omniauth_crowd 2.0.1 → 2.1.0
Sign up to get free protection for your applications and to get access to all the features.
- data/Gemfile.lock +10 -10
- data/lib/omniauth/strategies/crowd.rb +1 -1
- data/lib/omniauth/strategies/crowd/configuration.rb +24 -10
- data/lib/omniauth/strategies/crowd/crowd_validator.rb +46 -21
- data/lib/omniauth_crowd.rb +0 -1
- data/lib/omniauth_crowd/version.rb +1 -1
- data/spec/fixtures/groups.xml +8 -0
- data/spec/omniauth/strategies/crowd_spec.rb +4 -1
- metadata +38 -37
- data/VERSION +0 -1
data/Gemfile.lock
CHANGED
@@ -1,30 +1,30 @@
|
|
1
1
|
PATH
|
2
2
|
remote: .
|
3
3
|
specs:
|
4
|
-
omniauth_crowd (2.
|
4
|
+
omniauth_crowd (2.1.0)
|
5
5
|
nokogiri (>= 1.4.4)
|
6
6
|
omniauth (~> 1.0)
|
7
7
|
|
8
8
|
GEM
|
9
9
|
remote: http://rubygems.org/
|
10
10
|
specs:
|
11
|
-
addressable (2.2.
|
12
|
-
crack (0.1
|
13
|
-
diff-lcs (1.1.
|
11
|
+
addressable (2.2.7)
|
12
|
+
crack (0.3.1)
|
13
|
+
diff-lcs (1.1.3)
|
14
14
|
hashie (1.2.0)
|
15
|
-
nokogiri (1.5.
|
16
|
-
omniauth (1.0.
|
15
|
+
nokogiri (1.5.2)
|
16
|
+
omniauth (1.0.3)
|
17
17
|
hashie (~> 1.2)
|
18
18
|
rack
|
19
|
-
rack (1.
|
20
|
-
rack-test (0.
|
19
|
+
rack (1.4.1)
|
20
|
+
rack-test (0.6.1)
|
21
21
|
rack (>= 1.0)
|
22
|
-
rake (0.
|
22
|
+
rake (0.9.2.2)
|
23
23
|
rspec (2.5.0)
|
24
24
|
rspec-core (~> 2.5.0)
|
25
25
|
rspec-expectations (~> 2.5.0)
|
26
26
|
rspec-mocks (~> 2.5.0)
|
27
|
-
rspec-core (2.5.
|
27
|
+
rspec-core (2.5.2)
|
28
28
|
rspec-expectations (2.5.0)
|
29
29
|
diff-lcs (~> 1.1.2)
|
30
30
|
rspec-mocks (2.5.0)
|
@@ -4,7 +4,12 @@ module OmniAuth
|
|
4
4
|
module Strategies
|
5
5
|
class Crowd
|
6
6
|
class Configuration
|
7
|
-
|
7
|
+
DEFAULT_AUTHENTICATION_URL = "%s/rest/usermanagement/latest/authentication"
|
8
|
+
DEFAULT_USER_GROUP_URL = "%s/rest/usermanagement/latest/user/group/direct"
|
9
|
+
attr_reader :crowd_application_name, :crowd_password, :disable_ssl_verification, :include_users_groups
|
10
|
+
|
11
|
+
alias :"disable_ssl_verification?" :disable_ssl_verification
|
12
|
+
alias :"include_users_groups?" :include_users_groups
|
8
13
|
|
9
14
|
# @param [Hash] params configuration options
|
10
15
|
# @option params [String, nil] :crowd_server_url the Crowd server root URL; probably something like
|
@@ -15,7 +20,11 @@ module OmniAuth
|
|
15
20
|
# @option params [String, nil] :application_name the application name specified in Crowd for this application, required.
|
16
21
|
# @option params [String, nil] :application_password the application password specified in Crowd for this application, required.
|
17
22
|
# @option params [Boolean, nil] :disable_ssl_verification disable verification for SSL cert,
|
18
|
-
#
|
23
|
+
# helpful when you developing with a fake cert.
|
24
|
+
# @option params [Boolean, true] : include a list of user groups when getting information ont he user
|
25
|
+
# @option params [String, nil] :crowd_user_group_url (:crowd_server_url + '/rest/usermanagement/latest/user/group/direct') the URL to which to
|
26
|
+
# use for retrieving users groups optional if `:crowd_server_url` is specified, or if `:include_user_groups` is false
|
27
|
+
# required otherwise.
|
19
28
|
def initialize(params)
|
20
29
|
parse_params params
|
21
30
|
end
|
@@ -24,31 +33,36 @@ module OmniAuth
|
|
24
33
|
#
|
25
34
|
# @param [String] username the username to validate
|
26
35
|
#
|
27
|
-
# @return [String] a URL like `
|
36
|
+
# @return [String] a URL like `https://crowd.myhost.com/crowd/rest/usermanagement/latest/authentication?username=USERNAME`
|
28
37
|
def authentication_url(username)
|
29
38
|
append_username @authentication_url, username
|
30
39
|
end
|
31
|
-
|
32
|
-
def
|
33
|
-
@
|
40
|
+
|
41
|
+
def user_group_url(username)
|
42
|
+
@user_group_url.nil? ? nil : append_username( @user_group_url, username)
|
34
43
|
end
|
35
44
|
|
36
45
|
private
|
37
|
-
DEFAULT_AUTHENTICATION_URL = "%s/rest/usermanagement/latest/authentication"
|
38
46
|
def parse_params(options)
|
47
|
+
options= {:include_user_groups => true}.merge(options || {})
|
39
48
|
%w(application_name application_password).each do |opt|
|
40
|
-
raise ArgumentError.new(":#{opt} MUST be provided") if options[opt.to_sym]
|
49
|
+
raise ArgumentError.new(":#{opt} MUST be provided") if options[opt.to_sym] == ""
|
41
50
|
end
|
42
51
|
@crowd_application_name = options[:application_name]
|
43
52
|
@crowd_password = options[:application_password]
|
44
53
|
|
45
|
-
unless options.include?(:crowd_server_url)
|
54
|
+
unless options.include?(:crowd_server_url) || options.include?(:crowd_authentication_url)
|
46
55
|
raise ArgumentError.new("Either :crowd_server_url or :crowd_authentication_url MUST be provided")
|
47
56
|
end
|
48
57
|
@authentication_url = options[:crowd_authentication_url] || DEFAULT_AUTHENTICATION_URL % options[:crowd_server_url]
|
49
58
|
validate_is_url 'authentication URL', @authentication_url
|
50
|
-
|
51
59
|
@disable_ssl_verification = options[:disable_ssl_verification]
|
60
|
+
@include_users_groups = options[:include_user_groups]
|
61
|
+
if @include_users_groups
|
62
|
+
@user_group_url = options[:crowd_user_group_url] || DEFAULT_USER_GROUP_URL % options[:crowd_server_url]
|
63
|
+
validate_is_url 'user group URL', @user_group_url
|
64
|
+
end
|
65
|
+
|
52
66
|
end
|
53
67
|
|
54
68
|
IS_NOT_URL_ERROR_MESSAGE = "%s is not a valid URL"
|
@@ -6,44 +6,69 @@ module OmniAuth
|
|
6
6
|
module Strategies
|
7
7
|
class Crowd
|
8
8
|
class CrowdValidator
|
9
|
+
AUTHENTICATION_REQUEST_BODY = "<password><value>%s</value></password>"
|
9
10
|
def initialize(configuration, username, password)
|
10
11
|
@configuration, @username, @password = configuration, username, password
|
11
|
-
@
|
12
|
+
@authentiction_uri = URI.parse(@configuration.authentication_url(@username))
|
13
|
+
@user_group_uri = @configuration.include_users_groups? ? URI.parse(@configuration.user_group_url(@username)) : nil
|
12
14
|
end
|
13
15
|
|
14
16
|
def user_info
|
15
|
-
|
16
|
-
|
17
|
+
user_info_hash = retrieve_user_info!
|
18
|
+
if user_info_hash && @configuration.include_users_groups?
|
19
|
+
add_user_groups(user_info_hash)
|
17
20
|
else
|
18
21
|
nil
|
19
22
|
end
|
20
23
|
end
|
21
24
|
|
22
25
|
private
|
23
|
-
def
|
24
|
-
|
25
|
-
|
26
|
-
|
27
|
-
|
28
|
-
|
29
|
-
|
30
|
-
"first_name" => doc.xpath("//user/first-name/text()").to_s,
|
31
|
-
"last_name" => doc.xpath("//user/last-name/text()").to_s,
|
32
|
-
"email" => doc.xpath("//user/email/text()").to_s
|
33
|
-
}
|
26
|
+
def add_user_groups(user_info_hash)
|
27
|
+
response, body = make_user_group_request
|
28
|
+
unless response.code.to_i != 200 || body.nil? || body == ''
|
29
|
+
doc = Nokogiri::XML(body)
|
30
|
+
user_info_hash["groups"] = doc.xpath("//groups/group/@name").map(&:to_s)
|
31
|
+
end
|
32
|
+
user_info_hash
|
34
33
|
end
|
35
|
-
|
36
|
-
def
|
37
|
-
|
38
|
-
|
34
|
+
|
35
|
+
def retrieve_user_info!
|
36
|
+
response, body = make_authorization_request
|
37
|
+
unless response.code.to_i != 200 || body.nil? || body == ''
|
38
|
+
doc = Nokogiri::XML(body)
|
39
|
+
{
|
40
|
+
"user" => doc.xpath("//user/@name").to_s,
|
41
|
+
"name" => doc.xpath("//user/display-name/text()").to_s,
|
42
|
+
"first_name" => doc.xpath("//user/first-name/text()").to_s,
|
43
|
+
"last_name" => doc.xpath("//user/last-name/text()").to_s,
|
44
|
+
"email" => doc.xpath("//user/email/text()").to_s
|
45
|
+
}
|
46
|
+
else
|
47
|
+
nil
|
48
|
+
end
|
49
|
+
end
|
50
|
+
|
51
|
+
def make_user_group_request
|
52
|
+
http = Net::HTTP.new(@user_group_uri.host, @user_group_uri.port)
|
53
|
+
http.use_ssl = @user_group_uri.port == 443 || @user_group_uri.instance_of?(URI::HTTPS)
|
54
|
+
http.verify_mode = OpenSSL::SSL::VERIFY_NONE if http.use_ssl? && @configuration.disable_ssl_verification?
|
55
|
+
http.start do |c|
|
56
|
+
req = Net::HTTP::Get.new("#{@user_group_uri.path}?#{@user_group_uri.query}")
|
57
|
+
req.basic_auth @configuration.crowd_application_name, @configuration.crowd_password
|
58
|
+
http.request(req)
|
59
|
+
end
|
60
|
+
end
|
61
|
+
|
62
|
+
def make_authorization_request
|
63
|
+
http = Net::HTTP.new(@authentiction_uri.host, @authentiction_uri.port)
|
64
|
+
http.use_ssl = @authentiction_uri.port == 443 || @authentiction_uri.instance_of?(URI::HTTPS)
|
39
65
|
http.verify_mode = OpenSSL::SSL::VERIFY_NONE if http.use_ssl? && @configuration.disable_ssl_verification?
|
40
66
|
http.start do |c|
|
41
|
-
req = Net::HTTP::Post.new("#{@
|
67
|
+
req = Net::HTTP::Post.new("#{@authentiction_uri.path}?#{@authentiction_uri.query}")
|
42
68
|
req.body = AUTHENTICATION_REQUEST_BODY % @password
|
43
69
|
req.basic_auth @configuration.crowd_application_name, @configuration.crowd_password
|
44
70
|
req.add_field 'Content-Type', 'text/xml'
|
45
|
-
|
46
|
-
@response.code.to_i == 200
|
71
|
+
http.request(req)
|
47
72
|
end
|
48
73
|
end
|
49
74
|
end
|
data/lib/omniauth_crowd.rb
CHANGED
@@ -0,0 +1,8 @@
|
|
1
|
+
<groups expand="group">
|
2
|
+
<group name="Developers">
|
3
|
+
<link rel="self" href="http://crowd.bogus.com/crowd/rest/usermanagement/latest/group?groupname=Developers"/>
|
4
|
+
</group>
|
5
|
+
<group name="jira-users">
|
6
|
+
<link rel="self" href="http://crowd.bogus.com/crowd/rest/usermanagement/latest/group?groupname=jira-users"/>
|
7
|
+
</group>
|
8
|
+
</groups>
|
@@ -26,7 +26,7 @@ describe OmniAuth::Strategies::Crowd, :type=>:strategy do
|
|
26
26
|
|
27
27
|
it 'should redirect to callback' do
|
28
28
|
last_response.should be_redirect
|
29
|
-
last_response.headers['Location'].should == '/auth/crowd/callback'
|
29
|
+
last_response.headers['Location'].should == 'http://example.org/auth/crowd/callback'
|
30
30
|
end
|
31
31
|
end
|
32
32
|
|
@@ -44,6 +44,8 @@ describe OmniAuth::Strategies::Crowd, :type=>:strategy do
|
|
44
44
|
before do
|
45
45
|
stub_request(:post, "https://bogus_app:bogus_app_password@crowd.example.org/rest/usermanagement/latest/authentication?username=foo").
|
46
46
|
to_return(:body => File.read(File.join(File.dirname(__FILE__), '..', '..', 'fixtures', 'success.xml')))
|
47
|
+
stub_request(:get, "https://bogus_app:bogus_app_password@crowd.example.org/rest/usermanagement/latest/user/group/direct?username=foo").
|
48
|
+
to_return(:body => File.read(File.join(File.dirname(__FILE__), '..', '..', 'fixtures', 'groups.xml')))
|
47
49
|
get '/auth/crowd/callback', nil, 'rack.session'=>{'omniauth.crowd'=> {"username"=>"foo", "password"=>"ba"}}
|
48
50
|
end
|
49
51
|
it 'should call through to the master app' do
|
@@ -57,6 +59,7 @@ describe OmniAuth::Strategies::Crowd, :type=>:strategy do
|
|
57
59
|
auth = last_request.env['omniauth.auth']['provider'].should == :crowd
|
58
60
|
auth = last_request.env['omniauth.auth']['uid'].should == 'foo'
|
59
61
|
auth = last_request.env['omniauth.auth']['user_info'].should be_kind_of(Hash)
|
62
|
+
auth = last_request.env['omniauth.auth']['user_info']['groups'].sort.should == ["Developers", "jira-users"].sort
|
60
63
|
end
|
61
64
|
end
|
62
65
|
|
metadata
CHANGED
@@ -1,13 +1,13 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: omniauth_crowd
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
hash:
|
4
|
+
hash: 11
|
5
5
|
prerelease:
|
6
6
|
segments:
|
7
7
|
- 2
|
8
|
-
- 0
|
9
8
|
- 1
|
10
|
-
|
9
|
+
- 0
|
10
|
+
version: 2.1.0
|
11
11
|
platform: ruby
|
12
12
|
authors:
|
13
13
|
- Robert Di Marco
|
@@ -15,12 +15,10 @@ autorequire:
|
|
15
15
|
bindir: bin
|
16
16
|
cert_chain: []
|
17
17
|
|
18
|
-
date:
|
18
|
+
date: 2012-03-24 00:00:00 Z
|
19
19
|
dependencies:
|
20
20
|
- !ruby/object:Gem::Dependency
|
21
|
-
|
22
|
-
prerelease: false
|
23
|
-
requirement: &id001 !ruby/object:Gem::Requirement
|
21
|
+
version_requirements: &id001 !ruby/object:Gem::Requirement
|
24
22
|
none: false
|
25
23
|
requirements:
|
26
24
|
- - ~>
|
@@ -30,12 +28,12 @@ dependencies:
|
|
30
28
|
- 1
|
31
29
|
- 0
|
32
30
|
version: "1.0"
|
31
|
+
requirement: *id001
|
33
32
|
type: :runtime
|
34
|
-
version_requirements: *id001
|
35
|
-
- !ruby/object:Gem::Dependency
|
36
|
-
name: nokogiri
|
37
33
|
prerelease: false
|
38
|
-
|
34
|
+
name: omniauth
|
35
|
+
- !ruby/object:Gem::Dependency
|
36
|
+
version_requirements: &id002 !ruby/object:Gem::Requirement
|
39
37
|
none: false
|
40
38
|
requirements:
|
41
39
|
- - ">="
|
@@ -46,12 +44,12 @@ dependencies:
|
|
46
44
|
- 4
|
47
45
|
- 4
|
48
46
|
version: 1.4.4
|
47
|
+
requirement: *id002
|
49
48
|
type: :runtime
|
50
|
-
version_requirements: *id002
|
51
|
-
- !ruby/object:Gem::Dependency
|
52
|
-
name: rack
|
53
49
|
prerelease: false
|
54
|
-
|
50
|
+
name: nokogiri
|
51
|
+
- !ruby/object:Gem::Dependency
|
52
|
+
version_requirements: &id003 !ruby/object:Gem::Requirement
|
55
53
|
none: false
|
56
54
|
requirements:
|
57
55
|
- - ">="
|
@@ -60,12 +58,12 @@ dependencies:
|
|
60
58
|
segments:
|
61
59
|
- 0
|
62
60
|
version: "0"
|
61
|
+
requirement: *id003
|
63
62
|
type: :development
|
64
|
-
version_requirements: *id003
|
65
|
-
- !ruby/object:Gem::Dependency
|
66
|
-
name: rake
|
67
63
|
prerelease: false
|
68
|
-
|
64
|
+
name: rack
|
65
|
+
- !ruby/object:Gem::Dependency
|
66
|
+
version_requirements: &id004 !ruby/object:Gem::Requirement
|
69
67
|
none: false
|
70
68
|
requirements:
|
71
69
|
- - ">="
|
@@ -74,12 +72,12 @@ dependencies:
|
|
74
72
|
segments:
|
75
73
|
- 0
|
76
74
|
version: "0"
|
75
|
+
requirement: *id004
|
77
76
|
type: :development
|
78
|
-
version_requirements: *id004
|
79
|
-
- !ruby/object:Gem::Dependency
|
80
|
-
name: rack-test
|
81
77
|
prerelease: false
|
82
|
-
|
78
|
+
name: rake
|
79
|
+
- !ruby/object:Gem::Dependency
|
80
|
+
version_requirements: &id005 !ruby/object:Gem::Requirement
|
83
81
|
none: false
|
84
82
|
requirements:
|
85
83
|
- - ">="
|
@@ -88,12 +86,12 @@ dependencies:
|
|
88
86
|
segments:
|
89
87
|
- 0
|
90
88
|
version: "0"
|
89
|
+
requirement: *id005
|
91
90
|
type: :development
|
92
|
-
version_requirements: *id005
|
93
|
-
- !ruby/object:Gem::Dependency
|
94
|
-
name: rspec
|
95
91
|
prerelease: false
|
96
|
-
|
92
|
+
name: rack-test
|
93
|
+
- !ruby/object:Gem::Dependency
|
94
|
+
version_requirements: &id006 !ruby/object:Gem::Requirement
|
97
95
|
none: false
|
98
96
|
requirements:
|
99
97
|
- - ~>
|
@@ -104,12 +102,12 @@ dependencies:
|
|
104
102
|
- 5
|
105
103
|
- 0
|
106
104
|
version: 2.5.0
|
105
|
+
requirement: *id006
|
107
106
|
type: :development
|
108
|
-
version_requirements: *id006
|
109
|
-
- !ruby/object:Gem::Dependency
|
110
|
-
name: webmock
|
111
107
|
prerelease: false
|
112
|
-
|
108
|
+
name: rspec
|
109
|
+
- !ruby/object:Gem::Dependency
|
110
|
+
version_requirements: &id007 !ruby/object:Gem::Requirement
|
113
111
|
none: false
|
114
112
|
requirements:
|
115
113
|
- - ~>
|
@@ -120,12 +118,12 @@ dependencies:
|
|
120
118
|
- 3
|
121
119
|
- 4
|
122
120
|
version: 1.3.4
|
121
|
+
requirement: *id007
|
123
122
|
type: :development
|
124
|
-
version_requirements: *id007
|
125
|
-
- !ruby/object:Gem::Dependency
|
126
|
-
name: bundler
|
127
123
|
prerelease: false
|
128
|
-
|
124
|
+
name: webmock
|
125
|
+
- !ruby/object:Gem::Dependency
|
126
|
+
version_requirements: &id008 !ruby/object:Gem::Requirement
|
129
127
|
none: false
|
130
128
|
requirements:
|
131
129
|
- - ~>
|
@@ -136,8 +134,10 @@ dependencies:
|
|
136
134
|
- 0
|
137
135
|
- 0
|
138
136
|
version: 1.0.0
|
137
|
+
requirement: *id008
|
139
138
|
type: :development
|
140
|
-
|
139
|
+
prerelease: false
|
140
|
+
name: bundler
|
141
141
|
description: This is an OmniAuth provider for Atlassian Crowd's REST API. It allows you to easily integrate your Rack application in with Atlassian Crowd.
|
142
142
|
email:
|
143
143
|
- rob@innovationontherun.com
|
@@ -155,13 +155,13 @@ files:
|
|
155
155
|
- LICENSE.txt
|
156
156
|
- README.rdoc
|
157
157
|
- Rakefile
|
158
|
-
- VERSION
|
159
158
|
- lib/omniauth/strategies/crowd.rb
|
160
159
|
- lib/omniauth/strategies/crowd/configuration.rb
|
161
160
|
- lib/omniauth/strategies/crowd/crowd_validator.rb
|
162
161
|
- lib/omniauth_crowd.rb
|
163
162
|
- lib/omniauth_crowd/version.rb
|
164
163
|
- omniauth_crowd.gemspec
|
164
|
+
- spec/fixtures/groups.xml
|
165
165
|
- spec/fixtures/success.xml
|
166
166
|
- spec/omniauth/strategies/crowd_spec.rb
|
167
167
|
- spec/spec_helper.rb
|
@@ -199,6 +199,7 @@ signing_key:
|
|
199
199
|
specification_version: 3
|
200
200
|
summary: An OmniAuth provider for Atlassian Crowd REST API
|
201
201
|
test_files:
|
202
|
+
- spec/fixtures/groups.xml
|
202
203
|
- spec/fixtures/success.xml
|
203
204
|
- spec/omniauth/strategies/crowd_spec.rb
|
204
205
|
- spec/spec_helper.rb
|
data/VERSION
DELETED
@@ -1 +0,0 @@
|
|
1
|
-
1.0.1
|