Generated on Fri Jul 11 15:55:35 -0700 2008 with rcov 0.7.0
Code reported as executed by Ruby looks like this... and this: this line is also marked as covered. Lines considered as run by rcov, but not reported by Ruby, look like this, and this: these lines were inferred by rcov (using simple heuristics). Finally, here's a line marked as not executed.
| Name | Total lines | Lines of code | Total coverage | Code coverage | ||||||||
| lib/openid/extensions/pape.rb | 179 | 132 |
|
|
1 # An implementation of the OpenID Provider Authentication Policy 2 # Extension 1.0 3 # see: http://openid.net/specs/ 4 5 require 'openid/extension' 6 7 module OpenID 8 9 module PAPE 10 NS_URI = "http://specs.openid.net/extensions/pape/1.0" 11 AUTH_MULTI_FACTOR_PHYSICAL = 12 'http://schemas.openid.net/pape/policies/2007/06/multi-factor-physical' 13 AUTH_MULTI_FACTOR = 14 'http://schemas.openid.net/pape/policies/2007/06/multi-factor' 15 AUTH_PHISHING_RESISTANT = 16 'http://schemas.openid.net/pape/policies/2007/06/phishing-resistant' 17 TIME_VALIDATOR = /\d\d\d\d-\d\d-\d\dT\d\d:\d\d:\d\dZ/ 18 # A Provider Authentication Policy request, sent from a relying 19 # party to a provider 20 class Request < Extension 21 attr_accessor :preferred_auth_policies, :max_auth_age, :ns_alias, :ns_uri 22 def initialize(preferred_auth_policies=[], max_auth_age=nil) 23 @ns_alias = 'pape' 24 @ns_uri = NS_URI 25 @preferred_auth_policies = preferred_auth_policies 26 @max_auth_age = max_auth_age 27 end 28 29 # Add an acceptable authentication policy URI to this request 30 # This method is intended to be used by the relying party to add 31 # acceptable authentication types to the request. 32 def add_policy_uri(policy_uri) 33 unless @preferred_auth_policies.member? policy_uri 34 @preferred_auth_policies << policy_uri 35 end 36 end 37 38 def get_extension_args 39 ns_args = { 40 'preferred_auth_policies' => @preferred_auth_policies.join(' ') 41 } 42 ns_args['max_auth_age'] = @max_auth_age.to_s if @max_auth_age 43 return ns_args 44 end 45 46 # Instantiate a Request object from the arguments in a 47 # checkid_* OpenID message 48 # return nil if the extension was not requested. 49 def self.from_openid_request(oid_req) 50 pape_req = new 51 args = oid_req.message.get_args(NS_URI) 52 if args == {} 53 return nil 54 end 55 pape_req.parse_extension_args(args) 56 return pape_req 57 end 58 59 # Set the state of this request to be that expressed in these 60 # PAPE arguments 61 def parse_extension_args(args) 62 @preferred_auth_policies = [] 63 policies_str = args['preferred_auth_policies'] 64 if policies_str 65 policies_str.split(' ').each{|uri| 66 add_policy_uri(uri) 67 } 68 end 69 70 max_auth_age_str = args['max_auth_age'] 71 if max_auth_age_str 72 @max_auth_age = max_auth_age_str.to_i 73 else 74 @max_auth_age = nil 75 end 76 end 77 78 # Given a list of authentication policy URIs that a provider 79 # supports, this method returns the subset of those types 80 # that are preferred by the relying party. 81 def preferred_types(supported_types) 82 @preferred_auth_policies.select{|uri| supported_types.member? uri} 83 end 84 end 85 86 # A Provider Authentication Policy response, sent from a provider 87 # to a relying party 88 class Response < Extension 89 attr_accessor :ns_alias, :auth_policies, :auth_time, :nist_auth_level 90 def initialize(auth_policies=[], auth_time=nil, nist_auth_level=nil) 91 @ns_alias = 'pape' 92 @ns_uri = NS_URI 93 @auth_policies = auth_policies 94 @auth_time = auth_time 95 @nist_auth_level = nist_auth_level 96 end 97 98 # Add a policy URI to the response 99 # see http://openid.net/specs/openid-provider-authentication-policy-extension-1_0-01.html#auth_policies 100 def add_policy_uri(policy_uri) 101 @auth_policies << policy_uri unless @auth_policies.member?(policy_uri) 102 end 103 104 # Create a Response object from an OpenID::Consumer::SuccessResponse 105 def self.from_success_response(success_response) 106 args = success_response.get_signed_ns(NS_URI) 107 return nil if args.nil? 108 pape_resp = new 109 pape_resp.parse_extension_args(args) 110 return pape_resp 111 end 112 113 # parse the provider authentication policy arguments into the 114 # internal state of this object 115 # if strict is specified, raise an exception when bad data is 116 # encountered 117 def parse_extension_args(args, strict=false) 118 policies_str = args['auth_policies'] 119 if policies_str and policies_str != 'none' 120 @auth_policies = policies_str.split(' ') 121 end 122 123 nist_level_str = args['nist_auth_level'] 124 if nist_level_str 125 # special handling of zero to handle to_i behavior 126 if nist_level_str.strip == '0' 127 nist_level = 0 128 else 129 nist_level = nist_level_str.to_i 130 # if it's zero here we have a bad value 131 if nist_level == 0 132 nist_level = nil 133 end 134 end 135 if nist_level and nist_level >= 0 and nist_level < 5 136 @nist_auth_level = nist_level 137 elsif strict 138 raise ArgumentError, "nist_auth_level must be an integer 0 through 4, not #{nist_level_str.inspect}" 139 end 140 end 141 142 auth_time_str = args['auth_time'] 143 if auth_time_str 144 # validate time string 145 if auth_time_str =~ TIME_VALIDATOR 146 @auth_time = auth_time_str 147 elsif strict 148 raise ArgumentError, "auth_time must be in RFC3339 format" 149 end 150 end 151 end 152 153 def get_extension_args 154 ns_args = {} 155 if @auth_policies.empty? 156 ns_args['auth_policies'] = 'none' 157 else 158 ns_args['auth_policies'] = @auth_policies.join(' ') 159 end 160 if @nist_auth_level 161 unless (0..4).member? @nist_auth_level 162 raise ArgumentError, "nist_auth_level must be an integer 0 through 4, not #{@nist_auth_level.inspect}" 163 end 164 ns_args['nist_auth_level'] = @nist_auth_level.to_s 165 end 166 167 if @auth_time 168 unless @auth_time =~ TIME_VALIDATOR 169 raise ArgumentError, "auth_time must be in RFC3339 format" 170 end 171 ns_args['auth_time'] = @auth_time 172 end 173 return ns_args 174 end 175 176 end 177 end 178 179 end
Generated using the rcov code coverage analysis tool for Ruby version 0.7.0.