gds-sso 0.4.1 → 0.4.2

Sign up to get free protection for your applications and to get access to all the features.
data/README.md CHANGED
@@ -4,7 +4,7 @@ GDS-SSO provides everything needed to integrate an application with the sign-on-
4
4
  (https://github.com/alphagov/sign-on-o-tron) as used by the Government Digital Service, though it
5
5
  will probably also work with a range of other oauth2 providers.
6
6
 
7
- It is a wrapper around omniauth that adds a 'strategy' for oAuth2 integration against sign-on-o-tron,
7
+ It is a wrapper around omniauth that adds a 'strategy' for oAuth2 integration against sign-on-o-tron,
8
8
  and the necessary controller to support that request flow.
9
9
 
10
10
  For more details on OmniAuth and oAuth2 integration see https://github.com/intridea/omniauth
@@ -23,14 +23,14 @@ Create a `config/initializers/gds-sso.rb` that looks like:
23
23
 
24
24
  GDS::SSO.config do |config|
25
25
  config.user_model = 'User'
26
-
26
+
27
27
  # set up ID and Secret in a way which doesn't require it to be checked in to source control...
28
28
  config.oauth_id = ENV['OAUTH_ID']
29
29
  config.oauth_secret = ENV['OAUTH_SECRET']
30
-
30
+
31
31
  # optional config for location of sign-on-o-tron
32
32
  config.oauth_root_url = "http://localhost:3001"
33
-
33
+
34
34
  # optional config for API Access (requests which accept application/json)
35
35
  config.basic_auth_user = 'api'
36
36
  config.basic_auth_password = 'secret'
data/Rakefile CHANGED
@@ -8,3 +8,5 @@ Rake::TestTask.new do |t|
8
8
  t.test_files = FileList['test/test*.rb']
9
9
  t.verbose = true
10
10
  end
11
+
12
+ task :default => :test
@@ -2,7 +2,7 @@ require "action_controller/metal"
2
2
  require 'rails'
3
3
 
4
4
  # Failure application that will be called every time :warden is thrown from
5
- # any strategy or hook.
5
+ # any strategy or hook.
6
6
  module GDS
7
7
  module SSO
8
8
  class FailureApp < ActionController::Metal
@@ -32,7 +32,7 @@ module GDS
32
32
  def store_location!
33
33
  session["return_to"] = env['warden.options'][:attempted_path] if request.get?
34
34
  end
35
-
35
+
36
36
  end
37
37
  end
38
38
  end
@@ -8,7 +8,7 @@ require 'multi_json'
8
8
  # use OmniAuth::Builder :gds, 'API Key', 'Secret Key'
9
9
 
10
10
  class OmniAuth::Strategies::Gds < OmniAuth::Strategies::OAuth2
11
-
11
+
12
12
  # @param [Rack Application] app standard middleware application parameter
13
13
  # @param [String] api_key the application id as [provided by GDS]
14
14
  # @param [String] secret_key the application secret as [provided by Bitly]
@@ -33,7 +33,7 @@ class OmniAuth::Strategies::Gds < OmniAuth::Strategies::OAuth2
33
33
  super
34
34
  end
35
35
  end
36
-
36
+
37
37
  protected
38
38
 
39
39
  def fetch_user_data
data/lib/gds-sso/user.rb CHANGED
@@ -2,6 +2,16 @@ require 'active_support/concern'
2
2
 
3
3
  module GDS
4
4
  module SSO
5
+ class ApiUser
6
+ def uid
7
+ 0
8
+ end
9
+
10
+ def name
11
+ 'API User'
12
+ end
13
+ end
14
+
5
15
  module User
6
16
  def self.user_params_from_auth_hash(auth_hash)
7
17
  {'uid' => auth_hash['uid'], 'email' => auth_hash['user_info']['email'], 'name' => auth_hash['user_info']['name'], 'version' => auth_hash['extra']['user_hash']['version']}
@@ -1,5 +1,5 @@
1
1
  module GDS
2
2
  module SSO
3
- VERSION = "0.4.1"
3
+ VERSION = "0.4.2"
4
4
  end
5
5
  end
@@ -18,7 +18,7 @@ Warden::Strategies.add(:gds_sso) do
18
18
  Rails.logger.debug("Authenticating with gds_sso strategy")
19
19
 
20
20
  if request.env['omniauth.auth'].nil?
21
- fail!("No credentials, bub")
21
+ fail!("No credentials, bub")
22
22
  else
23
23
  user = prep_user(request.env['omniauth.auth'])
24
24
  success!(user)
@@ -35,41 +35,45 @@ Warden::Strategies.add(:gds_sso) do
35
35
  end
36
36
 
37
37
  Warden::Strategies.add(:gds_sso_api_access) do
38
+ def api_user
39
+ @api_user ||= GDS::SSO::ApiUser.new
40
+ end
41
+
38
42
  def valid?
39
43
  ::GDS::SSO::ApiAccess.api_call?(env)
40
44
  end
41
-
45
+
42
46
  def authenticate!
43
47
  Rails.logger.debug("Authenticating with gds_sso_api_access strategy")
44
48
 
45
49
  if ! basic_auth_configured?
46
50
  Rails.logger.debug("Basic auth not configured, not requiring authentication")
47
- success!('api')
51
+ success!(api_user)
48
52
  end
49
-
53
+
50
54
  auth = Rack::Auth::Basic::Request.new(env)
51
55
 
52
56
  return custom!(unauthorized) unless auth.provided?
53
57
  return fail!(:bad_request) unless auth.basic?
54
-
58
+
55
59
  if valid_api_user?(*auth.credentials)
56
60
  success!(auth.credentials[0])
57
61
  else
58
62
  custom!(unauthorized)
59
63
  end
60
64
  end
61
-
65
+
62
66
  def basic_auth_configured?
63
67
  ! ::GDS::SSO::Config.basic_auth_user.nil?
64
68
  end
65
-
69
+
66
70
  def valid_api_user?(username, password)
67
- username.to_s.strip != '' &&
68
- password.to_s.strip != '' &&
71
+ username.to_s.strip != '' &&
72
+ password.to_s.strip != '' &&
69
73
  username == ::GDS::SSO::Config.basic_auth_user &&
70
74
  password == ::GDS::SSO::Config.basic_auth_password
71
75
  end
72
-
76
+
73
77
  def unauthorized
74
78
  [
75
79
  401,
@@ -103,7 +107,7 @@ Warden::Strategies.add(:mock_gds_sso_api_access) do
103
107
  def valid?
104
108
  ::GDS::SSO::ApiAccess.api_call?(env)
105
109
  end
106
-
110
+
107
111
  def authenticate!
108
112
  Rails.logger.debug("Authenticating with mock_gds_sso_api_access strategy")
109
113
  success!(GDS::SSO.test_user || GDS::SSO::Config.user_klass.first)
data/lib/gds-sso.rb CHANGED
@@ -23,7 +23,7 @@ module GDS
23
23
  # Force routes to be loaded if we are doing any eager load.
24
24
  # TODO - check this one - Stolen from Devise because it looked sensible...
25
25
  config.before_eager_load { |app| app.reload_routes! }
26
-
26
+
27
27
  config.app_middleware.use ::OmniAuth::Builder do
28
28
  provider :gds, GDS::SSO::Config.oauth_id, GDS::SSO::Config.oauth_secret
29
29
  end
@@ -31,7 +31,7 @@ module GDS
31
31
  def self.use_mock_strategies?
32
32
  ['development', 'test'].include?(Rails.env) && ENV['GDS_SSO_STRATEGY'] != 'real'
33
33
  end
34
-
34
+
35
35
  def self.default_strategies
36
36
  use_mock_strategies? ? [:mock_gds_sso, :mock_gds_sso_api_access] : [:gds_sso, :gds_sso_api_access]
37
37
  end
@@ -0,0 +1,19 @@
1
+ require 'test_helper'
2
+ require 'json'
3
+ require 'gds-sso'
4
+ require 'gds-sso/omniauth_strategy'
5
+ require 'capybara/dsl'
6
+
7
+ class TestGdsSsoStrategy < Test::Unit::TestCase
8
+ include OmniAuth::Test::StrategyTestCase
9
+ include Capybara::DSL
10
+
11
+ def strategy
12
+ # return the parameters to a Rack::Builder map call:
13
+ [OmniAuth::Strategies::Gds.new, 'client_id', 'client_secret']
14
+ end
15
+
16
+ def setup
17
+ # post '/auth/gds_sso/callback', :user => { 'name' => 'Dylan', 'id' => '445' }
18
+ end
19
+ end
File without changes
@@ -7,7 +7,16 @@ class TestOmniAuthStrategy < Test::Unit::TestCase
7
7
  def setup
8
8
  @app = stub("app")
9
9
  @strategy = OmniAuth::Strategies::Gds.new(@app, :gds, 'client_id', 'client_secret')
10
- @strategy.stubs(:fetch_user_data).returns({'user' => {'uid' => 'abcde', 'version' => 1, 'name' => 'Matt Patterson', 'email' => 'matt@alphagov.co.uk', 'github' => 'fidothe', 'twitter' => 'fidothe'}}.to_json)
10
+ @strategy.stubs(:fetch_user_data).returns({
11
+ 'user' => {
12
+ 'uid' => 'abcde',
13
+ 'version' => 1,
14
+ 'name' => 'Matt Patterson',
15
+ 'email' => 'matt@alphagov.co.uk',
16
+ 'github' => 'fidothe',
17
+ 'twitter' => 'fidothe'
18
+ }
19
+ }.to_json)
11
20
  end
12
21
 
13
22
  def test_build_auth_hash_returns_name_and_email
@@ -16,13 +25,13 @@ class TestOmniAuthStrategy < Test::Unit::TestCase
16
25
  end
17
26
 
18
27
  def test_build_auth_hash_contains_extra_info
19
- expected = {'uid' => 'abcde', 'version' => 1, 'name' => 'Matt Patterson', 'email' => 'matt@alphagov.co.uk', 'github' => 'fidothe', 'twitter' => 'fidothe'}
28
+ expected = {'uid' => 'abcde', 'version' => 1, 'name' => 'Matt Patterson', 'email' => 'matt@alphagov.co.uk', 'github' => 'fidothe', 'twitter' => 'fidothe'}
20
29
  assert_equal expected, @strategy.send(:build_auth_hash)['extra']['user_hash']
21
30
  end
22
-
31
+
23
32
  def test_oauth_bypassed_if_json_is_accepted_by_request
24
33
  @app.expects(:call)
25
34
  rack_env = { "HTTP_ACCEPT" => 'application/json' }
26
35
  @strategy.call(rack_env)
27
36
  end
28
- end
37
+ end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: gds-sso
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.4.1
4
+ version: 0.4.2
5
5
  prerelease:
6
6
  platform: ruby
7
7
  authors:
@@ -10,11 +10,11 @@ authors:
10
10
  autorequire:
11
11
  bindir: bin
12
12
  cert_chain: []
13
- date: 2012-01-17 00:00:00.000000000Z
13
+ date: 2012-01-24 00:00:00.000000000Z
14
14
  dependencies:
15
15
  - !ruby/object:Gem::Dependency
16
16
  name: rails
17
- requirement: &70114838714620 !ruby/object:Gem::Requirement
17
+ requirement: &70147169913100 !ruby/object:Gem::Requirement
18
18
  none: false
19
19
  requirements:
20
20
  - - ! '>='
@@ -22,10 +22,10 @@ dependencies:
22
22
  version: 3.0.0
23
23
  type: :runtime
24
24
  prerelease: false
25
- version_requirements: *70114838714620
25
+ version_requirements: *70147169913100
26
26
  - !ruby/object:Gem::Dependency
27
27
  name: warden
28
- requirement: &70114838713520 !ruby/object:Gem::Requirement
28
+ requirement: &70147169912600 !ruby/object:Gem::Requirement
29
29
  none: false
30
30
  requirements:
31
31
  - - =
@@ -33,10 +33,10 @@ dependencies:
33
33
  version: 1.0.6
34
34
  type: :runtime
35
35
  prerelease: false
36
- version_requirements: *70114838713520
36
+ version_requirements: *70147169912600
37
37
  - !ruby/object:Gem::Dependency
38
38
  name: oauth2
39
- requirement: &70114838712840 !ruby/object:Gem::Requirement
39
+ requirement: &70147169912140 !ruby/object:Gem::Requirement
40
40
  none: false
41
41
  requirements:
42
42
  - - =
@@ -44,10 +44,10 @@ dependencies:
44
44
  version: 0.4.1
45
45
  type: :runtime
46
46
  prerelease: false
47
- version_requirements: *70114838712840
47
+ version_requirements: *70147169912140
48
48
  - !ruby/object:Gem::Dependency
49
49
  name: oa-oauth
50
- requirement: &70114838712360 !ruby/object:Gem::Requirement
50
+ requirement: &70147169911680 !ruby/object:Gem::Requirement
51
51
  none: false
52
52
  requirements:
53
53
  - - =
@@ -55,10 +55,10 @@ dependencies:
55
55
  version: 0.2.6
56
56
  type: :runtime
57
57
  prerelease: false
58
- version_requirements: *70114838712360
58
+ version_requirements: *70147169911680
59
59
  - !ruby/object:Gem::Dependency
60
60
  name: oa-core
61
- requirement: &70114838708720 !ruby/object:Gem::Requirement
61
+ requirement: &70147169911220 !ruby/object:Gem::Requirement
62
62
  none: false
63
63
  requirements:
64
64
  - - =
@@ -66,10 +66,10 @@ dependencies:
66
66
  version: 0.2.6
67
67
  type: :runtime
68
68
  prerelease: false
69
- version_requirements: *70114838708720
69
+ version_requirements: *70147169911220
70
70
  - !ruby/object:Gem::Dependency
71
71
  name: rack-accept
72
- requirement: &70114838707980 !ruby/object:Gem::Requirement
72
+ requirement: &70147169910760 !ruby/object:Gem::Requirement
73
73
  none: false
74
74
  requirements:
75
75
  - - ~>
@@ -77,10 +77,10 @@ dependencies:
77
77
  version: 0.4.4
78
78
  type: :runtime
79
79
  prerelease: false
80
- version_requirements: *70114838707980
80
+ version_requirements: *70147169910760
81
81
  - !ruby/object:Gem::Dependency
82
82
  name: plek
83
- requirement: &70114838707400 !ruby/object:Gem::Requirement
83
+ requirement: &70147169910380 !ruby/object:Gem::Requirement
84
84
  none: false
85
85
  requirements:
86
86
  - - ! '>='
@@ -88,10 +88,10 @@ dependencies:
88
88
  version: '0'
89
89
  type: :runtime
90
90
  prerelease: false
91
- version_requirements: *70114838707400
91
+ version_requirements: *70147169910380
92
92
  - !ruby/object:Gem::Dependency
93
93
  name: rake
94
- requirement: &70114838706180 !ruby/object:Gem::Requirement
94
+ requirement: &70147169909840 !ruby/object:Gem::Requirement
95
95
  none: false
96
96
  requirements:
97
97
  - - ~>
@@ -99,10 +99,10 @@ dependencies:
99
99
  version: 0.9.2
100
100
  type: :development
101
101
  prerelease: false
102
- version_requirements: *70114838706180
102
+ version_requirements: *70147169909840
103
103
  - !ruby/object:Gem::Dependency
104
104
  name: mocha
105
- requirement: &70114838704460 !ruby/object:Gem::Requirement
105
+ requirement: &70147169909340 !ruby/object:Gem::Requirement
106
106
  none: false
107
107
  requirements:
108
108
  - - ~>
@@ -110,7 +110,18 @@ dependencies:
110
110
  version: 0.9.0
111
111
  type: :development
112
112
  prerelease: false
113
- version_requirements: *70114838704460
113
+ version_requirements: *70147169909340
114
+ - !ruby/object:Gem::Dependency
115
+ name: capybara
116
+ requirement: &70147169908960 !ruby/object:Gem::Requirement
117
+ none: false
118
+ requirements:
119
+ - - ! '>='
120
+ - !ruby/object:Gem::Version
121
+ version: '0'
122
+ type: :development
123
+ prerelease: false
124
+ version_requirements: *70147169908960
114
125
  description: Client for GDS' OAuth 2-based SSO
115
126
  email:
116
127
  - matt@constituentparts.com
@@ -135,7 +146,9 @@ files:
135
146
  - README.md
136
147
  - Gemfile
137
148
  - Rakefile
149
+ - test/test_gds_sso_strategy.rb
138
150
  - test/test_helper.rb
151
+ - test/test_http_strategy.rb
139
152
  - test/test_omniauth_strategy.rb
140
153
  - test/test_user.rb
141
154
  homepage: https://github.com/alphagov/gds-sso
@@ -163,6 +176,8 @@ signing_key:
163
176
  specification_version: 3
164
177
  summary: Client for GDS' OAuth 2-based SSO
165
178
  test_files:
179
+ - test/test_gds_sso_strategy.rb
166
180
  - test/test_helper.rb
181
+ - test/test_http_strategy.rb
167
182
  - test/test_omniauth_strategy.rb
168
183
  - test/test_user.rb