sidonath-authlogic_rpx 1.0.4b

data/lib/authlogic_rpx/acts_as_authentic.rb

@@ -0,0 +1,126 @@
+# This module is responsible for adding RPX functionality to Authlogic. Checkout the README for more info and please
+# see the sub modules for detailed documentation.
+module AuthlogicRpx
+	# This module is responsible for adding in the RPX functionality to your models. It hooks itself into the
+	# acts_as_authentic method provided by Authlogic.
+	module ActsAsAuthentic
+		# Adds in the neccesary modules for acts_as_authentic to include and also disabled password validation if
+		# RPX is being used.
+		def self.included(klass)
+			klass.class_eval do
+				extend Config
+				add_acts_as_authentic_module(Methods, :prepend)
+			end
+		end
+
+		module Config
+		
+			# map_id is used to enable RPX identity mapping
+			# experimental - a feature of RPX paid accounts and not properly developed/tested yet
+			#
+			# * <tt>Default:</tt> false
+			# * <tt>Accepts:</tt> boolean
+			def map_id(value = false)
+				rw_config(:map_id, value, false)
+			end
+			alias_method :map_id=, :map_id
+			
+			# Name of this method is defined in find_by_rpx_identifier_method
+			# method in session.rb
+			def find_by_rpx_identifier(id)
+				identifier = RPXIdentifier.find_by_identifier(id)
+				return nil if identifier.nil?
+				identifier.user
+			end
+			
+		end
+		
+		module Methods
+		
+			# Set up some simple validations
+			def self.included(klass)
+				klass.class_eval do
+					has_many :rpx_identifiers, :class_name => 'RPXIdentifier'
+
+					validates_length_of_password_field_options validates_length_of_password_field_options.merge(:if => :validate_password_with_rpx?)
+					validates_confirmation_of_password_field_options validates_confirmation_of_password_field_options.merge(:if => :validate_password_with_rpx?)
+					validates_length_of_password_confirmation_field_options validates_length_of_password_confirmation_field_options.merge(:if => :validate_password_with_rpx?)
+					before_validation :adding_rpx_identifier
+					after_create :map_rpx_identifier
+					attr_writer :creating_new_record_from_rpx
+				end
+			end
+
+			# support a block given to the save
+			def save(perform_validation = true, &block)
+				result = super perform_validation
+				yield(result) if block_given?
+				result
+			end
+
+			# test if account it using RPX authentication
+			def using_rpx?
+				!rpx_identifiers.empty?
+			end
+
+			# test if account it using normal password authentication
+			def using_password?
+				!send(crypted_password_field).blank?
+			end
+
+		private
+			
+			def validate_password_with_rpx?
+				if @creating_new_record_from_rpx
+					false
+				else
+					!using_rpx? && require_password?
+				end
+			end
+			
+			# hook for adding RPX identifier to an existing account. This is invoked prior to model validation.
+			# RPX information is plucked from the controller session object (where it was placed by the session model as a result
+			# of the RPX callback)
+			# The minimal action taken is to add an RPXIdentifier object to the user.
+			#
+			# This procedure chains to the map_added_rpx_data, which may be over-ridden in your project to perform
+			# additional mapping of RPX information to the user model as may be desired.
+			#
+			def adding_rpx_identifier
+				return true unless session_class && session_class.controller
+				added_rpx_data = session_class.controller.session['added_rpx_data']	
+				unless added_rpx_data.blank?
+					session_class.controller.session['added_rpx_data'] = nil
+					map_added_rpx_data( added_rpx_data ) 
+				end
+				return true
+			end
+			
+			# map_added_rpx_data maps additional fields from the RPX response into the user object during the "add RPX to existing account" process.
+			# Override this in your user model to perform field mapping as may be desired
+			# See https://rpxnow.com/docs#profile_data for the definition of available attributes
+			#
+			# By default, it only creates a new RPXIdentifier for the user.
+			#
+			def map_added_rpx_data( rpx_data )
+			  self.rpx_identifiers.create( :identifier => rpx_data['profile']['identifier'] )
+			end
+			
+			# experimental - a feature of RPX paid accounts and not properly developed/tested yet
+			def map_id?
+				self.class.map_id
+			end
+				
+			# experimental - a feature of RPX paid accounts and not properly developed/tested yet
+			def map_rpx_identifier
+				RPXNow.map(rpx_identifier, id) if using_rpx? && map_id?
+			end
+			
+			# experimental - a feature of RPX paid accounts and not properly developed/tested yet
+			def unmap_rpx_identifer
+				RPXNow.unmap(rpx_identifier, id) if using_rpx? && map_id?
+			end
+			
+		end
+	end
+end

data/lib/authlogic_rpx/helper.rb

@@ -0,0 +1,42 @@
+module AuthlogicRpx
+	module Helper
+
+		# helper to insert an embedded iframe RPX login
+		# takes options hash:
+		#   * <tt>app_name:</tt> name of the application (will be prepended to RPX domain and used in RPX dialogues)
+		#   * <tt>return_url:</tt> url for the RPX callback (e.g. user_sessions_url)
+		#   * <tt>add_rpx:</tt> if true, requests RPX callback to add to current session. Else runs normal authentication process (default)
+		#
+		def rpx_embed(options = {})
+			params = (
+				{ :authenticity_token => form_authenticity_token, :add_rpx => options[:add_rpx] }.collect { |n| "#{n[0]}=#{ u(n[1]) }" if n[1] }
+			).compact.join('&')
+			RPXNow.embed_code(options[:app_name], u( options[:return_url] + '?' + params ) )
+		end
+
+		# helper to insert a link to pop-up RPX login
+		# takes options hash:
+		#   * <tt>link_text:</tt> text to use in the link
+		#   * <tt>app_name:</tt> name of the application (will be prepended to RPX domain and used in RPX dialogues)
+		#   * <tt>return_url:</tt> url for the RPX callback (e.g. user_sessions_url)
+		#   * <tt>add_rpx:</tt> if true, requests RPX callback to add to current session. Else runs normal authentication process (default)
+		#   * <tt>unobtrusive:</tt> true/false; sets javascript style for link. Default: true
+		#
+		# NB: i18n considerations? supports a :language parameter (not tested)
+		def rpx_popup(options = {})
+			params = (
+				{ :authenticity_token => form_authenticity_token, :add_rpx => options[:add_rpx] }.collect { |n| "#{n[0]}=#{ u(n[1]) }" if n[1] }
+			).compact.join('&')
+			unobtrusive = options[:unobtrusive].nil? ? true : options[:unobtrusive]
+			return_url = options[:return_url] + '?' + params 
+			return_url = u( return_url ) if unobtrusive # double-encoding required only if unobtrusive mode used
+			RPXNow.popup_code(
+  				options[:link_text], 
+  				options[:app_name],
+  				return_url,
+  				:unobtrusive=>unobtrusive
+  			) 
+		end
+
+	end
+end

data/lib/authlogic_rpx/session.rb

@@ -0,0 +1,219 @@
+module AuthlogicRpx
+	# This module is responsible for adding all of the RPX goodness to the Authlogic::Session::Base class.
+	module Session
+		# Add a simple rpx_identifier attribute and some validations for the field.
+		def self.included(klass)
+			klass.class_eval do
+				extend Config
+				include Methods
+			end
+		end
+		
+		module Config
+
+			def find_by_rpx_identifier_method(value = nil)
+				rw_config(:find_by_rpx_identifier_method, value, :find_by_rpx_identifier)
+			end
+			alias_method :find_by_rpx_identifier_method=, :find_by_rpx_identifier_method
+
+			# Auto Register is enabled by default. 
+			# Add this in your Session object if you need to disable auto-registration via rpx
+			#
+			def auto_register(value=true)
+				auto_register_value(value)
+			end
+			def auto_register_value(value=nil)
+				rw_config(:auto_register,value,true)
+			end      
+			alias_method :auto_register=,:auto_register
+
+			# Add this in your Session object to set the RPX API key 
+			# RPX won't work without the API key. Set it here if not already set in your app configuration.
+			#
+			def rpx_key(value=nil)
+				rpx_key_value(value)
+			end
+			def rpx_key_value(value=nil)
+				if !inheritable_attributes.include?(:rpx_key) 
+					RPXNow.api_key = value 
+				end
+				rw_config(:rpx_key,value,false)
+			end
+			alias_method :rpx_key=,:rpx_key
+
+			# Add this in your Session object to set whether RPX returns extended user info 
+			# By default, it will not, which is enough to get username, name, email and the rpx identified
+			# if you want to map additional information into your user details, you can request extended
+			# attributes (though not all providers give them - see the RPX docs)
+			#
+			def rpx_extended_info(value=true)
+				rpx_extended_info_value(value)
+			end
+			def rpx_extended_info_value(value=nil)
+				rw_config(:rpx_extended_info,value,false)
+			end
+			alias_method :rpx_extended_info=,:rpx_extended_info
+
+		end
+		
+		module Methods
+		  
+			def self.included(klass)
+				klass.class_eval do
+					attr_accessor :new_registration
+					after_persisting :add_rpx_identifier, :if => :adding_rpx_identifier?
+					validate :validate_by_rpx, :if => :authenticating_with_rpx?
+				end
+			end
+      		  
+			# Determines if the authenticated user is also a new registration.
+			# For use in the session controller to help direct the most appropriate action to follow.
+			# 
+			def new_registration?
+				new_registration
+			end
+			
+			# Determines if the authenticated user has a complete registration (no validation errors)
+			# For use in the session controller to help direct the most appropriate action to follow.
+			# 
+			def registration_complete?
+				attempted_record && attempted_record.valid?
+			end
+
+		private
+		  # Tests if current request is for RPX authentication
+		  #
+			def authenticating_with_rpx?
+				controller.params[:token] && !controller.params[:add_rpx]
+			end
+
+			# hook instance finder method to class
+			#
+			def find_by_rpx_identifier_method
+				self.class.find_by_rpx_identifier_method
+			end
+
+			# Tests if auto_registration is enabled (on by default)
+			#
+			def auto_register?
+				self.class.auto_register_value
+			end
+
+			# Tests if rpx_extended_info is enabled (off by default)
+			#
+			def rpx_extended_info?
+				self.class.rpx_extended_info_value
+			end
+
+      # Tests if current request is the special case of adding RPX to an existing account
+      #
+			def adding_rpx_identifier?
+				controller.params[:token] && controller.params[:add_rpx]
+			end
+			
+			# Handles the special case of RPX being added to an existing account. 
+			# At this point, a session has been established as a result of a "save" on the user model (which indirectly triggers user session validation).
+			# We do not directly add the RPX details to the user record here in order to avoid getting
+			# into a recursive dance between the session and user models.
+			# Rather, it uses the trick of adding the necessary RPX information to the session object, 
+			# and the user model will pluck these values out before completing its validation step.
+			#
+			def add_rpx_identifier
+				data = RPXNow.user_data(controller.params[:token], :extended=> rpx_extended_info? ) {|raw| raw }
+				controller.session['added_rpx_data'] = data if data
+			end
+			
+			# the main RPX magic. At this point, a session is being validated and we know RPX identifier
+			# has been provided. We'll callback to RPX to verify the token, and authenticate the matching 
+			# user. 
+			# If no user is found, and we have auto_register enabled (default) this method will also 
+			# create the user registration stub.
+			#
+			# On return to the controller, you can test for new_registration? and registration_complete?
+			# to determine the most appropriate action
+			#
+			def validate_by_rpx
+				@rpx_data = RPXNow.user_data(
+					controller.params[:token],
+					:extended => rpx_extended_info?) { |raw| raw }
+				
+				# If we don't have a valid sign-in, give-up at this point
+				if @rpx_data.nil?
+					errors.add_to_base("Authentication failed. Please try again.")
+					return false
+				end
+				
+				rpx_id = @rpx_data['profile']['identifier']
+				if rpx_id.blank?
+					errors.add_to_base("Authentication failed. Please try again.")
+					return false
+				end
+				
+				self.attempted_record = klass.send(find_by_rpx_identifier_method, rpx_id)
+				
+				# so what do we do if we can't find an existing user matching the RPX authentication...
+				if !attempted_record
+					if auto_register?
+						self.attempted_record = klass.new()
+						map_rpx_data
+						
+						# save the new user record - without session maintenance else we
+						# get caught in a self-referential hell, since both session and
+						# user objects invoke each other upon save
+						self.new_registration = true
+						self.attempted_record.creating_new_record_from_rpx = true
+						self.attempted_record.rpx_identifiers.build(:identifier => rpx_id)
+						self.attempted_record.save_without_session_maintenance
+					else
+						errors.add_to_base("We did not find any accounts with that login. Enter your details and create an account.")
+						return false
+					end
+				else
+					map_rpx_data_each_login
+				end
+			
+			end
+
+			# map_rpx_data maps additional fields from the RPX response into the user object during auto-registration.
+			# Override this in your session model to change the field mapping
+			# See https://rpxnow.com/docs#profile_data for the definition of available attributes
+			#
+			# In this procedure, you will be writing to fields of the "self.attempted_record" object, pulling data from the @rpx_data object.
+			#
+			# WARNING: if you are using auto-registration, any fields you map should NOT have constraints enforced at the database level.
+			# authlogic_rpx will optimistically attempt to save the user record during registration, and 
+			# violating a database constraint will cause the authentication/registration to fail.
+			#
+			# You can/should enforce any required validations at the model level e.g.
+			#   validates_uniqueness_of   :username, :case_sensitive => false
+			# This will allow the auto-registration to proceed, and the user can be given a chance to rectify the validation errors
+			# on your user profile page.
+			#
+			# If it is not acceptable in your application to have user records created with potential validation errors in auto-populated fields, you
+			# will need to override map_rpx_data and implement whatever special handling makes sense in your case. For example:
+			#   - directly check for uniqueness and other validation requirements
+			#   - automatically "uniquify" fields like username
+			#   - save conflicting profile information to "pending user review" columns or a seperate table
+			#
+			def map_rpx_data
+				self.attempted_record.send("#{klass.login_field}=", @rpx_data['profile']['preferredUsername'] ) if attempted_record.send(klass.login_field).blank?
+				self.attempted_record.send("#{klass.email_field}=", @rpx_data['profile']['email'] ) if attempted_record.send(klass.email_field).blank?
+			end
+
+			# map_rpx_data_each_login provides a hook to allow you to map RPX profile information every time the user
+			# logs in.
+			# By default, nothing is mapped. 
+			#
+			# This would mainly be used to update relatively volatile information that you are maintaining in the user model (such as profile image url)
+			#
+			# In this procedure, you will be writing to fields of the "self.attempted_record" object, pulling data from the @rpx_data object.
+			#
+			#
+			def map_rpx_data_each_login
+
+			end
+	
+		end
+		
+	end
+end

data/lib/authlogic_rpx/version.rb

@@ -0,0 +1,51 @@
+module AuthlogicRpx
+  # A class for describing the current version of a library. The version
+  # consists of three parts: the +major+ number, the +minor+ number, and the
+  # +tiny+ (or +patch+) number.
+  class Version
+    include Comparable
+  
+    # A convenience method for instantiating a new Version instance with the
+    # given +major+, +minor+, and +tiny+ components.
+    def self.[](major, minor, tiny)
+      new(major, minor, tiny)
+    end
+
+    attr_reader :major, :minor, :tiny
+
+    # Create a new Version object with the given components.
+    def initialize(major, minor, tiny)
+      @major, @minor, @tiny = major, minor, tiny
+    end
+
+    # Compare this version to the given +version+ object.
+    def <=>(version)
+      to_i <=> version.to_i
+    end
+
+    # Converts this version object to a string, where each of the three
+    # version components are joined by the '.' character. E.g., 2.0.0.
+    def to_s
+      @to_s ||= [@major, @minor, @tiny].join(".")
+    end
+
+    # Converts this version to a canonical integer that may be compared
+    # against other version objects.
+    def to_i
+      @to_i ||= @major * 1_000_000 + @minor * 1_000 + @tiny
+    end
+    
+    def to_a
+      [@major, @minor, @tiny]
+    end
+
+    MAJOR = 1
+    MINOR = 0
+    TINY  = 4
+
+    # The current version as a Version instance
+    CURRENT = new(MAJOR, MINOR, TINY)
+    # The current version as a String
+    STRING = CURRENT.to_s
+  end
+end

data/lib/authlogic_rpx.rb

@@ -0,0 +1,8 @@
+require "authlogic_rpx/version"
+require "authlogic_rpx/acts_as_authentic"
+require "authlogic_rpx/session"
+require "authlogic_rpx/helper"
+
+ActiveRecord::Base.send(:include, AuthlogicRpx::ActsAsAuthentic)
+Authlogic::Session::Base.send(:include, AuthlogicRpx::Session)
+ActionController::Base.helper AuthlogicRpx::Helper

data/rails/init.rb

@@ -0,0 +1 @@
+require "authlogic_rpx"

data/sidonath-authlogic_rpx.gemspec

@@ -0,0 +1,38 @@
+# -*- encoding: utf-8 -*-
+
+Gem::Specification.new do |s|
+  s.name = %q{sidonath-authlogic_rpx}
+  s.version = "1.0.4b"
+
+  s.required_rubygems_version = Gem::Requirement.new(">= 1.2") if s.respond_to? :required_rubygems_version=
+  s.authors = ["Paul Gallagher / tardate", "John J. Bachir / jjb", "Damir Zekic / sidonath"]
+  s.date = %q{2009-12-24}
+  s.description = %q{Authlogic extension/plugin that provides RPX (rpxnow.com) authentication support}
+  s.email = %q{damirz@gmail.com}
+  s.extra_rdoc_files = ["CHANGELOG.rdoc", "README.rdoc", "lib/authlogic_rpx.rb", "lib/authlogic_rpx/acts_as_authentic.rb", "lib/authlogic_rpx/helper.rb", "lib/authlogic_rpx/session.rb", "lib/authlogic_rpx/version.rb"]
+  s.files = ["CHANGELOG.rdoc", "MIT-LICENSE", "Manifest", "README.rdoc", "Rakefile", "sidonath-authlogic_rpx.gemspec", "init.rb", "lib/authlogic_rpx.rb", "lib/authlogic_rpx/acts_as_authentic.rb", "lib/authlogic_rpx/helper.rb", "lib/authlogic_rpx/session.rb", "lib/authlogic_rpx/version.rb", "rails/init.rb", "test/acts_as_authentic_test.rb", "test/fixtures/users.yml", "test/libs/rails_trickery.rb", "test/libs/user.rb", "test/libs/user_session.rb", "test/session_test.rb", "test/test_helper.rb"]
+  s.homepage = %q{http://github.com/sidonath/authlogic_rpx}
+  s.post_install_message = %q{}
+  s.rdoc_options = ["--line-numbers", "--inline-source", "--title", "Authlogic_rpx", "--main", "README.rdoc"]
+  s.require_paths = ["lib"]
+  s.rubyforge_project = %q{authlogic_rpx}
+  s.rubygems_version = %q{1.3.5}
+  s.summary = %q{Authlogic plug-in for RPX support}
+  s.test_files = ["test/acts_as_authentic_test.rb", "test/session_test.rb", "test/test_helper.rb"]
+
+  if s.respond_to? :specification_version then
+    current_version = Gem::Specification::CURRENT_SPECIFICATION_VERSION
+    s.specification_version = 3
+
+    if Gem::Version.new(Gem::RubyGemsVersion) >= Gem::Version.new('1.2.0') then
+      s.add_runtime_dependency(%q<authlogic>, [">= 2.1.1"])
+      s.add_runtime_dependency(%q<rpx_now>, [">= 0.6.6"])
+    else
+      s.add_dependency(%q<authlogic>, [">= 2.1.1"])
+      s.add_dependency(%q<rpx_now>, [">= 0.6.6"])
+    end
+  else
+    s.add_dependency(%q<authlogic>, [">= 2.1.1"])
+    s.add_dependency(%q<rpx_now>, [">= 0.6.6"])
+  end
+end

data/test/acts_as_authentic_test.rb

@@ -0,0 +1,5 @@
+require File.dirname(__FILE__) + '/test_helper.rb'
+
+class ActsAsAuthenticTest < ActiveSupport::TestCase
+
+end

data/test/libs/rails_trickery.rb

@@ -0,0 +1,41 @@
+# The only reason I am doing all of this non sense is becuase the openid_authentication requires that
+# these constants be present. The only other alternative is to use an entire rails application for testing
+# which is a little too overboard for this, I think.
+
+RAILS_ROOT = ''
+
+class ActionController < Authlogic::TestCase::MockController
+  class Request < Authlogic::TestCase::MockRequest
+    def request_method
+      ""
+    end
+  end
+  
+  def root_url
+    ''
+  end
+  
+  def request
+    return @request if defined?(@request)
+    super
+    # Rails does some crazy s#!t with the "method" method. If I don't do this I get a "wrong arguments (0 for 1) error"
+    @request.class.class_eval do
+      def method
+        nil
+      end
+    end
+    @request
+  end
+  
+  def url_for(*args)
+    ''
+  end
+  
+  def redirecting_to
+    @redirect_to
+  end
+  
+  def redirect_to(*args)
+    @redirect_to = args
+  end
+end

data/test/libs/user.rb

@@ -0,0 +1,3 @@
+class User < ActiveRecord::Base
+  acts_as_authentic
+end

data/test/libs/user_session.rb

@@ -0,0 +1,2 @@
+class UserSession < Authlogic::Session::Base
+end

data/test/session_test.rb

@@ -0,0 +1,5 @@
+require File.dirname(__FILE__) + '/test_helper.rb'
+
+class SessionTest < ActiveSupport::TestCase
+
+end

data/test/test_helper.rb

@@ -0,0 +1,61 @@
+require "test/unit"
+require "rubygems"
+require "ruby-debug"
+require "active_record"
+
+ActiveRecord::Schema.verbose = false
+ActiveRecord::Base.establish_connection(:adapter => "sqlite3", :dbfile => ":memory:")
+ActiveRecord::Base.configurations = true
+ActiveRecord::Schema.define(:version => 1) do
+  
+  create_table :users do |t|
+    t.datetime  :created_at
+    t.datetime  :updated_at
+    t.integer   :lock_version, :default => 0
+    t.string    :login
+    t.string    :crypted_password
+    t.string    :password_salt
+    t.string    :persistence_token
+    t.string    :single_access_token
+    t.string    :perishable_token
+    t.string    :rpx_identifier
+    t.string    :email
+    t.string    :first_name
+    t.string    :last_name
+    t.integer   :login_count, :default => 0, :null => false
+    t.integer   :failed_login_count, :default => 0, :null => false
+    t.datetime  :last_request_at
+    t.datetime  :current_login_at
+    t.datetime  :last_login_at
+    t.string    :current_login_ip
+    t.string    :last_login_ip
+  end
+end
+
+require "active_record/fixtures"
+require "openid"
+require "authlogic"
+require "authlogic/test_case"
+require File.dirname(__FILE__) + "/libs/rails_trickery"
+require File.dirname(__FILE__) + '/libs/user'
+require File.dirname(__FILE__) + '/libs/user_session'
+
+class ActiveSupport::TestCase
+  include ActiveRecord::TestFixtures
+  self.fixture_path = File.dirname(__FILE__) + "/fixtures"
+  self.use_transactional_fixtures = false
+  self.use_instantiated_fixtures  = false
+  self.pre_loaded_fixtures = false
+  fixtures :all
+  setup :activate_authlogic
+  
+  private
+    def activate_authlogic
+      Authlogic::Session::Base.controller = controller
+    end
+    
+    def controller
+      @controller ||= Authlogic::TestCase::ControllerAdapter.new(ActionController.new)
+    end
+    
+end