openid-token-proxy 0.1.6 → 0.1.7

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: ad5b40cf76aaa072761205d1bd32fe875a860823
4
- data.tar.gz: 853220559755b75e246c4ed5a1f26bbc91df1d51
3
+ metadata.gz: c64cf28d8d4c3fb0774488c18ecae95c5e3abcbb
4
+ data.tar.gz: 4eaa2ce104d161d27c36ff7291bf25990fb15106
5
5
  SHA512:
6
- metadata.gz: 55c42e5b66a8b7b151d320700d88b94b6993cff8f4a7e4ede2c23d2730b328bc3fa0b10edd02f5c16917873f49610d83489640e3b5b1c3501fd1e9248c705c5c
7
- data.tar.gz: dcceecab4f6033cbdf6e7aaed30714034614c17cb785c9126d5bfcd6d87894a631f19bccfceef631d213f4ccb5d7447e43ca67cf0e0630bd8e2de52c55911c3e
6
+ metadata.gz: d76ce92ad630b77f81c9cd1c9b993c52a886728f4bed5cfbc86fbc8ddd6d702e1597e3d77addb8ee4626f542cde7f6f5ee4bb3a99e93db78715991b1cfa7e8d6
7
+ data.tar.gz: 3f658685bfc72a789dd1427c4632d396ee89cfcc82c606c2ae08d35c69a61eadb047fcccf2a99794a70a0cf5e3dc5e7b3e9335333a02be7a99046f4508c072a8
data/CHANGELOG.md CHANGED
@@ -1,5 +1,9 @@
1
1
  # Changelog
2
2
 
3
+ ### v0.1.7 - February 15, 2016
4
+
5
+ - Allow passing tokens from cookies.
6
+ - Allowing hooking into token refreshment.
3
7
 
4
8
  ### v0.1.6 - October 13, 2015
5
9
 
data/README.md CHANGED
@@ -148,6 +148,7 @@ Access tokens may be provided with one of the following:
148
148
  - `X-Token` header.
149
149
  - `Authorization: Bearer <token>` header.
150
150
  - Query string parameter `token`.
151
+ - Cookie `token`.
151
152
 
152
153
  Token expiry time will be exposed through the `X-Token-Expiry-Time` header.
153
154
 
@@ -187,6 +188,7 @@ Refresh tokens may be provided with one of the following:
187
188
 
188
189
  - `X-Refresh-Token` header.
189
190
  - Query string parameter `refresh_token`.
191
+ - Cookie `refresh_token`.
190
192
 
191
193
  Whenever an access token has expired and a refresh token is given, the module will
192
194
  attempt to obtain a new token transparently.
@@ -197,6 +199,17 @@ token was obtained:
197
199
  - `X-Token` header containing the new access token to be used in future requests.
198
200
  - `X-Refresh-Token` header containing the new refresh token.
199
201
 
202
+ You may configure some code to be run (scoped to a controller) when a token is
203
+ successfully refreshed:
204
+
205
+ ```ruby
206
+ OpenIDTokenProxy.configure do |config|
207
+ config.token_refreshment_hook = proc { |token|
208
+ cookies[:token] = token.access_token
209
+ }
210
+ end
211
+ ```
212
+
200
213
 
201
214
  ## Contributing
202
215
 
@@ -11,6 +11,7 @@ module OpenIDTokenProxy
11
11
  :userinfo_endpoint, :end_session_endpoint
12
12
 
13
13
  attr_accessor :token_acquirement_hook
14
+ attr_accessor :token_refreshment_hook
14
15
  attr_accessor :public_keys
15
16
 
16
17
  def initialize
@@ -31,6 +32,7 @@ module OpenIDTokenProxy
31
32
  @end_session_endpoint = ENV['OPENID_END_SESSION_ENDPOINT']
32
33
 
33
34
  @token_acquirement_hook = proc { }
35
+ @token_refreshment_hook = proc { }
34
36
 
35
37
  yield self if block_given?
36
38
  end
@@ -50,7 +50,7 @@ module OpenIDTokenProxy
50
50
  return token if token
51
51
  end
52
52
 
53
- request.headers['X-Token']
53
+ request.headers['X-Token'] || cookies[:token]
54
54
  end
55
55
  end
56
56
  end
@@ -17,11 +17,18 @@ module OpenIDTokenProxy
17
17
  )
18
18
  response.headers['X-Token'] = current_token.access_token
19
19
  response.headers['X-Refresh-Token'] = current_token.refresh_token
20
+
21
+ instance_exec(
22
+ current_token,
23
+ &OpenIDTokenProxy.config.token_refreshment_hook
24
+ )
20
25
  end
21
26
  end
22
27
 
23
28
  def raw_refresh_token
24
- params[:refresh_token] || request.headers['X-Refresh-Token']
29
+ params[:refresh_token] ||
30
+ request.headers['X-Refresh-Token'] ||
31
+ cookies[:refresh_token]
25
32
  end
26
33
  end
27
34
  end
@@ -1,3 +1,3 @@
1
1
  module OpenIDTokenProxy
2
- VERSION = '0.1.6'
2
+ VERSION = '0.1.7'
3
3
  end
@@ -5,7 +5,7 @@ RSpec.describe OpenIDTokenProxy::CallbackController, type: :controller do
5
5
  let(:access_token) { 'access token' }
6
6
  let(:auth_code) { 'authorization code' }
7
7
  let(:client) { OpenIDTokenProxy.client }
8
- let(:token) { double(access_token: access_token) }
8
+ let(:token) { OpenIDTokenProxy::Token.new 'token' }
9
9
 
10
10
  context 'when authorization code is missing' do
11
11
  it 'results in 400 BAD REQUEST with error message' do
@@ -36,8 +36,10 @@ RSpec.describe OpenIDTokenProxy::CallbackController, type: :controller do
36
36
  context 'with no-op token acquirement hook' do
37
37
  it 'redirects to root' do
38
38
  OpenIDTokenProxy.configure_temporarily do |config|
39
- config.token_acquirement_hook = proc { }
40
- get :handle, code: auth_code
39
+ expect do |probe|
40
+ config.token_acquirement_hook = probe
41
+ get :handle, code: auth_code
42
+ end.to yield_with_args(instance_of(OpenIDTokenProxy::Token))
41
43
  expect(response).to redirect_to controller.main_app.root_url
42
44
  end
43
45
  end
@@ -74,5 +74,11 @@ RSpec.describe OpenIDTokenProxy::Token::Authentication, type: :controller do
74
74
  get :index
75
75
  expect(controller.raw_token).to eq 'raw token'
76
76
  end
77
+
78
+ it 'may be provided as a cookie' do
79
+ cookies[:token] = 'raw token'
80
+ get :index
81
+ expect(controller.raw_token).to eq 'raw token'
82
+ end
77
83
  end
78
84
  end
@@ -57,12 +57,17 @@ RSpec.describe OpenIDTokenProxy::Token::Refresh, type: :controller do
57
57
 
58
58
  context 'when token was refreshed successfully' do
59
59
  it 'executes actions normally returning new tokens as headers' do
60
- get :index, refresh_token: refresh_token
61
- expect(response).to have_http_status :ok
62
- expect(response.body).to eq 'Refresh successful'
63
- expect(response.headers['X-Token']).to eq 'new access token'
64
- expect(response.headers['X-Refresh-Token']).to eq 'new refresh token'
65
- expect(response.headers['X-Token-Expiry-Time']).to eq refreshed_expiry_time.iso8601
60
+ OpenIDTokenProxy.configure_temporarily do |config|
61
+ expect do |probe|
62
+ config.token_refreshment_hook = probe
63
+ get :index, refresh_token: refresh_token
64
+ end.to yield_with_args(instance_of(OpenIDTokenProxy::Token))
65
+ expect(response).to have_http_status :ok
66
+ expect(response.body).to eq 'Refresh successful'
67
+ expect(response.headers['X-Token']).to eq 'new access token'
68
+ expect(response.headers['X-Refresh-Token']).to eq 'new refresh token'
69
+ expect(response.headers['X-Token-Expiry-Time']).to eq refreshed_expiry_time.iso8601
70
+ end
66
71
  end
67
72
  end
68
73
  end
@@ -78,5 +83,11 @@ RSpec.describe OpenIDTokenProxy::Token::Refresh, type: :controller do
78
83
  get :index
79
84
  expect(controller.raw_refresh_token).to eq 'refresh token'
80
85
  end
86
+
87
+ it 'may be provided as a cookie' do
88
+ cookies[:refresh_token] = refresh_token
89
+ get :index
90
+ expect(controller.raw_refresh_token).to eq 'refresh token'
91
+ end
81
92
  end
82
93
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: openid-token-proxy
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.6
4
+ version: 0.1.7
5
5
  platform: ruby
6
6
  authors:
7
7
  - Tim Kurvers
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2015-10-13 00:00:00.000000000 Z
11
+ date: 2016-02-15 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: openid_connect
@@ -311,7 +311,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
311
311
  version: '0'
312
312
  requirements: []
313
313
  rubyforge_project:
314
- rubygems_version: 2.2.2
314
+ rubygems_version: 2.4.5.1
315
315
  signing_key:
316
316
  specification_version: 4
317
317
  summary: Retrieves and refreshes OpenID tokens on behalf of a user