securid 0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (3) hide show
  1. data/ext/securid/extconf.rb +10 -0
  2. data/ext/securid/securid.c +142 -0
  3. metadata +67 -0
data/ext/securid/extconf.rb ADDED
@@ -0,0 +1,10 @@
1
+ #!/usr/bin/env ruby
2
+
3
+ require 'mkmf'
4
+
5
+ dir_config('aceclnt')
6
+
7
+ have_header('acexport.h')
8
+ have_library('aceclnt')
9
+
10
+ create_makefile('securid')
data/ext/securid/securid.c ADDED
@@ -0,0 +1,142 @@
1
+ #include "ruby.h"
2
+ #include "acexport.h"
3
+
4
+ // module RSA
5
+ static VALUE rb_mRSA;
6
+
7
+ // module RSA::SecurID
8
+ static VALUE rb_mRSASecurID;
9
+
10
+ // class RSA::SecurID::SecurIDError < StandardError
11
+ static VALUE rb_eSecurIDError;
12
+
13
+ // def RSA::SecurID.authenticate(username, passcode)
14
+ static VALUE t_authenticate (VALUE self, VALUE username, VALUE passcode)
15
+ {
16
+ // the authentication handle representing a single authentication
17
+ // context, i.e. a multi-step authentication attempt
18
+ SDI_HANDLE aceHdl;
19
+
20
+ // a string containing the username
21
+ SD_CHAR *userID = StringValuePtr(username);
22
+
23
+ // a string containing the passcode
24
+ SD_CHAR *pass = StringValuePtr(passcode);
25
+
26
+ // a hint to the developer about how long to display the next
27
+ // prompt string for the user
28
+ SD_I32 respTimeout;
29
+
30
+ // an indicator of the maximum number of bytes of data expected
31
+ // in the next developer-supplied response
32
+ SD_I32 nextRespLen;
33
+
34
+ // a developer-supplied character array to be filled in by the
35
+ // API with the string that the caller uses as the next message
36
+ // displayed to the user
37
+ SD_CHAR promptStr[512];
38
+
39
+ // the size of the developer-supplied storage for the prompt
40
+ // string
41
+ SD_I32 promptStrLen;
42
+
43
+ // a flag that is set by the API to indicate whether more data
44
+ // is needed by the authentication context
45
+ SD_BOOL moreData;
46
+
47
+ // a flag that guides the developer as to whether the next
48
+ // expected response is echoed to the screen
49
+ SD_BOOL echoFlag;
50
+
51
+ // the final authentication status
52
+ SD_I32 authStatus;
53
+
54
+ // initialize the authentication library. even though it will only do anything
55
+ // the first time it is called, subsequent calls should still return true if the
56
+ // initialization previously succeeded.
57
+ if (!AceInitialize())
58
+ {
59
+ // the authentication library failed to initialize.
60
+ rb_raise(rb_eSecurIDError, "Failed to initialize authentication library");
61
+ }
62
+
63
+ int retVal;
64
+
65
+ // reset size of prompt string
66
+ promptStrLen = sizeof(promptStr);
67
+
68
+ // start our authentication attempt by first sending the username to
69
+ // the authentication manager.
70
+ retVal = AceStartAuth(&aceHdl, userID, strlen(userID), &moreData, &echoFlag, &respTimeout, &nextRespLen, promptStr, &promptStrLen);
71
+
72
+ if (retVal != ACM_OK)
73
+ {
74
+ // the authentication attempt could not be started for some reason.
75
+ rb_raise(rb_eSecurIDError, "Failed to start authentication attempt - Code %d", retVal);
76
+ }
77
+
78
+ if (!moreData)
79
+ {
80
+ // the authentication manager should have asked for a passcode
81
+ AceCloseAuth(aceHdl);
82
+ rb_raise(rb_eSecurIDError, "Authentication manager did not ask for a passcode");
83
+ }
84
+
85
+ // reset size of prompt string
86
+ promptStrLen = sizeof(promptStr);
87
+
88
+ // the authentication manager wants us to prompt the user for more data. because
89
+ // this function is non-interactive, we assume the manager wants the passcode. since
90
+ // we already have it, we'll pass it along without prompting the user.
91
+ retVal = AceContinueAuth(aceHdl, pass, strlen(pass), &moreData, &echoFlag, &respTimeout, &nextRespLen, promptStr, &promptStrLen);
92
+
93
+ if (retVal != ACM_OK)
94
+ {
95
+ // the authentication attempt could not be continued for some reason.
96
+ AceCloseAuth(aceHdl);
97
+ rb_raise(rb_eSecurIDError, "Failed to continue authentication attempt - Code %d", retVal);
98
+ }
99
+
100
+ if (moreData)
101
+ {
102
+ // either our assumption that the authentication manager wanted the passcode was
103
+ // incorrect, or something else went wrong.
104
+ AceCloseAuth(aceHdl);
105
+ rb_raise(rb_eSecurIDError, "Authentication manager asked for more than a passcode");
106
+ }
107
+
108
+ // ask the authentication manager for the status of this authentication attempt.
109
+ retVal = AceGetAuthenticationStatus(aceHdl, &authStatus);
110
+
111
+ // finalize this authentication attempt by closing our handle.
112
+ AceCloseAuth(aceHdl);
113
+
114
+ if (retVal != ACE_SUCCESS)
115
+ {
116
+ // the authentication status could not be retrieved for some reason.
117
+ rb_raise(rb_eSecurIDError, "Failed to retrieve authentication status - Code %d", retVal);
118
+ }
119
+
120
+ // check the status of the authentication attempt and return true or false.
121
+ if (authStatus == ACM_OK)
122
+ return Qtrue;
123
+ else if (authStatus == ACM_ACCESS_DENIED)
124
+ return Qfalse;
125
+
126
+ rb_raise(rb_eSecurIDError, "Unexpected authentication status - Code %d", authStatus);
127
+ }
128
+
129
+ void Init_securid ()
130
+ {
131
+ // module RSA
132
+ rb_mRSA = rb_define_module("RSA");
133
+
134
+ // module RSA::SecurID
135
+ rb_mRSASecurID = rb_define_module_under(rb_mRSA, "SecurID");
136
+
137
+ // class RSA::SecurID::SecurIDError < StandardError
138
+ rb_eSecurIDError = rb_define_class_under(rb_mRSASecurID, "SecurIDError", rb_eStandardError);
139
+
140
+ // def RSA::SecurID.authenticate(username, passcode)
141
+ rb_define_module_function(rb_mRSASecurID, "authenticate", t_authenticate, 2);
142
+ }
metadata ADDED
@@ -0,0 +1,67 @@
1
+ --- !ruby/object:Gem::Specification
2
+ name: securid
3
+ version: !ruby/object:Gem::Version
4
+ hash: 9
5
+ prerelease: false
6
+ segments:
7
+ - 0
8
+ - 1
9
+ version: "0.1"
10
+ platform: ruby
11
+ authors:
12
+ - Ian Lesperance
13
+ autorequire:
14
+ bindir: bin
15
+ cert_chain: []
16
+
17
+ date: 2010-06-10 00:00:00 -07:00
18
+ default_executable:
19
+ dependencies: []
20
+
21
+ description: A library for authenticating with an RSA SecurID ACE Authentication Server
22
+ email: ilesperance@ezpublishing.com
23
+ executables: []
24
+
25
+ extensions:
26
+ - ext/securid/extconf.rb
27
+ extra_rdoc_files: []
28
+
29
+ files:
30
+ - ext/securid/securid.c
31
+ - ext/securid/extconf.rb
32
+ has_rdoc: true
33
+ homepage: http://github.com/ezpub/securid
34
+ licenses: []
35
+
36
+ post_install_message:
37
+ rdoc_options: []
38
+
39
+ require_paths:
40
+ - lib
41
+ required_ruby_version: !ruby/object:Gem::Requirement
42
+ none: false
43
+ requirements:
44
+ - - ">="
45
+ - !ruby/object:Gem::Version
46
+ hash: 3
47
+ segments:
48
+ - 0
49
+ version: "0"
50
+ required_rubygems_version: !ruby/object:Gem::Requirement
51
+ none: false
52
+ requirements:
53
+ - - ">="
54
+ - !ruby/object:Gem::Version
55
+ hash: 3
56
+ segments:
57
+ - 0
58
+ version: "0"
59
+ requirements: []
60
+
61
+ rubyforge_project:
62
+ rubygems_version: 1.3.7
63
+ signing_key:
64
+ specification_version: 3
65
+ summary: A library for authenticating with an RSA SecurID ACE Authentication Server
66
+ test_files: []
67
+