knock 1.5 → 2.0

data/test/dummy/test/controllers/admin_token_controller_test.rb

@@ -6,17 +6,17 @@ class AdminTokenControllerTest < ActionController::TestCase
   end
 
   test "responds with 404 if user does not exist" do
-    post :create, auth: { email: 'wrong@example.net', password: '' }
+    post :create, params: {auth: { email: 'wrong@example.net', password: '' }}
     assert_response :not_found
   end
 
   test "responds with 404 if password is invalid" do
-    post :create, auth: { email: @admin.email, password: 'wrong' }
+    post :create, params: {auth: { email: @admin.email, password: 'wrong' }}
     assert_response :not_found
   end
 
   test "responds with 201" do
-    post :create, auth: { email: @admin.email, password: 'secret' }
+    post :create, params: {auth: { email: @admin.email, password: 'secret' }}
     assert_response :created
   end
 end

data/test/dummy/test/controllers/current_users_controller_test.rb

@@ -20,4 +20,12 @@ class CurrentUsersControllerTest < ActionController::TestCase
     get :show
     assert_response :success
   end
+
+  # Run this test twice to validate that it still works
+  # when the getter method has already been defined.
+  test "responds with 200 #2" do
+    authenticate
+    get :show
+    assert_response :success
+  end
 end

data/test/dummy/test/controllers/custom_unauthorized_entity_controller_test.rb

@@ -0,0 +1,42 @@
+require 'test_helper'
+
+class CustomUnauthorizedEntityControllerTest < ActionController::TestCase
+  def valid_auth
+    @user = users(:one)
+    @token = Knock::AuthToken.new(payload: { sub: @user.id }).token
+    @request.env['HTTP_AUTHORIZATION'] = "Bearer #{@token}"
+  end
+
+  def invalid_token_auth
+    @token = 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9'
+    @request.env['HTTP_AUTHORIZATION'] = "Bearer #{@token}"
+  end
+
+  def invalid_entity_auth
+    @token = Knock::AuthToken.new(payload: { sub: 0 }).token
+    @request.env['HTTP_AUTHORIZATION'] = "Bearer #{@token}"
+  end
+
+  test "responds with not found" do
+    get :index
+    assert_response :not_found
+  end
+
+  test "responds with not found to invalid token" do
+    invalid_token_auth
+    get :index
+    assert_response :not_found
+  end
+
+  test "responds with not found to invalid entity" do
+    invalid_entity_auth
+    get :index
+    assert_response :not_found
+  end
+
+  test "responds with success if authenticated" do
+    valid_auth
+    get :index
+    assert_response :success
+  end
+end

data/test/dummy/test/controllers/protected_resources_controller_test.rb

@@ -28,12 +28,12 @@ class ProtectedResourcesControllerTest < ActionController::TestCase
   end
 
   test "responds with success with token in url" do
-    get :index, token: @token
+    get :index, params: {token: @token}
     assert_response :success
   end
 
   test "responds with unauthorized with invalid token in url" do
-    get :index, token: "invalid"
+    get :index, params: {token: "invalid"}
     assert_response :unauthorized
   end
 

data/test/dummy/test/controllers/vendor_protected_controller_test.rb

@@ -49,7 +49,7 @@ class VendorProtectedControllerTest < ActionController::TestCase
 
   test "raises method missing error appropriately" do
     assert_raises(NoMethodError) do
-      get :show, id: 1
+      get :show, params: {id: 1}
     end
   end
 end

data/test/dummy/test/controllers/vendor_token_controller_test.rb

@@ -6,17 +6,17 @@ class VendorTokenControllerTest < ActionController::TestCase
   end
 
   test "responds with 404 if user does not exist" do
-    post :create, auth: { email: 'wrong@example.net', password: '' }
+    post :create, params: {auth: { email: 'wrong@example.net', password: '' }}
     assert_response :not_found
   end
 
   test "responds with 404 if password is invalid" do
-    post :create, auth: { email: @vendor.email, password: 'wrong' }
+    post :create, params: {auth: { email: @vendor.email, password: 'wrong' }}
     assert_response :not_found
   end
 
   test "responds with 201" do
-    post :create, auth: { email: @vendor.email, password: 'secret' }
+    post :create, params: {auth: { email: @vendor.email, password: 'secret' }}
     assert_response :created
   end
 end

data/test/model/knock/auth_token_test.rb

@@ -41,7 +41,6 @@ module Knock
 
     test "verify audience when token_audience is present" do
       Knock.token_audience = -> { 'bar' }
-      key = Knock.token_secret_signature_key.call
 
       assert_raises(JWT::InvalidAudError) {
         AuthToken.new token: @token

data/test/tmp/config/initializers/knock.rb

@@ -0,0 +1,59 @@
+Knock.setup do |config|
+
+  ## Expiration claim
+  ## ----------------
+  ##
+  ## How long before a token is expired. If nil is provided, token will
+  ## last forever.
+  ##
+  ## Default:
+  # config.token_lifetime = 1.day
+
+
+  ## Audience claim
+  ## --------------
+  ##
+  ## Configure the audience claim to identify the recipients that the token
+  ## is intended for.
+  ##
+  ## Default:
+  # config.token_audience = nil
+
+  ## If using Auth0, uncomment the line below
+  # config.token_audience = -> { Rails.application.secrets.auth0_client_id }
+
+  ## Signature algorithm
+  ## -------------------
+  ##
+  ## Configure the algorithm used to encode the token
+  ##
+  ## Default:
+  # config.token_signature_algorithm = 'HS256'
+
+  ## Signature key
+  ## -------------
+  ##
+  ## Configure the key used to sign tokens.
+  ##
+  ## Default:
+  # config.token_secret_signature_key = -> { Rails.application.secrets.secret_key_base }
+
+  ## If using Auth0, uncomment the line below
+  # config.token_secret_signature_key = -> { JWT.base64url_decode Rails.application.secrets.auth0_client_secret }
+
+  ## Public key
+  ## ----------
+  ##
+  ## Configure the public key used to decode tokens, if required.
+  ##
+  ## Default:
+  # config.token_public_key = nil
+
+  ## Exception Class
+  ## ---------------
+  ##
+  ## Configure the exception to be used when user cannot be found.
+  ##
+  ## Default:
+  # config.not_found_exception_class_name = 'ActiveRecord::RecordNotFound'
+end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: knock
 version: !ruby/object:Gem::Version
-  version: '1.5'
+  version: '2.0'
 platform: ruby
 authors:
 - Arnaud MESUREUR
@@ -9,7 +9,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2016-05-29 00:00:00.000000000 Z
+date: 2016-10-23 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails
@@ -103,7 +103,6 @@ files:
 - lib/knock/engine.rb
 - lib/knock/version.rb
 - lib/tasks/knock_tasks.rake
-- test/controllers/knock/auth_token_controller_test.rb
 - test/dummy/README.rdoc
 - test/dummy/Rakefile
 - test/dummy/app/assets/javascripts/application.js
@@ -113,6 +112,7 @@ files:
 - test/dummy/app/controllers/application_controller.rb
 - test/dummy/app/controllers/composite_name_entity_protected_controller.rb
 - test/dummy/app/controllers/current_users_controller.rb
+- test/dummy/app/controllers/custom_unauthorized_entity_controller.rb
 - test/dummy/app/controllers/protected_resources_controller.rb
 - test/dummy/app/controllers/vendor_protected_controller.rb
 - test/dummy/app/controllers/vendor_token_controller.rb
@@ -161,6 +161,7 @@ files:
 - test/dummy/test/controllers/admin_token_controller_test.rb
 - test/dummy/test/controllers/composite_name_entity_protected_controller_test.rb
 - test/dummy/test/controllers/current_users_controller_test.rb
+- test/dummy/test/controllers/custom_unauthorized_entity_controller_test.rb
 - test/dummy/test/controllers/protected_resources_controller_test.rb
 - test/dummy/test/controllers/vendor_protected_controller_test.rb
 - test/dummy/test/controllers/vendor_token_controller_test.rb
@@ -177,11 +178,7 @@ files:
 - test/model/knock/auth_token_test.rb
 - test/support/generators_test_helper.rb
 - test/test_helper.rb
-- test/tmp/app/controllers/admin_token_controller.rb
-- test/tmp/app/controllers/admin_user_token_controller.rb
-- test/tmp/app/controllers/user_admin_token_controller.rb
-- test/tmp/app/controllers/user_token_controller.rb
-- test/tmp/config/routes.rb
+- test/tmp/config/initializers/knock.rb
 homepage: https://github.com/nsarno/knock
 licenses:
 - MIT
@@ -207,7 +204,6 @@ signing_key:
 specification_version: 4
 summary: Seamless JWT authentication for Rails API.
 test_files:
-- test/controllers/knock/auth_token_controller_test.rb
 - test/dummy/README.rdoc
 - test/dummy/Rakefile
 - test/dummy/app/assets/javascripts/application.js
@@ -217,6 +213,7 @@ test_files:
 - test/dummy/app/controllers/application_controller.rb
 - test/dummy/app/controllers/composite_name_entity_protected_controller.rb
 - test/dummy/app/controllers/current_users_controller.rb
+- test/dummy/app/controllers/custom_unauthorized_entity_controller.rb
 - test/dummy/app/controllers/protected_resources_controller.rb
 - test/dummy/app/controllers/vendor_protected_controller.rb
 - test/dummy/app/controllers/vendor_token_controller.rb
@@ -265,6 +262,7 @@ test_files:
 - test/dummy/test/controllers/admin_token_controller_test.rb
 - test/dummy/test/controllers/composite_name_entity_protected_controller_test.rb
 - test/dummy/test/controllers/current_users_controller_test.rb
+- test/dummy/test/controllers/custom_unauthorized_entity_controller_test.rb
 - test/dummy/test/controllers/protected_resources_controller_test.rb
 - test/dummy/test/controllers/vendor_protected_controller_test.rb
 - test/dummy/test/controllers/vendor_token_controller_test.rb
@@ -281,8 +279,4 @@ test_files:
 - test/model/knock/auth_token_test.rb
 - test/support/generators_test_helper.rb
 - test/test_helper.rb
-- test/tmp/config/routes.rb
-- test/tmp/app/controllers/user_token_controller.rb
-- test/tmp/app/controllers/admin_token_controller.rb
-- test/tmp/app/controllers/admin_user_token_controller.rb
-- test/tmp/app/controllers/user_admin_token_controller.rb
+- test/tmp/config/initializers/knock.rb

data/test/controllers/knock/auth_token_controller_test.rb

@@ -1,39 +0,0 @@
-require 'test_helper'
-
-module Knock
-  class AuthTokenControllerTest < ActionController::TestCase
-    setup do
-      @routes = Engine.routes
-    end
-
-    def user
-      @user ||= users(:one)
-    end
-
-    test "it's using configured custom exception" do
-      assert_equal Knock.not_found_exception_class, Knock::MyCustomException
-    end
-
-    test "responds with 404 if user does not exist" do
-      post :create, auth: { email: 'wrong@example.net', password: '' }
-      assert_response :not_found
-    end
-
-    test "responds with 404 if password is invalid" do
-      post :create, auth: { email: user.email, password: 'wrong' }
-      assert_response :not_found
-    end
-
-    test "responds with 201" do
-      post :create, auth: { email: user.email, password: 'secret' }
-      assert_response :created
-    end
-
-    test "response contains token" do
-      post :create, auth: { email: user.email, password: 'secret' }
-
-      content = JSON.parse(response.body)
-      assert_equal true, content.has_key?("jwt")
-    end
-  end
-end

data/test/tmp/app/controllers/admin_token_controller.rb

@@ -1,2 +0,0 @@
-class AdminTokenController < Knock::AuthTokenController
-end

data/test/tmp/app/controllers/admin_user_token_controller.rb

@@ -1,2 +0,0 @@
-class AdminUserTokenController < Knock::AuthTokenController
-end

data/test/tmp/app/controllers/user_admin_token_controller.rb

@@ -1,2 +0,0 @@
-class UserAdminTokenController < Knock::AuthTokenController
-end

data/test/tmp/app/controllers/user_token_controller.rb

@@ -1,2 +0,0 @@
-class UserTokenController < Knock::AuthTokenController
-end

data/test/tmp/config/routes.rb

@@ -1,17 +0,0 @@
-Rails.application.routes.draw do
-  post 'user_admin_token' => 'user_admin_token#create'
-  post 'admin_user_token' => 'admin_user_token#create'
-  post 'admin_token' => 'admin_token#create'
-  post 'user_token' => 'user_token#create'
-  post 'admin_token' => 'admin_token#create'
-  post 'vendor_token' => 'vendor_token#create'
-
-  resources :protected_resources
-  resource :current_user
-
-  resources :admin_protected
-  resources :composite_name_entity_protected
-  resources :vendor_protected
-
-  mount Knock::Engine => "/knock"
-end