stormpath-sdk 1.6.0 → 1.7.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.rubocop.yml +21 -0
- data/CHANGES.md +11 -0
- data/README.md +23 -25
- data/lib/stormpath-sdk.rb +11 -2
- data/lib/stormpath-sdk/api_key.rb +0 -1
- data/lib/stormpath-sdk/auth/basic_authenticator.rb +7 -7
- data/lib/stormpath-sdk/auth/basic_login_attempt.rb +7 -11
- data/lib/stormpath-sdk/auth/create_factor.rb +1 -1
- data/lib/stormpath-sdk/auth/register_service_provider.rb +41 -0
- data/lib/stormpath-sdk/auth/username_password_request.rb +3 -5
- data/lib/stormpath-sdk/cache/cache.rb +3 -3
- data/lib/stormpath-sdk/cache/cache_entry.rb +2 -2
- data/lib/stormpath-sdk/cache/cache_manager.rb +3 -4
- data/lib/stormpath-sdk/cache/cache_stats.rb +1 -3
- data/lib/stormpath-sdk/cache/disabled_cache_store.rb +5 -8
- data/lib/stormpath-sdk/cache/memory_store.rb +1 -1
- data/lib/stormpath-sdk/cache/redis_store.rb +4 -4
- data/lib/stormpath-sdk/client.rb +35 -33
- data/lib/stormpath-sdk/data_store.rb +278 -257
- data/lib/stormpath-sdk/error.rb +18 -7
- data/lib/stormpath-sdk/http/authc/sauthc1_signer.rb +76 -82
- data/lib/stormpath-sdk/http/http_client_request_executor.rb +10 -8
- data/lib/stormpath-sdk/http/response.rb +5 -7
- data/lib/stormpath-sdk/id_site/id_site_result.rb +5 -6
- data/lib/stormpath-sdk/oauth/access_token_authentication_result.rb +5 -9
- data/lib/stormpath-sdk/oauth/authenticator.rb +2 -2
- data/lib/stormpath-sdk/oauth/error.rb +4 -4
- data/lib/stormpath-sdk/oauth/id_site_grant_request.rb +1 -1
- data/lib/stormpath-sdk/oauth/password_grant_request.rb +1 -1
- data/lib/stormpath-sdk/oauth/refresh_grant_request.rb +2 -2
- data/lib/stormpath-sdk/oauth/stormpath_grant_request.rb +2 -2
- data/lib/stormpath-sdk/provider/account_access.rb +0 -2
- data/lib/stormpath-sdk/provider/account_result.rb +1 -2
- data/lib/stormpath-sdk/provider/facebook/facebook_provider.rb +6 -2
- data/lib/stormpath-sdk/provider/facebook/facebook_provider_data.rb +7 -3
- data/lib/stormpath-sdk/provider/github/github_provider.rb +6 -2
- data/lib/stormpath-sdk/provider/github/github_provider_data.rb +6 -2
- data/lib/stormpath-sdk/provider/google/google_provider.rb +7 -3
- data/lib/stormpath-sdk/provider/google/google_provider_data.rb +6 -2
- data/lib/stormpath-sdk/provider/linkedin/linkedin_provider.rb +6 -2
- data/lib/stormpath-sdk/provider/linkedin/linkedin_provider_data.rb +6 -2
- data/lib/stormpath-sdk/provider/provider.rb +8 -4
- data/lib/stormpath-sdk/provider/provider_data.rb +6 -2
- data/lib/stormpath-sdk/provider/saml/saml_provider.rb +10 -4
- data/lib/stormpath-sdk/provider/saml/saml_provider_data.rb +6 -3
- data/lib/stormpath-sdk/provider/stormpath/stormpath_provider.rb +6 -2
- data/lib/stormpath-sdk/provider/stormpath/stormpath_provider_data.rb +6 -2
- data/lib/stormpath-sdk/provider/twitter/twitter_provider.rb +6 -2
- data/lib/stormpath-sdk/provider/twitter/twitter_provider_data.rb +6 -2
- data/lib/stormpath-sdk/resource/account.rb +46 -40
- data/lib/stormpath-sdk/resource/account_link.rb +9 -5
- data/lib/stormpath-sdk/resource/account_linking_policy.rb +8 -4
- data/lib/stormpath-sdk/resource/account_membership.rb +1 -1
- data/lib/stormpath-sdk/resource/account_overrides.rb +20 -16
- data/lib/stormpath-sdk/resource/account_store.rb +15 -11
- data/lib/stormpath-sdk/resource/account_store_mapping.rb +14 -13
- data/lib/stormpath-sdk/resource/application.rb +147 -136
- data/lib/stormpath-sdk/resource/application_web_config.rb +11 -7
- data/lib/stormpath-sdk/resource/associations.rb +36 -43
- data/lib/stormpath-sdk/resource/attribute_statement_mapping_rules.rb +8 -0
- data/lib/stormpath-sdk/resource/base.rb +201 -200
- data/lib/stormpath-sdk/resource/challenge.rb +12 -8
- data/lib/stormpath-sdk/resource/collection.rb +77 -76
- data/lib/stormpath-sdk/resource/custom_data.rb +60 -61
- data/lib/stormpath-sdk/resource/custom_data_hash_methods.rb +28 -25
- data/lib/stormpath-sdk/resource/custom_data_storage.rb +18 -16
- data/lib/stormpath-sdk/resource/directory.rb +37 -60
- data/lib/stormpath-sdk/resource/email_verification_token.rb +7 -3
- data/lib/stormpath-sdk/resource/error.rb +8 -4
- data/lib/stormpath-sdk/resource/expansion.rb +22 -20
- data/lib/stormpath-sdk/resource/factor.rb +12 -8
- data/lib/stormpath-sdk/resource/field.rb +8 -4
- data/lib/stormpath-sdk/resource/group.rb +21 -16
- data/lib/stormpath-sdk/resource/group_membership.rb +7 -5
- data/lib/stormpath-sdk/resource/instance.rb +10 -6
- data/lib/stormpath-sdk/resource/linked_account.rb +7 -3
- data/lib/stormpath-sdk/resource/oauth_policy.rb +7 -3
- data/lib/stormpath-sdk/resource/organization.rb +14 -10
- data/lib/stormpath-sdk/resource/organization_account_store_mapping.rb +8 -4
- data/lib/stormpath-sdk/resource/password_reset_token.rb +9 -5
- data/lib/stormpath-sdk/resource/phone.rb +8 -4
- data/lib/stormpath-sdk/resource/registered_saml_service_provider.rb +8 -0
- data/lib/stormpath-sdk/resource/saml_identity_provider.rb +14 -0
- data/lib/stormpath-sdk/resource/saml_identity_provider_metadata.rb +9 -0
- data/lib/stormpath-sdk/resource/saml_policy.rb +10 -0
- data/lib/stormpath-sdk/resource/saml_service_provider.rb +7 -0
- data/lib/stormpath-sdk/{provider/saml/saml_mapping_rules.rb → resource/saml_service_provider_metadata.rb} +6 -5
- data/lib/stormpath-sdk/resource/saml_service_provider_registration.rb +11 -0
- data/lib/stormpath-sdk/resource/schema.rb +8 -4
- data/lib/stormpath-sdk/resource/tenant.rb +11 -8
- data/lib/stormpath-sdk/resource/user_info_mapping_rules.rb +7 -3
- data/lib/stormpath-sdk/resource/utils.rb +7 -10
- data/lib/stormpath-sdk/resource/verification_email.rb +7 -3
- data/lib/stormpath-sdk/resource/x_509_certificate.rb +7 -0
- data/lib/stormpath-sdk/util/assert.rb +1 -3
- data/lib/stormpath-sdk/version.rb +2 -2
- data/spec/auth/basic_authenticator_spec.rb +28 -24
- data/spec/auth/register_service_provider_spec.rb +68 -0
- data/spec/auth/sauthc1_signer_spec.rb +8 -4
- data/spec/cache/cache_entry_spec.rb +28 -29
- data/spec/cache/cache_spec.rb +9 -9
- data/spec/cache/cache_stats_spec.rb +1 -1
- data/spec/client_spec.rb +63 -63
- data/spec/data_store_spec.rb +23 -14
- data/spec/oauth/access_token_authentication_result_spec.rb +8 -2
- data/spec/provider/account_resolver_spec.rb +6 -4
- data/spec/provider/provider_spec.rb +6 -6
- data/spec/resource/account_creation_policy_spec.rb +1 -1
- data/spec/resource/account_link_spec.rb +7 -15
- data/spec/resource/account_spec.rb +17 -17
- data/spec/resource/account_store_mapping_spec.rb +16 -22
- data/spec/resource/account_store_spec.rb +3 -3
- data/spec/resource/application_spec.rb +324 -330
- data/spec/resource/base_spec.rb +7 -31
- data/spec/resource/collection_spec.rb +63 -114
- data/spec/resource/custom_data_spec.rb +1 -1
- data/spec/resource/directory_spec.rb +91 -87
- data/spec/resource/expansion_spec.rb +10 -10
- data/spec/resource/factor_spec.rb +1 -1
- data/spec/resource/group_spec.rb +1 -1
- data/spec/resource/linked_account_spec.rb +7 -7
- data/spec/resource/organization_spec.rb +12 -11
- data/spec/resource/phone_spec.rb +1 -1
- data/spec/resource/registered_saml_service_provider_spec.rb +35 -0
- data/spec/resource/saml_identity_provider_metadata_spec.rb +27 -0
- data/spec/resource/saml_identity_provider_spec.rb +94 -0
- data/spec/resource/saml_policy_spec.rb +27 -0
- data/spec/resource/saml_service_provider_registration_spec.rb +58 -0
- data/spec/resource/saml_service_provider_spec.rb +19 -0
- data/spec/resource/status_spec.rb +4 -3
- data/spec/resource/tenant_spec.rb +4 -6
- data/spec/spec_helper.rb +1 -1
- data/spec/support/custom_data_save_period.rb +4 -0
- data/spec/support/custom_data_storage_behavior.rb +7 -8
- data/spec/support/mocked_provider_accounts.rb +101 -101
- data/spec/support/mocked_saml_responses.rb +130 -0
- data/spec/support/resource_factory.rb +4 -4
- data/spec/support/resource_helpers.rb +10 -4
- data/spec/support/resource_matchers.rb +4 -4
- data/spec/support/test_request_executor.rb +2 -2
- metadata +21 -8
- data/lib/stormpath-sdk/provider/saml/saml_provider_metadata.rb +0 -19
- data/spec/fixtures/response/create_saml_directory.json +0 -26
- data/spec/fixtures/response/create_saml_directory_mapping_rules.json +0 -12
- data/spec/fixtures/response/get_saml_directory_provider.json +0 -16
- data/spec/fixtures/response/get_saml_directory_provider_metadata.json +0 -12
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 2303cf72840fbce8b88103201d799aea7cf1a8d5
|
4
|
+
data.tar.gz: 293bf07449a1835f9de1422232ca2404e15ca80b
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: f0ff64f44b058d924663658b144e226fc1da20a6432d2587745319bbb8819f563e21733b0b200d7a42a3abcf891b392cec7186b27f2918a05c28b000cae4be30
|
7
|
+
data.tar.gz: 1184fc539aef04c498ccf1b97c7afdcf2af0e9fc0b9f97a3d9a6bef763c29d3838ebfe8db57aa8b8c3cc059d722d4246621058d6d2117720ee60a8d8505982c0
|
data/.rubocop.yml
ADDED
@@ -0,0 +1,21 @@
|
|
1
|
+
LineLength:
|
2
|
+
Max: 100
|
3
|
+
|
4
|
+
Documentation:
|
5
|
+
Enabled: False
|
6
|
+
|
7
|
+
Style/FirstMethodArgumentLineBreak:
|
8
|
+
Description: >-
|
9
|
+
Checks for a line break before the first argument in a
|
10
|
+
multi-line method call.
|
11
|
+
Enabled: True
|
12
|
+
|
13
|
+
WordArray:
|
14
|
+
Enabled: False
|
15
|
+
|
16
|
+
AllCops:
|
17
|
+
Exclude:
|
18
|
+
- 'db/schema.rb'
|
19
|
+
- 'db/migrate/*.rb'
|
20
|
+
Rails:
|
21
|
+
Enabled: true
|
data/CHANGES.md
CHANGED
@@ -1,6 +1,17 @@
|
|
1
1
|
stormpath-sdk-ruby Changelog
|
2
2
|
============================
|
3
3
|
|
4
|
+
Version 1.7.0
|
5
|
+
-------------
|
6
|
+
|
7
|
+
Released on February 09, 2017
|
8
|
+
|
9
|
+
- Implemented SAML IdP
|
10
|
+
- AttributeStatementMappingRules is now an association instead of a property
|
11
|
+
- Added require_mfa attribute option to the JWT payload
|
12
|
+
- Code cleanup and refactoring
|
13
|
+
|
14
|
+
|
4
15
|
Version 1.6.0
|
5
16
|
-------------
|
6
17
|
|
data/README.md
CHANGED
@@ -71,9 +71,9 @@ If you have not already done so, register as a developer on
|
|
71
71
|
URLs you acquired above.
|
72
72
|
|
73
73
|
```ruby
|
74
|
-
application = client.applications.get
|
74
|
+
application = client.applications.get(application_url)
|
75
75
|
|
76
|
-
directory = client.directories.get
|
76
|
+
directory = client.directories.get(directory_url)
|
77
77
|
```
|
78
78
|
|
79
79
|
1. **Create an account for a user** on the directory.
|
@@ -119,7 +119,7 @@ If you have not already done so, register as a developer on
|
|
119
119
|
1. **Create a group** in a directory
|
120
120
|
|
121
121
|
```ruby
|
122
|
-
directory.groups.create
|
122
|
+
directory.groups.create(name: 'Admins')
|
123
123
|
```
|
124
124
|
|
125
125
|
1. **Add the account to the group**
|
@@ -131,7 +131,7 @@ If you have not already done so, register as a developer on
|
|
131
131
|
1. **Check for account inclusion in group** by reloading the account
|
132
132
|
|
133
133
|
```ruby
|
134
|
-
account = client.accounts.get
|
134
|
+
account = client.accounts.get(account.href)
|
135
135
|
is_admin = account.groups.any? { |group| group.name == 'Admins' }
|
136
136
|
```
|
137
137
|
|
@@ -219,9 +219,9 @@ and directories you have registered. You use the client to access them
|
|
219
219
|
with their REST URL:
|
220
220
|
|
221
221
|
```ruby
|
222
|
-
application = client.applications.get
|
222
|
+
application = client.applications.get(application_url)
|
223
223
|
|
224
|
-
directory = client.directories.get
|
224
|
+
directory = client.directories.get(directory_url)
|
225
225
|
```
|
226
226
|
|
227
227
|
The <code>applications</code> and <code>directories</code> property on a
|
@@ -237,9 +237,9 @@ Additional resources are <code>accounts</code>, <code>groups</code>,
|
|
237
237
|
Applications and directories can be created directly off the client.
|
238
238
|
|
239
239
|
```ruby
|
240
|
-
application = client.applications.create
|
240
|
+
application = client.applications.create(name: 'foo', description: 'bar')
|
241
241
|
|
242
|
-
directory = client.directories.create
|
242
|
+
directory = client.directories.create(name: 'foo', description: 'bar')
|
243
243
|
```
|
244
244
|
|
245
245
|
### Collections
|
@@ -283,7 +283,7 @@ A resource's children can be eager loaded by passing the entity expansion object
|
|
283
283
|
|
284
284
|
```ruby
|
285
285
|
expansion = Stormpath::Resource::Expansion.new 'groups', 'group_memberships'
|
286
|
-
client.accounts.get
|
286
|
+
client.accounts.get(account.href, expansion)
|
287
287
|
```
|
288
288
|
|
289
289
|
<code>limit</code> and <code>offset</code> can be specified for each child resource by calling <code>add_property</code>.
|
@@ -292,7 +292,7 @@ client.accounts.get account.href, expansion
|
|
292
292
|
expansion = Stormpath::Resource::Expansion.new
|
293
293
|
expansion.add_property 'groups', offset: 5, limit: 10
|
294
294
|
|
295
|
-
client.accounts.get
|
295
|
+
client.accounts.get(account.href, expansion)
|
296
296
|
```
|
297
297
|
|
298
298
|
### ID Site
|
@@ -681,7 +681,7 @@ dir_provider.encoded_x509_signing_cert
|
|
681
681
|
dir_provider.request_signature_algorithm
|
682
682
|
dir_provider.service_provider_metadata
|
683
683
|
dir_provider.attribute_statement_mapping_rules
|
684
|
-
dir_provider.
|
684
|
+
dir_provider.created_at
|
685
685
|
dir_provider.modified_at
|
686
686
|
```
|
687
687
|
|
@@ -692,13 +692,13 @@ Next you will have to configure your Stormpath-powered application as a Service
|
|
692
692
|
In order to retrieve the required values, start by sending a GET to the Directory's Provider:
|
693
693
|
|
694
694
|
```ruby
|
695
|
-
directory.
|
695
|
+
directory.service_provider_metadata
|
696
696
|
```
|
697
697
|
|
698
|
-
|
698
|
+
service_provider_metadata method returns instance of SamlServiceProviderMetadata and you can access the following values
|
699
699
|
|
700
700
|
```ruby
|
701
|
-
dir_provider_metadata = directory.
|
701
|
+
dir_provider_metadata = directory.service_provider_metadata
|
702
702
|
|
703
703
|
dir_provider_metadata.href
|
704
704
|
dir_provider_metadata.entity_id
|
@@ -764,7 +764,6 @@ The Attribute Assertions (`<saml:AttributeStatement>`) are brought into Stormpat
|
|
764
764
|
SAML Assertion mapping is defined in an **attributeStatementMappingRules** object found inside the Directory's Provider object, or directly: `/v1/attributeStatementMappingRules/$RULES_ID`.
|
765
765
|
|
766
766
|
##### Mapping Rules
|
767
|
-
|
768
767
|
The rules have three different components:
|
769
768
|
|
770
769
|
- **name**: The SAML Attribute name
|
@@ -774,14 +773,13 @@ The rules have three different components:
|
|
774
773
|
In order to create the mapping rules, we simply send the following:
|
775
774
|
|
776
775
|
```ruby
|
777
|
-
|
778
|
-
|
779
|
-
|
780
|
-
|
781
|
-
}
|
782
|
-
])
|
776
|
+
rule = {
|
777
|
+
'name' => 'uid',
|
778
|
+
'accountAttributes' => ['username']
|
779
|
+
}
|
783
780
|
|
784
|
-
dir.
|
781
|
+
dir.attribute_statement_mapping_rules.items = [rule]
|
782
|
+
dir.attribute_statement_mapping_rules.save
|
785
783
|
```
|
786
784
|
|
787
785
|
### Password Reset
|
@@ -849,7 +847,7 @@ You can create groups and assign them to accounts using the Stormpath
|
|
849
847
|
web console, or programmatically. Groups are created on directories:
|
850
848
|
|
851
849
|
```ruby
|
852
|
-
group = directory.groups.create
|
850
|
+
group = directory.groups.create(name: 'administrators')
|
853
851
|
```
|
854
852
|
|
855
853
|
Group membership can be created by:
|
@@ -857,7 +855,7 @@ Group membership can be created by:
|
|
857
855
|
* Explicitly creating a group membership resource with your client:
|
858
856
|
|
859
857
|
```ruby
|
860
|
-
group_membership = client.group_memberships.create
|
858
|
+
group_membership = client.group_memberships.create(group: group, account: account)
|
861
859
|
```
|
862
860
|
|
863
861
|
* Using the <code>add_group</code> method on the account instance:
|
@@ -903,7 +901,7 @@ An `Organization` is a top-level container for Account Stores. You can think of
|
|
903
901
|
* Adding an Organization to an Application as an Account Store
|
904
902
|
|
905
903
|
```ruby
|
906
|
-
client.account_store_mappings.create
|
904
|
+
client.account_store_mappings.create(application: application, account_store: organization)
|
907
905
|
```
|
908
906
|
|
909
907
|
|
data/lib/stormpath-sdk.rb
CHANGED
@@ -40,6 +40,15 @@ module Stormpath
|
|
40
40
|
autoload :AccountLink, 'stormpath-sdk/resource/account_link'
|
41
41
|
autoload :AccountLinkingPolicy, 'stormpath-sdk/resource/account_linking_policy'
|
42
42
|
autoload :Application, 'stormpath-sdk/resource/application'
|
43
|
+
autoload :SamlServiceProviderMetadata, 'stormpath-sdk/resource/saml_service_provider_metadata'
|
44
|
+
autoload :SamlPolicy, 'stormpath-sdk/resource/saml_policy'
|
45
|
+
autoload :SamlServiceProvider, 'stormpath-sdk/resource/saml_service_provider'
|
46
|
+
autoload :SsoInitiationEndpoint, 'stormpath-sdk/resource/sso_initiation_endpoint'
|
47
|
+
autoload :SamlIdentityProvider, 'stormpath-sdk/resource/saml_identity_provider'
|
48
|
+
autoload :RegisteredSamlServiceProvider, 'stormpath-sdk/resource/registered_saml_service_provider'
|
49
|
+
autoload :SamlServiceProviderRegistration, 'stormpath-sdk/resource/saml_service_provider_registration'
|
50
|
+
autoload :SamlIdentityProviderMetadata, 'stormpath-sdk/resource/saml_identity_provider_metadata'
|
51
|
+
autoload :X509Certificate, 'stormpath-sdk/resource/x_509_certificate'
|
43
52
|
autoload :Directory, 'stormpath-sdk/resource/directory'
|
44
53
|
autoload :Account, 'stormpath-sdk/resource/account'
|
45
54
|
autoload :AccountStore, 'stormpath-sdk/resource/account_store'
|
@@ -68,6 +77,7 @@ module Stormpath
|
|
68
77
|
autoload :Schema, 'stormpath-sdk/resource/schema'
|
69
78
|
autoload :Field, 'stormpath-sdk/resource/field'
|
70
79
|
autoload :UserInfoMappingRules, 'stormpath-sdk/resource/user_info_mapping_rules'
|
80
|
+
autoload :AttributeStatementMappingRules, 'stormpath-sdk/resource/attribute_statement_mapping_rules'
|
71
81
|
end
|
72
82
|
|
73
83
|
module Cache
|
@@ -89,6 +99,7 @@ module Stormpath
|
|
89
99
|
autoload :HttpBasicAuthentication, 'stormpath-sdk/auth/http_basic_authentication'
|
90
100
|
autoload :HttpBearerAuthentication, 'stormpath-sdk/auth/http_bearer_authentication'
|
91
101
|
autoload :CreateFactor, 'stormpath-sdk/auth/create_factor'
|
102
|
+
autoload :RegisterServiceProvider, 'stormpath-sdk/auth/register_service_provider'
|
92
103
|
end
|
93
104
|
|
94
105
|
module Provider
|
@@ -110,8 +121,6 @@ module Stormpath
|
|
110
121
|
autoload :TwitterProviderData, 'stormpath-sdk/provider/twitter/twitter_provider_data'
|
111
122
|
autoload :SamlProvider, 'stormpath-sdk/provider/saml/saml_provider'
|
112
123
|
autoload :SamlProviderData, 'stormpath-sdk/provider/saml/saml_provider_data'
|
113
|
-
autoload :SamlProviderMetadata, 'stormpath-sdk/provider/saml/saml_provider_metadata'
|
114
|
-
autoload :SamlMappingRules, 'stormpath-sdk/provider/saml/saml_mapping_rules'
|
115
124
|
autoload :StormpathProvider, 'stormpath-sdk/provider/stormpath/stormpath_provider'
|
116
125
|
autoload :StormpathProviderData, 'stormpath-sdk/provider/stormpath/stormpath_provider_data'
|
117
126
|
end
|
@@ -18,16 +18,16 @@ module Stormpath
|
|
18
18
|
class BasicAuthenticator
|
19
19
|
include Stormpath::Util::Assert
|
20
20
|
|
21
|
-
def initialize
|
21
|
+
def initialize(data_store)
|
22
22
|
@data_store = data_store
|
23
23
|
end
|
24
24
|
|
25
|
-
def authenticate
|
26
|
-
assert_not_nil parent_href,
|
27
|
-
assert_kind_of UsernamePasswordRequest, request,
|
25
|
+
def authenticate(parent_href, request)
|
26
|
+
assert_not_nil parent_href, 'parentHref argument must be specified'
|
27
|
+
assert_kind_of UsernamePasswordRequest, request, 'Only UsernamePasswordRequest instances are supported.'
|
28
28
|
|
29
29
|
username = request.principals
|
30
|
-
username
|
30
|
+
username ||= ''
|
31
31
|
|
32
32
|
password = request.credentials
|
33
33
|
pw_string = password.join
|
@@ -36,7 +36,7 @@ module Stormpath
|
|
36
36
|
|
37
37
|
value = Base64.encode64(value).tr("\n", '')
|
38
38
|
|
39
|
-
attempt = @data_store.instantiate
|
39
|
+
attempt = @data_store.instantiate(BasicLoginAttempt, nil)
|
40
40
|
attempt.type = 'basic'
|
41
41
|
attempt.value = value
|
42
42
|
|
@@ -44,7 +44,7 @@ module Stormpath
|
|
44
44
|
|
45
45
|
href = parent_href + '/loginAttempts'
|
46
46
|
|
47
|
-
@data_store.create
|
47
|
+
@data_store.create(href, attempt, AuthenticationResult)
|
48
48
|
end
|
49
49
|
end
|
50
50
|
end
|
@@ -16,22 +16,21 @@
|
|
16
16
|
module Stormpath
|
17
17
|
module Authentication
|
18
18
|
class BasicLoginAttempt < Stormpath::Resource::Base
|
19
|
-
|
20
|
-
|
21
|
-
|
22
|
-
ACCOUNT_STORE = "account_store"
|
19
|
+
TYPE = 'type'.freeze
|
20
|
+
VALUE = 'value'.freeze
|
21
|
+
ACCOUNT_STORE = 'account_store'.freeze
|
23
22
|
|
24
23
|
def account_store
|
25
24
|
get_property ACCOUNT_STORE
|
26
25
|
end
|
27
26
|
|
28
27
|
def account_store=(account_store)
|
29
|
-
if account_store.
|
30
|
-
set_property ACCOUNT_STORE,
|
31
|
-
elsif account_store.
|
28
|
+
if account_store.is_a? Stormpath::Resource::Base
|
29
|
+
set_property ACCOUNT_STORE, HREF_PROP_NAME => account_store.href
|
30
|
+
elsif account_store.is_a? Hash
|
32
31
|
set_property ACCOUNT_STORE, sanitize(account_store)
|
33
32
|
else
|
34
|
-
|
33
|
+
raise ArgumentError, 'account_store should be a Stormpath::Resource::Instance or a Hash'
|
35
34
|
end
|
36
35
|
end
|
37
36
|
|
@@ -50,9 +49,6 @@ module Stormpath
|
|
50
49
|
def value=(value)
|
51
50
|
set_property VALUE, value
|
52
51
|
end
|
53
|
-
|
54
52
|
end
|
55
|
-
|
56
53
|
end
|
57
|
-
|
58
54
|
end
|
@@ -0,0 +1,41 @@
|
|
1
|
+
module Stormpath
|
2
|
+
module Authentication
|
3
|
+
class RegisterServiceProvider
|
4
|
+
attr_reader :client, :identity_provider, :options
|
5
|
+
|
6
|
+
def initialize(identity_provider, options = {})
|
7
|
+
@client = identity_provider.client
|
8
|
+
@identity_provider = identity_provider
|
9
|
+
@options = options
|
10
|
+
end
|
11
|
+
|
12
|
+
def call
|
13
|
+
map_identity_provider_and_registered_service_provider
|
14
|
+
registered_service_provider
|
15
|
+
end
|
16
|
+
|
17
|
+
private
|
18
|
+
|
19
|
+
def map_identity_provider_and_registered_service_provider
|
20
|
+
identity_provider.saml_service_provider_registrations.create(
|
21
|
+
service_provider: { href: registered_service_provider.href }
|
22
|
+
)
|
23
|
+
end
|
24
|
+
|
25
|
+
def registered_service_provider
|
26
|
+
@registered_service_provider ||=
|
27
|
+
client.registered_saml_service_providers.create(registered_service_provider_params)
|
28
|
+
end
|
29
|
+
|
30
|
+
def registered_service_provider_params
|
31
|
+
{}.tap do |body|
|
32
|
+
body[:assertion_consumer_service_url] = options[:assertion_consumer_service_url]
|
33
|
+
body[:entity_id] = options[:entity_id]
|
34
|
+
body[:name] = options[:name]
|
35
|
+
body[:description] = options[:description]
|
36
|
+
body[:name_id_format] = options[:name_id_format]
|
37
|
+
end.compact
|
38
|
+
end
|
39
|
+
end
|
40
|
+
end
|
41
|
+
end
|
@@ -16,12 +16,11 @@
|
|
16
16
|
module Stormpath
|
17
17
|
module Authentication
|
18
18
|
class UsernamePasswordRequest
|
19
|
-
|
20
19
|
attr_reader :host, :account_store
|
21
20
|
|
22
|
-
def initialize
|
21
|
+
def initialize(username, password, options = {})
|
23
22
|
@username = username
|
24
|
-
@password = (password ||
|
23
|
+
@password = (password || '').chars.to_a
|
25
24
|
@host = options[:host]
|
26
25
|
@account_store = options[:account_store]
|
27
26
|
end
|
@@ -39,10 +38,9 @@ module Stormpath
|
|
39
38
|
@host = nil
|
40
39
|
@account_store = nil
|
41
40
|
|
42
|
-
@password.each { |
|
41
|
+
@password.each { |_pass_char| pass_char = 0x00 }
|
43
42
|
@password = nil
|
44
43
|
end
|
45
|
-
|
46
44
|
end
|
47
45
|
end
|
48
46
|
end
|
@@ -11,7 +11,7 @@ module Stormpath
|
|
11
11
|
@ttl_seconds = opts[:ttl_seconds] || DEFAULT_TTL_SECONDS
|
12
12
|
@tti_seconds = opts[:tti_seconds] || DEFAULT_TTI_SECONDS
|
13
13
|
store_opts = opts[:store_opts] || {}
|
14
|
-
@store = (opts[:store] || DEFAULT_STORE).new
|
14
|
+
@store = (opts[:store] || DEFAULT_STORE).new(store_opts)
|
15
15
|
@stats = CacheStats.new
|
16
16
|
end
|
17
17
|
|
@@ -19,7 +19,7 @@ module Stormpath
|
|
19
19
|
if entry = @store.get(k)
|
20
20
|
if entry.expired? @ttl_seconds, @tti_seconds
|
21
21
|
@stats.miss true
|
22
|
-
@store.delete
|
22
|
+
@store.delete(k)
|
23
23
|
nil
|
24
24
|
else
|
25
25
|
@stats.hit
|
@@ -38,7 +38,7 @@ module Stormpath
|
|
38
38
|
end
|
39
39
|
|
40
40
|
def delete(k)
|
41
|
-
@store.delete
|
41
|
+
@store.delete(k)
|
42
42
|
@stats.delete
|
43
43
|
end
|
44
44
|
|
@@ -3,7 +3,7 @@ module Stormpath
|
|
3
3
|
class CacheEntry
|
4
4
|
attr_accessor :value, :created_at, :last_accessed_at
|
5
5
|
|
6
|
-
def initialize
|
6
|
+
def initialize(value)
|
7
7
|
self.value = value
|
8
8
|
self.created_at = Time.now
|
9
9
|
self.last_accessed_at = created_at
|
@@ -13,7 +13,7 @@ module Stormpath
|
|
13
13
|
self.last_accessed_at = Time.now
|
14
14
|
end
|
15
15
|
|
16
|
-
def expired?
|
16
|
+
def expired?(ttl_seconds, tti_seconds)
|
17
17
|
now = Time.now
|
18
18
|
now > (created_at + ttl_seconds) || now > (last_accessed_at + tti_seconds)
|
19
19
|
end
|