rack-unbasic 0.1

data/.gitignore

@@ -0,0 +1,3 @@
+doc
+tmp/*
+dist/*

data/LICENSE

@@ -0,0 +1,22 @@
+(The MIT License)
+
+Copyright (c) 2009 Pat Nakajima and Nicolas Sanguinetti
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+'Software'), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED 'AS IS', WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
+IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
+CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
+TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
+SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.rdoc

@@ -0,0 +1,38 @@
+= Rack::Unbasic
+
+Wraps HTTP authentication in more friendly workflows.
+
+== Usage
+
+    require "rack-unbasic"
+
+    use Rack::Unbasic do |on|
+      on.bad_request '/login'
+      on.unauthorized '/login'
+    end
+
+A response with a 401 or 400 status code will be redirected to the routes you
+specify in the config, with the <tt>\env['rack-unbasic.code']</tt> set to whatever
+the original status code was, and <tt>\env['rack-unbasic.return-to']</tt> set to
+whatever the requested URI was.
+
+When a request comes in with <tt>:username</tt> and <tt>:password</tt> params,
+those will be mapped to basic auth credentials, and the appropriate headers will
+be added.
+
+Once authorized, the appropriate credentials will be stashed in the session.
+Subsequent requests will use the credentials in the session for authorization.
+
+== Install
+
+    gem install rack-unbasic
+
+Or cloning the git source repository:
+
+    git clone git://github.com/foca/rack-unbasic.git
+
+== Credits
+
+Idea:: Pat Nakajima (github[http://github.com/nakajima])
+Initial implementation:: Nicolás Sanguinetti (github[http://github.com/foca])
+License:: MIT. See attached LICENSE file.

data/Rakefile

@@ -0,0 +1,34 @@
+require "rake/testtask"
+
+rdoc_sources = %w(hanna/rdoctask rdoc/task rake/rdoctask)
+begin
+  require rdoc_sources.shift
+rescue LoadError
+  retry
+end
+
+begin
+  require "metric_fu" if RUBY_VERSION < "1.9"
+rescue LoadError
+end
+
+begin
+  require "mg"
+  MG.new("rack-unbasic.gemspec")
+rescue LoadError
+end
+
+desc "Default: run all tests"
+task :default => :test
+
+desc "Run library tests"
+Rake::TestTask.new do |t|
+  t.test_files = FileList["test/**/test_*.rb"]
+end
+
+Rake::RDocTask.new do |rd|
+  rd.main = "README"
+  rd.title = "Documentation for Rack::Unbasic"
+  rd.rdoc_files.include("README.rdoc", "LICENSE", "lib/**/*.rb")
+  rd.rdoc_dir = "doc"
+end

data/lib/rack/unbasic.rb

@@ -0,0 +1,106 @@
+require "rack"
+
+module Rack
+  class Unbasic
+    # Create the middleware. You can pass a block to configure how to handle
+    # 401 and 400 responses from the downstream app. See #unauthorized and
+    # #bad_request.
+    def initialize(app, &block) # :yields: self
+      @app = app
+      @locations = {}
+      block.call(self) if block
+    end
+
+    # Set the redirect URL for 401 responses from the downstream app.
+    def unauthorized(location)
+      @locations["unauthorized"] = location
+    end
+
+    # Set the redirect URL for 400 responses from the downstream app.
+    def bad_request(location)
+      @locations["bad_request"] = location
+    end
+
+    def call(env) 
+      @env = env
+
+      clean_session_data
+
+      authorize_from_params || authorize_from_session
+
+      @response = @app.call(@env)
+
+      case status_code
+      when 401
+        unauthorized_response
+      when 400
+        bad_request_response
+      else
+        store_credentials
+        @response
+      end
+    end
+
+    private
+
+    def unauthorized_response
+      return @response if @locations["unauthorized"].nil?
+      store_location_and_response_code
+      [302, {"Location" => @locations["unauthorized"]}, []]
+    end
+
+    def bad_request_response
+      return @response if @locations["bad_request"].nil?
+      store_location_and_response_code
+      [302, {"Location" => @locations["bad_request"]}, []]
+    end
+
+    def store_location_and_response_code
+      session["rack-unbasic.return-to"] = @env["PATH_INFO"]
+      session["rack-unbasic.code"] = status_code
+    end
+
+    def clean_session_data
+      unless session.respond_to?("delete")
+        raise "You need to enable sessions for this middleware to work"
+      end
+      @env["rack-unbasic.return-to"] = session.delete("rack-unbasic.return-to")
+      @env["rack-unbasic.code"] = session.delete("rack-unbasic.code")
+    end
+
+    def authorize_from_params
+      return nil if request.params["username"].nil? || request.params["password"].nil?
+      send_http_authorization(request.params["username"], request.params["password"])
+    end
+
+    def authorize_from_session
+      return nil if session["rack-unbasic.username"].nil? || session["rack-unbasic.password"].nil?
+      send_http_authorization(session["rack-unbasic.username"], session["rack-unbasic.password"])
+    end
+
+    def send_http_authorization(username, password)
+      return nil unless @env["HTTP_AUTHORIZATION"].nil?
+      @username, @password = username, password
+      encoded_login = ["#{username}:#{password}"].pack("m*")
+      @env["HTTP_AUTHORIZATION"] = "Basic #{encoded_login}"
+    end
+
+    def store_credentials
+      return if @username.nil? || @password.nil?
+      session["rack-unbasic.username"] = @username
+      session["rack-unbasic.password"] = @password
+    end
+
+    def status_code
+      @response[0].to_i
+    end
+
+    def request
+      @request ||= Rack::Request.new(@env)
+    end
+
+    def session
+      @env["rack.session"]
+    end
+  end
+end

data/rack-unbasic.gemspec

@@ -0,0 +1,34 @@
+Gem::Specification.new do |s|
+  s.name    = "rack-unbasic"
+  s.version = "0.1"
+  s.date    = "2009-05-23"
+
+  s.description = "Elegant workflow for Rack::Auth::Basic"
+  s.summary     = "Handle HTTP auth errors nicely, and abstract auth logic a little bit."
+  s.homepage    = "http://github.com/foca"
+
+  s.authors = ["Pat Nakajima", "Nicolás Sanguinetti"]
+  s.email   = "contacto@nicolassanguinetti.info"
+
+  s.require_paths     = ["lib"]
+  s.rubyforge_project = "rack-unbasic"
+  s.has_rdoc          = true
+  s.rubygems_version  = "1.3.1"
+
+  s.add_dependency "rack"
+
+  if s.respond_to?(:add_development_dependency)
+    s.add_development_dependency "sr-mg"
+    s.add_development_dependency "contest"
+  end
+
+  s.files = %w[
+    .gitignore
+    LICENSE
+    README.rdoc
+    Rakefile
+    rack-unbasic.gemspec
+    lib/rack/unbasic.rb
+    test/test_unbasic.rb
+  ]
+end

data/test/test_unbasic.rb

@@ -0,0 +1,121 @@
+ENV["RACK_ENV"] ||= "test"
+
+require "test/unit"
+require "rack/test"
+require "contest"
+require File.dirname(__FILE__) + "/../lib/rack/unbasic"
+
+begin
+  require "redgreen"
+rescue LoadError
+end
+
+class TestUnbasic < Test::Unit::TestCase
+  include Rack::Test::Methods
+
+  def unbasic_app(&unbasic)
+    Rack::Builder.new {
+      use Rack::Session::Cookie
+      use Rack::Unbasic, &unbasic
+
+      app = lambda { [200, {}, "Hi there"] }
+
+      map "/login" do
+        run app
+      end
+
+      map "/" do
+        use Rack::Auth::Basic do |user, password|
+          user == "johndoe" && password == "secret"
+        end
+        run app
+      end
+    }
+  end
+
+  def app
+    @app ||= unbasic_app do |on|
+      on.unauthorized "/login"
+      on.bad_request  "/login"
+    end
+  end
+
+  context "Without providing authorization" do
+    test "it redirects to the specified location" do
+      get "/foobar"
+      follow_redirect!
+      assert_equal "http://example.org/login", last_request.url
+    end
+
+    test "it saves the previous url and code in env['rack-unbasic.*']" do
+      get "/foobar"
+      follow_redirect!
+      assert_equal "/foobar", last_request.env["rack-unbasic.return-to"]
+      assert_equal 401, last_request.env["rack-unbasic.code"]
+    end
+  end
+
+  context "When providing a broken authorization (or at least not HTTP Basic" do
+    test "it redirects to the specified location" do
+      get "/foobar", {}, { "HTTP_AUTHORIZATION" => "cuack" }
+      follow_redirect!
+      assert_equal "http://example.org/login", last_request.url
+    end
+
+    test "it saves the previous url and code in env['rack-unbasic.*']" do
+      get "/foobar", {}, { "HTTP_AUTHORIZATION" => "cuack" }
+      follow_redirect!
+      assert_equal "/foobar", last_request.env["rack-unbasic.return-to"]
+      assert_equal 400, last_request.env["rack-unbasic.code"]
+    end
+  end
+
+  context "Providing HTTP Basic authorization" do
+    test "it works transparently" do
+      authorize "johndoe", "secret"
+      get "/foobar"
+      assert_equal 200, last_response.status
+      assert_equal "Hi there", last_response.body
+    end
+  end
+
+  context "Passing the credentials as parameters" do
+    test "should work as if using HTTP Basic" do
+      get "/foobar", :username => "johndoe", :password => "secret"
+      assert last_response.ok?
+      assert_equal "Hi there", last_response.body
+    end
+
+    test "should work for subsequent requests" do
+      get "/foobar", :username => "johndoe", :password => "secret"
+      assert last_response.ok?
+
+      get "/baz"
+      assert last_response.ok?
+
+      get "/quux"
+      assert last_response.ok?
+    end
+  end
+
+  context "When unbasic isn't set to handle 401 or 400 responses" do
+    def app
+      @app ||= unbasic_app
+    end
+
+    test "it doesn't interfere with pages that don't require auth" do
+      get "/login"
+      assert last_response.ok?
+    end
+
+    test "it returns the original 401 if credentials aren't given" do
+      get "/foobar"
+      assert_equal 401, last_response.status
+    end
+
+    test "it returns the original 400 if credentials are malformed" do
+      get "/foobar", {}, { "HTTP_AUTHORIZATION" => "cuack" }
+      assert_equal 400, last_response.status
+    end
+  end
+end

metadata

@@ -0,0 +1,91 @@
+--- !ruby/object:Gem::Specification 
+name: rack-unbasic
+version: !ruby/object:Gem::Version 
+  version: "0.1"
+platform: ruby
+authors: 
+- Pat Nakajima
+- "Nicol\xC3\xA1s Sanguinetti"
+autorequire: 
+bindir: bin
+cert_chain: []
+
+date: 2009-05-23 00:00:00 -03:00
+default_executable: 
+dependencies: 
+- !ruby/object:Gem::Dependency 
+  name: rack
+  type: :runtime
+  version_requirement: 
+  version_requirements: !ruby/object:Gem::Requirement 
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        version: "0"
+    version: 
+- !ruby/object:Gem::Dependency 
+  name: sr-mg
+  type: :development
+  version_requirement: 
+  version_requirements: !ruby/object:Gem::Requirement 
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        version: "0"
+    version: 
+- !ruby/object:Gem::Dependency 
+  name: contest
+  type: :development
+  version_requirement: 
+  version_requirements: !ruby/object:Gem::Requirement 
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        version: "0"
+    version: 
+description: Elegant workflow for Rack::Auth::Basic
+email: contacto@nicolassanguinetti.info
+executables: []
+
+extensions: []
+
+extra_rdoc_files: []
+
+files: 
+- .gitignore
+- LICENSE
+- README.rdoc
+- Rakefile
+- rack-unbasic.gemspec
+- lib/rack/unbasic.rb
+- test/test_unbasic.rb
+has_rdoc: true
+homepage: http://github.com/foca
+licenses: []
+
+post_install_message: 
+rdoc_options: []
+
+require_paths: 
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement 
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      version: "0"
+  version: 
+required_rubygems_version: !ruby/object:Gem::Requirement 
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      version: "0"
+  version: 
+requirements: []
+
+rubyforge_project: rack-unbasic
+rubygems_version: 1.3.3
+signing_key: 
+specification_version: 3
+summary: Handle HTTP auth errors nicely, and abstract auth logic a little bit.
+test_files: []
+