dce_lti 0.4.0 → 0.5.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +103 -3
- data/db/migrate/20150206152909_add_sessions_table.rb +12 -0
- data/lib/dce_lti/controller_methods.rb +5 -0
- data/lib/dce_lti/engine.rb +16 -2
- data/lib/dce_lti/middleware/cookie_shim.rb +36 -0
- data/lib/dce_lti/middleware/cookieless_sessions.rb +79 -0
- data/lib/dce_lti/redirect_to_helper.rb +25 -0
- data/lib/dce_lti/version.rb +1 -1
- data/lib/dce_lti.rb +3 -0
- data/lib/tasks/dce_lti_tasks.rake +7 -0
- data/spec/dummy/config/initializers/dce_lti_config.rb +15 -1
- data/spec/dummy/log/development.log +66 -0
- data/spec/dummy/log/test.log +10190 -0
- data/spec/middleware/dce_lti/cookie_shim_spec.rb +58 -0
- data/spec/middleware/dce_lti/cookieless_sessions_spec.rb +71 -0
- data/spec/support/dce_lti/middleware_helpers.rb +7 -0
- metadata +41 -3
@@ -0,0 +1,58 @@
|
|
1
|
+
module DceLti
|
2
|
+
module Middleware
|
3
|
+
describe CookieShim do
|
4
|
+
include MiddlewareHelpers
|
5
|
+
|
6
|
+
context 'without a cookie' do
|
7
|
+
it 'shims the session into the cookie if there is a session' do
|
8
|
+
app_double = double('App stand-in')
|
9
|
+
allow(app_double).to receive(:call)
|
10
|
+
env = {
|
11
|
+
'QUERY_STRING' => %Q|#{session_key_name}=1000|,
|
12
|
+
}
|
13
|
+
|
14
|
+
middleware = described_class.new(app_double)
|
15
|
+
middleware.call(env)
|
16
|
+
|
17
|
+
expect(app_double).to have_received(:call).with(
|
18
|
+
hash_including('HTTP_COOKIE' => %Q|#{session_key_name}=1000;shimmed_cookie=1|)
|
19
|
+
)
|
20
|
+
end
|
21
|
+
|
22
|
+
it 'does not shim in the cookie if the session is not there' do
|
23
|
+
app_double = double('App stand-in')
|
24
|
+
allow(app_double).to receive(:call)
|
25
|
+
env = {
|
26
|
+
'QUERY_STRING' => ''
|
27
|
+
}
|
28
|
+
middleware = described_class.new(app_double)
|
29
|
+
middleware.call(env)
|
30
|
+
|
31
|
+
expect(app_double).to have_received(:call).with(
|
32
|
+
hash_not_including('HTTP_COOKIE')
|
33
|
+
)
|
34
|
+
end
|
35
|
+
end
|
36
|
+
|
37
|
+
context 'with a cookie' do
|
38
|
+
it 'leaves the cookie untouched' do
|
39
|
+
app_double = double('App stand-in')
|
40
|
+
allow(app_double).to receive(:call)
|
41
|
+
env = {
|
42
|
+
'QUERY_STRING' => 'query_string=100',
|
43
|
+
'HTTP_COOKIE' => 'cookie=beep'
|
44
|
+
}
|
45
|
+
middleware = described_class.new(app_double)
|
46
|
+
middleware.call(env)
|
47
|
+
|
48
|
+
expect(app_double).to have_received(:call).with(
|
49
|
+
hash_including(
|
50
|
+
'HTTP_COOKIE' => 'cookie=beep',
|
51
|
+
'QUERY_STRING' => 'query_string=100'
|
52
|
+
)
|
53
|
+
)
|
54
|
+
end
|
55
|
+
end
|
56
|
+
end
|
57
|
+
end
|
58
|
+
end
|
@@ -0,0 +1,71 @@
|
|
1
|
+
module DceLti
|
2
|
+
module Middleware
|
3
|
+
describe CookielessSessions do
|
4
|
+
include MiddlewareHelpers
|
5
|
+
context 'no cookies or a shimmed cookie' do
|
6
|
+
it 'puts in a session in urls and forms' do
|
7
|
+
app = lambda { |env| [200, {'Content-Type' => 'text/html'}, [html_output]] }
|
8
|
+
session_double = double('session')
|
9
|
+
session_id = '100'
|
10
|
+
allow(session_double).to receive(:id).and_return(session_id)
|
11
|
+
|
12
|
+
environments = [
|
13
|
+
{ 'rack.session' => session_double },
|
14
|
+
{
|
15
|
+
'rack.session' => session_double,
|
16
|
+
'HTTP_COOKIE' => %Q|#{session_key_name}=#{session_id};shimmed_cookie=1|
|
17
|
+
}
|
18
|
+
]
|
19
|
+
|
20
|
+
environments.each do |env|
|
21
|
+
middleware = described_class.new(app)
|
22
|
+
result = middleware.call(env)
|
23
|
+
modified_content = result[2][0]
|
24
|
+
|
25
|
+
expect(modified_content).to include %Q|href="/foobar/?#{session_key_name}=#{session_id}|
|
26
|
+
|
27
|
+
expect(modified_content).to include %Q|<input type="hidden" name="#{session_key_name}" value="#{session_id}">|
|
28
|
+
end
|
29
|
+
end
|
30
|
+
end
|
31
|
+
|
32
|
+
context 'a regular cookied session' do
|
33
|
+
it 'does not put a session in urls and forms' do
|
34
|
+
app = lambda { |env| [200, {'Content-Type' => 'text/html'}, [html_output]] }
|
35
|
+
session_double = double('session')
|
36
|
+
session_id = '100'
|
37
|
+
allow(session_double).to receive(:id).and_return(session_id)
|
38
|
+
|
39
|
+
env = {
|
40
|
+
'rack.session' => session_double,
|
41
|
+
'HTTP_COOKIE' => %Q|#{session_key_name}=#{session_id}|
|
42
|
+
}
|
43
|
+
|
44
|
+
middleware = described_class.new(app)
|
45
|
+
result = middleware.call(env)
|
46
|
+
modified_content = result[2][0]
|
47
|
+
|
48
|
+
expect(modified_content).not_to include %Q|#{session_key_name}|
|
49
|
+
expect(modified_content).to eq html_output
|
50
|
+
end
|
51
|
+
end
|
52
|
+
|
53
|
+
def html_output
|
54
|
+
%Q|<!DOCTYPE html>
|
55
|
+
<html>
|
56
|
+
<head>
|
57
|
+
<meta http-equiv=\"Content-Type\" content=\"text/html; charset=UTF-8\">
|
58
|
+
<title>A title</title>
|
59
|
+
</head>
|
60
|
+
<body>
|
61
|
+
<a href="/foobar/" id="a_link">A link</a>
|
62
|
+
<form action="/form/action">
|
63
|
+
</form>
|
64
|
+
</body>
|
65
|
+
</html>
|
66
|
+
|
|
67
|
+
end
|
68
|
+
|
69
|
+
end
|
70
|
+
end
|
71
|
+
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: dce_lti
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.5.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Dan Collis-Puro
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2015-
|
11
|
+
date: 2015-05-13 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: rails
|
@@ -52,6 +52,34 @@ dependencies:
|
|
52
52
|
- - "~>"
|
53
53
|
- !ruby/object:Gem::Version
|
54
54
|
version: '1.1'
|
55
|
+
- !ruby/object:Gem::Dependency
|
56
|
+
name: rack-plastic
|
57
|
+
requirement: !ruby/object:Gem::Requirement
|
58
|
+
requirements:
|
59
|
+
- - "~>"
|
60
|
+
- !ruby/object:Gem::Version
|
61
|
+
version: 0.1.3
|
62
|
+
type: :runtime
|
63
|
+
prerelease: false
|
64
|
+
version_requirements: !ruby/object:Gem::Requirement
|
65
|
+
requirements:
|
66
|
+
- - "~>"
|
67
|
+
- !ruby/object:Gem::Version
|
68
|
+
version: 0.1.3
|
69
|
+
- !ruby/object:Gem::Dependency
|
70
|
+
name: activerecord-session_store
|
71
|
+
requirement: !ruby/object:Gem::Requirement
|
72
|
+
requirements:
|
73
|
+
- - "~>"
|
74
|
+
- !ruby/object:Gem::Version
|
75
|
+
version: 0.1.1
|
76
|
+
type: :runtime
|
77
|
+
prerelease: false
|
78
|
+
version_requirements: !ruby/object:Gem::Requirement
|
79
|
+
requirements:
|
80
|
+
- - "~>"
|
81
|
+
- !ruby/object:Gem::Version
|
82
|
+
version: 0.1.1
|
55
83
|
- !ruby/object:Gem::Dependency
|
56
84
|
name: rspec-rails
|
57
85
|
requirement: !ruby/object:Gem::Requirement
|
@@ -191,9 +219,13 @@ files:
|
|
191
219
|
- config/routes.rb
|
192
220
|
- db/migrate/20141003180140_create_dce_lti_users.rb
|
193
221
|
- db/migrate/20141008172001_create_dce_lti_nonces.rb
|
222
|
+
- db/migrate/20150206152909_add_sessions_table.rb
|
194
223
|
- lib/dce_lti.rb
|
195
224
|
- lib/dce_lti/controller_methods.rb
|
196
225
|
- lib/dce_lti/engine.rb
|
226
|
+
- lib/dce_lti/middleware/cookie_shim.rb
|
227
|
+
- lib/dce_lti/middleware/cookieless_sessions.rb
|
228
|
+
- lib/dce_lti/redirect_to_helper.rb
|
197
229
|
- lib/dce_lti/version.rb
|
198
230
|
- lib/tasks/dce_lti_tasks.rake
|
199
231
|
- spec/controllers/dce_lti/configs_controller_spec.rb
|
@@ -240,6 +272,8 @@ files:
|
|
240
272
|
- spec/dummy/public/500.html
|
241
273
|
- spec/dummy/public/favicon.ico
|
242
274
|
- spec/factories.rb
|
275
|
+
- spec/middleware/dce_lti/cookie_shim_spec.rb
|
276
|
+
- spec/middleware/dce_lti/cookieless_sessions_spec.rb
|
243
277
|
- spec/models/dce_lti/nonce_spec.rb
|
244
278
|
- spec/models/dce_lti/user_spec.rb
|
245
279
|
- spec/services/dce_lti/timestamp_validator_spec.rb
|
@@ -247,6 +281,7 @@ files:
|
|
247
281
|
- spec/spec_helper.rb
|
248
282
|
- spec/support/database_cleaner.rb
|
249
283
|
- spec/support/dce_lti/configuration_helpers.rb
|
284
|
+
- spec/support/dce_lti/middleware_helpers.rb
|
250
285
|
- spec/support/factory_girl.rb
|
251
286
|
homepage: http://www.dce.harvard.edu/
|
252
287
|
licenses:
|
@@ -268,14 +303,17 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
268
303
|
version: '0'
|
269
304
|
requirements: []
|
270
305
|
rubyforge_project:
|
271
|
-
rubygems_version: 2.
|
306
|
+
rubygems_version: 2.4.5
|
272
307
|
signing_key:
|
273
308
|
specification_version: 4
|
274
309
|
summary: A rails engine to make working with LTI easier
|
275
310
|
test_files:
|
311
|
+
- spec/middleware/dce_lti/cookie_shim_spec.rb
|
312
|
+
- spec/middleware/dce_lti/cookieless_sessions_spec.rb
|
276
313
|
- spec/spec_helper.rb
|
277
314
|
- spec/services/dce_lti/timestamp_validator_spec.rb
|
278
315
|
- spec/services/dce_lti/user_initializer_spec.rb
|
316
|
+
- spec/support/dce_lti/middleware_helpers.rb
|
279
317
|
- spec/support/dce_lti/configuration_helpers.rb
|
280
318
|
- spec/support/database_cleaner.rb
|
281
319
|
- spec/support/factory_girl.rb
|