woople-session 0.0.1

data/.gitignore

@@ -0,0 +1,5 @@
+*.gem
+.bundle
+Gemfile.lock
+pkg/*
+.DS_Store

data/.rspec

@@ -0,0 +1,2 @@
+--color
+--format progress

data/Gemfile

@@ -0,0 +1,4 @@
+source "http://rubygems.org"
+
+# Specify your gem's dependencies in woople-session.gemspec
+gemspec

data/LICENSE.txt

@@ -0,0 +1,20 @@
+Copyright (c) 2012 Woople LLC.
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -0,0 +1,22 @@
+# Woople Session
+
+An easy way to login as a woople administrator.
+
+## Purpose & Rationale
+
+* Woople has a lot of different applications.
+* We don't want to maintain a seperate list of logins for each one.
+* We want to login to all the applications from a central location.
+* 'Child' Applications of woople can use this gem to make logins easy
+
+## Installation
+
+coming soon
+
+## Usage
+
+coming soon
+
+## Copyright
+
+Copyright (c) 2012 Woople LLC. See LICENSE.txt for further details.

data/Rakefile

@@ -0,0 +1,6 @@
+require "bundler/gem_tasks"
+require 'rspec/core/rake_task'
+
+RSpec::Core::RakeTask.new(:spec)
+
+task :default => :spec

data/lib/woople-session.rb

@@ -0,0 +1,12 @@
+require 'rubygems'
+require 'bundler/setup'
+
+require 'woople-session/version'
+require 'woople-session/base'
+require 'woople/tokenizer'
+
+module Woople
+  class Session
+    # nothing here on purpose
+  end
+end

data/lib/woople-session/base.rb

@@ -0,0 +1,61 @@
+require 'cgi'
+require 'active_model'
+require 'active_support/core_ext/numeric/time'
+require 'active_support/core_ext/string/conversions'
+
+module Woople
+  class Session
+    include ActiveModel::Validations
+
+    validate :token_decryptable, :token_expiration
+
+    # Class
+    def self.find(controller)
+      controller.session[:sso]
+    end
+
+    # Instance
+    def initialize(controller, token)
+      @controller = controller
+      @token = token
+    end
+
+    def save
+      if valid?
+        @controller.session[:sso] = get_token
+        return true
+      else
+        return false
+      end
+    end
+
+    private
+
+    def token_expiration
+      token = get_token
+      return if token.nil?
+
+      if token[:expires].nil? || DateTime.now >= token[:expires].to_datetime
+        errors.add(:token, "has expired")
+      end
+    end
+
+    def token_decryptable
+      token = get_token
+
+      if token.nil?
+        errors.add(:token, "could not be decrypted")
+      end
+    end
+
+    def get_token
+      begin
+        Woople::Tokenizer.decrypt(
+          ENV['WOOPLE_KEY'], ENV['WOOPLE_SECRET'], @token
+        )
+      rescue OpenSSL::Cipher::CipherError
+        return nil
+      end
+    end
+  end
+end

data/lib/woople-session/version.rb

@@ -0,0 +1,5 @@
+module Woople
+  class Session
+    VERSION = "0.0.1"
+  end
+end

data/lib/woople/tokenizer.rb

@@ -0,0 +1,44 @@
+require "rubygems"
+require "ezcrypto"
+require "base64"
+require "json"
+require 'active_support/hash_with_indifferent_access'
+
+module Woople
+  class Tokenizer
+    def initialize( importer_key, api_key, data = {} )
+      # create the signed key
+      signed_key = EzCrypto::Key.with_password( importer_key, api_key )
+
+      # create the data-object, using the required fields
+      defaults = {
+        :expires => 10.minutes.from_now.to_s # expires 10 minutes from now
+      }
+
+      data = defaults.merge(data)
+
+      # encode the data-object to JSON, and encrypt
+      encrypted_data = signed_key.encrypt( data.to_json )
+
+      # generate the SSO-Token
+      @sso_token = CGI.escape( Base64.encode64( encrypted_data ).gsub(/\n/, "") )
+    end
+
+    def sso_token
+      @sso_token
+    end
+
+    def self.decrypt( importer_key, api_key, encrypted_token )
+      # encrypted token must have been run through CGI.unescape() before coming into this method
+
+      # create the signed key
+      signed_key = EzCrypto::Key.with_password( importer_key, api_key )
+
+      # decode the data-object
+      decoded = signed_key.decrypt( Base64.decode64( encrypted_token ) )
+
+      # convert the object to a hash
+      HashWithIndifferentAccess.new( ActiveSupport::JSON.decode(decoded) )
+    end
+  end
+end

data/spec/spec_helper.rb

@@ -0,0 +1,11 @@
+# This file was generated by the `rspec --init` command. Conventionally, all
+# specs live under a `spec` directory, which RSpec adds to the `$LOAD_PATH`.
+# Require this file using `require "spec_helper.rb"` to ensure that it is only
+# loaded once.
+#
+# See http://rubydoc.info/gems/rspec-core/RSpec/Core/Configuration
+RSpec.configure do |config|
+  config.treat_symbols_as_metadata_keys_with_true_values = true
+  config.run_all_when_everything_filtered = true
+  config.filter_run :focus
+end

data/spec/woople-session/base_spec.rb

@@ -0,0 +1,102 @@
+require 'spec_helper'
+require 'woople-session'
+require 'cgi'
+
+describe Woople::Session do
+  before do
+    @controller = stub( session: {} )
+  end
+  describe "#new" do
+    context "with an invalid token" do
+      subject { Woople::Session.new(@controller, 'bad_token') }
+      it { should_not be_valid }
+      it 'should have an error message' do
+        subject.valid?
+        subject.errors.full_messages.should include("Token could not be decrypted")
+      end
+    end
+
+    context "with a valid token" do
+      subject { Woople::Session.new(@controller, generate_valid_token) }
+      it { should be_valid }
+    end
+
+    context "with an expired token" do
+      subject { Woople::Session.new(@controller, generate_expired_token) }
+
+      it { should_not be_valid }
+      it 'should have an error message' do
+        subject.valid?
+        subject.errors.full_messages.should include("Token has expired")
+      end
+    end
+
+    context "without an expires key" do
+      subject { Woople::Session.new(@controller, generate_token_without_expires) }
+
+      it { should_not be_valid }
+      it 'should have an error message' do
+        subject.valid?
+        subject.errors.full_messages.should include("Token has expired")
+      end
+
+    end
+  end
+
+  describe "#find" do
+    context "retrieving a previously saved session" do
+      subject { Woople::Session.find(stub_controller) }
+
+      it "should have a name" do
+        subject[:name].should == 'bob'
+      end
+    end
+  end
+
+  describe "#save" do
+    context "with a valid token" do
+      before do
+        @session = Woople::Session.new(@controller, generate_valid_token)
+      end
+
+      it "should be true" do
+        @session.save.should be_true
+      end
+
+      it "should save the session" do
+        @session.save
+        @controller.session.should have_key :sso
+      end
+    end
+
+    context "with an invalid token" do
+      subject { Woople::Session.new(@controller, generate_expired_token).save }
+      it { should be_false }
+    end
+  end
+
+  def generate_token_without_expires
+    token(:expires => nil)
+  end
+
+  def generate_expired_token
+    token(:expires => 10.minutes.ago.to_s)
+  end
+
+  def generate_valid_token
+    token(:name => 'Bob Smith')
+  end
+
+  def token(data = {})
+    CGI.unescape(
+      Woople::Tokenizer.new(
+        ENV['WOOPLE_KEY'], ENV['WOOPLE_SECRET'], data
+      ).sso_token
+    )
+
+  end
+
+  def stub_controller
+    stub(:session => { :sso => { :name => 'bob' } })
+  end
+end

data/woople-session.gemspec

@@ -0,0 +1,24 @@
+# -*- encoding: utf-8 -*-
+$:.push File.expand_path("../lib", __FILE__)
+require "woople-session/version"
+
+Gem::Specification.new do |s|
+  s.name        = "woople-session"
+  s.version     = Woople::Session::VERSION
+  s.authors     = ["Cameron Westland"]
+  s.email       = ["camwest@gmail.com"]
+  s.homepage    = ""
+  s.summary     = %q{An easy way to login as a woople administrator}
+  s.description = %q{Our internal session library}
+
+  s.rubyforge_project = "woople-session"
+
+  s.files         = `git ls-files`.split("\n")
+  s.test_files    = `git ls-files -- {test,spec,features}/*`.split("\n")
+  s.executables   = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) }
+  s.require_paths = ["lib"]
+
+  s.add_development_dependency "rspec", "~> 2.8"
+  s.add_dependency 'activemodel', "3.2.1"
+  s.add_dependency 'ezcrypto'
+end

metadata

@@ -0,0 +1,93 @@
+--- !ruby/object:Gem::Specification
+name: woople-session
+version: !ruby/object:Gem::Version
+  version: 0.0.1
+  prerelease: 
+platform: ruby
+authors:
+- Cameron Westland
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2012-02-21 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: &70117980375940 !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '2.8'
+  type: :development
+  prerelease: false
+  version_requirements: *70117980375940
+- !ruby/object:Gem::Dependency
+  name: activemodel
+  requirement: &70117980375320 !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - =
+      - !ruby/object:Gem::Version
+        version: 3.2.1
+  type: :runtime
+  prerelease: false
+  version_requirements: *70117980375320
+- !ruby/object:Gem::Dependency
+  name: ezcrypto
+  requirement: &70117980374720 !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: *70117980374720
+description: Our internal session library
+email:
+- camwest@gmail.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- .gitignore
+- .rspec
+- Gemfile
+- LICENSE.txt
+- README.md
+- Rakefile
+- lib/woople-session.rb
+- lib/woople-session/base.rb
+- lib/woople-session/version.rb
+- lib/woople/tokenizer.rb
+- spec/spec_helper.rb
+- spec/woople-session/base_spec.rb
+- woople-session.gemspec
+homepage: ''
+licenses: []
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: woople-session
+rubygems_version: 1.8.10
+signing_key: 
+specification_version: 3
+summary: An easy way to login as a woople administrator
+test_files:
+- spec/spec_helper.rb
+- spec/woople-session/base_spec.rb