sinatra_ad_auth 0.25.20120401

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -0,0 +1,6 @@
1
+ .rvmrc
2
+ *.swp
3
+ *.gem
4
+ .bundle
5
+ Gemfile.lock
6
+ pkg/*
data/Gemfile ADDED
@@ -0,0 +1,6 @@
1
+ source "http://rubygems.org"
2
+
3
+ gem 'sinatra'
4
+ gem 'rake'
5
+ gem 'rspec'
6
+ gem 'net-ldap'
data/LICENSE ADDED
@@ -0,0 +1,24 @@
1
+ Copyright (c) 2012, Paolo Perego - <thesp0nge@gmail.com>
2
+ All rights reserved.
3
+
4
+ Redistribution and use in source and binary forms, with or without
5
+ modification, are permitted provided that the following conditions are met:
6
+ * Redistributions of source code must retain the above copyright
7
+ notice, this list of conditions and the following disclaimer.
8
+ * Redistributions in binary form must reproduce the above copyright
9
+ notice, this list of conditions and the following disclaimer in the
10
+ documentation and/or other materials provided with the distribution.
11
+ * Neither the name of the nor the
12
+ names of its contributors may be used to endorse or promote products
13
+ derived from this software without specific prior written permission.
14
+
15
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
16
+ ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
17
+ WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
18
+ DISCLAIMED. IN NO EVENT SHALL <COPYRIGHT HOLDER> BE LIABLE FOR ANY
19
+ DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
20
+ (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
21
+ LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
22
+ ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
23
+ (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
24
+ SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
@@ -0,0 +1,5 @@
1
+ # Introduction
2
+
3
+ Sinatra Active Directory auth is a simple [sinatra](http://sinatrarb.org) extension to
4
+ provide an authentication mechanism against an AD Server and some APIs you can use
5
+ in your sinatra applications.
@@ -0,0 +1,7 @@
1
+ require "bundler/gem_tasks"
2
+ require "rspec/core/rake_task"
3
+
4
+ RSpec::Core::RakeTask.new
5
+
6
+ task :default => :spec
7
+ task :test => :spec
@@ -0,0 +1,52 @@
1
+ require 'sinatra/base'
2
+ require 'sinatra/ad_user'
3
+
4
+ module Sinatra
5
+ module ADAuth
6
+
7
+ module Helpers
8
+ def authorized?
9
+ session[:authorized]
10
+ end
11
+
12
+ def authorize!
13
+ redirect '/login' unless authorized?
14
+ end
15
+
16
+ def logout!
17
+ session[:authorized] = false
18
+ end
19
+ end
20
+
21
+ def self.registered(app)
22
+ app.helpers ADAuth::Helpers
23
+ app.enable :sessions
24
+
25
+ app.get '/login' do
26
+ "<form method='POST' action='/login'>" +
27
+ "<input type='text' name='user'>" +
28
+ "<input type='password' name='pass'>" +
29
+ "<input type='submit'>" +
30
+ "</form>"
31
+ end
32
+
33
+ # Public - This API authenticates an user against a given Active
34
+ # Directory server
35
+ #
36
+ app.post '/login' do
37
+ user = Sinatra::ADAuth::User.authenticate(params[:user],params[:pass], settings.conf)
38
+
39
+ if ! user.nil?
40
+ session[:authorized] = true
41
+ puts "here we are #{session[:authorized]}"
42
+ redirect '/public'
43
+ else
44
+ session[:authorized] = false
45
+ redirect '/login'
46
+ end
47
+ end
48
+ end
49
+
50
+ end
51
+ register ADAuth
52
+ end
@@ -0,0 +1,172 @@
1
+ # ActiveDirectoryUser (active_directory_user.rb)
2
+ # Author : Ernie Miller
3
+ # Last modified: 4/4/2008
4
+ #
5
+ # Description:
6
+ # A class for authenticating via Active Directory and providing
7
+ # more developer-friendly access to key user attributes through configurable
8
+ # attribute readers.
9
+ #
10
+ # You might find this useful if you want to use a central user/pass from AD
11
+ # but still keep a local DB cache of certain user details for use in foreign
12
+ # key constraints, for instance.
13
+ #
14
+ # Configuration:
15
+ # Set your server information below, then add attributes you are interested
16
+ # in to the ATTR_SV or ATTR_MV hashes, depending on whether they are single
17
+ # or multi-value attributes. The left hand side is your desired name for
18
+ # the attribute, and the right hand side is the attribute name as it exists
19
+ # in the directory.
20
+ #
21
+ # An optional Proc can be supplied to perform some processing on the raw
22
+ # directory data before returning it. This proc should accept a single
23
+ # parameter, the value to be processed. It will be used in Array#collect
24
+ # for multi-value attributes.
25
+ #
26
+ # Example:
27
+ # :flanderized_first_name => [ :givenname,
28
+ # Proc.new {|n| n + '-diddly'} ]
29
+ #
30
+ # Usage:
31
+ # user = ActiveDirectoryUser.authenticate('emiller','password')
32
+ # user.first_name # => "Ernie"
33
+ # user.flanderized_first_name # => "Ernie-diddly"
34
+ # user.groups # => ["Mac Users", "Geeks", "Ruby Coders", ... ]
35
+
36
+ # Changes made by Paolo Perego
37
+ # 30-Mar-2012: Packed in Sinatra::ADAuth
38
+ # 13-Jan-2012: Moved the parameter connection in a YAML config file
39
+
40
+ require 'net/ldap' # gem install net-ldap
41
+ require 'yaml'
42
+
43
+ module Sinatra
44
+ module ADAuth
45
+ class User
46
+ ### BEGIN CONFIGURATION ###
47
+
48
+ # ATTR_SV is for single valued attributes only. Generated readers will
49
+ # convert the value to a string before returning or calling your Proc.
50
+ ATTR_SV = {
51
+ :login => :samaccountname,
52
+ :first_name => :givenname,
53
+ :last_name => :sn,
54
+ :email => :mail
55
+ }
56
+
57
+
58
+ # ATTR_MV is for multi-valued attributes. Generated readers will always
59
+ # return an array.
60
+ ATTR_MV = {
61
+ :groups => [ :memberof,
62
+ # Get the simplified name of first-level groups.
63
+ # TODO: Handle escaped special characters
64
+ Proc.new {|g| g.sub(/.*?CN=(.*?),.*/, '\1')} ]
65
+ }
66
+
67
+ # Exposing the raw Net::LDAP::Entry is probably overkill, but could be set
68
+ # up by uncommenting the line below if you disagree.
69
+ # attr_reader :entry
70
+
71
+ ### END CONFIGURATION ###
72
+
73
+
74
+ # Automatically fail login if login or password are empty. Otherwise, try
75
+ # to initialize a Net::LDAP object and call its bind method. If successful,
76
+ # we find the LDAP entry for the user and initialize with it. Returns nil
77
+ # on failure.
78
+ def self.authenticate(login, pass, conf_file=nil)
79
+ return nil if login.empty? or pass.empty?
80
+
81
+ if ! self.read_conf(conf_file)
82
+ return nil
83
+ end
84
+ conn = Net::LDAP.new :host => @@server,
85
+ :port => @@port,
86
+ :base => @@base,
87
+ :auth => { :username => "#{login}@#{@@domain}",
88
+ :password => pass,
89
+ :method => :simple }
90
+ if conn.bind and user = conn.search(:filter => "sAMAccountName=#{login}").first
91
+ return self.new(user)
92
+ else
93
+ return nil
94
+ end
95
+ # If we don't rescue this, Net::LDAP is decidedly ungraceful about failing
96
+ # to connect to the server. We'd prefer to say authentication failed.
97
+ rescue Net::LDAP::LdapError => e
98
+ return nil
99
+ end
100
+
101
+ def full_name
102
+ self.first_name + ' ' + self.last_name
103
+ end
104
+ def name
105
+ self.first_name.gsub("[", "").gsub("]", "").gsub("\"", "")
106
+ end
107
+
108
+ def member_of?(group)
109
+ self.groups.include?(group)
110
+ end
111
+
112
+ private
113
+
114
+ def initialize(entry)
115
+ @entry = entry
116
+ self.class.class_eval do
117
+ generate_single_value_readers
118
+ generate_multi_value_readers
119
+ end
120
+ end
121
+
122
+ def self.generate_single_value_readers
123
+ ATTR_SV.each_pair do |k, v|
124
+ val, block = Array(v)
125
+ define_method(k) do
126
+ if @entry.attribute_names.include?(val)
127
+ if block.is_a?(Proc)
128
+ return block[@entry.send(val).to_s]
129
+ else
130
+ return @entry.send(val).to_s
131
+ end
132
+ else
133
+ return ''
134
+ end
135
+ end
136
+ end
137
+ end
138
+
139
+ def self.generate_multi_value_readers
140
+ ATTR_MV.each_pair do |k, v|
141
+ val, block = Array(v)
142
+ define_method(k) do
143
+ if @entry.attribute_names.include?(val)
144
+ if block.is_a?(Proc)
145
+ return @entry.send(val).collect(&block)
146
+ else
147
+ return @entry.send(val)
148
+ end
149
+ else
150
+ return []
151
+ end
152
+ end
153
+ end
154
+ end
155
+
156
+ # Read connection details found in YAML configuration file that is hardcoded
157
+ def self.read_conf(conf=nil)
158
+ (conf.nil?)? filename='./lib/conf/ldap.yaml' : filename=conf
159
+ config= YAML.load_file(conf)
160
+ @@server=config['ldap']['server']
161
+ @@port=config['ldap']['port']
162
+ @@base=config['ldap']['base']
163
+ @@domain=config['ldap']['domain']
164
+ true
165
+ rescue Exception => e
166
+ puts e.to_s
167
+ false
168
+ end
169
+
170
+ end
171
+ end
172
+ end
@@ -0,0 +1,5 @@
1
+ module Sinatra
2
+ module ADAuth
3
+ VERSION="0.25.20120401"
4
+ end
5
+ end
@@ -0,0 +1 @@
1
+ require 'sinatra/ad_version'
@@ -0,0 +1,26 @@
1
+ # -*- encoding: utf-8 -*-$:.push File.expand_path("../lib", __FILE__)
2
+ require './lib/sinatra/ad_version'
3
+
4
+ Gem::Specification.new do |s|
5
+ s.name = "sinatra_ad_auth"
6
+ s.version = Sinatra::ADAuth::VERSION
7
+ s.authors = ["Paolo Perego"]
8
+ s.email = ["thesp0nge@gmail.com"]
9
+ s.homepage = "http://armoredcode.com"
10
+ s.summary = %q{Sinatra extension to add authentication against a given active directory}
11
+ s.description = %q{Sinatra extension to add authentication against a given active directory}
12
+
13
+ s.rubyforge_project = "sinatra_ad_auth"
14
+
15
+ s.files = `git ls-files`.split("\n")
16
+ s.test_files = `git ls-files -- {test,spec,features}/*`.split("\n")
17
+ s.executables = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) }
18
+ s.require_paths = ["lib"]
19
+ # specify any dependencies here; for example:
20
+ s.add_dependency "net-ldap"
21
+ s.add_dependency "sinatra"
22
+ s.add_development_dependency "net-ldap"
23
+ s.add_development_dependency "rake"
24
+ s.add_development_dependency "rspec"
25
+ s.add_development_dependency "sinatra"
26
+ end
File without changes
@@ -0,0 +1 @@
1
+ require 'ldap_auth'
metadata ADDED
@@ -0,0 +1,127 @@
1
+ --- !ruby/object:Gem::Specification
2
+ name: sinatra_ad_auth
3
+ version: !ruby/object:Gem::Version
4
+ version: 0.25.20120401
5
+ prerelease:
6
+ platform: ruby
7
+ authors:
8
+ - Paolo Perego
9
+ autorequire:
10
+ bindir: bin
11
+ cert_chain: []
12
+ date: 2012-04-01 00:00:00.000000000Z
13
+ dependencies:
14
+ - !ruby/object:Gem::Dependency
15
+ name: net-ldap
16
+ requirement: &70110288137780 !ruby/object:Gem::Requirement
17
+ none: false
18
+ requirements:
19
+ - - ! '>='
20
+ - !ruby/object:Gem::Version
21
+ version: '0'
22
+ type: :runtime
23
+ prerelease: false
24
+ version_requirements: *70110288137780
25
+ - !ruby/object:Gem::Dependency
26
+ name: sinatra
27
+ requirement: &70110288175160 !ruby/object:Gem::Requirement
28
+ none: false
29
+ requirements:
30
+ - - ! '>='
31
+ - !ruby/object:Gem::Version
32
+ version: '0'
33
+ type: :runtime
34
+ prerelease: false
35
+ version_requirements: *70110288175160
36
+ - !ruby/object:Gem::Dependency
37
+ name: net-ldap
38
+ requirement: &70110288301900 !ruby/object:Gem::Requirement
39
+ none: false
40
+ requirements:
41
+ - - ! '>='
42
+ - !ruby/object:Gem::Version
43
+ version: '0'
44
+ type: :development
45
+ prerelease: false
46
+ version_requirements: *70110288301900
47
+ - !ruby/object:Gem::Dependency
48
+ name: rake
49
+ requirement: &70110288424280 !ruby/object:Gem::Requirement
50
+ none: false
51
+ requirements:
52
+ - - ! '>='
53
+ - !ruby/object:Gem::Version
54
+ version: '0'
55
+ type: :development
56
+ prerelease: false
57
+ version_requirements: *70110288424280
58
+ - !ruby/object:Gem::Dependency
59
+ name: rspec
60
+ requirement: &70110288598940 !ruby/object:Gem::Requirement
61
+ none: false
62
+ requirements:
63
+ - - ! '>='
64
+ - !ruby/object:Gem::Version
65
+ version: '0'
66
+ type: :development
67
+ prerelease: false
68
+ version_requirements: *70110288598940
69
+ - !ruby/object:Gem::Dependency
70
+ name: sinatra
71
+ requirement: &70110288688080 !ruby/object:Gem::Requirement
72
+ none: false
73
+ requirements:
74
+ - - ! '>='
75
+ - !ruby/object:Gem::Version
76
+ version: '0'
77
+ type: :development
78
+ prerelease: false
79
+ version_requirements: *70110288688080
80
+ description: Sinatra extension to add authentication against a given active directory
81
+ email:
82
+ - thesp0nge@gmail.com
83
+ executables: []
84
+ extensions: []
85
+ extra_rdoc_files: []
86
+ files:
87
+ - .gitignore
88
+ - .rvmrc
89
+ - Gemfile
90
+ - Gemfile.lock
91
+ - LICENSE
92
+ - README.md
93
+ - Rakefile
94
+ - lib/sinatra/ad_auth.rb
95
+ - lib/sinatra/ad_user.rb
96
+ - lib/sinatra/ad_version.rb
97
+ - lib/sinatra_ad_auth.rb
98
+ - sinatra_ad_auth.gemspec
99
+ - spec/sinatra_ldap_auth_spec.rb
100
+ - spec/spec_helper.rb
101
+ homepage: http://armoredcode.com
102
+ licenses: []
103
+ post_install_message:
104
+ rdoc_options: []
105
+ require_paths:
106
+ - lib
107
+ required_ruby_version: !ruby/object:Gem::Requirement
108
+ none: false
109
+ requirements:
110
+ - - ! '>='
111
+ - !ruby/object:Gem::Version
112
+ version: '0'
113
+ required_rubygems_version: !ruby/object:Gem::Requirement
114
+ none: false
115
+ requirements:
116
+ - - ! '>='
117
+ - !ruby/object:Gem::Version
118
+ version: '0'
119
+ requirements: []
120
+ rubyforge_project: sinatra_ad_auth
121
+ rubygems_version: 1.8.10
122
+ signing_key:
123
+ specification_version: 3
124
+ summary: Sinatra extension to add authentication against a given active directory
125
+ test_files:
126
+ - spec/sinatra_ldap_auth_spec.rb
127
+ - spec/spec_helper.rb