nulogy_sso 2.6.0 → 3.0.0

data/spec/dummy/tmp/local_secret.txt

@@ -1 +1 @@
-984597f29bf049179392b783ade7587338fc831e64166e267faaa19e7fad825f429c8bdeb7f65ae411c10435d459e01b7c87e4d90086245fd1d9f73b3531b30d
+fbd7ec478b18e938597866d54ece09ed83775658f0b661085699e48972ae2e1aeee86de5babcd5c94d3caa5e38d0da6a5abc2d163b78ac3d28144bfadbd938be

data/spec/examples.txt

@@ -1,24 +1,24 @@
 example_id                                                       | status | run_time        |
 ---------------------------------------------------------------- | ------ | --------------- |
-./spec/features/nulogy_sso/sso_login_spec.rb[1:1:1]              | failed | 0.0206 seconds  |
-./spec/features/nulogy_sso/sso_login_spec.rb[1:1:2]              | failed | 0.0083 seconds  |
-./spec/features/nulogy_sso/sso_login_spec.rb[1:1:3]              | failed | 0.00638 seconds |
-./spec/features/nulogy_sso/sso_login_spec.rb[1:2:1]              | failed | 0.01991 seconds |
-./spec/features/nulogy_sso/sso_login_spec.rb[1:2:2]              | failed | 0.00738 seconds |
-./spec/features/nulogy_sso/sso_login_spec.rb[1:2:3]              | failed | 0.00719 seconds |
-./spec/features/nulogy_sso/sso_login_spec.rb[1:3:1]              | failed | 0.00808 seconds |
-./spec/features/nulogy_sso/sso_login_spec.rb[1:3:2]              | failed | 0.00898 seconds |
-./spec/features/nulogy_sso/sso_login_spec.rb[1:3:3]              | failed | 0.00904 seconds |
-./spec/unit/services/nulogy_sso/authenticator_spec.rb[1:1:1]     | passed | 0.00369 seconds |
-./spec/unit/services/nulogy_sso/authenticator_spec.rb[1:1:2:1]   | failed | 0.40264 seconds |
-./spec/unit/services/nulogy_sso/authenticator_spec.rb[1:1:2:2]   | failed | 0.40014 seconds |
-./spec/unit/services/nulogy_sso/authenticator_spec.rb[1:1:3:1]   | failed | 0.45297 seconds |
-./spec/unit/services/nulogy_sso/authenticator_spec.rb[1:2:1]     | failed | 4.39 seconds    |
-./spec/unit/services/nulogy_sso/authenticator_spec.rb[1:2:2]     | failed | 0.62803 seconds |
-./spec/unit/services/nulogy_sso/authenticator_spec.rb[1:2:3]     | passed | 0.0044 seconds  |
-./spec/unit/services/nulogy_sso/authenticator_spec.rb[1:2:4]     | failed | 6.35 seconds    |
-./spec/unit/services/nulogy_sso/cookie_token_store_spec.rb[1:1]  | passed | 0.00965 seconds |
-./spec/unit/services/nulogy_sso/cookie_token_store_spec.rb[1:2]  | passed | 0.00143 seconds |
-./spec/unit/services/nulogy_sso/cookie_token_store_spec.rb[1:3]  | passed | 0.00034 seconds |
-./spec/unit/services/nulogy_sso/origin_redirector_spec.rb[1:1:1] | passed | 0.00192 seconds |
-./spec/unit/services/nulogy_sso/origin_redirector_spec.rb[1:1:2] | passed | 0.0002 seconds  |
+./spec/system/nulogy_sso/sso_login_spec.rb[1:1:1]                | passed | 0.15002 seconds |
+./spec/system/nulogy_sso/sso_login_spec.rb[1:1:2]                | passed | 2.23 seconds    |
+./spec/system/nulogy_sso/sso_login_spec.rb[1:1:3]                | passed | 0.09708 seconds |
+./spec/system/nulogy_sso/sso_login_spec.rb[1:2:1]                | passed | 0.09063 seconds |
+./spec/system/nulogy_sso/sso_login_spec.rb[1:2:2]                | passed | 0.22381 seconds |
+./spec/system/nulogy_sso/sso_login_spec.rb[1:2:3]                | passed | 0.14889 seconds |
+./spec/system/nulogy_sso/sso_login_spec.rb[1:3:1]                | passed | 0.07893 seconds |
+./spec/system/nulogy_sso/sso_login_spec.rb[1:3:2]                | passed | 0.16209 seconds |
+./spec/system/nulogy_sso/sso_login_spec.rb[1:3:3]                | passed | 0.16081 seconds |
+./spec/unit/services/nulogy_sso/authenticator_spec.rb[1:1:1]     | passed | 0.0044 seconds  |
+./spec/unit/services/nulogy_sso/authenticator_spec.rb[1:1:2:1]   | passed | 0.01292 seconds |
+./spec/unit/services/nulogy_sso/authenticator_spec.rb[1:1:2:2]   | passed | 0.0096 seconds  |
+./spec/unit/services/nulogy_sso/authenticator_spec.rb[1:1:3:1]   | passed | 0.00551 seconds |
+./spec/unit/services/nulogy_sso/authenticator_spec.rb[1:2:1]     | passed | 0.0058 seconds  |
+./spec/unit/services/nulogy_sso/authenticator_spec.rb[1:2:2]     | passed | 0.00512 seconds |
+./spec/unit/services/nulogy_sso/authenticator_spec.rb[1:2:3]     | passed | 0.00228 seconds |
+./spec/unit/services/nulogy_sso/authenticator_spec.rb[1:2:4]     | passed | 0.00549 seconds |
+./spec/unit/services/nulogy_sso/cookie_token_store_spec.rb[1:1]  | passed | 0.00522 seconds |
+./spec/unit/services/nulogy_sso/cookie_token_store_spec.rb[1:2]  | passed | 0.00052 seconds |
+./spec/unit/services/nulogy_sso/cookie_token_store_spec.rb[1:3]  | passed | 0.00046 seconds |
+./spec/unit/services/nulogy_sso/origin_redirector_spec.rb[1:1:1] | passed | 0.00024 seconds |
+./spec/unit/services/nulogy_sso/origin_redirector_spec.rb[1:1:2] | passed | 0.00014 seconds |

data/spec/rails_helper.rb

@@ -25,4 +25,25 @@ RSpec.configure do |config|
 
   # Filter lines from Rails gems in backtraces.
   config.filter_rails_from_backtrace!
+
+  # Use transactional fixtures for all tests except system tests
+  # System tests run in separate threads and need truncation
+  config.use_transactional_fixtures = true
+
+  # Configure system tests to run headless
+  config.before(:each, type: :system) do
+    driven_by :selenium_chrome_headless
+    configure_webmock
+  end
+
+  # Clean database between system tests
+  config.before(:each, type: :system) do
+    # Truncate all tables except schema_migrations
+    ActiveRecord::Base.connection_pool.with_connection do |conn|
+      conn.tables.each do |table|
+        next if table == "schema_migrations"
+        conn.execute("DELETE FROM #{table}")
+      end
+    end
+  end
 end

data/spec/spec_helper.rb

@@ -1,5 +1,6 @@
 # frozen_string_literal: true
 require 'active_support/testing/time_helpers'
+require 'webmock/rspec'
 
 # See http://rubydoc.info/gems/rspec-core/RSpec/Core/Configuration
 RSpec.configure do |config|
@@ -44,3 +45,11 @@ RSpec.configure do |config|
 
   config.include ActiveSupport::Testing::TimeHelpers
 end
+
+def configure_webmock(overrides: [])
+  allowed_hosts = (overrides + [ENV["NULOGY_SSO_MOCKSERVER_HOST"]]).compact
+  WebMock.disable_net_connect!(
+    allow_localhost: true,
+    allow: allowed_hosts
+  )
+end

data/spec/support/mock_auth0_verifier.rb

@@ -1,26 +1,38 @@
 # frozen_string_literal: true
 
-# This is a mock verifier that allows the auth0_rs256_jwt_verifier gem
-# to still be used for verifying JWTs, but with a localhost JWKS specified.
-# This code was adapted from the gem's test suite:
-# https://github.com/DroidsOnRoids/auth0_rs256_jwt_verifier/blob/master/test/auth0_rs256_jwt_verifier_test.rb
+require "jwt"
+require "json"
+
+# Mock verifier for testing that uses ruby-jwt with a provided JWKS
 class MockAuth0Verifier
-  def initialize(issuer:, audience:, jwks:)
-    @internal_verifier = Auth0RS256JWTVerifier.new(
-      issuer: issuer,
-      audience: audience,
-      jwks_url: "https://do.not.care",
-      http: http_stub(jwks)
-    )
+  VerificationResult = Struct.new(:valid?, :payload) do
+    alias_method :valid?, :valid?
   end
 
-  delegate :verify, to: :@internal_verifier
-
-  private
+  def initialize(issuer:, audience:, jwks:)
+    @issuer = issuer
+    @audience = audience
+    @jwks = JWT::JWK::Set.new(JSON.parse(jwks))
+  end
 
-  def http_stub(jwks)
-    http_stub = Object.new
-    http_stub.define_singleton_method(:get) { |*_| jwks }
-    http_stub
+  def verify(token)
+    begin
+      payload, = JWT.decode(
+        token,
+        nil,
+        true,
+        {
+          jwks: @jwks,
+          algorithms: ["RS256"],
+          iss: @issuer,
+          verify_iss: true,
+          aud: @audience,
+          verify_aud: true
+        }
+      )
+      VerificationResult.new(true, payload)
+    rescue JWT::DecodeError, JWT::InvalidIssuerError, JWT::InvalidAudienceError, JWT::ExpiredSignature, JWT::JWKError
+      VerificationResult.new(false, nil)
+    end
   end
 end

data/spec/system/nulogy_sso/sso_login_spec.rb

@@ -0,0 +1,92 @@
+# frozen_string_literal: true
+
+require "rails_helper"
+
+RSpec.describe "SSO login process", type: :system do
+  let(:email) { "test@nulogy.com" }
+  let(:auth0_mock) {
+    NulogySSO::TestUtilities::Auth0Mock.new(
+      mockserver_host: ENV.fetch("NULOGY_SSO_MOCKSERVER_HOST", "localhost"),
+      mockserver_port: ENV.fetch("NULOGY_SSO_MOCKSERVER_PORT", "1080").to_i
+    )
+  }
+  let(:jwt_test_helper) { NulogySSO::TestUtilities::JwtTestHelper.new }
+
+  describe "login flow" do
+    it "can successfully login" do
+      auth0_mock.setup(email: email, redirect_path: "/hello_world")
+      create_user
+
+      visit "/hello_world"
+
+      expect(page).to have_content("Hello World")
+    end
+
+    it "shows an error page when the user can authorize with Auth0 but not exist in the app" do
+      auth0_mock.setup(email: email, redirect_path: "/hello_world")
+
+      visit "/hello_world"
+
+      expect(page).to have_content("An SSO error has occurred :(")
+    end
+
+    it "shows an error page when Auth0 throws an error" do
+      auth0_mock.setup(email: email, redirect_path: "/hello_world", status_code: 403)
+      create_user
+
+      visit "/hello_world"
+
+      expect(page).to have_content("An SSO error has occurred :(")
+    end
+  end
+
+  shared_examples "JWT authentication" do |endpoint:|
+    let!(:user) { create_user }
+
+    before do
+      auth0_mock.mockserver_reset
+      auth0_mock.setup_jwks
+
+      # have to visit an unauthenticated endpoint in order for capybara to have something to have a tab to set the cookie on
+      visit "/robots.txt"
+    end
+
+    it "allows a user with a valid JWT to visit a secured endpoint" do
+      set_access_token_cookie(jwt_test_helper.jwt(email))
+
+      visit endpoint
+
+      expect(page).to have_content("Hello World")
+    end
+
+    it "prevents sessions with invalid JWTs from accessing secured endpoints" do
+      set_access_token_cookie(jwt_test_helper.jwt(email, "exp" => (Time.now - 1.day).to_i))
+
+      visit endpoint
+
+      expect(current_path).to eq("/authorize")
+    end
+
+    it "prevents sessions with no JWT from accessing secured endpoints" do
+      visit endpoint
+
+      expect(current_path).to eq("/authorize")
+    end
+
+    def set_access_token_cookie(token)
+      page.driver.browser.manage.add_cookie(name: NulogySSO.sso_cookie_key, value: token)
+    end
+  end
+
+  describe "web app authentication" do
+    include_examples "JWT authentication", endpoint: "/hello_world"
+  end
+
+  describe "API authentication" do
+    include_examples "JWT authentication", endpoint: "/api_endpoint"
+  end
+
+  def create_user
+    User.create!(email: email)
+  end
+end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: nulogy_sso
 version: !ruby/object:Gem::Version
-  version: 2.6.0
+  version: 3.0.0
 platform: ruby
 authors:
 - Nulogy Corporation
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2025-01-07 00:00:00.000000000 Z
+date: 2025-12-22 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: auth0
@@ -31,39 +31,53 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '5.5'
 - !ruby/object:Gem::Dependency
-  name: auth0_rs256_jwt_verifier
+  name: base64
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.0.2
+        version: 0.3.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.0.2
+        version: 0.3.0
+- !ruby/object:Gem::Dependency
+  name: jwt
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.10'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.10'
 - !ruby/object:Gem::Dependency
   name: rails
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '7.0'
+        version: '7.2'
     - - "<"
       - !ruby/object:Gem::Version
-        version: '8.1'
+        version: '8.2'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '7.0'
+        version: '7.2'
     - - "<"
       - !ruby/object:Gem::Version
-        version: '8.1'
+        version: '8.2'
 - !ruby/object:Gem::Dependency
   name: appraisal
   requirement: !ruby/object:Gem::Requirement
@@ -163,19 +177,19 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '3.24'
 - !ruby/object:Gem::Dependency
-  name: webrick
+  name: puma
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.9'
+        version: '7.0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.9'
+        version: '7.0'
 description:
 email:
 - engineering@nulogy.com
@@ -241,11 +255,9 @@ files:
 - spec/dummy/config/spring.rb
 - spec/dummy/config/sso.yml
 - spec/dummy/config/storage.yml
-- spec/dummy/db/development.sqlite3
 - spec/dummy/db/migrate/20190912211120_create_users.rb
 - spec/dummy/db/schema.rb
 - spec/dummy/db/test.sqlite3
-- spec/dummy/log/development.log
 - spec/dummy/log/test.log
 - spec/dummy/package.json
 - spec/dummy/public/404.html
@@ -257,16 +269,16 @@ files:
 - spec/dummy/public/robots.txt
 - spec/dummy/tmp/local_secret.txt
 - spec/examples.txt
-- spec/feature_spec_helper.rb
-- spec/features/nulogy_sso/sso_login_spec.rb
 - spec/rails_helper.rb
 - spec/spec_helper.rb
 - spec/support/mock_auth0_verifier.rb
+- spec/system/nulogy_sso/sso_login_spec.rb
 - spec/unit/services/nulogy_sso/authenticator_spec.rb
 - spec/unit/services/nulogy_sso/cookie_token_store_spec.rb
 - spec/unit/services/nulogy_sso/origin_redirector_spec.rb
 homepage: https://nulogy.com
-licenses: []
+licenses:
+- MIT
 metadata: {}
 post_install_message:
 rdoc_options: []
@@ -276,14 +288,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: '2.5'
+      version: '3.1'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.5.23
+rubygems_version: 3.5.22
 signing_key:
 specification_version: 4
 summary: Rails Engine For Nulogy's SSO Integration
@@ -330,11 +342,9 @@ test_files:
 - spec/dummy/config/sso.yml
 - spec/dummy/config/storage.yml
 - spec/dummy/config.ru
-- spec/dummy/db/development.sqlite3
 - spec/dummy/db/migrate/20190912211120_create_users.rb
 - spec/dummy/db/schema.rb
 - spec/dummy/db/test.sqlite3
-- spec/dummy/log/development.log
 - spec/dummy/log/test.log
 - spec/dummy/package.json
 - spec/dummy/public/404.html
@@ -346,11 +356,10 @@ test_files:
 - spec/dummy/public/robots.txt
 - spec/dummy/tmp/local_secret.txt
 - spec/examples.txt
-- spec/feature_spec_helper.rb
-- spec/features/nulogy_sso/sso_login_spec.rb
 - spec/rails_helper.rb
 - spec/spec_helper.rb
 - spec/support/mock_auth0_verifier.rb
+- spec/system/nulogy_sso/sso_login_spec.rb
 - spec/unit/services/nulogy_sso/authenticator_spec.rb
 - spec/unit/services/nulogy_sso/cookie_token_store_spec.rb
 - spec/unit/services/nulogy_sso/origin_redirector_spec.rb

data/spec/dummy/log/development.log

@@ -1,12 +0,0 @@
-   (0.7ms)  DROP TABLE IF EXISTS "users"
-   (0.7ms)  CREATE TABLE "users" ("id" integer PRIMARY KEY AUTOINCREMENT NOT NULL, "email" varchar, "active" boolean DEFAULT 0 NOT NULL, "created_at" datetime(6) NOT NULL, "updated_at" datetime(6) NOT NULL)
-   (0.3ms)  CREATE TABLE "schema_migrations" ("version" varchar NOT NULL PRIMARY KEY)
-  ActiveRecord::SchemaMigration Load (0.3ms)  SELECT "schema_migrations"."version" FROM "schema_migrations" ORDER BY "schema_migrations"."version" ASC
-   (0.1ms)  INSERT INTO "schema_migrations" (version) VALUES (20190912211120)
-   (0.2ms)  CREATE TABLE "ar_internal_metadata" ("key" varchar NOT NULL PRIMARY KEY, "value" varchar, "created_at" datetime(6) NOT NULL, "updated_at" datetime(6) NOT NULL)
-  ActiveRecord::InternalMetadata Load (0.1ms)  SELECT * FROM "ar_internal_metadata" WHERE "ar_internal_metadata"."key" = ? ORDER BY "ar_internal_metadata"."key" ASC LIMIT 1  [[nil, "environment"]]
-  ActiveRecord::InternalMetadata Create (0.3ms)  INSERT INTO "ar_internal_metadata" ("key", "value", "created_at", "updated_at") VALUES ('environment', 'development', '2024-12-30 15:43:21.538370', '2024-12-30 15:43:21.538373') RETURNING "key"
-  ActiveRecord::InternalMetadata Load (0.3ms)  SELECT * FROM "ar_internal_metadata" WHERE "ar_internal_metadata"."key" = ? ORDER BY "ar_internal_metadata"."key" ASC LIMIT 1  [[nil, "environment"]]
-  ActiveRecord::InternalMetadata Update (0.2ms)  UPDATE "ar_internal_metadata" SET "value" = 'test', "updated_at" = '2024-12-30 15:43:21.541149' WHERE "ar_internal_metadata"."key" = 'environment'
-  ActiveRecord::InternalMetadata Load (0.4ms)  SELECT * FROM "ar_internal_metadata" WHERE "ar_internal_metadata"."key" = ? ORDER BY "ar_internal_metadata"."key" ASC LIMIT 1  [[nil, "schema_sha1"]]
-  ActiveRecord::InternalMetadata Create (0.3ms)  INSERT INTO "ar_internal_metadata" ("key", "value", "created_at", "updated_at") VALUES ('schema_sha1', '2b01fa59c4c74162736a2cb624389712cfa71fdb', '2024-12-30 15:43:21.543796', '2024-12-30 15:43:21.543798') RETURNING "key"

data/spec/feature_spec_helper.rb

@@ -1,44 +0,0 @@
-# frozen_string_literal: true
-
-require "rails_helper"
-require "capybara/rspec"
-require "webmock/rspec"
-require "resolv"
-require "socket"
-
-def configure_webmock(overrides: [])
-  allowed_hosts = (overrides + [ENV["NULOGY_SSO_MOCKSERVER_HOST"]]).compact
-  WebMock.disable_net_connect!(
-    allow_localhost: true,
-    allow: allowed_hosts
-  )
-end
-
-Capybara.server = :webrick
-
-if ENV["REMOTE_SELENIUM_HOST"].present?
-  ip = Socket.ip_address_list.detect(&:ipv4_private?)
-  rails_server_host = ip.ip_address
-  remote_selenium_host = Resolv.getaddress(ENV.fetch("REMOTE_SELENIUM_HOST"))
-  remote_selenium_port = ENV.fetch("REMOTE_SELENIUM_PORT")
-
-  Capybara.register_driver :remote do |app|
-    Capybara.server_host = rails_server_host
-    Capybara::Selenium::Driver.new(
-      app,
-      browser: :remote,
-      url: "http://#{remote_selenium_host}:#{remote_selenium_port}/wd/hub",
-      desired_capabilities: :chrome
-    )
-  end
-
-  Capybara.javascript_driver = :remote
-  configure_webmock(overrides: [rails_server_host, remote_selenium_host])
-else
-  Capybara.javascript_driver = :selenium_chrome
-  configure_webmock
-end
-
-RSpec.configure do |config|
-  config.use_transactional_fixtures = true
-end

data/spec/features/nulogy_sso/sso_login_spec.rb

@@ -1,94 +0,0 @@
-# frozen_string_literal: true
-
-require "feature_spec_helper"
-
-module NulogySSO
-  RSpec.describe "the SSO login process", type: :feature, js: true do
-    let(:email) { "test@nulogy.com" }
-    let(:auth0_mock) {
-      TestUtilities::Auth0Mock.new(
-        mockserver_host: ENV.fetch("NULOGY_SSO_MOCKSERVER_HOST", "localhost"),
-        mockserver_port: ENV.fetch("NULOGY_SSO_MOCKSERVER_PORT", 1080)
-      )
-    }
-    let(:jwt_test_helper) { TestUtilities::JwtTestHelper.new }
-
-    describe "login flow" do
-      it "can successfully login" do
-        auth0_mock.setup(email: email, redirect_path: "/hello_world")
-        create_user
-
-        visit "/hello_world"
-
-        expect(page).to have_content("Hello World")
-      end
-
-      it "shows an error page when the user can authorize with Auth0 but not exist in the app" do
-        auth0_mock.setup(email: email, redirect_path: "/hello_world")
-
-        visit "/hello_world"
-
-        expect(page).to have_content("An SSO error has occurred :(")
-      end
-
-      it "shows an error page when Auth0 throws an error" do
-        auth0_mock.setup(email: email, redirect_path: "/hello_world", status_code: 403)
-        create_user
-
-        visit "/hello_world"
-
-        expect(page).to have_content("An SSO error has occurred :(")
-      end
-    end
-
-    shared_examples "JWT authentication" do |endpoint:|
-      let!(:user) { create_user }
-
-      before do
-        auth0_mock.mockserver_reset
-        auth0_mock.setup_jwks
-
-        # have to visit an unauthenticated endpoint in order for capybara to have something to have a tab to set the cookie on
-        visit "/robots.txt"
-      end
-
-      it "allows a user with a valid JWT to visit a secured endpoint" do
-        set_access_token_cookie(jwt_test_helper.jwt(email))
-
-        visit endpoint
-
-        expect(page).to have_content("Hello World")
-      end
-
-      it "prevents sessions with invalid JWTs from accessing secured endpoints" do
-        set_access_token_cookie(jwt_test_helper.jwt(email, "exp" => (Time.now - 1.day).to_i))
-
-        visit endpoint
-
-        expect(current_path).to eq("/authorize")
-      end
-
-      it "prevents sessions with no JWT from accessing secured endpoints" do
-        visit endpoint
-
-        expect(current_path).to eq("/authorize")
-      end
-
-      def set_access_token_cookie(token)
-        page.driver.browser.manage.add_cookie(name: NulogySSO.sso_cookie_key, value: token)
-      end
-    end
-
-    describe "web app authentication" do
-      include_examples "JWT authentication", endpoint: "/hello_world"
-    end
-
-    describe "API authentication" do
-      include_examples "JWT authentication", endpoint: "/api_endpoint"
-    end
-
-    def create_user
-      User.create!(email: email)
-    end
-  end
-end