booth 0.0.4 → 0.0.5
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +6 -0
- data/lib/booth/request.rb +15 -0
- data/lib/booth/testing/userland/sudo_webauth.rb +34 -0
- data/lib/booth/testing/userland.rb +2 -0
- data/lib/booth/version.rb +1 -1
- metadata +3 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 264066475702a46d7d19919ea95013455262385bcdc0ff8035615dcfd70d9e70
|
|
4
|
+
data.tar.gz: 329fbfa42ec1aea4901db11db6cec1ddaaf09365a324fff312b0470f3bf6e366
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 54191963f2bbe26f3483067e96a506c4d2ac0061134dba817379c3adcbfd5b7a0b4888c767f514305188335b8320bd938e951c46879b866fe18d56881aee0ed7
|
|
7
|
+
data.tar.gz: 709bd0a9a61668f8a20182de852475b0d080d8d7795cc3e4baf3f246d6fa2740164f2328862f094d2e6620a8e0d9c81b2cd94f69758c9b359700e530cb2e53c2
|
data/CHANGELOG.md
CHANGED
data/lib/booth/request.rb
CHANGED
|
@@ -50,6 +50,21 @@ module Booth
|
|
|
50
50
|
::Booth::Syntaxes::Domain.call(request.host).valid_domain
|
|
51
51
|
end
|
|
52
52
|
|
|
53
|
+
# The webauthn gem compares the browser's origin against `allowed_origins` character-by-character.
|
|
54
|
+
# Hardcoding `"http://#{host}:#{port}"` caused `WebAuthn::OriginVerificationError` in production.
|
|
55
|
+
# The browser sends `https://example.com` (no port) when the port is the scheme default.
|
|
56
|
+
# The browser sends `http://localhost:3000` (with port) when the port is not the scheme default.
|
|
57
|
+
# This method builds the origin string to match exactly what the browser sends.
|
|
58
|
+
def origin
|
|
59
|
+
standard_port = request.scheme == 'https' ? 443 : 80
|
|
60
|
+
|
|
61
|
+
if port == standard_port
|
|
62
|
+
"#{request.scheme}://#{host}"
|
|
63
|
+
else
|
|
64
|
+
"#{request.scheme}://#{host}:#{port}"
|
|
65
|
+
end
|
|
66
|
+
end
|
|
67
|
+
|
|
53
68
|
def agent
|
|
54
69
|
::Booth::Requests::Agent.call(request:)
|
|
55
70
|
end
|
|
@@ -0,0 +1,34 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
module Booth
|
|
4
|
+
module Testing
|
|
5
|
+
module Userland
|
|
6
|
+
class SudoWebauth < ::Booth::Testing::IncorporationTestCase
|
|
7
|
+
def call
|
|
8
|
+
before_test&.call
|
|
9
|
+
|
|
10
|
+
create_and_onboard(username: 'alice')
|
|
11
|
+
virtual_authenticators.create
|
|
12
|
+
register_new_passkey(username: 'alice')
|
|
13
|
+
|
|
14
|
+
# Visit webauths index with fresh sudo
|
|
15
|
+
visit_namespaced controller: :webauths, action: :index
|
|
16
|
+
assert_userland_view controller: :webauths, step: :index
|
|
17
|
+
|
|
18
|
+
# Time travel to expire sudo (default interaction_timeout is 20 minutes)
|
|
19
|
+
travel 21.minutes
|
|
20
|
+
|
|
21
|
+
# Visit webauths index again - should require sudo
|
|
22
|
+
visit_namespaced controller: :webauths, action: :index
|
|
23
|
+
assert_userland_view controller: :webauths, step: :sudo
|
|
24
|
+
|
|
25
|
+
# Re-authenticate with hardware key to restore sudo
|
|
26
|
+
click_on :authenticate
|
|
27
|
+
|
|
28
|
+
# After successful sudo, user sees the index again
|
|
29
|
+
assert_userland_view controller: :webauths, step: :index
|
|
30
|
+
end
|
|
31
|
+
end
|
|
32
|
+
end
|
|
33
|
+
end
|
|
34
|
+
end
|
|
@@ -12,6 +12,7 @@ require_relative 'userland/registration_without_passkey'
|
|
|
12
12
|
require_relative 'userland/sessions_manage_behavior'
|
|
13
13
|
require_relative 'userland/sessions_revoke_all_others'
|
|
14
14
|
require_relative 'userland/sessions_revoke_one'
|
|
15
|
+
require_relative 'userland/sudo_webauth'
|
|
15
16
|
|
|
16
17
|
module Booth
|
|
17
18
|
module Testing
|
|
@@ -24,6 +25,7 @@ module Booth
|
|
|
24
25
|
::Booth::Testing::Userland::LoginRemotely,
|
|
25
26
|
::Booth::Testing::Userland::SessionsRevokeOne,
|
|
26
27
|
::Booth::Testing::Userland::SessionsRevokeAllOthers,
|
|
28
|
+
::Booth::Testing::Userland::SudoWebauth,
|
|
27
29
|
].freeze
|
|
28
30
|
|
|
29
31
|
def self.scenarios
|
data/lib/booth/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: booth
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.0.
|
|
4
|
+
version: 0.0.5
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- halo
|
|
@@ -345,6 +345,7 @@ files:
|
|
|
345
345
|
- lib/booth/testing/userland/sessions_manage_behavior.rb
|
|
346
346
|
- lib/booth/testing/userland/sessions_revoke_all_others.rb
|
|
347
347
|
- lib/booth/testing/userland/sessions_revoke_one.rb
|
|
348
|
+
- lib/booth/testing/userland/sudo_webauth.rb
|
|
348
349
|
- lib/booth/to_struct.rb
|
|
349
350
|
- lib/booth/userland.rb
|
|
350
351
|
- lib/booth/userland/extract_flash_messages.rb
|
|
@@ -413,7 +414,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
413
414
|
- !ruby/object:Gem::Version
|
|
414
415
|
version: '0'
|
|
415
416
|
requirements: []
|
|
416
|
-
rubygems_version:
|
|
417
|
+
rubygems_version: 3.6.9
|
|
417
418
|
specification_version: 4
|
|
418
419
|
summary: Opinionated authentication framework for Rails
|
|
419
420
|
test_files: []
|