soteria 1.0.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (61) hide show
  1. checksums.yaml +7 -0
  2. data/.gitignore +9 -0
  3. data/.rspec +2 -0
  4. data/.travis.yml +5 -0
  5. data/CODE_OF_CONDUCT.md +74 -0
  6. data/Gemfile +2 -0
  7. data/LICENSE.txt +21 -0
  8. data/README.md +77 -0
  9. data/Rakefile +5 -0
  10. data/bin/bundler +17 -0
  11. data/bin/console +17 -0
  12. data/bin/htmldiff +17 -0
  13. data/bin/ldiff +17 -0
  14. data/bin/nokogiri +17 -0
  15. data/bin/rackup +17 -0
  16. data/bin/rake +17 -0
  17. data/bin/rspec +17 -0
  18. data/bin/setup +17 -0
  19. data/bin/socksify_ruby +17 -0
  20. data/lib/soteria.rb +10 -0
  21. data/lib/soteria/client.rb +326 -0
  22. data/lib/soteria/credential.rb +154 -0
  23. data/lib/soteria/credential_types.rb +13 -0
  24. data/lib/soteria/push.rb +141 -0
  25. data/lib/soteria/sms.rb +81 -0
  26. data/lib/soteria/user.rb +409 -0
  27. data/lib/soteria/utilities.rb +45 -0
  28. data/lib/soteria/version.rb +4 -0
  29. data/soteria.gemspec +26 -0
  30. data/spec/credential_spec.rb +121 -0
  31. data/spec/fixtures/credential/authenticate_credentials_response.xml +13 -0
  32. data/spec/fixtures/credential/credential_fail.xml +11 -0
  33. data/spec/fixtures/credential/credential_success.xml +12 -0
  34. data/spec/fixtures/credential/get_cred_info_response.xml +40 -0
  35. data/spec/fixtures/credential/get_server_time_response.xml +11 -0
  36. data/spec/fixtures/credential/register_sms_response.xml +12 -0
  37. data/spec/fixtures/push/authenticate_with_push_error.xml +9 -0
  38. data/spec/fixtures/push/authenticate_with_push_response.xml +14 -0
  39. data/spec/fixtures/sms/check_otp_success_response.xml +13 -0
  40. data/spec/fixtures/sms/send_sms_success_response.xml +10 -0
  41. data/spec/fixtures/user/add_credential_response.xml +9 -0
  42. data/spec/fixtures/user/clear_temp_password_response.xml +10 -0
  43. data/spec/fixtures/user/clear_user_pin_response.xml +10 -0
  44. data/spec/fixtures/user/create_user_response.xml +9 -0
  45. data/spec/fixtures/user/delete_user_response.xml +10 -0
  46. data/spec/fixtures/user/get_temp_pass_attr_response.xml +14 -0
  47. data/spec/fixtures/user/remove_credential_response.xml +10 -0
  48. data/spec/fixtures/user/set_temp_pass_attr_response.xml +10 -0
  49. data/spec/fixtures/user/set_temp_pass_response.xml +11 -0
  50. data/spec/fixtures/user/update_credential_response.xml +10 -0
  51. data/spec/fixtures/user/update_user_response.xml +10 -0
  52. data/spec/fixtures/wsdl/vipuserservices-1.7.xsd +1015 -0
  53. data/spec/fixtures/wsdl/vipuserservices-auth-1.7.wsdl +155 -0
  54. data/spec/fixtures/wsdl/vipuserservices-mgmt-1.7.wsdl +246 -0
  55. data/spec/fixtures/wsdl/vipuserservices-query-1.7.wsdl +114 -0
  56. data/spec/push_spec.rb +148 -0
  57. data/spec/sms_spec.rb +84 -0
  58. data/spec/soteria_spec.rb +8 -0
  59. data/spec/spec_helper.rb +2 -0
  60. data/spec/user_spec.rb +245 -0
  61. metadata +206 -0
@@ -0,0 +1,45 @@
1
+ module Soteria
2
+
3
+ class Utilities
4
+
5
+
6
+ # Generate a request ID for a SOAP call.
7
+ #
8
+ # @param [String] prefix The prefix for the request ID. This should tell the user what the call is.
9
+ # @return [String] A string that is the request ID for a call. The request ID is just used for debugging purposes.
10
+ def self.get_request_id(prefix)
11
+ time = Time.new
12
+ prefix + '_' + time.strftime('%Y%m%d%H%M%S')
13
+ end
14
+
15
+
16
+ # Create a Savon client object to make calls.
17
+ #
18
+ # @see Savon::Client
19
+ # @param [String] wsdl The absolute path to, or the URL of the WSDL file for this client.
20
+ # @param [Boolean] should_log
21
+ # @param [String] cert_file The absolute path to the certificate file.
22
+ # @param [String] cert_key The absolute path to the certificate key file.
23
+ # @param [String] cert_key_password The password fo the certificate key file.
24
+ def self.create_client(wsdl, should_log, cert_file, cert_key, cert_key_password)
25
+ Savon.client(wsdl: wsdl,
26
+ env_namespace: :soapenv,
27
+ namespace: 'https://schemas.symantec.com/vip/2011/04/vipuserservices',
28
+ log: should_log,
29
+ ssl_version: :TLSv1,
30
+ ssl_cert_file: cert_file,
31
+ ssl_cert_key_file: cert_key,
32
+ ssl_cert_key_password: cert_key_password,
33
+ namespace_identifier: :vip)
34
+ end
35
+
36
+
37
+ CREDENTIAL_TYPES = {
38
+ standard: 'STANDARD_OTP',
39
+ certificate: 'CERTIFICATE',
40
+ sms: 'SMS_OTP',
41
+ voice: 'VOICE_OTP',
42
+ service: 'SERVICE_OTP'
43
+ }
44
+ end
45
+ end
@@ -0,0 +1,4 @@
1
+ module Soteria
2
+ # Version that the gem is on.
3
+ VERSION = "1.0.0"
4
+ end
data/soteria.gemspec ADDED
@@ -0,0 +1,26 @@
1
+ lib = File.expand_path('../lib', __FILE__)
2
+ $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
3
+ require 'soteria/version'
4
+
5
+ Gem::Specification.new do |spec|
6
+ spec.name = "soteria"
7
+ spec.version = Soteria::VERSION
8
+ spec.authors = ["Ryan Casler"]
9
+ spec.email = ['ryan.casler12@gmail.com']
10
+
11
+ spec.summary = 'Symantec VIP'
12
+ spec.description = 'A gem for authentication with Symantec VIP Services.'
13
+ spec.homepage = "https://github.com/ryanrampage1/soteria"
14
+ spec.license = "MIT"
15
+
16
+ spec.files = `git ls-files`.split($/)
17
+ spec.executables = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
18
+ spec.test_files = spec.files.grep(%r{^(test|spec|features)/})
19
+ spec.require_paths = ["lib"]
20
+
21
+ spec.add_dependency 'savon', '~> 2.11', '>= 2.11.0'
22
+
23
+ spec.add_development_dependency "bundler", "~> 1.13"
24
+ spec.add_development_dependency "rake", "~> 10.0"
25
+ spec.add_development_dependency "rspec", "~> 3.0"
26
+ end
@@ -0,0 +1,121 @@
1
+ require 'spec_helper'
2
+ require 'savon/mock/spec_helper'
3
+ require 'date'
4
+
5
+ describe Soteria::Credential do
6
+
7
+ include Savon::SpecHelper
8
+
9
+ before :all do
10
+ savon.mock!
11
+
12
+ @credential = Soteria::Credential.new
13
+ @auth_client = Savon.client(wsdl: File.read('spec/fixtures/wsdl/vipuserservices-auth-1.7.wsdl'))
14
+ @mgmt_client = Savon.client(wsdl: File.read('spec/fixtures/wsdl/vipuserservices-mgmt-1.7.wsdl'))
15
+ @query_client = Savon.client(wsdl: File.read('spec/fixtures/wsdl/vipuserservices-query-1.7.wsdl'))
16
+ end
17
+
18
+ after :all do
19
+ savon.unmock!
20
+ end
21
+
22
+ it 'returns correct values from a call that successfully authenticates a user' do
23
+ body = File.read('spec/fixtures/credential/credential_success.xml')
24
+ savon.expects(:authenticate_user).with(message: :any).returns(body)
25
+ res = @credential.authenticate_user_credential(@auth_client, '', '')
26
+
27
+ expect(res[:success]).to eq true
28
+ expect(res[:message]).to eq 'Success'
29
+ expect(res[:id]).to eq 'testsuccess1234'
30
+ expect(res[:auth_id]).to eq 'testsuccess123456'
31
+ expect(res[:detail]).to eq nil
32
+
33
+ end
34
+
35
+ it 'returns correct values from a call that fails to authenticate a user' do
36
+
37
+ body = File.read('spec/fixtures/credential/credential_fail.xml')
38
+ savon.expects(:authenticate_user).with(message: :any).returns(body)
39
+ res = @credential.authenticate_user_credential(@auth_client, '', '')
40
+
41
+ expect(res[:success]).to eq false
42
+ expect(res[:message]).to eq 'Authentication failed.'
43
+ expect(res[:detail]).to eq 'Failed with an invalid OTP'
44
+ expect(res[:id]).to eq 'testfail1234'
45
+ expect(res[:auth_id]).to eq nil
46
+
47
+ end
48
+
49
+ it 'gets the body for the authenticate credentials call' do
50
+ otp = 123342
51
+
52
+ result_hash = @credential.get_auth_body(otp, [{id: 1, type: 'a'}, {id: 2, type: 'b'}])
53
+ result_hash[:'vip:requestId'] = nil
54
+
55
+ expected_hash = {
56
+ 'vip:requestId': nil,
57
+ 'vip:credentials': [{'vip:credentialId': 1, 'vip:credentialType': 'a'}, {'vip:credentialId': 2, 'vip:credentialType': 'b'}],
58
+ 'vip:otpAuthData': {
59
+ 'vip:otp': otp
60
+ }
61
+ }
62
+
63
+ expect(result_hash).to match expected_hash
64
+
65
+ end
66
+
67
+ it 'authenticates credentials' do
68
+ body = File.read('spec/fixtures/credential/authenticate_credentials_response.xml')
69
+ savon.expects(:authenticate_credentials).with(message: :any).returns(body)
70
+
71
+ result_hash = @credential.authenticate_credentials(@auth_client, '', [{id: 1, type: 'a'}, {id: 2, type: 'b'}])
72
+
73
+ expected_hash = {
74
+ success: true,
75
+ message: 'Success.',
76
+ id: 'AUTHCRED_87263487236',
77
+ auth_id: nil,
78
+ detail: nil
79
+ }
80
+
81
+ expect(result_hash).to match expected_hash
82
+
83
+ end
84
+
85
+ it 'registers a sms credential' do
86
+
87
+ body = File.read('spec/fixtures/credential/register_sms_response.xml')
88
+ savon.expects(:register).with(message: :any).returns(body)
89
+
90
+ result_hash = @credential.register_sms(@mgmt_client, '')
91
+
92
+ expected_hash = {
93
+ success: false,
94
+ message: 'Credential is already registered for this account.',
95
+ id: 'test23456',
96
+ auth_id: nil,
97
+ detail: 'Token has already been activated.'
98
+ }
99
+
100
+ expect(result_hash).to match expected_hash
101
+ end
102
+
103
+ it 'gets the server time' do
104
+ body = File.read('spec/fixtures/credential/get_server_time_response.xml')
105
+ savon.expects(:get_server_time).with(message: :any).returns(body)
106
+
107
+ result_hash = @credential.get_server_time(@query_client)
108
+
109
+ expected_hash = {
110
+ success: true,
111
+ message: 'Success',
112
+ id: 'abcd1234',
113
+ auth_id: nil,
114
+ detail: nil,
115
+ time: Date.parse('2010-07-26T00:54:47.390-07:00')
116
+ }
117
+
118
+ expect(result_hash).to match expected_hash
119
+ end
120
+
121
+ end
@@ -0,0 +1,13 @@
1
+ <?xml version="1.0" ?>
2
+ <S:Envelope xmlns:S="http://schemas.xmlsoap.org/soap/envelope/">
3
+ <S:Body>
4
+ <AuthenticateCredentialsResponse xmlns="https://schemas.vip.symantec.com">
5
+ <requestId>AUTHCRED_87263487236</requestId>
6
+ <status>0000</status>
7
+ <statusMessage>Success.</statusMessage>
8
+ <credentialId>VSMT74238764</credentialId>
9
+ <credentialType>STANDARD_OTP</credentialType>
10
+ <transactionId>734b6f661ed9ed2b</transactionId>
11
+ </AuthenticateCredentialsResponse>
12
+ </S:Body>
13
+ </S:Envelope>
@@ -0,0 +1,11 @@
1
+ <S:Envelope xmlns:S="http://schemas.xmlsoap.org/soap/envelope/">
2
+ <S:Body>
3
+ <AuthenticateUserResponse xmlns="https://schemas.symantec.com/vip/2011/04/vipuserservices">
4
+ <requestId>testfail1234</requestId>
5
+ <status>6009</status>
6
+ <statusMessage>Authentication failed.</statusMessage>
7
+ <detail>49B5</detail>
8
+ <detailMessage>Failed with an invalid OTP</detailMessage>
9
+ </AuthenticateUserResponse>
10
+ </S:Body>
11
+ </S:Envelope>
@@ -0,0 +1,12 @@
1
+ <S:Envelope xmlns:S="http://schemas.xmlsoap.org/soap/envelope/">
2
+ <S:Body>
3
+ <AuthenticateUserResponse xmlns="https://schemas.symantec.com/vip/2011/04/vipuserservices">
4
+ <requestId>testsuccess1234</requestId>
5
+ <status>0000</status>
6
+ <statusMessage>Success</statusMessage>
7
+ <credentialId>VSMT111111</credentialId>
8
+ <credentialType>STANDARD_OTP</credentialType>
9
+ <authnId>testsuccess123456</authnId>
10
+ </AuthenticateUserResponse>
11
+ </S:Body>
12
+ </S:Envelope>
@@ -0,0 +1,40 @@
1
+ <?xml version="1.0" encoding="UTF-8"?>
2
+ <S:Envelope xmlns:S="http://schemas.xmlsoap.org/soap/envelope/">
3
+ <S:Body>
4
+ <GetCredentialInfoResponse xmlns="https://schemas.vip.symantec.com">
5
+ <requestId>3nZ31rIlCr</requestId>
6
+ <status>0000</status>
7
+ <statusMessage>Success</statusMessage>
8
+ <credentialId>VSMB74327954</credentialId>
9
+ <credentialType>STANDARD_OTP</credentialType>
10
+ <credentialStatus>INACTIVE</credentialStatus>
11
+ <numBindings>1</numBindings>
12
+ <pushAttributes>
13
+ <Key>LAST_ENABLED_TS</Key>
14
+ <Value>12</Value>
15
+ </pushAttributes>
16
+ <pushAttributes>
17
+ <Key>PUSH_ENABLED</Key>
18
+ <Value>true</Value>
19
+ </pushAttributes>
20
+ <pushAttributes>
21
+ <Key>PUSH_ID</Key>
22
+ <Value>123456789</Value>
23
+ </pushAttributes>
24
+ <pushAttributes>
25
+ <Key>PUSH_PLATFORM</Key>
26
+ <Value>IPHONE</Value>
27
+ </pushAttributes>
28
+ <userBindingDetail>
29
+ <userId>john.doe@example.com</userId>
30
+ <userStatus>DISABLED</userStatus>
31
+ <bindingDetail>
32
+ <bindStatus>ENABLED</bindStatus>
33
+ <lastBindTime>2013-10-22T20:18:26.517Z</lastBindTime>
34
+ <lastAuthnTime>2014-03-18T15:13:51.232Z</lastAuthnTime>
35
+ <lastAuthnId>FB732F382F9D8BED@lastAuthnId
36
+ </bindingDetail>
37
+ </userBindingDetail>
38
+ </GetCredentialInfoResponse>
39
+ </S:Body>
40
+ </S:Envelope>
@@ -0,0 +1,11 @@
1
+ <?xml version="1.0" encoding="UTF-8"?>
2
+ <S:Envelope xmlns:S="http://schemas.xmlsoap.org/soap/envelope/">
3
+ <S:Body>
4
+ <getServerTimeResponse xmlns="https://schemas.vip.symantec.com">
5
+ <requestId>abcd1234</requestId>
6
+ <status>0000</status>
7
+ <statusMessage>Success</statusMessage>
8
+ <timestamp>2010-07-26T00:54:47.390-07:00</timestamp>
9
+ </getServerTimeResponse>
10
+ </S:Body>
11
+ </S:Envelope>
@@ -0,0 +1,12 @@
1
+ <?xml version="1.0" ?>
2
+ <S:Envelope xmlns:S="http://schemas.xmlsoap.org/soap/envelope/">
3
+ <S:Body>
4
+ <RegisterResponse xmlns="https://schemas.symantec.com/vip/2011/04/vipuserservices">
5
+ <requestId>test23456</requestId>
6
+ <status>6026</status>
7
+ <statusMessage>Credential is already registered for this account.</statusMessage>
8
+ <detail>4E1B</detail>
9
+ <detailMessage>Token has already been activated.</detailMessage>
10
+ </RegisterResponse>
11
+ </S:Body>
12
+ </S:Envelope>
@@ -0,0 +1,9 @@
1
+ <S:Envelope xmlns:S="http://schemas.xmlsoap.org/soap/envelope/">
2
+ <S:Body>
3
+ <AuthenticateUserWithPushResponse xmlns="https://schemas.symantec.com/vip/2011/04/vipuserservices">
4
+ <requestId>send_push_request_20161021152920</requestId>
5
+ <status>6003</status>
6
+ <statusMessage>User does not exist.</statusMessage>
7
+ </AuthenticateUserWithPushResponse>
8
+ </S:Body>
9
+ </S:Envelope>
@@ -0,0 +1,14 @@
1
+ <S:Envelope xmlns:S="http://schemas.xmlsoap.org/soap/envelope/">
2
+ <S:Body>
3
+ <AuthenticateUserWithPushResponse xmlns="https://schemas.symantec.com/vip/2011/04/vipuserservices">
4
+ <requestId>send_push_request_20161021152920</requestId>
5
+ <status>6040</status>
6
+ <statusMessage>Mobile push request sent</statusMessage>
7
+ <transactionId>8d70d18461cc9093</transactionId>
8
+ <pushDetail>
9
+ <pushCredentialId>VSMT35238564</pushCredentialId>
10
+ <pushSent>true</pushSent>
11
+ </pushDetail>
12
+ </AuthenticateUserWithPushResponse>
13
+ </S:Body>
14
+ </S:Envelope>
@@ -0,0 +1,13 @@
1
+ <?xml version="1.0"?>
2
+ <S:Envelope xmlns:S="http://schemas.xmlsoap.org/soap/envelope/">
3
+ <S:Body>
4
+ <CheckOtpResponse xmlns="https://schemas.symantec.com/vip/2011/04/vipuserservices">
5
+ <requestId>test123</requestId>
6
+ <status>0000</status>
7
+ <statusMessage>Success</statusMessage>
8
+ <credentialId>123456789</credentialId>
9
+ <credentialType>SMS_OTP</credentialType>
10
+ <authnId>testauth1234</authnId>
11
+ </CheckOtpResponse>
12
+ </S:Body>
13
+ </S:Envelope>
@@ -0,0 +1,10 @@
1
+ <?xml version='1.0' encoding='UTF-8'?>
2
+ <S:Envelope xmlns:S="http://schemas.xmlsoap.org/soap/envelope/">
3
+ <S:Body>
4
+ <SendOtpResponse xmlns="https://schemas.symantec.com/vip/2011/04/vipuserservices">
5
+ <requestId>test123</requestId>
6
+ <status>0000</status>
7
+ <statusMessage>Success</statusMessage>
8
+ </SendOtpResponse>
9
+ </S:Body>
10
+ </S:Envelope>
@@ -0,0 +1,9 @@
1
+ <?xml version="1.0" encoding="UTF-8"?>
2
+ <S:Envelope xmlns:S="http://schemas.xmlsoap.org/soap/envelope/">
3
+ <S:Body>
4
+ <AddCredentialResponse xmlns="https://schemas.vip.symantec.com">
5
+ <requestId>4ACCDv2rtj</requestId><status>0000</status>
6
+ <statusMessage>Success</statusMessage>
7
+ </AddCredentialResponse>
8
+ </S:Body>
9
+ </S:Envelope>
@@ -0,0 +1,10 @@
1
+ <?xml version="1.0" encoding="UTF-8"?>
2
+ <S:Envelope xmlns:S="http://schemas.xmlsoap.org/soap/envelope/">
3
+ <S:Body>
4
+ <ClearTemporaryPasswordResponse xmlns="https://schemas.vip.symantec.com">
5
+ <requestId>0HaNgjq7z9</requestId>
6
+ <status>0000</status>
7
+ <statusMessage>Success</statusMessage>
8
+ </ClearTemporaryPasswordResponse>
9
+ </S:Body>
10
+ </S:Envelope>
@@ -0,0 +1,10 @@
1
+ <?xml version="1.0" encoding="UTF-8"?>
2
+ <S:Envelope xmlns:S="http://schemas.xmlsoap.org/soap/envelope/">
3
+ <S:Body>
4
+ <ClearUserPinResponse xmlns="https://schemas.vip.symantec.com">
5
+ <requestId>123edabc</requestId>
6
+ <status>0000</status>
7
+ <statusMessage>Success</statusMessage>
8
+ </ClearUserPinResponse>
9
+ </S:Body>
10
+ </S:Envelope>
@@ -0,0 +1,9 @@
1
+ <S:Envelope xmlns:S="http://schemas.xmlsoap.org/soap/envelope/">
2
+ <S:Body>
3
+ <CreateUserResponse xmlns="https://schemas.symantec.com/vip/2011/04/vipuserservices">
4
+ <requestId>test1234</requestId>
5
+ <status>0000</status>
6
+ <statusMessage>Success</statusMessage>
7
+ </CreateUserResponse>
8
+ </S:Body>
9
+ </S:Envelope>
@@ -0,0 +1,10 @@
1
+ <?xml version="1.0" encoding="UTF-8"?>
2
+ <S:Envelope xmlns:S="http://schemas.xmlsoap.org/soap/envelope/">
3
+ <S:Body>
4
+ <deleteUserResponse xmlns="https://schemas.vip.symantec.com">
5
+ <requestId>test1234</requestId>
6
+ <status>0000</status>
7
+ <statusMessage>Success</statusMessage>
8
+ </deleteUserResponse>
9
+ </S:Body>
10
+ </S:Envelope>
@@ -0,0 +1,14 @@
1
+ <?xml version="1.0" encoding="UTF-8"?>
2
+ <S:Envelope xmlns:S="http://schemas.xmlsoap.org/soap/envelope/">
3
+ <S:Body>
4
+ <GetTemporaryPasswordAttributesResponse xmlns="https://schemas.vip.symantec.com">
5
+ <requestId>123456</requestId>
6
+ <status>0000</status>
7
+ <statusMessage>Success</statusMessage>
8
+ <tempPwdAttributes>
9
+ <expirationTime>2011-04-08T08:17:50.000Z</expirationTime>
10
+ <oneTimeUseOnly>true</oneTimeUseOnly>
11
+ </tempPwdAttributes>
12
+ </GetTemporaryPasswordAttributesResponse>
13
+ </S:Body>
14
+ </S:Envelope>
@@ -0,0 +1,10 @@
1
+ <?xml version="1.0" encoding="UTF-8"?>
2
+ <S:Envelope xmlns:S="http://schemas.xmlsoap.org/soap/envelope/">
3
+ <S:Body>
4
+ <removeCredentialResponse xmlns="https://schemas.vip.symantec.com">
5
+ <requestId>1234abcd</requestId>
6
+ <status>0000</status>
7
+ <statusMessage>Success</statusMessage>
8
+ </removeCredentialResponse>
9
+ </S:Body>
10
+ </S:Envelope>