simple_token_authentication 1.13.0 → 1.14.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -3,6 +3,8 @@
3
3
  source "https://rubygems.org"
4
4
 
5
5
  gem "actionmailer", ">= 3.2.6", "< 4"
6
+ gem "actionpack", ">= 3.2.6", "< 4"
7
+ gem "activerecord", ">= 3.2.6", "< 4"
6
8
  gem "mime-types", "< 3"
7
9
  gem "tins", "< 1.7.0"
8
10
 
@@ -0,0 +1,150 @@
1
+ PATH
2
+ remote: ../
3
+ specs:
4
+ simple_token_authentication (1.14.0)
5
+ actionmailer (>= 3.2.6, < 6)
6
+ actionpack (>= 3.2.6, < 6)
7
+ devise (>= 3.2, < 6)
8
+
9
+ GEM
10
+ remote: https://rubygems.org/
11
+ specs:
12
+ actionmailer (3.2.22.2)
13
+ actionpack (= 3.2.22.2)
14
+ mail (~> 2.5.4)
15
+ actionpack (3.2.22.2)
16
+ activemodel (= 3.2.22.2)
17
+ activesupport (= 3.2.22.2)
18
+ builder (~> 3.0.0)
19
+ erubis (~> 2.7.0)
20
+ journey (~> 1.0.4)
21
+ rack (~> 1.4.5)
22
+ rack-cache (~> 1.2)
23
+ rack-test (~> 0.6.1)
24
+ sprockets (~> 2.2.1)
25
+ activemodel (3.2.22.2)
26
+ activesupport (= 3.2.22.2)
27
+ builder (~> 3.0.0)
28
+ activerecord (3.2.22.2)
29
+ activemodel (= 3.2.22.2)
30
+ activesupport (= 3.2.22.2)
31
+ arel (~> 3.0.2)
32
+ tzinfo (~> 0.3.29)
33
+ activesupport (3.2.22.2)
34
+ i18n (~> 0.6, >= 0.6.4)
35
+ multi_json (~> 1.0)
36
+ appraisal (2.1.0)
37
+ bundler
38
+ rake
39
+ thor (>= 0.14.0)
40
+ arel (3.0.3)
41
+ bcrypt (3.1.11)
42
+ builder (3.0.4)
43
+ coderay (1.1.1)
44
+ devise (3.5.10)
45
+ bcrypt (~> 3.0)
46
+ orm_adapter (~> 0.1)
47
+ railties (>= 3.2.6, < 5)
48
+ responders
49
+ thread_safe (~> 0.1)
50
+ warden (~> 1.2.3)
51
+ diff-lcs (1.2.5)
52
+ erubis (2.7.0)
53
+ hike (1.2.3)
54
+ i18n (0.7.0)
55
+ inch (0.7.1)
56
+ pry
57
+ sparkr (>= 0.2.0)
58
+ term-ansicolor
59
+ yard (~> 0.8.7.5)
60
+ journey (1.0.4)
61
+ json (1.8.3)
62
+ mail (2.5.4)
63
+ mime-types (~> 1.16)
64
+ treetop (~> 1.4.8)
65
+ method_source (0.8.2)
66
+ mime-types (1.25.1)
67
+ mongoid (3.1.7)
68
+ activemodel (~> 3.2)
69
+ moped (~> 1.4)
70
+ origin (~> 1.0)
71
+ tzinfo (~> 0.3.29)
72
+ moped (1.5.3)
73
+ multi_json (1.12.1)
74
+ origin (1.1.0)
75
+ orm_adapter (0.5.0)
76
+ polyglot (0.3.5)
77
+ pry (0.10.3)
78
+ coderay (~> 1.1.0)
79
+ method_source (~> 0.8.1)
80
+ slop (~> 3.4)
81
+ rack (1.4.7)
82
+ rack-cache (1.6.1)
83
+ rack (>= 0.4)
84
+ rack-ssl (1.3.4)
85
+ rack
86
+ rack-test (0.6.3)
87
+ rack (>= 1.0)
88
+ railties (3.2.22.2)
89
+ actionpack (= 3.2.22.2)
90
+ activesupport (= 3.2.22.2)
91
+ rack-ssl (~> 1.3.2)
92
+ rake (>= 0.8.7)
93
+ rdoc (~> 3.4)
94
+ thor (>= 0.14.6, < 2.0)
95
+ rake (11.2.2)
96
+ rdoc (3.12.2)
97
+ json (~> 1.4)
98
+ responders (1.1.2)
99
+ railties (>= 3.2, < 4.2)
100
+ rspec (3.5.0)
101
+ rspec-core (~> 3.5.0)
102
+ rspec-expectations (~> 3.5.0)
103
+ rspec-mocks (~> 3.5.0)
104
+ rspec-core (3.5.0)
105
+ rspec-support (~> 3.5.0)
106
+ rspec-expectations (3.5.0)
107
+ diff-lcs (>= 1.2.0, < 2.0)
108
+ rspec-support (~> 3.5.0)
109
+ rspec-mocks (3.5.0)
110
+ diff-lcs (>= 1.2.0, < 2.0)
111
+ rspec-support (~> 3.5.0)
112
+ rspec-support (3.5.0)
113
+ slop (3.6.0)
114
+ sparkr (0.4.1)
115
+ sprockets (2.2.3)
116
+ hike (~> 1.2)
117
+ multi_json (~> 1.0)
118
+ rack (~> 1.0)
119
+ tilt (~> 1.1, != 1.3.0)
120
+ term-ansicolor (1.3.2)
121
+ tins (~> 1.0)
122
+ thor (0.19.1)
123
+ thread_safe (0.3.5)
124
+ tilt (1.4.1)
125
+ tins (1.6.0)
126
+ treetop (1.4.15)
127
+ polyglot
128
+ polyglot (>= 0.3.1)
129
+ tzinfo (0.3.51)
130
+ warden (1.2.6)
131
+ rack (>= 1.0)
132
+ yard (0.8.7.6)
133
+
134
+ PLATFORMS
135
+ ruby
136
+
137
+ DEPENDENCIES
138
+ actionmailer (>= 3.2.6, < 4)
139
+ actionpack (>= 3.2.6, < 4)
140
+ activerecord (>= 3.2.6, < 4)
141
+ appraisal (~> 2.0)
142
+ inch (~> 0.4)
143
+ mime-types (< 3)
144
+ mongoid (>= 3.1.0, < 7)
145
+ rspec (~> 3.0)
146
+ simple_token_authentication!
147
+ tins (< 1.7.0)
148
+
149
+ BUNDLED WITH
150
+ 1.11.2
@@ -1,3 +1,4 @@
1
+ require 'active_support/version'
1
2
  require 'simple_token_authentication/acts_as_token_authenticatable'
2
3
  require 'simple_token_authentication/acts_as_token_authentication_handler'
3
4
  require 'simple_token_authentication/configuration'
@@ -46,7 +47,14 @@ module SimpleTokenAuthentication
46
47
  end
47
48
 
48
49
  def self.adapter_dependency_fulfilled? adapter_short_name
49
- qualified_const_defined?(SimpleTokenAuthentication.adapters_dependencies[adapter_short_name])
50
+ dependency = SimpleTokenAuthentication.adapters_dependencies[adapter_short_name]
51
+
52
+ if !respond_to?(:qualified_const_defined?) || (ActiveSupport.respond_to?(:version) && ActiveSupport.version.to_s =~ /^5\.0/)
53
+ # See https://github.com/gonzalo-bulnes/simple_token_authentication/pull/229/commits/74eda6c28cd0b45636c466de56f2dbaca5c5b629#r57507423
54
+ const_defined?(dependency)
55
+ else
56
+ qualified_const_defined?(dependency)
57
+ end
50
58
  end
51
59
 
52
60
  available_model_adapters = load_available_adapters SimpleTokenAuthentication.model_adapters
@@ -15,7 +15,7 @@ module SimpleTokenAuthentication
15
15
  def integrate_with_devise_trackable!(controller)
16
16
  # Sign in using token should not be tracked by Devise trackable
17
17
  # See https://github.com/plataformatec/devise/issues/953
18
- controller.env["devise.skip_trackable"] = SimpleTokenAuthentication.skip_devise_trackable
18
+ controller.request.env["devise.skip_trackable"] = SimpleTokenAuthentication.skip_devise_trackable
19
19
  end
20
20
  end
21
21
  end
@@ -144,7 +144,13 @@ module SimpleTokenAuthentication
144
144
  else
145
145
  :"authenticate_#{entity.name_underscore}_from_token"
146
146
  end
147
- before_filter authenticate_method, options.slice(:only, :except, :if, :unless)
147
+
148
+ if respond_to?(:before_action)
149
+ # See https://github.com/rails/rails/commit/9d62e04838f01f5589fa50b0baa480d60c815e2c
150
+ before_action authenticate_method, options.slice(:only, :except, :if, :unless)
151
+ else
152
+ before_filter authenticate_method, options.slice(:only, :except, :if, :unless)
153
+ end
148
154
  end
149
155
  end
150
156
  end
@@ -1,3 +1,3 @@
1
1
  module SimpleTokenAuthentication
2
- VERSION = "1.13.0"
2
+ VERSION = "1.14.0"
3
3
  end
@@ -11,7 +11,7 @@ describe 'ActionController', action_controller_callbacks_options: true do
11
11
  define_test_subjects_for_extension_of(SimpleTokenAuthentication::ActsAsTokenAuthenticationHandler)
12
12
  end
13
13
 
14
- describe ':only option' do
14
+ describe ':only option', before_filter: true do
15
15
 
16
16
  context 'when provided to `acts_as_token_authentication_hanlder_for`' do
17
17
 
@@ -31,7 +31,7 @@ describe 'ActionController', action_controller_callbacks_options: true do
31
31
  end
32
32
  end
33
33
 
34
- describe ':except option' do
34
+ describe ':except option', before_filter: true do
35
35
 
36
36
  context 'when provided to `acts_as_token_authentication_hanlder_for`' do
37
37
 
@@ -51,7 +51,7 @@ describe 'ActionController', action_controller_callbacks_options: true do
51
51
  end
52
52
  end
53
53
 
54
- describe ':if option' do
54
+ describe ':if option', before_filter: true do
55
55
 
56
56
  context 'when provided to `acts_as_token_authentication_hanlder_for`' do
57
57
 
@@ -71,7 +71,7 @@ describe 'ActionController', action_controller_callbacks_options: true do
71
71
  end
72
72
  end
73
73
 
74
- describe ':unless option' do
74
+ describe ':unless option', before_filter: true do
75
75
 
76
76
  context 'when provided to `acts_as_token_authentication_hanlder_for`' do
77
77
 
@@ -90,4 +90,87 @@ describe 'ActionController', action_controller_callbacks_options: true do
90
90
  end
91
91
  end
92
92
  end
93
+
94
+ context "which supports the :before_action hook", before_action: true do
95
+
96
+ describe ':only option' do
97
+
98
+ context 'when provided to `acts_as_token_authentication_hanlder_for`' do
99
+
100
+ it 'is applied to the corresponding callback (1)', rspec_3_error: true, private: true do
101
+ some_class = @subjects.first
102
+
103
+ expect(some_class).to receive(:before_action).with(:authenticate_user_from_token!, { only: ['some_action', :some_other_action] })
104
+ some_class.acts_as_token_authentication_handler_for User, only: ['some_action', :some_other_action]
105
+ end
106
+
107
+ it 'is applied to the corresponding callback (2)', rspec_3_error: true, private: true do
108
+ some_child_class = @subjects.last
109
+
110
+ expect(some_child_class).to receive(:before_action).with(:authenticate_user_from_token!, { only: ['some_action', :some_other_action] })
111
+ some_child_class.acts_as_token_authentication_handler_for User, only: ['some_action', :some_other_action]
112
+ end
113
+ end
114
+ end
115
+
116
+ describe ':except option' do
117
+
118
+ context 'when provided to `acts_as_token_authentication_hanlder_for`' do
119
+
120
+ it 'is applied to the corresponding callback (1)', rspec_3_error: true, private: true do
121
+ some_class = @subjects.first
122
+
123
+ expect(some_class).to receive(:before_action).with(:authenticate_user_from_token!, { except: ['some_action', :some_other_action] })
124
+ some_class.acts_as_token_authentication_handler_for User, except: ['some_action', :some_other_action]
125
+ end
126
+
127
+ it 'is applied to the corresponding callback (2)', rspec_3_error: true, private: true do
128
+ some_child_class = @subjects.last
129
+
130
+ expect(some_child_class).to receive(:before_action).with(:authenticate_user_from_token!, { except: ['some_action', :some_other_action] })
131
+ some_child_class.acts_as_token_authentication_handler_for User, except: ['some_action', :some_other_action]
132
+ end
133
+ end
134
+ end
135
+
136
+ describe ':if option' do
137
+
138
+ context 'when provided to `acts_as_token_authentication_hanlder_for`' do
139
+
140
+ it 'is applied to the corresponding callback (1)', rspec_3_error: true, private: true do
141
+ some_class = @subjects.first
142
+
143
+ expect(some_class).to receive(:before_action).with(:authenticate_user_from_token!, { if: lambda { |controller| 'some condition' } })
144
+ some_class.acts_as_token_authentication_handler_for User, if: lambda { |controller| 'some condition' }
145
+ end
146
+
147
+ it 'is applied to the corresponding callback (2)', rspec_3_error: true, private: true do
148
+ some_child_class = @subjects.last
149
+
150
+ expect(some_child_class).to receive(:before_action).with(:authenticate_user_from_token!, { if: lambda { |controller| 'some condition' } })
151
+ some_child_class.acts_as_token_authentication_handler_for User, if: lambda { |controller| 'some condition' }
152
+ end
153
+ end
154
+ end
155
+
156
+ describe ':unless option' do
157
+
158
+ context 'when provided to `acts_as_token_authentication_hanlder_for`' do
159
+
160
+ it 'is applied to the corresponding callback (1)', rspec_3_error: true, private: true do
161
+ some_class = @subjects.first
162
+
163
+ expect(some_class).to receive(:before_action).with(:authenticate_user_from_token!, { unless: lambda { |controller| 'some condition' } })
164
+ some_class.acts_as_token_authentication_handler_for User, unless: lambda { |controller| 'some condition' }
165
+ end
166
+
167
+ it 'is applied to the corresponding callback (2)', rspec_3_error: true, private: true do
168
+ some_child_class = @subjects.last
169
+
170
+ expect(some_child_class).to receive(:before_action).with(:authenticate_user_from_token!, { unless: lambda { |controller| 'some condition' } })
171
+ some_child_class.acts_as_token_authentication_handler_for User, unless: lambda { |controller| 'some condition' }
172
+ end
173
+ end
174
+ end
175
+ end
93
176
  end
@@ -19,7 +19,7 @@ describe 'Simple Token Authentication' do
19
19
 
20
20
  context 'when true' do
21
21
 
22
- it 'delegates authentication to Devise strategies', protected: true do
22
+ it 'delegates authentication to Devise strategies', protected: true, before_filter: true do
23
23
  @controller = @controller_class.new
24
24
  allow(@controller).to receive(:params)
25
25
  allow(@controller).to receive(:find_record_from_identifier)
@@ -39,7 +39,7 @@ describe 'Simple Token Authentication' do
39
39
 
40
40
  context 'when false' do
41
41
 
42
- it 'does nothing after token authentication fails', protected: true do
42
+ it 'does nothing after token authentication fails', protected: true, before_filter: true do
43
43
  @controller = @controller_class.new
44
44
  allow(@controller).to receive(:params)
45
45
  allow(@controller).to receive(:find_record_from_identifier)
@@ -59,7 +59,7 @@ describe 'Simple Token Authentication' do
59
59
 
60
60
  context 'when omitted' do
61
61
 
62
- it 'delegates authentication to Devise strategies', protected: true do
62
+ it 'delegates authentication to Devise strategies', protected: true, before_filter: true do
63
63
  @controller = @controller_class.new
64
64
  allow(@controller).to receive(:params)
65
65
  allow(@controller).to receive(:find_record_from_identifier)
@@ -85,7 +85,7 @@ describe 'Simple Token Authentication' do
85
85
  allow(admin).to receive(:name).and_return('Admin')
86
86
  end
87
87
 
88
- context 'when false for User and true for Admin' do
88
+ context 'when false for User and true for Admin', before_filter: true do
89
89
 
90
90
  before(:each) do
91
91
  @controller = @controller_class.new
@@ -124,5 +124,129 @@ describe 'Simple Token Authentication' do
124
124
  end
125
125
  end
126
126
  end
127
+
128
+ context "when the token authenticatable supports the :before_action hook", before_action: true do
129
+
130
+ describe 'determines what to do if token authentication fails' do
131
+
132
+ before(:each) do
133
+ user = double()
134
+ stub_const('User', user)
135
+ allow(user).to receive(:name).and_return('User')
136
+
137
+ # given a controller class which acts as token authentication handler
138
+ @controller_class = Class.new
139
+ allow(@controller_class).to receive(:before_action)
140
+ @controller_class.send :extend, SimpleTokenAuthentication::ActsAsTokenAuthenticationHandler
141
+ end
142
+
143
+ context 'when true' do
144
+
145
+ it 'delegates authentication to Devise strategies', protected: true do
146
+ @controller = @controller_class.new
147
+ allow(@controller).to receive(:params)
148
+ allow(@controller).to receive(:find_record_from_identifier)
149
+
150
+ # sets :authenticate_user_from_token! (bang) in the before_action
151
+ expect(@controller_class).to receive(:before_action).with(:authenticate_user_from_token!, {})
152
+
153
+ # when falling back to Devise is enabled
154
+ @controller_class.acts_as_token_authentication_handler_for User, fallback_to_devise: true
155
+
156
+ # when the hook is triggered
157
+ # Devise strategies take control of authentication
158
+ expect(@controller).to receive(:authenticate_user!)
159
+ @controller.authenticate_user_from_token! # bang
160
+ end
161
+ end
162
+
163
+ context 'when false' do
164
+
165
+ it 'does nothing after token authentication fails', protected: true do
166
+ @controller = @controller_class.new
167
+ allow(@controller).to receive(:params)
168
+ allow(@controller).to receive(:find_record_from_identifier)
169
+
170
+ # sets :authenticate_user_from_token (non-bang) in the before_action
171
+ expect(@controller_class).to receive(:before_action).with(:authenticate_user_from_token, {})
172
+
173
+ # when falling back to Devise is enabled
174
+ @controller_class.acts_as_token_authentication_handler_for User, fallback_to_devise: false
175
+
176
+ # when the hook is triggered
177
+ # Devise strategies do not take control of authentication
178
+ expect(@controller).not_to receive(:authenticate_user!)
179
+ @controller.authenticate_user_from_token # non-bang
180
+ end
181
+ end
182
+
183
+ context 'when omitted' do
184
+
185
+ it 'delegates authentication to Devise strategies', protected: true do
186
+ @controller = @controller_class.new
187
+ allow(@controller).to receive(:params)
188
+ allow(@controller).to receive(:find_record_from_identifier)
189
+
190
+ # sets :authenticate_user_from_token! (bang) in the before_action
191
+ expect(@controller_class).to receive(:before_action).with(:authenticate_user_from_token!, {})
192
+
193
+ # when falling back to Devise is enabled
194
+ @controller_class.acts_as_token_authentication_handler_for User
195
+
196
+ # when the hook is triggered
197
+ # Devise strategies take control of authentication
198
+ expect(@controller).to receive(:authenticate_user!)
199
+ @controller.authenticate_user_from_token! # bang
200
+ end
201
+ end
202
+
203
+ describe 'in a per-model (token authenticatable) way' do
204
+
205
+ before(:each) do
206
+ admin = double()
207
+ stub_const('Admin', admin)
208
+ allow(admin).to receive(:name).and_return('Admin')
209
+ end
210
+
211
+ context 'when false for User and true for Admin' do
212
+
213
+ before(:each) do
214
+ @controller = @controller_class.new
215
+ allow(@controller).to receive(:params)
216
+ allow(@controller).to receive(:find_record_from_identifier)
217
+
218
+ # sets :authenticate_user_from_token (non-bang) in the before_action
219
+ expect(@controller_class).to receive(:before_action).with(:authenticate_user_from_token, {})
220
+ # sets :authenticate_admin_from_token! (bang) in the before_action
221
+ expect(@controller_class).to receive(:before_action).with(:authenticate_admin_from_token!, {})
222
+
223
+ # when falling back to Devise is enabled for Admin but not User
224
+ @controller_class.acts_as_token_authentication_handler_for User, fallback_to_devise: false
225
+ @controller_class.acts_as_token_authentication_handler_for Admin, fallback_to_devise: true
226
+ end
227
+
228
+ context 'after no user suceeds token authentication' do
229
+
230
+ it 'does nothing', protected: true do
231
+ # when the user hook is triggered
232
+ # Devise strategies do not take control of authentication
233
+ expect(@controller).not_to receive(:authenticate_user!)
234
+ @controller.authenticate_user_from_token
235
+ end
236
+ end
237
+
238
+ context 'after no admin succeeds token authentication' do
239
+
240
+ it 'does delegate authentication to Devise', protected: true do
241
+ # when the admin hook is triggered
242
+ # Devise strategies do take control of authentication
243
+ expect(@controller).to receive(:authenticate_admin!)
244
+ @controller.authenticate_admin_from_token!
245
+ end
246
+ end
247
+ end
248
+ end
249
+ end
250
+ end
127
251
  end
128
252
  end