add auth endpoint to bcf api

pull/7869/head
ulferts 5 years ago
parent 0bab7839b1
commit dcdebf71ac
No known key found for this signature in database
GPG Key ID: A205708DE1284017
  1. 5
      lib/open_project/static_routing.rb
  2. 2
      modules/bcf/app/controllers/bcf/api/root.rb
  3. 39
      modules/bcf/app/controllers/bcf/api/v2_1/auth_api.rb
  4. 56
      modules/bcf/app/representers/bcf/api/v2_1/auth/single_representer.rb
  5. 74
      modules/bcf/spec/representers/bcf/api/v2_1/auth/single_representer_rendering_spec.rb
  6. 10
      modules/bcf/spec/representers/bcf/api/v2_1/projects/single_representer_rendering_spec.rb
  7. 62
      modules/bcf/spec/requests/api/bcf/v2_1/auth_api_spec.rb

@ -58,8 +58,7 @@ module OpenProject
end
def self.host
host = Setting.host_name
host.gsub(/\/.*$/, '') if host # remove path in case it got into the host
Setting.host_name&.gsub(/\/.*$/, '') # remove path in case it got into the host
end
end
@ -82,7 +81,7 @@ module OpenProject
return nil unless path.present?
# Remove relative URL root
if relative_url = OpenProject::Configuration.rails_relative_url_root
if (relative_url = OpenProject::Configuration.rails_relative_url_root)
path = path.gsub relative_url, ''
end

@ -45,6 +45,8 @@ module Bcf::API
authentication_scope OpenProject::Authentication::Scope::BCF_V2_1
version '2.1', using: :path do
# /auth
mount ::Bcf::API::V2_1::AuthAPI
# /current-user
mount ::Bcf::API::V2_1::CurrentUserAPI
# /projects

@ -0,0 +1,39 @@
#-- encoding: UTF-8
#-- copyright
# OpenProject is a project management system.
# Copyright (C) 2012-2018 the OpenProject Foundation (OPF)
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License version 3.
#
# OpenProject is a fork of ChiliProject, which is a fork of Redmine. The copyright follows:
# Copyright (C) 2006-2017 Jean-Philippe Lang
# Copyright (C) 2010-2013 the ChiliProject Team
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
#
# See docs/COPYRIGHT.rdoc for more details.
#++
module Bcf::API::V2_1
class AuthAPI < ::API::OpenProjectAPI
resources :auth do
get do
::Bcf::API::V2_1::Auth::SingleRepresenter.new(nil)
end
end
end
end

@ -0,0 +1,56 @@
#-- encoding: UTF-8
#-- copyright
# OpenProject is a project management system.
# Copyright (C) 2012-2018 the OpenProject Foundation (OPF)
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License version 3.
#
# OpenProject is a fork of ChiliProject, which is a fork of Redmine. The copyright follows:
# Copyright (C) 2006-2017 Jean-Philippe Lang
# Copyright (C) 2010-2013 the ChiliProject Team
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
#
# See docs/COPYRIGHT.rdoc for more details.
#++
module Bcf::API::V2_1
class Auth::SingleRepresenter < Roar::Decorator
include Representable::JSON
include OpenProject::StaticRouting::UrlHelpers
property :oauth2_auth_url,
getter: ->(decorator:, **) {
"#{decorator.root_url}oauth/authorize"
}
property :oauth2_token_url,
getter: ->(decorator:, **) {
"#{decorator.root_url}oauth/token"
}
property :supported_oauth2_flows,
getter: ->(*) {
%w(authorization_code_grant client_credentials)
}
property :http_basic_supported,
getter: ->(*) {
false
}
end
end

@ -0,0 +1,74 @@
#-- copyright
# OpenProject is a project management system.
# Copyright (C) 2012-2019 the OpenProject Foundation (OPF)
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License version 3.
#
# OpenProject is a fork of ChiliProject, which is a fork of Redmine. The copyright follows:
# Copyright (C) 2006-2017 Jean-Philippe Lang
# Copyright (C) 2010-2013 the ChiliProject Team
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
#
# See docs/COPYRIGHT.rdoc for more details.
#++
require 'spec_helper'
require_relative '../shared_examples'
describe Bcf::API::V2_1::Auth::SingleRepresenter, 'rendering' do
let(:instance) { described_class.new(nil) }
include OpenProject::StaticRouting::UrlHelpers
subject { instance.to_json }
describe 'attributes' do
before do
allow(OpenProject::Configuration)
.to receive(:rails_relative_url_root)
.and_return('/blubs')
end
context 'oauth2_auth_url' do
it_behaves_like 'attribute' do
let(:value) { "http://localhost:3000/blubs/oauth/authorize" }
let(:path) { 'oauth2_auth_url' }
end
end
context 'oauth2_token_url' do
it_behaves_like 'attribute' do
let(:value) { "http://localhost:3000/blubs/oauth/token" }
let(:path) { 'oauth2_token_url' }
end
end
context 'http_basic_supported' do
it_behaves_like 'attribute' do
let(:value) { false }
let(:path) { 'http_basic_supported' }
end
end
context 'supported_oauth2_flows' do
it_behaves_like 'attribute' do
let(:value) { %w(authorization_code_grant client_credentials) }
let(:path) { 'supported_oauth2_flows' }
end
end
end
end

@ -28,6 +28,8 @@
require 'spec_helper'
require_relative '../shared_examples'
describe Bcf::API::V2_1::Projects::SingleRepresenter, 'rendering' do
let(:project) { FactoryBot.build_stubbed(:project) }
@ -35,14 +37,6 @@ describe Bcf::API::V2_1::Projects::SingleRepresenter, 'rendering' do
subject { instance.to_json }
shared_examples_for 'attribute' do
it 'reflects the project' do
expect(subject)
.to be_json_eql(value.to_json)
.at_path(path)
end
end
describe 'attributes' do
context 'project_id' do
it_behaves_like 'attribute' do

@ -0,0 +1,62 @@
#-- copyright
# OpenProject is a project management system.
# Copyright (C) 2012-2019 the OpenProject Foundation (OPF)
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License version 3.
#
# OpenProject is a fork of ChiliProject, which is a fork of Redmine. The copyright follows:
# Copyright (C) 2006-2017 Jean-Philippe Lang
# Copyright (C) 2010-2013 the ChiliProject Team
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
#
# See docs/COPYRIGHT.rdoc for more details.
#++
require 'spec_helper'
require 'rack/test'
require_relative './shared_responses'
describe 'BCF 2.1 auth resource', type: :request, content_type: :json do
include Rack::Test::Methods
let(:current_user) do
FactoryBot.create(:user)
end
subject(:response) { last_response }
describe 'GET /api/bcf/2.1/auth' do
let(:path) { "/api/bcf/2.1/auth" }
before do
login_as(current_user)
get path
end
it_behaves_like 'bcf api successful response' do
let(:expected_body) do
{
"oauth2_auth_url": "http://localhost:3000/oauth/authorize",
"oauth2_token_url": "http://localhost:3000/oauth/token",
"http_basic_supported": false,
"supported_oauth2_flows": %w(authorization_code_grant client_credentials)
}
end
end
end
end
Loading…
Cancel
Save