osso 0.0.3.8 → 0.0.3.13

Sign up to get free protection for your applications and to get access to all the features.
Files changed (52) hide show
  1. checksums.yaml +4 -4
  2. data/.buildkite/pipeline.yml +5 -3
  3. data/Gemfile.lock +5 -1
  4. data/bin/annotate +1 -0
  5. data/db/schema.rb +9 -43
  6. data/lib/osso/db/migrate/20200723153750_add_missing_timestamps.rb +35 -0
  7. data/lib/osso/db/migrate/20200723162228_drop_unneeded_tables.rb +9 -0
  8. data/lib/osso/graphql/mutation.rb +7 -1
  9. data/lib/osso/graphql/mutations.rb +5 -1
  10. data/lib/osso/graphql/mutations/configure_identity_provider.rb +1 -1
  11. data/lib/osso/graphql/mutations/create_oauth_client.rb +30 -0
  12. data/lib/osso/graphql/mutations/delete_enterprise_account.rb +34 -0
  13. data/lib/osso/graphql/mutations/delete_oauth_client.rb +30 -0
  14. data/lib/osso/graphql/mutations/regenerate_oauth_credentials.rb +31 -0
  15. data/lib/osso/graphql/mutations/set_redirect_uris.rb +54 -0
  16. data/lib/osso/graphql/query.rb +15 -2
  17. data/lib/osso/graphql/resolvers/enterprise_accounts.rb +12 -4
  18. data/lib/osso/graphql/resolvers/oauth_clients.rb +1 -1
  19. data/lib/osso/graphql/types.rb +3 -0
  20. data/lib/osso/graphql/types/base_connection.rb +15 -0
  21. data/lib/osso/graphql/types/base_object.rb +4 -0
  22. data/lib/osso/graphql/types/oauth_client.rb +14 -1
  23. data/lib/osso/graphql/types/redirect_uri.rb +23 -0
  24. data/lib/osso/graphql/types/redirect_uri_input.rb +16 -0
  25. data/lib/osso/helpers/auth.rb +13 -12
  26. data/lib/osso/models/access_token.rb +18 -0
  27. data/lib/osso/models/authorization_code.rb +20 -0
  28. data/lib/osso/models/enterprise_account.rb +20 -0
  29. data/lib/osso/models/identity_provider.rb +22 -1
  30. data/lib/osso/models/models.rb +2 -0
  31. data/lib/osso/models/oauth_client.rb +20 -6
  32. data/lib/osso/models/redirect_uri.rb +17 -0
  33. data/lib/osso/models/user.rb +22 -0
  34. data/lib/osso/routes/admin.rb +6 -0
  35. data/lib/osso/routes/auth.rb +2 -2
  36. data/lib/osso/version.rb +1 -1
  37. data/osso-rb.gemspec +1 -0
  38. data/spec/factories/identity_providers.rb +22 -0
  39. data/spec/graphql/mutations/configure_identity_provider_spec.rb +1 -1
  40. data/spec/graphql/mutations/create_oauth_client_spec.rb +55 -0
  41. data/spec/graphql/mutations/delete_enterprise_account_spec.rb +63 -0
  42. data/spec/graphql/mutations/delete_oauth_client_spec.rb +51 -0
  43. data/spec/graphql/query/enterprise_accounts_spec.rb +32 -18
  44. data/spec/graphql/query/identity_provider_spec.rb +1 -1
  45. data/spec/graphql/query/{oauth_clients_account_spec.rb → oauth_clients_spec.rb} +2 -0
  46. data/spec/routes/auth_spec.rb +25 -0
  47. metadata +32 -8
  48. data/lib/osso/db/migrate/20200328143303_create_oauth_tables.rb +0 -57
  49. data/lib/osso/graphql/mutations/set_identity_provider.rb +0 -27
  50. data/lib/osso/models/saml_provider.rb +0 -49
  51. data/lib/osso/models/saml_providers/azure_saml_provider.rb +0 -22
  52. data/lib/osso/models/saml_providers/okta_saml_provider.rb +0 -23
@@ -28,6 +28,7 @@ Gem::Specification.new do |spec|
28
28
  spec.add_runtime_dependency 'sinatra-activerecord'
29
29
  spec.add_runtime_dependency 'sinatra-contrib'
30
30
 
31
+ spec.add_development_dependency 'annotate', '~> 3.1'
31
32
  spec.add_development_dependency 'bundler', '~> 2.1'
32
33
  spec.add_development_dependency 'pry'
33
34
 
@@ -47,3 +47,25 @@ FactoryBot.define do
47
47
  end
48
48
  end
49
49
  end
50
+
51
+ # == Schema Information
52
+ #
53
+ # Table name: identity_providers
54
+ #
55
+ # id :uuid not null, primary key
56
+ # service :string
57
+ # domain :string not null
58
+ # sso_url :string
59
+ # sso_cert :text
60
+ # enterprise_account_id :uuid
61
+ # oauth_client_id :uuid
62
+ # status :enum default("PENDING")
63
+ # created_at :datetime
64
+ # updated_at :datetime
65
+ #
66
+ # Indexes
67
+ #
68
+ # index_identity_providers_on_domain (domain)
69
+ # index_identity_providers_on_enterprise_account_id (enterprise_account_id)
70
+ # index_identity_providers_on_oauth_client_id (oauth_client_id)
71
+ #
@@ -47,7 +47,7 @@ describe Osso::GraphQL::Schema do
47
47
  let(:current_scope) { :admin }
48
48
  it 'configures an identity provider' do
49
49
  expect(subject.dig('data', 'configureIdentityProvider', 'identityProvider', 'status')).
50
- to eq('configured')
50
+ to eq('Configured')
51
51
  end
52
52
  end
53
53
 
@@ -0,0 +1,55 @@
1
+ # frozen_string_literal: true
2
+
3
+ require 'spec_helper'
4
+
5
+ describe Osso::GraphQL::Schema do
6
+ describe 'CreateOauthClient' do
7
+ let(:variables) do
8
+ {
9
+ input: {
10
+ name: Faker::Company.name,
11
+ },
12
+ }
13
+ end
14
+
15
+ let(:mutation) do
16
+ <<~GRAPHQL
17
+ mutation CreateOauthClient($input: CreateOauthClientInput!) {
18
+ createOauthClient(input: $input) {
19
+ oauthClient {
20
+ id
21
+ name
22
+ clientId
23
+ clientSecret
24
+ }
25
+ }
26
+ }
27
+ GRAPHQL
28
+ end
29
+
30
+ subject do
31
+ described_class.execute(
32
+ mutation,
33
+ variables: variables,
34
+ context: { scope: current_scope },
35
+ )
36
+ end
37
+
38
+ describe 'for an admin user' do
39
+ let(:current_scope) { :admin }
40
+ it 'creates an OauthClient' do
41
+ expect { subject }.to change { Osso::Models::OauthClient.count }.by(1)
42
+ expect(subject.dig('data', 'createOauthClient', 'oauthClient', 'clientId')).
43
+ to_not be_nil
44
+ end
45
+ end
46
+
47
+ describe 'for an email scoped user' do
48
+ let(:current_scope) { 'foo.com' }
49
+
50
+ it 'does not create an OauthClient Account' do
51
+ expect { subject }.to_not(change { Osso::Models::OauthClient.count })
52
+ end
53
+ end
54
+ end
55
+ end
@@ -0,0 +1,63 @@
1
+ # frozen_string_literal: true
2
+
3
+ require 'spec_helper'
4
+
5
+ describe Osso::GraphQL::Schema do
6
+ describe 'DeleteEnterpriseAccount' do
7
+ let(:domain) { Faker::Internet.domain_name }
8
+ let!(:enterprise_account) { create(:enterprise_account, domain: domain) }
9
+ let(:variables) do
10
+ {
11
+ input: {
12
+ id: enterprise_account.id,
13
+ },
14
+ }
15
+ end
16
+
17
+ let(:mutation) do
18
+ <<~GRAPHQL
19
+ mutation DeleteEnterpriseAccount($input: DeleteEnterpriseAccountInput!) {
20
+ deleteEnterpriseAccount(input: $input) {
21
+ enterpriseAccount {
22
+ id
23
+ }
24
+ }
25
+ }
26
+ GRAPHQL
27
+ end
28
+
29
+ subject do
30
+ described_class.execute(
31
+ mutation,
32
+ variables: variables,
33
+ context: { scope: current_scope },
34
+ )
35
+ end
36
+
37
+ describe 'for an admin user' do
38
+ let(:current_scope) { :admin }
39
+ it 'deletes an Enterprise Account' do
40
+ expect { subject }.to change { Osso::Models::EnterpriseAccount.count }.by(-1)
41
+ expect(subject.dig('data', 'createEnterpriseAccount', 'enterpriseAccount')).
42
+ to be_nil
43
+ end
44
+ end
45
+
46
+ describe 'for an email scoped user' do
47
+ let(:current_scope) { domain }
48
+
49
+ it 'deletes the Enterprise Account' do
50
+ expect { subject }.to change { Osso::Models::EnterpriseAccount.count }.by(-1)
51
+ expect(subject.dig('data', 'createEnterpriseAccount', 'enterpriseAccount')).
52
+ to be_nil
53
+ end
54
+ end
55
+ describe 'for the wrong email scoped user' do
56
+ let(:current_scope) { 'foo.com' }
57
+
58
+ it 'does not delete the Enterprise Account' do
59
+ expect { subject }.to_not(change { Osso::Models::EnterpriseAccount.count })
60
+ end
61
+ end
62
+ end
63
+ end
@@ -0,0 +1,51 @@
1
+ # frozen_string_literal: true
2
+
3
+ require 'spec_helper'
4
+
5
+ describe Osso::GraphQL::Schema do
6
+ describe 'DeleteOauthClient' do
7
+ let!(:oauth_client) { create(:oauth_client) }
8
+ let(:variables) do
9
+ {
10
+ input: {
11
+ id: oauth_client.id,
12
+ },
13
+ }
14
+ end
15
+
16
+ let(:mutation) do
17
+ <<~GRAPHQL
18
+ mutation DeleteOauthClient($input: DeleteOauthClientInput!) {
19
+ deleteOauthClient(input: $input) {
20
+ oauthClient {
21
+ id
22
+ }
23
+ }
24
+ }
25
+ GRAPHQL
26
+ end
27
+
28
+ subject do
29
+ described_class.execute(
30
+ mutation,
31
+ variables: variables,
32
+ context: { scope: current_scope },
33
+ )
34
+ end
35
+
36
+ describe 'for an admin user' do
37
+ let(:current_scope) { :admin }
38
+ it 'deletes the OauthClient' do
39
+ expect { subject }.to change { Osso::Models::OauthClient.count }.by(-1)
40
+ end
41
+ end
42
+
43
+ describe 'for an email scoped user' do
44
+ let(:current_scope) { 'foo.com' }
45
+
46
+ it 'does not create an OauthClient Account' do
47
+ expect { subject }.to_not(change { Osso::Models::OauthClient.count })
48
+ end
49
+ end
50
+ end
51
+ end
@@ -7,37 +7,51 @@ describe Osso::GraphQL::Schema do
7
7
  describe 'for an admin user' do
8
8
  let(:current_scope) { :admin }
9
9
 
10
- it 'returns Enterprise Accounts' do
11
- create_list(:enterprise_account, 2)
10
+ it 'returns paginated Enterprise Accounts' do
11
+ %w[A B C].map do |name|
12
+ create(:enterprise_account, name: name)
13
+ end
12
14
 
13
15
  query = <<~GRAPHQL
14
- query EnterpriseAccounts {
15
- enterpriseAccounts {
16
- domain
17
- id
18
- identityProviders {
19
- id
20
- service
21
- domain
22
- acsUrl
23
- ssoCert
24
- ssoUrl
25
- status
16
+ query EnterpriseAccounts($first: Int, $sortColumn: String, $sortOrder: String) {
17
+ enterpriseAccounts(first: $first, sortColumn: $sortColumn, sortOrder: $sortOrder) {
18
+ pageInfo {
19
+ hasNextPage
20
+ endCursor
21
+ }
22
+ totalCount
23
+ edges {
24
+ node {
25
+ domain
26
+ id
27
+ identityProviders {
28
+ id
29
+ service
30
+ domain
31
+ acsUrl
32
+ ssoCert
33
+ ssoUrl
34
+ status
35
+ }
36
+ name
37
+ status
38
+ }
26
39
  }
27
- name
28
- status
29
40
  }
30
41
  }
31
42
  GRAPHQL
32
43
 
33
44
  response = described_class.execute(
34
45
  query,
35
- variables: nil,
46
+ variables: { first: 2, sortOrder: 'descending', sortColumn: 'name' },
36
47
  context: { scope: current_scope },
37
48
  )
38
49
 
39
50
  expect(response['errors']).to be_nil
40
- expect(response.dig('data', 'enterpriseAccounts').count).to eq(2)
51
+ expect(response.dig('data', 'enterpriseAccounts', 'edges').count).to eq(2)
52
+ expect(response.dig('data', 'enterpriseAccounts', 'edges', 0, 'node', 'name')).to eq('C')
53
+ expect(response.dig('data', 'enterpriseAccounts', 'totalCount')).to eq(3)
54
+ expect(response.dig('data', 'enterpriseAccounts', 'pageInfo', 'hasNextPage')).to eq(true)
41
55
  end
42
56
  end
43
57
  end
@@ -55,7 +55,7 @@ describe Osso::GraphQL::Schema do
55
55
 
56
56
  describe 'for the wrong email scoped user' do
57
57
  let(:current_scope) { 'bar.com' }
58
-
58
+
59
59
  it 'returns Enterprise Account for domain' do
60
60
  expect(subject['errors']).to_not be_empty
61
61
  expect(subject.dig('data', 'enterpriseAccount')).to be_nil
@@ -10,6 +10,8 @@ describe Osso::GraphQL::Schema do
10
10
  oauthClients {
11
11
  name
12
12
  id
13
+ clientSecret
14
+ clientId
13
15
  }
14
16
  }
15
17
  GRAPHQL
@@ -3,6 +3,31 @@
3
3
  require 'spec_helper'
4
4
 
5
5
  describe Osso::Auth do
6
+ describe 'get /auth/saml/:uuid' do
7
+ describe 'for an Okta SAML provider' do
8
+ let(:enterprise) { create(:enterprise_with_okta) }
9
+ let(:okta_provider) { enterprise.identity_providers.first }
10
+ it 'uses omniauth saml' do
11
+ get("/auth/saml/#{okta_provider.id}")
12
+
13
+ expect(last_response).to be_redirect
14
+ follow_redirect!
15
+ expect(last_request.url).to match("auth/saml/#{okta_provider.id}")
16
+ end
17
+ end
18
+
19
+ describe 'for an Azure SAML provider' do
20
+ let(:enterprise) { create(:enterprise_with_okta) }
21
+ let(:azure_provider) { enterprise.identity_providers.first }
22
+ it 'uses omniauth saml' do
23
+ get("/auth/saml/#{azure_provider.id}")
24
+
25
+ expect(last_response).to be_redirect
26
+ follow_redirect!
27
+ expect(last_request.url).to match("auth/saml/#{azure_provider.id}")
28
+ end
29
+ end
30
+ end
6
31
  describe 'post /auth/saml/:uuid/callback' do
7
32
  describe 'for an Okta SAML provider' do
8
33
  let(:enterprise) { create(:enterprise_with_okta) }
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: osso
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.0.3.8
4
+ version: 0.0.3.13
5
5
  platform: ruby
6
6
  authors:
7
7
  - Sam Bauch
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2020-07-23 00:00:00.000000000 Z
11
+ date: 2020-08-13 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: activesupport
@@ -178,6 +178,20 @@ dependencies:
178
178
  - - ">="
179
179
  - !ruby/object:Gem::Version
180
180
  version: '0'
181
+ - !ruby/object:Gem::Dependency
182
+ name: annotate
183
+ requirement: !ruby/object:Gem::Requirement
184
+ requirements:
185
+ - - "~>"
186
+ - !ruby/object:Gem::Version
187
+ version: '3.1'
188
+ type: :development
189
+ prerelease: false
190
+ version_requirements: !ruby/object:Gem::Requirement
191
+ requirements:
192
+ - - "~>"
193
+ - !ruby/object:Gem::Version
194
+ version: '3.1'
181
195
  - !ruby/object:Gem::Dependency
182
196
  name: bundler
183
197
  requirement: !ruby/object:Gem::Requirement
@@ -210,6 +224,7 @@ description: This gem includes the main functionality for Osso apps,
210
224
  email:
211
225
  - sbauch@gmail.com
212
226
  executables:
227
+ - annotate
213
228
  - console
214
229
  - setup
215
230
  extensions: []
@@ -229,6 +244,7 @@ files:
229
244
  - LICENSE
230
245
  - README.md
231
246
  - Rakefile
247
+ - bin/annotate
232
248
  - bin/console
233
249
  - bin/setup
234
250
  - config/database.yml
@@ -238,7 +254,6 @@ files:
238
254
  - lib/osso/Rakefile
239
255
  - lib/osso/db/migrate/20190909230109_enable_uuid.rb
240
256
  - lib/osso/db/migrate/20200328135750_create_users.rb
241
- - lib/osso/db/migrate/20200328143303_create_oauth_tables.rb
242
257
  - lib/osso/db/migrate/20200328143305_create_identity_providers.rb
243
258
  - lib/osso/db/migrate/20200411184535_add_provider_id_to_users.rb
244
259
  - lib/osso/db/migrate/20200411192645_create_enterprise_accounts.rb
@@ -251,6 +266,8 @@ files:
251
266
  - lib/osso/db/migrate/20200715154211_rename_idp_fields_on_identity_provider_to_sso.rb
252
267
  - lib/osso/db/migrate/20200715205801_add_name_to_enterprise_account.rb
253
268
  - lib/osso/db/migrate/20200722230116_add_identity_provider_status_enum_and_use_on_identity_providers.rb
269
+ - lib/osso/db/migrate/20200723153750_add_missing_timestamps.rb
270
+ - lib/osso/db/migrate/20200723162228_drop_unneeded_tables.rb
254
271
  - lib/osso/graphql/.DS_Store
255
272
  - lib/osso/graphql/mutation.rb
256
273
  - lib/osso/graphql/mutations.rb
@@ -258,7 +275,11 @@ files:
258
275
  - lib/osso/graphql/mutations/configure_identity_provider.rb
259
276
  - lib/osso/graphql/mutations/create_enterprise_account.rb
260
277
  - lib/osso/graphql/mutations/create_identity_provider.rb
261
- - lib/osso/graphql/mutations/set_identity_provider.rb
278
+ - lib/osso/graphql/mutations/create_oauth_client.rb
279
+ - lib/osso/graphql/mutations/delete_enterprise_account.rb
280
+ - lib/osso/graphql/mutations/delete_oauth_client.rb
281
+ - lib/osso/graphql/mutations/regenerate_oauth_credentials.rb
282
+ - lib/osso/graphql/mutations/set_redirect_uris.rb
262
283
  - lib/osso/graphql/query.rb
263
284
  - lib/osso/graphql/resolvers.rb
264
285
  - lib/osso/graphql/resolvers/enterprise_account.rb
@@ -266,6 +287,7 @@ files:
266
287
  - lib/osso/graphql/resolvers/oauth_clients.rb
267
288
  - lib/osso/graphql/schema.rb
268
289
  - lib/osso/graphql/types.rb
290
+ - lib/osso/graphql/types/base_connection.rb
269
291
  - lib/osso/graphql/types/base_enum.rb
270
292
  - lib/osso/graphql/types/base_input_object.rb
271
293
  - lib/osso/graphql/types/base_object.rb
@@ -274,6 +296,8 @@ files:
274
296
  - lib/osso/graphql/types/identity_provider_service.rb
275
297
  - lib/osso/graphql/types/identity_provider_status.rb
276
298
  - lib/osso/graphql/types/oauth_client.rb
299
+ - lib/osso/graphql/types/redirect_uri.rb
300
+ - lib/osso/graphql/types/redirect_uri_input.rb
277
301
  - lib/osso/graphql/types/user.rb
278
302
  - lib/osso/helpers/auth.rb
279
303
  - lib/osso/helpers/helpers.rb
@@ -287,9 +311,6 @@ files:
287
311
  - lib/osso/models/models.rb
288
312
  - lib/osso/models/oauth_client.rb
289
313
  - lib/osso/models/redirect_uri.rb
290
- - lib/osso/models/saml_provider.rb
291
- - lib/osso/models/saml_providers/azure_saml_provider.rb
292
- - lib/osso/models/saml_providers/okta_saml_provider.rb
293
314
  - lib/osso/models/user.rb
294
315
  - lib/osso/rake.rb
295
316
  - lib/osso/routes/admin.rb
@@ -310,10 +331,13 @@ files:
310
331
  - spec/graphql/mutations/configure_identity_provider_spec.rb
311
332
  - spec/graphql/mutations/create_enterprise_account_spec.rb
312
333
  - spec/graphql/mutations/create_identity_provider_spec.rb
334
+ - spec/graphql/mutations/create_oauth_client_spec.rb
335
+ - spec/graphql/mutations/delete_enterprise_account_spec.rb
336
+ - spec/graphql/mutations/delete_oauth_client_spec.rb
313
337
  - spec/graphql/query/enterprise_account_spec.rb
314
338
  - spec/graphql/query/enterprise_accounts_spec.rb
315
339
  - spec/graphql/query/identity_provider_spec.rb
316
- - spec/graphql/query/oauth_clients_account_spec.rb
340
+ - spec/graphql/query/oauth_clients_spec.rb
317
341
  - spec/models/azure_saml_provider_spec.rb
318
342
  - spec/models/identity_provider_spec.rb
319
343
  - spec/models/okta_saml_provider_spec.rb