devise_saml_authenticatable 1.2 → 1.2.1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (9) hide show
  1. checksums.yaml +13 -5
  2. data/README.md +3 -0
  3. data/lib/devise_saml_authenticatable.rb +5 -3
  4. data/lib/devise_saml_authenticatable/model.rb +12 -8
  5. data/lib/devise_saml_authenticatable/version.rb +1 -1
  6. data/spec/devise_saml_authenticatable/model_spec.rb +50 -4
  7. data/spec/features/saml_authentication_spec.rb +13 -0
  8. data/spec/support/sp_template.rb +2 -1
  9. metadata +11 -11
checksums.yaml CHANGED
@@ -1,7 +1,15 @@
1
1
  ---
2
- SHA1:
3
- metadata.gz: 4e32069c983d434236aec40263991ce6d9bdd0ad
4
- data.tar.gz: 8b5f3ee9018059f85338d6c2131a0bed9320af99
2
+ !binary "U0hBMQ==":
3
+ metadata.gz: !binary |-
4
+ YzUzNzQwNTZmMTVkNDAyZDc5NmM1OTUxMzIyNGJjYTdlOTJkZDljZQ==
5
+ data.tar.gz: !binary |-
6
+ MDY1NTJiZTA4NjhlOTc2YmM2ZjlhYWMxNDcyMDNiMzUxMTBiNTBkNA==
5
7
  SHA512:
6
- metadata.gz: 181201e680b151a438bf8a7a2e999a773a231951003ab4fc77d014e83340d40634645fdec3f5270ce7f26a0506c19e0d6f87b90627c160db85aa60646f06e6d4
7
- data.tar.gz: 5fd315b55da27314594ca7cd152c85ddd74947a6d0dca2c2dce1e29999ca2ead9aa07873ce4f0e729d9c00e0dd77bb4ca03ec2803d11af585057ea99459f639b
8
+ metadata.gz: !binary |-
9
+ MDkxOWU4OTc5NWNhNDQ4ZDc3NThhZDc1ZDhkZjc2MzNlMTZmYTI0NTk3MGJk
10
+ NjMwMTg4YWVhMDQyM2NhNWVkYzNiY2JmYWViNzY5ZWJjN2FkMzk2ZGExNzlh
11
+ ZGMzNzU0NWU2MDZiZjM5MTMxNTNkZjA1MGUxZTgwOTljYTNhODE=
12
+ data.tar.gz: !binary |-
13
+ ZDYzODA0NzBlMWFmMjNhMjZmNzE4ZjBmMDllYzkyMzM3YWYxOGY4NTNiMTEy
14
+ ZTJhYjZmYTg4MDY5MDAyZmVmYzkzYWMzNjY0YzRkZGQxMzZlOWJkMzkwMzQx
15
+ NDYxMzAwMDU0OTE1ZTZlYWI5MTE3YzJlZjU1YzM4NjkxY2M3YmE=
data/README.md CHANGED
@@ -41,6 +41,9 @@ In config/initializers/devise.rb
41
41
  # Create user if the user does not exist. (Default is false)
42
42
  config.saml_create_user = true
43
43
 
44
+ # Update the attributes of the user after a successful login. (Default is false)
45
+ config.saml_update_user = true
46
+
44
47
  # Set the default user key. The user will be looked up by this key. Make
45
48
  # sure that the Authentication Response includes the attribute.
46
49
  config.saml_default_user_key = :email
data/lib/devise_saml_authenticatable.rb CHANGED
@@ -26,6 +26,10 @@ module Devise
26
26
  mattr_accessor :saml_create_user
27
27
  @@saml_create_user = false
28
28
 
29
+ # Update user attributes after login
30
+ mattr_accessor :saml_update_user
31
+ @@saml_update_user = false
32
+
29
33
  mattr_accessor :saml_default_user_key
30
34
  @@saml_default_user_key
31
35
 
@@ -48,9 +52,7 @@ end
48
52
  # Add saml_authenticatable strategy to defaults.
49
53
  #
50
54
  Devise.add_module(:saml_authenticatable,
51
- :route => :saml_authenticatable,
55
+ :route => :saml_authenticatable,
52
56
  :strategy => true,
53
57
  :controller => :saml_sessions,
54
58
  :model => 'devise_saml_authenticatable/model')
55
-
56
-
data/lib/devise_saml_authenticatable/model.rb CHANGED
@@ -14,7 +14,7 @@ module Devise
14
14
  def update_with_password(params={})
15
15
  params.delete(:current_password)
16
16
  self.update_without_password(params)
17
- end
17
+ end
18
18
 
19
19
  def update_without_password(params={})
20
20
  params.delete(:password)
@@ -51,15 +51,19 @@ module Devise
51
51
  auth_value.try(:downcase!) if Devise.case_insensitive_keys.include?(key)
52
52
  end
53
53
  resource = where(key => auth_value).first
54
- if (resource.nil? && !Devise.saml_create_user)
55
- logger.info("User(#{auth_value}) not found. Not configured to create the user.")
56
- return nil
54
+
55
+ if resource.nil?
56
+ if Devise.saml_create_user
57
+ logger.info("Creating user(#{auth_value}).")
58
+ resource = new
59
+ else
60
+ logger.info("User(#{auth_value}) not found. Not configured to create the user.")
61
+ return nil
62
+ end
57
63
  end
58
64
 
59
- if (resource.nil? && Devise.saml_create_user)
60
- logger.info("Creating user(#{auth_value}).")
61
- resource = new
62
- set_user_saml_attributes(resource,attributes)
65
+ if Devise.saml_update_user || (resource.new_record? && Devise.saml_create_user)
66
+ set_user_saml_attributes(resource, attributes)
63
67
  if (Devise.saml_use_subject)
64
68
  resource.send "#{key}=", auth_value
65
69
  end
data/lib/devise_saml_authenticatable/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module DeviseSamlAuthenticatable
2
- VERSION = "1.2"
2
+ VERSION = "1.2.1"
3
3
  end
data/spec/devise_saml_authenticatable/model_spec.rb CHANGED
@@ -4,6 +4,16 @@ describe Devise::Models::SamlAuthenticatable do
4
4
  class Model
5
5
  include Devise::Models::SamlAuthenticatable
6
6
  attr_accessor :email, :name, :saved
7
+ def initialize(params = {})
8
+ @email = params[:email]
9
+ @name = params[:name]
10
+ @new_record = params.fetch(:new_record, true)
11
+ end
12
+
13
+ def new_record?
14
+ @new_record
15
+ end
16
+
7
17
  def save!
8
18
  self.saved = true
9
19
  end
@@ -46,7 +56,7 @@ describe Devise::Models::SamlAuthenticatable do
46
56
  let(:name_id) { nil }
47
57
 
48
58
  it "looks up the user by the configured default user key" do
49
- user = double(:user)
59
+ user = Model.new(new_record: false)
50
60
  expect(Model).to receive(:where).with(email: 'user@example.com').and_return([user])
51
61
  expect(Model.authenticate_with_saml(response)).to eq(user)
52
62
  end
@@ -65,7 +75,7 @@ describe Devise::Models::SamlAuthenticatable do
65
75
  end
66
76
 
67
77
  it "looks up the user by the configured default user key" do
68
- user = double(:user)
78
+ user = Model.new(new_record: false)
69
79
  expect(Model).to receive(:where).with(email: 'user@example.com').and_return([user])
70
80
  expect(Model.authenticate_with_saml(response)).to eq(user)
71
81
  end
@@ -88,9 +98,24 @@ describe Devise::Models::SamlAuthenticatable do
88
98
  expect(model.saved).to be(true)
89
99
  end
90
100
  end
101
+
102
+ context "when configured to update a user and the user is found" do
103
+ before do
104
+ allow(Devise).to receive(:saml_update_user).and_return(true)
105
+ end
106
+
107
+ it "creates and returns a new user with the name identifier and given attributes" do
108
+ user = Model.new(email: "old_mail@mail.com", name: "old name", new_record: false)
109
+ expect(Model).to receive(:where).with(email: 'user@example.com').and_return([user])
110
+ model = Model.authenticate_with_saml(response)
111
+ expect(model.email).to eq('user@example.com')
112
+ expect(model.name).to eq('A User')
113
+ expect(model.saved).to be(true)
114
+ end
115
+ end
91
116
  end
92
117
 
93
- context "when configured to create a user and the user is not found" do
118
+ context "when configured to create an user and the user is not found" do
94
119
  before do
95
120
  allow(Devise).to receive(:saml_create_user).and_return(true)
96
121
  end
@@ -104,13 +129,34 @@ describe Devise::Models::SamlAuthenticatable do
104
129
  end
105
130
  end
106
131
 
132
+ context "when configured to update an user" do
133
+ before do
134
+ allow(Devise).to receive(:saml_update_user).and_return(true)
135
+ end
136
+
137
+ it "returns nil if the user is not found" do
138
+ expect(Model).to receive(:where).with(email: 'user@example.com').and_return([])
139
+ expect(Model.authenticate_with_saml(response)).to be_nil
140
+ end
141
+
142
+ it "updates the attributes if the user is found" do
143
+ user = Model.new(email: "old_mail@mail.com", name: "old name", new_record: false)
144
+ expect(Model).to receive(:where).with(email: 'user@example.com').and_return([user])
145
+ model = Model.authenticate_with_saml(response)
146
+ expect(model.email).to eq('user@example.com')
147
+ expect(model.name).to eq('A User')
148
+ expect(model.saved).to be(true)
149
+ end
150
+ end
151
+
152
+
107
153
  context "when configured with a case-insensitive key" do
108
154
  before do
109
155
  allow(Devise).to receive(:case_insensitive_keys).and_return([:email])
110
156
  end
111
157
 
112
158
  it "looks up the user with a downcased value" do
113
- user = double(:user)
159
+ user = Model.new(new_record: false)
114
160
  expect(Model).to receive(:where).with(email: 'user@example.com').and_return([user])
115
161
  expect(Model.authenticate_with_saml(response)).to eq(user)
116
162
  end
data/spec/features/saml_authentication_spec.rb CHANGED
@@ -34,6 +34,19 @@ describe "SAML Authentication", type: :feature do
34
34
  expect(current_url).to eq("http://localhost:8020/")
35
35
  end
36
36
 
37
+ it "updates a user on the SP from the IdP attributes" do
38
+ create_user("you@example.com")
39
+
40
+ visit 'http://localhost:8020/'
41
+ expect(current_url).to match(%r(\Ahttp://localhost:8009/saml/auth\?SAMLRequest=))
42
+ fill_in "Email", with: "you@example.com"
43
+ fill_in "Password", with: "asdf"
44
+ click_on "Sign in"
45
+ expect(page).to have_content("you@example.com")
46
+ expect(page).to have_content("A User")
47
+ expect(current_url).to eq("http://localhost:8020/")
48
+ end
49
+
37
50
  it "logs a user out of the IdP via the SP" do
38
51
  sign_in
39
52
 
data/spec/support/sp_template.rb CHANGED
@@ -36,6 +36,7 @@ after_bundle do
36
36
 
37
37
  config.saml_use_subject = #{use_subject_to_authenticate}
38
38
  config.saml_create_user = true
39
+ config.saml_update_user = true
39
40
 
40
41
  config.saml_configure do |settings|
41
42
  settings.assertion_consumer_service_url = "http://localhost:8020/users/saml/auth"
@@ -64,4 +65,4 @@ end
64
65
  rake "db:migrate"
65
66
  end
66
67
 
67
- create_file 'public/stylesheets/application.css', ''
68
+ create_file 'public/stylesheets/application.css', ''
metadata CHANGED
@@ -1,41 +1,41 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: devise_saml_authenticatable
3
3
  version: !ruby/object:Gem::Version
4
- version: '1.2'
4
+ version: 1.2.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Josef Sauter
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2015-08-25 00:00:00.000000000 Z
11
+ date: 2015-12-10 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: devise
15
15
  requirement: !ruby/object:Gem::Requirement
16
16
  requirements:
17
- - - ">"
17
+ - - ! '>'
18
18
  - !ruby/object:Gem::Version
19
19
  version: 2.0.0
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
- - - ">"
24
+ - - ! '>'
25
25
  - !ruby/object:Gem::Version
26
26
  version: 2.0.0
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: ruby-saml
29
29
  requirement: !ruby/object:Gem::Requirement
30
30
  requirements:
31
- - - "~>"
31
+ - - ~>
32
32
  - !ruby/object:Gem::Version
33
33
  version: '1.0'
34
34
  type: :runtime
35
35
  prerelease: false
36
36
  version_requirements: !ruby/object:Gem::Requirement
37
37
  requirements:
38
- - - "~>"
38
+ - - ~>
39
39
  - !ruby/object:Gem::Version
40
40
  version: '1.0'
41
41
  description: SAML Authentication for devise
@@ -45,9 +45,9 @@ executables: []
45
45
  extensions: []
46
46
  extra_rdoc_files: []
47
47
  files:
48
- - ".gitignore"
49
- - ".rspec"
50
- - ".travis.yml"
48
+ - .gitignore
49
+ - .rspec
50
+ - .travis.yml
51
51
  - Gemfile
52
52
  - LICENSE
53
53
  - README.md
@@ -84,12 +84,12 @@ require_paths:
84
84
  - lib
85
85
  required_ruby_version: !ruby/object:Gem::Requirement
86
86
  requirements:
87
- - - ">="
87
+ - - ! '>='
88
88
  - !ruby/object:Gem::Version
89
89
  version: '0'
90
90
  required_rubygems_version: !ruby/object:Gem::Requirement
91
91
  requirements:
92
- - - ">="
92
+ - - ! '>='
93
93
  - !ruby/object:Gem::Version
94
94
  version: '0'
95
95
  requirements: []