gds-sso 0.4.1 → 0.4.2

data/README.md

@@ -4,7 +4,7 @@ GDS-SSO provides everything needed to integrate an application with the sign-on-
 (https://github.com/alphagov/sign-on-o-tron) as used by the Government Digital Service, though it
 will probably also work with a range of other oauth2 providers.
 
-It is a wrapper around omniauth that adds a 'strategy' for oAuth2 integration against sign-on-o-tron, 
+It is a wrapper around omniauth that adds a 'strategy' for oAuth2 integration against sign-on-o-tron,
 and the necessary controller to support that request flow.
 
 For more details on OmniAuth and oAuth2 integration see https://github.com/intridea/omniauth
@@ -23,14 +23,14 @@ Create a `config/initializers/gds-sso.rb` that looks like:
 
     GDS::SSO.config do |config|
       config.user_model   = 'User'
-      
+
       # set up ID and Secret in a way which doesn't require it to be checked in to source control...
       config.oauth_id     = ENV['OAUTH_ID']
       config.oauth_secret = ENV['OAUTH_SECRET']
-      
+
       # optional config for location of sign-on-o-tron
       config.oauth_root_url = "http://localhost:3001"
-      
+
       # optional config for API Access (requests which accept application/json)
       config.basic_auth_user = 'api'
       config.basic_auth_password = 'secret'

data/Rakefile

@@ -8,3 +8,5 @@ Rake::TestTask.new do |t|
   t.test_files = FileList['test/test*.rb']
   t.verbose = true
 end
+
+task :default => :test

data/lib/gds-sso/failure_app.rb

@@ -2,7 +2,7 @@ require "action_controller/metal"
 require 'rails'
 
 # Failure application that will be called every time :warden is thrown from
-# any strategy or hook. 
+# any strategy or hook.
 module GDS
   module SSO
     class FailureApp < ActionController::Metal
@@ -32,7 +32,7 @@ module GDS
       def store_location!
         session["return_to"] = env['warden.options'][:attempted_path] if request.get?
       end
-      
+
     end
   end
 end

data/lib/gds-sso/omniauth_strategy.rb

@@ -8,7 +8,7 @@ require 'multi_json'
 #     use OmniAuth::Builder :gds, 'API Key', 'Secret Key'
 
 class OmniAuth::Strategies::Gds < OmniAuth::Strategies::OAuth2
-  
+
   # @param [Rack Application] app standard middleware application parameter
   # @param [String] api_key the application id as [provided by GDS]
   # @param [String] secret_key the application secret as [provided by Bitly]
@@ -33,7 +33,7 @@ class OmniAuth::Strategies::Gds < OmniAuth::Strategies::OAuth2
       super
     end
   end
-    
+
   protected
 
   def fetch_user_data

data/lib/gds-sso/user.rb

@@ -2,6 +2,16 @@ require 'active_support/concern'
 
 module GDS
   module SSO
+    class ApiUser
+      def uid
+        0
+      end
+
+      def name
+        'API User'
+      end
+    end
+
     module User
       def self.user_params_from_auth_hash(auth_hash)
         {'uid' => auth_hash['uid'], 'email' => auth_hash['user_info']['email'], 'name' => auth_hash['user_info']['name'], 'version' => auth_hash['extra']['user_hash']['version']}

data/lib/gds-sso/version.rb

@@ -1,5 +1,5 @@
 module GDS
   module SSO
-    VERSION = "0.4.1"
+    VERSION = "0.4.2"
   end
 end

data/lib/gds-sso/warden_config.rb

@@ -18,7 +18,7 @@ Warden::Strategies.add(:gds_sso) do
     Rails.logger.debug("Authenticating with gds_sso strategy")
 
     if request.env['omniauth.auth'].nil?
-      fail!("No credentials, bub") 
+      fail!("No credentials, bub")
     else
       user = prep_user(request.env['omniauth.auth'])
       success!(user)
@@ -35,41 +35,45 @@ Warden::Strategies.add(:gds_sso) do
 end
 
 Warden::Strategies.add(:gds_sso_api_access) do
+  def api_user
+    @api_user ||= GDS::SSO::ApiUser.new
+  end
+
   def valid?
     ::GDS::SSO::ApiAccess.api_call?(env)
   end
-  
+
   def authenticate!
     Rails.logger.debug("Authenticating with gds_sso_api_access strategy")
 
     if ! basic_auth_configured?
       Rails.logger.debug("Basic auth not configured, not requiring authentication")
-      success!('api')
+      success!(api_user)
     end
-    
+
     auth = Rack::Auth::Basic::Request.new(env)
 
     return custom!(unauthorized) unless auth.provided?
     return fail!(:bad_request) unless auth.basic?
-  
+
     if valid_api_user?(*auth.credentials)
       success!(auth.credentials[0])
     else
       custom!(unauthorized)
     end
   end
-  
+
   def basic_auth_configured?
     ! ::GDS::SSO::Config.basic_auth_user.nil?
   end
-  
+
   def valid_api_user?(username, password)
-    username.to_s.strip != '' && 
-      password.to_s.strip != '' && 
+    username.to_s.strip != '' &&
+      password.to_s.strip != '' &&
       username == ::GDS::SSO::Config.basic_auth_user &&
       password == ::GDS::SSO::Config.basic_auth_password
   end
-  
+
   def unauthorized
     [
       401,
@@ -103,7 +107,7 @@ Warden::Strategies.add(:mock_gds_sso_api_access) do
   def valid?
     ::GDS::SSO::ApiAccess.api_call?(env)
   end
-  
+
   def authenticate!
     Rails.logger.debug("Authenticating with mock_gds_sso_api_access strategy")
     success!(GDS::SSO.test_user || GDS::SSO::Config.user_klass.first)

data/lib/gds-sso.rb

@@ -23,7 +23,7 @@ module GDS
       # Force routes to be loaded if we are doing any eager load.
       # TODO - check this one - Stolen from Devise because it looked sensible...
       config.before_eager_load { |app| app.reload_routes! }
-      
+
       config.app_middleware.use ::OmniAuth::Builder do
         provider :gds, GDS::SSO::Config.oauth_id, GDS::SSO::Config.oauth_secret
       end
@@ -31,7 +31,7 @@ module GDS
       def self.use_mock_strategies?
         ['development', 'test'].include?(Rails.env) && ENV['GDS_SSO_STRATEGY'] != 'real'
       end
-      
+
       def self.default_strategies
         use_mock_strategies? ? [:mock_gds_sso, :mock_gds_sso_api_access] : [:gds_sso, :gds_sso_api_access]
       end

data/test/test_gds_sso_strategy.rb

@@ -0,0 +1,19 @@
+require 'test_helper'
+require 'json'
+require 'gds-sso'
+require 'gds-sso/omniauth_strategy'
+require 'capybara/dsl'
+
+class TestGdsSsoStrategy < Test::Unit::TestCase
+  include OmniAuth::Test::StrategyTestCase
+  include Capybara::DSL
+
+  def strategy
+    # return the parameters to a Rack::Builder map call:
+    [OmniAuth::Strategies::Gds.new, 'client_id', 'client_secret']
+  end
+
+  def setup
+    # post '/auth/gds_sso/callback', :user => { 'name' => 'Dylan', 'id' => '445' }
+  end
+end

data/test/test_omniauth_strategy.rb

@@ -7,7 +7,16 @@ class TestOmniAuthStrategy < Test::Unit::TestCase
   def setup
     @app = stub("app")
     @strategy = OmniAuth::Strategies::Gds.new(@app, :gds, 'client_id', 'client_secret')
-    @strategy.stubs(:fetch_user_data).returns({'user' => {'uid' => 'abcde', 'version' => 1, 'name' => 'Matt Patterson', 'email' => 'matt@alphagov.co.uk', 'github' => 'fidothe', 'twitter' => 'fidothe'}}.to_json)
+    @strategy.stubs(:fetch_user_data).returns({
+      'user' => {
+        'uid' => 'abcde',
+        'version' => 1,
+        'name' => 'Matt Patterson',
+        'email' => 'matt@alphagov.co.uk',
+        'github' => 'fidothe',
+        'twitter' => 'fidothe'
+      }
+    }.to_json)
   end
 
   def test_build_auth_hash_returns_name_and_email
@@ -16,13 +25,13 @@ class TestOmniAuthStrategy < Test::Unit::TestCase
   end
 
   def test_build_auth_hash_contains_extra_info
-    expected = {'uid' => 'abcde', 'version' => 1, 'name' => 'Matt Patterson', 'email' => 'matt@alphagov.co.uk', 'github' => 'fidothe', 'twitter' => 'fidothe'}    
+    expected = {'uid' => 'abcde', 'version' => 1, 'name' => 'Matt Patterson', 'email' => 'matt@alphagov.co.uk', 'github' => 'fidothe', 'twitter' => 'fidothe'}
     assert_equal expected, @strategy.send(:build_auth_hash)['extra']['user_hash']
   end
-  
+
   def test_oauth_bypassed_if_json_is_accepted_by_request
     @app.expects(:call)
     rack_env = { "HTTP_ACCEPT" => 'application/json' }
     @strategy.call(rack_env)
   end
-end
+end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: gds-sso
 version: !ruby/object:Gem::Version
-  version: 0.4.1
+  version: 0.4.2
   prerelease: 
 platform: ruby
 authors:
@@ -10,11 +10,11 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2012-01-17 00:00:00.000000000Z
+date: 2012-01-24 00:00:00.000000000Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails
-  requirement: &70114838714620 !ruby/object:Gem::Requirement
+  requirement: &70147169913100 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ! '>='
@@ -22,10 +22,10 @@ dependencies:
         version: 3.0.0
   type: :runtime
   prerelease: false
-  version_requirements: *70114838714620
+  version_requirements: *70147169913100
 - !ruby/object:Gem::Dependency
   name: warden
-  requirement: &70114838713520 !ruby/object:Gem::Requirement
+  requirement: &70147169912600 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - =
@@ -33,10 +33,10 @@ dependencies:
         version: 1.0.6
   type: :runtime
   prerelease: false
-  version_requirements: *70114838713520
+  version_requirements: *70147169912600
 - !ruby/object:Gem::Dependency
   name: oauth2
-  requirement: &70114838712840 !ruby/object:Gem::Requirement
+  requirement: &70147169912140 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - =
@@ -44,10 +44,10 @@ dependencies:
         version: 0.4.1
   type: :runtime
   prerelease: false
-  version_requirements: *70114838712840
+  version_requirements: *70147169912140
 - !ruby/object:Gem::Dependency
   name: oa-oauth
-  requirement: &70114838712360 !ruby/object:Gem::Requirement
+  requirement: &70147169911680 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - =
@@ -55,10 +55,10 @@ dependencies:
         version: 0.2.6
   type: :runtime
   prerelease: false
-  version_requirements: *70114838712360
+  version_requirements: *70147169911680
 - !ruby/object:Gem::Dependency
   name: oa-core
-  requirement: &70114838708720 !ruby/object:Gem::Requirement
+  requirement: &70147169911220 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - =
@@ -66,10 +66,10 @@ dependencies:
         version: 0.2.6
   type: :runtime
   prerelease: false
-  version_requirements: *70114838708720
+  version_requirements: *70147169911220
 - !ruby/object:Gem::Dependency
   name: rack-accept
-  requirement: &70114838707980 !ruby/object:Gem::Requirement
+  requirement: &70147169910760 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ~>
@@ -77,10 +77,10 @@ dependencies:
         version: 0.4.4
   type: :runtime
   prerelease: false
-  version_requirements: *70114838707980
+  version_requirements: *70147169910760
 - !ruby/object:Gem::Dependency
   name: plek
-  requirement: &70114838707400 !ruby/object:Gem::Requirement
+  requirement: &70147169910380 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ! '>='
@@ -88,10 +88,10 @@ dependencies:
         version: '0'
   type: :runtime
   prerelease: false
-  version_requirements: *70114838707400
+  version_requirements: *70147169910380
 - !ruby/object:Gem::Dependency
   name: rake
-  requirement: &70114838706180 !ruby/object:Gem::Requirement
+  requirement: &70147169909840 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ~>
@@ -99,10 +99,10 @@ dependencies:
         version: 0.9.2
   type: :development
   prerelease: false
-  version_requirements: *70114838706180
+  version_requirements: *70147169909840
 - !ruby/object:Gem::Dependency
   name: mocha
-  requirement: &70114838704460 !ruby/object:Gem::Requirement
+  requirement: &70147169909340 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ~>
@@ -110,7 +110,18 @@ dependencies:
         version: 0.9.0
   type: :development
   prerelease: false
-  version_requirements: *70114838704460
+  version_requirements: *70147169909340
+- !ruby/object:Gem::Dependency
+  name: capybara
+  requirement: &70147169908960 !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: *70147169908960
 description: Client for GDS' OAuth 2-based SSO
 email:
 - matt@constituentparts.com
@@ -135,7 +146,9 @@ files:
 - README.md
 - Gemfile
 - Rakefile
+- test/test_gds_sso_strategy.rb
 - test/test_helper.rb
+- test/test_http_strategy.rb
 - test/test_omniauth_strategy.rb
 - test/test_user.rb
 homepage: https://github.com/alphagov/gds-sso
@@ -163,6 +176,8 @@ signing_key:
 specification_version: 3
 summary: Client for GDS' OAuth 2-based SSO
 test_files:
+- test/test_gds_sso_strategy.rb
 - test/test_helper.rb
+- test/test_http_strategy.rb
 - test/test_omniauth_strategy.rb
 - test/test_user.rb