sorcery 0.7.4 → 0.7.5

data/lib/sorcery/model/adapters/active_record.rb

@@ -7,8 +7,13 @@ module Sorcery
         end
 
         module ClassMethods
+          def column_name(attribute)
+            return "LOWER(#{attribute})" if (@sorcery_config.downcase_username_before_authenticating)
+            return "#{attribute}"
+          end
+
           def find_by_credentials(credentials)
-             sql = @sorcery_config.username_attribute_names.map{|attribute| "#{attribute} = :login"}
+             sql = @sorcery_config.username_attribute_names.map{|attribute| column_name(attribute) + " = :login"}
              where(sql.join(' OR '), :login => credentials[0]).first
           end
 

data/lib/sorcery/model/adapters/mongo_mapper.rb

@@ -19,9 +19,14 @@ module Sorcery
         end
 
         module ClassMethods
+          def credential_regex(credential)
+            return { :$regex =>  /^#{credential}$/i  }  if (@sorcery_config.downcase_username_before_authenticating)
+            return credential
+          end
+
           def find_by_credentials(credentials)
             @sorcery_config.username_attribute_names.each do |attribute|
-              @user = where(attribute => credentials[0]).first
+              @user = where(attribute => credential_regex(credentials[0])).first
               break if @user
             end
             @user

data/lib/sorcery/model/adapters/mongoid.rb

@@ -14,9 +14,14 @@ module Sorcery
         end
 
         module ClassMethods
+          def credential_regex(credential)
+            return { :$regex =>  /^#{credential}$/i  }  if (@sorcery_config.downcase_username_before_authenticating)
+            return credential
+          end
+
           def find_by_credentials(credentials)
             @sorcery_config.username_attribute_names.each do |attribute|
-              @user = where(attribute => credentials[0]).first
+              @user = where(attribute => credential_regex(credentials[0])).first
               break if @user
             end
             @user

data/lib/sorcery/model/submodules/activity_logging.rb

@@ -39,12 +39,12 @@ module Sorcery
           protected
 
           def define_activity_logging_mongoid_fields
-            field sorcery_config.last_login_at_attribute_name,    :type => DateTime
-            field sorcery_config.last_logout_at_attribute_name,   :type => DateTime
-            field sorcery_config.last_activity_at_attribute_name, :type => DateTime
+            field sorcery_config.last_login_at_attribute_name,    :type => Time
+            field sorcery_config.last_logout_at_attribute_name,   :type => Time
+            field sorcery_config.last_activity_at_attribute_name, :type => Time
           end
         end
       end
     end
   end
-end
+end

data/lib/sorcery/model/submodules/brute_force_protection.rb

@@ -38,12 +38,12 @@ module Sorcery
 
           def define_brute_force_protection_mongoid_fields
             field sorcery_config.failed_logins_count_attribute_name,  :type => Integer
-            field sorcery_config.lock_expires_at_attribute_name,      :type => DateTime
+            field sorcery_config.lock_expires_at_attribute_name,      :type => Time
           end
 
           def define_brute_force_protection_mongo_mapper_fields
             key sorcery_config.failed_logins_count_attribute_name, Integer
-            key sorcery_config.lock_expires_at_attribute_name, DateTime
+            key sorcery_config.lock_expires_at_attribute_name, Time
           end
         end
         
@@ -54,7 +54,7 @@ module Sorcery
             config = sorcery_config
             return if !unlocked?
             self.increment(config.failed_logins_count_attribute_name)
-            save!(:validate => false)
+            self.save!(:validate => false)
             self.lock! if self.send(config.failed_logins_count_attribute_name) >= config.consecutive_login_retries_amount_limit
           end
           
@@ -63,14 +63,14 @@ module Sorcery
           def lock!
             config = sorcery_config
             self.send(:"#{config.lock_expires_at_attribute_name}=", Time.now.in_time_zone + config.login_lock_time_period)
-            self.save!(validate: false)
+            self.save!(:validate => false)
           end
 
           def unlock!
             config = sorcery_config
             self.send(:"#{config.lock_expires_at_attribute_name}=", nil)
             self.send(:"#{config.failed_logins_count_attribute_name}=", 0)
-            self.save!(validate: false)
+            self.save!(:validate => false)
           end
           
           def unlocked?

data/lib/sorcery/model/submodules/reset_password.rb

@@ -72,13 +72,12 @@ module Sorcery
 
           def define_reset_password_mongoid_fields
             field sorcery_config.reset_password_token_attribute_name,             :type => String
-            field sorcery_config.reset_password_token_expires_at_attribute_name,  :type => DateTime
-            field sorcery_config.reset_password_email_sent_at_attribute_name,     :type => DateTime
+            field sorcery_config.reset_password_token_expires_at_attribute_name,  :type => Time
+            field sorcery_config.reset_password_email_sent_at_attribute_name,     :type => Time
           end
           
           def define_reset_password_mongo_mapper_fields
             key sorcery_config.reset_password_token_attribute_name, String
-            # no DateTime in MM
             key sorcery_config.reset_password_token_expires_at_attribute_name, Time
             key sorcery_config.reset_password_email_sent_at_attribute_name, Time
           end
@@ -89,7 +88,7 @@ module Sorcery
           def deliver_reset_password_instructions!
             config = sorcery_config
             # hammering protection
-            return if config.reset_password_time_between_emails && self.send(config.reset_password_email_sent_at_attribute_name) && self.send(config.reset_password_email_sent_at_attribute_name) > config.reset_password_time_between_emails.ago.utc
+            return false if config.reset_password_time_between_emails && self.send(config.reset_password_email_sent_at_attribute_name) && self.send(config.reset_password_email_sent_at_attribute_name) > config.reset_password_time_between_emails.ago.utc
             self.send(:"#{config.reset_password_token_attribute_name}=", TemporaryToken.generate_random_token)
             self.send(:"#{config.reset_password_token_expires_at_attribute_name}=", Time.now.in_time_zone + config.reset_password_expiration_period) if config.reset_password_expiration_period
             self.send(:"#{config.reset_password_email_sent_at_attribute_name}=", Time.now.in_time_zone)
@@ -119,4 +118,4 @@ module Sorcery
       end
     end
   end
-end
+end

data/lib/sorcery/model/submodules/user_activation.rb

@@ -84,7 +84,7 @@ module Sorcery
             self.class_eval do
               field sorcery_config.activation_state_attribute_name,            :type => String
               field sorcery_config.activation_token_attribute_name,            :type => String
-              field sorcery_config.activation_token_expires_at_attribute_name, :type => DateTime
+              field sorcery_config.activation_token_expires_at_attribute_name, :type => Time
             end
           end
 
@@ -92,7 +92,6 @@ module Sorcery
             self.class_eval do
               key sorcery_config.activation_state_attribute_name, String
               key sorcery_config.activation_token_attribute_name, String
-              # no DateTime in MM
               key sorcery_config.activation_token_expires_at_attribute_name, Time
             end
           end

data/sorcery.gemspec

@@ -5,11 +5,11 @@
 
 Gem::Specification.new do |s|
   s.name = "sorcery"
-  s.version = "0.7.4"
+  s.version = "0.7.5"
 
   s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
   s.authors = ["Noam Ben Ari"]
-  s.date = "2011-10-29"
+  s.date = "2011-11-11"
   s.description = "Provides common authentication needs such as signing in/out, activating by email and resetting password."
   s.email = "nbenari@gmail.com"
   s.extra_rdoc_files = [
@@ -45,6 +45,8 @@ Gem::Specification.new do |s|
     "lib/sorcery/controller/submodules/external/protocols/oauth2.rb",
     "lib/sorcery/controller/submodules/external/providers/facebook.rb",
     "lib/sorcery/controller/submodules/external/providers/github.rb",
+    "lib/sorcery/controller/submodules/external/providers/google.rb",
+    "lib/sorcery/controller/submodules/external/providers/liveid.rb",
     "lib/sorcery/controller/submodules/external/providers/twitter.rb",
     "lib/sorcery/controller/submodules/http_basic_auth.rb",
     "lib/sorcery/controller/submodules/remember_me.rb",

data/spec/Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: ../
   specs:
-    sorcery (0.7.2)
+    sorcery (0.7.4)
       bcrypt-ruby (~> 3.0.0)
       oauth (~> 0.4.4)
       oauth (~> 0.4.4)
@@ -66,7 +66,7 @@ GEM
     oauth2 (0.4.1)
       faraday (~> 0.6.1)
       multi_json (>= 0.0.5)
-    polyglot (0.3.2)
+    polyglot (0.3.3)
     rack (1.2.4)
     rack-mount (0.6.14)
       rack (>= 1.0.0)
@@ -112,7 +112,7 @@ GEM
     treetop (1.4.10)
       polyglot
       polyglot (>= 0.3.1)
-    tzinfo (0.3.30)
+    tzinfo (0.3.31)
 
 PLATFORMS
   ruby

data/spec/rails3/Gemfile

@@ -5,8 +5,7 @@ gem 'sqlite3-ruby', :require => 'sqlite3'
 gem "sorcery", '>= 0.1.0', :path => '../../'
 
 group :development, :test do
-  gem "rspec", "~> 2.5.0"
-  gem 'rspec-rails', "~> 2.5.0"
+  gem 'rspec-rails', "~> 2.7.0"
   gem 'ruby-debug19'
   gem 'simplecov', '>= 0.3.8', :require => false # Will install simplecov-html as a dependency
   gem 'timecop'

data/spec/rails3/Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: ../../
   specs:
-    sorcery (0.7.2)
+    sorcery (0.7.4)
       bcrypt-ruby (~> 3.0.0)
       oauth (~> 0.4.4)
       oauth (~> 0.4.4)
@@ -68,7 +68,7 @@ GEM
     oauth2 (0.4.1)
       faraday (~> 0.6.1)
       multi_json (>= 0.0.5)
-    polyglot (0.3.2)
+    polyglot (0.3.3)
     rack (1.2.4)
     rack-mount (0.6.14)
       rack (>= 1.0.0)
@@ -88,19 +88,19 @@ GEM
       rake (>= 0.8.7)
       thor (~> 0.14.4)
     rake (0.9.2.2)
-    rspec (2.5.0)
-      rspec-core (~> 2.5.0)
-      rspec-expectations (~> 2.5.0)
-      rspec-mocks (~> 2.5.0)
-    rspec-core (2.5.2)
-    rspec-expectations (2.5.0)
+    rspec (2.7.0)
+      rspec-core (~> 2.7.0)
+      rspec-expectations (~> 2.7.0)
+      rspec-mocks (~> 2.7.0)
+    rspec-core (2.7.1)
+    rspec-expectations (2.7.0)
       diff-lcs (~> 1.1.2)
-    rspec-mocks (2.5.0)
-    rspec-rails (2.5.0)
+    rspec-mocks (2.7.0)
+    rspec-rails (2.7.0)
       actionpack (~> 3.0)
       activesupport (~> 3.0)
       railties (~> 3.0)
-      rspec (~> 2.5.0)
+      rspec (~> 2.7.0)
     ruby-debug-base19 (0.11.25)
       columnize (>= 0.3.1)
       linecache19 (>= 0.5.11)
@@ -123,7 +123,7 @@ GEM
     treetop (1.4.10)
       polyglot
       polyglot (>= 0.3.1)
-    tzinfo (0.3.30)
+    tzinfo (0.3.31)
 
 PLATFORMS
   ruby
@@ -131,8 +131,7 @@ PLATFORMS
 DEPENDENCIES
   launchy (~> 2.0.5)
   rails (= 3.0.3)
-  rspec (~> 2.5.0)
-  rspec-rails (~> 2.5.0)
+  rspec-rails (~> 2.7.0)
   ruby-debug19
   simplecov (>= 0.3.8)
   sorcery (>= 0.1.0)!

data/spec/rails3/app/controllers/application_controller.rb

@@ -9,7 +9,7 @@ class ApplicationController < ActionController::Base
 
   def index
   end
-  
+
   def some_action
     render :nothing => true
   end
@@ -18,7 +18,7 @@ class ApplicationController < ActionController::Base
     @user = login(params[:username], params[:password])
     render :text => ""
   end
-  
+
   def test_auto_login
     @user = User.find(:first)
     auto_login(@user)
@@ -84,6 +84,14 @@ class ApplicationController < ActionController::Base
     login_at(:github)
   end
 
+  def login_at_test4
+    login_at(:google)
+  end
+
+  def login_at_test5
+    login_at(:liveid)
+  end
+
   def test_login_from
     if @user = login_from(:twitter)
       redirect_to "bla", :notice => "Success!"
@@ -108,6 +116,22 @@ class ApplicationController < ActionController::Base
     end
   end
 
+  def test_login_from4
+    if @user = login_from(:google)
+      redirect_to "bla", :notice => "Success!"
+    else
+      redirect_to "blu", :alert => "Failed!"
+    end
+  end
+
+  def test_login_from5
+    if @user = login_from(:liveid)
+      redirect_to "bla", :notice => "Success!"
+    else
+      redirect_to "blu", :alert => "Failed!"
+    end
+  end
+
   def test_create_from_provider
     provider = params[:provider]
     login_from(provider)

data/spec/rails3/spec/controller_oauth2_spec.rb

@@ -2,26 +2,45 @@ require File.expand_path(File.dirname(__FILE__) + '/spec_helper')
 require File.expand_path(File.dirname(__FILE__) + '/../../shared_examples/controller_oauth2_shared_examples')
 
 def stub_all_oauth2_requests!
-  @client = OAuth2::Client.new("key","secret", :site => "http://myapi.com")
-  OAuth2::Client.stub!(:new).and_return(@client)
-  @acc_token = OAuth2::AccessToken.new(@client, "asd", {})
-  @webby = @client.web_server
-  OAuth2::Strategy::WebServer.stub!(:new).and_return(@webby)
-  @webby.stub!(:get_access_token).and_return(@acc_token)
-  @acc_token.stub!(:get).and_return({"id"=>"123", "name"=>"Noam Ben Ari", "first_name"=>"Noam", "last_name"=>"Ben Ari", "link"=>"http://www.facebook.com/nbenari1", "hometown"=>{"id"=>"110619208966868", "name"=>"Haifa, Israel"}, "location"=>{"id"=>"106906559341067", "name"=>"Pardes Hanah, Hefa, Israel"}, "bio"=>"I'm a new daddy, and enjoying it!", "gender"=>"male", "email"=>"nbenari@gmail.com", "timezone"=>2, "locale"=>"en_US", "languages"=>[{"id"=>"108405449189952", "name"=>"Hebrew"}, {"id"=>"106059522759137", "name"=>"English"}, {"id"=>"112624162082677", "name"=>"Russian"}], "verified"=>true, "updated_time"=>"2011-02-16T20:59:38+0000"}.to_json)
+  web_server      = OAuth2::Strategy::WebServer.any_instance
+  access_token    = mock(OAuth2::AccessToken)
+  access_token.stub(:token_param=)
+  access_token.stub(:get).and_return({
+    "id"=>"123",
+    "name"=>"Noam Ben Ari",
+    "first_name"=>"Noam",
+    "last_name"=>"Ben Ari",
+    "link"=>"http://www.facebook.com/nbenari1",
+    "hometown"=>{"id"=>"110619208966868", "name"=>"Haifa, Israel"},
+    "location"=>{"id"=>"106906559341067", "name"=>"Pardes Hanah, Hefa, Israel"},
+    "bio"=>"I'm a new daddy, and enjoying it!",
+    "gender"=>"male",
+    "email"=>"nbenari@gmail.com",
+    "timezone"=>2,
+    "locale"=>"en_US",
+    "languages"=>[{"id"=>"108405449189952", "name"=>"Hebrew"}, {"id"=>"106059522759137", "name"=>"English"}, {"id"=>"112624162082677", "name"=>"Russian"}],
+    "verified"=>true,
+    "updated_time"=>"2011-02-16T20:59:38+0000"}.to_json)
+  web_server.stub(:get_access_token).and_return(access_token)
 end
 
 describe ApplicationController do
   before(:all) do
     ActiveRecord::Migrator.migrate("#{Rails.root}/db/migrate/external")
     sorcery_reload!([:external])
-    sorcery_controller_property_set(:external_providers, [:facebook, :github])
+    sorcery_controller_property_set(:external_providers, [:facebook, :github, :google, :liveid])
     sorcery_controller_external_property_set(:facebook, :key, "eYVNBjBDi33aa9GkA3w")
     sorcery_controller_external_property_set(:facebook, :secret, "XpbeSdCoaKSmQGSeokz5qcUATClRW5u08QWNfv71N8")
     sorcery_controller_external_property_set(:facebook, :callback_url, "http://blabla.com")
     sorcery_controller_external_property_set(:github, :key, "eYVNBjBDi33aa9GkA3w")
     sorcery_controller_external_property_set(:github, :secret, "XpbeSdCoaKSmQGSeokz5qcUATClRW5u08QWNfv71N8")
     sorcery_controller_external_property_set(:github, :callback_url, "http://blabla.com")
+    sorcery_controller_external_property_set(:google, :key, "eYVNBjBDi33aa9GkA3w")
+    sorcery_controller_external_property_set(:google, :secret, "XpbeSdCoaKSmQGSeokz5qcUATClRW5u08QWNfv71N8")
+    sorcery_controller_external_property_set(:google, :callback_url, "http://blabla.com")
+    sorcery_controller_external_property_set(:liveid, :key, "eYVNBjBDi33aa9GkA3w")
+    sorcery_controller_external_property_set(:liveid, :secret, "XpbeSdCoaKSmQGSeokz5qcUATClRW5u08QWNfv71N8")
+    sorcery_controller_external_property_set(:liveid, :callback_url, "http://blabla.com")
   end
 
   after(:all) do
@@ -43,7 +62,7 @@ describe ApplicationController do
       create_new_user
       get :login_at_test2
       response.should be_a_redirect
-      response.should redirect_to("http://myapi.com/oauth/authorize?client_id=key&redirect_uri=http%3A%2F%2Fblabla.com&scope=email%2Coffline_access&response_type=code")
+      response.should redirect_to("https://graph.facebook.com/oauth/authorize?client_id=#{::Sorcery::Controller::Config.facebook.key}&redirect_uri=http%3A%2F%2Fblabla.com&scope=email%2Coffline_access&response_type=code")
     end
 
     it "'login_from' logins if user exists" do
@@ -65,7 +84,7 @@ describe ApplicationController do
       create_new_user
       get :login_at_test3
       response.should be_a_redirect
-      response.should redirect_to("http://myapi.com/oauth/authorize?client_id=key&redirect_uri=http%3A%2F%2Fblabla.com&scope=&response_type=code")
+      response.should redirect_to("https://github.com/login/oauth/authorize?client_id=#{::Sorcery::Controller::Config.github.key}&redirect_uri=http%3A%2F%2Fblabla.com&scope=&response_type=code")
     end
 
     it "'login_from' logins if user exists (github)" do
@@ -82,6 +101,50 @@ describe ApplicationController do
       flash[:alert].should == "Failed!"
     end
 
+  # provider: google
+    it "login_at redirects correctly (google)" do
+      create_new_user
+      get :login_at_test4
+      response.should be_a_redirect
+      response.should redirect_to("https://accounts.google.com/o/oauth2/auth?client_id=#{::Sorcery::Controller::Config.google.key}&redirect_uri=http%3A%2F%2Fblabla.com&scope=https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fuserinfo.email%20https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fuserinfo.profile&response_type=code")
+    end
+
+    it "'login_from' logins if user exists (google)" do
+      sorcery_model_property_set(:authentications_class, Authentication)
+      create_new_external_user(:google)
+      get :test_login_from4
+      flash[:notice].should == "Success!"
+    end
+
+    it "'login_from' fails if user doesn't exist (google)" do
+      sorcery_model_property_set(:authentications_class, Authentication)
+      create_new_user
+      get :test_login_from4
+      flash[:alert].should == "Failed!"
+    end
+
+  # provider: liveid
+    it "login_at redirects correctly (liveid)" do
+      create_new_user
+      get :login_at_test5
+      response.should be_a_redirect
+      response.should redirect_to("https://oauth.live.com/authorize?client_id=#{::Sorcery::Controller::Config.liveid.key}&redirect_uri=http%3A%2F%2Fblabla.com&scope=wl.basic%20wl.emails%20wl.offline_access&response_type=code")
+    end
+
+    it "'login_from' logins if user exists (liveid)" do
+      sorcery_model_property_set(:authentications_class, Authentication)
+      create_new_external_user(:liveid)
+      get :test_login_from5
+      flash[:notice].should == "Success!"
+    end
+
+    it "'login_from' fails if user doesn't exist (liveid)" do
+      sorcery_model_property_set(:authentications_class, Authentication)
+      create_new_user
+      get :test_login_from5
+      flash[:alert].should == "Failed!"
+    end
+
   end
 
 
@@ -93,13 +156,20 @@ describe ApplicationController do
     before(:all) do
       ActiveRecord::Migrator.migrate("#{Rails.root}/db/migrate/activation")
       sorcery_reload!([:user_activation,:external], :user_activation_mailer => ::SorceryMailer)
-      sorcery_controller_property_set(:external_providers, [:facebook, :github])
+      sorcery_controller_property_set(:external_providers, [:facebook, :github, :google, :liveid])
       sorcery_controller_external_property_set(:facebook, :key, "eYVNBjBDi33aa9GkA3w")
       sorcery_controller_external_property_set(:facebook, :secret, "XpbeSdCoaKSmQGSeokz5qcUATClRW5u08QWNfv71N8")
       sorcery_controller_external_property_set(:facebook, :callback_url, "http://blabla.com")
       sorcery_controller_external_property_set(:github, :key, "eYVNBjBDi33aa9GkA3w")
       sorcery_controller_external_property_set(:github, :secret, "XpbeSdCoaKSmQGSeokz5qcUATClRW5u08QWNfv71N8")
       sorcery_controller_external_property_set(:github, :callback_url, "http://blabla.com")
+      sorcery_controller_external_property_set(:google, :key, "eYVNBjBDi33aa9GkA3w")
+      sorcery_controller_external_property_set(:google, :secret, "XpbeSdCoaKSmQGSeokz5qcUATClRW5u08QWNfv71N8")
+      sorcery_controller_external_property_set(:google, :callback_url, "http://blabla.com")
+      sorcery_controller_external_property_set(:liveid, :key, "eYVNBjBDi33aa9GkA3w")
+      sorcery_controller_external_property_set(:liveid, :secret, "XpbeSdCoaKSmQGSeokz5qcUATClRW5u08QWNfv71N8")
+      sorcery_controller_external_property_set(:liveid, :callback_url, "http://blabla.com")
+
     end
 
     after(:all) do
@@ -138,5 +208,35 @@ describe ApplicationController do
       @user.activate!
       ActionMailer::Base.deliveries.size.should == old_size
     end
+
+  # provider: google
+    it "should not send activation email to external users (google)" do
+      old_size = ActionMailer::Base.deliveries.size
+      create_new_external_user(:google)
+      ActionMailer::Base.deliveries.size.should == old_size
+    end
+
+    it "should not send external users an activation success email (google)" do
+      sorcery_model_property_set(:activation_success_email_method_name, nil)
+      create_new_external_user(:google)
+      old_size = ActionMailer::Base.deliveries.size
+      @user.activate!
+      ActionMailer::Base.deliveries.size.should == old_size
+    end
+
+  # provider: liveid
+    it "should not send activation email to external users (liveid)" do
+      old_size = ActionMailer::Base.deliveries.size
+      create_new_external_user(:liveid)
+      ActionMailer::Base.deliveries.size.should == old_size
+    end
+
+    it "should not send external users an activation success email (liveid)" do
+      sorcery_model_property_set(:activation_success_email_method_name, nil)
+      create_new_external_user(:liveid)
+      old_size = ActionMailer::Base.deliveries.size
+      @user.activate!
+      ActionMailer::Base.deliveries.size.should == old_size
+    end
   end
 end