warden 0.4.0 → 0.5.0

data/History.rdoc

@@ -0,0 +1,15 @@
+=== Version 0.4.0 / 2009-10-12
+
+* enhancements
+  * add Content-Type header to redirects (staugaard)
+  * Make scope available to strategies (josevalim)
+
+* bug fixes
+  * Do not consume opts twice, otherwise just the first will parse the scope. (josevalim)
+
+=== Version 0.3.2 / 2009-09-15
+
+* enhancements
+  * add a hook for plugins to specify how they can clear the whole section
+
+

data/VERSION

@@ -1 +1 @@
-0.4.0
+0.5.0

data/lib/warden/authentication/hooks.rb

@@ -1,19 +1,19 @@
 # encoding: utf-8
 module Warden
   class Manager
-    
+
     class << self
       # A callback hook set to run every time after a user is set.
       # This will happen the first time the user is either authenticated, accessed or manually set
       # during a request.  You can supply as many hooks as you like, and they will be run in order of decleration
-      # 
-      # Parameters: 
+      #
+      # Parameters:
       # <block> A block where you can set arbitrary logic to run every time a user is set
       #   Block Parameters: |user, auth, opts|
       #     user - The user object that is being set
-      #     auth - The raw authentication proxy object.  
+      #     auth - The raw authentication proxy object.
       #     opts - any options passed into the set_user call includeing :scope
-      # 
+      #
       # Example:
       #   Warden::Manager.after_set_user do |user,auth,opts|
       #     scope = opts[:scope]
@@ -29,23 +29,23 @@ module Warden
         raise BlockNotGiven unless block_given?
         _after_set_user << block
       end
-      
+
       # Provides access to the array of after_set_user blocks to run
       # :api: private
       def _after_set_user # :nodoc:
         @_after_set_user ||= []
       end
-      
-      # A callback hook set to run after the first authentiation of a session.  
+
+      # A callback hook set to run after the first authentiation of a session.
       # This will only happenwhen the session is first authenticated
-      # 
+      #
       # Parameters:
       # <block> A block to contain logic for the callback
       #   Block Parameters: |user, auth, opts|
       #     user - The user object that is being set
-      #     auth - The raw authentication proxy object.  
+      #     auth - The raw authentication proxy object.
       #     opts - any options passed into the authenticate call includeing :scope
-      # 
+      #
       # Example:
       #
       #   Warden::Manager.after_authentication do |user, auth, opts|
@@ -57,18 +57,18 @@ module Warden
         raise BlockNotGiven unless block_given?
         _after_authentication << block
       end
-      
+
       # Provides access to the array of after_authentication blocks
       # :api: private
       def _after_authentication
         @_after_authentication ||= []
       end
-      
-      # A callback that runs just prior to the failur application being called.  
+
+      # A callback that runs just prior to the failur application being called.
       # This callback occurs after PATH_INFO has been modified for the failure (default /unauthenticated)
       # In this callback you can mutate the environment as required by the failure application
       # If a Rails controller were used for the failure_app for example, you would need to set request[:params][:action] = :unauthenticated
-      # 
+      #
       # Parameters:
       # <block> A block to contain logic for the callback
       #   Block Parameters: |user, auth, opts|
@@ -81,46 +81,44 @@ module Warden
       #     params[:action] = :unauthenticated
       #     params[:warden_failure] = opts
       #   end
-      # 
+      #
       # :api: public
       def before_failure(&block)
         _before_failure << block
       end
-      
+
       # Provides access to the callback array for before_failure
       # :api: private
       def _before_failure
         @_before_failure ||= []
       end
-      
-      # A callback that runs just after to the failur application being called.  
-      # This callback is primarily included for Rails 2.3 since Rails 2.3 controllers are not pure Rack Applications
-      # Return whatever you want to be returned for the actual rack response array
-      # 
+
+      # A callback that runs just prior to the logout of each scope.
+      #
       # Parameters:
       # <block> A block to contain logic for the callback
-      #   Block Parameters: |user, auth, opts|
-      #     result - The result of the rack application
-      #     opts - any options passed into the authenticate call includeing :scope
+      #   Block Parameters: |user, auth, scope|
+      #     user - The authenticated user for the current scope
+      #     auth - The warden proxy object
+      #     scope - current logout scope
       #
       # Example:
-      #   # Rails 2.3 after_failure
-      #   Warden::Manager.after_failure do |result|
-      #    result.to_a
+      #   Warden::Manager.before_logout do |user, auth, scope|
+      #     user.forget_me!
       #   end
-      # 
+      #
       # :api: public
-      def after_failure(&block)
-        _after_failure << block
+      def before_logout(&block)
+        _before_logout << block
       end
-      
-      # Provides access to the callback array for after_failure
+
+      # Provides access to the callback array for before_logout
       # :api: private
-      def _after_failure
-        @_after_failure ||= []
+      def _before_logout
+        @_before_logout ||= []
       end
-      
+
     end
-    
+
   end # Manager
-end # Warden
+end # Warden

data/lib/warden/proxy.rb

@@ -36,9 +36,17 @@ module Warden
     #   env['warden'].authenticated?(:admin)
     # :api: public
     def authenticated?(scope = :default)
-      !raw_session["warden.user.#{scope}.key"].nil?
+      result = !raw_session["warden.user.#{scope}.key"].nil?
+      yield if block_given? && result
+      result
     end # authenticated?
 
+    def unauthenticated?(scope = :default)
+      result = !authenticated?(scope)
+      yield if block_given? && result
+      result
+    end
+
     # Run the authentiation strategies for the given strategies.
     # If there is already a user logged in for a given scope, the strategies are not run
     # This does not halt the flow of control and is a passive attempt to authenticate only
@@ -134,6 +142,12 @@ module Warden
     #
     # :api: public
     def logout(*scopes)
+      # Run before_logout hooks for each scoped user
+      @users.each do |scope, user|
+        next unless scopes.empty? || scopes.include?(scope)
+        Warden::Manager._before_logout.each { |hook| hook.call(user, self, scope) }
+      end
+
       if scopes.empty?
         reset_session!
         @users.clear

data/spec/spec_helper.rb

@@ -4,13 +4,16 @@ require 'rack'
 $:.unshift File.join(File.dirname(__FILE__), '..', 'lib')
 require 'warden'
 
-Dir[File.join(File.dirname(__FILE__), "warden", "strategies", "**/*.rb")].each do |f|
-  require f
-end
 Dir[File.join(File.dirname(__FILE__), "helpers", "**/*.rb")].each do |f|
   require f
 end
 
 Spec::Runner.configure do |config|
   config.include(Warden::Spec::Helpers)
+
+  def load_strategies
+    Dir[File.join(File.dirname(__FILE__), "warden", "strategies", "**/*.rb")].each do |f|
+      load f
+    end
+  end
 end

data/spec/warden/hooks_spec.rb

@@ -1,30 +1,34 @@
 require File.dirname(__FILE__) + '/../spec_helper'
 
 describe "standard authentication hooks" do
-  
+
+  before(:all) do
+    load_strategies
+  end
+
   describe "after_set_user" do
     before(:each) do
       RAM = Warden::Manager unless defined?(RAM)
       RAM._after_set_user.clear
     end
-    
+
     after(:each) do
       RAM._after_set_user.clear
     end
-    
+
     it "should allow me to add an after_set_user hook" do
       RAM.after_set_user do |user, auth, opts|
         "boo"
       end
       RAM._after_set_user.should have(1).item
     end
-    
+
     it "should allow me to add multiple after_set_user hooks" do
       RAM.after_set_user{|user, auth, opts| "foo"}
       RAM.after_set_user{|u,a| "bar"}
       RAM._after_set_user.should have(2).items
     end
-    
+
     it "should run each after_set_user hook after the user is set" do
       RAM.after_set_user{|u,a,o| a.env['warden.spec.hook.foo'] = "run foo"}
       RAM.after_set_user{|u,a,o| a.env['warden.spec.hook.bar'] = "run bar"}
@@ -35,28 +39,28 @@ describe "standard authentication hooks" do
       env['warden.spec.hook.bar'].should == "run bar"
     end
   end
-  
-  describe "after_authenticate" do
+
+  describe "after_authentication" do
     before(:each) do
       RAM = Warden::Manager unless defined?(RAM)
       RAM._after_authentication.clear
     end
-    
+
     after(:each) do
       RAM._after_authentication.clear
     end
-    
-    it "should allow me to add an after_authetnication hook" do
+
+    it "should allow me to add an after_authentication hook" do
       RAM.after_authentication{|user, auth, opts| "foo"}
       RAM._after_authentication.should have(1).item
     end
-    
-    it "should allow me to add multiple after_authetnication hooks" do
+
+    it "should allow me to add multiple after_authentication hooks" do
       RAM.after_authentication{|u,a,o| "bar"}
       RAM.after_authentication{|u,a,o| "baz"}
       RAM._after_authentication.should have(2).items
     end
-    
+
     it "should run each after_authentication hook after authentication is run" do
       RAM.after_authentication{|u,a,o| a.env['warden.spec.hook.baz'] = "run baz"}
       RAM.after_authentication{|u,a,o| a.env['warden.spec.hook.paz'] = "run paz"}
@@ -67,28 +71,28 @@ describe "standard authentication hooks" do
       env['warden.spec.hook.paz'].should == 'run paz'
     end
   end
-  
+
   describe "before_failure" do
     before(:each) do
       RAM = Warden::Manager unless defined?(RAM)
       RAM._before_failure.clear
     end
-    
+
     after(:each) do
       RAM._before_failure.clear
     end
-    
+
     it "should allow me to add a before_failure hook" do
       RAM.before_failure{|env, opts| "foo"}
       RAM._before_failure.should have(1).item
     end
-    
+
     it "should allow me to add multiple before_failure hooks" do
       RAM.before_failure{|env, opts| "foo"}
       RAM.before_failure{|env, opts| "bar"}
       RAM._before_failure.should have(2).items
     end
-    
+
     it "should run each before_failure hooks before failing" do
       RAM.before_failure{|e,o| e['warden.spec.before_failure.foo'] = "foo"}
       RAM.before_failure{|e,o| e['warden.spec.before_failure.bar'] = "bar"}
@@ -99,5 +103,55 @@ describe "standard authentication hooks" do
       env['warden.spec.before_failure.bar'].should  == "bar"
     end
   end
-  
-end
+
+  describe "before_logout" do
+    before(:each) do
+      RAM = Warden::Manager unless defined?(RAM)
+      RAM._before_logout.clear
+    end
+
+    after(:each) do
+      RAM._before_logout.clear
+    end
+
+    it "should allow me to add an before_logout hook" do
+      RAM.before_logout{|user, auth, scopes| "foo"}
+      RAM._before_logout.should have(1).item
+    end
+
+    it "should allow me to add multiple after_authetnication hooks" do
+      RAM.before_logout{|u,a,s| "bar"}
+      RAM.before_logout{|u,a,s| "baz"}
+      RAM._before_logout.should have(2).items
+    end
+
+    it "should run each before_logout hook before logout is run" do
+      RAM.before_logout{|u,a,s| a.env['warden.spec.hook.lorem'] = "run lorem"}
+      RAM.before_logout{|u,a,s| a.env['warden.spec.hook.ipsum'] = "run ipsum"}
+      app = lambda{|e| e['warden'].authenticate(:pass); valid_response}
+      env = env_with_params
+      setup_rack(app).call(env)
+      env['warden'].logout
+      env['warden.spec.hook.lorem'].should == 'run lorem'
+      env['warden.spec.hook.ipsum'].should == 'run ipsum'
+    end
+
+    it "should run before_logout hook on different scopes" do
+      RAM.before_logout{|u,a,s| a.env["warden.spec.hook.scope1"] = "run scope1" if s == :scope1}
+      RAM.before_logout{|u,a,s| a.env["warden.spec.hook.scope2"] = "run scope2" if s == :scope2}
+      app = lambda do |e|
+        e['warden'].authenticate(:pass, :scope => :scope1)
+        e['warden'].authenticate(:pass, :scope => :scope2)
+        valid_response
+      end
+      env = env_with_params
+      setup_rack(app).call(env)
+      env['warden'].logout(:scope1)
+      env['warden.spec.hook.scope1'].should == 'run scope1'
+      env['warden.spec.hook.scope2'].should == nil
+      env['warden'].logout(:scope2)
+      env['warden.spec.hook.scope2'].should == 'run scope2'
+    end
+  end
+
+end

data/spec/warden/manager_spec.rb

@@ -2,12 +2,16 @@ require File.dirname(__FILE__) + '/../spec_helper'
 
 describe Warden::Manager do
 
+  before(:all) do
+    load_strategies
+  end
+
   it "should insert a Base object into the rack env" do
     env = env_with_params
     setup_rack(success_app).call(env)
     env["warden"].should be_an_instance_of(Warden::Proxy)
   end
-  
+
   describe "user storage" do
     it "should take a user and store it in the provided session" do
       session = {}
@@ -19,8 +23,8 @@ describe Warden::Manager do
   describe "thrown auth" do
     before(:each) do
       @basic_app = lambda{|env| [200,{'Content-Type' => 'text/plain'},'OK']}
-      @authd_app = lambda do |e| 
-        if e['warden'].authenticated? 
+      @authd_app = lambda do |e|
+        if e['warden'].authenticated?
           [200,{'Content-Type' => 'text/plain'},"OK"]
         else
           [401,{'Content-Type' => 'text/plain'},"Fail From The App"]
@@ -29,7 +33,7 @@ describe Warden::Manager do
       @env = Rack::MockRequest.
         env_for('/', 'HTTP_VERSION' => '1.1', 'REQUEST_METHOD' => 'GET')
     end # before(:each)
-    
+
     describe "Failure" do
       it "should respond with a 401 response if the strategy fails authentication" do
          env = env_with_params("/", :foo => "bar")
@@ -40,7 +44,7 @@ describe Warden::Manager do
          result = setup_rack(app, :failure_app => @fail_app).call(env)
          result.first.should == 401
       end
-    
+
       it "should use the failure message given to the failure method" do
         env = env_with_params("/", {})
         app = lambda do |env|
@@ -50,9 +54,9 @@ describe Warden::Manager do
         result = setup_rack(app, :failure_app => @fail_app).call(env)
         result.last.should == ["You Fail!"]
       end
-      
+
       it "should render the failure app when there's a failure" do
-        app = lambda do |e| 
+        app = lambda do |e|
           throw(:warden, :action => :unauthenticated) unless e['warden'].authenticated?(:failz)
         end
         fail_app = lambda do |e|
@@ -62,21 +66,21 @@ describe Warden::Manager do
         result.last.should == ["Failure App"]
       end
     end # failure
-    
+
   end
-  
+
   describe "integrated strategies" do
     before(:each) do
       RAS = Warden::Strategies unless defined?(RAS)
       Warden::Strategies.clear!
       @app = setup_rack do |env|
         env['warden'].authenticate!(:foobar)
-        [200, {"Content-Type" => "text/plain"}, ["Foo Is A Winna"]]        
+        [200, {"Content-Type" => "text/plain"}, ["Foo Is A Winna"]]
       end
     end
 
     describe "redirecting" do
-  
+
       it "should redirect with a message" do
         RAS.add(:foobar) do
           def authenticate!
@@ -88,7 +92,7 @@ describe Warden::Manager do
         result[1]["Location"].should == "/foo/bar?foo=bar"
         result[2].should == ["custom redirection message"]
       end
-      
+
       it "should redirect with a default message" do
         RAS.add(:foobar) do
           def authenticate!
@@ -100,7 +104,7 @@ describe Warden::Manager do
         result[1]['Location'].should == "/foo/bar?foo=bar"
         result[2].should == ["You are being redirected to /foo/bar?foo=bar"]
       end
-      
+
       it "should redirect with a permanent redirect" do
         RAS.add(:foobar) do
           def authenticate!
@@ -110,7 +114,7 @@ describe Warden::Manager do
         result = @app.call(env_with_params)
         result[0].should == 301
       end
-      
+
       it "should redirect with a content type" do
         RAS.add(:foobar) do
           def authenticate!
@@ -122,7 +126,7 @@ describe Warden::Manager do
         result[1]["Location"].should == "/foo/bar?foo=bar"
         result[1]["Content-Type"].should == "text/xml"
       end
-      
+
       it "should redirect with a default content type" do
         RAS.add(:foobar) do
           def authenticate!
@@ -135,7 +139,7 @@ describe Warden::Manager do
         result[1]["Content-Type"].should == "text/plain"
       end
     end
-  
+
     describe "failing" do
       it "should fail according to the failure app" do
         RAS.add(:foobar) do
@@ -149,7 +153,7 @@ describe Warden::Manager do
         result[2].should == ["You Fail!"]
         env['PATH_INFO'].should == "/unauthenticated"
       end
-      
+
       it "should allow you to customize the response" do
         app = lambda do |e|
           e['warden'].custom_failure!
@@ -160,7 +164,7 @@ describe Warden::Manager do
         result[0].should == 401
         result[2].should == ["Fail From The App"]
       end
-      
+
       it "should render the failure application for a 401 if no custom_failure flag is set" do
         app = lambda do |e|
           [401,{'Content-Type' => 'text/plain'},["Fail From The App"]]
@@ -169,9 +173,9 @@ describe Warden::Manager do
         result[0].should == 401
         result[2].should == ["You Fail!"]
       end
-      
+
     end # failing
-    
+
     describe "custom rack response" do
       it "should return a custom rack response" do
         RAS.add(:foobar) do
@@ -185,7 +189,7 @@ describe Warden::Manager do
         result[2].should == ["Custom Stuff"]
       end
     end
-  
+
     describe "success" do
       it "should pass through to the application when there is success" do
         RAS.add(:foobar) do
@@ -198,7 +202,7 @@ describe Warden::Manager do
         result[0].should == 200
         result[2].should == ["Foo Is A Winna"]
       end
-    end    
+    end
   end # integrated strategies
 
 end

data/spec/warden/proxy_spec.rb

@@ -3,7 +3,7 @@ require File.dirname(__FILE__) + '/../spec_helper'
 describe Warden::Proxy do
 
   before(:all) do
-    Dir[File.join(File.dirname(__FILE__), "strategies/**/*.rb")].each{|f| load f}
+    load_strategies
   end
 
   before(:each) do
@@ -54,7 +54,9 @@ describe Warden::Proxy do
           env['warden'].authenticate
           env['warden'].should be_authenticated
           env['warden.spec.strategies'].should == [:password]
+          valid_response
         end
+        setup_rack(app).call(env)
       end
 
       it "should be false in my application" do
@@ -197,6 +199,7 @@ describe Warden::Proxy do
 
       before(:each) do
         @env['rack.session']['warden.user.default.key'] = "A Previous User"
+        @env['warden.spec.strategies'] = []
       end
 
       it "should take the user from the session when logged in" do
@@ -207,7 +210,14 @@ describe Warden::Proxy do
         setup_rack(app).call(@env)
       end
 
-      it "should not run strategies when the user exists in the session"
+      it "should not run strategies when the user exists in the session" do
+        app = lambda do |env|
+          env['warden'].authenticate!(:pass)
+          valid_response
+        end
+        setup_rack(app).call(@env)
+        @env['warden.spec.strategies'].should_not include(:pass)
+      end
     end
   end
 
@@ -335,8 +345,148 @@ describe Warden::Proxy do
       result.first.should == 401
     end
 
-  end
+    describe "authenticated?" do
+      describe "positive authentication" do
+        before do
+          @env['rack.session'] = {'warden.user.default.key' => 'defult_key'}
+          $captures = []
+        end
+
+        it "should return true when authenticated in the session" do
+          app = lambda do |e|
+            e['warden'].should be_authenticated
+          end
+          result = setup_rack(app).call(@env)
+        end
+
+        it "should yield to a block when the block is passed and authenticated" do
+          app = lambda do |e|
+            e['warden'].authenticated? do
+              $captures << :in_the_block
+            end
+          end
+          setup_rack(app).call(@env)
+          $captures.should == [:in_the_block]
+        end
+
+        it "should authenticate for a user in a different scope" do
+          @env['rack.session'] = {'warden.user.foo.key' => 'foo_key'}
+          app = lambda do |e|
+            e['warden'].authenticated?(:foo) do
+              $captures << :in_the_foo_block
+            end
+          end
+          setup_rack(app).call(@env)
+          $captures.should == [:in_the_foo_block]
+        end
+      end
+
+      describe "negative authentication" do
+        before do
+          @env['rack.session'] = {'warden.foo.default.key' => 'foo_key'}
+          $captures = []
+        end
+
+        it "should return false when authenticated in the session" do
+          app = lambda do |e|
+            e['warden'].should_not be_authenticated
+          end
+          result = setup_rack(app).call(@env)
+        end
+
+        it "should not yield to a block when the block is passed and authenticated" do
+          app = lambda do |e|
+            e['warden'].authenticated? do
+              $captures << :in_the_block
+            end
+          end
+          setup_rack(app).call(@env)
+          $captures.should == []
+        end
 
+        it "should not yield for a user in a different scope" do
+          app = lambda do |e|
+            e['warden'].authenticated?(:bar) do
+              $captures << :in_the_bar_block
+            end
+          end
+          setup_rack(app).call(@env)
+          $captures.should == []
+        end
+      end
+    end
+
+
+    describe "unauthenticated?" do
+      describe "negative unauthentication" do
+        before do
+          @env['rack.session'] = {'warden.user.default.key' => 'defult_key'}
+          $captures = []
+        end
 
+        it "should return false when authenticated in the session" do
+          app = lambda do |e|
+            e['warden'].should_not be_unauthenticated
+          end
+          result = setup_rack(app).call(@env)
+        end
+
+        it "should not yield to a block when the block is passed and authenticated" do
+          app = lambda do |e|
+            e['warden'].unauthenticated? do
+              $captures << :in_the_block
+            end
+          end
+          setup_rack(app).call(@env)
+          $captures.should == []
+        end
+
+        it "should not yield to the block for a user in a different scope" do
+          @env['rack.session'] = {'warden.user.foo.key' => 'foo_key'}
+          app = lambda do |e|
+            e['warden'].unauthenticated?(:foo) do
+              $captures << :in_the_foo_block
+            end
+          end
+          setup_rack(app).call(@env)
+          $captures.should == []
+        end
+      end
+
+      describe "positive unauthentication" do
+        before do
+          @env['rack.session'] = {'warden.foo.default.key' => 'foo_key'}
+          $captures = []
+        end
+
+        it "should return false when unauthenticated in the session" do
+          app = lambda do |e|
+            e['warden'].should be_unauthenticated
+          end
+          result = setup_rack(app).call(@env)
+        end
+
+        it "should yield to a block when the block is passed and authenticated" do
+          app = lambda do |e|
+            e['warden'].unauthenticated? do
+              $captures << :in_the_block
+            end
+          end
+          setup_rack(app).call(@env)
+          $captures.should == [:in_the_block]
+        end
+
+        it "should yield for a user in a different scope" do
+          app = lambda do |e|
+            e['warden'].unauthenticated?(:bar) do
+              $captures << :in_the_bar_block
+            end
+          end
+          setup_rack(app).call(@env)
+          $captures.should == [:in_the_bar_block]
+        end
+      end
+    end
+  end
 
 end

data/warden.gemspec

@@ -5,11 +5,11 @@
 
 Gem::Specification.new do |s|
   s.name = %q{warden}
-  s.version = "0.4.0"
+  s.version = "0.5.0"
 
   s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
   s.authors = ["Daniel Neighman"]
-  s.date = %q{2009-10-12}
+  s.date = %q{2009-10-21}
   s.email = %q{has.sox@gmail.com}
   s.extra_rdoc_files = [
     "LICENSE",
@@ -17,6 +17,7 @@ Gem::Specification.new do |s|
   ]
   s.files = [
     ".gitignore",
+     "History.rdoc",
      "LICENSE",
      "README.textile",
      "Rakefile",

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification 
 name: warden
 version: !ruby/object:Gem::Version 
-  version: 0.4.0
+  version: 0.5.0
 platform: ruby
 authors: 
 - Daniel Neighman
@@ -9,7 +9,7 @@ autorequire:
 bindir: bin
 cert_chain: []
 
-date: 2009-10-12 00:00:00 +11:00
+date: 2009-10-21 00:00:00 +11:00
 default_executable: 
 dependencies: 
 - !ruby/object:Gem::Dependency 
@@ -33,6 +33,7 @@ extra_rdoc_files:
 - README.textile
 files: 
 - .gitignore
+- History.rdoc
 - LICENSE
 - README.textile
 - Rakefile