maestrano 0.7.0 → 0.8.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 6c1c227a0a20347f0a75185197b3baac224c968c
-  data.tar.gz: a5b416cd223dd0cea3e04244f404d66681849a98
+  metadata.gz: 6dbfef2e9899e2250a41860c7bc035b608558ac2
+  data.tar.gz: cb1dc4e027c8e63f3b1197374e3478c200825b20
 SHA512:
-  metadata.gz: ed5ca2ae12480f279dd8fb56a1209b5279c66a20fd00b220b1289ca5fe451c92945a63155ed9a422190a331588e17a56c62e6f4de3127e5c1d4c020b0f61d873
-  data.tar.gz: fe08eb406c48c00bf204d03ab841330fe702eb001f18a6cd07829cdf0b50094513b5299dd00debad89ee083baa4f779071aa0e81c47eec135a7d32d37ec73eb2
+  metadata.gz: d44d0296bd34766d5660d6cfed0286bc3d71c7bdf516d3479d4df891a9bc2c47465091e164761d9075e2e6ace88364c04e650d0a3bdd30b457a9d66c2c856e68
+  data.tar.gz: 0098514aed554c30081b53233fd321a8740d6b01bf212441065cabc092d711e7c74c8f2c6e7c666c468e114920c5a921e435e772815404bc36c3178a35134aff

data/Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    maestrano (0.6.0)
+    maestrano (0.8.0)
       json (~> 1.8)
       mime-types (~> 1.25)
       nokogiri (>= 1.5.0)

data/README.md

@@ -122,6 +122,14 @@ Maestrano.configure do |config|
   #
   # config.sso.consume_path = '/maestrano/auth/saml/consume'
   
+  # ==> Single Logout activation
+  # Enable/Disable single logout. When troubleshooting authentication issues
+  # you might want to disable SLO temporarily.
+  # If set to false then Maestrano::SSO::Session#valid? - which should be
+  # used in a controller before filter to check user session - always return true
+  #
+  # config.sso.slo_enabled = true
+  
   # ==> SSO User creation mode
   # !IMPORTANT
   # On Maestrano users can take several "instances" of your service. You can consider
@@ -335,7 +343,7 @@ If you want your users to benefit from single logout then you should define the
 ```ruby
 def verify_maestrano_session
   if Maestrano.param(:sso_enabled)
-    if session && session[:mno_uid] && !Maestrano::SSO::Session.new(session).valid?
+    if session && session[:maestrano] && !Maestrano::SSO::Session.new(session).valid?
       redirect_to Maestrano::SSO.init_url
     end
   end
@@ -524,7 +532,16 @@ Maestrano::Account::Bill
 <td>Time</td>
 <td>-</td>
 <td>-</td>
-<td>When the the bill was created</td>
+<td>When the bill was created</td>
+<tr>
+  
+<tr>
+<td><b>updated_at</b></td>
+<td>readonly</td>
+<td>Time</td>
+<td>-</td>
+<td>-</td>
+<td>When the bill was last updated</td>
 <tr>
 
 <tr>
@@ -697,7 +714,16 @@ Maestrano::Account::RecurringBill
 <td>Time</td>
 <td>-</td>
 <td>-</td>
-<td>When the the bill was created</td>
+<td>When the recurring bill was created</td>
+<tr>
+  
+<tr>
+<td><b>updated_at</b></td>
+<td>readonly</td>
+<td>Time</td>
+<td>-</td>
+<td>-</td>
+<td>When the recurring bill was last updated</td>
 <tr>
 
 <tr>
@@ -717,6 +743,15 @@ Maestrano::Account::RecurringBill
 <td>-</td>
 <td>Status of the recurring bill. Either 'submitted', 'active', 'expired' or 'cancelled'.</td>
 <tr>
+  
+<tr>
+<td><b>initial_cents</b></td>
+<td>read/write</td>
+<td>Integer</td>
+<td><b>-</b></td>
+<td>0</td>
+<td>Initial non-recurring payment amount - in cents - due immediately upon creating the recurring bill</td>
+<tr>
 
 </table>
 

data/lib/maestrano/sso/session.rb

@@ -22,15 +22,17 @@ module Maestrano
       
       def initialize(session)
         self.session = session
-        begin
-          if mno_session = (self.session[:maestrano] || self.session['maestrano'])
-            decrypted_session = JSON.parse(Base64.decode64(mno_session))
-            self.uid = decrypted_session['uid']
-            self.session_token = decrypted_session['session']
-            self.recheck = Time.iso8601(decrypted_session['session_recheck'])
-            self.group_uid = decrypted_session['group_uid']
+        if (self.session = session)
+          begin
+            if mno_session = (self.session[:maestrano] || self.session['maestrano'])
+              decrypted_session = JSON.parse(Base64.decode64(mno_session))
+              self.uid = decrypted_session['uid']
+              self.session_token = decrypted_session['session']
+              self.recheck = Time.iso8601(decrypted_session['session_recheck'])
+              self.group_uid = decrypted_session['group_uid']
+            end
+          rescue
           end
-        rescue
         end
       end
       
@@ -64,7 +66,22 @@ module Maestrano
         return false
       end
       
-      def valid?
+      # Check whether this mno session is valid or not
+      # Return true if SLO is disabled (via sso.slo_enabled config
+      # param)
+      # Return false if no session defined
+      # ---
+      # opts:
+      # if_session: if true then the session will be
+      # considered valid if the http session is nil or does
+      # not have a maestrano key. Useful when the validity of
+      # a session should be restricted to maestrano users only
+      # within an application
+      def valid?(opts = {})
+        return true unless Maestrano.param('sso.slo_enabled')
+        return true if opts[:if_session] && (!self.session || (!self.session[:maestrano] && !self.session['maestrano']))
+        return false unless self.session 
+        
         if self.remote_check_required?
           if perform_remote_check
             self.save

data/lib/maestrano/sso.rb

@@ -1,5 +1,6 @@
 module Maestrano
   module SSO
+    
     # Return the saml_settings based on
     # Maestrano configuration
     def self.saml_settings
@@ -71,8 +72,15 @@ module Maestrano
       Maestrano::SSO::Session.from_user_auth_hash(session,auth).save
     end
     
-    def self.unset_session(session)
-      session.delete(:maestrano) && session.delete('maestrano')
+    # Destroy the maestrano session in http session
+    def self.clear_session(session)
+      session.delete(:maestrano)
+      session.delete('maestrano')
+    end
+    
+    # Metaclass definitions
+    class << self
+      alias_method :unset_session, :clear_session
     end
   end
 end

data/lib/maestrano/version.rb

@@ -1,3 +1,3 @@
 module Maestrano
-  VERSION = '0.7.0'
+  VERSION = '0.8.0'
 end

data/lib/maestrano.rb

@@ -168,6 +168,7 @@ module Maestrano
       # SSO Config
       @sso = OpenStruct.new({
         enabled: true,
+        slo_enabled: true,
         creation_mode: 'virtual',
         init_path: '/maestrano/auth/saml/init',
         consume_path: '/maestrano/auth/saml/consume',
@@ -191,6 +192,7 @@ module Maestrano
       self.api.lang = 'ruby'
       self.api.lang_version = "#{RUBY_VERSION} p#{RUBY_PATCHLEVEL} (#{RUBY_RELEASE_DATE})"
       self.sso.idm ||= self.app.host
+      self.sso.slo_enabled &&= self.sso.enabled
     end
     
     # Transform legacy parameters into new parameter

data/test/maestrano/maestrano_test.rb

@@ -10,6 +10,7 @@ class MaestranoTest < Test::Unit::TestCase
       'api.key'           => 'someapikey',
       
       'sso.enabled'       => false,
+      'sso.slo_enabled'   => false,
       'sso.init_path'     => '/mno/sso/init',
       'sso.consume_path'  => '/mno/sso/consume',
       'sso.creation_mode' => 'real',
@@ -27,6 +28,7 @@ class MaestranoTest < Test::Unit::TestCase
       config.api.key = @config['api.key']
       
       config.sso.enabled = @config['sso.enabled']
+      config.sso.slo_enabled = @config['sso.slo_enabled']
       config.sso.idm = @config['sso.idm']
       config.sso.init_path = @config['sso.init_path']
       config.sso.consume_path = @config['sso.consume_path']
@@ -69,6 +71,11 @@ class MaestranoTest < Test::Unit::TestCase
       assert_equal Maestrano::VERSION, Maestrano.param('api.version')
     end
     
+    should "force slo_enabled to false if sso is disabled" do
+      Maestrano.configure { |config| config.sso.slo_enabled = true; config.sso.enabled = false }
+      assert_false Maestrano.param('sso.slo_enabled')
+    end
+    
     context "with environment params" do
       should "return the right test parameters" do
         Maestrano.configure { |config| config.environment = 'test' }
@@ -221,6 +228,7 @@ class MaestranoTest < Test::Unit::TestCase
         },
         'sso' => {
           'enabled'          => @config['sso.enabled'],
+          'slo_enabled'      => @config['sso.slo_enabled'],
           'init_path'        => @config['sso.init_path'],
           'consume_path'     => @config['sso.consume_path'],
           'creation_mode'    => @config['sso.creation_mode'],

data/test/maestrano/sso/session_test.rb

@@ -101,17 +101,37 @@ module Maestrano
       context "valid?" do
         setup do
           @sso_session = Maestrano::SSO::Session.new(@session)
+          Maestrano.configure { |c| c.sso.slo_enabled = true }
+        end
+        
+        should "return true if Single Logout is disabled" do
+          Maestrano.configure { |c| c.sso.slo_enabled = false }
+          @sso_session.stubs(:remote_check_required?).returns(true)
+          @sso_session.stubs(:perform_remote_check).returns(false)
+          assert @sso_session.valid?
+        end
+
+        should "return true if_session is enabled and session is nil" do
+          sso_session = Maestrano::SSO::Session.new(nil)
+          assert sso_session.valid?(if_session: true)
+        end
+        
+        should "return true if_session is enabled and session is empty" do
+          sso_session = Maestrano::SSO::Session.new({})
+          assert sso_session.valid?(if_session: true)
         end
   
         should "return true if no remote_check_required?" do
           @sso_session.stubs(:remote_check_required?).returns(false)
           assert @sso_session.valid?
+          assert @sso_session.valid?(if_session: true)
         end
     
         should "return true if remote_check_required? and valid" do
           @sso_session.stubs(:remote_check_required?).returns(true)
           @sso_session.stubs(:perform_remote_check).returns(true)
           assert @sso_session.valid?
+          assert @sso_session.valid?(if_session: true)
         end
     
         should "update maestrano session with recheck timestamp if remote_check_required? and valid" do
@@ -126,7 +146,13 @@ module Maestrano
         should "return false if remote_check_required? and invalid" do
           @sso_session.stubs(:remote_check_required?).returns(true)
           @sso_session.stubs(:perform_remote_check).returns(false)
-          assert !@sso_session.valid?
+          assert_false @sso_session.valid?
+          assert_false @sso_session.valid?(if_session: true)
+        end
+        
+        should "return false if internal session is nil" do
+          sso_session = Maestrano::SSO::Session.new(nil)
+          assert_false @sso_session.valid?
         end
       end
   

data/test/maestrano/sso_test.rb

@@ -84,6 +84,18 @@ module Maestrano
       end
       
       should "unset the session correctly" do
+        Maestrano::SSO.set_session(@session,@auth)
+        Maestrano::SSO.clear_session(@session)
+        assert @session[:maestrano].nil?
+      end
+      
+      should "unset the session if key is a string" do
+        @session['maestrano'] = "bla"
+        Maestrano::SSO.clear_session(@session)
+        assert @session["maestrano"].nil?
+      end
+      
+      should "alias clear_session as unset_session" do
         Maestrano::SSO.set_session(@session,@auth)
         Maestrano::SSO.unset_session(@session)
         assert @session[:maestrano].nil?

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: maestrano
 version: !ruby/object:Gem::Version
-  version: 0.7.0
+  version: 0.8.0
 platform: ruby
 authors:
 - Arnaud Lachaume
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2014-06-09 00:00:00.000000000 Z
+date: 2014-06-27 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rest-client