soar_authentication_token 7.1.0 → 7.1.1

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 58850a72e1a3c5fe0107e4bc280d25c684f43260
4
- data.tar.gz: cc47f0966708e41466006e714121ba2a805a7e4f
3
+ metadata.gz: c2b4f619d0d797e93284b3304502fd1276682f36
4
+ data.tar.gz: fff0d61305cd10caa846cfd3ec1e6feeca88e075
5
5
  SHA512:
6
- metadata.gz: 0b530bcb686e727168d0df91959a6ce8616940e911b31e88b89e2ae06d0ed0a1f576c767e1cf378efaf20064c91c16415ce6e856da031ce2f063ace3a386ce18
7
- data.tar.gz: 3346dbc4a4b46c05a3b7a7992b6111dde5152b154bc17bcb48f8d91a3bf420d813eded7c186718da20f5c7dd1cbc9554fa16f318ee11e992fb440ed6897324a0
6
+ metadata.gz: 8c06b734c3fb22365d3085f6922faa9f004abe98be2b9c57ae02a77a56fe50ecb3d18e44a44543fef791e3bb41132c21e7087df7d1b3b4b72cffd677e474d19d
7
+ data.tar.gz: 44a8975ee1e0d70484b05a09725dc4fa11b06bfec4d683813d3564bf9049c0780aadeda39a51669691b591ee0cbce2bb468d3be397b3251f51691545c6a11524
@@ -13,12 +13,9 @@ module SoarAuthenticationToken
13
13
  private
14
14
  def fetch_by_cookie(request)
15
15
  return false unless request.env.has_key?('HTTP_COOKIE')
16
+ return false unless request.cookies.has_key?(@configuration['cookie_name'])
16
17
 
17
- cookies = HTTP::CookieJar.new.parse(request.env['HTTP_COOKIE'], 'http://irrelevant')
18
- auth_cookie = cookies.find { |cookie| cookie.name == @configuration['cookie_name'] }
19
- return false unless auth_cookie.is_a?(HTTP::Cookie)
20
-
21
- auth_cookie.value
18
+ request.cookies[@configuration['cookie_name']]
22
19
  end
23
20
 
24
21
  def fetch_by_auth_header(request)
@@ -9,12 +9,9 @@ module SoarAuthenticationToken
9
9
 
10
10
  def fetch(request)
11
11
  return false unless request.env.has_key?('HTTP_COOKIE')
12
+ return false unless request.cookies.has_key?(@configuration['cookie_name'])
12
13
 
13
- cookies = HTTP::CookieJar.new.parse(request.env['HTTP_COOKIE'], 'http://irrelevant')
14
- auth_cookie = cookies.find { |cookie| cookie.name == @configuration['cookie_name'] }
15
- return false unless auth_cookie.is_a?(HTTP::Cookie)
16
-
17
- auth_cookie.value
14
+ request.cookies[@configuration['cookie_name']]
18
15
  end
19
16
 
20
17
  def validate_configuration
@@ -1,3 +1,3 @@
1
1
  module SoarAuthenticationToken
2
- VERSION = '7.1.0'
2
+ VERSION = '7.1.1'
3
3
  end
@@ -0,0 +1,13 @@
1
+ require 'spec_helper'
2
+ require 'rack'
3
+ require 'rack/test'
4
+ require 'webmock/rspec'
5
+ require_relative 'shared/authentication_provider'
6
+
7
+ describe 'Authorization Header provider' do
8
+ let(:auth_provider) {
9
+ 'SoarAuthenticationToken::AuthorizationHeaderProvider'
10
+ }
11
+
12
+ it_behaves_like "an authentication provider"
13
+ end
@@ -0,0 +1,13 @@
1
+ require 'spec_helper'
2
+ require 'rack'
3
+ require 'rack/test'
4
+ require 'webmock/rspec'
5
+ require_relative 'shared/authentication_provider'
6
+
7
+ describe 'Cascade provider' do
8
+ let(:auth_provider) {
9
+ 'SoarAuthenticationToken::CascadeProvider'
10
+ }
11
+
12
+ it_behaves_like "an authentication provider"
13
+ end
@@ -0,0 +1,13 @@
1
+ require 'spec_helper'
2
+ require 'rack'
3
+ require 'rack/test'
4
+ require 'webmock/rspec'
5
+ require_relative 'shared/authentication_provider'
6
+
7
+ describe 'Cookie provider' do
8
+ let(:auth_provider) {
9
+ 'SoarAuthenticationToken::CookieProvider'
10
+ }
11
+
12
+ it_behaves_like "an authentication provider"
13
+ end
@@ -1,18 +1,19 @@
1
1
  require 'spec_helper'
2
- require 'rack'
3
- require 'rack/test'
4
- require 'webmock/rspec'
5
2
 
6
- describe SoarAuthenticationToken::RackMiddleware do
3
+ shared_examples_for "an authentication provider" do
7
4
  include Rack::Test::Methods
8
5
 
6
+ let(:version) {
7
+ SoarAuthenticationToken::VERSION
8
+ }
9
+
9
10
  def create_valid_token_generator
10
11
  keypair_generator = SoarAuthenticationToken::KeypairGenerator.new
11
12
  private_key, public_key = keypair_generator.generate
12
13
  configuration = {
13
- 'provider' => 'SoarAuthenticationToken::RemoteTokenGenerator',
14
- 'generator-url' => 'http://authentication-token-generator-service:9393/generate',
15
- 'generator-client-auth-token' => 'test_ecosystem_token_for_auth_token_aaapi_authenticator_service'
14
+ 'provider' => 'SoarAuthenticationToken::RemoteTokenGenerator',
15
+ 'generator-url' => 'http://authentication-token-generator-service:9393/generate',
16
+ 'generator-client-auth-token' => 'test_ecosystem_token_for_auth_token_aaapi_authenticator_service'
16
17
  }
17
18
  generator = SoarAuthenticationToken::TokenGenerator.new(configuration)
18
19
  generator.inject_store_provider(get_store)
@@ -23,9 +24,9 @@ describe SoarAuthenticationToken::RackMiddleware do
23
24
  keypair_generator = SoarAuthenticationToken::KeypairGenerator.new
24
25
  private_key, public_key = keypair_generator.generate
25
26
  configuration = {
26
- 'provider' => 'SoarAuthenticationToken::JwtTokenGenerator',
27
- 'private_key' => private_key,
28
- 'public_key' => public_key
27
+ 'provider' => 'SoarAuthenticationToken::JwtTokenGenerator',
28
+ 'private_key' => private_key,
29
+ 'public_key' => public_key
29
30
  }
30
31
  generator = SoarAuthenticationToken::TokenGenerator.new(configuration)
31
32
  generator.inject_store_provider(get_store)
@@ -41,9 +42,9 @@ describe SoarAuthenticationToken::RackMiddleware do
41
42
  @local_valid_generator, @valid_private_key, @valid_public_key = create_valid_token_generator
42
43
  @local_invalid_generator, @invalid_private_key, @invalid_public_key = create_invalid_token_generator
43
44
  @failure_response_json = [ { 'status' => 'fail', 'data' => {
44
- 'notifications' => ['Not authenticated']
45
- }
46
- }.to_json ]
45
+ 'notifications' => ['Not authenticated']
46
+ }
47
+ }.to_json ]
47
48
  end
48
49
 
49
50
  before :each do
@@ -51,19 +52,20 @@ describe SoarAuthenticationToken::RackMiddleware do
51
52
  request = Rack::Request.new env
52
53
  session = request.session
53
54
  test_app_response_data = {
54
- 'message' => "tested with authenticated user #{session['user']}",
55
- 'user' => session['user'],
56
- 'auth_token_meta' => session['auth_token_meta']
55
+ 'message' => "tested with authenticated user #{session['user']}",
56
+ 'user' => session['user'],
57
+ 'auth_token_meta' => session['auth_token_meta']
57
58
  }
58
59
  [200, {"Content-Type" => "application/json"}, test_app_response_data ]
59
60
  end
60
61
  @iut_configuration = {
61
- 'provider' => 'SoarAuthenticationToken::RemoteTokenValidator',
62
- 'validator-url' => 'http://authentication-token-validator-service:9393/validate',
63
- 'authentication_token' => {
64
- 'provider' => 'SoarAuthenticationToken::AuthorizationHeaderProvider',
65
- 'header_name' => 'HTTP_AUTHORIZATION'
66
- }
62
+ 'provider' => 'SoarAuthenticationToken::RemoteTokenValidator',
63
+ 'validator-url' => 'http://authentication-token-validator-service:9393/validate',
64
+ 'authentication_token' => {
65
+ 'provider' => auth_provider,
66
+ 'header_name' => 'HTTP_AUTHORIZATION',
67
+ 'cookie_name' => 'kh2.auth'
68
+ }
67
69
  }
68
70
  @iut = SoarAuthenticationToken::RackMiddleware.new(@test_app, @iut_configuration, "test-service", nil)
69
71
  end
@@ -87,9 +89,9 @@ describe SoarAuthenticationToken::RackMiddleware do
87
89
  it "return with 401" do
88
90
  stub_response_body = {'status' => 'success', 'data' => { 'token_validity' => false, 'token_meta' => nil, 'notifications' => ['none'] }}.to_json
89
91
  stub_request(:post, "http://authentication-token-validator-service:9393/validate?flow_identifier").
90
- with(body: "{\"authentication_token\":null,\"request_information\":{\"source_address\":\"1.1.1.1\",\"user_agent\":null,\"service\":\"test-service\",\"resource\":\"/\",\"method\":\"GET\",\"base_url\":\"http://service\",\"version\":\"7.0.0\"}}",
91
- headers: {'Accept'=>'*/*', 'Accept-Encoding'=>'gzip;q=1.0,deflate;q=0.6,identity;q=0.3', 'User-Agent'=>'Ruby'}).
92
- to_return(status: 200, body: stub_response_body, headers: {})
92
+ with(body: "{\"authentication_token\":null,\"request_information\":{\"source_address\":\"1.1.1.1\",\"user_agent\":null,\"service\":\"test-service\",\"resource\":\"/\",\"method\":\"GET\",\"base_url\":\"http://service\",\"version\":\"#{version}\"}}",
93
+ headers: {'Accept'=>'*/*', 'Accept-Encoding'=>'gzip;q=1.0,deflate;q=0.6,identity;q=0.3', 'User-Agent'=>'Ruby'}).
94
+ to_return(status: 200, body: stub_response_body, headers: {})
93
95
 
94
96
  opts = { 'REMOTE_ADDR' => '1.1.1.1', 'HTTP_AUTHORIZATION' => nil }
95
97
  code, env, body = @iut.call Rack::MockRequest.env_for('http://service', opts)
@@ -101,9 +103,9 @@ describe SoarAuthenticationToken::RackMiddleware do
101
103
  it "return with 401" do
102
104
  stub_response_body = {'status' => 'success', 'data' => { 'token_validity' => false, 'token_meta' => nil, 'notifications' => ['none'] }}.to_json
103
105
  stub_request(:post, "http://authentication-token-validator-service:9393/validate?flow_identifier").
104
- with(body: "{\"authentication_token\":\"bad_token\",\"request_information\":{\"source_address\":\"1.1.1.1\",\"user_agent\":null,\"service\":\"test-service\",\"resource\":\"/\",\"method\":\"GET\",\"base_url\":\"http://service\",\"version\":\"7.0.0\"}}",
105
- headers: {'Accept'=>'*/*', 'Accept-Encoding'=>'gzip;q=1.0,deflate;q=0.6,identity;q=0.3', 'User-Agent'=>'Ruby'}).
106
- to_return(status: 200, body: stub_response_body, headers: {})
106
+ with(body: "{\"authentication_token\":\"bad_token\",\"request_information\":{\"source_address\":\"1.1.1.1\",\"user_agent\":null,\"service\":\"test-service\",\"resource\":\"/\",\"method\":\"GET\",\"base_url\":\"http://service\",\"version\":\"#{version}\"}}",
107
+ headers: {'Accept'=>'*/*', 'Accept-Encoding'=>'gzip;q=1.0,deflate;q=0.6,identity;q=0.3', 'User-Agent'=>'Ruby'}).
108
+ to_return(status: 200, body: stub_response_body, headers: {})
107
109
 
108
110
  opts = { 'REMOTE_ADDR' => '1.1.1.1', 'HTTP_AUTHORIZATION' => 'bad_token' }
109
111
  code, env, body = @iut.call Rack::MockRequest.env_for('http://service', opts)
@@ -113,11 +115,12 @@ describe SoarAuthenticationToken::RackMiddleware do
113
115
 
114
116
  context 'with a valid authentiation token' do
115
117
  it "pass requests to the application" do
118
+ skip if auth_provider == 'SoarAuthenticationToken::CookieProvider'
116
119
  stub_response_body = {'status' => 'success', 'data' => { 'token_validity' => true, 'token_meta' => { 'authenticated_identifier' => 'a@b.com' }, 'notifications' => ['none'] }}.to_json
117
120
  stub_request(:post, "http://authentication-token-validator-service:9393/validate?flow_identifier").
118
- with(body: "{\"authentication_token\":\"valid_token\",\"request_information\":{\"source_address\":\"1.1.1.1\",\"user_agent\":null,\"service\":\"test-service\",\"resource\":\"/\",\"method\":\"GET\",\"base_url\":\"http://service\",\"version\":\"7.0.0\"}}",
119
- headers: {'Accept'=>'*/*', 'Accept-Encoding'=>'gzip;q=1.0,deflate;q=0.6,identity;q=0.3', 'User-Agent'=>'Ruby'}).
120
- to_return(status: 200, body: stub_response_body, headers: {})
121
+ with(body: "{\"authentication_token\":\"valid_token\",\"request_information\":{\"source_address\":\"1.1.1.1\",\"user_agent\":null,\"service\":\"test-service\",\"resource\":\"/\",\"method\":\"GET\",\"base_url\":\"http://service\",\"version\":\"#{version}\"}}",
122
+ headers: {'Accept'=>'*/*', 'Accept-Encoding'=>'gzip;q=1.0,deflate;q=0.6,identity;q=0.3', 'User-Agent'=>'Ruby'}).
123
+ to_return(status: 200, body: stub_response_body, headers: {})
121
124
 
122
125
  opts = { 'REMOTE_ADDR' => '1.1.1.1', 'HTTP_AUTHORIZATION' => 'valid_token' }
123
126
  code, env, body = @iut.call Rack::MockRequest.env_for('http://service', opts)
@@ -125,11 +128,12 @@ describe SoarAuthenticationToken::RackMiddleware do
125
128
  end
126
129
 
127
130
  it "populate the 'user' key in the rack session with the authenticated user" do
131
+ skip if auth_provider == 'SoarAuthenticationToken::CookieProvider'
128
132
  stub_response_body = {'status' => 'success', 'data' => { 'token_validity' => true, 'token_meta' => { 'authenticated_identifier' => 'a@b.com' }, 'notifications' => ['none'] }}.to_json
129
133
  stub_request(:post, "http://authentication-token-validator-service:9393/validate?flow_identifier").
130
- with(body: "{\"authentication_token\":\"valid_token\",\"request_information\":{\"source_address\":\"1.1.1.1\",\"user_agent\":null,\"service\":\"test-service\",\"resource\":\"/\",\"method\":\"GET\",\"base_url\":\"http://service\",\"version\":\"7.0.0\"}}",
131
- headers: {'Accept'=>'*/*', 'Accept-Encoding'=>'gzip;q=1.0,deflate;q=0.6,identity;q=0.3', 'User-Agent'=>'Ruby'}).
132
- to_return(status: 200, body: stub_response_body, headers: {})
134
+ with(body: "{\"authentication_token\":\"valid_token\",\"request_information\":{\"source_address\":\"1.1.1.1\",\"user_agent\":null,\"service\":\"test-service\",\"resource\":\"/\",\"method\":\"GET\",\"base_url\":\"http://service\",\"version\":\"#{version}\"}}",
135
+ headers: {'Accept'=>'*/*', 'Accept-Encoding'=>'gzip;q=1.0,deflate;q=0.6,identity;q=0.3', 'User-Agent'=>'Ruby'}).
136
+ to_return(status: 200, body: stub_response_body, headers: {})
133
137
 
134
138
  opts = { 'REMOTE_ADDR' => '1.1.1.1', 'HTTP_AUTHORIZATION' => 'valid_token' }
135
139
  code, env, body = @iut.call Rack::MockRequest.env_for('http://service', opts)
@@ -137,11 +141,13 @@ describe SoarAuthenticationToken::RackMiddleware do
137
141
  end
138
142
 
139
143
  it "populate the 'auth_token_meta' key in the rack session with the hash containing the token meta" do
144
+ skip if auth_provider == 'SoarAuthenticationToken::CookieProvider'
145
+
140
146
  stub_response_body = {'status' => 'success', 'data' => { 'token_validity' => true, 'token_meta' => { 'authenticated_identifier' => 'a@b.com' }, 'notifications' => ['none'] }}.to_json
141
147
  stub_request(:post, "http://authentication-token-validator-service:9393/validate?flow_identifier").
142
- with(body: "{\"authentication_token\":\"valid_token\",\"request_information\":{\"source_address\":\"1.1.1.1\",\"user_agent\":null,\"service\":\"test-service\",\"resource\":\"/\",\"method\":\"GET\",\"base_url\":\"http://service\",\"version\":\"7.0.0\"}}",
143
- headers: {'Accept'=>'*/*', 'Accept-Encoding'=>'gzip;q=1.0,deflate;q=0.6,identity;q=0.3', 'User-Agent'=>'Ruby'}).
144
- to_return(status: 200, body: stub_response_body, headers: {})
148
+ with(body: "{\"authentication_token\":\"valid_token\",\"request_information\":{\"source_address\":\"1.1.1.1\",\"user_agent\":null,\"service\":\"test-service\",\"resource\":\"/\",\"method\":\"GET\",\"base_url\":\"http://service\",\"version\":\"#{version}\"}}",
149
+ headers: {'Accept'=>'*/*', 'Accept-Encoding'=>'gzip;q=1.0,deflate;q=0.6,identity;q=0.3', 'User-Agent'=>'Ruby'}).
150
+ to_return(status: 200, body: stub_response_body, headers: {})
145
151
 
146
152
  opts = { 'REMOTE_ADDR' => '1.1.1.1', 'HTTP_AUTHORIZATION' => 'valid_token' }
147
153
  code, env, body = @iut.call Rack::MockRequest.env_for('http://service', opts)
@@ -149,4 +155,4 @@ describe SoarAuthenticationToken::RackMiddleware do
149
155
  end
150
156
  end
151
157
  end
152
- end
158
+ end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: soar_authentication_token
3
3
  version: !ruby/object:Gem::Version
4
- version: 7.1.0
4
+ version: 7.1.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Barney de Villiers
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2017-09-20 00:00:00.000000000 Z
11
+ date: 2017-10-19 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: soar_xt
@@ -295,7 +295,10 @@ files:
295
295
  - spec/config_rotator_spec.rb
296
296
  - spec/jwt_token_validator_spec.rb
297
297
  - spec/keypair_generator_spec.rb
298
- - spec/rack_middleware/authorization_header_spec.rb
298
+ - spec/rack_middleware/authorization_header_provider_spec.rb
299
+ - spec/rack_middleware/cascade_provider_spec.rb
300
+ - spec/rack_middleware/cookie_provider_spec.rb
301
+ - spec/rack_middleware/shared/authentication_provider.rb
299
302
  - spec/remote_token_validator_spec.rb
300
303
  - spec/spec_helper.rb
301
304
  - spec/static_token_validator_spec.rb
@@ -321,7 +324,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
321
324
  version: '0'
322
325
  requirements: []
323
326
  rubyforge_project:
324
- rubygems_version: 2.6.13
327
+ rubygems_version: 2.5.1
325
328
  signing_key:
326
329
  specification_version: 4
327
330
  summary: Client library for Hetzner's authentication token service
@@ -329,7 +332,10 @@ test_files:
329
332
  - spec/config_rotator_spec.rb
330
333
  - spec/jwt_token_validator_spec.rb
331
334
  - spec/keypair_generator_spec.rb
332
- - spec/rack_middleware/authorization_header_spec.rb
335
+ - spec/rack_middleware/authorization_header_provider_spec.rb
336
+ - spec/rack_middleware/cascade_provider_spec.rb
337
+ - spec/rack_middleware/cookie_provider_spec.rb
338
+ - spec/rack_middleware/shared/authentication_provider.rb
333
339
  - spec/remote_token_validator_spec.rb
334
340
  - spec/spec_helper.rb
335
341
  - spec/static_token_validator_spec.rb