Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

Reimplement auth scheme fix

 * Add Rack::Auth.add_scheme to enable folks to fix anything that breaks
 * Add common auth schemes, MS ones, AWS ones, etc are missing, as unlikely
 * Checked Rails - they don't use our authorization code
 * Checked Warden - uses rails
 * Checked Omniauth - uses rails
 * Checked doorkeeper - users rails
 * Checked rack-authentication - does it's own thing
 * Checked warden-oauth - doesn't do headers
 * Checked devise - uses rails
 * Checked oauth2-rack - header creation only
 * Checked rack-oauth2-server - does it's own thing
 * Probably missed a bunch, but that'll have to do
  • Loading branch information...
commit 87df8796a6e4555ec8fd3817c419c6b44b7ca459 1 parent 9974169
@raggi raggi authored
View
12 lib/rack.rb
@@ -73,6 +73,18 @@ module Digest
autoload :Params, "rack/auth/digest/params"
autoload :Request, "rack/auth/digest/request"
end
+
+ # Not all of the following schemes are "standards", but they are used often.
+ @schemes = %w[basic digest bearer mac token oauth oauth2]
+
+ def self.add_scheme scheme
+ @schemes << scheme
+ @schemes.uniq!
+ end
+
+ def self.schemes
+ @schemes.dup
+ end
end
module Session
View
6 lib/rack/auth/abstract/request.rb
@@ -21,7 +21,11 @@ def parts
end
def scheme
- @scheme ||= parts.first.downcase.to_sym
+ @scheme ||=
+ begin
+ s = parts.first.downcase
+ Rack::Auth.schemes.include?(s) ? s.to_sym : s
+ end
end
def params
View
57 test/spec_auth.rb
@@ -0,0 +1,57 @@
+require 'rack'
+
+describe Rack::Auth do
+ it "should have all common authentication schemes" do
+ Rack::Auth.schemes.should.include? 'basic'
+ Rack::Auth.schemes.should.include? 'digest'
+ Rack::Auth.schemes.should.include? 'bearer'
+ Rack::Auth.schemes.should.include? 'token'
+ end
+
+ it "should allow registration of new auth schemes" do
+ Rack::Auth.schemes.should.not.include "test"
+ Rack::Auth.add_scheme "test"
+ Rack::Auth.schemes.should.include "test"
+ end
+end
+
+describe Rack::Auth::AbstractRequest do
+ it "should symbolize known auth schemes" do
+ env = Rack::MockRequest.env_for('/')
+ env['HTTP_AUTHORIZATION'] = 'Basic aXJyZXNwb25zaWJsZQ=='
+ req = Rack::Auth::AbstractRequest.new(env)
+ req.scheme.should == :basic
+
+
+ env['HTTP_AUTHORIZATION'] = 'Digest aXJyZXNwb25zaWJsZQ=='
+ req = Rack::Auth::AbstractRequest.new(env)
+ req.scheme.should == :digest
+
+ env['HTTP_AUTHORIZATION'] = 'Bearer aXJyZXNwb25zaWJsZQ=='
+ req = Rack::Auth::AbstractRequest.new(env)
+ req.scheme.should == :bearer
+
+ env['HTTP_AUTHORIZATION'] = 'MAC aXJyZXNwb25zaWJsZQ=='
+ req = Rack::Auth::AbstractRequest.new(env)
+ req.scheme.should == :mac
+
+ env['HTTP_AUTHORIZATION'] = 'Token aXJyZXNwb25zaWJsZQ=='
+ req = Rack::Auth::AbstractRequest.new(env)
+ req.scheme.should == :token
+
+ env['HTTP_AUTHORIZATION'] = 'OAuth aXJyZXNwb25zaWJsZQ=='
+ req = Rack::Auth::AbstractRequest.new(env)
+ req.scheme.should == :oauth
+
+ env['HTTP_AUTHORIZATION'] = 'OAuth2 aXJyZXNwb25zaWJsZQ=='
+ req = Rack::Auth::AbstractRequest.new(env)
+ req.scheme.should == :oauth2
+ end
+
+ it "should not symbolize unknown auth schemes" do
+ env = Rack::MockRequest.env_for('/')
+ env['HTTP_AUTHORIZATION'] = 'magic aXJyZXNwb25zaWJsZQ=='
+ req = Rack::Auth::AbstractRequest.new(env)
+ req.scheme.should == "magic"
+ end
+end
Please sign in to comment.
Something went wrong with that request. Please try again.