RubyGems - gds-sso - Versions diffs - 0.7.6 → 0.7.7 - Mend

gds-sso 0.7.6 → 0.7.7

Files changed (11) hide show

data/README.md +5 -1
data/lib/gds-sso/user.rb +4 -0
data/lib/gds-sso/version.rb +1 -1
data/lib/gds-sso/warden_config.rb +3 -2
data/spec/internal/app/controllers/example_controller.rb +6 -1
data/spec/internal/app/models/user.rb +1 -1
data/spec/internal/config/initializers/gds-sso.rb +1 -1
data/spec/internal/config/routes.rb +1 -0
data/spec/internal/log/test.log +652 -0
data/spec/requests/end_to_end_spec.rb +29 -0
metadata +4 -4

data/README.md CHANGED Viewed

@@ -46,7 +46,11 @@ In development, you generally want to be able to run an application without need
     GDS::SSO.test_user || GDS::SSO::Config.user_klass.first
-To make it use a real strategy (e.g. if you're testing an app against the signon server), set an environment variable when you run your app:
+To make it use a real strategy (e.g. if you're testing an app against the signon server), you will need to ensure that your signonotron2 database has got OAuth config that matches what the apps use in development mode. To do this, run this in signonotron2:
+    bundle exec ./script/make_oauth_work_in_dev
+Once that's done, set an environment variable when you run your app. e.g.:
     GDS_SSO_STRATEGY=real bundle exec rails s

data/lib/gds-sso/user.rb CHANGED Viewed

@@ -10,6 +10,10 @@ module GDS
       def name
         'API User'
       end
+      def has_permission?(scope, permission)
+        true
+      end
     end
     module User

data/lib/gds-sso/version.rb CHANGED Viewed

@@ -1,5 +1,5 @@
 module GDS
   module SSO
-    VERSION = "0.7.6"
+    VERSION = "0.7.7"
   end
 end

data/lib/gds-sso/warden_config.rb CHANGED Viewed

@@ -1,4 +1,5 @@
 require 'warden'
+require 'gds-sso/user'
 Warden::Manager.serialize_into_session do |user|
   user.respond_to?(:uid) ? user.uid : nil
@@ -51,7 +52,7 @@ Warden::Strategies.add(:gds_sso_api_access) do
     return fail!(:bad_request) unless auth.basic?
     if valid_api_user?(*auth.credentials)
-      success!(auth.credentials[0])
+      success!(api_user)
     else
       custom!(unauthorized)
     end
@@ -104,6 +105,6 @@ Warden::Strategies.add(:mock_gds_sso_api_access) do
   def authenticate!
     Rails.logger.debug("Authenticating with mock_gds_sso_api_access strategy")
-    success!(GDS::SSO.test_user || GDS::SSO::Config.user_klass.first)
+    success!(GDS::SSO::ApiUser.new)
   end
 end

data/spec/internal/app/controllers/example_controller.rb CHANGED Viewed

@@ -1,6 +1,7 @@
 class ExampleController < ApplicationController
-  before_filter :authenticate_user!, :only => [:restricted]
+  before_filter :authenticate_user!, :only => [:restricted, :this_requires_signin_permission]
+  before_filter :require_signin_permission!, only: [:this_requires_signin_permission]
   def index
     render :text => "jabberwocky"
@@ -9,4 +10,8 @@ class ExampleController < ApplicationController
   def restricted
     render :text => "restricted kablooie"
   end
+  def this_requires_signin_permission
+    render :text => "you have signin permission"
+  end
 end

data/spec/internal/app/models/user.rb CHANGED Viewed

@@ -11,7 +11,7 @@ class User < OpenStruct
   end
   def self.stub_user
-    User.new({ :uid => '1', :name => "User" })
+    User.new({ :uid => '1', :name => "User", :permissions => { "GDS_SSO integration test" => ["signin"] } })
   end
   def update_attributes(*args)

data/spec/internal/config/initializers/gds-sso.rb CHANGED Viewed

@@ -5,5 +5,5 @@ GDS::SSO.config do |config|
   config.oauth_root_url = "http://localhost:4567"
   config.basic_auth_user = 'test_api_user'
   config.basic_auth_password = 'api_user_password'
-  config.default_scope = 'test-app'
+  config.default_scope = 'GDS_SSO integration test'
 end

data/spec/internal/config/routes.rb CHANGED Viewed

@@ -1,4 +1,5 @@
 Rails.application.routes.draw do
   root :to => 'example#index'
   match "/restricted" => 'example#restricted'
+  match "/this_requires_signin_permission" => "example#this_requires_signin_permission"
 end

data/spec/internal/log/test.log CHANGED Viewed

@@ -2985,3 +2985,655 @@ Started GET "/restricted" for 127.0.0.1 at 2012-06-28 13:17:27 +0000
 Processing by ExampleController#restricted as JSON
 Authenticating with gds_sso_api_access strategy
 Completed 200 OK in 1ms (Views: 0.6ms)
+Started GET "/" for 127.0.0.1 at 2012-06-29 10:20:11 +0000
+Processing by ExampleController#index as HTML
+  Rendered text template (0.0ms)
+Completed 200 OK in 47ms (Views: 46.7ms)
+Started GET "/restricted" for 127.0.0.1 at 2012-06-29 10:20:11 +0000
+Processing by ExampleController#restricted as HTML
+Authenticating with gds_sso strategy
+Completed   in 56ms
+Started GET "/auth/gds" for 127.0.0.1 at 2012-06-29 10:20:11 +0000
+Started GET "/auth/gds/callback?code=692b81007b43d3369c6b9201dbde9c830f5a474f015041caa6db235457343b5f" for 127.0.0.1 at 2012-06-29 10:20:12 +0000
+Processing by AuthenticationsController#callback as HTML
+  Parameters: {"code"=>"692b81007b43d3369c6b9201dbde9c830f5a474f015041caa6db235457343b5f"}
+Authenticating with gds_sso strategy
+Redirected to http://www.example-client.com/restricted
+Completed 302 Found in 1ms
+Started GET "/restricted" for 127.0.0.1 at 2012-06-29 10:20:12 +0000
+Processing by ExampleController#restricted as HTML
+Completed 200 OK in 1ms (Views: 0.5ms)
+Started GET "/restricted" for 127.0.0.1 at 2012-06-29 10:20:12 +0000
+Processing by ExampleController#restricted as HTML
+Authenticating with gds_sso strategy
+Completed   in 0ms
+Started GET "/auth/gds" for 127.0.0.1 at 2012-06-29 10:20:12 +0000
+Started GET "/auth/gds/callback?code=be594610c233d3dfdd36f0a1782715e938166f769ec56a04867fdb986b62f052" for 127.0.0.1 at 2012-06-29 10:20:13 +0000
+Processing by AuthenticationsController#callback as HTML
+  Parameters: {"code"=>"be594610c233d3dfdd36f0a1782715e938166f769ec56a04867fdb986b62f052"}
+Authenticating with gds_sso strategy
+Redirected to http://www.example-client.com/restricted
+Completed 302 Found in 1ms
+Started GET "/restricted" for 127.0.0.1 at 2012-06-29 10:20:13 +0000
+Processing by ExampleController#restricted as HTML
+Completed 200 OK in 1ms (Views: 0.6ms)
+Started GET "/restricted" for 127.0.0.1 at 2012-06-29 10:20:13 +0000
+Processing by ExampleController#restricted as HTML
+Authenticating with gds_sso strategy
+Completed   in 0ms
+Started GET "/auth/gds" for 127.0.0.1 at 2012-06-29 10:20:13 +0000
+Started GET "/auth/gds/callback?code=7d6d83427d589cd85695c34a3bec0748b092b0a67e633adffe35e34d3e4ce997" for 127.0.0.1 at 2012-06-29 10:20:13 +0000
+Processing by AuthenticationsController#callback as HTML
+  Parameters: {"code"=>"7d6d83427d589cd85695c34a3bec0748b092b0a67e633adffe35e34d3e4ce997"}
+Authenticating with gds_sso strategy
+Redirected to http://www.example-client.com/restricted
+Completed 302 Found in 1ms
+Started GET "/restricted" for 127.0.0.1 at 2012-06-29 10:20:13 +0000
+Processing by ExampleController#restricted as HTML
+Completed 200 OK in 1ms (Views: 0.4ms)
+Started GET "/this_requires_signin_permission" for 127.0.0.1 at 2012-06-29 10:20:13 +0000
+Processing by ExampleController#this_requires_signin_permission as HTML
+Authenticating with gds_sso strategy
+Completed   in 1ms
+Started GET "/auth/gds" for 127.0.0.1 at 2012-06-29 10:20:13 +0000
+Started GET "/auth/gds/callback?code=86d5a54f812796ca9b009be4ffa0240b0c2608be0f10769495e5ff82730c484e" for 127.0.0.1 at 2012-06-29 10:20:13 +0000
+Processing by AuthenticationsController#callback as HTML
+  Parameters: {"code"=>"86d5a54f812796ca9b009be4ffa0240b0c2608be0f10769495e5ff82730c484e"}
+Authenticating with gds_sso strategy
+Redirected to http://www.example-client.com/this_requires_signin_permission
+Completed 302 Found in 1ms
+Started GET "/this_requires_signin_permission" for 127.0.0.1 at 2012-06-29 10:20:13 +0000
+Processing by ExampleController#this_requires_signin_permission as HTML
+Completed 200 OK in 1ms (Views: 0.5ms)
+Started GET "/this_requires_signin_permission" for 127.0.0.1 at 2012-06-29 10:20:13 +0000
+Processing by ExampleController#this_requires_signin_permission as HTML
+Authenticating with gds_sso strategy
+Completed   in 0ms
+Started GET "/auth/gds" for 127.0.0.1 at 2012-06-29 10:20:13 +0000
+Started GET "/auth/gds/callback?code=0f4ebd3c836d8e93247ef8c8b57956ea3001a8b71b0b8bdbfae8a2d6d479acae" for 127.0.0.1 at 2012-06-29 10:20:14 +0000
+Processing by AuthenticationsController#callback as HTML
+  Parameters: {"code"=>"0f4ebd3c836d8e93247ef8c8b57956ea3001a8b71b0b8bdbfae8a2d6d479acae"}
+Authenticating with gds_sso strategy
+Redirected to http://www.example-client.com/this_requires_signin_permission
+Completed 302 Found in 1ms
+Started GET "/this_requires_signin_permission" for 127.0.0.1 at 2012-06-29 10:20:14 +0000
+Processing by ExampleController#this_requires_signin_permission as HTML
+Completed 200 OK in 1ms (Views: 0.3ms)
+Started GET "/restricted" for 127.0.0.1 at 2012-06-29 10:20:14 +0000
+Processing by ExampleController#restricted as JSON
+Authenticating with gds_sso_api_access strategy
+Completed   in 14ms
+Started GET "/restricted" for 127.0.0.1 at 2012-06-29 10:20:14 +0000
+Processing by ExampleController#restricted as JSON
+Authenticating with gds_sso_api_access strategy
+Completed 200 OK in 1ms (Views: 0.6ms)
+Started GET "/" for 127.0.0.1 at 2012-06-29 12:06:11 +0000
+Processing by ExampleController#index as HTML
+  Rendered text template (0.0ms)
+Completed 200 OK in 49ms (Views: 48.7ms)
+Started GET "/restricted" for 127.0.0.1 at 2012-06-29 12:06:12 +0000
+Processing by ExampleController#restricted as HTML
+Authenticating with gds_sso strategy
+Completed   in 60ms
+Started GET "/auth/gds" for 127.0.0.1 at 2012-06-29 12:06:12 +0000
+Started GET "/auth/gds/callback?code=9a4e02d683202930f0d325bca3817e6169e0a26790fee5cfa0fe179d4ec40804" for 127.0.0.1 at 2012-06-29 12:06:12 +0000
+Processing by AuthenticationsController#callback as HTML
+  Parameters: {"code"=>"9a4e02d683202930f0d325bca3817e6169e0a26790fee5cfa0fe179d4ec40804"}
+Authenticating with gds_sso strategy
+Redirected to http://www.example-client.com/restricted
+Completed 302 Found in 1ms
+Started GET "/restricted" for 127.0.0.1 at 2012-06-29 12:06:13 +0000
+Processing by ExampleController#restricted as HTML
+Completed 200 OK in 1ms (Views: 0.5ms)
+Started GET "/restricted" for 127.0.0.1 at 2012-06-29 12:06:13 +0000
+Processing by ExampleController#restricted as HTML
+Authenticating with gds_sso strategy
+Completed   in 0ms
+Started GET "/auth/gds" for 127.0.0.1 at 2012-06-29 12:06:13 +0000
+Started GET "/auth/gds/callback?code=e468f0b14b6b0291a27f74b7e964a9db48adfb9658e4c5a7c97ab47c671182ca" for 127.0.0.1 at 2012-06-29 12:06:13 +0000
+Processing by AuthenticationsController#callback as HTML
+  Parameters: {"code"=>"e468f0b14b6b0291a27f74b7e964a9db48adfb9658e4c5a7c97ab47c671182ca"}
+Authenticating with gds_sso strategy
+Redirected to http://www.example-client.com/restricted
+Completed 302 Found in 1ms
+Started GET "/restricted" for 127.0.0.1 at 2012-06-29 12:06:13 +0000
+Processing by ExampleController#restricted as HTML
+Completed 200 OK in 1ms (Views: 0.6ms)
+Started GET "/restricted" for 127.0.0.1 at 2012-06-29 12:06:13 +0000
+Processing by ExampleController#restricted as HTML
+Authenticating with gds_sso strategy
+Completed   in 0ms
+Started GET "/auth/gds" for 127.0.0.1 at 2012-06-29 12:06:13 +0000
+Started GET "/auth/gds/callback?code=e3504639ba591817607ef429dd77bdca408a74f48873e133e477e87bc53f9f65" for 127.0.0.1 at 2012-06-29 12:06:13 +0000
+Processing by AuthenticationsController#callback as HTML
+  Parameters: {"code"=>"e3504639ba591817607ef429dd77bdca408a74f48873e133e477e87bc53f9f65"}
+Authenticating with gds_sso strategy
+Redirected to http://www.example-client.com/restricted
+Completed 302 Found in 1ms
+Started GET "/restricted" for 127.0.0.1 at 2012-06-29 12:06:13 +0000
+Processing by ExampleController#restricted as HTML
+Completed 200 OK in 1ms (Views: 0.3ms)
+Started GET "/this_requires_signin_permission" for 127.0.0.1 at 2012-06-29 12:06:13 +0000
+Processing by ExampleController#this_requires_signin_permission as HTML
+Authenticating with gds_sso strategy
+Completed   in 1ms
+Started GET "/auth/gds" for 127.0.0.1 at 2012-06-29 12:06:13 +0000
+Started GET "/auth/gds/callback?code=9d161a55a33b94705684c02c8d3590de5d08832a156d64b26ff378ab0542a7e0" for 127.0.0.1 at 2012-06-29 12:06:14 +0000
+Processing by AuthenticationsController#callback as HTML
+  Parameters: {"code"=>"9d161a55a33b94705684c02c8d3590de5d08832a156d64b26ff378ab0542a7e0"}
+Authenticating with gds_sso strategy
+Redirected to http://www.example-client.com/this_requires_signin_permission
+Completed 302 Found in 1ms
+Started GET "/this_requires_signin_permission" for 127.0.0.1 at 2012-06-29 12:06:14 +0000
+Processing by ExampleController#this_requires_signin_permission as HTML
+Completed 200 OK in 1ms (Views: 0.5ms)
+Started GET "/this_requires_signin_permission" for 127.0.0.1 at 2012-06-29 12:06:14 +0000
+Processing by ExampleController#this_requires_signin_permission as HTML
+Authenticating with gds_sso strategy
+Completed   in 0ms
+Started GET "/auth/gds" for 127.0.0.1 at 2012-06-29 12:06:14 +0000
+Started GET "/auth/gds/callback?code=2824cb988876c493f9d30fc7b9b3dba935365567e72d0ec070f0d952d72b90b9" for 127.0.0.1 at 2012-06-29 12:06:14 +0000
+Processing by AuthenticationsController#callback as HTML
+  Parameters: {"code"=>"2824cb988876c493f9d30fc7b9b3dba935365567e72d0ec070f0d952d72b90b9"}
+Authenticating with gds_sso strategy
+Redirected to http://www.example-client.com/this_requires_signin_permission
+Completed 302 Found in 1ms
+Started GET "/this_requires_signin_permission" for 127.0.0.1 at 2012-06-29 12:06:14 +0000
+Processing by ExampleController#this_requires_signin_permission as HTML
+Completed 200 OK in 1ms (Views: 0.3ms)
+Started GET "/restricted" for 127.0.0.1 at 2012-06-29 12:06:14 +0000
+Processing by ExampleController#restricted as JSON
+Authenticating with gds_sso_api_access strategy
+Completed   in 14ms
+Started GET "/restricted" for 127.0.0.1 at 2012-06-29 12:06:14 +0000
+Processing by ExampleController#restricted as JSON
+Authenticating with gds_sso_api_access strategy
+Completed 200 OK in 1ms (Views: 0.6ms)
+Started GET "/" for 127.0.0.1 at 2012-06-29 14:22:06 +0000
+Processing by ExampleController#index as HTML
+  Rendered text template (0.0ms)
+Completed 200 OK in 45ms (Views: 44.8ms)
+Started GET "/restricted" for 127.0.0.1 at 2012-06-29 14:22:06 +0000
+Processing by ExampleController#restricted as HTML
+Authenticating with gds_sso strategy
+Completed   in 55ms
+Started GET "/auth/gds" for 127.0.0.1 at 2012-06-29 14:22:06 +0000
+Started GET "/auth/gds/callback?code=db0c48b85499354cdb3a8a5aae58107337b0067473c7800d2bc100aac8b9335b" for 127.0.0.1 at 2012-06-29 14:22:07 +0000
+Processing by AuthenticationsController#callback as HTML
+  Parameters: {"code"=>"db0c48b85499354cdb3a8a5aae58107337b0067473c7800d2bc100aac8b9335b"}
+Authenticating with gds_sso strategy
+Redirected to http://www.example-client.com/restricted
+Completed 302 Found in 1ms
+Started GET "/restricted" for 127.0.0.1 at 2012-06-29 14:22:07 +0000
+Processing by ExampleController#restricted as HTML
+Completed 200 OK in 1ms (Views: 0.5ms)
+Started GET "/restricted" for 127.0.0.1 at 2012-06-29 14:22:07 +0000
+Processing by ExampleController#restricted as HTML
+Authenticating with gds_sso strategy
+Completed   in 0ms
+Started GET "/auth/gds" for 127.0.0.1 at 2012-06-29 14:22:07 +0000
+Started GET "/auth/gds/callback?code=967ad0bf9ce05be99f6c115ef2c8dc153084ea44b8da68c151797918d9aab0c7" for 127.0.0.1 at 2012-06-29 14:22:07 +0000
+Processing by AuthenticationsController#callback as HTML
+  Parameters: {"code"=>"967ad0bf9ce05be99f6c115ef2c8dc153084ea44b8da68c151797918d9aab0c7"}
+Authenticating with gds_sso strategy
+Redirected to http://www.example-client.com/restricted
+Completed 302 Found in 1ms
+Started GET "/restricted" for 127.0.0.1 at 2012-06-29 14:22:07 +0000
+Processing by ExampleController#restricted as HTML
+Completed 200 OK in 1ms (Views: 0.6ms)
+Started GET "/restricted" for 127.0.0.1 at 2012-06-29 14:22:07 +0000
+Processing by ExampleController#restricted as HTML
+Authenticating with gds_sso strategy
+Completed   in 0ms
+Started GET "/auth/gds" for 127.0.0.1 at 2012-06-29 14:22:07 +0000
+Started GET "/auth/gds/callback?code=40e279a854bc3aa5aa1eeb01b9ce740d2cd40206ebf076539353daf794acd53e" for 127.0.0.1 at 2012-06-29 14:22:08 +0000
+Processing by AuthenticationsController#callback as HTML
+  Parameters: {"code"=>"40e279a854bc3aa5aa1eeb01b9ce740d2cd40206ebf076539353daf794acd53e"}
+Authenticating with gds_sso strategy
+Redirected to http://www.example-client.com/restricted
+Completed 302 Found in 1ms
+Started GET "/restricted" for 127.0.0.1 at 2012-06-29 14:22:08 +0000
+Processing by ExampleController#restricted as HTML
+Completed 200 OK in 1ms (Views: 0.3ms)
+Started GET "/this_requires_signin_permission" for 127.0.0.1 at 2012-06-29 14:22:08 +0000
+Processing by ExampleController#this_requires_signin_permission as HTML
+Authenticating with gds_sso strategy
+Completed   in 1ms
+Started GET "/auth/gds" for 127.0.0.1 at 2012-06-29 14:22:08 +0000
+Started GET "/auth/gds/callback?code=a4cf30c09a2cff7c853a312da852dae6259927e4f42a30d247bf5a0d7a850607" for 127.0.0.1 at 2012-06-29 14:22:08 +0000
+Processing by AuthenticationsController#callback as HTML
+  Parameters: {"code"=>"a4cf30c09a2cff7c853a312da852dae6259927e4f42a30d247bf5a0d7a850607"}
+Authenticating with gds_sso strategy
+Redirected to http://www.example-client.com/this_requires_signin_permission
+Completed 302 Found in 1ms
+Started GET "/this_requires_signin_permission" for 127.0.0.1 at 2012-06-29 14:22:08 +0000
+Processing by ExampleController#this_requires_signin_permission as HTML
+Completed 200 OK in 1ms (Views: 0.5ms)
+Started GET "/this_requires_signin_permission" for 127.0.0.1 at 2012-06-29 14:22:08 +0000
+Processing by ExampleController#this_requires_signin_permission as HTML
+Authenticating with gds_sso strategy
+Completed   in 0ms
+Started GET "/auth/gds" for 127.0.0.1 at 2012-06-29 14:22:08 +0000
+Started GET "/auth/gds/callback?code=8956554b2c30f7c4ed35be7695bfbbd400710c6791769f17b84a4e11d3e6eb93" for 127.0.0.1 at 2012-06-29 14:22:08 +0000
+Processing by AuthenticationsController#callback as HTML
+  Parameters: {"code"=>"8956554b2c30f7c4ed35be7695bfbbd400710c6791769f17b84a4e11d3e6eb93"}
+Authenticating with gds_sso strategy
+Redirected to http://www.example-client.com/this_requires_signin_permission
+Completed 302 Found in 1ms
+Started GET "/this_requires_signin_permission" for 127.0.0.1 at 2012-06-29 14:22:08 +0000
+Processing by ExampleController#this_requires_signin_permission as HTML
+Completed 200 OK in 1ms (Views: 0.3ms)
+Started GET "/restricted" for 127.0.0.1 at 2012-06-29 14:22:08 +0000
+Processing by ExampleController#restricted as JSON
+Authenticating with gds_sso_api_access strategy
+Completed   in 12ms
+Started GET "/restricted" for 127.0.0.1 at 2012-06-29 14:22:08 +0000
+Processing by ExampleController#restricted as JSON
+Authenticating with gds_sso_api_access strategy
+Completed 200 OK in 1ms (Views: 0.6ms)
+Started GET "/" for 127.0.0.1 at 2012-06-29 15:13:06 +0000
+Processing by ExampleController#index as HTML
+  Rendered text template (0.0ms)
+Completed 200 OK in 45ms (Views: 44.9ms)
+Started GET "/restricted" for 127.0.0.1 at 2012-06-29 15:13:06 +0000
+Processing by ExampleController#restricted as HTML
+Authenticating with gds_sso strategy
+Completed   in 56ms
+Started GET "/auth/gds" for 127.0.0.1 at 2012-06-29 15:13:06 +0000
+Started GET "/auth/gds/callback?code=84820cda6cc8a75d58afd6874092f5ffda886f132ce77c0c059eda11d832ad5f" for 127.0.0.1 at 2012-06-29 15:13:07 +0000
+Processing by AuthenticationsController#callback as HTML
+  Parameters: {"code"=>"84820cda6cc8a75d58afd6874092f5ffda886f132ce77c0c059eda11d832ad5f"}
+Authenticating with gds_sso strategy
+Redirected to http://www.example-client.com/restricted
+Completed 302 Found in 1ms
+Started GET "/restricted" for 127.0.0.1 at 2012-06-29 15:13:07 +0000
+Processing by ExampleController#restricted as HTML
+Completed 200 OK in 1ms (Views: 0.5ms)
+Started GET "/restricted" for 127.0.0.1 at 2012-06-29 15:13:07 +0000
+Processing by ExampleController#restricted as HTML
+Authenticating with gds_sso strategy
+Completed   in 0ms
+Started GET "/auth/gds" for 127.0.0.1 at 2012-06-29 15:13:07 +0000
+Started GET "/auth/gds/callback?code=65470800937a73d00fc1c6a2f5cc3a01af3bc49db01937d29761ee193e3aa6c2" for 127.0.0.1 at 2012-06-29 15:13:07 +0000
+Processing by AuthenticationsController#callback as HTML
+  Parameters: {"code"=>"65470800937a73d00fc1c6a2f5cc3a01af3bc49db01937d29761ee193e3aa6c2"}
+Authenticating with gds_sso strategy
+Redirected to http://www.example-client.com/restricted
+Completed 302 Found in 1ms
+Started GET "/restricted" for 127.0.0.1 at 2012-06-29 15:13:07 +0000
+Processing by ExampleController#restricted as HTML
+Completed 200 OK in 1ms (Views: 0.5ms)
+Started GET "/restricted" for 127.0.0.1 at 2012-06-29 15:13:07 +0000
+Processing by ExampleController#restricted as HTML
+Authenticating with gds_sso strategy
+Completed   in 0ms
+Started GET "/auth/gds" for 127.0.0.1 at 2012-06-29 15:13:07 +0000
+Started GET "/auth/gds/callback?code=8ff275c7dd38bd4038fe410c709572551e7de20bd6771d52bd4b2cbc903cbec9" for 127.0.0.1 at 2012-06-29 15:13:08 +0000
+Processing by AuthenticationsController#callback as HTML
+  Parameters: {"code"=>"8ff275c7dd38bd4038fe410c709572551e7de20bd6771d52bd4b2cbc903cbec9"}
+Authenticating with gds_sso strategy
+Redirected to http://www.example-client.com/restricted
+Completed 302 Found in 1ms
+Started GET "/restricted" for 127.0.0.1 at 2012-06-29 15:13:08 +0000
+Processing by ExampleController#restricted as HTML
+Completed 200 OK in 1ms (Views: 0.4ms)
+Started GET "/this_requires_signin_permission" for 127.0.0.1 at 2012-06-29 15:13:08 +0000
+Processing by ExampleController#this_requires_signin_permission as HTML
+Authenticating with gds_sso strategy
+Completed   in 1ms
+Started GET "/auth/gds" for 127.0.0.1 at 2012-06-29 15:13:08 +0000
+Started GET "/auth/gds/callback?code=6f04f68a797bee82ccb0ab6ae8a34a6bc34b906c121f3787d269adda5ab7ab33" for 127.0.0.1 at 2012-06-29 15:13:08 +0000
+Processing by AuthenticationsController#callback as HTML
+  Parameters: {"code"=>"6f04f68a797bee82ccb0ab6ae8a34a6bc34b906c121f3787d269adda5ab7ab33"}
+Authenticating with gds_sso strategy
+Redirected to http://www.example-client.com/this_requires_signin_permission
+Completed 302 Found in 1ms
+Started GET "/this_requires_signin_permission" for 127.0.0.1 at 2012-06-29 15:13:08 +0000
+Processing by ExampleController#this_requires_signin_permission as HTML
+Completed 200 OK in 1ms (Views: 0.6ms)
+Started GET "/this_requires_signin_permission" for 127.0.0.1 at 2012-06-29 15:13:08 +0000
+Processing by ExampleController#this_requires_signin_permission as HTML
+Authenticating with gds_sso strategy
+Completed   in 0ms
+Started GET "/auth/gds" for 127.0.0.1 at 2012-06-29 15:13:08 +0000
+Started GET "/auth/gds/callback?code=321e680d4c57253be4e5525ac8dcf32f82a9f00ca961e920b9f948f307dac3f0" for 127.0.0.1 at 2012-06-29 15:13:08 +0000
+Processing by AuthenticationsController#callback as HTML
+  Parameters: {"code"=>"321e680d4c57253be4e5525ac8dcf32f82a9f00ca961e920b9f948f307dac3f0"}
+Authenticating with gds_sso strategy
+Redirected to http://www.example-client.com/this_requires_signin_permission
+Completed 302 Found in 1ms
+Started GET "/this_requires_signin_permission" for 127.0.0.1 at 2012-06-29 15:13:08 +0000
+Processing by ExampleController#this_requires_signin_permission as HTML
+Completed 200 OK in 1ms (Views: 0.3ms)
+Started GET "/restricted" for 127.0.0.1 at 2012-06-29 15:13:08 +0000
+Processing by ExampleController#restricted as JSON
+Authenticating with gds_sso_api_access strategy
+Completed   in 12ms
+Started GET "/restricted" for 127.0.0.1 at 2012-06-29 15:13:08 +0000
+Processing by ExampleController#restricted as JSON
+Authenticating with gds_sso_api_access strategy
+Completed 200 OK in 1ms (Views: 0.5ms)
+Started GET "/this_requires_signin_permission" for 127.0.0.1 at 2012-06-29 15:13:08 +0000
+Processing by ExampleController#this_requires_signin_permission as JSON
+Authenticating with gds_sso_api_access strategy
+Completed 200 OK in 1ms (Views: 0.6ms)
+Started GET "/" for 127.0.0.1 at 2012-06-29 15:15:49 +0000
+Processing by ExampleController#index as HTML
+  Rendered text template (0.0ms)
+Completed 200 OK in 47ms (Views: 46.9ms)
+Started GET "/restricted" for 127.0.0.1 at 2012-06-29 15:15:50 +0000
+Processing by ExampleController#restricted as HTML
+Authenticating with gds_sso strategy
+Completed   in 57ms
+Started GET "/auth/gds" for 127.0.0.1 at 2012-06-29 15:15:50 +0000
+Started GET "/auth/gds/callback?code=a6ee4774a529fe816b062efe6e3bf5160f09853d184da6a1964f80f67fe8f9d5" for 127.0.0.1 at 2012-06-29 15:15:50 +0000
+Processing by AuthenticationsController#callback as HTML
+  Parameters: {"code"=>"a6ee4774a529fe816b062efe6e3bf5160f09853d184da6a1964f80f67fe8f9d5"}
+Authenticating with gds_sso strategy
+Redirected to http://www.example-client.com/restricted
+Completed 302 Found in 1ms
+Started GET "/restricted" for 127.0.0.1 at 2012-06-29 15:15:51 +0000
+Processing by ExampleController#restricted as HTML
+Completed 200 OK in 1ms (Views: 0.5ms)
+Started GET "/restricted" for 127.0.0.1 at 2012-06-29 15:15:51 +0000
+Processing by ExampleController#restricted as HTML
+Authenticating with gds_sso strategy
+Completed   in 0ms
+Started GET "/auth/gds" for 127.0.0.1 at 2012-06-29 15:15:51 +0000
+Started GET "/auth/gds/callback?code=93272b19bea8a5e912d547c2a9234c750e4273c182b1ae1f568a65413a9c9bde" for 127.0.0.1 at 2012-06-29 15:15:51 +0000
+Processing by AuthenticationsController#callback as HTML
+  Parameters: {"code"=>"93272b19bea8a5e912d547c2a9234c750e4273c182b1ae1f568a65413a9c9bde"}
+Authenticating with gds_sso strategy
+Redirected to http://www.example-client.com/restricted
+Completed 302 Found in 1ms
+Started GET "/restricted" for 127.0.0.1 at 2012-06-29 15:15:51 +0000
+Processing by ExampleController#restricted as HTML
+Completed 200 OK in 1ms (Views: 0.5ms)
+Started GET "/restricted" for 127.0.0.1 at 2012-06-29 15:15:51 +0000
+Processing by ExampleController#restricted as HTML
+Authenticating with gds_sso strategy
+Completed   in 0ms
+Started GET "/auth/gds" for 127.0.0.1 at 2012-06-29 15:15:51 +0000
+Started GET "/auth/gds/callback?code=503a2ea219362457b2a4cb29bf3524dea435becf72f603dfd3460d3c4666a3ee" for 127.0.0.1 at 2012-06-29 15:15:51 +0000
+Processing by AuthenticationsController#callback as HTML
+  Parameters: {"code"=>"503a2ea219362457b2a4cb29bf3524dea435becf72f603dfd3460d3c4666a3ee"}
+Authenticating with gds_sso strategy
+Redirected to http://www.example-client.com/restricted
+Completed 302 Found in 1ms
+Started GET "/restricted" for 127.0.0.1 at 2012-06-29 15:15:51 +0000
+Processing by ExampleController#restricted as HTML
+Completed 200 OK in 1ms (Views: 0.3ms)
+Started GET "/this_requires_signin_permission" for 127.0.0.1 at 2012-06-29 15:15:51 +0000
+Processing by ExampleController#this_requires_signin_permission as HTML
+Authenticating with gds_sso strategy
+Completed   in 1ms
+Started GET "/auth/gds" for 127.0.0.1 at 2012-06-29 15:15:51 +0000
+Started GET "/auth/gds/callback?code=45442ccb3e7d3f5ec07aae9d0bff433f79718e2b60b5b657ed4b77e42d67fb70" for 127.0.0.1 at 2012-06-29 15:15:52 +0000
+Processing by AuthenticationsController#callback as HTML
+  Parameters: {"code"=>"45442ccb3e7d3f5ec07aae9d0bff433f79718e2b60b5b657ed4b77e42d67fb70"}
+Authenticating with gds_sso strategy
+Redirected to http://www.example-client.com/this_requires_signin_permission
+Completed 302 Found in 1ms
+Started GET "/this_requires_signin_permission" for 127.0.0.1 at 2012-06-29 15:15:52 +0000
+Processing by ExampleController#this_requires_signin_permission as HTML
+Completed 200 OK in 1ms (Views: 0.6ms)
+Started GET "/this_requires_signin_permission" for 127.0.0.1 at 2012-06-29 15:15:52 +0000
+Processing by ExampleController#this_requires_signin_permission as HTML
+Authenticating with gds_sso strategy
+Completed   in 0ms
+Started GET "/auth/gds" for 127.0.0.1 at 2012-06-29 15:15:52 +0000
+Started GET "/auth/gds/callback?code=9c3d73ca5c2c159bd9cd624ce3b030339e91d34897901bd9b3cb5948fc70de0c" for 127.0.0.1 at 2012-06-29 15:15:52 +0000
+Processing by AuthenticationsController#callback as HTML
+  Parameters: {"code"=>"9c3d73ca5c2c159bd9cd624ce3b030339e91d34897901bd9b3cb5948fc70de0c"}
+Authenticating with gds_sso strategy
+Redirected to http://www.example-client.com/this_requires_signin_permission
+Completed 302 Found in 1ms
+Started GET "/this_requires_signin_permission" for 127.0.0.1 at 2012-06-29 15:15:52 +0000
+Processing by ExampleController#this_requires_signin_permission as HTML
+Completed 200 OK in 1ms (Views: 0.3ms)
+Started GET "/restricted" for 127.0.0.1 at 2012-06-29 15:15:52 +0000
+Processing by ExampleController#restricted as JSON
+Authenticating with gds_sso_api_access strategy
+Completed   in 13ms
+Started GET "/restricted" for 127.0.0.1 at 2012-06-29 15:15:52 +0000
+Processing by ExampleController#restricted as JSON
+Authenticating with gds_sso_api_access strategy
+Completed 200 OK in 1ms (Views: 0.6ms)
+Started GET "/this_requires_signin_permission" for 127.0.0.1 at 2012-06-29 15:15:52 +0000
+Processing by ExampleController#this_requires_signin_permission as JSON
+Authenticating with gds_sso_api_access strategy
+Completed 200 OK in 1ms (Views: 0.6ms)

data/spec/requests/end_to_end_spec.rb CHANGED Viewed

@@ -58,6 +58,28 @@ describe "Integration of client using GDS-SSO with signonotron" do
       page.should have_content('restricted kablooie')
     end
+    specify "access to a page that requires signin permission granted " do
+      # First we login to authorise the app
+      visit "http://#{@client_host}/this_requires_signin_permission"
+      fill_in "Email", :with => "test@example-client.com"
+      fill_in "Passphrase", :with => "q1w2e3r4t5y6u7i8o9p0"
+      click_on "Sign in"
+      click_authorize
+      # At this point the app should be authorised, we reset the session to simulate a new browser visit.
+      reset_session!
+      page.driver.header 'accept', 'text/html'
+      visit "http://#{@client_host}/this_requires_signin_permission"
+      page.should have_content("Sign in")
+      fill_in "Email", :with => "test@example-client.com"
+      fill_in "Passphrase", :with => "q1w2e3r4t5y6u7i8o9p0"
+      click_on "Sign in"
+      page.should have_content('you have signin permission')
+    end
   end
   describe "API client accesses" do
@@ -75,6 +97,13 @@ describe "Integration of client using GDS-SSO with signonotron" do
       page.should have_content('restricted kablooie')
     end
+    specify "access to a page that requires signin permission granted (without basic auth users having permissions)" do
+      page.driver.browser.authorize 'test_api_user', 'api_user_password'
+      visit "http://#{@client_host}/this_requires_signin_permission"
+      page.should have_content('you have signin permission')
+    end
   end
   def click_authorize

metadata CHANGED Viewed

@@ -2,7 +2,7 @@
 name: gds-sso
 version: !ruby/object:Gem::Version
   prerelease:
-  version: 0.7.6
+  version: 0.7.7
 platform: ruby
 authors:
 - Matt Patterson
@@ -11,7 +11,7 @@ autorequire:
 bindir: bin
 cert_chain: []
-date: 2012-06-28 00:00:00 Z
+date: 2012-06-29 00:00:00 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails
@@ -204,7 +204,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      hash: 3204247925115360978
+      hash: 414716890116187310
       segments:
       - 0
       version: "0"
@@ -213,7 +213,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      hash: 3204247925115360978
+      hash: 414716890116187310
       segments:
       - 0
       version: "0"