Add ability to manage SSO resources (#66)

* Add new SSO resources and fields

* Update gemspec

* Fix rubocop complaints

* Update tested ruby versions

Author: robertfairhead

.travis.yml

@@ -1,7 +1,7 @@
 sudo: false
 language: ruby
 rvm:
-  - "2.0"
-  - "2.1"
   - "2.2"
-  - jruby-9.0.5.0
+  - "2.3"
+  - "2.5"
+  - "2.6"

Rakefile

@@ -4,5 +4,5 @@ begin
   require 'aptible/tasks'
   Aptible::Tasks.load_tasks
 rescue LoadError
-  $stderr.puts 'Skipping Aptible::Tasks initialization...'
+  warn 'Skipping Aptible::Tasks initialization...'
 end

aptible-auth.gemspec

@@ -1,4 +1,5 @@
 # encoding: utf-8
+
 lib = File.expand_path('../lib', __FILE__)
 $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
 
@@ -23,11 +24,11 @@ Gem::Specification.new do |spec|
   spec.add_dependency 'gem_config'
   spec.add_dependency 'oauth2-aptible', '~> 0.10.0'
 
+  spec.add_development_dependency 'aptible-tasks', '>= 0.6.0'
   spec.add_development_dependency 'bundler', '~> 1.3'
-  spec.add_development_dependency 'aptible-tasks', '>= 0.2.0'
+  spec.add_development_dependency 'pry'
   spec.add_development_dependency 'rake'
   spec.add_development_dependency 'rspec', '~> 3.0'
   spec.add_development_dependency 'rspec-its'
-  spec.add_development_dependency 'pry'
   spec.add_development_dependency 'timecop', '~> 0.8.1'
 end

lib/aptible/auth/organization.rb

@@ -4,6 +4,7 @@ class Organization < Resource
       has_many :roles
       has_many :users
       has_many :invitations
+      has_many :whitelist_memberships
       belongs_to :security_officer
 
       field :id
@@ -20,20 +21,34 @@ class Organization < Resource
       field :security_alert_email
       field :ops_alert_email
       field :security_officer_id
+      field :enterprise
+      field :sso_enforced
 
       def privileged_roles
         roles.select(&:privileged?)
       end
 
       def accounts
         return @accounts if @accounts
+
         require 'aptible/api'
 
         accounts = Aptible::Api::Account.all(token: token, headers: headers)
         @accounts = accounts.select do |account|
           (link = account.links[:organization]) && link.href == href
         end
       end
+
+      # SamlConfiguration is a dependent object that does not
+      # have a link until created. So, we create the link for it
+      # to allow HyperResource to successfully create the object.
+      # Afterwords, we can directly manage the SamlConfiguration
+      def create_saml_configuration!(params)
+        HyperResource::Link.new(
+          self,
+          'href' => "#{href}/saml_configurations"
+        ).post(self.class.normalize_params(params))
+      end
     end
   end
 end

lib/aptible/auth/resource.rb

@@ -23,3 +23,5 @@ def root_url
 require 'aptible/auth/token'
 require 'aptible/auth/user'
 require 'aptible/auth/ssh_key'
+require 'aptible/auth/saml_configuration'
+require 'aptible/auth/whitelist_membership'

lib/aptible/auth/saml_configuration.rb

@@ -0,0 +1,16 @@
+module Aptible
+  module Auth
+    class SamlConfiguration < Resource
+      belongs_to :organization
+
+      field :id
+      field :entity_id
+      field :sign_in_url
+      field :name_format
+      field :certificate
+      field :handle
+      field :created_at, type: Time
+      field :updated_at, type: Time
+    end
+  end
+end

lib/aptible/auth/token.rb

@@ -144,7 +144,7 @@ def signing_params_from_secret(secret)
         private_key = parse_private_key(secret)
         {
           private_key: private_key,
-          algorithm:  "RS#{key_length(private_key) / 2}"
+          algorithm: "RS#{key_length(private_key) / 2}"
         }
       end
 

lib/aptible/auth/user.rb

@@ -3,6 +3,7 @@ module Auth
     class User < Resource
       has_many :roles
       has_many :ssh_keys
+      has_many :whitelist_memberhips
 
       field :id
       field :name

lib/aptible/auth/version.rb

@@ -1,5 +1,5 @@
 module Aptible
   module Auth
-    VERSION = '1.0.1'.freeze
+    VERSION = '1.1.0'.freeze
   end
 end

lib/aptible/auth/whitelist_membership.rb

@@ -0,0 +1,11 @@
+module Aptible
+  module Auth
+    class WhitelistMembership < Resource
+      belongs_to :organization
+      embeds_one :user
+
+      field :id
+      field :created_at, type: Time
+    end
+  end
+end

spec/aptible/auth/token_spec.rb

@@ -82,7 +82,7 @@
     end
 
     describe '#authenticate_user' do
-      let(:args) { %w([email protected] foobar) }
+      let(:args) { %w[[email protected] foobar] }
 
       before { oauth.stub_chain(:password, :get_token) { response } }
 
@@ -116,7 +116,7 @@
     end
 
     describe '#authenticate_client' do
-      let(:args) { %w(id secret [email protected]) }
+      let(:args) { %w[id secret [email protected]] }
 
       before do
         subject.stub(:signing_params_from_secret) { { algorithm: 'foobar' } }