yubikey_database_authenticatable 0.3.1 → 0.4.1

data/README.md

@@ -6,9 +6,11 @@ This extension requires the used to already have a valid account and password an
 
 ## Installation
 
-This plugin requires Rails 3.0.x and 3.1.x and Devise 1.3.4+. Additionally the Yubikey Ruby library found here is required.
+This plugin requires Rails 3.0.x, 3.1.x and 3.2.x and Devise 2.2.3+. Additionally the Yubikey Ruby library found here is required.
 
 <https://github.com/titanous/yubikey>
+                                                 
+The latest git version has a fix for a MITM attack element when communicating with the Yubico servers, this doesn't appear to be reflected in the published gem.
 
 The gem for the Yubikey library will need to be added to your Gemfile. To install the plugin add this plugin to your Gemfile.
 
@@ -18,10 +20,17 @@ The gem for the Yubikey library will need to be added to your Gemfile. To instal
 
 Once the plugin is installed, all you need to do is setup the user model which includes a small addition to the model itself and to the schema.
 
+In order to communicate with the Yubikey authentication services the API key will need to be provided, this should be included into the Devise config, set yubikey_api_key and yubikey_api_id in the Devise configuration file (in config/initializers/devise.rb).
+
+Get a key here: <https://upgrade.yubico.com/getapikey/>
+
+	config.yubikey_api_key = "" # => API Key must be set to validate one time passwords
+	config.yubikey_api_id = ""  # => API ID must be set to validate one time passwords
+
 The following needs to be added to the User module.
 
-	add_column :users, :useyubikey, :boolean
-	add_column :users, :registeredyubikey, :string
+	add_column :users, :use_yubikey, :boolean
+	add_column :users, :registered_yubikey, :string
 
 then finally add to the model:
 
@@ -30,12 +39,12 @@ then finally add to the model:
       devise :yubikey_database_authenticatable, :trackable, :timeoutable
 
       # Setup accessible (or protected) attributes for your model
-      attr_accessible :useyubikey, :registeredyubikey, :yubiotp
+      attr_accessible :use_yubikey, :registered_yubikey, :yubiotp
 
 	  attr_accessor :yubiotp
 		
-	  def registeredyubikey=(yubiotp)
-	    write_attribute(:registeredyubikey, yubiotp[0..11])
+	  def registered_yubikey=(yubiotp)
+	    write_attribute(:registered_yubikey, yubiotp[0..11])
 	  end
 	
       ...

data/Rakefile

@@ -1,22 +1,6 @@
 require 'rake'
 require 'rake/testtask'
-require 'rake/rdoctask'
 
-begin
-  require 'jeweler'
-  Jeweler::Tasks.new do |gem|
-    gem.name = "yubiket_database_authenticatable"
-    gem.summary = %Q{YubiKey OTP Authentication Plugin for Devise}
-    gem.description = %Q{Extended version of the Devise Database Authentication module to implement YubiKey OTP two factor authentication for registered users}
-    gem.email = "mort666@virus.org"
-    gem.homepage = "https://github.com/mort666/yubikey_database_authenticatable"
-    gem.authors = ["Stephen Kapp"]
-    # gem is a Gem::Specification... see http://www.rubygems.org/read/chapter/20 for additional settings
-  end
-  Jeweler::GemcutterTasks.new
-rescue LoadError
-  puts "Jeweler (or a dependency) not available. Install it with: sudo gem install jeweler"
-end
 
 desc 'Default: run unit tests.'
 task :default => :test
@@ -28,12 +12,3 @@ Rake::TestTask.new(:test) do |t|
   t.pattern = 'test/**/*_test.rb'
   t.verbose = true
 end
-
-desc 'Generate documentation for the yubikey_database_authenticatable plugin.'
-Rake::RDocTask.new(:rdoc) do |rdoc|
-  rdoc.rdoc_dir = 'rdoc'
-  rdoc.title    = 'YubikeyDatabaseAuthenticatable'
-  rdoc.options << '--line-numbers' << '--inline-source'
-  rdoc.rdoc_files.include('README')
-  rdoc.rdoc_files.include('lib/**/*.rb')
-end

data/lib/devise_yubikey_database_authenticatable/model.rb

@@ -13,7 +13,7 @@ require 'bcrypt'
         
         def validate_yubikey(yubiotp)
           begin
-            otp = Yubikey::OTP::Verify.new(yubiotp)
+            otp = Yubikey::OTP::Verify.new(:otp => yubiotp, :api_id => Devise.yubikey_api_id, :api_key => Devise.yubikey_api_key)
           
             if otp.valid?
               return true

data/lib/devise_yubikey_database_authenticatable/strategy.rb

@@ -5,13 +5,14 @@ module Devise
     class YubikeyDatabaseAuthenticatable < Authenticatable
       def authenticate!
         resource = valid_password? && mapping.to.find_for_yubikey_database_authentication(authentication_hash)
-    
-        if validate(resource) {resource.valid_password?(password)}
-          if resource.useyubikey == true
-            if params[:user][:yubiotp].blank?
-              fail('Yubikey OTP Required for this user.') 
+        return fail(:not_found_in_database) unless resource
+
+        if validate(resource) { resource.valid_password?(password) }
+          if resource.use_yubikey == true
+            if params[scope][:yubiotp].blank?
+              fail('Yubikey OTP Required for this user.')
             else
-              if resource.validate_yubikey(params[:user][:yubiotp]) && (resource.registeredyubikey == params[:user][:yubiotp][0..11])
+              if resource.validate_yubikey(params[scope][:yubiotp]) && (resource.registered_yubikey == params[scope][:yubiotp][0..11])
                 resource.after_database_authentication
                 success!(resource)
               else
@@ -29,4 +30,4 @@ module Devise
   end
 end
 
-  Warden::Strategies.add(:yubikey_database_authenticatable, Devise::Strategies::YubikeyDatabaseAuthenticatable)
+Warden::Strategies.add(:yubikey_database_authenticatable, Devise::Strategies::YubikeyDatabaseAuthenticatable)

data/lib/devise_yubikey_database_authenticatable/version.rb

@@ -1,3 +1,3 @@
 module YubikeyDatabaseAuthenticatable
-  VERSION = "0.3.1".freeze
+  VERSION = "0.4.1".freeze
 end

data/lib/yubikey_database_authenticatable.rb

@@ -8,4 +8,22 @@ require 'devise_yubikey_database_authenticatable/model'
 require 'devise_yubikey_database_authenticatable/strategy'
 require 'devise_yubikey_database_authenticatable/routes'
 
+module Devise
+  # Public: The api_key for a yubikey validation
+  # Get a key here: https://upgrade.yubico.com/getapikey/
+  # Set yubikey_api_key in the Devise configuration file (in config/initializers/devise.rb).
+  #
+  #   config.yubikey_api_key = "" # => Api Key must be set to validate one time passwords
+  mattr_accessor :yubikey_api_key
+  @@yubikey_api_key = nil
+
+  # Public: The api_id for a yubikey validation
+  # Get a key here: https://upgrade.yubico.com/getapikey/
+  # Set yubikey_api_id in the Devise configuration file (in config/initializers/devise.rb).
+  #
+  #   config.yubikey_api_id = "" # => Api ID must be set to validate one time passwords
+  mattr_accessor :yubikey_api_id
+  @@yubikey_api_id = nil
+end
+
 Devise.add_module(:yubikey_database_authenticatable, :strategy => true, :model => "devise_yubikey_database_authenticatable/model", :route => :session, :controller => :sessions)

data/yubikey_database_authenticatable.gemspec

@@ -18,6 +18,9 @@ Gem::Specification.new do |s|
   s.executables   = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) }
   s.require_paths = ["lib"]
 
-  s.add_dependency('devise', '~> 1.5.0')
-  s.add_dependency('yubikey', '~> 1.2.1')
+  s.add_dependency('devise', '>= 2.2.3')
+  s.add_dependency('yubikey', '~> 1.3.1')
+  s.add_development_dependency "active_support"
+  s.add_development_dependency "rake"
+  s.add_development_dependency "rdoc"
 end

metadata

@@ -1,64 +1,102 @@
---- !ruby/object:Gem::Specification 
+--- !ruby/object:Gem::Specification
 name: yubikey_database_authenticatable
-version: !ruby/object:Gem::Version 
-  hash: 17
+version: !ruby/object:Gem::Version
+  version: 0.4.1
   prerelease: 
-  segments: 
-  - 0
-  - 3
-  - 1
-  version: 0.3.1
 platform: ruby
-authors: 
+authors:
 - Stephen Kapp
 autorequire: 
 bindir: bin
 cert_chain: []
-
-date: 2011-12-04 00:00:00 +00:00
-default_executable: 
-dependencies: 
-- !ruby/object:Gem::Dependency 
+date: 2013-12-10 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
   name: devise
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: 2.2.3
+  type: :runtime
   prerelease: false
-  requirement: &id001 !ruby/object:Gem::Requirement 
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: 2.2.3
+- !ruby/object:Gem::Dependency
+  name: yubikey
+  requirement: !ruby/object:Gem::Requirement
     none: false
-    requirements: 
+    requirements:
     - - ~>
-      - !ruby/object:Gem::Version 
-        hash: 3
-        segments: 
-        - 1
-        - 5
-        - 0
-        version: 1.5.0
+      - !ruby/object:Gem::Version
+        version: 1.3.1
   type: :runtime
-  version_requirements: *id001
-- !ruby/object:Gem::Dependency 
-  name: yubikey
   prerelease: false
-  requirement: &id002 !ruby/object:Gem::Requirement 
+  version_requirements: !ruby/object:Gem::Requirement
     none: false
-    requirements: 
+    requirements:
     - - ~>
-      - !ruby/object:Gem::Version 
-        hash: 29
-        segments: 
-        - 1
-        - 2
-        - 1
-        version: 1.2.1
-  type: :runtime
-  version_requirements: *id002
+      - !ruby/object:Gem::Version
+        version: 1.3.1
+- !ruby/object:Gem::Dependency
+  name: active_support
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rdoc
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
 description: YubiKey OTP Authentication Plugin for Devise
 email: mort666@virus.org
 executables: []
-
 extensions: []
-
 extra_rdoc_files: []
-
-files: 
+files:
 - MIT-LICENSE
 - README.md
 - Rakefile
@@ -71,40 +109,30 @@ files:
 - test/test_helper.rb
 - test/yubikey_database_authenticatable_test.rb
 - yubikey_database_authenticatable.gemspec
-has_rdoc: true
 homepage: https://github.com/mort666/yubikey_database_authenticatable
 licenses: []
-
 post_install_message: 
 rdoc_options: []
-
-require_paths: 
+require_paths:
 - lib
-required_ruby_version: !ruby/object:Gem::Requirement 
+required_ruby_version: !ruby/object:Gem::Requirement
   none: false
-  requirements: 
-  - - ">="
-    - !ruby/object:Gem::Version 
-      hash: 3
-      segments: 
-      - 0
-      version: "0"
-required_rubygems_version: !ruby/object:Gem::Requirement 
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
   none: false
-  requirements: 
-  - - ">="
-    - !ruby/object:Gem::Version 
-      hash: 3
-      segments: 
-      - 0
-      version: "0"
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
 requirements: []
-
 rubyforge_project: 
-rubygems_version: 1.6.2
+rubygems_version: 1.8.25
 signing_key: 
 specification_version: 3
 summary: YubiKey OTP Authentication Plugin for Devise
-test_files: 
+test_files:
 - test/test_helper.rb
 - test/yubikey_database_authenticatable_test.rb