pasaporte 0.0.1 → 0.0.3

data/lib/pasaporte/hacks.rb

@@ -0,0 +1,10 @@
+# Hacks that are needed to make everything work swell
+# Start an XML tag.  We override to get "<stupidbrowserfriendly />" fwd slash
+class Builder::XmlMarkup
+  def _start_tag(sym, attrs, end_too=false)
+    @target << "<#{sym}"
+    _insert_attributes(attrs)
+    @target << " /" if end_too #HIER!!
+    @target << ">"
+  end
+end

data/lib/pasaporte/julik_state.rb

@@ -22,21 +22,25 @@ module JulikState
   def _appn; self.class.to_s.split(/::/).shift; end
   
   def force_session_save!
-    @cookies.jsid ||= _sid
     res = @js_rec.update_attributes :blob => @state, :sid => @cookies.jsid
     raise "Cannot save session" unless res
   end
   
-  def service(*a)
-    
-    fresh = Camping::H[{}]
-    @js_rec = State.find_by_sid_and_app(@cookies.jsid, _appn) || State.new(:app => _appn, :blob => fresh,
-      :sid => (@cookies.jsid ||= _sid))
-    
+  def reset_session!
+    @cookies.jsid = _sid
+    @js_rec.destroy unless @js_rec.new_record?
+    initialize_session!
+  end
+  
+  def initialize_session!(with = Camping::H[{}])
+    @js_rec = State.find_by_sid_and_app(@cookies.jsid, _appn) || State.new(
+      :app => _appn, :blob => with, :sid => (@cookies.jsid = _sid))
     @state = @js_rec.blob.dup
+  end
+  
+  def service(*a)
+    initialize_session!
     @msg = @state.delete(:msg)
-    returning(super(*a)) do
-      force_session_save! if (@state != @js_rec.blob)
-    end
+    returning(super(*a)) { force_session_save! }
   end
 end

data/lib/pasaporte/lighttpd/cacert.pem

@@ -0,0 +1,21 @@
+-----BEGIN CERTIFICATE-----
+MIIDZDCCAkygAwIBAgIBADANBgkqhkiG9w0BAQUFADAQMQ4wDAYDVQQDDAVQVGVz
+dDAeFw0wODExMDYwMTIyMzlaFw0xMzExMDUwMTIyMzlaMBAxDjAMBgNVBAMMBVBU
+ZXN0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvsRwETWeR2VEhRev
+kd7UQNFYKAd0b219/Lbt0QWFeRPki6pxRDBWlq5ZvUTfJV6LlV3NDHRL4qSC4NDp
+ks3EuyE15Y0pGXMcQQ7/2GeOAHIP94Civ3swa5kfWhvzQZlw+wJWDuEEc83RXgJS
+yNm3wjO0FhoxPgYuSPSxsKCftq7ZgQjqDw1aCk+hpAwZblohyj+neRdfbdIBcYvK
+IzxwaR1dgcSvR1YD4shc7Hh3240VrqcVNA1XV/hQFVH3bkI4f4cfMz6Xq7wD3NAp
+Y45tA/n+k5oHy5rMTYPgW8eTrCJ8clvVYCtyD9gfs9KmuVLRyRnVQeOslN3fwB3X
+UB2IIQIDAQABo4HIMIHFMA8GA1UdEwEB/wQFMAMBAf8wMQYJYIZIAYb4QgENBCQW
+IlJ1YnkvT3BlblNTTCBHZW5lcmF0ZWQgQ2VydGlmaWNhdGUwHQYDVR0OBBYEFGqv
+1S7TNlJ/5Eps7UtIPC9k4+moMA4GA1UdDwEB/wQEAwIBBjAWBgNVHSUBAf8EDDAK
+BggrBgEFBQcDATA4BgNVHSMEMTAvgBRqr9Uu0zZSf+RKbO1LSDwvZOPpqKEUpBIw
+EDEOMAwGA1UEAwwFUFRlc3SCAQAwDQYJKoZIhvcNAQEFBQADggEBAIqa1uDqrRSk
+jPLN6XBta6KjrSJ3gd/BSgVj4VTCRPP3AwLzTavSSUVS+U6Be4Xd9PC096gf0irH
+iqViMJrytBW1alyTrjyhMVLsUPbQOrHOAbJvSthDsCx+pM5g9VibUnFC5V13fkxf
+Byu5H/SJA2qlrYOHgrb1/6mOqn9upP27q1l+gpCFZKQutvFlwPkdIO5z28tM5bnZ
+ZZTll4+19BquA+qAfr2hb5p9ksANTd5Qh1sDs+aOiPseLz0C7IZMycBewnFWc3B0
+icStB2AaSeLm5bAGBQ2VjrrOD4kPSyX3xY+Rs3bi2oGY1hhzyT/NljVDCeyNTeDN
+tdMa50hTagM=
+-----END CERTIFICATE-----

data/lib/pasaporte/lighttpd/cert_localhost_combined.pem

@@ -0,0 +1,32 @@
+-----BEGIN CERTIFICATE-----
+MIICxzCCAa+gAwIBAgIBATANBgkqhkiG9w0BAQUFADAQMQ4wDAYDVQQDDAVQVGVz
+dDAeFw0wODExMDYwMTIyNDBaFw0wOTExMDYwMTIyNDBaMCExEjAQBgNVBAMMCWxv
+Y2FsaG9zdDELMAkGA1UECwwCQ0EwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGB
+AMtCjxQbJwktQFLJ+NOzUvsX1yEWPU7QdD0dmdDTflxyymUpbXyFKIdR5XPvVT7w
+CxjHQXCTNle16DYrQbjKNVlK6voTC6NkZEUfPg/nTxwxb1ZUbdfvCEiEG2Tz75SQ
+E9VPpUiB4Yk+NuEurs5gn2K/m9kUF5Pazb26x4sIY/itAgMBAAGjgZ4wgZswDAYD
+VR0TAQH/BAIwADAxBglghkgBhvhCAQ0EJBYiUnVieS9PcGVuU1NMIEdlbmVyYXRl
+ZCBDZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQUyF7HBbbl960mFxCkaFO4c+szNOkwCwYD
+VR0PBAQDAgOoMBMGA1UdJQQMMAoGCCsGAQUFBwMBMBcGA1UdEQEB/wQNMAuCCWxv
+Y2FsaG9zdDANBgkqhkiG9w0BAQUFAAOCAQEAiqBI77ifmbNnaOCY5hZH6V9XkrvH
+tzEeDrgLLCGXCWgIKWkjeNZQDCfRbyu7rPxUav87+WQWSndcSnFsWVOcxYDmPq2N
+aXHfzIU51sEY57Ie9/pzZgsxs6Hhrky81NyzepG9B76ZzJOrYToJxywQmh3NThD9
+tfywNXGnoiO55DZJfg7w4cOH4VnxkpqLMT8AxOpSlXCD4p57AutXSGLUOfzurU/Q
+npqoQcp9m/eYUKIDzS9TyA6scQ8akKCuMuMuX4HQOJl17y6d5+CrNhfvq1nYkj0M
+LWBzK5Uqf/O/R/bbMKMlgduuxSB2jfBtgl5C+hhQfDKtqf5F5S4csebPwA==
+-----END CERTIFICATE-----
+-----BEGIN RSA PRIVATE KEY-----
+MIICXQIBAAKBgQDLQo8UGycJLUBSyfjTs1L7F9chFj1O0HQ9HZnQ035ccsplKW18
+hSiHUeVz71U+8AsYx0FwkzZXteg2K0G4yjVZSur6EwujZGRFHz4P508cMW9WVG3X
+7whIhBtk8++UkBPVT6VIgeGJPjbhLq7OYJ9iv5vZFBeT2s29useLCGP4rQIDAQAB
+AoGAP2sk+UD/jP1xdGNQH71zxqRJmyk1N8ISgn8Z3u4eHvox7B5g6tkhLBeBYArs
+rhZ3X+PLpzRHYFaBfWVBvEZbHlH5vIFEB7hVtomr5yhv8oVi+IY6ynAp6qFh47JY
+QcqNm+PKDVOAIPyUafMjFCAJljngIup3f0r/Tuj/9jhaVIECQQD9xkj52bG2GelP
+Jtqa6mmI7LaI5xX3Bi3M3AswFlj3ICI5ZSTiLI5/5PjzBAbu9F1TwQLqH6g3lkrK
+KREGlmnTAkEAzQre1RT8ixFIlyvUfi6tLtn8oARYd42WXibZT7e6j4t0xaZ8MV3J
+gfVH413EmcJhHw4oKNYlS+XMLO1o4FgDfwJBAKnPHZO5/HUan4hsOkkA4/9QTdAL
+uSHjS5BSCVZzDbLHGL+JE4YYRH4F7CNIpY8Nisl5VIbvCfOwKHlfw1nCGisCQCJF
+cN1YtqVf7CwoTUoR7yxnjwwH7el9puZxw9zJLsuTWZ83poZx0J6CKtPb9mJk1Orl
+6Nx6fp1i+W+A9wiYbW0CQQC92IXy4rgz5gaoXCGCUZ3uQVyysvuUcb0LBPVezNhB
+aOsMqthVtaddDMm6rshkFN+8GXrottZWJgStRxFLv9mk
+-----END RSA PRIVATE KEY-----

data/lib/pasaporte/lighttpd/sample-lighttpd-config.conf

@@ -0,0 +1,27 @@
+# This is a sample config for running Pasaporte in Partial SSL mode.
+# It runs on non-privileged ports.
+server.bind = "0.0.0.0"
+server.port = 9050
+server.pid-file  = CWD + "/lighttpd.pid"
+server.modules = ( "mod_fastcgi",  "mod_redirect" )
+index-file.names = ("index.html")
+server.document-root = CWD
+
+fastcgi.server = ( "" => (
+  "localhost" => (
+    "socket" => "/tmp/camping-pasaporte.socket",
+    "bin-path" => CWD +"/../../../bin/pasaporte-fcgi.rb",
+    "bin-environment" => ("FORCE_ROOT" => "1", 
+      "PASAPORTE_PARTIAL_SSL" => "1",
+      "PASAPORTE_SSL_PORT" => "9051",
+      "PASAPORTE_HTTP_PORT" => "9050"
+     ),
+    "allow-x-send-file" => "enable",
+    "check-local" => "disable",
+    "max-procs" => 1 ) ) )
+
+$SERVER["socket"] == ":9051" {
+  ssl.engine = "enable"
+  ssl.ca-file = CWD + "/cacert.pem"
+  ssl.pemfile = CWD + "/cert_localhost_combined.pem"
+}

data/lib/pasaporte/models.rb

@@ -0,0 +1,254 @@
+module Pasaporte::Models
+  MAX = :limit # Thank you rails core, it was MAX before
+  class CreatePasaporte < V 1.0
+    def self.up
+      create_table :pasaporte_profiles, :force => true do |t|
+        # http://openid.net/specs/openid-simple-registration-extension-1_0.html
+        t.column :nickname, :string, MAX => 20
+        t.column :email, :string, MAX => 70
+        t.column :fullname, :string, MAX => 50
+        t.column :dob, :date, :null => true
+        t.column :gender, :string, MAX => 1
+        t.column :postcode, :string, MAX => 10
+        t.column :country, :string, MAX => 2
+        t.column :language, :string, MAX => 5
+        t.column :timezone, :string, MAX => 50
+
+        # And our extensions
+        # is the profile shared (visible to others)
+        t.column :shared, :boolean, :default => false
+
+        # his bio
+        t.column :info, :text
+
+        # when he last used Pasaporte
+        t.column :last_login, :datetime
+
+        # the encryption part that we generate for every user, the other is the pass
+        # the total encryption key for private data will be stored in the session only when
+        # the user is logged in
+        t.column :secret_salt, :integer
+
+        # Good servers delegate
+        t.column :openid_server, :string
+        t.column :openid_delegate, :string
+
+        # We shard by domain
+        t.column :domain_name, :string, :null => false, :default => 'localhost'
+
+        # Keep a close watch on those who
+        t.column :throttle_count, :integer, :default => 0
+        t.column :suspicious, :boolean, :default => false
+      end
+
+      add_index(:pasaporte_profiles, [:nickname, :domain_name], :unique)
+
+      create_table :pasaporte_settings do |t|
+        t.column :setting, :string
+        t.column :value, :binary
+      end
+
+      create_table :pasaporte_associations do |t|
+        # server_url is blob, because URLs could be longer
+        # than db can handle as a string
+        t.column :server_url, :binary
+        t.column :handle,     :string
+        t.column :secret,     :binary
+        t.column :issued,     :integer
+        t.column :lifetime,   :integer
+        t.column :assoc_type, :string
+      end
+
+      create_table :pasaporte_nonces do |t|
+        t.column :nonce,   :string
+        t.column :created, :integer
+      end
+
+      create_table :pasaporte_throttles do |t|
+        t.column :created_at, :datetime
+        t.column :client_fingerprint, :string, MAX => 40
+      end
+    end
+
+    def self.down
+      drop_table :pasaporte_profiles
+      drop_table :pasaporte_settings
+      drop_table :pasaporte_associations
+      drop_table :pasaporte_nonces
+      drop_table :pasaporte_throttles
+    end
+  end
+  class AddAprovals < V(1.1)
+    def self.up
+      create_table :pasaporte_approvals do | t |
+        t.column :profile_id, :integer, :null => false
+        t.column :trust_root, :string, :null => false
+      end
+      add_index(:pasaporte_approvals, [:profile_id, :trust_root], :unique)
+    end
+
+    def self.down
+      drop_table :pasaporte_approvals
+    end
+  end
+  
+  class MigrateOpenidTables < V(1.2)
+    def self.up
+      drop_table :pasaporte_settings
+      drop_table :pasaporte_nonces
+      create_table :pasaporte_nonces, :force => true do |t|
+        t.column :server_url, :string, :null => false
+        t.column :timestamp, :integer, :null => false
+        t.column :salt, :string, :null => false
+      end
+    end
+    
+    def self.down
+      drop_table :pasaporte_nonces
+      create_table :pasaporte_nonces, :force => true do |t|
+        t.column "nonce", :string
+        t.column "created", :integer
+      end
+      
+      create_table :pasaporte_settings, :force => true do |t|
+        t.column "setting", :string
+        t.column "value", :binary
+      end
+    end
+  end
+  
+  class ShardOpenidTables < V(1.3)
+    def self.up
+      add_column :pasaporte_associations, :pasaporte_domain, :string, :null => false, :default => 'localhost'
+      add_column :pasaporte_nonces, :pasaporte_domain, :string, :null => false, :default => 'localhost'
+    end
+    
+    def self.down
+      remove_column :pasaporte_nonces, :pasaporte_domain
+      remove_column :pasaporte_associations, :pasaporte_domain
+    end
+  end
+  
+  # Minimal info we store about people. It's the container for the sreg data
+  # in the first place.
+  class Profile < Base
+    before_create { |p| p.secret_salt = rand(Time.now) }
+    before_save :validate_delegate_uris
+    validates_presence_of :nickname
+    validates_presence_of :domain_name
+    validates_uniqueness_of :nickname, :scope => :domain_name
+    attr_protected :domain_name, :nickname
+    has_many :approvals, :dependent => :delete_all
+
+    any_url_present = lambda do |r| 
+      !r.openid_server.blank? || !r.openid_server.blank?
+    end
+    %w(openid_server openid_delegate).map do | c |
+      validates_presence_of c, :if => any_url_present
+    end
+    
+    # Convert the profile to sreg according to the spec (YYYY-MM-DD for dob and such)
+    def to_sreg_fields(fields_to_extract = nil)
+      fields_to_extract ||= %w( nickname email fullname dob gender postcode country language timezone )
+      fields_to_extract.inject({}) do | out, field |
+        v = self[field]
+        v.blank? ? out : (out[field.to_s] = v.to_s; out)
+      end
+    end
+    
+    # We have to override that because we want our protected attributes
+    def self.find_or_create_by_nickname_and_domain_name(nick, domain)
+      returning(super(nick, domain)) do | me |
+        ((me.nickname, me.domain_name = nick, domain) && me.save) if me.new_record?
+      end
+    end
+    class << self
+      alias_method :find_or_create_by_domain_name_and_nickname,
+      :find_or_create_by_nickname_and_domain_name
+    end
+    
+    def generate_sess_key
+      self.secret_salt ||= rand(Time.now)
+      s = [nickname, secret_salt, Time.now.year, Time.now.month].join('|')
+      OpenSSL::Digest::SHA1.new(s).hexdigest.to_s
+    end
+    
+    # Check if this profile wants us to delegate his openid to a different identity provider.
+    # If both delegate and server are filled in properly this will return true
+    def delegates_openid?
+      Pasaporte::ALLOW_DELEGATION && (!openid_server.blank? && !openid_delegate.blank?)
+    end
+    
+    def delegates_openid=(nv)
+      (self.openid_server, self.openid_delegate = nil, nil) if [false, '0', 0, 'no'].include?(nv) 
+    end
+    alias_method :delegates_openid, :delegates_openid? # for checkboxes
+    
+    def to_s; nickname; end
+    
+    private
+    def validate_delegate_uris
+      if ([self.openid_server, self.openid_delegate].select{|i| i.blank?}).length == 1
+        errors.add(:delegate_server, "If you use delegation you have to specify both addresses")
+        false
+      end
+      
+      %w(openid_server openid_delegate).map do | attr |
+        return if self[attr].blank?
+        begin
+          self[attr] = OpenID::URINorm.urinorm(self[attr])
+        rescue Exception => e
+          errors.add(attr, e.message)
+        end
+      end
+    end
+  end
+  
+  # A token that the user has approved a site (a site's trust root) as legal
+  # recipient of his information
+  class Approval < Base
+    belongs_to :profile
+    validates_presence_of :profile_id, :trust_root
+    validates_uniqueness_of :trust_root, :scope => :profile_id
+    def to_s; trust_root; end
+  end
+  
+  # Openid setting
+  class Setting < Base; end
+  
+  # Openid nonces
+  class Nonce < Base; end
+  
+  # Openid assocs
+  class Association < Base
+    def from_record
+      OpenID::Association.new(handle, secret, issued, lifetime, assoc_type)
+    end
+    
+    def expired?
+      Time.now.to_i > (issued + lifetime)
+    end
+  end
+ 
+  # Set throttles
+  class Throttle < Base
+  
+    # Set a throttle with the environment of the request
+    def self.set!(e)
+      create(:client_fingerprint => env_hash(e))
+    end
+  
+    # Check if an environment is throttled
+    def self.throttled?(e)
+      prune!
+      count(:conditions => ["client_fingerprint = ? AND created_at > ?", env_hash(e), cutoff]) > 0
+    end
+  
+    private
+    def self.prune!;  delete_all "created_at < '#{cutoff.to_s(:db)}'"; end
+    def self.cutoff; Time.now - Pasaporte::THROTTLE_FOR; end
+    def self.env_hash(e)
+      OpenSSL::Digest::SHA1.new([e['REMOTE_ADDR'], e['HTTP_USER_AGENT']].map(&:to_s).join('|')).to_s
+    end
+  end
+end # Pasaporte::Models

data/lib/pasaporte/token_box.rb

@@ -0,0 +1,43 @@
+# A simple but effective CSRF protector
+class TokenBox
+  class Invalid < RuntimeError; end
+  MAX_TOKENS, TOKEN_SIZE = 2, 64
+  CHARS = [*'A'..'Z'] + [*'0'..'9'] + [*'a'..'z']
+  WINDOW = 10.minutes # Gone in 60 seconds
+  
+  class Token
+    attr_reader :token
+    alias_method :to_s, :token
+    
+    def initialize(lifetime)
+      @will_expire = Time.now.utc + lifetime
+      @token = (0...TOKEN_SIZE).inject("") { |ret,_| ret << CHARS[rand(CHARS.length)] }
+    end
+    
+    def expired?
+      @will_expire < Time.now.utc
+    end
+    
+    def inspect
+      "#{@token}:#{'exp' if expired?}"
+    end
+  end
+  
+  # Procure a CSRF token for a specific request URI
+  def procure!(request, lifetime = nil)
+    returning(Token.new(lifetime || WINDOW)) do | t |
+      @heap ||= {}
+      @heap[request] ||= []
+      @heap[request].shift if @heap[request].length >= MAX_TOKENS
+      @heap[request] << t
+    end.to_s
+  end
+  
+  # Validate the token for a specific request URI
+  def validate!(request, token)
+    raise Invalid.new("no heap part") unless (@heap && @heap[request])
+    @heap[request].reject!{|t| t.expired? }
+    raise Invalid.new("no token found in heap") unless @heap[request].find{|e| e.to_s == token}
+    @heap[request].reject!{|e| e.to_s == token }
+  end
+end

data/test/helper.rb

@@ -8,10 +8,13 @@ require File.dirname(__FILE__) + '/mosquito'
 require 'flexmock'
 require 'flexmock/test_unit'
 
+Markaby::Builder.set(:indent, nil)
+
 # for assert_select and friends
 require 'action_controller'
 require 'action_controller/assertions'
 
+
 class Pasaporte::Controllers::ServerError
   def get(*all)
     raise all.pop
@@ -63,4 +66,7 @@ class Pasaporte::WebTest < Camping::WebTest
       @html_document = HTML::Document.new(@response.body.to_s) unless @response.headers["Location"]
     end
   end
-end
+end
+
+# Requires Pasaporte:WebTest to be defined already
+require File.dirname(__FILE__) + '/testable_openid_fetcher'