g5_authenticatable_api 0.4.1 → 1.0.0.pre.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: b27a4771bf18393ffd8ad312ebb28067adc61d0a
-  data.tar.gz: 01f833fe489e751c74d84595b8d293f3c6d0cd2b
+  metadata.gz: 75dde541965b5e6f7592ad1d4e8577a87132bfdf
+  data.tar.gz: 877a7828b65a3f995c2c4eddea47a45f545e4f62
 SHA512:
-  metadata.gz: 97d367ea0171fb10ee224f57814fa68df7a54df4ffbae8c32919d9956a75d09841ffdeb082ecd675244a0f99caf748cbfcdc253e4dd1945f0c617f0c6fbc8291
-  data.tar.gz: 9a5a962fe830a0389872136279558c998e0216f2267236ec6ed00dd611c54f928d9065449b961351fdd5bc19d9cade7986944fdf40f88a1340803319bfa3c812
+  metadata.gz: a3b25ec2f6b3b616fca70b0d0a986376350a00787f5a69f2dcd46cbb5fcc63bd6a8c464a76d7bc3c1bc218356c03627da9287439fe48b73914597a43e592210e
+  data.tar.gz: 90099f07198141a0a4289c22ed63a77c01b8bdb02e65953ad5bad41f21ea0aea3ea8e58663ca684c5b06af0a0ccc8a9f55a170235e3b902cfe238e4acdeb09f1

data/.gitignore

@@ -5,6 +5,7 @@
 .config
 .yardoc
 Gemfile.lock
+*.gemfile.lock
 InstalledFiles
 _yardoc
 coverage

data/.rspec

@@ -1,2 +1,3 @@
 --color
 --format progress
+--require spec_helper

data/.ruby-version

@@ -1 +1 @@
-2.1.6
+2.3.4

data/.travis.yml

@@ -1,13 +1,34 @@
 language: ruby
 rvm:
-  - 2.0.0
-  - 2.1.6
-  - 2.2.2
-script:
-  - (cd spec/dummy; RAILS_ENV=test bundle exec rake db:drop db:create db:schema:load)
-  - bundle exec rspec spec
-before_script:
-  - cp spec/dummy/config/database.yml.ci spec/dummy/config/database.yml
+  - 2.2.7
+  - 2.3.4
+  - 2.4.1
+gemfile:
+  - gemfiles/rails_4.1.gemfile
+  - gemfiles/rails_4.2.gemfile
+  - gemfiles/rails_5.0.gemfile
+  - gemfiles/rails_5.1.gemfile
+matrix:
+  exclude:
+    - rvm: 2.4.1
+      gemfile: gemfiles/rails_4.1.gemfile
+  allow_failures:
+    - rvm: 2.4.1
+cache:
+  bundler: true
+dist: trusty
+sudo: false
 env:
   global:
     - DEVISE_SECRET_KEY=foo
+before_script:
+  - cp spec/dummy/config/database.yml.ci spec/dummy/config/database.yml
+  - RAILS_ENV=test bundle exec rake app:db:create app:db:migrate
+script:
+  - bundle exec rspec
+after_script:
+  - bundle exec codeclimate-test-reporter
+addons:
+  code_climate:
+    repo_token:
+      secure: "e2vpIAPiaVnWD1w0JcWV2gl1LyNPqlUomlUeBvyHCEzxDpMxoXOTfsLQhQ/LzQC1FH9Ph0lXPRHfM7wL/WJxHThqHFpCM784lbE/Zbp9W9u8btMhCEl8ZYSynm/5+Ycsh8tJD7UCduCqdNF3zXJ450BwoVBcQri4FqsyWXp5lcE="

data/Appraisals

@@ -0,0 +1,17 @@
+# frozen_string_literal: true
+
+appraise 'rails-4.1' do
+  gem 'rails', '~> 4.1.16'
+end
+
+appraise 'rails-4.2' do
+  gem 'rails', '~> 4.2.8'
+end
+
+appraise 'rails-5.0' do
+  gem 'rails', '~> 5.0.3'
+end
+
+appraise 'rails-5.1' do
+  gem 'rails', '~> 5.1.1'
+end

data/CHANGELOG.md

@@ -1,3 +1,12 @@
+## v1.0.0.pre.1 (2017-06-12)
+
+* **Backwards incompatible changes**
+  * Drop support for ruby < 2.2
+  * Drop support for rails < 4.1
+* Enhancements
+  * Add support for ruby 2.3 and 2.4 (experimental)
+  * Add support for rails 5.0 and 5.1
+
 ## v0.4.0 (2015-05-22)
 
 * Add helpers for retrieving current API user as well as more detailed token

data/Gemfile

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 source 'https://rubygems.org'
 
 # Declare your gem's dependencies in g5_authenticatable_api.gemspec.
@@ -6,34 +8,31 @@ source 'https://rubygems.org'
 gemspec
 
 # Gems used by the dummy application
-gem 'rails', '4.1.4'
+gem 'devise'
+gem 'devise_g5_authenticatable', '1.0.0.pre.1'
+gem 'grape'
 gem 'jquery-rails'
 gem 'pg'
-gem 'grape'
-gem 'devise'
-gem 'devise_g5_authenticatable'
+gem 'rails', '5.1.1'
 
 group :test, :development do
-  gem 'rspec-rails', '~> 2.14'
-  gem 'pry'
+  gem 'appraisal'
+  gem 'pry-byebug'
+  gem 'rspec-rails', '~> 3.6'
 end
 
 group :test do
   gem 'capybara'
+  gem 'codeclimate-test-reporter', '~> 1.0'
   gem 'factory_girl_rails', '~> 4.3', require: false
+  gem 'rack-test'
+  gem 'shoulda-matchers', '~> 3.1'
   gem 'simplecov', require: false
-  gem 'codeclimate-test-reporter', require: false
   gem 'webmock'
-  gem 'shoulda-matchers', '~> 2.6'
-  gem 'rspec-http', require: false
-  gem 'rack-test'
 end
 
 # Declare any dependencies that are still in development here instead of in
 # your gemspec. These might include edge Rails or gems from your path or
 # Git. Remember to move these dependencies to your gemspec before releasing
 # your gem to rubygems.org.
-# gem 'g5_authentication_client', git: 'git@github.com:G5/g5_authentication_client.git', branch: 'master'
-
-# To use debugger
-# gem 'debugger'
+# gem 'g5_authentication_client', github: 'G5/g5_authentication_client'

data/README.md

@@ -9,14 +9,15 @@ service using token-based authentication.
 
 ## Current Version
 
-0.4.0
+1.0.0.pre.1
 
 ## Requirements
 
-* [rails](http://rubyonrails.org/) >= 3.2
+* ruby >= 2.2 (support for ruby 2.4 is still experimental)
 
-**OR**
+At least one of:
 
+* [rails](http://rubyonrails.org/) >= 4.1
 * [grape](https://github.com/intridea/grape)
 
 ## Installation
@@ -86,7 +87,7 @@ To require authentication for all API actions:
 
 ```ruby
 class MyResourceController < ApplicationController
-  before_filter :authenticate_api_user!
+  before_action :authenticate_api_user!
 
   respond_to :json
 
@@ -98,7 +99,7 @@ To require authentication for some API actions:
 
 ```ruby
 class MyResourceController < ApplicationController
-  before_filter :authenticate_api_user!, only: [:create, :update]
+  before_action :authenticate_api_user!, only: [:create, :update]
 
   respond_to :json
 
@@ -112,7 +113,7 @@ using the `token_data` helper:
 
 ```ruby
 class MyResourceController < ApplicationController
-  before_filter :authenticate_api_user!
+  before_action :authenticate_api_user!
 
   respond_to :json
 
@@ -130,7 +131,7 @@ a [`G5AuthenticationClient::User`](https://github.com/G5/g5_authentication_clien
 
 ```ruby
 class MyResourceController < ApplicationController
-  before_filter :authenticate_api_user!
+  before_action :authenticate_api_user!
 
   respond_to :json
 
@@ -147,7 +148,7 @@ by using the `access_token` helper:
 
 ```ruby
 class MyResourceController < ApplicationController
-  before_filter :authenticate_api_user!
+  before_action :authenticate_api_user!
 
   respond_to :json
 
@@ -306,7 +307,7 @@ application:
 
 ```ruby
 class WelcomeController < ApplicationController
-  before_filter :authenticate_user!
+  before_action :authenticate_user!
 
   def index
   end
@@ -333,7 +334,7 @@ Protect your API actions in your controller:
 
 ```ruby
 class Api::MyResourcesController < ApplicationController
-  before_filter :authenticate_api_user!
+  before_action :authenticate_api_user!
 
   respond_to :json
 

data/Rakefile

@@ -1 +1,21 @@
-require "bundler/gem_tasks"
+# frozen_string_literal: true
+
+begin
+  require 'bundler/setup'
+rescue LoadError
+  puts 'You must `gem install bundler` and `bundle install` to run rake tasks'
+end
+
+APP_RAKEFILE = File.expand_path('../spec/dummy/Rakefile', __FILE__)
+load 'rails/tasks/engine.rake'
+
+Bundler::GemHelper.install_tasks
+
+Dir[File.join(File.dirname(__FILE__), 'tasks/**/*.rake')].each { |f| load f }
+
+require 'rspec/core'
+require 'rspec/core/rake_task'
+
+desc 'Run all specs in spec directory (excluding plugin specs)'
+RSpec::Core::RakeTask.new(spec: 'app:db:test:prepare')
+task default: :spec

data/g5_authenticatable_api.gemspec

@@ -19,6 +19,6 @@ Gem::Specification.new do |spec|
   spec.require_paths = ['lib']
 
   spec.add_dependency 'rack'
-  spec.add_dependency 'g5_authentication_client', '~> 0.5'
+  spec.add_dependency 'g5_authentication_client', '1.0.0.pre.4'
   spec.add_dependency 'activesupport', '>= 3.2'
 end

data/gemfiles/rails_4.1.gemfile

@@ -0,0 +1,28 @@
+# This file was generated by Appraisal
+
+source "https://rubygems.org"
+
+gem "devise"
+gem "devise_g5_authenticatable", "1.0.0.pre.1"
+gem "grape"
+gem "jquery-rails"
+gem "pg"
+gem "rails", "~> 4.1.16"
+
+group :test, :development do
+  gem "appraisal"
+  gem "pry-byebug"
+  gem "rspec-rails", "~> 3.6"
+end
+
+group :test do
+  gem "capybara"
+  gem "codeclimate-test-reporter", "~> 1.0"
+  gem "factory_girl_rails", "~> 4.3", require: false
+  gem "rack-test"
+  gem "shoulda-matchers", "~> 3.1"
+  gem "simplecov", require: false
+  gem "webmock"
+end
+
+gemspec path: "../"

data/gemfiles/rails_4.2.gemfile

@@ -0,0 +1,28 @@
+# This file was generated by Appraisal
+
+source "https://rubygems.org"
+
+gem "devise"
+gem "devise_g5_authenticatable", "1.0.0.pre.1"
+gem "grape"
+gem "jquery-rails"
+gem "pg"
+gem "rails", "~> 4.2.8"
+
+group :test, :development do
+  gem "appraisal"
+  gem "pry-byebug"
+  gem "rspec-rails", "~> 3.6"
+end
+
+group :test do
+  gem "capybara"
+  gem "codeclimate-test-reporter", "~> 1.0"
+  gem "factory_girl_rails", "~> 4.3", require: false
+  gem "rack-test"
+  gem "shoulda-matchers", "~> 3.1"
+  gem "simplecov", require: false
+  gem "webmock"
+end
+
+gemspec path: "../"

data/gemfiles/rails_5.0.gemfile

@@ -0,0 +1,28 @@
+# This file was generated by Appraisal
+
+source "https://rubygems.org"
+
+gem "devise"
+gem "devise_g5_authenticatable", "1.0.0.pre.1"
+gem "grape"
+gem "jquery-rails"
+gem "pg"
+gem "rails", "~> 5.0.3"
+
+group :test, :development do
+  gem "appraisal"
+  gem "pry-byebug"
+  gem "rspec-rails", "~> 3.6"
+end
+
+group :test do
+  gem "capybara"
+  gem "codeclimate-test-reporter", "~> 1.0"
+  gem "factory_girl_rails", "~> 4.3", require: false
+  gem "rack-test"
+  gem "shoulda-matchers", "~> 3.1"
+  gem "simplecov", require: false
+  gem "webmock"
+end
+
+gemspec path: "../"

data/gemfiles/rails_5.1.gemfile

@@ -0,0 +1,28 @@
+# This file was generated by Appraisal
+
+source "https://rubygems.org"
+
+gem "devise"
+gem "devise_g5_authenticatable", "1.0.0.pre.1"
+gem "grape"
+gem "jquery-rails"
+gem "pg"
+gem "rails", "~> 5.1.1"
+
+group :test, :development do
+  gem "appraisal"
+  gem "pry-byebug"
+  gem "rspec-rails", "~> 3.6"
+end
+
+group :test do
+  gem "capybara"
+  gem "codeclimate-test-reporter", "~> 1.0"
+  gem "factory_girl_rails", "~> 4.3", require: false
+  gem "rack-test"
+  gem "shoulda-matchers", "~> 3.1"
+  gem "simplecov", require: false
+  gem "webmock"
+end
+
+gemspec path: "../"

data/lib/g5_authenticatable_api/helpers/grape.rb

@@ -1,11 +1,14 @@
+# frozen_string_literal: true
+
 require 'g5_authenticatable_api/services/token_validator'
 require 'g5_authenticatable_api/services/user_fetcher'
 
 module G5AuthenticatableApi
   module Helpers
+    # Helper methods for securing a Grape API
     module Grape
       def authenticate_user!
-        raise_auth_error if !token_validator.valid?
+        raise_auth_error unless token_validator.valid?
       end
 
       def token_data
@@ -24,27 +27,35 @@ module G5AuthenticatableApi
         env['warden']
       end
 
-      private
       def request
         Rack::Request.new(env)
       end
 
+      protected
+
       def token_info
         @token_info ||= Services::TokenInfo.new(request.params, headers, warden)
       end
 
       def token_validator
-        @token_validator ||= Services::TokenValidator.new(request.params, headers, warden)
+        @token_validator ||= Services::TokenValidator.new(request.params,
+                                                          headers,
+                                                          warden)
       end
 
       def user_fetcher
-        @user_fetcher ||= Services::UserFetcher.new(request.params, headers, warden)
+        @user_fetcher ||= Services::UserFetcher.new(request.params,
+                                                    headers,
+                                                    warden)
       end
 
       def raise_auth_error
+        auth_header = {
+          'WWW-Authenticate' => token_validator.auth_response_header
+        }
         throw :error, message: 'Unauthorized',
                       status: 401,
-                      headers: {'WWW-Authenticate' => token_validator.auth_response_header}
+                      headers: auth_header
       end
     end
   end

data/lib/g5_authenticatable_api/helpers/rails.rb

@@ -1,11 +1,14 @@
+# frozen_string_literal: true
+
 require 'g5_authenticatable_api/services/token_validator'
 require 'g5_authenticatable_api/services/user_fetcher'
 
 module G5AuthenticatableApi
   module Helpers
+    # Helpers for rails API controllers
     module Rails
       def authenticate_api_user!
-        raise_auth_error if !token_validator.valid?
+        raise_auth_error unless token_validator.valid?
       end
 
       def token_data
@@ -25,21 +28,35 @@ module G5AuthenticatableApi
       end
 
       private
+
       def token_info
-        @token_info ||= Services::TokenInfo.new(request.params, request.headers, warden)
+        @token_info ||= Services::TokenInfo.new(
+          request.params,
+          request.headers,
+          warden
+        )
       end
 
       def token_validator
-        @token_validator ||= Services::TokenValidator.new(request.params, request.headers, warden)
+        @token_validator ||= Services::TokenValidator.new(
+          request.params,
+          request.headers,
+          warden
+        )
       end
 
       def user_fetcher
-        @user_fetcher ||= Services::UserFetcher.new(request.params, request.headers, warden)
+        @user_fetcher ||= Services::UserFetcher.new(
+          request.params,
+          request.headers,
+          warden
+        )
       end
 
       def raise_auth_error
-        response.headers['WWW-Authenticate'] = token_validator.auth_response_header
-        render json: {error: 'Unauthorized'},
+        auth_header = token_validator.auth_response_header
+        response.headers['WWW-Authenticate'] = auth_header
+        render json: { error: 'Unauthorized' },
                status: :unauthorized
       end
     end

data/lib/g5_authenticatable_api/railtie.rb

@@ -1,6 +1,9 @@
+# frozen_string_literal: true
+
 require 'g5_authenticatable_api/helpers/rails'
 
 module G5AuthenticatableApi
+  # Hook into the rails app initialization
   class Railtie < Rails::Railtie
     initializer 'g5_authenticatable.helpers' do
       ActiveSupport.on_load(:action_controller) do

data/lib/g5_authenticatable_api/services/token_info.rb

@@ -1,18 +1,23 @@
+# frozen_string_literal: true
+
 module G5AuthenticatableApi
   module Services
+    # Extract access token from request to retrieve token data from G5 Auth
     class TokenInfo
       attr_reader :params, :headers, :warden
 
-      def initialize(params={},headers={},warden=nil)
+      def initialize(params = {}, headers = {}, warden = nil)
         @params = params || {}
         @headers = headers || {}
         @warden = warden
       end
 
       def access_token
-        @access_token ||= (extract_token_from_header ||
-                           params['access_token'] ||
-                           warden.try(:user).try(:g5_access_token))
+        @access_token ||= begin
+                            extract_token_from_header ||
+                              extract_token_from_params ||
+                              extract_token_from_warden
+                          end
       end
 
       def token_data
@@ -20,16 +25,27 @@ module G5AuthenticatableApi
       end
 
       def auth_client
-        @auth_client ||= G5AuthenticationClient::Client.new(allow_password_credentials: 'false',
-                                                            access_token: access_token)
+        @auth_client ||= G5AuthenticationClient::Client.new(
+          allow_password_credentials: 'false',
+          access_token: access_token
+        )
       end
 
       private
+
       def extract_token_from_header
-        if authorization_header
-          parts = authorization_header.match(/Bearer (?<access_token>\S+)/)
-          parts['access_token']
-        end
+        return unless authorization_header
+        parts = authorization_header.match(/Bearer (?<access_token>\S+)/)
+        parts['access_token']
+      end
+
+      def extract_token_from_params
+        return if params['access_token'].blank?
+        params['access_token']
+      end
+
+      def extract_token_from_warden
+        warden.try(:user).try(:g5_access_token)
       end
 
       def authorization_header

data/lib/g5_authenticatable_api/services/token_validator.rb

@@ -1,49 +1,52 @@
+# frozen_string_literal: true
+
 require 'g5_authenticatable_api/services/token_info'
 
 module G5AuthenticatableApi
   module Services
+    # Validates an access token against the G5 Auth server
     class TokenValidator < TokenInfo
       attr_reader :error
 
       def validate!
-        begin
-          token_data unless skip_validation?
-        rescue StandardError => @error
-          raise error
-        end
+        token_data unless skip_validation?
+      rescue StandardError => @error
+        raise error
       end
 
       def valid?
-        begin
-          validate!
-          true
-        rescue StandardError => e
-          false
-        end
+        validate!
+        true
+      rescue StandardError
+        false
       end
 
       def auth_response_header
-        if error
-          auth_header = "Bearer"
+        return unless error
 
-          if access_token
-            auth_header << " error=\"#{error_code}\""
-            auth_header << ",error_description=\"#{error_description}\"" if error_description
-          end
+        auth_header = String.new('Bearer')
 
-          auth_header
+        if access_token
+          auth_header << " error=\"#{error_code}\""
+
+          if error_description.present?
+            auth_header << ",error_description=\"#{error_description}\""
+          end
         end
+
+        auth_header
       end
 
       private
+
       def error_code
         error_code = error.code if error.respond_to?(:code)
         error_code || 'invalid_request'
       end
 
       def error_description
-        error_description = error.description if error.respond_to?(:description)
-        error_description
+        return unless error.respond_to?(:description)
+        error.description
       end
 
       def skip_validation?

data/lib/g5_authenticatable_api/services/user_fetcher.rb

@@ -1,7 +1,10 @@
+# frozen_string_literal: true
+
 require 'g5_authenticatable_api/services/token_info'
 
 module G5AuthenticatableApi
   module Services
+    # Fetch user data from G5 Auth based on access token
     class UserFetcher < TokenInfo
       def current_user
         if access_token == @warden.try(:user).try(:g5_access_token)

data/lib/g5_authenticatable_api/version.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module G5AuthenticatableApi
-  VERSION = '0.4.1'
+  VERSION = '1.0.0-1'
 end