cf-uaac 1.3.0

data/spec/info_spec.rb

@@ -0,0 +1,74 @@
+#--
+# Cloud Foundry 2012.02.03 Beta
+# Copyright (c) [2009-2012] VMware, Inc. All Rights Reserved.
+#
+# This product is licensed to you under the Apache License, Version 2.0 (the "License").
+# You may not use this product except in compliance with the License.
+#
+# This product includes a number of subcomponents with
+# separate copyright notices and license terms. Your use of these
+# subcomponents is subject to the terms and conditions of the
+# subcomponent's license, as noted in the LICENSE file.
+#++
+
+require 'spec_helper'
+require 'cli'
+require 'stub/uaa'
+
+module CF::UAA
+
+describe InfoCli do
+
+  include SpecHelper
+
+  before :all do
+    #Util.default_logger(:trace)
+    Cli.configure("", nil, StringIO.new, true)
+    if ENV["UAA_CLIENT_TARGET"]
+      @target, @stub_uaa = ENV["UAA_CLIENT_TARGET"], nil
+      @varz_secret = ENV['UAA_VARZ_SECRET']
+    else
+      @stub_uaa = StubUAA.new.run_on_thread
+      @target, @varz_secret = @stub_uaa.url, "varzsecret"
+    end
+    Cli.run("target #{@target}").should be
+    Cli.output.string.should include URI.parse(@target).host
+  end
+
+  after :all do @stub_uaa.stop if @stub_uaa end
+
+  it "gets server info" do
+    Cli.run("info").should be
+    Cli.output.string.should match /\d.\d.\d/
+    Cli.output.string.should include "prompts", "commit_id"
+  end
+
+  it "gets prompts" do
+    Cli.run("prompts").should be
+    Cli.output.string.should include "username", "password"
+  end
+
+  it "checks password strength" do
+    Cli.run("password strength PaSsW0rd").should be
+    Cli.output.string.should include "score", "requiredScore"
+  end
+
+  it "gets the server stats" do
+    pending "no UAA_VARZ_SECRET environment variable set" unless @varz_secret
+    Cli.run("stats -c varz -s #{@varz_secret}").should be
+    Cli.output.string.should include 'type: UAA', 'mem:', 'version:'
+  end
+
+  it "sets multiple targets to be fully qualified in config and targets output" do
+    Config.load("")
+    Cli.run("target example.com --force")
+    Cli.run("target example2.com --force")
+    uri = URI.parse(@target)
+    Cli.run("target #{uri.host}:#{uri.port}#{uri.path}")
+    Cli.run("targets").should be
+    Config.yaml.should include "https://example.com", "https://example2.com", @target
+    Cli.output.string.should include "https://example.com", "https://example2.com", @target
+  end
+
+end
+end

data/spec/spec_helper.rb

@@ -0,0 +1,87 @@
+#--
+# Cloud Foundry 2012.02.03 Beta
+# Copyright (c) [2009-2012] VMware, Inc. All Rights Reserved.
+#
+# This product is licensed to you under the Apache License, Version 2.0 (the "License").
+# You may not use this product except in compliance with the License.
+#
+# This product includes a number of subcomponents with
+# separate copyright notices and license terms. Your use of these
+# subcomponents is subject to the terms and conditions of the
+# subcomponent's license, as noted in the LICENSE file.
+#++
+
+if ENV['COVERAGE']
+  require "simplecov"
+  if ENV['COVERAGE'] =~ /rcov/
+    require "simplecov-rcov"
+    SimpleCov.formatter = SimpleCov::Formatter::RcovFormatter
+  end
+  SimpleCov.add_filter "^#{File.dirname(__FILE__)}" if ENV['COVERAGE'] =~ /exclude-spec/
+  SimpleCov.add_filter "^#{File.expand_path(File.join(__FILE__, "..", "..", "vendor"))}" if ENV['COVERAGE'] =~ /exclude-vendor/
+  SimpleCov.start
+end
+
+require 'rspec'
+require 'eventmachine'
+require 'stub/uaa'
+
+module CF::UAA
+
+module SpecHelper
+
+  def capture_exception
+    yield
+  rescue Exception => e
+    e
+  end
+
+  # Runs given block on a thread or fiber and returns result.
+  # If eventmachine is running on another thread, the fiber
+  # must be on the same thread, hence EM.schedule and the
+  # restriction that the given block cannot include rspec matchers.
+  def frequest(on_fiber, &blk)
+    return capture_exception(&blk) unless on_fiber
+    result = nil
+    cthred = Thread.current
+    EM.schedule { Fiber.new { result = capture_exception(&blk); cthred.run }.resume }
+    Thread.stop
+    result
+  end
+
+  def setup_target(opts = {})
+    opts = { authorities: "clients.read,scim.read,scim.write,uaa.resource",
+      grant_types: "client_credentials,password", 
+      scope: "openid,password.write"}.update(opts)
+    @admin_client = ENV["UAA_CLIENT_ID"] || "admin"
+    @admin_secret = ENV["UAA_CLIENT_SECRET"] || "adminsecret"
+    if ENV["UAA_CLIENT_TARGET"]
+      @target, @stub_uaa = ENV["UAA_CLIENT_TARGET"], nil
+    else
+      @stub_uaa = StubUAA.new(@admin_client, @admin_secret).run_on_thread
+      @target = @stub_uaa.url
+    end
+    Cli.run("target #{@target}").should be
+    Cli.run("token client get #{@admin_client} -s #{@admin_secret}")
+    Config.yaml.should include("access_token")
+    test_client = "test_client_#{Time.now.to_i}"
+    @test_secret = "+=tEsTsEcRet~!@"
+    Cli.run("client add #{test_client} -s #{@test_secret} " +
+        "--authorities #{opts[:authorities]} --scope #{opts[:scope]} " + 
+        "--authorized_grant_types #{opts[:grant_types]}").should be
+    opts.each { |k, a| Util.arglist(a).each {|v| Cli.output.string.should include(v) }}
+    @test_client = test_client
+  end
+
+  def cleanup_target
+    Cli.run("context #{@admin_client}")
+    if @test_client && !@test_client.empty?
+      Cli.run("client delete #{@test_client}").should be
+      Cli.output.string.should include("deleted")
+    end
+    @stub_uaa.stop if @stub_uaa
+  end
+end
+
+end
+

data/spec/token_spec.rb

@@ -0,0 +1,119 @@
+#--
+# Cloud Foundry 2012.02.03 Beta
+# Copyright (c) [2009-2012] VMware, Inc. All Rights Reserved.
+#
+# This product is licensed to you under the Apache License, Version 2.0 (the "License").
+# You may not use this product except in compliance with the License.
+#
+# This product includes a number of subcomponents with
+# separate copyright notices and license terms. Your use of these
+# subcomponents is subject to the terms and conditions of the
+# subcomponent's license, as noted in the LICENSE file.
+#++
+
+require 'spec_helper'
+require 'cli'
+
+module CF::UAA
+
+describe TokenCli do
+
+  include SpecHelper
+
+  before :all do
+    #Util.default_logger(:trace)
+    Cli.configure("", nil, StringIO.new, true)
+    setup_target(authorities: "clients.read,scim.read,scim.write,uaa.resource")
+    Cli.run("token client get #{@test_client} -s #{@test_secret}").should be
+    Config.yaml.should include("access_token")
+    @test_pwd = "TesTpwd$%^"
+    @test_user = "tEst_UseR+-#{Time.now.to_i}"
+    Cli.run("user add #{@test_user} -p #{@test_pwd} " + 
+        "--emails sam@example.com,joNES@sample.com --given_name SamueL " +
+        "--phones 801-555-1212 --family_name jonES").should be
+  end
+
+  after :all do cleanup_target end
+
+  it "gets the server signing key" do
+    Cli.run("signing key -c #{@test_client} -s #{@test_secret}").should be
+    Cli.output.string.should include 'alg:', 'value:'
+  end
+
+  it "logs in with implicit grant & posted credentials as a user" do
+    Cli.run("token get #{@test_user} #{@test_pwd}").should be
+    Cli.output.string.should include("Successfully fetched token")
+  end
+
+  it "decodes the token" do
+    Cli.run("token decode").should be
+    ["user_name", "exp", "aud", "scope", "client_id", "email", "user_id"].each do |a|
+      Cli.output.string.should include(a)
+    end
+    Cli.output.string.should include("email: sam@example.com")
+    #Cli.output.string.should include("user_name: #{@test_user}")
+  end
+
+  it "gets authenticated user information" do
+    Cli.run("me").should be
+    Cli.output.string.should include(@test_user)
+  end
+
+  it "updates the user" do
+    Cli.run "context #{@test_client}"
+    Cli.run("user update #{@test_user} --emails #{@test_user}+1@example.com --phones 123-456-7890").should be
+    Cli.run("user get #{@test_user}").should be
+    Cli.output.string.should include(@test_user, "#{@test_user}+1@example.com", "123-456-7890")
+  end
+
+  it "gets updated information in the token" do
+    Cli.run("token get #{@test_user} #{@test_pwd}").should be
+    Cli.output.string.should include("Successfully fetched token")
+    Cli.run("token decode").should be
+    Cli.output.string.should include("email: #{@test_user}+1@example.com")
+  end
+
+  it "gets ids for a username" do
+    Cli.run("user ids #{@test_user.downcase}").should be
+    Cli.output.string.should include(@test_user, "id")
+  end
+
+  it "has multiple distinct authentication contexts" do
+    Cli.run("contexts").should be
+    Cli.output.string.should include "[admin]", "[#{@test_client}]", "[#{@test_user.downcase}]"
+  end
+
+  it "removes the user context" do
+    Cli.run("token delete #{@test_user}").should be
+    Cli.run "contexts"
+    Cli.output.string.should include "[admin]", "[#{@test_client}]"
+    Cli.output.string.should_not include "#{@test_user}"
+  end
+
+  it "logs in with owner password grant" do
+    Cli.run("token owner get #{@test_client} -s #{@test_secret} #{@test_user} -p #{@test_pwd}" ).should be
+    Cli.output.string.should include "Successfully fetched token"
+  end
+
+  it "decodes the owner token" do
+    Cli.run("token decode").should be
+    ["user_name", "exp", "aud", "scope", "client_id", "email", "user_id", "openid", "password.write"].each do |a|
+      Cli.output.string.should include a
+    end
+  end
+
+  it "uses the token endpoint given by the login server" do
+    pending "only saml login server returns token endpoint" if ENV["UAA_CLIENT_TARGET"]
+    @stub_uaa.info[:token_endpoint] = te = "#{@stub_uaa.url}/alternate"
+    Cli.run("target #{@target} --config")
+    Cli.run("token client get #{@test_client} -s #{@test_secret}").should be
+    Config.yaml.should include("access_token", "token_endpoint", te)
+    @stub_uaa.info[:token_endpoint].should be_nil
+    Cli.configure("", nil, StringIO.new) # clean up
+    Cli.run("target #{@target}").should be
+    Cli.run("token client get #{@admin_client} -s #{@admin_secret}").should be
+  end
+
+end
+
+end

data/spec/user_spec.rb

@@ -0,0 +1,61 @@
+#--
+# Cloud Foundry 2012.02.03 Beta
+# Copyright (c) [2009-2012] VMware, Inc. All Rights Reserved.
+#
+# This product is licensed to you under the Apache License, Version 2.0 (the "License").
+# You may not use this product except in compliance with the License.
+#
+# This product includes a number of subcomponents with
+# separate copyright notices and license terms. Your use of these
+# subcomponents is subject to the terms and conditions of the
+# subcomponent's license, as noted in the LICENSE file.
+#++
+
+require 'spec_helper'
+require 'cli'
+
+module CF::UAA
+
+describe UserCli do
+
+  include SpecHelper
+
+  before :all do
+    #Util.default_logger(:trace)
+    Cli.configure("", nil, StringIO.new, true)
+    setup_target(authorities: "clients.read,scim.read,scim.write")
+    Cli.run("token client get #{@test_client} -s #{@test_secret}").should be
+    Config.yaml.should include("access_token")
+    @test_pwd = "TesTpwd$%^"
+    @test_user = "tEst_UseR_#{Time.now.to_i}"
+    Cli.run("user add #{@test_user} -p #{@test_pwd} " + 
+        "--emails sam@example.com,joNES@sample.com --given_name SamueL " +
+        "--phones 801-555-1212 --family_name jonES").should be
+  end
+
+  after :all do cleanup_target end
+
+  it "creates a user" do
+    Cli.output.string.should include "success"
+  end
+
+  it "fails to change a user's password with the wrong old pwd" do
+    Cli.run("password change -p newpwd --old_password not-the-password").should be_nil
+  end
+
+  it "changes a user's password" do
+    Cli.run("token get #{@test_user} #{@test_pwd}").should be
+    Cli.run("password change -p newpwd --old_password #{@test_pwd}").should be
+    Cli.run("token get #{@test_user} newpwd").should be
+    Cli.output.string.should include "Successfully fetched token"
+  end
+
+  it "preserves case in names" do
+    Cli.run("context #{@test_client}")
+    Cli.run("user get #{@test_user.upcase}").should be
+    Cli.output.string.should =~ /#{@test_user}/
+  end
+
+end
+
+end

metadata

@@ -0,0 +1,292 @@
+--- !ruby/object:Gem::Specification
+name: cf-uaac
+version: !ruby/object:Gem::Version
+  version: 1.3.0
+  prerelease: 
+platform: ruby
+authors:
+- Dave Syer
+- Dale Olds
+- Joel D'sa
+- Vidya Valmikinathan
+- Luke Taylor
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2012-12-05 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: simplecov
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: simplecov-rcov
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: ci_reporter
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: highline
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: cf-uaa-lib
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: 1.3.0
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: 1.3.0
+- !ruby/object:Gem::Dependency
+  name: multi_json
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: eventmachine
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: launchy
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: em-http-request
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: 1.0.0.beta.3
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: 1.0.0.beta.3
+description: Client command line tools for interacting with the CloudFoundry User
+  Account and Authorization (UAA) server.  The UAA is an OAuth2 Authorization Server
+  so it can be used by webapps and command line apps to obtain access tokens to act
+  on behalf of users.  The tokens can then be used to access protected resources in
+  a Resource Server.  This library can be used by clients (as a convenient wrapper
+  for mainstream oauth gems) or by resource servers.
+email:
+- dsyer@vmware.com
+- olds@vmware.com
+- jdsa@vmware.com
+- vidya@vmware.com
+- ltaylor@vmware.com
+executables:
+- completion-helper
+- uaac
+- uaac-completion.sh
+- uaas
+extensions: []
+extra_rdoc_files: []
+files:
+- .gitignore
+- Gemfile
+- README.md
+- Rakefile
+- bin/completion-helper
+- bin/uaac
+- bin/uaac-completion.sh
+- bin/uaas
+- cf-uaac.gemspec
+- lib/cli.rb
+- lib/cli/base.rb
+- lib/cli/client_reg.rb
+- lib/cli/common.rb
+- lib/cli/config.rb
+- lib/cli/favicon.ico
+- lib/cli/group.rb
+- lib/cli/info.rb
+- lib/cli/runner.rb
+- lib/cli/token.rb
+- lib/cli/user.rb
+- lib/cli/version.rb
+- lib/stub/scim.rb
+- lib/stub/server.rb
+- lib/stub/uaa.rb
+- spec/client_reg_spec.rb
+- spec/common_spec.rb
+- spec/group_spec.rb
+- spec/http_spec.rb
+- spec/info_spec.rb
+- spec/spec_helper.rb
+- spec/token_spec.rb
+- spec/user_spec.rb
+homepage: https://github.com/cloudfoundry/cf-uaac
+licenses: []
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+      segments:
+      - 0
+      hash: -3878497912978208519
+required_rubygems_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+      segments:
+      - 0
+      hash: -3878497912978208519
+requirements: []
+rubyforge_project: cf-uaac
+rubygems_version: 1.8.21
+signing_key: 
+specification_version: 3
+summary: Command line interface for CloudFoundry UAA
+test_files: []