canvas_oauth_engine 1.0.0

data/spec/dummy/public/404.html

@@ -0,0 +1,26 @@
+<!DOCTYPE html>
+<html>
+<head>
+  <title>The page you were looking for doesn't exist (404)</title>
+  <style type="text/css">
+    body { background-color: #fff; color: #666; text-align: center; font-family: arial, sans-serif; }
+    div.dialog {
+      width: 25em;
+      padding: 0 4em;
+      margin: 4em auto 0 auto;
+      border: 1px solid #ccc;
+      border-right-color: #999;
+      border-bottom-color: #999;
+    }
+    h1 { font-size: 100%; color: #f00; line-height: 1.5em; }
+  </style>
+</head>
+
+<body>
+  <!-- This file lives in public/404.html -->
+  <div class="dialog">
+    <h1>The page you were looking for doesn't exist.</h1>
+    <p>You may have mistyped the address or the page may have moved.</p>
+  </div>
+</body>
+</html>

data/spec/dummy/public/422.html

@@ -0,0 +1,26 @@
+<!DOCTYPE html>
+<html>
+<head>
+  <title>The change you wanted was rejected (422)</title>
+  <style type="text/css">
+    body { background-color: #fff; color: #666; text-align: center; font-family: arial, sans-serif; }
+    div.dialog {
+      width: 25em;
+      padding: 0 4em;
+      margin: 4em auto 0 auto;
+      border: 1px solid #ccc;
+      border-right-color: #999;
+      border-bottom-color: #999;
+    }
+    h1 { font-size: 100%; color: #f00; line-height: 1.5em; }
+  </style>
+</head>
+
+<body>
+  <!-- This file lives in public/422.html -->
+  <div class="dialog">
+    <h1>The change you wanted was rejected.</h1>
+    <p>Maybe you tried to change something you didn't have access to.</p>
+  </div>
+</body>
+</html>

data/spec/dummy/public/500.html

@@ -0,0 +1,25 @@
+<!DOCTYPE html>
+<html>
+<head>
+  <title>We're sorry, but something went wrong (500)</title>
+  <style type="text/css">
+    body { background-color: #fff; color: #666; text-align: center; font-family: arial, sans-serif; }
+    div.dialog {
+      width: 25em;
+      padding: 0 4em;
+      margin: 4em auto 0 auto;
+      border: 1px solid #ccc;
+      border-right-color: #999;
+      border-bottom-color: #999;
+    }
+    h1 { font-size: 100%; color: #f00; line-height: 1.5em; }
+  </style>
+</head>
+
+<body>
+  <!-- This file lives in public/500.html -->
+  <div class="dialog">
+    <h1>We're sorry, but something went wrong.</h1>
+  </div>
+</body>
+</html>

data/spec/dummy/public/robots.txt

@@ -0,0 +1,5 @@
+# See http://www.robotstxt.org/wc/norobots.html for documentation on how to use the robots.txt file
+#
+# To ban all spiders from the entire site uncomment the next two lines:
+# User-Agent: *
+# Disallow: /

data/spec/dummy/script/rails

@@ -0,0 +1,6 @@
+#!/usr/bin/env ruby
+# This command will automatically be run when you run "rails" with Rails 3 gems installed from the root of your application.
+
+APP_PATH = File.expand_path('../../config/application',  __FILE__)
+require File.expand_path('../../config/boot',  __FILE__)
+require 'rails/commands'

data/spec/lib/canvas_oauth/canvas_api_extensions_spec.rb

@@ -0,0 +1,13 @@
+require 'spec_helper'
+
+describe CanvasOauth::CanvasApiExtensions do
+  describe "build" do
+    subject { CanvasOauth::CanvasApiExtensions.build('http://test.canvas', 1, 'abc123') }
+
+    before { allow(CanvasOauth::Authorization).to receive(:fetch_token).with(1, 'abc123').and_return('token') }
+
+    it { is_expected.to be_a CanvasOauth::CanvasApi }
+    its(:token) { is_expected.to eq 'token' }
+    its(:canvas_url) { is_expected.to eq 'http://test.canvas' }
+  end
+end

data/spec/lib/canvas_oauth/canvas_api_spec.rb

@@ -0,0 +1,228 @@
+require 'spec_helper'
+
+describe CanvasOauth::CanvasApi do
+  let(:canvas) { CanvasOauth::CanvasApi.new('http://test.canvas', 'token', 'key', 'secret') }
+
+  describe "initializer" do
+    subject { canvas }
+
+    its(:canvas_url) { is_expected.to eq 'http://test.canvas' }
+    its(:token) { is_expected.to eq 'token' }
+    its(:key) { is_expected.to eq 'key' }
+    its(:secret) { is_expected.to eq 'secret' }
+  end
+
+  describe "auth_url" do
+    subject { canvas.auth_url('http://localhost:3001/canvas/oauth', 'zzxxyy') }
+
+    it { is_expected.to eq "http://test.canvas/login/oauth2/auth?client_id=key&response_type=code&state=zzxxyy&redirect_uri=http://localhost:3001/canvas/oauth" }
+  end
+
+  describe "get_access_token" do
+    it "POSTs to /login/oauth2/token" do
+      expect(CanvasOauth::CanvasApi).to receive(:post).with('/login/oauth2/token', anything()).and_return({})
+      canvas.get_access_token('code')
+    end
+
+    it "returns the access token" do
+      allow(CanvasOauth::CanvasApi).to receive(:post).and_return({ 'access_token' => 'token' })
+      expect(canvas.get_access_token('code')).to eq 'token'
+    end
+
+    it "sends the key, secret, and code as params" do
+      params = {
+        body: {
+          client_id: 'key',
+          client_secret: 'secret',
+          code: 'code'
+        }
+      }
+
+      expect(CanvasOauth::CanvasApi).to receive(:post).with(anything(), params).and_return({})
+      canvas.get_access_token('code')
+    end
+  end
+
+  describe "requests" do
+    describe "authenticated_request" do
+      it "passes the params along as-is and adds an Authorization header" do
+        expect(CanvasOauth::CanvasApi).to receive(:get).with('/path', { query: 'stuff', headers: { 'Authorization' => 'Bearer token' } })
+        canvas.authenticated_request :get, '/path', { query: 'stuff' }
+      end
+
+      it "raises an authenticate error when the response is a 401 and WWW-Authenticate is set" do
+        allow(CanvasOauth::CanvasApi).to receive(:get).and_return(double(unauthorized?: true, headers: { 'WWW-Authenticate' => true }))
+        expect { canvas.authenticated_request :get, '/path' }.to raise_error CanvasOauth::CanvasApi::Authenticate
+      end
+
+      it "raises an unauthorized error when the response is a 401" do
+        allow(CanvasOauth::CanvasApi).to receive(:get).and_return(double(unauthorized?: true, headers: {}))
+        expect { canvas.authenticated_request :get, '/path' }.to raise_error CanvasOauth::CanvasApi::Unauthorized
+      end
+    end
+
+    describe "get_courses" do
+      it "queries /api/v1/courses" do
+        expect(CanvasOauth::CanvasApi).to receive(:get).with('/api/v1/courses', anything())
+        canvas.get_courses
+      end
+    end
+
+    describe "get_account_courses" do
+      it "queries /api/v1/accounts/:id/courses" do
+        expect(CanvasOauth::CanvasApi).to receive(:get).with('/api/v1/accounts/1/courses', anything())
+        canvas.get_account_courses(1)
+      end
+
+      it "paginates" do
+        expect(canvas).to receive(:paginated_get)
+        canvas.get_account_courses(1)
+      end
+    end
+
+    describe "get account users" do
+      it "queries /api/v1/accounts/:id/users" do
+        expect(CanvasOauth::CanvasApi).to receive(:get).with('/api/v1/accounts/1/users', anything())
+        canvas.get_account_users(1)
+      end
+
+      it "paginates" do
+        expect(canvas).to receive(:paginated_get)
+        canvas.get_account_users(1)
+      end
+    end
+
+    describe "get_course" do
+      it "queries /api/v1/courses/:id" do
+        expect(CanvasOauth::CanvasApi).to receive(:get).with('/api/v1/courses/123', anything())
+        canvas.get_course('123')
+      end
+    end
+
+    describe "get_course_students" do
+      it "queries /api/v1/courses/:id/students" do
+        expect(CanvasOauth::CanvasApi).to receive(:get).with('/api/v1/courses/123/students', anything())
+        canvas.get_course_students('123')
+      end
+
+      it "paginates" do
+        expect(canvas).to receive(:paginated_get)
+        canvas.get_course_students('123')
+      end
+    end
+
+    describe "get_sections" do
+      it "queries /api/v1/courses/:id/sections" do
+        expect(CanvasOauth::CanvasApi).to receive(:get).with('/api/v1/courses/123/sections', anything())
+        canvas.get_sections('123')
+      end
+
+      it "paginates" do
+        expect(canvas).to receive(:paginated_get)
+        canvas.get_sections('123')
+      end
+    end
+
+    describe "get_assignments" do
+      it "queries /api/v1/courses/:id/assignments" do
+        expect(CanvasOauth::CanvasApi).to receive(:get).with('/api/v1/courses/123/assignments', anything())
+        canvas.get_assignments('123')
+      end
+
+      it "paginates" do
+        expect(canvas).to receive(:paginated_get)
+        canvas.get_account_courses('123')
+      end
+    end
+
+    describe "get_user_profile" do
+      it "queries /api/v1/users/:id/profile" do
+        expect(CanvasOauth::CanvasApi).to receive(:get).with('/api/v1/users/123/profile', anything())
+        canvas.get_user_profile('123')
+      end
+    end
+
+    describe "create_assignment" do
+      it "posts to /api/v1/courses/:id/assignments" do
+        expect(CanvasOauth::CanvasApi).to receive(:post).with('/api/v1/courses/123/assignments', anything())
+        canvas.create_assignment('123', name: "Assignment")
+      end
+
+      it "sets the body of the request to the assignment params" do
+        expect(canvas).to receive(:authenticated_post).with(anything(), { body: { assignment: { name: "Assignment" }}})
+        canvas.create_assignment('123', name: "Assignment")
+      end
+    end
+
+    describe "grade_assignment" do
+      it "puts to /api/v1/courses/:course_id/assignments/:assignment_id/submissions/:id" do
+        expect(CanvasOauth::CanvasApi).to receive(:put).with('/api/v1/courses/1/assignments/2/submissions/3', anything())
+        canvas.grade_assignment('1', '2', '3', {})
+      end
+
+      it "sets the body of the request to the grade params" do
+        expect(canvas).to receive(:authenticated_put).with(anything(), { body: { percentage: "80%" }})
+        canvas.grade_assignment('1', '2', '3', percentage: "80%")
+      end
+    end
+  end
+
+  describe "pagination" do
+    describe "valid_page?" do
+      let(:valid_page) { double(size: 2, nil?: false, body: '[{some:json}]') }
+      let(:same_page) { valid_page }
+      let(:blank_page) { double(size: 0, nil?: false, body: '[]') }
+
+      specify { expect(canvas.valid_page?(nil)).to be_falsey }
+      specify { expect(canvas.valid_page?(valid_page)).to be_truthy }
+      specify { expect(canvas.valid_page?(blank_page)).to be_falsey }
+    end
+
+    describe "paginated_get" do
+      it "adds per_page parameters to the request query" do
+        expect(canvas).to receive(:authenticated_get).with("/some/address", query: { per_page: 50 })
+        canvas.paginated_get "/some/address"
+      end
+
+      it "requests the next link" do
+        allow(canvas).to receive(:valid_page?) { true }
+        first_response = []
+        second_response = []
+        allow(first_response).to receive(:headers).and_return({'link' => "<https://foobar.com/some/address?page=2>; rel=\"next\", <https://foobar.com/some/address?page=2>; rel=\"last\""})
+        allow(second_response).to receive(:headers).and_return({})
+        expect(canvas).to receive(:authenticated_get).
+          exactly(2).times.and_return(first_response,second_response)
+        canvas.paginated_get "/some/address"
+      end
+
+      it "sends only one request when no next link is in the response Link header" do
+        allow(canvas).to receive(:valid_page?) { true }
+        response = [{totally: "A real fake response"}]
+        allow(response).to receive(:headers).and_return({})
+        expect(canvas).to receive(:authenticated_get).once.and_return(response)
+        canvas.paginated_get "/some/address"
+      end
+
+      it "sends just one request when an invalid result is returned" do
+        allow(canvas).to receive(:valid_page?) { false }
+        response = []
+        allow(response).to receive(:headers).and_return({})
+        expect(canvas).to receive(:authenticated_get).once.and_return(response)
+        canvas.paginated_get "/some/address"
+      end
+    end
+  end
+
+  describe "course_account_id" do
+    it "returns the 'account_id' of a course" do
+      allow(canvas).to receive(:get_course).with(1).and_return('account_id' => 3)
+      expect(canvas.course_account_id(1)).to eq 3
+    end
+  end
+
+  describe "hex_sis_id" do
+    it "encodes the passed in ID and creates an SIS ID string" do
+      expect(canvas.hex_sis_id("sis_course_id", "101")).to eq "hex:sis_course_id:313031"
+    end
+  end
+end

data/spec/models/canvas_oauth/authorization_spec.rb

@@ -0,0 +1,47 @@
+require 'spec_helper'
+
+describe CanvasOauth::Authorization do
+  it { is_expected.to validate_presence_of :canvas_user_id }
+  it { is_expected.to validate_presence_of :token }
+  it { is_expected.to validate_presence_of :last_used_at }
+
+  describe "cache_token" do
+    subject { CanvasOauth::Authorization.first }
+
+    before do
+      CanvasOauth::Authorization.cache_token('abc', 123, 'abc123')
+    end
+
+    its(:token) { is_expected.to eq 'abc' }
+    its(:canvas_user_id) { is_expected.to eq 123 }
+    its(:tool_consumer_instance_guid) { is_expected.to eq 'abc123' }
+    its(:last_used_at) { is_expected.to be_present }
+  end
+
+  describe "fetch_token" do
+    subject(:token) { CanvasOauth::Authorization.fetch_token(123, 'abc123') }
+
+    context "when a token exists" do
+      before do
+        CanvasOauth::Authorization.cache_token('abc', 123, 'abc123')
+        CanvasOauth::Authorization.cache_token('def', 123, 'abc123')
+      end
+
+      it "retrieves the latest one" do
+        expect(token).to eq 'def'
+      end
+    end
+
+    context "when a token exists with a tool_consumer_instance_guid" do
+      before do
+        CanvasOauth::Authorization.cache_token('abc', 123, 'wrong')
+      end
+
+      it { is_expected.to be_nil }
+    end
+
+    context "when no token exists" do
+      it { is_expected.to be_nil }
+    end
+  end
+end

data/spec/spec_helper.rb

@@ -0,0 +1,57 @@
+# This file is copied to spec/ when you run 'rails generate rspec:install'
+ENV["RAILS_ENV"] ||= 'test'
+require File.expand_path("../dummy/config/environment", __FILE__)
+require 'rspec/rails'
+require 'rspec/its'
+require 'webmock/rspec'
+require 'shoulda/matchers'
+
+# Requires supporting ruby files with custom matchers and macros, etc,
+# in spec/support/ and its subdirectories.
+Dir[Rails.root.join("spec/support/**/*.rb")].each {|f| require f}
+
+module CanvasOauth
+  module UrlHelpers
+    def canvas_oauth
+      ::CanvasOauth::Engine.routes.url_helpers
+    end
+
+    def main_app
+      ::Dummy::Application.routes.url_helpers
+    end
+  end
+end
+
+RSpec.configure do |config|
+  # ## Mock Framework
+  #
+  # If you prefer to use mocha, flexmock or RR, uncomment the appropriate line:
+  #
+  # config.mock_with :mocha
+  # config.mock_with :flexmock
+  # config.mock_with :rr
+
+  # Remove this line if you're not using ActiveRecord or ActiveRecord fixtures
+  config.fixture_path = "#{::Rails.root}/spec/fixtures"
+
+  # If you're not using ActiveRecord, or you'd prefer not to run each of your
+  # examples within a transaction, remove the following line or assign false
+  # instead of true.
+  config.use_transactional_fixtures = true
+
+  # If true, the base class of anonymous controllers will be inferred
+  # automatically. This will be the default behavior in future versions of
+  # rspec-rails.
+  config.infer_base_class_for_anonymous_controllers = false
+
+  # Automatically infer an example group's spec type from the file location
+  config.infer_spec_type_from_file_location!
+
+  # Run specs in random order to surface order dependencies. If you find an
+  # order dependency and want to debug it, you can fix the order by providing
+  # the seed, which is printed after each run.
+  #     --seed 1234
+  config.order = "random"
+
+  config.include CanvasOauth::UrlHelpers, type: :controller
+end