Skip to content

Commit

Permalink
Reimplement auth scheme fix
Browse files Browse the repository at this point in the history
 * Add Rack::Auth.add_scheme to enable folks to fix anything that breaks
 * Add common auth schemes, MS ones, AWS ones, etc are missing, as unlikely
 * Checked Rails - they don't use our authorization code
 * Checked Warden - uses rails
 * Checked Omniauth - uses rails
 * Checked doorkeeper - users rails
 * Checked rack-authentication - does it's own thing
 * Checked warden-oauth - doesn't do headers
 * Checked devise - uses rails
 * Checked oauth2-rack - header creation only
 * Checked rack-oauth2-server - does it's own thing
 * Probably missed a bunch, but that'll have to do
  • Loading branch information
raggi committed Jan 13, 2013
1 parent 231d1a9 commit 89f6fc8
Show file tree
Hide file tree
Showing 3 changed files with 74 additions and 1 deletion.
12 changes: 12 additions & 0 deletions lib/rack.rb
Original file line number Diff line number Diff line change
Expand Up @@ -73,6 +73,18 @@ module Digest
autoload :Params, "rack/auth/digest/params"
autoload :Request, "rack/auth/digest/request"
end

# Not all of the following schemes are "standards", but they are used often.
@schemes = %w[basic digest bearer mac token oauth oauth2]

def self.add_scheme scheme
@schemes << scheme
@schemes.uniq!
end

def self.schemes
@schemes.dup
end
end

module Session
Expand Down
6 changes: 5 additions & 1 deletion lib/rack/auth/abstract/request.rb
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,11 @@ def parts
end

def scheme
@scheme ||= parts.first.downcase.to_sym
@scheme ||=
begin
s = parts.first.downcase
Rack::Auth.schemes.include?(s) ? s.to_sym : s
end
end

def params
Expand Down
57 changes: 57 additions & 0 deletions test/spec_auth.rb
Original file line number Diff line number Diff line change
@@ -0,0 +1,57 @@
require 'rack'

describe Rack::Auth do
it "should have all common authentication schemes" do
Rack::Auth.schemes.should.include? 'basic'
Rack::Auth.schemes.should.include? 'digest'
Rack::Auth.schemes.should.include? 'bearer'
Rack::Auth.schemes.should.include? 'token'
end

it "should allow registration of new auth schemes" do
Rack::Auth.schemes.should.not.include "test"
Rack::Auth.add_scheme "test"
Rack::Auth.schemes.should.include "test"
end
end

describe Rack::Auth::AbstractRequest do
it "should symbolize known auth schemes" do
env = Rack::MockRequest.env_for('/')
env['HTTP_AUTHORIZATION'] = 'Basic aXJyZXNwb25zaWJsZQ=='
req = Rack::Auth::AbstractRequest.new(env)
req.scheme.should == :basic


env['HTTP_AUTHORIZATION'] = 'Digest aXJyZXNwb25zaWJsZQ=='
req = Rack::Auth::AbstractRequest.new(env)
req.scheme.should == :digest

env['HTTP_AUTHORIZATION'] = 'Bearer aXJyZXNwb25zaWJsZQ=='
req = Rack::Auth::AbstractRequest.new(env)
req.scheme.should == :bearer

env['HTTP_AUTHORIZATION'] = 'MAC aXJyZXNwb25zaWJsZQ=='
req = Rack::Auth::AbstractRequest.new(env)
req.scheme.should == :mac

env['HTTP_AUTHORIZATION'] = 'Token aXJyZXNwb25zaWJsZQ=='
req = Rack::Auth::AbstractRequest.new(env)
req.scheme.should == :token

env['HTTP_AUTHORIZATION'] = 'OAuth aXJyZXNwb25zaWJsZQ=='
req = Rack::Auth::AbstractRequest.new(env)
req.scheme.should == :oauth

env['HTTP_AUTHORIZATION'] = 'OAuth2 aXJyZXNwb25zaWJsZQ=='
req = Rack::Auth::AbstractRequest.new(env)
req.scheme.should == :oauth2
end

it "should not symbolize unknown auth schemes" do
env = Rack::MockRequest.env_for('/')
env['HTTP_AUTHORIZATION'] = 'magic aXJyZXNwb25zaWJsZQ=='
req = Rack::Auth::AbstractRequest.new(env)
req.scheme.should == "magic"
end
end

0 comments on commit 89f6fc8

Please sign in to comment.