stitches 4.2.2 → 5.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (40) hide show
  1. checksums.yaml +4 -4
  2. data/.circleci/config.yml +175 -209
  3. data/.env.example +1 -0
  4. data/.github/CODEOWNERS +1 -1
  5. data/.github/workflows/scheduled_cci.yml +14 -0
  6. data/.gitignore +3 -0
  7. data/.ruby-version +1 -1
  8. data/README.md +18 -9
  9. data/lib/stitches/api_generator.rb +1 -13
  10. data/lib/stitches/api_key.rb +2 -0
  11. data/lib/stitches/api_migration_generator.rb +23 -0
  12. data/lib/stitches/configuration.rb +2 -1
  13. data/lib/stitches/generator_files/config/initializers/stitches.rb +4 -0
  14. data/lib/stitches/generator_files/spec/acceptance/ping_v1_spec.rb +4 -2
  15. data/lib/stitches/generator_files/spec/features/api_spec.rb.erb +3 -0
  16. data/lib/stitches/railtie.rb +0 -1
  17. data/lib/stitches/spec/test_headers.rb +1 -1
  18. data/lib/stitches/version.rb +1 -1
  19. data/lib/stitches_norailtie.rb +1 -0
  20. data/owners.json +1 -1
  21. data/spec/api_key_middleware_spec.rb +257 -225
  22. data/spec/configuration_spec.rb +4 -0
  23. data/spec/fake_app/.ruby-version +1 -1
  24. data/spec/fake_app/Gemfile +5 -5
  25. data/spec/fake_app/config/application.rb +1 -3
  26. data/spec/fake_app/config/database.yml +9 -10
  27. data/spec/fake_app/config/initializers/assets.rb +0 -3
  28. data/spec/integration/add_to_rails_app_spec.rb +2 -1
  29. data/spec/rails_helper.rb +4 -2
  30. data/stitches.gemspec +2 -1
  31. metadata +21 -15
  32. data/Gemfile.rails-4.2 +0 -8
  33. data/Gemfile.rails-5.0 +0 -8
  34. data/Gemfile.rails-5.1 +0 -7
  35. data/Gemfile.rails-5.2 +0 -7
  36. data/Gemfile.rails-6.0 +0 -7
  37. data/Gemfile.rails-6.1 +0 -7
  38. data/build-matrix.json +0 -4
  39. data/spec/fake_app/db/development.sqlite3 +0 -0
  40. data/spec/fake_app/db/test.sqlite3 +0 -0
@@ -6,6 +6,5 @@ module Stitches
6
6
  class Railtie < Rails::Railtie
7
7
  config.app_middleware.use Stitches::ApiKey
8
8
  config.app_middleware.use Stitches::ValidMimeType
9
-
10
9
  end
11
10
  end
@@ -6,7 +6,7 @@ class TestHeaders
6
6
  "Accept" => full_mimetype,
7
7
  "Content-Type" => full_mimetype,
8
8
  }.tap { |headers|
9
- set_authorization_header(headers,options)
9
+ set_authorization_header(headers,options) unless Stitches.configuration.disable_api_key_support
10
10
  }
11
11
  end
12
12
 
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module Stitches
4
- VERSION = '4.2.2'
4
+ VERSION = '5.0.0'
5
5
  end
@@ -12,6 +12,7 @@ require 'stitches/render_timestamps_in_iso8601_in_json'
12
12
  require 'stitches/error'
13
13
  require 'stitches/errors'
14
14
  require 'stitches/api_generator'
15
+ require 'stitches/api_migration_generator'
15
16
  require 'stitches/add_deprecation_generator'
16
17
  require 'stitches/add_enabled_to_api_clients_generator'
17
18
  require 'stitches/add_disabled_at_to_api_clients_generator'
data/owners.json CHANGED
@@ -1,7 +1,7 @@
1
1
  {
2
2
  "owners": [
3
3
  {
4
- "team": "eng-runtime"
4
+ "team": "dev-platform"
5
5
  }
6
6
  ]
7
7
  }
@@ -12,13 +12,6 @@ RSpec.describe "/api/hellos", type: :request do
12
12
  let(:auth_header) { "MyAwesomeInternalScheme key=#{uuid}" }
13
13
  let(:allowlist) { nil }
14
14
 
15
- before do
16
- Stitches.configuration.reset_to_defaults!
17
- Stitches.configuration.custom_http_auth_scheme = 'MyAwesomeInternalScheme'
18
- Stitches.configuration.allowlist_regexp = allowlist if allowlist
19
- Stitches::ApiClientAccessWrapper.clear_api_cache
20
- end
21
-
22
15
  def execute_call(auth: auth_header)
23
16
  headers = {
24
17
  "Accept" => "application/json; version=1"
@@ -34,342 +27,381 @@ RSpec.describe "/api/hellos", type: :request do
34
27
  expect(response.headers["WWW-Authenticate"]).to eq("MyAwesomeInternalScheme realm=FakeApp")
35
28
  end
36
29
 
37
- context "with modern schema" do
38
- let(:api_client_enabled) { true }
39
- let(:disabled_at) { nil }
40
- let!(:api_client) {
41
- uuid = SecureRandom.uuid
42
- ApiClient.create(name: "MyApiClient", key: SecureRandom.uuid, enabled: false, created_at: 20.days.ago, disabled_at: 15.days.ago)
43
- ApiClient.create(name: "MyApiClient", key: uuid, enabled: api_client_enabled, created_at: 10.days.ago, disabled_at: disabled_at)
44
- }
45
-
46
- context "when path is not on allowlist" do
47
- context "when api_client is valid" do
48
- it "executes the correct controller" do
49
- execute_call
50
-
51
- expect(response.body).to include "Hello"
52
- end
53
-
54
- it "saves the api_client information used" do
55
- execute_call
56
-
57
- expect(response.body).to include "MyApiClient"
58
- expect(response.body).to include "#{api_client.id}"
59
- end
30
+ context "disabled api key support" do
31
+ before do
32
+ Stitches.configuration.reset_to_defaults!
33
+ Stitches.configuration.custom_http_auth_scheme = 'MyAwesomeInternalScheme'
34
+ Stitches.configuration.disable_api_key_support = true
35
+ end
60
36
 
61
- context "caching is enabled" do
62
- before do
63
- allow(ApiClient).to receive(:find_by).and_call_original
37
+ let(:uuid) { SecureRandom.uuid }
64
38
 
65
- Stitches.configure do |config|
66
- config.max_cache_ttl = 5
67
- config.max_cache_size = 10
68
- end
69
- end
39
+ it "executes the correct controller" do
40
+ execute_call
70
41
 
71
- it "only gets the the api_client information once" do
72
- execute_call
73
- execute_call
74
-
75
- expect(response.body).to include "#{api_client.id}"
76
- expect(ApiClient).to have_received(:find_by).once
77
- end
78
- end
79
- end
80
-
81
- context "when api client key does not match" do
82
- let(:uuid) { SecureRandom.uuid } # random uuid
42
+ expect(response.body).to include "Hello"
43
+ end
83
44
 
84
- it "rejects request" do
85
- execute_call
45
+ it "does not look up information from the database" do
46
+ execute_call
86
47
 
87
- expect_unauthorized
88
- end
89
- end
48
+ expect(response.body).to include "NameNotFound"
49
+ expect(response.body).to include "IdNotFound"
50
+ end
90
51
 
91
- context "when api client key not enabled" do
92
- let(:api_client_enabled) { false }
52
+ it "indicates a successful response" do
53
+ execute_call
93
54
 
94
- context "when disabled_at is not set" do
95
- it "rejects request" do
96
- execute_call
55
+ expect(response.status).to eq 200
56
+ end
57
+ end
97
58
 
98
- expect_unauthorized
99
- end
100
- end
59
+ context "enabled api key support" do
60
+ before do
61
+ Stitches.configuration.reset_to_defaults!
62
+ Stitches.configuration.custom_http_auth_scheme = 'MyAwesomeInternalScheme'
63
+ Stitches.configuration.allowlist_regexp = allowlist if allowlist
64
+ Stitches.configuration.disable_api_key_support = false
65
+ Stitches::ApiClientAccessWrapper.clear_api_cache
66
+ end
101
67
 
102
- context "when disabled_at is set to a time older than three days ago" do
103
- let(:disabled_at) { 4.day.ago }
68
+ context "with modern schema" do
69
+ let(:api_client_enabled) { true }
70
+ let(:disabled_at) { nil }
71
+ let!(:api_client) {
72
+ uuid = SecureRandom.uuid
73
+ ApiClient.create(name: "MyApiClient", key: SecureRandom.uuid, enabled: false, created_at: 20.days.ago, disabled_at: 15.days.ago)
74
+ ApiClient.create(name: "MyApiClient", key: uuid, enabled: api_client_enabled, created_at: 10.days.ago, disabled_at: disabled_at)
75
+ }
104
76
 
105
- it "does not allow the call" do
77
+ context "when path is not on allowlist" do
78
+ context "when api_client is valid" do
79
+ it "executes the correct controller" do
106
80
  execute_call
107
81
 
108
- expect_unauthorized
109
-
82
+ expect(response.body).to include "Hello"
110
83
  end
111
- end
112
84
 
113
- context "when disabled_at is set to a recent time" do
114
- let(:disabled_at) { 1.day.ago }
115
-
116
- it "allows the call" do
85
+ it "saves the api_client information used" do
117
86
  execute_call
118
87
 
119
- expect(response.body).to include "Hello"
120
88
  expect(response.body).to include "MyApiClient"
121
89
  expect(response.body).to include "#{api_client.id}"
122
90
  end
123
91
 
124
- it "warns about the disabled key to log writer when available" do
125
- stub_const("StitchFix::Logger::LogWriter", FakeLogger.new)
126
- allow(StitchFix::Logger::LogWriter).to receive(:warn)
92
+ context "caching is enabled" do
93
+ before do
94
+ allow(ApiClient).to receive(:find_by).and_call_original
127
95
 
128
- execute_call
96
+ Stitches.configure do |config|
97
+ config.max_cache_ttl = 5
98
+ config.max_cache_size = 10
99
+ end
100
+ end
129
101
 
130
- expect(StitchFix::Logger::LogWriter).to have_received(:warn).once
102
+ it "only gets the the api_client information once" do
103
+ execute_call
104
+ execute_call
105
+
106
+ expect(response.body).to include "#{api_client.id}"
107
+ expect(ApiClient).to have_received(:find_by).once
108
+ end
131
109
  end
110
+ end
132
111
 
133
- it "warns about the disabled key to the Rails.logger" do
134
- allow(Rails.logger).to receive(:warn)
135
- allow(Rails.logger).to receive(:error)
112
+ context "when api client key does not match" do
113
+ let(:uuid) { SecureRandom.uuid } # random uuid
136
114
 
115
+ it "rejects request" do
137
116
  execute_call
138
117
 
139
- expect(Rails.logger).to have_received(:warn).once
140
- expect(Rails.logger).not_to have_received(:error)
118
+ expect_unauthorized
141
119
  end
142
120
  end
143
121
 
144
- context "when disabled_at is set to a dangerously long time" do
145
- let(:disabled_at) { 52.hours.ago }
122
+ context "when api client key not enabled" do
123
+ let(:api_client_enabled) { false }
146
124
 
147
- it "allows the call" do
148
- execute_call
125
+ context "when disabled_at is not set" do
126
+ it "rejects request" do
127
+ execute_call
149
128
 
150
- expect(response.body).to include "Hello"
151
- expect(response.body).to include "MyApiClient"
152
- expect(response.body).to include "#{api_client.id}"
129
+ expect_unauthorized
130
+ end
153
131
  end
154
132
 
155
- it "logs error about the disabled key to log writer when available" do
156
- stub_const("StitchFix::Logger::LogWriter", FakeLogger.new)
157
- allow(StitchFix::Logger::LogWriter).to receive(:error)
133
+ context "when disabled_at is set to a time older than three days ago" do
134
+ let(:disabled_at) { 4.day.ago }
158
135
 
159
- execute_call
136
+ it "does not allow the call" do
137
+ execute_call
160
138
 
161
- expect(StitchFix::Logger::LogWriter).to have_received(:error).once
162
- end
139
+ expect_unauthorized
163
140
 
164
- it "logs error about the disabled key to the Rails.logger" do
165
- allow(Rails.logger).to receive(:warn)
166
- allow(Rails.logger).to receive(:error) do |message1|
167
- expect(message1).not_to include uuid
168
141
  end
142
+ end
169
143
 
170
- execute_call
144
+ context "when disabled_at is set to a recent time" do
145
+ let(:disabled_at) { 1.day.ago }
171
146
 
172
- expect(Rails.logger).to have_received(:error).once
173
- expect(Rails.logger).not_to have_received(:warn)
174
- end
175
- end
147
+ it "allows the call" do
148
+ execute_call
176
149
 
177
- context "when disabled_at is set to an unacceptably long time" do
178
- let(:disabled_at) { 5.days.ago }
150
+ expect(response.body).to include "Hello"
151
+ expect(response.body).to include "MyApiClient"
152
+ expect(response.body).to include "#{api_client.id}"
153
+ end
179
154
 
180
- it "forbids the call" do
181
- execute_call
155
+ it "warns about the disabled key to log writer when available" do
156
+ stub_const("StitchFix::Logger::LogWriter", FakeLogger.new)
157
+ allow(StitchFix::Logger::LogWriter).to receive(:warn)
182
158
 
183
- expect_unauthorized
184
- end
159
+ execute_call
185
160
 
186
- it "logs error about the disabled key to log writer when available" do
187
- stub_const("StitchFix::Logger::LogWriter", FakeLogger.new)
188
- allow(StitchFix::Logger::LogWriter).to receive(:error)
161
+ expect(StitchFix::Logger::LogWriter).to have_received(:warn).once
162
+ end
189
163
 
190
- execute_call
164
+ it "warns about the disabled key to the Rails.logger" do
165
+ allow(Rails.logger).to receive(:warn)
166
+ allow(Rails.logger).to receive(:error)
167
+
168
+ execute_call
191
169
 
192
- expect(StitchFix::Logger::LogWriter).to have_received(:error).once
170
+ expect(Rails.logger).to have_received(:warn).once
171
+ expect(Rails.logger).not_to have_received(:error)
172
+ end
193
173
  end
194
174
 
195
- it "logs error about the disabled key to the Rails.logger" do
196
- allow(Rails.logger).to receive(:warn)
197
- allow(Rails.logger).to receive(:error)
175
+ context "when disabled_at is set to a dangerously long time" do
176
+ let(:disabled_at) { 52.hours.ago }
177
+
178
+ it "allows the call" do
179
+ execute_call
198
180
 
199
- execute_call
181
+ expect(response.body).to include "Hello"
182
+ expect(response.body).to include "MyApiClient"
183
+ expect(response.body).to include "#{api_client.id}"
184
+ end
200
185
 
201
- expect(Rails.logger).to have_received(:error).once
202
- expect(Rails.logger).not_to have_received(:warn)
203
- end
204
- end
186
+ it "logs error about the disabled key to log writer when available" do
187
+ stub_const("StitchFix::Logger::LogWriter", FakeLogger.new)
188
+ allow(StitchFix::Logger::LogWriter).to receive(:error)
205
189
 
206
- context "custom leniency is set" do
207
- before do
208
- Stitches.configuration.disabled_key_leniency_in_seconds = 100
209
- Stitches.configuration.disabled_key_leniency_error_log_threshold_in_seconds = 50
210
- end
190
+ execute_call
211
191
 
212
- context "when disabled_at is set to an unacceptably long time" do
213
- let(:disabled_at) { 101.seconds.ago }
192
+ expect(StitchFix::Logger::LogWriter).to have_received(:error).once
193
+ end
214
194
 
215
- it "forbids the call" do
195
+ it "logs error about the disabled key to the Rails.logger" do
196
+ allow(Rails.logger).to receive(:warn)
216
197
  allow(Rails.logger).to receive(:error) do |message1|
217
198
  expect(message1).not_to include uuid
218
199
  end
219
200
 
220
201
  execute_call
221
202
 
222
- expect_unauthorized
223
203
  expect(Rails.logger).to have_received(:error).once
204
+ expect(Rails.logger).not_to have_received(:warn)
224
205
  end
225
206
  end
226
207
 
227
- context "when disabled_at is set to a dangerously long time" do
228
- let(:disabled_at) { 75.seconds.ago }
208
+ context "when disabled_at is set to an unacceptably long time" do
209
+ let(:disabled_at) { 5.days.ago }
229
210
 
230
- it "allows the call" do
211
+ it "forbids the call" do
212
+ execute_call
213
+
214
+ expect_unauthorized
215
+ end
216
+
217
+ it "logs error about the disabled key to log writer when available" do
218
+ stub_const("StitchFix::Logger::LogWriter", FakeLogger.new)
219
+ allow(StitchFix::Logger::LogWriter).to receive(:error)
220
+
221
+ execute_call
222
+
223
+ expect(StitchFix::Logger::LogWriter).to have_received(:error).once
224
+ end
225
+
226
+ it "logs error about the disabled key to the Rails.logger" do
227
+ allow(Rails.logger).to receive(:warn)
231
228
  allow(Rails.logger).to receive(:error)
232
229
 
233
230
  execute_call
234
231
 
235
- expect(response.body).to include "Hello"
236
232
  expect(Rails.logger).to have_received(:error).once
233
+ expect(Rails.logger).not_to have_received(:warn)
237
234
  end
238
235
  end
239
236
 
240
- context "when disabled_at is set to a short time ago" do
241
- let(:disabled_at) { 25.seconds.ago }
237
+ context "custom leniency is set" do
238
+ before do
239
+ Stitches.configuration.disabled_key_leniency_in_seconds = 100
240
+ Stitches.configuration.disabled_key_leniency_error_log_threshold_in_seconds = 50
241
+ end
242
242
 
243
- it "allows the call" do
244
- allow(Rails.logger).to receive(:warn) do |message1|
245
- expect(message1).not_to include uuid
243
+ context "when disabled_at is set to an unacceptably long time" do
244
+ let(:disabled_at) { 101.seconds.ago }
245
+
246
+ it "forbids the call" do
247
+ allow(Rails.logger).to receive(:error) do |message1|
248
+ expect(message1).not_to include uuid
249
+ end
250
+
251
+ execute_call
252
+
253
+ expect_unauthorized
254
+ expect(Rails.logger).to have_received(:error).once
246
255
  end
256
+ end
247
257
 
248
- execute_call
258
+ context "when disabled_at is set to a dangerously long time" do
259
+ let(:disabled_at) { 75.seconds.ago }
249
260
 
250
- expect(response.body).to include "Hello"
251
- expect(Rails.logger).to have_received(:warn).once
261
+ it "allows the call" do
262
+ allow(Rails.logger).to receive(:error)
263
+
264
+ execute_call
265
+
266
+ expect(response.body).to include "Hello"
267
+ expect(Rails.logger).to have_received(:error).once
268
+ end
269
+ end
270
+
271
+ context "when disabled_at is set to a short time ago" do
272
+ let(:disabled_at) { 25.seconds.ago }
273
+
274
+ it "allows the call" do
275
+ allow(Rails.logger).to receive(:warn) do |message1|
276
+ expect(message1).not_to include uuid
277
+ end
278
+
279
+ execute_call
280
+
281
+ expect(response.body).to include "Hello"
282
+ expect(Rails.logger).to have_received(:warn).once
283
+ end
252
284
  end
253
285
  end
254
286
  end
255
- end
256
287
 
257
- context "when authorization header is missing" do
258
- it "rejects request" do
259
- execute_call(auth: nil)
288
+ context "when authorization header is missing" do
289
+ it "rejects request" do
290
+ execute_call(auth: nil)
260
291
 
261
- expect_unauthorized
292
+ expect_unauthorized
293
+ end
294
+ end
295
+
296
+ context "when scheme does not match" do
297
+ it "rejects request" do
298
+ execute_call(auth: "OtherScheme key=#{uuid}")
299
+
300
+ expect_unauthorized
301
+ end
262
302
  end
263
303
  end
264
304
 
265
- context "when scheme does not match" do
266
- it "rejects request" do
267
- execute_call(auth: "OtherScheme key=#{uuid}")
305
+ context "when path is on allowlist" do
306
+ let(:allowlist) { /.*hello.*/ }
268
307
 
269
- expect_unauthorized
308
+ context "when api_client is valid" do
309
+ it "executes the correct controller" do
310
+ execute_call
311
+
312
+ expect(response.body).to include "Hello"
313
+ end
314
+
315
+ it "does not save the api_client information used" do
316
+ execute_call
317
+
318
+ expect(response.body).to include "NameNotFound"
319
+ expect(response.body).to include "IdNotFound"
320
+ end
321
+ end
322
+
323
+ context "when api client key does not match" do
324
+ let(:uuid) { SecureRandom.uuid } # random uuid
325
+
326
+ it "executes the correct controller" do
327
+ execute_call
328
+
329
+ expect(response.body).to include "Hello"
330
+ end
270
331
  end
271
332
  end
272
333
  end
273
334
 
274
- context "when path is on allowlist" do
275
- let(:allowlist) { /.*hello.*/ }
335
+ context "when schema is old and missing disabled_at field" do
336
+ around(:each) do |example|
337
+ load 'fake_app/db/schema_missing_disabled_at.rb'
338
+ ApiClient.reset_column_information
339
+ example.run
340
+ load 'fake_app/db/schema_modern.rb'
341
+ ApiClient.reset_column_information
342
+ end
276
343
 
277
344
  context "when api_client is valid" do
345
+ let!(:api_client) {
346
+ uuid = SecureRandom.uuid
347
+ ApiClient.create(name: "MyApiClient", key: uuid, created_at: Time.now(), enabled: true)
348
+ }
349
+
278
350
  it "executes the correct controller" do
279
351
  execute_call
280
352
 
281
353
  expect(response.body).to include "Hello"
282
354
  end
283
355
 
284
- it "does not save the api_client information used" do
356
+ it "saves the api_client information used" do
285
357
  execute_call
286
358
 
287
- expect(response.body).to include "NameNotFound"
288
- expect(response.body).to include "IdNotFound"
359
+ expect(response.body).to include "MyApiClient"
360
+ expect(response.body).to include "#{api_client.id}"
289
361
  end
290
362
  end
291
363
 
292
- context "when api client key does not match" do
293
- let(:uuid) { SecureRandom.uuid } # random uuid
364
+ context "when api_client is not enabled" do
365
+ let!(:api_client) {
366
+ uuid = SecureRandom.uuid
367
+ ApiClient.create(name: "MyApiClient", key: uuid, created_at: Time.now(), enabled: false)
368
+ }
294
369
 
295
- it "executes the correct controller" do
370
+ it "rejects request" do
296
371
  execute_call
297
372
 
298
- expect(response.body).to include "Hello"
373
+ expect_unauthorized
299
374
  end
300
375
  end
301
376
  end
302
- end
303
-
304
- context "when schema is old and missing disabled_at field" do
305
- around(:each) do |example|
306
- load 'fake_app/db/schema_missing_disabled_at.rb'
307
- ApiClient.reset_column_information
308
- example.run
309
- load 'fake_app/db/schema_modern.rb'
310
- ApiClient.reset_column_information
311
- end
312
-
313
- context "when api_client is valid" do
314
- let!(:api_client) {
315
- uuid = SecureRandom.uuid
316
- ApiClient.create(name: "MyApiClient", key: uuid, created_at: Time.now(), enabled: true)
317
- }
318
-
319
- it "executes the correct controller" do
320
- execute_call
321
377
 
322
- expect(response.body).to include "Hello"
378
+ context "when schema is old and missing enabled field" do
379
+ around(:each) do |example|
380
+ load 'fake_app/db/schema_missing_enabled.rb'
381
+ ApiClient.reset_column_information
382
+ example.run
383
+ load 'fake_app/db/schema_modern.rb'
384
+ ApiClient.reset_column_information
323
385
  end
324
386
 
325
- it "saves the api_client information used" do
326
- execute_call
327
-
328
- expect(response.body).to include "MyApiClient"
329
- expect(response.body).to include "#{api_client.id}"
330
- end
331
- end
332
-
333
- context "when api_client is not enabled" do
334
387
  let!(:api_client) {
335
388
  uuid = SecureRandom.uuid
336
- ApiClient.create(name: "MyApiClient", key: uuid, created_at: Time.now(), enabled: false)
389
+ ApiClient.create(name: "MyApiClient", key: uuid, created_at: Time.now())
337
390
  }
338
391
 
339
- it "rejects request" do
340
- execute_call
341
-
342
- expect_unauthorized
343
- end
344
- end
345
- end
346
-
347
- context "when schema is old and missing enabled field" do
348
- around(:each) do |example|
349
- load 'fake_app/db/schema_missing_enabled.rb'
350
- ApiClient.reset_column_information
351
- example.run
352
- load 'fake_app/db/schema_modern.rb'
353
- ApiClient.reset_column_information
354
- end
355
-
356
- let!(:api_client) {
357
- uuid = SecureRandom.uuid
358
- ApiClient.create(name: "MyApiClient", key: uuid, created_at: Time.now())
359
- }
360
-
361
- context "when api_client is valid" do
362
- it "executes the correct controller" do
363
- execute_call
392
+ context "when api_client is valid" do
393
+ it "executes the correct controller" do
394
+ execute_call
364
395
 
365
- expect(response.body).to include "Hello"
366
- end
396
+ expect(response.body).to include "Hello"
397
+ end
367
398
 
368
- it "saves the api_client information used" do
369
- execute_call
399
+ it "saves the api_client information used" do
400
+ execute_call
370
401
 
371
- expect(response.body).to include "MyApiClient"
372
- expect(response.body).to include "#{api_client.id}"
402
+ expect(response.body).to include "MyApiClient"
403
+ expect(response.body).to include "#{api_client.id}"
404
+ end
373
405
  end
374
406
  end
375
407
  end
@@ -44,6 +44,10 @@ describe Stitches::Configuration do
44
44
  expect(Stitches.configuration.max_cache_size).to eq(0)
45
45
  end
46
46
 
47
+ it "sets a default of false for disable_api_key_support" do
48
+ expect(Stitches.configuration.disable_api_key_support).to be false
49
+ end
50
+
47
51
  it "blows up if you try to use custom_http_auth_scheme without having set it" do
48
52
  expect {
49
53
  Stitches.configuration.custom_http_auth_scheme
@@ -1 +1 @@
1
- ruby-2.7.3
1
+ ruby-3.2.3