openid_store_mongoid 0.0.1

data/README.md

@@ -0,0 +1,30 @@
+## openid_mongoid_store
+
+Storing your OpenIDs in your Mongos.
+
+### usage
+
+    database = Mongo::Connection.new.db('openid_store_mongoid')
+    store = OpenID::Store::Mongoid.new(database)
+    server = OpenID::Server::Server.new(store, ...)
+
+### license (MIT)
+
+Copyright (c) 2010 Dylan Egan
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CON

data/Rakefile

@@ -0,0 +1,11 @@
+begin
+  require ::File.expand_path('.bundle/environment', __FILE__)
+rescue LoadError
+  require "rubygems"
+  require "bundler"
+  Bundler.setup
+end
+
+Bundler.require(:default, :rake)
+
+Dir["tasks/*.rake"].sort.each { |file| load file }

data/lib/openid/store/mongoid.rb

@@ -0,0 +1,66 @@
+require 'openid/store/interface'
+
+module OpenID
+  module Store
+    class Mongoid < OpenID::Store::Interface
+      def initialize(connection)
+        ::Mongoid.database = connection 
+      end
+
+      def store_association(server_url, assoc)
+        remove_association(server_url, assoc.handle)    
+        OpenIDStoreMongoid::Association.create!(:server_url => server_url,
+                           :handle     => assoc.handle,
+                           :secret     => BSON::Binary.new(assoc.secret),
+                           :issued     => assoc.issued,
+                           :lifetime   => assoc.lifetime,
+                           :assoc_type => assoc.assoc_type)
+      end
+
+      def get_association(server_url, handle=nil)
+        assocs = if handle.blank?
+            OpenIDStoreMongoid::Association.all(:conditions => { :server_url => server_url })
+          else
+            OpenIDStoreMongoid::Association.all(:conditions => { :server_url => server_url, :handle => handle })
+          end
+
+        assocs.to_a.reverse.each do |assoc|
+          a = assoc.from_record
+          if a.expires_in == 0
+            assoc.destroy
+          else
+            return a
+          end
+        end if assocs.any?
+
+        return nil
+      end
+
+      def remove_association(server_url, handle)
+        OpenIDStoreMongoid::Association.destroy_all(:conditions => { :server_url => server_url, :handle => handle }) > 0 ? true : false
+      end
+
+      def use_nonce(server_url, timestamp, salt)
+        return false if OpenIDStoreMongoid::Nonce.first(:conditions => { :server_url => server_url, :timestamp => timestamp, :salt => salt }) or (timestamp - Time.now.to_i).abs > OpenID::Nonce.skew
+        OpenIDStoreMongoid::Nonce.create!(:server_url => server_url, :timestamp => timestamp, :salt => salt)
+        return true
+      end
+
+      def cleanup_nonces
+        now = Time.now.to_i
+        OpenIDStoreMongoid::Nonce.destroy_all(:conditions => { :timestamp.gt => (now + OpenID::Nonce.skew), :timestamp.lt => (now - OpenID::Nonce.skew) })
+      end
+
+      def cleanup_associations
+        count = 0
+        OpenIDStoreMongoid::Association.all(:conditions => { :issued.gt => 0 }).each do |association|
+          if association.lifetime + association.issued > Time.now.to_i
+            association.destroy
+            count += 1
+          end
+        end
+        count
+      end
+    end
+  end
+end

data/lib/openid_store_mongoid/association.rb

@@ -0,0 +1,15 @@
+module OpenIDStoreMongoid
+  class Association
+    include ::Mongoid::Document
+    field :handle
+    field :secret,     :type => Binary
+    field :issued,     :type => Integer
+    field :lifetime,   :type => Integer
+    field :assoc_type
+    field :server_url, :type => Binary
+
+    def from_record
+      OpenID::Association.new(handle, secret.to_s, issued, lifetime, assoc_type)
+    end
+  end
+end

data/lib/openid_store_mongoid/nonce.rb

@@ -0,0 +1,8 @@
+module OpenIDStoreMongoid
+  class Nonce
+    include ::Mongoid::Document
+    field :salt
+    field :server_url
+    field :timestamp,  :type => Integer
+  end
+end

data/lib/openid_store_mongoid/version.rb

@@ -0,0 +1,3 @@
+module OpenIDStoreMongoid
+  VERSION = '0.0.1'
+end

data/lib/openid_store_mongoid.rb

@@ -0,0 +1,4 @@
+require 'mongoid'
+require 'openid_store_mongoid/association'
+require 'openid_store_mongoid/nonce'
+require 'openid/store/mongoid'

data/tasks/gem.rake

@@ -0,0 +1,43 @@
+require 'rubygems/package_task'
+require File.dirname(__FILE__) + '/../lib/openid_store_mongoid/version'
+
+GEM_SPEC = Gem::Specification.new do |s|
+  s.name        = "openid_store_mongoid"
+  s.version     = OpenIDStoreMongoid::VERSION
+  s.platform    = Gem::Platform::RUBY
+
+  s.summary     = 'Storing your OpenIDs in your Mongos.'
+  s.description = "Why does a squirrel swim on its back?\nTo keep its nuts dry"
+
+  s.required_ruby_version = ">= 1.8.6"
+  s.required_rubygems_version = ">= 1.3.5"
+
+  # dependencies
+  s.add_dependency  'rake', '>= 0.8.3', '< 0.9'
+  bundle = Bundler::Definition.from_gemfile("Gemfile")
+  bundle.dependencies.select { |d| !d.groups.include?(:development) and !d.groups.include?(:rake) }.
+         each { |d| s.add_dependency(d.name, d.requirement.to_s) }
+
+  bundle.dependencies.select { |d| d.groups.include?(:development) }.
+         each { |d| s.add_development_dependency(d.name, d.requirement.to_s) }
+
+  s.files = FileList["lib/**/*.rb", "test/**/*.rb", "tasks/**/*.rake", "Rakefile", "README.md"]
+
+  s.bindir      = 'bin'
+  s.executables = []
+
+  s.require_path = 'lib'
+
+  s.extra_rdoc_files = %w(README.md)
+
+  s.homepage          = 'http://github.com/abcde/openid_store_mongoid'
+  s.licenses          = ['MIT']
+
+  s.author      = 'Dylan Egan'
+  s.email       = 'dylanegan@gmail.com'
+end
+
+gem_package = Gem::PackageTask.new(GEM_SPEC) do |pkg|
+  pkg.need_tar = false
+  pkg.need_zip = false
+end

data/test/test_openid_store_mongoid.rb

@@ -0,0 +1,240 @@
+begin
+  # Require the preresolved locked set of gems.
+  require ::File.expand_path('../.bundle/environment', __FILE__)
+rescue LoadError
+  # Fallback on doing the resolve at runtime.
+  require "rubygems"
+  require "bundler"
+  Bundler.setup
+  Bundler.require(:default, :test)
+end
+
+require 'test/unit'
+$:.unshift File.dirname(__FILE__) + '/../lib'
+require 'openid_store_mongoid'
+require 'openid/util'
+require 'openid/store/nonce'
+require 'openid/association'
+
+module OpenID
+  module Store
+    module StoreTestCase
+      @@allowed_handle = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ!"#$%&\'()*+,-./:;<=>?@[\\]^_`{|}~'
+      @@allowed_nonce = "0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"
+
+      def _gen_nonce
+        OpenID::CryptUtil.random_string(8, @@allowed_nonce)
+      end
+
+      def _gen_handle(n)
+        OpenID::CryptUtil.random_string(n, @@allowed_handle)
+      end
+
+      def _gen_secret(n, chars=nil)
+        OpenID::CryptUtil.random_string(n, chars)
+      end
+
+      def _gen_assoc(issued, lifetime=600)
+        secret = _gen_secret(20)
+        handle = _gen_handle(128)
+        OpenID::Association.new(handle, secret, Time.now + issued, lifetime,
+                                'HMAC-SHA1')
+      end
+
+      def _check_retrieve(url, handle=nil, expected=nil)
+        ret_assoc = @store.get_association(url, handle)
+
+        if expected.nil?
+          assert_nil(ret_assoc)
+        else
+          assert_equal(expected, ret_assoc)
+          assert_equal(expected.handle, ret_assoc.handle)
+          assert_equal(expected.secret, ret_assoc.secret)
+        end
+      end
+
+      def _check_remove(url, handle, expected)
+        present = @store.remove_association(url, handle)
+        assert_equal(expected, present)
+      end
+
+      def test_store
+        assoc = _gen_assoc(issued=0)
+
+        # Make sure that a missing association returns no result
+        _check_retrieve(server_url)
+
+        # Check that after storage, getting returns the same result
+        @store.store_association(server_url, assoc)
+        _check_retrieve(server_url, nil, assoc)
+
+        # more than once
+        _check_retrieve(server_url, nil, assoc)
+
+        # Storing more than once has no ill effect
+        @store.store_association(server_url, assoc)
+        _check_retrieve(server_url, nil, assoc)
+
+        # Removing an association that does not exist returns not present
+        _check_remove(server_url, assoc.handle + 'x', false)
+
+        # Removing an association that does not exist returns not present
+        _check_remove(server_url + 'x', assoc.handle, false)
+
+        # Removing an association that is present returns present
+        _check_remove(server_url, assoc.handle, true)
+
+        # but not present on subsequent calls
+        _check_remove(server_url, assoc.handle, false)
+
+        # Put assoc back in the store
+        @store.store_association(server_url, assoc)
+
+        # More recent and expires after assoc
+        assoc2 = _gen_assoc(issued=1)
+        @store.store_association(server_url, assoc2)
+
+        # After storing an association with a different handle, but the
+        # same server_url, the handle with the later expiration is returned.
+        _check_retrieve(server_url, nil, assoc2)
+
+        # We can still retrieve the older association
+        _check_retrieve(server_url, assoc.handle, assoc)
+
+        # Plus we can retrieve the association with the later expiration
+        # explicitly
+        _check_retrieve(server_url, assoc2.handle, assoc2)
+
+        # More recent, and expires earlier than assoc2 or assoc. Make sure
+        # that we're picking the one with the latest issued date and not
+        # taking into account the expiration.
+        assoc3 = _gen_assoc(issued=2, lifetime=100)
+        @store.store_association(server_url, assoc3)
+
+        _check_retrieve(server_url, nil, assoc3)
+        _check_retrieve(server_url, assoc.handle, assoc)
+        _check_retrieve(server_url, assoc2.handle, assoc2)
+        _check_retrieve(server_url, assoc3.handle, assoc3)
+
+        _check_remove(server_url, assoc2.handle, true)
+
+        _check_retrieve(server_url, nil, assoc3)
+        _check_retrieve(server_url, assoc.handle, assoc)
+        _check_retrieve(server_url, assoc2.handle, nil)
+        _check_retrieve(server_url, assoc3.handle, assoc3)
+
+        _check_remove(server_url, assoc2.handle, false)
+        _check_remove(server_url, assoc3.handle, true)
+
+        ret_assoc = @store.get_association(server_url, nil)
+        unexpected = [assoc2.handle, assoc3.handle]
+        assert(ret_assoc.nil? || !unexpected.member?(ret_assoc.handle),
+               ret_assoc)
+
+        _check_retrieve(server_url, assoc.handle, assoc)
+        _check_retrieve(server_url, assoc2.handle, nil)
+        _check_retrieve(server_url, assoc3.handle, nil)
+
+        _check_remove(server_url, assoc2.handle, false)
+        _check_remove(server_url, assoc.handle, true)
+        _check_remove(server_url, assoc3.handle, false)
+
+        _check_retrieve(server_url, nil, nil)
+        _check_retrieve(server_url, assoc.handle, nil)
+        _check_retrieve(server_url, assoc2.handle, nil)
+        _check_retrieve(server_url, assoc3.handle, nil)
+
+        _check_remove(server_url, assoc2.handle, false)
+        _check_remove(server_url, assoc.handle, false)
+        _check_remove(server_url, assoc3.handle, false)
+      end
+
+      def test_assoc_cleanup
+        assocValid1 = _gen_assoc(-3600, 7200)
+        assocValid2 = _gen_assoc(-5)
+        assocExpired1 = _gen_assoc(-7200, 3600)
+        assocExpired2 = _gen_assoc(-7200, 3600)
+
+        @store.cleanup_associations
+        @store.store_association(server_url + '1', assocValid1)
+        @store.store_association(server_url + '1', assocExpired1)
+        @store.store_association(server_url + '2', assocExpired2)
+        @store.store_association(server_url + '3', assocValid2)
+
+        cleaned = @store.cleanup_associations()
+        assert_equal(2, cleaned, "cleaned up associations")
+      end
+
+      def _check_use_nonce(nonce, expected, server_url, msg='')
+        stamp, salt = Nonce::split_nonce(nonce)
+        actual = @store.use_nonce(server_url, stamp, salt)
+        assert_equal(expected, actual, msg)
+      end
+
+      def server_url
+        "http://www.myopenid.com/openid"
+      end
+
+      def test_nonce
+        [server_url, ''].each{|url|
+          nonce1 = Nonce::mk_nonce
+
+          _check_use_nonce(nonce1, true, url, "#{url}: nonce allowed by default")
+          _check_use_nonce(nonce1, false, url, "#{url}: nonce not allowed twice")
+          _check_use_nonce(nonce1, false, url, "#{url}: nonce not allowed third time")
+
+          # old nonces shouldn't pass
+          old_nonce = Nonce::mk_nonce(3600)
+          _check_use_nonce(old_nonce, false, url, "Old nonce #{old_nonce.inspect} passed")
+
+        }
+      end
+
+      def test_nonce_cleanup
+        now = Time.now.to_i
+        old_nonce1 = Nonce::mk_nonce(now - 20000)
+        old_nonce2 = Nonce::mk_nonce(now - 10000)
+        recent_nonce = Nonce::mk_nonce(now - 600)
+
+        orig_skew = Nonce.skew
+        Nonce.skew = 0
+        count = @store.cleanup_nonces
+        Nonce.skew = 1000000
+        ts, salt = Nonce::split_nonce(old_nonce1)
+        assert(@store.use_nonce(server_url, ts, salt), "oldnonce1")
+        ts, salt = Nonce::split_nonce(old_nonce2)
+        assert(@store.use_nonce(server_url, ts, salt), "oldnonce2")
+        ts, salt = Nonce::split_nonce(recent_nonce)
+        assert(@store.use_nonce(server_url, ts, salt), "recent_nonce")
+
+        Nonce.skew = 1000
+        cleaned = @store.cleanup_nonces
+        assert_equal(2, cleaned, "Cleaned #{cleaned} nonces")
+
+        Nonce.skew = 100000
+        ts, salt = Nonce::split_nonce(old_nonce1)
+        assert(@store.use_nonce(server_url, ts, salt), "oldnonce1 after cleanup")
+        ts, salt = Nonce::split_nonce(old_nonce2)
+        assert(@store.use_nonce(server_url, ts, salt), "oldnonce2 after cleanup")
+        ts, salt = Nonce::split_nonce(recent_nonce)
+        assert(!@store.use_nonce(server_url, ts, salt), "recent_nonce after cleanup")
+
+        Nonce.skew = orig_skew
+
+      end
+    end
+
+    class MongoStoreTestCase < Test::Unit::TestCase
+      include StoreTestCase
+
+      def setup
+        @store = Mongoid.new(Mongo::Connection.new.db('openid_store_mongoid_test'))
+      end
+
+      def teardown
+        OpenIDStoreMongoid::Association.destroy_all
+        OpenIDStoreMongoid::Nonce.destroy_all
+      end
+    end
+  end
+end

metadata

@@ -0,0 +1,151 @@
+--- !ruby/object:Gem::Specification 
+name: openid_store_mongoid
+version: !ruby/object:Gem::Version 
+  hash: 29
+  prerelease: false
+  segments: 
+  - 0
+  - 0
+  - 1
+  version: 0.0.1
+platform: ruby
+authors: 
+- Dylan Egan
+autorequire: 
+bindir: bin
+cert_chain: []
+
+date: 2010-06-05 00:00:00 -07:00
+default_executable: 
+dependencies: 
+- !ruby/object:Gem::Dependency 
+  type: :runtime
+  prerelease: false
+  name: rake
+  version_requirements: &id001 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        hash: 57
+        segments: 
+        - 0
+        - 8
+        - 3
+        version: 0.8.3
+    - - <
+      - !ruby/object:Gem::Version 
+        hash: 25
+        segments: 
+        - 0
+        - 9
+        version: "0.9"
+  requirement: *id001
+- !ruby/object:Gem::Dependency 
+  type: :runtime
+  prerelease: false
+  name: ruby-openid
+  version_requirements: &id002 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ~>
+      - !ruby/object:Gem::Version 
+        hash: 5
+        segments: 
+        - 2
+        - 1
+        - 7
+        version: 2.1.7
+  requirement: *id002
+- !ruby/object:Gem::Dependency 
+  type: :runtime
+  prerelease: false
+  name: bson_ext
+  version_requirements: &id003 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ~>
+      - !ruby/object:Gem::Version 
+        hash: 21
+        segments: 
+        - 1
+        - 0
+        - 1
+        version: 1.0.1
+  requirement: *id003
+- !ruby/object:Gem::Dependency 
+  type: :runtime
+  prerelease: false
+  name: mongoid
+  version_requirements: &id004 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ~>
+      - !ruby/object:Gem::Version 
+        hash: 51
+        segments: 
+        - 1
+        - 9
+        - 0
+        version: 1.9.0
+  requirement: *id004
+description: |-
+  Why does a squirrel swim on its back?
+  To keep its nuts dry
+email: dylanegan@gmail.com
+executables: []
+
+extensions: []
+
+extra_rdoc_files: 
+- README.md
+files: 
+- lib/openid/store/mongoid.rb
+- lib/openid_store_mongoid/association.rb
+- lib/openid_store_mongoid/nonce.rb
+- lib/openid_store_mongoid/version.rb
+- lib/openid_store_mongoid.rb
+- test/test_openid_store_mongoid.rb
+- tasks/gem.rake
+- Rakefile
+- README.md
+has_rdoc: true
+homepage: http://github.com/abcde/openid_store_mongoid
+licenses: 
+- MIT
+post_install_message: 
+rdoc_options: []
+
+require_paths: 
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement 
+  none: false
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      hash: 59
+      segments: 
+      - 1
+      - 8
+      - 6
+      version: 1.8.6
+required_rubygems_version: !ruby/object:Gem::Requirement 
+  none: false
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      hash: 17
+      segments: 
+      - 1
+      - 3
+      - 5
+      version: 1.3.5
+requirements: []
+
+rubyforge_project: 
+rubygems_version: 1.3.7
+signing_key: 
+specification_version: 3
+summary: Storing your OpenIDs in your Mongos.
+test_files: []
+