osso 0.0.6 → 0.1.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (44) hide show
  1. checksums.yaml +4 -4
  2. data/.buildkite/pipeline.yml +1 -0
  3. data/.rubocop.yml +4 -16
  4. data/Gemfile +3 -3
  5. data/Gemfile.lock +76 -70
  6. data/Rakefile +3 -0
  7. data/bin/console +3 -0
  8. data/db/schema.rb +2 -2
  9. data/lib/osso.rb +1 -0
  10. data/lib/osso/db/migrate/20201125143501_add_salesforce_to_provider_service_enum.rb +28 -0
  11. data/lib/osso/graphql/mutations/configure_identity_provider.rb +4 -1
  12. data/lib/osso/graphql/mutations/create_enterprise_account.rb +4 -1
  13. data/lib/osso/graphql/mutations/create_identity_provider.rb +8 -3
  14. data/lib/osso/graphql/mutations/create_oauth_client.rb +4 -1
  15. data/lib/osso/graphql/mutations/delete_enterprise_account.rb +4 -1
  16. data/lib/osso/graphql/mutations/delete_identity_provider.rb +4 -1
  17. data/lib/osso/graphql/mutations/delete_oauth_client.rb +4 -1
  18. data/lib/osso/graphql/mutations/invite_admin_user.rb +6 -0
  19. data/lib/osso/graphql/mutations/regenerate_oauth_credentials.rb +10 -1
  20. data/lib/osso/graphql/mutations/set_redirect_uris.rb +2 -0
  21. data/lib/osso/graphql/mutations/update_app_config.rb +4 -1
  22. data/lib/osso/graphql/query.rb +26 -31
  23. data/lib/osso/graphql/schema.rb +0 -1
  24. data/lib/osso/graphql/types/identity_provider_service.rb +1 -0
  25. data/lib/osso/lib/analytics.rb +55 -0
  26. data/lib/osso/lib/route_map.rb +2 -0
  27. data/lib/osso/models/account.rb +1 -1
  28. data/lib/osso/models/identity_provider.rb +3 -2
  29. data/lib/osso/routes/admin.rb +37 -5
  30. data/lib/osso/routes/auth.rb +2 -0
  31. data/lib/osso/routes/oauth.rb +10 -4
  32. data/lib/osso/version.rb +1 -1
  33. data/lib/tasks/bootstrap.rake +6 -4
  34. data/osso-rb.gemspec +5 -3
  35. data/spec/graphql/mutations/create_identity_provider_spec.rb +1 -1
  36. data/spec/models/identity_provider_spec.rb +1 -0
  37. data/spec/routes/admin_spec.rb +27 -9
  38. data/spec/routes/auth_spec.rb +5 -3
  39. data/spec/routes/oauth_spec.rb +20 -12
  40. data/spec/spec_helper.rb +2 -0
  41. data/spec/support/views/hosted_login.erb +1 -0
  42. data/spec/support/views/saml_login_form.erb +1 -0
  43. metadata +40 -9
  44. data/spec/routes/app_spec.rb +0 -6
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: ed87e1642f9d6b504f2b6642d50f694f5fb63d82c49deb9088aa0d6964f876f5
4
- data.tar.gz: 20e3006e7367070fd0bc67d72ee7c55fe9c1948a31a58baad439561d41b698f3
3
+ metadata.gz: c263ca76f08c31c90de62d7b81c1d1d8b93817dba65f9424b81223ae2c003418
4
+ data.tar.gz: 6e869dff216866735060d0cae9a478a3bdbc76a59b0a5b2b06ad419dca0c09c3
5
5
  SHA512:
6
- metadata.gz: b3301fe48bf416b152b174bdbfb6180084849f3f9fc2bd50d6382a31dece3dd7c556a47e54bd73b677ac69225ea645c98a9bfca9484425944c09f2b6f5ea8cbd
7
- data.tar.gz: 7d40c2972213a5981abcf4d5213ff4f2518a4f5ea320bdad2b866e48ae64dfcc422d7c42679dc35429d4091c196f05e1ed84a45f8d14541e8032aeaa4caf336c
6
+ metadata.gz: 4e8d2b6df9b9520d209cdda204d8a69d8d072277bbb5d2ec3a961bbdf2710712d07fc6a9b2cfd1683f6e53450b54e61706a4e49418286d9cce161ebc03690bbe
7
+ data.tar.gz: a9d71e8fc6fe531c48b51c8534a8dfedbb94d265f97ae6b1365ad47485a34ee8cf0ffc5ad4e426f0dc4e1d818f57b425a1fa6c697a8e638a76d80627ee5d728e
@@ -12,6 +12,7 @@ steps:
12
12
  - coverage/*
13
13
 
14
14
  - name: ":codeclimate:"
15
+ soft_fail: true
15
16
  plugins:
16
17
  - jobready/codeclimate-test-reporter#v2.0:
17
18
  artifact: "coverage/.resultset.json"
@@ -1,25 +1,10 @@
1
1
  AllCops:
2
+ NewCops: enable
2
3
  TargetRubyVersion: 2.6.0
3
4
  Exclude:
4
5
  - db/**/*
5
6
  - lib/osso/db/**/*
6
7
 
7
- # New rules must be explicitly opted into / out of
8
- Lint/RaiseException:
9
- Enabled: true
10
- Lint/StructNewOverride:
11
- Enabled: true
12
- Style/HashEachMethods:
13
- Enabled: true
14
- Style/HashTransformKeys:
15
- Enabled: true
16
- Style/HashTransformValues:
17
- Enabled: true
18
- Layout/SpaceAroundMethodCallOperator:
19
- Enabled: true
20
- Style/ExponentialNotation:
21
- Enabled: true
22
-
23
8
  Style/TrailingCommaInArguments:
24
9
  Description: "Checks for trailing comma in argument lists."
25
10
  StyleGuide: "https://github.com/bbatsov/ruby-style-guide#no-trailing-array-commas"
@@ -50,6 +35,9 @@ Style/TrailingCommaInHashLiteral:
50
35
  - no_comma
51
36
  Enabled: true
52
37
 
38
+ Layout/FirstHashElementIndentation:
39
+ EnforcedStyle: consistent
40
+
53
41
  Layout/MultilineMethodCallIndentation:
54
42
  EnforcedStyle: indented
55
43
 
data/Gemfile CHANGED
@@ -10,10 +10,10 @@ group :test do
10
10
  gem 'faker'
11
11
  gem 'pg'
12
12
  gem 'rack-test'
13
- gem 'rspec', '~> 3.2'
13
+ gem 'rspec', '~> 3.10'
14
14
  gem 'rubocop'
15
- gem 'simplecov', '= 0.17', require: false
16
- gem 'webmock', '~> 3.10'
15
+ gem 'simplecov', '0.21.2', require: false
16
+ gem 'webmock', '~> 3.11'
17
17
  end
18
18
 
19
19
  gemspec
@@ -1,7 +1,7 @@
1
1
  PATH
2
2
  remote: .
3
3
  specs:
4
- osso (0.0.6.alpha)
4
+ osso (0.1.0)
5
5
  activesupport (>= 6.0.3.2)
6
6
  bcrypt (~> 3.1.13)
7
7
  graphql
@@ -9,31 +9,33 @@ PATH
9
9
  mail (~> 2.7.1)
10
10
  omniauth-multi-provider
11
11
  omniauth-saml
12
+ posthog-ruby
12
13
  rack (>= 2.1.4)
13
14
  rack-contrib
14
15
  rack-oauth2
16
+ rack-protection (~> 2.1.0)
15
17
  rake
16
- rodauth (~> 2.6.0)
17
- sequel (~> 5.37.0)
18
+ rodauth (~> 2.9)
19
+ sequel (~> 5.40)
18
20
  sequel-activerecord_connection (>= 0.3, < 2.0)
19
21
  sinatra
20
- sinatra-activerecord
22
+ sinatra-activerecord (>= 2.0.22)
21
23
  sinatra-contrib
22
24
 
23
25
  GEM
24
26
  remote: https://rubygems.org/
25
27
  specs:
26
- activemodel (6.0.3.4)
27
- activesupport (= 6.0.3.4)
28
- activerecord (6.0.3.4)
29
- activemodel (= 6.0.3.4)
30
- activesupport (= 6.0.3.4)
31
- activesupport (6.0.3.4)
28
+ activemodel (6.1.1)
29
+ activesupport (= 6.1.1)
30
+ activerecord (6.1.1)
31
+ activemodel (= 6.1.1)
32
+ activesupport (= 6.1.1)
33
+ activesupport (6.1.1)
32
34
  concurrent-ruby (~> 1.0, >= 1.0.2)
33
- i18n (>= 0.7, < 2)
34
- minitest (~> 5.1)
35
- tzinfo (~> 1.1)
36
- zeitwerk (~> 2.2, >= 2.2.2)
35
+ i18n (>= 1.6, < 2)
36
+ minitest (>= 5.1)
37
+ tzinfo (~> 2.0)
38
+ zeitwerk (~> 2.3)
37
39
  addressable (2.7.0)
38
40
  public_suffix (>= 2.0.2, < 5.0)
39
41
  aes_key_wrap (1.1.0)
@@ -42,30 +44,30 @@ GEM
42
44
  annotate (3.1.1)
43
45
  activerecord (>= 3.2, < 7.0)
44
46
  rake (>= 10.4, < 14.0)
45
- ast (2.4.1)
47
+ ast (2.4.2)
46
48
  attr_required (1.0.1)
47
49
  bcrypt (3.1.16)
48
50
  bindata (2.4.8)
49
51
  coderay (1.1.3)
50
- concurrent-ruby (1.1.7)
51
- crack (0.4.4)
52
+ concurrent-ruby (1.1.8)
53
+ crack (0.4.5)
54
+ rexml
52
55
  database_cleaner (1.8.5)
53
56
  database_cleaner-active_record (1.8.0)
54
57
  activerecord
55
58
  database_cleaner (~> 1.8.0)
56
59
  diff-lcs (1.4.4)
57
- docile (1.3.2)
60
+ docile (1.3.5)
58
61
  factory_bot (6.1.0)
59
62
  activesupport (>= 5.0.0)
60
- faker (2.15.0)
63
+ faker (2.15.1)
61
64
  i18n (>= 1.6, < 2)
62
- graphql (1.11.6)
65
+ graphql (1.12.2)
63
66
  hashdiff (1.0.1)
64
67
  hashie (4.1.0)
65
68
  httpclient (2.8.3)
66
- i18n (1.8.5)
69
+ i18n (1.8.7)
67
70
  concurrent-ruby (~> 1.0)
68
- json (2.3.1)
69
71
  json-jwt (1.13.0)
70
72
  activesupport (>= 4.2)
71
73
  aes_key_wrap
@@ -75,31 +77,35 @@ GEM
75
77
  mini_mime (>= 0.1.1)
76
78
  method_source (1.0.0)
77
79
  mini_mime (1.0.2)
78
- mini_portile2 (2.4.0)
79
- minitest (5.14.2)
80
+ mini_portile2 (2.5.0)
81
+ minitest (5.14.3)
80
82
  multi_json (1.15.0)
81
83
  mustermann (1.1.1)
82
84
  ruby2_keywords (~> 0.0.1)
83
- nokogiri (1.10.10)
84
- mini_portile2 (~> 2.4.0)
85
- omniauth (1.9.1)
85
+ nokogiri (1.11.1)
86
+ mini_portile2 (~> 2.5.0)
87
+ racc (~> 1.4)
88
+ omniauth (2.0.1)
86
89
  hashie (>= 3.4.6)
87
90
  rack (>= 1.6.2, < 3)
91
+ rack-protection
88
92
  omniauth-multi-provider (0.2.1)
89
93
  omniauth
90
- omniauth-saml (1.10.3)
91
- omniauth (~> 1.3, >= 1.3.2)
94
+ omniauth-saml (2.0.0)
95
+ omniauth (~> 2.0)
92
96
  ruby-saml (~> 1.9)
93
97
  parallel (1.20.1)
94
- parser (2.7.2.0)
98
+ parser (3.0.0.0)
95
99
  ast (~> 2.4.1)
96
100
  pg (1.2.3)
101
+ posthog-ruby (1.1.0)
97
102
  pry (0.13.1)
98
103
  coderay (~> 1.1)
99
104
  method_source (~> 1.0)
100
105
  public_suffix (4.0.6)
106
+ racc (1.5.2)
101
107
  rack (2.2.3)
102
- rack-contrib (2.2.0)
108
+ rack-contrib (2.3.0)
103
109
  rack (~> 2.0)
104
110
  rack-oauth2 (1.16.0)
105
111
  activesupport
@@ -112,58 +118,59 @@ GEM
112
118
  rack-test (1.1.0)
113
119
  rack (>= 1.0, < 3)
114
120
  rainbow (3.0.0)
115
- rake (13.0.1)
116
- regexp_parser (1.8.2)
121
+ rake (13.0.3)
122
+ regexp_parser (2.0.3)
117
123
  rexml (3.2.4)
118
- roda (3.38.0)
124
+ roda (3.40.0)
119
125
  rack
120
- rodauth (2.6.0)
126
+ rodauth (2.9.0)
121
127
  roda (>= 2.6.0)
122
128
  sequel (>= 4)
123
- rspec (3.9.0)
124
- rspec-core (~> 3.9.0)
125
- rspec-expectations (~> 3.9.0)
126
- rspec-mocks (~> 3.9.0)
127
- rspec-core (3.9.3)
128
- rspec-support (~> 3.9.3)
129
- rspec-expectations (3.9.3)
129
+ rspec (3.10.0)
130
+ rspec-core (~> 3.10.0)
131
+ rspec-expectations (~> 3.10.0)
132
+ rspec-mocks (~> 3.10.0)
133
+ rspec-core (3.10.1)
134
+ rspec-support (~> 3.10.0)
135
+ rspec-expectations (3.10.1)
130
136
  diff-lcs (>= 1.2.0, < 2.0)
131
- rspec-support (~> 3.9.0)
132
- rspec-mocks (3.9.1)
137
+ rspec-support (~> 3.10.0)
138
+ rspec-mocks (3.10.1)
133
139
  diff-lcs (>= 1.2.0, < 2.0)
134
- rspec-support (~> 3.9.0)
135
- rspec-support (3.9.4)
136
- rubocop (1.4.1)
140
+ rspec-support (~> 3.10.0)
141
+ rspec-support (3.10.1)
142
+ rubocop (1.8.1)
137
143
  parallel (~> 1.10)
138
- parser (>= 2.7.1.5)
144
+ parser (>= 3.0.0.0)
139
145
  rainbow (>= 2.2.2, < 4.0)
140
- regexp_parser (>= 1.8)
146
+ regexp_parser (>= 1.8, < 3.0)
141
147
  rexml
142
- rubocop-ast (>= 1.1.1)
148
+ rubocop-ast (>= 1.2.0, < 2.0)
143
149
  ruby-progressbar (~> 1.7)
144
- unicode-display_width (>= 1.4.0, < 2.0)
145
- rubocop-ast (1.2.0)
150
+ unicode-display_width (>= 1.4.0, < 3.0)
151
+ rubocop-ast (1.4.1)
146
152
  parser (>= 2.7.1.5)
147
- ruby-progressbar (1.10.1)
153
+ ruby-progressbar (1.11.0)
148
154
  ruby-saml (1.11.0)
149
155
  nokogiri (>= 1.5.10)
150
- ruby2_keywords (0.0.2)
151
- sequel (5.37.0)
152
- sequel-activerecord_connection (1.2.0)
156
+ ruby2_keywords (0.0.4)
157
+ sequel (5.40.0)
158
+ sequel-activerecord_connection (1.2.2)
153
159
  activerecord (>= 4.2, < 7)
154
160
  after_commit_everywhere (~> 0.1.5)
155
161
  sequel (~> 5.16)
156
- simplecov (0.17.0)
162
+ simplecov (0.21.2)
157
163
  docile (~> 1.1)
158
- json (>= 1.8, < 3)
159
- simplecov-html (~> 0.10.0)
160
- simplecov-html (0.10.2)
164
+ simplecov-html (~> 0.11)
165
+ simplecov_json_formatter (~> 0.1)
166
+ simplecov-html (0.12.3)
167
+ simplecov_json_formatter (0.1.2)
161
168
  sinatra (2.1.0)
162
169
  mustermann (~> 1.0)
163
170
  rack (~> 2.2)
164
171
  rack-protection (= 2.1.0)
165
172
  tilt (~> 2.0)
166
- sinatra-activerecord (2.0.21)
173
+ sinatra-activerecord (2.0.22)
167
174
  activerecord (>= 4.1)
168
175
  sinatra (>= 1.0)
169
176
  sinatra-contrib (2.1.0)
@@ -172,16 +179,15 @@ GEM
172
179
  rack-protection (= 2.1.0)
173
180
  sinatra (= 2.1.0)
174
181
  tilt (~> 2.0)
175
- thread_safe (0.3.6)
176
182
  tilt (2.0.10)
177
- tzinfo (1.2.8)
178
- thread_safe (~> 0.1)
179
- unicode-display_width (1.7.0)
180
- webmock (3.10.0)
183
+ tzinfo (2.0.4)
184
+ concurrent-ruby (~> 1.0)
185
+ unicode-display_width (2.0.0)
186
+ webmock (3.11.1)
181
187
  addressable (>= 2.3.6)
182
188
  crack (>= 0.3.2)
183
189
  hashdiff (>= 0.4.0, < 2.0.0)
184
- zeitwerk (2.4.1)
190
+ zeitwerk (2.4.2)
185
191
 
186
192
  PLATFORMS
187
193
  ruby
@@ -196,10 +202,10 @@ DEPENDENCIES
196
202
  pg
197
203
  pry
198
204
  rack-test
199
- rspec (~> 3.2)
205
+ rspec (~> 3.10)
200
206
  rubocop
201
- simplecov (= 0.17)
202
- webmock (~> 3.10)
207
+ simplecov (= 0.21.2)
208
+ webmock (~> 3.11)
203
209
 
204
210
  BUNDLED WITH
205
211
  2.1.4
data/Rakefile CHANGED
@@ -4,6 +4,9 @@
4
4
  # to tell ActiveRecord where to find the database
5
5
  # schema and migrations
6
6
 
7
+ ENV['SESSION_SECRET'] ||= 'rake-secret'
8
+ ENV['BASE_URL'] ||= 'https://example.com'
9
+
7
10
  require 'bundler/gem_tasks'
8
11
  require 'sinatra/activerecord/rake'
9
12
  require './lib/osso'
@@ -1,6 +1,9 @@
1
1
  #!/usr/bin/env ruby
2
2
  # frozen_string_literal: true
3
3
 
4
+ ENV['SESSION_SECRET'] ||= 'irb-secret'
5
+ ENV['BASE_URL'] ||= 'https://example.com'
6
+
4
7
  require 'bundler/setup'
5
8
  require 'osso'
6
9
 
@@ -10,7 +10,7 @@
10
10
  #
11
11
  # It's strongly recommended that you check this file into your version control system.
12
12
 
13
- ActiveRecord::Schema.define(version: 2020_11_12_160120) do
13
+ ActiveRecord::Schema.define(version: 2020_11_25_143501) do
14
14
 
15
15
  # These are extensions that must be enabled in order to support this database
16
16
  enable_extension "citext"
@@ -57,7 +57,7 @@ ActiveRecord::Schema.define(version: 2020_11_12_160120) do
57
57
  t.citext "email", null: false
58
58
  t.integer "status_id", default: 1, null: false
59
59
  t.string "role", default: "admin", null: false
60
- t.uuid "oauth_client_id"
60
+ t.string "oauth_client_id"
61
61
  t.index ["email"], name: "index_accounts_on_email", unique: true, where: "(status_id = ANY (ARRAY[1, 2]))"
62
62
  t.index ["oauth_client_id"], name: "index_accounts_on_oauth_client_id"
63
63
  end
@@ -2,6 +2,7 @@
2
2
 
3
3
  module Osso
4
4
  require_relative 'osso/error/error'
5
+ require_relative 'osso/lib/analytics'
5
6
  require_relative 'osso/lib/app_config'
6
7
  require_relative 'osso/lib/oauth2_token'
7
8
  require_relative 'osso/lib/route_map'
@@ -0,0 +1,28 @@
1
+ class AddSalesforceToProviderServiceEnum < ActiveRecord::Migration[6.0]
2
+ disable_ddl_transaction!
3
+
4
+ def up
5
+ execute <<-SQL
6
+ ALTER TYPE identity_provider_service ADD VALUE 'SALESFORCE';
7
+ SQL
8
+ end
9
+
10
+ def down
11
+ execute <<~SQL
12
+ CREATE TYPE identity_provider_service_new AS ENUM ('AZURE', 'OKTA', 'ONELOGIN', 'GOOGLE', 'PING');
13
+
14
+ -- Remove values that won't be compatible with new definition
15
+ DELETE FROM identity_providers WHERE service = 'SALESFORCE';
16
+
17
+ -- Convert to new type, casting via text representation
18
+ ALTER TABLE identity_providers
19
+ ALTER COLUMN service TYPE identity_provider_service_new
20
+ USING (service::text::identity_provider_service_new);
21
+
22
+ -- and swap the types
23
+ DROP TYPE identity_provider_service;
24
+
25
+ ALTER TYPE identity_provider_service_new RENAME TO identity_provider_service;
26
+ SQL
27
+ end
28
+ end
@@ -15,7 +15,10 @@ module Osso
15
15
  def resolve(**args)
16
16
  provider = identity_provider(**args)
17
17
 
18
- return response_data(identity_provider: provider) if provider.update(args)
18
+ if provider.update(args)
19
+ Osso::Analytics.capture(email: context[:email], event: self.class.name.demodulize, properties: args)
20
+ return response_data(identity_provider: provider)
21
+ end
19
22
 
20
23
  response_error(provider.errors)
21
24
  end
@@ -15,7 +15,10 @@ module Osso
15
15
  def resolve(**args)
16
16
  enterprise_account = Osso::Models::EnterpriseAccount.new(args)
17
17
 
18
- return response_data(enterprise_account: enterprise_account) if enterprise_account.save
18
+ if enterprise_account.save
19
+ Osso::Analytics.capture(email: context[:email], event: self.class.name.demodulize, properties: args)
20
+ return response_data(enterprise_account: enterprise_account)
21
+ end
19
22
 
20
23
  response_error(enterprise_account.errors)
21
24
  end
@@ -13,7 +13,7 @@ module Osso
13
13
  field :identity_provider, Types::IdentityProvider, null: false
14
14
  field :errors, [String], null: false
15
15
 
16
- def resolve(service: nil, enterprise_account_id:, oauth_client_id:)
16
+ def resolve(enterprise_account_id:, oauth_client_id:, service: nil)
17
17
  customer = enterprise_account(enterprise_account_id: enterprise_account_id)
18
18
 
19
19
  identity_provider = customer.identity_providers.build(
@@ -22,12 +22,17 @@ module Osso
22
22
  oauth_client_id: oauth_client_id,
23
23
  )
24
24
 
25
- return response_data(identity_provider: identity_provider) if identity_provider.save
25
+ if identity_provider.save
26
+ Osso::Analytics.capture(email: context[:email], event: self.class.name.demodulize, properties: {
27
+ service: service, enterprise_account_id: enterprise_account_id, oauth_client_id: oauth_client_id
28
+ })
29
+ return response_data(identity_provider: identity_provider)
30
+ end
26
31
 
27
32
  response_error(identity_provider.errors)
28
33
  end
29
34
 
30
- def domain(enterprise_account_id:, **args)
35
+ def domain(enterprise_account_id:, **_args)
31
36
  enterprise_account(enterprise_account_id: enterprise_account_id)&.domain
32
37
  end
33
38