bookingsync-engine 0.1.3 → 0.2.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (8) hide show
  1. checksums.yaml +4 -4
  2. data/MIT-LICENSE +1 -1
  3. data/README.md +25 -2
  4. data/lib/bookingsync/engine/auth_helpers.rb +41 -5
  5. data/lib/bookingsync/engine/version.rb +1 -1
  6. data/spec/controllers/authenticated_controller_spec.rb +50 -0
  7. data/spec/spec_helper.rb +1 -0
  8. metadata +18 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 6c7df488875dd2e228ce8c74459be6dbb7f3ae4a
4
- data.tar.gz: d31908634bee600dfdcf836fd7f6383b4c1f2d91
3
+ metadata.gz: b1b9d11a0d56d08fc0fdd48963d497b108831ee7
4
+ data.tar.gz: fdf939d7ac7adc02cddd2690954551ad8d80503a
5
5
  SHA512:
6
- metadata.gz: d93b62581b7795d0cf1331f8619f303fd27a57ba9cde5bcd74d05464643bf58d0dd6eca52dc8956b530c9d0ba128c428fb9e48094e7088ffc83dec3f11123f66
7
- data.tar.gz: 53060b1c19e18b3549879015ae4e0a932555af158cc37b1e3cce5136d5bb2b221627ea8ee988f22c7cd10a67f970b722ddaedbd4b8a581494d9fe63a2e2237c0
6
+ metadata.gz: 848da48c3e30f183fa48b25f0e9ba4aede302dd28b607fd344c71ef79e28eb26e2fb38543f6455293f79ac588a79a443b25d928125d7836d104003b7bfac00cc
7
+ data.tar.gz: ff1a6a35e5b4a08b60990fa7e15941abbef6a742c940f68a790cdfaf2fe8cc722653149682e13629b2e812c657c0495e2fe174029558ae93ae544df3534c1fce
data/MIT-LICENSE CHANGED
@@ -1,4 +1,4 @@
1
- Copyright 2014 YOURNAME
1
+ Copyright 2014 BookingSync SAS
2
2
 
3
3
  Permission is hereby granted, free of charge, to any person obtaining
4
4
  a copy of this software and associated documentation files (the
data/README.md CHANGED
@@ -97,13 +97,36 @@ BookingSync::Engine.standalone!
97
97
 
98
98
  ## Authentication in apps
99
99
 
100
- BookingSync Engine will create some helpers to use inside your controllers and views. To set up a controller with BookingSync account authentication, just add this before_filter:
100
+ BookingSync Engine will create some helpers to use inside your controllers and views.
101
+
102
+ ### Ensure authentication
103
+
104
+ To set up a controller with BookingSync account authentication, just add this `before_action`:
101
105
 
102
106
  ```ruby
103
107
  before_action :authenticate_account!
104
108
  ```
105
- It will make sure an account is authenticated (using OAuth).
109
+ It will make sure an account is authenticated (using OAuth2).
110
+
111
+ ### New authorization process
112
+
113
+ If the user is not currently authenticated, 3 responses can be expected:
114
+
115
+ #### 1) Through Ajax requests
116
+
117
+ By Ajax request, we consider them when the `X-Requested-With` header contains `XMLHttpRequest`.
118
+
119
+ In this case, the authorization path will be returned a plain text with a **401 Unauthorized** status.
120
+
121
+ #### 2) Embedded Application
122
+
123
+ Embedded applications will be given a script tag forcing them to change their parent location to the authorization path. This is necessary so the authorization happens in the main window, not within an iFrame.
124
+
125
+ #### 3) Standalone Application
126
+
127
+ Standalone applications will simply be redirected to the authorization path.
106
128
 
129
+ ### Accessing the current account
107
130
 
108
131
  To retrieve the current signed-in account, this helper is available:
109
132
 
data/lib/bookingsync/engine/auth_helpers.rb CHANGED
@@ -51,16 +51,52 @@ module BookingSync::Engine::AuthHelpers
51
51
  request_authorization!
52
52
  end
53
53
 
54
+ # Request a new authorization.
54
55
  def request_authorization!
55
- if BookingSync::Engine.embedded
56
- allow_bookingsync_iframe
57
- path = "/auth/bookingsync/?account_id=#{session[:_bookingsync_account_id]}"
58
- render text: "<script type='text/javascript'>top.location.href = '#{path}';</script>"
56
+ if request.xhr?
57
+ request_authorization_for_xhr!
58
+ elsif BookingSync::Engine.embedded
59
+ request_authorization_for_embedded!
59
60
  else
60
- redirect_to "/auth/bookingsync"
61
+ request_authorization_for_standalone!
61
62
  end
62
63
  end
63
64
 
65
+ # Request a new authorization for Ajax requests.
66
+ #
67
+ # Renders the new authorization path with 401 Unauthorized status by default.
68
+ def request_authorization_for_xhr!
69
+ render text: new_authorization_url, status: :unauthorized
70
+ end
71
+
72
+ # Request a new authorization for Embedded Apps.
73
+ #
74
+ # Load the new authorization path using Javascript by default.
75
+ def request_authorization_for_embedded!
76
+ allow_bookingsync_iframe
77
+ render text: "<script type='text/javascript'>top.location.href = " +
78
+ "'#{new_authorization_path}';</script>"
79
+ end
80
+
81
+ # Request a new authorization for Standalone Apps.
82
+ #
83
+ # Redirects to new authorization path by default.
84
+ def request_authorization_for_standalone!
85
+ redirect_to new_authorization_path
86
+ end
87
+
88
+ # Path to which the user should be redirected to start a new
89
+ # Authorization process.
90
+ #
91
+ # Default to /auth/bookingsync/?account_id=SESSION_BOOKINGSYNC_ACCOUNT_ID
92
+ def new_authorization_path
93
+ "/auth/bookingsync/?account_id=#{session[:_bookingsync_account_id]}"
94
+ end
95
+
96
+ def new_authorization_url
97
+ request.base_url + new_authorization_path
98
+ end
99
+
64
100
  # Handler to rescue OAuth errors
65
101
  #
66
102
  # @param error [OAuth2::Error] the rescued error
data/lib/bookingsync/engine/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module BookingSync
2
- ENGINE_VERSION = "0.1.3"
2
+ ENGINE_VERSION = "0.2.0"
3
3
  end
data/spec/controllers/authenticated_controller_spec.rb ADDED
@@ -0,0 +1,50 @@
1
+ require 'spec_helper'
2
+
3
+ RSpec.describe AuthenticatedController, type: :controller do
4
+ describe "GET index" do
5
+ context "when engine is embedded" do
6
+ before { BookingSync::Engine.embedded! }
7
+
8
+ it "redirects to auth using js" do
9
+ get :index
10
+ expect(response.status).to eq(200)
11
+ expect(response.body).to eq(
12
+ "<script type='text/javascript'>top.location.href = '/auth/bookingsync/?account_id=';</script>")
13
+ end
14
+ end
15
+
16
+ context "when engine is standalone" do
17
+ before { BookingSync::Engine.standalone! }
18
+
19
+ it "redirects to auth using 302 redirect" do
20
+ get :index
21
+ expect(response.status).to eq(302)
22
+ expect(response.redirect_url).to eq("http://test.host/auth/bookingsync/?account_id=")
23
+ expect(response.body).to eq(
24
+ "<html><body>You are being <a href=\"http://test.host/auth/bookingsync/?account_id=\">redirected</a>.</body></html>")
25
+ end
26
+ end
27
+ end
28
+
29
+ describe "XHR index" do
30
+ context "when engine is embedded" do
31
+ before { BookingSync::Engine.embedded! }
32
+
33
+ it "renders the target url in response" do
34
+ xhr :get, :index
35
+ expect(response.status).to eq(401)
36
+ expect(response.body).to eq("http://test.host/auth/bookingsync/?account_id=")
37
+ end
38
+ end
39
+
40
+ context "when engine is standalone" do
41
+ before { BookingSync::Engine.standalone! }
42
+
43
+ it "renders the target url in response" do
44
+ xhr :get, :index
45
+ expect(response.status).to eq(401)
46
+ expect(response.body).to eq("http://test.host/auth/bookingsync/?account_id=")
47
+ end
48
+ end
49
+ end
50
+ end
data/spec/spec_helper.rb CHANGED
@@ -2,6 +2,7 @@ ENV['RAILS_ENV'] ||= 'test'
2
2
 
3
3
  require File.expand_path("../dummy/config/environment.rb", __FILE__)
4
4
  require 'rspec/rails'
5
+ require 'pry-rails'
5
6
 
6
7
  # Load support files
7
8
  Dir["#{File.dirname(__FILE__)}/support/**/*.rb"].each { |f| require f }
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: bookingsync-engine
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.3
4
+ version: 0.2.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Sebastien Grosjean
@@ -9,7 +9,7 @@ authors:
9
9
  autorequire:
10
10
  bindir: bin
11
11
  cert_chain: []
12
- date: 2014-09-18 00:00:00.000000000 Z
12
+ date: 2014-10-23 00:00:00.000000000 Z
13
13
  dependencies:
14
14
  - !ruby/object:Gem::Dependency
15
15
  name: rails
@@ -109,6 +109,20 @@ dependencies:
109
109
  - - ">="
110
110
  - !ruby/object:Gem::Version
111
111
  version: '0'
112
+ - !ruby/object:Gem::Dependency
113
+ name: pry-rails
114
+ requirement: !ruby/object:Gem::Requirement
115
+ requirements:
116
+ - - ">="
117
+ - !ruby/object:Gem::Version
118
+ version: '0'
119
+ type: :development
120
+ prerelease: false
121
+ version_requirements: !ruby/object:Gem::Requirement
122
+ requirements:
123
+ - - ">="
124
+ - !ruby/object:Gem::Version
125
+ version: '0'
112
126
  description: A Rails engine to simplify integration with BookingSync API
113
127
  email:
114
128
  - dev@bookingsync.com
@@ -132,6 +146,7 @@ files:
132
146
  - lib/bookingsync/engine/version.rb
133
147
  - lib/generators/bookingsync/install/install_generator.rb
134
148
  - lib/generators/bookingsync/install/templates/create_bookingsync_accounts.rb
149
+ - spec/controllers/authenticated_controller_spec.rb
135
150
  - spec/controllers/sessions_controller_spec.rb
136
151
  - spec/dummy/README.rdoc
137
152
  - spec/dummy/Rakefile
@@ -202,6 +217,7 @@ signing_key:
202
217
  specification_version: 4
203
218
  summary: A Rails engine to simplify integration with BookingSync API
204
219
  test_files:
220
+ - spec/controllers/authenticated_controller_spec.rb
205
221
  - spec/controllers/sessions_controller_spec.rb
206
222
  - spec/dummy/app/assets/javascripts/application.js
207
223
  - spec/dummy/app/assets/stylesheets/application.css