gds-sso 4.0.0 → 5.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (13) hide show
  1. data/README.md +3 -1
  2. data/app/controllers/api/user_controller.rb +4 -1
  3. data/lib/gds-sso/user.rb +6 -5
  4. data/lib/gds-sso/version.rb +1 -1
  5. data/lib/gds-sso/warden_config.rb +2 -1
  6. data/spec/controller/api_user_controller_spec.rb +20 -17
  7. data/spec/fixtures/integration/authorize_api_users.sql +1 -1
  8. data/spec/internal/app/models/user.rb +2 -1
  9. data/spec/internal/db/combustion_test.sqlite +0 -0
  10. data/spec/internal/db/schema.rb +1 -0
  11. data/spec/internal/log/test.log +818 -0
  12. data/test/user_test.rb +3 -3
  13. metadata +7 -7
data/README.md CHANGED
@@ -39,13 +39,15 @@ It should have the following fields:
39
39
  string "email"
40
40
  string "uid"
41
41
  array "permissions"
42
+ array "organisations"
42
43
  boolean "remotely_signed_out", :default => false
43
44
 
44
45
  You also need to include `GDS::SSO::ControllerMethods` in your ApplicationController
45
46
 
46
- For ActiveRecord, you probably want to declare permissions as "serialized" like this:
47
+ For ActiveRecord, you probably want to declare permissions and organisations as "serialized" like this:
47
48
 
48
49
  serialize :permissions, Array
50
+ serialize :organisations, Array
49
51
 
50
52
 
51
53
  ## Use in development mode
data/app/controllers/api/user_controller.rb CHANGED
@@ -31,7 +31,10 @@ class Api::UserController < ApplicationController
31
31
  email: user_json['email']
32
32
  },
33
33
  extra: {
34
- user: { permissions: user_json['permissions'] }
34
+ user: {
35
+ permissions: user_json['permissions'],
36
+ organisations: user_json['organisations'],
37
+ }
35
38
  })
36
39
  end
37
40
 
data/lib/gds-sso/user.rb CHANGED
@@ -4,7 +4,7 @@ module GDS
4
4
  module SSO
5
5
  module User
6
6
  def included(base)
7
- attr_accessible :uid, :email, :name, :permissions, as: :oauth
7
+ attr_accessible :uid, :email, :name, :permissions, :organisations, as: :oauth
8
8
  end
9
9
 
10
10
  def has_permission?(permission)
@@ -15,10 +15,11 @@ module GDS
15
15
 
16
16
  def self.user_params_from_auth_hash(auth_hash)
17
17
  {
18
- 'uid' => auth_hash['uid'],
19
- 'email' => auth_hash['info']['email'],
20
- 'name' => auth_hash['info']['name'],
21
- 'permissions' => auth_hash['extra']['user']['permissions']
18
+ 'uid' => auth_hash['uid'],
19
+ 'email' => auth_hash['info']['email'],
20
+ 'name' => auth_hash['info']['name'],
21
+ 'permissions' => auth_hash['extra']['user']['permissions'],
22
+ 'organisations' => auth_hash['extra']['user']['organisations'],
22
23
  }
23
24
  end
24
25
 
data/lib/gds-sso/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  module GDS
2
2
  module SSO
3
- VERSION = "4.0.0"
3
+ VERSION = "5.0.0"
4
4
  end
5
5
  end
data/lib/gds-sso/warden_config.rb CHANGED
@@ -109,7 +109,8 @@ Warden::Strategies.add(:gds_bearer_token) do
109
109
  },
110
110
  'extra' => {
111
111
  'user' => {
112
- 'permissions' => input['permissions']
112
+ 'permissions' => input['permissions'],
113
+ 'organisations' => input['organisations'],
113
114
  }
114
115
  }
115
116
  }
data/spec/controller/api_user_controller_spec.rb CHANGED
@@ -2,11 +2,12 @@ require "spec_helper"
2
2
 
3
3
  def user_update_json
4
4
  {
5
- "user" => {
6
- "uid" => @user_to_update.uid,
7
- "name" => "Joshua Marshall",
8
- "email" => "user@domain.com",
9
- "permissions" => ["signin", "new permission"]
5
+ "user" => {
6
+ "uid" => @user_to_update.uid,
7
+ "name" => "Joshua Marshall",
8
+ "email" => "user@domain.com",
9
+ "permissions" => ["signin", "new permission"],
10
+ "organisations" => ["justice-league"]
10
11
  }
11
12
  }.to_json
12
13
  end
@@ -14,11 +15,11 @@ end
14
15
  describe Api::UserController, type: :controller do
15
16
 
16
17
  before :each do
17
- @user_to_update = User.create!({
18
- :uid => "a1s2d3#{rand(10000)}",
18
+ @user_to_update = User.create!({
19
+ :uid => "a1s2d3#{rand(10000)}",
19
20
  :email => "old@domain.com",
20
- :name => "Moshua Jarshall",
21
- :permissions => ["signin"] },
21
+ :name => "Moshua Jarshall",
22
+ :permissions => ["signin"] },
22
23
  as: :oauth)
23
24
 
24
25
  @signon_sso_push_user = User.create!({
@@ -31,16 +32,16 @@ describe Api::UserController, type: :controller do
31
32
 
32
33
  describe "PUT update" do
33
34
  it "should deny access to anybody but the API user (or a user with 'user_update_permission')" do
34
- malicious_user = User.new({
35
- :uid => '2',
36
- :name => "User",
35
+ malicious_user = User.new({
36
+ :uid => '2',
37
+ :name => "User",
37
38
  :permissions =>["signin"] })
38
39
 
39
40
  request.env['warden'] = stub("stub warden", :authenticate! => true, authenticated?: true, user: malicious_user)
40
41
 
41
42
  request.env['RAW_POST_DATA'] = user_update_json
42
43
  put :update, uid: @user_to_update.uid
43
-
44
+
44
45
  assert_equal 403, response.status
45
46
  end
46
47
 
@@ -59,20 +60,22 @@ describe Api::UserController, type: :controller do
59
60
  assert_equal "user@domain.com", @user_to_update.email
60
61
  expected_permissions = ["signin", "new permission"]
61
62
  assert_equal expected_permissions, @user_to_update.permissions
63
+ expected_organisations = ["justice-league"]
64
+ assert_equal expected_organisations, @user_to_update.organisations
62
65
  end
63
66
  end
64
67
 
65
68
  describe "POST reauth" do
66
69
  it "should deny access to anybody but the API user (or a user with 'user_update_permission')" do
67
- malicious_user = User.new({
68
- :uid => '2',
69
- :name => "User",
70
+ malicious_user = User.new({
71
+ :uid => '2',
72
+ :name => "User",
70
73
  :permissions => ["signin"] })
71
74
 
72
75
  request.env['warden'] = stub("stub warden", :authenticate! => true, authenticated?: true, user: malicious_user)
73
76
 
74
77
  post :reauth, uid: @user_to_update.uid
75
-
78
+
76
79
  assert_equal 403, response.status
77
80
  end
78
81
 
data/spec/fixtures/integration/authorize_api_users.sql CHANGED
@@ -1,4 +1,4 @@
1
1
  DELETE FROM `oauth_access_tokens`;
2
2
 
3
- INSERT INTO oauth_access_tokens VALUES
3
+ INSERT INTO oauth_access_tokens VALUES
4
4
  (NULL, 1, 1, 'caaeb53be5c7277fb0ef158181bfd1537b57f9e3b83eb795be3cd0af6e118b28', '1bc343797483954d7306d67e96687feccdfdaa8b23ed662ae23e2b03e6661d16', 307584000, NULL, '2012-06-27 13:57:47', NULL);
data/spec/internal/app/models/user.rb CHANGED
@@ -2,6 +2,7 @@ class User < ActiveRecord::Base
2
2
  include GDS::SSO::User
3
3
 
4
4
  serialize :permissions, Array
5
+ serialize :organisations, Array
5
6
 
6
- attr_accessible :uid, :email, :name, :permissions, as: :oauth
7
+ attr_accessible :uid, :email, :name, :permissions, :organisations, as: :oauth
7
8
  end
data/spec/internal/db/schema.rb CHANGED
@@ -5,5 +5,6 @@ ActiveRecord::Schema.define do
5
5
  t.string "email", :null => false
6
6
  t.boolean "remotely_signed_out"
7
7
  t.text "permissions"
8
+ t.text "organisations"
8
9
  end
9
10
  end
data/spec/internal/log/test.log CHANGED
@@ -4985,3 +4985,821 @@ Authenticating with gds_bearer_token strategy
4985
4985
  ' WHERE "users"."id" = 11
4986
4986
   (4.3ms) commit transaction
4987
4987
  Completed 200 OK in 46.0ms (Views: 0.3ms | ActiveRecord: 10.4ms)
4988
+ Connecting to database specified by database.yml
4989
+  (0.7ms) select sqlite_version(*)
4990
+  (7.3ms) DROP TABLE "users"
4991
+  (3.8ms) CREATE TABLE "users" ("id" INTEGER PRIMARY KEY AUTOINCREMENT NOT NULL, "name" varchar(255) NOT NULL, "uid" varchar(255) NOT NULL, "email" varchar(255) NOT NULL, "remotely_signed_out" boolean, "permissions" text, "organisations" text) 
4992
+  (0.1ms) begin transaction
4993
+ SQL (2.0ms) INSERT INTO "users" ("email", "name", "organisations", "permissions", "remotely_signed_out", "uid") VALUES (?, ?, ?, ?, ?, ?) [["email", "old@domain.com"], ["name", "Moshua Jarshall"], ["organisations", nil], ["permissions", "---\n- signin\n"], ["remotely_signed_out", nil], ["uid", "a1s2d34089"]]
4994
+  (3.0ms) commit transaction
4995
+  (0.1ms) begin transaction
4996
+ SQL (0.2ms) INSERT INTO "users" ("email", "name", "organisations", "permissions", "remotely_signed_out", "uid") VALUES (?, ?, ?, ?, ?, ?) [["email", "ssopushuser@legit.com"], ["name", "SSO Push user"], ["organisations", nil], ["permissions", "---\n- signin\n- user_update_permission\n"], ["remotely_signed_out", nil], ["uid", "a1s2d3996"]]
4997
+  (2.8ms) commit transaction
4998
+ WARNING: Can't mass-assign protected attributes: uid, name, permissions
4999
+ Processing by Api::UserController#update as HTML
5000
+ Parameters: {"uid"=>"a1s2d34089"}
5001
+ Rendered /home/jenkins/workspace/govuk_gds_sso/app/views/authorisations/unauthorised.html.erb within layouts/unauthorised (0.8ms)
5002
+ Completed 403 Forbidden in 6.4ms (Views: 5.8ms | ActiveRecord: 0.0ms)
5003
+  (0.1ms) begin transaction
5004
+ SQL (0.2ms) INSERT INTO "users" ("email", "name", "organisations", "permissions", "remotely_signed_out", "uid") VALUES (?, ?, ?, ?, ?, ?) [["email", "old@domain.com"], ["name", "Moshua Jarshall"], ["organisations", nil], ["permissions", "---\n- signin\n"], ["remotely_signed_out", nil], ["uid", "a1s2d39189"]]
5005
+  (3.0ms) commit transaction
5006
+  (0.0ms) begin transaction
5007
+ SQL (0.1ms) INSERT INTO "users" ("email", "name", "organisations", "permissions", "remotely_signed_out", "uid") VALUES (?, ?, ?, ?, ?, ?) [["email", "ssopushuser@legit.com"], ["name", "SSO Push user"], ["organisations", nil], ["permissions", "---\n- signin\n- user_update_permission\n"], ["remotely_signed_out", nil], ["uid", "a1s2d38102"]]
5008
+  (3.2ms) commit transaction
5009
+ Processing by Api::UserController#update as HTML
5010
+ Parameters: {"uid"=>"a1s2d39189"}
5011
+ User Load (0.2ms) SELECT "users".* FROM "users" WHERE "users"."uid" = 'a1s2d39189' LIMIT 1
5012
+  (0.0ms) begin transaction
5013
+  (0.2ms) UPDATE "users" SET "email" = 'user@domain.com', "name" = 'Joshua Marshall', "permissions" = '---
5014
+ - signin
5015
+ - new permission
5016
+ ', "organisations" = '---
5017
+ - justice-league
5018
+ ' WHERE "users"."id" = 3
5019
+  (3.0ms) commit transaction
5020
+ Completed 200 OK in 12.6ms (ActiveRecord: 3.4ms)
5021
+ User Load (0.2ms) SELECT "users".* FROM "users" WHERE "users"."id" = ? LIMIT 1 [["id", 3]]
5022
+  (0.1ms) begin transaction
5023
+ SQL (0.2ms) INSERT INTO "users" ("email", "name", "organisations", "permissions", "remotely_signed_out", "uid") VALUES (?, ?, ?, ?, ?, ?) [["email", "old@domain.com"], ["name", "Moshua Jarshall"], ["organisations", nil], ["permissions", "---\n- signin\n"], ["remotely_signed_out", nil], ["uid", "a1s2d34195"]]
5024
+  (2.8ms) commit transaction
5025
+  (0.0ms) begin transaction
5026
+ SQL (0.1ms) INSERT INTO "users" ("email", "name", "organisations", "permissions", "remotely_signed_out", "uid") VALUES (?, ?, ?, ?, ?, ?) [["email", "ssopushuser@legit.com"], ["name", "SSO Push user"], ["organisations", nil], ["permissions", "---\n- signin\n- user_update_permission\n"], ["remotely_signed_out", nil], ["uid", "a1s2d38635"]]
5027
+  (3.0ms) commit transaction
5028
+ WARNING: Can't mass-assign protected attributes: uid, name, permissions
5029
+ Processing by Api::UserController#reauth as HTML
5030
+ Parameters: {"uid"=>"a1s2d34195"}
5031
+ Completed 403 Forbidden in 1.6ms (Views: 0.9ms | ActiveRecord: 0.0ms)
5032
+  (0.1ms) begin transaction
5033
+ SQL (0.2ms) INSERT INTO "users" ("email", "name", "organisations", "permissions", "remotely_signed_out", "uid") VALUES (?, ?, ?, ?, ?, ?) [["email", "old@domain.com"], ["name", "Moshua Jarshall"], ["organisations", nil], ["permissions", "---\n- signin\n"], ["remotely_signed_out", nil], ["uid", "a1s2d33699"]]
5034
+  (2.8ms) commit transaction
5035
+  (0.0ms) begin transaction
5036
+ SQL (0.1ms) INSERT INTO "users" ("email", "name", "organisations", "permissions", "remotely_signed_out", "uid") VALUES (?, ?, ?, ?, ?, ?) [["email", "ssopushuser@legit.com"], ["name", "SSO Push user"], ["organisations", nil], ["permissions", "---\n- signin\n- user_update_permission\n"], ["remotely_signed_out", nil], ["uid", "a1s2d37674"]]
5037
+  (2.7ms) commit transaction
5038
+ Processing by Api::UserController#reauth as HTML
5039
+ Parameters: {"uid"=>"nonexistent-user"}
5040
+ User Load (0.2ms) SELECT "users".* FROM "users" WHERE "users"."uid" = 'nonexistent-user' LIMIT 1
5041
+ Completed 200 OK in 1.0ms (ActiveRecord: 0.2ms)
5042
+  (0.0ms) begin transaction
5043
+ SQL (0.1ms) INSERT INTO "users" ("email", "name", "organisations", "permissions", "remotely_signed_out", "uid") VALUES (?, ?, ?, ?, ?, ?) [["email", "old@domain.com"], ["name", "Moshua Jarshall"], ["organisations", nil], ["permissions", "---\n- signin\n"], ["remotely_signed_out", nil], ["uid", "a1s2d36180"]]
5044
+  (3.7ms) commit transaction
5045
+  (0.0ms) begin transaction
5046
+ SQL (0.1ms) INSERT INTO "users" ("email", "name", "organisations", "permissions", "remotely_signed_out", "uid") VALUES (?, ?, ?, ?, ?, ?) [["email", "ssopushuser@legit.com"], ["name", "SSO Push user"], ["organisations", nil], ["permissions", "---\n- signin\n- user_update_permission\n"], ["remotely_signed_out", nil], ["uid", "a1s2d38910"]]
5047
+  (3.4ms) commit transaction
5048
+ Processing by Api::UserController#reauth as HTML
5049
+ Parameters: {"uid"=>"a1s2d36180"}
5050
+ User Load (0.2ms) SELECT "users".* FROM "users" WHERE "users"."uid" = 'a1s2d36180' LIMIT 1
5051
+  (0.0ms) begin transaction
5052
+  (0.1ms) UPDATE "users" SET "remotely_signed_out" = 't', "permissions" = '---
5053
+ - signin
5054
+ ', "organisations" = '--- []
5055
+ ' WHERE "users"."id" = 9
5056
+  (3.7ms) commit transaction
5057
+ Completed 200 OK in 7.5ms (ActiveRecord: 4.0ms)
5058
+ User Load (0.1ms) SELECT "users".* FROM "users" WHERE "users"."id" = ? LIMIT 1 [["id", 9]]
5059
+ Started GET "/" for 127.0.0.1 at 2013-10-31 15:52:11 +0000
5060
+ Processing by ExampleController#index as HTML
5061
+ Completed 200 OK in 1.7ms (Views: 1.3ms | ActiveRecord: 0.0ms)
5062
+ Started GET "/restricted" for 127.0.0.1 at 2013-10-31 15:52:11 +0000
5063
+ Processing by ExampleController#restricted as HTML
5064
+ Authenticating with gds_sso strategy
5065
+ Completed in 2.4ms
5066
+ Started GET "/auth/gds" for 127.0.0.1 at 2013-10-31 15:52:11 +0000
5067
+ Started GET "/auth/gds/callback?code=a209758b79b2131c0535bbe675b198c8fd90e757f8ea1aa1fc2ef9a5c9492c42&state=f39e66d83a224e841bd76b3048d88c825252c1c49b43c54f" for 127.0.0.1 at 2013-10-31 15:52:11 +0000
5068
+ Processing by AuthenticationsController#callback as HTML
5069
+ Parameters: {"code"=>"a209758b79b2131c0535bbe675b198c8fd90e757f8ea1aa1fc2ef9a5c9492c42", "state"=>"f39e66d83a224e841bd76b3048d88c825252c1c49b43c54f"}
5070
+ Authenticating with gds_sso strategy
5071
+ User Load (0.2ms) SELECT "users".* FROM "users" WHERE "users"."uid" = 'integration-uid' LIMIT 1
5072
+  (0.1ms) begin transaction
5073
+ SQL (0.2ms) INSERT INTO "users" ("email", "name", "organisations", "permissions", "remotely_signed_out", "uid") VALUES (?, ?, ?, ?, ?, ?) [["email", "test@example-client.com"], ["name", "Test User"], ["organisations", "--- []\n"], ["permissions", "---\n- signin\n"], ["remotely_signed_out", nil], ["uid", "integration-uid"]]
5074
+  (14.5ms) commit transaction
5075
+  (0.0ms) begin transaction
5076
+  (0.1ms) UPDATE "users" SET "remotely_signed_out" = 'f', "permissions" = '---
5077
+ - signin
5078
+ ', "organisations" = '--- []
5079
+ ' WHERE "users"."id" = 11
5080
+  (3.2ms) commit transaction
5081
+ Redirected to http://www.example-client.com/restricted
5082
+ Completed 302 Found in 26.2ms (ActiveRecord: 18.3ms)
5083
+ Started GET "/restricted" for 127.0.0.1 at 2013-10-31 15:52:12 +0000
5084
+ Processing by ExampleController#restricted as HTML
5085
+ User Load (0.1ms) SELECT "users".* FROM "users" WHERE "users"."uid" = 'integration-uid' LIMIT 1
5086
+ Completed 200 OK in 1.1ms (Views: 0.3ms | ActiveRecord: 0.1ms)
5087
+ Started GET "/restricted" for 127.0.0.1 at 2013-10-31 15:52:12 +0000
5088
+ Processing by ExampleController#restricted as HTML
5089
+ Authenticating with gds_sso strategy
5090
+ Completed in 0.2ms
5091
+ Started GET "/auth/gds" for 127.0.0.1 at 2013-10-31 15:52:12 +0000
5092
+ Started GET "/auth/gds/callback?code=1028b92ea395dff6aecc194accfbb8e7c7599a8b1bce4b74d6019ad0fc343693&state=a118ebbe209e944731bf4124ea8e8a8ed80f52cb61f3dc53" for 127.0.0.1 at 2013-10-31 15:52:12 +0000
5093
+ Processing by AuthenticationsController#callback as HTML
5094
+ Parameters: {"code"=>"1028b92ea395dff6aecc194accfbb8e7c7599a8b1bce4b74d6019ad0fc343693", "state"=>"a118ebbe209e944731bf4124ea8e8a8ed80f52cb61f3dc53"}
5095
+ Authenticating with gds_sso strategy
5096
+ User Load (0.2ms) SELECT "users".* FROM "users" WHERE "users"."uid" = 'integration-uid' LIMIT 1
5097
+  (0.1ms) begin transaction
5098
+  (0.1ms) UPDATE "users" SET "permissions" = '---
5099
+ - signin
5100
+ ', "organisations" = '--- []
5101
+ ' WHERE "users"."id" = 11
5102
+  (4.4ms) commit transaction
5103
+  (0.0ms) begin transaction
5104
+  (0.1ms) UPDATE "users" SET "permissions" = '---
5105
+ - signin
5106
+ ', "organisations" = '--- []
5107
+ ' WHERE "users"."id" = 11
5108
+  (3.2ms) commit transaction
5109
+ Redirected to http://www.example-client.com/restricted
5110
+ Completed 302 Found in 19.2ms (ActiveRecord: 8.2ms)
5111
+ Started GET "/restricted" for 127.0.0.1 at 2013-10-31 15:52:12 +0000
5112
+ Processing by ExampleController#restricted as HTML
5113
+ User Load (0.1ms) SELECT "users".* FROM "users" WHERE "users"."uid" = 'integration-uid' LIMIT 1
5114
+ Completed 200 OK in 1.1ms (Views: 0.3ms | ActiveRecord: 0.1ms)
5115
+ Started GET "/restricted" for 127.0.0.1 at 2013-10-31 15:52:12 +0000
5116
+ Processing by ExampleController#restricted as HTML
5117
+ Authenticating with gds_sso strategy
5118
+ Completed in 0.2ms
5119
+ Started GET "/auth/gds" for 127.0.0.1 at 2013-10-31 15:52:12 +0000
5120
+ Started GET "/auth/gds/callback?code=ff4e4137830a9245bac2bbba3045b0be54ffea458b5a0fd8e71a92626d6a3657&state=d109ba6dc85e36cf4b9a4957cd2cce84e9876d98af184050" for 127.0.0.1 at 2013-10-31 15:52:12 +0000
5121
+ Processing by AuthenticationsController#callback as HTML
5122
+ Parameters: {"code"=>"ff4e4137830a9245bac2bbba3045b0be54ffea458b5a0fd8e71a92626d6a3657", "state"=>"d109ba6dc85e36cf4b9a4957cd2cce84e9876d98af184050"}
5123
+ Authenticating with gds_sso strategy
5124
+ User Load (0.2ms) SELECT "users".* FROM "users" WHERE "users"."uid" = 'integration-uid' LIMIT 1
5125
+  (0.0ms) begin transaction
5126
+  (0.2ms) UPDATE "users" SET "permissions" = '---
5127
+ - signin
5128
+ ', "organisations" = '--- []
5129
+ ' WHERE "users"."id" = 11
5130
+  (3.5ms) commit transaction
5131
+  (0.0ms) begin transaction
5132
+  (0.1ms) UPDATE "users" SET "permissions" = '---
5133
+ - signin
5134
+ ', "organisations" = '--- []
5135
+ ' WHERE "users"."id" = 11
5136
+  (3.4ms) commit transaction
5137
+ Redirected to http://www.example-client.com/restricted
5138
+ Completed 302 Found in 19.1ms (ActiveRecord: 7.5ms)
5139
+ Started GET "/restricted" for 127.0.0.1 at 2013-10-31 15:52:12 +0000
5140
+ Processing by ExampleController#restricted as HTML
5141
+ User Load (0.1ms) SELECT "users".* FROM "users" WHERE "users"."uid" = 'integration-uid' LIMIT 1
5142
+ Completed 200 OK in 1.0ms (Views: 0.3ms | ActiveRecord: 0.1ms)
5143
+ Started GET "/this_requires_signin_permission" for 127.0.0.1 at 2013-10-31 15:52:12 +0000
5144
+ Processing by ExampleController#this_requires_signin_permission as HTML
5145
+ Authenticating with gds_sso strategy
5146
+ Completed in 0.6ms
5147
+ Started GET "/auth/gds" for 127.0.0.1 at 2013-10-31 15:52:12 +0000
5148
+ Started GET "/auth/gds/callback?code=4097cfc5e079a307cff1068e2c9c9b985e0dde863fdfba7060b6c71148db931e&state=87c4a1caf35e3f4fe138c9b9e2ef6a33a292bcec944eac32" for 127.0.0.1 at 2013-10-31 15:52:13 +0000
5149
+ Processing by AuthenticationsController#callback as HTML
5150
+ Parameters: {"code"=>"4097cfc5e079a307cff1068e2c9c9b985e0dde863fdfba7060b6c71148db931e", "state"=>"87c4a1caf35e3f4fe138c9b9e2ef6a33a292bcec944eac32"}
5151
+ Authenticating with gds_sso strategy
5152
+ User Load (0.2ms) SELECT "users".* FROM "users" WHERE "users"."uid" = 'integration-uid' LIMIT 1
5153
+  (0.1ms) begin transaction
5154
+  (0.1ms) UPDATE "users" SET "permissions" = '---
5155
+ - signin
5156
+ ', "organisations" = '--- []
5157
+ ' WHERE "users"."id" = 11
5158
+  (5.3ms) commit transaction
5159
+  (0.0ms) begin transaction
5160
+  (0.1ms) UPDATE "users" SET "permissions" = '---
5161
+ - signin
5162
+ ', "organisations" = '--- []
5163
+ ' WHERE "users"."id" = 11
5164
+  (4.6ms) commit transaction
5165
+ Redirected to http://www.example-client.com/this_requires_signin_permission
5166
+ Completed 302 Found in 20.8ms (ActiveRecord: 10.4ms)
5167
+ Started GET "/this_requires_signin_permission" for 127.0.0.1 at 2013-10-31 15:52:13 +0000
5168
+ Processing by ExampleController#this_requires_signin_permission as HTML
5169
+ User Load (0.2ms) SELECT "users".* FROM "users" WHERE "users"."uid" = 'integration-uid' LIMIT 1
5170
+ Completed 200 OK in 2.6ms (Views: 0.3ms | ActiveRecord: 0.2ms)
5171
+ Started GET "/this_requires_signin_permission" for 127.0.0.1 at 2013-10-31 15:52:13 +0000
5172
+ Processing by ExampleController#this_requires_signin_permission as HTML
5173
+ Authenticating with gds_sso strategy
5174
+ Completed in 0.1ms
5175
+ Started GET "/auth/gds" for 127.0.0.1 at 2013-10-31 15:52:13 +0000
5176
+ Started GET "/auth/gds/callback?code=14e859e39d2c67a5be17c5c1ee89321ab092b27cf7911f1bc5142f82e01149d1&state=3ff33fc028a77951a4b72999c3a5e8ba2241737882b6423f" for 127.0.0.1 at 2013-10-31 15:52:13 +0000
5177
+ Processing by AuthenticationsController#callback as HTML
5178
+ Parameters: {"code"=>"14e859e39d2c67a5be17c5c1ee89321ab092b27cf7911f1bc5142f82e01149d1", "state"=>"3ff33fc028a77951a4b72999c3a5e8ba2241737882b6423f"}
5179
+ Authenticating with gds_sso strategy
5180
+ User Load (0.1ms) SELECT "users".* FROM "users" WHERE "users"."uid" = 'integration-uid' LIMIT 1
5181
+  (0.0ms) begin transaction
5182
+  (0.2ms) UPDATE "users" SET "permissions" = '---
5183
+ - signin
5184
+ ', "organisations" = '--- []
5185
+ ' WHERE "users"."id" = 11
5186
+  (4.1ms) commit transaction
5187
+  (0.0ms) begin transaction
5188
+  (0.1ms) UPDATE "users" SET "permissions" = '---
5189
+ - signin
5190
+ ', "organisations" = '--- []
5191
+ ' WHERE "users"."id" = 11
5192
+  (3.0ms) commit transaction
5193
+ Redirected to http://www.example-client.com/this_requires_signin_permission
5194
+ Completed 302 Found in 17.6ms (ActiveRecord: 7.6ms)
5195
+ Started GET "/this_requires_signin_permission" for 127.0.0.1 at 2013-10-31 15:52:13 +0000
5196
+ Processing by ExampleController#this_requires_signin_permission as HTML
5197
+ User Load (0.1ms) SELECT "users".* FROM "users" WHERE "users"."uid" = 'integration-uid' LIMIT 1
5198
+ Completed 200 OK in 2.6ms (Views: 0.3ms | ActiveRecord: 0.1ms)
5199
+ Started GET "/restricted" for 127.0.0.1 at 2013-10-31 15:52:13 +0000
5200
+ Processing by ExampleController#restricted as HTML
5201
+ Authenticating with gds_sso strategy
5202
+ Completed in 0.2ms
5203
+ Started GET "/auth/gds" for 127.0.0.1 at 2013-10-31 15:52:13 +0000
5204
+ Started GET "/auth/gds/callback?code=21ef03551b75ba90b1cfd4bd5ae6ed3098ca7d17e3dcabb0d21198c5bf8584ec&state=e9cc1fee3b65e3fe62ab4b3dcd858471f2d2953952950d02" for 127.0.0.1 at 2013-10-31 15:52:13 +0000
5205
+ Processing by AuthenticationsController#callback as HTML
5206
+ Parameters: {"code"=>"21ef03551b75ba90b1cfd4bd5ae6ed3098ca7d17e3dcabb0d21198c5bf8584ec", "state"=>"e9cc1fee3b65e3fe62ab4b3dcd858471f2d2953952950d02"}
5207
+ Authenticating with gds_sso strategy
5208
+ User Load (0.2ms) SELECT "users".* FROM "users" WHERE "users"."uid" = 'integration-uid' LIMIT 1
5209
+  (0.1ms) begin transaction
5210
+  (0.1ms) UPDATE "users" SET "permissions" = '---
5211
+ - signin
5212
+ ', "organisations" = '--- []
5213
+ ' WHERE "users"."id" = 11
5214
+  (3.2ms) commit transaction
5215
+  (0.0ms) begin transaction
5216
+  (0.1ms) UPDATE "users" SET "permissions" = '---
5217
+ - signin
5218
+ ', "organisations" = '--- []
5219
+ ' WHERE "users"."id" = 11
5220
+  (2.6ms) commit transaction
5221
+ Redirected to http://www.example-client.com/restricted
5222
+ Completed 302 Found in 16.9ms (ActiveRecord: 6.4ms)
5223
+ Started GET "/restricted" for 127.0.0.1 at 2013-10-31 15:52:13 +0000
5224
+ Processing by ExampleController#restricted as HTML
5225
+ User Load (0.1ms) SELECT "users".* FROM "users" WHERE "users"."uid" = 'integration-uid' LIMIT 1
5226
+ Completed 200 OK in 1.1ms (Views: 0.3ms | ActiveRecord: 0.1ms)
5227
+ User Load (0.1ms) SELECT "users".* FROM "users" WHERE "users"."uid" = 'integration-uid' LIMIT 1
5228
+  (0.0ms) begin transaction
5229
+  (0.2ms) UPDATE "users" SET "remotely_signed_out" = 't', "permissions" = '---
5230
+ - signin
5231
+ ', "organisations" = '--- []
5232
+ ' WHERE "users"."id" = 11
5233
+  (2.5ms) commit transaction
5234
+ Started GET "/restricted" for 127.0.0.1 at 2013-10-31 15:52:13 +0000
5235
+ Processing by ExampleController#restricted as HTML
5236
+ User Load (0.1ms) SELECT "users".* FROM "users" WHERE "users"."uid" = 'integration-uid' LIMIT 1
5237
+ Filter chain halted as :authenticate_user! rendered or redirected
5238
+ Completed 403 Forbidden in 2.6ms (Views: 1.8ms | ActiveRecord: 0.1ms)
5239
+ Started GET "/auth/gds/sign_out" for 127.0.0.1 at 2013-10-31 15:52:13 +0000
5240
+ Processing by AuthenticationsController#sign_out as HTML
5241
+ Redirected to http://localhost:4567/users/sign_out
5242
+ Completed 302 Found in 0.5ms (ActiveRecord: 0.0ms)
5243
+ Started GET "/restricted" for 127.0.0.1 at 2013-10-31 15:52:13 +0000
5244
+ Processing by ExampleController#restricted as HTML
5245
+ Authenticating with gds_sso strategy
5246
+ Completed in 0.2ms
5247
+ Started GET "/auth/gds" for 127.0.0.1 at 2013-10-31 15:52:13 +0000
5248
+ Started GET "/auth/gds/callback?code=5e511bbb58db010f8af8e4d7916fe3d3540b5c30cda091aba51fbc44c34c83c4&state=b067cda03e319707b0077f8543dd2e96c798e811eb2506ba" for 127.0.0.1 at 2013-10-31 15:52:14 +0000
5249
+ Processing by AuthenticationsController#callback as HTML
5250
+ Parameters: {"code"=>"5e511bbb58db010f8af8e4d7916fe3d3540b5c30cda091aba51fbc44c34c83c4", "state"=>"b067cda03e319707b0077f8543dd2e96c798e811eb2506ba"}
5251
+ Authenticating with gds_sso strategy
5252
+ User Load (0.1ms) SELECT "users".* FROM "users" WHERE "users"."uid" = 'integration-uid' LIMIT 1
5253
+  (0.0ms) begin transaction
5254
+  (0.3ms) UPDATE "users" SET "permissions" = '---
5255
+ - signin
5256
+ ', "organisations" = '--- []
5257
+ ' WHERE "users"."id" = 11
5258
+  (3.8ms) commit transaction
5259
+  (0.0ms) begin transaction
5260
+  (0.1ms) UPDATE "users" SET "remotely_signed_out" = 'f', "permissions" = '---
5261
+ - signin
5262
+ ', "organisations" = '--- []
5263
+ ' WHERE "users"."id" = 11
5264
+  (2.7ms) commit transaction
5265
+ Redirected to http://www.example-client.com/restricted
5266
+ Completed 302 Found in 17.3ms (ActiveRecord: 7.2ms)
5267
+ Started GET "/restricted" for 127.0.0.1 at 2013-10-31 15:52:14 +0000
5268
+ Processing by ExampleController#restricted as HTML
5269
+ User Load (0.1ms) SELECT "users".* FROM "users" WHERE "users"."uid" = 'integration-uid' LIMIT 1
5270
+ Completed 200 OK in 1.0ms (Views: 0.3ms | ActiveRecord: 0.1ms)
5271
+ Started GET "/restricted" for 127.0.0.1 at 2013-10-31 15:52:14 +0000
5272
+ Processing by ExampleController#restricted as HTML
5273
+ Authenticating with gds_sso strategy
5274
+ Completed in 0.2ms
5275
+ Started GET "/auth/gds" for 127.0.0.1 at 2013-10-31 15:52:14 +0000
5276
+ Started GET "/auth/gds/callback?code=d96b93f617e14e7f85e4df191893281fa21fbc3e4f997fc90b2d49d1108ed8f4&state=14d89b1d0a69b1a520733569d6b2eccb4c1a65661ee8159c" for 127.0.0.1 at 2013-10-31 15:52:14 +0000
5277
+ Processing by AuthenticationsController#callback as HTML
5278
+ Parameters: {"code"=>"d96b93f617e14e7f85e4df191893281fa21fbc3e4f997fc90b2d49d1108ed8f4", "state"=>"14d89b1d0a69b1a520733569d6b2eccb4c1a65661ee8159c"}
5279
+ Authenticating with gds_sso strategy
5280
+ User Load (0.2ms) SELECT "users".* FROM "users" WHERE "users"."uid" = 'integration-uid' LIMIT 1
5281
+  (0.1ms) begin transaction
5282
+  (0.1ms) UPDATE "users" SET "permissions" = '---
5283
+ - signin
5284
+ ', "organisations" = '--- []
5285
+ ' WHERE "users"."id" = 11
5286
+  (3.8ms) commit transaction
5287
+  (0.0ms) begin transaction
5288
+  (0.1ms) UPDATE "users" SET "permissions" = '---
5289
+ - signin
5290
+ ', "organisations" = '--- []
5291
+ ' WHERE "users"."id" = 11
5292
+  (2.8ms) commit transaction
5293
+ Redirected to http://www.example-client.com/restricted
5294
+ Completed 302 Found in 18.0ms (ActiveRecord: 7.1ms)
5295
+ Started GET "/restricted" for 127.0.0.1 at 2013-10-31 15:52:14 +0000
5296
+ Processing by ExampleController#restricted as HTML
5297
+ User Load (0.1ms) SELECT "users".* FROM "users" WHERE "users"."uid" = 'integration-uid' LIMIT 1
5298
+ Completed 200 OK in 1.2ms (Views: 0.3ms | ActiveRecord: 0.1ms)
5299
+ Started GET "/restricted" for 127.0.0.1 at 2013-11-01 11:57:14 +0000
5300
+ Processing by ExampleController#restricted as HTML
5301
+ Authenticating with gds_sso strategy
5302
+ Completed in 0.2ms
5303
+ Started GET "/auth/gds" for 127.0.0.1 at 2013-11-01 11:57:14 +0000
5304
+ Started GET "/auth/gds/callback?code=536f958d99bc9df1cbb702a01aa39a7e98c3e681234e688b8a9bd5375f0d0b44&state=583ae1df19a5df870720b123cfbe98f59a032b2704abcfda" for 127.0.0.1 at 2013-11-01 11:57:14 +0000
5305
+ Processing by AuthenticationsController#callback as HTML
5306
+ Parameters: {"code"=>"536f958d99bc9df1cbb702a01aa39a7e98c3e681234e688b8a9bd5375f0d0b44", "state"=>"583ae1df19a5df870720b123cfbe98f59a032b2704abcfda"}
5307
+ Authenticating with gds_sso strategy
5308
+ User Load (0.2ms) SELECT "users".* FROM "users" WHERE "users"."uid" = 'integration-uid' LIMIT 1
5309
+  (0.0ms) begin transaction
5310
+  (0.2ms) UPDATE "users" SET "permissions" = '---
5311
+ - signin
5312
+ ', "organisations" = '--- []
5313
+ ' WHERE "users"."id" = 11
5314
+  (3.9ms) commit transaction
5315
+  (0.1ms) begin transaction
5316
+  (0.1ms) UPDATE "users" SET "permissions" = '---
5317
+ - signin
5318
+ ', "organisations" = '--- []
5319
+ ' WHERE "users"."id" = 11
5320
+  (2.8ms) commit transaction
5321
+ Redirected to http://www.example-client.com/restricted
5322
+ Completed 302 Found in 17.1ms (ActiveRecord: 7.3ms)
5323
+ Started GET "/restricted" for 127.0.0.1 at 2013-11-01 11:57:14 +0000
5324
+ Processing by ExampleController#restricted as HTML
5325
+ User Load (0.1ms) SELECT "users".* FROM "users" WHERE "users"."uid" = 'integration-uid' LIMIT 1
5326
+ Completed 200 OK in 1.0ms (Views: 0.2ms | ActiveRecord: 0.1ms)
5327
+ Started GET "/restricted" for 127.0.0.1 at 2013-10-31 15:52:14 +0000
5328
+ Processing by ExampleController#restricted as HTML
5329
+ Authenticating with gds_sso strategy
5330
+ Completed in 0.2ms
5331
+ Started GET "/auth/gds" for 127.0.0.1 at 2013-10-31 15:52:14 +0000
5332
+ Started GET "/auth/gds/callback?code=46612155324ea49e413f4d9a6cd7a669e947939b6e12aadddc1e7a3ba6a322b1&state=f9197ac3f652449ae8dbb58fbcc8cbcae63e80ee44934d26" for 127.0.0.1 at 2013-10-31 15:52:14 +0000
5333
+ Processing by AuthenticationsController#callback as HTML
5334
+ Parameters: {"code"=>"46612155324ea49e413f4d9a6cd7a669e947939b6e12aadddc1e7a3ba6a322b1", "state"=>"f9197ac3f652449ae8dbb58fbcc8cbcae63e80ee44934d26"}
5335
+ Authenticating with gds_sso strategy
5336
+ User Load (0.2ms) SELECT "users".* FROM "users" WHERE "users"."uid" = 'integration-uid' LIMIT 1
5337
+  (0.1ms) begin transaction
5338
+  (0.1ms) UPDATE "users" SET "permissions" = '---
5339
+ - signin
5340
+ ', "organisations" = '--- []
5341
+ ' WHERE "users"."id" = 11
5342
+  (3.8ms) commit transaction
5343
+  (0.0ms) begin transaction
5344
+  (0.1ms) UPDATE "users" SET "permissions" = '---
5345
+ - signin
5346
+ ', "organisations" = '--- []
5347
+ ' WHERE "users"."id" = 11
5348
+  (3.2ms) commit transaction
5349
+ Redirected to http://www.example-client.com/restricted
5350
+ Completed 302 Found in 18.3ms (ActiveRecord: 7.6ms)
5351
+ Started GET "/restricted" for 127.0.0.1 at 2013-10-31 15:52:14 +0000
5352
+ Processing by ExampleController#restricted as HTML
5353
+ User Load (0.1ms) SELECT "users".* FROM "users" WHERE "users"."uid" = 'integration-uid' LIMIT 1
5354
+ Completed 200 OK in 1.1ms (Views: 0.3ms | ActiveRecord: 0.1ms)
5355
+ Started GET "/restricted" for 127.0.0.1 at 2013-11-01 11:47:14 +0000
5356
+ Processing by ExampleController#restricted as HTML
5357
+ User Load (0.1ms) SELECT "users".* FROM "users" WHERE "users"."uid" = 'integration-uid' LIMIT 1
5358
+ Completed 200 OK in 0.9ms (Views: 0.2ms | ActiveRecord: 0.1ms)
5359
+ Started GET "/restricted" for 127.0.0.1 at 2013-10-31 15:52:14 +0000
5360
+ Processing by ExampleController#restricted as JSON
5361
+ Authenticating with gds_bearer_token strategy
5362
+ Completed in 6.7ms
5363
+ Started GET "/restricted" for 127.0.0.1 at 2013-10-31 15:52:15 +0000
5364
+ Processing by ExampleController#restricted as JSON
5365
+ Authenticating with gds_bearer_token strategy
5366
+ User Load (0.2ms) SELECT "users".* FROM "users" WHERE "users"."uid" = 'integration-uid' LIMIT 1
5367
+  (0.0ms) begin transaction
5368
+  (0.1ms) UPDATE "users" SET "permissions" = '---
5369
+ - signin
5370
+ ', "organisations" = '--- []
5371
+ ' WHERE "users"."id" = 11
5372
+  (3.5ms) commit transaction
5373
+  (0.0ms) begin transaction
5374
+  (0.1ms) UPDATE "users" SET "permissions" = '---
5375
+ - signin
5376
+ ', "organisations" = '--- []
5377
+ ' WHERE "users"."id" = 11
5378
+  (2.8ms) commit transaction
5379
+ Completed 200 OK in 38.6ms (Views: 0.2ms | ActiveRecord: 6.9ms)
5380
+ Started GET "/this_requires_signin_permission" for 127.0.0.1 at 2013-10-31 15:52:15 +0000
5381
+ Processing by ExampleController#this_requires_signin_permission as JSON
5382
+ Authenticating with gds_bearer_token strategy
5383
+ User Load (0.2ms) SELECT "users".* FROM "users" WHERE "users"."uid" = 'integration-uid' LIMIT 1
5384
+  (0.0ms) begin transaction
5385
+  (0.2ms) UPDATE "users" SET "permissions" = '---
5386
+ - signin
5387
+ ', "organisations" = '--- []
5388
+ ' WHERE "users"."id" = 11
5389
+  (3.5ms) commit transaction
5390
+  (0.0ms) begin transaction
5391
+  (0.1ms) UPDATE "users" SET "permissions" = '---
5392
+ - signin
5393
+ ', "organisations" = '--- []
5394
+ ' WHERE "users"."id" = 11
5395
+  (3.2ms) commit transaction
5396
+ Completed 200 OK in 42.7ms (Views: 0.2ms | ActiveRecord: 7.3ms)
5397
+ Connecting to database specified by database.yml
5398
+  (0.8ms) select sqlite_version(*)
5399
+  (34.6ms) DROP TABLE "users"
5400
+  (6.4ms) CREATE TABLE "users" ("id" INTEGER PRIMARY KEY AUTOINCREMENT NOT NULL, "name" varchar(255) NOT NULL, "uid" varchar(255) NOT NULL, "email" varchar(255) NOT NULL, "remotely_signed_out" boolean, "permissions" text, "organisations" text) 
5401
+  (0.1ms) begin transaction
5402
+ SQL (2.3ms) INSERT INTO "users" ("email", "name", "organisations", "permissions", "remotely_signed_out", "uid") VALUES (?, ?, ?, ?, ?, ?) [["email", "old@domain.com"], ["name", "Moshua Jarshall"], ["organisations", nil], ["permissions", "---\n- signin\n"], ["remotely_signed_out", nil], ["uid", "a1s2d32344"]]
5403
+  (4.0ms) commit transaction
5404
+  (0.1ms) begin transaction
5405
+ SQL (0.2ms) INSERT INTO "users" ("email", "name", "organisations", "permissions", "remotely_signed_out", "uid") VALUES (?, ?, ?, ?, ?, ?) [["email", "ssopushuser@legit.com"], ["name", "SSO Push user"], ["organisations", nil], ["permissions", "---\n- signin\n- user_update_permission\n"], ["remotely_signed_out", nil], ["uid", "a1s2d37414"]]
5406
+  (3.8ms) commit transaction
5407
+ WARNING: Can't mass-assign protected attributes: uid, name, permissions
5408
+ Processing by Api::UserController#update as HTML
5409
+ Parameters: {"uid"=>"a1s2d32344"}
5410
+ Rendered /home/jenkins/workspace/govuk_gds_sso/app/views/authorisations/unauthorised.html.erb within layouts/unauthorised (0.8ms)
5411
+ Completed 403 Forbidden in 6.6ms (Views: 5.9ms | ActiveRecord: 0.0ms)
5412
+  (0.1ms) begin transaction
5413
+ SQL (0.5ms) INSERT INTO "users" ("email", "name", "organisations", "permissions", "remotely_signed_out", "uid") VALUES (?, ?, ?, ?, ?, ?) [["email", "old@domain.com"], ["name", "Moshua Jarshall"], ["organisations", nil], ["permissions", "---\n- signin\n"], ["remotely_signed_out", nil], ["uid", "a1s2d35734"]]
5414
+  (3.9ms) commit transaction
5415
+  (0.0ms) begin transaction
5416
+ SQL (0.1ms) INSERT INTO "users" ("email", "name", "organisations", "permissions", "remotely_signed_out", "uid") VALUES (?, ?, ?, ?, ?, ?) [["email", "ssopushuser@legit.com"], ["name", "SSO Push user"], ["organisations", nil], ["permissions", "---\n- signin\n- user_update_permission\n"], ["remotely_signed_out", nil], ["uid", "a1s2d39966"]]
5417
+  (3.7ms) commit transaction
5418
+ Processing by Api::UserController#update as HTML
5419
+ Parameters: {"uid"=>"a1s2d35734"}
5420
+ User Load (0.2ms) SELECT "users".* FROM "users" WHERE "users"."uid" = 'a1s2d35734' LIMIT 1
5421
+  (0.0ms) begin transaction
5422
+  (0.2ms) UPDATE "users" SET "email" = 'user@domain.com', "name" = 'Joshua Marshall', "permissions" = '---
5423
+ - signin
5424
+ - new permission
5425
+ ', "organisations" = '---
5426
+ - justice-league
5427
+ ' WHERE "users"."id" = 3
5428
+  (4.0ms) commit transaction
5429
+ Completed 200 OK in 14.1ms (ActiveRecord: 4.4ms)
5430
+ User Load (0.2ms) SELECT "users".* FROM "users" WHERE "users"."id" = ? LIMIT 1 [["id", 3]]
5431
+  (0.1ms) begin transaction
5432
+ SQL (0.2ms) INSERT INTO "users" ("email", "name", "organisations", "permissions", "remotely_signed_out", "uid") VALUES (?, ?, ?, ?, ?, ?) [["email", "old@domain.com"], ["name", "Moshua Jarshall"], ["organisations", nil], ["permissions", "---\n- signin\n"], ["remotely_signed_out", nil], ["uid", "a1s2d38691"]]
5433
+  (3.8ms) commit transaction
5434
+  (0.0ms) begin transaction
5435
+ SQL (0.1ms) INSERT INTO "users" ("email", "name", "organisations", "permissions", "remotely_signed_out", "uid") VALUES (?, ?, ?, ?, ?, ?) [["email", "ssopushuser@legit.com"], ["name", "SSO Push user"], ["organisations", nil], ["permissions", "---\n- signin\n- user_update_permission\n"], ["remotely_signed_out", nil], ["uid", "a1s2d33567"]]
5436
+  (3.7ms) commit transaction
5437
+ WARNING: Can't mass-assign protected attributes: uid, name, permissions
5438
+ Processing by Api::UserController#reauth as HTML
5439
+ Parameters: {"uid"=>"a1s2d38691"}
5440
+ Completed 403 Forbidden in 1.7ms (Views: 1.0ms | ActiveRecord: 0.0ms)
5441
+  (0.1ms) begin transaction
5442
+ SQL (0.2ms) INSERT INTO "users" ("email", "name", "organisations", "permissions", "remotely_signed_out", "uid") VALUES (?, ?, ?, ?, ?, ?) [["email", "old@domain.com"], ["name", "Moshua Jarshall"], ["organisations", nil], ["permissions", "---\n- signin\n"], ["remotely_signed_out", nil], ["uid", "a1s2d35881"]]
5443
+  (4.4ms) commit transaction
5444
+  (0.0ms) begin transaction
5445
+ SQL (0.1ms) INSERT INTO "users" ("email", "name", "organisations", "permissions", "remotely_signed_out", "uid") VALUES (?, ?, ?, ?, ?, ?) [["email", "ssopushuser@legit.com"], ["name", "SSO Push user"], ["organisations", nil], ["permissions", "---\n- signin\n- user_update_permission\n"], ["remotely_signed_out", nil], ["uid", "a1s2d34835"]]
5446
+  (40.2ms) commit transaction
5447
+ Processing by Api::UserController#reauth as HTML
5448
+ Parameters: {"uid"=>"nonexistent-user"}
5449
+ User Load (0.2ms) SELECT "users".* FROM "users" WHERE "users"."uid" = 'nonexistent-user' LIMIT 1
5450
+ Completed 200 OK in 1.0ms (ActiveRecord: 0.2ms)
5451
+  (0.0ms) begin transaction
5452
+ SQL (0.2ms) INSERT INTO "users" ("email", "name", "organisations", "permissions", "remotely_signed_out", "uid") VALUES (?, ?, ?, ?, ?, ?) [["email", "old@domain.com"], ["name", "Moshua Jarshall"], ["organisations", nil], ["permissions", "---\n- signin\n"], ["remotely_signed_out", nil], ["uid", "a1s2d31514"]]
5453
+  (3.0ms) commit transaction
5454
+  (0.0ms) begin transaction
5455
+ SQL (0.2ms) INSERT INTO "users" ("email", "name", "organisations", "permissions", "remotely_signed_out", "uid") VALUES (?, ?, ?, ?, ?, ?) [["email", "ssopushuser@legit.com"], ["name", "SSO Push user"], ["organisations", nil], ["permissions", "---\n- signin\n- user_update_permission\n"], ["remotely_signed_out", nil], ["uid", "a1s2d36094"]]
5456
+  (3.0ms) commit transaction
5457
+ Processing by Api::UserController#reauth as HTML
5458
+ Parameters: {"uid"=>"a1s2d31514"}
5459
+ User Load (0.2ms) SELECT "users".* FROM "users" WHERE "users"."uid" = 'a1s2d31514' LIMIT 1
5460
+  (0.0ms) begin transaction
5461
+  (0.2ms) UPDATE "users" SET "remotely_signed_out" = 't', "permissions" = '---
5462
+ - signin
5463
+ ', "organisations" = '--- []
5464
+ ' WHERE "users"."id" = 9
5465
+  (3.6ms) commit transaction
5466
+ Completed 200 OK in 7.8ms (ActiveRecord: 3.9ms)
5467
+ User Load (0.1ms) SELECT "users".* FROM "users" WHERE "users"."id" = ? LIMIT 1 [["id", 9]]
5468
+ Started GET "/" for 127.0.0.1 at 2013-10-31 16:05:28 +0000
5469
+ Processing by ExampleController#index as HTML
5470
+ Completed 200 OK in 1.8ms (Views: 1.5ms | ActiveRecord: 0.0ms)
5471
+ Started GET "/restricted" for 127.0.0.1 at 2013-10-31 16:05:28 +0000
5472
+ Processing by ExampleController#restricted as HTML
5473
+ Authenticating with gds_sso strategy
5474
+ Completed in 2.6ms
5475
+ Started GET "/auth/gds" for 127.0.0.1 at 2013-10-31 16:05:28 +0000
5476
+ Started GET "/auth/gds/callback?code=1c62032084b8244625c9ec530b1aee653c634dc2f93c341ee87ac89df7733c44&state=66f8aae2e04b3847d6552c7d0cc1f4102ba247ab8b0d25a7" for 127.0.0.1 at 2013-10-31 16:05:29 +0000
5477
+ Processing by AuthenticationsController#callback as HTML
5478
+ Parameters: {"code"=>"1c62032084b8244625c9ec530b1aee653c634dc2f93c341ee87ac89df7733c44", "state"=>"66f8aae2e04b3847d6552c7d0cc1f4102ba247ab8b0d25a7"}
5479
+ Authenticating with gds_sso strategy
5480
+ User Load (0.2ms) SELECT "users".* FROM "users" WHERE "users"."uid" = 'integration-uid' LIMIT 1
5481
+  (0.1ms) begin transaction
5482
+ SQL (0.2ms) INSERT INTO "users" ("email", "name", "organisations", "permissions", "remotely_signed_out", "uid") VALUES (?, ?, ?, ?, ?, ?) [["email", "test@example-client.com"], ["name", "Test User"], ["organisations", "--- []\n"], ["permissions", "---\n- signin\n"], ["remotely_signed_out", nil], ["uid", "integration-uid"]]
5483
+  (4.5ms) commit transaction
5484
+  (0.0ms) begin transaction
5485
+  (0.1ms) UPDATE "users" SET "remotely_signed_out" = 'f', "permissions" = '---
5486
+ - signin
5487
+ ', "organisations" = '--- []
5488
+ ' WHERE "users"."id" = 11
5489
+  (3.2ms) commit transaction
5490
+ Redirected to http://www.example-client.com/restricted
5491
+ Completed 302 Found in 16.4ms (ActiveRecord: 8.2ms)
5492
+ Started GET "/restricted" for 127.0.0.1 at 2013-10-31 16:05:29 +0000
5493
+ Processing by ExampleController#restricted as HTML
5494
+ User Load (0.1ms) SELECT "users".* FROM "users" WHERE "users"."uid" = 'integration-uid' LIMIT 1
5495
+ Completed 200 OK in 1.2ms (Views: 0.4ms | ActiveRecord: 0.1ms)
5496
+ Started GET "/restricted" for 127.0.0.1 at 2013-10-31 16:05:29 +0000
5497
+ Processing by ExampleController#restricted as HTML
5498
+ Authenticating with gds_sso strategy
5499
+ Completed in 0.3ms
5500
+ Started GET "/auth/gds" for 127.0.0.1 at 2013-10-31 16:05:29 +0000
5501
+ Started GET "/auth/gds/callback?code=cb6515bf10f5eac28bae082284da1f22cf2017283e2dcf9f2b62bc7710970e9d&state=b7e6782b2faa7baf1b78a918aa32df707bee280235690ffe" for 127.0.0.1 at 2013-10-31 16:05:29 +0000
5502
+ Processing by AuthenticationsController#callback as HTML
5503
+ Parameters: {"code"=>"cb6515bf10f5eac28bae082284da1f22cf2017283e2dcf9f2b62bc7710970e9d", "state"=>"b7e6782b2faa7baf1b78a918aa32df707bee280235690ffe"}
5504
+ Authenticating with gds_sso strategy
5505
+ User Load (0.2ms) SELECT "users".* FROM "users" WHERE "users"."uid" = 'integration-uid' LIMIT 1
5506
+  (0.1ms) begin transaction
5507
+  (0.2ms) UPDATE "users" SET "permissions" = '---
5508
+ - signin
5509
+ ', "organisations" = '--- []
5510
+ ' WHERE "users"."id" = 11
5511
+  (5.2ms) commit transaction
5512
+  (0.0ms) begin transaction
5513
+  (0.2ms) UPDATE "users" SET "permissions" = '---
5514
+ - signin
5515
+ ', "organisations" = '--- []
5516
+ ' WHERE "users"."id" = 11
5517
+  (3.7ms) commit transaction
5518
+ Redirected to http://www.example-client.com/restricted
5519
+ Completed 302 Found in 21.1ms (ActiveRecord: 9.5ms)
5520
+ Started GET "/restricted" for 127.0.0.1 at 2013-10-31 16:05:29 +0000
5521
+ Processing by ExampleController#restricted as HTML
5522
+ User Load (0.1ms) SELECT "users".* FROM "users" WHERE "users"."uid" = 'integration-uid' LIMIT 1
5523
+ Completed 200 OK in 1.2ms (Views: 0.3ms | ActiveRecord: 0.1ms)
5524
+ Started GET "/restricted" for 127.0.0.1 at 2013-10-31 16:05:29 +0000
5525
+ Processing by ExampleController#restricted as HTML
5526
+ Authenticating with gds_sso strategy
5527
+ Completed in 0.2ms
5528
+ Started GET "/auth/gds" for 127.0.0.1 at 2013-10-31 16:05:29 +0000
5529
+ Started GET "/auth/gds/callback?code=e69eebf06bec82b8e4ad23e317973cce3be18d350988f2a127e6f10a0c671a95&state=9c0e6c19f456fb7360a20416ca42a53f28cbddd6c3fa9a48" for 127.0.0.1 at 2013-10-31 16:05:29 +0000
5530
+ Processing by AuthenticationsController#callback as HTML
5531
+ Parameters: {"code"=>"e69eebf06bec82b8e4ad23e317973cce3be18d350988f2a127e6f10a0c671a95", "state"=>"9c0e6c19f456fb7360a20416ca42a53f28cbddd6c3fa9a48"}
5532
+ Authenticating with gds_sso strategy
5533
+ User Load (0.2ms) SELECT "users".* FROM "users" WHERE "users"."uid" = 'integration-uid' LIMIT 1
5534
+  (0.0ms) begin transaction
5535
+  (0.2ms) UPDATE "users" SET "permissions" = '---
5536
+ - signin
5537
+ ', "organisations" = '--- []
5538
+ ' WHERE "users"."id" = 11
5539
+  (5.3ms) commit transaction
5540
+  (0.0ms) begin transaction
5541
+  (0.1ms) UPDATE "users" SET "permissions" = '---
5542
+ - signin
5543
+ ', "organisations" = '--- []
5544
+ ' WHERE "users"."id" = 11
5545
+  (4.3ms) commit transaction
5546
+ Redirected to http://www.example-client.com/restricted
5547
+ Completed 302 Found in 20.6ms (ActiveRecord: 10.1ms)
5548
+ Started GET "/restricted" for 127.0.0.1 at 2013-10-31 16:05:29 +0000
5549
+ Processing by ExampleController#restricted as HTML
5550
+ User Load (0.1ms) SELECT "users".* FROM "users" WHERE "users"."uid" = 'integration-uid' LIMIT 1
5551
+ Completed 200 OK in 1.1ms (Views: 0.3ms | ActiveRecord: 0.1ms)
5552
+ Started GET "/this_requires_signin_permission" for 127.0.0.1 at 2013-10-31 16:05:30 +0000
5553
+ Processing by ExampleController#this_requires_signin_permission as HTML
5554
+ Authenticating with gds_sso strategy
5555
+ Completed in 0.8ms
5556
+ Started GET "/auth/gds" for 127.0.0.1 at 2013-10-31 16:05:30 +0000
5557
+ Started GET "/auth/gds/callback?code=b1e31468ecb01c7481fa0018933c9590a0a5f434962063289e3a96d89ba4d40c&state=a9faa44665e6a90b81f50b598dfb4e9d26cfa777dbd54f00" for 127.0.0.1 at 2013-10-31 16:05:30 +0000
5558
+ Processing by AuthenticationsController#callback as HTML
5559
+ Parameters: {"code"=>"b1e31468ecb01c7481fa0018933c9590a0a5f434962063289e3a96d89ba4d40c", "state"=>"a9faa44665e6a90b81f50b598dfb4e9d26cfa777dbd54f00"}
5560
+ Authenticating with gds_sso strategy
5561
+ User Load (0.2ms) SELECT "users".* FROM "users" WHERE "users"."uid" = 'integration-uid' LIMIT 1
5562
+  (0.1ms) begin transaction
5563
+  (0.2ms) UPDATE "users" SET "permissions" = '---
5564
+ - signin
5565
+ ', "organisations" = '--- []
5566
+ ' WHERE "users"."id" = 11
5567
+  (5.1ms) commit transaction
5568
+  (0.0ms) begin transaction
5569
+  (0.1ms) UPDATE "users" SET "permissions" = '---
5570
+ - signin
5571
+ ', "organisations" = '--- []
5572
+ ' WHERE "users"."id" = 11
5573
+  (4.0ms) commit transaction
5574
+ Redirected to http://www.example-client.com/this_requires_signin_permission
5575
+ Completed 302 Found in 21.3ms (ActiveRecord: 9.8ms)
5576
+ Started GET "/this_requires_signin_permission" for 127.0.0.1 at 2013-10-31 16:05:30 +0000
5577
+ Processing by ExampleController#this_requires_signin_permission as HTML
5578
+ User Load (0.2ms) SELECT "users".* FROM "users" WHERE "users"."uid" = 'integration-uid' LIMIT 1
5579
+ Completed 200 OK in 3.1ms (Views: 0.4ms | ActiveRecord: 0.2ms)
5580
+ Started GET "/this_requires_signin_permission" for 127.0.0.1 at 2013-10-31 16:05:30 +0000
5581
+ Processing by ExampleController#this_requires_signin_permission as HTML
5582
+ Authenticating with gds_sso strategy
5583
+ Completed in 0.2ms
5584
+ Started GET "/auth/gds" for 127.0.0.1 at 2013-10-31 16:05:30 +0000
5585
+ Started GET "/auth/gds/callback?code=386e52c1e23c30e200df0b16597864710bb1d1c7c060d59ada2fcc0069ed4ce5&state=7a790232602701f44962d30f2b396a1aadedab8921ec7ec0" for 127.0.0.1 at 2013-10-31 16:05:30 +0000
5586
+ Processing by AuthenticationsController#callback as HTML
5587
+ Parameters: {"code"=>"386e52c1e23c30e200df0b16597864710bb1d1c7c060d59ada2fcc0069ed4ce5", "state"=>"7a790232602701f44962d30f2b396a1aadedab8921ec7ec0"}
5588
+ Authenticating with gds_sso strategy
5589
+ User Load (0.2ms) SELECT "users".* FROM "users" WHERE "users"."uid" = 'integration-uid' LIMIT 1
5590
+  (0.1ms) begin transaction
5591
+  (0.2ms) UPDATE "users" SET "permissions" = '---
5592
+ - signin
5593
+ ', "organisations" = '--- []
5594
+ ' WHERE "users"."id" = 11
5595
+  (5.7ms) commit transaction
5596
+  (0.0ms) begin transaction
5597
+  (0.2ms) UPDATE "users" SET "permissions" = '---
5598
+ - signin
5599
+ ', "organisations" = '--- []
5600
+ ' WHERE "users"."id" = 11
5601
+  (4.0ms) commit transaction
5602
+ Redirected to http://www.example-client.com/this_requires_signin_permission
5603
+ Completed 302 Found in 21.0ms (ActiveRecord: 10.4ms)
5604
+ Started GET "/this_requires_signin_permission" for 127.0.0.1 at 2013-10-31 16:05:30 +0000
5605
+ Processing by ExampleController#this_requires_signin_permission as HTML
5606
+ User Load (0.1ms) SELECT "users".* FROM "users" WHERE "users"."uid" = 'integration-uid' LIMIT 1
5607
+ Completed 200 OK in 2.7ms (Views: 0.3ms | ActiveRecord: 0.1ms)
5608
+ Started GET "/restricted" for 127.0.0.1 at 2013-10-31 16:05:30 +0000
5609
+ Processing by ExampleController#restricted as HTML
5610
+ Authenticating with gds_sso strategy
5611
+ Completed in 0.2ms
5612
+ Started GET "/auth/gds" for 127.0.0.1 at 2013-10-31 16:05:30 +0000
5613
+ Started GET "/auth/gds/callback?code=70beb55f70ac04ac21ef4a183418280ea46056270b3cd041ae86e186695a62e8&state=544b67a14f017575c36f5861e8cb8c6c17967ae57c76ce43" for 127.0.0.1 at 2013-10-31 16:05:30 +0000
5614
+ Processing by AuthenticationsController#callback as HTML
5615
+ Parameters: {"code"=>"70beb55f70ac04ac21ef4a183418280ea46056270b3cd041ae86e186695a62e8", "state"=>"544b67a14f017575c36f5861e8cb8c6c17967ae57c76ce43"}
5616
+ Authenticating with gds_sso strategy
5617
+ User Load (0.2ms) SELECT "users".* FROM "users" WHERE "users"."uid" = 'integration-uid' LIMIT 1
5618
+  (0.1ms) begin transaction
5619
+  (0.2ms) UPDATE "users" SET "permissions" = '---
5620
+ - signin
5621
+ ', "organisations" = '--- []
5622
+ ' WHERE "users"."id" = 11
5623
+  (6.6ms) commit transaction
5624
+  (0.1ms) begin transaction
5625
+  (0.2ms) UPDATE "users" SET "permissions" = '---
5626
+ - signin
5627
+ ', "organisations" = '--- []
5628
+ ' WHERE "users"."id" = 11
5629
+  (3.7ms) commit transaction
5630
+ Redirected to http://www.example-client.com/restricted
5631
+ Completed 302 Found in 23.0ms (ActiveRecord: 11.0ms)
5632
+ Started GET "/restricted" for 127.0.0.1 at 2013-10-31 16:05:30 +0000
5633
+ Processing by ExampleController#restricted as HTML
5634
+ User Load (0.1ms) SELECT "users".* FROM "users" WHERE "users"."uid" = 'integration-uid' LIMIT 1
5635
+ Completed 200 OK in 1.2ms (Views: 0.4ms | ActiveRecord: 0.1ms)
5636
+ User Load (0.1ms) SELECT "users".* FROM "users" WHERE "users"."uid" = 'integration-uid' LIMIT 1
5637
+  (0.0ms) begin transaction
5638
+  (0.2ms) UPDATE "users" SET "remotely_signed_out" = 't', "permissions" = '---
5639
+ - signin
5640
+ ', "organisations" = '--- []
5641
+ ' WHERE "users"."id" = 11
5642
+  (4.4ms) commit transaction
5643
+ Started GET "/restricted" for 127.0.0.1 at 2013-10-31 16:05:31 +0000
5644
+ Processing by ExampleController#restricted as HTML
5645
+ User Load (0.1ms) SELECT "users".* FROM "users" WHERE "users"."uid" = 'integration-uid' LIMIT 1
5646
+ Filter chain halted as :authenticate_user! rendered or redirected
5647
+ Completed 403 Forbidden in 3.0ms (Views: 2.0ms | ActiveRecord: 0.1ms)
5648
+ Started GET "/auth/gds/sign_out" for 127.0.0.1 at 2013-10-31 16:05:31 +0000
5649
+ Processing by AuthenticationsController#sign_out as HTML
5650
+ Redirected to http://localhost:4567/users/sign_out
5651
+ Completed 302 Found in 0.5ms (ActiveRecord: 0.0ms)
5652
+ Started GET "/restricted" for 127.0.0.1 at 2013-10-31 16:05:31 +0000
5653
+ Processing by ExampleController#restricted as HTML
5654
+ Authenticating with gds_sso strategy
5655
+ Completed in 0.2ms
5656
+ Started GET "/auth/gds" for 127.0.0.1 at 2013-10-31 16:05:31 +0000
5657
+ Started GET "/auth/gds/callback?code=382f4ac231619f9e60e8b34fc08c6504a1a3aa49c4d7bb5c36ec7f079b4b721b&state=9c230d76cfd2c9f60c7e1f9f6683a58b1b6062b4810709f2" for 127.0.0.1 at 2013-10-31 16:05:31 +0000
5658
+ Processing by AuthenticationsController#callback as HTML
5659
+ Parameters: {"code"=>"382f4ac231619f9e60e8b34fc08c6504a1a3aa49c4d7bb5c36ec7f079b4b721b", "state"=>"9c230d76cfd2c9f60c7e1f9f6683a58b1b6062b4810709f2"}
5660
+ Authenticating with gds_sso strategy
5661
+ User Load (0.2ms) SELECT "users".* FROM "users" WHERE "users"."uid" = 'integration-uid' LIMIT 1
5662
+  (0.0ms) begin transaction
5663
+  (0.2ms) UPDATE "users" SET "permissions" = '---
5664
+ - signin
5665
+ ', "organisations" = '--- []
5666
+ ' WHERE "users"."id" = 11
5667
+  (7.1ms) commit transaction
5668
+  (0.1ms) begin transaction
5669
+  (0.2ms) UPDATE "users" SET "remotely_signed_out" = 'f', "permissions" = '---
5670
+ - signin
5671
+ ', "organisations" = '--- []
5672
+ ' WHERE "users"."id" = 11
5673
+  (4.8ms) commit transaction
5674
+ Redirected to http://www.example-client.com/restricted
5675
+ Completed 302 Found in 23.5ms (ActiveRecord: 12.5ms)
5676
+ Started GET "/restricted" for 127.0.0.1 at 2013-10-31 16:05:31 +0000
5677
+ Processing by ExampleController#restricted as HTML
5678
+ User Load (0.1ms) SELECT "users".* FROM "users" WHERE "users"."uid" = 'integration-uid' LIMIT 1
5679
+ Completed 200 OK in 1.1ms (Views: 0.3ms | ActiveRecord: 0.1ms)
5680
+ Started GET "/restricted" for 127.0.0.1 at 2013-10-31 16:05:31 +0000
5681
+ Processing by ExampleController#restricted as HTML
5682
+ Authenticating with gds_sso strategy
5683
+ Completed in 0.2ms
5684
+ Started GET "/auth/gds" for 127.0.0.1 at 2013-10-31 16:05:31 +0000
5685
+ Started GET "/auth/gds/callback?code=56db0a87c01b2eb44cbe03164eb62d25356b7274ece2816a2a469bb4e2eeee5a&state=b16d66bc2f497c0a4a7201f8b060079d83c99af8968ff2c8" for 127.0.0.1 at 2013-10-31 16:05:31 +0000
5686
+ Processing by AuthenticationsController#callback as HTML
5687
+ Parameters: {"code"=>"56db0a87c01b2eb44cbe03164eb62d25356b7274ece2816a2a469bb4e2eeee5a", "state"=>"b16d66bc2f497c0a4a7201f8b060079d83c99af8968ff2c8"}
5688
+ Authenticating with gds_sso strategy
5689
+ User Load (0.2ms) SELECT "users".* FROM "users" WHERE "users"."uid" = 'integration-uid' LIMIT 1
5690
+  (0.1ms) begin transaction
5691
+  (0.2ms) UPDATE "users" SET "permissions" = '---
5692
+ - signin
5693
+ ', "organisations" = '--- []
5694
+ ' WHERE "users"."id" = 11
5695
+  (8.2ms) commit transaction
5696
+  (0.1ms) begin transaction
5697
+  (0.2ms) UPDATE "users" SET "permissions" = '---
5698
+ - signin
5699
+ ', "organisations" = '--- []
5700
+ ' WHERE "users"."id" = 11
5701
+  (6.3ms) commit transaction
5702
+ Redirected to http://www.example-client.com/restricted
5703
+ Completed 302 Found in 27.3ms (ActiveRecord: 15.2ms)
5704
+ Started GET "/restricted" for 127.0.0.1 at 2013-10-31 16:05:31 +0000
5705
+ Processing by ExampleController#restricted as HTML
5706
+ User Load (0.2ms) SELECT "users".* FROM "users" WHERE "users"."uid" = 'integration-uid' LIMIT 1
5707
+ Completed 200 OK in 1.3ms (Views: 0.4ms | ActiveRecord: 0.2ms)
5708
+ Started GET "/restricted" for 127.0.0.1 at 2013-11-01 12:10:31 +0000
5709
+ Processing by ExampleController#restricted as HTML
5710
+ Authenticating with gds_sso strategy
5711
+ Completed in 0.3ms
5712
+ Started GET "/auth/gds" for 127.0.0.1 at 2013-11-01 12:10:31 +0000
5713
+ Started GET "/auth/gds/callback?code=c3cd0659f1d34682397627d1fdc06626355edcaca5268e7c7ce847f1ae021f6d&state=fda5e234204b0eec844bf791e4a8921926fce92207ac63a6" for 127.0.0.1 at 2013-11-01 12:10:31 +0000
5714
+ Processing by AuthenticationsController#callback as HTML
5715
+ Parameters: {"code"=>"c3cd0659f1d34682397627d1fdc06626355edcaca5268e7c7ce847f1ae021f6d", "state"=>"fda5e234204b0eec844bf791e4a8921926fce92207ac63a6"}
5716
+ Authenticating with gds_sso strategy
5717
+ User Load (0.2ms) SELECT "users".* FROM "users" WHERE "users"."uid" = 'integration-uid' LIMIT 1
5718
+  (0.1ms) begin transaction
5719
+  (0.2ms) UPDATE "users" SET "permissions" = '---
5720
+ - signin
5721
+ ', "organisations" = '--- []
5722
+ ' WHERE "users"."id" = 11
5723
+  (9.1ms) commit transaction
5724
+  (0.1ms) begin transaction
5725
+  (0.2ms) UPDATE "users" SET "permissions" = '---
5726
+ - signin
5727
+ ', "organisations" = '--- []
5728
+ ' WHERE "users"."id" = 11
5729
+  (5.0ms) commit transaction
5730
+ Redirected to http://www.example-client.com/restricted
5731
+ Completed 302 Found in 25.5ms (ActiveRecord: 14.8ms)
5732
+ Started GET "/restricted" for 127.0.0.1 at 2013-11-01 12:10:31 +0000
5733
+ Processing by ExampleController#restricted as HTML
5734
+ User Load (0.2ms) SELECT "users".* FROM "users" WHERE "users"."uid" = 'integration-uid' LIMIT 1
5735
+ Completed 200 OK in 1.2ms (Views: 0.2ms | ActiveRecord: 0.2ms)
5736
+ Started GET "/restricted" for 127.0.0.1 at 2013-10-31 16:05:31 +0000
5737
+ Processing by ExampleController#restricted as HTML
5738
+ Authenticating with gds_sso strategy
5739
+ Completed in 0.2ms
5740
+ Started GET "/auth/gds" for 127.0.0.1 at 2013-10-31 16:05:31 +0000
5741
+ Started GET "/auth/gds/callback?code=09e4b9e898446807d3195e8f82fd447462fb5063f76cf8c534f27b9d246a4626&state=c54b2f84c9a7feeeb51261860ef10a5c89357c3e616d735f" for 127.0.0.1 at 2013-10-31 16:05:32 +0000
5742
+ Processing by AuthenticationsController#callback as HTML
5743
+ Parameters: {"code"=>"09e4b9e898446807d3195e8f82fd447462fb5063f76cf8c534f27b9d246a4626", "state"=>"c54b2f84c9a7feeeb51261860ef10a5c89357c3e616d735f"}
5744
+ Authenticating with gds_sso strategy
5745
+ User Load (0.2ms) SELECT "users".* FROM "users" WHERE "users"."uid" = 'integration-uid' LIMIT 1
5746
+  (0.1ms) begin transaction
5747
+  (0.2ms) UPDATE "users" SET "permissions" = '---
5748
+ - signin
5749
+ ', "organisations" = '--- []
5750
+ ' WHERE "users"."id" = 11
5751
+  (4.3ms) commit transaction
5752
+  (0.0ms) begin transaction
5753
+  (0.2ms) UPDATE "users" SET "permissions" = '---
5754
+ - signin
5755
+ ', "organisations" = '--- []
5756
+ ' WHERE "users"."id" = 11
5757
+  (3.2ms) commit transaction
5758
+ Redirected to http://www.example-client.com/restricted
5759
+ Completed 302 Found in 19.8ms (ActiveRecord: 8.1ms)
5760
+ Started GET "/restricted" for 127.0.0.1 at 2013-10-31 16:05:32 +0000
5761
+ Processing by ExampleController#restricted as HTML
5762
+ User Load (0.2ms) SELECT "users".* FROM "users" WHERE "users"."uid" = 'integration-uid' LIMIT 1
5763
+ Completed 200 OK in 1.3ms (Views: 0.3ms | ActiveRecord: 0.2ms)
5764
+ Started GET "/restricted" for 127.0.0.1 at 2013-11-01 12:00:32 +0000
5765
+ Processing by ExampleController#restricted as HTML
5766
+ User Load (0.1ms) SELECT "users".* FROM "users" WHERE "users"."uid" = 'integration-uid' LIMIT 1
5767
+ Completed 200 OK in 1.0ms (Views: 0.2ms | ActiveRecord: 0.1ms)
5768
+ Started GET "/restricted" for 127.0.0.1 at 2013-10-31 16:05:32 +0000
5769
+ Processing by ExampleController#restricted as JSON
5770
+ Authenticating with gds_bearer_token strategy
5771
+ Completed in 7.3ms
5772
+ Started GET "/restricted" for 127.0.0.1 at 2013-10-31 16:05:32 +0000
5773
+ Processing by ExampleController#restricted as JSON
5774
+ Authenticating with gds_bearer_token strategy
5775
+ User Load (0.2ms) SELECT "users".* FROM "users" WHERE "users"."uid" = 'integration-uid' LIMIT 1
5776
+  (0.1ms) begin transaction
5777
+  (0.2ms) UPDATE "users" SET "permissions" = '---
5778
+ - signin
5779
+ ', "organisations" = '--- []
5780
+ ' WHERE "users"."id" = 11
5781
+  (5.5ms) commit transaction
5782
+  (0.1ms) begin transaction
5783
+  (0.2ms) UPDATE "users" SET "permissions" = '---
5784
+ - signin
5785
+ ', "organisations" = '--- []
5786
+ ' WHERE "users"."id" = 11
5787
+  (3.4ms) commit transaction
5788
+ Completed 200 OK in 45.5ms (Views: 0.3ms | ActiveRecord: 9.8ms)
5789
+ Started GET "/this_requires_signin_permission" for 127.0.0.1 at 2013-10-31 16:05:32 +0000
5790
+ Processing by ExampleController#this_requires_signin_permission as JSON
5791
+ Authenticating with gds_bearer_token strategy
5792
+ User Load (0.2ms) SELECT "users".* FROM "users" WHERE "users"."uid" = 'integration-uid' LIMIT 1
5793
+  (0.0ms) begin transaction
5794
+  (0.2ms) UPDATE "users" SET "permissions" = '---
5795
+ - signin
5796
+ ', "organisations" = '--- []
5797
+ ' WHERE "users"."id" = 11
5798
+  (11.3ms) commit transaction
5799
+  (0.1ms) begin transaction
5800
+  (0.2ms) UPDATE "users" SET "permissions" = '---
5801
+ - signin
5802
+ ', "organisations" = '--- []
5803
+ ' WHERE "users"."id" = 11
5804
+  (3.2ms) commit transaction
5805
+ Completed 200 OK in 52.9ms (Views: 0.2ms | ActiveRecord: 15.2ms)
data/test/user_test.rb CHANGED
@@ -8,12 +8,12 @@ class TestUser < Test::Unit::TestCase
8
8
  'uid' => 'abcde',
9
9
  'credentials' => {'token' => 'abcdefg', 'secret' => 'abcdefg'},
10
10
  'info' => {'name' => 'Matt Patterson', 'email' => 'matt@alphagov.co.uk'},
11
- 'extra' => {'user' => {'permissions' => []}}
11
+ 'extra' => {'user' => {'permissions' => [], 'organisations' => []}}
12
12
  }
13
13
  end
14
14
 
15
15
  def test_user_params_creation
16
- expected = {'uid' => 'abcde', 'name' => 'Matt Patterson', 'email' => 'matt@alphagov.co.uk', "permissions" => []}
16
+ expected = {'uid' => 'abcde', 'name' => 'Matt Patterson', 'email' => 'matt@alphagov.co.uk', "permissions" => [], "organisations" => []}
17
17
  assert_equal expected, GDS::SSO::User.user_params_from_auth_hash(@auth_hash)
18
18
  end
19
- end
19
+ end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: gds-sso
3
3
  version: !ruby/object:Gem::Version
4
- version: 4.0.0
4
+ version: 5.0.0
5
5
  prerelease:
6
6
  platform: ruby
7
7
  authors:
@@ -49,17 +49,17 @@ dependencies:
49
49
  requirement: !ruby/object:Gem::Requirement
50
50
  none: false
51
51
  requirements:
52
- - - ~>
52
+ - - ! '>='
53
53
  - !ruby/object:Gem::Version
54
- version: 0.0.3
54
+ version: 1.0.0
55
55
  type: :runtime
56
56
  prerelease: false
57
57
  version_requirements: !ruby/object:Gem::Requirement
58
58
  none: false
59
59
  requirements:
60
- - - ~>
60
+ - - ! '>='
61
61
  - !ruby/object:Gem::Version
62
- version: 0.0.3
62
+ version: 1.0.0
63
63
  - !ruby/object:Gem::Dependency
64
64
  name: rack-accept
65
65
  requirement: !ruby/object:Gem::Requirement
@@ -315,7 +315,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
315
315
  version: '0'
316
316
  segments:
317
317
  - 0
318
- hash: -3519837502807078883
318
+ hash: -2714081135888151855
319
319
  required_rubygems_version: !ruby/object:Gem::Requirement
320
320
  none: false
321
321
  requirements:
@@ -324,7 +324,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
324
324
  version: '0'
325
325
  segments:
326
326
  - 0
327
- hash: -3519837502807078883
327
+ hash: -2714081135888151855
328
328
  requirements: []
329
329
  rubyforge_project: gds-sso
330
330
  rubygems_version: 1.8.23