couchkeeper 0.6.7

data/spec/support/helpers/authorization_request_helper.rb

@@ -0,0 +1,32 @@
+module AuthorizationRequestHelper
+  def resource_owner_is_authenticated(resource_owner = nil)
+    resource_owner ||= User.create!(:name => "Joe", :password => "sekret")
+    Doorkeeper.configuration.instance_variable_set(:@authenticate_resource_owner, proc { resource_owner })
+  end
+
+  def resource_owner_is_not_authenticated
+    Doorkeeper.configuration.instance_variable_set(:@authenticate_resource_owner, proc { redirect_to("/sign_in") })
+  end
+
+  def default_scopes_exist(*scopes)
+    Doorkeeper.configuration.instance_variable_set(:@default_scopes, Doorkeeper::OAuth::Scopes.from_array(scopes))
+  end
+
+  def optional_scopes_exist(*scopes)
+    Doorkeeper.configuration.instance_variable_set(:@optional_scopes, Doorkeeper::OAuth::Scopes.from_array(scopes))
+  end
+
+  def client_should_be_authorized(client)
+    client.should have(1).access_grants
+  end
+
+  def client_should_not_be_authorized(client)
+    client.should have(0).access_grants
+  end
+
+  def i_should_be_on_client_callback(client)
+    client.redirect_uri.should == "#{current_uri.scheme}://#{current_uri.host}#{current_uri.path}"
+  end
+end
+
+RSpec.configuration.send :include, AuthorizationRequestHelper, :type => :request

data/spec/support/helpers/config_helper.rb

@@ -0,0 +1,9 @@
+module ConfigHelper
+  def config_is_set(setting, value = nil, &block)
+    setting_ivar = "@#{setting}"
+    value = block_given? ? block : value
+    Doorkeeper.configuration.instance_variable_set(setting_ivar, value)
+  end
+end
+
+RSpec.configuration.send :include, ConfigHelper, :type => :request

data/spec/support/helpers/model_helper.rb

@@ -0,0 +1,45 @@
+module ModelHelper
+  def client_exists(client_attributes = {})
+    @client = FactoryGirl.create(:application, client_attributes)
+  end
+
+  def create_resource_owner
+    @resource_owner = User.create!(:name => "Joe", :password => "sekret")
+  end
+
+  def authorization_code_exists(options = {})
+    @authorization = FactoryGirl.create(:access_grant, options)
+  end
+
+  def access_grant_should_exist_for(client, resource_owner)
+    grant = Doorkeeper::AccessGrant.first
+    grant.application.should == client
+    grant.resource_owner_id  == resource_owner.id
+  end
+
+  def access_token_should_exist_for(client, resource_owner)
+    grant = Doorkeeper::AccessToken.first
+    grant.application.should == client
+    grant.resource_owner_id  == resource_owner.id
+  end
+
+  def access_grant_should_not_exist
+    Doorkeeper::AccessGrant.all.should be_empty
+  end
+
+  def access_token_should_not_exist
+    Doorkeeper::AccessToken.all.should be_empty
+  end
+
+  def access_grant_should_have_scopes(*args)
+    grant = Doorkeeper::AccessGrant.first
+    grant.scopes.should == Doorkeeper::OAuth::Scopes.from_array(args)
+  end
+
+  def access_token_should_have_scopes(*args)
+    grant = Doorkeeper::AccessToken.first
+    grant.scopes.should == Doorkeeper::OAuth::Scopes.from_array(args)
+  end
+end
+
+RSpec.configuration.send :include, ModelHelper, :type => :request

data/spec/support/helpers/request_spec_helper.rb

@@ -0,0 +1,72 @@
+module RequestSpecHelper
+  def i_should_see(content)
+    page.should have_content(content)
+  end
+
+  def i_should_not_see(content)
+    page.should have_no_content(content)
+  end
+
+  def i_should_be_on(path)
+    current_path.should eq(path)
+  end
+
+  def url_should_have_param(param, value)
+    current_params[param].should == value
+  end
+
+  def url_should_not_have_param(param)
+    current_params.should_not have_key(param)
+  end
+
+  def current_params
+    Rack::Utils.parse_query(current_uri.query)
+  end
+
+  def current_uri
+    URI.parse(page.current_url)
+  end
+
+  def should_have_header(header, value)
+    headers[header].should == value
+  end
+
+  def with_access_token_header(token)
+    with_header 'Authorization', "Bearer #{token}"
+  end
+
+  def with_header(header, value)
+    page.driver.header header, value
+  end
+
+  def basic_auth_header_for_client(client)
+    ActionController::HttpAuthentication::Basic.encode_credentials client.uid, client.secret
+  end
+
+  def should_have_json(key, value)
+    JSON.parse(response.body).fetch(key).should == value
+  end
+
+  def should_not_have_json(key)
+    JSON.parse(response.body).should_not have_key(key)
+  end
+
+  def sign_in
+    visit '/'
+    click_on "Sign in"
+  end
+
+  def i_should_see_translated_error_message(key)
+    i_should_see translated_error_message(key)
+  end
+
+  def translated_error_message(key)
+    I18n.translate key, :scope => [:doorkeeper, :errors, :messages]
+  end
+
+  def response_status_should_be(status)
+    page.driver.response.status.to_i.should == status
+  end
+end
+
+RSpec.configuration.send :include, RequestSpecHelper, :type => :request

data/spec/support/helpers/url_helper.rb

@@ -0,0 +1,51 @@
+module UrlHelper
+  def token_endpoint_url(options = {})
+    parameters = {
+      :code          => options[:code],
+      :client_id     => options[:client_id]     || (options[:client] ? options[:client].uid : nil),
+      :client_secret => options[:client_secret] || (options[:client] ? options[:client].secret : nil),
+      :redirect_uri  => options[:redirect_uri]  || (options[:client] ? options[:client].redirect_uri : nil),
+      :grant_type    => options[:grant_type]    || "authorization_code",
+    }
+    "/oauth/token?#{build_query(parameters)}"
+  end
+
+  def password_token_endpoint_url(options = {})
+    parameters = {
+      :code          => options[:code],
+      :client_id     => options[:client_id]     || (options[:client] ? options[:client].uid : nil),
+      :client_secret => options[:client_secret] || (options[:client] ? options[:client].secret : nil),
+      :username      => options[:resource_owner_username] || (options[:resource_owner] ? options[:resource_owner].name : nil),
+      :password      => options[:resource_owner_password] || (options[:resource_owner] ? options[:resource_owner].password : nil),
+      :grant_type    => "password",
+    }
+    "/oauth/token?#{build_query(parameters)}"
+  end
+
+  def authorization_endpoint_url(options = {})
+    parameters = {
+      :client_id     => options[:client_id]     || options[:client].uid,
+      :redirect_uri  => options[:redirect_uri]  || options[:client].redirect_uri,
+      :response_type => options[:response_type] || "code",
+      :scope         => options[:scope],
+      :state         => options[:state],
+    }.reject { |k, v| v.blank? }
+    "/oauth/authorize?#{build_query(parameters)}"
+  end
+
+  def refresh_token_endpoint_url(options = {})
+    parameters = {
+      :refresh_token => options[:refresh_token],
+      :client_id     => options[:client_id]     || options[:client].uid,
+      :client_secret => options[:client_secret] || options[:client].secret,
+      :grant_type    => options[:grant_type]    || "refresh_token",
+    }
+    "/oauth/token?#{build_query(parameters)}"
+  end
+
+  def build_query(hash)
+    Rack::Utils.build_query(hash)
+  end
+end
+
+RSpec.configuration.send :include, UrlHelper, :type => :request

data/spec/support/orm/active_record.rb

@@ -0,0 +1,11 @@
+# load schema to in memory sqlite
+ActiveRecord::Migration.verbose = false
+load Rails.root + "db/schema.rb"
+
+module Doorkeeper
+  module OrmHelper
+  	def mock_application_owner
+      mock_model 'User', :id => 1234
+  	end
+  end
+end

data/spec/support/orm/mongo_mapper.rb

@@ -0,0 +1,26 @@
+DatabaseCleaner[:mongo_mapper].strategy = :truncation
+DatabaseCleaner[:mongo_mapper].clean_with :truncation
+
+RSpec.configure do |config|
+  config.before :suite do
+    Doorkeeper::Application.create_indexes
+    Doorkeeper::AccessGrant.create_indexes
+    Doorkeeper::AccessToken.create_indexes
+  end
+end
+
+module Doorkeeper
+  class PlaceholderApplicationOwner
+    include MongoMapper::Document
+
+    set_collection_name "placeholder_application_owners"
+    many :applications, :class => Doorkeeper::Application
+
+  end
+
+  module OrmHelper
+    def mock_application_owner
+      PlaceholderApplicationOwner.new
+    end
+  end
+end

data/spec/support/orm/mongoid.rb

@@ -0,0 +1,31 @@
+DatabaseCleaner[:mongoid].strategy = :truncation
+DatabaseCleaner[:mongoid].clean_with :truncation
+
+RSpec.configure do |config|
+  config.before do
+    Doorkeeper::Application.create_indexes
+    Doorkeeper::AccessGrant.create_indexes
+    Doorkeeper::AccessToken.create_indexes
+  end
+end
+
+module Doorkeeper
+  class PlaceholderApplicationOwner
+    include Mongoid::Document
+
+    if ::Mongoid::VERSION >= "3"
+      self.store_in :collection => :placeholder_application_owners
+    else
+      self.store_in :placeholder_application_owners
+    end
+
+    has_many :applications
+
+  end
+
+  module OrmHelper
+  	def mock_application_owner
+  		PlaceholderApplicationOwner.new
+  	end
+  end
+end

data/spec/support/shared/controllers_shared_context.rb

@@ -0,0 +1,60 @@
+shared_context "valid token", :token => :valid do
+  let :token_string do
+    "1A2B3C4D"
+  end
+
+  let :token do
+    double(Doorkeeper::AccessToken, :accessible? => true)
+  end
+
+  before :each do
+    Doorkeeper::AccessToken.stub(:authenticate).with(token_string).and_return(token)
+  end
+end
+
+shared_context "invalid token", :token => :invalid do
+  let :token_string do
+    "1A2B3C4D"
+  end
+
+  let :token do
+    double(Doorkeeper::AccessToken, :accessible? => false)
+  end
+
+  before :each do
+    Doorkeeper::AccessToken.stub(:authenticate).with(token_string).and_return(token)
+  end
+end
+
+shared_context "authenticated resource owner" do
+  before do
+    user = double(:resource, :id => 1)
+    Doorkeeper.configuration.stub(:authenticate_resource_owner) { proc do user end }
+  end
+end
+
+shared_context "not authenticated resource owner" do
+  before do
+    Doorkeeper.configuration.stub(:authenticate_resource_owner) { proc do redirect_to '/' end }
+  end
+end
+
+shared_context "valid authorization request" do
+  let :authorization do
+    double(:authorization, :valid? => true, :authorize => true, :success_redirect_uri => "http://something.com/cb?code=token")
+  end
+
+  before do
+    controller.stub(:authorization) { authorization }
+  end
+end
+
+shared_context "invalid authorization request" do
+  let :authorization do
+    double(:authorization, :valid? => false, :authorize => false, :redirect_on_error? => false)
+  end
+
+  before do
+    controller.stub(:authorization) { authorization }
+  end
+end

data/spec/support/shared/models_shared_examples.rb

@@ -0,0 +1,60 @@
+shared_examples "an accessible token" do
+  describe :accessible? do
+    it "is accessible if token is not expired" do
+      subject.stub :expired? => false
+      should be_accessible
+    end
+
+    it "is not accessible if token is expired" do
+      subject.stub :expired? => true
+      should_not be_accessible
+    end
+  end
+end
+
+shared_examples "a revocable token" do
+  describe :accessible? do
+    before { subject.save! }
+
+    it "is accessible if token is not revoked" do
+      subject.should be_accessible
+    end
+
+    it "is not accessible if token is revoked" do
+      subject.revoke
+      subject.should_not be_accessible
+    end
+  end
+end
+
+shared_examples "an unique token" do
+  describe :token do
+    it "is unique" do
+      tokens = []
+      3.times do
+        token = FactoryGirl.create(factory_name).token
+        tokens.should_not include(token)
+      end
+    end
+
+    it "is generated before validation" do
+      expect { subject.valid? }.to change { subject.token }.from(nil)
+    end
+
+    it "is not valid if token exists" do
+      token1 = FactoryGirl.create factory_name
+      token2 = FactoryGirl.create factory_name
+      token2.token = token1.token
+      token2.should_not be_valid
+    end
+
+    it 'expects database to throw an error when tokens are the same' do
+      token1 = FactoryGirl.create factory_name
+      token2 = FactoryGirl.create factory_name
+      token2.token = token1.token
+      expect {
+        token2.save!(:validate => false)
+      }.to raise_error
+    end
+  end
+end

data/spec/validators/redirect_uri_validator_spec.rb

@@ -0,0 +1,47 @@
+require 'spec_helper_integration'
+
+describe RedirectUriValidator do
+  subject do
+    FactoryGirl.create(:application)
+  end
+
+  it 'is valid when the uri is a uri' do
+    subject.redirect_uri = "http://example.com/callback"
+    subject.should be_valid
+  end
+
+  it 'accepts test redirect uri' do
+    subject.redirect_uri = 'urn:ietf:wg:oauth:2.0:oob'
+    subject.should be_valid
+  end
+
+  it 'rejects if test uri is disabled' do
+    RedirectUriValidator.stub :test_redirect_uri => nil
+    subject.redirect_uri = "urn:some:test"
+    subject.should_not be_valid
+  end
+
+  it 'is invalid when the uri is not a uri' do
+    subject.redirect_uri = ']'
+    subject.should_not be_valid
+    subject.errors[:redirect_uri].first.should == "must be a valid URI."
+  end
+
+  it 'is invalid when the uri is relative' do
+    subject.redirect_uri = "/abcd"
+    subject.should_not be_valid
+    subject.errors[:redirect_uri].first.should == "must be an absolute URI."
+  end
+
+  it 'is invalid when the uri has a fragment' do
+    subject.redirect_uri = "http://example.com/abcd#xyz"
+    subject.should_not be_valid
+    subject.errors[:redirect_uri].first.should == "cannot contain a fragment."
+  end
+
+  it 'is invalid when the uri has a query parameter' do
+    subject.redirect_uri = "http://example.com/abcd?xyz=123"
+    subject.should_not be_valid
+    subject.errors[:redirect_uri].first.should == "cannot contain a query parameter."
+  end
+end