Permalink
Browse files

initial commit

  • Loading branch information...
0 parents commit 3c13ce709635a719580a7c6f52316cabcbb8abb1 @kevinmarvin kevinmarvin committed Sep 13, 2010
5 README.rdoc
@@ -0,0 +1,5 @@
+= crowd_authenticator
+
+Atlassian Crowd 1.6 integration for Redmine. Requires the crowd gem from http://github.com/liff/crowd - or gem install crowd .
+
+May work very properly with Crowd 2.0 using gem install crowd-stefanwille, but is untested in that configuration.
10 app/controllers/crowd_auth_sources_controller.rb
@@ -0,0 +1,10 @@
+class CrowdAuthSourcesController < AuthSourcesController
+
+ unloadable
+
+ protected
+
+ def auth_source_class
+ AuthSourceCrowd
+ end
+end
2 app/helpers/crowd_auth_sources_helper.rb
@@ -0,0 +1,2 @@
+module CrowdAuthSourcesHelper
+end
140 app/models/auth_source_crowd.rb
@@ -0,0 +1,140 @@
+class AuthSourceCrowd < AuthSource
+ unloadable
+ validates_presence_of :host, :port
+ validates_length_of :name, :account_password, :maximum => 60, :allow_nil => true
+ validates_length_of :account, :base_dn, :maximum => 255, :allow_nil => true
+ validates_length_of :attr_login, :attr_firstname, :attr_lastname, :attr_mail, :maximum => 30, :allow_nil => true
+ validates_numericality_of :port, :only_integer => true
+
+ attr_accessor :app_token
+
+ #before_validation :strip_ldap_attributes
+
+ def after_initialize
+ self.port = 80 if self.port == 0
+ end
+
+ def get_user_attrs(username)
+ self.test_connection unless app_token
+ return load_attrs(Crowd.find_principal_by_username(username))
+ end
+
+ def authenticate(login, password)
+ self.test_connection unless app_token
+ crowd_user = Crowd.find_principal_by_username(login)
+ attrs={}
+ if crowd_user
+ usertoken = Crowd.authenticate_principal(login, password)
+ if usertoken
+ attrs = load_attrs(crowd_user) if onthefly_register?
+ else
+ raise "ERROR Authenticating"
+ end
+ else
+ raise "USER NOT FOUND"
+ end
+ return attrs
+ end
+# def authenticate(login, password)
+# return nil if login.blank? || password.blank?
+# attrs = get_user_dn(login)
+#
+# if attrs && attrs[:dn] && authenticate_dn(attrs[:dn], password)
+# logger.debug "Authentication successful for '#{login}'" if logger && logger.debug?
+# return attrs.except(:dn)
+# end
+# rescue Net::LDAP::LdapError => text
+# raise "LdapError: " + text
+# end
+#
+ def check_values
+ Crowd.crowd_url = "http://#{self.host}#{self.port.to_s != "80" ? ":#{self.port}": ""}/crowd/services/SecurityServer"
+ Crowd.crowd_app_name = self.account
+ Crowd.crowd_app_pword = self.account_password
+ end
+
+ # test the connection to Crowd
+ def test_connection
+ check_values
+ self.app_token = Crowd.authenticate_application
+ rescue Crowd::AuthenticationException
+ raise "Crowd Authentication Failed"
+ end
+
+ def auth_method_name
+ "Crowd"
+ end
+#
+ private
+
+ def load_attrs(crowd_user)
+ {
+ :firstname => crowd_user[:attributes][:givenName],
+ :lastname => crowd_user[:attributes][:sn],
+ :mail => crowd_user[:attributes][:mail],
+ :auth_source_id => self.id
+ }
+ end
+#
+# def strip_ldap_attributes
+# [:attr_login, :attr_firstname, :attr_lastname, :attr_mail].each do |attr|
+# write_attribute(attr, read_attribute(attr).strip) unless read_attribute(attr).nil?
+# end
+# end
+#
+# def get_user_attributes_from_ldap_entry(entry)
+# {
+# :dn => entry.dn,
+# :firstname => AuthSourceLdap.get_attr(entry, self.attr_firstname),
+# :lastname => AuthSourceLdap.get_attr(entry, self.attr_lastname),
+# :mail => AuthSourceLdap.get_attr(entry, self.attr_mail),
+# :auth_source_id => self.id
+# }
+# end
+#
+# # Return the attributes needed for the LDAP search. It will only
+# # include the user attributes if on-the-fly registration is enabled
+# def search_attributes
+# if onthefly_register?
+# ['dn', self.attr_firstname, self.attr_lastname, self.attr_mail]
+# else
+# ['dn']
+# end
+# end
+#
+# # Check if a DN (user record) authenticates with the password
+# def authenticate_dn(dn, password)
+# if dn.present? && password.present?
+# initialize_ldap_con(dn, password).bind
+# end
+# end
+#
+# # Get the user's dn and any attributes for them, given their login
+# def get_user_dn(login)
+# ldap_con = initialize_ldap_con(self.account, self.account_password)
+# login_filter = Net::LDAP::Filter.eq( self.attr_login, login )
+# object_filter = Net::LDAP::Filter.eq( "objectClass", "*" )
+# attrs = {}
+#
+# ldap_con.search( :base => self.base_dn,
+# :filter => object_filter & login_filter,
+# :attributes=> search_attributes) do |entry|
+#
+# if onthefly_register?
+# attrs = get_user_attributes_from_ldap_entry(entry)
+# else
+# attrs = {:dn => entry.dn}
+# end
+#
+# logger.debug "DN found for #{login}: #{attrs[:dn]}" if logger && logger.debug?
+# end
+#
+# attrs
+# end
+#
+# def self.get_attr(entry, attr_name)
+# if !attr_name.blank?
+# entry[attr_name].is_a?(Array) ? entry[attr_name].first : entry[attr_name]
+# end
+# end
+end
3 config/locales/en.yml
@@ -0,0 +1,3 @@
+# English strings go here for Rails i18n
+en:
+ my_label: "My label"
13 init.rb
@@ -0,0 +1,13 @@
+require 'redmine'
+require 'crowd'
+
+Redmine::Plugin.register :redmine_crowd_authenticator do
+ name 'Redmine Crowd Authenticator plugin'
+ author 'Kevin Marvin'
+ description 'Allows authentication against Atlassian Crowd 1.6 (2.0 should be possible with a different crowd gem)'
+ version '0.0.1'
+ url 'http://assets.modx.com/redmine_crowd_authentication'
+ author_url 'http://modxcms.com'
+
+ menu :admin_menu, :crowd_authenticator, {:controller => "crowd_auth_sources", :action => "index"}, :caption => "CROWD Authentication"
+end
2 lang/en.yml
@@ -0,0 +1,2 @@
+# English strings go here
+my_label: "My label"

0 comments on commit 3c13ce7

Please sign in to comment.