userbin 0.4.5 → 1.0.0

data/lib/userbin/jwt.rb

@@ -0,0 +1,40 @@
+require 'jwt'
+
+module Userbin
+  class JWT
+    attr_reader :header
+    attr_reader :payload
+
+    def initialize(jwt)
+      begin
+        raise Userbin::SecurityError, 'Empty JWT' unless jwt
+        @payload = ::JWT.decode(jwt, Userbin.config.api_secret, true) do |header|
+          @header = header.with_indifferent_access
+          Userbin.config.api_secret # used by the 'key finder' in the JWT gem
+        end.with_indifferent_access
+      rescue ::JWT::DecodeError => e
+        raise Userbin::SecurityError.new(e)
+      end
+    end
+
+    def expired?
+      Time.now.utc > Time.at(@header['exp']).utc
+    end
+
+    def to_json
+      @payload
+    end
+
+    def to_token
+      ::JWT.encode(@payload, Userbin.config.api_secret, "HS256", @header)
+    end
+
+    def app_id
+      @header['aud']
+    end
+
+    def merge!(payload = {})
+      @payload.merge!(payload)
+    end
+  end
+end

data/lib/userbin/models/base.rb

@@ -0,0 +1,24 @@
+require 'her'
+
+module Userbin
+  class Base
+    include Her::Model
+    use_api Userbin::API
+
+    METHODS.each do |method|
+      class_eval <<-RUBY, __FILE__, __LINE__ + 1
+        def self.instance_#{method}(action)
+          instance_custom(:#{method}, action)
+        end
+      RUBY
+    end
+
+    def self.instance_custom(method, action)
+      class_eval <<-RUBY, __FILE__, __LINE__ + 1
+        def #{action}(params={})
+          self.class.#{method}("\#{request_path}/#{action}", params)
+        end
+      RUBY
+    end
+  end
+end

data/lib/userbin/models/challenge.rb

@@ -0,0 +1,4 @@
+module Userbin
+  class Challenge < Base
+  end
+end

data/lib/userbin/models/session.rb

@@ -0,0 +1,11 @@
+module Userbin
+  class Session < Base
+    primary_key :token
+    instance_post :refresh
+    instance_post :verify
+
+    def expired?
+      Userbin::JWT.new(token).expired?
+    end
+  end
+end

data/lib/userbin/models/user.rb

@@ -0,0 +1,9 @@
+module Userbin
+  class User < Base
+    custom_post :import
+    instance_post :lock
+    instance_post :unlock
+
+    has_many :sessions
+  end
+end

data/lib/userbin/request.rb

@@ -0,0 +1,99 @@
+module Userbin
+  module Request
+
+    def self.client_user_agent
+      @uname ||= get_uname
+      lang_version = "#{RUBY_VERSION} p#{RUBY_PATCHLEVEL} (#{RUBY_RELEASE_DATE})"
+
+      {
+        :bindings_version => Userbin::VERSION,
+        :lang => 'ruby',
+        :lang_version => lang_version,
+        :platform => RUBY_PLATFORM,
+        :publisher => 'userbin',
+        :uname => @uname
+      }
+    end
+
+    def self.get_uname
+      `uname -a 2>/dev/null`.strip if RUBY_PLATFORM =~ /linux|darwin/i
+    rescue Errno::ENOMEM => ex # couldn't create subprocess
+      "uname lookup failed"
+    end
+
+    #
+    # Faraday middleware
+    #
+    module Middleware
+      # Sets credentials dynamically, allowing them to change between requests.
+      #
+      class BasicAuth < Faraday::Middleware
+        def initialize(app, api_secret)
+          super(app)
+          @api_secret = api_secret
+        end
+
+        def call(env)
+          value = Base64.encode64("#{@api_secret || Userbin.config.api_secret}:")
+          value.gsub!("\n", '')
+          env[:request_headers]["Authorization"] = "Basic #{value}"
+          @app.call(env)
+        end
+      end
+
+      # Adds details about current environment
+      #
+      class EnvironmentHeaders < Faraday::Middleware
+        def call(env)
+          begin
+            env[:request_headers]["X-Userbin-Client-User-Agent"] =
+              MultiJson.encode(Userbin::Request.client_user_agent)
+          rescue => error; end
+
+          env[:request_headers]["User-Agent"] =
+            "Userbin/v1 RubyBindings/#{Userbin::VERSION}"
+
+          @app.call(env)
+        end
+      end
+
+      # Adds request context like IP address and user agent to any request.
+      #
+      class ContextHeaders < Faraday::Middleware
+        def call(env)
+          userbin_headers = RequestStore.store.fetch(:userbin_headers, [])
+          userbin_headers.each do |key, value|
+            header =
+              "X-Userbin-#{key.to_s.gsub('_', '-').gsub(/\w+/) {|m| m.capitalize}}"
+            env[:request_headers][header] = value
+          end
+          @app.call(env)
+        end
+      end
+
+      class JSONParser < Her::Middleware::DefaultParseJSON
+        # This method is triggered when the response has been received. It modifies
+        # the value of `env[:body]`.
+        #
+        # @param [Hash] env The response environment
+        # @private
+        def on_complete(env)
+          env[:body] = '{}' if [204, 405].include?(env[:status])
+          env[:body] = case env[:status]
+          when 403
+            raise Userbin::ForbiddenError.new(
+              MultiJson.decode(env[:body])['message'])
+          when 419
+            raise Userbin::UserUnauthorizedError.new(
+              MultiJson.decode(env[:body])['message'])
+          when 400..599
+            raise Userbin::Error.new(MultiJson.decode(env[:body])['message'])
+          else
+            parse(env[:body])
+          end
+        end
+      end
+    end
+
+  end
+end

data/lib/userbin/utils.rb

@@ -0,0 +1,28 @@
+# TODO: scope Userbin::Utils
+
+module Userbin
+  class << self
+    def setup_api(api_secret = nil)
+      api_endpoint = ENV.fetch('USERBIN_API_ENDPOINT') {
+        "https://secure.userbin.com/v1"
+      }
+
+      Her::API.setup url: api_endpoint do |c|
+        c.use Userbin::Request::Middleware::BasicAuth, api_secret
+        c.use Userbin::Request::Middleware::EnvironmentHeaders
+        c.use Userbin::Request::Middleware::ContextHeaders
+        c.use FaradayMiddleware::EncodeJson
+        c.use Userbin::Request::Middleware::JSONParser
+        c.use Faraday::Adapter::NetHttp
+      end
+    end
+
+    def with_context(opts, &block)
+      return block.call unless opts
+      RequestStore.store[:userbin_headers] = {}
+      RequestStore.store[:userbin_headers][:ip] = opts[:ip] if opts[:ip]
+      RequestStore.store[:userbin_headers][:user_agent] = opts[:user_agent] if opts[:user_agent]
+      block.call
+    end
+  end
+end

data/lib/userbin/version.rb

@@ -1,3 +1,3 @@
 module Userbin
-  VERSION = "0.4.5"
+  VERSION = "1.0.0"
 end

data/spec/configuration_spec.rb

@@ -0,0 +1,8 @@
+require 'spec_helper'
+
+describe 'Userbin configuration' do
+  it 'sets API secret without using block' do
+    #Userbin.api_secret = 'secret'
+    #Userbin.config.api_secret.should == 'secret'
+  end
+end

data/spec/fixtures/vcr_cassettes/session_create.yml

@@ -0,0 +1,47 @@
+---
+http_interactions:
+- request:
+    method: post
+    uri: https://secretkey:@secure.userbin.com/v1/users/user-2412/sessions
+    body:
+      encoding: UTF-8
+      string: '{"user":{"email":"valid@example.com"}}'
+    headers:
+      User-Agent:
+      - Faraday v0.9.0
+      Content-Type:
+      - application/json
+      Accept-Encoding:
+      - gzip;q=1.0,deflate;q=0.6,identity;q=0.3
+      Accept:
+      - "*/*"
+  response:
+    status:
+      code: 201
+      message: 'Created '
+    headers:
+      Content-Type:
+      - application/json
+      Content-Length:
+      - '716'
+      X-Ua-Compatible:
+      - IE=Edge
+      Etag:
+      - '"c323dc2244006efcc5629936b73749ff"'
+      Cache-Control:
+      - max-age=0, private, must-revalidate
+      Server:
+      - WEBrick/1.3.1 (Ruby/2.1.1/2014-02-24)
+      Date:
+      - Wed, 07 May 2014 16:21:05 GMT
+      Connection:
+      - Keep-Alive
+      Set-Cookie:
+      - _ubt=; expires=Thu, 01-Jan-1970 00:00:00 GMT
+    body:
+      encoding: UTF-8
+      string: '{"id":"S2odxReZnGqhqxPaQ7V7kNkLoXkGZPFz","token":"eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiIsImlzcyI6InVzZXItMjQxMiIsInN1YiI6IlMyb2R4UmVabkdxaHF4UGFRN1Y3a05rTG9Ya0daUEZ6IiwiYXVkIjoiODAwMDAwMDAwMDAwMDAwIiwiZXhwIjoxMzk5NDc5Njc1LCJpYXQiOjEzOTk0Nzk2NjUsImp0aSI6MH0.eyJjaGFsbGVuZ2UiOnsiaWQiOiJUVENqd3VyM3lwbTRUR1ZwWU43cENzTXFxOW9mWEVBSCIsInR5cGUiOiJvdHBfYXV0aGVudGljYXRvciJ9fQ.LT9mUzJEbsizbFxcpMo3zbms0aCDBzfgMbveMGSi1-s","user":{"id":"8Fpmj9asxpq4mwGzx48MP1EQhdWUHDeb","local_id":"user-2412","created_at":"2014-05-07T15:33:58Z","updated_at":"2014-05-07T16:04:56Z","email":"valid@example.com","username":"valid@example.com","name":"New
+        Name","first_name":null,"last_name":null,"image":null,"status":"ACTIVE","mfa_enabled":true}}'
+    http_version:
+  recorded_at: Wed, 07 May 2014 16:21:05 GMT
+recorded_with: VCR 2.9.0

data/spec/fixtures/vcr_cassettes/session_refresh.yml

@@ -0,0 +1,47 @@
+---
+http_interactions:
+- request:
+    method: post
+    uri: https://secretkey:@secure.userbin.com/v1/sessions/eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiIsImlzcyI6InVzZXItMjQxMiIsInN1YiI6IlMyb2R4UmVabkdxaHF4UGFRN1Y3a05rTG9Ya0daUEZ6IiwiYXVkIjoiODAwMDAwMDAwMDAwMDAwIiwiZXhwIjoxMzk5NDc5Njc1LCJpYXQiOjEzOTk0Nzk2NjUsImp0aSI6MH0.eyJjaGFsbGVuZ2UiOnsiaWQiOiJUVENqd3VyM3lwbTRUR1ZwWU43cENzTXFxOW9mWEVBSCIsInR5cGUiOiJvdHBfYXV0aGVudGljYXRvciJ9fQ.LT9mUzJEbsizbFxcpMo3zbms0aCDBzfgMbveMGSi1-s/refresh
+    body:
+      encoding: UTF-8
+      string: '{"user":{"name":"New Name"}}'
+    headers:
+      User-Agent:
+      - Faraday v0.9.0
+      Content-Type:
+      - application/json
+      Accept-Encoding:
+      - gzip;q=1.0,deflate;q=0.6,identity;q=0.3
+      Accept:
+      - "*/*"
+  response:
+    status:
+      code: 201
+      message: 'Created '
+    headers:
+      Content-Type:
+      - application/json
+      Content-Length:
+      - '716'
+      X-Ua-Compatible:
+      - IE=Edge
+      Etag:
+      - '"537ee28e9894002208f8f645f6dd2987"'
+      Cache-Control:
+      - max-age=0, private, must-revalidate
+      Server:
+      - WEBrick/1.3.1 (Ruby/2.1.1/2014-02-24)
+      Date:
+      - Wed, 07 May 2014 16:21:55 GMT
+      Connection:
+      - Keep-Alive
+      Set-Cookie:
+      - _ubt=; expires=Thu, 01-Jan-1970 00:00:00 GMT
+    body:
+      encoding: UTF-8
+      string: '{"id":"S2odxReZnGqhqxPaQ7V7kNkLoXkGZPFz","token":"eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiIsImlzcyI6InVzZXItMjQxMiIsInN1YiI6IlMyb2R4UmVabkdxaHF4UGFRN1Y3a05rTG9Ya0daUEZ6IiwiYXVkIjoiODAwMDAwMDAwMDAwMDAwIiwiZXhwIjoxMzk5NDc5NzI1LCJpYXQiOjEzOTk0Nzk3MTUsImp0aSI6MX0.eyJjaGFsbGVuZ2UiOnsiaWQiOiJUVENqd3VyM3lwbTRUR1ZwWU43cENzTXFxOW9mWEVBSCIsInR5cGUiOiJvdHBfYXV0aGVudGljYXRvciJ9fQ.2UuUgl8jKkl1lhU0d2nSKmiw-Qzz130A9XJd7-swvv8","user":{"id":"8Fpmj9asxpq4mwGzx48MP1EQhdWUHDeb","local_id":"user-2412","created_at":"2014-05-07T15:33:58Z","updated_at":"2014-05-07T16:21:55Z","email":"valid@example.com","username":"valid@example.com","name":"New
+        Name","first_name":null,"last_name":null,"image":null,"status":"ACTIVE","mfa_enabled":true}}'
+    http_version:
+  recorded_at: Wed, 07 May 2014 16:21:55 GMT
+recorded_with: VCR 2.9.0

data/spec/fixtures/vcr_cassettes/session_verify.yml

@@ -0,0 +1,47 @@
+---
+http_interactions:
+- request:
+    method: post
+    uri: https://secretkey:@secure.userbin.com/v1/sessions/eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiIsImlzcyI6InVzZXItMjQxMiIsInN1YiI6IlMyb2R4UmVabkdxaHF4UGFRN1Y3a05rTG9Ya0daUEZ6IiwiYXVkIjoiODAwMDAwMDAwMDAwMDAwIiwiZXhwIjoxMzk5NDc5Njc1LCJpYXQiOjEzOTk0Nzk2NjUsImp0aSI6MH0.eyJjaGFsbGVuZ2UiOnsiaWQiOiJUVENqd3VyM3lwbTRUR1ZwWU43cENzTXFxOW9mWEVBSCIsInR5cGUiOiJvdHBfYXV0aGVudGljYXRvciJ9fQ.LT9mUzJEbsizbFxcpMo3zbms0aCDBzfgMbveMGSi1-s/verify
+    body:
+      encoding: UTF-8
+      string: '{"response":"017010"}'
+    headers:
+      User-Agent:
+      - Faraday v0.9.0
+      Content-Type:
+      - application/json
+      Accept-Encoding:
+      - gzip;q=1.0,deflate;q=0.6,identity;q=0.3
+      Accept:
+      - "*/*"
+  response:
+    status:
+      code: 201
+      message: 'Created '
+    headers:
+      Content-Type:
+      - application/json
+      Content-Length:
+      - '609'
+      X-Ua-Compatible:
+      - IE=Edge
+      Etag:
+      - '"27b68d405c62c2c4c2a23acafde76b26"'
+      Cache-Control:
+      - max-age=0, private, must-revalidate
+      Server:
+      - WEBrick/1.3.1 (Ruby/2.1.1/2014-02-24)
+      Date:
+      - Wed, 07 May 2014 16:22:55 GMT
+      Connection:
+      - Keep-Alive
+      Set-Cookie:
+      - _ubt=; expires=Thu, 01-Jan-1970 00:00:00 GMT
+    body:
+      encoding: UTF-8
+      string: '{"id":"S2odxReZnGqhqxPaQ7V7kNkLoXkGZPFz","token":"eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiIsImlzcyI6InVzZXItMjQxMiIsInN1YiI6IlMyb2R4UmVabkdxaHF4UGFRN1Y3a05rTG9Ya0daUEZ6IiwiYXVkIjoiODAwMDAwMDAwMDAwMDAwIiwiZXhwIjoxMzk5NDc5NzI1LCJpYXQiOjEzOTk0Nzk3MTUsImp0aSI6MX0.e30.IRwMbLDd2LqRHB_QZvzG47eTr5vPCBrdWI6xPOPa6x4","user":{"id":"8Fpmj9asxpq4mwGzx48MP1EQhdWUHDeb","local_id":"user-2412","created_at":"2014-05-07T15:33:58Z","updated_at":"2014-05-07T16:21:55Z","email":"valid@example.com","username":"valid@example.com","name":"New
+        Name","first_name":null,"last_name":null,"image":null,"status":"ACTIVE","mfa_enabled":true}}'
+    http_version:
+  recorded_at: Wed, 07 May 2014 16:22:55 GMT
+recorded_with: VCR 2.9.0

data/spec/fixtures/vcr_cassettes/user_find.yml

@@ -0,0 +1,44 @@
+---
+http_interactions:
+- request:
+    method: get
+    uri: https://secretkey:@secure.userbin.com/v1/users/9RA2j3cYDxt8gefQUduKnxUxRRGy6Rz4
+    body:
+      encoding: US-ASCII
+      string: ''
+    headers:
+      User-Agent:
+      - Faraday v0.9.0
+      Accept-Encoding:
+      - gzip;q=1.0,deflate;q=0.6,identity;q=0.3
+      Accept:
+      - '*/*'
+  response:
+    status:
+      code: 200
+      message: OK
+    headers:
+      Date:
+      - Fri, 18 Apr 2014 23:16:44 GMT
+      Status:
+      - 200 OK
+      Connection:
+      - close
+      Content-Type:
+      - application/json
+      Content-Length:
+      - '328'
+      Set-Cookie:
+      - _ubt=; expires=Thu, 01-Jan-1970 00:00:00 GMT
+      X-Ua-Compatible:
+      - IE=Edge
+      Etag:
+      - '"73f5664d599cfbc71df7850ca66cda3d"'
+      Cache-Control:
+      - max-age=0, private, must-revalidate
+    body:
+      encoding: UTF-8
+      string: '{"id":"9RA2j3cYDxt8gefQUduKnxUxRRGy6Rz4","created_at":"2014-04-18T13:30:22Z","updated_at":"2014-04-18T13:33:51Z","email":"brissmyr@gmail.com","username":"brissmyr@gmail.com","name":null,"first_name":null,"last_name":null,"image":null,"status":"ACTIVE","email_verification_token":"NhFy8wBYccLsEoL-kAVt","identities":[]}'
+    http_version:
+  recorded_at: Fri, 18 Apr 2014 23:16:44 GMT
+recorded_with: VCR 2.9.0

data/spec/fixtures/vcr_cassettes/user_find_non_existing.yml

@@ -0,0 +1,42 @@
+---
+http_interactions:
+- request:
+    method: get
+    uri: https://secretkey:@secure.userbin.com/v1/users/non_existing
+    body:
+      encoding: US-ASCII
+      string: ''
+    headers:
+      User-Agent:
+      - Faraday v0.9.0
+      Accept-Encoding:
+      - gzip;q=1.0,deflate;q=0.6,identity;q=0.3
+      Accept:
+      - '*/*'
+  response:
+    status:
+      code: 404
+      message: Not Found
+    headers:
+      Date:
+      - Fri, 18 Apr 2014 23:29:27 GMT
+      Status:
+      - 404 Not Found
+      Connection:
+      - close
+      Content-Type:
+      - application/json
+      Content-Length:
+      - '42'
+      Set-Cookie:
+      - _ubt=; expires=Thu, 01-Jan-1970 00:00:00 GMT
+      X-Ua-Compatible:
+      - IE=Edge
+      Cache-Control:
+      - no-cache
+    body:
+      encoding: UTF-8
+      string: '{"type":"not_found","message":"Not found"}'
+    http_version:
+  recorded_at: Fri, 18 Apr 2014 23:29:27 GMT
+recorded_with: VCR 2.9.0