gds-sso 1.2.2 → 2.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/Gemfile +1 -1
- data/lib/gds-sso.rb +1 -1
- data/lib/gds-sso/api_access.rb +8 -0
- data/lib/gds-sso/version.rb +1 -1
- data/lib/gds-sso/warden_config.rb +76 -0
- data/spec/fixtures/integration/authorize_api_users.sql +4 -0
- data/spec/fixtures/integration/signonotron2.sql +1 -1
- data/spec/internal/db/combustion_test.sqlite +0 -0
- data/spec/internal/log/test.log +169 -627
- data/spec/requests/end_to_end_spec.rb +28 -2
- data/spec/support/signonotron2_integration_helpers.rb +10 -2
- data/test/api_access_test.rb +11 -0
- metadata +32 -30
@@ -12,7 +12,7 @@ describe "Integration of client using GDS-SSO with signonotron" do
|
|
12
12
|
Capybara.current_driver = :mechanize
|
13
13
|
Capybara::Mechanize.local_hosts << @client_host
|
14
14
|
|
15
|
-
|
15
|
+
load_signonotron_setup_fixture
|
16
16
|
end
|
17
17
|
|
18
18
|
describe "Web client accesses" do
|
@@ -155,7 +155,7 @@ describe "Integration of client using GDS-SSO with signonotron" do
|
|
155
155
|
end
|
156
156
|
end
|
157
157
|
|
158
|
-
describe "API client accesses" do
|
158
|
+
describe "Old-style (HTTP Basic) API client accesses" do
|
159
159
|
before :each do
|
160
160
|
page.driver.header 'accept', 'application/json'
|
161
161
|
end
|
@@ -179,6 +179,32 @@ describe "Integration of client using GDS-SSO with signonotron" do
|
|
179
179
|
end
|
180
180
|
end
|
181
181
|
|
182
|
+
describe "OAuth based API client accesses" do
|
183
|
+
before :each do
|
184
|
+
page.driver.header 'accept', 'application/json'
|
185
|
+
authorize_signonotron_api_user
|
186
|
+
|
187
|
+
token = "caaeb53be5c7277fb0ef158181bfd1537b57f9e3b83eb795be3cd0af6e118b28"
|
188
|
+
page.driver.header 'authorization', "Bearer #{token}"
|
189
|
+
end
|
190
|
+
|
191
|
+
specify "access to a restricted page for an api client requires auth" do
|
192
|
+
page.driver.header 'authorization', 'Bearer Bad Token'
|
193
|
+
visit "http://#{@client_host}/restricted"
|
194
|
+
page.driver.response.status.should == 401
|
195
|
+
end
|
196
|
+
|
197
|
+
specify "setting a correct bearer token allows sign in" do
|
198
|
+
visit "http://#{@client_host}/restricted"
|
199
|
+
page.should have_content('restricted kablooie')
|
200
|
+
end
|
201
|
+
|
202
|
+
specify "setting a correct bearer token picks up permissions" do
|
203
|
+
visit "http://#{@client_host}/this_requires_signin_permission"
|
204
|
+
page.should have_content('you have signin permission')
|
205
|
+
end
|
206
|
+
end
|
207
|
+
|
182
208
|
def click_authorize
|
183
209
|
click_on( page.has_button?("Authorize") ? "Authorize" : "Yes" )
|
184
210
|
end
|
@@ -26,13 +26,21 @@ module Signonotron2IntegrationHelpers
|
|
26
26
|
conn.try(:finish)
|
27
27
|
end
|
28
28
|
|
29
|
-
def
|
29
|
+
def load_signonotron_setup_fixture
|
30
|
+
load_signonotron_fixture("signonotron2.sql")
|
31
|
+
end
|
32
|
+
|
33
|
+
def authorize_signonotron_api_user
|
34
|
+
load_signonotron_fixture("authorize_api_users.sql")
|
35
|
+
end
|
36
|
+
|
37
|
+
def load_signonotron_fixture(fixture_sql_file)
|
30
38
|
fixtures_path = Pathname.new(File.join(File.dirname(__FILE__), '../fixtures/integration'))
|
31
39
|
app = "signonotron2"
|
32
40
|
path_to_app = Rails.root.join('..','..','tmp',app)
|
33
41
|
|
34
42
|
db = YAML.load_file(fixtures_path + "#{app}_database.yml")['test']
|
35
|
-
cmd = "sqlite3 #{path_to_app + db['database']} < #{fixtures_path + "#{
|
43
|
+
cmd = "sqlite3 #{path_to_app + db['database']} < #{fixtures_path + "#{fixture_sql_file}"}"
|
36
44
|
system cmd or raise "Error loading signonotron fixture"
|
37
45
|
end
|
38
46
|
end
|
data/test/api_access_test.rb
CHANGED
@@ -13,4 +13,15 @@ class ApiAccessTest < Test::Unit::TestCase
|
|
13
13
|
assert GDS::SSO::ApiAccess.api_call?('HTTP_ACCEPT' => 'application/json')
|
14
14
|
end
|
15
15
|
|
16
|
+
def test_request_with_authorization_header_is_oauth_api_call
|
17
|
+
assert GDS::SSO::ApiAccess.oauth_api_call?('HTTP_AUTHORIZATION' => 'Bearer blahblahblah')
|
18
|
+
end
|
19
|
+
|
20
|
+
def test_request_with_http_basic_authorization_header_is_not_oauth_api_call
|
21
|
+
refute GDS::SSO::ApiAccess.oauth_api_call?('HTTP_AUTHORIZATION' => 'Basic Some basic credentials')
|
22
|
+
end
|
23
|
+
|
24
|
+
def test_request_with_empty_authorization_header_is_not_oauth_api_call
|
25
|
+
refute GDS::SSO::ApiAccess.oauth_api_call?('HTTP_AUTHORIZATION' => '')
|
26
|
+
end
|
16
27
|
end
|
metadata
CHANGED
@@ -2,7 +2,7 @@
|
|
2
2
|
name: gds-sso
|
3
3
|
version: !ruby/object:Gem::Version
|
4
4
|
prerelease:
|
5
|
-
version:
|
5
|
+
version: 2.0.0
|
6
6
|
platform: ruby
|
7
7
|
authors:
|
8
8
|
- Matt Patterson
|
@@ -11,7 +11,7 @@ autorequire:
|
|
11
11
|
bindir: bin
|
12
12
|
cert_chain: []
|
13
13
|
|
14
|
-
date: 2012-09-
|
14
|
+
date: 2012-09-11 00:00:00 Z
|
15
15
|
dependencies:
|
16
16
|
- !ruby/object:Gem::Dependency
|
17
17
|
name: rails
|
@@ -178,46 +178,47 @@ extensions: []
|
|
178
178
|
extra_rdoc_files: []
|
179
179
|
|
180
180
|
files:
|
181
|
-
- app/controllers/api/user_controller.rb
|
182
181
|
- app/controllers/authentications_controller.rb
|
182
|
+
- app/controllers/api/user_controller.rb
|
183
183
|
- app/views/authentications/failure.html.erb
|
184
|
+
- app/views/layouts/unauthorised.html.erb
|
184
185
|
- app/views/authorisations/cant_signin.html.erb
|
185
186
|
- app/views/authorisations/unauthorised.html.erb
|
186
|
-
- app/views/layouts/unauthorised.html.erb
|
187
187
|
- config/routes.rb
|
188
|
+
- lib/gds-sso.rb
|
188
189
|
- lib/gds-sso/user.rb
|
189
|
-
- lib/gds-sso/controller_methods.rb
|
190
|
-
- lib/gds-sso/failure_app.rb
|
191
|
-
- lib/gds-sso/warden_config.rb
|
192
190
|
- lib/gds-sso/version.rb
|
191
|
+
- lib/gds-sso/warden_config.rb
|
193
192
|
- lib/gds-sso/config.rb
|
193
|
+
- lib/gds-sso/controller_methods.rb
|
194
194
|
- lib/gds-sso/api_access.rb
|
195
|
-
- lib/gds-sso.rb
|
195
|
+
- lib/gds-sso/failure_app.rb
|
196
196
|
- README.md
|
197
197
|
- Gemfile
|
198
198
|
- Rakefile
|
199
|
-
- test/session_serialisation_test.rb
|
200
199
|
- test/api_access_test.rb
|
200
|
+
- test/session_serialisation_test.rb
|
201
201
|
- test/user_test.rb
|
202
202
|
- test/test_helper.rb
|
203
|
-
- spec/support/signonotron2_integration_helpers.rb
|
204
203
|
- spec/tasks/signonotron_tasks.rake
|
205
|
-
- spec/fixtures/integration/signonotron2_database.yml
|
206
|
-
- spec/fixtures/integration/signonotron2.sql
|
207
204
|
- spec/controller/api_user_controller_spec.rb
|
208
|
-
- spec/spec_helper.rb
|
209
|
-
- spec/requests/authentication_soot2.rb
|
210
205
|
- spec/requests/end_to_end_spec.rb
|
211
|
-
- spec/
|
212
|
-
- spec/
|
213
|
-
- spec/
|
214
|
-
- spec/
|
206
|
+
- spec/requests/authentication_soot2.rb
|
207
|
+
- spec/spec_helper.rb
|
208
|
+
- spec/support/signonotron2_integration_helpers.rb
|
209
|
+
- spec/fixtures/integration/signonotron2.sql
|
210
|
+
- spec/fixtures/integration/authorize_api_users.sql
|
211
|
+
- spec/fixtures/integration/signonotron2_database.yml
|
215
212
|
- spec/internal/log/test.log
|
216
213
|
- spec/internal/db/combustion_test.sqlite
|
217
214
|
- spec/internal/db/schema.rb
|
215
|
+
- spec/internal/public/favicon.ico
|
218
216
|
- spec/internal/config/database.yml
|
219
217
|
- spec/internal/config/initializers/gds-sso.rb
|
220
218
|
- spec/internal/config/routes.rb
|
219
|
+
- spec/internal/app/controllers/application_controller.rb
|
220
|
+
- spec/internal/app/controllers/example_controller.rb
|
221
|
+
- spec/internal/app/models/user.rb
|
221
222
|
homepage: https://github.com/alphagov/gds-sso
|
222
223
|
licenses: []
|
223
224
|
|
@@ -231,7 +232,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
231
232
|
requirements:
|
232
233
|
- - ">="
|
233
234
|
- !ruby/object:Gem::Version
|
234
|
-
hash:
|
235
|
+
hash: -3062925185370761866
|
235
236
|
segments:
|
236
237
|
- 0
|
237
238
|
version: "0"
|
@@ -240,7 +241,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
240
241
|
requirements:
|
241
242
|
- - ">="
|
242
243
|
- !ruby/object:Gem::Version
|
243
|
-
hash:
|
244
|
+
hash: -3062925185370761866
|
244
245
|
segments:
|
245
246
|
- 0
|
246
247
|
version: "0"
|
@@ -252,25 +253,26 @@ signing_key:
|
|
252
253
|
specification_version: 3
|
253
254
|
summary: Client for GDS' OAuth 2-based SSO
|
254
255
|
test_files:
|
255
|
-
- test/session_serialisation_test.rb
|
256
256
|
- test/api_access_test.rb
|
257
|
+
- test/session_serialisation_test.rb
|
257
258
|
- test/user_test.rb
|
258
259
|
- test/test_helper.rb
|
259
|
-
- spec/support/signonotron2_integration_helpers.rb
|
260
260
|
- spec/tasks/signonotron_tasks.rake
|
261
|
-
- spec/fixtures/integration/signonotron2_database.yml
|
262
|
-
- spec/fixtures/integration/signonotron2.sql
|
263
261
|
- spec/controller/api_user_controller_spec.rb
|
264
|
-
- spec/spec_helper.rb
|
265
|
-
- spec/requests/authentication_soot2.rb
|
266
262
|
- spec/requests/end_to_end_spec.rb
|
267
|
-
- spec/
|
268
|
-
- spec/
|
269
|
-
- spec/
|
270
|
-
- spec/
|
263
|
+
- spec/requests/authentication_soot2.rb
|
264
|
+
- spec/spec_helper.rb
|
265
|
+
- spec/support/signonotron2_integration_helpers.rb
|
266
|
+
- spec/fixtures/integration/signonotron2.sql
|
267
|
+
- spec/fixtures/integration/authorize_api_users.sql
|
268
|
+
- spec/fixtures/integration/signonotron2_database.yml
|
271
269
|
- spec/internal/log/test.log
|
272
270
|
- spec/internal/db/combustion_test.sqlite
|
273
271
|
- spec/internal/db/schema.rb
|
272
|
+
- spec/internal/public/favicon.ico
|
274
273
|
- spec/internal/config/database.yml
|
275
274
|
- spec/internal/config/initializers/gds-sso.rb
|
276
275
|
- spec/internal/config/routes.rb
|
276
|
+
- spec/internal/app/controllers/application_controller.rb
|
277
|
+
- spec/internal/app/controllers/example_controller.rb
|
278
|
+
- spec/internal/app/models/user.rb
|