cf-uaac 4.17.0 → 4.19.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (8) hide show
  1. checksums.yaml +4 -4
  2. data/lib/uaa/cli/client_reg.rb +19 -5
  3. data/lib/uaa/cli/curl.rb +5 -1
  4. data/lib/uaa/stub/scim.rb +2 -2
  5. data/spec/client_reg_spec.rb +12 -1
  6. data/spec/curl_spec.rb +15 -0
  7. data/version.txt +1 -1
  8. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 59c20844fe851fa5ee2b6a2cfaee7841a362044e647a98abe417616549bebee9
4
- data.tar.gz: be7dc84aadceee22588768f956c717cdc6073b534366d90b1778deb882bcfb6a
3
+ metadata.gz: 6f5bcc95b18627430a6f5b9ccadd06ee3b92efddea46ea9ddca029e3eb526670
4
+ data.tar.gz: 75969649441d6fcbc1cb157d9190f7fae1a85e8f0b647b7bc45b5ae072754b37
5
5
  SHA512:
6
- metadata.gz: 12a1f968a42a661efe5a9e695ce3ea2914c9f36f17343981594b4336b919d818d5d01d6b77ffe7d5a35eb2b78d3c5cbc21dda516cd6aa5fbfba4f7113a5457c7
7
- data.tar.gz: 8fc709d8d477a19969e60b2b550a75987dee6cdd97d4f5c1f0b8e57e826a56ed5ea909e9019c437fedc22336d85d622560179970ca3ca0da2221c72b0327f072
6
+ metadata.gz: 97c8133e46de3e2f540da53cb703850a0b0e371cafde2212bd4232afbab8515d1ab5fd4ec1f9bc51a241439055c7e7e7f4de751bce201e04bb6d77cf9cc1b1ba
7
+ data.tar.gz: 127661abd511141faef173f43c65753f0d84849cf2a423e868dc738ea1433b02a0cbd3e81d6cb998fffd34b8cdc33cb0caf3bb85ea59b37dca337c18556ddb92
data/lib/uaa/cli/client_reg.rb CHANGED
@@ -30,7 +30,8 @@ class ClientCli < CommonCli
30
30
  :autoapprove => 'list',
31
31
  :allowpublic => 'list',
32
32
  :allowedproviders => 'list',
33
- :'signup_redirect_url' => 'url'
33
+ :'signup_redirect_url' => 'url',
34
+ :required_user_groups => 'list'
34
35
  }
35
36
  CLIENT_SCHEMA.each { |k, v| define_option(k, "--#{k} <#{v}>") }
36
37
 
@@ -65,8 +66,18 @@ class ClientCli < CommonCli
65
66
 
66
67
  desc "client get [id]", "Get specific client registration", :attrs do |id|
67
68
  pp(scim_request do |sr|
68
- client = scim_get_object(sr, :client, clientid(id), opts[:attrs])
69
- add_meta_fields_to_client(sr, client)
69
+ if opts[:attrs] == nil
70
+ # return whole object, not search by filter
71
+ begin
72
+ client = sr.get(:client, clientid(id))
73
+ rescue NotFound
74
+ # to raise same error as scim_get_object
75
+ raise NotFound
76
+ end
77
+ else
78
+ client = scim_get_object(sr, :client, clientid(id), opts[:attrs])
79
+ end
80
+ add_meta_fields_to_client(sr, client, id)
70
81
  end)
71
82
  end
72
83
 
@@ -153,8 +164,11 @@ class ClientCli < CommonCli
153
164
  add_meta_fields_to_client(cr, client)
154
165
  end
155
166
 
156
- def add_meta_fields_to_client(cr, client)
157
- meta = cr.get_client_meta(client['client_id'])
167
+ def add_meta_fields_to_client(cr, client, id = nil)
168
+ if id == nil
169
+ id = client['client_id']
170
+ end
171
+ meta = cr.get_client_meta(id)
158
172
  client.merge({:created_by => meta['createdby']})
159
173
  end
160
174
  end
data/lib/uaa/cli/curl.rb CHANGED
@@ -27,9 +27,10 @@ module CF::UAA
27
27
  define_option :data, "-d", "--data <data>", "data included in request body"
28
28
  define_option :header, "-H", "--header <header>", "header to be included in the request"
29
29
  define_option :insecure, "-k", "--insecure", "makes request without verifying SSL certificates"
30
+ define_option :cacert, "-C", "--cacert <ca_file>", "CA certificate to verify peer against"
30
31
  define_option :bodyonly, "-b", "--bodyonly", "show body only in response"
31
32
 
32
- desc "curl [path]", "CURL to a UAA endpoint", :request, :data, :header, :insecure , :bodyonly do |path|
33
+ desc "curl [path]", "CURL to a UAA endpoint", :request, :data, :header, :insecure , :bodyonly, :cacert do |path|
33
34
  return say_command_help(["curl"]) unless path
34
35
 
35
36
  uri = parse_uri(path)
@@ -65,6 +66,9 @@ module CF::UAA
65
66
  http.use_ssl = true
66
67
  if options[:insecure]
67
68
  http.verify_mode = OpenSSL::SSL::VERIFY_NONE
69
+ elsif options[:cacert]
70
+ http.ca_file = File.expand_path(options[:cacert])
71
+ http.verify_mode = OpenSSL::SSL::VERIFY_PEER
68
72
  end
69
73
  end
70
74
  request_class = Net::HTTP.const_get("#{options[:request][0]}#{options[:request][1..-1].downcase}")
data/lib/uaa/stub/scim.rb CHANGED
@@ -27,7 +27,7 @@ class StubScim
27
27
 
28
28
  private
29
29
 
30
- CREATOR = 'Stalin'
30
+ CREATOR = 'Freedom'
31
31
 
32
32
  # attribute types. Anything not listed is case-ignore string
33
33
  HIDDEN_ATTRS = [:rtype, :password, :client_secret].to_set
@@ -66,7 +66,7 @@ class StubScim
66
66
  client: [*COMMON_ATTRS, :client_id, :name, :client_secret, :authorities,
67
67
  :authorized_grant_types, :scope, :autoapprove,
68
68
  :access_token_validity, :refresh_token_validity, :redirect_uri, :allowedproviders,
69
- :'signup_redirect_url'].to_set,
69
+ :'signup_redirect_url', :required_user_groups].to_set,
70
70
  group: [*COMMON_ATTRS, :displayname, :members, :writers, :readers, :external_groups].to_set }
71
71
  VISIBLE_ATTRS = {user: Set.new(LEGAL_ATTRS[:user] - HIDDEN_ATTRS),
72
72
  client: Set.new(LEGAL_ATTRS[:client] - HIDDEN_ATTRS),
data/spec/client_reg_spec.rb CHANGED
@@ -86,16 +86,27 @@ describe ClientCli do
86
86
  Cli.run("client jwt delete #{@test_client} ").should be
87
87
  end
88
88
 
89
+ it "fails to get client" do
90
+ Cli.run("token client get #{@test_client} -s #{@test_secret}").should be
91
+ Cli.run("context #{@admin_client}").should be
92
+ Cli.run("client get #{@test_client}").should be
93
+ Cli.run("client get #{@test_client} -a id").should be
94
+ Cli.output.string.should include 'id'
95
+ Cli.run("client get not-existing").should be_nil
96
+ Cli.output.string.should include 'NotFound'
97
+ end
98
+
89
99
  context 'as updated client' do
90
100
 
91
101
  before :all do
92
102
  # update the test client as the admin client
93
103
  Cli.run("token client get #{@test_client} -s #{@test_secret}").should be
94
104
  Cli.run("context #{@admin_client}").should be
95
- Cli.run("client update #{@test_client} --authorities scim.write,scim.read").should be
105
+ Cli.run("client update #{@test_client} --authorities scim.write,scim.read --required_user_groups openid").should be
96
106
  Cli.output.string.should include 'created_by'
97
107
  Cli.run("client get #{@test_client}").should be
98
108
  Cli.output.string.should include 'scim.read', 'scim.write'
109
+ Cli.output.string.should include 'required_user_groups'
99
110
  end
100
111
 
101
112
  it 'fails to create a user account with old token' do
data/spec/curl_spec.rb CHANGED
@@ -37,6 +37,7 @@ module CF::UAA
37
37
  Cli.output.string.should include "-d | --data <data>"
38
38
  Cli.output.string.should include "-k | --insecure"
39
39
  Cli.output.string.should include "-b | --bodyonly"
40
+ Cli.output.string.should include "-C | --cacert"
40
41
  end
41
42
 
42
43
  it "hits the URL on the UAA target" do
@@ -108,5 +109,19 @@ module CF::UAA
108
109
  Cli.output.string.should_not include "ECONNRESET"
109
110
  Cli.output.string.should include "200 OK"
110
111
  end
112
+
113
+ it "makes insecure requests without the -k flag" do
114
+ Cli.run("curl https://example.com/")
115
+
116
+ Cli.output.string.should_not include "ECONNRESET"
117
+ Cli.output.string.should include "200 OK"
118
+ end
119
+
120
+ it "makes requests using invalid custom ca cert file with the -C flag" do
121
+ Cli.run("curl https://example.com/ -C ca.pem")
122
+
123
+ Cli.output.string.should_not include "200 OK"
124
+ Cli.output.string.should include "SSLError"
125
+ end
111
126
  end
112
127
  end
data/version.txt CHANGED
@@ -1 +1 @@
1
- 4.17.0
1
+ 4.19.0
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: cf-uaac
3
3
  version: !ruby/object:Gem::Version
4
- version: 4.17.0
4
+ version: 4.19.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dave Syer
@@ -12,7 +12,7 @@ authors:
12
12
  autorequire:
13
13
  bindir: bin
14
14
  cert_chain: []
15
- date: 2023-10-19 00:00:00.000000000 Z
15
+ date: 2023-12-04 00:00:00.000000000 Z
16
16
  dependencies:
17
17
  - !ruby/object:Gem::Dependency
18
18
  name: cf-uaa-lib