woople-session 0.0.1
Sign up to get free protection for your applications and to get access to all the features.
- data/.gitignore +5 -0
- data/.rspec +2 -0
- data/Gemfile +4 -0
- data/LICENSE.txt +20 -0
- data/README.md +22 -0
- data/Rakefile +6 -0
- data/lib/woople-session.rb +12 -0
- data/lib/woople-session/base.rb +61 -0
- data/lib/woople-session/version.rb +5 -0
- data/lib/woople/tokenizer.rb +44 -0
- data/spec/spec_helper.rb +11 -0
- data/spec/woople-session/base_spec.rb +102 -0
- data/woople-session.gemspec +24 -0
- metadata +93 -0
data/.gitignore
ADDED
data/.rspec
ADDED
data/Gemfile
ADDED
data/LICENSE.txt
ADDED
@@ -0,0 +1,20 @@
|
|
1
|
+
Copyright (c) 2012 Woople LLC.
|
2
|
+
|
3
|
+
Permission is hereby granted, free of charge, to any person obtaining
|
4
|
+
a copy of this software and associated documentation files (the
|
5
|
+
"Software"), to deal in the Software without restriction, including
|
6
|
+
without limitation the rights to use, copy, modify, merge, publish,
|
7
|
+
distribute, sublicense, and/or sell copies of the Software, and to
|
8
|
+
permit persons to whom the Software is furnished to do so, subject to
|
9
|
+
the following conditions:
|
10
|
+
|
11
|
+
The above copyright notice and this permission notice shall be
|
12
|
+
included in all copies or substantial portions of the Software.
|
13
|
+
|
14
|
+
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
|
15
|
+
EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
|
16
|
+
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
|
17
|
+
NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
|
18
|
+
LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
|
19
|
+
OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
|
20
|
+
WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
data/README.md
ADDED
@@ -0,0 +1,22 @@
|
|
1
|
+
# Woople Session
|
2
|
+
|
3
|
+
An easy way to login as a woople administrator.
|
4
|
+
|
5
|
+
## Purpose & Rationale
|
6
|
+
|
7
|
+
* Woople has a lot of different applications.
|
8
|
+
* We don't want to maintain a seperate list of logins for each one.
|
9
|
+
* We want to login to all the applications from a central location.
|
10
|
+
* 'Child' Applications of woople can use this gem to make logins easy
|
11
|
+
|
12
|
+
## Installation
|
13
|
+
|
14
|
+
coming soon
|
15
|
+
|
16
|
+
## Usage
|
17
|
+
|
18
|
+
coming soon
|
19
|
+
|
20
|
+
## Copyright
|
21
|
+
|
22
|
+
Copyright (c) 2012 Woople LLC. See LICENSE.txt for further details.
|
data/Rakefile
ADDED
@@ -0,0 +1,61 @@
|
|
1
|
+
require 'cgi'
|
2
|
+
require 'active_model'
|
3
|
+
require 'active_support/core_ext/numeric/time'
|
4
|
+
require 'active_support/core_ext/string/conversions'
|
5
|
+
|
6
|
+
module Woople
|
7
|
+
class Session
|
8
|
+
include ActiveModel::Validations
|
9
|
+
|
10
|
+
validate :token_decryptable, :token_expiration
|
11
|
+
|
12
|
+
# Class
|
13
|
+
def self.find(controller)
|
14
|
+
controller.session[:sso]
|
15
|
+
end
|
16
|
+
|
17
|
+
# Instance
|
18
|
+
def initialize(controller, token)
|
19
|
+
@controller = controller
|
20
|
+
@token = token
|
21
|
+
end
|
22
|
+
|
23
|
+
def save
|
24
|
+
if valid?
|
25
|
+
@controller.session[:sso] = get_token
|
26
|
+
return true
|
27
|
+
else
|
28
|
+
return false
|
29
|
+
end
|
30
|
+
end
|
31
|
+
|
32
|
+
private
|
33
|
+
|
34
|
+
def token_expiration
|
35
|
+
token = get_token
|
36
|
+
return if token.nil?
|
37
|
+
|
38
|
+
if token[:expires].nil? || DateTime.now >= token[:expires].to_datetime
|
39
|
+
errors.add(:token, "has expired")
|
40
|
+
end
|
41
|
+
end
|
42
|
+
|
43
|
+
def token_decryptable
|
44
|
+
token = get_token
|
45
|
+
|
46
|
+
if token.nil?
|
47
|
+
errors.add(:token, "could not be decrypted")
|
48
|
+
end
|
49
|
+
end
|
50
|
+
|
51
|
+
def get_token
|
52
|
+
begin
|
53
|
+
Woople::Tokenizer.decrypt(
|
54
|
+
ENV['WOOPLE_KEY'], ENV['WOOPLE_SECRET'], @token
|
55
|
+
)
|
56
|
+
rescue OpenSSL::Cipher::CipherError
|
57
|
+
return nil
|
58
|
+
end
|
59
|
+
end
|
60
|
+
end
|
61
|
+
end
|
@@ -0,0 +1,44 @@
|
|
1
|
+
require "rubygems"
|
2
|
+
require "ezcrypto"
|
3
|
+
require "base64"
|
4
|
+
require "json"
|
5
|
+
require 'active_support/hash_with_indifferent_access'
|
6
|
+
|
7
|
+
module Woople
|
8
|
+
class Tokenizer
|
9
|
+
def initialize( importer_key, api_key, data = {} )
|
10
|
+
# create the signed key
|
11
|
+
signed_key = EzCrypto::Key.with_password( importer_key, api_key )
|
12
|
+
|
13
|
+
# create the data-object, using the required fields
|
14
|
+
defaults = {
|
15
|
+
:expires => 10.minutes.from_now.to_s # expires 10 minutes from now
|
16
|
+
}
|
17
|
+
|
18
|
+
data = defaults.merge(data)
|
19
|
+
|
20
|
+
# encode the data-object to JSON, and encrypt
|
21
|
+
encrypted_data = signed_key.encrypt( data.to_json )
|
22
|
+
|
23
|
+
# generate the SSO-Token
|
24
|
+
@sso_token = CGI.escape( Base64.encode64( encrypted_data ).gsub(/\n/, "") )
|
25
|
+
end
|
26
|
+
|
27
|
+
def sso_token
|
28
|
+
@sso_token
|
29
|
+
end
|
30
|
+
|
31
|
+
def self.decrypt( importer_key, api_key, encrypted_token )
|
32
|
+
# encrypted token must have been run through CGI.unescape() before coming into this method
|
33
|
+
|
34
|
+
# create the signed key
|
35
|
+
signed_key = EzCrypto::Key.with_password( importer_key, api_key )
|
36
|
+
|
37
|
+
# decode the data-object
|
38
|
+
decoded = signed_key.decrypt( Base64.decode64( encrypted_token ) )
|
39
|
+
|
40
|
+
# convert the object to a hash
|
41
|
+
HashWithIndifferentAccess.new( ActiveSupport::JSON.decode(decoded) )
|
42
|
+
end
|
43
|
+
end
|
44
|
+
end
|
data/spec/spec_helper.rb
ADDED
@@ -0,0 +1,11 @@
|
|
1
|
+
# This file was generated by the `rspec --init` command. Conventionally, all
|
2
|
+
# specs live under a `spec` directory, which RSpec adds to the `$LOAD_PATH`.
|
3
|
+
# Require this file using `require "spec_helper.rb"` to ensure that it is only
|
4
|
+
# loaded once.
|
5
|
+
#
|
6
|
+
# See http://rubydoc.info/gems/rspec-core/RSpec/Core/Configuration
|
7
|
+
RSpec.configure do |config|
|
8
|
+
config.treat_symbols_as_metadata_keys_with_true_values = true
|
9
|
+
config.run_all_when_everything_filtered = true
|
10
|
+
config.filter_run :focus
|
11
|
+
end
|
@@ -0,0 +1,102 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
require 'woople-session'
|
3
|
+
require 'cgi'
|
4
|
+
|
5
|
+
describe Woople::Session do
|
6
|
+
before do
|
7
|
+
@controller = stub( session: {} )
|
8
|
+
end
|
9
|
+
describe "#new" do
|
10
|
+
context "with an invalid token" do
|
11
|
+
subject { Woople::Session.new(@controller, 'bad_token') }
|
12
|
+
it { should_not be_valid }
|
13
|
+
it 'should have an error message' do
|
14
|
+
subject.valid?
|
15
|
+
subject.errors.full_messages.should include("Token could not be decrypted")
|
16
|
+
end
|
17
|
+
end
|
18
|
+
|
19
|
+
context "with a valid token" do
|
20
|
+
subject { Woople::Session.new(@controller, generate_valid_token) }
|
21
|
+
it { should be_valid }
|
22
|
+
end
|
23
|
+
|
24
|
+
context "with an expired token" do
|
25
|
+
subject { Woople::Session.new(@controller, generate_expired_token) }
|
26
|
+
|
27
|
+
it { should_not be_valid }
|
28
|
+
it 'should have an error message' do
|
29
|
+
subject.valid?
|
30
|
+
subject.errors.full_messages.should include("Token has expired")
|
31
|
+
end
|
32
|
+
end
|
33
|
+
|
34
|
+
context "without an expires key" do
|
35
|
+
subject { Woople::Session.new(@controller, generate_token_without_expires) }
|
36
|
+
|
37
|
+
it { should_not be_valid }
|
38
|
+
it 'should have an error message' do
|
39
|
+
subject.valid?
|
40
|
+
subject.errors.full_messages.should include("Token has expired")
|
41
|
+
end
|
42
|
+
|
43
|
+
end
|
44
|
+
end
|
45
|
+
|
46
|
+
describe "#find" do
|
47
|
+
context "retrieving a previously saved session" do
|
48
|
+
subject { Woople::Session.find(stub_controller) }
|
49
|
+
|
50
|
+
it "should have a name" do
|
51
|
+
subject[:name].should == 'bob'
|
52
|
+
end
|
53
|
+
end
|
54
|
+
end
|
55
|
+
|
56
|
+
describe "#save" do
|
57
|
+
context "with a valid token" do
|
58
|
+
before do
|
59
|
+
@session = Woople::Session.new(@controller, generate_valid_token)
|
60
|
+
end
|
61
|
+
|
62
|
+
it "should be true" do
|
63
|
+
@session.save.should be_true
|
64
|
+
end
|
65
|
+
|
66
|
+
it "should save the session" do
|
67
|
+
@session.save
|
68
|
+
@controller.session.should have_key :sso
|
69
|
+
end
|
70
|
+
end
|
71
|
+
|
72
|
+
context "with an invalid token" do
|
73
|
+
subject { Woople::Session.new(@controller, generate_expired_token).save }
|
74
|
+
it { should be_false }
|
75
|
+
end
|
76
|
+
end
|
77
|
+
|
78
|
+
def generate_token_without_expires
|
79
|
+
token(:expires => nil)
|
80
|
+
end
|
81
|
+
|
82
|
+
def generate_expired_token
|
83
|
+
token(:expires => 10.minutes.ago.to_s)
|
84
|
+
end
|
85
|
+
|
86
|
+
def generate_valid_token
|
87
|
+
token(:name => 'Bob Smith')
|
88
|
+
end
|
89
|
+
|
90
|
+
def token(data = {})
|
91
|
+
CGI.unescape(
|
92
|
+
Woople::Tokenizer.new(
|
93
|
+
ENV['WOOPLE_KEY'], ENV['WOOPLE_SECRET'], data
|
94
|
+
).sso_token
|
95
|
+
)
|
96
|
+
|
97
|
+
end
|
98
|
+
|
99
|
+
def stub_controller
|
100
|
+
stub(:session => { :sso => { :name => 'bob' } })
|
101
|
+
end
|
102
|
+
end
|
@@ -0,0 +1,24 @@
|
|
1
|
+
# -*- encoding: utf-8 -*-
|
2
|
+
$:.push File.expand_path("../lib", __FILE__)
|
3
|
+
require "woople-session/version"
|
4
|
+
|
5
|
+
Gem::Specification.new do |s|
|
6
|
+
s.name = "woople-session"
|
7
|
+
s.version = Woople::Session::VERSION
|
8
|
+
s.authors = ["Cameron Westland"]
|
9
|
+
s.email = ["camwest@gmail.com"]
|
10
|
+
s.homepage = ""
|
11
|
+
s.summary = %q{An easy way to login as a woople administrator}
|
12
|
+
s.description = %q{Our internal session library}
|
13
|
+
|
14
|
+
s.rubyforge_project = "woople-session"
|
15
|
+
|
16
|
+
s.files = `git ls-files`.split("\n")
|
17
|
+
s.test_files = `git ls-files -- {test,spec,features}/*`.split("\n")
|
18
|
+
s.executables = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) }
|
19
|
+
s.require_paths = ["lib"]
|
20
|
+
|
21
|
+
s.add_development_dependency "rspec", "~> 2.8"
|
22
|
+
s.add_dependency 'activemodel', "3.2.1"
|
23
|
+
s.add_dependency 'ezcrypto'
|
24
|
+
end
|
metadata
ADDED
@@ -0,0 +1,93 @@
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
2
|
+
name: woople-session
|
3
|
+
version: !ruby/object:Gem::Version
|
4
|
+
version: 0.0.1
|
5
|
+
prerelease:
|
6
|
+
platform: ruby
|
7
|
+
authors:
|
8
|
+
- Cameron Westland
|
9
|
+
autorequire:
|
10
|
+
bindir: bin
|
11
|
+
cert_chain: []
|
12
|
+
date: 2012-02-21 00:00:00.000000000 Z
|
13
|
+
dependencies:
|
14
|
+
- !ruby/object:Gem::Dependency
|
15
|
+
name: rspec
|
16
|
+
requirement: &70117980375940 !ruby/object:Gem::Requirement
|
17
|
+
none: false
|
18
|
+
requirements:
|
19
|
+
- - ~>
|
20
|
+
- !ruby/object:Gem::Version
|
21
|
+
version: '2.8'
|
22
|
+
type: :development
|
23
|
+
prerelease: false
|
24
|
+
version_requirements: *70117980375940
|
25
|
+
- !ruby/object:Gem::Dependency
|
26
|
+
name: activemodel
|
27
|
+
requirement: &70117980375320 !ruby/object:Gem::Requirement
|
28
|
+
none: false
|
29
|
+
requirements:
|
30
|
+
- - =
|
31
|
+
- !ruby/object:Gem::Version
|
32
|
+
version: 3.2.1
|
33
|
+
type: :runtime
|
34
|
+
prerelease: false
|
35
|
+
version_requirements: *70117980375320
|
36
|
+
- !ruby/object:Gem::Dependency
|
37
|
+
name: ezcrypto
|
38
|
+
requirement: &70117980374720 !ruby/object:Gem::Requirement
|
39
|
+
none: false
|
40
|
+
requirements:
|
41
|
+
- - ! '>='
|
42
|
+
- !ruby/object:Gem::Version
|
43
|
+
version: '0'
|
44
|
+
type: :runtime
|
45
|
+
prerelease: false
|
46
|
+
version_requirements: *70117980374720
|
47
|
+
description: Our internal session library
|
48
|
+
email:
|
49
|
+
- camwest@gmail.com
|
50
|
+
executables: []
|
51
|
+
extensions: []
|
52
|
+
extra_rdoc_files: []
|
53
|
+
files:
|
54
|
+
- .gitignore
|
55
|
+
- .rspec
|
56
|
+
- Gemfile
|
57
|
+
- LICENSE.txt
|
58
|
+
- README.md
|
59
|
+
- Rakefile
|
60
|
+
- lib/woople-session.rb
|
61
|
+
- lib/woople-session/base.rb
|
62
|
+
- lib/woople-session/version.rb
|
63
|
+
- lib/woople/tokenizer.rb
|
64
|
+
- spec/spec_helper.rb
|
65
|
+
- spec/woople-session/base_spec.rb
|
66
|
+
- woople-session.gemspec
|
67
|
+
homepage: ''
|
68
|
+
licenses: []
|
69
|
+
post_install_message:
|
70
|
+
rdoc_options: []
|
71
|
+
require_paths:
|
72
|
+
- lib
|
73
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
74
|
+
none: false
|
75
|
+
requirements:
|
76
|
+
- - ! '>='
|
77
|
+
- !ruby/object:Gem::Version
|
78
|
+
version: '0'
|
79
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
80
|
+
none: false
|
81
|
+
requirements:
|
82
|
+
- - ! '>='
|
83
|
+
- !ruby/object:Gem::Version
|
84
|
+
version: '0'
|
85
|
+
requirements: []
|
86
|
+
rubyforge_project: woople-session
|
87
|
+
rubygems_version: 1.8.10
|
88
|
+
signing_key:
|
89
|
+
specification_version: 3
|
90
|
+
summary: An easy way to login as a woople administrator
|
91
|
+
test_files:
|
92
|
+
- spec/spec_helper.rb
|
93
|
+
- spec/woople-session/base_spec.rb
|