Move authenticators dependencies into Gemfile

Gemfile

@@ -1,3 +1,12 @@
 source "http://rubygems.org"
 gemspec
 
+
+# Gems for authenticators
+group :ldap do
+    gem "net-ldap", "~> 0.1.1"
+end
+
+group :active_resource do
+  gem "activeresource", ">= 2.3.12", "< 4.0"
+end

lib/casserver.rb

@@ -8,4 +8,11 @@ module CASServer; end
 $LOG = Logger.new(STDOUT)
 
 require 'casserver/server'
+require 'casserver/authenticators/base'
 
+CASServer::Authenticators.autoload :LDAP, 'casserver/authenticators/ldap.rb'
+CASServer::Authenticators.autoload :ActiveDirectoryLDAP, 'casserver/authenticators/active_directory_ldap/'
+CASServer::Authenticators.autoload :SQL, 'casserver/authenticators/sql.rb'
+CASServer::Authenticators.autoload :Google, 'casserver/authenticators/google.rb'
+CASServer::Authenticators.autoload :SQLEncrypted, 'lib/casserver/authenticators/sql_encrypted.rb'
+CASServer::Authenticators.autoload :ActiveResource, 'casserver/authenticators/active_resource.rb'

lib/casserver/authenticators/active_directory_ldap.rb

@@ -1,5 +1,3 @@
-require 'casserver/authenticators/ldap'
-
 # Slightly modified version of the LDAP authenticator for Microsoft's ActiveDirectory.
 # The only difference is that the default_username_attribute for AD is 'sAMAccountName'
 # rather than 'uid'.

lib/casserver/authenticators/active_resource.rb

@@ -1,21 +1,7 @@
-require 'casserver/authenticators/base'
-
 begin
   require 'active_resource'
 rescue LoadError
-  require 'rubygems'
-  begin
-    gem 'activeresource', '~> 3.0.0'
-  rescue Gem::LoadError
-    $stderr.puts
-    $stderr.puts "!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"
-    $stderr.puts
-    $stderr.puts "To use the ActiveResource authenticator, you must first install the 'activeresource' gem."
-    $stderr.puts
-    $stderr.puts "!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"
-    exit 1
-  end
-  require 'active_resource'
+  $stderr.puts "To use the ActiveResource authenticator, you must first install gems from active_resource group. See: Gemfile"
 end
 
 module CASServer

lib/casserver/authenticators/google.rb

@@ -1,4 +1,3 @@
-require 'casserver/authenticators/base'
 require 'uri'
 require 'net/http'
 require 'net/https'

lib/casserver/authenticators/ldap.rb

@@ -1,22 +1,7 @@
-require 'casserver/authenticators/base'
-
 begin
   require 'net/ldap'
 rescue LoadError
-  require 'rubygems'
-  begin
-    gem 'net-ldap', '~> 0.1.1'
-  rescue Gem::LoadError
-    $stderr.puts
-    $stderr.puts "!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"
-    $stderr.puts
-    $stderr.puts "To use the LDAP/AD authenticator, you must first install the 'net-ldap' gem."
-    $stderr.puts "        See http://github.com/RoryO/ruby-net-ldap for details."
-    $stderr.puts
-    $stderr.puts "!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"
-    exit 1
-  end
-  require 'net/ldap'
+  $stderr.puts "To use the LDAP/AD authenticator, you must first install gems from ldap group. See: Gemfile"
 end
 
 # Basic LDAP authenticator. Should be compatible with OpenLDAP and other similar LDAP servers,

lib/casserver/authenticators/open_id.rb

@@ -1,11 +1,8 @@
-require 'casserver/authenticators/base'
-
 require 'openid'
 require 'openid/extensions/sreg'
 require 'openid/extensions/pape'
 require 'openid/store/memory'
 
-
 # CURRENTLY UNIMPLEMENTED
 # This is just starter code.
 class CASServer::Authenticators::OpenID < CASServer::Authenticators::Base

lib/casserver/authenticators/sql.rb

@@ -1,5 +1,3 @@
-require 'casserver/authenticators/base'
-
 begin
   require 'active_record'
 rescue LoadError
@@ -78,13 +76,13 @@ def self.user_model
   def validate(credentials)
     read_standard_credentials(credentials)
     raise_if_not_configured
-    
+
     $LOG.debug "#{self.class}: [#{user_model}] " + "Connection pool size: #{user_model.connection_pool.instance_variable_get(:@checked_out).length}/#{user_model.connection_pool.instance_variable_get(:@connections).length}"
     user_model.connection_pool.checkin(user_model.connection)
-       
+
     if matching_users.size > 0
       $LOG.warn("#{self.class}: Multiple matches found for user #{@username.inspect}") if matching_users.size > 1
-      
+
       unless @options[:extra_attributes].blank?
         if matching_users.size > 1
           $LOG.warn("#{self.class}: Unable to extract extra_attributes because multiple matches were found for #{@username.inspect}")
@@ -111,7 +109,7 @@ def user_model
   def username_column
     @options[:username_column] || 'username'
   end
-    
+
   def password_column
     @options[:password_column] || 'password'
   end

lib/casserver/authenticators/test.rb

@@ -1,5 +1,4 @@
 # encoding: UTF-8
-require 'casserver/authenticators/base'
 
 # Dummy authenticator used for testing.
 # Accepts any username as valid as long as the password is "testpassword"; otherwise authentication fails.

rubycas-server.gemspec

@@ -55,10 +55,6 @@ $gemspec = Gem::Specification.new do |s|
     s.add_development_dependency('win32console', "~> 1.3.2")
   end
 
-  # for authenticator specs
-  s.add_development_dependency("net-ldap", "~> 0.1.1")
-  s.add_development_dependency("activeresource", ">= 2.3.12", "< 4.0")
-
   s.rdoc_options = [
     '--quiet', '--title', 'RubyCAS-Server Documentation', '--opname',
     'index.html', '--line-numbers', '--main', 'README.md', '--inline-source'

spec/casserver/authenticators/active_resource_spec.rb

@@ -1,109 +1,116 @@
 # encoding: UTF-8
 require 'spec_helper'
 
-require 'casserver/authenticators/active_resource'
-
-describe CASServer::Authenticators::Helpers::Identity do
-
-  it { should be_an ActiveResource::Base }
-
-  it "class should respond to :authenticate" do
-    subject.class.should respond_to :authenticate
-  end
-
-  it "class should have a method_name accessor" do
-    CASServer::Authenticators::Helpers::Identity.method_name.should == :authenticate
-  end
-
-  it "class should have a method_name accessor" do
-    CASServer::Authenticators::Helpers::Identity.method_type.should == :post
-  end
-
-  it "class method_type accessor should validate type" do
-    expect {
-      CASServer::Authenticators::Helpers::Identity.method_type = :foo
-    }.to raise_error(ArgumentError)
+describe "CASServer::Authenticators::ActiveResource" do
+  before do
+    pending("Skip ActiveResource test due to missing gems") unless gem_available?("activeresource")
+    # Trigger autoload to load also Helpers module
+    # TODO this helper module should be inside activeresource namespace
+    CASServer::Authenticators::ActiveResource
   end
+  describe "CASServer::Authenticators::Helpers::Identity" do
+    subject { CASServer::Authenticators::Helpers::Identity.new }
 
-end
-
-describe CASServer::Authenticators::ActiveResource do
-
-  describe "#setup" do
+    it { should be_an ActiveResource::Base }
 
-    it "should configure the identity object" do
-      CASServer::Authenticators::Helpers::Identity.should_receive(:user=).with('httpuser').once
-      CASServer::Authenticators::ActiveResource.setup :site => 'http://api.example.org', :user => 'httpuser'
+    it "class should respond to :authenticate" do
+      subject.class.should respond_to :authenticate
     end
 
-    it "should configure the method_type" do
-      CASServer::Authenticators::Helpers::Identity.should_receive(:method_type=).with('get').once
-      CASServer::Authenticators::ActiveResource.setup :site => 'http://api.example.org', :method_type => 'get'
+    it "class should have a method_name accessor" do
+      CASServer::Authenticators::Helpers::Identity.method_name.should == :authenticate
     end
 
-    it "should raise if site option is missing" do
-      expect {
-        CASServer::Authenticators::ActiveResource.setup({}).should
-      }.to raise_error(CASServer::AuthenticatorError, /site option/)
+    it "class should have a method_name accessor" do
+      CASServer::Authenticators::Helpers::Identity.method_type.should == :post
     end
-  end
-
-  describe "#validate" do
 
-    let(:credentials) { {:username => 'validusername',
-                         :password => 'validpassword',
-                         :service => 'test.service'} }
-
-    let(:auth) { CASServer::Authenticators::ActiveResource.new }
-
-    def mock_authenticate identity = nil
-      identity = CASServer::Authenticators::Helpers::Identity.new if identity.nil?
-      CASServer::Authenticators::Helpers::Identity.stub!(:authenticate).and_return(identity)
+    it "class method_type accessor should validate type" do
+      expect {
+        CASServer::Authenticators::Helpers::Identity.method_type = :foo
+      }.to raise_error(ArgumentError)
     end
 
-    def sample_identity attrs = {}
-      identity = CASServer::Authenticators::Helpers::Identity.new
-      attrs.each { |k,v| identity.send "#{k}=", v }
-      identity
-    end
+  end
 
-    it "should call Identity#autenticate with the given params" do
-      CASServer::Authenticators::Helpers::Identity.should_receive(:authenticate).with(credentials).once
-      auth.validate(credentials)
-    end
+  describe "CASServer::Authenticators::ActiveResource" do
 
-    it "should return identity object attributes as extra attributes" do
-      auth.configure({}.with_indifferent_access)
-      identity = sample_identity({:email => 'foo@example.org'})
-      mock_authenticate identity
-      auth.validate(credentials).should be_true
-      auth.extra_attributes.should == identity.attributes
-    end
+    describe "#setup" do
 
-    it "should return false when http raises" do
-      CASServer::Authenticators::Helpers::Identity.stub!(:authenticate).and_raise(ActiveResource::ForbiddenAccess.new({}))
-      auth.validate(credentials).should be_false
-    end
+      it "should configure the identity object" do
+        CASServer::Authenticators::Helpers::Identity.should_receive(:user=).with('httpuser').once
+        CASServer::Authenticators::ActiveResource.setup :site => 'http://api.example.org', :user => 'httpuser'
+      end
 
-    it "should apply extra_attribute filter" do
-      auth.configure({ :extra_attributes => 'age'}.with_indifferent_access)
-      mock_authenticate sample_identity({ :email => 'foo@example.org', :age => 28 })
-      auth.validate(credentials).should be_true
-      auth.extra_attributes.should == { "age" => "28" }
-    end
+      it "should configure the method_type" do
+        CASServer::Authenticators::Helpers::Identity.should_receive(:method_type=).with('get').once
+        CASServer::Authenticators::ActiveResource.setup :site => 'http://api.example.org', :method_type => 'get'
+      end
 
-    it "should only extract not filtered attributes" do
-      auth.configure({ :filter_attributes => 'age'}.with_indifferent_access)
-      mock_authenticate sample_identity({ :email => 'foo@example.org', :age => 28 })
-      auth.validate(credentials).should be_true
-      auth.extra_attributes.should == { "email" => 'foo@example.org' }
+      it "should raise if site option is missing" do
+        expect {
+          CASServer::Authenticators::ActiveResource.setup({}).should
+        }.to raise_error(CASServer::AuthenticatorError, /site option/)
+      end
     end
 
-    it "should filter password if filter attributes is not given" do
-      auth.configure({}.with_indifferent_access)
-      mock_authenticate sample_identity({ :email => 'foo@example.org', :password => 'secret' })
-      auth.validate(credentials).should be_true
-      auth.extra_attributes.should == { "email" => 'foo@example.org' }
+    describe "#validate" do
+
+      let(:credentials) { {:username => 'validusername',
+                           :password => 'validpassword',
+                           :service => 'test.service'} }
+
+      let(:auth) { CASServer::Authenticators::ActiveResource.new }
+
+      def mock_authenticate identity = nil
+        identity = CASServer::Authenticators::Helpers::Identity.new if identity.nil?
+        CASServer::Authenticators::Helpers::Identity.stub!(:authenticate).and_return(identity)
+      end
+
+      def sample_identity attrs = {}
+        identity = CASServer::Authenticators::Helpers::Identity.new
+        attrs.each { |k,v| identity.send "#{k}=", v }
+        identity
+      end
+
+      it "should call Identity#autenticate with the given params" do
+        CASServer::Authenticators::Helpers::Identity.should_receive(:authenticate).with(credentials).once
+        auth.validate(credentials)
+      end
+
+      it "should return identity object attributes as extra attributes" do
+        auth.configure({}.with_indifferent_access)
+        identity = sample_identity({:email => 'foo@example.org'})
+        mock_authenticate identity
+        auth.validate(credentials).should be_true
+        auth.extra_attributes.should == identity.attributes
+      end
+
+      it "should return false when http raises" do
+        CASServer::Authenticators::Helpers::Identity.stub!(:authenticate).and_raise(ActiveResource::ForbiddenAccess.new({}))
+        auth.validate(credentials).should be_false
+      end
+
+      it "should apply extra_attribute filter" do
+        auth.configure({ :extra_attributes => 'age'}.with_indifferent_access)
+        mock_authenticate sample_identity({ :email => 'foo@example.org', :age => 28 })
+        auth.validate(credentials).should be_true
+        auth.extra_attributes.should == { "age" => "28" }
+      end
+
+      it "should only extract not filtered attributes" do
+        auth.configure({ :filter_attributes => 'age'}.with_indifferent_access)
+        mock_authenticate sample_identity({ :email => 'foo@example.org', :age => 28 })
+        auth.validate(credentials).should be_true
+        auth.extra_attributes.should == { "email" => 'foo@example.org' }
+      end
+
+      it "should filter password if filter attributes is not given" do
+        auth.configure({}.with_indifferent_access)
+        mock_authenticate sample_identity({ :email => 'foo@example.org', :password => 'secret' })
+        auth.validate(credentials).should be_true
+        auth.extra_attributes.should == { "email" => 'foo@example.org' }
+      end
     end
   end
 end