castle-rb 1.0.0

data/spec/jwt_spec.rb

@@ -0,0 +1,67 @@
+require 'spec_helper'
+require 'timecop'
+
+describe 'Castle::JWT' do
+  let(:token) { 'eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiIsImlhdCI6MTM5ODIzOTIwMywiZXhwIjoxMzk4MjQyODAzfQ.eyJ1c2VyX2lkIjoiZUF3djVIdGRiU2s4Yk1OWVpvanNZdW13UXlLcFhxS3IifQ.Apa7EmT5T1sOYz4Af0ERTDzcnUvSalailNJbejZ2ddQ' }
+
+  context 'valid JWT' do
+    it 'returns a payload' do
+      payload = Castle::JWT.new(token).to_json
+      payload['user_id'].should == 'eAwv5HtdbSk8bMNYZojsYumwQyKpXqKr'
+    end
+
+    it 'verifies that JWT has expired' do
+      new_time = Time.utc(2014, 4, 23, 8, 46, 44)
+      Timecop.freeze(new_time) do
+        Castle::JWT.new(token).should be_expired
+      end
+    end
+
+    it 'verifies that JWT has not expired' do
+      new_time = Time.utc(2014, 4, 23, 8, 46, 43)
+      Timecop.freeze(new_time) do
+        Castle::JWT.new(token).should_not be_expired
+      end
+    end
+  end
+
+  context 'invalid JWT' do
+    let(:token) { 'eyJ0eXhtWWNTU3pEUHp6WFF2WmZp26mn7Kkl6UgE' }
+
+    it 'throws error' do
+      expect {
+        payload = Castle::JWT.new(token).to_json
+      }.to raise_error(Castle::SecurityError)
+    end
+  end
+
+  context 'nil JWT' do
+    let(:token) { nil }
+
+    it 'throws error' do
+      token = nil
+      expect {
+        payload = Castle::JWT.new(token).to_json
+      }.to raise_error(Castle::SecurityError)
+    end
+  end
+
+  context '#to_token' do
+    it 'returns the same token' do
+      Castle::JWT.new(token).to_token.should == token
+    end
+  end
+
+  context '#merge' do
+    it 'merges payload' do
+      jwt = Castle::JWT.new(token)
+      jwt.merge!(context: { ip: '8.8.8.8' })
+
+      merged_token = jwt.to_token
+      merged_token.should_not == token
+      Castle::JWT.new(merged_token).
+        to_json['context']['ip'].should == '8.8.8.8'
+    end
+  end
+
+end

data/spec/models/challenge_spec.rb

@@ -0,0 +1,18 @@
+require 'spec_helper'
+
+describe 'Castle::Challenge' do
+  xit 'creates a challenge' do
+    VCR.use_cassette('challenge_create') do
+      challenge = Castle::Challenge.post(
+        "users/dTxR68nzuRXT4wrB2HJ4hanYtcaGSz2y/challenges")
+      challenge.channel.token.id.should == 'VVG3qirUxy8mUSkmzy3QpPcuhLN1JY4r'
+    end
+  end
+
+  xit 'verifies a challenge' do
+    VCR.use_cassette('challenge_verify') do
+      challenge = Castle::Challenge.new(id: 'UWwy5FrWf9DTeoTpJz1LpBp4dPkWZ2Ne')
+      challenge.verify(response: '000000')
+    end
+  end
+end

data/spec/models/session_spec.rb

@@ -0,0 +1,14 @@
+require 'spec_helper'
+
+describe 'Castle::Session' do
+  let(:session_token) { 'eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiIsImlzcyI6InVzZXItMjQxMiIsInN1YiI6IlMyb2R4UmVabkdxaHF4UGFRN1Y3a05rTG9Ya0daUEZ6IiwiYXVkIjoiODAwMDAwMDAwMDAwMDAwIiwiZXhwIjoxMzk5NDc5Njc1LCJpYXQiOjEzOTk0Nzk2NjUsImp0aSI6MH0.eyJjaGFsbGVuZ2UiOnsiaWQiOiJUVENqd3VyM3lwbTRUR1ZwWU43cENzTXFxOW9mWEVBSCIsInR5cGUiOiJvdHBfYXV0aGVudGljYXRvciJ9fQ.LT9mUzJEbsizbFxcpMo3zbms0aCDBzfgMbveMGSi1-s' }
+
+  xit 'creates a session' do
+    VCR.use_cassette('session_create') do
+      user_id = 'user-2412'
+      session = Castle::Session.post(
+        "users/#{user_id}/sessions", user: {email: 'valid@example.com'})
+      Castle::JWT.new(session.token).header['iss'].should == user_id
+    end
+  end
+end

data/spec/models/user_spec.rb

@@ -0,0 +1,31 @@
+require 'spec_helper'
+
+describe 'Castle::User' do
+  it 'retrieves a user' do
+    VCR.use_cassette('user_find') do
+      user = Castle::User.find('9RA2j3cYDxt8gefQUduKnxUxRRGy6Rz4')
+      user.email.should == 'brissmyr@gmail.com'
+    end
+  end
+
+  it 'handles non-existing user' do
+    VCR.use_cassette('user_find_non_existing') do
+      error = nil
+      begin
+        user = Castle::User.find('non_existing')
+      rescue Castle::Error => e
+        error = e
+      end
+      error.to_s.should match /Not found/
+    end
+  end
+
+  it 'updates a user' do
+    VCR.use_cassette('user_update') do
+      user = Castle::User.new(id: 'AKfwtfrAzdDKp55aty8o14MoudkaS9BL')
+      user.email = 'updated@example.com'
+      user.created_at = Time.now
+      user.save
+    end
+  end
+end

data/spec/spec_helper.rb

@@ -0,0 +1,29 @@
+require 'rubygems'
+require 'bundler/setup'
+require 'rack'
+require 'vcr'
+require 'webmock/rspec'
+require 'simplecov'
+require 'coveralls'
+
+SimpleCov.formatter = SimpleCov::Formatter::MultiFormatter[
+  SimpleCov::Formatter::HTMLFormatter,
+  Coveralls::SimpleCov::Formatter
+]
+SimpleCov.start do
+  add_filter 'spec'
+end
+
+require 'castle'
+
+VCR.configure do |config|
+  config.cassette_library_dir = 'spec/fixtures/vcr_cassettes'
+  config.hook_into :webmock
+end
+
+Castleconfigure do |config|
+  config.api_secret = 'secretkey'
+end
+
+RSpec.configure do |config|
+end

data/spec/utils_spec.rb

@@ -0,0 +1,59 @@
+require 'spec_helper'
+
+class MemoryStore < Castle::TokenStore
+  def initialize
+    @value = nil
+  end
+
+  def session_token
+    @value['_ubs']
+  end
+
+  def session_token=(value)
+    @value['_ubs'] = value
+  end
+
+  def trusted_device_token
+    @value['_ubt']
+  end
+
+  def trusted_device_token=(value)
+    @value['_ubt'] = value
+  end
+end
+
+describe 'Castle utils' do
+  describe 'ContextHeaders middleware' do
+    before do
+      Castle::User.use_api(api = Her::API.new)
+      @user = api.setup do |c|
+        c.use Castle::Request::Middleware::ContextHeaders
+        c.use Her::Middleware::FirstLevelParseJSON
+        c.adapter :test do |stub|
+          stub.post('/users') do |env|
+            @env = env
+            [200, {}, [].to_json]
+          end
+        end
+      end
+    end
+
+    let(:env) do
+      Rack::MockRequest.env_for('/',
+        "HTTP_USER_AGENT" => "Mozilla", "REMOTE_ADDR" => "8.8.8.8")
+    end
+
+    it 'handles non-existing context headers' do
+      Castle::User.create()
+    end
+
+    it 'sets context headers from env' do
+      request = Rack::Request.new(Rack::MockRequest.env_for('/',
+        "HTTP_USER_AGENT" => "Mozilla", "REMOTE_ADDR" => "8.8.8.8"))
+      Castle::Client.new(request, session_store: MemoryStore.new)
+      Castle::User.create()
+      @env['request_headers']['X-Castle-Ip'].should == '8.8.8.8'
+      @env['request_headers']['X-Castle-User-Agent'].should == 'Mozilla'
+    end
+  end
+end

metadata

@@ -0,0 +1,273 @@
+--- !ruby/object:Gem::Specification
+name: castle-rb
+version: !ruby/object:Gem::Version
+  version: 1.0.0
+platform: ruby
+authors:
+- Johan
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2015-02-17 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: her
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.7.2
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.7.2
+- !ruby/object:Gem::Dependency
+  name: faraday_middleware
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.9.1
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.9.1
+- !ruby/object:Gem::Dependency
+  name: multi_json
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.0'
+- !ruby/object:Gem::Dependency
+  name: jwt
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.1.13
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.1.13
+- !ruby/object:Gem::Dependency
+  name: request_store
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 1.0.5
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 1.0.5
+- !ruby/object:Gem::Dependency
+  name: activesupport
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '3'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '3'
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rack
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: webmock
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: vcr
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: timecop
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: coveralls
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.7.2
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.7.2
+description: Secure your authentication stack with real-time monitoring, instantly
+  notifying you and your users on potential account hijacks
+email: johan@castle.io
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- README.md
+- lib/castle.rb
+- lib/castle/client.rb
+- lib/castle/configuration.rb
+- lib/castle/errors.rb
+- lib/castle/ext/her.rb
+- lib/castle/jwt.rb
+- lib/castle/models/account.rb
+- lib/castle/models/backup_codes.rb
+- lib/castle/models/challenge.rb
+- lib/castle/models/context.rb
+- lib/castle/models/event.rb
+- lib/castle/models/model.rb
+- lib/castle/models/monitoring.rb
+- lib/castle/models/pairing.rb
+- lib/castle/models/recommendation.rb
+- lib/castle/models/session.rb
+- lib/castle/models/trusted_device.rb
+- lib/castle/models/user.rb
+- lib/castle/request.rb
+- lib/castle/session_store.rb
+- lib/castle/session_token.rb
+- lib/castle/support/cookie_store.rb
+- lib/castle/support/padrino.rb
+- lib/castle/support/rails.rb
+- lib/castle/support/sinatra.rb
+- lib/castle/token_store.rb
+- lib/castle/utils.rb
+- lib/castle/version.rb
+- spec/fixtures/vcr_cassettes/challenge_create.yml
+- spec/fixtures/vcr_cassettes/challenge_verify.yml
+- spec/fixtures/vcr_cassettes/session_create.yml
+- spec/fixtures/vcr_cassettes/session_refresh.yml
+- spec/fixtures/vcr_cassettes/session_verify.yml
+- spec/fixtures/vcr_cassettes/user_find.yml
+- spec/fixtures/vcr_cassettes/user_find_non_existing.yml
+- spec/fixtures/vcr_cassettes/user_import.yml
+- spec/fixtures/vcr_cassettes/user_update.yml
+- spec/helpers_spec.rb
+- spec/jwt_spec.rb
+- spec/models/challenge_spec.rb
+- spec/models/session_spec.rb
+- spec/models/user_spec.rb
+- spec/spec_helper.rb
+- spec/utils_spec.rb
+homepage: https://castle.io
+licenses:
+- MIT
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.4.3
+signing_key: 
+specification_version: 4
+summary: Castle
+test_files:
+- spec/fixtures/vcr_cassettes/challenge_create.yml
+- spec/fixtures/vcr_cassettes/challenge_verify.yml
+- spec/fixtures/vcr_cassettes/session_create.yml
+- spec/fixtures/vcr_cassettes/session_refresh.yml
+- spec/fixtures/vcr_cassettes/session_verify.yml
+- spec/fixtures/vcr_cassettes/user_find.yml
+- spec/fixtures/vcr_cassettes/user_find_non_existing.yml
+- spec/fixtures/vcr_cassettes/user_import.yml
+- spec/fixtures/vcr_cassettes/user_update.yml
+- spec/helpers_spec.rb
+- spec/jwt_spec.rb
+- spec/models/challenge_spec.rb
+- spec/models/session_spec.rb
+- spec/models/user_spec.rb
+- spec/spec_helper.rb
+- spec/utils_spec.rb