Merge pull request #63 from stormpath/mc-basic-bearer-auth-from-ruby-62

Replace existing code for controller authentication with the Ruby SDK

Author: DamirSvrtan

app/services/stormpath/rails/account_from_access_token.rb

@@ -8,22 +8,22 @@ class AccountFromAccessToken
       DifferentIssuerError = Class.new(ArgumentError)
 
       def initialize(access_token)
-        raise(NoAccessToken) if access_token.nil?
+        raise(NoAccessToken) if access_token.blank?
         @access_token = access_token
       end
 
       def account
-        @account ||= resolution_class.new(access_token).account
+        @account ||= resolution_instance.verify(access_token).account
       end
 
       private
 
-      def resolution_class
+      def resolution_instance
         case Stormpath::Rails.config.web.oauth2.password.validation_strategy.to_sym
         when :local
-          LocalAccountResolution
+          Stormpath::Oauth::VerifyAccessToken.new(Client.application, local: true)
         when :stormpath
-          StormpathAccountResolution
+          Stormpath::Oauth::VerifyAccessToken.new(Client.application)
         else
           raise ArgumentError, 'Invalid validation strategy'
         end

app/services/stormpath/rails/account_from_access_token/local_account_resolution.rb

@@ -18,9 +18,16 @@ def authenticate!
         if any_auth_cookie_present?
           FromCookies.new(cookies).authenticate!
         elsif bearer_authorization_header?
-          FromBearerAuth.new(authorization_header).authenticate!
+          Stormpath::Authentication::HttpBearerAuthentication.new(
+            Stormpath::Rails::Client.application,
+            authorization_header,
+            local: validation_strategy
+          ).authenticate!.account
         elsif basic_authorization_header?
-          FromBasicAuth.new(authorization_header).authenticate!
+          Stormpath::Authentication::HttpBasicAuthentication.new(
+            Stormpath::Rails::Client.application,
+            authorization_header
+          ).authenticate!.account
         else
           raise UnauthenticatedRequest
         end
@@ -39,6 +46,14 @@ def any_auth_cookie_present?
       def basic_authorization_header?
         authorization_header =~ BASIC_PATTERN
       end
+
+      def validation_strategy
+        if Stormpath::Rails.config.web.oauth2.password.validation_strategy == 'stormpath'
+          true
+        else
+          false
+        end
+      end
     end
   end
 end

app/services/stormpath/rails/account_from_access_token/stormpath_account_resolution.rb

@@ -15,7 +15,7 @@ module Controller
       def current_account
         @current_account ||= begin
           ControllerAuthentication.new(cookies, request.headers['Authorization']).authenticate!
-        rescue ControllerAuthentication::UnauthenticatedRequest
+        rescue ControllerAuthentication::UnauthenticatedRequest, Stormpath::Error, JWT::DecodeError
           nil
         end
       end

app/services/stormpath/rails/controller_authentication.rb

@@ -4,12 +4,12 @@
     password 'Password1337'
     given_name { Faker::Name.first_name }
     surname { Faker::Name.last_name }
-    username { Faker::Internet.user_name }
+    username { "#{Faker::Internet.user_name}_#{Faker::Internet.user_name}" }
     phone_number { Faker::PhoneNumber.cell_phone }
   end
 
   factory :account_without_username, class: Stormpath::Resource::Account do
-    sequence(:email) { |n| "dev#{n}@example.com" }
+    sequence(:email) { |n| "dev#{n}@testmail.stormpath.com" }
     password 'Password1337'
     given_name { Faker::Name.first_name }
     surname { Faker::Name.last_name }
@@ -18,4 +18,14 @@
   factory :unverified_account, parent: :account do
     status 'UNVERIFIED'
   end
+
+  factory :directory, class: Stormpath::Resource::Directory do
+    sequence(:name) { |n| "rails-#{n}-#{Faker::Lorem.word}-directory" }
+    description 'rails test directory'
+  end
+
+  factory :application, class: Stormpath::Resource::Application do
+    sequence(:name) { |n| "rails-#{n}-#{Faker::Lorem.word}-application" }
+    description 'rails test application'
+  end
 end

app/services/stormpath/rails/controller_authentication/from_basic_auth.rb

@@ -6,7 +6,6 @@ def response_body
   end
 
   let(:account) { Stormpath::Rails::Client.application.accounts.create(account_attrs) }
-
   let(:account_attrs) { FactoryGirl.attributes_for(:account) }
 
   after { account.delete }