prx_auth-rails 1.2.0 → 1.3.0

data/test/prx_auth/rails/configuration_test.rb

@@ -2,29 +2,35 @@ require 'test_helper'
 
 describe PrxAuth::Rails::Configuration do
 
-  after(:each) { PrxAuth::Rails.configuration =  PrxAuth::Rails::Configuration.new }
   subject { PrxAuth::Rails::Configuration.new }
-  
+
   it 'initializes with a namespace defined by rails app name' do
-    assert subject.namespace == :test_app
+    assert subject.namespace == :dummy
   end
 
   it 'can be reconfigured using the namespace attr' do
-    PrxAuth::Rails.configure do |config|
-      config.namespace = :new_test
-    end
+    PrxAuth::Rails.stub(:configuration, subject) do
+      PrxAuth::Rails.configure do |config|
+        config.namespace = :new_test
+      end
 
-    assert PrxAuth::Rails.configuration.namespace == :new_test
+      assert PrxAuth::Rails.configuration.namespace == :new_test
+    end
   end
 
   it 'defaults to enabling the middleware' do
-    assert PrxAuth::Rails.configuration.install_middleware
+    PrxAuth::Rails.stub(:configuration, subject) do
+      assert PrxAuth::Rails.configuration.install_middleware
+    end
   end
 
   it 'allows overriding of the middleware automatic installation' do
-    PrxAuth::Rails.configure do |config|
-      config.install_middleware = false
+    PrxAuth::Rails.stub(:configuration, subject) do
+      PrxAuth::Rails.configure do |config|
+        config.install_middleware = false
+      end
+
+      assert !PrxAuth::Rails.configuration.install_middleware
     end
-    assert !PrxAuth::Rails.configuration.install_middleware
   end
-end
+end

data/test/prx_auth/rails/sessions_controller_test.rb

@@ -0,0 +1,94 @@
+require "test_helper"
+
+module PrxAuth::Rails
+  class SessionsControllerTest < ActionController::TestCase
+
+    setup do
+      @routes = PrxAuth::Rails::Engine.routes
+      @nonce_session_key = SessionsController::ID_NONCE_SESSION_KEY
+      @token_params = {id_token: 'sometok', access_token: 'othertok'}
+      @stub_claims = {'nonce' => '123', 'sub' => '1'}
+    end
+
+    test "new creates nonce" do
+      nonce = session[@nonce_session_key]
+      assert nonce == nil
+
+      get :new
+
+      nonce = session[@nonce_session_key]
+      assert nonce.match(/[a-zA-Z\d]{32}/)
+      assert nonce.length == 32
+    end
+
+    test 'new should should not overwrite the saved nonce' do
+      get :new
+      nonce1 = session[@nonce_session_key]
+
+      get :new
+      nonce2 = session[@nonce_session_key]
+      assert nonce1 == nonce2
+    end
+
+    test 'create should validate a token and set the session variable' do
+      @controller.stub(:validate_token, @stub_claims) do
+        session[@nonce_session_key] = '123'
+        post :create, params: @token_params, format: :json
+        assert session['prx.auth']['id_token']['nonce'] == '123'
+      end
+    end
+
+    test 'create should call test_nonce! if upon verification' do
+      @controller.stub(:validate_token, {'nonce' => 'not matching', 'aud' => '1'}) do
+        session[@nonce_session_key] = 'nonce'
+        post :create, params: @token_params, format: :json
+        assert session[@nonce_session_key] == nil
+      end
+    end
+
+    test 'create should reset the nonce after consumed' do
+      @controller.stub(:validate_token, @stub_claims) do
+        session[@nonce_session_key] = '123'
+        post :create, params: @token_params, format: :json
+
+        assert session[@nonce_session_key] == nil
+        assert response.code == '302'
+        assert response.body.match?(/after-sign-in-path/)
+      end
+    end
+
+    test 'should respond with aredirect to the auth error page / code if the nonce does not match' do
+      @controller.stub(:validate_token, @stub_claims) do
+        session[@nonce_session_key] = 'nonce-does-not-match'
+        post :create, params: @token_params, format: :json
+        assert response.code == '302'
+        assert response.body.match(/auth_error\?error=verification_failed/)
+      end
+    end
+
+    test 'auth_error should return a formatted error message to the user' do
+      get :auth_error, params: {error: 'error_message'}
+      assert response.code == '200'
+      assert response.body.match?(/Message was: <pre>error_message/)
+    end
+
+    test 'auth_error should expect the error param' do
+      assert_raises ActionController::ParameterMissing do
+        get :auth_error, params: {}
+      end
+    end
+
+    test 'validates that the user id matches in both tokens' do
+      @controller.stub(:id_claims, @stub_claims) do
+        @controller.stub(:access_claims, @stub_claims.merge('sub' => '444')) do
+
+        session[@nonce_session_key] = '123'
+        post :create, params: @token_params, format: :json
+
+        assert response.code == '302'
+        assert response.body.match?(/error=verification_failed/)
+      end
+      end
+    end
+  end
+end

data/test/prx_auth/rails/token_test.rb

@@ -42,4 +42,4 @@ describe PrxAuth::Rails::Token do
   end
 
   
-end
+end

data/test/test_helper.rb

@@ -1,7 +1,6 @@
 require 'coveralls'
-Coveralls.wear!
 
-$LOAD_PATH.unshift File.expand_path('../../lib', __FILE__)
+Coveralls.wear!
 
 require 'minitest/autorun'
 require 'minitest/spec'
@@ -12,13 +11,25 @@ require 'action_view'
 require 'rails'
 require 'rails/generators'
 require 'rails/generators/test_case'
-# Bundler.require(:default)
+require 'pry'
 
-class TestApp < Rails::Application
-  config.root = File.dirname(__FILE__)
-  config.eager_load = false
-end
+require 'prx_auth/rails'
+
+# Configure Rails Environment
+ENV["RAILS_ENV"] = "test"
+ENV['PRX_CLIENT_ID'] = '12345'
 
-TestApp.initialize!
 
-require 'prx_auth/rails'
+require_relative "../test/dummy/config/environment"
+ActiveRecord::Migrator.migrations_paths = [File.expand_path("../test/dummy/db/migrate", __dir__)]
+ActiveRecord::Migrator.migrations_paths << File.expand_path('../db/migrate', __dir__)
+require "rails/test_help"
+
+
+# Load fixtures from the engine
+if ActiveSupport::TestCase.respond_to?(:fixture_path=)
+  ActiveSupport::TestCase.fixture_path = File.expand_path("fixtures", __dir__)
+  ActionDispatch::IntegrationTest.fixture_path = ActiveSupport::TestCase.fixture_path
+  ActiveSupport::TestCase.file_fixture_path = ActiveSupport::TestCase.fixture_path + "/files"
+  ActiveSupport::TestCase.fixtures :all
+end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: prx_auth-rails
 version: !ruby/object:Gem::Version
-  version: 1.2.0
+  version: 1.3.0
 platform: ruby
 authors:
 - Chris Rhoden
-autorequire: 
+autorequire:
 bindir: bin
 cert_chain: []
-date: 2020-08-10 00:00:00.000000000 Z
+date: 2021-01-19 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: actionpack
@@ -96,6 +96,34 @@ dependencies:
         version: '0'
 - !ruby/object:Gem::Dependency
   name: rails
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 6.1.0
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 6.1.0
+- !ruby/object:Gem::Dependency
+  name: pry
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: sqlite3
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -124,7 +152,7 @@ dependencies:
         version: '1.2'
 description: 'Rails integration for next generation PRX Authorization system.
 
-'
+  '
 email:
 - carhoden@gmail.com
 executables: []
@@ -137,22 +165,83 @@ files:
 - LICENSE.txt
 - README.md
 - Rakefile
+- app/controllers/prx_auth/rails/sessions_controller.rb
+- app/views/prx_auth/rails/sessions/auth_error.html.erb
+- app/views/prx_auth/rails/sessions/show.html.erb
+- config/routes.rb
 - lib/prx_auth/rails.rb
 - lib/prx_auth/rails/configuration.rb
+- lib/prx_auth/rails/engine.rb
 - lib/prx_auth/rails/ext/controller.rb
 - lib/prx_auth/rails/railtie.rb
 - lib/prx_auth/rails/token.rb
 - lib/prx_auth/rails/version.rb
 - prx_auth-rails.gemspec
+- test/dummy/Rakefile
+- test/dummy/app/assets/config/manifest.js
+- test/dummy/app/assets/images/.keep
+- test/dummy/app/assets/stylesheets/application.css
+- test/dummy/app/channels/application_cable/channel.rb
+- test/dummy/app/channels/application_cable/connection.rb
+- test/dummy/app/controllers/application_controller.rb
+- test/dummy/app/controllers/concerns/.keep
+- test/dummy/app/helpers/application_helper.rb
+- test/dummy/app/javascript/packs/application.js
+- test/dummy/app/jobs/application_job.rb
+- test/dummy/app/mailers/application_mailer.rb
+- test/dummy/app/models/application_record.rb
+- test/dummy/app/models/concerns/.keep
+- test/dummy/app/views/layouts/application.html.erb
+- test/dummy/app/views/layouts/mailer.html.erb
+- test/dummy/app/views/layouts/mailer.text.erb
+- test/dummy/bin/rails
+- test/dummy/bin/rake
+- test/dummy/bin/setup
+- test/dummy/bin/spring
+- test/dummy/config.ru
+- test/dummy/config/application.rb
+- test/dummy/config/boot.rb
+- test/dummy/config/cable.yml
+- test/dummy/config/database.yml
+- test/dummy/config/environment.rb
+- test/dummy/config/environments/development.rb
+- test/dummy/config/environments/production.rb
+- test/dummy/config/environments/test.rb
+- test/dummy/config/initializers/application_controller_renderer.rb
+- test/dummy/config/initializers/assets.rb
+- test/dummy/config/initializers/backtrace_silencers.rb
+- test/dummy/config/initializers/content_security_policy.rb
+- test/dummy/config/initializers/cookies_serializer.rb
+- test/dummy/config/initializers/filter_parameter_logging.rb
+- test/dummy/config/initializers/inflections.rb
+- test/dummy/config/initializers/mime_types.rb
+- test/dummy/config/initializers/permissions_policy.rb
+- test/dummy/config/initializers/prx_auth.rb
+- test/dummy/config/initializers/wrap_parameters.rb
+- test/dummy/config/locales/en.yml
+- test/dummy/config/puma.rb
+- test/dummy/config/routes.rb
+- test/dummy/config/spring.rb
+- test/dummy/config/storage.yml
+- test/dummy/lib/assets/.keep
+- test/dummy/log/.keep
+- test/dummy/public/404.html
+- test/dummy/public/422.html
+- test/dummy/public/500.html
+- test/dummy/public/apple-touch-icon-precomposed.png
+- test/dummy/public/apple-touch-icon.png
+- test/dummy/public/favicon.ico
+- test/dummy/storage/.keep
 - test/log/development.log
 - test/prx_auth/rails/configuration_test.rb
+- test/prx_auth/rails/sessions_controller_test.rb
 - test/prx_auth/rails/token_test.rb
 - test/test_helper.rb
 homepage: https://github.com/PRX/prx_auth-rails
 licenses:
 - MIT
 metadata: {}
-post_install_message: 
+post_install_message:
 rdoc_options: []
 require_paths:
 - lib
@@ -167,12 +256,69 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.0.1
-signing_key: 
+rubyforge_project:
+rubygems_version: 2.7.6.2
+signing_key:
 specification_version: 4
 summary: Rails integration for next generation PRX Authorization system.
 test_files:
+- test/dummy/Rakefile
+- test/dummy/app/assets/config/manifest.js
+- test/dummy/app/assets/images/.keep
+- test/dummy/app/assets/stylesheets/application.css
+- test/dummy/app/channels/application_cable/channel.rb
+- test/dummy/app/channels/application_cable/connection.rb
+- test/dummy/app/controllers/application_controller.rb
+- test/dummy/app/controllers/concerns/.keep
+- test/dummy/app/helpers/application_helper.rb
+- test/dummy/app/javascript/packs/application.js
+- test/dummy/app/jobs/application_job.rb
+- test/dummy/app/mailers/application_mailer.rb
+- test/dummy/app/models/application_record.rb
+- test/dummy/app/models/concerns/.keep
+- test/dummy/app/views/layouts/application.html.erb
+- test/dummy/app/views/layouts/mailer.html.erb
+- test/dummy/app/views/layouts/mailer.text.erb
+- test/dummy/bin/rails
+- test/dummy/bin/rake
+- test/dummy/bin/setup
+- test/dummy/bin/spring
+- test/dummy/config.ru
+- test/dummy/config/application.rb
+- test/dummy/config/boot.rb
+- test/dummy/config/cable.yml
+- test/dummy/config/database.yml
+- test/dummy/config/environment.rb
+- test/dummy/config/environments/development.rb
+- test/dummy/config/environments/production.rb
+- test/dummy/config/environments/test.rb
+- test/dummy/config/initializers/application_controller_renderer.rb
+- test/dummy/config/initializers/assets.rb
+- test/dummy/config/initializers/backtrace_silencers.rb
+- test/dummy/config/initializers/content_security_policy.rb
+- test/dummy/config/initializers/cookies_serializer.rb
+- test/dummy/config/initializers/filter_parameter_logging.rb
+- test/dummy/config/initializers/inflections.rb
+- test/dummy/config/initializers/mime_types.rb
+- test/dummy/config/initializers/permissions_policy.rb
+- test/dummy/config/initializers/prx_auth.rb
+- test/dummy/config/initializers/wrap_parameters.rb
+- test/dummy/config/locales/en.yml
+- test/dummy/config/puma.rb
+- test/dummy/config/routes.rb
+- test/dummy/config/spring.rb
+- test/dummy/config/storage.yml
+- test/dummy/lib/assets/.keep
+- test/dummy/log/.keep
+- test/dummy/public/404.html
+- test/dummy/public/422.html
+- test/dummy/public/500.html
+- test/dummy/public/apple-touch-icon-precomposed.png
+- test/dummy/public/apple-touch-icon.png
+- test/dummy/public/favicon.ico
+- test/dummy/storage/.keep
 - test/log/development.log
 - test/prx_auth/rails/configuration_test.rb
+- test/prx_auth/rails/sessions_controller_test.rb
 - test/prx_auth/rails/token_test.rb
 - test/test_helper.rb