soar-authentication-identity 0.0.5 → 1.0.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.gemspec +2 -2
- data/README.md +6 -5
- data/config/config.ci.ldap.yml +17 -0
- data/config/config.ldap.yml +17 -0
- data/docker-compose.ci.staff.yml +26 -0
- data/{docker-compose.stub.yml → docker-compose.ci.stub.yml} +0 -0
- data/docker-compose.ldap.yml +11 -0
- data/lib/soar/authentication/identity/factory.rb +7 -7
- data/lib/soar/authentication/identity/provider/staff.rb +1 -2
- data/lib/soar/authentication/identity/test/orchestration_provider/staff.rb +21 -16
- metadata +9 -6
- data/docker-compose.staff.yml +0 -13
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: d0c10321d30cb51dff6520b6593a11f12a3aa6fa
|
4
|
+
data.tar.gz: a2e413006c1fbede1b6b91ca6a0b02f0ff348fbf
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: a9cf1b43cdb354c07683908a1c84803875126f2c147e2debecb4c94ac547fa42fa0a13b091436bd1b16e5de18b74bd02a336a7c66cf8f1fcf6b9ea4eab74c01b
|
7
|
+
data.tar.gz: ddbde62e2d3cf33e17cd33586d8bf51d4b723ab755646249f9719c2797599e773ec12243800e807842cf6470bf66780d7eec4f0e0ecf4e005d88e894ad7d9361
|
data/.gemspec
CHANGED
@@ -1,6 +1,6 @@
|
|
1
1
|
Gem::Specification.new do |spec|
|
2
2
|
spec.name = "soar-authentication-identity"
|
3
|
-
spec.version = "0.0
|
3
|
+
spec.version = "1.0.0"
|
4
4
|
spec.authors = ["Charles Mulder"]
|
5
5
|
spec.email = ["charles.mulder@hetzner.co.za"]
|
6
6
|
|
@@ -10,5 +10,5 @@ Gem::Specification.new do |spec|
|
|
10
10
|
spec.files = `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(test|spec|features)/}) }
|
11
11
|
spec.require_paths = ["lib"]
|
12
12
|
|
13
|
-
spec.add_runtime_dependency 'soar-registry-identity', '~> 1.0.
|
13
|
+
spec.add_runtime_dependency 'soar-registry-identity', '~> 1.0.2'
|
14
14
|
end
|
data/README.md
CHANGED
@@ -15,8 +15,8 @@ Example using the factory.
|
|
15
15
|
"staff" => {
|
16
16
|
"class" => 'Soar::Registry::Directory::Provider::Stub',
|
17
17
|
"config" => {
|
18
|
-
|
19
|
-
|
18
|
+
table: "identity",
|
19
|
+
index: ["uuid", "email"]
|
20
20
|
}
|
21
21
|
},
|
22
22
|
"customer" => {},
|
@@ -45,7 +45,8 @@ $ TEST_ORCHESTRATION_PROVIDER=Stub cucumber
|
|
45
45
|
|
46
46
|
#### Staff identity provider
|
47
47
|
```bash
|
48
|
-
$
|
48
|
+
$ docker-compose --file docker-compose.ldap.yml up --remove-orphans
|
49
|
+
$ CONFIG_FILE=config.ldap.yml TEST_ORCHESTRATION_PROVIDER=Staff cucumber
|
49
50
|
```
|
50
51
|
|
51
52
|
#### Customer identity provider
|
@@ -58,14 +59,14 @@ Not implemented
|
|
58
59
|
|
59
60
|
#### Stub identity provider
|
60
61
|
```bash
|
61
|
-
docker-compose --file docker-compose.stub.yml up --abort-on-container-exit --remove-orphans
|
62
|
+
docker-compose --file docker-compose.ci.stub.yml up --abort-on-container-exit --remove-orphans
|
62
63
|
EXIT_CODE=$(docker ps -a -f "name=soar-authentication-identity-provider-stub" -q | xargs docker inspect -f "{{ .State.ExitCode }}");
|
63
64
|
exit $EXIT_CODE;
|
64
65
|
```
|
65
66
|
|
66
67
|
#### Staff identity provider
|
67
68
|
```bash
|
68
|
-
docker-compose --file docker-compose.staff.yml up --abort-on-container-exit --remove-orphans
|
69
|
+
docker-compose --file docker-compose.ci.staff.yml up --abort-on-container-exit --remove-orphans
|
69
70
|
EXIT_CODE=$(docker ps -a -f "name=soar-authentication-identity-provider-staff" -q | xargs docker inspect -f "{{ .State.ExitCode }}");
|
70
71
|
exit $EXIT_CODE;
|
71
72
|
```
|
@@ -0,0 +1,17 @@
|
|
1
|
+
class: 'Soar::Registry::Directory::Provider::Ldap'
|
2
|
+
config:
|
3
|
+
base: 'dc=hetzner,dc=co,dc=za'
|
4
|
+
index:
|
5
|
+
- :entryuuid
|
6
|
+
- :mail
|
7
|
+
config:
|
8
|
+
host: 'ldap'
|
9
|
+
port: 389
|
10
|
+
attributes:
|
11
|
+
- 'entryuuid'
|
12
|
+
- 'cn'
|
13
|
+
- 'mail'
|
14
|
+
- 'sn'
|
15
|
+
credentials:
|
16
|
+
username: 'cn=admin,dc=hetzner,dc=co,dc=za'
|
17
|
+
password: 'secret'
|
@@ -0,0 +1,17 @@
|
|
1
|
+
class: 'Soar::Registry::Directory::Provider::Ldap'
|
2
|
+
config:
|
3
|
+
base: 'dc=hetzner,dc=co,dc=za'
|
4
|
+
index:
|
5
|
+
- :entryuuid
|
6
|
+
- :mail
|
7
|
+
config:
|
8
|
+
host: 'localhost'
|
9
|
+
port: 389
|
10
|
+
attributes:
|
11
|
+
- 'entryuuid'
|
12
|
+
- 'cn'
|
13
|
+
- 'mail'
|
14
|
+
- 'sn'
|
15
|
+
credentials:
|
16
|
+
username: 'cn=admin,dc=hetzner,dc=co,dc=za'
|
17
|
+
password: 'secret'
|
@@ -0,0 +1,26 @@
|
|
1
|
+
version: "2"
|
2
|
+
services:
|
3
|
+
ldap:
|
4
|
+
image: nickstenning/slapd
|
5
|
+
expose:
|
6
|
+
- "389"
|
7
|
+
container_name: soar-authentication-identity-provider-staff-ldap
|
8
|
+
environment:
|
9
|
+
- LDAP_DOMAIN=hetzner.co.za
|
10
|
+
- LDAP_ORGANIZATION=Hetzner
|
11
|
+
- LDAP_ROOTPASS=secret
|
12
|
+
|
13
|
+
tests:
|
14
|
+
build:
|
15
|
+
context: .
|
16
|
+
image: soar-authentication-identity-provider-staff
|
17
|
+
container_name: soar-authentication-identity-provider-staff
|
18
|
+
links:
|
19
|
+
- ldap
|
20
|
+
environment:
|
21
|
+
- CONFIG_FILE=config.ci.ldap.yml
|
22
|
+
- TEST_ORCHESTRATION_PROVIDER=Staff
|
23
|
+
|
24
|
+
|
25
|
+
|
26
|
+
|
File without changes
|
@@ -1,5 +1,6 @@
|
|
1
1
|
require 'soar/authentication/identity'
|
2
2
|
require 'soar/registry/directory'
|
3
|
+
require 'hashie'
|
3
4
|
|
4
5
|
module Soar
|
5
6
|
module Authentication
|
@@ -12,9 +13,7 @@ module Soar
|
|
12
13
|
# @return [Soar::Authentication::Identity]
|
13
14
|
# @raise [ArgumentError]
|
14
15
|
##
|
15
|
-
def self.create(directory_configurations:
|
16
|
-
raise ArgumentError, 'Missing required directory configuration' if directory_configurations.nil?
|
17
|
-
raise ArgumentError, 'Missing required authenticated identifier' if authenticated_identifier.nil?
|
16
|
+
def self.create(directory_configurations: , authenticated_identifier: )
|
18
17
|
provider = get_provider(directory_configurations, authenticated_identifier)
|
19
18
|
Soar::Authentication::Identity.new(provider)
|
20
19
|
end
|
@@ -28,7 +27,7 @@ module Soar
|
|
28
27
|
##
|
29
28
|
def self.get_directory(config)
|
30
29
|
provider_class = Object.const_get(config.fetch('class'))
|
31
|
-
provider = provider_class.new(config.fetch('config')
|
30
|
+
provider = provider_class.new(Hashie.symbolize_keys(config.fetch('config')))
|
32
31
|
Soar::Registry::Directory.new(provider)
|
33
32
|
end
|
34
33
|
|
@@ -40,13 +39,14 @@ module Soar
|
|
40
39
|
def self.get_provider(directory_configurations, authenticated_identifier)
|
41
40
|
case authenticated_identifier
|
42
41
|
when /@hetzner.co.za\z/
|
42
|
+
#when /^[^@-_a-zA-Z0-9]@hetzner.co.za\z/
|
43
43
|
Soar::Authentication::Identity::Provider::Staff.new({
|
44
|
-
directory: get_directory(directory_configurations.fetch(
|
44
|
+
directory: get_directory(directory_configurations.fetch(:staff)),
|
45
45
|
authenticated_identifier: authenticated_identifier
|
46
46
|
})
|
47
|
-
when /D\d
|
47
|
+
when /D\d+$/
|
48
48
|
raise NotImplementedError, 'Domain identities require an implementation'
|
49
|
-
when /^[CF]{0,1}\d
|
49
|
+
when /^[CF]{0,1}\d+$/
|
50
50
|
raise NotImplementedError, 'Customer identities require an implementation'
|
51
51
|
else
|
52
52
|
raise Soar::Authentication::Identity::Error::UnknownIdentityError, 'Unknown identity'
|
@@ -9,30 +9,34 @@ module Soar
|
|
9
9
|
class Staff
|
10
10
|
|
11
11
|
def initialize
|
12
|
+
@directory_configurations = {
|
13
|
+
staff: YAML.load_file("config/#{ENV['CONFIG_FILE']}"),
|
14
|
+
customer: {},
|
15
|
+
domain: {}
|
16
|
+
}
|
17
|
+
|
12
18
|
@entry = {
|
13
|
-
|
14
|
-
|
19
|
+
dn: "cn=John Smith,#{@directory_configurations[:staff]["config"]["base"]}",
|
20
|
+
attributes: {
|
21
|
+
cn: "John Smith",
|
22
|
+
mail: "test@hetzner.co.za",
|
23
|
+
objectclass: ["inetOrgPerson", "top"],
|
24
|
+
sn: "Smith"
|
25
|
+
}
|
15
26
|
}
|
27
|
+
|
16
28
|
@identity = Soar::Authentication::Identity::Factory.create({
|
17
|
-
authenticated_identifier: @entry[
|
18
|
-
directory_configurations:
|
19
|
-
"staff" => {
|
20
|
-
"class" => 'Soar::Registry::Directory::Provider::Stub',
|
21
|
-
"config" => {
|
22
|
-
"table" => "identity",
|
23
|
-
"index" => ["uuid", "email"]
|
24
|
-
}
|
25
|
-
},
|
26
|
-
"customer" => {},
|
27
|
-
"domain" => {}
|
28
|
-
}
|
29
|
+
authenticated_identifier: @entry[:attributes][:mail],
|
30
|
+
directory_configurations: @directory_configurations
|
29
31
|
})
|
32
|
+
|
30
33
|
end
|
31
34
|
|
32
35
|
##
|
33
36
|
# @return [Nil]
|
34
37
|
##
|
35
38
|
def given_existing_identity
|
39
|
+
@identity.directory.provider.delete(@entry[:dn])
|
36
40
|
@identity.directory.put(@entry)
|
37
41
|
end
|
38
42
|
|
@@ -40,7 +44,7 @@ module Soar
|
|
40
44
|
# @return [Nil]
|
41
45
|
##
|
42
46
|
def given_authenticated_identifier
|
43
|
-
@entry[
|
47
|
+
@entry[:attributes][:mail]
|
44
48
|
end
|
45
49
|
|
46
50
|
##
|
@@ -54,7 +58,8 @@ module Soar
|
|
54
58
|
# @return [Boolean]
|
55
59
|
##
|
56
60
|
def uuid?
|
57
|
-
|
61
|
+
entry = @identity.directory.search("mail", @entry[:attributes][:mail])
|
62
|
+
entry[0][@identity.directory.index[0]] == @identity.uuid
|
58
63
|
end
|
59
64
|
|
60
65
|
##
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: soar-authentication-identity
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.0
|
4
|
+
version: 1.0.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Charles Mulder
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2017-01-
|
11
|
+
date: 2017-01-09 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: soar-registry-identity
|
@@ -16,14 +16,14 @@ dependencies:
|
|
16
16
|
requirements:
|
17
17
|
- - "~>"
|
18
18
|
- !ruby/object:Gem::Version
|
19
|
-
version: 1.0.
|
19
|
+
version: 1.0.2
|
20
20
|
type: :runtime
|
21
21
|
prerelease: false
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
23
23
|
requirements:
|
24
24
|
- - "~>"
|
25
25
|
- !ruby/object:Gem::Version
|
26
|
-
version: 1.0.
|
26
|
+
version: 1.0.2
|
27
27
|
description:
|
28
28
|
email:
|
29
29
|
- charles.mulder@hetzner.co.za
|
@@ -40,8 +40,11 @@ files:
|
|
40
40
|
- Gemfile
|
41
41
|
- README.md
|
42
42
|
- Rakefile
|
43
|
-
-
|
44
|
-
-
|
43
|
+
- config/config.ci.ldap.yml
|
44
|
+
- config/config.ldap.yml
|
45
|
+
- docker-compose.ci.staff.yml
|
46
|
+
- docker-compose.ci.stub.yml
|
47
|
+
- docker-compose.ldap.yml
|
45
48
|
- lib/soar/authentication/identity.rb
|
46
49
|
- lib/soar/authentication/identity/error.rb
|
47
50
|
- lib/soar/authentication/identity/factory.rb
|
data/docker-compose.staff.yml
DELETED