FEATURE: Change error raised by the SSO parse method to a custom error class (#248)

OsamaSayegh · web-flow · commit a19fdd8e456d · 2022-07-05T08:25:05.000+03:00
This commit changes the errors raise by the `parse` method of ``DiscourseApi::SingleSignOn` to raise a custom error classes instead of `RuntimeError` to make it possible to rescue errors specific to the `SingleSignOn` class.

The new error classes inherit from `RuntimeError` to preserve backward compatibility, i.e. existing `rescue` blocks that target `RuntimeError` will continue to work.

This commit also releases version 1.1.0.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -6,6 +6,11 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [Unreleased]
 
+## [1.1.0] - 2022-07-05
+### Changed
+- `DiscourseApi::SingleSignOn.parse` now raises `DiscourseApi::SingleSignOn::ParseError` (inherits from `RuntimeError` to preserve backward compatibility) instead of `RuntimeError` when there's a signature mismatch.
+- `DiscourseApi::SingleSignOn.parse` now raises `DiscourseApi::SingleSignOn::MissingConfigError` (also inherits from `RuntimeError`) if `sso_secret` or `sso_url` are missing.
+
 ## [1.0.0] - 2022-05-01
 ### Changed
 - The package now requires ruby 2.6+
diff --git a/lib/discourse_api/single_sign_on.rb b/lib/discourse_api/single_sign_on.rb
@@ -5,6 +5,9 @@
 
 module DiscourseApi
   class SingleSignOn
+    class ParseError < RuntimeError; end
+    class MissingConfigError < RuntimeError; end
+
     ACCESSORS = [
       :add_groups,
       :admin,
@@ -52,11 +55,11 @@ class SingleSignOn
     attr_writer :custom_fields, :sso_secret, :sso_url
 
     def self.sso_secret
-      raise RuntimeError, "sso_secret not implemented on class, be sure to set it on instance"
+      raise MissingConfigError, "sso_secret not implemented on class, be sure to set it on instance"
     end
 
     def self.sso_url
-      raise RuntimeError, "sso_url not implemented on class, be sure to set it on instance"
+      raise MissingConfigError, "sso_url not implemented on class, be sure to set it on instance"
     end
 
     def self.parse_hash(payload)
@@ -98,9 +101,9 @@ def self.parse(payload, sso_secret = nil)
       if sso.sign(parsed["sso"]) != parsed["sig"]
         diags = "\n\nsso: #{parsed["sso"]}\n\nsig: #{parsed["sig"]}\n\nexpected sig: #{sso.sign(parsed["sso"])}"
         if parsed["sso"] =~ /[^a-zA-Z0-9=\r\n\/+]/m
-          raise RuntimeError, "The SSO field should be Base64 encoded, using only A-Z, a-z, 0-9, +, /, and = characters. Your input contains characters we don't understand as Base64, see http://en.wikipedia.org/wiki/Base64 #{diags}"
+          raise ParseError, "The SSO field should be Base64 encoded, using only A-Z, a-z, 0-9, +, /, and = characters. Your input contains characters we don't understand as Base64, see http://en.wikipedia.org/wiki/Base64 #{diags}"
         else
-          raise RuntimeError, "Bad signature for payload #{diags}"
+          raise ParseError, "Bad signature for payload #{diags}"
         end
       end
 
diff --git a/lib/discourse_api/version.rb b/lib/discourse_api/version.rb
@@ -1,4 +1,4 @@
 # frozen_string_literal: true
 module DiscourseApi
-  VERSION = "1.0.0"
+  VERSION = "1.1.0"
 end
diff --git a/spec/discourse_api/single_sign_on_spec.rb b/spec/discourse_api/single_sign_on_spec.rb
@@ -0,0 +1,43 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+describe DiscourseApi::SingleSignOn do
+  context "::MissingConfigError" do
+    it "inherits from RuntimeError for backward compatibility" do
+      expect(DiscourseApi::SingleSignOn::MissingConfigError).to be < RuntimeError
+    end
+  end
+
+  context "::ParseError" do
+    it "inherits from RuntimeError for backward compatibility" do
+      expect(DiscourseApi::SingleSignOn::ParseError).to be < RuntimeError
+    end
+  end
+
+  context ".sso_secret" do
+    it "raises MissingConfigError when sso_secret is not present" do
+      expect {
+        described_class.sso_secret
+      }.to raise_error(DiscourseApi::SingleSignOn::MissingConfigError)
+    end
+  end
+
+  context ".sso_url" do
+    it "raises MissingConfigError when sso_url is not present" do
+      expect {
+        described_class.sso_url
+      }.to raise_error(DiscourseApi::SingleSignOn::MissingConfigError)
+    end
+  end
+
+  context ".parse" do
+    it "raises ParseError when there's a signature mismatch" do
+      sso = described_class.new
+      sso.sso_secret = "abcd"
+      expect {
+        described_class.parse(sso.payload, "dcba")
+      }.to raise_error(DiscourseApi::SingleSignOn::ParseError)
+    end
+  end
+end
