drillbit 2.11.0 → 3.0.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- checksums.yaml.gz.sig +0 -0
- data.tar.gz.sig +0 -0
- data/lib/drillbit.rb +1 -0
- data/lib/drillbit/accept_header.rb +1 -0
- data/lib/drillbit/authorizable_resource.rb +61 -60
- data/lib/drillbit/authorizers/parameters.rb +1 -0
- data/lib/drillbit/authorizers/parameters/filtering.rb +7 -6
- data/lib/drillbit/authorizers/parameters/inclusions.rb +6 -9
- data/lib/drillbit/authorizers/parameters/resource.rb +20 -19
- data/lib/drillbit/authorizers/query.rb +1 -0
- data/lib/drillbit/authorizers/scope.rb +5 -4
- data/lib/drillbit/compatibility/controllers.rb +1 -0
- data/lib/drillbit/configuration.rb +14 -16
- data/lib/drillbit/errors/invalid_api_request.rb +1 -0
- data/lib/drillbit/errors/invalid_request_body.rb +1 -0
- data/lib/drillbit/errors/invalid_subdomain.rb +1 -0
- data/lib/drillbit/errors/invalid_token.rb +1 -0
- data/lib/drillbit/errors/unpermitted_inclusions.rb +1 -0
- data/lib/drillbit/matchers/accept_header.rb +1 -0
- data/lib/drillbit/matchers/generic.rb +4 -3
- data/lib/drillbit/matchers/subdomain.rb +5 -6
- data/lib/drillbit/matchers/version.rb +3 -2
- data/lib/drillbit/middleware/api_request_validator.rb +4 -3
- data/lib/drillbit/middleware/parameter_parser.rb +1 -0
- data/lib/drillbit/middleware/token_processor.rb +1 -0
- data/lib/drillbit/parameters/filter.rb +12 -11
- data/lib/drillbit/parameters/index.rb +3 -2
- data/lib/drillbit/parameters/page.rb +1 -0
- data/lib/drillbit/parameters/sort.rb +1 -0
- data/lib/drillbit/requests/base.rb +1 -1
- data/lib/drillbit/requests/rack.rb +3 -0
- data/lib/drillbit/requests/rails.rb +1 -0
- data/lib/drillbit/resource.rb +1 -0
- data/lib/drillbit/resource/model.rb +5 -4
- data/lib/drillbit/resource/naming.rb +11 -10
- data/lib/drillbit/resource/processors/filtering.rb +1 -0
- data/lib/drillbit/resource/processors/indexing.rb +1 -0
- data/lib/drillbit/resource/processors/paging.rb +4 -3
- data/lib/drillbit/resource/processors/sorting.rb +1 -0
- data/lib/drillbit/responses/invalid_api_request.rb +3 -0
- data/lib/drillbit/responses/invalid_request_body.rb +3 -0
- data/lib/drillbit/responses/invalid_subdomain.rb +3 -0
- data/lib/drillbit/responses/invalid_token.rb +3 -0
- data/lib/drillbit/serializers/json_api.rb +12 -11
- data/lib/drillbit/tokens/base64.rb +1 -0
- data/lib/drillbit/tokens/base64s/invalid.rb +1 -0
- data/lib/drillbit/tokens/base64s/null.rb +1 -0
- data/lib/drillbit/tokens/invalid.rb +1 -0
- data/lib/drillbit/tokens/json_web_token.rb +6 -5
- data/lib/drillbit/tokens/json_web_tokens/invalid.rb +1 -0
- data/lib/drillbit/tokens/json_web_tokens/null.rb +1 -0
- data/lib/drillbit/tokens/json_web_tokens/password_reset.rb +1 -0
- data/lib/drillbit/tokens/null.rb +1 -0
- data/lib/drillbit/utilities/string.rb +1 -0
- data/lib/drillbit/version.rb +2 -1
- metadata +28 -94
- metadata.gz.sig +0 -0
- data/Rakefile +0 -2
- data/spec/drillbit/accept_header_spec.rb +0 -119
- data/spec/drillbit/authorizers/parameters/filtering_spec.rb +0 -101
- data/spec/drillbit/authorizers/parameters/resource_spec.rb +0 -12
- data/spec/drillbit/authorizers/parameters_spec.rb +0 -19
- data/spec/drillbit/authorizers/query_spec.rb +0 -24
- data/spec/drillbit/authorizers/scope_spec.rb +0 -21
- data/spec/drillbit/errors/invalid_api_request_spec.rb +0 -31
- data/spec/drillbit/errors/invalid_request_body_spec.rb +0 -25
- data/spec/drillbit/errors/invalid_subdomain_spec.rb +0 -30
- data/spec/drillbit/errors/invalid_token_spec.rb +0 -24
- data/spec/drillbit/invalid_subdomain_spec.rb +0 -45
- data/spec/drillbit/invalid_token_spec.rb +0 -44
- data/spec/drillbit/matchers/accept_header_spec.rb +0 -114
- data/spec/drillbit/matchers/subdomain_spec.rb +0 -78
- data/spec/drillbit/matchers/version_spec.rb +0 -86
- data/spec/drillbit/middleware/api_request_validator_spec.rb +0 -185
- data/spec/drillbit/middleware/parameter_parser_spec.rb +0 -200
- data/spec/drillbit/middleware/token_processor_spec.rb +0 -27
- data/spec/drillbit/requests/base_spec.rb +0 -37
- data/spec/drillbit/requests/rack_spec.rb +0 -252
- data/spec/drillbit/requests/rails_spec.rb +0 -264
- data/spec/drillbit/resource/model_spec.rb +0 -64
- data/spec/drillbit/resource/processors/filtering_spec.rb +0 -106
- data/spec/drillbit/resource/processors/indexing_spec.rb +0 -45
- data/spec/drillbit/resource/processors/paging_spec.rb +0 -74
- data/spec/drillbit/resource/processors/sorting_spec.rb +0 -66
- data/spec/drillbit/tokens/base64_spec.rb +0 -44
- data/spec/drillbit/tokens/json_web_token_spec.rb +0 -231
- data/spec/drillbit/tokens/json_web_tokens/password_reset_spec.rb +0 -43
- data/spec/fixtures/test_rsa_key +0 -27
- data/spec/fixtures/test_rsa_key.pub +0 -9
- data/spec/spec_helper.rb +0 -4
- data/spec/support/private_keys.rb +0 -42
@@ -1,27 +0,0 @@
|
|
1
|
-
# frozen_string_literal: true
|
2
|
-
require 'rspeckled/spec_helpers/rspeckled'
|
3
|
-
require 'drillbit/middleware/token_processor'
|
4
|
-
|
5
|
-
module Drillbit
|
6
|
-
module Middleware
|
7
|
-
describe TokenProcessor do
|
8
|
-
let(:app) { ->(_env) { [200, {}, 'response'] } }
|
9
|
-
|
10
|
-
it 'returns the proper response if the token is invalid' do
|
11
|
-
Drillbit.configuration.token_private_key = test_private_key
|
12
|
-
middleware = TokenProcessor.new(app)
|
13
|
-
|
14
|
-
request = {
|
15
|
-
'HTTP_HOST' => 'api.example.com',
|
16
|
-
'HTTP_ACCEPT' => 'application/vnd.westeros+redkeep;version=1.0.0',
|
17
|
-
'HTTP_AUTHORIZATION' => "Token #{invalid_jwe_token}",
|
18
|
-
'QUERY_STRING' => 'accept=application/vnd.westeros+redkeep;version=1.0.0',
|
19
|
-
}
|
20
|
-
|
21
|
-
_status, _headers, response = middleware.call(request)
|
22
|
-
|
23
|
-
expect(response.first).to include 'errors.invalid_token'
|
24
|
-
end
|
25
|
-
end
|
26
|
-
end
|
27
|
-
end
|
@@ -1,37 +0,0 @@
|
|
1
|
-
# frozen_string_literal: true
|
2
|
-
require 'ostruct'
|
3
|
-
require 'rspeckled/spec_helpers/rspeckled'
|
4
|
-
require 'drillbit/requests/base'
|
5
|
-
|
6
|
-
module Drillbit
|
7
|
-
module Requests
|
8
|
-
describe Base do
|
9
|
-
it 'can resolve itself by returning itself' do
|
10
|
-
raw_request = Base.new(token_private_key: '', request: {})
|
11
|
-
resolved_request = Base.resolve(raw_request)
|
12
|
-
|
13
|
-
expect(resolved_request).to eql raw_request
|
14
|
-
end
|
15
|
-
|
16
|
-
it 'can resolve a Rails request' do
|
17
|
-
raw_request = OpenStruct.new(
|
18
|
-
headers: {},
|
19
|
-
params: {},
|
20
|
-
)
|
21
|
-
resolved_request = Base.resolve(raw_request)
|
22
|
-
|
23
|
-
expect(resolved_request).to be_a Requests::Rails
|
24
|
-
end
|
25
|
-
|
26
|
-
it 'can resolve a Rack request' do
|
27
|
-
raw_request = {
|
28
|
-
'HTTP_ACCEPT' => 'accept_string',
|
29
|
-
'QUERY_STRING' => '',
|
30
|
-
}
|
31
|
-
resolved_request = Base.resolve(raw_request)
|
32
|
-
|
33
|
-
expect(resolved_request).to be_a Requests::Rack
|
34
|
-
end
|
35
|
-
end
|
36
|
-
end
|
37
|
-
end
|
@@ -1,252 +0,0 @@
|
|
1
|
-
# frozen_string_literal: true
|
2
|
-
require 'rspeckled/spec_helpers/rspeckled'
|
3
|
-
require 'drillbit/requests/rack'
|
4
|
-
|
5
|
-
module Drillbit
|
6
|
-
module Requests
|
7
|
-
describe Rack do
|
8
|
-
it 'finds the accept header from the headers if it is valid' do
|
9
|
-
raw_request = {
|
10
|
-
'HTTP_ACCEPT' => 'application/vnd.westeros+redkeep;version=10.0',
|
11
|
-
'QUERY_STRING' => '',
|
12
|
-
'HTTP_X_APPLICATION_NAME' => 'westeros',
|
13
|
-
}
|
14
|
-
request = Rack.new(request: raw_request)
|
15
|
-
|
16
|
-
expect(request.accept_header.to_s).to eql 'application/vnd.westeros+redkeep;version=10.0'
|
17
|
-
end
|
18
|
-
|
19
|
-
it 'finds the accept header from the headers if it is invalid but there is no ' \
|
20
|
-
'accept header in the params' do
|
21
|
-
|
22
|
-
raw_request = {
|
23
|
-
'HTTP_ACCEPT' => 'invalid/vnd.westeros+redkeep;version=10.0',
|
24
|
-
'QUERY_STRING' => '',
|
25
|
-
'HTTP_X_APPLICATION_NAME' => 'westeros',
|
26
|
-
}
|
27
|
-
request = Rack.new(request: raw_request)
|
28
|
-
|
29
|
-
expect(request.accept_header.to_s).to eql 'invalid/vnd.westeros+redkeep;version=10.0'
|
30
|
-
end
|
31
|
-
|
32
|
-
it 'finds the accept header from the params if it is valid' do
|
33
|
-
raw_request = {
|
34
|
-
'HTTP_ACCEPT' => '',
|
35
|
-
'QUERY_STRING' => 'accept=application/vnd.westeros+redkeep;version=10.0',
|
36
|
-
'HTTP_X_APPLICATION_NAME' => 'westeros',
|
37
|
-
}
|
38
|
-
request = Rack.new(request: raw_request)
|
39
|
-
|
40
|
-
expect(request.accept_header.to_s).to eql 'application/vnd.westeros+redkeep;version=10.0'
|
41
|
-
end
|
42
|
-
|
43
|
-
it 'finds the accept header from the query string if it is encoded' do
|
44
|
-
raw_request = {
|
45
|
-
'HTTP_ACCEPT' => '',
|
46
|
-
'QUERY_STRING' => 'accept=application%2Fvnd.westeros%2Bredkeep%3Bversion%3D10.0',
|
47
|
-
'HTTP_X_APPLICATION_NAME' => 'westeros',
|
48
|
-
}
|
49
|
-
request = Rack.new(request: raw_request)
|
50
|
-
|
51
|
-
expect(request.accept_header.to_s).to eql 'application/vnd.westeros+redkeep;version=10.0'
|
52
|
-
end
|
53
|
-
# rubocop:enable Metrics/LineLength
|
54
|
-
|
55
|
-
it 'finds the authorization token from the header' do
|
56
|
-
raw_request = {
|
57
|
-
'HTTP_AUTHORIZATION' => "Token #{valid_jwe_token}",
|
58
|
-
'QUERY_STRING' => '',
|
59
|
-
}
|
60
|
-
request = Rack.new(token_private_key: test_private_key,
|
61
|
-
request: raw_request)
|
62
|
-
|
63
|
-
expect(request.authorization_token).to be_valid
|
64
|
-
expect(request.authorization_token.to_h).to eql(
|
65
|
-
[
|
66
|
-
{ 'bar' => 'baz' },
|
67
|
-
{ 'typ' => 'JWT', 'alg' => 'RS256' },
|
68
|
-
],
|
69
|
-
)
|
70
|
-
end
|
71
|
-
|
72
|
-
it 'finds the Base64 token from the header' do
|
73
|
-
raw_request = {
|
74
|
-
'HTTP_AUTHORIZATION' => "Basic #{valid_b64_token}",
|
75
|
-
'QUERY_STRING' => '',
|
76
|
-
}
|
77
|
-
request = Rack.new(token_private_key: test_private_key,
|
78
|
-
request: raw_request)
|
79
|
-
|
80
|
-
expect(request.authorization_token).to be_valid
|
81
|
-
expect(request.authorization_token.to_h).to eql(
|
82
|
-
[
|
83
|
-
{ 'token' => valid_b64_token },
|
84
|
-
{ 'typ' => 'base64' },
|
85
|
-
],
|
86
|
-
)
|
87
|
-
end
|
88
|
-
|
89
|
-
it 'finds a null token from the header if there is no header' do
|
90
|
-
raw_request = {
|
91
|
-
'HTTP_AUTHORIZATION' => '',
|
92
|
-
'QUERY_STRING' => '',
|
93
|
-
}
|
94
|
-
request = Rack.new(token_private_key: test_private_key,
|
95
|
-
request: raw_request)
|
96
|
-
|
97
|
-
expect(request.authorization_token).to be_valid
|
98
|
-
expect(request.authorization_token).to be_blank
|
99
|
-
end
|
100
|
-
|
101
|
-
it 'ignores incorrectly passed in tokens since we do not know what to do' do
|
102
|
-
raw_request = {
|
103
|
-
'HTTP_AUTHORIZATION' => valid_jwe_token.to_s,
|
104
|
-
'QUERY_STRING' => '',
|
105
|
-
}
|
106
|
-
request = Rack.new(token_private_key: test_private_key,
|
107
|
-
request: raw_request)
|
108
|
-
|
109
|
-
expect(request.authorization_token).to be_valid
|
110
|
-
expect(request.authorization_token).to be_blank
|
111
|
-
end
|
112
|
-
|
113
|
-
it 'finds the authorization token from the params if the authorization token from ' \
|
114
|
-
'the header is invalid and the authorization token from the params is valid' do
|
115
|
-
|
116
|
-
raw_request = {
|
117
|
-
'HTTP_AUTHORIZATION' => "Token #{invalid_jwe_token}",
|
118
|
-
'QUERY_STRING' => "token_jwt=#{valid_jwe_token}",
|
119
|
-
}
|
120
|
-
request = Rack.new(token_private_key: test_private_key,
|
121
|
-
request: raw_request)
|
122
|
-
|
123
|
-
expect(request.authorization_token).to be_valid
|
124
|
-
expect(request.authorization_token.to_h).to eql(
|
125
|
-
[
|
126
|
-
{ 'bar' => 'baz' },
|
127
|
-
{ 'typ' => 'JWT', 'alg' => 'RS256' },
|
128
|
-
],
|
129
|
-
)
|
130
|
-
end
|
131
|
-
|
132
|
-
it 'finds the authorization token from the params if the authorization token from ' \
|
133
|
-
'the header is not present and the authorization token from the params is valid' do
|
134
|
-
|
135
|
-
raw_request = {
|
136
|
-
'QUERY_STRING' => "token_jwt=#{valid_jwe_token}",
|
137
|
-
}
|
138
|
-
request = Rack.new(token_private_key: test_private_key,
|
139
|
-
request: raw_request)
|
140
|
-
|
141
|
-
expect(request.authorization_token).to be_valid
|
142
|
-
expect(request.authorization_token.to_h).to eql(
|
143
|
-
[
|
144
|
-
{ 'bar' => 'baz' },
|
145
|
-
{ 'typ' => 'JWT', 'alg' => 'RS256' },
|
146
|
-
],
|
147
|
-
)
|
148
|
-
end
|
149
|
-
|
150
|
-
it 'is a null authorization token if neither authorization token is present' do
|
151
|
-
raw_request = {
|
152
|
-
'QUERY_STRING' => '',
|
153
|
-
}
|
154
|
-
request = Rack.new(token_private_key: test_private_key,
|
155
|
-
request: raw_request)
|
156
|
-
|
157
|
-
expect(request.authorization_token).to be_valid
|
158
|
-
expect(request.authorization_token.to_h).to eql([{}, {}])
|
159
|
-
end
|
160
|
-
|
161
|
-
it 'finds the JSON web token from the params' do
|
162
|
-
raw_request = {
|
163
|
-
'QUERY_STRING' => "token_jwt=#{valid_jwe_token}",
|
164
|
-
}
|
165
|
-
request = Rack.new(token_private_key: test_private_key,
|
166
|
-
request: raw_request)
|
167
|
-
|
168
|
-
expect(request.authorization_token).to be_valid
|
169
|
-
expect(request.authorization_token.to_h).to eql(
|
170
|
-
[
|
171
|
-
{ 'bar' => 'baz' },
|
172
|
-
{ 'typ' => 'JWT', 'alg' => 'RS256' },
|
173
|
-
],
|
174
|
-
)
|
175
|
-
end
|
176
|
-
|
177
|
-
it 'finds the generic Base64 web token from the params' do
|
178
|
-
raw_request = {
|
179
|
-
'QUERY_STRING' => "token_b64=#{valid_b64_token}",
|
180
|
-
}
|
181
|
-
request = Rack.new(request: raw_request)
|
182
|
-
|
183
|
-
expect(request.authorization_token).to be_valid
|
184
|
-
expect(request.authorization_token.to_h).to eql(
|
185
|
-
[
|
186
|
-
{ 'token' => valid_b64_token },
|
187
|
-
{ 'typ' => 'base64' },
|
188
|
-
],
|
189
|
-
)
|
190
|
-
end
|
191
|
-
|
192
|
-
it 'finds invalid tokens from the params' do
|
193
|
-
raw_request = {
|
194
|
-
'QUERY_STRING' => 'token_b64=bla.h',
|
195
|
-
}
|
196
|
-
request = Rack.new(request: raw_request)
|
197
|
-
|
198
|
-
expect(request.authorization_token_from_params).not_to be_valid
|
199
|
-
expect(request.authorization_token_from_params).not_to be_blank
|
200
|
-
|
201
|
-
raw_request = {
|
202
|
-
'QUERY_STRING' => "token_jwt=#{invalid_jwe_token}",
|
203
|
-
}
|
204
|
-
request = Rack.new(token_private_key: test_private_key,
|
205
|
-
request: raw_request)
|
206
|
-
|
207
|
-
expect(request.authorization_token_from_params).not_to be_valid
|
208
|
-
expect(request.authorization_token_from_params).not_to be_blank
|
209
|
-
end
|
210
|
-
|
211
|
-
it 'finds the null token from the params if nothing is passed in' do
|
212
|
-
raw_request = {
|
213
|
-
'QUERY_STRING' => 'token_b64=',
|
214
|
-
}
|
215
|
-
request = Rack.new(request: raw_request)
|
216
|
-
|
217
|
-
expect(request.authorization_token_from_params).to be_valid
|
218
|
-
expect(request.authorization_token_from_params).to be_blank
|
219
|
-
|
220
|
-
raw_request = {
|
221
|
-
'QUERY_STRING' => 'token_jwt=',
|
222
|
-
}
|
223
|
-
request = Rack.new(request: raw_request)
|
224
|
-
|
225
|
-
expect(request.authorization_token_from_params).to be_valid
|
226
|
-
expect(request.authorization_token_from_params).to be_blank
|
227
|
-
|
228
|
-
raw_request = {
|
229
|
-
'QUERY_STRING' => '',
|
230
|
-
}
|
231
|
-
request = Rack.new(request: raw_request)
|
232
|
-
|
233
|
-
expect(request.authorization_token_from_params).to be_valid
|
234
|
-
expect(request.authorization_token_from_params).to be_blank
|
235
|
-
end
|
236
|
-
|
237
|
-
it 'defaults to the application name in the configuration if none is found in ' \
|
238
|
-
'the header' do
|
239
|
-
|
240
|
-
Drillbit.configuration.application_name = 'redkeep'
|
241
|
-
|
242
|
-
raw_request = {
|
243
|
-
'HTTP_ACCEPT' => '',
|
244
|
-
'QUERY_STRING' => 'accept=application/vnd.redkeep+zion;version=10.0',
|
245
|
-
}
|
246
|
-
request = Rack.new(request: raw_request)
|
247
|
-
|
248
|
-
expect(request.accept_header.to_s).to eql 'application/vnd.redkeep+zion;version=10.0'
|
249
|
-
end
|
250
|
-
end
|
251
|
-
end
|
252
|
-
end
|
@@ -1,264 +0,0 @@
|
|
1
|
-
# frozen_string_literal: true
|
2
|
-
require 'ostruct'
|
3
|
-
require 'rspeckled/spec_helpers/rspeckled'
|
4
|
-
require 'drillbit/requests/rails'
|
5
|
-
|
6
|
-
# rubocop:disable Metrics/LineLength
|
7
|
-
module Drillbit
|
8
|
-
module Requests
|
9
|
-
describe Rails do
|
10
|
-
it 'finds the accept header from the headers if it is valid' do
|
11
|
-
raw_request = OpenStruct.new(
|
12
|
-
headers: {
|
13
|
-
'X-Application-Name' => 'westeros',
|
14
|
-
'Accept' => 'application/vnd.westeros+redkeep;version=10.0',
|
15
|
-
},
|
16
|
-
params: {},
|
17
|
-
)
|
18
|
-
request = Rails.new(request: raw_request)
|
19
|
-
|
20
|
-
expect(request.accept_header.to_s).to eql 'application/vnd.westeros+redkeep;version=10.0'
|
21
|
-
end
|
22
|
-
|
23
|
-
it 'finds the accept header from the headers if it is invalid but there is no ' \
|
24
|
-
'accept header in the params' do
|
25
|
-
|
26
|
-
raw_request = OpenStruct.new(
|
27
|
-
headers: {
|
28
|
-
'X-Application-Name' => 'westeros',
|
29
|
-
'Accept' => 'invalid/vnd.westeros+redkeep;version=10.0',
|
30
|
-
},
|
31
|
-
params: {},
|
32
|
-
)
|
33
|
-
request = Rails.new(request: raw_request)
|
34
|
-
|
35
|
-
expect(request.accept_header.to_s).to eql 'invalid/vnd.westeros+redkeep;version=10.0'
|
36
|
-
end
|
37
|
-
|
38
|
-
it 'finds the accept header from the params if it is valid' do
|
39
|
-
raw_request = OpenStruct.new(
|
40
|
-
headers: {
|
41
|
-
'X-Application-Name' => 'westeros',
|
42
|
-
},
|
43
|
-
params: { 'accept' => 'application/vnd.westeros+redkeep;version=10.0' },
|
44
|
-
)
|
45
|
-
request = Rails.new(request: raw_request)
|
46
|
-
|
47
|
-
expect(request.accept_header.to_s).to eql 'application/vnd.westeros+redkeep;version=10.0'
|
48
|
-
end
|
49
|
-
|
50
|
-
it 'finds the authorization token from the header' do
|
51
|
-
raw_request = OpenStruct.new(
|
52
|
-
headers: {
|
53
|
-
'HTTP_AUTHORIZATION' => "Token #{valid_jwe_token}",
|
54
|
-
},
|
55
|
-
params: {},
|
56
|
-
)
|
57
|
-
request = Rails.new(token_private_key: test_private_key,
|
58
|
-
request: raw_request)
|
59
|
-
|
60
|
-
expect(request.authorization_token).to be_valid
|
61
|
-
expect(request.authorization_token.to_h).to eql(
|
62
|
-
[
|
63
|
-
{ 'bar' => 'baz' },
|
64
|
-
{ 'typ' => 'JWT', 'alg' => 'RS256' },
|
65
|
-
],
|
66
|
-
)
|
67
|
-
end
|
68
|
-
|
69
|
-
it 'finds the Base64 token from the header' do
|
70
|
-
raw_request = OpenStruct.new(
|
71
|
-
headers: {
|
72
|
-
'HTTP_AUTHORIZATION' => "Basic #{valid_b64_token}",
|
73
|
-
},
|
74
|
-
params: {},
|
75
|
-
)
|
76
|
-
request = Rails.new(token_private_key: test_private_key,
|
77
|
-
request: raw_request)
|
78
|
-
|
79
|
-
expect(request.authorization_token).to be_valid
|
80
|
-
expect(request.authorization_token.to_h).to eql(
|
81
|
-
[
|
82
|
-
{ 'token' => valid_b64_token },
|
83
|
-
{ 'typ' => 'base64' },
|
84
|
-
],
|
85
|
-
)
|
86
|
-
end
|
87
|
-
|
88
|
-
it 'finds a null token from the header if there is no header' do
|
89
|
-
raw_request = OpenStruct.new(
|
90
|
-
headers: {},
|
91
|
-
params: {},
|
92
|
-
)
|
93
|
-
request = Rails.new(token_private_key: test_private_key,
|
94
|
-
request: raw_request)
|
95
|
-
|
96
|
-
expect(request.authorization_token).to be_valid
|
97
|
-
expect(request.authorization_token).to be_blank
|
98
|
-
end
|
99
|
-
|
100
|
-
it 'ignores incorrectly passed in tokens since we do not know what to do' do
|
101
|
-
raw_request = OpenStruct.new(
|
102
|
-
headers: {
|
103
|
-
'HTTP_AUTHORIZATION' => valid_jwe_token.to_s,
|
104
|
-
},
|
105
|
-
params: {},
|
106
|
-
)
|
107
|
-
request = Rails.new(token_private_key: test_private_key,
|
108
|
-
request: raw_request)
|
109
|
-
|
110
|
-
expect(request.authorization_token).to be_valid
|
111
|
-
expect(request.authorization_token).to be_blank
|
112
|
-
end
|
113
|
-
|
114
|
-
it 'finds the authorization token from the params if the authorization token from ' \
|
115
|
-
'the header is invalid and the authorization token from the params is valid' do
|
116
|
-
|
117
|
-
raw_request = OpenStruct.new(
|
118
|
-
headers: {
|
119
|
-
'HTTP_AUTHORIZATION' => "Token #{invalid_jwe_token}",
|
120
|
-
},
|
121
|
-
params: { 'token_jwt' => valid_jwe_token },
|
122
|
-
)
|
123
|
-
request = Rails.new(token_private_key: test_private_key,
|
124
|
-
request: raw_request)
|
125
|
-
|
126
|
-
expect(request.authorization_token).to be_valid
|
127
|
-
expect(request.authorization_token.to_h).to eql(
|
128
|
-
[
|
129
|
-
{ 'bar' => 'baz' },
|
130
|
-
{ 'typ' => 'JWT', 'alg' => 'RS256' },
|
131
|
-
],
|
132
|
-
)
|
133
|
-
end
|
134
|
-
|
135
|
-
it 'finds the authorization token from the params if the authorization token from ' \
|
136
|
-
'the header is not present and the authorization token from the params is valid' do
|
137
|
-
|
138
|
-
raw_request = OpenStruct.new(
|
139
|
-
headers: {},
|
140
|
-
params: { 'token_jwt' => valid_jwe_token },
|
141
|
-
)
|
142
|
-
request = Rails.new(token_private_key: test_private_key,
|
143
|
-
request: raw_request)
|
144
|
-
|
145
|
-
expect(request.authorization_token).to be_valid
|
146
|
-
expect(request.authorization_token.to_h).to eql(
|
147
|
-
[
|
148
|
-
{ 'bar' => 'baz' },
|
149
|
-
{ 'typ' => 'JWT', 'alg' => 'RS256' },
|
150
|
-
],
|
151
|
-
)
|
152
|
-
end
|
153
|
-
|
154
|
-
it 'is a null authorization token if neither authorization token is present' do
|
155
|
-
raw_request = OpenStruct.new(
|
156
|
-
headers: {},
|
157
|
-
params: {},
|
158
|
-
)
|
159
|
-
request = Rails.new(token_private_key: test_private_key,
|
160
|
-
request: raw_request)
|
161
|
-
|
162
|
-
expect(request.authorization_token).to be_valid
|
163
|
-
expect(request.authorization_token.to_h).to eql([{}, {}])
|
164
|
-
end
|
165
|
-
|
166
|
-
it 'finds the JSON web token from the params' do
|
167
|
-
raw_request = OpenStruct.new(
|
168
|
-
headers: {},
|
169
|
-
params: { 'token_jwt' => valid_jwe_token },
|
170
|
-
)
|
171
|
-
request = Rails.new(token_private_key: test_private_key,
|
172
|
-
request: raw_request)
|
173
|
-
|
174
|
-
expect(request.authorization_token).to be_valid
|
175
|
-
expect(request.authorization_token.to_h).to eql(
|
176
|
-
[
|
177
|
-
{ 'bar' => 'baz' },
|
178
|
-
{ 'typ' => 'JWT', 'alg' => 'RS256' },
|
179
|
-
],
|
180
|
-
)
|
181
|
-
end
|
182
|
-
|
183
|
-
it 'finds the generic Base64 web token from the params' do
|
184
|
-
raw_request = OpenStruct.new(
|
185
|
-
headers: {},
|
186
|
-
params: { 'token_b64' => valid_b64_token },
|
187
|
-
)
|
188
|
-
request = Rails.new(request: raw_request)
|
189
|
-
|
190
|
-
expect(request.authorization_token).to be_valid
|
191
|
-
expect(request.authorization_token.to_h).to eql(
|
192
|
-
[
|
193
|
-
{ 'token' => valid_b64_token },
|
194
|
-
{ 'typ' => 'base64' },
|
195
|
-
],
|
196
|
-
)
|
197
|
-
end
|
198
|
-
|
199
|
-
it 'finds invalid tokens from the params' do
|
200
|
-
raw_request = OpenStruct.new(
|
201
|
-
headers: {},
|
202
|
-
params: { 'token_b64' => 'bla.h' },
|
203
|
-
)
|
204
|
-
request = Rails.new(request: raw_request)
|
205
|
-
|
206
|
-
expect(request.authorization_token_from_params).not_to be_valid
|
207
|
-
expect(request.authorization_token_from_params).not_to be_blank
|
208
|
-
|
209
|
-
raw_request = OpenStruct.new(
|
210
|
-
headers: {},
|
211
|
-
params: { 'token_jwt' => invalid_jwe_token },
|
212
|
-
)
|
213
|
-
request = Rails.new(token_private_key: test_private_key,
|
214
|
-
request: raw_request)
|
215
|
-
|
216
|
-
expect(request.authorization_token_from_params).not_to be_valid
|
217
|
-
expect(request.authorization_token_from_params).not_to be_blank
|
218
|
-
end
|
219
|
-
|
220
|
-
it 'finds the null token from the params if nothing is passed in' do
|
221
|
-
raw_request = OpenStruct.new(
|
222
|
-
headers: {},
|
223
|
-
params: { 'token_b64' => '' },
|
224
|
-
)
|
225
|
-
request = Rails.new(request: raw_request)
|
226
|
-
|
227
|
-
expect(request.authorization_token_from_params).to be_valid
|
228
|
-
expect(request.authorization_token_from_params).to be_blank
|
229
|
-
|
230
|
-
raw_request = OpenStruct.new(
|
231
|
-
headers: {},
|
232
|
-
params: { 'token_jwt' => '' },
|
233
|
-
)
|
234
|
-
request = Rails.new(request: raw_request)
|
235
|
-
|
236
|
-
expect(request.authorization_token_from_params).to be_valid
|
237
|
-
expect(request.authorization_token_from_params).to be_blank
|
238
|
-
|
239
|
-
raw_request = OpenStruct.new(
|
240
|
-
headers: {},
|
241
|
-
params: {},
|
242
|
-
)
|
243
|
-
request = Rails.new(request: raw_request)
|
244
|
-
|
245
|
-
expect(request.authorization_token_from_params).to be_valid
|
246
|
-
expect(request.authorization_token_from_params).to be_blank
|
247
|
-
end
|
248
|
-
|
249
|
-
it 'defaults to the application name in the configuration if none is found in ' \
|
250
|
-
'the header' do
|
251
|
-
|
252
|
-
Drillbit.configuration.application_name = 'redkeep'
|
253
|
-
|
254
|
-
raw_request = OpenStruct.new(
|
255
|
-
headers: {},
|
256
|
-
params: { 'accept' => 'application/vnd.redkeep+zion;version=10.0' },
|
257
|
-
)
|
258
|
-
request = Rails.new(request: raw_request)
|
259
|
-
|
260
|
-
expect(request.accept_header.to_s).to eql 'application/vnd.redkeep+zion;version=10.0'
|
261
|
-
end
|
262
|
-
end
|
263
|
-
end
|
264
|
-
end
|