RubyGems - soar_authentication_token - Versions diffs - 7.1.0 → 7.1.1 - Mend

soar_authentication_token 7.1.0 → 7.1.1

Files changed (9) hide show

checksums.yaml CHANGED

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 58850a72e1a3c5fe0107e4bc280d25c684f43260
-  data.tar.gz: cc47f0966708e41466006e714121ba2a805a7e4f
+  metadata.gz: c2b4f619d0d797e93284b3304502fd1276682f36
+  data.tar.gz: fff0d61305cd10caa846cfd3ec1e6feeca88e075
 SHA512:
-  metadata.gz: 0b530bcb686e727168d0df91959a6ce8616940e911b31e88b89e2ae06d0ed0a1f576c767e1cf378efaf20064c91c16415ce6e856da031ce2f063ace3a386ce18
-  data.tar.gz: 3346dbc4a4b46c05a3b7a7992b6111dde5152b154bc17bcb48f8d91a3bf420d813eded7c186718da20f5c7dd1cbc9554fa16f318ee11e992fb440ed6897324a0
+  metadata.gz: 8c06b734c3fb22365d3085f6922faa9f004abe98be2b9c57ae02a77a56fe50ecb3d18e44a44543fef791e3bb41132c21e7087df7d1b3b4b72cffd677e474d19d
+  data.tar.gz: 44a8975ee1e0d70484b05a09725dc4fa11b06bfec4d683813d3564bf9049c0780aadeda39a51669691b591ee0cbce2bb468d3be397b3251f51691545c6a11524

data/lib/soar_authentication_token/providers/cascade_provider.rb CHANGED

@@ -13,12 +13,9 @@ module SoarAuthenticationToken
     private
     def fetch_by_cookie(request)
       return false unless request.env.has_key?('HTTP_COOKIE')
+      return false unless request.cookies.has_key?(@configuration['cookie_name'])
-      cookies = HTTP::CookieJar.new.parse(request.env['HTTP_COOKIE'], 'http://irrelevant')
-      auth_cookie = cookies.find { |cookie| cookie.name == @configuration['cookie_name'] }
-      return false unless auth_cookie.is_a?(HTTP::Cookie)
-      auth_cookie.value
+      request.cookies[@configuration['cookie_name']]
     end
     def fetch_by_auth_header(request)

data/lib/soar_authentication_token/providers/cookie_provider.rb CHANGED

@@ -9,12 +9,9 @@ module SoarAuthenticationToken
     def fetch(request)
       return false unless request.env.has_key?('HTTP_COOKIE')
+      return false unless request.cookies.has_key?(@configuration['cookie_name'])
-      cookies = HTTP::CookieJar.new.parse(request.env['HTTP_COOKIE'], 'http://irrelevant')
-      auth_cookie = cookies.find { |cookie| cookie.name == @configuration['cookie_name'] }
-      return false unless auth_cookie.is_a?(HTTP::Cookie)
-      auth_cookie.value
+      request.cookies[@configuration['cookie_name']]
     end
     def validate_configuration

data/lib/soar_authentication_token/version.rb CHANGED

@@ -1,3 +1,3 @@
 module SoarAuthenticationToken
-  VERSION = '7.1.0'
+  VERSION = '7.1.1'
 end

data/spec/rack_middleware/authorization_header_provider_spec.rb ADDED

@@ -0,0 +1,13 @@
+require 'spec_helper'
+require 'rack'
+require 'rack/test'
+require 'webmock/rspec'
+require_relative 'shared/authentication_provider'
+describe 'Authorization Header provider' do
+  let(:auth_provider) {
+    'SoarAuthenticationToken::AuthorizationHeaderProvider'
+  }
+  it_behaves_like "an authentication provider"
+end

data/spec/rack_middleware/cascade_provider_spec.rb ADDED

@@ -0,0 +1,13 @@
+require 'spec_helper'
+require 'rack'
+require 'rack/test'
+require 'webmock/rspec'
+require_relative 'shared/authentication_provider'
+describe 'Cascade provider' do
+  let(:auth_provider) {
+    'SoarAuthenticationToken::CascadeProvider'
+  }
+  it_behaves_like "an authentication provider"
+end

data/spec/rack_middleware/cookie_provider_spec.rb ADDED

@@ -0,0 +1,13 @@
+require 'spec_helper'
+require 'rack'
+require 'rack/test'
+require 'webmock/rspec'
+require_relative 'shared/authentication_provider'
+describe 'Cookie provider' do
+  let(:auth_provider) {
+    'SoarAuthenticationToken::CookieProvider'
+  }
+  it_behaves_like "an authentication provider"
+end

data/spec/rack_middleware/{authorization_header_spec.rb → shared/authentication_provider.rb} RENAMED

@@ -1,18 +1,19 @@
 require 'spec_helper'
-require 'rack'
-require 'rack/test'
-require 'webmock/rspec'
-describe SoarAuthenticationToken::RackMiddleware do
+shared_examples_for "an authentication provider" do
   include Rack::Test::Methods
+  let(:version) {
+    SoarAuthenticationToken::VERSION
+  }
   def create_valid_token_generator
     keypair_generator = SoarAuthenticationToken::KeypairGenerator.new
     private_key, public_key = keypair_generator.generate
     configuration = {
-      'provider' => 'SoarAuthenticationToken::RemoteTokenGenerator',
-      'generator-url' => 'http://authentication-token-generator-service:9393/generate',
-      'generator-client-auth-token' => 'test_ecosystem_token_for_auth_token_aaapi_authenticator_service'
+        'provider' => 'SoarAuthenticationToken::RemoteTokenGenerator',
+        'generator-url' => 'http://authentication-token-generator-service:9393/generate',
+        'generator-client-auth-token' => 'test_ecosystem_token_for_auth_token_aaapi_authenticator_service'
     }
     generator = SoarAuthenticationToken::TokenGenerator.new(configuration)
     generator.inject_store_provider(get_store)
@@ -23,9 +24,9 @@ describe SoarAuthenticationToken::RackMiddleware do
     keypair_generator = SoarAuthenticationToken::KeypairGenerator.new
     private_key, public_key = keypair_generator.generate
     configuration = {
-      'provider' => 'SoarAuthenticationToken::JwtTokenGenerator',
-      'private_key' => private_key,
-      'public_key' => public_key
+        'provider' => 'SoarAuthenticationToken::JwtTokenGenerator',
+        'private_key' => private_key,
+        'public_key' => public_key
     }
     generator = SoarAuthenticationToken::TokenGenerator.new(configuration)
     generator.inject_store_provider(get_store)
@@ -41,9 +42,9 @@ describe SoarAuthenticationToken::RackMiddleware do
     @local_valid_generator,   @valid_private_key,   @valid_public_key   = create_valid_token_generator
     @local_invalid_generator, @invalid_private_key, @invalid_public_key = create_invalid_token_generator
     @failure_response_json = [ { 'status' => 'fail', 'data' => {
-                                 'notifications' => ['Not authenticated']
-                               }
-                             }.to_json ]
+        'notifications' => ['Not authenticated']
+    }
+                               }.to_json ]
   end
   before :each do
@@ -51,19 +52,20 @@ describe SoarAuthenticationToken::RackMiddleware do
       request = Rack::Request.new env
       session = request.session
       test_app_response_data = {
-        'message' => "tested with authenticated user #{session['user']}",
-        'user' => session['user'],
-        'auth_token_meta' => session['auth_token_meta']
+          'message' => "tested with authenticated user #{session['user']}",
+          'user' => session['user'],
+          'auth_token_meta' => session['auth_token_meta']
       }
       [200, {"Content-Type" => "application/json"}, test_app_response_data ]
     end
     @iut_configuration = {
-      'provider' => 'SoarAuthenticationToken::RemoteTokenValidator',
-      'validator-url' => 'http://authentication-token-validator-service:9393/validate',
-      'authentication_token' => {
-          'provider' => 'SoarAuthenticationToken::AuthorizationHeaderProvider',
-          'header_name' => 'HTTP_AUTHORIZATION'
-      }
+        'provider' => 'SoarAuthenticationToken::RemoteTokenValidator',
+        'validator-url' => 'http://authentication-token-validator-service:9393/validate',
+        'authentication_token' => {
+            'provider' => auth_provider,
+            'header_name' => 'HTTP_AUTHORIZATION',
+            'cookie_name' => 'kh2.auth'
+        }
     }
     @iut = SoarAuthenticationToken::RackMiddleware.new(@test_app, @iut_configuration, "test-service", nil)
   end
@@ -87,9 +89,9 @@ describe SoarAuthenticationToken::RackMiddleware do
       it "return with 401" do
         stub_response_body = {'status' => 'success', 'data' => { 'token_validity' => false, 'token_meta' => nil, 'notifications' => ['none'] }}.to_json
         stub_request(:post, "http://authentication-token-validator-service:9393/validate?flow_identifier").
-         with(body: "{\"authentication_token\":null,\"request_information\":{\"source_address\":\"1.1.1.1\",\"user_agent\":null,\"service\":\"test-service\",\"resource\":\"/\",\"method\":\"GET\",\"base_url\":\"http://service\",\"version\":\"7.0.0\"}}",
-              headers: {'Accept'=>'*/*', 'Accept-Encoding'=>'gzip;q=1.0,deflate;q=0.6,identity;q=0.3', 'User-Agent'=>'Ruby'}).
-         to_return(status: 200, body: stub_response_body, headers: {})
+            with(body: "{\"authentication_token\":null,\"request_information\":{\"source_address\":\"1.1.1.1\",\"user_agent\":null,\"service\":\"test-service\",\"resource\":\"/\",\"method\":\"GET\",\"base_url\":\"http://service\",\"version\":\"#{version}\"}}",
+                 headers: {'Accept'=>'*/*', 'Accept-Encoding'=>'gzip;q=1.0,deflate;q=0.6,identity;q=0.3', 'User-Agent'=>'Ruby'}).
+            to_return(status: 200, body: stub_response_body, headers: {})
         opts = { 'REMOTE_ADDR' => '1.1.1.1', 'HTTP_AUTHORIZATION' => nil }
         code, env, body = @iut.call Rack::MockRequest.env_for('http://service', opts)
@@ -101,9 +103,9 @@ describe SoarAuthenticationToken::RackMiddleware do
       it "return with 401" do
         stub_response_body = {'status' => 'success', 'data' => { 'token_validity' => false, 'token_meta' => nil, 'notifications' => ['none'] }}.to_json
         stub_request(:post, "http://authentication-token-validator-service:9393/validate?flow_identifier").
-         with(body: "{\"authentication_token\":\"bad_token\",\"request_information\":{\"source_address\":\"1.1.1.1\",\"user_agent\":null,\"service\":\"test-service\",\"resource\":\"/\",\"method\":\"GET\",\"base_url\":\"http://service\",\"version\":\"7.0.0\"}}",
-              headers: {'Accept'=>'*/*', 'Accept-Encoding'=>'gzip;q=1.0,deflate;q=0.6,identity;q=0.3', 'User-Agent'=>'Ruby'}).
-         to_return(status: 200, body: stub_response_body, headers: {})
+            with(body: "{\"authentication_token\":\"bad_token\",\"request_information\":{\"source_address\":\"1.1.1.1\",\"user_agent\":null,\"service\":\"test-service\",\"resource\":\"/\",\"method\":\"GET\",\"base_url\":\"http://service\",\"version\":\"#{version}\"}}",
+                 headers: {'Accept'=>'*/*', 'Accept-Encoding'=>'gzip;q=1.0,deflate;q=0.6,identity;q=0.3', 'User-Agent'=>'Ruby'}).
+            to_return(status: 200, body: stub_response_body, headers: {})
         opts = { 'REMOTE_ADDR' => '1.1.1.1', 'HTTP_AUTHORIZATION' => 'bad_token' }
         code, env, body = @iut.call Rack::MockRequest.env_for('http://service', opts)
@@ -113,11 +115,12 @@ describe SoarAuthenticationToken::RackMiddleware do
     context 'with a valid authentiation token' do
       it "pass requests to the application" do
+        skip if auth_provider == 'SoarAuthenticationToken::CookieProvider'
         stub_response_body = {'status' => 'success', 'data' => { 'token_validity' => true, 'token_meta' => { 'authenticated_identifier' => 'a@b.com' }, 'notifications' => ['none'] }}.to_json
         stub_request(:post, "http://authentication-token-validator-service:9393/validate?flow_identifier").
-           with(body: "{\"authentication_token\":\"valid_token\",\"request_information\":{\"source_address\":\"1.1.1.1\",\"user_agent\":null,\"service\":\"test-service\",\"resource\":\"/\",\"method\":\"GET\",\"base_url\":\"http://service\",\"version\":\"7.0.0\"}}",
-                headers: {'Accept'=>'*/*', 'Accept-Encoding'=>'gzip;q=1.0,deflate;q=0.6,identity;q=0.3', 'User-Agent'=>'Ruby'}).
-           to_return(status: 200, body: stub_response_body, headers: {})
+            with(body: "{\"authentication_token\":\"valid_token\",\"request_information\":{\"source_address\":\"1.1.1.1\",\"user_agent\":null,\"service\":\"test-service\",\"resource\":\"/\",\"method\":\"GET\",\"base_url\":\"http://service\",\"version\":\"#{version}\"}}",
+                 headers: {'Accept'=>'*/*', 'Accept-Encoding'=>'gzip;q=1.0,deflate;q=0.6,identity;q=0.3', 'User-Agent'=>'Ruby'}).
+            to_return(status: 200, body: stub_response_body, headers: {})
         opts = { 'REMOTE_ADDR' => '1.1.1.1',  'HTTP_AUTHORIZATION' => 'valid_token' }
         code, env, body = @iut.call Rack::MockRequest.env_for('http://service', opts)
@@ -125,11 +128,12 @@ describe SoarAuthenticationToken::RackMiddleware do
       end
       it "populate the 'user' key in the rack session with the authenticated user" do
+        skip if auth_provider == 'SoarAuthenticationToken::CookieProvider'
         stub_response_body = {'status' => 'success', 'data' => { 'token_validity' => true, 'token_meta' => { 'authenticated_identifier' => 'a@b.com' }, 'notifications' => ['none'] }}.to_json
         stub_request(:post, "http://authentication-token-validator-service:9393/validate?flow_identifier").
-           with(body: "{\"authentication_token\":\"valid_token\",\"request_information\":{\"source_address\":\"1.1.1.1\",\"user_agent\":null,\"service\":\"test-service\",\"resource\":\"/\",\"method\":\"GET\",\"base_url\":\"http://service\",\"version\":\"7.0.0\"}}",
-                headers: {'Accept'=>'*/*', 'Accept-Encoding'=>'gzip;q=1.0,deflate;q=0.6,identity;q=0.3', 'User-Agent'=>'Ruby'}).
-           to_return(status: 200, body: stub_response_body, headers: {})
+            with(body: "{\"authentication_token\":\"valid_token\",\"request_information\":{\"source_address\":\"1.1.1.1\",\"user_agent\":null,\"service\":\"test-service\",\"resource\":\"/\",\"method\":\"GET\",\"base_url\":\"http://service\",\"version\":\"#{version}\"}}",
+                 headers: {'Accept'=>'*/*', 'Accept-Encoding'=>'gzip;q=1.0,deflate;q=0.6,identity;q=0.3', 'User-Agent'=>'Ruby'}).
+            to_return(status: 200, body: stub_response_body, headers: {})
         opts = { 'REMOTE_ADDR' => '1.1.1.1',  'HTTP_AUTHORIZATION' => 'valid_token' }
         code, env, body = @iut.call Rack::MockRequest.env_for('http://service', opts)
@@ -137,11 +141,13 @@ describe SoarAuthenticationToken::RackMiddleware do
       end
       it "populate the 'auth_token_meta' key in the rack session with the hash containing the token meta" do
+        skip if auth_provider == 'SoarAuthenticationToken::CookieProvider'
         stub_response_body = {'status' => 'success', 'data' => { 'token_validity' => true, 'token_meta' => { 'authenticated_identifier' => 'a@b.com' }, 'notifications' => ['none'] }}.to_json
         stub_request(:post, "http://authentication-token-validator-service:9393/validate?flow_identifier").
-           with(body: "{\"authentication_token\":\"valid_token\",\"request_information\":{\"source_address\":\"1.1.1.1\",\"user_agent\":null,\"service\":\"test-service\",\"resource\":\"/\",\"method\":\"GET\",\"base_url\":\"http://service\",\"version\":\"7.0.0\"}}",
-                headers: {'Accept'=>'*/*', 'Accept-Encoding'=>'gzip;q=1.0,deflate;q=0.6,identity;q=0.3', 'User-Agent'=>'Ruby'}).
-           to_return(status: 200, body: stub_response_body, headers: {})
+            with(body: "{\"authentication_token\":\"valid_token\",\"request_information\":{\"source_address\":\"1.1.1.1\",\"user_agent\":null,\"service\":\"test-service\",\"resource\":\"/\",\"method\":\"GET\",\"base_url\":\"http://service\",\"version\":\"#{version}\"}}",
+                 headers: {'Accept'=>'*/*', 'Accept-Encoding'=>'gzip;q=1.0,deflate;q=0.6,identity;q=0.3', 'User-Agent'=>'Ruby'}).
+            to_return(status: 200, body: stub_response_body, headers: {})
         opts = { 'REMOTE_ADDR' => '1.1.1.1',  'HTTP_AUTHORIZATION' => 'valid_token' }
         code, env, body = @iut.call Rack::MockRequest.env_for('http://service', opts)
@@ -149,4 +155,4 @@ describe SoarAuthenticationToken::RackMiddleware do
       end
     end
   end
-end
+end

metadata CHANGED

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: soar_authentication_token
 version: !ruby/object:Gem::Version
-  version: 7.1.0
+  version: 7.1.1
 platform: ruby
 authors:
 - Barney de Villiers
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2017-09-20 00:00:00.000000000 Z
+date: 2017-10-19 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: soar_xt
@@ -295,7 +295,10 @@ files:
 - spec/config_rotator_spec.rb
 - spec/jwt_token_validator_spec.rb
 - spec/keypair_generator_spec.rb
-- spec/rack_middleware/authorization_header_spec.rb
+- spec/rack_middleware/authorization_header_provider_spec.rb
+- spec/rack_middleware/cascade_provider_spec.rb
+- spec/rack_middleware/cookie_provider_spec.rb
+- spec/rack_middleware/shared/authentication_provider.rb
 - spec/remote_token_validator_spec.rb
 - spec/spec_helper.rb
 - spec/static_token_validator_spec.rb
@@ -321,7 +324,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project:
-rubygems_version: 2.6.13
+rubygems_version: 2.5.1
 signing_key:
 specification_version: 4
 summary: Client library for Hetzner's authentication token service
@@ -329,7 +332,10 @@ test_files:
 - spec/config_rotator_spec.rb
 - spec/jwt_token_validator_spec.rb
 - spec/keypair_generator_spec.rb
-- spec/rack_middleware/authorization_header_spec.rb
+- spec/rack_middleware/authorization_header_provider_spec.rb
+- spec/rack_middleware/cascade_provider_spec.rb
+- spec/rack_middleware/cookie_provider_spec.rb
+- spec/rack_middleware/shared/authentication_provider.rb
 - spec/remote_token_validator_spec.rb
 - spec/spec_helper.rb
 - spec/static_token_validator_spec.rb