osso 0.0.3.1 → 0.0.3.6

data/spec/routes/oauth_spec.rb

@@ -35,7 +35,7 @@ describe Osso::Oauth do
             redirect_uri: client.redirect_uri_values.sample,
           )
 
-          provider_id = enterprise.saml_providers.first.id
+          provider_id = enterprise.identity_providers.first.id
 
           expect(last_response).to be_redirect
           follow_redirect!

data/spec/spec_helper.rb

@@ -11,18 +11,17 @@ require 'webmock/rspec'
 
 ENV['RACK_ENV'] = 'test'
 ENV['SESSION_SECRET'] = 'supersecret'
+ENV['BASE_URL'] = 'https://example.com'
 
 require File.expand_path '../lib/osso.rb', __dir__
 
+require File.expand_path 'support/spec_app', __dir__
+
 module RSpecMixin
   include Rack::Test::Methods
 
   def app
-    Rack::URLMap.new(
-      '/admin' => Osso::Admin,
-      '/auth' => Osso::Auth,
-      '/oauth' => Osso::Oauth,
-    )
+    SpecApp
   end
 
   def mock_saml_omniauth(email: 'user@enterprise.com', id: SecureRandom.uuid)

data/spec/support/spec_app.rb

@@ -0,0 +1,9 @@
+# frozen_string_literal: true
+
+class SpecApp < Sinatra::Base
+  include Osso::RouteMap
+
+  get '/health' do
+    'ok'
+  end
+end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: osso
 version: !ruby/object:Gem::Version
-  version: 0.0.3.1
+  version: 0.0.3.6
 platform: ruby
 authors:
 - Sam Bauch
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2020-07-09 00:00:00.000000000 Z
+date: 2020-07-16 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activesupport
@@ -24,6 +24,20 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: 6.0.3.2
+- !ruby/object:Gem::Dependency
+  name: graphql
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: jwt
   requirement: !ruby/object:Gem::Requirement
@@ -225,26 +239,25 @@ files:
 - lib/osso/db/migrate/20190909230109_enable_uuid.rb
 - lib/osso/db/migrate/20200328135750_create_users.rb
 - lib/osso/db/migrate/20200328143303_create_oauth_tables.rb
-- lib/osso/db/migrate/20200411144528_create_saml_providers.rb
+- lib/osso/db/migrate/20200328143305_create_identity_providers.rb
 - lib/osso/db/migrate/20200411184535_add_provider_id_to_users.rb
 - lib/osso/db/migrate/20200411192645_create_enterprise_accounts.rb
 - lib/osso/db/migrate/20200413132407_add_oauth_clients.rb
 - lib/osso/db/migrate/20200413142511_create_authorization_codes.rb
-- lib/osso/db/migrate/20200413153029_add_oauth_client_reference_to_saml_providers.rb
 - lib/osso/db/migrate/20200413163451_create_access_tokens.rb
-- lib/osso/db/migrate/20200501203026_drop_null_constraints_from_saml_provider.rb
-- lib/osso/db/migrate/20200501204047_drop_acs_url.rb
 - lib/osso/db/migrate/20200502120616_create_redirect_uris_and_drop_from_oauth_clients.rb
-- lib/osso/db/migrate/20200502135008_add_oauth_client_id_to_enterprise_account.rb
-- lib/osso/db/migrate/20200601131227_drop_null_constraint_from_saml_providers_provider.rb
-- lib/osso/db/schema.rb
+- lib/osso/db/migrate/20200502135008_add_oauth_client_id_to_enterprise_accounts_and_identity_providers.rb
+- lib/osso/db/migrate/20200714223226_add_identity_provider_service_enum.rb
+- lib/osso/db/migrate/20200715154211_rename_idp_fields_on_identity_provider_to_sso.rb
+- lib/osso/db/migrate/20200715205801_add_name_to_enterprise_account.rb
 - lib/osso/graphql/.DS_Store
 - lib/osso/graphql/mutation.rb
 - lib/osso/graphql/mutations.rb
 - lib/osso/graphql/mutations/base_mutation.rb
 - lib/osso/graphql/mutations/configure_identity_provider.rb
+- lib/osso/graphql/mutations/create_enterprise_account.rb
 - lib/osso/graphql/mutations/create_identity_provider.rb
-- lib/osso/graphql/mutations/set_saml_provider.rb
+- lib/osso/graphql/mutations/set_identity_provider.rb
 - lib/osso/graphql/query.rb
 - lib/osso/graphql/resolvers.rb
 - lib/osso/graphql/resolvers/enterprise_account.rb
@@ -253,6 +266,7 @@ files:
 - lib/osso/graphql/schema.rb
 - lib/osso/graphql/types.rb
 - lib/osso/graphql/types/base_enum.rb
+- lib/osso/graphql/types/base_input_object.rb
 - lib/osso/graphql/types/base_object.rb
 - lib/osso/graphql/types/enterprise_account.rb
 - lib/osso/graphql/types/identity_provider.rb
@@ -263,9 +277,11 @@ files:
 - lib/osso/helpers/helpers.rb
 - lib/osso/lib/app_config.rb
 - lib/osso/lib/oauth2_token.rb
+- lib/osso/lib/route_map.rb
 - lib/osso/models/access_token.rb
 - lib/osso/models/authorization_code.rb
 - lib/osso/models/enterprise_account.rb
+- lib/osso/models/identity_provider.rb
 - lib/osso/models/models.rb
 - lib/osso/models/oauth_client.rb
 - lib/osso/models/redirect_uri.rb
@@ -285,19 +301,27 @@ files:
 - osso-rb.gemspec
 - spec/factories/authorization_code.rb
 - spec/factories/enterprise_account.rb
+- spec/factories/identity_providers.rb
 - spec/factories/oauth_client.rb
 - spec/factories/redirect_uri.rb
-- spec/factories/saml_providers.rb
 - spec/factories/user.rb
+- spec/graphql/mutations/configure_identity_provider_spec.rb
+- spec/graphql/mutations/create_enterprise_account_spec.rb
+- spec/graphql/mutations/create_identity_provider_spec.rb
+- spec/graphql/query/enterprise_account_spec.rb
+- spec/graphql/query/enterprise_accounts_spec.rb
+- spec/graphql/query/identity_provider_spec.rb
+- spec/graphql/query/oauth_clients_account_spec.rb
 - spec/models/azure_saml_provider_spec.rb
+- spec/models/identity_provider_spec.rb
 - spec/models/okta_saml_provider_spec.rb
-- spec/models/saml_provider_spec.rb
 - spec/routes/admin_spec.rb
 - spec/routes/app_spec.rb
 - spec/routes/auth_spec.rb
 - spec/routes/oauth_spec.rb
 - spec/spec_helper.rb
-- spec/support/views/public/index.erb
+- spec/support/spec_app.rb
+- spec/support/views/admin.erb
 homepage: https://github.com/enterprise-oss/osso-rb
 licenses:
 - MIT

data/lib/osso/db/migrate/20200411144528_create_saml_providers.rb

@@ -1,13 +0,0 @@
-class CreateSamlProviders < ActiveRecord::Migration[6.0]
-  def change
-    create_table :saml_providers, id: :uuid do |t|
-      t.string  :provider,  null: false
-      t.string  :domain, null: false
-      t.string :idp_sso_target_url, null: false
-      t.text :idp_cert, null: false
-      t.string :assertion_consumer_service_url
-    end
-
-    add_index :saml_providers, [:domain, :provider], unique: true
-  end
-end

data/lib/osso/db/migrate/20200413153029_add_oauth_client_reference_to_saml_providers.rb

@@ -1,5 +0,0 @@
-class AddOauthClientReferenceToSamlProviders < ActiveRecord::Migration[6.0]
-  def change
-    add_reference :saml_providers, :oauth_client, type: :uuid, index: true
-  end
-end

data/lib/osso/db/migrate/20200501203026_drop_null_constraints_from_saml_provider.rb

@@ -1,7 +0,0 @@
-class DropNullConstraintsFromSamlProvider < ActiveRecord::Migration[6.0]
-  def change
-    change_column :saml_providers, :idp_sso_target_url, :string, null: true
-    change_column :saml_providers, :idp_cert, :text, null: true
-    change_column :saml_providers, :assertion_consumer_service_url, :string, null: false
-  end
-end

data/lib/osso/db/migrate/20200501204047_drop_acs_url.rb

@@ -1,5 +0,0 @@
-class DropAcsUrl < ActiveRecord::Migration[6.0]
-  def change
-    remove_column :saml_providers, :assertion_consumer_service_url
-  end
-end

data/lib/osso/db/migrate/20200502135008_add_oauth_client_id_to_enterprise_account.rb

@@ -1,5 +0,0 @@
-class AddOauthClientIdToEnterpriseAccount < ActiveRecord::Migration[6.0]
-  def change
-    add_reference :enterprise_accounts, :oauth_client, type: :uuid, index: true
-  end
-end

data/lib/osso/db/migrate/20200601131227_drop_null_constraint_from_saml_providers_provider.rb

@@ -1,7 +0,0 @@
-# frozen_string_literal: true
-
-class DropNullConstraintFromSamlProvidersProvider < ActiveRecord::Migration[6.0]
-  def change
-    change_column :saml_providers, :provider, :string, null: true
-  end
-end

data/lib/osso/db/schema.rb

@@ -1,132 +0,0 @@
-# This file is auto-generated from the current state of the database. Instead
-# of editing this file, please use the migrations feature of Active Record to
-# incrementally modify your database, and then regenerate this schema definition.
-#
-# This file is the source Rails uses to define your schema when running `rails
-# db:schema:load`. When creating a new database, `rails db:schema:load` tends to
-# be faster and is potentially less error prone than running all of your
-# migrations from scratch. Old migrations may fail to apply correctly if those
-# migrations use external dependencies or application code.
-#
-# It's strongly recommended that you check this file into your version control system.
-
-ActiveRecord::Schema.define(version: 2020_05_02_135008) do
-
-  # These are extensions that must be enabled in order to support this database
-  enable_extension "pgcrypto"
-  enable_extension "plpgsql"
-
-  create_table "access_tokens", id: :uuid, default: -> { "gen_random_uuid()" }, force: :cascade do |t|
-    t.string "token"
-    t.datetime "expires_at"
-    t.datetime "created_at", precision: 6, null: false
-    t.datetime "updated_at", precision: 6, null: false
-    t.uuid "user_id"
-    t.uuid "oauth_client_id"
-    t.index ["oauth_client_id"], name: "index_access_tokens_on_oauth_client_id"
-    t.index ["user_id"], name: "index_access_tokens_on_user_id"
-  end
-
-  create_table "authorization_codes", id: :uuid, default: -> { "gen_random_uuid()" }, force: :cascade do |t|
-    t.string "token"
-    t.string "redirect_uri"
-    t.datetime "expires_at"
-    t.datetime "created_at", precision: 6, null: false
-    t.datetime "updated_at", precision: 6, null: false
-    t.uuid "user_id"
-    t.uuid "oauth_client_id"
-    t.index ["oauth_client_id"], name: "index_authorization_codes_on_oauth_client_id"
-    t.index ["token"], name: "index_authorization_codes_on_token", unique: true
-    t.index ["user_id"], name: "index_authorization_codes_on_user_id"
-  end
-
-  create_table "enterprise_accounts", id: :uuid, default: -> { "gen_random_uuid()" }, force: :cascade do |t|
-    t.string "domain", null: false
-    t.uuid "external_uuid"
-    t.integer "external_int_id"
-    t.string "external_id"
-    t.uuid "oauth_client_id"
-    t.index ["domain"], name: "index_enterprise_accounts_on_domain", unique: true
-    t.index ["oauth_client_id"], name: "index_enterprise_accounts_on_oauth_client_id"
-  end
-
-  create_table "oauth_access_grants", id: :uuid, default: -> { "gen_random_uuid()" }, force: :cascade do |t|
-    t.uuid "resource_owner_id", null: false
-    t.uuid "application_id", null: false
-    t.string "token", null: false
-    t.integer "expires_in", null: false
-    t.text "redirect_uri", null: false
-    t.datetime "created_at", null: false
-    t.datetime "revoked_at"
-    t.string "scopes", default: "", null: false
-    t.index ["application_id"], name: "index_oauth_access_grants_on_application_id"
-    t.index ["token"], name: "index_oauth_access_grants_on_token", unique: true
-  end
-
-  create_table "oauth_access_tokens", id: :uuid, default: -> { "gen_random_uuid()" }, force: :cascade do |t|
-    t.uuid "resource_owner_id"
-    t.uuid "application_id"
-    t.string "token", null: false
-    t.string "refresh_token"
-    t.integer "expires_in"
-    t.datetime "revoked_at"
-    t.datetime "created_at", null: false
-    t.string "scopes"
-    t.string "previous_refresh_token", default: "", null: false
-    t.index ["application_id"], name: "index_oauth_access_tokens_on_application_id"
-    t.index ["refresh_token"], name: "index_oauth_access_tokens_on_refresh_token", unique: true
-    t.index ["token"], name: "index_oauth_access_tokens_on_token", unique: true
-  end
-
-  create_table "oauth_applications", id: :uuid, default: -> { "gen_random_uuid()" }, force: :cascade do |t|
-    t.string "name", null: false
-    t.string "secret", null: false
-    t.text "redirect_uri", null: false
-    t.string "scopes", default: "", null: false
-    t.boolean "confidential", default: true, null: false
-    t.datetime "created_at", precision: 6, null: false
-    t.datetime "updated_at", precision: 6, null: false
-  end
-
-  create_table "oauth_clients", id: :uuid, default: -> { "gen_random_uuid()" }, force: :cascade do |t|
-    t.string "name", null: false
-    t.string "secret", null: false
-    t.string "identifier", null: false
-    t.index ["identifier"], name: "index_oauth_clients_on_identifier", unique: true
-  end
-
-  create_table "redirect_uris", id: :uuid, default: -> { "gen_random_uuid()" }, force: :cascade do |t|
-    t.string "uri", null: false
-    t.boolean "primary", default: false, null: false
-    t.uuid "oauth_client_id"
-    t.index ["oauth_client_id"], name: "index_redirect_uris_on_oauth_client_id"
-    t.index ["uri", "primary"], name: "index_redirect_uris_on_uri_and_primary", unique: true
-  end
-
-  create_table "saml_providers", id: :uuid, default: -> { "gen_random_uuid()" }, force: :cascade do |t|
-    t.string "provider", null: false
-    t.string "domain", null: false
-    t.string "idp_sso_target_url"
-    t.text "idp_cert"
-    t.uuid "enterprise_account_id"
-    t.uuid "oauth_client_id"
-    t.index ["domain", "provider"], name: "index_saml_providers_on_domain_and_provider", unique: true
-    t.index ["enterprise_account_id"], name: "index_saml_providers_on_enterprise_account_id"
-    t.index ["oauth_client_id"], name: "index_saml_providers_on_oauth_client_id"
-  end
-
-  create_table "users", id: :uuid, default: -> { "gen_random_uuid()" }, force: :cascade do |t|
-    t.string "email", null: false
-    t.string "idp_id", null: false
-    t.uuid "saml_provider_id"
-    t.uuid "enterprise_account_id"
-    t.index ["email", "idp_id"], name: "index_users_on_email_and_idp_id", unique: true
-    t.index ["enterprise_account_id"], name: "index_users_on_enterprise_account_id"
-  end
-
-  add_foreign_key "oauth_access_grants", "oauth_applications", column: "application_id"
-  add_foreign_key "oauth_access_grants", "users", column: "resource_owner_id"
-  add_foreign_key "oauth_access_tokens", "oauth_applications", column: "application_id"
-  add_foreign_key "oauth_access_tokens", "users", column: "resource_owner_id"
-  add_foreign_key "users", "saml_providers"
-end

data/lib/osso/graphql/mutations/set_saml_provider.rb

@@ -1,23 +0,0 @@
-# frozen_string_literal: true
-
-module Mutations
-  class SetSamlProvider < BaseMutation
-    null false
-
-    argument :provider, Types::IdentityProviderService, required: true
-    argument :id, ID, required: true
-
-    field :identity_provider, Types::IdentityProvider, null: false
-    field :errors, [String], null: false
-
-    def resolve(provider:, id:)
-      saml_provider = Osso::Models::SamlProvider.find(id)
-      saml_provider.provider = provider
-      saml_provider.save!
-      {
-        saml_provider: saml_provider,
-        errors: [],
-      }
-    end
-  end
-end

data/spec/factories/saml_providers.rb

@@ -1,46 +0,0 @@
-# frozen_string_literal: true
-
-FactoryBot.define do
-  factory :saml_provider, class: Osso::Models::SamlProvider do
-    id { SecureRandom.uuid }
-    domain { Faker::Internet.domain_name }
-    oauth_client
-    idp_cert do
-      <<~CERT
-        -----BEGIN CERTIFICATE-----
-        MIIDpDCCAoygAwIBAgIGAXEiD4LlMA0GCSqGSIb3DQEBCwUAMIGSMQswCQYDVQQGEwJVUzETMBEG
-        A1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwNU2FuIEZyYW5jaXNjbzENMAsGA1UECgwET2t0YTEU
-        MBIGA1UECwwLU1NPUHJvdmlkZXIxEzARBgNVBAMMCmRldi0xNjIwMjQxHDAaBgkqhkiG9w0BCQEW
-        DWluZm9Ab2t0YS5jb20wHhcNMjAwMzI4MTY1MTU0WhcNMzAwMzI4MTY1MjU0WjCBkjELMAkGA1UE
-        BhMCVVMxEzARBgNVBAgMCkNhbGlmb3JuaWExFjAUBgNVBAcMDVNhbiBGcmFuY2lzY28xDTALBgNV
-        BAoMBE9rdGExFDASBgNVBAsMC1NTT1Byb3ZpZGVyMRMwEQYDVQQDDApkZXYtMTYyMDI0MRwwGgYJ
-        KoZIhvcNAQkBFg1pbmZvQG9rdGEuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
-        wsnP4UTfv3bxR5Jh0at51Dqjj+fKxFznzFW3XA5NbF2SlRLjeYcvj3+47TC0eP6xOsLWfnvdnx4v
-        dd9Ufn7jDCo5pL3JykMVEh2I0szF3RLC+a532ArcwgU9Px48+rWVwPkASS7l4NHAM4+gOBHJMQt2
-        AMohPT0kU41P8BEPzfwhNyiEXR66JNZIJUE8fM3Vpgnxm/VSwYzJf0NfOyfxv8JczF0zkDbpE7Tk
-        3Ww/PFFLoMxWzanWGJQ+blnhv6UV6H4fcfAbcwAplOdIVHjS2ghYBvYNGahuFxjia0+6csyZGrt8
-        H4XmR5Dr+jXY5K1b1VOA0k19/FCnHHN/smn25wIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQBgD9NE
-        4OCuR1+vucV8S1T6XXIL2hB7bXBAZEVHZ1aErRzktgXAMgVwG267vIkD5VOXBiTy9yNU5LK6G3k2
-        zewU190sL1dMfyPnoVZyn94nvwe9A+on0tmZdmk00xirKk3FJdacnZNE9Dl/afIrcNf6xAm0WsU9
-        kbMiRwwvjO4TAiygDQzbrRC8ZfmT3hpBa3aTUzAccrvEQcgarLk4r7UjXP7a2mCN3UIIh+snN2Ms
-        vXHL0r6fM3xbniz+5lleWtPFw73yySBc8znkWZ4Tn8Lh0r6o5nCRYbr2REUB7ZIfiIyBbZxIp4kv
-        a+habbnQDFiNVzEd8OPXHh4EqLxOPDRW
-        -----END CERTIFICATE-----
-      CERT
-    end
-
-    factory :okta_saml_provider, parent: :saml_provider, class: Osso::Models::OktaSamlProvider do
-      provider { 'Osso::Models::OktaSamlProvider' }
-      idp_sso_target_url do
-        'https://dev-162024.okta.com/app/vcardmedev162024_rubydemo2_1/exk51326b3U1941Hf4x6/sso/saml'
-      end
-    end
-
-    factory :azure_saml_provider, parent: :saml_provider, class: Osso::Models::AzureSamlProvider do
-      provider { 'Osso::Models::AzureSamlProvider' }
-      idp_sso_target_url do
-        'https://login.microsoftonline.com/0af6c610-c40c-4683-9ea4-f25e509b8172/saml2'
-      end
-    end
-  end
-end

data/spec/models/saml_provider_spec.rb

@@ -1,31 +0,0 @@
-# frozen_string_literal: true
-
-require 'spec_helper'
-
-describe Osso::Models::SamlProvider do
-  subject { create(:okta_saml_provider) }
-
-  describe '.create' do
-    it 'creates an enterprise account' do
-      domain = Faker::Internet.domain_name
-
-      provider = described_class.create(
-        domain: domain,
-        provider: 'Osso::Models::OktaSamlProvider',
-      )
-
-      expect(provider.enterprise_account).to be_a(Osso::Models::EnterpriseAccount)
-      expect(provider.enterprise_account.domain).to eq(domain)
-    end
-  end
-
-  describe '#assertion_consumer_service_url' do
-    it 'returns the expected URI' do
-      ENV['BASE_URL'] = 'https://example.com'
-
-      expect(subject.assertion_consumer_service_url).to eq(
-        "https://example.com/auth/saml/#{subject.id}/callback",
-      )
-    end
-  end
-end