osso 0.0.3.8 → 0.0.3.13

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (52) hide show
  1. checksums.yaml +4 -4
  2. data/.buildkite/pipeline.yml +5 -3
  3. data/Gemfile.lock +5 -1
  4. data/bin/annotate +1 -0
  5. data/db/schema.rb +9 -43
  6. data/lib/osso/db/migrate/20200723153750_add_missing_timestamps.rb +35 -0
  7. data/lib/osso/db/migrate/20200723162228_drop_unneeded_tables.rb +9 -0
  8. data/lib/osso/graphql/mutation.rb +7 -1
  9. data/lib/osso/graphql/mutations.rb +5 -1
  10. data/lib/osso/graphql/mutations/configure_identity_provider.rb +1 -1
  11. data/lib/osso/graphql/mutations/create_oauth_client.rb +30 -0
  12. data/lib/osso/graphql/mutations/delete_enterprise_account.rb +34 -0
  13. data/lib/osso/graphql/mutations/delete_oauth_client.rb +30 -0
  14. data/lib/osso/graphql/mutations/regenerate_oauth_credentials.rb +31 -0
  15. data/lib/osso/graphql/mutations/set_redirect_uris.rb +54 -0
  16. data/lib/osso/graphql/query.rb +15 -2
  17. data/lib/osso/graphql/resolvers/enterprise_accounts.rb +12 -4
  18. data/lib/osso/graphql/resolvers/oauth_clients.rb +1 -1
  19. data/lib/osso/graphql/types.rb +3 -0
  20. data/lib/osso/graphql/types/base_connection.rb +15 -0
  21. data/lib/osso/graphql/types/base_object.rb +4 -0
  22. data/lib/osso/graphql/types/oauth_client.rb +14 -1
  23. data/lib/osso/graphql/types/redirect_uri.rb +23 -0
  24. data/lib/osso/graphql/types/redirect_uri_input.rb +16 -0
  25. data/lib/osso/helpers/auth.rb +13 -12
  26. data/lib/osso/models/access_token.rb +18 -0
  27. data/lib/osso/models/authorization_code.rb +20 -0
  28. data/lib/osso/models/enterprise_account.rb +20 -0
  29. data/lib/osso/models/identity_provider.rb +22 -1
  30. data/lib/osso/models/models.rb +2 -0
  31. data/lib/osso/models/oauth_client.rb +20 -6
  32. data/lib/osso/models/redirect_uri.rb +17 -0
  33. data/lib/osso/models/user.rb +22 -0
  34. data/lib/osso/routes/admin.rb +6 -0
  35. data/lib/osso/routes/auth.rb +2 -2
  36. data/lib/osso/version.rb +1 -1
  37. data/osso-rb.gemspec +1 -0
  38. data/spec/factories/identity_providers.rb +22 -0
  39. data/spec/graphql/mutations/configure_identity_provider_spec.rb +1 -1
  40. data/spec/graphql/mutations/create_oauth_client_spec.rb +55 -0
  41. data/spec/graphql/mutations/delete_enterprise_account_spec.rb +63 -0
  42. data/spec/graphql/mutations/delete_oauth_client_spec.rb +51 -0
  43. data/spec/graphql/query/enterprise_accounts_spec.rb +32 -18
  44. data/spec/graphql/query/identity_provider_spec.rb +1 -1
  45. data/spec/graphql/query/{oauth_clients_account_spec.rb → oauth_clients_spec.rb} +2 -0
  46. data/spec/routes/auth_spec.rb +25 -0
  47. metadata +32 -8
  48. data/lib/osso/db/migrate/20200328143303_create_oauth_tables.rb +0 -57
  49. data/lib/osso/graphql/mutations/set_identity_provider.rb +0 -27
  50. data/lib/osso/models/saml_provider.rb +0 -49
  51. data/lib/osso/models/saml_providers/azure_saml_provider.rb +0 -22
  52. data/lib/osso/models/saml_providers/okta_saml_provider.rb +0 -23
@@ -28,6 +28,7 @@ Gem::Specification.new do |spec|
28
28
  spec.add_runtime_dependency 'sinatra-activerecord'
29
29
  spec.add_runtime_dependency 'sinatra-contrib'
30
30
 
31
+ spec.add_development_dependency 'annotate', '~> 3.1'
31
32
  spec.add_development_dependency 'bundler', '~> 2.1'
32
33
  spec.add_development_dependency 'pry'
33
34
 
@@ -47,3 +47,25 @@ FactoryBot.define do
47
47
  end
48
48
  end
49
49
  end
50
+
51
+ # == Schema Information
52
+ #
53
+ # Table name: identity_providers
54
+ #
55
+ # id :uuid not null, primary key
56
+ # service :string
57
+ # domain :string not null
58
+ # sso_url :string
59
+ # sso_cert :text
60
+ # enterprise_account_id :uuid
61
+ # oauth_client_id :uuid
62
+ # status :enum default("PENDING")
63
+ # created_at :datetime
64
+ # updated_at :datetime
65
+ #
66
+ # Indexes
67
+ #
68
+ # index_identity_providers_on_domain (domain)
69
+ # index_identity_providers_on_enterprise_account_id (enterprise_account_id)
70
+ # index_identity_providers_on_oauth_client_id (oauth_client_id)
71
+ #
@@ -47,7 +47,7 @@ describe Osso::GraphQL::Schema do
47
47
  let(:current_scope) { :admin }
48
48
  it 'configures an identity provider' do
49
49
  expect(subject.dig('data', 'configureIdentityProvider', 'identityProvider', 'status')).
50
- to eq('configured')
50
+ to eq('Configured')
51
51
  end
52
52
  end
53
53
 
@@ -0,0 +1,55 @@
1
+ # frozen_string_literal: true
2
+
3
+ require 'spec_helper'
4
+
5
+ describe Osso::GraphQL::Schema do
6
+ describe 'CreateOauthClient' do
7
+ let(:variables) do
8
+ {
9
+ input: {
10
+ name: Faker::Company.name,
11
+ },
12
+ }
13
+ end
14
+
15
+ let(:mutation) do
16
+ <<~GRAPHQL
17
+ mutation CreateOauthClient($input: CreateOauthClientInput!) {
18
+ createOauthClient(input: $input) {
19
+ oauthClient {
20
+ id
21
+ name
22
+ clientId
23
+ clientSecret
24
+ }
25
+ }
26
+ }
27
+ GRAPHQL
28
+ end
29
+
30
+ subject do
31
+ described_class.execute(
32
+ mutation,
33
+ variables: variables,
34
+ context: { scope: current_scope },
35
+ )
36
+ end
37
+
38
+ describe 'for an admin user' do
39
+ let(:current_scope) { :admin }
40
+ it 'creates an OauthClient' do
41
+ expect { subject }.to change { Osso::Models::OauthClient.count }.by(1)
42
+ expect(subject.dig('data', 'createOauthClient', 'oauthClient', 'clientId')).
43
+ to_not be_nil
44
+ end
45
+ end
46
+
47
+ describe 'for an email scoped user' do
48
+ let(:current_scope) { 'foo.com' }
49
+
50
+ it 'does not create an OauthClient Account' do
51
+ expect { subject }.to_not(change { Osso::Models::OauthClient.count })
52
+ end
53
+ end
54
+ end
55
+ end
@@ -0,0 +1,63 @@
1
+ # frozen_string_literal: true
2
+
3
+ require 'spec_helper'
4
+
5
+ describe Osso::GraphQL::Schema do
6
+ describe 'DeleteEnterpriseAccount' do
7
+ let(:domain) { Faker::Internet.domain_name }
8
+ let!(:enterprise_account) { create(:enterprise_account, domain: domain) }
9
+ let(:variables) do
10
+ {
11
+ input: {
12
+ id: enterprise_account.id,
13
+ },
14
+ }
15
+ end
16
+
17
+ let(:mutation) do
18
+ <<~GRAPHQL
19
+ mutation DeleteEnterpriseAccount($input: DeleteEnterpriseAccountInput!) {
20
+ deleteEnterpriseAccount(input: $input) {
21
+ enterpriseAccount {
22
+ id
23
+ }
24
+ }
25
+ }
26
+ GRAPHQL
27
+ end
28
+
29
+ subject do
30
+ described_class.execute(
31
+ mutation,
32
+ variables: variables,
33
+ context: { scope: current_scope },
34
+ )
35
+ end
36
+
37
+ describe 'for an admin user' do
38
+ let(:current_scope) { :admin }
39
+ it 'deletes an Enterprise Account' do
40
+ expect { subject }.to change { Osso::Models::EnterpriseAccount.count }.by(-1)
41
+ expect(subject.dig('data', 'createEnterpriseAccount', 'enterpriseAccount')).
42
+ to be_nil
43
+ end
44
+ end
45
+
46
+ describe 'for an email scoped user' do
47
+ let(:current_scope) { domain }
48
+
49
+ it 'deletes the Enterprise Account' do
50
+ expect { subject }.to change { Osso::Models::EnterpriseAccount.count }.by(-1)
51
+ expect(subject.dig('data', 'createEnterpriseAccount', 'enterpriseAccount')).
52
+ to be_nil
53
+ end
54
+ end
55
+ describe 'for the wrong email scoped user' do
56
+ let(:current_scope) { 'foo.com' }
57
+
58
+ it 'does not delete the Enterprise Account' do
59
+ expect { subject }.to_not(change { Osso::Models::EnterpriseAccount.count })
60
+ end
61
+ end
62
+ end
63
+ end
@@ -0,0 +1,51 @@
1
+ # frozen_string_literal: true
2
+
3
+ require 'spec_helper'
4
+
5
+ describe Osso::GraphQL::Schema do
6
+ describe 'DeleteOauthClient' do
7
+ let!(:oauth_client) { create(:oauth_client) }
8
+ let(:variables) do
9
+ {
10
+ input: {
11
+ id: oauth_client.id,
12
+ },
13
+ }
14
+ end
15
+
16
+ let(:mutation) do
17
+ <<~GRAPHQL
18
+ mutation DeleteOauthClient($input: DeleteOauthClientInput!) {
19
+ deleteOauthClient(input: $input) {
20
+ oauthClient {
21
+ id
22
+ }
23
+ }
24
+ }
25
+ GRAPHQL
26
+ end
27
+
28
+ subject do
29
+ described_class.execute(
30
+ mutation,
31
+ variables: variables,
32
+ context: { scope: current_scope },
33
+ )
34
+ end
35
+
36
+ describe 'for an admin user' do
37
+ let(:current_scope) { :admin }
38
+ it 'deletes the OauthClient' do
39
+ expect { subject }.to change { Osso::Models::OauthClient.count }.by(-1)
40
+ end
41
+ end
42
+
43
+ describe 'for an email scoped user' do
44
+ let(:current_scope) { 'foo.com' }
45
+
46
+ it 'does not create an OauthClient Account' do
47
+ expect { subject }.to_not(change { Osso::Models::OauthClient.count })
48
+ end
49
+ end
50
+ end
51
+ end
@@ -7,37 +7,51 @@ describe Osso::GraphQL::Schema do
7
7
  describe 'for an admin user' do
8
8
  let(:current_scope) { :admin }
9
9
 
10
- it 'returns Enterprise Accounts' do
11
- create_list(:enterprise_account, 2)
10
+ it 'returns paginated Enterprise Accounts' do
11
+ %w[A B C].map do |name|
12
+ create(:enterprise_account, name: name)
13
+ end
12
14
 
13
15
  query = <<~GRAPHQL
14
- query EnterpriseAccounts {
15
- enterpriseAccounts {
16
- domain
17
- id
18
- identityProviders {
19
- id
20
- service
21
- domain
22
- acsUrl
23
- ssoCert
24
- ssoUrl
25
- status
16
+ query EnterpriseAccounts($first: Int, $sortColumn: String, $sortOrder: String) {
17
+ enterpriseAccounts(first: $first, sortColumn: $sortColumn, sortOrder: $sortOrder) {
18
+ pageInfo {
19
+ hasNextPage
20
+ endCursor
21
+ }
22
+ totalCount
23
+ edges {
24
+ node {
25
+ domain
26
+ id
27
+ identityProviders {
28
+ id
29
+ service
30
+ domain
31
+ acsUrl
32
+ ssoCert
33
+ ssoUrl
34
+ status
35
+ }
36
+ name
37
+ status
38
+ }
26
39
  }
27
- name
28
- status
29
40
  }
30
41
  }
31
42
  GRAPHQL
32
43
 
33
44
  response = described_class.execute(
34
45
  query,
35
- variables: nil,
46
+ variables: { first: 2, sortOrder: 'descending', sortColumn: 'name' },
36
47
  context: { scope: current_scope },
37
48
  )
38
49
 
39
50
  expect(response['errors']).to be_nil
40
- expect(response.dig('data', 'enterpriseAccounts').count).to eq(2)
51
+ expect(response.dig('data', 'enterpriseAccounts', 'edges').count).to eq(2)
52
+ expect(response.dig('data', 'enterpriseAccounts', 'edges', 0, 'node', 'name')).to eq('C')
53
+ expect(response.dig('data', 'enterpriseAccounts', 'totalCount')).to eq(3)
54
+ expect(response.dig('data', 'enterpriseAccounts', 'pageInfo', 'hasNextPage')).to eq(true)
41
55
  end
42
56
  end
43
57
  end
@@ -55,7 +55,7 @@ describe Osso::GraphQL::Schema do
55
55
 
56
56
  describe 'for the wrong email scoped user' do
57
57
  let(:current_scope) { 'bar.com' }
58
-
58
+
59
59
  it 'returns Enterprise Account for domain' do
60
60
  expect(subject['errors']).to_not be_empty
61
61
  expect(subject.dig('data', 'enterpriseAccount')).to be_nil
@@ -10,6 +10,8 @@ describe Osso::GraphQL::Schema do
10
10
  oauthClients {
11
11
  name
12
12
  id
13
+ clientSecret
14
+ clientId
13
15
  }
14
16
  }
15
17
  GRAPHQL
@@ -3,6 +3,31 @@
3
3
  require 'spec_helper'
4
4
 
5
5
  describe Osso::Auth do
6
+ describe 'get /auth/saml/:uuid' do
7
+ describe 'for an Okta SAML provider' do
8
+ let(:enterprise) { create(:enterprise_with_okta) }
9
+ let(:okta_provider) { enterprise.identity_providers.first }
10
+ it 'uses omniauth saml' do
11
+ get("/auth/saml/#{okta_provider.id}")
12
+
13
+ expect(last_response).to be_redirect
14
+ follow_redirect!
15
+ expect(last_request.url).to match("auth/saml/#{okta_provider.id}")
16
+ end
17
+ end
18
+
19
+ describe 'for an Azure SAML provider' do
20
+ let(:enterprise) { create(:enterprise_with_okta) }
21
+ let(:azure_provider) { enterprise.identity_providers.first }
22
+ it 'uses omniauth saml' do
23
+ get("/auth/saml/#{azure_provider.id}")
24
+
25
+ expect(last_response).to be_redirect
26
+ follow_redirect!
27
+ expect(last_request.url).to match("auth/saml/#{azure_provider.id}")
28
+ end
29
+ end
30
+ end
6
31
  describe 'post /auth/saml/:uuid/callback' do
7
32
  describe 'for an Okta SAML provider' do
8
33
  let(:enterprise) { create(:enterprise_with_okta) }
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: osso
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.0.3.8
4
+ version: 0.0.3.13
5
5
  platform: ruby
6
6
  authors:
7
7
  - Sam Bauch
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2020-07-23 00:00:00.000000000 Z
11
+ date: 2020-08-13 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: activesupport
@@ -178,6 +178,20 @@ dependencies:
178
178
  - - ">="
179
179
  - !ruby/object:Gem::Version
180
180
  version: '0'
181
+ - !ruby/object:Gem::Dependency
182
+ name: annotate
183
+ requirement: !ruby/object:Gem::Requirement
184
+ requirements:
185
+ - - "~>"
186
+ - !ruby/object:Gem::Version
187
+ version: '3.1'
188
+ type: :development
189
+ prerelease: false
190
+ version_requirements: !ruby/object:Gem::Requirement
191
+ requirements:
192
+ - - "~>"
193
+ - !ruby/object:Gem::Version
194
+ version: '3.1'
181
195
  - !ruby/object:Gem::Dependency
182
196
  name: bundler
183
197
  requirement: !ruby/object:Gem::Requirement
@@ -210,6 +224,7 @@ description: This gem includes the main functionality for Osso apps,
210
224
  email:
211
225
  - sbauch@gmail.com
212
226
  executables:
227
+ - annotate
213
228
  - console
214
229
  - setup
215
230
  extensions: []
@@ -229,6 +244,7 @@ files:
229
244
  - LICENSE
230
245
  - README.md
231
246
  - Rakefile
247
+ - bin/annotate
232
248
  - bin/console
233
249
  - bin/setup
234
250
  - config/database.yml
@@ -238,7 +254,6 @@ files:
238
254
  - lib/osso/Rakefile
239
255
  - lib/osso/db/migrate/20190909230109_enable_uuid.rb
240
256
  - lib/osso/db/migrate/20200328135750_create_users.rb
241
- - lib/osso/db/migrate/20200328143303_create_oauth_tables.rb
242
257
  - lib/osso/db/migrate/20200328143305_create_identity_providers.rb
243
258
  - lib/osso/db/migrate/20200411184535_add_provider_id_to_users.rb
244
259
  - lib/osso/db/migrate/20200411192645_create_enterprise_accounts.rb
@@ -251,6 +266,8 @@ files:
251
266
  - lib/osso/db/migrate/20200715154211_rename_idp_fields_on_identity_provider_to_sso.rb
252
267
  - lib/osso/db/migrate/20200715205801_add_name_to_enterprise_account.rb
253
268
  - lib/osso/db/migrate/20200722230116_add_identity_provider_status_enum_and_use_on_identity_providers.rb
269
+ - lib/osso/db/migrate/20200723153750_add_missing_timestamps.rb
270
+ - lib/osso/db/migrate/20200723162228_drop_unneeded_tables.rb
254
271
  - lib/osso/graphql/.DS_Store
255
272
  - lib/osso/graphql/mutation.rb
256
273
  - lib/osso/graphql/mutations.rb
@@ -258,7 +275,11 @@ files:
258
275
  - lib/osso/graphql/mutations/configure_identity_provider.rb
259
276
  - lib/osso/graphql/mutations/create_enterprise_account.rb
260
277
  - lib/osso/graphql/mutations/create_identity_provider.rb
261
- - lib/osso/graphql/mutations/set_identity_provider.rb
278
+ - lib/osso/graphql/mutations/create_oauth_client.rb
279
+ - lib/osso/graphql/mutations/delete_enterprise_account.rb
280
+ - lib/osso/graphql/mutations/delete_oauth_client.rb
281
+ - lib/osso/graphql/mutations/regenerate_oauth_credentials.rb
282
+ - lib/osso/graphql/mutations/set_redirect_uris.rb
262
283
  - lib/osso/graphql/query.rb
263
284
  - lib/osso/graphql/resolvers.rb
264
285
  - lib/osso/graphql/resolvers/enterprise_account.rb
@@ -266,6 +287,7 @@ files:
266
287
  - lib/osso/graphql/resolvers/oauth_clients.rb
267
288
  - lib/osso/graphql/schema.rb
268
289
  - lib/osso/graphql/types.rb
290
+ - lib/osso/graphql/types/base_connection.rb
269
291
  - lib/osso/graphql/types/base_enum.rb
270
292
  - lib/osso/graphql/types/base_input_object.rb
271
293
  - lib/osso/graphql/types/base_object.rb
@@ -274,6 +296,8 @@ files:
274
296
  - lib/osso/graphql/types/identity_provider_service.rb
275
297
  - lib/osso/graphql/types/identity_provider_status.rb
276
298
  - lib/osso/graphql/types/oauth_client.rb
299
+ - lib/osso/graphql/types/redirect_uri.rb
300
+ - lib/osso/graphql/types/redirect_uri_input.rb
277
301
  - lib/osso/graphql/types/user.rb
278
302
  - lib/osso/helpers/auth.rb
279
303
  - lib/osso/helpers/helpers.rb
@@ -287,9 +311,6 @@ files:
287
311
  - lib/osso/models/models.rb
288
312
  - lib/osso/models/oauth_client.rb
289
313
  - lib/osso/models/redirect_uri.rb
290
- - lib/osso/models/saml_provider.rb
291
- - lib/osso/models/saml_providers/azure_saml_provider.rb
292
- - lib/osso/models/saml_providers/okta_saml_provider.rb
293
314
  - lib/osso/models/user.rb
294
315
  - lib/osso/rake.rb
295
316
  - lib/osso/routes/admin.rb
@@ -310,10 +331,13 @@ files:
310
331
  - spec/graphql/mutations/configure_identity_provider_spec.rb
311
332
  - spec/graphql/mutations/create_enterprise_account_spec.rb
312
333
  - spec/graphql/mutations/create_identity_provider_spec.rb
334
+ - spec/graphql/mutations/create_oauth_client_spec.rb
335
+ - spec/graphql/mutations/delete_enterprise_account_spec.rb
336
+ - spec/graphql/mutations/delete_oauth_client_spec.rb
313
337
  - spec/graphql/query/enterprise_account_spec.rb
314
338
  - spec/graphql/query/enterprise_accounts_spec.rb
315
339
  - spec/graphql/query/identity_provider_spec.rb
316
- - spec/graphql/query/oauth_clients_account_spec.rb
340
+ - spec/graphql/query/oauth_clients_spec.rb
317
341
  - spec/models/azure_saml_provider_spec.rb
318
342
  - spec/models/identity_provider_spec.rb
319
343
  - spec/models/okta_saml_provider_spec.rb