RubyGems - anjlab-devise-oauth2-providable - Versions diffs - 1.1.0 - Mend

anjlab-devise-oauth2-providable 1.1.0

Files changed (89) hide show

data/.gitignore +40 -0
data/.rvmrc +1 -0
data/CONTRIBUTORS.txt +6 -0
data/Gemfile +8 -0
data/LICENSE.txt +22 -0
data/README.md +158 -0
data/Rakefile +5 -0
data/app/controllers/devise/oauth2_providable/authorizations_controller.rb +58 -0
data/app/controllers/devise/oauth2_providable/tokens_controller.rb +19 -0
data/app/models/devise/oauth2_providable/access_token.rb +24 -0
data/app/models/devise/oauth2_providable/authorization_code.rb +4 -0
data/app/models/devise/oauth2_providable/client.rb +24 -0
data/app/models/devise/oauth2_providable/refresh_token.rb +7 -0
data/app/views/devise/oauth2_providable/authorizations/_form.html.erb +7 -0
data/app/views/devise/oauth2_providable/authorizations/error.html.erb +4 -0
data/app/views/devise/oauth2_providable/authorizations/new.html.erb +4 -0
data/config/routes.rb +9 -0
data/db/migrate/20111014160714_create_devise_oauth2_providable_schema.rb +55 -0
data/devise_oauth2_providable.gemspec +30 -0
data/lib/anjlab-devise-oauth2-providable.rb +1 -0
data/lib/devise/oauth2_providable/engine.rb +16 -0
data/lib/devise/oauth2_providable/expirable_token.rb +57 -0
data/lib/devise/oauth2_providable/models/oauth2_authorization_code_grantable.rb +6 -0
data/lib/devise/oauth2_providable/models/oauth2_password_grantable.rb +6 -0
data/lib/devise/oauth2_providable/models/oauth2_providable.rb +14 -0
data/lib/devise/oauth2_providable/models/oauth2_refresh_token_grantable.rb +6 -0
data/lib/devise/oauth2_providable/strategies/oauth2_authorization_code_grant_type_strategy.rb +21 -0
data/lib/devise/oauth2_providable/strategies/oauth2_grant_type_strategy.rb +38 -0
data/lib/devise/oauth2_providable/strategies/oauth2_password_grant_type_strategy.rb +22 -0
data/lib/devise/oauth2_providable/strategies/oauth2_providable_strategy.rb +25 -0
data/lib/devise/oauth2_providable/strategies/oauth2_refresh_token_grant_type_strategy.rb +22 -0
data/lib/devise/oauth2_providable/version.rb +5 -0
data/lib/devise_oauth2_providable.rb +41 -0
data/script/rails +6 -0
data/spec/controllers/authorizations_controller_spec.rb +32 -0
data/spec/controllers/protected_controller_spec.rb +42 -0
data/spec/dummy/Rakefile +7 -0
data/spec/dummy/app/assets/javascripts/application.js +7 -0
data/spec/dummy/app/assets/stylesheets/application.css +7 -0
data/spec/dummy/app/controllers/application_controller.rb +3 -0
data/spec/dummy/app/controllers/protected_controller.rb +6 -0
data/spec/dummy/app/helpers/application_helper.rb +2 -0
data/spec/dummy/app/mailers/.gitkeep +0 -0
data/spec/dummy/app/models/.gitkeep +0 -0
data/spec/dummy/app/models/user.rb +15 -0
data/spec/dummy/app/views/layouts/application.html.erb +14 -0
data/spec/dummy/config.ru +4 -0
data/spec/dummy/config/application.rb +50 -0
data/spec/dummy/config/boot.rb +10 -0
data/spec/dummy/config/database.yml +25 -0
data/spec/dummy/config/environment.rb +5 -0
data/spec/dummy/config/environments/development.rb +30 -0
data/spec/dummy/config/environments/production.rb +60 -0
data/spec/dummy/config/environments/test.rb +39 -0
data/spec/dummy/config/initializers/backtrace_silencers.rb +7 -0
data/spec/dummy/config/initializers/devise.rb +216 -0
data/spec/dummy/config/initializers/inflections.rb +10 -0
data/spec/dummy/config/initializers/mime_types.rb +5 -0
data/spec/dummy/config/initializers/secret_token.rb +7 -0
data/spec/dummy/config/initializers/session_store.rb +8 -0
data/spec/dummy/config/initializers/wrap_parameters.rb +14 -0
data/spec/dummy/config/locales/devise.en.yml +57 -0
data/spec/dummy/config/locales/en.yml +5 -0
data/spec/dummy/config/routes.rb +7 -0
data/spec/dummy/db/migrate/20120521101005_create_users.rb +5 -0
data/spec/dummy/db/migrate/20120521101006_add_devise_to_users.rb +53 -0
data/spec/dummy/db/migrate/20120521101407_create_devise_oauth2_providable_schema.devise_oauth2_providable.rb +56 -0
data/spec/dummy/db/schema.rb +88 -0
data/spec/dummy/lib/assets/.gitkeep +0 -0
data/spec/dummy/public/404.html +26 -0
data/spec/dummy/public/422.html +26 -0
data/spec/dummy/public/500.html +26 -0
data/spec/dummy/public/favicon.ico +0 -0
data/spec/dummy/script/rails +6 -0
data/spec/factories.rb +19 -0
data/spec/integration/oauth2_authorization_token_grant_type_strategy_spec.rb +136 -0
data/spec/integration/oauth2_password_grant_type_strategy_spec.rb +198 -0
data/spec/integration/oauth2_refresh_token_grant_type_strategy_spec.rb +138 -0
data/spec/lib/devise_oauth2_providable_spec.rb +7 -0
data/spec/models/access_token_spec.rb +51 -0
data/spec/models/authorization_code_spec.rb +21 -0
data/spec/models/client_spec.rb +22 -0
data/spec/models/refresh_token_spec.rb +23 -0
data/spec/models/user_spec.rb +6 -0
data/spec/routing/authorizations_routing_spec.rb +17 -0
data/spec/routing/tokens_routing_spec.rb +11 -0
data/spec/spec_helper.rb +28 -0
data/spec/support/match_json.rb +6 -0
metadata +334 -0

data/spec/integration/oauth2_authorization_token_grant_type_strategy_spec.rb ADDED

@@ -0,0 +1,136 @@
+require 'spec_helper'
+describe Devise::Strategies::Oauth2AuthorizationCodeGrantTypeStrategy do
+  describe 'POST /oauth2/token' do
+    describe 'with grant_type=authorization_code' do
+      context 'with valid params' do
+        let(:user) { create(:user) }
+        let(:client) { create(:client) }
+        before do
+          @authorization_code = user.authorization_codes.create(:client => client, :redirect_uri => client.redirect_uri)
+          params = {
+            :grant_type => 'authorization_code',
+            :client_id => client.identifier,
+            :client_secret => client.secret,
+            :code => @authorization_code.token
+          }
+          post '/oauth2/token', params
+        end
+        it { response.code.to_i.should == 200 }
+        it { response.content_type.should == 'application/json' }
+        it 'returns json' do
+          token = Devise::Oauth2Providable::AccessToken.last
+          refresh_token = Devise::Oauth2Providable::RefreshToken.last
+          expected = {
+            :token_type => 'bearer',
+            :expires_in => 899,
+            :refresh_token => refresh_token.token,
+            :access_token => token.token
+          }
+          response.body.should match_json(expected)
+        end
+      end
+      context 'with expired authorization_code' do
+        let(:user) { create(:user) }
+        let(:client) { create(:client) }
+        before do
+          timenow = 2.days.from_now
+          Time.stub!(:now).and_return(timenow)
+          @authorization_code = user.authorization_codes.create(:client_id => client, :redirect_uri => client.redirect_uri)
+          params = {
+            :grant_type => 'authorization_code',
+            :client_id => client.identifier,
+            :client_secret => client.secret,
+            :code => @authorization_code.token
+          }
+          Time.stub!(:now).and_return(timenow + 10.minutes)
+          post '/oauth2/token', params
+        end
+        it { response.code.to_i.should == 400 }
+        it { response.content_type.should == 'application/json' }
+        it 'returns json' do
+          expected = {
+            :error => 'invalid_grant',
+            :error_description => 'invalid authorization code request'
+          }
+          response.body.should match_json(expected)
+        end
+      end
+      context 'with invalid authorization_code' do
+        let(:user) { create(:user) }
+        let(:client) { create(:client) }
+        before do
+          @authorization_code = user.authorization_codes.create(:client_id => client, :redirect_uri => client.redirect_uri)
+          params = {
+            :grant_type => 'authorization_code',
+            :client_id => client.identifier,
+            :client_secret => client.secret,
+            :code => 'invalid'
+          }
+          post '/oauth2/token', params
+        end
+        it { response.code.to_i.should == 400 }
+        it { response.content_type.should == 'application/json' }
+        it 'returns json' do
+          expected = {
+            :error => 'invalid_grant',
+            :error_description => 'invalid authorization code request'
+          }
+          response.body.should match_json(expected)
+        end
+      end
+      context 'with invalid client_secret' do
+        let(:user) { create(:user) }
+        let(:client) { create(:client) }
+        before do
+          @authorization_code = user.authorization_codes.create(:client_id => client, :redirect_uri => client.redirect_uri)
+          params = {
+            :grant_type => 'authorization_code',
+            :client_id => client.identifier,
+            :client_secret => 'invalid',
+            :code => @authorization_code.token
+          }
+          post '/oauth2/token', params
+        end
+        it { response.code.to_i.should == 400 }
+        it { response.content_type.should == 'application/json' }
+        it 'returns json' do
+          expected = {
+            :error => 'invalid_client',
+            :error_description => 'invalid client credentials'
+          }
+          response.body.should match_json(expected)
+        end
+      end
+      context 'with invalid client_id' do
+        let(:user) { create(:user) }
+        let(:client) { create(:client) }
+        before do
+          @authorization_code = user.authorization_codes.create(:client_id => client, :redirect_uri => client.redirect_uri)
+          params = {
+            :grant_type => 'authorization_code',
+            :client_id => 'invalid',
+            :client_secret => client.secret,
+            :code => @authorization_code.token
+          }
+          post '/oauth2/token', params
+        end
+        it { response.code.to_i.should == 400 }
+        it { response.content_type.should == 'application/json' }
+        it 'returns json' do
+          expected = {
+            :error => 'invalid_client',
+            :error_description => 'invalid client credentials'
+          }
+          response.body.should match_json(expected)
+        end
+      end
+    end
+  end
+end

data/spec/integration/oauth2_password_grant_type_strategy_spec.rb ADDED

@@ -0,0 +1,198 @@
+require 'spec_helper'
+describe Devise::Strategies::Oauth2PasswordGrantTypeStrategy do
+  describe 'POST /oauth2/token' do
+    describe 'with grant_type=password' do
+      context 'with valid params' do
+        let(:client) { create(:client) }
+        before do
+          @user = create(:user)
+          params = {
+            :grant_type => 'password',
+            :client_id => client.identifier,
+            :client_secret => client.secret,
+            :username => @user.email,
+            :password => 'test123456'
+          }
+          post '/oauth2/token', params
+        end
+        it { response.code.to_i.should == 200 }
+        it { response.content_type.should == 'application/json' }
+        it 'returns json' do
+          token = Devise::Oauth2Providable::AccessToken.last
+          expected = token.token_response
+          response.body.should match_json(expected)
+        end
+      end
+      context 'with valid params and client id/secret in basic auth header' do
+        let(:client) { create(:client) }
+        before do
+          @user = create :user
+          params = {
+            :grant_type => 'password',
+            :username => @user.email,
+            :password => 'test123456'
+          }
+          auth_header = ActionController::HttpAuthentication::Basic.encode_credentials client.identifier, client.secret
+          post '/oauth2/token', params, 'HTTP_AUTHORIZATION' => auth_header
+        end
+        it { response.code.to_i.should == 200 }
+        it { response.content_type.should == 'application/json' }
+        it 'returns json' do
+          token = Devise::Oauth2Providable::AccessToken.last
+          expected = token.token_response
+          response.body.should match_json(expected)
+        end
+      end
+      context 'with invalid client id in basic auth header' do
+        let(:client) { create(:client) }
+        before do
+          @user = create :user
+          params = {
+            :grant_type => 'password',
+            :username => @user.email,
+            :password => 'test123456'
+          }
+          auth_header = ActionController::HttpAuthentication::Basic.encode_credentials 'invalid client id', client.secret
+          post '/oauth2/token', params, 'HTTP_AUTHORIZATION' => auth_header
+        end
+        it { response.code.to_i.should == 400 }
+        it { response.content_type.should == 'application/json'  }
+        it 'returns json' do
+          expected = {
+            :error_description => "invalid client credentials",
+            :error => "invalid_client"
+          }
+          response.body.should match_json(expected)
+        end
+      end
+      context 'with invalid client secret in basic auth header' do
+        let(:client) { create(:client) }
+        before do
+          @user = create :user
+          params = {
+            :grant_type => 'password',
+            :username => @user.email,
+            :password => 'test123456'
+          }
+          auth_header = ActionController::HttpAuthentication::Basic.encode_credentials client.identifier, 'invalid secret'
+          post '/oauth2/token', params, 'HTTP_AUTHORIZATION' => auth_header
+        end
+        it { response.code.to_i.should == 400 }
+        it { response.content_type.should == 'application/json'  }
+        it 'returns json' do
+          expected = {
+            :error_description => "invalid client credentials",
+            :error => "invalid_client"
+          }
+          response.body.should match_json(expected)
+        end
+      end
+      context 'with invalid password' do
+        let(:client) { create(:client) }
+        before do
+          @user = create :user
+          params = {
+            :grant_type => 'password',
+            :client_id => client.identifier,
+            :client_secret => client.secret,
+            :username => @user.email,
+            :password => 'bar'
+          }
+          post '/oauth2/token', params
+        end
+        it { response.code.to_i.should == 400 }
+        it { response.content_type.should == 'application/json'  }
+        it 'returns json' do
+          expected = {
+            :error_description => "invalid password authentication request",
+            :error => "invalid_grant"
+          }
+          response.body.should match_json(expected)
+        end
+      end
+      context 'with invalid user' do
+        let(:client) { create(:client) }
+        before do
+          @user = create :user
+          params = {
+            :grant_type => 'password',
+            :client_id => client.identifier,
+            :client_secret => client.secret,
+            :username => 'bla@bla.com',
+            :password => 'bar'
+          }
+          post '/oauth2/token', params
+        end
+        it { response.code.to_i.should == 400 }
+        it { response.content_type.should == 'application/json'  }
+        it 'returns json' do
+          expected = {
+            :error_description => "invalid password authentication request",
+            :error => "invalid_grant"
+          }
+          response.body.should match_json(expected)
+        end
+      end
+      context 'with invalid client_id' do
+        let(:client) { create(:client) }
+        before do
+          @user = create :user
+          params = {
+            :grant_type => 'password',
+            :client_id => 'invalid',
+            :client_secret => client.secret,
+            :username => @user.email,
+            :password => 'test123456'
+          }
+          post '/oauth2/token', params
+        end
+        it { response.code.to_i.should == 400 }
+        it { response.content_type.should == 'application/json'  }
+        it 'returns json' do
+          expected = {
+            :error_description => "invalid client credentials",
+            :error => "invalid_client"
+          }
+          response.body.should match_json(expected)
+        end
+      end
+      context 'with invalid client_secret' do
+        let(:client) { create(:client) }
+        before do
+          @user = create :user
+          params = {
+            :grant_type => 'password',
+            :client_id => client.identifier,
+            :client_secret => 'invalid',
+            :username => @user.email,
+            :password => 'test123456'
+          }
+          post '/oauth2/token', params
+        end
+        it { response.code.to_i.should == 400 }
+        it { response.content_type.should == 'application/json'  }
+        it 'returns json' do
+          expected = {
+            :error_description => "invalid client credentials",
+            :error => "invalid_client"
+          }
+          response.body.should match_json(expected)
+        end
+      end
+    end
+  end
+end

data/spec/integration/oauth2_refresh_token_grant_type_strategy_spec.rb ADDED

@@ -0,0 +1,138 @@
+require 'spec_helper'
+describe Devise::Strategies::Oauth2RefreshTokenGrantTypeStrategy do
+  describe 'POST /oauth2/token' do
+    describe 'with grant_type=refresh_token' do
+      context 'with valid params' do
+        let(:user) { create(:user) }
+        let(:client) { create(:client) }
+        before do
+          @refresh_token = client.refresh_tokens.create! :user => user
+          params = {
+            :grant_type => 'refresh_token',
+            :client_id => client.identifier,
+            :client_secret => client.secret,
+            :refresh_token => @refresh_token.token
+          }
+          post '/oauth2/token', params
+        end
+        it { response.code.to_i.should == 200 }
+        it { response.content_type.should == 'application/json' }
+        it 'returns json' do
+          token = Devise::Oauth2Providable::AccessToken.last
+          refresh_token = @refresh_token
+          expected = {
+            :token_type => 'bearer',
+            :expires_in => 899,
+            :refresh_token => refresh_token.token,
+            :access_token => token.token
+          }
+          response.body.should match_json(expected)
+        end
+      end
+      context 'with expired refresh_token' do
+        let(:user) { create(:user) }
+        let(:client) { create(:client) }
+        before do
+          timenow = 2.days.from_now
+          Time.stub!(:now).and_return(timenow)
+          @refresh_token = client.refresh_tokens.create! :user => user
+          params = {
+            :grant_type => 'refresh_token',
+            :client_id => client.identifier,
+            :client_secret => client.secret,
+            :refresh_token => @refresh_token.token
+          }
+          Time.stub!(:now).and_return(timenow + 2.months)
+          post '/oauth2/token', params
+        end
+        it { response.code.to_i.should == 400 }
+        it { response.content_type.should == 'application/json' }
+        it 'returns json' do
+          expected = {
+            :error => 'invalid_grant',
+            :error_description => 'invalid refresh token'
+          }
+          response.body.should match_json(expected)
+        end
+      end
+      context 'with invalid refresh_token' do
+        let(:user) { create(:user) }
+        let(:client) { create(:client) }
+        before do
+          @refresh_token = client.refresh_tokens.create! :user => user
+          params = {
+            :grant_type => 'refresh_token',
+            :client_id => client.identifier,
+            :client_secret => client.secret,
+            :refresh_token => 'invalid'
+          }
+          post '/oauth2/token', params
+        end
+        it { response.code.to_i.should == 400 }
+        it { response.content_type.should == 'application/json' }
+        it 'returns json' do
+          token = Devise::Oauth2Providable::AccessToken.last
+          refresh_token = @refresh_token
+          expected = {
+            :error => 'invalid_grant',
+            :error_description => 'invalid refresh token'
+          }
+          response.body.should match_json(expected)
+        end
+      end
+      context 'with invalid client_id' do
+        let(:user) { create(:user) }
+        let(:client) { create(:client) }
+        before do
+          @refresh_token = client.refresh_tokens.create! :user => user
+          params = {
+            :grant_type => 'refresh_token',
+            :client_id => 'invalid',
+            :client_secret => client.secret,
+            :refresh_token => @refresh_token.token
+          }
+          post '/oauth2/token', params
+        end
+        it { response.code.to_i.should == 400 }
+        it { response.content_type.should == 'application/json' }
+        it 'returns json' do
+          expected = {
+            :error => 'invalid_client',
+            :error_description => 'invalid client credentials'
+          }
+          response.body.should match_json(expected)
+        end
+      end
+      context 'with invalid client_secret' do
+        let(:user) { create(:user) }
+        let(:client) { create(:client) }
+        before do
+          @refresh_token = client.refresh_tokens.create! :user => user
+          params = {
+            :grant_type => 'refresh_token',
+            :client_id => client.identifier,
+            :client_secret => 'invalid',
+            :refresh_token => @refresh_token.token
+          }
+          post '/oauth2/token', params
+        end
+        it { response.code.to_i.should == 400 }
+        it { response.content_type.should == 'application/json' }
+        it 'returns json' do
+          expected = {
+            :error => 'invalid_client',
+            :error_description => 'invalid client credentials'
+          }
+          response.body.should match_json(expected)
+        end
+      end
+    end
+  end
+end