browserid-verify 0.1.0 → 0.2.0

data/.gitignore

@@ -0,0 +1 @@
+browserid-verify-*.gem

data/README.md

@@ -5,17 +5,25 @@ Verify BrowserID assertions in Ruby.
 Currently this package only allows remote verification. Once the assertion format has stabilised we'll also add the
 ability to verify assertions locally.
 
-## Usage ##
+## Installation ##
+
+Install as Ruby Gem in your Project.
 
+```bash
+gem install browserid-verify
 ```
+
+## Usage ##
+
+```ruby
 require 'browserid/verify'
 include BrowserID::Verify
 ```
 
-Using the functional API, you can call ```verify_remotely()``` with both an ```audience``` and an ```assertion```.
+Using the functional API, you can call ```verify()``` with both an ```audience``` and an ```assertion```.
 
-```
-data = verify_remotely(audience, assertion)
+```ruby
+data = verify(audience, assertion)
 puts "Data: #{data.inspect}"
 ```
 
@@ -25,7 +33,7 @@ supported) and the audience.
 
 Then, use the ```verify()``` method to give it the assertion.
 
-```
+```ruby
 verifier = Verify.new('remote', audience)
 
 data = verifier.verify(assertion)
@@ -35,7 +43,7 @@ puts "Data: #{data.inspect}"
 Using your own hosted version of the verifier, you can pass in a URL as the third parameter of either the constructor
 or the ```verify_remotely()``` function.
 
-```
+```ruby
 data = verify_remotely(audience, assertion, 'https://verifier.localhost/')
 
 # or
@@ -48,17 +56,23 @@ data = verifier.verify(assertion)
 
 Functional interface:
 
-```data = verify_remotely(audience, assertion[, url = 'https://verifier.login.persona.org/verify'])```
+```ruby
+data = verify_remotely(audience, assertion[, url = 'https://verifier.login.persona.org/verify'])
+```
 
 Object interface:
 
-```verifier = Verify.new(type, audience[, url = 'https://verifier.login.persona.org/verify'])```
+```ruby
+verifier = Verify.new(type, audience[, url = 'https://verifier.login.persona.org/verify'])
+```
 
-```data = verifier.verify(assertion)```
+```ruby
+data = verifier.verify(assertion)
+```
 
 Options:
 
-```type``` - must be 'remote' or 'local' (this library currently only supports 'remote'
+```type``` - must be 'remote' or 'local' (this library currently only supports 'remote')
 
 ```audience``` - should be your hostname such as ```https://example.com```
 

data/Rakefile

@@ -0,0 +1,20 @@
+require 'rake/testtask'
+
+desc "Perform all tests"
+Rake::TestTask.new do |t|
+  t.libs = ["lib"]
+  t.name = "test"
+  t.warning = true
+  t.verbose = true
+  t.test_files = FileList['test/test_*.rb']
+end
+
+desc "Perform integration tests"
+Rake::TestTask.new do |t|
+  t.libs = ["lib"]
+  t.name = "test:integration"
+  t.warning = true
+  t.test_files = FileList['test/integration/test_*.rb']
+end
+
+task :default => :test

data/browserid-verify.gemspec

@@ -0,0 +1,20 @@
+#!/usr/bin/env gem build
+
+Gem::Specification.new do |s|
+  s.name             = 'browserid-verify'
+  s.version          = '0.2.0'
+  s.summary          = "A BrowserID Verifier."
+  s.description      = "Verify BrowserID assertions either remotely or locally (only remote implemented currently)."
+  s.homepage         = 'https://github.com/chilts/browserid-verify-ruby'
+  s.license          = 'MPL 2'
+
+  s.date             = '2013-08-21'
+  s.author           = "Andrew Chilton"
+  s.email            = 'chilts@mozilla.com'
+
+  s.files            = `git ls-files`.split("\n")
+  s.test_files       = `git ls-files -- test/*`.split("\n")
+  s.require_paths    = ["lib"]
+
+  s.extra_rdoc_files = ["LICENSE", "README.md"]
+end

data/lib/browserid.rb

@@ -0,0 +1 @@
+require 'browserid/verify'

data/lib/browserid/verify.rb

@@ -0,0 +1,62 @@
+require "uri"
+require "net/http"
+require 'net/https'
+require "json"
+
+module BrowserID
+  module Verify
+
+    class Verify
+
+      def initialize(type, audience, url = 'https://verifier.login.persona.org/verify')
+        # Instance variables
+        @type = type
+        @audience = audience
+        @url = url
+        @uri = URI.parse(@url)
+
+        # make an agent and remember it
+        @https = Net::HTTP.new(@uri.host, @uri.port)
+        @https.use_ssl = true
+      end
+
+      def verify(assertion)
+        # make a new request
+        request = Net::HTTP::Post.new(@uri.path)
+        request.set_form_data({"audience" => @audience, "assertion" => assertion})
+
+        # send the request
+        response = @https.request(request)
+
+        # if we have a non-200 response
+        if ! response.kind_of? Net::HTTPSuccess
+          return {
+            "status" => "failure",
+            "reason" => "Something went wrong with the request",
+            "body" => response.body
+          }
+        end
+
+        # process the response
+        data = JSON.parse(response.body) || nil
+        if data.nil?
+          # JSON parsing error
+          return  {"status" => "failure", "reason" => "Received invalid JSON from the remote verifier"}
+        end
+
+        return data
+      end
+
+    end
+
+    def verify(audience, assertion, url = 'https://verifier.login.persona.org/verify')
+      return verify_remotely(audience, assertion, url)
+    end
+
+    def verify_remotely(audience, assertion, url = 'https://verifier.login.persona.org/verify')
+      verifier = Verify.new('remote', audience, url)
+      return verifier.verify(assertion)
+    end
+
+  end
+end

data/test/integration/test_failure.rb

@@ -16,4 +16,10 @@ class TC_Verify < Test::Unit::TestCase
     assert_equal(data['status'], 'failure')
     assert_equal(data['reason'], 'no certificates provided')
   end
+
+  def test_simple_3
+    data = verify('http://localhost', 'invalid assertion')
+    assert_equal(data['status'], 'failure')
+    assert_equal(data['reason'], 'no certificates provided')
+  end
 end

data/test/test_busy.rb

@@ -5,16 +5,30 @@ require 'browserid/verify'
 include WebMock::API
 include BrowserID::Verify
 
-stub_request(:post, "https://verifier.login.persona.org/verify").
-  with(:body => {"assertion"=>"invalid assertion", "audience"=>"http://localhost"},
-       :headers => {'Accept'=>'*/*', 'Content-Type'=>'application/x-www-form-urlencoded', 'User-Agent'=>'Ruby'}).
-  to_return(:status => 503, :body => "Server is busy, try again later.", :headers => {})
-
 class TC_Verify < Test::Unit::TestCase
-  def test_busy
+
+  def test_busy1
+    stub_request(:post, "https://verifier.login.persona.org/verify").
+      with(:body => {"assertion"=>"invalid assertion", "audience"=>"http://localhost"},
+           :headers => {'Accept'=>'*/*', 'Content-Type'=>'application/x-www-form-urlencoded', 'User-Agent'=>'Ruby'}).
+      to_return(:status => 503, :body => "Server is busy, try again later.", :headers => {})
+
     data = verify_remotely('http://localhost', 'invalid assertion')
     assert_equal('failure', data['status'])
     assert_equal('Something went wrong with the request', data['reason'])
     assert_equal('Server is busy, try again later.', data['body'])
   end
+
+  def test_busy2
+    stub_request(:post, "https://verifier.login.persona.org/verify").
+      with(:body => {"assertion"=>"invalid assertion", "audience"=>"http://localhost"},
+           :headers => {'Accept'=>'*/*', 'Content-Type'=>'application/x-www-form-urlencoded', 'User-Agent'=>'Ruby'}).
+      to_return(:status => 503, :body => "Server is busy, try again later.", :headers => {})
+
+    data = verify_remotely('http://localhost', 'invalid assertion')
+    assert_equal('failure', data['status'])
+    assert_equal('Something went wrong with the request', data['reason'])
+    assert_equal('Server is busy, try again later.', data['body'])
+  end
+
 end

data/test/test_okay.rb

@@ -7,22 +7,22 @@ require 'browserid/verify'
 include WebMock::API
 include BrowserID::Verify
 
-response = {
-    "status"   => "okay",
-    "email"    => "me@example.com",
-    "audience" => "https://example.com",
-    "expires"  => 1354217396705,
-    "issuer"   => "example.com"
-}
-response = JSON.generate(response)
-
-stub_request(:post, "https://verifier.login.persona.org/verify").
-  with(:body => {"assertion"=>"a fake assertion", "audience"=>"http://localhost"},
-       :headers => {'Accept'=>'*/*', 'Content-Type'=>'application/x-www-form-urlencoded', 'User-Agent'=>'Ruby'}).
-  to_return(:status => 200, :body => response, :headers => {'Content-Type'=>'application/json'})
-
 class TC_Verify < Test::Unit::TestCase
-  def test_okay
+  def test_okay1
+    response = {
+        "status"   => "okay",
+        "email"    => "me@example.com",
+        "audience" => "https://example.com",
+        "expires"  => 1354217396705,
+        "issuer"   => "example.com"
+    }
+    responseJson = JSON.generate(response)
+
+    stub_request(:post, "https://verifier.login.persona.org/verify").
+      with(:body => {"assertion"=>"a fake assertion", "audience"=>"http://localhost"},
+           :headers => {'Accept'=>'*/*', 'Content-Type'=>'application/x-www-form-urlencoded', 'User-Agent'=>'Ruby'}).
+      to_return(:status => 200, :body => responseJson, :headers => {'Content-Type'=>'application/json'})
+
     data = verify_remotely('http://localhost', 'a fake assertion')
     assert_equal('okay', data['status'])
     assert_equal('me@example.com', data['email'])
@@ -35,4 +35,32 @@ class TC_Verify < Test::Unit::TestCase
 
     assert_equal(data['reason'], nil, 'No reason in the response at all.');
   end
+
+  def test_okay2
+    response = {
+        "status"   => "okay",
+        "email"    => "me@example.com",
+        "audience" => "https://example.com",
+        "expires"  => 1354217396705,
+        "issuer"   => "example.com"
+    }
+    responseJson = JSON.generate(response)
+
+    stub_request(:post, "https://verifier.login.persona.org/verify").
+      with(:body => {"assertion"=>"a fake assertion", "audience"=>"http://localhost"},
+           :headers => {'Accept'=>'*/*', 'Content-Type'=>'application/x-www-form-urlencoded', 'User-Agent'=>'Ruby'}).
+      to_return(:status => 200, :body => responseJson, :headers => {'Content-Type'=>'application/json'})
+
+    data = verify('http://localhost', 'a fake assertion')
+    assert_equal('okay', data['status'])
+    assert_equal('me@example.com', data['email'])
+
+    assert_equal(data['status'], 'okay', 'Response status is okay.');
+    assert_equal(data['email'], 'me@example.com', 'Email in response is same as email passed back.');
+    assert_equal(data['issuer'], 'example.com', 'Issuer is also example.com.');
+    assert_equal(data['expires'], 1354217396705, 'Expires is correct.');
+    assert_equal(data['audience'], 'https://example.com', 'Audience is correct.');
+
+    assert_equal(data['reason'], nil, 'No reason in the response at all.');
+  end
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: browserid-verify
 version: !ruby/object:Gem::Version
-  version: 0.1.0
+  version: 0.2.0
   prerelease: 
 platform: ruby
 authors:
@@ -20,11 +20,16 @@ extra_rdoc_files:
 - LICENSE
 - README.md
 files:
+- .gitignore
 - LICENSE
 - README.md
+- Rakefile
+- browserid-verify.gemspec
+- lib/browserid.rb
+- lib/browserid/verify.rb
+- test/integration/test_failure.rb
 - test/test_busy.rb
 - test/test_okay.rb
-- test/integration/test_failure.rb
 homepage: https://github.com/chilts/browserid-verify-ruby
 licenses:
 - MPL 2
@@ -51,6 +56,6 @@ signing_key:
 specification_version: 3
 summary: A BrowserID Verifier.
 test_files:
+- test/integration/test_failure.rb
 - test/test_busy.rb
 - test/test_okay.rb
-- test/integration/test_failure.rb