gds-sso 9.2.1 → 9.2.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/Rakefile +1 -8
- data/lib/gds-sso/user.rb +15 -3
- data/lib/gds-sso/version.rb +1 -1
- data/lib/gds-sso/warden_config.rb +3 -2
- data/spec/controller/api_user_controller_spec.rb +22 -24
- data/spec/fixtures/integration/signonotron2.sql +2 -1
- data/spec/internal/db/combustion_test.sqlite +0 -0
- data/spec/internal/log/test.log +206 -206
- data/spec/requests/end_to_end_spec.rb +21 -19
- data/spec/spec_helper.rb +9 -1
- data/spec/support/timecop.rb +7 -0
- data/spec/unit/api_access_spec.rb +27 -0
- data/spec/unit/session_serialisation_spec.rb +62 -0
- data/{test/user_test.rb → spec/unit/user_spec.rb} +5 -5
- metadata +14 -32
- data/spec/requests/authentication_soot2.rb +0 -116
- data/test/api_access_test.rb +0 -27
- data/test/session_serialisation_test.rb +0 -58
- data/test/test_helper.rb +0 -8
data/test/api_access_test.rb
DELETED
@@ -1,27 +0,0 @@
|
|
1
|
-
require 'test_helper'
|
2
|
-
require 'gds-sso/api_access'
|
3
|
-
|
4
|
-
class ApiAccessTest < Test::Unit::TestCase
|
5
|
-
def test_internet_explorer_7_accept_header_is_not_considered_to_be_api_call
|
6
|
-
ie7_accept_header = 'image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, ' +
|
7
|
-
'application/x-shockwave-flash, application/xaml+xml, application/x-ms-xbap, ' +
|
8
|
-
'application/x-ms-application, */*'
|
9
|
-
refute GDS::SSO::ApiAccess.api_call?('HTTP_ACCEPT' => ie7_accept_header)
|
10
|
-
end
|
11
|
-
|
12
|
-
def test_application_json_accept_header_is_considered_to_be_api_call
|
13
|
-
assert GDS::SSO::ApiAccess.api_call?('HTTP_ACCEPT' => 'application/json')
|
14
|
-
end
|
15
|
-
|
16
|
-
def test_request_with_authorization_header_is_oauth_api_call
|
17
|
-
assert GDS::SSO::ApiAccess.oauth_api_call?('HTTP_AUTHORIZATION' => 'Bearer blahblahblah')
|
18
|
-
end
|
19
|
-
|
20
|
-
def test_request_with_http_basic_authorization_header_is_not_oauth_api_call
|
21
|
-
refute GDS::SSO::ApiAccess.oauth_api_call?('HTTP_AUTHORIZATION' => 'Basic Some basic credentials')
|
22
|
-
end
|
23
|
-
|
24
|
-
def test_request_with_empty_authorization_header_is_not_oauth_api_call
|
25
|
-
refute GDS::SSO::ApiAccess.oauth_api_call?('HTTP_AUTHORIZATION' => '')
|
26
|
-
end
|
27
|
-
end
|
@@ -1,58 +0,0 @@
|
|
1
|
-
require_relative 'test_helper'
|
2
|
-
require 'active_record'
|
3
|
-
|
4
|
-
class SessionSerialisationTest < Test::Unit::TestCase
|
5
|
-
class User < ActiveRecord::Base
|
6
|
-
include GDS::SSO::User
|
7
|
-
|
8
|
-
end
|
9
|
-
|
10
|
-
def setup
|
11
|
-
@old_user_model = GDS::SSO::Config.user_model
|
12
|
-
GDS::SSO::Config.user_model = "SessionSerialisationTest::User"
|
13
|
-
@user = stub("User", uid: 1234)
|
14
|
-
@serializer = Warden::SessionSerializer.new(nil)
|
15
|
-
end
|
16
|
-
def teardown
|
17
|
-
Timecop.return
|
18
|
-
GDS::SSO::Config.user_model = @old_user_model
|
19
|
-
end
|
20
|
-
|
21
|
-
def test_serializing_a_user_returns_the_uid_and_a_timestamp
|
22
|
-
Timecop.freeze
|
23
|
-
result = @serializer.serialize(@user)
|
24
|
-
|
25
|
-
assert_equal [1234, Time.now.utc], result
|
26
|
-
end
|
27
|
-
|
28
|
-
def test_serializing_a_user_without_a_uid_returns_nil
|
29
|
-
@user.stubs(:uid).returns(nil)
|
30
|
-
result = @serializer.serialize(@user)
|
31
|
-
|
32
|
-
assert_equal nil, result
|
33
|
-
end
|
34
|
-
|
35
|
-
def test_deserializing_a_user_and_in_date_timestamp_returns_the_user
|
36
|
-
User.expects(:where).with(:uid => 1234, :remotely_signed_out => false).returns(stub(:first => :a_user))
|
37
|
-
|
38
|
-
result = @serializer.deserialize [1234, Time.now.utc - GDS::SSO::Config.auth_valid_for + 3600]
|
39
|
-
|
40
|
-
assert_equal :a_user, result
|
41
|
-
end
|
42
|
-
|
43
|
-
def test_deserializing_a_user_and_out_of_date_timestamp_returns_nil
|
44
|
-
User.expects(:where).never
|
45
|
-
|
46
|
-
result = @serializer.deserialize [1234, Time.now.utc - GDS::SSO::Config.auth_valid_for - 3600]
|
47
|
-
|
48
|
-
assert_equal nil, result
|
49
|
-
end
|
50
|
-
|
51
|
-
def test_deserializing_a_user_without_a_timestamp_returns_nil
|
52
|
-
User.expects(:where).never
|
53
|
-
|
54
|
-
result = @serializer.deserialize 1234
|
55
|
-
|
56
|
-
assert_equal nil, result
|
57
|
-
end
|
58
|
-
end
|