RubyGems - gds-sso - Versions diffs - 1.1.1 → 1.2.0 - Mend

gds-sso 1.1.1 → 1.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (10) hide show

data/README.md +1 -1
data/lib/gds-sso/config.rb +4 -1
data/lib/gds-sso/version.rb +1 -1
data/lib/gds-sso/warden_config.rb +9 -3
data/spec/internal/db/combustion_test.sqlite +0 -0
data/spec/internal/log/test.log +1248 -0
data/spec/requests/end_to_end_spec.rb +39 -0
data/test/session_serialisation_test.rb +50 -0
data/test/test_helper.rb +6 -3
metadata +17 -4

data/spec/requests/end_to_end_spec.rb CHANGED Viewed

@@ -114,6 +114,45 @@ describe "Integration of client using GDS-SSO with signonotron" do
         page.should have_content('restricted kablooie')
       end
     end
+    describe "session expiry" do
+      it "should force you to re-authenticate with signonotron N hours after login" do
+        visit "http://#{@client_host}/restricted"
+        page.should have_content("Sign in")
+        fill_in "Email", :with => "test@example-client.com"
+        fill_in "Passphrase", :with => "q1w2e3r4t5y6u7i8o9p0"
+        click_on "Sign in"
+        click_authorize
+        page.should have_content('restricted kablooie')
+        Timecop.travel(Time.now.utc + GDS::SSO::Config.auth_valid_for + 5.minutes) do
+          visit "http://#{@client_host}/restricted"
+        end
+        page.driver.request.referrer.should =~ %r(\Ahttp://#{@client_host}/auth/gds/callback)
+      end
+      it "should not require re-authentication with signonotron fewer than N hours after login" do
+        visit "http://#{@client_host}/restricted"
+        page.should have_content("Sign in")
+        fill_in "Email", :with => "test@example-client.com"
+        fill_in "Passphrase", :with => "q1w2e3r4t5y6u7i8o9p0"
+        click_on "Sign in"
+        click_authorize
+        page.should have_content('restricted kablooie')
+        Timecop.travel(Time.now.utc + GDS::SSO::Config.auth_valid_for - 5.minutes) do
+          visit "http://#{@client_host}/restricted"
+        end
+        page.driver.request.referrer.should =~ %r(\Ahttp://#{@client_host}/restricted)
+      end
+    end
   end
   describe "API client accesses" do

data/test/session_serialisation_test.rb ADDED Viewed

@@ -0,0 +1,50 @@
+require_relative 'test_helper'
+class SessionSerialisationTest < Test::Unit::TestCase
+  class User
+    include GDS::SSO::User
+  end
+  def setup
+    @old_user_model = GDS::SSO::Config.user_model
+    GDS::SSO::Config.user_model = "SessionSerialisationTest::User"
+    @user = stub("User", uid: 1234)
+    @serializer = Warden::SessionSerializer.new(nil)
+  end
+  def teardown
+    Timecop.return
+    GDS::SSO::Config.user_model = @old_user_model
+  end
+  def test_serializing_a_user_returns_the_uid_and_a_timestamp
+    Timecop.freeze
+    result = @serializer.serialize(@user)
+    assert_equal [1234, Time.now.utc], result
+  end
+  def test_deserializing_a_user_and_in_date_timestamp_returns_the_user
+    User.expects(:find_by_uid).with(1234).returns(:a_user)
+    result = @serializer.deserialize [1234, Time.now.utc - GDS::SSO::Config.auth_valid_for + 3600]
+    assert_equal :a_user, result
+  end
+  def test_deserializing_a_user_and_out_of_date_timestamp_returns_nil
+    User.expects(:find_by_uid).never
+    result = @serializer.deserialize [1234, Time.now.utc - GDS::SSO::Config.auth_valid_for - 3600]
+    assert_equal nil, result
+  end
+  def test_deserializing_a_user_without_a_timestamp_returns_nil
+    User.expects(:find_by_uid).never
+    result = @serializer.deserialize 1234
+    assert_equal nil, result
+  end
+end

data/test/test_helper.rb CHANGED Viewed

@@ -1,5 +1,8 @@
 require 'bundler'
-Bundler.setup :default, :development, :test
 require 'test/unit'
-require 'mocha'
+Bundler.require :default, :development, :test
+require 'mocha'
+require 'gds-sso'

metadata CHANGED Viewed

@@ -2,7 +2,7 @@
 name: gds-sso
 version: !ruby/object:Gem::Version
   prerelease:
-  version: 1.1.1
+  version: 1.2.0
 platform: ruby
 authors:
 - Matt Patterson
@@ -11,7 +11,7 @@ autorequire:
 bindir: bin
 cert_chain: []
-date: 2012-07-25 00:00:00 Z
+date: 2012-07-27 00:00:00 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails
@@ -156,6 +156,17 @@ dependencies:
   type: :development
   prerelease: false
   version_requirements: *id013
+- !ruby/object:Gem::Dependency
+  name: timecop
+  requirement: &id014 !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 0.3.5
+  type: :development
+  prerelease: false
+  version_requirements: *id014
 description: Client for GDS' OAuth 2-based SSO
 email:
 - matt@constituentparts.com
@@ -187,6 +198,7 @@ files:
 - Rakefile
 - test/api_access_test.rb
 - test/test_helper.rb
+- test/session_serialisation_test.rb
 - test/user_test.rb
 - spec/requests/end_to_end_spec.rb
 - spec/requests/authentication_soot2.rb
@@ -219,7 +231,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      hash: 914790435544343871
+      hash: -481137832560706652
       segments:
       - 0
       version: "0"
@@ -228,7 +240,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      hash: 914790435544343871
+      hash: -481137832560706652
       segments:
       - 0
       version: "0"
@@ -242,6 +254,7 @@ summary: Client for GDS' OAuth 2-based SSO
 test_files:
 - test/api_access_test.rb
 - test/test_helper.rb
+- test/session_serialisation_test.rb
 - test/user_test.rb
 - spec/requests/end_to_end_spec.rb
 - spec/requests/authentication_soot2.rb