brycesch-devise_oauth2_providable 1.1.7

data/spec/dummy/config/initializers/inflections.rb

@@ -0,0 +1,10 @@
+# Be sure to restart your server when you modify this file.
+
+# Add new inflection rules using the following format
+# (all these examples are active by default):
+# ActiveSupport::Inflector.inflections do |inflect|
+#   inflect.plural /^(ox)$/i, '\1en'
+#   inflect.singular /^(ox)en/i, '\1'
+#   inflect.irregular 'person', 'people'
+#   inflect.uncountable %w( fish sheep )
+# end

data/spec/dummy/config/initializers/mime_types.rb

@@ -0,0 +1,5 @@
+# Be sure to restart your server when you modify this file.
+
+# Add new mime types for use in respond_to blocks:
+# Mime::Type.register "text/richtext", :rtf
+# Mime::Type.register_alias "text/html", :iphone

data/spec/dummy/config/initializers/secret_token.rb

@@ -0,0 +1,7 @@
+# Be sure to restart your server when you modify this file.
+
+# Your secret key for verifying the integrity of signed cookies.
+# If you change this key, all old signed cookies will become invalid!
+# Make sure the secret is at least 30 characters and all random,
+# no regular words or you'll be exposed to dictionary attacks.
+Dummy::Application.config.secret_token = 'ede0a0440c0b53d6589668e54cf525f27305242a2b32b5dbbfc9e50dd7cb7af8da2b7d7c386b7d675283c0ecc4bb522ab4cc5b53edee8ed60f7482d4c22d0e22'

data/spec/dummy/config/initializers/session_store.rb

@@ -0,0 +1,8 @@
+# Be sure to restart your server when you modify this file.
+
+Dummy::Application.config.session_store :cookie_store, :key => '_dummy_session'
+
+# Use the database for sessions instead of the cookie-based default,
+# which shouldn't be used to store highly confidential information
+# (create the session table with "rails generate session_migration")
+# Dummy::Application.config.session_store :active_record_store

data/spec/dummy/config/initializers/wrap_parameters.rb

@@ -0,0 +1,14 @@
+# Be sure to restart your server when you modify this file.
+#
+# This file contains settings for ActionController::ParamsWrapper which
+# is enabled by default.
+
+# Enable parameter wrapping for JSON. You can disable this by setting :format to an empty array.
+ActiveSupport.on_load(:action_controller) do
+  wrap_parameters :format => [:json]
+end
+
+# Disable root element in JSON by default.
+ActiveSupport.on_load(:active_record) do
+  self.include_root_in_json = false
+end

data/spec/dummy/config/locales/devise.en.yml

@@ -0,0 +1,58 @@
+# Additional translations at http://github.com/plataformatec/devise/wiki/I18n
+
+en:
+  errors:
+    messages:
+      expired: "has expired, please request a new one"
+      not_found: "not found"
+      already_confirmed: "was already confirmed, please try signing in"
+      not_locked: "was not locked"
+      not_saved:
+        one: "1 error prohibited this %{resource} from being saved:"
+        other: "%{count} errors prohibited this %{resource} from being saved:"
+
+  devise:
+    failure:
+      already_authenticated: 'You are already signed in.'
+      unauthenticated: 'You need to sign in or sign up before continuing.'
+      unconfirmed: 'You have to confirm your account before continuing.'
+      locked: 'Your account is locked.'
+      invalid: 'Invalid email or password.'
+      invalid_token: 'Invalid authentication token.'
+      timeout: 'Your session expired, please sign in again to continue.'
+      inactive: 'Your account was not activated yet.'
+    sessions:
+      signed_in: 'Signed in successfully.'
+      signed_out: 'Signed out successfully.'
+    passwords:
+      send_instructions: 'You will receive an email with instructions about how to reset your password in a few minutes.'
+      updated: 'Your password was changed successfully. You are now signed in.'
+      updated_not_active: 'Your password was changed successfully.'
+      send_paranoid_instructions: "If your e-mail exists on our database, you will receive a password recovery link on your e-mail"
+    confirmations:
+      send_instructions: 'You will receive an email with instructions about how to confirm your account in a few minutes.'
+      send_paranoid_instructions: 'If your e-mail exists on our database, you will receive an email with instructions about how to confirm your account in a few minutes.'
+      confirmed: 'Your account was successfully confirmed. You are now signed in.'
+    registrations:
+      signed_up: 'Welcome! You have signed up successfully.'
+      inactive_signed_up: 'You have signed up successfully. However, we could not sign you in because your account is %{reason}.'
+      updated: 'You updated your account successfully.'
+      destroyed: 'Bye! Your account was successfully cancelled. We hope to see you again soon.'
+      reasons:
+        inactive: 'inactive'
+        unconfirmed: 'unconfirmed'
+        locked: 'locked'
+    unlocks:
+      send_instructions: 'You will receive an email with instructions about how to unlock your account in a few minutes.'
+      unlocked: 'Your account was successfully unlocked. You are now signed in.'
+      send_paranoid_instructions: 'If your account exists, you will receive an email with instructions about how to unlock it in a few minutes.'
+    omniauth_callbacks:
+      success: 'Successfully authorized from %{kind} account.'
+      failure: 'Could not authorize you from %{kind} because "%{reason}".'
+    mailer:
+      confirmation_instructions:
+        subject: 'Confirmation instructions'
+      reset_password_instructions:
+        subject: 'Reset password instructions'
+      unlock_instructions:
+        subject: 'Unlock Instructions'

data/spec/dummy/config/locales/en.yml

@@ -0,0 +1,5 @@
+# Sample localization file for English. Add more files in this directory for other locales.
+# See https://github.com/svenfuchs/rails-i18n/tree/master/rails%2Flocale for starting points.
+
+en:
+  hello: "Hello world"

data/spec/dummy/config/routes.rb

@@ -0,0 +1,7 @@
+Rails.application.routes.draw do
+  devise_for :users
+
+  resources :protected
+
+  mount Devise::Oauth2Providable::Engine => '/oauth2'
+end

data/spec/dummy/db/migrate/20111014142838_create_users.rb

@@ -0,0 +1,9 @@
+class CreateUsers < ActiveRecord::Migration
+  def change
+    create_table :users do |t|
+      t.string :email
+      t.string :encrypted_password
+      t.timestamps
+    end
+  end
+end

data/spec/dummy/db/migrate/20111014161437_create_devise_oauth2_providable_schema.rb

@@ -0,0 +1,55 @@
+class CreateDeviseOauth2ProvidableSchema < ActiveRecord::Migration
+  def change
+    create_table :oauth2_clients do |t|
+      t.string :name
+      t.string :redirect_uri
+      t.string :website
+      t.string :identifier
+      t.string :secret
+      t.timestamps
+    end
+    change_table :oauth2_clients do |t|
+      t.index :identifier, :unique => true
+    end
+
+    create_table :oauth2_access_tokens do |t|
+      t.belongs_to :user, :client, :refresh_token
+      t.string :token
+      t.datetime :expires_at
+      t.timestamps
+    end
+    change_table :oauth2_access_tokens do |t|
+      t.index :token, :unique => true
+      t.index :expires_at
+      t.index :user_id
+      t.index :client_id
+    end
+
+    create_table :oauth2_refresh_tokens do |t|
+      t.belongs_to :user, :client
+      t.string :token
+      t.datetime :expires_at
+      t.timestamps
+    end
+    change_table :oauth2_refresh_tokens do |t|
+      t.index :token, :unique => true
+      t.index :expires_at
+      t.index :user_id
+      t.index :client_id
+    end
+
+    create_table :oauth2_authorization_codes do |t|
+      t.belongs_to :user, :client
+      t.string :token
+      t.datetime :expires_at
+      t.string :redirect_uri
+      t.timestamps
+    end
+    change_table :oauth2_authorization_codes do |t|
+      t.index :token, :unique => true
+      t.index :expires_at
+      t.index :user_id
+      t.index :client_id
+    end
+  end
+end

data/spec/dummy/db/schema.rb

@@ -0,0 +1,78 @@
+# This file is auto-generated from the current state of the database. Instead
+# of editing this file, please use the migrations feature of Active Record to
+# incrementally modify your database, and then regenerate this schema definition.
+#
+# Note that this schema.rb definition is the authoritative source for your
+# database schema. If you need to create the application database on another
+# system, you should be using db:schema:load, not running all the migrations
+# from scratch. The latter is a flawed and unsustainable approach (the more migrations
+# you'll amass, the slower it'll run and the greater likelihood for issues).
+#
+# It's strongly recommended to check this file into your version control system.
+
+ActiveRecord::Schema.define(:version => 20111014161437) do
+
+  create_table "oauth2_access_tokens", :force => true do |t|
+    t.integer  "user_id"
+    t.integer  "client_id"
+    t.integer  "refresh_token_id"
+    t.string   "token"
+    t.datetime "expires_at"
+    t.datetime "created_at"
+    t.datetime "updated_at"
+  end
+
+  add_index "oauth2_access_tokens", ["client_id"], :name => "index_oauth2_access_tokens_on_client_id"
+  add_index "oauth2_access_tokens", ["expires_at"], :name => "index_oauth2_access_tokens_on_expires_at"
+  add_index "oauth2_access_tokens", ["token"], :name => "index_oauth2_access_tokens_on_token", :unique => true
+  add_index "oauth2_access_tokens", ["user_id"], :name => "index_oauth2_access_tokens_on_user_id"
+
+  create_table "oauth2_authorization_codes", :force => true do |t|
+    t.integer  "user_id"
+    t.integer  "client_id"
+    t.string   "token"
+    t.datetime "expires_at"
+    t.string   "redirect_uri"
+    t.datetime "created_at"
+    t.datetime "updated_at"
+  end
+
+  add_index "oauth2_authorization_codes", ["client_id"], :name => "index_oauth2_authorization_codes_on_client_id"
+  add_index "oauth2_authorization_codes", ["expires_at"], :name => "index_oauth2_authorization_codes_on_expires_at"
+  add_index "oauth2_authorization_codes", ["token"], :name => "index_oauth2_authorization_codes_on_token", :unique => true
+  add_index "oauth2_authorization_codes", ["user_id"], :name => "index_oauth2_authorization_codes_on_user_id"
+
+  create_table "oauth2_clients", :force => true do |t|
+    t.string   "name"
+    t.string   "redirect_uri"
+    t.string   "website"
+    t.string   "identifier"
+    t.string   "secret"
+    t.datetime "created_at"
+    t.datetime "updated_at"
+  end
+
+  add_index "oauth2_clients", ["identifier"], :name => "index_oauth2_clients_on_identifier", :unique => true
+
+  create_table "oauth2_refresh_tokens", :force => true do |t|
+    t.integer  "user_id"
+    t.integer  "client_id"
+    t.string   "token"
+    t.datetime "expires_at"
+    t.datetime "created_at"
+    t.datetime "updated_at"
+  end
+
+  add_index "oauth2_refresh_tokens", ["client_id"], :name => "index_oauth2_refresh_tokens_on_client_id"
+  add_index "oauth2_refresh_tokens", ["expires_at"], :name => "index_oauth2_refresh_tokens_on_expires_at"
+  add_index "oauth2_refresh_tokens", ["token"], :name => "index_oauth2_refresh_tokens_on_token", :unique => true
+  add_index "oauth2_refresh_tokens", ["user_id"], :name => "index_oauth2_refresh_tokens_on_user_id"
+
+  create_table "users", :force => true do |t|
+    t.string   "email",                             :default => "", :null => false
+    t.string   "encrypted_password", :limit => 128, :default => "", :null => false
+    t.datetime "created_at"
+    t.datetime "updated_at"
+  end
+
+end

data/spec/dummy/public/404.html

@@ -0,0 +1,26 @@
+<!DOCTYPE html>
+<html>
+<head>
+  <title>The page you were looking for doesn't exist (404)</title>
+  <style type="text/css">
+    body { background-color: #fff; color: #666; text-align: center; font-family: arial, sans-serif; }
+    div.dialog {
+      width: 25em;
+      padding: 0 4em;
+      margin: 4em auto 0 auto;
+      border: 1px solid #ccc;
+      border-right-color: #999;
+      border-bottom-color: #999;
+    }
+    h1 { font-size: 100%; color: #f00; line-height: 1.5em; }
+  </style>
+</head>
+
+<body>
+  <!-- This file lives in public/404.html -->
+  <div class="dialog">
+    <h1>The page you were looking for doesn't exist.</h1>
+    <p>You may have mistyped the address or the page may have moved.</p>
+  </div>
+</body>
+</html>

data/spec/dummy/public/422.html

@@ -0,0 +1,26 @@
+<!DOCTYPE html>
+<html>
+<head>
+  <title>The change you wanted was rejected (422)</title>
+  <style type="text/css">
+    body { background-color: #fff; color: #666; text-align: center; font-family: arial, sans-serif; }
+    div.dialog {
+      width: 25em;
+      padding: 0 4em;
+      margin: 4em auto 0 auto;
+      border: 1px solid #ccc;
+      border-right-color: #999;
+      border-bottom-color: #999;
+    }
+    h1 { font-size: 100%; color: #f00; line-height: 1.5em; }
+  </style>
+</head>
+
+<body>
+  <!-- This file lives in public/422.html -->
+  <div class="dialog">
+    <h1>The change you wanted was rejected.</h1>
+    <p>Maybe you tried to change something you didn't have access to.</p>
+  </div>
+</body>
+</html>

data/spec/dummy/public/500.html

@@ -0,0 +1,26 @@
+<!DOCTYPE html>
+<html>
+<head>
+  <title>We're sorry, but something went wrong (500)</title>
+  <style type="text/css">
+    body { background-color: #fff; color: #666; text-align: center; font-family: arial, sans-serif; }
+    div.dialog {
+      width: 25em;
+      padding: 0 4em;
+      margin: 4em auto 0 auto;
+      border: 1px solid #ccc;
+      border-right-color: #999;
+      border-bottom-color: #999;
+    }
+    h1 { font-size: 100%; color: #f00; line-height: 1.5em; }
+  </style>
+</head>
+
+<body>
+  <!-- This file lives in public/500.html -->
+  <div class="dialog">
+    <h1>We're sorry, but something went wrong.</h1>
+    <p>We've been notified about this issue and we'll take a look at it shortly.</p>
+  </div>
+</body>
+</html>

data/spec/dummy/script/rails

@@ -0,0 +1,6 @@
+#!/usr/bin/env ruby
+# This command will automatically be run when you run "rails" with Rails 3 gems installed from the root of your application.
+
+APP_PATH = File.expand_path('../../config/application',  __FILE__)
+require File.expand_path('../../config/boot',  __FILE__)
+require 'rails/commands'

data/spec/factories/client_factory.rb

@@ -0,0 +1,7 @@
+FactoryGirl.define do
+  factory :client, class: 'Devise::Oauth2Providable::Client' do
+    name 'test'
+    website 'http://localhost'
+    redirect_uri 'http://localhost:3000'
+  end
+end

data/spec/factories/user_factory.rb

@@ -0,0 +1,6 @@
+FactoryGirl.define do
+  factory :user do
+    email 'ryan@socialcast.com'
+    password 'test'
+  end
+end

data/spec/integration/oauth2_authorization_token_grant_type_strategy_spec.rb

@@ -0,0 +1,137 @@
+require 'spec_helper'
+
+describe Devise::Strategies::Oauth2AuthorizationCodeGrantTypeStrategy do
+  describe 'POST /oauth2/token' do
+    describe 'with grant_type=authorization_code' do
+      context 'with valid params' do
+        let(:user) { FactoryGirl.create :user }
+        let(:client) { FactoryGirl.create :client }
+        before do
+          @authorization_code = user.authorization_codes.create!(:client => client, :redirect_uri => client.redirect_uri)
+          params = {
+            :grant_type => 'authorization_code',
+            :client_id => client.identifier,
+            :client_secret => client.secret,
+            :code => @authorization_code.token
+          }
+
+          post '/oauth2/token', params
+        end
+        it { response.code.to_i.should == 200 }
+        it { response.content_type.should == 'application/json' }
+        it 'returns json' do
+          token = Devise::Oauth2Providable::AccessToken.last
+          refresh_token = Devise::Oauth2Providable::RefreshToken.last
+          expected = {
+            :token_type => 'bearer',
+            :expires_in => 899,
+            :refresh_token => refresh_token.token,
+            :access_token => token.token
+          }
+          response.body.should match_json(expected)
+        end
+      end
+      context 'with expired authorization_code' do
+        let(:user) { FactoryGirl.create :user }
+        let(:client) { FactoryGirl.create :client }
+        before do
+          timenow = 2.days.from_now
+          Time.should_receive(:now).and_return(timenow)
+          allow(Time).to receive(:now).and_return(timenow)
+          @authorization_code = user.authorization_codes.create(:client_id => client, :redirect_uri => client.redirect_uri)
+          params = {
+            :grant_type => 'authorization_code',
+            :client_id => client.identifier,
+            :client_secret => client.secret,
+            :code => @authorization_code.token
+          }
+          allow(Time).to receive(:now).and_return(timenow + 10.minutes)
+
+          post '/oauth2/token', params
+        end
+        it { response.code.to_i.should == 400 }
+        it { response.content_type.should == 'application/json' }
+        it 'returns json' do
+          expected = {
+            :error => 'invalid_grant',
+            :error_description => 'invalid authorization code request'
+          }
+          response.body.should match_json(expected)
+        end
+      end
+      context 'with invalid authorization_code' do
+        let(:user) { FactoryGirl.create :user }
+        let(:client) { FactoryGirl.create :client }
+        before do
+          @authorization_code = user.authorization_codes.create(:client_id => client, :redirect_uri => client.redirect_uri)
+          params = {
+            :grant_type => 'authorization_code',
+            :client_id => client.identifier,
+            :client_secret => client.secret,
+            :code => 'invalid'
+          }
+
+          post '/oauth2/token', params
+        end
+        it { response.code.to_i.should == 400 }
+        it { response.content_type.should == 'application/json' }
+        it 'returns json' do
+          expected = {
+            :error => 'invalid_grant',
+            :error_description => 'invalid authorization code request'
+          }
+          response.body.should match_json(expected)
+        end
+      end
+      context 'with invalid client_secret' do
+        let(:user) { FactoryGirl.create :user }
+        let(:client) { FactoryGirl.create :client }
+        before do
+          @authorization_code = user.authorization_codes.create(:client_id => client, :redirect_uri => client.redirect_uri)
+          params = {
+            :grant_type => 'authorization_code',
+            :client_id => client.identifier,
+            :client_secret => 'invalid',
+            :code => @authorization_code.token
+          }
+
+          post '/oauth2/token', params
+        end
+        it { response.code.to_i.should == 400 }
+        it { response.content_type.should == 'application/json' }
+        it 'returns json' do
+          expected = {
+            :error => 'invalid_client',
+            :error_description => 'invalid client credentials'
+          }
+          response.body.should match_json(expected)
+        end
+      end
+      context 'with invalid client_id' do
+        let(:user) { FactoryGirl.create :user }
+        let(:client) { FactoryGirl.create :client }
+        before do
+          @authorization_code = user.authorization_codes.create(:client_id => client, :redirect_uri => client.redirect_uri)
+          params = {
+            :grant_type => 'authorization_code',
+            :client_id => 'invalid',
+            :client_secret => client.secret,
+            :code => @authorization_code.token
+          }
+
+          post '/oauth2/token', params
+        end
+        it { response.code.to_i.should == 400 }
+        it { response.content_type.should == 'application/json' }
+        it 'returns json' do
+          expected = {
+            :error => 'invalid_client',
+            :error_description => 'invalid client credentials'
+          }
+          response.body.should match_json(expected)
+        end
+      end
+    end
+  end
+end
+