omniauth_crowd 2.0.1 → 2.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (10) hide show
  1. data/Gemfile.lock +10 -10
  2. data/lib/omniauth/strategies/crowd.rb +1 -1
  3. data/lib/omniauth/strategies/crowd/configuration.rb +24 -10
  4. data/lib/omniauth/strategies/crowd/crowd_validator.rb +46 -21
  5. data/lib/omniauth_crowd.rb +0 -1
  6. data/lib/omniauth_crowd/version.rb +1 -1
  7. data/spec/fixtures/groups.xml +8 -0
  8. data/spec/omniauth/strategies/crowd_spec.rb +4 -1
  9. metadata +38 -37
  10. data/VERSION +0 -1
data/Gemfile.lock CHANGED
@@ -1,30 +1,30 @@
1
1
  PATH
2
2
  remote: .
3
3
  specs:
4
- omniauth_crowd (2.0.0)
4
+ omniauth_crowd (2.1.0)
5
5
  nokogiri (>= 1.4.4)
6
6
  omniauth (~> 1.0)
7
7
 
8
8
  GEM
9
9
  remote: http://rubygems.org/
10
10
  specs:
11
- addressable (2.2.4)
12
- crack (0.1.8)
13
- diff-lcs (1.1.2)
11
+ addressable (2.2.7)
12
+ crack (0.3.1)
13
+ diff-lcs (1.1.3)
14
14
  hashie (1.2.0)
15
- nokogiri (1.5.0)
16
- omniauth (1.0.0)
15
+ nokogiri (1.5.2)
16
+ omniauth (1.0.3)
17
17
  hashie (~> 1.2)
18
18
  rack
19
- rack (1.2.2)
20
- rack-test (0.5.7)
19
+ rack (1.4.1)
20
+ rack-test (0.6.1)
21
21
  rack (>= 1.0)
22
- rake (0.8.7)
22
+ rake (0.9.2.2)
23
23
  rspec (2.5.0)
24
24
  rspec-core (~> 2.5.0)
25
25
  rspec-expectations (~> 2.5.0)
26
26
  rspec-mocks (~> 2.5.0)
27
- rspec-core (2.5.1)
27
+ rspec-core (2.5.2)
28
28
  rspec-expectations (2.5.0)
29
29
  diff-lcs (~> 1.1.2)
30
30
  rspec-mocks (2.5.0)
data/lib/omniauth/strategies/crowd.rb CHANGED
@@ -19,7 +19,7 @@ module OmniAuth
19
19
  get_credentials
20
20
  else
21
21
  session['omniauth.crowd'] = {'username' => request['username'], 'password' => request['password']}
22
- redirect callback_path
22
+ redirect callback_url
23
23
  end
24
24
  end
25
25
 
data/lib/omniauth/strategies/crowd/configuration.rb CHANGED
@@ -4,7 +4,12 @@ module OmniAuth
4
4
  module Strategies
5
5
  class Crowd
6
6
  class Configuration
7
- attr_reader :crowd_application_name, :crowd_password
7
+ DEFAULT_AUTHENTICATION_URL = "%s/rest/usermanagement/latest/authentication"
8
+ DEFAULT_USER_GROUP_URL = "%s/rest/usermanagement/latest/user/group/direct"
9
+ attr_reader :crowd_application_name, :crowd_password, :disable_ssl_verification, :include_users_groups
10
+
11
+ alias :"disable_ssl_verification?" :disable_ssl_verification
12
+ alias :"include_users_groups?" :include_users_groups
8
13
 
9
14
  # @param [Hash] params configuration options
10
15
  # @option params [String, nil] :crowd_server_url the Crowd server root URL; probably something like
@@ -15,7 +20,11 @@ module OmniAuth
15
20
  # @option params [String, nil] :application_name the application name specified in Crowd for this application, required.
16
21
  # @option params [String, nil] :application_password the application password specified in Crowd for this application, required.
17
22
  # @option params [Boolean, nil] :disable_ssl_verification disable verification for SSL cert,
18
- # helpful when you developing with a fake cert.
23
+ # helpful when you developing with a fake cert.
24
+ # @option params [Boolean, true] : include a list of user groups when getting information ont he user
25
+ # @option params [String, nil] :crowd_user_group_url (:crowd_server_url + '/rest/usermanagement/latest/user/group/direct') the URL to which to
26
+ # use for retrieving users groups optional if `:crowd_server_url` is specified, or if `:include_user_groups` is false
27
+ # required otherwise.
19
28
  def initialize(params)
20
29
  parse_params params
21
30
  end
@@ -24,31 +33,36 @@ module OmniAuth
24
33
  #
25
34
  # @param [String] username the username to validate
26
35
  #
27
- # @return [String] a URL like `http://cas.mycompany.com/login?service=...`
36
+ # @return [String] a URL like `https://crowd.myhost.com/crowd/rest/usermanagement/latest/authentication?username=USERNAME`
28
37
  def authentication_url(username)
29
38
  append_username @authentication_url, username
30
39
  end
31
-
32
- def disable_ssl_verification?
33
- @disable_ssl_verification
40
+
41
+ def user_group_url(username)
42
+ @user_group_url.nil? ? nil : append_username( @user_group_url, username)
34
43
  end
35
44
 
36
45
  private
37
- DEFAULT_AUTHENTICATION_URL = "%s/rest/usermanagement/latest/authentication"
38
46
  def parse_params(options)
47
+ options= {:include_user_groups => true}.merge(options || {})
39
48
  %w(application_name application_password).each do |opt|
40
- raise ArgumentError.new(":#{opt} MUST be provided") if options[opt.to_sym].blank?
49
+ raise ArgumentError.new(":#{opt} MUST be provided") if options[opt.to_sym] == ""
41
50
  end
42
51
  @crowd_application_name = options[:application_name]
43
52
  @crowd_password = options[:application_password]
44
53
 
45
- unless options.include?(:crowd_server_url) or options.include?(:crowd_authentication_url)
54
+ unless options.include?(:crowd_server_url) || options.include?(:crowd_authentication_url)
46
55
  raise ArgumentError.new("Either :crowd_server_url or :crowd_authentication_url MUST be provided")
47
56
  end
48
57
  @authentication_url = options[:crowd_authentication_url] || DEFAULT_AUTHENTICATION_URL % options[:crowd_server_url]
49
58
  validate_is_url 'authentication URL', @authentication_url
50
-
51
59
  @disable_ssl_verification = options[:disable_ssl_verification]
60
+ @include_users_groups = options[:include_user_groups]
61
+ if @include_users_groups
62
+ @user_group_url = options[:crowd_user_group_url] || DEFAULT_USER_GROUP_URL % options[:crowd_server_url]
63
+ validate_is_url 'user group URL', @user_group_url
64
+ end
65
+
52
66
  end
53
67
 
54
68
  IS_NOT_URL_ERROR_MESSAGE = "%s is not a valid URL"
data/lib/omniauth/strategies/crowd/crowd_validator.rb CHANGED
@@ -6,44 +6,69 @@ module OmniAuth
6
6
  module Strategies
7
7
  class Crowd
8
8
  class CrowdValidator
9
+ AUTHENTICATION_REQUEST_BODY = "<password><value>%s</value></password>"
9
10
  def initialize(configuration, username, password)
10
11
  @configuration, @username, @password = configuration, username, password
11
- @uri = URI.parse(@configuration.authentication_url(@username))
12
+ @authentiction_uri = URI.parse(@configuration.authentication_url(@username))
13
+ @user_group_uri = @configuration.include_users_groups? ? URI.parse(@configuration.user_group_url(@username)) : nil
12
14
  end
13
15
 
14
16
  def user_info
15
- if is_user_authorized?
16
- parse_user_info
17
+ user_info_hash = retrieve_user_info!
18
+ if user_info_hash && @configuration.include_users_groups?
19
+ add_user_groups(user_info_hash)
17
20
  else
18
21
  nil
19
22
  end
20
23
  end
21
24
 
22
25
  private
23
- def parse_user_info
24
- return nil if @body.nil? || @body == ''
25
- doc = Nokogiri::XML(@body)
26
- return nil if doc.nil?
27
- {
28
- "user" => doc.xpath("//user/@name").to_s,
29
- "name" => doc.xpath("//user/display-name/text()").to_s,
30
- "first_name" => doc.xpath("//user/first-name/text()").to_s,
31
- "last_name" => doc.xpath("//user/last-name/text()").to_s,
32
- "email" => doc.xpath("//user/email/text()").to_s
33
- }
26
+ def add_user_groups(user_info_hash)
27
+ response, body = make_user_group_request
28
+ unless response.code.to_i != 200 || body.nil? || body == ''
29
+ doc = Nokogiri::XML(body)
30
+ user_info_hash["groups"] = doc.xpath("//groups/group/@name").map(&:to_s)
31
+ end
32
+ user_info_hash
34
33
  end
35
- AUTHENTICATION_REQUEST_BODY = "<password><value>%s</value></password>"
36
- def is_user_authorized?
37
- http = Net::HTTP.new(@uri.host, @uri.port)
38
- http.use_ssl = @uri.port == 443 || @uri.instance_of?(URI::HTTPS)
34
+
35
+ def retrieve_user_info!
36
+ response, body = make_authorization_request
37
+ unless response.code.to_i != 200 || body.nil? || body == ''
38
+ doc = Nokogiri::XML(body)
39
+ {
40
+ "user" => doc.xpath("//user/@name").to_s,
41
+ "name" => doc.xpath("//user/display-name/text()").to_s,
42
+ "first_name" => doc.xpath("//user/first-name/text()").to_s,
43
+ "last_name" => doc.xpath("//user/last-name/text()").to_s,
44
+ "email" => doc.xpath("//user/email/text()").to_s
45
+ }
46
+ else
47
+ nil
48
+ end
49
+ end
50
+
51
+ def make_user_group_request
52
+ http = Net::HTTP.new(@user_group_uri.host, @user_group_uri.port)
53
+ http.use_ssl = @user_group_uri.port == 443 || @user_group_uri.instance_of?(URI::HTTPS)
54
+ http.verify_mode = OpenSSL::SSL::VERIFY_NONE if http.use_ssl? && @configuration.disable_ssl_verification?
55
+ http.start do |c|
56
+ req = Net::HTTP::Get.new("#{@user_group_uri.path}?#{@user_group_uri.query}")
57
+ req.basic_auth @configuration.crowd_application_name, @configuration.crowd_password
58
+ http.request(req)
59
+ end
60
+ end
61
+
62
+ def make_authorization_request
63
+ http = Net::HTTP.new(@authentiction_uri.host, @authentiction_uri.port)
64
+ http.use_ssl = @authentiction_uri.port == 443 || @authentiction_uri.instance_of?(URI::HTTPS)
39
65
  http.verify_mode = OpenSSL::SSL::VERIFY_NONE if http.use_ssl? && @configuration.disable_ssl_verification?
40
66
  http.start do |c|
41
- req = Net::HTTP::Post.new("#{@uri.path}?#{@uri.query}")
67
+ req = Net::HTTP::Post.new("#{@authentiction_uri.path}?#{@authentiction_uri.query}")
42
68
  req.body = AUTHENTICATION_REQUEST_BODY % @password
43
69
  req.basic_auth @configuration.crowd_application_name, @configuration.crowd_password
44
70
  req.add_field 'Content-Type', 'text/xml'
45
- @response, @body = http.request(req)
46
- @response.code.to_i == 200
71
+ http.request(req)
47
72
  end
48
73
  end
49
74
  end
data/lib/omniauth_crowd.rb CHANGED
@@ -1,2 +1 @@
1
- require "omniauth_crowd/version"
2
1
  require 'omniauth/strategies/crowd'
data/lib/omniauth_crowd/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  module OmniAuth
2
2
  module Crowd
3
- VERSION = "2.0.1"
3
+ VERSION = "2.1.0"
4
4
  end
5
5
  end
data/spec/fixtures/groups.xml ADDED
@@ -0,0 +1,8 @@
1
+ <groups expand="group">
2
+ <group name="Developers">
3
+ <link rel="self" href="http://crowd.bogus.com/crowd/rest/usermanagement/latest/group?groupname=Developers"/>
4
+ </group>
5
+ <group name="jira-users">
6
+ <link rel="self" href="http://crowd.bogus.com/crowd/rest/usermanagement/latest/group?groupname=jira-users"/>
7
+ </group>
8
+ </groups>
data/spec/omniauth/strategies/crowd_spec.rb CHANGED
@@ -26,7 +26,7 @@ describe OmniAuth::Strategies::Crowd, :type=>:strategy do
26
26
 
27
27
  it 'should redirect to callback' do
28
28
  last_response.should be_redirect
29
- last_response.headers['Location'].should == '/auth/crowd/callback'
29
+ last_response.headers['Location'].should == 'http://example.org/auth/crowd/callback'
30
30
  end
31
31
  end
32
32
 
@@ -44,6 +44,8 @@ describe OmniAuth::Strategies::Crowd, :type=>:strategy do
44
44
  before do
45
45
  stub_request(:post, "https://bogus_app:bogus_app_password@crowd.example.org/rest/usermanagement/latest/authentication?username=foo").
46
46
  to_return(:body => File.read(File.join(File.dirname(__FILE__), '..', '..', 'fixtures', 'success.xml')))
47
+ stub_request(:get, "https://bogus_app:bogus_app_password@crowd.example.org/rest/usermanagement/latest/user/group/direct?username=foo").
48
+ to_return(:body => File.read(File.join(File.dirname(__FILE__), '..', '..', 'fixtures', 'groups.xml')))
47
49
  get '/auth/crowd/callback', nil, 'rack.session'=>{'omniauth.crowd'=> {"username"=>"foo", "password"=>"ba"}}
48
50
  end
49
51
  it 'should call through to the master app' do
@@ -57,6 +59,7 @@ describe OmniAuth::Strategies::Crowd, :type=>:strategy do
57
59
  auth = last_request.env['omniauth.auth']['provider'].should == :crowd
58
60
  auth = last_request.env['omniauth.auth']['uid'].should == 'foo'
59
61
  auth = last_request.env['omniauth.auth']['user_info'].should be_kind_of(Hash)
62
+ auth = last_request.env['omniauth.auth']['user_info']['groups'].sort.should == ["Developers", "jira-users"].sort
60
63
  end
61
64
  end
62
65
 
metadata CHANGED
@@ -1,13 +1,13 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: omniauth_crowd
3
3
  version: !ruby/object:Gem::Version
4
- hash: 13
4
+ hash: 11
5
5
  prerelease:
6
6
  segments:
7
7
  - 2
8
- - 0
9
8
  - 1
10
- version: 2.0.1
9
+ - 0
10
+ version: 2.1.0
11
11
  platform: ruby
12
12
  authors:
13
13
  - Robert Di Marco
@@ -15,12 +15,10 @@ autorequire:
15
15
  bindir: bin
16
16
  cert_chain: []
17
17
 
18
- date: 2011-11-23 00:00:00 Z
18
+ date: 2012-03-24 00:00:00 Z
19
19
  dependencies:
20
20
  - !ruby/object:Gem::Dependency
21
- name: omniauth
22
- prerelease: false
23
- requirement: &id001 !ruby/object:Gem::Requirement
21
+ version_requirements: &id001 !ruby/object:Gem::Requirement
24
22
  none: false
25
23
  requirements:
26
24
  - - ~>
@@ -30,12 +28,12 @@ dependencies:
30
28
  - 1
31
29
  - 0
32
30
  version: "1.0"
31
+ requirement: *id001
33
32
  type: :runtime
34
- version_requirements: *id001
35
- - !ruby/object:Gem::Dependency
36
- name: nokogiri
37
33
  prerelease: false
38
- requirement: &id002 !ruby/object:Gem::Requirement
34
+ name: omniauth
35
+ - !ruby/object:Gem::Dependency
36
+ version_requirements: &id002 !ruby/object:Gem::Requirement
39
37
  none: false
40
38
  requirements:
41
39
  - - ">="
@@ -46,12 +44,12 @@ dependencies:
46
44
  - 4
47
45
  - 4
48
46
  version: 1.4.4
47
+ requirement: *id002
49
48
  type: :runtime
50
- version_requirements: *id002
51
- - !ruby/object:Gem::Dependency
52
- name: rack
53
49
  prerelease: false
54
- requirement: &id003 !ruby/object:Gem::Requirement
50
+ name: nokogiri
51
+ - !ruby/object:Gem::Dependency
52
+ version_requirements: &id003 !ruby/object:Gem::Requirement
55
53
  none: false
56
54
  requirements:
57
55
  - - ">="
@@ -60,12 +58,12 @@ dependencies:
60
58
  segments:
61
59
  - 0
62
60
  version: "0"
61
+ requirement: *id003
63
62
  type: :development
64
- version_requirements: *id003
65
- - !ruby/object:Gem::Dependency
66
- name: rake
67
63
  prerelease: false
68
- requirement: &id004 !ruby/object:Gem::Requirement
64
+ name: rack
65
+ - !ruby/object:Gem::Dependency
66
+ version_requirements: &id004 !ruby/object:Gem::Requirement
69
67
  none: false
70
68
  requirements:
71
69
  - - ">="
@@ -74,12 +72,12 @@ dependencies:
74
72
  segments:
75
73
  - 0
76
74
  version: "0"
75
+ requirement: *id004
77
76
  type: :development
78
- version_requirements: *id004
79
- - !ruby/object:Gem::Dependency
80
- name: rack-test
81
77
  prerelease: false
82
- requirement: &id005 !ruby/object:Gem::Requirement
78
+ name: rake
79
+ - !ruby/object:Gem::Dependency
80
+ version_requirements: &id005 !ruby/object:Gem::Requirement
83
81
  none: false
84
82
  requirements:
85
83
  - - ">="
@@ -88,12 +86,12 @@ dependencies:
88
86
  segments:
89
87
  - 0
90
88
  version: "0"
89
+ requirement: *id005
91
90
  type: :development
92
- version_requirements: *id005
93
- - !ruby/object:Gem::Dependency
94
- name: rspec
95
91
  prerelease: false
96
- requirement: &id006 !ruby/object:Gem::Requirement
92
+ name: rack-test
93
+ - !ruby/object:Gem::Dependency
94
+ version_requirements: &id006 !ruby/object:Gem::Requirement
97
95
  none: false
98
96
  requirements:
99
97
  - - ~>
@@ -104,12 +102,12 @@ dependencies:
104
102
  - 5
105
103
  - 0
106
104
  version: 2.5.0
105
+ requirement: *id006
107
106
  type: :development
108
- version_requirements: *id006
109
- - !ruby/object:Gem::Dependency
110
- name: webmock
111
107
  prerelease: false
112
- requirement: &id007 !ruby/object:Gem::Requirement
108
+ name: rspec
109
+ - !ruby/object:Gem::Dependency
110
+ version_requirements: &id007 !ruby/object:Gem::Requirement
113
111
  none: false
114
112
  requirements:
115
113
  - - ~>
@@ -120,12 +118,12 @@ dependencies:
120
118
  - 3
121
119
  - 4
122
120
  version: 1.3.4
121
+ requirement: *id007
123
122
  type: :development
124
- version_requirements: *id007
125
- - !ruby/object:Gem::Dependency
126
- name: bundler
127
123
  prerelease: false
128
- requirement: &id008 !ruby/object:Gem::Requirement
124
+ name: webmock
125
+ - !ruby/object:Gem::Dependency
126
+ version_requirements: &id008 !ruby/object:Gem::Requirement
129
127
  none: false
130
128
  requirements:
131
129
  - - ~>
@@ -136,8 +134,10 @@ dependencies:
136
134
  - 0
137
135
  - 0
138
136
  version: 1.0.0
137
+ requirement: *id008
139
138
  type: :development
140
- version_requirements: *id008
139
+ prerelease: false
140
+ name: bundler
141
141
  description: This is an OmniAuth provider for Atlassian Crowd's REST API. It allows you to easily integrate your Rack application in with Atlassian Crowd.
142
142
  email:
143
143
  - rob@innovationontherun.com
@@ -155,13 +155,13 @@ files:
155
155
  - LICENSE.txt
156
156
  - README.rdoc
157
157
  - Rakefile
158
- - VERSION
159
158
  - lib/omniauth/strategies/crowd.rb
160
159
  - lib/omniauth/strategies/crowd/configuration.rb
161
160
  - lib/omniauth/strategies/crowd/crowd_validator.rb
162
161
  - lib/omniauth_crowd.rb
163
162
  - lib/omniauth_crowd/version.rb
164
163
  - omniauth_crowd.gemspec
164
+ - spec/fixtures/groups.xml
165
165
  - spec/fixtures/success.xml
166
166
  - spec/omniauth/strategies/crowd_spec.rb
167
167
  - spec/spec_helper.rb
@@ -199,6 +199,7 @@ signing_key:
199
199
  specification_version: 3
200
200
  summary: An OmniAuth provider for Atlassian Crowd REST API
201
201
  test_files:
202
+ - spec/fixtures/groups.xml
202
203
  - spec/fixtures/success.xml
203
204
  - spec/omniauth/strategies/crowd_spec.rb
204
205
  - spec/spec_helper.rb
data/VERSION DELETED
@@ -1 +0,0 @@
1
- 1.0.1