stormpath-rails 1.0.0.beta.2 → 1.1.0.beta

data/bin/setup

@@ -0,0 +1,8 @@
+#!/bin/sh
+set -e
+
+# Install required gems
+bundle install
+
+# Set up database for the application that Clearance tests against
+RAILS_ENV=test bundle exec rake dummy:db:reset

data/config/initializers/assets.rb

@@ -0,0 +1 @@
+Rails.application.config.assets.precompile += %w( stormpath.css )

data/config/routes.rb

@@ -0,0 +1,16 @@
+Rails.application.routes.draw do
+  resource :session, controller: 'stormpath/rails/sessions', only: [:create]
+  resource :users, controller: 'stormpath/rails/users', only: :create
+  get    Stormpath::Rails.config.register.uri => 'stormpath/rails/users#new', as: 'sign_up'
+  get    '/verify'   => 'stormpath/rails/users#verify', as: 'verify'
+
+  get    Stormpath::Rails.config.login.uri => 'stormpath/rails/sessions#new', as: 'sign_in'
+  delete Stormpath::Rails.config.logout.uri => 'stormpath/rails/sessions#destroy', as: 'sign_out'
+  get    Stormpath::Rails.config.id_site.uri => 'stormpath/rails/sessions#redirect', as: 'redirect'
+  get    '/omniauth_login' => 'stormpath/rails/omniauth#create', as: 'omniauth_login' 
+
+  get    Stormpath::Rails.config.forgot_password.uri => 'stormpath/rails/passwords#forgot', as: 'forgot'
+  post   Stormpath::Rails.config.forgot_password.uri => 'stormpath/rails/passwords#forgot_send', as: 'forgot_send'
+  get    '/forgot/change' => 'stormpath/rails/passwords#forgot_change', as: 'forgot_change'
+  post   '/forgot/change/:account_url' => 'stormpath/rails/passwords#forgot_update', as: 'forgot_update'
+end

data/lib/generators/stormpath/install/install_generator.rb

@@ -0,0 +1,114 @@
+require 'rails/generators/base'
+require 'rails/generators/active_record'
+
+module Stormpath
+  module Generators
+    class InstallGenerator < ::Rails::Generators::Base
+      include ::Rails::Generators::Migration
+      source_root File.expand_path('../templates', __FILE__)
+
+      def create_stormpath_configuration_file
+        copy_file 'stormpath.rb', 'config/initializers/stormpath.rb'
+      end
+
+      def inject_stormpath_into_application_controller
+        inject_into_class(
+          'app/controllers/application_controller.rb',
+          ApplicationController,
+          "  include Stormpath::Rails::Controller\n"
+        )
+      end
+
+      def create_user_model
+        if File.exist?(destination_root + '/app/models/user.rb')
+          inject_into_file(
+            'app/models/user.rb',
+            "include Stormpath::Rails::User\n\n",
+            after: "class User < ActiveRecord::Base\n"
+          )
+        else
+          copy_file 'user.rb', 'app/models/user.rb'
+        end
+      end
+
+      def create_stormpath_migration
+        if user_table_exists?
+          create_add_columns_migration
+        else
+          copy_migration 'create_users.rb'
+        end
+      end
+
+      private
+
+      def create_add_columns_migration
+        return unless migration_needed?
+
+        config = {
+          new_columns: new_columns,
+          new_indexes: new_indexes
+        }
+
+        copy_migration('add_stormpath_to_users.rb', config)
+      end
+
+      def migration_needed?
+        new_columns.any? || new_indexes.any?
+      end
+
+      def new_columns
+        @new_columns ||= {
+          email: 't.string :email, null: false',
+          given_name: 't.string :given_name, null: false',
+          surname: 't.string :surname, null: false'
+        }.reject { |column| existing_users_columns.include?(column.to_s) }
+      end
+
+      def new_indexes
+        @new_indexes ||= {
+          index_users_on_email: 'add_index :users, :email'
+        }.reject { |index| existing_users_indexes.include?(index.to_s) }
+      end
+
+      def user_table_exists?
+        ActiveRecord::Base.connection.table_exists?(:users)
+      end
+
+      def copy_migration(migration_name, config = {})
+        return if migration_exists?(migration_name)
+        migration_template(
+          "db/migrate/#{migration_name}",
+          "db/migrate/#{migration_name}",
+          config
+        )
+      end
+
+      def migration_exists?(name)
+        existing_migrations.include?(name)
+      end
+
+      def existing_migrations
+        @existing_migrations ||= Dir.glob('db/migrate/*.rb').map do |file|
+          migration_name_without_timestamp(file)
+        end
+      end
+
+      def migration_name_without_timestamp(file)
+        file.sub(%r{^.*(db/migrate/)(?:\d+_)?}, '')
+      end
+
+      # for generating a timestamp when using `create_migration`
+      def self.next_migration_number(dir)
+        ActiveRecord::Generators::Base.next_migration_number(dir)
+      end
+
+      def existing_users_columns
+        ActiveRecord::Base.connection.columns(:users).map(&:name)
+      end
+
+      def existing_users_indexes
+        ActiveRecord::Base.connection.indexes(:users).map(&:name)
+      end
+    end
+  end
+end

data/lib/generators/stormpath/install/templates/db/migrate/add_stormpath_to_users.rb

@@ -0,0 +1,21 @@
+class AddStormpathToUsers < ActiveRecord::Migration
+  def self.up
+    change_table :users do |t|
+<% config[:new_columns].values.each do |column| -%>
+      <%= column %>
+<% end -%>
+    end
+
+<% config[:new_indexes].values.each do |index| -%>
+    <%= index %>
+<% end -%>
+  end
+
+  def self.down
+    change_table :users do |t|
+<% if config[:new_columns].any? -%>
+      t.remove <%= new_columns.keys.map { |column| ":#{column}" }.join(",") %>
+<% end -%>
+    end
+  end
+end

data/lib/generators/stormpath/install/templates/db/migrate/create_users.rb

@@ -0,0 +1,12 @@
+class CreateUsers < ActiveRecord::Migration
+  def change
+    create_table :users  do |t|
+      t.timestamps null: false
+      t.string :email, null: false
+      t.string :given_name, null: false
+      t.string :surname, null: false
+    end
+
+    add_index :users, :email
+  end
+end

data/lib/generators/stormpath/install/templates/stormpath.rb

@@ -0,0 +1,4 @@
+Stormpath::Rails.configure do |config|
+  config.api_key_file = ENV['STORMPATH_API_KEY_FILE_LOCATION']
+  config.application = ENV['STORMPATH_SDK_TEST_APPLICATION_URL']
+end

data/lib/generators/stormpath/install/templates/user.rb

@@ -0,0 +1,3 @@
+class User < ActiveRecord::Base
+  include Stormpath::Rails::User
+end

data/lib/generators/stormpath/routes/routes_generator.rb

@@ -0,0 +1,23 @@
+require 'rails/generators/base'
+
+module Stormpath
+  module Generators
+    class RoutesGenerator < ::Rails::Generators::Base
+      source_root File.expand_path('../templates', __FILE__)
+
+      def inject_stormpath_routes_into_application_routes
+        route(stormpath_routes)
+      end
+
+      private
+
+      def stormpath_routes
+        File.read(routes_file_path)
+      end
+
+      def routes_file_path
+        File.expand_path(find_in_source_paths('routes.rb'))
+      end
+    end
+  end
+end

data/lib/generators/stormpath/routes/templates/routes.rb

@@ -0,0 +1,5 @@
+resource :session, controller: 'stormpath/sessions', only: [:create]
+resource :users, controller: 'stormpath/users', only: :create
+get '/register' => 'stormpath/users#new', as: 'sign_up'
+get '/login' => 'stormpath/sessions#new', as: 'sign_in'
+delete '/sign_out' => 'stormpath/sessions#destroy', as: 'sign_out'

data/lib/generators/stormpath/views/USAGE

@@ -0,0 +1,11 @@
+Description:
+  Override the default stormpath views. This generator will copy all off the
+  base stormpath views into your project.
+
+Examples:
+    rails generate stormpath:views
+
+      View: app/views/sessions/_form.html.erb
+      View: app/views/sessions/new.html.erb
+      View: app/views/users/_form.html.erb
+      View: app/views/users/new.html.erb

data/lib/generators/stormpath/views/views_generator.rb

@@ -0,0 +1,29 @@
+require 'rails/generators/base'
+
+module Stormpath
+  module Generators
+    class ViewsGenerator < ::Rails::Generators::Base
+      source_root File.expand_path('../../../../..', __FILE__)
+
+      def create_views
+        views.each do |view|
+          copy_file view
+        end
+      end
+
+      private
+
+      def views
+        files_within_root('.', 'app/views/**/*.*')
+      end
+
+      def files_within_root(prefix, glob)
+        root = "#{self.class.source_root}/#{prefix}"
+
+        Dir["#{root}/#{glob}"].sort.map do |full_path|
+          full_path.sub(root, '.').gsub('/./', '/')
+        end
+      end
+    end
+  end
+end

data/lib/stormpath/rails/account.rb

@@ -1,120 +1,6 @@
-require 'active_support/concern'
-require "stormpath-sdk"
-
 module Stormpath
   module Rails
-    module Account
-      extend ActiveSupport::Concern
-
-      STORMPATH_FIELDS = [ :email, :password, :username, :given_name, :middle_name, :surname, :status ]
-
-      module ClassMethods
-        def authenticate username, password
-          account = Stormpath::Rails::Client.authenticate_account username, password
-          self.where(stormpath_url: account.href).first
-        end
-
-        def send_password_reset_email email
-          account = Stormpath::Rails::Client.send_password_reset_email email
-          self.where(stormpath_url: account.href).first
-        end
-
-        def verify_password_reset_token token
-          account = Stormpath::Rails::Client.verify_password_reset_token token
-          self.where(stormpath_url: account.href).first
-        end
-
-        def verify_account_email token
-          account = Stormpath::Rails::Client.verify_account_email token
-          self.where(stormpath_url: account.href).first
-        end
-      end
-
-      included do
-        #AR specific workaround
-        self.partial_updates = false if self.respond_to?(:partial_updates)
-
-        #Mongoid specific declaration
-        field(:stormpath_url, type: String) if self.respond_to?(:field)
-        index({ stormpath_url: 1 }, { unique: true }) if self.respond_to?(:index)
-
-        attr_accessor(*STORMPATH_FIELDS)
-        attr_accessible(*STORMPATH_FIELDS)
-
-        before_create :create_account_on_stormpath
-        before_update :update_account_on_stormpath
-        after_destroy :delete_account_on_stormpath
-
-        def stormpath_account
-          if stormpath_url
-            @stormpath_account ||= begin
-                                     Stormpath::Rails::Client.find_account(stormpath_url)
-                                   rescue Stormpath::Error => error
-                                     Stormpath::Rails.logger.warn "Error loading Stormpath account (#{error})"
-                                   end
-          end
-        end
-
-        def stormpath_pre_create_attrs
-          @stormpath_pre_create_attrs ||= {}
-        end
-
-        (STORMPATH_FIELDS - [:password]).each do |name|
-          define_method(name) do
-            if stormpath_account.present?
-              stormpath_account.send(name)
-            else
-              stormpath_pre_create_attrs[name]
-            end
-          end
-        end
-
-        STORMPATH_FIELDS.each do |name|
-          define_method("#{name}=") do |val|
-            if stormpath_account.present?
-              stormpath_account.send("#{name}=", val)
-            else
-              stormpath_pre_create_attrs[name] = val
-            end
-          end
-        end
-
-        def create_account_on_stormpath
-          begin
-            @stormpath_account = Stormpath::Rails::Client.create_account! stormpath_pre_create_attrs
-            stormpath_pre_create_attrs.clear
-            self.stormpath_url = @stormpath_account.href
-          rescue Stormpath::Error => error
-            self.errors[:base] << error.to_s
-            false
-          end
-        end
-
-        def update_account_on_stormpath
-          if self.stormpath_url.present?
-            begin
-              stormpath_account.save
-            rescue Stormpath::Error => error
-              self.errors[:base] << error.to_s
-              false
-            end
-          else
-            true
-          end
-        end
-
-        def delete_account_on_stormpath
-          if self.stormpath_url.present?
-            begin
-              stormpath_account.delete
-            rescue Stormpath::Error => error
-              Stormpath::Rails.logger.warn "Error destroying Stormpath account (#{error})"
-            end
-          else
-            true
-          end
-        end
-      end
+    class Account
     end
   end
-end
+end

data/lib/stormpath/rails/account_status.rb

@@ -0,0 +1,28 @@
+module Stormpath
+  module Rails
+    class AccountStatus
+      attr_accessor :response
+
+      def initialize(response)
+        @response = response
+      end
+
+      def success?
+        @response.instance_of? Stormpath::Resource::Account
+      end
+
+      def error_message
+        if @response.instance_of? String
+          return @response
+        else
+          ''
+        end
+      end
+
+      def account_url
+        return '' unless success?
+        @response.href.split('/').last
+      end
+    end
+  end
+end

data/lib/stormpath/rails/authentication.rb

@@ -0,0 +1,72 @@
+module Stormpath
+  module Rails
+    module Authentication
+      private
+
+      def create_stormpath_account(user)
+        Client.create_stormpath_account(user)
+      end
+
+      def authenticate(user)
+        Client.authenticate(user)
+      end
+
+      def reset_password(email)
+        Client.reset_password(email)
+      end
+
+      def verify_email_token(token)
+        Client.verify_email_token(token)
+      end
+
+      def create_omniauth_user(provider, access_token)
+        Client.create_omniauth_user(provider, access_token)
+      end
+
+      def find_or_create_user_from_account(account)
+        user = find_user_by_email(account.email)
+        return user if user
+
+        create_user_from_account(account)
+      end
+
+      def create_user_from_account(account)
+        user = ::User.new
+        user.email = account.email
+        user.given_name = account.given_name
+        user.surname = account.surname
+        user.save
+
+        user
+      end
+
+      def update_password(password, account)
+        Client.update_password(password, account)
+      end
+
+      def id_site_login_url
+        Client.id_site_url callback_uri: (request.base_url + configuration.id_site.uri)
+      end
+
+      def id_site_register_url
+        Client.id_site_url callback_uri: (request.base_url + configuration.id_site.uri), path: '/#register'
+      end
+
+      def handle_id_site_callback(url)
+        Client.handle_id_site_callback(url)
+      end
+
+      def configuration
+        Stormpath::Rails.config
+      end
+
+      def find_user_by_email(email)
+        configuration.user_model.find_user email
+      end
+
+      def find_user_by_id(id)
+        configuration.user_model.find(id)
+      end
+    end
+  end
+end

data/lib/stormpath/rails/authentication_status.rb

@@ -0,0 +1,22 @@
+module Stormpath
+  module Rails
+    class AuthenticationStatus
+
+      def initialize(response)
+        @response = response
+      end
+
+      def success?
+        @response.instance_of? Stormpath::Authentication::AuthenticationResult
+      end
+
+      def error_message
+        if @response.instance_of? String
+          return @response
+        else
+          ''
+        end
+      end
+    end
+  end
+end

data/lib/stormpath/rails/client.rb

@@ -1,99 +1,112 @@
-require "stormpath-sdk"
-
 module Stormpath
   module Rails
-    class ConfigurationError < StandardError; end
-
     class Client
       class << self
-        attr_accessor :connection, :root_application
+        attr_accessor :connection
       end
 
-      def self.authenticate_account(username, password)
-        auth_result = application.authenticate_account(
-          Stormpath::Authentication::UsernamePasswordRequest.new(username, password)
-        )
-        auth_result.account
-      end
+      def self.create_stormpath_account(user)
+        begin
+          result = application.accounts.create build_account(user)
+        rescue Stormpath::Error => error
+          result = error.message
+        end
 
-      def self.send_password_reset_email(email)
-        application.send_password_reset_email email
+        AccountStatus.new(result)
       end
 
-      def self.verify_password_reset_token(token)
-        application.verify_password_reset_token token
-      end
+      def self.authenticate(user)
+        begin
+          result = application.authenticate_account build_username_password_request(user)
+        rescue Stormpath::Error => error
+          result = error.message
+        end
 
-      def self.verify_account_email(token)
-        self.client.accounts.verify_email_token token
+        AuthenticationStatus.new(result)
       end
 
-      def self.create_account!(attributes)
-        self.application.accounts.create attributes
+      def self.reset_password(email)
+        begin
+          result = application.send_password_reset_email email
+        rescue Stormpath::Error => error
+          result = error.message
+        end
+
+        AccountStatus.new(result)
       end
 
-      def self.all_accounts
-        self.application.accounts
+      def self.verify_email_token(token)
+        begin
+          result = client.accounts.verify_email_token token
+        rescue Stormpath::Error => error
+          result = error.message
+        end
+
+        AccountStatus.new(result)
       end
 
-      def self.find_account(href)
-        self.client.accounts.get href
+      def self.handle_id_site_callback(url)
+        response = application.handle_id_site_callback(url)
+        client.accounts.get response.account_href
       end
 
-      def self.update_account!(href, attributes)
-        account = self.find_account href
-        attributes.each { |field, value| account.send("#{field}=", value) }
-        account.save
+      def self.id_site_url(options)
+        application.create_id_site_url callback_uri: options[:callback_uri], path: options[:path]
       end
 
-      def self.delete_account!(href)
-        self.client.accounts.get(href).delete
+      def self.account_params(user)
+        account_params = user.attributes.select do |k, v|
+          %W[given_name surname email username password].include?(k) && !v.nil?
+        end
+
+        account_params.merge!("password" => user.password) unless user.password.blank?
       end
 
-      def self.ds
-        self.client.data_store
+      def self.update_password(account, password)
+        begin
+          account = client.accounts.get account
+          account.password = password
+          result = account.save
+        rescue Stormpath::Error => error
+          result = error.message
+        end
+
+        AccountStatus.new(result)
       end
+      
+      def self.create_omniauth_user(provider, access_token)
+        request = Stormpath::Provider::AccountRequest.new(provider, :access_token, access_token)
+        application.get_provider_account(request)
+      end 
 
       def self.application
-        self.root_application ||= self.client.applications.get ENV["STORMPATH_APPLICATION_URL"]
+        self.client.applications.get Stormpath::Rails.config.application.href
       end
 
       def self.client
-        unless self.connection
-          if ENV['STORMPATH_URL'].nil? && ENV['STORMPATH_APPLICATION_URL'].nil?
-            raise ConfigurationError, 'Either STORMPATH_URL or STORMPATH_APPLICATION_URL must be set'
-          end
-
-          composite_url = ENV['STORMPATH_URL']
-
-          if composite_url
-            self.root_application = Stormpath::Resource::Application.load composite_url
-            self.connection = self.root_application.client
-          else
-            self.connection = Stormpath::Client.new client_options
-          end
-        end
-
-        self.connection
+        self.connection ||= Stormpath::Client.new(client_options)
       end
 
       def self.client_options
-        Hash.new.tap do |o|
-          set_if_not_empty(o, "api_key_file_location", ENV["STORMPATH_API_KEY_FILE_LOCATION"])
-          set_if_not_empty(o, "api_key_id_property_name", ENV["STORMPATH_API_KEY_ID_PROPERTY_NAME"])
-          set_if_not_empty(o, "api_key_secret_property_name", ENV["STORMPATH_API_KEY_SECRET_PROPERTY_NAME"])
-
-          o[:api_key] = {
-            id: ENV["STORMPATH_API_KEY_ID"],
-            secret: ENV["STORMPATH_API_KEY_SECRET"]
-          } unless ENV["STORMPATH_API_KEY_ID"].blank? or ENV["STORMPATH_API_KEY_SECRET"].blank?
+        if Stormpath::Rails.config.api_key.file_location_provided?
+          Hash.new.tap { |options| options[:api_key_file_location] = Stormpath::Rails.config.api_key.file }
+        else
+          Hash.new.tap do |options| 
+            options[:api_key] = {}
+            options[:api_key][:id] = Stormpath::Rails.config.api_key.id
+            options[:api_key][:secret] = Stormpath::Rails.config.api_key.secret
+          end
         end
       end
 
       private
 
-      def self.set_if_not_empty(object, property, value)
-        object[property.to_sym] = value unless value.blank?
+      def self.build_username_password_request(user)
+        Stormpath::Authentication::UsernamePasswordRequest.new user.email, user.password
+      end
+
+      def self.build_account(user)
+        Stormpath::Resource::Account.new account_params(user)
       end
     end
   end