oauth_im 0.9.3 → 0.10.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/app/controllers/concerns/oauth_im/authenticable.rb +8 -6
- data/app/services/oauth_im/admin_client.rb +37 -0
- data/app/services/oauth_im/has_registration_data.rb +49 -0
- data/app/services/oauth_im/proxy_user.rb +32 -0
- data/app/services/oauth_im/user_client.rb +6 -13
- data/config/initializers/app_context.rb +17 -23
- data/lib/oauth_im/version.rb +1 -1
- metadata +5 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 6e0f366f5c38cc82da877d02f34ca778bcee19235b9b286fbf449e8cd1c5e2cf
|
|
4
|
+
data.tar.gz: 52c299ea3e29fb97c74643cbdbcbf90ff06a0104cb8e3b1eb2a35a8418432810
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: df9b7b1c12bcfc6fe06b3c48c0c337a1dfc24060c0812f575d29b6f972cf6b1ff15bb4c92513f03f87701e0a266f4773fd78ad4954535be8156a0322782155df
|
|
7
|
+
data.tar.gz: 2fdca9e46d141266cecb01b2cdaea5ffb00182cdb24f2db87a8624c9a641aa5f7bd8edf49b5e23988d962f1ea6e1f2e18a9bd00c9dc938a2b71909a4eba75558
|
|
@@ -5,17 +5,19 @@ module OauthIm
|
|
|
5
5
|
extend ActiveSupport::Concern
|
|
6
6
|
|
|
7
7
|
included do
|
|
8
|
-
helper_method :authenticated
|
|
9
|
-
helper_method :email
|
|
8
|
+
helper_method :admin?, :authenticated?, :email
|
|
10
9
|
end
|
|
11
10
|
|
|
12
11
|
private
|
|
13
12
|
|
|
14
13
|
delegate :email, :email_verified?,
|
|
15
|
-
:
|
|
14
|
+
:user_is_sponsor?,
|
|
15
|
+
:admin?,
|
|
16
16
|
to: :user_client,
|
|
17
17
|
allow_nil: true
|
|
18
18
|
|
|
19
|
+
delegate :spec_user, :spec_user_is_sponsor?, to: AppContext
|
|
20
|
+
|
|
19
21
|
def authenticated?
|
|
20
22
|
AppContext.authenticated_for_specs? ||
|
|
21
23
|
(AppContext.provide_authentication? && logged_in?)
|
|
@@ -32,10 +34,10 @@ module OauthIm
|
|
|
32
34
|
|
|
33
35
|
def current_user
|
|
34
36
|
@current_user ||=
|
|
35
|
-
if
|
|
37
|
+
if Rails.env.test?
|
|
38
|
+
spec_user
|
|
39
|
+
elsif user_jwt.present?
|
|
36
40
|
email if email_verified?
|
|
37
|
-
elsif Rails.env.test?
|
|
38
|
-
AppContext.spec_user
|
|
39
41
|
end
|
|
40
42
|
end
|
|
41
43
|
|
|
@@ -0,0 +1,37 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
require 'fusionauth/fusionauth_client'
|
|
4
|
+
|
|
5
|
+
module OauthIm
|
|
6
|
+
class AdminClient < IdpClient
|
|
7
|
+
def search_for(term: '', email: '')
|
|
8
|
+
if email.present?
|
|
9
|
+
proxy_users_for client.retrieve_user_by_email(email)
|
|
10
|
+
elsif term.present?
|
|
11
|
+
proxy_users_for client.search_users_by_query({ search: { queryString: term } })
|
|
12
|
+
else
|
|
13
|
+
[]
|
|
14
|
+
end
|
|
15
|
+
end
|
|
16
|
+
|
|
17
|
+
def proxy_user_for(user_id:)
|
|
18
|
+
response = client.retrieve_user(user_id).success_response
|
|
19
|
+
raise "No user for id #{user_id}" if response.blank?
|
|
20
|
+
|
|
21
|
+
ProxyUser.new response.user
|
|
22
|
+
end
|
|
23
|
+
|
|
24
|
+
private
|
|
25
|
+
|
|
26
|
+
def user_attrs_for(response)
|
|
27
|
+
response.success_response.then do |results|
|
|
28
|
+
results&.users.presence ||
|
|
29
|
+
[results&.user.presence].compact
|
|
30
|
+
end
|
|
31
|
+
end
|
|
32
|
+
|
|
33
|
+
def proxy_users_for(response)
|
|
34
|
+
user_attrs_for(response).map { |attrs| ProxyUser.new(attrs) }
|
|
35
|
+
end
|
|
36
|
+
end
|
|
37
|
+
end
|
|
@@ -0,0 +1,49 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
require 'fusionauth/fusionauth_client'
|
|
4
|
+
|
|
5
|
+
module OauthIm
|
|
6
|
+
module HasRegistrationData
|
|
7
|
+
delegate :email, to: :attrs
|
|
8
|
+
delegate :role, :grade_level, :school, :district, :state,
|
|
9
|
+
to: :registration_data
|
|
10
|
+
delegate :name, :id,
|
|
11
|
+
to: :role, prefix: true
|
|
12
|
+
delegate :name, :id,
|
|
13
|
+
to: :grade_level, prefix: true
|
|
14
|
+
delegate :name, :id,
|
|
15
|
+
to: :school, prefix: true
|
|
16
|
+
delegate :name, :id,
|
|
17
|
+
to: :district, prefix: true
|
|
18
|
+
delegate :name, :id,
|
|
19
|
+
to: :state, prefix: true
|
|
20
|
+
|
|
21
|
+
def registration_data
|
|
22
|
+
@registration_data ||= attrs[:registrations]&.first&.data || {}
|
|
23
|
+
end
|
|
24
|
+
|
|
25
|
+
def active?
|
|
26
|
+
attrs.active
|
|
27
|
+
end
|
|
28
|
+
|
|
29
|
+
def sponsor?
|
|
30
|
+
registration_data[:sponsor].eql? 'true'
|
|
31
|
+
end
|
|
32
|
+
|
|
33
|
+
def user_is_sponsor?
|
|
34
|
+
sponsor?
|
|
35
|
+
end
|
|
36
|
+
|
|
37
|
+
def first_name
|
|
38
|
+
attrs.firstName
|
|
39
|
+
end
|
|
40
|
+
|
|
41
|
+
def last_name
|
|
42
|
+
attrs.lastName
|
|
43
|
+
end
|
|
44
|
+
|
|
45
|
+
def full_name
|
|
46
|
+
@full_name ||= "#{first_name} #{last_name}"
|
|
47
|
+
end
|
|
48
|
+
end
|
|
49
|
+
end
|
|
@@ -0,0 +1,32 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
module OauthIm
|
|
4
|
+
class ProxyUser < IdpClient
|
|
5
|
+
include HasRegistrationData
|
|
6
|
+
|
|
7
|
+
attr_reader :attrs
|
|
8
|
+
|
|
9
|
+
delegate :to_h, to: :attrs
|
|
10
|
+
|
|
11
|
+
def self.for(user_id:)
|
|
12
|
+
AdminClient.new.proxy_user_for user_id: user_id
|
|
13
|
+
end
|
|
14
|
+
|
|
15
|
+
def initialize(attrs)
|
|
16
|
+
@attrs = attrs
|
|
17
|
+
super()
|
|
18
|
+
end
|
|
19
|
+
|
|
20
|
+
def user_id
|
|
21
|
+
@user_id ||= attrs[:id]
|
|
22
|
+
end
|
|
23
|
+
|
|
24
|
+
def send_reset_password_email
|
|
25
|
+
client.forgot_password loginId: user_id
|
|
26
|
+
end
|
|
27
|
+
|
|
28
|
+
def deactivate_user
|
|
29
|
+
client.deactivate_user user_id
|
|
30
|
+
end
|
|
31
|
+
end
|
|
32
|
+
end
|
|
@@ -4,6 +4,8 @@ require 'fusionauth/fusionauth_client'
|
|
|
4
4
|
|
|
5
5
|
module OauthIm
|
|
6
6
|
class UserClient < IdpClient
|
|
7
|
+
include HasRegistrationData
|
|
8
|
+
|
|
7
9
|
attr_reader :user_jwt
|
|
8
10
|
|
|
9
11
|
def initialize(user_jwt:)
|
|
@@ -19,29 +21,20 @@ module OauthIm
|
|
|
19
21
|
email.present?
|
|
20
22
|
end
|
|
21
23
|
|
|
22
|
-
def
|
|
23
|
-
|
|
24
|
+
def admin?
|
|
25
|
+
jwt_token[:roles].include? 'admin'
|
|
24
26
|
end
|
|
25
27
|
|
|
26
28
|
private
|
|
27
29
|
|
|
28
|
-
def
|
|
29
|
-
@
|
|
30
|
-
end
|
|
31
|
-
|
|
32
|
-
def data
|
|
33
|
-
@data ||= user_data[:data] || {}
|
|
30
|
+
def attrs
|
|
31
|
+
@attrs ||= success_response[:user] || {}
|
|
34
32
|
end
|
|
35
33
|
|
|
36
34
|
def success_response
|
|
37
35
|
@success_response ||= client_response&.success_response || {}
|
|
38
36
|
end
|
|
39
37
|
|
|
40
|
-
def user
|
|
41
|
-
@user ||= success_response[:user] || {}
|
|
42
|
-
end
|
|
43
|
-
|
|
44
|
-
# https://www.rubydoc.info/gems/fusionauth_client/1.32.1/FusionAuth/FusionAuthClient#retrieve_user-instance_method
|
|
45
38
|
def client_response
|
|
46
39
|
@client_response ||= client.retrieve_user user_id
|
|
47
40
|
end
|
|
@@ -3,8 +3,11 @@
|
|
|
3
3
|
module AppContext
|
|
4
4
|
module_function
|
|
5
5
|
|
|
6
|
-
|
|
7
|
-
|
|
6
|
+
TEST_ENV_ERROR_MESSAGE = 'Use only in test environment!'
|
|
7
|
+
|
|
8
|
+
def override_for_specs?
|
|
9
|
+
Rails.env.test? && provide_authentication?
|
|
10
|
+
end
|
|
8
11
|
|
|
9
12
|
def provide_authentication?
|
|
10
13
|
true
|
|
@@ -18,46 +21,37 @@ module AppContext
|
|
|
18
21
|
@spec_user if override_for_specs?
|
|
19
22
|
end
|
|
20
23
|
|
|
21
|
-
def
|
|
22
|
-
@
|
|
23
|
-
end
|
|
24
|
-
|
|
25
|
-
def spec_user_data
|
|
26
|
-
if override_for_specs?
|
|
27
|
-
@spec_user_data.presence || DEFAULT_SPEC_USER_DATA
|
|
28
|
-
else
|
|
29
|
-
DEFAULT_SPEC_USER_DATA
|
|
30
|
-
end
|
|
24
|
+
def spec_user_is_sponsor?
|
|
25
|
+
@spec_user_is_sponsor && override_for_specs?
|
|
31
26
|
end
|
|
32
27
|
|
|
33
|
-
def
|
|
34
|
-
|
|
28
|
+
def authenticated_for_specs?
|
|
29
|
+
@authenticated_for_specs && override_for_specs?
|
|
35
30
|
end
|
|
36
31
|
|
|
37
32
|
def authenticate_for_specs?
|
|
38
|
-
raise
|
|
33
|
+
raise TEST_ENV_ERROR_MESSAGE unless Rails.env.test?
|
|
39
34
|
|
|
40
35
|
provide_authentication?
|
|
41
36
|
end
|
|
42
37
|
|
|
43
|
-
def authenticate_for_specs(spec_user: nil,
|
|
38
|
+
def authenticate_for_specs(spec_user: nil, sponsor: false)
|
|
44
39
|
return unless authenticate_for_specs?
|
|
45
40
|
|
|
46
|
-
|
|
41
|
+
initialize_spec_user spec_user: spec_user, sponsor: sponsor
|
|
47
42
|
yield
|
|
48
43
|
reset_spec_user
|
|
49
44
|
end
|
|
50
45
|
|
|
51
|
-
def
|
|
52
|
-
@authenticated_for_specs = true
|
|
46
|
+
def initialize_spec_user(spec_user:, sponsor:)
|
|
53
47
|
@spec_user = spec_user
|
|
54
|
-
@
|
|
48
|
+
@spec_user_is_sponsor = sponsor
|
|
49
|
+
@authenticated_for_specs = true
|
|
55
50
|
end
|
|
56
51
|
|
|
57
52
|
def reset_spec_user
|
|
58
|
-
@spec_user_data = DEFAULT_SPEC_USER_DATA
|
|
59
|
-
@spec_user = nil
|
|
60
53
|
@authenticated_for_specs = false
|
|
61
|
-
nil
|
|
54
|
+
@spec_user = nil
|
|
55
|
+
@spec_user_is_sponsor = false
|
|
62
56
|
end
|
|
63
57
|
end
|
data/lib/oauth_im/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: oauth_im
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.10.1
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Eric Connally
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2022-
|
|
11
|
+
date: 2022-09-07 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: fusionauth_client
|
|
@@ -139,8 +139,11 @@ files:
|
|
|
139
139
|
- app/controllers/oauth_im/application_controller.rb
|
|
140
140
|
- app/controllers/oauth_im/client_controller.rb
|
|
141
141
|
- app/helpers/oauth_im/application_helper.rb
|
|
142
|
+
- app/services/oauth_im/admin_client.rb
|
|
142
143
|
- app/services/oauth_im/client.rb
|
|
144
|
+
- app/services/oauth_im/has_registration_data.rb
|
|
143
145
|
- app/services/oauth_im/idp_client.rb
|
|
146
|
+
- app/services/oauth_im/proxy_user.rb
|
|
144
147
|
- app/services/oauth_im/registration_client.rb
|
|
145
148
|
- app/services/oauth_im/request_client.rb
|
|
146
149
|
- app/services/oauth_im/token_decoder.rb
|