bouncer-client 0.2.1 → 0.2.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/bouncer-client.gemspec +1 -0
- data/lib/bouncer-client/controller_mixin.rb +10 -4
- data/lib/bouncer-client/version.rb +1 -1
- data/spec/cassettes/bouncer/valid_user.yml +109 -0
- data/spec/mixins/controller_mixin_spec.rb +55 -0
- metadata +19 -1
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 366496483071b755211e3ad71000a4bd83c9f7f2
|
|
4
|
+
data.tar.gz: 7c19fec4ead6a2c20e9e5a118ae9bb8d7d6a98ea
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 680dfd545b9969e420e0ae7a4880b1f7b552124a6af5481977ff1b0b960308aa4a8a6136afdf85b6a8928ab07018f6cad7c9c0910adc48a644d8cd71871a1a7d
|
|
7
|
+
data.tar.gz: 7fada9f8789a68ee2d2368ec0039b46f0abeee0d7618cffe1da6249b205abba744417addd48359f91b61209a1bcc5c507ccc475a6155536ed194006e8844c1df
|
data/bouncer-client.gemspec
CHANGED
|
@@ -21,6 +21,7 @@ Gem::Specification.new do |spec|
|
|
|
21
21
|
spec.add_dependency 'faraday'
|
|
22
22
|
spec.add_dependency 'faraday_middleware'
|
|
23
23
|
spec.add_dependency 'redis'
|
|
24
|
+
spec.add_development_dependency 'activesupport'
|
|
24
25
|
spec.add_development_dependency 'codeclimate-test-reporter'
|
|
25
26
|
spec.add_development_dependency "rake", "~> 10.0"
|
|
26
27
|
spec.add_development_dependency 'rspec'
|
|
@@ -1,4 +1,5 @@
|
|
|
1
1
|
require 'active_support/rescuable'
|
|
2
|
+
require 'bouncer-client/errors'
|
|
2
3
|
module Bouncer
|
|
3
4
|
module ControllerMixin
|
|
4
5
|
def current_user
|
|
@@ -6,21 +7,26 @@ module Bouncer
|
|
|
6
7
|
@token ||= Bouncer::Token.new(request.headers['authorization'])
|
|
7
8
|
end
|
|
8
9
|
|
|
9
|
-
def
|
|
10
|
+
def authenticate_token!
|
|
10
11
|
raise UnauthenticatedError unless Bouncer::Token.present? request
|
|
11
|
-
raise UnauthenticatedError unless current_user.
|
|
12
|
+
raise UnauthenticatedError unless current_user.valid?
|
|
12
13
|
end
|
|
13
14
|
|
|
14
15
|
def authenticate_super_admin!
|
|
15
16
|
authenticate_user!
|
|
16
|
-
raise UnauthorizedError unless current_user.super_admin?
|
|
17
|
+
raise UnauthorizedError unless current_user.user.super_admin?
|
|
17
18
|
end
|
|
18
19
|
|
|
19
20
|
def authenticate_device!
|
|
20
|
-
|
|
21
|
+
authenticate_token!
|
|
21
22
|
raise UnauthorizedError unless current_user.device?
|
|
22
23
|
end
|
|
23
24
|
|
|
25
|
+
def authenticate_user!
|
|
26
|
+
authenticate_token!
|
|
27
|
+
raise UnauthorizedError unless current_user.user?
|
|
28
|
+
end
|
|
29
|
+
|
|
24
30
|
private
|
|
25
31
|
|
|
26
32
|
def unauthorized(error)
|
|
@@ -0,0 +1,109 @@
|
|
|
1
|
+
---
|
|
2
|
+
http_interactions:
|
|
3
|
+
- request:
|
|
4
|
+
method: get
|
|
5
|
+
uri: https://mbouncer.herokuapp.com/oauth/token/info
|
|
6
|
+
body:
|
|
7
|
+
encoding: US-ASCII
|
|
8
|
+
string: ''
|
|
9
|
+
headers:
|
|
10
|
+
Content-Type:
|
|
11
|
+
- application/json
|
|
12
|
+
Authorization:
|
|
13
|
+
- Bearer <ADMIN_TOKEN>
|
|
14
|
+
User-Agent:
|
|
15
|
+
- Faraday v0.9.1
|
|
16
|
+
Accept-Encoding:
|
|
17
|
+
- gzip;q=1.0,deflate;q=0.6,identity;q=0.3
|
|
18
|
+
Accept:
|
|
19
|
+
- "*/*"
|
|
20
|
+
response:
|
|
21
|
+
status:
|
|
22
|
+
code: 200
|
|
23
|
+
message: OK
|
|
24
|
+
headers:
|
|
25
|
+
Server:
|
|
26
|
+
- Cowboy
|
|
27
|
+
Connection:
|
|
28
|
+
- close
|
|
29
|
+
Date:
|
|
30
|
+
- Thu, 19 Feb 2015 15:25:06 GMT
|
|
31
|
+
Status:
|
|
32
|
+
- 200 OK
|
|
33
|
+
X-Frame-Options:
|
|
34
|
+
- SAMEORIGIN
|
|
35
|
+
X-Xss-Protection:
|
|
36
|
+
- 1; mode=block
|
|
37
|
+
X-Content-Type-Options:
|
|
38
|
+
- nosniff
|
|
39
|
+
Content-Type:
|
|
40
|
+
- application/json; charset=utf-8
|
|
41
|
+
Etag:
|
|
42
|
+
- W/"059ee065b4ee4df76ac3ab9d05708e89"
|
|
43
|
+
Cache-Control:
|
|
44
|
+
- max-age=0, private, must-revalidate
|
|
45
|
+
X-Request-Id:
|
|
46
|
+
- 000d0e52-7733-4d51-868d-53b169dc38d7
|
|
47
|
+
X-Runtime:
|
|
48
|
+
- '0.012449'
|
|
49
|
+
Via:
|
|
50
|
+
- 1.1 vegur
|
|
51
|
+
body:
|
|
52
|
+
encoding: UTF-8
|
|
53
|
+
string: '{"resource_owner_id":"960dd380-85db-43c7-b79b-ed3f3c7d4a88","scopes":["user"],"expires_in_seconds":6265,"application":{"uid":null},"created_at":1424358570}'
|
|
54
|
+
http_version:
|
|
55
|
+
recorded_at: Thu, 19 Feb 2015 15:25:05 GMT
|
|
56
|
+
- request:
|
|
57
|
+
method: get
|
|
58
|
+
uri: https://mbouncer.herokuapp.com/me
|
|
59
|
+
body:
|
|
60
|
+
encoding: US-ASCII
|
|
61
|
+
string: ''
|
|
62
|
+
headers:
|
|
63
|
+
Content-Type:
|
|
64
|
+
- application/json
|
|
65
|
+
Authorization:
|
|
66
|
+
- Bearer <ADMIN_TOKEN>
|
|
67
|
+
User-Agent:
|
|
68
|
+
- Faraday v0.9.1
|
|
69
|
+
Accept-Encoding:
|
|
70
|
+
- gzip;q=1.0,deflate;q=0.6,identity;q=0.3
|
|
71
|
+
Accept:
|
|
72
|
+
- "*/*"
|
|
73
|
+
response:
|
|
74
|
+
status:
|
|
75
|
+
code: 200
|
|
76
|
+
message: OK
|
|
77
|
+
headers:
|
|
78
|
+
Server:
|
|
79
|
+
- Cowboy
|
|
80
|
+
Connection:
|
|
81
|
+
- close
|
|
82
|
+
Date:
|
|
83
|
+
- Thu, 19 Feb 2015 15:25:06 GMT
|
|
84
|
+
Status:
|
|
85
|
+
- 200 OK
|
|
86
|
+
X-Frame-Options:
|
|
87
|
+
- SAMEORIGIN
|
|
88
|
+
X-Xss-Protection:
|
|
89
|
+
- 1; mode=block
|
|
90
|
+
X-Content-Type-Options:
|
|
91
|
+
- nosniff
|
|
92
|
+
Content-Type:
|
|
93
|
+
- application/json; charset=utf-8
|
|
94
|
+
Etag:
|
|
95
|
+
- W/"f3b0c963380b198b62bf64cc73b32e13"
|
|
96
|
+
Cache-Control:
|
|
97
|
+
- max-age=0, private, must-revalidate
|
|
98
|
+
X-Request-Id:
|
|
99
|
+
- 266192c3-9a4b-4374-952f-a500b9e764af
|
|
100
|
+
X-Runtime:
|
|
101
|
+
- '0.018491'
|
|
102
|
+
Via:
|
|
103
|
+
- 1.1 vegur
|
|
104
|
+
body:
|
|
105
|
+
encoding: UTF-8
|
|
106
|
+
string: '{"users":[{"id":"960dd380-85db-43c7-b79b-ed3f3c7d4a88","image":"https://secure.gravatar.com/avatar/ebfcbe366c47be18e8d3d6eb13d51d17?d=mm\u0026s=50","phone":"4075120689","email":"kurt@monsieur.co","name":null,"super_admin":false,"confirmed_at":"2000-01-01T18:46:46.786Z"}]}'
|
|
107
|
+
http_version:
|
|
108
|
+
recorded_at: Thu, 19 Feb 2015 15:25:05 GMT
|
|
109
|
+
recorded_with: VCR 2.9.3
|
|
@@ -0,0 +1,55 @@
|
|
|
1
|
+
require 'spec_helper'
|
|
2
|
+
require 'bouncer-client/controller_mixin'
|
|
3
|
+
describe Bouncer::ControllerMixin do
|
|
4
|
+
let(:controller) { Object.new.extend Bouncer::ControllerMixin }
|
|
5
|
+
describe "#current_user" do
|
|
6
|
+
it 'returns nil if token is missing' do
|
|
7
|
+
stub_authorization "stuff"
|
|
8
|
+
expect(controller.current_user).to eq nil
|
|
9
|
+
end
|
|
10
|
+
|
|
11
|
+
it 'builds a token from Bearer' do
|
|
12
|
+
stub_authorization 'Bearer stuff'
|
|
13
|
+
VCR.use_cassette 'bouncer/valid_admin' do
|
|
14
|
+
expect(controller.current_user.user.email).to eq "kurt@monsieur.co"
|
|
15
|
+
end
|
|
16
|
+
end
|
|
17
|
+
end
|
|
18
|
+
|
|
19
|
+
describe "#authenticate_super_admin!" do
|
|
20
|
+
before do
|
|
21
|
+
stub_authorization 'Bearer stuff'
|
|
22
|
+
end
|
|
23
|
+
|
|
24
|
+
it 'allows admin' do
|
|
25
|
+
VCR.use_cassette 'bouncer/valid_admin' do
|
|
26
|
+
expect{controller.authenticate_super_admin!}.to_not raise_error
|
|
27
|
+
end
|
|
28
|
+
end
|
|
29
|
+
|
|
30
|
+
it 'disallows users' do
|
|
31
|
+
VCR.use_cassette 'bouncer/valid_user' do
|
|
32
|
+
expect{controller.authenticate_super_admin!}.to raise_error(Bouncer::UnauthorizedError)
|
|
33
|
+
end
|
|
34
|
+
end
|
|
35
|
+
end
|
|
36
|
+
|
|
37
|
+
describe "#authenticate_device!" do
|
|
38
|
+
before { stub_authorization 'Bearer stuff' }
|
|
39
|
+
it 'allows devices' do
|
|
40
|
+
VCR.use_cassette 'bouncer/valid_device' do
|
|
41
|
+
expect{controller.authenticate_device!}.to_not raise_error
|
|
42
|
+
end
|
|
43
|
+
end
|
|
44
|
+
|
|
45
|
+
it 'disallows admins' do
|
|
46
|
+
VCR.use_cassette 'bouncer/valid_admin' do
|
|
47
|
+
expect{controller.authenticate_device!}.to raise_error(Bouncer::UnauthorizedError)
|
|
48
|
+
end
|
|
49
|
+
end
|
|
50
|
+
end
|
|
51
|
+
|
|
52
|
+
def stub_authorization str
|
|
53
|
+
allow(controller).to receive_message_chain(:request, :headers => {"authorization" => str} )
|
|
54
|
+
end
|
|
55
|
+
end
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: bouncer-client
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.2.
|
|
4
|
+
version: 0.2.2
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Kurt Nelson
|
|
@@ -52,6 +52,20 @@ dependencies:
|
|
|
52
52
|
- - ">="
|
|
53
53
|
- !ruby/object:Gem::Version
|
|
54
54
|
version: '0'
|
|
55
|
+
- !ruby/object:Gem::Dependency
|
|
56
|
+
name: activesupport
|
|
57
|
+
requirement: !ruby/object:Gem::Requirement
|
|
58
|
+
requirements:
|
|
59
|
+
- - ">="
|
|
60
|
+
- !ruby/object:Gem::Version
|
|
61
|
+
version: '0'
|
|
62
|
+
type: :development
|
|
63
|
+
prerelease: false
|
|
64
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
65
|
+
requirements:
|
|
66
|
+
- - ">="
|
|
67
|
+
- !ruby/object:Gem::Version
|
|
68
|
+
version: '0'
|
|
55
69
|
- !ruby/object:Gem::Dependency
|
|
56
70
|
name: codeclimate-test-reporter
|
|
57
71
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -237,6 +251,8 @@ files:
|
|
|
237
251
|
- spec/cassettes/bouncer/user.yml
|
|
238
252
|
- spec/cassettes/bouncer/valid_admin.yml
|
|
239
253
|
- spec/cassettes/bouncer/valid_device.yml
|
|
254
|
+
- spec/cassettes/bouncer/valid_user.yml
|
|
255
|
+
- spec/mixins/controller_mixin_spec.rb
|
|
240
256
|
- spec/model/token_spec.rb
|
|
241
257
|
- spec/model/user_spec.rb
|
|
242
258
|
- spec/spec_helper.rb
|
|
@@ -269,6 +285,8 @@ test_files:
|
|
|
269
285
|
- spec/cassettes/bouncer/user.yml
|
|
270
286
|
- spec/cassettes/bouncer/valid_admin.yml
|
|
271
287
|
- spec/cassettes/bouncer/valid_device.yml
|
|
288
|
+
- spec/cassettes/bouncer/valid_user.yml
|
|
289
|
+
- spec/mixins/controller_mixin_spec.rb
|
|
272
290
|
- spec/model/token_spec.rb
|
|
273
291
|
- spec/model/user_spec.rb
|
|
274
292
|
- spec/spec_helper.rb
|