zendesk2 0.2.4 → 0.2.5

data/.travis.yml

@@ -7,3 +7,7 @@ bundler_args: "--without development"
 before_install:
   - "gem install bundler -v 1.2.3"
 script: "bundle exec rake --trace"
+notifications:
+  email:
+    on_success: never
+    on_failure: change

data/Gemfile

@@ -4,6 +4,8 @@ source 'https://rubygems.org'
 gemspec
 
 gem 'rake'
+#To avoid warnings from JWT
+gem 'json', '~> 1.7.7'
 
 group :test do
   gem 'guard-rspec'

data/lib/zendesk2/client/models/user.rb

@@ -93,6 +93,7 @@ class Zendesk2::Client::User < Zendesk2::Model
   # @param [Time] timestamp time sent with intial handshake
   # @option options [String] :return_to (nil) url to return to after handshake
   # @return [String] remote authentication login url
+  # Using this method requires you to implement the additional (user-defined) /handshake endpoint
   # @see http://www.zendesk.com/support/api/remote-authentication
   def login_url(timestamp, options={})
     requires :name, :email
@@ -120,6 +121,39 @@ class Zendesk2::Client::User < Zendesk2::Model
     uri.to_s
   end
 
+  # @option options [String] :return_to (nil) url to return to after initial auth
+  # @return [String] url to redirect your user's browser to for login
+  # @see https://support.zendesk.com/entries/23675367-Setting-up-single-sign-on-with-JWT-JSON-Web-Token-
+  # Cargo-culted from: https://github.com/zendesk/zendesk_jwt_sso_examples/blob/master/ruby_on_rails_jwt.rb
+  def jwt_login_url(options = {})
+    requires :name, :email
+
+    return_to = options[:return_to]
+    jwt_token = self.connection.jwt_token || options[:jwt_token]
+
+    uri       = Addressable::URI.parse(self.connection.url)
+    uri.path  = "/access/jwt"
+
+    iat = Time.now.to_i
+    jti = "#{iat}/#{rand(36**64).to_s(36)}"
+    payload = JWT.encode({
+      :iat    => iat, # Seconds since epoch, determine when this token is stale
+      :jti    => jti, # Unique token id, helps prevent replay attacks
+      :name   => self.name,
+      :email  => self.email,
+    }, jwt_token)
+
+    query_values = {
+      'jwt' => payload
+    }
+    unless Zendesk2.blank?(return_to)
+      query_values['return_to'] = return_to
+    end
+    uri.query_values = query_values
+
+    uri.to_s
+  end
+
   # @return [Zendesk2::Client::Tickets] tickets this user requested
   def tickets
     requires :identity

data/lib/zendesk2/client.rb

@@ -92,11 +92,11 @@ class Zendesk2::Client < Cistern::Service
   request :update_user
   request :update_user_identity
 
-  recognizes :url, :subdomain, :host, :port, :path, :scheme, :logger, :adapter, :username, :password, :token
+  recognizes :url, :subdomain, :host, :port, :path, :scheme, :logger, :adapter, :username, :password, :token, :jwt_token
 
   class Real
 
-    attr_accessor :username, :url, :token, :logger
+    attr_accessor :username, :url, :token, :logger, :jwt_token
 
     def initialize(options={})
       url = options[:url] || Zendesk2.defaults[:url] || begin
@@ -116,13 +116,14 @@ class Zendesk2::Client < Cistern::Service
       adapter            = options[:adapter] || :net_http
       connection_options = options[:connection_options] || {ssl: {verify: false}}
       @username          = options[:username] || Zendesk2.defaults[:username]
-      token              = options[:token] || Zendesk2.defaults[:token]
+      @token             = options[:token] || Zendesk2.defaults[:token]
       password           = options[:password] || Zendesk2.defaults[:password]
-      @auth_token        = password || token
-      @username         += "/token" if @auth_token == token
+      @auth_token        = password || @token
+      @username         += "/token" if @auth_token == @token
+      @jwt_token         = options[:jwt_token]
 
       raise "Missing required options: :username" unless @username 
-      raise "Missing required options: :password or :token" unless password || token
+      raise "Missing required options: :password or :token" unless password || @token
 
       @connection = Faraday.new({url: @url}.merge(connection_options)) do |builder|
         # response
@@ -159,7 +160,7 @@ class Zendesk2::Client < Cistern::Service
 
   class Mock
 
-    attr_reader :username, :url, :token
+    attr_reader :username, :url, :token, :jwt_token
 
     def self.data
       @data ||= {
@@ -203,6 +204,7 @@ class Zendesk2::Client < Cistern::Service
       @path = URI.parse(url).path
       @username, @password = options[:username], options[:password]
       @token = options[:token]
+      @jwt_token = options[:jwt_token]
 
       @current_user ||= self.create_user("email" => @username, "name" => "Mock Agent").body["user"]
       @current_user_identity ||= self.data[:identities].values.first

data/lib/zendesk2/version.rb

@@ -1,3 +1,3 @@
 module Zendesk2
-  VERSION = "0.2.4"
+  VERSION = "0.2.5"
 end

data/lib/zendesk2.rb

@@ -5,7 +5,7 @@ require 'addressable/uri'
 require 'cistern'
 require 'faraday'
 require 'faraday_middleware'
-
+require 'jwt'
 # stdlib
 require 'forwardable'
 require 'logger'

data/spec/config_spec.rb

@@ -0,0 +1,17 @@
+require 'spec_helper'
+
+describe "client" do
+
+  it "can be configured" do
+    client = Zendesk2::Client.new(:url => "https://myzen.zendesk.com",
+                                  :username => "person@place.com",
+                                  :password => "wickedsecure",
+                                  :token => "12345678901234567890",
+                                  :jwt_token => "234823472398472938423234")
+    client.url.should eq "https://myzen.zendesk.com"
+    client.username.should eq "person@place.com"
+    client.token.should eq "12345678901234567890"
+    client.jwt_token.should eq "234823472398472938423234"
+  end
+
+end

data/spec/users_spec.rb

@@ -120,10 +120,25 @@ describe "users" do
       user.reload.email.should == original_email
     end
 
-    it "should form login url" do
+    it "should form 'legacy' login url" do
       return_to = "http://engineyard.com"
-      uri = Addressable::URI.parse(user.login_url(Time.now.to_s, return_to: return_to))
+      uri = Addressable::URI.parse(user.login_url(Time.now.to_s, return_to: return_to, token: "in-case-you-dont-have-it-in ~/.zendesk2 (aka ci)"))
       uri.query_values["return_to"].should == return_to
+      uri.query_values["name"].should eq user.name
+      uri.query_values["email"].should eq user.email
+      uri.query_values["hash"].should_not be_nil
     end
+
+    it "should form jwt login url" do
+      return_to = "http://engineyard.com"
+      uri = Addressable::URI.parse(user.jwt_login_url(return_to: return_to, jwt_token: "in-case-you-dont-have-it-in ~/.zendesk2 (aka ci)"))
+      uri.query_values["return_to"].should == return_to
+      uri.query_values["name"].should be_nil
+      uri.query_values["email"].should be_nil
+      uri.query_values["jwt"].should_not be_nil
+
+      #TODO: try JWT.decode
+    end
+
   end
 end

data/zendesk2.gemspec

@@ -19,4 +19,5 @@ Gem::Specification.new do |gem|
   gem.add_dependency "faraday"
   gem.add_dependency "faraday_middleware"
   gem.add_dependency "addressable"
+  gem.add_dependency "jwt"
 end

metadata

@@ -2,7 +2,7 @@
 name: zendesk2
 version: !ruby/object:Gem::Version
   prerelease: 
-  version: 0.2.4
+  version: 0.2.5
 platform: ruby
 authors:
 - Josh Lane
@@ -75,6 +75,22 @@ dependencies:
         version: '0'
   type: :runtime
   prerelease: false
+- !ruby/object:Gem::Dependency
+  name: jwt
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
 description: Zendesk V2 API client
 email:
 - me@joshualane.com
@@ -186,6 +202,7 @@ files:
 - lib/zendesk2/searchable.rb
 - lib/zendesk2/version.rb
 - spec/categories_spec.rb
+- spec/config_spec.rb
 - spec/forums_spec.rb
 - spec/groups_spec.rb
 - spec/organizations_spec.rb
@@ -224,6 +241,7 @@ specification_version: 3
 summary: Zendesk V2 API client
 test_files:
 - spec/categories_spec.rb
+- spec/config_spec.rb
 - spec/forums_spec.rb
 - spec/groups_spec.rb
 - spec/organizations_spec.rb