userbin 0.4.5 → 1.0.0

data/spec/fixtures/vcr_cassettes/user_import.yml

@@ -0,0 +1,46 @@
+---
+http_interactions:
+- request:
+    method: post
+    uri: https://secretkey:@secure.userbin.com/v1/users/import
+    body:
+      encoding: UTF-8
+      string: '{"users":[{"email":"10@example.com","username":"10"},{"email":"20@example.com","username":"20"}]}'
+    headers:
+      User-Agent:
+      - Faraday v0.9.0
+      Content-Type:
+      - application/json
+      Accept-Encoding:
+      - gzip;q=1.0,deflate;q=0.6,identity;q=0.3
+      Accept:
+      - '*/*'
+  response:
+    status:
+      code: 201
+      message: Created
+    headers:
+      Date:
+      - Thu, 24 Apr 2014 16:19:14 GMT
+      Status:
+      - 201 Created
+      Connection:
+      - close
+      Content-Type:
+      - application/json
+      Content-Length:
+      - '85'
+      Set-Cookie:
+      - _ubt=; expires=Thu, 01-Jan-1970 00:00:00 GMT
+      X-Ua-Compatible:
+      - IE=Edge
+      Etag:
+      - '"e6928187afa7cffb7f793a998b7a1c91"'
+      Cache-Control:
+      - max-age=0, private, must-revalidate
+    body:
+      encoding: UTF-8
+      string: '[{"id":"fqnvfRSmxa6wqx3c6xmzDqDZrJCvtZ5P"},{"id":"4n9pcvrCSig2iVcZbk7pAMsjngzX9fgv"}]'
+    http_version:
+  recorded_at: Thu, 24 Apr 2014 16:19:14 GMT
+recorded_with: VCR 2.9.0

data/spec/fixtures/vcr_cassettes/user_update.yml

@@ -0,0 +1,47 @@
+---
+http_interactions:
+- request:
+    method: put
+    uri: https://secretkey:@secure.userbin.com/v1/users/AKfwtfrAzdDKp55aty8o14MoudkaS9BL
+    body:
+      encoding: UTF-8
+      string: '{"id":"AKfwtfrAzdDKp55aty8o14MoudkaS9BL","email":"updated@example.com","created_at":"2014-04-27
+        22:10:22 +0200"}'
+    headers:
+      User-Agent:
+      - Faraday v0.9.0
+      Content-Type:
+      - application/json
+      Accept-Encoding:
+      - gzip;q=1.0,deflate;q=0.6,identity;q=0.3
+      Accept:
+      - '*/*'
+  response:
+    status:
+      code: 200
+      message: OK
+    headers:
+      Date:
+      - Sun, 27 Apr 2014 20:10:22 GMT
+      Status:
+      - 200 OK
+      Connection:
+      - close
+      Content-Type:
+      - application/json
+      Content-Length:
+      - '252'
+      Set-Cookie:
+      - _ubt=; expires=Thu, 01-Jan-1970 00:00:00 GMT
+      X-Ua-Compatible:
+      - IE=Edge
+      Etag:
+      - '"de56261eb3d3bef170cc8e837af079fd"'
+      Cache-Control:
+      - max-age=0, private, must-revalidate
+    body:
+      encoding: UTF-8
+      string: '{"id":"AKfwtfrAzdDKp55aty8o14MoudkaS9BL","created_at":"2014-04-27T20:10:22Z","updated_at":"2014-04-27T20:10:22Z","email":"updated@example.com","username":"updated@example.com","name":null,"first_name":null,"last_name":null,"image":null,"status":"ACTIVE","identities":[]}'
+    http_version:
+  recorded_at: Sun, 27 Apr 2014 20:10:22 GMT
+recorded_with: VCR 2.9.0

data/spec/helpers_spec.rb

@@ -0,0 +1,38 @@
+require 'spec_helper'
+
+describe 'Userbin helpers' do
+  let(:token) { 'eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiIsImlhdCI6MTM5ODIzOTIwMywiZXhwIjoxMzk4MjQyODAzfQ.eyJ1c2VyX2lkIjoiZUF3djVIdGRiU2s4Yk1OWVpvanNZdW13UXlLcFhxS3IifQ.Apa7EmT5T1sOYz4Af0ERTDzcnUvSalailNJbejZ2ddQ' }
+
+  it 'creates a session' do
+    Userbin::Session.should_receive(:post).
+      with("users/user%201234/sessions", user: {email: 'valid@example.com'}).
+      and_return(Userbin::Session.new(token: token))
+    Userbin.authenticate(nil, 'user 1234', properties: {email: 'valid@example.com'})
+  end
+
+  it 'refreshes, and does not create a session' do
+    Userbin::Session.should_not_receive(:create)
+    Userbin::Session.any_instance.should_receive(:refresh).
+      and_return(Userbin::Session.new(token: token))
+    opts = {
+      user_id: '1234',
+      properties: {
+        email: 'valid@example.com'
+      },
+      context: {
+        ip: '8.8.8.8',
+        user_agent: 'Mozilla'
+      }
+    }
+    Userbin.authenticate(token, opts)
+  end
+
+  it 'deauthenticates with context' do
+    Userbin::Session.should_receive(:destroy_existing)
+
+    jwt = Userbin::JWT.new(token)
+    jwt.merge!(context: { ip: '8.8.8.8', user_agent: 'Mozilla' })
+
+    Userbin.deauthenticate(jwt.to_token)
+  end
+end

data/spec/jwt_spec.rb

@@ -0,0 +1,67 @@
+require 'spec_helper'
+require 'timecop'
+
+describe 'Userbin::JWT' do
+  let(:token) { 'eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiIsImlhdCI6MTM5ODIzOTIwMywiZXhwIjoxMzk4MjQyODAzfQ.eyJ1c2VyX2lkIjoiZUF3djVIdGRiU2s4Yk1OWVpvanNZdW13UXlLcFhxS3IifQ.Apa7EmT5T1sOYz4Af0ERTDzcnUvSalailNJbejZ2ddQ' }
+
+  context 'valid JWT' do
+    it 'returns a payload' do
+      payload = Userbin::JWT.new(token).to_json
+      payload['user_id'].should == 'eAwv5HtdbSk8bMNYZojsYumwQyKpXqKr'
+    end
+
+    it 'verifies that JWT has expired' do
+      new_time = Time.utc(2014, 4, 23, 8, 46, 44)
+      Timecop.freeze(new_time) do
+        Userbin::JWT.new(token).expired?.should be_true
+      end
+    end
+
+    it 'verifies that JWT has not expired' do
+      new_time = Time.utc(2014, 4, 23, 8, 46, 43)
+      Timecop.freeze(new_time) do
+        Userbin::JWT.new(token).expired?.should be_false
+      end
+    end
+  end
+
+  context 'invalid JWT' do
+    let(:token) { 'eyJ0eXhtWWNTU3pEUHp6WFF2WmZp26mn7Kkl6UgE' }
+
+    it 'throws error' do
+      expect {
+        payload = Userbin::JWT.new(token).to_json
+      }.to raise_error(Userbin::SecurityError)
+    end
+  end
+
+  context 'nil JWT' do
+    let(:token) { nil }
+
+    it 'throws error' do
+      token = nil
+      expect {
+        payload = Userbin::JWT.new(token).to_json
+      }.to raise_error(Userbin::SecurityError)
+    end
+  end
+
+  context '#to_token' do
+    it 'returns the same token' do
+      Userbin::JWT.new(token).to_token.should == token
+    end
+  end
+
+  context '#merge' do
+    it 'merges payload' do
+      jwt = Userbin::JWT.new(token)
+      jwt.merge!(context: { ip: '8.8.8.8' })
+
+      merged_token = jwt.to_token
+      merged_token.should_not == token
+      Userbin::JWT.new(merged_token).
+        to_json['context']['ip'].should == '8.8.8.8'
+    end
+  end
+
+end

data/spec/models/session_spec.rb

@@ -0,0 +1,33 @@
+require 'spec_helper'
+
+describe 'Userbin::Session' do
+
+  let(:session_token) { 'eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiIsImlzcyI6InVzZXItMjQxMiIsInN1YiI6IlMyb2R4UmVabkdxaHF4UGFRN1Y3a05rTG9Ya0daUEZ6IiwiYXVkIjoiODAwMDAwMDAwMDAwMDAwIiwiZXhwIjoxMzk5NDc5Njc1LCJpYXQiOjEzOTk0Nzk2NjUsImp0aSI6MH0.eyJjaGFsbGVuZ2UiOnsiaWQiOiJUVENqd3VyM3lwbTRUR1ZwWU43cENzTXFxOW9mWEVBSCIsInR5cGUiOiJvdHBfYXV0aGVudGljYXRvciJ9fQ.LT9mUzJEbsizbFxcpMo3zbms0aCDBzfgMbveMGSi1-s' }
+
+  it 'creates a session' do
+    VCR.use_cassette('session_create') do
+      user_id = 'user-2412'
+      session = Userbin::Session.post(
+        "users/#{user_id}/sessions", user: {email: 'valid@example.com'})
+      Userbin::JWT.new(session.token).header['iss'].should == user_id
+    end
+  end
+
+  it 'refreshes a session' do
+    VCR.use_cassette('session_refresh') do
+      session = Userbin::Session.new(token: session_token)
+      session = session.refresh(user: {name: 'New Name'})
+
+      session.token.should_not == session_token
+    end
+  end
+
+  it 'verifies a session' do
+    VCR.use_cassette('session_verify') do
+      Userbin::JWT.new(session_token).payload['challenge'].should_not be_nil
+      session = Userbin::Session.new(token: session_token)
+      session = session.verify(response: '017010')
+      Userbin::JWT.new(session.token).payload['challenge'].should be_nil
+    end
+  end
+end

data/spec/models/user_spec.rb

@@ -0,0 +1,43 @@
+require 'spec_helper'
+
+describe 'Userbin::User' do
+  it 'retrieves a user' do
+    VCR.use_cassette('user_find') do
+      user = Userbin::User.find('9RA2j3cYDxt8gefQUduKnxUxRRGy6Rz4')
+      user.email.should == 'brissmyr@gmail.com'
+    end
+  end
+
+  it 'handles non-existing user' do
+    VCR.use_cassette('user_find_non_existing') do
+      error = nil
+      begin
+        user = Userbin::User.find('non_existing')
+      rescue Userbin::Error => e
+        error = e
+      end
+      error.to_s.should match /Not found/
+    end
+  end
+
+  it 'updates a user' do
+    VCR.use_cassette('user_update') do
+      user = Userbin::User.new(id: 'AKfwtfrAzdDKp55aty8o14MoudkaS9BL')
+      user.email = 'updated@example.com'
+      user.created_at = Time.now
+      user.save
+    end
+  end
+
+  it 'imports users' do
+    VCR.use_cassette('user_import') do
+      users = Userbin::User.import(
+        users: [
+          { email: '10@example.com', username: '10' },
+          { email: '20@example.com', username: '20' }
+        ]
+      )
+      users.count.should == 2
+    end
+  end
+end

data/spec/spec_helper.rb

@@ -2,7 +2,18 @@ require 'rubygems'
 require 'bundler/setup'
 require 'rack'
 require 'userbin'
+require 'vcr'
 require 'webmock/rspec'
+require 'pry'
+
+VCR.configure do |config|
+  config.cassette_library_dir = 'spec/fixtures/vcr_cassettes'
+  config.hook_into :webmock
+end
+
+Userbin.configure do |config|
+  config.api_secret = 'secretkey'
+end
 
 RSpec.configure do |config|
 end

data/spec/utils_spec.rb

@@ -0,0 +1,36 @@
+require 'spec_helper'
+
+describe 'Userbin utils' do
+  describe 'ContextHeaders middleware' do
+    before do
+      Userbin::User.use_api(api = Her::API.new)
+      @user = api.setup do |c|
+        c.use Userbin::Request::Middleware::ContextHeaders
+        c.use Her::Middleware::FirstLevelParseJSON
+        c.adapter :test do |stub|
+          stub.post('/users') do |env|
+            @env = env
+            [200, {}, [].to_json]
+          end
+        end
+      end
+    end
+
+    let(:env) do
+      Rack::MockRequest.env_for('/',
+        "HTTP_USER_AGENT" => "Mozilla", "REMOTE_ADDR" => "8.8.8.8")
+    end
+
+    it 'handles non-existing context headers' do
+      Userbin::User.create()
+    end
+
+    it 'sets context headers from env' do
+      Userbin.with_context(ip: '8.8.8.8', user_agent: 'Mozilla') do
+        Userbin::User.create()
+        @env['request_headers']['X-Userbin-Ip'].should == '8.8.8.8'
+        @env['request_headers']['X-Userbin-User-Agent'].should == 'Mozilla'
+      end
+    end
+  end
+end

metadata

@@ -1,122 +1,203 @@
 --- !ruby/object:Gem::Specification
 name: userbin
 version: !ruby/object:Gem::Version
-  version: 0.4.5
+  version: 1.0.0
 platform: ruby
 authors:
 - Johan
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2013-09-17 00:00:00.000000000 Z
+date: 2014-05-12 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: her
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: 0.6.8
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: 0.6.8
+- !ruby/object:Gem::Dependency
+  name: faraday_middleware
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.9.1
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.9.1
 - !ruby/object:Gem::Dependency
   name: multi_json
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: '1.0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: '1.0'
 - !ruby/object:Gem::Dependency
   name: jwt
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.1.11
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.1.11
+- !ruby/object:Gem::Dependency
+  name: request_store
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 1.0.5
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 1.0.5
+- !ruby/object:Gem::Dependency
+  name: activesupport
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
       - !ruby/object:Gem::Version
-        version: 0.1.8
+        version: '3'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - ">="
       - !ruby/object:Gem::Version
-        version: 0.1.8
+        version: '3'
 - !ruby/object:Gem::Dependency
   name: rspec
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - '>='
+    - - ">="
       - !ruby/object:Gem::Version
         version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - '>='
+    - - ">="
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
   name: rack
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - '>='
+    - - ">="
       - !ruby/object:Gem::Version
         version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - '>='
+    - - ">="
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
   name: webmock
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - '>='
+    - - ">="
       - !ruby/object:Gem::Version
         version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - '>='
+    - - ">="
       - !ruby/object:Gem::Version
         version: '0'
-description: Drop-in user login for mobile and web apps. Add a full user authentication
-  stack to your application in minutes. Userbin is easily customized to fit your current
-  design and infrastructure.
+- !ruby/object:Gem::Dependency
+  name: vcr
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: timecop
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+description: Secure your application with multi-factor authentication, user activity
+  monitoring, and real-time threat protection.
 email: johan@userbin.com
 executables: []
 extensions: []
 extra_rdoc_files: []
 files:
-- lib/userbin/authentication.rb
-- lib/userbin/basic_auth.rb
+- README.md
+- lib/userbin.rb
 - lib/userbin/configuration.rb
-- lib/userbin/current.rb
-- lib/userbin/events.rb
-- lib/userbin/rails/auth_helpers.rb
-- lib/userbin/railtie.rb
-- lib/userbin/session.rb
-- lib/userbin/userbin.rb
+- lib/userbin/errors.rb
+- lib/userbin/helpers.rb
+- lib/userbin/jwt.rb
+- lib/userbin/models/base.rb
+- lib/userbin/models/challenge.rb
+- lib/userbin/models/session.rb
+- lib/userbin/models/user.rb
+- lib/userbin/request.rb
+- lib/userbin/utils.rb
 - lib/userbin/version.rb
-- lib/userbin.rb
-- README.md
-- spec/session_spec.rb
+- spec/configuration_spec.rb
+- spec/fixtures/vcr_cassettes/session_create.yml
+- spec/fixtures/vcr_cassettes/session_refresh.yml
+- spec/fixtures/vcr_cassettes/session_verify.yml
+- spec/fixtures/vcr_cassettes/user_find.yml
+- spec/fixtures/vcr_cassettes/user_find_non_existing.yml
+- spec/fixtures/vcr_cassettes/user_import.yml
+- spec/fixtures/vcr_cassettes/user_update.yml
+- spec/helpers_spec.rb
+- spec/jwt_spec.rb
+- spec/models/session_spec.rb
+- spec/models/user_spec.rb
 - spec/spec_helper.rb
-- spec/userbin_spec.rb
+- spec/utils_spec.rb
 homepage: https://userbin.com
 licenses:
 - MIT
@@ -127,21 +208,32 @@ require_paths:
 - lib
 required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
-  - - '>='
+  - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
-  - - '>='
+  - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.0.6
+rubygems_version: 2.2.2
 signing_key: 
 specification_version: 4
 summary: Userbin
 test_files:
-- spec/session_spec.rb
+- spec/configuration_spec.rb
+- spec/fixtures/vcr_cassettes/session_create.yml
+- spec/fixtures/vcr_cassettes/session_refresh.yml
+- spec/fixtures/vcr_cassettes/session_verify.yml
+- spec/fixtures/vcr_cassettes/user_find.yml
+- spec/fixtures/vcr_cassettes/user_find_non_existing.yml
+- spec/fixtures/vcr_cassettes/user_import.yml
+- spec/fixtures/vcr_cassettes/user_update.yml
+- spec/helpers_spec.rb
+- spec/jwt_spec.rb
+- spec/models/session_spec.rb
+- spec/models/user_spec.rb
 - spec/spec_helper.rb
-- spec/userbin_spec.rb
+- spec/utils_spec.rb