warden 1.2.3 → 1.2.8

Sign up to get free protection for your applications and to get access to all the features.
Files changed (47) hide show
  1. checksums.yaml +7 -0
  2. data/.gitignore +5 -0
  3. data/.rspec +3 -0
  4. data/.travis.yml +7 -0
  5. data/{History.rdoc → CHANGELOG.md} +16 -3
  6. data/Gemfile +3 -2
  7. data/Gemfile.lock +40 -0
  8. data/LICENSE +1 -1
  9. data/README.md +18 -0
  10. data/Rakefile +4 -8
  11. data/lib/warden/config.rb +3 -3
  12. data/lib/warden/errors.rb +2 -1
  13. data/lib/warden/hooks.rb +10 -9
  14. data/lib/warden/manager.rb +23 -10
  15. data/lib/warden/mixins/common.rb +2 -1
  16. data/lib/warden/proxy.rb +27 -11
  17. data/lib/warden/session_serializer.rb +1 -0
  18. data/lib/warden/strategies/base.rb +14 -8
  19. data/lib/warden/strategies.rb +1 -0
  20. data/lib/warden/test/helpers.rb +3 -2
  21. data/lib/warden/test/mock.rb +69 -0
  22. data/lib/warden/test/warden_helpers.rb +2 -1
  23. data/lib/warden/version.rb +2 -1
  24. data/lib/warden.rb +2 -0
  25. data/warden.gemspec +21 -18
  26. metadata +33 -50
  27. data/README.textile +0 -9
  28. data/spec/helpers/request_helper.rb +0 -51
  29. data/spec/helpers/strategies/failz.rb +0 -8
  30. data/spec/helpers/strategies/invalid.rb +0 -8
  31. data/spec/helpers/strategies/pass.rb +0 -8
  32. data/spec/helpers/strategies/pass_with_message.rb +0 -8
  33. data/spec/helpers/strategies/password.rb +0 -13
  34. data/spec/helpers/strategies/single.rb +0 -12
  35. data/spec/spec_helper.rb +0 -24
  36. data/spec/warden/authenticated_data_store_spec.rb +0 -114
  37. data/spec/warden/config_spec.rb +0 -48
  38. data/spec/warden/errors_spec.rb +0 -47
  39. data/spec/warden/hooks_spec.rb +0 -373
  40. data/spec/warden/manager_spec.rb +0 -316
  41. data/spec/warden/proxy_spec.rb +0 -1041
  42. data/spec/warden/scoped_session_serializer.rb +0 -123
  43. data/spec/warden/session_serializer_spec.rb +0 -53
  44. data/spec/warden/strategies/base_spec.rb +0 -313
  45. data/spec/warden/strategies_spec.rb +0 -93
  46. data/spec/warden/test/helpers_spec.rb +0 -93
  47. data/spec/warden/test/test_mode_spec.rb +0 -76
checksums.yaml ADDED
@@ -0,0 +1,7 @@
1
+ ---
2
+ SHA256:
3
+ metadata.gz: 98bbb4bde4e4b1168fd883823a9e63f81cb6be40c117d92fd461299f4de0f86a
4
+ data.tar.gz: 03ac0df2de9c151a6f5387700141248be127a82177d21da1f1fc2d00db10bc64
5
+ SHA512:
6
+ metadata.gz: 5d8d0d43d9f1a28d12ca7044608e175b08444a46c81c42a6c1ad351d517e45919a653005522c576bd4fe4d8de1d3b2472c52c5b524b32606bb2e69d82a533a33
7
+ data.tar.gz: 044152b6566f94d9bcdcd4fda5297decb19ed5146adaaee3bdd07b154d9b1e3b9d840c8da21b110add36f8f856f1879cf2547e12298f710b75c734269c86daff
data/.gitignore ADDED
@@ -0,0 +1,5 @@
1
+ .DS_Store
2
+ pkg
3
+ .*~
4
+
5
+ *.gem
data/.rspec ADDED
@@ -0,0 +1,3 @@
1
+ --require spec_helper
2
+ --format documentation
3
+ --color
data/.travis.yml ADDED
@@ -0,0 +1,7 @@
1
+ language: ruby
2
+ install:
3
+ - bundle install
4
+ rvm:
5
+ - 2.2
6
+ - 2.3
7
+ - 2.4.2
@@ -1,3 +1,18 @@
1
+ == Version 1.2.8 / 2018-11-15
2
+ * Bugfix: Flips two lines to allow scopes authenticating from another without stepping on each other's toes. (PR #144)
3
+ * Update `rack` dependency to >= 2.0.6 due to security vulnerability
4
+ * Internal: Add Rubocop Lint checking
5
+ * Internal: Update RSpec to use `.rspec` file
6
+
7
+ == Version 1.2.7 / 2016-10-12
8
+ * Added 'frozen_string_literal' comment, bump ruby to 2.3
9
+
10
+ == Version 1.2.6 / 2016-01-31
11
+ * Separate test helpers to encapsulate Warden object mocking inside it's own class
12
+
13
+ == Version 1.2.5 / 2016-01-28
14
+ * Expands on the test helpers available to make it easier for testing gems
15
+
1
16
  == Version 1.2.3 / 2013-07-14
2
17
  * Fix an issue with lazy loaded sessions
3
18
 
@@ -128,7 +143,7 @@
128
143
 
129
144
  === Version 0.5.1 / 2009-10-25
130
145
  * enhancements
131
- * Adds yeilding to authenticated? and unauthenticated? methods (hassox)
146
+ * Adds yielding to authenticated? and unauthenticated? methods (hassox)
132
147
  * Adds an option to silence missing strategies (josevalim)
133
148
  * Add an option to authenticate(!) to prevent storage of a user into the session (hassox)
134
149
  * allow custom :action to be thrown (josevalim)
@@ -146,5 +161,3 @@
146
161
 
147
162
  * enhancements
148
163
  * add a hook for plugins to specify how they can clear the whole section
149
-
150
-
data/Gemfile CHANGED
@@ -1,11 +1,12 @@
1
+ # frozen_string_literal: true
1
2
  source 'https://rubygems.org'
2
3
 
3
4
  gemspec
4
5
 
5
6
  gem 'rake'
6
- gem 'rack', '1.3'
7
+ gem 'rack', '>= 2.0.6'
7
8
 
8
9
  group :test do
9
- gem 'rspec', '~>2'
10
+ gem 'rspec', '~>3'
10
11
  gem 'rack-test'
11
12
  end
data/Gemfile.lock ADDED
@@ -0,0 +1,40 @@
1
+ PATH
2
+ remote: .
3
+ specs:
4
+ warden (1.2.8)
5
+ rack (>= 2.0.6)
6
+
7
+ GEM
8
+ remote: https://rubygems.org/
9
+ specs:
10
+ diff-lcs (1.3)
11
+ rack (2.0.6)
12
+ rack-test (0.7.0)
13
+ rack (>= 1.0, < 3)
14
+ rake (12.1.0)
15
+ rspec (3.6.0)
16
+ rspec-core (~> 3.6.0)
17
+ rspec-expectations (~> 3.6.0)
18
+ rspec-mocks (~> 3.6.0)
19
+ rspec-core (3.6.0)
20
+ rspec-support (~> 3.6.0)
21
+ rspec-expectations (3.6.0)
22
+ diff-lcs (>= 1.2.0, < 2.0)
23
+ rspec-support (~> 3.6.0)
24
+ rspec-mocks (3.6.0)
25
+ diff-lcs (>= 1.2.0, < 2.0)
26
+ rspec-support (~> 3.6.0)
27
+ rspec-support (3.6.0)
28
+
29
+ PLATFORMS
30
+ ruby
31
+
32
+ DEPENDENCIES
33
+ rack (>= 2.0.6)
34
+ rack-test
35
+ rake
36
+ rspec (~> 3)
37
+ warden!
38
+
39
+ BUNDLED WITH
40
+ 1.17.1
data/LICENSE CHANGED
@@ -1,4 +1,4 @@
1
- Copyright (c) 2009 Daniel Neighman
1
+ Copyright (c) 2009-2017 Daniel Neighman
2
2
 
3
3
  Permission is hereby granted, free of charge, to any person obtaining
4
4
  a copy of this software and associated documentation files (the
data/README.md ADDED
@@ -0,0 +1,18 @@
1
+ # Warden
2
+
3
+ ## Getting Started
4
+
5
+ Please see the [Warden Wiki](https://wiki.github.com/hassox/warden) for overview documentation.
6
+
7
+ ## Maintainers
8
+
9
+ * Daniel Neighman (hassox)
10
+ * José Valim (josevalim)
11
+ * Justin Smestad (jsmestad)
12
+ * Whitney Smestad (whithub)
13
+
14
+ [A list of all contributors is available on Github.](https://github.com/hassox/warden/contributors)
15
+
16
+ ## LICENSE
17
+
18
+ See `LICENSE` file.
data/Rakefile CHANGED
@@ -1,12 +1,8 @@
1
1
  # -*- encoding: utf-8 -*-
2
- require 'rubygems'
3
- require 'rake'
4
- $:.unshift File.join(File.dirname(__FILE__), "lib")
2
+ # frozen_string_literal: true
3
+ require "bundler/gem_tasks"
4
+ require "rspec/core/rake_task"
5
5
 
6
- require 'rspec/core'
7
- require 'rspec/core/rake_task'
6
+ RSpec::Core::RakeTask.new(:spec)
8
7
 
9
8
  task :default => :spec
10
-
11
- desc "Run all specs in spec directory"
12
- RSpec::Core::RakeTask.new(:spec)
data/lib/warden/config.rb CHANGED
@@ -1,9 +1,9 @@
1
1
  # encoding: utf-8
2
+ # frozen_string_literal: true
2
3
 
3
4
  module Warden
4
- # This is a class which is yielded on use Warden::Manager. If you have a plugin
5
- # and wants to add more configuration to warden, you just need to extend this
6
- # class.
5
+ # This class is yielded inside Warden::Manager. If you have a plugin and want to
6
+ # add more configuration to warden, you just need to extend this class.
7
7
  class Config < Hash
8
8
  # Creates an accessor that simply sets and reads a key in the hash:
9
9
  #
data/lib/warden/errors.rb CHANGED
@@ -1,4 +1,5 @@
1
1
  # encoding: utf-8
2
+ # frozen_string_literal: true
2
3
  module Warden
3
4
  class Proxy
4
5
  # Lifted from DataMapper's dm-validations plugin :)
@@ -38,7 +39,7 @@ module Warden
38
39
  end
39
40
 
40
41
  def each
41
- errors.map.each do |k,v|
42
+ errors.map.each do |_k,v|
42
43
  next if blank?(v)
43
44
  yield(v)
44
45
  end
data/lib/warden/hooks.rb CHANGED
@@ -1,4 +1,5 @@
1
1
  # encoding: utf-8
2
+ # frozen_string_literal: true
2
3
  module Warden
3
4
  module Hooks
4
5
 
@@ -18,21 +19,21 @@ module Warden
18
19
  # A callback hook set to run every time after a user is set.
19
20
  # This callback is triggered the first time one of those three events happens
20
21
  # during a request: :authentication, :fetch (from session) and :set_user (when manually set).
21
- # You can supply as many hooks as you like, and they will be run in order of decleration.
22
+ # You can supply as many hooks as you like, and they will be run in order of declaration.
22
23
  #
23
24
  # If you want to run the callbacks for a given scope and/or event, you can specify them as options.
24
25
  # See parameters and example below.
25
26
  #
26
27
  # Parameters:
27
28
  # <options> Some options which specify when the callback should be executed
28
- # scope - Executes the callback only if it maches the scope(s) given
29
+ # scope - Executes the callback only if it matches the scope(s) given
29
30
  # only - Executes the callback only if it matches the event(s) given
30
31
  # except - Executes the callback except if it matches the event(s) given
31
32
  # <block> A block where you can set arbitrary logic to run every time a user is set
32
33
  # Block Parameters: |user, auth, opts|
33
34
  # user - The user object that is being set
34
35
  # auth - The raw authentication proxy object.
35
- # opts - any options passed into the set_user call includeing :scope
36
+ # opts - any options passed into the set_user call including :scope
36
37
  #
37
38
  # Example:
38
39
  # Warden::Manager.after_set_user do |user,auth,opts|
@@ -77,7 +78,7 @@ module Warden
77
78
  end
78
79
 
79
80
  # after_fetch is just a wrapper to after_set_user, which is only invoked
80
- # when the user is fetched from sesion. The options and yielded arguments
81
+ # when the user is fetched from session. The options and yielded arguments
81
82
  # are the same as in after_set_user.
82
83
  #
83
84
  # :api: public
@@ -85,18 +86,18 @@ module Warden
85
86
  after_set_user(options.merge(:event => :fetch), method, &block)
86
87
  end
87
88
 
88
- # A callback that runs just prior to the failur application being called.
89
+ # A callback that runs just prior to the failure application being called.
89
90
  # This callback occurs after PATH_INFO has been modified for the failure (default /unauthenticated)
90
91
  # In this callback you can mutate the environment as required by the failure application
91
92
  # If a Rails controller were used for the failure_app for example, you would need to set request[:params][:action] = :unauthenticated
92
93
  #
93
94
  # Parameters:
94
95
  # <options> Some options which specify when the callback should be executed
95
- # scope - Executes the callback only if it maches the scope(s) given
96
+ # scope - Executes the callback only if it matches the scope(s) given
96
97
  # <block> A block to contain logic for the callback
97
98
  # Block Parameters: |env, opts|
98
99
  # env - The rack env hash
99
- # opts - any options passed into the authenticate call includeing :scope
100
+ # opts - any options passed into the authenticate call including :scope
100
101
  #
101
102
  # Example:
102
103
  # Warden::Manager.before_failure do |env, opts|
@@ -121,7 +122,7 @@ module Warden
121
122
  #
122
123
  # Parameters:
123
124
  # <options> Some options which specify when the callback should be executed
124
- # scope - Executes the callback only if it maches the scope(s) given
125
+ # scope - Executes the callback only if it matches the scope(s) given
125
126
  # <block> A block to contain logic for the callback
126
127
  # Block Parameters: |user, auth, scope|
127
128
  # user - The authenticated user for the current scope
@@ -149,7 +150,7 @@ module Warden
149
150
  #
150
151
  # Parameters:
151
152
  # <options> Some options which specify when the callback should be executed
152
- # scope - Executes the callback only if it maches the scope(s) given
153
+ # scope - Executes the callback only if it matches the scope(s) given
153
154
  # <block> A block to contain logic for the callback
154
155
  # Block Parameters: |user, auth, scope|
155
156
  # user - The authenticated user for the current scope
@@ -1,10 +1,11 @@
1
1
  # encoding: utf-8
2
+ # frozen_string_literal: true
2
3
  require 'warden/hooks'
3
4
  require 'warden/config'
4
5
 
5
6
  module Warden
6
7
  # The middleware for Rack Authentication
7
- # The middlware requires that there is a session upstream
8
+ # The middleware requires that there is a session upstream
8
9
  # The middleware injects an authentication object into
9
10
  # the rack environment hash
10
11
  class Manager
@@ -19,9 +20,8 @@ module Warden
19
20
  default_strategies = options.delete(:default_strategies)
20
21
 
21
22
  @app, @config = app, Warden::Config.new(options)
22
- @config.default_strategies *default_strategies if default_strategies
23
+ @config.default_strategies(*default_strategies) if default_strategies
23
24
  yield @config if block_given?
24
- self
25
25
  end
26
26
 
27
27
  # Invoke the application guarding for throw :warden.
@@ -32,19 +32,18 @@ module Warden
32
32
 
33
33
  env['warden'] = Proxy.new(env, self)
34
34
  result = catch(:warden) do
35
+ env['warden'].on_request
35
36
  @app.call(env)
36
37
  end
37
38
 
38
39
  result ||= {}
39
40
  case result
40
41
  when Array
41
- if result.first == 401 && intercept_401?(env)
42
- process_unauthenticated(env)
43
- else
44
- result
45
- end
42
+ handle_chain_result(result.first, result, env)
46
43
  when Hash
47
44
  process_unauthenticated(env, result)
45
+ when Rack::Response
46
+ handle_chain_result(result.status, result, env)
48
47
  end
49
48
  end
50
49
 
@@ -72,8 +71,8 @@ module Warden
72
71
  Warden::SessionSerializer.send :define_method, method_name, &block
73
72
  end
74
73
 
75
- # Reconstitues the user from the session.
76
- # Use the results of user_session_key to reconstitue the user from the session on requests after the initial login
74
+ # Reconstitutes the user from the session.
75
+ # Use the results of user_session_key to reconstitute the user from the session on requests after the initial login
77
76
  # You can supply different methods of de-serialization for different scopes by passing a scope symbol
78
77
  #
79
78
  # Example:
@@ -84,12 +83,25 @@ module Warden
84
83
  # :api: public
85
84
  def serialize_from_session(scope = nil, &block)
86
85
  method_name = scope.nil? ? :deserialize : "#{scope}_deserialize"
86
+
87
+ if Warden::SessionSerializer.method_defined? method_name
88
+ Warden::SessionSerializer.send :remove_method, method_name
89
+ end
90
+
87
91
  Warden::SessionSerializer.send :define_method, method_name, &block
88
92
  end
89
93
  end
90
94
 
91
95
  private
92
96
 
97
+ def handle_chain_result(status, result, env)
98
+ if status == 401 && intercept_401?(env)
99
+ process_unauthenticated(env)
100
+ else
101
+ result
102
+ end
103
+ end
104
+
93
105
  def intercept_401?(env)
94
106
  config[:intercept_401] && !env['warden'].custom_failure?
95
107
  end
@@ -113,6 +125,7 @@ module Warden
113
125
  when :custom
114
126
  proxy.custom_response
115
127
  else
128
+ options[:message] ||= proxy.message
116
129
  call_failure_app(env, options)
117
130
  end
118
131
  end
@@ -1,9 +1,10 @@
1
1
  # encoding: utf-8
2
+ # frozen_string_literal: true
2
3
  module Warden
3
4
  module Mixins
4
5
  module Common
5
6
 
6
- # Convinience method to access the session
7
+ # Convenience method to access the session
7
8
  # :api: public
8
9
  def session
9
10
  env['rack.session']
data/lib/warden/proxy.rb CHANGED
@@ -1,4 +1,5 @@
1
1
  # encoding: utf-8
2
+ # frozen_string_literal: true
2
3
 
3
4
  module Warden
4
5
  class UserNotSet < RuntimeError; end
@@ -28,6 +29,11 @@ module Warden
28
29
  @env, @users, @winning_strategies, @locked = env, {}, {}, false
29
30
  @manager, @config = manager, manager.config.dup
30
31
  @strategies = Hash.new { |h,k| h[k] = {} }
32
+ end
33
+
34
+ # Run the on_request callbacks
35
+ # :api: private
36
+ def on_request
31
37
  manager._run_callbacks(:on_request, self)
32
38
  end
33
39
 
@@ -69,7 +75,7 @@ module Warden
69
75
  #
70
76
  # :api: public
71
77
  def clear_strategies_cache!(*args)
72
- scope, opts = _retrieve_scope_and_opts(args)
78
+ scope, _opts = _retrieve_scope_and_opts(args)
73
79
 
74
80
  @winning_strategies.delete(scope)
75
81
  @strategies[scope].each do |k, v|
@@ -87,7 +93,7 @@ module Warden
87
93
  @locked = true
88
94
  end
89
95
 
90
- # Run the authentiation strategies for the given strategies.
96
+ # Run the authentication strategies for the given strategies.
91
97
  # If there is already a user logged in for a given scope, the strategies are not run
92
98
  # This does not halt the flow of control and is a passive attempt to authenticate only
93
99
  # When scope is not specified, the default_scope is assumed.
@@ -101,7 +107,7 @@ module Warden
101
107
  #
102
108
  # :api: public
103
109
  def authenticate(*args)
104
- user, opts = _perform_authentication(*args)
110
+ user, _opts = _perform_authentication(*args)
105
111
  user
106
112
  end
107
113
 
@@ -171,7 +177,13 @@ module Warden
171
177
 
172
178
  if opts[:store] != false && opts[:event] != :fetch
173
179
  options = env[ENV_SESSION_OPTIONS]
174
- options[:renew] = true if options
180
+ if options
181
+ if options.frozen?
182
+ env[ENV_SESSION_OPTIONS] = options.merge(:renew => true).freeze
183
+ else
184
+ options[:renew] = true
185
+ end
186
+ end
175
187
  session_serializer.store(user, scope)
176
188
  end
177
189
 
@@ -181,7 +193,7 @@ module Warden
181
193
  @users[scope]
182
194
  end
183
195
 
184
- # Provides acccess to the user object in a given scope for a request.
196
+ # Provides access to the user object in a given scope for a request.
185
197
  # Will be nil if not logged in. Please notice that this method does not
186
198
  # perform strategies.
187
199
  #
@@ -280,7 +292,7 @@ module Warden
280
292
  winning_strategy && winning_strategy.message
281
293
  end
282
294
 
283
- # Provides a way to return a 401 without warden defering to the failure app
295
+ # Provides a way to return a 401 without warden deferring to the failure app
284
296
  # The result is a direct passthrough of your own response
285
297
  # :api: public
286
298
  def custom_failure!
@@ -290,7 +302,11 @@ module Warden
290
302
  # Check to see if the custom failure flag has been set
291
303
  # :api: public
292
304
  def custom_failure?
293
- !!@custom_failure
305
+ if instance_variable_defined?(:@custom_failure)
306
+ !!@custom_failure
307
+ else
308
+ false
309
+ end
294
310
  end
295
311
 
296
312
  # Check to see if this is an asset request
@@ -314,11 +330,11 @@ module Warden
314
330
  user = nil
315
331
 
316
332
  # Look for an existing user in the session for this scope.
317
- # If there was no user in the session. See if we can get one from the request.
333
+ # If there was no user in the session, see if we can get one from the request.
318
334
  return user, opts if user = user(opts.merge(:scope => scope))
319
335
  _run_strategies_for(scope, args)
320
336
 
321
- if winning_strategy && winning_strategy.user
337
+ if winning_strategy && winning_strategy.successful?
322
338
  opts[:store] = opts.fetch(:store, winning_strategy.store?)
323
339
  set_user(winning_strategy.user, opts.merge!(:event => :authentication))
324
340
  end
@@ -350,13 +366,13 @@ module Warden
350
366
  strategy = _fetch_strategy(name, scope)
351
367
  next unless strategy && !strategy.performed? && strategy.valid?
352
368
 
353
- self.winning_strategy = @winning_strategies[scope] = strategy
354
369
  strategy._run!
370
+ self.winning_strategy = @winning_strategies[scope] = strategy
355
371
  break if strategy.halted?
356
372
  end
357
373
  end
358
374
 
359
- # Fetchs strategies and keep them in a hash cache.
375
+ # Fetches strategies and keep them in a hash cache.
360
376
  def _fetch_strategy(name, scope)
361
377
  @strategies[scope][name] ||= if klass = Warden::Strategies[name]
362
378
  klass.new(@env, scope)
@@ -1,4 +1,5 @@
1
1
  # encoding: utf-8
2
+ # frozen_string_literal: true
2
3
  module Warden
3
4
  class SessionSerializer
4
5
  attr_reader :env
@@ -1,4 +1,5 @@
1
1
  # encoding: utf-8
2
+ # frozen_string_literal: true
2
3
  module Warden
3
4
  module Strategies
4
5
  # A strategy is a place where you can put logic related to authentication. Any strategy inherits
@@ -9,11 +10,11 @@ module Warden
9
10
  # You _may_ provide a @valid?@ method.
10
11
  # The valid method should return true or false depending on if the strategy is a valid one for the request.
11
12
  #
12
- # The parameters for Warden::Strategies.add method is:
13
+ # The parameters for Warden::Strategies.add method are:
13
14
  # <label: Symbol> The label is the name given to a strategy. Use the label to refer to the strategy when authenticating
14
- # <strategy: Class|nil> The optional stragtegy argument if set _must_ be a class that inherits from Warden::Strategies::Base and _must_
15
+ # <strategy: Class|nil> The optional strategy argument if set _must_ be a class that inherits from Warden::Strategies::Base and _must_
15
16
  # implement an @authenticate!@ method
16
- # <block> The block acts as a convinient way to declare your strategy. Inside is the class definition of a strategy.
17
+ # <block> The block acts as a convenient way to declare your strategy. Inside is the class definition of a strategy.
17
18
  #
18
19
  # Examples:
19
20
  #
@@ -108,8 +109,13 @@ module Warden
108
109
  # :api: public
109
110
  def pass; end
110
111
 
112
+ # Returns true only if the result is a success and a user was assigned.
113
+ def successful?
114
+ @result == :success && !user.nil?
115
+ end
116
+
111
117
  # Whenever you want to provide a user object as "authenticated" use the +success!+ method.
112
- # This will halt the strategy, and set the user in the approprieate scope.
118
+ # This will halt the strategy, and set the user in the appropriate scope.
113
119
  # It is the "login" method
114
120
  #
115
121
  # Parameters:
@@ -133,7 +139,7 @@ module Warden
133
139
  @result = :failure
134
140
  end
135
141
 
136
- # Casuses the strategy to fail, but not halt. The strategies will cascade after this failure and warden will check the next strategy. The last strategy to fail will have it's message displayed.
142
+ # Causes the strategy to fail, but not halt. The strategies will cascade after this failure and warden will check the next strategy. The last strategy to fail will have it's message displayed.
137
143
  # :api: public
138
144
  def fail(message = "Failed to Login")
139
145
  @message = message
@@ -144,15 +150,15 @@ module Warden
144
150
  #
145
151
  # Parameters:
146
152
  # url <String> - The string representing the URL to be redirected to
147
- # pararms <Hash> - Any parameters to encode into the URL
148
- # opts <Hash> - Any options to recirect with.
153
+ # params <Hash> - Any parameters to encode into the URL
154
+ # opts <Hash> - Any options to redirect with.
149
155
  # available options: permanent => (true || false)
150
156
  #
151
157
  # :api: public
152
158
  def redirect!(url, params = {}, opts = {})
153
159
  halt!
154
160
  @status = opts[:permanent] ? 301 : 302
155
- headers["Location"] = url
161
+ headers["Location"] = url.dup
156
162
  headers["Location"] << "?" << Rack::Utils.build_query(params) unless params.empty?
157
163
  headers["Content-Type"] = opts[:content_type] || 'text/plain'
158
164
 
@@ -1,4 +1,5 @@
1
1
  # encoding: utf-8
2
+ # frozen_string_literal: true
2
3
  module Warden
3
4
  module Strategies
4
5
  class << self
@@ -1,4 +1,5 @@
1
1
  # encoding: utf-8
2
+ # frozen_string_literal: true
2
3
 
3
4
  module Warden
4
5
  module Test
@@ -6,11 +7,11 @@ module Warden
6
7
  # These provide the ability to login and logout on any given request
7
8
  # Note: During the teardown phase of your specs you should include: Warden.test_reset!
8
9
  module Helpers
9
- def self.included(base)
10
+ def self.included(_base)
10
11
  ::Warden.test_mode!
11
12
  end
12
13
 
13
- # A helper method that will peform a login of a user in warden for the next request
14
+ # A helper method that will perform a login of a user in warden for the next request.
14
15
  # Provide it the same options as you would to Warden::Proxy#set_user
15
16
  # @see Warden::Proxy#set_user
16
17
  # @api public
@@ -0,0 +1,69 @@
1
+ # encoding: utf-8
2
+ # frozen_string_literal: true
3
+
4
+ require 'rack'
5
+
6
+ module Warden
7
+ module Test
8
+ # A mock of an application to get a Warden object to test on
9
+ # Note: During the teardown phase of your specs you should include: Warden.test_reset!
10
+ module Mock
11
+ def self.included(_base)
12
+ ::Warden.test_mode!
13
+ end
14
+
15
+ # A helper method that provides the warden object by mocking the env variable.
16
+ # @api public
17
+ def warden
18
+ @warden ||= begin
19
+ env['warden']
20
+ end
21
+ end
22
+
23
+ private
24
+
25
+ def env
26
+ @env ||= begin
27
+ request = Rack::MockRequest.env_for(
28
+ "/?#{Rack::Utils.build_query({})}",
29
+ { 'HTTP_VERSION' => '1.1', 'REQUEST_METHOD' => 'GET' }
30
+ )
31
+ app.call(request)
32
+
33
+ request
34
+ end
35
+ end
36
+
37
+ def app
38
+ @app ||= begin
39
+ opts = {
40
+ failure_app: lambda { |_e|
41
+ [401, { 'Content-Type' => 'text/plain' }, ['You Fail!']]
42
+ },
43
+ default_strategies: :password,
44
+ default_serializers: :session
45
+ }
46
+ Rack::Builder.new do
47
+ use Warden::Test::Mock::Session
48
+ use Warden::Manager, opts, &proc {}
49
+ run lambda { |_e|
50
+ [200, { 'Content-Type' => 'text/plain' }, ['You Win']]
51
+ }
52
+ end
53
+ end
54
+ end
55
+
56
+ class Session
57
+ attr_accessor :app
58
+ def initialize(app, _configs={})
59
+ @app = app
60
+ end
61
+
62
+ def call(e)
63
+ e['rack.session'] ||= {}
64
+ @app.call(e)
65
+ end
66
+ end # session
67
+ end
68
+ end
69
+ end
@@ -1,4 +1,5 @@
1
1
  # encoding: utf-8
2
+ # frozen_string_literal: true
2
3
 
3
4
  module Warden
4
5
 
@@ -32,7 +33,7 @@ module Warden
32
33
  _on_next_request.clear
33
34
  end
34
35
 
35
- # A containter for the on_next_request items.
36
+ # A container for the on_next_request items.
36
37
  # @api private
37
38
  def _on_next_request
38
39
  @_on_next_request ||= []