sorcery 0.2.1 → 0.3.0

data/lib/sorcery/controller/submodules/http_basic_auth.rb

@@ -48,13 +48,17 @@ module Sorcery
           
           # Sets the realm name by searching the controller name in the hash given at configuration time.
           def realm_name_by_controller
-            current_controller = self.class
-            while current_controller != ActionController::Base
-              result = Config.controller_to_realm_map[current_controller.controller_name]
-              return result if result
-              current_controller = self.class.superclass
+            if defined?(ActionController::Base)
+              current_controller = self.class
+              while current_controller != ActionController::Base
+                result = Config.controller_to_realm_map[current_controller.controller_name]
+                return result if result
+                current_controller = self.class.superclass
+              end
+              nil
+            else
+              Config.controller_to_realm_map["application"]
             end
-            nil
           end
           
         end

data/lib/sorcery/controller/submodules/oauth.rb

@@ -32,9 +32,12 @@ module Sorcery
           # after authentication the user is redirected to the callback defined in the provider config
           def auth_at_provider(provider)
             @provider = Config.send(provider)
+            args = {}
             if @provider.respond_to?(:get_request_token)
-              args = {:request_token => @provider.get_request_token} 
-              session[:request_token] = args[:request_token]
+              req_token = @provider.get_request_token
+              session[:request_token]         = req_token.token
+              session[:request_token_secret]  = req_token.secret
+              args.merge!({:request_token => req_token.token, :request_token_secret => req_token.secret})
             end
             redirect_to @provider.authorize_url(args)
           end
@@ -43,7 +46,7 @@ module Sorcery
           def login_from_access_token(provider)
             @provider = Config.send(provider)
             args = {}
-            args.merge!({:oauth_verifier => params[:oauth_verifier], :request_token => session[:request_token]}) if @provider.respond_to?(:get_request_token)
+            args.merge!({:oauth_verifier => params[:oauth_verifier], :request_token => session[:request_token], :request_token_secret => session[:request_token_secret]}) if @provider.respond_to?(:get_request_token)
             args.merge!({:code => params[:code]}) if params[:code]
             @access_token = @provider.get_access_token(args)
             @user_hash = @provider.get_user_hash(@access_token)

data/lib/sorcery/controller/submodules/oauth/oauth1.rb

@@ -8,16 +8,23 @@ module Sorcery
             "1.0"
           end
           
-          def get_request_token
-            ::OAuth::Consumer.new(@key, @secret, :site => @site).get_request_token(:oauth_callback => @callback_url)
+          def get_request_token(token=nil,secret=nil)
+            return ::OAuth::RequestToken.new(get_consumer,token,secret) if token && secret
+            get_consumer.get_request_token(:oauth_callback => @callback_url)
           end
           
           def authorize_url(args)
-            args[:request_token].authorize_url(:oauth_callback => @callback_url)
+            get_request_token(args[:request_token],args[:request_token_secret]).authorize_url(:oauth_callback => @callback_url)
           end
           
           def get_access_token(args)
-            args[:request_token].get_access_token(:oauth_verifier => args[:oauth_verifier])
+            get_request_token(args[:request_token],args[:request_token_secret]).get_access_token(:oauth_verifier => args[:oauth_verifier])
+          end
+          
+          protected
+          
+          def get_consumer
+            ::OAuth::Consumer.new(@key, @secret, :site => @site)
           end
         end
       end

data/lib/sorcery/controller/submodules/oauth/oauth2.rb

@@ -8,7 +8,7 @@ module Sorcery
             "2.0"
           end
           
-          def authorize_url(args)
+          def authorize_url(*args)
             client = ::OAuth2::Client.new(@key, @secret, :site => @site)
             client.web_server.authorize_url(:redirect_uri => @callback_url, :scope => @scope)
           end

data/lib/sorcery/model/submodules/activity_logging.rb

@@ -31,7 +31,7 @@ module Sorcery
             config = sorcery_config
             where("#{config.last_activity_at_attribute_name} IS NOT NULL") \
             .where("#{config.last_logout_at_attribute_name} IS NULL OR #{config.last_activity_at_attribute_name} > #{config.last_logout_at_attribute_name}") \
-            .where("#{config.last_activity_at_attribute_name} > ? ", config.activity_timeout.seconds.ago)
+            .where("#{config.last_activity_at_attribute_name} > ? ", config.activity_timeout.seconds.ago.utc.to_s(:db))
           end
         end
       end

data/lib/sorcery/model/submodules/brute_force_protection.rb

@@ -20,10 +20,6 @@ module Sorcery
             reset!
           end
           
-          base.class_eval do
-
-          end
-          
           base.sorcery_config.before_authenticate << :prevent_locked_user_login
           base.extend(ClassMethods)
           base.send(:include, InstanceMethods)

data/lib/sorcery/sinatra.rb

@@ -0,0 +1,14 @@
+ActiveRecord::Base.send(:include, Sorcery::Model) if defined?(ActiveRecord)
+if defined?(Sinatra::Base)
+  Sinatra::Base.send(:include, Sorcery::Controller::Adapters::Sinatra)
+  Sinatra::Base.send(:include, Sorcery::Controller)
+  # Sorcery::Controller::Config.class_eval do
+  #   class << self
+  #     def submodules=(mods)
+  #       @submodules = mods
+  #       Sinatra::Base.send(:include, Sorcery::Controller::Adapters::Sinatra)
+  #       Sinatra::Base.send(:include, Sorcery::Controller)
+  #     end
+  #   end
+  # end
+end

data/lib/sorcery/test_helpers.rb

@@ -1,7 +1,13 @@
 module Sorcery
   module TestHelpers
-    SUBMODUELS_AUTO_ADDED_CONTROLLER_FILTERS = [:register_last_activity_time_to_db, :deny_banned_user, :validate_session]
-
+    # a patch to fix a bug in testing that happens when you 'destroy' a session twice.
+    # After the first destroy, the session is an ordinary hash, and then when destroy is called again there's an exception.
+    class ::Hash
+      def destroy
+        clear
+      end
+    end
+    
     def create_new_user(attributes_hash = nil)
       user_attributes_hash = attributes_hash || {:username => 'gizmo', :email => "bla@bla.com", :password => 'secret'}
       @user = User.new(user_attributes_hash)
@@ -16,62 +22,12 @@ module Sorcery
       @user
     end
     
-    def login_user(user = nil)
-      user ||= @user
-      subject.send(:login_user,user)
-      subject.send(:after_login!,user,[user.username,'secret'])
-    end
-
-    def logout_user
-      subject.send(:logout)
-    end
-
-    def clear_user_without_logout
-      subject.instance_variable_set(:@current_user,nil)
-    end
-
-    def sorcery_reload!(submodules = [], options = {})
-      reload_user_class
-
-      # return to no-module configuration
-      ::Sorcery::Controller::Config.init!
-      ::Sorcery::Controller::Config.reset!
-
-      # remove all plugin before_filters so they won't fail other tests.
-      # I don't like this way, but I didn't find another.
-      # hopefully it won't break until Rails 4.
-      ApplicationController._process_action_callbacks.delete_if {|c| SUBMODUELS_AUTO_ADDED_CONTROLLER_FILTERS.include?(c.filter) }
-
-      # configure
-      ::Sorcery::Controller::Config.submodules = submodules
-      ::Sorcery::Controller::Config.user_class = nil
-      ActionController::Base.send(:include,::Sorcery::Controller)
-
-      User.activate_sorcery! do |config|
-        options.each do |property,value|
-          config.send(:"#{property}=", value)
-        end
-      end
-    end
-
     def sorcery_model_property_set(property, *values)
       User.class_eval do
         sorcery_config.send(:"#{property}=", *values)
       end
     end
-
-    def sorcery_controller_property_set(property, value)
-      ApplicationController.activate_sorcery! do |config|
-        config.send(:"#{property}=", value)
-      end
-    end
     
-    def sorcery_controller_oauth_property_set(provider, property, value)
-      ApplicationController.activate_sorcery! do |config|
-        config.send(provider).send(:"#{property}=", value)
-      end
-    end
-
     private
 
     # reload user class between specs

data/lib/sorcery/test_helpers/rails.rb

@@ -0,0 +1,57 @@
+module Sorcery
+  module TestHelpers
+    module Rails
+      SUBMODUELS_AUTO_ADDED_CONTROLLER_FILTERS = [:register_last_activity_time_to_db, :deny_banned_user, :validate_session]
+      
+      def sorcery_reload!(submodules = [], options = {})
+        reload_user_class
+
+        # return to no-module configuration
+        ::Sorcery::Controller::Config.init!
+        ::Sorcery::Controller::Config.reset!
+
+        # remove all plugin before_filters so they won't fail other tests.
+        # I don't like this way, but I didn't find another.
+        # hopefully it won't break until Rails 4.
+        ApplicationController._process_action_callbacks.delete_if {|c| SUBMODUELS_AUTO_ADDED_CONTROLLER_FILTERS.include?(c.filter) }
+
+        # configure
+        ::Sorcery::Controller::Config.submodules = submodules
+        ::Sorcery::Controller::Config.user_class = nil
+        ActionController::Base.send(:include,::Sorcery::Controller)
+
+        User.activate_sorcery! do |config|
+          options.each do |property,value|
+            config.send(:"#{property}=", value)
+          end
+        end
+      end
+      
+      def sorcery_controller_property_set(property, value)
+        ApplicationController.activate_sorcery! do |config|
+          config.send(:"#{property}=", value)
+        end
+      end
+
+      def sorcery_controller_oauth_property_set(provider, property, value)
+        ApplicationController.activate_sorcery! do |config|
+          config.send(provider).send(:"#{property}=", value)
+        end
+      end
+      
+      def login_user(user = nil)
+        user ||= @user
+        subject.send(:login_user,user)
+        subject.send(:after_login!,user,[user.username,'secret'])
+      end
+
+      def logout_user
+        subject.send(:logout)
+      end
+
+      def clear_user_without_logout
+        subject.instance_variable_set(:@current_user,nil)
+      end
+    end
+  end
+end

data/lib/sorcery/test_helpers/sinatra.rb

@@ -0,0 +1,131 @@
+module Sorcery
+  module TestHelpers
+    module Sinatra
+      
+      class MyApp
+        class << self
+          def new
+            return this
+          end
+        end
+      end
+      
+      class ::Sinatra::Application
+        class << self
+          attr_accessor :sorcery_vars
+        end
+        @sorcery_vars = {}
+
+        # NOTE: see before and after test filters in filters.rb
+        
+        def save_instance_vars
+          instance_variables.each do |var|
+            self.class.sorcery_vars[:"#{var.to_s.delete("@")}"] = instance_variable_get(var)
+          end
+        end
+      end
+                    
+      ::RSpec::Matchers.define :redirect_to do |expected|
+        match do |actual|
+          actual.status == 302 && actual.location == expected
+        end
+      end
+      
+      def get_sinatra_app(app)
+        while app.class != ::Sinatra::Application do
+          app = app.instance_variable_get(:@app)
+        end
+        app
+      end
+      
+      def login_user(user=nil)
+        user ||= @user
+        get_sinatra_app(subject).send(:login_user,user)
+        get_sinatra_app(subject).send(:after_login!,user,[user.username,'secret'])
+      end
+      
+      def logout_user
+        get_sinatra_app(subject).send(:logout)
+      end
+
+      def clear_user_without_logout
+        get_sinatra_app(subject).instance_variable_set(:@current_user,nil)
+      end
+        
+      def assigns
+        ::Sinatra::Application.sorcery_vars
+      end
+      
+      class SessionData
+        def initialize(cookies)
+          @cookies = cookies
+          @data = cookies['rack.session']
+          if @data
+            @data = @data.unpack("m*").first
+            @data = Marshal.load(@data)
+          else
+            @data = {}
+          end
+        end
+
+        def [](key)
+          @data[key]
+        end
+
+        def []=(key, value)
+          @data[key] = value
+          session_data = Marshal.dump(@data)
+          session_data = [session_data].pack("m*")
+          @cookies.merge("rack.session=#{Rack::Utils.escape(session_data)}", URI.parse("//example.org//"))
+          raise "session variable not set" unless @cookies['rack.session'] == session_data
+        end
+      end
+
+      def session
+        SessionData.new(rack_test_session.instance_variable_get(:@rack_mock_session).cookie_jar)
+      end
+      
+      def cookies
+        rack_test_session.instance_variable_get(:@rack_mock_session).cookie_jar
+      end
+      
+      def sorcery_reload!(submodules = [], options = {})
+        reload_user_class
+
+        # return to no-module configuration
+        ::Sorcery::Controller::Config.init!
+        ::Sorcery::Controller::Config.reset!
+
+        # clear all filters
+        ::Sinatra::Application.instance_variable_set(:@filters,{:before => [],:after => []})
+        ::Sinatra::Application.class_eval do
+          load File.join(File.dirname(__FILE__),'..','..','..','spec','sinatra','filters.rb')
+        end
+        
+        # configure
+        ::Sorcery::Controller::Config.submodules = submodules
+        ::Sorcery::Controller::Config.user_class = nil
+        ::Sinatra::Application.send(:include, Sorcery::Controller::Adapters::Sinatra)
+        ::Sinatra::Application.send(:include, Sorcery::Controller)
+        
+        User.activate_sorcery! do |config|
+          options.each do |property,value|
+            config.send(:"#{property}=", value)
+          end
+        end
+      end
+      
+      def sorcery_controller_property_set(property, value)
+        ::Sinatra::Application.activate_sorcery! do |config|
+          config.send(:"#{property}=", value)
+        end
+      end
+
+      def sorcery_controller_oauth_property_set(provider, property, value)
+        ::Sinatra::Application.activate_sorcery! do |config|
+          config.send(provider).send(:"#{property}=", value)
+        end
+      end
+    end
+  end
+end

data/sorcery.gemspec

@@ -5,11 +5,11 @@
 
 Gem::Specification.new do |s|
   s.name = %q{sorcery}
-  s.version = "0.2.1"
+  s.version = "0.3.0"
 
   s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
   s.authors = ["Noam Ben Ari"]
-  s.date = %q{2011-03-15}
+  s.date = %q{2011-04-04}
   s.description = %q{Provides common authentication needs such as signing in/out, activating by email and resetting password.}
   s.email = %q{nbenari@gmail.com}
   s.extra_rdoc_files = [
@@ -25,8 +25,17 @@ Gem::Specification.new do |s|
     "README.rdoc",
     "Rakefile",
     "VERSION",
+    "lib/generators/sorcery_migration/sorcery_migration_generator.rb",
+    "lib/generators/sorcery_migration/templates/activity_logging.rb",
+    "lib/generators/sorcery_migration/templates/brute_force_protection.rb",
+    "lib/generators/sorcery_migration/templates/core.rb",
+    "lib/generators/sorcery_migration/templates/oauth.rb",
+    "lib/generators/sorcery_migration/templates/remember_me.rb",
+    "lib/generators/sorcery_migration/templates/reset_password.rb",
+    "lib/generators/sorcery_migration/templates/user_activation.rb",
     "lib/sorcery.rb",
     "lib/sorcery/controller.rb",
+    "lib/sorcery/controller/adapters/sinatra.rb",
     "lib/sorcery/controller/submodules/activity_logging.rb",
     "lib/sorcery/controller/submodules/brute_force_protection.rb",
     "lib/sorcery/controller/submodules/http_basic_auth.rb",
@@ -52,7 +61,10 @@ Gem::Specification.new do |s|
     "lib/sorcery/model/submodules/reset_password.rb",
     "lib/sorcery/model/submodules/user_activation.rb",
     "lib/sorcery/model/temporary_token.rb",
+    "lib/sorcery/sinatra.rb",
     "lib/sorcery/test_helpers.rb",
+    "lib/sorcery/test_helpers/rails.rb",
+    "lib/sorcery/test_helpers/sinatra.rb",
     "sorcery.gemspec",
     "spec/Gemfile",
     "spec/Gemfile.lock",
@@ -136,8 +148,42 @@ Gem::Specification.new do |s|
     "spec/rails3/app_root/spec/user_reset_password_spec.rb",
     "spec/rails3/app_root/spec/user_spec.rb",
     "spec/rails3/app_root/vendor/plugins/.gitkeep",
+    "spec/sinatra/Gemfile",
+    "spec/sinatra/Gemfile.lock",
+    "spec/sinatra/Rakefile",
+    "spec/sinatra/authentication.rb",
+    "spec/sinatra/db/migrate/activation/20101224223622_add_activation_to_users.rb",
+    "spec/sinatra/db/migrate/activity_logging/20101224223624_add_activity_logging_to_users.rb",
+    "spec/sinatra/db/migrate/brute_force_protection/20101224223626_add_brute_force_protection_to_users.rb",
+    "spec/sinatra/db/migrate/core/20101224223620_create_users.rb",
+    "spec/sinatra/db/migrate/oauth/20101224223628_create_authentications.rb",
+    "spec/sinatra/db/migrate/remember_me/20101224223623_add_remember_me_token_to_users.rb",
+    "spec/sinatra/db/migrate/reset_password/20101224223622_add_reset_password_to_users.rb",
+    "spec/sinatra/filters.rb",
+    "spec/sinatra/myapp.rb",
+    "spec/sinatra/sorcery_mailer.rb",
+    "spec/sinatra/spec/controller_activity_logging_spec.rb",
+    "spec/sinatra/spec/controller_brute_force_protection_spec.rb",
+    "spec/sinatra/spec/controller_http_basic_auth_spec.rb",
+    "spec/sinatra/spec/controller_oauth2_spec.rb",
+    "spec/sinatra/spec/controller_oauth_spec.rb",
+    "spec/sinatra/spec/controller_remember_me_spec.rb",
+    "spec/sinatra/spec/controller_session_timeout_spec.rb",
+    "spec/sinatra/spec/controller_spec.rb",
+    "spec/sinatra/spec/spec.opts",
+    "spec/sinatra/spec/spec_helper.rb",
+    "spec/sinatra/spec/user_activation_spec.rb",
+    "spec/sinatra/spec/user_activity_logging_spec.rb",
+    "spec/sinatra/spec/user_brute_force_protection_spec.rb",
+    "spec/sinatra/spec/user_oauth_spec.rb",
+    "spec/sinatra/spec/user_remember_me_spec.rb",
+    "spec/sinatra/spec/user_reset_password_spec.rb",
+    "spec/sinatra/spec/user_spec.rb",
+    "spec/sinatra/user.rb",
+    "spec/sinatra/views/test_login.erb",
     "spec/sorcery_crypto_providers_spec.rb",
-    "spec/spec_helper.rb"
+    "spec/spec_helper.rb",
+    "spec/untitled folder"
   ]
   s.homepage = %q{http://github.com/NoamB/sorcery}
   s.licenses = ["MIT"]
@@ -189,6 +235,34 @@ Gem::Specification.new do |s|
     "spec/rails3/app_root/spec/user_remember_me_spec.rb",
     "spec/rails3/app_root/spec/user_reset_password_spec.rb",
     "spec/rails3/app_root/spec/user_spec.rb",
+    "spec/sinatra/authentication.rb",
+    "spec/sinatra/db/migrate/activation/20101224223622_add_activation_to_users.rb",
+    "spec/sinatra/db/migrate/activity_logging/20101224223624_add_activity_logging_to_users.rb",
+    "spec/sinatra/db/migrate/brute_force_protection/20101224223626_add_brute_force_protection_to_users.rb",
+    "spec/sinatra/db/migrate/core/20101224223620_create_users.rb",
+    "spec/sinatra/db/migrate/oauth/20101224223628_create_authentications.rb",
+    "spec/sinatra/db/migrate/remember_me/20101224223623_add_remember_me_token_to_users.rb",
+    "spec/sinatra/db/migrate/reset_password/20101224223622_add_reset_password_to_users.rb",
+    "spec/sinatra/filters.rb",
+    "spec/sinatra/myapp.rb",
+    "spec/sinatra/sorcery_mailer.rb",
+    "spec/sinatra/spec/controller_activity_logging_spec.rb",
+    "spec/sinatra/spec/controller_brute_force_protection_spec.rb",
+    "spec/sinatra/spec/controller_http_basic_auth_spec.rb",
+    "spec/sinatra/spec/controller_oauth2_spec.rb",
+    "spec/sinatra/spec/controller_oauth_spec.rb",
+    "spec/sinatra/spec/controller_remember_me_spec.rb",
+    "spec/sinatra/spec/controller_session_timeout_spec.rb",
+    "spec/sinatra/spec/controller_spec.rb",
+    "spec/sinatra/spec/spec_helper.rb",
+    "spec/sinatra/spec/user_activation_spec.rb",
+    "spec/sinatra/spec/user_activity_logging_spec.rb",
+    "spec/sinatra/spec/user_brute_force_protection_spec.rb",
+    "spec/sinatra/spec/user_oauth_spec.rb",
+    "spec/sinatra/spec/user_remember_me_spec.rb",
+    "spec/sinatra/spec/user_reset_password_spec.rb",
+    "spec/sinatra/spec/user_spec.rb",
+    "spec/sinatra/user.rb",
     "spec/sorcery_crypto_providers_spec.rb",
     "spec/spec_helper.rb"
   ]