warden 1.2.5 → 1.2.8

checksums.yaml

@@ -1,7 +1,7 @@
 ---
-SHA1:
-  metadata.gz: e2a3954f2157d76ec551f9c498a4e27e09a4a698
-  data.tar.gz: ea81f2cd654fbf09ebf9e2ef44d6836cd47bd920
+SHA256:
+  metadata.gz: 98bbb4bde4e4b1168fd883823a9e63f81cb6be40c117d92fd461299f4de0f86a
+  data.tar.gz: 03ac0df2de9c151a6f5387700141248be127a82177d21da1f1fc2d00db10bc64
 SHA512:
-  metadata.gz: 74db07fcb955f8109cf57bd7e32868bb198f8c7c94a748ca450bfc7e281cacff1c869af942c1952a0ade3fb209bcd134dc7cf3a916d4d0a36417cc5e9a4790b2
-  data.tar.gz: 6d38527fbf7cbdf032ecf16ce5661584afe1d4fb9dbf4cb4c0d60a32b385b53f7e781eb92d4c1624b16de5fe688183af6f9a258cae079a942ca67bc3e69ddd9b
+  metadata.gz: 5d8d0d43d9f1a28d12ca7044608e175b08444a46c81c42a6c1ad351d517e45919a653005522c576bd4fe4d8de1d3b2472c52c5b524b32606bb2e69d82a533a33
+  data.tar.gz: 044152b6566f94d9bcdcd4fda5297decb19ed5146adaaee3bdd07b154d9b1e3b9d840c8da21b110add36f8f856f1879cf2547e12298f710b75c734269c86daff

data/.gitignore

@@ -0,0 +1,5 @@
+.DS_Store
+pkg
+.*~
+
+*.gem

data/.rspec

@@ -0,0 +1,3 @@
+--require spec_helper
+--format documentation
+--color

data/.travis.yml

@@ -0,0 +1,7 @@
+language: ruby
+install:
+  - bundle install
+rvm:
+  - 2.2
+  - 2.3
+  - 2.4.2

data/{History.rdoc → CHANGELOG.md}

@@ -1,3 +1,15 @@
+== Version 1.2.8 / 2018-11-15
+* Bugfix: Flips two lines to allow scopes authenticating from another without stepping on each other's toes. (PR #144)
+* Update `rack` dependency to >= 2.0.6 due to security vulnerability
+* Internal: Add Rubocop Lint checking
+* Internal: Update RSpec to use `.rspec` file
+
+== Version 1.2.7 / 2016-10-12
+* Added 'frozen_string_literal' comment, bump ruby to 2.3
+
+== Version 1.2.6 / 2016-01-31
+* Separate test helpers to encapsulate Warden object mocking inside it's own class
+
 == Version 1.2.5 / 2016-01-28
 * Expands on the test helpers available to make it easier for testing gems
 
@@ -131,7 +143,7 @@
 
 === Version 0.5.1 / 2009-10-25
 * enhancements
-  * Adds yeilding to authenticated? and unauthenticated? methods (hassox)
+  * Adds yielding to authenticated? and unauthenticated? methods (hassox)
   * Adds an option to silence missing strategies (josevalim)
   * Add an option to authenticate(!) to prevent storage of a user into the session (hassox)
   * allow custom :action to be thrown (josevalim)
@@ -149,5 +161,3 @@
 
 * enhancements
   * add a hook for plugins to specify how they can clear the whole section
-
-

data/Gemfile

@@ -1,9 +1,10 @@
+# frozen_string_literal: true
 source 'https://rubygems.org'
 
 gemspec
 
 gem 'rake'
-gem 'rack', '1.3'
+gem 'rack', '>= 2.0.6'
 
 group :test do
   gem 'rspec', '~>3'

data/Gemfile.lock

@@ -0,0 +1,40 @@
+PATH
+  remote: .
+  specs:
+    warden (1.2.8)
+      rack (>= 2.0.6)
+
+GEM
+  remote: https://rubygems.org/
+  specs:
+    diff-lcs (1.3)
+    rack (2.0.6)
+    rack-test (0.7.0)
+      rack (>= 1.0, < 3)
+    rake (12.1.0)
+    rspec (3.6.0)
+      rspec-core (~> 3.6.0)
+      rspec-expectations (~> 3.6.0)
+      rspec-mocks (~> 3.6.0)
+    rspec-core (3.6.0)
+      rspec-support (~> 3.6.0)
+    rspec-expectations (3.6.0)
+      diff-lcs (>= 1.2.0, < 2.0)
+      rspec-support (~> 3.6.0)
+    rspec-mocks (3.6.0)
+      diff-lcs (>= 1.2.0, < 2.0)
+      rspec-support (~> 3.6.0)
+    rspec-support (3.6.0)
+
+PLATFORMS
+  ruby
+
+DEPENDENCIES
+  rack (>= 2.0.6)
+  rack-test
+  rake
+  rspec (~> 3)
+  warden!
+
+BUNDLED WITH
+   1.17.1

data/LICENSE

@@ -1,4 +1,4 @@
-Copyright (c) 2009 Daniel Neighman
+Copyright (c) 2009-2017 Daniel Neighman
 
 Permission is hereby granted, free of charge, to any person obtaining
 a copy of this software and associated documentation files (the

data/README.md

@@ -0,0 +1,18 @@
+# Warden
+
+## Getting Started
+
+Please see the [Warden Wiki](https://wiki.github.com/hassox/warden) for overview documentation.
+
+## Maintainers
+
+* Daniel Neighman (hassox)
+* José Valim (josevalim)
+* Justin Smestad (jsmestad)
+* Whitney Smestad (whithub)
+
+[A list of all contributors is available on Github.](https://github.com/hassox/warden/contributors)
+
+## LICENSE
+
+See `LICENSE` file.

data/Rakefile

@@ -1,12 +1,8 @@
 # -*- encoding: utf-8 -*-
-require 'rubygems'
-require 'rake'
-$:.unshift  File.join(File.dirname(__FILE__), "lib")
+# frozen_string_literal: true
+require "bundler/gem_tasks"
+require "rspec/core/rake_task"
 
-require 'rspec/core'
-require 'rspec/core/rake_task'
+RSpec::Core::RakeTask.new(:spec)
 
 task :default => :spec
-
-desc "Run all specs in spec directory"
-RSpec::Core::RakeTask.new(:spec)

data/lib/warden/config.rb

@@ -1,4 +1,5 @@
 # encoding: utf-8
+# frozen_string_literal: true
 
 module Warden
   # This class is yielded inside Warden::Manager. If you have a plugin and want to

data/lib/warden/errors.rb

@@ -1,4 +1,5 @@
 # encoding: utf-8
+# frozen_string_literal: true
 module Warden
   class Proxy
     # Lifted from DataMapper's dm-validations plugin :)
@@ -38,7 +39,7 @@ module Warden
       end
 
       def each
-        errors.map.each do |k,v|
+        errors.map.each do |_k,v|
           next if blank?(v)
           yield(v)
         end

data/lib/warden/hooks.rb

@@ -1,4 +1,5 @@
 # encoding: utf-8
+# frozen_string_literal: true
 module Warden
   module Hooks
 

data/lib/warden/manager.rb

@@ -1,4 +1,5 @@
 # encoding: utf-8
+# frozen_string_literal: true
 require 'warden/hooks'
 require 'warden/config'
 
@@ -21,7 +22,6 @@ module Warden
       @app, @config = app, Warden::Config.new(options)
       @config.default_strategies(*default_strategies) if default_strategies
       yield @config if block_given?
-      self
     end
 
     # Invoke the application guarding for throw :warden.
@@ -32,6 +32,7 @@ module Warden
 
       env['warden'] = Proxy.new(env, self)
       result = catch(:warden) do
+        env['warden'].on_request
         @app.call(env)
       end
 

data/lib/warden/mixins/common.rb

@@ -1,4 +1,5 @@
 # encoding: utf-8
+# frozen_string_literal: true
 module Warden
   module Mixins
     module Common

data/lib/warden/proxy.rb

@@ -1,4 +1,5 @@
 # encoding: utf-8
+# frozen_string_literal: true
 
 module Warden
   class UserNotSet < RuntimeError; end
@@ -28,6 +29,11 @@ module Warden
       @env, @users, @winning_strategies, @locked = env, {}, {}, false
       @manager, @config = manager, manager.config.dup
       @strategies = Hash.new { |h,k| h[k] = {} }
+    end
+
+    # Run the on_request callbacks
+    # :api: private
+    def on_request
       manager._run_callbacks(:on_request, self)
     end
 
@@ -171,7 +177,13 @@ module Warden
 
       if opts[:store] != false && opts[:event] != :fetch
         options = env[ENV_SESSION_OPTIONS]
-        options[:renew] = true if options
+        if options
+          if options.frozen?
+            env[ENV_SESSION_OPTIONS] = options.merge(:renew => true).freeze
+          else
+            options[:renew] = true
+          end
+        end
         session_serializer.store(user, scope)
       end
 
@@ -318,7 +330,7 @@ module Warden
       user = nil
 
       # Look for an existing user in the session for this scope.
-      # If there was no user in the session. See if we can get one from the request.
+      # If there was no user in the session, see if we can get one from the request.
       return user, opts if user = user(opts.merge(:scope => scope))
       _run_strategies_for(scope, args)
 
@@ -354,8 +366,8 @@ module Warden
         strategy = _fetch_strategy(name, scope)
         next unless strategy && !strategy.performed? && strategy.valid?
 
-        self.winning_strategy = @winning_strategies[scope] = strategy
         strategy._run!
+        self.winning_strategy = @winning_strategies[scope] = strategy
         break if strategy.halted?
       end
     end

data/lib/warden/session_serializer.rb

@@ -1,4 +1,5 @@
 # encoding: utf-8
+# frozen_string_literal: true
 module Warden
   class SessionSerializer
     attr_reader :env

data/lib/warden/strategies/base.rb

@@ -1,4 +1,5 @@
 # encoding: utf-8
+# frozen_string_literal: true
 module Warden
   module Strategies
     # A strategy is a place where you can put logic related to authentication. Any strategy inherits
@@ -157,7 +158,7 @@ module Warden
       def redirect!(url, params = {}, opts = {})
         halt!
         @status = opts[:permanent] ? 301 : 302
-        headers["Location"] = url
+        headers["Location"] = url.dup
         headers["Location"] << "?" << Rack::Utils.build_query(params) unless params.empty?
         headers["Content-Type"] = opts[:content_type] || 'text/plain'
 

data/lib/warden/strategies.rb

@@ -1,4 +1,5 @@
 # encoding: utf-8
+# frozen_string_literal: true
 module Warden
   module Strategies
     class << self

data/lib/warden/test/helpers.rb

@@ -1,6 +1,5 @@
 # encoding: utf-8
-
-require 'rack'
+# frozen_string_literal: true
 
 module Warden
   module Test
@@ -8,7 +7,7 @@ module Warden
     # These provide the ability to login and logout on any given request
     # Note: During the teardown phase of your specs you should include: Warden.test_reset!
     module Helpers
-      def self.included(base)
+      def self.included(_base)
         ::Warden.test_mode!
       end
 
@@ -33,59 +32,6 @@ module Warden
           proxy.logout(*scopes)
         end
       end
-
-      # A helper method that provides the warden object by mocking the env variable.
-      # @api public
-      def warden
-        @warden ||= begin
-          env['warden']
-        end
-      end
-
-      private
-
-      def env
-        @env ||= begin
-          request = Rack::MockRequest.env_for(
-            "/?#{Rack::Utils.build_query({})}",
-            { 'HTTP_VERSION' => '1.1', 'REQUEST_METHOD' => 'GET' }
-          )
-          app.call(request)
-
-          request
-        end
-      end
-
-      def app
-        @app ||= begin
-          opts = {
-            failure_app: lambda {
-              [401, { 'Content-Type' => 'text/plain' }, ['You Fail!']]
-            },
-            default_strategies: :password,
-            default_serializers: :session
-          }
-          Rack::Builder.new do
-            use Warden::Test::Helpers::Session
-            use Warden::Manager, opts, &proc {}
-            run lambda { |e|
-              [200, { 'Content-Type' => 'text/plain' }, ['You Win']]
-            }
-          end
-        end
-      end
-
-      class Session
-        attr_accessor :app
-        def initialize(app,configs = {})
-          @app = app
-        end
-
-        def call(e)
-          e['rack.session'] ||= {}
-          @app.call(e)
-        end
-      end # session
     end
   end
 end

data/lib/warden/test/mock.rb

@@ -0,0 +1,69 @@
+# encoding: utf-8
+# frozen_string_literal: true
+
+require 'rack'
+
+module Warden
+  module Test
+    # A mock of an application to get a Warden object to test on
+    # Note: During the teardown phase of your specs you should include: Warden.test_reset!
+    module Mock
+      def self.included(_base)
+        ::Warden.test_mode!
+      end
+
+      # A helper method that provides the warden object by mocking the env variable.
+      # @api public
+      def warden
+        @warden ||= begin
+          env['warden']
+        end
+      end
+
+      private
+
+      def env
+        @env ||= begin
+          request = Rack::MockRequest.env_for(
+            "/?#{Rack::Utils.build_query({})}",
+            { 'HTTP_VERSION' => '1.1', 'REQUEST_METHOD' => 'GET' }
+          )
+          app.call(request)
+
+          request
+        end
+      end
+
+      def app
+        @app ||= begin
+          opts = {
+            failure_app: lambda { |_e|
+              [401, { 'Content-Type' => 'text/plain' }, ['You Fail!']]
+            },
+            default_strategies: :password,
+            default_serializers: :session
+          }
+          Rack::Builder.new do
+            use Warden::Test::Mock::Session
+            use Warden::Manager, opts, &proc {}
+            run lambda { |_e|
+              [200, { 'Content-Type' => 'text/plain' }, ['You Win']]
+            }
+          end
+        end
+      end
+
+      class Session
+        attr_accessor :app
+        def initialize(app, _configs={})
+          @app = app
+        end
+
+        def call(e)
+          e['rack.session'] ||= {}
+          @app.call(e)
+        end
+      end # session
+    end
+  end
+end

data/lib/warden/test/warden_helpers.rb

@@ -1,4 +1,5 @@
 # encoding: utf-8
+# frozen_string_literal: true
 
 module Warden
 

data/lib/warden/version.rb

@@ -1,4 +1,5 @@
 # encoding: utf-8
+# frozen_string_literal: true
 module Warden
-  VERSION = "1.2.5".freeze
+  VERSION = "1.2.8"
 end

data/lib/warden.rb

@@ -1,4 +1,5 @@
 # encoding: utf-8
+# frozen_string_literal: true
 require 'forwardable'
 
 require 'warden/mixins/common'
@@ -15,6 +16,7 @@ module Warden
   module Test
     autoload :WardenHelpers,  'warden/test/warden_helpers'
     autoload :Helpers,        'warden/test/helpers'
+    autoload :Mock,        'warden/test/mock'
   end
 
   # Provides helper methods to warden for testing.

data/warden.gemspec

@@ -1,24 +1,27 @@
 # -*- encoding: utf-8 -*-
+# frozen_string_literal: true
 
-require './lib/warden/version'
+lib = File.expand_path("../lib", __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require 'warden/version'
 
-Gem::Specification.new do |s|
-  s.name = %q{warden}
-  s.version = Warden::VERSION.dup
-  s.authors = ["Daniel Neighman"]
-  s.email = %q{has.sox@gmail.com}
-  s.license = "MIT"
-  s.extra_rdoc_files = [
+Gem::Specification.new do |spec|
+  spec.name = "warden"
+  spec.version = Warden::VERSION.dup
+  spec.authors = ["Daniel Neighman", "Justin Smestad", "Whitney Smestad", "José Valim"]
+  spec.email = %q{hasox.sox@gmail.com justin.smestad@gmail.com whitcolorado@gmail.com}
+  spec.homepage = "https://github.com/hassox/warden"
+  spec.summary = "An authentication library compatible with all Rack-based frameworks"
+  spec.license = "MIT"
+  spec.extra_rdoc_files = [
     "LICENSE",
-     "README.textile"
+    "README.md"
   ]
-  s.files = Dir["**/*"] - Dir["*.gem"] - ["Gemfile.lock"]
-  s.homepage = %q{http://github.com/hassox/warden}
-  s.rdoc_options = ["--charset=UTF-8"]
-  s.require_paths = ["lib"]
-  s.rubyforge_project = %q{warden}
-  s.rubygems_version = %q{1.3.7}
-  s.summary = %q{Rack middleware that provides authentication for rack applications}
-  s.add_dependency "rack", ">= 1.0"
+  spec.files = `git ls-files -z`.split("\x0").reject do |f|
+    f.match(%r{^(test|spec|features)/})
+  end
+  spec.rdoc_options = ["--charset=UTF-8"]
+  spec.require_paths = ["lib"]
+  spec.rubyforge_project = %q{warden}
+  spec.add_dependency "rack", ">= 2.0.6"
 end
-

metadata

@@ -1,14 +1,17 @@
 --- !ruby/object:Gem::Specification
 name: warden
 version: !ruby/object:Gem::Version
-  version: 1.2.5
+  version: 1.2.8
 platform: ruby
 authors:
 - Daniel Neighman
+- Justin Smestad
+- Whitney Smestad
+- José Valim
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2016-01-28 00:00:00.000000000 Z
+date: 2018-11-15 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rack
@@ -16,26 +19,30 @@ dependencies:
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '1.0'
+        version: 2.0.6
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '1.0'
+        version: 2.0.6
 description: 
-email: has.sox@gmail.com
+email: hasox.sox@gmail.com justin.smestad@gmail.com whitcolorado@gmail.com
 executables: []
 extensions: []
 extra_rdoc_files:
 - LICENSE
-- README.textile
+- README.md
 files:
+- ".gitignore"
+- ".rspec"
+- ".travis.yml"
+- CHANGELOG.md
 - Gemfile
-- History.rdoc
+- Gemfile.lock
 - LICENSE
-- README.textile
+- README.md
 - Rakefile
 - lib/warden.rb
 - lib/warden/config.rb
@@ -48,31 +55,11 @@ files:
 - lib/warden/strategies.rb
 - lib/warden/strategies/base.rb
 - lib/warden/test/helpers.rb
+- lib/warden/test/mock.rb
 - lib/warden/test/warden_helpers.rb
 - lib/warden/version.rb
-- spec/helpers/request_helper.rb
-- spec/helpers/strategies/fail_with_user.rb
-- spec/helpers/strategies/failz.rb
-- spec/helpers/strategies/invalid.rb
-- spec/helpers/strategies/pass.rb
-- spec/helpers/strategies/pass_with_message.rb
-- spec/helpers/strategies/password.rb
-- spec/helpers/strategies/single.rb
-- spec/spec_helper.rb
-- spec/warden/authenticated_data_store_spec.rb
-- spec/warden/config_spec.rb
-- spec/warden/errors_spec.rb
-- spec/warden/hooks_spec.rb
-- spec/warden/manager_spec.rb
-- spec/warden/proxy_spec.rb
-- spec/warden/scoped_session_serializer.rb
-- spec/warden/session_serializer_spec.rb
-- spec/warden/strategies/base_spec.rb
-- spec/warden/strategies_spec.rb
-- spec/warden/test/helpers_spec.rb
-- spec/warden/test/test_mode_spec.rb
 - warden.gemspec
-homepage: http://github.com/hassox/warden
+homepage: https://github.com/hassox/warden
 licenses:
 - MIT
 metadata: {}
@@ -93,9 +80,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project: warden
-rubygems_version: 2.4.5.1
+rubygems_version: 2.7.6
 signing_key: 
 specification_version: 4
-summary: Rack middleware that provides authentication for rack applications
+summary: An authentication library compatible with all Rack-based frameworks
 test_files: []
-has_rdoc: 

data/README.textile

@@ -1,9 +0,0 @@
-Please see the "Warden Wiki":http://wiki.github.com/hassox/warden for overview documentation.
-
-h2. Maintainers
-
-* Daniel Neighman (hassox)
-* José Valim (josevalim)
-* Justin Smestad (jsmestad)
-
-"A list of all contributors is available on Github.":https://github.com/hassox/warden/contributors