stormpath-rails 2.0.1 → 2.1.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 45f0f3e26f963efea126aa26e6d1f772fa29709a
-  data.tar.gz: 42f3d96fe8d36ed4225de3c9db3a94ed4dbf910b
+  metadata.gz: db6a4d230306b6c5faf0906c6bdb1f7369ce5a57
+  data.tar.gz: 6c392883dcfb9608965a6e5866b5a291be4d26b3
 SHA512:
-  metadata.gz: 757faf0f3e190f760879704d14fe4b76a0e3ca7f64ef415c5b00083aa427b6fa5ffa4ae369f442c981ee9e95f94e1054be48c1af73cbe894fda9acb4733f8e83
-  data.tar.gz: 20edb0a2fff274d844b527513a6b0330a7d431155ea32f9ea8d55608d813a8326cec34efe089dce317dd5db85ca936f85d96fdb5d361f6eca315c5b452e10550
+  metadata.gz: c5e85671ba7ab1768a3d88abb6bc2d1d2d33645389323ba49bb84c686fad51fc768ad5131ae3a8f8280d0e47bc4a3704335648fc17c6a1a2408b745d3a54e363
+  data.tar.gz: 32f1cc547828bbf8212fc8f92eea53e7ead58732d112d79e100537cfec5359ad1a5c06c26a6c26af258d916d953cda07f8b9ad8dc2088ee866fe89dc287e3f4d

data/.gitignore

@@ -12,3 +12,4 @@ spec/dummy/db/development.sqlite3
 spec/dummy/log/development.log
 spec/dummy/log/test.log
 spec/dummy/tmp
+docs

data/.travis.yml

@@ -1,8 +1,37 @@
 language: ruby
 rvm:
-  - 2.1.5
+- 2.1.5
 before_install:
-  - gem install bundler
+- openssl aes-256-cbc -K $encrypted_57ed81c5c9ab_key -iv $encrypted_57ed81c5c9ab_iv
+  -in keypair.enc -out ~/.ssh/id_rsa -d
+- chmod 600 ~/.ssh/id_rsa
+- git config --global user.email "evangelists@stormpath.com"
+- git config --global user.name "stormpath-rails documentation"
+install:
+- gem install bundler
+- bundle install --jobs=3 --retry=3
+- pip install --user sphinx
+script:
+- travis_retry rake
+# - cd docs
+# - make html
+# - cd ..
+after_success:
+- CURRENT_HASH=`git rev-parse HEAD`
+- RELEASE_VERSION=`git tag | xargs -I@ git log --format=format:"%ai @%n" -1 @ | sort | awk '{print $4}' | tail -n 1`
+- RELEASE_HASH=`git rev-list $RELEASE_VERSION -n 1`
+- if [ "$CURRENT_HASH" = "$RELEASE_HASH" ]; then DEPLOY_DOCS=true; fi
+#- test -z "$DEPLOY_DOCS" || git clone git@github.com:stormpath/stormpath.github.io.git
+#- test -z "$DEPLOY_DOCS" || cd stormpath.github.io
+#- test -z "$DEPLOY_DOCS" || git fetch origin source:source
+#- test -z "$DEPLOY_DOCS" || git checkout source
+#- test -z "$DEPLOY_DOCS" || mkdir -p source/ruby/rails
+#- test -z "$DEPLOY_DOCS" || rm -rf source/ruby/rails/latest
+#- test -z "$DEPLOY_DOCS" || cp -r ../docs/_build/html source/ruby/rails/latest
+#- test -z "$DEPLOY_DOCS" || cp -r ../docs/_build/html source/ruby/rails/$RELEASE_VERSION
+#- test -z "$DEPLOY_DOCS" || git add --all
+#- test -z "$DEPLOY_DOCS" || git commit -m "stormpath-rails release $RELEASE_VERSION"
+#- test -z "$DEPLOY_DOCS" || git push origin source
 env:
   global:
   - STORMPATH_APPLICATION_URL=https://api.stormpath.com/v1/applications/3nZlLKVMIOPu71YC7TFR0o

data/CHANGELOG.md

@@ -1,8 +1,19 @@
 Stormpath Rails Changelog
 ============================
 
-Version 2.0.1
+Version 2.1.0
 -------------
+Released on Nov 02, 2016
+- Create script for generating a rake task responsible for transferring users from devise to Stormpath
+- Implement ID Site Authentication
+
+
+Version 2.0.2
+-------------
+Released on Aug 29, 2016
+- Render path links depending on the configuration
+- Use Faker to generate random test data
+- Rename all user instances to account
 
 Released on Aug 22, 2016
 

data/Gemfile

@@ -25,4 +25,5 @@ group :test do
   gem 'capybara'
   gem 'fivemat'
   gem 'timecop'
+  gem 'faker'
 end

data/README.md

@@ -17,7 +17,7 @@ Add the stormpath-rails integration gem to your Gemfile.
 Stormpath is currently in beta so it is necessary to include the gem version:
 
 ```ruby
-gem 'stormpath-rails', '~> 2.0.0'
+gem 'stormpath-rails', '~> 2.1.0'
 ```
 
 Bundle the Gemfile
@@ -101,7 +101,7 @@ stormpath:
 
 Stormpath Rails responds to two formats: HTML & JSON. You can use it both as an API for building SPA's, mobile applications and as a standalone Rails application that renders HTML.
 
-By default the Stormpath integration will respond to JSON and HTML requests. 
+By default the Stormpath integration will respond to JSON and HTML requests.
 If a requested type isn't any of the two, the Stormpath integration will pass on the request, and allow the developer or Rails defaults to handle the response.
 
 However if you want use only one of those, modify the configuration file:
@@ -146,7 +146,7 @@ and update the routes to point to your new controller:
 
 ```ruby
 Rails.application.routes.draw do
-  stormpath_rails_routes(actions: { 
+  stormpath_rails_routes(actions: {
     'register#create' => 'create_account#call'
   })
 end
@@ -206,6 +206,28 @@ stormpath/rails/shared/_input.html.erb
 stormpath/rails/verify_email/new.html.erb
 ```
 
+## Migrate Devise Account information to Stormpath
+
+If you already have a Rails application that uses devise and need to transfer all users, accounts, or however you named your model there's a nifty
+rake task that you can create in your codebase by running:
+
+```ruby
+rails generate stormpath:migration
+```
+
+This will create a rake task that has the most common use cases for transferring user data into Stormpath:
+
+```
+lib/tasks/stormpath.rake
+```
+
+When you're finished modifying the rake task (minimum required modification: `directory href` and `devise model` that holds the data)
+execute it with:
+
+```ruby
+rake stormpath:migrate
+```
+
 ## Development
 
 ### Prerequisites

data/app/controllers/stormpath/rails/id_site_login/new_controller.rb

@@ -0,0 +1,57 @@
+module Stormpath
+  module Rails
+    module IdSiteLogin
+      class NewController < BaseController
+        before_action :require_no_authentication!
+
+        def call
+          begin
+            result = Stormpath::Rails::Client.application.handle_id_site_callback(request.url)
+            account = Stormpath::Rails::Client.client.accounts.get(result.account_href)
+            login_the_account(account)
+            respond_with_success(account)
+          rescue Stormpath::Error, JWT::VerificationError => error
+            respond_with_error(error)
+          end
+        end
+
+        private
+
+        def login_the_account(account)
+          AccountLoginWithStormpathToken.new(
+            cookies, account,
+            Stormpath::Rails::Client.application,
+            Stormpath::Rails::Client.client.data_store.api_key
+          ).call
+        end
+
+        def respond_with_success(account)
+          respond_to do |format|
+            format.html { redirect_to login_redirect_route, notice: 'Successfully signed in' }
+            format.json { render json: AccountSerializer.to_h(account) }
+          end
+        end
+
+        def respond_with_error(error)
+          respond_to do |format|
+            format.html do
+              flash.now[:error] = error.message
+              render stormpath_config.web.login.view
+            end
+            format.json do
+              render json: { message: error.message }, status: error.try(:status)
+            end
+          end
+        end
+
+        def login_redirect_route
+          if params[:next]
+            URI(params[:next]).path
+          else
+            stormpath_config.web.login.next_uri
+          end
+        end
+      end
+    end
+  end
+end

data/app/controllers/stormpath/rails/id_site_logout/new_controller.rb

@@ -0,0 +1,19 @@
+module Stormpath
+  module Rails
+    module IdSiteLogout
+      class NewController < BaseController
+        def call
+          TokenAndCookiesCleaner.new(cookies).remove
+          redirect_to callback_url
+        end
+
+        private
+
+        def callback_url
+          Stormpath::Rails::Client.application.create_id_site_url(callback_uri: root_url,
+                                                                  logout: true)
+        end
+      end
+    end
+  end
+end

data/app/controllers/stormpath/rails/login/new_controller.rb

@@ -6,7 +6,7 @@ module Stormpath
 
         def call
           if stormpath_config.web.id_site.enabled
-            redirect_to id_site_login_url
+            redirect_to callback_url
           else
             respond_to do |format|
               format.json { render json: LoginNewSerializer.to_h }
@@ -14,6 +14,15 @@ module Stormpath
             end
           end
         end
+
+        private
+
+        def callback_url
+          Stormpath::Rails::Client.application.create_id_site_url(
+            callback_uri: id_site_result_url,
+            path: Stormpath::Rails.config.web.id_site.login_uri
+          )
+        end
       end
     end
   end

data/app/controllers/stormpath/rails/logout/create_controller.rb

@@ -8,8 +8,7 @@ module Stormpath
           if bearer_authorization_header?
             DeleteAccessToken.call(bearer_access_token)
           else
-            delete_tokens
-            delete_cookies
+            TokenAndCookiesCleaner.new(cookies).remove
           end
           respond_with_success
         end
@@ -28,24 +27,6 @@ module Stormpath
           request.headers['Authorization']
         end
 
-        def delete_tokens
-          DeleteAccessToken.call(cookies[access_token_cookie_name])
-          DeleteRefreshToken.call(cookies[refresh_token_cookie_name])
-        end
-
-        def delete_cookies
-          cookies.delete(access_token_cookie_name)
-          cookies.delete(refresh_token_cookie_name)
-        end
-
-        def access_token_cookie_name
-          stormpath_config.web.access_token_cookie.name
-        end
-
-        def refresh_token_cookie_name
-          stormpath_config.web.refresh_token_cookie.name
-        end
-
         def respond_with_success
           respond_to do |format|
             format.html do

data/app/controllers/stormpath/rails/register/new_controller.rb

@@ -4,7 +4,7 @@ module Stormpath
       class NewController < BaseController
         def call
           if stormpath_config.web.id_site.enabled
-            redirect_to id_site_register_url
+            redirect_to callback_url
           elsif signed_in?
             redirect_to root_path
           else
@@ -14,6 +14,15 @@ module Stormpath
             end
           end
         end
+
+        private
+
+        def callback_url
+          Stormpath::Rails::Client.application.create_id_site_url(
+            callback_uri: id_site_result_url,
+            path: Stormpath::Rails.config.web.id_site.register_uri
+          )
+        end
       end
     end
   end

data/app/services/stormpath/rails/token_and_cookies_cleaner.rb

@@ -0,0 +1,36 @@
+module Stormpath
+  module Rails
+    class TokenAndCookiesCleaner
+      attr_reader :cookies
+
+      def initialize(cookies)
+        @cookies = cookies
+      end
+
+      def remove
+        delete_tokens
+        delete_cookies
+      end
+
+      private
+
+      def delete_tokens
+        DeleteAccessToken.call(cookies[access_token_cookie_name])
+        DeleteRefreshToken.call(cookies[refresh_token_cookie_name])
+      end
+
+      def delete_cookies
+        cookies.delete(access_token_cookie_name)
+        cookies.delete(refresh_token_cookie_name)
+      end
+
+      def access_token_cookie_name
+        Stormpath::Rails.config.web.access_token_cookie.name
+      end
+
+      def refresh_token_cookie_name
+        Stormpath::Rails.config.web.refresh_token_cookie.name
+      end
+    end
+  end
+end

data/app/views/stormpath/rails/forgot_password/new.html.erb

@@ -37,7 +37,9 @@
           <% end %>
         </div>
       </div>
-      <%= link_to "Back to Log In", new_login_path, class: "forgot" %>
+      <% if Stormpath::Rails.config.web.login.enabled %>
+        <%= link_to "Back to Log In", new_login_path, class: "forgot" %>
+      <% end %>
     </div>
   </div>
 </div>

data/app/views/stormpath/rails/login/_form.html.erb

@@ -17,7 +17,12 @@
     <% case params[:status] %>
     <% when 'unverified' %>
       <div class="alert alert-success">
-        <p>Your account verification email has been sent! Before you can log into your account, you need to activate your account by clicking the link we sent to your inbox. Didn't get the email? <%= link_to "Click Here", Stormpath::Rails.config.web.verify_email.uri %></p>
+        <% if Stormpath::Rails.config.web.verify_email.enabled %>
+          <p>
+            Your account verification email has been sent! Before you can log into your account, you need to activate your account by clicking the link we sent to your inbox. Didn't get the email?
+            <%= link_to "Click Here", new_verify_email_path %>
+          </p>
+        <% end %>
       </div>
     <% when 'verified' %>
       <div class="alert alert-success">

data/app/views/stormpath/rails/register/_form.html.erb

@@ -14,6 +14,6 @@
       <%= render 'stormpath/rails/shared/input', form: form, input_config: Stormpath::Rails.config.web.register.form.fields.send(field), input_name: field.to_s.camelize(:lower), value: params[field.to_s.camelize(:lower)] %>
     <% end %>
 
-    <%= button_tag "Create Account", :class => "btn btn-register btn-sp-green", :type => "submit" %>
+    <%= button_tag "Create Account", class: "btn btn-register btn-sp-green", type: "submit" %>
   <% end %>
 </div>

data/app/views/stormpath/rails/register/new.html.erb

@@ -4,7 +4,9 @@
       <div class="box row">
         <%= render partial: 'stormpath/rails/register/form' %>
       </div>
-      <%= link_to "Back to Log In", new_login_path, class: "to-login" %>
+      <% if Stormpath::Rails.config.web.login.enabled %>
+        <%= link_to "Back to Log In", new_login_path, class: "to-login" %>
+      <% end %>
     </div>
   </div>
 </div>

data/app/views/stormpath/rails/verify_email/new.html.erb

@@ -43,7 +43,9 @@
           <% end %>
         </div>
       </div>
-      <%= link_to "Back to Log In", new_login_path, class: "forgot" %>
+      <% if Stormpath::Rails.config.web.login.enabled %>
+        <%= link_to "Back to Log In", new_login_path, class: "forgot" %>
+      <% end %>
     </div>
   </div>
 </div>

data/lib/generators/stormpath/migration/migration_generator.rb

@@ -0,0 +1,14 @@
+require 'rails/generators/base'
+
+module Stormpath
+  module Generators
+    class MigrationGenerator < ::Rails::Generators::Base
+      include ::Rails::Generators::Migration
+      source_root File.expand_path('../templates', __FILE__)
+
+      def create_migration_script
+        copy_file 'stormpath.rake', 'lib/tasks/stormpath.rake'
+      end
+    end
+  end
+end

data/lib/generators/stormpath/migration/templates/stormpath.rake

@@ -0,0 +1,75 @@
+namespace :stormpath do
+  desc 'Migrate devise data to Stormpath'
+  task migrate: :environment do
+    # This is the migration script used for transferring users from your database to Stormpath.
+    # You can tailor it by your needs from the examples below.
+    # If you need different or additional specifications you can read our documentation:
+    # https://docs.stormpath.com/ruby/product-guide/latest/accnt_mgmt.html
+
+    # ==============================================================
+    # Use an exhisting directory for storing your users
+    # Paste your directory href below.
+    # ==============================================================
+
+    directory_href = 'https://api.stormpath.com/v1/directories/4BjHtySIVQ8iwz96rguEE1'
+    directory = Stormpath::Rails::Client.client.directories.get(directory_href)
+
+    # ==============================================================
+    # Migrate the users - this is the default approach (DEVISE) to migrating users from your db
+    # to Stormpath without the registration workflow.
+    # Hovewer, you can change it depending on your needs.
+    # https://docs.stormpath.com/ruby/product-guide/latest/accnt_mgmt.html#importing-accounts
+    # ==============================================================
+
+    User.all.find_each do |user|
+      directory.accounts.create(
+        { username: "rex#{user.id}",
+          email: user.email,
+          given_name: 'Captain',
+          middle_name: '12345',
+          surname: 'Rex',
+          password: user.encrypted_password },
+        password_format: 'mcf'
+      )
+      puts "#{user.email} migrated to Stormpath directory: #{directory.name}"
+    end
+
+    # ==============================================================
+    # Create a new application in which you'll be storing your users
+    # ==============================================================
+
+    # application = Stormpath::Rails::Client.client.applications.create(name: 'Devise import',
+    #                                                                   description: 'Devise')
+    # directory = Stormpath::Rails::Client.client.directories.create(name: 'devise import',
+    #                                                                description: 'devise import'
+    # =>  Map the two together
+    # Stormpath::Rails::Client.client.account_store_mappings.create(
+    #   application: application,
+    #   account_store: directory,
+    #   list_index: 0,
+    #   is_default_account_store: true,
+    #   is_default_group_store: false
+    # )
+
+    # ==============================================================
+    # Store Additional User Information as Custom Data
+    # https://docs.stormpath.com/ruby/product-guide/latest/accnt_mgmt.html#how-to-store-additional-user-information-as-custom-data
+    # ==============================================================
+
+    # User.all.find_each do |user|
+    #   account = directory.accounts.create(
+    #     { username: "rex#{user.id}",
+    #       email: user.email,
+    #       given_name: 'Jean-Luc',
+    #       surname: 'Picard',
+    #       password: user.encrypted_password,
+    #       custom_data: {
+    #         rank: 'Captain',
+    #         favorite_drink: 'Earl Grey Tea'
+    #       } },
+    #     password_format: 'mcf'
+    #   )
+    #   puts "#{user.email} with custom data #{account.custom_data['favorite_drink']} migrated."
+    # end
+  end
+end

data/lib/stormpath/rails/config/dynamic_configuration.rb

@@ -26,6 +26,11 @@ module Stormpath
           password_reset_enabled?
         end
 
+        def verify_email_enabled?
+          return false if static_config.stormpath.web.verify_email.enabled == false
+          email_verification_enabled?
+        end
+
         private
 
         def password_reset_enabled?
@@ -33,6 +38,11 @@ module Stormpath
           default_account_store.password_policy.reset_email_status == 'ENABLED'
         end
 
+        def email_verification_enabled?
+          return false if default_account_store.nil?
+          default_account_store.account_creation_policy.verification_email_status == 'ENABLED'
+        end
+
         def default_account_store
           @default_account_store ||=
             app.default_account_store_mapping && app.default_account_store_mapping.account_store

data/lib/stormpath/rails/configuration.rb

@@ -26,6 +26,7 @@ module Stormpath
           config.stormpath.application.href = dynamic_config.app.href
           config.stormpath.web.forgot_password.enabled = dynamic_config.forgot_password_enabled?
           config.stormpath.web.change_password.enabled = dynamic_config.change_password_enabled?
+          config.stormpath.web.verify_email.enabled = dynamic_config.verify_email_enabled?
         end
       end
 

data/lib/stormpath/rails/router.rb

@@ -15,7 +15,9 @@ module Stormpath
         'oauth2#new' => 'stormpath/rails/oauth2/new#call',
         'oauth2#create' => 'stormpath/rails/oauth2/create#call',
         'verify_email#show' => 'stormpath/rails/verify_email/show#call',
-        'verify_email#create' => 'stormpath/rails/verify_email/create#call'
+        'verify_email#create' => 'stormpath/rails/verify_email/create#call',
+        'id_site_login#new' => 'stormpath/rails/id_site_login/new#call',
+        'id_site_logout#new' => 'stormpath/rails/id_site_logout/new#call'
       }.freeze
 
       def stormpath_rails_routes(actions: {})
@@ -63,9 +65,15 @@ module Stormpath
 
           # VERIFY EMAIL
           if Stormpath::Rails.config.web.verify_email.enabled
-            get Stormpath::Rails.config.web.verify_email.uri => actions['verify_email#show']
+            get Stormpath::Rails.config.web.verify_email.uri => actions['verify_email#show'], as: :new_verify_email
             post Stormpath::Rails.config.web.verify_email.uri => actions['verify_email#create'], as: :verify_email
           end
+
+          # ID SITE LOGIN
+          if Stormpath::Rails.config.web.id_site.enabled
+            get '/id_site_result' => actions['id_site_login#new'], as: :id_site_result
+            get '/logout_id_site' => actions['id_site_logout#new'], as: :logout_id_site
+          end
         end
       end
     end

data/lib/stormpath/rails/version.rb

@@ -1,6 +1,6 @@
 # frozen_string_literal: true
 module Stormpath
   module Rails
-    VERSION = '2.0.1'.freeze
+    VERSION = '2.1.0'.freeze
   end
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: stormpath-rails
 version: !ruby/object:Gem::Version
-  version: 2.0.1
+  version: 2.1.0
 platform: ruby
 authors:
 - Nenad Nikolic
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2016-08-22 00:00:00.000000000 Z
+date: 2016-11-02 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: stormpath-sdk
@@ -115,6 +115,8 @@ files:
 - app/controllers/stormpath/rails/change_password/new_controller.rb
 - app/controllers/stormpath/rails/forgot_password/create_controller.rb
 - app/controllers/stormpath/rails/forgot_password/new_controller.rb
+- app/controllers/stormpath/rails/id_site_login/new_controller.rb
+- app/controllers/stormpath/rails/id_site_logout/new_controller.rb
 - app/controllers/stormpath/rails/login/create_controller.rb
 - app/controllers/stormpath/rails/login/new_controller.rb
 - app/controllers/stormpath/rails/logout/create_controller.rb
@@ -151,6 +153,7 @@ files:
 - app/services/stormpath/rails/refresh_token_authentication.rb
 - app/services/stormpath/rails/resend_email_verification.rb
 - app/services/stormpath/rails/send_password_reset_email.rb
+- app/services/stormpath/rails/token_and_cookies_cleaner.rb
 - app/services/stormpath/rails/token_cookie_setter.rb
 - app/services/stormpath/rails/verify_email_token.rb
 - app/views/stormpath/rails/change_password/new.html.erb
@@ -168,8 +171,11 @@ files:
 - bin/rspec
 - bin/setup
 - config/initializers/assets.rb
+- keypair.enc
 - lib/generators/stormpath/install/install_generator.rb
 - lib/generators/stormpath/install/templates/default_config.yml
+- lib/generators/stormpath/migration/migration_generator.rb
+- lib/generators/stormpath/migration/templates/stormpath.rake
 - lib/generators/stormpath/views/USAGE
 - lib/generators/stormpath/views/views_generator.rb
 - lib/stormpath-rails.rb
@@ -209,7 +215,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.5.1
+rubygems_version: 2.6.6
 signing_key: 
 specification_version: 4
 summary: Stormpath Rails integration