picnic 0.5.0 → 0.6.0

data/CHANGELOG.txt

@@ -1,3 +1,18 @@
+=== 0.6.0 :: 2007-02-26
+
+* Added support for CAS authentication. See picnic/authentication.rb for 
+  details.
+* Webrick and Mongrel can now be made to bind to a specific IP address using
+  the :bind_address option. If no :bind_address is specified, the server will
+  listen on all addresses (i.e. '0.0.0.0').
+* The Public controller for serving the '/public' directory is gone. It has
+  been replaced by respective Webrick and Mongrel mechanisms for serving
+  directory contents, since these are much faster. If you're using CGI/FastCGI,
+  you'll have to manually configure your web server (i.e. probably Apache)
+  to serve your public directory contents.
+* The gem package now correctly recognizes markaby as a required
+  dependency.
+
 === 0.5.0 :: 2007-12-20
 
 * First public release.

data/Rakefile

@@ -53,6 +53,6 @@ hoe = Hoe.new(GEM_NAME, VERS) do |p|
   #p.extra_deps     - An array of rubygem dependencies.
   #p.spec_extras    - A hash of extra values to set in the gemspec.
   
-  # we now package camping-1.5.0.180 in the vendor directory
-  #p.extra_deps = ['camping']
+  # note that camping-1.5.0.180 is now bundled with picnic the vendor directory, 
+  p.extra_deps = ['markaby']
 end

data/lib/picnic/authentication.rb

@@ -2,48 +2,48 @@ module Picnic #:nodoc:
   # These modules (currently only one module, but more in the future) provide authentication
   # for your Camping app. 
   #
-  # This code is based on Camping::BasicAuth written by Manfred Stienstra 
-  # (see http://www.fngtps.com/2006/05/basic-authentication-for-camping).
-  #
-  # ----
-  #
-  # Picnic::Authentication::Basic can be mixed into a camping application to get Basic Authentication 
-  # support in the application. The module defines a <tt>service</tt> method that only continues 
-  # the request chain when proper credentials are given.
-  # 
-  # == Getting Started
-  #
-  # To activate Basic Authentication for your application:
-  #
-  # 1. Picnic-fy your Camping app (e.g: <tt>Camping.goes :your_app; YourApp.picnic!</tt>)
-  # 2. Call <tt>authenticate_using <module></tt> (e.g: <tt>YourApp.authenticate_using :basic</tt>)
-  # 3. Define an <tt>authenticate</tt> method on your application module that takes a hash.
-  #    The hash contains credentials like <tt>:username</tt>, <tt>:password</tt>, and <tt>:hostname</tt>,
-  #    although future authentication modules may submit other credentials.
-  #    The <tt>authenticate</tt> method should return true when the credentials are valid.
-  #    Examples:
-  #
-  #      module Blog
-  #        def authenticate(credentials)
-  #          credentials[:username] == 'admin' &&
-  #            credentials[:password] == 'flapper30'
-  #        end
-  #        module_function :authenticate
-  #      end
-  #
-  #    or
-  #
-  #      module Wiki
-  #        def authenticate(credentials)
-  #          u = credentials[:username]
-  #          p = credentials[:password]
-  #          Models::User.find_by_username_and_password u, p
-  #        end
-  #        module_function :authenticate
-  #      end
-  #
-  # 4. <tt>service</tt> sets <tt>@credentials</tt> to the credentials of the person who logged in.
   module Authentication
+    # Picnic::Authentication::Basic provides Basic HTTP Authentication for your Camping app. 
+    # The module defines a <tt>service</tt> method that only continues the request chain when 
+    # proper credentials are provided by the client (browser).
+    # 
+    # == Getting Started
+    #
+    # To activate Basic Authentication for your application:
+    #
+    # 1. Picnic-fy your Camping app (e.g: <tt>Camping.goes :your_app; YourApp.picnic!</tt>)
+    # 2. Call <tt>YourApp.authenticate_using :basic</tt>.
+    # 3. Define an <tt>authenticate</tt> method on your application module that takes a hash.
+    #    The hash contains credentials like <tt>:username</tt>, <tt>:password</tt>, and <tt>:hostname</tt>,
+    #    although future authentication modules may submit other credentials.
+    #    The <tt>authenticate</tt> method should return true when the credentials are valid.
+    #    Examples:
+    #
+    #      module Blog
+    #        def authenticate(credentials)
+    #          credentials[:username] == 'admin' &&
+    #            credentials[:password] == 'flapper30'
+    #        end
+    #        module_function :authenticate
+    #      end
+    #
+    #    or
+    #
+    #      module Wiki
+    #        def authenticate(credentials)
+    #          u = credentials[:username]
+    #          p = credentials[:password]
+    #          Models::User.find_by_username_and_password u, p
+    #        end
+    #        module_function :authenticate
+    #      end
+    #
+    # 4. <tt>service</tt> sets <tt>@credentials</tt> to the credentials of the person who logged in.
+    #
+    # ----
+    #
+    # This code is based on Camping::BasicAuth written by Manfred Stienstra 
+    # (see http://www.fngtps.com/2006/05/basic-authentication-for-camping).
     module Basic
       require 'base64'
       
@@ -56,14 +56,15 @@ module Picnic #:nodoc:
         end
       end
       
-      # The <tt>service</tt> method, when mixed into your application module, wraps around the
-      # <tt>service</tt> method defined by Camping. It halts execution of the controllers when
-      # your <tt>authenticate</tt> method returns false. See the module documentation how to
-      # define your own <tt>authenticate</tt> method.
       def service(*a)
+        app = Kernel.const_get self.class.name.gsub(/^(\w+)::.+$/, '\1')
+        unless app.methods.include? :authenticate
+          raise "Basic authentication is enabled but the 'authenticate' method has not been defined."
+        end
+        
         @credentials = read_credentials || {}
-        app = self.class.name.gsub(/^(\w+)::.+$/, '\1')
-        if Kernel.const_get(app).authenticate(@credentials)
+        
+        if app.authenticate(@credentials)
           s = super(*a)
         else
           @status = 401
@@ -76,5 +77,136 @@ module Picnic #:nodoc:
         s
       end
     end
+
+    
+    # Picnic::Authentication::Cas provides basic CAS (Central Authentication System) authentication 
+    # for your Camping app.
+    #
+    # To learn more about CAS, see http://rubycas-client.googlecode.com and 
+    # http://www.ja-sig.org/products/cas.
+    # 
+    # The module defines a <tt>service</tt> method that intercepts every request to check for CAS
+    # authentication. If the user has already been authenticated, the request proceeds as normal
+    # and the authenticated user's username is made available under <tt>@state[:cas_username]. 
+    # Otherwise the request is redirected to your CAS server for authentication.
+    # 
+    # == Getting Started
+    #
+    # To activate CAS authentication for your application:
+    #
+    # 1. Picnic-fy your Camping app (e.g: <tt>Camping.goes :your_app; YourApp.picnic!</tt>)
+    # 2. Call <tt>YourApp.authenticate_using :cas</tt>.
+    # 3. In your app's configuration YAML file add something like this:
+    #      authentication:
+    #         cas_base_url: https://login.example.com/cas
+    #    Where the value for </tt>cas_base_url</tt> is the URL of your CAS server.
+    # 4. That's it. Now whenever a user tries to access any of your controller's actions,
+    #    the request will be checked for CAS authentication. If the user is authenticated,
+    #    their username is availabe in @state[:cas_username]. Note that there is currently
+    #    no way to apply CAS authentication only to certain controllers or actions. When
+    #    enabled, CAS authentication applies to your entire application, except for items
+    #    placed in the /public subdirectory (CSS files, JavaScripts, images, etc.). The
+    #    public directory does not require CAS authentication, so anyone can access its
+    #    contents.
+    #
+    module Cas
+      require 'camping/db'
+      require 'camping/session'
+      
+      
+      $: << File.dirname(File.expand_path(__FILE__))+"/../../../rubycas-client2/lib" # for development
+      require 'rubycas-client'
+       
+#       app = Kernel.const_get self.name.gsub(/^(\w+)::.+$/, '\1')
+#       raise "Cannot enable CAS authentication because your Camping app does not extend Camping::Session." unless
+#        app.ancestors.include?(Camping::Session)
+
+      # There must be a smarter way to do this... but for now, we just re-implement
+      # the Camping::Session method here to provide session support for CAS.
+      module Session
+        # This doesn't work :( MySQL connection is not carried over.
+        #define_method(:service, Camping::Session.instance_method(:service))
+        
+        def service(*a)
+          Camping::Models::Session.create_schema
+          
+          session = Camping::Models::Session.persist @cookies
+          app = self.class.name.gsub(/^(\w+)::.+$/, '\1')
+          @state = (session[app] ||= Camping::H[])
+          hash_before = Marshal.dump(@state).hash
+          s = super(*a)
+          if session
+            hash_after = Marshal.dump(@state).hash
+            unless hash_before == hash_after
+              session[app] = @state
+              session.save
+            end
+          end
+          s
+        end
+      end
+
+      def self.included(mod)
+        mod.module_eval do
+          include Cas::Session
+        end
+      end
+
+      def service(*a)
+        $LOG.debug "Running CAS filter for request #{a.inspect}..."
+        
+        if @env['PATH_INFO'] =~ /^\/public\/.*/
+          $LOG.debug "Access to items in /public subdirectory does not require CAS authentication."
+          return super(*a)
+        end
+        if @state[:cas_username]
+          $LOG.debug "Local CAS session exists for user #{@state[:cas_username]}."
+          return super(*a)
+        end
+                
+        client = CASClient::Client.new($CONF[:authentication].merge(:logger => $LOG))
+        
+        ticket = @input[:ticket]
+        
+        cas_login_url = client.add_service_to_login_url(read_service_url(@env))
+        
+        if ticket
+          if ticket =~ /^PT-/
+            st = CASClient::ProxyTicket.new(ticket, read_service_url(@env), @input[:renew])
+          else
+            st = CASClient::ServiceTicket.new(ticket, read_service_url(@env), @input[:renew])
+          end
+          
+          $LOG.debug "Got CAS ticket: #{st.inspect}"
+          
+          client.validate_service_ticket(st)
+          if st.is_valid?
+            $LOG.info "CAS ticket #{st.ticket.inspect} is valid. Opening local CAS session for user #{st.response.user.inspect}."
+            @state[:cas_username] = st.response.user
+            return super(*a)
+          else
+            $LOG.warn "CAS ticket #{st.ticket.inspect} is INVALID. Redirecting back to CAS server at #{cas_login_url.inspect} for authentication."
+            @state[:cas_username] = nil
+            redirect cas_login_url
+            s = self
+          end
+        else
+          $LOG.info "User is unauthenticated and no CAS ticket found. Redirecting to CAS server at #{cas_login_url.inspect} for authentication."
+          @state[:cas_username] = nil
+          redirect cas_login_url
+          s = self
+        end
+        s
+      end
+      
+      private
+      def read_service_url(env)
+        if $CONF[:authentication][:service_url] 
+          $CONF[:authentication][:service_url]
+        else
+          env['REQUEST_URI'].gsub(/service=[^&]*[&]?/,'').gsub(/ticket=[^&]*[&]?/,'')
+        end
+      end
+    end
   end
 end

data/lib/picnic/controllers.rb

@@ -1,31 +1,4 @@
 module Picnic
   module Controllers
-    # Provides a controller for serving up static content from your app's <tt>/public</tt> directory.
-    # This can be used to serve css, js, jpg, png, and gif files. Anything you put in your app's
-    # '/public' directory will be served up under the '/public' path.
-    #
-    # That is, say you have:
-    #   /srv/www/camping/my_app/public/test.jpg
-    # This should be availabe at:
-    #   http://myapp.com/public/test.jpg
-    #
-    # This controller is automatically enabled for all Picnic-enabled apps. 
-    class Public < Camping::Controllers::R '/public/(.+)'
-      BASE_PATH = ("#{$APP_PATH}/.." || File.expand_path(File.dirname(__FILE__)))+'/lib/public'
-      
-      MIME_TYPES = {'.css' => 'text/css', '.js' => 'text/javascript', 
-                    '.jpg' => 'image/jpeg', '.png' => 'image/png', 
-                    '.gif' => 'image/gif'}
-  
-      def get(path)
-        @headers['Content-Type'] = MIME_TYPES[path[/\.\w+$/, 0]] || "text/plain"
-        unless path.include? ".." # prevent directory traversal attacks
-          @headers['X-Sendfile'] = "#{BASE_PATH}/#{path}"
-        else
-          @status = "403"
-          "403 - Invalid path"
-        end
-      end
-    end
   end
 end

data/lib/picnic/postambles.rb

@@ -39,7 +39,7 @@ module Picnic
             
       begin
         s = WEBrick::HTTPServer.new(
-          :BindAddress => "0.0.0.0",
+          :BindAddress => Picnic::Conf.bind_address || "0.0.0.0",
           :Port => Picnic::Conf.port
         )
       rescue Errno::EACCES
@@ -49,6 +49,14 @@ module Picnic
       
       self.create
       s.mount "#{Picnic::Conf.uri_path}", WEBrick::CampingHandler, self
+      
+      public_dirs = Picnic::Conf.public_dirs || Picnic::Conf.public_dir
+      public_dirs = [public_dirs] unless public_dirs.kind_of? Array
+      
+      public_dirs.each do |d|
+        s.mount "#{Picnic::Conf.uri_path}#{d[:path]}", WEBrick::HTTPServlet::FileHandler, d[:dir]
+      end
+      
     
       # This lets Ctrl+C shut down your server
       trap(:INT) do
@@ -124,18 +132,28 @@ module Picnic
       
       puts "\n** #{self} is starting. Look in #{Picnic::Conf.log[:file].inspect} for further notices."
       
-      settings = {:host => "0.0.0.0", :log_file => Picnic::Conf.log[:file], :cwd => $APP_PATH}
+      settings = {
+        :host => Picnic::Conf.bind_address || "0.0.0.0", 
+        :log_file => Picnic::Conf.log[:file], 
+        :cwd => $APP_PATH
+      }
       
       # need to close all IOs before daemonizing
       $LOG.close if $DAEMONIZE
       
+      public_dirs = Picnic::Conf.public_dirs || Picnic::Conf.public_dir
+      public_dirs = [public_dirs] unless public_dirs.kind_of? Array
+      
       begin
         app_mod = self
-        config = Mongrel::Configurator.new settings  do
+        mongrel = Mongrel::Configurator.new settings  do
           daemonize :log_file => Picnic::Conf.log[:file], :cwd => $APP_PATH if $DAEMONIZE
-          
+          puts Picnic::Conf.uri_path
           listener :port => Picnic::Conf.port do
             uri Picnic::Conf.uri_path, :handler => Mongrel::Camping::CampingHandler.new(app_mod)
+            public_dirs.each do |d|
+              uri "#{Picnic::Conf.uri_path}#{d[:path]}", :handler => Mongrel::DirHandler.new(d[:dir])
+            end
             setup_signals
           end
         end
@@ -143,8 +161,7 @@ module Picnic
         exit 1
       end
       
-      
-      config.run
+      mongrel.run
       
       self.init_logger
       #self.init_db_logger
@@ -159,8 +176,9 @@ module Picnic
       
       puts "\n** #{self} is running at http://#{ENV['HOSTNAME'] || 'localhost'}:#{Picnic::Conf.port}#{Picnic::Conf.uri_path} and logging to '#{Picnic::Conf.log[:file]}'"
       
+      
       self.prestart if self.respond_to? :prestart
-      config.join
+      mongrel.join
 
       clear_pid_file
 

data/lib/picnic/version.rb

@@ -1,7 +1,7 @@
 module Picnic #:nodoc:
   module VERSION #:nodoc:
     MAJOR = 0
-    MINOR = 5
+    MINOR = 6
     TINY  = 0
 
     STRING = [MAJOR, MINOR, TINY].join('.')

data/lib/picnic.rb

@@ -1,16 +1,21 @@
 $: << File.dirname(File.expand_path(__FILE__))
 $: << File.dirname(File.expand_path(__FILE__))+"/../vendor/camping-1.5.180/lib"
 
-require 'camping'
-require 'camping/db'
-require 'camping/session'
 
-require 'active_support' unless Object.const_defined?(:ActiveSupport)
+unless Object.const_defined?(:ActiveSupport)
+  begin
+    require 'active_support'
+  rescue LoadError
+    require 'rubygems'
+    require 'active_support'
+  end
+end
+
+require 'camping'
 
 require 'picnic/utils'
 require 'picnic/conf'
 require 'picnic/postambles'
-require 'picnic/controllers'
 
 
 class Module
@@ -34,8 +39,8 @@ class Module
       # See <tt>config.example.yml</tt> for info on configuring the logger.
       def init_logger
         puts "Initializing #{self} logger..."
-        $LOG = self::Utils::Logger.new(self::Conf.log[:file])
-        $LOG.level = "#{self}::Utils::Logger::#{self::Conf.log[:level]}".constantize
+        $LOG = Picnic::Utils::Logger.new(self::Conf.log[:file])
+        $LOG.level = "Picnic::Utils::Logger::#{self::Conf.log[:level]}".constantize
       end
       module_function :init_logger
       
@@ -62,14 +67,18 @@ class Module
       #   Blog.picnic!
       #
       #   $CONF[:authentication] ||= {:username => 'admin', :password => 'picnic'}
-      #   Blog.authenticate_using :basic if Blog::Conf[:authentication]
+      #   Blog.authenticate_using :basic
+      #
+      #   module Blog
+      #     def self.authenticate(credentials)
+      #       credentials[:username] == Taskr::Conf[:authentication][:username] &&
+      #         credentials[:password] == Taskr::Conf[:authentication][:password]
+      #     end
+      #   end
       #
       # Note that in the above example we use the authentication configuration from
-      # your app's conf file. We specify default credentials for when your
-      # conf file doesn't define them.
+      # your app's conf file.
       #
-      # Currently only HTTP Basic authentication is available. See Picnic::Authentication
-      # for more info.
       def authenticate_using(mod)
         require 'picnic/authentication'
         mod = "#{self}::Authentication::#{mod.to_s.camelize}".constantize unless mod.kind_of? Module
@@ -119,4 +128,4 @@ class Module
     self::Conf.load(self)
     init_logger
   end
-end
+end

metadata

@@ -1,33 +1,37 @@
 --- !ruby/object:Gem::Specification 
-rubygems_version: 0.9.2
-specification_version: 1
 name: picnic
 version: !ruby/object:Gem::Version 
-  version: 0.5.0
-date: 2007-12-21 00:00:00 -05:00
-summary: Camping for sissies
-require_paths: 
-- lib
-email: matt@roughest.net
-homepage: http://picnic.rubyforge.org
-rubyforge_project: picnic
-description: Camping for sissies
-autorequire: 
-default_executable: 
-bindir: bin
-has_rdoc: true
-required_ruby_version: !ruby/object:Gem::Version::Requirement 
-  requirements: 
-  - - ">"
-    - !ruby/object:Gem::Version 
-      version: 0.0.0
-  version: 
+  version: 0.6.0
 platform: ruby
-signing_key: 
-cert_chain: 
-post_install_message: 
 authors: 
 - Matt Zukowski
+autorequire: 
+bindir: bin
+cert_chain: []
+
+date: 2008-02-26 00:00:00 -05:00
+default_executable: 
+dependencies: 
+- !ruby/object:Gem::Dependency 
+  name: markaby
+  version_requirement: 
+  version_requirements: !ruby/object:Gem::Requirement 
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        version: "0"
+    version: 
+description: Camping for sissies
+email: matt@roughest.net
+executables: []
+
+extensions: []
+
+extra_rdoc_files: 
+- CHANGELOG.txt
+- LICENSE.txt
+- Manifest.txt
+- README.txt
 files: 
 - CHANGELOG.txt
 - LICENSE.txt
@@ -57,21 +61,32 @@ files:
 - vendor/camping-1.5.180/lib/camping/reloader.rb
 - vendor/camping-1.5.180/lib/camping/session.rb
 - vendor/camping-1.5.180/lib/camping/webrick.rb
-test_files: 
-- test/picnic_test.rb
+has_rdoc: true
+homepage: http://picnic.rubyforge.org
+post_install_message: 
 rdoc_options: 
 - --main
 - README.txt
-extra_rdoc_files: 
-- CHANGELOG.txt
-- LICENSE.txt
-- Manifest.txt
-- README.txt
-executables: []
-
-extensions: []
-
+require_paths: 
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement 
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      version: "0"
+  version: 
+required_rubygems_version: !ruby/object:Gem::Requirement 
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      version: "0"
+  version: 
 requirements: []
 
-dependencies: []
-
+rubyforge_project: picnic
+rubygems_version: 1.0.1
+signing_key: 
+specification_version: 2
+summary: Camping for sissies
+test_files: 
+- test/picnic_test.rb