authinator 0.0.1 → 0.0.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: d74ae2cc632fa497d66db160895f23b467ecf229
-  data.tar.gz: b94bb79f1f6a8a2bf4590f3bda38c67cee7cdf1c
+  metadata.gz: b3b66719b8c7bb8dd6f60aa7e7ed026b661672f3
+  data.tar.gz: f9d3351fe755049be4cf3ed7b2c1cf3ab8dd6876
 SHA512:
-  metadata.gz: cb6b27be793d25bee657b48791648ffe740a0efa52f0e07d7a704ffb4b51e0b6c4c775f36888c1cd130acb364eb14f2ebcc5ceb673e8d34f8fb85eedd4d452bb
-  data.tar.gz: a536e204bae88a4a8daf8492d83fd1fa22b1013d8812e0716e29e4a4a47603d019bbe5db6c0d6127cd9e44c0255fccaa7c958f74f6c4d4f3bcbd5f52a9aedc98
+  metadata.gz: 8d3cdbe4ffd69f2fcfab7931eefc43ebbadc7214f02207bf42ad822d5330a62dbe2f6a46fc3a1c16239da4c6a33e180d7f021378252112c87b1bb40a2508cef3
+  data.tar.gz: cc7c802bae55aaf6e44a4c3ef220bdbfa4ab8ae6014a2236e841d27c4235dd53e98938f49f729560121988bd4edbf19cf0f1cb7450006d841297bde4b899e99c

data/.gitignore

@@ -11,4 +11,5 @@
 *.so
 *.o
 *.a
+*.gem
 mkmf.log

data/.rubocop.yml

@@ -47,3 +47,7 @@ Style/Lambda:
 
 Style/TrailingComma:
   EnforcedStyleForMultiline: 'comma'
+
+# Avoid complex methods.
+Metrics/CyclomaticComplexity:
+  Max: 7

data/.travis.yml

@@ -4,12 +4,12 @@ env:
     - JRUBY_OPTS="$JRUBY_OPTS --debug"
 language: ruby
 rvm:
+  - rbx-2
+  - jruby-19mode
   - 1.9.3
   - 2.0.0
   - 2.1
-  - jruby-19mode
   - jruby-head
-  - rbx-2
   - ruby-head
 matrix:
   allow_failures:

data/lib/authinator.rb

@@ -1,5 +1,7 @@
 require 'authinator/version'
 require 'authinator/auth_code_exchanger'
+require 'authinator/end_point_listener'
+require 'authinator/client_token_issuer'
 
 module Authinator
   # Your code goes here...

data/lib/authinator/auth_code_exchanger.rb

@@ -2,99 +2,99 @@
 # require 'omniauth-oauth2'
 require 'oauth2'
 
-# module Authinator
-class AuthCodeExchanger
-  VALID_PROVIDERS = [:stub, :google]
-  STUB_SAMPLE_TOKEN = {
-    token: 'ya29.token',
-    refresh_token: '1/refresh',
-    expires_in: 3600,
-  }
-
-  attr_reader :provider
-
-  def self.valid_providers
-    VALID_PROVIDERS
-  end
-
-  PROVIDER_HASHES = {
-    google: {
-      client_id: 'cl_id',
-      client_secret: 'cl_sec',
-      site: 'https://accounts.google.com',
-      token_url: '/o/oauth2/token',
-    },
-    stub: {
-      client_id: 'cl_id',
-      client_secret: 'cl_sec',
-      site: 'https://example.org',
-      token_url: '/extoken',
-    },
-  }
-
-  def initialize(provider, client_options = {})
-    unless VALID_PROVIDERS.include? provider
-      fail ArgumentError,
-           "Provider #{provider} not in supported parameter list:\n" <<
-             VALID_PROVIDERS.inspect
+module Authinator
+  class AuthCodeExchanger
+    VALID_PROVIDERS = [:stub, :google]
+    STUB_SAMPLE_TOKEN = {
+      token: 'ya29.token',
+      refresh_token: '1/refresh',
+      expires_in: 3600,
+    }
+
+    attr_reader :provider
+
+    def self.valid_providers
+      VALID_PROVIDERS
     end
 
-    @provider = provider
-    build_provider_hash(client_options)
-  end
+    PROVIDER_HASHES = {
+      google: {
+        client_id: 'cl_id',
+        client_secret: 'cl_sec',
+        site: 'https://accounts.google.com',
+        token_url: '/o/oauth2/token',
+      },
+      stub: {
+        client_id: 'cl_id',
+        client_secret: 'cl_sec',
+        site: 'https://example.org',
+        token_url: '/extoken',
+      },
+    }
+
+    def initialize(provider, client_options = {})
+      unless VALID_PROVIDERS.include? provider
+        fail ArgumentError,
+             "Provider #{provider} not in supported parameter list:\n" <<
+               VALID_PROVIDERS.inspect
+      end
+
+      @provider = provider
+      build_provider_hash(client_options)
+    end
 
-  def site_token_url
-    @provider_hash[:site] + @provider_hash[:token_url]
-  end
+    def site_token_url
+      @provider_hash[:site] + @provider_hash[:token_url]
+    end
 
-  def exchange(auth_code)
-    # auth_code = params[:code]
-    return if auth_code.nil? || auth_code.empty?
+    def exchange(auth_code)
+      # auth_code = params[:code]
+      return if auth_code.nil? || auth_code.empty?
 
-    case @provider.to_sym
-    when :google
-      exchange_with_google(auth_code)
-    when :stub
-      exchange_with_stub(auth_code)
+      case @provider.to_sym
+      when :google
+        exchange_with_google(auth_code)
+      when :stub
+        exchange_with_stub(auth_code)
+      end
     end
-  end
 
-private
+  private
 
-  def build_provider_hash(client_options)
-    @provider_hash = PROVIDER_HASHES[provider]
-    @provider_hash = client_options.delete(:client_id) if client_options[:client_id]
-    @provider_hash = client_options.delete(:client_secret) if client_options[:client_secret]
-  end
+    def build_provider_hash(client_options)
+      @provider_hash = PROVIDER_HASHES[provider]
+      @provider_hash = client_options.delete(:client_id) if client_options[:client_id]
+      @provider_hash = client_options.delete(:client_secret) if client_options[:client_secret]
+    end
 
-  def exchange_with_google(code)
-    provider_hash = @provider_hash.dup
+    def exchange_with_google(code)
+      provider_hash = @provider_hash.dup
 
-    client_id = provider_hash.delete(:client_id)
-    client_secret = provider_hash.delete(:client_secret)
-    @client = OAuth2::Client.new(client_id, client_secret, provider_hash)
+      client_id = provider_hash.delete(:client_id)
+      client_secret = provider_hash.delete(:client_secret)
+      @client = OAuth2::Client.new(client_id, client_secret, provider_hash)
 
-    token = @client.auth_code.get_token(code)
+      token = @client.auth_code.get_token(code)
 
-    # response = token.get('/api/resource', :params => { 'query_foo' => 'bar' })
-    # response.class.name
-    # => OAuth2::Response
+      # response = token.get('/api/resource', :params => { 'query_foo' => 'bar' })
+      # response.class.name
+      # => OAuth2::Response
 
-    token
-  end
+      token
+    end
 
-  def exchange_with_stub(_code)
-    @client = OAuth2::Client.new(
-        @provider_hash[:client_id],
-        @provider_hash[:client_secret],
-    )
-
-    OAuth2::AccessToken.new(
-        @client,
-        STUB_SAMPLE_TOKEN[:token],
-        refresh_token: STUB_SAMPLE_TOKEN[:refresh_token],
-        expires_in: STUB_SAMPLE_TOKEN[:expires_in],
-    )
+    def exchange_with_stub(_code)
+      @client = OAuth2::Client.new(
+          @provider_hash[:client_id],
+          @provider_hash[:client_secret],
+      )
+
+      OAuth2::AccessToken.new(
+          @client,
+          STUB_SAMPLE_TOKEN[:token],
+          refresh_token: STUB_SAMPLE_TOKEN[:refresh_token],
+          expires_in: STUB_SAMPLE_TOKEN[:expires_in],
+      )
+    end
   end
 end
-# end

data/lib/authinator/client_token_issuer.rb

@@ -0,0 +1,4 @@
+module Authinator
+  class ClientTokenIssuer
+  end
+end

data/lib/authinator/end_point_listener.rb

@@ -0,0 +1,58 @@
+module Authinator
+  class EndPointListener
+    attr_reader :email, :provider, :auth_code, :options, :errors
+
+    def initialize(hash = {})
+      @email = hash.delete :email
+      @provider = hash.delete :provider
+      @auth_code = hash.delete :auth_code
+      @options = hash
+      @errors = []
+    end
+
+    def valid?
+      validator_presence? &&
+        validator_valid_email? &&
+        validator_valid_provider?
+    end
+
+  private
+
+    def validator_presence?
+      email_present = present? @email
+      provider_present = present? @provider
+      auth_code_present = present? @auth_code
+
+      return true if email_present && provider_present && auth_code_present
+      errors << 'A required param is missing'
+      errors << '"email" field missing' unless email_present
+      errors << '"provider" field missing' unless provider_present
+      errors << '"auth_code" field missing' unless auth_code_present
+      false
+    end
+
+    # Regexp lovingly borrowed from https://github.com/balexand/email_validator
+    def validator_valid_email?
+      name_validation = @options[:strict_mode] ? '-a-z0-9+._' : '^@\\s'
+      regexp = /\A\s*([#{name_validation}]{1,64})@((?:[-a-z0-9]+\.)+[a-z]{2,})\s*\z/i
+      return true if @email =~ regexp
+      errors << "Email '#{@email}' is invalid"
+      false
+    end
+
+    def validator_valid_provider?
+      return true if Authinator::AuthCodeExchanger.valid_providers.include? @provider.to_sym
+      errors << "Provider '#{@provider}' is invalid"
+      false
+    end
+
+    # recreate rails method
+    def present?(el)
+      !blank?(el)
+    end
+
+    def blank?(el)
+      el.nil? || el.empty?
+    end
+  end
+end

data/lib/authinator/version.rb

@@ -1,3 +1,3 @@
 module Authinator
-  VERSION = '0.0.1'
+  VERSION = '0.0.2'
 end

data/spec/authinator/{authinator_spec.rb → auth_code_exchanger_spec.rb}

@@ -1,7 +1,7 @@
 require 'spec_helper'
 require 'json'
 
-describe AuthCodeExchanger do
+describe Authinator::AuthCodeExchanger do
   before :all do
     @token_hash = {
       access_token: 'ya29.token',
@@ -29,7 +29,7 @@ describe AuthCodeExchanger do
     }
   end
   it 'should correctly process a generic (stub) token' do
-    ace = AuthCodeExchanger.new(:stub)
+    ace = Authinator::AuthCodeExchanger.new(:stub)
     stub_request(:post, ace.site_token_url).
       with(body: @test_env,
            headers: @req_headers).
@@ -45,8 +45,8 @@ describe AuthCodeExchanger do
   it 'should return an AccessToken for each provider' do
     klass = OAuth2::AccessToken
 
-    AuthCodeExchanger.valid_providers.each do |provider|
-      ace = AuthCodeExchanger.new(provider)
+    Authinator::AuthCodeExchanger.valid_providers.each do |provider|
+      ace = Authinator::AuthCodeExchanger.new(provider)
       stub_request(:post, ace.site_token_url).
         with(body: @test_env,
              headers: @req_headers).
@@ -57,7 +57,7 @@ describe AuthCodeExchanger do
   end
 
   it 'should correctly process a google token' do
-    ace = AuthCodeExchanger.new(:google)
+    ace = Authinator::AuthCodeExchanger.new(:google)
     stub_request(:post, ace.site_token_url).
       with(body: @test_env,
            headers: @req_headers).
@@ -72,18 +72,7 @@ describe AuthCodeExchanger do
 
   it 'should gracefully not allow unsupported providers' do
     expect do
-      AuthCodeExchanger.new(:some_fake_provider)
+      Authinator::AuthCodeExchanger.new(:some_fake_provider)
     end.to raise_error(ArgumentError)
   end
 end
-
-describe 'ClientTokenIssuer' do
-  pending
-  it 'should accept valid-looking credentials from the client'
-  it 'should exchange client-provided credentials for auth codes'
-  it 'should return an error to the client if the credentials were invalid'
-  it 'should verify that the tokens belong to the provided email before returning them'
-  it 'should generate our own set of tokens for the client if the provided ones exchanged successfully'
-
-  it 'should all integrate to follow a standard flow to auth the api client'
-end

data/spec/authinator/client_token_issuer_spec.rb

@@ -0,0 +1,8 @@
+describe Authinator::ClientTokenIssuer do
+  it 'should exchange client-provided credentials for auth codes'
+  it 'should gracefully handle and return error condition if client-provided credentials are invalid'
+  it 'should verify that the tokens belong to the provided email before returning them'
+  it 'should generate our own set of tokens for the client if the provided ones exchanged successfully'
+
+  it 'should all integrate to follow a standard flow to auth the api client'
+end

data/spec/authinator/end_point_listener_spec.rb

@@ -0,0 +1,71 @@
+require 'spec_helper'
+
+describe Authinator::EndPointListener do
+  before :each do
+    @creds_hash = {
+      email: 'test@foogi.me',
+      auth_code: '4/auth_code',
+      provider: 'google',
+    }
+  end
+  it 'should accept valid-looking credentials from the client' do
+    listener = Authinator::EndPointListener.new(@creds_hash)
+    expect(listener.valid?).to be_truthy
+  end
+
+  # These tests extend on the test above.
+  # Given the test above handles the happy path, everything below are sad path tests
+
+  it 'should return an error to the client if the credentials were invalid' do
+    bad_creds_hash = {
+      a: 'b',
+      c: 'd',
+    }
+    listener = Authinator::EndPointListener.new(bad_creds_hash)
+    expect(listener.valid?).to be_falsey
+  end
+  it 'should return an error unless all three fields are provided' do
+    listener1 = Authinator::EndPointListener.new(@creds_hash.dup.tap { |hs| hs.delete(:email) }) # remove email
+    listener2 = Authinator::EndPointListener.new(@creds_hash.dup.tap { |hs| hs.delete(:auth_code) }) # remove ac
+    listener3 = Authinator::EndPointListener.new(@creds_hash.dup.tap { |hs| hs.delete(:provider) }) # remove prov
+
+    expect(listener1.valid?).to be_falsey
+    expect(listener2.valid?).to be_falsey
+    expect(listener3.valid?).to be_falsey
+  end
+  it 'should reject invalid emails' do
+    bad_email_hash1 = @creds_hash.merge(email: 'abc')
+    bad_email_hash2 = @creds_hash.merge(email: '')
+    bad_email_hash3 = @creds_hash.merge(email: 'a@')
+
+    listener1 = Authinator::EndPointListener.new(bad_email_hash1)
+    listener2 = Authinator::EndPointListener.new(bad_email_hash2)
+    listener3 = Authinator::EndPointListener.new(bad_email_hash3)
+
+    expect(listener1.valid?).to be_falsey
+    expect(listener2.valid?).to be_falsey
+    expect(listener3.valid?).to be_falsey
+  end
+
+  it 'should reject invalid providers' do
+    bad_provider_hash1 = @creds_hash.merge(provider: 'some_fake_provider')
+    bad_provider_hash2 = @creds_hash.merge(provider: '')
+
+    listener1 = Authinator::EndPointListener.new(bad_provider_hash1)
+    listener2 = Authinator::EndPointListener.new(bad_provider_hash2)
+
+    expect(listener1.valid?).to be_falsey
+    expect(listener2.valid?).to be_falsey
+  end
+
+  it 'should return a human-readable list of errors if there are any' do
+    listener = Authinator::EndPointListener.new({})
+    listener.valid?
+    expect(listener.errors).to eq [
+      'A required param is missing',
+      '"email" field missing',
+      '"provider" field missing',
+      '"auth_code" field missing',
+    ]
+  end
+end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: authinator
 version: !ruby/object:Gem::Version
-  version: 0.0.1
+  version: 0.0.2
 platform: ruby
 authors:
 - Alexander Bradner
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2014-12-21 00:00:00.000000000 Z
+date: 2014-12-22 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: oauth2
@@ -114,8 +114,12 @@ files:
 - authinator.gemspec
 - lib/authinator.rb
 - lib/authinator/auth_code_exchanger.rb
+- lib/authinator/client_token_issuer.rb
+- lib/authinator/end_point_listener.rb
 - lib/authinator/version.rb
-- spec/authinator/authinator_spec.rb
+- spec/authinator/auth_code_exchanger_spec.rb
+- spec/authinator/client_token_issuer_spec.rb
+- spec/authinator/end_point_listener_spec.rb
 - spec/spec_helper.rb
 homepage: https://github.com/abradner/authinator
 licenses:
@@ -142,5 +146,7 @@ signing_key:
 specification_version: 4
 summary: Single-Sign-On for the front and rails backend of a Single-Page-App
 test_files:
-- spec/authinator/authinator_spec.rb
+- spec/authinator/auth_code_exchanger_spec.rb
+- spec/authinator/client_token_issuer_spec.rb
+- spec/authinator/end_point_listener_spec.rb
 - spec/spec_helper.rb