Skip to content
This repository

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
  • 14 commits
  • 14 files changed
  • 0 comments
  • 3 contributors
Jan 24, 2013
Don Morrison elskwid Test existing configuration options and defaults 70c67a3
Don Morrison elskwid Fix for missing UID issue
In some cases, where Users and Identities are 
manually created, we will have these records in 
the system without a valid UID. This presents a
problem with logging in as the #create method
of RegistrationsController ends up calling
`Identity.find_omniauth` which will find an 
identity - which is invalid. 

By checking for a missing uid we return a nil
from `find_omniauth` which allows the rest of
the logic to take over.

P.S. There are tests for this.
182ba06
Kenny Johnston kjohnston Merge pull request #16 from elskwid/invalid-auth-issue
Invalid auth issue
c6f11cb
Phil Cohen remove "jdbc" prefix from jruby database.yml 2cac87d
Don Morrison elskwid Merge pull request #17 from phlipper/travis-jruby-database
remove "jdbc" prefix from jruby database.yml
6d5ec81
Apr 08, 2013
Phil Cohen update dependencies, add strong_parameters 62f9a97
Phil Cohen add strong_parameter support for identities 2fa18dc
Don Morrison elskwid Merge pull request #25 from phlipper/strong-params
Strong Parameters
752cc7d
Phil Cohen support class dependency reloading in development b5e581c
Phil Cohen rename `config` to `conf` to avoid scope collision d007115
Don Morrison elskwid Merge pull request #27 from phlipper/class-reloading
Support Development Environment Class Reloading
4aa7227
Phil Cohen use explicit http method for rails 4 compatibility 56980b8
Don Morrison elskwid Merge pull request #26 from phlipper/route-method
Rails 4 Compatibility
afdf7d3
Apr 09, 2013
Phil Cohen bump version to 0.4.0 58db5e2
1  Gemfile
@@ -8,6 +8,7 @@ gemspec
8 8 # jquery-rails is used by the dummy application
9 9 gem "jquery-rails"
10 10 gem "omniauth-linkedin"
  11 +gem "strong_parameters"
11 12
12 13 platforms :jruby do
13 14 gem "activerecord-jdbc-adapter", :require => false
13 app/controllers/thincloud/authentication/registrations_controller.rb
@@ -81,12 +81,23 @@ def add_omniauth_identity_to_current_user
81 81 # Returns: An instance of `Identity`.
82 82 def create_identity_from_request
83 83 # params[:identity] exists when creating a local identity provider
84   - Identity.new(params[:identity]).tap do |identity|
  84 + Identity.new(identity_params).tap do |identity|
85 85 identity.user = User.create
86 86 # omniauth exists if coming from a 3rd party provider like LinkedIn
87 87 identity.apply_omniauth(omniauth) if omniauth
88 88 identity.save
89 89 end
90 90 end
  91 +
  92 + # Private: Provide strong_parameters support
  93 + # :token, :auth_key, :provider,
  94 + def identity_params
  95 + keys = [
  96 + :name, :email, :password,
  97 + :password_confirmation, :verification_token
  98 + ]
  99 +
  100 + params.require(:identity).permit(*keys)
  101 + end
91 102 end
92 103 end
6 app/models/thincloud/authentication/identity.rb
... ... @@ -1,6 +1,8 @@
1 1 module Thincloud::Authentication
2 2 # Public: This class represents a User identity (name, email, login provider)
3 3 class Identity < ::OmniAuth::Identity::Models::ActiveRecord
  4 + include ActiveModel::ForbiddenAttributesProtection # strong_parameters
  5 +
4 6 belongs_to :user
5 7
6 8 # Limit the ability to mass-assign sensitive fields.
@@ -30,7 +32,9 @@ def self.human_attribute_name(attr, options={})
30 32 #
31 33 # Returns: An instance of `Identity` or `nil`.
32 34 def self.find_omniauth(omniauth)
33   - find_by_provider_and_uid omniauth["provider"], omniauth["uid"]
  35 + if omniauth["uid"].present?
  36 + find_by_provider_and_uid omniauth["provider"], omniauth["uid"]
  37 + end
34 38 end
35 39
36 40 # Public: Mark the `Identity` as having been verified.
2  config/routes.rb
... ... @@ -1,5 +1,5 @@
1 1 Thincloud::Authentication::Engine.routes.draw do
2   - match ":provider/callback" => "registrations#create", as: "auth_callback"
  2 + post ":provider/callback", to: "registrations#create", as: "auth_callback"
3 3 get "failure", to: "sessions#new", as: "auth_failure"
4 4
5 5 get "login", to: "sessions#new", as: "login"
3  lib/thincloud-authentication.rb
... ... @@ -1,7 +1,4 @@
1   -require "thincloud/authentication/configuration"
2 1 require "thincloud/authentication/engine"
3   -require "thincloud/authentication/authenticatable_controller"
4   -require "thincloud/authentication/identifiable_user"
5 2
6 3 module Thincloud
7 4 module Authentication
28 lib/thincloud/authentication/engine.rb
... ... @@ -1,17 +1,25 @@
1 1 module Thincloud
2 2 module Authentication
  3 +
3 4 # Public: Initialize the Rails engine
4 5 class Engine < ::Rails::Engine
5 6 isolate_namespace Thincloud::Authentication
6 7
  8 + require "thincloud/authentication/configuration"
  9 +
  10 + initializer "thincloud.authentication.require_dependencies" do
  11 + require_dependency "thincloud/authentication/authenticatable_controller"
  12 + require_dependency "thincloud/authentication/identifiable_user"
  13 + end
  14 +
7 15 initializer "thincloud.authentication.omniauth.middleware" do |app|
8 16 require "omniauth"
9 17 require "omniauth-identity"
10 18
11   - config = Thincloud::Authentication.configuration || Configuration.new
12   - strategies = config.providers.keys
  19 + conf = Thincloud::Authentication.configuration || Configuration.new
  20 + strategies = conf.providers.keys
13 21 strategies.each do |strategy|
14   - lib = config.providers[strategy][:require] || "omniauth-#{strategy}"
  22 + lib = conf.providers[strategy][:require] || "omniauth-#{strategy}"
15 23 require lib
16 24 end
17 25
@@ -23,8 +31,8 @@ class Engine < ::Rails::Engine
23 31 strategies.each do |strategy|
24 32 provider strategy, ENV["#{strategy.to_s.upcase}_CONSUMER_KEY"],
25 33 ENV["#{strategy.to_s.upcase}_CONSUMER_SECRET"],
26   - fields: config.providers[strategy][:fields],
27   - scope: config.providers[strategy][:scopes]
  34 + fields: conf.providers[strategy][:fields],
  35 + scope: conf.providers[strategy][:scopes]
28 36 end
29 37 end
30 38 end
@@ -53,12 +61,16 @@ def request_phase
53 61 end
54 62
55 63 initializer "thincloud.authentication.user" do
56   - ::User.send :include, Thincloud::Authentication::IdentifiableUser
  64 + config.to_prepare do
  65 + ::User.send :include, Thincloud::Authentication::IdentifiableUser
  66 + end
57 67 end
58 68
59 69 initializer "thincloud.authentication.action_controller" do
60   - ActionController::Base.send :include,
61   - Thincloud::Authentication::AuthenticatableController
  70 + config.to_prepare do
  71 + ActionController::Base.send :include,
  72 + Thincloud::Authentication::AuthenticatableController
  73 + end
62 74 end
63 75
64 76 config.generators do |g|
2  lib/thincloud/authentication/version.rb
... ... @@ -1,5 +1,5 @@
1 1 module Thincloud
2 2 module Authentication
3   - VERSION = "0.3.0"
  3 + VERSION = "0.4.0"
4 4 end
5 5 end
2  test/ci/database.mysql.jruby.yml
... ... @@ -1,6 +1,6 @@
1 1 # Travis CI
2 2 test:
3   - adapter: jdbcmysql
  3 + adapter: mysql
4 4 database: thincloud_authentication_test
5 5 username: root
6 6 encoding: utf8
2  test/ci/database.postgres.jruby.yml
... ... @@ -1,6 +1,6 @@
1 1 # Travis CI
2 2 test:
3   - adapter: jdbcpostgresql
  3 + adapter: postgresql
4 4 database: thincloud_authentication_test
5 5 username: postgres
6 6 encoding: unicode
2  test/ci/database.sqlite.jruby.yml
... ... @@ -1,6 +1,6 @@
1 1 # Travis CI
2 2 test:
3   - adapter: jdbcsqlite3
  3 + adapter: sqlite3
4 4 database: db/test.sqlite3
5 5 pool: 5
6 6 timeout: 5000
15 test/configuration_test.rb
... ... @@ -1,6 +1,21 @@
1 1 require "minitest_helper"
2 2
3 3 describe Thincloud::Authentication::Configuration do
  4 + let(:config) { Thincloud::Authentication::Configuration.new }
  5 +
  6 + it { config.must_be_kind_of Thincloud::Authentication::Configuration }
  7 + it { config.must_respond_to :layout }
  8 + it { config.must_respond_to :layout= }
  9 + it { config.must_respond_to :providers }
  10 + it { config.must_respond_to :providers= }
  11 + it { config.must_respond_to :mailer_sender }
  12 + it { config.must_respond_to :mailer_sender= }
  13 +
  14 + describe "defaults" do
  15 + it { config.layout.must_equal "application" }
  16 + it { config.providers.must_equal Hash.new }
  17 + it { config.mailer_sender.must_equal "app@example.com" }
  18 + end
4 19
5 20 describe "layout" do
6 21 it { Thincloud::Authentication.configuration.layout.must_equal "application" }
4 test/controllers/thincloud/authentication/registrations_controller_test.rb
@@ -11,7 +11,7 @@ module Thincloud::Authentication
11 11
12 12 describe "POST create" do
13 13 describe "with errors" do
14   - before { post :create, identity: {} }
  14 + before { post :create, identity: { email: "" } }
15 15
16 16 it { assert_response :success }
17 17 it { assert_template :new }
@@ -133,7 +133,7 @@ module Thincloud::Authentication
133 133 RegistrationsController.any_instance.stubs(:omniauth).returns(
134 134 auth_hash
135 135 )
136   - post :create
  136 + post :create, identity: { email: "foo2@bar2.com" }
137 137 end
138 138
139 139 it { assert_response :redirect }
36 test/models/identity_test.rb
@@ -16,15 +16,41 @@ module Thincloud::Authentication
16 16 it { identity.must_respond_to(:verified_at) }
17 17
18 18 describe "self.find_omniauth(omniauth)" do
19   - let(:auth_hash) do
20   - OmniAuth::AuthHash.new(provider: "identity", uid: "123")
  19 + describe "with valid uid" do
  20 + let(:auth_hash) do
  21 + OmniAuth::AuthHash.new(provider: "identity", uid: "123")
  22 + end
  23 +
  24 + before do
  25 + Identity.expects(:find_by_provider_and_uid).with("identity", "123")
  26 + end
  27 +
  28 + it { Identity.find_omniauth(auth_hash) }
21 29 end
22 30
23   - before do
24   - Identity.expects(:find_by_provider_and_uid).with("identity", "123")
  31 + describe "with nil uid" do
  32 + let(:auth_hash) do
  33 + OmniAuth::AuthHash.new(provider: "identity", uid: nil)
  34 + end
  35 +
  36 + before do
  37 + Identity.expects(:find_by_provider_and_uid).never
  38 + end
  39 +
  40 + it { Identity.find_omniauth(auth_hash).must_be_nil }
25 41 end
26 42
27   - it { Identity.find_omniauth(auth_hash) }
  43 + describe "with empty uid" do
  44 + let(:auth_hash) do
  45 + OmniAuth::AuthHash.new(provider: "identity", uid: "")
  46 + end
  47 +
  48 + before do
  49 + Identity.expects(:find_by_provider_and_uid).never
  50 + end
  51 +
  52 + it { Identity.find_omniauth(auth_hash).must_be_nil }
  53 + end
28 54 end
29 55
30 56 describe "self.verify!(token)" do
15 thincloud-authentication.gemspec
@@ -15,17 +15,10 @@ Gem::Specification.new do |s|
15 15
16 16 s.files = Dir["{app,config,db,lib}/**/*"] + %w[MIT-LICENSE Rakefile README.md]
17 17
18   - s.add_dependency "rails", "~> 3.2.8"
19   - s.add_dependency "omniauth", "~> 1.1.1"
  18 + s.add_dependency "rails", "~> 3.2.13"
  19 + s.add_dependency "strong_parameters", "~> 0.2.0"
  20 + s.add_dependency "omniauth", "~> 1.1.3"
20 21 s.add_dependency "omniauth-identity", "~> 1.1.0"
21 22
22   - s.add_development_dependency "cane", "~> 2.3.0"
23   - s.add_development_dependency "guard", "~> 1.4.0"
24   - s.add_development_dependency "minitest", "~> 3.4.0"
25   - s.add_development_dependency "guard-minitest", "~> 0.5.0"
26   - s.add_development_dependency "minitest-rails", "~> 0.2.0"
27   - s.add_development_dependency "minitest-rails-shoulda", "~> 0.2.0"
28   - s.add_development_dependency "rb-fsevent", "~> 0.9.1"
29   - s.add_development_dependency "simplecov", "~> 0.7.1"
30   - s.add_development_dependency "mocha", "~> 0.12.7" # Must be after minitest
  23 + s.add_development_dependency "thincloud-test-rails", "~> 1.0.0"
31 24 end

No commit comments for this range

Something went wrong with that request. Please try again.