RubyGems - pasaporte - Versions diffs - 0.0.1 - Mend

pasaporte 0.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (41) hide show

data/History.txt +2 -0
data/Manifest.txt +41 -0
data/README.txt +72 -0
data/Rakefile +111 -0
data/TODO.txt +2 -0
data/bin/pasaporte-fcgi.rb +17 -0
data/lib/pasaporte/.DS_Store +0 -0
data/lib/pasaporte/assets/.DS_Store +0 -0
data/lib/pasaporte/assets/bgbar.png +0 -0
data/lib/pasaporte/assets/lock.png +0 -0
data/lib/pasaporte/assets/mainbg_green.gif +0 -0
data/lib/pasaporte/assets/mainbg_red.gif +0 -0
data/lib/pasaporte/assets/openid.png +0 -0
data/lib/pasaporte/assets/pasaporte.css +192 -0
data/lib/pasaporte/assets/pasaporte.js +10 -0
data/lib/pasaporte/assets/user.png +0 -0
data/lib/pasaporte/auth/cascade.rb +16 -0
data/lib/pasaporte/auth/remote_web_workplace.rb +61 -0
data/lib/pasaporte/auth/yaml_digest_table.rb +23 -0
data/lib/pasaporte/auth/yaml_table.rb +43 -0
data/lib/pasaporte/faster_openid.rb +39 -0
data/lib/pasaporte/iso_countries.yml +247 -0
data/lib/pasaporte/julik_state.rb +42 -0
data/lib/pasaporte/markaby_ext.rb +8 -0
data/lib/pasaporte/pasaporte_store.rb +60 -0
data/lib/pasaporte/timezones.yml +797 -0
data/lib/pasaporte.rb +1214 -0
data/test/fixtures/pasaporte_approvals.yml +12 -0
data/test/fixtures/pasaporte_profiles.yml +45 -0
data/test/fixtures/pasaporte_throttles.yml +4 -0
data/test/helper.rb +66 -0
data/test/mosquito.rb +596 -0
data/test/test_approval.rb +33 -0
data/test/test_auth_backends.rb +59 -0
data/test/test_openid.rb +363 -0
data/test/test_pasaporte.rb +326 -0
data/test/test_profile.rb +165 -0
data/test/test_settings.rb +27 -0
data/test/test_throttle.rb +70 -0
data/test/testable_openid_fetcher.rb +82 -0
metadata +151 -0

data/test/test_profile.rb ADDED Viewed

@@ -0,0 +1,165 @@
+require File.dirname(__FILE__) + '/helper'
+class TestProfile < Camping::ModelTest
+  DOMAIN = 'my-pasaporte.com'
+  fixtures :pasaporte_profiles
+  def test_aa_fixtures_loaded
+    assert_equal 4, Profile.count
+  end
+  def test_assumes_localhost_as_default_domain
+    @profile = Profile.new
+    assert_equal 'localhost', @profile.domain_name
+  end
+  def test_requires_nickname_and_domain
+    @profile = Profile.new
+    deny @profile.valid?, "The profile without a nickname and a domain name is invalid"
+    @profile.nickname = 'xxx'
+    @profile.domain_name = ''
+    deny @profile.valid?, "The profile without a domain name is invalid"
+    @profile.domain_name = 'somedomain'
+    assert @profile.valid?
+  end
+  def test_domain_name_and_nickname_are_protected
+    @profile = Profile.new
+    @profile.attributes = {:nickname => 'xyz', :domain_name => 'google'}
+    assert_not_equal @profile.nickname, 'xyz'
+    assert_not_equal @profile.domain_name, 'google'
+  end
+  def test_find_or_create_by_domain_and_nickname_exempted_from_attribute_protection
+    prof = create("julik", "julik.nl")
+    assert prof.valid?
+    deny prof.new_record?
+    assert_equal 'julik.nl', prof.domain_name
+    assert_equal 'julik', prof.nickname
+    prof = create("julik", "julik.nl")
+    assert prof.valid?
+    deny prof.new_record?
+    assert_equal 'julik.nl', prof.domain_name
+    assert_equal 'julik', prof.nickname
+  end
+  def test_secret_integer_generated
+    secrets = %w( foo bar baz daz daing ).map do | word |
+      prof = Profile.find_or_create_by_nickname_and_domain_name(word, word)
+      deny prof.new_record?
+      prof.secret_salt
+    end
+    assert_equal secrets.length, secrets.uniq.length,
+      "All generated secrets should be autogenerated and unique"
+  end
+  def test_enforces_unique_nickname_and_domain
+    prof1 = create("MisterZed", "google.com")
+    prof2 = Profile.new do | p |
+      p.nickname = "MisterZed"
+      p.domain_name = "google.com"
+    end
+    assert prof1.valid?, "The first created should be valid"
+    deny prof2.valid?, "The second one clashes"
+    prof2.domain_name = "yahoo.com"
+    assert prof2.valid?, "The second one is valid too because there are no clashes anymore"
+  end
+  def test_validates_both_delegate_urls
+    p = create("strained", "test.host")
+    assert p.valid?, "The newly created profile should be valid"
+    p.openid_server = "watatoe.com/openid"
+    deny p.valid?, "The profile cannot be valid with only the server URL"
+    assert_not_nil p.errors[:openid_delegate], "Should require delegate URL"
+    p.openid_delegate = "watatoe.com/openid/backend"
+    assert p.valid?, "As two URLs are present the profile becomes valid"
+  end
+  def test_delegate_urls_removed_when_delegate_set_to_false
+    p = create('julik', DOMAIN,
+      :openid_server => 'xxx.com', :openid_delegate => 'xyz.org/x')
+    assert p.delegates_openid?, "This profile delegates"
+    p.delegates_openid = false
+    p.save!
+    assert p.openid_server.blank?, "The openid server should have been removed"
+    assert p.openid_delegate.blank?, "The openid delegate should have been removed"
+    deny p.delegates_openid?, "Delegation is now turned off because we sent a bool switch of false"
+  end
+  def test_normalizes_both_delegate_urls
+    p = create('julik', DOMAIN,
+      :openid_server => 'xxx.com', :openid_delegate => 'xyz.org/x')
+    assert_equal 'http://xxx.com/', p.openid_server,
+      "The URL should be normalized with HTTP scheme and trailing slash"
+    assert_equal 'http://xyz.org/x', p.openid_delegate,
+      "The URL should be normalized with HTTP scheme"
+  end
+  def test_to_sreg_fields_by_default
+    p = create('julik', DOMAIN,
+      :email => 'foo@var.com', :dob => Date.parse("10.15.1983"))
+    all_fields = p.to_sreg_fields
+    r = {"dob"=>"1983-10-15", "nickname"=>"julik", "email"=>"foo@var.com"}
+    assert_equal r, all_fields
+  end
+  def test_to_sreg_fields_with_requested_fields
+    p = create('julik', DOMAIN,
+      :email => 'foo@var.com', :dob => Date.parse("10.15.1983"))
+    partial_fields = p.to_sreg_fields([:dob, :gender, :country])
+    r = {"dob"=>"1983-10-15"}
+    assert_equal r, partial_fields
+  end
+  def test_to_sreg_fields_with_lotso_data
+    mh = Profile.find(1)
+    ref = {"dob"=>"1953-01-12", "postcode"=>"1234",
+      "nickname"=>"monsieur-hulot",
+      "country"=>"fr", "fullname"=>"Monsieur Hulot", "gender"=>"m"}
+    assert_equal ref, mh.to_sreg_fields
+  end
+  def test_openid_requestor
+    begin
+      o = Pasaporte::ALLOW_DELEGATION
+      silence_warnings { Pasaporte.const_set(:ALLOW_DELEGATION, true) }
+      mh = Profile.find(1)
+      deny mh.delegates_openid?
+      assert mh.update_attributes(
+        :openid_server => 'http://tativille.fr/oid',
+        :openid_delegate => 'http://tativille.fr/oid/proc'
+      )
+      assert mh.delegates_openid?, "delegates_openid? should be true"
+      assert mh.update_attributes(:openid_server => '', :openid_delegate => '')
+      deny mh.delegates_openid?, "There are no URLS - no delegation happens"
+      assert mh.update_attributes(
+        :openid_server => 'http://tativille.fr/oid',
+        :openid_delegate => 'http://tativille.fr/oid/proc'
+      )
+      silence_warnings { Pasaporte.const_set(:ALLOW_DELEGATION, false) }
+      deny mh.delegates_openid?, "Delegation is turned off - "+
+       "no delegation happens"
+    ensure
+      silence_warnings { Pasaporte.const_set(:ALLOW_DELEGATION, o) }
+    end
+  end
+  private
+    def create(nick, domain, extras = {})
+      p = Profile.find_or_create_by_nickname_and_domain_name(nick, domain)
+      p.update_attributes(extras) if extras.any?
+      p
+    end
+end

data/test/test_settings.rb ADDED Viewed

@@ -0,0 +1,27 @@
+require File.dirname(__FILE__) + '/helper'
+class TestSettings < Camping::Test
+  CONFIG = File.dirname(Pasaporte::PATH) + '/pasaporte/config.yml'
+  def test_application
+    emit :throttle_for => 45.minutes
+    assert_nothing_raised { Pasaporte.apply_config! }
+    assert_equal 45.minutes, Pasaporte::THROTTLE_FOR, "The setting should have " +
+      "been applied"
+  end
+  def test_bail_on_unknowns
+    emit :achtung => "shtoink"
+    e = assert_raise(NameError) { Pasaporte.apply_config! }
+    assert_match /ACHTUNG/i, e.message
+  end
+  def teardown
+    begin; File.unlink(CONFIG); rescue Errno::ENOENT; end
+  end
+  private
+    def emit(hash = {})
+      File.open(CONFIG, 'w') { | f | f << hash.to_yaml }
+    end
+end

data/test/test_throttle.rb ADDED Viewed

@@ -0,0 +1,70 @@
+require File.dirname(__FILE__) + '/helper'
+class TestThrottle < Camping::ModelTest
+  DOMAIN = 'my-pasaporte.com'
+  HEADERS = Mosquito::MockRequest::DEFAULT_HEADERS.merge('REMOTE_ADDR' => '120.171.0.1')
+  def setup
+    silence_warnings { Pasaporte.const_set(:THROTTLE_FOR, 2.minutes) }
+    super
+  end
+  def test_throttle_set
+    deny Throttle.throttled?(HEADERS)
+    t = Throttle.set!(HEADERS)
+    assert_kind_of Throttle, t
+    deny t.new_record?
+    assert Throttle.throttled?(HEADERS)
+  end
+  def test_throttle_response_depends_on_cutoff
+    Throttle.set!(HEADERS)
+    flexmock(Throttle).should_receive(:cutoff).at_least.once.and_return(Time.now + 10)
+    deny Throttle.throttled?(HEADERS)
+  end
+  def test_cutoff_depends_on_app_setting
+    assert_time_matches (Time.now - Pasaporte::THROTTLE_FOR), Throttle.send(:cutoff)
+    silence_warnings{ Pasaporte.const_set(:THROTTLE_FOR, 14) }
+    assert_time_matches Time.now - 14, Throttle.send(:cutoff)
+  end
+  def test_throttle_response_depends_on_env_params
+    envs = [
+      {'HTTP_USER_AGENT' => 'KitchenSink, NOT like IE',
+          'REMOTE_ADDR' => '164.10.10.1'},
+      {'HTTP_USER_AGENT' => 'WebKit (like Gecko)',
+          'REMOTE_ADDR' => '164.10.10.1'},
+      {'HTTP_USER_AGENT' => 'KitchenSink, NOT like IE',
+          'REMOTE_ADDR' => '164.10.10.1'},
+    ]
+    Throttle.set!(envs[0])
+    assert Throttle.throttled?(envs[0])
+    assert Throttle.throttled?(envs[2])
+    deny Throttle.throttled?(envs[1]), "This environment is not throttled"
+  end
+  def teardown
+    Throttle.delete_all
+    super
+  end
+  def test_throttle_autoexpiry_on_check
+    Throttle.set!(HEADERS)
+    assert_equal 1, Throttle.count
+    flexmock(Throttle).should_receive(:cutoff).at_least.once.and_return(Time.now + 10)
+    deny Throttle.throttled?(HEADERS)
+    assert_equal 0, Throttle.count
+  end
+  private
+    def assert_time_matches(ref, actual)
+      assert_kind_of Time, ref, "The reference value should be Time"
+      assert_kind_of Time, actual, "The actual value should be Time"
+      assert_in_delta(ref.to_i, actual.to_i,  2,
+        "The times passed should be within 2s")
+    end
+end

data/test/testable_openid_fetcher.rb ADDED Viewed

@@ -0,0 +1,82 @@
+# Implements OpenID::Fetcher. Will run the request through the mosquito test case instead of calling
+# out via HTTP
+class TestableOpenidFetcher
+  # Will be raised when the fetcher tries to get a URL which is
+  # not within the application being tested
+  class ExternalResource < RuntimeError; end
+  # We need a separate Mosquito tester class for things that will
+  # happen via POST, because this is a different flow -
+  # the requests of the server instead of the browser.
+  # If you post directly from the same test case you are wiring yourself into the
+  # session ID that has been gotten by the simulated browser, that's why we use that.
+  class OpenidPoster < Pasaporte::WebTest
+    attr_reader :request, :response
+    def test_foo; assert true; end
+  end
+  def initialize(test_case)
+    @browser_getter = test_case
+    @browser_getter.request.headers['HTTP_HOST'] = 'test.host'
+    @server_poster = OpenidPoster.new("test_foo")
+    @server_poster.setup # manually yes
+  end
+  # This is used by OpenID lib 2
+  def fetch(url, body=nil, headers=nil, redirect_limit=10)
+    url, url_stringified = URI::parse(url), url.dup
+    h = headers || {}
+    raise_on_external url, @browser_getter
+    camping_controller_with_response =  (body.blank? ? get(url.request_uri, h) : post(url.request_uri, h, body))
+    ::OpenID::HTTPResponse._from_net_response(FakeResponse.new(camping_controller_with_response), url_stringified)
+  end
+  # An adapter to make a Mosquito response (Camping controller) behave like Net::HTTPResponse
+  class FakeResponse < ::Net::HTTPResponse
+    def initialize(mosquito_response)
+      @the = mosquito_response
+      super('1.0', @the.status.to_s, 'Found') # http version, resp code and message
+      flat_headers = @the.headers.inject({}) { |n, k| n.merge k[0] => k[1].to_s } rescue {}
+      initialize_http_header(flat_headers)
+    end
+    def body
+      @the.body
+    end
+    def code
+      @the.status.to_s
+    end
+  end
+  private
+    def get(uri, headers = {})
+      Pasaporte::LOGGER.debug "OpenID requested GET on #{uri}"
+      @browser_getter.get relativized(uri) # this fails somehow
+      @browser_getter.response
+    end
+    def post(uri, headers = {}, body = '')
+      Pasaporte::LOGGER.debug "OpenID requested POST on #{uri}"
+      @server_poster.post relativized(uri), body
+      @server_poster.response
+    end
+    def relativized(uri)
+      # Here we need to replace the mount point URL otherwise
+      # OpenID gets confused and actually posts into it
+      # - Mosquito does not like that
+      u = URI.parse(uri)
+      u.path.gsub(/^\/pasaporte/, '')
+    end
+    # Check if we are calling to the outside world
+    def raise_on_external(uri, testcase)
+      unless ((uri.host == testcase.request.http_host) || uri.host.blank?)
+        raise ExternalResource, "Called out to external resource: OpenID consumer wants to have #{uri}"
+      end
+    end
+end

metadata ADDED Viewed

@@ -0,0 +1,151 @@
+--- !ruby/object:Gem::Specification
+name: pasaporte
+version: !ruby/object:Gem::Version
+  version: 0.0.1
+platform: ruby
+authors:
+- Julik Tarkhanov
+autorequire:
+bindir: bin
+cert_chain: []
+date: 2008-11-03 00:00:00 +01:00
+default_executable:
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: activerecord
+  type: :runtime
+  version_requirement:
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: "0"
+    version:
+- !ruby/object:Gem::Dependency
+  name: camping
+  type: :runtime
+  version_requirement:
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: "0"
+    version:
+- !ruby/object:Gem::Dependency
+  name: ruby-openid
+  type: :runtime
+  version_requirement:
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 2.1.0
+    version:
+- !ruby/object:Gem::Dependency
+  name: flexmock
+  type: :runtime
+  version_requirement:
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: "0"
+    version:
+- !ruby/object:Gem::Dependency
+  name: hoe
+  type: :development
+  version_requirement:
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 1.8.2
+    version:
+description: An OpenID server with a colored bar on top
+email: me@julik.nl
+executables:
+- pasaporte-fcgi.rb
+extensions: []
+extra_rdoc_files:
+- History.txt
+- Manifest.txt
+- README.txt
+- TODO.txt
+files:
+- History.txt
+- Manifest.txt
+- README.txt
+- Rakefile
+- TODO.txt
+- bin/pasaporte-fcgi.rb
+- lib/pasaporte.rb
+- lib/pasaporte/.DS_Store
+- lib/pasaporte/assets/.DS_Store
+- lib/pasaporte/assets/bgbar.png
+- lib/pasaporte/assets/lock.png
+- lib/pasaporte/assets/mainbg_green.gif
+- lib/pasaporte/assets/mainbg_red.gif
+- lib/pasaporte/assets/openid.png
+- lib/pasaporte/assets/pasaporte.css
+- lib/pasaporte/assets/pasaporte.js
+- lib/pasaporte/assets/user.png
+- lib/pasaporte/auth/cascade.rb
+- lib/pasaporte/auth/remote_web_workplace.rb
+- lib/pasaporte/auth/yaml_digest_table.rb
+- lib/pasaporte/auth/yaml_table.rb
+- lib/pasaporte/faster_openid.rb
+- lib/pasaporte/iso_countries.yml
+- lib/pasaporte/julik_state.rb
+- lib/pasaporte/markaby_ext.rb
+- lib/pasaporte/pasaporte_store.rb
+- lib/pasaporte/timezones.yml
+- test/fixtures/pasaporte_approvals.yml
+- test/fixtures/pasaporte_profiles.yml
+- test/fixtures/pasaporte_throttles.yml
+- test/helper.rb
+- test/mosquito.rb
+- test/test_throttle.rb
+- test/testable_openid_fetcher.rb
+- test/test_approval.rb
+- test/test_auth_backends.rb
+- test/test_openid.rb
+- test/test_pasaporte.rb
+- test/test_profile.rb
+- test/test_settings.rb
+has_rdoc: true
+homepage: http://pasaporte.rubyforge.org
+post_install_message:
+rdoc_options:
+- --main
+- README.txt
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: "0"
+  version:
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: "0"
+  version:
+requirements: []
+rubyforge_project: pasaporte
+rubygems_version: 1.2.0
+signing_key:
+specification_version: 2
+summary: Downgrades the OpenID providing business to the usual login-password stupidity.
+test_files:
+- test/test_approval.rb
+- test/test_auth_backends.rb
+- test/test_openid.rb
+- test/test_pasaporte.rb
+- test/test_profile.rb
+- test/test_settings.rb
+- test/test_throttle.rb