gds-sso 0.5.0 → 0.5.1

data/spec/requests/authentication_soot2.rb

@@ -0,0 +1,161 @@
+require_relative '../spec_helper'
+
+include Rack::Test
+
+describe "authenticating with sign-on-o-tron" do
+
+  describe "when not signed in" do
+
+    describe "a protected page" do
+      it "redirects to /auth/gds" do
+        get "/"
+
+        response.code.should == "302"
+        response.location.should == "http://www.example.com/auth/gds"
+      end
+    end
+
+    describe "/auth/gds" do
+      it "redirects to signonotron2" do
+        get "/auth/gds"
+
+        response.code.should == "302"
+        response.location.should =~ /^http:\/\/localhost:3000\/oauth\/authorize/
+      end
+
+      it "authenticates with a username and password and redirects back to the app" do
+        get "/auth/gds"
+
+        uri = URI.parse(response.location)
+        auth_path = uri.path + '?' + uri.query
+
+        client_cookies = response.headers['Set-Cookie'].split('; ')[0]
+
+        @signonotron = Faraday.new(:url => "#{uri.scheme}://#{uri.host}:#{uri.port}") do |builder|
+          builder.request :url_encoded
+          builder.adapter :net_http
+        end
+
+        authz_return_location = do_auth_request(auth_path)
+
+        return_path = authz_return_location.path + '?' + (authz_return_location.query || '')
+
+        get return_path, { }, { 'Cookie' => client_cookies }
+
+        puts "HANDLE AUTH RESULT\n====================\n"
+        puts response.headers
+
+        # resp = Net::HTTP.get_response( URI::parse(response.location) )
+        # location = resp["location"]
+
+        # visit location
+        # puts page.current_uri
+
+        # fill_in "user_email", :with => "foo@example.com"
+        # fill_in "user_password", :with => "this is an example for the test"
+        # click_button "Sign in"
+      end
+
+      def do_auth_request(auth_path)
+        auth_request = @signonotron.get(auth_path)
+
+        debug_request('Auth Request', 'GET', auth_path, auth_request, '')
+
+        sign_in_location = URI.parse(auth_request.headers['location']).path
+        cookie = auth_request.headers['Set-Cookie'].split('; ')[0]
+
+        return do_sign_in_request(sign_in_location, cookie)
+      end
+
+      def do_sign_in_request(sign_in_location, cookie)
+        sign_in_request = @signonotron.get do |req|
+          req.url sign_in_location
+          req.headers['Cookie'] = cookie
+        end
+
+        debug_request('Sign In', 'GET', sign_in_location, sign_in_request, cookie)
+
+        cookie = sign_in_request.headers['Set-Cookie'].split('; ')[0]
+        sign_in_location =  Nokogiri.parse(sign_in_request.body).xpath("//form").first.attributes['action'].text
+        authenticity_token = Nokogiri.parse(sign_in_request.body).xpath("//input[@name='authenticity_token']").first.attributes['value'].text
+
+        return do_sign_in_post(sign_in_location, cookie, authenticity_token)
+      end
+
+      def do_sign_in_post(sign_in_location, cookie, authenticity_token)
+
+        sign_in_post = @signonotron.post do |req|
+          req.url sign_in_location
+          req.body = { :user => { :email => 'foo@example.com', :password => 'this is an example for the test' }, :authenticity_token => authenticity_token }
+          req.headers['Content-Type'] = 'application/x-www-form-urlencoded'
+          req.headers['Cookie'] = cookie
+        end
+
+        debug_request('Sign In', 'POST', sign_in_location, sign_in_post, cookie)
+
+        cookie = sign_in_post.headers['Set-Cookie'].split('; ')[0]
+        authz_location = URI.parse(sign_in_post.headers['location'])
+
+        return do_authz_request(authz_location, cookie)
+      end
+
+      def do_authz_request(authz_location, cookie)
+        authz_request = @signonotron.get do |req|
+          req.url authz_location
+          req.headers['Content-Type'] = 'text/html'
+          req.headers['Cookie'] = cookie
+        end
+
+        debug_request('Authz', 'GET', authz_location, authz_request, cookie)
+
+        cookie = authz_request.headers['Set-Cookie'].split('; ')[0]
+
+        if authz_request.headers['location']
+          puts "RETURNING #{authz_request.headers['location']}"
+          return URI.parse(authz_request.headers['location'])
+        else
+          authz_confirm_location = Nokogiri.parse(authz_request.body).xpath("//form").first.attributes['action'].text
+          authenticity_token = Nokogiri.parse(authz_request.body).xpath("//input[@name='authenticity_token']").first.attributes['value'].text
+
+          return do_authz_confirm_post(authz_confirm_location, cookie, authenticity_token)
+        end
+      end
+
+      def do_authz_confirm_post(authz_confirm_location, cookie, authenticity_token)
+        authz_confirm_request = @signonotron.post do |req|
+          req.url authz_confirm_location
+          req.body = { :commit => 'Authorize', :authenticity_token => authenticity_token,
+                       :authorization => {
+                         :client_id => '1acd5e4e34a0e15225383bbbdf88cf95f8efd82664f3811b917869cc51c8f449',
+                         :redirect_uri => 'http://www.example.com/auth/gds/callback',
+                         :response_type => 'code',
+                         :state => '',
+                         :scope => ''
+                       }
+                     }
+          req.headers['Cookie'] = cookie
+        end
+
+        debug_request('Authz Confirm', 'POST', authz_confirm_location, authz_confirm_request, cookie)
+
+        cookie = authz_confirm_request.headers['Set-Cookie'].split('; ')[0]
+
+        puts "RETURNING #{authz_confirm_request.headers['location']}"
+        return URI.parse(authz_confirm_request.headers['location'])
+      end
+
+      def debug_request(name, method, path, response, cookie)
+        puts "#{name} REQUEST RESULT:\n=========================\n"
+        puts "#{method} #{path}"
+        puts "#{cookie}"
+
+        puts "\n\n"
+
+        puts response.headers.inspect
+        puts response.body
+      end
+    end
+
+  end
+
+end

data/spec/requests/end_to_end_spec.rb

@@ -28,10 +28,10 @@ describe "Integration of client using GDS-SSO with signonotron" do
       visit "http://#{@client_host}/restricted"
       page.should have_content("Sign in")
       fill_in "Email", :with => "test@example-client.com"
-      fill_in "Password", :with => "q1w2e3r4t5y6u7i8o9p0"
+      fill_in "Passphrase", :with => "q1w2e3r4t5y6u7i8o9p0"
       click_on "Sign in"
 
-      click_on "Authorize"
+      click_authorize
 
       page.should have_content('restricted kablooie')
     end
@@ -40,9 +40,10 @@ describe "Integration of client using GDS-SSO with signonotron" do
       # First we login to authorise the app
       visit "http://#{@client_host}/restricted"
       fill_in "Email", :with => "test@example-client.com"
-      fill_in "Password", :with => "q1w2e3r4t5y6u7i8o9p0"
+      fill_in "Passphrase", :with => "q1w2e3r4t5y6u7i8o9p0"
       click_on "Sign in"
-      click_on "Authorize"
+
+      click_authorize
 
       # At this point the app should be authorised, we reset the session to simulate a new browser visit.
       reset_session!
@@ -51,7 +52,7 @@ describe "Integration of client using GDS-SSO with signonotron" do
       visit "http://#{@client_host}/restricted"
       page.should have_content("Sign in")
       fill_in "Email", :with => "test@example-client.com"
-      fill_in "Password", :with => "q1w2e3r4t5y6u7i8o9p0"
+      fill_in "Passphrase", :with => "q1w2e3r4t5y6u7i8o9p0"
       click_on "Sign in"
 
       page.should have_content('restricted kablooie')
@@ -74,4 +75,8 @@ describe "Integration of client using GDS-SSO with signonotron" do
       page.should have_content('restricted kablooie')
     end
   end
+
+  def click_authorize
+    click_on( page.has_button?("Authorize") ? "Authorize" : "Yes" )
+  end
 end

data/spec/support/signonotron2_integration_helpers.rb

@@ -7,7 +7,7 @@ module Signonotron2IntegrationHelpers
     puts "Waiting for signonotron to start at #{url}"
     while ! signonotron_started?(url)
       print '.'
-      if retries > 10
+      if retries > 20
         raise "Signonotron is not running at #{url}. Please start with 'bundle exec rake signonotron:start'. Under jenkins this should have been run automatically"
       end
       retries += 1
@@ -28,8 +28,11 @@ module Signonotron2IntegrationHelpers
 
   def load_signonotron_fixture
     fixtures_path = Pathname.new(File.join(File.dirname(__FILE__), '../fixtures/integration'))
-    db = YAML.load_file(fixtures_path + 'signonotron2_database.yml')['test']
-    cmd = "mysql -u#{db['username']} -p#{db['password']} #{db['database']} < #{fixtures_path + 'signonotron2.sql'}"
+    app = ENV['SIGNONOTRON_VERSION'] == "1" ? "sign-on-o-tron" : "signonotron2"
+    path_to_app = Rails.root.join('..','..','tmp',app)
+
+    db = YAML.load_file(fixtures_path + "#{app}_database.yml")['test']
+    cmd = "sqlite3 #{path_to_app + db['database']} < #{fixtures_path + "#{app}.sql"}"
     system cmd or raise "Error loading signonotron fixture"
   end
 end

data/spec/tasks/signonotron_tasks.rake

@@ -1,24 +1,30 @@
 namespace :signonotron do
   desc "Start signonotron (for integration tests)"
   task :start => :stop do
+
+    @app_to_launch = ENV['SIGNONOTRON_VERSION'] == "1" ? "sign-on-o-tron" : "signonotron2"
+
+    puts "ENV version: #{ENV['SIGNONOTRON_VERSION']}"
+    puts "Launching: #{@app_to_launch}"
+
     gem_root = Pathname.new(File.dirname(__FILE__)) + '..' + '..'
     FileUtils.mkdir_p(gem_root + 'tmp')
     Dir.chdir gem_root + 'tmp' do
-      if File.exist? "signonotron2"
-        Dir.chdir "signonotron2" do
+      if File.exist? @app_to_launch
+        Dir.chdir @app_to_launch do
           puts `git clean -fdx`
           puts `git fetch origin`
           puts `git reset --hard origin/master`
         end
       else
-        puts `git clone git@github.com:alphagov/signonotron2`
+        puts `git clone git@github.com:alphagov/#{@app_to_launch}`
       end
     end
 
-    Dir.chdir gem_root + 'tmp' + 'signonotron2' do
+    Dir.chdir gem_root + 'tmp' + @app_to_launch do
       env_stuff = '/usr/bin/env -u BUNDLE_GEMFILE -u BUNDLE_BIN_PATH -u RUBYOPT -u GEM_HOME -u GEM_PATH RAILS_ENV=test'
-      puts `#{env_stuff} bundle install --path=#{gem_root + 'tmp' + 'signonotron2_bundle'}`
-      FileUtils.cp gem_root.join('spec', 'fixtures', 'integration', 'signonotron2_database.yml'), File.join('config', 'database.yml')
+      puts `#{env_stuff} bundle install --path=#{gem_root + 'tmp' + "#{@app_to_launch}_bundle"}`
+      FileUtils.cp gem_root.join('spec', 'fixtures', 'integration', "#{@app_to_launch}_database.yml"), File.join('config', 'database.yml')
       puts `#{env_stuff} bundle exec rake db:drop db:create db:schema:load`
 
       puts "Starting signonotron instance in the background"

data/test/omniauth_strategy_test.rb

@@ -7,14 +7,14 @@ class TestOmniAuthStrategy < Test::Unit::TestCase
   def setup
     @app = stub("app")
     @strategy = OmniAuth::Strategies::Gds.new(@app, :gds, 'client_id', 'client_secret')
-    @strategy.stubs(:fetch_user_data).returns({
+    @strategy.stubs(:fetch_user_data).returns({ 'user' => {
       'uid' => 'abcde',
       'version' => 1,
       'name' => 'Matt Patterson',
       'email' => 'matt@alphagov.co.uk',
       'github' => 'fidothe',
       'twitter' => 'fidothe'
-    }.to_json)
+    }}.to_json)
   end
 
   def test_build_auth_hash_returns_name_and_email

metadata

@@ -2,7 +2,7 @@
 name: gds-sso
 version: !ruby/object:Gem::Version 
   prerelease: 
-  version: 0.5.0
+  version: 0.5.1
 platform: ruby
 authors: 
 - Matt Patterson
@@ -11,11 +11,10 @@ autorequire:
 bindir: bin
 cert_chain: []
 
-date: 2012-04-20 00:00:00 Z
+date: 2012-04-24 00:00:00 Z
 dependencies: 
 - !ruby/object:Gem::Dependency 
   name: rails
-  prerelease: false
   requirement: &id001 !ruby/object:Gem::Requirement 
     none: false
     requirements: 
@@ -23,10 +22,10 @@ dependencies:
       - !ruby/object:Gem::Version 
         version: 3.0.0
   type: :runtime
+  prerelease: false
   version_requirements: *id001
 - !ruby/object:Gem::Dependency 
   name: warden
-  prerelease: false
   requirement: &id002 !ruby/object:Gem::Requirement 
     none: false
     requirements: 
@@ -34,10 +33,10 @@ dependencies:
       - !ruby/object:Gem::Version 
         version: 1.0.6
   type: :runtime
+  prerelease: false
   version_requirements: *id002
 - !ruby/object:Gem::Dependency 
   name: oauth2
-  prerelease: false
   requirement: &id003 !ruby/object:Gem::Requirement 
     none: false
     requirements: 
@@ -45,10 +44,10 @@ dependencies:
       - !ruby/object:Gem::Version 
         version: 0.5.2
   type: :runtime
+  prerelease: false
   version_requirements: *id003
 - !ruby/object:Gem::Dependency 
   name: oa-oauth
-  prerelease: false
   requirement: &id004 !ruby/object:Gem::Requirement 
     none: false
     requirements: 
@@ -56,10 +55,10 @@ dependencies:
       - !ruby/object:Gem::Version 
         version: 0.3.2
   type: :runtime
+  prerelease: false
   version_requirements: *id004
 - !ruby/object:Gem::Dependency 
   name: oa-core
-  prerelease: false
   requirement: &id005 !ruby/object:Gem::Requirement 
     none: false
     requirements: 
@@ -67,10 +66,10 @@ dependencies:
       - !ruby/object:Gem::Version 
         version: 0.3.2
   type: :runtime
+  prerelease: false
   version_requirements: *id005
 - !ruby/object:Gem::Dependency 
   name: rack-accept
-  prerelease: false
   requirement: &id006 !ruby/object:Gem::Requirement 
     none: false
     requirements: 
@@ -78,10 +77,10 @@ dependencies:
       - !ruby/object:Gem::Version 
         version: 0.4.4
   type: :runtime
+  prerelease: false
   version_requirements: *id006
 - !ruby/object:Gem::Dependency 
   name: rack
-  prerelease: false
   requirement: &id007 !ruby/object:Gem::Requirement 
     none: false
     requirements: 
@@ -89,10 +88,10 @@ dependencies:
       - !ruby/object:Gem::Version 
         version: 1.3.5
   type: :runtime
+  prerelease: false
   version_requirements: *id007
 - !ruby/object:Gem::Dependency 
   name: rake
-  prerelease: false
   requirement: &id008 !ruby/object:Gem::Requirement 
     none: false
     requirements: 
@@ -100,10 +99,10 @@ dependencies:
       - !ruby/object:Gem::Version 
         version: 0.9.2
   type: :development
+  prerelease: false
   version_requirements: *id008
 - !ruby/object:Gem::Dependency 
   name: mocha
-  prerelease: false
   requirement: &id009 !ruby/object:Gem::Requirement 
     none: false
     requirements: 
@@ -111,10 +110,10 @@ dependencies:
       - !ruby/object:Gem::Version 
         version: 0.9.0
   type: :development
+  prerelease: false
   version_requirements: *id009
 - !ruby/object:Gem::Dependency 
   name: capybara
-  prerelease: false
   requirement: &id010 !ruby/object:Gem::Requirement 
     none: false
     requirements: 
@@ -122,10 +121,10 @@ dependencies:
       - !ruby/object:Gem::Version 
         version: 1.1.2
   type: :development
+  prerelease: false
   version_requirements: *id010
 - !ruby/object:Gem::Dependency 
   name: rspec-rails
-  prerelease: false
   requirement: &id011 !ruby/object:Gem::Requirement 
     none: false
     requirements: 
@@ -133,10 +132,10 @@ dependencies:
       - !ruby/object:Gem::Version 
         version: 2.9.0
   type: :development
+  prerelease: false
   version_requirements: *id011
 - !ruby/object:Gem::Dependency 
   name: capybara-mechanize
-  prerelease: false
   requirement: &id012 !ruby/object:Gem::Requirement 
     none: false
     requirements: 
@@ -144,10 +143,10 @@ dependencies:
       - !ruby/object:Gem::Version 
         version: 0.3.0
   type: :development
+  prerelease: false
   version_requirements: *id012
 - !ruby/object:Gem::Dependency 
   name: combustion
-  prerelease: false
   requirement: &id013 !ruby/object:Gem::Requirement 
     none: false
     requirements: 
@@ -155,6 +154,7 @@ dependencies:
       - !ruby/object:Gem::Version 
         version: 0.3.1
   type: :development
+  prerelease: false
   version_requirements: *id013
 description: Client for GDS' OAuth 2-based SSO
 email: 
@@ -185,6 +185,8 @@ files:
 - test/omniauth_strategy_test.rb
 - test/test_helper.rb
 - test/user_test.rb
+- spec/fixtures/integration/sign-on-o-tron.sql
+- spec/fixtures/integration/sign-on-o-tron_database.yml
 - spec/fixtures/integration/signonotron2.sql
 - spec/fixtures/integration/signonotron2_database.yml
 - spec/internal/app/controllers/application_controller.rb
@@ -196,6 +198,7 @@ files:
 - spec/internal/db/schema.rb
 - spec/internal/log/test.log
 - spec/internal/public/favicon.ico
+- spec/requests/authentication_soot2.rb
 - spec/requests/end_to_end_spec.rb
 - spec/spec_helper.rb
 - spec/support/signonotron2_integration_helpers.rb
@@ -213,12 +216,18 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements: 
   - - ">="
     - !ruby/object:Gem::Version 
+      hash: -1832840277119493135
+      segments: 
+      - 0
       version: "0"
 required_rubygems_version: !ruby/object:Gem::Requirement 
   none: false
   requirements: 
   - - ">="
     - !ruby/object:Gem::Version 
+      hash: -1832840277119493135
+      segments: 
+      - 0
       version: "0"
 requirements: []
 
@@ -232,6 +241,8 @@ test_files:
 - test/omniauth_strategy_test.rb
 - test/test_helper.rb
 - test/user_test.rb
+- spec/fixtures/integration/sign-on-o-tron.sql
+- spec/fixtures/integration/sign-on-o-tron_database.yml
 - spec/fixtures/integration/signonotron2.sql
 - spec/fixtures/integration/signonotron2_database.yml
 - spec/internal/app/controllers/application_controller.rb
@@ -243,6 +254,7 @@ test_files:
 - spec/internal/db/schema.rb
 - spec/internal/log/test.log
 - spec/internal/public/favicon.ico
+- spec/requests/authentication_soot2.rb
 - spec/requests/end_to_end_spec.rb
 - spec/spec_helper.rb
 - spec/support/signonotron2_integration_helpers.rb