stormpath-rails 0.4.4 → 1.0.0.beta

data/.gitignore

@@ -17,3 +17,4 @@ spec/reports
 test/tmp
 test/version_tmp
 tmp/
+spec/fixtures/vcr_cassettes

data/.ruby-gemset

@@ -0,0 +1 @@
+stormpath-rails

data/.ruby-version

@@ -0,0 +1 @@
+1.9.3-p429

data/.travis.yml

@@ -1,8 +1,27 @@
+---
 language: ruby
 rvm:
-  - 1.9.3
+- 1.9.3
 gemfile:
-  - Gemfile
+- Gemfile
 script: bundle exec rake spec
 services:
-  - mongodb
+- mongodb
+env:
+  global:
+  - secure: |-
+      TFLI7BpxBBSoVV5x/tyr1iCqcQHcbzJeQPSR67J32VWbMDjM3mA9mz4SERvK
+      j9VD7pEAknEBNpYUYdBR4Ut0m5/0F+XiX1eDOVMbfpmEefJ8e38CgGz7HZbu
+      KdaWJhxTL8k/efyvJ+/UVPyzM4M0ADdyZIoDCDgRhj6AG5DqDJs=
+  - secure: |-
+      eu8VkY1iR5RYHvOobDQ7Miz8aG894F/BR/zEH8c3gpIhs7kItkBy0SKEMi5J
+      A1yMlQsONU7aq6pbqiJEiBKSDWf9OOoFBxHYm46fop+xaLVLuuK484O9VzDW
+      P6lV6Z06LolZaZsc2ENKf+2qfoO1XdN9gMTWD7QkT4x6OgRWiok=
+  - secure: |-
+      fMUOQUfUNkEDWmx5d4vIMIbqTuHIX1lu1PmbUnR25hHN9JFZnroxSvsvUlvH
+      qB+GCk5q7kMuvqYC+Mbx0Ndb3NSuLSKYGYhHw/39ZyMPHgBhPKQyZuDiK3OJ
+      g3Pv8Ot3lScgATu1lm5EzoGfN3ZVlSgmg5PJOwsafVaRlAUaHz4=
+  - secure: |-
+      UDTunvFjUyTaLHPa3iNOVwdAg37FzfKHRYdOiUoPH3aNA6pOgrtQYzkbhbJA
+      chBcZBdD+SnEyY6PmI1NsLzcNrqBP3tdyH4c5vVy3KQAzc5TfU6RocWTrqRP
+      FQKm/r0cbpjdydkpEzOKMk77Y56g6MTEk5cGFZjYoqhGKdz66O0=

data/CHANGES.md

@@ -0,0 +1,11 @@
+stormpath-rails Changelog
+=========================
+
+Version 1.0.0.beta
+------------------
+
+Released on June 12, 2013
+
+- Removed YML-generator in favor of reading APPLICATION_URL from ENV
+- Allow flexible configuration of API key information (same as SDK client)
+- Using new SDK (1.0.0.beta) API

data/README.md

@@ -1,36 +1,88 @@
 [![Build Status](https://secure.travis-ci.org/stormpath/stormpath-rails.png)](http://travis-ci.org/stormpath/stormpath-rails)
 [![Code Climate](https://codeclimate.com/github/stormpath/stormpath-rails.png)](https://codeclimate.com/github/stormpath/stormpath-rails)
+# Stormpath Rails Gem
 
-# Ruby on Rails support for Stormpath
+Stormpath is the first easy, secure user management and authentication service for developers.
+This is the Rails gem to ease integration of its features with any Rails-based application.
 
-## Gem Setup
+## Setup
 
-Reference gem from Gemfile.
+1. Install the <code>stormpath-rails</code> gem, either via the command line:
 
-```ruby
-add gem 'stormpath-rails' to Gemfile
-```
+    ```
+    $ gem install stormpath-rails
+    ```
 
-Generate configuration file, then create directory per environment at stormpath and update stormpath.yml with corresponding directory hrefs.
+  or adding the gem to your [Bundler][bundler] Gemspec:
 
-```sh
-rails g stormpath:rails:install
-```
+    ```
+    gem 'stormpath-rails'
+    ```
+
+  or any other preferred dependency.
+
+2. Create a [Stormpath][stormpath] developer account and [create your API Keys][create-api-keys]
+  downloading the <code>apiKey.properties</code> file into a <code>.stormpath</code>
+  folder under your local home directory. So that the Rails gem knows where to find this file,
+  add an environment variable called STORMPATH\_API\_KEY\_FILE\_LOCATION whose value is the full
+  path to this new .properties file:
+
+    ```sh
+    export STORMPATH_API_KEY_FILE_LOCATION="/Users/john/.stormpath/apiKey.properties"
+    ```
 
+3. Create an application and a directory to store your users' accounts through the
+  [Stormpath Admin][stormpath-admin] interface. Make sure to add the newly-created
+  directory as a Login Source for your newly-created Application.
 
-Generate and run migration, if you're on ActiveRecord. Skip this step for Mongoid.
+4. Through the [Stormpath Admin][stormpath-admin] interface, note your application's REST URL.
+  You'll want to create an environment variable called STORMPATH\_APPLICATION\_URL whose value
+  is this URL.
+
+5. Generate and run migration, if you're on ActiveRecord. Skip this step for Mongoid.
+  ```sh
+  rails g stormpath:rails:migration user
+  rake db:migrate
+  ```
+
+6. Update your model file.
+  ```ruby
+  class User < ActiveRecord:Base
+    include Stormpath::Rails::Account
+  end
+  ```
+
+## Testing
+
+To run the test suite, simple run:
 
 ```sh
-rails g stormpath:rails:migration user
-rake db:migrate
+$ rake spec
 ```
 
-Update your model file.
+Note that this will make requests to the Stormpath API; you'll need to have set
+environment variables enabling the client to interact with your Stormpath
+account. You'll also need to have environment variables set that will enable
+the client to interact with a test directory and application.
+
+The test run will also generate a code-coverage report, viewable in the
+coverage subdirectory.
+
+## Contributing
+
+You can make your own contributions by forking the <code>development</code>
+branch, making your changes, and issuing pull-requests on the
+<code>development</code> branch.
+
+## Building the Gem
+
+To build and install the development branch yourself from the latest source:
 
-```ruby
-class User < ActiveRecord:Base
-  include Stormpath::Rails::Account
-end
+```
+$ git clone git@github.com:stormpath/stormpath-rails.git
+$ cd stormpath-rails
+$ rake gem
+$ gem install pkg/stormpath-rails-{version}.gem
 ```
 
 ## TODO
@@ -40,10 +92,16 @@ end
 + Preventive validation to not send invalid data to stormpath.
 + Solve n+1 request problem when requesting account collection.
 
-## Contributing
+## Copyright & Licensing
+
+Copyright &copy; 2012 Stormpath, Inc. and contributors.
+
+This project is licensed under the [Apache 2.0 Open Source License](http://www.apache.org/licenses/LICENSE-2.0).
+
+For additional information, please see the full [Project Documentation](https://www.stormpath.com/docs/ruby/product-guide).
 
-1. Fork it
-2. Create your feature branch (`git checkout -b my-new-feature`)
-3. Commit your changes (`git commit -am 'Add some feature'`)
-4. Push to the branch (`git push origin my-new-feature`)
-5. Create new Pull Request
+  [bundler]: http://gembundler.com/
+  [stormpath]: http://stormpath.com/
+  [create-api-keys]: http://www.stormpath.com/docs/ruby/product-guide#AssignAPIkeys
+  [stormpath_bootstrap]: https://github.com/stormpath/stormpath-sdk-ruby/wiki/Bootstrapping-Stormpath
+  [stormpath-admin]: https://api.stormpath.com/login

data/lib/stormpath/rails/account.rb

@@ -1,7 +1,5 @@
 require 'active_support/concern'
 require "stormpath-sdk"
-include Stormpath::Client
-include Stormpath::Resource
 
 module Stormpath
   module Rails
@@ -10,6 +8,28 @@ module Stormpath
 
       STORMPATH_FIELDS = [ :email, :password, :username, :given_name, :middle_name, :surname, :status ]
 
+      module ClassMethods
+        def authenticate username, password
+          account = Stormpath::Rails::Client.authenticate_account username, password
+          self.where(stormpath_url: account.href).first
+        end
+
+        def send_password_reset_email email
+          account = Stormpath::Rails::Client.send_password_reset_email email
+          self.where(stormpath_url: account.href).first
+        end
+
+        def verify_password_reset_token token
+          account = Stormpath::Rails::Client.verify_password_reset_token token
+          self.where(stormpath_url: account.href).first
+        end
+
+        def verify_account_email token
+          account = Stormpath::Rails::Client.verify_account_email token
+          self.where(stormpath_url: account.href).first
+        end
+      end
+
       included do
         #AR specific workaround
         self.partial_updates = false if self.respond_to?(:partial_updates)
@@ -18,48 +38,83 @@ module Stormpath
         field(:stormpath_url, type: String) if self.respond_to?(:field)
         index({ stormpath_url: 1 }, { unique: true }) if self.respond_to?(:index)
 
-        attr_accessor *STORMPATH_FIELDS
-        attr_accessible  *STORMPATH_FIELDS
+        attr_accessor(*STORMPATH_FIELDS)
+        attr_accessible(*STORMPATH_FIELDS)
 
-        after_initialize do |user|
-          return true unless user.stormpath_url
-          begin
-            account = Client.find_account(user.stormpath_url)
-            (STORMPATH_FIELDS - [:password]).each { |field| self.send("#{field}=", account.send("get_#{field}")) }
-          rescue ResourceError => error
-            Logger.new(STDERR).warn "Error loading Stormpath account (#{error})"
+        before_create :create_account_on_stormpath
+        before_update :update_account_on_stormpath
+        after_destroy :delete_account_on_stormpath
+
+        def stormpath_account
+          if stormpath_url
+            @stormpath_account ||= begin
+                                     Stormpath::Rails::Client.find_account(stormpath_url)
+                                   rescue Stormpath::Error => error
+                                     Stormpath::Rails.logger.warn "Error loading Stormpath account (#{error})"
+                                   end
           end
         end
 
-        before_create do
-          begin
-            account = Stormpath::Rails::Client.create_account!(Hash[*STORMPATH_FIELDS.map { |f| { f => self.send(f) } }.map(&:to_a).flatten])
-          rescue ResourceError => error
-            self.errors[:base] << error.to_s
-            return false
+        def stormpath_pre_create_attrs
+          @stormpath_pre_create_attrs ||= {}
+        end
+
+        (STORMPATH_FIELDS - [:password]).each do |name|
+          define_method(name) do
+            if stormpath_account.present?
+              stormpath_account.send(name)
+            else
+              stormpath_pre_create_attrs[name]
+            end
           end
-          self.stormpath_url = account.get_href
         end
 
-        before_update do
-          return true unless self.stormpath_url
+        STORMPATH_FIELDS.each do |name|
+          define_method("#{name}=") do |val|
+            if stormpath_account.present?
+              stormpath_account.send("#{name}=", val)
+            else
+              stormpath_pre_create_attrs[name] = val
+            end
+          end
+        end
+
+        def create_account_on_stormpath
           begin
-            Client.update_account!(self.stormpath_url, Hash[*STORMPATH_FIELDS.map { |f| { f => self.send(f) } }.map(&:to_a).flatten])
-          rescue ResourceError => error
+            @stormpath_account = Stormpath::Rails::Client.create_account! stormpath_pre_create_attrs
+            stormpath_pre_create_attrs.clear
+            self.stormpath_url = @stormpath_account.href
+          rescue Stormpath::Error => error
             self.errors[:base] << error.to_s
-            return false
+            false
           end
         end
 
-        after_destroy do
-          return true unless self.stormpath_url
-          begin
-            account = Client.delete_account!(self.stormpath_url)
-          rescue ResourceError => error
-            Logger.new(STDERR).warn "Error destroying Stormpath account (#{error})"
+        def update_account_on_stormpath
+          if self.stormpath_url.present?
+            begin
+              stormpath_account.save
+            rescue Stormpath::Error => error
+              self.errors[:base] << error.to_s
+              false
+            end
+          else
+            true
+          end
+        end
+
+        def delete_account_on_stormpath
+          if self.stormpath_url.present?
+            begin
+              stormpath_account.delete
+            rescue Stormpath::Error => error
+              Stormpath::Rails.logger.warn "Error destroying Stormpath account (#{error})"
+            end
+          else
+            true
           end
         end
       end
     end
   end
-end
+end

data/lib/stormpath/rails/client.rb

@@ -1,70 +1,99 @@
 require "stormpath-sdk"
-include Stormpath::Client
-include Stormpath::Resource
-include Stormpath::Authentication
 
 module Stormpath
   module Rails
+    class ConfigurationError < StandardError; end
+
     class Client
       class << self
-        attr_accessor :connection
+        attr_accessor :connection, :root_application
       end
 
-      def self.authenticate_account(login, password)
-        application = self.ds.get_resource Config[:stormpath_url], ::Application
-        auth_result = application.authenticate_account ::UsernamePasswordRequest.new(login, password)
-        auth_result.get_account
+      def self.authenticate_account(username, password)
+        auth_result = application.authenticate_account(
+          Stormpath::Authentication::UsernamePasswordRequest.new(username, password)
+        )
+        auth_result.account
       end
 
-      def self.send_password_reset_email(login_or_email)
-        application = self.ds.get_resource Config[:stormpath_url], ::Application
-        application.send_password_reset_email login_or_email
+      def self.send_password_reset_email(email)
+        application.send_password_reset_email email
       end
 
       def self.verify_password_reset_token(token)
-        application = self.ds.get_resource Config[:stormpath_url], ::Application
         application.verify_password_reset_token token
       end
 
       def self.verify_account_email(token)
-        self.client.current_tenant.verify_account_email token
+        self.client.accounts.verify_email_token token
       end
 
       def self.create_account!(attributes)
-        account = self.ds.instantiate ::Account
-        attributes.each { |field, value| account.send("set_#{field}", value) }
-        self.root_directory.create_account account
+        self.application.accounts.create attributes
       end
 
       def self.all_accounts
-        self.root_directory.get_accounts
+        self.application.accounts
       end
 
       def self.find_account(href)
-        self.ds.get_resource href, ::Account
+        self.client.accounts.get href
       end
 
       def self.update_account!(href, attributes)
-        account = self.ds.get_resource href, ::Account
-        attributes.each { |field, value| account.send("set_#{field}", value) }
+        account = self.find_account href
+        attributes.each { |field, value| account.send("#{field}=", value) }
         account.save
       end
 
       def self.delete_account!(href)
-        self.ds.delete self.ds.get_resource href, ::Account
-      end
-
-      def self.root_directory
-        self.ds.get_resource Config[:root], ::Directory
+        self.client.accounts.get(href).delete
       end
 
       def self.ds
         self.client.data_store
       end
 
+      def self.application
+        self.root_application ||= self.client.applications.get ENV["STORMPATH_APPLICATION_URL"]
+      end
+
       def self.client
-        self.connection ||= ::ClientApplicationBuilder.new.set_application_href(Config[:stormpath_url] || Config[:href]).build
-        self.connection.client
+        unless self.connection
+          if ENV['STORMPATH_URL'].nil? && ENV['STORMPATH_APPLICATION_URL'].nil?
+            raise ConfigurationError, 'Either STORMPATH_URL or STORMPATH_APPLICATION_URL must be set'
+          end
+
+          composite_url = ENV['STORMPATH_URL']
+
+          if composite_url
+            self.root_application = Stormpath::Resource::Application.load composite_url
+            self.connection = self.root_application.client
+          else
+            self.connection = Stormpath::Client.new client_options
+          end
+        end
+
+        self.connection
+      end
+
+      def self.client_options
+        Hash.new.tap do |o|
+          set_if_not_empty(o, "api_key_file_location", ENV["STORMPATH_API_KEY_FILE_LOCATION"])
+          set_if_not_empty(o, "api_key_id_property_name", ENV["STORMPATH_API_KEY_ID_PROPERTY_NAME"])
+          set_if_not_empty(o, "api_key_secret_property_name", ENV["STORMPATH_API_KEY_SECRET_PROPERTY_NAME"])
+
+          o[:api_key] = {
+            id: ENV["STORMPATH_API_KEY_ID"],
+            secret: ENV["STORMPATH_API_KEY_SECRET"]
+          } unless ENV["STORMPATH_API_KEY_ID"].blank? or ENV["STORMPATH_API_KEY_SECRET"].blank?
+        end
+      end
+
+      private
+
+      def self.set_if_not_empty(object, property, value)
+        object[property.to_sym] = value unless value.blank?
       end
     end
   end