gds-sso 0.8.0 → 1.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/README.md +7 -0
- data/config/routes.rb +4 -4
- data/lib/gds-sso/version.rb +1 -1
- data/spec/controller/api_user_controller_spec.rb +2 -2
- data/spec/fixtures/integration/signonotron2.sql +1 -1
- data/spec/internal/log/test.log +140 -0
- metadata +4 -4
data/README.md
CHANGED
@@ -28,6 +28,9 @@ Create a `config/initializers/gds-sso.rb` that looks like:
|
|
28
28
|
config.oauth_id = ENV['OAUTH_ID']
|
29
29
|
config.oauth_secret = ENV['OAUTH_SECRET']
|
30
30
|
|
31
|
+
# Application name as per signonotron2's database, used for permissions
|
32
|
+
config.default_scope = "Need-o-Tron"
|
33
|
+
|
31
34
|
# optional config for location of sign-on-o-tron
|
32
35
|
config.oauth_root_url = "http://localhost:3001"
|
33
36
|
|
@@ -38,6 +41,10 @@ Create a `config/initializers/gds-sso.rb` that looks like:
|
|
38
41
|
|
39
42
|
The user model needs to respond to klass.find_by_uid(uid), and must include the GDS::SSO::User module.
|
40
43
|
|
44
|
+
It also needs to specify the below (or an equivalent):
|
45
|
+
|
46
|
+
attr_accessible :uid, :email, :name, :permissions, as: :oauth
|
47
|
+
|
41
48
|
You also need to include `GDS::SSO::ControllerMethods` in your ApplicationController
|
42
49
|
|
43
50
|
## Use in development mode
|
data/config/routes.rb
CHANGED
@@ -1,6 +1,6 @@
|
|
1
1
|
Rails.application.routes.draw do
|
2
|
-
match '/auth/gds/callback',
|
3
|
-
match '/auth/gds/sign_out',
|
4
|
-
match '/auth/failure',
|
5
|
-
match '/auth/gds/api/
|
2
|
+
match '/auth/gds/callback', to: 'authentications#callback', as: :gds_sign_in
|
3
|
+
match '/auth/gds/sign_out', to: 'authentications#sign_out', as: :gds_sign_out
|
4
|
+
match '/auth/failure', to: 'authentications#failure', as: :auth_failure
|
5
|
+
match '/auth/gds/api/users/:uid', to: "api/user#update", via: "PUT"
|
6
6
|
end
|
data/lib/gds-sso/version.rb
CHANGED
@@ -32,7 +32,7 @@ describe Api::UserController, type: :controller do
|
|
32
32
|
request.env['warden'] = stub("stub warden", :authenticate! => true, authenticated?: true, user: malicious_user)
|
33
33
|
|
34
34
|
request.env['RAW_POST_DATA'] = user_update_json
|
35
|
-
put :update
|
35
|
+
put :update, uid: @user_to_update.uid
|
36
36
|
|
37
37
|
assert_equal 403, response.status
|
38
38
|
end
|
@@ -51,7 +51,7 @@ describe Api::UserController, type: :controller do
|
|
51
51
|
User.expects(:find_by_uid).with("a1s2d3").returns(@user_to_update)
|
52
52
|
|
53
53
|
request.env['RAW_POST_DATA'] = user_update_json
|
54
|
-
put :update
|
54
|
+
put :update, uid: @user_to_update.uid
|
55
55
|
end
|
56
56
|
end
|
57
57
|
end
|
@@ -8,4 +8,4 @@ DELETE FROM `users`;
|
|
8
8
|
-- Setup fixture data
|
9
9
|
INSERT INTO `oauth_applications` VALUES (1,'GDS_SSO integration test','gds-sso-test','secret','http://www.example-client.com/auth/gds/callback','2012-04-19 13:26:54','2012-04-19 13:26:54');
|
10
10
|
INSERT INTO `users` (id, email, encrypted_password, created_at, updated_at, name, uid, is_admin) VALUES (1,'test@example-client.com','$2a$04$MdMkVFwTq5GLJJkHS8GLIe6dK1.C4ozzba5ZS5Ks2b/NenVsMGGRW','2012-04-19 13:26:54','2012-04-19 13:26:54','Test User','integration-uid', 0);
|
11
|
-
INSERT INTO `permissions` (id, user_id, application_id
|
11
|
+
INSERT INTO `permissions` (id, user_id, application_id) VALUES (1,1,1);
|
data/spec/internal/log/test.log
CHANGED
@@ -270,3 +270,143 @@ Started GET "/this_requires_signin_permission" for 127.0.0.1 at 2012-07-20 10:20
|
|
270
270
|
Processing by ExampleController#this_requires_signin_permission as JSON
|
271
271
|
Authenticating with gds_sso_api_access strategy
|
272
272
|
Completed 200 OK in 1ms (Views: 0.3ms)
|
273
|
+
Processing by Api::UserController#update as HTML
|
274
|
+
Parameters: {"uid"=>"a1s2d3"}
|
275
|
+
Rendered /mnt/jenkins/workspace/GDS-SSO/app/views/authorisations/unauthorised.html.erb within layouts/unauthorised (71.9ms)
|
276
|
+
Completed 403 Forbidden in 161ms (Views: 160.2ms)
|
277
|
+
Processing by Api::UserController#update as HTML
|
278
|
+
Parameters: {"uid"=>"a1s2d3"}
|
279
|
+
Completed 200 OK in 0ms
|
280
|
+
|
281
|
+
|
282
|
+
Started GET "/" for 127.0.0.1 at 2012-07-23 15:13:33 +0000
|
283
|
+
Processing by ExampleController#index as HTML
|
284
|
+
Completed 200 OK in 6ms (Views: 5.2ms)
|
285
|
+
|
286
|
+
|
287
|
+
Started GET "/restricted" for 127.0.0.1 at 2012-07-23 15:13:33 +0000
|
288
|
+
Processing by ExampleController#restricted as HTML
|
289
|
+
Authenticating with gds_sso strategy
|
290
|
+
Completed in 52ms
|
291
|
+
|
292
|
+
|
293
|
+
Started GET "/auth/gds" for 127.0.0.1 at 2012-07-23 15:13:33 +0000
|
294
|
+
|
295
|
+
|
296
|
+
Started GET "/auth/gds/callback?code=e19b88da8b62ed431a6d84bbb6b785a51523c9880debd1698871aecc04a58e45&state=78735eb5bf44fb71ac3b14378aab31d5c75897cc156ffa8c" for 127.0.0.1 at 2012-07-23 15:13:34 +0000
|
297
|
+
Processing by AuthenticationsController#callback as HTML
|
298
|
+
Parameters: {"code"=>"e19b88da8b62ed431a6d84bbb6b785a51523c9880debd1698871aecc04a58e45", "state"=>"78735eb5bf44fb71ac3b14378aab31d5c75897cc156ffa8c"}
|
299
|
+
Authenticating with gds_sso strategy
|
300
|
+
Redirected to http://www.example-client.com/restricted
|
301
|
+
Completed 302 Found in 1ms
|
302
|
+
|
303
|
+
|
304
|
+
Started GET "/restricted" for 127.0.0.1 at 2012-07-23 15:13:34 +0000
|
305
|
+
Processing by ExampleController#restricted as HTML
|
306
|
+
Completed 200 OK in 1ms (Views: 0.5ms)
|
307
|
+
|
308
|
+
|
309
|
+
Started GET "/restricted" for 127.0.0.1 at 2012-07-23 15:13:35 +0000
|
310
|
+
Processing by ExampleController#restricted as HTML
|
311
|
+
Authenticating with gds_sso strategy
|
312
|
+
Completed in 0ms
|
313
|
+
|
314
|
+
|
315
|
+
Started GET "/auth/gds" for 127.0.0.1 at 2012-07-23 15:13:35 +0000
|
316
|
+
|
317
|
+
|
318
|
+
Started GET "/auth/gds/callback?code=1618177a54353c3cc96cc7afd0f4cf9e1fd0d793110397f295ddc26cc09986b0&state=1d8cbda47a6a4b8c6a966fcdb34e6aa86a3af0155eee1037" for 127.0.0.1 at 2012-07-23 15:13:35 +0000
|
319
|
+
Processing by AuthenticationsController#callback as HTML
|
320
|
+
Parameters: {"code"=>"1618177a54353c3cc96cc7afd0f4cf9e1fd0d793110397f295ddc26cc09986b0", "state"=>"1d8cbda47a6a4b8c6a966fcdb34e6aa86a3af0155eee1037"}
|
321
|
+
Authenticating with gds_sso strategy
|
322
|
+
Redirected to http://www.example-client.com/restricted
|
323
|
+
Completed 302 Found in 1ms
|
324
|
+
|
325
|
+
|
326
|
+
Started GET "/restricted" for 127.0.0.1 at 2012-07-23 15:13:35 +0000
|
327
|
+
Processing by ExampleController#restricted as HTML
|
328
|
+
Completed 200 OK in 1ms (Views: 0.5ms)
|
329
|
+
|
330
|
+
|
331
|
+
Started GET "/restricted" for 127.0.0.1 at 2012-07-23 15:13:35 +0000
|
332
|
+
Processing by ExampleController#restricted as HTML
|
333
|
+
Authenticating with gds_sso strategy
|
334
|
+
Completed in 0ms
|
335
|
+
|
336
|
+
|
337
|
+
Started GET "/auth/gds" for 127.0.0.1 at 2012-07-23 15:13:35 +0000
|
338
|
+
|
339
|
+
|
340
|
+
Started GET "/auth/gds/callback?code=b12663c46949197625a3da937bf8b0b59f2a076c5400854c3e16004358284f34&state=6b9e2553a52825262899499d96bd34a6c850844f26bf0a9e" for 127.0.0.1 at 2012-07-23 15:13:35 +0000
|
341
|
+
Processing by AuthenticationsController#callback as HTML
|
342
|
+
Parameters: {"code"=>"b12663c46949197625a3da937bf8b0b59f2a076c5400854c3e16004358284f34", "state"=>"6b9e2553a52825262899499d96bd34a6c850844f26bf0a9e"}
|
343
|
+
Authenticating with gds_sso strategy
|
344
|
+
Redirected to http://www.example-client.com/restricted
|
345
|
+
Completed 302 Found in 1ms
|
346
|
+
|
347
|
+
|
348
|
+
Started GET "/restricted" for 127.0.0.1 at 2012-07-23 15:13:35 +0000
|
349
|
+
Processing by ExampleController#restricted as HTML
|
350
|
+
Completed 200 OK in 1ms (Views: 0.6ms)
|
351
|
+
|
352
|
+
|
353
|
+
Started GET "/this_requires_signin_permission" for 127.0.0.1 at 2012-07-23 15:13:35 +0000
|
354
|
+
Processing by ExampleController#this_requires_signin_permission as HTML
|
355
|
+
Authenticating with gds_sso strategy
|
356
|
+
Completed in 1ms
|
357
|
+
|
358
|
+
|
359
|
+
Started GET "/auth/gds" for 127.0.0.1 at 2012-07-23 15:13:35 +0000
|
360
|
+
|
361
|
+
|
362
|
+
Started GET "/auth/gds/callback?code=738cff1cdcb61b06802fd619be2790fefe98b8b5b7f63402921bb093d7bd4b21&state=ae27fcda0bafc180bde5737e00c1b5e50fcdc12dc4a934c6" for 127.0.0.1 at 2012-07-23 15:13:35 +0000
|
363
|
+
Processing by AuthenticationsController#callback as HTML
|
364
|
+
Parameters: {"code"=>"738cff1cdcb61b06802fd619be2790fefe98b8b5b7f63402921bb093d7bd4b21", "state"=>"ae27fcda0bafc180bde5737e00c1b5e50fcdc12dc4a934c6"}
|
365
|
+
Authenticating with gds_sso strategy
|
366
|
+
Redirected to http://www.example-client.com/this_requires_signin_permission
|
367
|
+
Completed 302 Found in 1ms
|
368
|
+
|
369
|
+
|
370
|
+
Started GET "/this_requires_signin_permission" for 127.0.0.1 at 2012-07-23 15:13:35 +0000
|
371
|
+
Processing by ExampleController#this_requires_signin_permission as HTML
|
372
|
+
Completed 200 OK in 1ms (Views: 0.5ms)
|
373
|
+
|
374
|
+
|
375
|
+
Started GET "/this_requires_signin_permission" for 127.0.0.1 at 2012-07-23 15:13:35 +0000
|
376
|
+
Processing by ExampleController#this_requires_signin_permission as HTML
|
377
|
+
Authenticating with gds_sso strategy
|
378
|
+
Completed in 0ms
|
379
|
+
|
380
|
+
|
381
|
+
Started GET "/auth/gds" for 127.0.0.1 at 2012-07-23 15:13:35 +0000
|
382
|
+
|
383
|
+
|
384
|
+
Started GET "/auth/gds/callback?code=ba11239893e82fd223671f000804f09b1f1934a4077eec65704290cd9f076ba9&state=960ae8a3c3eb6d94619c63f47a6dbe07c49cf8ab1e7c328e" for 127.0.0.1 at 2012-07-23 15:13:36 +0000
|
385
|
+
Processing by AuthenticationsController#callback as HTML
|
386
|
+
Parameters: {"code"=>"ba11239893e82fd223671f000804f09b1f1934a4077eec65704290cd9f076ba9", "state"=>"960ae8a3c3eb6d94619c63f47a6dbe07c49cf8ab1e7c328e"}
|
387
|
+
Authenticating with gds_sso strategy
|
388
|
+
Redirected to http://www.example-client.com/this_requires_signin_permission
|
389
|
+
Completed 302 Found in 1ms
|
390
|
+
|
391
|
+
|
392
|
+
Started GET "/this_requires_signin_permission" for 127.0.0.1 at 2012-07-23 15:13:36 +0000
|
393
|
+
Processing by ExampleController#this_requires_signin_permission as HTML
|
394
|
+
Completed 200 OK in 8ms (Views: 0.3ms)
|
395
|
+
|
396
|
+
|
397
|
+
Started GET "/restricted" for 127.0.0.1 at 2012-07-23 15:13:36 +0000
|
398
|
+
Processing by ExampleController#restricted as JSON
|
399
|
+
Authenticating with gds_sso_api_access strategy
|
400
|
+
Completed in 11ms
|
401
|
+
|
402
|
+
|
403
|
+
Started GET "/restricted" for 127.0.0.1 at 2012-07-23 15:13:36 +0000
|
404
|
+
Processing by ExampleController#restricted as JSON
|
405
|
+
Authenticating with gds_sso_api_access strategy
|
406
|
+
Completed 200 OK in 1ms (Views: 0.5ms)
|
407
|
+
|
408
|
+
|
409
|
+
Started GET "/this_requires_signin_permission" for 127.0.0.1 at 2012-07-23 15:13:36 +0000
|
410
|
+
Processing by ExampleController#this_requires_signin_permission as JSON
|
411
|
+
Authenticating with gds_sso_api_access strategy
|
412
|
+
Completed 200 OK in 1ms (Views: 0.3ms)
|
metadata
CHANGED
@@ -2,7 +2,7 @@
|
|
2
2
|
name: gds-sso
|
3
3
|
version: !ruby/object:Gem::Version
|
4
4
|
prerelease:
|
5
|
-
version: 0.
|
5
|
+
version: 1.0.0
|
6
6
|
platform: ruby
|
7
7
|
authors:
|
8
8
|
- Matt Patterson
|
@@ -11,7 +11,7 @@ autorequire:
|
|
11
11
|
bindir: bin
|
12
12
|
cert_chain: []
|
13
13
|
|
14
|
-
date: 2012-07-
|
14
|
+
date: 2012-07-23 00:00:00 Z
|
15
15
|
dependencies:
|
16
16
|
- !ruby/object:Gem::Dependency
|
17
17
|
name: rails
|
@@ -207,7 +207,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
207
207
|
requirements:
|
208
208
|
- - ">="
|
209
209
|
- !ruby/object:Gem::Version
|
210
|
-
hash:
|
210
|
+
hash: -3724830657426033067
|
211
211
|
segments:
|
212
212
|
- 0
|
213
213
|
version: "0"
|
@@ -216,7 +216,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
216
216
|
requirements:
|
217
217
|
- - ">="
|
218
218
|
- !ruby/object:Gem::Version
|
219
|
-
hash:
|
219
|
+
hash: -3724830657426033067
|
220
220
|
segments:
|
221
221
|
- 0
|
222
222
|
version: "0"
|