gds-sso 0.6.1 → 0.7.0

data/app/controllers/authorisations_controller.rb

@@ -0,0 +1,4 @@
+class AuthorisationsController < ApplicationController
+  def cant_signin
+  end
+end

data/app/views/authorisations/cant_signin.html.erb

@@ -0,0 +1,3 @@
+<h1>Error</h1>
+
+<p>ACCESS DENIED!</p>

data/config/routes.rb

@@ -2,4 +2,5 @@ Rails.application.routes.draw do
   match '/auth/gds/callback', to: 'authentications#callback', as: :gds_sign_in
   match '/auth/gds/sign_out', to: 'authentications#sign_out', as: :gds_sign_out
   match '/auth/failure',  to: 'authentications#failure',  as: :auth_failure
+  match '/authorisations/cant_signin', to: 'authorisations#cant_signin', as: :cant_signin
 end

data/lib/gds-sso/config.rb

@@ -20,6 +20,10 @@ module GDS
       mattr_accessor :basic_auth_user
       mattr_accessor :basic_auth_password
       mattr_accessor :basic_auth_realm
+
+      # default_scope, usually the app, e.g. Publisher
+      mattr_accessor :default_scope
+
       @@basic_auth_realm = "API Access"
 
       def self.user_klass

data/lib/gds-sso/controller_methods.rb

@@ -1,6 +1,21 @@
 module GDS
   module SSO
     module ControllerMethods
+      class PermissionDeniedException < StandardError
+      end
+
+      def authorise_user!(scope, permission)
+        if not current_user.has_permission?(scope, permission)
+          raise PermissionDeniedException
+        end
+      end
+
+      def require_signin_permission!
+        authorise_user!(GDS::SSO::Config.default_scope, 'signin')
+      rescue PermissionDeniedException
+        redirect_to cant_signin_url
+      end
+
       def authenticate_user!
         warden.authenticate!
       end

data/lib/gds-sso/user.rb

@@ -13,8 +13,22 @@ module GDS
     end
 
     module User
+      def has_permission?(scope, permission)
+        # NOTE: this line is a temporary helper until we have migrated users over to having permissions.
+        return true if permissions.has_key?("everything") && permissions["everything"][0] == "signin"
+
+        if permissions.has_key?(scope)
+          permissions[scope].include?(permission) || permissions[scope].include?("admin")
+        end
+      end
+
       def self.user_params_from_auth_hash(auth_hash)
-        {'uid' => auth_hash['uid'], 'email' => auth_hash['info']['email'], 'name' => auth_hash['info']['name']}
+        {
+          'uid'         => auth_hash['uid'],
+          'email'       => auth_hash['info']['email'],
+          'name'        => auth_hash['info']['name'],
+          'permissions' => auth_hash['extra']['user']['permissions']
+        }
       end
 
       extend ActiveSupport::Concern
@@ -22,12 +36,13 @@ module GDS
       module ClassMethods
         def find_for_gds_oauth(auth_hash)
           if user = self.find_by_uid(auth_hash["uid"])
+            user.update_attributes(GDS::SSO::User.user_params_from_auth_hash(auth_hash), as: :oauth)
             user
           else # Create a new user.
-            self.create!(GDS::SSO::User.user_params_from_auth_hash(auth_hash))
+            self.create!(GDS::SSO::User.user_params_from_auth_hash(auth_hash), as: :oauth)
           end
         end
       end
     end
   end
-end
+end

data/lib/gds-sso/version.rb

@@ -1,5 +1,5 @@
 module GDS
   module SSO
-    VERSION = "0.6.1"
+    VERSION = "0.7.0"
   end
 end

data/spec/fixtures/integration/signonotron2.sql

@@ -2,8 +2,10 @@
 DELETE FROM `oauth_access_grants`;
 DELETE FROM `oauth_access_tokens`;
 DELETE FROM `oauth_applications`;
+DELETE FROM `permissions`;
 DELETE FROM `users`;
 
 -- Setup fixture data
 INSERT INTO `oauth_applications` VALUES (1,'GDS_SSO integration test','gds-sso-test','secret','http://www.example-client.com/auth/gds/callback','2012-04-19 13:26:54','2012-04-19 13:26:54');
 INSERT INTO `users` (id, email, encrypted_password, created_at, updated_at, name, uid, is_admin) VALUES (1,'test@example-client.com','$2a$04$MdMkVFwTq5GLJJkHS8GLIe6dK1.C4ozzba5ZS5Ks2b/NenVsMGGRW','2012-04-19 13:26:54','2012-04-19 13:26:54','Test User','integration-uid', 0);
+INSERT INTO `permissions` (id, user_id, application_id, permissions) VALUES (1,1,1,'["signin"]');

data/spec/internal/app/models/user.rb

@@ -1,4 +1,4 @@
-class User
+class User < OpenStruct
   include GDS::SSO::User
 
   def self.find_by_uid(something)
@@ -11,8 +11,9 @@ class User
   end
 
   def self.stub_user
-    OpenStruct.new({ :uid => '1', :name => "User" })
+    User.new({ :uid => '1', :name => "User" })
   end
 
-
+  def update_attributes(*args)
+  end
 end

data/spec/internal/config/initializers/gds-sso.rb

@@ -5,4 +5,5 @@ GDS::SSO.config do |config|
   config.oauth_root_url = "http://localhost:4567"
   config.basic_auth_user = 'test_api_user'
   config.basic_auth_password = 'api_user_password'
+  config.default_scope = 'test-app'
 end

data/spec/internal/log/test.log

@@ -1893,3 +1893,255 @@ Started GET "/restricted" for 127.0.0.1 at 2012-06-14 15:20:03 +0000
   Processing by ExampleController#restricted as JSON
 Authenticating with gds_sso_api_access strategy
 Completed 200 OK in 1ms (Views: 0.6ms)
+
+
+Started GET "/" for 127.0.0.1 at 2012-06-15 09:29:24 +0000
+  Processing by ExampleController#index as HTML
+Rendered text template (0.0ms)
+Completed 200 OK in 49ms (Views: 48.3ms)
+
+
+Started GET "/restricted" for 127.0.0.1 at 2012-06-15 09:29:24 +0000
+  Processing by ExampleController#restricted as HTML
+Authenticating with gds_sso strategy
+Completed   in 56ms
+
+
+Started GET "/auth/gds" for 127.0.0.1 at 2012-06-15 09:29:24 +0000
+
+
+Started GET "/auth/gds/callback?code=9c40ca92c39c3338e549df12196d4f0b0a29bec28567bee9dfafa65266c6aa2d" for 127.0.0.1 at 2012-06-15 09:29:25 +0000
+  Processing by AuthenticationsController#callback as HTML
+  Parameters: {"code"=>"9c40ca92c39c3338e549df12196d4f0b0a29bec28567bee9dfafa65266c6aa2d"}
+Authenticating with gds_sso strategy
+Redirected to http://www.example-client.com/restricted
+Completed 302 Found in 1ms
+
+
+Started GET "/restricted" for 127.0.0.1 at 2012-06-15 09:29:25 +0000
+  Processing by ExampleController#restricted as HTML
+Completed 200 OK in 1ms (Views: 0.8ms)
+
+
+Started GET "/restricted" for 127.0.0.1 at 2012-06-15 09:29:25 +0000
+  Processing by ExampleController#restricted as HTML
+Authenticating with gds_sso strategy
+Completed   in 0ms
+
+
+Started GET "/auth/gds" for 127.0.0.1 at 2012-06-15 09:29:25 +0000
+
+
+Started GET "/auth/gds/callback?code=3e0d20f58159ab251f98c0a1913c9328f5101d883ce6c4cf65305ccc2c131e66" for 127.0.0.1 at 2012-06-15 09:29:26 +0000
+  Processing by AuthenticationsController#callback as HTML
+  Parameters: {"code"=>"3e0d20f58159ab251f98c0a1913c9328f5101d883ce6c4cf65305ccc2c131e66"}
+Authenticating with gds_sso strategy
+Redirected to http://www.example-client.com/restricted
+Completed 302 Found in 1ms
+
+
+Started GET "/restricted" for 127.0.0.1 at 2012-06-15 09:29:26 +0000
+  Processing by ExampleController#restricted as HTML
+Completed 200 OK in 1ms (Views: 0.5ms)
+
+
+Started GET "/restricted" for 127.0.0.1 at 2012-06-15 09:29:26 +0000
+  Processing by ExampleController#restricted as HTML
+Authenticating with gds_sso strategy
+Completed   in 0ms
+
+
+Started GET "/auth/gds" for 127.0.0.1 at 2012-06-15 09:29:26 +0000
+
+
+Started GET "/auth/gds/callback?code=0da2180655109b6b562a9892a4e9eadda13f4f6eae39187cfe19d41a9043e5f0" for 127.0.0.1 at 2012-06-15 09:29:26 +0000
+  Processing by AuthenticationsController#callback as HTML
+  Parameters: {"code"=>"0da2180655109b6b562a9892a4e9eadda13f4f6eae39187cfe19d41a9043e5f0"}
+Authenticating with gds_sso strategy
+Redirected to http://www.example-client.com/restricted
+Completed 302 Found in 1ms
+
+
+Started GET "/restricted" for 127.0.0.1 at 2012-06-15 09:29:26 +0000
+  Processing by ExampleController#restricted as HTML
+Completed 200 OK in 1ms (Views: 0.3ms)
+
+
+Started GET "/restricted" for 127.0.0.1 at 2012-06-15 09:29:26 +0000
+  Processing by ExampleController#restricted as JSON
+Authenticating with gds_sso_api_access strategy
+Completed   in 42ms
+
+
+Started GET "/restricted" for 127.0.0.1 at 2012-06-15 09:29:26 +0000
+  Processing by ExampleController#restricted as JSON
+Authenticating with gds_sso_api_access strategy
+Completed 200 OK in 1ms (Views: 0.6ms)
+
+
+Started GET "/" for 127.0.0.1 at 2012-06-15 13:31:52 +0000
+Processing by ExampleController#index as HTML
+  Rendered text template (0.0ms)
+Completed 200 OK in 85ms (Views: 84.1ms)
+
+
+Started GET "/restricted" for 127.0.0.1 at 2012-06-15 13:31:54 +0000
+Processing by ExampleController#restricted as HTML
+Authenticating with gds_sso strategy
+Completed   in 63ms
+
+
+Started GET "/auth/gds" for 127.0.0.1 at 2012-06-15 13:31:54 +0000
+
+
+Started GET "/auth/gds/callback?code=dc271e7c6ff3bf2871a3de235b9b360f2c1beeffcc124ea5cb22f10e7defd283" for 127.0.0.1 at 2012-06-15 13:31:56 +0000
+Processing by AuthenticationsController#callback as HTML
+  Parameters: {"code"=>"dc271e7c6ff3bf2871a3de235b9b360f2c1beeffcc124ea5cb22f10e7defd283"}
+Authenticating with gds_sso strategy
+Redirected to http://www.example-client.com/restricted
+Completed 302 Found in 1ms
+
+
+Started GET "/restricted" for 127.0.0.1 at 2012-06-15 13:31:56 +0000
+Processing by ExampleController#restricted as HTML
+Completed 200 OK in 1ms (Views: 0.5ms)
+
+
+Started GET "/restricted" for 127.0.0.1 at 2012-06-15 13:31:56 +0000
+Processing by ExampleController#restricted as HTML
+Authenticating with gds_sso strategy
+Completed   in 0ms
+
+
+Started GET "/auth/gds" for 127.0.0.1 at 2012-06-15 13:31:56 +0000
+
+
+Started GET "/auth/gds/callback?code=01c15754e25db8b5b19d3db424ce4dfa12db6a9e7ad7a3d90262e061fd3c94c4" for 127.0.0.1 at 2012-06-15 13:31:56 +0000
+Processing by AuthenticationsController#callback as HTML
+  Parameters: {"code"=>"01c15754e25db8b5b19d3db424ce4dfa12db6a9e7ad7a3d90262e061fd3c94c4"}
+Authenticating with gds_sso strategy
+Redirected to http://www.example-client.com/restricted
+Completed 302 Found in 1ms
+
+
+Started GET "/restricted" for 127.0.0.1 at 2012-06-15 13:31:57 +0000
+Processing by ExampleController#restricted as HTML
+Completed 200 OK in 1ms (Views: 0.6ms)
+
+
+Started GET "/restricted" for 127.0.0.1 at 2012-06-15 13:31:57 +0000
+Processing by ExampleController#restricted as HTML
+Authenticating with gds_sso strategy
+Completed   in 0ms
+
+
+Started GET "/auth/gds" for 127.0.0.1 at 2012-06-15 13:31:57 +0000
+
+
+Started GET "/auth/gds/callback?code=2c062b374c37d273031353266145d4d4170d7478a1bb20151df4a793348f7e76" for 127.0.0.1 at 2012-06-15 13:31:57 +0000
+Processing by AuthenticationsController#callback as HTML
+  Parameters: {"code"=>"2c062b374c37d273031353266145d4d4170d7478a1bb20151df4a793348f7e76"}
+Authenticating with gds_sso strategy
+Redirected to http://www.example-client.com/restricted
+Completed 302 Found in 1ms
+
+
+Started GET "/restricted" for 127.0.0.1 at 2012-06-15 13:31:57 +0000
+Processing by ExampleController#restricted as HTML
+Completed 200 OK in 1ms (Views: 0.4ms)
+
+
+Started GET "/restricted" for 127.0.0.1 at 2012-06-15 13:31:57 +0000
+Processing by ExampleController#restricted as JSON
+Authenticating with gds_sso_api_access strategy
+Completed   in 147ms
+
+
+Started GET "/restricted" for 127.0.0.1 at 2012-06-15 13:31:57 +0000
+Processing by ExampleController#restricted as JSON
+Authenticating with gds_sso_api_access strategy
+Completed 200 OK in 1ms (Views: 0.6ms)
+
+
+Started GET "/" for 127.0.0.1 at 2012-06-21 15:23:51 +0000
+Processing by ExampleController#index as HTML
+  Rendered text template (0.0ms)
+Completed 200 OK in 101ms (Views: 100.7ms)
+
+
+Started GET "/restricted" for 127.0.0.1 at 2012-06-21 15:23:51 +0000
+Processing by ExampleController#restricted as HTML
+Authenticating with gds_sso strategy
+Completed   in 109ms
+
+
+Started GET "/auth/gds" for 127.0.0.1 at 2012-06-21 15:23:51 +0000
+
+
+Started GET "/auth/gds/callback?code=1f09ad8d453e4d444493ec40749513a05785a432afad7c92310acde2dbfa3db2" for 127.0.0.1 at 2012-06-21 15:23:53 +0000
+Processing by AuthenticationsController#callback as HTML
+  Parameters: {"code"=>"1f09ad8d453e4d444493ec40749513a05785a432afad7c92310acde2dbfa3db2"}
+Authenticating with gds_sso strategy
+Redirected to http://www.example-client.com/restricted
+Completed 302 Found in 1ms
+
+
+Started GET "/restricted" for 127.0.0.1 at 2012-06-21 15:23:53 +0000
+Processing by ExampleController#restricted as HTML
+Completed 200 OK in 1ms (Views: 0.5ms)
+
+
+Started GET "/restricted" for 127.0.0.1 at 2012-06-21 15:23:54 +0000
+Processing by ExampleController#restricted as HTML
+Authenticating with gds_sso strategy
+Completed   in 1ms
+
+
+Started GET "/auth/gds" for 127.0.0.1 at 2012-06-21 15:23:54 +0000
+
+
+Started GET "/auth/gds/callback?code=53b4e6e454c70af55cbba99846c50d4002fc756a0bc2c0592d0a8982cd1ea4d3" for 127.0.0.1 at 2012-06-21 15:23:54 +0000
+Processing by AuthenticationsController#callback as HTML
+  Parameters: {"code"=>"53b4e6e454c70af55cbba99846c50d4002fc756a0bc2c0592d0a8982cd1ea4d3"}
+Authenticating with gds_sso strategy
+Redirected to http://www.example-client.com/restricted
+Completed 302 Found in 1ms
+
+
+Started GET "/restricted" for 127.0.0.1 at 2012-06-21 15:23:54 +0000
+Processing by ExampleController#restricted as HTML
+Completed 200 OK in 1ms (Views: 0.5ms)
+
+
+Started GET "/restricted" for 127.0.0.1 at 2012-06-21 15:23:54 +0000
+Processing by ExampleController#restricted as HTML
+Authenticating with gds_sso strategy
+Completed   in 0ms
+
+
+Started GET "/auth/gds" for 127.0.0.1 at 2012-06-21 15:23:54 +0000
+
+
+Started GET "/auth/gds/callback?code=572e98666919cd2bf3765a3927e3f234e9742ab9ad12a7718b072e01c5381352" for 127.0.0.1 at 2012-06-21 15:23:54 +0000
+Processing by AuthenticationsController#callback as HTML
+  Parameters: {"code"=>"572e98666919cd2bf3765a3927e3f234e9742ab9ad12a7718b072e01c5381352"}
+Authenticating with gds_sso strategy
+Redirected to http://www.example-client.com/restricted
+Completed 302 Found in 1ms
+
+
+Started GET "/restricted" for 127.0.0.1 at 2012-06-21 15:23:54 +0000
+Processing by ExampleController#restricted as HTML
+Completed 200 OK in 1ms (Views: 0.3ms)
+
+
+Started GET "/restricted" for 127.0.0.1 at 2012-06-21 15:23:54 +0000
+Processing by ExampleController#restricted as JSON
+Authenticating with gds_sso_api_access strategy
+Completed   in 159ms
+
+
+Started GET "/restricted" for 127.0.0.1 at 2012-06-21 15:23:55 +0000
+Processing by ExampleController#restricted as JSON
+Authenticating with gds_sso_api_access strategy
+Completed 200 OK in 1ms (Views: 0.5ms)

data/spec/requests/end_to_end_spec.rb

@@ -6,6 +6,7 @@ describe "Integration of client using GDS-SSO with signonotron" do
   before :all do
     wait_for_signonotron_to_start
   end
+
   before :each do
     @client_host = 'www.example-client.com'
     Capybara.current_driver = :mechanize

data/spec/support/signonotron2_integration_helpers.rb

@@ -28,7 +28,7 @@ module Signonotron2IntegrationHelpers
 
   def load_signonotron_fixture
     fixtures_path = Pathname.new(File.join(File.dirname(__FILE__), '../fixtures/integration'))
-    app = ENV['SIGNONOTRON_VERSION'] == "1" ? "sign-on-o-tron" : "signonotron2"
+    app = "signonotron2"
     path_to_app = Rails.root.join('..','..','tmp',app)
 
     db = YAML.load_file(fixtures_path + "#{app}_database.yml")['test']

data/spec/tasks/signonotron_tasks.rake

@@ -2,9 +2,8 @@ namespace :signonotron do
   desc "Start signonotron (for integration tests)"
   task :start => :stop do
 
-    @app_to_launch = ENV['SIGNONOTRON_VERSION'] == "1" ? "sign-on-o-tron" : "signonotron2"
+    @app_to_launch = "signonotron2"
 
-    puts "ENV version: #{ENV['SIGNONOTRON_VERSION']}"
     puts "Launching: #{@app_to_launch}"
 
     gem_root = Pathname.new(File.dirname(__FILE__)) + '..' + '..'

data/test/user_test.rb

@@ -8,12 +8,12 @@ class TestUser < Test::Unit::TestCase
       'uid' => 'abcde',
       'credentials' => {'token' => 'abcdefg', 'secret' => 'abcdefg'},
       'info' => {'name' => 'Matt Patterson', 'email' => 'matt@alphagov.co.uk'},
-      'extra' => {'user' => {'uid' => 'abcde', 'name' => 'Matt Patterson', 'email' => 'matt@alphagov.co.uk'}}
+      'extra' => {'user' => {'permissions' => []}}
     }
   end
 
   def test_user_params_creation
-    expected = {'uid' => 'abcde', 'name' => 'Matt Patterson', 'email' => 'matt@alphagov.co.uk'}
+    expected = {'uid' => 'abcde', 'name' => 'Matt Patterson', 'email' => 'matt@alphagov.co.uk', "permissions" => []}
     assert_equal expected, GDS::SSO::User.user_params_from_auth_hash(@auth_hash)
   end
 end

metadata

@@ -2,7 +2,7 @@
 name: gds-sso
 version: !ruby/object:Gem::Version 
   prerelease: 
-  version: 0.6.1
+  version: 0.7.0
 platform: ruby
 authors: 
 - Matt Patterson
@@ -11,7 +11,7 @@ autorequire:
 bindir: bin
 cert_chain: []
 
-date: 2012-06-14 00:00:00 Z
+date: 2012-06-21 00:00:00 Z
 dependencies: 
 - !ruby/object:Gem::Dependency 
   name: rails
@@ -42,7 +42,7 @@ dependencies:
     requirements: 
     - - "="
       - !ruby/object:Gem::Version 
-        version: 0.0.2
+        version: 0.0.3
   type: :runtime
   prerelease: false
   version_requirements: *id003
@@ -57,20 +57,9 @@ dependencies:
   type: :runtime
   prerelease: false
   version_requirements: *id004
-- !ruby/object:Gem::Dependency 
-  name: rack
-  requirement: &id005 !ruby/object:Gem::Requirement 
-    none: false
-    requirements: 
-    - - "="
-      - !ruby/object:Gem::Version 
-        version: 1.3.5
-  type: :runtime
-  prerelease: false
-  version_requirements: *id005
 - !ruby/object:Gem::Dependency 
   name: rake
-  requirement: &id006 !ruby/object:Gem::Requirement 
+  requirement: &id005 !ruby/object:Gem::Requirement 
     none: false
     requirements: 
     - - ~>
@@ -78,10 +67,10 @@ dependencies:
         version: 0.9.2
   type: :development
   prerelease: false
-  version_requirements: *id006
+  version_requirements: *id005
 - !ruby/object:Gem::Dependency 
   name: mocha
-  requirement: &id007 !ruby/object:Gem::Requirement 
+  requirement: &id006 !ruby/object:Gem::Requirement 
     none: false
     requirements: 
     - - ~>
@@ -89,10 +78,10 @@ dependencies:
         version: 0.9.0
   type: :development
   prerelease: false
-  version_requirements: *id007
+  version_requirements: *id006
 - !ruby/object:Gem::Dependency 
   name: capybara
-  requirement: &id008 !ruby/object:Gem::Requirement 
+  requirement: &id007 !ruby/object:Gem::Requirement 
     none: false
     requirements: 
     - - ~>
@@ -100,10 +89,10 @@ dependencies:
         version: 1.1.2
   type: :development
   prerelease: false
-  version_requirements: *id008
+  version_requirements: *id007
 - !ruby/object:Gem::Dependency 
   name: rspec-rails
-  requirement: &id009 !ruby/object:Gem::Requirement 
+  requirement: &id008 !ruby/object:Gem::Requirement 
     none: false
     requirements: 
     - - ~>
@@ -111,10 +100,10 @@ dependencies:
         version: 2.9.0
   type: :development
   prerelease: false
-  version_requirements: *id009
+  version_requirements: *id008
 - !ruby/object:Gem::Dependency 
   name: capybara-mechanize
-  requirement: &id010 !ruby/object:Gem::Requirement 
+  requirement: &id009 !ruby/object:Gem::Requirement 
     none: false
     requirements: 
     - - ~>
@@ -122,10 +111,10 @@ dependencies:
         version: 0.3.0
   type: :development
   prerelease: false
-  version_requirements: *id010
+  version_requirements: *id009
 - !ruby/object:Gem::Dependency 
   name: combustion
-  requirement: &id011 !ruby/object:Gem::Requirement 
+  requirement: &id010 !ruby/object:Gem::Requirement 
     none: false
     requirements: 
     - - ~>
@@ -133,10 +122,10 @@ dependencies:
         version: 0.3.2
   type: :development
   prerelease: false
-  version_requirements: *id011
+  version_requirements: *id010
 - !ruby/object:Gem::Dependency 
   name: gem_publisher
-  requirement: &id012 !ruby/object:Gem::Requirement 
+  requirement: &id011 !ruby/object:Gem::Requirement 
     none: false
     requirements: 
     - - ~>
@@ -144,10 +133,10 @@ dependencies:
         version: 1.0.0
   type: :development
   prerelease: false
-  version_requirements: *id012
+  version_requirements: *id011
 - !ruby/object:Gem::Dependency 
   name: thor
-  requirement: &id013 !ruby/object:Gem::Requirement 
+  requirement: &id012 !ruby/object:Gem::Requirement 
     none: false
     requirements: 
     - - "="
@@ -155,7 +144,7 @@ dependencies:
         version: 0.14.6
   type: :development
   prerelease: false
-  version_requirements: *id013
+  version_requirements: *id012
 description: Client for GDS' OAuth 2-based SSO
 email: 
 - matt@constituentparts.com
@@ -168,7 +157,9 @@ extra_rdoc_files: []
 
 files: 
 - app/views/authentications/failure.html.erb
+- app/views/authorisations/cant_signin.html.erb
 - app/controllers/authentications_controller.rb
+- app/controllers/authorisations_controller.rb
 - config/routes.rb
 - lib/gds-sso.rb
 - lib/gds-sso/controller_methods.rb
@@ -196,8 +187,6 @@ files:
 - spec/internal/config/database.yml
 - spec/internal/db/schema.rb
 - spec/support/signonotron2_integration_helpers.rb
-- spec/fixtures/integration/sign-on-o-tron_database.yml
-- spec/fixtures/integration/sign-on-o-tron.sql
 - spec/fixtures/integration/signonotron2.sql
 - spec/fixtures/integration/signonotron2_database.yml
 - spec/tasks/signonotron_tasks.rake
@@ -215,7 +204,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements: 
   - - ">="
     - !ruby/object:Gem::Version 
-      hash: -3744157965083249395
+      hash: -1060521028235960891
       segments: 
       - 0
       version: "0"
@@ -224,7 +213,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
   requirements: 
   - - ">="
     - !ruby/object:Gem::Version 
-      hash: -3744157965083249395
+      hash: -1060521028235960891
       segments: 
       - 0
       version: "0"
@@ -251,8 +240,6 @@ test_files:
 - spec/internal/config/database.yml
 - spec/internal/db/schema.rb
 - spec/support/signonotron2_integration_helpers.rb
-- spec/fixtures/integration/sign-on-o-tron_database.yml
-- spec/fixtures/integration/sign-on-o-tron.sql
 - spec/fixtures/integration/signonotron2.sql
 - spec/fixtures/integration/signonotron2_database.yml
 - spec/tasks/signonotron_tasks.rake

data/spec/fixtures/integration/sign-on-o-tron.sql

@@ -1,10 +0,0 @@
--- Clean data from database
-DELETE FROM `oauth_access_tokens`;
-DELETE FROM `oauth_authorization_codes`;
-DELETE FROM `oauth_authorizations`;
-DELETE FROM `oauth_clients`;
-DELETE FROM `users`;
-
--- Setup fixture data
-INSERT INTO `oauth_clients` VALUES (1,'GDS_SSO integration test','gds-sso-test','secret','http://www.example-client.com/auth/gds/callback');
-INSERT INTO `users` (id,name,email,encrypted_password,uid) VALUES (1,'Test User','test@example-client.com','$2a$04$MdMkVFwTq5GLJJkHS8GLIe6dK1.C4ozzba5ZS5Ks2b/NenVsMGGRW','integration-uid');

data/spec/fixtures/integration/sign-on-o-tron_database.yml

@@ -1,5 +0,0 @@
-test: &test
-   adapter: sqlite3
-   database: db/test.sqlite3
-   pool: 5
-   timeout: 5000