osso 0.0.3 → 0.0.3.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: c4d6c8de140e9aee1afb784383da381c1fe16eb9816eb1ed0d6439a851e5aef2
-  data.tar.gz: e393a2c08eb2c64f9f151b06174aaf45b9d980081d3bc3a792984cf6e64f3b5f
+  metadata.gz: c702f0d417b5fdd0b2094303b1169b7095cf5b9b7a511086d51a4fd598ffd8e4
+  data.tar.gz: 5e26b9ce26e67a131a431f9bd9778d63bd6f6b1194aa06ffebc9e915312fa442
 SHA512:
-  metadata.gz: 331e8828f50de204268d11922a5dc6973b65bb03ba214e7f354f95713e75eb41143554fbbf42903daced8e9bec8bbfd19824e2866673f3a27c6348a62da40992
-  data.tar.gz: 42c3392315313792aa4012a582c395e7b304af4dfb720d0ebbbaa9407841b58924f910bcc963ff10a710f31e1a955f6643edfcb5894a2fe1c04e4d22f9a47dcb
+  metadata.gz: c58931d540f6f61140ae9708ec2c80b470274fb85c47cfc96eed440ae01da94adb1f5987be679f9aa20c17d20f22901bed550943447a1505d5073bb07730ba67
+  data.tar.gz: 56d28d4f79ae450c18759b400d2ce02aabad61775f930994ce84533da8ec589d43c8173bfe7f31a919d4c555d04da7c3852ebc5cc6c01f0946ecbabf83051c1d

data/.gitignore

@@ -7,3 +7,4 @@
 /spec/reports/
 /tmp/
 *.gem
+.DS_Store

data/Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    osso (0.0.3)
+    osso (0.0.3.1)
       activesupport (>= 6.0.3.2)
       jwt
       omniauth-multi-provider

data/db/schema.rb

@@ -0,0 +1 @@
+# frozen_string_literal: true

data/lib/osso/graphql/mutation.rb

@@ -0,0 +1,11 @@
+# frozen_string_literal: true
+
+require_relative 'mutations'
+
+module Types
+  class MutationType < BaseObject
+    field :configure_identity_provider, mutation: Mutations::ConfigureIdentityProvider
+    field :create_identity_provider, mutation: Mutations::CreateIdentityProvider
+    field :set_saml_provider, mutation: Mutations::SetSamlProvider
+  end
+end

data/lib/osso/graphql/mutations.rb

@@ -0,0 +1,9 @@
+# frozen_string_literal: true
+
+module Mutations
+end
+
+require_relative 'mutations/base_mutation'
+require_relative 'mutations/configure_identity_provider'
+require_relative 'mutations/create_identity_provider'
+require_relative 'mutations/set_saml_provider'

data/lib/osso/graphql/mutations/base_mutation.rb

@@ -0,0 +1,20 @@
+# frozen_string_literal: true
+
+module Mutations
+  class BaseMutation < GraphQL::Schema::RelayClassicMutation
+    # This is used for generating payload types
+    object_class Types::BaseObject
+    # # This is used for return fields on the mutation's payload
+    # field_class Types::BaseField
+    # # This is used for generating the `input: { ... }` object type
+    # input_object_class Types::BaseInputObject
+
+    def return_data(data)
+      data.merge(errors: [])
+    end
+
+    def return_error(error)
+      error.merge(data: nil)
+    end
+  end
+end

data/lib/osso/graphql/mutations/configure_identity_provider.rb

@@ -0,0 +1,26 @@
+# frozen_string_literal: true
+
+module Mutations
+  class ConfigureIdentityProvider < BaseMutation
+    null false
+    argument :id, ID, required: true
+    # argument :provider, Types::IdentityProviderService, required: true
+    argument :sso_url, String, required: true
+    argument :sso_cert, String, required: true
+
+    field :identity_provider, Types::IdentityProvider, null: true
+    field :errors, [String], null: false
+
+    def resolve(id:, sso_url:, sso_cert:)
+      provider = Osso::Models::SamlProvider.find(id)
+      provider.update(
+        idp_cert: sso_cert,
+        idp_sso_target_url: sso_url,
+      )
+
+      return_data(identity_provider: provider)
+      # rescue StandardError => e
+      #   return_error(errors: e.full_message)
+    end
+  end
+end

data/lib/osso/graphql/mutations/create_identity_provider.rb

@@ -0,0 +1,24 @@
+# frozen_string_literal: true
+
+module Mutations
+  class CreateIdentityProvider < BaseMutation
+    null false
+    argument :enterprise_account_id, ID, required: true
+    argument :provider_service, Types::IdentityProviderService, required: true
+
+    field :identity_provider, Types::IdentityProvider, null: false
+    field :errors, [String], null: false
+
+    def resolve(enterprise_account_id:, provider_service:)
+      enterprise_account = Osso::Models::EnterpriseAccount.find(enterprise_account_id)
+      identity_provider = enterprise_account.saml_providers.create!(
+        provider: provider_service || 'OKTA',
+        domain: enterprise_account.domain,
+      )
+
+      return_data(identity_provider: identity_provider)
+    rescue StandardError => e
+      return_error(errors: e.full_message)
+    end
+  end
+end

data/lib/osso/graphql/mutations/set_saml_provider.rb

@@ -0,0 +1,23 @@
+# frozen_string_literal: true
+
+module Mutations
+  class SetSamlProvider < BaseMutation
+    null false
+
+    argument :provider, Types::IdentityProviderService, required: true
+    argument :id, ID, required: true
+
+    field :identity_provider, Types::IdentityProvider, null: false
+    field :errors, [String], null: false
+
+    def resolve(provider:, id:)
+      saml_provider = Osso::Models::SamlProvider.find(id)
+      saml_provider.provider = provider
+      saml_provider.save!
+      {
+        saml_provider: saml_provider,
+        errors: [],
+      }
+    end
+  end
+end

data/lib/osso/graphql/query.rb

@@ -0,0 +1,28 @@
+# frozen_string_literal: true
+
+module Types
+  class QueryType < GraphQL::Schema::Object
+    # field :node, field: GraphQL::Relay::Node.field
+    field :enterprise_account, null: false, resolver: Resolvers::EnterpriseAccount do
+      argument :domain, String, required: true
+    end
+    field :enterprise_accounts, null: true, resolver: Resolvers::EnterpriseAccounts
+    field :oauth_clients, null: true, resolver: Resolvers::OAuthClients
+
+    field(
+      :identity_provider,
+      Types::IdentityProvider,
+      null: true,
+      resolve: ->(_obj, args, _context) { Osso::Models::SamlProvider.find(args[:id]) },
+    ) do
+      argument :id, ID, required: true
+    end
+
+    # field(
+    #   :viewer,
+    #   Types::User,
+    #   null: true,
+    #   resolve: ->(_obj, _args, context) { context[:current_user] },
+    # )
+  end
+end

data/lib/osso/graphql/resolvers.rb

@@ -0,0 +1,8 @@
+# frozen_string_literal: true
+
+module Resolvers
+end
+
+require_relative 'resolvers/enterprise_account'
+require_relative 'resolvers/enterprise_accounts'
+require_relative 'resolvers/oauth_clients'

data/lib/osso/graphql/resolvers/enterprise_account.rb

@@ -0,0 +1,21 @@
+# frozen_string_literal: true
+
+module Resolvers
+  class EnterpriseAccount < GraphQL::Schema::Resolver
+    type Types::EnterpriseAccount, null: false
+
+    def resolve(args)
+      return unless admin? || enterprise_authorized?(args[:domain])
+
+      Osso::Models::EnterpriseAccount.find_by(domain: args[:domain])
+    end
+
+    def admin?
+      context[:scope] == :admin
+    end
+
+    def enterprise_authorized?(domain)
+      context[:scope] == domain
+    end
+  end
+end

data/lib/osso/graphql/resolvers/enterprise_accounts.rb

@@ -0,0 +1,13 @@
+# frozen_string_literal: true
+
+module Resolvers
+  class EnterpriseAccounts < GraphQL::Schema::Resolver
+    type [Types::EnterpriseAccount], null: true
+
+    def resolve
+      return Osso::Models::EnterpriseAccount.all if context[:scope] == :admin
+
+      Array(Osso::Models::EnterpriseAccount.find_by(domain: context[:scope]))
+    end
+  end
+end

data/lib/osso/graphql/resolvers/oauth_clients.rb

@@ -0,0 +1,11 @@
+# frozen_string_literal: true
+
+module Resolvers
+  class OAuthClients < GraphQL::Schema::Resolver
+    type [Types::OAuthClient], null: true
+
+    def resolve
+      return Osso::Models::OAuthClient.all if context[:scope] == :admin
+    end
+  end
+end

data/lib/osso/graphql/schema.rb

@@ -0,0 +1,38 @@
+# frozen_string_literal: true
+
+require 'graphql'
+require_relative 'types'
+require_relative 'resolvers'
+require_relative 'mutation'
+require_relative 'query'
+
+GraphQL::Relay::BaseConnection.register_connection_implementation(
+  ActiveRecord::Relation,
+  GraphQL::Relay::RelationConnection,
+)
+
+class OssoSchema < GraphQL::Schema
+  query Types::QueryType
+  mutation Types::MutationType
+  use GraphQL::Pagination::Connections
+
+  def self.id_from_object(object, _type_definition = nil, _query_ctx = nil)
+    GraphQL::Schema::UniqueWithinType.encode(object.class.name, object.id)
+  end
+
+  def self.object_from_id(id, _query_ctx = nil)
+    class_name, item_id = GraphQL::Schema::UniqueWithinType.decode(id)
+    Object.const_get(class_name).find(item_id)
+  end
+
+  def self.resolve_type(_type, obj, _ctx)
+    case obj
+    when Osso::Models::EnterpriseAccount
+      Types::EnterpriseAccount
+    when Osso::Models::SamlProvider
+      Types::IdentityProvider
+    else
+      raise("Unexpected object: #{obj}")
+    end
+  end
+end

data/lib/osso/graphql/types.rb

@@ -0,0 +1,12 @@
+# frozen_string_literal: true
+
+module Types
+end
+
+require_relative 'types/base_object'
+require_relative 'types/base_enum'
+require_relative 'types/identity_provider_service'
+require_relative 'types/identity_provider'
+require_relative 'types/enterprise_account'
+require_relative 'types/oauth_client'
+require_relative 'types/user'

data/lib/osso/graphql/types/base_enum.rb

@@ -0,0 +1,6 @@
+# frozen_string_literal: true
+
+module Types
+  class BaseEnum < GraphQL::Schema::Enum
+  end
+end

data/lib/osso/graphql/types/base_object.rb

@@ -0,0 +1,8 @@
+# frozen_string_literal: true
+
+require 'graphql'
+
+module Types
+  class BaseObject < GraphQL::Schema::Object
+  end
+end

data/lib/osso/graphql/types/enterprise_account.rb

@@ -0,0 +1,29 @@
+# frozen_string_literal: true
+
+require 'graphql'
+
+module Types
+  class EnterpriseAccount < Types::BaseObject
+    description 'An Account for a company that wishes to use SAML via Osso'
+    implements GraphQL::Types::Relay::Node
+
+    global_id_field :gid
+    field :id, ID, null: false
+    field :name, String, null: false
+    field :domain, String, null: false
+    field :identity_providers, [Types::IdentityProvider], null: true
+    field :status, String, null: false
+
+    def name
+      object.domain.gsub('.com', '')
+    end
+
+    def status
+      'active'
+    end
+
+    def identity_providers
+      object.saml_providers
+    end
+  end
+end

data/lib/osso/graphql/types/identity_provider.rb

@@ -0,0 +1,36 @@
+# frozen_string_literal: true
+
+require 'graphql'
+
+module Types
+  class IdentityProvider < Types::BaseObject
+    description 'Represents a SAML based IDP instance for an EnterpriseAccount'
+    implements GraphQL::Types::Relay::Node
+
+    global_id_field :gid
+    field :id, ID, null: false
+    field :enterprise_Account_id, ID, null: false
+    field :service, Types::IdentityProviderService, null: true
+    field :domain, String, null: false
+    field :acs_url, String, null: false
+    field :sso_url, String, null: true
+    field :sso_cert, String, null: true
+    field :configured, Boolean, null: false
+
+    def service
+      @object.provider
+    end
+
+    def configured
+      @object.idp_sso_target_url && @object.idp_cert
+    end
+
+    def sso_cert
+      @object.idp_cert
+    end
+
+    def sso_url
+      @object.idp_sso_target_url
+    end
+  end
+end

data/lib/osso/graphql/types/identity_provider_service.rb

@@ -0,0 +1,8 @@
+# frozen_string_literal: true
+
+module Types
+  class IdentityProviderService < BaseEnum
+    value('AZURE', 'Microsoft Azure Identity Provider', value: 'Osso::Models::AzureSamlProvider')
+    value('OKTA', 'Okta Identity Provider', value: 'Osso::Models::OktaSamlProvider')
+  end
+end

data/lib/osso/graphql/types/oauth_client.rb

@@ -0,0 +1,16 @@
+# frozen_string_literal: true
+
+require 'graphql'
+
+module Types
+  class OAuthClient < Types::BaseObject
+    description 'An OAuth client used to consume Osso SAML users'
+    implements GraphQL::Types::Relay::Node
+
+    global_id_field :gid
+    field :id, ID, null: false
+    field :name, String, null: false
+    field :client_id, String, null: false
+    field :client_secret, String, null: false
+  end
+end

data/lib/osso/graphql/types/user.rb

@@ -0,0 +1,12 @@
+# frozen_string_literal: true
+
+require 'graphql'
+require_relative 'base_object'
+module Types
+  class User < Types::BaseObject
+    description 'A User of the application'
+
+    field :id, ID, null: false
+    field :name, String, null: true
+  end
+end

data/lib/osso/routes/admin.rb

@@ -14,7 +14,7 @@ module Osso
     get '/' do
       admin_protected!
 
-      erb :'public/index'
+      erb :admin
     end
 
     get '/enterprise' do
@@ -26,10 +26,6 @@ module Osso
     get '/enterprise/:domain' do
       enterprise_protected!(params[:domain])
 
-      @enterprise = Models::EnterpriseAccount.where(
-        domain: params[:domain],
-      ).first_or_create
-
       erb :admin
     end
 

data/lib/osso/routes/oauth.rb

@@ -24,7 +24,8 @@ module Osso
         redirect "/auth/saml/#{@enterprise.provider.id}"
       end
 
-      erb :multiple_providers
+      # TODO: multiple provider support
+      # erb :multiple_providers
 
     rescue Rack::OAuth2::Server::Authorize::BadRequest => e
       @error = e

data/lib/osso/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Osso
-  VERSION = '0.0.3'
+  VERSION = '0.0.3.1'
 end

data/spec/routes/admin_spec.rb

@@ -9,6 +9,7 @@ describe Osso::Admin do
   before do
     ENV['JWT_URL'] = jwt_url
     ENV['JWT_HMAC_SECRET'] = jwt_hmac_secret
+    described_class.set(:views, spec_views)
   end
 
   describe 'get /admin' do

data/spec/spec_helper.rb

@@ -40,6 +40,10 @@ module RSpecMixin
   def last_json_response
     JSON.parse(last_response.body, symbolize_names: true)
   end
+
+  def spec_views
+    File.dirname(__FILE__) + '/support/views'
+  end
 end
 
 RSpec.configure do |config|

data/spec/support/views/public/index.erb

@@ -0,0 +1,5 @@
+<%# 
+    NB: this file exists so that the admin routes have something to render in spec.
+    In real-world usage, those routes render an index.html file that includes the
+    React app.
+ %>

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: osso
 version: !ruby/object:Gem::Version
-  version: 0.0.3
+  version: 0.0.3.1
 platform: ruby
 authors:
 - Sam Bauch
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2020-07-04 00:00:00.000000000 Z
+date: 2020-07-09 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activesupport
@@ -218,6 +218,7 @@ files:
 - bin/console
 - bin/setup
 - config/database.yml
+- db/schema.rb
 - lib/.DS_Store
 - lib/osso.rb
 - lib/osso/Rakefile
@@ -237,6 +238,27 @@ files:
 - lib/osso/db/migrate/20200502135008_add_oauth_client_id_to_enterprise_account.rb
 - lib/osso/db/migrate/20200601131227_drop_null_constraint_from_saml_providers_provider.rb
 - lib/osso/db/schema.rb
+- lib/osso/graphql/.DS_Store
+- lib/osso/graphql/mutation.rb
+- lib/osso/graphql/mutations.rb
+- lib/osso/graphql/mutations/base_mutation.rb
+- lib/osso/graphql/mutations/configure_identity_provider.rb
+- lib/osso/graphql/mutations/create_identity_provider.rb
+- lib/osso/graphql/mutations/set_saml_provider.rb
+- lib/osso/graphql/query.rb
+- lib/osso/graphql/resolvers.rb
+- lib/osso/graphql/resolvers/enterprise_account.rb
+- lib/osso/graphql/resolvers/enterprise_accounts.rb
+- lib/osso/graphql/resolvers/oauth_clients.rb
+- lib/osso/graphql/schema.rb
+- lib/osso/graphql/types.rb
+- lib/osso/graphql/types/base_enum.rb
+- lib/osso/graphql/types/base_object.rb
+- lib/osso/graphql/types/enterprise_account.rb
+- lib/osso/graphql/types/identity_provider.rb
+- lib/osso/graphql/types/identity_provider_service.rb
+- lib/osso/graphql/types/oauth_client.rb
+- lib/osso/graphql/types/user.rb
 - lib/osso/helpers/auth.rb
 - lib/osso/helpers/helpers.rb
 - lib/osso/lib/app_config.rb
@@ -275,7 +297,7 @@ files:
 - spec/routes/auth_spec.rb
 - spec/routes/oauth_spec.rb
 - spec/spec_helper.rb
-- spec/support/vcr_cassettes/okta_saml_callback.yml
+- spec/support/views/public/index.erb
 homepage: https://github.com/enterprise-oss/osso-rb
 licenses:
 - MIT

data/spec/support/vcr_cassettes/okta_saml_callback.yml

@@ -1,59 +0,0 @@
----
-http_interactions:
-- request:
-    method: post
-    uri: http://localhost:9292/auth/saml/:uuid/callback
-    body:
-      encoding: ASCII-8BIT
-      string: SAMLResponse=PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48c2FtbDJwOlJlc3BvbnNlIERlc3RpbmF0aW9uPSJodHRwOi8vbG9jYWxob3N0OjkyOTIvYXV0aC9zYW1sLzY4ZTkwNTdjLTQ2MmYtNDM3Zi04NDRkLTk4NzI0ZmVmOWQ0My9jYWxsYmFjayIgSUQ9ImlkMTgyOTI5NzEwODgzMjU2OTIyMDE3Nzc0NDUyIiBJblJlc3BvbnNlVG89Il81NGM0ZjE5MS0xYmY3LTRiMDItOTZlYS0zNGQ4NTU1YWVjYWEiIElzc3VlSW5zdGFudD0iMjAyMC0wNC0xMVQxNjozMjoxOC40MjRaIiBWZXJzaW9uPSIyLjAiIHhtbG5zOnNhbWwycD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOnByb3RvY29sIiB4bWxuczp4cz0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEiPjxzYW1sMjpJc3N1ZXIgRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6bmFtZWlkLWZvcm1hdDplbnRpdHkiIHhtbG5zOnNhbWwyPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXNzZXJ0aW9uIj5odHRwOi8vd3d3Lm9rdGEuY29tL2V4azUxMzI2YjNVMTk0MUhmNHg2PC9zYW1sMjpJc3N1ZXI%2BPGRzOlNpZ25hdHVyZSB4bWxuczpkcz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC8wOS94bWxkc2lnIyI%2BPGRzOlNpZ25lZEluZm8%2BPGRzOkNhbm9uaWNhbGl6YXRpb25NZXRob2QgQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxLzEwL3htbC1leGMtYzE0biMiLz48ZHM6U2lnbmF0dXJlTWV0aG9kIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS8wNC94bWxkc2lnLW1vcmUjcnNhLXNoYTI1NiIvPjxkczpSZWZlcmVuY2UgVVJJPSIjaWQxODI5Mjk3MTA4ODMyNTY5MjIwMTc3NzQ0NTIiPjxkczpUcmFuc2Zvcm1zPjxkczpUcmFuc2Zvcm0gQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwLzA5L3htbGRzaWcjZW52ZWxvcGVkLXNpZ25hdHVyZSIvPjxkczpUcmFuc2Zvcm0gQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxLzEwL3htbC1leGMtYzE0biMiPjxlYzpJbmNsdXNpdmVOYW1lc3BhY2VzIFByZWZpeExpc3Q9InhzIiB4bWxuczplYz0iaHR0cDovL3d3dy53My5vcmcvMjAwMS8xMC94bWwtZXhjLWMxNG4jIi8%2BPC9kczpUcmFuc2Zvcm0%2BPC9kczpUcmFuc2Zvcm1zPjxkczpEaWdlc3RNZXRob2QgQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxLzA0L3htbGVuYyNzaGEyNTYiLz48ZHM6RGlnZXN0VmFsdWU%2BZEpWb0Z6Y01zTjV3TmNJRWtJWkxqb1JjWDRpMzVYekI3RGg4ZE0wU1pMZz08L2RzOkRpZ2VzdFZhbHVlPjwvZHM6UmVmZXJlbmNlPjwvZHM6U2lnbmVkSW5mbz48ZHM6U2lnbmF0dXJlVmFsdWU%2BdnFES0RhVk8vYlRkRW5hNlMwNHdQV0hicXdNQ1JHdStjRVRxOE9FR2pzK1drTUVBQVYzeEFnNitUZTB2Z0haSjlTWnhwSW9iWEdadVQvVFFnbnAyczNMM1FvaUx5UVFwOExXQnl0b1A0UWhSV1dNY1N3UHlUYWI5TmRUT1RWeXJBckJxZHFFVXN0M0Z5cVpLSVFlbUpocWU4ckk4cmJwQTI2YUFqc2xNZkRIZHNMTFlFMjUwTXpPdG9wdVppNHpvdDZDSTl1NFVRK2dsOWdqSUJyai9sZ3BQME5mZ3RXM01QNVRQOGxsaEpmVXJ4MjhLWGZjSHpOa1RDU1BxVTRwLzZCRTV5dm5QcmJVTE1EWWZQWG5aV0t5d0JpRkNyaTgydmNOdElXVHUvcmkrejNRT0p6dFRiTkdKU0ZjWHdkWHpheG8xdS9SN3ZUQlJPOCtuZEFsL1VBPT08L2RzOlNpZ25hdHVyZVZhbHVlPjxkczpLZXlJbmZvPjxkczpYNTA5RGF0YT48ZHM6WDUwOUNlcnRpZmljYXRlPk1JSURwRENDQW95Z0F3SUJBZ0lHQVhFaUQ0TGxNQTBHQ1NxR1NJYjNEUUVCQ3dVQU1JR1NNUXN3Q1FZRFZRUUdFd0pWVXpFVE1CRUcKQTFVRUNBd0tRMkZzYVdadmNtNXBZVEVXTUJRR0ExVUVCd3dOVTJGdUlFWnlZVzVqYVhOamJ6RU5NQXNHQTFVRUNnd0VUMnQwWVRFVQpNQklHQTFVRUN3d0xVMU5QVUhKdmRtbGtaWEl4RXpBUkJnTlZCQU1NQ21SbGRpMHhOakl3TWpReEhEQWFCZ2txaGtpRzl3MEJDUUVXCkRXbHVabTlBYjJ0MFlTNWpiMjB3SGhjTk1qQXdNekk0TVRZMU1UVTBXaGNOTXpBd016STRNVFkxTWpVMFdqQ0JrakVMTUFrR0ExVUUKQmhNQ1ZWTXhFekFSQmdOVkJBZ01Da05oYkdsbWIzSnVhV0V4RmpBVUJnTlZCQWNNRFZOaGJpQkdjbUZ1WTJselkyOHhEVEFMQmdOVgpCQW9NQkU5cmRHRXhGREFTQmdOVkJBc01DMU5UVDFCeWIzWnBaR1Z5TVJNd0VRWURWUVFEREFwa1pYWXRNVFl5TURJME1Sd3dHZ1lKCktvWklodmNOQVFrQkZnMXBibVp2UUc5cmRHRXVZMjl0TUlJQklqQU5CZ2txaGtpRzl3MEJBUUVGQUFPQ0FROEFNSUlCQ2dLQ0FRRUEKd3NuUDRVVGZ2M2J4UjVKaDBhdDUxRHFqaitmS3hGem56RlczWEE1TmJGMlNsUkxqZVljdmozKzQ3VEMwZVA2eE9zTFdmbnZkbng0dgpkZDlVZm43akRDbzVwTDNKeWtNVkVoMkkwc3pGM1JMQythNTMyQXJjd2dVOVB4NDgrcldWd1BrQVNTN2w0TkhBTTQrZ09CSEpNUXQyCkFNb2hQVDBrVTQxUDhCRVB6ZndoTnlpRVhSNjZKTlpJSlVFOGZNM1ZwZ254bS9WU3dZekpmME5mT3lmeHY4SmN6RjB6a0RicEU3VGsKM1d3L1BGRkxvTXhXemFuV0dKUStibG5odjZVVjZINGZjZkFiY3dBcGxPZElWSGpTMmdoWUJ2WU5HYWh1RnhqaWEwKzZjc3laR3J0OApINFhtUjVEcitqWFk1SzFiMVZPQTBrMTkvRkNuSEhOL3NtbjI1d0lEQVFBQk1BMEdDU3FHU0liM0RRRUJDd1VBQTRJQkFRQmdEOU5FCjRPQ3VSMSt2dWNWOFMxVDZYWElMMmhCN2JYQkFaRVZIWjFhRXJSemt0Z1hBTWdWd0cyNjd2SWtENVZPWEJpVHk5eU5VNUxLNkczazIKemV3VTE5MHNMMWRNZnlQbm9WWnluOTRudndlOUErb24wdG1aZG1rMDB4aXJLazNGSmRhY25aTkU5RGwvYWZJcmNOZjZ4QW0wV3NVOQprYk1pUnd3dmpPNFRBaXlnRFF6YnJSQzhaZm1UM2hwQmEzYVRVekFjY3J2RVFjZ2FyTGs0cjdValhQN2EybUNOM1VJSWgrc25OMk1zCnZYSEwwcjZmTTN4Ym5peis1bGxlV3RQRnc3M3l5U0JjOHpua1daNFRuOExoMHI2bzVuQ1JZYnIyUkVVQjdaSWZpSXlCYlp4SXA0a3YKYStoYWJiblFERmlOVnpFZDhPUFhIaDRFcUx4T1BEUlc8L2RzOlg1MDlDZXJ0aWZpY2F0ZT48L2RzOlg1MDlEYXRhPjwvZHM6S2V5SW5mbz48L2RzOlNpZ25hdHVyZT48c2FtbDJwOlN0YXR1cyB4bWxuczpzYW1sMnA9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpwcm90b2NvbCI%2BPHNhbWwycDpTdGF0dXNDb2RlIFZhbHVlPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6c3RhdHVzOlN1Y2Nlc3MiLz48L3NhbWwycDpTdGF0dXM%2BPHNhbWwyOkFzc2VydGlvbiBJRD0iaWQxODI5Mjk3MTA4ODQyMDg3MzY4MzU5Njg1MiIgSXNzdWVJbnN0YW50PSIyMDIwLTA0LTExVDE2OjMyOjE4LjQyNFoiIFZlcnNpb249IjIuMCIgeG1sbnM6c2FtbDI9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphc3NlcnRpb24iIHhtbG5zOnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSI%2BPHNhbWwyOklzc3VlciBGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpuYW1laWQtZm9ybWF0OmVudGl0eSIgeG1sbnM6c2FtbDI9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphc3NlcnRpb24iPmh0dHA6Ly93d3cub2t0YS5jb20vZXhrNTEzMjZiM1UxOTQxSGY0eDY8L3NhbWwyOklzc3Vlcj48ZHM6U2lnbmF0dXJlIHhtbG5zOmRzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwLzA5L3htbGRzaWcjIj48ZHM6U2lnbmVkSW5mbz48ZHM6Q2Fub25pY2FsaXphdGlvbk1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvMTAveG1sLWV4Yy1jMTRuIyIvPjxkczpTaWduYXR1cmVNZXRob2QgQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxLzA0L3htbGRzaWctbW9yZSNyc2Etc2hhMjU2Ii8%2BPGRzOlJlZmVyZW5jZSBVUkk9IiNpZDE4MjkyOTcxMDg4NDIwODczNjgzNTk2ODUyIj48ZHM6VHJhbnNmb3Jtcz48ZHM6VHJhbnNmb3JtIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMC8wOS94bWxkc2lnI2VudmVsb3BlZC1zaWduYXR1cmUiLz48ZHM6VHJhbnNmb3JtIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS8xMC94bWwtZXhjLWMxNG4jIj48ZWM6SW5jbHVzaXZlTmFtZXNwYWNlcyBQcmVmaXhMaXN0PSJ4cyIgeG1sbnM6ZWM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvMTAveG1sLWV4Yy1jMTRuIyIvPjwvZHM6VHJhbnNmb3JtPjwvZHM6VHJhbnNmb3Jtcz48ZHM6RGlnZXN0TWV0aG9kIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS8wNC94bWxlbmMjc2hhMjU2Ii8%2BPGRzOkRpZ2VzdFZhbHVlPjJ0ekZZTktpNTRBVTV0L3R1UUZJS0Q2aHdlWlRqc1FYSTFzWmFreUE3Y0k9PC9kczpEaWdlc3RWYWx1ZT48L2RzOlJlZmVyZW5jZT48L2RzOlNpZ25lZEluZm8%2BPGRzOlNpZ25hdHVyZVZhbHVlPkxJakdOK0RRRExldUE4clF4Q0Yvblp2c3ZCM0VLWjFaUHA3cUU4ZXZZVGY3R01lWGlVa3hXaTkvbGQ1d2p2YWFjaG5ZOXBMV0FObStFRGo4aUhGcnI1a1dINWJZZUI3b0JybVY1NDlTMmpJWW5pbmJBT055T2d3TVRpWXJUQkZ3czg1dHVYb2h0N3JBcVRrWVBjY2FnanJyQW5sYnNyK3BVb3FZYzZMOHZUczR3d2x0MzJiVXF0TThCOG5XS1NmWFBMTEo3VlVGeFhFQm1iV1JsbjJBcjgyN2dhT1dGemoyQXcxWGw2bUZFTllscDVib3hoSlVkRHJDMHNkaW01YXZmQU5jSXFrMjJFQkc5aFRZNUdnbzlrTjBSYkgvYm15MTc5K0lDaWo5R2hlZ2xmWGVpV3pVaWlLUkF1WS8zbEVLZnBYQ2lpaVRVbGdUcHFxdzhnNjNvZz09PC9kczpTaWduYXR1cmVWYWx1ZT48ZHM6S2V5SW5mbz48ZHM6WDUwOURhdGE%2BPGRzOlg1MDlDZXJ0aWZpY2F0ZT5NSUlEcERDQ0FveWdBd0lCQWdJR0FYRWlENExsTUEwR0NTcUdTSWIzRFFFQkN3VUFNSUdTTVFzd0NRWURWUVFHRXdKVlV6RVRNQkVHCkExVUVDQXdLUTJGc2FXWnZjbTVwWVRFV01CUUdBMVVFQnd3TlUyRnVJRVp5WVc1amFYTmpiekVOTUFzR0ExVUVDZ3dFVDJ0MFlURVUKTUJJR0ExVUVDd3dMVTFOUFVISnZkbWxrWlhJeEV6QVJCZ05WQkFNTUNtUmxkaTB4TmpJd01qUXhIREFhQmdrcWhraUc5dzBCQ1FFVwpEV2x1Wm05QWIydDBZUzVqYjIwd0hoY05NakF3TXpJNE1UWTFNVFUwV2hjTk16QXdNekk0TVRZMU1qVTBXakNCa2pFTE1Ba0dBMVVFCkJoTUNWVk14RXpBUkJnTlZCQWdNQ2tOaGJHbG1iM0p1YVdFeEZqQVVCZ05WQkFjTURWTmhiaUJHY21GdVkybHpZMjh4RFRBTEJnTlYKQkFvTUJFOXJkR0V4RkRBU0JnTlZCQXNNQzFOVFQxQnliM1pwWkdWeU1STXdFUVlEVlFRRERBcGtaWFl0TVRZeU1ESTBNUnd3R2dZSgpLb1pJaHZjTkFRa0JGZzFwYm1adlFHOXJkR0V1WTI5dE1JSUJJakFOQmdrcWhraUc5dzBCQVFFRkFBT0NBUThBTUlJQkNnS0NBUUVBCndzblA0VVRmdjNieFI1SmgwYXQ1MURxamorZkt4RnpuekZXM1hBNU5iRjJTbFJMamVZY3ZqMys0N1RDMGVQNnhPc0xXZm52ZG54NHYKZGQ5VWZuN2pEQ281cEwzSnlrTVZFaDJJMHN6RjNSTEMrYTUzMkFyY3dnVTlQeDQ4K3JXVndQa0FTUzdsNE5IQU00K2dPQkhKTVF0MgpBTW9oUFQwa1U0MVA4QkVQemZ3aE55aUVYUjY2Sk5aSUpVRThmTTNWcGdueG0vVlN3WXpKZjBOZk95Znh2OEpjekYwemtEYnBFN1RrCjNXdy9QRkZMb014V3phbldHSlErYmxuaHY2VVY2SDRmY2ZBYmN3QXBsT2RJVkhqUzJnaFlCdllOR2FodUZ4amlhMCs2Y3N5WkdydDgKSDRYbVI1RHIralhZNUsxYjFWT0EwazE5L0ZDbkhITi9zbW4yNXdJREFRQUJNQTBHQ1NxR1NJYjNEUUVCQ3dVQUE0SUJBUUJnRDlORQo0T0N1UjErdnVjVjhTMVQ2WFhJTDJoQjdiWEJBWkVWSFoxYUVyUnprdGdYQU1nVndHMjY3dklrRDVWT1hCaVR5OXlOVTVMSzZHM2syCnpld1UxOTBzTDFkTWZ5UG5vVlp5bjk0bnZ3ZTlBK29uMHRtWmRtazAweGlyS2szRkpkYWNuWk5FOURsL2FmSXJjTmY2eEFtMFdzVTkKa2JNaVJ3d3ZqTzRUQWl5Z0RRemJyUkM4WmZtVDNocEJhM2FUVXpBY2NydkVRY2dhckxrNHI3VWpYUDdhMm1DTjNVSUloK3NuTjJNcwp2WEhMMHI2Zk0zeGJuaXorNWxsZVd0UEZ3NzN5eVNCYzh6bmtXWjRUbjhMaDByNm81bkNSWWJyMlJFVUI3WklmaUl5QmJaeElwNGt2CmEraGFiYm5RREZpTlZ6RWQ4T1BYSGg0RXFMeE9QRFJXPC9kczpYNTA5Q2VydGlmaWNhdGU%2BPC9kczpYNTA5RGF0YT48L2RzOktleUluZm8%2BPC9kczpTaWduYXR1cmU%2BPHNhbWwyOlN1YmplY3QgeG1sbnM6c2FtbDI9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphc3NlcnRpb24iPjxzYW1sMjpOYW1lSUQgRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoxLjE6bmFtZWlkLWZvcm1hdDp1bnNwZWNpZmllZCI%2Bc2FtQHZjYXJkbWUuY29tPC9zYW1sMjpOYW1lSUQ%2BPHNhbWwyOlN1YmplY3RDb25maXJtYXRpb24gTWV0aG9kPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6Y206YmVhcmVyIj48c2FtbDI6U3ViamVjdENvbmZpcm1hdGlvbkRhdGEgSW5SZXNwb25zZVRvPSJfNTRjNGYxOTEtMWJmNy00YjAyLTk2ZWEtMzRkODU1NWFlY2FhIiBOb3RPbk9yQWZ0ZXI9IjIwMjAtMDQtMTFUMTY6Mzc6MTguNDI0WiIgUmVjaXBpZW50PSJodHRwOi8vbG9jYWxob3N0OjkyOTIvYXV0aC9zYW1sLzY4ZTkwNTdjLTQ2MmYtNDM3Zi04NDRkLTk4NzI0ZmVmOWQ0My9jYWxsYmFjayIvPjwvc2FtbDI6U3ViamVjdENvbmZpcm1hdGlvbj48L3NhbWwyOlN1YmplY3Q%2BPHNhbWwyOkNvbmRpdGlvbnMgTm90QmVmb3JlPSIyMDIwLTA0LTExVDE2OjI3OjE4LjQyNFoiIE5vdE9uT3JBZnRlcj0iMjAyMC0wNC0xMVQxNjozNzoxOC40MjRaIiB4bWxuczpzYW1sMj0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmFzc2VydGlvbiI%2BPHNhbWwyOkF1ZGllbmNlUmVzdHJpY3Rpb24%2BPHNhbWwyOkF1ZGllbmNlPjY4ZTkwNTdjLTQ2MmYtNDM3Zi04NDRkLTk4NzI0ZmVmOWQ0Mzwvc2FtbDI6QXVkaWVuY2U%2BPC9zYW1sMjpBdWRpZW5jZVJlc3RyaWN0aW9uPjwvc2FtbDI6Q29uZGl0aW9ucz48c2FtbDI6QXV0aG5TdGF0ZW1lbnQgQXV0aG5JbnN0YW50PSIyMDIwLTA0LTExVDE2OjMyOjE4LjQyNFoiIFNlc3Npb25JbmRleD0iXzU0YzRmMTkxLTFiZjctNGIwMi05NmVhLTM0ZDg1NTVhZWNhYSIgeG1sbnM6c2FtbDI9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphc3NlcnRpb24iPjxzYW1sMjpBdXRobkNvbnRleHQ%2BPHNhbWwyOkF1dGhuQ29udGV4dENsYXNzUmVmPnVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphYzpjbGFzc2VzOlBhc3N3b3JkUHJvdGVjdGVkVHJhbnNwb3J0PC9zYW1sMjpBdXRobkNvbnRleHRDbGFzc1JlZj48L3NhbWwyOkF1dGhuQ29udGV4dD48L3NhbWwyOkF1dGhuU3RhdGVtZW50PjxzYW1sMjpBdHRyaWJ1dGVTdGF0ZW1lbnQgeG1sbnM6c2FtbDI9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphc3NlcnRpb24iPjxzYW1sMjpBdHRyaWJ1dGUgTmFtZT0iZW1haWwiIE5hbWVGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphdHRybmFtZS1mb3JtYXQ6dW5zcGVjaWZpZWQiPjxzYW1sMjpBdHRyaWJ1dGVWYWx1ZSB4bWxuczp4cz0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEiIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIHhzaTp0eXBlPSJ4czpzdHJpbmciPnNhbUB2Y2FyZG1lLmNvbTwvc2FtbDI6QXR0cmlidXRlVmFsdWU%2BPC9zYW1sMjpBdHRyaWJ1dGU%2BPHNhbWwyOkF0dHJpYnV0ZSBOYW1lPSJpZCIgTmFtZUZvcm1hdD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmF0dHJuYW1lLWZvcm1hdDp1bnNwZWNpZmllZCI%2BPHNhbWwyOkF0dHJpYnV0ZVZhbHVlIHhtbG5zOnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIgeG1sbnM6eHNpPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYS1pbnN0YW5jZSIgeHNpOnR5cGU9InhzOnN0cmluZyI%2BMDB1NTEwd2pwNDRmdDNEUm80eDY8L3NhbWwyOkF0dHJpYnV0ZVZhbHVlPjwvc2FtbDI6QXR0cmlidXRlPjwvc2FtbDI6QXR0cmlidXRlU3RhdGVtZW50Pjwvc2FtbDI6QXNzZXJ0aW9uPjwvc2FtbDJwOlJlc3BvbnNlPg%3D%3D&RelayState=
-    headers:
-      Host:
-      - localhost:9292
-      Connection:
-      - keep-alive
-      Cache-Control:
-      - max-age=0
-      Upgrade-Insecure-Requests:
-      - '1'
-      Origin:
-      - 'null'
-      User-Agent:
-      - Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_4) AppleWebKit/537.36 (KHTML,
-        like Gecko) Chrome/80.0.3987.163 Safari/537.36
-      Sec-Fetch-Dest:
-      - document
-      Accept:
-      - text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
-      Sec-Fetch-Site:
-      - cross-site
-      Sec-Fetch-Mode:
-      - navigate
-      Accept-Encoding:
-      - gzip, deflate, br
-      Accept-Language:
-      - en-US,en;q=0.9,fr;q=0.8
-      Cookie:
-      - _vcardme-api_session=YmdCdkxYdTlLWkhhWWNnZTQ5Yjdxc0gweWJjKys4TUtSWWVBd3c1U2tUT2E1b2t0MFQxd3lZQTJwSVcyZVFCOHZxaHRtTVZjVGYyay9ReVc0WElxR0hlVGM0MW5qQUxVZE8zYytTaXBlcDZraWRLSllkYjlvYUNMVkx6S3Aremh4ODB5eVBzMmFwS3dHOHNZaFFBYnJnPT0tLVRKUEdSMFV1SGRCZSt1LzNiYjRSZnc9PQ%3D%3D--4e212108b448172e97b0e205f75976780e843bd7;
-        mp_321622acf650be9cac3978565e73be1a_mixpanel=%7B%22distinct_id%22%3A%20%2217122c6e1421dd-0fd311181d4582-396f7f07-384000-17122c6e14935d%22%2C%22%24device_id%22%3A%20%2217122c6e1421dd-0fd311181d4582-396f7f07-384000-17122c6e14935d%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D;
-        rack.session=BAh7CUkiD3Nlc3Npb25faWQGOgZFVEkiRTdkYWNhMWRhNjc3MTY4OTY0ZWVj%0AZjg2YmIyOTM1M2EzOTcxZWIzN2ZjMzAxZGUxNmIyZGNiNDdhMGU0ZDdiMmQG%0AOwBGSSINc2FtbF91aWQGOwBUSSIUc2FtQHZjYXJkbWUuY29tBjsAVEkiF3Nh%0AbWxfc2Vzc2lvbl9pbmRleAY7AFRJIipfOTBjYjc4NjItYTc5My00M2ZjLWFh%0AOWItZDdiMjY0ZWE4NmM2BjsAVEkiFG9tbmlhdXRoLnBhcmFtcwY7AFR7AA%3D%3D%0A--429d063c69188264011d1384cbf24a4b486d2d3a
-      Version:
-      - HTTP/1.1
-      Content-Type:
-      - application/x-www-form-urlencoded
-      Content-Length:
-      - '10749'
-  response:
-    status:
-      code: 200
-      message: null
-    headers:
-      Content-Type:
-      - application/json
-      Content-Length:
-      - '112'
-    body:
-      encoding: UTF-8
-      string: '{"user":{"id":"2077ee4f-9e7d-46c2-bbf3-98c49c312281","email":"sam@vcardme.com","idp_id":"00u510wjp44ft3DRo4x6"}}'
-    http_version: null
-  recorded_at: Sat, 11 Apr 2020 16:32:18 GMT
-recorded_with: VCR 5.1.0