omniauth_crowd 2.0.1 → 2.1.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (10) hide show
  1. data/Gemfile.lock +10 -10
  2. data/lib/omniauth/strategies/crowd.rb +1 -1
  3. data/lib/omniauth/strategies/crowd/configuration.rb +24 -10
  4. data/lib/omniauth/strategies/crowd/crowd_validator.rb +46 -21
  5. data/lib/omniauth_crowd.rb +0 -1
  6. data/lib/omniauth_crowd/version.rb +1 -1
  7. data/spec/fixtures/groups.xml +8 -0
  8. data/spec/omniauth/strategies/crowd_spec.rb +4 -1
  9. metadata +38 -37
  10. data/VERSION +0 -1
data/Gemfile.lock CHANGED
@@ -1,30 +1,30 @@
1
1
  PATH
2
2
  remote: .
3
3
  specs:
4
- omniauth_crowd (2.0.0)
4
+ omniauth_crowd (2.1.0)
5
5
  nokogiri (>= 1.4.4)
6
6
  omniauth (~> 1.0)
7
7
 
8
8
  GEM
9
9
  remote: http://rubygems.org/
10
10
  specs:
11
- addressable (2.2.4)
12
- crack (0.1.8)
13
- diff-lcs (1.1.2)
11
+ addressable (2.2.7)
12
+ crack (0.3.1)
13
+ diff-lcs (1.1.3)
14
14
  hashie (1.2.0)
15
- nokogiri (1.5.0)
16
- omniauth (1.0.0)
15
+ nokogiri (1.5.2)
16
+ omniauth (1.0.3)
17
17
  hashie (~> 1.2)
18
18
  rack
19
- rack (1.2.2)
20
- rack-test (0.5.7)
19
+ rack (1.4.1)
20
+ rack-test (0.6.1)
21
21
  rack (>= 1.0)
22
- rake (0.8.7)
22
+ rake (0.9.2.2)
23
23
  rspec (2.5.0)
24
24
  rspec-core (~> 2.5.0)
25
25
  rspec-expectations (~> 2.5.0)
26
26
  rspec-mocks (~> 2.5.0)
27
- rspec-core (2.5.1)
27
+ rspec-core (2.5.2)
28
28
  rspec-expectations (2.5.0)
29
29
  diff-lcs (~> 1.1.2)
30
30
  rspec-mocks (2.5.0)
data/lib/omniauth/strategies/crowd.rb CHANGED
@@ -19,7 +19,7 @@ module OmniAuth
19
19
  get_credentials
20
20
  else
21
21
  session['omniauth.crowd'] = {'username' => request['username'], 'password' => request['password']}
22
- redirect callback_path
22
+ redirect callback_url
23
23
  end
24
24
  end
25
25
 
data/lib/omniauth/strategies/crowd/configuration.rb CHANGED
@@ -4,7 +4,12 @@ module OmniAuth
4
4
  module Strategies
5
5
  class Crowd
6
6
  class Configuration
7
- attr_reader :crowd_application_name, :crowd_password
7
+ DEFAULT_AUTHENTICATION_URL = "%s/rest/usermanagement/latest/authentication"
8
+ DEFAULT_USER_GROUP_URL = "%s/rest/usermanagement/latest/user/group/direct"
9
+ attr_reader :crowd_application_name, :crowd_password, :disable_ssl_verification, :include_users_groups
10
+
11
+ alias :"disable_ssl_verification?" :disable_ssl_verification
12
+ alias :"include_users_groups?" :include_users_groups
8
13
 
9
14
  # @param [Hash] params configuration options
10
15
  # @option params [String, nil] :crowd_server_url the Crowd server root URL; probably something like
@@ -15,7 +20,11 @@ module OmniAuth
15
20
  # @option params [String, nil] :application_name the application name specified in Crowd for this application, required.
16
21
  # @option params [String, nil] :application_password the application password specified in Crowd for this application, required.
17
22
  # @option params [Boolean, nil] :disable_ssl_verification disable verification for SSL cert,
18
- # helpful when you developing with a fake cert.
23
+ # helpful when you developing with a fake cert.
24
+ # @option params [Boolean, true] : include a list of user groups when getting information ont he user
25
+ # @option params [String, nil] :crowd_user_group_url (:crowd_server_url + '/rest/usermanagement/latest/user/group/direct') the URL to which to
26
+ # use for retrieving users groups optional if `:crowd_server_url` is specified, or if `:include_user_groups` is false
27
+ # required otherwise.
19
28
  def initialize(params)
20
29
  parse_params params
21
30
  end
@@ -24,31 +33,36 @@ module OmniAuth
24
33
  #
25
34
  # @param [String] username the username to validate
26
35
  #
27
- # @return [String] a URL like `http://cas.mycompany.com/login?service=...`
36
+ # @return [String] a URL like `https://crowd.myhost.com/crowd/rest/usermanagement/latest/authentication?username=USERNAME`
28
37
  def authentication_url(username)
29
38
  append_username @authentication_url, username
30
39
  end
31
-
32
- def disable_ssl_verification?
33
- @disable_ssl_verification
40
+
41
+ def user_group_url(username)
42
+ @user_group_url.nil? ? nil : append_username( @user_group_url, username)
34
43
  end
35
44
 
36
45
  private
37
- DEFAULT_AUTHENTICATION_URL = "%s/rest/usermanagement/latest/authentication"
38
46
  def parse_params(options)
47
+ options= {:include_user_groups => true}.merge(options || {})
39
48
  %w(application_name application_password).each do |opt|
40
- raise ArgumentError.new(":#{opt} MUST be provided") if options[opt.to_sym].blank?
49
+ raise ArgumentError.new(":#{opt} MUST be provided") if options[opt.to_sym] == ""
41
50
  end
42
51
  @crowd_application_name = options[:application_name]
43
52
  @crowd_password = options[:application_password]
44
53
 
45
- unless options.include?(:crowd_server_url) or options.include?(:crowd_authentication_url)
54
+ unless options.include?(:crowd_server_url) || options.include?(:crowd_authentication_url)
46
55
  raise ArgumentError.new("Either :crowd_server_url or :crowd_authentication_url MUST be provided")
47
56
  end
48
57
  @authentication_url = options[:crowd_authentication_url] || DEFAULT_AUTHENTICATION_URL % options[:crowd_server_url]
49
58
  validate_is_url 'authentication URL', @authentication_url
50
-
51
59
  @disable_ssl_verification = options[:disable_ssl_verification]
60
+ @include_users_groups = options[:include_user_groups]
61
+ if @include_users_groups
62
+ @user_group_url = options[:crowd_user_group_url] || DEFAULT_USER_GROUP_URL % options[:crowd_server_url]
63
+ validate_is_url 'user group URL', @user_group_url
64
+ end
65
+
52
66
  end
53
67
 
54
68
  IS_NOT_URL_ERROR_MESSAGE = "%s is not a valid URL"
data/lib/omniauth/strategies/crowd/crowd_validator.rb CHANGED
@@ -6,44 +6,69 @@ module OmniAuth
6
6
  module Strategies
7
7
  class Crowd
8
8
  class CrowdValidator
9
+ AUTHENTICATION_REQUEST_BODY = "<password><value>%s</value></password>"
9
10
  def initialize(configuration, username, password)
10
11
  @configuration, @username, @password = configuration, username, password
11
- @uri = URI.parse(@configuration.authentication_url(@username))
12
+ @authentiction_uri = URI.parse(@configuration.authentication_url(@username))
13
+ @user_group_uri = @configuration.include_users_groups? ? URI.parse(@configuration.user_group_url(@username)) : nil
12
14
  end
13
15
 
14
16
  def user_info
15
- if is_user_authorized?
16
- parse_user_info
17
+ user_info_hash = retrieve_user_info!
18
+ if user_info_hash && @configuration.include_users_groups?
19
+ add_user_groups(user_info_hash)
17
20
  else
18
21
  nil
19
22
  end
20
23
  end
21
24
 
22
25
  private
23
- def parse_user_info
24
- return nil if @body.nil? || @body == ''
25
- doc = Nokogiri::XML(@body)
26
- return nil if doc.nil?
27
- {
28
- "user" => doc.xpath("//user/@name").to_s,
29
- "name" => doc.xpath("//user/display-name/text()").to_s,
30
- "first_name" => doc.xpath("//user/first-name/text()").to_s,
31
- "last_name" => doc.xpath("//user/last-name/text()").to_s,
32
- "email" => doc.xpath("//user/email/text()").to_s
33
- }
26
+ def add_user_groups(user_info_hash)
27
+ response, body = make_user_group_request
28
+ unless response.code.to_i != 200 || body.nil? || body == ''
29
+ doc = Nokogiri::XML(body)
30
+ user_info_hash["groups"] = doc.xpath("//groups/group/@name").map(&:to_s)
31
+ end
32
+ user_info_hash
34
33
  end
35
- AUTHENTICATION_REQUEST_BODY = "<password><value>%s</value></password>"
36
- def is_user_authorized?
37
- http = Net::HTTP.new(@uri.host, @uri.port)
38
- http.use_ssl = @uri.port == 443 || @uri.instance_of?(URI::HTTPS)
34
+
35
+ def retrieve_user_info!
36
+ response, body = make_authorization_request
37
+ unless response.code.to_i != 200 || body.nil? || body == ''
38
+ doc = Nokogiri::XML(body)
39
+ {
40
+ "user" => doc.xpath("//user/@name").to_s,
41
+ "name" => doc.xpath("//user/display-name/text()").to_s,
42
+ "first_name" => doc.xpath("//user/first-name/text()").to_s,
43
+ "last_name" => doc.xpath("//user/last-name/text()").to_s,
44
+ "email" => doc.xpath("//user/email/text()").to_s
45
+ }
46
+ else
47
+ nil
48
+ end
49
+ end
50
+
51
+ def make_user_group_request
52
+ http = Net::HTTP.new(@user_group_uri.host, @user_group_uri.port)
53
+ http.use_ssl = @user_group_uri.port == 443 || @user_group_uri.instance_of?(URI::HTTPS)
54
+ http.verify_mode = OpenSSL::SSL::VERIFY_NONE if http.use_ssl? && @configuration.disable_ssl_verification?
55
+ http.start do |c|
56
+ req = Net::HTTP::Get.new("#{@user_group_uri.path}?#{@user_group_uri.query}")
57
+ req.basic_auth @configuration.crowd_application_name, @configuration.crowd_password
58
+ http.request(req)
59
+ end
60
+ end
61
+
62
+ def make_authorization_request
63
+ http = Net::HTTP.new(@authentiction_uri.host, @authentiction_uri.port)
64
+ http.use_ssl = @authentiction_uri.port == 443 || @authentiction_uri.instance_of?(URI::HTTPS)
39
65
  http.verify_mode = OpenSSL::SSL::VERIFY_NONE if http.use_ssl? && @configuration.disable_ssl_verification?
40
66
  http.start do |c|
41
- req = Net::HTTP::Post.new("#{@uri.path}?#{@uri.query}")
67
+ req = Net::HTTP::Post.new("#{@authentiction_uri.path}?#{@authentiction_uri.query}")
42
68
  req.body = AUTHENTICATION_REQUEST_BODY % @password
43
69
  req.basic_auth @configuration.crowd_application_name, @configuration.crowd_password
44
70
  req.add_field 'Content-Type', 'text/xml'
45
- @response, @body = http.request(req)
46
- @response.code.to_i == 200
71
+ http.request(req)
47
72
  end
48
73
  end
49
74
  end
data/lib/omniauth_crowd.rb CHANGED
@@ -1,2 +1 @@
1
- require "omniauth_crowd/version"
2
1
  require 'omniauth/strategies/crowd'
data/lib/omniauth_crowd/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  module OmniAuth
2
2
  module Crowd
3
- VERSION = "2.0.1"
3
+ VERSION = "2.1.0"
4
4
  end
5
5
  end
data/spec/fixtures/groups.xml ADDED
@@ -0,0 +1,8 @@
1
+ <groups expand="group">
2
+ <group name="Developers">
3
+ <link rel="self" href="http://crowd.bogus.com/crowd/rest/usermanagement/latest/group?groupname=Developers"/>
4
+ </group>
5
+ <group name="jira-users">
6
+ <link rel="self" href="http://crowd.bogus.com/crowd/rest/usermanagement/latest/group?groupname=jira-users"/>
7
+ </group>
8
+ </groups>
data/spec/omniauth/strategies/crowd_spec.rb CHANGED
@@ -26,7 +26,7 @@ describe OmniAuth::Strategies::Crowd, :type=>:strategy do
26
26
 
27
27
  it 'should redirect to callback' do
28
28
  last_response.should be_redirect
29
- last_response.headers['Location'].should == '/auth/crowd/callback'
29
+ last_response.headers['Location'].should == 'http://example.org/auth/crowd/callback'
30
30
  end
31
31
  end
32
32
 
@@ -44,6 +44,8 @@ describe OmniAuth::Strategies::Crowd, :type=>:strategy do
44
44
  before do
45
45
  stub_request(:post, "https://bogus_app:bogus_app_password@crowd.example.org/rest/usermanagement/latest/authentication?username=foo").
46
46
  to_return(:body => File.read(File.join(File.dirname(__FILE__), '..', '..', 'fixtures', 'success.xml')))
47
+ stub_request(:get, "https://bogus_app:bogus_app_password@crowd.example.org/rest/usermanagement/latest/user/group/direct?username=foo").
48
+ to_return(:body => File.read(File.join(File.dirname(__FILE__), '..', '..', 'fixtures', 'groups.xml')))
47
49
  get '/auth/crowd/callback', nil, 'rack.session'=>{'omniauth.crowd'=> {"username"=>"foo", "password"=>"ba"}}
48
50
  end
49
51
  it 'should call through to the master app' do
@@ -57,6 +59,7 @@ describe OmniAuth::Strategies::Crowd, :type=>:strategy do
57
59
  auth = last_request.env['omniauth.auth']['provider'].should == :crowd
58
60
  auth = last_request.env['omniauth.auth']['uid'].should == 'foo'
59
61
  auth = last_request.env['omniauth.auth']['user_info'].should be_kind_of(Hash)
62
+ auth = last_request.env['omniauth.auth']['user_info']['groups'].sort.should == ["Developers", "jira-users"].sort
60
63
  end
61
64
  end
62
65
 
metadata CHANGED
@@ -1,13 +1,13 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: omniauth_crowd
3
3
  version: !ruby/object:Gem::Version
4
- hash: 13
4
+ hash: 11
5
5
  prerelease:
6
6
  segments:
7
7
  - 2
8
- - 0
9
8
  - 1
10
- version: 2.0.1
9
+ - 0
10
+ version: 2.1.0
11
11
  platform: ruby
12
12
  authors:
13
13
  - Robert Di Marco
@@ -15,12 +15,10 @@ autorequire:
15
15
  bindir: bin
16
16
  cert_chain: []
17
17
 
18
- date: 2011-11-23 00:00:00 Z
18
+ date: 2012-03-24 00:00:00 Z
19
19
  dependencies:
20
20
  - !ruby/object:Gem::Dependency
21
- name: omniauth
22
- prerelease: false
23
- requirement: &id001 !ruby/object:Gem::Requirement
21
+ version_requirements: &id001 !ruby/object:Gem::Requirement
24
22
  none: false
25
23
  requirements:
26
24
  - - ~>
@@ -30,12 +28,12 @@ dependencies:
30
28
  - 1
31
29
  - 0
32
30
  version: "1.0"
31
+ requirement: *id001
33
32
  type: :runtime
34
- version_requirements: *id001
35
- - !ruby/object:Gem::Dependency
36
- name: nokogiri
37
33
  prerelease: false
38
- requirement: &id002 !ruby/object:Gem::Requirement
34
+ name: omniauth
35
+ - !ruby/object:Gem::Dependency
36
+ version_requirements: &id002 !ruby/object:Gem::Requirement
39
37
  none: false
40
38
  requirements:
41
39
  - - ">="
@@ -46,12 +44,12 @@ dependencies:
46
44
  - 4
47
45
  - 4
48
46
  version: 1.4.4
47
+ requirement: *id002
49
48
  type: :runtime
50
- version_requirements: *id002
51
- - !ruby/object:Gem::Dependency
52
- name: rack
53
49
  prerelease: false
54
- requirement: &id003 !ruby/object:Gem::Requirement
50
+ name: nokogiri
51
+ - !ruby/object:Gem::Dependency
52
+ version_requirements: &id003 !ruby/object:Gem::Requirement
55
53
  none: false
56
54
  requirements:
57
55
  - - ">="
@@ -60,12 +58,12 @@ dependencies:
60
58
  segments:
61
59
  - 0
62
60
  version: "0"
61
+ requirement: *id003
63
62
  type: :development
64
- version_requirements: *id003
65
- - !ruby/object:Gem::Dependency
66
- name: rake
67
63
  prerelease: false
68
- requirement: &id004 !ruby/object:Gem::Requirement
64
+ name: rack
65
+ - !ruby/object:Gem::Dependency
66
+ version_requirements: &id004 !ruby/object:Gem::Requirement
69
67
  none: false
70
68
  requirements:
71
69
  - - ">="
@@ -74,12 +72,12 @@ dependencies:
74
72
  segments:
75
73
  - 0
76
74
  version: "0"
75
+ requirement: *id004
77
76
  type: :development
78
- version_requirements: *id004
79
- - !ruby/object:Gem::Dependency
80
- name: rack-test
81
77
  prerelease: false
82
- requirement: &id005 !ruby/object:Gem::Requirement
78
+ name: rake
79
+ - !ruby/object:Gem::Dependency
80
+ version_requirements: &id005 !ruby/object:Gem::Requirement
83
81
  none: false
84
82
  requirements:
85
83
  - - ">="
@@ -88,12 +86,12 @@ dependencies:
88
86
  segments:
89
87
  - 0
90
88
  version: "0"
89
+ requirement: *id005
91
90
  type: :development
92
- version_requirements: *id005
93
- - !ruby/object:Gem::Dependency
94
- name: rspec
95
91
  prerelease: false
96
- requirement: &id006 !ruby/object:Gem::Requirement
92
+ name: rack-test
93
+ - !ruby/object:Gem::Dependency
94
+ version_requirements: &id006 !ruby/object:Gem::Requirement
97
95
  none: false
98
96
  requirements:
99
97
  - - ~>
@@ -104,12 +102,12 @@ dependencies:
104
102
  - 5
105
103
  - 0
106
104
  version: 2.5.0
105
+ requirement: *id006
107
106
  type: :development
108
- version_requirements: *id006
109
- - !ruby/object:Gem::Dependency
110
- name: webmock
111
107
  prerelease: false
112
- requirement: &id007 !ruby/object:Gem::Requirement
108
+ name: rspec
109
+ - !ruby/object:Gem::Dependency
110
+ version_requirements: &id007 !ruby/object:Gem::Requirement
113
111
  none: false
114
112
  requirements:
115
113
  - - ~>
@@ -120,12 +118,12 @@ dependencies:
120
118
  - 3
121
119
  - 4
122
120
  version: 1.3.4
121
+ requirement: *id007
123
122
  type: :development
124
- version_requirements: *id007
125
- - !ruby/object:Gem::Dependency
126
- name: bundler
127
123
  prerelease: false
128
- requirement: &id008 !ruby/object:Gem::Requirement
124
+ name: webmock
125
+ - !ruby/object:Gem::Dependency
126
+ version_requirements: &id008 !ruby/object:Gem::Requirement
129
127
  none: false
130
128
  requirements:
131
129
  - - ~>
@@ -136,8 +134,10 @@ dependencies:
136
134
  - 0
137
135
  - 0
138
136
  version: 1.0.0
137
+ requirement: *id008
139
138
  type: :development
140
- version_requirements: *id008
139
+ prerelease: false
140
+ name: bundler
141
141
  description: This is an OmniAuth provider for Atlassian Crowd's REST API. It allows you to easily integrate your Rack application in with Atlassian Crowd.
142
142
  email:
143
143
  - rob@innovationontherun.com
@@ -155,13 +155,13 @@ files:
155
155
  - LICENSE.txt
156
156
  - README.rdoc
157
157
  - Rakefile
158
- - VERSION
159
158
  - lib/omniauth/strategies/crowd.rb
160
159
  - lib/omniauth/strategies/crowd/configuration.rb
161
160
  - lib/omniauth/strategies/crowd/crowd_validator.rb
162
161
  - lib/omniauth_crowd.rb
163
162
  - lib/omniauth_crowd/version.rb
164
163
  - omniauth_crowd.gemspec
164
+ - spec/fixtures/groups.xml
165
165
  - spec/fixtures/success.xml
166
166
  - spec/omniauth/strategies/crowd_spec.rb
167
167
  - spec/spec_helper.rb
@@ -199,6 +199,7 @@ signing_key:
199
199
  specification_version: 3
200
200
  summary: An OmniAuth provider for Atlassian Crowd REST API
201
201
  test_files:
202
+ - spec/fixtures/groups.xml
202
203
  - spec/fixtures/success.xml
203
204
  - spec/omniauth/strategies/crowd_spec.rb
204
205
  - spec/spec_helper.rb
data/VERSION DELETED
@@ -1 +0,0 @@
1
- 1.0.1