soar_authentication_token 5.0.2 → 5.0.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/soar_authentication_token/providers/remote_token_generator.rb +22 -3
- data/lib/soar_authentication_token/providers/remote_token_validator.rb +19 -2
- data/lib/soar_authentication_token/rack_middleware.rb +1 -1
- data/lib/soar_authentication_token/version.rb +1 -1
- data/spec/config_rotator_spec.rb +100 -64
- data/spec/rack_middleware_spec.rb +5 -4
- data/spec/remote_token_validator_spec.rb +25 -0
- data/spec/token_generator_spec.rb +21 -0
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 491fb012d892cd595bc740285e53eceab63a0e40
|
4
|
+
data.tar.gz: c75f083d8147b4cd3d85c883b1a1b135457587ff
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 25bdc621393d29988cb0f84228a611f475871997d80cd61a0b2e35c7c634d07507738acea54213139d5991ff1b6d7fc892d295f20c4f889f92a6c79e61ae5838
|
7
|
+
data.tar.gz: d3397fd56e4436a945ab7abd3195af33beb82708455eb703011ad89acb6e30a9683be8e923eaabe8de219c6f4e413f8c487c11f90dfe741c2b07466b5ab79a6a
|
@@ -5,6 +5,7 @@ module SoarAuthenticationToken
|
|
5
5
|
class RemoteTokenGenerator
|
6
6
|
def initialize(configuration)
|
7
7
|
@configuration = configuration
|
8
|
+
set_configuration_defaults
|
8
9
|
validate_configuration
|
9
10
|
end
|
10
11
|
|
@@ -13,12 +14,26 @@ module SoarAuthenticationToken
|
|
13
14
|
end
|
14
15
|
|
15
16
|
def generate(authenticated_identifier:, flow_identifier: nil)
|
16
|
-
|
17
|
-
|
17
|
+
attempt = 0
|
18
|
+
begin
|
19
|
+
Timeout::timeout(@configuration['timeout']) do
|
20
|
+
client = authenticated_client(authenticated_identifier,flow_identifier)
|
21
|
+
validate_and_extract_token_from_response(client.request)
|
22
|
+
end
|
23
|
+
rescue Timeout::Error
|
24
|
+
attempt += 1
|
25
|
+
retry if attempt < @configuration['attempts']
|
26
|
+
raise
|
27
|
+
end
|
18
28
|
end
|
19
29
|
|
20
30
|
private
|
21
31
|
|
32
|
+
def set_configuration_defaults
|
33
|
+
@configuration['timeout'] ||= 3
|
34
|
+
@configuration['attempts'] ||= 2
|
35
|
+
end
|
36
|
+
|
22
37
|
def authenticated_client(authenticated_identifier,flow_identifier)
|
23
38
|
client = AuthenticatedClient::Client.new
|
24
39
|
client.url = @configuration['generator-url']
|
@@ -38,7 +53,11 @@ module SoarAuthenticationToken
|
|
38
53
|
end
|
39
54
|
|
40
55
|
def validate_configuration
|
41
|
-
raise "'generator-url' must be configured"
|
56
|
+
raise "'generator-url' must be configured" unless @configuration['generator-url']
|
57
|
+
raise "'timeout' must be configured" unless @configuration['timeout']
|
58
|
+
raise "'timeout' must be an integer" unless Integer(@configuration['timeout'])
|
59
|
+
raise "'attempts' must be configured" unless @configuration['attempts']
|
60
|
+
raise "'attempts' must be an integer" unless Integer(@configuration['attempts'])
|
42
61
|
end
|
43
62
|
end
|
44
63
|
end
|
@@ -4,6 +4,7 @@ module SoarAuthenticationToken
|
|
4
4
|
class RemoteTokenValidator
|
5
5
|
def initialize(configuration)
|
6
6
|
@configuration = configuration
|
7
|
+
set_configuration_defaults
|
7
8
|
validate_configuration
|
8
9
|
end
|
9
10
|
|
@@ -12,12 +13,26 @@ module SoarAuthenticationToken
|
|
12
13
|
end
|
13
14
|
|
14
15
|
def validate(authentication_token:,flow_identifier: nil)
|
15
|
-
|
16
|
-
|
16
|
+
attempt = 0
|
17
|
+
begin
|
18
|
+
Timeout::timeout(@configuration['timeout']) do
|
19
|
+
response = send_request(authentication_token,flow_identifier)
|
20
|
+
validate_and_extract_information_from_response(response)
|
21
|
+
end
|
22
|
+
rescue Timeout::Error
|
23
|
+
attempt += 1
|
24
|
+
retry if attempt < @configuration['attempts']
|
25
|
+
raise
|
26
|
+
end
|
17
27
|
end
|
18
28
|
|
19
29
|
private
|
20
30
|
|
31
|
+
def set_configuration_defaults
|
32
|
+
@configuration['timeout'] ||= 3
|
33
|
+
@configuration['attempts'] ||= 2
|
34
|
+
end
|
35
|
+
|
21
36
|
def send_request(authentication_token,flow_identifier)
|
22
37
|
uri = URI.parse(@configuration['validator-url'])
|
23
38
|
uri.query = URI.encode_www_form( {'flow_identifier' => flow_identifier} )
|
@@ -48,6 +63,8 @@ module SoarAuthenticationToken
|
|
48
63
|
|
49
64
|
def validate_configuration
|
50
65
|
raise "'validator-url' must be configured in remote mode" unless @configuration['validator-url']
|
66
|
+
raise "'timeout' must be configured" unless @configuration['timeout']
|
67
|
+
raise "'timeout' must be an integer" unless Integer(@configuration['timeout'])
|
51
68
|
end
|
52
69
|
|
53
70
|
def rejection_result(reason:)
|
data/spec/config_rotator_spec.rb
CHANGED
@@ -11,17 +11,21 @@ describe SoarAuthenticationToken::ConfigRotator do
|
|
11
11
|
@private_key_4, @public_key_4 = keypair_generator.generate
|
12
12
|
|
13
13
|
@valid_validator_config = {
|
14
|
-
'
|
15
|
-
|
16
|
-
'
|
17
|
-
|
18
|
-
|
14
|
+
'auth_token_validator' => {
|
15
|
+
'provider' => 'SoarAuthenticationToken::JwtTokenValidator',
|
16
|
+
'keys' => {
|
17
|
+
'KEYPAIR_20160107T230101' => { 'public_key' => @public_key_1 },
|
18
|
+
'KEYPAIR_20160107T230201' => { 'public_key' => @public_key_2 },
|
19
|
+
'KEYPAIR_20160107T230301' => { 'public_key' => @public_key_3 }
|
20
|
+
}
|
19
21
|
}
|
20
22
|
}
|
21
23
|
@valid_generator_config = {
|
22
|
-
'
|
23
|
-
|
24
|
-
|
24
|
+
'auth_token_generator' => {
|
25
|
+
'provider' => 'SoarAuthenticationToken::JwtTokenGenerator',
|
26
|
+
'private_key' => @private_key_3,
|
27
|
+
'key_description' => 'original key'
|
28
|
+
}
|
25
29
|
}
|
26
30
|
end
|
27
31
|
|
@@ -34,7 +38,9 @@ describe SoarAuthenticationToken::ConfigRotator do
|
|
34
38
|
context "with key list containing no keys" do
|
35
39
|
let!(:validator_configuration) {
|
36
40
|
{
|
37
|
-
'
|
41
|
+
'auth_token_validator' => {
|
42
|
+
'keys' => { }
|
43
|
+
}
|
38
44
|
}
|
39
45
|
}
|
40
46
|
it 'the resulting list is kept intact with no keys' do
|
@@ -42,7 +48,9 @@ describe SoarAuthenticationToken::ConfigRotator do
|
|
42
48
|
subject.send(:trim_public_keys, test_configuration)
|
43
49
|
expect(test_configuration).to eq(
|
44
50
|
{
|
45
|
-
'
|
51
|
+
'auth_token_validator' => {
|
52
|
+
'keys' => { }
|
53
|
+
}
|
46
54
|
})
|
47
55
|
end
|
48
56
|
end
|
@@ -50,9 +58,11 @@ describe SoarAuthenticationToken::ConfigRotator do
|
|
50
58
|
context "with key list containing lower than maximum allowed number of keys" do
|
51
59
|
let!(:validator_configuration) {
|
52
60
|
{
|
53
|
-
'
|
54
|
-
'
|
55
|
-
|
61
|
+
'auth_token_validator' => {
|
62
|
+
'keys' => {
|
63
|
+
'KEYPAIR_20160107T230001' => [],
|
64
|
+
'KEYPAIR_20160107T230101' => []
|
65
|
+
}
|
56
66
|
}
|
57
67
|
}
|
58
68
|
}
|
@@ -60,9 +70,11 @@ describe SoarAuthenticationToken::ConfigRotator do
|
|
60
70
|
test_configuration = validator_configuration.dup
|
61
71
|
subject.send(:trim_public_keys, test_configuration)
|
62
72
|
expect(test_configuration).to eq( {
|
63
|
-
'
|
64
|
-
'
|
65
|
-
|
73
|
+
'auth_token_validator' => {
|
74
|
+
'keys' => {
|
75
|
+
'KEYPAIR_20160107T230001' => [],
|
76
|
+
'KEYPAIR_20160107T230101' => []
|
77
|
+
}
|
66
78
|
}
|
67
79
|
})
|
68
80
|
end
|
@@ -71,10 +83,12 @@ describe SoarAuthenticationToken::ConfigRotator do
|
|
71
83
|
context "with key list containing the maximum allowed number of keys" do
|
72
84
|
let!(:validator_configuration) {
|
73
85
|
{
|
74
|
-
'
|
75
|
-
'
|
76
|
-
|
77
|
-
|
86
|
+
'auth_token_validator' => {
|
87
|
+
'keys' => {
|
88
|
+
'KEYPAIR_20160107T230001' => [],
|
89
|
+
'KEYPAIR_20160107T230101' => [],
|
90
|
+
'KEYPAIR_20160107T230201' => []
|
91
|
+
}
|
78
92
|
}
|
79
93
|
}
|
80
94
|
}
|
@@ -82,9 +96,11 @@ describe SoarAuthenticationToken::ConfigRotator do
|
|
82
96
|
test_configuration = validator_configuration.dup
|
83
97
|
subject.send(:trim_public_keys, test_configuration)
|
84
98
|
expect(test_configuration).to eq( {
|
85
|
-
'
|
86
|
-
'
|
87
|
-
|
99
|
+
'auth_token_validator' => {
|
100
|
+
'keys' => {
|
101
|
+
'KEYPAIR_20160107T230101' => [],
|
102
|
+
'KEYPAIR_20160107T230201' => []
|
103
|
+
}
|
88
104
|
}
|
89
105
|
})
|
90
106
|
end
|
@@ -93,11 +109,13 @@ describe SoarAuthenticationToken::ConfigRotator do
|
|
93
109
|
context "with key list containing more than the maximum allowed number of keys" do
|
94
110
|
let!(:validator_configuration) {
|
95
111
|
{
|
96
|
-
'
|
97
|
-
'
|
98
|
-
|
99
|
-
|
100
|
-
|
112
|
+
'auth_token_validator' => {
|
113
|
+
'keys' => {
|
114
|
+
'KEYPAIR_20160107T230001' => [],
|
115
|
+
'KEYPAIR_20160107T230401' => [],
|
116
|
+
'KEYPAIR_20160107T230201' => [],
|
117
|
+
'KEYPAIR_20160107T230101' => []
|
118
|
+
}
|
101
119
|
}
|
102
120
|
}
|
103
121
|
}
|
@@ -105,9 +123,11 @@ describe SoarAuthenticationToken::ConfigRotator do
|
|
105
123
|
test_configuration = validator_configuration.dup
|
106
124
|
subject.send(:trim_public_keys, test_configuration)
|
107
125
|
expect(test_configuration).to eq( {
|
108
|
-
|
109
|
-
'
|
110
|
-
|
126
|
+
'auth_token_validator' => {
|
127
|
+
'keys' => {
|
128
|
+
'KEYPAIR_20160107T230201' => [],
|
129
|
+
'KEYPAIR_20160107T230401' => []
|
130
|
+
}
|
111
131
|
}
|
112
132
|
})
|
113
133
|
end
|
@@ -126,7 +146,7 @@ describe SoarAuthenticationToken::ConfigRotator do
|
|
126
146
|
let!(:generator_config_file_name) {
|
127
147
|
filename = "generator_config.json"
|
128
148
|
File.open(filename,"w") do |f|
|
129
|
-
f.write({}.to_json) #Empty hash is an Invalid hash
|
149
|
+
f.write({'auth_token_generator' => {}}.to_json) #Empty hash is an Invalid hash
|
130
150
|
end
|
131
151
|
filename
|
132
152
|
}
|
@@ -141,7 +161,7 @@ describe SoarAuthenticationToken::ConfigRotator do
|
|
141
161
|
let!(:validator_config_file_name) {
|
142
162
|
filename = "validator_config.json"
|
143
163
|
File.open(filename,"w") do |f|
|
144
|
-
f.write({}.to_json) #Empty hash is an invalid hash
|
164
|
+
f.write({'auth_token_validator' => {}}.to_json) #Empty hash is an invalid hash
|
145
165
|
end
|
146
166
|
filename
|
147
167
|
}
|
@@ -178,7 +198,7 @@ describe SoarAuthenticationToken::ConfigRotator do
|
|
178
198
|
subject.rotate_json_config_files(generator_file_name: generator_config_file_name,
|
179
199
|
validator_file_name: validator_config_file_name)
|
180
200
|
generator_config = JSON.parse(File.read(generator_config_file_name))
|
181
|
-
expect(generator_config['private_key']).to_not eq(@valid_generator_config['private_key'])
|
201
|
+
expect(generator_config['auth_token_generator']['private_key']).to_not eq(@valid_generator_config['auth_token_generator']['private_key'])
|
182
202
|
end
|
183
203
|
|
184
204
|
it 'adds the newly generated public key to the validator configuration' do
|
@@ -186,7 +206,7 @@ describe SoarAuthenticationToken::ConfigRotator do
|
|
186
206
|
validator_file_name: validator_config_file_name)
|
187
207
|
generator_config = JSON.parse(File.read(generator_config_file_name))
|
188
208
|
validator_config = JSON.parse(File.read(validator_config_file_name))
|
189
|
-
expect(validator_config['keys'][generator_config['key_description']]).to_not be nil
|
209
|
+
expect(validator_config['auth_token_validator']['keys'][generator_config['auth_token_generator']['key_description']]).to_not be nil
|
190
210
|
end
|
191
211
|
|
192
212
|
it 'removes the oldest public key from the validator configuration in keeping with maximum number of keys' do
|
@@ -194,7 +214,7 @@ describe SoarAuthenticationToken::ConfigRotator do
|
|
194
214
|
validator_file_name: validator_config_file_name)
|
195
215
|
generator_config = JSON.parse(File.read(generator_config_file_name))
|
196
216
|
validator_config = JSON.parse(File.read(validator_config_file_name))
|
197
|
-
expect(validator_config['keys'].size).to be 3
|
217
|
+
expect(validator_config['auth_token_validator']['keys'].size).to be 3
|
198
218
|
end
|
199
219
|
end
|
200
220
|
end
|
@@ -202,15 +222,19 @@ describe SoarAuthenticationToken::ConfigRotator do
|
|
202
222
|
context "when confirming that configurations are valid" do
|
203
223
|
context "given validator (with single public key) configuration that includes generator key" do
|
204
224
|
let!(:validator_config) {{
|
205
|
-
'
|
206
|
-
|
207
|
-
'
|
225
|
+
'auth_token_validator' => {
|
226
|
+
'provider' => 'SoarAuthenticationToken::JwtTokenValidator',
|
227
|
+
'keys' => {
|
228
|
+
'KEYPAIR_20160107T230101' => { 'public_key' => @public_key_1 }
|
229
|
+
}
|
208
230
|
}
|
209
231
|
}}
|
210
232
|
let!(:generator_config) {{
|
211
|
-
'
|
212
|
-
|
213
|
-
|
233
|
+
'auth_token_generator' => {
|
234
|
+
'provider' => 'SoarAuthenticationToken::JwtTokenGenerator',
|
235
|
+
'private_key' => @private_key_1,
|
236
|
+
'key_description' => 'original key'
|
237
|
+
}
|
214
238
|
}}
|
215
239
|
it 'responds that the configuration combination is valid' do
|
216
240
|
valid = subject.configurations_match_and_valid?(generator_config: generator_config,
|
@@ -221,15 +245,19 @@ describe SoarAuthenticationToken::ConfigRotator do
|
|
221
245
|
|
222
246
|
context "given validator (with single public key) configuration that does not include generator key" do
|
223
247
|
let!(:validator_config) {{
|
224
|
-
'
|
225
|
-
|
226
|
-
'
|
248
|
+
'auth_token_validator' => {
|
249
|
+
'provider' => 'SoarAuthenticationToken::JwtTokenValidator',
|
250
|
+
'keys' => {
|
251
|
+
'KEYPAIR_20160107T230101' => { 'public_key' => @public_key_1 }
|
252
|
+
}
|
227
253
|
}
|
228
254
|
}}
|
229
255
|
let!(:generator_config) {{
|
230
|
-
'
|
231
|
-
|
232
|
-
|
256
|
+
'auth_token_generator' => {
|
257
|
+
'provider' => 'SoarAuthenticationToken::JwtTokenGenerator',
|
258
|
+
'private_key' => @private_key_2,
|
259
|
+
'key_description' => 'original key'
|
260
|
+
}
|
233
261
|
}}
|
234
262
|
it 'responds that the configuration combination is not valid' do
|
235
263
|
valid = subject.configurations_match_and_valid?(generator_config: generator_config,
|
@@ -240,17 +268,21 @@ describe SoarAuthenticationToken::ConfigRotator do
|
|
240
268
|
|
241
269
|
context "given validator (with multiple public keys) configuration that include generator key" do
|
242
270
|
let!(:validator_config) {{
|
243
|
-
'
|
244
|
-
|
245
|
-
'
|
246
|
-
|
247
|
-
|
271
|
+
'auth_token_validator' => {
|
272
|
+
'provider' => 'SoarAuthenticationToken::JwtTokenValidator',
|
273
|
+
'keys' => {
|
274
|
+
'KEYPAIR_20160107T230101' => { 'public_key' => @public_key_1 },
|
275
|
+
'KEYPAIR_20160107T230201' => { 'public_key' => @public_key_2 },
|
276
|
+
'KEYPAIR_20160107T230301' => { 'public_key' => @public_key_3 },
|
277
|
+
}
|
248
278
|
}
|
249
279
|
}}
|
250
280
|
let!(:generator_config) {{
|
251
|
-
'
|
252
|
-
|
253
|
-
|
281
|
+
'auth_token_generator' => {
|
282
|
+
'provider' => 'SoarAuthenticationToken::JwtTokenGenerator',
|
283
|
+
'private_key' => @private_key_2,
|
284
|
+
'key_description' => 'original key'
|
285
|
+
}
|
254
286
|
}}
|
255
287
|
it 'responds that the configuration combination is valid' do
|
256
288
|
valid = subject.configurations_match_and_valid?(generator_config: generator_config,
|
@@ -261,17 +293,21 @@ describe SoarAuthenticationToken::ConfigRotator do
|
|
261
293
|
|
262
294
|
context "given validator (with multiple public keys) configuration that does not include generator key" do
|
263
295
|
let!(:validator_config) {{
|
264
|
-
'
|
265
|
-
|
266
|
-
'
|
267
|
-
|
268
|
-
|
296
|
+
'auth_token_validator' => {
|
297
|
+
'provider' => 'SoarAuthenticationToken::JwtTokenValidator',
|
298
|
+
'keys' => {
|
299
|
+
'KEYPAIR_20160107T230101' => { 'public_key' => @public_key_1 },
|
300
|
+
'KEYPAIR_20160107T230201' => { 'public_key' => @public_key_2 },
|
301
|
+
'KEYPAIR_20160107T230301' => { 'public_key' => @public_key_3 },
|
302
|
+
}
|
269
303
|
}
|
270
304
|
}}
|
271
305
|
let!(:generator_config) {{
|
272
|
-
'
|
273
|
-
|
274
|
-
|
306
|
+
'auth_token_generator' => {
|
307
|
+
'provider' => 'SoarAuthenticationToken::JwtTokenGenerator',
|
308
|
+
'private_key' => @private_key_4,
|
309
|
+
'key_description' => 'original key'
|
310
|
+
}
|
275
311
|
}}
|
276
312
|
it 'responds that the configuration combination is not valid' do
|
277
313
|
valid = subject.configurations_match_and_valid?(generator_config: generator_config,
|
@@ -44,12 +44,13 @@ describe SoarAuthenticationToken::RackMiddleware do
|
|
44
44
|
@test_app = lambda do |env|
|
45
45
|
request = Rack::Request.new env
|
46
46
|
session = request.session
|
47
|
+
$stderr.puts "In the controller"
|
47
48
|
test_app_response_data = {
|
48
49
|
'message' => "tested with authenticated user #{session['user']}",
|
49
50
|
'user' => session['user'],
|
50
51
|
'auth_token_meta' => session['auth_token_meta']
|
51
52
|
}
|
52
|
-
[200, {"Content-Type"=>"
|
53
|
+
[200, {"Content-Type" => "application/json"}, test_app_response_data ]
|
53
54
|
end
|
54
55
|
@iut_configuration = {
|
55
56
|
'provider' => 'SoarAuthenticationToken::RemoteTokenValidator',
|
@@ -77,7 +78,7 @@ describe SoarAuthenticationToken::RackMiddleware do
|
|
77
78
|
it "return with 401" do
|
78
79
|
opts = { }
|
79
80
|
code, env, body = @iut.call Rack::MockRequest.env_for('http://service', opts)
|
80
|
-
expect([code, env, body]).to eq([401, {"Content-Type" => "
|
81
|
+
expect([code, env, body]).to eq([401, {"Content-Type" => "application/json"}, ["401 - Not authenticated"]])
|
81
82
|
end
|
82
83
|
end
|
83
84
|
|
@@ -85,7 +86,7 @@ describe SoarAuthenticationToken::RackMiddleware do
|
|
85
86
|
it "return with 401" do
|
86
87
|
opts = { 'HTTP_AUTHORIZATION' => @local_invalid_generator.generate(authenticated_identifier: 'a@b.com') }
|
87
88
|
code, env, body = @iut.call Rack::MockRequest.env_for('http://service', opts)
|
88
|
-
expect([code, env, body]).to eq([401, {"Content-Type" => "
|
89
|
+
expect([code, env, body]).to eq([401, {"Content-Type" => "application/json"}, ["401 - Not authenticated"]])
|
89
90
|
end
|
90
91
|
end
|
91
92
|
|
@@ -93,7 +94,7 @@ describe SoarAuthenticationToken::RackMiddleware do
|
|
93
94
|
it "pass requests to the application" do
|
94
95
|
opts = { 'HTTP_AUTHORIZATION' => @local_valid_generator.generate(authenticated_identifier: 'a@b.com') }
|
95
96
|
code, env, body = @iut.call Rack::MockRequest.env_for('http://service', opts)
|
96
|
-
expect([code, env, body['message']]).to eq([200, {"Content-Type"=>"
|
97
|
+
expect([code, env, body['message']]).to eq([200, {"Content-Type"=>"application/json"}, "tested with authenticated user a@b.com" ])
|
97
98
|
end
|
98
99
|
|
99
100
|
it "populate the 'user' key in the rack session with the authenticated user" do
|
@@ -74,5 +74,30 @@ describe SoarAuthenticationToken::RemoteTokenValidator do
|
|
74
74
|
expect(message).to match /Token decode\/verification failure/
|
75
75
|
end
|
76
76
|
end
|
77
|
+
|
78
|
+
context 'given invalid token validator url that will result in timeouts' do
|
79
|
+
let!(:invalid_validator_configuration) {{
|
80
|
+
'provider' => 'SoarAuthenticationToken::RemoteTokenValidator',
|
81
|
+
'validator-url' => 'http://auth-token-validator.auto-h.net/validate',
|
82
|
+
'generator-client-auth-token' => 'test_ecosystem_token_for_auth_token_aaapi_authenticator_service'
|
83
|
+
}}
|
84
|
+
let!(:iut) { subject.new(invalid_validator_configuration) }
|
85
|
+
let!(:valid_token) {
|
86
|
+
token, token_generator_meta = @remote_generator.generate(authenticated_identifier: @test_identifier)
|
87
|
+
token
|
88
|
+
}
|
89
|
+
it 'raise error after attempt that timeout has occured' do
|
90
|
+
expect{
|
91
|
+
iut.validate(authentication_token: valid_token)
|
92
|
+
}.to raise_error Timeout::Error
|
93
|
+
end
|
94
|
+
it 'by default attempts 2 times with 3 second timeout' do
|
95
|
+
start_time = Time.now
|
96
|
+
expect{
|
97
|
+
iut.validate(authentication_token: valid_token)
|
98
|
+
}.to raise_error Timeout::Error
|
99
|
+
expect(Time.now - start_time).to be_within(1).of 6
|
100
|
+
end
|
101
|
+
end
|
77
102
|
end
|
78
103
|
end
|
@@ -73,4 +73,25 @@ describe SoarAuthenticationToken::TokenGenerator do
|
|
73
73
|
expect(messages).to match(/Valid token/)
|
74
74
|
end
|
75
75
|
end
|
76
|
+
|
77
|
+
context 'given invalid token generator url that will result in timeouts' do
|
78
|
+
let!(:invalid_generator_configuration) {{
|
79
|
+
'provider' => 'SoarAuthenticationToken::RemoteTokenGenerator',
|
80
|
+
'generator-url' => 'http://auth-token-generator.auto-h.net/generate',
|
81
|
+
'generator-client-auth-token' => 'test_ecosystem_token_for_auth_token_aaapi_authenticator_service'
|
82
|
+
}}
|
83
|
+
let!(:iut) { SoarAuthenticationToken::TokenGenerator.new(invalid_generator_configuration) }
|
84
|
+
it 'raise error after attempt that timeout has occured' do
|
85
|
+
expect{
|
86
|
+
iut.generate(authenticated_identifier: @test_authenticated_identifier, flow_identifier: 'test-flow-id')
|
87
|
+
}.to raise_error Timeout::Error
|
88
|
+
end
|
89
|
+
it 'by default attempts 2 times with 3 second timeout' do
|
90
|
+
start_time = Time.now
|
91
|
+
expect{
|
92
|
+
iut.generate(authenticated_identifier: @test_authenticated_identifier, flow_identifier: 'test-flow-id')
|
93
|
+
}.to raise_error Timeout::Error
|
94
|
+
expect(Time.now - start_time).to be_within(1).of 6
|
95
|
+
end
|
96
|
+
end
|
76
97
|
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: soar_authentication_token
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 5.0.
|
4
|
+
version: 5.0.3
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Barney de Villiers
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2017-02-
|
11
|
+
date: 2017-02-27 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: soar_xt
|