aptible-auth 0.0.1 → 0.1.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 25bd04db8b8a3727e0f28197c3bfc46e4c11a9e8
-  data.tar.gz: 1f0a678a374ebf27655ff4fc791dd4984dba8af5
+  metadata.gz: 101f4e5eba0e9ddacf579ed8758ebbbdfba30d84
+  data.tar.gz: b2daa6d3703e05bfcba62c36d7469890430a7463
 SHA512:
-  metadata.gz: 86a0ec2af4dec80f3d87da1bf2ad9ac418f2e14ffa1754d691d50361d71ba2c05bd70e473ecc48e290074818f3f3f137cfd0741d96e0f6fa3c1cc97eb9c7f6b8
-  data.tar.gz: c523b0a4b03ee140f74fb3e8b526a2c04b0dce0c871201893de743993a18bce480c36a9c0e1e061f99901ecef69c6498477226460f86ff1d26951f663587fcec
+  metadata.gz: 535418028b5197789fb200a8608133df28e5f2c6622d7a9d614c259409850139231209988a633a592fc6ef45e6808ecd8012ba1bea42223220b55e99df4280c8
+  data.tar.gz: c784ba5e1f430fd0ee88de2dc06a13214d7b0f4aab0c5ef57055fcd447dc4c56a69e02312f1293ff17612b179894c6b53ad8e734bd4a5c099d1a31fc9eae6c42

data/README.md

@@ -4,21 +4,58 @@
 [![Build Status](https://travis-ci.org/aptible/aptible-auth-ruby.png?branch=master)](https://travis-ci.org/aptible/aptible-auth-ruby)
 [![Dependency Status](https://gemnasium.com/aptible/aptible-auth-ruby.png)](https://gemnasium.com/aptible/aptible-auth-ruby)
 
-Ruby client for [auth.aptible.com](https://auth.aptible.com/). Since Aptible's authorization service is built on OAuth 2.0, most developers should be able to implement a client using just the [oauth2](https://github.com/intridea/oauth2) gem.
-
-However, due to the complexity of OAuth 2.0 and the fact that it is a fragmented and evolving standard, we provide this gem as a standard Ruby client library. All of our internal services use it, and so it can be expected to work.
+Ruby client for [auth.aptible.com](https://auth.aptible.com/). Aptible's authorization server is built on top of [OAuth 2.0](http://tools.ietf.org/html/rfc6749) and [HAL+JSON](http://tools.ietf.org/html/draft-kelly-json-hal-06), and so this client is just a thin layer on top of the [oauth2](https://github.com/intridea/oauth2) and [HyperResource](https://github.com/gamache/hyperresource) gems.
 
 ## Installation
 
-Add the following line to your application's Gemfile.
+Add the following lines to your application's Gemfile.
 
     gem 'aptible-auth'
+    gem 'oauth2', github: 'fancyremarker/oauth2', branch: 'aptible'
+
+The forked version of the OAuth2 gem is necessary until [intridea/oauth2#165](https://github.com/intridea/oauth2/pull/165) and [intridea/oauth2#166](https://github.com/intridea/oauth2/pull/166) are merged.
 
 And then run `bundle install`.
 
 ## Usage
 
-TODO: Add usage notes.
+First, get a token:
+
+```ruby
+token = Aptible::Auth::Token.new(email: 'user0@example.com', password: 'password')
+```
+
+Then, initialize a client:
+```ruby
+auth = Aptible::Auth::Client.new(token: token)
+```
+
+From here, you can interact with the Authorization API however you wish:
+
+```ruby
+auth.get
+auth.clients.count
+# => 4
+auth.clients.first.name
+# => "Client 0"
+client = auth.clients.create(name: 'Dogeclient')
+client.href
+# => "http://localhost:4000/clients/60765b69-ffd8-4762-b9d2-96354ddb16f9"
+```
+
+## Configuration
+
+| Parameter | Description | Default |
+| --------- | ----------- | --------------- |
+| `root_url` | Root URL of the authorization server | `https://auth.aptible.com` |
+
+To point the client at a different authorization server (e.g., during development), add the following to your application's initializers:
+
+```ruby
+Aptible::Auth.configure do |config|
+  config.root_url = 'http://some.other.url'
+end
+```
 
 ## Contributing
 

data/aptible-auth.gemspec

@@ -19,10 +19,13 @@ Gem::Specification.new do |spec|
   spec.test_files    = spec.files.grep(/^spec\//)
   spec.require_paths = ['lib']
 
+  spec.add_dependency 'gem_config'
   spec.add_dependency 'oauth2'
+  spec.add_dependency 'hyperresource'
 
   spec.add_development_dependency 'bundler', '~> 1.3'
   spec.add_development_dependency 'aptible-tasks', '>= 0.2.0'
   spec.add_development_dependency 'rake'
-  spec.add_dependency 'rspec', '~> 2.0'
+  spec.add_development_dependency 'rspec', '~> 2.0'
+  spec.add_development_dependency 'pry'
 end

data/lib/aptible/auth.rb

@@ -1,8 +1,19 @@
 require 'aptible/auth/version'
+require 'aptible/auth/token'
 require 'aptible/auth/client'
 
+require 'gem_config'
+
 module Aptible
   module Auth
-    # Your code goes here...
+    include GemConfig::Base
+
+    with_configuration do
+      has :root_url, classes: [String], default: 'https://auth.aptible.com'
+    end
+
+    def self.public_key
+      Client.new.get.public_key
+    end
   end
 end

data/lib/aptible/auth/client.rb

@@ -1,12 +1,27 @@
-require 'oauth2'
-require 'aptible/auth/strategy/pubkey'
+require 'hyperresource'
 
 module Aptible
   module Auth
-    class Client < OAuth2::Client
-      # The Pubkey Strategy (Aptible-custom)
-      def pubkey
-        @pubkey ||= Aptible::Auth::Strategy::Pubkey.new(self)
+    class Client < HyperResource
+      attr_accessor :token, :config
+
+      def initialize(options = {})
+        unless options.is_a?(Hash)
+          fail ArgumentError, 'Call Aptible::Auth::Client.new with a Hash'
+        end
+        @token = options[:token]
+
+        options[:root] ||= config.root_url
+        options[:headers] ||= { 'Content-Type' => 'application/json' }
+        options[:headers].merge!(
+          'Authorization' => "Bearer #{options[:token].access_token}"
+        ) if options[:token]
+
+        super(options)
+      end
+
+      def config
+        @config ||= Aptible::Auth.configuration
       end
     end
   end

data/lib/aptible/auth/token.rb

@@ -0,0 +1,50 @@
+require 'oauth2'
+
+module Aptible
+  module Auth
+    class Token
+      attr_accessor :client, :access_token, :refresh_token, :expires_at
+
+      def initialize(options = {})
+        oauth_params = {
+          site: Aptible::Auth.configuration.root_url,
+          token_url: '/tokens'
+        }
+        @client = OAuth2::Client.new(nil, nil, oauth_params)
+
+        process_options(options)
+      end
+
+      def authenticate_user(email, password, options = {})
+        options[:scope] ||= 'manage'
+        response = client.password.get_token(email, password, options)
+        parse_oauth_response(response)
+      end
+
+      def authenticate_client(id, secret, user, options = {})
+        options[:scope] ||= 'manage'
+        response = client.assertion.get_token(id, secret, user, options)
+        parse_oauth_response(response)
+      end
+
+      private
+
+      def process_options(options)
+        if (email = options.delete(:email)) &&
+           (password = options.delete(:password))
+          authenticate_user(email, password, options)
+        elsif (client_id = options.delete(:client_id)) &&
+              (client_secret = options.delete(:client_secret)) &&
+              (user = options.delete(:user))
+          authenticate_client(client_id, client_secret, user, options)
+        end
+      end
+
+      def parse_oauth_response(response)
+        @access_token = response.token
+        @refresh_token = response.refresh_token
+        @expires_at = Time.at(response.expires_at)
+      end
+    end
+  end
+end

data/lib/aptible/auth/version.rb

@@ -1,5 +1,5 @@
 module Aptible
   module Auth
-    VERSION = '0.0.1'
+    VERSION = '0.1.0'
   end
 end

data/spec/aptible/auth/client_spec.rb

@@ -1,5 +1,9 @@
 require 'spec_helper'
-require 'aptible/auth/client'
 
 describe Aptible::Auth::Client do
+  describe '#initialize' do
+    it 'should be a HyperResource instance' do
+      expect(subject).to be_a HyperResource
+    end
+  end
 end

data/spec/aptible/auth/token_spec.rb

@@ -0,0 +1,84 @@
+require 'spec_helper'
+
+describe Aptible::Auth::Token do
+  let(:client) { double OAuth2::Client }
+  let(:response) { double OAuth2::AccessToken }
+
+  before { response.stub(:token) }
+  before { response.stub(:refresh_token) }
+  before { response.stub(:expires_at) { Time.now.to_i } }
+
+  describe '#initialize' do
+    it 'should call #authenticate_user if passed :email and :password' do
+      Aptible::Auth::Token.any_instance.should_receive(
+        :authenticate_user
+      ).with 'user@example.com', 'foobar', {}
+      described_class.new(email: 'user@example.com', password: 'foobar')
+    end
+
+    it 'should #authenticate_client if passed a client ID and secret' do
+      Aptible::Auth::Token.any_instance.should_receive(
+        :authenticate_client
+      ).with 'id', 'secret', 'user@example.com', {}
+      described_class.new(
+        client_id: 'id',
+        client_secret: 'secret',
+        user: 'user@example.com'
+      )
+    end
+
+    it 'should not raise error if given no arguments' do
+      expect { described_class.new }.not_to raise_error
+    end
+  end
+
+  describe '#authenticate_user' do
+    let(:args) { %w(user@example.com foobar) }
+
+    before { subject.stub(:client) { client } }
+    before { client.stub_chain(:password, :get_token) { response } }
+
+    it 'should use the password strategy' do
+      params = { scope: 'manage' }
+      expect(client.password).to receive(:get_token).with(*(args + [params]))
+      subject.authenticate_user(*args)
+    end
+
+    it 'should allow the token scope to be specified' do
+      args << { scope: 'read' }
+      expect(client.password).to receive(:get_token).with(*args)
+      subject.authenticate_user(*args)
+    end
+
+    it 'should set the access_token' do
+      client.stub_chain(:password, :get_token, :token) { 'access_token' }
+      subject.authenticate_user(*args)
+      expect(subject.access_token).to eq 'access_token'
+    end
+  end
+
+  describe '#authenticate_client' do
+    let(:args) { %w(id secret user@example.com) }
+
+    before { subject.stub(:client) { client } }
+    before { client.stub_chain(:assertion, :get_token) { response } }
+
+    it 'should use the assertion strategy' do
+      params = { scope: 'manage' }
+      expect(client.assertion).to receive(:get_token).with(*(args + [params]))
+      subject.authenticate_client(*args)
+    end
+
+    it 'should allow the token scope to be specified' do
+      args << { scope: 'read' }
+      expect(client.assertion).to receive(:get_token).with(*args)
+      subject.authenticate_client(*args)
+    end
+
+    it 'should set the access_token' do
+      client.stub_chain(:assertion, :get_token, :token) { 'access_token' }
+      subject.authenticate_client(*args)
+      expect(subject.access_token).to eq 'access_token'
+    end
+  end
+end

data/spec/aptible/auth_spec.rb

@@ -0,0 +1,16 @@
+require 'spec_helper'
+
+describe Aptible::Auth do
+  it 'should have a configurable root_url' do
+    config = described_class.configuration
+    expect(config).to be_a GemConfig::Configuration
+    expect(config.root_url).to eq 'https://auth.aptible.com'
+  end
+
+  it 'should expose the server public key' do
+    get = double 'get'
+    Aptible::Auth::Client.any_instance.stub(:get) { get }
+    expect(get).to receive :public_key
+    described_class.public_key
+  end
+end

metadata

@@ -1,15 +1,29 @@
 --- !ruby/object:Gem::Specification
 name: aptible-auth
 version: !ruby/object:Gem::Version
-  version: 0.0.1
+  version: 0.1.0
 platform: ruby
 authors:
 - Frank Macreery
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2014-01-07 00:00:00.000000000 Z
+date: 2014-02-09 00:00:00.000000000 Z
 dependencies:
+- !ruby/object:Gem::Dependency
+  name: gem_config
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: oauth2
   requirement: !ruby/object:Gem::Requirement
@@ -24,6 +38,20 @@ dependencies:
     - - '>='
       - !ruby/object:Gem::Version
         version: '0'
+- !ruby/object:Gem::Dependency
+  name: hyperresource
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: bundler
   requirement: !ruby/object:Gem::Requirement
@@ -73,13 +101,27 @@ dependencies:
     - - ~>
       - !ruby/object:Gem::Version
         version: '2.0'
-  type: :runtime
+  type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ~>
       - !ruby/object:Gem::Version
         version: '2.0'
+- !ruby/object:Gem::Dependency
+  name: pry
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
 description: Ruby client for auth.aptible.com
 email:
 - frank@macreery.com
@@ -97,10 +139,11 @@ files:
 - aptible-auth.gemspec
 - lib/aptible/auth.rb
 - lib/aptible/auth/client.rb
-- lib/aptible/auth/strategy/pubkey.rb
+- lib/aptible/auth/token.rb
 - lib/aptible/auth/version.rb
 - spec/aptible/auth/client_spec.rb
-- spec/aptible/auth/strategy/pubkey_spec.rb
+- spec/aptible/auth/token_spec.rb
+- spec/aptible/auth_spec.rb
 - spec/spec_helper.rb
 homepage: https://github.com/aptible/aptible-auth
 licenses:
@@ -122,11 +165,12 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.0.14
+rubygems_version: 2.2.1
 signing_key: 
 specification_version: 4
 summary: Ruby client for auth.aptible.com
 test_files:
 - spec/aptible/auth/client_spec.rb
-- spec/aptible/auth/strategy/pubkey_spec.rb
+- spec/aptible/auth/token_spec.rb
+- spec/aptible/auth_spec.rb
 - spec/spec_helper.rb

data/lib/aptible/auth/strategy/pubkey.rb

@@ -1,25 +0,0 @@
-require 'oauth2'
-
-module Aptible
-  module Auth
-    module Strategy
-      # The Pubkey Strategy (Aptible-custom)
-      class Pubkey < OAuth2::Strategy::Base
-        # TODO: Implement
-        #
-        # @raise [NotImplementedError]
-        def get_token(fingerprint, params = {}, opts = {})
-          # rubocop:disable UselessAssignment
-          params = {
-            'grant_type'  => 'pubkey',
-            'fingerprint' => fingerprint,
-            'password'    => password
-          }.merge(client_params).merge(params)
-          # rubocop:enable UselessAssignment
-
-          fail NotImplementedError, 'Strategy not yet implemented'
-        end
-      end
-    end
-  end
-end

data/spec/aptible/auth/strategy/pubkey_spec.rb

@@ -1,5 +0,0 @@
-require 'spec_helper'
-require 'aptible/auth/strategy/pubkey'
-
-describe Aptible::Auth::Strategy::Pubkey do
-end