RubyGems - gds-sso - Versions diffs - 0.4.1 → 0.4.2 - Mend

gds-sso 0.4.1 → 0.4.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (12) hide show

data/README.md +4 -4
data/Rakefile +2 -0
data/lib/gds-sso/failure_app.rb +2 -2
data/lib/gds-sso/omniauth_strategy.rb +2 -2
data/lib/gds-sso/user.rb +10 -0
data/lib/gds-sso/version.rb +1 -1
data/lib/gds-sso/warden_config.rb +15 -11
data/lib/gds-sso.rb +2 -2
data/test/test_gds_sso_strategy.rb +19 -0
data/test/test_http_strategy.rb +0 -0
data/test/test_omniauth_strategy.rb +13 -4
metadata +35 -20

data/README.md CHANGED Viewed

@@ -4,7 +4,7 @@ GDS-SSO provides everything needed to integrate an application with the sign-on-
 (https://github.com/alphagov/sign-on-o-tron) as used by the Government Digital Service, though it
 will probably also work with a range of other oauth2 providers.
-It is a wrapper around omniauth that adds a 'strategy' for oAuth2 integration against sign-on-o-tron,
+It is a wrapper around omniauth that adds a 'strategy' for oAuth2 integration against sign-on-o-tron,
 and the necessary controller to support that request flow.
 For more details on OmniAuth and oAuth2 integration see https://github.com/intridea/omniauth
@@ -23,14 +23,14 @@ Create a `config/initializers/gds-sso.rb` that looks like:
     GDS::SSO.config do |config|
       config.user_model   = 'User'
       # set up ID and Secret in a way which doesn't require it to be checked in to source control...
       config.oauth_id     = ENV['OAUTH_ID']
       config.oauth_secret = ENV['OAUTH_SECRET']
       # optional config for location of sign-on-o-tron
       config.oauth_root_url = "http://localhost:3001"
       # optional config for API Access (requests which accept application/json)
       config.basic_auth_user = 'api'
       config.basic_auth_password = 'secret'

data/Rakefile CHANGED Viewed

@@ -8,3 +8,5 @@ Rake::TestTask.new do |t|
   t.test_files = FileList['test/test*.rb']
   t.verbose = true
 end
+task :default => :test

data/lib/gds-sso/failure_app.rb CHANGED Viewed

@@ -2,7 +2,7 @@ require "action_controller/metal"
 require 'rails'
 # Failure application that will be called every time :warden is thrown from
-# any strategy or hook.
+# any strategy or hook.
 module GDS
   module SSO
     class FailureApp < ActionController::Metal
@@ -32,7 +32,7 @@ module GDS
       def store_location!
         session["return_to"] = env['warden.options'][:attempted_path] if request.get?
       end
     end
   end
 end

data/lib/gds-sso/omniauth_strategy.rb CHANGED Viewed

@@ -8,7 +8,7 @@ require 'multi_json'
 #     use OmniAuth::Builder :gds, 'API Key', 'Secret Key'
 class OmniAuth::Strategies::Gds < OmniAuth::Strategies::OAuth2
   # @param [Rack Application] app standard middleware application parameter
   # @param [String] api_key the application id as [provided by GDS]
   # @param [String] secret_key the application secret as [provided by Bitly]
@@ -33,7 +33,7 @@ class OmniAuth::Strategies::Gds < OmniAuth::Strategies::OAuth2
       super
     end
   end
   protected
   def fetch_user_data

data/lib/gds-sso/user.rb CHANGED Viewed

@@ -2,6 +2,16 @@ require 'active_support/concern'
 module GDS
   module SSO
+    class ApiUser
+      def uid
+        0
+      end
+      def name
+        'API User'
+      end
+    end
     module User
       def self.user_params_from_auth_hash(auth_hash)
         {'uid' => auth_hash['uid'], 'email' => auth_hash['user_info']['email'], 'name' => auth_hash['user_info']['name'], 'version' => auth_hash['extra']['user_hash']['version']}

data/lib/gds-sso/version.rb CHANGED Viewed

@@ -1,5 +1,5 @@
 module GDS
   module SSO
-    VERSION = "0.4.1"
+    VERSION = "0.4.2"
   end
 end

data/lib/gds-sso/warden_config.rb CHANGED Viewed

@@ -18,7 +18,7 @@ Warden::Strategies.add(:gds_sso) do
     Rails.logger.debug("Authenticating with gds_sso strategy")
     if request.env['omniauth.auth'].nil?
-      fail!("No credentials, bub")
+      fail!("No credentials, bub")
     else
       user = prep_user(request.env['omniauth.auth'])
       success!(user)
@@ -35,41 +35,45 @@ Warden::Strategies.add(:gds_sso) do
 end
 Warden::Strategies.add(:gds_sso_api_access) do
+  def api_user
+    @api_user ||= GDS::SSO::ApiUser.new
+  end
   def valid?
     ::GDS::SSO::ApiAccess.api_call?(env)
   end
   def authenticate!
     Rails.logger.debug("Authenticating with gds_sso_api_access strategy")
     if ! basic_auth_configured?
       Rails.logger.debug("Basic auth not configured, not requiring authentication")
-      success!('api')
+      success!(api_user)
     end
     auth = Rack::Auth::Basic::Request.new(env)
     return custom!(unauthorized) unless auth.provided?
     return fail!(:bad_request) unless auth.basic?
     if valid_api_user?(*auth.credentials)
       success!(auth.credentials[0])
     else
       custom!(unauthorized)
     end
   end
   def basic_auth_configured?
     ! ::GDS::SSO::Config.basic_auth_user.nil?
   end
   def valid_api_user?(username, password)
-    username.to_s.strip != '' &&
-      password.to_s.strip != '' &&
+    username.to_s.strip != '' &&
+      password.to_s.strip != '' &&
       username == ::GDS::SSO::Config.basic_auth_user &&
       password == ::GDS::SSO::Config.basic_auth_password
   end
   def unauthorized
     [
       401,
@@ -103,7 +107,7 @@ Warden::Strategies.add(:mock_gds_sso_api_access) do
   def valid?
     ::GDS::SSO::ApiAccess.api_call?(env)
   end
   def authenticate!
     Rails.logger.debug("Authenticating with mock_gds_sso_api_access strategy")
     success!(GDS::SSO.test_user || GDS::SSO::Config.user_klass.first)

data/lib/gds-sso.rb CHANGED Viewed

@@ -23,7 +23,7 @@ module GDS
       # Force routes to be loaded if we are doing any eager load.
       # TODO - check this one - Stolen from Devise because it looked sensible...
       config.before_eager_load { |app| app.reload_routes! }
       config.app_middleware.use ::OmniAuth::Builder do
         provider :gds, GDS::SSO::Config.oauth_id, GDS::SSO::Config.oauth_secret
       end
@@ -31,7 +31,7 @@ module GDS
       def self.use_mock_strategies?
         ['development', 'test'].include?(Rails.env) && ENV['GDS_SSO_STRATEGY'] != 'real'
       end
       def self.default_strategies
         use_mock_strategies? ? [:mock_gds_sso, :mock_gds_sso_api_access] : [:gds_sso, :gds_sso_api_access]
       end

data/test/test_gds_sso_strategy.rb ADDED Viewed

@@ -0,0 +1,19 @@
+require 'test_helper'
+require 'json'
+require 'gds-sso'
+require 'gds-sso/omniauth_strategy'
+require 'capybara/dsl'
+class TestGdsSsoStrategy < Test::Unit::TestCase
+  include OmniAuth::Test::StrategyTestCase
+  include Capybara::DSL
+  def strategy
+    # return the parameters to a Rack::Builder map call:
+    [OmniAuth::Strategies::Gds.new, 'client_id', 'client_secret']
+  end
+  def setup
+    # post '/auth/gds_sso/callback', :user => { 'name' => 'Dylan', 'id' => '445' }
+  end
+end

data/test/test_http_strategy.rb ADDED Viewed

File without changes

data/test/test_omniauth_strategy.rb CHANGED Viewed

@@ -7,7 +7,16 @@ class TestOmniAuthStrategy < Test::Unit::TestCase
   def setup
     @app = stub("app")
     @strategy = OmniAuth::Strategies::Gds.new(@app, :gds, 'client_id', 'client_secret')
-    @strategy.stubs(:fetch_user_data).returns({'user' => {'uid' => 'abcde', 'version' => 1, 'name' => 'Matt Patterson', 'email' => 'matt@alphagov.co.uk', 'github' => 'fidothe', 'twitter' => 'fidothe'}}.to_json)
+    @strategy.stubs(:fetch_user_data).returns({
+      'user' => {
+        'uid' => 'abcde',
+        'version' => 1,
+        'name' => 'Matt Patterson',
+        'email' => 'matt@alphagov.co.uk',
+        'github' => 'fidothe',
+        'twitter' => 'fidothe'
+      }
+    }.to_json)
   end
   def test_build_auth_hash_returns_name_and_email
@@ -16,13 +25,13 @@ class TestOmniAuthStrategy < Test::Unit::TestCase
   end
   def test_build_auth_hash_contains_extra_info
-    expected = {'uid' => 'abcde', 'version' => 1, 'name' => 'Matt Patterson', 'email' => 'matt@alphagov.co.uk', 'github' => 'fidothe', 'twitter' => 'fidothe'}
+    expected = {'uid' => 'abcde', 'version' => 1, 'name' => 'Matt Patterson', 'email' => 'matt@alphagov.co.uk', 'github' => 'fidothe', 'twitter' => 'fidothe'}
     assert_equal expected, @strategy.send(:build_auth_hash)['extra']['user_hash']
   end
   def test_oauth_bypassed_if_json_is_accepted_by_request
     @app.expects(:call)
     rack_env = { "HTTP_ACCEPT" => 'application/json' }
     @strategy.call(rack_env)
   end
-end
+end

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: gds-sso
 version: !ruby/object:Gem::Version
-  version: 0.4.1
+  version: 0.4.2
   prerelease:
 platform: ruby
 authors:
@@ -10,11 +10,11 @@ authors:
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2012-01-17 00:00:00.000000000Z
+date: 2012-01-24 00:00:00.000000000Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails
-  requirement: &70114838714620 !ruby/object:Gem::Requirement
+  requirement: &70147169913100 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ! '>='
@@ -22,10 +22,10 @@ dependencies:
         version: 3.0.0
   type: :runtime
   prerelease: false
-  version_requirements: *70114838714620
+  version_requirements: *70147169913100
 - !ruby/object:Gem::Dependency
   name: warden
-  requirement: &70114838713520 !ruby/object:Gem::Requirement
+  requirement: &70147169912600 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - =
@@ -33,10 +33,10 @@ dependencies:
         version: 1.0.6
   type: :runtime
   prerelease: false
-  version_requirements: *70114838713520
+  version_requirements: *70147169912600
 - !ruby/object:Gem::Dependency
   name: oauth2
-  requirement: &70114838712840 !ruby/object:Gem::Requirement
+  requirement: &70147169912140 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - =
@@ -44,10 +44,10 @@ dependencies:
         version: 0.4.1
   type: :runtime
   prerelease: false
-  version_requirements: *70114838712840
+  version_requirements: *70147169912140
 - !ruby/object:Gem::Dependency
   name: oa-oauth
-  requirement: &70114838712360 !ruby/object:Gem::Requirement
+  requirement: &70147169911680 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - =
@@ -55,10 +55,10 @@ dependencies:
         version: 0.2.6
   type: :runtime
   prerelease: false
-  version_requirements: *70114838712360
+  version_requirements: *70147169911680
 - !ruby/object:Gem::Dependency
   name: oa-core
-  requirement: &70114838708720 !ruby/object:Gem::Requirement
+  requirement: &70147169911220 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - =
@@ -66,10 +66,10 @@ dependencies:
         version: 0.2.6
   type: :runtime
   prerelease: false
-  version_requirements: *70114838708720
+  version_requirements: *70147169911220
 - !ruby/object:Gem::Dependency
   name: rack-accept
-  requirement: &70114838707980 !ruby/object:Gem::Requirement
+  requirement: &70147169910760 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ~>
@@ -77,10 +77,10 @@ dependencies:
         version: 0.4.4
   type: :runtime
   prerelease: false
-  version_requirements: *70114838707980
+  version_requirements: *70147169910760
 - !ruby/object:Gem::Dependency
   name: plek
-  requirement: &70114838707400 !ruby/object:Gem::Requirement
+  requirement: &70147169910380 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ! '>='
@@ -88,10 +88,10 @@ dependencies:
         version: '0'
   type: :runtime
   prerelease: false
-  version_requirements: *70114838707400
+  version_requirements: *70147169910380
 - !ruby/object:Gem::Dependency
   name: rake
-  requirement: &70114838706180 !ruby/object:Gem::Requirement
+  requirement: &70147169909840 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ~>
@@ -99,10 +99,10 @@ dependencies:
         version: 0.9.2
   type: :development
   prerelease: false
-  version_requirements: *70114838706180
+  version_requirements: *70147169909840
 - !ruby/object:Gem::Dependency
   name: mocha
-  requirement: &70114838704460 !ruby/object:Gem::Requirement
+  requirement: &70147169909340 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ~>
@@ -110,7 +110,18 @@ dependencies:
         version: 0.9.0
   type: :development
   prerelease: false
-  version_requirements: *70114838704460
+  version_requirements: *70147169909340
+- !ruby/object:Gem::Dependency
+  name: capybara
+  requirement: &70147169908960 !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: *70147169908960
 description: Client for GDS' OAuth 2-based SSO
 email:
 - matt@constituentparts.com
@@ -135,7 +146,9 @@ files:
 - README.md
 - Gemfile
 - Rakefile
+- test/test_gds_sso_strategy.rb
 - test/test_helper.rb
+- test/test_http_strategy.rb
 - test/test_omniauth_strategy.rb
 - test/test_user.rb
 homepage: https://github.com/alphagov/gds-sso
@@ -163,6 +176,8 @@ signing_key:
 specification_version: 3
 summary: Client for GDS' OAuth 2-based SSO
 test_files:
+- test/test_gds_sso_strategy.rb
 - test/test_helper.rb
+- test/test_http_strategy.rb
 - test/test_omniauth_strategy.rb
 - test/test_user.rb