openid-token-proxy 0.1.0 → 0.1.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 036360c10b330eabfbacd91009ab6ffd948caaaf
4
- data.tar.gz: 5cc9438acbb74f17d8f4870ffd5899da09a542ae
3
+ metadata.gz: 367c9b989127b83d27046b97d8d0eed4bb62bc26
4
+ data.tar.gz: 0f5b072253012066745622211b7176ba24a797d7
5
5
  SHA512:
6
- metadata.gz: 82b2be465db4d1e0787dda423e88b434aaa9e4af60c7472d6ae9537fe3aea769275f0f0a8796470925f340b4c8d42f56dfb7fd3b54260cbea8946f6612fcc3fe
7
- data.tar.gz: 6e82dd27d7e61e87a75d08663a3d4fb6052cc4f97b2b6774fe2a2359f006b15f3a0f4908dfdac3727e7533794911182922f20e7c944a0aa2876fdc1081dbc218
6
+ metadata.gz: 61558da5b310ec2fb8322b1d8011d5b6df5081e6943f95c70e8c73685fdda3047d67252a57bf9efc220403f78e4d4a75910fab19589feb57fcba2f1187501ccb
7
+ data.tar.gz: 4fca1eff9249fa10be128a1874da69aa82f08feb4bddbda93df17e6af75c192e761eb2f735befe3cbe1410e9b44f1c9609c2e5982b6b0c44205ea9b8f496f5ee
data/CHANGELOG.md CHANGED
@@ -1,5 +1,11 @@
1
1
  # Changelog
2
2
 
3
+ ### v0.1.1 - May 12, 2015
4
+
5
+ - Token expiry time is exposed through `X-Token-Expiry-Time` header.
6
+ - Adds `Token#expiry_time`.
7
+
8
+
3
9
  ### v0.1.0 - May 6, 2015
4
10
 
5
11
  - Initial release.
data/README.md CHANGED
@@ -9,8 +9,6 @@
9
9
  Retrieves and refreshes OpenID tokens on behalf of a user when dealing with complex
10
10
  authentication schemes, such as client-side certificates.
11
11
 
12
- **Note: Under development, not for production usage just yet**
13
-
14
12
  **Supported Ruby versions: 2.0.0 or higher**
15
13
 
16
14
  Licensed under the **MIT** license, see LICENSE for more information.
@@ -149,6 +147,8 @@ Access tokens may be provided with one of the following:
149
147
  - `Authorization: Bearer <token>` header.
150
148
  - Query string parameter `token`.
151
149
 
150
+ Token expiry time will be exposed through the `X-Token-Expiry-Time` header.
151
+
152
152
 
153
153
  #### Identity / claims
154
154
 
@@ -52,6 +52,10 @@ module OpenIDTokenProxy
52
52
  true
53
53
  end
54
54
 
55
+ def expiry_time
56
+ Time.at(id_token.exp.to_i).utc
57
+ end
58
+
55
59
  def expired?
56
60
  id_token.exp.to_i <= Time.now.to_i
57
61
  end
@@ -14,6 +14,7 @@ module OpenIDTokenProxy
14
14
  module ClassMethods
15
15
  def require_valid_token(*args)
16
16
  before_action :require_valid_token, *args
17
+ after_action :expose_token_expiry_time
17
18
  end
18
19
  end
19
20
 
@@ -33,6 +34,10 @@ module OpenIDTokenProxy
33
34
  client_id: config.client_id
34
35
  end
35
36
 
37
+ def expose_token_expiry_time
38
+ response.headers['X-Token-Expiry-Time'] = current_token.expiry_time.iso8601
39
+ end
40
+
36
41
  def current_token
37
42
  @current_token ||= OpenIDTokenProxy::Token.decode!(raw_token)
38
43
  end
@@ -1,3 +1,3 @@
1
1
  module OpenIDTokenProxy
2
- VERSION = '0.1.0'
2
+ VERSION = '0.1.1'
3
3
  end
@@ -61,6 +61,30 @@ RSpec.describe OpenIDTokenProxy::Config do
61
61
  end
62
62
  end
63
63
 
64
+ describe '#domain_hint' do
65
+ it 'obtains its default from environment' do
66
+ stub_env('OPENID_DOMAIN_HINT', 'from env')
67
+ expect(subject.domain_hint).to eq 'from env'
68
+ end
69
+
70
+ it 'may be overriden' do
71
+ subject.domain_hint = 'overridden'
72
+ expect(subject.domain_hint).to eq 'overridden'
73
+ end
74
+ end
75
+
76
+ describe '#prompt' do
77
+ it 'obtains its default from environment' do
78
+ stub_env('OPENID_PROMPT', 'from env')
79
+ expect(subject.prompt).to eq 'from env'
80
+ end
81
+
82
+ it 'may be overriden' do
83
+ subject.prompt = 'overridden'
84
+ expect(subject.prompt).to eq 'overridden'
85
+ end
86
+ end
87
+
64
88
  describe '#redirect_uri' do
65
89
  it 'obtains its default from environment' do
66
90
  stub_env('OPENID_REDIRECT_URI', 'from env')
@@ -3,7 +3,13 @@ require 'spec_helper'
3
3
  RSpec.describe OpenIDTokenProxy::Token::Authentication, type: :controller do
4
4
  let(:authorization_uri) { 'https://id.hyper.no/authorize' }
5
5
  let(:access_token) { 'access token' }
6
- let(:token) { OpenIDTokenProxy::Token.new(access_token) }
6
+ let(:expiry_time) { 2.hours.from_now }
7
+ let(:id_token) {
8
+ double(
9
+ exp: expiry_time
10
+ )
11
+ }
12
+ let(:token) { OpenIDTokenProxy::Token.new(access_token, id_token) }
7
13
 
8
14
  before do
9
15
  allow(token).to receive(:validate!).and_return true
@@ -38,6 +44,11 @@ RSpec.describe OpenIDTokenProxy::Token::Authentication, type: :controller do
38
44
  expect(response).to have_http_status :ok
39
45
  expect(response.body).to eq 'Authentication successful'
40
46
  end
47
+
48
+ it 'exposes token expiry time through header' do
49
+ get :index
50
+ expect(response.headers['X-Token-Expiry-Time']).to eq expiry_time.iso8601
51
+ end
41
52
  end
42
53
 
43
54
  describe '#current_token' do
@@ -6,8 +6,18 @@ RSpec.describe OpenIDTokenProxy::Token::Refresh, type: :controller do
6
6
  let(:token) {
7
7
  OpenIDTokenProxy::Token.new('expired access token', nil, refresh_token)
8
8
  }
9
+ let(:refreshed_expiry_time) { 2.hours.from_now }
10
+ let(:refreshed_id_token) {
11
+ double(
12
+ exp: refreshed_expiry_time
13
+ )
14
+ }
9
15
  let(:refreshed_token) {
10
- OpenIDTokenProxy::Token.new('new access token', nil, 'new refresh token')
16
+ OpenIDTokenProxy::Token.new(
17
+ 'new access token',
18
+ refreshed_id_token,
19
+ 'new refresh token'
20
+ )
11
21
  }
12
22
 
13
23
  before do
@@ -52,6 +62,7 @@ RSpec.describe OpenIDTokenProxy::Token::Refresh, type: :controller do
52
62
  expect(response.body).to eq 'Refresh successful'
53
63
  expect(response.headers['X-Token']).to eq 'new access token'
54
64
  expect(response.headers['X-Refresh-Token']).to eq 'new refresh token'
65
+ expect(response.headers['X-Token-Expiry-Time']).to eq refreshed_expiry_time.iso8601
55
66
  end
56
67
  end
57
68
  end
@@ -6,11 +6,11 @@ RSpec.describe OpenIDTokenProxy::Token do
6
6
  let(:audience) { 'audience' }
7
7
  let(:client_id) { 'client ID' }
8
8
  let(:issuer) { 'issuer' }
9
- let(:expiry_date) { 2.hours.from_now }
9
+ let(:expiry_time) { 2.hours.from_now }
10
10
 
11
11
  let(:id_token) {
12
12
  double(
13
- exp: expiry_date,
13
+ exp: expiry_time,
14
14
  aud: audience,
15
15
  iss: issuer,
16
16
  raw_attributes: {
@@ -33,7 +33,7 @@ RSpec.describe OpenIDTokenProxy::Token do
33
33
 
34
34
  describe '#validate!' do
35
35
  context 'when token has expired' do
36
- let(:expiry_date) { 2.hours.ago }
36
+ let(:expiry_time) { 2.hours.ago }
37
37
 
38
38
  it 'raises' do
39
39
  expect do
@@ -78,9 +78,19 @@ RSpec.describe OpenIDTokenProxy::Token do
78
78
  end
79
79
  end
80
80
 
81
+ describe '#expiry_time' do
82
+ it 'returns expiry time' do
83
+ expect(subject.expiry_time.to_i).to eq expiry_time.to_i
84
+ end
85
+
86
+ it 'is in UTC' do
87
+ expect(subject.expiry_time.zone).to eq 'UTC'
88
+ end
89
+ end
90
+
81
91
  describe '#expired?' do
82
92
  context 'when token has expired' do
83
- let(:expiry_date) { 2.hours.ago }
93
+ let(:expiry_time) { 2.hours.ago }
84
94
  it { should be_expired }
85
95
  end
86
96
 
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: openid-token-proxy
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.0
4
+ version: 0.1.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Tim Kurvers
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2015-05-06 00:00:00.000000000 Z
11
+ date: 2015-05-12 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: openid_connect