simple_google_auth 0.2.0 → 0.2.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 2c7a9d7423d02f4853b934ee51ee465b3e5211dc
-  data.tar.gz: 4d0e7eab5f74f770e44fd2b33036010d9eef7c89
+  metadata.gz: 063892b7a2bdb416f268b27488fa1e8e2840158e
+  data.tar.gz: b3d5ba6529437ef499cb7bd3c62d3649eae38480
 SHA512:
-  metadata.gz: 00ff54f0f86e9c386e2d8324549b138b8e94abeffc94c9e4959c339c244ca21a0b6005ff8b95369ed34db98ce257d353f191b981c3200cdaef66565e569d4382
-  data.tar.gz: 3eaf3489ed9eaebc0a42e2600314a7d870ed38c354e25f325c2cc97ea8141f00a664d237c6153df927d56da67dabf6dc312c0d7eea4386aa0788d094f750f413
+  metadata.gz: 7717ae68ba9fa21754210ec1476e18be3224da1491ce62282b1c2853a8001897e94a63a8f0eb44e89f57138f6ade1d30f01e08c6c2f18f6f3a3b6093889e21fb
+  data.tar.gz: a83f0ecdbf1bdb8b9b5560c2540458f6ac5922bc0ffe3ca5520429ba774f15afde1c077a713da43f5e2ff796f0b80b7e98c294c4f9ab52b3af6a82ea932191a4

data/README.md

@@ -7,7 +7,7 @@ You can allow any user with a Google account, or limit access to certain users b
 Google e-mail address.
 
 Being simple, it's limited in what it can do.  But if your goal is to put your site
-behind a Google login instead of a crusty basic auth box, it'll do the trick. 
+behind a Google login instead of a crusty basic auth box, it'll do the trick.
 If you're after more power, there are quite a few gems that'll do what you're looking for,
 such as OmniAuth's Google strategy.
 
@@ -100,7 +100,7 @@ send you the refresh token every time your users authenticate.
       config.request_parameters.merge!(approval_prompt: "force")
     end
 
-For more details on offline mode and approval_prompt refer to the 
+For more details on offline mode and approval_prompt refer to the
 [Google OAuth documentation](https://developers.google.com/accounts/docs/OAuth2WebServer).
 
 ## Configuring
@@ -120,12 +120,14 @@ google_token_url | `"https://accounts.google.com/o/oauth2/token"` | Google's tok
 state_session_key_name | `"simple-google-auth.state"` | The name of the session variable used to store a random string used to prevent CSRF attacks during authentication.
 data_session_key_name | `"simple-google-auth.data"` | The name of the session variable used to store identification data from Google.
 request_parameters | `{scope: "openid email"}` | Parameters to use when requesting a login from Google
+open_timeout | `15` | The maximum time, in seconds, to wait connecting to Google before giving up
+read_timeout | `15` | The maximum time, in seconds, to wait for a response from Google before giving up
 
 Items marked with * may be a lambda, which will be called when that config item is required.
 
 ## Licence
 
-MIT.  Copyright 2014-2015 Roger Nesbitt, Powershop New Zealand Limited.
+MIT.  Copyright 2014-2016 Roger Nesbitt, Powershop New Zealand Limited.
 
 ## Authors and contributors
 

data/lib/simple_google_auth.rb

@@ -34,4 +34,6 @@ SimpleGoogleAuth.configure do |config|
   config.failed_login_path = "/"
   config.request_parameters = {scope: "openid email"}
   config.authenticate = lambda {|data| raise "You must define an authenticate lambda that determines whether a user should be allowed access or not"}
+  config.open_timeout = SimpleGoogleAuth::HttpClient::DEFAULT_OPEN_TIMEOUT
+  config.read_timeout = SimpleGoogleAuth::HttpClient::DEFAULT_READ_TIMEOUT
 end

data/lib/simple_google_auth/config.rb

@@ -11,7 +11,9 @@ module SimpleGoogleAuth
     :state_session_key_name,
     :data_session_key_name,
     :request_parameters,
-    :refresh_stale_tokens
+    :refresh_stale_tokens,
+    :open_timeout,
+    :read_timeout,
   ]
 
   class Config < Struct.new(*config_fields)

data/lib/simple_google_auth/http_client.rb

@@ -1,8 +1,13 @@
 module SimpleGoogleAuth
   class HttpClient
-    def initialize(url)
+    DEFAULT_OPEN_TIMEOUT = 15
+    DEFAULT_READ_TIMEOUT = 15
+
+    def initialize(url, open_timeout: DEFAULT_OPEN_TIMEOUT, read_timeout: DEFAULT_READ_TIMEOUT)
       @uri = URI(url)
       @http = Net::HTTP.new(@uri.host, @uri.port)
+      @http.open_timeout = open_timeout
+      @http.read_timeout = read_timeout
 
       if @uri.scheme == "https"
         @http.use_ssl = true
@@ -13,7 +18,12 @@ module SimpleGoogleAuth
     def request(params)
       request = Net::HTTP::Post.new(@uri.request_uri)
       request.set_form_data(params)
-      response = @http.request(request)
+
+      response = begin
+        @http.request(request)
+      rescue Net::OpenTimeout, Net::ReadTimeout => e
+        raise ProviderError, "A #{e.class.name} occurred while communicating with the server"
+      end
 
       if response.content_type != 'application/json'
         raise NonJsonResponseError, "The server responded with non-JSON content"

data/lib/simple_google_auth/oauth.rb

@@ -2,7 +2,11 @@ module SimpleGoogleAuth
   class OAuth
     def initialize(config)
       @config = config
-      @client = HttpClient.new(@config.google_token_url)
+      @client = HttpClient.new(
+        @config.google_token_url,
+        open_timeout: config.open_timeout,
+        read_timeout: config.read_timeout
+      )
     end
 
     def exchange_code_for_auth_token!(code)

data/lib/simple_google_auth/version.rb

@@ -1,3 +1,3 @@
 module SimpleGoogleAuth
-  VERSION = "0.2.0"
+  VERSION = "0.2.1"
 end

data/spec/simple_google_auth/http_client_spec.rb

@@ -7,6 +7,8 @@ describe SimpleGoogleAuth::HttpClient do
 
     before do
       expect(Net::HTTP).to receive(:new).with("some.host", 443).and_return(http)
+      expect(http).to receive(:open_timeout=).with(12)
+      expect(http).to receive(:read_timeout=).with(13)
       expect(http).to receive(:use_ssl=).with(true)
       expect(http).to receive(:verify_mode=).with(OpenSSL::SSL::VERIFY_PEER)
       expect(http).to receive(:request).with(request).and_return(response)
@@ -15,7 +17,7 @@ describe SimpleGoogleAuth::HttpClient do
       expect(request).to receive(:set_form_data).with('some' => 'data')
     end
 
-    subject { SimpleGoogleAuth::HttpClient.new("https://some.host/somepath") }
+    subject { SimpleGoogleAuth::HttpClient.new("https://some.host/somepath", open_timeout: 12, read_timeout: 13) }
 
     context "when the call is successful" do
       let(:response) do

data/spec/simple_google_auth/oauth_spec.rb

@@ -7,19 +7,21 @@ describe SimpleGoogleAuth::OAuth do
       google_token_url: "/token/url",
       client_id: '12345',
       client_secret: 'abcde',
-      redirect_uri: '/ok'
+      redirect_uri: '/ok',
+      open_timeout: 12,
+      read_timeout: 13
     )
   end
 
   let(:client) { instance_double(SimpleGoogleAuth::HttpClient) }
   let(:response) { {"id_token" => "sometoken", "expires_in" => 1200, "other" => "data"} }
   let(:expires_at) { Time.now + 1200 - 5 }
-  
+
   before do
     now = Time.now
     allow(Time).to receive(:now).and_return(now)
 
-    expect(SimpleGoogleAuth::HttpClient).to receive(:new).with(config.google_token_url).and_return(client)
+    expect(SimpleGoogleAuth::HttpClient).to receive(:new).with(config.google_token_url, open_timeout: 12, read_timeout: 13).and_return(client)
   end
 
   subject { SimpleGoogleAuth::OAuth.new(config) }

data/spec/simple_google_auth/receiver_spec.rb

@@ -38,7 +38,7 @@ describe SimpleGoogleAuth::Receiver do
       end
 
       it "redirects to the URL specified in the session" do
-        expect(subject).to eq [302, {"Location" => "/place"}, [" "]] 
+        expect(subject).to eq [302, {"Location" => "/place"}, [" "]]
       end
     end
 
@@ -46,7 +46,7 @@ describe SimpleGoogleAuth::Receiver do
       let(:authentication_result) { false }
 
       it "redirects to the failed login path with a message" do
-        expect(subject).to eq [302, {"Location" => "/error?message=Authentication+failed"}, [" "]] 
+        expect(subject).to eq [302, {"Location" => "/error?message=Authentication+failed"}, [" "]]
       end
     end
   end
@@ -55,7 +55,7 @@ describe SimpleGoogleAuth::Receiver do
     let(:params) { {"state" => "doesnotmatch", "code" => code} }
 
     it "redirects to the failed login path with a message" do
-      expect(subject).to eq [302, {"Location" => "/error?message=Invalid+state+returned+from+Google"}, [" "]] 
+      expect(subject).to eq [302, {"Location" => "/error?message=Invalid+state+returned+from+Google"}, [" "]]
     end
   end
 
@@ -63,7 +63,7 @@ describe SimpleGoogleAuth::Receiver do
     let(:params) { {"state" => state, "error" => "bad stuff"} }
 
     it "redirects to the failed login path with a message" do
-      expect(subject).to eq [302, {"Location" => "/error?message=Authentication+failed%3A+bad+stuff"}, [" "]] 
+      expect(subject).to eq [302, {"Location" => "/error?message=Authentication+failed%3A+bad+stuff"}, [" "]]
     end
   end
 
@@ -71,7 +71,7 @@ describe SimpleGoogleAuth::Receiver do
     let(:params) { {"state" => state} }
 
     it "redirects to the failed login path with a message" do
-      expect(subject).to eq [302, {"Location" => "/error?message=No+authentication+code+returned"}, [" "]] 
+      expect(subject).to eq [302, {"Location" => "/error?message=No+authentication+code+returned"}, [" "]]
     end
   end
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: simple_google_auth
 version: !ruby/object:Gem::Version
-  version: 0.2.0
+  version: 0.2.1
 platform: ruby
 authors:
 - Roger Nesbitt
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2015-05-31 00:00:00.000000000 Z
+date: 2016-09-12 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails
@@ -81,7 +81,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: '0'
+      version: 2.0.0
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
@@ -89,7 +89,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.2.2
+rubygems_version: 2.5.1
 signing_key: 
 specification_version: 4
 summary: Super simple Google authentication for your Rails site