discourse_api 1.0.0 → 1.1.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 730d29945a35c74f70e468ae35c3079b68019bd3eed8ae578e30658c1dbc638a
-  data.tar.gz: '0728d384637cfd505efe9c86a895b9915e6638f6576f3907d06f34eac816fa53'
+  metadata.gz: 7b3a4fa6e58bafa87e83cc91ac1d064ad4a28d5a16b333348e69e5e34616656a
+  data.tar.gz: bf82b1cdfb447f2233166d7dced4fdcbd79c7aecbdb1e1831a4df4fa085fbdbb
 SHA512:
-  metadata.gz: a32c491fd381e24e5c11c3e73fc1ecfabe014c31e4d14cdc5975869d73663eb35cd0711fa77cf74c65ecd91b3d657e28a413edcceb3d0f7230b0ece0ba7598a4
-  data.tar.gz: 78099bb35c97d711fbf9c574148230d5e79d0dd45b3f384aeb335a7354faaa89267c4f40673a08e7a07e1cadbbc051990f392742176fa436748ebcb676b0c1db
+  metadata.gz: 3852fbddac9d6fd014683731c3d86fdebb29c2805729a0c82802362c7e0cd6a1904be8b63a514ef26520f23864b2540eae3e78f9a40bf8cf2f6d8f097bc145ff
+  data.tar.gz: b264bbe0726bc891188318f680425e7512a66ce7e87c5a7d41e4a3010b0c528acae122c3299e687728ec4ea4d0fb24c42802bf73eb1f3b60c3d70b6c1375b008

data/CHANGELOG.md

@@ -6,6 +6,11 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [Unreleased]
 
+## [1.1.0] - 2022-07-05
+### Changed
+- `DiscourseApi::SingleSignOn.parse` now raises `DiscourseApi::SingleSignOn::ParseError` (inherits from `RuntimeError` to preserve backward compatibility) instead of `RuntimeError` when there's a signature mismatch.
+- `DiscourseApi::SingleSignOn.parse` now raises `DiscourseApi::SingleSignOn::MissingConfigError` (also inherits from `RuntimeError`) if `sso_secret` or `sso_url` are missing.
+
 ## [1.0.0] - 2022-05-01
 ### Changed
 - The package now requires ruby 2.6+

data/lib/discourse_api/single_sign_on.rb

@@ -5,6 +5,9 @@ require 'openssl'
 
 module DiscourseApi
   class SingleSignOn
+    class ParseError < RuntimeError; end
+    class MissingConfigError < RuntimeError; end
+
     ACCESSORS = [
       :add_groups,
       :admin,
@@ -52,11 +55,11 @@ module DiscourseApi
     attr_writer :custom_fields, :sso_secret, :sso_url
 
     def self.sso_secret
-      raise RuntimeError, "sso_secret not implemented on class, be sure to set it on instance"
+      raise MissingConfigError, "sso_secret not implemented on class, be sure to set it on instance"
     end
 
     def self.sso_url
-      raise RuntimeError, "sso_url not implemented on class, be sure to set it on instance"
+      raise MissingConfigError, "sso_url not implemented on class, be sure to set it on instance"
     end
 
     def self.parse_hash(payload)
@@ -98,9 +101,9 @@ module DiscourseApi
       if sso.sign(parsed["sso"]) != parsed["sig"]
         diags = "\n\nsso: #{parsed["sso"]}\n\nsig: #{parsed["sig"]}\n\nexpected sig: #{sso.sign(parsed["sso"])}"
         if parsed["sso"] =~ /[^a-zA-Z0-9=\r\n\/+]/m
-          raise RuntimeError, "The SSO field should be Base64 encoded, using only A-Z, a-z, 0-9, +, /, and = characters. Your input contains characters we don't understand as Base64, see http://en.wikipedia.org/wiki/Base64 #{diags}"
+          raise ParseError, "The SSO field should be Base64 encoded, using only A-Z, a-z, 0-9, +, /, and = characters. Your input contains characters we don't understand as Base64, see http://en.wikipedia.org/wiki/Base64 #{diags}"
         else
-          raise RuntimeError, "Bad signature for payload #{diags}"
+          raise ParseError, "Bad signature for payload #{diags}"
         end
       end
 

data/lib/discourse_api/version.rb

@@ -1,4 +1,4 @@
 # frozen_string_literal: true
 module DiscourseApi
-  VERSION = "1.0.0"
+  VERSION = "1.1.0"
 end

data/spec/discourse_api/single_sign_on_spec.rb

@@ -0,0 +1,43 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+describe DiscourseApi::SingleSignOn do
+  context "::MissingConfigError" do
+    it "inherits from RuntimeError for backward compatibility" do
+      expect(DiscourseApi::SingleSignOn::MissingConfigError).to be < RuntimeError
+    end
+  end
+
+  context "::ParseError" do
+    it "inherits from RuntimeError for backward compatibility" do
+      expect(DiscourseApi::SingleSignOn::ParseError).to be < RuntimeError
+    end
+  end
+
+  context ".sso_secret" do
+    it "raises MissingConfigError when sso_secret is not present" do
+      expect {
+        described_class.sso_secret
+      }.to raise_error(DiscourseApi::SingleSignOn::MissingConfigError)
+    end
+  end
+
+  context ".sso_url" do
+    it "raises MissingConfigError when sso_url is not present" do
+      expect {
+        described_class.sso_url
+      }.to raise_error(DiscourseApi::SingleSignOn::MissingConfigError)
+    end
+  end
+
+  context ".parse" do
+    it "raises ParseError when there's a signature mismatch" do
+      sso = described_class.new
+      sso.sso_secret = "abcd"
+      expect {
+        described_class.parse(sso.payload, "dcba")
+      }.to raise_error(DiscourseApi::SingleSignOn::ParseError)
+    end
+  end
+end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: discourse_api
 version: !ruby/object:Gem::Version
-  version: 1.0.0
+  version: 1.1.0
 platform: ruby
 authors:
 - Sam Saffron
@@ -11,7 +11,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2022-05-02 00:00:00.000000000 Z
+date: 2022-07-05 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: faraday
@@ -274,6 +274,7 @@ files:
 - spec/discourse_api/api/user_actions_spec.rb
 - spec/discourse_api/api/users_spec.rb
 - spec/discourse_api/client_spec.rb
+- spec/discourse_api/single_sign_on_spec.rb
 - spec/fixtures/admin_user.json
 - spec/fixtures/api_key.json
 - spec/fixtures/backups.json
@@ -372,6 +373,7 @@ test_files:
 - spec/discourse_api/api/user_actions_spec.rb
 - spec/discourse_api/api/users_spec.rb
 - spec/discourse_api/client_spec.rb
+- spec/discourse_api/single_sign_on_spec.rb
 - spec/fixtures/admin_user.json
 - spec/fixtures/api_key.json
 - spec/fixtures/backups.json