woople-session 0.0.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/.gitignore +5 -0
- data/.rspec +2 -0
- data/Gemfile +4 -0
- data/LICENSE.txt +20 -0
- data/README.md +22 -0
- data/Rakefile +6 -0
- data/lib/woople-session.rb +12 -0
- data/lib/woople-session/base.rb +61 -0
- data/lib/woople-session/version.rb +5 -0
- data/lib/woople/tokenizer.rb +44 -0
- data/spec/spec_helper.rb +11 -0
- data/spec/woople-session/base_spec.rb +102 -0
- data/woople-session.gemspec +24 -0
- metadata +93 -0
data/.gitignore
ADDED
data/.rspec
ADDED
data/Gemfile
ADDED
data/LICENSE.txt
ADDED
@@ -0,0 +1,20 @@
|
|
1
|
+
Copyright (c) 2012 Woople LLC.
|
2
|
+
|
3
|
+
Permission is hereby granted, free of charge, to any person obtaining
|
4
|
+
a copy of this software and associated documentation files (the
|
5
|
+
"Software"), to deal in the Software without restriction, including
|
6
|
+
without limitation the rights to use, copy, modify, merge, publish,
|
7
|
+
distribute, sublicense, and/or sell copies of the Software, and to
|
8
|
+
permit persons to whom the Software is furnished to do so, subject to
|
9
|
+
the following conditions:
|
10
|
+
|
11
|
+
The above copyright notice and this permission notice shall be
|
12
|
+
included in all copies or substantial portions of the Software.
|
13
|
+
|
14
|
+
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
|
15
|
+
EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
|
16
|
+
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
|
17
|
+
NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
|
18
|
+
LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
|
19
|
+
OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
|
20
|
+
WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
data/README.md
ADDED
@@ -0,0 +1,22 @@
|
|
1
|
+
# Woople Session
|
2
|
+
|
3
|
+
An easy way to login as a woople administrator.
|
4
|
+
|
5
|
+
## Purpose & Rationale
|
6
|
+
|
7
|
+
* Woople has a lot of different applications.
|
8
|
+
* We don't want to maintain a seperate list of logins for each one.
|
9
|
+
* We want to login to all the applications from a central location.
|
10
|
+
* 'Child' Applications of woople can use this gem to make logins easy
|
11
|
+
|
12
|
+
## Installation
|
13
|
+
|
14
|
+
coming soon
|
15
|
+
|
16
|
+
## Usage
|
17
|
+
|
18
|
+
coming soon
|
19
|
+
|
20
|
+
## Copyright
|
21
|
+
|
22
|
+
Copyright (c) 2012 Woople LLC. See LICENSE.txt for further details.
|
data/Rakefile
ADDED
@@ -0,0 +1,61 @@
|
|
1
|
+
require 'cgi'
|
2
|
+
require 'active_model'
|
3
|
+
require 'active_support/core_ext/numeric/time'
|
4
|
+
require 'active_support/core_ext/string/conversions'
|
5
|
+
|
6
|
+
module Woople
|
7
|
+
class Session
|
8
|
+
include ActiveModel::Validations
|
9
|
+
|
10
|
+
validate :token_decryptable, :token_expiration
|
11
|
+
|
12
|
+
# Class
|
13
|
+
def self.find(controller)
|
14
|
+
controller.session[:sso]
|
15
|
+
end
|
16
|
+
|
17
|
+
# Instance
|
18
|
+
def initialize(controller, token)
|
19
|
+
@controller = controller
|
20
|
+
@token = token
|
21
|
+
end
|
22
|
+
|
23
|
+
def save
|
24
|
+
if valid?
|
25
|
+
@controller.session[:sso] = get_token
|
26
|
+
return true
|
27
|
+
else
|
28
|
+
return false
|
29
|
+
end
|
30
|
+
end
|
31
|
+
|
32
|
+
private
|
33
|
+
|
34
|
+
def token_expiration
|
35
|
+
token = get_token
|
36
|
+
return if token.nil?
|
37
|
+
|
38
|
+
if token[:expires].nil? || DateTime.now >= token[:expires].to_datetime
|
39
|
+
errors.add(:token, "has expired")
|
40
|
+
end
|
41
|
+
end
|
42
|
+
|
43
|
+
def token_decryptable
|
44
|
+
token = get_token
|
45
|
+
|
46
|
+
if token.nil?
|
47
|
+
errors.add(:token, "could not be decrypted")
|
48
|
+
end
|
49
|
+
end
|
50
|
+
|
51
|
+
def get_token
|
52
|
+
begin
|
53
|
+
Woople::Tokenizer.decrypt(
|
54
|
+
ENV['WOOPLE_KEY'], ENV['WOOPLE_SECRET'], @token
|
55
|
+
)
|
56
|
+
rescue OpenSSL::Cipher::CipherError
|
57
|
+
return nil
|
58
|
+
end
|
59
|
+
end
|
60
|
+
end
|
61
|
+
end
|
@@ -0,0 +1,44 @@
|
|
1
|
+
require "rubygems"
|
2
|
+
require "ezcrypto"
|
3
|
+
require "base64"
|
4
|
+
require "json"
|
5
|
+
require 'active_support/hash_with_indifferent_access'
|
6
|
+
|
7
|
+
module Woople
|
8
|
+
class Tokenizer
|
9
|
+
def initialize( importer_key, api_key, data = {} )
|
10
|
+
# create the signed key
|
11
|
+
signed_key = EzCrypto::Key.with_password( importer_key, api_key )
|
12
|
+
|
13
|
+
# create the data-object, using the required fields
|
14
|
+
defaults = {
|
15
|
+
:expires => 10.minutes.from_now.to_s # expires 10 minutes from now
|
16
|
+
}
|
17
|
+
|
18
|
+
data = defaults.merge(data)
|
19
|
+
|
20
|
+
# encode the data-object to JSON, and encrypt
|
21
|
+
encrypted_data = signed_key.encrypt( data.to_json )
|
22
|
+
|
23
|
+
# generate the SSO-Token
|
24
|
+
@sso_token = CGI.escape( Base64.encode64( encrypted_data ).gsub(/\n/, "") )
|
25
|
+
end
|
26
|
+
|
27
|
+
def sso_token
|
28
|
+
@sso_token
|
29
|
+
end
|
30
|
+
|
31
|
+
def self.decrypt( importer_key, api_key, encrypted_token )
|
32
|
+
# encrypted token must have been run through CGI.unescape() before coming into this method
|
33
|
+
|
34
|
+
# create the signed key
|
35
|
+
signed_key = EzCrypto::Key.with_password( importer_key, api_key )
|
36
|
+
|
37
|
+
# decode the data-object
|
38
|
+
decoded = signed_key.decrypt( Base64.decode64( encrypted_token ) )
|
39
|
+
|
40
|
+
# convert the object to a hash
|
41
|
+
HashWithIndifferentAccess.new( ActiveSupport::JSON.decode(decoded) )
|
42
|
+
end
|
43
|
+
end
|
44
|
+
end
|
data/spec/spec_helper.rb
ADDED
@@ -0,0 +1,11 @@
|
|
1
|
+
# This file was generated by the `rspec --init` command. Conventionally, all
|
2
|
+
# specs live under a `spec` directory, which RSpec adds to the `$LOAD_PATH`.
|
3
|
+
# Require this file using `require "spec_helper.rb"` to ensure that it is only
|
4
|
+
# loaded once.
|
5
|
+
#
|
6
|
+
# See http://rubydoc.info/gems/rspec-core/RSpec/Core/Configuration
|
7
|
+
RSpec.configure do |config|
|
8
|
+
config.treat_symbols_as_metadata_keys_with_true_values = true
|
9
|
+
config.run_all_when_everything_filtered = true
|
10
|
+
config.filter_run :focus
|
11
|
+
end
|
@@ -0,0 +1,102 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
require 'woople-session'
|
3
|
+
require 'cgi'
|
4
|
+
|
5
|
+
describe Woople::Session do
|
6
|
+
before do
|
7
|
+
@controller = stub( session: {} )
|
8
|
+
end
|
9
|
+
describe "#new" do
|
10
|
+
context "with an invalid token" do
|
11
|
+
subject { Woople::Session.new(@controller, 'bad_token') }
|
12
|
+
it { should_not be_valid }
|
13
|
+
it 'should have an error message' do
|
14
|
+
subject.valid?
|
15
|
+
subject.errors.full_messages.should include("Token could not be decrypted")
|
16
|
+
end
|
17
|
+
end
|
18
|
+
|
19
|
+
context "with a valid token" do
|
20
|
+
subject { Woople::Session.new(@controller, generate_valid_token) }
|
21
|
+
it { should be_valid }
|
22
|
+
end
|
23
|
+
|
24
|
+
context "with an expired token" do
|
25
|
+
subject { Woople::Session.new(@controller, generate_expired_token) }
|
26
|
+
|
27
|
+
it { should_not be_valid }
|
28
|
+
it 'should have an error message' do
|
29
|
+
subject.valid?
|
30
|
+
subject.errors.full_messages.should include("Token has expired")
|
31
|
+
end
|
32
|
+
end
|
33
|
+
|
34
|
+
context "without an expires key" do
|
35
|
+
subject { Woople::Session.new(@controller, generate_token_without_expires) }
|
36
|
+
|
37
|
+
it { should_not be_valid }
|
38
|
+
it 'should have an error message' do
|
39
|
+
subject.valid?
|
40
|
+
subject.errors.full_messages.should include("Token has expired")
|
41
|
+
end
|
42
|
+
|
43
|
+
end
|
44
|
+
end
|
45
|
+
|
46
|
+
describe "#find" do
|
47
|
+
context "retrieving a previously saved session" do
|
48
|
+
subject { Woople::Session.find(stub_controller) }
|
49
|
+
|
50
|
+
it "should have a name" do
|
51
|
+
subject[:name].should == 'bob'
|
52
|
+
end
|
53
|
+
end
|
54
|
+
end
|
55
|
+
|
56
|
+
describe "#save" do
|
57
|
+
context "with a valid token" do
|
58
|
+
before do
|
59
|
+
@session = Woople::Session.new(@controller, generate_valid_token)
|
60
|
+
end
|
61
|
+
|
62
|
+
it "should be true" do
|
63
|
+
@session.save.should be_true
|
64
|
+
end
|
65
|
+
|
66
|
+
it "should save the session" do
|
67
|
+
@session.save
|
68
|
+
@controller.session.should have_key :sso
|
69
|
+
end
|
70
|
+
end
|
71
|
+
|
72
|
+
context "with an invalid token" do
|
73
|
+
subject { Woople::Session.new(@controller, generate_expired_token).save }
|
74
|
+
it { should be_false }
|
75
|
+
end
|
76
|
+
end
|
77
|
+
|
78
|
+
def generate_token_without_expires
|
79
|
+
token(:expires => nil)
|
80
|
+
end
|
81
|
+
|
82
|
+
def generate_expired_token
|
83
|
+
token(:expires => 10.minutes.ago.to_s)
|
84
|
+
end
|
85
|
+
|
86
|
+
def generate_valid_token
|
87
|
+
token(:name => 'Bob Smith')
|
88
|
+
end
|
89
|
+
|
90
|
+
def token(data = {})
|
91
|
+
CGI.unescape(
|
92
|
+
Woople::Tokenizer.new(
|
93
|
+
ENV['WOOPLE_KEY'], ENV['WOOPLE_SECRET'], data
|
94
|
+
).sso_token
|
95
|
+
)
|
96
|
+
|
97
|
+
end
|
98
|
+
|
99
|
+
def stub_controller
|
100
|
+
stub(:session => { :sso => { :name => 'bob' } })
|
101
|
+
end
|
102
|
+
end
|
@@ -0,0 +1,24 @@
|
|
1
|
+
# -*- encoding: utf-8 -*-
|
2
|
+
$:.push File.expand_path("../lib", __FILE__)
|
3
|
+
require "woople-session/version"
|
4
|
+
|
5
|
+
Gem::Specification.new do |s|
|
6
|
+
s.name = "woople-session"
|
7
|
+
s.version = Woople::Session::VERSION
|
8
|
+
s.authors = ["Cameron Westland"]
|
9
|
+
s.email = ["camwest@gmail.com"]
|
10
|
+
s.homepage = ""
|
11
|
+
s.summary = %q{An easy way to login as a woople administrator}
|
12
|
+
s.description = %q{Our internal session library}
|
13
|
+
|
14
|
+
s.rubyforge_project = "woople-session"
|
15
|
+
|
16
|
+
s.files = `git ls-files`.split("\n")
|
17
|
+
s.test_files = `git ls-files -- {test,spec,features}/*`.split("\n")
|
18
|
+
s.executables = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) }
|
19
|
+
s.require_paths = ["lib"]
|
20
|
+
|
21
|
+
s.add_development_dependency "rspec", "~> 2.8"
|
22
|
+
s.add_dependency 'activemodel', "3.2.1"
|
23
|
+
s.add_dependency 'ezcrypto'
|
24
|
+
end
|
metadata
ADDED
@@ -0,0 +1,93 @@
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
2
|
+
name: woople-session
|
3
|
+
version: !ruby/object:Gem::Version
|
4
|
+
version: 0.0.1
|
5
|
+
prerelease:
|
6
|
+
platform: ruby
|
7
|
+
authors:
|
8
|
+
- Cameron Westland
|
9
|
+
autorequire:
|
10
|
+
bindir: bin
|
11
|
+
cert_chain: []
|
12
|
+
date: 2012-02-21 00:00:00.000000000 Z
|
13
|
+
dependencies:
|
14
|
+
- !ruby/object:Gem::Dependency
|
15
|
+
name: rspec
|
16
|
+
requirement: &70117980375940 !ruby/object:Gem::Requirement
|
17
|
+
none: false
|
18
|
+
requirements:
|
19
|
+
- - ~>
|
20
|
+
- !ruby/object:Gem::Version
|
21
|
+
version: '2.8'
|
22
|
+
type: :development
|
23
|
+
prerelease: false
|
24
|
+
version_requirements: *70117980375940
|
25
|
+
- !ruby/object:Gem::Dependency
|
26
|
+
name: activemodel
|
27
|
+
requirement: &70117980375320 !ruby/object:Gem::Requirement
|
28
|
+
none: false
|
29
|
+
requirements:
|
30
|
+
- - =
|
31
|
+
- !ruby/object:Gem::Version
|
32
|
+
version: 3.2.1
|
33
|
+
type: :runtime
|
34
|
+
prerelease: false
|
35
|
+
version_requirements: *70117980375320
|
36
|
+
- !ruby/object:Gem::Dependency
|
37
|
+
name: ezcrypto
|
38
|
+
requirement: &70117980374720 !ruby/object:Gem::Requirement
|
39
|
+
none: false
|
40
|
+
requirements:
|
41
|
+
- - ! '>='
|
42
|
+
- !ruby/object:Gem::Version
|
43
|
+
version: '0'
|
44
|
+
type: :runtime
|
45
|
+
prerelease: false
|
46
|
+
version_requirements: *70117980374720
|
47
|
+
description: Our internal session library
|
48
|
+
email:
|
49
|
+
- camwest@gmail.com
|
50
|
+
executables: []
|
51
|
+
extensions: []
|
52
|
+
extra_rdoc_files: []
|
53
|
+
files:
|
54
|
+
- .gitignore
|
55
|
+
- .rspec
|
56
|
+
- Gemfile
|
57
|
+
- LICENSE.txt
|
58
|
+
- README.md
|
59
|
+
- Rakefile
|
60
|
+
- lib/woople-session.rb
|
61
|
+
- lib/woople-session/base.rb
|
62
|
+
- lib/woople-session/version.rb
|
63
|
+
- lib/woople/tokenizer.rb
|
64
|
+
- spec/spec_helper.rb
|
65
|
+
- spec/woople-session/base_spec.rb
|
66
|
+
- woople-session.gemspec
|
67
|
+
homepage: ''
|
68
|
+
licenses: []
|
69
|
+
post_install_message:
|
70
|
+
rdoc_options: []
|
71
|
+
require_paths:
|
72
|
+
- lib
|
73
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
74
|
+
none: false
|
75
|
+
requirements:
|
76
|
+
- - ! '>='
|
77
|
+
- !ruby/object:Gem::Version
|
78
|
+
version: '0'
|
79
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
80
|
+
none: false
|
81
|
+
requirements:
|
82
|
+
- - ! '>='
|
83
|
+
- !ruby/object:Gem::Version
|
84
|
+
version: '0'
|
85
|
+
requirements: []
|
86
|
+
rubyforge_project: woople-session
|
87
|
+
rubygems_version: 1.8.10
|
88
|
+
signing_key:
|
89
|
+
specification_version: 3
|
90
|
+
summary: An easy way to login as a woople administrator
|
91
|
+
test_files:
|
92
|
+
- spec/spec_helper.rb
|
93
|
+
- spec/woople-session/base_spec.rb
|