diff --git a/Gemfile b/Gemfile index a05a753b9da..27aa1cd5069 100644 --- a/Gemfile +++ b/Gemfile @@ -96,7 +96,7 @@ group :development, :test do gem 'pry-byebug' gem 'psych' gem 'puma' - gem 'rspec-rails', '~> 3.9', '>= 3.9.1' + gem 'rspec-rails', '~> 4.0' gem 'rubocop', '~> 0.91.0', require: false gem 'rubocop-rails', '>= 2.5.2', require: false gem 'slim_lint' diff --git a/Gemfile.lock b/Gemfile.lock index e0f41be87f7..df218ccdf65 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -278,7 +278,7 @@ GEM enumerable-statistics (2.0.1) equalizer (0.0.11) errbase (0.2.0) - erubi (1.9.0) + erubi (1.10.0) exception_notification (4.4.3) actionmailer (>= 4.0, < 7) activesupport (>= 4.0, < 7) @@ -538,20 +538,20 @@ GEM rspec-mocks (~> 3.9.0) rspec-core (3.9.3) rspec-support (~> 3.9.3) - rspec-expectations (3.9.2) + rspec-expectations (3.9.4) diff-lcs (>= 1.2.0, < 2.0) rspec-support (~> 3.9.0) rspec-mocks (3.9.1) diff-lcs (>= 1.2.0, < 2.0) rspec-support (~> 3.9.0) - rspec-rails (3.9.1) - actionpack (>= 3.0) - activesupport (>= 3.0) - railties (>= 3.0) - rspec-core (~> 3.9.0) - rspec-expectations (~> 3.9.0) - rspec-mocks (~> 3.9.0) - rspec-support (~> 3.9.0) + rspec-rails (4.0.1) + actionpack (>= 4.2) + activesupport (>= 4.2) + railties (>= 4.2) + rspec-core (~> 3.9) + rspec-expectations (~> 3.9) + rspec-mocks (~> 3.9) + rspec-support (~> 3.9) rspec-support (3.9.4) rubocop (0.91.0) parallel (~> 1.10) @@ -645,7 +645,7 @@ GEM temple (0.8.2) terminal-table (1.8.0) unicode-display_width (~> 1.1, >= 1.1.1) - thor (0.20.3) + thor (1.0.1) thread_safe (0.3.6) tilt (2.0.10) timecop (0.9.2) @@ -659,7 +659,7 @@ GEM rails (>= 3.1.1) randexp rotp (>= 3.2.0) - tzinfo (1.2.7) + tzinfo (1.2.8) thread_safe (~> 0.1) uglifier (3.2.0) execjs (>= 0.3.0, < 3) @@ -801,7 +801,7 @@ DEPENDENCIES redis-session-store (>= 0.11.3) rotp (~> 3.3.1) rqrcode - rspec-rails (~> 3.9, >= 3.9.1) + rspec-rails (~> 4.0) rubocop (~> 0.91.0) rubocop-rails (>= 2.5.2) ruby-progressbar diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index aba3176fc0c..1faf9c39bdf 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -5,7 +5,7 @@ class ApplicationController < ActionController::Base include UserSessionContext include VerifyProfileConcern include LocaleHelper - include VerifySPAttributesConcern + include VerifySpAttributesConcern FLASH_KEYS = %w[error info success warning other].freeze FLASH_KEY_MAP = { 'notice' => 'info', 'alert' => 'error' }.freeze diff --git a/app/controllers/concerns/secure_headers_concern.rb b/app/controllers/concerns/secure_headers_concern.rb index 5ed125ae6c1..59ea6a047d1 100644 --- a/app/controllers/concerns/secure_headers_concern.rb +++ b/app/controllers/concerns/secure_headers_concern.rb @@ -28,7 +28,7 @@ def csp_uris end def authorize_params - URIService.params(stored_url_for_user) + UriService.params(stored_url_for_user) end private diff --git a/app/controllers/concerns/verify_sp_attributes_concern.rb b/app/controllers/concerns/verify_sp_attributes_concern.rb index f86fbfa54a6..3a29feddc61 100644 --- a/app/controllers/concerns/verify_sp_attributes_concern.rb +++ b/app/controllers/concerns/verify_sp_attributes_concern.rb @@ -1,4 +1,4 @@ -module VerifySPAttributesConcern +module VerifySpAttributesConcern def needs_completions_screen? sp_session[:issuer].present? && (sp_session_identity.nil? || diff --git a/app/controllers/users/piv_cac_login_controller.rb b/app/controllers/users/piv_cac_login_controller.rb index a814683db30..583bbad130c 100644 --- a/app/controllers/users/piv_cac_login_controller.rb +++ b/app/controllers/users/piv_cac_login_controller.rb @@ -1,7 +1,7 @@ module Users class PivCacLoginController < ApplicationController include PivCacConcern - include VerifySPAttributesConcern + include VerifySpAttributesConcern include TwoFactorAuthenticatableMethods def new diff --git a/app/decorators/service_provider_session_decorator.rb b/app/decorators/service_provider_session_decorator.rb index 0de8bb90fb4..dafe10118e5 100644 --- a/app/decorators/service_provider_session_decorator.rb +++ b/app/decorators/service_provider_session_decorator.rb @@ -104,7 +104,7 @@ def sp_name def sp_return_url if sp.redirect_uris.present? && valid_oidc_request? - URIService.add_params( + UriService.add_params( oidc_redirect_uri, error: 'access_denied', state: request_params[:state], @@ -185,6 +185,6 @@ def oidc_redirect_uri end def request_params - @request_params ||= URIService.params(request_url) + @request_params ||= UriService.params(request_url) end end diff --git a/app/forms/openid_connect_authorize_form.rb b/app/forms/openid_connect_authorize_form.rb index f807a0239fb..d1b8fb90563 100644 --- a/app/forms/openid_connect_authorize_form.rb +++ b/app/forms/openid_connect_authorize_form.rb @@ -83,7 +83,7 @@ def success_redirect_uri uri = redirect_uri unless errors.include?(:redirect_uri) code = identity&.session_uuid - URIService.add_params(uri, code: code, state: state) if code + UriService.add_params(uri, code: code, state: state) if code end def ial_values @@ -189,7 +189,7 @@ def result_uri def error_redirect_uri uri = redirect_uri unless errors.include?(:redirect_uri) - URIService.add_params( + UriService.add_params( uri, error: 'invalid_request', error_description: errors.full_messages.join(' '), diff --git a/app/forms/openid_connect_logout_form.rb b/app/forms/openid_connect_logout_form.rb index 5af881cc403..ed644c501e7 100644 --- a/app/forms/openid_connect_logout_form.rb +++ b/app/forms/openid_connect_logout_form.rb @@ -80,13 +80,13 @@ def redirect_uri def logout_redirect_uri uri = post_logout_redirect_uri unless errors.include?(:redirect_uri) - URIService.add_params(uri, state: state) + UriService.add_params(uri, state: state) end def error_redirect_uri uri = post_logout_redirect_uri unless errors.include?(:redirect_uri) - URIService.add_params( + UriService.add_params( uri, error: 'invalid_request', error_description: errors.full_messages.join(' '), diff --git a/app/helpers/session_timeout_warning_helper.rb b/app/helpers/session_timeout_warning_helper.rb index 2164acb1921..3ba5525f3f9 100644 --- a/app/helpers/session_timeout_warning_helper.rb +++ b/app/helpers/session_timeout_warning_helper.rb @@ -12,7 +12,7 @@ def warning end def timeout_refresh_path - URIService.add_params( + UriService.add_params( request.original_fullpath, timeout: true, )&.html_safe # rubocop:disable Rails/OutputSafety diff --git a/app/services/completions_decider.rb b/app/services/completions_decider.rb index 7e9676249ca..3318c821e75 100644 --- a/app/services/completions_decider.rb +++ b/app/services/completions_decider.rb @@ -22,6 +22,6 @@ def client end def redirect_uri - @redirect_uri ||= URIService.params(request_url)[:redirect_uri] + @redirect_uri ||= UriService.params(request_url)[:redirect_uri] end end diff --git a/app/services/encryption/kms_client.rb b/app/services/encryption/kms_client.rb index 76f6f9b39ae..a35242ccf66 100644 --- a/app/services/encryption/kms_client.rb +++ b/app/services/encryption/kms_client.rb @@ -119,7 +119,7 @@ def encryptor end def multi_aws_client - @multi_aws_client ||= MultiRegionKMSClient.new + @multi_aws_client ||= MultiRegionKmsClient.new end end end diff --git a/app/services/encryption/multi_region_kms_client.rb b/app/services/encryption/multi_region_kms_client.rb index 389338a099c..a566c1b96ef 100644 --- a/app/services/encryption/multi_region_kms_client.rb +++ b/app/services/encryption/multi_region_kms_client.rb @@ -1,6 +1,6 @@ require 'json' module Encryption - class MultiRegionKMSClient + class MultiRegionKmsClient def initialize @aws_clients = {} # Instantiate an array of aws clients based on the provided regions in the environment diff --git a/app/services/uri_service.rb b/app/services/uri_service.rb index 2039bc9b9a9..d5e8b0100e8 100644 --- a/app/services/uri_service.rb +++ b/app/services/uri_service.rb @@ -1,4 +1,4 @@ -module URIService +module UriService def self.params(original_uri) uri = URI(original_uri) Rack::Utils.parse_nested_query(uri.query).with_indifferent_access diff --git a/config/application.rb b/config/application.rb index 3af16279a8a..b67a9b35881 100644 --- a/config/application.rb +++ b/config/application.rb @@ -2,6 +2,7 @@ require 'rails/all' require_relative '../lib/upaya_log_formatter' require_relative '../lib/app_config' +require_relative '../lib/fingerprinter' Bundler.require(*Rails.groups) @@ -10,8 +11,11 @@ module Upaya class Application < Rails::Application AppConfig.setup(YAML.safe_load(File.read(Rails.root.join('config', 'application.yml')))) + + config.load_defaults '5.2' + config.active_record.belongs_to_required_by_default = false + config.active_job.queue_adapter = 'inline' - config.autoload_paths << Rails.root.join('app', 'mailers', 'concerns') config.time_zone = 'UTC' config.i18n.load_path += Dir[Rails.root.join('config', 'locales', '**', '*.{yml}')] diff --git a/config/initializers/idv_proofer.rb b/config/initializers/idv_proofer.rb index e69eda98d5e..dffccc3b350 100644 --- a/config/initializers/idv_proofer.rb +++ b/config/initializers/idv_proofer.rb @@ -1,2 +1 @@ -Dir[Rails.root.join('lib', 'proofer_mocks', '*')].sort.each { |file| require file } Idv::Proofer.validate_vendors! diff --git a/config/initializers/saml_idp.rb b/config/initializers/saml_idp.rb index 3817a258f4a..702703be34c 100644 --- a/config/initializers/saml_idp.rb +++ b/config/initializers/saml_idp.rb @@ -1,5 +1,4 @@ require 'feature_management' -require 'service_provider' SamlIdp.configure do |config| protocol = Rails.env.development? ? 'http://' : 'https://' diff --git a/spec/controllers/concerns/verify_sp_attributes_concern_spec.rb b/spec/controllers/concerns/verify_sp_attributes_concern_spec.rb index f2bda1f9644..278087e731e 100644 --- a/spec/controllers/concerns/verify_sp_attributes_concern_spec.rb +++ b/spec/controllers/concerns/verify_sp_attributes_concern_spec.rb @@ -1,8 +1,8 @@ require 'rails_helper' -RSpec.describe VerifySPAttributesConcern do +RSpec.describe VerifySpAttributesConcern do controller ApplicationController do - # ApplicationController already includes VerifySPAttributesConcern + # ApplicationController already includes VerifySpAttributesConcern end describe '#consent_has_expired?' do diff --git a/spec/controllers/openid_connect/authorization_controller_spec.rb b/spec/controllers/openid_connect/authorization_controller_spec.rb index a7582cb5786..91f9cef2d8e 100644 --- a/spec/controllers/openid_connect/authorization_controller_spec.rb +++ b/spec/controllers/openid_connect/authorization_controller_spec.rb @@ -40,7 +40,7 @@ expect(response).to redirect_to(/^#{params[:redirect_uri]}/) - redirect_params = URIService.params(response.location) + redirect_params = UriService.params(response.location) expect(redirect_params[:code]).to be_present expect(redirect_params[:state]).to eq(params[:state]) @@ -124,7 +124,7 @@ expect(response).to redirect_to(/^#{params[:redirect_uri]}/) - redirect_params = URIService.params(response.location) + redirect_params = UriService.params(response.location) expect(redirect_params[:code]).to be_present expect(redirect_params[:state]).to eq(params[:state]) @@ -140,7 +140,7 @@ expect(response).to redirect_to(/^#{params[:redirect_uri]}/) - redirect_params = URIService.params(response.location) + redirect_params = UriService.params(response.location) expect(redirect_params[:error]).to eq('invalid_request') expect(redirect_params[:error_description]).to be_present diff --git a/spec/controllers/voice/otp_controller_spec.rb b/spec/controllers/voice/otp_controller_spec.rb index da10bee136f..640491cb0df 100644 --- a/spec/controllers/voice/otp_controller_spec.rb +++ b/spec/controllers/voice/otp_controller_spec.rb @@ -83,7 +83,7 @@ doc = Nokogiri::XML(response.body) gather = doc.css('Gather').first - params = URIService.params(gather[:action]) + params = UriService.params(gather[:action]) expect(params[:locale]).to eq('es') end end @@ -106,7 +106,7 @@ doc = Nokogiri::XML(response.body) gather = doc.css('Gather').first - params = URIService.params(gather[:action]) + params = UriService.params(gather[:action]) expect(params[:locale]).to eq('fr') end end @@ -125,7 +125,7 @@ doc = Nokogiri::XML(response.body) gather = doc.css('Gather').first - params = URIService.params(gather[:action]) + params = UriService.params(gather[:action]) expect(cipher.decrypt(params[:encrypted_code])).to eq(code) end diff --git a/spec/features/openid_connect/openid_connect_spec.rb b/spec/features/openid_connect/openid_connect_spec.rb index 32f69871b8e..c1cd2ca74e5 100644 --- a/spec/features/openid_connect/openid_connect_spec.rb +++ b/spec/features/openid_connect/openid_connect_spec.rb @@ -221,7 +221,7 @@ verified_within: '1w', ) - redirect_params = URIService.params(current_url) + redirect_params = UriService.params(current_url) expect(redirect_params[:error]).to eq('invalid_request') expect(redirect_params[:error_description]). diff --git a/spec/forms/openid_connect_logout_form_spec.rb b/spec/forms/openid_connect_logout_form_spec.rb index 87236bee107..652bd5ed01c 100644 --- a/spec/forms/openid_connect_logout_form_spec.rb +++ b/spec/forms/openid_connect_logout_form_spec.rb @@ -39,7 +39,7 @@ end it 'has a redirect URI without errors' do - expect(URIService.params(result.extra[:redirect_uri])).to_not have_key(:error) + expect(UriService.params(result.extra[:redirect_uri])).to_not have_key(:error) end it 'has a successful response' do @@ -55,7 +55,7 @@ end it 'has an error code in the redirect URI' do - expect(URIService.params(result.extra[:redirect_uri])[:error]).to eq('invalid_request') + expect(UriService.params(result.extra[:redirect_uri])[:error]).to eq('invalid_request') end end end diff --git a/spec/services/encryption/multi_region_kms_client_spec.rb b/spec/services/encryption/multi_region_kms_client_spec.rb index dda9497b964..c46cd26c620 100644 --- a/spec/services/encryption/multi_region_kms_client_spec.rb +++ b/spec/services/encryption/multi_region_kms_client_spec.rb @@ -1,6 +1,6 @@ require 'rails_helper' -describe Encryption::MultiRegionKMSClient do +describe Encryption::MultiRegionKmsClient do before do stub_mapped_aws_kms_client( 'a' * 3000 => 'kms1', diff --git a/spec/services/uri_service_spec.rb b/spec/services/uri_service_spec.rb index befe7ced652..ebfa797e703 100644 --- a/spec/services/uri_service_spec.rb +++ b/spec/services/uri_service_spec.rb @@ -1,11 +1,11 @@ require 'rails_helper' -RSpec.describe URIService do +RSpec.describe UriService do describe '.params' do it 'parses params out as a hash from a URI' do uri = 'https://example.com/foo/bar?a=b&c=d' - params = URIService.params(uri) + params = UriService.params(uri) expect(params).to eq('a' => 'b', 'c' => 'd') expect(params).to include(a: 'b', c: 'd'), 'also supports indifferent access' @@ -15,32 +15,32 @@ describe '.add_params' do it 'adds params to uris and escapes them correctly' do original_uri = 'https://example.com/foo/bar/' - uri = URIService.add_params(original_uri, query: 'two words') + uri = UriService.add_params(original_uri, query: 'two words') expect(uri).to eq('https://example.com/foo/bar/?query=two+words') end it 'appends to existing query parameters' do original_uri = 'https://example.com/foo/bar/?a=b&c=d' - uri = URIService.add_params(original_uri, e: 'f') + uri = UriService.add_params(original_uri, e: 'f') expect(uri).to eq('https://example.com/foo/bar/?a=b&c=d&e=f') end it 'is nil with a nil uri' do - uri = URIService.add_params(nil, foo: 'bar') + uri = UriService.add_params(nil, foo: 'bar') expect(uri).to be_nil end it 'is nil with a blank string uri' do - uri = URIService.add_params('', foo: 'bar') + uri = UriService.add_params('', foo: 'bar') expect(uri).to be_nil end it 'is nil with a bad uri' do - uri = URIService.add_params('https://example.com/new.2;;9429"{+![$]`}9839') + uri = UriService.add_params('https://example.com/new.2;;9429"{+![$]`}9839') expect(uri).to be_nil end