sorcery 0.9.1 → 0.16.3
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +5 -5
- data/.github/FUNDING.yml +1 -0
- data/.github/ISSUE_TEMPLATE.md +24 -0
- data/.github/PULL_REQUEST_TEMPLATE.md +7 -0
- data/.github/workflows/ruby.yml +70 -0
- data/.gitignore +3 -0
- data/.rubocop.yml +55 -0
- data/.rubocop_todo.yml +163 -0
- data/CHANGELOG.md +132 -34
- data/CODE_OF_CONDUCT.md +14 -0
- data/Gemfile +3 -17
- data/{LICENSE.txt → LICENSE.md} +1 -1
- data/MAINTAINING.md +64 -0
- data/README.md +146 -269
- data/Rakefile +4 -2
- data/SECURITY.md +19 -0
- data/gemfiles/rails_52.gemfile +7 -0
- data/gemfiles/rails_60.gemfile +7 -0
- data/gemfiles/rails_61.gemfile +7 -0
- data/gemfiles/rails_70.gemfile +7 -0
- data/lib/generators/sorcery/USAGE +1 -1
- data/lib/generators/sorcery/helpers.rb +8 -4
- data/lib/generators/sorcery/install_generator.rb +41 -35
- data/lib/generators/sorcery/templates/initializer.rb +216 -112
- data/lib/generators/sorcery/templates/migration/activity_logging.rb +7 -7
- data/lib/generators/sorcery/templates/migration/brute_force_protection.rb +5 -5
- data/lib/generators/sorcery/templates/migration/core.rb +5 -7
- data/lib/generators/sorcery/templates/migration/external.rb +4 -4
- data/lib/generators/sorcery/templates/migration/magic_login.rb +9 -0
- data/lib/generators/sorcery/templates/migration/remember_me.rb +5 -5
- data/lib/generators/sorcery/templates/migration/reset_password.rb +7 -6
- data/lib/generators/sorcery/templates/migration/user_activation.rb +6 -6
- data/lib/sorcery/adapters/active_record_adapter.rb +11 -21
- data/lib/sorcery/adapters/mongoid_adapter.rb +23 -11
- data/lib/sorcery/controller/config.rb +27 -23
- data/lib/sorcery/controller/submodules/activity_logging.rb +16 -18
- data/lib/sorcery/controller/submodules/brute_force_protection.rb +1 -2
- data/lib/sorcery/controller/submodules/external.rb +69 -44
- data/lib/sorcery/controller/submodules/http_basic_auth.rb +18 -19
- data/lib/sorcery/controller/submodules/remember_me.rb +16 -16
- data/lib/sorcery/controller/submodules/session_timeout.rb +33 -11
- data/lib/sorcery/controller.rb +50 -35
- data/lib/sorcery/crypto_providers/aes256.rb +17 -16
- data/lib/sorcery/crypto_providers/bcrypt.rb +26 -22
- data/lib/sorcery/crypto_providers/common.rb +1 -1
- data/lib/sorcery/crypto_providers/md5.rb +5 -5
- data/lib/sorcery/crypto_providers/sha1.rb +5 -5
- data/lib/sorcery/crypto_providers/sha256.rb +2 -2
- data/lib/sorcery/crypto_providers/sha512.rb +3 -3
- data/lib/sorcery/engine.rb +19 -11
- data/lib/sorcery/model/config.rb +73 -50
- data/lib/sorcery/model/submodules/activity_logging.rb +31 -12
- data/lib/sorcery/model/submodules/brute_force_protection.rb +38 -31
- data/lib/sorcery/model/submodules/external.rb +22 -10
- data/lib/sorcery/model/submodules/magic_login.rb +130 -0
- data/lib/sorcery/model/submodules/remember_me.rb +19 -7
- data/lib/sorcery/model/submodules/reset_password.rb +64 -42
- data/lib/sorcery/model/submodules/user_activation.rb +52 -54
- data/lib/sorcery/model/temporary_token.rb +30 -7
- data/lib/sorcery/model.rb +65 -40
- data/lib/sorcery/protocols/oauth.rb +4 -9
- data/lib/sorcery/protocols/oauth2.rb +0 -2
- data/lib/sorcery/providers/auth0.rb +46 -0
- data/lib/sorcery/providers/base.rb +4 -4
- data/lib/sorcery/providers/battlenet.rb +51 -0
- data/lib/sorcery/providers/discord.rb +52 -0
- data/lib/sorcery/providers/facebook.rb +8 -11
- data/lib/sorcery/providers/github.rb +5 -7
- data/lib/sorcery/providers/google.rb +3 -5
- data/lib/sorcery/providers/heroku.rb +7 -8
- data/lib/sorcery/providers/instagram.rb +73 -0
- data/lib/sorcery/providers/jira.rb +12 -17
- data/lib/sorcery/providers/line.rb +63 -0
- data/lib/sorcery/providers/linkedin.rb +44 -35
- data/lib/sorcery/providers/liveid.rb +4 -7
- data/lib/sorcery/providers/microsoft.rb +59 -0
- data/lib/sorcery/providers/paypal.rb +60 -0
- data/lib/sorcery/providers/salesforce.rb +3 -5
- data/lib/sorcery/providers/slack.rb +45 -0
- data/lib/sorcery/providers/twitter.rb +4 -6
- data/lib/sorcery/providers/vk.rb +8 -9
- data/lib/sorcery/providers/wechat.rb +81 -0
- data/lib/sorcery/providers/xing.rb +7 -10
- data/lib/sorcery/test_helpers/internal/rails.rb +25 -17
- data/lib/sorcery/test_helpers/internal.rb +15 -14
- data/lib/sorcery/test_helpers/rails/controller.rb +1 -1
- data/lib/sorcery/test_helpers/rails/integration.rb +5 -6
- data/lib/sorcery/test_helpers/rails/request.rb +20 -0
- data/lib/sorcery/version.rb +1 -1
- data/lib/sorcery.rb +4 -17
- data/sorcery.gemspec +43 -28
- data/spec/active_record/user_activation_spec.rb +4 -5
- data/spec/active_record/user_activity_logging_spec.rb +4 -6
- data/spec/active_record/user_brute_force_protection_spec.rb +5 -6
- data/spec/active_record/user_magic_login_spec.rb +15 -0
- data/spec/active_record/user_oauth_spec.rb +5 -6
- data/spec/active_record/user_remember_me_spec.rb +5 -6
- data/spec/active_record/user_reset_password_spec.rb +4 -5
- data/spec/active_record/user_spec.rb +7 -17
- data/spec/controllers/controller_activity_logging_spec.rb +13 -24
- data/spec/controllers/controller_brute_force_protection_spec.rb +8 -10
- data/spec/controllers/controller_http_basic_auth_spec.rb +20 -21
- data/spec/controllers/controller_oauth2_spec.rb +297 -158
- data/spec/controllers/controller_oauth_spec.rb +97 -71
- data/spec/controllers/controller_remember_me_spec.rb +49 -36
- data/spec/controllers/controller_session_timeout_spec.rb +106 -20
- data/spec/controllers/controller_spec.rb +87 -111
- data/spec/orm/active_record.rb +3 -3
- data/spec/providers/example_provider_spec.rb +17 -0
- data/spec/providers/example_spec.rb +17 -0
- data/spec/providers/examples_spec.rb +17 -0
- data/spec/providers/vk_spec.rb +42 -0
- data/spec/rails_app/app/active_record/authentication.rb +1 -1
- data/spec/rails_app/app/active_record/user.rb +2 -2
- data/spec/rails_app/app/assets/config/manifest.js +1 -0
- data/spec/rails_app/app/controllers/application_controller.rb +2 -0
- data/spec/rails_app/app/controllers/sorcery_controller.rb +250 -46
- data/spec/rails_app/app/mailers/sorcery_mailer.rb +23 -17
- data/spec/rails_app/app/views/sorcery_mailer/magic_login_email.html.erb +13 -0
- data/spec/rails_app/app/views/sorcery_mailer/magic_login_email.text.erb +6 -0
- data/spec/rails_app/config/application.rb +14 -9
- data/spec/rails_app/config/boot.rb +2 -2
- data/spec/rails_app/config/environment.rb +1 -1
- data/spec/rails_app/config/environments/test.rb +1 -1
- data/spec/rails_app/config/initializers/compatible_legacy_migration.rb +11 -0
- data/spec/rails_app/config/initializers/session_store.rb +3 -3
- data/spec/rails_app/config/routes.rb +31 -1
- data/spec/rails_app/config/secrets.yml +4 -0
- data/spec/rails_app/config.ru +1 -1
- data/spec/rails_app/db/migrate/activation/20101224223622_add_activation_to_users.rb +4 -4
- data/spec/rails_app/db/migrate/activity_logging/20101224223624_add_activity_logging_to_users.rb +10 -10
- data/spec/rails_app/db/migrate/brute_force_protection/20101224223626_add_brute_force_protection_to_users.rb +5 -5
- data/spec/rails_app/db/migrate/core/20101224223620_create_users.rb +5 -5
- data/spec/rails_app/db/migrate/external/20101224223628_create_authentications_and_user_providers.rb +3 -3
- data/spec/rails_app/db/migrate/invalidate_active_sessions/20180221093235_add_invalidate_active_sessions_before_to_users.rb +9 -0
- data/spec/rails_app/db/migrate/magic_login/20170924151831_add_magic_login_to_users.rb +17 -0
- data/spec/rails_app/db/migrate/remember_me/20101224223623_add_remember_me_token_to_users.rb +6 -6
- data/spec/rails_app/db/migrate/reset_password/20101224223622_add_reset_password_to_users.rb +7 -5
- data/spec/rails_app/db/schema.rb +7 -9
- data/spec/shared_examples/user_activation_shared_examples.rb +177 -58
- data/spec/shared_examples/user_activity_logging_shared_examples.rb +47 -41
- data/spec/shared_examples/user_brute_force_protection_shared_examples.rb +19 -24
- data/spec/shared_examples/user_magic_login_shared_examples.rb +150 -0
- data/spec/shared_examples/user_oauth_shared_examples.rb +7 -10
- data/spec/shared_examples/user_remember_me_shared_examples.rb +91 -22
- data/spec/shared_examples/user_reset_password_shared_examples.rb +153 -58
- data/spec/shared_examples/user_shared_examples.rb +328 -145
- data/spec/sorcery_crypto_providers_spec.rb +122 -75
- data/spec/sorcery_temporary_token_spec.rb +27 -0
- data/spec/spec.opts +1 -1
- data/spec/spec_helper.rb +19 -14
- data/spec/support/migration_helper.rb +29 -0
- data/spec/support/providers/example.rb +11 -0
- data/spec/support/providers/example_provider.rb +11 -0
- data/spec/support/providers/examples.rb +11 -0
- metadata +119 -89
- data/.travis.yml +0 -132
- data/gemfiles/active_record-rails40.gemfile +0 -7
- data/gemfiles/active_record-rails41.gemfile +0 -7
- data/gemfiles/mongo_mapper-rails40.gemfile +0 -9
- data/gemfiles/mongo_mapper-rails41.gemfile +0 -9
- data/gemfiles/mongoid-rails40.gemfile +0 -9
- data/gemfiles/mongoid-rails41.gemfile +0 -9
- data/gemfiles/mongoid3-rails32.gemfile +0 -9
- data/lib/sorcery/adapters/data_mapper_adapter.rb +0 -176
- data/lib/sorcery/adapters/mongo_mapper_adapter.rb +0 -110
- data/lib/sorcery/railties/tasks.rake +0 -6
- data/spec/data_mapper/user_activation_spec.rb +0 -10
- data/spec/data_mapper/user_activity_logging_spec.rb +0 -14
- data/spec/data_mapper/user_brute_force_protection_spec.rb +0 -9
- data/spec/data_mapper/user_oauth_spec.rb +0 -9
- data/spec/data_mapper/user_remember_me_spec.rb +0 -8
- data/spec/data_mapper/user_reset_password_spec.rb +0 -8
- data/spec/data_mapper/user_spec.rb +0 -27
- data/spec/mongo_mapper/user_activation_spec.rb +0 -9
- data/spec/mongo_mapper/user_activity_logging_spec.rb +0 -8
- data/spec/mongo_mapper/user_brute_force_protection_spec.rb +0 -8
- data/spec/mongo_mapper/user_oauth_spec.rb +0 -8
- data/spec/mongo_mapper/user_remember_me_spec.rb +0 -8
- data/spec/mongo_mapper/user_reset_password_spec.rb +0 -8
- data/spec/mongo_mapper/user_spec.rb +0 -37
- data/spec/mongoid/user_activation_spec.rb +0 -9
- data/spec/mongoid/user_activity_logging_spec.rb +0 -8
- data/spec/mongoid/user_brute_force_protection_spec.rb +0 -8
- data/spec/mongoid/user_oauth_spec.rb +0 -8
- data/spec/mongoid/user_remember_me_spec.rb +0 -8
- data/spec/mongoid/user_reset_password_spec.rb +0 -8
- data/spec/mongoid/user_spec.rb +0 -51
- data/spec/orm/data_mapper.rb +0 -48
- data/spec/orm/mongo_mapper.rb +0 -10
- data/spec/orm/mongoid.rb +0 -22
- data/spec/rails_app/app/data_mapper/authentication.rb +0 -8
- data/spec/rails_app/app/data_mapper/user.rb +0 -7
- data/spec/rails_app/app/mongo_mapper/authentication.rb +0 -6
- data/spec/rails_app/app/mongo_mapper/user.rb +0 -7
- data/spec/rails_app/app/mongoid/authentication.rb +0 -7
- data/spec/rails_app/app/mongoid/user.rb +0 -7
- data/spec/rails_app/config/initializers/secret_token.rb +0 -7
- data/spec/rails_app/log/development.log +0 -1791
@@ -1,198 +1,245 @@
|
|
1
1
|
require 'spec_helper'
|
2
2
|
|
3
|
-
describe
|
4
|
-
|
3
|
+
describe 'Crypto Providers wrappers' do
|
5
4
|
describe Sorcery::CryptoProviders::MD5 do
|
6
|
-
|
7
5
|
after(:each) do
|
8
6
|
Sorcery::CryptoProviders::MD5.reset!
|
9
7
|
end
|
10
8
|
|
11
|
-
it
|
12
|
-
expect(Sorcery::CryptoProviders::MD5.encrypt
|
9
|
+
it 'encrypt works via wrapper like normal lib' do
|
10
|
+
expect(Sorcery::CryptoProviders::MD5.encrypt('Noam Ben-Ari')).to eq Digest::MD5.hexdigest('Noam Ben-Ari')
|
13
11
|
end
|
14
12
|
|
15
|
-
it
|
13
|
+
it 'works with multiple stretches' do
|
16
14
|
Sorcery::CryptoProviders::MD5.stretches = 3
|
17
|
-
expect(Sorcery::CryptoProviders::MD5.encrypt
|
15
|
+
expect(Sorcery::CryptoProviders::MD5.encrypt('Noam Ben-Ari')).to eq Digest::MD5.hexdigest(Digest::MD5.hexdigest(Digest::MD5.hexdigest('Noam Ben-Ari')))
|
18
16
|
end
|
19
17
|
|
20
|
-
it
|
21
|
-
expect(Sorcery::CryptoProviders::MD5.matches?
|
18
|
+
it 'matches? returns true when matches' do
|
19
|
+
expect(Sorcery::CryptoProviders::MD5.matches?(Digest::MD5.hexdigest('Noam Ben-Ari'), 'Noam Ben-Ari')).to be true
|
22
20
|
end
|
23
21
|
|
24
|
-
it
|
25
|
-
expect(Sorcery::CryptoProviders::MD5.matches?
|
22
|
+
it 'matches? returns false when no match' do
|
23
|
+
expect(Sorcery::CryptoProviders::MD5.matches?(Digest::MD5.hexdigest('Noam Ben-Ari'), 'Some Dude')).to be false
|
26
24
|
end
|
27
|
-
|
28
25
|
end
|
29
26
|
|
30
27
|
describe Sorcery::CryptoProviders::SHA1 do
|
31
|
-
|
32
28
|
before(:all) do
|
33
29
|
@digest = 'Noam Ben-Ari'
|
34
|
-
Sorcery::CryptoProviders::SHA1.stretches.times {@digest = Digest::SHA1.hexdigest(@digest)}
|
30
|
+
Sorcery::CryptoProviders::SHA1.stretches.times { @digest = Digest::SHA1.hexdigest(@digest) }
|
35
31
|
end
|
36
32
|
|
37
33
|
after(:each) do
|
38
34
|
Sorcery::CryptoProviders::SHA1.reset!
|
39
35
|
end
|
40
36
|
|
41
|
-
it
|
42
|
-
expect(Sorcery::CryptoProviders::SHA1.encrypt
|
37
|
+
it 'encrypt works via wrapper like normal lib' do
|
38
|
+
expect(Sorcery::CryptoProviders::SHA1.encrypt('Noam Ben-Ari')).to eq @digest
|
43
39
|
end
|
44
40
|
|
45
|
-
it
|
41
|
+
it 'works with multiple stretches' do
|
46
42
|
Sorcery::CryptoProviders::SHA1.stretches = 3
|
47
|
-
expect(Sorcery::CryptoProviders::SHA1.encrypt
|
43
|
+
expect(Sorcery::CryptoProviders::SHA1.encrypt('Noam Ben-Ari')).to eq Digest::SHA1.hexdigest(Digest::SHA1.hexdigest(Digest::SHA1.hexdigest('Noam Ben-Ari')))
|
48
44
|
end
|
49
45
|
|
50
|
-
it
|
51
|
-
expect(Sorcery::CryptoProviders::SHA1.matches?
|
46
|
+
it 'matches? returns true when matches' do
|
47
|
+
expect(Sorcery::CryptoProviders::SHA1.matches?(@digest, 'Noam Ben-Ari')).to be true
|
52
48
|
end
|
53
49
|
|
54
|
-
it
|
55
|
-
expect(Sorcery::CryptoProviders::SHA1.matches?
|
50
|
+
it 'matches? returns false when no match' do
|
51
|
+
expect(Sorcery::CryptoProviders::SHA1.matches?(@digest, 'Some Dude')).to be false
|
56
52
|
end
|
57
53
|
|
58
|
-
it
|
59
|
-
Sorcery::CryptoProviders::SHA1.join_token =
|
60
|
-
expect(Sorcery::CryptoProviders::SHA1.encrypt
|
54
|
+
it 'matches password encrypted using salt and join token from upstream' do
|
55
|
+
Sorcery::CryptoProviders::SHA1.join_token = 'test'
|
56
|
+
expect(Sorcery::CryptoProviders::SHA1.encrypt(%w[password gq18WBnJYNh2arkC1kgH])).to eq '894b5bf1643b8d0e1b2eaddb22426be7036dab70'
|
61
57
|
end
|
62
58
|
end
|
63
59
|
|
64
60
|
describe Sorcery::CryptoProviders::SHA256 do
|
65
|
-
|
66
61
|
before(:all) do
|
67
62
|
@digest = 'Noam Ben-Ari'
|
68
|
-
Sorcery::CryptoProviders::SHA256.stretches.times {@digest = Digest::SHA256.hexdigest(@digest)}
|
63
|
+
Sorcery::CryptoProviders::SHA256.stretches.times { @digest = Digest::SHA256.hexdigest(@digest) }
|
69
64
|
end
|
70
65
|
|
71
66
|
after(:each) do
|
72
67
|
Sorcery::CryptoProviders::SHA256.reset!
|
73
68
|
end
|
74
69
|
|
75
|
-
it
|
76
|
-
expect(Sorcery::CryptoProviders::SHA256.encrypt
|
70
|
+
it 'encrypt works via wrapper like normal lib' do
|
71
|
+
expect(Sorcery::CryptoProviders::SHA256.encrypt('Noam Ben-Ari')).to eq @digest
|
77
72
|
end
|
78
73
|
|
79
|
-
it
|
74
|
+
it 'works with multiple stretches' do
|
80
75
|
Sorcery::CryptoProviders::SHA256.stretches = 3
|
81
|
-
expect(Sorcery::CryptoProviders::SHA256.encrypt
|
76
|
+
expect(Sorcery::CryptoProviders::SHA256.encrypt('Noam Ben-Ari')).to eq Digest::SHA256.hexdigest(Digest::SHA256.hexdigest(Digest::SHA256.hexdigest('Noam Ben-Ari')))
|
82
77
|
end
|
83
78
|
|
84
|
-
it
|
85
|
-
expect(Sorcery::CryptoProviders::SHA256.matches?
|
79
|
+
it 'matches? returns true when matches' do
|
80
|
+
expect(Sorcery::CryptoProviders::SHA256.matches?(@digest, 'Noam Ben-Ari')).to be true
|
86
81
|
end
|
87
82
|
|
88
|
-
it
|
89
|
-
expect(Sorcery::CryptoProviders::SHA256.matches?
|
83
|
+
it 'matches? returns false when no match' do
|
84
|
+
expect(Sorcery::CryptoProviders::SHA256.matches?(@digest, 'Some Dude')).to be false
|
90
85
|
end
|
91
|
-
|
92
86
|
end
|
93
87
|
|
94
88
|
describe Sorcery::CryptoProviders::SHA512 do
|
95
|
-
|
96
89
|
before(:all) do
|
97
90
|
@digest = 'Noam Ben-Ari'
|
98
|
-
Sorcery::CryptoProviders::SHA512.stretches.times {@digest = Digest::SHA512.hexdigest(@digest)}
|
91
|
+
Sorcery::CryptoProviders::SHA512.stretches.times { @digest = Digest::SHA512.hexdigest(@digest) }
|
99
92
|
end
|
100
93
|
|
101
94
|
after(:each) do
|
102
95
|
Sorcery::CryptoProviders::SHA512.reset!
|
103
96
|
end
|
104
97
|
|
105
|
-
it
|
106
|
-
expect(Sorcery::CryptoProviders::SHA512.encrypt
|
98
|
+
it 'encrypt works via wrapper like normal lib' do
|
99
|
+
expect(Sorcery::CryptoProviders::SHA512.encrypt('Noam Ben-Ari')).to eq @digest
|
107
100
|
end
|
108
101
|
|
109
|
-
it
|
102
|
+
it 'works with multiple stretches' do
|
110
103
|
Sorcery::CryptoProviders::SHA512.stretches = 3
|
111
|
-
expect(Sorcery::CryptoProviders::SHA512.encrypt
|
104
|
+
expect(Sorcery::CryptoProviders::SHA512.encrypt('Noam Ben-Ari')).to eq Digest::SHA512.hexdigest(Digest::SHA512.hexdigest(Digest::SHA512.hexdigest('Noam Ben-Ari')))
|
112
105
|
end
|
113
106
|
|
114
|
-
it
|
115
|
-
expect(Sorcery::CryptoProviders::SHA512.matches?
|
107
|
+
it 'matches? returns true when matches' do
|
108
|
+
expect(Sorcery::CryptoProviders::SHA512.matches?(@digest, 'Noam Ben-Ari')).to be true
|
116
109
|
end
|
117
110
|
|
118
|
-
it
|
119
|
-
expect(Sorcery::CryptoProviders::SHA512.matches?
|
111
|
+
it 'matches? returns false when no match' do
|
112
|
+
expect(Sorcery::CryptoProviders::SHA512.matches?(@digest, 'Some Dude')).to be false
|
120
113
|
end
|
121
|
-
|
122
114
|
end
|
123
115
|
|
124
116
|
describe Sorcery::CryptoProviders::AES256 do
|
125
|
-
|
126
117
|
before(:all) do
|
127
|
-
aes = OpenSSL::Cipher
|
118
|
+
aes = OpenSSL::Cipher.new('AES-256-ECB')
|
128
119
|
aes.encrypt
|
129
|
-
@key =
|
120
|
+
@key = 'asd234dfs423fddsmndsflktsdf32343'
|
130
121
|
aes.key = @key
|
131
122
|
@digest = 'Noam Ben-Ari'
|
132
|
-
@digest = [aes.update(@digest) + aes.final].pack(
|
123
|
+
@digest = [aes.update(@digest) + aes.final].pack('m').chomp
|
133
124
|
Sorcery::CryptoProviders::AES256.key = @key
|
134
125
|
end
|
135
126
|
|
136
|
-
it
|
137
|
-
expect(Sorcery::CryptoProviders::AES256.encrypt
|
127
|
+
it 'encrypt works via wrapper like normal lib' do
|
128
|
+
expect(Sorcery::CryptoProviders::AES256.encrypt('Noam Ben-Ari')).to eq @digest
|
138
129
|
end
|
139
130
|
|
140
|
-
it
|
141
|
-
expect(Sorcery::CryptoProviders::AES256.matches?
|
131
|
+
it 'matches? returns true when matches' do
|
132
|
+
expect(Sorcery::CryptoProviders::AES256.matches?(@digest, 'Noam Ben-Ari')).to be true
|
142
133
|
end
|
143
134
|
|
144
|
-
it
|
145
|
-
expect(Sorcery::CryptoProviders::AES256.matches?
|
135
|
+
it 'matches? returns false when no match' do
|
136
|
+
expect(Sorcery::CryptoProviders::AES256.matches?(@digest, 'Some Dude')).to be false
|
146
137
|
end
|
147
138
|
|
148
|
-
it
|
149
|
-
aes = OpenSSL::Cipher
|
139
|
+
it 'can be decrypted' do
|
140
|
+
aes = OpenSSL::Cipher.new('AES-256-ECB')
|
150
141
|
aes.decrypt
|
151
142
|
aes.key = @key
|
152
|
-
expect(aes.update(@digest.unpack(
|
143
|
+
expect(aes.update(@digest.unpack('m').first) + aes.final).to eq 'Noam Ben-Ari'
|
153
144
|
end
|
154
|
-
|
155
145
|
end
|
156
146
|
|
157
147
|
describe Sorcery::CryptoProviders::BCrypt do
|
158
|
-
|
159
148
|
before(:all) do
|
160
149
|
Sorcery::CryptoProviders::BCrypt.cost = 1
|
161
|
-
@digest = BCrypt::Password.create('Noam Ben-Ari', :
|
150
|
+
@digest = BCrypt::Password.create('Noam Ben-Ari', cost: Sorcery::CryptoProviders::BCrypt.cost)
|
151
|
+
@tokens = %w[password gq18WBnJYNh2arkC1kgH]
|
162
152
|
end
|
163
153
|
|
164
154
|
after(:each) do
|
165
155
|
Sorcery::CryptoProviders::BCrypt.reset!
|
166
156
|
end
|
167
157
|
|
168
|
-
it
|
169
|
-
expect(BCrypt::Password.new
|
158
|
+
it 'is comparable with original secret' do
|
159
|
+
expect(BCrypt::Password.new(Sorcery::CryptoProviders::BCrypt.encrypt('Noam Ben-Ari'))).to eq 'Noam Ben-Ari'
|
170
160
|
end
|
171
161
|
|
172
|
-
it
|
162
|
+
it 'works with multiple costs' do
|
173
163
|
Sorcery::CryptoProviders::BCrypt.cost = 3
|
174
|
-
expect(BCrypt::Password.new(Sorcery::CryptoProviders::BCrypt.encrypt
|
164
|
+
expect(BCrypt::Password.new(Sorcery::CryptoProviders::BCrypt.encrypt('Noam Ben-Ari'))).to eq 'Noam Ben-Ari'
|
175
165
|
end
|
176
166
|
|
177
|
-
it
|
178
|
-
expect(Sorcery::CryptoProviders::BCrypt.matches?
|
167
|
+
it 'matches? returns true when matches' do
|
168
|
+
expect(Sorcery::CryptoProviders::BCrypt.matches?(@digest, 'Noam Ben-Ari')).to be true
|
179
169
|
end
|
180
170
|
|
181
|
-
it
|
182
|
-
expect(Sorcery::CryptoProviders::BCrypt.matches?
|
171
|
+
it 'matches? returns false when no match' do
|
172
|
+
expect(Sorcery::CryptoProviders::BCrypt.matches?(@digest, 'Some Dude')).to be false
|
183
173
|
end
|
184
174
|
|
185
|
-
it
|
186
|
-
expect(Sorcery::CryptoProviders::BCrypt.respond_to?
|
175
|
+
it 'respond_to?(:stretches) returns true' do
|
176
|
+
expect(Sorcery::CryptoProviders::BCrypt.respond_to?(:stretches)).to be true
|
187
177
|
end
|
188
178
|
|
189
|
-
it
|
179
|
+
it 'sets cost when stretches is set' do
|
190
180
|
Sorcery::CryptoProviders::BCrypt.stretches = 4
|
191
181
|
|
192
182
|
# stubbed in Sorcery::TestHelpers::Internal
|
193
183
|
expect(Sorcery::CryptoProviders::BCrypt.cost).to eq 1
|
194
184
|
end
|
195
185
|
|
196
|
-
|
186
|
+
it 'matches token encrypted with salt from upstream' do
|
187
|
+
# note: actual comparison is done by BCrypt::Password#==(raw_token)
|
188
|
+
expect(Sorcery::CryptoProviders::BCrypt.encrypt(@tokens)).to eq @tokens.flatten.join
|
189
|
+
end
|
197
190
|
|
191
|
+
it 'respond_to?(:pepper) returns true' do
|
192
|
+
expect(Sorcery::CryptoProviders::BCrypt.respond_to?(:pepper)).to be true
|
193
|
+
end
|
194
|
+
|
195
|
+
context 'when pepper is provided' do
|
196
|
+
before(:each) do
|
197
|
+
Sorcery::CryptoProviders::BCrypt.pepper = 'pepper'
|
198
|
+
@digest = Sorcery::CryptoProviders::BCrypt.encrypt(@tokens) # a BCrypt::Password object
|
199
|
+
end
|
200
|
+
|
201
|
+
it 'matches token encrypted with salt and pepper from upstream' do
|
202
|
+
# note: actual comparison is done by BCrypt::Password#==(raw_token)
|
203
|
+
expect(@digest).to eq @tokens.flatten.join.concat('pepper')
|
204
|
+
end
|
205
|
+
|
206
|
+
it 'matches? returns true when matches' do
|
207
|
+
expect(Sorcery::CryptoProviders::BCrypt.matches?(@digest, *@tokens)).to be true
|
208
|
+
end
|
209
|
+
|
210
|
+
it 'matches? returns false when pepper is replaced with empty string' do
|
211
|
+
Sorcery::CryptoProviders::BCrypt.pepper = ''
|
212
|
+
expect(Sorcery::CryptoProviders::BCrypt.matches?(@digest, *@tokens)).to be false
|
213
|
+
end
|
214
|
+
|
215
|
+
it 'matches? returns false when no match' do
|
216
|
+
expect(Sorcery::CryptoProviders::BCrypt.matches?(@digest, 'a_random_incorrect_password')).to be false
|
217
|
+
end
|
218
|
+
end
|
219
|
+
|
220
|
+
context "when pepper is an empty string (default)" do
|
221
|
+
before(:each) do
|
222
|
+
Sorcery::CryptoProviders::BCrypt.pepper = ''
|
223
|
+
@digest = Sorcery::CryptoProviders::BCrypt.encrypt(@tokens) # a BCrypt::Password object
|
224
|
+
end
|
225
|
+
|
226
|
+
# make sure the default pepper '' does nothing
|
227
|
+
it 'matches token encrypted with salt only (without pepper)' do
|
228
|
+
expect(@digest).to eq @tokens.flatten.join # keep consistency with the older versions of #join_token
|
229
|
+
end
|
230
|
+
|
231
|
+
it 'matches? returns true when matches' do
|
232
|
+
expect(Sorcery::CryptoProviders::BCrypt.matches?(@digest, *@tokens)).to be true
|
233
|
+
end
|
234
|
+
|
235
|
+
it 'matches? returns false when pepper has changed' do
|
236
|
+
Sorcery::CryptoProviders::BCrypt.pepper = 'a new pepper'
|
237
|
+
expect(Sorcery::CryptoProviders::BCrypt.matches?(@digest, *@tokens)).to be false
|
238
|
+
end
|
239
|
+
|
240
|
+
it 'matches? returns false when no match' do
|
241
|
+
expect(Sorcery::CryptoProviders::BCrypt.matches?(@digest, 'a_random_incorrect_password')).to be false
|
242
|
+
end
|
243
|
+
end
|
244
|
+
end
|
198
245
|
end
|
@@ -0,0 +1,27 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
|
3
|
+
describe Sorcery::Model::TemporaryToken do
|
4
|
+
describe '.generate_random_token' do
|
5
|
+
before do
|
6
|
+
sorcery_reload!
|
7
|
+
end
|
8
|
+
|
9
|
+
subject { Sorcery::Model::TemporaryToken.generate_random_token.length }
|
10
|
+
|
11
|
+
context 'token_randomness is 3' do
|
12
|
+
before do
|
13
|
+
sorcery_model_property_set(:token_randomness, 3)
|
14
|
+
end
|
15
|
+
|
16
|
+
it { is_expected.to eq 4 }
|
17
|
+
end
|
18
|
+
|
19
|
+
context 'token_randomness is 15' do
|
20
|
+
before do
|
21
|
+
sorcery_model_property_set(:token_randomness, 15)
|
22
|
+
end
|
23
|
+
|
24
|
+
it { is_expected.to eq 20 }
|
25
|
+
end
|
26
|
+
end
|
27
|
+
end
|
data/spec/spec.opts
CHANGED
@@ -1,2 +1,2 @@
|
|
1
1
|
--color
|
2
|
-
--format documentation
|
2
|
+
--format documentation
|
data/spec/spec_helper.rb
CHANGED
@@ -1,40 +1,35 @@
|
|
1
1
|
$LOAD_PATH.unshift(File.join(File.dirname(__FILE__), '..', 'lib'))
|
2
2
|
$LOAD_PATH.unshift(File.dirname(__FILE__))
|
3
3
|
|
4
|
-
ENV[
|
4
|
+
ENV['RAILS_ENV'] ||= 'test'
|
5
5
|
|
6
|
-
SORCERY_ORM =
|
6
|
+
SORCERY_ORM = :active_record
|
7
7
|
|
8
8
|
# require 'simplecov'
|
9
9
|
# SimpleCov.root File.join(File.dirname(__FILE__), '..', 'lib')
|
10
10
|
# SimpleCov.start
|
11
|
-
|
12
|
-
require 'rspec'
|
13
|
-
|
14
11
|
require 'rails/all'
|
15
12
|
require 'rspec/rails'
|
16
13
|
require 'timecop'
|
14
|
+
require 'byebug'
|
17
15
|
|
18
16
|
def setup_orm; end
|
17
|
+
|
19
18
|
def teardown_orm; end
|
20
19
|
|
21
20
|
require "orm/#{SORCERY_ORM}"
|
22
21
|
|
23
|
-
require
|
22
|
+
require 'rails_app/config/environment'
|
24
23
|
|
25
|
-
class TestMailer < ActionMailer::Base;end
|
24
|
+
class TestMailer < ActionMailer::Base; end
|
26
25
|
|
27
|
-
Dir["#{File.dirname(__FILE__)}/support/**/*.rb"].each {|f| require f}
|
26
|
+
Dir["#{File.dirname(__FILE__)}/support/**/*.rb"].each { |f| require f }
|
28
27
|
|
29
28
|
RSpec.configure do |config|
|
30
|
-
config.include RSpec::Rails::ControllerExampleGroup, :
|
31
|
-
config.filter_run_excluding :active_record => SORCERY_ORM.to_sym != :active_record
|
32
|
-
config.filter_run_excluding :mongo_mapper => SORCERY_ORM.to_sym != :mongo_mapper
|
33
|
-
config.filter_run_excluding :data_mapper => SORCERY_ORM.to_sym != :data_mapper
|
34
|
-
config.filter_run_excluding :mongoid => SORCERY_ORM.to_sym != :mongoid
|
29
|
+
config.include RSpec::Rails::ControllerExampleGroup, file_path: /controller(.)*_spec.rb$/
|
35
30
|
config.mock_with :rspec
|
36
31
|
|
37
|
-
config.use_transactional_fixtures =
|
32
|
+
config.use_transactional_fixtures = false
|
38
33
|
|
39
34
|
config.before(:suite) { setup_orm }
|
40
35
|
config.after(:suite) { teardown_orm }
|
@@ -42,4 +37,14 @@ RSpec.configure do |config|
|
|
42
37
|
|
43
38
|
config.include ::Sorcery::TestHelpers::Internal
|
44
39
|
config.include ::Sorcery::TestHelpers::Internal::Rails
|
40
|
+
|
41
|
+
if begin
|
42
|
+
Module.const_defined?('::Rails::Controller::Testing')
|
43
|
+
rescue StandardError
|
44
|
+
false
|
45
|
+
end
|
46
|
+
config.include ::Rails::Controller::Testing::TestProcess, type: :controller
|
47
|
+
config.include ::Rails::Controller::Testing::TemplateAssertions, type: :controller
|
48
|
+
config.include ::Rails::Controller::Testing::Integration, type: :controller
|
49
|
+
end
|
45
50
|
end
|
@@ -0,0 +1,29 @@
|
|
1
|
+
class MigrationHelper
|
2
|
+
class << self
|
3
|
+
def migrate(path)
|
4
|
+
if ActiveRecord.version >= Gem::Version.new('6.0.0')
|
5
|
+
ActiveRecord::MigrationContext.new(path, schema_migration).migrate
|
6
|
+
elsif ActiveRecord.version >= Gem::Version.new('5.2.0')
|
7
|
+
ActiveRecord::MigrationContext.new(path).migrate
|
8
|
+
else
|
9
|
+
ActiveRecord::Migrator.migrate(path)
|
10
|
+
end
|
11
|
+
end
|
12
|
+
|
13
|
+
def rollback(path)
|
14
|
+
if ActiveRecord.version >= Gem::Version.new('6.0.0')
|
15
|
+
ActiveRecord::MigrationContext.new(path, schema_migration).rollback
|
16
|
+
elsif ActiveRecord.version >= Gem::Version.new('5.2.0')
|
17
|
+
ActiveRecord::MigrationContext.new(path).rollback
|
18
|
+
else
|
19
|
+
ActiveRecord::Migrator.rollback(path)
|
20
|
+
end
|
21
|
+
end
|
22
|
+
|
23
|
+
private
|
24
|
+
|
25
|
+
def schema_migration
|
26
|
+
ActiveRecord::Base.connection.schema_migration
|
27
|
+
end
|
28
|
+
end
|
29
|
+
end
|