maestrano 1.0.0 → 1.0.1

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: da42c6caf2df53cba319e638cec31b0ce33a22f7
4
- data.tar.gz: db175d78fcd0f238cc6cc014d0464277dd289886
3
+ metadata.gz: 5063dee60d6bee868a778911f5fed4c2a1f7424b
4
+ data.tar.gz: 02d58e8248cb14e24d3229d200faa44cffe8eda6
5
5
  SHA512:
6
- metadata.gz: fe781d6375ef3e2c942397b078b433e2aab2fd06c1fa9a6d82622c9b908a9d47451125b146f3168302d643f38b44dd9f120123821a0d3a8acc6ec92b114775b2
7
- data.tar.gz: d47fcef45b8347d50c0b7280267b914be4ddd38204eb9be43b36c71acd6fb6aa6dd659ab82cdb6dad300cf8f08f05d0b01f2c829509fb0f221371353f3dc37f7
6
+ metadata.gz: 4ee520a1049d6241d78fb7884f854309d017c89228f54497559b7f95ffdd5ae76f9544199c2ef661b67f7d1b38a0b44184247756a7d8c1ff687bfeb9995c40d0
7
+ data.tar.gz: b49742db34b47127d100479dfb5ab6f06ccfc4df0bb693a9f413880caccd21ac49da60d08bbe23099093ac5da74b56359de11a03827f68c6aff19bb67d193f19
data/README.md CHANGED
@@ -16,7 +16,6 @@ Maestrano Cloud Integration is currently in closed beta. Want to know more? Send
16
16
  3. [Getting Started](#getting-started)
17
17
  * [Installation](#installation)
18
18
  * [Configuration](#configuration)
19
- * [Metadata Endpoint](#metadata-endpoint)
20
19
  4. [Single Sign-On Setup](#single-sign-on-setup)
21
20
  * [User Setup](#user-setup)
22
21
  * [Group Setup](#group-setup)
@@ -39,11 +38,8 @@ Maestrano Cloud Integration is currently in closed beta. Want to know more? Send
39
38
  - - -
40
39
 
41
40
  ## Getting Setup
42
- Before integrating with us you will need an App ID and API Key. Maestrano Cloud Integration being still in closed beta you will need to contact us beforehand to gain production access.
43
-
44
- For testing purpose we provide an API Sandbox where you can freely obtain an App ID and API Key. The sandbox is great to test single sign-on and API integration (e.g: billing API).
45
-
46
- To get started just go to: http://api-sandbox.maestrano.io
41
+ To start the integration of your application with the Maestrano platform, you first need to register your application on our Developer Platform. You can find [more information here](https://maestrano.atlassian.net/wiki/x/NYA3Ag)
42
+ Once your application is registered, you will be provided with API keys that are used to configure your application on the different marketplaces powered by Maestrano.
47
43
 
48
44
  ## Getting Started with Rails
49
45
 
@@ -65,12 +61,10 @@ Or add it to your Gemfile
65
61
  gem 'maestrano'
66
62
  ```
67
63
 
68
-
69
64
  ### Configuration
70
65
  Once installed the first step is to create an initializer to configure the behaviour of the Maestrano gem
71
66
 
72
- #### Configuration based of the Developer Platform
73
- The [developer platform](https://dev-platform.maestrano.com) is the easiest way to configure Maestrano. The only actions needed from your part is to create your application and environments on the developer platform and to create a config file. The framework will then contact the developer platform and retrieve the marketplaces configuration for your app environment.
67
+ Use the [developer platform](https://dev-platform.maestrano.com) to create your application and your environments. The framework will then contact the developer platform and retrieve the marketplaces configuration for your application environments. This way your application can be automatically added to new environment without having to update the configuration on your side.
74
68
 
75
69
  In your initializer add the following configuration:
76
70
 
@@ -86,9 +80,9 @@ dev_platform:
86
80
  api_path: '/api/config/v1/marketplaces'
87
81
 
88
82
  environment:
89
- name: 'my-environment'
90
- api_key: 'your-environment-api-key'
91
- api_secret: 'your-environment-api-secret'
83
+ name: 'my-environment' # Any arbitrary name you want to use
84
+ api_key: 'your-environment-api-key' # Provided by the developer platform
85
+ api_secret: 'your-environment-api-secret' # Provided by the developer platform
92
86
  ```
93
87
 
94
88
  The API keys can be found under your Environment settings on the developer platform.
@@ -105,242 +99,7 @@ export MNO_DEVPL_ENV_SECRET=<your environment secret>
105
99
 
106
100
  `config/initializers/maestrano.rb`
107
101
  ```ruby
108
- Maestrano.auto_configure
109
- ```
110
-
111
- #### Deprecated - Configure environments manually
112
- Environments configuration should be driven from the developer platform configuration. For backward compatibility purpose, environments can still be defined manually.
113
-
114
- You can add configuration presets by putting additional configuration blocks in your maestrano.rb initializer. These additional presets can then be specified when doing particular action, such as initializing a Connec!™ client or triggering a SSO handshake. These presets are particularly useful if you are dealing with multiple Maestrano-style marketplaces (multi-enterprise integration).
115
-
116
- If this is the first time you integrate with Maestrano, we recommend adopting a multi-tenant approach. All code samples in this documentation provide examples on how to handle multi-tenancy by scoping method calls to a specific configuration preset.
117
-
118
- More information about multi-tenant integration can be found on [Our Multi-Tenant Integration Guide](https://maestrano.atlassian.net/wiki/display/CONNECAPIV2/Multi-Tenant+Integration)
119
-
120
- The initializer should look like this:
121
- ```ruby
122
- # Use this block to configure the behaviour of Maestrano
123
- # in your app
124
- Maestrano.configure do |config|
125
-
126
- # ==> Environment configuration
127
- # The environment to connect to.
128
- # If set to 'production' then all Single Sign-On (SSO) and API requests
129
- # will be made to maestrano.com
130
- # If set to 'test' then requests will be made to api-sandbox.maestrano.io
131
- # The api-sandbox allows you to easily test integration scenarios.
132
- # More details on http://api-sandbox.maestrano.io
133
- #
134
- config.environment = 'test' # or 'production'
135
-
136
- # ==> Application host
137
- # This is your application host (e.g: my-app.com) which is ultimately
138
- # used to redirect users to the right SAML url during SSO handshake.
139
- #
140
- config.app.host = (config.environment == 'production' ? 'https://my-app.com' : 'http://localhost:3000')
141
-
142
- # ==> App ID & API key
143
- # Your application App ID and API key which you can retrieve on http://maestrano.com
144
- # via your cloud partner dashboard.
145
- # For testing you can retrieve/generate an api.id and api.key from the API Sandbox directly
146
- # on http://api-sandbox.maestrano.io
147
- #
148
- config.api.id = (config.environment == 'production' ? 'prod_app_id' : 'sandbox_app_id')
149
- config.api.key = (config.environment == 'production' ? 'prod_api_key' : 'sandbox_api_key')
150
-
151
- # ==> Single Sign-On activation
152
- # Enable/Disable single sign-on. When troubleshooting authentication issues
153
- # you might want to disable SSO temporarily
154
- #
155
- # config.sso.enabled = true
156
-
157
- # ==> Single Sign-On Identity Manager
158
- # By default we consider that the domain managing user identification
159
- # is the same as your application host (see above config.app.host parameter)
160
- # If you have a dedicated domain managing user identification and therefore
161
- # responsible for the single sign-on handshake (e.g: https://idp.my-app.com)
162
- # then you can specify it below
163
- #
164
- # config.sso.idm = (config.environment == 'production' ? 'https://idp.my-app.com' : 'http://localhost:3000')
165
-
166
- # ==> SSO Initialization endpoint
167
- # This is your application path to the SAML endpoint that allows users to
168
- # initialize SSO authentication. Upon reaching this endpoint users your
169
- # application will automatically create a SAML request and redirect the user
170
- # to Maestrano. Maestrano will then authenticate and authorize the user. Upon
171
- # authorization the user gets redirected to your application consumer endpoint
172
- # (see below) for initial setup and/or login.
173
- #
174
- # config.sso.init_path = '/maestrano/auth/saml/init'
175
-
176
- # ==> SSO Consumer endpoint
177
- # This is your application path to the SAML endpoint that allows users to
178
- # finalize SSO authentication. During the 'consume' action your application
179
- # sets users (and associated group) up and/or log them in.
180
- #
181
- # config.sso.consume_path = '/maestrano/auth/saml/consume'
182
-
183
- # ==> Single Logout activation
184
- # Enable/Disable single logout. When troubleshooting authentication issues
185
- # you might want to disable SLO temporarily.
186
- # If set to false then Maestrano::SSO::Session#valid? - which should be
187
- # used in a controller before filter to check user session - always return true
188
- #
189
- # config.sso.slo_enabled = true
190
-
191
- # ==> x509 SSL Certificate
192
- # During the SSO handshake, the SSL certificate is validated and must match the IDP provider.
193
- # For multi-tenant integration, the certificates may change per environment.
194
- #
195
- # config.sso.x509_fingerprint = '2f:57:71:e4:40:19:57:37:a6:2c:f0:c5:82:52:2f:2e:41:b7:9d:7e'
196
- # config.sso.x509_certificate = "-----BEGIN CERTIFICATE-----\nCERTIFICATE CONTENT==\n-----END CERTIFICATE-----"
197
-
198
- # ==> SSO User creation mode
199
- # !IMPORTANT
200
- # On Maestrano users can take several "instances" of your service. You can consider
201
- # each "instance" as 1) a billing entity and 2) a collaboration group (this is
202
- # equivalent to a 'customer account' in a commercial world). When users login to
203
- # your application via single sign-on they actually login via a specific group which
204
- # is then supposed to determine which data they have access to inside your application.
205
- #
206
- # E.g: John and Jack are part of group 1. They should see the same data when they login to
207
- # your application (employee info, analytics, sales etc..). John is also part of group 2
208
- # but not Jack. Therefore only John should be able to see the data belonging to group 2.
209
- #
210
- # In most application this is done via collaboration/sharing/permission groups which is
211
- # why a group is required to be created when a new user logs in via a new group (and
212
- # also for billing purpose - you charge a group, not a user directly).
213
- #
214
- # == mode: 'real'
215
- # In an ideal world a user should be able to belong to several groups in your application.
216
- # In this case you would set the 'sso.creation_mode' to 'real' which means that the uid
217
- # and email we pass to you are the actual user email and maestrano universal id.
218
- #
219
- # == mode: 'virtual'
220
- # Now let's say that due to technical constraints your application cannot authorize a user
221
- # to belong to several groups. Well next time John logs in via a different group there will
222
- # be a problem: the user already exists (based on uid or email) and cannot be assigned
223
- # to a second group. To fix this you can set the 'sso.creation_mode' to 'virtual'. In this
224
- # mode users get assigned a truly unique uid and email across groups. So next time John logs
225
- # in a whole new user account can be created for him without any validation problem. In this
226
- # mode the email we assign to him looks like "usr-sdf54.cld-45aa2@mail.maestrano.com". But don't
227
- # worry we take care of forwarding any email you would send to this address
228
- #
229
- # config.sso.creation_mode = 'real' # or 'virtual'
230
-
231
- # ==> Account Webhooks
232
- # Single sign on has been setup into your app and Maestrano users are now able
233
- # to use your service. Great! Wait what happens when a business (group) decides to
234
- # stop using your service? Also what happens when a user gets removed from a business?
235
- # Well the endpoints below are for Maestrano to be able to notify you of such
236
- # events.
237
- #
238
- # Even if the routes look restful we issue only issue DELETE requests for the moment
239
- # to notify you of any service cancellation (group deletion) or any user being
240
- # removed from a group.
241
- #
242
- # config.webhook.account.groups_path = '/maestrano/account/groups/:id',
243
- # config.webhook.account.group_users_path = '/maestrano/account/groups/:group_id/users/:id',
244
-
245
-
246
- # ==> Connec Subscriptions/Webhook
247
- # The following section is used to configure the Connec!™ webhooks and which entities
248
- # you should receive via webhook.
249
- #
250
- # == Notification Path
251
- # This is the path of your application where notifications (created/updated entities) will
252
- # be POSTed to.
253
- # You should have a controller matching this path handling the update of your internal entities
254
- # based on the Connec!™ entities you receive
255
- #
256
- # config.webhook.connec.notifications_path = '/maestrano/connec/notifications'
257
- #
258
- # == Subscriptions
259
- # This is the list of entities (organizations,people,invoices etc.) for which you want to be
260
- # notified upon creation/update in Connec!™
261
- #
262
- # config.webhook.connec.subscriptions = {
263
- # accounts: true,
264
- # company: true,
265
- # employees: false,
266
- # events: false,
267
- # event_orders: false,
268
- # invoices: true,
269
- # items: true,
270
- # journals: false,
271
- # opportunities: true,
272
- # organizations: true,
273
- # payments: false,
274
- # pay_items: false,
275
- # pay_schedules: false,
276
- # pay_stubs: false,
277
- # pay_runs: false,
278
- # people: true,
279
- # projects: false,
280
- # purchase_orders: false,
281
- # quotes: false,
282
- # sales_orders: false,
283
- # tax_codes: true,
284
- # tax_rates: false,
285
- # time_activities: false,
286
- # time_sheets: false,
287
- # venues: false,
288
- # warehouses: false,
289
- # work_locations: false
290
- # }
291
- end
292
- ```
293
-
294
- If you need to support multiple marketplace providers, you can define configuration presets and switch between these at runtime:
295
- ```ruby
296
- Maestrano['my-preset1'].configure do |config|
297
- config.environment = 'production'
298
- config.app.host = 'https://my-custom-provider1.com'
299
- ...
300
- end
301
-
302
- Maestrano['my-preset2'].configure do |config|
303
- config.environment = 'production'
304
- config.app.host = 'https://my-custom-provider2.com'
305
- ...
306
- end
307
- ```
308
-
309
- ### Deprecated - Metadata Endpoint
310
- Your configuration initializer is now all setup and shiny. Great! But need to know about it. Of course
311
- we could propose a long and boring form on maestrano.com for you to fill all these details (especially the webhooks) but we thought it would be more convenient to fetch that automatically.
312
-
313
- For that we expect you to create a metadata endpoint that we can fetch regularly (or when you press 'refresh metadata' in your maestrano cloud partner dashboard). By default we assume that it will be located at
314
- YOUR_WEBSITE/maestrano/metadata(.json)
315
-
316
- Of course if you prefer a different url you can always change that endpoint in your maestrano cloud partner dashboard.
317
-
318
- What would the controller action look like? First let's talk about authentication. You don't want that endpoint to be visible to anyone. Maestrano always uses http basic authentication to contact your service remotely. The login/password used for this authentication are your actual api.id and api.key.
319
-
320
- So here is an example of controller action for Rails to adapt depending on the framework you're using:
321
-
322
- ```ruby
323
- class MaestranoMetaDataController < ApplicationController
324
- before_filter :authenticate_maestrano!
325
-
326
- def metadata
327
- render json: Maestrano.to_metadata
328
- # Or using presets
329
- # render json: Maestrano['my-preset'].to_metadata
330
- end
331
-
332
- private
333
- def authenticate_maestrano!
334
- authorized = false
335
- authenticate_with_http_basic do |app_id, api_token|
336
- authorized = Maestrano.authenticate(app_id,api_token)
337
- end
338
- unless authorized
339
- render json: {error: 'Invalid credentials' }, status: :unauthorized
340
- end
341
- return true
342
- end
343
- end
102
+ Maestrano.auto_configure # Uses environment variables
344
103
  ```
345
104
 
346
105
  ## Single Sign-On Setup
@@ -364,7 +123,7 @@ class User
364
123
  ...
365
124
 
366
125
  def self.find_or_create_for_maestrano(sso_hash)
367
- user = self.where(provider:'maestrano', uid: sso_hash[:uid]).first
126
+ user = self.where(provider: 'maestrano', uid: sso_hash[:uid]).first
368
127
 
369
128
  unless user
370
129
  user = self.new
@@ -495,8 +254,6 @@ Sad as it is a business might decide to stop using your service at some point. O
495
254
 
496
255
  Maestrano only uses this controller for service cancellation so there is no need to implement any other type of action - ie: GET, PUT/PATCH or POST. The use of other http verbs might come in the future to improve the communication between Maestrano and your service but as of now it is not required.
497
256
 
498
- The controller example below reimplements the authenticate_maestrano! method seen in the [metadata section](#metadata) for completeness. Utimately you should move this method to a helper if you can.
499
-
500
257
  The example below is for Rails and need to be adapted depending on the framework you're using:
501
258
  ```ruby
502
259
  class MaestranoAccountGroupsController < ApplicationController
@@ -555,8 +312,6 @@ A business might decide at some point to revoke access to your services for one
555
312
 
556
313
  Maestrano only uses this controller for user membership cancellation so there is no need to implement any other type of action - ie: GET, PUT/PATCH or POST. The use of other http verbs might come in the future to improve the communication between Maestrano and your service but as of now it is not required.
557
314
 
558
- The controller example below reimplements the authenticate_maestrano! method seen in the [metadata section](#metadata) for completeness. Utimately you should move this method to a helper if you can.
559
-
560
315
  The example below is for Rails and need to be adapted depending on the framework you're using:
561
316
  ```ruby
562
317
  class MaestranoAccountGroupUsersController < ApplicationController
@@ -1234,8 +989,6 @@ client_presets = Maestrano::Connec::Client['my-preset'].new("cld-f7f5g4")
1234
989
  client_presets.get('/organizations')
1235
990
  ```
1236
991
 
1237
-
1238
-
1239
992
  ### Webhook Notifications
1240
993
  If you have configured the Maestrano API to receive update notifications (see 'subscriptions' configuration at the top) from Connec!™ then you can expect to receive regular POST requests on the notification_path you have configured.
1241
994
 
@@ -1263,6 +1016,6 @@ So if you have any question or need help integrating with us just let us know at
1263
1016
 
1264
1017
  ## License
1265
1018
 
1266
- MIT License. Copyright 2015 Maestrano Pty Ltd. https://maestrano.com
1019
+ MIT License. Copyright 2017 Maestrano Pty Ltd. https://maestrano.com
1267
1020
 
1268
1021
  You are not granted rights or licenses to the trademarks of Maestrano.
data/lib/maestrano.rb CHANGED
@@ -21,7 +21,6 @@ require 'maestrano/saml/attribute_value'
21
21
  require 'maestrano/saml/response'
22
22
  require 'maestrano/saml/settings'
23
23
  require 'maestrano/saml/validation_error'
24
- require 'maestrano/saml/metadata'
25
24
 
26
25
  # SSO
27
26
  require 'maestrano/sso'
@@ -122,48 +121,6 @@ module Maestrano
122
121
  (self.configs[preset] || Configuration.new).param(parameter)
123
122
  end
124
123
 
125
- # Return a hash describing the current
126
- # Maestrano configuration. The metadata
127
- # will be remotely fetched by Maestrano
128
- # Exclude any info containing an api key
129
- def self.to_metadata
130
- hash = {}
131
- hash['environment'] = self.param('environment')
132
-
133
- config_groups = ['app','api','sso','webhook']
134
- blacklist = ['api.key','api.token']
135
-
136
- config_groups.each do |cgroup_name|
137
- cgroup = self.configs[preset].send(cgroup_name)
138
-
139
- attr_list = cgroup.attributes.map(&:to_s)
140
- attr_list += Configuration::EVT_CONFIG[hash['environment']].keys.select { |k| k =~ Regexp.new("^#{cgroup_name}\.") }.map { |k| k.gsub(Regexp.new("^#{cgroup_name}\."),'') }
141
- attr_list.uniq!
142
-
143
- attr_list.each do |first_lvl|
144
- if cgroup.send(first_lvl).is_a?(OpenStruct)
145
- c2group = cgroup.send(first_lvl)
146
- c2group.attributes.each do |secnd_lvl|
147
- full_param = [cgroup_name,first_lvl,secnd_lvl].join('.')
148
- unless blacklist.include?(full_param)
149
- hash[cgroup_name.to_s] ||= {}
150
- hash[cgroup_name.to_s][first_lvl.to_s] ||= {}
151
- hash[cgroup_name.to_s][first_lvl.to_s][secnd_lvl.to_s] = self.param(full_param)
152
- end
153
- end
154
- else
155
- full_param = [cgroup_name,first_lvl].join('.')
156
- unless blacklist.include?(full_param)
157
- hash[cgroup_name.to_s] ||= {}
158
- hash[cgroup_name.to_s][first_lvl.to_s] = self.param(full_param)
159
- end
160
- end
161
- end
162
- end
163
-
164
- return hash
165
- end
166
-
167
124
  def self.auto_configure(config_file_path = nil)
168
125
  AutoConfigure.get_marketplace_configurations(config_file_path)
169
126
  rescue => e
@@ -291,7 +248,7 @@ module Maestrano
291
248
 
292
249
  EVT_CONFIG ||= {
293
250
  'local' => {
294
- 'api.host' => 'http://application.maestrano.io',
251
+ 'api.host' => 'http://localhost:3001',
295
252
  'api.base' => '/api/v1/',
296
253
  'connec.enabled' => true,
297
254
  'connec.host' => 'http://connec.maestrano.io',
@@ -299,25 +256,11 @@ module Maestrano
299
256
  'connec.v2_path' => '/v2',
300
257
  'connec.reports_path' => '/reports',
301
258
  'connec.timeout' => 60,
302
- 'sso.idp' => 'http://application.maestrano.io',
259
+ 'sso.idp' => 'http://localhost:3001',
303
260
  'sso.name_id_format' => Maestrano::Saml::Settings::NAMEID_PERSISTENT,
304
261
  'sso.x509_fingerprint' => '01:06:15:89:25:7d:78:12:28:a6:69:c7:de:63:ed:74:21:f9:f5:36',
305
262
  'sso.x509_certificate' => "-----BEGIN CERTIFICATE-----\nMIIDezCCAuSgAwIBAgIJAOehBr+YIrhjMA0GCSqGSIb3DQEBBQUAMIGGMQswCQYD\nVQQGEwJBVTEMMAoGA1UECBMDTlNXMQ8wDQYDVQQHEwZTeWRuZXkxGjAYBgNVBAoT\nEU1hZXN0cmFubyBQdHkgTHRkMRYwFAYDVQQDEw1tYWVzdHJhbm8uY29tMSQwIgYJ\nKoZIhvcNAQkBFhVzdXBwb3J0QG1hZXN0cmFuby5jb20wHhcNMTQwMTA0MDUyMjM5\nWhcNMzMxMjMwMDUyMjM5WjCBhjELMAkGA1UEBhMCQVUxDDAKBgNVBAgTA05TVzEP\nMA0GA1UEBxMGU3lkbmV5MRowGAYDVQQKExFNYWVzdHJhbm8gUHR5IEx0ZDEWMBQG\nA1UEAxMNbWFlc3RyYW5vLmNvbTEkMCIGCSqGSIb3DQEJARYVc3VwcG9ydEBtYWVz\ndHJhbm8uY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDVkIqo5t5Paflu\nP2zbSbzxn29n6HxKnTcsubycLBEs0jkTkdG7seF1LPqnXl8jFM9NGPiBFkiaR15I\n5w482IW6mC7s8T2CbZEL3qqQEAzztEPnxQg0twswyIZWNyuHYzf9fw0AnohBhGu2\n28EZWaezzT2F333FOVGSsTn1+u6tFwIDAQABo4HuMIHrMB0GA1UdDgQWBBSvrNxo\neHDm9nhKnkdpe0lZjYD1GzCBuwYDVR0jBIGzMIGwgBSvrNxoeHDm9nhKnkdpe0lZ\njYD1G6GBjKSBiTCBhjELMAkGA1UEBhMCQVUxDDAKBgNVBAgTA05TVzEPMA0GA1UE\nBxMGU3lkbmV5MRowGAYDVQQKExFNYWVzdHJhbm8gUHR5IEx0ZDEWMBQGA1UEAxMN\nbWFlc3RyYW5vLmNvbTEkMCIGCSqGSIb3DQEJARYVc3VwcG9ydEBtYWVzdHJhbm8u\nY29tggkA56EGv5giuGMwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOBgQCc\nMPgV0CpumKRMulOeZwdpnyLQI/NTr3VVHhDDxxCzcB0zlZ2xyDACGnIG2cQJJxfc\n2GcsFnb0BMw48K6TEhAaV92Q7bt1/TYRvprvhxUNMX2N8PHaYELFG2nWfQ4vqxES\nRkjkjqy+H7vir/MOF3rlFjiv5twAbDKYHXDT7v1YCg==\n-----END CERTIFICATE-----"
306
263
  },
307
- 'test' => {
308
- 'api.host' => 'http://api-sandbox.maestrano.io',
309
- 'api.base' => '/api/v1/',
310
- 'connec.enabled' => true,
311
- 'connec.host' => 'http://api-sandbox.maestrano.io',
312
- 'connec.base_path' => '/connec/api/v2',
313
- 'connec.v2_path' => '/v2',
314
- 'connec.reports_path' => '/reports',
315
- 'connec.timeout' => 60,
316
- 'sso.idp' => 'https://maestrano.com',
317
- 'sso.name_id_format' => Maestrano::Saml::Settings::NAMEID_PERSISTENT,
318
- 'sso.x509_fingerprint' => '01:06:15:89:25:7d:78:12:28:a6:69:c7:de:63:ed:74:21:f9:f5:36',
319
- 'sso.x509_certificate' => "-----BEGIN CERTIFICATE-----\nMIIDezCCAuSgAwIBAgIJAOehBr+YIrhjMA0GCSqGSIb3DQEBBQUAMIGGMQswCQYD\nVQQGEwJBVTEMMAoGA1UECBMDTlNXMQ8wDQYDVQQHEwZTeWRuZXkxGjAYBgNVBAoT\nEU1hZXN0cmFubyBQdHkgTHRkMRYwFAYDVQQDEw1tYWVzdHJhbm8uY29tMSQwIgYJ\nKoZIhvcNAQkBFhVzdXBwb3J0QG1hZXN0cmFuby5jb20wHhcNMTQwMTA0MDUyMjM5\nWhcNMzMxMjMwMDUyMjM5WjCBhjELMAkGA1UEBhMCQVUxDDAKBgNVBAgTA05TVzEP\nMA0GA1UEBxMGU3lkbmV5MRowGAYDVQQKExFNYWVzdHJhbm8gUHR5IEx0ZDEWMBQG\nA1UEAxMNbWFlc3RyYW5vLmNvbTEkMCIGCSqGSIb3DQEJARYVc3VwcG9ydEBtYWVz\ndHJhbm8uY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDVkIqo5t5Paflu\nP2zbSbzxn29n6HxKnTcsubycLBEs0jkTkdG7seF1LPqnXl8jFM9NGPiBFkiaR15I\n5w482IW6mC7s8T2CbZEL3qqQEAzztEPnxQg0twswyIZWNyuHYzf9fw0AnohBhGu2\n28EZWaezzT2F333FOVGSsTn1+u6tFwIDAQABo4HuMIHrMB0GA1UdDgQWBBSvrNxo\neHDm9nhKnkdpe0lZjYD1GzCBuwYDVR0jBIGzMIGwgBSvrNxoeHDm9nhKnkdpe0lZ\njYD1G6GBjKSBiTCBhjELMAkGA1UEBhMCQVUxDDAKBgNVBAgTA05TVzEPMA0GA1UE\nBxMGU3lkbmV5MRowGAYDVQQKExFNYWVzdHJhbm8gUHR5IEx0ZDEWMBQGA1UEAxMN\nbWFlc3RyYW5vLmNvbTEkMCIGCSqGSIb3DQEJARYVc3VwcG9ydEBtYWVzdHJhbm8u\nY29tggkA56EGv5giuGMwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOBgQCc\nMPgV0CpumKRMulOeZwdpnyLQI/NTr3VVHhDDxxCzcB0zlZ2xyDACGnIG2cQJJxfc\n2GcsFnb0BMw48K6TEhAaV92Q7bt1/TYRvprvhxUNMX2N8PHaYELFG2nWfQ4vqxES\nRkjkjqy+H7vir/MOF3rlFjiv5twAbDKYHXDT7v1YCg==\n-----END CERTIFICATE-----",
320
- },
321
264
  'uat' => {
322
265
  'api.host' => 'https://uat.maestrano.io',
323
266
  'api.base' => '/api/v1/',
@@ -1,3 +1,3 @@
1
1
  module Maestrano
2
- VERSION = '1.0.0'
2
+ VERSION = '1.0.1'
3
3
  end
@@ -3,49 +3,49 @@ require File.expand_path('../../../test_helper', __FILE__)
3
3
  module Maestrano
4
4
  module Connec
5
5
  class ClientTest < Test::Unit::TestCase
6
-
6
+
7
7
  context 'without preset' do
8
8
  context 'initializer' do
9
9
  context '.base_uri' do
10
- context 'in test' do
11
- setup { Maestrano.configs = {}; Maestrano.configure { |config| config.environment = 'test' } }
10
+ context 'in local' do
11
+ setup { Maestrano.configs = {}; Maestrano.configure { |config| config.environment = 'local' } }
12
12
  setup { @client = Maestrano::Connec::Client.new("cld-123") }
13
-
13
+
14
14
  should "return the right uri" do
15
- assert_equal "http://api-sandbox.maestrano.io/connec/api/v2", Maestrano::Connec::Client.base_uri
15
+ assert_equal "http://connec.maestrano.io/api/v2", Maestrano::Connec::Client.base_uri
16
16
  end
17
17
  end
18
-
18
+
19
19
  context 'in production' do
20
20
  setup { Maestrano.configs = {}; Maestrano.configure { |config| config.environment = 'production' } }
21
21
  setup { @client = Maestrano::Connec::Client.new("cld-123") }
22
-
22
+
23
23
  should "return the right uri" do
24
24
  assert_equal "https://api-connec.maestrano.com/api/v2", Maestrano::Connec::Client.base_uri
25
25
  end
26
26
  end
27
27
  end
28
28
  end
29
-
29
+
30
30
  context 'scoped_path' do
31
31
  setup { @client = Maestrano::Connec::Client.new("cld-123") }
32
-
32
+
33
33
  should "return the right scoped path" do
34
34
  assert_equal "/cld-123/people", @client.scoped_path('/people')
35
35
  end
36
-
36
+
37
37
  should "remove any leading or trailing slash" do
38
38
  assert_equal "/cld-123/people", @client.scoped_path('/people/')
39
39
  end
40
40
  end
41
-
41
+
42
42
  context 'default_options' do
43
43
  setup { @client = Maestrano::Connec::Client.new("cld-123") }
44
-
44
+
45
45
  should "return the right authentication options" do
46
46
  expected_opts = {
47
- basic_auth: {
48
- username: Maestrano.param('api.id'),
47
+ basic_auth: {
48
+ username: Maestrano.param('api.id'),
49
49
  password: Maestrano.param('api.key')
50
50
  },
51
51
  timeout: Maestrano.param('connec.timeout')
@@ -53,10 +53,10 @@ module Maestrano
53
53
  assert_equal expected_opts, @client.default_options
54
54
  end
55
55
  end
56
-
56
+
57
57
  context 'get' do
58
58
  setup { @client = Maestrano::Connec::Client.new("cld-123") }
59
-
59
+
60
60
  should "perform the right query" do
61
61
  path = '/people'
62
62
  opts = { foo: 'bar' }
@@ -65,10 +65,10 @@ module Maestrano
65
65
  assert_equal resp, @client.get(path,opts)
66
66
  end
67
67
  end
68
-
68
+
69
69
  context 'post' do
70
70
  setup { @client = Maestrano::Connec::Client.new("cld-123") }
71
-
71
+
72
72
  should "perform the right query" do
73
73
  path = '/people'
74
74
  body = { some: 'data'}
@@ -78,10 +78,10 @@ module Maestrano
78
78
  assert_equal resp, @client.post(path,body,opts)
79
79
  end
80
80
  end
81
-
81
+
82
82
  context 'put' do
83
83
  setup { @client = Maestrano::Connec::Client.new("cld-123") }
84
-
84
+
85
85
  should "perform the right query" do
86
86
  path = '/people/123'
87
87
  body = { some: 'data'}
@@ -94,7 +94,7 @@ module Maestrano
94
94
 
95
95
  context 'batch' do
96
96
  setup { @client = Maestrano::Connec::Client.new("cld-123") }
97
-
97
+
98
98
  should "perform the right query" do
99
99
  body = { some: 'data'}
100
100
  opts = { foo: 'bar' }
@@ -112,7 +112,7 @@ module Maestrano
112
112
  @config = {
113
113
  'environment' => 'production',
114
114
  'app.host' => 'http://mysuperapp.com',
115
-
115
+
116
116
  'api.id' => 'app-f54ds4f8',
117
117
  'api.key' => 'someapikey',
118
118
 
@@ -124,7 +124,7 @@ module Maestrano
124
124
  @preset_config = {
125
125
  'environment' => 'production',
126
126
  'app.host' => 'http://myotherapp.com',
127
-
127
+
128
128
  'api.id' => 'app-553941',
129
129
  'api.key' => 'otherapikey',
130
130
 
@@ -136,7 +136,7 @@ module Maestrano
136
136
  Maestrano.configure do |config|
137
137
  config.environment = @config['environment']
138
138
  config.app.host = @config['app.host']
139
-
139
+
140
140
  config.api.id = @config['api.id']
141
141
  config.api.key = @config['api.key']
142
142
 
@@ -144,11 +144,11 @@ module Maestrano
144
144
  config.connec.host = @config['connec.host']
145
145
  config.connec.base_path = @config['connec.base_path']
146
146
  end
147
-
147
+
148
148
  Maestrano[@preset].configure do |config|
149
149
  config.environment = @preset_config['environment']
150
150
  config.app.host = @preset_config['app.host']
151
-
151
+
152
152
  config.api.id = @preset_config['api.id']
153
153
  config.api.key = @preset_config['api.key']
154
154
 
@@ -160,45 +160,45 @@ module Maestrano
160
160
 
161
161
  context 'initializer' do
162
162
  context '.base_uri' do
163
- context 'in test' do
164
- setup { Maestrano[@preset].configure { |config| config.environment = 'test' } }
163
+ context 'in local' do
164
+ setup { Maestrano[@preset].configure { |config| config.environment = 'local' } }
165
165
  setup { @client = Maestrano::Connec::Client[@preset].new("cld-123") }
166
-
166
+
167
167
  should "return the right uri" do
168
168
  assert_equal "https://other-provider.com/data", Maestrano::Connec::Client[@preset].base_uri
169
169
  end
170
170
  end
171
-
171
+
172
172
  context 'in production' do
173
173
  setup { Maestrano[@preset].configure { |config| config.environment = 'production' } }
174
174
  setup { @client = Maestrano::Connec::Client[@preset].new("cld-123") }
175
-
175
+
176
176
  should "return the right uri" do
177
177
  assert_equal "https://other-provider.com/data", Maestrano::Connec::Client[@preset].base_uri
178
178
  end
179
179
  end
180
180
  end
181
181
  end
182
-
182
+
183
183
  context 'scoped_path' do
184
184
  setup { @client = Maestrano::Connec::Client[@preset].new("cld-123") }
185
-
185
+
186
186
  should "return the right scoped path" do
187
187
  assert_equal "/cld-123/people", @client.scoped_path('/people')
188
188
  end
189
-
189
+
190
190
  should "remove any leading or trailing slash" do
191
191
  assert_equal "/cld-123/people", @client.scoped_path('/people/')
192
192
  end
193
193
  end
194
-
194
+
195
195
  context 'default_options' do
196
196
  setup { @client = Maestrano::Connec::Client[@preset].new("cld-123") }
197
-
197
+
198
198
  should "return the right authentication options" do
199
199
  expected_opts = {
200
- basic_auth: {
201
- username: Maestrano[@preset].param('api.id'),
200
+ basic_auth: {
201
+ username: Maestrano[@preset].param('api.id'),
202
202
  password: Maestrano[@preset].param('api.key')
203
203
  },
204
204
  timeout: Maestrano[@preset].param('connec.timeout')
@@ -206,10 +206,10 @@ module Maestrano
206
206
  assert_equal expected_opts, @client.default_options
207
207
  end
208
208
  end
209
-
209
+
210
210
  context 'get' do
211
211
  setup { @client = Maestrano::Connec::Client[@preset].new("cld-123") }
212
-
212
+
213
213
  should "perform the right query" do
214
214
  path = '/people'
215
215
  opts = { foo: 'bar' }
@@ -218,10 +218,10 @@ module Maestrano
218
218
  assert_equal resp, @client.get(path,opts)
219
219
  end
220
220
  end
221
-
221
+
222
222
  context 'post' do
223
223
  setup { @client = Maestrano::Connec::Client[@preset].new("cld-123") }
224
-
224
+
225
225
  should "perform the right query" do
226
226
  path = '/people'
227
227
  body = { some: 'data'}
@@ -231,10 +231,10 @@ module Maestrano
231
231
  assert_equal resp, @client.post(path,body,opts)
232
232
  end
233
233
  end
234
-
234
+
235
235
  context 'put' do
236
236
  setup { @client = Maestrano::Connec::Client[@preset].new("cld-123") }
237
-
237
+
238
238
  should "perform the right query" do
239
239
  path = '/people/123'
240
240
  body = { some: 'data'}
@@ -247,4 +247,4 @@ module Maestrano
247
247
  end
248
248
  end
249
249
  end
250
- end
250
+ end
@@ -466,49 +466,4 @@ class MaestranoTest < Test::Unit::TestCase
466
466
  assert_equal 'usr-1', Maestrano.unmask_user('usr-1')
467
467
  end
468
468
  end
469
-
470
- context "to_metadata" do
471
- should "should return the right hash" do
472
- expected = {
473
- 'environment' => @config['environment'],
474
- 'app' => {
475
- 'host' => @config['app.host']
476
- },
477
- 'api' => {
478
- 'id' => @config['api.id'],
479
- 'version' => Maestrano::VERSION,
480
- 'verify_ssl_certs' => false,
481
- 'lang' => 'ruby',
482
- 'lang_version' => "#{RUBY_VERSION} p#{RUBY_PATCHLEVEL} (#{RUBY_RELEASE_DATE})",
483
- 'host' => Maestrano::Configuration::EVT_CONFIG[@config['environment']]['api.host'],
484
- 'base' => Maestrano::Configuration::EVT_CONFIG[@config['environment']]['api.base'],
485
-
486
- },
487
- 'sso' => {
488
- 'enabled' => @config['sso.enabled'],
489
- 'slo_enabled' => @config['sso.slo_enabled'],
490
- 'init_path' => @config['sso.init_path'],
491
- 'consume_path' => @config['sso.consume_path'],
492
- 'creation_mode' => @config['sso.creation_mode'],
493
- 'idm' => @config['sso.idm'],
494
- 'idp' => Maestrano::Configuration::EVT_CONFIG[@config['environment']]['sso.idp'],
495
- 'name_id_format' => Maestrano::Configuration::EVT_CONFIG[@config['environment']]['sso.name_id_format'],
496
- 'x509_fingerprint' => Maestrano::Configuration::EVT_CONFIG[@config['environment']]['sso.x509_fingerprint'],
497
- 'x509_certificate' => Maestrano::Configuration::EVT_CONFIG[@config['environment']]['sso.x509_certificate'],
498
- },
499
- 'webhook' => {
500
- 'account' => {
501
- 'groups_path' => @config['webhook.account.groups_path'],
502
- 'group_users_path' => @config['webhook.account.group_users_path'],
503
- },
504
- 'connec' => {
505
- 'notifications_path' => 'mno/receive',
506
- 'subscriptions' => { organizations: true, people: true }
507
- }
508
- }
509
- }
510
-
511
- assert_equal expected, Maestrano.to_metadata
512
- end
513
- end
514
469
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: maestrano
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.0.0
4
+ version: 1.0.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Maestrano
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2016-11-25 00:00:00.000000000 Z
11
+ date: 2017-01-03 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: rest-client
@@ -218,7 +218,6 @@ files:
218
218
  - lib/maestrano/open_struct.rb
219
219
  - lib/maestrano/preset.rb
220
220
  - lib/maestrano/saml/attribute_value.rb
221
- - lib/maestrano/saml/metadata.rb
222
221
  - lib/maestrano/saml/request.rb
223
222
  - lib/maestrano/saml/response.rb
224
223
  - lib/maestrano/saml/schemas/saml20assertion_schema.xsd
@@ -305,7 +304,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
305
304
  version: '0'
306
305
  requirements: []
307
306
  rubyforge_project:
308
- rubygems_version: 2.5.1
307
+ rubygems_version: 2.4.8
309
308
  signing_key:
310
309
  specification_version: 4
311
310
  summary: Ruby bindings for the Maestrano API
@@ -1,64 +0,0 @@
1
- require "rexml/document"
2
- require "rexml/xpath"
3
- require "uri"
4
-
5
- # Class to return SP metadata based on the settings requested.
6
- # Return this XML in a controller, then give that URL to the the
7
- # IdP administrator. The IdP will poll the URL and your settings
8
- # will be updated automatically
9
- module Maestrano
10
- module Saml
11
- include REXML
12
- class Metadata
13
- def generate(settings)
14
- meta_doc = REXML::Document.new
15
- root = meta_doc.add_element "md:EntityDescriptor", {
16
- "xmlns:md" => "urn:oasis:names:tc:SAML:2.0:metadata"
17
- }
18
- sp_sso = root.add_element "md:SPSSODescriptor", {
19
- "protocolSupportEnumeration" => "urn:oasis:names:tc:SAML:2.0:protocol",
20
- # Metadata request need not be signed (as we don't publish our cert)
21
- "AuthnRequestsSigned" => false,
22
- # However we would like assertions signed if idp_cert_fingerprint or idp_cert is set
23
- "WantAssertionsSigned" => (!settings.idp_cert_fingerprint.nil? || !settings.idp_cert.nil?)
24
- }
25
- if settings.issuer != nil
26
- root.attributes["entityID"] = settings.issuer
27
- end
28
- if settings.assertion_consumer_logout_service_url != nil
29
- sp_sso.add_element "md:SingleLogoutService", {
30
- # Add this as a setting to create different bindings?
31
- "Binding" => "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect",
32
- "Location" => settings.assertion_consumer_logout_service_url,
33
- "ResponseLocation" => settings.assertion_consumer_logout_service_url,
34
- "isDefault" => true,
35
- "index" => 0
36
- }
37
- end
38
- if settings.name_identifier_format != nil
39
- name_id = sp_sso.add_element "md:NameIDFormat"
40
- name_id.text = settings.name_identifier_format
41
- end
42
- if settings.assertion_consumer_service_url != nil
43
- sp_sso.add_element "md:AssertionConsumerService", {
44
- # Add this as a setting to create different bindings?
45
- "Binding" => "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST",
46
- "Location" => settings.assertion_consumer_service_url,
47
- "isDefault" => true,
48
- "index" => 0
49
- }
50
- end
51
- # With OpenSSO, it might be required to also include
52
- # <md:RoleDescriptor xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:query="urn:oasis:names:tc:SAML:metadata:ext:query" xsi:type="query:AttributeQueryDescriptorType" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol"/>
53
- # <md:XACMLAuthzDecisionQueryDescriptor WantAssertionsSigned="false" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol"/>
54
-
55
- meta_doc << REXML::XMLDecl.new
56
- ret = ""
57
- # pretty print the XML so IdP administrators can easily see what the SP supports
58
- meta_doc.write(ret, 1)
59
-
60
- ret
61
- end
62
- end
63
- end
64
- end