cfformat on all

Author: lmajano

readme.md

@@ -6,6 +6,8 @@ This module will enhance your ColdBox applications by providing out of the box s
 
 - A security rule engine for incoming requests
 - Annotation driven security for handlers and actions
+- JWT (Json Web Tokens) generator, decoder and authentication services
+- Pluggable with any Authentication service or can leverage [cbauth](https://github.com/elpete/cbauth)
 
 The module also has the capability to distinguish between invalid authentication and invalid authorization and determine an outcome of the process.  The module also supports the ability to load/unload security rules from contributing modules. So you can create a nice HMVC hierarchy of security.
 

test-harness/box.json

@@ -24,5 +24,10 @@
     },
     "testbox":{
         "runner":"http://localhost:60299/tests/runner.cfm"
-    }
+	},
+	"scripts" : {
+		"format": "cfformat config/**.cfc,handlers/**.cfc,models/**.cfc,modules_app/**.cfc,tests/specs/**/*.cfc --overwrite",
+        "format:watch": "cfformat config/**.cfc,handlers/**.cfc,models/**.cfc,modules_app/**.cfc,tests/specs/**/*.cfc --watch",
+        "format:check": "cfformat config/**.cfc,handlers/**.cfc,models/**.cfc,modules_app/**.cfc,tests/specs/**/*.cfc --check"
+	}
 }

test-harness/config/Coldbox.cfc

@@ -4,27 +4,28 @@
 		// coldbox directives
 		coldbox = {
 			// Application Setup
-			appName : "Module Tester",
+			appName                 : "Module Tester",
 			// Development Settings
-			reinitPassword : "",
+			reinitPassword          : "",
 			handlersIndexAutoReload : true,
 			modulesExternalLocation : [],
 			// Implicit Events
-			defaultEvent : "",
-			requestStartHandler : "",
-			requestEndHandler : "",
+			defaultEvent            : "",
+			requestStartHandler     : "",
+			requestEndHandler       : "",
 			applicationStartHandler : "",
-			applicationEndHandler : "",
-			sessionStartHandler : "",
-			sessionEndHandler : "",
-			missingTemplateHandler : "",
+			applicationEndHandler   : "",
+			sessionStartHandler     : "",
+			sessionEndHandler       : "",
+			missingTemplateHandler  : "",
 			// Error/Exception Handling
-			exceptionHandler : "",
-			onInvalidEvent : "",
-			customErrorTemplate : "/coldbox/system/includes/BugReport.cfm",
+			exceptionHandler        : "",
+			onInvalidEvent          : "",
+			customErrorTemplate     : "/coldbox/system/includes/BugReport.cfm",
 			// Application Aspects
-			handlerCaching : false,
-			eventCaching : false
+			handlerCaching          : false,
+			eventCaching            : false,
+			autoMapModels           : true
 		};
 
 		// environment settings, create a detectEnvironment() method to detect it yourself.
@@ -41,107 +42,90 @@
 		};
 
 		// Register interceptors as an array, we need order
-		interceptors = [
-			// SES
-			{ class : "coldbox.system.interceptors.SES" }
-		];
+		interceptors = [];
 
 		// LogBox DSL
 		logBox = {
 			// Define Appenders
 			appenders : {
 				files : {
-					class : "coldbox.system.logging.appenders.RollingFileAppender",
+					class      : "coldbox.system.logging.appenders.RollingFileAppender",
 					properties : { filename : "tester", filePath : "/#appMapping#/logs" }
 				},
-				console : {
-					class : "coldbox.system.logging.appenders.ConsoleAppender"
-				}
+				console : { class : "coldbox.system.logging.appenders.ConsoleAppender" }
 			},
 			// Root Logger
-			root : { levelmax : "DEBUG", appenders : "*" },
+			root  : { levelmax : "DEBUG", appenders : "*" },
 			// Implicit Level Categories
-			info : [ "coldbox.system" ],
+			info  : [ "coldbox.system" ],
 			debug : [ "cbsecurity" ]
 		};
 
 		// Module Settings
 		moduleSettings = {
 			// CB Auth
-			cbAuth : {
-				userServiceClass : "UserService"
-			},
+			cbAuth     : { userServiceClass : "UserService" },
 			// CB Security
 			cbSecurity : {
 				// Global Relocation when an invalid access is detected, instead of each rule declaring one.
-				"invalidAuthenticationEvent" 	: "main.index",
+				"invalidAuthenticationEvent" : "main.index",
 				// Global override event when an invalid access is detected, instead of each rule declaring one.
-				"invalidAuthorizationEvent"		: "main.index",
+				"invalidAuthorizationEvent"  : "main.index",
 				// Default invalid action: override or redirect when an invalid access is detected, default is to redirect
-				"defaultAuthorizationAction"	: "redirect",
+				"defaultAuthorizationAction" : "redirect",
 				// The WireBox ID of the authentication service to use in cbSecurity which must adhere to the cbsecurity.interfaces.IAuthService interface.
-				"authenticationService"  		: "authenticationService@cbauth",
+				"authenticationService"      : "authenticationService@cbauth",
 				// WireBox ID of the user service to use
-				"userService"             		: "UserService",
+				"userService"                : "UserService",
 				// Enable Visualizer
-				"enableSecurityVisualizer"		: true,
+				"enableSecurityVisualizer"   : true,
 				// The global security rules
-				"rules" 						: [
+				"rules"                      : [
 					// should use direct action and do a global redirect
 					{
-						"whitelist": "",
-						"securelist": "admin",
-						"match": "event",
-						"roles": "admin",
-						"permissions": "",
-						"action" : "redirect"
+						"whitelist"   : "",
+						"securelist"  : "admin",
+						"match"       : "event",
+						"roles"       : "admin",
+						"permissions" : "",
+						"action"      : "redirect"
 					},
 					// no action, use global default action
 					{
-						"whitelist": "",
-						"securelist": "noAction",
-						"match": "url",
-						"roles": "admin",
-						"permissions": ""
+						"whitelist"   : "",
+						"securelist"  : "noAction",
+						"match"       : "url",
+						"roles"       : "admin",
+						"permissions" : ""
 					},
 					// Using overrideEvent only, so use an explicit override
-					{
-						"securelist": "ruleActionOverride",
-						"match": "url",
-						"overrideEvent": "main.login"
-					},
+					{ "securelist" : "ruleActionOverride", "match" : "url", "overrideEvent" : "main.login" },
 					// direct action, use global override
 					{
-						"whitelist": "",
-						"securelist": "override",
-						"match": "url",
-						"roles": "",
-						"permissions": "",
-						"action" : "override"
+						"whitelist"   : "",
+						"securelist"  : "override",
+						"match"       : "url",
+						"roles"       : "",
+						"permissions" : "",
+						"action"      : "override"
 					},
 					// Using redirect only, so use an explicit redirect
-					{
-						"securelist": "ruleActionRedirect",
-						"match": "url",
-						"redirect": "main.login"
-					}
+					{ "securelist" : "ruleActionRedirect", "match" : "url", "redirect" : "main.login" }
 				],
 				// JWT Settings
-				"jwt"                     		: {
-					"secretKey"               : "C3D4AF35-8FCD-49AB-943A39AEFFB584EE",
-					"customAuthHeader"        : "x-auth-token",
-					"expiration"              : 60,
-					"enableRefreshTokens"     : false,
-					"refreshExpiration"       : 43200,
-					"algorithm"               : "HS512",
-					"requiredClaims"          : [ "role" ],
-					"tokenStorage"            : {
-						"enabled"       : true,
-						"keyPrefix"     : "cbjwt_",
-						"driver"        : "cachebox",
-						"properties"    : {
-							"cacheName" : "default"
-						}
+				"jwt" : {
+					"secretKey"           : "C3D4AF35-8FCD-49AB-943A39AEFFB584EE",
+					"customAuthHeader"    : "x-auth-token",
+					"expiration"          : 60,
+					"enableRefreshTokens" : false,
+					"refreshExpiration"   : 43200,
+					"algorithm"           : "HS512",
+					"requiredClaims"      : [ "role" ],
+					"tokenStorage"        : {
+						"enabled"    : true,
+						"keyPrefix"  : "cbjwt_",
+						"driver"     : "cachebox",
+						"properties" : { "cacheName" : "default" }
 					}
 				}
 			}

test-harness/config/WireBox.cfc

@@ -9,21 +9,21 @@
 			// By default it registeres itself on application scope
 			scopeRegistration : {
 				enabled : true,
-				scope : "application", // server, cluster, session, application
-				key : "wireBox"
+				scope   : "application", // server, cluster, session, application
+				key     : "wireBox"
 			},
 			// DSL Namespace registrations
-			customDSL : {},
+			customDSL      : {},
 			// Custom Storage Scopes
-			customScopes : {},
+			customScopes   : {},
 			// Package scan locations
-			scanLocations : [],
+			scanLocations  : [],
 			// Stop Recursions
 			stopRecursions : [],
 			// Parent Injector to assign to the configured injector, this must be an object reference
 			parentInjector : "",
 			// Register all event listeners here, they are created in the specified order
-			listeners : []
+			listeners      : []
 		};
 
 		// Map Bindings below

test-harness/handlers/Annotations.cfc

@@ -1,17 +1,17 @@
 /**
  * I am a new secured handler
  */
-component secured{
+component secured {
 
 	function index( event, rc, prc ){
 		return "secured handler";
 	}
 
 	/**
-	* secret
-	*/
+	 * secret
+	 */
 	function secret( event, rc, prc ) secured="awesome-admin"{
 		return "Mega secured action!";
 	}
 
-}
+}

test-harness/handlers/Main.cfc

@@ -14,15 +14,15 @@ component {
 	}
 
 	/**
-	* login
-	*/
+	 * login
+	 */
 	function login( event, rc, prc ){
 		event.setView( "main/login" );
 	}
 
 	/**
-	* doLogin
-	*/
+	 * doLogin
+	 */
 	function doLogin( event, rc, prc ){
 		return "login";
 	}

test-harness/handlers/Public.cfc

@@ -1,4 +1,4 @@
-component{
+component {
 
 	property name="jwt" inject="provider:JWTService@jwt";
 	property name="bcrypt" inject="@BCrypt";
@@ -13,40 +13,35 @@ component{
 	}
 
 	/**
-	* pass
-	*/
+	 * pass
+	 */
 	function pass( event, rc, prc ){
 		return variables.bcrypt.hashPassword( "test" );
 	}
 
 	/**
-	* gen
-	*/
+	 * gen
+	 */
 	function gen( event, rc, prc ){
 		var start = now();
-		return jwt.encode( {
-			"iss" : event.buildLink(),
-			"iat" : toEpoch( start ),
-			"sub" : 0,
-			"exp" : toEpoch( dateAdd( "n", 60, start ) ),
-			"jti" : hash( start & 0 )
-		}, variables.secretKey );
+		return jwt.encode(
+			{
+				"iss" : event.buildLink(),
+				"iat" : toEpoch( start ),
+				"sub" : 0,
+				"exp" : toEpoch( dateAdd( "n", 60, start ) ),
+				"jti" : hash( start & 0 )
+			},
+			variables.secretKey
+		);
 	}
 
 	function toEpoch( required target ){
-		return dateDiff(
-			's',
-			dateConvert( "utc2local", "January 1 1970 00:00" ),
-			arguments.target
-		);
+		return dateDiff( "s", dateConvert( "utc2local", "January 1 1970 00:00" ), arguments.target );
 	}
 
 	function fromEpoch( required target ){
-		return DateAdd(
-			"s",
-			arguments.target, // should be in utc
-			dateConvert( "utc2local", "January 1 1970 00:00" )
-		);
+		return dateAdd( "s", arguments.target, dateConvert( "utc2local", "January 1 1970 00:00" ) );
 	}
 
-}
+}

test-harness/handlers/admin.cfc

@@ -7,4 +7,4 @@ component {
 		event.setView( "admin/index" );
 	}
 
-}
+}

test-harness/handlers/jwt.cfc

@@ -1,15 +1,14 @@
 /**
-* My Event Handler Hint
-*/
-component extends="coldbox.system.EventHandler"{
+ * My Event Handler Hint
+ */
+component extends="coldbox.system.EventHandler" {
 
 	property name="jwtService" inject="JwtService@cbSecurity";
 
 	/**
-	* Index
-	*/
+	 * Index
+	 */
 	any function index( event, rc, prc ){
-
 	}
 
 }