strelka 0.0.1.pre148 → 0.0.1.pre177

data/lib/strelka/authprovider/basic.rb

@@ -0,0 +1,134 @@
+# -*- ruby -*-
+# vim: set nosta noet ts=4 sw=4:
+
+require 'configurability'
+
+require 'strelka' unless defined?( Strelka )
+require 'strelka/app' unless defined?( Strelka::App )
+require 'strelka/authprovider'
+require 'strelka/mixins'
+
+# HTTP Basic AuthProvider class -- a base class for RFC2617 Basic HTTP Authentication
+# providers for {the Streka :auth plugin}[rdoc-ref:Strelka::App::Auth].
+#
+# == Configuration
+#
+# The configuration for this provider is read from the 'auth' section of the config, and
+# may contain the following keys:
+#
+# [realm]::   the HTTP Basic realm. Defaults to the app's application ID
+# [users]::   a Hash of username: SHA1+Base64'ed passwords
+#
+# An example:
+#
+#   --
+#   auth:
+#     realm: Acme Admin Console
+#     users:
+#       mgranger: "9d5lIumnMJXmVT/34QrMuyj+p0E="
+#       jblack: "1pAnQNSVtpL1z88QwXV4sG8NMP8="
+#       kmurgen: "MZj9+VhZ8C9+aJhmwp+kWBL76Vs="
+#
+class Strelka::AuthProvider::Basic < Strelka::AuthProvider
+	extend Configurability,
+	       Strelka::MethodUtilities
+	include Strelka::Constants,
+	        Strelka::Loggable
+
+	# Configurability API - set the section of the config
+	config_key :auth
+
+
+	@users = nil
+	@realm = nil
+
+	##
+	# The Hash of users and their SHA1+Base64'ed passwords
+	singleton_attr_accessor :users
+
+	##
+	# The authentication realm
+	singleton_attr_accessor :realm
+
+
+	### Configurability API -- configure the auth provider instance.
+	def self::configure( config=nil )
+		if config
+			Strelka.log.debug "Configuring Basic authprovider: %p" % [ config ]
+			self.realm = config['realm'] if config['realm']
+			self.users = config['users'] if config['users']
+		else
+			self.realm = nil
+			self.users = {}
+		end
+	end
+
+
+	#################################################################
+	###	I N S T A N C E   M E T H O D S
+	#################################################################
+
+	### Create a new Default AuthProvider.
+	def initialize( * )
+		super
+
+		# Default the authentication realm to the application's ID
+		unless self.class.realm
+			self.log.warn "No realm configured -- using the app id"
+			self.class.realm = self.app.conn.app_id
+		end
+
+		unless self.class.users
+			self.log.warn "No users configured -- using an empty user list"
+			self.class.users = {}
+		end
+	end
+
+
+	######
+	public
+	######
+
+	# Check the authentication present in +request+ (if any) for validity, returning the
+	# authenticating user's name if authentication succeeds.
+	def authenticate( request )
+		authheader = request.header.authorization or
+			self.log_failure "No authorization header in the request."
+
+		# Extract the credentials bit
+		base64_userpass = authheader[ /^\s*Basic\s+(\S+)$/i, 1 ] or
+			self.log_failure "Invalid Basic Authorization header (%p)" % [ authheader ]
+
+		# Unpack the username and password
+		credentials = base64_userpass.unpack( 'm' ).first
+		self.log_failure "Malformed credentials %p" % [ credentials ] unless
+			credentials.index(':')
+
+		# Split the credentials, check for valid user
+		username, password = credentials.split( ':', 2 )
+		digest = self.class.users[ username ] or
+			self.log_failure "No such user %p." % [ username ]
+
+		# Fail if the password's hash doesn't match
+		self.log_failure "Password mismatch." unless
+			digest == Digest::SHA1.base64digest( password )
+
+		# Success!
+		self.log.info "Authentication for %p succeeded." % [ username ]
+		return username
+	end
+
+
+	#########
+	protected
+	#########
+
+	### Syntax sugar to allow returning 'false' while logging a reason for doing so.
+	### Log a message at 'info' level and return false.
+	def log_failure( reason )
+		self.log.warn "Auth failure: %s" % [ reason ]
+		header = "Basic realm=%s" % [ self.class.realm ]
+		finish_with( HTTP::AUTH_REQUIRED, "Requires authentication.", www_authenticate: header )
+	end
+
+end # class Strelka::AuthProvider::Basic

data/lib/strelka/authprovider/hostaccess.rb

@@ -0,0 +1,91 @@
+# -*- ruby -*-
+# vim: set nosta noet ts=4 sw=4:
+
+require 'ipaddr'
+require 'configurability'
+
+require 'strelka' unless defined?( Strelka )
+require 'strelka/app' unless defined?( Strelka::App )
+require 'strelka/authprovider'
+require 'strelka/mixins'
+
+# HostAccess AuthProvider class -- restricts access to requests coming from a list of
+# netblocks.
+#
+# You can configure which ones from the +auth+ section of the config:
+#
+#   auth:
+#     allowed_netblocks:
+#     - 127.0.0.0/8
+#     - 10.5.3.0/22
+class Strelka::AuthProvider::HostAccess < Strelka::AuthProvider
+	include Configurability,
+	        Strelka::Constants,
+	        Strelka::Loggable,
+	        Strelka::MethodUtilities
+
+
+	# The default list of netblocks to allow
+	DEFAULT_ALLOWED_NETBLOCKS = %w[127.0.0.0/8]
+
+
+	#################################################################
+	###	I N S T A N C E   M E T H O D S
+	#################################################################
+
+	### Create a new Default AuthProvider.
+	def initialize( * )
+		super
+
+		self.allowed_netblocks = DEFAULT_ALLOWED_NETBLOCKS
+
+		# Register this instance with Configurability
+		config_key :auth
+	end
+
+
+	######
+	public
+	######
+
+	# An Array of IPAddr objects that represent the netblocks that will be allowed
+	# access to the protected resources
+	attr_reader :allowed_netblocks
+
+
+	### Set the list of allowed netblocks to +newblocks+.
+	def allowed_netblocks=( newblocks )
+		@allowed_netblocks = Array( newblocks ).map {|addr| IPAddr.new(addr) }
+	end
+
+
+	### Configurability API -- configure the auth provider instance.
+	def configure( config=nil )
+		self.log.debug "Configuring %p with config: %p" % [ self, config ]
+		if config && config['allowed_netblocks']
+			self.allowed_netblocks = config['allowed_netblocks']
+		else
+			self.allowed_netblocks = DEFAULT_ALLOWED_NETBLOCKS
+		end
+	end
+
+
+	### Check authorization for the specified +request+ by testing its the IP in its
+	### X-forwarded-for header against the allowed_netblocks.
+	def authorize( _, request )
+		client_ip = request.header.x_forwarded_for or
+			raise "No X-Forwarded-For header?!"
+		addr = IPAddr.new( client_ip )
+
+		return true if self.in_allowed_netblocks?( addr )
+
+		return false
+	end
+
+
+	### Returns +true+ if the given +ipaddr+ is in the #allowed_netblocks.
+	def in_allowed_netblocks?( ipaddr )
+		return self.allowed_netblocks.any? {|nb| nb.include?(ipaddr) }
+	end
+
+end # class Strelka::AuthProvider::HostAccess

data/lib/strelka/authprovider.rb

@@ -0,0 +1,122 @@
+# -*- ruby -*-
+# vim: set nosta noet ts=4 sw=4:
+# encoding: utf-8
+
+require 'pluginfactory'
+
+require 'strelka' unless defined?( Strelka )
+require 'strelka/mixins'
+
+
+# This is the abstract base class for authentication and/or authorization providers
+# for the {:auth plugin}[Strelka::App::Auth].
+#
+# To define your own session type, you'll need to inherit this class (either
+# directly or via a subclass), name it <tt>Strelka::AuthProvider::{Something}</tt>,
+# save it in a file named <tt>strelka/authprovider/{something}.rb</tt>, and
+# override the required methods.
+#
+# Which methods you'll need to provide implementations for depends on whether
+# your provider provides *authentication*, *authorization*, or both.
+#
+# == Authentication Providers
+#
+# Authentication providers should override either one or both of the following methods,
+# depending on whether they will provide 
+#
+# * #[]
+# * #[]=
+# * #save
+# * #delete
+# * #key?
+# * #namespace=
+# * #namespace
+#
+# These methods provide basic functionality, but you might find it more efficient
+# to override them:
+#
+# * self.load_or_create
+# * self.load
+#
+#
+class Strelka::AuthProvider
+	extend Strelka::Delegation
+	include PluginFactory,
+	        Strelka::Loggable,
+	        Strelka::Constants,
+			Strelka::AbstractClass
+
+
+	### PluginFactory API -- return the Array of directories to search for concrete
+	### AuthProvider classes.
+	def self::derivative_dirs
+		return ['strelka/authprovider']
+	end
+
+
+	#################################################################
+	###	I N S T A N C E   M E T H O D S
+	#################################################################
+
+	### Create a new AuthProvider for the given +app+.
+	def initialize( app )
+		@app = app
+	end
+
+
+	######
+	public
+	######
+
+	##
+	# The Strelka::App that the AuthProvider belongs to.
+	attr_reader :app
+
+
+	### You should override this method if you want to authenticate the +request+. It should
+	### return a credentials object if authentication is successful, or throw an auth_required
+	### response if it fails.
+	def authenticate( request )
+		self.log.debug "No authentication provided, returning anonymous credentials."
+		return 'anonymous'
+	end
+
+
+	### If the +callback+ is set, call it with the specified +credentials+, and +request. Override this in
+	### your own AuthProvider to provide +additional_arguments+ to the +callback+, and/or to provide
+	### additional generic authorization.
+	def authorize( credentials, request, *additional_arguments, &callback )
+		return true unless callback
+		return true if callback.call( credentials, request, *additional_arguments )
+		self.require_authorization
+	end
+
+
+	#########
+	protected
+	#########
+
+	### Throw a 401 (Unauthorized) response with the specified +challenge+ as the
+	### www-Authenticate header.
+	def require_authentication( challenge )
+		finish_with( HTTP::AUTH_REQUIRED, "Requires authentication.", www_authenticate: challenge )
+	end
+
+
+	### Throw a 403 (Forbidden) response with the specified +message+.
+	def require_authorization( message="You are not authorized to access this resource." )
+		finish_with( HTTP::FORBIDDEN, message )
+	end
+
+
+	### Abort the current execution and return a response with the specified
+	### http_status code immediately. The specified +message+ will be logged,
+	### and will be included in any message that is returned as part of the
+	### response. The +headers+ hash will be used to set response headers.
+	def finish_with( http_status, message, headers={} )
+		status_info = { :status => http_status, :message => message, :headers => headers }
+		throw :finish, status_info
+	end
+
+end # class Strelka::AuthProvider
+

data/lib/strelka/cookie.rb

@@ -24,7 +24,7 @@ class Strelka::Cookie
 	include Strelka::Loggable
 
 	# The format of the date field
-	COOKIE_DATE_FORMAT = '%a, %d-%b-%Y %H:%M:%S GMT'
+	COOKIE_DATE_FORMAT = '%a, %d %b %Y %H:%M:%S GMT'
 
 	### RFC 2109: HTTP State Management Mechanism
 	# When it sends a request to an origin server, the user agent sends a

data/lib/strelka/cookieset.rb

@@ -82,7 +82,7 @@ class Strelka::CookieSet
 
 
 	### Index set operator method: set the cookie that corresponds to the given +name+
-	### to +value+. If +value+ is not an Strelka::Cookie, one with be created and its
+	### to +value+. If +value+ is not an Strelka::Cookie, one is created and its
 	### value set to +value+.
 	def []=( name, value )
 		value = Strelka::Cookie.new( name.to_s, value ) unless value.is_a?( Strelka::Cookie )

data/lib/strelka/httprequest/auth.rb

@@ -0,0 +1,31 @@
+#!/usr/bin/env ruby
+
+require 'strelka/constants'
+require 'strelka/httprequest' unless defined?( Strelka::HTTPRequest )
+
+
+# The mixin that adds methods to Strelka::HTTPRequest for 
+# authentication/authorization.
+module Strelka::HTTPRequest::Auth
+	include Strelka::Constants
+
+
+	### Extension callback -- add instance variables to extended objects.
+	def initialize( * )
+		super
+		@authenticated_user = nil
+	end
+
+
+	######
+	public
+	######
+
+	# The current session namespace
+	attr_accessor :authenticated_user
+	alias_method :authenticated?, :authenticated_user
+
+
+end # module Strelka::HTTPRequest::Auth
+
+

data/lib/strelka/logging.rb

@@ -117,12 +117,68 @@ module Strelka::Logging
 				return self.format % args
 			end
 		end
-	end # class LogFormatter
+	end # class Formatter
 
 
 	# A ANSI-colorized formatter for Logger instances.
 	class ColorFormatter < Logger::Formatter
-		extend Strelka::ANSIColorUtilities
+
+		# Set some ANSI escape code constants (Shamelessly stolen from Perl's
+		# Term::ANSIColor by Russ Allbery <rra@stanford.edu> and Zenin <zenin@best.com>
+		ANSI_ATTRIBUTES = {
+			'clear'      => 0,
+			'reset'      => 0,
+			'bold'       => 1,
+			'dark'       => 2,
+			'underline'  => 4,
+			'underscore' => 4,
+			'blink'      => 5,
+			'reverse'    => 7,
+			'concealed'  => 8,
+
+			'black'      => 30,   'on_black'   => 40,
+			'red'        => 31,   'on_red'     => 41,
+			'green'      => 32,   'on_green'   => 42,
+			'yellow'     => 33,   'on_yellow'  => 43,
+			'blue'       => 34,   'on_blue'    => 44,
+			'magenta'    => 35,   'on_magenta' => 45,
+			'cyan'       => 36,   'on_cyan'    => 46,
+			'white'      => 37,   'on_white'   => 47
+		}
+
+
+		### Create a string that contains the ANSI codes specified and return it
+		def self::ansi_code( *attributes )
+			attributes.flatten!
+			attributes.collect! {|at| at.to_s }
+			return '' unless /(?:vt10[03]|xterm(?:-color)?|linux|screen)/i =~ ENV['TERM']
+			attributes = ANSI_ATTRIBUTES.values_at( *attributes ).compact.join(';')
+
+			if attributes.empty?
+				return ''
+			else
+				return "\e[%sm" % attributes
+			end
+		end
+
+
+		### Colorize the given +string+ with the specified +attributes+ and
+		### return it, handling line-endings, color reset, etc.
+		def self::colorize( *args )
+			string = ''
+
+			if block_given?
+				string = yield
+			else
+				string = args.shift
+			end
+
+			ending = string[/(\s)$/] || ''
+			string = string.rstrip
+
+			return self.ansi_code( args.flatten ) + string + self.ansi_code( 'reset' ) + ending
+		end
+
 
 		# Color settings
 		LEVEL_FORMATS = {
@@ -169,7 +225,8 @@ module Strelka::Logging
 
 			return self.settings[ severity.downcase.to_sym ] % args
 		end
-	end # class LogFormatter
+
+	end # class Formatter
 
 
 	# An alternate formatter for Logger instances that outputs +div+ HTML
@@ -216,9 +273,9 @@ module Strelka::Logging
 				time.usec,                                                    # %2$d
 				Process.pid,                                                  # %3$d
 				Thread.current == Thread.main ? 'main' : Thread.object_id,    # %4$s
-				severity.downcase,                                            # %5$s
+				severity.downcase,                                                     # %5$s
 				progname,                                                     # %6$s
-				html_escape( msg ).gsub(/\n/, '<br />')                       # %7$s
+				escape_html( msg ).gsub(/\n/, '<br />')                       # %7$s
 			]
 
 			return self.format % args
@@ -229,18 +286,16 @@ module Strelka::Logging
 		private
 		#######
 
-		### Return a copy of the specified +string+ with HTML special characters escaped as
-		### HTML entities.
-		def html_escape( string )
+		### Escape any HTML special characters in +string+.
+		def escape_html( string )
 			return string.
-				gsub( /&/, '&amp;' ).
-				gsub( /</, '&lt;' ).
-				gsub( />/, '&gt;' )
+				gsub( '&', '&amp;' ).
+				gsub( '<', '&lt;'  ).
+				gsub( '>', '&gt;'  )
 		end
 
-	end # class HtmlLogFormatter
+	end # class HtmlFormatter
 
-end # module Strelka
 
-# vim: set nosta noet ts=4 sw=4:
+end # module Strelka
 

data/lib/strelka/mixins.rb

@@ -10,7 +10,17 @@ require 'strelka/constants'
 
 module Strelka
 
-	# Add logging to a Strelka class. Including classes get #log and #log_debug methods.
+	# Add logging to a Strelka class. Including classes get #log and
+	# #log_debug methods.
+	#
+	#   class MyClass
+	#       include Inversion::Loggable
+	#
+	#       def a_method
+	#           self.log.debug "Doing a_method stuff..."
+	#       end
+	#   end
+	#
 	module Loggable
 
 		# A logging proxy class that wraps calls to the logger into calls that include
@@ -75,70 +85,6 @@ module Strelka
 
 	end # module Loggable
 
-	# A collection of ANSI color utility functions
-	module ANSIColorUtilities
-
-		# Set some ANSI escape code constants (Shamelessly stolen from Perl's
-		# Term::ANSIColor by Russ Allbery <rra@stanford.edu> and Zenin <zenin@best.com>
-		ANSI_ATTRIBUTES = {
-			'clear'      => 0,
-			'reset'      => 0,
-			'bold'       => 1,
-			'dark'       => 2,
-			'underline'  => 4,
-			'underscore' => 4,
-			'blink'      => 5,
-			'reverse'    => 7,
-			'concealed'  => 8,
-
-			'black'      => 30,   'on_black'   => 40,
-			'red'        => 31,   'on_red'     => 41,
-			'green'      => 32,   'on_green'   => 42,
-			'yellow'     => 33,   'on_yellow'  => 43,
-			'blue'       => 34,   'on_blue'    => 44,
-			'magenta'    => 35,   'on_magenta' => 45,
-			'cyan'       => 36,   'on_cyan'    => 46,
-			'white'      => 37,   'on_white'   => 47
-		}
-
-		###############
-		module_function
-		###############
-
-		### Create a string that contains the ANSI codes specified and return it
-		def ansi_code( *attributes )
-			attributes.flatten!
-			attributes.collect! {|at| at.to_s }
-			return '' unless /(?:vt10[03]|xterm(?:-color)?|linux|screen)/i =~ ENV['TERM']
-			attributes = ANSI_ATTRIBUTES.values_at( *attributes ).compact.join(';')
-
-			if attributes.empty?
-				return ''
-			else
-				return "\e[%sm" % attributes
-			end
-		end
-
-
-		### Colorize the given +string+ with the specified +attributes+ and return it, handling
-		### line-endings, color reset, etc.
-		def colorize( *args )
-			string = ''
-
-			if block_given?
-				string = yield
-			else
-				string = args.shift
-			end
-
-			ending = string[/(\s)$/] || ''
-			string = string.rstrip
-
-			return ansi_code( args.flatten ) + string + ansi_code( 'reset' ) + ending
-		end
-
-	end # module ANSIColorUtilities
-
 
 	# Hides your class's ::new method and adds a +pure_virtual+ method generator for
 	# defining API methods. If subclasses of your class don't provide implementations of
@@ -244,6 +190,17 @@ module Strelka
 		end
 
 
+		### Define the given +delegated_methods+ as delegators to the like-named class
+		### method.
+		def def_class_delegators( *delegated_methods )
+			delegated_methods.each do |name|
+				define_method( name ) do |*args|
+					self.class.__send__( name, *args )
+				end
+			end
+		end
+
+
 		#######
 		private
 		#######
@@ -296,6 +253,10 @@ module Strelka
 
 	# A collection of miscellaneous functions that are useful for manipulating
 	# complex data structures.
+	#
+	#   include Strelka::DataUtilities
+	#   newhash = deep_copy( oldhash )
+	#
 	module DataUtilities
 
 		###############
@@ -331,6 +292,15 @@ module Strelka
 
 
 	# A collection of methods for declaring other methods.
+	#
+	#   class MyClass
+	#       include Strelka::MethodUtilities
+	#
+	#       singleton_attr_accessor :types
+	#   end
+	#
+	#   MyClass.types = [ :pheno, :proto, :stereo ]
+	#
 	module MethodUtilities
 
 		### Creates instance variables and corresponding methods that return their