stormpath-sdk 1.0.0.beta.7 → 1.0.0.beta.8

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 217ba3dfe6d6347582c6a2c428ca2c0ab357b434
+  data.tar.gz: 9e8e70ef785bc057c5c25240ad2a40691992d06f
+SHA512:
+  metadata.gz: d4d3e8df8df4fc6812d96dc0eb55e776f149d5400c038d5187067d0e87362277b1441cb933505f8996323a4a0e6ac8b3777ea7d5701c278ee9c24531783ba7f5
+  data.tar.gz: 2c1431cf95b22b5ab3ee0b8bd8881a0edefcc6c446f3674e97b0a624752a6896a7314fa2e4c43c6b7d477178317f3c1951aac55b483599cdfbb927d28f50db6c

data/.travis.yml

@@ -1,35 +1,14 @@
----
-env:
-  global:
-  - secure: |-
-      USqTzWnRXTxgwF6wpwT3UHx4hoo5QIWP6bmmJMOIG/jLWTV3cCZ4y3LEuGx/
-      2x4gTyRuAAbVpJD8n9k/h7Vh6xZ8ts715kRL2OCqD+yOEioKG9RTWWzFCsNY
-      V3wic2+25BHgyCcnXtNFTjP/TfIKjVQETQjn3Ast2foThmyLVYo=
-  - secure: |-
-      UDZPetAAzPMtlosw481STlt60UFEei28DlBrHzDS7j/MKgkum9ZECPm4h7Dr
-      MXsDBp3GghLqGWc5+yNvlV2RSSZdI6YCeTSG7dXu3Tb1vTLd8Ia7pVZg3Ut2
-      5Ru3+xBVHZ/4xrc+8bfL2FGpH8T1mT6GZt9BfkY8v4a+rsn8FLA=
-  - secure: |-
-      FRAT9Sjpv2MUmIu9/uaXAa2LRKmsR0vHz3Vc8oCiDIKihqFq4YF9DpHtQ0nF
-      OYwdcprSH5RzV/bFsf6XcPP4IlIhSRj333FJoHXfmon5cdPcpt70O4in+4YI
-      gXPNGgbzCpZ4WRsFbmtVazQwpXBUg2fYK8y0jNrhZoVZ9UK61Zc=
-  - secure: |-
-      WvFXv/1RKdnh/tJFRlCDMKpiNre0+K3qWLf9PaQzjvWyTAVtq3NK7Av3JSoR
-      EoPy/0VCzlBJPfcPa+EmLO518trgsAJ1dmBOSUmNhQOyl9bfOFlzvjqZ20Ru
-      eMksU4t3HbbBdh3LqR9LPxViJGfUk3LvaiuWwp8y0GB5jMjrASg=
-  - secure: |-
-      HggUi1F44G7uHy3PyKcBE54JpBMIjrmROvzrKkCPOmRP5DoeZQ+wU+8zJ89z
-      4YsxOzQjYLwStB4U95LEZgQYvcbdfjkCY4uthb8XbmSeT7KSkMifhNT619+D
-      sTekVOlY9Ei+8O/BUr4ZCE+Fs8/8obFOxooWxxdHlaYsjj/atm4=
-  - secure: |-
-      cJ2ExNmmGSjBHIgjZ6zs+AUEVBSfyTj2qG9SNV0j/P9mnjg32irU/tG7f1yI
-      yvaGCsPr2h6rwtiMb8QHA4tMqHsoay0e9s7jyBtn6amgUaLsV2vdhQTWDuIU
-      cksOE3PMIovYl9ANLb6KrhDWt7ue/fOxEALh0a5rAu50C/tNvgo=
-
 language: ruby
 rvm:
 - 1.9.3
 - 2.0.0
 - 2.1.2
 services:
-  - redis-server
+- redis-server
+env:
+  global:
+  - secure: cfX/Vagk7SskUp1cnuTTfQHNWz6pjx7bHJOa25ahk/3Jvsqz37qf8MLNs8uRUb/LN63G/YNUtrcRZQiyDS9WHehQy0p7IO68UuOG4zqkJE0iemR0kToCTHMbyLTOB70nhTuwmRfh1KeT5Ja3D9TOtApQErU5IQaKm5jP8CZb4PA=
+  - secure: Vhb4qkFc0BcRkJaPU6ZbM9vPHaEHoz/A1LlQ1IMrEdXS/nUabd4l32q6zjJZvfHJ5bI1PXgk1BFztVGT65UT7Uu17KKawzLZWDLmrgzRESkKDj/Ld9Wg79DY6ooJ/juWBrWuJtoNOFKy6CqLdCKWIzNkd9zG+au3qoFP8LfhRh4=
+  - secure: dKmkzv90Fn1JQpSc2l+cESLFYw3bnN5TsgDKTc2tFFi285EJuqd2z22wfDGcaYAoqX/ck+YTdPqVH6trrC7b3pSMqJSBEaHtWiYMbEkmf/QWrVAHy4LEKFAcs0oACjwVRe7CGBu8RRBWcl8I1STpYm11S8WDe8Y/GHo0HnXipHo=
+  - secure: FejMHUo69w52zjPBMfUThhhgj7md/dj+7gf+1d0sgDuDfZ+gECEyHF8iWvkm64k3j+PX4E/y44HdV1+qIMWTGNA0xSZNFEHBBJrEC1BRKm9BkT8W0KBcupmLRHW0BtLWMrqtKOgOyDEdoufuLx7wDpTNslPeGJ4NUZIGEDTuwLc=
+  - secure: DyEw82o0ozA9rbbgYUk8jiC/KNwB0x0OuVv/TX7Xso3uXgfTL1m3IWYLDX6kvV4QIvHNaNdj1g02ddnRwZwuvA3IH81J8+mkZ6aIXTS1YKZPEZMSqewZNOGQPRVaUOeQ9ymQtE7bfxWkViF2JzJlGzc3IxYUKHeo+NE/Hgehuz4=

data/CHANGES.md

@@ -1,6 +1,16 @@
 stormpath-sdk-ruby Changelog
 ============================
 
+Version 1.0.0.beta.8
+--------------------
+
+Released on July 28, 2015
+
+- Added support for Id Site.
+- Added custom data support for tenant, application and directory resources.
+- Added the size property to the collection resources.
+
+
 Version 1.0.0.beta.7
 --------------------
 

data/README.md

@@ -275,6 +275,70 @@ expansion.add_property 'groups', offset: 5, limit: 10
 client.accounts.get account.href, expansion
 ```
 
+### ID Site
+
+ID Site is a set of hosted and pre-built user interface screens that easily add authentication to your application. ID Site can be accessed via your own custom domain like id.mydomain.com and shared across multiple applications to create centralized authentication if needed. To use ID Site an url needs to be generated which contains JWT token as a parameter.
+
+#### ID Site Login
+
+In order to use ID Site an url needs to be generated. You also need to redirect to the generated url. You can call create_id_site_url which is on application object. For example if you are using sinatra the code would look something like this:
+
+```ruby
+get ‘login’ do
+  redirect application.create_id_site_url callback_uri: “#{callback_uri}”
+end
+```
+
+The application will be an instance of your application. callback_uri is a url with which you want to handle the ID Site information, this url also needs to be set in the Stormpath’s dashboard on [ID Site settings page](https://api.stormpath.com/ui2/index.html#/id-site) as Authorized Redirect URLs.
+
+#### Handle ID Site Callback
+
+For any request you make for ID Site, you need to specify a callback uri. To parse the information from the servers response and to decode the data from the JWT token you need to call the handle_id_site_callback method and pass the Request URI.
+
+For example in your sinatra app this would look something like this:
+
+```ruby
+app.get ‘/callback' do
+  user_data = application.handle_id_site_callback(request.url)
+end
+```
+
+> NOTE:
+> A JWT Response Token can only be used once. This is to prevent replay attacks. It will also only be valid for a total of 60 seconds. After which time, You will need to restart the workflow you were in.
+
+#### Other ID Site Options
+
+There are a few other methods that you will need to concern yourself with when using ID Site. Logging out a User, Registering a User, and a User who has forgotten their password. These methods will use the same information from the login method but a few more items will need to be passed into the array. For example if you have a sinatra application.
+
+Logging Out a User
+```ruby
+app.get ‘/logout' do
+  user_data = application.handle_id_site_callback(request.url)
+  redirect application.create_id_site_url callback_uri: “#{callback_uri}”, logout: true
+end
+```
+
+Registering a User
+```ruby
+app.get ‘/register' do
+  user_data = application.handle_id_site_callback(request.url)
+  redirect application.create_id_site_url callback_uri: “#{callback_uri}”, path: ‘/#/register'
+end
+```
+
+Forgot Link
+```ruby
+app.get ‘/forgot' do
+  user_data = application.handle_id_site_callback(request.url)
+  redirect application.create_id_site_url callback_uri: “#{callback_uri}”, path: ‘/#/forgot'
+end
+```
+
+Again, with all these methods, You will want your application to link to an internal page where the JWT is created at that time. Without doing this, a user will only have 60 seconds to click on the link before the JWT expires.
+
+> NOTE:
+> A JWT will expire after 60 seconds of creation.
+
 ### Registering Accounts
 
 Accounts are created on a directory instance. They can be created in two

data/lib/stormpath-sdk.rb

@@ -5,6 +5,7 @@ require "openssl"
 require "open-uri"
 require "uri"
 require "uuidtools"
+require "jwt"
 require "yaml"
 require 'active_support'
 require "active_support/core_ext"
@@ -15,7 +16,6 @@ require 'active_support/core_ext/array/wrap'
 require "stormpath-sdk/version" unless defined? Stormpath::VERSION
 
 require "stormpath-sdk/util/assert"
-require "stormpath-sdk/ext/hash"
 
 module Stormpath
   autoload :Error, 'stormpath-sdk/error'
@@ -91,4 +91,8 @@ module Stormpath
       autoload :Sauthc1Signer, "stormpath-sdk/http/authc/sauthc1_signer"
     end
   end
+
+  module IdSite
+    autoload :IdSiteResult, 'stormpath-sdk/id_site/id_site_result'
+  end
 end

data/lib/stormpath-sdk/api_key.rb

@@ -14,9 +14,7 @@
 # limitations under the License.
 #
 module Stormpath
-
   class ApiKey
-
     attr_accessor :id, :secret
 
     def initialize(id, secret)
@@ -24,6 +22,5 @@ module Stormpath
       @secret = secret
     end
   end
-
 end
 

data/lib/stormpath-sdk/auth/basic_authenticator.rb

@@ -27,7 +27,7 @@ module Stormpath
         assert_kind_of UsernamePasswordRequest, request, "Only UsernamePasswordRequest instances are supported."
 
         username = request.principals
-        username = (username != nil) ? username : ''
+        username = username || ''
 
         password = request.credentials
         pw_string = password.join

data/lib/stormpath-sdk/auth/username_password_request.rb

@@ -21,7 +21,7 @@ module Stormpath
 
       def initialize username, password, options = {}
         @username = username
-        @password = (password != nil and password.length > 0) ? password.chars.to_a : "".chars.to_a
+        @password = (password || "").chars.to_a
         @host = options[:host]
         @account_store = options[:account_store]
       end

data/lib/stormpath-sdk/client.rb

@@ -23,26 +23,16 @@ module Stormpath
     attr_reader :data_store, :application
 
     def initialize(options)
-      api_key = options[:api_key]
       base_url = options[:base_url]
       cache_opts = options[:cache] || {}
 
-      api_key = if api_key
-        case api_key
-        when ApiKey then api_key
-        when Hash then ApiKey.new api_key[:id], api_key[:secret]
-        end
-      elsif options[:api_key_file_location]
-        load_api_key_file options[:api_key_file_location],
-          options[:api_key_id_property_name],
-          options[:api_key_secret_property_name]
-      end
+      api_key = ApiKey(options)
 
       assert_not_nil api_key, "No API key has been provided. Please pass an 'api_key' or " +
                               "'api_key_file_location' to the Stormpath::Client constructor."
 
-      request_executor = Stormpath::Http::HttpClientRequestExecutor.new(api_key, proxy: options[:proxy])
-      @data_store = Stormpath::DataStore.new(request_executor, cache_opts, self, base_url)
+      request_executor = Stormpath::Http::HttpClientRequestExecutor.new(proxy: options[:proxy])
+      @data_store = Stormpath::DataStore.new(request_executor, api_key, cache_opts, self, base_url)
     end
 
     def tenant(expansion = nil)
@@ -53,10 +43,6 @@ module Stormpath
       self
     end
 
-    def cache_stats
-      @data_source.cache_stats
-    end
-
     has_many :tenants, href: '/tenants', can: :get
     has_many :applications, href: '/applications', can: [:get, :create], delegate: true
     has_many :directories, href: '/directories', can: [:get, :create], delegate: true
@@ -73,6 +59,19 @@ module Stormpath
 
     private
 
+      def ApiKey(options={})
+        if api_key = options[:api_key]
+          case api_key
+          when ApiKey then api_key
+          when Hash then ApiKey.new api_key[:id], api_key[:secret]
+          end
+        elsif options[:api_key_file_location]
+          load_api_key_file(options[:api_key_file_location],
+                            options[:api_key_id_property_name],
+                            options[:api_key_secret_property_name])
+        end
+      end
+
       def load_api_key_file api_key_file_location, id_property_name, secret_property_name
         begin
           api_key_properties = JavaProperties::Properties.new api_key_file_location

data/lib/stormpath-sdk/data_store.rb

@@ -24,14 +24,15 @@ class Stormpath::DataStore
 
   CACHE_REGIONS = %w(applications directories accounts groups groupMemberships accountMemberships tenants customData provider providerData)
 
-  attr_reader :client, :request_executor, :cache_manager
+  attr_reader :client, :request_executor, :cache_manager, :api_key, :base_url
 
-  def initialize(request_executor, cache_opts, client, base_url = nil)
+  def initialize(request_executor, api_key, cache_opts, client, base_url = nil)
     assert_not_nil request_executor, "RequestExecutor cannot be null."
 
     @client = client
     @base_url = base_url || DEFAULT_BASE_URL
     @request_executor = request_executor
+    @api_key = api_key
     initialize_cache cache_opts
   end
 
@@ -118,7 +119,7 @@ class Stormpath::DataStore
                MultiJson.dump(to_hash(resource))
              end
 
-      request = Request.new(http_method, href, query, Hash.new, body)
+      request = Request.new(http_method, href, query, Hash.new, body, @api_key)
       apply_default_request_headers request
       response = @request_executor.execute_request request
 

data/lib/stormpath-sdk/error.rb

@@ -13,27 +13,28 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 #
-class Stormpath::Error < RuntimeError
+module Stormpath
+  class Error < RuntimeError
 
-  def initialize error = nil
-    super !error.nil? ? error.message : ''
-    @error = error
-  end
+    attr_reader :status, :code, :developer_message, :more_info
 
-  def status
-    !@error.nil? ? @error.status : -1
-  end
+    def initialize error = NilError.new
+      super error.message
+      @status = error.status
+      @code = error.code
+      @developer_message = error.developer_message
+      @more_info = error.more_info
+    end
 
-  def code
-    !@error.nil? ? @error.code : -1
-  end
+    private
 
-  def developer_message
-    !@error.nil? ? @error.developer_message : nil
-  end
+      class NilError
+        def message; '' end
+        def status; -1 end
+        def code; -1 end
+        def developer_message; end
+        def more_info; end
+      end
 
-  def more_info
-    !@error.nil? ? @error.more_info : nil
   end
-
-end
+end

data/lib/stormpath-sdk/http/authc/sauthc1_signer.rb

@@ -40,7 +40,7 @@ module Stormpath
           @uuid_generator = uuid_generator
         end
 
-        def sign_request request, api_key
+        def sign_request request
           request.http_headers.delete(Sauthc1Signer::AUTHORIZATION_HEADER)
           request.http_headers.delete(Sauthc1Signer::STORMPATH_DATE_HEADER)
 
@@ -56,7 +56,7 @@ module Stormpath
           # have to have it in the request by the time we sign.
           host_header = uri.host
 
-          if !default_port?(uri)
+          unless default_port?(uri)
             host_header << ":" << uri.port.to_s
           end
 
@@ -71,24 +71,21 @@ module Stormpath
           signed_headers_string = get_signed_headers request
           request_payload_hash_hex = to_hex(hash_text(get_request_payload(request)))
 
-          canonical_request = method + NL +
-              canonical_resource_path + NL +
-              canonical_query_string + NL +
-              canonical_headers_string + NL +
-              signed_headers_string + NL +
-              request_payload_hash_hex
+          canonical_request = [method,
+                               canonical_resource_path,
+                               canonical_query_string,
+                               canonical_headers_string,
+                               signed_headers_string,
+                               request_payload_hash_hex].join(NL)
 
-          id = api_key.id + "/" + date_stamp + "/" + nonce + "/" + ID_TERMINATOR
+          id = [request.api_key.id, date_stamp, nonce, ID_TERMINATOR].join("/")
 
           canonical_request_hash_hex = to_hex(hash_text(canonical_request))
 
-          string_to_sign = ALGORITHM + NL +
-              time_stamp + NL +
-              id + NL +
-              canonical_request_hash_hex
+          string_to_sign = [ALGORITHM, time_stamp, id, canonical_request_hash_hex].join(NL)
 
           # SAuthc1 uses a series of derived keys, formed by hashing different pieces of data
-          k_secret = to_utf8 AUTHENTICATION_SCHEME + api_key.secret
+          k_secret = to_utf8 AUTHENTICATION_SCHEME + request.api_key.secret
           k_date = sign date_stamp, k_secret, DEFAULT_ALGORITHM
           k_nonce = sign nonce, k_date, DEFAULT_ALGORITHM
           k_signing = sign ID_TERMINATOR, k_nonce, DEFAULT_ALGORITHM
@@ -102,7 +99,6 @@ module Stormpath
               create_name_value_pair(SAUTHC1_SIGNATURE, signature_hex)
 
           request.http_headers.store AUTHORIZATION_HEADER, authorization_header
-
         end
 
 
@@ -123,7 +119,7 @@ module Stormpath
           result
         end
 
-        protected
+        private
 
           def canonicalize_query_string request
             request.to_s_query_string true
@@ -149,17 +145,11 @@ module Stormpath
           end
 
           def get_request_payload_without_query_params request
-            result = ''
-            if !request.body.nil?
-              result = request.body
-            end
-            result
+            request.body || ''
           end
 
-        private
-
           def create_name_value_pair name, value
-            name + '=' + value
+            "#{name}=#{value}"
           end
 
           def canonicalize_resource_path resource_path
@@ -186,10 +176,10 @@ module Stormpath
             sorted_headers = request.http_headers.keys.sort!
             result = ''
             sorted_headers.each do |header|
-              if !result.empty?
-                result << ';' << header
-              else
+              if result.empty?
                 result << header
+              else
+                result << ';' << header
               end
             end
             result.downcase
@@ -199,4 +189,4 @@ module Stormpath
       end#Sauthc1Signer
     end#Authc
   end#Http
-end#Stormpath
+end#Stormpath

data/lib/stormpath-sdk/http/http_client_request_executor.rb

@@ -19,9 +19,8 @@ module Stormpath
       include Stormpath::Http::Authc
       include Stormpath::Util::Assert
 
-      def initialize(api_key, options = {})
+      def initialize(options = {})
         @signer = Sauthc1Signer.new
-        @api_key = api_key
         @http_client = HTTPClient.new options[:proxy]
       end
 
@@ -30,7 +29,7 @@ module Stormpath
 
         @redirect_response = nil
 
-        @signer.sign_request request, @api_key
+        @signer.sign_request request
 
         domain = if request.query_string.present?
                    [request.href, request.to_s_query_string(true)].join '?'
@@ -50,20 +49,10 @@ module Stormpath
         end
 
         Response.new response.http_header.status_code,
-                       response.http_header.body_type,
-                       response.content,
-                       response.http_header.body_size
+                     response.http_header.body_type,
+                     response.content,
+                     response.http_header.body_size
       end
-
-      private
-
-        def add_query_string href, query_string
-          query_string.each do |key, value|
-            prefix = if href.include? '?' then '&' else '?' end
-            href << prefix << key.to_s << '=' << value.to_s
-          end
-        end
-
     end
   end
 end