rack-pubcookie 0.0.2 → 0.0.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
data/README.md CHANGED
@@ -30,8 +30,9 @@ Once these six pieces have been obtained, you can then use it like this:
30
30
  # This is located in config.ru
31
31
  require 'rack/pubcookie'
32
32
 
33
- use Rack::Pubcookie::Auth, @login_server, @hostname, @appid, @keyfile_path,
34
- @granting_certificate_path
33
+ use Rack::Pubcookie, :login_server => @login_server, :host_name => @hostname,
34
+ :appid => @appid, :keyfile_path => @keyfile_path,
35
+ :granting_cert => @granting_certificate_path
35
36
 
36
37
  # @login_server => 'login.example.com[:port]' (port optional)
37
38
  # @hostname => 'myapp.example.com[:port]' (port optional)
@@ -1,11 +1,33 @@
1
1
  require 'rack'
2
2
 
3
+ require 'rack/pubcookie/version'
4
+ require 'rack/pubcookie/auth'
5
+
3
6
  module Rack
4
- module Pubcookie
5
- autoload :VERSION, 'rack/pubcookie/version'
7
+ class Pubcookie
8
+
9
+ include Auth
10
+
11
+ def initialize app, options
12
+ @app = app
13
+ self.pubcookie_options = options
14
+ end
15
+
16
+ def call env
17
+ request = Rack::Request.new env
18
+
19
+ if request.path == '/auth/pubcookie'
20
+ response = Rack::Response.new login_page_html
21
+ else
22
+ request.env['REMOTE_USER'] = extract_username request
23
+ status, headers, body = @app.call(request.env)
24
+ response = Rack::Response.new body, status, headers
25
+
26
+ set_pubcookie! request, response
27
+ end
28
+
29
+ response.finish
30
+ end
6
31
 
7
- autoload :Auth, 'rack/pubcookie/auth'
8
- autoload :AES, 'rack/pubcookie/aes'
9
- autoload :DES, 'rack/pubcookie/des'
10
32
  end
11
33
  end
@@ -1,5 +1,5 @@
1
1
  module Rack
2
- module Pubcookie
2
+ class Pubcookie
3
3
  module AES
4
4
 
5
5
  def aes_decrypt bytes, index1, index2
@@ -2,49 +2,42 @@ require 'rack/utils'
2
2
  require 'openssl'
3
3
  require 'base64'
4
4
 
5
+ require 'rack/pubcookie/aes'
6
+ require 'rack/pubcookie/des'
7
+
5
8
  module Rack
6
- module Pubcookie
7
- class Auth
9
+ class Pubcookie
10
+ module Auth
8
11
 
9
12
  include AES
10
13
  include DES
11
14
 
12
- def initialize app, login_server, host, appid, keyfile, granting_cert,
13
- opts = {}
14
- @app = app
15
- @login_server = login_server
16
- @host = host
17
- @appid = appid
18
- @keyfile = keyfile
19
- @granting = OpenSSL::X509::Certificate.new(::File.read(granting_cert))
15
+ def pubcookie_options= options
16
+ @login_server = options[:login_server]
17
+ @host = options[:host]
18
+ @appid = options[:appid]
19
+ @keyfile = options[:keyfile]
20
+ @granting_cert = options[:granting_cert]
21
+
22
+ if @login_server.nil? || @host.nil? || @appid.nil? || @keyfile.nil? ||
23
+ @granting_cert.nil?
24
+ raise 'Need all of :login_server, :host, :appid, :keyfile, and :granting_cert specified to use pubcookie!'
25
+ end
26
+
27
+ @granting = OpenSSL::X509::Certificate.new(::File.read(@granting_cert))
20
28
  ::File.open(@keyfile, 'rb'){ |f| @key = f.read.bytes.to_a }
21
29
 
22
- @options = opts
23
- @options[:expires_after] = 24 * 3600 # 24 hrs
30
+ @expires_after ||= options[:expires_after] || 24 * 3600 # 24 hrs
24
31
  end
25
32
 
26
- def call env
27
- request = Rack::Request.new env
28
-
29
- if request.path == '/auth/pubcookie'
30
- response = Rack::Response.new login_page_html
31
- else
32
- request.env['REMOTE_USER'] = extract_username request
33
- status, headers, body = @app.call(request.env)
34
- response = Rack::Response.new body, status, headers
35
-
36
- if !request.params['pubcookie_g'].nil? &&
37
- request.params['pubcookie_g'] != request.cookies['pubcookie_g']
38
- response.set_cookie 'pubcookie_g', :path => '/', :secure => true,
39
- :value => request.params['pubcookie_g']
40
- end
33
+ def set_pubcookie! request, response
34
+ if !request.params['pubcookie_g'].nil? &&
35
+ request.params['pubcookie_g'] != request.cookies['pubcookie_g']
36
+ response.set_cookie 'pubcookie_g', :path => '/', :secure => true,
37
+ :value => request.params['pubcookie_g']
41
38
  end
42
-
43
- response.finish
44
39
  end
45
40
 
46
- protected
47
-
48
41
  def extract_username request
49
42
  # If coments below refer to a URL, they mean this one:
50
43
  # http://svn.cac.washington.edu/viewvc/pubcookie/trunk/src/pubcookie.h?view=markup
@@ -73,38 +66,13 @@ module Rack
73
66
  create_ts = Time.at create_ts
74
67
  last_ts = Time.at last_ts
75
68
 
76
- if Time.now < create_ts + @options[:expires_after] && appid == @appid
69
+ if Time.now < create_ts + @expires_after && appid == @appid
77
70
  user
78
71
  else
79
72
  nil
80
73
  end
81
74
  end
82
75
 
83
- # For a better description on what each of these values are, go to
84
- # https://wiki.doit.wisc.edu/confluence/display/WEBISO/Pubcookie+Granting+Request+Interface
85
- def request_login_arguments
86
- args = {
87
- :one => @host, # FQDN of our host
88
- :two => @appid, # Our AppID for pubcookie
89
- :three => 1, # ?
90
- :four => 'a5', # Version/encryption?
91
- :five => 'GET', # method, even though we lie?
92
- :six => @host, # our host domain name
93
- :seven => '/auth/pubcookie/callback', # Where to return
94
- :eight => '', # ?
95
- :nine => 1, # Probably should be different...
96
- :hostname => @host, # Pubcookie needs it 3 times...
97
- :referer => '(null)', # Just don't bother
98
- :sess_re => 0, # Don't force re-authentication
99
- :pre_sess_tok => Kernel.rand(2000000), # Just a random 32bit number
100
- :flag => 0, # ?
101
- :file => '' # ?
102
- }
103
-
104
- args[:seven] = Base64.encode64(args[:seven]).chomp
105
- args
106
- end
107
-
108
76
  def login_page_html
109
77
  query = request_login_arguments.to_a.map{ |k, v|
110
78
  "#{k}=#{Rack::Utils.escape v}"
@@ -133,6 +101,37 @@ module Rack
133
101
  HTML
134
102
  end
135
103
 
104
+ def callback_path
105
+ '/auth/pubcookie/callback'
106
+ end
107
+
108
+ protected
109
+
110
+ # For a better description on what each of these values are, go to
111
+ # https://wiki.doit.wisc.edu/confluence/display/WEBISO/Pubcookie+Granting+Request+Interface
112
+ def request_login_arguments
113
+ args = {
114
+ :one => @host, # FQDN of our host
115
+ :two => @appid, # Our AppID for pubcookie
116
+ :three => 1, # ?
117
+ :four => 'a5', # Version/encryption, yet ignored...
118
+ :five => 'GET', # method, even though we lie...
119
+ :six => @host, # our host domain name
120
+ :seven => callback_path, # Where to return
121
+ :eight => '', # ?
122
+ :nine => 1, # Probably should be different...
123
+ :hostname => @host, # Again, our FQDN
124
+ :referer => '(null)', # Doesn't matter if no referer
125
+ :sess_re => 0, # Don't force re-authentication
126
+ :pre_sess_tok => Kernel.rand(2000000), # Just a random 32bit number
127
+ :flag => 0, # ?
128
+ :file => '' # ?
129
+ }
130
+
131
+ args[:seven] = Base64.encode64(args[:seven]).chomp
132
+ args
133
+ end
134
+
136
135
  end
137
136
  end
138
137
  end
@@ -1,5 +1,5 @@
1
1
  module Rack
2
- module Pubcookie
2
+ class Pubcookie
3
3
  module DES
4
4
 
5
5
  def des_decrypt bytes, index1, index2
@@ -1,5 +1,5 @@
1
1
  module Rack
2
- module Pubcookie
3
- VERSION = '0.0.2'
2
+ class Pubcookie
3
+ VERSION = '0.0.3'
4
4
  end
5
5
  end
@@ -1,14 +1,15 @@
1
1
  require 'spec_helper'
2
2
 
3
- describe Rack::Pubcookie::Auth do
3
+ describe Rack::Pubcookie do
4
4
 
5
5
  include Rack::Test::Methods
6
6
 
7
7
  def app
8
8
  Rack::Builder.new {
9
- use Rack::Pubcookie::Auth, 'example.com', 'myhost.com', 'testappid',
10
- Rack::Test.fixture_path + '/test.com',
11
- Rack::Test.fixture_path + '/granting.crt'
9
+ use Rack::Pubcookie, :login_server => 'example.com',
10
+ :host => 'myhost.com', :appid => 'testappid',
11
+ :keyfile => Rack::Test.fixture_path + '/test.com',
12
+ :granting_cert => Rack::Test.fixture_path + '/granting.crt'
12
13
  run lambda { |env| [200, {'Content-Type' => 'text/plain'}, ['llama']] }
13
14
  }.to_app
14
15
  end
@@ -113,9 +114,10 @@ describe Rack::Pubcookie::Auth do
113
114
  describe "an invalid signature" do
114
115
  def app
115
116
  Rack::Builder.new {
116
- use Rack::Pubcookie::Auth, 'example.com', 'myhost.com', 'testappid',
117
- Rack::Test.fixture_path + '/test.com',
118
- Rack::Test.fixture_path + '/invalid.crt'
117
+ use Rack::Pubcookie, :login_server => 'example.com',
118
+ :host => 'myhost.com', :appid => 'testappid',
119
+ :keyfile => Rack::Test.fixture_path + '/test.com',
120
+ :granting_cert => Rack::Test.fixture_path + '/invalid.crt'
119
121
  run lambda { |env| [200, {'Content-Type' => 'text/plain'}, ['llama']] }
120
122
  }.to_app
121
123
  end
metadata CHANGED
@@ -5,8 +5,8 @@ version: !ruby/object:Gem::Version
5
5
  segments:
6
6
  - 0
7
7
  - 0
8
- - 2
9
- version: 0.0.2
8
+ - 3
9
+ version: 0.0.3
10
10
  platform: ruby
11
11
  authors:
12
12
  - Alex Crichton
@@ -14,7 +14,7 @@ autorequire:
14
14
  bindir: bin
15
15
  cert_chain: []
16
16
 
17
- date: 2010-12-18 00:00:00 -06:00
17
+ date: 2011-01-19 00:00:00 -05:00
18
18
  default_executable:
19
19
  dependencies:
20
20
  - !ruby/object:Gem::Dependency
@@ -84,13 +84,12 @@ files:
84
84
  - lib/rack/pubcookie/aes.rb
85
85
  - lib/rack/pubcookie/auth.rb
86
86
  - lib/rack/pubcookie/des.rb
87
- - lib/rack/pubcookie/fake.rb
88
87
  - lib/rack/pubcookie/version.rb
89
88
  - README.md
90
89
  - spec/fixtures/granting.crt
91
90
  - spec/fixtures/invalid.crt
92
91
  - spec/fixtures/test.com
93
- - spec/rack/pubcookie/auth_spec.rb
92
+ - spec/rack/pubcookie_spec.rb
94
93
  - spec/spec_helper.rb
95
94
  has_rdoc: true
96
95
  homepage: http://github.com/alexcrichton/rack-pubcookie
@@ -128,5 +127,5 @@ test_files:
128
127
  - spec/fixtures/granting.crt
129
128
  - spec/fixtures/invalid.crt
130
129
  - spec/fixtures/test.com
131
- - spec/rack/pubcookie/auth_spec.rb
130
+ - spec/rack/pubcookie_spec.rb
132
131
  - spec/spec_helper.rb
@@ -1,22 +0,0 @@
1
- module Rack
2
- module Pubcookie
3
-
4
- # This Rack interface is meant to be used in development. It mocks out
5
- # pubcookie authentication by always setting the REMOTE_USER variable to
6
- # a specific username given to the constructor.
7
- #
8
- # This is not meant to be used in production obviously...
9
- class Fake
10
-
11
- def initialize app, username
12
- @app, @username = app, username
13
- end
14
-
15
- def call env
16
- env['REMOTE_USER'] = @username
17
- @app.call env
18
- end
19
-
20
- end
21
- end
22
- end