gds-sso 0.4.3 → 0.5.0

data/spec/requests/end_to_end_spec.rb

@@ -0,0 +1,77 @@
+require 'spec_helper'
+
+describe "Integration of client using GDS-SSO with signonotron" do
+  include Signonotron2IntegrationHelpers
+
+  before :all do
+    wait_for_signonotron_to_start
+  end
+  before :each do
+    @client_host = 'www.example-client.com'
+    Capybara.current_driver = :mechanize
+    Capybara::Mechanize.local_hosts << @client_host
+
+    load_signonotron_fixture
+  end
+
+  describe "Web client accesses" do
+    before :each do
+      page.driver.header 'accept', 'text/html'
+    end
+
+    specify "a non-restricted page can be accessed without authentication" do
+      visit "http://#{@client_host}/"
+      page.should have_content('jabberwocky')
+    end
+
+    specify "first access to a restricted page requires authentication and application approval" do
+      visit "http://#{@client_host}/restricted"
+      page.should have_content("Sign in")
+      fill_in "Email", :with => "test@example-client.com"
+      fill_in "Password", :with => "q1w2e3r4t5y6u7i8o9p0"
+      click_on "Sign in"
+
+      click_on "Authorize"
+
+      page.should have_content('restricted kablooie')
+    end
+
+    specify "access to a restricted page for an approved application requires only authentication" do
+      # First we login to authorise the app
+      visit "http://#{@client_host}/restricted"
+      fill_in "Email", :with => "test@example-client.com"
+      fill_in "Password", :with => "q1w2e3r4t5y6u7i8o9p0"
+      click_on "Sign in"
+      click_on "Authorize"
+
+      # At this point the app should be authorised, we reset the session to simulate a new browser visit.
+      reset_session!
+      page.driver.header 'accept', 'text/html'
+
+      visit "http://#{@client_host}/restricted"
+      page.should have_content("Sign in")
+      fill_in "Email", :with => "test@example-client.com"
+      fill_in "Password", :with => "q1w2e3r4t5y6u7i8o9p0"
+      click_on "Sign in"
+
+      page.should have_content('restricted kablooie')
+    end
+  end
+
+  describe "API client accesses" do
+    before :each do
+      page.driver.header 'accept', 'application/json'
+    end
+
+    specify "access to a restricted page for an api client requires basic auth" do
+      visit "http://#{@client_host}/restricted"
+      page.driver.response.status.should == 401
+      page.driver.response.headers["WWW-Authenticate"].should == 'Basic realm="API Access"'
+
+      page.driver.browser.authorize 'test_api_user', 'api_user_password'
+      visit "http://#{@client_host}/restricted"
+
+      page.should have_content('restricted kablooie')
+    end
+  end
+end

data/spec/spec_helper.rb

@@ -0,0 +1,22 @@
+require 'rubygems'
+require 'bundler'
+
+# Yes, we really do want to turn off the test environment check here.
+# Bad things happen if we don't ;-)
+ENV['GDS_SSO_STRATEGY'] = 'real'
+
+Bundler.require :default, :development
+
+require 'capybara/rspec'
+
+Combustion.initialize! :action_controller
+
+require 'rspec/rails'
+require 'capybara/rails'
+
+require 'mechanize'
+require 'capybara/mechanize'
+
+include Warden::Test::Helpers
+
+Dir[File.join(File.dirname(__FILE__), "support/**/*.rb")].each {|f| require f}

data/spec/support/signonotron2_integration_helpers.rb

@@ -0,0 +1,35 @@
+require 'net/http'
+
+module Signonotron2IntegrationHelpers
+  def wait_for_signonotron_to_start
+    retries = 0
+    url = GDS::SSO::Config.oauth_root_url
+    puts "Waiting for signonotron to start at #{url}"
+    while ! signonotron_started?(url)
+      print '.'
+      if retries > 10
+        raise "Signonotron is not running at #{url}. Please start with 'bundle exec rake signonotron:start'. Under jenkins this should have been run automatically"
+      end
+      retries += 1
+      sleep 1
+    end
+    puts "Signonotron is now running at #{url}"
+  end
+
+  def signonotron_started?(url)
+    uri = URI.parse(url)
+    conn = Net::HTTP.start(uri.host, uri.port)
+    true
+  rescue Errno::ECONNREFUSED
+    false
+  ensure
+    conn.try(:finish)
+  end
+
+  def load_signonotron_fixture
+    fixtures_path = Pathname.new(File.join(File.dirname(__FILE__), '../fixtures/integration'))
+    db = YAML.load_file(fixtures_path + 'signonotron2_database.yml')['test']
+    cmd = "mysql -u#{db['username']} -p#{db['password']} #{db['database']} < #{fixtures_path + 'signonotron2.sql'}"
+    system cmd or raise "Error loading signonotron fixture"
+  end
+end

data/spec/tasks/signonotron_tasks.rake

@@ -0,0 +1,41 @@
+namespace :signonotron do
+  desc "Start signonotron (for integration tests)"
+  task :start => :stop do
+    gem_root = Pathname.new(File.dirname(__FILE__)) + '..' + '..'
+    FileUtils.mkdir_p(gem_root + 'tmp')
+    Dir.chdir gem_root + 'tmp' do
+      if File.exist? "signonotron2"
+        Dir.chdir "signonotron2" do
+          puts `git clean -fdx`
+          puts `git fetch origin`
+          puts `git reset --hard origin/master`
+        end
+      else
+        puts `git clone git@github.com:alphagov/signonotron2`
+      end
+    end
+
+    Dir.chdir gem_root + 'tmp' + 'signonotron2' do
+      env_stuff = '/usr/bin/env -u BUNDLE_GEMFILE -u BUNDLE_BIN_PATH -u RUBYOPT -u GEM_HOME -u GEM_PATH RAILS_ENV=test'
+      puts `#{env_stuff} bundle install --path=#{gem_root + 'tmp' + 'signonotron2_bundle'}`
+      FileUtils.cp gem_root.join('spec', 'fixtures', 'integration', 'signonotron2_database.yml'), File.join('config', 'database.yml')
+      puts `#{env_stuff} bundle exec rake db:drop db:create db:schema:load`
+
+      puts "Starting signonotron instance in the background"
+      fork do
+        Process.daemon(true)
+        exec "#{env_stuff} bundle exec rails s -p 4567"
+      end
+    end
+  end
+
+  desc "Stop running signonotron (for integration tests)"
+  task :stop do
+    pid_output = `lsof -Fp -i :4567`.chomp
+    if pid_output =~ /\Ap(\d+)\z/
+      puts "Stopping running instance of Signonotron (pid #{$1})"
+      Process.kill(:INT, $1.to_i)
+    end
+  end
+end
+

data/test/{test_omniauth_strategy.rb → omniauth_strategy_test.rb}

@@ -8,14 +8,12 @@ class TestOmniAuthStrategy < Test::Unit::TestCase
     @app = stub("app")
     @strategy = OmniAuth::Strategies::Gds.new(@app, :gds, 'client_id', 'client_secret')
     @strategy.stubs(:fetch_user_data).returns({
-      'user' => {
-        'uid' => 'abcde',
-        'version' => 1,
-        'name' => 'Matt Patterson',
-        'email' => 'matt@alphagov.co.uk',
-        'github' => 'fidothe',
-        'twitter' => 'fidothe'
-      }
+      'uid' => 'abcde',
+      'version' => 1,
+      'name' => 'Matt Patterson',
+      'email' => 'matt@alphagov.co.uk',
+      'github' => 'fidothe',
+      'twitter' => 'fidothe'
     }.to_json)
   end
 

metadata

@@ -2,7 +2,7 @@
 name: gds-sso
 version: !ruby/object:Gem::Version 
   prerelease: 
-  version: 0.4.3
+  version: 0.5.0
 platform: ruby
 authors: 
 - Matt Patterson
@@ -11,10 +11,11 @@ autorequire:
 bindir: bin
 cert_chain: []
 
-date: 2012-01-25 00:00:00 Z
+date: 2012-04-20 00:00:00 Z
 dependencies: 
 - !ruby/object:Gem::Dependency 
   name: rails
+  prerelease: false
   requirement: &id001 !ruby/object:Gem::Requirement 
     none: false
     requirements: 
@@ -22,10 +23,10 @@ dependencies:
       - !ruby/object:Gem::Version 
         version: 3.0.0
   type: :runtime
-  prerelease: false
   version_requirements: *id001
 - !ruby/object:Gem::Dependency 
   name: warden
+  prerelease: false
   requirement: &id002 !ruby/object:Gem::Requirement 
     none: false
     requirements: 
@@ -33,43 +34,43 @@ dependencies:
       - !ruby/object:Gem::Version 
         version: 1.0.6
   type: :runtime
-  prerelease: false
   version_requirements: *id002
 - !ruby/object:Gem::Dependency 
   name: oauth2
+  prerelease: false
   requirement: &id003 !ruby/object:Gem::Requirement 
     none: false
     requirements: 
     - - "="
       - !ruby/object:Gem::Version 
-        version: 0.4.1
+        version: 0.5.2
   type: :runtime
-  prerelease: false
   version_requirements: *id003
 - !ruby/object:Gem::Dependency 
   name: oa-oauth
+  prerelease: false
   requirement: &id004 !ruby/object:Gem::Requirement 
     none: false
     requirements: 
-    - - "="
+    - - ~>
       - !ruby/object:Gem::Version 
-        version: 0.2.6
+        version: 0.3.2
   type: :runtime
-  prerelease: false
   version_requirements: *id004
 - !ruby/object:Gem::Dependency 
   name: oa-core
+  prerelease: false
   requirement: &id005 !ruby/object:Gem::Requirement 
     none: false
     requirements: 
-    - - "="
+    - - ~>
       - !ruby/object:Gem::Version 
-        version: 0.2.6
+        version: 0.3.2
   type: :runtime
-  prerelease: false
   version_requirements: *id005
 - !ruby/object:Gem::Dependency 
   name: rack-accept
+  prerelease: false
   requirement: &id006 !ruby/object:Gem::Requirement 
     none: false
     requirements: 
@@ -77,21 +78,21 @@ dependencies:
       - !ruby/object:Gem::Version 
         version: 0.4.4
   type: :runtime
-  prerelease: false
   version_requirements: *id006
 - !ruby/object:Gem::Dependency 
-  name: plek
+  name: rack
+  prerelease: false
   requirement: &id007 !ruby/object:Gem::Requirement 
     none: false
     requirements: 
-    - - ">="
+    - - "="
       - !ruby/object:Gem::Version 
-        version: "0"
+        version: 1.3.5
   type: :runtime
-  prerelease: false
   version_requirements: *id007
 - !ruby/object:Gem::Dependency 
   name: rake
+  prerelease: false
   requirement: &id008 !ruby/object:Gem::Requirement 
     none: false
     requirements: 
@@ -99,10 +100,10 @@ dependencies:
       - !ruby/object:Gem::Version 
         version: 0.9.2
   type: :development
-  prerelease: false
   version_requirements: *id008
 - !ruby/object:Gem::Dependency 
   name: mocha
+  prerelease: false
   requirement: &id009 !ruby/object:Gem::Requirement 
     none: false
     requirements: 
@@ -110,19 +111,51 @@ dependencies:
       - !ruby/object:Gem::Version 
         version: 0.9.0
   type: :development
-  prerelease: false
   version_requirements: *id009
 - !ruby/object:Gem::Dependency 
   name: capybara
+  prerelease: false
   requirement: &id010 !ruby/object:Gem::Requirement 
     none: false
     requirements: 
-    - - ">="
+    - - ~>
       - !ruby/object:Gem::Version 
-        version: "0"
+        version: 1.1.2
   type: :development
-  prerelease: false
   version_requirements: *id010
+- !ruby/object:Gem::Dependency 
+  name: rspec-rails
+  prerelease: false
+  requirement: &id011 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ~>
+      - !ruby/object:Gem::Version 
+        version: 2.9.0
+  type: :development
+  version_requirements: *id011
+- !ruby/object:Gem::Dependency 
+  name: capybara-mechanize
+  prerelease: false
+  requirement: &id012 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ~>
+      - !ruby/object:Gem::Version 
+        version: 0.3.0
+  type: :development
+  version_requirements: *id012
+- !ruby/object:Gem::Dependency 
+  name: combustion
+  prerelease: false
+  requirement: &id013 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ~>
+      - !ruby/object:Gem::Version 
+        version: 0.3.1
+  type: :development
+  version_requirements: *id013
 description: Client for GDS' OAuth 2-based SSO
 email: 
 - matt@constituentparts.com
@@ -141,7 +174,6 @@ files:
 - lib/gds-sso/controller_methods.rb
 - lib/gds-sso/failure_app.rb
 - lib/gds-sso/omniauth_strategy.rb
-- lib/gds-sso/routes.rb
 - lib/gds-sso/user.rb
 - lib/gds-sso/version.rb
 - lib/gds-sso/warden_config.rb
@@ -149,11 +181,25 @@ files:
 - README.md
 - Gemfile
 - Rakefile
-- test/test_gds_sso_strategy.rb
+- test/gds_sso_strategy_test.rb
+- test/omniauth_strategy_test.rb
 - test/test_helper.rb
-- test/test_http_strategy.rb
-- test/test_omniauth_strategy.rb
-- test/test_user.rb
+- test/user_test.rb
+- spec/fixtures/integration/signonotron2.sql
+- spec/fixtures/integration/signonotron2_database.yml
+- spec/internal/app/controllers/application_controller.rb
+- spec/internal/app/controllers/example_controller.rb
+- spec/internal/app/models/user.rb
+- spec/internal/config/database.yml
+- spec/internal/config/initializers/gds-sso.rb
+- spec/internal/config/routes.rb
+- spec/internal/db/schema.rb
+- spec/internal/log/test.log
+- spec/internal/public/favicon.ico
+- spec/requests/end_to_end_spec.rb
+- spec/spec_helper.rb
+- spec/support/signonotron2_integration_helpers.rb
+- spec/tasks/signonotron_tasks.rake
 homepage: https://github.com/alphagov/gds-sso
 licenses: []
 
@@ -167,29 +213,37 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements: 
   - - ">="
     - !ruby/object:Gem::Version 
-      hash: -535713269746465567
-      segments: 
-      - 0
       version: "0"
 required_rubygems_version: !ruby/object:Gem::Requirement 
   none: false
   requirements: 
   - - ">="
     - !ruby/object:Gem::Version 
-      hash: -535713269746465567
-      segments: 
-      - 0
       version: "0"
 requirements: []
 
 rubyforge_project: gds-sso
-rubygems_version: 1.8.13
+rubygems_version: 1.8.12
 signing_key: 
 specification_version: 3
 summary: Client for GDS' OAuth 2-based SSO
 test_files: 
-- test/test_gds_sso_strategy.rb
+- test/gds_sso_strategy_test.rb
+- test/omniauth_strategy_test.rb
 - test/test_helper.rb
-- test/test_http_strategy.rb
-- test/test_omniauth_strategy.rb
-- test/test_user.rb
+- test/user_test.rb
+- spec/fixtures/integration/signonotron2.sql
+- spec/fixtures/integration/signonotron2_database.yml
+- spec/internal/app/controllers/application_controller.rb
+- spec/internal/app/controllers/example_controller.rb
+- spec/internal/app/models/user.rb
+- spec/internal/config/database.yml
+- spec/internal/config/initializers/gds-sso.rb
+- spec/internal/config/routes.rb
+- spec/internal/db/schema.rb
+- spec/internal/log/test.log
+- spec/internal/public/favicon.ico
+- spec/requests/end_to_end_spec.rb
+- spec/spec_helper.rb
+- spec/support/signonotron2_integration_helpers.rb
+- spec/tasks/signonotron_tasks.rake

data/lib/gds-sso/routes.rb

@@ -1,20 +0,0 @@
-module ActionDispatch::Routing
-  class Mapper
-    # Allow you to add authentication request from the router:
-    #
-    #   authenticate(:user) do
-    #     resources :post
-    #   end
-    #
-    # Stolen from devise
-    def authenticate(scope)
-      constraint = lambda do |request|
-        request.env["warden"].authenticate!(:scope => scope)
-      end
-
-      constraints(constraint) do
-        yield
-      end
-    end
-  end
-end