brycesch-devise_oauth2_providable 1.1.7
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- data/.gitignore +35 -0
- data/.ruby_gemset +1 -0
- data/.ruby_version +1 -0
- data/CONTRIBUTORS.txt +6 -0
- data/Gemfile +4 -0
- data/LICENSE.txt +22 -0
- data/README.md +160 -0
- data/Rakefile +8 -0
- data/app/controllers/devise/oauth2_providable/authorizations_controller.rb +59 -0
- data/app/controllers/devise/oauth2_providable/tokens_controller.rb +35 -0
- data/app/models/devise/oauth2_providable/access_token.rb +25 -0
- data/app/models/devise/oauth2_providable/authorization_code.rb +3 -0
- data/app/models/devise/oauth2_providable/client.rb +26 -0
- data/app/models/devise/oauth2_providable/refresh_token.rb +6 -0
- data/app/views/devise/oauth2_providable/authorizations/_form.html.erb +7 -0
- data/app/views/devise/oauth2_providable/authorizations/error.html.erb +4 -0
- data/app/views/devise/oauth2_providable/authorizations/new.html.erb +4 -0
- data/config/routes.rb +6 -0
- data/db/migrate/20111014160714_create_devise_oauth2_providable_schema.rb +58 -0
- data/devise_oauth2_providable.gemspec +33 -0
- data/lib/devise/oauth2_providable/engine.rb +16 -0
- data/lib/devise/oauth2_providable/expirable_token.rb +56 -0
- data/lib/devise/oauth2_providable/models/oauth2_authorization_code_grantable.rb +6 -0
- data/lib/devise/oauth2_providable/models/oauth2_password_grantable.rb +6 -0
- data/lib/devise/oauth2_providable/models/oauth2_providable.rb +13 -0
- data/lib/devise/oauth2_providable/models/oauth2_refresh_token_grantable.rb +6 -0
- data/lib/devise/oauth2_providable/strategies/oauth2_authorization_code_grant_type_strategy.rb +21 -0
- data/lib/devise/oauth2_providable/strategies/oauth2_grant_type_strategy.rb +44 -0
- data/lib/devise/oauth2_providable/strategies/oauth2_password_grant_type_strategy.rb +22 -0
- data/lib/devise/oauth2_providable/strategies/oauth2_providable_strategy.rb +31 -0
- data/lib/devise/oauth2_providable/strategies/oauth2_refresh_token_grant_type_strategy.rb +22 -0
- data/lib/devise/oauth2_providable/version.rb +5 -0
- data/lib/devise_oauth2_providable.rb +41 -0
- data/script/rails +6 -0
- data/spec/controllers/authorizations_controller_spec.rb +32 -0
- data/spec/controllers/protected_controller_spec.rb +43 -0
- data/spec/controllers/tokens_controller_spec.rb +50 -0
- data/spec/dummy/Rakefile +7 -0
- data/spec/dummy/app/assets/javascripts/application.js +7 -0
- data/spec/dummy/app/assets/stylesheets/application.css +7 -0
- data/spec/dummy/app/controllers/application_controller.rb +3 -0
- data/spec/dummy/app/controllers/protected_controller.rb +7 -0
- data/spec/dummy/app/helpers/application_helper.rb +2 -0
- data/spec/dummy/app/mailers/.gitkeep +0 -0
- data/spec/dummy/app/models/.gitkeep +0 -0
- data/spec/dummy/app/models/user.rb +3 -0
- data/spec/dummy/app/views/layouts/application.html.erb +14 -0
- data/spec/dummy/config.ru +4 -0
- data/spec/dummy/config/application.rb +51 -0
- data/spec/dummy/config/boot.rb +10 -0
- data/spec/dummy/config/database.yml +25 -0
- data/spec/dummy/config/environment.rb +5 -0
- data/spec/dummy/config/environments/development.rb +32 -0
- data/spec/dummy/config/environments/production.rb +62 -0
- data/spec/dummy/config/environments/test.rb +42 -0
- data/spec/dummy/config/initializers/backtrace_silencers.rb +7 -0
- data/spec/dummy/config/initializers/devise.rb +259 -0
- data/spec/dummy/config/initializers/inflections.rb +10 -0
- data/spec/dummy/config/initializers/mime_types.rb +5 -0
- data/spec/dummy/config/initializers/secret_token.rb +7 -0
- data/spec/dummy/config/initializers/session_store.rb +8 -0
- data/spec/dummy/config/initializers/wrap_parameters.rb +14 -0
- data/spec/dummy/config/locales/devise.en.yml +58 -0
- data/spec/dummy/config/locales/en.yml +5 -0
- data/spec/dummy/config/routes.rb +7 -0
- data/spec/dummy/db/migrate/20111014142838_create_users.rb +9 -0
- data/spec/dummy/db/migrate/20111014161437_create_devise_oauth2_providable_schema.rb +55 -0
- data/spec/dummy/db/schema.rb +78 -0
- data/spec/dummy/lib/assets/.gitkeep +0 -0
- data/spec/dummy/public/404.html +26 -0
- data/spec/dummy/public/422.html +26 -0
- data/spec/dummy/public/500.html +26 -0
- data/spec/dummy/public/favicon.ico +0 -0
- data/spec/dummy/script/rails +6 -0
- data/spec/factories/client_factory.rb +7 -0
- data/spec/factories/user_factory.rb +6 -0
- data/spec/integration/oauth2_authorization_token_grant_type_strategy_spec.rb +137 -0
- data/spec/integration/oauth2_password_grant_type_strategy_spec.rb +174 -0
- data/spec/integration/oauth2_refresh_token_grant_type_strategy_spec.rb +138 -0
- data/spec/lib/devise_oauth2_providable_spec.rb +7 -0
- data/spec/models/access_token_spec.rb +50 -0
- data/spec/models/authorization_code_spec.rb +21 -0
- data/spec/models/client_spec.rb +17 -0
- data/spec/models/refresh_token_spec.rb +23 -0
- data/spec/models/user_spec.rb +6 -0
- data/spec/routing/authorizations_routing_spec.rb +16 -0
- data/spec/routing/tokens_routing_spec.rb +9 -0
- data/spec/spec_helper.rb +33 -0
- data/spec/support/match_json.rb +6 -0
- metadata +330 -0
@@ -0,0 +1,10 @@
|
|
1
|
+
# Be sure to restart your server when you modify this file.
|
2
|
+
|
3
|
+
# Add new inflection rules using the following format
|
4
|
+
# (all these examples are active by default):
|
5
|
+
# ActiveSupport::Inflector.inflections do |inflect|
|
6
|
+
# inflect.plural /^(ox)$/i, '\1en'
|
7
|
+
# inflect.singular /^(ox)en/i, '\1'
|
8
|
+
# inflect.irregular 'person', 'people'
|
9
|
+
# inflect.uncountable %w( fish sheep )
|
10
|
+
# end
|
@@ -0,0 +1,7 @@
|
|
1
|
+
# Be sure to restart your server when you modify this file.
|
2
|
+
|
3
|
+
# Your secret key for verifying the integrity of signed cookies.
|
4
|
+
# If you change this key, all old signed cookies will become invalid!
|
5
|
+
# Make sure the secret is at least 30 characters and all random,
|
6
|
+
# no regular words or you'll be exposed to dictionary attacks.
|
7
|
+
Dummy::Application.config.secret_token = 'ede0a0440c0b53d6589668e54cf525f27305242a2b32b5dbbfc9e50dd7cb7af8da2b7d7c386b7d675283c0ecc4bb522ab4cc5b53edee8ed60f7482d4c22d0e22'
|
@@ -0,0 +1,8 @@
|
|
1
|
+
# Be sure to restart your server when you modify this file.
|
2
|
+
|
3
|
+
Dummy::Application.config.session_store :cookie_store, :key => '_dummy_session'
|
4
|
+
|
5
|
+
# Use the database for sessions instead of the cookie-based default,
|
6
|
+
# which shouldn't be used to store highly confidential information
|
7
|
+
# (create the session table with "rails generate session_migration")
|
8
|
+
# Dummy::Application.config.session_store :active_record_store
|
@@ -0,0 +1,14 @@
|
|
1
|
+
# Be sure to restart your server when you modify this file.
|
2
|
+
#
|
3
|
+
# This file contains settings for ActionController::ParamsWrapper which
|
4
|
+
# is enabled by default.
|
5
|
+
|
6
|
+
# Enable parameter wrapping for JSON. You can disable this by setting :format to an empty array.
|
7
|
+
ActiveSupport.on_load(:action_controller) do
|
8
|
+
wrap_parameters :format => [:json]
|
9
|
+
end
|
10
|
+
|
11
|
+
# Disable root element in JSON by default.
|
12
|
+
ActiveSupport.on_load(:active_record) do
|
13
|
+
self.include_root_in_json = false
|
14
|
+
end
|
@@ -0,0 +1,58 @@
|
|
1
|
+
# Additional translations at http://github.com/plataformatec/devise/wiki/I18n
|
2
|
+
|
3
|
+
en:
|
4
|
+
errors:
|
5
|
+
messages:
|
6
|
+
expired: "has expired, please request a new one"
|
7
|
+
not_found: "not found"
|
8
|
+
already_confirmed: "was already confirmed, please try signing in"
|
9
|
+
not_locked: "was not locked"
|
10
|
+
not_saved:
|
11
|
+
one: "1 error prohibited this %{resource} from being saved:"
|
12
|
+
other: "%{count} errors prohibited this %{resource} from being saved:"
|
13
|
+
|
14
|
+
devise:
|
15
|
+
failure:
|
16
|
+
already_authenticated: 'You are already signed in.'
|
17
|
+
unauthenticated: 'You need to sign in or sign up before continuing.'
|
18
|
+
unconfirmed: 'You have to confirm your account before continuing.'
|
19
|
+
locked: 'Your account is locked.'
|
20
|
+
invalid: 'Invalid email or password.'
|
21
|
+
invalid_token: 'Invalid authentication token.'
|
22
|
+
timeout: 'Your session expired, please sign in again to continue.'
|
23
|
+
inactive: 'Your account was not activated yet.'
|
24
|
+
sessions:
|
25
|
+
signed_in: 'Signed in successfully.'
|
26
|
+
signed_out: 'Signed out successfully.'
|
27
|
+
passwords:
|
28
|
+
send_instructions: 'You will receive an email with instructions about how to reset your password in a few minutes.'
|
29
|
+
updated: 'Your password was changed successfully. You are now signed in.'
|
30
|
+
updated_not_active: 'Your password was changed successfully.'
|
31
|
+
send_paranoid_instructions: "If your e-mail exists on our database, you will receive a password recovery link on your e-mail"
|
32
|
+
confirmations:
|
33
|
+
send_instructions: 'You will receive an email with instructions about how to confirm your account in a few minutes.'
|
34
|
+
send_paranoid_instructions: 'If your e-mail exists on our database, you will receive an email with instructions about how to confirm your account in a few minutes.'
|
35
|
+
confirmed: 'Your account was successfully confirmed. You are now signed in.'
|
36
|
+
registrations:
|
37
|
+
signed_up: 'Welcome! You have signed up successfully.'
|
38
|
+
inactive_signed_up: 'You have signed up successfully. However, we could not sign you in because your account is %{reason}.'
|
39
|
+
updated: 'You updated your account successfully.'
|
40
|
+
destroyed: 'Bye! Your account was successfully cancelled. We hope to see you again soon.'
|
41
|
+
reasons:
|
42
|
+
inactive: 'inactive'
|
43
|
+
unconfirmed: 'unconfirmed'
|
44
|
+
locked: 'locked'
|
45
|
+
unlocks:
|
46
|
+
send_instructions: 'You will receive an email with instructions about how to unlock your account in a few minutes.'
|
47
|
+
unlocked: 'Your account was successfully unlocked. You are now signed in.'
|
48
|
+
send_paranoid_instructions: 'If your account exists, you will receive an email with instructions about how to unlock it in a few minutes.'
|
49
|
+
omniauth_callbacks:
|
50
|
+
success: 'Successfully authorized from %{kind} account.'
|
51
|
+
failure: 'Could not authorize you from %{kind} because "%{reason}".'
|
52
|
+
mailer:
|
53
|
+
confirmation_instructions:
|
54
|
+
subject: 'Confirmation instructions'
|
55
|
+
reset_password_instructions:
|
56
|
+
subject: 'Reset password instructions'
|
57
|
+
unlock_instructions:
|
58
|
+
subject: 'Unlock Instructions'
|
@@ -0,0 +1,55 @@
|
|
1
|
+
class CreateDeviseOauth2ProvidableSchema < ActiveRecord::Migration
|
2
|
+
def change
|
3
|
+
create_table :oauth2_clients do |t|
|
4
|
+
t.string :name
|
5
|
+
t.string :redirect_uri
|
6
|
+
t.string :website
|
7
|
+
t.string :identifier
|
8
|
+
t.string :secret
|
9
|
+
t.timestamps
|
10
|
+
end
|
11
|
+
change_table :oauth2_clients do |t|
|
12
|
+
t.index :identifier, :unique => true
|
13
|
+
end
|
14
|
+
|
15
|
+
create_table :oauth2_access_tokens do |t|
|
16
|
+
t.belongs_to :user, :client, :refresh_token
|
17
|
+
t.string :token
|
18
|
+
t.datetime :expires_at
|
19
|
+
t.timestamps
|
20
|
+
end
|
21
|
+
change_table :oauth2_access_tokens do |t|
|
22
|
+
t.index :token, :unique => true
|
23
|
+
t.index :expires_at
|
24
|
+
t.index :user_id
|
25
|
+
t.index :client_id
|
26
|
+
end
|
27
|
+
|
28
|
+
create_table :oauth2_refresh_tokens do |t|
|
29
|
+
t.belongs_to :user, :client
|
30
|
+
t.string :token
|
31
|
+
t.datetime :expires_at
|
32
|
+
t.timestamps
|
33
|
+
end
|
34
|
+
change_table :oauth2_refresh_tokens do |t|
|
35
|
+
t.index :token, :unique => true
|
36
|
+
t.index :expires_at
|
37
|
+
t.index :user_id
|
38
|
+
t.index :client_id
|
39
|
+
end
|
40
|
+
|
41
|
+
create_table :oauth2_authorization_codes do |t|
|
42
|
+
t.belongs_to :user, :client
|
43
|
+
t.string :token
|
44
|
+
t.datetime :expires_at
|
45
|
+
t.string :redirect_uri
|
46
|
+
t.timestamps
|
47
|
+
end
|
48
|
+
change_table :oauth2_authorization_codes do |t|
|
49
|
+
t.index :token, :unique => true
|
50
|
+
t.index :expires_at
|
51
|
+
t.index :user_id
|
52
|
+
t.index :client_id
|
53
|
+
end
|
54
|
+
end
|
55
|
+
end
|
@@ -0,0 +1,78 @@
|
|
1
|
+
# This file is auto-generated from the current state of the database. Instead
|
2
|
+
# of editing this file, please use the migrations feature of Active Record to
|
3
|
+
# incrementally modify your database, and then regenerate this schema definition.
|
4
|
+
#
|
5
|
+
# Note that this schema.rb definition is the authoritative source for your
|
6
|
+
# database schema. If you need to create the application database on another
|
7
|
+
# system, you should be using db:schema:load, not running all the migrations
|
8
|
+
# from scratch. The latter is a flawed and unsustainable approach (the more migrations
|
9
|
+
# you'll amass, the slower it'll run and the greater likelihood for issues).
|
10
|
+
#
|
11
|
+
# It's strongly recommended to check this file into your version control system.
|
12
|
+
|
13
|
+
ActiveRecord::Schema.define(:version => 20111014161437) do
|
14
|
+
|
15
|
+
create_table "oauth2_access_tokens", :force => true do |t|
|
16
|
+
t.integer "user_id"
|
17
|
+
t.integer "client_id"
|
18
|
+
t.integer "refresh_token_id"
|
19
|
+
t.string "token"
|
20
|
+
t.datetime "expires_at"
|
21
|
+
t.datetime "created_at"
|
22
|
+
t.datetime "updated_at"
|
23
|
+
end
|
24
|
+
|
25
|
+
add_index "oauth2_access_tokens", ["client_id"], :name => "index_oauth2_access_tokens_on_client_id"
|
26
|
+
add_index "oauth2_access_tokens", ["expires_at"], :name => "index_oauth2_access_tokens_on_expires_at"
|
27
|
+
add_index "oauth2_access_tokens", ["token"], :name => "index_oauth2_access_tokens_on_token", :unique => true
|
28
|
+
add_index "oauth2_access_tokens", ["user_id"], :name => "index_oauth2_access_tokens_on_user_id"
|
29
|
+
|
30
|
+
create_table "oauth2_authorization_codes", :force => true do |t|
|
31
|
+
t.integer "user_id"
|
32
|
+
t.integer "client_id"
|
33
|
+
t.string "token"
|
34
|
+
t.datetime "expires_at"
|
35
|
+
t.string "redirect_uri"
|
36
|
+
t.datetime "created_at"
|
37
|
+
t.datetime "updated_at"
|
38
|
+
end
|
39
|
+
|
40
|
+
add_index "oauth2_authorization_codes", ["client_id"], :name => "index_oauth2_authorization_codes_on_client_id"
|
41
|
+
add_index "oauth2_authorization_codes", ["expires_at"], :name => "index_oauth2_authorization_codes_on_expires_at"
|
42
|
+
add_index "oauth2_authorization_codes", ["token"], :name => "index_oauth2_authorization_codes_on_token", :unique => true
|
43
|
+
add_index "oauth2_authorization_codes", ["user_id"], :name => "index_oauth2_authorization_codes_on_user_id"
|
44
|
+
|
45
|
+
create_table "oauth2_clients", :force => true do |t|
|
46
|
+
t.string "name"
|
47
|
+
t.string "redirect_uri"
|
48
|
+
t.string "website"
|
49
|
+
t.string "identifier"
|
50
|
+
t.string "secret"
|
51
|
+
t.datetime "created_at"
|
52
|
+
t.datetime "updated_at"
|
53
|
+
end
|
54
|
+
|
55
|
+
add_index "oauth2_clients", ["identifier"], :name => "index_oauth2_clients_on_identifier", :unique => true
|
56
|
+
|
57
|
+
create_table "oauth2_refresh_tokens", :force => true do |t|
|
58
|
+
t.integer "user_id"
|
59
|
+
t.integer "client_id"
|
60
|
+
t.string "token"
|
61
|
+
t.datetime "expires_at"
|
62
|
+
t.datetime "created_at"
|
63
|
+
t.datetime "updated_at"
|
64
|
+
end
|
65
|
+
|
66
|
+
add_index "oauth2_refresh_tokens", ["client_id"], :name => "index_oauth2_refresh_tokens_on_client_id"
|
67
|
+
add_index "oauth2_refresh_tokens", ["expires_at"], :name => "index_oauth2_refresh_tokens_on_expires_at"
|
68
|
+
add_index "oauth2_refresh_tokens", ["token"], :name => "index_oauth2_refresh_tokens_on_token", :unique => true
|
69
|
+
add_index "oauth2_refresh_tokens", ["user_id"], :name => "index_oauth2_refresh_tokens_on_user_id"
|
70
|
+
|
71
|
+
create_table "users", :force => true do |t|
|
72
|
+
t.string "email", :default => "", :null => false
|
73
|
+
t.string "encrypted_password", :limit => 128, :default => "", :null => false
|
74
|
+
t.datetime "created_at"
|
75
|
+
t.datetime "updated_at"
|
76
|
+
end
|
77
|
+
|
78
|
+
end
|
File without changes
|
@@ -0,0 +1,26 @@
|
|
1
|
+
<!DOCTYPE html>
|
2
|
+
<html>
|
3
|
+
<head>
|
4
|
+
<title>The page you were looking for doesn't exist (404)</title>
|
5
|
+
<style type="text/css">
|
6
|
+
body { background-color: #fff; color: #666; text-align: center; font-family: arial, sans-serif; }
|
7
|
+
div.dialog {
|
8
|
+
width: 25em;
|
9
|
+
padding: 0 4em;
|
10
|
+
margin: 4em auto 0 auto;
|
11
|
+
border: 1px solid #ccc;
|
12
|
+
border-right-color: #999;
|
13
|
+
border-bottom-color: #999;
|
14
|
+
}
|
15
|
+
h1 { font-size: 100%; color: #f00; line-height: 1.5em; }
|
16
|
+
</style>
|
17
|
+
</head>
|
18
|
+
|
19
|
+
<body>
|
20
|
+
<!-- This file lives in public/404.html -->
|
21
|
+
<div class="dialog">
|
22
|
+
<h1>The page you were looking for doesn't exist.</h1>
|
23
|
+
<p>You may have mistyped the address or the page may have moved.</p>
|
24
|
+
</div>
|
25
|
+
</body>
|
26
|
+
</html>
|
@@ -0,0 +1,26 @@
|
|
1
|
+
<!DOCTYPE html>
|
2
|
+
<html>
|
3
|
+
<head>
|
4
|
+
<title>The change you wanted was rejected (422)</title>
|
5
|
+
<style type="text/css">
|
6
|
+
body { background-color: #fff; color: #666; text-align: center; font-family: arial, sans-serif; }
|
7
|
+
div.dialog {
|
8
|
+
width: 25em;
|
9
|
+
padding: 0 4em;
|
10
|
+
margin: 4em auto 0 auto;
|
11
|
+
border: 1px solid #ccc;
|
12
|
+
border-right-color: #999;
|
13
|
+
border-bottom-color: #999;
|
14
|
+
}
|
15
|
+
h1 { font-size: 100%; color: #f00; line-height: 1.5em; }
|
16
|
+
</style>
|
17
|
+
</head>
|
18
|
+
|
19
|
+
<body>
|
20
|
+
<!-- This file lives in public/422.html -->
|
21
|
+
<div class="dialog">
|
22
|
+
<h1>The change you wanted was rejected.</h1>
|
23
|
+
<p>Maybe you tried to change something you didn't have access to.</p>
|
24
|
+
</div>
|
25
|
+
</body>
|
26
|
+
</html>
|
@@ -0,0 +1,26 @@
|
|
1
|
+
<!DOCTYPE html>
|
2
|
+
<html>
|
3
|
+
<head>
|
4
|
+
<title>We're sorry, but something went wrong (500)</title>
|
5
|
+
<style type="text/css">
|
6
|
+
body { background-color: #fff; color: #666; text-align: center; font-family: arial, sans-serif; }
|
7
|
+
div.dialog {
|
8
|
+
width: 25em;
|
9
|
+
padding: 0 4em;
|
10
|
+
margin: 4em auto 0 auto;
|
11
|
+
border: 1px solid #ccc;
|
12
|
+
border-right-color: #999;
|
13
|
+
border-bottom-color: #999;
|
14
|
+
}
|
15
|
+
h1 { font-size: 100%; color: #f00; line-height: 1.5em; }
|
16
|
+
</style>
|
17
|
+
</head>
|
18
|
+
|
19
|
+
<body>
|
20
|
+
<!-- This file lives in public/500.html -->
|
21
|
+
<div class="dialog">
|
22
|
+
<h1>We're sorry, but something went wrong.</h1>
|
23
|
+
<p>We've been notified about this issue and we'll take a look at it shortly.</p>
|
24
|
+
</div>
|
25
|
+
</body>
|
26
|
+
</html>
|
File without changes
|
@@ -0,0 +1,6 @@
|
|
1
|
+
#!/usr/bin/env ruby
|
2
|
+
# This command will automatically be run when you run "rails" with Rails 3 gems installed from the root of your application.
|
3
|
+
|
4
|
+
APP_PATH = File.expand_path('../../config/application', __FILE__)
|
5
|
+
require File.expand_path('../../config/boot', __FILE__)
|
6
|
+
require 'rails/commands'
|
@@ -0,0 +1,137 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
|
3
|
+
describe Devise::Strategies::Oauth2AuthorizationCodeGrantTypeStrategy do
|
4
|
+
describe 'POST /oauth2/token' do
|
5
|
+
describe 'with grant_type=authorization_code' do
|
6
|
+
context 'with valid params' do
|
7
|
+
let(:user) { FactoryGirl.create :user }
|
8
|
+
let(:client) { FactoryGirl.create :client }
|
9
|
+
before do
|
10
|
+
@authorization_code = user.authorization_codes.create!(:client => client, :redirect_uri => client.redirect_uri)
|
11
|
+
params = {
|
12
|
+
:grant_type => 'authorization_code',
|
13
|
+
:client_id => client.identifier,
|
14
|
+
:client_secret => client.secret,
|
15
|
+
:code => @authorization_code.token
|
16
|
+
}
|
17
|
+
|
18
|
+
post '/oauth2/token', params
|
19
|
+
end
|
20
|
+
it { response.code.to_i.should == 200 }
|
21
|
+
it { response.content_type.should == 'application/json' }
|
22
|
+
it 'returns json' do
|
23
|
+
token = Devise::Oauth2Providable::AccessToken.last
|
24
|
+
refresh_token = Devise::Oauth2Providable::RefreshToken.last
|
25
|
+
expected = {
|
26
|
+
:token_type => 'bearer',
|
27
|
+
:expires_in => 899,
|
28
|
+
:refresh_token => refresh_token.token,
|
29
|
+
:access_token => token.token
|
30
|
+
}
|
31
|
+
response.body.should match_json(expected)
|
32
|
+
end
|
33
|
+
end
|
34
|
+
context 'with expired authorization_code' do
|
35
|
+
let(:user) { FactoryGirl.create :user }
|
36
|
+
let(:client) { FactoryGirl.create :client }
|
37
|
+
before do
|
38
|
+
timenow = 2.days.from_now
|
39
|
+
Time.should_receive(:now).and_return(timenow)
|
40
|
+
allow(Time).to receive(:now).and_return(timenow)
|
41
|
+
@authorization_code = user.authorization_codes.create(:client_id => client, :redirect_uri => client.redirect_uri)
|
42
|
+
params = {
|
43
|
+
:grant_type => 'authorization_code',
|
44
|
+
:client_id => client.identifier,
|
45
|
+
:client_secret => client.secret,
|
46
|
+
:code => @authorization_code.token
|
47
|
+
}
|
48
|
+
allow(Time).to receive(:now).and_return(timenow + 10.minutes)
|
49
|
+
|
50
|
+
post '/oauth2/token', params
|
51
|
+
end
|
52
|
+
it { response.code.to_i.should == 400 }
|
53
|
+
it { response.content_type.should == 'application/json' }
|
54
|
+
it 'returns json' do
|
55
|
+
expected = {
|
56
|
+
:error => 'invalid_grant',
|
57
|
+
:error_description => 'invalid authorization code request'
|
58
|
+
}
|
59
|
+
response.body.should match_json(expected)
|
60
|
+
end
|
61
|
+
end
|
62
|
+
context 'with invalid authorization_code' do
|
63
|
+
let(:user) { FactoryGirl.create :user }
|
64
|
+
let(:client) { FactoryGirl.create :client }
|
65
|
+
before do
|
66
|
+
@authorization_code = user.authorization_codes.create(:client_id => client, :redirect_uri => client.redirect_uri)
|
67
|
+
params = {
|
68
|
+
:grant_type => 'authorization_code',
|
69
|
+
:client_id => client.identifier,
|
70
|
+
:client_secret => client.secret,
|
71
|
+
:code => 'invalid'
|
72
|
+
}
|
73
|
+
|
74
|
+
post '/oauth2/token', params
|
75
|
+
end
|
76
|
+
it { response.code.to_i.should == 400 }
|
77
|
+
it { response.content_type.should == 'application/json' }
|
78
|
+
it 'returns json' do
|
79
|
+
expected = {
|
80
|
+
:error => 'invalid_grant',
|
81
|
+
:error_description => 'invalid authorization code request'
|
82
|
+
}
|
83
|
+
response.body.should match_json(expected)
|
84
|
+
end
|
85
|
+
end
|
86
|
+
context 'with invalid client_secret' do
|
87
|
+
let(:user) { FactoryGirl.create :user }
|
88
|
+
let(:client) { FactoryGirl.create :client }
|
89
|
+
before do
|
90
|
+
@authorization_code = user.authorization_codes.create(:client_id => client, :redirect_uri => client.redirect_uri)
|
91
|
+
params = {
|
92
|
+
:grant_type => 'authorization_code',
|
93
|
+
:client_id => client.identifier,
|
94
|
+
:client_secret => 'invalid',
|
95
|
+
:code => @authorization_code.token
|
96
|
+
}
|
97
|
+
|
98
|
+
post '/oauth2/token', params
|
99
|
+
end
|
100
|
+
it { response.code.to_i.should == 400 }
|
101
|
+
it { response.content_type.should == 'application/json' }
|
102
|
+
it 'returns json' do
|
103
|
+
expected = {
|
104
|
+
:error => 'invalid_client',
|
105
|
+
:error_description => 'invalid client credentials'
|
106
|
+
}
|
107
|
+
response.body.should match_json(expected)
|
108
|
+
end
|
109
|
+
end
|
110
|
+
context 'with invalid client_id' do
|
111
|
+
let(:user) { FactoryGirl.create :user }
|
112
|
+
let(:client) { FactoryGirl.create :client }
|
113
|
+
before do
|
114
|
+
@authorization_code = user.authorization_codes.create(:client_id => client, :redirect_uri => client.redirect_uri)
|
115
|
+
params = {
|
116
|
+
:grant_type => 'authorization_code',
|
117
|
+
:client_id => 'invalid',
|
118
|
+
:client_secret => client.secret,
|
119
|
+
:code => @authorization_code.token
|
120
|
+
}
|
121
|
+
|
122
|
+
post '/oauth2/token', params
|
123
|
+
end
|
124
|
+
it { response.code.to_i.should == 400 }
|
125
|
+
it { response.content_type.should == 'application/json' }
|
126
|
+
it 'returns json' do
|
127
|
+
expected = {
|
128
|
+
:error => 'invalid_client',
|
129
|
+
:error_description => 'invalid client credentials'
|
130
|
+
}
|
131
|
+
response.body.should match_json(expected)
|
132
|
+
end
|
133
|
+
end
|
134
|
+
end
|
135
|
+
end
|
136
|
+
end
|
137
|
+
|