bookingsync-engine 0.1.3 → 0.2.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/MIT-LICENSE +1 -1
- data/README.md +25 -2
- data/lib/bookingsync/engine/auth_helpers.rb +41 -5
- data/lib/bookingsync/engine/version.rb +1 -1
- data/spec/controllers/authenticated_controller_spec.rb +50 -0
- data/spec/spec_helper.rb +1 -0
- metadata +18 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: b1b9d11a0d56d08fc0fdd48963d497b108831ee7
|
|
4
|
+
data.tar.gz: fdf939d7ac7adc02cddd2690954551ad8d80503a
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 848da48c3e30f183fa48b25f0e9ba4aede302dd28b607fd344c71ef79e28eb26e2fb38543f6455293f79ac588a79a443b25d928125d7836d104003b7bfac00cc
|
|
7
|
+
data.tar.gz: ff1a6a35e5b4a08b60990fa7e15941abbef6a742c940f68a790cdfaf2fe8cc722653149682e13629b2e812c657c0495e2fe174029558ae93ae544df3534c1fce
|
data/MIT-LICENSE
CHANGED
data/README.md
CHANGED
|
@@ -97,13 +97,36 @@ BookingSync::Engine.standalone!
|
|
|
97
97
|
|
|
98
98
|
## Authentication in apps
|
|
99
99
|
|
|
100
|
-
BookingSync Engine will create some helpers to use inside your controllers and views.
|
|
100
|
+
BookingSync Engine will create some helpers to use inside your controllers and views.
|
|
101
|
+
|
|
102
|
+
### Ensure authentication
|
|
103
|
+
|
|
104
|
+
To set up a controller with BookingSync account authentication, just add this `before_action`:
|
|
101
105
|
|
|
102
106
|
```ruby
|
|
103
107
|
before_action :authenticate_account!
|
|
104
108
|
```
|
|
105
|
-
It will make sure an account is authenticated (using
|
|
109
|
+
It will make sure an account is authenticated (using OAuth2).
|
|
110
|
+
|
|
111
|
+
### New authorization process
|
|
112
|
+
|
|
113
|
+
If the user is not currently authenticated, 3 responses can be expected:
|
|
114
|
+
|
|
115
|
+
#### 1) Through Ajax requests
|
|
116
|
+
|
|
117
|
+
By Ajax request, we consider them when the `X-Requested-With` header contains `XMLHttpRequest`.
|
|
118
|
+
|
|
119
|
+
In this case, the authorization path will be returned a plain text with a **401 Unauthorized** status.
|
|
120
|
+
|
|
121
|
+
#### 2) Embedded Application
|
|
122
|
+
|
|
123
|
+
Embedded applications will be given a script tag forcing them to change their parent location to the authorization path. This is necessary so the authorization happens in the main window, not within an iFrame.
|
|
124
|
+
|
|
125
|
+
#### 3) Standalone Application
|
|
126
|
+
|
|
127
|
+
Standalone applications will simply be redirected to the authorization path.
|
|
106
128
|
|
|
129
|
+
### Accessing the current account
|
|
107
130
|
|
|
108
131
|
To retrieve the current signed-in account, this helper is available:
|
|
109
132
|
|
|
@@ -51,16 +51,52 @@ module BookingSync::Engine::AuthHelpers
|
|
|
51
51
|
request_authorization!
|
|
52
52
|
end
|
|
53
53
|
|
|
54
|
+
# Request a new authorization.
|
|
54
55
|
def request_authorization!
|
|
55
|
-
if
|
|
56
|
-
|
|
57
|
-
|
|
58
|
-
|
|
56
|
+
if request.xhr?
|
|
57
|
+
request_authorization_for_xhr!
|
|
58
|
+
elsif BookingSync::Engine.embedded
|
|
59
|
+
request_authorization_for_embedded!
|
|
59
60
|
else
|
|
60
|
-
|
|
61
|
+
request_authorization_for_standalone!
|
|
61
62
|
end
|
|
62
63
|
end
|
|
63
64
|
|
|
65
|
+
# Request a new authorization for Ajax requests.
|
|
66
|
+
#
|
|
67
|
+
# Renders the new authorization path with 401 Unauthorized status by default.
|
|
68
|
+
def request_authorization_for_xhr!
|
|
69
|
+
render text: new_authorization_url, status: :unauthorized
|
|
70
|
+
end
|
|
71
|
+
|
|
72
|
+
# Request a new authorization for Embedded Apps.
|
|
73
|
+
#
|
|
74
|
+
# Load the new authorization path using Javascript by default.
|
|
75
|
+
def request_authorization_for_embedded!
|
|
76
|
+
allow_bookingsync_iframe
|
|
77
|
+
render text: "<script type='text/javascript'>top.location.href = " +
|
|
78
|
+
"'#{new_authorization_path}';</script>"
|
|
79
|
+
end
|
|
80
|
+
|
|
81
|
+
# Request a new authorization for Standalone Apps.
|
|
82
|
+
#
|
|
83
|
+
# Redirects to new authorization path by default.
|
|
84
|
+
def request_authorization_for_standalone!
|
|
85
|
+
redirect_to new_authorization_path
|
|
86
|
+
end
|
|
87
|
+
|
|
88
|
+
# Path to which the user should be redirected to start a new
|
|
89
|
+
# Authorization process.
|
|
90
|
+
#
|
|
91
|
+
# Default to /auth/bookingsync/?account_id=SESSION_BOOKINGSYNC_ACCOUNT_ID
|
|
92
|
+
def new_authorization_path
|
|
93
|
+
"/auth/bookingsync/?account_id=#{session[:_bookingsync_account_id]}"
|
|
94
|
+
end
|
|
95
|
+
|
|
96
|
+
def new_authorization_url
|
|
97
|
+
request.base_url + new_authorization_path
|
|
98
|
+
end
|
|
99
|
+
|
|
64
100
|
# Handler to rescue OAuth errors
|
|
65
101
|
#
|
|
66
102
|
# @param error [OAuth2::Error] the rescued error
|
|
@@ -0,0 +1,50 @@
|
|
|
1
|
+
require 'spec_helper'
|
|
2
|
+
|
|
3
|
+
RSpec.describe AuthenticatedController, type: :controller do
|
|
4
|
+
describe "GET index" do
|
|
5
|
+
context "when engine is embedded" do
|
|
6
|
+
before { BookingSync::Engine.embedded! }
|
|
7
|
+
|
|
8
|
+
it "redirects to auth using js" do
|
|
9
|
+
get :index
|
|
10
|
+
expect(response.status).to eq(200)
|
|
11
|
+
expect(response.body).to eq(
|
|
12
|
+
"<script type='text/javascript'>top.location.href = '/auth/bookingsync/?account_id=';</script>")
|
|
13
|
+
end
|
|
14
|
+
end
|
|
15
|
+
|
|
16
|
+
context "when engine is standalone" do
|
|
17
|
+
before { BookingSync::Engine.standalone! }
|
|
18
|
+
|
|
19
|
+
it "redirects to auth using 302 redirect" do
|
|
20
|
+
get :index
|
|
21
|
+
expect(response.status).to eq(302)
|
|
22
|
+
expect(response.redirect_url).to eq("http://test.host/auth/bookingsync/?account_id=")
|
|
23
|
+
expect(response.body).to eq(
|
|
24
|
+
"<html><body>You are being <a href=\"http://test.host/auth/bookingsync/?account_id=\">redirected</a>.</body></html>")
|
|
25
|
+
end
|
|
26
|
+
end
|
|
27
|
+
end
|
|
28
|
+
|
|
29
|
+
describe "XHR index" do
|
|
30
|
+
context "when engine is embedded" do
|
|
31
|
+
before { BookingSync::Engine.embedded! }
|
|
32
|
+
|
|
33
|
+
it "renders the target url in response" do
|
|
34
|
+
xhr :get, :index
|
|
35
|
+
expect(response.status).to eq(401)
|
|
36
|
+
expect(response.body).to eq("http://test.host/auth/bookingsync/?account_id=")
|
|
37
|
+
end
|
|
38
|
+
end
|
|
39
|
+
|
|
40
|
+
context "when engine is standalone" do
|
|
41
|
+
before { BookingSync::Engine.standalone! }
|
|
42
|
+
|
|
43
|
+
it "renders the target url in response" do
|
|
44
|
+
xhr :get, :index
|
|
45
|
+
expect(response.status).to eq(401)
|
|
46
|
+
expect(response.body).to eq("http://test.host/auth/bookingsync/?account_id=")
|
|
47
|
+
end
|
|
48
|
+
end
|
|
49
|
+
end
|
|
50
|
+
end
|
data/spec/spec_helper.rb
CHANGED
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: bookingsync-engine
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.2.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Sebastien Grosjean
|
|
@@ -9,7 +9,7 @@ authors:
|
|
|
9
9
|
autorequire:
|
|
10
10
|
bindir: bin
|
|
11
11
|
cert_chain: []
|
|
12
|
-
date: 2014-
|
|
12
|
+
date: 2014-10-23 00:00:00.000000000 Z
|
|
13
13
|
dependencies:
|
|
14
14
|
- !ruby/object:Gem::Dependency
|
|
15
15
|
name: rails
|
|
@@ -109,6 +109,20 @@ dependencies:
|
|
|
109
109
|
- - ">="
|
|
110
110
|
- !ruby/object:Gem::Version
|
|
111
111
|
version: '0'
|
|
112
|
+
- !ruby/object:Gem::Dependency
|
|
113
|
+
name: pry-rails
|
|
114
|
+
requirement: !ruby/object:Gem::Requirement
|
|
115
|
+
requirements:
|
|
116
|
+
- - ">="
|
|
117
|
+
- !ruby/object:Gem::Version
|
|
118
|
+
version: '0'
|
|
119
|
+
type: :development
|
|
120
|
+
prerelease: false
|
|
121
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
122
|
+
requirements:
|
|
123
|
+
- - ">="
|
|
124
|
+
- !ruby/object:Gem::Version
|
|
125
|
+
version: '0'
|
|
112
126
|
description: A Rails engine to simplify integration with BookingSync API
|
|
113
127
|
email:
|
|
114
128
|
- dev@bookingsync.com
|
|
@@ -132,6 +146,7 @@ files:
|
|
|
132
146
|
- lib/bookingsync/engine/version.rb
|
|
133
147
|
- lib/generators/bookingsync/install/install_generator.rb
|
|
134
148
|
- lib/generators/bookingsync/install/templates/create_bookingsync_accounts.rb
|
|
149
|
+
- spec/controllers/authenticated_controller_spec.rb
|
|
135
150
|
- spec/controllers/sessions_controller_spec.rb
|
|
136
151
|
- spec/dummy/README.rdoc
|
|
137
152
|
- spec/dummy/Rakefile
|
|
@@ -202,6 +217,7 @@ signing_key:
|
|
|
202
217
|
specification_version: 4
|
|
203
218
|
summary: A Rails engine to simplify integration with BookingSync API
|
|
204
219
|
test_files:
|
|
220
|
+
- spec/controllers/authenticated_controller_spec.rb
|
|
205
221
|
- spec/controllers/sessions_controller_spec.rb
|
|
206
222
|
- spec/dummy/app/assets/javascripts/application.js
|
|
207
223
|
- spec/dummy/app/assets/stylesheets/application.css
|