warden_omniauth 0.1.0

data/.gitignore

@@ -0,0 +1,3 @@
+pkg/*
+*.gem
+.bundle

data/Gemfile

@@ -0,0 +1,11 @@
+source :gemcutter
+
+# Specify your gem's dependencies in warden_omniauth.gemspec
+gemspec
+
+group :test do
+  gem 'nanotest'
+  gem 'nanotest_extensions'
+  gem 'rack-test', :require => 'rack/test'
+  gem 'rake'
+end

data/Gemfile.lock

@@ -0,0 +1,80 @@
+PATH
+  remote: .
+  specs:
+    warden_omniauth (0.0.1)
+      omniauth
+      warden (>= 0.9)
+
+GEM
+  remote: http://rubygems.org/
+  specs:
+    addressable (2.2.0)
+    faraday (0.4.6)
+      addressable (>= 2.1.1)
+      rack (>= 1.0.1)
+    mime-types (1.16)
+    multi_json (0.0.4)
+    nanotest (0.9.4.1)
+    nanotest_extensions (0.6.3)
+    net-ldap (0.1.1)
+    nokogiri (1.4.3.1)
+    oa-basic (0.1.1)
+      multi_json (~> 0.0.2)
+      nokogiri (~> 1.4.2)
+      oa-core (= 0.1.1)
+      rest-client (~> 1.6.0)
+    oa-core (0.1.1)
+      rack (~> 1.1)
+    oa-enterprise (0.1.1)
+      net-ldap (~> 0.1.1)
+      nokogiri (~> 1.4.2)
+      oa-core (= 0.1.1)
+      rubyntlm (~> 0.1.1)
+    oa-oauth (0.1.1)
+      multi_json (~> 0.0.2)
+      nokogiri (~> 1.4.2)
+      oa-core (= 0.1.1)
+      oauth (~> 0.4.0)
+      oauth2 (~> 0.0.10)
+    oa-openid (0.1.1)
+      oa-core (= 0.1.1)
+      rack-openid (~> 1.1.1)
+      ruby-openid-apps-discovery
+    oauth (0.4.3)
+    oauth2 (0.0.13)
+      faraday (~> 0.4.1)
+      multi_json (>= 0.0.4)
+    omniauth (0.1.1)
+      oa-basic (= 0.1.1)
+      oa-core (= 0.1.1)
+      oa-enterprise (= 0.1.1)
+      oa-oauth (= 0.1.1)
+      oa-openid (= 0.1.1)
+    rack (1.2.1)
+    rack-openid (1.1.2)
+      rack (>= 0.4)
+      ruby-openid (>= 2.0.3)
+    rack-test (0.5.6)
+      rack (>= 1.0)
+    rake (0.8.7)
+    rest-client (1.6.1)
+      mime-types (>= 1.16)
+    ruby-openid (2.1.8)
+    ruby-openid-apps-discovery (1.2.0)
+      ruby-openid (>= 2.1.7)
+    rubyntlm (0.1.1)
+    warden (0.10.7)
+      rack (>= 1.0.0)
+
+PLATFORMS
+  ruby
+
+DEPENDENCIES
+  bundler (>= 1.0.0)
+  nanotest
+  nanotest_extensions
+  omniauth
+  rack-test
+  rake
+  warden (>= 0.9)
+  warden_omniauth!

data/README.markdown

@@ -0,0 +1,93 @@
+# Warden OmniAuth
+
+OmniAuth is a pretty aweome library.  If you haven't checked it out yet, you really should. This is a simple wrapper for OmniAuth so that it can be used from a warden project.  It sorts storing the user into the sesion, redirection on callbacks etc.
+
+With it, you can make use of any of the [OmniAuth](http://github.com/intridea/omniauth) authentication library.  This provides some great external authentication mechanisms.
+
+Warden provides a consistent interface for projects, engines, and arbitrary rack applicaitons.  The benefit of warden, is that you do no need to know what the host application considers authentication to use it.  It also provides a way to store the user in the session etc.
+
+By using WardenOmniAuth, you can make use of any of the OmniAuth authentication mechanisms in your host application, and any rack middleware or applications can just continue using warden without change.
+
+This is also usable in the [Devise](http://github.com/plataformatec/devise) Rails Engine
+## Usage (Rack)
+
+<pre><code>use OmniAuth::Builer do
+  # setup omniauth
+end
+
+use Warden::Manager do |config|
+  # setup warden configuration
+end
+
+use WardenOmniAuth do |config|
+  config.redirect\_after\_callback = "/redirect/path" # default "/"
+end
+
+run MyApp
+</code></pre>
+
+## Usage (Devise)
+
+<pre><code># config/initializer.rb
+Devise.setup do |config|
+config.warden do |manager|
+  [:omni\_twitter, :omni\_facebook, :omni\_github].each do |strategy|
+    manager.default\_strategies(:scope => :user).unshift strategy
+  end
+end
+</code></pre>
+
+This will add the stratgeies to the normal devise user login for github, then facebook, then twitter.
+
+# Dealing with callbacks
+
+OmniAuth uses callbacks to give you the user object, WardenOmniAuth provides a way to store this into the session
+
+By default, it grabs just _user\\info_, _uid_, _credentials_, _provider_ as a hash in the session.
+
+If you want to customise this you can do:
+
+<pre><code>
+  WardenOmniAuth.on\_callback do |user|
+    # all callbacks will go here by default
+  end
+</code></pre>
+
+Whatever you return from the block is the user that's made available in warden.
+
+## Dealing with each kind of callback
+
+<pre><code>
+use WardenOmniAuth do |config|
+  Warden::Strategies[:omni\_twitter] do |user|
+    # do stuff to get a user and return it from the block
+  end
+
+  Warden::Strategies[:omni\_facebook] do |user|
+    # do stuff to get a user for a facebook user
+  end
+end
+</code></pre>
+
+This will use a specific callback to get the user, or fallback if nothing specific has been defined.
+
+
+# Why? (Gimmie an alternative)
+
+Because I wanted to see how it would be to integrate this strategy into warden.  Turns out to be pretty simple, but there's nothing stopping you from just providing a callback directly for OmniAuth.
+
+However, it's just as simple to provide endpoints for OmniAuth callbacks. (Assuming you already have warden setup in your app)
+
+Example:
+
+<pre><code>
+  get "/auth/twitter/callback" do
+    user = munge_user_from_env(env['rack.auth'])
+    warden.set_user user
+    redirect "/somewhere"
+  end
+</code></pre>
+
+You can see from this small snippet, that you don't really need this library, just define your callbacks to set the user and you're done.
+
+Rack is a beutiful thing!

data/Rakefile

@@ -0,0 +1,18 @@
+require 'bundler'
+Bundler::GemHelper.install_tasks
+
+# --------------------------------------------------
+# Tests
+# --------------------------------------------------
+namespace(:test) do
+
+  desc "run framework compatibility tests"
+  task(:all) do
+    Dir['test/test_*.rb'].each do |path|
+      cmd = "ruby -rubygems -I.:lib -I.:test/test_helper.rb #{path}"
+      puts(cmd) if ENV['VERBOSE']
+      system(cmd)
+    end
+  end
+end
+

data/examples/twitter/config.ru

@@ -0,0 +1,42 @@
+$:.unshift File.join(File.dirname(__FILE__), "..", "..", "lib")
+
+require 'warden_omniauth'
+
+Warden::Manager.serialize_into_session do |user|
+  user
+end
+
+Warden::Manager.serialize_from_session do |user|
+  user
+end
+
+app = lambda do |e|
+  request = Rack::Request.new(e)
+  if request.path =~ /logout/
+    e['warden'].logout
+    r = Rack::Response.new
+    r.redirect("/")
+    r.finish
+  else
+    e['warden'].authenticate!
+    Rack::Response.new(e['warden'].user.inspect).finish
+  end
+end
+
+failure = lambda{|e| Rack::Resposne.new("Can't login", 401).finish }
+
+use Rack::Session::Cookie
+
+use Warden::Manager do |config|
+  config.failure_app = failure
+  config.default_strategies :omni_twitter
+end
+
+use OmniAuth::Strategies::Twitter, key, sekrit
+use WardenOmniAuth do |config|
+  config.redirect_after_callback = "/foo/bar"
+end
+
+
+run app
+

data/lib/warden_omniauth.rb

@@ -0,0 +1,150 @@
+require 'warden'
+require 'omniauth'
+
+class WardenOmniAuth
+  DEFAULT_CALLBACK = lambda do |user|
+    u = {}
+    u[:user_info] = user['user_info']
+    u[:uid] = user['uid']
+    u[:credentials] = user['credentials']
+    u[:provider] = user['provider']
+    u
+  end
+
+  SCOPE_KEY        = 'warden_omni_auth.scope'
+  SESSION_KEY      = 'rack.session'
+
+  # Setup a callback to transform the user from the omni user hash
+  # to what you want warden to store as the user object
+  # @example
+  #   WardenOmniAuth.on_callback do |omni_user|
+  #     User.find_or_create_by_uid(omni_user['uid'])
+  #   end
+  def self.on_callback(&blk)
+    @on_callback = blk if blk
+    @on_callback || DEFAULT_CALLBACK
+  end
+
+  # Create a warden strategy to wrap an OmniAuth strategy
+  # @param name - The name of the omniauth strategy
+  # @example
+  #   WardenOmniAuth.setup_strategies(:twitter, :facebook)
+  def self.setup_strategies(*names)
+    names.map do |name|
+      full_name = :"omni_#{name}"
+      unless Warden::Strategies[full_name]
+        klass = Class.new(WardenOmniAuth::Strategy)
+        klass.omni_name = name
+        Warden::Strategies.add(full_name, klass)
+      end
+      Warden::Strategies[full_name]
+    end
+  end
+
+  # The base omniauth warden strategy.  This is inherited for each
+  # omniauth strategy
+  class Strategy < Warden::Strategies::Base
+    # make a specific callback for this strategy
+    def self.on_callback(&blk)
+      @on_callback = blk if blk
+      @on_callback || WardenOmniAuth.on_callback
+    end
+
+    # The name of the OmniAuth strategy to map to
+    def self.omni_name=(name)
+      @omni_name = name
+    end
+
+    # The name of the OmniAuth strategy to map to
+    def self.omni_name
+      @omni_name
+    end
+
+    def authenticate!
+      session = env[SESSION_KEY]
+      session[SCOPE_KEY] = scope
+
+      # set the user if one exists
+      # otherwise, redirect for authentication
+      if user = (env['rack.auth'] || request['auth']) # TODO: Fix..  Completely insecure... do not use this will look in params for the auth.  Apparently fixed in the new gem
+
+        success! self.class.on_callback[user]
+      else
+        path_prefix = OmniAuth::Configuration.instance.path_prefix
+        redirect! File.join(path_prefix, self.class.omni_name)
+      end
+    end
+  end
+
+  # Pulled from extlib
+  # Convert to snake case.
+  #
+  #   "FooBar".snake_case           #=> "foo_bar"
+  #   "HeadlineCNNNews".snake_case  #=> "headline_cnn_news"
+  #   "CNN".snake_case              #=> "cnn"
+  #
+  # @return [String] Receiver converted to snake case.
+  #
+  # @api public
+  def self.snake_case(string)
+    return string.downcase if string.match(/\A[A-Z]+\z/)
+    string.gsub(/([A-Z]+)([A-Z][a-z])/, '\1_\2').
+    gsub(/([a-z])([A-Z])/, '\1_\2').
+    downcase
+  end
+
+  def initialize(app)
+    # setup the warden strategies to wrap the omniauth ones
+    names = OmniAuth::Strategies.constants.map do |konstant|
+      name = WardenOmniAuth.snake_case(konstant.to_s)
+    end
+    WardenOmniAuth.setup_strategies(*names)
+    yield self if block_given?
+    @app = app
+  end
+
+  # redirect after a callback
+  def redirect_after_callback=(path)
+    @redirect_after_callback_path = path
+  end
+
+
+  def redirect_after_callback_path
+    @redirect_after_callback_path ||= "/"
+  end
+
+  def call(env)
+    request = Rack::Request.new(env)
+    prefix = OmniAuth::Configuration.instance.path_prefix
+    if request.path =~ /^#{prefix}\/(.+?)\/callback$/i
+      strategy_name = $1
+      strategy = Warden::Strategies._strategies.keys.detect{|k| k.to_s == "omni_#{strategy_name}"}
+
+      if !strategy
+        Rack::Response.new("Unknown Handler", 401).finish
+      else
+        # Warden needs to use a hashie for looking up scope
+        # and strategy names
+        session = env[SESSION_KEY]
+        scope = session[SCOPE_KEY]
+        if scope.nil? || scope.to_s.length < 100 # have to protect against symbols :(. need a hashie
+          args = [strategy]
+          args << {:scope => scope.to_sym} if scope
+          response = Rack::Response.new
+          if env['warden'].authenticate? *args
+            response.redirect(redirect_after_callback_path)
+            response.finish
+          else
+            auth_path = request.path.gsub(/\/callback$/, "")
+            response.redirect(auth_path)
+            response.finish
+          end
+        else
+          Rack::Response.new("Bad Session", 400).finish
+        end
+      end
+    else
+      @app.call(env)
+    end
+  end
+end

data/lib/warden_omniauth/version.rb

@@ -0,0 +1,3 @@
+module WardenOmniauth
+  VERSION = "0.1.0"
+end

data/test/test_helper.rb

@@ -0,0 +1,42 @@
+require 'nanotest'
+require 'nanotest/contexts'
+require 'rack'
+require 'rack/test'
+include Nanotest
+include Nanotest::Contexts
+
+require 'warden_omniauth'
+
+Warden::Manager.serialize_into_session do |user|
+  user
+end
+
+Warden::Manager.serialize_from_session do |user|
+  user
+end
+
+
+module MyHelpers
+  def app
+    @app || create_app{|e| Rack::Response.new("OK").finish }
+  end
+
+  def create_app(&blk)
+    failure = lambda{|e| Rack::Response.new("Can't login", 401).finish }
+    builder = Rack::Builder.new do
+      use Warden::Manager do |config|
+        config.failure_app = failure
+        config.default_strategies :omni_twitter
+      end
+
+      #use OmniAuth::Strategies::Twitter, key, sekrit
+
+      use WardenOmniAuth do |config|
+        $omni_auth = config
+        config.redirect_after_callback = "/redirect/path"
+      end
+      run blk
+    end.to_app
+  end
+end
+

data/test/test_warden_omniauth.rb

@@ -0,0 +1,131 @@
+require 'test/test_helper'
+
+# WardenOmniauth
+context do
+  include Rack::Test::Methods
+  include MyHelpers
+  teardown { @_rack_mock_sessions = nil; @_rack_test_sessions = nil  }
+
+  # shoudl setup all the omni auth strategies
+  test do
+    app
+    OmniAuth::Strategies.constants.each do |klass|
+      name = WardenOmniAuth.snake_case(klass.to_s)
+      assert { Warden::Strategies[:"omni_#{name}"] != nil }
+      assert { Warden::Strategies[:"omni_#{name}"].superclass == WardenOmniAuth::Strategy }
+    end
+  end
+
+  # test the middleware in a request
+  context do
+    setup do
+      @app = create_app do |e|
+        request = Rack::Request.new(e)
+        Rack::Response.new(request.path).finish
+      end
+    end
+    teardown { @_rack_mock_sessions = nil; @_rack_test_sessions = nil  }
+
+    # test that any non /auth urls fall through to the app
+    test do
+      response = get "/foo", {}, {'rack.session' => {}}
+      assert { response.status == 200       }
+      assert { response.body.to_s == "/foo" }
+    end
+
+    # anything going to /auth/<strategy> should fall through to omniauth (the app)
+    test do
+      response = get "/auth/twitter", {}, {'rack.session' => {}}
+      assert { response.status == 200                }
+      assert { response.body.to_s == "/auth/twitter" }
+    end
+
+    # the callback url shoudl be intercepted and  should raise if it's unknown
+    test do
+      assert { Warden::Strategies[:omni_does_not_exist].nil? }
+      response = get "/auth/does_not_exist/callback", {}, {'rack.session' => {}}
+      assert("status should be 401"       ) { response.status == 401              }
+      assert("text should be Can't login" ) { response.body.to_s == "Can't login" }
+    end
+
+    # the callback url should be intercepted and should redirect back to the strategy if there is no user
+    # in rack['auth']
+    test do
+      response = get "/auth/twitter/callback", {}, { 'rack.auth' => nil, 'rack.session' => {}}
+      assert("status should be 302") { response.status == 302 }
+      assert("url should be /auth/twitter") { response.headers['Location'] == '/auth/twitter' }
+    end
+
+    # The session scope should not be too big
+    test do
+      session = {}
+      session[WardenOmniAuth::SCOPE_KEY] = "a" * 101
+
+      response = get "/auth/twitter/callback", {}, {'rack.session' => session }
+      assert("status should be 400"      ) { response.status    == 400           }
+      assert("body should be bad status" ) { response.body.to_s == "Bad Session" }
+    end
+  end
+
+  context do
+    teardown { @_rack_mock_sessions = nil; @_rack_test_sessions = nil  }
+    setup do
+      $captures = []
+      @app = create_app do |e|
+        e['warden'].authenticate
+        $captures << e['warden'].user(:user)
+        Rack::Response.new("DONE").finish
+      end
+    end
+
+    # The session scope should store the user
+    test do
+
+      session = {}
+      session[WardenOmniAuth::SCOPE_KEY] = "user"
+      expected_redirect = $omni_auth.redirect_after_callback_path
+
+      response = get("/auth/twitter/callback", {}, {'rack.session' => session, 'rack.auth' => {'user_info' => "fred"}})
+
+      assert("should be redirected") { response.status == 302 }
+      assert("should go to the redirect path"){ response.headers['Location'] == expected_redirect }
+
+      response = get(expected_redirect, {}, {'rack.session' => session })
+      assert("should have made it into the app") { $captures.size == 1 }
+      assert("should have captured the user"){ $captures.first[:user_info] == 'fred' }
+    end
+
+    # should give me different handlers for different callbacks
+    test do
+      begin
+        session = {}
+        session[WardenOmniAuth::SCOPE_KEY] = "user"
+        expected_redirect = $omni_auth.redirect_after_callback_path
+
+        Warden::Strategies[:omni_facebook].on_callback do |user|
+          {:facebook => "user"}
+        end
+        Warden::Strategies[:omni_twitter].on_callback do |user|
+          {:twitter => "user"}
+        end
+
+        response = get("/auth/facebook/callback", {}, {'rack.session' => session, 'rack.auth' => {'user_info' => "fred"}})
+        response = get expected_redirect, {}, {'rack.session' => session}
+        assert { $captures.size == 1 }
+        assert { $captures.first == {:facebook => "user"} }
+        $captures = []
+
+        session = {}
+        session[WardenOmniAuth::SCOPE_KEY] = "user"
+        response = get("/auth/twitter/callback", {}, {'rack.session' => session, 'rack.auth' => {'user_info' => 'fred'}})
+        response = get expected_redirect, {}, {'rack.session' => session}
+        assert { $captures.size == 1 }
+        assert { $captures.first == {:twitter => "user"} }
+      ensure
+        Warden::Strategies[:omni_facebook].on_callback &WardenOmniAuth::DEFAULT_CALLBACK
+        Warden::Strategies[:omni_twitter ].on_callback &WardenOmniAuth::DEFAULT_CALLBACK
+      end
+    end
+
+  end
+end

data/warden_omniauth.gemspec

@@ -0,0 +1,25 @@
+# -*- encoding: utf-8 -*-
+require File.expand_path("../lib/warden_omniauth/version", __FILE__)
+
+Gem::Specification.new do |s|
+  s.name        = "warden_omniauth"
+  s.version     = WardenOmniauth::VERSION
+  s.platform    = Gem::Platform::RUBY
+  s.authors     = ["Daniel Neighman"]
+  s.email       = ["has.sox@gmail.com"]
+  s.homepage    = "http://rubygems.org/gems/warden_omniauth"
+  s.summary     = "A warden adapter for omniauth"
+  s.description = "A warden adapter for omniauth"
+
+  s.required_rubygems_version = ">= 1.3.6"
+  s.rubyforge_project         = "warden_omniauth"
+
+  s.add_dependency "omniauth"
+  s.add_dependency "warden", ">=0.9"
+
+  s.add_development_dependency "bundler", ">= 1.0.0"
+
+  s.files        = `git ls-files`.split("\n")
+  s.executables  = `git ls-files`.split("\n").map{|f| f =~ /^bin\/(.*)/ ? $1 : nil}.compact
+  s.require_path = 'lib'
+end

metadata

@@ -0,0 +1,124 @@
+--- !ruby/object:Gem::Specification 
+name: warden_omniauth
+version: !ruby/object:Gem::Version 
+  hash: 27
+  prerelease: false
+  segments: 
+  - 0
+  - 1
+  - 0
+  version: 0.1.0
+platform: ruby
+authors: 
+- Daniel Neighman
+autorequire: 
+bindir: bin
+cert_chain: []
+
+date: 2010-10-15 00:00:00 +11:00
+default_executable: 
+dependencies: 
+- !ruby/object:Gem::Dependency 
+  name: omniauth
+  prerelease: false
+  requirement: &id001 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        hash: 3
+        segments: 
+        - 0
+        version: "0"
+  type: :runtime
+  version_requirements: *id001
+- !ruby/object:Gem::Dependency 
+  name: warden
+  prerelease: false
+  requirement: &id002 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        hash: 25
+        segments: 
+        - 0
+        - 9
+        version: "0.9"
+  type: :runtime
+  version_requirements: *id002
+- !ruby/object:Gem::Dependency 
+  name: bundler
+  prerelease: false
+  requirement: &id003 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        hash: 23
+        segments: 
+        - 1
+        - 0
+        - 0
+        version: 1.0.0
+  type: :development
+  version_requirements: *id003
+description: A warden adapter for omniauth
+email: 
+- has.sox@gmail.com
+executables: []
+
+extensions: []
+
+extra_rdoc_files: []
+
+files: 
+- .gitignore
+- Gemfile
+- Gemfile.lock
+- README.markdown
+- Rakefile
+- examples/twitter/config.ru
+- lib/warden_omniauth.rb
+- lib/warden_omniauth/version.rb
+- test/test_helper.rb
+- test/test_warden_omniauth.rb
+- warden_omniauth.gemspec
+has_rdoc: true
+homepage: http://rubygems.org/gems/warden_omniauth
+licenses: []
+
+post_install_message: 
+rdoc_options: []
+
+require_paths: 
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement 
+  none: false
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      hash: 3
+      segments: 
+      - 0
+      version: "0"
+required_rubygems_version: !ruby/object:Gem::Requirement 
+  none: false
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      hash: 23
+      segments: 
+      - 1
+      - 3
+      - 6
+      version: 1.3.6
+requirements: []
+
+rubyforge_project: warden_omniauth
+rubygems_version: 1.3.7
+signing_key: 
+specification_version: 3
+summary: A warden adapter for omniauth
+test_files: []
+