osso 0.0.8 → 0.0.10

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: e32f4645ca2763467c9558a6bf103cc5695de99b191e0e2a763e9d1be189e984
4
- data.tar.gz: ca9c4d902553eee5132fc41c98a458441b20c6aa645bc8a33b48601c80e83392
3
+ metadata.gz: c1ba94c32e61517dd429dd54e06ac24924ddb1245fff2c4dd1795d9e227972b4
4
+ data.tar.gz: bd239880638f0d8f344050c5fa92e110dc519c06e75321c28b3fa92e1860a2be
5
5
  SHA512:
6
- metadata.gz: 1c58936f2fa400fb36955405512522bb1fb25ca3c6d8c3436b157d7d915e4db662070b93e1f6f6c7cb523d6f90043426b7bb8b6320967e09aac3be536587c840
7
- data.tar.gz: '0359da56b5e70537d496a770d6f4e90a1ec248bc786e48b7a7f13dd3860729cb5d1a76de43a9666a486ad4727f3c032c22bdf0a4c0257ee3416d5d41164295c3'
6
+ metadata.gz: abb0e59b77e44230d47850e9e43d1a131a76694b6482706ce4d245f6832c823eeffebea468f75a4007e80ecf151271b5e9908e748e191b652c24c32984ff5c74
7
+ data.tar.gz: 12e250de2709aad8a60da53237a1489034d21f0caa05b084edabab93395266dd77060b0ad68a8d38956a9e8177315d3a35724a746aab04c438a3678194eeff4c
@@ -12,6 +12,7 @@ steps:
12
12
  - coverage/*
13
13
 
14
14
  - name: ":codeclimate:"
15
+ soft_fail: true
15
16
  plugins:
16
17
  - jobready/codeclimate-test-reporter#v2.0:
17
18
  artifact: "coverage/.resultset.json"
data/Gemfile CHANGED
@@ -13,7 +13,7 @@ group :test do
13
13
  gem 'rspec', '~> 3.10'
14
14
  gem 'rubocop'
15
15
  gem 'simplecov', '= 0.17', require: false
16
- gem 'webmock', '~> 3.10'
16
+ gem 'webmock', '~> 3.11'
17
17
  end
18
18
 
19
19
  gemspec
@@ -1,7 +1,7 @@
1
1
  PATH
2
2
  remote: .
3
3
  specs:
4
- osso (0.0.8)
4
+ osso (0.0.9)
5
5
  activesupport (>= 6.0.3.2)
6
6
  bcrypt (~> 3.1.13)
7
7
  graphql
@@ -13,7 +13,7 @@ PATH
13
13
  rack-contrib
14
14
  rack-oauth2
15
15
  rake
16
- rodauth (~> 2.6.0)
16
+ rodauth (>= 2.6, < 2.8)
17
17
  sequel (>= 5.37, < 5.40)
18
18
  sequel-activerecord_connection (>= 0.3, < 2.0)
19
19
  sinatra
@@ -66,7 +66,7 @@ GEM
66
66
  i18n (1.8.5)
67
67
  concurrent-ruby (~> 1.0)
68
68
  json (2.3.1)
69
- json-jwt (1.13.0)
69
+ json-jwt (1.12.0)
70
70
  activesupport (>= 4.2)
71
71
  aes_key_wrap
72
72
  bindata
@@ -91,7 +91,7 @@ GEM
91
91
  omniauth (~> 1.3, >= 1.3.2)
92
92
  ruby-saml (~> 1.9)
93
93
  parallel (1.20.1)
94
- parser (2.7.2.0)
94
+ parser (3.0.0.0)
95
95
  ast (~> 2.4.1)
96
96
  pg (1.2.3)
97
97
  pry (0.13.1)
@@ -112,12 +112,12 @@ GEM
112
112
  rack-test (1.1.0)
113
113
  rack (>= 1.0, < 3)
114
114
  rainbow (3.0.0)
115
- rake (13.0.1)
116
- regexp_parser (2.0.0)
115
+ rake (13.0.3)
116
+ regexp_parser (2.0.2)
117
117
  rexml (3.2.4)
118
- roda (3.38.0)
118
+ roda (3.39.0)
119
119
  rack
120
- rodauth (2.6.0)
120
+ rodauth (2.7.0)
121
121
  roda (>= 2.6.0)
122
122
  sequel (>= 4)
123
123
  rspec (3.10.0)
@@ -133,7 +133,7 @@ GEM
133
133
  diff-lcs (>= 1.2.0, < 2.0)
134
134
  rspec-support (~> 3.10.0)
135
135
  rspec-support (3.10.0)
136
- rubocop (1.6.1)
136
+ rubocop (1.7.0)
137
137
  parallel (~> 1.10)
138
138
  parser (>= 2.7.1.5)
139
139
  rainbow (>= 2.2.2, < 4.0)
@@ -176,7 +176,7 @@ GEM
176
176
  tzinfo (2.0.3)
177
177
  concurrent-ruby (~> 1.0)
178
178
  unicode-display_width (1.7.0)
179
- webmock (3.10.0)
179
+ webmock (3.11.0)
180
180
  addressable (>= 2.3.6)
181
181
  crack (>= 0.3.2)
182
182
  hashdiff (>= 0.4.0, < 2.0.0)
@@ -198,7 +198,7 @@ DEPENDENCIES
198
198
  rspec (~> 3.10)
199
199
  rubocop
200
200
  simplecov (= 0.17)
201
- webmock (~> 3.10)
201
+ webmock (~> 3.11)
202
202
 
203
203
  BUNDLED WITH
204
204
  2.1.4
data/Rakefile CHANGED
@@ -5,6 +5,7 @@
5
5
  # schema and migrations
6
6
 
7
7
  ENV['SESSION_SECRET'] ||= 'rake-secret'
8
+ ENV['BASE_URL'] ||= 'https://example.com'
8
9
 
9
10
  require 'bundler/gem_tasks'
10
11
  require 'sinatra/activerecord/rake'
@@ -1,6 +1,9 @@
1
1
  #!/usr/bin/env ruby
2
2
  # frozen_string_literal: true
3
3
 
4
+ ENV['SESSION_SECRET'] ||= 'irb-secret'
5
+ ENV['BASE_URL'] ||= 'https://example.com'
6
+
4
7
  require 'bundler/setup'
5
8
  require 'osso'
6
9
 
@@ -9,17 +9,42 @@ module Osso
9
9
  class Admin < Roda
10
10
  DB = Sequel.postgres(extensions: :activerecord_connection)
11
11
  use Rack::Session::Cookie, secret: ENV.fetch('SESSION_SECRET')
12
-
12
+
13
+ plugin :json
13
14
  plugin :middleware
14
15
  plugin :render, engine: 'erb', views: ENV['RODAUTH_VIEWS'] || DEFAULT_VIEWS_DIR
15
16
  plugin :route_csrf
16
17
 
17
18
  plugin :rodauth do
18
- enable :login, :verify_account
19
+ enable :login, :verify_account, :jwt
20
+
21
+ base_uri = URI.parse(ENV.fetch('BASE_URL'))
22
+ base_url base_uri
23
+ domain base_uri.host
24
+
25
+ jwt_secret ENV.fetch('SESSION_SECRET')
26
+ only_json? false
27
+
28
+ email_from { "Osso <no-reply@#{domain}>" }
19
29
  verify_account_set_password? true
20
- already_logged_in { redirect login_redirect }
21
30
  use_database_authentication_functions? false
22
31
 
32
+ verify_account_view do
33
+ render :admin
34
+ end
35
+
36
+ login_view do
37
+ render :admin
38
+ end
39
+
40
+ verify_account_email_subject do
41
+ DB[:accounts].one? ? 'Your Osso instance is ready' : 'You\'ve been invited to start using Osso'
42
+ end
43
+
44
+ verify_account_email_body do
45
+ DB[:accounts].one? ? render('verify-first-account-email') : render('verify-account-email')
46
+ end
47
+
23
48
  before_create_account_route do
24
49
  request.halt unless DB[:accounts].empty?
25
50
  end
@@ -31,13 +56,16 @@ module Osso
31
56
  r.rodauth
32
57
 
33
58
  def current_account
34
- Osso::Models::Account.find(rodauth.session['account_id']).
35
- context.
59
+ Osso::Models::Account.find(
60
+ rodauth.
61
+ session.
62
+ to_hash.
63
+ stringify_keys['account_id']
64
+ ).context.
36
65
  merge({ rodauth: rodauth })
37
66
  end
38
67
 
39
68
  r.on 'admin' do
40
- rodauth.require_authentication
41
69
  erb :admin, layout: false
42
70
  end
43
71
 
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module Osso
4
- VERSION = '0.0.8'
4
+ VERSION = '0.0.10'
5
5
  end
@@ -26,7 +26,7 @@ Gem::Specification.new do |spec|
26
26
  spec.add_runtime_dependency 'rack-contrib'
27
27
  spec.add_runtime_dependency 'rack-oauth2'
28
28
  spec.add_runtime_dependency 'rake'
29
- spec.add_runtime_dependency 'rodauth', '~> 2.6.0'
29
+ spec.add_runtime_dependency 'rodauth', '>= 2.6', '< 2.8'
30
30
  spec.add_runtime_dependency 'sequel', '>= 5.37', '< 5.40'
31
31
  spec.add_runtime_dependency 'sequel-activerecord_connection', '>= 0.3', '< 2.0'
32
32
  spec.add_runtime_dependency 'sinatra'
@@ -4,23 +4,41 @@ require 'spec_helper'
4
4
 
5
5
  describe Osso::Admin do
6
6
  describe 'get /admin' do
7
- it 'redirects to /login without a session' do
7
+ it 'renders the admin layout' do
8
8
  get('/admin')
9
9
 
10
- expect(last_response).to be_redirect
11
- follow_redirect!
12
- expect(last_request.url).to match('/login')
10
+ expect(last_response).to be_ok
13
11
  end
12
+ end
14
13
 
15
- xit 'renders the admin page for a valid session token' do
16
- password = SecureRandom.urlsafe_base64(16)
17
- account = create(:verified_account, password: password)
14
+ describe 'post /graphql' do
15
+ let(:account) { create(:account) }
18
16
 
19
- post('/login', { email: account.email, password: password })
17
+ it 'runs a GraphQL query with a valid jwt' do
18
+ allow_any_instance_of(described_class.rodauth).to receive(:logged_in?).and_return(true)
19
+ allow(Osso::Models::Account).to receive(:find).and_return(account)
20
+ allow(Osso::GraphQL::Schema).to receive(:execute).and_return({graphql: true})
20
21
 
21
- get('/admin')
22
+ header 'Content-Type', 'application/json'
23
+ post("/graphql")
22
24
 
23
25
  expect(last_response).to be_ok
26
+ expect(last_json_response).to eq({graphql: true})
27
+ end
28
+
29
+ it 'returns a 400 for an invalid jwt' do
30
+ header 'Content-Type', 'application/json'
31
+ header 'Authorization', 'Bearer bad-token'
32
+ post("/graphql")
33
+
34
+ expect(last_response.status).to eq 400
35
+ end
36
+
37
+ it 'returns a 401 without a jwt' do
38
+ header 'Content-Type', 'application/json'
39
+ post("/graphql")
40
+
41
+ expect(last_response.status).to eq 401
24
42
  end
25
43
  end
26
44
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: osso
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.0.8
4
+ version: 0.0.10
5
5
  platform: ruby
6
6
  authors:
7
7
  - Sam Bauch
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2020-12-11 00:00:00.000000000 Z
11
+ date: 2020-12-28 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: activesupport
@@ -168,16 +168,22 @@ dependencies:
168
168
  name: rodauth
169
169
  requirement: !ruby/object:Gem::Requirement
170
170
  requirements:
171
- - - "~>"
171
+ - - ">="
172
+ - !ruby/object:Gem::Version
173
+ version: '2.6'
174
+ - - "<"
172
175
  - !ruby/object:Gem::Version
173
- version: 2.6.0
176
+ version: '2.8'
174
177
  type: :runtime
175
178
  prerelease: false
176
179
  version_requirements: !ruby/object:Gem::Requirement
177
180
  requirements:
178
- - - "~>"
181
+ - - ">="
182
+ - !ruby/object:Gem::Version
183
+ version: '2.6'
184
+ - - "<"
179
185
  - !ruby/object:Gem::Version
180
- version: 2.6.0
186
+ version: '2.8'
181
187
  - !ruby/object:Gem::Dependency
182
188
  name: sequel
183
189
  requirement: !ruby/object:Gem::Requirement
@@ -455,7 +461,6 @@ files:
455
461
  - spec/models/enterprise_account_spec.rb
456
462
  - spec/models/identity_provider_spec.rb
457
463
  - spec/routes/admin_spec.rb
458
- - spec/routes/app_spec.rb
459
464
  - spec/routes/auth_spec.rb
460
465
  - spec/routes/oauth_spec.rb
461
466
  - spec/spec_helper.rb
@@ -1,6 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- require 'spec_helper'
4
-
5
- describe 'App' do
6
- end