soar_authentication_token 7.1.0 → 7.1.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 58850a72e1a3c5fe0107e4bc280d25c684f43260
4
- data.tar.gz: cc47f0966708e41466006e714121ba2a805a7e4f
3
+ metadata.gz: c2b4f619d0d797e93284b3304502fd1276682f36
4
+ data.tar.gz: fff0d61305cd10caa846cfd3ec1e6feeca88e075
5
5
  SHA512:
6
- metadata.gz: 0b530bcb686e727168d0df91959a6ce8616940e911b31e88b89e2ae06d0ed0a1f576c767e1cf378efaf20064c91c16415ce6e856da031ce2f063ace3a386ce18
7
- data.tar.gz: 3346dbc4a4b46c05a3b7a7992b6111dde5152b154bc17bcb48f8d91a3bf420d813eded7c186718da20f5c7dd1cbc9554fa16f318ee11e992fb440ed6897324a0
6
+ metadata.gz: 8c06b734c3fb22365d3085f6922faa9f004abe98be2b9c57ae02a77a56fe50ecb3d18e44a44543fef791e3bb41132c21e7087df7d1b3b4b72cffd677e474d19d
7
+ data.tar.gz: 44a8975ee1e0d70484b05a09725dc4fa11b06bfec4d683813d3564bf9049c0780aadeda39a51669691b591ee0cbce2bb468d3be397b3251f51691545c6a11524
@@ -13,12 +13,9 @@ module SoarAuthenticationToken
13
13
  private
14
14
  def fetch_by_cookie(request)
15
15
  return false unless request.env.has_key?('HTTP_COOKIE')
16
+ return false unless request.cookies.has_key?(@configuration['cookie_name'])
16
17
 
17
- cookies = HTTP::CookieJar.new.parse(request.env['HTTP_COOKIE'], 'http://irrelevant')
18
- auth_cookie = cookies.find { |cookie| cookie.name == @configuration['cookie_name'] }
19
- return false unless auth_cookie.is_a?(HTTP::Cookie)
20
-
21
- auth_cookie.value
18
+ request.cookies[@configuration['cookie_name']]
22
19
  end
23
20
 
24
21
  def fetch_by_auth_header(request)
@@ -9,12 +9,9 @@ module SoarAuthenticationToken
9
9
 
10
10
  def fetch(request)
11
11
  return false unless request.env.has_key?('HTTP_COOKIE')
12
+ return false unless request.cookies.has_key?(@configuration['cookie_name'])
12
13
 
13
- cookies = HTTP::CookieJar.new.parse(request.env['HTTP_COOKIE'], 'http://irrelevant')
14
- auth_cookie = cookies.find { |cookie| cookie.name == @configuration['cookie_name'] }
15
- return false unless auth_cookie.is_a?(HTTP::Cookie)
16
-
17
- auth_cookie.value
14
+ request.cookies[@configuration['cookie_name']]
18
15
  end
19
16
 
20
17
  def validate_configuration
@@ -1,3 +1,3 @@
1
1
  module SoarAuthenticationToken
2
- VERSION = '7.1.0'
2
+ VERSION = '7.1.1'
3
3
  end
@@ -0,0 +1,13 @@
1
+ require 'spec_helper'
2
+ require 'rack'
3
+ require 'rack/test'
4
+ require 'webmock/rspec'
5
+ require_relative 'shared/authentication_provider'
6
+
7
+ describe 'Authorization Header provider' do
8
+ let(:auth_provider) {
9
+ 'SoarAuthenticationToken::AuthorizationHeaderProvider'
10
+ }
11
+
12
+ it_behaves_like "an authentication provider"
13
+ end
@@ -0,0 +1,13 @@
1
+ require 'spec_helper'
2
+ require 'rack'
3
+ require 'rack/test'
4
+ require 'webmock/rspec'
5
+ require_relative 'shared/authentication_provider'
6
+
7
+ describe 'Cascade provider' do
8
+ let(:auth_provider) {
9
+ 'SoarAuthenticationToken::CascadeProvider'
10
+ }
11
+
12
+ it_behaves_like "an authentication provider"
13
+ end
@@ -0,0 +1,13 @@
1
+ require 'spec_helper'
2
+ require 'rack'
3
+ require 'rack/test'
4
+ require 'webmock/rspec'
5
+ require_relative 'shared/authentication_provider'
6
+
7
+ describe 'Cookie provider' do
8
+ let(:auth_provider) {
9
+ 'SoarAuthenticationToken::CookieProvider'
10
+ }
11
+
12
+ it_behaves_like "an authentication provider"
13
+ end
@@ -1,18 +1,19 @@
1
1
  require 'spec_helper'
2
- require 'rack'
3
- require 'rack/test'
4
- require 'webmock/rspec'
5
2
 
6
- describe SoarAuthenticationToken::RackMiddleware do
3
+ shared_examples_for "an authentication provider" do
7
4
  include Rack::Test::Methods
8
5
 
6
+ let(:version) {
7
+ SoarAuthenticationToken::VERSION
8
+ }
9
+
9
10
  def create_valid_token_generator
10
11
  keypair_generator = SoarAuthenticationToken::KeypairGenerator.new
11
12
  private_key, public_key = keypair_generator.generate
12
13
  configuration = {
13
- 'provider' => 'SoarAuthenticationToken::RemoteTokenGenerator',
14
- 'generator-url' => 'http://authentication-token-generator-service:9393/generate',
15
- 'generator-client-auth-token' => 'test_ecosystem_token_for_auth_token_aaapi_authenticator_service'
14
+ 'provider' => 'SoarAuthenticationToken::RemoteTokenGenerator',
15
+ 'generator-url' => 'http://authentication-token-generator-service:9393/generate',
16
+ 'generator-client-auth-token' => 'test_ecosystem_token_for_auth_token_aaapi_authenticator_service'
16
17
  }
17
18
  generator = SoarAuthenticationToken::TokenGenerator.new(configuration)
18
19
  generator.inject_store_provider(get_store)
@@ -23,9 +24,9 @@ describe SoarAuthenticationToken::RackMiddleware do
23
24
  keypair_generator = SoarAuthenticationToken::KeypairGenerator.new
24
25
  private_key, public_key = keypair_generator.generate
25
26
  configuration = {
26
- 'provider' => 'SoarAuthenticationToken::JwtTokenGenerator',
27
- 'private_key' => private_key,
28
- 'public_key' => public_key
27
+ 'provider' => 'SoarAuthenticationToken::JwtTokenGenerator',
28
+ 'private_key' => private_key,
29
+ 'public_key' => public_key
29
30
  }
30
31
  generator = SoarAuthenticationToken::TokenGenerator.new(configuration)
31
32
  generator.inject_store_provider(get_store)
@@ -41,9 +42,9 @@ describe SoarAuthenticationToken::RackMiddleware do
41
42
  @local_valid_generator, @valid_private_key, @valid_public_key = create_valid_token_generator
42
43
  @local_invalid_generator, @invalid_private_key, @invalid_public_key = create_invalid_token_generator
43
44
  @failure_response_json = [ { 'status' => 'fail', 'data' => {
44
- 'notifications' => ['Not authenticated']
45
- }
46
- }.to_json ]
45
+ 'notifications' => ['Not authenticated']
46
+ }
47
+ }.to_json ]
47
48
  end
48
49
 
49
50
  before :each do
@@ -51,19 +52,20 @@ describe SoarAuthenticationToken::RackMiddleware do
51
52
  request = Rack::Request.new env
52
53
  session = request.session
53
54
  test_app_response_data = {
54
- 'message' => "tested with authenticated user #{session['user']}",
55
- 'user' => session['user'],
56
- 'auth_token_meta' => session['auth_token_meta']
55
+ 'message' => "tested with authenticated user #{session['user']}",
56
+ 'user' => session['user'],
57
+ 'auth_token_meta' => session['auth_token_meta']
57
58
  }
58
59
  [200, {"Content-Type" => "application/json"}, test_app_response_data ]
59
60
  end
60
61
  @iut_configuration = {
61
- 'provider' => 'SoarAuthenticationToken::RemoteTokenValidator',
62
- 'validator-url' => 'http://authentication-token-validator-service:9393/validate',
63
- 'authentication_token' => {
64
- 'provider' => 'SoarAuthenticationToken::AuthorizationHeaderProvider',
65
- 'header_name' => 'HTTP_AUTHORIZATION'
66
- }
62
+ 'provider' => 'SoarAuthenticationToken::RemoteTokenValidator',
63
+ 'validator-url' => 'http://authentication-token-validator-service:9393/validate',
64
+ 'authentication_token' => {
65
+ 'provider' => auth_provider,
66
+ 'header_name' => 'HTTP_AUTHORIZATION',
67
+ 'cookie_name' => 'kh2.auth'
68
+ }
67
69
  }
68
70
  @iut = SoarAuthenticationToken::RackMiddleware.new(@test_app, @iut_configuration, "test-service", nil)
69
71
  end
@@ -87,9 +89,9 @@ describe SoarAuthenticationToken::RackMiddleware do
87
89
  it "return with 401" do
88
90
  stub_response_body = {'status' => 'success', 'data' => { 'token_validity' => false, 'token_meta' => nil, 'notifications' => ['none'] }}.to_json
89
91
  stub_request(:post, "http://authentication-token-validator-service:9393/validate?flow_identifier").
90
- with(body: "{\"authentication_token\":null,\"request_information\":{\"source_address\":\"1.1.1.1\",\"user_agent\":null,\"service\":\"test-service\",\"resource\":\"/\",\"method\":\"GET\",\"base_url\":\"http://service\",\"version\":\"7.0.0\"}}",
91
- headers: {'Accept'=>'*/*', 'Accept-Encoding'=>'gzip;q=1.0,deflate;q=0.6,identity;q=0.3', 'User-Agent'=>'Ruby'}).
92
- to_return(status: 200, body: stub_response_body, headers: {})
92
+ with(body: "{\"authentication_token\":null,\"request_information\":{\"source_address\":\"1.1.1.1\",\"user_agent\":null,\"service\":\"test-service\",\"resource\":\"/\",\"method\":\"GET\",\"base_url\":\"http://service\",\"version\":\"#{version}\"}}",
93
+ headers: {'Accept'=>'*/*', 'Accept-Encoding'=>'gzip;q=1.0,deflate;q=0.6,identity;q=0.3', 'User-Agent'=>'Ruby'}).
94
+ to_return(status: 200, body: stub_response_body, headers: {})
93
95
 
94
96
  opts = { 'REMOTE_ADDR' => '1.1.1.1', 'HTTP_AUTHORIZATION' => nil }
95
97
  code, env, body = @iut.call Rack::MockRequest.env_for('http://service', opts)
@@ -101,9 +103,9 @@ describe SoarAuthenticationToken::RackMiddleware do
101
103
  it "return with 401" do
102
104
  stub_response_body = {'status' => 'success', 'data' => { 'token_validity' => false, 'token_meta' => nil, 'notifications' => ['none'] }}.to_json
103
105
  stub_request(:post, "http://authentication-token-validator-service:9393/validate?flow_identifier").
104
- with(body: "{\"authentication_token\":\"bad_token\",\"request_information\":{\"source_address\":\"1.1.1.1\",\"user_agent\":null,\"service\":\"test-service\",\"resource\":\"/\",\"method\":\"GET\",\"base_url\":\"http://service\",\"version\":\"7.0.0\"}}",
105
- headers: {'Accept'=>'*/*', 'Accept-Encoding'=>'gzip;q=1.0,deflate;q=0.6,identity;q=0.3', 'User-Agent'=>'Ruby'}).
106
- to_return(status: 200, body: stub_response_body, headers: {})
106
+ with(body: "{\"authentication_token\":\"bad_token\",\"request_information\":{\"source_address\":\"1.1.1.1\",\"user_agent\":null,\"service\":\"test-service\",\"resource\":\"/\",\"method\":\"GET\",\"base_url\":\"http://service\",\"version\":\"#{version}\"}}",
107
+ headers: {'Accept'=>'*/*', 'Accept-Encoding'=>'gzip;q=1.0,deflate;q=0.6,identity;q=0.3', 'User-Agent'=>'Ruby'}).
108
+ to_return(status: 200, body: stub_response_body, headers: {})
107
109
 
108
110
  opts = { 'REMOTE_ADDR' => '1.1.1.1', 'HTTP_AUTHORIZATION' => 'bad_token' }
109
111
  code, env, body = @iut.call Rack::MockRequest.env_for('http://service', opts)
@@ -113,11 +115,12 @@ describe SoarAuthenticationToken::RackMiddleware do
113
115
 
114
116
  context 'with a valid authentiation token' do
115
117
  it "pass requests to the application" do
118
+ skip if auth_provider == 'SoarAuthenticationToken::CookieProvider'
116
119
  stub_response_body = {'status' => 'success', 'data' => { 'token_validity' => true, 'token_meta' => { 'authenticated_identifier' => 'a@b.com' }, 'notifications' => ['none'] }}.to_json
117
120
  stub_request(:post, "http://authentication-token-validator-service:9393/validate?flow_identifier").
118
- with(body: "{\"authentication_token\":\"valid_token\",\"request_information\":{\"source_address\":\"1.1.1.1\",\"user_agent\":null,\"service\":\"test-service\",\"resource\":\"/\",\"method\":\"GET\",\"base_url\":\"http://service\",\"version\":\"7.0.0\"}}",
119
- headers: {'Accept'=>'*/*', 'Accept-Encoding'=>'gzip;q=1.0,deflate;q=0.6,identity;q=0.3', 'User-Agent'=>'Ruby'}).
120
- to_return(status: 200, body: stub_response_body, headers: {})
121
+ with(body: "{\"authentication_token\":\"valid_token\",\"request_information\":{\"source_address\":\"1.1.1.1\",\"user_agent\":null,\"service\":\"test-service\",\"resource\":\"/\",\"method\":\"GET\",\"base_url\":\"http://service\",\"version\":\"#{version}\"}}",
122
+ headers: {'Accept'=>'*/*', 'Accept-Encoding'=>'gzip;q=1.0,deflate;q=0.6,identity;q=0.3', 'User-Agent'=>'Ruby'}).
123
+ to_return(status: 200, body: stub_response_body, headers: {})
121
124
 
122
125
  opts = { 'REMOTE_ADDR' => '1.1.1.1', 'HTTP_AUTHORIZATION' => 'valid_token' }
123
126
  code, env, body = @iut.call Rack::MockRequest.env_for('http://service', opts)
@@ -125,11 +128,12 @@ describe SoarAuthenticationToken::RackMiddleware do
125
128
  end
126
129
 
127
130
  it "populate the 'user' key in the rack session with the authenticated user" do
131
+ skip if auth_provider == 'SoarAuthenticationToken::CookieProvider'
128
132
  stub_response_body = {'status' => 'success', 'data' => { 'token_validity' => true, 'token_meta' => { 'authenticated_identifier' => 'a@b.com' }, 'notifications' => ['none'] }}.to_json
129
133
  stub_request(:post, "http://authentication-token-validator-service:9393/validate?flow_identifier").
130
- with(body: "{\"authentication_token\":\"valid_token\",\"request_information\":{\"source_address\":\"1.1.1.1\",\"user_agent\":null,\"service\":\"test-service\",\"resource\":\"/\",\"method\":\"GET\",\"base_url\":\"http://service\",\"version\":\"7.0.0\"}}",
131
- headers: {'Accept'=>'*/*', 'Accept-Encoding'=>'gzip;q=1.0,deflate;q=0.6,identity;q=0.3', 'User-Agent'=>'Ruby'}).
132
- to_return(status: 200, body: stub_response_body, headers: {})
134
+ with(body: "{\"authentication_token\":\"valid_token\",\"request_information\":{\"source_address\":\"1.1.1.1\",\"user_agent\":null,\"service\":\"test-service\",\"resource\":\"/\",\"method\":\"GET\",\"base_url\":\"http://service\",\"version\":\"#{version}\"}}",
135
+ headers: {'Accept'=>'*/*', 'Accept-Encoding'=>'gzip;q=1.0,deflate;q=0.6,identity;q=0.3', 'User-Agent'=>'Ruby'}).
136
+ to_return(status: 200, body: stub_response_body, headers: {})
133
137
 
134
138
  opts = { 'REMOTE_ADDR' => '1.1.1.1', 'HTTP_AUTHORIZATION' => 'valid_token' }
135
139
  code, env, body = @iut.call Rack::MockRequest.env_for('http://service', opts)
@@ -137,11 +141,13 @@ describe SoarAuthenticationToken::RackMiddleware do
137
141
  end
138
142
 
139
143
  it "populate the 'auth_token_meta' key in the rack session with the hash containing the token meta" do
144
+ skip if auth_provider == 'SoarAuthenticationToken::CookieProvider'
145
+
140
146
  stub_response_body = {'status' => 'success', 'data' => { 'token_validity' => true, 'token_meta' => { 'authenticated_identifier' => 'a@b.com' }, 'notifications' => ['none'] }}.to_json
141
147
  stub_request(:post, "http://authentication-token-validator-service:9393/validate?flow_identifier").
142
- with(body: "{\"authentication_token\":\"valid_token\",\"request_information\":{\"source_address\":\"1.1.1.1\",\"user_agent\":null,\"service\":\"test-service\",\"resource\":\"/\",\"method\":\"GET\",\"base_url\":\"http://service\",\"version\":\"7.0.0\"}}",
143
- headers: {'Accept'=>'*/*', 'Accept-Encoding'=>'gzip;q=1.0,deflate;q=0.6,identity;q=0.3', 'User-Agent'=>'Ruby'}).
144
- to_return(status: 200, body: stub_response_body, headers: {})
148
+ with(body: "{\"authentication_token\":\"valid_token\",\"request_information\":{\"source_address\":\"1.1.1.1\",\"user_agent\":null,\"service\":\"test-service\",\"resource\":\"/\",\"method\":\"GET\",\"base_url\":\"http://service\",\"version\":\"#{version}\"}}",
149
+ headers: {'Accept'=>'*/*', 'Accept-Encoding'=>'gzip;q=1.0,deflate;q=0.6,identity;q=0.3', 'User-Agent'=>'Ruby'}).
150
+ to_return(status: 200, body: stub_response_body, headers: {})
145
151
 
146
152
  opts = { 'REMOTE_ADDR' => '1.1.1.1', 'HTTP_AUTHORIZATION' => 'valid_token' }
147
153
  code, env, body = @iut.call Rack::MockRequest.env_for('http://service', opts)
@@ -149,4 +155,4 @@ describe SoarAuthenticationToken::RackMiddleware do
149
155
  end
150
156
  end
151
157
  end
152
- end
158
+ end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: soar_authentication_token
3
3
  version: !ruby/object:Gem::Version
4
- version: 7.1.0
4
+ version: 7.1.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Barney de Villiers
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2017-09-20 00:00:00.000000000 Z
11
+ date: 2017-10-19 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: soar_xt
@@ -295,7 +295,10 @@ files:
295
295
  - spec/config_rotator_spec.rb
296
296
  - spec/jwt_token_validator_spec.rb
297
297
  - spec/keypair_generator_spec.rb
298
- - spec/rack_middleware/authorization_header_spec.rb
298
+ - spec/rack_middleware/authorization_header_provider_spec.rb
299
+ - spec/rack_middleware/cascade_provider_spec.rb
300
+ - spec/rack_middleware/cookie_provider_spec.rb
301
+ - spec/rack_middleware/shared/authentication_provider.rb
299
302
  - spec/remote_token_validator_spec.rb
300
303
  - spec/spec_helper.rb
301
304
  - spec/static_token_validator_spec.rb
@@ -321,7 +324,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
321
324
  version: '0'
322
325
  requirements: []
323
326
  rubyforge_project:
324
- rubygems_version: 2.6.13
327
+ rubygems_version: 2.5.1
325
328
  signing_key:
326
329
  specification_version: 4
327
330
  summary: Client library for Hetzner's authentication token service
@@ -329,7 +332,10 @@ test_files:
329
332
  - spec/config_rotator_spec.rb
330
333
  - spec/jwt_token_validator_spec.rb
331
334
  - spec/keypair_generator_spec.rb
332
- - spec/rack_middleware/authorization_header_spec.rb
335
+ - spec/rack_middleware/authorization_header_provider_spec.rb
336
+ - spec/rack_middleware/cascade_provider_spec.rb
337
+ - spec/rack_middleware/cookie_provider_spec.rb
338
+ - spec/rack_middleware/shared/authentication_provider.rb
333
339
  - spec/remote_token_validator_spec.rb
334
340
  - spec/spec_helper.rb
335
341
  - spec/static_token_validator_spec.rb