gds-sso 9.2.7 → 9.3.0
Sign up to get free protection for your applications and to get access to all the features.
- data/Gemfile +7 -0
- data/lib/gds-sso.rb +2 -5
- data/lib/gds-sso/bearer_token.rb +62 -0
- data/lib/gds-sso/config.rb +4 -0
- data/lib/gds-sso/failure_app.rb +3 -1
- data/lib/gds-sso/version.rb +1 -1
- data/lib/gds-sso/warden_config.rb +5 -100
- data/spec/fixtures/integration/authorize_api_users.sql +5 -2
- data/spec/fixtures/integration/signonotron2.sql +8 -2
- data/spec/internal/db/combustion_test.sqlite +0 -0
- data/spec/internal/log/test.log +260 -224
- data/spec/requests/end_to_end_spec.rb +6 -0
- metadata +71 -54
|
@@ -171,5 +171,11 @@ describe "Integration of client using GDS-SSO with signonotron" do
|
|
|
171
171
|
visit "http://#{@client_host}/this_requires_signin_permission"
|
|
172
172
|
expect(page).to have_content('you have signin permission')
|
|
173
173
|
end
|
|
174
|
+
|
|
175
|
+
specify "a token for one app cannot be used to access a different app" do
|
|
176
|
+
page.driver.header 'authorization', "Bearer 98c72f4da02fdc43398e029d05567542944d2a9b0df3c20b0accd8bd6c5dc728"
|
|
177
|
+
visit "http://#{@client_host}/restricted"
|
|
178
|
+
expect(page.driver.response.status).to eq(401)
|
|
179
|
+
end
|
|
174
180
|
end
|
|
175
181
|
end
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: gds-sso
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 9.
|
|
4
|
+
version: 9.3.0
|
|
5
5
|
prerelease:
|
|
6
6
|
platform: ruby
|
|
7
7
|
authors:
|
|
@@ -10,7 +10,7 @@ authors:
|
|
|
10
10
|
autorequire:
|
|
11
11
|
bindir: bin
|
|
12
12
|
cert_chain: []
|
|
13
|
-
date: 2014-
|
|
13
|
+
date: 2014-07-18 00:00:00.000000000 Z
|
|
14
14
|
dependencies:
|
|
15
15
|
- !ruby/object:Gem::Dependency
|
|
16
16
|
name: rails
|
|
@@ -45,29 +45,29 @@ dependencies:
|
|
|
45
45
|
- !ruby/object:Gem::Version
|
|
46
46
|
version: '1.2'
|
|
47
47
|
- !ruby/object:Gem::Dependency
|
|
48
|
-
name:
|
|
48
|
+
name: oauth2
|
|
49
49
|
requirement: !ruby/object:Gem::Requirement
|
|
50
50
|
none: false
|
|
51
51
|
requirements:
|
|
52
|
-
- -
|
|
52
|
+
- - ~>
|
|
53
53
|
- !ruby/object:Gem::Version
|
|
54
|
-
version:
|
|
54
|
+
version: '1.0'
|
|
55
55
|
type: :runtime
|
|
56
56
|
prerelease: false
|
|
57
57
|
version_requirements: !ruby/object:Gem::Requirement
|
|
58
58
|
none: false
|
|
59
59
|
requirements:
|
|
60
|
-
- -
|
|
60
|
+
- - ~>
|
|
61
61
|
- !ruby/object:Gem::Version
|
|
62
|
-
version:
|
|
62
|
+
version: '1.0'
|
|
63
63
|
- !ruby/object:Gem::Dependency
|
|
64
|
-
name:
|
|
64
|
+
name: omniauth
|
|
65
65
|
requirement: !ruby/object:Gem::Requirement
|
|
66
66
|
none: false
|
|
67
67
|
requirements:
|
|
68
68
|
- - ~>
|
|
69
69
|
- !ruby/object:Gem::Version
|
|
70
|
-
version:
|
|
70
|
+
version: '1.2'
|
|
71
71
|
type: :runtime
|
|
72
72
|
prerelease: false
|
|
73
73
|
version_requirements: !ruby/object:Gem::Requirement
|
|
@@ -75,63 +75,79 @@ dependencies:
|
|
|
75
75
|
requirements:
|
|
76
76
|
- - ~>
|
|
77
77
|
- !ruby/object:Gem::Version
|
|
78
|
-
version:
|
|
78
|
+
version: '1.2'
|
|
79
79
|
- !ruby/object:Gem::Dependency
|
|
80
|
-
name:
|
|
80
|
+
name: omniauth-gds
|
|
81
81
|
requirement: !ruby/object:Gem::Requirement
|
|
82
82
|
none: false
|
|
83
83
|
requirements:
|
|
84
|
-
- -
|
|
84
|
+
- - ~>
|
|
85
85
|
- !ruby/object:Gem::Version
|
|
86
|
-
version:
|
|
87
|
-
type: :
|
|
86
|
+
version: '3.1'
|
|
87
|
+
type: :runtime
|
|
88
88
|
prerelease: false
|
|
89
89
|
version_requirements: !ruby/object:Gem::Requirement
|
|
90
90
|
none: false
|
|
91
91
|
requirements:
|
|
92
|
-
- -
|
|
92
|
+
- - ~>
|
|
93
93
|
- !ruby/object:Gem::Version
|
|
94
|
-
version:
|
|
94
|
+
version: '3.1'
|
|
95
95
|
- !ruby/object:Gem::Dependency
|
|
96
|
-
name:
|
|
96
|
+
name: warden-oauth2
|
|
97
97
|
requirement: !ruby/object:Gem::Requirement
|
|
98
98
|
none: false
|
|
99
99
|
requirements:
|
|
100
|
-
- -
|
|
100
|
+
- - ~>
|
|
101
101
|
- !ruby/object:Gem::Version
|
|
102
|
-
version:
|
|
103
|
-
type: :
|
|
102
|
+
version: 0.0.1
|
|
103
|
+
type: :runtime
|
|
104
104
|
prerelease: false
|
|
105
105
|
version_requirements: !ruby/object:Gem::Requirement
|
|
106
106
|
none: false
|
|
107
107
|
requirements:
|
|
108
|
-
- -
|
|
108
|
+
- - ~>
|
|
109
109
|
- !ruby/object:Gem::Version
|
|
110
|
-
version:
|
|
110
|
+
version: 0.0.1
|
|
111
111
|
- !ruby/object:Gem::Dependency
|
|
112
|
-
name:
|
|
112
|
+
name: rack-accept
|
|
113
113
|
requirement: !ruby/object:Gem::Requirement
|
|
114
114
|
none: false
|
|
115
115
|
requirements:
|
|
116
|
-
- -
|
|
116
|
+
- - ~>
|
|
117
117
|
- !ruby/object:Gem::Version
|
|
118
|
-
version:
|
|
119
|
-
type: :
|
|
118
|
+
version: 0.4.4
|
|
119
|
+
type: :runtime
|
|
120
120
|
prerelease: false
|
|
121
121
|
version_requirements: !ruby/object:Gem::Requirement
|
|
122
122
|
none: false
|
|
123
123
|
requirements:
|
|
124
|
-
- -
|
|
124
|
+
- - ~>
|
|
125
125
|
- !ruby/object:Gem::Version
|
|
126
|
-
version:
|
|
126
|
+
version: 0.4.4
|
|
127
127
|
- !ruby/object:Gem::Dependency
|
|
128
|
-
name:
|
|
128
|
+
name: multi_json
|
|
129
|
+
requirement: !ruby/object:Gem::Requirement
|
|
130
|
+
none: false
|
|
131
|
+
requirements:
|
|
132
|
+
- - ~>
|
|
133
|
+
- !ruby/object:Gem::Version
|
|
134
|
+
version: '1.0'
|
|
135
|
+
type: :runtime
|
|
136
|
+
prerelease: false
|
|
137
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
138
|
+
none: false
|
|
139
|
+
requirements:
|
|
140
|
+
- - ~>
|
|
141
|
+
- !ruby/object:Gem::Version
|
|
142
|
+
version: '1.0'
|
|
143
|
+
- !ruby/object:Gem::Dependency
|
|
144
|
+
name: rake
|
|
129
145
|
requirement: !ruby/object:Gem::Requirement
|
|
130
146
|
none: false
|
|
131
147
|
requirements:
|
|
132
148
|
- - '='
|
|
133
149
|
- !ruby/object:Gem::Version
|
|
134
|
-
version: 0.
|
|
150
|
+
version: 0.9.2.2
|
|
135
151
|
type: :development
|
|
136
152
|
prerelease: false
|
|
137
153
|
version_requirements: !ruby/object:Gem::Requirement
|
|
@@ -139,15 +155,15 @@ dependencies:
|
|
|
139
155
|
requirements:
|
|
140
156
|
- - '='
|
|
141
157
|
- !ruby/object:Gem::Version
|
|
142
|
-
version: 0.
|
|
158
|
+
version: 0.9.2.2
|
|
143
159
|
- !ruby/object:Gem::Dependency
|
|
144
|
-
name:
|
|
160
|
+
name: capybara
|
|
145
161
|
requirement: !ruby/object:Gem::Requirement
|
|
146
162
|
none: false
|
|
147
163
|
requirements:
|
|
148
164
|
- - '='
|
|
149
165
|
- !ruby/object:Gem::Version
|
|
150
|
-
version:
|
|
166
|
+
version: 1.1.2
|
|
151
167
|
type: :development
|
|
152
168
|
prerelease: false
|
|
153
169
|
version_requirements: !ruby/object:Gem::Requirement
|
|
@@ -155,15 +171,15 @@ dependencies:
|
|
|
155
171
|
requirements:
|
|
156
172
|
- - '='
|
|
157
173
|
- !ruby/object:Gem::Version
|
|
158
|
-
version:
|
|
174
|
+
version: 1.1.2
|
|
159
175
|
- !ruby/object:Gem::Dependency
|
|
160
|
-
name:
|
|
176
|
+
name: rspec-rails
|
|
161
177
|
requirement: !ruby/object:Gem::Requirement
|
|
162
178
|
none: false
|
|
163
179
|
requirements:
|
|
164
180
|
- - '='
|
|
165
181
|
- !ruby/object:Gem::Version
|
|
166
|
-
version:
|
|
182
|
+
version: 2.14.1
|
|
167
183
|
type: :development
|
|
168
184
|
prerelease: false
|
|
169
185
|
version_requirements: !ruby/object:Gem::Requirement
|
|
@@ -171,15 +187,15 @@ dependencies:
|
|
|
171
187
|
requirements:
|
|
172
188
|
- - '='
|
|
173
189
|
- !ruby/object:Gem::Version
|
|
174
|
-
version:
|
|
190
|
+
version: 2.14.1
|
|
175
191
|
- !ruby/object:Gem::Dependency
|
|
176
|
-
name:
|
|
192
|
+
name: capybara-mechanize
|
|
177
193
|
requirement: !ruby/object:Gem::Requirement
|
|
178
194
|
none: false
|
|
179
195
|
requirements:
|
|
180
196
|
- - '='
|
|
181
197
|
- !ruby/object:Gem::Version
|
|
182
|
-
version:
|
|
198
|
+
version: 0.3.0
|
|
183
199
|
type: :development
|
|
184
200
|
prerelease: false
|
|
185
201
|
version_requirements: !ruby/object:Gem::Requirement
|
|
@@ -187,15 +203,15 @@ dependencies:
|
|
|
187
203
|
requirements:
|
|
188
204
|
- - '='
|
|
189
205
|
- !ruby/object:Gem::Version
|
|
190
|
-
version:
|
|
206
|
+
version: 0.3.0
|
|
191
207
|
- !ruby/object:Gem::Dependency
|
|
192
|
-
name:
|
|
208
|
+
name: combustion
|
|
193
209
|
requirement: !ruby/object:Gem::Requirement
|
|
194
210
|
none: false
|
|
195
211
|
requirements:
|
|
196
212
|
- - '='
|
|
197
213
|
- !ruby/object:Gem::Version
|
|
198
|
-
version: 0.
|
|
214
|
+
version: 0.5.1
|
|
199
215
|
type: :development
|
|
200
216
|
prerelease: false
|
|
201
217
|
version_requirements: !ruby/object:Gem::Requirement
|
|
@@ -203,15 +219,15 @@ dependencies:
|
|
|
203
219
|
requirements:
|
|
204
220
|
- - '='
|
|
205
221
|
- !ruby/object:Gem::Version
|
|
206
|
-
version: 0.
|
|
222
|
+
version: 0.5.1
|
|
207
223
|
- !ruby/object:Gem::Dependency
|
|
208
|
-
name:
|
|
224
|
+
name: gem_publisher
|
|
209
225
|
requirement: !ruby/object:Gem::Requirement
|
|
210
226
|
none: false
|
|
211
227
|
requirements:
|
|
212
228
|
- - '='
|
|
213
229
|
- !ruby/object:Gem::Version
|
|
214
|
-
version:
|
|
230
|
+
version: 1.0.0
|
|
215
231
|
type: :development
|
|
216
232
|
prerelease: false
|
|
217
233
|
version_requirements: !ruby/object:Gem::Requirement
|
|
@@ -219,15 +235,15 @@ dependencies:
|
|
|
219
235
|
requirements:
|
|
220
236
|
- - '='
|
|
221
237
|
- !ruby/object:Gem::Version
|
|
222
|
-
version:
|
|
238
|
+
version: 1.0.0
|
|
223
239
|
- !ruby/object:Gem::Dependency
|
|
224
|
-
name:
|
|
240
|
+
name: sqlite3
|
|
225
241
|
requirement: !ruby/object:Gem::Requirement
|
|
226
242
|
none: false
|
|
227
243
|
requirements:
|
|
228
244
|
- - '='
|
|
229
245
|
- !ruby/object:Gem::Version
|
|
230
|
-
version:
|
|
246
|
+
version: 1.3.6
|
|
231
247
|
type: :development
|
|
232
248
|
prerelease: false
|
|
233
249
|
version_requirements: !ruby/object:Gem::Requirement
|
|
@@ -235,15 +251,15 @@ dependencies:
|
|
|
235
251
|
requirements:
|
|
236
252
|
- - '='
|
|
237
253
|
- !ruby/object:Gem::Version
|
|
238
|
-
version:
|
|
254
|
+
version: 1.3.6
|
|
239
255
|
- !ruby/object:Gem::Dependency
|
|
240
|
-
name:
|
|
256
|
+
name: timecop
|
|
241
257
|
requirement: !ruby/object:Gem::Requirement
|
|
242
258
|
none: false
|
|
243
259
|
requirements:
|
|
244
260
|
- - '='
|
|
245
261
|
- !ruby/object:Gem::Version
|
|
246
|
-
version: 0.
|
|
262
|
+
version: 0.3.5
|
|
247
263
|
type: :development
|
|
248
264
|
prerelease: false
|
|
249
265
|
version_requirements: !ruby/object:Gem::Requirement
|
|
@@ -251,7 +267,7 @@ dependencies:
|
|
|
251
267
|
requirements:
|
|
252
268
|
- - '='
|
|
253
269
|
- !ruby/object:Gem::Version
|
|
254
|
-
version: 0.
|
|
270
|
+
version: 0.3.5
|
|
255
271
|
description: Client for GDS' OAuth 2-based SSO
|
|
256
272
|
email:
|
|
257
273
|
- matt@constituentparts.com
|
|
@@ -268,6 +284,7 @@ files:
|
|
|
268
284
|
- app/controllers/api/user_controller.rb
|
|
269
285
|
- config/routes.rb
|
|
270
286
|
- lib/gds-sso/controller_methods.rb
|
|
287
|
+
- lib/gds-sso/bearer_token.rb
|
|
271
288
|
- lib/gds-sso/version.rb
|
|
272
289
|
- lib/gds-sso/config.rb
|
|
273
290
|
- lib/gds-sso/failure_app.rb
|
|
@@ -315,7 +332,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
|
315
332
|
version: '0'
|
|
316
333
|
segments:
|
|
317
334
|
- 0
|
|
318
|
-
hash:
|
|
335
|
+
hash: -273519884690560048
|
|
319
336
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
320
337
|
none: false
|
|
321
338
|
requirements:
|
|
@@ -324,7 +341,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
324
341
|
version: '0'
|
|
325
342
|
segments:
|
|
326
343
|
- 0
|
|
327
|
-
hash:
|
|
344
|
+
hash: -273519884690560048
|
|
328
345
|
requirements: []
|
|
329
346
|
rubyforge_project: gds-sso
|
|
330
347
|
rubygems_version: 1.8.23
|