github
/
rubycas-server
зеркало из https://github.com/github/rubycas-server.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность

Move authenticators dependencies into Gemfile 

Add autoloads for all authenticators, to do not requrie to install them all if
someone use only few or one.
Add groups to Gemfile.
This commit is contained in:
Robert Mitwicki 2012-11-27 12:14:22 +01:00
Родитель f69ed80b0a
Коммит dd373d62ec
13 изменённых файлов: 142 добавлений и 145 удалений
Показать статистику Скачать Patch файл Скачать Diff файл Показать все файлы Свернуть все файлы

9
Gemfile
Просмотреть файл

@ -1,3 +1,12 @@
source "http://rubygems.org"
gemspec
# Gems for authenticators
group :ldap do
gem "net-ldap", "~> 0.1.1"
end
group :active_resource do
gem "activeresource", ">= 2.3.12", "< 4.0"
end

7
lib/casserver.rb
Просмотреть файл

@ -8,4 +8,11 @@ require 'logger'
$LOG = Logger.new(STDOUT)
require 'casserver/server'
require 'casserver/authenticators/base'
CASServer::Authenticators.autoload :LDAP, 'casserver/authenticators/ldap.rb'
CASServer::Authenticators.autoload :ActiveDirectoryLDAP, 'casserver/authenticators/active_directory_ldap/'
CASServer::Authenticators.autoload :SQL, 'casserver/authenticators/sql.rb'
CASServer::Authenticators.autoload :Google, 'casserver/authenticators/google.rb'
CASServer::Authenticators.autoload :SQLEncrypted, 'lib/casserver/authenticators/sql_encrypted.rb'
CASServer::Authenticators.autoload :ActiveResource, 'casserver/authenticators/active_resource.rb'

2
lib/casserver/authenticators/active_directory_ldap.rb
Просмотреть файл

@ -1,5 +1,3 @@
require 'casserver/authenticators/ldap'
# Slightly modified version of the LDAP authenticator for Microsoft's ActiveDirectory.
# The only difference is that the default_username_attribute for AD is 'sAMAccountName'
# rather than 'uid'.

16
lib/casserver/authenticators/active_resource.rb
Просмотреть файл

@ -1,21 +1,7 @@
require 'casserver/authenticators/base'
begin
require 'active_resource'
rescue LoadError
require 'rubygems'
begin
gem 'activeresource', '~> 3.0.0'
rescue Gem::LoadError
$stderr.puts
$stderr.puts "!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"
$stderr.puts
$stderr.puts "To use the ActiveResource authenticator, you must first install the 'activeresource' gem."
$stderr.puts
$stderr.puts "!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"
exit 1
end
require 'active_resource'
$stderr.puts "To use the ActiveResource authenticator, you must first install gems from active_resource group. See: Gemfile"
end
module CASServer

1
lib/casserver/authenticators/google.rb
Просмотреть файл

@ -1,4 +1,3 @@
require 'casserver/authenticators/base'
require 'uri'
require 'net/http'
require 'net/https'

17
lib/casserver/authenticators/ldap.rb
Просмотреть файл

@ -1,22 +1,7 @@
require 'casserver/authenticators/base'
begin
require 'net/ldap'
rescue LoadError
require 'rubygems'
begin
gem 'net-ldap', '~> 0.1.1'
rescue Gem::LoadError
$stderr.puts
$stderr.puts "!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"
$stderr.puts
$stderr.puts "To use the LDAP/AD authenticator, you must first install the 'net-ldap' gem."
$stderr.puts " See http://github.com/RoryO/ruby-net-ldap for details."
$stderr.puts
$stderr.puts "!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"
exit 1
end
require 'net/ldap'
$stderr.puts "To use the LDAP/AD authenticator, you must first install gems from ldap group. See: Gemfile"
end
# Basic LDAP authenticator. Should be compatible with OpenLDAP and other similar LDAP servers,

3
lib/casserver/authenticators/open_id.rb
Просмотреть файл

@ -1,11 +1,8 @@
require 'casserver/authenticators/base'
require 'openid'
require 'openid/extensions/sreg'
require 'openid/extensions/pape'
require 'openid/store/memory'
# CURRENTLY UNIMPLEMENTED
# This is just starter code.
class CASServer::Authenticators::OpenID < CASServer::Authenticators::Base

10
lib/casserver/authenticators/sql.rb
Просмотреть файл

@ -1,5 +1,3 @@
require 'casserver/authenticators/base'
begin
require 'active_record'
rescue LoadError
@ -78,13 +76,13 @@ class CASServer::Authenticators::SQL < CASServer::Authenticators::Base
def validate(credentials)
read_standard_credentials(credentials)
raise_if_not_configured
$LOG.debug "#{self.class}: [#{user_model}] " + "Connection pool size: #{user_model.connection_pool.instance_variable_get(:@checked_out).length}/#{user_model.connection_pool.instance_variable_get(:@connections).length}"
user_model.connection_pool.checkin(user_model.connection)
if matching_users.size > 0
$LOG.warn("#{self.class}: Multiple matches found for user #{@username.inspect}") if matching_users.size > 1
unless @options[:extra_attributes].blank?
if matching_users.size > 1
$LOG.warn("#{self.class}: Unable to extract extra_attributes because multiple matches were found for #{@username.inspect}")
@ -111,7 +109,7 @@ class CASServer::Authenticators::SQL < CASServer::Authenticators::Base
def username_column
@options[:username_column] || 'username'
end
def password_column
@options[:password_column] || 'password'
end

1
lib/casserver/authenticators/test.rb
Просмотреть файл

@ -1,5 +1,4 @@
# encoding: UTF-8
require 'casserver/authenticators/base'
# Dummy authenticator used for testing.
# Accepts any username as valid as long as the password is "testpassword"; otherwise authentication fails.

5
rubycas-server.gemspec
Просмотреть файл

@ -28,7 +28,6 @@ $gemspec = Gem::Specification.new do |s|
For more information on RubyCAS-Server, see http://code.google.com/p/rubycas-server
"
s.add_dependency("activerecord", ">= 2.3.12", "< 4.0")
s.add_dependency("activesupport", ">= 2.3.12", "< 4.0")
s.add_dependency("sinatra", "~> 1.0")
@ -56,10 +55,6 @@ For more information on RubyCAS-Server, see http://code.google.com/p/rubycas-ser
s.add_development_dependency('win32console', "~> 1.3.2")
end
# for authenticator specs
s.add_development_dependency("net-ldap", "~> 0.1.1")
s.add_development_dependency("activeresource", ">= 2.3.12", "< 4.0")
s.rdoc_options = [
'--quiet', '--title', 'RubyCAS-Server Documentation', '--opname',
'index.html', '--line-numbers', '--main', 'README.md', '--inline-source'

169
spec/casserver/authenticators/active_resource_spec.rb
Просмотреть файл

@ -1,109 +1,116 @@
# encoding: UTF-8
require 'spec_helper'
require 'casserver/authenticators/active_resource'
describe CASServer::Authenticators::Helpers::Identity do
it { should be_an ActiveResource::Base }
it "class should respond to :authenticate" do
subject.class.should respond_to :authenticate
describe "CASServer::Authenticators::ActiveResource" do
before do
pending("Skip ActiveResource test due to missing gems") unless gem_available?("activeresource")
# Trigger autoload to load also Helpers module
# TODO this helper module should be inside activeresource namespace
CASServer::Authenticators::ActiveResource
end
describe "CASServer::Authenticators::Helpers::Identity" do
subject { CASServer::Authenticators::Helpers::Identity.new }
it "class should have a method_name accessor" do
CASServer::Authenticators::Helpers::Identity.method_name.should == :authenticate
end
it { should be_an ActiveResource::Base }
it "class should have a method_name accessor" do
CASServer::Authenticators::Helpers::Identity.method_type.should == :post
end
it "class method_type accessor should validate type" do
expect {
CASServer::Authenticators::Helpers::Identity.method_type = :foo
}.to raise_error(ArgumentError)
end
end
describe CASServer::Authenticators::ActiveResource do
describe "#setup" do
it "should configure the identity object" do
CASServer::Authenticators::Helpers::Identity.should_receive(:user=).with('httpuser').once
CASServer::Authenticators::ActiveResource.setup :site => 'http://api.example.org', :user => 'httpuser'
it "class should respond to :authenticate" do
subject.class.should respond_to :authenticate
end
it "should configure the method_type" do
CASServer::Authenticators::Helpers::Identity.should_receive(:method_type=).with('get').once
CASServer::Authenticators::ActiveResource.setup :site => 'http://api.example.org', :method_type => 'get'
it "class should have a method_name accessor" do
CASServer::Authenticators::Helpers::Identity.method_name.should == :authenticate
end
it "should raise if site option is missing" do
it "class should have a method_name accessor" do
CASServer::Authenticators::Helpers::Identity.method_type.should == :post
end
it "class method_type accessor should validate type" do
expect {
CASServer::Authenticators::ActiveResource.setup({}).should
}.to raise_error(CASServer::AuthenticatorError, /site option/)
CASServer::Authenticators::Helpers::Identity.method_type = :foo
}.to raise_error(ArgumentError)
end
end
describe "#validate" do
describe "CASServer::Authenticators::ActiveResource" do
let(:credentials) { {:username => 'validusername',
:password => 'validpassword',
:service => 'test.service'} }
describe "#setup" do
let(:auth) { CASServer::Authenticators::ActiveResource.new }
it "should configure the identity object" do
CASServer::Authenticators::Helpers::Identity.should_receive(:user=).with('httpuser').once
CASServer::Authenticators::ActiveResource.setup :site => 'http://api.example.org', :user => 'httpuser'
end
def mock_authenticate identity = nil
identity = CASServer::Authenticators::Helpers::Identity.new if identity.nil?
CASServer::Authenticators::Helpers::Identity.stub!(:authenticate).and_return(identity)
it "should configure the method_type" do
CASServer::Authenticators::Helpers::Identity.should_receive(:method_type=).with('get').once
CASServer::Authenticators::ActiveResource.setup :site => 'http://api.example.org', :method_type => 'get'
end
it "should raise if site option is missing" do
expect {
CASServer::Authenticators::ActiveResource.setup({}).should
}.to raise_error(CASServer::AuthenticatorError, /site option/)
end
end
def sample_identity attrs = {}
identity = CASServer::Authenticators::Helpers::Identity.new
attrs.each { |k,v| identity.send "#{k}=", v }
identity
end
describe "#validate" do
it "should call Identity#autenticate with the given params" do
CASServer::Authenticators::Helpers::Identity.should_receive(:authenticate).with(credentials).once
auth.validate(credentials)
end
let(:credentials) { {:username => 'validusername',
:password => 'validpassword',
:service => 'test.service'} }
it "should return identity object attributes as extra attributes" do
auth.configure({}.with_indifferent_access)
identity = sample_identity({:email => 'foo@example.org'})
mock_authenticate identity
auth.validate(credentials).should be_true
auth.extra_attributes.should == identity.attributes
end
let(:auth) { CASServer::Authenticators::ActiveResource.new }
it "should return false when http raises" do
CASServer::Authenticators::Helpers::Identity.stub!(:authenticate).and_raise(ActiveResource::ForbiddenAccess.new({}))
auth.validate(credentials).should be_false
end
def mock_authenticate identity = nil
identity = CASServer::Authenticators::Helpers::Identity.new if identity.nil?
CASServer::Authenticators::Helpers::Identity.stub!(:authenticate).and_return(identity)
end
it "should apply extra_attribute filter" do
auth.configure({ :extra_attributes => 'age'}.with_indifferent_access)
mock_authenticate sample_identity({ :email => 'foo@example.org', :age => 28 })
auth.validate(credentials).should be_true
auth.extra_attributes.should == { "age" => "28" }
end
def sample_identity attrs = {}
identity = CASServer::Authenticators::Helpers::Identity.new
attrs.each { |k,v| identity.send "#{k}=", v }
identity
end
it "should only extract not filtered attributes" do
auth.configure({ :filter_attributes => 'age'}.with_indifferent_access)
mock_authenticate sample_identity({ :email => 'foo@example.org', :age => 28 })
auth.validate(credentials).should be_true
auth.extra_attributes.should == { "email" => 'foo@example.org' }
end
it "should call Identity#autenticate with the given params" do
CASServer::Authenticators::Helpers::Identity.should_receive(:authenticate).with(credentials).once
auth.validate(credentials)
end
it "should filter password if filter attributes is not given" do
auth.configure({}.with_indifferent_access)
mock_authenticate sample_identity({ :email => 'foo@example.org', :password => 'secret' })
auth.validate(credentials).should be_true
auth.extra_attributes.should == { "email" => 'foo@example.org' }
it "should return identity object attributes as extra attributes" do
auth.configure({}.with_indifferent_access)
identity = sample_identity({:email => 'foo@example.org'})
mock_authenticate identity
auth.validate(credentials).should be_true
auth.extra_attributes.should == identity.attributes
end
it "should return false when http raises" do
CASServer::Authenticators::Helpers::Identity.stub!(:authenticate).and_raise(ActiveResource::ForbiddenAccess.new({}))
auth.validate(credentials).should be_false
end
it "should apply extra_attribute filter" do
auth.configure({ :extra_attributes => 'age'}.with_indifferent_access)
mock_authenticate sample_identity({ :email => 'foo@example.org', :age => 28 })
auth.validate(credentials).should be_true
auth.extra_attributes.should == { "age" => "28" }
end
it "should only extract not filtered attributes" do
auth.configure({ :filter_attributes => 'age'}.with_indifferent_access)
mock_authenticate sample_identity({ :email => 'foo@example.org', :age => 28 })
auth.validate(credentials).should be_true
auth.extra_attributes.should == { "email" => 'foo@example.org' }
end
it "should filter password if filter attributes is not given" do
auth.configure({}.with_indifferent_access)
mock_authenticate sample_identity({ :email => 'foo@example.org', :password => 'secret' })
auth.validate(credentials).should be_true
auth.extra_attributes.should == { "email" => 'foo@example.org' }
end
end
end
end

22
spec/casserver/authenticators/ldap_spec.rb
Просмотреть файл

@ -1,17 +1,19 @@
# encoding: UTF-8
require 'spec_helper'
require 'casserver/authenticators/ldap'
describe CASServer::Authenticators::LDAP do
describe "CASServer::Authenticators::LDAP" do
before do
pending("Skip LDAP test due to missing gems") unless gem_available?("net-ldap")
if $LOG.nil?
load_server('default_config') # a lazy way to make sure the logger is set up
end
# Trigger autoload to load net ldap
CASServer::Authenticators::LDAP
@ldap_entry = mock(Net::LDAP::Entry.new)
@ldap_entry.stub!(:[]).and_return("Test")
@ldap = mock(Net::LDAP)
@ldap.stub!(:host=)
@ldap.stub!(:port=)
@ -19,10 +21,10 @@ describe CASServer::Authenticators::LDAP do
@ldap.stub!(:bind_as).and_return(true)
@ldap.stub!(:authenticate).and_return(true)
@ldap.stub!(:search).and_return([@ldap_entry])
Net::LDAP.stub!(:new).and_return(@ldap)
end
describe '#validate' do
it 'validate with preauthentication and with extra attributes' do
@ -39,7 +41,7 @@ describe CASServer::Authenticators::LDAP do
},
:extra_attributes => [:full_name, :address]
)
auth.configure(auth_config.merge('auth_index' => 0))
auth.validate(
:username => 'validusername',
@ -47,11 +49,9 @@ describe CASServer::Authenticators::LDAP do
:service => 'test.service',
:request => {}
).should == true
auth.extra_attributes.should == {:full_name => 'Test', :address => 'Test'}
end
end
end

25
spec/spec_helper.rb
Просмотреть файл

@ -8,6 +8,15 @@ require 'ostruct'
require 'capybara'
require 'capybara/dsl'
require 'casserver/authenticators/base'
CASServer::Authenticators.autoload :LDAP, 'casserver/authenticators/ldap.rb'
CASServer::Authenticators.autoload :ActiveDirectoryLDAP, 'casserver/authenticators/active_directory_ldap/'
CASServer::Authenticators.autoload :SQL, 'casserver/authenticators/sql.rb'
CASServer::Authenticators.autoload :SQLEncrypted, 'lib/casserver/authenticators/sql_encrypted.rb'
CASServer::Authenticators.autoload :Google, 'casserver/authenticators/google.rb'
CASServer::Authenticators.autoload :ActiveResource, 'casserver/authenticators/active_resource.rb'
#CASServer::Authenticators.autoload :Test, 'casserver/authenticators/test.rb'
# require builder because it doesn't pull in the version
# info automatically...
@ -58,15 +67,15 @@ end
# This called in specs' `before` block.
# Due to the way Sinatra applications are loaded,
# we're forced to delay loading of the server code
# until the start of each test so that certain
# until the start of each test so that certain
# configuraiton options can be changed (e.g. `uri_path`)
def load_server(config_file = 'default_config')
ENV['CONFIG_FILE'] = File.join(File.dirname(__FILE__),'config',"#{config_file}.yml")
silence_warnings do
load File.dirname(__FILE__) + '/../lib/casserver/server.rb'
end
# set test environment
CASServer::Server.set :environment, :test
CASServer::Server.set :run, false
@ -91,9 +100,17 @@ def reset_spec_database
CASServer::Server.config[:database] && CASServer::Server.config[:database][:database]
FileUtils.rm_f(CASServer::Server.config[:database][:database])
ActiveRecord::Base.logger = Logger.new(STDOUT)
ActiveRecord::Base.logger.level = Logger::ERROR
ActiveRecord::Migration.verbose = false
ActiveRecord::Migrator.migrate("db/migrate")
end
def gem_available?(name)
if Gem::Specification.methods.include?(:find_all_by_name)
not Gem::Specification.find_all_by_name(name).empty?
else
Gem.available?(name)
end
end