omniauth_crowd 2.1.2 → 2.1.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/Gemfile.lock +14 -10
- data/lib/omniauth/strategies/crowd/crowd_validator.rb +14 -13
- data/lib/omniauth_crowd/version.rb +1 -1
- data/spec/omniauth/strategies/crowd_spec.rb +51 -33
- metadata +4 -4
data/Gemfile.lock
CHANGED
|
@@ -1,25 +1,28 @@
|
|
|
1
1
|
PATH
|
|
2
2
|
remote: .
|
|
3
3
|
specs:
|
|
4
|
-
omniauth_crowd (2.1.
|
|
4
|
+
omniauth_crowd (2.1.3)
|
|
5
5
|
nokogiri (>= 1.4.4)
|
|
6
6
|
omniauth (~> 1.0)
|
|
7
7
|
|
|
8
8
|
GEM
|
|
9
9
|
remote: http://rubygems.org/
|
|
10
10
|
specs:
|
|
11
|
-
addressable (2.
|
|
12
|
-
crack (0.
|
|
11
|
+
addressable (2.3.5)
|
|
12
|
+
crack (0.4.1)
|
|
13
|
+
safe_yaml (~> 0.9.0)
|
|
13
14
|
diff-lcs (1.1.3)
|
|
14
|
-
hashie (
|
|
15
|
-
|
|
16
|
-
|
|
17
|
-
|
|
15
|
+
hashie (2.0.5)
|
|
16
|
+
mini_portile (0.5.1)
|
|
17
|
+
nokogiri (1.6.0)
|
|
18
|
+
mini_portile (~> 0.5.0)
|
|
19
|
+
omniauth (1.1.4)
|
|
20
|
+
hashie (>= 1.2, < 3)
|
|
18
21
|
rack
|
|
19
|
-
rack (1.
|
|
20
|
-
rack-test (0.6.
|
|
22
|
+
rack (1.5.2)
|
|
23
|
+
rack-test (0.6.2)
|
|
21
24
|
rack (>= 1.0)
|
|
22
|
-
rake (
|
|
25
|
+
rake (10.1.0)
|
|
23
26
|
rspec (2.5.0)
|
|
24
27
|
rspec-core (~> 2.5.0)
|
|
25
28
|
rspec-expectations (~> 2.5.0)
|
|
@@ -28,6 +31,7 @@ GEM
|
|
|
28
31
|
rspec-expectations (2.5.0)
|
|
29
32
|
diff-lcs (~> 1.1.2)
|
|
30
33
|
rspec-mocks (2.5.0)
|
|
34
|
+
safe_yaml (0.9.5)
|
|
31
35
|
webmock (1.3.5)
|
|
32
36
|
addressable (>= 2.1.1)
|
|
33
37
|
crack (>= 0.1.7)
|
|
@@ -1,16 +1,17 @@
|
|
|
1
1
|
require 'nokogiri'
|
|
2
2
|
require 'net/http'
|
|
3
3
|
require 'net/https'
|
|
4
|
-
require 'rexml/text'
|
|
5
4
|
|
|
6
5
|
module OmniAuth
|
|
7
6
|
module Strategies
|
|
8
7
|
class Crowd
|
|
9
8
|
class CrowdValidator
|
|
10
|
-
SESSION_REQUEST_BODY =
|
|
11
|
-
|
|
12
|
-
|
|
13
|
-
|
|
9
|
+
SESSION_REQUEST_BODY = <<-BODY.strip
|
|
10
|
+
<authentication-context>
|
|
11
|
+
<username>%s</username>
|
|
12
|
+
<password>%s</password>
|
|
13
|
+
</authentication-context>
|
|
14
|
+
BODY
|
|
14
15
|
AUTHENTICATION_REQUEST_BODY = "<password><value>%s</value></password>"
|
|
15
16
|
def initialize(configuration, username, password)
|
|
16
17
|
@configuration, @username, @password = configuration, username, password
|
|
@@ -49,16 +50,16 @@ module OmniAuth
|
|
|
49
50
|
|
|
50
51
|
def add_user_groups!(user_info_hash)
|
|
51
52
|
response = make_user_group_request
|
|
52
|
-
unless response.code.to_i != 200 || response.body.nil? || response.body == ''
|
|
53
|
+
unless response.code.to_i != 200 || response.body.nil? || response.body == ''
|
|
53
54
|
doc = Nokogiri::XML(response.body)
|
|
54
55
|
user_info_hash["groups"] = doc.xpath("//groups/group/@name").map(&:to_s)
|
|
55
56
|
end
|
|
56
57
|
user_info_hash
|
|
57
58
|
end
|
|
58
|
-
|
|
59
|
+
|
|
59
60
|
def retrieve_user_info!
|
|
60
61
|
response = make_authorization_request
|
|
61
|
-
unless response.code.to_i != 200 || response.body.nil? || response.body == ''
|
|
62
|
+
unless response.code.to_i != 200 || response.body.nil? || response.body == ''
|
|
62
63
|
doc = Nokogiri::XML(response.body)
|
|
63
64
|
{
|
|
64
65
|
"user" => doc.xpath("//user/@name").to_s,
|
|
@@ -87,12 +88,12 @@ module OmniAuth
|
|
|
87
88
|
http.request(req)
|
|
88
89
|
end
|
|
89
90
|
end
|
|
90
|
-
|
|
91
|
+
|
|
91
92
|
def make_user_group_request
|
|
92
93
|
make_request(@user_group_uri)
|
|
93
94
|
end
|
|
94
95
|
|
|
95
|
-
def make_authorization_request
|
|
96
|
+
def make_authorization_request
|
|
96
97
|
make_request(@authentiction_uri, make_authentication_request_body(@password))
|
|
97
98
|
end
|
|
98
99
|
|
|
@@ -104,14 +105,14 @@ module OmniAuth
|
|
|
104
105
|
def make_authentication_request_body(password)
|
|
105
106
|
request_body = Nokogiri::XML(AUTHENTICATION_REQUEST_BODY)
|
|
106
107
|
password_value = request_body.at_css "value"
|
|
107
|
-
password_value.content =
|
|
108
|
+
password_value.content = password
|
|
108
109
|
return request_body.root.to_s # return the body without the xml header
|
|
109
110
|
end
|
|
110
111
|
|
|
111
112
|
def make_session_request_body(username,password)
|
|
112
113
|
request_body = Nokogiri::XML(SESSION_REQUEST_BODY)
|
|
113
|
-
request_body.at_css("username").content =
|
|
114
|
-
request_body.at_css("password").content =
|
|
114
|
+
request_body.at_css("username").content = username
|
|
115
|
+
request_body.at_css("password").content = password
|
|
115
116
|
return request_body.root.to_s
|
|
116
117
|
end
|
|
117
118
|
end
|
|
@@ -1,5 +1,4 @@
|
|
|
1
1
|
require File.dirname(__FILE__) + '/../../spec_helper'
|
|
2
|
-
require 'nokogiri'
|
|
3
2
|
|
|
4
3
|
describe OmniAuth::Strategies::Crowd, :type=>:strategy do
|
|
5
4
|
include OmniAuth::Test::StrategyTestCase
|
|
@@ -8,12 +7,60 @@ describe OmniAuth::Strategies::Crowd, :type=>:strategy do
|
|
|
8
7
|
@crowd_server_url ||= 'https://crowd.example.org'
|
|
9
8
|
@application_name ||= 'bogus_app'
|
|
10
9
|
@application_password ||= 'bogus_app_password'
|
|
11
|
-
[OmniAuth::Strategies::Crowd, {:crowd_server_url => @crowd_server_url,
|
|
10
|
+
[OmniAuth::Strategies::Crowd, {:crowd_server_url => @crowd_server_url,
|
|
12
11
|
:application_name => @application_name,
|
|
13
12
|
:application_password => @application_password,
|
|
14
13
|
:use_sessions => @use_sessions}]
|
|
15
14
|
end
|
|
16
15
|
|
|
16
|
+
describe 'Authentication Request Body' do
|
|
17
|
+
before do
|
|
18
|
+
config = OmniAuth::Strategies::Crowd::Configuration.new(strategy[1])
|
|
19
|
+
@validator = OmniAuth::Strategies::Crowd::CrowdValidator.new(config, 'foo', 'bar')
|
|
20
|
+
end
|
|
21
|
+
|
|
22
|
+
it 'should send password in session request' do
|
|
23
|
+
@validator.send(:make_authentication_request_body, 'bar').should == <<-BODY.strip
|
|
24
|
+
<password>
|
|
25
|
+
<value>bar</value>
|
|
26
|
+
</password>
|
|
27
|
+
BODY
|
|
28
|
+
end
|
|
29
|
+
|
|
30
|
+
it 'should escape special characters username and password in session request' do
|
|
31
|
+
@validator.send(:make_authentication_request_body, 'bar<').should == <<-BODY.strip
|
|
32
|
+
<password>
|
|
33
|
+
<value>bar<</value>
|
|
34
|
+
</password>
|
|
35
|
+
BODY
|
|
36
|
+
end
|
|
37
|
+
end
|
|
38
|
+
|
|
39
|
+
describe 'Session Request Body' do
|
|
40
|
+
before do
|
|
41
|
+
config = OmniAuth::Strategies::Crowd::Configuration.new(strategy[1])
|
|
42
|
+
@validator = OmniAuth::Strategies::Crowd::CrowdValidator.new(config, 'foo', 'bar')
|
|
43
|
+
end
|
|
44
|
+
|
|
45
|
+
it 'should send username and password in session request' do
|
|
46
|
+
@validator.send(:make_session_request_body, 'foo', 'bar').should == <<-BODY.strip
|
|
47
|
+
<authentication-context>
|
|
48
|
+
<username>foo</username>
|
|
49
|
+
<password>bar</password>
|
|
50
|
+
</authentication-context>
|
|
51
|
+
BODY
|
|
52
|
+
end
|
|
53
|
+
|
|
54
|
+
it 'should escape special characters username and password in session request' do
|
|
55
|
+
@validator.send(:make_session_request_body, 'foo', 'bar<').should == <<-BODY.strip
|
|
56
|
+
<authentication-context>
|
|
57
|
+
<username>foo</username>
|
|
58
|
+
<password>bar<</password>
|
|
59
|
+
</authentication-context>
|
|
60
|
+
BODY
|
|
61
|
+
end
|
|
62
|
+
end
|
|
63
|
+
|
|
17
64
|
describe 'GET /auth/crowd' do
|
|
18
65
|
before do
|
|
19
66
|
get '/auth/crowd'
|
|
@@ -69,18 +116,6 @@ describe OmniAuth::Strategies::Crowd, :type=>:strategy do
|
|
|
69
116
|
end
|
|
70
117
|
end
|
|
71
118
|
|
|
72
|
-
context "when using authentication endpoint with special characters" do
|
|
73
|
-
before do
|
|
74
|
-
stub_request(:post, "https://bogus_app:bogus_app_password@crowd.example.org/rest/usermanagement/latest/authentication?username=foo")
|
|
75
|
-
get '/auth/crowd/callback', nil, 'rack.session'=>{'omniauth.crowd'=> {"username"=>"foo", "password"=>"bar&<xml>"}}
|
|
76
|
-
end
|
|
77
|
-
|
|
78
|
-
it 'should escape special characters' do
|
|
79
|
-
WebMock.should have_requested(:post, 'https://bogus_app:bogus_app_password@crowd.example.org/rest/usermanagement/latest/authentication?username=foo').
|
|
80
|
-
with { |req| Nokogiri::XML(req.body).at_css("value").content == 'bar&<xml>' }
|
|
81
|
-
end
|
|
82
|
-
end
|
|
83
|
-
|
|
84
119
|
context "when using session endpoint" do
|
|
85
120
|
before do
|
|
86
121
|
@use_sessions = true
|
|
@@ -100,12 +135,12 @@ describe OmniAuth::Strategies::Crowd, :type=>:strategy do
|
|
|
100
135
|
it 'should call through to the master app' do
|
|
101
136
|
last_response.body.should == 'true'
|
|
102
137
|
end
|
|
103
|
-
|
|
138
|
+
|
|
104
139
|
it 'should have an auth hash' do
|
|
105
140
|
auth = last_request.env['omniauth.auth']
|
|
106
141
|
auth.should be_kind_of(Hash)
|
|
107
142
|
end
|
|
108
|
-
|
|
143
|
+
|
|
109
144
|
it 'should have good data' do
|
|
110
145
|
auth = last_request.env['omniauth.auth']['provider'].should == :crowd
|
|
111
146
|
auth = last_request.env['omniauth.auth']['uid'].should == 'foo'
|
|
@@ -116,23 +151,6 @@ describe OmniAuth::Strategies::Crowd, :type=>:strategy do
|
|
|
116
151
|
end
|
|
117
152
|
end
|
|
118
153
|
|
|
119
|
-
context "when using session endpoint with special characters" do
|
|
120
|
-
before do
|
|
121
|
-
@use_sessions = true
|
|
122
|
-
stub_request(:post, "https://bogus_app:bogus_app_password@crowd.example.org/rest/usermanagement/latest/authentication?username=foo%26%3Cxml%3E").
|
|
123
|
-
to_return(:body => File.read(File.join(File.dirname(__FILE__), '..', '..', 'fixtures', 'success.xml')))
|
|
124
|
-
stub_request(:post, "https://bogus_app:bogus_app_password@crowd.example.org/rest/usermanagement/latest/session").
|
|
125
|
-
to_return(:status => 201, :body => File.read(File.join(File.dirname(__FILE__), '..', '..', 'fixtures', 'session.xml')))
|
|
126
|
-
stub_request(:get, "https://bogus_app:bogus_app_password@crowd.example.org/rest/usermanagement/latest/user/group/direct?username=foo%26%3Cxml%3E").
|
|
127
|
-
to_return(:body => File.read(File.join(File.dirname(__FILE__), '..', '..', 'fixtures', 'groups.xml')))
|
|
128
|
-
get '/auth/crowd/callback', nil, 'rack.session'=>{'omniauth.crowd'=> {"username"=>"foo&<xml>", "password"=>"bar&<xml>"}}
|
|
129
|
-
end
|
|
130
|
-
it 'should escape special characters' do
|
|
131
|
-
WebMock.should have_requested(:post, 'https://bogus_app:bogus_app_password@crowd.example.org/rest/usermanagement/latest/session').
|
|
132
|
-
with { |req| Nokogiri::XML(req.body).at_css("username").content == 'foo&<xml>' and Nokogiri::XML(req.body).at_css("password").content == 'bar&<xml>' }
|
|
133
|
-
end
|
|
134
|
-
end
|
|
135
|
-
|
|
136
154
|
describe 'GET /auth/crowd/callback with credentials will fail' do
|
|
137
155
|
before do
|
|
138
156
|
stub_request(:post, "https://bogus_app:bogus_app_password@crowd.example.org/rest/usermanagement/latest/authentication?username=foo").
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: omniauth_crowd
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 2.1.
|
|
4
|
+
version: 2.1.3
|
|
5
5
|
prerelease:
|
|
6
6
|
platform: ruby
|
|
7
7
|
authors:
|
|
@@ -9,7 +9,7 @@ authors:
|
|
|
9
9
|
autorequire:
|
|
10
10
|
bindir: bin
|
|
11
11
|
cert_chain: []
|
|
12
|
-
date: 2013-08-
|
|
12
|
+
date: 2013-08-18 00:00:00.000000000 Z
|
|
13
13
|
dependencies:
|
|
14
14
|
- !ruby/object:Gem::Dependency
|
|
15
15
|
name: omniauth
|
|
@@ -179,7 +179,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
|
179
179
|
version: '0'
|
|
180
180
|
segments:
|
|
181
181
|
- 0
|
|
182
|
-
hash:
|
|
182
|
+
hash: -1757168840233326872
|
|
183
183
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
184
184
|
none: false
|
|
185
185
|
requirements:
|
|
@@ -188,7 +188,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
188
188
|
version: '0'
|
|
189
189
|
segments:
|
|
190
190
|
- 0
|
|
191
|
-
hash:
|
|
191
|
+
hash: -1757168840233326872
|
|
192
192
|
requirements: []
|
|
193
193
|
rubyforge_project:
|
|
194
194
|
rubygems_version: 1.8.25
|