devise_ssl_session_verifiable 3.0.1 → 3.0.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 3724221fd3e3b4b5dd3ba08b18cd2e4f5525ca8b
-  data.tar.gz: adb5624c5c46e477ec738fdb6f24fe1d045a2431
+  metadata.gz: 19e4814f4a515e2abc7c7ad4fd7330328521c865
+  data.tar.gz: 549185f30b45e1a2514194ee5b20bca87f7b8286
 SHA512:
-  metadata.gz: d7eafb7ab8a25c35f66d27a58c15a8fb72a4ad4398d8df5b18935414e3b993a2a993746232436acd3fc973d8833a5aae8ada7e04048d3369881d3de7d62131a1
-  data.tar.gz: 078a84a9f780e7df0530178e98d6479caa979453f14f9b7e1c287723c7dd204077c050d2e8f46db03ba5905fa9b2c940172c35b6277d679b0b91d29c583b2725
+  metadata.gz: 347d143898a1b36a55a0339c6db16c61a70e0560ea137f31e9076ed40af5efdda5fdcb51ca04d3fcd6e9b6b8cd95b709185a3e6db7c9c60860f8c7513b5b495d
+  data.tar.gz: 05a7d56aba003f1c4579f9979f999532377047227de72c87e128a3503687f6ca080be89ec54106faf26d63b1408d6907487f39a3a9d5d3b41295b7ee2f6aefde

data/Gemfile

@@ -2,8 +2,8 @@ source "http://rubygems.org"
 
 gemspec
 
-gem "rails", "~> 4.0.0.rc1"
-gem "devise", "3.0.0.rc"
+gem "rails", "~> 4.0.0"
+gem "devise", "~> 3.2.1"
 gem "sqlite3"
 
 group :test do

data/devise_ssl_session_verifiable.gemspec

@@ -18,5 +18,6 @@ Gem::Specification.new do |s|
   s.test_files    = `git ls-files -- test/*`.split("\n")
   s.require_paths = ["lib"]
 
-  s.add_dependency("devise", "> 2.2")
+  s.add_dependency("devise", "> 3.2")
+  s.add_dependency("railties", ">= 4.0.0")
 end

data/lib/devise/controllers/ssl_session_verifiable.rb

@@ -19,12 +19,12 @@ module Devise
 
       def secure_ssl_session?(resource)
         scope = Devise::Mapping.find_scope!(resource)
-        cookies.signed[ssl_session_verification_key(scope)] == resource.id
+        cookies.signed_or_encrypted[ssl_session_verification_key(scope)] == resource.id
       end
 
       def set_ssl_session_verification_cookie(resource)
         scope = Devise::Mapping.find_scope!(resource)
-        cookies.signed[ssl_session_verification_key(scope)] = ssl_session_verification_cookie_values(resource)
+        cookies.signed_or_encrypted[ssl_session_verification_key(scope)] = ssl_session_verification_cookie_values(resource)
       end
 
       def remove_ssl_session_verification_cookie(resource)

data/lib/devise_ssl_session_verifiable/version.rb

@@ -1,3 +1,3 @@
 module DeviseSslSessionVerifiable
-  VERSION = "3.0.1".freeze
+  VERSION = "3.0.2".freeze
 end

data/test/integration/ssl_session_verifiable_test.rb

@@ -24,15 +24,6 @@ class SslSessionVerifiableIntegrationTest < ActionDispatch::IntegrationTest
     assert_authenticated_and_verified(:admin, admin)
   end
 
-  test 'generate verify cookie after token sign in' do
-    admin = create_admin
-    admin.reset_authentication_token!
-    assert admin.authentication_token
-    visit admin_root_url(admin, :auth_token => admin.authentication_token, :protocol => "https")
-    assert_response :success
-    assert_authenticated_and_verified(:admin, admin)
-  end
-
   test 'generate remember token after sign in setting cookie options' do
     # We test this by asserting the cookie is not sent after the redirect
     # since we changed the domain. This is the only difference with the
@@ -51,6 +42,16 @@ class SslSessionVerifiableIntegrationTest < ActionDispatch::IntegrationTest
     assert_contain 'Private!'
   end
 
+  test 'access SSL with signed cookie' do
+    admin = sign_in_as_admin_via_ssl
+    cookies.delete('admin_verify')
+    cookies['admin_verify'] = ActiveSupport::MessageVerifier.new(Rails.application.config.secret_token).generate(admin.id)
+    visit private_url(:protocol => "https")
+    assert_response :success
+    assert_template 'home/private'
+    assert_contain 'Private!'
+  end
+
   test 'access SSL page but no verify cookie' do
     sign_in_as_admin_via_ssl
     drop_verification_cookie

data/test/rails_app/app/models/admin.rb

@@ -1,5 +1,5 @@
 class Admin < ActiveRecord::Base
 
-  devise :database_authenticatable, :token_authenticatable, :rememberable, :ssl_session_verifiable
+  devise :database_authenticatable, :rememberable, :ssl_session_verifiable
 
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: devise_ssl_session_verifiable
 version: !ruby/object:Gem::Version
-  version: 3.0.1
+  version: 3.0.2
 platform: ruby
 authors:
 - Michael Reinsch
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2013-06-26 00:00:00.000000000 Z
+date: 2014-04-15 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: devise
@@ -16,14 +16,28 @@ dependencies:
     requirements:
     - - '>'
       - !ruby/object:Gem::Version
-        version: '2.2'
+        version: '3.2'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '>'
       - !ruby/object:Gem::Version
-        version: '2.2'
+        version: '3.2'
+- !ruby/object:Gem::Dependency
+  name: railties
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: 4.0.0
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: 4.0.0
 description: Secure access to SSL based pages while sharing a common session between
   HTTP and HTTPS
 email: info@mobalean.co,
@@ -96,7 +110,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project: devise_ssl_session_verifiable
-rubygems_version: 2.0.3
+rubygems_version: 2.2.2
 signing_key: 
 specification_version: 4
 summary: Secure access to SSL based pages while sharing a common session between HTTP