Merge pull request #78 from omniauth/update

tmilewski · web-flow · commit 6717bbefe3cf · 2018-01-09T11:27:57.000-05:00
Bring update-to-date
diff --git a/omniauth-ldap.gemspec b/omniauth-ldap.gemspec
@@ -9,15 +9,13 @@ Gem::Specification.new do |gem|
   gem.homepage      = "https://github.com/intridea/omniauth-ldap"
   gem.license       = "MIT"
 
-  gem.add_runtime_dependency     'omniauth', '~> 1.0'
-  gem.add_runtime_dependency     'net-ldap', '~> 0.12'
-  gem.add_runtime_dependency     'pyu-ruby-sasl', '~> 0.0.3.2'#0.0.3.1 has been yanked
-  gem.add_runtime_dependency     'rubyntlm', '~> 0.3.4'
-  gem.add_development_dependency 'rspec', '~> 2.7'
+  gem.add_runtime_dependency     'omniauth', '~> 1.8.1'
+  gem.add_runtime_dependency     'net-ldap', '~> 0.16'
+  gem.add_runtime_dependency     'pyu-ruby-sasl', '~> 0.0.3.3'
+  gem.add_runtime_dependency     'rubyntlm', '~> 0.6.2'
+  gem.add_development_dependency 'rspec', '~> 3.0'
   gem.add_development_dependency 'simplecov'
   gem.add_development_dependency 'rack-test'
-  gem.add_development_dependency 'libnotify'
-  gem.add_development_dependency 'ruby-debug19'
 
   gem.executables   = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) }
   gem.files         = `git ls-files`.split("\n")
diff --git a/spec/omniauth-ldap/adaptor_spec.rb b/spec/omniauth-ldap/adaptor_spec.rb
@@ -4,79 +4,83 @@
   describe 'initialize' do
     it 'should throw exception when must have field is not set' do
       #[:host, :port, :method, :bind_dn]
-      lambda { OmniAuth::LDAP::Adaptor.new({host: "192.168.1.145", method: 'plain'})}.should raise_error(ArgumentError)
+      expect {
+        OmniAuth::LDAP::Adaptor.new({ host: "192.168.1.145", method: 'plain' })
+      }.to raise_error(ArgumentError)
     end
 
     it 'should throw exception when method is not supported' do
-      lambda { OmniAuth::LDAP::Adaptor.new({host: "192.168.1.145", method: 'myplain', uid: 'uid', port: 389, base: 'dc=com'})}.should raise_error(OmniAuth::LDAP::Adaptor::ConfigurationError)
+      expect {
+        OmniAuth::LDAP::Adaptor.new({ host: "192.168.1.145", method: 'myplain', uid: 'uid', port: 389, base: 'dc=com' })
+      }.to raise_error(OmniAuth::LDAP::Adaptor::ConfigurationError)
     end
 
     it 'should setup ldap connection with anonymous' do
-      adaptor = OmniAuth::LDAP::Adaptor.new({host: "192.168.1.145", method: 'plain', base: 'dc=intridea, dc=com', port: 389, uid: 'sAMAccountName'})
-      adaptor.connection.should_not == nil
-      adaptor.connection.host.should == '192.168.1.145'
-      adaptor.connection.port.should == 389
-      adaptor.connection.base.should == 'dc=intridea, dc=com'
-      adaptor.connection.instance_variable_get('@auth').should == {:method => :anonymous, :username => nil, :password => nil}
+      adaptor = OmniAuth::LDAP::Adaptor.new({ host: "192.168.1.145", method: 'plain', base: 'dc=intridea, dc=com', port: 389, uid: 'sAMAccountName' })
+      expect(adaptor.connection).to_not be_nil
+      expect(adaptor.connection.host).to eq '192.168.1.145'
+      expect(adaptor.connection.port).to eq 389
+      expect(adaptor.connection.base).to eq 'dc=intridea, dc=com'
+      expect(adaptor.connection.instance_variable_get('@auth')).to eq({ method: :anonymous, username: nil, password: nil })
     end
 
     it 'should setup ldap connection with simple' do
-      adaptor = OmniAuth::LDAP::Adaptor.new({host: "192.168.1.145", method: 'plain', base: 'dc=intridea, dc=com', port: 389, uid: 'sAMAccountName', bind_dn: 'bind_dn', password: 'password'})
-      adaptor.connection.should_not == nil
-      adaptor.connection.host.should == '192.168.1.145'
-      adaptor.connection.port.should == 389
-      adaptor.connection.base.should == 'dc=intridea, dc=com'
-      adaptor.connection.instance_variable_get('@auth').should == {:method => :simple, :username => 'bind_dn', :password => 'password'}
+      adaptor = OmniAuth::LDAP::Adaptor.new({ host: "192.168.1.145", method: 'plain', base: 'dc=intridea, dc=com', port: 389, uid: 'sAMAccountName', bind_dn: 'bind_dn', password: 'password' })
+      expect(adaptor.connection).to_not be_nil
+      expect(adaptor.connection.host).to eq '192.168.1.145'
+      expect(adaptor.connection.port).to eq 389
+      expect(adaptor.connection.base).to eq 'dc=intridea, dc=com'
+      expect(adaptor.connection.instance_variable_get('@auth')).to eq({ method: :simple, username: 'bind_dn', password: 'password' })
     end
 
     it 'should setup ldap connection with sasl-md5' do
-      adaptor = OmniAuth::LDAP::Adaptor.new({host: "192.168.1.145", method: 'plain', base: 'dc=intridea, dc=com', port: 389, uid: 'sAMAccountName', try_sasl: true, sasl_mechanisms: ["DIGEST-MD5"], bind_dn: 'bind_dn', password: 'password'})
-      adaptor.connection.should_not == nil
-      adaptor.connection.host.should == '192.168.1.145'
-      adaptor.connection.port.should == 389
-      adaptor.connection.base.should == 'dc=intridea, dc=com'
-      adaptor.connection.instance_variable_get('@auth')[:method].should == :sasl
-      adaptor.connection.instance_variable_get('@auth')[:mechanism].should == 'DIGEST-MD5'
-      adaptor.connection.instance_variable_get('@auth')[:initial_credential].should == ''
-      adaptor.connection.instance_variable_get('@auth')[:challenge_response].should_not be_nil
+      adaptor = OmniAuth::LDAP::Adaptor.new({ host: "192.168.1.145", method: 'plain', base: 'dc=intridea, dc=com', port: 389, uid: 'sAMAccountName', try_sasl: true, sasl_mechanisms: ["DIGEST-MD5"], bind_dn: 'bind_dn', password: 'password' })
+      expect(adaptor.connection).to_not be_nil
+      expect(adaptor.connection.host).to eq '192.168.1.145'
+      expect(adaptor.connection.port).to eq 389
+      expect(adaptor.connection.base).to eq 'dc=intridea, dc=com'
+      expect(adaptor.connection.instance_variable_get('@auth')[:method]).to eq :sasl
+      expect(adaptor.connection.instance_variable_get('@auth')[:mechanism]).to eq 'DIGEST-MD5'
+      expect(adaptor.connection.instance_variable_get('@auth')[:initial_credential]).to eq ''
+      expect(adaptor.connection.instance_variable_get('@auth')[:challenge_response]).to_not be_nil
     end
 
     it 'should setup ldap connection with sasl-gss' do
       adaptor = OmniAuth::LDAP::Adaptor.new({host: "192.168.1.145", method: 'plain', base: 'dc=intridea, dc=com', port: 389, uid: 'sAMAccountName', try_sasl: true, sasl_mechanisms: ["GSS-SPNEGO"], bind_dn: 'bind_dn', password: 'password'})
-      adaptor.connection.should_not == nil
-      adaptor.connection.host.should == '192.168.1.145'
-      adaptor.connection.port.should == 389
-      adaptor.connection.base.should == 'dc=intridea, dc=com'
-      adaptor.connection.instance_variable_get('@auth')[:method].should == :sasl
-      adaptor.connection.instance_variable_get('@auth')[:mechanism].should == 'GSS-SPNEGO'
-      adaptor.connection.instance_variable_get('@auth')[:initial_credential].should =~ /^NTLMSSP/
-      adaptor.connection.instance_variable_get('@auth')[:challenge_response].should_not be_nil
+      expect(adaptor.connection).to_not be_nil
+      expect(adaptor.connection.host).to eq '192.168.1.145'
+      expect(adaptor.connection.port).to eq 389
+      expect(adaptor.connection.base).to eq 'dc=intridea, dc=com'
+      expect(adaptor.connection.instance_variable_get('@auth')[:method]).to eq :sasl
+      expect(adaptor.connection.instance_variable_get('@auth')[:mechanism]).to eq 'GSS-SPNEGO'
+      expect(adaptor.connection.instance_variable_get('@auth')[:initial_credential]).to match /^NTLMSSP/
+      expect(adaptor.connection.instance_variable_get('@auth')[:challenge_response]).to_not be_nil
     end
 
     it 'should set the encryption method correctly' do
-      adaptor = OmniAuth::LDAP::Adaptor.new({host: "192.168.1.145", method: 'tls', base: 'dc=intridea, dc=com', port: 389, uid: 'sAMAccountName'})
-      adaptor.connection.instance_variable_get('@encryption').should include method: :start_tls
+      adaptor = OmniAuth::LDAP::Adaptor.new({ host: "192.168.1.145", method: 'tls', base: 'dc=intridea, dc=com', port: 389, uid: 'sAMAccountName' })
+      expect(adaptor.connection.instance_variable_get('@encryption')).to include method: :start_tls
     end
   end
 
   describe 'bind_as' do
-    let(:args) { {:filter => Net::LDAP::Filter.eq('sAMAccountName', 'username'), :password => 'password', :size => 1} }
+    let(:args) { { :filter => Net::LDAP::Filter.eq('sAMAccountName', 'username'), :password => 'password', :size => 1 } }
     let(:rs) { Struct.new(:dn).new('new dn') }
 
     it 'should bind simple' do
-      adaptor = OmniAuth::LDAP::Adaptor.new({host: "192.168.1.126", method: 'plain', base: 'dc=score, dc=local', port: 389, uid: 'sAMAccountName', bind_dn: 'bind_dn', password: 'password'})
-      adaptor.connection.should_receive(:open).and_yield(adaptor.connection)
-      adaptor.connection.should_receive(:search).with(args).and_return([rs])
-      adaptor.connection.should_receive(:bind).with({:username => 'new dn', :password => args[:password], :method => :simple}).and_return(true)
-      adaptor.bind_as(args).should == rs
+      adaptor = OmniAuth::LDAP::Adaptor.new({ host: "192.168.1.126", method: 'plain', base: 'dc=score, dc=local', port: 389, uid: 'sAMAccountName', bind_dn: 'bind_dn', password: 'password' })
+      expect(adaptor.connection).to receive(:open).and_yield(adaptor.connection)
+      expect(adaptor.connection).to receive(:search).with(args).and_return([rs])
+      expect(adaptor.connection).to receive(:bind).with({ :username => 'new dn', :password => args[:password], :method => :simple }).and_return(true)
+      expect(adaptor.bind_as(args)).to eq rs
     end
 
     it 'should bind sasl' do
-      adaptor = OmniAuth::LDAP::Adaptor.new({host: "192.168.1.145", method: 'plain', base: 'dc=intridea, dc=com', port: 389, uid: 'sAMAccountName', try_sasl: true, sasl_mechanisms: ["GSS-SPNEGO"], bind_dn: 'bind_dn', password: 'password'})
-      adaptor.connection.should_receive(:open).and_yield(adaptor.connection)
-      adaptor.connection.should_receive(:search).with(args).and_return([rs])
-      adaptor.connection.should_receive(:bind).and_return(true)
-      adaptor.bind_as(args).should == rs
+      adaptor = OmniAuth::LDAP::Adaptor.new({ host: "192.168.1.145", method: 'plain', base: 'dc=intridea, dc=com', port: 389, uid: 'sAMAccountName', try_sasl: true, sasl_mechanisms: ["GSS-SPNEGO"], bind_dn: 'bind_dn', password: 'password' })
+      expect(adaptor.connection).to receive(:open).and_yield(adaptor.connection)
+      expect(adaptor.connection).to receive(:search).with(args).and_return([rs])
+      expect(adaptor.connection).to receive(:bind).and_return(true)
+      expect(adaptor.bind_as(args)).to eq rs
     end
   end
 end
diff --git a/spec/omniauth/strategies/ldap_spec.rb b/spec/omniauth/strategies/ldap_spec.rb
@@ -24,110 +24,112 @@ class MyLdapProvider < OmniAuth::Strategies::LDAP; end
   end
 
   it 'should add a camelization for itself' do
-    OmniAuth::Utils.camelize('ldap').should == 'LDAP'
+    expect(OmniAuth::Utils.camelize('ldap')).to eq 'LDAP'
   end
 
   describe '/auth/ldap' do
     before(:each){ get '/auth/ldap' }
 
     it 'should display a form' do
-      last_response.status.should == 200
-      last_response.body.should be_include("<form")
+      expect(last_response.status).to eq 200
+      expect(last_response.body).to include("<form")
     end
 
     it 'should have the callback as the action for the form' do
-      last_response.body.should be_include("action='/auth/ldap/callback'")
+      expect(last_response.body).to include("action='/auth/ldap/callback'")
     end
 
     it 'should have a text field for each of the fields' do
-      last_response.body.scan('<input').size.should == 2
+      expect(last_response.body.scan('<input').size).to eq 2
     end
     it 'should have a label of the form title' do
-      last_response.body.scan('MyLdap Form').size.should > 1
+      expect(last_response.body.scan('MyLdap Form').size).to be > 1
     end
   end
 
   describe 'post /auth/ldap/callback' do
     before(:each) do
       @adaptor = double(OmniAuth::LDAP::Adaptor, {:uid => 'ping'})
-      @adaptor.stub(:filter)
-      OmniAuth::LDAP::Adaptor.stub(:new).and_return(@adaptor)
+
+      allow(@adaptor).to receive(:filter)
+      allow(OmniAuth::LDAP::Adaptor).to receive(:new) { @adaptor }
     end
 
     context 'failure' do
       before(:each) do
-        @adaptor.stub(:bind_as).and_return(false)
+        allow(@adaptor).to receive(:bind_as) { false }
       end
 
       context "when username is not preset" do
         it 'should redirect to error page' do
           post('/auth/ldap/callback', {})
 
-          last_response.should be_redirect
-          last_response.headers['Location'].should =~ %r{missing_credentials}
+          # expect(last_response).to be redirect
+          expect(last_response).to be_redirect
+          expect(last_response.headers['Location']).to match %r{missing_credentials}
         end
       end
 
       context "when username is empty" do
         it 'should redirect to error page' do
-          post('/auth/ldap/callback', {:username => ""})
+          post('/auth/ldap/callback', { username: "" })
 
-          last_response.should be_redirect
-          last_response.headers['Location'].should =~ %r{missing_credentials}
+          expect(last_response).to be_redirect
+          expect(last_response.headers['Location']).to match %r{missing_credentials}
         end
       end
 
       context "when username is present" do
         context "and password is not preset" do
           it 'should redirect to error page' do
-            post('/auth/ldap/callback', {:username => "ping"})
+            post('/auth/ldap/callback', { username: "ping" })
 
-            last_response.should be_redirect
-            last_response.headers['Location'].should =~ %r{missing_credentials}
+            expect(last_response).to be_redirect
+            expect(last_response.headers['Location']).to match %r{missing_credentials}
           end
         end
 
         context "and password is empty" do
           it 'should redirect to error page' do
-            post('/auth/ldap/callback', {:username => "ping", :password => ""})
+            post('/auth/ldap/callback', { username: "ping", password: "" })
 
-            last_response.should be_redirect
-            last_response.headers['Location'].should =~ %r{missing_credentials}
+            expect(last_response).to be_redirect
+            expect(last_response.headers['Location']).to match %r{missing_credentials}
           end
         end
       end
 
       context "when username and password are present" do
         context "and bind on LDAP server failed" do
           it 'should redirect to error page' do
-            post('/auth/ldap/callback', {:username => 'ping', :password => 'password'})
+            post('/auth/ldap/callback', { username: 'ping', password: 'password' })
 
-            last_response.should be_redirect
-            last_response.headers['Location'].should =~ %r{invalid_credentials}
+            expect(last_response).to be_redirect
+            expect(last_response.headers['Location']).to match %r{invalid_credentials}
           end
           context 'and filter is set' do
             it 'should bind with filter' do
-              @adaptor.stub(:filter).and_return('uid=%{username}')
-              Net::LDAP::Filter.should_receive(:construct).with('uid=ping')
-              post('/auth/ldap/callback', {:username => 'ping', :password => 'password'})
+              allow(@adaptor).to receive(:filter) { 'uid=%{username}' }
+              expect(Net::LDAP::Filter).to receive(:construct).with('uid=ping')
+              post('/auth/ldap/callback', { username: 'ping', password: 'password' })
 
-              last_response.should be_redirect
-              last_response.headers['Location'].should =~ %r{invalid_credentials}
+              expect(last_response).to be_redirect
+              expect(last_response.headers['Location']).to match %r{invalid_credentials}
             end
           end
 
         end
 
         context "and communication with LDAP server caused an exception" do
           before :each do
-            @adaptor.stub(:bind_as).and_throw(Exception.new('connection_error'))
+            allow(@adaptor).to receive(:bind_as).and_throw(Exception.new('connection_error'))
           end
 
           it 'should redirect to error page' do
-            post('/auth/ldap/callback', {:username => "ping", :password => "password"})
+            post('/auth/ldap/callback', { username: "ping", password: "password" })
 
-            last_response.should be_redirect
-            last_response.headers['Location'].should =~ %r{ldap_error}
+            expect(last_response).to be_redirect
+            expect(last_response.headers['Location']).to match %r{ldap_error}
           end
         end
       end
@@ -137,8 +139,8 @@ class MyLdapProvider < OmniAuth::Strategies::LDAP; end
       let(:auth_hash){ last_request.env['omniauth.auth'] }
 
       before(:each) do
-        @adaptor.stub(:filter)
-        @adaptor.stub(:bind_as).and_return(Net::LDAP::Entry.from_single_ldif_string(
+        allow(@adaptor).to receive(:filter)
+        allow(@adaptor).to receive(:bind_as) { Net::LDAP::Entry.from_single_ldif_string(
       %Q{dn: cn=ping, dc=intridea, dc=com
 mail: ping@intridea.com
 givenname: Ping
@@ -156,38 +158,42 @@ class MyLdapProvider < OmniAuth::Strategies::LDAP; end
 jpegphoto: http://www.intridea.com/ping.jpg
 description: omniauth-ldap
 }
-    ))
+    )}
       end
 
       it 'should not redirect to error page' do
         post('/auth/ldap/callback', {:username => 'ping', :password => 'password'})
-        last_response.should_not be_redirect
+        expect(last_response).to_not be_redirect
       end
 
       context 'and filter is set' do
         it 'should bind with filter' do
-          @adaptor.stub(:filter).and_return('uid=%{username}')
-          Net::LDAP::Filter.should_receive(:construct).with('uid=ping')
-          post('/auth/ldap/callback', {:username => 'ping', :password => 'password'})
+          allow(@adaptor).to receive(:filter) { 'uid=%{username}' }
+          expect(Net::LDAP::Filter).to receive(:construct).with('uid=ping')
+          post('/auth/ldap/callback', { username: 'ping', password: 'password' })
 
-          last_response.should_not be_redirect
+          expect(last_response).to_not be_redirect
         end
       end
 
       it 'should map user info to Auth Hash' do
-        post('/auth/ldap/callback', {:username => 'ping', :password => 'password'})
-        auth_hash.uid.should == 'cn=ping, dc=intridea, dc=com'
-        auth_hash.info.email.should == 'ping@intridea.com'
-        auth_hash.info.first_name.should == 'Ping'
-        auth_hash.info.last_name.should == 'Yu'
-        auth_hash.info.phone.should == '555-555-5555'
-        auth_hash.info.mobile.should == '444-444-4444'
-        auth_hash.info.nickname.should == 'ping'
-        auth_hash.info.title.should == 'dev'
-        auth_hash.info.location.should == 'k street, Washington, DC, U.S.A 20001'
-        auth_hash.info.url.should == 'www.intridea.com'
-        auth_hash.info.image.should == 'http://www.intridea.com/ping.jpg'
-        auth_hash.info.description.should == 'omniauth-ldap'
+        post('/auth/ldap/callback', { username: 'ping', password: 'password' })
+
+        expect(auth_hash.uid).to eq 'cn=ping, dc=intridea, dc=com'
+
+        info = auth_hash.info
+
+        expect(info.email).to eq 'ping@intridea.com'
+        expect(info.first_name).to eq 'Ping'
+        expect(info.last_name).to eq 'Yu'
+        expect(info.phone).to eq '555-555-5555'
+        expect(info.mobile).to eq '444-444-4444'
+        expect(info.nickname).to eq 'ping'
+        expect(info.title).to eq 'dev'
+        expect(info.location).to eq 'k street, Washington, DC, U.S.A 20001'
+        expect(info.url).to eq 'www.intridea.com'
+        expect(info.image).to eq 'http://www.intridea.com/ping.jpg'
+        expect(info.description).to eq 'omniauth-ldap'
       end
     end
   end
