Merge pull request Sorcery#17 from asmsuechan/master

Refactor by using rubocop

lib/sorcery/adapters/active_record_adapter.rb

@@ -29,11 +29,11 @@ def find_authentication_by_oauth_credentials(relation_name, provider, uid)
       end
 
       class << self
-        def define_field(name, type, options={})
+        def define_field(name, type, options = {})
           # AR fields are defined through migrations, only validator here
         end
 
-        def define_callback(time, event, method_name, options={})
+        def define_callback(time, event, method_name, options = {})
           @klass.send "#{time}_#{event}", method_name, options.slice(:if)
         end
 
@@ -106,6 +106,5 @@ def transaction(&blk)
       end
     end
 
-
   end
 end

lib/sorcery/controller.rb

@@ -5,7 +5,7 @@ def self.included(klass)
         include InstanceMethods
         Config.submodules.each do |mod|
           begin
-            include Submodules.const_get(mod.to_s.split('_').map { |p| p.capitalize }.join)
+            include Submodules.const_get(mod.to_s.split('_').map(&:capitalize).join)
           rescue NameError
             # don't stop on a missing submodule.
           end

lib/sorcery/controller/submodules/external.rb

@@ -101,7 +101,7 @@ def sorcery_fixup_callback_url(provider)
               uri = URI.parse(request.url.gsub(/\?.*$/,''))
               uri.path = ''
               uri.query = nil
-              uri.scheme = 'https' if(request.env['HTTP_X_FORWARDED_PROTO'] == 'https')
+              uri.scheme = 'https' if request.env['HTTP_X_FORWARDED_PROTO'] == 'https'
               host = uri.to_s
               provider.callback_url = "#{host}#{@provider.original_callback_url}"
             end
@@ -141,7 +141,7 @@ def add_provider_to_user(provider_name)
             current_user.add_provider_to_user(provider_name.to_s, @user_hash[:uid].to_s)
           end
 
-          # Initialize new user from provider informations.
+          # Initialize new user from provider informations.
           # If a provider doesn't give required informations or username/email is already taken,
           # we store provider/user infos into a session and can be rendered into registration form
           def create_and_validate_from(provider_name)

lib/sorcery/controller/submodules/http_basic_auth.rb

@@ -4,15 +4,15 @@ module Submodules
       # This submodule integrates HTTP Basic authentication into sorcery.
       # You are provided with a before action, require_login_from_http_basic,
       # which requests the browser for authentication.
-      # Then the rest of the submodule takes care of logging the user in 
+      # Then the rest of the submodule takes care of logging the user in
       # into the session, so that the next requests will keep him logged in.
       module HttpBasicAuth
         def self.included(base)
           base.send(:include, InstanceMethods)
           Config.module_eval do
             class << self
               attr_accessor :controller_to_realm_map            # What realm to display for which controller name.
-                            
+
               def merge_http_basic_auth_defaults!
                 @defaults.merge!(:@controller_to_realm_map  => {"application" => "Application"})
               end
@@ -21,27 +21,27 @@ def merge_http_basic_auth_defaults!
           end
           Config.login_sources << :login_from_basic_auth
         end
-        
+
         module InstanceMethods
 
           protected
-          
+
           # to be used as a before_action.
           # The method sets a session when requesting the user's credentials.
           # This is a trick to overcome the way HTTP authentication works (explained below):
           #
-          # Once the user fills the credentials once, the browser will always send it to the 
+          # Once the user fills the credentials once, the browser will always send it to the
           # server when visiting the website, until the browser is closed.
-          # This causes wierd behaviour if the user logs out. The session is reset, yet the 
+          # This causes wierd behaviour if the user logs out. The session is reset, yet the
           # user is re-logged in by the before_action calling 'login_from_basic_auth'.
           # To overcome this, we set a session when requesting the password, which logout will
           # reset, and that's how we know if we need to request for HTTP auth again.
           def require_login_from_http_basic
-            (request_http_basic_authentication(realm_name_by_controller) and (session[:http_authentication_used] = true) and return) if (request.authorization.nil? || session[:http_authentication_used].nil?)
+            (request_http_basic_authentication(realm_name_by_controller) && (session[:http_authentication_used] = true) && return) if (request.authorization.nil? || session[:http_authentication_used].nil?)
             require_login
             session[:http_authentication_used] = nil unless logged_in?
           end
-          
+
           # given to main controller module as a login source callback
           def login_from_basic_auth
             authenticate_with_http_basic do |username, password|
@@ -50,7 +50,7 @@ def login_from_basic_auth
               @current_user
             end
           end
-          
+
           # Sets the realm name by searching the controller name in the hash given at configuration time.
           def realm_name_by_controller
             if defined?(ActionController::Base)
@@ -65,7 +65,7 @@ def realm_name_by_controller
               Config.controller_to_realm_map["application"]
             end
           end
-          
+
         end
 
       end

lib/sorcery/crypto_providers/aes256.rb

@@ -2,45 +2,45 @@
 
 module Sorcery
   module CryptoProviders
-    # This encryption method is reversible if you have the supplied key. 
+    # This encryption method is reversible if you have the supplied key.
     # So in order to use this encryption method you must supply it with a key first.
     # In an initializer, or before your application initializes, you should do the following:
     #
     #   Sorcery::Model::ConfigAES256.key = "my 32 bytes long key"
     #
-    # My final comment is that this is a strong encryption method, 
+    # My final comment is that this is a strong encryption method,
     # but its main weakness is that its reversible. If you do not need to reverse the hash
     # then you should consider Sha512 or BCrypt instead.
     #
     # Keep your key in a safe place, some even say the key should be stored on a separate server.
-    # This won't hurt performance because the only time it will try and access the key on the 
+    # This won't hurt performance because the only time it will try and access the key on the
     # separate server is during initialization, which only
-    # happens once. The reasoning behind this is if someone does compromise your server they 
+    # happens once. The reasoning behind this is if someone does compromise your server they
     # won't have the key also. Basically, you don't want to store the key with the lock.
     class AES256
       class << self
         attr_writer :key
-    
+
         def encrypt(*tokens)
           aes.encrypt
           aes.key = @key
           [aes.update(tokens.join) + aes.final].pack("m").chomp
         end
-    
+
         def matches?(crypted, *tokens)
           decrypt(crypted) == tokens.join
         rescue OpenSSL::CipherError
           false
         end
-        
+
         def decrypt(crypted)
           aes.decrypt
           aes.key = @key
           (aes.update(crypted.unpack("m").first) + aes.final)
         end
-    
+
         private
-        
+
         def aes
           raise ArgumentError.new("#{name} expects a 32 bytes long key. Please use Sorcery::Model::Config.encryption_key to set it.") if ( @key.nil? || @key == "" )
           @aes ||= OpenSSL::Cipher::Cipher.new("AES-256-ECB")

lib/sorcery/crypto_providers/bcrypt.rb

@@ -2,9 +2,9 @@
 
 module Sorcery
   module CryptoProviders
-    # For most apps Sha512 is plenty secure, but if you are building an app that stores nuclear 
+    # For most apps Sha512 is plenty secure, but if you are building an app that stores nuclear
     # launch codes you might want to consier BCrypt. This is an extremely
-    # secure hashing algorithm, mainly because it is slow. 
+    # secure hashing algorithm, mainly because it is slow.
     # A brute force attack on a BCrypt encrypted password would take much longer than a brute force attack on a
     # password encrypted with a Sha algorithm. Keep in mind you are sacrificing performance by using this,
     # generating a password takes exponentially longer than any
@@ -40,30 +40,30 @@ module CryptoProviders
     # You are good to go!
     class BCrypt
       class << self
-        # This is the :cost option for the BCrpyt library. 
+        # This is the :cost option for the BCrpyt library.
         # The higher the cost the more secure it is and the longer is take the generate a hash. By default this is 10.
-        # Set this to whatever you want, play around with it to get that perfect balance between 
+        # Set this to whatever you want, play around with it to get that perfect balance between
         # security and performance.
         def cost
           @cost ||= 10
         end
         attr_writer :cost
         alias :stretches :cost
         alias :stretches= :cost=
-        
+
         # Creates a BCrypt hash for the password passed.
         def encrypt(*tokens)
           ::BCrypt::Password.create(join_tokens(tokens), :cost => cost)
         end
-        
+
         # Does the hash match the tokens? Uses the same tokens that were used to encrypt.
         def matches?(hash, *tokens)
           hash = new_from_hash(hash)
           return false if hash.nil? || hash == {}
           hash == join_tokens(tokens)
         end
-        
-        # This method is used as a flag to tell Sorcery to "resave" the password 
+
+        # This method is used as a flag to tell Sorcery to "resave" the password
         # upon a successful login, using the new cost
         def cost_matches?(hash)
           hash = new_from_hash(hash)
@@ -73,17 +73,17 @@ def cost_matches?(hash)
             hash.cost == cost
           end
         end
-        
+
         def reset!
           @cost = 10
         end
-        
+
         private
-        
+
         def join_tokens(tokens)
           tokens.flatten.join
         end
-        
+
         def new_from_hash(hash)
           begin
             ::BCrypt::Password.new(hash)

lib/sorcery/crypto_providers/md5.rb

@@ -1,9 +1,9 @@
 require "digest/md5"
- 
+
 module Sorcery
   module CryptoProviders
-    # This class was made for the users transitioning from md5 based systems. 
-    # I highly discourage using this crypto provider as it superbly inferior 
+    # This class was made for the users transitioning from md5 based systems.
+    # I highly discourage using this crypto provider as it superbly inferior
     # to your other options.
     #
     # Please use any other provider offered by Sorcery.

lib/sorcery/crypto_providers/sha1.rb

@@ -10,15 +10,15 @@ class << self
         def join_token
           @join_token ||= "--"
         end
-        
+
         # Turns your raw password into a Sha1 hash.
         def encrypt(*tokens)
           tokens = tokens.flatten
           digest = tokens.shift
           stretches.times { digest = secure_digest([digest, *tokens].join(join_token)) }
           digest
         end
-        
+
         def secure_digest(digest)
           Digest::SHA1.hexdigest(digest)
         end

lib/sorcery/crypto_providers/sha256.rb

@@ -1,7 +1,7 @@
 require "digest/sha2"
 
 module Sorcery
-  # The activate_sorcery method has a custom_crypto_provider configuration option. 
+  # The activate_sorcery method has a custom_crypto_provider configuration option.
   # This allows you to use any type of encryption you like.
   # Just create a class with a class level encrypt and matches? method. See example below.
   #

lib/sorcery/crypto_providers/sha512.rb

@@ -1,7 +1,7 @@
 require "digest/sha2"
 
 module Sorcery
-  # The activate_sorcery method has a custom_crypto_provider configuration option. 
+  # The activate_sorcery method has a custom_crypto_provider configuration option.
   # This allows you to use any type of encryption you like.
   # Just create a class with a class level encrypt and matches? method. See example below.
   #

lib/sorcery/engine.rb

@@ -6,8 +6,8 @@ module Sorcery
   # With the plugin logic.
   class Engine < Rails::Engine
     config.sorcery = ::Sorcery::Controller::Config
-    
-    initializer "extend Controller with sorcery" do |app|
+
+    initializer "extend Controller with sorcery" do
       ActionController::Base.send(:include, Sorcery::Controller)
       ActionController::Base.helper_method :current_user
       ActionController::Base.helper_method :logged_in?

lib/sorcery/model.rb

@@ -49,7 +49,7 @@ def include_required_submodules!
         @sorcery_config.submodules = ::Sorcery::Controller::Config.submodules
         @sorcery_config.submodules.each do |mod|
           begin
-            include Submodules.const_get(mod.to_s.split('_').map {|p| p.capitalize}.join)
+            include Submodules.const_get(mod.to_s.split('_').map(&:capitalize).join)
           rescue NameError
             # don't stop on a missing submodule. Needed because some submodules are only defined
             # in the controller side.
@@ -113,11 +113,11 @@ def encrypt(*tokens)
 
       protected
 
-      def set_encryption_attributes()
+      def set_encryption_attributes
         @sorcery_config.encryption_provider.stretches = @sorcery_config.stretches if @sorcery_config.encryption_provider.respond_to?(:stretches) && @sorcery_config.stretches
         @sorcery_config.encryption_provider.join_token = @sorcery_config.salt_join_token if @sorcery_config.encryption_provider.respond_to?(:join_token) && @sorcery_config.salt_join_token
       end
-      
+
       def add_config_inheritance
         self.class_eval do
           def self.inherited(subclass)
@@ -148,12 +148,12 @@ def external?
 
       # Calls the configured encryption provider to compare the supplied password with the encrypted one.
       def valid_password?(pass)
-        _crypted = self.send(sorcery_config.crypted_password_attribute_name)  
-        return _crypted == pass if sorcery_config.encryption_provider.nil?
+        crypted = self.send(sorcery_config.crypted_password_attribute_name)
+        return crypted == pass if sorcery_config.encryption_provider.nil?
 
-        _salt = self.send(sorcery_config.salt_attribute_name) unless sorcery_config.salt_attribute_name.nil?
+        salt = self.send(sorcery_config.salt_attribute_name) unless sorcery_config.salt_attribute_name.nil?
 
-        sorcery_config.encryption_provider.matches?(_crypted, pass, _salt)
+        sorcery_config.encryption_provider.matches?(crypted, pass, salt)
       end
 
       protected
@@ -180,7 +180,7 @@ def clear_virtual_password
       def generic_send_email(method, mailer)
         config = sorcery_config
         mail = config.send(mailer).send(config.send(method),self)
-        if defined?(ActionMailer) and config.send(mailer).kind_of?(Class) and config.send(mailer) < ActionMailer::Base
+        if defined?(ActionMailer) && config.send(mailer).kind_of?(Class) && config.send(mailer) < ActionMailer::Base
           mail.send(config.email_delivery_method)
         end
       end

lib/sorcery/model/config.rb

@@ -34,7 +34,6 @@ class Config
                                                         # Default: :deliver (Rails version < 4.2) or :deliver_now (Rails version 4.2+)
                                                         # method to send email related
 
-
                     :after_config                       # an array of method names to call after configuration by user.
                                                         # used internally.
 
@@ -60,7 +59,7 @@ def initialize
           :@subclasses_inherit_config            => false,
           :@before_authenticate                  => [],
           :@after_config                         => [],
-          :@email_delivery_method                => default_email_delivery_method,
+          :@email_delivery_method                => default_email_delivery_method
         }
         reset!
       end

lib/sorcery/model/submodules/activity_logging.rb

@@ -53,13 +53,13 @@ def set_last_ip_address(ip_address)
           def online?
             return false if self.send(sorcery_config.last_activity_at_attribute_name).nil?
 
-            logged_in? and self.send(sorcery_config.last_activity_at_attribute_name) > sorcery_config.activity_timeout.seconds.ago
+            logged_in? && self.send(sorcery_config.last_activity_at_attribute_name) > sorcery_config.activity_timeout.seconds.ago
           end
 
           #  shows if user is logged in, but it not show if user is online - see online?
           def logged_in?
             return false if self.send(sorcery_config.last_login_at_attribute_name).nil?
-            return true if self.send(sorcery_config.last_login_at_attribute_name).present? and self.send(sorcery_config.last_logout_at_attribute_name).nil?
+            return true if self.send(sorcery_config.last_login_at_attribute_name).present? && self.send(sorcery_config.last_logout_at_attribute_name).nil?
 
             self.send(sorcery_config.last_login_at_attribute_name) > self.send(sorcery_config.last_logout_at_attribute_name)
           end

lib/sorcery/model/submodules/brute_force_protection.rb

@@ -18,7 +18,7 @@ def self.included(base)
                           :unlock_token_attribute_name,               # Unlock token attribute name
                           :unlock_token_email_method_name,            # Mailer method name
                           :unlock_token_mailer_disabled,              # When true, dont send unlock token via email
-                          :unlock_token_mailer                        # Mailer class
+                          :unlock_token_mailer                        # Mailer class
           end
 
           base.sorcery_config.instance_eval do