RubyGems - openshift-origin-auth-kerberos - Versions diffs - 0.8.8 → 1.1.1 - Mend

openshift-origin-auth-kerberos 0.8.8 → 1.1.1

Files changed (13) hide show

data/conf/openshift-origin-auth-kerberos.conf.example ADDED

File without changes

data/config/initializers/openshift-origin-auth-kerberos.rb ADDED

@@ -0,0 +1,14 @@
+require 'openshift-origin-common'
+Broker::Application.configure do
+  conf_file = File.join(OpenShift::Config::PLUGINS_DIR, File.basename(__FILE__, '.rb') + '.conf')
+  if Rails.env.development?
+    dev_conf_file = File.join(OpenShift::Config::PLUGINS_DIR, File.basename(__FILE__, '.rb') + '-dev.conf')
+    if File.exist? dev_conf_file
+      conf_file = dev_conf_file
+    else
+      Rails.logger.info "Development configuration for #{File.basename(__FILE__, '.rb')} not found. Using production configuration."
+    end
+  end
+  conf = OpenShift::Config.new(conf_file)
+end

data/{lib/openshift-kerberos-plugin/config → config}/routes.rb RENAMED

File without changes

data/lib/kerberos_auth_engine.rb ADDED

@@ -0,0 +1,7 @@
+require 'openshift-origin-controller'
+require 'rails'
+module OpenShift
+  class KerberosAuthServiceEngine < ::Rails::Engine
+  end
+end

data/lib/openshift-origin-auth-kerberos.rb ADDED

@@ -0,0 +1,8 @@
+module OpenShift
+  module KerberosAuthServiceModule
+    require 'kerberos_auth_engine' if defined?(Rails) && Rails::VERSION::MAJOR == 3
+  end
+end
+require "openshift/kerberos_auth_service.rb"
+OpenShift::AuthService.provider=OpenShift::KerberosAuthService

data/lib/{openshift-kerberos-plugin/lib/openshift → openshift}/kerberos_auth_service.rb RENAMED

@@ -6,8 +6,8 @@ require 'krb5_auth'
 include Krb5Auth
-module Swingshift
-  class KerberosAuthService < OpenShift Origin::AuthService
+module OpenShift
+  class KerberosAuthService < OpenShift::AuthService
     def initialize(auth_info = nil)
       Rails.logger.debug "Initializing KerberosAuthService"
@@ -60,7 +60,7 @@ module Swingshift
         json_token << cipher.final
       rescue => e
         Rails.logger.debug "Broker key authentication failed. #{e.backtrace.inspect}"
-        raise OpenShift Origin::AccessDeniedException.new
+        raise OpenShift::AccessDeniedException.new
       end
       token = JSON.parse(json_token)
@@ -69,10 +69,10 @@ module Swingshift
       creation_time = token['creation_time']
       user = CloudUser.find(username)
-      raise OpenShift Origin::AccessDeniedException.new if user.nil?
+      raise OpenShift::AccessDeniedException.new if user.nil?
       app = Application.find(user, app_name)
-      raise OpenShift Origin::AccessDeniedException.new if app.nil? or creation_time != app.creation_time
+      raise OpenShift::AccessDeniedException.new if app.nil? or creation_time != app.creation_time
       return {:username => username, :auth_method => :broker_auth}
     end
@@ -81,7 +81,7 @@ module Swingshift
       if params['broker_auth_key'] && params['broker_auth_iv']
         validate_broker_key(params['broker_auth_iv'], params['broker_auth_key'])
       else
-        raise OpenShift Origin::AccessDeniedException if login.nil? || login.empty? || password.nil? || password.empty?
+        raise OpenShift::AccessDeniedException if login.nil? || login.empty? || password.nil? || password.empty?
         krb5 = Krb5.new
         # get the default realm
@@ -99,7 +99,7 @@ module Swingshift
           return {:username => login, :auth_method => :login}
         else
           krb5.close
-          raise OpenShift Origin::AccessDeniedException
+          raise OpenShift::AccessDeniedException
         end
       end

data/openshift-origin-auth-kerberos.gemspec CHANGED

@@ -1,21 +1,23 @@
 # -*- encoding: utf-8 -*-
+config_dir  = File.join(File.join("config", "**"), "*")
 $:.push File.expand_path("../lib", __FILE__)
 lib_dir  = File.join(File.join("lib", "**"), "*")
 test_dir  = File.join(File.join("test", "**"), "*")
 bin_dir  = File.join("bin","*")
+conf_dir  = File.join(File.join("conf", "**"), "*")
 spec_file = "rubygem-openshift-origin-auth-kerberos.spec"
 Gem::Specification.new do |s|
   s.name        = "openshift-origin-auth-kerberos"
-  s.version     = `rpm -q --qf "%{version}\n" --specfile #{spec_file}`.split[0]
-  s.license     = `rpm -q --qf "%{license}\n" --specfile #{spec_file}`.split[0]
+  s.version     = `rpm -q --define 'rhel 7' --qf "%{version}\n" --specfile #{spec_file}`.split[0]
+  s.license     = `rpm -q --define 'rhel 7' --qf "%{license}\n" --specfile #{spec_file}`.split[0]
   s.authors     = ["Jason DeTiberus"]
   s.email       = ["jdetiber@redhat.com"]
-  s.homepage    = `rpm -q --qf "%{url}\n" --specfile #{spec_file}`.split[0]
-  s.summary     = `rpm -q --qf "%{description}\n" --specfile #{spec_file}`.split[0]
-  s.description = `rpm -q --qf "%{description}\n" --specfile #{spec_file}`.split[0]
+  s.homepage    = `rpm -q --define 'rhel 7' --qf "%{url}\n" --specfile #{spec_file}`.split[0]
+  s.summary     = `rpm -q --define 'rhel 7' --qf "%{description}\n" --specfile #{spec_file}`.split[0]
+  s.description = `rpm -q --define 'rhel 7' --qf "%{description}\n" --specfile #{spec_file}`.split[0]
-  s.files       = Dir[lib_dir] + Dir[bin_dir]
+  s.files       = Dir[lib_dir] + Dir[bin_dir] + Dir[conf_dir] + Dir[config_dir]
   s.test_files  = Dir[test_dir]
   s.executables = Dir[bin_dir].map {|binary| File.basename(binary)}
   s.files       += %w(README.md Rakefile Gemfile rubygem-openshift-origin-auth-kerberos.spec openshift-origin-auth-kerberos.gemspec LICENSE COPYRIGHT)

data/rubygem-openshift-origin-auth-kerberos.spec CHANGED

@@ -1,112 +1,130 @@
-%global ruby_sitelib %(ruby -rrbconfig -e "puts Config::CONFIG['sitelibdir']")
-%global gemdir %(ruby -rubygems -e 'puts Gem::dir' 2>/dev/null)
-%global gemname openshift-origin-auth-kerberos
-%global geminstdir %{gemdir}/gems/%{gemname}-%{version}
-Summary:        OpenShift Origin plugin for kerberos auth service
-Name:           rubygem-%{gemname}
-Version:        0.8.8
+%if 0%{?fedora}%{?rhel} <= 6
+    %global scl ruby193
+    %global scl_prefix ruby193-
+%endif
+%{!?scl:%global pkg_name %{name}}
+%{?scl:%scl_package rubygem-%{gem_name}}
+%global gem_name openshift-origin-auth-kerberos
+%global rubyabi 1.9.1
+Summary:        OpenShift plugin for kerberos auth service
+Name:           rubygem-%{gem_name}
+Version:        1.1.1
 Release:        1%{?dist}
 Group:          Development/Languages
 License:        ASL 2.0
 URL:            http://openshift.redhat.com
-Source0:        rubygem-%{gemname}-%{version}.tar.gz
+Source0:        rubygem-%{gem_name}-%{version}.tar.gz
 BuildRoot:      %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
-Requires:       ruby(abi) = 1.8
-Requires:       rubygems
+Requires:       %{?scl:%scl_prefix}ruby(abi) = %{rubyabi}
+Requires:       %{?scl:%scl_prefix}ruby
+Requires:       %{?scl:%scl_prefix}rubygems
+Requires:       %{?scl:%scl_prefix}rubygem(json)
+Requires:       %{?scl:%scl_prefix}rubygem(krb5-auth)
+Requires:       %{?scl:%scl_prefix}rubygem(mocha)
 Requires:       rubygem(openshift-origin-common)
-Requires:       rubygem(json)
-Requires:       rubygem(mocha)
 Requires:       openshift-origin-broker
-Requires:  		selinux-policy-targeted
-Requires:  		policycoreutils-python
-Requires:       rubygem(krb5-auth)
-BuildRequires:  ruby
-BuildRequires:  rubygems
+Requires:     selinux-policy-targeted
+Requires:     policycoreutils-python
+%if 0%{?fedora}%{?rhel} <= 6
+BuildRequires:  ruby193-build
+BuildRequires:  scl-utils-build
+%endif
+BuildRequires:  %{?scl:%scl_prefix}ruby(abi) = %{rubyabi}
+BuildRequires:  %{?scl:%scl_prefix}ruby
+BuildRequires:  %{?scl:%scl_prefix}rubygems
+BuildRequires:  %{?scl:%scl_prefix}rubygems-devel
 BuildArch:      noarch
-Provides:       rubygem(%{gemname}) = %version
+Provides:       rubygem(%{gem_name}) = %version
-%package -n ruby-%{gemname}
-Summary:        OpenShift Origin plugin for kerberos auth service
-Requires:       rubygem(%{gemname}) = %version
-Provides:       ruby(%{gemname}) = %version
-Obsoletes:      rubygem-swingshift-kerberos-plugin
 %description
 Provides a kerberos auth service based plugin
-%description -n ruby-%{gemname}
-Provides a kerberos auth service based plugin
+%package doc
+Summary: OpenShift plugin for kerberos auth service documentation
+%description doc
+Provides a kerberos auth service based plugin documentation
 %prep
 %setup -q
 %build
+%{?scl:scl enable %scl - << \EOF}
+mkdir -p .%{gem_dir}
+# Create the gem as gem install only works on a gem file
+gem build %{gem_name}.gemspec
+export CONFIGURE_ARGS="--with-cflags='%{optflags}'"
+# gem install compiles any C extensions and installs into a directory
+# We set that to be a local directory so that we can move it into the
+# buildroot in %%install
+gem install -V \
+        --local \
+        --install-dir .%{gem_dir} \
+        --bindir ./%{_bindir} \
+        --force \
+        --rdoc \
+        %{gem_name}-%{version}.gem
+%{?scl:EOF}
 %install
-rm -rf %{buildroot}
-mkdir -p %{buildroot}%{gemdir}
-mkdir -p %{buildroot}%{ruby_sitelib}
-# Build and install into the rubygem structure
-gem build %{gemname}.gemspec
-gem install --local --install-dir %{buildroot}%{gemdir} --force %{gemname}-%{version}.gem
-# Symlink into the ruby site library directories
-ln -s %{geminstdir}/lib/%{gemname} %{buildroot}%{ruby_sitelib}
-ln -s %{geminstdir}/lib/%{gemname}.rb %{buildroot}%{ruby_sitelib}
-mkdir -p %{buildroot}/var/www/openshift/broker/config/environments/plugin-config
-cat <<EOF > %{buildroot}/var/www/openshift/broker/config/environments/plugin-config/openshift-origin-auth-kerberos.rb
-Broker::Application.configure do
-  config.auth = {
-    :salt => "ClWqe5zKtEW4CJEMyjzQ",
-    :privkeyfile => "/var/www/openshift/broker/config/server_priv.pem",
-    :privkeypass => "",
-    :pubkeyfile  => "/var/www/openshift/broker/config/server_pub.pem",
-  }
-end
-EOF
+mkdir -p %{buildroot}%{gem_dir}
+cp -a .%{gem_dir}/* %{buildroot}%{gem_dir}/
+mkdir -p %{buildroot}/etc/openshift/plugins.d
+cp conf/openshift-origin-auth-kerberos.conf.example %{buildroot}/etc/openshift/plugins.d/
 %clean
 rm -rf %{buildroot}
-%post
-/usr/bin/openssl genrsa -out /var/www/openshift/broker/config/server_priv.pem 2048
-/usr/bin/openssl rsa    -in /var/www/openshift/broker/config/server_priv.pem -pubout > /var/www/openshift/broker/config/server_pub.pem
-echo "The following variables need to be set in your rails config to use openshift-origin-auth-kerberos:"
-echo "auth[:salt]                    - salt for the password hash"
-echo "auth[:privkeyfile]             - RSA private key file for node-broker authentication"
-echo "auth[:privkeypass]             - RSA private key password"
-echo "auth[:pubkeyfile]              - RSA public key file for node-broker authentication"
 %files
 %defattr(-,root,root,-)
-%dir %{geminstdir}
-%doc %{geminstdir}/Gemfile
-%{gemdir}/doc/%{gemname}-%{version}
-%{gemdir}/gems/%{gemname}-%{version}
-%{gemdir}/cache/%{gemname}-%{version}.gem
-%{gemdir}/specifications/%{gemname}-%{version}.gemspec
+%doc LICENSE COPYRIGHT Gemfile
+%exclude %{gem_cache}
+%{gem_instdir}
+%{gem_spec}
-%attr(0440,apache,apache) /var/www/openshift/broker/config/environments/plugin-config/openshift-origin-auth-kerberos.rb
+/etc/openshift/plugins.d/openshift-origin-auth-kerberos.conf.example
-%files -n ruby-%{gemname}
-%{ruby_sitelib}/%{gemname}
-%{ruby_sitelib}/%{gemname}.rb
+%files doc
+%doc %{gem_docdir}
 %changelog
-* Fri Oct 05 2012 Krishna Raman <kraman@gmail.com> 0.8.8-1
-- new package built with tito
-* Thu Aug 16 2012 Brenton Leanhardt <bleanhar@redhat.com> 0.8.7-1
-- new package built with tito
-* Wed Aug 15 2012 Jason DeTiberus <jason.detiberus@redhat.com> 0.8.6-1
-- kerberos auth plugin (jason.detiberus@redhat.com)
-* Wed Aug 15 2012 Jason DeTiberus <jason.detiberus@redhat.com> 0.8.5-1
-- new package built with tito
+* Fri Jan 11 2013 Troy Dawson <tdawson@redhat.com> 1.1.1-1
+- updated gemspecs so they work with scl rpm spec files. (tdawson@redhat.com)
+- improve the description of the kerberos plugin (misc@zarb.org)
+- add instruction to generate the certificate (misc@zarb.org)
+- use a random salt, so someone doing cut and paste from the documentation
+  doesn't end with a know salt by neglect (misc@zarb.org)
+- remove uneeded object creation, as they are not used later (misc@zarb.org)
+- add config to gemspec (dmcphers@redhat.com)
+- Moving plugins to Rails 3.2.8 engine (kraman@gmail.com)
+- getting specs up to 1.9 sclized (dmcphers@redhat.com)
+- Bug 871436 - moving the default path for AUTH_PRIVKEYFILE and AUTH_PUBKEYFILE
+  under /etc (bleanhar@redhat.com)
+- Moving broker config to /etc/openshift/broker.conf Rails app and all oo-*
+  scripts will load production environment unless the
+  /etc/openshift/development marker is present Added param to specify default
+  when looking up a config value in OpenShift::Config Moved all defaults into
+  plugin initializers instead of separate defaults file No longer require
+  loading 'openshift-origin-common/config' if 'openshift-origin-common' is
+  loaded openshift-origin-common selinux module is merged into F16 selinux
+  policy. Removing from broker %%postrun (kraman@gmail.com)
+- Fixed broker/node setup scripts to install cgroup services. Fixed
+  mcollective-qpid plugin so it installs during origin package build. Updated
+  cgroups init script to work with both systemd and init.d Updated oo-trap-user
+  script Renamed oo-cgroups to openshift-cgroups (service and init.d) and
+  created oo-admin-ctl-cgroups Pulled in oo-get-mcs-level and abstract/util
+  from origin-selinux branch Fixed invalid file path in rubygem-openshift-
+  origin-auth-mongo spec Fixed invlaid use fo Mcollective::Config in
+  mcollective-qpid-plugin (kraman@gmail.com)
+- Centralize plug-in configuration (miciah.masters@gmail.com)
+- Removing old build scripts Moving broker/node setup utilities into util
+  packages Fix Auth service module name conflicts (kraman@gmail.com)
+- Module name and gem path fixes for auth plugins (kraman@gmail.com)
+* Mon Oct 08 2012 Dan McPherson <dmcphers@redhat.com> 0.8.9-1
+-

metadata CHANGED

@@ -1,13 +1,13 @@
 --- !ruby/object:Gem::Specification
 name: openshift-origin-auth-kerberos
 version: !ruby/object:Gem::Version
-  hash: 47
+  hash: 17
   prerelease: false
   segments:
-  - 0
-  - 8
-  - 8
-  version: 0.8.8
+  - 1
+  - 1
+  - 1
+  version: 1.1.1
 platform: ruby
 authors:
 - Jason DeTiberus
@@ -15,7 +15,7 @@ autorequire:
 bindir: bin
 cert_chain: []
-date: 2012-10-22 00:00:00 -04:00
+date: 2013-01-11 00:00:00 -05:00
 default_executable:
 dependencies:
 - !ruby/object:Gem::Dependency
@@ -112,12 +112,12 @@ extensions: []
 extra_rdoc_files: []
 files:
-- lib/openshift-kerberos-plugin.rb
-- lib/openshift-kerberos-plugin/engine/engine.rb
-- lib/openshift-kerberos-plugin/app/models/rest_account.rb
-- lib/openshift-kerberos-plugin/app/controllers/account_controller.rb
-- lib/openshift-kerberos-plugin/config/routes.rb
-- lib/openshift-kerberos-plugin/lib/openshift/kerberos_auth_service.rb
+- lib/openshift/kerberos_auth_service.rb
+- lib/openshift-origin-auth-kerberos.rb
+- lib/kerberos_auth_engine.rb
+- conf/openshift-origin-auth-kerberos.conf.example
+- config/routes.rb
+- config/initializers/openshift-origin-auth-kerberos.rb
 - README.md
 - Rakefile
 - Gemfile

data/lib/openshift-kerberos-plugin.rb DELETED

@@ -1,8 +0,0 @@
-module Swingshift
-  module AuthService
-    require 'openshift-origin-auth-kerberos/engine/engine' if defined?(Rails) && Rails::VERSION::MAJOR == 3
-  end
-end
-require "openshift-origin-auth-kerberos/lib/openshift/kerberos_auth_service.rb"
-OpenShift Origin::AuthService.provider=Swingshift::KerberosAuthService

data/lib/openshift-kerberos-plugin/app/controllers/account_controller.rb DELETED

@@ -1,20 +0,0 @@
-class AccountController < BaseController
-  respond_to :xml, :json
-  before_filter :authenticate, :check_version
-  def create
-    username = params[:username]
-    auth_config = Rails.application.config.auth
-    auth_service = Swingshift::KerberosAuthService.new(auth_config)
-    Rails.logger.debug "username = #{username}"
-    log_action('nil', 'nil', username, "ADD_USER", false, "Cannot create account, managed by kerberos")
-    @reply = RestReply.new(:unprocessable_entity)
-    @reply.messages.push(Message.new(:error, "Cannot create account, managed by kerberos", 1001, "username"))
-    respond_with @reply, :status => @reply.status
-    return
-  end
-end

data/lib/openshift-kerberos-plugin/app/models/rest_account.rb DELETED

@@ -1,12 +0,0 @@
-class RestAccount < OpenShift Origin::Model
-  attr_accessor :username, :created_on
-  def initialize(username, created_on)
-    self.username, self.created_on = username, created_on
-  end
-  def to_xml(options={})
-    options[:tag_name] = "account"
-    super(options)
-  end
-end

data/lib/openshift-kerberos-plugin/engine/engine.rb DELETED

@@ -1,12 +0,0 @@
-require 'openshift-origin-controller'
-require 'rails'
-module OpenShift Origin
-  class KerberosAuthServiceEngine < Rails::Engine
-    paths.app.controllers      << "lib/openshift-kerberos-plugin/app/controllers"
-    paths.lib                  << "lib/openshift-kerberos-plugin/lib"
-    paths.config               << "lib/openshift-kerberos-plugin/config"
-    paths.app.models           << "lib/openshift-kerberos-plugin/app/models"
-    config.autoload_paths      += %W(#{config.root}/lib)
-  end
-end