soteria 1.0.0

data/lib/soteria/utilities.rb

@@ -0,0 +1,45 @@
+module Soteria
+
+class Utilities
+
+
+  # Generate a request ID for a SOAP call.
+  #
+  # @param [String] prefix The prefix for the request ID. This should tell the user what the call is.
+  # @return [String] A string that is the request ID for a call. The request ID is just used for debugging purposes.
+  def self.get_request_id(prefix)
+    time = Time.new
+    prefix + '_' + time.strftime('%Y%m%d%H%M%S')
+  end
+
+
+  # Create a Savon client object to make calls.
+  #
+  # @see Savon::Client
+  # @param [String] wsdl The absolute path to, or the URL of the WSDL file for this client.
+  # @param [Boolean] should_log
+  # @param [String] cert_file The absolute path to the certificate file.
+  # @param [String] cert_key The absolute path to the certificate key file.
+  # @param [String] cert_key_password The password fo the certificate key file.
+  def self.create_client(wsdl, should_log, cert_file, cert_key, cert_key_password)
+    Savon.client(wsdl: wsdl,
+                 env_namespace: :soapenv,
+                 namespace: 'https://schemas.symantec.com/vip/2011/04/vipuserservices',
+                 log: should_log,
+                 ssl_version: :TLSv1,
+                 ssl_cert_file: cert_file,
+                 ssl_cert_key_file: cert_key,
+                 ssl_cert_key_password: cert_key_password,
+                 namespace_identifier: :vip)
+  end
+
+
+  CREDENTIAL_TYPES = {
+      standard: 'STANDARD_OTP',
+      certificate: 'CERTIFICATE',
+      sms: 'SMS_OTP',
+      voice: 'VOICE_OTP',
+      service: 'SERVICE_OTP'
+  }
+end
+end

data/lib/soteria/version.rb

@@ -0,0 +1,4 @@
+module Soteria
+  # Version that the gem is on.
+  VERSION = "1.0.0"
+end

data/soteria.gemspec

@@ -0,0 +1,26 @@
+lib = File.expand_path('../lib', __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require 'soteria/version'
+
+Gem::Specification.new do |spec|
+  spec.name          = "soteria"
+  spec.version       = Soteria::VERSION
+  spec.authors       = ["Ryan Casler"]
+  spec.email         = ['ryan.casler12@gmail.com']
+
+  spec.summary       = 'Symantec VIP'
+  spec.description   = 'A gem for authentication with Symantec VIP Services.'
+  spec.homepage      = "https://github.com/ryanrampage1/soteria"
+  spec.license       = "MIT"
+
+  spec.files         = `git ls-files`.split($/)
+  spec.executables   = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
+  spec.test_files    = spec.files.grep(%r{^(test|spec|features)/})
+  spec.require_paths = ["lib"]
+
+  spec.add_dependency             'savon', '~> 2.11', '>= 2.11.0'
+
+  spec.add_development_dependency "bundler", "~> 1.13"
+  spec.add_development_dependency "rake", "~> 10.0"
+  spec.add_development_dependency "rspec", "~> 3.0"
+end

data/spec/credential_spec.rb

@@ -0,0 +1,121 @@
+require 'spec_helper'
+require 'savon/mock/spec_helper'
+require 'date'
+
+describe Soteria::Credential do
+
+  include Savon::SpecHelper
+
+  before :all do
+    savon.mock!
+
+    @credential = Soteria::Credential.new
+    @auth_client = Savon.client(wsdl: File.read('spec/fixtures/wsdl/vipuserservices-auth-1.7.wsdl'))
+    @mgmt_client = Savon.client(wsdl: File.read('spec/fixtures/wsdl/vipuserservices-mgmt-1.7.wsdl'))
+    @query_client = Savon.client(wsdl: File.read('spec/fixtures/wsdl/vipuserservices-query-1.7.wsdl'))
+  end
+
+  after :all do
+    savon.unmock!
+  end
+
+  it 'returns correct values from a call that successfully authenticates a user' do
+    body = File.read('spec/fixtures/credential/credential_success.xml')
+    savon.expects(:authenticate_user).with(message: :any).returns(body)
+    res = @credential.authenticate_user_credential(@auth_client, '', '')
+
+    expect(res[:success]).to eq true
+    expect(res[:message]).to eq 'Success'
+    expect(res[:id]).to eq 'testsuccess1234'
+    expect(res[:auth_id]).to eq 'testsuccess123456'
+    expect(res[:detail]).to eq nil
+
+  end
+
+  it 'returns correct values from a call that fails to authenticate a user' do
+
+    body = File.read('spec/fixtures/credential/credential_fail.xml')
+    savon.expects(:authenticate_user).with(message: :any).returns(body)
+    res = @credential.authenticate_user_credential(@auth_client, '', '')
+
+    expect(res[:success]).to eq false
+    expect(res[:message]).to eq 'Authentication failed.'
+    expect(res[:detail]).to eq 'Failed with an invalid OTP'
+    expect(res[:id]).to eq 'testfail1234'
+    expect(res[:auth_id]).to eq nil
+
+  end
+
+  it 'gets the body for the authenticate credentials call' do
+    otp = 123342
+
+    result_hash = @credential.get_auth_body(otp, [{id: 1, type: 'a'}, {id: 2, type: 'b'}])
+    result_hash[:'vip:requestId'] = nil
+
+    expected_hash = {
+        'vip:requestId': nil,
+        'vip:credentials': [{'vip:credentialId': 1, 'vip:credentialType': 'a'}, {'vip:credentialId': 2, 'vip:credentialType': 'b'}],
+        'vip:otpAuthData': {
+            'vip:otp': otp
+        }
+    }
+
+    expect(result_hash).to match expected_hash
+
+  end
+
+  it 'authenticates credentials' do
+    body = File.read('spec/fixtures/credential/authenticate_credentials_response.xml')
+    savon.expects(:authenticate_credentials).with(message: :any).returns(body)
+
+   result_hash =  @credential.authenticate_credentials(@auth_client, '', [{id: 1, type: 'a'}, {id: 2, type: 'b'}])
+
+    expected_hash = {
+        success: true,
+        message: 'Success.',
+        id: 'AUTHCRED_87263487236',
+        auth_id: nil,
+        detail: nil
+    }
+
+    expect(result_hash).to match expected_hash
+
+  end
+
+  it 'registers a sms credential' do
+
+    body = File.read('spec/fixtures/credential/register_sms_response.xml')
+    savon.expects(:register).with(message: :any).returns(body)
+
+    result_hash = @credential.register_sms(@mgmt_client, '')
+
+    expected_hash = {
+        success: false,
+        message: 'Credential is already registered for this account.',
+        id: 'test23456',
+        auth_id: nil,
+        detail: 'Token has already been activated.'
+    }
+
+    expect(result_hash).to match expected_hash
+  end
+
+  it 'gets the server time' do
+    body = File.read('spec/fixtures/credential/get_server_time_response.xml')
+    savon.expects(:get_server_time).with(message: :any).returns(body)
+
+    result_hash = @credential.get_server_time(@query_client)
+
+    expected_hash = {
+        success: true,
+        message: 'Success',
+        id: 'abcd1234',
+        auth_id: nil,
+        detail: nil,
+        time: Date.parse('2010-07-26T00:54:47.390-07:00')
+    }
+
+    expect(result_hash).to match expected_hash
+  end
+
+end

data/spec/fixtures/credential/authenticate_credentials_response.xml

@@ -0,0 +1,13 @@
+<?xml version="1.0" ?>
+<S:Envelope xmlns:S="http://schemas.xmlsoap.org/soap/envelope/">
+  <S:Body>
+    <AuthenticateCredentialsResponse xmlns="https://schemas.vip.symantec.com">
+      <requestId>AUTHCRED_87263487236</requestId>
+      <status>0000</status>
+      <statusMessage>Success.</statusMessage>
+      <credentialId>VSMT74238764</credentialId>
+      <credentialType>STANDARD_OTP</credentialType>
+      <transactionId>734b6f661ed9ed2b</transactionId>
+    </AuthenticateCredentialsResponse>
+  </S:Body>
+</S:Envelope>

data/spec/fixtures/credential/credential_fail.xml

@@ -0,0 +1,11 @@
+<S:Envelope xmlns:S="http://schemas.xmlsoap.org/soap/envelope/">
+  <S:Body>
+    <AuthenticateUserResponse xmlns="https://schemas.symantec.com/vip/2011/04/vipuserservices">
+      <requestId>testfail1234</requestId>
+      <status>6009</status>
+      <statusMessage>Authentication failed.</statusMessage>
+      <detail>49B5</detail>
+      <detailMessage>Failed with an invalid OTP</detailMessage>
+    </AuthenticateUserResponse>
+  </S:Body>
+</S:Envelope>

data/spec/fixtures/credential/credential_success.xml

@@ -0,0 +1,12 @@
+<S:Envelope xmlns:S="http://schemas.xmlsoap.org/soap/envelope/">
+  <S:Body>
+    <AuthenticateUserResponse xmlns="https://schemas.symantec.com/vip/2011/04/vipuserservices">
+      <requestId>testsuccess1234</requestId>
+      <status>0000</status>
+      <statusMessage>Success</statusMessage>
+      <credentialId>VSMT111111</credentialId>
+      <credentialType>STANDARD_OTP</credentialType>
+      <authnId>testsuccess123456</authnId>
+    </AuthenticateUserResponse>
+  </S:Body>
+</S:Envelope>

data/spec/fixtures/credential/get_cred_info_response.xml

@@ -0,0 +1,40 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<S:Envelope xmlns:S="http://schemas.xmlsoap.org/soap/envelope/">
+  <S:Body>
+    <GetCredentialInfoResponse xmlns="https://schemas.vip.symantec.com">
+      <requestId>3nZ31rIlCr</requestId>
+      <status>0000</status>
+      <statusMessage>Success</statusMessage>
+      <credentialId>VSMB74327954</credentialId>
+      <credentialType>STANDARD_OTP</credentialType>
+      <credentialStatus>INACTIVE</credentialStatus>
+      <numBindings>1</numBindings>
+      <pushAttributes>
+        <Key>LAST_ENABLED_TS</Key>
+        <Value>12</Value>
+      </pushAttributes>
+      <pushAttributes>
+        <Key>PUSH_ENABLED</Key>
+        <Value>true</Value>
+      </pushAttributes>
+      <pushAttributes>
+        <Key>PUSH_ID</Key>
+        <Value>123456789</Value>
+      </pushAttributes>
+      <pushAttributes>
+        <Key>PUSH_PLATFORM</Key>
+        <Value>IPHONE</Value>
+      </pushAttributes>
+      <userBindingDetail>
+        <userId>john.doe@example.com</userId>
+        <userStatus>DISABLED</userStatus>
+        <bindingDetail>
+          <bindStatus>ENABLED</bindStatus>
+          <lastBindTime>2013-10-22T20:18:26.517Z</lastBindTime>
+          <lastAuthnTime>2014-03-18T15:13:51.232Z</lastAuthnTime>
+          <lastAuthnId>FB732F382F9D8BED@lastAuthnId
+        </bindingDetail>
+      </userBindingDetail>
+    </GetCredentialInfoResponse>
+  </S:Body>
+</S:Envelope>

data/spec/fixtures/credential/get_server_time_response.xml

@@ -0,0 +1,11 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<S:Envelope xmlns:S="http://schemas.xmlsoap.org/soap/envelope/">
+  <S:Body>
+    <getServerTimeResponse xmlns="https://schemas.vip.symantec.com">
+      <requestId>abcd1234</requestId>
+      <status>0000</status>
+      <statusMessage>Success</statusMessage>
+      <timestamp>2010-07-26T00:54:47.390-07:00</timestamp>
+    </getServerTimeResponse>
+  </S:Body>
+</S:Envelope>

data/spec/fixtures/credential/register_sms_response.xml

@@ -0,0 +1,12 @@
+<?xml version="1.0" ?>
+<S:Envelope xmlns:S="http://schemas.xmlsoap.org/soap/envelope/">
+  <S:Body>
+    <RegisterResponse xmlns="https://schemas.symantec.com/vip/2011/04/vipuserservices">
+      <requestId>test23456</requestId>
+      <status>6026</status>
+      <statusMessage>Credential is already registered for this account.</statusMessage>
+      <detail>4E1B</detail>
+      <detailMessage>Token has already been activated.</detailMessage>
+    </RegisterResponse>
+  </S:Body>
+</S:Envelope>

data/spec/fixtures/push/authenticate_with_push_error.xml

@@ -0,0 +1,9 @@
+<S:Envelope xmlns:S="http://schemas.xmlsoap.org/soap/envelope/">
+  <S:Body>
+    <AuthenticateUserWithPushResponse xmlns="https://schemas.symantec.com/vip/2011/04/vipuserservices">
+      <requestId>send_push_request_20161021152920</requestId>
+      <status>6003</status>
+      <statusMessage>User does not exist.</statusMessage>
+    </AuthenticateUserWithPushResponse>
+  </S:Body>
+</S:Envelope>

data/spec/fixtures/push/authenticate_with_push_response.xml

@@ -0,0 +1,14 @@
+<S:Envelope xmlns:S="http://schemas.xmlsoap.org/soap/envelope/">
+  <S:Body>
+    <AuthenticateUserWithPushResponse xmlns="https://schemas.symantec.com/vip/2011/04/vipuserservices">
+      <requestId>send_push_request_20161021152920</requestId>
+      <status>6040</status>
+      <statusMessage>Mobile push request sent</statusMessage>
+      <transactionId>8d70d18461cc9093</transactionId>
+      <pushDetail>
+        <pushCredentialId>VSMT35238564</pushCredentialId>
+        <pushSent>true</pushSent>
+      </pushDetail>
+    </AuthenticateUserWithPushResponse>
+  </S:Body>
+</S:Envelope>

data/spec/fixtures/sms/check_otp_success_response.xml

@@ -0,0 +1,13 @@
+<?xml version="1.0"?>
+<S:Envelope xmlns:S="http://schemas.xmlsoap.org/soap/envelope/">
+  <S:Body>
+    <CheckOtpResponse xmlns="https://schemas.symantec.com/vip/2011/04/vipuserservices">
+      <requestId>test123</requestId>
+      <status>0000</status>
+      <statusMessage>Success</statusMessage>
+      <credentialId>123456789</credentialId>
+      <credentialType>SMS_OTP</credentialType>
+      <authnId>testauth1234</authnId>
+    </CheckOtpResponse>
+  </S:Body>
+</S:Envelope>

data/spec/fixtures/sms/send_sms_success_response.xml

@@ -0,0 +1,10 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<S:Envelope xmlns:S="http://schemas.xmlsoap.org/soap/envelope/">
+  <S:Body>
+    <SendOtpResponse xmlns="https://schemas.symantec.com/vip/2011/04/vipuserservices">
+      <requestId>test123</requestId>
+      <status>0000</status>
+      <statusMessage>Success</statusMessage>
+    </SendOtpResponse>
+  </S:Body>
+</S:Envelope>

data/spec/fixtures/user/add_credential_response.xml

@@ -0,0 +1,9 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<S:Envelope xmlns:S="http://schemas.xmlsoap.org/soap/envelope/">
+  <S:Body>
+    <AddCredentialResponse xmlns="https://schemas.vip.symantec.com">
+      <requestId>4ACCDv2rtj</requestId><status>0000</status>
+      <statusMessage>Success</statusMessage>
+    </AddCredentialResponse>
+  </S:Body>
+</S:Envelope>

data/spec/fixtures/user/clear_temp_password_response.xml

@@ -0,0 +1,10 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<S:Envelope xmlns:S="http://schemas.xmlsoap.org/soap/envelope/">
+  <S:Body>
+    <ClearTemporaryPasswordResponse xmlns="https://schemas.vip.symantec.com">
+      <requestId>0HaNgjq7z9</requestId>
+      <status>0000</status>
+      <statusMessage>Success</statusMessage>
+    </ClearTemporaryPasswordResponse>
+  </S:Body>
+</S:Envelope>

data/spec/fixtures/user/clear_user_pin_response.xml

@@ -0,0 +1,10 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<S:Envelope xmlns:S="http://schemas.xmlsoap.org/soap/envelope/">
+  <S:Body>
+    <ClearUserPinResponse xmlns="https://schemas.vip.symantec.com">
+      <requestId>123edabc</requestId>
+      <status>0000</status>
+      <statusMessage>Success</statusMessage>
+    </ClearUserPinResponse>
+  </S:Body>
+</S:Envelope>

data/spec/fixtures/user/create_user_response.xml

@@ -0,0 +1,9 @@
+<S:Envelope xmlns:S="http://schemas.xmlsoap.org/soap/envelope/">
+  <S:Body>
+    <CreateUserResponse xmlns="https://schemas.symantec.com/vip/2011/04/vipuserservices">
+      <requestId>test1234</requestId>
+      <status>0000</status>
+      <statusMessage>Success</statusMessage>
+    </CreateUserResponse>
+  </S:Body>
+</S:Envelope>

data/spec/fixtures/user/delete_user_response.xml

@@ -0,0 +1,10 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<S:Envelope xmlns:S="http://schemas.xmlsoap.org/soap/envelope/">
+  <S:Body>
+    <deleteUserResponse xmlns="https://schemas.vip.symantec.com">
+      <requestId>test1234</requestId>
+      <status>0000</status>
+      <statusMessage>Success</statusMessage>
+    </deleteUserResponse>
+  </S:Body>
+</S:Envelope>

data/spec/fixtures/user/get_temp_pass_attr_response.xml

@@ -0,0 +1,14 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<S:Envelope xmlns:S="http://schemas.xmlsoap.org/soap/envelope/">
+  <S:Body>
+    <GetTemporaryPasswordAttributesResponse xmlns="https://schemas.vip.symantec.com">
+      <requestId>123456</requestId>
+      <status>0000</status>
+      <statusMessage>Success</statusMessage>
+      <tempPwdAttributes>
+        <expirationTime>2011-04-08T08:17:50.000Z</expirationTime>
+        <oneTimeUseOnly>true</oneTimeUseOnly>
+      </tempPwdAttributes>
+    </GetTemporaryPasswordAttributesResponse>
+  </S:Body>
+</S:Envelope>

data/spec/fixtures/user/remove_credential_response.xml

@@ -0,0 +1,10 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<S:Envelope xmlns:S="http://schemas.xmlsoap.org/soap/envelope/">
+  <S:Body>
+    <removeCredentialResponse xmlns="https://schemas.vip.symantec.com">
+      <requestId>1234abcd</requestId>
+      <status>0000</status>
+      <statusMessage>Success</statusMessage>
+    </removeCredentialResponse>
+  </S:Body>
+</S:Envelope>