omniauth-crowd-2.2.3/0000755000175600017570000000000012632061077013523 5ustar pravipraviomniauth-crowd-2.2.3/spec/0000755000175600017570000000000012632061077014455 5ustar pravipraviomniauth-crowd-2.2.3/spec/fixtures/0000755000175600017570000000000012632061077016326 5ustar pravipraviomniauth-crowd-2.2.3/spec/fixtures/success.xml0000644000175600017570000000117112632061077020520 0ustar pravipravi Foo Foobaz Foo Foobaz foo@example.org true omniauth-crowd-2.2.3/spec/fixtures/session.xml0000644000175600017570000000060312632061077020532 0ustar pravipravi rtk8eMvqq00EiGn5iJCMZQ00 omniauth-crowd-2.2.3/spec/fixtures/groups.xml0000644000175600017570000000050112632061077020363 0ustar pravipravi omniauth-crowd-2.2.3/spec/spec_helper.rb0000644000175600017570000000041312632061077017271 0ustar pravipravirequire 'bundler/setup' Bundler.setup require 'rack/test' require 'webmock' require 'webmock/rspec' require 'omniauth_crowd' RSpec.configure do |config| WebMock.disable_net_connect! config.include Rack::Test::Methods config.raise_errors_for_deprecations! end omniauth-crowd-2.2.3/spec/omniauth/0000755000175600017570000000000012632061077016301 5ustar pravipraviomniauth-crowd-2.2.3/spec/omniauth/strategies/0000755000175600017570000000000012632061077020453 5ustar pravipraviomniauth-crowd-2.2.3/spec/omniauth/strategies/crowd_spec.rb0000755000175600017570000001523712632061077023143 0ustar pravipravirequire 'spec_helper' describe OmniAuth::Strategies::Crowd, :type=>:strategy do include OmniAuth::Test::StrategyTestCase def strategy @crowd_server_url ||= 'https://crowd.example.org' @application_name ||= 'bogus_app' @application_password ||= 'bogus_app_password' [OmniAuth::Strategies::Crowd, {:crowd_server_url => @crowd_server_url, :application_name => @application_name, :application_password => @application_password, :use_sessions => @using_sessions}] end @using_sessions = false let(:config) { OmniAuth::Strategies::Crowd::Configuration.new(strategy[1]) } let(:validator) { OmniAuth::Strategies::Crowd::CrowdValidator.new(config, 'foo', 'bar') } describe 'Authentication Request Body' do it 'should send password in session request' do body = <<-BODY.strip bar BODY expect(validator.send(:make_authentication_request_body, 'bar')).to eq(body) end it 'should escape special characters username and password in session request' do body = <<-BODY.strip bar< BODY expect(validator.send(:make_authentication_request_body, 'bar<')).to eq(body) end end describe 'Session Request Body' do it 'should send username and password in session request' do body = <<-BODY.strip foo bar BODY expect(validator.send(:make_session_request_body, 'foo', 'bar')).to eq(body) end it 'should escape special characters username and password in session request' do body = <<-BODY.strip foo bar< BODY expect(validator.send(:make_session_request_body, 'foo', 'bar<')).to eq(body) end end describe 'GET /auth/crowd' do it 'should show the login form' do get '/auth/crowd' expect(last_response).to be_ok end end describe 'POST /auth/crowd' do it 'should redirect to callback' do post '/auth/crowd', :username=>'foo', :password=>'bar' expect(last_response).to be_redirect expect(last_response.headers['Location']).to eq('http://example.org/auth/crowd/callback') end end describe 'GET /auth/crowd/callback without any credentials' do it 'should fail' do get '/auth/crowd/callback' expect(last_response).to be_redirect expect(last_response.headers['Location']).to match(/no_credentials/) end end describe 'GET /auth/crowd/callback with credentials can be successful' do context "when using authentication endpoint" do before do stub_request(:post, "https://bogus_app:bogus_app_password@crowd.example.org/rest/usermanagement/latest/authentication?username=foo"). to_return(:body => File.read(File.join(File.dirname(__FILE__), '..', '..', 'fixtures', 'success.xml'))) stub_request(:get, "https://bogus_app:bogus_app_password@crowd.example.org/rest/usermanagement/latest/user/group/direct?username=foo"). to_return(:body => File.read(File.join(File.dirname(__FILE__), '..', '..', 'fixtures', 'groups.xml'))) #Adding this to prevent Content-Type text/xml from being added back in the future stub_request(:get, "https://bogus_app:bogus_app_password@crowd.example.org/rest/usermanagement/latest/user/group/direct?username=foo").with(:headers => {"Content-Type" => "text/xml"}). to_return(:status => [415, "Unsupported Media Type"]) get '/auth/crowd/callback', nil, 'rack.session'=>{'omniauth.crowd'=> {"username"=>"foo", "password"=>"ba"}} end it 'should call through to the master app' do expect(last_response.body).to eq('true') end it 'should have an auth hash' do auth = last_request.env['omniauth.auth'] expect(auth).to be_kind_of(Hash) end it 'should have good data' do auth = last_request.env['omniauth.auth'] expect(auth['provider']).to eq(:crowd) expect(auth['uid']).to eq('foo') expect(auth['info']).to be_kind_of(Hash) expect(auth['info']['groups'].sort).to eq(["Developers", "jira-users"].sort) end end describe "when using session endpoint" do before do @using_sessions = true stub_request(:post, "https://bogus_app:bogus_app_password@crowd.example.org/rest/usermanagement/latest/authentication?username=foo"). to_return(:body => File.read(File.join(File.dirname(__FILE__), '..', '..', 'fixtures', 'success.xml'))) stub_request(:post, "https://bogus_app:bogus_app_password@crowd.example.org/rest/usermanagement/latest/session"). to_return(:status => 201, :body => File.read(File.join(File.dirname(__FILE__), '..', '..', 'fixtures', 'session.xml'))) stub_request(:get, "https://bogus_app:bogus_app_password@crowd.example.org/rest/usermanagement/latest/user/group/direct?username=foo"). to_return(:body => File.read(File.join(File.dirname(__FILE__), '..', '..', 'fixtures', 'groups.xml'))) end after { @using_sessions = false } it 'should call through to the master app' do get '/auth/crowd/callback', nil, 'rack.session'=>{'omniauth.crowd'=> {"username"=>"foo", "password"=>"ba"}} expect(last_response.body).to eq('true') end it 'should have an auth hash' do get '/auth/crowd/callback', nil, 'rack.session'=>{'omniauth.crowd'=> {"username"=>"foo", "password"=>"ba"}} expect(last_request.env['omniauth.auth']).to be_kind_of(Hash) end it 'should have good data' do get '/auth/crowd/callback', nil, 'rack.session'=>{'omniauth.crowd'=> {"username"=>"foo", "password"=>"ba"}} auth = last_request.env['omniauth.auth'] expect(auth['provider']).to eq(:crowd) expect(auth['uid']).to eq('foo') expect(auth['info']).to be_kind_of(Hash) expect(auth['info']['sso_token']).to eq('rtk8eMvqq00EiGn5iJCMZQ00') expect(auth['info']['groups'].sort).to eq(["Developers", "jira-users"].sort) end end end describe 'GET /auth/crowd/callback with credentials will fail' do before do stub_request(:post, "https://bogus_app:bogus_app_password@crowd.example.org/rest/usermanagement/latest/authentication?username=foo"). to_return(:code=>400) get '/auth/crowd/callback', nil, 'rack.session'=>{'omniauth.crowd'=> {"username"=>"foo", "password"=>"ba"}} end it 'should fail' do expect(last_response).to be_redirect expect(last_response.headers['Location']).to match(/invalid_credentials/) end end end omniauth-crowd-2.2.3/LICENSE.txt0000644000175600017570000000204012632061077015342 0ustar pravipraviCopyright (c) 2011 Rob Di Marco Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. omniauth-crowd-2.2.3/.travis.yml0000644000175600017570000000007112632061077015632 0ustar pravipravilanguage: ruby rvm: - "1.9.3" - "2.0.0" - "2.1.2" omniauth-crowd-2.2.3/.document0000644000175600017570000000006712632061077015345 0ustar pravipravilib/**/*.rb bin/* - features/**/*.feature LICENSE.txt omniauth-crowd-2.2.3/README.md0000644000175600017570000000362512632061077015010 0ustar pravipravi# omniauth_crowd The omniauth_crowd library is an OmniAuth provider that supports authentication against Atlassian Crowd REST apis. [![Build Status](https://travis-ci.org/robdimarco/omniauth_crowd.svg?branch=master)](https://travis-ci.org/robdimarco/omniauth_crowd) ## Helpful links * [Documentation](http://github.com/robdimarco/omniauth_crow) * [OmniAuth](https://github.com/intridea/omniauth/) * [Atlassian Crowd](http://www.atlassian.com/software/crowd/) * [Atlassian Crowd REST API](http://confluence.atlassian.com/display/CROWDDEV/Crowd+REST+APIs) ## Install and use ### 1. Add the OmniAuth Crowd REST plugin to your Gemfile gem 'omniauth', '>= 1.0.0' # We depend on this gem "omniauth_crowd" ### 2. You will need to configure OmniAuth to use your crowd authentication. This is generally done in Rails in the config/initializers/omniauth.rb with... Rails.application.config.middleware.use OmniAuth::Builder do provider :crowd, :crowd_server_url=>"https://crowd.mycompanyname.com/crowd", :application_name=>"app", :application_password=>"password" end You will need to supply the correct server URL, application name and password ## Contributing to omniauth_crowd * Check out the latest master to make sure the feature hasn't been implemented or the bug hasn't been fixed yet * Check out the issue tracker to make sure someone already hasn't requested it and/or contributed it * Fork the project * Start a feature/bugfix branch * Commit and push until you are happy with your contribution * Make sure to add tests for it. This is important so I don't break it in a future version unintentionally. * Please try not to mess with the Rakefile, version, or history. If you want to have your own version, or is otherwise necessary, that is fine, but please isolate to its own commit so I can cherry-pick around it. ## Copyright Copyright (c) 2011-14 Rob Di Marco. See LICENSE.txt for further details. omniauth-crowd-2.2.3/Gemfile0000644000175600017570000000014312632061077015014 0ustar pravipravisource 'http://rubygems.org' # Specify your gem's dependencies in omniauth-github.gemspec gemspec omniauth-crowd-2.2.3/metadata.yml0000644000175600017570000001145712632061077016036 0ustar pravipravi--- !ruby/object:Gem::Specification name: omniauth_crowd version: !ruby/object:Gem::Version version: 2.2.3 platform: ruby authors: - Robert Di Marco autorequire: bindir: bin cert_chain: [] date: 2015-05-28 00:00:00.000000000 Z dependencies: - !ruby/object:Gem::Dependency name: omniauth requirement: !ruby/object:Gem::Requirement requirements: - - ~> - !ruby/object:Gem::Version version: '1.0' type: :runtime prerelease: false version_requirements: !ruby/object:Gem::Requirement requirements: - - ~> - !ruby/object:Gem::Version version: '1.0' - !ruby/object:Gem::Dependency name: nokogiri requirement: !ruby/object:Gem::Requirement requirements: - - '>=' - !ruby/object:Gem::Version version: 1.4.4 type: :runtime prerelease: false version_requirements: !ruby/object:Gem::Requirement requirements: - - '>=' - !ruby/object:Gem::Version version: 1.4.4 - !ruby/object:Gem::Dependency name: activesupport requirement: !ruby/object:Gem::Requirement requirements: - - '>=' - !ruby/object:Gem::Version version: '0' type: :runtime prerelease: false version_requirements: !ruby/object:Gem::Requirement requirements: - - '>=' - !ruby/object:Gem::Version version: '0' - !ruby/object:Gem::Dependency name: rack requirement: !ruby/object:Gem::Requirement requirements: - - '>=' - !ruby/object:Gem::Version version: '0' type: :development prerelease: false version_requirements: !ruby/object:Gem::Requirement requirements: - - '>=' - !ruby/object:Gem::Version version: '0' - !ruby/object:Gem::Dependency name: rake requirement: !ruby/object:Gem::Requirement requirements: - - '>=' - !ruby/object:Gem::Version version: '0' type: :development prerelease: false version_requirements: !ruby/object:Gem::Requirement requirements: - - '>=' - !ruby/object:Gem::Version version: '0' - !ruby/object:Gem::Dependency name: rack-test requirement: !ruby/object:Gem::Requirement requirements: - - '>=' - !ruby/object:Gem::Version version: '0' type: :development prerelease: false version_requirements: !ruby/object:Gem::Requirement requirements: - - '>=' - !ruby/object:Gem::Version version: '0' - !ruby/object:Gem::Dependency name: rspec requirement: !ruby/object:Gem::Requirement requirements: - - ~> - !ruby/object:Gem::Version version: 3.0.0 type: :development prerelease: false version_requirements: !ruby/object:Gem::Requirement requirements: - - ~> - !ruby/object:Gem::Version version: 3.0.0 - !ruby/object:Gem::Dependency name: webmock requirement: !ruby/object:Gem::Requirement requirements: - - '>=' - !ruby/object:Gem::Version version: '0' type: :development prerelease: false version_requirements: !ruby/object:Gem::Requirement requirements: - - '>=' - !ruby/object:Gem::Version version: '0' - !ruby/object:Gem::Dependency name: bundler requirement: !ruby/object:Gem::Requirement requirements: - - '>' - !ruby/object:Gem::Version version: 1.0.0 type: :development prerelease: false version_requirements: !ruby/object:Gem::Requirement requirements: - - '>' - !ruby/object:Gem::Version version: 1.0.0 description: This is an OmniAuth provider for Atlassian Crowd's REST API. It allows you to easily integrate your Rack application in with Atlassian Crowd. email: - rob@innovationontherun.com executables: [] extensions: [] extra_rdoc_files: [] files: - .document - .gitignore - .travis.yml - Gemfile - Gemfile.lock - LICENSE.txt - README.md - Rakefile - lib/omniauth/strategies/crowd.rb - lib/omniauth/strategies/crowd/configuration.rb - lib/omniauth/strategies/crowd/crowd_validator.rb - lib/omniauth_crowd.rb - lib/omniauth_crowd/version.rb - omniauth_crowd.gemspec - spec/fixtures/groups.xml - spec/fixtures/session.xml - spec/fixtures/success.xml - spec/omniauth/strategies/crowd_spec.rb - spec/spec_helper.rb homepage: http://github.com/robdimarco/omniauth_crowd licenses: [] metadata: {} post_install_message: rdoc_options: [] require_paths: - lib required_ruby_version: !ruby/object:Gem::Requirement requirements: - - '>=' - !ruby/object:Gem::Version version: '0' required_rubygems_version: !ruby/object:Gem::Requirement requirements: - - '>=' - !ruby/object:Gem::Version version: '0' requirements: [] rubyforge_project: rubygems_version: 2.2.2 signing_key: specification_version: 4 summary: An OmniAuth provider for Atlassian Crowd REST API test_files: - spec/fixtures/groups.xml - spec/fixtures/session.xml - spec/fixtures/success.xml - spec/omniauth/strategies/crowd_spec.rb - spec/spec_helper.rb omniauth-crowd-2.2.3/lib/0000755000175600017570000000000012632061077014271 5ustar pravipraviomniauth-crowd-2.2.3/lib/omniauth/0000755000175600017570000000000012632061077016115 5ustar pravipraviomniauth-crowd-2.2.3/lib/omniauth/strategies/0000755000175600017570000000000012632061077020267 5ustar pravipraviomniauth-crowd-2.2.3/lib/omniauth/strategies/crowd/0000755000175600017570000000000012632061077021405 5ustar pravipraviomniauth-crowd-2.2.3/lib/omniauth/strategies/crowd/crowd_validator.rb0000755000175600017570000001145212632061077025123 0ustar pravipravirequire 'nokogiri' require 'net/http' require 'net/https' module OmniAuth module Strategies class Crowd class CrowdValidator SESSION_REQUEST_BODY = <<-BODY.strip %s %s BODY AUTHENTICATION_REQUEST_BODY = "%s" def initialize(configuration, username, password) @configuration, @username, @password = configuration, username, password @authentiction_uri = URI.parse(@configuration.authentication_url(@username)) @session_uri = URI.parse(@configuration.session_url) if @configuration.use_sessions @user_group_uri = @configuration.include_users_groups? ? URI.parse(@configuration.user_group_url(@username)) : nil end def user_info user_info_hash = retrieve_user_info! if user_info_hash && @configuration.include_users_groups? user_info_hash = add_user_groups!(user_info_hash) else user_info_hash end if user_info_hash && @configuration.use_sessions? user_info_hash = add_session!(user_info_hash) end user_info_hash end private def add_session!(user_info_hash) response = make_session_request if response.kind_of?(Net::HTTPSuccess) && response.body doc = Nokogiri::XML(response.body) user_info_hash["sso_token"] = doc.xpath('//token/text()').to_s else OmniAuth.logger.send(:warn, "(crowd) [add_session!] response code: #{response.code.to_s}") OmniAuth.logger.send(:warn, "(crowd) [add_session!] response body: #{response.body}") end user_info_hash end def add_user_groups!(user_info_hash) response = make_user_group_request unless response.code.to_i != 200 || response.body.nil? || response.body == '' doc = Nokogiri::XML(response.body) user_info_hash["groups"] = doc.xpath("//groups/group/@name").map(&:to_s) end user_info_hash end def retrieve_user_info! response = make_authorization_request unless response.code.to_i != 200 || response.body.nil? || response.body == '' doc = Nokogiri::XML(response.body) { "user" => doc.xpath("//user/@name").to_s, "name" => doc.xpath("//user/display-name/text()").to_s, "first_name" => doc.xpath("//user/first-name/text()").to_s, "last_name" => doc.xpath("//user/last-name/text()").to_s, "email" => doc.xpath("//user/email/text()").to_s } else OmniAuth.logger.send(:warn, "(crowd) [retrieve_user_info!] response code: #{response.code.to_s}") OmniAuth.logger.send(:warn, "(crowd) [retrieve_user_info!] response body: #{response.body}") nil end end def make_request(uri, body=nil) http_method = body.nil? ? Net::HTTP::Get : Net::HTTP::Post http = Net::HTTP.new(uri.host, uri.port) http.use_ssl = uri.port == 443 || uri.instance_of?(URI::HTTPS) http.verify_mode = OpenSSL::SSL::VERIFY_NONE if http.use_ssl? && @configuration.disable_ssl_verification? http.start do |c| req = http_method.new(uri.query.nil? ? uri.path : "#{uri.path}?#{uri.query}") req.body = body if body req.basic_auth @configuration.crowd_application_name, @configuration.crowd_password if @configuration.content_type req.add_field 'Content-Type', @configuration.content_type end http.request(req) end end def make_user_group_request make_request(@user_group_uri) end def make_authorization_request make_request(@authentiction_uri, make_authentication_request_body(@password)) end def make_session_request make_request(@session_uri, make_session_request_body(@username, @password)) end # create the body using Nokogiri so proper encoding of passwords can be ensured def make_authentication_request_body(password) request_body = Nokogiri::XML(AUTHENTICATION_REQUEST_BODY) password_value = request_body.at_css "value" password_value.content = password return request_body.root.to_s # return the body without the xml header end def make_session_request_body(username,password) request_body = Nokogiri::XML(SESSION_REQUEST_BODY) request_body.at_css("username").content = username request_body.at_css("password").content = password return request_body.root.to_s end end end end end omniauth-crowd-2.2.3/lib/omniauth/strategies/crowd/configuration.rb0000644000175600017570000001171212632061077024603 0ustar pravipravirequire 'rack' module OmniAuth module Strategies class Crowd class Configuration DEFAULT_SESSION_URL = "%s/rest/usermanagement/latest/session" DEFAULT_AUTHENTICATION_URL = "%s/rest/usermanagement/latest/authentication" DEFAULT_USER_GROUP_URL = "%s/rest/usermanagement/latest/user/group/direct" DEFAULT_CONTENT_TYPE = 'application/xml' attr_reader :crowd_application_name, :crowd_password, :disable_ssl_verification, :include_users_groups, :use_sessions, :session_url, :content_type alias :"disable_ssl_verification?" :disable_ssl_verification alias :"include_users_groups?" :include_users_groups alias :"use_sessions?" :use_sessions # @param [Hash] params configuration options # @option params [String, nil] :crowd_server_url the Crowd server root URL; probably something like # `https://crowd.mycompany.com` or `https://crowd.mycompany.com/crowd`; optional. # @option params [String, nil] :crowd_authentication_url (:crowd_server_url + '/rest/usermanagement/latest/authentication') the URL to which to # use for authenication; optional if `:crowd_server_url` is specified, # required otherwise. # @option params [String, nil] :application_name the application name specified in Crowd for this application, required. # @option params [String, nil] :application_password the application password specified in Crowd for this application, required. # @option params [Boolean, nil] :disable_ssl_verification disable verification for SSL cert, # helpful when you developing with a fake cert. # @option params [Boolean, true] : include a list of user groups when getting information ont he user # @option params [String, nil] :crowd_user_group_url (:crowd_server_url + '/rest/usermanagement/latest/user/group/direct') the URL to which to # use for retrieving users groups optional if `:crowd_server_url` is specified, or if `:include_user_groups` is false # required otherwise. def initialize(params) parse_params params end # Build a Crowd authentication URL from +username+. # # @param [String] username the username to validate # # @return [String] a URL like `https://crowd.myhost.com/crowd/rest/usermanagement/latest/authentication?username=USERNAME` def authentication_url(username) append_username @authentication_url, username end def user_group_url(username) @user_group_url.nil? ? nil : append_username( @user_group_url, username) end private def parse_params(options) options= {:include_user_groups => true}.merge(options || {}) %w(application_name application_password).each do |opt| raise ArgumentError.new(":#{opt} MUST be provided") if options[opt.to_sym] == "" end @crowd_application_name = options[:application_name] @crowd_password = options[:application_password] @use_sessions = options[:use_sessions] @content_type = options[:content_type] || DEFAULT_CONTENT_TYPE unless options.include?(:crowd_server_url) || options.include?(:crowd_authentication_url) raise ArgumentError.new("Either :crowd_server_url or :crowd_authentication_url MUST be provided") end if @use_sessions @session_url = options[:crowd_session_url] || DEFAULT_SESSION_URL % options[:crowd_server_url] validate_is_url 'session URL', @session_url end @authentication_url = options[:crowd_authentication_url] || DEFAULT_AUTHENTICATION_URL % options[:crowd_server_url] validate_is_url 'authentication URL', @authentication_url @disable_ssl_verification = options[:disable_ssl_verification] @include_users_groups = options[:include_user_groups] if @include_users_groups @user_group_url = options[:crowd_user_group_url] || DEFAULT_USER_GROUP_URL % options[:crowd_server_url] validate_is_url 'user group URL', @user_group_url end end IS_NOT_URL_ERROR_MESSAGE = "%s is not a valid URL" def validate_is_url(name, possibly_a_url) url = URI.parse(possibly_a_url) rescue nil raise ArgumentError.new(IS_NOT_URL_ERROR_MESSAGE % name) unless url.kind_of?(URI::HTTP) end # Adds +service+ as an URL-escaped parameter to +base+. # # @param [String] base the base URL # @param [String] service the service (a.k.a. return-to) URL. # # @return [String] the new joined URL. def append_username(base, username) result = base.dup result << (result.include?('?') ? '&' : '?') result << 'username=' result << Rack::Utils.escape(username) end end end end end omniauth-crowd-2.2.3/lib/omniauth/strategies/crowd.rb0000755000175600017570000000330712632061077021740 0ustar pravipravirequire 'omniauth' require 'active_support' require 'active_support/core_ext/object' module OmniAuth module Strategies class Crowd include OmniAuth::Strategy autoload :Configuration, 'omniauth/strategies/crowd/configuration' autoload :CrowdValidator, 'omniauth/strategies/crowd/crowd_validator' def initialize(app, options = {}, &block) options.symbolize_keys!() super(app, {:name=> :crowd}.merge(options), &block) @configuration = OmniAuth::Strategies::Crowd::Configuration.new(options) end protected def request_phase if env['REQUEST_METHOD'] == 'GET' get_credentials elsif (env['REQUEST_METHOD'] == 'POST') && (not request.params['username']) get_credentials else session['omniauth.crowd'] = {'username' => request['username'], 'password' => request['password']} redirect callback_url end end def get_credentials OmniAuth::Form.build(:title => (options[:title] || "Crowd Authentication")) do text_field 'Login', 'username' password_field 'Password', 'password' end.to_response end def callback_phase creds = session.delete 'omniauth.crowd' return fail!(:no_credentials) unless creds validator = CrowdValidator.new(@configuration, creds['username'], creds['password']) @user_info = validator.user_info return fail!(:invalid_credentials) if @user_info.nil? || @user_info.empty? super end def auth_hash OmniAuth::Utils.deep_merge(super, { 'uid' => @user_info.delete("user"), 'info' => @user_info }) end end end end omniauth-crowd-2.2.3/lib/omniauth_crowd.rb0000644000175600017570000000004312632061077017635 0ustar pravipravirequire 'omniauth/strategies/crowd'omniauth-crowd-2.2.3/lib/omniauth_crowd/0000755000175600017570000000000012632061077017313 5ustar pravipraviomniauth-crowd-2.2.3/lib/omniauth_crowd/version.rb0000644000175600017570000000007712632061077021331 0ustar pravipravimodule OmniAuth module Crowd VERSION = "2.2.3" end end omniauth-crowd-2.2.3/Gemfile.lock0000644000175600017570000000250112632061077015743 0ustar pravipraviPATH remote: . specs: omniauth_crowd (2.2.3) activesupport nokogiri (>= 1.4.4) omniauth (~> 1.0) GEM remote: http://rubygems.org/ specs: activesupport (4.1.4) i18n (~> 0.6, >= 0.6.9) json (~> 1.7, >= 1.7.7) minitest (~> 5.1) thread_safe (~> 0.1) tzinfo (~> 1.1) addressable (2.3.6) crack (0.4.2) safe_yaml (~> 1.0.0) diff-lcs (1.2.5) hashie (3.2.0) i18n (0.6.11) json (1.8.1) mini_portile (0.6.0) minitest (5.4.0) nokogiri (1.6.3.1) mini_portile (= 0.6.0) omniauth (1.2.2) hashie (>= 1.2, < 4) rack (~> 1.0) rack (1.5.2) rack-test (0.6.2) rack (>= 1.0) rake (10.3.2) rspec (3.0.0) rspec-core (~> 3.0.0) rspec-expectations (~> 3.0.0) rspec-mocks (~> 3.0.0) rspec-core (3.0.3) rspec-support (~> 3.0.0) rspec-expectations (3.0.3) diff-lcs (>= 1.2.0, < 2.0) rspec-support (~> 3.0.0) rspec-mocks (3.0.3) rspec-support (~> 3.0.0) rspec-support (3.0.3) safe_yaml (1.0.3) thread_safe (0.3.4) tzinfo (1.2.2) thread_safe (~> 0.1) webmock (1.18.0) addressable (>= 2.3.6) crack (>= 0.3.2) PLATFORMS ruby DEPENDENCIES bundler (> 1.0.0) omniauth_crowd! rack rack-test rake rspec (~> 3.0.0) webmock omniauth-crowd-2.2.3/omniauth_crowd.gemspec0000644000175600017570000000252512632061077020116 0ustar pravipravi# -*- encoding: utf-8 -*- require File.expand_path('../lib/omniauth_crowd/version', __FILE__) lib = File.expand_path('../lib', __FILE__) $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib) Gem::Specification.new do |gem| gem.authors = ["Robert Di Marco"] gem.email = ["rob@innovationontherun.com"] gem.description = "This is an OmniAuth provider for Atlassian Crowd's REST API. It allows you to easily integrate your Rack application in with Atlassian Crowd." gem.summary = "An OmniAuth provider for Atlassian Crowd REST API" gem.homepage = "http://github.com/robdimarco/omniauth_crowd" gem.executables = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) } gem.files = `git ls-files`.split("\n") gem.test_files = `git ls-files -- {test,spec,features}/*`.split("\n") gem.name = "omniauth_crowd" gem.require_paths = ["lib"] gem.version = OmniAuth::Crowd::VERSION gem.add_dependency 'omniauth', '~> 1.0' gem.add_dependency 'nokogiri', '>= 1.4.4' gem.add_dependency 'activesupport', '>= 0' gem.add_development_dependency(%q, [">= 0"]) gem.add_development_dependency(%q, [">= 0"]) gem.add_development_dependency(%q, [">= 0"]) gem.add_development_dependency(%q, ["~> 3.0.0"]) gem.add_development_dependency(%q) gem.add_development_dependency(%q, ["> 1.0.0"]) end omniauth-crowd-2.2.3/Rakefile0000644000175600017570000000032612632061077015171 0ustar pravipravi#!/usr/bin/env rake require "bundler/gem_tasks" require 'rspec/core/rake_task' desc 'Default: run specs.' task :default => :spec desc "Run specs" RSpec::Core::RakeTask.new desc 'Run specs' task :default => :specomniauth-crowd-2.2.3/.gitignore0000644000175600017570000000142412632061077015514 0ustar pravipravi.ruby-version .ruby-gemset # rcov generated coverage # rdoc generated rdoc # yard generated doc .yardoc # bundler .bundle # jeweler generated pkg # Have editor/IDE/OS specific files you need to ignore? Consider using a global gitignore: # # * Create a file at ~/.gitignore # * Include files you want ignored # * Run: git config --global core.excludesfile ~/.gitignore # # After doing this, these files will be ignored in all your git projects, # saving you from having to 'pollute' every project you touch with them # # Not sure what to needs to be ignored for particular editors/OSes? Here's some ideas to get you started. (Remember, remove the leading # of the line) # # For MacOS: # #.DS_Store # # For TextMate #*.tmproj #tmtags # # For emacs: #*~ #\#* #.\#* # # For vim: #*.swp