locked-rb 0.0.2 → 0.0.3

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 7bb0ddbc28a9ad9f08852ff6c570c2a225a1572a2ac654b58eba21848e5b4b26
-  data.tar.gz: c21af9b3d3a4eff168fc7097a6b51240173b60ad2974ce0b83f5e8526cc00106
+  metadata.gz: 64951c658b06a83e358adbc3c642bea2436f1eb1bd3860571a211440b48a5077
+  data.tar.gz: e95b6a99564437a343ae196f408c9baa994044628eeb7570f9e9d8ca8df75c4e
 SHA512:
-  metadata.gz: ccd2c32486cd302541cbf8d69ee5d0bf08dc8f36bc574d4b38257ce6c9a20e1f33c945e01e30c09eff494794b7ba0e249dc9265a7e953db24db88bcdb5989820
-  data.tar.gz: ff7bee55ea1dc0e853cdcb8d1c6a17976754a5afc29658341ca7f91d0382b23e5b1afc012f095b838c736f9e8a47b4ce92355861332c43fa1386e0f7554f20bd
+  metadata.gz: e0a4cf2b3ae6a0fab35bac7f61e84fae9115ee9e9804eddeb18e500b2a8df93d8257b14988356560fa4b8db7b34ccd41937ce2738a62eedd391937964425bc0e
+  data.tar.gz: 51a40bf5f9494e7948180042f820dfb0b311513b0d1c35b4026689f27697f67b461c402a05241aa37df95e51dcf56032d12947820bca1249a95089e77a8a1d8b

data/lib/locked.rb

@@ -23,8 +23,9 @@
   locked/commands/identify
   locked/commands/authenticate
   locked/commands/review
+  locked/commands/verify
   locked/configuration
-  locked/failover_auth_response
+  locked/failover_response
   locked/client
   locked/header_formatter
   locked/secure_mode
@@ -36,6 +37,7 @@
   locked/api/request/build
   locked/review
   locked/api
+  locked/configurations/merger
 ].each(&method(:require))
 
 # main sdk module

data/lib/locked/client.rb

@@ -43,7 +43,31 @@ module Locked
         Locked::API.request(command).merge(failover: false, failover_reason: nil)
       rescue Locked::RequestError, Locked::InternalServerError => error
         self.class.failover_response_or_raise(
-          FailoverAuthResponse.new(options[:user_id], reason: error.to_s), error
+          Locked::FailoverResponse::Auth.new(options[:user_id], reason: error.to_s), error
+        )
+      end
+    end
+
+    def failed_in_verification(token = {})
+      command = Locked::Commands::Verify.new(@context).build('deny_verification', token)
+      begin
+        response = Locked::API.request(command)
+        response.merge(failover: false, failover_reason: nil)
+      rescue Locked::RequestError, Locked::InternalServerError => error
+        self.class.failover_response_or_raise(
+          Locked::FailoverResponse::Verification.new(reason: error.to_s), error
+        )
+      end
+    end
+
+    def succeeded_in_verification(token = {})
+      command = Locked::Commands::Verify.new(@context).build('allow_verification', token)
+      begin
+        response = Locked::API.request(command)
+        response.merge(failover: false, failover_reason: nil)
+      rescue Locked::RequestError, Locked::InternalServerError => error
+        self.class.failover_response_or_raise(
+          Locked::FailoverResponse::Verification.new(reason: error.to_s), error
         )
       end
     end

data/lib/locked/commands/authenticate.rb

@@ -11,10 +11,11 @@ module Locked
         Locked::Validators::Present.call(options, %i[event])
         context = Locked::Context::Merger.call(@context, options[:context])
         context = Locked::Context::Sanitizer.call(context)
+        options_with_config = Locked::Configurations::Merger.call(options)
 
         Locked::Command.new(
           'authenticate',
-          options.merge(context: context),
+          options_with_config.merge(context: context),
           :post
         )
       end

data/lib/locked/commands/verify.rb

@@ -0,0 +1,19 @@
+# frozen_string_literal: true
+
+module Locked
+  module Commands
+    class Verify
+      def initialize(context)
+        @context = context
+      end
+
+      def build(path, body, **options)
+        context = Locked::Context::Merger.call(@context, options[:context])
+        context = Locked::Context::Sanitizer.call(context)
+        body_with_context = body.merge(context: context)
+
+        Locked::Command.new(path, body_with_context, :post)
+      end
+    end
+  end
+end

data/lib/locked/configuration.rb

@@ -3,8 +3,14 @@
 module Locked
   # manages configuration variables
   class Configuration
-    HOST = 'locked.jp'
-    PORT = 443
+    HOST = if ENV['DOCKER_USE'].to_i == 1
+              'app'
+            elsif ENV['LOCKED_RUBY_DEV_MODE'].to_s == 'on'
+              'localhost'
+            else
+              'api.locked.jp'
+            end
+    PORT = ENV['LOCKED_RUBY_DEV_MODE'] == 'on' ? 3000 : 443
     URL_PREFIX = 'api/v1/client'
     FAILOVER_STRATEGY = :deny
     REQUEST_TIMEOUT = 1000 # in milliseconds
@@ -25,9 +31,10 @@ module Locked
       'CF_CONNECTING_IP'
     ].freeze
     BLACKLISTED = ['HTTP_COOKIE'].freeze
+    CUSTOM_VERIFICATION = %i[email].freeze
 
     attr_accessor :host, :port, :request_timeout, :url_prefix
-    attr_reader :api_key, :whitelisted, :blacklisted, :failover_strategy
+    attr_reader :api_key, :whitelisted, :blacklisted, :failover_strategy, :custom_verification
 
     def initialize
       @formatter = Locked::HeaderFormatter.new
@@ -39,6 +46,7 @@ module Locked
       self.whitelisted = WHITELISTED
       self.blacklisted = BLACKLISTED
       self.api_key = ''
+      self.custom_verification = []
     end
 
     def api_key=(value)
@@ -62,6 +70,14 @@ module Locked
       raise Locked::ConfigurationError, 'unrecognized failover strategy' if @failover_strategy.nil?
     end
 
+    def custom_verification=(values)
+      return @custom_verification = [] if values.empty?
+      @custom_verification = values.each_with_object([]) do |value, array|
+        raise Locked::ConfigurationError, 'unrecognized custom verification' unless CUSTOM_VERIFICATION.include?(value)
+        array << value
+      end
+    end
+
     private
 
     def respond_to_missing?(method_name, _include_private)

data/lib/locked/configurations/merger.rb

@@ -0,0 +1,15 @@
+# frozen_string_literal: true
+
+module Locked
+  module Configurations
+    class Merger
+      class << self
+        def call(options)
+          return options if Locked.config.custom_verification.empty?
+
+          options.merge(custom_verification: Locked.config.custom_verification)
+        end
+      end
+    end
+  end
+end

data/lib/locked/failover_response.rb

@@ -0,0 +1,42 @@
+# frozen_string_literal: true
+
+module Locked
+  module FailoverResponse
+    # generate failover authentication response
+    class Auth
+      def initialize(user_id, strategy: Locked.config.failover_strategy, reason:)
+        @strategy = strategy
+        @reason = reason
+        @user_id = user_id
+      end
+
+      def generate
+        {
+          data: {
+            action: @strategy.to_s,
+            user_id: @user_id,
+          },
+          failover: true,
+          failover_reason: @reason
+        }
+      end
+    end
+
+    class Verification
+      def initialize(strategy: Locked.config.failover_strategy, reason:)
+        @strategy = strategy
+        @reason = reason
+      end
+
+      def generate
+        {
+          data: {
+            action: @strategy.to_s,
+          },
+          failover: true,
+          failover_reason: @reason
+        }
+      end
+    end
+  end
+end

data/lib/locked/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Locked
-  VERSION = '0.0.2'
+  VERSION = '0.0.3'
 end

data/spec/lib/Locked/client_spec.rb

@@ -142,7 +142,7 @@ describe Locked::Client do
       before { request_response }
 
       it do
-        assert_requested :post, 'https://locked.jp/api/v1/client/authenticate', times: 1 do |req|
+        assert_requested :post, 'https://api.locked.jp/api/v1/client/authenticate', times: 1 do |req|
           JSON.parse(req.body) == JSON.parse(request_body.to_json)
         end
       end
@@ -155,7 +155,7 @@ describe Locked::Client do
         end
 
         it do
-          assert_requested :post, 'https://locked.jp/api/v1/client/authenticate', times: 1 do |req|
+          assert_requested :post, 'https://api.locked.jp/api/v1/client/authenticate', times: 1 do |req|
             JSON.parse(req.body) == JSON.parse(request_body.to_json)
           end
         end
@@ -168,7 +168,7 @@ describe Locked::Client do
         end
 
         it do
-          assert_requested :post, 'https://locked.jp/api/v1/client/authenticate', times: 1 do |req|
+          assert_requested :post, 'https://api.locked.jp/api/v1/client/authenticate', times: 1 do |req|
             JSON.parse(req.body) == JSON.parse(request_body.to_json)
           end
         end
@@ -181,7 +181,7 @@ describe Locked::Client do
       before { request_response }
 
       it do
-        assert_requested :post, 'https://locked.jp/api/v1/client/authenticate', times: 1 do |req|
+        assert_requested :post, 'https://api.locked.jp/api/v1/client/authenticate', times: 1 do |req|
           JSON.parse(req.body) == JSON.parse(request_body.to_json)
         end
       end
@@ -223,4 +223,70 @@ describe Locked::Client do
       end
     end
   end
+
+  describe '#failed_in_verification' do
+    let(:request_body) { { token: 'sample25f90350c69f50acc968' } }
+
+    subject { client.failed_in_verification(request_body) }
+
+    context '正常系' do
+      it '期待したrequest bodyが生成されること' do
+        subject
+
+        assert_requested :post, 'https://api.locked.jp/api/v1/client/deny_verification', times: 1 do |req|
+          JSON.parse(req.body) == JSON.parse(request_body.to_json)
+        end
+      end
+    end
+
+    context '異常系' do
+      before { allow(Locked::API).to receive(:request).and_raise(Locked::RequestError.new(Timeout::Error)) }
+
+      context 'with request error and throw strategy' do
+        before { allow(Locked.config).to receive(:failover_strategy).and_return(:throw) }
+
+        it { expect { subject }.to raise_error(Locked::RequestError) }
+      end
+
+      context 'with request error and not throw on eg deny strategy' do
+        it { assert_not_requested :post, 'https://locked.jp/api/v1/client/deny_verification' }
+        it { expect(subject[:data][:action]).to be_eql('deny') }
+        it { expect(subject[:failover]).to be true }
+        it { expect(subject[:failover_reason]).to be_eql('Locked::RequestError') }
+      end
+    end
+  end
+
+  describe '#succeeded_in_verification' do
+    let(:request_body) { { token: 'sample25f90350c69f50acc968' } }
+
+    subject { client.succeeded_in_verification(request_body) }
+
+    context '正常系' do
+      it '期待したrequest bodyが生成されること' do
+        subject
+
+        assert_requested :post, 'https://api.locked.jp/api/v1/client/allow_verification', times: 1 do |req|
+          JSON.parse(req.body) == JSON.parse(request_body.to_json)
+        end
+      end
+    end
+
+    context '異常系' do
+      before { allow(Locked::API).to receive(:request).and_raise(Locked::RequestError.new(Timeout::Error)) }
+
+      context 'with request error and throw strategy' do
+        before { allow(Locked.config).to receive(:failover_strategy).and_return(:throw) }
+
+        it { expect { subject }.to raise_error(Locked::RequestError) }
+      end
+
+      context 'with request error and not throw on eg deny strategy' do
+        it { assert_not_requested :post, 'https://locked.jp/api/v1/client/allow_verification' }
+        it { expect(subject[:data][:action]).to be_eql('deny') }
+        it { expect(subject[:failover]).to be true }
+        it { expect(subject[:failover_reason]).to be_eql('Locked::RequestError') }
+      end
+    end
+  end
 end

data/spec/lib/Locked/commands/verify_spec.rb

@@ -0,0 +1,21 @@
+# frozen_string_literal: true
+
+describe Locked::Commands::Verify do
+  let(:context) { { test: { test1: '1' } } }
+
+  describe '.build' do
+    subject { Locked::Commands::Verify.new(context).build('deny_verification', token: 'f68c5f338f2ba6b14e17') }
+
+    it '期待したpathが返ること' do
+      expect(subject.path).to eq 'deny_verification'
+    end
+
+    it '期待したbodyが返ること' do
+      expect(subject.data).to include token: 'f68c5f338f2ba6b14e17'
+    end
+
+    it '期待したhttpメソッドが返ること' do
+      expect(subject.method).to eq :post
+    end
+  end
+end

data/spec/lib/Locked/configuration_spec.rb

@@ -7,7 +7,7 @@ describe Locked::Configuration do
 
   describe 'host' do
     context 'with default' do
-      it { expect(config.host).to be_eql('locked.jp') }
+      it { expect(config.host).to be_eql('api.locked.jp') }
     end
 
     context 'with setter' do
@@ -143,4 +143,28 @@ describe Locked::Configuration do
       end
     end
   end
+
+  describe 'custom_verification' do
+    it do
+      expect(config.custom_verification).to be_eql([])
+    end
+
+    context 'with setter' do
+      before do
+        config.custom_verification = [:email]
+      end
+
+      it do
+        expect(config.custom_verification).to be_eql([:email])
+      end
+    end
+
+    context 'when broken' do
+      it do
+        expect do
+          config.custom_verification = [:unknown]
+        end.to raise_error(Locked::ConfigurationError)
+      end
+    end
+  end
 end

data/spec/lib/Locked/configurations/merger_spec.rb

@@ -0,0 +1,34 @@
+# frozen_string_literal: true
+
+describe Locked::Configurations::Merger do
+  describe '.call' do
+    context '正常系' do
+      let(:options) do
+        {
+          event: '$login.success',
+          user_id: 1234,
+          user_ip: '1.1.1.1',
+          user_agent: 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063',
+          email: 'example@locked.jp',
+          callback_url: 'https://locked.jp/login/result'
+        }
+      end
+
+      context 'configでcustom_verificationが設定されていない場合' do
+        it '引数で投げられたoptionsが返ること' do
+          expect(Locked::Configurations::Merger.call(options)).to eq options
+        end
+      end
+
+      context 'configでcustom_verificationが設定されている場合' do
+        before do
+          Locked.config.custom_verification = [:email]
+        end
+
+        it '引数で投げられたoptionsにcustom verificationがマージされて返ること' do
+          expect(Locked::Configurations::Merger.call(options)).to include custom_verification: [:email]
+        end
+      end
+    end
+  end
+end

data/spec/spec_helper.rb

@@ -4,11 +4,10 @@ require 'rubygems'
 require 'bundler/setup'
 require 'rack'
 require 'webmock/rspec'
-require 'byebug'
 require 'timecop'
 
-require 'coveralls'
-Coveralls.wear!
+# require 'coveralls'
+# Coveralls.wear!
 
 require 'locked'
 

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: locked-rb
 version: !ruby/object:Gem::Version
-  version: 0.0.2
+  version: 0.0.3
 platform: ruby
 authors:
 - Yoshiki Takeda
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2019-07-20 00:00:00.000000000 Z
+date: 2019-09-02 00:00:00.000000000 Z
 dependencies: []
 description: locked protects your users from account compromise
 email: takeda@locked.jp
@@ -28,7 +28,9 @@ files:
 - lib/locked/commands/authenticate.rb
 - lib/locked/commands/identify.rb
 - lib/locked/commands/review.rb
+- lib/locked/commands/verify.rb
 - lib/locked/configuration.rb
+- lib/locked/configurations/merger.rb
 - lib/locked/context/default.rb
 - lib/locked/context/merger.rb
 - lib/locked/context/sanitizer.rb
@@ -36,7 +38,7 @@ files:
 - lib/locked/extractors/client_id.rb
 - lib/locked/extractors/headers.rb
 - lib/locked/extractors/ip.rb
-- lib/locked/failover_auth_response.rb
+- lib/locked/failover_response.rb
 - lib/locked/header_formatter.rb
 - lib/locked/review.rb
 - lib/locked/secure_mode.rb
@@ -60,7 +62,9 @@ files:
 - spec/lib/Locked/commands/authenticate_spec.rb
 - spec/lib/Locked/commands/identify_spec.rb
 - spec/lib/Locked/commands/review_spec.rb
+- spec/lib/Locked/commands/verify_spec.rb
 - spec/lib/Locked/configuration_spec.rb
+- spec/lib/Locked/configurations/merger_spec.rb
 - spec/lib/Locked/context/default_spec.rb
 - spec/lib/Locked/context/merger_spec.rb
 - spec/lib/Locked/context/sanitizer_spec.rb
@@ -104,6 +108,7 @@ specification_version: 4
 summary: locked
 test_files:
 - spec/spec_helper.rb
+- spec/lib/Locked/configurations/merger_spec.rb
 - spec/lib/Locked/review_spec.rb
 - spec/lib/Locked/client_spec.rb
 - spec/lib/Locked/context/default_spec.rb
@@ -122,6 +127,7 @@ test_files:
 - spec/lib/Locked/api/request/build_spec.rb
 - spec/lib/Locked/commands/review_spec.rb
 - spec/lib/Locked/commands/authenticate_spec.rb
+- spec/lib/Locked/commands/verify_spec.rb
 - spec/lib/Locked/commands/identify_spec.rb
 - spec/lib/Locked/validators/not_supported_spec.rb
 - spec/lib/Locked/validators/present_spec.rb

data/lib/locked/failover_auth_response.rb

@@ -1,23 +0,0 @@
-# frozen_string_literal: true
-
-module Locked
-  # generate failover authentication response
-  class FailoverAuthResponse
-    def initialize(user_id, strategy: Locked.config.failover_strategy, reason:)
-      @strategy = strategy
-      @reason = reason
-      @user_id = user_id
-    end
-
-    def generate
-      {
-        data: {
-            action: @strategy.to_s,
-            user_id: @user_id,
-        },
-        failover: true,
-        failover_reason: @reason
-      }
-    end
-  end
-end