RubyGems - pasaporte - Versions diffs - 0.0.1 - Mend

pasaporte 0.0.1

Files changed (41) hide show

data/History.txt +2 -0
data/Manifest.txt +41 -0
data/README.txt +72 -0
data/Rakefile +111 -0
data/TODO.txt +2 -0
data/bin/pasaporte-fcgi.rb +17 -0
data/lib/pasaporte/.DS_Store +0 -0
data/lib/pasaporte/assets/.DS_Store +0 -0
data/lib/pasaporte/assets/bgbar.png +0 -0
data/lib/pasaporte/assets/lock.png +0 -0
data/lib/pasaporte/assets/mainbg_green.gif +0 -0
data/lib/pasaporte/assets/mainbg_red.gif +0 -0
data/lib/pasaporte/assets/openid.png +0 -0
data/lib/pasaporte/assets/pasaporte.css +192 -0
data/lib/pasaporte/assets/pasaporte.js +10 -0
data/lib/pasaporte/assets/user.png +0 -0
data/lib/pasaporte/auth/cascade.rb +16 -0
data/lib/pasaporte/auth/remote_web_workplace.rb +61 -0
data/lib/pasaporte/auth/yaml_digest_table.rb +23 -0
data/lib/pasaporte/auth/yaml_table.rb +43 -0
data/lib/pasaporte/faster_openid.rb +39 -0
data/lib/pasaporte/iso_countries.yml +247 -0
data/lib/pasaporte/julik_state.rb +42 -0
data/lib/pasaporte/markaby_ext.rb +8 -0
data/lib/pasaporte/pasaporte_store.rb +60 -0
data/lib/pasaporte/timezones.yml +797 -0
data/lib/pasaporte.rb +1214 -0
data/test/fixtures/pasaporte_approvals.yml +12 -0
data/test/fixtures/pasaporte_profiles.yml +45 -0
data/test/fixtures/pasaporte_throttles.yml +4 -0
data/test/helper.rb +66 -0
data/test/mosquito.rb +596 -0
data/test/test_approval.rb +33 -0
data/test/test_auth_backends.rb +59 -0
data/test/test_openid.rb +363 -0
data/test/test_pasaporte.rb +326 -0
data/test/test_profile.rb +165 -0
data/test/test_settings.rb +27 -0
data/test/test_throttle.rb +70 -0
data/test/testable_openid_fetcher.rb +82 -0
metadata +151 -0

data/test/test_profile.rb ADDED Viewed

@@ -0,0 +1,165 @@
+require File.dirname(__FILE__) + '/helper'
+class TestProfile < Camping::ModelTest
+  DOMAIN = 'my-pasaporte.com'
+  fixtures :pasaporte_profiles
+  def test_aa_fixtures_loaded
+    assert_equal 4, Profile.count
+  end
+  def test_assumes_localhost_as_default_domain
+    @profile = Profile.new
+    assert_equal 'localhost', @profile.domain_name
+  end
+  def test_requires_nickname_and_domain
+    @profile = Profile.new
+    deny @profile.valid?, "The profile without a nickname and a domain name is invalid"
+    @profile.nickname = 'xxx'
+    @profile.domain_name = ''
+    deny @profile.valid?, "The profile without a domain name is invalid"
+    @profile.domain_name = 'somedomain'
+    assert @profile.valid?
+  end
+  def test_domain_name_and_nickname_are_protected
+    @profile = Profile.new
+    @profile.attributes = {:nickname => 'xyz', :domain_name => 'google'}
+    assert_not_equal @profile.nickname, 'xyz'
+    assert_not_equal @profile.domain_name, 'google'
+  end
+  def test_find_or_create_by_domain_and_nickname_exempted_from_attribute_protection
+    prof = create("julik", "julik.nl")
+    assert prof.valid?
+    deny prof.new_record?
+    assert_equal 'julik.nl', prof.domain_name
+    assert_equal 'julik', prof.nickname
+    prof = create("julik", "julik.nl")
+    assert prof.valid?
+    deny prof.new_record?
+    assert_equal 'julik.nl', prof.domain_name
+    assert_equal 'julik', prof.nickname
+  end
+  def test_secret_integer_generated
+    secrets = %w( foo bar baz daz daing ).map do | word |
+      prof = Profile.find_or_create_by_nickname_and_domain_name(word, word)
+      deny prof.new_record?
+      prof.secret_salt
+    end
+    assert_equal secrets.length, secrets.uniq.length,
+      "All generated secrets should be autogenerated and unique"
+  end
+  def test_enforces_unique_nickname_and_domain
+    prof1 = create("MisterZed", "google.com")
+    prof2 = Profile.new do | p |
+      p.nickname = "MisterZed"
+      p.domain_name = "google.com"
+    end
+    assert prof1.valid?, "The first created should be valid"
+    deny prof2.valid?, "The second one clashes"
+    prof2.domain_name = "yahoo.com"
+    assert prof2.valid?, "The second one is valid too because there are no clashes anymore"
+  end
+  def test_validates_both_delegate_urls
+    p = create("strained", "test.host")
+    assert p.valid?, "The newly created profile should be valid"
+    p.openid_server = "watatoe.com/openid"
+    deny p.valid?, "The profile cannot be valid with only the server URL"
+    assert_not_nil p.errors[:openid_delegate], "Should require delegate URL"
+    p.openid_delegate = "watatoe.com/openid/backend"
+    assert p.valid?, "As two URLs are present the profile becomes valid"
+  end
+  def test_delegate_urls_removed_when_delegate_set_to_false
+    p = create('julik', DOMAIN,
+      :openid_server => 'xxx.com', :openid_delegate => 'xyz.org/x')
+    assert p.delegates_openid?, "This profile delegates"
+    p.delegates_openid = false
+    p.save!
+    assert p.openid_server.blank?, "The openid server should have been removed"
+    assert p.openid_delegate.blank?, "The openid delegate should have been removed"
+    deny p.delegates_openid?, "Delegation is now turned off because we sent a bool switch of false"
+  end
+  def test_normalizes_both_delegate_urls
+    p = create('julik', DOMAIN,
+      :openid_server => 'xxx.com', :openid_delegate => 'xyz.org/x')
+    assert_equal 'http://xxx.com/', p.openid_server,
+      "The URL should be normalized with HTTP scheme and trailing slash"
+    assert_equal 'http://xyz.org/x', p.openid_delegate,
+      "The URL should be normalized with HTTP scheme"
+  end
+  def test_to_sreg_fields_by_default
+    p = create('julik', DOMAIN,
+      :email => 'foo@var.com', :dob => Date.parse("10.15.1983"))
+    all_fields = p.to_sreg_fields
+    r = {"dob"=>"1983-10-15", "nickname"=>"julik", "email"=>"foo@var.com"}
+    assert_equal r, all_fields
+  end
+  def test_to_sreg_fields_with_requested_fields
+    p = create('julik', DOMAIN,
+      :email => 'foo@var.com', :dob => Date.parse("10.15.1983"))
+    partial_fields = p.to_sreg_fields([:dob, :gender, :country])
+    r = {"dob"=>"1983-10-15"}
+    assert_equal r, partial_fields
+  end
+  def test_to_sreg_fields_with_lotso_data
+    mh = Profile.find(1)
+    ref = {"dob"=>"1953-01-12", "postcode"=>"1234",
+      "nickname"=>"monsieur-hulot",
+      "country"=>"fr", "fullname"=>"Monsieur Hulot", "gender"=>"m"}
+    assert_equal ref, mh.to_sreg_fields
+  end
+  def test_openid_requestor
+    begin
+      o = Pasaporte::ALLOW_DELEGATION
+      silence_warnings { Pasaporte.const_set(:ALLOW_DELEGATION, true) }
+      mh = Profile.find(1)
+      deny mh.delegates_openid?
+      assert mh.update_attributes(
+        :openid_server => 'http://tativille.fr/oid',
+        :openid_delegate => 'http://tativille.fr/oid/proc'
+      )
+      assert mh.delegates_openid?, "delegates_openid? should be true"
+      assert mh.update_attributes(:openid_server => '', :openid_delegate => '')
+      deny mh.delegates_openid?, "There are no URLS - no delegation happens"
+      assert mh.update_attributes(
+        :openid_server => 'http://tativille.fr/oid',
+        :openid_delegate => 'http://tativille.fr/oid/proc'
+      )
+      silence_warnings { Pasaporte.const_set(:ALLOW_DELEGATION, false) }
+      deny mh.delegates_openid?, "Delegation is turned off - "+
+       "no delegation happens"
+    ensure
+      silence_warnings { Pasaporte.const_set(:ALLOW_DELEGATION, o) }
+    end
+  end
+  private
+    def create(nick, domain, extras = {})
+      p = Profile.find_or_create_by_nickname_and_domain_name(nick, domain)
+      p.update_attributes(extras) if extras.any?
+      p
+    end
+end

data/test/test_settings.rb ADDED Viewed

@@ -0,0 +1,27 @@
+require File.dirname(__FILE__) + '/helper'
+class TestSettings < Camping::Test
+  CONFIG = File.dirname(Pasaporte::PATH) + '/pasaporte/config.yml'
+  def test_application
+    emit :throttle_for => 45.minutes
+    assert_nothing_raised { Pasaporte.apply_config! }
+    assert_equal 45.minutes, Pasaporte::THROTTLE_FOR, "The setting should have " +
+      "been applied"
+  end
+  def test_bail_on_unknowns
+    emit :achtung => "shtoink"
+    e = assert_raise(NameError) { Pasaporte.apply_config! }
+    assert_match /ACHTUNG/i, e.message
+  end
+  def teardown
+    begin; File.unlink(CONFIG); rescue Errno::ENOENT; end
+  end
+  private
+    def emit(hash = {})
+      File.open(CONFIG, 'w') { | f | f << hash.to_yaml }
+    end
+end

data/test/test_throttle.rb ADDED Viewed

@@ -0,0 +1,70 @@
+require File.dirname(__FILE__) + '/helper'
+class TestThrottle < Camping::ModelTest
+  DOMAIN = 'my-pasaporte.com'
+  HEADERS = Mosquito::MockRequest::DEFAULT_HEADERS.merge('REMOTE_ADDR' => '120.171.0.1')
+  def setup
+    silence_warnings { Pasaporte.const_set(:THROTTLE_FOR, 2.minutes) }
+    super
+  end
+  def test_throttle_set
+    deny Throttle.throttled?(HEADERS)
+    t = Throttle.set!(HEADERS)
+    assert_kind_of Throttle, t
+    deny t.new_record?
+    assert Throttle.throttled?(HEADERS)
+  end
+  def test_throttle_response_depends_on_cutoff
+    Throttle.set!(HEADERS)
+    flexmock(Throttle).should_receive(:cutoff).at_least.once.and_return(Time.now + 10)
+    deny Throttle.throttled?(HEADERS)
+  end
+  def test_cutoff_depends_on_app_setting
+    assert_time_matches (Time.now - Pasaporte::THROTTLE_FOR), Throttle.send(:cutoff)
+    silence_warnings{ Pasaporte.const_set(:THROTTLE_FOR, 14) }
+    assert_time_matches Time.now - 14, Throttle.send(:cutoff)
+  end
+  def test_throttle_response_depends_on_env_params
+    envs = [
+      {'HTTP_USER_AGENT' => 'KitchenSink, NOT like IE',
+          'REMOTE_ADDR' => '164.10.10.1'},
+      {'HTTP_USER_AGENT' => 'WebKit (like Gecko)',
+          'REMOTE_ADDR' => '164.10.10.1'},
+      {'HTTP_USER_AGENT' => 'KitchenSink, NOT like IE',
+          'REMOTE_ADDR' => '164.10.10.1'},
+    ]
+    Throttle.set!(envs[0])
+    assert Throttle.throttled?(envs[0])
+    assert Throttle.throttled?(envs[2])
+    deny Throttle.throttled?(envs[1]), "This environment is not throttled"
+  end
+  def teardown
+    Throttle.delete_all
+    super
+  end
+  def test_throttle_autoexpiry_on_check
+    Throttle.set!(HEADERS)
+    assert_equal 1, Throttle.count
+    flexmock(Throttle).should_receive(:cutoff).at_least.once.and_return(Time.now + 10)
+    deny Throttle.throttled?(HEADERS)
+    assert_equal 0, Throttle.count
+  end
+  private
+    def assert_time_matches(ref, actual)
+      assert_kind_of Time, ref, "The reference value should be Time"
+      assert_kind_of Time, actual, "The actual value should be Time"
+      assert_in_delta(ref.to_i, actual.to_i,  2,
+        "The times passed should be within 2s")
+    end
+end

data/test/testable_openid_fetcher.rb ADDED Viewed

@@ -0,0 +1,82 @@
+# Implements OpenID::Fetcher. Will run the request through the mosquito test case instead of calling
+# out via HTTP
+class TestableOpenidFetcher
+  # Will be raised when the fetcher tries to get a URL which is
+  # not within the application being tested
+  class ExternalResource < RuntimeError; end
+  # We need a separate Mosquito tester class for things that will
+  # happen via POST, because this is a different flow -
+  # the requests of the server instead of the browser.
+  # If you post directly from the same test case you are wiring yourself into the
+  # session ID that has been gotten by the simulated browser, that's why we use that.
+  class OpenidPoster < Pasaporte::WebTest
+    attr_reader :request, :response
+    def test_foo; assert true; end
+  end
+  def initialize(test_case)
+    @browser_getter = test_case
+    @browser_getter.request.headers['HTTP_HOST'] = 'test.host'
+    @server_poster = OpenidPoster.new("test_foo")
+    @server_poster.setup # manually yes
+  end
+  # This is used by OpenID lib 2
+  def fetch(url, body=nil, headers=nil, redirect_limit=10)
+    url, url_stringified = URI::parse(url), url.dup
+    h = headers || {}
+    raise_on_external url, @browser_getter
+    camping_controller_with_response =  (body.blank? ? get(url.request_uri, h) : post(url.request_uri, h, body))
+    ::OpenID::HTTPResponse._from_net_response(FakeResponse.new(camping_controller_with_response), url_stringified)
+  end
+  # An adapter to make a Mosquito response (Camping controller) behave like Net::HTTPResponse
+  class FakeResponse < ::Net::HTTPResponse
+    def initialize(mosquito_response)
+      @the = mosquito_response
+      super('1.0', @the.status.to_s, 'Found') # http version, resp code and message
+      flat_headers = @the.headers.inject({}) { |n, k| n.merge k[0] => k[1].to_s } rescue {}
+      initialize_http_header(flat_headers)
+    end
+    def body
+      @the.body
+    end
+    def code
+      @the.status.to_s
+    end
+  end
+  private
+    def get(uri, headers = {})
+      Pasaporte::LOGGER.debug "OpenID requested GET on #{uri}"
+      @browser_getter.get relativized(uri) # this fails somehow
+      @browser_getter.response
+    end
+    def post(uri, headers = {}, body = '')
+      Pasaporte::LOGGER.debug "OpenID requested POST on #{uri}"
+      @server_poster.post relativized(uri), body
+      @server_poster.response
+    end
+    def relativized(uri)
+      # Here we need to replace the mount point URL otherwise
+      # OpenID gets confused and actually posts into it
+      # - Mosquito does not like that
+      u = URI.parse(uri)
+      u.path.gsub(/^\/pasaporte/, '')
+    end
+    # Check if we are calling to the outside world
+    def raise_on_external(uri, testcase)
+      unless ((uri.host == testcase.request.http_host) || uri.host.blank?)
+        raise ExternalResource, "Called out to external resource: OpenID consumer wants to have #{uri}"
+      end
+    end
+end

metadata ADDED Viewed

@@ -0,0 +1,151 @@
+--- !ruby/object:Gem::Specification
+name: pasaporte
+version: !ruby/object:Gem::Version
+  version: 0.0.1
+platform: ruby
+authors:
+- Julik Tarkhanov
+autorequire:
+bindir: bin
+cert_chain: []
+date: 2008-11-03 00:00:00 +01:00
+default_executable:
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: activerecord
+  type: :runtime
+  version_requirement:
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: "0"
+    version:
+- !ruby/object:Gem::Dependency
+  name: camping
+  type: :runtime
+  version_requirement:
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: "0"
+    version:
+- !ruby/object:Gem::Dependency
+  name: ruby-openid
+  type: :runtime
+  version_requirement:
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 2.1.0
+    version:
+- !ruby/object:Gem::Dependency
+  name: flexmock
+  type: :runtime
+  version_requirement:
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: "0"
+    version:
+- !ruby/object:Gem::Dependency
+  name: hoe
+  type: :development
+  version_requirement:
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 1.8.2
+    version:
+description: An OpenID server with a colored bar on top
+email: me@julik.nl
+executables:
+- pasaporte-fcgi.rb
+extensions: []
+extra_rdoc_files:
+- History.txt
+- Manifest.txt
+- README.txt
+- TODO.txt
+files:
+- History.txt
+- Manifest.txt
+- README.txt
+- Rakefile
+- TODO.txt
+- bin/pasaporte-fcgi.rb
+- lib/pasaporte.rb
+- lib/pasaporte/.DS_Store
+- lib/pasaporte/assets/.DS_Store
+- lib/pasaporte/assets/bgbar.png
+- lib/pasaporte/assets/lock.png
+- lib/pasaporte/assets/mainbg_green.gif
+- lib/pasaporte/assets/mainbg_red.gif
+- lib/pasaporte/assets/openid.png
+- lib/pasaporte/assets/pasaporte.css
+- lib/pasaporte/assets/pasaporte.js
+- lib/pasaporte/assets/user.png
+- lib/pasaporte/auth/cascade.rb
+- lib/pasaporte/auth/remote_web_workplace.rb
+- lib/pasaporte/auth/yaml_digest_table.rb
+- lib/pasaporte/auth/yaml_table.rb
+- lib/pasaporte/faster_openid.rb
+- lib/pasaporte/iso_countries.yml
+- lib/pasaporte/julik_state.rb
+- lib/pasaporte/markaby_ext.rb
+- lib/pasaporte/pasaporte_store.rb
+- lib/pasaporte/timezones.yml
+- test/fixtures/pasaporte_approvals.yml
+- test/fixtures/pasaporte_profiles.yml
+- test/fixtures/pasaporte_throttles.yml
+- test/helper.rb
+- test/mosquito.rb
+- test/test_throttle.rb
+- test/testable_openid_fetcher.rb
+- test/test_approval.rb
+- test/test_auth_backends.rb
+- test/test_openid.rb
+- test/test_pasaporte.rb
+- test/test_profile.rb
+- test/test_settings.rb
+has_rdoc: true
+homepage: http://pasaporte.rubyforge.org
+post_install_message:
+rdoc_options:
+- --main
+- README.txt
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: "0"
+  version:
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: "0"
+  version:
+requirements: []
+rubyforge_project: pasaporte
+rubygems_version: 1.2.0
+signing_key:
+specification_version: 2
+summary: Downgrades the OpenID providing business to the usual login-password stupidity.
+test_files:
+- test/test_approval.rb
+- test/test_auth_backends.rb
+- test/test_openid.rb
+- test/test_pasaporte.rb
+- test/test_profile.rb
+- test/test_settings.rb
+- test/test_throttle.rb