warden 0.5.0 → 0.5.1

Sign up to get free protection for your applications and to get access to all the features.
data/Rakefile CHANGED
@@ -1,25 +1,17 @@
1
1
  require 'rubygems'
2
- require 'rack'
3
2
  require 'spec/rake/spectask'
4
-
5
- GEM = "warden"
6
- GEM_VERSION = "0.2.1"
7
- AUTHORS = ["Daniel Neighman"]
8
- EMAIL = "has.sox@gmail.com"
9
- HOMEPAGE = "http://github.com/hassox/warden"
10
- SUMMARY = "Rack middleware that provides authentication for rack applications"
3
+ require File.join(File.dirname(__FILE__), "lib", "warden", "version")
11
4
 
12
5
  begin
13
6
  require 'jeweler'
14
7
  Jeweler::Tasks.new do |gem|
15
- gem.name = GEM
16
- gem.summary = SUMMARY
17
- gem.email = EMAIL
18
- gem.homepage = HOMEPAGE
19
- gem.authors = AUTHORS
8
+ gem.name = "warden"
9
+ gem.version = Warden::VERSION
10
+ gem.summary = "Rack middleware that provides authentication for rack applications"
11
+ gem.email = "has.sox@gmail.com"
12
+ gem.homepage = "http://github.com/hassox/warden"
13
+ gem.authors = ["Daniel Neighman"]
20
14
  gem.rubyforge_project = "warden"
21
- # gem is a Gem::Specification... see http://www.rubygems.org/read/chapter/20 for additional settings
22
-
23
15
  gem.add_dependency "rack", ">= 1.0.0"
24
16
  end
25
17
  rescue LoadError
data/VERSION CHANGED
@@ -1 +1 @@
1
- 0.5.0
1
+ 0.5.1
@@ -4,39 +4,39 @@ module Warden
4
4
  class Base
5
5
  # :api: public
6
6
  attr_accessor :user, :message
7
-
7
+
8
8
  #:api: private
9
9
  attr_accessor :result, :custom_response
10
-
10
+
11
11
  # Setup for redirection
12
12
  # :api: private
13
13
  attr_reader :_status
14
-
14
+
15
15
  # Accessor for the rack env
16
- # :api: public
16
+ # :api: public
17
17
  attr_reader :env, :scope
18
18
  include ::Warden::Mixins::Common
19
-
19
+
20
20
  # :api: private
21
21
  def initialize(env, scope=nil, config={}) # :nodoc:
22
22
  @scope, @config = scope, config
23
23
  @env, @_status, @headers = env, nil, {}
24
24
  @halted = false
25
25
  end
26
-
27
- # The method that is called from above. This method calls the underlying authetniate! method
26
+
27
+ # The method that is called from above. This method calls the underlying authenticate! method
28
28
  # :api: private
29
29
  def _run! # :nodoc:
30
30
  result = authenticate!
31
31
  self
32
32
  end
33
-
34
- # Acts as a guarding method for the strategy.
33
+
34
+ # Acts as a guarding method for the strategy.
35
35
  # If #valid? responds false, the strategy will not be executed
36
36
  # Overwrite with your own logic
37
37
  # :api: overwritable
38
38
  def valid?; true; end
39
-
39
+
40
40
  # Provides access to the headers hash for setting custom headers
41
41
  # :api: public
42
42
  def headers(header = {})
@@ -44,33 +44,33 @@ module Warden
44
44
  @headers.merge! header
45
45
  @headers
46
46
  end
47
-
47
+
48
48
  # Access to the errors object.
49
49
  # :api: public
50
50
  def errors
51
51
  @env['warden.errors']
52
52
  end
53
-
53
+
54
54
  # Cause the processing of the strategies to stop and cascade no further
55
55
  # :api: public
56
56
  def halt!
57
57
  @halted = true
58
58
  end
59
-
59
+
60
60
  # Checks to see if a strategy was halted
61
61
  # :api: public
62
62
  def halted?
63
63
  !!@halted
64
64
  end
65
-
65
+
66
66
  # A simple method to return from authenticate! if you want to ignore this strategy
67
67
  # :api: public
68
68
  def pass; end
69
-
69
+
70
70
  # Whenever you want to provide a user object as "authenticated" use the +success!+ method.
71
- # This will halt the strategy, and set the user in the approprieate scope.
71
+ # This will halt the strategy, and set the user in the approprieate scope.
72
72
  # It is the "login" method
73
- #
73
+ #
74
74
  # Parameters:
75
75
  # user - The user object to login. This object can be anything you have setup to serialize in and out of the session
76
76
  #
@@ -80,7 +80,7 @@ module Warden
80
80
  @user = user
81
81
  @result = :success
82
82
  end
83
-
83
+
84
84
  # This causes the strategy to fail. It does not throw an :warden symbol to drop the request out to the failure application
85
85
  # You must throw an :warden symbol somewhere in the application to enforce this
86
86
  # :api: public
@@ -89,13 +89,13 @@ module Warden
89
89
  @message = message
90
90
  @result = :failure
91
91
  end
92
-
92
+
93
93
  # Causes the authentication to redirect. An :warden symbol must be thrown to actually execute this redirect
94
94
  #
95
95
  # Parameters:
96
96
  # url <String> - The string representing the URL to be redirected to
97
97
  # pararms <Hash> - Any parameters to encode into the URL
98
- # opts <Hash> - Any options to recirect with.
98
+ # opts <Hash> - Any options to recirect with.
99
99
  # available options: permanent => (true || false)
100
100
  #
101
101
  # :api: public
@@ -105,22 +105,22 @@ module Warden
105
105
  headers["Location"] = url
106
106
  headers["Location"] << "?" << Rack::Utils.build_query(params) unless params.empty?
107
107
  headers["Content-Type"] = opts[:content_type] || 'text/plain'
108
-
108
+
109
109
  @message = opts[:message].nil? ? "You are being redirected to #{headers["Location"]}" : opts[:message]
110
-
110
+
111
111
  @result = :redirect
112
112
 
113
113
  headers["Location"]
114
114
  end
115
-
115
+
116
116
  # Return a custom rack array. You must throw an :warden symbol to activate this
117
117
  # :api: public
118
118
  def custom!(response)
119
119
  halt!
120
120
  @custom_response = response
121
121
  @result = :custom
122
- end
123
-
122
+ end
123
+
124
124
  end # Base
125
125
  end # Strategies
126
126
  end # Warden
@@ -16,12 +16,18 @@ module Warden
16
16
  @config = config
17
17
  yield self if block_given?
18
18
 
19
- # should ensure there is a failure application defined.
19
+ # Should ensure there is a failure application defined.
20
20
  @failure_app = config[:failure_app] if config[:failure_app]
21
21
  raise "No Failure App provided" unless @failure_app
22
22
  self
23
23
  end
24
24
 
25
+ # Do not raise an error if a missing strategy is given by default.
26
+ # :api: plugin
27
+ def silence_missing_strategies!
28
+ @config[:silence_missing_strategies] = true
29
+ end
30
+
25
31
  # Set the default strategies to use.
26
32
  # :api: public
27
33
  def default_strategies(*strategies)
@@ -51,19 +57,17 @@ module Warden
51
57
  call_failure_app(env, :original_response => result)
52
58
  end
53
59
  when Hash
54
- if (result[:action] ||= :unauthenticated) == :unauthenticated
55
- process_unauthenticated(result,env)
56
- end # case result
60
+ result[:action] ||= :unauthenticated
61
+ process_unauthenticated(result, env)
57
62
  end
58
63
  end
59
64
 
60
65
  class << self
61
66
 
62
-
63
67
  # Does the work of storing the user in the session
64
68
  # :api: private
65
69
  def _store_user(user, session, scope = :default) # :nodoc:
66
- return nil if user.nil?
70
+ return nil unless user
67
71
  session["warden.user.#{scope}.key"] = serialize_into_session.call(user)
68
72
  end
69
73
 
@@ -71,7 +75,7 @@ module Warden
71
75
  # :api: private
72
76
  def _fetch_user(session, scope = :default) # :nodoc:
73
77
  key = session["warden.user.#{scope}.key"]
74
- return nil if key.nil?
78
+ return nil unless key
75
79
  serialize_from_session.call(key)
76
80
  end
77
81
 
@@ -107,16 +111,16 @@ module Warden
107
111
  # It looks at the result of the proxy to see if it's been executed and what action to take.
108
112
  # :api: private
109
113
  def process_unauthenticated(result, env)
110
- case env['warden'].result
111
- when :failure
112
- call_failure_app(env, result)
113
- when :redirect
114
- [env['warden']._status, env['warden'].headers, [env['warden'].message || "You are being redirected to #{env['warden'].headers['Location']}"]]
115
- when :custom
116
- env['warden'].custom_response
117
- when nil
118
- call_failure_app(env, result)
119
- end # case env['warden'].result
114
+ action = result[:result] || env['warden'].result
115
+
116
+ case action
117
+ when :redirect
118
+ [env['warden']._status, env['warden'].headers, [env['warden'].message || "You are being redirected to #{env['warden'].headers['Location']}"]]
119
+ when :custom
120
+ env['warden'].custom_response
121
+ else
122
+ call_failure_app(env, result)
123
+ end
120
124
  end
121
125
 
122
126
  # Calls the failure app.
data/lib/warden/proxy.rb CHANGED
@@ -36,7 +36,7 @@ module Warden
36
36
  # env['warden'].authenticated?(:admin)
37
37
  # :api: public
38
38
  def authenticated?(scope = :default)
39
- result = !raw_session["warden.user.#{scope}.key"].nil?
39
+ result = !raw_session["warden.user.#{scope}.key"].nil? || !!user(scope)
40
40
  yield if block_given? && result
41
41
  result
42
42
  end # authenticated?
@@ -81,11 +81,11 @@ module Warden
81
81
  #
82
82
  # Parameters:
83
83
  # user - An object that has been setup to serialize into and out of the session.
84
- # opts - An options hash. Use the :scope option to set the scope of the user
84
+ # opts - An options hash. Use the :scope option to set the scope of the user, set the :store option to false to skip serializing into the session.
85
85
  # :api: public
86
86
  def set_user(user, opts = {})
87
87
  scope = (opts[:scope] ||= :default)
88
- Warden::Manager._store_user(user, raw_session, scope) # Get the user into the session
88
+ Warden::Manager._store_user(user, raw_session, scope) unless opts[:store] == false# Get the user into the session
89
89
 
90
90
  # Run the after hooks for setting the user
91
91
  Warden::Manager._after_set_user.each{|hook| hook.call(user, self, opts)}
@@ -192,16 +192,25 @@ module Warden
192
192
  opts = opts_from_args(args)
193
193
 
194
194
  # Look for an existing user in the session for this scope
195
+ # If there was no user in the session. See if we can get one from the request
195
196
  return scope, opts if the_user = user(scope)
196
197
 
197
- # If there was no user in the session. See if we can get one from the request
198
198
  strategies = args.empty? ? @strategies : args
199
- raise "No Strategies Found" if strategies.empty? || !(strategies - Warden::Strategies._strategies.keys).empty?
199
+ raise "No Strategies Found" if strategies.empty?
200
200
 
201
201
  strategies.each do |s|
202
+ unless Warden::Strategies[s]
203
+ if args.empty? && @config[:silence_missing_strategies]
204
+ next
205
+ else
206
+ raise "Invalid strategy #{s}"
207
+ end
208
+ end
209
+
202
210
  strategy = Warden::Strategies[s].new(@env, scope, @conf)
203
211
  self.winning_strategy = strategy
204
212
  next unless strategy.valid?
213
+
205
214
  strategy._run!
206
215
  break if strategy.halted?
207
216
  end
@@ -0,0 +1,3 @@
1
+ module Warden
2
+ VERSION = "0.5.1"
3
+ end
@@ -12,13 +12,13 @@ module Warden::Spec
12
12
 
13
13
  def setup_rack(app = nil, opts = {}, &block)
14
14
  app ||= block if block_given?
15
- # opts[:default_strategies] ||= [:password]
15
+ opts[:default_strategies] ||= [:password]
16
16
  opts[:failure_app] ||= Warden::Spec::Helpers::FAILURE_APP
17
17
  Rack::Builder.new do
18
18
  use Warden::Spec::Helpers::Session
19
19
  use Warden::Manager, opts do |manager|
20
20
  manager.failure_app = Warden::Spec::Helpers::FAILURE_APP
21
- manager.default_strategies :password
21
+ manager.default_strategies *opts[:default_strategies]
22
22
  end
23
23
  run app
24
24
  end
@@ -48,4 +48,4 @@ module Warden::Spec
48
48
  end
49
49
  end # session
50
50
  end
51
- end
51
+ end
@@ -49,7 +49,7 @@ describe Warden::Manager do
49
49
  env = env_with_params("/", {})
50
50
  app = lambda do |env|
51
51
  env['warden'].authenticate(:failz)
52
- throw(:warden, :action => :unauthenticated)
52
+ throw(:warden)
53
53
  end
54
54
  result = setup_rack(app, :failure_app => @fail_app).call(env)
55
55
  result.last.should == ["You Fail!"]
@@ -65,6 +65,17 @@ describe Warden::Manager do
65
65
  result = setup_rack(app, :failure_app => fail_app).call(env_with_params)
66
66
  result.last.should == ["Failure App"]
67
67
  end
68
+
69
+ it "should call failure app if warden is thrown even after successful authentication" do
70
+ env = env_with_params("/", {})
71
+ app = lambda do |env|
72
+ env['warden'].authenticate(:pass)
73
+ throw(:warden)
74
+ end
75
+ result = setup_rack(app, :failure_app => @fail_app).call(env)
76
+ result.first.should == 401
77
+ result.last.should == ["You Fail!"]
78
+ end
68
79
  end # failure
69
80
 
70
81
  end
@@ -81,6 +81,27 @@ describe Warden::Proxy do
81
81
  setup_rack(app).call(env)
82
82
  end
83
83
 
84
+ it "should raise error on missing strategies" do
85
+ env = env_with_params('/')
86
+ app = lambda do |env|
87
+ env['warden'].authenticate(:unknown)
88
+ end
89
+ lambda {
90
+ setup_rack(app).call(env)
91
+ }.should raise_error(RuntimeError, "Invalid strategy unknown")
92
+ end
93
+
94
+ it "should not raise error on default missing strategies if silencing" do
95
+ env = env_with_params('/')
96
+ app = lambda do |env|
97
+ env['warden'].authenticate
98
+ valid_response
99
+ end
100
+ lambda {
101
+ setup_rack(app, :silence_missing_strategies => true, :default_strategies => :unknown).call(env)
102
+ }.should_not raise_error
103
+ end
104
+
84
105
  it "should allow me to get access to the user at warden.user." do
85
106
  env = env_with_params("/")
86
107
  app = lambda do |env|
@@ -170,6 +191,18 @@ describe Warden::Proxy do
170
191
  end
171
192
  setup_rack(app).call(env)
172
193
  end
194
+
195
+ it "should not store the user if the :store option is set to false" do
196
+ env = env_with_params("/")
197
+ app = lambda do |e|
198
+ env['warden'].authenticate(:pass, :store => false)
199
+ env['warden'].should be_authenticated
200
+ env['warden'].user.should == "Valid User"
201
+ env['rack.session']['warden.user.default.key'].should be_nil
202
+ valid_response
203
+ end
204
+ setup_rack(app).call(env)
205
+ end
173
206
  end
174
207
 
175
208
  describe "get user" do
data/warden.gemspec CHANGED
@@ -1,15 +1,15 @@
1
1
  # Generated by jeweler
2
- # DO NOT EDIT THIS FILE
3
- # Instead, edit Jeweler::Tasks in Rakefile, and run `rake gemspec`
2
+ # DO NOT EDIT THIS FILE DIRECTLY
3
+ # Instead, edit Jeweler::Tasks in Rakefile, and run the gemspec command
4
4
  # -*- encoding: utf-8 -*-
5
5
 
6
6
  Gem::Specification.new do |s|
7
7
  s.name = %q{warden}
8
- s.version = "0.5.0"
8
+ s.version = "0.5.1"
9
9
 
10
10
  s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
11
11
  s.authors = ["Daniel Neighman"]
12
- s.date = %q{2009-10-21}
12
+ s.date = %q{2009-10-24}
13
13
  s.email = %q{has.sox@gmail.com}
14
14
  s.extra_rdoc_files = [
15
15
  "LICENSE",
@@ -31,6 +31,7 @@ Gem::Specification.new do |s|
31
31
  "lib/warden/manager.rb",
32
32
  "lib/warden/mixins/common.rb",
33
33
  "lib/warden/proxy.rb",
34
+ "lib/warden/version.rb",
34
35
  "script/destroy",
35
36
  "script/generate",
36
37
  "spec/helpers/request_helper.rb",
@@ -87,3 +88,4 @@ Gem::Specification.new do |s|
87
88
  s.add_dependency(%q<rack>, [">= 1.0.0"])
88
89
  end
89
90
  end
91
+
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: warden
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.5.0
4
+ version: 0.5.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Daniel Neighman
@@ -9,7 +9,7 @@ autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
11
 
12
- date: 2009-10-21 00:00:00 +11:00
12
+ date: 2009-10-24 00:00:00 +11:00
13
13
  default_executable:
14
14
  dependencies:
15
15
  - !ruby/object:Gem::Dependency
@@ -47,6 +47,7 @@ files:
47
47
  - lib/warden/manager.rb
48
48
  - lib/warden/mixins/common.rb
49
49
  - lib/warden/proxy.rb
50
+ - lib/warden/version.rb
50
51
  - script/destroy
51
52
  - script/generate
52
53
  - spec/helpers/request_helper.rb