omniauth-polaris 1.0.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 782f2fe5ef9e563de8acb9bc4bc40514d868fa06
+  data.tar.gz: 72d665983d951640d341aa4328a3213829237d98
+SHA512:
+  metadata.gz: fcf55973229e7642569371ca24ddc023263998d274a41bdd905823d130d5ae10d528f8718651e5358e82ec4ba6366b777805d68bd643d23f8ba701a03042bf87
+  data.tar.gz: bb794c07c75c09ad7461c1959dfffbb14776b54bbe059ddf2a751edb6cb9e52a9fa45bbc97ca10e32906721ea6a63df5b58cf58e5a0451428dff1ae1418b1349

data/.gitignore

@@ -0,0 +1,63 @@
+# Generated by default by Github #
+##################################
+*.rbc
+*.sassc
+.sass-cache
+capybara-*.html
+.rspec
+/.bundle
+/vendor/bundle
+/log/*
+/tmp/*
+/db/*.sqlite3
+/public/system/*
+/coverage/
+/spec/tmp/*
+**.orig
+rerun.txt
+pickle-email-*.html
+
+# Specific configuration files #
+################################
+hydra-ldap.yml
+database.yml
+fedora.yml
+solr.yml
+role_map_cucumber.yml
+role_map_development.yml
+role_map_production.yml
+role_map_test.yml
+
+# Files to ignore by default in Git #
+#####################################
+*.pdf
+*.db
+*.jar
+*.gz
+*.tar
+*.zip
+*.dll
+*.sqlite
+*.sql
+
+# Specific Files to ignore #
+############################
+Thumbs.db
+Icon?
+.DS_Store?
+.DS_Store
+ehthumbs.db
+.idea # Rubymine config files
+/.idea/*
+
+# Directories to ignore #
+#########################
+/public/data/*
+/jetty/*
+/solr_conf/*
+/fedora_conf/*
+
+# Ignore edited Linux files #
+#############################
+
+*~

data/Gemfile

@@ -0,0 +1,38 @@
+source 'https://rubygems.org'
+
+gem 'rails', '3.2.9'
+
+# Bundle edge Rails instead:
+# gem 'rails', :git => 'git://github.com/rails/rails.git'
+
+gem 'sqlite3'
+
+
+# Gems used only for assets and not required
+# in production environments by default.
+group :assets do
+  gem 'sass-rails',   '~> 3.2.3'
+  gem 'coffee-rails', '~> 3.2.1'
+
+  # See https://github.com/sstephenson/execjs#readme for more supported runtimes
+  # gem 'therubyracer', :platforms => :ruby
+
+  gem 'uglifier', '>= 1.0.3'
+end
+
+gem 'jquery-rails'
+
+# To use ActiveModel has_secure_password
+# gem 'bcrypt-ruby', '~> 3.0.0'
+
+# To use Jbuilder templates for JSON
+# gem 'jbuilder'
+
+# Use unicorn as the app server
+# gem 'unicorn'
+
+# Deploy with Capistrano
+# gem 'capistrano'
+
+# To use debugger
+# gem 'debugger'

data/README.rdoc

@@ -0,0 +1,3 @@
+== Project Information
+
+Coming soon... works as any other Omniauth provider however.

data/Rakefile

@@ -0,0 +1,7 @@
+#!/usr/bin/env rake
+# Add your own tasks in files placed in lib/tasks ending in .rake,
+# for example lib/tasks/capistrano.rake, and they will automatically be available to Rake.
+
+require File.expand_path('../config/application', __FILE__)
+
+OmniauthPolaris::Application.load_tasks

data/lib/omniauth-polaris.rb

@@ -0,0 +1,3 @@
+require "omniauth-polaris/version"
+require "omniauth-polaris/adaptor"
+require 'omniauth/strategies/polaris'

data/lib/omniauth-polaris/adaptor.rb

@@ -0,0 +1,100 @@
+require 'base64'
+require 'cgi'
+require 'openssl'
+require 'rest_client'
+
+module OmniAuth
+  module Polaris
+    class Adaptor
+      class PolarisError < StandardError; end
+      class ConfigurationError < StandardError; end
+      class AuthenticationError < StandardError; end
+      class ConnectionError < StandardError; end
+
+      VALID_ADAPTER_CONFIGURATION_KEYS = [:access_id, :access_key, :method, :http_uri]
+
+      MUST_HAVE_KEYS = [:access_id, :access_key, :method, :http_uri]
+
+      METHOD = {
+          :GET => :GET
+      }
+
+      attr_reader :config
+
+      def self.validate(configuration={})
+        message = []
+        MUST_HAVE_KEYS.each do |name|
+          message << name if configuration[name].nil?
+        end
+        raise ArgumentError.new(message.join(",") +" MUST be provided") unless message.empty?
+      end
+
+      def initialize(configuration={})
+        Adaptor.validate(configuration)
+        @configuration = configuration.dup
+        @logger = @configuration.delete(:logger)
+        VALID_ADAPTER_CONFIGURATION_KEYS.each do |name|
+          instance_variable_set("@#{name}", @configuration[name])
+        end
+
+        @config = {
+            :http_uri => @http_uri,
+            :method => @method,
+            :access_key => @access_key,
+            :access_id => @access_id
+        }
+
+        method = ensure_method(@method)
+
+      end
+
+      public
+      def bind_as(args = {})
+        response = false
+
+        #Basic shared input variables
+        pin = args[:pin]
+        barcode = args[:barcode]
+        http_date = Time.now.in_time_zone("GMT").strftime("%a, %d %b %Y %H:%M:%S %Z")
+
+        #Authorization hash component
+        http_uri_with_barcode =  @http_uri + barcode
+        concated_string = @method + @http_uri + barcode + http_date + pin
+        sha1_sig = Base64.strict_encode64("#{OpenSSL::HMAC.digest('sha1',@access_key, concated_string)}")
+        xml_response = RestClient.get http_uri_with_barcode, {'PolarisDate' => http_date, 'Authorization' =>  "PWS " + @access_id + ":" + sha1_sig}
+        authorization_response = Hash.from_xml xml_response
+
+        #Details hash component
+        http_basic_data_get = @http_uri + barcode + '/basicdata'
+        concated_string = @method + http_basic_data_get + http_date + pin
+        sha1_sig = Base64.strict_encode64("#{OpenSSL::HMAC.digest('sha1',@access_key, concated_string)}")
+        xml_response = RestClient.get http_basic_data_get, {'PolarisDate' => http_date, 'Authorization' =>  "PWS " + @access_id + ":" + sha1_sig}
+        details_response = Hash.from_xml xml_response
+
+        #Add some of the basic details to a single hash, using the authorization as the base.
+        authorization_response["PatronValidateResult"]["NameFirst"] = details_response["PatronBasicDataGetResult"]["PatronBasicData"]["NameFirst"]
+        authorization_response["PatronValidateResult"]["NameLast"] = details_response["PatronBasicDataGetResult"]["PatronBasicData"]["NameLast"]
+        authorization_response["PatronValidateResult"]["NameMiddle"] = details_response["PatronBasicDataGetResult"]["PatronBasicData"]["NameMiddle"]
+        authorization_response["PatronValidateResult"]["PhoneNumber"] = details_response["PatronBasicDataGetResult"]["PatronBasicData"]["PhoneNumber"]
+        authorization_response["PatronValidateResult"]["EmailAddress"] = details_response["PatronBasicDataGetResult"]["PatronBasicData"]["EmailAddress"]
+
+        authorization_response["PatronValidateResult"]
+      end
+
+      private
+      def ensure_method(method)
+        method ||= "get"
+        normalized_method = method.to_s.upcase.to_sym
+        return METHOD[normalized_method] if METHOD.has_key?(normalized_method)
+
+        available_methods = METHOD.keys.collect {|m| m.inspect}.join(", ")
+        format = "%s is not one of the available connect methods: %s"
+        raise ConfigurationError, format % [method.inspect, available_methods]
+      end
+
+
+
+
+    end
+  end
+end

data/lib/omniauth-polaris/version.rb

@@ -0,0 +1,5 @@
+module OmniAuth
+  module Polaris
+    VERSION = '1.0.0'
+  end
+end

data/lib/omniauth/strategies/polaris.rb

@@ -0,0 +1,114 @@
+require 'omniauth'
+
+
+module OmniAuth
+  module Strategies
+    class Polaris
+      class MissingCredentialsError < StandardError; end
+      include OmniAuth::Strategy
+      @@config = {
+          'barcode' => 'Barcode',
+          'valid_patron' => 'ValidPatron',
+          'patron_id' => 'PatronID',
+          'assigned_branch_id' => 'AssignedBranchID',
+          'assigned_branch_name' => 'AssignedBranchName',
+          'first_name' => 'NameFirst',
+          'last_name' => 'NameLast',
+          'middle_name' => 'NameMiddle',
+          'phone_number' => 'PhoneNumber',
+          'email' => 'EmailAddress'
+      }
+      option :title, "Polaris Authentication" #default title for authentication form
+
+
+      def request_phase
+        OmniAuth::Polaris::Adaptor.validate @options
+        f = OmniAuth::Form.new(:title => (options[:title] || "Polaris Authentication"), :url => callback_path)
+        f.text_field 'Barcode', 'barcode'
+        f.password_field 'PIN', 'pin'
+        f.button "Sign In"
+        f.to_response
+      end
+
+      def callback_phase
+        @adaptor = OmniAuth::Polaris::Adaptor.new @options
+
+        raise MissingCredentialsError.new("Missing login credentials") if request['barcode'].nil? || request['pin'].nil?
+        begin
+          @polaris_user_info = @adaptor.bind_as(:barcode => request['barcode'], :pin => request['pin'])
+          return fail!(:invalid_credentials) if !@polaris_user_info
+
+          @user_info = self.class.map_user(@@config, @polaris_user_info)
+          super
+        rescue Exception => e
+          return fail!(:polaris_error, e)
+        end
+      end
+
+      uid {
+        request['barcode']
+      }
+      info {
+        @user_info
+      }
+      extra {
+        { :raw_info => @polaris_user_info }
+      }
+
+      def map_user(mapper, object)
+
+        user = {}
+        mapper.each do |key, value|
+          case value
+            when String
+              #user[key] = object[value.downcase.to_sym].first if object[value.downcase.to_sym]
+              user[key.to_sym] = object[value] if object[value]
+            when Array
+              #value.each {|v| (user[key] = object[v.downcase.to_sym].first; break;) if object[v.downcase.to_sym]}
+              value.each {|v| (user[key] = object[v.downcase.to_sym]; break;) if object[v.downcase.to_sym]}
+            when Hash
+              value.map do |key1, value1|
+                pattern = key1.dup
+                value1.each_with_index do |v,i|
+                  #part = ''; v.collect(&:downcase).collect(&:to_sym).each {|v1| (part = object[v1].first; break;) if object[v1]}
+                  part = ''; v.collect(&:downcase).collect(&:to_sym).each {|v1| (part = object[v1]; break;) if object[v1]}
+                  pattern.gsub!("%#{i}",part||'')
+                end
+                user[key] = pattern
+              end
+          end
+        end
+        user
+      end
+
+
+      def self.map_user(mapper, object)
+
+        user = {}
+        mapper.each do |key, value|
+          case value
+            when String
+              #user[key] = object[value.downcase.to_sym].first if object[value.downcase.to_sym]
+              user[key.to_sym] = object[value] if object[value]
+            when Array
+              #value.each {|v| (user[key] = object[v.downcase.to_sym].first; break;) if object[v.downcase.to_sym]}
+              value.each {|v| (user[key] = object[v.downcase.to_sym]; break;) if object[v.downcase.to_sym]}
+            when Hash
+              value.map do |key1, value1|
+                pattern = key1.dup
+                value1.each_with_index do |v,i|
+                  #part = ''; v.collect(&:downcase).collect(&:to_sym).each {|v1| (part = object[v1].first; break;) if object[v1]}
+                  part = ''; v.collect(&:downcase).collect(&:to_sym).each {|v1| (part = object[v1]; break;) if object[v1]}
+                  pattern.gsub!("%#{i}",part||'')
+                end
+                user[key] = pattern
+              end
+          end
+        end
+        user
+      end
+    end
+  end
+end
+
+OmniAuth.config.add_camelization 'polaris', 'Polaris'

data/omniauth-polaris.gemspec

@@ -0,0 +1,25 @@
+# -*- encoding: utf-8 -*-
+require File.expand_path('../lib/omniauth-polaris/version', __FILE__)
+
+Gem::Specification.new do |gem|
+  gem.authors = ["Steven Anderson"]
+  gem.email = ["sanderson@bpl.org"]
+  gem.description = %q{A Polaris API strategy for OmniAuth.}
+  gem.summary = %q{A Polaris API strategy for OmniAuth.}
+  gem.homepage = "https://github.com/boston-library/omniauth-polaris"
+
+  gem.add_runtime_dependency 'omniauth', '~> 1.0'
+  gem.add_runtime_dependency 'rest-client', '~> 1.6.7'
+  gem.add_development_dependency 'rspec', '~> 2.7'
+  gem.add_development_dependency 'simplecov'
+  gem.add_development_dependency 'rack-test'
+  gem.add_development_dependency 'libnotify'
+  gem.add_development_dependency 'ruby-debug19'
+  
+  gem.executables = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) }
+  gem.files = `git ls-files`.split("\n")
+  gem.test_files = `git ls-files -- {test,spec,features}/*`.split("\n")
+  gem.name = "omniauth-polaris"
+  gem.require_paths = ["lib"]
+  gem.version = OmniAuth::Polaris::VERSION
+end

data/spec/omniauth-ldap/adaptor_spec.rb

@@ -0,0 +1,15 @@
+require 'spec_helper'
+describe "OmniAuth::Polaris::Adaptor" do
+
+  describe 'initialize' do
+    it 'should throw exception when must have field is not set' do
+      #[:host, :port, :method, :bind_dn]
+      lambda { OmniAuth::Polaris::Adaptor.new({http_uri: "http://blah.org/PAPIService/REST/public/v1/1000/100/1/patron/", method: 'GET'})}.should raise_error(ArgumentError)
+    end
+
+    it 'should throw exception when method is not supported' do
+      lambda { OmniAuth::Polaris::Adaptor.new({http_uri: "http://blah.org/PAPIService/REST/public/v1/1000/100/1/patron/", method: 'POST', access_key: 'F9998888-A000-1111-C22C-CC3333BB4444', access_id: 'API'})}.should raise_error(OmniAuth::Polaris::Adaptor::ConfigurationError)
+    end
+  end
+
+end

data/spec/omniauth/strategies/polaris_spec.rb

@@ -0,0 +1,83 @@
+require 'spec_helper'
+describe "OmniAuth::Strategies::Polaris" do
+
+
+  class MyPolarisProvider < OmniAuth::Strategies::Polaris; end
+  def app
+    Rack::Builder.new {
+      use OmniAuth::Test::PhonySession
+      use MyPolarisProvider, :name => 'polaris', :title => 'MyPolaris Form', :http_uri => 'http://blah.org/PAPIService/REST/public/v1/1000/100/1/patron/', :access_key => 'F9998888-A000-1111-C22C-CC3333BB4444', :access_id => 'API', :method => 'GET'
+      run lambda { |env| [404, {'Content-Type' => 'text/plain'}, [env.key?('omniauth.auth').to_s]] }
+    }.to_app
+  end
+
+  def session
+    last_request.env['rack.session']
+  end
+
+  it 'should add a camelization for itself' do
+    OmniAuth::Utils.camelize('polaris').should == 'Polaris'
+  end
+
+  describe '/auth/polaris' do
+    before(:each){ get '/auth/polaris' }
+
+    it 'should display a form' do
+      last_response.status.should == 200
+      last_response.body.should be_include("<form")
+    end
+
+    it 'should have the callback as the action for the form' do
+      last_response.body.should be_include("action='/auth/polaris/callback'")
+    end
+
+    it 'should have a text field for each of the fields' do
+      last_response.body.scan('<input').size.should == 2
+    end
+    it 'should have a label of the form title' do
+      last_response.body.scan('MyPolaris Form').size.should > 1
+    end
+
+  end
+
+  describe 'post /auth/polaris/callback' do
+    before(:each) do
+      @adaptor = mock(OmniAuth::Polaris::Adaptor, {:barcode => '29999999999999'})
+      OmniAuth::Polaris::Adaptor.stub(:new).and_return(@adaptor)
+    end
+    context 'failure' do
+      before(:each) do
+        @adaptor.stub(:bind_as).and_return(false)
+      end
+      it 'should raise MissingCredentialsError' do
+        lambda{post('/auth/polaris/callback', {})}.should raise_error OmniAuth::Strategies::Polaris::MissingCredentialsError
+      end
+      it 'should redirect to error page' do
+        post('/auth/polaris/callback', {:barcode => 'ping', :pin => 'password'})
+        last_response.should be_redirect
+        last_response.headers['Location'].should =~ %r{invalid_credentials}
+      end
+    end
+
+    context 'success' do
+      let(:auth_hash){ last_request.env['omniauth.auth'] }
+      before(:each) do
+        @adaptor.stub(:bind_as).and_return({:PAPIErrorCode => "0", :barcode => '29999999999999', :ValidPatron => 'true', :PatronID => '111111', :PatronCodeID => '27',
+                                            :AssignedBranchID => '3', :PatronBarcode => '29999999999999', :AssignedBranchName => 'BPL - Central', :ExpirationDate => '2015-09-20T00:00:00', :OverridePasswordUsed =>'false'})
+        #
+        post('/auth/polaris/callback', {:barcode => '29999021413588', :pin => '0407'})
+      end
+
+      it 'should raise MissingCredentialsError' do
+        should_not raise_error OmniAuth::Strategies::Polaris::MissingCredentialsError
+      end
+      it 'should map user info' do
+        auth_hash.info.barcode.should == '29999999999999'
+        auth_hash.info.valid_patron.should == 'true'
+        auth_hash.info.patron_id.should == '111111'
+        auth_hash.info.assigned_branch_id.should == '3'
+        auth_hash.info.assigned_branch_name.should == 'BPL - Central'
+      end
+    end
+  end
+end

data/spec/spec_helper.rb

@@ -0,0 +1,13 @@
+$:.unshift File.expand_path('..', __FILE__)
+$:.unshift File.expand_path('../../lib', __FILE__)
+require 'simplecov'
+SimpleCov.start
+require 'rspec'
+require 'rack/test'
+require 'omniauth'
+require 'omniauth-polaris'
+
+RSpec.configure do |config|
+  config.include Rack::Test::Methods
+  config.extend OmniAuth::Test::StrategyMacros, :type => :strategy
+end

metadata

@@ -0,0 +1,154 @@
+--- !ruby/object:Gem::Specification
+name: omniauth-polaris
+version: !ruby/object:Gem::Version
+  version: 1.0.0
+platform: ruby
+authors:
+- Steven Anderson
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2015-06-09 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: omniauth
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '1.0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '1.0'
+- !ruby/object:Gem::Dependency
+  name: rest-client
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 1.6.7
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 1.6.7
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '2.7'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '2.7'
+- !ruby/object:Gem::Dependency
+  name: simplecov
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rack-test
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: libnotify
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: ruby-debug19
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+description: A Polaris API strategy for OmniAuth.
+email:
+- sanderson@bpl.org
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- .gitignore
+- Gemfile
+- README.rdoc
+- Rakefile
+- lib/omniauth-polaris.rb
+- lib/omniauth-polaris/adaptor.rb
+- lib/omniauth-polaris/version.rb
+- lib/omniauth/strategies/polaris.rb
+- omniauth-polaris.gemspec
+- spec/omniauth-ldap/adaptor_spec.rb
+- spec/omniauth/strategies/polaris_spec.rb
+- spec/spec_helper.rb
+homepage: https://github.com/boston-library/omniauth-polaris
+licenses: []
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.0.3
+signing_key: 
+specification_version: 4
+summary: A Polaris API strategy for OmniAuth.
+test_files: []
+has_rdoc: