client_authenticator 1.0.2 → 1.0.3

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 538d337270dbb6eeb08602ec7ffc64e0d90a833b
-  data.tar.gz: 1db4f00a00a933ae46009be19b4e97a16a9ee653
+  metadata.gz: 647a3876c77adf4fb5a788b3013688241a32359d
+  data.tar.gz: 47bb9d1587594e05fc012442726f99318fb0e5f1
 SHA512:
-  metadata.gz: 6d84563b688750675673911e4613a5f95705b37eaf12cd65b804c7f1ddfb546a9990db55ec858bee3b4a4540ebe952b5901e6fc3329effea20e10fc5c76a809b
-  data.tar.gz: 69027ca6009c7643f51c6fff22e9978e4f37c47a9807a10de38222739707f4bac314bc79425d2b8efc26cdf8dd8db6b2e36dd623ebe0cd3a2b72c1dc88750f1c
+  metadata.gz: 9dcc583fb26cefde33fb22e3a91cc9b3c64503e0c0dcc0d149399701000e9e6ff1b1f2a353859c0799bbc8166713918f29c9f560cce3e400acf75fc48cdfb509
+  data.tar.gz: 3110c39b5eae6bd26bc52860a887b33ca56b232a1f49f4d437ab79ea2a7c2ca9fc23a044f9a0902fc918d39562114d398a9ad08d2bfee70506671bdaa48b7b8f

data/lib/client_authenticator/api_authenticable.rb

@@ -5,8 +5,8 @@ module ClientAuthenticator
     extend ActiveSupport::Concern
 
     def authenticate_client!
-      client_id = request.headers['client-id']
-      pass_key = request.headers['pass-key']
+      client_id = request.headers[ClientAuthenticator.configuration.client_id_header]
+      pass_key = request.headers[ClientAuthenticator.configuration.pass_key_header]
       if client_id.nil? || pass_key.nil? || unauthorized?(client_id, pass_key)
         render json: {'error' => 'unauthorized'}, status: :unauthorized
       end

data/lib/client_authenticator/configuration.rb

@@ -6,9 +6,12 @@ module ClientAuthenticator
       @client_id_field = 'client_id'
       @password_field = 'pass_key'
       @cache_expiry_duration = 12.hours
+      @client_id_header = 'client-id'
+      @pass_key_header = 'pass-key'
     end
 
-    attr_accessor :table_name, :client_id_field, :password_field, :cache_expiry_duration
+    attr_accessor :table_name, :client_id_field, :password_field,
+      :cache_expiry_duration, :client_id_header, :pass_key_header
   end
 
   def self.configuration
@@ -18,4 +21,8 @@ module ClientAuthenticator
   def self.configure
     yield(configuration)
   end
+
+  def self.reset
+    @config = Configuration.new
+  end
 end

data/lib/client_authenticator/test_helpers.rb

@@ -3,13 +3,13 @@ require 'client_authenticator'
 module ClientAuthenticator
   module TestHelpers
     def stub_valid_client_credentials
-      expect(ClientAuthenticator::ApiClient).to receive(:authenticate_client!).with('client_id', 'valid_pass_key').and_return(true)
+      expect(ClientAuthenticator::ApiClient).to receive(:authenticated?).with('client_id', 'valid_pass_key').and_return(true)
       @request.headers['client-id'] = 'client_id'
       @request.headers['pass-key'] = 'valid_pass_key'
     end
 
     def stub_invalid_client_credentials
-      expect(ClientAuthenticator::ApiClient).to receive(:authenticate_client!).with('client_id', 'invalid_pass_key').and_return(false)
+      expect(ClientAuthenticator::ApiClient).to receive(:authenticated?).with('client_id', 'invalid_pass_key').and_return(false)
       @request.headers['client-id'] = 'client_id'
       @request.headers['pass-key'] = 'invalid_pass_key'
     end

data/lib/client_authenticator/version.rb

@@ -1,3 +1,3 @@
 module ClientAuthenticator
-  VERSION = "1.0.2"
+  VERSION = "1.0.3"
 end

data/spec/client_authenticator_spec.rb

@@ -18,25 +18,25 @@ RSpec.describe ClientAuthenticator do
     end
   end
 
-  context 'client authentication' do
-    let!(:client_id) { 'clientid' }
-    let!(:pass_key) { 'pass_key' }
-    let(:header) { {'client-id': client_id, 'pass-key': pass_key}.with_indifferent_access }
-    let(:request) { Request.new(header) }
-    let(:auth) { auth = Authorizer.new
-                 auth.request = request
-                 auth
-    }
-    let(:cache) { double('cache') }
+  let!(:client_id) { 'clientid' }
+  let!(:pass_key) { 'pass_key' }
+  let(:header) { {'client-id': client_id, 'pass-key': pass_key}.with_indifferent_access }
+  let(:request) { Request.new(header) }
+  let(:auth) { auth = Authorizer.new
+                auth.request = request
+                auth
+  }
+  let(:cache) { double('cache') }
 
+  context 'client authentication with default headers' do
 
     context 'when client id and pass key is sent' do
-    before(:each) do
-      expect(Rails).to receive(:cache) { cache }
-      expect(cache).to receive(:fetch).with("#{client_id}_#{pass_key}", { expires_in: 12.hours}) do |&block|
-        block.call
+      before(:each) do
+        expect(Rails).to receive(:cache) { cache }
+        expect(cache).to receive(:fetch).with("#{client_id}_#{pass_key}", { expires_in: 12.hours}) do |&block|
+          block.call
+        end
       end
-    end
 
       it 'when authorised, should not render 401' do
         expect(ClientAuthenticator::ApiClient).to receive(:authenticated?).with(client_id, pass_key).and_return(true)
@@ -63,7 +63,7 @@ RSpec.describe ClientAuthenticator do
       end
     end
 
-    context 'when client id is not passed' do
+    context 'when pass key is not passed' do
       let(:pass_key) { nil }
       it 'should render 401' do
         expect(ClientAuthenticator::ApiClient).not_to receive(:authenticated?)
@@ -72,4 +72,179 @@ RSpec.describe ClientAuthenticator do
     end
 
   end
+
+  context 'client authentication with custom headers' do
+    context 'set custom header for client id' do
+      let(:header) { {'cid': client_id, 'pass-key': pass_key}.with_indifferent_access }
+      let(:request) { Request.new(header) }
+      let(:auth) { auth = Authorizer.new
+                    auth.request = request
+                    auth
+      }
+
+      before(:each) do
+        ClientAuthenticator.reset()
+        ClientAuthenticator.configure do |config|
+          config.client_id_header = 'cid'
+        end
+      end
+
+      context 'when client id and pass key is sent' do
+        before(:each) do
+          expect(Rails).to receive(:cache) { cache }
+          expect(cache).to receive(:fetch).with("#{client_id}_#{pass_key}", { expires_in: 12.hours}) do |&block|
+            block.call
+          end
+        end
+
+        it 'when authorised, should not render 401' do
+          expect(ClientAuthenticator::ApiClient).to receive(:authenticated?).with(client_id, pass_key).and_return(true)
+          expect(auth).not_to receive(:render)
+
+          auth.authenticate_client!
+        end
+
+        it 'when no authenticate fails' do
+          expected_opts = {:json=>{"error"=>"unauthorized"}, :status=>:unauthorized}
+          expect(ClientAuthenticator::ApiClient).to receive(:authenticated?).with(client_id, pass_key).and_return(false)
+          expect(auth).to receive(:render).with(expected_opts)
+
+          auth.authenticate_client!
+        end
+      end
+
+      context 'when client id is not passed' do
+        let(:client_id) { nil }
+        it 'should render 401' do
+          expect(ClientAuthenticator::ApiClient).not_to receive(:authenticated?)
+          auth.authenticate_client!
+        end
+      end
+
+      context 'when pass key is not passed' do
+        let(:pass_key) { nil }
+        it 'should render 401' do
+          expect(ClientAuthenticator::ApiClient).not_to receive(:authenticated?)
+          auth.authenticate_client!
+        end
+      end
+
+    end
+
+    context 'set custom header for pass key' do
+      let(:header) { {'client-id': client_id, 'pk': pass_key}.with_indifferent_access }
+      let(:request) { Request.new(header) }
+      let(:auth) { auth = Authorizer.new
+                    auth.request = request
+                    auth
+      }
+
+      before(:each) do
+        ClientAuthenticator.reset()
+        ClientAuthenticator.configure do |config|
+          config.pass_key_header = 'pk'
+        end
+      end
+
+      context 'when client id and pass key is sent' do
+        before(:each) do
+          expect(Rails).to receive(:cache) { cache }
+          expect(cache).to receive(:fetch).with("#{client_id}_#{pass_key}", { expires_in: 12.hours}) do |&block|
+            block.call
+          end
+        end
+
+        it 'when authorised, should not render 401' do
+          expect(ClientAuthenticator::ApiClient).to receive(:authenticated?).with(client_id, pass_key).and_return(true)
+          expect(auth).not_to receive(:render)
+
+          auth.authenticate_client!
+        end
+
+        it 'when no authenticate fails' do
+          expected_opts = {:json=>{"error"=>"unauthorized"}, :status=>:unauthorized}
+          expect(ClientAuthenticator::ApiClient).to receive(:authenticated?).with(client_id, pass_key).and_return(false)
+          expect(auth).to receive(:render).with(expected_opts)
+
+          auth.authenticate_client!
+        end
+      end
+
+      context 'when client id is not passed' do
+        let(:client_id) { nil }
+        it 'should render 401' do
+          expect(ClientAuthenticator::ApiClient).not_to receive(:authenticated?)
+          auth.authenticate_client!
+        end
+      end
+
+      context 'when pass key is not passed' do
+        let(:pass_key) { nil }
+        it 'should render 401' do
+          expect(ClientAuthenticator::ApiClient).not_to receive(:authenticated?)
+          auth.authenticate_client!
+        end
+      end
+
+    end
+
+    context 'set custom header for client id and pass key' do
+      let(:header) { {'cid': client_id, 'pk': pass_key}.with_indifferent_access }
+      let(:request) { Request.new(header) }
+      let(:auth) { auth = Authorizer.new
+                    auth.request = request
+                    auth
+      }
+
+      before(:each) do
+        ClientAuthenticator.reset()
+        ClientAuthenticator.configure do |config|
+          config.client_id_header = 'cid'
+          config.pass_key_header = 'pk'
+        end
+      end
+
+      context 'when client id and pass key is sent' do
+        before(:each) do
+          expect(Rails).to receive(:cache) { cache }
+          expect(cache).to receive(:fetch).with("#{client_id}_#{pass_key}", { expires_in: 12.hours}) do |&block|
+            block.call
+          end
+        end
+
+        it 'when authorised, should not render 401' do
+          expect(ClientAuthenticator::ApiClient).to receive(:authenticated?).with(client_id, pass_key).and_return(true)
+          expect(auth).not_to receive(:render)
+
+          auth.authenticate_client!
+        end
+
+        it 'when no authenticate fails' do
+          expected_opts = {:json=>{"error"=>"unauthorized"}, :status=>:unauthorized}
+          expect(ClientAuthenticator::ApiClient).to receive(:authenticated?).with(client_id, pass_key).and_return(false)
+          expect(auth).to receive(:render).with(expected_opts)
+
+          auth.authenticate_client!
+        end
+      end
+
+      context 'when client id is not passed' do
+        let(:client_id) { nil }
+        it 'should render 401' do
+          expect(ClientAuthenticator::ApiClient).not_to receive(:authenticated?)
+          auth.authenticate_client!
+        end
+      end
+
+      context 'when pass key is not passed' do
+        let(:pass_key) { nil }
+        it 'should render 401' do
+          expect(ClientAuthenticator::ApiClient).not_to receive(:authenticated?)
+          auth.authenticate_client!
+        end
+      end
+
+    end
+
+  end
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: client_authenticator
 version: !ruby/object:Gem::Version
-  version: 1.0.2
+  version: 1.0.3
 platform: ruby
 authors:
 - manoharakshetty
@@ -9,7 +9,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2017-04-14 00:00:00.000000000 Z
+date: 2017-05-04 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler