RubyGems - gds-sso - Versions diffs - 3.1.1 → 4.0.0 - Mend

gds-sso 3.1.1 → 4.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (13) hide show

data/README.md +6 -5
data/lib/gds-sso.rb +1 -1
data/lib/gds-sso/config.rb +0 -7
data/lib/gds-sso/failure_app.rb +0 -1
data/lib/gds-sso/user.rb +0 -24
data/lib/gds-sso/version.rb +1 -1
data/lib/gds-sso/warden_config.rb +10 -46
data/spec/controller/api_user_controller_spec.rb +10 -3
data/spec/internal/config/initializers/gds-sso.rb +0 -2
data/spec/internal/db/combustion_test.sqlite +0 -0
data/spec/internal/log/test.log +1143 -0
data/spec/requests/end_to_end_spec.rb +0 -24
metadata +4 -4

data/README.md CHANGED Viewed

@@ -30,10 +30,6 @@ Create a `config/initializers/gds-sso.rb` that looks like:
       # optional config for location of signonotron2
       config.oauth_root_url = "http://localhost:3001"
-      # optional config for API Access (requests which accept application/json)
-      config.basic_auth_user = 'api'
-      config.basic_auth_password = 'secret'
     end
 The user model must include the GDS::SSO::User module.
@@ -42,11 +38,16 @@ It should have the following fields:
     string   "name"
     string   "email"
     string   "uid"
-    text     "permissions"
+    array    "permissions"
     boolean  "remotely_signed_out", :default => false
 You also need to include `GDS::SSO::ControllerMethods` in your ApplicationController
+For ActiveRecord, you probably want to declare permissions as "serialized" like this:
+    serialize :permissions, Array
 ## Use in development mode
 In development, you generally want to be able to run an application without needing to run your own SSO server to be running as well. GDS-SSO facilitates this by using a 'mock' mode in development. Mock mode loads an arbitrary user from the local application's user tables:

data/lib/gds-sso.rb CHANGED Viewed

@@ -38,7 +38,7 @@ module GDS
       end
       def self.default_strategies
-        use_mock_strategies? ? [:mock_gds_sso, :mock_gds_sso_api_access] : [:gds_sso, :gds_bearer_token, :gds_sso_api_access]
+        use_mock_strategies? ? [:mock_gds_sso, :mock_gds_sso_api_access] : [:gds_sso, :gds_bearer_token]
       end
       config.app_middleware.use Warden::Manager do |config|

data/lib/gds-sso/config.rb CHANGED Viewed

@@ -15,13 +15,6 @@ module GDS
       mattr_accessor :oauth_root_url
       @@oauth_root_url = "http://localhost:3001"
-      # Basic Auth Credentials (for api access when request accept
-      # header is application/json)
-      mattr_accessor :basic_auth_user
-      mattr_accessor :basic_auth_password
-      mattr_accessor :basic_auth_realm
-      @@basic_auth_realm = "API Access"
       mattr_accessor :auth_valid_for
       @@auth_valid_for = 20 * 3600

data/lib/gds-sso/failure_app.rb CHANGED Viewed

@@ -9,7 +9,6 @@ module GDS
       include ActionController::RackDelegation
       include ActionController::UrlFor
       include ActionController::Redirecting
-      include ActionController::HttpAuthentication::Basic::ControllerMethods
       include Rails.application.routes.url_helpers
       def self.call(env)

data/lib/gds-sso/user.rb CHANGED Viewed

@@ -2,30 +2,6 @@ require 'active_support/concern'
 module GDS
   module SSO
-    class ApiUser
-      def uid
-        0
-      end
-      def name
-        'API User'
-      end
-      def has_permission?(permission)
-        true
-      end
-      def clear_remotely_signed_out!
-      end
-      def set_remotely_signed_out!
-      end
-      def remotely_signed_out?
-        false
-      end
-    end
     module User
       def included(base)
         attr_accessible :uid, :email, :name, :permissions, as: :oauth

data/lib/gds-sso/version.rb CHANGED Viewed

@@ -1,5 +1,5 @@
 module GDS
   module SSO
-    VERSION = "3.1.1"
+    VERSION = "4.0.0"
   end
 end

data/lib/gds-sso/warden_config.rb CHANGED Viewed

@@ -127,51 +127,7 @@ Warden::Strategies.add(:gds_bearer_token) do
       {
         'Content-Type' => 'text/plain',
         'Content-Length' => '0',
-        'WWW-Authenticate' => %(Bearer realm="#{GDS::SSO::Config.basic_auth_realm}", error="invalid_token")
-      },
-      []
-    ]
-  end
-end
-Warden::Strategies.add(:gds_sso_api_access) do
-  def api_user
-    @api_user ||= GDS::SSO::ApiUser.new
-  end
-  def valid?
-    ::GDS::SSO::ApiAccess.api_call?(env)
-  end
-  def authenticate!
-    logger.debug("Authenticating with gds_sso_api_access strategy")
-    auth = Rack::Auth::Basic::Request.new(env)
-    return custom!(unauthorized) unless auth.provided?
-    return fail!(:bad_request) unless auth.basic?
-    if valid_api_user?(*auth.credentials)
-      success!(api_user)
-    else
-      custom!(unauthorized)
-    end
-  end
-  def valid_api_user?(username, password)
-    username.to_s.strip != '' &&
-      password.to_s.strip != '' &&
-      username == ::GDS::SSO::Config.basic_auth_user &&
-      password == ::GDS::SSO::Config.basic_auth_password
-  end
-  def unauthorized
-    [
-      401,
-      {
-        'Content-Type' => 'text/plain',
-        'Content-Length' => '0',
-        'WWW-Authenticate' => %(Basic realm="#{GDS::SSO::Config.basic_auth_realm}")
+        'WWW-Authenticate' => %(Bearer error="invalid_token")
       },
       []
     ]
@@ -212,6 +168,14 @@ Warden::Strategies.add(:mock_gds_sso_api_access) do
   def authenticate!
     logger.debug("Authenticating with mock_gds_sso_api_access strategy")
-    success!(GDS::SSO::ApiUser.new)
+    dummy_api_user = GDS::SSO::Config.user_klass.find_by_email("dummyapiuser@domain.com")
+    if dummy_api_user.nil?
+      dummy_api_user = GDS::SSO::Config.user_klass.create!(
+          uid: "#{rand(10000)}",
+          name: "Dummy API user created by gds-sso",
+          permissions: ["signin"],
+          as: :oauth)
+    end
+    success!(dummy_api_user)
   end
 end

data/spec/controller/api_user_controller_spec.rb CHANGED Viewed

@@ -20,6 +20,13 @@ describe Api::UserController, type: :controller do
         :name => "Moshua Jarshall",
         :permissions => ["signin"] },
         as: :oauth)
+    @signon_sso_push_user = User.create!({
+        :uid => "a1s2d3#{rand(10000)}",
+        :email => "ssopushuser@legit.com",
+        :name => "SSO Push user",
+        :permissions => ["signin", "user_update_permission"] },
+        as: :oauth)
   end
   describe "PUT update" do
@@ -42,7 +49,7 @@ describe Api::UserController, type: :controller do
       request.env['warden'] = mock("mock warden")
       request.env['warden'].expects(:authenticate!).at_least_once.returns(true)
       request.env['warden'].expects(:authenticated?).at_least_once.returns(true)
-      request.env['warden'].expects(:user).at_least_once.returns(GDS::SSO::ApiUser.new)
+      request.env['warden'].expects(:user).at_least_once.returns(@signon_sso_push_user)
       request.env['RAW_POST_DATA'] = user_update_json
       put :update, uid: @user_to_update.uid
@@ -73,7 +80,7 @@ describe Api::UserController, type: :controller do
       request.env['warden'] = mock("mock warden")
       request.env['warden'].expects(:authenticate!).at_least_once.returns(true)
       request.env['warden'].expects(:authenticated?).at_least_once.returns(true)
-      request.env['warden'].expects(:user).at_least_once.returns(GDS::SSO::ApiUser.new)
+      request.env['warden'].expects(:user).at_least_once.returns(@signon_sso_push_user)
       post :reauth, uid: "nonexistent-user"
@@ -85,7 +92,7 @@ describe Api::UserController, type: :controller do
       request.env['warden'] = mock("mock warden")
       request.env['warden'].expects(:authenticate!).at_least_once.returns(true)
       request.env['warden'].expects(:authenticated?).at_least_once.returns(true)
-      request.env['warden'].expects(:user).at_least_once.returns(GDS::SSO::ApiUser.new)
+      request.env['warden'].expects(:user).at_least_once.returns(@signon_sso_push_user)
       post :reauth, uid: @user_to_update.uid

data/spec/internal/config/initializers/gds-sso.rb CHANGED Viewed

@@ -3,6 +3,4 @@ GDS::SSO.config do |config|
   config.oauth_id     = 'gds-sso-test'
   config.oauth_secret = 'secret'
   config.oauth_root_url = "http://localhost:4567"
-  config.basic_auth_user = 'test_api_user'
-  config.basic_auth_password = 'api_user_password'
 end

data/spec/internal/db/combustion_test.sqlite CHANGED Viewed

Binary file

data/spec/internal/log/test.log CHANGED Viewed

@@ -3842,3 +3842,1146 @@ Authenticating with gds_bearer_token strategy
 ' WHERE "users"."id" = 6
   [1m[36m (2.7ms)[0m  [1mcommit transaction[0m
 Completed 200 OK in 76.1ms (Views: 0.3ms | ActiveRecord: 7.6ms)
+Connecting to database specified by database.yml
+  [1m[36m (0.9ms)[0m  [1mselect sqlite_version(*)[0m
+  [1m[35m (6.4ms)[0m  DROP TABLE "users"
+  [1m[36m (2.4ms)[0m  [1mCREATE TABLE "users" ("id" INTEGER PRIMARY KEY AUTOINCREMENT NOT NULL, "name" varchar(255) NOT NULL, "uid" varchar(255) NOT NULL, "email" varchar(255) NOT NULL, "remotely_signed_out" boolean, "permissions" text) [0m
+  [1m[35m (0.1ms)[0m  begin transaction
+  [1m[36mSQL (2.4ms)[0m  [1mINSERT INTO "users" ("email", "name", "permissions", "remotely_signed_out", "uid") VALUES (?, ?, ?, ?, ?)[0m  [["email", "old@domain.com"], ["name", "Moshua Jarshall"], ["permissions", "---\n- signin\n"], ["remotely_signed_out", nil], ["uid", "a1s2d38120"]]
+  [1m[35m (3.3ms)[0m  commit transaction
+WARNING: Can't mass-assign protected attributes: uid, name, permissions
+Processing by Api::UserController#update as HTML
+  Parameters: {"uid"=>"a1s2d38120"}
+  Rendered /home/jenkins/workspace/govuk_gds_sso/app/views/authorisations/unauthorised.html.erb within layouts/unauthorised (0.9ms)
+Completed 403 Forbidden in 7.7ms (Views: 6.9ms | ActiveRecord: 0.0ms)
+  [1m[36m (0.1ms)[0m  [1mbegin transaction[0m
+  [1m[35mSQL (0.2ms)[0m  INSERT INTO "users" ("email", "name", "permissions", "remotely_signed_out", "uid") VALUES (?, ?, ?, ?, ?)  [["email", "old@domain.com"], ["name", "Moshua Jarshall"], ["permissions", "---\n- signin\n"], ["remotely_signed_out", nil], ["uid", "a1s2d37442"]]
+  [1m[36m (3.7ms)[0m  [1mcommit transaction[0m
+Processing by Api::UserController#update as HTML
+  Parameters: {"uid"=>"a1s2d37442"}
+  [1m[35mUser Load (0.2ms)[0m  SELECT "users".* FROM "users" WHERE "users"."uid" = 'a1s2d37442' LIMIT 1
+  [1m[36m (0.1ms)[0m  [1mbegin transaction[0m
+  [1m[35m (0.3ms)[0m  UPDATE "users" SET "email" = 'user@domain.com', "name" = 'Joshua Marshall', "permissions" = '---
+- signin
+- new permission
+' WHERE "users"."id" = 2
+  [1m[36m (3.6ms)[0m  [1mcommit transaction[0m
+Completed 200 OK in 41.5ms (ActiveRecord: 4.2ms)
+  [1m[35mUser Load (0.3ms)[0m  SELECT "users".* FROM "users" WHERE "users"."id" = ? LIMIT 1  [["id", 2]]
+  [1m[36m (0.1ms)[0m  [1mbegin transaction[0m
+  [1m[35mSQL (0.2ms)[0m  INSERT INTO "users" ("email", "name", "permissions", "remotely_signed_out", "uid") VALUES (?, ?, ?, ?, ?)  [["email", "old@domain.com"], ["name", "Moshua Jarshall"], ["permissions", "---\n- signin\n"], ["remotely_signed_out", nil], ["uid", "a1s2d35316"]]
+  [1m[36m (3.7ms)[0m  [1mcommit transaction[0m
+WARNING: Can't mass-assign protected attributes: uid, name, permissions
+Processing by Api::UserController#reauth as HTML
+  Parameters: {"uid"=>"a1s2d35316"}
+Completed 403 Forbidden in 1.9ms (Views: 1.1ms | ActiveRecord: 0.0ms)
+  [1m[35m (0.1ms)[0m  begin transaction
+  [1m[36mSQL (0.2ms)[0m  [1mINSERT INTO "users" ("email", "name", "permissions", "remotely_signed_out", "uid") VALUES (?, ?, ?, ?, ?)[0m  [["email", "old@domain.com"], ["name", "Moshua Jarshall"], ["permissions", "---\n- signin\n"], ["remotely_signed_out", nil], ["uid", "a1s2d32129"]]
+  [1m[35m (3.6ms)[0m  commit transaction
+Processing by Api::UserController#reauth as HTML
+  Parameters: {"uid"=>"nonexistent-user"}
+  [1m[36mUser Load (0.2ms)[0m  [1mSELECT "users".* FROM "users" WHERE "users"."uid" = 'nonexistent-user' LIMIT 1[0m
+Completed 200 OK in 1.1ms (ActiveRecord: 0.2ms)
+  [1m[35m (0.1ms)[0m  begin transaction
+  [1m[36mSQL (0.2ms)[0m  [1mINSERT INTO "users" ("email", "name", "permissions", "remotely_signed_out", "uid") VALUES (?, ?, ?, ?, ?)[0m  [["email", "old@domain.com"], ["name", "Moshua Jarshall"], ["permissions", "---\n- signin\n"], ["remotely_signed_out", nil], ["uid", "a1s2d32312"]]
+  [1m[35m (3.4ms)[0m  commit transaction
+Processing by Api::UserController#reauth as HTML
+  Parameters: {"uid"=>"a1s2d32312"}
+  [1m[36mUser Load (0.2ms)[0m  [1mSELECT "users".* FROM "users" WHERE "users"."uid" = 'a1s2d32312' LIMIT 1[0m
+  [1m[35m (0.0ms)[0m  begin transaction
+  [1m[36m (0.2ms)[0m  [1mUPDATE "users" SET "remotely_signed_out" = 't', "permissions" = '---
+- signin
+' WHERE "users"."id" = 5[0m
+  [1m[35m (3.1ms)[0m  commit transaction
+Completed 200 OK in 7.7ms (ActiveRecord: 3.5ms)
+  [1m[36mUser Load (0.1ms)[0m  [1mSELECT "users".* FROM "users" WHERE "users"."id" = ? LIMIT 1[0m  [["id", 5]]
+Started GET "/" for 127.0.0.1 at 2013-10-30 14:58:39 +0000
+Processing by ExampleController#index as HTML
+Completed 200 OK in 2.4ms (Views: 1.9ms | ActiveRecord: 0.0ms)
+Started GET "/restricted" for 127.0.0.1 at 2013-10-30 14:58:39 +0000
+Processing by ExampleController#restricted as HTML
+Authenticating with gds_sso strategy
+Completed   in 3.1ms
+Started GET "/auth/gds" for 127.0.0.1 at 2013-10-30 14:58:39 +0000
+Started GET "/auth/gds/callback?code=21546b2d9ad4eac9af531e441d189e32374b72b07fa4595ccdc90e26f06bf5bc&state=4e2c3a74c3e20574e39358e44bb801e5fa2d82b0812546c6" for 127.0.0.1 at 2013-10-30 14:58:40 +0000
+Processing by AuthenticationsController#callback as HTML
+  Parameters: {"code"=>"21546b2d9ad4eac9af531e441d189e32374b72b07fa4595ccdc90e26f06bf5bc", "state"=>"4e2c3a74c3e20574e39358e44bb801e5fa2d82b0812546c6"}
+Authenticating with gds_sso strategy
+  [1m[35mUser Load (0.2ms)[0m  SELECT "users".* FROM "users" WHERE "users"."uid" = 'integration-uid' LIMIT 1
+  [1m[36m (0.1ms)[0m  [1mbegin transaction[0m
+  [1m[35mSQL (0.3ms)[0m  INSERT INTO "users" ("email", "name", "permissions", "remotely_signed_out", "uid") VALUES (?, ?, ?, ?, ?)  [["email", "test@example-client.com"], ["name", "Test User"], ["permissions", "---\n- signin\n"], ["remotely_signed_out", nil], ["uid", "integration-uid"]]
+  [1m[36m (4.9ms)[0m  [1mcommit transaction[0m
+  [1m[35m (0.0ms)[0m  begin transaction
+  [1m[36m (0.2ms)[0m  [1mUPDATE "users" SET "remotely_signed_out" = 'f', "permissions" = '---
+- signin
+' WHERE "users"."id" = 6[0m
+  [1m[35m (3.1ms)[0m  commit transaction
+Redirected to http://www.example-client.com/restricted
+Completed 302 Found in 16.5ms (ActiveRecord: 8.8ms)
+Started GET "/restricted" for 127.0.0.1 at 2013-10-30 14:58:41 +0000
+Processing by ExampleController#restricted as HTML
+  [1m[36mUser Load (0.1ms)[0m  [1mSELECT "users".* FROM "users" WHERE "users"."uid" = 'integration-uid' LIMIT 1[0m
+Completed 200 OK in 1.4ms (Views: 0.5ms | ActiveRecord: 0.1ms)
+Started GET "/restricted" for 127.0.0.1 at 2013-10-30 14:58:41 +0000
+Processing by ExampleController#restricted as HTML
+Authenticating with gds_sso strategy
+Completed   in 0.3ms
+Started GET "/auth/gds" for 127.0.0.1 at 2013-10-30 14:58:41 +0000
+Started GET "/auth/gds/callback?code=b502c94aa9f9e6a5c22c8232bbdb33e45ffa417003478602d9431a701021e7f5&state=d4d6b16cf6ec8214fa1472c1e08f51e085490bcd4d767886" for 127.0.0.1 at 2013-10-30 14:58:41 +0000
+Processing by AuthenticationsController#callback as HTML
+  Parameters: {"code"=>"b502c94aa9f9e6a5c22c8232bbdb33e45ffa417003478602d9431a701021e7f5", "state"=>"d4d6b16cf6ec8214fa1472c1e08f51e085490bcd4d767886"}
+Authenticating with gds_sso strategy
+  [1m[35mUser Load (0.2ms)[0m  SELECT "users".* FROM "users" WHERE "users"."uid" = 'integration-uid' LIMIT 1
+  [1m[36m (0.1ms)[0m  [1mbegin transaction[0m
+  [1m[35m (0.2ms)[0m  UPDATE "users" SET "permissions" = '---
+- signin
+' WHERE "users"."id" = 6
+  [1m[36m (3.4ms)[0m  [1mcommit transaction[0m
+  [1m[35m (0.0ms)[0m  begin transaction
+  [1m[36m (0.2ms)[0m  [1mUPDATE "users" SET "permissions" = '---
+- signin
+' WHERE "users"."id" = 6[0m
+  [1m[35m (2.6ms)[0m  commit transaction
+Redirected to http://www.example-client.com/restricted
+Completed 302 Found in 15.9ms (ActiveRecord: 6.6ms)
+Started GET "/restricted" for 127.0.0.1 at 2013-10-30 14:58:41 +0000
+Processing by ExampleController#restricted as HTML
+  [1m[36mUser Load (0.1ms)[0m  [1mSELECT "users".* FROM "users" WHERE "users"."uid" = 'integration-uid' LIMIT 1[0m
+Completed 200 OK in 1.4ms (Views: 0.4ms | ActiveRecord: 0.1ms)
+Started GET "/restricted" for 127.0.0.1 at 2013-10-30 14:58:41 +0000
+Processing by ExampleController#restricted as HTML
+Authenticating with gds_sso strategy
+Completed   in 0.2ms
+Started GET "/auth/gds" for 127.0.0.1 at 2013-10-30 14:58:41 +0000
+Started GET "/auth/gds/callback?code=cb181f89b3f5f0a5cf01ed58b0fa6d9a19d6103681566112ff2e9b5c291fb435&state=463eea390a459f0b3bc6c396f3440194a74f09fe360d7942" for 127.0.0.1 at 2013-10-30 14:58:41 +0000
+Processing by AuthenticationsController#callback as HTML
+  Parameters: {"code"=>"cb181f89b3f5f0a5cf01ed58b0fa6d9a19d6103681566112ff2e9b5c291fb435", "state"=>"463eea390a459f0b3bc6c396f3440194a74f09fe360d7942"}
+Authenticating with gds_sso strategy
+  [1m[35mUser Load (0.2ms)[0m  SELECT "users".* FROM "users" WHERE "users"."uid" = 'integration-uid' LIMIT 1
+  [1m[36m (0.1ms)[0m  [1mbegin transaction[0m
+  [1m[35m (0.2ms)[0m  UPDATE "users" SET "permissions" = '---
+- signin
+' WHERE "users"."id" = 6
+  [1m[36m (4.6ms)[0m  [1mcommit transaction[0m
+  [1m[35m (0.0ms)[0m  begin transaction
+  [1m[36m (0.1ms)[0m  [1mUPDATE "users" SET "permissions" = '---
+- signin
+' WHERE "users"."id" = 6[0m
+  [1m[35m (3.9ms)[0m  commit transaction
+Redirected to http://www.example-client.com/restricted
+Completed 302 Found in 17.0ms (ActiveRecord: 9.0ms)
+Started GET "/restricted" for 127.0.0.1 at 2013-10-30 14:58:41 +0000
+Processing by ExampleController#restricted as HTML
+  [1m[36mUser Load (0.1ms)[0m  [1mSELECT "users".* FROM "users" WHERE "users"."uid" = 'integration-uid' LIMIT 1[0m
+Completed 200 OK in 1.1ms (Views: 0.3ms | ActiveRecord: 0.1ms)
+Started GET "/this_requires_signin_permission" for 127.0.0.1 at 2013-10-30 14:58:41 +0000
+Processing by ExampleController#this_requires_signin_permission as HTML
+Authenticating with gds_sso strategy
+Completed   in 0.9ms
+Started GET "/auth/gds" for 127.0.0.1 at 2013-10-30 14:58:41 +0000
+Started GET "/auth/gds/callback?code=0abbf3732068ec26d861f589015b48d9a47a052307122a8333cae758fcf50df8&state=5a63670716405b23224915160b440ace463901bfae234e3b" for 127.0.0.1 at 2013-10-30 14:58:42 +0000
+Processing by AuthenticationsController#callback as HTML
+  Parameters: {"code"=>"0abbf3732068ec26d861f589015b48d9a47a052307122a8333cae758fcf50df8", "state"=>"5a63670716405b23224915160b440ace463901bfae234e3b"}
+Authenticating with gds_sso strategy
+  [1m[35mUser Load (0.2ms)[0m  SELECT "users".* FROM "users" WHERE "users"."uid" = 'integration-uid' LIMIT 1
+  [1m[36m (0.1ms)[0m  [1mbegin transaction[0m
+  [1m[35m (0.2ms)[0m  UPDATE "users" SET "permissions" = '---
+- signin
+' WHERE "users"."id" = 6
+  [1m[36m (4.4ms)[0m  [1mcommit transaction[0m
+  [1m[35m (0.0ms)[0m  begin transaction
+  [1m[36m (0.1ms)[0m  [1mUPDATE "users" SET "permissions" = '---
+- signin
+' WHERE "users"."id" = 6[0m
+  [1m[35m (11.7ms)[0m  commit transaction
+Redirected to http://www.example-client.com/this_requires_signin_permission
+Completed 302 Found in 26.0ms (ActiveRecord: 16.8ms)
+Started GET "/this_requires_signin_permission" for 127.0.0.1 at 2013-10-30 14:58:42 +0000
+Processing by ExampleController#this_requires_signin_permission as HTML
+  [1m[36mUser Load (0.1ms)[0m  [1mSELECT "users".* FROM "users" WHERE "users"."uid" = 'integration-uid' LIMIT 1[0m
+Completed 200 OK in 3.3ms (Views: 0.5ms | ActiveRecord: 0.1ms)
+Started GET "/this_requires_signin_permission" for 127.0.0.1 at 2013-10-30 14:58:42 +0000
+Processing by ExampleController#this_requires_signin_permission as HTML
+Authenticating with gds_sso strategy
+Completed   in 0.2ms
+Started GET "/auth/gds" for 127.0.0.1 at 2013-10-30 14:58:42 +0000
+Started GET "/auth/gds/callback?code=4393d4eb5d4056deb04e22601d9d750f197ff2f67dadafd2e1e28a6cf811ff85&state=b8cab794093fd92b46e8d39c63dffffdc523af2f770860a2" for 127.0.0.1 at 2013-10-30 14:58:42 +0000
+Processing by AuthenticationsController#callback as HTML
+  Parameters: {"code"=>"4393d4eb5d4056deb04e22601d9d750f197ff2f67dadafd2e1e28a6cf811ff85", "state"=>"b8cab794093fd92b46e8d39c63dffffdc523af2f770860a2"}
+Authenticating with gds_sso strategy
+  [1m[35mUser Load (0.2ms)[0m  SELECT "users".* FROM "users" WHERE "users"."uid" = 'integration-uid' LIMIT 1
+  [1m[36m (0.1ms)[0m  [1mbegin transaction[0m
+  [1m[35m (0.2ms)[0m  UPDATE "users" SET "permissions" = '---
+- signin
+' WHERE "users"."id" = 6
+  [1m[36m (5.6ms)[0m  [1mcommit transaction[0m
+  [1m[35m (0.0ms)[0m  begin transaction
+  [1m[36m (0.1ms)[0m  [1mUPDATE "users" SET "permissions" = '---
+- signin
+' WHERE "users"."id" = 6[0m
+  [1m[35m (4.3ms)[0m  commit transaction
+Redirected to http://www.example-client.com/this_requires_signin_permission
+Completed 302 Found in 18.7ms (ActiveRecord: 10.4ms)
+Started GET "/this_requires_signin_permission" for 127.0.0.1 at 2013-10-30 14:58:42 +0000
+Processing by ExampleController#this_requires_signin_permission as HTML
+  [1m[36mUser Load (0.1ms)[0m  [1mSELECT "users".* FROM "users" WHERE "users"."uid" = 'integration-uid' LIMIT 1[0m
+Completed 200 OK in 3.1ms (Views: 0.3ms | ActiveRecord: 0.1ms)
+Started GET "/restricted" for 127.0.0.1 at 2013-10-30 14:58:42 +0000
+Processing by ExampleController#restricted as HTML
+Authenticating with gds_sso strategy
+Completed   in 0.3ms
+Started GET "/auth/gds" for 127.0.0.1 at 2013-10-30 14:58:42 +0000
+Started GET "/auth/gds/callback?code=e7dd5b6ce99dde23d4e201fe072581c16f6ec38f18dca14912e2f99d21723ef8&state=d1fb30062bf4605aa9e69cf627352c1b5bcac088374a98b2" for 127.0.0.1 at 2013-10-30 14:58:42 +0000
+Processing by AuthenticationsController#callback as HTML
+  Parameters: {"code"=>"e7dd5b6ce99dde23d4e201fe072581c16f6ec38f18dca14912e2f99d21723ef8", "state"=>"d1fb30062bf4605aa9e69cf627352c1b5bcac088374a98b2"}
+Authenticating with gds_sso strategy
+  [1m[35mUser Load (0.3ms)[0m  SELECT "users".* FROM "users" WHERE "users"."uid" = 'integration-uid' LIMIT 1
+  [1m[36m (0.1ms)[0m  [1mbegin transaction[0m
+  [1m[35m (0.2ms)[0m  UPDATE "users" SET "permissions" = '---
+- signin
+' WHERE "users"."id" = 6
+  [1m[36m (7.1ms)[0m  [1mcommit transaction[0m
+  [1m[35m (0.0ms)[0m  begin transaction
+  [1m[36m (0.2ms)[0m  [1mUPDATE "users" SET "permissions" = '---
+- signin
+' WHERE "users"."id" = 6[0m
+  [1m[35m (4.8ms)[0m  commit transaction
+Redirected to http://www.example-client.com/restricted
+Completed 302 Found in 23.0ms (ActiveRecord: 12.7ms)
+Started GET "/restricted" for 127.0.0.1 at 2013-10-30 14:58:42 +0000
+Processing by ExampleController#restricted as HTML
+  [1m[36mUser Load (0.2ms)[0m  [1mSELECT "users".* FROM "users" WHERE "users"."uid" = 'integration-uid' LIMIT 1[0m
+Completed 200 OK in 2.4ms (Views: 0.5ms | ActiveRecord: 0.2ms)
+  [1m[35mUser Load (0.1ms)[0m  SELECT "users".* FROM "users" WHERE "users"."uid" = 'integration-uid' LIMIT 1
+  [1m[36m (0.1ms)[0m  [1mbegin transaction[0m
+  [1m[35m (0.2ms)[0m  UPDATE "users" SET "remotely_signed_out" = 't', "permissions" = '---
+- signin
+' WHERE "users"."id" = 6
+  [1m[36m (8.9ms)[0m  [1mcommit transaction[0m
+Started GET "/restricted" for 127.0.0.1 at 2013-10-30 14:58:42 +0000
+Processing by ExampleController#restricted as HTML
+  [1m[35mUser Load (0.2ms)[0m  SELECT "users".* FROM "users" WHERE "users"."uid" = 'integration-uid' LIMIT 1
+Filter chain halted as :authenticate_user! rendered or redirected
+Completed 403 Forbidden in 5.8ms (Views: 3.9ms | ActiveRecord: 0.2ms)
+Started GET "/auth/gds/sign_out" for 127.0.0.1 at 2013-10-30 14:58:42 +0000
+Processing by AuthenticationsController#sign_out as HTML
+Redirected to http://localhost:4567/users/sign_out
+Completed 302 Found in 0.5ms (ActiveRecord: 0.0ms)
+Started GET "/restricted" for 127.0.0.1 at 2013-10-30 14:58:43 +0000
+Processing by ExampleController#restricted as HTML
+Authenticating with gds_sso strategy
+Completed   in 0.3ms
+Started GET "/auth/gds" for 127.0.0.1 at 2013-10-30 14:58:43 +0000
+Started GET "/auth/gds/callback?code=87bc7d06f9e52b5040f78d5ff86fbb263582b33244bed765d729002aac8001d7&state=1fbfeba924b1b068322d0fbef2b4da4d53fb74a256364324" for 127.0.0.1 at 2013-10-30 14:58:43 +0000
+Processing by AuthenticationsController#callback as HTML
+  Parameters: {"code"=>"87bc7d06f9e52b5040f78d5ff86fbb263582b33244bed765d729002aac8001d7", "state"=>"1fbfeba924b1b068322d0fbef2b4da4d53fb74a256364324"}
+Authenticating with gds_sso strategy
+  [1m[36mUser Load (0.2ms)[0m  [1mSELECT "users".* FROM "users" WHERE "users"."uid" = 'integration-uid' LIMIT 1[0m
+  [1m[35m (0.1ms)[0m  begin transaction
+  [1m[36m (0.2ms)[0m  [1mUPDATE "users" SET "permissions" = '---
+- signin
+' WHERE "users"."id" = 6[0m
+  [1m[35m (7.2ms)[0m  commit transaction
+  [1m[36m (0.0ms)[0m  [1mbegin transaction[0m
+  [1m[35m (0.2ms)[0m  UPDATE "users" SET "remotely_signed_out" = 'f', "permissions" = '---
+- signin
+' WHERE "users"."id" = 6
+  [1m[36m (4.1ms)[0m  [1mcommit transaction[0m
+Redirected to http://www.example-client.com/restricted
+Completed 302 Found in 20.1ms (ActiveRecord: 11.9ms)
+Started GET "/restricted" for 127.0.0.1 at 2013-10-30 14:58:43 +0000
+Processing by ExampleController#restricted as HTML
+  [1m[35mUser Load (0.1ms)[0m  SELECT "users".* FROM "users" WHERE "users"."uid" = 'integration-uid' LIMIT 1
+Completed 200 OK in 1.2ms (Views: 0.3ms | ActiveRecord: 0.1ms)
+Started GET "/restricted" for 127.0.0.1 at 2013-10-30 14:58:43 +0000
+Processing by ExampleController#restricted as HTML
+Authenticating with gds_sso strategy
+Completed   in 0.3ms
+Started GET "/auth/gds" for 127.0.0.1 at 2013-10-30 14:58:43 +0000
+Started GET "/auth/gds/callback?code=e1bd6f888ef37e5f44cc5a61ce36d141c51fc0208846c2718ae49def19e5f1f5&state=b4bf18736e24adef0702b62688f117ab0368826e88a41dda" for 127.0.0.1 at 2013-10-30 14:58:43 +0000
+Processing by AuthenticationsController#callback as HTML
+  Parameters: {"code"=>"e1bd6f888ef37e5f44cc5a61ce36d141c51fc0208846c2718ae49def19e5f1f5", "state"=>"b4bf18736e24adef0702b62688f117ab0368826e88a41dda"}
+Authenticating with gds_sso strategy
+  [1m[36mUser Load (0.3ms)[0m  [1mSELECT "users".* FROM "users" WHERE "users"."uid" = 'integration-uid' LIMIT 1[0m
+  [1m[35m (0.1ms)[0m  begin transaction
+  [1m[36m (0.2ms)[0m  [1mUPDATE "users" SET "permissions" = '---
+- signin
+' WHERE "users"."id" = 6[0m
+  [1m[35m (12.0ms)[0m  commit transaction
+  [1m[36m (0.1ms)[0m  [1mbegin transaction[0m
+  [1m[35m (0.3ms)[0m  UPDATE "users" SET "permissions" = '---
+- signin
+' WHERE "users"."id" = 6
+  [1m[36m (3.5ms)[0m  [1mcommit transaction[0m
+Redirected to http://www.example-client.com/restricted
+Completed 302 Found in 30.4ms (ActiveRecord: 16.4ms)
+Started GET "/restricted" for 127.0.0.1 at 2013-10-30 14:58:43 +0000
+Processing by ExampleController#restricted as HTML
+  [1m[35mUser Load (0.3ms)[0m  SELECT "users".* FROM "users" WHERE "users"."uid" = 'integration-uid' LIMIT 1
+Completed 200 OK in 2.6ms (Views: 0.7ms | ActiveRecord: 0.3ms)
+Started GET "/restricted" for 127.0.0.1 at 2013-10-31 11:03:43 +0000
+Processing by ExampleController#restricted as HTML
+Authenticating with gds_sso strategy
+Completed   in 0.5ms
+Started GET "/auth/gds" for 127.0.0.1 at 2013-10-31 11:03:43 +0000
+Started GET "/auth/gds/callback?code=973f0fa8a743e55c374e166c86c0da2753453e40b0994b02e576e9799d65c6cf&state=ce5a5d8001cced1f32f81a71982b7ae354697d1e80e108a3" for 127.0.0.1 at 2013-10-31 11:03:43 +0000
+Processing by AuthenticationsController#callback as HTML
+  Parameters: {"code"=>"973f0fa8a743e55c374e166c86c0da2753453e40b0994b02e576e9799d65c6cf", "state"=>"ce5a5d8001cced1f32f81a71982b7ae354697d1e80e108a3"}
+Authenticating with gds_sso strategy
+  [1m[36mUser Load (0.2ms)[0m  [1mSELECT "users".* FROM "users" WHERE "users"."uid" = 'integration-uid' LIMIT 1[0m
+  [1m[35m (0.1ms)[0m  begin transaction
+  [1m[36m (0.2ms)[0m  [1mUPDATE "users" SET "permissions" = '---
+- signin
+' WHERE "users"."id" = 6[0m
+  [1m[35m (4.9ms)[0m  commit transaction
+  [1m[36m (0.1ms)[0m  [1mbegin transaction[0m
+  [1m[35m (0.2ms)[0m  UPDATE "users" SET "permissions" = '---
+- signin
+' WHERE "users"."id" = 6
+  [1m[36m (3.6ms)[0m  [1mcommit transaction[0m
+Redirected to http://www.example-client.com/restricted
+Completed 302 Found in 17.0ms (ActiveRecord: 9.2ms)
+Started GET "/restricted" for 127.0.0.1 at 2013-10-31 11:03:43 +0000
+Processing by ExampleController#restricted as HTML
+  [1m[35mUser Load (0.1ms)[0m  SELECT "users".* FROM "users" WHERE "users"."uid" = 'integration-uid' LIMIT 1
+Completed 200 OK in 1.1ms (Views: 0.2ms | ActiveRecord: 0.1ms)
+Started GET "/restricted" for 127.0.0.1 at 2013-10-30 14:58:43 +0000
+Processing by ExampleController#restricted as HTML
+Authenticating with gds_sso strategy
+Completed   in 0.3ms
+Started GET "/auth/gds" for 127.0.0.1 at 2013-10-30 14:58:43 +0000
+Started GET "/auth/gds/callback?code=e05906c7d82b5d9daf4a495c55296ad7159eb4ff81223f9082414307ba86758d&state=52504b0b1d107ce958c4f76ca1ee4643be771726c2544e3e" for 127.0.0.1 at 2013-10-30 14:58:44 +0000
+Processing by AuthenticationsController#callback as HTML
+  Parameters: {"code"=>"e05906c7d82b5d9daf4a495c55296ad7159eb4ff81223f9082414307ba86758d", "state"=>"52504b0b1d107ce958c4f76ca1ee4643be771726c2544e3e"}
+Authenticating with gds_sso strategy
+  [1m[36mUser Load (0.2ms)[0m  [1mSELECT "users".* FROM "users" WHERE "users"."uid" = 'integration-uid' LIMIT 1[0m
+  [1m[35m (0.1ms)[0m  begin transaction
+  [1m[36m (0.2ms)[0m  [1mUPDATE "users" SET "permissions" = '---
+- signin
+' WHERE "users"."id" = 6[0m
+  [1m[35m (6.9ms)[0m  commit transaction
+  [1m[36m (0.0ms)[0m  [1mbegin transaction[0m
+  [1m[35m (0.1ms)[0m  UPDATE "users" SET "permissions" = '---
+- signin
+' WHERE "users"."id" = 6
+  [1m[36m (3.8ms)[0m  [1mcommit transaction[0m
+Redirected to http://www.example-client.com/restricted
+Completed 302 Found in 20.8ms (ActiveRecord: 11.4ms)
+Started GET "/restricted" for 127.0.0.1 at 2013-10-30 14:58:44 +0000
+Processing by ExampleController#restricted as HTML
+  [1m[35mUser Load (0.1ms)[0m  SELECT "users".* FROM "users" WHERE "users"."uid" = 'integration-uid' LIMIT 1
+Completed 200 OK in 1.3ms (Views: 0.5ms | ActiveRecord: 0.1ms)
+Started GET "/restricted" for 127.0.0.1 at 2013-10-31 10:53:44 +0000
+Processing by ExampleController#restricted as HTML
+  [1m[36mUser Load (0.1ms)[0m  [1mSELECT "users".* FROM "users" WHERE "users"."uid" = 'integration-uid' LIMIT 1[0m
+Completed 200 OK in 1.0ms (Views: 0.2ms | ActiveRecord: 0.1ms)
+Started GET "/restricted" for 127.0.0.1 at 2013-10-30 14:58:44 +0000
+Processing by ExampleController#restricted as JSON
+Authenticating with gds_sso_api_access strategy
+Completed   in 2.3ms
+Started GET "/restricted" for 127.0.0.1 at 2013-10-30 14:58:44 +0000
+Processing by ExampleController#restricted as JSON
+Authenticating with gds_sso_api_access strategy
+Completed 200 OK in 1.3ms (Views: 0.5ms | ActiveRecord: 0.0ms)
+Started GET "/this_requires_signin_permission" for 127.0.0.1 at 2013-10-30 14:58:44 +0000
+Processing by ExampleController#this_requires_signin_permission as JSON
+Authenticating with gds_sso_api_access strategy
+Completed 200 OK in 1.1ms (Views: 0.2ms | ActiveRecord: 0.0ms)
+Started GET "/restricted" for 127.0.0.1 at 2013-10-30 14:58:44 +0000
+Processing by ExampleController#restricted as JSON
+Authenticating with gds_bearer_token strategy
+Completed   in 8.2ms
+Started GET "/restricted" for 127.0.0.1 at 2013-10-30 14:58:44 +0000
+Processing by ExampleController#restricted as JSON
+Authenticating with gds_bearer_token strategy
+  [1m[35mUser Load (0.2ms)[0m  SELECT "users".* FROM "users" WHERE "users"."uid" = 'integration-uid' LIMIT 1
+  [1m[36m (0.1ms)[0m  [1mbegin transaction[0m
+  [1m[35m (0.2ms)[0m  UPDATE "users" SET "permissions" = '---
+- signin
+' WHERE "users"."id" = 6
+  [1m[36m (5.1ms)[0m  [1mcommit transaction[0m
+  [1m[35m (0.0ms)[0m  begin transaction
+  [1m[36m (0.1ms)[0m  [1mUPDATE "users" SET "permissions" = '---
+- signin
+' WHERE "users"."id" = 6[0m
+  [1m[35m (3.4ms)[0m  commit transaction
+Completed 200 OK in 41.7ms (Views: 0.3ms | ActiveRecord: 9.2ms)
+Started GET "/this_requires_signin_permission" for 127.0.0.1 at 2013-10-30 14:58:44 +0000
+Processing by ExampleController#this_requires_signin_permission as JSON
+Authenticating with gds_bearer_token strategy
+  [1m[36mUser Load (0.2ms)[0m  [1mSELECT "users".* FROM "users" WHERE "users"."uid" = 'integration-uid' LIMIT 1[0m
+  [1m[35m (0.1ms)[0m  begin transaction
+  [1m[36m (0.2ms)[0m  [1mUPDATE "users" SET "permissions" = '---
+- signin
+' WHERE "users"."id" = 6[0m
+  [1m[35m (4.4ms)[0m  commit transaction
+  [1m[36m (0.0ms)[0m  [1mbegin transaction[0m
+  [1m[35m (0.1ms)[0m  UPDATE "users" SET "permissions" = '---
+- signin
+' WHERE "users"."id" = 6
+  [1m[36m (2.8ms)[0m  [1mcommit transaction[0m
+Completed 200 OK in 40.3ms (Views: 0.3ms | ActiveRecord: 7.8ms)
+Connecting to database specified by database.yml
+  [1m[36m (0.9ms)[0m  [1mselect sqlite_version(*)[0m
+  [1m[35m (9.6ms)[0m  DROP TABLE "users"
+  [1m[36m (3.6ms)[0m  [1mCREATE TABLE "users" ("id" INTEGER PRIMARY KEY AUTOINCREMENT NOT NULL, "name" varchar(255) NOT NULL, "uid" varchar(255) NOT NULL, "email" varchar(255) NOT NULL, "remotely_signed_out" boolean, "permissions" text) [0m
+  [1m[35m (0.1ms)[0m  begin transaction
+  [1m[36mSQL (2.4ms)[0m  [1mINSERT INTO "users" ("email", "name", "permissions", "remotely_signed_out", "uid") VALUES (?, ?, ?, ?, ?)[0m  [["email", "old@domain.com"], ["name", "Moshua Jarshall"], ["permissions", "---\n- signin\n"], ["remotely_signed_out", nil], ["uid", "a1s2d3613"]]
+  [1m[35m (4.7ms)[0m  commit transaction
+  [1m[36m (0.1ms)[0m  [1mbegin transaction[0m
+  [1m[35mSQL (0.2ms)[0m  INSERT INTO "users" ("email", "name", "permissions", "remotely_signed_out", "uid") VALUES (?, ?, ?, ?, ?)  [["email", "ssopushuser@legit.com"], ["name", "SSO Push user"], ["permissions", "---\n- signin\n- user_update_permission\n"], ["remotely_signed_out", nil], ["uid", "a1s2d39406"]]
+  [1m[36m (3.1ms)[0m  [1mcommit transaction[0m
+WARNING: Can't mass-assign protected attributes: uid, name, permissions
+Processing by Api::UserController#update as HTML
+  Parameters: {"uid"=>"a1s2d3613"}
+  Rendered /home/jenkins/workspace/govuk_gds_sso/app/views/authorisations/unauthorised.html.erb within layouts/unauthorised (0.9ms)
+Completed 403 Forbidden in 7.3ms (Views: 6.6ms | ActiveRecord: 0.0ms)
+  [1m[35m (0.1ms)[0m  begin transaction
+  [1m[36mSQL (0.2ms)[0m  [1mINSERT INTO "users" ("email", "name", "permissions", "remotely_signed_out", "uid") VALUES (?, ?, ?, ?, ?)[0m  [["email", "old@domain.com"], ["name", "Moshua Jarshall"], ["permissions", "---\n- signin\n"], ["remotely_signed_out", nil], ["uid", "a1s2d31738"]]
+  [1m[35m (3.9ms)[0m  commit transaction
+  [1m[36m (0.1ms)[0m  [1mbegin transaction[0m
+  [1m[35mSQL (0.2ms)[0m  INSERT INTO "users" ("email", "name", "permissions", "remotely_signed_out", "uid") VALUES (?, ?, ?, ?, ?)  [["email", "ssopushuser@legit.com"], ["name", "SSO Push user"], ["permissions", "---\n- signin\n- user_update_permission\n"], ["remotely_signed_out", nil], ["uid", "a1s2d39354"]]
+  [1m[36m (3.7ms)[0m  [1mcommit transaction[0m
+Processing by Api::UserController#update as HTML
+  Parameters: {"uid"=>"a1s2d31738"}
+  [1m[35mUser Load (0.3ms)[0m  SELECT "users".* FROM "users" WHERE "users"."uid" = 'a1s2d31738' LIMIT 1
+  [1m[36m (0.1ms)[0m  [1mbegin transaction[0m
+  [1m[35m (0.2ms)[0m  UPDATE "users" SET "email" = 'user@domain.com', "name" = 'Joshua Marshall', "permissions" = '---
+- signin
+- new permission
+' WHERE "users"."id" = 3
+  [1m[36m (3.4ms)[0m  [1mcommit transaction[0m
+Completed 200 OK in 13.5ms (ActiveRecord: 4.0ms)
+  [1m[35mUser Load (0.2ms)[0m  SELECT "users".* FROM "users" WHERE "users"."id" = ? LIMIT 1  [["id", 3]]
+  [1m[36m (0.1ms)[0m  [1mbegin transaction[0m
+  [1m[35mSQL (0.2ms)[0m  INSERT INTO "users" ("email", "name", "permissions", "remotely_signed_out", "uid") VALUES (?, ?, ?, ?, ?)  [["email", "old@domain.com"], ["name", "Moshua Jarshall"], ["permissions", "---\n- signin\n"], ["remotely_signed_out", nil], ["uid", "a1s2d33165"]]
+  [1m[36m (3.7ms)[0m  [1mcommit transaction[0m
+  [1m[35m (0.0ms)[0m  begin transaction
+  [1m[36mSQL (0.2ms)[0m  [1mINSERT INTO "users" ("email", "name", "permissions", "remotely_signed_out", "uid") VALUES (?, ?, ?, ?, ?)[0m  [["email", "ssopushuser@legit.com"], ["name", "SSO Push user"], ["permissions", "---\n- signin\n- user_update_permission\n"], ["remotely_signed_out", nil], ["uid", "a1s2d31198"]]
+  [1m[35m (3.6ms)[0m  commit transaction
+WARNING: Can't mass-assign protected attributes: uid, name, permissions
+Processing by Api::UserController#reauth as HTML
+  Parameters: {"uid"=>"a1s2d33165"}
+Completed 403 Forbidden in 1.8ms (Views: 1.1ms | ActiveRecord: 0.0ms)
+  [1m[36m (0.1ms)[0m  [1mbegin transaction[0m
+  [1m[35mSQL (0.3ms)[0m  INSERT INTO "users" ("email", "name", "permissions", "remotely_signed_out", "uid") VALUES (?, ?, ?, ?, ?)  [["email", "old@domain.com"], ["name", "Moshua Jarshall"], ["permissions", "---\n- signin\n"], ["remotely_signed_out", nil], ["uid", "a1s2d39677"]]
+  [1m[36m (3.0ms)[0m  [1mcommit transaction[0m
+  [1m[35m (0.0ms)[0m  begin transaction
+  [1m[36mSQL (0.2ms)[0m  [1mINSERT INTO "users" ("email", "name", "permissions", "remotely_signed_out", "uid") VALUES (?, ?, ?, ?, ?)[0m  [["email", "ssopushuser@legit.com"], ["name", "SSO Push user"], ["permissions", "---\n- signin\n- user_update_permission\n"], ["remotely_signed_out", nil], ["uid", "a1s2d37547"]]
+  [1m[35m (2.9ms)[0m  commit transaction
+Processing by Api::UserController#reauth as HTML
+  Parameters: {"uid"=>"nonexistent-user"}
+  [1m[36mUser Load (0.2ms)[0m  [1mSELECT "users".* FROM "users" WHERE "users"."uid" = 'nonexistent-user' LIMIT 1[0m
+Completed 200 OK in 1.2ms (ActiveRecord: 0.2ms)
+  [1m[35m (0.1ms)[0m  begin transaction
+  [1m[36mSQL (0.2ms)[0m  [1mINSERT INTO "users" ("email", "name", "permissions", "remotely_signed_out", "uid") VALUES (?, ?, ?, ?, ?)[0m  [["email", "old@domain.com"], ["name", "Moshua Jarshall"], ["permissions", "---\n- signin\n"], ["remotely_signed_out", nil], ["uid", "a1s2d32000"]]
+  [1m[35m (3.4ms)[0m  commit transaction
+  [1m[36m (0.0ms)[0m  [1mbegin transaction[0m
+  [1m[35mSQL (0.1ms)[0m  INSERT INTO "users" ("email", "name", "permissions", "remotely_signed_out", "uid") VALUES (?, ?, ?, ?, ?)  [["email", "ssopushuser@legit.com"], ["name", "SSO Push user"], ["permissions", "---\n- signin\n- user_update_permission\n"], ["remotely_signed_out", nil], ["uid", "a1s2d34762"]]
+  [1m[36m (3.5ms)[0m  [1mcommit transaction[0m
+Processing by Api::UserController#reauth as HTML
+  Parameters: {"uid"=>"a1s2d32000"}
+  [1m[35mUser Load (0.2ms)[0m  SELECT "users".* FROM "users" WHERE "users"."uid" = 'a1s2d32000' LIMIT 1
+  [1m[36m (0.0ms)[0m  [1mbegin transaction[0m
+  [1m[35m (0.2ms)[0m  UPDATE "users" SET "remotely_signed_out" = 't', "permissions" = '---
+- signin
+' WHERE "users"."id" = 9
+  [1m[36m (3.0ms)[0m  [1mcommit transaction[0m
+Completed 200 OK in 7.7ms (ActiveRecord: 3.4ms)
+  [1m[35mUser Load (0.1ms)[0m  SELECT "users".* FROM "users" WHERE "users"."id" = ? LIMIT 1  [["id", 9]]
+Started GET "/" for 127.0.0.1 at 2013-10-31 11:29:45 +0000
+Processing by ExampleController#index as HTML
+Completed 200 OK in 2.4ms (Views: 1.9ms | ActiveRecord: 0.0ms)
+Started GET "/restricted" for 127.0.0.1 at 2013-10-31 11:29:45 +0000
+Processing by ExampleController#restricted as HTML
+Authenticating with gds_sso strategy
+Completed   in 2.9ms
+Started GET "/auth/gds" for 127.0.0.1 at 2013-10-31 11:29:45 +0000
+Started GET "/auth/gds/callback?code=ea334fb3f4df36c7eff38383bec4d2da86f369e516c7896d81474995968f178b&state=d67b7b12aff13a8cea87ebf60dd9aefaf48c33b2cbd4c714" for 127.0.0.1 at 2013-10-31 11:29:46 +0000
+Processing by AuthenticationsController#callback as HTML
+  Parameters: {"code"=>"ea334fb3f4df36c7eff38383bec4d2da86f369e516c7896d81474995968f178b", "state"=>"d67b7b12aff13a8cea87ebf60dd9aefaf48c33b2cbd4c714"}
+Authenticating with gds_sso strategy
+  [1m[36mUser Load (0.2ms)[0m  [1mSELECT "users".* FROM "users" WHERE "users"."uid" = 'integration-uid' LIMIT 1[0m
+  [1m[35m (0.1ms)[0m  begin transaction
+  [1m[36mSQL (0.2ms)[0m  [1mINSERT INTO "users" ("email", "name", "permissions", "remotely_signed_out", "uid") VALUES (?, ?, ?, ?, ?)[0m  [["email", "test@example-client.com"], ["name", "Test User"], ["permissions", "---\n- signin\n"], ["remotely_signed_out", nil], ["uid", "integration-uid"]]
+  [1m[35m (5.9ms)[0m  commit transaction
+  [1m[36m (0.0ms)[0m  [1mbegin transaction[0m
+  [1m[35m (0.2ms)[0m  UPDATE "users" SET "remotely_signed_out" = 'f', "permissions" = '---
+- signin
+' WHERE "users"."id" = 11
+  [1m[36m (4.2ms)[0m  [1mcommit transaction[0m
+Redirected to http://www.example-client.com/restricted
+Completed 302 Found in 18.7ms (ActiveRecord: 10.7ms)
+Started GET "/restricted" for 127.0.0.1 at 2013-10-31 11:29:46 +0000
+Processing by ExampleController#restricted as HTML
+  [1m[35mUser Load (0.1ms)[0m  SELECT "users".* FROM "users" WHERE "users"."uid" = 'integration-uid' LIMIT 1
+Completed 200 OK in 1.4ms (Views: 0.4ms | ActiveRecord: 0.1ms)
+Started GET "/restricted" for 127.0.0.1 at 2013-10-31 11:29:46 +0000
+Processing by ExampleController#restricted as HTML
+Authenticating with gds_sso strategy
+Completed   in 0.4ms
+Started GET "/auth/gds" for 127.0.0.1 at 2013-10-31 11:29:46 +0000
+Started GET "/auth/gds/callback?code=7a505bdc1b787708ade7037c58aaa9515efc32cc3eca3f1dc839c77fca810bb7&state=3de4c55203f7ac53b7f1f125f3f9289f04e113ec763ffc56" for 127.0.0.1 at 2013-10-31 11:29:46 +0000
+Processing by AuthenticationsController#callback as HTML
+  Parameters: {"code"=>"7a505bdc1b787708ade7037c58aaa9515efc32cc3eca3f1dc839c77fca810bb7", "state"=>"3de4c55203f7ac53b7f1f125f3f9289f04e113ec763ffc56"}
+Authenticating with gds_sso strategy
+  [1m[36mUser Load (0.2ms)[0m  [1mSELECT "users".* FROM "users" WHERE "users"."uid" = 'integration-uid' LIMIT 1[0m
+  [1m[35m (0.1ms)[0m  begin transaction
+  [1m[36m (0.2ms)[0m  [1mUPDATE "users" SET "permissions" = '---
+- signin
+' WHERE "users"."id" = 11[0m
+  [1m[35m (4.3ms)[0m  commit transaction
+  [1m[36m (0.0ms)[0m  [1mbegin transaction[0m
+  [1m[35m (0.1ms)[0m  UPDATE "users" SET "permissions" = '---
+- signin
+' WHERE "users"."id" = 11
+  [1m[36m (4.3ms)[0m  [1mcommit transaction[0m
+Redirected to http://www.example-client.com/restricted
+Completed 302 Found in 18.7ms (ActiveRecord: 9.2ms)
+Started GET "/restricted" for 127.0.0.1 at 2013-10-31 11:29:46 +0000
+Processing by ExampleController#restricted as HTML
+  [1m[35mUser Load (0.1ms)[0m  SELECT "users".* FROM "users" WHERE "users"."uid" = 'integration-uid' LIMIT 1
+Completed 200 OK in 1.3ms (Views: 0.4ms | ActiveRecord: 0.1ms)
+Started GET "/restricted" for 127.0.0.1 at 2013-10-31 11:29:46 +0000
+Processing by ExampleController#restricted as HTML
+Authenticating with gds_sso strategy
+Completed   in 0.2ms
+Started GET "/auth/gds" for 127.0.0.1 at 2013-10-31 11:29:46 +0000
+Started GET "/auth/gds/callback?code=f07c04e96868fd3c6c5bb2c39badad39dd08a634599c0fa95170ee5d4efb7329&state=64ce1792109d2001ee22c503eaeb791031d87ebc03c0c2a9" for 127.0.0.1 at 2013-10-31 11:29:47 +0000
+Processing by AuthenticationsController#callback as HTML
+  Parameters: {"code"=>"f07c04e96868fd3c6c5bb2c39badad39dd08a634599c0fa95170ee5d4efb7329", "state"=>"64ce1792109d2001ee22c503eaeb791031d87ebc03c0c2a9"}
+Authenticating with gds_sso strategy
+  [1m[36mUser Load (0.2ms)[0m  [1mSELECT "users".* FROM "users" WHERE "users"."uid" = 'integration-uid' LIMIT 1[0m
+  [1m[35m (0.1ms)[0m  begin transaction
+  [1m[36m (0.2ms)[0m  [1mUPDATE "users" SET "permissions" = '---
+- signin
+' WHERE "users"."id" = 11[0m
+  [1m[35m (7.0ms)[0m  commit transaction
+  [1m[36m (0.0ms)[0m  [1mbegin transaction[0m
+  [1m[35m (0.1ms)[0m  UPDATE "users" SET "permissions" = '---
+- signin
+' WHERE "users"."id" = 11
+  [1m[36m (4.4ms)[0m  [1mcommit transaction[0m
+Redirected to http://www.example-client.com/restricted
+Completed 302 Found in 20.2ms (ActiveRecord: 12.0ms)
+Started GET "/restricted" for 127.0.0.1 at 2013-10-31 11:29:47 +0000
+Processing by ExampleController#restricted as HTML
+  [1m[35mUser Load (0.2ms)[0m  SELECT "users".* FROM "users" WHERE "users"."uid" = 'integration-uid' LIMIT 1
+Completed 200 OK in 1.4ms (Views: 0.3ms | ActiveRecord: 0.2ms)
+Started GET "/this_requires_signin_permission" for 127.0.0.1 at 2013-10-31 11:29:47 +0000
+Processing by ExampleController#this_requires_signin_permission as HTML
+Authenticating with gds_sso strategy
+Completed   in 0.9ms
+Started GET "/auth/gds" for 127.0.0.1 at 2013-10-31 11:29:47 +0000
+Started GET "/auth/gds/callback?code=eb48b4542e41de858cb1401917bd3b45b5310dfe41d58559e313d07c9d9bbead&state=fb0c181bcb7e5c4dc4e04cbdceb84dccf2c9ae04cb312be1" for 127.0.0.1 at 2013-10-31 11:29:47 +0000
+Processing by AuthenticationsController#callback as HTML
+  Parameters: {"code"=>"eb48b4542e41de858cb1401917bd3b45b5310dfe41d58559e313d07c9d9bbead", "state"=>"fb0c181bcb7e5c4dc4e04cbdceb84dccf2c9ae04cb312be1"}
+Authenticating with gds_sso strategy
+  [1m[36mUser Load (0.3ms)[0m  [1mSELECT "users".* FROM "users" WHERE "users"."uid" = 'integration-uid' LIMIT 1[0m
+  [1m[35m (0.1ms)[0m  begin transaction
+  [1m[36m (0.2ms)[0m  [1mUPDATE "users" SET "permissions" = '---
+- signin
+' WHERE "users"."id" = 11[0m
+  [1m[35m (5.2ms)[0m  commit transaction
+  [1m[36m (0.0ms)[0m  [1mbegin transaction[0m
+  [1m[35m (0.1ms)[0m  UPDATE "users" SET "permissions" = '---
+- signin
+' WHERE "users"."id" = 11
+  [1m[36m (4.6ms)[0m  [1mcommit transaction[0m
+Redirected to http://www.example-client.com/this_requires_signin_permission
+Completed 302 Found in 20.7ms (ActiveRecord: 10.5ms)
+Started GET "/this_requires_signin_permission" for 127.0.0.1 at 2013-10-31 11:29:47 +0000
+Processing by ExampleController#this_requires_signin_permission as HTML
+  [1m[35mUser Load (0.1ms)[0m  SELECT "users".* FROM "users" WHERE "users"."uid" = 'integration-uid' LIMIT 1
+Completed 200 OK in 3.4ms (Views: 0.5ms | ActiveRecord: 0.1ms)
+Started GET "/this_requires_signin_permission" for 127.0.0.1 at 2013-10-31 11:29:47 +0000
+Processing by ExampleController#this_requires_signin_permission as HTML
+Authenticating with gds_sso strategy
+Completed   in 0.2ms
+Started GET "/auth/gds" for 127.0.0.1 at 2013-10-31 11:29:47 +0000
+Started GET "/auth/gds/callback?code=bbad64af30b3ceb0f0bea70f55c5cdfc9b944597b0c5f895898ce7aae891d2fa&state=062b39ebbf6cadda37ad07b6d4d97cb3ecfb9c860385c083" for 127.0.0.1 at 2013-10-31 11:29:47 +0000
+Processing by AuthenticationsController#callback as HTML
+  Parameters: {"code"=>"bbad64af30b3ceb0f0bea70f55c5cdfc9b944597b0c5f895898ce7aae891d2fa", "state"=>"062b39ebbf6cadda37ad07b6d4d97cb3ecfb9c860385c083"}
+Authenticating with gds_sso strategy
+  [1m[36mUser Load (0.2ms)[0m  [1mSELECT "users".* FROM "users" WHERE "users"."uid" = 'integration-uid' LIMIT 1[0m
+  [1m[35m (0.1ms)[0m  begin transaction
+  [1m[36m (0.2ms)[0m  [1mUPDATE "users" SET "permissions" = '---
+- signin
+' WHERE "users"."id" = 11[0m
+  [1m[35m (4.7ms)[0m  commit transaction
+  [1m[36m (0.0ms)[0m  [1mbegin transaction[0m
+  [1m[35m (0.1ms)[0m  UPDATE "users" SET "permissions" = '---
+- signin
+' WHERE "users"."id" = 11
+  [1m[36m (3.5ms)[0m  [1mcommit transaction[0m
+Redirected to http://www.example-client.com/this_requires_signin_permission
+Completed 302 Found in 16.7ms (ActiveRecord: 8.8ms)
+Started GET "/this_requires_signin_permission" for 127.0.0.1 at 2013-10-31 11:29:47 +0000
+Processing by ExampleController#this_requires_signin_permission as HTML
+  [1m[35mUser Load (0.1ms)[0m  SELECT "users".* FROM "users" WHERE "users"."uid" = 'integration-uid' LIMIT 1
+Completed 200 OK in 2.9ms (Views: 0.3ms | ActiveRecord: 0.1ms)
+Started GET "/restricted" for 127.0.0.1 at 2013-10-31 11:29:47 +0000
+Processing by ExampleController#restricted as HTML
+Authenticating with gds_sso strategy
+Completed   in 0.3ms
+Started GET "/auth/gds" for 127.0.0.1 at 2013-10-31 11:29:47 +0000
+Started GET "/auth/gds/callback?code=70eb8cc2821db0bdb529fd3426c94b99d68c7e4eb12b778e61dd50403acf6aad&state=fe739fcb50889b85a8af8277a420601f13d7ae36ba79f0a3" for 127.0.0.1 at 2013-10-31 11:29:48 +0000
+Processing by AuthenticationsController#callback as HTML
+  Parameters: {"code"=>"70eb8cc2821db0bdb529fd3426c94b99d68c7e4eb12b778e61dd50403acf6aad", "state"=>"fe739fcb50889b85a8af8277a420601f13d7ae36ba79f0a3"}
+Authenticating with gds_sso strategy
+  [1m[36mUser Load (0.2ms)[0m  [1mSELECT "users".* FROM "users" WHERE "users"."uid" = 'integration-uid' LIMIT 1[0m
+  [1m[35m (0.1ms)[0m  begin transaction
+  [1m[36m (0.2ms)[0m  [1mUPDATE "users" SET "permissions" = '---
+- signin
+' WHERE "users"."id" = 11[0m
+  [1m[35m (4.8ms)[0m  commit transaction
+  [1m[36m (0.0ms)[0m  [1mbegin transaction[0m
+  [1m[35m (0.2ms)[0m  UPDATE "users" SET "permissions" = '---
+- signin
+' WHERE "users"."id" = 11
+  [1m[36m (3.0ms)[0m  [1mcommit transaction[0m
+Redirected to http://www.example-client.com/restricted
+Completed 302 Found in 19.0ms (ActiveRecord: 8.5ms)
+Started GET "/restricted" for 127.0.0.1 at 2013-10-31 11:29:48 +0000
+Processing by ExampleController#restricted as HTML
+  [1m[35mUser Load (0.1ms)[0m  SELECT "users".* FROM "users" WHERE "users"."uid" = 'integration-uid' LIMIT 1
+Completed 200 OK in 1.4ms (Views: 0.5ms | ActiveRecord: 0.1ms)
+  [1m[36mUser Load (0.1ms)[0m  [1mSELECT "users".* FROM "users" WHERE "users"."uid" = 'integration-uid' LIMIT 1[0m
+  [1m[35m (0.0ms)[0m  begin transaction
+  [1m[36m (0.1ms)[0m  [1mUPDATE "users" SET "remotely_signed_out" = 't', "permissions" = '---
+- signin
+' WHERE "users"."id" = 11[0m
+  [1m[35m (3.1ms)[0m  commit transaction
+Started GET "/restricted" for 127.0.0.1 at 2013-10-31 11:29:48 +0000
+Processing by ExampleController#restricted as HTML
+  [1m[36mUser Load (0.1ms)[0m  [1mSELECT "users".* FROM "users" WHERE "users"."uid" = 'integration-uid' LIMIT 1[0m
+Filter chain halted as :authenticate_user! rendered or redirected
+Completed 403 Forbidden in 3.4ms (Views: 2.4ms | ActiveRecord: 0.1ms)
+Started GET "/auth/gds/sign_out" for 127.0.0.1 at 2013-10-31 11:29:48 +0000
+Processing by AuthenticationsController#sign_out as HTML
+Redirected to http://localhost:4567/users/sign_out
+Completed 302 Found in 0.6ms (ActiveRecord: 0.0ms)
+Started GET "/restricted" for 127.0.0.1 at 2013-10-31 11:29:48 +0000
+Processing by ExampleController#restricted as HTML
+Authenticating with gds_sso strategy
+Completed   in 0.3ms
+Started GET "/auth/gds" for 127.0.0.1 at 2013-10-31 11:29:48 +0000
+Started GET "/auth/gds/callback?code=6df0c015afd6823152c95acc2031d9a240fdbb888069625907109d173c99cbb6&state=d75a201ebc3157d9862f91a78fcfbe4bf2a49e5d16cced59" for 127.0.0.1 at 2013-10-31 11:29:48 +0000
+Processing by AuthenticationsController#callback as HTML
+  Parameters: {"code"=>"6df0c015afd6823152c95acc2031d9a240fdbb888069625907109d173c99cbb6", "state"=>"d75a201ebc3157d9862f91a78fcfbe4bf2a49e5d16cced59"}
+Authenticating with gds_sso strategy
+  [1m[35mUser Load (0.2ms)[0m  SELECT "users".* FROM "users" WHERE "users"."uid" = 'integration-uid' LIMIT 1
+  [1m[36m (0.1ms)[0m  [1mbegin transaction[0m
+  [1m[35m (0.2ms)[0m  UPDATE "users" SET "permissions" = '---
+- signin
+' WHERE "users"."id" = 11
+  [1m[36m (7.1ms)[0m  [1mcommit transaction[0m
+  [1m[35m (0.1ms)[0m  begin transaction
+  [1m[36m (0.2ms)[0m  [1mUPDATE "users" SET "remotely_signed_out" = 'f', "permissions" = '---
+- signin
+' WHERE "users"."id" = 11[0m
+  [1m[35m (4.6ms)[0m  commit transaction
+Redirected to http://www.example-client.com/restricted
+Completed 302 Found in 20.8ms (ActiveRecord: 12.4ms)
+Started GET "/restricted" for 127.0.0.1 at 2013-10-31 11:29:48 +0000
+Processing by ExampleController#restricted as HTML
+  [1m[36mUser Load (0.1ms)[0m  [1mSELECT "users".* FROM "users" WHERE "users"."uid" = 'integration-uid' LIMIT 1[0m
+Completed 200 OK in 1.3ms (Views: 0.3ms | ActiveRecord: 0.1ms)
+Started GET "/restricted" for 127.0.0.1 at 2013-10-31 11:29:48 +0000
+Processing by ExampleController#restricted as HTML
+Authenticating with gds_sso strategy
+Completed   in 0.2ms
+Started GET "/auth/gds" for 127.0.0.1 at 2013-10-31 11:29:48 +0000
+Started GET "/auth/gds/callback?code=f9288ca55b8e6cf4db6c2be2206da8f652cd5e3cdb057317d58b77e9498291de&state=20ec2c50661c7b68bc24e7eae4f9ae9dff2dfeac734f46df" for 127.0.0.1 at 2013-10-31 11:29:48 +0000
+Processing by AuthenticationsController#callback as HTML
+  Parameters: {"code"=>"f9288ca55b8e6cf4db6c2be2206da8f652cd5e3cdb057317d58b77e9498291de", "state"=>"20ec2c50661c7b68bc24e7eae4f9ae9dff2dfeac734f46df"}
+Authenticating with gds_sso strategy
+  [1m[35mUser Load (0.2ms)[0m  SELECT "users".* FROM "users" WHERE "users"."uid" = 'integration-uid' LIMIT 1
+  [1m[36m (0.1ms)[0m  [1mbegin transaction[0m
+  [1m[35m (0.2ms)[0m  UPDATE "users" SET "permissions" = '---
+- signin
+' WHERE "users"."id" = 11
+  [1m[36m (4.6ms)[0m  [1mcommit transaction[0m
+  [1m[35m (0.0ms)[0m  begin transaction
+  [1m[36m (0.1ms)[0m  [1mUPDATE "users" SET "permissions" = '---
+- signin
+' WHERE "users"."id" = 11[0m
+  [1m[35m (3.0ms)[0m  commit transaction
+Redirected to http://www.example-client.com/restricted
+Completed 302 Found in 17.3ms (ActiveRecord: 8.1ms)
+Started GET "/restricted" for 127.0.0.1 at 2013-10-31 11:29:48 +0000
+Processing by ExampleController#restricted as HTML
+  [1m[36mUser Load (0.1ms)[0m  [1mSELECT "users".* FROM "users" WHERE "users"."uid" = 'integration-uid' LIMIT 1[0m
+Completed 200 OK in 1.4ms (Views: 0.4ms | ActiveRecord: 0.1ms)
+Started GET "/restricted" for 127.0.0.1 at 2013-11-01 07:34:48 +0000
+Processing by ExampleController#restricted as HTML
+Authenticating with gds_sso strategy
+Completed   in 0.3ms
+Started GET "/auth/gds" for 127.0.0.1 at 2013-11-01 07:34:48 +0000
+Started GET "/auth/gds/callback?code=a7bbe8723628cc9643b443aeec6d01f157a551459487c75b9d736bed893bc79d&state=4e9244f89282b1883c5ac4453277f0ba1a5c98b362538f12" for 127.0.0.1 at 2013-11-01 07:34:48 +0000
+Processing by AuthenticationsController#callback as HTML
+  Parameters: {"code"=>"a7bbe8723628cc9643b443aeec6d01f157a551459487c75b9d736bed893bc79d", "state"=>"4e9244f89282b1883c5ac4453277f0ba1a5c98b362538f12"}
+Authenticating with gds_sso strategy
+  [1m[35mUser Load (0.2ms)[0m  SELECT "users".* FROM "users" WHERE "users"."uid" = 'integration-uid' LIMIT 1
+  [1m[36m (0.1ms)[0m  [1mbegin transaction[0m
+  [1m[35m (0.2ms)[0m  UPDATE "users" SET "permissions" = '---
+- signin
+' WHERE "users"."id" = 11
+  [1m[36m (4.2ms)[0m  [1mcommit transaction[0m
+  [1m[35m (0.1ms)[0m  begin transaction
+  [1m[36m (0.2ms)[0m  [1mUPDATE "users" SET "permissions" = '---
+- signin
+' WHERE "users"."id" = 11[0m
+  [1m[35m (3.9ms)[0m  commit transaction
+Redirected to http://www.example-client.com/restricted
+Completed 302 Found in 16.8ms (ActiveRecord: 8.7ms)
+Started GET "/restricted" for 127.0.0.1 at 2013-11-01 07:34:49 +0000
+Processing by ExampleController#restricted as HTML
+  [1m[36mUser Load (0.1ms)[0m  [1mSELECT "users".* FROM "users" WHERE "users"."uid" = 'integration-uid' LIMIT 1[0m
+Completed 200 OK in 1.1ms (Views: 0.2ms | ActiveRecord: 0.1ms)
+Started GET "/restricted" for 127.0.0.1 at 2013-10-31 11:29:49 +0000
+Processing by ExampleController#restricted as HTML
+Authenticating with gds_sso strategy
+Completed   in 0.2ms
+Started GET "/auth/gds" for 127.0.0.1 at 2013-10-31 11:29:49 +0000
+Started GET "/auth/gds/callback?code=52fcbae45155f9d60188eb3972067cdb696f2aa0ae878829bf8b8875269407ec&state=00957b3c7b8f4bede1e4b64beda98279a6d7e5aed69274eb" for 127.0.0.1 at 2013-10-31 11:29:49 +0000
+Processing by AuthenticationsController#callback as HTML
+  Parameters: {"code"=>"52fcbae45155f9d60188eb3972067cdb696f2aa0ae878829bf8b8875269407ec", "state"=>"00957b3c7b8f4bede1e4b64beda98279a6d7e5aed69274eb"}
+Authenticating with gds_sso strategy
+  [1m[35mUser Load (0.2ms)[0m  SELECT "users".* FROM "users" WHERE "users"."uid" = 'integration-uid' LIMIT 1
+  [1m[36m (0.1ms)[0m  [1mbegin transaction[0m
+  [1m[35m (0.2ms)[0m  UPDATE "users" SET "permissions" = '---
+- signin
+' WHERE "users"."id" = 11
+  [1m[36m (5.2ms)[0m  [1mcommit transaction[0m
+  [1m[35m (0.0ms)[0m  begin transaction
+  [1m[36m (0.2ms)[0m  [1mUPDATE "users" SET "permissions" = '---
+- signin
+' WHERE "users"."id" = 11[0m
+  [1m[35m (4.3ms)[0m  commit transaction
+Redirected to http://www.example-client.com/restricted
+Completed 302 Found in 19.3ms (ActiveRecord: 10.1ms)
+Started GET "/restricted" for 127.0.0.1 at 2013-10-31 11:29:49 +0000
+Processing by ExampleController#restricted as HTML
+  [1m[36mUser Load (0.1ms)[0m  [1mSELECT "users".* FROM "users" WHERE "users"."uid" = 'integration-uid' LIMIT 1[0m
+Completed 200 OK in 1.3ms (Views: 0.4ms | ActiveRecord: 0.1ms)
+Started GET "/restricted" for 127.0.0.1 at 2013-11-01 07:24:49 +0000
+Processing by ExampleController#restricted as HTML
+  [1m[35mUser Load (0.1ms)[0m  SELECT "users".* FROM "users" WHERE "users"."uid" = 'integration-uid' LIMIT 1
+Completed 200 OK in 1.0ms (Views: 0.2ms | ActiveRecord: 0.1ms)
+Started GET "/restricted" for 127.0.0.1 at 2013-10-31 11:29:49 +0000
+Processing by ExampleController#restricted as JSON
+Authenticating with gds_bearer_token strategy
+Completed   in 8.3ms
+Started GET "/restricted" for 127.0.0.1 at 2013-10-31 11:29:49 +0000
+Processing by ExampleController#restricted as JSON
+Authenticating with gds_bearer_token strategy
+  [1m[36mUser Load (0.2ms)[0m  [1mSELECT "users".* FROM "users" WHERE "users"."uid" = 'integration-uid' LIMIT 1[0m
+  [1m[35m (0.1ms)[0m  begin transaction
+  [1m[36m (0.2ms)[0m  [1mUPDATE "users" SET "permissions" = '---
+- signin
+' WHERE "users"."id" = 11[0m
+  [1m[35m (5.2ms)[0m  commit transaction
+  [1m[36m (0.0ms)[0m  [1mbegin transaction[0m
+  [1m[35m (0.1ms)[0m  UPDATE "users" SET "permissions" = '---
+- signin
+' WHERE "users"."id" = 11
+  [1m[36m (5.0ms)[0m  [1mcommit transaction[0m
+Completed 200 OK in 44.5ms (Views: 0.3ms | ActiveRecord: 10.7ms)
+Started GET "/this_requires_signin_permission" for 127.0.0.1 at 2013-10-31 11:29:49 +0000
+Processing by ExampleController#this_requires_signin_permission as JSON
+Authenticating with gds_bearer_token strategy
+  [1m[35mUser Load (0.3ms)[0m  SELECT "users".* FROM "users" WHERE "users"."uid" = 'integration-uid' LIMIT 1
+  [1m[36m (0.1ms)[0m  [1mbegin transaction[0m
+  [1m[35m (0.2ms)[0m  UPDATE "users" SET "permissions" = '---
+- signin
+' WHERE "users"."id" = 11
+  [1m[36m (3.5ms)[0m  [1mcommit transaction[0m
+  [1m[35m (0.1ms)[0m  begin transaction
+  [1m[36m (0.2ms)[0m  [1mUPDATE "users" SET "permissions" = '---
+- signin
+' WHERE "users"."id" = 11[0m
+  [1m[35m (2.8ms)[0m  commit transaction
+Completed 200 OK in 42.5ms (Views: 0.3ms | ActiveRecord: 7.0ms)
+Connecting to database specified by database.yml
+  [1m[36m (0.9ms)[0m  [1mselect sqlite_version(*)[0m
+  [1m[35m (7.1ms)[0m  DROP TABLE "users"
+  [1m[36m (4.9ms)[0m  [1mCREATE TABLE "users" ("id" INTEGER PRIMARY KEY AUTOINCREMENT NOT NULL, "name" varchar(255) NOT NULL, "uid" varchar(255) NOT NULL, "email" varchar(255) NOT NULL, "remotely_signed_out" boolean, "permissions" text) [0m
+  [1m[35m (0.1ms)[0m  begin transaction
+  [1m[36mSQL (2.2ms)[0m  [1mINSERT INTO "users" ("email", "name", "permissions", "remotely_signed_out", "uid") VALUES (?, ?, ?, ?, ?)[0m  [["email", "old@domain.com"], ["name", "Moshua Jarshall"], ["permissions", "---\n- signin\n"], ["remotely_signed_out", nil], ["uid", "a1s2d34045"]]
+  [1m[35m (4.0ms)[0m  commit transaction
+  [1m[36m (0.1ms)[0m  [1mbegin transaction[0m
+  [1m[35mSQL (0.2ms)[0m  INSERT INTO "users" ("email", "name", "permissions", "remotely_signed_out", "uid") VALUES (?, ?, ?, ?, ?)  [["email", "ssopushuser@legit.com"], ["name", "SSO Push user"], ["permissions", "---\n- signin\n- user_update_permission\n"], ["remotely_signed_out", nil], ["uid", "a1s2d34401"]]
+  [1m[36m (3.8ms)[0m  [1mcommit transaction[0m
+WARNING: Can't mass-assign protected attributes: uid, name, permissions
+Processing by Api::UserController#update as HTML
+  Parameters: {"uid"=>"a1s2d34045"}
+  Rendered /home/jenkins/workspace/govuk_gds_sso/app/views/authorisations/unauthorised.html.erb within layouts/unauthorised (1.0ms)
+Completed 403 Forbidden in 7.1ms (Views: 6.4ms | ActiveRecord: 0.0ms)
+  [1m[35m (0.1ms)[0m  begin transaction
+  [1m[36mSQL (0.2ms)[0m  [1mINSERT INTO "users" ("email", "name", "permissions", "remotely_signed_out", "uid") VALUES (?, ?, ?, ?, ?)[0m  [["email", "old@domain.com"], ["name", "Moshua Jarshall"], ["permissions", "---\n- signin\n"], ["remotely_signed_out", nil], ["uid", "a1s2d37401"]]
+  [1m[35m (4.9ms)[0m  commit transaction
+  [1m[36m (0.1ms)[0m  [1mbegin transaction[0m
+  [1m[35mSQL (0.2ms)[0m  INSERT INTO "users" ("email", "name", "permissions", "remotely_signed_out", "uid") VALUES (?, ?, ?, ?, ?)  [["email", "ssopushuser@legit.com"], ["name", "SSO Push user"], ["permissions", "---\n- signin\n- user_update_permission\n"], ["remotely_signed_out", nil], ["uid", "a1s2d38417"]]
+  [1m[36m (5.1ms)[0m  [1mcommit transaction[0m
+Processing by Api::UserController#update as HTML
+  Parameters: {"uid"=>"a1s2d37401"}
+  [1m[35mUser Load (0.2ms)[0m  SELECT "users".* FROM "users" WHERE "users"."uid" = 'a1s2d37401' LIMIT 1
+  [1m[36m (0.1ms)[0m  [1mbegin transaction[0m
+  [1m[35m (0.2ms)[0m  UPDATE "users" SET "email" = 'user@domain.com', "name" = 'Joshua Marshall', "permissions" = '---
+- signin
+- new permission
+' WHERE "users"."id" = 3
+  [1m[36m (4.1ms)[0m  [1mcommit transaction[0m
+Completed 200 OK in 14.6ms (ActiveRecord: 4.6ms)
+  [1m[35mUser Load (0.2ms)[0m  SELECT "users".* FROM "users" WHERE "users"."id" = ? LIMIT 1  [["id", 3]]
+  [1m[36m (0.1ms)[0m  [1mbegin transaction[0m
+  [1m[35mSQL (0.2ms)[0m  INSERT INTO "users" ("email", "name", "permissions", "remotely_signed_out", "uid") VALUES (?, ?, ?, ?, ?)  [["email", "old@domain.com"], ["name", "Moshua Jarshall"], ["permissions", "---\n- signin\n"], ["remotely_signed_out", nil], ["uid", "a1s2d3357"]]
+  [1m[36m (7.3ms)[0m  [1mcommit transaction[0m
+  [1m[35m (0.1ms)[0m  begin transaction
+  [1m[36mSQL (0.2ms)[0m  [1mINSERT INTO "users" ("email", "name", "permissions", "remotely_signed_out", "uid") VALUES (?, ?, ?, ?, ?)[0m  [["email", "ssopushuser@legit.com"], ["name", "SSO Push user"], ["permissions", "---\n- signin\n- user_update_permission\n"], ["remotely_signed_out", nil], ["uid", "a1s2d35680"]]
+  [1m[35m (9.0ms)[0m  commit transaction
+WARNING: Can't mass-assign protected attributes: uid, name, permissions
+Processing by Api::UserController#reauth as HTML
+  Parameters: {"uid"=>"a1s2d3357"}
+Completed 403 Forbidden in 2.1ms (Views: 1.3ms | ActiveRecord: 0.0ms)
+  [1m[36m (0.1ms)[0m  [1mbegin transaction[0m
+  [1m[35mSQL (0.2ms)[0m  INSERT INTO "users" ("email", "name", "permissions", "remotely_signed_out", "uid") VALUES (?, ?, ?, ?, ?)  [["email", "old@domain.com"], ["name", "Moshua Jarshall"], ["permissions", "---\n- signin\n"], ["remotely_signed_out", nil], ["uid", "a1s2d33521"]]
+  [1m[36m (13.4ms)[0m  [1mcommit transaction[0m
+  [1m[35m (0.1ms)[0m  begin transaction
+  [1m[36mSQL (0.2ms)[0m  [1mINSERT INTO "users" ("email", "name", "permissions", "remotely_signed_out", "uid") VALUES (?, ?, ?, ?, ?)[0m  [["email", "ssopushuser@legit.com"], ["name", "SSO Push user"], ["permissions", "---\n- signin\n- user_update_permission\n"], ["remotely_signed_out", nil], ["uid", "a1s2d34941"]]
+  [1m[35m (3.6ms)[0m  commit transaction
+Processing by Api::UserController#reauth as HTML
+  Parameters: {"uid"=>"nonexistent-user"}
+  [1m[36mUser Load (0.3ms)[0m  [1mSELECT "users".* FROM "users" WHERE "users"."uid" = 'nonexistent-user' LIMIT 1[0m
+Completed 200 OK in 1.3ms (ActiveRecord: 0.3ms)
+  [1m[35m (0.1ms)[0m  begin transaction
+  [1m[36mSQL (0.2ms)[0m  [1mINSERT INTO "users" ("email", "name", "permissions", "remotely_signed_out", "uid") VALUES (?, ?, ?, ?, ?)[0m  [["email", "old@domain.com"], ["name", "Moshua Jarshall"], ["permissions", "---\n- signin\n"], ["remotely_signed_out", nil], ["uid", "a1s2d31774"]]
+  [1m[35m (5.1ms)[0m  commit transaction
+  [1m[36m (0.0ms)[0m  [1mbegin transaction[0m
+  [1m[35mSQL (0.1ms)[0m  INSERT INTO "users" ("email", "name", "permissions", "remotely_signed_out", "uid") VALUES (?, ?, ?, ?, ?)  [["email", "ssopushuser@legit.com"], ["name", "SSO Push user"], ["permissions", "---\n- signin\n- user_update_permission\n"], ["remotely_signed_out", nil], ["uid", "a1s2d31106"]]
+  [1m[36m (5.0ms)[0m  [1mcommit transaction[0m
+Processing by Api::UserController#reauth as HTML
+  Parameters: {"uid"=>"a1s2d31774"}
+  [1m[35mUser Load (0.2ms)[0m  SELECT "users".* FROM "users" WHERE "users"."uid" = 'a1s2d31774' LIMIT 1
+  [1m[36m (0.1ms)[0m  [1mbegin transaction[0m
+  [1m[35m (0.2ms)[0m  UPDATE "users" SET "remotely_signed_out" = 't', "permissions" = '---
+- signin
+' WHERE "users"."id" = 9
+  [1m[36m (4.7ms)[0m  [1mcommit transaction[0m
+Completed 200 OK in 9.7ms (ActiveRecord: 5.2ms)
+  [1m[35mUser Load (0.1ms)[0m  SELECT "users".* FROM "users" WHERE "users"."id" = ? LIMIT 1  [["id", 9]]
+Started GET "/" for 127.0.0.1 at 2013-10-31 11:38:29 +0000
+Processing by ExampleController#index as HTML
+Completed 200 OK in 2.5ms (Views: 2.0ms | ActiveRecord: 0.0ms)
+Started GET "/restricted" for 127.0.0.1 at 2013-10-31 11:38:29 +0000
+Processing by ExampleController#restricted as HTML
+Authenticating with gds_sso strategy
+Completed   in 3.1ms
+Started GET "/auth/gds" for 127.0.0.1 at 2013-10-31 11:38:29 +0000
+Started GET "/auth/gds/callback?code=7076c155ba2e6b897d4be0cea184f3ee669c54789ff8df4f3ec6303689e63f25&state=770ee508b2b88449dc584a5e510d496412f38273cc5e1f93" for 127.0.0.1 at 2013-10-31 11:38:30 +0000
+Processing by AuthenticationsController#callback as HTML
+  Parameters: {"code"=>"7076c155ba2e6b897d4be0cea184f3ee669c54789ff8df4f3ec6303689e63f25", "state"=>"770ee508b2b88449dc584a5e510d496412f38273cc5e1f93"}
+Authenticating with gds_sso strategy
+  [1m[36mUser Load (0.2ms)[0m  [1mSELECT "users".* FROM "users" WHERE "users"."uid" = 'integration-uid' LIMIT 1[0m
+  [1m[35m (0.1ms)[0m  begin transaction
+  [1m[36mSQL (0.3ms)[0m  [1mINSERT INTO "users" ("email", "name", "permissions", "remotely_signed_out", "uid") VALUES (?, ?, ?, ?, ?)[0m  [["email", "test@example-client.com"], ["name", "Test User"], ["permissions", "---\n- signin\n"], ["remotely_signed_out", nil], ["uid", "integration-uid"]]
+  [1m[35m (4.4ms)[0m  commit transaction
+  [1m[36m (0.0ms)[0m  [1mbegin transaction[0m
+  [1m[35m (0.2ms)[0m  UPDATE "users" SET "remotely_signed_out" = 'f', "permissions" = '---
+- signin
+' WHERE "users"."id" = 11
+  [1m[36m (2.6ms)[0m  [1mcommit transaction[0m
+Redirected to http://www.example-client.com/restricted
+Completed 302 Found in 15.9ms (ActiveRecord: 7.8ms)
+Started GET "/restricted" for 127.0.0.1 at 2013-10-31 11:38:30 +0000
+Processing by ExampleController#restricted as HTML
+  [1m[35mUser Load (0.1ms)[0m  SELECT "users".* FROM "users" WHERE "users"."uid" = 'integration-uid' LIMIT 1
+Completed 200 OK in 1.4ms (Views: 0.5ms | ActiveRecord: 0.1ms)
+Started GET "/restricted" for 127.0.0.1 at 2013-10-31 11:38:30 +0000
+Processing by ExampleController#restricted as HTML
+Authenticating with gds_sso strategy
+Completed   in 0.3ms
+Started GET "/auth/gds" for 127.0.0.1 at 2013-10-31 11:38:30 +0000
+Started GET "/auth/gds/callback?code=c7ca4d809f924ea396e11557a456d3592df744c59f19cb35c58d12d85296f9ce&state=0df587715601a2f68981a64f74b971390937487447e4cb8f" for 127.0.0.1 at 2013-10-31 11:38:31 +0000
+Processing by AuthenticationsController#callback as HTML
+  Parameters: {"code"=>"c7ca4d809f924ea396e11557a456d3592df744c59f19cb35c58d12d85296f9ce", "state"=>"0df587715601a2f68981a64f74b971390937487447e4cb8f"}
+Authenticating with gds_sso strategy
+  [1m[36mUser Load (0.2ms)[0m  [1mSELECT "users".* FROM "users" WHERE "users"."uid" = 'integration-uid' LIMIT 1[0m
+  [1m[35m (0.1ms)[0m  begin transaction
+  [1m[36m (0.2ms)[0m  [1mUPDATE "users" SET "permissions" = '---
+- signin
+' WHERE "users"."id" = 11[0m
+  [1m[35m (4.4ms)[0m  commit transaction
+  [1m[36m (0.0ms)[0m  [1mbegin transaction[0m
+  [1m[35m (0.2ms)[0m  UPDATE "users" SET "permissions" = '---
+- signin
+' WHERE "users"."id" = 11
+  [1m[36m (3.6ms)[0m  [1mcommit transaction[0m
+Redirected to http://www.example-client.com/restricted
+Completed 302 Found in 18.1ms (ActiveRecord: 8.7ms)
+Started GET "/restricted" for 127.0.0.1 at 2013-10-31 11:38:31 +0000
+Processing by ExampleController#restricted as HTML
+  [1m[35mUser Load (0.1ms)[0m  SELECT "users".* FROM "users" WHERE "users"."uid" = 'integration-uid' LIMIT 1
+Completed 200 OK in 1.4ms (Views: 0.4ms | ActiveRecord: 0.1ms)
+Started GET "/restricted" for 127.0.0.1 at 2013-10-31 11:38:31 +0000
+Processing by ExampleController#restricted as HTML
+Authenticating with gds_sso strategy
+Completed   in 0.2ms
+Started GET "/auth/gds" for 127.0.0.1 at 2013-10-31 11:38:31 +0000
+Started GET "/auth/gds/callback?code=344801e2fa7aa06cb1ad37f59897de3c9f94b02e46dc5b58803f2d72e5f4e36b&state=ef509060c15900e987de31eed7b4dce7f2608cdd06cf04c8" for 127.0.0.1 at 2013-10-31 11:38:31 +0000
+Processing by AuthenticationsController#callback as HTML
+  Parameters: {"code"=>"344801e2fa7aa06cb1ad37f59897de3c9f94b02e46dc5b58803f2d72e5f4e36b", "state"=>"ef509060c15900e987de31eed7b4dce7f2608cdd06cf04c8"}
+Authenticating with gds_sso strategy
+  [1m[36mUser Load (0.2ms)[0m  [1mSELECT "users".* FROM "users" WHERE "users"."uid" = 'integration-uid' LIMIT 1[0m
+  [1m[35m (0.0ms)[0m  begin transaction
+  [1m[36m (0.2ms)[0m  [1mUPDATE "users" SET "permissions" = '---
+- signin
+' WHERE "users"."id" = 11[0m
+  [1m[35m (3.6ms)[0m  commit transaction
+  [1m[36m (0.1ms)[0m  [1mbegin transaction[0m
+  [1m[35m (0.1ms)[0m  UPDATE "users" SET "permissions" = '---
+- signin
+' WHERE "users"."id" = 11
+  [1m[36m (2.9ms)[0m  [1mcommit transaction[0m
+Redirected to http://www.example-client.com/restricted
+Completed 302 Found in 15.7ms (ActiveRecord: 7.2ms)
+Started GET "/restricted" for 127.0.0.1 at 2013-10-31 11:38:31 +0000
+Processing by ExampleController#restricted as HTML
+  [1m[35mUser Load (0.1ms)[0m  SELECT "users".* FROM "users" WHERE "users"."uid" = 'integration-uid' LIMIT 1
+Completed 200 OK in 1.1ms (Views: 0.3ms | ActiveRecord: 0.1ms)
+Started GET "/this_requires_signin_permission" for 127.0.0.1 at 2013-10-31 11:38:31 +0000
+Processing by ExampleController#this_requires_signin_permission as HTML
+Authenticating with gds_sso strategy
+Completed   in 1.0ms
+Started GET "/auth/gds" for 127.0.0.1 at 2013-10-31 11:38:31 +0000
+Started GET "/auth/gds/callback?code=e4d456776e183ac16c1a488fee5d37f0ef73b83eaab6babd84dcaba64b9a6de8&state=33a12d41614b3c0471c76c47a87dfb1c1d9d0e669947b31e" for 127.0.0.1 at 2013-10-31 11:38:31 +0000
+Processing by AuthenticationsController#callback as HTML
+  Parameters: {"code"=>"e4d456776e183ac16c1a488fee5d37f0ef73b83eaab6babd84dcaba64b9a6de8", "state"=>"33a12d41614b3c0471c76c47a87dfb1c1d9d0e669947b31e"}
+Authenticating with gds_sso strategy
+  [1m[36mUser Load (0.2ms)[0m  [1mSELECT "users".* FROM "users" WHERE "users"."uid" = 'integration-uid' LIMIT 1[0m
+  [1m[35m (0.1ms)[0m  begin transaction
+  [1m[36m (0.2ms)[0m  [1mUPDATE "users" SET "permissions" = '---
+- signin
+' WHERE "users"."id" = 11[0m
+  [1m[35m (3.7ms)[0m  commit transaction
+  [1m[36m (0.0ms)[0m  [1mbegin transaction[0m
+  [1m[35m (0.1ms)[0m  UPDATE "users" SET "permissions" = '---
+- signin
+' WHERE "users"."id" = 11
+  [1m[36m (3.6ms)[0m  [1mcommit transaction[0m
+Redirected to http://www.example-client.com/this_requires_signin_permission
+Completed 302 Found in 17.0ms (ActiveRecord: 8.0ms)
+Started GET "/this_requires_signin_permission" for 127.0.0.1 at 2013-10-31 11:38:31 +0000
+Processing by ExampleController#this_requires_signin_permission as HTML
+  [1m[35mUser Load (0.1ms)[0m  SELECT "users".* FROM "users" WHERE "users"."uid" = 'integration-uid' LIMIT 1
+Completed 200 OK in 3.6ms (Views: 0.6ms | ActiveRecord: 0.1ms)
+Started GET "/this_requires_signin_permission" for 127.0.0.1 at 2013-10-31 11:38:31 +0000
+Processing by ExampleController#this_requires_signin_permission as HTML
+Authenticating with gds_sso strategy
+Completed   in 0.2ms
+Started GET "/auth/gds" for 127.0.0.1 at 2013-10-31 11:38:31 +0000
+Started GET "/auth/gds/callback?code=06e4a236c113f2b9a712766532fbd02b4d0c5c988050e6e8588cae14fea1973b&state=a66a4cc2b23620d9d6e6737f5e68925c79530f1af0732b94" for 127.0.0.1 at 2013-10-31 11:38:31 +0000
+Processing by AuthenticationsController#callback as HTML
+  Parameters: {"code"=>"06e4a236c113f2b9a712766532fbd02b4d0c5c988050e6e8588cae14fea1973b", "state"=>"a66a4cc2b23620d9d6e6737f5e68925c79530f1af0732b94"}
+Authenticating with gds_sso strategy
+  [1m[36mUser Load (0.2ms)[0m  [1mSELECT "users".* FROM "users" WHERE "users"."uid" = 'integration-uid' LIMIT 1[0m
+  [1m[35m (0.1ms)[0m  begin transaction
+  [1m[36m (0.2ms)[0m  [1mUPDATE "users" SET "permissions" = '---
+- signin
+' WHERE "users"."id" = 11[0m
+  [1m[35m (4.7ms)[0m  commit transaction
+  [1m[36m (0.0ms)[0m  [1mbegin transaction[0m
+  [1m[35m (0.2ms)[0m  UPDATE "users" SET "permissions" = '---
+- signin
+' WHERE "users"."id" = 11
+  [1m[36m (3.1ms)[0m  [1mcommit transaction[0m
+Redirected to http://www.example-client.com/this_requires_signin_permission
+Completed 302 Found in 16.8ms (ActiveRecord: 8.4ms)
+Started GET "/this_requires_signin_permission" for 127.0.0.1 at 2013-10-31 11:38:32 +0000
+Processing by ExampleController#this_requires_signin_permission as HTML
+  [1m[35mUser Load (0.1ms)[0m  SELECT "users".* FROM "users" WHERE "users"."uid" = 'integration-uid' LIMIT 1
+Completed 200 OK in 3.2ms (Views: 0.3ms | ActiveRecord: 0.1ms)
+Started GET "/restricted" for 127.0.0.1 at 2013-10-31 11:38:32 +0000
+Processing by ExampleController#restricted as HTML
+Authenticating with gds_sso strategy
+Completed   in 0.3ms
+Started GET "/auth/gds" for 127.0.0.1 at 2013-10-31 11:38:32 +0000
+Started GET "/auth/gds/callback?code=e8aeebb3e2ba1909323787104940651c8a0981647bdf64a760e147e86ffbfefc&state=f79820d13a2122a8d3ac5f2c2ebc85ac261c47947c51585f" for 127.0.0.1 at 2013-10-31 11:38:32 +0000
+Processing by AuthenticationsController#callback as HTML
+  Parameters: {"code"=>"e8aeebb3e2ba1909323787104940651c8a0981647bdf64a760e147e86ffbfefc", "state"=>"f79820d13a2122a8d3ac5f2c2ebc85ac261c47947c51585f"}
+Authenticating with gds_sso strategy
+  [1m[36mUser Load (0.3ms)[0m  [1mSELECT "users".* FROM "users" WHERE "users"."uid" = 'integration-uid' LIMIT 1[0m
+  [1m[35m (0.1ms)[0m  begin transaction
+  [1m[36m (0.2ms)[0m  [1mUPDATE "users" SET "permissions" = '---
+- signin
+' WHERE "users"."id" = 11[0m
+  [1m[35m (5.0ms)[0m  commit transaction
+  [1m[36m (0.0ms)[0m  [1mbegin transaction[0m
+  [1m[35m (0.1ms)[0m  UPDATE "users" SET "permissions" = '---
+- signin
+' WHERE "users"."id" = 11
+  [1m[36m (2.8ms)[0m  [1mcommit transaction[0m
+Redirected to http://www.example-client.com/restricted
+Completed 302 Found in 18.0ms (ActiveRecord: 8.5ms)
+Started GET "/restricted" for 127.0.0.1 at 2013-10-31 11:38:32 +0000
+Processing by ExampleController#restricted as HTML
+  [1m[35mUser Load (0.1ms)[0m  SELECT "users".* FROM "users" WHERE "users"."uid" = 'integration-uid' LIMIT 1
+Completed 200 OK in 1.4ms (Views: 0.4ms | ActiveRecord: 0.1ms)
+  [1m[36mUser Load (0.1ms)[0m  [1mSELECT "users".* FROM "users" WHERE "users"."uid" = 'integration-uid' LIMIT 1[0m
+  [1m[35m (0.0ms)[0m  begin transaction
+  [1m[36m (0.1ms)[0m  [1mUPDATE "users" SET "remotely_signed_out" = 't', "permissions" = '---
+- signin
+' WHERE "users"."id" = 11[0m
+  [1m[35m (2.9ms)[0m  commit transaction
+Started GET "/restricted" for 127.0.0.1 at 2013-10-31 11:38:32 +0000
+Processing by ExampleController#restricted as HTML
+  [1m[36mUser Load (0.1ms)[0m  [1mSELECT "users".* FROM "users" WHERE "users"."uid" = 'integration-uid' LIMIT 1[0m
+Filter chain halted as :authenticate_user! rendered or redirected
+Completed 403 Forbidden in 3.5ms (Views: 2.4ms | ActiveRecord: 0.1ms)
+Started GET "/auth/gds/sign_out" for 127.0.0.1 at 2013-10-31 11:38:32 +0000
+Processing by AuthenticationsController#sign_out as HTML
+Redirected to http://localhost:4567/users/sign_out
+Completed 302 Found in 0.6ms (ActiveRecord: 0.0ms)
+Started GET "/restricted" for 127.0.0.1 at 2013-10-31 11:38:32 +0000
+Processing by ExampleController#restricted as HTML
+Authenticating with gds_sso strategy
+Completed   in 0.3ms
+Started GET "/auth/gds" for 127.0.0.1 at 2013-10-31 11:38:32 +0000
+Started GET "/auth/gds/callback?code=7f24c5a305c90af77ec7cec351c5984876b2972f95f9e2bdeeddb39b07aa1157&state=7cb3208f25ead37892e645398274299dbe4d08fc0bae32d4" for 127.0.0.1 at 2013-10-31 11:38:32 +0000
+Processing by AuthenticationsController#callback as HTML
+  Parameters: {"code"=>"7f24c5a305c90af77ec7cec351c5984876b2972f95f9e2bdeeddb39b07aa1157", "state"=>"7cb3208f25ead37892e645398274299dbe4d08fc0bae32d4"}
+Authenticating with gds_sso strategy
+  [1m[35mUser Load (0.2ms)[0m  SELECT "users".* FROM "users" WHERE "users"."uid" = 'integration-uid' LIMIT 1
+  [1m[36m (0.0ms)[0m  [1mbegin transaction[0m
+  [1m[35m (0.2ms)[0m  UPDATE "users" SET "permissions" = '---
+- signin
+' WHERE "users"."id" = 11
+  [1m[36m (4.4ms)[0m  [1mcommit transaction[0m
+  [1m[35m (0.1ms)[0m  begin transaction
+  [1m[36m (0.2ms)[0m  [1mUPDATE "users" SET "remotely_signed_out" = 'f', "permissions" = '---
+- signin
+' WHERE "users"."id" = 11[0m
+  [1m[35m (3.6ms)[0m  commit transaction
+Redirected to http://www.example-client.com/restricted
+Completed 302 Found in 17.3ms (ActiveRecord: 8.7ms)
+Started GET "/restricted" for 127.0.0.1 at 2013-10-31 11:38:32 +0000
+Processing by ExampleController#restricted as HTML
+  [1m[36mUser Load (0.1ms)[0m  [1mSELECT "users".* FROM "users" WHERE "users"."uid" = 'integration-uid' LIMIT 1[0m
+Completed 200 OK in 1.4ms (Views: 0.4ms | ActiveRecord: 0.1ms)
+Started GET "/restricted" for 127.0.0.1 at 2013-10-31 11:38:32 +0000
+Processing by ExampleController#restricted as HTML
+Authenticating with gds_sso strategy
+Completed   in 0.3ms
+Started GET "/auth/gds" for 127.0.0.1 at 2013-10-31 11:38:32 +0000
+Started GET "/auth/gds/callback?code=7389b2655a69297e389913caf43fce07399e10de4e9b3d1b8aeeaeacb12541ff&state=6e1887d565e93ad7e6d2455ca48002569502e3d1c76c9584" for 127.0.0.1 at 2013-10-31 11:38:33 +0000
+Processing by AuthenticationsController#callback as HTML
+  Parameters: {"code"=>"7389b2655a69297e389913caf43fce07399e10de4e9b3d1b8aeeaeacb12541ff", "state"=>"6e1887d565e93ad7e6d2455ca48002569502e3d1c76c9584"}
+Authenticating with gds_sso strategy
+  [1m[35mUser Load (0.2ms)[0m  SELECT "users".* FROM "users" WHERE "users"."uid" = 'integration-uid' LIMIT 1
+  [1m[36m (0.1ms)[0m  [1mbegin transaction[0m
+  [1m[35m (0.2ms)[0m  UPDATE "users" SET "permissions" = '---
+- signin
+' WHERE "users"."id" = 11
+  [1m[36m (4.8ms)[0m  [1mcommit transaction[0m
+  [1m[35m (0.0ms)[0m  begin transaction
+  [1m[36m (0.1ms)[0m  [1mUPDATE "users" SET "permissions" = '---
+- signin
+' WHERE "users"."id" = 11[0m
+  [1m[35m (3.0ms)[0m  commit transaction
+Redirected to http://www.example-client.com/restricted
+Completed 302 Found in 18.3ms (ActiveRecord: 8.5ms)
+Started GET "/restricted" for 127.0.0.1 at 2013-10-31 11:38:33 +0000
+Processing by ExampleController#restricted as HTML
+  [1m[36mUser Load (0.1ms)[0m  [1mSELECT "users".* FROM "users" WHERE "users"."uid" = 'integration-uid' LIMIT 1[0m
+Completed 200 OK in 1.4ms (Views: 0.4ms | ActiveRecord: 0.1ms)
+Started GET "/restricted" for 127.0.0.1 at 2013-11-01 07:43:33 +0000
+Processing by ExampleController#restricted as HTML
+Authenticating with gds_sso strategy
+Completed   in 0.3ms
+Started GET "/auth/gds" for 127.0.0.1 at 2013-11-01 07:43:33 +0000
+Started GET "/auth/gds/callback?code=dda00818864f4f1f758d17f7270a2ae70004a6424993c00b950396e2fb66d455&state=f2b7c6d249227239f0df33b4f919530cd13e7a5583230cb7" for 127.0.0.1 at 2013-11-01 07:43:33 +0000
+Processing by AuthenticationsController#callback as HTML
+  Parameters: {"code"=>"dda00818864f4f1f758d17f7270a2ae70004a6424993c00b950396e2fb66d455", "state"=>"f2b7c6d249227239f0df33b4f919530cd13e7a5583230cb7"}
+Authenticating with gds_sso strategy
+  [1m[35mUser Load (0.2ms)[0m  SELECT "users".* FROM "users" WHERE "users"."uid" = 'integration-uid' LIMIT 1
+  [1m[36m (0.1ms)[0m  [1mbegin transaction[0m
+  [1m[35m (0.2ms)[0m  UPDATE "users" SET "permissions" = '---
+- signin
+' WHERE "users"."id" = 11
+  [1m[36m (4.0ms)[0m  [1mcommit transaction[0m
+  [1m[35m (0.1ms)[0m  begin transaction
+  [1m[36m (0.2ms)[0m  [1mUPDATE "users" SET "permissions" = '---
+- signin
+' WHERE "users"."id" = 11[0m
+  [1m[35m (2.7ms)[0m  commit transaction
+Redirected to http://www.example-client.com/restricted
+Completed 302 Found in 15.0ms (ActiveRecord: 7.3ms)
+Started GET "/restricted" for 127.0.0.1 at 2013-11-01 07:43:33 +0000
+Processing by ExampleController#restricted as HTML
+  [1m[36mUser Load (0.1ms)[0m  [1mSELECT "users".* FROM "users" WHERE "users"."uid" = 'integration-uid' LIMIT 1[0m
+Completed 200 OK in 1.0ms (Views: 0.2ms | ActiveRecord: 0.1ms)
+Started GET "/restricted" for 127.0.0.1 at 2013-10-31 11:38:33 +0000
+Processing by ExampleController#restricted as HTML
+Authenticating with gds_sso strategy
+Completed   in 0.3ms
+Started GET "/auth/gds" for 127.0.0.1 at 2013-10-31 11:38:33 +0000
+Started GET "/auth/gds/callback?code=163ff71d8a13eea08b9e061f7bc78c1acf07117cfbd653020e43ed56e2ad642f&state=cc7649abe8fa5d4abaf5ff934b0b39c99d336a1ee509b053" for 127.0.0.1 at 2013-10-31 11:38:33 +0000
+Processing by AuthenticationsController#callback as HTML
+  Parameters: {"code"=>"163ff71d8a13eea08b9e061f7bc78c1acf07117cfbd653020e43ed56e2ad642f", "state"=>"cc7649abe8fa5d4abaf5ff934b0b39c99d336a1ee509b053"}
+Authenticating with gds_sso strategy
+  [1m[35mUser Load (0.2ms)[0m  SELECT "users".* FROM "users" WHERE "users"."uid" = 'integration-uid' LIMIT 1
+  [1m[36m (0.1ms)[0m  [1mbegin transaction[0m
+  [1m[35m (0.2ms)[0m  UPDATE "users" SET "permissions" = '---
+- signin
+' WHERE "users"."id" = 11
+  [1m[36m (3.9ms)[0m  [1mcommit transaction[0m
+  [1m[35m (0.0ms)[0m  begin transaction
+  [1m[36m (0.1ms)[0m  [1mUPDATE "users" SET "permissions" = '---
+- signin
+' WHERE "users"."id" = 11[0m
+  [1m[35m (3.6ms)[0m  commit transaction
+Redirected to http://www.example-client.com/restricted
+Completed 302 Found in 18.0ms (ActiveRecord: 8.1ms)
+Started GET "/restricted" for 127.0.0.1 at 2013-10-31 11:38:33 +0000
+Processing by ExampleController#restricted as HTML
+  [1m[36mUser Load (0.1ms)[0m  [1mSELECT "users".* FROM "users" WHERE "users"."uid" = 'integration-uid' LIMIT 1[0m
+Completed 200 OK in 1.5ms (Views: 0.5ms | ActiveRecord: 0.1ms)
+Started GET "/restricted" for 127.0.0.1 at 2013-11-01 07:33:33 +0000
+Processing by ExampleController#restricted as HTML
+  [1m[35mUser Load (0.1ms)[0m  SELECT "users".* FROM "users" WHERE "users"."uid" = 'integration-uid' LIMIT 1
+Completed 200 OK in 1.1ms (Views: 0.2ms | ActiveRecord: 0.1ms)
+Started GET "/restricted" for 127.0.0.1 at 2013-10-31 11:38:33 +0000
+Processing by ExampleController#restricted as JSON
+Authenticating with gds_bearer_token strategy
+Completed   in 7.9ms
+Started GET "/restricted" for 127.0.0.1 at 2013-10-31 11:38:33 +0000
+Processing by ExampleController#restricted as JSON
+Authenticating with gds_bearer_token strategy
+  [1m[36mUser Load (0.2ms)[0m  [1mSELECT "users".* FROM "users" WHERE "users"."uid" = 'integration-uid' LIMIT 1[0m
+  [1m[35m (0.1ms)[0m  begin transaction
+  [1m[36m (0.2ms)[0m  [1mUPDATE "users" SET "permissions" = '---
+- signin
+' WHERE "users"."id" = 11[0m
+  [1m[35m (4.4ms)[0m  commit transaction
+  [1m[36m (0.0ms)[0m  [1mbegin transaction[0m
+  [1m[35m (0.1ms)[0m  UPDATE "users" SET "permissions" = '---
+- signin
+' WHERE "users"."id" = 11
+  [1m[36m (3.7ms)[0m  [1mcommit transaction[0m
+Completed 200 OK in 42.1ms (Views: 0.3ms | ActiveRecord: 8.7ms)
+Started GET "/this_requires_signin_permission" for 127.0.0.1 at 2013-10-31 11:38:33 +0000
+Processing by ExampleController#this_requires_signin_permission as JSON
+Authenticating with gds_bearer_token strategy
+  [1m[35mUser Load (0.2ms)[0m  SELECT "users".* FROM "users" WHERE "users"."uid" = 'integration-uid' LIMIT 1
+  [1m[36m (0.1ms)[0m  [1mbegin transaction[0m
+  [1m[35m (0.2ms)[0m  UPDATE "users" SET "permissions" = '---
+- signin
+' WHERE "users"."id" = 11
+  [1m[36m (5.5ms)[0m  [1mcommit transaction[0m
+  [1m[35m (0.0ms)[0m  begin transaction
+  [1m[36m (0.1ms)[0m  [1mUPDATE "users" SET "permissions" = '---
+- signin
+' WHERE "users"."id" = 11[0m
+  [1m[35m (4.3ms)[0m  commit transaction
+Completed 200 OK in 46.0ms (Views: 0.3ms | ActiveRecord: 10.4ms)