stormpath-rails 2.3.0 → 2.3.1

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 36d62091eb523ac7ef5e343ca5ba96e62772b321
4
- data.tar.gz: 2e7081bb0a9b8790336ff0fd1ebccc34426cfd3d
3
+ metadata.gz: db78dfe6eb37a717cc63a11079e9ab97b26cb828
4
+ data.tar.gz: 4d876869b8206cac38f96ef1a472fb1cc8211995
5
5
  SHA512:
6
- metadata.gz: f08df2b2d8d20d1a7bea7703fea21b4cd1fd118889e8e77874b24463785a2e6693ae1ce3cf537be0316f229c74a123ebad6d631807932e2818e31feb27c9b96d
7
- data.tar.gz: 3b30a4518942c3bdec1d1b7787c14cb1957f1fedb5182b6b614674249ee931528bf6568a26bece7bdf0920af8b83bb6237220b6d3fc1cc6265b6d213d6b9bede
6
+ metadata.gz: d28fbd2472799152d2cf4a24670e88c44efb88f7a448e198e3ebf15ce1f1f52c25d1bb7ebe467eaa1ea10cb0f5c1714c9024924eba9e05450c13f359a958ccf9
7
+ data.tar.gz: 74a8238f67668fa69c78867997e2acb80b887987bff4d4b9b3f623987402a2d70d2ee7639960258384ded3c4a8d204cd5fcba3437929c37ca42d7f455396458c
data/.travis.yml CHANGED
@@ -2,26 +2,42 @@ language: ruby
2
2
  rvm:
3
3
  - 2.1.5
4
4
  before_install:
5
- - openssl aes-256-cbc -K $encrypted_57ed81c5c9ab_key -iv $encrypted_57ed81c5c9ab_iv
5
+ - test -z "$BUILD_DOCS" || openssl aes-256-cbc -K $encrypted_57ed81c5c9ab_key -iv $encrypted_57ed81c5c9ab_iv
6
6
  -in keypair.enc -out ~/.ssh/id_rsa -d
7
- - chmod 600 ~/.ssh/id_rsa
8
- - git config --global user.email "evangelists@stormpath.com"
9
- - git config --global user.name "stormpath-rails documentation"
7
+ - test -z "$BUILD_DOCS" || chmod 600 ~/.ssh/id_rsa
10
8
  install:
11
9
  - gem install bundler
12
10
  - bundle install --jobs=3 --retry=3
13
- - pip install --user sphinx
11
+ - test -z "$BUILD_DOCS" || pip install --user sphinx
14
12
  script:
15
13
  - travis_retry rake
14
+ - test -z "$BUILD_DOCS" || cd docs
15
+ - test -z "$BUILD_DOCS" || make html
16
+ - test -z "$BUILD_DOCS" || cd ..
16
17
  after_success:
17
- - CURRENT_HASH=`git rev-parse HEAD`
18
- - RELEASE_VERSION=`git tag | xargs -I@ git log --format=format:"%ai @%n" -1 @ | sort
19
- | awk '{print $4}' | tail -n 1`
20
- - RELEASE_HASH=`git rev-list $RELEASE_VERSION -n 1`
21
- - if [ "$CURRENT_HASH" = "$RELEASE_HASH" ]; then DEPLOY_DOCS=true; fi
18
+ - test -z "$BUILD_DOCS" || CURRENT_HASH=`git rev-parse HEAD`
19
+ - test -z "$BUILD_DOCS" || RELEASE_VERSION=`git tag | xargs -I@ git log --format=format:"%ai @%n" -1 @ | sort | awk '{print $4}' | tail -n 1`
20
+ - test -z "$BUILD_DOCS" || RELEASE_HASH=`git rev-list $RELEASE_VERSION -n 1`
21
+ - test -z "$BUILD_DOCS" || if [ "$CURRENT_HASH" = "$RELEASE_HASH" ]; then DEPLOY_DOCS=true; fi
22
+ - test -z "$DEPLOY_DOCS" || git config --global user.email "evangelists@stormpath.com"
23
+ - test -z "$DEPLOY_DOCS" || git config --global user.name "stormpath-rails Auto Doc Build"
24
+ - test -z "$DEPLOY_DOCS" || git clone git@github.com:stormpath/stormpath.github.io.git
25
+ - test -z "$DEPLOY_DOCS" || cd stormpath.github.io
26
+ - test -z "$DEPLOY_DOCS" || git fetch origin source:source
27
+ - test -z "$DEPLOY_DOCS" || git checkout source
28
+ - test -z "$DEPLOY_DOCS" || mkdir -p source/ruby/rails/latest
29
+ - test -z "$DEPLOY_DOCS" || rm -rf source/ruby/rails/latest
30
+ - test -z "$DEPLOY_DOCS" || cp -r ../docs/_build/html source/ruby/rails/latest
31
+ - test -z "$DEPLOY_DOCS" || cp -r ../docs/_build/html source/ruby/rails/$RELEASE_VERSION
32
+ - test -z "$DEPLOY_DOCS" || git add --all
33
+ - test -z "$DEPLOY_DOCS" || git commit -m "stormpath-rails release $RELEASE_VERSION"
34
+ - test -z "$DEPLOY_DOCS" || git push origin source
22
35
  env:
23
36
  global:
24
- - STORMPATH_APPLICATION_URL=https://api.stormpath.com/v1/applications/4xz3y2Hrid4aqp5YwbNTvk
25
- - secure: VMjIMI42vIPTMPTr0fnzSPiIjzuSAnT7iNWjhAXP9WsdaCmxwHp1vOlry4QuX8DzpKHv2MQubeUN/UA227Nk1xn+CVu9mujWOqvvjmL9m20wMJvwT4ctn7zG+FJK76id9TEyx0mCTlH4ZrRoDMGfM9yzhpsg8FtSebBDdHxePaM=
26
- - secure: IhR6H9qxmxCDNbLK0ebYuIXQRsGA/JhD6In4V/hnSMJ8lPi2kwRn6eKclNCHGNjcy6QF1V5vddKIfKOkFFZvIyP26reygTX1g5Mfa8SqTGKh3DAW4WP+T+yaE4z4UBDK1zZpbV0Zbkw/HC0xeD8UPnjRzERX1LVZp1qeEjhQrks=
27
- - secure: a5woUmOQPRW6FBQBaxKJATfggUD/BVTBfeRaS07u1SQOpMoGJZLY0m29PVx4fHwRD1E7ho31YIeH8wk1vMMrimIHSdE1B4pm4n8bUTi/gDFwavXq9KgTdH8f6Eli37nAXZum78m4NgL9+OlrKeJKCcROdzniZPvFaLrnOwBGzVs=
37
+ - STORMPATH_APPLICATION_HREF=https://api.stormpath.com/v1/applications/4xz3y2Hrid4aqp5YwbNTvk
38
+ - secure: fuZU/DCNpezx1qrhpt/b+eeZRF83AiAwJnUNgA0D2fH4KGleN+BGfz5wEy6oOu5QKDWWAWepHDuwUjTP6QL504QId8+QZbycr52tFM0NXDSzpzhGkoaAEIALjuJ+DBto032yr8hoFjM+P5M1057p2jZKyr5CMkB66j4g3oWwA5k=
39
+ - secure: F0+m4wWKgqZLWpouKwn3BQB1/DXkbwmKEE6E+XFSEJB3rIsf8J4stP6OslqGmkdOzbx/4Dl/V3EXMmWk6R8hnQ5rmr60FGN6FBXUTA+s/9ZULl1I3+J/PsV5azFUwuP+87hbS9QQTVxbG7S3Gpmuy3JCSjySQ4vfXo8fZPz6Plk=
40
+ matrix:
41
+ include:
42
+ - env: BUILD_DOCS=true
43
+ rvm: 2.1.5
data/CHANGELOG.md CHANGED
@@ -1,6 +1,12 @@
1
1
  Stormpath Rails Changelog
2
2
  ============================
3
3
 
4
+ Version 2.3.1
5
+ -------------
6
+ Released on Nov 28, 2016
7
+ - Refactored specs and changed environment variable names to match the other SDK's
8
+
9
+
4
10
  Version 2.3.0
5
11
  -------------
6
12
  Released on Nov 08, 2016
data/Gemfile CHANGED
@@ -18,8 +18,6 @@ group :test do
18
18
  gem 'webmock'
19
19
  gem 'vcr', '3.0.1'
20
20
  gem 'ammeter', git: 'https://github.com/alexrothenberg/ammeter'
21
- gem 'simplecov', require: false
22
- gem 'coveralls', require: false
23
21
  gem 'json_matchers'
24
22
  gem 'match_json', '0.0.5'
25
23
  gem 'capybara'
data/README.md CHANGED
@@ -1,5 +1,4 @@
1
1
  [![Build Status](https://travis-ci.org/stormpath/stormpath-rails.svg?branch=master)](https://travis-ci.org/stormpath/stormpath-rails)
2
- [![Coverage Status](https://coveralls.io/repos/stormpath/stormpath-rails/badge.svg?branch=master&service=github)](https://coveralls.io/github/stormpath/stormpath-rails?branch=master)
3
2
  [![Code Climate](https://codeclimate.com/github/stormpath/stormpath-rails/badges/gpa.svg)](https://codeclimate.com/github/stormpath/stormpath-rails)
4
3
 
5
4
  # Stormpath Rails
@@ -17,7 +16,7 @@ Add the stormpath-rails integration gem to your Gemfile.
17
16
  Stormpath is currently in beta so it is necessary to include the gem version:
18
17
 
19
18
  ```ruby
20
- gem 'stormpath-rails', '~> 2.3.0'
19
+ gem 'stormpath-rails', '~> 2.3.1'
21
20
  ```
22
21
 
23
22
  Bundle the Gemfile
@@ -38,16 +37,16 @@ rails generate stormpath:install
38
37
 
39
38
  Create a Stormpath account if you haven't already, and be sure to set up the following environment variables:
40
39
 
41
- - STORMPATH_API_KEY_ID
42
- - STORMPATH_API_KEY_SECRET
40
+ - STORMPATH_CLIENT_APIKEY_ID
41
+ - STORMPATH_CLIENT_APIKEY_SECRET
43
42
 
44
43
  Environment variables should be set up in you .bashrc file (or .zshrc if you use myzsh).
45
44
 
46
45
  Example setup:
47
46
 
48
47
  ```sh
49
- export STORMPATH_API_KEY_ID=6U4HZMHGVHN0U765BGW
50
- export STORMPATH_API_KEY_SECRET=0e0TuVZKYiPiLTDLNnswEwpPpa5nPv
48
+ export STORMPATH_CLIENT_APIKEY_ID=6U4HZMHGVHN0U765BGW
49
+ export STORMPATH_CLIENT_APIKEY_SECRET=0e0TuVZKYiPiLTDLNnswEwpPpa5nPv
51
50
  ```
52
51
 
53
52
  Alternatively you can use gems such as [Dotenv](https://github.com/bkeepers/dotenv) or [Figaro](https://github.com/laserlemon/figaro) to preload environment variables.
@@ -91,7 +90,7 @@ You can use embedded ruby (ERB) in the configuration file:
91
90
  ```yaml
92
91
  stormpath:
93
92
  application:
94
- href: <%= ENV['STORMPATH_APPLICATION_URL'] %>
93
+ href: <%= ENV['STORMPATH_APPLICATION_HREF'] %>
95
94
  ```
96
95
 
97
96
  ## Usage
@@ -298,12 +297,9 @@ If you wish to contribute to the gem, please follow these steps:
298
297
 
299
298
  1. Create a Stormpath Application.
300
299
  2. Export the following env variables:
301
- - STORMPATH_API_KEY_ID
302
- - STORMPATH_API_KEY_SECRET
300
+ - STORMPATH_CLIENT_APIKEY_ID
301
+ - STORMPATH_CLIENT_APIKEY_SECRET
303
302
  3. Create a Directory and associate it to the app. Make it the default account and group store for the app.
304
- 4. Create a Directory With a Verification Workflow and associate it to the app.
305
- 5. Export the following env variable:
306
- - STORMPATH_SDK_TEST_DIRECTORY_WITH_VERIFICATION_URL
307
303
 
308
304
  ### Specs
309
305
 
@@ -8,22 +8,22 @@ module Stormpath
8
8
  DifferentIssuerError = Class.new(ArgumentError)
9
9
 
10
10
  def initialize(access_token)
11
- raise(NoAccessToken) if access_token.nil?
11
+ raise(NoAccessToken) if access_token.blank?
12
12
  @access_token = access_token
13
13
  end
14
14
 
15
15
  def account
16
- @account ||= resolution_class.new(access_token).account
16
+ @account ||= resolution_instance.verify(access_token).account
17
17
  end
18
18
 
19
19
  private
20
20
 
21
- def resolution_class
21
+ def resolution_instance
22
22
  case Stormpath::Rails.config.web.oauth2.password.validation_strategy.to_sym
23
23
  when :local
24
- LocalAccountResolution
24
+ Stormpath::Oauth::VerifyAccessToken.new(Client.application, local: true)
25
25
  when :stormpath
26
- StormpathAccountResolution
26
+ Stormpath::Oauth::VerifyAccessToken.new(Client.application)
27
27
  else
28
28
  raise ArgumentError, 'Invalid validation strategy'
29
29
  end
@@ -18,9 +18,16 @@ module Stormpath
18
18
  if any_auth_cookie_present?
19
19
  FromCookies.new(cookies).authenticate!
20
20
  elsif bearer_authorization_header?
21
- FromBearerAuth.new(authorization_header).authenticate!
21
+ Stormpath::Authentication::HttpBearerAuthentication.new(
22
+ Stormpath::Rails::Client.application,
23
+ authorization_header,
24
+ local: validation_strategy
25
+ ).authenticate!.account
22
26
  elsif basic_authorization_header?
23
- FromBasicAuth.new(authorization_header).authenticate!
27
+ Stormpath::Authentication::HttpBasicAuthentication.new(
28
+ Stormpath::Rails::Client.application,
29
+ authorization_header
30
+ ).authenticate!.account
24
31
  else
25
32
  raise UnauthenticatedRequest
26
33
  end
@@ -39,6 +46,14 @@ module Stormpath
39
46
  def basic_authorization_header?
40
47
  authorization_header =~ BASIC_PATTERN
41
48
  end
49
+
50
+ def validation_strategy
51
+ if Stormpath::Rails.config.web.oauth2.password.validation_strategy == 'stormpath'
52
+ true
53
+ else
54
+ false
55
+ end
56
+ end
42
57
  end
43
58
  end
44
59
  end
@@ -58,7 +58,7 @@ class SingleTokenCookieSetter
58
58
  end
59
59
 
60
60
  def expires
61
- Time.zone.at(JWT.decode(token, ENV['STORMPATH_API_KEY_SECRET']).first['exp'])
61
+ Time.zone.at(JWT.decode(token, Stormpath::Rails::Client.client.data_store.api_key.secret).first['exp'])
62
62
  end
63
63
 
64
64
  def http_only
data/docs/changelog.rst CHANGED
@@ -6,6 +6,12 @@ Change Log
6
6
 
7
7
  Gem changes until version 2.0.1, in descending order.
8
8
 
9
+ Version 2.3.1
10
+ -------------
11
+ Released on Nov 28, 2016
12
+ - Refactored specs and changed environment variable names to match the other SDK's
13
+
14
+
9
15
  Version 2.3.0
10
16
  -------------
11
17
  Released on Nov 08, 2016
@@ -23,9 +23,9 @@ by running the following commands in the shell:
23
23
 
24
24
  .. code-block:: bash
25
25
 
26
- export STORMPATH_API_KEY_ID=YOUR_ID_HERE
27
- export STORMPATH_API_KEY_SECRET=YOUR_SECRET_HERE
28
- export STORMPATH_APPLICATION_URL=YOUR_APP_HREF
26
+ export STORMPATH_CLIENT_APIKEY_ID=YOUR_ID_HERE
27
+ export STORMPATH_CLIENT_APIKEY_SECRET=YOUR_SECRET_HERE
28
+ export STORMPATH_APPLICATION_HREF=YOUR_APP_HREF
29
29
 
30
30
  or by using any text editor and adding the environment variables to .bashrc (or .zshrc if you're using ohmyzsh)
31
31
 
@@ -35,9 +35,9 @@ or by using any text editor and adding the environment variables to .bashrc (or
35
35
 
36
36
  .. code-block:: bash
37
37
 
38
- set STORMPATH_API_KEY_ID=YOUR_ID_HERE
39
- set STORMPATH_API_KEY_SECRET=YOUR_SECRET_HERE
40
- set STORMPATH_APPLICATION_URL=YOUR_APP_HREF
38
+ set STORMPATH_CLIENT_APIKEY_ID=YOUR_ID_HERE
39
+ set STORMPATH_CLIENT_APIKEY_SECRET=YOUR_SECRET_HERE
40
+ set STORMPATH_APPLICATION_HREF=YOUR_APP_HREF
41
41
 
42
42
  The examples above show you the 3 mandatory settings you need to configure to
43
43
  make stormpath-rails work. These settings can be configured via environment
data/docs/quickstart.rst CHANGED
@@ -30,8 +30,8 @@ prompt you to download your key pair.
30
30
 
31
31
  Once you've downloaded your `apiKey.properties` file, save it and be sure to set up the following environment variables:
32
32
 
33
- - STORMPATH_API_KEY_ID
34
- - STORMPATH_API_KEY_SECRET
33
+ - STORMPATH_CLIENT_APIKEY_ID
34
+ - STORMPATH_CLIENT_APIKEY_SECRET
35
35
 
36
36
  Environment variables should be set up in you .bashrc file (or .zshrc if you use myzsh).
37
37
 
@@ -39,8 +39,8 @@ Example setup:
39
39
 
40
40
  .. code-block:: sh
41
41
 
42
- export STORMPATH_API_KEY_ID=6U4HZMHGVHN0U765BGW
43
- export STORMPATH_API_KEY_SECRET=0e0TuVZKYiPiLTDLNnswEwpPpa5nPv
42
+ export STORMPATH_CLIENT_APIKEY_ID=6U4HZMHGVHN0U765BGW
43
+ export STORMPATH_CLIENT_APIKEY_SECRET=0e0TuVZKYiPiLTDLNnswEwpPpa5nPv
44
44
 
45
45
  Find Your Stormpath Application
46
46
  -------------------------------
@@ -73,7 +73,7 @@ Now that you have your application HREF, make sure to set up another environment
73
73
 
74
74
  .. code-block:: sh
75
75
 
76
- export STORMPATH_APPLICATION_URL=https://api.stormpath.com/v1/applications/24kkU5XOz4tQlZ7sBtPUN6
76
+ export STORMPATH_APPLICATION_HREF=https://api.stormpath.com/v1/applications/24kkU5XOz4tQlZ7sBtPUN6
77
77
 
78
78
 
79
79
  You're ready to bundle Stormpath Rails gem into your project!
@@ -0,0 +1,87 @@
1
+ module Stormpath
2
+ module Rails
3
+ class ApiKey
4
+ TEST_ENV_VARS = {
5
+ required: {
6
+ STORMPATH_CLIENT_APIKEY_ID: 'The id from your Stormpath API Key',
7
+ STORMPATH_CLIENT_APIKEY_SECRET: 'The secret from your Stormpath API Key',
8
+ STORMPATH_APPLICATION_HREF: 'The href to your application'
9
+ },
10
+ deprecated: {
11
+ STORMPATH_API_KEY_ID: 'The id from your Stormpath API Key',
12
+ STORMPATH_API_KEY_SECRET: 'The secret from your Stormpath API Key',
13
+ STORMPATH_APPLICATION_URL: 'The url to your application'
14
+ }
15
+ }.freeze
16
+
17
+ def credentials
18
+ check_env_variable_names
19
+ credentials_from_env_variables
20
+ end
21
+
22
+ private
23
+
24
+ def check_env_variable_names
25
+ unless test_missing_required_env_vars.empty?
26
+ show_deprecation_warning unless env_vars_not_set?
27
+ end
28
+
29
+ raise set_up_message if env_vars_not_set?
30
+ end
31
+
32
+ def credentials_from_env_variables
33
+ {
34
+ id: ENV['STORMPATH_CLIENT_APIKEY_ID'] || ENV['STORMPATH_API_KEY_ID'],
35
+ secret: ENV['STORMPATH_CLIENT_APIKEY_SECRET'] || ENV['STORMPATH_API_KEY_SECRET']
36
+ }
37
+ end
38
+
39
+ def test_missing_deprecated_env_vars
40
+ TEST_ENV_VARS[:deprecated].reject do |var, _|
41
+ ENV[var.to_s]
42
+ end
43
+ end
44
+
45
+ def test_missing_required_env_vars
46
+ TEST_ENV_VARS[:required].reject do |var, _|
47
+ ENV[var.to_s]
48
+ end
49
+ end
50
+
51
+ def env_vars_not_set?
52
+ !test_missing_deprecated_env_vars.empty? && !test_missing_required_env_vars.empty?
53
+ end
54
+
55
+ def show_deprecation_warning
56
+ warn deprecation_warning
57
+ end
58
+
59
+ def deprecation_warning
60
+ warn_message = "\n\n"
61
+ 40.times { warn_message << '*' }
62
+ warn_message << 'STORMPATH RAILS'
63
+ 52.times { warn_message << '*' }
64
+ warn_message << "\n\n"
65
+ warn_message << TEST_ENV_VARS[:deprecated].map do |var, _|
66
+ "\t#{var} is deprecated since the new version of the gem."
67
+ end.join("\n")
68
+ warn_message << "\n\tPlease update your environment variables to use the new names:\n"
69
+ warn_message << "\n\t\texport STORMPATH_CLIENT_APIKEY_ID=your_api_key_id"
70
+ warn_message << "\n\t\texport STORMPATH_CLIENT_APIKEY_SECRET=your_api_key_secret"
71
+ warn_message << "\n\t\texport STORMPATH_APPLICATION_HREF=href_to_application\n\n"
72
+ 110.times { warn_message << '*' }
73
+ warn_message << "\n\n"
74
+ warn_message
75
+ end
76
+
77
+ def set_up_message
78
+ set_up_message = "In order to use the stormpath-rails gem you need to set the following environment variables:\n\t"
79
+ set_up_message << test_missing_required_env_vars.map do |var, message|
80
+ "#{var} : #{message}"
81
+ end.join("\n\t")
82
+ set_up_message << "\nBe sure to configure these before trying to run your application.\n\n"
83
+ set_up_message
84
+ end
85
+ end
86
+ end
87
+ end
@@ -24,12 +24,11 @@ module Stormpath
24
24
  end
25
25
 
26
26
  def self.client
27
- self.connection ||= Stormpath::Client.new(
28
- api_key: {
29
- id: ENV['STORMPATH_API_KEY_ID'],
30
- secret: ENV['STORMPATH_API_KEY_SECRET']
31
- }
32
- )
27
+ self.connection ||= Stormpath::Client.new(api_key: api_key.credentials)
28
+ end
29
+
30
+ def self.api_key
31
+ Stormpath::Rails::ApiKey.new
33
32
  end
34
33
  end
35
34
  end
@@ -15,7 +15,7 @@ module Stormpath
15
15
  def current_account
16
16
  @current_account ||= begin
17
17
  ControllerAuthentication.new(cookies, request.headers['Authorization']).authenticate!
18
- rescue ControllerAuthentication::UnauthenticatedRequest
18
+ rescue ControllerAuthentication::UnauthenticatedRequest, Stormpath::Error, JWT::DecodeError
19
19
  nil
20
20
  end
21
21
  end
@@ -0,0 +1,62 @@
1
+ module Stormpath
2
+ module Rails
3
+ module EnvNamesWarning
4
+ TEST_ENV_VARS = {
5
+ required: {
6
+ STORMPATH_CLIENT_APIKEY_ID: 'The id from your Stormpath API Key',
7
+ STORMPATH_CLIENT_APIKEY_SECRET: 'The secret from your Stormpath API Key',
8
+ STORMPATH_APPLICATION_HREF: 'The href to your application'
9
+ },
10
+ deprecated: {
11
+ STORMPATH_API_KEY_ID: 'The id from your Stormpath API Key',
12
+ STORMPATH_API_KEY_SECRET: 'The secret from your Stormpath API Key',
13
+ STORMPATH_APPLICATION_URL: 'The url to your application'
14
+ }
15
+ }.freeze
16
+
17
+ def self.test_missing_deprecated_env_vars
18
+ TEST_ENV_VARS[:deprecated].reject do |var, _|
19
+ ENV[var.to_s]
20
+ end
21
+ end
22
+
23
+ def self.test_missing_required_env_vars
24
+ TEST_ENV_VARS[:required].reject do |var, _|
25
+ ENV[var.to_s]
26
+ end
27
+ end
28
+
29
+ def self.env_vars_not_set?
30
+ !test_missing_deprecated_env_vars.empty? && !test_missing_required_env_vars.empty?
31
+ end
32
+
33
+ def self.check_env_variable_names
34
+ unless Stormpath::Rails::EnvNamesWarning.test_missing_required_env_vars.empty?
35
+ warn_message = "\n\n"
36
+ 40.times { warn_message << '*' }
37
+ warn_message << 'STORMPATH RAILS'
38
+ 52.times { warn_message << '*' }
39
+ warn_message << "\n\n"
40
+ warn_message << TEST_ENV_VARS[:deprecated].map do |var, _|
41
+ "\t#{var} is deprecated since the new version of the gem."
42
+ end.join("\n")
43
+ warn_message << "\n\tPlease update your environment variables to use the new names:\n"
44
+ warn_message << "\n\t\texport STORMPATH_CLIENT_APIKEY_ID=your_api_key_id"
45
+ warn_message << "\n\t\texport STORMPATH_CLIENT_APIKEY_SECRET=your_api_key_secret"
46
+ warn_message << "\n\t\texport STORMPATH_APPLICATION_HREF=href_to_application\n\n"
47
+ 110.times { warn_message << '*' }
48
+ warn "#{warn_message}\n\n" unless Stormpath::Rails::EnvNamesWarning.env_vars_not_set?
49
+ end
50
+
51
+ if Stormpath::Rails::EnvNamesWarning.env_vars_not_set?
52
+ set_up_message = "In order to use the stormpath-rails gem you need to set the following environment variables:\n\t"
53
+ set_up_message << Stormpath::Rails::EnvNamesWarning.test_missing_required_env_vars.map do |var, message|
54
+ "#{var} : #{message}"
55
+ end.join("\n\t")
56
+ set_up_message << "\nBe sure to configure these before trying to run your application.\n\n"
57
+ raise set_up_message
58
+ end
59
+ end
60
+ end
61
+ end
62
+ end
@@ -1,6 +1,6 @@
1
1
  # frozen_string_literal: true
2
2
  module Stormpath
3
3
  module Rails
4
- VERSION = '2.3.0'.freeze
4
+ VERSION = '2.3.1'.freeze
5
5
  end
6
6
  end
@@ -15,6 +15,7 @@ module Stormpath
15
15
  autoload :Controller, 'stormpath/rails/controller'
16
16
  autoload :Version, 'stormpath/rails/version'
17
17
  autoload :Social, 'stormpath/rails/social'
18
+ autoload :ApiKey, 'stormpath/rails/api_key'
18
19
  autoload :ContentTypeNegotiator, 'stormpath/rails/content_type_negotiator'
19
20
  autoload :RoutingConstraint, 'stormpath/rails/routing_constraint'
20
21
  autoload :InvalidSptokenError, 'stormpath/rails/errors/invalid_sptoken_error'
@@ -23,5 +24,6 @@ module Stormpath
23
24
  autoload :NoGithubAuthorizationError, 'stormpath/rails/errors/no_github_authorization_error'
24
25
  autoload :FacebookAuthCodeExchange, 'stormpath/rails/facebook_auth_code_exchange'
25
26
  autoload :GithubAuthCodeExchange, 'stormpath/rails/github_auth_code_exchange'
27
+ autoload :EnvNamesWarning, 'stormpath/rails/env_names_warning'
26
28
  end
27
29
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: stormpath-rails
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.3.0
4
+ version: 2.3.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Nenad Nikolic
8
8
  autorequire:
9
9
  bindir: exe
10
10
  cert_chain: []
11
- date: 2016-11-08 00:00:00.000000000 Z
11
+ date: 2016-11-28 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: stormpath-sdk
@@ -144,14 +144,10 @@ files:
144
144
  - app/serializers/stormpath/rails/profile_serializer.rb
145
145
  - app/serializers/stormpath/rails/registration_form_serializer.rb
146
146
  - app/services/stormpath/rails/account_from_access_token.rb
147
- - app/services/stormpath/rails/account_from_access_token/local_account_resolution.rb
148
- - app/services/stormpath/rails/account_from_access_token/stormpath_account_resolution.rb
149
147
  - app/services/stormpath/rails/account_login.rb
150
148
  - app/services/stormpath/rails/account_login_with_stormpath_token.rb
151
149
  - app/services/stormpath/rails/client_credentials_authentication.rb
152
150
  - app/services/stormpath/rails/controller_authentication.rb
153
- - app/services/stormpath/rails/controller_authentication/from_basic_auth.rb
154
- - app/services/stormpath/rails/controller_authentication/from_bearer_auth.rb
155
151
  - app/services/stormpath/rails/controller_authentication/from_cookies.rb
156
152
  - app/services/stormpath/rails/delete_access_token.rb
157
153
  - app/services/stormpath/rails/delete_refresh_token.rb
@@ -240,6 +236,7 @@ files:
240
236
  - lib/generators/stormpath/views/views_generator.rb
241
237
  - lib/stormpath-rails.rb
242
238
  - lib/stormpath/rails.rb
239
+ - lib/stormpath/rails/api_key.rb
243
240
  - lib/stormpath/rails/client.rb
244
241
  - lib/stormpath/rails/config/account_store_verification.rb
245
242
  - lib/stormpath/rails/config/application_resolution.rb
@@ -250,6 +247,7 @@ files:
250
247
  - lib/stormpath/rails/content_type_negotiator.rb
251
248
  - lib/stormpath/rails/controller.rb
252
249
  - lib/stormpath/rails/engine.rb
250
+ - lib/stormpath/rails/env_names_warning.rb
253
251
  - lib/stormpath/rails/errors/invalid_sptoken_error.rb
254
252
  - lib/stormpath/rails/errors/no_facebook_authorization_error.rb
255
253
  - lib/stormpath/rails/errors/no_github_authorization_error.rb
@@ -1,48 +0,0 @@
1
- module Stormpath
2
- module Rails
3
- class AccountFromAccessToken
4
- class LocalAccountResolution
5
- attr_reader :access_token
6
-
7
- def initialize(access_token)
8
- @access_token = access_token
9
- @application = Client.application
10
- validate_jwt
11
- end
12
-
13
- def account
14
- Stormpath::Rails::Client.client.accounts.get(account_href)
15
- end
16
-
17
- private
18
-
19
- def account_href
20
- jwt_data.first['sub']
21
- end
22
-
23
- def jwt_data
24
- begin
25
- @jwt_data ||= JWT.decode(access_token, ENV['STORMPATH_API_KEY_SECRET'])
26
- rescue JWT::ExpiredSignature
27
- raise Stormpath::Oauth::Error, :jwt_expired
28
- end
29
- end
30
-
31
- def validate_jwt
32
- validate_jwt_is_an_access_token
33
- validate_jwt_has_a_valid_issuer
34
- end
35
-
36
- def validate_jwt_has_a_valid_issuer
37
- return if jwt_data.first['iss'] == Stormpath::Rails::Client.application.href
38
- raise DifferentIssuerError
39
- end
40
-
41
- def validate_jwt_is_an_access_token
42
- return if jwt_data.second['stt'] == 'access'
43
- raise AuthenticationWithRefreshTokenAttemptError
44
- end
45
- end
46
- end
47
- end
48
- end
@@ -1,27 +0,0 @@
1
- module Stormpath
2
- module Rails
3
- class AccountFromAccessToken
4
- class StormpathAccountResolution
5
- attr_reader :access_token, :application
6
-
7
- def initialize(access_token)
8
- @access_token = access_token
9
- @application = Client.application
10
- validate_jwt_is_access_token
11
- end
12
-
13
- def account
14
- Stormpath::Oauth::VerifyAccessToken.new(application).verify(access_token).account
15
- end
16
-
17
- def validate_jwt_is_access_token
18
- raise AuthenticationWithRefreshTokenAttemptError if jwt_data.second['stt'] != 'access'
19
- end
20
-
21
- def jwt_data
22
- @jwt_data ||= JWT.decode(access_token, ENV['STORMPATH_API_KEY_SECRET'])
23
- end
24
- end
25
- end
26
- end
27
- end
@@ -1,45 +0,0 @@
1
- module Stormpath
2
- module Rails
3
- class ControllerAuthentication
4
- class FromBasicAuth
5
- attr_reader :authorization_header
6
-
7
- def initialize(authorization_header)
8
- @authorization_header = authorization_header
9
- end
10
-
11
- def authenticate!
12
- raise UnauthenticatedRequest if fetched_api_key.nil?
13
- raise UnauthenticatedRequest if fetched_api_key.secret != api_key_secret
14
- fetched_api_key.account
15
- end
16
-
17
- private
18
-
19
- def fetched_api_key
20
- @fetched_api_key ||= Client.application.api_keys.search(id: api_key_id).first
21
- end
22
-
23
- def api_key_id
24
- decoded_authorization_header.first
25
- end
26
-
27
- def api_key_secret
28
- decoded_authorization_header.last
29
- end
30
-
31
- def decoded_authorization_header
32
- @decoded_authorization_header ||= begin
33
- api_key_and_secret = Base64.decode64(basic_authorization_header).split(':')
34
- raise UnauthenticatedRequest if api_key_and_secret.count != 2
35
- api_key_and_secret
36
- end
37
- end
38
-
39
- def basic_authorization_header
40
- authorization_header.gsub(BASIC_PATTERN, '')
41
- end
42
- end
43
- end
44
- end
45
- end
@@ -1,34 +0,0 @@
1
- module Stormpath
2
- module Rails
3
- class ControllerAuthentication
4
- class FromBearerAuth
5
- attr_reader :authorization_header
6
-
7
- RESCUE_CLASSES = [
8
- Stormpath::Oauth::Error,
9
- JWT::DecodeError,
10
- AccountFromAccessToken::AuthenticationWithRefreshTokenAttemptError,
11
- AccountFromAccessToken::DifferentIssuerError
12
- ].freeze
13
-
14
- def initialize(authorization_header)
15
- @authorization_header = authorization_header
16
- end
17
-
18
- def authenticate!
19
- begin
20
- AccountFromAccessToken.new(bearer_access_token).account
21
- rescue *RESCUE_CLASSES
22
- raise UnauthenticatedRequest
23
- end
24
- end
25
-
26
- private
27
-
28
- def bearer_access_token
29
- authorization_header.gsub(BEARER_PATTERN, '')
30
- end
31
- end
32
- end
33
- end
34
- end