:
85
+ - - ! '>='
86
+ - !ruby/object:Gem::Version
87
+ version: '0'
88
+ type: :development
89
+ prerelease: false
90
+ version_requirements: *70115828186600
91
+ - !ruby/object:Gem::Dependency
92
+ name: libnotify
93
+ requirement: &70115828186180 !ruby/object:Gem::Requirement
94
+ none: false
95
+ requirements:
96
+ - - ! '>='
97
+ - !ruby/object:Gem::Version
98
+ version: '0'
99
+ type: :development
100
+ prerelease: false
101
+ version_requirements: *70115828186180
102
+ - !ruby/object:Gem::Dependency
103
+ name: ruby-debug19
104
+ requirement: &70115828185740 !ruby/object:Gem::Requirement
105
+ none: false
106
+ requirements:
107
+ - - ! '>='
108
+ - !ruby/object:Gem::Version
109
+ version: '0'
110
+ type: :development
111
+ prerelease: false
112
+ version_requirements: *70115828185740
113
+ description: A LDAP strategy for OmniAuth.
114
+ email:
115
+ - ping@intridea.com
116
+ executables: []
117
+ extensions: []
118
+ extra_rdoc_files: []
119
+ files:
120
+ - .gitignore
121
+ - .rspec
122
+ - Gemfile
123
+ - Gemfile.lock
124
+ - Guardfile
125
+ - README.md
126
+ - Rakefile
127
+ - lib/omniauth-ldap.rb
128
+ - lib/omniauth-ldap/adaptor.rb
129
+ - lib/omniauth-ldap/version.rb
130
+ - lib/omniauth/strategies/ldap.rb
131
+ - omniauth-ldap.gemspec
132
+ - spec/omniauth/strategies/ldap_spec.rb
133
+ - spec/spec_helper.rb
134
+ homepage: https://github.com/intridea/omniauth-ldap
135
+ licenses: []
136
+ post_install_message:
137
+ rdoc_options: []
138
+ require_paths:
139
+ - lib
140
+ required_ruby_version: !ruby/object:Gem::Requirement
141
+ none: false
142
+ requirements:
143
+ - - ! '>='
144
+ - !ruby/object:Gem::Version
145
+ version: '0'
146
+ required_rubygems_version: !ruby/object:Gem::Requirement
147
+ none: false
148
+ requirements:
149
+ - - ! '>'
150
+ - !ruby/object:Gem::Version
151
+ version: 1.3.1
152
+ requirements: []
153
+ rubyforge_project:
154
+ rubygems_version: 1.8.10
155
+ signing_key:
156
+ specification_version: 3
157
+ summary: A LDAP strategy for OmniAuth.
158
+ test_files:
159
+ - spec/omniauth/strategies/ldap_spec.rb
160
+ - spec/spec_helper.rb