osso 0.0.3.21 → 0.0.3.26
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/Gemfile.lock +1 -1
- data/lib/osso/graphql/mutations/regenerate_oauth_credentials.rb +1 -1
- data/lib/osso/models/identity_provider.rb +11 -2
- data/lib/osso/models/oauth_client.rb +5 -0
- data/lib/osso/routes/auth.rb +1 -2
- data/lib/osso/version.rb +1 -1
- data/spec/factories/identity_providers.rb +2 -0
- data/spec/models/identity_provider_spec.rb +11 -2
- data/spec/routes/auth_spec.rb +26 -0
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: cb9f3d69563582f827ee2bca6484354ef751f2f4a47078227756a866b5bf59b0
|
|
4
|
+
data.tar.gz: da7fa02b67baf9c336d380bb3798874375b8580d6e414cc29193143ab7b33bb0
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 2e4eff9a9f7c39460bd0691e6c5f67464e2350e36477d90f10ac1cc47277347f17c1a2a20ec61aff2194a630dc651a1d5f7ebaa3855af09829aaa4f5021a4fb6
|
|
7
|
+
data.tar.gz: 2f990d6ced375400d60a06200e3f14758c6574657cfd16509e6239511f0f4622bad5106ed1a819089dbf356b9e3612952682b1a52bdd7b450a0f6b8d26f00d56
|
data/Gemfile.lock
CHANGED
|
@@ -4,7 +4,6 @@ module Osso
|
|
|
4
4
|
module Models
|
|
5
5
|
# Base class for SAML Providers
|
|
6
6
|
class IdentityProvider < ActiveRecord::Base
|
|
7
|
-
NAME_FORMAT = 'urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress'
|
|
8
7
|
belongs_to :enterprise_account
|
|
9
8
|
belongs_to :oauth_client
|
|
10
9
|
has_many :users
|
|
@@ -41,8 +40,18 @@ module Osso
|
|
|
41
40
|
self.status = 'CONFIGURED' if sso_url && sso_cert
|
|
42
41
|
end
|
|
43
42
|
|
|
43
|
+
def active!
|
|
44
|
+
update(status: 'ACTIVE')
|
|
45
|
+
end
|
|
46
|
+
|
|
47
|
+
def error!
|
|
48
|
+
update(status: 'ERROR')
|
|
49
|
+
end
|
|
50
|
+
|
|
44
51
|
def root_url
|
|
45
|
-
ENV['HEROKU_APP_NAME']
|
|
52
|
+
return "https://#{ENV['HEROKU_APP_NAME']}.herokuapp.com" if ENV['HEROKU_APP_NAME']
|
|
53
|
+
|
|
54
|
+
ENV.fetch('BASE_URL')
|
|
46
55
|
end
|
|
47
56
|
end
|
|
48
57
|
end
|
data/lib/osso/routes/auth.rb
CHANGED
data/lib/osso/version.rb
CHANGED
|
@@ -5,6 +5,7 @@ FactoryBot.define do
|
|
|
5
5
|
id { SecureRandom.uuid }
|
|
6
6
|
domain { Faker::Internet.domain_name }
|
|
7
7
|
oauth_client
|
|
8
|
+
status { 'PENDING' }
|
|
8
9
|
|
|
9
10
|
factory :okta_identity_provider, parent: :identity_provider do
|
|
10
11
|
service { 'OKTA' }
|
|
@@ -21,6 +22,7 @@ FactoryBot.define do
|
|
|
21
22
|
end
|
|
22
23
|
|
|
23
24
|
factory :configured_identity_provider, parent: :identity_provider do
|
|
25
|
+
status { 'CONFIGURED' }
|
|
24
26
|
sso_cert do
|
|
25
27
|
<<~CERT
|
|
26
28
|
-----BEGIN CERTIFICATE-----
|
|
@@ -6,11 +6,20 @@ describe Osso::Models::IdentityProvider do
|
|
|
6
6
|
subject { create(:okta_identity_provider) }
|
|
7
7
|
|
|
8
8
|
describe '#assertion_consumer_service_url' do
|
|
9
|
-
it 'returns the expected URI' do
|
|
9
|
+
it 'returns the expected URI for BASE_URL' do
|
|
10
|
+
ENV['HEROKU_APP_NAME'] = nil
|
|
10
11
|
ENV['BASE_URL'] = 'https://example.com'
|
|
11
12
|
|
|
12
13
|
expect(subject.assertion_consumer_service_url).to eq(
|
|
13
|
-
"
|
|
14
|
+
"#{ENV['BASE_URL']}/auth/saml/#{subject.id}/callback",
|
|
15
|
+
)
|
|
16
|
+
end
|
|
17
|
+
|
|
18
|
+
it 'returns the expected URI for HEROKU_APP_NAME' do
|
|
19
|
+
ENV['HEROKU_APP_NAME'] = 'test'
|
|
20
|
+
|
|
21
|
+
expect(subject.assertion_consumer_service_url).to eq(
|
|
22
|
+
"https://test.herokuapp.com/auth/saml/#{subject.id}/callback",
|
|
14
23
|
)
|
|
15
24
|
end
|
|
16
25
|
end
|
data/spec/routes/auth_spec.rb
CHANGED
|
@@ -104,6 +104,17 @@ describe Osso::Auth do
|
|
|
104
104
|
)
|
|
105
105
|
end.to_not(change { Osso::Models::User.count })
|
|
106
106
|
end
|
|
107
|
+
it 'marks the provider as ACTIVE' do
|
|
108
|
+
post(
|
|
109
|
+
"/auth/saml/#{okta_provider.id}/callback",
|
|
110
|
+
nil,
|
|
111
|
+
{
|
|
112
|
+
'omniauth.auth' => OmniAuth.config.mock_auth[:saml],
|
|
113
|
+
'identity_provider' => okta_provider,
|
|
114
|
+
},
|
|
115
|
+
)
|
|
116
|
+
expect(okta_provider.reload.status).to eq('ACTIVE')
|
|
117
|
+
end
|
|
107
118
|
end
|
|
108
119
|
end
|
|
109
120
|
|
|
@@ -126,6 +137,21 @@ describe Osso::Auth do
|
|
|
126
137
|
)
|
|
127
138
|
end.to change { Osso::Models::User.count }.by(1)
|
|
128
139
|
end
|
|
140
|
+
|
|
141
|
+
it 'marks the provider ACTIVE' do
|
|
142
|
+
mock_saml_omniauth
|
|
143
|
+
|
|
144
|
+
post(
|
|
145
|
+
"/auth/saml/#{azure_provider.id}/callback",
|
|
146
|
+
nil,
|
|
147
|
+
{
|
|
148
|
+
'omniauth.auth' => OmniAuth.config.mock_auth[:saml],
|
|
149
|
+
'identity_provider' => azure_provider,
|
|
150
|
+
},
|
|
151
|
+
)
|
|
152
|
+
|
|
153
|
+
expect(azure_provider.reload.status).to eq('ACTIVE')
|
|
154
|
+
end
|
|
129
155
|
end
|
|
130
156
|
|
|
131
157
|
describe 'on subsequent authentications' do
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: osso
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.0.3.
|
|
4
|
+
version: 0.0.3.26
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Sam Bauch
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2020-
|
|
11
|
+
date: 2020-09-01 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: activesupport
|