aptible-auth 1.3.0 → 1.5.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: fa366e77caf944b6664bf9028ed18951244aa306db65267f4f7cd6abc5b186b6
-  data.tar.gz: f8142c1e9887387bf58187937b5f182396b83ff9f68f834811065b5606e33de0
+  metadata.gz: 7fa3270646948b32ac4d6f467b2441757c28af525f0c2c1bf465c0a7ceda6cf4
+  data.tar.gz: d4869199daef0e8763be2bda7c4dd60bc59a35bb90664cade8ec81141df8551c
 SHA512:
-  metadata.gz: b8e25debb3cca514e6b6fd343d57f1010ca657e34640e7a5a188d45ff98d48a2c1946ff56ff9019d015c22d6f9d5b4b47ec6d927a4dd96f26727f020c778ef2a
-  data.tar.gz: 6e4947efb5abd53ea279f90be54d237c289d14d4f968ea5b49e2b7ba570828d6f51708a744ac8c6d7c7cdbadd47a071d0d4b55cc4a1c88d4c0ef27cc8e34678c
+  metadata.gz: 53f90bf3f134007f0003edadb8a1bc254811c6e3ca76d473dde1a0447b03dc4e75176e6550c455d7bce55567a0bfc81789a2f22237faf3a6d85b931bba879370
+  data.tar.gz: 7b673c460863f56d6b9319314ccc291fade0fd3d678bb64f2de5716de86e6585541988f2078616774e661c8435d096df689d90e85aa8370ef214e3df34d61767

data/.github/workflows/ci.yml

@@ -15,22 +15,15 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        RUBY_VERSION: [2.6, 2.7, 3.3, 3.4]
+        RUBY_VERSION: [2.3, 2.4, 2.5, 2.6, 2.7, 3.1, 3.2, 3.3, 3.4]
+    env:
+      RUBY_VERSION: ${{ matrix.RUBY_VERSION }}
     steps:
       - name: Check out code
         uses: actions/checkout@v4
 
-      - name: Install Ruby
-        uses: ruby/setup-ruby@v1
-        with:
-          ruby-version: ${{ matrix.RUBY_VERSION }}
-          bundler: 1.17.3
-
-      - name: Bundle install
-        run: bundle install
-
       - name: Rubocop
-        run: bundle exec rake rubocop
+        run: make lint
 
       - name: Rspec
-        run: bundle exec rspec
+        run: make test

data/.github/workflows/release.yml

@@ -0,0 +1,26 @@
+on:
+  release:
+    types: [published]
+
+jobs:
+  push:
+    name: Push gem to RubyGems.org
+    runs-on: ubuntu-latest
+
+    permissions: 
+        id-token: write
+        contents: write
+
+    steps:
+      - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8
+        with:
+          persist-credentials: false
+      - name: Set up Ruby
+        uses: ruby/setup-ruby@211ffaaa5f8dda97e9e8bca4e70d0fbaf2f8c41c
+        with:
+          bundler-cache: false
+          ruby-version: "3.3"
+
+      - run: bundle install
+
+      - uses: rubygems/release-gem@1c162a739e8b4cb21a676e97b087e8268d8fc40b

data/.gitignore

@@ -16,3 +16,4 @@ test/tmp
 test/version_tmp
 tmp
 .idea
+/docker/ruby-*/

data/Dockerfile

@@ -0,0 +1,20 @@
+ARG RUBY_VERSION=2.3.1
+FROM ruby:${RUBY_VERSION}
+
+ARG BUNDLER_VERSION=1.17.3
+ENV BUNDLER_VERSION=${BUNDLER_VERSION}
+RUN if [ "${BUNDLER_VERSION}" != "" ] ; then \
+      gem install bundler -v "${BUNDLER_VERSION}" ; \
+    fi
+
+WORKDIR /app
+COPY Gemfile /app/
+COPY aptible-auth.gemspec /app/
+RUN mkdir -p /app/lib/aptible/auth/
+COPY lib/aptible/auth/version.rb /app/lib/aptible/auth/
+
+RUN bundle install
+
+COPY . /app
+
+CMD ["bash"]

data/Makefile

@@ -0,0 +1,74 @@
+
+export COMPOSE_IGNORE_ORPHANS ?= true
+export RUBY_VERSION ?= 2.3.1
+RUBY_VERSION_MAJOR = $(word 1,$(subst ., ,$(RUBY_VERSION)))
+RUBY_VERSION_MINOR = $(word 2,$(subst ., ,$(RUBY_VERSION)))
+export BUNDLER_VERSION ?=
+ifeq ($(BUNDLER_VERSION),)
+ifeq ($(RUBY_VERSION_MAJOR),2)
+# Use old bundler for Ruby 2.3-2.6; Ruby 2.7 needs bundler 2.x to avoid resolver bugs
+ifeq ($(RUBY_VERSION_MINOR),7)
+export BUNDLER_VERSION = 2.4.22
+else
+export BUNDLER_VERSION = 1.17.3
+endif
+endif
+endif
+PROJECT_NAME = $(shell ls *.gemspec | sed 's/\.gemspec//')
+export COMPOSE_PROJECT_NAME ?= $(PROJECT_NAME)-$(subst .,_,$(RUBY_VERSION))
+
+default: help
+
+## Show this help message
+help:
+	@echo "\n\033[1;34mAvailable targets:\033[0m\n"
+	@awk 'BEGIN {FS = ":"; prev = ""} \
+					/^## / {prev = substr($$0, 4); next} \
+					/^[a-zA-Z_-]+:/ {if (prev != "") printf "  \033[1;36m%-20s\033[0m %s\n", $$1, prev; prev = ""} \
+					{prev = ""}' $(MAKEFILE_LIST) | sort
+	@echo
+
+BUILD_ARGS ?=
+## Build and pull docker compose images
+build: gemfile-lock
+	docker compose build --pull $(BUILD_ARGS)
+
+## Create a Gemfile.lock specific to the container (i.e., for the ruby version)
+gemfile-lock:
+	mkdir -pv ./docker/ruby-$(RUBY_VERSION)/ && \
+	echo '' > ./docker/ruby-$(RUBY_VERSION)/Gemfile.lock
+
+## Open shell in a docker container, supports CMD=
+bash: build
+	$(MAKE) run CMD=bash
+
+CMD ?= bash
+## Run command in a docker container, supports CMD=
+run:
+	docker compose run --rm runner $(CMD)
+
+## Run tests in a docker container, supports ARGS=
+test: build
+	$(MAKE) test-direct ARGS="$(ARGS)"
+
+## Run tests in a docker container without building, supports ARGS=
+test-direct:
+	$(MAKE) run CMD="bundle exec rspec $(ARGS)"
+
+## Run rubocop in a docker container, supports ARGS=
+lint: build
+	$(MAKE) lint-direct ARGS="$(ARGS)"
+
+## Run rubocop in a docker container without building, supports ARGS=
+lint-direct:
+	$(MAKE) run CMD="bundle exec rake rubocop $(ARGS)"
+
+## Clean up docker compose resources
+clean: clean-gemfile-lock
+	docker compose down --remove-orphans --volumes
+
+## Clean up the container specific Gemfile.lock
+clean-gemfile-lock:
+	rm -v ./docker/ruby-$(RUBY_VERSION)/Gemfile.lock ||:
+
+.PHONY: build bash test

data/aptible-auth.gemspec

@@ -21,15 +21,15 @@ Gem::Specification.new do |spec|
   spec.require_paths = ['lib']
 
   spec.add_dependency 'aptible-resource', '~> 1.0'
-  spec.add_dependency 'concurrent-ruby', '1.3.4'
   spec.add_dependency 'gem_config'
   spec.add_dependency 'multipart-post', '2.1.1'
   spec.add_dependency 'oauth2', '2.0.9'
 
   spec.add_development_dependency 'aptible-tasks', '>= 0.6.0'
+  spec.add_development_dependency 'httplog'
   spec.add_development_dependency 'pry'
   spec.add_development_dependency 'rake'
   spec.add_development_dependency 'rspec', '~> 3.0'
   spec.add_development_dependency 'rspec-its'
-  spec.add_development_dependency 'timecop', '~> 0.8.1'
+  spec.add_development_dependency 'timecop', '~> 0.9.10'
 end

data/docker-compose.yml

@@ -0,0 +1,12 @@
+services:
+  runner:
+    build:
+      context: .
+      args:
+        RUBY_VERSION: ${RUBY_VERSION:-2.3.1}
+        BUNDLER_VERSION: ${BUNDLER_VERSION:-}
+    volumes:
+      - type: bind
+        source: .
+        target: /app
+      - ./docker/ruby-${RUBY_VERSION}/Gemfile.lock:/app/Gemfile.lock

data/lib/aptible/auth/token.rb

@@ -40,6 +40,11 @@ module Aptible
                                                        cause: e)
       end
 
+      def self.current_token(token:)
+        url = "#{Aptible::Auth.configuration.root_url}/current_token"
+        find_by_url(url, token: token)
+      end
+
       def authenticate_user(email, password, options = {})
         options[:scope] ||= 'manage'
         oauth_token = oauth.password.get_token(email, password, options)

data/lib/aptible/auth/user.rb

@@ -24,6 +24,21 @@ module Aptible
         # TODO: Implement query params for /operations
         []
       end
+
+      # Returns roles with their organizations pre-loaded to avoid N+1 API calls
+      # when iterating through roles and accessing role.organization.
+      # Makes 2 backend requests: one for orgs, one for roles.
+      def roles_with_organizations
+        orgs_by_href = Organization.all(token: token, headers: headers)
+                                   .index_by(&:href)
+
+        roles.tap do |all_roles|
+          all_roles.each do |role|
+            org = orgs_by_href[role.links[:organization].href]
+            role.instance_variable_set(:@organization, org)
+          end
+        end
+      end
     end
   end
 end

data/lib/aptible/auth/version.rb

@@ -1,5 +1,5 @@
 module Aptible
   module Auth
-    VERSION = '1.3.0'.freeze
+    VERSION = '1.5.0'.freeze
   end
 end

data/spec/aptible/auth/token_spec.rb

@@ -229,4 +229,33 @@ describe Aptible::Auth::Token do
       expect(subject.send(:oauth)).to be(c)
     end
   end
+
+  describe '.current_token' do
+    let(:token_response) { double 'token_response' }
+    let(:access_token) { 'my_access_token' }
+    let(:root_url) { 'https://auth.example.com' }
+
+    before do
+      Aptible::Auth.configuration.root_url = root_url
+    end
+
+    it 'should fetch from /current_token endpoint with the provided token' do
+      expect(described_class).to receive(:find_by_url)
+        .with("#{root_url}/current_token", token: access_token)
+        .and_return(token_response)
+
+      expect(described_class.current_token(token: access_token)).to eq(token_response)
+    end
+
+    it 'should use configured root_url' do
+      custom_url = 'https://custom-auth.aptible.com'
+      Aptible::Auth.configuration.root_url = custom_url
+
+      expect(described_class).to receive(:find_by_url)
+        .with("#{custom_url}/current_token", token: access_token)
+        .and_return(token_response)
+
+      described_class.current_token(token: access_token)
+    end
+  end
 end

data/spec/aptible/auth/user_spec.rb

@@ -30,4 +30,95 @@ describe Aptible::Auth::User do
       expect(subject.organizations.count).to eq 1
     end
   end
+
+  describe '#roles_with_organizations' do
+    let(:token) { 'some-token' }
+    let(:headers) { { 'Authorization' => 'Bearer some-token' } }
+
+    let(:org1) do
+      double('Aptible::Auth::Organization', href: '/organizations/1', id: 1)
+    end
+    let(:org2) do
+      double('Aptible::Auth::Organization', href: '/organizations/2', id: 2)
+    end
+
+    let(:org1_link) do
+      double('Aptible::Auth::Organization::Link', href: '/organizations/1')
+    end
+    let(:org2_link) do
+      double('Aptible::Auth::Organization::Link', href: '/organizations/2')
+    end
+
+    let(:role1_links) { double('Role1::Links') }
+    let(:role2_links) { double('Role2::Links') }
+    let(:role3_links) { double('Role3::Links') }
+
+    let(:role1) { Aptible::Auth::Role.new }
+    let(:role2) { Aptible::Auth::Role.new }
+    let(:role3) { Aptible::Auth::Role.new }
+
+    before do
+      subject.stub(:token) { token }
+      subject.stub(:headers) { headers }
+
+      role1_links.stub(:[]).with(:organization) { org1_link }
+      role2_links.stub(:[]).with(:organization) { org2_link }
+      role3_links.stub(:[]).with(:organization) { org1_link }
+
+      role1.stub(:links) { role1_links }
+      role2.stub(:links) { role2_links }
+      role3.stub(:links) { role3_links }
+    end
+
+    it 'returns the roles' do
+      allow(Aptible::Auth::Organization).to receive(:all).and_return([org1])
+      subject.stub(:roles) { [role1] }
+
+      expect(subject.roles_with_organizations).to eq [role1]
+    end
+
+    it 'pre-populates @organization on each role' do
+      allow(Aptible::Auth::Organization).to receive(:all)
+        .with(token: token, headers: headers)
+        .and_return([org1, org2])
+      subject.stub(:roles) { [role1, role2] }
+
+      subject.roles_with_organizations
+
+      expect(role1.instance_variable_get(:@organization)).to eq org1
+      expect(role2.instance_variable_get(:@organization)).to eq org2
+    end
+
+    it 'maps multiple roles to the same organization' do
+      allow(Aptible::Auth::Organization).to receive(:all)
+        .with(token: token, headers: headers)
+        .and_return([org1, org2])
+      subject.stub(:roles) { [role1, role2, role3] }
+
+      subject.roles_with_organizations
+
+      expect(role1.instance_variable_get(:@organization)).to eq org1
+      expect(role2.instance_variable_get(:@organization)).to eq org2
+      expect(role3.instance_variable_get(:@organization)).to eq org1
+    end
+
+    it 'returns empty array when user has no roles' do
+      allow(Aptible::Auth::Organization).to receive(:all)
+        .with(token: token, headers: headers)
+        .and_return([])
+      subject.stub(:roles) { [] }
+
+      expect(subject.roles_with_organizations).to eq []
+    end
+
+    it 'makes exactly one call to Organization.all' do
+      expect(Aptible::Auth::Organization).to receive(:all)
+        .with(token: token, headers: headers)
+        .once
+        .and_return([org1])
+      subject.stub(:roles) { [role1] }
+
+      subject.roles_with_organizations
+    end
+  end
 end

metadata

@@ -1,13 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: aptible-auth
 version: !ruby/object:Gem::Version
-  version: 1.3.0
+  version: 1.5.0
 platform: ruby
 authors:
 - Frank Macreery
+autorequire:
 bindir: bin
 cert_chain: []
-date: 1980-01-02 00:00:00.000000000 Z
+date: 2025-12-29 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: aptible-resource
@@ -23,20 +24,6 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '1.0'
-- !ruby/object:Gem::Dependency
-  name: concurrent-ruby
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - '='
-      - !ruby/object:Gem::Version
-        version: 1.3.4
-  type: :runtime
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - '='
-      - !ruby/object:Gem::Version
-        version: 1.3.4
 - !ruby/object:Gem::Dependency
   name: gem_config
   requirement: !ruby/object:Gem::Requirement
@@ -93,6 +80,20 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: 0.6.0
+- !ruby/object:Gem::Dependency
+  name: httplog
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: pry
   requirement: !ruby/object:Gem::Requirement
@@ -155,14 +156,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.8.1
+        version: 0.9.10
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.8.1
+        version: 0.9.10
 description: Ruby client for auth.aptible.com
 email:
 - frank@macreery.com
@@ -172,16 +173,19 @@ extra_rdoc_files: []
 files:
 - ".github/CODEOWNERS"
 - ".github/workflows/ci.yml"
+- ".github/workflows/release.yml"
 - ".gitignore"
 - ".rspec"
-- ".ruby-version"
+- Dockerfile
 - Gemfile
 - LICENSE.md
+- Makefile
 - Procfile
 - README.md
 - Rakefile
 - SECURITY.md
 - aptible-auth.gemspec
+- docker-compose.yml
 - lib/aptible/auth.rb
 - lib/aptible/auth/agent.rb
 - lib/aptible/auth/client.rb
@@ -217,6 +221,7 @@ homepage: https://github.com/aptible/aptible-auth-ruby
 licenses:
 - MIT
 metadata: {}
+post_install_message:
 rdoc_options: []
 require_paths:
 - lib
@@ -231,7 +236,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.6.9
+rubygems_version: 3.5.22
+signing_key:
 specification_version: 4
 summary: Ruby client for auth.aptible.com
 test_files:

data/.ruby-version

@@ -1 +0,0 @@
-3.4