osso 0.0.3.5 → 0.0.3.6

data/spec/models/okta_saml_provider_spec.rb

@@ -2,19 +2,19 @@
 
 require 'spec_helper'
 
-describe Osso::Models::OktaSamlProvider do
-  subject { create(:okta_saml_provider) }
+# describe Osso::Models::OktaSamlProvider do
+#   subject { create(:okta_identity_provider) }
 
-  describe '#saml_options' do
-    it 'returns the required args' do
-      expect(subject.saml_options).
-        to match(
-          domain: subject.domain,
-          idp_cert: subject.idp_cert,
-          idp_sso_target_url: subject.idp_sso_target_url,
-          issuer: subject.id,
-          name_identifier_format: described_class::NAME_FORMAT,
-        )
-    end
-  end
-end
+#   describe '#saml_options' do
+#     it 'returns the required args' do
+#       expect(subject.saml_options).
+#         to match(
+#           domain: subject.domain,
+#           idp_cert: subject.idp_cert,
+#           idp_sso_target_url: subject.idp_sso_target_url,
+#           issuer: subject.id,
+#           name_identifier_format: described_class::NAME_FORMAT,
+#         )
+#     end
+#   end
+# end

data/spec/routes/auth_spec.rb

@@ -6,7 +6,7 @@ describe Osso::Auth do
   describe 'post /auth/saml/:uuid/callback' do
     describe 'for an Okta SAML provider' do
       let(:enterprise) { create(:enterprise_with_okta) }
-      let(:okta_provider) { enterprise.saml_providers.first }
+      let(:okta_provider) { enterprise.identity_providers.first }
 
       describe "on the user's first authentication" do
         it 'creates a user' do
@@ -18,7 +18,7 @@ describe Osso::Auth do
               nil,
               {
                 'omniauth.auth' => OmniAuth.config.mock_auth[:saml],
-                'saml_provider' => okta_provider,
+                'identity_provider' => okta_provider,
               },
             )
           end.to change { Osso::Models::User.count }.by(1)
@@ -33,7 +33,7 @@ describe Osso::Auth do
               nil,
               {
                 'omniauth.auth' => OmniAuth.config.mock_auth[:saml],
-                'saml_provider' => okta_provider,
+                'identity_provider' => okta_provider,
               },
             )
           end.to change { Osso::Models::AuthorizationCode.count }.by(1)
@@ -42,8 +42,8 @@ describe Osso::Auth do
 
       describe 'on subsequent authentications' do
         let!(:enterprise) { create(:enterprise_with_okta) }
-        let!(:okta_provider) { enterprise.saml_providers.first }
-        let(:user) { create(:user, saml_provider_id: okta_provider.id) }
+        let!(:okta_provider) { enterprise.identity_providers.first }
+        let(:user) { create(:user, identity_provider_id: okta_provider.id) }
 
         before do
           mock_saml_omniauth(email: user.email, id: user.idp_id)
@@ -56,7 +56,7 @@ describe Osso::Auth do
               nil,
               {
                 'omniauth.auth' => OmniAuth.config.mock_auth[:saml],
-                'saml_provider' => okta_provider,
+                'identity_provider' => okta_provider,
               },
             )
           end.to_not(change { Osso::Models::User.count })
@@ -78,7 +78,7 @@ describe Osso::Auth do
               nil,
               {
                 'omniauth.auth' => OmniAuth.config.mock_auth[:saml],
-                'saml_provider' => azure_provider,
+                'identity_provider' => azure_provider,
               },
             )
           end.to change { Osso::Models::User.count }.by(1)
@@ -88,7 +88,7 @@ describe Osso::Auth do
       describe 'on subsequent authentications' do
         let!(:enterprise) { create(:enterprise_with_azure) }
         let!(:azure_provider) { enterprise.provider }
-        let(:user) { create(:user, saml_provider_id: azure_provider.id) }
+        let(:user) { create(:user, identity_provider_id: azure_provider.id) }
 
         before do
           mock_saml_omniauth(email: user.email, id: user.idp_id)
@@ -101,7 +101,7 @@ describe Osso::Auth do
               nil,
               {
                 'omniauth.auth' => OmniAuth.config.mock_auth[:saml],
-                'saml_provider' => azure_provider,
+                'identity_provider' => azure_provider,
               },
             )
           end.to_not(change { Osso::Models::User.count })

data/spec/routes/oauth_spec.rb

@@ -35,7 +35,7 @@ describe Osso::Oauth do
             redirect_uri: client.redirect_uri_values.sample,
           )
 
-          provider_id = enterprise.saml_providers.first.id
+          provider_id = enterprise.identity_providers.first.id
 
           expect(last_response).to be_redirect
           follow_redirect!

data/spec/spec_helper.rb

@@ -11,6 +11,7 @@ require 'webmock/rspec'
 
 ENV['RACK_ENV'] = 'test'
 ENV['SESSION_SECRET'] = 'supersecret'
+ENV['BASE_URL'] = 'https://example.com'
 
 require File.expand_path '../lib/osso.rb', __dir__
 

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: osso
 version: !ruby/object:Gem::Version
-  version: 0.0.3.5
+  version: 0.0.3.6
 platform: ruby
 authors:
 - Sam Bauch
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2020-07-10 00:00:00.000000000 Z
+date: 2020-07-16 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activesupport
@@ -239,26 +239,25 @@ files:
 - lib/osso/db/migrate/20190909230109_enable_uuid.rb
 - lib/osso/db/migrate/20200328135750_create_users.rb
 - lib/osso/db/migrate/20200328143303_create_oauth_tables.rb
-- lib/osso/db/migrate/20200411144528_create_saml_providers.rb
+- lib/osso/db/migrate/20200328143305_create_identity_providers.rb
 - lib/osso/db/migrate/20200411184535_add_provider_id_to_users.rb
 - lib/osso/db/migrate/20200411192645_create_enterprise_accounts.rb
 - lib/osso/db/migrate/20200413132407_add_oauth_clients.rb
 - lib/osso/db/migrate/20200413142511_create_authorization_codes.rb
-- lib/osso/db/migrate/20200413153029_add_oauth_client_reference_to_saml_providers.rb
 - lib/osso/db/migrate/20200413163451_create_access_tokens.rb
-- lib/osso/db/migrate/20200501203026_drop_null_constraints_from_saml_provider.rb
-- lib/osso/db/migrate/20200501204047_drop_acs_url.rb
 - lib/osso/db/migrate/20200502120616_create_redirect_uris_and_drop_from_oauth_clients.rb
-- lib/osso/db/migrate/20200502135008_add_oauth_client_id_to_enterprise_account.rb
-- lib/osso/db/migrate/20200601131227_drop_null_constraint_from_saml_providers_provider.rb
-- lib/osso/db/schema.rb
+- lib/osso/db/migrate/20200502135008_add_oauth_client_id_to_enterprise_accounts_and_identity_providers.rb
+- lib/osso/db/migrate/20200714223226_add_identity_provider_service_enum.rb
+- lib/osso/db/migrate/20200715154211_rename_idp_fields_on_identity_provider_to_sso.rb
+- lib/osso/db/migrate/20200715205801_add_name_to_enterprise_account.rb
 - lib/osso/graphql/.DS_Store
 - lib/osso/graphql/mutation.rb
 - lib/osso/graphql/mutations.rb
 - lib/osso/graphql/mutations/base_mutation.rb
 - lib/osso/graphql/mutations/configure_identity_provider.rb
+- lib/osso/graphql/mutations/create_enterprise_account.rb
 - lib/osso/graphql/mutations/create_identity_provider.rb
-- lib/osso/graphql/mutations/set_saml_provider.rb
+- lib/osso/graphql/mutations/set_identity_provider.rb
 - lib/osso/graphql/query.rb
 - lib/osso/graphql/resolvers.rb
 - lib/osso/graphql/resolvers/enterprise_account.rb
@@ -267,6 +266,7 @@ files:
 - lib/osso/graphql/schema.rb
 - lib/osso/graphql/types.rb
 - lib/osso/graphql/types/base_enum.rb
+- lib/osso/graphql/types/base_input_object.rb
 - lib/osso/graphql/types/base_object.rb
 - lib/osso/graphql/types/enterprise_account.rb
 - lib/osso/graphql/types/identity_provider.rb
@@ -281,6 +281,7 @@ files:
 - lib/osso/models/access_token.rb
 - lib/osso/models/authorization_code.rb
 - lib/osso/models/enterprise_account.rb
+- lib/osso/models/identity_provider.rb
 - lib/osso/models/models.rb
 - lib/osso/models/oauth_client.rb
 - lib/osso/models/redirect_uri.rb
@@ -300,13 +301,20 @@ files:
 - osso-rb.gemspec
 - spec/factories/authorization_code.rb
 - spec/factories/enterprise_account.rb
+- spec/factories/identity_providers.rb
 - spec/factories/oauth_client.rb
 - spec/factories/redirect_uri.rb
-- spec/factories/saml_providers.rb
 - spec/factories/user.rb
+- spec/graphql/mutations/configure_identity_provider_spec.rb
+- spec/graphql/mutations/create_enterprise_account_spec.rb
+- spec/graphql/mutations/create_identity_provider_spec.rb
+- spec/graphql/query/enterprise_account_spec.rb
+- spec/graphql/query/enterprise_accounts_spec.rb
+- spec/graphql/query/identity_provider_spec.rb
+- spec/graphql/query/oauth_clients_account_spec.rb
 - spec/models/azure_saml_provider_spec.rb
+- spec/models/identity_provider_spec.rb
 - spec/models/okta_saml_provider_spec.rb
-- spec/models/saml_provider_spec.rb
 - spec/routes/admin_spec.rb
 - spec/routes/app_spec.rb
 - spec/routes/auth_spec.rb

data/lib/osso/db/migrate/20200411144528_create_saml_providers.rb

@@ -1,13 +0,0 @@
-class CreateSamlProviders < ActiveRecord::Migration[6.0]
-  def change
-    create_table :saml_providers, id: :uuid do |t|
-      t.string  :provider,  null: false
-      t.string  :domain, null: false
-      t.string :idp_sso_target_url, null: false
-      t.text :idp_cert, null: false
-      t.string :assertion_consumer_service_url
-    end
-
-    add_index :saml_providers, [:domain, :provider], unique: true
-  end
-end

data/lib/osso/db/migrate/20200413153029_add_oauth_client_reference_to_saml_providers.rb

@@ -1,5 +0,0 @@
-class AddOauthClientReferenceToSamlProviders < ActiveRecord::Migration[6.0]
-  def change
-    add_reference :saml_providers, :oauth_client, type: :uuid, index: true
-  end
-end

data/lib/osso/db/migrate/20200501203026_drop_null_constraints_from_saml_provider.rb

@@ -1,7 +0,0 @@
-class DropNullConstraintsFromSamlProvider < ActiveRecord::Migration[6.0]
-  def change
-    change_column :saml_providers, :idp_sso_target_url, :string, null: true
-    change_column :saml_providers, :idp_cert, :text, null: true
-    change_column :saml_providers, :assertion_consumer_service_url, :string, null: false
-  end
-end

data/lib/osso/db/migrate/20200501204047_drop_acs_url.rb

@@ -1,5 +0,0 @@
-class DropAcsUrl < ActiveRecord::Migration[6.0]
-  def change
-    remove_column :saml_providers, :assertion_consumer_service_url
-  end
-end

data/lib/osso/db/migrate/20200502135008_add_oauth_client_id_to_enterprise_account.rb

@@ -1,5 +0,0 @@
-class AddOauthClientIdToEnterpriseAccount < ActiveRecord::Migration[6.0]
-  def change
-    add_reference :enterprise_accounts, :oauth_client, type: :uuid, index: true
-  end
-end

data/lib/osso/db/migrate/20200601131227_drop_null_constraint_from_saml_providers_provider.rb

@@ -1,7 +0,0 @@
-# frozen_string_literal: true
-
-class DropNullConstraintFromSamlProvidersProvider < ActiveRecord::Migration[6.0]
-  def change
-    change_column :saml_providers, :provider, :string, null: true
-  end
-end

data/lib/osso/db/schema.rb

@@ -1,132 +0,0 @@
-# This file is auto-generated from the current state of the database. Instead
-# of editing this file, please use the migrations feature of Active Record to
-# incrementally modify your database, and then regenerate this schema definition.
-#
-# This file is the source Rails uses to define your schema when running `rails
-# db:schema:load`. When creating a new database, `rails db:schema:load` tends to
-# be faster and is potentially less error prone than running all of your
-# migrations from scratch. Old migrations may fail to apply correctly if those
-# migrations use external dependencies or application code.
-#
-# It's strongly recommended that you check this file into your version control system.
-
-ActiveRecord::Schema.define(version: 2020_05_02_135008) do
-
-  # These are extensions that must be enabled in order to support this database
-  enable_extension "pgcrypto"
-  enable_extension "plpgsql"
-
-  create_table "access_tokens", id: :uuid, default: -> { "gen_random_uuid()" }, force: :cascade do |t|
-    t.string "token"
-    t.datetime "expires_at"
-    t.datetime "created_at", precision: 6, null: false
-    t.datetime "updated_at", precision: 6, null: false
-    t.uuid "user_id"
-    t.uuid "oauth_client_id"
-    t.index ["oauth_client_id"], name: "index_access_tokens_on_oauth_client_id"
-    t.index ["user_id"], name: "index_access_tokens_on_user_id"
-  end
-
-  create_table "authorization_codes", id: :uuid, default: -> { "gen_random_uuid()" }, force: :cascade do |t|
-    t.string "token"
-    t.string "redirect_uri"
-    t.datetime "expires_at"
-    t.datetime "created_at", precision: 6, null: false
-    t.datetime "updated_at", precision: 6, null: false
-    t.uuid "user_id"
-    t.uuid "oauth_client_id"
-    t.index ["oauth_client_id"], name: "index_authorization_codes_on_oauth_client_id"
-    t.index ["token"], name: "index_authorization_codes_on_token", unique: true
-    t.index ["user_id"], name: "index_authorization_codes_on_user_id"
-  end
-
-  create_table "enterprise_accounts", id: :uuid, default: -> { "gen_random_uuid()" }, force: :cascade do |t|
-    t.string "domain", null: false
-    t.uuid "external_uuid"
-    t.integer "external_int_id"
-    t.string "external_id"
-    t.uuid "oauth_client_id"
-    t.index ["domain"], name: "index_enterprise_accounts_on_domain", unique: true
-    t.index ["oauth_client_id"], name: "index_enterprise_accounts_on_oauth_client_id"
-  end
-
-  create_table "oauth_access_grants", id: :uuid, default: -> { "gen_random_uuid()" }, force: :cascade do |t|
-    t.uuid "resource_owner_id", null: false
-    t.uuid "application_id", null: false
-    t.string "token", null: false
-    t.integer "expires_in", null: false
-    t.text "redirect_uri", null: false
-    t.datetime "created_at", null: false
-    t.datetime "revoked_at"
-    t.string "scopes", default: "", null: false
-    t.index ["application_id"], name: "index_oauth_access_grants_on_application_id"
-    t.index ["token"], name: "index_oauth_access_grants_on_token", unique: true
-  end
-
-  create_table "oauth_access_tokens", id: :uuid, default: -> { "gen_random_uuid()" }, force: :cascade do |t|
-    t.uuid "resource_owner_id"
-    t.uuid "application_id"
-    t.string "token", null: false
-    t.string "refresh_token"
-    t.integer "expires_in"
-    t.datetime "revoked_at"
-    t.datetime "created_at", null: false
-    t.string "scopes"
-    t.string "previous_refresh_token", default: "", null: false
-    t.index ["application_id"], name: "index_oauth_access_tokens_on_application_id"
-    t.index ["refresh_token"], name: "index_oauth_access_tokens_on_refresh_token", unique: true
-    t.index ["token"], name: "index_oauth_access_tokens_on_token", unique: true
-  end
-
-  create_table "oauth_applications", id: :uuid, default: -> { "gen_random_uuid()" }, force: :cascade do |t|
-    t.string "name", null: false
-    t.string "secret", null: false
-    t.text "redirect_uri", null: false
-    t.string "scopes", default: "", null: false
-    t.boolean "confidential", default: true, null: false
-    t.datetime "created_at", precision: 6, null: false
-    t.datetime "updated_at", precision: 6, null: false
-  end
-
-  create_table "oauth_clients", id: :uuid, default: -> { "gen_random_uuid()" }, force: :cascade do |t|
-    t.string "name", null: false
-    t.string "secret", null: false
-    t.string "identifier", null: false
-    t.index ["identifier"], name: "index_oauth_clients_on_identifier", unique: true
-  end
-
-  create_table "redirect_uris", id: :uuid, default: -> { "gen_random_uuid()" }, force: :cascade do |t|
-    t.string "uri", null: false
-    t.boolean "primary", default: false, null: false
-    t.uuid "oauth_client_id"
-    t.index ["oauth_client_id"], name: "index_redirect_uris_on_oauth_client_id"
-    t.index ["uri", "primary"], name: "index_redirect_uris_on_uri_and_primary", unique: true
-  end
-
-  create_table "saml_providers", id: :uuid, default: -> { "gen_random_uuid()" }, force: :cascade do |t|
-    t.string "provider", null: false
-    t.string "domain", null: false
-    t.string "idp_sso_target_url"
-    t.text "idp_cert"
-    t.uuid "enterprise_account_id"
-    t.uuid "oauth_client_id"
-    t.index ["domain", "provider"], name: "index_saml_providers_on_domain_and_provider", unique: true
-    t.index ["enterprise_account_id"], name: "index_saml_providers_on_enterprise_account_id"
-    t.index ["oauth_client_id"], name: "index_saml_providers_on_oauth_client_id"
-  end
-
-  create_table "users", id: :uuid, default: -> { "gen_random_uuid()" }, force: :cascade do |t|
-    t.string "email", null: false
-    t.string "idp_id", null: false
-    t.uuid "saml_provider_id"
-    t.uuid "enterprise_account_id"
-    t.index ["email", "idp_id"], name: "index_users_on_email_and_idp_id", unique: true
-    t.index ["enterprise_account_id"], name: "index_users_on_enterprise_account_id"
-  end
-
-  add_foreign_key "oauth_access_grants", "oauth_applications", column: "application_id"
-  add_foreign_key "oauth_access_grants", "users", column: "resource_owner_id"
-  add_foreign_key "oauth_access_tokens", "oauth_applications", column: "application_id"
-  add_foreign_key "oauth_access_tokens", "users", column: "resource_owner_id"
-  add_foreign_key "users", "saml_providers"
-end

data/spec/factories/saml_providers.rb

@@ -1,46 +0,0 @@
-# frozen_string_literal: true
-
-FactoryBot.define do
-  factory :saml_provider, class: Osso::Models::SamlProvider do
-    id { SecureRandom.uuid }
-    domain { Faker::Internet.domain_name }
-    oauth_client
-    idp_cert do
-      <<~CERT
-        -----BEGIN CERTIFICATE-----
-        MIIDpDCCAoygAwIBAgIGAXEiD4LlMA0GCSqGSIb3DQEBCwUAMIGSMQswCQYDVQQGEwJVUzETMBEG
-        A1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwNU2FuIEZyYW5jaXNjbzENMAsGA1UECgwET2t0YTEU
-        MBIGA1UECwwLU1NPUHJvdmlkZXIxEzARBgNVBAMMCmRldi0xNjIwMjQxHDAaBgkqhkiG9w0BCQEW
-        DWluZm9Ab2t0YS5jb20wHhcNMjAwMzI4MTY1MTU0WhcNMzAwMzI4MTY1MjU0WjCBkjELMAkGA1UE
-        BhMCVVMxEzARBgNVBAgMCkNhbGlmb3JuaWExFjAUBgNVBAcMDVNhbiBGcmFuY2lzY28xDTALBgNV
-        BAoMBE9rdGExFDASBgNVBAsMC1NTT1Byb3ZpZGVyMRMwEQYDVQQDDApkZXYtMTYyMDI0MRwwGgYJ
-        KoZIhvcNAQkBFg1pbmZvQG9rdGEuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
-        wsnP4UTfv3bxR5Jh0at51Dqjj+fKxFznzFW3XA5NbF2SlRLjeYcvj3+47TC0eP6xOsLWfnvdnx4v
-        dd9Ufn7jDCo5pL3JykMVEh2I0szF3RLC+a532ArcwgU9Px48+rWVwPkASS7l4NHAM4+gOBHJMQt2
-        AMohPT0kU41P8BEPzfwhNyiEXR66JNZIJUE8fM3Vpgnxm/VSwYzJf0NfOyfxv8JczF0zkDbpE7Tk
-        3Ww/PFFLoMxWzanWGJQ+blnhv6UV6H4fcfAbcwAplOdIVHjS2ghYBvYNGahuFxjia0+6csyZGrt8
-        H4XmR5Dr+jXY5K1b1VOA0k19/FCnHHN/smn25wIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQBgD9NE
-        4OCuR1+vucV8S1T6XXIL2hB7bXBAZEVHZ1aErRzktgXAMgVwG267vIkD5VOXBiTy9yNU5LK6G3k2
-        zewU190sL1dMfyPnoVZyn94nvwe9A+on0tmZdmk00xirKk3FJdacnZNE9Dl/afIrcNf6xAm0WsU9
-        kbMiRwwvjO4TAiygDQzbrRC8ZfmT3hpBa3aTUzAccrvEQcgarLk4r7UjXP7a2mCN3UIIh+snN2Ms
-        vXHL0r6fM3xbniz+5lleWtPFw73yySBc8znkWZ4Tn8Lh0r6o5nCRYbr2REUB7ZIfiIyBbZxIp4kv
-        a+habbnQDFiNVzEd8OPXHh4EqLxOPDRW
-        -----END CERTIFICATE-----
-      CERT
-    end
-
-    factory :okta_saml_provider, parent: :saml_provider, class: Osso::Models::OktaSamlProvider do
-      provider { 'Osso::Models::OktaSamlProvider' }
-      idp_sso_target_url do
-        'https://dev-162024.okta.com/app/vcardmedev162024_rubydemo2_1/exk51326b3U1941Hf4x6/sso/saml'
-      end
-    end
-
-    factory :azure_saml_provider, parent: :saml_provider, class: Osso::Models::AzureSamlProvider do
-      provider { 'Osso::Models::AzureSamlProvider' }
-      idp_sso_target_url do
-        'https://login.microsoftonline.com/0af6c610-c40c-4683-9ea4-f25e509b8172/saml2'
-      end
-    end
-  end
-end

data/spec/models/saml_provider_spec.rb

@@ -1,31 +0,0 @@
-# frozen_string_literal: true
-
-require 'spec_helper'
-
-describe Osso::Models::SamlProvider do
-  subject { create(:okta_saml_provider) }
-
-  describe '.create' do
-    it 'creates an enterprise account' do
-      domain = Faker::Internet.domain_name
-
-      provider = described_class.create(
-        domain: domain,
-        provider: 'Osso::Models::OktaSamlProvider',
-      )
-
-      expect(provider.enterprise_account).to be_a(Osso::Models::EnterpriseAccount)
-      expect(provider.enterprise_account.domain).to eq(domain)
-    end
-  end
-
-  describe '#assertion_consumer_service_url' do
-    it 'returns the expected URI' do
-      ENV['BASE_URL'] = 'https://example.com'
-
-      expect(subject.assertion_consumer_service_url).to eq(
-        "https://example.com/auth/saml/#{subject.id}/callback",
-      )
-    end
-  end
-end