castle-rb 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (47) hide show
  1. checksums.yaml +7 -0
  2. data/README.md +77 -0
  3. data/lib/castle.rb +47 -0
  4. data/lib/castle/client.rb +139 -0
  5. data/lib/castle/configuration.rb +37 -0
  6. data/lib/castle/errors.rb +16 -0
  7. data/lib/castle/ext/her.rb +14 -0
  8. data/lib/castle/jwt.rb +36 -0
  9. data/lib/castle/models/account.rb +11 -0
  10. data/lib/castle/models/backup_codes.rb +4 -0
  11. data/lib/castle/models/challenge.rb +7 -0
  12. data/lib/castle/models/context.rb +18 -0
  13. data/lib/castle/models/event.rb +7 -0
  14. data/lib/castle/models/model.rb +71 -0
  15. data/lib/castle/models/monitoring.rb +6 -0
  16. data/lib/castle/models/pairing.rb +11 -0
  17. data/lib/castle/models/recommendation.rb +3 -0
  18. data/lib/castle/models/session.rb +6 -0
  19. data/lib/castle/models/trusted_device.rb +5 -0
  20. data/lib/castle/models/user.rb +20 -0
  21. data/lib/castle/request.rb +164 -0
  22. data/lib/castle/session_store.rb +35 -0
  23. data/lib/castle/session_token.rb +39 -0
  24. data/lib/castle/support/cookie_store.rb +48 -0
  25. data/lib/castle/support/padrino.rb +19 -0
  26. data/lib/castle/support/rails.rb +11 -0
  27. data/lib/castle/support/sinatra.rb +17 -0
  28. data/lib/castle/token_store.rb +30 -0
  29. data/lib/castle/utils.rb +22 -0
  30. data/lib/castle/version.rb +3 -0
  31. data/spec/fixtures/vcr_cassettes/challenge_create.yml +48 -0
  32. data/spec/fixtures/vcr_cassettes/challenge_verify.yml +42 -0
  33. data/spec/fixtures/vcr_cassettes/session_create.yml +47 -0
  34. data/spec/fixtures/vcr_cassettes/session_refresh.yml +47 -0
  35. data/spec/fixtures/vcr_cassettes/session_verify.yml +47 -0
  36. data/spec/fixtures/vcr_cassettes/user_find.yml +44 -0
  37. data/spec/fixtures/vcr_cassettes/user_find_non_existing.yml +42 -0
  38. data/spec/fixtures/vcr_cassettes/user_import.yml +46 -0
  39. data/spec/fixtures/vcr_cassettes/user_update.yml +47 -0
  40. data/spec/helpers_spec.rb +38 -0
  41. data/spec/jwt_spec.rb +67 -0
  42. data/spec/models/challenge_spec.rb +18 -0
  43. data/spec/models/session_spec.rb +14 -0
  44. data/spec/models/user_spec.rb +31 -0
  45. data/spec/spec_helper.rb +29 -0
  46. data/spec/utils_spec.rb +59 -0
  47. metadata +273 -0
data/spec/jwt_spec.rb ADDED
@@ -0,0 +1,67 @@
1
+ require 'spec_helper'
2
+ require 'timecop'
3
+
4
+ describe 'Castle::JWT' do
5
+ let(:token) { 'eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiIsImlhdCI6MTM5ODIzOTIwMywiZXhwIjoxMzk4MjQyODAzfQ.eyJ1c2VyX2lkIjoiZUF3djVIdGRiU2s4Yk1OWVpvanNZdW13UXlLcFhxS3IifQ.Apa7EmT5T1sOYz4Af0ERTDzcnUvSalailNJbejZ2ddQ' }
6
+
7
+ context 'valid JWT' do
8
+ it 'returns a payload' do
9
+ payload = Castle::JWT.new(token).to_json
10
+ payload['user_id'].should == 'eAwv5HtdbSk8bMNYZojsYumwQyKpXqKr'
11
+ end
12
+
13
+ it 'verifies that JWT has expired' do
14
+ new_time = Time.utc(2014, 4, 23, 8, 46, 44)
15
+ Timecop.freeze(new_time) do
16
+ Castle::JWT.new(token).should be_expired
17
+ end
18
+ end
19
+
20
+ it 'verifies that JWT has not expired' do
21
+ new_time = Time.utc(2014, 4, 23, 8, 46, 43)
22
+ Timecop.freeze(new_time) do
23
+ Castle::JWT.new(token).should_not be_expired
24
+ end
25
+ end
26
+ end
27
+
28
+ context 'invalid JWT' do
29
+ let(:token) { 'eyJ0eXhtWWNTU3pEUHp6WFF2WmZp26mn7Kkl6UgE' }
30
+
31
+ it 'throws error' do
32
+ expect {
33
+ payload = Castle::JWT.new(token).to_json
34
+ }.to raise_error(Castle::SecurityError)
35
+ end
36
+ end
37
+
38
+ context 'nil JWT' do
39
+ let(:token) { nil }
40
+
41
+ it 'throws error' do
42
+ token = nil
43
+ expect {
44
+ payload = Castle::JWT.new(token).to_json
45
+ }.to raise_error(Castle::SecurityError)
46
+ end
47
+ end
48
+
49
+ context '#to_token' do
50
+ it 'returns the same token' do
51
+ Castle::JWT.new(token).to_token.should == token
52
+ end
53
+ end
54
+
55
+ context '#merge' do
56
+ it 'merges payload' do
57
+ jwt = Castle::JWT.new(token)
58
+ jwt.merge!(context: { ip: '8.8.8.8' })
59
+
60
+ merged_token = jwt.to_token
61
+ merged_token.should_not == token
62
+ Castle::JWT.new(merged_token).
63
+ to_json['context']['ip'].should == '8.8.8.8'
64
+ end
65
+ end
66
+
67
+ end
@@ -0,0 +1,18 @@
1
+ require 'spec_helper'
2
+
3
+ describe 'Castle::Challenge' do
4
+ xit 'creates a challenge' do
5
+ VCR.use_cassette('challenge_create') do
6
+ challenge = Castle::Challenge.post(
7
+ "users/dTxR68nzuRXT4wrB2HJ4hanYtcaGSz2y/challenges")
8
+ challenge.channel.token.id.should == 'VVG3qirUxy8mUSkmzy3QpPcuhLN1JY4r'
9
+ end
10
+ end
11
+
12
+ xit 'verifies a challenge' do
13
+ VCR.use_cassette('challenge_verify') do
14
+ challenge = Castle::Challenge.new(id: 'UWwy5FrWf9DTeoTpJz1LpBp4dPkWZ2Ne')
15
+ challenge.verify(response: '000000')
16
+ end
17
+ end
18
+ end
@@ -0,0 +1,14 @@
1
+ require 'spec_helper'
2
+
3
+ describe 'Castle::Session' do
4
+ let(:session_token) { 'eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiIsImlzcyI6InVzZXItMjQxMiIsInN1YiI6IlMyb2R4UmVabkdxaHF4UGFRN1Y3a05rTG9Ya0daUEZ6IiwiYXVkIjoiODAwMDAwMDAwMDAwMDAwIiwiZXhwIjoxMzk5NDc5Njc1LCJpYXQiOjEzOTk0Nzk2NjUsImp0aSI6MH0.eyJjaGFsbGVuZ2UiOnsiaWQiOiJUVENqd3VyM3lwbTRUR1ZwWU43cENzTXFxOW9mWEVBSCIsInR5cGUiOiJvdHBfYXV0aGVudGljYXRvciJ9fQ.LT9mUzJEbsizbFxcpMo3zbms0aCDBzfgMbveMGSi1-s' }
5
+
6
+ xit 'creates a session' do
7
+ VCR.use_cassette('session_create') do
8
+ user_id = 'user-2412'
9
+ session = Castle::Session.post(
10
+ "users/#{user_id}/sessions", user: {email: 'valid@example.com'})
11
+ Castle::JWT.new(session.token).header['iss'].should == user_id
12
+ end
13
+ end
14
+ end
@@ -0,0 +1,31 @@
1
+ require 'spec_helper'
2
+
3
+ describe 'Castle::User' do
4
+ it 'retrieves a user' do
5
+ VCR.use_cassette('user_find') do
6
+ user = Castle::User.find('9RA2j3cYDxt8gefQUduKnxUxRRGy6Rz4')
7
+ user.email.should == 'brissmyr@gmail.com'
8
+ end
9
+ end
10
+
11
+ it 'handles non-existing user' do
12
+ VCR.use_cassette('user_find_non_existing') do
13
+ error = nil
14
+ begin
15
+ user = Castle::User.find('non_existing')
16
+ rescue Castle::Error => e
17
+ error = e
18
+ end
19
+ error.to_s.should match /Not found/
20
+ end
21
+ end
22
+
23
+ it 'updates a user' do
24
+ VCR.use_cassette('user_update') do
25
+ user = Castle::User.new(id: 'AKfwtfrAzdDKp55aty8o14MoudkaS9BL')
26
+ user.email = 'updated@example.com'
27
+ user.created_at = Time.now
28
+ user.save
29
+ end
30
+ end
31
+ end
@@ -0,0 +1,29 @@
1
+ require 'rubygems'
2
+ require 'bundler/setup'
3
+ require 'rack'
4
+ require 'vcr'
5
+ require 'webmock/rspec'
6
+ require 'simplecov'
7
+ require 'coveralls'
8
+
9
+ SimpleCov.formatter = SimpleCov::Formatter::MultiFormatter[
10
+ SimpleCov::Formatter::HTMLFormatter,
11
+ Coveralls::SimpleCov::Formatter
12
+ ]
13
+ SimpleCov.start do
14
+ add_filter 'spec'
15
+ end
16
+
17
+ require 'castle'
18
+
19
+ VCR.configure do |config|
20
+ config.cassette_library_dir = 'spec/fixtures/vcr_cassettes'
21
+ config.hook_into :webmock
22
+ end
23
+
24
+ Castleconfigure do |config|
25
+ config.api_secret = 'secretkey'
26
+ end
27
+
28
+ RSpec.configure do |config|
29
+ end
@@ -0,0 +1,59 @@
1
+ require 'spec_helper'
2
+
3
+ class MemoryStore < Castle::TokenStore
4
+ def initialize
5
+ @value = nil
6
+ end
7
+
8
+ def session_token
9
+ @value['_ubs']
10
+ end
11
+
12
+ def session_token=(value)
13
+ @value['_ubs'] = value
14
+ end
15
+
16
+ def trusted_device_token
17
+ @value['_ubt']
18
+ end
19
+
20
+ def trusted_device_token=(value)
21
+ @value['_ubt'] = value
22
+ end
23
+ end
24
+
25
+ describe 'Castle utils' do
26
+ describe 'ContextHeaders middleware' do
27
+ before do
28
+ Castle::User.use_api(api = Her::API.new)
29
+ @user = api.setup do |c|
30
+ c.use Castle::Request::Middleware::ContextHeaders
31
+ c.use Her::Middleware::FirstLevelParseJSON
32
+ c.adapter :test do |stub|
33
+ stub.post('/users') do |env|
34
+ @env = env
35
+ [200, {}, [].to_json]
36
+ end
37
+ end
38
+ end
39
+ end
40
+
41
+ let(:env) do
42
+ Rack::MockRequest.env_for('/',
43
+ "HTTP_USER_AGENT" => "Mozilla", "REMOTE_ADDR" => "8.8.8.8")
44
+ end
45
+
46
+ it 'handles non-existing context headers' do
47
+ Castle::User.create()
48
+ end
49
+
50
+ it 'sets context headers from env' do
51
+ request = Rack::Request.new(Rack::MockRequest.env_for('/',
52
+ "HTTP_USER_AGENT" => "Mozilla", "REMOTE_ADDR" => "8.8.8.8"))
53
+ Castle::Client.new(request, session_store: MemoryStore.new)
54
+ Castle::User.create()
55
+ @env['request_headers']['X-Castle-Ip'].should == '8.8.8.8'
56
+ @env['request_headers']['X-Castle-User-Agent'].should == 'Mozilla'
57
+ end
58
+ end
59
+ end
metadata ADDED
@@ -0,0 +1,273 @@
1
+ --- !ruby/object:Gem::Specification
2
+ name: castle-rb
3
+ version: !ruby/object:Gem::Version
4
+ version: 1.0.0
5
+ platform: ruby
6
+ authors:
7
+ - Johan
8
+ autorequire:
9
+ bindir: bin
10
+ cert_chain: []
11
+ date: 2015-02-17 00:00:00.000000000 Z
12
+ dependencies:
13
+ - !ruby/object:Gem::Dependency
14
+ name: her
15
+ requirement: !ruby/object:Gem::Requirement
16
+ requirements:
17
+ - - "~>"
18
+ - !ruby/object:Gem::Version
19
+ version: 0.7.2
20
+ type: :runtime
21
+ prerelease: false
22
+ version_requirements: !ruby/object:Gem::Requirement
23
+ requirements:
24
+ - - "~>"
25
+ - !ruby/object:Gem::Version
26
+ version: 0.7.2
27
+ - !ruby/object:Gem::Dependency
28
+ name: faraday_middleware
29
+ requirement: !ruby/object:Gem::Requirement
30
+ requirements:
31
+ - - "~>"
32
+ - !ruby/object:Gem::Version
33
+ version: 0.9.1
34
+ type: :runtime
35
+ prerelease: false
36
+ version_requirements: !ruby/object:Gem::Requirement
37
+ requirements:
38
+ - - "~>"
39
+ - !ruby/object:Gem::Version
40
+ version: 0.9.1
41
+ - !ruby/object:Gem::Dependency
42
+ name: multi_json
43
+ requirement: !ruby/object:Gem::Requirement
44
+ requirements:
45
+ - - "~>"
46
+ - !ruby/object:Gem::Version
47
+ version: '1.0'
48
+ type: :runtime
49
+ prerelease: false
50
+ version_requirements: !ruby/object:Gem::Requirement
51
+ requirements:
52
+ - - "~>"
53
+ - !ruby/object:Gem::Version
54
+ version: '1.0'
55
+ - !ruby/object:Gem::Dependency
56
+ name: jwt
57
+ requirement: !ruby/object:Gem::Requirement
58
+ requirements:
59
+ - - "~>"
60
+ - !ruby/object:Gem::Version
61
+ version: 0.1.13
62
+ type: :runtime
63
+ prerelease: false
64
+ version_requirements: !ruby/object:Gem::Requirement
65
+ requirements:
66
+ - - "~>"
67
+ - !ruby/object:Gem::Version
68
+ version: 0.1.13
69
+ - !ruby/object:Gem::Dependency
70
+ name: request_store
71
+ requirement: !ruby/object:Gem::Requirement
72
+ requirements:
73
+ - - "~>"
74
+ - !ruby/object:Gem::Version
75
+ version: 1.0.5
76
+ type: :runtime
77
+ prerelease: false
78
+ version_requirements: !ruby/object:Gem::Requirement
79
+ requirements:
80
+ - - "~>"
81
+ - !ruby/object:Gem::Version
82
+ version: 1.0.5
83
+ - !ruby/object:Gem::Dependency
84
+ name: activesupport
85
+ requirement: !ruby/object:Gem::Requirement
86
+ requirements:
87
+ - - ">="
88
+ - !ruby/object:Gem::Version
89
+ version: '3'
90
+ type: :runtime
91
+ prerelease: false
92
+ version_requirements: !ruby/object:Gem::Requirement
93
+ requirements:
94
+ - - ">="
95
+ - !ruby/object:Gem::Version
96
+ version: '3'
97
+ - !ruby/object:Gem::Dependency
98
+ name: rspec
99
+ requirement: !ruby/object:Gem::Requirement
100
+ requirements:
101
+ - - ">="
102
+ - !ruby/object:Gem::Version
103
+ version: '0'
104
+ type: :development
105
+ prerelease: false
106
+ version_requirements: !ruby/object:Gem::Requirement
107
+ requirements:
108
+ - - ">="
109
+ - !ruby/object:Gem::Version
110
+ version: '0'
111
+ - !ruby/object:Gem::Dependency
112
+ name: rack
113
+ requirement: !ruby/object:Gem::Requirement
114
+ requirements:
115
+ - - ">="
116
+ - !ruby/object:Gem::Version
117
+ version: '0'
118
+ type: :development
119
+ prerelease: false
120
+ version_requirements: !ruby/object:Gem::Requirement
121
+ requirements:
122
+ - - ">="
123
+ - !ruby/object:Gem::Version
124
+ version: '0'
125
+ - !ruby/object:Gem::Dependency
126
+ name: webmock
127
+ requirement: !ruby/object:Gem::Requirement
128
+ requirements:
129
+ - - ">="
130
+ - !ruby/object:Gem::Version
131
+ version: '0'
132
+ type: :development
133
+ prerelease: false
134
+ version_requirements: !ruby/object:Gem::Requirement
135
+ requirements:
136
+ - - ">="
137
+ - !ruby/object:Gem::Version
138
+ version: '0'
139
+ - !ruby/object:Gem::Dependency
140
+ name: vcr
141
+ requirement: !ruby/object:Gem::Requirement
142
+ requirements:
143
+ - - ">="
144
+ - !ruby/object:Gem::Version
145
+ version: '0'
146
+ type: :development
147
+ prerelease: false
148
+ version_requirements: !ruby/object:Gem::Requirement
149
+ requirements:
150
+ - - ">="
151
+ - !ruby/object:Gem::Version
152
+ version: '0'
153
+ - !ruby/object:Gem::Dependency
154
+ name: timecop
155
+ requirement: !ruby/object:Gem::Requirement
156
+ requirements:
157
+ - - ">="
158
+ - !ruby/object:Gem::Version
159
+ version: '0'
160
+ type: :development
161
+ prerelease: false
162
+ version_requirements: !ruby/object:Gem::Requirement
163
+ requirements:
164
+ - - ">="
165
+ - !ruby/object:Gem::Version
166
+ version: '0'
167
+ - !ruby/object:Gem::Dependency
168
+ name: coveralls
169
+ requirement: !ruby/object:Gem::Requirement
170
+ requirements:
171
+ - - "~>"
172
+ - !ruby/object:Gem::Version
173
+ version: 0.7.2
174
+ type: :development
175
+ prerelease: false
176
+ version_requirements: !ruby/object:Gem::Requirement
177
+ requirements:
178
+ - - "~>"
179
+ - !ruby/object:Gem::Version
180
+ version: 0.7.2
181
+ description: Secure your authentication stack with real-time monitoring, instantly
182
+ notifying you and your users on potential account hijacks
183
+ email: johan@castle.io
184
+ executables: []
185
+ extensions: []
186
+ extra_rdoc_files: []
187
+ files:
188
+ - README.md
189
+ - lib/castle.rb
190
+ - lib/castle/client.rb
191
+ - lib/castle/configuration.rb
192
+ - lib/castle/errors.rb
193
+ - lib/castle/ext/her.rb
194
+ - lib/castle/jwt.rb
195
+ - lib/castle/models/account.rb
196
+ - lib/castle/models/backup_codes.rb
197
+ - lib/castle/models/challenge.rb
198
+ - lib/castle/models/context.rb
199
+ - lib/castle/models/event.rb
200
+ - lib/castle/models/model.rb
201
+ - lib/castle/models/monitoring.rb
202
+ - lib/castle/models/pairing.rb
203
+ - lib/castle/models/recommendation.rb
204
+ - lib/castle/models/session.rb
205
+ - lib/castle/models/trusted_device.rb
206
+ - lib/castle/models/user.rb
207
+ - lib/castle/request.rb
208
+ - lib/castle/session_store.rb
209
+ - lib/castle/session_token.rb
210
+ - lib/castle/support/cookie_store.rb
211
+ - lib/castle/support/padrino.rb
212
+ - lib/castle/support/rails.rb
213
+ - lib/castle/support/sinatra.rb
214
+ - lib/castle/token_store.rb
215
+ - lib/castle/utils.rb
216
+ - lib/castle/version.rb
217
+ - spec/fixtures/vcr_cassettes/challenge_create.yml
218
+ - spec/fixtures/vcr_cassettes/challenge_verify.yml
219
+ - spec/fixtures/vcr_cassettes/session_create.yml
220
+ - spec/fixtures/vcr_cassettes/session_refresh.yml
221
+ - spec/fixtures/vcr_cassettes/session_verify.yml
222
+ - spec/fixtures/vcr_cassettes/user_find.yml
223
+ - spec/fixtures/vcr_cassettes/user_find_non_existing.yml
224
+ - spec/fixtures/vcr_cassettes/user_import.yml
225
+ - spec/fixtures/vcr_cassettes/user_update.yml
226
+ - spec/helpers_spec.rb
227
+ - spec/jwt_spec.rb
228
+ - spec/models/challenge_spec.rb
229
+ - spec/models/session_spec.rb
230
+ - spec/models/user_spec.rb
231
+ - spec/spec_helper.rb
232
+ - spec/utils_spec.rb
233
+ homepage: https://castle.io
234
+ licenses:
235
+ - MIT
236
+ metadata: {}
237
+ post_install_message:
238
+ rdoc_options: []
239
+ require_paths:
240
+ - lib
241
+ required_ruby_version: !ruby/object:Gem::Requirement
242
+ requirements:
243
+ - - ">="
244
+ - !ruby/object:Gem::Version
245
+ version: '0'
246
+ required_rubygems_version: !ruby/object:Gem::Requirement
247
+ requirements:
248
+ - - ">="
249
+ - !ruby/object:Gem::Version
250
+ version: '0'
251
+ requirements: []
252
+ rubyforge_project:
253
+ rubygems_version: 2.4.3
254
+ signing_key:
255
+ specification_version: 4
256
+ summary: Castle
257
+ test_files:
258
+ - spec/fixtures/vcr_cassettes/challenge_create.yml
259
+ - spec/fixtures/vcr_cassettes/challenge_verify.yml
260
+ - spec/fixtures/vcr_cassettes/session_create.yml
261
+ - spec/fixtures/vcr_cassettes/session_refresh.yml
262
+ - spec/fixtures/vcr_cassettes/session_verify.yml
263
+ - spec/fixtures/vcr_cassettes/user_find.yml
264
+ - spec/fixtures/vcr_cassettes/user_find_non_existing.yml
265
+ - spec/fixtures/vcr_cassettes/user_import.yml
266
+ - spec/fixtures/vcr_cassettes/user_update.yml
267
+ - spec/helpers_spec.rb
268
+ - spec/jwt_spec.rb
269
+ - spec/models/challenge_spec.rb
270
+ - spec/models/session_spec.rb
271
+ - spec/models/user_spec.rb
272
+ - spec/spec_helper.rb
273
+ - spec/utils_spec.rb