bouncer-client 0.2.7 → 0.3
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/bouncer-client.rb +1 -1
- data/lib/bouncer-client/activation.rb +16 -0
- data/lib/bouncer-client/controller_mixin.rb +2 -2
- data/lib/bouncer-client/test_helpers.rb +9 -12
- data/lib/bouncer-client/token.rb +8 -8
- data/lib/bouncer-client/version.rb +1 -1
- data/spec/cassettes/bouncer/invalid_token.yml +26 -26
- data/spec/cassettes/bouncer/user.yml +22 -22
- data/spec/cassettes/bouncer/{valid_device.yml → valid_activation.yml} +52 -52
- data/spec/cassettes/bouncer/valid_admin.yml +52 -52
- data/spec/cassettes/bouncer/valid_user.yml +52 -52
- data/spec/mixins/controller_mixin_spec.rb +10 -9
- data/spec/model/token_spec.rb +17 -17
- data/spec/model/user_spec.rb +1 -1
- metadata +5 -5
- data/lib/bouncer-client/device.rb +0 -12
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 59cc204eb7ca90c99260ced94f4374fc7a9b8d5a
|
4
|
+
data.tar.gz: e663f9cf8930e7f8f1d01d3b36624345fdd48248
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: f9c981c4264c48d9935c10ef42c7d3a216bd94abf551321814ca9a17a9e9ec152df5e8394a431cd4c29d4b11fff3d70a916676962730e84938615dbfa6cae0ee
|
7
|
+
data.tar.gz: 68bfbdffd44df59c40d3a064ed3e8aa6a9ff4c5d46e24b72d2edcc74648a0c7679f9497666ad1d30992ed95b44121201644c5b8a17a3ea5654e015242b46cced
|
data/lib/bouncer-client.rb
CHANGED
@@ -0,0 +1,16 @@
|
|
1
|
+
module Bouncer
|
2
|
+
class Activation
|
3
|
+
attr_accessor :id, :created_at, :updated_at
|
4
|
+
attr_accessor :unit_id, :device_id, :user_id
|
5
|
+
|
6
|
+
def self.from_json json
|
7
|
+
activation = Activation.new
|
8
|
+
activation.id = json['id']
|
9
|
+
activation.created_at = json['created_at']
|
10
|
+
activation.unit_id = json['links']['unit']
|
11
|
+
activation.device_id = json['links']['device']
|
12
|
+
activation.user_id = json['links']['user']
|
13
|
+
activation
|
14
|
+
end
|
15
|
+
end
|
16
|
+
end
|
@@ -17,9 +17,9 @@ module Bouncer
|
|
17
17
|
raise UnauthorizedError unless current_user.user.super_admin?
|
18
18
|
end
|
19
19
|
|
20
|
-
def
|
20
|
+
def authenticate_activation!
|
21
21
|
authenticate_token!
|
22
|
-
raise UnauthorizedError unless current_user.
|
22
|
+
raise UnauthorizedError unless current_user.activation?
|
23
23
|
end
|
24
24
|
|
25
25
|
def authenticate_user!
|
@@ -15,18 +15,15 @@ module Bouncer
|
|
15
15
|
token
|
16
16
|
end
|
17
17
|
|
18
|
-
def
|
19
|
-
puts "machine_token is deprecated, use device_token"
|
20
|
-
device_token id
|
21
|
-
end
|
22
|
-
|
23
|
-
def device_token id = SecureRandom.uuid, serial = SecureRandom.hex(4)
|
18
|
+
def activation_token device_id = SecureRandom.uuid
|
24
19
|
token = valid_token
|
25
|
-
|
26
|
-
allow(
|
27
|
-
allow(
|
28
|
-
allow(
|
29
|
-
allow(
|
20
|
+
activation = double("Bouncer::Activation")
|
21
|
+
allow(activation).to receive(:id).and_return(SecureRandom.uuid)
|
22
|
+
allow(activation).to receive(:device_id).and_return(device_id)
|
23
|
+
allow(activation).to receive(:unit_id).and_return(SecureRandom.uuid)
|
24
|
+
allow(activation).to receive(:user_id).and_return(SecureRandom.uuid)
|
25
|
+
allow(token).to receive(:activation?).and_return(true)
|
26
|
+
allow(token).to receive(:activation).and_return(activation)
|
30
27
|
token
|
31
28
|
end
|
32
29
|
|
@@ -34,7 +31,7 @@ module Bouncer
|
|
34
31
|
token = double("Bouncer::Token")
|
35
32
|
allow(token).to receive(:validate!).and_return(true)
|
36
33
|
allow(token).to receive(:valid?).and_return(true)
|
37
|
-
allow(token).to receive(:
|
34
|
+
allow(token).to receive(:activation?)
|
38
35
|
allow(token).to receive(:user?)
|
39
36
|
allow(Bouncer::Token).to receive(:present?).and_return(true)
|
40
37
|
allow(Bouncer::Token).to receive(:new).and_return(token)
|
data/lib/bouncer-client/token.rb
CHANGED
@@ -20,16 +20,16 @@ module Bouncer
|
|
20
20
|
|
21
21
|
def valid?
|
22
22
|
return false unless @payload
|
23
|
-
@payload["users"] != nil || @payload["
|
23
|
+
@payload["users"] != nil || @payload["activations"] != nil
|
24
24
|
end
|
25
25
|
|
26
|
-
def
|
27
|
-
@payload['
|
26
|
+
def activation?
|
27
|
+
@payload['activations'] && !@payload['activations'].empty?
|
28
28
|
end
|
29
29
|
|
30
|
-
def
|
31
|
-
return nil unless
|
32
|
-
@
|
30
|
+
def activation
|
31
|
+
return nil unless activation?
|
32
|
+
@activation ||= build_model
|
33
33
|
end
|
34
34
|
|
35
35
|
def user?
|
@@ -66,8 +66,8 @@ module Bouncer
|
|
66
66
|
end
|
67
67
|
|
68
68
|
def build_model
|
69
|
-
if
|
70
|
-
Bouncer::
|
69
|
+
if activation?
|
70
|
+
Bouncer::Activation.from_json @payload['activations'][0]
|
71
71
|
else
|
72
72
|
Bouncer::User.from_json @payload['users'][0]
|
73
73
|
end
|
@@ -2,61 +2,61 @@
|
|
2
2
|
http_interactions:
|
3
3
|
- request:
|
4
4
|
method: get
|
5
|
-
uri: https://
|
5
|
+
uri: https://bouncer-api.monsieur.co/oauth/token/info
|
6
6
|
body:
|
7
7
|
encoding: US-ASCII
|
8
8
|
string: ''
|
9
9
|
headers:
|
10
|
+
Accept:
|
11
|
+
- application/json
|
10
12
|
Content-Type:
|
11
13
|
- application/json
|
12
|
-
Authorization:
|
13
|
-
- Bearer junk
|
14
14
|
User-Agent:
|
15
15
|
- Faraday v0.9.1
|
16
|
+
Authorization:
|
17
|
+
- Bearer junk
|
16
18
|
Accept-Encoding:
|
17
19
|
- gzip;q=1.0,deflate;q=0.6,identity;q=0.3
|
18
|
-
Accept:
|
19
|
-
- "*/*"
|
20
20
|
response:
|
21
21
|
status:
|
22
22
|
code: 401
|
23
23
|
message: Unauthorized
|
24
24
|
headers:
|
25
|
-
Server:
|
26
|
-
- Cowboy
|
27
|
-
Connection:
|
28
|
-
- close
|
29
|
-
Date:
|
30
|
-
- Thu, 19 Feb 2015 19:53:04 GMT
|
31
|
-
Status:
|
32
|
-
- 401 Unauthorized
|
33
|
-
X-Frame-Options:
|
34
|
-
- SAMEORIGIN
|
35
|
-
X-Xss-Protection:
|
36
|
-
- 1; mode=block
|
37
|
-
X-Content-Type-Options:
|
38
|
-
- nosniff
|
39
25
|
Cache-Control:
|
40
26
|
- no-store
|
41
|
-
Pragma:
|
42
|
-
- no-cache
|
43
27
|
Content-Type:
|
44
28
|
- application/json; charset=utf-8
|
29
|
+
Date:
|
30
|
+
- Sun, 12 Apr 2015 21:48:16 GMT
|
31
|
+
Pragma:
|
32
|
+
- no-cache
|
33
|
+
Server:
|
34
|
+
- nginx/1.4.6 (Ubuntu)
|
35
|
+
Status:
|
36
|
+
- 401 Unauthorized
|
45
37
|
Www-Authenticate:
|
46
38
|
- Bearer realm="Doorkeeper", error="invalid_request", error_description="The
|
47
39
|
request is missing a required parameter, includes an unsupported parameter
|
48
40
|
value, or is otherwise malformed."
|
41
|
+
X-Content-Type-Options:
|
42
|
+
- nosniff
|
43
|
+
X-Frame-Options:
|
44
|
+
- SAMEORIGIN
|
49
45
|
X-Request-Id:
|
50
|
-
-
|
46
|
+
- beed47c6-4ddd-437c-b0e5-ba34f99c39da
|
51
47
|
X-Runtime:
|
52
|
-
- '0.
|
53
|
-
|
54
|
-
- 1
|
48
|
+
- '0.007622'
|
49
|
+
X-Xss-Protection:
|
50
|
+
- 1; mode=block
|
51
|
+
Content-Length:
|
52
|
+
- '162'
|
53
|
+
Connection:
|
54
|
+
- keep-alive
|
55
55
|
body:
|
56
56
|
encoding: UTF-8
|
57
57
|
string: '{"error":"invalid_request","error_description":"The request is missing
|
58
58
|
a required parameter, includes an unsupported parameter value, or is otherwise
|
59
59
|
malformed."}'
|
60
60
|
http_version:
|
61
|
-
recorded_at:
|
61
|
+
recorded_at: Sun, 12 Apr 2015 21:48:16 GMT
|
62
62
|
recorded_with: VCR 2.9.3
|
@@ -2,7 +2,7 @@
|
|
2
2
|
http_interactions:
|
3
3
|
- request:
|
4
4
|
method: get
|
5
|
-
uri: https://
|
5
|
+
uri: https://bouncer-api.monsieur.co/users/a202ce1d-40a1-4b9f-a5da-8a0d5d744926
|
6
6
|
body:
|
7
7
|
encoding: US-ASCII
|
8
8
|
string: ''
|
@@ -22,35 +22,35 @@ http_interactions:
|
|
22
22
|
code: 200
|
23
23
|
message: OK
|
24
24
|
headers:
|
25
|
-
|
26
|
-
-
|
27
|
-
|
28
|
-
-
|
25
|
+
Cache-Control:
|
26
|
+
- max-age=0, private, must-revalidate
|
27
|
+
Content-Type:
|
28
|
+
- application/json; charset=utf-8
|
29
29
|
Date:
|
30
|
-
-
|
30
|
+
- Sun, 12 Apr 2015 21:48:17 GMT
|
31
|
+
Etag:
|
32
|
+
- W/"f7171601fabae0ae362c8e0d0f6d1349"
|
33
|
+
Server:
|
34
|
+
- nginx/1.4.6 (Ubuntu)
|
31
35
|
Status:
|
32
36
|
- 200 OK
|
33
|
-
X-Frame-Options:
|
34
|
-
- SAMEORIGIN
|
35
|
-
X-Xss-Protection:
|
36
|
-
- 1; mode=block
|
37
37
|
X-Content-Type-Options:
|
38
38
|
- nosniff
|
39
|
-
|
40
|
-
-
|
41
|
-
Etag:
|
42
|
-
- W/"f3b0c963380b198b62bf64cc73b32e13"
|
43
|
-
Cache-Control:
|
44
|
-
- max-age=0, private, must-revalidate
|
39
|
+
X-Frame-Options:
|
40
|
+
- SAMEORIGIN
|
45
41
|
X-Request-Id:
|
46
|
-
-
|
42
|
+
- 10f945b4-1cc6-49e9-8f18-52b7460b77c4
|
47
43
|
X-Runtime:
|
48
|
-
- '0.
|
49
|
-
|
50
|
-
- 1
|
44
|
+
- '0.009700'
|
45
|
+
X-Xss-Protection:
|
46
|
+
- 1; mode=block
|
47
|
+
Content-Length:
|
48
|
+
- '304'
|
49
|
+
Connection:
|
50
|
+
- keep-alive
|
51
51
|
body:
|
52
52
|
encoding: UTF-8
|
53
|
-
string: '{"users":[{"id":"
|
53
|
+
string: '{"users":[{"id":"a202ce1d-40a1-4b9f-a5da-8a0d5d744926","image":"https://secure.gravatar.com/avatar/7a2b073df8a98f5f1d67bc06cab6659b?d=mm\u0026s=50","name":null,"super_admin":null,"phone":null,"phone_verified_at":null,"email":"kurtisnelson+test@gmail.com","email_verified_at":"2015-03-31T22:32:27.029Z"}]}'
|
54
54
|
http_version:
|
55
|
-
recorded_at:
|
55
|
+
recorded_at: Sun, 12 Apr 2015 21:48:16 GMT
|
56
56
|
recorded_with: VCR 2.9.3
|
@@ -2,108 +2,108 @@
|
|
2
2
|
http_interactions:
|
3
3
|
- request:
|
4
4
|
method: get
|
5
|
-
uri: https://
|
5
|
+
uri: https://bouncer-api.monsieur.co/oauth/token/info
|
6
6
|
body:
|
7
7
|
encoding: US-ASCII
|
8
8
|
string: ''
|
9
9
|
headers:
|
10
|
+
Accept:
|
11
|
+
- application/json
|
10
12
|
Content-Type:
|
11
13
|
- application/json
|
12
|
-
Authorization:
|
13
|
-
- Bearer <DEVICE_TOKEN>
|
14
14
|
User-Agent:
|
15
15
|
- Faraday v0.9.1
|
16
|
+
Authorization:
|
17
|
+
- Bearer e55081663d3952dacfb269f9bec999df3f1da4392b67a629d0c25e081c07817f
|
16
18
|
Accept-Encoding:
|
17
19
|
- gzip;q=1.0,deflate;q=0.6,identity;q=0.3
|
18
|
-
Accept:
|
19
|
-
- "*/*"
|
20
20
|
response:
|
21
21
|
status:
|
22
22
|
code: 200
|
23
23
|
message: OK
|
24
24
|
headers:
|
25
|
-
|
26
|
-
-
|
27
|
-
|
28
|
-
-
|
25
|
+
Cache-Control:
|
26
|
+
- max-age=0, private, must-revalidate
|
27
|
+
Content-Type:
|
28
|
+
- application/json; charset=utf-8
|
29
29
|
Date:
|
30
|
-
-
|
30
|
+
- Sun, 12 Apr 2015 21:48:16 GMT
|
31
|
+
Etag:
|
32
|
+
- W/"8be19838ccf8a2650f8fcb601a4b5b94"
|
33
|
+
Server:
|
34
|
+
- nginx/1.4.6 (Ubuntu)
|
31
35
|
Status:
|
32
36
|
- 200 OK
|
33
|
-
X-Frame-Options:
|
34
|
-
- SAMEORIGIN
|
35
|
-
X-Xss-Protection:
|
36
|
-
- 1; mode=block
|
37
37
|
X-Content-Type-Options:
|
38
38
|
- nosniff
|
39
|
-
|
40
|
-
-
|
41
|
-
Etag:
|
42
|
-
- W/"4fb3c8dc402f680c9198a329b07f0755"
|
43
|
-
Cache-Control:
|
44
|
-
- max-age=0, private, must-revalidate
|
39
|
+
X-Frame-Options:
|
40
|
+
- SAMEORIGIN
|
45
41
|
X-Request-Id:
|
46
|
-
-
|
42
|
+
- 98795e24-3331-406d-9aa2-bddbcfc8c5ff
|
47
43
|
X-Runtime:
|
48
|
-
- '0.
|
49
|
-
|
50
|
-
- 1
|
44
|
+
- '0.008019'
|
45
|
+
X-Xss-Protection:
|
46
|
+
- 1; mode=block
|
47
|
+
Content-Length:
|
48
|
+
- '158'
|
49
|
+
Connection:
|
50
|
+
- keep-alive
|
51
51
|
body:
|
52
52
|
encoding: UTF-8
|
53
|
-
string: '{"resource_owner_id":"
|
53
|
+
string: '{"resource_owner_id":"e9469653-3210-429b-a453-cdfaa6375ce5","scopes":["device"],"expires_in_seconds":85347,"application":{"uid":null},"created_at":1428874243}'
|
54
54
|
http_version:
|
55
|
-
recorded_at:
|
55
|
+
recorded_at: Sun, 12 Apr 2015 21:48:15 GMT
|
56
56
|
- request:
|
57
57
|
method: get
|
58
|
-
uri: https://
|
58
|
+
uri: https://bouncer-api.monsieur.co/me
|
59
59
|
body:
|
60
60
|
encoding: US-ASCII
|
61
61
|
string: ''
|
62
62
|
headers:
|
63
|
+
Accept:
|
64
|
+
- application/json
|
63
65
|
Content-Type:
|
64
66
|
- application/json
|
65
|
-
Authorization:
|
66
|
-
- Bearer <DEVICE_TOKEN>
|
67
67
|
User-Agent:
|
68
68
|
- Faraday v0.9.1
|
69
|
+
Authorization:
|
70
|
+
- Bearer e55081663d3952dacfb269f9bec999df3f1da4392b67a629d0c25e081c07817f
|
69
71
|
Accept-Encoding:
|
70
72
|
- gzip;q=1.0,deflate;q=0.6,identity;q=0.3
|
71
|
-
Accept:
|
72
|
-
- "*/*"
|
73
73
|
response:
|
74
74
|
status:
|
75
75
|
code: 200
|
76
76
|
message: OK
|
77
77
|
headers:
|
78
|
-
|
79
|
-
-
|
80
|
-
|
81
|
-
-
|
78
|
+
Cache-Control:
|
79
|
+
- max-age=0, private, must-revalidate
|
80
|
+
Content-Type:
|
81
|
+
- application/json; charset=utf-8
|
82
82
|
Date:
|
83
|
-
-
|
83
|
+
- Sun, 12 Apr 2015 21:48:16 GMT
|
84
|
+
Etag:
|
85
|
+
- W/"6702ae6fe4d50e119795f25243069213"
|
86
|
+
Server:
|
87
|
+
- nginx/1.4.6 (Ubuntu)
|
84
88
|
Status:
|
85
89
|
- 200 OK
|
86
|
-
X-Frame-Options:
|
87
|
-
- SAMEORIGIN
|
88
|
-
X-Xss-Protection:
|
89
|
-
- 1; mode=block
|
90
90
|
X-Content-Type-Options:
|
91
91
|
- nosniff
|
92
|
-
|
93
|
-
-
|
94
|
-
Etag:
|
95
|
-
- W/"5fe875d6bad419d51fb0de4ea009162d"
|
96
|
-
Cache-Control:
|
97
|
-
- max-age=0, private, must-revalidate
|
92
|
+
X-Frame-Options:
|
93
|
+
- SAMEORIGIN
|
98
94
|
X-Request-Id:
|
99
|
-
-
|
95
|
+
- e329d369-bdc0-4894-ab7d-76fb909840d5
|
100
96
|
X-Runtime:
|
101
|
-
- '0.
|
102
|
-
|
103
|
-
- 1
|
97
|
+
- '0.018374'
|
98
|
+
X-Xss-Protection:
|
99
|
+
- 1; mode=block
|
100
|
+
Content-Length:
|
101
|
+
- '549'
|
102
|
+
Connection:
|
103
|
+
- keep-alive
|
104
104
|
body:
|
105
105
|
encoding: UTF-8
|
106
|
-
string: '{"
|
106
|
+
string: '{"activations":[{"id":"e9469653-3210-429b-a453-cdfaa6375ce5","updated_at":"2015-04-12T21:30:43.102Z","created_at":"2015-04-12T21:30:43.102Z","links":{"unit":"b23a4462-91c5-4e45-bc2b-3e0fe200ae26","device":"0159533d-6486-49b4-a7a2-e8a23ae67df4","user":"5fa34ab6-eaf2-4b79-96b3-3aebe38ed8f8","activation_token":"2115"}}],"linked":{"activation_tokens":[{"id":2115,"token":"e55081663d3952dacfb269f9bec999df3f1da4392b67a629d0c25e081c07817f","expires_in_seconds":85346,"refresh_token":"0f2b7923e146fe47df929135ffcaf4ecf4e514b04c208727d668f56d0e10b4cf"}]}}'
|
107
107
|
http_version:
|
108
|
-
recorded_at:
|
108
|
+
recorded_at: Sun, 12 Apr 2015 21:48:15 GMT
|
109
109
|
recorded_with: VCR 2.9.3
|
@@ -2,108 +2,108 @@
|
|
2
2
|
http_interactions:
|
3
3
|
- request:
|
4
4
|
method: get
|
5
|
-
uri: https://
|
5
|
+
uri: https://bouncer-api.monsieur.co/oauth/token/info
|
6
6
|
body:
|
7
7
|
encoding: US-ASCII
|
8
8
|
string: ''
|
9
9
|
headers:
|
10
|
+
Accept:
|
11
|
+
- application/json
|
10
12
|
Content-Type:
|
11
13
|
- application/json
|
12
|
-
Authorization:
|
13
|
-
- Bearer <ADMIN_TOKEN>
|
14
14
|
User-Agent:
|
15
15
|
- Faraday v0.9.1
|
16
|
+
Authorization:
|
17
|
+
- Bearer <ADMIN_TOKEN>
|
16
18
|
Accept-Encoding:
|
17
19
|
- gzip;q=1.0,deflate;q=0.6,identity;q=0.3
|
18
|
-
Accept:
|
19
|
-
- "*/*"
|
20
20
|
response:
|
21
21
|
status:
|
22
22
|
code: 200
|
23
23
|
message: OK
|
24
24
|
headers:
|
25
|
-
|
26
|
-
-
|
27
|
-
|
28
|
-
-
|
25
|
+
Cache-Control:
|
26
|
+
- max-age=0, private, must-revalidate
|
27
|
+
Content-Type:
|
28
|
+
- application/json; charset=utf-8
|
29
29
|
Date:
|
30
|
-
-
|
30
|
+
- Sun, 12 Apr 2015 21:48:15 GMT
|
31
|
+
Etag:
|
32
|
+
- W/"4d41facadc90814234199d8801ec458f"
|
33
|
+
Server:
|
34
|
+
- nginx/1.4.6 (Ubuntu)
|
31
35
|
Status:
|
32
36
|
- 200 OK
|
33
|
-
X-Frame-Options:
|
34
|
-
- SAMEORIGIN
|
35
|
-
X-Xss-Protection:
|
36
|
-
- 1; mode=block
|
37
37
|
X-Content-Type-Options:
|
38
38
|
- nosniff
|
39
|
-
|
40
|
-
-
|
41
|
-
Etag:
|
42
|
-
- W/"059ee065b4ee4df76ac3ab9d05708e89"
|
43
|
-
Cache-Control:
|
44
|
-
- max-age=0, private, must-revalidate
|
39
|
+
X-Frame-Options:
|
40
|
+
- SAMEORIGIN
|
45
41
|
X-Request-Id:
|
46
|
-
-
|
42
|
+
- 0fdc899d-f169-46d5-a837-9ef09f6a0e38
|
47
43
|
X-Runtime:
|
48
|
-
- '0.
|
49
|
-
|
50
|
-
- 1
|
44
|
+
- '0.007845'
|
45
|
+
X-Xss-Protection:
|
46
|
+
- 1; mode=block
|
47
|
+
Content-Length:
|
48
|
+
- '155'
|
49
|
+
Connection:
|
50
|
+
- keep-alive
|
51
51
|
body:
|
52
52
|
encoding: UTF-8
|
53
|
-
string: '{"resource_owner_id":"
|
53
|
+
string: '{"resource_owner_id":"5fa34ab6-eaf2-4b79-96b3-3aebe38ed8f8","scopes":["user"],"expires_in_seconds":4532,"application":{"uid":null},"created_at":1428872627}'
|
54
54
|
http_version:
|
55
|
-
recorded_at:
|
55
|
+
recorded_at: Sun, 12 Apr 2015 21:48:15 GMT
|
56
56
|
- request:
|
57
57
|
method: get
|
58
|
-
uri: https://
|
58
|
+
uri: https://bouncer-api.monsieur.co/me
|
59
59
|
body:
|
60
60
|
encoding: US-ASCII
|
61
61
|
string: ''
|
62
62
|
headers:
|
63
|
+
Accept:
|
64
|
+
- application/json
|
63
65
|
Content-Type:
|
64
66
|
- application/json
|
65
|
-
Authorization:
|
66
|
-
- Bearer <ADMIN_TOKEN>
|
67
67
|
User-Agent:
|
68
68
|
- Faraday v0.9.1
|
69
|
+
Authorization:
|
70
|
+
- Bearer <ADMIN_TOKEN>
|
69
71
|
Accept-Encoding:
|
70
72
|
- gzip;q=1.0,deflate;q=0.6,identity;q=0.3
|
71
|
-
Accept:
|
72
|
-
- "*/*"
|
73
73
|
response:
|
74
74
|
status:
|
75
75
|
code: 200
|
76
76
|
message: OK
|
77
77
|
headers:
|
78
|
-
|
79
|
-
-
|
80
|
-
|
81
|
-
-
|
78
|
+
Cache-Control:
|
79
|
+
- max-age=0, private, must-revalidate
|
80
|
+
Content-Type:
|
81
|
+
- application/json; charset=utf-8
|
82
82
|
Date:
|
83
|
-
-
|
83
|
+
- Sun, 12 Apr 2015 21:48:15 GMT
|
84
|
+
Etag:
|
85
|
+
- W/"db2bd337bcf004a344947680b869a9cd"
|
86
|
+
Server:
|
87
|
+
- nginx/1.4.6 (Ubuntu)
|
84
88
|
Status:
|
85
89
|
- 200 OK
|
86
|
-
X-Frame-Options:
|
87
|
-
- SAMEORIGIN
|
88
|
-
X-Xss-Protection:
|
89
|
-
- 1; mode=block
|
90
90
|
X-Content-Type-Options:
|
91
91
|
- nosniff
|
92
|
-
|
93
|
-
-
|
94
|
-
Etag:
|
95
|
-
- W/"f3b0c963380b198b62bf64cc73b32e13"
|
96
|
-
Cache-Control:
|
97
|
-
- max-age=0, private, must-revalidate
|
92
|
+
X-Frame-Options:
|
93
|
+
- SAMEORIGIN
|
98
94
|
X-Request-Id:
|
99
|
-
-
|
95
|
+
- ce0452b4-ce26-441e-8074-a8bccfa2ff0a
|
100
96
|
X-Runtime:
|
101
|
-
- '0.
|
102
|
-
|
103
|
-
- 1
|
97
|
+
- '0.011439'
|
98
|
+
X-Xss-Protection:
|
99
|
+
- 1; mode=block
|
100
|
+
Content-Length:
|
101
|
+
- '301'
|
102
|
+
Connection:
|
103
|
+
- keep-alive
|
104
104
|
body:
|
105
105
|
encoding: UTF-8
|
106
|
-
string: '{"users":[{"id":"
|
106
|
+
string: '{"users":[{"id":"5fa34ab6-eaf2-4b79-96b3-3aebe38ed8f8","image":"https://secure.gravatar.com/avatar/ebfcbe366c47be18e8d3d6eb13d51d17?d=mm\u0026s=50","name":null,"super_admin":true,"phone":"4075120689","phone_verified_at":null,"email":"kurt@monsieur.co","email_verified_at":"2015-03-05T21:36:51.598Z"}]}'
|
107
107
|
http_version:
|
108
|
-
recorded_at:
|
108
|
+
recorded_at: Sun, 12 Apr 2015 21:48:15 GMT
|
109
109
|
recorded_with: VCR 2.9.3
|
@@ -2,108 +2,108 @@
|
|
2
2
|
http_interactions:
|
3
3
|
- request:
|
4
4
|
method: get
|
5
|
-
uri: https://
|
5
|
+
uri: https://bouncer-api.monsieur.co/oauth/token/info
|
6
6
|
body:
|
7
7
|
encoding: US-ASCII
|
8
8
|
string: ''
|
9
9
|
headers:
|
10
|
+
Accept:
|
11
|
+
- application/json
|
10
12
|
Content-Type:
|
11
13
|
- application/json
|
12
|
-
Authorization:
|
13
|
-
- Bearer <ADMIN_TOKEN>
|
14
14
|
User-Agent:
|
15
15
|
- Faraday v0.9.1
|
16
|
+
Authorization:
|
17
|
+
- Bearer <ADMIN_TOKEN>
|
16
18
|
Accept-Encoding:
|
17
19
|
- gzip;q=1.0,deflate;q=0.6,identity;q=0.3
|
18
|
-
Accept:
|
19
|
-
- "*/*"
|
20
20
|
response:
|
21
21
|
status:
|
22
22
|
code: 200
|
23
23
|
message: OK
|
24
24
|
headers:
|
25
|
-
|
26
|
-
-
|
27
|
-
|
28
|
-
-
|
25
|
+
Cache-Control:
|
26
|
+
- max-age=0, private, must-revalidate
|
27
|
+
Content-Type:
|
28
|
+
- application/json; charset=utf-8
|
29
29
|
Date:
|
30
|
-
-
|
30
|
+
- Sun, 12 Apr 2015 21:48:16 GMT
|
31
|
+
Etag:
|
32
|
+
- W/"86f7536104352d40c4d1918d4e5034c0"
|
33
|
+
Server:
|
34
|
+
- nginx/1.4.6 (Ubuntu)
|
31
35
|
Status:
|
32
36
|
- 200 OK
|
33
|
-
X-Frame-Options:
|
34
|
-
- SAMEORIGIN
|
35
|
-
X-Xss-Protection:
|
36
|
-
- 1; mode=block
|
37
37
|
X-Content-Type-Options:
|
38
38
|
- nosniff
|
39
|
-
|
40
|
-
-
|
41
|
-
Etag:
|
42
|
-
- W/"059ee065b4ee4df76ac3ab9d05708e89"
|
43
|
-
Cache-Control:
|
44
|
-
- max-age=0, private, must-revalidate
|
39
|
+
X-Frame-Options:
|
40
|
+
- SAMEORIGIN
|
45
41
|
X-Request-Id:
|
46
|
-
-
|
42
|
+
- 842140e1-bb4a-4099-9b50-b88ebba6d7fe
|
47
43
|
X-Runtime:
|
48
|
-
- '0.
|
49
|
-
|
50
|
-
- 1
|
44
|
+
- '0.007954'
|
45
|
+
X-Xss-Protection:
|
46
|
+
- 1; mode=block
|
47
|
+
Content-Length:
|
48
|
+
- '155'
|
49
|
+
Connection:
|
50
|
+
- keep-alive
|
51
51
|
body:
|
52
52
|
encoding: UTF-8
|
53
|
-
string: '{"resource_owner_id":"
|
53
|
+
string: '{"resource_owner_id":"5fa34ab6-eaf2-4b79-96b3-3aebe38ed8f8","scopes":["user"],"expires_in_seconds":4531,"application":{"uid":null},"created_at":1428872627}'
|
54
54
|
http_version:
|
55
|
-
recorded_at:
|
55
|
+
recorded_at: Sun, 12 Apr 2015 21:48:15 GMT
|
56
56
|
- request:
|
57
57
|
method: get
|
58
|
-
uri: https://
|
58
|
+
uri: https://bouncer-api.monsieur.co/me
|
59
59
|
body:
|
60
60
|
encoding: US-ASCII
|
61
61
|
string: ''
|
62
62
|
headers:
|
63
|
+
Accept:
|
64
|
+
- application/json
|
63
65
|
Content-Type:
|
64
66
|
- application/json
|
65
|
-
Authorization:
|
66
|
-
- Bearer <ADMIN_TOKEN>
|
67
67
|
User-Agent:
|
68
68
|
- Faraday v0.9.1
|
69
|
+
Authorization:
|
70
|
+
- Bearer <ADMIN_TOKEN>
|
69
71
|
Accept-Encoding:
|
70
72
|
- gzip;q=1.0,deflate;q=0.6,identity;q=0.3
|
71
|
-
Accept:
|
72
|
-
- "*/*"
|
73
73
|
response:
|
74
74
|
status:
|
75
75
|
code: 200
|
76
76
|
message: OK
|
77
77
|
headers:
|
78
|
-
|
79
|
-
-
|
80
|
-
|
81
|
-
-
|
78
|
+
Cache-Control:
|
79
|
+
- max-age=0, private, must-revalidate
|
80
|
+
Content-Type:
|
81
|
+
- application/json; charset=utf-8
|
82
82
|
Date:
|
83
|
-
-
|
83
|
+
- Sun, 12 Apr 2015 21:48:16 GMT
|
84
|
+
Etag:
|
85
|
+
- W/"db2bd337bcf004a344947680b869a9cd"
|
86
|
+
Server:
|
87
|
+
- nginx/1.4.6 (Ubuntu)
|
84
88
|
Status:
|
85
89
|
- 200 OK
|
86
|
-
X-Frame-Options:
|
87
|
-
- SAMEORIGIN
|
88
|
-
X-Xss-Protection:
|
89
|
-
- 1; mode=block
|
90
90
|
X-Content-Type-Options:
|
91
91
|
- nosniff
|
92
|
-
|
93
|
-
-
|
94
|
-
Etag:
|
95
|
-
- W/"f3b0c963380b198b62bf64cc73b32e13"
|
96
|
-
Cache-Control:
|
97
|
-
- max-age=0, private, must-revalidate
|
92
|
+
X-Frame-Options:
|
93
|
+
- SAMEORIGIN
|
98
94
|
X-Request-Id:
|
99
|
-
-
|
95
|
+
- 3d820be4-5fc3-49f7-9768-85e97b57eda2
|
100
96
|
X-Runtime:
|
101
|
-
- '0.
|
102
|
-
|
103
|
-
- 1
|
97
|
+
- '0.011395'
|
98
|
+
X-Xss-Protection:
|
99
|
+
- 1; mode=block
|
100
|
+
Content-Length:
|
101
|
+
- '301'
|
102
|
+
Connection:
|
103
|
+
- keep-alive
|
104
104
|
body:
|
105
105
|
encoding: UTF-8
|
106
|
-
string: '{"users":[{"id":"
|
106
|
+
string: '{"users":[{"id":"5fa34ab6-eaf2-4b79-96b3-3aebe38ed8f8","image":"https://secure.gravatar.com/avatar/ebfcbe366c47be18e8d3d6eb13d51d17?d=mm\u0026s=50","name":null,"super_admin":false,"phone":"4075120689","phone_verified_at":null,"email":"kurt@monsieur.co","email_verified_at":"2015-03-05T21:36:51.598Z"}]}'
|
107
107
|
http_version:
|
108
|
-
recorded_at:
|
108
|
+
recorded_at: Sun, 12 Apr 2015 21:48:15 GMT
|
109
109
|
recorded_with: VCR 2.9.3
|
@@ -9,7 +9,7 @@ describe Bouncer::ControllerMixin do
|
|
9
9
|
end
|
10
10
|
|
11
11
|
it 'builds a token from Bearer' do
|
12
|
-
stub_authorization
|
12
|
+
stub_authorization('Bearer '+ENV['ADMIN_TOKEN'])
|
13
13
|
VCR.use_cassette 'bouncer/valid_admin' do
|
14
14
|
expect(controller.current_user.user.email).to eq "kurt@monsieur.co"
|
15
15
|
end
|
@@ -18,7 +18,7 @@ describe Bouncer::ControllerMixin do
|
|
18
18
|
|
19
19
|
describe "#authenticate_super_admin!" do
|
20
20
|
before do
|
21
|
-
stub_authorization
|
21
|
+
stub_authorization('Bearer '+ENV['ADMIN_TOKEN'])
|
22
22
|
end
|
23
23
|
|
24
24
|
it 'allows admin' do
|
@@ -27,24 +27,25 @@ describe Bouncer::ControllerMixin do
|
|
27
27
|
end
|
28
28
|
end
|
29
29
|
|
30
|
-
it 'disallows users' do
|
30
|
+
it 'disallows plain users' do
|
31
31
|
VCR.use_cassette 'bouncer/valid_user' do
|
32
32
|
expect{controller.authenticate_super_admin!}.to raise_error(Bouncer::UnauthorizedError)
|
33
33
|
end
|
34
34
|
end
|
35
35
|
end
|
36
36
|
|
37
|
-
describe "#
|
38
|
-
|
39
|
-
|
40
|
-
VCR.use_cassette 'bouncer/
|
41
|
-
expect{controller.
|
37
|
+
describe "#authenticate_activation!" do
|
38
|
+
it 'allows activations' do
|
39
|
+
stub_authorization('Bearer '+ENV['ACTIVATION_TOKEN'])
|
40
|
+
VCR.use_cassette 'bouncer/valid_activation' do
|
41
|
+
expect{controller.authenticate_activation!}.to_not raise_error
|
42
42
|
end
|
43
43
|
end
|
44
44
|
|
45
45
|
it 'disallows admins' do
|
46
|
+
stub_authorization('Bearer '+ENV['ADMIN_TOKEN'])
|
46
47
|
VCR.use_cassette 'bouncer/valid_admin' do
|
47
|
-
expect{controller.
|
48
|
+
expect{controller.authenticate_activation!}.to raise_error(Bouncer::UnauthorizedError)
|
48
49
|
end
|
49
50
|
end
|
50
51
|
end
|
data/spec/model/token_spec.rb
CHANGED
@@ -2,7 +2,7 @@ require 'spec_helper'
|
|
2
2
|
|
3
3
|
describe Bouncer::Token do
|
4
4
|
let(:admin_token) { Bouncer::Token.new('Bearer ' + ENV['ADMIN_TOKEN']) }
|
5
|
-
let(:
|
5
|
+
let(:activation_token) { Bouncer::Token.new('Bearer ' + ENV['ACTIVATION_TOKEN'])}
|
6
6
|
let(:invalid_token) { Bouncer::Token.new('Bearer junk') }
|
7
7
|
|
8
8
|
describe "#present?" do
|
@@ -32,10 +32,10 @@ describe Bouncer::Token do
|
|
32
32
|
end
|
33
33
|
end
|
34
34
|
|
35
|
-
it 'validates
|
36
|
-
VCR.use_cassette 'bouncer/
|
37
|
-
expect(
|
38
|
-
expect(
|
35
|
+
it 'validates activation tokens' do
|
36
|
+
VCR.use_cassette 'bouncer/valid_activation' do
|
37
|
+
expect(activation_token).to be_valid
|
38
|
+
expect(activation_token).to be_valid
|
39
39
|
end
|
40
40
|
end
|
41
41
|
|
@@ -55,14 +55,14 @@ describe Bouncer::Token do
|
|
55
55
|
end
|
56
56
|
|
57
57
|
describe "#id" do
|
58
|
-
context "
|
58
|
+
context "activation token" do
|
59
59
|
it 'is correct' do
|
60
|
-
VCR.use_cassette('bouncer/
|
60
|
+
VCR.use_cassette('bouncer/valid_activation') { expect(activation_token.activation.id).to eq "e9469653-3210-429b-a453-cdfaa6375ce5" }
|
61
61
|
end
|
62
62
|
end
|
63
63
|
context "user token" do
|
64
64
|
it 'is correct' do
|
65
|
-
VCR.use_cassette('bouncer/valid_admin') { expect(admin_token.user.id).to eq "
|
65
|
+
VCR.use_cassette('bouncer/valid_admin') { expect(admin_token.user.id).to eq "5fa34ab6-eaf2-4b79-96b3-3aebe38ed8f8" }
|
66
66
|
end
|
67
67
|
end
|
68
68
|
end
|
@@ -73,29 +73,29 @@ describe Bouncer::Token do
|
|
73
73
|
end
|
74
74
|
end
|
75
75
|
|
76
|
-
describe "
|
76
|
+
describe "activation token" do
|
77
77
|
it 'does not have a user' do
|
78
|
-
VCR.use_cassette('bouncer/
|
78
|
+
VCR.use_cassette('bouncer/valid_activation') { expect(activation_token.user).to eq nil }
|
79
79
|
end
|
80
80
|
end
|
81
81
|
describe "user token" do
|
82
|
-
it 'does not have
|
83
|
-
VCR.use_cassette('bouncer/valid_admin') { expect(admin_token.
|
82
|
+
it 'does not have an activation' do
|
83
|
+
VCR.use_cassette('bouncer/valid_admin') { expect(admin_token.activation).to eq nil }
|
84
84
|
end
|
85
85
|
end
|
86
86
|
|
87
|
-
describe "#
|
88
|
-
context "
|
87
|
+
describe "#activation?" do
|
88
|
+
context "activation token" do
|
89
89
|
it "returns true" do
|
90
|
-
VCR.use_cassette 'bouncer/
|
91
|
-
expect(
|
90
|
+
VCR.use_cassette 'bouncer/valid_activation' do
|
91
|
+
expect(activation_token).to be_activation
|
92
92
|
end
|
93
93
|
end
|
94
94
|
end
|
95
95
|
context "user" do
|
96
96
|
it 'returns false' do
|
97
97
|
VCR.use_cassette 'bouncer/valid_admin' do
|
98
|
-
expect(admin_token).to_not
|
98
|
+
expect(admin_token).to_not be_activation
|
99
99
|
end
|
100
100
|
end
|
101
101
|
end
|
data/spec/model/user_spec.rb
CHANGED
@@ -2,7 +2,7 @@ require 'spec_helper'
|
|
2
2
|
|
3
3
|
describe Bouncer::User do
|
4
4
|
it 'is created from an ID' do
|
5
|
-
uuid = "
|
5
|
+
uuid = "a202ce1d-40a1-4b9f-a5da-8a0d5d744926"
|
6
6
|
VCR.use_cassette 'bouncer/user' do
|
7
7
|
user = Bouncer::User.from_id uuid
|
8
8
|
expect(user.id).to eq uuid
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: bouncer-client
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: '0.3'
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Kurt Nelson
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2015-04-
|
11
|
+
date: 2015-04-12 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: faraday
|
@@ -239,9 +239,9 @@ files:
|
|
239
239
|
- Rakefile
|
240
240
|
- bouncer-client.gemspec
|
241
241
|
- lib/bouncer-client.rb
|
242
|
+
- lib/bouncer-client/activation.rb
|
242
243
|
- lib/bouncer-client/client.rb
|
243
244
|
- lib/bouncer-client/controller_mixin.rb
|
244
|
-
- lib/bouncer-client/device.rb
|
245
245
|
- lib/bouncer-client/errors.rb
|
246
246
|
- lib/bouncer-client/test_helpers.rb
|
247
247
|
- lib/bouncer-client/token.rb
|
@@ -249,8 +249,8 @@ files:
|
|
249
249
|
- lib/bouncer-client/version.rb
|
250
250
|
- spec/cassettes/bouncer/invalid_token.yml
|
251
251
|
- spec/cassettes/bouncer/user.yml
|
252
|
+
- spec/cassettes/bouncer/valid_activation.yml
|
252
253
|
- spec/cassettes/bouncer/valid_admin.yml
|
253
|
-
- spec/cassettes/bouncer/valid_device.yml
|
254
254
|
- spec/cassettes/bouncer/valid_user.yml
|
255
255
|
- spec/mixins/controller_mixin_spec.rb
|
256
256
|
- spec/model/token_spec.rb
|
@@ -283,8 +283,8 @@ summary: Allows Rails to easily use a Bouncer instance for authentication
|
|
283
283
|
test_files:
|
284
284
|
- spec/cassettes/bouncer/invalid_token.yml
|
285
285
|
- spec/cassettes/bouncer/user.yml
|
286
|
+
- spec/cassettes/bouncer/valid_activation.yml
|
286
287
|
- spec/cassettes/bouncer/valid_admin.yml
|
287
|
-
- spec/cassettes/bouncer/valid_device.yml
|
288
288
|
- spec/cassettes/bouncer/valid_user.yml
|
289
289
|
- spec/mixins/controller_mixin_spec.rb
|
290
290
|
- spec/model/token_spec.rb
|