RubyGems - openshift-origin-auth-kerberos - Versions diffs - 0.8.8 → 1.1.1 - Mend

openshift-origin-auth-kerberos 0.8.8 → 1.1.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (13) hide show

data/conf/openshift-origin-auth-kerberos.conf.example ADDED

File without changes

data/config/initializers/openshift-origin-auth-kerberos.rb ADDED

@@ -0,0 +1,14 @@
+require 'openshift-origin-common'
+Broker::Application.configure do
+  conf_file = File.join(OpenShift::Config::PLUGINS_DIR, File.basename(__FILE__, '.rb') + '.conf')
+  if Rails.env.development?
+    dev_conf_file = File.join(OpenShift::Config::PLUGINS_DIR, File.basename(__FILE__, '.rb') + '-dev.conf')
+    if File.exist? dev_conf_file
+      conf_file = dev_conf_file
+    else
+      Rails.logger.info "Development configuration for #{File.basename(__FILE__, '.rb')} not found. Using production configuration."
+    end
+  end
+  conf = OpenShift::Config.new(conf_file)
+end

data/{lib/openshift-kerberos-plugin/config → config}/routes.rb RENAMED

File without changes

data/lib/kerberos_auth_engine.rb ADDED

@@ -0,0 +1,7 @@
+require 'openshift-origin-controller'
+require 'rails'
+module OpenShift
+  class KerberosAuthServiceEngine < ::Rails::Engine
+  end
+end

data/lib/openshift-origin-auth-kerberos.rb ADDED

@@ -0,0 +1,8 @@
+module OpenShift
+  module KerberosAuthServiceModule
+    require 'kerberos_auth_engine' if defined?(Rails) && Rails::VERSION::MAJOR == 3
+  end
+end
+require "openshift/kerberos_auth_service.rb"
+OpenShift::AuthService.provider=OpenShift::KerberosAuthService

data/lib/{openshift-kerberos-plugin/lib/openshift → openshift}/kerberos_auth_service.rb RENAMED

@@ -6,8 +6,8 @@ require 'krb5_auth'
 include Krb5Auth
-module Swingshift
-  class KerberosAuthService < OpenShift Origin::AuthService
+module OpenShift
+  class KerberosAuthService < OpenShift::AuthService
     def initialize(auth_info = nil)
       Rails.logger.debug "Initializing KerberosAuthService"
@@ -60,7 +60,7 @@ module Swingshift
         json_token << cipher.final
       rescue => e
         Rails.logger.debug "Broker key authentication failed. #{e.backtrace.inspect}"
-        raise OpenShift Origin::AccessDeniedException.new
+        raise OpenShift::AccessDeniedException.new
       end
       token = JSON.parse(json_token)
@@ -69,10 +69,10 @@ module Swingshift
       creation_time = token['creation_time']
       user = CloudUser.find(username)
-      raise OpenShift Origin::AccessDeniedException.new if user.nil?
+      raise OpenShift::AccessDeniedException.new if user.nil?
       app = Application.find(user, app_name)
-      raise OpenShift Origin::AccessDeniedException.new if app.nil? or creation_time != app.creation_time
+      raise OpenShift::AccessDeniedException.new if app.nil? or creation_time != app.creation_time
       return {:username => username, :auth_method => :broker_auth}
     end
@@ -81,7 +81,7 @@ module Swingshift
       if params['broker_auth_key'] && params['broker_auth_iv']
         validate_broker_key(params['broker_auth_iv'], params['broker_auth_key'])
       else
-        raise OpenShift Origin::AccessDeniedException if login.nil? || login.empty? || password.nil? || password.empty?
+        raise OpenShift::AccessDeniedException if login.nil? || login.empty? || password.nil? || password.empty?
         krb5 = Krb5.new
         # get the default realm
@@ -99,7 +99,7 @@ module Swingshift
           return {:username => login, :auth_method => :login}
         else
           krb5.close
-          raise OpenShift Origin::AccessDeniedException
+          raise OpenShift::AccessDeniedException
         end
       end

data/openshift-origin-auth-kerberos.gemspec CHANGED

@@ -1,21 +1,23 @@
 # -*- encoding: utf-8 -*-
+config_dir  = File.join(File.join("config", "**"), "*")
 $:.push File.expand_path("../lib", __FILE__)
 lib_dir  = File.join(File.join("lib", "**"), "*")
 test_dir  = File.join(File.join("test", "**"), "*")
 bin_dir  = File.join("bin","*")
+conf_dir  = File.join(File.join("conf", "**"), "*")
 spec_file = "rubygem-openshift-origin-auth-kerberos.spec"
 Gem::Specification.new do |s|
   s.name        = "openshift-origin-auth-kerberos"
-  s.version     = `rpm -q --qf "%{version}\n" --specfile #{spec_file}`.split[0]
-  s.license     = `rpm -q --qf "%{license}\n" --specfile #{spec_file}`.split[0]
+  s.version     = `rpm -q --define 'rhel 7' --qf "%{version}\n" --specfile #{spec_file}`.split[0]
+  s.license     = `rpm -q --define 'rhel 7' --qf "%{license}\n" --specfile #{spec_file}`.split[0]
   s.authors     = ["Jason DeTiberus"]
   s.email       = ["jdetiber@redhat.com"]
-  s.homepage    = `rpm -q --qf "%{url}\n" --specfile #{spec_file}`.split[0]
-  s.summary     = `rpm -q --qf "%{description}\n" --specfile #{spec_file}`.split[0]
-  s.description = `rpm -q --qf "%{description}\n" --specfile #{spec_file}`.split[0]
+  s.homepage    = `rpm -q --define 'rhel 7' --qf "%{url}\n" --specfile #{spec_file}`.split[0]
+  s.summary     = `rpm -q --define 'rhel 7' --qf "%{description}\n" --specfile #{spec_file}`.split[0]
+  s.description = `rpm -q --define 'rhel 7' --qf "%{description}\n" --specfile #{spec_file}`.split[0]
-  s.files       = Dir[lib_dir] + Dir[bin_dir]
+  s.files       = Dir[lib_dir] + Dir[bin_dir] + Dir[conf_dir] + Dir[config_dir]
   s.test_files  = Dir[test_dir]
   s.executables = Dir[bin_dir].map {|binary| File.basename(binary)}
   s.files       += %w(README.md Rakefile Gemfile rubygem-openshift-origin-auth-kerberos.spec openshift-origin-auth-kerberos.gemspec LICENSE COPYRIGHT)

data/rubygem-openshift-origin-auth-kerberos.spec CHANGED

@@ -1,112 +1,130 @@
-%global ruby_sitelib %(ruby -rrbconfig -e "puts Config::CONFIG['sitelibdir']")
-%global gemdir %(ruby -rubygems -e 'puts Gem::dir' 2>/dev/null)
-%global gemname openshift-origin-auth-kerberos
-%global geminstdir %{gemdir}/gems/%{gemname}-%{version}
-Summary:        OpenShift Origin plugin for kerberos auth service
-Name:           rubygem-%{gemname}
-Version:        0.8.8
+%if 0%{?fedora}%{?rhel} <= 6
+    %global scl ruby193
+    %global scl_prefix ruby193-
+%endif
+%{!?scl:%global pkg_name %{name}}
+%{?scl:%scl_package rubygem-%{gem_name}}
+%global gem_name openshift-origin-auth-kerberos
+%global rubyabi 1.9.1
+Summary:        OpenShift plugin for kerberos auth service
+Name:           rubygem-%{gem_name}
+Version:        1.1.1
 Release:        1%{?dist}
 Group:          Development/Languages
 License:        ASL 2.0
 URL:            http://openshift.redhat.com
-Source0:        rubygem-%{gemname}-%{version}.tar.gz
+Source0:        rubygem-%{gem_name}-%{version}.tar.gz
 BuildRoot:      %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
-Requires:       ruby(abi) = 1.8
-Requires:       rubygems
+Requires:       %{?scl:%scl_prefix}ruby(abi) = %{rubyabi}
+Requires:       %{?scl:%scl_prefix}ruby
+Requires:       %{?scl:%scl_prefix}rubygems
+Requires:       %{?scl:%scl_prefix}rubygem(json)
+Requires:       %{?scl:%scl_prefix}rubygem(krb5-auth)
+Requires:       %{?scl:%scl_prefix}rubygem(mocha)
 Requires:       rubygem(openshift-origin-common)
-Requires:       rubygem(json)
-Requires:       rubygem(mocha)
 Requires:       openshift-origin-broker
-Requires:  		selinux-policy-targeted
-Requires:  		policycoreutils-python
-Requires:       rubygem(krb5-auth)
-BuildRequires:  ruby
-BuildRequires:  rubygems
+Requires:     selinux-policy-targeted
+Requires:     policycoreutils-python
+%if 0%{?fedora}%{?rhel} <= 6
+BuildRequires:  ruby193-build
+BuildRequires:  scl-utils-build
+%endif
+BuildRequires:  %{?scl:%scl_prefix}ruby(abi) = %{rubyabi}
+BuildRequires:  %{?scl:%scl_prefix}ruby
+BuildRequires:  %{?scl:%scl_prefix}rubygems
+BuildRequires:  %{?scl:%scl_prefix}rubygems-devel
 BuildArch:      noarch
-Provides:       rubygem(%{gemname}) = %version
+Provides:       rubygem(%{gem_name}) = %version
-%package -n ruby-%{gemname}
-Summary:        OpenShift Origin plugin for kerberos auth service
-Requires:       rubygem(%{gemname}) = %version
-Provides:       ruby(%{gemname}) = %version
-Obsoletes:      rubygem-swingshift-kerberos-plugin
 %description
 Provides a kerberos auth service based plugin
-%description -n ruby-%{gemname}
-Provides a kerberos auth service based plugin
+%package doc
+Summary: OpenShift plugin for kerberos auth service documentation
+%description doc
+Provides a kerberos auth service based plugin documentation
 %prep
 %setup -q
 %build
+%{?scl:scl enable %scl - << \EOF}
+mkdir -p .%{gem_dir}
+# Create the gem as gem install only works on a gem file
+gem build %{gem_name}.gemspec
+export CONFIGURE_ARGS="--with-cflags='%{optflags}'"
+# gem install compiles any C extensions and installs into a directory
+# We set that to be a local directory so that we can move it into the
+# buildroot in %%install
+gem install -V \
+        --local \
+        --install-dir .%{gem_dir} \
+        --bindir ./%{_bindir} \
+        --force \
+        --rdoc \
+        %{gem_name}-%{version}.gem
+%{?scl:EOF}
 %install
-rm -rf %{buildroot}
-mkdir -p %{buildroot}%{gemdir}
-mkdir -p %{buildroot}%{ruby_sitelib}
-# Build and install into the rubygem structure
-gem build %{gemname}.gemspec
-gem install --local --install-dir %{buildroot}%{gemdir} --force %{gemname}-%{version}.gem
-# Symlink into the ruby site library directories
-ln -s %{geminstdir}/lib/%{gemname} %{buildroot}%{ruby_sitelib}
-ln -s %{geminstdir}/lib/%{gemname}.rb %{buildroot}%{ruby_sitelib}
-mkdir -p %{buildroot}/var/www/openshift/broker/config/environments/plugin-config
-cat <<EOF > %{buildroot}/var/www/openshift/broker/config/environments/plugin-config/openshift-origin-auth-kerberos.rb
-Broker::Application.configure do
-  config.auth = {
-    :salt => "ClWqe5zKtEW4CJEMyjzQ",
-    :privkeyfile => "/var/www/openshift/broker/config/server_priv.pem",
-    :privkeypass => "",
-    :pubkeyfile  => "/var/www/openshift/broker/config/server_pub.pem",
-  }
-end
-EOF
+mkdir -p %{buildroot}%{gem_dir}
+cp -a .%{gem_dir}/* %{buildroot}%{gem_dir}/
+mkdir -p %{buildroot}/etc/openshift/plugins.d
+cp conf/openshift-origin-auth-kerberos.conf.example %{buildroot}/etc/openshift/plugins.d/
 %clean
 rm -rf %{buildroot}
-%post
-/usr/bin/openssl genrsa -out /var/www/openshift/broker/config/server_priv.pem 2048
-/usr/bin/openssl rsa    -in /var/www/openshift/broker/config/server_priv.pem -pubout > /var/www/openshift/broker/config/server_pub.pem
-echo "The following variables need to be set in your rails config to use openshift-origin-auth-kerberos:"
-echo "auth[:salt]                    - salt for the password hash"
-echo "auth[:privkeyfile]             - RSA private key file for node-broker authentication"
-echo "auth[:privkeypass]             - RSA private key password"
-echo "auth[:pubkeyfile]              - RSA public key file for node-broker authentication"
 %files
 %defattr(-,root,root,-)
-%dir %{geminstdir}
-%doc %{geminstdir}/Gemfile
-%{gemdir}/doc/%{gemname}-%{version}
-%{gemdir}/gems/%{gemname}-%{version}
-%{gemdir}/cache/%{gemname}-%{version}.gem
-%{gemdir}/specifications/%{gemname}-%{version}.gemspec
+%doc LICENSE COPYRIGHT Gemfile
+%exclude %{gem_cache}
+%{gem_instdir}
+%{gem_spec}
-%attr(0440,apache,apache) /var/www/openshift/broker/config/environments/plugin-config/openshift-origin-auth-kerberos.rb
+/etc/openshift/plugins.d/openshift-origin-auth-kerberos.conf.example
-%files -n ruby-%{gemname}
-%{ruby_sitelib}/%{gemname}
-%{ruby_sitelib}/%{gemname}.rb
+%files doc
+%doc %{gem_docdir}
 %changelog
-* Fri Oct 05 2012 Krishna Raman <kraman@gmail.com> 0.8.8-1
-- new package built with tito
-* Thu Aug 16 2012 Brenton Leanhardt <bleanhar@redhat.com> 0.8.7-1
-- new package built with tito
-* Wed Aug 15 2012 Jason DeTiberus <jason.detiberus@redhat.com> 0.8.6-1
-- kerberos auth plugin (jason.detiberus@redhat.com)
-* Wed Aug 15 2012 Jason DeTiberus <jason.detiberus@redhat.com> 0.8.5-1
-- new package built with tito
+* Fri Jan 11 2013 Troy Dawson <tdawson@redhat.com> 1.1.1-1
+- updated gemspecs so they work with scl rpm spec files. (tdawson@redhat.com)
+- improve the description of the kerberos plugin (misc@zarb.org)
+- add instruction to generate the certificate (misc@zarb.org)
+- use a random salt, so someone doing cut and paste from the documentation
+  doesn't end with a know salt by neglect (misc@zarb.org)
+- remove uneeded object creation, as they are not used later (misc@zarb.org)
+- add config to gemspec (dmcphers@redhat.com)
+- Moving plugins to Rails 3.2.8 engine (kraman@gmail.com)
+- getting specs up to 1.9 sclized (dmcphers@redhat.com)
+- Bug 871436 - moving the default path for AUTH_PRIVKEYFILE and AUTH_PUBKEYFILE
+  under /etc (bleanhar@redhat.com)
+- Moving broker config to /etc/openshift/broker.conf Rails app and all oo-*
+  scripts will load production environment unless the
+  /etc/openshift/development marker is present Added param to specify default
+  when looking up a config value in OpenShift::Config Moved all defaults into
+  plugin initializers instead of separate defaults file No longer require
+  loading 'openshift-origin-common/config' if 'openshift-origin-common' is
+  loaded openshift-origin-common selinux module is merged into F16 selinux
+  policy. Removing from broker %%postrun (kraman@gmail.com)
+- Fixed broker/node setup scripts to install cgroup services. Fixed
+  mcollective-qpid plugin so it installs during origin package build. Updated
+  cgroups init script to work with both systemd and init.d Updated oo-trap-user
+  script Renamed oo-cgroups to openshift-cgroups (service and init.d) and
+  created oo-admin-ctl-cgroups Pulled in oo-get-mcs-level and abstract/util
+  from origin-selinux branch Fixed invalid file path in rubygem-openshift-
+  origin-auth-mongo spec Fixed invlaid use fo Mcollective::Config in
+  mcollective-qpid-plugin (kraman@gmail.com)
+- Centralize plug-in configuration (miciah.masters@gmail.com)
+- Removing old build scripts Moving broker/node setup utilities into util
+  packages Fix Auth service module name conflicts (kraman@gmail.com)
+- Module name and gem path fixes for auth plugins (kraman@gmail.com)
+* Mon Oct 08 2012 Dan McPherson <dmcphers@redhat.com> 0.8.9-1
+-

metadata CHANGED

@@ -1,13 +1,13 @@
 --- !ruby/object:Gem::Specification
 name: openshift-origin-auth-kerberos
 version: !ruby/object:Gem::Version
-  hash: 47
+  hash: 17
   prerelease: false
   segments:
-  - 0
-  - 8
-  - 8
-  version: 0.8.8
+  - 1
+  - 1
+  - 1
+  version: 1.1.1
 platform: ruby
 authors:
 - Jason DeTiberus
@@ -15,7 +15,7 @@ autorequire:
 bindir: bin
 cert_chain: []
-date: 2012-10-22 00:00:00 -04:00
+date: 2013-01-11 00:00:00 -05:00
 default_executable:
 dependencies:
 - !ruby/object:Gem::Dependency
@@ -112,12 +112,12 @@ extensions: []
 extra_rdoc_files: []
 files:
-- lib/openshift-kerberos-plugin.rb
-- lib/openshift-kerberos-plugin/engine/engine.rb
-- lib/openshift-kerberos-plugin/app/models/rest_account.rb
-- lib/openshift-kerberos-plugin/app/controllers/account_controller.rb
-- lib/openshift-kerberos-plugin/config/routes.rb
-- lib/openshift-kerberos-plugin/lib/openshift/kerberos_auth_service.rb
+- lib/openshift/kerberos_auth_service.rb
+- lib/openshift-origin-auth-kerberos.rb
+- lib/kerberos_auth_engine.rb
+- conf/openshift-origin-auth-kerberos.conf.example
+- config/routes.rb
+- config/initializers/openshift-origin-auth-kerberos.rb
 - README.md
 - Rakefile
 - Gemfile

data/lib/openshift-kerberos-plugin.rb DELETED

@@ -1,8 +0,0 @@
-module Swingshift
-  module AuthService
-    require 'openshift-origin-auth-kerberos/engine/engine' if defined?(Rails) && Rails::VERSION::MAJOR == 3
-  end
-end
-require "openshift-origin-auth-kerberos/lib/openshift/kerberos_auth_service.rb"
-OpenShift Origin::AuthService.provider=Swingshift::KerberosAuthService

data/lib/openshift-kerberos-plugin/app/controllers/account_controller.rb DELETED

@@ -1,20 +0,0 @@
-class AccountController < BaseController
-  respond_to :xml, :json
-  before_filter :authenticate, :check_version
-  def create
-    username = params[:username]
-    auth_config = Rails.application.config.auth
-    auth_service = Swingshift::KerberosAuthService.new(auth_config)
-    Rails.logger.debug "username = #{username}"
-    log_action('nil', 'nil', username, "ADD_USER", false, "Cannot create account, managed by kerberos")
-    @reply = RestReply.new(:unprocessable_entity)
-    @reply.messages.push(Message.new(:error, "Cannot create account, managed by kerberos", 1001, "username"))
-    respond_with @reply, :status => @reply.status
-    return
-  end
-end

data/lib/openshift-kerberos-plugin/app/models/rest_account.rb DELETED

@@ -1,12 +0,0 @@
-class RestAccount < OpenShift Origin::Model
-  attr_accessor :username, :created_on
-  def initialize(username, created_on)
-    self.username, self.created_on = username, created_on
-  end
-  def to_xml(options={})
-    options[:tag_name] = "account"
-    super(options)
-  end
-end

data/lib/openshift-kerberos-plugin/engine/engine.rb DELETED

@@ -1,12 +0,0 @@
-require 'openshift-origin-controller'
-require 'rails'
-module OpenShift Origin
-  class KerberosAuthServiceEngine < Rails::Engine
-    paths.app.controllers      << "lib/openshift-kerberos-plugin/app/controllers"
-    paths.lib                  << "lib/openshift-kerberos-plugin/lib"
-    paths.config               << "lib/openshift-kerberos-plugin/config"
-    paths.app.models           << "lib/openshift-kerberos-plugin/app/models"
-    config.autoload_paths      += %W(#{config.root}/lib)
-  end
-end