soar_authentication_token 0.1.0 → 1.0.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.gitmodules +8 -0
- data/Gemfile +1 -0
- data/docker-compose.yml +7 -7
- data/lib/soar_authentication_token/rack_middleware.rb +3 -2
- data/lib/soar_authentication_token/token_generator.rb +23 -6
- data/lib/soar_authentication_token/token_validator.rb +38 -6
- data/lib/soar_authentication_token/version.rb +1 -1
- data/soar_authentication_token.gemspec +1 -0
- data/spec/rack_middleware_spec.rb +18 -4
- data/spec/spec_helper.rb +1 -0
- data/spec/token_generator_spec.rb +12 -6
- data/spec/token_validator_spec.rb +16 -12
- metadata +17 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 87964e7ea8211a562a63c243129746ca015c41f0
|
|
4
|
+
data.tar.gz: 9391628582b905df4d720f559bf787cdc1a46eaa
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: ac01a6c65000634dfa674bf4fdee98dd943739e2b12626de27ed57750f44b8daf94d87c828d13f6592bcf62991dc46d190502d5939b1079bd6e3a74a228807a2
|
|
7
|
+
data.tar.gz: 287ca8ee2cf219bea7a132a8c41e18d5c33427fa99a1c01df1a187ee2928c3e5d394e9247d34bb8daea36b1329852540c6af00bda25c3a2204e7de1e92ae3000
|
data/.gitmodules
ADDED
|
@@ -0,0 +1,8 @@
|
|
|
1
|
+
[submodule "authentication-token-generator-service"]
|
|
2
|
+
path = authentication-token-generator-service
|
|
3
|
+
url = git@gitlab.host-h.net:hetznerZA/authentication-token-generator-service.git
|
|
4
|
+
branch = master
|
|
5
|
+
[submodule "authentication-token-validator-service"]
|
|
6
|
+
path = authentication-token-validator-service
|
|
7
|
+
url = git@gitlab.host-h.net:hetznerZA/authentication-token-validator-service.git
|
|
8
|
+
branch = master
|
data/Gemfile
CHANGED
data/docker-compose.yml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
version: '2.0'
|
|
2
2
|
services:
|
|
3
3
|
soar-authentication-token:
|
|
4
|
-
command: /bin/bash -c 'sleep
|
|
4
|
+
command: /bin/bash -c 'sleep 5; bundle update; bundle exec rspec -cfd spec'
|
|
5
5
|
build: .
|
|
6
6
|
image: soar-authentication-token
|
|
7
7
|
volumes:
|
|
@@ -10,22 +10,22 @@ services:
|
|
|
10
10
|
- authentication-token-generator-service
|
|
11
11
|
- authentication-token-validator-service
|
|
12
12
|
authentication-token-generator-service:
|
|
13
|
-
build:
|
|
13
|
+
build: authentication-token-generator-service
|
|
14
14
|
image: authentication-token-generator-service
|
|
15
15
|
expose:
|
|
16
16
|
- "9393"
|
|
17
17
|
volumes:
|
|
18
|
-
-
|
|
18
|
+
- ./authentication-token-generator-service:/usr/local/src/
|
|
19
19
|
environment:
|
|
20
20
|
- RACK_ENV=development
|
|
21
|
-
- ENVIRONMENT_FILE=
|
|
21
|
+
- ENVIRONMENT_FILE=environment_local_ecosystem.yml
|
|
22
22
|
authentication-token-validator-service:
|
|
23
|
-
build:
|
|
23
|
+
build: authentication-token-validator-service
|
|
24
24
|
image: authentication-token-validator-service
|
|
25
25
|
expose:
|
|
26
26
|
- "9393"
|
|
27
27
|
volumes:
|
|
28
|
-
-
|
|
28
|
+
- ./authentication-token-validator-service:/usr/local/src/
|
|
29
29
|
environment:
|
|
30
30
|
- RACK_ENV=development
|
|
31
|
-
- ENVIRONMENT_FILE=
|
|
31
|
+
- ENVIRONMENT_FILE=environment_local_ecosystem.yml
|
|
@@ -10,9 +10,10 @@ module SoarAuthenticationToken
|
|
|
10
10
|
def call(env)
|
|
11
11
|
request = Rack::Request.new env
|
|
12
12
|
session, params = request.session, request.params
|
|
13
|
-
valid,
|
|
13
|
+
valid, token_meta = validate_and_resolve_token(request.env['HTTP_AUTHORIZATION'],params['flow_identifier'])
|
|
14
14
|
if valid
|
|
15
|
-
session['user'] = authenticated_identifier
|
|
15
|
+
session['user'] = token_meta['authenticated_identifier']
|
|
16
|
+
session['auth_token_meta'] = token_meta
|
|
16
17
|
@app.call env
|
|
17
18
|
else
|
|
18
19
|
[401, {"Content-Type" => "text/html"}, ["401 - Not authenticated"]]
|
|
@@ -9,6 +9,7 @@ require 'json'
|
|
|
9
9
|
module SoarAuthenticationToken
|
|
10
10
|
class TokenGenerator
|
|
11
11
|
DEFAULT_CONFIGURATION = {
|
|
12
|
+
'expiry' => 604800 #a days worth of seconds
|
|
12
13
|
} unless defined? DEFAULT_CONFIGURATION; DEFAULT_CONFIGURATION.freeze
|
|
13
14
|
|
|
14
15
|
def initialize(configuration)
|
|
@@ -17,6 +18,10 @@ module SoarAuthenticationToken
|
|
|
17
18
|
@private_key = OpenSSL::PKey::EC.new(@configuration['private_key'])
|
|
18
19
|
end
|
|
19
20
|
|
|
21
|
+
def inject_store_provider(store_provider)
|
|
22
|
+
@store_provider = store_provider
|
|
23
|
+
end
|
|
24
|
+
|
|
20
25
|
def generate(authenticated_identifier:, flow_identifier: nil)
|
|
21
26
|
return generate_locally(authenticated_identifier) if 'local' == @configuration['mode']
|
|
22
27
|
return generate_remotely(authenticated_identifier,flow_identifier)
|
|
@@ -25,7 +30,7 @@ module SoarAuthenticationToken
|
|
|
25
30
|
private
|
|
26
31
|
|
|
27
32
|
def generate_locally(authenticated_identifier)
|
|
28
|
-
encode(
|
|
33
|
+
encode(meta(authenticated_identifier))
|
|
29
34
|
end
|
|
30
35
|
|
|
31
36
|
def generate_remotely(authenticated_identifier,flow_identifier)
|
|
@@ -49,15 +54,17 @@ module SoarAuthenticationToken
|
|
|
49
54
|
body['data']['token']
|
|
50
55
|
end
|
|
51
56
|
|
|
52
|
-
def
|
|
57
|
+
def meta(authenticated_identifier)
|
|
58
|
+
current_time = Time.now
|
|
53
59
|
{ 'authenticated_identifier' => authenticated_identifier,
|
|
54
|
-
'
|
|
55
|
-
'
|
|
60
|
+
'token_issue_time' => current_time.utc.iso8601(3),
|
|
61
|
+
'token_expiry_time' => (current_time + @configuration['expiry']).utc.iso8601(3),
|
|
62
|
+
'token_identifier' => SecureRandom.hex(32)
|
|
56
63
|
}
|
|
57
64
|
end
|
|
58
65
|
|
|
59
|
-
def encode(
|
|
60
|
-
JWT.encode(
|
|
66
|
+
def encode(meta)
|
|
67
|
+
JWT.encode(meta, @private_key, 'ES512')
|
|
61
68
|
end
|
|
62
69
|
|
|
63
70
|
def validate_configuration
|
|
@@ -67,6 +74,8 @@ module SoarAuthenticationToken
|
|
|
67
74
|
raise "'generator-url' must be configured in remote mode" if @configuration['generator-url'].nil?
|
|
68
75
|
else
|
|
69
76
|
raise "'private_key' must be configured in local mode" unless @configuration['private_key']
|
|
77
|
+
raise "'expiry' must be configured in local mode" unless @configuration['expiry']
|
|
78
|
+
raise "'expiry' must be an integer" unless Integer(@configuration['expiry'])
|
|
70
79
|
end
|
|
71
80
|
end
|
|
72
81
|
|
|
@@ -74,5 +83,13 @@ module SoarAuthenticationToken
|
|
|
74
83
|
configuration = {} unless configuration
|
|
75
84
|
Hash.deep_merge(DEFAULT_CONFIGURATION,configuration)
|
|
76
85
|
end
|
|
86
|
+
|
|
87
|
+
def add_token_to_store?(meta)
|
|
88
|
+
@store_provider.add(
|
|
89
|
+
token_identifier: meta['token_identifier'],
|
|
90
|
+
authenticated_identifier: meta['authenticated_identifier'],
|
|
91
|
+
token_issue_time: meta['token_issue_time'],
|
|
92
|
+
token_expiry_time: meta['token_expiry_time'])
|
|
93
|
+
end
|
|
77
94
|
end
|
|
78
95
|
end
|
|
@@ -4,7 +4,7 @@ require 'jwt'
|
|
|
4
4
|
module SoarAuthenticationToken
|
|
5
5
|
class TokenValidator
|
|
6
6
|
DEFAULT_CONFIGURATION = {
|
|
7
|
-
'expiry'
|
|
7
|
+
'expiry' => 604800 #a days worth of seconds
|
|
8
8
|
} unless defined? DEFAULT_CONFIGURATION; DEFAULT_CONFIGURATION.freeze
|
|
9
9
|
|
|
10
10
|
def initialize(configuration)
|
|
@@ -14,21 +14,45 @@ module SoarAuthenticationToken
|
|
|
14
14
|
@public_key.private_key = nil
|
|
15
15
|
end
|
|
16
16
|
|
|
17
|
+
def inject_store_provider(store_provider)
|
|
18
|
+
@store_provider = store_provider
|
|
19
|
+
end
|
|
20
|
+
|
|
17
21
|
def validate(authentication_token:,flow_identifier: nil)
|
|
18
22
|
return validate_locally(authentication_token) if 'local' == @configuration['mode']
|
|
19
23
|
return validate_remotely(authentication_token,flow_identifier)
|
|
20
24
|
end
|
|
21
25
|
|
|
26
|
+
def token(authentication_token:,flow_identifier: nil)
|
|
27
|
+
return validate_locally(authentication_token) if 'local' == @configuration['mode']
|
|
28
|
+
return validate_remotely(authentication_token,flow_identifier)
|
|
29
|
+
end
|
|
30
|
+
|
|
22
31
|
private
|
|
23
32
|
|
|
24
33
|
def validate_locally(authentication_token)
|
|
25
|
-
|
|
26
|
-
return [false, nil] if
|
|
27
|
-
[
|
|
34
|
+
meta = token_meta(authentication_token)
|
|
35
|
+
return [false, nil] if token_expired?(meta)
|
|
36
|
+
return [false, nil] if token_exist_in_store?(meta)
|
|
37
|
+
[true, meta]
|
|
28
38
|
rescue JWT::VerificationError, JWT::DecodeError
|
|
29
39
|
[false, nil]
|
|
30
40
|
end
|
|
31
41
|
|
|
42
|
+
def token_meta(authentication_token)
|
|
43
|
+
decoded_token_payload = decode(authentication_token)
|
|
44
|
+
{
|
|
45
|
+
'authenticated_identifier' => decoded_token_payload[0]['authenticated_identifier'],
|
|
46
|
+
'token_issue_time' => decoded_token_payload[0]['token_issue_time'],
|
|
47
|
+
'token_expiry_time' => decoded_token_payload[0]['token_expiry_time'],
|
|
48
|
+
'token_age' => token_age(decoded_token_payload[0]['token_issue_time'])
|
|
49
|
+
}
|
|
50
|
+
end
|
|
51
|
+
|
|
52
|
+
def token_age(token_issue_time)
|
|
53
|
+
Time.now - Time.parse(token_issue_time)
|
|
54
|
+
end
|
|
55
|
+
|
|
32
56
|
def validate_remotely(authentication_token,flow_identifier)
|
|
33
57
|
uri = URI.parse(@configuration['validator-url'])
|
|
34
58
|
|
|
@@ -75,8 +99,16 @@ module SoarAuthenticationToken
|
|
|
75
99
|
JWT.decode(authentication_token, @public_key, true, { :algorithm => 'ES512' })
|
|
76
100
|
end
|
|
77
101
|
|
|
78
|
-
def
|
|
79
|
-
|
|
102
|
+
def token_expired?(meta)
|
|
103
|
+
Time.parse(meta['token_expiry_time']) < Time.now
|
|
104
|
+
end
|
|
105
|
+
|
|
106
|
+
def token_exist_in_store?(meta)
|
|
107
|
+
@store_provider.token_exist?(
|
|
108
|
+
token_identifier: meta['token_identifier'],
|
|
109
|
+
authenticated_identifier: meta['authenticated_identifier'],
|
|
110
|
+
token_issue_time: meta['token_issue_time'],
|
|
111
|
+
token_expiry_time: meta['token_expiry_time'])
|
|
80
112
|
end
|
|
81
113
|
end
|
|
82
114
|
end
|
|
@@ -22,6 +22,7 @@ Gem::Specification.new do |spec|
|
|
|
22
22
|
spec.add_dependency 'soar_xt', '~> 0.0.3'
|
|
23
23
|
spec.add_dependency 'jwt', '~> 1.5', '>= 1.5.6'
|
|
24
24
|
spec.add_dependency "rack", '~> 1.6', '>= 1.6.4'
|
|
25
|
+
spec.add_dependency 'auth_token_store_provider', '~> 1.0.0'
|
|
25
26
|
|
|
26
27
|
spec.add_development_dependency 'pry', '~> 0'
|
|
27
28
|
spec.add_development_dependency 'bundler', '~> 1.3'
|
|
@@ -5,7 +5,17 @@ require 'rack/test'
|
|
|
5
5
|
describe SoarAuthenticationToken::RackMiddleware do
|
|
6
6
|
include Rack::Test::Methods
|
|
7
7
|
|
|
8
|
-
def
|
|
8
|
+
def create_valid_token_generator
|
|
9
|
+
keypair_generator = SoarAuthenticationToken::KeypairGenerator.new
|
|
10
|
+
private_key, public_key = keypair_generator.generate
|
|
11
|
+
configuration = {
|
|
12
|
+
'mode' => 'remote',
|
|
13
|
+
'generator-url' => 'http://authentication-token-generator-service:9393/generate'
|
|
14
|
+
}
|
|
15
|
+
[ SoarAuthenticationToken::TokenGenerator.new(configuration), private_key, public_key ]
|
|
16
|
+
end
|
|
17
|
+
|
|
18
|
+
def create_invalid_token_generator
|
|
9
19
|
keypair_generator = SoarAuthenticationToken::KeypairGenerator.new
|
|
10
20
|
private_key, public_key = keypair_generator.generate
|
|
11
21
|
configuration = {
|
|
@@ -17,8 +27,8 @@ describe SoarAuthenticationToken::RackMiddleware do
|
|
|
17
27
|
end
|
|
18
28
|
|
|
19
29
|
before :all do
|
|
20
|
-
@local_valid_generator, @valid_private_key, @valid_public_key =
|
|
21
|
-
@local_invalid_generator, @imvalid_private_key, @invalid_public_key =
|
|
30
|
+
@local_valid_generator, @valid_private_key, @valid_public_key = create_valid_token_generator
|
|
31
|
+
@local_invalid_generator, @imvalid_private_key, @invalid_public_key = create_invalid_token_generator
|
|
22
32
|
end
|
|
23
33
|
|
|
24
34
|
before :each do
|
|
@@ -27,7 +37,11 @@ describe SoarAuthenticationToken::RackMiddleware do
|
|
|
27
37
|
session = request.session
|
|
28
38
|
[200, {"Content-Type"=>"text/html"}, ["tested with authenticated user #{session['user']}"] ]
|
|
29
39
|
end
|
|
30
|
-
@iut_configuration = {
|
|
40
|
+
@iut_configuration = {
|
|
41
|
+
'mode' => 'remote',
|
|
42
|
+
'generator-url' => 'http://authentication-token-generator-service:9393/generate',
|
|
43
|
+
'validator-url' => 'http://authentication-token-validator-service:9393/validate'
|
|
44
|
+
}
|
|
31
45
|
@iut = SoarAuthenticationToken::RackMiddleware.new(@test_app, @iut_configuration)
|
|
32
46
|
end
|
|
33
47
|
|
data/spec/spec_helper.rb
CHANGED
|
@@ -21,6 +21,8 @@ describe SoarAuthenticationToken::TokenGenerator do
|
|
|
21
21
|
'generator-url' => 'http://authentication-token-generator-service:9393/generate',
|
|
22
22
|
'validator-url' => 'http://authentication-token-validator-service:9393/validate'
|
|
23
23
|
}
|
|
24
|
+
|
|
25
|
+
@test_store = AuthTokenStoreProvider::StubClient.new
|
|
24
26
|
end
|
|
25
27
|
|
|
26
28
|
after :each do
|
|
@@ -34,29 +36,33 @@ describe SoarAuthenticationToken::TokenGenerator do
|
|
|
34
36
|
end
|
|
35
37
|
|
|
36
38
|
context "when generating a new token locally" do
|
|
37
|
-
it 'should
|
|
39
|
+
it 'should generate the token locally using configured private key' do
|
|
38
40
|
@iut = SoarAuthenticationToken::TokenGenerator.new(@generator_configuration_local)
|
|
41
|
+
@iut.inject_store_provider(@test_store)
|
|
39
42
|
@validator = SoarAuthenticationToken::TokenValidator.new(@validator_configuration_local)
|
|
43
|
+
@validator.inject_store_provider(@test_store)
|
|
40
44
|
|
|
41
45
|
token = @iut.generate(authenticated_identifier: @test_authenticated_identifier, flow_identifier: 'test-flow-id')
|
|
42
|
-
token_validity,
|
|
46
|
+
token_validity, token_meta = @validator.validate(authentication_token: token, flow_identifier: 'test-flow-id')
|
|
43
47
|
|
|
44
48
|
expect(token_validity).to eq(true)
|
|
45
|
-
expect(
|
|
49
|
+
expect(token_meta['authenticated_identifier']).to eq(@test_authenticated_identifier)
|
|
46
50
|
end
|
|
47
51
|
end
|
|
48
52
|
|
|
49
53
|
context "when generating a new token remotely" do
|
|
50
|
-
it 'should
|
|
54
|
+
it 'should request the token from the configured remote service' do
|
|
51
55
|
@iut = SoarAuthenticationToken::TokenGenerator.new(@configuration_remote)
|
|
56
|
+
@iut.inject_store_provider(@test_store)
|
|
52
57
|
|
|
53
58
|
token = @iut.generate(authenticated_identifier: @test_authenticated_identifier, flow_identifier: 'test-flow-id')
|
|
54
59
|
|
|
55
60
|
@validator = SoarAuthenticationToken::TokenValidator.new(@configuration_remote)
|
|
56
|
-
|
|
61
|
+
@iut.inject_store_provider(@test_store)
|
|
62
|
+
token_validity, token_meta = @validator.validate(authentication_token: token, flow_identifier: 'test-flow-id')
|
|
57
63
|
|
|
58
64
|
expect(token_validity).to eq(true)
|
|
59
|
-
expect(
|
|
65
|
+
expect(token_meta['authenticated_identifier']).to eq(@test_authenticated_identifier)
|
|
60
66
|
end
|
|
61
67
|
end
|
|
62
68
|
end
|
|
@@ -3,6 +3,7 @@ require 'yaml'
|
|
|
3
3
|
|
|
4
4
|
describe SoarAuthenticationToken::TokenValidator do
|
|
5
5
|
before :all do
|
|
6
|
+
@test_store = AuthTokenStoreProvider::StubClient.new
|
|
6
7
|
keypair_generator = SoarAuthenticationToken::KeypairGenerator.new
|
|
7
8
|
@valid_private_key, @valid_public_key = keypair_generator.generate
|
|
8
9
|
@invalid_private_key, @invalid_public_key = keypair_generator.generate
|
|
@@ -28,12 +29,15 @@ describe SoarAuthenticationToken::TokenValidator do
|
|
|
28
29
|
'validator-url' => 'http://authentication-token-validator-service:9393/validate'
|
|
29
30
|
}
|
|
30
31
|
@local_valid_generator = SoarAuthenticationToken::TokenGenerator.new(@local_valid_generator_configuration)
|
|
32
|
+
@local_valid_generator.inject_store_provider(@test_store)
|
|
31
33
|
@local_invalid_generator = SoarAuthenticationToken::TokenGenerator.new(@local_invalid_generator_configuration)
|
|
34
|
+
@local_invalid_generator.inject_store_provider(@test_store)
|
|
32
35
|
@remote_generator = SoarAuthenticationToken::TokenGenerator.new(@remote_generator_configuration)
|
|
33
36
|
end
|
|
34
37
|
|
|
35
38
|
before :each do
|
|
36
39
|
@iut_local = SoarAuthenticationToken::TokenValidator.new(@local_validator_configuration)
|
|
40
|
+
@iut_local.inject_store_provider(@test_store)
|
|
37
41
|
@iut_remote = SoarAuthenticationToken::TokenValidator.new(@remote_validator_configuration)
|
|
38
42
|
end
|
|
39
43
|
|
|
@@ -47,26 +51,26 @@ describe SoarAuthenticationToken::TokenValidator do
|
|
|
47
51
|
context "when validating a token locally using the configured public key" do
|
|
48
52
|
it 'should indicate valid if the token is valid' do
|
|
49
53
|
token = @local_valid_generator.generate(authenticated_identifier: @test_identifier)
|
|
50
|
-
token_validity,
|
|
54
|
+
token_validity, token_meta = @iut_local.validate(authentication_token: token)
|
|
51
55
|
expect(token_validity).to eq true
|
|
52
56
|
end
|
|
53
57
|
|
|
54
58
|
it 'should indicate invalid if the token is invalid' do
|
|
55
59
|
token = @local_invalid_generator.generate(authenticated_identifier: @test_identifier)
|
|
56
|
-
token_validity,
|
|
60
|
+
token_validity, token_meta = @iut_local.validate(authentication_token: token)
|
|
57
61
|
expect(token_validity).to eq false
|
|
58
62
|
end
|
|
59
63
|
|
|
60
64
|
it 'should provide the authenticated_identifier if the token is valid' do
|
|
61
65
|
token = @local_valid_generator.generate(authenticated_identifier: @test_identifier)
|
|
62
|
-
token_validity,
|
|
63
|
-
expect(
|
|
66
|
+
token_validity, token_meta = @iut_local.validate(authentication_token: token)
|
|
67
|
+
expect(token_meta['authenticated_identifier']).to eq @test_identifier
|
|
64
68
|
end
|
|
65
69
|
|
|
66
70
|
it 'should not provide the authenticated_identifier if the token is invalid' do
|
|
67
71
|
token = @local_invalid_generator.generate(authenticated_identifier: @test_identifier)
|
|
68
|
-
token_validity,
|
|
69
|
-
expect(
|
|
72
|
+
token_validity, token_meta = @iut_local.validate(authentication_token: token)
|
|
73
|
+
expect(token_meta).to eq nil
|
|
70
74
|
end
|
|
71
75
|
|
|
72
76
|
it 'should indicate as invalid tokens that are older than the configured expiry time' do
|
|
@@ -83,26 +87,26 @@ describe SoarAuthenticationToken::TokenValidator do
|
|
|
83
87
|
context "when validating a token remotely using the configured url" do
|
|
84
88
|
it 'should indicate valid if the token is valid' do
|
|
85
89
|
token = @remote_generator.generate(authenticated_identifier: @test_identifier)
|
|
86
|
-
token_validity,
|
|
90
|
+
token_validity, token_meta = @iut_remote.validate(authentication_token: token)
|
|
87
91
|
expect(token_validity).to eq true
|
|
88
92
|
end
|
|
89
93
|
|
|
90
94
|
it 'should indicate invalid if the token is invalid' do
|
|
91
95
|
token = @local_invalid_generator.generate(authenticated_identifier: @test_identifier)
|
|
92
|
-
token_validity,
|
|
96
|
+
token_validity, token_meta = @iut_remote.validate(authentication_token: token)
|
|
93
97
|
expect(token_validity).to eq false
|
|
94
98
|
end
|
|
95
99
|
|
|
96
100
|
it 'should provide the authenticated_identifier if the token is valid' do
|
|
97
101
|
token = @remote_generator.generate(authenticated_identifier: @test_identifier)
|
|
98
|
-
token_validity,
|
|
99
|
-
expect(
|
|
102
|
+
token_validity, token_meta = @iut_remote.validate(authentication_token: token)
|
|
103
|
+
expect(token_meta['authenticated_identifier']).to eq @test_identifier
|
|
100
104
|
end
|
|
101
105
|
|
|
102
106
|
it 'should not provide the authenticated_identifier if the token is invalid' do
|
|
103
107
|
token = @local_invalid_generator.generate(authenticated_identifier: @test_identifier)
|
|
104
|
-
token_validity,
|
|
105
|
-
expect(
|
|
108
|
+
token_validity, token_meta = @iut_remote.validate(authentication_token: token)
|
|
109
|
+
expect(token_meta).to eq nil
|
|
106
110
|
end
|
|
107
111
|
|
|
108
112
|
it 'should indicate as invalid tokens that are older than the configured expiry time' do
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: soar_authentication_token
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version:
|
|
4
|
+
version: 1.0.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Barney de Villiers
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2017-01-13 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: soar_xt
|
|
@@ -64,6 +64,20 @@ dependencies:
|
|
|
64
64
|
- - ">="
|
|
65
65
|
- !ruby/object:Gem::Version
|
|
66
66
|
version: 1.6.4
|
|
67
|
+
- !ruby/object:Gem::Dependency
|
|
68
|
+
name: auth_token_store_provider
|
|
69
|
+
requirement: !ruby/object:Gem::Requirement
|
|
70
|
+
requirements:
|
|
71
|
+
- - "~>"
|
|
72
|
+
- !ruby/object:Gem::Version
|
|
73
|
+
version: 1.0.0
|
|
74
|
+
type: :runtime
|
|
75
|
+
prerelease: false
|
|
76
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
77
|
+
requirements:
|
|
78
|
+
- - "~>"
|
|
79
|
+
- !ruby/object:Gem::Version
|
|
80
|
+
version: 1.0.0
|
|
67
81
|
- !ruby/object:Gem::Dependency
|
|
68
82
|
name: pry
|
|
69
83
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -151,6 +165,7 @@ extensions: []
|
|
|
151
165
|
extra_rdoc_files: []
|
|
152
166
|
files:
|
|
153
167
|
- ".gitignore"
|
|
168
|
+
- ".gitmodules"
|
|
154
169
|
- ".rspec"
|
|
155
170
|
- ".ruby-gemset"
|
|
156
171
|
- ".ruby-version"
|