osso 0.0.3.3 → 0.0.3.8

data/spec/graphql/query/enterprise_accounts_spec.rb

@@ -0,0 +1,44 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+describe Osso::GraphQL::Schema do
+  describe 'EnterpriseAccounts' do
+    describe 'for an admin user' do
+      let(:current_scope) { :admin }
+
+      it 'returns Enterprise Accounts' do
+        create_list(:enterprise_account, 2)
+
+        query = <<~GRAPHQL
+          query EnterpriseAccounts {
+            enterpriseAccounts {
+              domain
+              id
+              identityProviders {
+                id
+                service
+                domain
+                acsUrl
+                ssoCert
+                ssoUrl
+                status
+              }
+              name
+              status
+            }
+          }
+        GRAPHQL
+
+        response = described_class.execute(
+          query,
+          variables: nil,
+          context: { scope: current_scope },
+        )
+
+        expect(response['errors']).to be_nil
+        expect(response.dig('data', 'enterpriseAccounts').count).to eq(2)
+      end
+    end
+  end
+end

data/spec/graphql/query/identity_provider_spec.rb

@@ -0,0 +1,65 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+describe Osso::GraphQL::Schema do
+  describe 'Identity Provider' do
+    let(:id) { Faker::Internet.uuid }
+    let(:domain) { Faker::Internet.domain_name }
+    let(:variables) { { id: id } }
+    let(:query) do
+      <<~GRAPHQL
+        query IdentityProvider($id: ID!) {
+          identityProvider(id: $id) {            
+            id
+            service
+            domain
+            acsUrl
+            ssoCert
+            ssoUrl
+            status
+          }
+        }
+      GRAPHQL
+    end
+
+    before do
+      create(:identity_provider)
+      create(:identity_provider, id: id, domain: domain)
+    end
+
+    subject do
+      described_class.execute(
+        query,
+        variables: variables,
+        context: { scope: current_scope },
+      )
+    end
+
+    describe 'for an admin user' do
+      let(:current_scope) { :admin }
+      it 'returns Identity Provider for id' do
+        expect(subject['errors']).to be_nil
+        expect(subject.dig('data', 'identityProvider', 'id')).to eq(id)
+      end
+    end
+
+    describe 'for an email scoped user' do
+      let(:current_scope) { domain }
+
+      it 'returns Enterprise Account for domain' do
+        expect(subject['errors']).to be_nil
+        expect(subject.dig('data', 'identityProvider', 'domain')).to eq(domain)
+      end
+    end
+
+    describe 'for the wrong email scoped user' do
+      let(:current_scope) { 'bar.com' }
+      
+      it 'returns Enterprise Account for domain' do
+        expect(subject['errors']).to_not be_empty
+        expect(subject.dig('data', 'enterpriseAccount')).to be_nil
+      end
+    end
+  end
+end

data/spec/graphql/query/oauth_clients_account_spec.rb

@@ -0,0 +1,48 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+describe Osso::GraphQL::Schema do
+  describe 'OAuthClients' do
+    let(:query) do
+      <<~GRAPHQL
+        query OAuthClients {
+          oauthClients {
+            name
+            id
+          }
+        }
+      GRAPHQL
+    end
+
+    before do
+      create_list(:oauth_client, 2)
+    end
+
+    subject do
+      described_class.execute(
+        query,
+        variables: nil,
+        context: { scope: current_scope },
+      )
+    end
+
+    describe 'for an admin user' do
+      let(:current_scope) { :admin }
+
+      it 'returns Oauth Clients' do
+        expect(subject['errors']).to be_nil
+        expect(subject.dig('data', 'oauthClients').count).to eq(2)
+      end
+    end
+
+    describe 'for an email scoped user' do
+      let(:current_scope) { 'foo.com' }
+
+      it 'returns Oauth Clients' do
+        expect(subject['errors']).to be_nil
+        expect(subject.dig('data', 'oauthClients')).to be_nil
+      end
+    end
+  end
+end

data/spec/models/azure_saml_provider_spec.rb

@@ -2,18 +2,18 @@
 
 require 'spec_helper'
 
-describe Osso::Models::AzureSamlProvider do
-  subject { create(:azure_saml_provider) }
+# describe Osso::Models::AzureSamlProvider do
+#   subject { create(:azure_identity_provider) }
 
-  describe '#saml_options' do
-    it 'returns the required args' do
-      expect(subject.saml_options).
-        to match(
-          domain: subject.domain,
-          idp_cert: subject.idp_cert,
-          idp_sso_target_url: subject.idp_sso_target_url,
-          issuer: "id:#{subject.id}",
-        )
-    end
-  end
-end
+#   describe '#saml_options' do
+#     it 'returns the required args' do
+#       expect(subject.saml_options).
+#         to match(
+#           domain: subject.domain,
+#           idp_cert: subject.idp_cert,
+#           idp_sso_target_url: subject.idp_sso_target_url,
+#           issuer: "id:#{subject.id}",
+#         )
+#     end
+#   end
+# end

data/spec/models/identity_provider_spec.rb

@@ -0,0 +1,17 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+describe Osso::Models::IdentityProvider do
+  subject { create(:okta_identity_provider) }
+
+  describe '#assertion_consumer_service_url' do
+    it 'returns the expected URI' do
+      ENV['BASE_URL'] = 'https://example.com'
+
+      expect(subject.assertion_consumer_service_url).to eq(
+        "https://example.com/auth/saml/#{subject.id}/callback",
+      )
+    end
+  end
+end

data/spec/models/okta_saml_provider_spec.rb

@@ -2,19 +2,19 @@
 
 require 'spec_helper'
 
-describe Osso::Models::OktaSamlProvider do
-  subject { create(:okta_saml_provider) }
+# describe Osso::Models::OktaSamlProvider do
+#   subject { create(:okta_identity_provider) }
 
-  describe '#saml_options' do
-    it 'returns the required args' do
-      expect(subject.saml_options).
-        to match(
-          domain: subject.domain,
-          idp_cert: subject.idp_cert,
-          idp_sso_target_url: subject.idp_sso_target_url,
-          issuer: subject.id,
-          name_identifier_format: described_class::NAME_FORMAT,
-        )
-    end
-  end
-end
+#   describe '#saml_options' do
+#     it 'returns the required args' do
+#       expect(subject.saml_options).
+#         to match(
+#           domain: subject.domain,
+#           idp_cert: subject.idp_cert,
+#           idp_sso_target_url: subject.idp_sso_target_url,
+#           issuer: subject.id,
+#           name_identifier_format: described_class::NAME_FORMAT,
+#         )
+#     end
+#   end
+# end

data/spec/routes/admin_spec.rb

@@ -9,6 +9,7 @@ describe Osso::Admin do
   before do
     ENV['JWT_URL'] = jwt_url
     ENV['JWT_HMAC_SECRET'] = jwt_hmac_secret
+    described_class.set(:views, spec_views)
   end
 
   describe 'get /admin' do
@@ -24,7 +25,9 @@ describe Osso::Admin do
       get('/admin', token: SecureRandom.hex(32))
 
       expect(last_response).to be_redirect
+
       follow_redirect!
+
       expect(last_request.url).to eq(jwt_url)
     end
 

data/spec/routes/auth_spec.rb

@@ -6,7 +6,7 @@ describe Osso::Auth do
   describe 'post /auth/saml/:uuid/callback' do
     describe 'for an Okta SAML provider' do
       let(:enterprise) { create(:enterprise_with_okta) }
-      let(:okta_provider) { enterprise.saml_providers.first }
+      let(:okta_provider) { enterprise.identity_providers.first }
 
       describe "on the user's first authentication" do
         it 'creates a user' do
@@ -18,7 +18,7 @@ describe Osso::Auth do
               nil,
               {
                 'omniauth.auth' => OmniAuth.config.mock_auth[:saml],
-                'saml_provider' => okta_provider,
+                'identity_provider' => okta_provider,
               },
             )
           end.to change { Osso::Models::User.count }.by(1)
@@ -33,7 +33,7 @@ describe Osso::Auth do
               nil,
               {
                 'omniauth.auth' => OmniAuth.config.mock_auth[:saml],
-                'saml_provider' => okta_provider,
+                'identity_provider' => okta_provider,
               },
             )
           end.to change { Osso::Models::AuthorizationCode.count }.by(1)
@@ -42,8 +42,8 @@ describe Osso::Auth do
 
       describe 'on subsequent authentications' do
         let!(:enterprise) { create(:enterprise_with_okta) }
-        let!(:okta_provider) { enterprise.saml_providers.first }
-        let(:user) { create(:user, saml_provider_id: okta_provider.id) }
+        let!(:okta_provider) { enterprise.identity_providers.first }
+        let(:user) { create(:user, identity_provider_id: okta_provider.id) }
 
         before do
           mock_saml_omniauth(email: user.email, id: user.idp_id)
@@ -56,7 +56,7 @@ describe Osso::Auth do
               nil,
               {
                 'omniauth.auth' => OmniAuth.config.mock_auth[:saml],
-                'saml_provider' => okta_provider,
+                'identity_provider' => okta_provider,
               },
             )
           end.to_not(change { Osso::Models::User.count })
@@ -78,7 +78,7 @@ describe Osso::Auth do
               nil,
               {
                 'omniauth.auth' => OmniAuth.config.mock_auth[:saml],
-                'saml_provider' => azure_provider,
+                'identity_provider' => azure_provider,
               },
             )
           end.to change { Osso::Models::User.count }.by(1)
@@ -88,7 +88,7 @@ describe Osso::Auth do
       describe 'on subsequent authentications' do
         let!(:enterprise) { create(:enterprise_with_azure) }
         let!(:azure_provider) { enterprise.provider }
-        let(:user) { create(:user, saml_provider_id: azure_provider.id) }
+        let(:user) { create(:user, identity_provider_id: azure_provider.id) }
 
         before do
           mock_saml_omniauth(email: user.email, id: user.idp_id)
@@ -101,7 +101,7 @@ describe Osso::Auth do
               nil,
               {
                 'omniauth.auth' => OmniAuth.config.mock_auth[:saml],
-                'saml_provider' => azure_provider,
+                'identity_provider' => azure_provider,
               },
             )
           end.to_not(change { Osso::Models::User.count })

data/spec/routes/oauth_spec.rb

@@ -35,7 +35,7 @@ describe Osso::Oauth do
             redirect_uri: client.redirect_uri_values.sample,
           )
 
-          provider_id = enterprise.saml_providers.first.id
+          provider_id = enterprise.identity_providers.first.id
 
           expect(last_response).to be_redirect
           follow_redirect!

data/spec/spec_helper.rb

@@ -11,18 +11,17 @@ require 'webmock/rspec'
 
 ENV['RACK_ENV'] = 'test'
 ENV['SESSION_SECRET'] = 'supersecret'
+ENV['BASE_URL'] = 'https://example.com'
 
 require File.expand_path '../lib/osso.rb', __dir__
 
+require File.expand_path 'support/spec_app', __dir__
+
 module RSpecMixin
   include Rack::Test::Methods
 
   def app
-    Rack::URLMap.new(
-      '/admin' => Osso::Admin,
-      '/auth' => Osso::Auth,
-      '/oauth' => Osso::Oauth,
-    )
+    SpecApp
   end
 
   def mock_saml_omniauth(email: 'user@enterprise.com', id: SecureRandom.uuid)
@@ -40,6 +39,10 @@ module RSpecMixin
   def last_json_response
     JSON.parse(last_response.body, symbolize_names: true)
   end
+
+  def spec_views
+    File.dirname(__FILE__) + '/support/views'
+  end
 end
 
 RSpec.configure do |config|

data/spec/support/spec_app.rb

@@ -0,0 +1,9 @@
+# frozen_string_literal: true
+
+class SpecApp < Sinatra::Base
+  include Osso::RouteMap
+
+  get '/health' do
+    'ok'
+  end
+end

data/spec/support/views/admin.erb

@@ -0,0 +1,5 @@
+<%# 
+    NB: this file exists so that the admin routes have something to render in spec.
+    In real-world usage, those routes render an index.html file that includes the
+    React app.
+ %>

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: osso
 version: !ruby/object:Gem::Version
-  version: 0.0.3.3
+  version: 0.0.3.8
 platform: ruby
 authors:
 - Sam Bauch
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2020-07-09 00:00:00.000000000 Z
+date: 2020-07-23 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activesupport
@@ -24,6 +24,20 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: 6.0.3.2
+- !ruby/object:Gem::Dependency
+  name: graphql
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: jwt
   requirement: !ruby/object:Gem::Requirement
@@ -218,32 +232,58 @@ files:
 - bin/console
 - bin/setup
 - config/database.yml
+- db/schema.rb
 - lib/.DS_Store
 - lib/osso.rb
 - lib/osso/Rakefile
 - lib/osso/db/migrate/20190909230109_enable_uuid.rb
 - lib/osso/db/migrate/20200328135750_create_users.rb
 - lib/osso/db/migrate/20200328143303_create_oauth_tables.rb
-- lib/osso/db/migrate/20200411144528_create_saml_providers.rb
+- lib/osso/db/migrate/20200328143305_create_identity_providers.rb
 - lib/osso/db/migrate/20200411184535_add_provider_id_to_users.rb
 - lib/osso/db/migrate/20200411192645_create_enterprise_accounts.rb
 - lib/osso/db/migrate/20200413132407_add_oauth_clients.rb
 - lib/osso/db/migrate/20200413142511_create_authorization_codes.rb
-- lib/osso/db/migrate/20200413153029_add_oauth_client_reference_to_saml_providers.rb
 - lib/osso/db/migrate/20200413163451_create_access_tokens.rb
-- lib/osso/db/migrate/20200501203026_drop_null_constraints_from_saml_provider.rb
-- lib/osso/db/migrate/20200501204047_drop_acs_url.rb
 - lib/osso/db/migrate/20200502120616_create_redirect_uris_and_drop_from_oauth_clients.rb
-- lib/osso/db/migrate/20200502135008_add_oauth_client_id_to_enterprise_account.rb
-- lib/osso/db/migrate/20200601131227_drop_null_constraint_from_saml_providers_provider.rb
-- lib/osso/db/schema.rb
+- lib/osso/db/migrate/20200502135008_add_oauth_client_id_to_enterprise_accounts_and_identity_providers.rb
+- lib/osso/db/migrate/20200714223226_add_identity_provider_service_enum.rb
+- lib/osso/db/migrate/20200715154211_rename_idp_fields_on_identity_provider_to_sso.rb
+- lib/osso/db/migrate/20200715205801_add_name_to_enterprise_account.rb
+- lib/osso/db/migrate/20200722230116_add_identity_provider_status_enum_and_use_on_identity_providers.rb
+- lib/osso/graphql/.DS_Store
+- lib/osso/graphql/mutation.rb
+- lib/osso/graphql/mutations.rb
+- lib/osso/graphql/mutations/base_mutation.rb
+- lib/osso/graphql/mutations/configure_identity_provider.rb
+- lib/osso/graphql/mutations/create_enterprise_account.rb
+- lib/osso/graphql/mutations/create_identity_provider.rb
+- lib/osso/graphql/mutations/set_identity_provider.rb
+- lib/osso/graphql/query.rb
+- lib/osso/graphql/resolvers.rb
+- lib/osso/graphql/resolvers/enterprise_account.rb
+- lib/osso/graphql/resolvers/enterprise_accounts.rb
+- lib/osso/graphql/resolvers/oauth_clients.rb
+- lib/osso/graphql/schema.rb
+- lib/osso/graphql/types.rb
+- lib/osso/graphql/types/base_enum.rb
+- lib/osso/graphql/types/base_input_object.rb
+- lib/osso/graphql/types/base_object.rb
+- lib/osso/graphql/types/enterprise_account.rb
+- lib/osso/graphql/types/identity_provider.rb
+- lib/osso/graphql/types/identity_provider_service.rb
+- lib/osso/graphql/types/identity_provider_status.rb
+- lib/osso/graphql/types/oauth_client.rb
+- lib/osso/graphql/types/user.rb
 - lib/osso/helpers/auth.rb
 - lib/osso/helpers/helpers.rb
 - lib/osso/lib/app_config.rb
 - lib/osso/lib/oauth2_token.rb
+- lib/osso/lib/route_map.rb
 - lib/osso/models/access_token.rb
 - lib/osso/models/authorization_code.rb
 - lib/osso/models/enterprise_account.rb
+- lib/osso/models/identity_provider.rb
 - lib/osso/models/models.rb
 - lib/osso/models/oauth_client.rb
 - lib/osso/models/redirect_uri.rb
@@ -263,19 +303,27 @@ files:
 - osso-rb.gemspec
 - spec/factories/authorization_code.rb
 - spec/factories/enterprise_account.rb
+- spec/factories/identity_providers.rb
 - spec/factories/oauth_client.rb
 - spec/factories/redirect_uri.rb
-- spec/factories/saml_providers.rb
 - spec/factories/user.rb
+- spec/graphql/mutations/configure_identity_provider_spec.rb
+- spec/graphql/mutations/create_enterprise_account_spec.rb
+- spec/graphql/mutations/create_identity_provider_spec.rb
+- spec/graphql/query/enterprise_account_spec.rb
+- spec/graphql/query/enterprise_accounts_spec.rb
+- spec/graphql/query/identity_provider_spec.rb
+- spec/graphql/query/oauth_clients_account_spec.rb
 - spec/models/azure_saml_provider_spec.rb
+- spec/models/identity_provider_spec.rb
 - spec/models/okta_saml_provider_spec.rb
-- spec/models/saml_provider_spec.rb
 - spec/routes/admin_spec.rb
 - spec/routes/app_spec.rb
 - spec/routes/auth_spec.rb
 - spec/routes/oauth_spec.rb
 - spec/spec_helper.rb
-- spec/support/vcr_cassettes/okta_saml_callback.yml
+- spec/support/spec_app.rb
+- spec/support/views/admin.erb
 homepage: https://github.com/enterprise-oss/osso-rb
 licenses:
 - MIT