gds-sso 1.2.2 → 2.0.0

data/spec/requests/end_to_end_spec.rb

@@ -12,7 +12,7 @@ describe "Integration of client using GDS-SSO with signonotron" do
     Capybara.current_driver = :mechanize
     Capybara::Mechanize.local_hosts << @client_host
 
-    load_signonotron_fixture
+    load_signonotron_setup_fixture
   end
 
   describe "Web client accesses" do
@@ -155,7 +155,7 @@ describe "Integration of client using GDS-SSO with signonotron" do
     end
   end
 
-  describe "API client accesses" do
+  describe "Old-style (HTTP Basic) API client accesses" do
     before :each do
       page.driver.header 'accept', 'application/json'
     end
@@ -179,6 +179,32 @@ describe "Integration of client using GDS-SSO with signonotron" do
     end
   end
 
+  describe "OAuth based API client accesses" do
+    before :each do
+      page.driver.header 'accept', 'application/json'
+      authorize_signonotron_api_user
+
+      token = "caaeb53be5c7277fb0ef158181bfd1537b57f9e3b83eb795be3cd0af6e118b28"
+      page.driver.header 'authorization', "Bearer #{token}"
+    end
+
+    specify "access to a restricted page for an api client requires auth" do
+      page.driver.header 'authorization', 'Bearer Bad Token'
+      visit "http://#{@client_host}/restricted"
+      page.driver.response.status.should == 401
+    end
+
+    specify "setting a correct bearer token allows sign in" do
+      visit "http://#{@client_host}/restricted"
+      page.should have_content('restricted kablooie')
+    end
+
+    specify "setting a correct bearer token picks up permissions" do
+      visit "http://#{@client_host}/this_requires_signin_permission"
+      page.should have_content('you have signin permission')
+    end
+  end
+
   def click_authorize
     click_on( page.has_button?("Authorize") ? "Authorize" : "Yes" )
   end

data/spec/support/signonotron2_integration_helpers.rb

@@ -26,13 +26,21 @@ module Signonotron2IntegrationHelpers
     conn.try(:finish)
   end
 
-  def load_signonotron_fixture
+  def load_signonotron_setup_fixture
+    load_signonotron_fixture("signonotron2.sql")
+  end
+
+  def authorize_signonotron_api_user
+    load_signonotron_fixture("authorize_api_users.sql")
+  end
+
+  def load_signonotron_fixture(fixture_sql_file)
     fixtures_path = Pathname.new(File.join(File.dirname(__FILE__), '../fixtures/integration'))
     app = "signonotron2"
     path_to_app = Rails.root.join('..','..','tmp',app)
 
     db = YAML.load_file(fixtures_path + "#{app}_database.yml")['test']
-    cmd = "sqlite3 #{path_to_app + db['database']} < #{fixtures_path + "#{app}.sql"}"
+    cmd = "sqlite3 #{path_to_app + db['database']} < #{fixtures_path + "#{fixture_sql_file}"}"
     system cmd or raise "Error loading signonotron fixture"
   end
 end

data/test/api_access_test.rb

@@ -13,4 +13,15 @@ class ApiAccessTest < Test::Unit::TestCase
     assert GDS::SSO::ApiAccess.api_call?('HTTP_ACCEPT' => 'application/json')
   end
 
+  def test_request_with_authorization_header_is_oauth_api_call
+    assert GDS::SSO::ApiAccess.oauth_api_call?('HTTP_AUTHORIZATION' => 'Bearer blahblahblah')
+  end
+
+  def test_request_with_http_basic_authorization_header_is_not_oauth_api_call
+    refute GDS::SSO::ApiAccess.oauth_api_call?('HTTP_AUTHORIZATION' => 'Basic Some basic credentials')
+  end
+
+  def test_request_with_empty_authorization_header_is_not_oauth_api_call
+    refute GDS::SSO::ApiAccess.oauth_api_call?('HTTP_AUTHORIZATION' => '')
+  end
 end

metadata

@@ -2,7 +2,7 @@
 name: gds-sso
 version: !ruby/object:Gem::Version 
   prerelease: 
-  version: 1.2.2
+  version: 2.0.0
 platform: ruby
 authors: 
 - Matt Patterson
@@ -11,7 +11,7 @@ autorequire:
 bindir: bin
 cert_chain: []
 
-date: 2012-09-03 00:00:00 Z
+date: 2012-09-11 00:00:00 Z
 dependencies: 
 - !ruby/object:Gem::Dependency 
   name: rails
@@ -178,46 +178,47 @@ extensions: []
 extra_rdoc_files: []
 
 files: 
-- app/controllers/api/user_controller.rb
 - app/controllers/authentications_controller.rb
+- app/controllers/api/user_controller.rb
 - app/views/authentications/failure.html.erb
+- app/views/layouts/unauthorised.html.erb
 - app/views/authorisations/cant_signin.html.erb
 - app/views/authorisations/unauthorised.html.erb
-- app/views/layouts/unauthorised.html.erb
 - config/routes.rb
+- lib/gds-sso.rb
 - lib/gds-sso/user.rb
-- lib/gds-sso/controller_methods.rb
-- lib/gds-sso/failure_app.rb
-- lib/gds-sso/warden_config.rb
 - lib/gds-sso/version.rb
+- lib/gds-sso/warden_config.rb
 - lib/gds-sso/config.rb
+- lib/gds-sso/controller_methods.rb
 - lib/gds-sso/api_access.rb
-- lib/gds-sso.rb
+- lib/gds-sso/failure_app.rb
 - README.md
 - Gemfile
 - Rakefile
-- test/session_serialisation_test.rb
 - test/api_access_test.rb
+- test/session_serialisation_test.rb
 - test/user_test.rb
 - test/test_helper.rb
-- spec/support/signonotron2_integration_helpers.rb
 - spec/tasks/signonotron_tasks.rake
-- spec/fixtures/integration/signonotron2_database.yml
-- spec/fixtures/integration/signonotron2.sql
 - spec/controller/api_user_controller_spec.rb
-- spec/spec_helper.rb
-- spec/requests/authentication_soot2.rb
 - spec/requests/end_to_end_spec.rb
-- spec/internal/public/favicon.ico
-- spec/internal/app/models/user.rb
-- spec/internal/app/controllers/example_controller.rb
-- spec/internal/app/controllers/application_controller.rb
+- spec/requests/authentication_soot2.rb
+- spec/spec_helper.rb
+- spec/support/signonotron2_integration_helpers.rb
+- spec/fixtures/integration/signonotron2.sql
+- spec/fixtures/integration/authorize_api_users.sql
+- spec/fixtures/integration/signonotron2_database.yml
 - spec/internal/log/test.log
 - spec/internal/db/combustion_test.sqlite
 - spec/internal/db/schema.rb
+- spec/internal/public/favicon.ico
 - spec/internal/config/database.yml
 - spec/internal/config/initializers/gds-sso.rb
 - spec/internal/config/routes.rb
+- spec/internal/app/controllers/application_controller.rb
+- spec/internal/app/controllers/example_controller.rb
+- spec/internal/app/models/user.rb
 homepage: https://github.com/alphagov/gds-sso
 licenses: []
 
@@ -231,7 +232,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements: 
   - - ">="
     - !ruby/object:Gem::Version 
-      hash: 2316902323695672733
+      hash: -3062925185370761866
       segments: 
       - 0
       version: "0"
@@ -240,7 +241,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
   requirements: 
   - - ">="
     - !ruby/object:Gem::Version 
-      hash: 2316902323695672733
+      hash: -3062925185370761866
       segments: 
       - 0
       version: "0"
@@ -252,25 +253,26 @@ signing_key:
 specification_version: 3
 summary: Client for GDS' OAuth 2-based SSO
 test_files: 
-- test/session_serialisation_test.rb
 - test/api_access_test.rb
+- test/session_serialisation_test.rb
 - test/user_test.rb
 - test/test_helper.rb
-- spec/support/signonotron2_integration_helpers.rb
 - spec/tasks/signonotron_tasks.rake
-- spec/fixtures/integration/signonotron2_database.yml
-- spec/fixtures/integration/signonotron2.sql
 - spec/controller/api_user_controller_spec.rb
-- spec/spec_helper.rb
-- spec/requests/authentication_soot2.rb
 - spec/requests/end_to_end_spec.rb
-- spec/internal/public/favicon.ico
-- spec/internal/app/models/user.rb
-- spec/internal/app/controllers/example_controller.rb
-- spec/internal/app/controllers/application_controller.rb
+- spec/requests/authentication_soot2.rb
+- spec/spec_helper.rb
+- spec/support/signonotron2_integration_helpers.rb
+- spec/fixtures/integration/signonotron2.sql
+- spec/fixtures/integration/authorize_api_users.sql
+- spec/fixtures/integration/signonotron2_database.yml
 - spec/internal/log/test.log
 - spec/internal/db/combustion_test.sqlite
 - spec/internal/db/schema.rb
+- spec/internal/public/favicon.ico
 - spec/internal/config/database.yml
 - spec/internal/config/initializers/gds-sso.rb
 - spec/internal/config/routes.rb
+- spec/internal/app/controllers/application_controller.rb
+- spec/internal/app/controllers/example_controller.rb
+- spec/internal/app/models/user.rb