fog-brightbox 1.5.0 → 1.7.1

data/spec/fog/brightbox/compute/get_access_token_spec.rb

@@ -0,0 +1,305 @@
+require "spec_helper"
+
+describe Fog::Brightbox::Compute, "#get_access_token" do
+  before do
+    @new_access_token = "0987654321"
+    @new_refresh_token = "5432167890"
+
+    @options = {
+      brightbox_client_id: "app-12345",
+      brightbox_secret: "1234567890",
+      brightbox_username: "jason.null@brightbox.com",
+      brightbox_password: "HR4life",
+      brightbox_support_two_factor: true,
+      brightbox_one_time_password: "123456"
+    }
+    @service = Fog::Brightbox::Compute.new(@options)
+  end
+
+  describe "when user does not have 2FA enabled" do
+    describe "and authenticates correctly" do
+      before do
+        stub_authentication_request(auth_correct: true)
+
+        assert @service.two_factor?
+      end
+
+      describe "without !" do
+        it "updates credentials" do
+          token = @service.get_access_token
+          assert_equal "0987654321", token
+
+          assert_equal token, @service.access_token
+        end
+      end
+
+      describe "with !" do
+        it "updates credentials" do
+          token = @service.get_access_token!
+          assert_equal "0987654321", token
+
+          assert_equal token, @service.access_token
+        end
+      end
+    end
+
+    describe "and authenticates incorrectly" do
+      before do
+        stub_authentication_request(auth_correct: false)
+
+        assert @service.two_factor?
+      end
+
+      describe "without !" do
+        it "returns nil" do
+          assert_nil @service.get_access_token
+
+          assert_nil @service.access_token
+          assert_nil @service.refresh_token
+        end
+      end
+
+      describe "with !" do
+        it "raises an error" do
+          begin
+            @service.get_access_token!
+          rescue Excon::Error::Unauthorized
+            assert_nil @service.access_token
+            assert_nil @service.refresh_token
+          end
+        end
+      end
+    end
+  end
+
+  describe "when user does have 2FA enabled" do
+    describe "and authenticates correctly" do
+      describe "without OTP" do
+        before do
+          stub_authentication_request(auth_correct: true,
+                                      two_factor_user: true)
+
+          assert @service.two_factor?
+        end
+
+        describe "without !" do
+          it "returns nil" do
+            assert_nil @service.get_access_token
+
+            assert_nil @service.access_token
+            assert_nil @service.refresh_token
+          end
+        end
+
+        describe "with !" do
+          it "raises an error" do
+            begin
+              @service.get_access_token!
+            rescue Fog::Brightbox::OAuth2::TwoFactorMissingError
+              assert_nil @service.access_token
+              assert_nil @service.refresh_token
+            end
+          end
+        end
+      end
+
+      describe "with OTP" do
+        before do
+          stub_authentication_request(auth_correct: true,
+                                      two_factor_user: true,
+                                      otp_sent: true)
+
+          assert @service.two_factor?
+        end
+
+        describe "without !" do
+          it "updates credentials" do
+            token = @service.get_access_token
+            assert_equal "0987654321", token
+
+            assert_equal token, @service.access_token
+          end
+        end
+
+        describe "with !" do
+          it "updates credentials" do
+            token = @service.get_access_token!
+            assert_equal "0987654321", token
+
+            assert_equal token, @service.access_token
+          end
+        end
+      end
+    end
+
+    describe "and authenticates incorrectly" do
+      before do
+        stub_authentication_request(auth_correct: false,
+                                    two_factor_user: true)
+
+        assert @service.two_factor?
+      end
+
+      describe "without !" do
+        it "returns nil" do
+          assert_nil @service.get_access_token
+
+          assert_nil @service.access_token
+          assert_nil @service.refresh_token
+        end
+      end
+
+      describe "with !" do
+        it "raises an error" do
+          begin
+            @service.get_access_token!
+          rescue Fog::Brightbox::OAuth2::TwoFactorMissingError
+            assert_nil @service.access_token
+            assert_nil @service.refresh_token
+          end
+        end
+      end
+    end
+
+    describe "without 2FA support enabled" do
+      before do
+        @options = {
+          brightbox_client_id: "app-12345",
+          brightbox_secret: "1234567890",
+          brightbox_username: "jason.null@brightbox.com",
+          brightbox_password: "HR4life",
+          brightbox_support_two_factor: false,
+          brightbox_one_time_password: "123456"
+        }
+        @service = Fog::Brightbox::Compute.new(@options)
+
+        refute @service.two_factor?
+      end
+
+      describe "without !" do
+        it "returns nil" do
+          stub_authentication_request(auth_correct: false,
+                                      two_factor_user: true)
+
+          assert_nil @service.get_access_token
+
+          assert_nil @service.access_token
+          assert_nil @service.refresh_token
+        end
+      end
+
+      describe "with !" do
+        describe "when authentication incorrect" do
+          it "raises an error" do
+            stub_authentication_request(auth_correct: false,
+                                        two_factor_user: true,
+                                        otp_sent: true)
+
+            begin
+              @service.get_access_token!
+            rescue Excon::Error::Unauthorized
+              assert_nil @service.access_token
+              assert_nil @service.refresh_token
+            end
+          end
+        end
+
+        describe "with missing OTP" do
+          before do
+            @options = {
+              brightbox_client_id: "app-12345",
+              brightbox_secret: "1234567890",
+              brightbox_username: "jason.null@brightbox.com",
+              brightbox_password: "HR4life",
+              brightbox_support_two_factor: false
+            }
+            @service = Fog::Brightbox::Compute.new(@options)
+
+            refute @service.two_factor?
+          end
+
+          it "raises an error" do
+            stub_authentication_request(auth_correct: true,
+                                        two_factor_user: true,
+                                        otp_sent: false)
+
+            begin
+              @service.get_access_token!
+            rescue Excon::Error::Unauthorized
+              assert_nil @service.access_token
+              assert_nil @service.refresh_token
+            end
+          end
+        end
+      end
+    end
+  end
+
+  # @param auth_correct [Boolean] Treat username/password as correct
+  # @param two_factor_user [Boolean] Is user protected by 2FA on server
+  # @param otp_sent [Boolean] Is an OTP sent in the request?
+  def stub_authentication_request(auth_correct:,
+                                  two_factor_user: false,
+                                  otp_sent: nil)
+
+    two_factor_supported = @service.two_factor?
+
+    request = {
+      headers: {
+        "Authorization" => "Basic YXBwLTEyMzQ1OjEyMzQ1Njc4OTA=",
+        "Content-Type" => "application/json",
+      },
+      body: {
+        grant_type: "password",
+        username: "jason.null@brightbox.com",
+        password: "HR4life"
+      }.to_json
+    }.tap do |req|
+      # Only expect the header if the service should send it
+      # Without this, we stub a request that demands an OTP but it is not sent
+      if two_factor_supported && otp_sent
+        req[:headers]["X-Brightbox-OTP"] = "123456"
+      end
+    end
+
+    # The cases we are testing are:
+    #
+    # * User does not use 2FA and authenticate
+    # * User does not use 2FA and FAILS to authenticate
+    # * User does use 2FA and authenticate
+    # * User does use 2FA and FAILS to authenticate
+    # * User does use 2FA and FAILS to send OTP
+    #
+    response = if two_factor_user && !otp_sent
+      # OTP required header
+      {
+        status: 401,
+        headers: {
+          "X-Brightbox-OTP" => "required"
+        },
+        body: { error: "invalid_client" }.to_json
+      }
+    elsif !auth_correct
+      # No OTP header
+      {
+        status: 401,
+        headers: {},
+        body: { error: "invalid_client" }.to_json
+      }
+    else
+      {
+        status: 200,
+        headers: {},
+        body: {
+          access_token: @new_access_token,
+          refresh_token: @new_refresh_token,
+          expires_in: 7200
+        }.to_json
+      }
+    end
+
+    stub_request(:post, "https://api.gb1.brightbox.com/token")
+      .with(request)
+      .to_return(response)
+  end
+end

data/spec/fog/brightbox/compute/two_factor_spec.rb

@@ -0,0 +1,53 @@
+require "spec_helper"
+
+describe Fog::Brightbox::Compute, "#two_factor?" do
+  describe "when omitted" do
+    before do
+      @options = {
+        brightbox_client_id: "app-12345",
+        brightbox_secret: "1234567890",
+        brightbox_username: "jason.null@brightbox.com",
+        brightbox_password: "HR4life"
+      }
+      @service = Fog::Brightbox::Compute.new(@options)
+    end
+
+    it do
+      refute @service.two_factor?
+    end
+  end
+
+  describe "when disabled" do
+    before do
+      @options = {
+        brightbox_client_id: "app-12345",
+        brightbox_secret: "1234567890",
+        brightbox_username: "jason.null@brightbox.com",
+        brightbox_password: "HR4life",
+        brightbox_support_two_factor: false
+      }
+      @service = Fog::Brightbox::Compute.new(@options)
+    end
+
+    it do
+      refute @service.two_factor?
+    end
+  end
+
+  describe "when enabled" do
+    before do
+      @options = {
+        brightbox_client_id: "app-12345",
+        brightbox_secret: "1234567890",
+        brightbox_username: "jason.null@brightbox.com",
+        brightbox_password: "HR4life",
+        brightbox_support_two_factor: true
+      }
+      @service = Fog::Brightbox::Compute.new(@options)
+    end
+
+    it do
+      assert @service.two_factor?
+    end
+  end
+end

data/spec/fog/brightbox/oauth2/user_credentials_strategy_spec.rb

@@ -37,4 +37,24 @@ describe Fog::Brightbox::OAuth2::UserCredentialsStrategy do
     assert_equal "Basic YXBwLTEyMzQ1Ol9fbWFzaGVkX2tleXNfMTIzX18=", headers["Authorization"]
     assert_equal "application/json", headers["Content-Type"]
   end
+
+  describe "when 2FA OTP is included" do
+    before do
+      options = {
+        username: @username,
+        password: @password,
+        one_time_password: "123456"
+      }
+
+      @credentials = Fog::Brightbox::OAuth2::CredentialSet.new(@client_id, @client_secret, options)
+      @strategy = Fog::Brightbox::OAuth2::UserCredentialsStrategy.new(@credentials)
+    end
+
+    it "tests #headers" do
+      headers = @strategy.headers
+      assert_equal "Basic YXBwLTEyMzQ1Ol9fbWFzaGVkX2tleXNfMTIzX18=", headers["Authorization"]
+      assert_equal "application/json", headers["Content-Type"]
+      assert_equal "123456", headers["X-Brightbox-OTP"]
+    end
+  end
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: fog-brightbox
 version: !ruby/object:Gem::Version
-  version: 1.5.0
+  version: 1.7.1
 platform: ruby
 authors:
 - Paul Thornthwaite
@@ -193,6 +193,8 @@ files:
 - lib/fog/brightbox/models/compute/cloud_ips.rb
 - lib/fog/brightbox/models/compute/collaboration.rb
 - lib/fog/brightbox/models/compute/collaborations.rb
+- lib/fog/brightbox/models/compute/config_map.rb
+- lib/fog/brightbox/models/compute/config_maps.rb
 - lib/fog/brightbox/models/compute/database_server.rb
 - lib/fog/brightbox/models/compute/database_servers.rb
 - lib/fog/brightbox/models/compute/database_snapshot.rb
@@ -240,6 +242,7 @@ files:
 - lib/fog/brightbox/requests/compute/create_application.rb
 - lib/fog/brightbox/requests/compute/create_cloud_ip.rb
 - lib/fog/brightbox/requests/compute/create_collaboration.rb
+- lib/fog/brightbox/requests/compute/create_config_map.rb
 - lib/fog/brightbox/requests/compute/create_database_server.rb
 - lib/fog/brightbox/requests/compute/create_firewall_policy.rb
 - lib/fog/brightbox/requests/compute/create_firewall_rule.rb
@@ -252,6 +255,7 @@ files:
 - lib/fog/brightbox/requests/compute/delete_application.rb
 - lib/fog/brightbox/requests/compute/delete_cloud_ip.rb
 - lib/fog/brightbox/requests/compute/delete_collaboration.rb
+- lib/fog/brightbox/requests/compute/delete_config_map.rb
 - lib/fog/brightbox/requests/compute/delete_database_server.rb
 - lib/fog/brightbox/requests/compute/delete_database_snapshot.rb
 - lib/fog/brightbox/requests/compute/delete_firewall_policy.rb
@@ -269,6 +273,7 @@ files:
 - lib/fog/brightbox/requests/compute/get_authenticated_user.rb
 - lib/fog/brightbox/requests/compute/get_cloud_ip.rb
 - lib/fog/brightbox/requests/compute/get_collaboration.rb
+- lib/fog/brightbox/requests/compute/get_config_map.rb
 - lib/fog/brightbox/requests/compute/get_database_server.rb
 - lib/fog/brightbox/requests/compute/get_database_snapshot.rb
 - lib/fog/brightbox/requests/compute/get_database_type.rb
@@ -290,6 +295,7 @@ files:
 - lib/fog/brightbox/requests/compute/list_applications.rb
 - lib/fog/brightbox/requests/compute/list_cloud_ips.rb
 - lib/fog/brightbox/requests/compute/list_collaborations.rb
+- lib/fog/brightbox/requests/compute/list_config_maps.rb
 - lib/fog/brightbox/requests/compute/list_database_servers.rb
 - lib/fog/brightbox/requests/compute/list_database_snapshots.rb
 - lib/fog/brightbox/requests/compute/list_database_types.rb
@@ -342,6 +348,7 @@ files:
 - lib/fog/brightbox/requests/compute/update_api_client.rb
 - lib/fog/brightbox/requests/compute/update_application.rb
 - lib/fog/brightbox/requests/compute/update_cloud_ip.rb
+- lib/fog/brightbox/requests/compute/update_config_map.rb
 - lib/fog/brightbox/requests/compute/update_database_server.rb
 - lib/fog/brightbox/requests/compute/update_database_snapshot.rb
 - lib/fog/brightbox/requests/compute/update_firewall_policy.rb
@@ -381,6 +388,9 @@ files:
 - lib/fog/brightbox/storage/not_found.rb
 - lib/fog/brightbox/version.rb
 - spec/fog/brightbox/compute/config_spec.rb
+- spec/fog/brightbox/compute/credentials_spec.rb
+- spec/fog/brightbox/compute/get_access_token_spec.rb
+- spec/fog/brightbox/compute/two_factor_spec.rb
 - spec/fog/brightbox/compute/wrapped_request_spec.rb
 - spec/fog/brightbox/config_spec.rb
 - spec/fog/brightbox/link_helper_spec.rb
@@ -488,6 +498,9 @@ summary: This library can be used as a module for `fog` or as standalone provide
   to use the Brightbox Cloud in applications
 test_files:
 - spec/fog/brightbox/compute/config_spec.rb
+- spec/fog/brightbox/compute/credentials_spec.rb
+- spec/fog/brightbox/compute/get_access_token_spec.rb
+- spec/fog/brightbox/compute/two_factor_spec.rb
 - spec/fog/brightbox/compute/wrapped_request_spec.rb
 - spec/fog/brightbox/config_spec.rb
 - spec/fog/brightbox/link_helper_spec.rb