gds-sso 18.0.0 → 18.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: fd40185db721bf1aed57caf86387932c0308b64d7138ae09c3489bf825fd0e30
|
|
4
|
+
data.tar.gz: 4bf2659c890b40cefb9b6981c029a1aabb5ded89c200a17c91ef479029c4c39a
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 293b83f8018f1318d06a2c90717ba7f76c8b23e974085a7a0bf228b911442faa9ebbcc23f78a8945752676a34058cadf80ed406aaecbc8bc789a6bcea74b7307
|
|
7
|
+
data.tar.gz: 2345880b44e81b65fbf04198337560e84d87cbaa7a52fb2284d0f6bf7f49561975a28436d0d6898e7b3abe2125ae4effb57822c3036043a6bc35b967e01ae73f
|
data/lib/gds-sso/version.rb
CHANGED
|
@@ -1,6 +1,42 @@
|
|
|
1
1
|
require "spec_helper"
|
|
2
2
|
|
|
3
3
|
RSpec.describe "Authenication and authorisation" do
|
|
4
|
+
context "omniauth request phase" do
|
|
5
|
+
let(:redirect_url) { URI.parse(page.response_headers["Location"]) }
|
|
6
|
+
let(:authorize_params) { Rack::Utils.parse_query(redirect_url.query) }
|
|
7
|
+
|
|
8
|
+
before do
|
|
9
|
+
visit "/auth/gds"
|
|
10
|
+
end
|
|
11
|
+
|
|
12
|
+
it "includes pkce code_challenge_method in request for /oauth/authorize" do
|
|
13
|
+
expect(redirect_url.path).to eql("/oauth/authorize")
|
|
14
|
+
expect(authorize_params["code_challenge_method"]).to eq("S256")
|
|
15
|
+
end
|
|
16
|
+
|
|
17
|
+
it "includes pkce code_challenge in request for /oauth/authorize" do
|
|
18
|
+
expect(redirect_url.path).to eql("/oauth/authorize")
|
|
19
|
+
expect(authorize_params["code_challenge"]).to be_present
|
|
20
|
+
end
|
|
21
|
+
end
|
|
22
|
+
|
|
23
|
+
context "omniauth callback phase" do
|
|
24
|
+
it "includes pkce code_verifier in request for /oauth/access_token" do
|
|
25
|
+
visit "/auth/gds"
|
|
26
|
+
|
|
27
|
+
redirect_url = URI.parse(page.response_headers["Location"])
|
|
28
|
+
expect(redirect_url.path).to eql("/oauth/authorize")
|
|
29
|
+
state = Rack::Utils.parse_query(redirect_url.query)["state"]
|
|
30
|
+
|
|
31
|
+
stub_request(:post, "http://signon/oauth/access_token")
|
|
32
|
+
|
|
33
|
+
visit "/auth/gds/callback?state=#{state}"
|
|
34
|
+
|
|
35
|
+
expect(WebMock).to have_requested(:post, "http://signon/oauth/access_token")
|
|
36
|
+
.with(body: hash_including({ "code_verifier" => /.*/ }))
|
|
37
|
+
end
|
|
38
|
+
end
|
|
39
|
+
|
|
4
40
|
context "when accessing a route that doesn't require permissions or authentication" do
|
|
5
41
|
it "allows access" do
|
|
6
42
|
visit "/not-restricted"
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: gds-sso
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 18.
|
|
4
|
+
version: 18.1.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- GOV.UK Dev
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2023-08-
|
|
11
|
+
date: 2023-08-24 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: oauth2
|
|
@@ -298,7 +298,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
298
298
|
- !ruby/object:Gem::Version
|
|
299
299
|
version: '0'
|
|
300
300
|
requirements: []
|
|
301
|
-
rubygems_version: 3.4.
|
|
301
|
+
rubygems_version: 3.4.19
|
|
302
302
|
signing_key:
|
|
303
303
|
specification_version: 4
|
|
304
304
|
summary: Client for GDS' OAuth 2-based SSO
|