From 1a52b246eb245d159a1c331417a4b14923e9bc4e Mon Sep 17 00:00:00 2001 From: Pratik Naik Date: Fri, 22 May 2009 00:26:58 +0200 Subject: Add HTTP Authentication to the new base --- actionpack/Rakefile | 1 + actionpack/lib/action_controller/new_base.rb | 2 ++ actionpack/lib/action_controller/new_base/base.rb | 7 +++++++ .../lib/action_controller/new_base/conditional_get.rb | 2 +- actionpack/lib/action_controller/new_base/renderer.rb | 2 +- .../test/controller/http_digest_authentication_test.rb | 13 +++++++++---- actionpack/test/controller/send_file_test.rb | 13 +++++++++---- 7 files changed, 30 insertions(+), 10 deletions(-) (limited to 'actionpack') diff --git a/actionpack/Rakefile b/actionpack/Rakefile index d192a2e3bf..012f5384e2 100644 --- a/actionpack/Rakefile +++ b/actionpack/Rakefile @@ -65,6 +65,7 @@ Rake::TestTask.new(:test_new_base_on_old_tests) do |t| flash mime_responds record_identifier redirect render render_json render_xml send_file request_forgery_protection rescue url_rewriter verification webservice + http_basic_authentication http_digest_authentication ).map { |name| "test/controller/#{name}_test.rb" } end diff --git a/actionpack/lib/action_controller/new_base.rb b/actionpack/lib/action_controller/new_base.rb index 95808decd5..14f73e1edd 100644 --- a/actionpack/lib/action_controller/new_base.rb +++ b/actionpack/lib/action_controller/new_base.rb @@ -31,6 +31,8 @@ module ActionController autoload :Flash, 'action_controller/base/chained/flash' autoload :RequestForgeryProtection, 'action_controller/base/request_forgery_protection' autoload :Streaming, 'action_controller/base/streaming' + autoload :HttpAuthentication, 'action_controller/base/http_authentication' + require 'action_controller/routing' end diff --git a/actionpack/lib/action_controller/new_base/base.rb b/actionpack/lib/action_controller/new_base/base.rb index 08ffafb27e..b432060bc1 100644 --- a/actionpack/lib/action_controller/new_base/base.rb +++ b/actionpack/lib/action_controller/new_base/base.rb @@ -30,6 +30,8 @@ module ActionController include ActionController::Verification include ActionController::RequestForgeryProtection include ActionController::Streaming + include ActionController::HttpAuthentication::Basic::ControllerMethods + include ActionController::HttpAuthentication::Digest::ControllerMethods # TODO: Extract into its own module # This should be moved together with other normalizing behavior @@ -89,6 +91,11 @@ module ActionController if options.key?(:action) && options[:action].to_s.index("/") options[:template] = options.delete(:action) end + + if options[:status] + options[:status] = interpret_status(options.delete(:status)).to_i + end + options end diff --git a/actionpack/lib/action_controller/new_base/conditional_get.rb b/actionpack/lib/action_controller/new_base/conditional_get.rb index e1407e671a..116ce34494 100644 --- a/actionpack/lib/action_controller/new_base/conditional_get.rb +++ b/actionpack/lib/action_controller/new_base/conditional_get.rb @@ -57,7 +57,7 @@ module ActionController raise ArgumentError, "too few arguments to head" end options = args.extract_options! - status = interpret_status(args.shift || options.delete(:status) || :ok) + status = args.shift || options.delete(:status) || :ok options.each do |key, value| headers[key.to_s.dasherize.split(/-/).map { |v| v.capitalize }.join("-")] = value.to_s diff --git a/actionpack/lib/action_controller/new_base/renderer.rb b/actionpack/lib/action_controller/new_base/renderer.rb index 2a52eedb59..878859f3e6 100644 --- a/actionpack/lib/action_controller/new_base/renderer.rb +++ b/actionpack/lib/action_controller/new_base/renderer.rb @@ -80,7 +80,7 @@ module ActionController def _process_options(options) status, content_type, location = options.values_at(:status, :content_type, :location) - response.status = status.to_i if status + response.status = status if status response.content_type = content_type if content_type response.headers["Location"] = url_for(location) if location end diff --git a/actionpack/test/controller/http_digest_authentication_test.rb b/actionpack/test/controller/http_digest_authentication_test.rb index b8a2205ce6..15a11395bb 100644 --- a/actionpack/test/controller/http_digest_authentication_test.rb +++ b/actionpack/test/controller/http_digest_authentication_test.rb @@ -38,6 +38,15 @@ class HttpDigestAuthenticationTest < ActionController::TestCase tests DummyDigestController + setup do + # Used as secret in generating nonce to prevent tampering of timestamp + @old_secret, ActionController::Base.session_options[:secret] = ActionController::Base.session_options[:secret], "session_options_secret" + end + + teardown do + ActionController::Base.session_options[:secret] = @old_secret + end + AUTH_HEADERS.each do |header| test "successful authentication with #{header.downcase}" do @request.env[header] = encode_credentials(:username => 'lifo', :password => 'world') @@ -165,10 +174,6 @@ class HttpDigestAuthenticationTest < ActionController::TestCase options.reverse_merge!(:nc => "00000001", :cnonce => "0a4f113b", :password_is_ha1 => false) password = options.delete(:password) - # Set in /initializers/session_store.rb. Used as secret in generating nonce - # to prevent tampering of timestamp - ActionController::Base.session_options[:secret] = "session_options_secret" - # Perform unauthenticated request to retrieve digest parameters to use on subsequent request method = options.delete(:method) || 'GET' diff --git a/actionpack/test/controller/send_file_test.rb b/actionpack/test/controller/send_file_test.rb index 3a99774ae0..0bc0eb2df6 100644 --- a/actionpack/test/controller/send_file_test.rb +++ b/actionpack/test/controller/send_file_test.rb @@ -11,12 +11,17 @@ class SendFileController < ActionController::Base layout "layouts/standard" # to make sure layouts don't interfere attr_writer :options - def options() @options ||= {} end + def options + @options ||= {} + end - def file() send_file(file_path, options) end - def data() send_data(file_data, options) end + def file + send_file(file_path, options) + end - def rescue_action(e) raise end + def data + send_data(file_data, options) + end end class SendFileTest < ActionController::TestCase -- cgit v1.2.3