stormpath-sdk 1.1.1 → 1.1.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: c4f96be2ec3144f0626f0f61fa70ef9903e8a40f
-  data.tar.gz: ebacced6a9e5386548c86db7898d937a77d6486c
+  metadata.gz: 3bb456ac02d7a55749cc5ba260573ceea9895391
+  data.tar.gz: 7c33b5d39a0fc8946706d0bf4411a701468189af
 SHA512:
-  metadata.gz: ae503d5ac8fca7b264dda2698f03e74d67e185b94fad45abf85cf71a018f598df3a6e0ed8f7cf5941033b503452cc10c71d4cb660be8aa58907026fd55e29c78
-  data.tar.gz: 713737f4fb364fb7313c8b142f69a78043e4d5e9b312f38256a865efaf2bd948016719f66346ff7d0d42130d545bca45edcf6bc2420333d745466885ed8ff397
+  metadata.gz: bc430c17fcdbb63e14d13cae91ee3891f747c0cab30d48a68897d621db3ea053b5f6a055a9add76faaebb43ec253c7fe1843252f3152ead070724b9a70a631e0
+  data.tar.gz: 01cc90dc615a9e0f39e7ffe085acfd4063204d7e22663fcfb49577391053f3cc39e241ce6ab10fa8db294ce3e7ec543e2c39284dc9b9b9999d9e90dad873691a

data/CHANGES.md

@@ -1,6 +1,13 @@
 stormpath-sdk-ruby Changelog
 ============================
 
+Version 1.1.2
+-------------
+
+Released on May 24, 2016
+
+- Add AccessToken and RefreshToken resources
+
 Version 1.1.1
 -------------
 

data/lib/stormpath-sdk.rb

@@ -50,6 +50,7 @@ module Stormpath
     autoload :VerificationEmail, 'stormpath-sdk/resource/verification_email'
     autoload :OauthPolicy, 'stormpath-sdk/resource/oauth_policy'
     autoload :AccessToken, 'stormpath-sdk/resource/access_token'
+    autoload :RefreshToken, 'stormpath-sdk/resource/refresh_token'
     autoload :Organization, 'stormpath-sdk/resource/organization'
     autoload :OrganizationAccountStoreMapping, 'stormpath-sdk/resource/organization_account_store_mapping'
     autoload :AccountOverrides, 'stormpath-sdk/resource/account_overrides'
@@ -108,9 +109,8 @@ module Stormpath
 
   module IdSite
     autoload :IdSiteResult, 'stormpath-sdk/id_site/id_site_result'
-    autoload :Error, 'stormpath-sdk/id_site/error'
   end
-  
+
   module Oauth
     autoload :Authenticator, "stormpath-sdk/oauth/authenticator"
     autoload :PasswordGrant, "stormpath-sdk/oauth/password_grant"
@@ -119,6 +119,8 @@ module Stormpath
     autoload :RefreshGrantRequest, "stormpath-sdk/oauth/refresh_grant_request"
     autoload :VerifyAccessToken, "stormpath-sdk/oauth/verify_access_token"
     autoload :VerifyToken, "stormpath-sdk/oauth/verify_token"
+    autoload :AccessTokenAuthenticationResult, "stormpath-sdk/oauth/access_token_authentication_result"
+    autoload :Error, 'stormpath-sdk/oauth/error'
     autoload :IdSiteGrantRequest, "stormpath-sdk/oauth/id_site_grant_request"
     autoload :IdSiteGrant, "stormpath-sdk/oauth/id_site_grant"
   end

data/lib/stormpath-sdk/client.rb

@@ -58,6 +58,8 @@ module Stormpath
     has_many :group_memberships, href: '/groupMemberships', can: [:get, :create]
     has_many :account_store_mappings, href: '/accountStoreMappings', can: [:get, :create]
     has_many :organization_account_store_mappings, href: '/organizationAccountStoreMappings', can: [:get, :create]
+    has_many :access_tokens, href: '/accessTokens', can: [:get]
+    has_many :refresh_tokens, href: '/refreshTokens', can: [:get]
 
     private
 

data/lib/stormpath-sdk/oauth/access_token_authentication_result.rb

@@ -0,0 +1,33 @@
+module Stormpath
+  module Oauth
+    class AccessTokenAuthenticationResult < Stormpath::Resource::Instance
+      prop_reader :access_token, :refresh_token, :token_type, :expires_in, :stormpath_access_token_href
+
+      alias_method :href, :stormpath_access_token_href
+
+      def delete
+        unless href.respond_to?(:empty) and href.empty?
+          data_store.delete self
+        end
+      end
+
+      def account
+        client.accounts.get(account_href)
+      end
+
+      private
+
+      def account_href
+        @account_href ||= jwt_response['sub']
+      end
+
+      def jwt_response
+        begin
+          JWT.decode(access_token, data_store.api_key.secret).first
+        rescue JWT::ExpiredSignature => error
+          raise Stormpath::Oauth::Error.new(:jwt_expired)
+        end
+      end
+    end
+  end
+end

data/lib/stormpath-sdk/oauth/authenticator.rb

@@ -7,7 +7,7 @@ module Stormpath
         @data_store = data_store
       end
 
-      def authenticate parent_href, request 
+      def authenticate parent_href, request
         assert_not_nil parent_href, "parent_href must be specified"
 
         if request.grant_type == 'password'
@@ -15,13 +15,13 @@ module Stormpath
         elsif request.grant_type == 'refresh_token'
           attempt = @data_store.instantiate RefreshToken
         elsif request.grant_type == 'id_site_token'
-          attempt = @data_store.instantiate IdSiteGrant 
+          attempt = @data_store.instantiate IdSiteGrant
         end
 
         attempt.set_options(request)
-        
+
         href = parent_href + '/oauth/token'
-        @data_store.create href, attempt, Stormpath::Resource::AccessToken
+        @data_store.create href, attempt, Stormpath::Oauth::AccessTokenAuthenticationResult
       end
     end
   end

data/lib/stormpath-sdk/{id_site → oauth}/error.rb

@@ -1,5 +1,5 @@
 module Stormpath
-  module IdSite
+  module Oauth
     class Error < Stormpath::Error
       attr_accessor :status, :code, :message, :developer_message, :more_info
 
@@ -27,7 +27,7 @@ module Stormpath
             code: 10011,
             message: "Token is invalid",
             developer_message: "Token is no longer valid because it has expired"
-          }, 
+          },
           jwt_invalid: {
             status: 400,
             code: 10012,
@@ -39,4 +39,3 @@ module Stormpath
     end
   end
 end
-

data/lib/stormpath-sdk/resource/access_token.rb

@@ -1,12 +1,11 @@
-class Stormpath::Resource::AccessToken < Stormpath::Resource::Instance
-  prop_reader :access_token, :refresh_token, :token_type, :expires_in,
-    :stormpath_access_token_href
+module Stormpath
+  module Resource
+    class AccessToken < Stormpath::Resource::Instance
+      prop_reader :jwt, :expanded_jwt
 
-  alias_method :href, :stormpath_access_token_href
-
-  def delete
-    unless href.respond_to?(:empty) and href.empty?
-      data_store.delete self 
+      belongs_to :account
+      belongs_to :application
+      belongs_to :tenant
     end
   end
 end

data/lib/stormpath-sdk/resource/account.rb

@@ -33,6 +33,9 @@ class Stormpath::Resource::Account < Stormpath::Resource::Instance
 
   has_one :custom_data
 
+  has_many :access_tokens
+  has_many :refresh_tokens
+
   def add_group group
     client.group_memberships.create group: group, account: self
   end

data/lib/stormpath-sdk/resource/application.rb

@@ -61,7 +61,7 @@ class Stormpath::Resource::Application < Stormpath::Resource::Instance
     base += '/logout' if options[:logout]
 
     if options[:callback_uri].empty?
-      raise Stormpath::IdSite::Error.new(:jwt_cb_uri_incorrect)
+      raise Stormpath::Oauth::Error.new(:jwt_cb_uri_incorrect)
     end
 
     token = JWT.encode(jwt_token_payload(options), client.data_store.api_key.secret, 'HS256')
@@ -80,13 +80,13 @@ class Stormpath::Resource::Application < Stormpath::Resource::Instance
     rescue JWT::ExpiredSignature => error
       # JWT raises error if the signature expired, we need to capture this and
       # rerase IdSite::Error
-      raise Stormpath::IdSite::Error.new(:jwt_expired)
+      raise Stormpath::Oauth::Error.new(:jwt_expired)
     end
 
     id_site_result = Stormpath::IdSite::IdSiteResult.new(jwt_response)
 
     if id_site_result.jwt_invalid?(api_key_id)
-      raise Stormpath::IdSite::Error.new(:jwt_invalid)
+      raise Stormpath::Oauth::Error.new(:jwt_invalid)
     end
 
     id_site_result

data/lib/stormpath-sdk/resource/refresh_token.rb

@@ -0,0 +1,6 @@
+module Stormpath
+  module Resource
+    class RefreshToken < AccessToken
+    end
+  end
+end

data/lib/stormpath-sdk/version.rb

@@ -14,6 +14,6 @@
 # limitations under the License.
 #
 module Stormpath
-  VERSION = '1.1.1'
-  VERSION_DATE = '2016-05-19'
+  VERSION = '1.1.2'
+  VERSION_DATE = '2016-05-24'
 end

data/spec/oauth/access_token_authentication_result_spec.rb

@@ -0,0 +1,52 @@
+require 'spec_helper'
+
+describe Stormpath::Oauth::AccessTokenAuthenticationResult, :vcr do
+  let(:account_data) { build_account(email: email, password: password) }
+
+  let(:email) { random_email }
+
+  let(:password) { 'P@$$w0rd' }
+
+  let(:account) { test_application.accounts.create(account_data) }
+
+  let(:password_grant_request) { Stormpath::Oauth::PasswordGrantRequest.new(email, password) }
+
+  let(:jwt_authentication_result) do
+    test_application.authenticate_oauth(password_grant_request)
+  end
+
+  before { account }
+  after { account.delete }
+
+  it 'instances should expose a method to get an account' do
+    expect(jwt_authentication_result.account).to eq(account)
+  end
+
+  it 'should be able to delete the access token' do
+    jwt_authentication_result
+
+    expect(account.access_tokens.count).to eq(1)
+
+    jti = JWT.decode(jwt_authentication_result.access_token, test_api_client.data_store.api_key.secret).first['jti']
+
+    fetched_access_token = test_api_client.access_tokens.get(jti)
+
+    fetched_access_token.delete
+
+    expect(account.access_tokens.count).to eq(0)
+  end
+
+  it 'should be able to delete the refresh token' do
+    jwt_authentication_result
+
+    expect(account.refresh_tokens.count).to eq(1)
+
+    jti = JWT.decode(jwt_authentication_result.refresh_token, test_api_client.data_store.api_key.secret).first['jti']
+
+    fetched_refresh_token = test_api_client.refresh_tokens.get(jti)
+
+    fetched_refresh_token.delete
+
+    expect(account.refresh_tokens.count).to eq(0)
+  end
+end

data/spec/resource/application_spec.rb

@@ -1047,7 +1047,7 @@ describe Stormpath::Resource::Application, :vcr do
       let(:authenticate_oauth) { application.authenticate_oauth(password_grant_request) }
 
       it 'should return access token response' do
-        expect(authenticate_oauth).to be_kind_of(Stormpath::Resource::AccessToken)
+        expect(authenticate_oauth).to be_kind_of(Stormpath::Oauth::AccessTokenAuthenticationResult)
       end
 
       it 'response should contain token data' do
@@ -1085,7 +1085,7 @@ describe Stormpath::Resource::Application, :vcr do
       }
 
       it 'should create a jwtRequest that is signed wit the client secret' do
-        allow(application.client.data_store).to receive(:create).and_return(Stormpath::Resource::AccessToken)
+        allow(application.client.data_store).to receive(:create).and_return(Stormpath::Oauth::AccessTokenAuthenticationResult)
         expect(application.client.data_store).to receive(:instantiate)
           .with(Stormpath::Oauth::IdSiteGrant)
           .and_return(Stormpath::Oauth::IdSiteGrant.new({}, application.client))
@@ -1093,7 +1093,7 @@ describe Stormpath::Resource::Application, :vcr do
         grant_request = Stormpath::Oauth::IdSiteGrantRequest.new jwt_token
         response = application.authenticate_oauth(grant_request)
 
-        expect(response).to be(Stormpath::Resource::AccessToken)
+        expect(response).to be(Stormpath::Oauth::AccessTokenAuthenticationResult)
       end
     end
 
@@ -1102,7 +1102,7 @@ describe Stormpath::Resource::Application, :vcr do
       let(:authenticate_oauth) { application.authenticate_oauth(refresh_grant_request) }
 
       it 'should return access token response with refreshed token' do
-        expect(authenticate_oauth).to be_kind_of(Stormpath::Resource::AccessToken)
+        expect(authenticate_oauth).to be_kind_of(Stormpath::Oauth::AccessTokenAuthenticationResult)
       end
 
       it 'refreshed token is not the same as previous one' do

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: stormpath-sdk
 version: !ruby/object:Gem::Version
-  version: 1.1.1
+  version: 1.1.2
 platform: ruby
 authors:
 - Stormpath, Inc
@@ -9,7 +9,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2016-05-19 00:00:00.000000000 Z
+date: 2016-05-24 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: multi_json
@@ -311,9 +311,10 @@ files:
 - lib/stormpath-sdk/http/request.rb
 - lib/stormpath-sdk/http/response.rb
 - lib/stormpath-sdk/http/utils.rb
-- lib/stormpath-sdk/id_site/error.rb
 - lib/stormpath-sdk/id_site/id_site_result.rb
+- lib/stormpath-sdk/oauth/access_token_authentication_result.rb
 - lib/stormpath-sdk/oauth/authenticator.rb
+- lib/stormpath-sdk/oauth/error.rb
 - lib/stormpath-sdk/oauth/id_site_grant.rb
 - lib/stormpath-sdk/oauth/id_site_grant_request.rb
 - lib/stormpath-sdk/oauth/password_grant.rb
@@ -367,6 +368,7 @@ files:
 - lib/stormpath-sdk/resource/organization.rb
 - lib/stormpath-sdk/resource/organization_account_store_mapping.rb
 - lib/stormpath-sdk/resource/password_reset_token.rb
+- lib/stormpath-sdk/resource/refresh_token.rb
 - lib/stormpath-sdk/resource/status.rb
 - lib/stormpath-sdk/resource/tenant.rb
 - lib/stormpath-sdk/resource/utils.rb
@@ -385,6 +387,7 @@ files:
 - spec/fixtures/response/create_saml_directory_mapping_rules.json
 - spec/fixtures/response/get_saml_directory_provider.json
 - spec/fixtures/response/get_saml_directory_provider_metadata.json
+- spec/oauth/access_token_authentication_result_spec.rb
 - spec/provider/account_resolver_spec.rb
 - spec/provider/provider_spec.rb
 - spec/resource/account_spec.rb