osso 0.0.7 → 0.0.8

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 3557c5b1128c7a026fa1ddb14cb570b6d247231f3dc7ef22c4ef60af427ec3a2
-  data.tar.gz: fa59daf216455edc141fc1c1dd20b965cb90122dfa7e0e30ad3d3fc46a348951
+  metadata.gz: e32f4645ca2763467c9558a6bf103cc5695de99b191e0e2a763e9d1be189e984
+  data.tar.gz: ca9c4d902553eee5132fc41c98a458441b20c6aa645bc8a33b48601c80e83392
 SHA512:
-  metadata.gz: 4089820668fa27aa45e7dbb92bf58713202657ec71e6bb2ca24d79b19176e9e444f9c114119489c08417909b7b6403c7e3a1342bf4caa3174d0d5dca77d822f3
-  data.tar.gz: 41f3deba4a448aa35c03cf5630b1eeb9784fa200b5bdd020a2c5e29d4b8f8df95da1af0d6dea942d71cdfff2c691948412053a834fd249f8e4b66116e4d025f5
+  metadata.gz: 1c58936f2fa400fb36955405512522bb1fb25ca3c6d8c3436b157d7d915e4db662070b93e1f6f6c7cb523d6f90043426b7bb8b6320967e09aac3be536587c840
+  data.tar.gz: '0359da56b5e70537d496a770d6f4e90a1ec248bc786e48b7a7f13dd3860729cb5d1a76de43a9666a486ad4727f3c032c22bdf0a4c0257ee3416d5d41164295c3'

data/Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    osso (0.0.7)
+    osso (0.0.8)
       activesupport (>= 6.0.3.2)
       bcrypt (~> 3.1.13)
       graphql
@@ -23,17 +23,17 @@ PATH
 GEM
   remote: https://rubygems.org/
   specs:
-    activemodel (6.0.3.4)
-      activesupport (= 6.0.3.4)
-    activerecord (6.0.3.4)
-      activemodel (= 6.0.3.4)
-      activesupport (= 6.0.3.4)
-    activesupport (6.0.3.4)
+    activemodel (6.1.0)
+      activesupport (= 6.1.0)
+    activerecord (6.1.0)
+      activemodel (= 6.1.0)
+      activesupport (= 6.1.0)
+    activesupport (6.1.0)
       concurrent-ruby (~> 1.0, >= 1.0.2)
-      i18n (>= 0.7, < 2)
-      minitest (~> 5.1)
-      tzinfo (~> 1.1)
-      zeitwerk (~> 2.2, >= 2.2.2)
+      i18n (>= 1.6, < 2)
+      minitest (>= 5.1)
+      tzinfo (~> 2.0)
+      zeitwerk (~> 2.3)
     addressable (2.7.0)
       public_suffix (>= 2.0.2, < 5.0)
     aes_key_wrap (1.1.0)
@@ -133,7 +133,7 @@ GEM
       diff-lcs (>= 1.2.0, < 2.0)
       rspec-support (~> 3.10.0)
     rspec-support (3.10.0)
-    rubocop (1.5.2)
+    rubocop (1.6.1)
       parallel (~> 1.10)
       parser (>= 2.7.1.5)
       rainbow (>= 2.2.2, < 4.0)
@@ -172,16 +172,15 @@ GEM
       rack-protection (= 2.1.0)
       sinatra (= 2.1.0)
       tilt (~> 2.0)
-    thread_safe (0.3.6)
     tilt (2.0.10)
-    tzinfo (1.2.8)
-      thread_safe (~> 0.1)
+    tzinfo (2.0.3)
+      concurrent-ruby (~> 1.0)
     unicode-display_width (1.7.0)
     webmock (3.10.0)
       addressable (>= 2.3.6)
       crack (>= 0.3.2)
       hashdiff (>= 0.4.0, < 2.0.0)
-    zeitwerk (2.4.1)
+    zeitwerk (2.4.2)
 
 PLATFORMS
   ruby

data/lib/osso/models/identity_provider.rb

@@ -30,6 +30,7 @@ module Osso
           idp_sso_target_url: sso_url,
           idp_cert: sso_cert,
           issuer: sso_issuer,
+          name_identifier_format: "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress"
         }
       end
 

data/lib/osso/routes/oauth.rb

@@ -16,13 +16,14 @@ module Osso
       # Once they complete IdP login, they will be returned to the
       # redirect_uri with an authorization code parameter.
       get '/authorize' do
-        identity_providers = find_providers
-
         validate_oauth_request(env)
 
-        redirect "/auth/saml/#{identity_providers.first.id}" if identity_providers.one?
+        return erb :hosted_login if render_hosted_login?
+
+        @providers = find_providers
+
+        redirect "/auth/saml/#{@providers.first.id}" if @providers.one?
 
-        @providers = identity_providers.not_pending
         return erb :multiple_providers if @providers.count > 1
 
         raise Osso::Error::MissingConfiguredIdentityProvider.new(domain: params[:domain])
@@ -61,6 +62,10 @@ module Osso
 
     private
 
+    def render_hosted_login?
+      [params[:email], params[:domain]].all?(&:nil?)
+    end
+
     def find_providers
       if params[:email]
         user = Osso::Models::User.
@@ -71,6 +76,7 @@ module Osso
 
       Osso::Models::IdentityProvider.
         joins(:oauth_client).
+        not_pending.
         where(
           domain: domain_from_params,
           oauth_clients: { identifier: params[:client_id] },

data/lib/osso/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Osso
-  VERSION = '0.0.7'
+  VERSION = '0.0.8'
 end

data/spec/models/identity_provider_spec.rb

@@ -66,6 +66,7 @@ describe Osso::Models::IdentityProvider do
           idp_cert: subject.sso_cert,
           idp_sso_target_url: subject.sso_url,
           issuer: subject.sso_issuer,
+          name_identifier_format: "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress"
         )
     end
   end

data/spec/routes/oauth_spec.rb

@@ -27,6 +27,20 @@ describe Osso::Oauth do
         end
       end
 
+      describe 'for a request without email or domain' do
+        it 'redirects to /auth/saml/:provider_id' do
+          get(
+            '/oauth/authorize',
+            client_id: client.identifier,
+            response_type: 'code',
+            redirect_uri: client.redirect_uri_values.sample,
+          )
+
+          expect(last_response).to be_ok
+          expect(last_response.body).to eq('HOSTED LOGIN')
+        end
+      end
+
       describe 'for an enterprise domain with one SAML provider' do
         it 'redirects to /auth/saml/:provider_id' do
           enterprise = create(:enterprise_with_okta, oauth_client: client)

data/spec/support/views/hosted_login.erb

@@ -0,0 +1 @@
+HOSTED LOGIN

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: osso
 version: !ruby/object:Gem::Version
-  version: 0.0.7
+  version: 0.0.8
 platform: ruby
 authors:
 - Sam Bauch
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2020-12-08 00:00:00.000000000 Z
+date: 2020-12-11 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activesupport
@@ -463,6 +463,7 @@ files:
 - spec/support/spec_app.rb
 - spec/support/views/admin.erb
 - spec/support/views/error.erb
+- spec/support/views/hosted_login.erb
 - spec/support/views/layout.erb
 - spec/support/views/multiple_providers.erb
 homepage: https://github.com/enterprise-oss/osso-rb