RubyGems - cf-uaac - Versions diffs - 4.17.0 → 4.19.0 - Mend

cf-uaac 4.17.0 → 4.19.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (8) hide show

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 59c20844fe851fa5ee2b6a2cfaee7841a362044e647a98abe417616549bebee9
-  data.tar.gz: be7dc84aadceee22588768f956c717cdc6073b534366d90b1778deb882bcfb6a
+  metadata.gz: 6f5bcc95b18627430a6f5b9ccadd06ee3b92efddea46ea9ddca029e3eb526670
+  data.tar.gz: 75969649441d6fcbc1cb157d9190f7fae1a85e8f0b647b7bc45b5ae072754b37
 SHA512:
-  metadata.gz: 12a1f968a42a661efe5a9e695ce3ea2914c9f36f17343981594b4336b919d818d5d01d6b77ffe7d5a35eb2b78d3c5cbc21dda516cd6aa5fbfba4f7113a5457c7
-  data.tar.gz: 8fc709d8d477a19969e60b2b550a75987dee6cdd97d4f5c1f0b8e57e826a56ed5ea909e9019c437fedc22336d85d622560179970ca3ca0da2221c72b0327f072
+  metadata.gz: 97c8133e46de3e2f540da53cb703850a0b0e371cafde2212bd4232afbab8515d1ab5fd4ec1f9bc51a241439055c7e7e7f4de751bce201e04bb6d77cf9cc1b1ba
+  data.tar.gz: 127661abd511141faef173f43c65753f0d84849cf2a423e868dc738ea1433b02a0cbd3e81d6cb998fffd34b8cdc33cb0caf3bb85ea59b37dca337c18556ddb92

data/lib/uaa/cli/client_reg.rb CHANGED Viewed

@@ -30,7 +30,8 @@ class ClientCli < CommonCli
       :autoapprove => 'list',
       :allowpublic => 'list',
       :allowedproviders => 'list',
-      :'signup_redirect_url' => 'url'
+      :'signup_redirect_url' => 'url',
+      :required_user_groups => 'list'
   }
   CLIENT_SCHEMA.each { |k, v| define_option(k, "--#{k} <#{v}>") }
@@ -65,8 +66,18 @@ class ClientCli < CommonCli
   desc "client get [id]", "Get specific client registration", :attrs do |id|
     pp(scim_request do |sr|
-      client = scim_get_object(sr, :client, clientid(id), opts[:attrs])
-      add_meta_fields_to_client(sr, client)
+      if opts[:attrs] == nil
+        # return whole object, not search by filter
+        begin
+          client = sr.get(:client, clientid(id))
+        rescue NotFound
+          # to raise same error as scim_get_object
+          raise NotFound
+        end
+      else
+        client = scim_get_object(sr, :client, clientid(id), opts[:attrs])
+      end
+      add_meta_fields_to_client(sr, client, id)
     end)
   end
@@ -153,8 +164,11 @@ class ClientCli < CommonCli
     add_meta_fields_to_client(cr, client)
   end
-  def add_meta_fields_to_client(cr, client)
-    meta = cr.get_client_meta(client['client_id'])
+  def add_meta_fields_to_client(cr, client, id = nil)
+    if id == nil
+      id = client['client_id']
+    end
+    meta = cr.get_client_meta(id)
     client.merge({:created_by => meta['createdby']})
   end
 end

data/lib/uaa/cli/curl.rb CHANGED Viewed

@@ -27,9 +27,10 @@ module CF::UAA
     define_option :data, "-d", "--data <data>", "data included in request body"
     define_option :header, "-H", "--header <header>", "header to be included in the request"
     define_option :insecure, "-k", "--insecure", "makes request without verifying SSL certificates"
+    define_option :cacert, "-C", "--cacert <ca_file>", "CA certificate to verify peer against"
     define_option :bodyonly, "-b", "--bodyonly", "show body only in response"
-    desc "curl [path]", "CURL to a UAA endpoint", :request, :data, :header, :insecure , :bodyonly do |path|
+    desc "curl [path]", "CURL to a UAA endpoint", :request, :data, :header, :insecure , :bodyonly, :cacert do |path|
       return say_command_help(["curl"]) unless path
       uri = parse_uri(path)
@@ -65,6 +66,9 @@ module CF::UAA
         http.use_ssl = true
         if options[:insecure]
           http.verify_mode = OpenSSL::SSL::VERIFY_NONE
+        elsif options[:cacert]
+          http.ca_file = File.expand_path(options[:cacert])
+          http.verify_mode = OpenSSL::SSL::VERIFY_PEER
         end
       end
       request_class = Net::HTTP.const_get("#{options[:request][0]}#{options[:request][1..-1].downcase}")

data/lib/uaa/stub/scim.rb CHANGED Viewed

@@ -27,7 +27,7 @@ class StubScim
   private
-  CREATOR = 'Stalin'
+  CREATOR = 'Freedom'
   # attribute types. Anything not listed is case-ignore string
   HIDDEN_ATTRS = [:rtype, :password, :client_secret].to_set
@@ -66,7 +66,7 @@ class StubScim
       client: [*COMMON_ATTRS, :client_id, :name, :client_secret, :authorities,
         :authorized_grant_types, :scope, :autoapprove,
         :access_token_validity, :refresh_token_validity, :redirect_uri, :allowedproviders,
-        :'signup_redirect_url'].to_set,
+        :'signup_redirect_url', :required_user_groups].to_set,
       group: [*COMMON_ATTRS, :displayname, :members, :writers, :readers, :external_groups].to_set }
   VISIBLE_ATTRS = {user: Set.new(LEGAL_ATTRS[:user] - HIDDEN_ATTRS),
       client: Set.new(LEGAL_ATTRS[:client] - HIDDEN_ATTRS),

data/spec/client_reg_spec.rb CHANGED Viewed

@@ -86,16 +86,27 @@ describe ClientCli do
       Cli.run("client jwt delete #{@test_client} ").should be
     end
+    it "fails to get client" do
+      Cli.run("token client get #{@test_client} -s #{@test_secret}").should be
+      Cli.run("context #{@admin_client}").should be
+      Cli.run("client get #{@test_client}").should be
+      Cli.run("client get #{@test_client} -a id").should be
+      Cli.output.string.should include 'id'
+      Cli.run("client get not-existing").should be_nil
+      Cli.output.string.should include 'NotFound'
+    end
     context 'as updated client' do
       before :all do
         # update the test client as the admin client
         Cli.run("token client get #{@test_client} -s #{@test_secret}").should be
         Cli.run("context #{@admin_client}").should be
-        Cli.run("client update #{@test_client} --authorities scim.write,scim.read").should be
+        Cli.run("client update #{@test_client} --authorities scim.write,scim.read --required_user_groups openid").should be
         Cli.output.string.should include 'created_by'
         Cli.run("client get #{@test_client}").should be
         Cli.output.string.should include 'scim.read', 'scim.write'
+        Cli.output.string.should include 'required_user_groups'
       end
       it 'fails to create a user account with old token' do

data/spec/curl_spec.rb CHANGED Viewed

@@ -37,6 +37,7 @@ module CF::UAA
       Cli.output.string.should include "-d | --data <data>"
       Cli.output.string.should include "-k | --insecure"
       Cli.output.string.should include "-b | --bodyonly"
+      Cli.output.string.should include "-C | --cacert"
     end
     it "hits the URL on the UAA target" do
@@ -108,5 +109,19 @@ module CF::UAA
       Cli.output.string.should_not include "ECONNRESET"
       Cli.output.string.should include "200 OK"
     end
+    it "makes insecure requests without the -k flag" do
+      Cli.run("curl https://example.com/")
+      Cli.output.string.should_not include "ECONNRESET"
+      Cli.output.string.should include "200 OK"
+    end
+    it "makes requests using invalid custom ca cert file with the -C flag" do
+      Cli.run("curl https://example.com/ -C ca.pem")
+      Cli.output.string.should_not include "200 OK"
+      Cli.output.string.should include "SSLError"
+    end
   end
 end

data/version.txt CHANGED Viewed

	@@ -1 +1 @@
1	- 4.17.0
1	+ 4.19.0

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: cf-uaac
 version: !ruby/object:Gem::Version
-  version: 4.17.0
+  version: 4.19.0
 platform: ruby
 authors:
 - Dave Syer
@@ -12,7 +12,7 @@ authors:
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2023-10-19 00:00:00.000000000 Z
+date: 2023-12-04 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: cf-uaa-lib