vigetlabs-garb 0.2.2 → 0.2.3
Sign up to get free protection for your applications and to get access to all the features.
- data/README.md +14 -1
- data/lib/garb/authentication_request.rb +11 -12
- data/lib/garb/session.rb +4 -4
- data/lib/garb/version.rb +1 -1
- data/test/fixtures/cacert.pem +67 -0
- data/test/unit/authentication_request_test.rb +38 -18
- data/test/unit/session_test.rb +10 -2
- metadata +3 -1
data/README.md
CHANGED
@@ -8,7 +8,7 @@ garb
|
|
8
8
|
Changes
|
9
9
|
=======
|
10
10
|
|
11
|
-
Version 0.2.0 makes major changes to the way garb is used to build reports.
|
11
|
+
Version 0.2.0 makes major changes (compared to 0.1.0) to the way garb is used to build reports.
|
12
12
|
There is now both a module that gets included for generating defined classes.
|
13
13
|
As well as, slight changes to the way that the Report class can be used.
|
14
14
|
|
@@ -131,6 +131,19 @@ Filtering
|
|
131
131
|
|
132
132
|
report.filters << {:request_uri.eql => '/extend/effectively-using-git-with-subversion/'}
|
133
133
|
|
134
|
+
SSL
|
135
|
+
---
|
136
|
+
|
137
|
+
Version 0.2.3 includes support for real ssl encryption for authentication. First do:
|
138
|
+
|
139
|
+
Garb::Session.login(username, password, :secure => true)
|
140
|
+
|
141
|
+
Next, be sure to download http://curl.haxx.se/ca/cacert.pem into your application somewhere.
|
142
|
+
Then, define a constant CA_CERT_FILE and point to that file.
|
143
|
+
|
144
|
+
For whatever reason, simply create a new certificate store and setting the defaults would
|
145
|
+
not validate the google ssl certificate as authentic.
|
146
|
+
|
134
147
|
TODOS
|
135
148
|
-----
|
136
149
|
|
@@ -23,31 +23,30 @@ module Garb
|
|
23
23
|
URI.parse(URL)
|
24
24
|
end
|
25
25
|
|
26
|
-
def send_request
|
26
|
+
def send_request(ssl_mode)
|
27
27
|
http = Net::HTTP.new(uri.host, uri.port)
|
28
28
|
http.use_ssl = true
|
29
|
-
http.verify_mode =
|
30
|
-
|
29
|
+
http.verify_mode = ssl_mode
|
30
|
+
|
31
|
+
if ssl_mode == OpenSSL::SSL::VERIFY_PEER
|
32
|
+
http.ca_file = CA_CERT_FILE
|
33
|
+
end
|
34
|
+
|
31
35
|
http.request(build_request) do |response|
|
32
36
|
raise AuthError unless response.is_a?(Net::HTTPOK)
|
33
37
|
end
|
34
38
|
end
|
35
39
|
|
36
|
-
def cert_store
|
37
|
-
store = OpenSSL::X509::Store.new
|
38
|
-
store.set_default_paths
|
39
|
-
store
|
40
|
-
end
|
41
|
-
|
42
40
|
def build_request
|
43
41
|
post = Net::HTTP::Post.new(uri.path)
|
44
42
|
post.set_form_data(parameters)
|
45
43
|
post
|
46
44
|
end
|
47
45
|
|
48
|
-
def auth_token
|
49
|
-
|
46
|
+
def auth_token(opts={})
|
47
|
+
ssl_mode = opts[:secure] ? OpenSSL::SSL::VERIFY_PEER : OpenSSL::SSL::VERIFY_NONE
|
48
|
+
send_request(ssl_mode).body.match(/^Auth=(.*)$/)[1]
|
50
49
|
end
|
51
|
-
|
50
|
+
|
52
51
|
end
|
53
52
|
end
|
data/lib/garb/session.rb
CHANGED
@@ -1,16 +1,16 @@
|
|
1
1
|
module Garb
|
2
2
|
class Session
|
3
3
|
|
4
|
-
def self.login(email, password)
|
4
|
+
def self.login(email, password, opts={})
|
5
5
|
@email = email
|
6
6
|
auth_request = AuthenticationRequest.new(email, password)
|
7
|
-
@auth_token = auth_request.auth_token
|
7
|
+
@auth_token = auth_request.auth_token(opts)
|
8
8
|
end
|
9
|
-
|
9
|
+
|
10
10
|
def self.auth_token
|
11
11
|
@auth_token
|
12
12
|
end
|
13
|
-
|
13
|
+
|
14
14
|
def self.email
|
15
15
|
@email
|
16
16
|
end
|
data/lib/garb/version.rb
CHANGED
@@ -0,0 +1,67 @@
|
|
1
|
+
##
|
2
|
+
## cacert.pem-foo -- Bundle of CA Root Certificates
|
3
|
+
##
|
4
|
+
## Converted at: Thu Mar 26 21:23:06 2009 UTC
|
5
|
+
##
|
6
|
+
## This is a bundle of X.509 certificates of public Certificate Authorities
|
7
|
+
## (CA). These were automatically extracted from Mozilla's root certificates
|
8
|
+
## file (certdata.txt). This file can be found in the mozilla source tree:
|
9
|
+
## '/mozilla/security/nss/lib/ckfw/builtins/certdata.txt'
|
10
|
+
##
|
11
|
+
## It contains the certificates in PEM format and therefore
|
12
|
+
## can be directly used with curl / libcurl / php_curl, or with
|
13
|
+
## an Apache+mod_ssl webserver for SSL client authentication.
|
14
|
+
## Just configure this file as the SSLCACertificateFile.
|
15
|
+
##
|
16
|
+
|
17
|
+
# ***** BEGIN LICENSE BLOCK *****
|
18
|
+
# Version: MPL 1.1/GPL 2.0/LGPL 2.1
|
19
|
+
#
|
20
|
+
# The contents of this file are subject to the Mozilla Public License Version
|
21
|
+
# 1.1 (the "License"); you may not use this file except in compliance with
|
22
|
+
# the License. You may obtain a copy of the License at
|
23
|
+
# http://www.mozilla.org/MPL/
|
24
|
+
#
|
25
|
+
# Software distributed under the License is distributed on an "AS IS" basis,
|
26
|
+
# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
|
27
|
+
# for the specific language governing rights and limitations under the
|
28
|
+
# License.
|
29
|
+
#
|
30
|
+
# The Original Code is the Netscape security libraries.
|
31
|
+
#
|
32
|
+
# The Initial Developer of the Original Code is
|
33
|
+
# Netscape Communications Corporation.
|
34
|
+
# Portions created by the Initial Developer are Copyright (C) 1994-2000
|
35
|
+
# the Initial Developer. All Rights Reserved.
|
36
|
+
#
|
37
|
+
# Contributor(s):
|
38
|
+
#
|
39
|
+
# Alternatively, the contents of this file may be used under the terms of
|
40
|
+
# either the GNU General Public License Version 2 or later (the "GPL"), or
|
41
|
+
# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
|
42
|
+
# in which case the provisions of the GPL or the LGPL are applicable instead
|
43
|
+
# of those above. If you wish to allow use of your version of this file only
|
44
|
+
# under the terms of either the GPL or the LGPL, and not to allow others to
|
45
|
+
# use your version of this file under the terms of the MPL, indicate your
|
46
|
+
# decision by deleting the provisions above and replace them with the notice
|
47
|
+
# and other provisions required by the GPL or the LGPL. If you do not delete
|
48
|
+
# the provisions above, a recipient may use your version of this file under
|
49
|
+
# the terms of any one of the MPL, the GPL or the LGPL.
|
50
|
+
#
|
51
|
+
# ***** END LICENSE BLOCK *****
|
52
|
+
# @(#) $RCSfile: certdata.txt,v $ $Revision: 1.51 $ $Date: 2009/01/15 22:35:15 $
|
53
|
+
|
54
|
+
Verisign/RSA Secure Server CA
|
55
|
+
=============================
|
56
|
+
-----BEGIN CERTIFICATE-----
|
57
|
+
MIICNDCCAaECEAKtZn5ORf5eV288mBle3cAwDQYJKoZIhvcNAQECBQAwXzELMAkGA1UEBhMCVVMx
|
58
|
+
IDAeBgNVBAoTF1JTQSBEYXRhIFNlY3VyaXR5LCBJbmMuMS4wLAYDVQQLEyVTZWN1cmUgU2VydmVy
|
59
|
+
IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTk0MTEwOTAwMDAwMFoXDTEwMDEwNzIzNTk1OVow
|
60
|
+
XzELMAkGA1UEBhMCVVMxIDAeBgNVBAoTF1JTQSBEYXRhIFNlY3VyaXR5LCBJbmMuMS4wLAYDVQQL
|
61
|
+
EyVTZWN1cmUgU2VydmVyIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIGbMA0GCSqGSIb3DQEBAQUA
|
62
|
+
A4GJADCBhQJ+AJLOesGugz5aqomDV6wlAXYMra6OLDfO6zV4ZFQD5YRAUcm/jwjiioII0haGN1Xp
|
63
|
+
sSECrXZogZoFokvJSyVmIlZsiAeP94FZbYQHZXATcXY+m3dM41CJVphIuR2nKRoTLkoRWZweFdVJ
|
64
|
+
VCxzOmmCsZc5nG1wZ0jl3S3WyB57AgMBAAEwDQYJKoZIhvcNAQECBQADfgBl3X7hsuyw4jrg7HFG
|
65
|
+
mhkRuNPHoLQDQCYCPgmc4RKz0Vr2N6W3YQO2WxZpO8ZECAyIUwxrl0nHPjXcbLm7qt9cuzovk2C2
|
66
|
+
qUtN8iD3zV9/ZHuO3ABc1/p3yjkWWW8O6tO1g39NTUJWdrTJXwT4OPjr0l91X817/OWOgHz8UA==
|
67
|
+
-----END CERTIFICATE-----
|
@@ -1,5 +1,7 @@
|
|
1
1
|
require File.join(File.dirname(__FILE__), '..', '/test_helper')
|
2
2
|
|
3
|
+
CA_CERT_FILE = File.join(File.dirname(__FILE__), '..', '/cacert.pem')
|
4
|
+
|
3
5
|
module Garb
|
4
6
|
class AuthenticationRequestTest < Test::Unit::TestCase
|
5
7
|
|
@@ -25,22 +27,37 @@ module Garb
|
|
25
27
|
assert_equal URI.parse('https://www.google.com/accounts/ClientLogin'), @request.uri
|
26
28
|
end
|
27
29
|
|
28
|
-
should "be able to send a request to the GAAPI service" do
|
30
|
+
should "be able to send a request to the GAAPI service with proper ssl" do
|
29
31
|
@request.expects(:build_request).returns('post')
|
30
|
-
@request.stubs(:cert_store).returns('cert_store')
|
31
32
|
|
32
33
|
response = mock {|m| m.expects(:is_a?).with(Net::HTTPOK).returns(true) }
|
33
34
|
|
34
35
|
http = mock do |m|
|
35
36
|
m.expects(:use_ssl=).with(true)
|
36
37
|
m.expects(:verify_mode=).with(OpenSSL::SSL::VERIFY_PEER)
|
37
|
-
m.expects(:
|
38
|
+
m.expects(:ca_file=).with(CA_CERT_FILE)
|
39
|
+
m.expects(:request).with('post').yields(response)
|
40
|
+
end
|
41
|
+
|
42
|
+
Net::HTTP.expects(:new).with('www.google.com', 443).returns(http)
|
43
|
+
|
44
|
+
@request.send_request(OpenSSL::SSL::VERIFY_PEER)
|
45
|
+
end
|
46
|
+
|
47
|
+
should "be able to send a request to the GAAPI service with ignoring ssl" do
|
48
|
+
@request.expects(:build_request).returns('post')
|
49
|
+
|
50
|
+
response = mock {|m| m.expects(:is_a?).with(Net::HTTPOK).returns(true) }
|
51
|
+
|
52
|
+
http = mock do |m|
|
53
|
+
m.expects(:use_ssl=).with(true)
|
54
|
+
m.expects(:verify_mode=).with(OpenSSL::SSL::VERIFY_NONE)
|
38
55
|
m.expects(:request).with('post').yields(response)
|
39
56
|
end
|
40
57
|
|
41
58
|
Net::HTTP.expects(:new).with('www.google.com', 443).returns(http)
|
42
59
|
|
43
|
-
@request.send_request
|
60
|
+
@request.send_request(OpenSSL::SSL::VERIFY_NONE)
|
44
61
|
end
|
45
62
|
|
46
63
|
should "be able to build a request for the GAAPI service" do
|
@@ -54,42 +71,45 @@ module Garb
|
|
54
71
|
|
55
72
|
@request.build_request
|
56
73
|
end
|
57
|
-
|
58
|
-
should "have a cert store" do
|
59
|
-
cert_store = mock(:set_default_paths)
|
60
|
-
OpenSSL::X509::Store.expects(:new).returns(cert_store)
|
61
|
-
assert_equal cert_store, @request.cert_store
|
62
|
-
end
|
63
74
|
|
64
75
|
should "be able to retrieve an auth_token from the body" do
|
65
76
|
response_data =
|
66
77
|
"SID=mysid\n" +
|
67
78
|
"LSID=mylsid\n" +
|
68
79
|
"Auth=auth_token\n"
|
69
|
-
|
70
|
-
@request.expects(:send_request).with().returns(stub(:body => response_data))
|
71
|
-
|
80
|
+
|
81
|
+
@request.expects(:send_request).with(OpenSSL::SSL::VERIFY_NONE).returns(stub(:body => response_data))
|
82
|
+
|
72
83
|
assert_equal 'auth_token', @request.auth_token
|
73
84
|
end
|
85
|
+
|
86
|
+
should "use VERIFY_PEER if auth_token needs to be secure" do
|
87
|
+
response_data =
|
88
|
+
"SID=mysid\n" +
|
89
|
+
"LSID=mylsid\n" +
|
90
|
+
"Auth=auth_token\n"
|
91
|
+
|
92
|
+
@request.expects(:send_request).with(OpenSSL::SSL::VERIFY_PEER).returns(stub(:body => response_data))
|
93
|
+
|
94
|
+
assert_equal 'auth_token', @request.auth_token(:secure => true)
|
95
|
+
end
|
74
96
|
|
75
97
|
should "raise an exception when requesting an auth_token when the authorization fails" do
|
76
98
|
@request.stubs(:build_request)
|
77
|
-
@request.stubs(:cert_store)
|
78
99
|
response = mock do |m|
|
79
100
|
m.expects(:is_a?).with(Net::HTTPOK).returns(false)
|
80
101
|
end
|
81
|
-
|
102
|
+
|
82
103
|
http = stub do |s|
|
83
104
|
s.stubs(:use_ssl=)
|
84
105
|
s.stubs(:verify_mode=)
|
85
|
-
s.stubs(:cert_store=)
|
86
106
|
s.stubs(:request).yields(response)
|
87
107
|
end
|
88
|
-
|
108
|
+
|
89
109
|
Net::HTTP.stubs(:new).with('www.google.com', 443).returns(http)
|
90
110
|
|
91
111
|
assert_raise(Garb::AuthenticationRequest::AuthError) do
|
92
|
-
@request.send_request
|
112
|
+
@request.send_request(OpenSSL::SSL::VERIFY_NONE)
|
93
113
|
end
|
94
114
|
end
|
95
115
|
|
data/test/unit/session_test.rb
CHANGED
@@ -6,12 +6,20 @@ module Garb
|
|
6
6
|
context "The Session class" do
|
7
7
|
|
8
8
|
should "be able retrieve an auth_token for a user" do
|
9
|
-
auth_request = mock {|m| m.expects(:auth_token).with().returns('toke') }
|
9
|
+
auth_request = mock {|m| m.expects(:auth_token).with({}).returns('toke') }
|
10
10
|
AuthenticationRequest.expects(:new).with('email', 'password').returns(auth_request)
|
11
|
-
|
11
|
+
|
12
12
|
Session.login('email', 'password')
|
13
13
|
assert_equal 'toke', Session.auth_token
|
14
14
|
end
|
15
|
+
|
16
|
+
should "be able retrieve an auth_token for a user with secure ssl" do
|
17
|
+
auth_request = mock {|m| m.expects(:auth_token).with({:secure => true}).returns('toke') }
|
18
|
+
AuthenticationRequest.expects(:new).with('email', 'password').returns(auth_request)
|
19
|
+
|
20
|
+
Session.login('email', 'password', :secure => true)
|
21
|
+
assert_equal 'toke', Session.auth_token
|
22
|
+
end
|
15
23
|
|
16
24
|
should "retain the email address for this session" do
|
17
25
|
AuthenticationRequest.stubs(:new).returns(stub(:auth_token => 'toke'))
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: vigetlabs-garb
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.2.
|
4
|
+
version: 0.2.3
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Tony Pitale
|
@@ -53,6 +53,7 @@ files:
|
|
53
53
|
- lib/garb/version.rb
|
54
54
|
- lib/garb.rb
|
55
55
|
- test/fixtures
|
56
|
+
- test/fixtures/cacert.pem
|
56
57
|
- test/fixtures/profile_feed.xml
|
57
58
|
- test/fixtures/report_feed.xml
|
58
59
|
- test/test_helper.rb
|
@@ -98,6 +99,7 @@ specification_version: 2
|
|
98
99
|
summary: Google Analytics API Ruby Wrapper
|
99
100
|
test_files:
|
100
101
|
- test/fixtures
|
102
|
+
- test/fixtures/cacert.pem
|
101
103
|
- test/fixtures/profile_feed.xml
|
102
104
|
- test/fixtures/report_feed.xml
|
103
105
|
- test/test_helper.rb
|