gds-sso 13.0.0 → 13.1.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: fbec88e513c5466e5b132a86a6974502371aa890
-  data.tar.gz: 6838ffe5908c7a90399b031036bf1c64fdf0cce5
+  metadata.gz: 5631ed3451bf7a920107d8c4824612ef3ca79d26
+  data.tar.gz: 9a9cf474fb50419c0f904d337a1a2fc50a345b39
 SHA512:
-  metadata.gz: 1e7f9a752718a4bdf49b6a76900f9237afa5a2f30bbf4400db32e3539773aa5d16ee652b811491e994fca5c2d81fe041724f4b94f31247aa3e5b62f52e7da3b7
-  data.tar.gz: 7de11e1d22a66d8a2d40a9dc6131c06df6e26f74e8891f8b8980561987a136a3f383428bc7cae1a6c6aa4fa66432621b7aa76b3b348e30c8098cf34a5ede2cb2
+  metadata.gz: 917c719abe6c0274e0ff6fd21e10a2c7c905814e19e8ccc3d2750b7db65baa8e322bebcdf8c07e2650cb072cb169713ec31d4413347a00590f473f4ce028941a
+  data.tar.gz: a4382cf7d842114984ccb0292f0d6aa26746eaab57fda2258f7cb08b075f2ba458fbb2c43037ca75805d95843367cf902bd8f348388456bf3b3589faa64888c2

data/README.md

@@ -104,6 +104,16 @@ private
 end
 ```
 
+`authorise_user!` can be configured to check for multiple permissions:
+
+```ruby
+# fails unless the user has at least one of these permissions
+authorise_user!(any_of: %w(edit create))
+
+# fails unless the user has both of these permissions
+authorise_user!(all_of: %w(edit create))
+```
+
 ### Authorisation for API Users
 
 In addition to the single-sign-on strategy, this gem also allows authorisation

data/lib/gds-sso/controller_methods.rb

@@ -13,13 +13,26 @@ module GDS
       end
 
 
-      def authorise_user!(permission)
+      def authorise_user!(permissions)
         # Ensure that we're authenticated (and by extension that current_user is set).
         # Otherwise current_user might be nil, and we'd error out
         authenticate_user!
 
-        if not current_user.has_permission?(permission)
-          raise PermissionDeniedException, "Sorry, you don't seem to have the #{permission} permission for this app."
+        case permissions
+        when String
+          unless current_user.has_permission?(permissions)
+            raise PermissionDeniedException, "Sorry, you don't seem to have the #{permissions} permission for this app."
+          end
+        when Hash
+          raise ArgumentError, "Must be either `any_of` or `all_of`" unless permissions.keys.size == 1
+
+          if permissions[:any_of]
+            authorise_user_with_at_least_one_of_permissions!(permissions[:any_of])
+          elsif permissions[:all_of]
+            authorise_user_with_all_permissions!(permissions[:all_of])
+          else
+            raise ArgumentError, "Must be either `any_of` or `all_of`"
+          end
         end
       end
 
@@ -52,6 +65,22 @@ module GDS
       def warden
         request.env['warden']
       end
+
+      private
+
+      def authorise_user_with_at_least_one_of_permissions!(permissions)
+        if permissions.none? { |permission| current_user.has_permission?(permission) }
+          raise PermissionDeniedException,
+            "Sorry, you don't seem to have any of the permissions: #{permissions.to_sentence} for this app."
+        end
+      end
+
+      def authorise_user_with_all_permissions!(permissions)
+        unless permissions.all? { |permission| current_user.has_permission?(permission) }
+          raise PermissionDeniedException,
+            "Sorry, you don't seem to have all of the permissions: #{permissions.to_sentence} for this app."
+        end
+      end
     end
   end
 end

data/lib/gds-sso/version.rb

@@ -1,5 +1,5 @@
 module GDS
   module SSO
-    VERSION = "13.0.0"
+    VERSION = "13.1.0"
   end
 end

data/spec/controller/controller_methods_spec.rb

@@ -0,0 +1,71 @@
+require 'spec_helper'
+
+RSpec.describe GDS::SSO::ControllerMethods, '#authorise_user!' do
+  class ControllerSpy < ApplicationController
+    include GDS::SSO::ControllerMethods
+
+    def initialize(current_user)
+      @current_user = current_user
+    end
+
+    def authenticate_user!
+      true
+    end
+
+    attr_reader :current_user
+  end
+
+  let(:current_user) { double }
+  let(:expected_error) { GDS::SSO::ControllerMethods::PermissionDeniedException }
+
+  context 'with a single string permission argument' do
+    it 'permits users with the required permission' do
+      allow(current_user).to receive(:has_permission?).with('good').and_return(true)
+
+      expect { ControllerSpy.new(current_user).authorise_user!('good') }.not_to raise_error
+    end
+
+    it 'does not permit the users without the required permission' do
+      allow(current_user).to receive(:has_permission?).with('good').and_return(false)
+
+      expect { ControllerSpy.new(current_user).authorise_user!('good') }.to raise_error(expected_error)
+    end
+  end
+
+  context 'with the `all_of` option' do
+    it 'permits users with all of the required permissions' do
+      allow(current_user).to receive(:has_permission?).with('good').and_return(true)
+      allow(current_user).to receive(:has_permission?).with('bad').and_return(true)
+
+      expect { ControllerSpy.new(current_user).authorise_user!(all_of: %w(good bad)) }.not_to raise_error
+    end
+
+    it 'does not permit users without all of the required permissions' do
+      allow(current_user).to receive(:has_permission?).with('good').and_return(false)
+      allow(current_user).to receive(:has_permission?).with('bad').and_return(true)
+
+      expect { ControllerSpy.new(current_user).authorise_user!(all_of: %w(good bad)) }.to raise_error(expected_error)
+    end
+  end
+
+  context 'with the `any_of` option' do
+    it 'permits users with any of the required permissions' do
+      allow(current_user).to receive(:has_permission?).with('good').and_return(true)
+      allow(current_user).to receive(:has_permission?).with('bad').and_return(false)
+
+      expect { ControllerSpy.new(current_user).authorise_user!(any_of: %w(good bad)) }.not_to raise_error
+    end
+
+    it 'does not permit users without any of the required permissions' do
+      allow(current_user).to receive(:has_permission?).and_return(false)
+
+      expect { ControllerSpy.new(current_user).authorise_user!(any_of: %w(good bad)) }.to raise_error(expected_error)
+    end
+  end
+
+  context 'with none of `any_of` or `all_of`' do
+    it 'raises an `ArgumentError`' do
+      expect { ControllerSpy.new(current_user).authorise_user!(whoops: 'bad') }.to raise_error(ArgumentError)
+    end
+  end
+end

data/spec/fixtures/integration/signonotron2.sql

@@ -18,7 +18,7 @@ INSERT INTO `supported_permissions` (id, application_id, name, created_at, updat
               VALUES (2,2,'signin','2012-04-19 13:26:54','2012-04-19 13:26:54');
 
 INSERT INTO `users` (id, email, encrypted_password, password_salt, created_at, updated_at, confirmed_at, name, uid, role, password_changed_at)
-              VALUES (1,'test@example-client.com','bb8e19edbaa1e7721abe0faa5c1663a7685950093b8c7eceb0f2e3889bdea4c5f17ca97820b2c663edf46ea532d1a9baa04b680fc537b4de8a3f376dd28e3ffd','MpLsZ8q1UaAojTa6bTC6','2012-04-19 13:26:54','2012-04-19 13:26:54','2012-04-19 13:26:54','Test User','integration-uid', "normal", NOW());
+              VALUES (1,'test@example-client.com','3a890fe5e95b328b83f2ba57ea893cae595f4937291ff5550acb68f4a8dafeac22e5f8120c1e66be8f2b769df142dd3d111b404c5c1741595c9ecc9e7e6ad827','QCsZsJs7m5ojdgvysHSy','2012-04-19 13:26:54','2012-04-19 13:26:54','2012-04-19 13:26:54','Test User','integration-uid', "normal", NOW());
 
 INSERT INTO `user_application_permissions` (user_id, application_id, supported_permission_id, created_at, updated_at)
               VALUES (1,1,1,'2012-04-19 13:26:54','2012-04-19 13:26:54');

data/spec/internal/log/test.log

@@ -1,86 +1,83 @@
-   (18.1ms)  CREATE TABLE "users" ("id" INTEGER PRIMARY KEY AUTOINCREMENT NOT NULL, "name" varchar NOT NULL, "uid" varchar NOT NULL, "email" varchar NOT NULL, "remotely_signed_out" boolean, "permissions" text, "organisation_slug" varchar, "organisation_content_id" varchar, "disabled" boolean DEFAULT 'f') 
-   (13.6ms)  CREATE TABLE "schema_migrations" ("version" varchar NOT NULL) 
+   (35.9ms)  CREATE TABLE "users" ("id" INTEGER PRIMARY KEY AUTOINCREMENT NOT NULL, "name" varchar NOT NULL, "uid" varchar NOT NULL, "email" varchar NOT NULL, "remotely_signed_out" boolean, "permissions" text, "organisation_slug" varchar, "organisation_content_id" varchar, "disabled" boolean DEFAULT 'f') 
+   (12.9ms)  CREATE TABLE "schema_migrations" ("version" varchar NOT NULL) 
    (0.1ms)  select sqlite_version(*)
-   (11.3ms)  CREATE UNIQUE INDEX "unique_schema_migrations" ON "schema_migrations" ("version")
+   (31.3ms)  CREATE UNIQUE INDEX "unique_schema_migrations" ON "schema_migrations" ("version")
   User Load (0.2ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ?  ORDER BY "users"."id" ASC LIMIT 1  [["uid", "asd"]]
   User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."email" = ?  ORDER BY "users"."id" ASC LIMIT 1  [["email", "user@example.com"]]
    (0.1ms)  begin transaction
-  SQL (0.3ms)  INSERT INTO "users" ("uid", "email", "name", "permissions", "organisation_slug", "organisation_content_id", "disabled") VALUES (?, ?, ?, ?, ?, ?, ?)  [["uid", "asd"], ["email", "user@example.com"], ["name", "A Name"], ["permissions", "---\n- signin\n"], ["organisation_slug", "hmrc"], ["organisation_content_id", "67a2b78d-eee3-45b3-80e2-792e7f71cecc"], ["disabled", nil]]
-   (17.3ms)  commit transaction
+  SQL (0.2ms)  INSERT INTO "users" ("uid", "email", "name", "permissions", "organisation_slug", "organisation_content_id", "disabled") VALUES (?, ?, ?, ?, ?, ?, ?)  [["uid", "asd"], ["email", "user@example.com"], ["name", "A Name"], ["permissions", "---\n- signin\n"], ["organisation_slug", "hmrc"], ["organisation_content_id", "67a2b78d-eee3-45b3-80e2-792e7f71cecc"], ["disabled", nil]]
+   (28.9ms)  commit transaction
   User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ?  ORDER BY "users"."id" ASC LIMIT 1  [["uid", "asd"]]
    (0.1ms)  begin transaction
    (0.1ms)  commit transaction
    (0.1ms)  begin transaction
-  SQL (0.2ms)  INSERT INTO "users" ("uid", "email", "name", "permissions") VALUES (?, ?, ?, ?)  [["uid", "a1s2d3538"], ["email", "old@domain.com"], ["name", "Moshua Jarshall"], ["permissions", "---\n- signin\n"]]
-   (31.0ms)  commit transaction
+  SQL (0.2ms)  INSERT INTO "users" ("uid", "email", "name", "permissions") VALUES (?, ?, ?, ?)  [["uid", "a1s2d35531"], ["email", "old@domain.com"], ["name", "Moshua Jarshall"], ["permissions", "---\n- signin\n"]]
+   (14.3ms)  commit transaction
    (0.1ms)  begin transaction
-  SQL (0.2ms)  INSERT INTO "users" ("uid", "email", "name", "permissions") VALUES (?, ?, ?, ?)  [["uid", "a1s2d35391"], ["email", "ssopushuser@legit.com"], ["name", "SSO Push user"], ["permissions", "---\n- signin\n- user_update_permission\n"]]
-   (25.3ms)  commit transaction
+  SQL (0.2ms)  INSERT INTO "users" ("uid", "email", "name", "permissions") VALUES (?, ?, ?, ?)  [["uid", "a1s2d35203"], ["email", "ssopushuser@legit.com"], ["name", "SSO Push user"], ["permissions", "---\n- signin\n- user_update_permission\n"]]
+   (11.2ms)  commit transaction
 Processing by Api::UserController#update as HTML
-  Parameters: {"uid"=>"a1s2d3538"}
-  User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ?  ORDER BY "users"."id" ASC LIMIT 1  [["uid", "a1s2d3538"]]
+  Parameters: {"uid"=>"a1s2d35531"}
+  Rendered /home/jenkins/workspace/govuk_gds_sso/app/views/authorisations/unauthorised.html.erb within layouts/unauthorised (0.3ms)
+Completed 403 Forbidden in 9ms (Views: 8.5ms | ActiveRecord: 0.0ms)
+   (0.1ms)  begin transaction
+  SQL (0.2ms)  INSERT INTO "users" ("uid", "email", "name", "permissions") VALUES (?, ?, ?, ?)  [["uid", "a1s2d34549"], ["email", "old@domain.com"], ["name", "Moshua Jarshall"], ["permissions", "---\n- signin\n"]]
+   (37.0ms)  commit transaction
    (0.2ms)  begin transaction
-  SQL (0.2ms)  UPDATE "users" SET "email" = ?, "name" = ?, "permissions" = ?, "organisation_slug" = ?, "organisation_content_id" = ? WHERE "users"."id" = ?  [["email", "user@domain.com"], ["name", "Joshua Marshall"], ["permissions", "---\n- signin\n- new permission\n"], ["organisation_slug", "justice-league"], ["organisation_content_id", "aae1319e-5788-4677-998c-f1a53af528d0"], ["id", 2]]
-   (12.6ms)  commit transaction
-Completed 200 OK in 18ms (ActiveRecord: 13.1ms)
-  User Load (0.2ms)  SELECT  "users".* FROM "users" WHERE "users"."id" = ? LIMIT 1  [["id", 2]]
+  SQL (0.2ms)  INSERT INTO "users" ("uid", "email", "name", "permissions") VALUES (?, ?, ?, ?)  [["uid", "a1s2d34041"], ["email", "ssopushuser@legit.com"], ["name", "SSO Push user"], ["permissions", "---\n- signin\n- user_update_permission\n"]]
+   (25.5ms)  commit transaction
+Processing by Api::UserController#update as HTML
+  Parameters: {"uid"=>"a1s2d34549"}
+  User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ?  ORDER BY "users"."id" ASC LIMIT 1  [["uid", "a1s2d34549"]]
+   (0.1ms)  begin transaction
+  SQL (0.3ms)  UPDATE "users" SET "email" = ?, "name" = ?, "permissions" = ?, "organisation_slug" = ?, "organisation_content_id" = ? WHERE "users"."id" = ?  [["email", "user@domain.com"], ["name", "Joshua Marshall"], ["permissions", "---\n- signin\n- new permission\n"], ["organisation_slug", "justice-league"], ["organisation_content_id", "aae1319e-5788-4677-998c-f1a53af528d0"], ["id", 4]]
+   (14.2ms)  commit transaction
+Completed 200 OK in 20ms (ActiveRecord: 14.7ms)
+  User Load (0.2ms)  SELECT  "users".* FROM "users" WHERE "users"."id" = ? LIMIT 1  [["id", 4]]
    (0.1ms)  begin transaction
-  SQL (0.1ms)  INSERT INTO "users" ("uid", "email", "name", "permissions") VALUES (?, ?, ?, ?)  [["uid", "a1s2d37391"], ["email", "old@domain.com"], ["name", "Moshua Jarshall"], ["permissions", "---\n- signin\n"]]
-   (6.3ms)  commit transaction
+  SQL (0.2ms)  INSERT INTO "users" ("uid", "email", "name", "permissions") VALUES (?, ?, ?, ?)  [["uid", "a1s2d38988"], ["email", "old@domain.com"], ["name", "Moshua Jarshall"], ["permissions", "---\n- signin\n"]]
+   (26.7ms)  commit transaction
    (0.1ms)  begin transaction
-  SQL (0.1ms)  INSERT INTO "users" ("uid", "email", "name", "permissions") VALUES (?, ?, ?, ?)  [["uid", "a1s2d39472"], ["email", "ssopushuser@legit.com"], ["name", "SSO Push user"], ["permissions", "---\n- signin\n- user_update_permission\n"]]
-   (9.6ms)  commit transaction
-Processing by Api::UserController#update as HTML
-  Parameters: {"uid"=>"a1s2d37391"}
-  Rendered /home/jenkins/workspace/govuk_gds_sso/app/views/authorisations/unauthorised.html.erb within layouts/unauthorised (0.2ms)
-Completed 403 Forbidden in 9ms (Views: 8.6ms | ActiveRecord: 0.0ms)
+  SQL (0.2ms)  INSERT INTO "users" ("uid", "email", "name", "permissions") VALUES (?, ?, ?, ?)  [["uid", "a1s2d35119"], ["email", "ssopushuser@legit.com"], ["name", "SSO Push user"], ["permissions", "---\n- signin\n- user_update_permission\n"]]
+   (10.9ms)  commit transaction
+Processing by Api::UserController#reauth as HTML
+  Parameters: {"uid"=>"a1s2d38988"}
+  Rendered /home/jenkins/workspace/govuk_gds_sso/app/views/authorisations/unauthorised.html.erb within layouts/unauthorised (0.1ms)
+Completed 403 Forbidden in 1ms (Views: 0.6ms | ActiveRecord: 0.0ms)
    (0.1ms)  begin transaction
-  SQL (0.2ms)  INSERT INTO "users" ("uid", "email", "name", "permissions") VALUES (?, ?, ?, ?)  [["uid", "a1s2d38787"], ["email", "old@domain.com"], ["name", "Moshua Jarshall"], ["permissions", "---\n- signin\n"]]
-   (9.5ms)  commit transaction
+  SQL (0.3ms)  INSERT INTO "users" ("uid", "email", "name", "permissions") VALUES (?, ?, ?, ?)  [["uid", "a1s2d39922"], ["email", "old@domain.com"], ["name", "Moshua Jarshall"], ["permissions", "---\n- signin\n"]]
+   (9.1ms)  commit transaction
    (0.1ms)  begin transaction
-  SQL (0.1ms)  INSERT INTO "users" ("uid", "email", "name", "permissions") VALUES (?, ?, ?, ?)  [["uid", "a1s2d31292"], ["email", "ssopushuser@legit.com"], ["name", "SSO Push user"], ["permissions", "---\n- signin\n- user_update_permission\n"]]
-   (6.1ms)  commit transaction
+  SQL (0.2ms)  INSERT INTO "users" ("uid", "email", "name", "permissions") VALUES (?, ?, ?, ?)  [["uid", "a1s2d3547"], ["email", "ssopushuser@legit.com"], ["name", "SSO Push user"], ["permissions", "---\n- signin\n- user_update_permission\n"]]
+   (9.2ms)  commit transaction
 Processing by Api::UserController#reauth as HTML
   Parameters: {"uid"=>"nonexistent-user"}
   User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ?  ORDER BY "users"."id" ASC LIMIT 1  [["uid", "nonexistent-user"]]
 Completed 200 OK in 1ms (ActiveRecord: 0.1ms)
    (0.1ms)  begin transaction
-  SQL (0.2ms)  INSERT INTO "users" ("uid", "email", "name", "permissions") VALUES (?, ?, ?, ?)  [["uid", "a1s2d37690"], ["email", "old@domain.com"], ["name", "Moshua Jarshall"], ["permissions", "---\n- signin\n"]]
-   (26.9ms)  commit transaction
-   (0.1ms)  begin transaction
-  SQL (0.2ms)  INSERT INTO "users" ("uid", "email", "name", "permissions") VALUES (?, ?, ?, ?)  [["uid", "a1s2d33291"], ["email", "ssopushuser@legit.com"], ["name", "SSO Push user"], ["permissions", "---\n- signin\n- user_update_permission\n"]]
-   (10.2ms)  commit transaction
-Processing by Api::UserController#reauth as HTML
-  Parameters: {"uid"=>"a1s2d37690"}
-  Rendered /home/jenkins/workspace/govuk_gds_sso/app/views/authorisations/unauthorised.html.erb within layouts/unauthorised (0.1ms)
-Completed 403 Forbidden in 1ms (Views: 0.6ms | ActiveRecord: 0.0ms)
-   (0.1ms)  begin transaction
-  SQL (0.3ms)  INSERT INTO "users" ("uid", "email", "name", "permissions") VALUES (?, ?, ?, ?)  [["uid", "a1s2d35548"], ["email", "old@domain.com"], ["name", "Moshua Jarshall"], ["permissions", "---\n- signin\n"]]
-   (10.5ms)  commit transaction
+  SQL (0.2ms)  INSERT INTO "users" ("uid", "email", "name", "permissions") VALUES (?, ?, ?, ?)  [["uid", "a1s2d35459"], ["email", "old@domain.com"], ["name", "Moshua Jarshall"], ["permissions", "---\n- signin\n"]]
+   (10.1ms)  commit transaction
    (0.1ms)  begin transaction
-  SQL (0.1ms)  INSERT INTO "users" ("uid", "email", "name", "permissions") VALUES (?, ?, ?, ?)  [["uid", "a1s2d36496"], ["email", "ssopushuser@legit.com"], ["name", "SSO Push user"], ["permissions", "---\n- signin\n- user_update_permission\n"]]
-   (9.8ms)  commit transaction
+  SQL (0.2ms)  INSERT INTO "users" ("uid", "email", "name", "permissions") VALUES (?, ?, ?, ?)  [["uid", "a1s2d34974"], ["email", "ssopushuser@legit.com"], ["name", "SSO Push user"], ["permissions", "---\n- signin\n- user_update_permission\n"]]
+   (10.4ms)  commit transaction
 Processing by Api::UserController#reauth as HTML
-  Parameters: {"uid"=>"a1s2d35548"}
-  User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ?  ORDER BY "users"."id" ASC LIMIT 1  [["uid", "a1s2d35548"]]
+  Parameters: {"uid"=>"a1s2d35459"}
+  User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ?  ORDER BY "users"."id" ASC LIMIT 1  [["uid", "a1s2d35459"]]
    (0.1ms)  begin transaction
-  SQL (0.3ms)  UPDATE "users" SET "remotely_signed_out" = ? WHERE "users"."id" = ?  [["remotely_signed_out", "t"], ["id", 10]]
-   (8.8ms)  commit transaction
-Completed 200 OK in 12ms (ActiveRecord: 9.3ms)
+  SQL (0.2ms)  UPDATE "users" SET "remotely_signed_out" = ? WHERE "users"."id" = ?  [["remotely_signed_out", "t"], ["id", 10]]
+   (32.2ms)  commit transaction
+Completed 200 OK in 35ms (ActiveRecord: 32.6ms)
   User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."id" = ? LIMIT 1  [["id", 10]]
-Started GET "/restricted" for 127.0.0.1 at 2016-09-22 10:04:33 +0000
-Processing by ExampleController#restricted as JSON
-Completed   in 149ms (ActiveRecord: 0.0ms)
-Started GET "/restricted" for 127.0.0.1 at 2016-09-22 10:04:33 +0000
-Processing by ExampleController#restricted as JSON
-Completed   in 33ms (ActiveRecord: 0.0ms)
-Started GET "/restricted" for 127.0.0.1 at 2016-09-22 10:04:33 +0000
+Started GET "/restricted" for 127.0.0.1 at 2016-11-25 13:43:28 +0000
 Processing by ExampleController#restricted as JSON
+Completed   in 126ms (ActiveRecord: 0.0ms)
+Started GET "/this_requires_signin_permission" for 127.0.0.1 at 2016-11-25 13:43:28 +0000
+Processing by ExampleController#this_requires_signin_permission as JSON
   User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ?  ORDER BY "users"."id" ASC LIMIT 1  [["uid", "integration-uid"]]
   User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."email" = ?  ORDER BY "users"."id" ASC LIMIT 1  [["email", "test@example-client.com"]]
    (0.1ms)  begin transaction
   SQL (0.2ms)  INSERT INTO "users" ("uid", "email", "name", "permissions", "disabled") VALUES (?, ?, ?, ?, ?)  [["uid", "integration-uid"], ["email", "test@example-client.com"], ["name", "Test User"], ["permissions", "---\n- signin\n"], ["disabled", nil]]
-   (17.7ms)  commit transaction
+   (22.7ms)  commit transaction
   User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ?  ORDER BY "users"."id" ASC LIMIT 1  [["uid", "integration-uid"]]
    (0.1ms)  begin transaction
    (0.1ms)  commit transaction
@@ -90,13 +87,16 @@ Processing by ExampleController#restricted as JSON
   CACHE (0.0ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ?  ORDER BY "users"."id" ASC LIMIT 1  [["uid", "integration-uid"]]
    (0.1ms)  begin transaction
    (0.1ms)  commit transaction
-   (0.0ms)  begin transaction
+   (0.1ms)  begin transaction
   SQL (0.2ms)  UPDATE "users" SET "remotely_signed_out" = ? WHERE "users"."id" = ?  [["remotely_signed_out", "f"], ["id", 12]]
-   (34.4ms)  commit transaction
+   (20.5ms)  commit transaction
   Rendered text template (0.0ms)
-Completed 200 OK in 193ms (Views: 1.3ms | ActiveRecord: 53.5ms)
-Started GET "/this_requires_signin_permission" for 127.0.0.1 at 2016-09-22 10:04:33 +0000
-Processing by ExampleController#this_requires_signin_permission as JSON
+Completed 200 OK in 238ms (Views: 1.5ms | ActiveRecord: 44.6ms)
+Started GET "/restricted" for 127.0.0.1 at 2016-11-25 13:43:28 +0000
+Processing by ExampleController#restricted as JSON
+Completed   in 18ms (ActiveRecord: 0.0ms)
+Started GET "/restricted" for 127.0.0.1 at 2016-11-25 13:43:28 +0000
+Processing by ExampleController#restricted as JSON
   User Load (0.2ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ?  ORDER BY "users"."id" ASC LIMIT 1  [["uid", "integration-uid"]]
    (0.1ms)  begin transaction
    (0.1ms)  commit transaction
@@ -109,40 +109,40 @@ Processing by ExampleController#this_requires_signin_permission as JSON
   CACHE (0.0ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ?  ORDER BY "users"."id" ASC LIMIT 1  [["uid", "integration-uid"]]
    (0.1ms)  begin transaction
    (0.1ms)  commit transaction
-   (0.0ms)  begin transaction
-   (0.0ms)  commit transaction
+   (0.1ms)  begin transaction
+   (0.1ms)  commit transaction
   Rendered text template (0.0ms)
-Completed 200 OK in 69ms (Views: 0.3ms | ActiveRecord: 0.9ms)
-Started GET "/this_requires_signin_permission" for 127.0.0.1 at 2016-09-22 10:04:33 +0000
+Completed 200 OK in 77ms (Views: 0.4ms | ActiveRecord: 1.0ms)
+Started GET "/this_requires_signin_permission" for 127.0.0.1 at 2016-11-25 13:43:28 +0000
 Processing by ExampleController#this_requires_signin_permission as HTML
 Authenticating with gds_sso strategy
-Completed   in 0ms (ActiveRecord: 0.0ms)
-Started GET "/auth/gds" for 127.0.0.1 at 2016-09-22 10:04:33 +0000
-Started GET "/auth/gds/callback?code=b9999d7967e3fb60578183e2f4d126826a485c5ff7a897beade1cb4e19376d91&state=2adfa3a413c809a983ea6039ca6474cc852030b9e2db995b" for 127.0.0.1 at 2016-09-22 10:04:44 +0000
+Completed   in 1ms (ActiveRecord: 0.0ms)
+Started GET "/auth/gds" for 127.0.0.1 at 2016-11-25 13:43:28 +0000
+Started GET "/auth/gds/callback?code=0406dfb10516969c1d7102990e91b9550ed0e008047d796666d1ec39a2eaab84&state=3ee46c89f5795b1b78505adce93de7186356f53217a16f0f" for 127.0.0.1 at 2016-11-25 13:43:40 +0000
 Processing by AuthenticationsController#callback as HTML
-  Parameters: {"code"=>"b9999d7967e3fb60578183e2f4d126826a485c5ff7a897beade1cb4e19376d91", "state"=>"2adfa3a413c809a983ea6039ca6474cc852030b9e2db995b"}
+  Parameters: {"code"=>"0406dfb10516969c1d7102990e91b9550ed0e008047d796666d1ec39a2eaab84", "state"=>"3ee46c89f5795b1b78505adce93de7186356f53217a16f0f"}
 Authenticating with gds_sso strategy
   User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ?  ORDER BY "users"."id" ASC LIMIT 1  [["uid", "integration-uid"]]
    (0.1ms)  begin transaction
   SQL (0.2ms)  UPDATE "users" SET "disabled" = ? WHERE "users"."id" = ?  [["disabled", "f"], ["id", 12]]
-   (35.3ms)  commit transaction
+   (14.3ms)  commit transaction
    (0.1ms)  begin transaction
-   (0.0ms)  commit transaction
+   (0.1ms)  commit transaction
 Redirected to http://www.example-client.com/this_requires_signin_permission
-Completed 302 Found in 41ms (ActiveRecord: 35.8ms)
-Started GET "/this_requires_signin_permission" for 127.0.0.1 at 2016-09-22 10:04:44 +0000
+Completed 302 Found in 20ms (ActiveRecord: 14.9ms)
+Started GET "/this_requires_signin_permission" for 127.0.0.1 at 2016-11-25 13:43:40 +0000
 Processing by ExampleController#this_requires_signin_permission as HTML
   User Load (0.2ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? AND "users"."remotely_signed_out" = ?  ORDER BY "users"."id" ASC LIMIT 1  [["uid", "integration-uid"], ["remotely_signed_out", "f"]]
   Rendered text template (0.0ms)
 Completed 200 OK in 2ms (Views: 0.3ms | ActiveRecord: 0.2ms)
-Started GET "/this_requires_signin_permission" for 127.0.0.1 at 2016-09-22 10:04:44 +0000
+Started GET "/this_requires_signin_permission" for 127.0.0.1 at 2016-11-25 13:43:40 +0000
 Processing by ExampleController#this_requires_signin_permission as HTML
 Authenticating with gds_sso strategy
 Completed   in 0ms (ActiveRecord: 0.0ms)
-Started GET "/auth/gds" for 127.0.0.1 at 2016-09-22 10:04:44 +0000
-Started GET "/auth/gds/callback?code=3be5ae4126092b8bb1a2d9a54d90fe56842cc8a53f1b4203de3d2940ebf3621b&state=b6fc160b10f1a8d26ae7487b9655ca8a6cf157176fa9912c" for 127.0.0.1 at 2016-09-22 10:04:44 +0000
+Started GET "/auth/gds" for 127.0.0.1 at 2016-11-25 13:43:40 +0000
+Started GET "/auth/gds/callback?code=fb325e6a959f5b4ceb5f764cc26ce406d4b9cc94eed40f9fa08ddddc0a15cdd5&state=89f87e3d60b0acb5331152ca5ab604dba94898cbcb0a9f2c" for 127.0.0.1 at 2016-11-25 13:43:40 +0000
 Processing by AuthenticationsController#callback as HTML
-  Parameters: {"code"=>"3be5ae4126092b8bb1a2d9a54d90fe56842cc8a53f1b4203de3d2940ebf3621b", "state"=>"b6fc160b10f1a8d26ae7487b9655ca8a6cf157176fa9912c"}
+  Parameters: {"code"=>"fb325e6a959f5b4ceb5f764cc26ce406d4b9cc94eed40f9fa08ddddc0a15cdd5", "state"=>"89f87e3d60b0acb5331152ca5ab604dba94898cbcb0a9f2c"}
 Authenticating with gds_sso strategy
   User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ?  ORDER BY "users"."id" ASC LIMIT 1  [["uid", "integration-uid"]]
    (0.1ms)  begin transaction
@@ -151,95 +151,95 @@ Authenticating with gds_sso strategy
    (0.1ms)  commit transaction
 Redirected to http://www.example-client.com/this_requires_signin_permission
 Completed 302 Found in 5ms (ActiveRecord: 0.4ms)
-Started GET "/this_requires_signin_permission" for 127.0.0.1 at 2016-09-22 10:04:45 +0000
+Started GET "/this_requires_signin_permission" for 127.0.0.1 at 2016-11-25 13:43:40 +0000
 Processing by ExampleController#this_requires_signin_permission as HTML
   User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? AND "users"."remotely_signed_out" = ?  ORDER BY "users"."id" ASC LIMIT 1  [["uid", "integration-uid"], ["remotely_signed_out", "f"]]
   Rendered text template (0.0ms)
 Completed 200 OK in 2ms (Views: 0.3ms | ActiveRecord: 0.1ms)
-Started GET "/restricted" for 127.0.0.1 at 2016-09-22 10:04:45 +0000
+Started GET "/restricted" for 127.0.0.1 at 2016-11-25 13:43:40 +0000
 Processing by ExampleController#restricted as HTML
 Authenticating with gds_sso strategy
 Completed   in 0ms (ActiveRecord: 0.0ms)
-Started GET "/auth/gds" for 127.0.0.1 at 2016-09-22 10:04:45 +0000
-Started GET "/auth/gds/callback?code=812861b61a0e7216b5df60db2f8fee6a4d3ba2f4ce0f4394c9a7b43746d47e90&state=7fc011f7d527322187918cf22c2167f0749dd4421e3f9327" for 127.0.0.1 at 2016-09-22 10:04:45 +0000
+Started GET "/auth/gds" for 127.0.0.1 at 2016-11-25 13:43:40 +0000
+Started GET "/auth/gds/callback?code=711606807dc7895ccb50ecf6d9c24d870400cac80b29f2b478be367053266b80&state=5ef7eedc4153066bb139dd97e198fc8c0c47f7f24c6ad82a" for 127.0.0.1 at 2016-11-25 13:43:40 +0000
 Processing by AuthenticationsController#callback as HTML
-  Parameters: {"code"=>"812861b61a0e7216b5df60db2f8fee6a4d3ba2f4ce0f4394c9a7b43746d47e90", "state"=>"7fc011f7d527322187918cf22c2167f0749dd4421e3f9327"}
+  Parameters: {"code"=>"711606807dc7895ccb50ecf6d9c24d870400cac80b29f2b478be367053266b80", "state"=>"5ef7eedc4153066bb139dd97e198fc8c0c47f7f24c6ad82a"}
 Authenticating with gds_sso strategy
   User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ?  ORDER BY "users"."id" ASC LIMIT 1  [["uid", "integration-uid"]]
    (0.1ms)  begin transaction
-   (0.0ms)  commit transaction
-   (0.0ms)  begin transaction
+   (0.1ms)  commit transaction
+   (0.1ms)  begin transaction
    (0.1ms)  commit transaction
 Redirected to http://www.example-client.com/restricted
-Completed 302 Found in 4ms (ActiveRecord: 0.3ms)
-Started GET "/restricted" for 127.0.0.1 at 2016-09-22 10:04:45 +0000
+Completed 302 Found in 5ms (ActiveRecord: 0.4ms)
+Started GET "/restricted" for 127.0.0.1 at 2016-11-25 13:43:40 +0000
 Processing by ExampleController#restricted as HTML
   User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? AND "users"."remotely_signed_out" = ?  ORDER BY "users"."id" ASC LIMIT 1  [["uid", "integration-uid"], ["remotely_signed_out", "f"]]
   Rendered text template (0.0ms)
-Completed 200 OK in 1ms (Views: 0.2ms | ActiveRecord: 0.1ms)
-Started GET "/restricted" for 127.0.0.1 at 2016-09-22 10:04:45 +0000
+Completed 200 OK in 1ms (Views: 0.3ms | ActiveRecord: 0.1ms)
+Started GET "/restricted" for 127.0.0.1 at 2016-11-25 13:43:40 +0000
 Processing by ExampleController#restricted as HTML
 Authenticating with gds_sso strategy
 Completed   in 0ms (ActiveRecord: 0.0ms)
-Started GET "/auth/gds" for 127.0.0.1 at 2016-09-22 10:04:45 +0000
-Started GET "/auth/gds/callback?code=3bd5a3ef3799d0de3ba38c816c33a4135bd7750c20a81c00b0958cd48d5983c2&state=39edfe0259d68d7f484a53a6a3ec14eae7851161fdad1e4f" for 127.0.0.1 at 2016-09-22 10:04:45 +0000
+Started GET "/auth/gds" for 127.0.0.1 at 2016-11-25 13:43:40 +0000
+Started GET "/auth/gds/callback?code=c7121cd1cea22a0d021cbdb4beef41fbeddc85b6bb0b8fd7268230456d5a573d&state=5eed248724c469fac15036a056c5d65e577790d7fe7b1e69" for 127.0.0.1 at 2016-11-25 13:43:40 +0000
 Processing by AuthenticationsController#callback as HTML
-  Parameters: {"code"=>"3bd5a3ef3799d0de3ba38c816c33a4135bd7750c20a81c00b0958cd48d5983c2", "state"=>"39edfe0259d68d7f484a53a6a3ec14eae7851161fdad1e4f"}
+  Parameters: {"code"=>"c7121cd1cea22a0d021cbdb4beef41fbeddc85b6bb0b8fd7268230456d5a573d", "state"=>"5eed248724c469fac15036a056c5d65e577790d7fe7b1e69"}
 Authenticating with gds_sso strategy
   User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ?  ORDER BY "users"."id" ASC LIMIT 1  [["uid", "integration-uid"]]
    (0.1ms)  begin transaction
    (0.1ms)  commit transaction
-   (0.0ms)  begin transaction
-   (0.0ms)  commit transaction
+   (0.1ms)  begin transaction
+   (0.2ms)  commit transaction
 Redirected to http://www.example-client.com/restricted
-Completed 302 Found in 4ms (ActiveRecord: 0.3ms)
-Started GET "/restricted" for 127.0.0.1 at 2016-09-22 10:04:45 +0000
+Completed 302 Found in 5ms (ActiveRecord: 0.5ms)
+Started GET "/restricted" for 127.0.0.1 at 2016-11-25 13:43:40 +0000
 Processing by ExampleController#restricted as HTML
   User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? AND "users"."remotely_signed_out" = ?  ORDER BY "users"."id" ASC LIMIT 1  [["uid", "integration-uid"], ["remotely_signed_out", "f"]]
   Rendered text template (0.0ms)
-Completed 200 OK in 1ms (Views: 0.2ms | ActiveRecord: 0.1ms)
-Started GET "/restricted" for 127.0.0.1 at 2016-09-22 10:04:45 +0000
+Completed 200 OK in 2ms (Views: 0.3ms | ActiveRecord: 0.1ms)
+Started GET "/" for 127.0.0.1 at 2016-11-25 13:43:40 +0000
+Processing by ExampleController#index as HTML
+  Rendered text template (0.0ms)
+Completed 200 OK in 0ms (Views: 0.3ms | ActiveRecord: 0.0ms)
+Started GET "/restricted" for 127.0.0.1 at 2016-11-25 13:43:40 +0000
 Processing by ExampleController#restricted as HTML
 Authenticating with gds_sso strategy
 Completed   in 0ms (ActiveRecord: 0.0ms)
-Started GET "/auth/gds" for 127.0.0.1 at 2016-09-22 10:04:45 +0000
-Started GET "/auth/gds/callback?code=e80e7e12473417d318714132940a9420b125aa0ce11bf6bdfcbdd0e613854bf7&state=0d0ba0299e9b72adb823ce3d47866c057531f6ec40484b89" for 127.0.0.1 at 2016-09-22 10:04:45 +0000
+Started GET "/auth/gds" for 127.0.0.1 at 2016-11-25 13:43:40 +0000
+Started GET "/auth/gds/callback?code=e273b6559260f3bd87eb3087e91a591c7902f3a7d089611b83811612afe110d7&state=b3fa9d11984ff8b4842f4e48662dd782783279dc6b99696b" for 127.0.0.1 at 2016-11-25 13:43:41 +0000
 Processing by AuthenticationsController#callback as HTML
-  Parameters: {"code"=>"e80e7e12473417d318714132940a9420b125aa0ce11bf6bdfcbdd0e613854bf7", "state"=>"0d0ba0299e9b72adb823ce3d47866c057531f6ec40484b89"}
+  Parameters: {"code"=>"e273b6559260f3bd87eb3087e91a591c7902f3a7d089611b83811612afe110d7", "state"=>"b3fa9d11984ff8b4842f4e48662dd782783279dc6b99696b"}
 Authenticating with gds_sso strategy
   User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ?  ORDER BY "users"."id" ASC LIMIT 1  [["uid", "integration-uid"]]
    (0.1ms)  begin transaction
    (0.1ms)  commit transaction
-   (0.0ms)  begin transaction
-   (0.0ms)  commit transaction
+   (0.1ms)  begin transaction
+   (0.1ms)  commit transaction
 Redirected to http://www.example-client.com/restricted
-Completed 302 Found in 5ms (ActiveRecord: 0.3ms)
-Started GET "/restricted" for 127.0.0.1 at 2016-09-22 10:04:45 +0000
+Completed 302 Found in 5ms (ActiveRecord: 0.4ms)
+Started GET "/restricted" for 127.0.0.1 at 2016-11-25 13:43:41 +0000
 Processing by ExampleController#restricted as HTML
   User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? AND "users"."remotely_signed_out" = ?  ORDER BY "users"."id" ASC LIMIT 1  [["uid", "integration-uid"], ["remotely_signed_out", "f"]]
   Rendered text template (0.0ms)
-Completed 200 OK in 2ms (Views: 0.3ms | ActiveRecord: 0.1ms)
-Started GET "/" for 127.0.0.1 at 2016-09-22 10:04:45 +0000
-Processing by ExampleController#index as HTML
-  Rendered text template (0.0ms)
-Completed 200 OK in 0ms (Views: 0.3ms | ActiveRecord: 0.0ms)
-Started GET "/restricted" for 127.0.0.1 at 2016-09-22 10:04:45 +0000
+Completed 200 OK in 2ms (Views: 0.5ms | ActiveRecord: 0.1ms)
+Started GET "/restricted" for 127.0.0.1 at 2016-11-25 13:43:41 +0000
 Processing by ExampleController#restricted as HTML
 Authenticating with gds_sso strategy
 Completed   in 0ms (ActiveRecord: 0.0ms)
-Started GET "/auth/gds" for 127.0.0.1 at 2016-09-22 10:04:45 +0000
-Started GET "/auth/gds/callback?code=4d283d9f18e9d2785227159bc43fd152ea442acb67ea220f6ae2956d2e919df2&state=e64e1fa9e7c1ac11de1f04d6387ae79e57ddc60c1d4257af" for 127.0.0.1 at 2016-09-22 10:04:45 +0000
+Started GET "/auth/gds" for 127.0.0.1 at 2016-11-25 13:43:41 +0000
+Started GET "/auth/gds/callback?code=c6a66a12344832afab9212d4e958f24b8afc11e916094fcd85c2e3f0a2c19ed0&state=ea7fb51110108ccc0bae549b117fdd085f59962ee2574d55" for 127.0.0.1 at 2016-11-25 13:43:41 +0000
 Processing by AuthenticationsController#callback as HTML
-  Parameters: {"code"=>"4d283d9f18e9d2785227159bc43fd152ea442acb67ea220f6ae2956d2e919df2", "state"=>"e64e1fa9e7c1ac11de1f04d6387ae79e57ddc60c1d4257af"}
+  Parameters: {"code"=>"c6a66a12344832afab9212d4e958f24b8afc11e916094fcd85c2e3f0a2c19ed0", "state"=>"ea7fb51110108ccc0bae549b117fdd085f59962ee2574d55"}
 Authenticating with gds_sso strategy
   User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ?  ORDER BY "users"."id" ASC LIMIT 1  [["uid", "integration-uid"]]
    (0.1ms)  begin transaction
-   (0.0ms)  commit transaction
-   (0.0ms)  begin transaction
-   (0.0ms)  commit transaction
+   (0.1ms)  commit transaction
+   (0.1ms)  begin transaction
+   (0.1ms)  commit transaction
 Redirected to http://www.example-client.com/restricted
-Completed 302 Found in 4ms (ActiveRecord: 0.3ms)
-Started GET "/restricted" for 127.0.0.1 at 2016-09-22 10:04:45 +0000
+Completed 302 Found in 5ms (ActiveRecord: 0.4ms)
+Started GET "/restricted" for 127.0.0.1 at 2016-11-25 13:43:41 +0000
 Processing by ExampleController#restricted as HTML
   User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? AND "users"."remotely_signed_out" = ?  ORDER BY "users"."id" ASC LIMIT 1  [["uid", "integration-uid"], ["remotely_signed_out", "f"]]
   Rendered text template (0.0ms)
@@ -247,1224 +247,1224 @@ Completed 200 OK in 1ms (Views: 0.3ms | ActiveRecord: 0.1ms)
   User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."email" = ?  ORDER BY "users"."id" ASC LIMIT 1  [["email", "test@example-client.com"]]
    (0.1ms)  begin transaction
   SQL (0.1ms)  UPDATE "users" SET "remotely_signed_out" = ? WHERE "users"."id" = ?  [["remotely_signed_out", "t"], ["id", 12]]
-   (13.5ms)  commit transaction
-Started GET "/restricted" for 127.0.0.1 at 2016-09-22 10:04:46 +0000
+   (32.1ms)  commit transaction
+Started GET "/restricted" for 127.0.0.1 at 2016-11-25 13:43:41 +0000
 Processing by ExampleController#restricted as HTML
   User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? AND "users"."remotely_signed_out" = ?  ORDER BY "users"."id" ASC LIMIT 1  [["uid", "integration-uid"], ["remotely_signed_out", "f"]]
 Authenticating with gds_sso strategy
 Completed   in 1ms (ActiveRecord: 0.1ms)
-Started GET "/auth/gds" for 127.0.0.1 at 2016-09-22 10:04:46 +0000
-Started GET "/auth/gds/callback?code=666b5049819d8e54a22af51abaf5558d3f103c0ffac6b189a6cbf99edbe7ef9d&state=6c1985ff2a80d459373ac18a8de7775ad042699b1afcd5b7" for 127.0.0.1 at 2016-09-22 10:04:46 +0000
+Started GET "/auth/gds" for 127.0.0.1 at 2016-11-25 13:43:41 +0000
+Started GET "/auth/gds/callback?code=91b37d0ce383321139a08eca982c84913d700302e93332efe20934390b11cefb&state=e31feeb10724049b767acdeb26b0e740815c99b933970a73" for 127.0.0.1 at 2016-11-25 13:43:41 +0000
 Processing by AuthenticationsController#callback as HTML
-  Parameters: {"code"=>"666b5049819d8e54a22af51abaf5558d3f103c0ffac6b189a6cbf99edbe7ef9d", "state"=>"6c1985ff2a80d459373ac18a8de7775ad042699b1afcd5b7"}
+  Parameters: {"code"=>"91b37d0ce383321139a08eca982c84913d700302e93332efe20934390b11cefb", "state"=>"e31feeb10724049b767acdeb26b0e740815c99b933970a73"}
 Authenticating with gds_sso strategy
-  User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ?  ORDER BY "users"."id" ASC LIMIT 1  [["uid", "integration-uid"]]
+  User Load (0.2ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ?  ORDER BY "users"."id" ASC LIMIT 1  [["uid", "integration-uid"]]
    (0.1ms)  begin transaction
-   (0.0ms)  commit transaction
-   (0.0ms)  begin transaction
-  SQL (0.1ms)  UPDATE "users" SET "remotely_signed_out" = ? WHERE "users"."id" = ?  [["remotely_signed_out", "f"], ["id", 12]]
-   (9.5ms)  commit transaction
+   (0.1ms)  commit transaction
+   (0.1ms)  begin transaction
+  SQL (0.2ms)  UPDATE "users" SET "remotely_signed_out" = ? WHERE "users"."id" = ?  [["remotely_signed_out", "f"], ["id", 12]]
+   (76.4ms)  commit transaction
 Redirected to http://www.example-client.com/restricted
-Completed 302 Found in 14ms (ActiveRecord: 9.8ms)
-Started GET "/restricted" for 127.0.0.1 at 2016-09-22 10:04:46 +0000
+Completed 302 Found in 83ms (ActiveRecord: 77.0ms)
+Started GET "/restricted" for 127.0.0.1 at 2016-11-25 13:43:41 +0000
 Processing by ExampleController#restricted as HTML
-  User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? AND "users"."remotely_signed_out" = ?  ORDER BY "users"."id" ASC LIMIT 1  [["uid", "integration-uid"], ["remotely_signed_out", "f"]]
+  User Load (0.2ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? AND "users"."remotely_signed_out" = ?  ORDER BY "users"."id" ASC LIMIT 1  [["uid", "integration-uid"], ["remotely_signed_out", "f"]]
   Rendered text template (0.0ms)
-Completed 200 OK in 1ms (Views: 0.2ms | ActiveRecord: 0.1ms)
-Started GET "/restricted" for 127.0.0.1 at 2016-09-22 10:04:46 +0000
+Completed 200 OK in 2ms (Views: 0.4ms | ActiveRecord: 0.2ms)
+Started GET "/restricted" for 127.0.0.1 at 2016-11-25 13:43:41 +0000
 Processing by ExampleController#restricted as HTML
 Authenticating with gds_sso strategy
-Completed   in 0ms (ActiveRecord: 0.0ms)
-Started GET "/auth/gds" for 127.0.0.1 at 2016-09-22 10:04:46 +0000
-Started GET "/auth/gds/callback?code=de9bca40e4b7305e54229215af33ea91de4448f86e11b9e37cccec43cc8d48c7&state=3c2e7277a9146f0db8eb1330b3ea47ec75d933df6e9057b0" for 127.0.0.1 at 2016-09-22 10:04:46 +0000
+Completed   in 1ms (ActiveRecord: 0.0ms)
+Started GET "/auth/gds" for 127.0.0.1 at 2016-11-25 13:43:41 +0000
+Started GET "/auth/gds/callback?code=3b99a00462a1dfe651f70163d62ebf212b8f2f1efd089c2a86ff37db4246ea63&state=5244721127270573b884a62a75f352bbc73b9ff910a58055" for 127.0.0.1 at 2016-11-25 13:43:42 +0000
 Processing by AuthenticationsController#callback as HTML
-  Parameters: {"code"=>"de9bca40e4b7305e54229215af33ea91de4448f86e11b9e37cccec43cc8d48c7", "state"=>"3c2e7277a9146f0db8eb1330b3ea47ec75d933df6e9057b0"}
+  Parameters: {"code"=>"3b99a00462a1dfe651f70163d62ebf212b8f2f1efd089c2a86ff37db4246ea63", "state"=>"5244721127270573b884a62a75f352bbc73b9ff910a58055"}
 Authenticating with gds_sso strategy
-  User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ?  ORDER BY "users"."id" ASC LIMIT 1  [["uid", "integration-uid"]]
+  User Load (0.2ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ?  ORDER BY "users"."id" ASC LIMIT 1  [["uid", "integration-uid"]]
+   (0.2ms)  begin transaction
+   (0.1ms)  commit transaction
    (0.1ms)  begin transaction
-   (0.0ms)  commit transaction
-   (0.0ms)  begin transaction
-   (0.0ms)  commit transaction
+   (0.1ms)  commit transaction
 Redirected to http://www.example-client.com/restricted
-Completed 302 Found in 4ms (ActiveRecord: 0.3ms)
-Started GET "/restricted" for 127.0.0.1 at 2016-09-22 10:04:46 +0000
+Completed 302 Found in 7ms (ActiveRecord: 0.6ms)
+Started GET "/restricted" for 127.0.0.1 at 2016-11-25 13:43:42 +0000
 Processing by ExampleController#restricted as HTML
-  User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? AND "users"."remotely_signed_out" = ?  ORDER BY "users"."id" ASC LIMIT 1  [["uid", "integration-uid"], ["remotely_signed_out", "f"]]
+  User Load (0.2ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? AND "users"."remotely_signed_out" = ?  ORDER BY "users"."id" ASC LIMIT 1  [["uid", "integration-uid"], ["remotely_signed_out", "f"]]
   Rendered text template (0.0ms)
-Completed 200 OK in 1ms (Views: 0.2ms | ActiveRecord: 0.1ms)
-Started GET "/restricted" for 127.0.0.1 at 2016-09-23 06:09:46 +0000
+Completed 200 OK in 2ms (Views: 0.4ms | ActiveRecord: 0.2ms)
+Started GET "/restricted" for 127.0.0.1 at 2016-11-26 09:48:42 +0000
 Processing by ExampleController#restricted as HTML
 Authenticating with gds_sso strategy
 Completed   in 1ms (ActiveRecord: 0.0ms)
-Started GET "/auth/gds" for 127.0.0.1 at 2016-09-23 06:09:46 +0000
-Started GET "/restricted" for 127.0.0.1 at 2016-09-22 10:04:46 +0000
+Started GET "/auth/gds" for 127.0.0.1 at 2016-11-26 09:48:42 +0000
+Started GET "/restricted" for 127.0.0.1 at 2016-11-25 13:43:42 +0000
 Processing by ExampleController#restricted as HTML
 Authenticating with gds_sso strategy
 Completed   in 0ms (ActiveRecord: 0.0ms)
-Started GET "/auth/gds" for 127.0.0.1 at 2016-09-22 10:04:46 +0000
-Started GET "/auth/gds/callback?code=9a355be39c34c9a0815610977f9146f13ab252a74d1a64652c0252185c6db86a&state=33bdc210d2b198905360db27d43e95f50a276d9681f96201" for 127.0.0.1 at 2016-09-22 10:04:46 +0000
+Started GET "/auth/gds" for 127.0.0.1 at 2016-11-25 13:43:42 +0000
+Started GET "/auth/gds/callback?code=f28e50fefafb715670f3ddf85ead5a9fdf3164e254f40725781643754a7bd72e&state=e4fef793d433c8cbf96ea7ed2e6ce7c7a60a08a8947785ca" for 127.0.0.1 at 2016-11-25 13:43:42 +0000
 Processing by AuthenticationsController#callback as HTML
-  Parameters: {"code"=>"9a355be39c34c9a0815610977f9146f13ab252a74d1a64652c0252185c6db86a", "state"=>"33bdc210d2b198905360db27d43e95f50a276d9681f96201"}
+  Parameters: {"code"=>"f28e50fefafb715670f3ddf85ead5a9fdf3164e254f40725781643754a7bd72e", "state"=>"e4fef793d433c8cbf96ea7ed2e6ce7c7a60a08a8947785ca"}
 Authenticating with gds_sso strategy
   User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ?  ORDER BY "users"."id" ASC LIMIT 1  [["uid", "integration-uid"]]
    (0.1ms)  begin transaction
-   (0.0ms)  commit transaction
-   (0.0ms)  begin transaction
-   (0.0ms)  commit transaction
+   (0.1ms)  commit transaction
+   (0.1ms)  begin transaction
+   (0.1ms)  commit transaction
 Redirected to http://www.example-client.com/restricted
-Completed 302 Found in 4ms (ActiveRecord: 0.3ms)
-Started GET "/restricted" for 127.0.0.1 at 2016-09-22 10:04:46 +0000
+Completed 302 Found in 5ms (ActiveRecord: 0.4ms)
+Started GET "/restricted" for 127.0.0.1 at 2016-11-25 13:43:42 +0000
 Processing by ExampleController#restricted as HTML
   User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? AND "users"."remotely_signed_out" = ?  ORDER BY "users"."id" ASC LIMIT 1  [["uid", "integration-uid"], ["remotely_signed_out", "f"]]
   Rendered text template (0.0ms)
-Completed 200 OK in 1ms (Views: 0.3ms | ActiveRecord: 0.1ms)
-Started GET "/restricted" for 127.0.0.1 at 2016-09-23 06:09:46 +0000
+Completed 200 OK in 2ms (Views: 0.3ms | ActiveRecord: 0.1ms)
+Started GET "/restricted" for 127.0.0.1 at 2016-11-26 09:38:42 +0000
+Processing by ExampleController#restricted as HTML
+  User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? AND "users"."remotely_signed_out" = ?  ORDER BY "users"."id" ASC LIMIT 1  [["uid", "integration-uid"], ["remotely_signed_out", "f"]]
+  Rendered text template (0.0ms)
+Completed 200 OK in 1ms (Views: 0.2ms | ActiveRecord: 0.1ms)
+Started GET "/restricted" for 127.0.0.1 at 2016-11-25 13:43:42 +0000
 Processing by ExampleController#restricted as HTML
 Authenticating with gds_sso strategy
-Completed   in 1ms (ActiveRecord: 0.0ms)
-Started GET "/auth/gds" for 127.0.0.1 at 2016-09-23 06:09:46 +0000
-Started GET "/auth/gds/callback?code=ed72d86812db9837e8e5bd7c04d7b5a2f5020efed3879c80e3f242a633ba1017&state=df987ec9f6b7830e319fe8861a0ddb4aecf814bef2b2d675" for 127.0.0.1 at 2016-09-23 06:09:46 +0000
+Completed   in 0ms (ActiveRecord: 0.0ms)
+Started GET "/auth/gds" for 127.0.0.1 at 2016-11-25 13:43:42 +0000
+Started GET "/auth/gds/callback?code=6f7d011b37482536e90ab3d297ba7577b3e4b6db2297f06d1da2b0af5e7cd630&state=79f487227727059b4a1f1f3c11e85c063f4c80673f1c91b2" for 127.0.0.1 at 2016-11-25 13:43:42 +0000
 Processing by AuthenticationsController#callback as HTML
-  Parameters: {"code"=>"ed72d86812db9837e8e5bd7c04d7b5a2f5020efed3879c80e3f242a633ba1017", "state"=>"df987ec9f6b7830e319fe8861a0ddb4aecf814bef2b2d675"}
+  Parameters: {"code"=>"6f7d011b37482536e90ab3d297ba7577b3e4b6db2297f06d1da2b0af5e7cd630", "state"=>"79f487227727059b4a1f1f3c11e85c063f4c80673f1c91b2"}
 Authenticating with gds_sso strategy
-  User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ?  ORDER BY "users"."id" ASC LIMIT 1  [["uid", "integration-uid"]]
-   (0.1ms)  begin transaction
-   (0.1ms)  commit transaction
-   (0.1ms)  begin transaction
-   (0.1ms)  commit transaction
+  User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ?  ORDER BY "users"."id" ASC LIMIT 1  [["uid", "integration-uid"]]
+   (0.1ms)  begin transaction
+   (0.1ms)  commit transaction
+   (0.1ms)  begin transaction
+   (0.1ms)  commit transaction
 Redirected to http://www.example-client.com/restricted
-Completed 302 Found in 4ms (ActiveRecord: 0.4ms)
-Started GET "/restricted" for 127.0.0.1 at 2016-09-23 06:09:46 +0000
+Completed 302 Found in 5ms (ActiveRecord: 0.5ms)
+Started GET "/restricted" for 127.0.0.1 at 2016-11-25 13:43:42 +0000
 Processing by ExampleController#restricted as HTML
-  User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? AND "users"."remotely_signed_out" = ?  ORDER BY "users"."id" ASC LIMIT 1  [["uid", "integration-uid"], ["remotely_signed_out", "f"]]
+  User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? AND "users"."remotely_signed_out" = ?  ORDER BY "users"."id" ASC LIMIT 1  [["uid", "integration-uid"], ["remotely_signed_out", "f"]]
   Rendered text template (0.0ms)
 Completed 200 OK in 2ms (Views: 0.3ms | ActiveRecord: 0.1ms)
-Started GET "/restricted" for 127.0.0.1 at 2016-09-22 10:04:46 +0000
+Started GET "/restricted" for 127.0.0.1 at 2016-11-26 09:48:42 +0000
 Processing by ExampleController#restricted as HTML
 Authenticating with gds_sso strategy
-Completed   in 0ms (ActiveRecord: 0.0ms)
-Started GET "/auth/gds" for 127.0.0.1 at 2016-09-22 10:04:46 +0000
-Started GET "/auth/gds/callback?code=614129cc2216c3ed2623808fc34d41efc96659faed7781e820605b66469bbdc7&state=ed4ff213c34081723e6d6ade24bde9332954631d92781e43" for 127.0.0.1 at 2016-09-22 10:04:47 +0000
+Completed   in 1ms (ActiveRecord: 0.0ms)
+Started GET "/auth/gds" for 127.0.0.1 at 2016-11-26 09:48:42 +0000
+Started GET "/auth/gds/callback?code=88adb4c72e3a5a871dc1ba32021f4e7d210e6fac394e386579b5d9f1c3fdd553&state=4fea53313bf70e131656e8dd79083d763d4332b7e17cf8d2" for 127.0.0.1 at 2016-11-26 09:48:42 +0000
 Processing by AuthenticationsController#callback as HTML
-  Parameters: {"code"=>"614129cc2216c3ed2623808fc34d41efc96659faed7781e820605b66469bbdc7", "state"=>"ed4ff213c34081723e6d6ade24bde9332954631d92781e43"}
+  Parameters: {"code"=>"88adb4c72e3a5a871dc1ba32021f4e7d210e6fac394e386579b5d9f1c3fdd553", "state"=>"4fea53313bf70e131656e8dd79083d763d4332b7e17cf8d2"}
 Authenticating with gds_sso strategy
-  User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ?  ORDER BY "users"."id" ASC LIMIT 1  [["uid", "integration-uid"]]
-   (0.1ms)  begin transaction
-   (0.0ms)  commit transaction
-   (0.0ms)  begin transaction
-   (0.0ms)  commit transaction
+  User Load (0.2ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ?  ORDER BY "users"."id" ASC LIMIT 1  [["uid", "integration-uid"]]
+   (0.1ms)  begin transaction
+   (0.1ms)  commit transaction
+   (0.1ms)  begin transaction
+   (0.1ms)  commit transaction
 Redirected to http://www.example-client.com/restricted
-Completed 302 Found in 4ms (ActiveRecord: 0.3ms)
-Started GET "/restricted" for 127.0.0.1 at 2016-09-22 10:04:47 +0000
-Processing by ExampleController#restricted as HTML
-  User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? AND "users"."remotely_signed_out" = ?  ORDER BY "users"."id" ASC LIMIT 1  [["uid", "integration-uid"], ["remotely_signed_out", "f"]]
-  Rendered text template (0.0ms)
-Completed 200 OK in 1ms (Views: 0.2ms | ActiveRecord: 0.1ms)
-Started GET "/restricted" for 127.0.0.1 at 2016-09-23 05:59:47 +0000
+Completed 302 Found in 5ms (ActiveRecord: 0.5ms)
+Started GET "/restricted" for 127.0.0.1 at 2016-11-26 09:48:42 +0000
 Processing by ExampleController#restricted as HTML
   User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? AND "users"."remotely_signed_out" = ?  ORDER BY "users"."id" ASC LIMIT 1  [["uid", "integration-uid"], ["remotely_signed_out", "f"]]
   Rendered text template (0.0ms)
-Completed 200 OK in 1ms (Views: 0.2ms | ActiveRecord: 0.1ms)
-   (14.3ms)  CREATE TABLE "users" ("id" INTEGER PRIMARY KEY AUTOINCREMENT NOT NULL, "name" varchar NOT NULL, "uid" varchar NOT NULL, "email" varchar NOT NULL, "remotely_signed_out" boolean, "permissions" text, "organisation_slug" varchar, "organisation_content_id" varchar, "disabled" boolean DEFAULT 'f')
-   (15.5ms)  CREATE TABLE "ar_internal_metadata" ("key" varchar NOT NULL PRIMARY KEY, "value" varchar, "created_at" datetime NOT NULL, "updated_at" datetime NOT NULL)
+Completed 200 OK in 2ms (Views: 0.3ms | ActiveRecord: 0.1ms)
+   (29.8ms)  CREATE TABLE "users" ("id" INTEGER PRIMARY KEY AUTOINCREMENT NOT NULL, "name" varchar NOT NULL, "uid" varchar NOT NULL, "email" varchar NOT NULL, "remotely_signed_out" boolean, "permissions" text, "organisation_slug" varchar, "organisation_content_id" varchar, "disabled" boolean DEFAULT 'f')
+   (17.4ms)  CREATE TABLE "ar_internal_metadata" ("key" varchar NOT NULL PRIMARY KEY, "value" varchar, "created_at" datetime NOT NULL, "updated_at" datetime NOT NULL)
   ActiveRecord::InternalMetadata Load (0.2ms)  SELECT  "ar_internal_metadata".* FROM "ar_internal_metadata" WHERE "ar_internal_metadata"."key" = ? LIMIT ?  [["key", :environment], ["LIMIT", 1]]
    (0.1ms)  begin transaction
-  SQL (0.2ms)  INSERT INTO "ar_internal_metadata" ("key", "value", "created_at", "updated_at") VALUES (?, ?, ?, ?)  [["key", "environment"], ["value", "test"], ["created_at", 2016-09-22 10:04:57 UTC], ["updated_at", 2016-09-22 10:04:57 UTC]]
-   (13.9ms)  commit transaction
-   (11.6ms)  CREATE TABLE "schema_migrations" ("version" varchar NOT NULL PRIMARY KEY)
+  SQL (0.2ms)  INSERT INTO "ar_internal_metadata" ("key", "value", "created_at", "updated_at") VALUES (?, ?, ?, ?)  [["key", "environment"], ["value", "test"], ["created_at", 2016-11-25 13:43:49 UTC], ["updated_at", 2016-11-25 13:43:49 UTC]]
+   (17.1ms)  commit transaction
+   (12.4ms)  CREATE TABLE "schema_migrations" ("version" varchar NOT NULL PRIMARY KEY)
   ActiveRecord::InternalMetadata Load (0.2ms)  SELECT  "ar_internal_metadata".* FROM "ar_internal_metadata" WHERE "ar_internal_metadata"."key" = ? LIMIT ?  [["key", :environment], ["LIMIT", 1]]
    (0.1ms)  begin transaction
    (0.1ms)  commit transaction
-  User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? ORDER BY "users"."id" ASC LIMIT ?  [["uid", "asd"], ["LIMIT", 1]]
+  User Load (0.2ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? ORDER BY "users"."id" ASC LIMIT ?  [["uid", "asd"], ["LIMIT", 1]]
   User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."email" = ? ORDER BY "users"."id" ASC LIMIT ?  [["email", "user@example.com"], ["LIMIT", 1]]
    (0.1ms)  begin transaction
   SQL (0.2ms)  INSERT INTO "users" ("name", "uid", "email", "permissions", "organisation_slug", "organisation_content_id", "disabled") VALUES (?, ?, ?, ?, ?, ?, ?)  [["name", "A Name"], ["uid", "asd"], ["email", "user@example.com"], ["permissions", "---\n- signin\n"], ["organisation_slug", "hmrc"], ["organisation_content_id", "67a2b78d-eee3-45b3-80e2-792e7f71cecc"], ["disabled", nil]]
-   (11.8ms)  commit transaction
+   (50.4ms)  commit transaction
   User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? ORDER BY "users"."id" ASC LIMIT ?  [["uid", "asd"], ["LIMIT", 1]]
    (0.1ms)  begin transaction
-   (0.0ms)  commit transaction
-Started GET "/restricted" for 127.0.0.1 at 2016-09-22 10:04:58 +0000
-Processing by ExampleController#restricted as JSON
-Completed   in 29ms (ActiveRecord: 0.0ms)
-Started GET "/restricted" for 127.0.0.1 at 2016-09-22 10:04:58 +0000
-Processing by ExampleController#restricted as JSON
-  User Load (0.2ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? ORDER BY "users"."id" ASC LIMIT ?  [["uid", "integration-uid"], ["LIMIT", 1]]
-  User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."email" = ? ORDER BY "users"."id" ASC LIMIT ?  [["email", "test@example-client.com"], ["LIMIT", 1]]
-   (0.0ms)  begin transaction
-  SQL (0.2ms)  INSERT INTO "users" ("name", "uid", "email", "permissions", "disabled") VALUES (?, ?, ?, ?, ?)  [["name", "Test User"], ["uid", "integration-uid"], ["email", "test@example-client.com"], ["permissions", "---\n- signin\n"], ["disabled", nil]]
-   (10.4ms)  commit transaction
-  User Load (0.2ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? ORDER BY "users"."id" ASC LIMIT ?  [["uid", "integration-uid"], ["LIMIT", 1]]
-   (0.0ms)  begin transaction
    (0.1ms)  commit transaction
-  CACHE (0.0ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? ORDER BY "users"."id" ASC LIMIT ?  [["uid", "integration-uid"], ["LIMIT", 1]]
    (0.1ms)  begin transaction
-   (0.1ms)  commit transaction
-  CACHE (0.0ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? ORDER BY "users"."id" ASC LIMIT ?  [["uid", "integration-uid"], ["LIMIT", 1]]
+  SQL (0.2ms)  INSERT INTO "users" ("name", "uid", "email", "permissions") VALUES (?, ?, ?, ?)  [["name", "Moshua Jarshall"], ["uid", "a1s2d37643"], ["email", "old@domain.com"], ["permissions", "---\n- signin\n"]]
+   (29.4ms)  commit transaction
    (0.1ms)  begin transaction
-   (0.0ms)  commit transaction
+  SQL (1.8ms)  INSERT INTO "users" ("name", "uid", "email", "permissions") VALUES (?, ?, ?, ?)  [["name", "SSO Push user"], ["uid", "a1s2d34253"], ["email", "ssopushuser@legit.com"], ["permissions", "---\n- signin\n- user_update_permission\n"]]
+   (26.6ms)  commit transaction
+Processing by Api::UserController#reauth as HTML
+  Parameters: {"uid"=>"a1s2d37643"}
+  Rendering /home/jenkins/workspace/govuk_gds_sso/app/views/authorisations/unauthorised.html.erb within layouts/unauthorised
+  Rendered /home/jenkins/workspace/govuk_gds_sso/app/views/authorisations/unauthorised.html.erb within layouts/unauthorised (0.2ms)
+Completed 403 Forbidden in 9ms (Views: 8.7ms | ActiveRecord: 0.0ms)
    (0.1ms)  begin transaction
-  SQL (0.2ms)  UPDATE "users" SET "remotely_signed_out" = ? WHERE "users"."id" = ?  [["remotely_signed_out", false], ["id", 2]]
-   (7.7ms)  commit transaction
-  Rendering text template
-  Rendered text template (0.0ms)
-Completed 200 OK in 90ms (Views: 2.9ms | ActiveRecord: 19.6ms)
-Started GET "/this_requires_signin_permission" for 127.0.0.1 at 2016-09-22 10:04:58 +0000
-Processing by ExampleController#this_requires_signin_permission as JSON
-  User Load (0.2ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? ORDER BY "users"."id" ASC LIMIT ?  [["uid", "integration-uid"], ["LIMIT", 1]]
+  SQL (0.2ms)  INSERT INTO "users" ("name", "uid", "email", "permissions") VALUES (?, ?, ?, ?)  [["name", "Moshua Jarshall"], ["uid", "a1s2d39074"], ["email", "old@domain.com"], ["permissions", "---\n- signin\n"]]
+   (12.7ms)  commit transaction
    (0.1ms)  begin transaction
-   (0.0ms)  commit transaction
-  CACHE (0.0ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? ORDER BY "users"."id" ASC LIMIT ?  [["uid", "integration-uid"], ["LIMIT", 1]]
+  SQL (0.2ms)  INSERT INTO "users" ("name", "uid", "email", "permissions") VALUES (?, ?, ?, ?)  [["name", "SSO Push user"], ["uid", "a1s2d36182"], ["email", "ssopushuser@legit.com"], ["permissions", "---\n- signin\n- user_update_permission\n"]]
+   (34.5ms)  commit transaction
+Processing by Api::UserController#reauth as HTML
+  Parameters: {"uid"=>"nonexistent-user"}
+  User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? ORDER BY "users"."id" ASC LIMIT ?  [["uid", "nonexistent-user"], ["LIMIT", 1]]
+Completed 200 OK in 1ms (ActiveRecord: 0.1ms)
    (0.1ms)  begin transaction
-   (0.0ms)  commit transaction
-  CACHE (0.0ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? ORDER BY "users"."id" ASC LIMIT ?  [["uid", "integration-uid"], ["LIMIT", 1]]
+  SQL (0.2ms)  INSERT INTO "users" ("name", "uid", "email", "permissions") VALUES (?, ?, ?, ?)  [["name", "Moshua Jarshall"], ["uid", "a1s2d38554"], ["email", "old@domain.com"], ["permissions", "---\n- signin\n"]]
+   (18.3ms)  commit transaction
    (0.1ms)  begin transaction
-   (0.0ms)  commit transaction
-  CACHE (0.0ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? ORDER BY "users"."id" ASC LIMIT ?  [["uid", "integration-uid"], ["LIMIT", 1]]
+  SQL (0.2ms)  INSERT INTO "users" ("name", "uid", "email", "permissions") VALUES (?, ?, ?, ?)  [["name", "SSO Push user"], ["uid", "a1s2d39994"], ["email", "ssopushuser@legit.com"], ["permissions", "---\n- signin\n- user_update_permission\n"]]
+   (29.3ms)  commit transaction
+Processing by Api::UserController#reauth as HTML
+  Parameters: {"uid"=>"a1s2d38554"}
+  User Load (0.2ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? ORDER BY "users"."id" ASC LIMIT ?  [["uid", "a1s2d38554"], ["LIMIT", 1]]
    (0.1ms)  begin transaction
-   (0.0ms)  commit transaction
-  Rendering text template
-  Rendered text template (0.0ms)
-Completed 200 OK in 62ms (Views: 0.3ms | ActiveRecord: 0.7ms)
-Started GET "/restricted" for 127.0.0.1 at 2016-09-22 10:04:58 +0000
-Processing by ExampleController#restricted as JSON
-Completed   in 16ms (ActiveRecord: 0.0ms)
-Started GET "/" for 127.0.0.1 at 2016-09-22 10:04:58 +0000
-Processing by ExampleController#index as HTML
-  Rendering text template
-  Rendered text template (0.0ms)
-Completed 200 OK in 0ms (Views: 0.3ms | ActiveRecord: 0.0ms)
-Started GET "/restricted" for 127.0.0.1 at 2016-09-22 10:04:58 +0000
+  SQL (0.2ms)  UPDATE "users" SET "remotely_signed_out" = ? WHERE "users"."id" = ?  [["remotely_signed_out", true], ["id", 6]]
+   (47.6ms)  commit transaction
+Completed 200 OK in 52ms (ActiveRecord: 48.0ms)
+  User Load (0.2ms)  SELECT  "users".* FROM "users" WHERE "users"."id" = ? LIMIT ?  [["id", 6], ["LIMIT", 1]]
+   (0.1ms)  begin transaction
+  SQL (0.2ms)  INSERT INTO "users" ("name", "uid", "email", "permissions") VALUES (?, ?, ?, ?)  [["name", "Moshua Jarshall"], ["uid", "a1s2d39438"], ["email", "old@domain.com"], ["permissions", "---\n- signin\n"]]
+   (32.8ms)  commit transaction
+   (0.1ms)  begin transaction
+  SQL (0.2ms)  INSERT INTO "users" ("name", "uid", "email", "permissions") VALUES (?, ?, ?, ?)  [["name", "SSO Push user"], ["uid", "a1s2d32962"], ["email", "ssopushuser@legit.com"], ["permissions", "---\n- signin\n- user_update_permission\n"]]
+   (22.7ms)  commit transaction
+Processing by Api::UserController#update as HTML
+  Parameters: {"uid"=>"a1s2d39438"}
+  Rendering /home/jenkins/workspace/govuk_gds_sso/app/views/authorisations/unauthorised.html.erb within layouts/unauthorised
+  Rendered /home/jenkins/workspace/govuk_gds_sso/app/views/authorisations/unauthorised.html.erb within layouts/unauthorised (0.1ms)
+Completed 403 Forbidden in 1ms (Views: 0.9ms | ActiveRecord: 0.0ms)
+   (0.1ms)  begin transaction
+  SQL (0.3ms)  INSERT INTO "users" ("name", "uid", "email", "permissions") VALUES (?, ?, ?, ?)  [["name", "Moshua Jarshall"], ["uid", "a1s2d32517"], ["email", "old@domain.com"], ["permissions", "---\n- signin\n"]]
+   (42.2ms)  commit transaction
+   (0.1ms)  begin transaction
+  SQL (0.2ms)  INSERT INTO "users" ("name", "uid", "email", "permissions") VALUES (?, ?, ?, ?)  [["name", "SSO Push user"], ["uid", "a1s2d32395"], ["email", "ssopushuser@legit.com"], ["permissions", "---\n- signin\n- user_update_permission\n"]]
+   (59.3ms)  commit transaction
+Processing by Api::UserController#update as HTML
+  Parameters: {"uid"=>"a1s2d32517"}
+  User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? ORDER BY "users"."id" ASC LIMIT ?  [["uid", "a1s2d32517"], ["LIMIT", 1]]
+   (0.1ms)  begin transaction
+  SQL (0.2ms)  UPDATE "users" SET "email" = ?, "name" = ?, "permissions" = ?, "organisation_slug" = ?, "organisation_content_id" = ? WHERE "users"."id" = ?  [["email", "user@domain.com"], ["name", "Joshua Marshall"], ["permissions", "---\n- signin\n- new permission\n"], ["organisation_slug", "justice-league"], ["organisation_content_id", "aae1319e-5788-4677-998c-f1a53af528d0"], ["id", 10]]
+   (41.8ms)  commit transaction
+Completed 200 OK in 47ms (ActiveRecord: 42.3ms)
+  User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."id" = ? LIMIT ?  [["id", 10], ["LIMIT", 1]]
+Started GET "/restricted" for 127.0.0.1 at 2016-11-25 13:43:50 +0000
 Processing by ExampleController#restricted as HTML
 Authenticating with gds_sso strategy
-Completed   in 0ms (ActiveRecord: 0.0ms)
-Started GET "/auth/gds" for 127.0.0.1 at 2016-09-22 10:04:58 +0000
-Started GET "/auth/gds/callback?code=22fc26cd4b42b8deb746458cef08cbc063f120f6d0771ce6df837be0d0305fd2&state=a289207cec96fcc18209588dad1b6517be8b31689f37928f" for 127.0.0.1 at 2016-09-22 10:04:58 +0000
+Completed   in 9ms (ActiveRecord: 0.0ms)
+Started GET "/auth/gds" for 127.0.0.1 at 2016-11-25 13:43:50 +0000
+Started GET "/auth/gds/callback?code=20e5974b28bfda5733c3cf3ee87d0f8ac998ae732db51dcbd2cc21f94db3a7ca&state=89a9ffe6907fbf149376136993a1a3dd5fe6d97223b5fa83" for 127.0.0.1 at 2016-11-25 13:43:50 +0000
 Processing by AuthenticationsController#callback as HTML
-  Parameters: {"code"=>"22fc26cd4b42b8deb746458cef08cbc063f120f6d0771ce6df837be0d0305fd2", "state"=>"a289207cec96fcc18209588dad1b6517be8b31689f37928f"}
+  Parameters: {"code"=>"20e5974b28bfda5733c3cf3ee87d0f8ac998ae732db51dcbd2cc21f94db3a7ca", "state"=>"89a9ffe6907fbf149376136993a1a3dd5fe6d97223b5fa83"}
 Authenticating with gds_sso strategy
-  User Load (0.2ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? ORDER BY "users"."id" ASC LIMIT ?  [["uid", "integration-uid"], ["LIMIT", 1]]
+  User Load (0.3ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? ORDER BY "users"."id" ASC LIMIT ?  [["uid", "integration-uid"], ["LIMIT", 1]]
+  User Load (0.2ms)  SELECT  "users".* FROM "users" WHERE "users"."email" = ? ORDER BY "users"."id" ASC LIMIT ?  [["email", "test@example-client.com"], ["LIMIT", 1]]
+   (0.1ms)  begin transaction
+  SQL (0.2ms)  INSERT INTO "users" ("name", "uid", "email", "permissions") VALUES (?, ?, ?, ?)  [["name", "Test User"], ["uid", "integration-uid"], ["email", "test@example-client.com"], ["permissions", "---\n- signin\n"]]
+   (14.9ms)  commit transaction
    (0.1ms)  begin transaction
-  SQL (0.2ms)  UPDATE "users" SET "disabled" = ? WHERE "users"."id" = ?  [["disabled", false], ["id", 2]]
-   (23.8ms)  commit transaction
+  SQL (0.2ms)  UPDATE "users" SET "remotely_signed_out" = ? WHERE "users"."id" = ?  [["remotely_signed_out", false], ["id", 12]]
+   (30.0ms)  commit transaction
 Redirected to http://www.example-client.com/restricted
-Completed 302 Found in 30ms (ActiveRecord: 24.3ms)
-Started GET "/restricted" for 127.0.0.1 at 2016-09-22 10:04:58 +0000
+Completed 302 Found in 52ms (ActiveRecord: 45.9ms)
+Started GET "/restricted" for 127.0.0.1 at 2016-11-25 13:43:50 +0000
 Processing by ExampleController#restricted as HTML
-  User Load (0.3ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? AND "users"."remotely_signed_out" = ? ORDER BY "users"."id" ASC LIMIT ?  [["uid", "integration-uid"], ["remotely_signed_out", false], ["LIMIT", 1]]
+  User Load (0.4ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? AND "users"."remotely_signed_out" = ? ORDER BY "users"."id" ASC LIMIT ?  [["uid", "integration-uid"], ["remotely_signed_out", false], ["LIMIT", 1]]
   Rendering text template
   Rendered text template (0.0ms)
-Completed 200 OK in 3ms (Views: 0.3ms | ActiveRecord: 0.3ms)
-Started GET "/this_requires_signin_permission" for 127.0.0.1 at 2016-09-22 10:04:58 +0000
+Completed 200 OK in 5ms (Views: 2.2ms | ActiveRecord: 0.4ms)
+Started GET "/this_requires_signin_permission" for 127.0.0.1 at 2016-11-25 13:43:50 +0000
 Processing by ExampleController#this_requires_signin_permission as HTML
 Authenticating with gds_sso strategy
-Completed   in 0ms (ActiveRecord: 0.0ms)
-Started GET "/auth/gds" for 127.0.0.1 at 2016-09-22 10:04:58 +0000
-Started GET "/auth/gds/callback?code=9cb18cadeff6d4f1b02b63f9b97f04bc2bd686ffd61b4d7947dc17fa890a0bbb&state=7cde7e30fa83228141312fd8fe9392776c048d5e26d8f21d" for 127.0.0.1 at 2016-09-22 10:04:58 +0000
+Completed   in 1ms (ActiveRecord: 0.0ms)
+Started GET "/auth/gds" for 127.0.0.1 at 2016-11-25 13:43:50 +0000
+Started GET "/auth/gds/callback?code=d9fce11583aecbac87e2f6d47bb6e16808e7975493bdf51cfff2486ed0c3ee6f&state=a314d62a587f324f4677a42240877eeafb1aa2868a6e8add" for 127.0.0.1 at 2016-11-25 13:43:51 +0000
 Processing by AuthenticationsController#callback as HTML
-  Parameters: {"code"=>"9cb18cadeff6d4f1b02b63f9b97f04bc2bd686ffd61b4d7947dc17fa890a0bbb", "state"=>"7cde7e30fa83228141312fd8fe9392776c048d5e26d8f21d"}
+  Parameters: {"code"=>"d9fce11583aecbac87e2f6d47bb6e16808e7975493bdf51cfff2486ed0c3ee6f", "state"=>"a314d62a587f324f4677a42240877eeafb1aa2868a6e8add"}
 Authenticating with gds_sso strategy
-  User Load (0.2ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? ORDER BY "users"."id" ASC LIMIT ?  [["uid", "integration-uid"], ["LIMIT", 1]]
+  User Load (0.3ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? ORDER BY "users"."id" ASC LIMIT ?  [["uid", "integration-uid"], ["LIMIT", 1]]
    (0.1ms)  begin transaction
    (0.1ms)  commit transaction
 Redirected to http://www.example-client.com/this_requires_signin_permission
-Completed 302 Found in 3ms (ActiveRecord: 0.3ms)
-Started GET "/this_requires_signin_permission" for 127.0.0.1 at 2016-09-22 10:04:59 +0000
+Completed 302 Found in 5ms (ActiveRecord: 0.4ms)
+Started GET "/this_requires_signin_permission" for 127.0.0.1 at 2016-11-25 13:43:51 +0000
 Processing by ExampleController#this_requires_signin_permission as HTML
   User Load (0.2ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? AND "users"."remotely_signed_out" = ? ORDER BY "users"."id" ASC LIMIT ?  [["uid", "integration-uid"], ["remotely_signed_out", false], ["LIMIT", 1]]
   Rendering text template
   Rendered text template (0.0ms)
-Completed 200 OK in 2ms (Views: 0.3ms | ActiveRecord: 0.2ms)
-Started GET "/this_requires_signin_permission" for 127.0.0.1 at 2016-09-22 10:04:59 +0000
+Completed 200 OK in 2ms (Views: 0.4ms | ActiveRecord: 0.2ms)
+Started GET "/this_requires_signin_permission" for 127.0.0.1 at 2016-11-25 13:43:51 +0000
 Processing by ExampleController#this_requires_signin_permission as HTML
 Authenticating with gds_sso strategy
 Completed   in 0ms (ActiveRecord: 0.0ms)
-Started GET "/auth/gds" for 127.0.0.1 at 2016-09-22 10:04:59 +0000
-Started GET "/auth/gds/callback?code=2823476a6ee1050f637ff2265f75bc6ddf2ccce57c825305300983f9e3cfc6d1&state=982680112c5de2cdc2bc8e06e880f84ccaa24bacf576de69" for 127.0.0.1 at 2016-09-22 10:04:59 +0000
+Started GET "/auth/gds" for 127.0.0.1 at 2016-11-25 13:43:51 +0000
+Started GET "/auth/gds/callback?code=6e3eb4fa26ff4b043ec518a09c79e706aa089ed45f288298c49a230e5351d616&state=0c61be3bded0f5f657cd3d29653417788c385768c992d61d" for 127.0.0.1 at 2016-11-25 13:43:51 +0000
 Processing by AuthenticationsController#callback as HTML
-  Parameters: {"code"=>"2823476a6ee1050f637ff2265f75bc6ddf2ccce57c825305300983f9e3cfc6d1", "state"=>"982680112c5de2cdc2bc8e06e880f84ccaa24bacf576de69"}
+  Parameters: {"code"=>"6e3eb4fa26ff4b043ec518a09c79e706aa089ed45f288298c49a230e5351d616", "state"=>"0c61be3bded0f5f657cd3d29653417788c385768c992d61d"}
 Authenticating with gds_sso strategy
-  User Load (0.2ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? ORDER BY "users"."id" ASC LIMIT ?  [["uid", "integration-uid"], ["LIMIT", 1]]
-   (0.0ms)  begin transaction
-   (0.0ms)  commit transaction
+  User Load (0.4ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? ORDER BY "users"."id" ASC LIMIT ?  [["uid", "integration-uid"], ["LIMIT", 1]]
+   (0.1ms)  begin transaction
+   (0.1ms)  commit transaction
 Redirected to http://www.example-client.com/this_requires_signin_permission
-Completed 302 Found in 3ms (ActiveRecord: 0.3ms)
-Started GET "/this_requires_signin_permission" for 127.0.0.1 at 2016-09-22 10:04:59 +0000
+Completed 302 Found in 6ms (ActiveRecord: 0.6ms)
+Started GET "/this_requires_signin_permission" for 127.0.0.1 at 2016-11-25 13:43:51 +0000
 Processing by ExampleController#this_requires_signin_permission as HTML
-  User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? AND "users"."remotely_signed_out" = ? ORDER BY "users"."id" ASC LIMIT ?  [["uid", "integration-uid"], ["remotely_signed_out", false], ["LIMIT", 1]]
+  User Load (0.3ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? AND "users"."remotely_signed_out" = ? ORDER BY "users"."id" ASC LIMIT ?  [["uid", "integration-uid"], ["remotely_signed_out", false], ["LIMIT", 1]]
   Rendering text template
   Rendered text template (0.0ms)
-Completed 200 OK in 1ms (Views: 0.3ms | ActiveRecord: 0.1ms)
-Started GET "/restricted" for 127.0.0.1 at 2016-09-22 10:04:59 +0000
+Completed 200 OK in 3ms (Views: 0.5ms | ActiveRecord: 0.3ms)
+Started GET "/" for 127.0.0.1 at 2016-11-25 13:43:51 +0000
+Processing by ExampleController#index as HTML
+  Rendering text template
+  Rendered text template (0.0ms)
+Completed 200 OK in 1ms (Views: 0.6ms | ActiveRecord: 0.0ms)
+Started GET "/restricted" for 127.0.0.1 at 2016-11-25 13:43:51 +0000
 Processing by ExampleController#restricted as HTML
 Authenticating with gds_sso strategy
 Completed   in 0ms (ActiveRecord: 0.0ms)
-Started GET "/auth/gds" for 127.0.0.1 at 2016-09-22 10:04:59 +0000
-Started GET "/auth/gds/callback?code=955013d6882fc1960189c5fc56a89ef7b5a5e4f88da1e5eff4ed3d771f492bc3&state=aef829bc374ebffb7a98a7ddfc843354cb8ecd65a0f55689" for 127.0.0.1 at 2016-09-22 10:04:59 +0000
+Started GET "/auth/gds" for 127.0.0.1 at 2016-11-25 13:43:51 +0000
+Started GET "/auth/gds/callback?code=fc3efc5ff3e6060cea9e71bb6e6f3e4a80fc3d949453918978e3f2438d96aa76&state=8841e8604f5e521c89e68560267b5ac26804f9f55030e105" for 127.0.0.1 at 2016-11-25 13:43:51 +0000
 Processing by AuthenticationsController#callback as HTML
-  Parameters: {"code"=>"955013d6882fc1960189c5fc56a89ef7b5a5e4f88da1e5eff4ed3d771f492bc3", "state"=>"aef829bc374ebffb7a98a7ddfc843354cb8ecd65a0f55689"}
+  Parameters: {"code"=>"fc3efc5ff3e6060cea9e71bb6e6f3e4a80fc3d949453918978e3f2438d96aa76", "state"=>"8841e8604f5e521c89e68560267b5ac26804f9f55030e105"}
 Authenticating with gds_sso strategy
-  User Load (0.2ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? ORDER BY "users"."id" ASC LIMIT ?  [["uid", "integration-uid"], ["LIMIT", 1]]
-   (0.0ms)  begin transaction
-   (0.0ms)  commit transaction
+  User Load (0.3ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? ORDER BY "users"."id" ASC LIMIT ?  [["uid", "integration-uid"], ["LIMIT", 1]]
+   (0.1ms)  begin transaction
+   (0.1ms)  commit transaction
 Redirected to http://www.example-client.com/restricted
-Completed 302 Found in 3ms (ActiveRecord: 0.3ms)
-Started GET "/restricted" for 127.0.0.1 at 2016-09-22 10:04:59 +0000
+Completed 302 Found in 4ms (ActiveRecord: 0.4ms)
+Started GET "/restricted" for 127.0.0.1 at 2016-11-25 13:43:51 +0000
 Processing by ExampleController#restricted as HTML
-  User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? AND "users"."remotely_signed_out" = ? ORDER BY "users"."id" ASC LIMIT ?  [["uid", "integration-uid"], ["remotely_signed_out", false], ["LIMIT", 1]]
+  User Load (0.2ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? AND "users"."remotely_signed_out" = ? ORDER BY "users"."id" ASC LIMIT ?  [["uid", "integration-uid"], ["remotely_signed_out", false], ["LIMIT", 1]]
   Rendering text template
   Rendered text template (0.0ms)
-Completed 200 OK in 1ms (Views: 0.3ms | ActiveRecord: 0.1ms)
-Started GET "/restricted" for 127.0.0.1 at 2016-09-22 10:04:59 +0000
+Completed 200 OK in 2ms (Views: 0.6ms | ActiveRecord: 0.2ms)
+Started GET "/restricted" for 127.0.0.1 at 2016-11-25 13:43:51 +0000
 Processing by ExampleController#restricted as HTML
 Authenticating with gds_sso strategy
 Completed   in 0ms (ActiveRecord: 0.0ms)
-Started GET "/auth/gds" for 127.0.0.1 at 2016-09-22 10:04:59 +0000
-Started GET "/auth/gds/callback?code=61c694ad088e5c3049c04c7ccece4823664f2bd89eda1848fb258805c6f346bf&state=7c1a9663c5d12471c4bbf30286fe550c941960f7c7850148" for 127.0.0.1 at 2016-09-22 10:04:59 +0000
+Started GET "/auth/gds" for 127.0.0.1 at 2016-11-25 13:43:51 +0000
+Started GET "/auth/gds/callback?code=37e4f12f3139b7f09ca5138a666348adbe2de9fef12018724e8c9b4599e50f1b&state=d0de14ea6a33f30df7db5659413a176dfc1e367582af40f6" for 127.0.0.1 at 2016-11-25 13:43:51 +0000
 Processing by AuthenticationsController#callback as HTML
-  Parameters: {"code"=>"61c694ad088e5c3049c04c7ccece4823664f2bd89eda1848fb258805c6f346bf", "state"=>"7c1a9663c5d12471c4bbf30286fe550c941960f7c7850148"}
+  Parameters: {"code"=>"37e4f12f3139b7f09ca5138a666348adbe2de9fef12018724e8c9b4599e50f1b", "state"=>"d0de14ea6a33f30df7db5659413a176dfc1e367582af40f6"}
 Authenticating with gds_sso strategy
-  User Load (0.2ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? ORDER BY "users"."id" ASC LIMIT ?  [["uid", "integration-uid"], ["LIMIT", 1]]
-   (0.0ms)  begin transaction
-   (0.0ms)  commit transaction
+  User Load (0.3ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? ORDER BY "users"."id" ASC LIMIT ?  [["uid", "integration-uid"], ["LIMIT", 1]]
+   (0.1ms)  begin transaction
+   (0.1ms)  commit transaction
 Redirected to http://www.example-client.com/restricted
-Completed 302 Found in 3ms (ActiveRecord: 0.3ms)
-Started GET "/restricted" for 127.0.0.1 at 2016-09-22 10:04:59 +0000
+Completed 302 Found in 4ms (ActiveRecord: 0.4ms)
+Started GET "/restricted" for 127.0.0.1 at 2016-11-25 13:43:51 +0000
 Processing by ExampleController#restricted as HTML
-  User Load (0.2ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? AND "users"."remotely_signed_out" = ? ORDER BY "users"."id" ASC LIMIT ?  [["uid", "integration-uid"], ["remotely_signed_out", false], ["LIMIT", 1]]
+  User Load (0.3ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? AND "users"."remotely_signed_out" = ? ORDER BY "users"."id" ASC LIMIT ?  [["uid", "integration-uid"], ["remotely_signed_out", false], ["LIMIT", 1]]
   Rendering text template
   Rendered text template (0.0ms)
-Completed 200 OK in 2ms (Views: 0.3ms | ActiveRecord: 0.2ms)
-Started GET "/restricted" for 127.0.0.1 at 2016-09-22 10:04:59 +0000
+Completed 200 OK in 2ms (Views: 0.3ms | ActiveRecord: 0.3ms)
+Started GET "/restricted" for 127.0.0.1 at 2016-11-25 13:43:51 +0000
 Processing by ExampleController#restricted as HTML
 Authenticating with gds_sso strategy
 Completed   in 0ms (ActiveRecord: 0.0ms)
-Started GET "/auth/gds" for 127.0.0.1 at 2016-09-22 10:04:59 +0000
-Started GET "/auth/gds/callback?code=958b12c0c19998b7be1c2aef7a3ed821f9ec168625ca76fd6d596e20f81017b7&state=1b7c2fa35d8bb4059b270df8ec47178c3f70ebf9d5e7e40e" for 127.0.0.1 at 2016-09-22 10:04:59 +0000
+Started GET "/auth/gds" for 127.0.0.1 at 2016-11-25 13:43:51 +0000
+Started GET "/auth/gds/callback?code=6c9bfeb102f4e0e1120398cfc1c1c31cba3f4cb3f85ff8ae0385a0f0e995ce04&state=9093f73a23bcecce0e2c374cdbf37f0108cae9bbc6754520" for 127.0.0.1 at 2016-11-25 13:43:52 +0000
 Processing by AuthenticationsController#callback as HTML
-  Parameters: {"code"=>"958b12c0c19998b7be1c2aef7a3ed821f9ec168625ca76fd6d596e20f81017b7", "state"=>"1b7c2fa35d8bb4059b270df8ec47178c3f70ebf9d5e7e40e"}
+  Parameters: {"code"=>"6c9bfeb102f4e0e1120398cfc1c1c31cba3f4cb3f85ff8ae0385a0f0e995ce04", "state"=>"9093f73a23bcecce0e2c374cdbf37f0108cae9bbc6754520"}
 Authenticating with gds_sso strategy
-  User Load (0.2ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? ORDER BY "users"."id" ASC LIMIT ?  [["uid", "integration-uid"], ["LIMIT", 1]]
+  User Load (0.3ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? ORDER BY "users"."id" ASC LIMIT ?  [["uid", "integration-uid"], ["LIMIT", 1]]
    (0.1ms)  begin transaction
-   (0.0ms)  commit transaction
+   (0.1ms)  commit transaction
 Redirected to http://www.example-client.com/restricted
-Completed 302 Found in 4ms (ActiveRecord: 0.3ms)
-Started GET "/restricted" for 127.0.0.1 at 2016-09-22 10:04:59 +0000
+Completed 302 Found in 4ms (ActiveRecord: 0.4ms)
+Started GET "/restricted" for 127.0.0.1 at 2016-11-25 13:43:52 +0000
 Processing by ExampleController#restricted as HTML
-  User Load (0.2ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? AND "users"."remotely_signed_out" = ? ORDER BY "users"."id" ASC LIMIT ?  [["uid", "integration-uid"], ["remotely_signed_out", false], ["LIMIT", 1]]
+  User Load (0.3ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? AND "users"."remotely_signed_out" = ? ORDER BY "users"."id" ASC LIMIT ?  [["uid", "integration-uid"], ["remotely_signed_out", false], ["LIMIT", 1]]
   Rendering text template
   Rendered text template (0.0ms)
-Completed 200 OK in 2ms (Views: 0.3ms | ActiveRecord: 0.2ms)
-Started GET "/restricted" for 127.0.0.1 at 2016-09-23 05:59:59 +0000
+Completed 200 OK in 2ms (Views: 0.3ms | ActiveRecord: 0.3ms)
+Started GET "/restricted" for 127.0.0.1 at 2016-11-26 09:38:52 +0000
 Processing by ExampleController#restricted as HTML
   User Load (0.2ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? AND "users"."remotely_signed_out" = ? ORDER BY "users"."id" ASC LIMIT ?  [["uid", "integration-uid"], ["remotely_signed_out", false], ["LIMIT", 1]]
   Rendering text template
   Rendered text template (0.0ms)
-Completed 200 OK in 1ms (Views: 0.3ms | ActiveRecord: 0.2ms)
-Started GET "/restricted" for 127.0.0.1 at 2016-09-22 10:04:59 +0000
+Completed 200 OK in 2ms (Views: 0.3ms | ActiveRecord: 0.2ms)
+Started GET "/restricted" for 127.0.0.1 at 2016-11-25 13:43:52 +0000
 Processing by ExampleController#restricted as HTML
 Authenticating with gds_sso strategy
 Completed   in 0ms (ActiveRecord: 0.0ms)
-Started GET "/auth/gds" for 127.0.0.1 at 2016-09-22 10:04:59 +0000
-Started GET "/auth/gds/callback?code=6026ba885f1a987e83386835bc406c8ef3ec69bae95f35c26623f09973dc1ffe&state=814199e3152207e5cc09e757fb8901083de37cf4bf1e52c1" for 127.0.0.1 at 2016-09-22 10:05:00 +0000
+Started GET "/auth/gds" for 127.0.0.1 at 2016-11-25 13:43:52 +0000
+Started GET "/auth/gds/callback?code=c63978b042d97f8a745efc08a3432c13a07692fbedbc4079044b7844dff0d7e8&state=6c8246395eb6eb3393b389ac551e2522b7d8e70684d8f22e" for 127.0.0.1 at 2016-11-25 13:43:52 +0000
 Processing by AuthenticationsController#callback as HTML
-  Parameters: {"code"=>"6026ba885f1a987e83386835bc406c8ef3ec69bae95f35c26623f09973dc1ffe", "state"=>"814199e3152207e5cc09e757fb8901083de37cf4bf1e52c1"}
+  Parameters: {"code"=>"c63978b042d97f8a745efc08a3432c13a07692fbedbc4079044b7844dff0d7e8", "state"=>"6c8246395eb6eb3393b389ac551e2522b7d8e70684d8f22e"}
 Authenticating with gds_sso strategy
-  User Load (0.2ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? ORDER BY "users"."id" ASC LIMIT ?  [["uid", "integration-uid"], ["LIMIT", 1]]
+  User Load (0.3ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? ORDER BY "users"."id" ASC LIMIT ?  [["uid", "integration-uid"], ["LIMIT", 1]]
    (0.1ms)  begin transaction
-   (0.0ms)  commit transaction
+   (0.1ms)  commit transaction
 Redirected to http://www.example-client.com/restricted
-Completed 302 Found in 3ms (ActiveRecord: 0.3ms)
-Started GET "/restricted" for 127.0.0.1 at 2016-09-22 10:05:00 +0000
+Completed 302 Found in 4ms (ActiveRecord: 0.4ms)
+Started GET "/restricted" for 127.0.0.1 at 2016-11-25 13:43:52 +0000
 Processing by ExampleController#restricted as HTML
   User Load (0.2ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? AND "users"."remotely_signed_out" = ? ORDER BY "users"."id" ASC LIMIT ?  [["uid", "integration-uid"], ["remotely_signed_out", false], ["LIMIT", 1]]
   Rendering text template
   Rendered text template (0.0ms)
-Completed 200 OK in 1ms (Views: 0.3ms | ActiveRecord: 0.2ms)
-Started GET "/restricted" for 127.0.0.1 at 2016-09-23 06:10:00 +0000
+Completed 200 OK in 2ms (Views: 0.3ms | ActiveRecord: 0.2ms)
+Started GET "/restricted" for 127.0.0.1 at 2016-11-26 09:48:52 +0000
+Processing by ExampleController#restricted as HTML
+Authenticating with gds_sso strategy
+Completed   in 1ms (ActiveRecord: 0.0ms)
+Started GET "/auth/gds" for 127.0.0.1 at 2016-11-26 09:48:52 +0000
+Started GET "/restricted" for 127.0.0.1 at 2016-11-25 13:43:52 +0000
 Processing by ExampleController#restricted as HTML
 Authenticating with gds_sso strategy
 Completed   in 0ms (ActiveRecord: 0.0ms)
-Started GET "/auth/gds" for 127.0.0.1 at 2016-09-23 06:10:00 +0000
-Started GET "/auth/gds/callback?code=6c20df8297cad645201fd38305f96c5319a4f83e61673e91c107ec112256fb57&state=3d92ec4d4e886cf4d3d0e545b2cdaf76d151073d53be359a" for 127.0.0.1 at 2016-09-23 06:10:00 +0000
+Started GET "/auth/gds" for 127.0.0.1 at 2016-11-25 13:43:52 +0000
+Started GET "/auth/gds/callback?code=5229ba82ef286c3fde70ffe4fbef3a21d7c703461e48c72ddee14bcb62071076&state=333d26dd26654d38e2a6868b68a341568167fec3d698aa6e" for 127.0.0.1 at 2016-11-25 13:43:52 +0000
 Processing by AuthenticationsController#callback as HTML
-  Parameters: {"code"=>"6c20df8297cad645201fd38305f96c5319a4f83e61673e91c107ec112256fb57", "state"=>"3d92ec4d4e886cf4d3d0e545b2cdaf76d151073d53be359a"}
+  Parameters: {"code"=>"5229ba82ef286c3fde70ffe4fbef3a21d7c703461e48c72ddee14bcb62071076", "state"=>"333d26dd26654d38e2a6868b68a341568167fec3d698aa6e"}
 Authenticating with gds_sso strategy
-  User Load (0.2ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? ORDER BY "users"."id" ASC LIMIT ?  [["uid", "integration-uid"], ["LIMIT", 1]]
+  User Load (0.3ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? ORDER BY "users"."id" ASC LIMIT ?  [["uid", "integration-uid"], ["LIMIT", 1]]
    (0.1ms)  begin transaction
    (0.1ms)  commit transaction
 Redirected to http://www.example-client.com/restricted
-Completed 302 Found in 3ms (ActiveRecord: 0.4ms)
-Started GET "/restricted" for 127.0.0.1 at 2016-09-23 06:10:00 +0000
+Completed 302 Found in 4ms (ActiveRecord: 0.5ms)
+Started GET "/restricted" for 127.0.0.1 at 2016-11-25 13:43:52 +0000
 Processing by ExampleController#restricted as HTML
   User Load (0.2ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? AND "users"."remotely_signed_out" = ? ORDER BY "users"."id" ASC LIMIT ?  [["uid", "integration-uid"], ["remotely_signed_out", false], ["LIMIT", 1]]
   Rendering text template
   Rendered text template (0.0ms)
-Completed 200 OK in 2ms (Views: 0.3ms | ActiveRecord: 0.2ms)
-Started GET "/restricted" for 127.0.0.1 at 2016-09-22 10:05:00 +0000
+Completed 200 OK in 2ms (Views: 0.4ms | ActiveRecord: 0.2ms)
+Started GET "/restricted" for 127.0.0.1 at 2016-11-26 09:48:52 +0000
 Processing by ExampleController#restricted as HTML
 Authenticating with gds_sso strategy
-Completed   in 0ms (ActiveRecord: 0.0ms)
-Started GET "/auth/gds" for 127.0.0.1 at 2016-09-22 10:05:00 +0000
-Started GET "/auth/gds/callback?code=15be64cd8675db43385a11314cddb356e370afe6ae4a3bbfc201842cc8ad41da&state=c6c886f4971721a02b8c3124a12e50539e9ab6951a81b2a0" for 127.0.0.1 at 2016-09-22 10:05:00 +0000
+Completed   in 1ms (ActiveRecord: 0.0ms)
+Started GET "/auth/gds" for 127.0.0.1 at 2016-11-26 09:48:52 +0000
+Started GET "/auth/gds/callback?code=f05a8b4e9102c7eba4fcfcf26b7e9524a7d172427b7765b328cd52a0f107cd38&state=1f8e53a7b16af9400f9234ee26b862d0a56e7b78e8e8b39b" for 127.0.0.1 at 2016-11-26 09:48:52 +0000
 Processing by AuthenticationsController#callback as HTML
-  Parameters: {"code"=>"15be64cd8675db43385a11314cddb356e370afe6ae4a3bbfc201842cc8ad41da", "state"=>"c6c886f4971721a02b8c3124a12e50539e9ab6951a81b2a0"}
+  Parameters: {"code"=>"f05a8b4e9102c7eba4fcfcf26b7e9524a7d172427b7765b328cd52a0f107cd38", "state"=>"1f8e53a7b16af9400f9234ee26b862d0a56e7b78e8e8b39b"}
 Authenticating with gds_sso strategy
-  User Load (0.2ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? ORDER BY "users"."id" ASC LIMIT ?  [["uid", "integration-uid"], ["LIMIT", 1]]
-   (0.0ms)  begin transaction
-   (0.0ms)  commit transaction
+  User Load (0.4ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? ORDER BY "users"."id" ASC LIMIT ?  [["uid", "integration-uid"], ["LIMIT", 1]]
+   (0.1ms)  begin transaction
+   (0.1ms)  commit transaction
 Redirected to http://www.example-client.com/restricted
-Completed 302 Found in 3ms (ActiveRecord: 0.3ms)
-Started GET "/restricted" for 127.0.0.1 at 2016-09-22 10:05:00 +0000
+Completed 302 Found in 4ms (ActiveRecord: 0.5ms)
+Started GET "/restricted" for 127.0.0.1 at 2016-11-26 09:48:52 +0000
 Processing by ExampleController#restricted as HTML
-  User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? AND "users"."remotely_signed_out" = ? ORDER BY "users"."id" ASC LIMIT ?  [["uid", "integration-uid"], ["remotely_signed_out", false], ["LIMIT", 1]]
+  User Load (0.2ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? AND "users"."remotely_signed_out" = ? ORDER BY "users"."id" ASC LIMIT ?  [["uid", "integration-uid"], ["remotely_signed_out", false], ["LIMIT", 1]]
   Rendering text template
   Rendered text template (0.0ms)
-Completed 200 OK in 1ms (Views: 0.3ms | ActiveRecord: 0.1ms)
-Started GET "/restricted" for 127.0.0.1 at 2016-09-23 06:10:00 +0000
-Processing by ExampleController#restricted as HTML
-Authenticating with gds_sso strategy
-Completed   in 0ms (ActiveRecord: 0.0ms)
-Started GET "/auth/gds" for 127.0.0.1 at 2016-09-23 06:10:00 +0000
-Started GET "/restricted" for 127.0.0.1 at 2016-09-22 10:05:00 +0000
+Completed 200 OK in 2ms (Views: 0.5ms | ActiveRecord: 0.2ms)
+Started GET "/restricted" for 127.0.0.1 at 2016-11-25 13:43:52 +0000
 Processing by ExampleController#restricted as HTML
 Authenticating with gds_sso strategy
 Completed   in 0ms (ActiveRecord: 0.0ms)
-Started GET "/auth/gds" for 127.0.0.1 at 2016-09-22 10:05:00 +0000
-Started GET "/auth/gds/callback?code=89667d80f0c874ab50278689ba40f40d88a2054b049b401cfb42ec73f0510cb7&state=a25fdc84737b025e2bc5b7fb1b3a5842f363d019f657d2f3" for 127.0.0.1 at 2016-09-22 10:05:00 +0000
+Started GET "/auth/gds" for 127.0.0.1 at 2016-11-25 13:43:52 +0000
+Started GET "/auth/gds/callback?code=7e818e1c5c01ac8cd30f5b96e84dcb6e0c72ed8b51e4d25ed4db93c9171ca963&state=a14348956a612958a57fd91a9a5624bdf87c587d20624e33" for 127.0.0.1 at 2016-11-25 13:43:52 +0000
 Processing by AuthenticationsController#callback as HTML
-  Parameters: {"code"=>"89667d80f0c874ab50278689ba40f40d88a2054b049b401cfb42ec73f0510cb7", "state"=>"a25fdc84737b025e2bc5b7fb1b3a5842f363d019f657d2f3"}
+  Parameters: {"code"=>"7e818e1c5c01ac8cd30f5b96e84dcb6e0c72ed8b51e4d25ed4db93c9171ca963", "state"=>"a14348956a612958a57fd91a9a5624bdf87c587d20624e33"}
 Authenticating with gds_sso strategy
-  User Load (0.3ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? ORDER BY "users"."id" ASC LIMIT ?  [["uid", "integration-uid"], ["LIMIT", 1]]
-   (0.0ms)  begin transaction
-   (0.0ms)  commit transaction
+  User Load (0.4ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? ORDER BY "users"."id" ASC LIMIT ?  [["uid", "integration-uid"], ["LIMIT", 1]]
+   (0.1ms)  begin transaction
+   (0.1ms)  commit transaction
 Redirected to http://www.example-client.com/restricted
-Completed 302 Found in 3ms (ActiveRecord: 0.4ms)
-Started GET "/restricted" for 127.0.0.1 at 2016-09-22 10:05:00 +0000
+Completed 302 Found in 7ms (ActiveRecord: 0.6ms)
+Started GET "/restricted" for 127.0.0.1 at 2016-11-25 13:43:53 +0000
 Processing by ExampleController#restricted as HTML
-  User Load (0.3ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? AND "users"."remotely_signed_out" = ? ORDER BY "users"."id" ASC LIMIT ?  [["uid", "integration-uid"], ["remotely_signed_out", false], ["LIMIT", 1]]
+  User Load (0.7ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? AND "users"."remotely_signed_out" = ? ORDER BY "users"."id" ASC LIMIT ?  [["uid", "integration-uid"], ["remotely_signed_out", false], ["LIMIT", 1]]
   Rendering text template
   Rendered text template (0.0ms)
-Completed 200 OK in 2ms (Views: 0.3ms | ActiveRecord: 0.3ms)
-  User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."email" = ? ORDER BY "users"."id" ASC LIMIT ?  [["email", "test@example-client.com"], ["LIMIT", 1]]
+Completed 200 OK in 3ms (Views: 0.5ms | ActiveRecord: 0.7ms)
+  User Load (0.2ms)  SELECT  "users".* FROM "users" WHERE "users"."email" = ? ORDER BY "users"."id" ASC LIMIT ?  [["email", "test@example-client.com"], ["LIMIT", 1]]
    (0.1ms)  begin transaction
-  SQL (0.2ms)  UPDATE "users" SET "remotely_signed_out" = ? WHERE "users"."id" = ?  [["remotely_signed_out", true], ["id", 2]]
-   (30.1ms)  commit transaction
-Started GET "/restricted" for 127.0.0.1 at 2016-09-22 10:05:00 +0000
+  SQL (0.2ms)  UPDATE "users" SET "remotely_signed_out" = ? WHERE "users"."id" = ?  [["remotely_signed_out", true], ["id", 12]]
+   (20.1ms)  commit transaction
+Started GET "/restricted" for 127.0.0.1 at 2016-11-25 13:43:53 +0000
 Processing by ExampleController#restricted as HTML
   User Load (0.2ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? AND "users"."remotely_signed_out" = ? ORDER BY "users"."id" ASC LIMIT ?  [["uid", "integration-uid"], ["remotely_signed_out", false], ["LIMIT", 1]]
 Authenticating with gds_sso strategy
 Completed   in 2ms (ActiveRecord: 0.2ms)
-Started GET "/auth/gds" for 127.0.0.1 at 2016-09-22 10:05:00 +0000
-Started GET "/auth/gds/callback?code=c4a54f65eae1c7dd0af2f75bee1a640b76f99558f1d8903b107907292cad82cf&state=7dbea1ef26eaf3334ccaa8476716672eb1444f918f91a5cf" for 127.0.0.1 at 2016-09-22 10:05:01 +0000
+Started GET "/auth/gds" for 127.0.0.1 at 2016-11-25 13:43:53 +0000
+Started GET "/auth/gds/callback?code=5e28167f5be69dda4b0fe3984973b050e9bd032d369589588e6aeda3d3a5c0e1&state=997f9516ea7ec6ebfe79b80b62812c32aaa75d4a2db1015f" for 127.0.0.1 at 2016-11-25 13:43:53 +0000
 Processing by AuthenticationsController#callback as HTML
-  Parameters: {"code"=>"c4a54f65eae1c7dd0af2f75bee1a640b76f99558f1d8903b107907292cad82cf", "state"=>"7dbea1ef26eaf3334ccaa8476716672eb1444f918f91a5cf"}
+  Parameters: {"code"=>"5e28167f5be69dda4b0fe3984973b050e9bd032d369589588e6aeda3d3a5c0e1", "state"=>"997f9516ea7ec6ebfe79b80b62812c32aaa75d4a2db1015f"}
 Authenticating with gds_sso strategy
-  User Load (0.2ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? ORDER BY "users"."id" ASC LIMIT ?  [["uid", "integration-uid"], ["LIMIT", 1]]
-   (0.0ms)  begin transaction
-   (0.0ms)  commit transaction
-   (0.0ms)  begin transaction
-  SQL (0.2ms)  UPDATE "users" SET "remotely_signed_out" = ? WHERE "users"."id" = ?  [["remotely_signed_out", false], ["id", 2]]
-   (16.8ms)  commit transaction
+  User Load (0.3ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? ORDER BY "users"."id" ASC LIMIT ?  [["uid", "integration-uid"], ["LIMIT", 1]]
+   (0.1ms)  begin transaction
+   (0.1ms)  commit transaction
+   (0.1ms)  begin transaction
+  SQL (0.5ms)  UPDATE "users" SET "remotely_signed_out" = ? WHERE "users"."id" = ?  [["remotely_signed_out", false], ["id", 12]]
+   (27.5ms)  commit transaction
 Redirected to http://www.example-client.com/restricted
-Completed 302 Found in 21ms (ActiveRecord: 17.4ms)
-Started GET "/restricted" for 127.0.0.1 at 2016-09-22 10:05:01 +0000
+Completed 302 Found in 34ms (ActiveRecord: 28.3ms)
+Started GET "/restricted" for 127.0.0.1 at 2016-11-25 13:43:53 +0000
 Processing by ExampleController#restricted as HTML
-  User Load (0.3ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? AND "users"."remotely_signed_out" = ? ORDER BY "users"."id" ASC LIMIT ?  [["uid", "integration-uid"], ["remotely_signed_out", false], ["LIMIT", 1]]
+  User Load (0.2ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? AND "users"."remotely_signed_out" = ? ORDER BY "users"."id" ASC LIMIT ?  [["uid", "integration-uid"], ["remotely_signed_out", false], ["LIMIT", 1]]
   Rendering text template
   Rendered text template (0.0ms)
-Completed 200 OK in 2ms (Views: 0.4ms | ActiveRecord: 0.3ms)
-   (0.1ms)  begin transaction
-  SQL (0.2ms)  INSERT INTO "users" ("name", "uid", "email", "permissions") VALUES (?, ?, ?, ?)  [["name", "Moshua Jarshall"], ["uid", "a1s2d38606"], ["email", "old@domain.com"], ["permissions", "---\n- signin\n"]]
-   (43.1ms)  commit transaction
+Completed 200 OK in 2ms (Views: 0.3ms | ActiveRecord: 0.2ms)
+Started GET "/this_requires_signin_permission" for 127.0.0.1 at 2016-11-25 13:43:53 +0000
+Processing by ExampleController#this_requires_signin_permission as JSON
+  User Load (0.4ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? ORDER BY "users"."id" ASC LIMIT ?  [["uid", "integration-uid"], ["LIMIT", 1]]
    (0.1ms)  begin transaction
-  SQL (0.2ms)  INSERT INTO "users" ("name", "uid", "email", "permissions") VALUES (?, ?, ?, ?)  [["name", "SSO Push user"], ["uid", "a1s2d39742"], ["email", "ssopushuser@legit.com"], ["permissions", "---\n- signin\n- user_update_permission\n"]]
-   (55.6ms)  commit transaction
-Processing by Api::UserController#reauth as HTML
-  Parameters: {"uid"=>"a1s2d38606"}
-  Rendering /home/jenkins/workspace/govuk_gds_sso/app/views/authorisations/unauthorised.html.erb within layouts/unauthorised
-  Rendered /home/jenkins/workspace/govuk_gds_sso/app/views/authorisations/unauthorised.html.erb within layouts/unauthorised (0.2ms)
-Completed 403 Forbidden in 6ms (Views: 5.6ms | ActiveRecord: 0.0ms)
+  SQL (0.2ms)  UPDATE "users" SET "disabled" = ? WHERE "users"."id" = ?  [["disabled", nil], ["id", 12]]
+   (20.6ms)  commit transaction
+  User Load (0.6ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? ORDER BY "users"."id" ASC LIMIT ?  [["uid", "integration-uid"], ["LIMIT", 1]]
    (0.1ms)  begin transaction
-  SQL (0.2ms)  INSERT INTO "users" ("name", "uid", "email", "permissions") VALUES (?, ?, ?, ?)  [["name", "Moshua Jarshall"], ["uid", "a1s2d35817"], ["email", "old@domain.com"], ["permissions", "---\n- signin\n"]]
-   (48.9ms)  commit transaction
+   (0.1ms)  commit transaction
+  CACHE (0.0ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? ORDER BY "users"."id" ASC LIMIT ?  [["uid", "integration-uid"], ["LIMIT", 1]]
    (0.1ms)  begin transaction
-  SQL (0.2ms)  INSERT INTO "users" ("name", "uid", "email", "permissions") VALUES (?, ?, ?, ?)  [["name", "SSO Push user"], ["uid", "a1s2d31611"], ["email", "ssopushuser@legit.com"], ["permissions", "---\n- signin\n- user_update_permission\n"]]
-   (14.5ms)  commit transaction
-Processing by Api::UserController#reauth as HTML
-  Parameters: {"uid"=>"a1s2d35817"}
-  User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? ORDER BY "users"."id" ASC LIMIT ?  [["uid", "a1s2d35817"], ["LIMIT", 1]]
+   (0.1ms)  commit transaction
+  CACHE (0.0ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? ORDER BY "users"."id" ASC LIMIT ?  [["uid", "integration-uid"], ["LIMIT", 1]]
    (0.1ms)  begin transaction
-  SQL (0.2ms)  UPDATE "users" SET "remotely_signed_out" = ? WHERE "users"."id" = ?  [["remotely_signed_out", true], ["id", 5]]
-   (12.9ms)  commit transaction
-Completed 200 OK in 17ms (ActiveRecord: 13.3ms)
-  User Load (0.2ms)  SELECT  "users".* FROM "users" WHERE "users"."id" = ? LIMIT ?  [["id", 5], ["LIMIT", 1]]
+   (0.1ms)  commit transaction
+  Rendering text template
+  Rendered text template (0.0ms)
+Completed 200 OK in 99ms (Views: 0.6ms | ActiveRecord: 22.3ms)
+Started GET "/restricted" for 127.0.0.1 at 2016-11-25 13:43:53 +0000
+Processing by ExampleController#restricted as JSON
+  User Load (0.3ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? ORDER BY "users"."id" ASC LIMIT ?  [["uid", "integration-uid"], ["LIMIT", 1]]
+   (0.3ms)  begin transaction
+   (0.1ms)  commit transaction
+  CACHE (0.0ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? ORDER BY "users"."id" ASC LIMIT ?  [["uid", "integration-uid"], ["LIMIT", 1]]
    (0.1ms)  begin transaction
-  SQL (0.2ms)  INSERT INTO "users" ("name", "uid", "email", "permissions") VALUES (?, ?, ?, ?)  [["name", "Moshua Jarshall"], ["uid", "a1s2d35685"], ["email", "old@domain.com"], ["permissions", "---\n- signin\n"]]
-   (12.3ms)  commit transaction
+   (0.1ms)  commit transaction
+  CACHE (0.0ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? ORDER BY "users"."id" ASC LIMIT ?  [["uid", "integration-uid"], ["LIMIT", 1]]
    (0.1ms)  begin transaction
-  SQL (0.2ms)  INSERT INTO "users" ("name", "uid", "email", "permissions") VALUES (?, ?, ?, ?)  [["name", "SSO Push user"], ["uid", "a1s2d31670"], ["email", "ssopushuser@legit.com"], ["permissions", "---\n- signin\n- user_update_permission\n"]]
-   (10.6ms)  commit transaction
-Processing by Api::UserController#reauth as HTML
-  Parameters: {"uid"=>"nonexistent-user"}
-  User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? ORDER BY "users"."id" ASC LIMIT ?  [["uid", "nonexistent-user"], ["LIMIT", 1]]
-Completed 200 OK in 1ms (ActiveRecord: 0.1ms)
-   (0.1ms)  begin transaction
-  SQL (0.2ms)  INSERT INTO "users" ("name", "uid", "email", "permissions") VALUES (?, ?, ?, ?)  [["name", "Moshua Jarshall"], ["uid", "a1s2d32961"], ["email", "old@domain.com"], ["permissions", "---\n- signin\n"]]
-   (26.9ms)  commit transaction
-   (0.1ms)  begin transaction
-  SQL (0.2ms)  INSERT INTO "users" ("name", "uid", "email", "permissions") VALUES (?, ?, ?, ?)  [["name", "SSO Push user"], ["uid", "a1s2d36065"], ["email", "ssopushuser@legit.com"], ["permissions", "---\n- signin\n- user_update_permission\n"]]
-   (12.9ms)  commit transaction
-Processing by Api::UserController#update as HTML
-  Parameters: {"uid"=>"a1s2d32961"}
-  User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? ORDER BY "users"."id" ASC LIMIT ?  [["uid", "a1s2d32961"], ["LIMIT", 1]]
-   (0.1ms)  begin transaction
-  SQL (0.2ms)  UPDATE "users" SET "email" = ?, "name" = ?, "permissions" = ?, "organisation_slug" = ?, "organisation_content_id" = ? WHERE "users"."id" = ?  [["email", "user@domain.com"], ["name", "Joshua Marshall"], ["permissions", "---\n- signin\n- new permission\n"], ["organisation_slug", "justice-league"], ["organisation_content_id", "aae1319e-5788-4677-998c-f1a53af528d0"], ["id", 9]]
-   (27.2ms)  commit transaction
-Completed 200 OK in 31ms (ActiveRecord: 27.5ms)
-  User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."id" = ? LIMIT ?  [["id", 9], ["LIMIT", 1]]
-   (0.1ms)  begin transaction
-  SQL (0.2ms)  INSERT INTO "users" ("name", "uid", "email", "permissions") VALUES (?, ?, ?, ?)  [["name", "Moshua Jarshall"], ["uid", "a1s2d3877"], ["email", "old@domain.com"], ["permissions", "---\n- signin\n"]]
-   (30.0ms)  commit transaction
+   (0.1ms)  commit transaction
+  CACHE (0.0ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? ORDER BY "users"."id" ASC LIMIT ?  [["uid", "integration-uid"], ["LIMIT", 1]]
    (0.1ms)  begin transaction
-  SQL (0.2ms)  INSERT INTO "users" ("name", "uid", "email", "permissions") VALUES (?, ?, ?, ?)  [["name", "SSO Push user"], ["uid", "a1s2d35352"], ["email", "ssopushuser@legit.com"], ["permissions", "---\n- signin\n- user_update_permission\n"]]
-   (11.3ms)  commit transaction
-Processing by Api::UserController#update as HTML
-  Parameters: {"uid"=>"a1s2d3877"}
-  Rendering /home/jenkins/workspace/govuk_gds_sso/app/views/authorisations/unauthorised.html.erb within layouts/unauthorised
-  Rendered /home/jenkins/workspace/govuk_gds_sso/app/views/authorisations/unauthorised.html.erb within layouts/unauthorised (0.0ms)
-Completed 403 Forbidden in 1ms (Views: 0.7ms | ActiveRecord: 0.0ms)
-   (32.1ms)  CREATE TABLE "users" ("id" INTEGER PRIMARY KEY AUTOINCREMENT NOT NULL, "name" varchar NOT NULL, "uid" varchar NOT NULL, "email" varchar NOT NULL, "remotely_signed_out" boolean, "permissions" text, "organisation_slug" varchar, "organisation_content_id" varchar, "disabled" boolean DEFAULT 'f') 
-   (47.2ms)  CREATE TABLE "schema_migrations" ("version" varchar NOT NULL) 
-   (0.1ms)  select sqlite_version(*)
-   (41.6ms)  CREATE UNIQUE INDEX "unique_schema_migrations" ON "schema_migrations" ("version")
-  User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ?  ORDER BY "users"."id" ASC LIMIT 1  [["uid", "asd"]]
-  User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."email" = ?  ORDER BY "users"."id" ASC LIMIT 1  [["email", "user@example.com"]]
-   (0.1ms)  begin transaction
-  SQL (0.2ms)  INSERT INTO "users" ("uid", "email", "name", "permissions", "organisation_slug", "organisation_content_id", "disabled") VALUES (?, ?, ?, ?, ?, ?, ?)  [["uid", "asd"], ["email", "user@example.com"], ["name", "A Name"], ["permissions", "---\n- signin\n"], ["organisation_slug", "hmrc"], ["organisation_content_id", "67a2b78d-eee3-45b3-80e2-792e7f71cecc"], ["disabled", nil]]
-   (26.2ms)  commit transaction
-  User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ?  ORDER BY "users"."id" ASC LIMIT 1  [["uid", "asd"]]
-   (0.0ms)  begin transaction
-   (0.0ms)  commit transaction
+   (0.1ms)  commit transaction
+  Rendering text template
+  Rendered text template (0.0ms)
+Completed 200 OK in 80ms (Views: 0.4ms | ActiveRecord: 1.2ms)
+Started GET "/restricted" for 127.0.0.1 at 2016-11-25 13:43:53 +0000
+Processing by ExampleController#restricted as JSON
+Completed   in 18ms (ActiveRecord: 0.0ms)
+Started GET "/restricted" for 127.0.0.1 at 2016-11-25 13:43:53 +0000
+Processing by ExampleController#restricted as JSON
+Completed   in 16ms (ActiveRecord: 0.0ms)
+   (200.3ms)  CREATE TABLE "users" ("id" INTEGER PRIMARY KEY AUTOINCREMENT NOT NULL, "name" varchar NOT NULL, "uid" varchar NOT NULL, "email" varchar NOT NULL, "remotely_signed_out" boolean, "permissions" text, "organisation_slug" varchar, "organisation_content_id" varchar, "disabled" boolean DEFAULT 'f') 
+   (164.7ms)  CREATE TABLE "schema_migrations" ("version" varchar NOT NULL) 
+   (0.4ms)  select sqlite_version(*)
+   (138.1ms)  CREATE UNIQUE INDEX "unique_schema_migrations" ON "schema_migrations" ("version")
    (0.1ms)  begin transaction
-  SQL (0.2ms)  INSERT INTO "users" ("uid", "email", "name", "permissions") VALUES (?, ?, ?, ?)  [["uid", "a1s2d37002"], ["email", "old@domain.com"], ["name", "Moshua Jarshall"], ["permissions", "---\n- signin\n"]]
-   (15.6ms)  commit transaction
+  SQL (0.3ms)  INSERT INTO "users" ("uid", "email", "name", "permissions") VALUES (?, ?, ?, ?)  [["uid", "a1s2d31425"], ["email", "old@domain.com"], ["name", "Moshua Jarshall"], ["permissions", "---\n- signin\n"]]
+   (158.0ms)  commit transaction
    (0.1ms)  begin transaction
-  SQL (0.2ms)  INSERT INTO "users" ("uid", "email", "name", "permissions") VALUES (?, ?, ?, ?)  [["uid", "a1s2d39576"], ["email", "ssopushuser@legit.com"], ["name", "SSO Push user"], ["permissions", "---\n- signin\n- user_update_permission\n"]]
-   (35.0ms)  commit transaction
-Processing by Api::UserController#update as HTML
-  Parameters: {"uid"=>"a1s2d37002"}
-  Rendered /home/jenkins/workspace/govuk_gds_sso/app/views/authorisations/unauthorised.html.erb within layouts/unauthorised (0.2ms)
-Completed 403 Forbidden in 7ms (Views: 6.9ms | ActiveRecord: 0.0ms)
+  SQL (0.2ms)  INSERT INTO "users" ("uid", "email", "name", "permissions") VALUES (?, ?, ?, ?)  [["uid", "a1s2d39436"], ["email", "ssopushuser@legit.com"], ["name", "SSO Push user"], ["permissions", "---\n- signin\n- user_update_permission\n"]]
+   (132.1ms)  commit transaction
+Processing by Api::UserController#reauth as HTML
+  Parameters: {"uid"=>"a1s2d31425"}
+  Rendered /home/jenkins/workspace/govuk_gds_sso/app/views/authorisations/unauthorised.html.erb within layouts/unauthorised (0.3ms)
+Completed 403 Forbidden in 9ms (Views: 8.9ms | ActiveRecord: 0.0ms)
    (0.1ms)  begin transaction
-  SQL (0.2ms)  INSERT INTO "users" ("uid", "email", "name", "permissions") VALUES (?, ?, ?, ?)  [["uid", "a1s2d3166"], ["email", "old@domain.com"], ["name", "Moshua Jarshall"], ["permissions", "---\n- signin\n"]]
-   (16.8ms)  commit transaction
+  SQL (0.2ms)  INSERT INTO "users" ("uid", "email", "name", "permissions") VALUES (?, ?, ?, ?)  [["uid", "a1s2d36156"], ["email", "old@domain.com"], ["name", "Moshua Jarshall"], ["permissions", "---\n- signin\n"]]
+   (226.6ms)  commit transaction
    (0.1ms)  begin transaction
-  SQL (0.1ms)  INSERT INTO "users" ("uid", "email", "name", "permissions") VALUES (?, ?, ?, ?)  [["uid", "a1s2d38445"], ["email", "ssopushuser@legit.com"], ["name", "SSO Push user"], ["permissions", "---\n- signin\n- user_update_permission\n"]]
-   (9.6ms)  commit transaction
-Processing by Api::UserController#update as HTML
-  Parameters: {"uid"=>"a1s2d3166"}
-  User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ?  ORDER BY "users"."id" ASC LIMIT 1  [["uid", "a1s2d3166"]]
-   (0.0ms)  begin transaction
-  SQL (0.2ms)  UPDATE "users" SET "email" = ?, "name" = ?, "permissions" = ?, "organisation_slug" = ?, "organisation_content_id" = ? WHERE "users"."id" = ?  [["email", "user@domain.com"], ["name", "Joshua Marshall"], ["permissions", "---\n- signin\n- new permission\n"], ["organisation_slug", "justice-league"], ["organisation_content_id", "aae1319e-5788-4677-998c-f1a53af528d0"], ["id", 4]]
-   (10.3ms)  commit transaction
-Completed 200 OK in 14ms (ActiveRecord: 10.6ms)
-  User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."id" = ? LIMIT 1  [["id", 4]]
-   (0.1ms)  begin transaction
-  SQL (0.1ms)  INSERT INTO "users" ("uid", "email", "name", "permissions") VALUES (?, ?, ?, ?)  [["uid", "a1s2d39534"], ["email", "old@domain.com"], ["name", "Moshua Jarshall"], ["permissions", "---\n- signin\n"]]
-   (15.5ms)  commit transaction
-   (0.0ms)  begin transaction
-  SQL (0.1ms)  INSERT INTO "users" ("uid", "email", "name", "permissions") VALUES (?, ?, ?, ?)  [["uid", "a1s2d39063"], ["email", "ssopushuser@legit.com"], ["name", "SSO Push user"], ["permissions", "---\n- signin\n- user_update_permission\n"]]
-   (11.7ms)  commit transaction
+  SQL (0.2ms)  INSERT INTO "users" ("uid", "email", "name", "permissions") VALUES (?, ?, ?, ?)  [["uid", "a1s2d37890"], ["email", "ssopushuser@legit.com"], ["name", "SSO Push user"], ["permissions", "---\n- signin\n- user_update_permission\n"]]
+   (177.0ms)  commit transaction
 Processing by Api::UserController#reauth as HTML
   Parameters: {"uid"=>"nonexistent-user"}
-  User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ?  ORDER BY "users"."id" ASC LIMIT 1  [["uid", "nonexistent-user"]]
-Completed 200 OK in 1ms (ActiveRecord: 0.1ms)
+  User Load (0.2ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ?  ORDER BY "users"."id" ASC LIMIT 1  [["uid", "nonexistent-user"]]
+Completed 200 OK in 6ms (ActiveRecord: 0.2ms)
+   (0.1ms)  begin transaction
+  SQL (0.2ms)  INSERT INTO "users" ("uid", "email", "name", "permissions") VALUES (?, ?, ?, ?)  [["uid", "a1s2d38533"], ["email", "old@domain.com"], ["name", "Moshua Jarshall"], ["permissions", "---\n- signin\n"]]
+   (126.1ms)  commit transaction
    (0.1ms)  begin transaction
-  SQL (0.1ms)  INSERT INTO "users" ("uid", "email", "name", "permissions") VALUES (?, ?, ?, ?)  [["uid", "a1s2d38003"], ["email", "old@domain.com"], ["name", "Moshua Jarshall"], ["permissions", "---\n- signin\n"]]
-   (16.7ms)  commit transaction
-   (0.0ms)  begin transaction
-  SQL (0.1ms)  INSERT INTO "users" ("uid", "email", "name", "permissions") VALUES (?, ?, ?, ?)  [["uid", "a1s2d32526"], ["email", "ssopushuser@legit.com"], ["name", "SSO Push user"], ["permissions", "---\n- signin\n- user_update_permission\n"]]
-   (12.4ms)  commit transaction
+  SQL (0.2ms)  INSERT INTO "users" ("uid", "email", "name", "permissions") VALUES (?, ?, ?, ?)  [["uid", "a1s2d36126"], ["email", "ssopushuser@legit.com"], ["name", "SSO Push user"], ["permissions", "---\n- signin\n- user_update_permission\n"]]
+   (124.6ms)  commit transaction
 Processing by Api::UserController#reauth as HTML
-  Parameters: {"uid"=>"a1s2d38003"}
-  Rendered /home/jenkins/workspace/govuk_gds_sso/app/views/authorisations/unauthorised.html.erb within layouts/unauthorised (0.0ms)
-Completed 403 Forbidden in 1ms (Views: 0.4ms | ActiveRecord: 0.0ms)
+  Parameters: {"uid"=>"a1s2d38533"}
+  User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ?  ORDER BY "users"."id" ASC LIMIT 1  [["uid", "a1s2d38533"]]
+   (0.1ms)  begin transaction
+  SQL (0.2ms)  UPDATE "users" SET "remotely_signed_out" = ? WHERE "users"."id" = ?  [["remotely_signed_out", "t"], ["id", 5]]
+   (125.8ms)  commit transaction
+Completed 200 OK in 130ms (ActiveRecord: 126.2ms)
+  User Load (0.2ms)  SELECT  "users".* FROM "users" WHERE "users"."id" = ? LIMIT 1  [["id", 5]]
    (0.1ms)  begin transaction
-  SQL (0.1ms)  INSERT INTO "users" ("uid", "email", "name", "permissions") VALUES (?, ?, ?, ?)  [["uid", "a1s2d33624"], ["email", "old@domain.com"], ["name", "Moshua Jarshall"], ["permissions", "---\n- signin\n"]]
-   (54.6ms)  commit transaction
+  SQL (0.1ms)  INSERT INTO "users" ("uid", "email", "name", "permissions") VALUES (?, ?, ?, ?)  [["uid", "a1s2d32438"], ["email", "old@domain.com"], ["name", "Moshua Jarshall"], ["permissions", "---\n- signin\n"]]
+   (184.0ms)  commit transaction
    (0.1ms)  begin transaction
-  SQL (0.1ms)  INSERT INTO "users" ("uid", "email", "name", "permissions") VALUES (?, ?, ?, ?)  [["uid", "a1s2d39640"], ["email", "ssopushuser@legit.com"], ["name", "SSO Push user"], ["permissions", "---\n- signin\n- user_update_permission\n"]]
-   (15.9ms)  commit transaction
-Processing by Api::UserController#reauth as HTML
-  Parameters: {"uid"=>"a1s2d33624"}
-  User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ?  ORDER BY "users"."id" ASC LIMIT 1  [["uid", "a1s2d33624"]]
+  SQL (0.2ms)  INSERT INTO "users" ("uid", "email", "name", "permissions") VALUES (?, ?, ?, ?)  [["uid", "a1s2d32890"], ["email", "ssopushuser@legit.com"], ["name", "SSO Push user"], ["permissions", "---\n- signin\n- user_update_permission\n"]]
+   (250.4ms)  commit transaction
+Processing by Api::UserController#update as HTML
+  Parameters: {"uid"=>"a1s2d32438"}
+  Rendered /home/jenkins/workspace/govuk_gds_sso/app/views/authorisations/unauthorised.html.erb within layouts/unauthorised (0.1ms)
+Completed 403 Forbidden in 1ms (Views: 0.5ms | ActiveRecord: 0.0ms)
+   (0.1ms)  begin transaction
+  SQL (0.2ms)  INSERT INTO "users" ("uid", "email", "name", "permissions") VALUES (?, ?, ?, ?)  [["uid", "a1s2d32914"], ["email", "old@domain.com"], ["name", "Moshua Jarshall"], ["permissions", "---\n- signin\n"]]
+   (85.4ms)  commit transaction
    (0.1ms)  begin transaction
-  SQL (0.2ms)  UPDATE "users" SET "remotely_signed_out" = ? WHERE "users"."id" = ?  [["remotely_signed_out", "t"], ["id", 10]]
-   (27.0ms)  commit transaction
-Completed 200 OK in 29ms (ActiveRecord: 27.3ms)
-  User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."id" = ? LIMIT 1  [["id", 10]]
-Started GET "/restricted" for 127.0.0.1 at 2016-09-22 10:05:05 +0000
-Processing by ExampleController#restricted as JSON
-Completed   in 27ms (ActiveRecord: 0.0ms)
-Started GET "/this_requires_signin_permission" for 127.0.0.1 at 2016-09-22 10:05:05 +0000
-Processing by ExampleController#this_requires_signin_permission as JSON
-  User Load (0.2ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ?  ORDER BY "users"."id" ASC LIMIT 1  [["uid", "integration-uid"]]
-  User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."email" = ?  ORDER BY "users"."id" ASC LIMIT 1  [["email", "test@example-client.com"]]
+  SQL (0.2ms)  INSERT INTO "users" ("uid", "email", "name", "permissions") VALUES (?, ?, ?, ?)  [["uid", "a1s2d33322"], ["email", "ssopushuser@legit.com"], ["name", "SSO Push user"], ["permissions", "---\n- signin\n- user_update_permission\n"]]
+   (121.6ms)  commit transaction
+Processing by Api::UserController#update as HTML
+  Parameters: {"uid"=>"a1s2d32914"}
+  User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ?  ORDER BY "users"."id" ASC LIMIT 1  [["uid", "a1s2d32914"]]
    (0.1ms)  begin transaction
-  SQL (0.2ms)  INSERT INTO "users" ("uid", "email", "name", "permissions", "disabled") VALUES (?, ?, ?, ?, ?)  [["uid", "integration-uid"], ["email", "test@example-client.com"], ["name", "Test User"], ["permissions", "---\n- signin\n"], ["disabled", nil]]
-   (20.3ms)  commit transaction
-  User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ?  ORDER BY "users"."id" ASC LIMIT 1  [["uid", "integration-uid"]]
+  SQL (0.2ms)  UPDATE "users" SET "email" = ?, "name" = ?, "permissions" = ?, "organisation_slug" = ?, "organisation_content_id" = ? WHERE "users"."id" = ?  [["email", "user@domain.com"], ["name", "Joshua Marshall"], ["permissions", "---\n- signin\n- new permission\n"], ["organisation_slug", "justice-league"], ["organisation_content_id", "aae1319e-5788-4677-998c-f1a53af528d0"], ["id", 9]]
+   (83.7ms)  commit transaction
+Completed 200 OK in 88ms (ActiveRecord: 84.1ms)
+  User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."id" = ? LIMIT 1  [["id", 9]]
+  User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ?  ORDER BY "users"."id" ASC LIMIT 1  [["uid", "asd"]]
+  User Load (0.2ms)  SELECT  "users".* FROM "users" WHERE "users"."email" = ?  ORDER BY "users"."id" ASC LIMIT 1  [["email", "user@example.com"]]
    (0.1ms)  begin transaction
-   (0.1ms)  commit transaction
-  CACHE (0.0ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ?  ORDER BY "users"."id" ASC LIMIT 1  [["uid", "integration-uid"]]
-   (0.1ms)  begin transaction
-   (0.0ms)  commit transaction
-  CACHE (0.0ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ?  ORDER BY "users"."id" ASC LIMIT 1  [["uid", "integration-uid"]]
+  SQL (0.2ms)  INSERT INTO "users" ("uid", "email", "name", "permissions", "organisation_slug", "organisation_content_id", "disabled") VALUES (?, ?, ?, ?, ?, ?, ?)  [["uid", "asd"], ["email", "user@example.com"], ["name", "A Name"], ["permissions", "---\n- signin\n"], ["organisation_slug", "hmrc"], ["organisation_content_id", "67a2b78d-eee3-45b3-80e2-792e7f71cecc"], ["disabled", nil]]
+   (66.5ms)  commit transaction
+  User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ?  ORDER BY "users"."id" ASC LIMIT 1  [["uid", "asd"]]
    (0.1ms)  begin transaction
-   (0.0ms)  commit transaction
-   (0.0ms)  begin transaction
-  SQL (0.2ms)  UPDATE "users" SET "remotely_signed_out" = ? WHERE "users"."id" = ?  [["remotely_signed_out", "f"], ["id", 12]]
-   (33.0ms)  commit transaction
+   (0.1ms)  commit transaction
+Started GET "/" for 127.0.0.1 at 2016-11-25 13:43:59 +0000
+Processing by ExampleController#index as HTML
   Rendered text template (0.0ms)
-Completed 200 OK in 122ms (Views: 1.2ms | ActiveRecord: 54.6ms)
-Started GET "/restricted" for 127.0.0.1 at 2016-09-22 10:05:05 +0000
-Processing by ExampleController#restricted as JSON
-  User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ?  ORDER BY "users"."id" ASC LIMIT 1  [["uid", "integration-uid"]]
-   (0.1ms)  begin transaction
-   (0.0ms)  commit transaction
-  CACHE (0.0ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ?  ORDER BY "users"."id" ASC LIMIT 1  [["uid", "integration-uid"]]
-   (0.1ms)  begin transaction
-   (0.1ms)  commit transaction
-  CACHE (0.0ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ?  ORDER BY "users"."id" ASC LIMIT 1  [["uid", "integration-uid"]]
+Completed 200 OK in 1ms (Views: 1.0ms | ActiveRecord: 0.0ms)
+Started GET "/restricted" for 127.0.0.1 at 2016-11-25 13:43:59 +0000
+Processing by ExampleController#restricted as HTML
+Authenticating with gds_sso strategy
+Completed   in 9ms (ActiveRecord: 0.0ms)
+Started GET "/auth/gds" for 127.0.0.1 at 2016-11-25 13:43:59 +0000
+Started GET "/auth/gds/callback?code=f26bab61e3821688dbabf19d7350ce7439de62c6234faac4c5576e87a30d76a4&state=3c86a804ac28c20971241bd0f80807ffe7d57bc37cf6bb9d" for 127.0.0.1 at 2016-11-25 13:44:00 +0000
+Processing by AuthenticationsController#callback as HTML
+  Parameters: {"code"=>"f26bab61e3821688dbabf19d7350ce7439de62c6234faac4c5576e87a30d76a4", "state"=>"3c86a804ac28c20971241bd0f80807ffe7d57bc37cf6bb9d"}
+Authenticating with gds_sso strategy
+  User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ?  ORDER BY "users"."id" ASC LIMIT 1  [["uid", "integration-uid"]]
+  User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."email" = ?  ORDER BY "users"."id" ASC LIMIT 1  [["email", "test@example-client.com"]]
    (0.1ms)  begin transaction
-   (0.0ms)  commit transaction
-  CACHE (0.0ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ?  ORDER BY "users"."id" ASC LIMIT 1  [["uid", "integration-uid"]]
+  SQL (0.2ms)  INSERT INTO "users" ("uid", "email", "name", "permissions") VALUES (?, ?, ?, ?)  [["uid", "integration-uid"], ["email", "test@example-client.com"], ["name", "Test User"], ["permissions", "---\n- signin\n"]]
+   (252.9ms)  commit transaction
    (0.1ms)  begin transaction
-   (0.0ms)  commit transaction
-   (0.0ms)  begin transaction
-   (0.1ms)  commit transaction
+  SQL (0.2ms)  UPDATE "users" SET "remotely_signed_out" = ? WHERE "users"."id" = ?  [["remotely_signed_out", "f"], ["id", 12]]
+   (246.9ms)  commit transaction
+Redirected to http://www.example-client.com/restricted
+Completed 302 Found in 507ms (ActiveRecord: 500.6ms)
+Started GET "/restricted" for 127.0.0.1 at 2016-11-25 13:44:00 +0000
+Processing by ExampleController#restricted as HTML
+  User Load (0.3ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? AND "users"."remotely_signed_out" = ?  ORDER BY "users"."id" ASC LIMIT 1  [["uid", "integration-uid"], ["remotely_signed_out", "f"]]
   Rendered text template (0.0ms)
-Completed 200 OK in 62ms (Views: 0.3ms | ActiveRecord: 0.9ms)
-Started GET "/restricted" for 127.0.0.1 at 2016-09-22 10:05:05 +0000
-Processing by ExampleController#restricted as JSON
-Completed   in 17ms (ActiveRecord: 0.0ms)
-Started GET "/restricted" for 127.0.0.1 at 2016-09-22 10:05:05 +0000
+Completed 200 OK in 4ms (Views: 0.6ms | ActiveRecord: 0.3ms)
+Started GET "/restricted" for 127.0.0.1 at 2016-11-25 13:44:00 +0000
 Processing by ExampleController#restricted as HTML
 Authenticating with gds_sso strategy
 Completed   in 0ms (ActiveRecord: 0.0ms)
-Started GET "/auth/gds" for 127.0.0.1 at 2016-09-22 10:05:05 +0000
-Started GET "/auth/gds/callback?code=f33621569eb850d2920725d2ffae4b5a1d3a02219b206f9f9e395facf097441c&state=410d48744ace8227473dd6eb6ea44c9532ea197569eac2cd" for 127.0.0.1 at 2016-09-22 10:05:05 +0000
+Started GET "/auth/gds" for 127.0.0.1 at 2016-11-25 13:44:00 +0000
+Started GET "/auth/gds/callback?code=55112b3e0436989f0cc684e21124051dc9a0c4985ba5bd0c0a3377079f728642&state=9f2d78f675b870239ed1b7178276eedfd6c16aaea1d543e4" for 127.0.0.1 at 2016-11-25 13:44:00 +0000
 Processing by AuthenticationsController#callback as HTML
-  Parameters: {"code"=>"f33621569eb850d2920725d2ffae4b5a1d3a02219b206f9f9e395facf097441c", "state"=>"410d48744ace8227473dd6eb6ea44c9532ea197569eac2cd"}
+  Parameters: {"code"=>"55112b3e0436989f0cc684e21124051dc9a0c4985ba5bd0c0a3377079f728642", "state"=>"9f2d78f675b870239ed1b7178276eedfd6c16aaea1d543e4"}
 Authenticating with gds_sso strategy
-  User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ?  ORDER BY "users"."id" ASC LIMIT 1  [["uid", "integration-uid"]]
+  User Load (0.2ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ?  ORDER BY "users"."id" ASC LIMIT 1  [["uid", "integration-uid"]]
    (0.1ms)  begin transaction
-  SQL (0.2ms)  UPDATE "users" SET "disabled" = ? WHERE "users"."id" = ?  [["disabled", "f"], ["id", 12]]
-   (39.3ms)  commit transaction
-   (0.1ms)  begin transaction
-   (0.0ms)  commit transaction
+   (0.1ms)  commit transaction
+   (0.1ms)  begin transaction
+   (0.1ms)  commit transaction
 Redirected to http://www.example-client.com/restricted
-Completed 302 Found in 44ms (ActiveRecord: 39.8ms)
-Started GET "/restricted" for 127.0.0.1 at 2016-09-22 10:05:06 +0000
+Completed 302 Found in 5ms (ActiveRecord: 0.4ms)
+Started GET "/restricted" for 127.0.0.1 at 2016-11-25 13:44:01 +0000
 Processing by ExampleController#restricted as HTML
-  User Load (0.2ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? AND "users"."remotely_signed_out" = ?  ORDER BY "users"."id" ASC LIMIT 1  [["uid", "integration-uid"], ["remotely_signed_out", "f"]]
+  User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? AND "users"."remotely_signed_out" = ?  ORDER BY "users"."id" ASC LIMIT 1  [["uid", "integration-uid"], ["remotely_signed_out", "f"]]
   Rendered text template (0.0ms)
-Completed 200 OK in 2ms (Views: 0.2ms | ActiveRecord: 0.2ms)
-Started GET "/restricted" for 127.0.0.1 at 2016-09-22 10:05:06 +0000
+Completed 200 OK in 2ms (Views: 0.3ms | ActiveRecord: 0.1ms)
+Started GET "/restricted" for 127.0.0.1 at 2016-11-25 13:44:01 +0000
 Processing by ExampleController#restricted as HTML
 Authenticating with gds_sso strategy
 Completed   in 0ms (ActiveRecord: 0.0ms)
-Started GET "/auth/gds" for 127.0.0.1 at 2016-09-22 10:05:06 +0000
-Started GET "/auth/gds/callback?code=6969705eb944424da444720d5419f8a77404816aefc8075bf0bb1a28a2cb0bb8&state=0250daf05dd3f2b4c635ac92ab300822850d79cfa312da59" for 127.0.0.1 at 2016-09-22 10:05:06 +0000
+Started GET "/auth/gds" for 127.0.0.1 at 2016-11-25 13:44:01 +0000
+Started GET "/auth/gds/callback?code=97fe3c4a409a4abe1419ac55c829f11c81aafe6b9d2c649676c180aee5c24750&state=e48e84d3df03d4468e1ab954d55b0486b92fb3e20c979a6f" for 127.0.0.1 at 2016-11-25 13:44:01 +0000
 Processing by AuthenticationsController#callback as HTML
-  Parameters: {"code"=>"6969705eb944424da444720d5419f8a77404816aefc8075bf0bb1a28a2cb0bb8", "state"=>"0250daf05dd3f2b4c635ac92ab300822850d79cfa312da59"}
+  Parameters: {"code"=>"97fe3c4a409a4abe1419ac55c829f11c81aafe6b9d2c649676c180aee5c24750", "state"=>"e48e84d3df03d4468e1ab954d55b0486b92fb3e20c979a6f"}
 Authenticating with gds_sso strategy
-  User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ?  ORDER BY "users"."id" ASC LIMIT 1  [["uid", "integration-uid"]]
-   (0.1ms)  begin transaction
-   (0.0ms)  commit transaction
-   (0.0ms)  begin transaction
-   (0.1ms)  commit transaction
+  User Load (0.2ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ?  ORDER BY "users"."id" ASC LIMIT 1  [["uid", "integration-uid"]]
+   (0.1ms)  begin transaction
+   (0.1ms)  commit transaction
+   (0.1ms)  begin transaction
+   (0.1ms)  commit transaction
 Redirected to http://www.example-client.com/restricted
-Completed 302 Found in 4ms (ActiveRecord: 0.3ms)
-Started GET "/restricted" for 127.0.0.1 at 2016-09-22 10:05:06 +0000
+Completed 302 Found in 4ms (ActiveRecord: 0.4ms)
+Started GET "/restricted" for 127.0.0.1 at 2016-11-25 13:44:01 +0000
 Processing by ExampleController#restricted as HTML
-  User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? AND "users"."remotely_signed_out" = ?  ORDER BY "users"."id" ASC LIMIT 1  [["uid", "integration-uid"], ["remotely_signed_out", "f"]]
+  User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? AND "users"."remotely_signed_out" = ?  ORDER BY "users"."id" ASC LIMIT 1  [["uid", "integration-uid"], ["remotely_signed_out", "f"]]
   Rendered text template (0.0ms)
-Completed 200 OK in 1ms (Views: 0.2ms | ActiveRecord: 0.1ms)
-Started GET "/this_requires_signin_permission" for 127.0.0.1 at 2016-09-22 10:05:06 +0000
+Completed 200 OK in 1ms (Views: 0.3ms | ActiveRecord: 0.1ms)
+Started GET "/this_requires_signin_permission" for 127.0.0.1 at 2016-11-25 13:44:01 +0000
 Processing by ExampleController#this_requires_signin_permission as HTML
 Authenticating with gds_sso strategy
 Completed   in 0ms (ActiveRecord: 0.0ms)
-Started GET "/auth/gds" for 127.0.0.1 at 2016-09-22 10:05:06 +0000
-Started GET "/auth/gds/callback?code=a6a37cf409cd1e11fb7c6e3832d8fc770c5204e6965a96ec999648e581c15ad5&state=db8939a8bf387015fdf492cf0e91964d23b0f4ae70402a34" for 127.0.0.1 at 2016-09-22 10:05:06 +0000
+Started GET "/auth/gds" for 127.0.0.1 at 2016-11-25 13:44:01 +0000
+Started GET "/auth/gds/callback?code=b720f5c47ad488aa3c2aa6a9c40b0d98685c585dd69abf70b5a096e9b027a5ec&state=e3797714256bd03d1b17dd097aba01c38ca2d39b404009fa" for 127.0.0.1 at 2016-11-25 13:44:01 +0000
 Processing by AuthenticationsController#callback as HTML
-  Parameters: {"code"=>"a6a37cf409cd1e11fb7c6e3832d8fc770c5204e6965a96ec999648e581c15ad5", "state"=>"db8939a8bf387015fdf492cf0e91964d23b0f4ae70402a34"}
+  Parameters: {"code"=>"b720f5c47ad488aa3c2aa6a9c40b0d98685c585dd69abf70b5a096e9b027a5ec", "state"=>"e3797714256bd03d1b17dd097aba01c38ca2d39b404009fa"}
 Authenticating with gds_sso strategy
-  User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ?  ORDER BY "users"."id" ASC LIMIT 1  [["uid", "integration-uid"]]
-   (0.1ms)  begin transaction
-   (0.0ms)  commit transaction
-   (0.0ms)  begin transaction
-   (0.0ms)  commit transaction
+  User Load (0.2ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ?  ORDER BY "users"."id" ASC LIMIT 1  [["uid", "integration-uid"]]
+   (0.1ms)  begin transaction
+   (0.1ms)  commit transaction
+   (0.1ms)  begin transaction
+   (0.1ms)  commit transaction
 Redirected to http://www.example-client.com/this_requires_signin_permission
-Completed 302 Found in 4ms (ActiveRecord: 0.3ms)
-Started GET "/this_requires_signin_permission" for 127.0.0.1 at 2016-09-22 10:05:06 +0000
+Completed 302 Found in 5ms (ActiveRecord: 0.4ms)
+Started GET "/this_requires_signin_permission" for 127.0.0.1 at 2016-11-25 13:44:01 +0000
 Processing by ExampleController#this_requires_signin_permission as HTML
-  User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? AND "users"."remotely_signed_out" = ?  ORDER BY "users"."id" ASC LIMIT 1  [["uid", "integration-uid"], ["remotely_signed_out", "f"]]
+  User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? AND "users"."remotely_signed_out" = ?  ORDER BY "users"."id" ASC LIMIT 1  [["uid", "integration-uid"], ["remotely_signed_out", "f"]]
   Rendered text template (0.0ms)
-Completed 200 OK in 1ms (Views: 0.2ms | ActiveRecord: 0.1ms)
-Started GET "/this_requires_signin_permission" for 127.0.0.1 at 2016-09-22 10:05:06 +0000
+Completed 200 OK in 2ms (Views: 0.3ms | ActiveRecord: 0.1ms)
+Started GET "/this_requires_signin_permission" for 127.0.0.1 at 2016-11-25 13:44:01 +0000
 Processing by ExampleController#this_requires_signin_permission as HTML
 Authenticating with gds_sso strategy
 Completed   in 0ms (ActiveRecord: 0.0ms)
-Started GET "/auth/gds" for 127.0.0.1 at 2016-09-22 10:05:06 +0000
-Started GET "/auth/gds/callback?code=539a9ca2c0484189f742ce7bb676685214a798074d47ee4e22efdfbd095e8973&state=48f2412bfad0fe0650dc775ff6e57a73145f806f79733f11" for 127.0.0.1 at 2016-09-22 10:05:06 +0000
+Started GET "/auth/gds" for 127.0.0.1 at 2016-11-25 13:44:01 +0000
+Started GET "/auth/gds/callback?code=1c66b2bc93853363593ce073ddc618681ff20b2bc038e1326e99088b0a7bb8ae&state=644fa6b26ac85fcbeaf539b0a3b42bdc98118ee7ad3a0fb0" for 127.0.0.1 at 2016-11-25 13:44:01 +0000
 Processing by AuthenticationsController#callback as HTML
-  Parameters: {"code"=>"539a9ca2c0484189f742ce7bb676685214a798074d47ee4e22efdfbd095e8973", "state"=>"48f2412bfad0fe0650dc775ff6e57a73145f806f79733f11"}
+  Parameters: {"code"=>"1c66b2bc93853363593ce073ddc618681ff20b2bc038e1326e99088b0a7bb8ae", "state"=>"644fa6b26ac85fcbeaf539b0a3b42bdc98118ee7ad3a0fb0"}
 Authenticating with gds_sso strategy
-  User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ?  ORDER BY "users"."id" ASC LIMIT 1  [["uid", "integration-uid"]]
-   (0.1ms)  begin transaction
-   (0.0ms)  commit transaction
-   (0.0ms)  begin transaction
-   (0.0ms)  commit transaction
+  User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ?  ORDER BY "users"."id" ASC LIMIT 1  [["uid", "integration-uid"]]
+   (0.1ms)  begin transaction
+   (0.1ms)  commit transaction
+   (0.1ms)  begin transaction
+   (0.1ms)  commit transaction
 Redirected to http://www.example-client.com/this_requires_signin_permission
-Completed 302 Found in 4ms (ActiveRecord: 0.3ms)
-Started GET "/this_requires_signin_permission" for 127.0.0.1 at 2016-09-22 10:05:06 +0000
+Completed 302 Found in 4ms (ActiveRecord: 0.4ms)
+Started GET "/this_requires_signin_permission" for 127.0.0.1 at 2016-11-25 13:44:01 +0000
 Processing by ExampleController#this_requires_signin_permission as HTML
-  User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? AND "users"."remotely_signed_out" = ?  ORDER BY "users"."id" ASC LIMIT 1  [["uid", "integration-uid"], ["remotely_signed_out", "f"]]
+  User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? AND "users"."remotely_signed_out" = ?  ORDER BY "users"."id" ASC LIMIT 1  [["uid", "integration-uid"], ["remotely_signed_out", "f"]]
   Rendered text template (0.0ms)
-Completed 200 OK in 2ms (Views: 0.2ms | ActiveRecord: 0.1ms)
-Started GET "/restricted" for 127.0.0.1 at 2016-09-22 10:05:06 +0000
+Completed 200 OK in 1ms (Views: 0.3ms | ActiveRecord: 0.1ms)
+Started GET "/restricted" for 127.0.0.1 at 2016-11-25 13:44:01 +0000
 Processing by ExampleController#restricted as HTML
 Authenticating with gds_sso strategy
 Completed   in 0ms (ActiveRecord: 0.0ms)
-Started GET "/auth/gds" for 127.0.0.1 at 2016-09-22 10:05:06 +0000
-Started GET "/auth/gds/callback?code=a61cdeaa131ffcac90e60b867a4a7dde2117c4e955f06ac77eaf8fe39075a7be&state=f256db33fd29304cda9cc6f2b0c8d352513ffa4b6de6c07e" for 127.0.0.1 at 2016-09-22 10:05:06 +0000
+Started GET "/auth/gds" for 127.0.0.1 at 2016-11-25 13:44:01 +0000
+Started GET "/auth/gds/callback?code=0eef37849744379db73f6df0c3a9c1ab11cc6c0454e8ec59f6c624edc9a3d83d&state=3fac31e26fef953d07e1ea1a622e890654fcd4be2be1971f" for 127.0.0.1 at 2016-11-25 13:44:01 +0000
 Processing by AuthenticationsController#callback as HTML
-  Parameters: {"code"=>"a61cdeaa131ffcac90e60b867a4a7dde2117c4e955f06ac77eaf8fe39075a7be", "state"=>"f256db33fd29304cda9cc6f2b0c8d352513ffa4b6de6c07e"}
+  Parameters: {"code"=>"0eef37849744379db73f6df0c3a9c1ab11cc6c0454e8ec59f6c624edc9a3d83d", "state"=>"3fac31e26fef953d07e1ea1a622e890654fcd4be2be1971f"}
 Authenticating with gds_sso strategy
-  User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ?  ORDER BY "users"."id" ASC LIMIT 1  [["uid", "integration-uid"]]
-   (0.1ms)  begin transaction
-   (0.1ms)  commit transaction
-   (0.0ms)  begin transaction
-   (0.0ms)  commit transaction
+  User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ?  ORDER BY "users"."id" ASC LIMIT 1  [["uid", "integration-uid"]]
+   (0.1ms)  begin transaction
+   (0.1ms)  commit transaction
+   (0.1ms)  begin transaction
+   (0.1ms)  commit transaction
 Redirected to http://www.example-client.com/restricted
-Completed 302 Found in 4ms (ActiveRecord: 0.4ms)
-Started GET "/restricted" for 127.0.0.1 at 2016-09-22 10:05:06 +0000
+Completed 302 Found in 5ms (ActiveRecord: 0.4ms)
+Started GET "/restricted" for 127.0.0.1 at 2016-11-25 13:44:01 +0000
 Processing by ExampleController#restricted as HTML
-  User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? AND "users"."remotely_signed_out" = ?  ORDER BY "users"."id" ASC LIMIT 1  [["uid", "integration-uid"], ["remotely_signed_out", "f"]]
-  Rendered text template (0.0ms)
-Completed 200 OK in 1ms (Views: 0.2ms | ActiveRecord: 0.1ms)
-Started GET "/" for 127.0.0.1 at 2016-09-22 10:05:06 +0000
-Processing by ExampleController#index as HTML
+  User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? AND "users"."remotely_signed_out" = ?  ORDER BY "users"."id" ASC LIMIT 1  [["uid", "integration-uid"], ["remotely_signed_out", "f"]]
   Rendered text template (0.0ms)
-Completed 200 OK in 1ms (Views: 0.3ms | ActiveRecord: 0.0ms)
-Started GET "/restricted" for 127.0.0.1 at 2016-09-22 10:05:06 +0000
+Completed 200 OK in 2ms (Views: 0.4ms | ActiveRecord: 0.1ms)
+Started GET "/restricted" for 127.0.0.1 at 2016-11-26 09:49:01 +0000
 Processing by ExampleController#restricted as HTML
 Authenticating with gds_sso strategy
-Completed   in 0ms (ActiveRecord: 0.0ms)
-Started GET "/auth/gds" for 127.0.0.1 at 2016-09-22 10:05:06 +0000
-Started GET "/auth/gds/callback?code=c26b370a1eeec668c1e2d189eb0b84d6e144f880654d291bc7d64dab2e4eee3e&state=f4f486980cc657831069d6316115c7dd549aa38320c7d4d6" for 127.0.0.1 at 2016-09-22 10:05:07 +0000
+Completed   in 1ms (ActiveRecord: 0.0ms)
+Started GET "/auth/gds" for 127.0.0.1 at 2016-11-26 09:49:01 +0000
+Started GET "/auth/gds/callback?code=4a535912bbaf726c29f2ba86838fa2508865787d2c2f97a34de60fc2db09577d&state=e2593e5b8190f1f67f5bb52ed37c69f96671e51442786701" for 127.0.0.1 at 2016-11-26 09:49:02 +0000
 Processing by AuthenticationsController#callback as HTML
-  Parameters: {"code"=>"c26b370a1eeec668c1e2d189eb0b84d6e144f880654d291bc7d64dab2e4eee3e", "state"=>"f4f486980cc657831069d6316115c7dd549aa38320c7d4d6"}
+  Parameters: {"code"=>"4a535912bbaf726c29f2ba86838fa2508865787d2c2f97a34de60fc2db09577d", "state"=>"e2593e5b8190f1f67f5bb52ed37c69f96671e51442786701"}
 Authenticating with gds_sso strategy
-  User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ?  ORDER BY "users"."id" ASC LIMIT 1  [["uid", "integration-uid"]]
-   (0.1ms)  begin transaction
-   (0.1ms)  commit transaction
-   (0.0ms)  begin transaction
-   (0.0ms)  commit transaction
+  User Load (0.2ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ?  ORDER BY "users"."id" ASC LIMIT 1  [["uid", "integration-uid"]]
+   (0.1ms)  begin transaction
+   (0.3ms)  commit transaction
+   (0.1ms)  begin transaction
+   (0.1ms)  commit transaction
 Redirected to http://www.example-client.com/restricted
-Completed 302 Found in 4ms (ActiveRecord: 0.4ms)
-Started GET "/restricted" for 127.0.0.1 at 2016-09-22 10:05:07 +0000
-Processing by ExampleController#restricted as HTML
-  User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? AND "users"."remotely_signed_out" = ?  ORDER BY "users"."id" ASC LIMIT 1  [["uid", "integration-uid"], ["remotely_signed_out", "f"]]
-  Rendered text template (0.0ms)
-Completed 200 OK in 1ms (Views: 0.2ms | ActiveRecord: 0.1ms)
-Started GET "/restricted" for 127.0.0.1 at 2016-09-23 06:10:07 +0000
+Completed 302 Found in 5ms (ActiveRecord: 0.7ms)
+Started GET "/restricted" for 127.0.0.1 at 2016-11-26 09:49:02 +0000
 Processing by ExampleController#restricted as HTML
-Authenticating with gds_sso strategy
-Completed   in 0ms (ActiveRecord: 0.0ms)
-Started GET "/auth/gds" for 127.0.0.1 at 2016-09-23 06:10:07 +0000
-Started GET "/restricted" for 127.0.0.1 at 2016-09-22 10:05:07 +0000
+  User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? AND "users"."remotely_signed_out" = ?  ORDER BY "users"."id" ASC LIMIT 1  [["uid", "integration-uid"], ["remotely_signed_out", "f"]]
+  Rendered text template (0.1ms)
+Completed 200 OK in 2ms (Views: 0.4ms | ActiveRecord: 0.1ms)
+Started GET "/restricted" for 127.0.0.1 at 2016-11-25 13:44:02 +0000
 Processing by ExampleController#restricted as HTML
 Authenticating with gds_sso strategy
 Completed   in 0ms (ActiveRecord: 0.0ms)
-Started GET "/auth/gds" for 127.0.0.1 at 2016-09-22 10:05:07 +0000
-Started GET "/auth/gds/callback?code=db5092dc90efc353f73bcf070a7e51fb8fc5341c4f49985396c9f3144130cc92&state=5fe1ff6b9809b6e6b455aef3a0da588f8a804a108a1c12e0" for 127.0.0.1 at 2016-09-22 10:05:07 +0000
+Started GET "/auth/gds" for 127.0.0.1 at 2016-11-25 13:44:02 +0000
+Started GET "/auth/gds/callback?code=9f1f0a040a9a52aafc0f018f32e878ebe193a739f6da233a6d5ac70832085d5b&state=3e8d2364176666119009c02519aca7cdcd154c763e9e7f98" for 127.0.0.1 at 2016-11-25 13:44:02 +0000
 Processing by AuthenticationsController#callback as HTML
-  Parameters: {"code"=>"db5092dc90efc353f73bcf070a7e51fb8fc5341c4f49985396c9f3144130cc92", "state"=>"5fe1ff6b9809b6e6b455aef3a0da588f8a804a108a1c12e0"}
+  Parameters: {"code"=>"9f1f0a040a9a52aafc0f018f32e878ebe193a739f6da233a6d5ac70832085d5b", "state"=>"3e8d2364176666119009c02519aca7cdcd154c763e9e7f98"}
 Authenticating with gds_sso strategy
-  User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ?  ORDER BY "users"."id" ASC LIMIT 1  [["uid", "integration-uid"]]
-   (0.1ms)  begin transaction
-   (0.0ms)  commit transaction
-   (0.1ms)  begin transaction
-   (0.1ms)  commit transaction
+  User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ?  ORDER BY "users"."id" ASC LIMIT 1  [["uid", "integration-uid"]]
+   (0.1ms)  begin transaction
+   (0.1ms)  commit transaction
+   (0.1ms)  begin transaction
+   (0.1ms)  commit transaction
 Redirected to http://www.example-client.com/restricted
 Completed 302 Found in 5ms (ActiveRecord: 0.4ms)
-Started GET "/restricted" for 127.0.0.1 at 2016-09-22 10:05:07 +0000
+Started GET "/restricted" for 127.0.0.1 at 2016-11-25 13:44:02 +0000
 Processing by ExampleController#restricted as HTML
-  User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? AND "users"."remotely_signed_out" = ?  ORDER BY "users"."id" ASC LIMIT 1  [["uid", "integration-uid"], ["remotely_signed_out", "f"]]
+  User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? AND "users"."remotely_signed_out" = ?  ORDER BY "users"."id" ASC LIMIT 1  [["uid", "integration-uid"], ["remotely_signed_out", "f"]]
   Rendered text template (0.0ms)
 Completed 200 OK in 2ms (Views: 0.3ms | ActiveRecord: 0.1ms)
-Started GET "/restricted" for 127.0.0.1 at 2016-09-23 06:10:07 +0000
+Started GET "/restricted" for 127.0.0.1 at 2016-11-26 09:49:02 +0000
 Processing by ExampleController#restricted as HTML
 Authenticating with gds_sso strategy
 Completed   in 1ms (ActiveRecord: 0.0ms)
-Started GET "/auth/gds" for 127.0.0.1 at 2016-09-23 06:10:07 +0000
-Started GET "/auth/gds/callback?code=8a5e252b43f8c7b6e8c0e89688dd1eb341180131fa30bb00184172c75237b064&state=d429c8a382f5fcfb3137d2c814781de6798f29e03be4fdbc" for 127.0.0.1 at 2016-09-23 06:10:07 +0000
+Started GET "/auth/gds" for 127.0.0.1 at 2016-11-26 09:49:02 +0000
+Started GET "/restricted" for 127.0.0.1 at 2016-11-25 13:44:02 +0000
+Processing by ExampleController#restricted as HTML
+Authenticating with gds_sso strategy
+Completed   in 0ms (ActiveRecord: 0.0ms)
+Started GET "/auth/gds" for 127.0.0.1 at 2016-11-25 13:44:02 +0000
+Started GET "/auth/gds/callback?code=e6182dd9a8a4c90de0bc3778feda841b03003ec8a1f0dcaed046d030468b0709&state=745b5439b70881cd8057544a5f32d6541adef54c55dd5ad2" for 127.0.0.1 at 2016-11-25 13:44:02 +0000
 Processing by AuthenticationsController#callback as HTML
-  Parameters: {"code"=>"8a5e252b43f8c7b6e8c0e89688dd1eb341180131fa30bb00184172c75237b064", "state"=>"d429c8a382f5fcfb3137d2c814781de6798f29e03be4fdbc"}
+  Parameters: {"code"=>"e6182dd9a8a4c90de0bc3778feda841b03003ec8a1f0dcaed046d030468b0709", "state"=>"745b5439b70881cd8057544a5f32d6541adef54c55dd5ad2"}
 Authenticating with gds_sso strategy
-  User Load (0.2ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ?  ORDER BY "users"."id" ASC LIMIT 1  [["uid", "integration-uid"]]
-   (0.1ms)  begin transaction
-   (0.1ms)  commit transaction
-   (0.1ms)  begin transaction
-   (0.1ms)  commit transaction
+  User Load (0.2ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ?  ORDER BY "users"."id" ASC LIMIT 1  [["uid", "integration-uid"]]
+   (0.1ms)  begin transaction
+   (0.1ms)  commit transaction
+   (0.1ms)  begin transaction
+   (0.1ms)  commit transaction
 Redirected to http://www.example-client.com/restricted
-Completed 302 Found in 5ms (ActiveRecord: 0.5ms)
-Started GET "/restricted" for 127.0.0.1 at 2016-09-23 06:10:07 +0000
+Completed 302 Found in 5ms (ActiveRecord: 0.4ms)
+Started GET "/restricted" for 127.0.0.1 at 2016-11-25 13:44:02 +0000
+Processing by ExampleController#restricted as HTML
+  User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? AND "users"."remotely_signed_out" = ?  ORDER BY "users"."id" ASC LIMIT 1  [["uid", "integration-uid"], ["remotely_signed_out", "f"]]
+  Rendered text template (0.0ms)
+Completed 200 OK in 2ms (Views: 0.4ms | ActiveRecord: 0.1ms)
+Started GET "/restricted" for 127.0.0.1 at 2016-11-26 09:39:02 +0000
 Processing by ExampleController#restricted as HTML
   User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? AND "users"."remotely_signed_out" = ?  ORDER BY "users"."id" ASC LIMIT 1  [["uid", "integration-uid"], ["remotely_signed_out", "f"]]
   Rendered text template (0.0ms)
 Completed 200 OK in 2ms (Views: 0.3ms | ActiveRecord: 0.1ms)
-Started GET "/restricted" for 127.0.0.1 at 2016-09-22 10:05:07 +0000
+Started GET "/restricted" for 127.0.0.1 at 2016-11-25 13:44:02 +0000
 Processing by ExampleController#restricted as HTML
 Authenticating with gds_sso strategy
 Completed   in 0ms (ActiveRecord: 0.0ms)
-Started GET "/auth/gds" for 127.0.0.1 at 2016-09-22 10:05:07 +0000
-Started GET "/auth/gds/callback?code=1455bb937ed2f8e76290657a6d3580f33ee1db0b207f3ee789fb2231adc7498f&state=e1e25df1e85817c2a8d761bec3dc0f387f950b6623ea9abb" for 127.0.0.1 at 2016-09-22 10:05:07 +0000
+Started GET "/auth/gds" for 127.0.0.1 at 2016-11-25 13:44:02 +0000
+Started GET "/auth/gds/callback?code=ac6ea4384f64b9ff95c2684f4337e55fa0175f6b72600ca38778264694814fb3&state=23e2e2d01dfa08ccb5ed2fc4e734a847a5e11b7236ccf6e9" for 127.0.0.1 at 2016-11-25 13:44:02 +0000
 Processing by AuthenticationsController#callback as HTML
-  Parameters: {"code"=>"1455bb937ed2f8e76290657a6d3580f33ee1db0b207f3ee789fb2231adc7498f", "state"=>"e1e25df1e85817c2a8d761bec3dc0f387f950b6623ea9abb"}
+  Parameters: {"code"=>"ac6ea4384f64b9ff95c2684f4337e55fa0175f6b72600ca38778264694814fb3", "state"=>"23e2e2d01dfa08ccb5ed2fc4e734a847a5e11b7236ccf6e9"}
 Authenticating with gds_sso strategy
-  User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ?  ORDER BY "users"."id" ASC LIMIT 1  [["uid", "integration-uid"]]
+  User Load (0.2ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ?  ORDER BY "users"."id" ASC LIMIT 1  [["uid", "integration-uid"]]
+   (0.1ms)  begin transaction
+   (0.1ms)  commit transaction
    (0.1ms)  begin transaction
    (0.1ms)  commit transaction
-   (0.0ms)  begin transaction
-   (0.0ms)  commit transaction
 Redirected to http://www.example-client.com/restricted
-Completed 302 Found in 4ms (ActiveRecord: 0.3ms)
-Started GET "/restricted" for 127.0.0.1 at 2016-09-22 10:05:07 +0000
+Completed 302 Found in 5ms (ActiveRecord: 0.4ms)
+Started GET "/restricted" for 127.0.0.1 at 2016-11-25 13:44:02 +0000
 Processing by ExampleController#restricted as HTML
   User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? AND "users"."remotely_signed_out" = ?  ORDER BY "users"."id" ASC LIMIT 1  [["uid", "integration-uid"], ["remotely_signed_out", "f"]]
   Rendered text template (0.0ms)
 Completed 200 OK in 1ms (Views: 0.3ms | ActiveRecord: 0.1ms)
-Started GET "/restricted" for 127.0.0.1 at 2016-09-23 06:00:07 +0000
-Processing by ExampleController#restricted as HTML
-  User Load (0.2ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? AND "users"."remotely_signed_out" = ?  ORDER BY "users"."id" ASC LIMIT 1  [["uid", "integration-uid"], ["remotely_signed_out", "f"]]
-  Rendered text template (0.0ms)
-Completed 200 OK in 2ms (Views: 0.3ms | ActiveRecord: 0.2ms)
-Started GET "/restricted" for 127.0.0.1 at 2016-09-22 10:05:07 +0000
+  User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."email" = ?  ORDER BY "users"."id" ASC LIMIT 1  [["email", "test@example-client.com"]]
+   (0.1ms)  begin transaction
+  SQL (0.2ms)  UPDATE "users" SET "remotely_signed_out" = ? WHERE "users"."id" = ?  [["remotely_signed_out", "t"], ["id", 12]]
+   (164.2ms)  commit transaction
+Started GET "/restricted" for 127.0.0.1 at 2016-11-25 13:44:03 +0000
 Processing by ExampleController#restricted as HTML
+  User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? AND "users"."remotely_signed_out" = ?  ORDER BY "users"."id" ASC LIMIT 1  [["uid", "integration-uid"], ["remotely_signed_out", "f"]]
 Authenticating with gds_sso strategy
-Completed   in 0ms (ActiveRecord: 0.0ms)
-Started GET "/auth/gds" for 127.0.0.1 at 2016-09-22 10:05:07 +0000
-Started GET "/auth/gds/callback?code=0c2dbb08a44c92bb569750a41a7c9d725fe2d83f2f8cdfa7b3abba1cdaad9dbd&state=1de7cab3fe76ffe238056bd262630fdf91e740fe8c98f408" for 127.0.0.1 at 2016-09-22 10:05:07 +0000
+Completed   in 2ms (ActiveRecord: 0.1ms)
+Started GET "/auth/gds" for 127.0.0.1 at 2016-11-25 13:44:03 +0000
+Started GET "/auth/gds/callback?code=63614c1ec3e831218c836cd59d6e2831e1001797e39509a7acae36083adab320&state=8d27838d7bb70a65ce13441a30b11400f817e91f9886cb7b" for 127.0.0.1 at 2016-11-25 13:44:03 +0000
 Processing by AuthenticationsController#callback as HTML
-  Parameters: {"code"=>"0c2dbb08a44c92bb569750a41a7c9d725fe2d83f2f8cdfa7b3abba1cdaad9dbd", "state"=>"1de7cab3fe76ffe238056bd262630fdf91e740fe8c98f408"}
+  Parameters: {"code"=>"63614c1ec3e831218c836cd59d6e2831e1001797e39509a7acae36083adab320", "state"=>"8d27838d7bb70a65ce13441a30b11400f817e91f9886cb7b"}
 Authenticating with gds_sso strategy
-  User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ?  ORDER BY "users"."id" ASC LIMIT 1  [["uid", "integration-uid"]]
+  User Load (0.2ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ?  ORDER BY "users"."id" ASC LIMIT 1  [["uid", "integration-uid"]]
    (0.1ms)  begin transaction
-   (0.0ms)  commit transaction
-   (0.0ms)  begin transaction
-   (0.0ms)  commit transaction
-Redirected to http://www.example-client.com/restricted
-Completed 302 Found in 4ms (ActiveRecord: 0.3ms)
-Started GET "/restricted" for 127.0.0.1 at 2016-09-22 10:05:08 +0000
-Processing by ExampleController#restricted as HTML
-  User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? AND "users"."remotely_signed_out" = ?  ORDER BY "users"."id" ASC LIMIT 1  [["uid", "integration-uid"], ["remotely_signed_out", "f"]]
-  Rendered text template (0.0ms)
-Completed 200 OK in 1ms (Views: 0.3ms | ActiveRecord: 0.1ms)
-  User Load (0.2ms)  SELECT  "users".* FROM "users" WHERE "users"."email" = ?  ORDER BY "users"."id" ASC LIMIT 1  [["email", "test@example-client.com"]]
+   (0.1ms)  commit transaction
    (0.1ms)  begin transaction
-  SQL (0.1ms)  UPDATE "users" SET "remotely_signed_out" = ? WHERE "users"."id" = ?  [["remotely_signed_out", "t"], ["id", 12]]
-   (11.3ms)  commit transaction
-Started GET "/restricted" for 127.0.0.1 at 2016-09-22 10:05:08 +0000
+  SQL (0.2ms)  UPDATE "users" SET "remotely_signed_out" = ? WHERE "users"."id" = ?  [["remotely_signed_out", "f"], ["id", 12]]
+   (163.5ms)  commit transaction
+Redirected to http://www.example-client.com/restricted
+Completed 302 Found in 169ms (ActiveRecord: 164.0ms)
+Started GET "/restricted" for 127.0.0.1 at 2016-11-25 13:44:03 +0000
 Processing by ExampleController#restricted as HTML
   User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? AND "users"."remotely_signed_out" = ?  ORDER BY "users"."id" ASC LIMIT 1  [["uid", "integration-uid"], ["remotely_signed_out", "f"]]
-Authenticating with gds_sso strategy
-Completed   in 1ms (ActiveRecord: 0.1ms)
-Started GET "/auth/gds" for 127.0.0.1 at 2016-09-22 10:05:08 +0000
-Started GET "/auth/gds/callback?code=5895acf7fd8a9dad17e50b058c3e9977cae84505a70d0cdb8949dd65d25421f9&state=26c7545bc20bbf552e49f3e7654efcef0c9c18e0637a7218" for 127.0.0.1 at 2016-09-22 10:05:08 +0000
-Processing by AuthenticationsController#callback as HTML
-  Parameters: {"code"=>"5895acf7fd8a9dad17e50b058c3e9977cae84505a70d0cdb8949dd65d25421f9", "state"=>"26c7545bc20bbf552e49f3e7654efcef0c9c18e0637a7218"}
-Authenticating with gds_sso strategy
+  Rendered text template (0.0ms)
+Completed 200 OK in 2ms (Views: 0.3ms | ActiveRecord: 0.1ms)
+Started GET "/restricted" for 127.0.0.1 at 2016-11-25 13:44:03 +0000
+Processing by ExampleController#restricted as JSON
+Completed   in 18ms (ActiveRecord: 0.0ms)
+Started GET "/restricted" for 127.0.0.1 at 2016-11-25 13:44:03 +0000
+Processing by ExampleController#restricted as JSON
   User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ?  ORDER BY "users"."id" ASC LIMIT 1  [["uid", "integration-uid"]]
    (0.1ms)  begin transaction
-   (0.0ms)  commit transaction
-   (0.0ms)  begin transaction
-  SQL (0.1ms)  UPDATE "users" SET "remotely_signed_out" = ? WHERE "users"."id" = ?  [["remotely_signed_out", "f"], ["id", 12]]
-   (143.0ms)  commit transaction
-Redirected to http://www.example-client.com/restricted
-Completed 302 Found in 147ms (ActiveRecord: 143.4ms)
-Started GET "/restricted" for 127.0.0.1 at 2016-09-22 10:05:08 +0000
-Processing by ExampleController#restricted as HTML
-  User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? AND "users"."remotely_signed_out" = ?  ORDER BY "users"."id" ASC LIMIT 1  [["uid", "integration-uid"], ["remotely_signed_out", "f"]]
+  SQL (0.2ms)  UPDATE "users" SET "disabled" = ? WHERE "users"."id" = ?  [["disabled", nil], ["id", 12]]
+   (190.5ms)  commit transaction
+  User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ?  ORDER BY "users"."id" ASC LIMIT 1  [["uid", "integration-uid"]]
+   (0.2ms)  begin transaction
+   (0.1ms)  commit transaction
+  CACHE (0.0ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ?  ORDER BY "users"."id" ASC LIMIT 1  [["uid", "integration-uid"]]
+   (0.1ms)  begin transaction
+   (0.1ms)  commit transaction
+  CACHE (0.0ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ?  ORDER BY "users"."id" ASC LIMIT 1  [["uid", "integration-uid"]]
+   (0.1ms)  begin transaction
+   (0.1ms)  commit transaction
+   (0.1ms)  begin transaction
+   (0.1ms)  commit transaction
   Rendered text template (0.0ms)
-Completed 200 OK in 1ms (Views: 0.2ms | ActiveRecord: 0.1ms)
-   (19.4ms)  CREATE TABLE "users" ("id" INTEGER PRIMARY KEY AUTOINCREMENT NOT NULL, "name" varchar NOT NULL, "uid" varchar NOT NULL, "email" varchar NOT NULL, "remotely_signed_out" boolean, "permissions" text, "organisation_slug" varchar, "organisation_content_id" varchar, "disabled" boolean DEFAULT 'f')
-   (10.3ms)  CREATE TABLE "ar_internal_metadata" ("key" varchar NOT NULL PRIMARY KEY, "value" varchar, "created_at" datetime NOT NULL, "updated_at" datetime NOT NULL)
+Completed 200 OK in 261ms (Views: 0.3ms | ActiveRecord: 191.8ms)
+Started GET "/restricted" for 127.0.0.1 at 2016-11-25 13:44:03 +0000
+Processing by ExampleController#restricted as JSON
+Completed   in 16ms (ActiveRecord: 0.0ms)
+Started GET "/this_requires_signin_permission" for 127.0.0.1 at 2016-11-25 13:44:03 +0000
+Processing by ExampleController#this_requires_signin_permission as JSON
+  User Load (0.2ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ?  ORDER BY "users"."id" ASC LIMIT 1  [["uid", "integration-uid"]]
+   (0.1ms)  begin transaction
+   (0.1ms)  commit transaction
+  CACHE (0.0ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ?  ORDER BY "users"."id" ASC LIMIT 1  [["uid", "integration-uid"]]
+   (0.1ms)  begin transaction
+   (0.1ms)  commit transaction
+  CACHE (0.0ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ?  ORDER BY "users"."id" ASC LIMIT 1  [["uid", "integration-uid"]]
+   (0.1ms)  begin transaction
+   (0.1ms)  commit transaction
+  CACHE (0.0ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ?  ORDER BY "users"."id" ASC LIMIT 1  [["uid", "integration-uid"]]
+   (0.1ms)  begin transaction
+   (0.1ms)  commit transaction
+   (0.1ms)  begin transaction
+   (0.1ms)  commit transaction
+  Rendered text template (0.0ms)
+Completed 200 OK in 69ms (Views: 0.3ms | ActiveRecord: 1.0ms)
+   (134.4ms)  CREATE TABLE "users" ("id" INTEGER PRIMARY KEY AUTOINCREMENT NOT NULL, "name" varchar NOT NULL, "uid" varchar NOT NULL, "email" varchar NOT NULL, "remotely_signed_out" boolean, "permissions" text, "organisation_slug" varchar, "organisation_content_id" varchar, "disabled" boolean DEFAULT 'f')
+   (115.1ms)  CREATE TABLE "ar_internal_metadata" ("key" varchar NOT NULL PRIMARY KEY, "value" varchar, "created_at" datetime NOT NULL, "updated_at" datetime NOT NULL)
   ActiveRecord::InternalMetadata Load (0.2ms)  SELECT  "ar_internal_metadata".* FROM "ar_internal_metadata" WHERE "ar_internal_metadata"."key" = ? LIMIT ?  [["key", :environment], ["LIMIT", 1]]
    (0.1ms)  begin transaction
-  SQL (0.1ms)  INSERT INTO "ar_internal_metadata" ("key", "value", "created_at", "updated_at") VALUES (?, ?, ?, ?)  [["key", "environment"], ["value", "test"], ["created_at", 2016-09-22 10:05:11 UTC], ["updated_at", 2016-09-22 10:05:11 UTC]]
-   (8.1ms)  commit transaction
-   (25.7ms)  CREATE TABLE "schema_migrations" ("version" varchar NOT NULL PRIMARY KEY)
-  ActiveRecord::InternalMetadata Load (0.1ms)  SELECT  "ar_internal_metadata".* FROM "ar_internal_metadata" WHERE "ar_internal_metadata"."key" = ? LIMIT ?  [["key", :environment], ["LIMIT", 1]]
-   (0.0ms)  begin transaction
-   (0.0ms)  commit transaction
-   (0.1ms)  begin transaction
-  SQL (0.2ms)  INSERT INTO "users" ("name", "uid", "email", "permissions") VALUES (?, ?, ?, ?)  [["name", "Moshua Jarshall"], ["uid", "a1s2d34324"], ["email", "old@domain.com"], ["permissions", "---\n- signin\n"]]
-   (22.4ms)  commit transaction
-   (0.1ms)  begin transaction
-  SQL (0.2ms)  INSERT INTO "users" ("name", "uid", "email", "permissions") VALUES (?, ?, ?, ?)  [["name", "SSO Push user"], ["uid", "a1s2d32175"], ["email", "ssopushuser@legit.com"], ["permissions", "---\n- signin\n- user_update_permission\n"]]
-   (41.7ms)  commit transaction
-Processing by Api::UserController#update as HTML
-  Parameters: {"uid"=>"a1s2d34324"}
-  Rendering /home/jenkins/workspace/govuk_gds_sso/app/views/authorisations/unauthorised.html.erb within layouts/unauthorised
-  Rendered /home/jenkins/workspace/govuk_gds_sso/app/views/authorisations/unauthorised.html.erb within layouts/unauthorised (0.2ms)
-Completed 403 Forbidden in 8ms (Views: 7.5ms | ActiveRecord: 0.0ms)
-   (0.1ms)  begin transaction
-  SQL (0.2ms)  INSERT INTO "users" ("name", "uid", "email", "permissions") VALUES (?, ?, ?, ?)  [["name", "Moshua Jarshall"], ["uid", "a1s2d34566"], ["email", "old@domain.com"], ["permissions", "---\n- signin\n"]]
-   (19.1ms)  commit transaction
-   (0.1ms)  begin transaction
-  SQL (0.2ms)  INSERT INTO "users" ("name", "uid", "email", "permissions") VALUES (?, ?, ?, ?)  [["name", "SSO Push user"], ["uid", "a1s2d39587"], ["email", "ssopushuser@legit.com"], ["permissions", "---\n- signin\n- user_update_permission\n"]]
-   (25.3ms)  commit transaction
-Processing by Api::UserController#update as HTML
-  Parameters: {"uid"=>"a1s2d34566"}
-  User Load (0.2ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? ORDER BY "users"."id" ASC LIMIT ?  [["uid", "a1s2d34566"], ["LIMIT", 1]]
-   (0.1ms)  begin transaction
-  SQL (0.2ms)  UPDATE "users" SET "email" = ?, "name" = ?, "permissions" = ?, "organisation_slug" = ?, "organisation_content_id" = ? WHERE "users"."id" = ?  [["email", "user@domain.com"], ["name", "Joshua Marshall"], ["permissions", "---\n- signin\n- new permission\n"], ["organisation_slug", "justice-league"], ["organisation_content_id", "aae1319e-5788-4677-998c-f1a53af528d0"], ["id", 3]]
-   (12.3ms)  commit transaction
-Completed 200 OK in 18ms (ActiveRecord: 12.8ms)
-  User Load (0.2ms)  SELECT  "users".* FROM "users" WHERE "users"."id" = ? LIMIT ?  [["id", 3], ["LIMIT", 1]]
-   (0.1ms)  begin transaction
-  SQL (0.2ms)  INSERT INTO "users" ("name", "uid", "email", "permissions") VALUES (?, ?, ?, ?)  [["name", "Moshua Jarshall"], ["uid", "a1s2d35760"], ["email", "old@domain.com"], ["permissions", "---\n- signin\n"]]
-   (18.0ms)  commit transaction
-   (0.1ms)  begin transaction
-  SQL (0.2ms)  INSERT INTO "users" ("name", "uid", "email", "permissions") VALUES (?, ?, ?, ?)  [["name", "SSO Push user"], ["uid", "a1s2d32926"], ["email", "ssopushuser@legit.com"], ["permissions", "---\n- signin\n- user_update_permission\n"]]
-   (18.2ms)  commit transaction
-Processing by Api::UserController#reauth as HTML
-  Parameters: {"uid"=>"a1s2d35760"}
-  User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? ORDER BY "users"."id" ASC LIMIT ?  [["uid", "a1s2d35760"], ["LIMIT", 1]]
-   (0.1ms)  begin transaction
-  SQL (0.2ms)  UPDATE "users" SET "remotely_signed_out" = ? WHERE "users"."id" = ?  [["remotely_signed_out", true], ["id", 5]]
-   (20.0ms)  commit transaction
-Completed 200 OK in 23ms (ActiveRecord: 20.3ms)
-  User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."id" = ? LIMIT ?  [["id", 5], ["LIMIT", 1]]
-   (0.1ms)  begin transaction
-  SQL (0.2ms)  INSERT INTO "users" ("name", "uid", "email", "permissions") VALUES (?, ?, ?, ?)  [["name", "Moshua Jarshall"], ["uid", "a1s2d32174"], ["email", "old@domain.com"], ["permissions", "---\n- signin\n"]]
-   (7.3ms)  commit transaction
-   (0.1ms)  begin transaction
-  SQL (0.2ms)  INSERT INTO "users" ("name", "uid", "email", "permissions") VALUES (?, ?, ?, ?)  [["name", "SSO Push user"], ["uid", "a1s2d32940"], ["email", "ssopushuser@legit.com"], ["permissions", "---\n- signin\n- user_update_permission\n"]]
-   (19.0ms)  commit transaction
-Processing by Api::UserController#reauth as HTML
-  Parameters: {"uid"=>"a1s2d32174"}
-  Rendering /home/jenkins/workspace/govuk_gds_sso/app/views/authorisations/unauthorised.html.erb within layouts/unauthorised
-  Rendered /home/jenkins/workspace/govuk_gds_sso/app/views/authorisations/unauthorised.html.erb within layouts/unauthorised (0.0ms)
-Completed 403 Forbidden in 1ms (Views: 0.5ms | ActiveRecord: 0.0ms)
-   (0.1ms)  begin transaction
-  SQL (0.2ms)  INSERT INTO "users" ("name", "uid", "email", "permissions") VALUES (?, ?, ?, ?)  [["name", "Moshua Jarshall"], ["uid", "a1s2d37777"], ["email", "old@domain.com"], ["permissions", "---\n- signin\n"]]
-   (22.2ms)  commit transaction
-   (0.1ms)  begin transaction
-  SQL (0.2ms)  INSERT INTO "users" ("name", "uid", "email", "permissions") VALUES (?, ?, ?, ?)  [["name", "SSO Push user"], ["uid", "a1s2d374"], ["email", "ssopushuser@legit.com"], ["permissions", "---\n- signin\n- user_update_permission\n"]]
-   (23.4ms)  commit transaction
-Processing by Api::UserController#reauth as HTML
-  Parameters: {"uid"=>"nonexistent-user"}
-  User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? ORDER BY "users"."id" ASC LIMIT ?  [["uid", "nonexistent-user"], ["LIMIT", 1]]
-Completed 200 OK in 1ms (ActiveRecord: 0.1ms)
-  User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? ORDER BY "users"."id" ASC LIMIT ?  [["uid", "asd"], ["LIMIT", 1]]
-  User Load (0.2ms)  SELECT  "users".* FROM "users" WHERE "users"."email" = ? ORDER BY "users"."id" ASC LIMIT ?  [["email", "user@example.com"], ["LIMIT", 1]]
-   (0.0ms)  begin transaction
-  SQL (0.2ms)  INSERT INTO "users" ("name", "uid", "email", "permissions", "organisation_slug", "organisation_content_id", "disabled") VALUES (?, ?, ?, ?, ?, ?, ?)  [["name", "A Name"], ["uid", "asd"], ["email", "user@example.com"], ["permissions", "---\n- signin\n"], ["organisation_slug", "hmrc"], ["organisation_content_id", "67a2b78d-eee3-45b3-80e2-792e7f71cecc"], ["disabled", nil]]
-   (26.1ms)  commit transaction
-  User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? ORDER BY "users"."id" ASC LIMIT ?  [["uid", "asd"], ["LIMIT", 1]]
+  SQL (0.3ms)  INSERT INTO "ar_internal_metadata" ("key", "value", "created_at", "updated_at") VALUES (?, ?, ?, ?)  [["key", "environment"], ["value", "test"], ["created_at", 2016-11-25 13:44:07 UTC], ["updated_at", 2016-11-25 13:44:07 UTC]]
+   (157.5ms)  commit transaction
+   (70.9ms)  CREATE TABLE "schema_migrations" ("version" varchar NOT NULL PRIMARY KEY)
+  ActiveRecord::InternalMetadata Load (0.2ms)  SELECT  "ar_internal_metadata".* FROM "ar_internal_metadata" WHERE "ar_internal_metadata"."key" = ? LIMIT ?  [["key", :environment], ["LIMIT", 1]]
    (0.1ms)  begin transaction
    (0.1ms)  commit transaction
-Started GET "/this_requires_signin_permission" for 127.0.0.1 at 2016-09-22 10:05:12 +0000
-Processing by ExampleController#this_requires_signin_permission as JSON
-  User Load (0.2ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? ORDER BY "users"."id" ASC LIMIT ?  [["uid", "integration-uid"], ["LIMIT", 1]]
+Started GET "/restricted" for 127.0.0.1 at 2016-11-25 13:44:08 +0000
+Processing by ExampleController#restricted as JSON
+  User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? ORDER BY "users"."id" ASC LIMIT ?  [["uid", "integration-uid"], ["LIMIT", 1]]
   User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."email" = ? ORDER BY "users"."id" ASC LIMIT ?  [["email", "test@example-client.com"], ["LIMIT", 1]]
    (0.1ms)  begin transaction
-  SQL (0.2ms)  INSERT INTO "users" ("name", "uid", "email", "permissions", "disabled") VALUES (?, ?, ?, ?, ?)  [["name", "Test User"], ["uid", "integration-uid"], ["email", "test@example-client.com"], ["permissions", "---\n- signin\n"], ["disabled", nil]]
-   (13.4ms)  commit transaction
-  User Load (0.2ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? ORDER BY "users"."id" ASC LIMIT ?  [["uid", "integration-uid"], ["LIMIT", 1]]
-   (0.0ms)  begin transaction
-   (0.0ms)  commit transaction
+  SQL (0.3ms)  INSERT INTO "users" ("name", "uid", "email", "permissions", "disabled") VALUES (?, ?, ?, ?, ?)  [["name", "Test User"], ["uid", "integration-uid"], ["email", "test@example-client.com"], ["permissions", "---\n- signin\n"], ["disabled", nil]]
+   (154.1ms)  commit transaction
+  User Load (0.3ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? ORDER BY "users"."id" ASC LIMIT ?  [["uid", "integration-uid"], ["LIMIT", 1]]
+   (0.1ms)  begin transaction
+   (0.1ms)  commit transaction
   CACHE (0.0ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? ORDER BY "users"."id" ASC LIMIT ?  [["uid", "integration-uid"], ["LIMIT", 1]]
    (0.1ms)  begin transaction
    (0.1ms)  commit transaction
   CACHE (0.0ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? ORDER BY "users"."id" ASC LIMIT ?  [["uid", "integration-uid"], ["LIMIT", 1]]
    (0.1ms)  begin transaction
-   (0.0ms)  commit transaction
-   (0.0ms)  begin transaction
-  SQL (0.2ms)  UPDATE "users" SET "remotely_signed_out" = ? WHERE "users"."id" = ?  [["remotely_signed_out", false], ["id", 12]]
-   (33.0ms)  commit transaction
+   (0.1ms)  commit transaction
+   (0.1ms)  begin transaction
+  SQL (0.2ms)  UPDATE "users" SET "remotely_signed_out" = ? WHERE "users"."id" = ?  [["remotely_signed_out", false], ["id", 1]]
+   (131.7ms)  commit transaction
   Rendering text template
   Rendered text template (0.0ms)
-Completed 200 OK in 124ms (Views: 1.3ms | ActiveRecord: 47.9ms)
-Started GET "/restricted" for 127.0.0.1 at 2016-09-22 10:05:12 +0000
-Processing by ExampleController#restricted as JSON
-Completed   in 14ms (ActiveRecord: 0.0ms)
-Started GET "/restricted" for 127.0.0.1 at 2016-09-22 10:05:12 +0000
-Processing by ExampleController#restricted as JSON
-Completed   in 14ms (ActiveRecord: 0.0ms)
-Started GET "/restricted" for 127.0.0.1 at 2016-09-22 10:05:12 +0000
+Completed 200 OK in 390ms (Views: 3.6ms | ActiveRecord: 288.2ms)
+Started GET "/restricted" for 127.0.0.1 at 2016-11-25 13:44:08 +0000
 Processing by ExampleController#restricted as JSON
-  User Load (0.2ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? ORDER BY "users"."id" ASC LIMIT ?  [["uid", "integration-uid"], ["LIMIT", 1]]
-   (0.0ms)  begin transaction
-   (0.0ms)  commit transaction
+Completed   in 25ms (ActiveRecord: 0.0ms)
+Started GET "/this_requires_signin_permission" for 127.0.0.1 at 2016-11-25 13:44:08 +0000
+Processing by ExampleController#this_requires_signin_permission as JSON
+  User Load (0.3ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? ORDER BY "users"."id" ASC LIMIT ?  [["uid", "integration-uid"], ["LIMIT", 1]]
+   (0.1ms)  begin transaction
+   (0.1ms)  commit transaction
   CACHE (0.0ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? ORDER BY "users"."id" ASC LIMIT ?  [["uid", "integration-uid"], ["LIMIT", 1]]
    (0.1ms)  begin transaction
    (0.1ms)  commit transaction
   CACHE (0.0ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? ORDER BY "users"."id" ASC LIMIT ?  [["uid", "integration-uid"], ["LIMIT", 1]]
    (0.1ms)  begin transaction
-   (0.0ms)  commit transaction
+   (0.1ms)  commit transaction
   CACHE (0.0ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? ORDER BY "users"."id" ASC LIMIT ?  [["uid", "integration-uid"], ["LIMIT", 1]]
    (0.1ms)  begin transaction
-   (0.0ms)  commit transaction
+   (0.1ms)  commit transaction
   Rendering text template
   Rendered text template (0.0ms)
-Completed 200 OK in 54ms (Views: 0.3ms | ActiveRecord: 0.7ms)
-Started GET "/" for 127.0.0.1 at 2016-09-22 10:05:12 +0000
-Processing by ExampleController#index as HTML
+Completed 200 OK in 91ms (Views: 0.4ms | ActiveRecord: 1.0ms)
+Started GET "/restricted" for 127.0.0.1 at 2016-11-25 13:44:08 +0000
+Processing by ExampleController#restricted as JSON
+Completed   in 18ms (ActiveRecord: 0.0ms)
+Started GET "/restricted" for 127.0.0.1 at 2016-11-25 13:44:08 +0000
+Processing by ExampleController#restricted as HTML
+Authenticating with gds_sso strategy
+Completed   in 1ms (ActiveRecord: 0.0ms)
+Started GET "/auth/gds" for 127.0.0.1 at 2016-11-25 13:44:08 +0000
+Started GET "/auth/gds/callback?code=c0a84b9848298a9f262a09a67e03b82a3ddb2e11d32349af67a134f2a8c1df54&state=785ca430b12fe07e5ebbd5d2576cf8d9adaaec586d9b8741" for 127.0.0.1 at 2016-11-25 13:44:08 +0000
+Processing by AuthenticationsController#callback as HTML
+  Parameters: {"code"=>"c0a84b9848298a9f262a09a67e03b82a3ddb2e11d32349af67a134f2a8c1df54", "state"=>"785ca430b12fe07e5ebbd5d2576cf8d9adaaec586d9b8741"}
+Authenticating with gds_sso strategy
+  User Load (0.2ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? ORDER BY "users"."id" ASC LIMIT ?  [["uid", "integration-uid"], ["LIMIT", 1]]
+   (0.1ms)  begin transaction
+  SQL (0.2ms)  UPDATE "users" SET "disabled" = ? WHERE "users"."id" = ?  [["disabled", false], ["id", 1]]
+   (104.4ms)  commit transaction
+Redirected to http://www.example-client.com/restricted
+Completed 302 Found in 109ms (ActiveRecord: 104.9ms)
+Started GET "/restricted" for 127.0.0.1 at 2016-11-25 13:44:09 +0000
+Processing by ExampleController#restricted as HTML
+  User Load (0.2ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? AND "users"."remotely_signed_out" = ? ORDER BY "users"."id" ASC LIMIT ?  [["uid", "integration-uid"], ["remotely_signed_out", false], ["LIMIT", 1]]
   Rendering text template
   Rendered text template (0.0ms)
-Completed 200 OK in 0ms (Views: 0.3ms | ActiveRecord: 0.0ms)
-Started GET "/this_requires_signin_permission" for 127.0.0.1 at 2016-09-22 10:05:12 +0000
+Completed 200 OK in 3ms (Views: 0.3ms | ActiveRecord: 0.2ms)
+Started GET "/this_requires_signin_permission" for 127.0.0.1 at 2016-11-25 13:44:09 +0000
 Processing by ExampleController#this_requires_signin_permission as HTML
 Authenticating with gds_sso strategy
 Completed   in 0ms (ActiveRecord: 0.0ms)
-Started GET "/auth/gds" for 127.0.0.1 at 2016-09-22 10:05:12 +0000
-Started GET "/auth/gds/callback?code=0e660219d9fcf3cecc4e6585393159292097fac873cd8b6da779b606afcdf92c&state=a3345c16775bc34820876453004292277615eb7f3895bdbf" for 127.0.0.1 at 2016-09-22 10:05:12 +0000
+Started GET "/auth/gds" for 127.0.0.1 at 2016-11-25 13:44:09 +0000
+Started GET "/auth/gds/callback?code=bf76d7f035ac8073a3a23d377ad10f341fd99cb317858d7c202b232a4fbf8ee8&state=4c6e9f8c2ab2cf114c8af1aa29e839c88763904579134b18" for 127.0.0.1 at 2016-11-25 13:44:09 +0000
 Processing by AuthenticationsController#callback as HTML
-  Parameters: {"code"=>"0e660219d9fcf3cecc4e6585393159292097fac873cd8b6da779b606afcdf92c", "state"=>"a3345c16775bc34820876453004292277615eb7f3895bdbf"}
+  Parameters: {"code"=>"bf76d7f035ac8073a3a23d377ad10f341fd99cb317858d7c202b232a4fbf8ee8", "state"=>"4c6e9f8c2ab2cf114c8af1aa29e839c88763904579134b18"}
 Authenticating with gds_sso strategy
   User Load (0.3ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? ORDER BY "users"."id" ASC LIMIT ?  [["uid", "integration-uid"], ["LIMIT", 1]]
    (0.1ms)  begin transaction
-  SQL (0.2ms)  UPDATE "users" SET "disabled" = ? WHERE "users"."id" = ?  [["disabled", false], ["id", 12]]
-   (32.8ms)  commit transaction
+   (0.1ms)  commit transaction
 Redirected to http://www.example-client.com/this_requires_signin_permission
-Completed 302 Found in 37ms (ActiveRecord: 33.4ms)
-Started GET "/this_requires_signin_permission" for 127.0.0.1 at 2016-09-22 10:05:12 +0000
+Completed 302 Found in 4ms (ActiveRecord: 0.4ms)
+Started GET "/this_requires_signin_permission" for 127.0.0.1 at 2016-11-25 13:44:09 +0000
 Processing by ExampleController#this_requires_signin_permission as HTML
   User Load (0.2ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? AND "users"."remotely_signed_out" = ? ORDER BY "users"."id" ASC LIMIT ?  [["uid", "integration-uid"], ["remotely_signed_out", false], ["LIMIT", 1]]
   Rendering text template
   Rendered text template (0.0ms)
 Completed 200 OK in 2ms (Views: 0.3ms | ActiveRecord: 0.2ms)
-Started GET "/this_requires_signin_permission" for 127.0.0.1 at 2016-09-22 10:05:12 +0000
+Started GET "/this_requires_signin_permission" for 127.0.0.1 at 2016-11-25 13:44:09 +0000
 Processing by ExampleController#this_requires_signin_permission as HTML
 Authenticating with gds_sso strategy
 Completed   in 0ms (ActiveRecord: 0.0ms)
-Started GET "/auth/gds" for 127.0.0.1 at 2016-09-22 10:05:12 +0000
-Started GET "/auth/gds/callback?code=f931bc11c988aaa713e5ac07cd5c54a2118bfb64c0d51a33c5fd391c63923dbd&state=976f1204e4303dd7fce566dea130b6e32df5b297fbf88c6f" for 127.0.0.1 at 2016-09-22 10:05:12 +0000
+Started GET "/auth/gds" for 127.0.0.1 at 2016-11-25 13:44:09 +0000
+Started GET "/auth/gds/callback?code=3a117361caf80c06abc97a5c61eeef6d1b530ab6838b74848703417769f377df&state=37ba9999028828876033494d9ef60de447771819b102f542" for 127.0.0.1 at 2016-11-25 13:44:09 +0000
 Processing by AuthenticationsController#callback as HTML
-  Parameters: {"code"=>"f931bc11c988aaa713e5ac07cd5c54a2118bfb64c0d51a33c5fd391c63923dbd", "state"=>"976f1204e4303dd7fce566dea130b6e32df5b297fbf88c6f"}
+  Parameters: {"code"=>"3a117361caf80c06abc97a5c61eeef6d1b530ab6838b74848703417769f377df", "state"=>"37ba9999028828876033494d9ef60de447771819b102f542"}
 Authenticating with gds_sso strategy
-  User Load (0.2ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? ORDER BY "users"."id" ASC LIMIT ?  [["uid", "integration-uid"], ["LIMIT", 1]]
-   (0.0ms)  begin transaction
+  User Load (0.3ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? ORDER BY "users"."id" ASC LIMIT ?  [["uid", "integration-uid"], ["LIMIT", 1]]
+   (0.1ms)  begin transaction
    (0.1ms)  commit transaction
 Redirected to http://www.example-client.com/this_requires_signin_permission
-Completed 302 Found in 3ms (ActiveRecord: 0.3ms)
-Started GET "/this_requires_signin_permission" for 127.0.0.1 at 2016-09-22 10:05:12 +0000
+Completed 302 Found in 4ms (ActiveRecord: 0.4ms)
+Started GET "/this_requires_signin_permission" for 127.0.0.1 at 2016-11-25 13:44:09 +0000
 Processing by ExampleController#this_requires_signin_permission as HTML
   User Load (0.2ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? AND "users"."remotely_signed_out" = ? ORDER BY "users"."id" ASC LIMIT ?  [["uid", "integration-uid"], ["remotely_signed_out", false], ["LIMIT", 1]]
   Rendering text template
   Rendered text template (0.0ms)
 Completed 200 OK in 2ms (Views: 0.3ms | ActiveRecord: 0.2ms)
-Started GET "/restricted" for 127.0.0.1 at 2016-09-22 10:05:12 +0000
+Started GET "/restricted" for 127.0.0.1 at 2016-11-25 13:44:09 +0000
 Processing by ExampleController#restricted as HTML
 Authenticating with gds_sso strategy
 Completed   in 0ms (ActiveRecord: 0.0ms)
-Started GET "/auth/gds" for 127.0.0.1 at 2016-09-22 10:05:12 +0000
-Started GET "/auth/gds/callback?code=474cc46d995688b3826b953d885817bb02893debe8fb92e1f6f40a4a84b5421f&state=429238981731f2b9dad89d9d448456c9e4e97a6229c99f1b" for 127.0.0.1 at 2016-09-22 10:05:13 +0000
+Started GET "/auth/gds" for 127.0.0.1 at 2016-11-25 13:44:09 +0000
+Started GET "/auth/gds/callback?code=b7eae245485328e121e9325ae16ed83aa90f00cecccb5a12e8e16d96602811f0&state=6e18b7da44b64322b9feebfd747f8ab38f8b988ce94a6d66" for 127.0.0.1 at 2016-11-25 13:44:09 +0000
 Processing by AuthenticationsController#callback as HTML
-  Parameters: {"code"=>"474cc46d995688b3826b953d885817bb02893debe8fb92e1f6f40a4a84b5421f", "state"=>"429238981731f2b9dad89d9d448456c9e4e97a6229c99f1b"}
+  Parameters: {"code"=>"b7eae245485328e121e9325ae16ed83aa90f00cecccb5a12e8e16d96602811f0", "state"=>"6e18b7da44b64322b9feebfd747f8ab38f8b988ce94a6d66"}
 Authenticating with gds_sso strategy
-  User Load (0.2ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? ORDER BY "users"."id" ASC LIMIT ?  [["uid", "integration-uid"], ["LIMIT", 1]]
+  User Load (0.3ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? ORDER BY "users"."id" ASC LIMIT ?  [["uid", "integration-uid"], ["LIMIT", 1]]
    (0.1ms)  begin transaction
    (0.1ms)  commit transaction
 Redirected to http://www.example-client.com/restricted
 Completed 302 Found in 4ms (ActiveRecord: 0.4ms)
-Started GET "/restricted" for 127.0.0.1 at 2016-09-22 10:05:13 +0000
+Started GET "/restricted" for 127.0.0.1 at 2016-11-25 13:44:09 +0000
 Processing by ExampleController#restricted as HTML
   User Load (0.2ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? AND "users"."remotely_signed_out" = ? ORDER BY "users"."id" ASC LIMIT ?  [["uid", "integration-uid"], ["remotely_signed_out", false], ["LIMIT", 1]]
   Rendering text template
   Rendered text template (0.0ms)
 Completed 200 OK in 2ms (Views: 0.3ms | ActiveRecord: 0.2ms)
-Started GET "/restricted" for 127.0.0.1 at 2016-09-22 10:05:13 +0000
+Started GET "/restricted" for 127.0.0.1 at 2016-11-25 13:44:09 +0000
 Processing by ExampleController#restricted as HTML
 Authenticating with gds_sso strategy
 Completed   in 0ms (ActiveRecord: 0.0ms)
-Started GET "/auth/gds" for 127.0.0.1 at 2016-09-22 10:05:13 +0000
-Started GET "/auth/gds/callback?code=f84ba7689c6cb951e669e20538f699bbdb174c90356a27f49daa97de4dd3d13e&state=eb2a5bb6f42cf70f42b03efa074dc59d79a2927d77594dc8" for 127.0.0.1 at 2016-09-22 10:05:13 +0000
+Started GET "/auth/gds" for 127.0.0.1 at 2016-11-25 13:44:09 +0000
+Started GET "/auth/gds/callback?code=2b981d35b8370b19479ffec3ca76bfbce2e8e96b5625373767de621054930664&state=c20b030e32057395dc69e18b12c5590d943a9c21c905e5fe" for 127.0.0.1 at 2016-11-25 13:44:10 +0000
 Processing by AuthenticationsController#callback as HTML
-  Parameters: {"code"=>"f84ba7689c6cb951e669e20538f699bbdb174c90356a27f49daa97de4dd3d13e", "state"=>"eb2a5bb6f42cf70f42b03efa074dc59d79a2927d77594dc8"}
+  Parameters: {"code"=>"2b981d35b8370b19479ffec3ca76bfbce2e8e96b5625373767de621054930664", "state"=>"c20b030e32057395dc69e18b12c5590d943a9c21c905e5fe"}
 Authenticating with gds_sso strategy
-  User Load (0.2ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? ORDER BY "users"."id" ASC LIMIT ?  [["uid", "integration-uid"], ["LIMIT", 1]]
+  User Load (0.3ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? ORDER BY "users"."id" ASC LIMIT ?  [["uid", "integration-uid"], ["LIMIT", 1]]
    (0.1ms)  begin transaction
-   (0.0ms)  commit transaction
+   (0.1ms)  commit transaction
 Redirected to http://www.example-client.com/restricted
-Completed 302 Found in 3ms (ActiveRecord: 0.3ms)
-Started GET "/restricted" for 127.0.0.1 at 2016-09-22 10:05:13 +0000
+Completed 302 Found in 4ms (ActiveRecord: 0.4ms)
+Started GET "/restricted" for 127.0.0.1 at 2016-11-25 13:44:10 +0000
 Processing by ExampleController#restricted as HTML
-  User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? AND "users"."remotely_signed_out" = ? ORDER BY "users"."id" ASC LIMIT ?  [["uid", "integration-uid"], ["remotely_signed_out", false], ["LIMIT", 1]]
+  User Load (0.2ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? AND "users"."remotely_signed_out" = ? ORDER BY "users"."id" ASC LIMIT ?  [["uid", "integration-uid"], ["remotely_signed_out", false], ["LIMIT", 1]]
+  Rendering text template
+  Rendered text template (0.0ms)
+Completed 200 OK in 2ms (Views: 0.3ms | ActiveRecord: 0.2ms)
+Started GET "/" for 127.0.0.1 at 2016-11-25 13:44:10 +0000
+Processing by ExampleController#index as HTML
   Rendering text template
   Rendered text template (0.0ms)
-Completed 200 OK in 2ms (Views: 0.2ms | ActiveRecord: 0.1ms)
-Started GET "/restricted" for 127.0.0.1 at 2016-09-22 10:05:13 +0000
+Completed 200 OK in 0ms (Views: 0.3ms | ActiveRecord: 0.0ms)
+Started GET "/restricted" for 127.0.0.1 at 2016-11-25 13:44:10 +0000
 Processing by ExampleController#restricted as HTML
 Authenticating with gds_sso strategy
 Completed   in 0ms (ActiveRecord: 0.0ms)
-Started GET "/auth/gds" for 127.0.0.1 at 2016-09-22 10:05:13 +0000
-Started GET "/auth/gds/callback?code=a722c87e3a447c7716f915fa5d460115eeef66a707038ed1d6b5bc365b744051&state=76fd2e3d77e27caf46cd40aa6c91240f2ed212a84181aea7" for 127.0.0.1 at 2016-09-22 10:05:13 +0000
+Started GET "/auth/gds" for 127.0.0.1 at 2016-11-25 13:44:10 +0000
+Started GET "/auth/gds/callback?code=a64ee593600313a329104a3a301b885c4de72ca20bbe395c228a31d5637084ac&state=75e9cc0fb0abcde491c545a4ba1f08a2bf1d3c680c80d08d" for 127.0.0.1 at 2016-11-25 13:44:10 +0000
 Processing by AuthenticationsController#callback as HTML
-  Parameters: {"code"=>"a722c87e3a447c7716f915fa5d460115eeef66a707038ed1d6b5bc365b744051", "state"=>"76fd2e3d77e27caf46cd40aa6c91240f2ed212a84181aea7"}
+  Parameters: {"code"=>"a64ee593600313a329104a3a301b885c4de72ca20bbe395c228a31d5637084ac", "state"=>"75e9cc0fb0abcde491c545a4ba1f08a2bf1d3c680c80d08d"}
 Authenticating with gds_sso strategy
   User Load (0.3ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? ORDER BY "users"."id" ASC LIMIT ?  [["uid", "integration-uid"], ["LIMIT", 1]]
    (0.1ms)  begin transaction
-   (0.0ms)  commit transaction
+   (0.1ms)  commit transaction
 Redirected to http://www.example-client.com/restricted
-Completed 302 Found in 3ms (ActiveRecord: 0.4ms)
-Started GET "/restricted" for 127.0.0.1 at 2016-09-22 10:05:13 +0000
+Completed 302 Found in 4ms (ActiveRecord: 0.4ms)
+Started GET "/restricted" for 127.0.0.1 at 2016-11-25 13:44:10 +0000
 Processing by ExampleController#restricted as HTML
-  User Load (0.3ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? AND "users"."remotely_signed_out" = ? ORDER BY "users"."id" ASC LIMIT ?  [["uid", "integration-uid"], ["remotely_signed_out", false], ["LIMIT", 1]]
+  User Load (0.2ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? AND "users"."remotely_signed_out" = ? ORDER BY "users"."id" ASC LIMIT ?  [["uid", "integration-uid"], ["remotely_signed_out", false], ["LIMIT", 1]]
   Rendering text template
   Rendered text template (0.0ms)
-Completed 200 OK in 2ms (Views: 0.3ms | ActiveRecord: 0.3ms)
-Started GET "/restricted" for 127.0.0.1 at 2016-09-22 10:05:13 +0000
+Completed 200 OK in 2ms (Views: 0.3ms | ActiveRecord: 0.2ms)
+  User Load (0.3ms)  SELECT  "users".* FROM "users" WHERE "users"."email" = ? ORDER BY "users"."id" ASC LIMIT ?  [["email", "test@example-client.com"], ["LIMIT", 1]]
+   (0.1ms)  begin transaction
+  SQL (0.2ms)  UPDATE "users" SET "remotely_signed_out" = ? WHERE "users"."id" = ?  [["remotely_signed_out", true], ["id", 1]]
+   (165.7ms)  commit transaction
+Started GET "/restricted" for 127.0.0.1 at 2016-11-25 13:44:10 +0000
 Processing by ExampleController#restricted as HTML
+  User Load (0.2ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? AND "users"."remotely_signed_out" = ? ORDER BY "users"."id" ASC LIMIT ?  [["uid", "integration-uid"], ["remotely_signed_out", false], ["LIMIT", 1]]
 Authenticating with gds_sso strategy
-Completed   in 0ms (ActiveRecord: 0.0ms)
-Started GET "/auth/gds" for 127.0.0.1 at 2016-09-22 10:05:13 +0000
-Started GET "/auth/gds/callback?code=3cd8309f9a6ce02f5b9f652eccce65f308d2069174e11170dd3966d0637da93b&state=9b987f343e80c6d425df5734e255e7ea8836091574c9020a" for 127.0.0.1 at 2016-09-22 10:05:13 +0000
+Completed   in 2ms (ActiveRecord: 0.2ms)
+Started GET "/auth/gds" for 127.0.0.1 at 2016-11-25 13:44:10 +0000
+Started GET "/auth/gds/callback?code=199a427dacb6ebb4bf71a3f78b261a7f56023326646be791b959f8facbd9674f&state=9c1046561c80184c37b0816b5b556aaae34b9472253dc571" for 127.0.0.1 at 2016-11-25 13:44:10 +0000
 Processing by AuthenticationsController#callback as HTML
-  Parameters: {"code"=>"3cd8309f9a6ce02f5b9f652eccce65f308d2069174e11170dd3966d0637da93b", "state"=>"9b987f343e80c6d425df5734e255e7ea8836091574c9020a"}
+  Parameters: {"code"=>"199a427dacb6ebb4bf71a3f78b261a7f56023326646be791b959f8facbd9674f", "state"=>"9c1046561c80184c37b0816b5b556aaae34b9472253dc571"}
 Authenticating with gds_sso strategy
   User Load (0.3ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? ORDER BY "users"."id" ASC LIMIT ?  [["uid", "integration-uid"], ["LIMIT", 1]]
    (0.1ms)  begin transaction
    (0.1ms)  commit transaction
+   (0.1ms)  begin transaction
+  SQL (0.2ms)  UPDATE "users" SET "remotely_signed_out" = ? WHERE "users"."id" = ?  [["remotely_signed_out", false], ["id", 1]]
+   (127.2ms)  commit transaction
 Redirected to http://www.example-client.com/restricted
-Completed 302 Found in 3ms (ActiveRecord: 0.4ms)
-Started GET "/restricted" for 127.0.0.1 at 2016-09-22 10:05:13 +0000
+Completed 302 Found in 133ms (ActiveRecord: 127.9ms)
+Started GET "/restricted" for 127.0.0.1 at 2016-11-25 13:44:10 +0000
 Processing by ExampleController#restricted as HTML
-  User Load (0.2ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? AND "users"."remotely_signed_out" = ? ORDER BY "users"."id" ASC LIMIT ?  [["uid", "integration-uid"], ["remotely_signed_out", false], ["LIMIT", 1]]
-  Rendering text template
-  Rendered text template (0.0ms)
-Completed 200 OK in 2ms (Views: 0.3ms | ActiveRecord: 0.2ms)
-Started GET "/restricted" for 127.0.0.1 at 2016-09-23 06:00:13 +0000
-Processing by ExampleController#restricted as HTML
-  User Load (0.2ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? AND "users"."remotely_signed_out" = ? ORDER BY "users"."id" ASC LIMIT ?  [["uid", "integration-uid"], ["remotely_signed_out", false], ["LIMIT", 1]]
+  User Load (0.3ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? AND "users"."remotely_signed_out" = ? ORDER BY "users"."id" ASC LIMIT ?  [["uid", "integration-uid"], ["remotely_signed_out", false], ["LIMIT", 1]]
   Rendering text template
   Rendered text template (0.0ms)
-Completed 200 OK in 2ms (Views: 0.3ms | ActiveRecord: 0.2ms)
-Started GET "/restricted" for 127.0.0.1 at 2016-09-22 10:05:13 +0000
+Completed 200 OK in 2ms (Views: 0.4ms | ActiveRecord: 0.3ms)
+Started GET "/restricted" for 127.0.0.1 at 2016-11-25 13:44:10 +0000
 Processing by ExampleController#restricted as HTML
 Authenticating with gds_sso strategy
 Completed   in 0ms (ActiveRecord: 0.0ms)
-Started GET "/auth/gds" for 127.0.0.1 at 2016-09-22 10:05:13 +0000
-Started GET "/auth/gds/callback?code=5486e4c720f999eaf3890c5dfe0c41fc64c4e8c0cf4c72a1c981f2382cabfb73&state=87fdb2c5beb1a0754623eb760288e425275bab801e91a20f" for 127.0.0.1 at 2016-09-22 10:05:14 +0000
+Started GET "/auth/gds" for 127.0.0.1 at 2016-11-25 13:44:10 +0000
+Started GET "/auth/gds/callback?code=ba207418b730acd401f90e2ab7767fea110b029de02e40b28b4f5cfb6229a568&state=a58aef958e400d846df3c30d2ac822763d9b1af234c5ae37" for 127.0.0.1 at 2016-11-25 13:44:11 +0000
 Processing by AuthenticationsController#callback as HTML
-  Parameters: {"code"=>"5486e4c720f999eaf3890c5dfe0c41fc64c4e8c0cf4c72a1c981f2382cabfb73", "state"=>"87fdb2c5beb1a0754623eb760288e425275bab801e91a20f"}
+  Parameters: {"code"=>"ba207418b730acd401f90e2ab7767fea110b029de02e40b28b4f5cfb6229a568", "state"=>"a58aef958e400d846df3c30d2ac822763d9b1af234c5ae37"}
 Authenticating with gds_sso strategy
-  User Load (0.2ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? ORDER BY "users"."id" ASC LIMIT ?  [["uid", "integration-uid"], ["LIMIT", 1]]
+  User Load (0.3ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? ORDER BY "users"."id" ASC LIMIT ?  [["uid", "integration-uid"], ["LIMIT", 1]]
    (0.1ms)  begin transaction
-   (0.0ms)  commit transaction
+   (0.1ms)  commit transaction
 Redirected to http://www.example-client.com/restricted
-Completed 302 Found in 3ms (ActiveRecord: 0.3ms)
-Started GET "/restricted" for 127.0.0.1 at 2016-09-22 10:05:14 +0000
+Completed 302 Found in 4ms (ActiveRecord: 0.4ms)
+Started GET "/restricted" for 127.0.0.1 at 2016-11-25 13:44:11 +0000
 Processing by ExampleController#restricted as HTML
   User Load (0.2ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? AND "users"."remotely_signed_out" = ? ORDER BY "users"."id" ASC LIMIT ?  [["uid", "integration-uid"], ["remotely_signed_out", false], ["LIMIT", 1]]
   Rendering text template
   Rendered text template (0.0ms)
-Completed 200 OK in 1ms (Views: 0.3ms | ActiveRecord: 0.2ms)
-Started GET "/restricted" for 127.0.0.1 at 2016-09-23 06:10:14 +0000
+Completed 200 OK in 2ms (Views: 0.3ms | ActiveRecord: 0.2ms)
+Started GET "/restricted" for 127.0.0.1 at 2016-11-26 09:49:11 +0000
 Processing by ExampleController#restricted as HTML
 Authenticating with gds_sso strategy
 Completed   in 1ms (ActiveRecord: 0.0ms)
-Started GET "/auth/gds" for 127.0.0.1 at 2016-09-23 06:10:14 +0000
-Started GET "/restricted" for 127.0.0.1 at 2016-09-22 10:05:14 +0000
-Processing by ExampleController#restricted as HTML
-Authenticating with gds_sso strategy
-Completed   in 0ms (ActiveRecord: 0.0ms)
-Started GET "/auth/gds" for 127.0.0.1 at 2016-09-22 10:05:14 +0000
-Started GET "/auth/gds/callback?code=a9c626ac742d02e21c3cd5c7e61c8b38c871b61598050213aed8c1807272bf09&state=3be98684f80c4dfe2532cde67df50755bf8abe4696c2cea9" for 127.0.0.1 at 2016-09-22 10:05:14 +0000
+Started GET "/auth/gds" for 127.0.0.1 at 2016-11-26 09:49:11 +0000
+Started GET "/auth/gds/callback?code=ba733aaa5e6f5cfd68f43b6d4dcac0b56dc9a824902757b03989f0333dd4929c&state=ab9b252c55e0213badba6ab4d9edd9ea658515cd496c6793" for 127.0.0.1 at 2016-11-26 09:49:11 +0000
 Processing by AuthenticationsController#callback as HTML
-  Parameters: {"code"=>"a9c626ac742d02e21c3cd5c7e61c8b38c871b61598050213aed8c1807272bf09", "state"=>"3be98684f80c4dfe2532cde67df50755bf8abe4696c2cea9"}
+  Parameters: {"code"=>"ba733aaa5e6f5cfd68f43b6d4dcac0b56dc9a824902757b03989f0333dd4929c", "state"=>"ab9b252c55e0213badba6ab4d9edd9ea658515cd496c6793"}
 Authenticating with gds_sso strategy
   User Load (0.3ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? ORDER BY "users"."id" ASC LIMIT ?  [["uid", "integration-uid"], ["LIMIT", 1]]
    (0.1ms)  begin transaction
    (0.1ms)  commit transaction
 Redirected to http://www.example-client.com/restricted
-Completed 302 Found in 3ms (ActiveRecord: 0.4ms)
-Started GET "/restricted" for 127.0.0.1 at 2016-09-22 10:05:14 +0000
+Completed 302 Found in 12ms (ActiveRecord: 0.4ms)
+Started GET "/restricted" for 127.0.0.1 at 2016-11-26 09:49:11 +0000
 Processing by ExampleController#restricted as HTML
   User Load (0.2ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? AND "users"."remotely_signed_out" = ? ORDER BY "users"."id" ASC LIMIT ?  [["uid", "integration-uid"], ["remotely_signed_out", false], ["LIMIT", 1]]
   Rendering text template
   Rendered text template (0.0ms)
-Completed 200 OK in 1ms (Views: 0.3ms | ActiveRecord: 0.2ms)
-Started GET "/restricted" for 127.0.0.1 at 2016-09-23 06:10:14 +0000
+Completed 200 OK in 2ms (Views: 0.4ms | ActiveRecord: 0.2ms)
+Started GET "/restricted" for 127.0.0.1 at 2016-11-25 13:44:11 +0000
 Processing by ExampleController#restricted as HTML
 Authenticating with gds_sso strategy
 Completed   in 0ms (ActiveRecord: 0.0ms)
-Started GET "/auth/gds" for 127.0.0.1 at 2016-09-23 06:10:14 +0000
-Started GET "/auth/gds/callback?code=f79eeded3e9865dee1c0b012583cd9933beafe1889da44b11a0db8a4f614bfdc&state=7913d81af96c4baae77bf1469c7d8aac54c962b283da691a" for 127.0.0.1 at 2016-09-23 06:10:14 +0000
+Started GET "/auth/gds" for 127.0.0.1 at 2016-11-25 13:44:11 +0000
+Started GET "/auth/gds/callback?code=cadac2fc142b359cec8bce949fe53f95466e5f47dc876f961f2588ae806888a0&state=43710693a55e9165b8307f7c12d7a9fdd4cc03b5a63281ed" for 127.0.0.1 at 2016-11-25 13:44:11 +0000
 Processing by AuthenticationsController#callback as HTML
-  Parameters: {"code"=>"f79eeded3e9865dee1c0b012583cd9933beafe1889da44b11a0db8a4f614bfdc", "state"=>"7913d81af96c4baae77bf1469c7d8aac54c962b283da691a"}
+  Parameters: {"code"=>"cadac2fc142b359cec8bce949fe53f95466e5f47dc876f961f2588ae806888a0", "state"=>"43710693a55e9165b8307f7c12d7a9fdd4cc03b5a63281ed"}
 Authenticating with gds_sso strategy
-  User Load (0.3ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? ORDER BY "users"."id" ASC LIMIT ?  [["uid", "integration-uid"], ["LIMIT", 1]]
+  User Load (0.4ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? ORDER BY "users"."id" ASC LIMIT ?  [["uid", "integration-uid"], ["LIMIT", 1]]
    (0.1ms)  begin transaction
    (0.1ms)  commit transaction
 Redirected to http://www.example-client.com/restricted
-Completed 302 Found in 3ms (ActiveRecord: 0.4ms)
-Started GET "/restricted" for 127.0.0.1 at 2016-09-23 06:10:14 +0000
+Completed 302 Found in 4ms (ActiveRecord: 0.5ms)
+Started GET "/restricted" for 127.0.0.1 at 2016-11-25 13:44:11 +0000
 Processing by ExampleController#restricted as HTML
-  User Load (0.2ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? AND "users"."remotely_signed_out" = ? ORDER BY "users"."id" ASC LIMIT ?  [["uid", "integration-uid"], ["remotely_signed_out", false], ["LIMIT", 1]]
+  User Load (0.3ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? AND "users"."remotely_signed_out" = ? ORDER BY "users"."id" ASC LIMIT ?  [["uid", "integration-uid"], ["remotely_signed_out", false], ["LIMIT", 1]]
   Rendering text template
   Rendered text template (0.0ms)
-Completed 200 OK in 2ms (Views: 0.3ms | ActiveRecord: 0.2ms)
-Started GET "/restricted" for 127.0.0.1 at 2016-09-22 10:05:14 +0000
+Completed 200 OK in 2ms (Views: 0.4ms | ActiveRecord: 0.3ms)
+Started GET "/restricted" for 127.0.0.1 at 2016-11-26 09:49:11 +0000
+Processing by ExampleController#restricted as HTML
+Authenticating with gds_sso strategy
+Completed   in 1ms (ActiveRecord: 0.0ms)
+Started GET "/auth/gds" for 127.0.0.1 at 2016-11-26 09:49:11 +0000
+Started GET "/restricted" for 127.0.0.1 at 2016-11-25 13:44:11 +0000
 Processing by ExampleController#restricted as HTML
 Authenticating with gds_sso strategy
 Completed   in 0ms (ActiveRecord: 0.0ms)
-Started GET "/auth/gds" for 127.0.0.1 at 2016-09-22 10:05:14 +0000
-Started GET "/auth/gds/callback?code=9dcf95e46554ae688e6c7025b8ccb6165ded300b637a74e44f28bf0d7c86dce4&state=8c1e1948b3d180df9740ae4c8e90ea4c00f99171e49a6217" for 127.0.0.1 at 2016-09-22 10:05:14 +0000
+Started GET "/auth/gds" for 127.0.0.1 at 2016-11-25 13:44:11 +0000
+Started GET "/auth/gds/callback?code=e97c1923e96ebde4a13a7f6c5bac17afdacae87a877be9cf19b2dacb2bbf008b&state=bbf26cdc855f5873a40f06c8f4806ce2de391f64600ef839" for 127.0.0.1 at 2016-11-25 13:44:11 +0000
 Processing by AuthenticationsController#callback as HTML
-  Parameters: {"code"=>"9dcf95e46554ae688e6c7025b8ccb6165ded300b637a74e44f28bf0d7c86dce4", "state"=>"8c1e1948b3d180df9740ae4c8e90ea4c00f99171e49a6217"}
+  Parameters: {"code"=>"e97c1923e96ebde4a13a7f6c5bac17afdacae87a877be9cf19b2dacb2bbf008b", "state"=>"bbf26cdc855f5873a40f06c8f4806ce2de391f64600ef839"}
 Authenticating with gds_sso strategy
   User Load (0.3ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? ORDER BY "users"."id" ASC LIMIT ?  [["uid", "integration-uid"], ["LIMIT", 1]]
    (0.1ms)  begin transaction
    (0.1ms)  commit transaction
 Redirected to http://www.example-client.com/restricted
-Completed 302 Found in 6ms (ActiveRecord: 0.5ms)
-Started GET "/restricted" for 127.0.0.1 at 2016-09-22 10:05:14 +0000
+Completed 302 Found in 4ms (ActiveRecord: 0.4ms)
+Started GET "/restricted" for 127.0.0.1 at 2016-11-25 13:44:11 +0000
 Processing by ExampleController#restricted as HTML
   User Load (0.2ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? AND "users"."remotely_signed_out" = ? ORDER BY "users"."id" ASC LIMIT ?  [["uid", "integration-uid"], ["remotely_signed_out", false], ["LIMIT", 1]]
   Rendering text template
   Rendered text template (0.0ms)
-Completed 200 OK in 2ms (Views: 0.5ms | ActiveRecord: 0.2ms)
-  User Load (0.2ms)  SELECT  "users".* FROM "users" WHERE "users"."email" = ? ORDER BY "users"."id" ASC LIMIT ?  [["email", "test@example-client.com"], ["LIMIT", 1]]
-   (0.1ms)  begin transaction
-  SQL (0.2ms)  UPDATE "users" SET "remotely_signed_out" = ? WHERE "users"."id" = ?  [["remotely_signed_out", true], ["id", 12]]
-   (34.0ms)  commit transaction
-Started GET "/restricted" for 127.0.0.1 at 2016-09-22 10:05:14 +0000
-Processing by ExampleController#restricted as HTML
-  User Load (0.2ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? AND "users"."remotely_signed_out" = ? ORDER BY "users"."id" ASC LIMIT ?  [["uid", "integration-uid"], ["remotely_signed_out", false], ["LIMIT", 1]]
-Authenticating with gds_sso strategy
-Completed   in 2ms (ActiveRecord: 0.2ms)
-Started GET "/auth/gds" for 127.0.0.1 at 2016-09-22 10:05:14 +0000
-Started GET "/auth/gds/callback?code=c08a54ca8860f7ab30f460e8e09fabb3b0acb0f140b0cc0f989bbf434411d52e&state=9c9ddc73d062a327ae1367a206cbdbd5c27069e5e9bc38fb" for 127.0.0.1 at 2016-09-22 10:05:14 +0000
-Processing by AuthenticationsController#callback as HTML
-  Parameters: {"code"=>"c08a54ca8860f7ab30f460e8e09fabb3b0acb0f140b0cc0f989bbf434411d52e", "state"=>"9c9ddc73d062a327ae1367a206cbdbd5c27069e5e9bc38fb"}
-Authenticating with gds_sso strategy
-  User Load (0.2ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? ORDER BY "users"."id" ASC LIMIT ?  [["uid", "integration-uid"], ["LIMIT", 1]]
-   (0.1ms)  begin transaction
-   (0.1ms)  commit transaction
-   (0.0ms)  begin transaction
-  SQL (0.2ms)  UPDATE "users" SET "remotely_signed_out" = ? WHERE "users"."id" = ?  [["remotely_signed_out", false], ["id", 12]]
-   (31.8ms)  commit transaction
-Redirected to http://www.example-client.com/restricted
-Completed 302 Found in 37ms (ActiveRecord: 32.3ms)
-Started GET "/restricted" for 127.0.0.1 at 2016-09-22 10:05:14 +0000
+Completed 200 OK in 2ms (Views: 0.3ms | ActiveRecord: 0.2ms)
+Started GET "/restricted" for 127.0.0.1 at 2016-11-26 09:39:11 +0000
 Processing by ExampleController#restricted as HTML
   User Load (0.2ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? AND "users"."remotely_signed_out" = ? ORDER BY "users"."id" ASC LIMIT ?  [["uid", "integration-uid"], ["remotely_signed_out", false], ["LIMIT", 1]]
   Rendering text template
   Rendered text template (0.0ms)
 Completed 200 OK in 2ms (Views: 0.3ms | ActiveRecord: 0.2ms)
+   (0.1ms)  begin transaction
+  SQL (0.2ms)  INSERT INTO "users" ("name", "uid", "email", "permissions") VALUES (?, ?, ?, ?)  [["name", "Moshua Jarshall"], ["uid", "a1s2d39"], ["email", "old@domain.com"], ["permissions", "---\n- signin\n"]]
+   (107.7ms)  commit transaction
+   (0.1ms)  begin transaction
+  SQL (0.3ms)  INSERT INTO "users" ("name", "uid", "email", "permissions") VALUES (?, ?, ?, ?)  [["name", "SSO Push user"], ["uid", "a1s2d38982"], ["email", "ssopushuser@legit.com"], ["permissions", "---\n- signin\n- user_update_permission\n"]]
+   (136.9ms)  commit transaction
+Processing by Api::UserController#update as HTML
+  Parameters: {"uid"=>"a1s2d39"}
+  Rendering /home/jenkins/workspace/govuk_gds_sso/app/views/authorisations/unauthorised.html.erb within layouts/unauthorised
+  Rendered /home/jenkins/workspace/govuk_gds_sso/app/views/authorisations/unauthorised.html.erb within layouts/unauthorised (0.3ms)
+Completed 403 Forbidden in 8ms (Views: 6.9ms | ActiveRecord: 0.0ms)
+   (0.1ms)  begin transaction
+  SQL (0.2ms)  INSERT INTO "users" ("name", "uid", "email", "permissions") VALUES (?, ?, ?, ?)  [["name", "Moshua Jarshall"], ["uid", "a1s2d36889"], ["email", "old@domain.com"], ["permissions", "---\n- signin\n"]]
+   (87.2ms)  commit transaction
+   (0.1ms)  begin transaction
+  SQL (0.2ms)  INSERT INTO "users" ("name", "uid", "email", "permissions") VALUES (?, ?, ?, ?)  [["name", "SSO Push user"], ["uid", "a1s2d31361"], ["email", "ssopushuser@legit.com"], ["permissions", "---\n- signin\n- user_update_permission\n"]]
+   (83.9ms)  commit transaction
+Processing by Api::UserController#update as HTML
+  Parameters: {"uid"=>"a1s2d36889"}
+  User Load (0.2ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? ORDER BY "users"."id" ASC LIMIT ?  [["uid", "a1s2d36889"], ["LIMIT", 1]]
+   (0.1ms)  begin transaction
+  SQL (0.2ms)  UPDATE "users" SET "email" = ?, "name" = ?, "permissions" = ?, "organisation_slug" = ?, "organisation_content_id" = ? WHERE "users"."id" = ?  [["email", "user@domain.com"], ["name", "Joshua Marshall"], ["permissions", "---\n- signin\n- new permission\n"], ["organisation_slug", "justice-league"], ["organisation_content_id", "aae1319e-5788-4677-998c-f1a53af528d0"], ["id", 4]]
+   (70.7ms)  commit transaction
+Completed 200 OK in 76ms (ActiveRecord: 71.2ms)
+  User Load (0.2ms)  SELECT  "users".* FROM "users" WHERE "users"."id" = ? LIMIT ?  [["id", 4], ["LIMIT", 1]]
+   (0.1ms)  begin transaction
+  SQL (0.2ms)  INSERT INTO "users" ("name", "uid", "email", "permissions") VALUES (?, ?, ?, ?)  [["name", "Moshua Jarshall"], ["uid", "a1s2d34414"], ["email", "old@domain.com"], ["permissions", "---\n- signin\n"]]
+   (100.0ms)  commit transaction
+   (0.1ms)  begin transaction
+  SQL (0.2ms)  INSERT INTO "users" ("name", "uid", "email", "permissions") VALUES (?, ?, ?, ?)  [["name", "SSO Push user"], ["uid", "a1s2d33706"], ["email", "ssopushuser@legit.com"], ["permissions", "---\n- signin\n- user_update_permission\n"]]
+   (81.0ms)  commit transaction
+Processing by Api::UserController#reauth as HTML
+  Parameters: {"uid"=>"a1s2d34414"}
+  User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? ORDER BY "users"."id" ASC LIMIT ?  [["uid", "a1s2d34414"], ["LIMIT", 1]]
+   (0.1ms)  begin transaction
+  SQL (0.2ms)  UPDATE "users" SET "remotely_signed_out" = ? WHERE "users"."id" = ?  [["remotely_signed_out", true], ["id", 6]]
+   (165.0ms)  commit transaction
+Completed 200 OK in 169ms (ActiveRecord: 165.5ms)
+  User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."id" = ? LIMIT ?  [["id", 6], ["LIMIT", 1]]
+   (0.1ms)  begin transaction
+  SQL (0.2ms)  INSERT INTO "users" ("name", "uid", "email", "permissions") VALUES (?, ?, ?, ?)  [["name", "Moshua Jarshall"], ["uid", "a1s2d37344"], ["email", "old@domain.com"], ["permissions", "---\n- signin\n"]]
+   (92.8ms)  commit transaction
+   (0.1ms)  begin transaction
+  SQL (0.2ms)  INSERT INTO "users" ("name", "uid", "email", "permissions") VALUES (?, ?, ?, ?)  [["name", "SSO Push user"], ["uid", "a1s2d36432"], ["email", "ssopushuser@legit.com"], ["permissions", "---\n- signin\n- user_update_permission\n"]]
+   (129.2ms)  commit transaction
+Processing by Api::UserController#reauth as HTML
+  Parameters: {"uid"=>"nonexistent-user"}
+  User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? ORDER BY "users"."id" ASC LIMIT ?  [["uid", "nonexistent-user"], ["LIMIT", 1]]
+Completed 200 OK in 2ms (ActiveRecord: 0.1ms)
+   (0.1ms)  begin transaction
+  SQL (0.3ms)  INSERT INTO "users" ("name", "uid", "email", "permissions") VALUES (?, ?, ?, ?)  [["name", "Moshua Jarshall"], ["uid", "a1s2d33449"], ["email", "old@domain.com"], ["permissions", "---\n- signin\n"]]
+   (144.5ms)  commit transaction
+   (0.1ms)  begin transaction
+  SQL (0.2ms)  INSERT INTO "users" ("name", "uid", "email", "permissions") VALUES (?, ?, ?, ?)  [["name", "SSO Push user"], ["uid", "a1s2d32843"], ["email", "ssopushuser@legit.com"], ["permissions", "---\n- signin\n- user_update_permission\n"]]
+   (164.9ms)  commit transaction
+Processing by Api::UserController#reauth as HTML
+  Parameters: {"uid"=>"a1s2d33449"}
+  Rendering /home/jenkins/workspace/govuk_gds_sso/app/views/authorisations/unauthorised.html.erb within layouts/unauthorised
+  Rendered /home/jenkins/workspace/govuk_gds_sso/app/views/authorisations/unauthorised.html.erb within layouts/unauthorised (0.1ms)
+Completed 403 Forbidden in 2ms (Views: 0.6ms | ActiveRecord: 0.0ms)
+  User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? ORDER BY "users"."id" ASC LIMIT ?  [["uid", "asd"], ["LIMIT", 1]]
+  User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."email" = ? ORDER BY "users"."id" ASC LIMIT ?  [["email", "user@example.com"], ["LIMIT", 1]]
+   (0.1ms)  begin transaction
+  SQL (0.3ms)  INSERT INTO "users" ("name", "uid", "email", "permissions", "organisation_slug", "organisation_content_id", "disabled") VALUES (?, ?, ?, ?, ?, ?, ?)  [["name", "A Name"], ["uid", "asd"], ["email", "user@example.com"], ["permissions", "---\n- signin\n"], ["organisation_slug", "hmrc"], ["organisation_content_id", "67a2b78d-eee3-45b3-80e2-792e7f71cecc"], ["disabled", nil]]
+   (273.2ms)  commit transaction
+  User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = ? ORDER BY "users"."id" ASC LIMIT ?  [["uid", "asd"], ["LIMIT", 1]]
+   (0.1ms)  begin transaction
+   (0.3ms)  commit transaction