Commit a1ec781b authored by Andrew Tomaka's avatar Andrew Tomaka
Browse files

Initial gem code

parent 7cc78826
The MIT License
Copyright (c) Andrew Tomaka. 2013
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in
all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
THE SOFTWARE.
\ No newline at end of file
require 'rake'
Gem::Specification.new do |s|
s.name = 'devise-kerberos-authenticatable'
s.version = '0.1.0'
s.date = '2013-04-21'
s.summary = 'Devise authentication strategy for Kerberos'
s.description = 'Devise extension providing the ability to authenticate
against Kerberos as defined in your local krb5.conf file
using timfel-krb5-auth.'
s.authors = ['Andrew Tomaka']
s.email = 'atomaka@gmail.com'
s.files = FileList['lib/**/*.rb'].to_a
s.homepage = 'http://www.github.com/atomaka/devise-kerberos-authenticatable'
s.add_dependency 'timfel-krb5-auth', '~> 0.8'
s.add_dependency 'devise', '~> 2.2.3'
end
require 'devise'
$: << File.expand_path('..', __FILE__)
require 'devise_kerberos_authenticatable/model'
require 'devise_kerberos_authenticatable/strategy'
require 'devise_kerberos_authenticatable/routes'
require 'devise_kerberos_authenticatable/kerberos_adapter'
Devise.add_module(
:kerberos_authenticatable,
:strategy => true,
:model => 'devise_kerberos_authenticatable/model',
:route => true
)
\ No newline at end of file
require 'krb5_auth'
include Krb5Auth
module Devise
module KerberosAdapter
def self.valid_credentials?(username, password)
if Rails.env.test? && username == 'test' && password == 'test' then
true
end
krb5 = Krb5.new
begin
krb5.get_init_creds_password(username, password)
rescue Krb5Auth::Krb5::Exception
false
end
true
end
end
end
require 'devise_kerberos_authenticatable/strategy'
module Devise
module Models
module KerberosAuthenticatable
def self.included(base)
base.class_eval do
extend ClassMethods
attr_accessor :password
end
end
def clean_up_passwords
self.password = nil
end
def valid_kerberos_authentication?(password)
Devise::KerberosAdapter.valid_credentials?(self.username, password)
end
module ClassMethods
def authenticate_with_kerberos(attributes = {})
return nil unless attributes[:username].present?
resource = scoped.where(:username => attributes['username']).first
if resource.blank?
resource = new
resource[:username] = attributes['username']
resource[:password] = attributes['password']
end
if resource.try(:valid_kerberos_authentication?, attributes[:password])
resource.save if resource.new_record?
return resource
else
return nil
end
end
end
end
end
end
ActionController::Routing::Mapper.class_eval do
protected
alias_method :devise_kerberos_authenticatable, :devise_session
end
require 'devise/strategies/base'
module Devise
module Strategies
class KerberosAuthenticatable < Base
def valid?
valid_controller? && valid_params? && mapping.to.respond_to?(:authenticate_with_kerberos)
end
def authenticate!
if resource = mapping.to.authenticate_with_kerberos(params[scope])
success!(resource)
else
fail(:invalid)
end
end
protected
def valid_controller?
params[:controller] == 'devise/sessions'
end
def valid_params?
params[scope] && params[scope][:password].present?
end
end
end
end
Warden::Strategies.add(
:kerberos_authenticatable,
Devise::Strategies::KerberosAuthenticatable
)
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment