From 90ef8942976be6010b4fb8bdef91ac577c89cd20 Mon Sep 17 00:00:00 2001
From: David Vandorpe <david.vandorpe@ugent.be>
Date: Thu, 27 Jul 2017 22:55:55 +0200
Subject: [PATCH 1/5] Adapt to new FK api

---
 app/models/user.rb | 26 ++++++++++++++------------
 1 file changed, 14 insertions(+), 12 deletions(-)

diff --git a/app/models/user.rb b/app/models/user.rb
index a429ae4b..ad098a8c 100644
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -37,22 +37,24 @@ def digest(*args)
     end
 
     # using httparty because it is much easier to read than net/http code
-    resp = HTTParty.get(Rails.application.secrets.fk_auth_url, :query => {
-              :k => digest(username, Rails.application.secrets.fk_auth_key),
-              :u => username
-           })
+    resp = HTTParty.get("#{ Rails.application.secrets.fk_auth_url }/#{ username }/FKEnrolment",
+                        :headers => {
+                            'X-Authorization' => Rails.application.secrets.fk_auth_key,
+                            'Accept' => 'application/json'
+                        })
 
-    # this will only return the club name if control-hash matches
-    if resp.body != 'FAIL'
+    # this will only return the club names if control-hash matches
+    # and timestamp roughly around our current server time (5 minute tolerance)
+    if resp.success?
       hash = JSON[resp.body]
+      clubs = hash['clubs'].map { |club| club['internal_name'] }
+      timestamp = hash['timestamp']
 
-      clubs_dig = hash['data'].map { |c| c['internalName'] }
-      dig = digest(Rails.application.secrets.fk_auth_salt, username, clubs_dig)
-
-      # Process clubs if the controle is correct
-      if hash['controle'] == dig
-        self.clubs = Club.where(internal_name: clubs_dig)
+      dig = digest(Rails.application.secrets.fk_auth_salt, ugent_login, timestamp, clubs)
+      if (Time.now - DateTime.parse(timestamp)).abs < 5.minutes && hash['sign'] == dig
+        self.clubs = Club.where internal_name: clubs
       end
+
       self.save!
     end
   end

From 2f98f9b74d6f566f316640d3e1035260557e5fab Mon Sep 17 00:00:00 2001
From: David Vandorpe <david.vandorpe@ugent.be>
Date: Thu, 27 Jul 2017 23:02:47 +0200
Subject: [PATCH 2/5] Request correct permission

---
 app/models/user.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/app/models/user.rb b/app/models/user.rb
index ad098a8c..6c8bac27 100644
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -37,7 +37,7 @@ def digest(*args)
     end
 
     # using httparty because it is much easier to read than net/http code
-    resp = HTTParty.get("#{ Rails.application.secrets.fk_auth_url }/#{ username }/FKEnrolment",
+    resp = HTTParty.get("#{ Rails.application.secrets.fk_auth_url }/#{ username }/Gandalf",
                         :headers => {
                             'X-Authorization' => Rails.application.secrets.fk_auth_key,
                             'Accept' => 'application/json'

From 0c0dc46558dd38ca1188bb29f3536fee995ffef7 Mon Sep 17 00:00:00 2001
From: David Vandorpe <david.vandorpe@ugent.be>
Date: Wed, 2 Aug 2017 22:04:48 +0200
Subject: [PATCH 3/5] Fix tests

---
 db/seeds.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/db/seeds.rb b/db/seeds.rb
index 414e0ea7..5fb36f20 100644
--- a/db/seeds.rb
+++ b/db/seeds.rb
@@ -8,7 +8,7 @@
 #
 require 'webmock'
 WebMock.allow_net_connect!
-url = 'https://raw.githubusercontent.com/ZeusWPI/hydra/master/iOS/Resources/Associations.json'
+url = 'https://raw.githubusercontent.com/ZeusWPI/hydra/62c7a07f7c3db3fc4460929338d3a3b1bbd06bdb/iOS/Resources/Associations.json'
 hash = JSON(HTTParty.get(url).body)
 WebMock.disable_net_connect!
 

From b9d89fa12e2557397ffae660a8997001028f44d5 Mon Sep 17 00:00:00 2001
From: David Vandorpe <david.vandorpe@ugent.be>
Date: Wed, 2 Aug 2017 22:29:09 +0200
Subject: [PATCH 4/5] Fix tests, attempt 2

---
 test/models/user_test.rb | 50 +++++++++++++++++++++++++++++-----------
 1 file changed, 37 insertions(+), 13 deletions(-)

diff --git a/test/models/user_test.rb b/test/models/user_test.rb
index 7b21b21c..9bbb3dc3 100644
--- a/test/models/user_test.rb
+++ b/test/models/user_test.rb
@@ -25,25 +25,22 @@
 class UserTest < ActiveSupport::TestCase
 
   def setup
-    stub_request(:get, "http://fkgent.be/api_isengard_v2.php").
-      with(query: hash_including(u: 'tnnaesse')).
-      to_return(body: '{"data":[{"internalName":"zeus","displayName":"Zeus WPI"},{"internalName":"zeus2","displayName":"Zeus WPI2"}],"controle":"78b385b6d773b180deddee6d5f9819771d6f75031c3ae9ea84810fa6869e1547"}')
+    stub_request(:get, "http://fkgent.be/clubs/tnnaesse/Gandalf").
+        to_return(body: build_fk_response(:tnnaesse, %w(zeus zeus2)))
 
-    stub_request(:get, "http://fkgent.be/api_isengard_v2.php").
-      with(query: hash_including(u: 'mherthog')).
-      to_return(body: '{"data":[{"internalName":"fkcentraal","displayName":"FaculteitenKonvent Gent"}],"controle":"aaa8c58fe85af272b980be8f0343bc2bb5b476b9a4917ba5ce9d1a1007436895"}')
+    stub_request(:get, "http://fkgent.be/clubs/mherthog/Gandalf").
+        to_return(body: build_fk_response(:mherthog, %w(fkcentraal)))
 
-    stub_request(:get, "http://fkgent.be/api_isengard_v2.php").
-      with(query: hash_including(u: 'tvwillem')).
-      to_return(body: 'FAIL')
+    stub_request(:get, "http://fkgent.be/clubs/tvwillem/Gandalf").
+       to_return(body: build_fk_response(:tvwillem, []))
 
     stub_request(:get, "http://registratie.fkgent.be/api/v2/members/clubs_for_ugent_nr.json").
-      with(query: {ugent_nr: "00800857", key: "#development#"}).
-      to_return(body: '["zeus"]')
+        with(query: {ugent_nr: "00800857", key: "#development#"}).
+        to_return(body: '["zeus"]')
 
     stub_request(:get, "http://registratie.fkgent.be/api/v2/members/clubs_for_ugent_nr.json").
-      with(query: {ugent_nr: "", key: "#development#"}).
-      to_return(body: '[]')
+        with(query: {ugent_nr: "", key: "#development#"}).
+        to_return(body: '[]')
   end
 
   verify_fixtures User
@@ -82,4 +79,31 @@ def setup
     assert_equal tom.enrolled_clubs, [clubs(:zeus)]
   end
 
+  private
+  def build_fk_response(casname, clubs)
+    timestamp = Time.now
+    sign = Digest::SHA256.hexdigest(
+        [
+            Rails.application.secrets.fk_auth_salt,
+            casname,
+            clean_json(@timestamp),
+            clubs
+        ].join('-')
+    )
+
+    return {
+        timestamp: timestamp,
+        casname: casname,
+        sign: sign,
+        clubs: clubs.map { |club| {
+            internal_name: club
+        }}
+    }
+  end
+
+  # Converts input to it's json representation with beginning and starting quote stripped
+  def clean_json(str)
+    str.to_json.sub(/^\A"(.*)"\z$/, '\\1') # Make sure this is the same string that is sent in the JSON
+  end
+
 end

From a5208066c9c35a6e77ac28220fd2cb5f1e76adbe Mon Sep 17 00:00:00 2001
From: David Vandorpe <david.vandorpe@ugent.be>
Date: Wed, 2 Aug 2017 22:34:19 +0200
Subject: [PATCH 5/5] Fixing tests part 3

---
 test/models/user_test.rb | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/test/models/user_test.rb b/test/models/user_test.rb
index 9bbb3dc3..dc9cb820 100644
--- a/test/models/user_test.rb
+++ b/test/models/user_test.rb
@@ -91,7 +91,7 @@ def build_fk_response(casname, clubs)
         ].join('-')
     )
 
-    return {
+    hash = {
         timestamp: timestamp,
         casname: casname,
         sign: sign,
@@ -99,6 +99,8 @@ def build_fk_response(casname, clubs)
             internal_name: club
         }}
     }
+
+    hash.to_json
   end
 
   # Converts input to it's json representation with beginning and starting quote stripped