gds-sso 1.1.1 → 1.2.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/README.md +1 -1
- data/lib/gds-sso/config.rb +4 -1
- data/lib/gds-sso/version.rb +1 -1
- data/lib/gds-sso/warden_config.rb +9 -3
- data/spec/internal/db/combustion_test.sqlite +0 -0
- data/spec/internal/log/test.log +1248 -0
- data/spec/requests/end_to_end_spec.rb +39 -0
- data/test/session_serialisation_test.rb +50 -0
- data/test/test_helper.rb +6 -3
- metadata +17 -4
@@ -114,6 +114,45 @@ describe "Integration of client using GDS-SSO with signonotron" do
|
|
114
114
|
page.should have_content('restricted kablooie')
|
115
115
|
end
|
116
116
|
end
|
117
|
+
|
118
|
+
describe "session expiry" do
|
119
|
+
it "should force you to re-authenticate with signonotron N hours after login" do
|
120
|
+
visit "http://#{@client_host}/restricted"
|
121
|
+
page.should have_content("Sign in")
|
122
|
+
fill_in "Email", :with => "test@example-client.com"
|
123
|
+
fill_in "Passphrase", :with => "q1w2e3r4t5y6u7i8o9p0"
|
124
|
+
click_on "Sign in"
|
125
|
+
|
126
|
+
click_authorize
|
127
|
+
|
128
|
+
page.should have_content('restricted kablooie')
|
129
|
+
|
130
|
+
Timecop.travel(Time.now.utc + GDS::SSO::Config.auth_valid_for + 5.minutes) do
|
131
|
+
visit "http://#{@client_host}/restricted"
|
132
|
+
end
|
133
|
+
|
134
|
+
page.driver.request.referrer.should =~ %r(\Ahttp://#{@client_host}/auth/gds/callback)
|
135
|
+
end
|
136
|
+
|
137
|
+
|
138
|
+
it "should not require re-authentication with signonotron fewer than N hours after login" do
|
139
|
+
visit "http://#{@client_host}/restricted"
|
140
|
+
page.should have_content("Sign in")
|
141
|
+
fill_in "Email", :with => "test@example-client.com"
|
142
|
+
fill_in "Passphrase", :with => "q1w2e3r4t5y6u7i8o9p0"
|
143
|
+
click_on "Sign in"
|
144
|
+
|
145
|
+
click_authorize
|
146
|
+
|
147
|
+
page.should have_content('restricted kablooie')
|
148
|
+
|
149
|
+
Timecop.travel(Time.now.utc + GDS::SSO::Config.auth_valid_for - 5.minutes) do
|
150
|
+
visit "http://#{@client_host}/restricted"
|
151
|
+
end
|
152
|
+
|
153
|
+
page.driver.request.referrer.should =~ %r(\Ahttp://#{@client_host}/restricted)
|
154
|
+
end
|
155
|
+
end
|
117
156
|
end
|
118
157
|
|
119
158
|
describe "API client accesses" do
|
@@ -0,0 +1,50 @@
|
|
1
|
+
require_relative 'test_helper'
|
2
|
+
|
3
|
+
class SessionSerialisationTest < Test::Unit::TestCase
|
4
|
+
class User
|
5
|
+
include GDS::SSO::User
|
6
|
+
|
7
|
+
end
|
8
|
+
|
9
|
+
def setup
|
10
|
+
@old_user_model = GDS::SSO::Config.user_model
|
11
|
+
GDS::SSO::Config.user_model = "SessionSerialisationTest::User"
|
12
|
+
@user = stub("User", uid: 1234)
|
13
|
+
@serializer = Warden::SessionSerializer.new(nil)
|
14
|
+
end
|
15
|
+
def teardown
|
16
|
+
Timecop.return
|
17
|
+
GDS::SSO::Config.user_model = @old_user_model
|
18
|
+
end
|
19
|
+
|
20
|
+
def test_serializing_a_user_returns_the_uid_and_a_timestamp
|
21
|
+
Timecop.freeze
|
22
|
+
result = @serializer.serialize(@user)
|
23
|
+
|
24
|
+
assert_equal [1234, Time.now.utc], result
|
25
|
+
end
|
26
|
+
|
27
|
+
def test_deserializing_a_user_and_in_date_timestamp_returns_the_user
|
28
|
+
User.expects(:find_by_uid).with(1234).returns(:a_user)
|
29
|
+
|
30
|
+
result = @serializer.deserialize [1234, Time.now.utc - GDS::SSO::Config.auth_valid_for + 3600]
|
31
|
+
|
32
|
+
assert_equal :a_user, result
|
33
|
+
end
|
34
|
+
|
35
|
+
def test_deserializing_a_user_and_out_of_date_timestamp_returns_nil
|
36
|
+
User.expects(:find_by_uid).never
|
37
|
+
|
38
|
+
result = @serializer.deserialize [1234, Time.now.utc - GDS::SSO::Config.auth_valid_for - 3600]
|
39
|
+
|
40
|
+
assert_equal nil, result
|
41
|
+
end
|
42
|
+
|
43
|
+
def test_deserializing_a_user_without_a_timestamp_returns_nil
|
44
|
+
User.expects(:find_by_uid).never
|
45
|
+
|
46
|
+
result = @serializer.deserialize 1234
|
47
|
+
|
48
|
+
assert_equal nil, result
|
49
|
+
end
|
50
|
+
end
|
data/test/test_helper.rb
CHANGED
metadata
CHANGED
@@ -2,7 +2,7 @@
|
|
2
2
|
name: gds-sso
|
3
3
|
version: !ruby/object:Gem::Version
|
4
4
|
prerelease:
|
5
|
-
version: 1.
|
5
|
+
version: 1.2.0
|
6
6
|
platform: ruby
|
7
7
|
authors:
|
8
8
|
- Matt Patterson
|
@@ -11,7 +11,7 @@ autorequire:
|
|
11
11
|
bindir: bin
|
12
12
|
cert_chain: []
|
13
13
|
|
14
|
-
date: 2012-07-
|
14
|
+
date: 2012-07-27 00:00:00 Z
|
15
15
|
dependencies:
|
16
16
|
- !ruby/object:Gem::Dependency
|
17
17
|
name: rails
|
@@ -156,6 +156,17 @@ dependencies:
|
|
156
156
|
type: :development
|
157
157
|
prerelease: false
|
158
158
|
version_requirements: *id013
|
159
|
+
- !ruby/object:Gem::Dependency
|
160
|
+
name: timecop
|
161
|
+
requirement: &id014 !ruby/object:Gem::Requirement
|
162
|
+
none: false
|
163
|
+
requirements:
|
164
|
+
- - ~>
|
165
|
+
- !ruby/object:Gem::Version
|
166
|
+
version: 0.3.5
|
167
|
+
type: :development
|
168
|
+
prerelease: false
|
169
|
+
version_requirements: *id014
|
159
170
|
description: Client for GDS' OAuth 2-based SSO
|
160
171
|
email:
|
161
172
|
- matt@constituentparts.com
|
@@ -187,6 +198,7 @@ files:
|
|
187
198
|
- Rakefile
|
188
199
|
- test/api_access_test.rb
|
189
200
|
- test/test_helper.rb
|
201
|
+
- test/session_serialisation_test.rb
|
190
202
|
- test/user_test.rb
|
191
203
|
- spec/requests/end_to_end_spec.rb
|
192
204
|
- spec/requests/authentication_soot2.rb
|
@@ -219,7 +231,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
219
231
|
requirements:
|
220
232
|
- - ">="
|
221
233
|
- !ruby/object:Gem::Version
|
222
|
-
hash:
|
234
|
+
hash: -481137832560706652
|
223
235
|
segments:
|
224
236
|
- 0
|
225
237
|
version: "0"
|
@@ -228,7 +240,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
228
240
|
requirements:
|
229
241
|
- - ">="
|
230
242
|
- !ruby/object:Gem::Version
|
231
|
-
hash:
|
243
|
+
hash: -481137832560706652
|
232
244
|
segments:
|
233
245
|
- 0
|
234
246
|
version: "0"
|
@@ -242,6 +254,7 @@ summary: Client for GDS' OAuth 2-based SSO
|
|
242
254
|
test_files:
|
243
255
|
- test/api_access_test.rb
|
244
256
|
- test/test_helper.rb
|
257
|
+
- test/session_serialisation_test.rb
|
245
258
|
- test/user_test.rb
|
246
259
|
- spec/requests/end_to_end_spec.rb
|
247
260
|
- spec/requests/authentication_soot2.rb
|