openid-token-proxy 0.1.3 → 0.1.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +6 -0
- data/config/initializers/inflections.rb +2 -0
- data/lib/openid_token_proxy/client.rb +24 -6
- data/lib/openid_token_proxy/engine.rb +2 -0
- data/lib/openid_token_proxy/token.rb +7 -0
- data/lib/openid_token_proxy/version.rb +1 -1
- data/openid-token-proxy.gemspec +1 -0
- data/spec/lib/openid_token_proxy/client_spec.rb +41 -3
- data/spec/lib/openid_token_proxy/token_spec.rb +16 -0
- metadata +16 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 52ad78b2ab59d7d79acc5ad4e5f1619fb97bb77e
|
4
|
+
data.tar.gz: 8b39777e46e9887f21482b10822648d1a0ddf274
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: d7cb5fd53234fec4ae748b106f8ccff6d102c0a7f84bb85fc773cf05e526e8853f9c30ff8b4c75e9b2139c0cb0d6be057214f01ef2e9bb12359c9c8ca5a4e5d0
|
7
|
+
data.tar.gz: d19b04ccc60eb2febafb4421c39950b1448f684d3a0a7a05f8f18b3016c7829aa6f780ccde75fd967a767c010903410e95935f48ff932789cfb7d2e02e41fbef
|
data/CHANGELOG.md
CHANGED
@@ -20,18 +20,36 @@ module OpenIDTokenProxy
|
|
20
20
|
# Raised when refresh token could not be exchanged
|
21
21
|
class RefreshTokenError < Error; end
|
22
22
|
|
23
|
-
#
|
23
|
+
# Raised when token could not be retrieved for given credentials
|
24
|
+
class CredentialsError < Error; end
|
25
|
+
|
26
|
+
# Retrieves a token for given auth code, refresh token or username/password
|
24
27
|
def retrieve_token!(params)
|
25
28
|
client = new_client
|
26
|
-
|
27
|
-
|
28
|
-
|
29
|
+
|
30
|
+
if auth_code = params.delete(:auth_code)
|
31
|
+
client.authorization_code = auth_code
|
32
|
+
end
|
33
|
+
|
34
|
+
if refresh_token = params.delete(:refresh_token)
|
35
|
+
client.refresh_token = refresh_token
|
36
|
+
end
|
37
|
+
|
38
|
+
if username = params.delete(:username)
|
39
|
+
client.resource_owner_credentials = [
|
40
|
+
username,
|
41
|
+
params.delete(:password)
|
42
|
+
]
|
43
|
+
end
|
44
|
+
|
45
|
+
response = client.access_token!(:query_string, params)
|
29
46
|
token = Token.decode!(response.access_token)
|
30
47
|
token.refresh_token = response.refresh_token
|
31
48
|
token
|
32
49
|
rescue Rack::OAuth2::Client::Error => e
|
33
|
-
raise AuthCodeError.new(e.message) if
|
34
|
-
raise RefreshTokenError.new(e.message) if
|
50
|
+
raise AuthCodeError.new(e.message) if auth_code
|
51
|
+
raise RefreshTokenError.new(e.message) if refresh_token
|
52
|
+
raise CredentialsError.new(e.message) if username
|
35
53
|
end
|
36
54
|
|
37
55
|
def new_client
|
data/openid-token-proxy.gemspec
CHANGED
@@ -20,6 +20,7 @@ Gem::Specification.new do |spec|
|
|
20
20
|
spec.require_paths = ['lib']
|
21
21
|
|
22
22
|
spec.add_dependency 'openid_connect', '~> 0.8.3'
|
23
|
+
spec.add_dependency 'rack-oauth2', '~> 1.2.0'
|
23
24
|
spec.add_dependency 'rails', '~> 4.0'
|
24
25
|
|
25
26
|
spec.add_development_dependency 'bundler', '~> 1.6'
|
@@ -81,7 +81,8 @@ RSpec.describe OpenIDTokenProxy::Client do
|
|
81
81
|
let(:client) {
|
82
82
|
double(
|
83
83
|
'authorization_code=' => nil,
|
84
|
-
'refresh_token=' => nil
|
84
|
+
'refresh_token=' => nil,
|
85
|
+
'resource_owner_credentials=' => nil
|
85
86
|
)
|
86
87
|
}
|
87
88
|
let(:access_token) { 'access token' }
|
@@ -116,7 +117,9 @@ RSpec.describe OpenIDTokenProxy::Client do
|
|
116
117
|
|
117
118
|
context 'when auth code is valid' do
|
118
119
|
it 'returns token instance' do
|
119
|
-
expect(client).to receive(:access_token!).
|
120
|
+
expect(client).to receive(:access_token!).with(
|
121
|
+
:query_string, {}
|
122
|
+
).and_return response
|
120
123
|
token = subject.retrieve_token! auth_code: 'valid auth code'
|
121
124
|
expect(token.access_token).to eq access_token
|
122
125
|
expect(token.id_token).to eq id_token
|
@@ -138,7 +141,9 @@ RSpec.describe OpenIDTokenProxy::Client do
|
|
138
141
|
|
139
142
|
context 'when refresh token is valid' do
|
140
143
|
it 'returns token instance' do
|
141
|
-
expect(client).to receive(:access_token!).
|
144
|
+
expect(client).to receive(:access_token!).with(
|
145
|
+
:query_string, {}
|
146
|
+
).and_return response
|
142
147
|
token = subject.retrieve_token! refresh_token: 'valid refresh token'
|
143
148
|
expect(token.access_token).to eq access_token
|
144
149
|
expect(token.id_token).to eq id_token
|
@@ -146,5 +151,38 @@ RSpec.describe OpenIDTokenProxy::Client do
|
|
146
151
|
end
|
147
152
|
end
|
148
153
|
end
|
154
|
+
|
155
|
+
context 'using username and password' do
|
156
|
+
context 'when credentials are invalid' do
|
157
|
+
it 'raises' do
|
158
|
+
error = Rack::OAuth2::Client::Error.new 400, {}
|
159
|
+
expect(client).to receive(:access_token!).and_raise error
|
160
|
+
expect do
|
161
|
+
token = subject.retrieve_token! username: 'foo', password: 'bar'
|
162
|
+
end.to raise_error OpenIDTokenProxy::Client::CredentialsError
|
163
|
+
end
|
164
|
+
end
|
165
|
+
|
166
|
+
context 'when credentials are valid' do
|
167
|
+
it 'returns token instance' do
|
168
|
+
expect(client).to receive(:access_token!).with(
|
169
|
+
:query_string, {}
|
170
|
+
).and_return response
|
171
|
+
token = subject.retrieve_token! username: 'foo', password: 'bar'
|
172
|
+
expect(token.access_token).to eq access_token
|
173
|
+
expect(token.id_token).to eq id_token
|
174
|
+
expect(token.refresh_token).to eq refresh_token
|
175
|
+
end
|
176
|
+
end
|
177
|
+
end
|
178
|
+
|
179
|
+
context 'when given options' do
|
180
|
+
it 'passes these through' do
|
181
|
+
expect(client).to receive(:access_token!).with(
|
182
|
+
:query_string, resource: 'x'
|
183
|
+
).and_return response
|
184
|
+
subject.retrieve_token! auth_code: 'valid auth code', resource: 'x'
|
185
|
+
end
|
186
|
+
end
|
149
187
|
end
|
150
188
|
end
|
@@ -78,6 +78,22 @@ RSpec.describe OpenIDTokenProxy::Token do
|
|
78
78
|
end
|
79
79
|
end
|
80
80
|
|
81
|
+
describe '#valid?' do
|
82
|
+
context 'when token is invalid' do
|
83
|
+
it 'returns false' do
|
84
|
+
allow(subject).to receive(:validate!).and_raise OpenIDTokenProxy::Token::Expired
|
85
|
+
expect(subject).not_to be_valid
|
86
|
+
end
|
87
|
+
end
|
88
|
+
|
89
|
+
context 'when token is valid' do
|
90
|
+
it 'returns true' do
|
91
|
+
allow(subject).to receive(:validate!).and_return true
|
92
|
+
expect(subject).to be_valid
|
93
|
+
end
|
94
|
+
end
|
95
|
+
end
|
96
|
+
|
81
97
|
describe '#expiry_time' do
|
82
98
|
it 'returns expiry time' do
|
83
99
|
expect(subject.expiry_time.to_i).to eq expiry_time.to_i
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: openid-token-proxy
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.1.
|
4
|
+
version: 0.1.4
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Tim Kurvers
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2015-
|
11
|
+
date: 2015-06-29 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: openid_connect
|
@@ -24,6 +24,20 @@ dependencies:
|
|
24
24
|
- - "~>"
|
25
25
|
- !ruby/object:Gem::Version
|
26
26
|
version: 0.8.3
|
27
|
+
- !ruby/object:Gem::Dependency
|
28
|
+
name: rack-oauth2
|
29
|
+
requirement: !ruby/object:Gem::Requirement
|
30
|
+
requirements:
|
31
|
+
- - "~>"
|
32
|
+
- !ruby/object:Gem::Version
|
33
|
+
version: 1.2.0
|
34
|
+
type: :runtime
|
35
|
+
prerelease: false
|
36
|
+
version_requirements: !ruby/object:Gem::Requirement
|
37
|
+
requirements:
|
38
|
+
- - "~>"
|
39
|
+
- !ruby/object:Gem::Version
|
40
|
+
version: 1.2.0
|
27
41
|
- !ruby/object:Gem::Dependency
|
28
42
|
name: rails
|
29
43
|
requirement: !ruby/object:Gem::Requirement
|