omniauth-dice 0.2.2 → 0.2.3

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: cccb953b0986b8fc29ff2de197253aeed50f5333
-  data.tar.gz: eec5d53a5a4d955873f7202761c08dd01a55c4fb
+  metadata.gz: aa07835678245eda74c877a01bed7d6ead9fa23f
+  data.tar.gz: b0ba3b5276a7b983f0c130c1c41c7d89ca9ee62d
 SHA512:
-  metadata.gz: 8900202b7364d2ca8737c1dd5d697fa4b7ee1c45e364be9b6fbab98681545ea81136d17d0c7fad04a401df25f9c16619a269791c27dfe878a57284f02314ad2d
-  data.tar.gz: 829c9b3b3963c7c23835e2da9f28001f5af1b4761527254df53f599cb66beed03534a1b111bb5e4a5e05e5a4567432a02885ee0883e975721425440eba5529c9
+  metadata.gz: a6d78332fde76300334e0c6203a3b57d3e39cb895307eac70a35639d8b6db08e38c004c7bf919ca81621f59019d2ba37de4b131cc1a9d294b07e734e06e6e148
+  data.tar.gz: 6b48beb330e949e82c7b0f3bf9ba1ff3fd4a2d84381c4d7b97ef708f39ba2d1d798041ec612ad459280cde95985a90e80f300ee5106bfa2b8ee33823d0132352

data/.rubocop.yml

@@ -7,3 +7,4 @@ AllCops:
   - 'vendor/cache/**/*'
   - 'vendor/bundle/**/*'
   - '**/gems/**/*'
+  - 'omniauth-dice.gemspec'

data/README.md

@@ -11,7 +11,7 @@ a user's X509 certificate DN string to an Enterprise CAS server via REST.
 
 Add this line to your application's Gemfile:
 
-    gem 'omniauth-dice', '~> 0.1'
+    gem 'omniauth-dice', '~> 0.2.2'
 
 And then execute:
 

data/lib/omniauth/dice/version.rb

@@ -2,6 +2,6 @@
 module Omniauth
   # Omniauth::Dice version
   module Dice
-    VERSION = '0.2.2'
+    VERSION = '0.2.3'
   end
 end

data/lib/omniauth/strategies/dice.rb

@@ -90,6 +90,7 @@ module OmniAuth
 
       def callback_phase
         response = authenticate_user
+        return fail!(:invalid_credentials) if response.nil?
         @raw_data = response.body
         @data = parse_response_data
         session['omniauth.auth'] ||= auth_hash
@@ -163,7 +164,7 @@ module OmniAuth
         end
         if !response || response.status.to_i >= 400
           log :error, response.inspect
-          return fail!(:invalid_credentials)
+          return nil
         end
 
         response
@@ -229,11 +230,11 @@ module OmniAuth
 
       # Determine if a client is likely a non-person entity
       def identify_npe(info)
-        info['likely_npe?']   = nil
+        info['likely_npe?'] = nil
         return true  if auth_cn_with_tld?(info['common_name']) == true
-        return true  if auth_info_missing_email?(info)         == true
-        return true  if auth_has_email_without_names?(info)    == true
-        return false if auth_has_email_with_any_name?(info)    == true
+        return true  if auth_info_missing_email?(info) == true
+        return true  if auth_has_email_without_names?(info) == true
+        return false if auth_has_email_with_any_name?(info) == true
       end
 
       # Identify if there's a domain w/ TLD in the common_name
@@ -305,7 +306,7 @@ module OmniAuth
 
         @conn ||= Faraday.new(url: options.cas_server, ssl: ssl_hash) do |conn|
           conn.headers = headers
-          conn.response :logger                  # log requests to STDOUT
+          conn.response :logger # log requests to STDOUT
           conn.response :xml,  content_type: /\bxml$/
           conn.response :json, content_type: /\bjson$/
           conn.adapter :excon
@@ -332,7 +333,6 @@ module OmniAuth
 
       # Detect data format, parse with appropriate library
       def parse_response_data
-        log :debug, '.parse_response_data'
         log :debug, "cas_server response.body:\r\n#{@raw_data}"
         formatted_data = format_data
         formatted_data = formatted_data.nil? ? @raw_data : formatted_data

data/spec/omniauth/strategies/dice_integrations_spec.rb

@@ -73,11 +73,10 @@ describe OmniAuth::Strategies::Dice, type: :strategy do
   end
 
   before(:all) do
-    defaults={
+    @defaults = {
       cas_server: 'http://example.org',
       authentication_path: '/dn'
     }
-    set_app!(defaults)
   end
 
   describe "use_callback_url" do
@@ -87,12 +86,7 @@ describe OmniAuth::Strategies::Dice, type: :strategy do
         authentication_path: '/dn',
         use_callback_url: true
       }
-      self.app = Rack::Builder.app do
-        use Rack::Session::Cookie, :secret => '1337geeks'
-        use RackSessionAccess::Middleware
-        use OmniAuth::Strategies::Dice, callback_url_opts
-        run lambda{|env| [404, {'env' => env}, ["HELLO!"]]}
-      end
+      set_app!(callback_url_opts)
       header 'Ssl-Client-Cert', user_cert
       get '/auth/dice'
       expect(last_request.env['HTTP_SSL_CLIENT_CERT']).to eq(user_cert)
@@ -110,12 +104,7 @@ describe OmniAuth::Strategies::Dice, type: :strategy do
         authentication_path: '/dn',
         custom_callback_url: 'http://example.org/sub-uri/auth/dice/callback'
       }
-      self.app = Rack::Builder.app do
-        use Rack::Session::Cookie, :secret => '1337geeks'
-        use RackSessionAccess::Middleware
-        use OmniAuth::Strategies::Dice, callback_url_opts
-        run lambda{|env| [404, {'env' => env}, ["HELLO!"]]}
-      end
+      set_app!(callback_url_opts)
       header 'Ssl-Client-Cert', user_cert
       get '/auth/dice'
       expect(last_request.env['HTTP_SSL_CLIENT_CERT']).to eq(user_cert)
@@ -128,10 +117,14 @@ describe OmniAuth::Strategies::Dice, type: :strategy do
 
   describe '#request_phase' do
     it 'should fail without a client DN' do
-      expect { get '/auth/dice' }.to raise_error(OmniAuth::Error, 'You need a valid DN to authenticate.')
+      set_app!(@defaults)
+      get '/auth/dice'
+      expect(last_request.env['omniauth.error.type']).to eq(:"You need a valid DN to authenticate.")
+      expect(last_response.location).to eq('/auth/failure?message=You need a valid DN to authenticate.&strategy=dice')
     end
 
     it "should set the client & issuer's DN (from certificate)" do
+      set_app!(@defaults)
       header 'Ssl-Client-Cert', user_cert
       get '/auth/dice'
       expect(last_request.env['HTTP_SSL_CLIENT_CERT']).to eq(user_cert)
@@ -142,6 +135,7 @@ describe OmniAuth::Strategies::Dice, type: :strategy do
     end
 
     it "should set the client's DN (from header)" do
+      set_app!(@defaults)
       header 'Ssl-Client-S-Dn', raw_dn
       get '/auth/dice'
       expect(last_request.env['HTTP_SSL_CLIENT_S_DN']).to eq(raw_dn)
@@ -152,6 +146,7 @@ describe OmniAuth::Strategies::Dice, type: :strategy do
     end
 
     it "should set the issuer's DN (from header)" do
+      set_app!(@defaults)
       header 'Ssl-Client-S-Dn', raw_dn
       header 'Ssl-Client-I-Dn', raw_issuer_dn
       get '/auth/dice'
@@ -164,7 +159,7 @@ describe OmniAuth::Strategies::Dice, type: :strategy do
 
   describe '#callback_phase' do
     before(:each) do
-      set_app!({
+      callback_phase_opts = {
         cas_server:          'https://example.org:3000',
         authentication_path: '/dn',
         dnc_options: { transformation: 'downcase' },
@@ -174,8 +169,8 @@ describe OmniAuth::Strategies::Dice, type: :strategy do
           client_key:  'spec/certs/key.np.pem'
         },
         primary_visa: 'CLOUDSDALE'
-      })
-
+      }
+      set_app!(callback_phase_opts)
       stub_request(:get, "https://example.org:3000/dn/cn=ruby%20certificate%20rbcert,dc=ruby-lang,dc=org/info.json?issuerDn=cn=ruby%20ca,dc=ruby-lang,dc=org").
         with(:headers => {'Accept'=>'application/json', 'Content-Type'=>'application/json', 'Host'=>'example.org:3000', 'User-Agent'=>/^Faraday via Ruby.*$/, 'X-Xsrf-Useprotection'=>'false'}).
       to_return(status: 200, body: valid_user_json, headers: {})
@@ -200,7 +195,7 @@ describe OmniAuth::Strategies::Dice, type: :strategy do
       end
 
       it 'should return a 200 with an XML object of user information on success' do
-        set_app!({
+        xml_request_opts = {
           cas_server:          'https://example.org:3000',
           authentication_path: '/dn',
           format_header:       'application/xml',
@@ -211,7 +206,8 @@ describe OmniAuth::Strategies::Dice, type: :strategy do
             client_cert: 'spec/certs/client.pem',
             client_key:  'spec/certs/key.np.pem'
           }
-        })
+        }
+        set_app!(xml_request_opts)
         stub_request(:get, "https://example.org:3000/dn/cn=ruby%20certificate%20rbcert,dc=ruby-lang,dc=org/info.xml?issuerDn=cn=ruby%20ca,dc=ruby-lang,dc=org").
         with(:headers => {'Accept'=>'application/xml', 'Content-Type'=>'application/xml', 'Host'=>'example.org:3000', 'User-Agent'=>/^Faraday via Ruby.*$/, 'X-Xsrf-Useprotection'=>'false'}).
         to_return(status: 200, body: valid_user_xml, headers: {})
@@ -240,7 +236,9 @@ describe OmniAuth::Strategies::Dice, type: :strategy do
 
         header 'Ssl-Client-Cert', user_cert
         get '/auth/dice'
-        expect { get '/auth/dice'; follow_redirect! }.to raise_error(OmniAuth::Error, 'invalid_credentials')
+        follow_redirect! # Needed to hit /auth/dice/callback & trigger errors!
+        expect(last_request.env['omniauth.error.type']).to eq(:invalid_credentials)
+        expect(last_response.location).to eq('/auth/failure?message=invalid_credentials&strategy=dice')
       end
     end
   end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: omniauth-dice
 version: !ruby/object:Gem::Version
-  version: 0.2.2
+  version: 0.2.3
 platform: ruby
 authors:
 - Steven Haddox
@@ -30,7 +30,7 @@ cert_chain:
   42qdwEXvvkODZAD6KAIXPdmbMfBgPbcd+B/4eUA0PyKo+4dgL1NuqX4MPWToevIZ
   O8EKLF2X7NmC6FY1bOsSj/J8r1SOkx0rxgF+geRvY1P+hfNjDfxTsjU=
   -----END CERTIFICATE-----
-date: 2015-08-11 00:00:00.000000000 Z
+date: 2015-10-02 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: awesome_print
@@ -410,7 +410,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.4.4
+rubygems_version: 2.4.5.1
 signing_key: 
 specification_version: 4
 summary: DN Interoperable Conversion Expert Strategy