discourse_api 1.0.0 → 1.1.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 730d29945a35c74f70e468ae35c3079b68019bd3eed8ae578e30658c1dbc638a
4
- data.tar.gz: '0728d384637cfd505efe9c86a895b9915e6638f6576f3907d06f34eac816fa53'
3
+ metadata.gz: 7b3a4fa6e58bafa87e83cc91ac1d064ad4a28d5a16b333348e69e5e34616656a
4
+ data.tar.gz: bf82b1cdfb447f2233166d7dced4fdcbd79c7aecbdb1e1831a4df4fa085fbdbb
5
5
  SHA512:
6
- metadata.gz: a32c491fd381e24e5c11c3e73fc1ecfabe014c31e4d14cdc5975869d73663eb35cd0711fa77cf74c65ecd91b3d657e28a413edcceb3d0f7230b0ece0ba7598a4
7
- data.tar.gz: 78099bb35c97d711fbf9c574148230d5e79d0dd45b3f384aeb335a7354faaa89267c4f40673a08e7a07e1cadbbc051990f392742176fa436748ebcb676b0c1db
6
+ metadata.gz: 3852fbddac9d6fd014683731c3d86fdebb29c2805729a0c82802362c7e0cd6a1904be8b63a514ef26520f23864b2540eae3e78f9a40bf8cf2f6d8f097bc145ff
7
+ data.tar.gz: b264bbe0726bc891188318f680425e7512a66ce7e87c5a7d41e4a3010b0c528acae122c3299e687728ec4ea4d0fb24c42802bf73eb1f3b60c3d70b6c1375b008
data/CHANGELOG.md CHANGED
@@ -6,6 +6,11 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
6
6
 
7
7
  ## [Unreleased]
8
8
 
9
+ ## [1.1.0] - 2022-07-05
10
+ ### Changed
11
+ - `DiscourseApi::SingleSignOn.parse` now raises `DiscourseApi::SingleSignOn::ParseError` (inherits from `RuntimeError` to preserve backward compatibility) instead of `RuntimeError` when there's a signature mismatch.
12
+ - `DiscourseApi::SingleSignOn.parse` now raises `DiscourseApi::SingleSignOn::MissingConfigError` (also inherits from `RuntimeError`) if `sso_secret` or `sso_url` are missing.
13
+
9
14
  ## [1.0.0] - 2022-05-01
10
15
  ### Changed
11
16
  - The package now requires ruby 2.6+
@@ -5,6 +5,9 @@ require 'openssl'
5
5
 
6
6
  module DiscourseApi
7
7
  class SingleSignOn
8
+ class ParseError < RuntimeError; end
9
+ class MissingConfigError < RuntimeError; end
10
+
8
11
  ACCESSORS = [
9
12
  :add_groups,
10
13
  :admin,
@@ -52,11 +55,11 @@ module DiscourseApi
52
55
  attr_writer :custom_fields, :sso_secret, :sso_url
53
56
 
54
57
  def self.sso_secret
55
- raise RuntimeError, "sso_secret not implemented on class, be sure to set it on instance"
58
+ raise MissingConfigError, "sso_secret not implemented on class, be sure to set it on instance"
56
59
  end
57
60
 
58
61
  def self.sso_url
59
- raise RuntimeError, "sso_url not implemented on class, be sure to set it on instance"
62
+ raise MissingConfigError, "sso_url not implemented on class, be sure to set it on instance"
60
63
  end
61
64
 
62
65
  def self.parse_hash(payload)
@@ -98,9 +101,9 @@ module DiscourseApi
98
101
  if sso.sign(parsed["sso"]) != parsed["sig"]
99
102
  diags = "\n\nsso: #{parsed["sso"]}\n\nsig: #{parsed["sig"]}\n\nexpected sig: #{sso.sign(parsed["sso"])}"
100
103
  if parsed["sso"] =~ /[^a-zA-Z0-9=\r\n\/+]/m
101
- raise RuntimeError, "The SSO field should be Base64 encoded, using only A-Z, a-z, 0-9, +, /, and = characters. Your input contains characters we don't understand as Base64, see http://en.wikipedia.org/wiki/Base64 #{diags}"
104
+ raise ParseError, "The SSO field should be Base64 encoded, using only A-Z, a-z, 0-9, +, /, and = characters. Your input contains characters we don't understand as Base64, see http://en.wikipedia.org/wiki/Base64 #{diags}"
102
105
  else
103
- raise RuntimeError, "Bad signature for payload #{diags}"
106
+ raise ParseError, "Bad signature for payload #{diags}"
104
107
  end
105
108
  end
106
109
 
@@ -1,4 +1,4 @@
1
1
  # frozen_string_literal: true
2
2
  module DiscourseApi
3
- VERSION = "1.0.0"
3
+ VERSION = "1.1.0"
4
4
  end
@@ -0,0 +1,43 @@
1
+ # frozen_string_literal: true
2
+
3
+ require 'spec_helper'
4
+
5
+ describe DiscourseApi::SingleSignOn do
6
+ context "::MissingConfigError" do
7
+ it "inherits from RuntimeError for backward compatibility" do
8
+ expect(DiscourseApi::SingleSignOn::MissingConfigError).to be < RuntimeError
9
+ end
10
+ end
11
+
12
+ context "::ParseError" do
13
+ it "inherits from RuntimeError for backward compatibility" do
14
+ expect(DiscourseApi::SingleSignOn::ParseError).to be < RuntimeError
15
+ end
16
+ end
17
+
18
+ context ".sso_secret" do
19
+ it "raises MissingConfigError when sso_secret is not present" do
20
+ expect {
21
+ described_class.sso_secret
22
+ }.to raise_error(DiscourseApi::SingleSignOn::MissingConfigError)
23
+ end
24
+ end
25
+
26
+ context ".sso_url" do
27
+ it "raises MissingConfigError when sso_url is not present" do
28
+ expect {
29
+ described_class.sso_url
30
+ }.to raise_error(DiscourseApi::SingleSignOn::MissingConfigError)
31
+ end
32
+ end
33
+
34
+ context ".parse" do
35
+ it "raises ParseError when there's a signature mismatch" do
36
+ sso = described_class.new
37
+ sso.sso_secret = "abcd"
38
+ expect {
39
+ described_class.parse(sso.payload, "dcba")
40
+ }.to raise_error(DiscourseApi::SingleSignOn::ParseError)
41
+ end
42
+ end
43
+ end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: discourse_api
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.0.0
4
+ version: 1.1.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Sam Saffron
@@ -11,7 +11,7 @@ authors:
11
11
  autorequire:
12
12
  bindir: bin
13
13
  cert_chain: []
14
- date: 2022-05-02 00:00:00.000000000 Z
14
+ date: 2022-07-05 00:00:00.000000000 Z
15
15
  dependencies:
16
16
  - !ruby/object:Gem::Dependency
17
17
  name: faraday
@@ -274,6 +274,7 @@ files:
274
274
  - spec/discourse_api/api/user_actions_spec.rb
275
275
  - spec/discourse_api/api/users_spec.rb
276
276
  - spec/discourse_api/client_spec.rb
277
+ - spec/discourse_api/single_sign_on_spec.rb
277
278
  - spec/fixtures/admin_user.json
278
279
  - spec/fixtures/api_key.json
279
280
  - spec/fixtures/backups.json
@@ -372,6 +373,7 @@ test_files:
372
373
  - spec/discourse_api/api/user_actions_spec.rb
373
374
  - spec/discourse_api/api/users_spec.rb
374
375
  - spec/discourse_api/client_spec.rb
376
+ - spec/discourse_api/single_sign_on_spec.rb
375
377
  - spec/fixtures/admin_user.json
376
378
  - spec/fixtures/api_key.json
377
379
  - spec/fixtures/backups.json