warden-bootic 0.0.1

data/.gitignore

@@ -0,0 +1,7 @@
+coverage
+.bundle
+pkg
+.DS_Store
+Gemfile.lock
+vendor/gems
+*.gem

data/Gemfile

@@ -0,0 +1,26 @@
+source 'http://rubygems.org'
+
+group :runtime do
+  gem 'warden',              '~>1.0.4'
+  gem 'oauth2',              '~>0.4.1'
+  gem 'json',                '>=1.0.0'
+end
+
+group :test do
+  gem 'rake'
+  gem 'rspec',            '~>1.3.0', :require => 'spec'
+  gem 'rcov'
+  gem 'sinatra',          '~>1.0',   :require => 'sinatra/base'
+  gem 'shotgun'
+  gem 'webrat',           '~>0.7.0'
+  gem 'bundler',          '~>1.0'
+  gem 'randexp',          '>=0.1.4'
+  gem 'ruby-debug19',     :platforms => :ruby_19
+  gem 'ruby-debug',       :platforms => :ruby_18
+  gem 'addressable',      '~>2.2.0', :require => 'addressable/uri'
+  gem 'rack-test',        '~>0.5.3', :require => 'rack/test'
+end
+
+group :development do
+  gem 'rest-client'
+end

data/LICENSE

@@ -0,0 +1,20 @@
+Copyright (c) 2011 Ismael Celis
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -0,0 +1,18 @@
+warden-bootic
+=============
+
+NOTE: this code is basically warden-github adapted to work against Bootic oauth provider.
+
+https://github.com/atmos/warden-github
+
+A [warden](http://github.com/hassox/warden) strategy that provides oauth authentication to Bootic.  IN PROGRESS.
+
+To test it out on localhost set your callback url to 'http://localhost:9292/auth/bootic/callback'
+
+There's an example app in [spec/app.rb](/ismasan/warden-bootic/blob/master/spec/app.rb).
+
+The Extension in Action
+=======================
+    % gem install bundler
+    % bundle install
+    % OAUTH_CLIENT_ID="<from Bootic>" OAUTH_CLIENT_SECRET="<from Bootic>" bundle exec rackup

data/Rakefile

@@ -0,0 +1,8 @@
+require 'bundler'
+Bundler::GemHelper.install_tasks
+
+require 'rspec/core/rake_task'
+RSpec::Core::RakeTask.new('spec')
+
+# If you want to make this the default task
+task :default => :spec

data/config.ru

@@ -0,0 +1,34 @@
+ENV['RACK_ENV'] ||= 'development'
+
+begin
+  require File.expand_path('../.bundle/environment', __FILE__)
+rescue LoadError
+  require "rubygems"
+  require "bundler"
+  Bundler.setup
+end
+
+Bundler.require(:runtime, :test)
+require "ruby-debug"
+
+$LOAD_PATH << File.dirname(__FILE__) + '/lib'
+require File.expand_path(File.join(File.dirname(__FILE__), 'lib', 'warden-bootic'))
+require File.expand_path(File.join(File.dirname(__FILE__), 'spec', 'app'))
+
+class Fix
+  
+  def initialize(app)
+    @app = app
+  end
+  
+  def call(env)
+    status, headers, response = @app.call(env)
+    headers['Content-Type'] = 'text/html'
+    [status, headers, response]
+  end
+end
+
+use Fix
+run Example.app
+
+# vim:ft=ruby

data/lib/warden-bootic.rb

@@ -0,0 +1,14 @@
+require 'warden'
+require 'oauth2'
+require 'json'
+
+module Warden
+  module Bootic
+    API_URL = ENV['BOOTIC_API_URL'] || 'https://api.bootic.net'
+  end
+end
+
+require 'warden-bootic/user'
+require 'warden-bootic/proxy'
+require 'warden-bootic/version'
+require 'warden-bootic/strategy'

data/lib/warden-bootic/proxy.rb

@@ -0,0 +1,44 @@
+module Warden
+  module Bootic
+    module Oauth
+      class Proxy
+        attr_accessor :client_id, :secret, :scopes, :callback_url
+        def initialize(client_id, secret, scopes, callback_url)
+          @client_id, @secret, @scopes, @callback_url = client_id, secret, scopes, callback_url
+        end
+
+        def ssl_options
+          ca_file = "/usr/lib/ssl/certs/ca-certificates.crt"
+          if File.exists?(ca_file)
+            { :ca_file => ca_file }
+          else
+            { :ca_file => ''}
+          end
+        end
+
+        def client
+          @client ||= OAuth2::Client.new(@client_id, @secret,
+                                         :ssl               => ssl_options,
+                                         :site              => Warden::Bootic::API_URL,
+                                         :authorize_path    => '/oauth/authorize',
+                                         :access_token_path => '/oauth/token')
+        end
+
+        def access_token_for(code)
+          web_server.get_access_token(code, :redirect_uri => callback_url)
+        end
+
+        def authorize_url
+          web_server.authorize_url(
+            :scope        => scopes,
+            :redirect_uri => callback_url
+          )
+        end
+
+        def web_server
+          client.web_server
+        end
+      end
+    end
+  end
+end

data/lib/warden-bootic/strategy.rb

@@ -0,0 +1,57 @@
+Warden::Strategies.add(:bootic) do
+  # Need to make sure that we have a pure representation of the query string.
+  # Rails adds an "action" parameter which causes the openid gem to error
+  def params
+    @params ||= Rack::Utils.parse_query(request.query_string)
+  end
+
+  def authenticate!
+    if params['code']
+      begin
+        access_token = access_token_for(params['code'])
+        user = JSON.parse(access_token.get('/oauth/me'))
+        success!(Warden::Bootic::Oauth::User.new(user, access_token.token))
+      rescue OAuth2::HTTPError
+        %(<p>Outdated ?code=#{params['code']}:</p><p>#{$!}</p><p><a href="/auth/bootic">Retry</a></p>)
+      end
+    else
+      env['rack.session']['return_to'] = env['REQUEST_URI']
+      throw(:warden, [ 302, {'Location' => authorize_url}, [ ]])
+    end
+  end
+
+  private
+
+  def oauth_client
+    oauth_proxy.client
+  end
+
+  def authorize_url
+    oauth_proxy.authorize_url
+  end
+
+  def access_token_for(code)
+    oauth_proxy.access_token_for(code)
+  end
+
+  def oauth_proxy
+    @oauth_proxy ||= Warden::Bootic::Oauth::Proxy.new(env['warden'].config[:client_id],
+                                                      env['warden'].config[:secret],
+                                                      env['warden'].config[:scopes],
+                                                      callback_url)
+  end
+
+  def callback_url
+    absolute_url(request, env['warden'].config[:callback_url])
+  end
+
+  def absolute_url(request, suffix = nil)
+    port_part = case request.scheme
+                when "http"
+                  request.port == 80 ? "" : ":#{request.port}"
+                when "https"
+                  request.port == 443 ? "" : ":#{request.port}"
+                end
+    "#{request.scheme}://#{request.host}#{port_part}#{suffix}"
+  end
+end

data/lib/warden-bootic/user.rb

@@ -0,0 +1,27 @@
+module Warden
+  module Bootic
+    module Oauth
+      class User
+        
+        attr_reader :attribs, :token
+        
+        def initialize(attribs, token)
+          @attribs, @token = attribs, token
+        end
+        
+        def user_name
+          attribs['user_info']['user_name']
+        end
+
+        def email
+          attribs['user_info']['email']
+        end
+
+        def role
+          attribs['user_info']['role_key']
+        end
+        
+      end
+    end
+  end
+end

data/lib/warden-bootic/version.rb

@@ -0,0 +1,5 @@
+module Warden
+  module Bootic
+    VERSION = "0.0.1"
+  end
+end

data/spec/app.rb

@@ -0,0 +1,86 @@
+require 'rest-client'
+
+module Example
+  class App < Sinatra::Base
+    
+    use Rack::Session::Cookie, :key => 'rack.session',
+                               :path => '/',
+                               :expire_after => 2592000, # In seconds
+                               :secret => 'change_me',
+                               :old_secret => 'change_me'
+    enable  :raise_errors
+    disable :show_exceptions
+
+    use Warden::Manager do |manager|
+      manager.default_strategies :bootic
+      manager.failure_app = BadAuthentication
+
+      manager[:client_id]    = ENV['OAUTH_CLIENT_ID'] || '12345678901234567890' # or test id
+      manager[:secret]       = ENV['OAUTH_CLIENT_SECRET']
+
+      manager[:scopes]       = 'public'
+      manager[:callback_url] = '/auth/bootic/callback'
+    end
+    
+    helpers do
+      def ensure_authenticated
+        unless env['warden'].authenticate!
+          throw(:warden)
+        end
+      end
+
+      def user
+        env['warden'].user
+      end
+      
+      def bootic(path)
+        JSON.parse(RestClient.get("#{Warden::Bootic::API_URL}/#{path}", :params => { :access_token => user.token }, :accept => :json))
+      end
+    end
+
+    get '/' do
+      ensure_authenticated
+      p [:user, user.attribs]
+      "Hello There, #{user.user_name}!. Your token: #{user.token.inspect}"
+    end
+    
+    get '/products' do
+      ensure_authenticated
+      bootic('/products')['entries'].map do |product|
+        html = '<div>'
+        html += "<h2>#{product['title']}</h2>"
+        html += %(<img src="#{product['images'].first['small']}" />) if product['images'].any?
+        html += '/<div>'
+        html
+      end.join("\n")
+    end
+
+    get '/redirect_to' do
+      ensure_authenticated
+      "Hello There, #{user.user_name}! return_to is working!"
+    end
+
+    get '/auth/bootic/callback' do
+      ensure_authenticated
+      redirect '/'
+    end
+
+    get '/logout' do
+      env['warden'].logout
+      "Peace!"
+    end
+  end
+
+  class BadAuthentication < Sinatra::Base
+    get '/unauthenticated' do
+      status 403
+      "Unable to authenticate, sorry bud."
+    end
+  end
+
+  def self.app
+    @app ||= Rack::Builder.new do
+      run App
+    end
+  end
+end

data/spec/oauth_spec.rb

@@ -0,0 +1,18 @@
+require File.dirname(__FILE__) + '/spec_helper'
+
+describe "Warden::Github" do
+  it "requesting an url that requires authentication redirects to bootic" do
+    response = get "/"
+
+    uri = Addressable::URI.parse(response.headers["Location"])
+
+    uri.scheme.should eql('https')
+    uri.host.should eql('api.bootic.net')
+
+    params = uri.query_values
+    params['response_type'].should eql('code')
+    params['scope'].should eql('public')
+    params['client_id'].should match(/\w{20}/)
+    params['redirect_uri'].should eql('http://example.org/auth/bootic/callback')
+  end
+end

data/spec/proxy_spec.rb

@@ -0,0 +1,33 @@
+require File.dirname(__FILE__) + '/spec_helper'
+
+describe "Warden::Bootic::Oauth::Proxy" do
+  before(:all) do
+    sha = Digest::SHA1.hexdigest(Time.now.to_s)
+    @proxy =  Warden::Bootic::Oauth::Proxy.new(sha[0..19], sha[0..39],
+                                               'user',
+                                               'http://example.org/auth/bootic/callback')
+  end
+
+  it "returns an authorize url" do
+    uri = Addressable::URI.parse(@proxy.authorize_url)
+
+    uri.scheme.should eql('https')
+    uri.host.should eql('api.bootic.net')
+
+    params = uri.query_values
+    params['response_type'].should eql('code')
+    params['scope'].should eql('user')
+    params['client_id'].should match(/\w{20}/)
+    params['redirect_uri'].should eql('http://example.org/auth/bootic/callback')
+  end
+
+  it "has a client object" do
+    @proxy.client.should_not be_nil
+  end
+
+  it "returns access tokens" do
+    pending "this hits the network" do
+      lambda { @proxy.access_token_for(/\w{20}/.gen) }.should_not raise_error
+    end
+  end
+end

data/spec/spec_helper.rb

@@ -0,0 +1,24 @@
+Bundler.require(:default, :runtime, :test)
+
+require File.join(File.dirname(__FILE__), '..', 'lib', 'warden-bootic')
+require File.join(File.dirname(__FILE__), 'app')
+
+require 'pp'
+
+Webrat.configure do |config|
+  config.mode = :rack
+  config.application_port = 4567
+end
+
+Spec::Runner.configure do |config|
+  config.include(Rack::Test::Methods)
+  config.include(Webrat::Methods)
+  config.include(Webrat::Matchers)
+
+  config.before(:each) do
+  end
+
+  def app
+    Example.app
+  end
+end

data/warden-bootic.gemspec

@@ -0,0 +1,34 @@
+# -*- encoding: utf-8 -*-
+$:.push File.expand_path("../lib", __FILE__)
+
+require 'warden-bootic/version'
+
+Gem::Specification.new do |s|
+  s.name        = "warden-bootic"
+  s.version     = Warden::Bootic::VERSION
+  s.platform    = Gem::Platform::RUBY
+  s.authors     = ["Ismael Celis"]
+  s.email       = ["ismael@bootic.net"]
+  s.homepage    = "http://github.com/ismasan/warden-bootic"
+  s.summary     = "A warden strategy for easy oauth integration with Bootic"
+  s.description = s.summary
+
+  s.rubyforge_project = "warden-bootic"
+
+  s.add_dependency "json",   "~>1.5"
+  s.add_dependency "warden", "~>1.0.4"
+  s.add_dependency "oauth2", "~>0.4.1"
+
+  s.add_development_dependency "rake"
+  s.add_development_dependency "rspec",     "~>1.3.0"
+  s.add_development_dependency "shotgun"
+  s.add_development_dependency "bundler",   "~>1.0"
+  s.add_development_dependency "addressable", "~>2.2.0"
+  s.add_development_dependency "rack-test",   "~>0.5.3"
+  s.add_development_dependency "ruby-debug"
+
+  s.files         = `git ls-files`.split("\n")
+  s.test_files    = `git ls-files -- {test,spec,features}/*`.split("\n")
+  s.executables   = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) }
+  s.require_paths = ["lib"]
+end

metadata

@@ -0,0 +1,182 @@
+--- !ruby/object:Gem::Specification 
+name: warden-bootic
+version: !ruby/object:Gem::Version 
+  prerelease: 
+  version: 0.0.1
+platform: ruby
+authors: 
+- Ismael Celis
+autorequire: 
+bindir: bin
+cert_chain: []
+
+date: 2011-12-31 00:00:00 Z
+dependencies: 
+- !ruby/object:Gem::Dependency 
+  name: json
+  prerelease: false
+  requirement: &id001 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ~>
+      - !ruby/object:Gem::Version 
+        version: "1.5"
+  type: :runtime
+  version_requirements: *id001
+- !ruby/object:Gem::Dependency 
+  name: warden
+  prerelease: false
+  requirement: &id002 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ~>
+      - !ruby/object:Gem::Version 
+        version: 1.0.4
+  type: :runtime
+  version_requirements: *id002
+- !ruby/object:Gem::Dependency 
+  name: oauth2
+  prerelease: false
+  requirement: &id003 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ~>
+      - !ruby/object:Gem::Version 
+        version: 0.4.1
+  type: :runtime
+  version_requirements: *id003
+- !ruby/object:Gem::Dependency 
+  name: rake
+  prerelease: false
+  requirement: &id004 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        version: "0"
+  type: :development
+  version_requirements: *id004
+- !ruby/object:Gem::Dependency 
+  name: rspec
+  prerelease: false
+  requirement: &id005 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ~>
+      - !ruby/object:Gem::Version 
+        version: 1.3.0
+  type: :development
+  version_requirements: *id005
+- !ruby/object:Gem::Dependency 
+  name: shotgun
+  prerelease: false
+  requirement: &id006 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        version: "0"
+  type: :development
+  version_requirements: *id006
+- !ruby/object:Gem::Dependency 
+  name: bundler
+  prerelease: false
+  requirement: &id007 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ~>
+      - !ruby/object:Gem::Version 
+        version: "1.0"
+  type: :development
+  version_requirements: *id007
+- !ruby/object:Gem::Dependency 
+  name: addressable
+  prerelease: false
+  requirement: &id008 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ~>
+      - !ruby/object:Gem::Version 
+        version: 2.2.0
+  type: :development
+  version_requirements: *id008
+- !ruby/object:Gem::Dependency 
+  name: rack-test
+  prerelease: false
+  requirement: &id009 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ~>
+      - !ruby/object:Gem::Version 
+        version: 0.5.3
+  type: :development
+  version_requirements: *id009
+- !ruby/object:Gem::Dependency 
+  name: ruby-debug
+  prerelease: false
+  requirement: &id010 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        version: "0"
+  type: :development
+  version_requirements: *id010
+description: A warden strategy for easy oauth integration with Bootic
+email: 
+- ismael@bootic.net
+executables: []
+
+extensions: []
+
+extra_rdoc_files: []
+
+files: 
+- .gitignore
+- Gemfile
+- LICENSE
+- README.md
+- Rakefile
+- config.ru
+- lib/warden-bootic.rb
+- lib/warden-bootic/proxy.rb
+- lib/warden-bootic/strategy.rb
+- lib/warden-bootic/user.rb
+- lib/warden-bootic/version.rb
+- spec/app.rb
+- spec/oauth_spec.rb
+- spec/proxy_spec.rb
+- spec/spec_helper.rb
+- warden-bootic.gemspec
+homepage: http://github.com/ismasan/warden-bootic
+licenses: []
+
+post_install_message: 
+rdoc_options: []
+
+require_paths: 
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement 
+  none: false
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      version: "0"
+required_rubygems_version: !ruby/object:Gem::Requirement 
+  none: false
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      version: "0"
+requirements: []
+
+rubyforge_project: warden-bootic
+rubygems_version: 1.8.6
+signing_key: 
+specification_version: 3
+summary: A warden strategy for easy oauth integration with Bootic
+test_files: 
+- spec/app.rb
+- spec/oauth_spec.rb
+- spec/proxy_spec.rb
+- spec/spec_helper.rb