devise_jwt_auth 0.1.1 → 0.1.6
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +3 -3
- data/app/controllers/devise_jwt_auth/application_controller.rb +15 -13
- data/app/controllers/devise_jwt_auth/concerns/resource_finder.rb +2 -6
- data/app/controllers/devise_jwt_auth/concerns/{set_user_by_jwt_token.rb → set_user_by_token.rb} +23 -19
- data/app/controllers/devise_jwt_auth/confirmations_controller.rb +10 -19
- data/app/controllers/devise_jwt_auth/omniauth_callbacks_controller.rb +32 -33
- data/app/controllers/devise_jwt_auth/passwords_controller.rb +29 -19
- data/app/controllers/devise_jwt_auth/refresh_token_controller.rb +4 -1
- data/app/controllers/devise_jwt_auth/registrations_controller.rb +40 -21
- data/app/controllers/devise_jwt_auth/sessions_controller.rb +21 -21
- data/app/controllers/devise_jwt_auth/unlocks_controller.rb +5 -4
- data/app/models/devise_jwt_auth/concerns/active_record_support.rb +3 -0
- data/app/models/devise_jwt_auth/concerns/confirmable_support.rb +7 -4
- data/app/models/devise_jwt_auth/concerns/mongoid_support.rb +3 -0
- data/app/models/devise_jwt_auth/concerns/tokens_serialization.rb +4 -1
- data/app/models/devise_jwt_auth/concerns/user.rb +18 -9
- data/app/models/devise_jwt_auth/concerns/user_omniauth_callbacks.rb +11 -3
- data/app/validators/devise_jwt_auth_email_validator.rb +5 -4
- data/lib/devise_jwt_auth/blacklist.rb +2 -0
- data/lib/devise_jwt_auth/controllers/url_helpers.rb +1 -2
- data/lib/devise_jwt_auth/engine.rb +4 -4
- data/lib/devise_jwt_auth/rails/routes.rb +35 -24
- data/lib/devise_jwt_auth/token_factory.rb +3 -2
- data/lib/devise_jwt_auth/url.rb +2 -4
- data/lib/devise_jwt_auth/version.rb +1 -1
- data/lib/generators/devise_jwt_auth/install_generator.rb +7 -6
- data/lib/generators/devise_jwt_auth/install_generator_helpers.rb +27 -6
- data/lib/generators/devise_jwt_auth/install_mongoid_generator.rb +3 -2
- data/lib/generators/devise_jwt_auth/templates/devise_jwt_auth.rb +15 -16
- data/lib/generators/devise_jwt_auth/templates/devise_jwt_auth_create_users.rb.erb +15 -11
- data/lib/generators/devise_jwt_auth/templates/user.rb.erb +2 -2
- data/test/controllers/custom/custom_confirmations_controller_test.rb +2 -2
- data/test/controllers/custom/custom_passwords_controller_test.rb +4 -4
- data/test/controllers/custom/custom_refresh_token_controller_test.rb +2 -3
- data/test/controllers/custom/custom_registrations_controller_test.rb +2 -2
- data/test/controllers/demo_mang_controller_test.rb +206 -210
- data/test/controllers/demo_user_controller_test.rb +358 -374
- data/test/controllers/devise_jwt_auth/confirmations_controller_test.rb +5 -5
- data/test/controllers/devise_jwt_auth/omniauth_callbacks_controller_test.rb +6 -7
- data/test/controllers/devise_jwt_auth/passwords_controller_test.rb +11 -13
- data/test/controllers/devise_jwt_auth/refresh_token_controller_test.rb +8 -12
- data/test/controllers/devise_jwt_auth/registrations_controller_test.rb +23 -25
- data/test/controllers/devise_jwt_auth/sessions_controller_test.rb +32 -34
- data/test/controllers/devise_jwt_auth/unlocks_controller_test.rb +2 -2
- data/test/controllers/overrides/confirmations_controller_test.rb +1 -1
- data/test/controllers/overrides/passwords_controller_test.rb +1 -1
- data/test/controllers/overrides/refresh_token_controller_test.rb +1 -2
- data/test/controllers/overrides/registrations_controller_test.rb +1 -1
- data/test/dummy/app/controllers/application_controller.rb +1 -1
- data/test/dummy/app/controllers/custom/refresh_token_controller.rb +2 -1
- data/test/dummy/app/controllers/custom/registrations_controller.rb +1 -1
- data/test/dummy/app/controllers/overrides/confirmations_controller.rb +4 -4
- data/test/dummy/app/controllers/overrides/omniauth_callbacks_controller.rb +4 -4
- data/test/dummy/app/controllers/overrides/passwords_controller.rb +4 -4
- data/test/dummy/app/controllers/overrides/refresh_token_controller.rb +1 -1
- data/test/dummy/app/controllers/overrides/registrations_controller.rb +2 -2
- data/test/dummy/app/controllers/overrides/sessions_controller.rb +2 -2
- data/test/dummy/app/models/concerns/favorite_color.rb +11 -9
- data/test/dummy/config.ru +2 -2
- data/test/dummy/config/application.rb +1 -0
- data/test/dummy/config/boot.rb +1 -1
- data/test/dummy/config/environments/test.rb +11 -7
- data/test/dummy/config/initializers/figaro.rb +1 -1
- data/test/dummy/config/initializers/omniauth.rb +2 -2
- data/test/dummy/config/routes.rb +8 -8
- data/test/dummy/db/migrate/{20140715061447_devise_token_auth_create_users.rb → 20140715061447_devise_jwt_auth_create_users.rb} +0 -0
- data/test/dummy/db/migrate/{20140715061805_devise_token_auth_create_mangs.rb → 20140715061805_devise_jwt_auth_create_mangs.rb} +0 -0
- data/test/dummy/db/migrate/{20141222035835_devise_token_auth_create_only_email_users.rb → 20141222035835_devise_jwt_auth_create_only_email_users.rb} +9 -9
- data/test/dummy/db/migrate/{20141222053502_devise_token_auth_create_unregisterable_users.rb → 20141222053502_devise_jwt_auth_create_unregisterable_users.rb} +0 -0
- data/test/dummy/db/migrate/{20150708104536_devise_token_auth_create_unconfirmable_users.rb → 20150708104536_devise_jwt_auth_create_unconfirmable_users.rb} +0 -0
- data/test/dummy/db/migrate/{20160103235141_devise_token_auth_create_scoped_users.rb → 20160103235141_devise_jwt_auth_create_scoped_users.rb} +0 -0
- data/test/dummy/db/migrate/{20160629184441_devise_token_auth_create_lockable_users.rb → 20160629184441_devise_jwt_auth_create_lockable_users.rb} +0 -0
- data/test/dummy/db/migrate/{20190924101113_devise_token_auth_create_confirmable_users.rb → 20190924101113_devise_jwt_auth_create_confirmable_users.rb} +6 -5
- data/test/dummy/db/schema.rb +170 -170
- data/test/dummy/tmp/generators/app/controllers/application_controller.rb +6 -0
- data/test/dummy/tmp/generators/app/models/user.rb +9 -0
- data/test/dummy/tmp/generators/config/initializers/devise_jwt_auth.rb +73 -0
- data/test/dummy/tmp/generators/db/migrate/20201006030349_devise_jwt_auth_create_users.rb +54 -0
- data/test/factories/users.rb +5 -3
- data/test/lib/devise_jwt_auth/token_factory_test.rb +6 -6
- data/test/lib/generators/devise_jwt_auth/install_generator_test.rb +3 -20
- data/test/lib/generators/devise_jwt_auth/install_generator_with_namespace_test.rb +4 -21
- data/test/models/concerns/tokens_serialization_test.rb +68 -68
- data/test/models/user_test.rb +35 -37
- data/test/support/controllers/routes.rb +7 -5
- data/test/test_helper.rb +1 -1
- metadata +70 -76
|
@@ -15,7 +15,7 @@ class DemoUserControllerTest < ActionDispatch::IntegrationTest
|
|
|
15
15
|
before do
|
|
16
16
|
@resource = create(:user, :confirmed)
|
|
17
17
|
@auth_headers = @resource.create_named_token_pair
|
|
18
|
-
|
|
18
|
+
|
|
19
19
|
# @token = @auth_headers['access-token']
|
|
20
20
|
# @client_id = @auth_headers['client']
|
|
21
21
|
# @expiry = @auth_headers['expiry']
|
|
@@ -58,43 +58,41 @@ class DemoUserControllerTest < ActionDispatch::IntegrationTest
|
|
|
58
58
|
assert_equal 200, response.status
|
|
59
59
|
end
|
|
60
60
|
|
|
61
|
-
|
|
62
|
-
|
|
63
|
-
|
|
64
|
-
|
|
65
|
-
|
|
66
|
-
|
|
67
|
-
|
|
68
|
-
|
|
69
|
-
|
|
70
|
-
|
|
71
|
-
|
|
72
|
-
|
|
73
|
-
|
|
74
|
-
|
|
75
|
-
|
|
76
|
-
|
|
77
|
-
|
|
78
|
-
|
|
79
|
-
|
|
80
|
-
|
|
81
|
-
|
|
82
|
-
|
|
83
|
-
|
|
84
|
-
|
|
85
|
-
|
|
86
|
-
|
|
87
|
-
|
|
88
|
-
|
|
89
|
-
|
|
90
|
-
|
|
91
|
-
|
|
92
|
-
|
|
93
|
-
|
|
94
|
-
|
|
95
|
-
|
|
96
|
-
end
|
|
97
|
-
=end
|
|
61
|
+
# it 'should receive new token after successful request' do
|
|
62
|
+
# refute_equal @token, @resp_token
|
|
63
|
+
# end
|
|
64
|
+
#
|
|
65
|
+
# it 'should preserve the client id from the first request' do
|
|
66
|
+
# assert_equal @client_id, @resp_client_id
|
|
67
|
+
# end
|
|
68
|
+
#
|
|
69
|
+
# it "should return the user's uid in the auth header" do
|
|
70
|
+
# assert_equal @resource.uid, @resp_uid
|
|
71
|
+
# end
|
|
72
|
+
#
|
|
73
|
+
# it 'should not treat this request as a batch request' do
|
|
74
|
+
# refute assigns(:is_batch_request)
|
|
75
|
+
# end
|
|
76
|
+
#
|
|
77
|
+
# describe 'subsequent requests' do
|
|
78
|
+
# before do
|
|
79
|
+
# @resource.reload
|
|
80
|
+
# # ensure that request is not treated as batch request
|
|
81
|
+
# # age_token(@resource, @client_id)
|
|
82
|
+
#
|
|
83
|
+
# get '/demo/members_only',
|
|
84
|
+
# params: {},
|
|
85
|
+
# headers: @auth_headers.merge('access-token' => @resp_token)
|
|
86
|
+
# end
|
|
87
|
+
#
|
|
88
|
+
# it 'should not treat this request as a batch request' do
|
|
89
|
+
# refute assigns(:is_batch_request)
|
|
90
|
+
# end
|
|
91
|
+
#
|
|
92
|
+
# it 'should allow a new request to be made using new token' do
|
|
93
|
+
# assert_equal 200, response.status
|
|
94
|
+
# end
|
|
95
|
+
# end
|
|
98
96
|
end
|
|
99
97
|
|
|
100
98
|
describe 'failed request' do
|
|
@@ -112,204 +110,202 @@ class DemoUserControllerTest < ActionDispatch::IntegrationTest
|
|
|
112
110
|
assert_equal 401, response.status
|
|
113
111
|
end
|
|
114
112
|
end
|
|
115
|
-
|
|
116
|
-
|
|
117
|
-
|
|
118
|
-
|
|
119
|
-
|
|
120
|
-
|
|
121
|
-
|
|
122
|
-
|
|
123
|
-
|
|
124
|
-
|
|
125
|
-
|
|
126
|
-
|
|
127
|
-
|
|
128
|
-
|
|
129
|
-
|
|
130
|
-
|
|
131
|
-
|
|
132
|
-
|
|
133
|
-
|
|
134
|
-
|
|
135
|
-
|
|
136
|
-
|
|
137
|
-
|
|
138
|
-
|
|
139
|
-
|
|
140
|
-
|
|
141
|
-
|
|
142
|
-
|
|
143
|
-
|
|
144
|
-
|
|
145
|
-
|
|
146
|
-
|
|
147
|
-
|
|
148
|
-
|
|
149
|
-
|
|
150
|
-
|
|
151
|
-
|
|
152
|
-
|
|
153
|
-
|
|
154
|
-
|
|
155
|
-
|
|
156
|
-
|
|
157
|
-
|
|
158
|
-
|
|
159
|
-
|
|
160
|
-
|
|
161
|
-
|
|
162
|
-
|
|
163
|
-
|
|
164
|
-
|
|
165
|
-
|
|
166
|
-
|
|
167
|
-
|
|
168
|
-
|
|
169
|
-
|
|
170
|
-
|
|
171
|
-
|
|
172
|
-
|
|
173
|
-
|
|
174
|
-
|
|
175
|
-
|
|
176
|
-
|
|
177
|
-
|
|
178
|
-
|
|
179
|
-
describe '
|
|
180
|
-
|
|
181
|
-
|
|
182
|
-
|
|
183
|
-
|
|
184
|
-
|
|
185
|
-
|
|
186
|
-
|
|
187
|
-
|
|
188
|
-
|
|
189
|
-
|
|
190
|
-
|
|
191
|
-
|
|
192
|
-
|
|
193
|
-
|
|
194
|
-
|
|
195
|
-
|
|
196
|
-
|
|
197
|
-
|
|
198
|
-
|
|
199
|
-
|
|
200
|
-
|
|
201
|
-
|
|
202
|
-
|
|
203
|
-
|
|
204
|
-
|
|
205
|
-
|
|
206
|
-
|
|
207
|
-
|
|
208
|
-
|
|
209
|
-
|
|
210
|
-
|
|
211
|
-
|
|
212
|
-
|
|
213
|
-
|
|
214
|
-
|
|
215
|
-
|
|
216
|
-
|
|
217
|
-
|
|
218
|
-
|
|
219
|
-
|
|
220
|
-
|
|
221
|
-
|
|
222
|
-
|
|
223
|
-
|
|
224
|
-
|
|
225
|
-
|
|
226
|
-
|
|
227
|
-
|
|
228
|
-
|
|
229
|
-
|
|
230
|
-
|
|
231
|
-
|
|
232
|
-
|
|
233
|
-
|
|
234
|
-
|
|
235
|
-
|
|
236
|
-
|
|
237
|
-
|
|
238
|
-
|
|
239
|
-
|
|
240
|
-
|
|
241
|
-
|
|
242
|
-
|
|
243
|
-
|
|
244
|
-
|
|
245
|
-
|
|
246
|
-
|
|
247
|
-
|
|
248
|
-
|
|
249
|
-
|
|
250
|
-
|
|
251
|
-
|
|
252
|
-
|
|
253
|
-
|
|
254
|
-
|
|
255
|
-
|
|
256
|
-
|
|
257
|
-
|
|
258
|
-
|
|
259
|
-
|
|
260
|
-
|
|
261
|
-
|
|
262
|
-
|
|
263
|
-
|
|
264
|
-
|
|
265
|
-
|
|
266
|
-
|
|
267
|
-
|
|
268
|
-
|
|
269
|
-
|
|
270
|
-
|
|
271
|
-
|
|
272
|
-
|
|
273
|
-
|
|
274
|
-
|
|
275
|
-
|
|
276
|
-
|
|
277
|
-
|
|
278
|
-
|
|
279
|
-
|
|
280
|
-
|
|
281
|
-
|
|
282
|
-
|
|
283
|
-
|
|
284
|
-
|
|
285
|
-
|
|
286
|
-
|
|
287
|
-
|
|
288
|
-
|
|
289
|
-
|
|
290
|
-
|
|
291
|
-
|
|
292
|
-
|
|
293
|
-
|
|
294
|
-
|
|
295
|
-
|
|
296
|
-
|
|
297
|
-
|
|
298
|
-
|
|
299
|
-
|
|
300
|
-
|
|
301
|
-
|
|
302
|
-
|
|
303
|
-
|
|
304
|
-
|
|
305
|
-
|
|
306
|
-
|
|
307
|
-
|
|
308
|
-
|
|
309
|
-
|
|
310
|
-
|
|
311
|
-
end
|
|
312
|
-
=end
|
|
113
|
+
# describe 'disable change_headers_on_each_request' do
|
|
114
|
+
# before do
|
|
115
|
+
# DeviseJwtAuth.change_headers_on_each_request = false
|
|
116
|
+
# @resource.reload
|
|
117
|
+
# # age_token(@resource, @client_id)
|
|
118
|
+
#
|
|
119
|
+
# get '/demo/members_only',
|
|
120
|
+
# params: {},
|
|
121
|
+
# headers: @auth_headers
|
|
122
|
+
#
|
|
123
|
+
# @first_is_batch_request = assigns(:is_batch_request)
|
|
124
|
+
# @first_user = assigns(:resource).dup
|
|
125
|
+
# @first_access_token = response.headers['access-token']
|
|
126
|
+
# @first_response_status = response.status
|
|
127
|
+
#
|
|
128
|
+
# @resource.reload
|
|
129
|
+
# # age_token(@resource, @client_id)
|
|
130
|
+
#
|
|
131
|
+
# # use expired auth header
|
|
132
|
+
# get '/demo/members_only',
|
|
133
|
+
# params: {},
|
|
134
|
+
# headers: @auth_headers
|
|
135
|
+
#
|
|
136
|
+
# @second_is_batch_request = assigns(:is_batch_request)
|
|
137
|
+
# @second_user = assigns(:resource).dup
|
|
138
|
+
# @second_access_token = response.headers['access-token']
|
|
139
|
+
# @second_response_status = response.status
|
|
140
|
+
# end
|
|
141
|
+
#
|
|
142
|
+
# after do
|
|
143
|
+
# DeviseJwtAuth.change_headers_on_each_request = true
|
|
144
|
+
# end
|
|
145
|
+
#
|
|
146
|
+
# it 'should allow the first request through' do
|
|
147
|
+
# assert_equal 200, @first_response_status
|
|
148
|
+
# end
|
|
149
|
+
#
|
|
150
|
+
# it 'should allow the second request through' do
|
|
151
|
+
# assert_equal 200, @second_response_status
|
|
152
|
+
# end
|
|
153
|
+
#
|
|
154
|
+
# it 'should return auth headers from the first request' do
|
|
155
|
+
# assert @first_access_token
|
|
156
|
+
# end
|
|
157
|
+
#
|
|
158
|
+
# it 'should not treat either requests as batch requests' do
|
|
159
|
+
# refute @first_is_batch_request
|
|
160
|
+
# refute @second_is_batch_request
|
|
161
|
+
# end
|
|
162
|
+
#
|
|
163
|
+
# it 'should return auth headers from the second request' do
|
|
164
|
+
# assert @second_access_token
|
|
165
|
+
# end
|
|
166
|
+
#
|
|
167
|
+
# it 'should define user during first request' do
|
|
168
|
+
# assert @first_user
|
|
169
|
+
# end
|
|
170
|
+
#
|
|
171
|
+
# it 'should define user during second request' do
|
|
172
|
+
# assert @second_user
|
|
173
|
+
# end
|
|
174
|
+
# end
|
|
175
|
+
#
|
|
176
|
+
# describe 'batch requests' do
|
|
177
|
+
# describe 'success' do
|
|
178
|
+
# before do
|
|
179
|
+
# # age_token(@resource, @client_id)
|
|
180
|
+
#
|
|
181
|
+
# get '/demo/members_only',
|
|
182
|
+
# params: {},
|
|
183
|
+
# headers: @auth_headers
|
|
184
|
+
#
|
|
185
|
+
# @first_is_batch_request = assigns(:is_batch_request)
|
|
186
|
+
# @first_user = assigns(:resource)
|
|
187
|
+
# @first_access_token = response.headers['access-token']
|
|
188
|
+
#
|
|
189
|
+
# get '/demo/members_only',
|
|
190
|
+
# params: {},
|
|
191
|
+
# headers: @auth_headers
|
|
192
|
+
#
|
|
193
|
+
# @second_is_batch_request = assigns(:is_batch_request)
|
|
194
|
+
# @second_user = assigns(:resource)
|
|
195
|
+
# @second_access_token = response.headers['access-token']
|
|
196
|
+
# end
|
|
197
|
+
#
|
|
198
|
+
# it 'should allow both requests through' do
|
|
199
|
+
# assert_equal 200, response.status
|
|
200
|
+
# end
|
|
201
|
+
#
|
|
202
|
+
# it 'should not treat the first request as a batch request' do
|
|
203
|
+
# refute @first_is_batch_request
|
|
204
|
+
# end
|
|
205
|
+
#
|
|
206
|
+
# it 'should treat the second request as a batch request' do
|
|
207
|
+
# assert @second_is_batch_request
|
|
208
|
+
# end
|
|
209
|
+
#
|
|
210
|
+
# it 'should return access token for first (non-batch) request' do
|
|
211
|
+
# assert @first_access_token
|
|
212
|
+
# end
|
|
213
|
+
#
|
|
214
|
+
# it 'should not return auth headers for second (batched) requests' do
|
|
215
|
+
# assert_equal ' ', @second_access_token
|
|
216
|
+
# end
|
|
217
|
+
# end
|
|
218
|
+
#
|
|
219
|
+
# describe 'unbatch' do
|
|
220
|
+
# before do
|
|
221
|
+
# @resource.reload
|
|
222
|
+
# # age_token(@resource, @client_id)
|
|
223
|
+
#
|
|
224
|
+
# get '/demo/members_only',
|
|
225
|
+
# params: {},
|
|
226
|
+
# headers: @auth_headers
|
|
227
|
+
#
|
|
228
|
+
# @first_is_batch_request = assigns(:is_batch_request)
|
|
229
|
+
# @first_user = assigns(:resource).dup
|
|
230
|
+
# @first_access_token = response.headers['access-token']
|
|
231
|
+
# @first_response_status = response.status
|
|
232
|
+
#
|
|
233
|
+
# get '/demo/members_only?unbatch=true',
|
|
234
|
+
# params: {},
|
|
235
|
+
# headers: @auth_headers
|
|
236
|
+
#
|
|
237
|
+
# @second_is_batch_request = assigns(:is_batch_request)
|
|
238
|
+
# @second_user = assigns(:resource)
|
|
239
|
+
# @second_access_token = response.headers['access-token']
|
|
240
|
+
# @second_response_status = response.status
|
|
241
|
+
# end
|
|
242
|
+
#
|
|
243
|
+
# it 'should NOT treat the second request as a batch request when "unbatch" param is set' do
|
|
244
|
+
# refute @second_is_batch_request
|
|
245
|
+
# end
|
|
246
|
+
# end
|
|
247
|
+
#
|
|
248
|
+
# describe 'time out' do
|
|
249
|
+
# before do
|
|
250
|
+
# @resource.reload
|
|
251
|
+
# # age_token(@resource, @client_id)
|
|
252
|
+
#
|
|
253
|
+
# get '/demo/members_only',
|
|
254
|
+
# params: {},
|
|
255
|
+
# headers: @auth_headers
|
|
256
|
+
#
|
|
257
|
+
# @first_is_batch_request = assigns(:is_batch_request)
|
|
258
|
+
# @first_user = assigns(:resource).dup
|
|
259
|
+
# @first_access_token = response.headers['access-token']
|
|
260
|
+
# @first_response_status = response.status
|
|
261
|
+
#
|
|
262
|
+
# @resource.reload
|
|
263
|
+
# # age_token(@resource, @client_id)
|
|
264
|
+
#
|
|
265
|
+
# # use expired auth header
|
|
266
|
+
# get '/demo/members_only',
|
|
267
|
+
# params: {},
|
|
268
|
+
# headers: @auth_headers
|
|
269
|
+
#
|
|
270
|
+
# @second_is_batch_request = assigns(:is_batch_request)
|
|
271
|
+
# @second_user = assigns(:resource)
|
|
272
|
+
# @second_access_token = response.headers['access-token']
|
|
273
|
+
# @second_response_status = response.status
|
|
274
|
+
# end
|
|
275
|
+
#
|
|
276
|
+
# it 'should allow the first request through' do
|
|
277
|
+
# assert_equal 200, @first_response_status
|
|
278
|
+
# end
|
|
279
|
+
#
|
|
280
|
+
# it 'should not allow the second request through' do
|
|
281
|
+
# assert_equal 401, @second_response_status
|
|
282
|
+
# end
|
|
283
|
+
#
|
|
284
|
+
# it 'should not treat first request as batch request' do
|
|
285
|
+
# refute @second_is_batch_request
|
|
286
|
+
# end
|
|
287
|
+
#
|
|
288
|
+
# it 'should return auth headers from the first request' do
|
|
289
|
+
# assert @first_access_token
|
|
290
|
+
# end
|
|
291
|
+
#
|
|
292
|
+
# it 'should not treat second request as batch request' do
|
|
293
|
+
# refute @second_is_batch_request
|
|
294
|
+
# end
|
|
295
|
+
#
|
|
296
|
+
# it 'should not return auth headers from the second request' do
|
|
297
|
+
# refute @second_access_token
|
|
298
|
+
# end
|
|
299
|
+
#
|
|
300
|
+
# it 'should define user during first request' do
|
|
301
|
+
# assert @first_user
|
|
302
|
+
# end
|
|
303
|
+
#
|
|
304
|
+
# it 'should not define user during second request' do
|
|
305
|
+
# refute @second_user
|
|
306
|
+
# end
|
|
307
|
+
# end
|
|
308
|
+
# end
|
|
313
309
|
|
|
314
310
|
describe 'successful password change' do
|
|
315
311
|
before do
|
|
@@ -353,121 +349,114 @@ class DemoUserControllerTest < ActionDispatch::IntegrationTest
|
|
|
353
349
|
end
|
|
354
350
|
end
|
|
355
351
|
|
|
356
|
-
|
|
357
|
-
describe '
|
|
358
|
-
|
|
359
|
-
|
|
360
|
-
|
|
361
|
-
|
|
362
|
-
|
|
363
|
-
|
|
364
|
-
|
|
365
|
-
|
|
366
|
-
|
|
367
|
-
|
|
368
|
-
|
|
369
|
-
|
|
370
|
-
|
|
371
|
-
|
|
372
|
-
|
|
373
|
-
|
|
374
|
-
|
|
375
|
-
|
|
376
|
-
|
|
377
|
-
|
|
378
|
-
|
|
379
|
-
|
|
380
|
-
|
|
381
|
-
|
|
382
|
-
|
|
383
|
-
|
|
384
|
-
|
|
385
|
-
|
|
386
|
-
|
|
387
|
-
|
|
388
|
-
|
|
389
|
-
end
|
|
390
|
-
=end
|
|
352
|
+
# describe 'request including destroy of token' do
|
|
353
|
+
# describe 'when change_headers_on_each_request is set to false' do
|
|
354
|
+
# before do
|
|
355
|
+
# DeviseJwtAuth.change_headers_on_each_request = false
|
|
356
|
+
# # age_token(@resource, @client_id)
|
|
357
|
+
#
|
|
358
|
+
# get '/demo/members_only_remove_token',
|
|
359
|
+
# params: {},
|
|
360
|
+
# headers: @auth_headers
|
|
361
|
+
# end
|
|
362
|
+
#
|
|
363
|
+
# after do
|
|
364
|
+
# DeviseJwtAuth.change_headers_on_each_request = true
|
|
365
|
+
# end
|
|
366
|
+
#
|
|
367
|
+
# it 'should not return auth-headers' do
|
|
368
|
+
# refute response.headers['access-token']
|
|
369
|
+
# end
|
|
370
|
+
# end
|
|
371
|
+
#
|
|
372
|
+
# describe 'when change_headers_on_each_request is set to true' do
|
|
373
|
+
# before do
|
|
374
|
+
# # age_token(@resource, @client_id)
|
|
375
|
+
# get '/demo/members_only_remove_token',
|
|
376
|
+
# params: {},
|
|
377
|
+
# headers: @auth_headers
|
|
378
|
+
# end
|
|
379
|
+
#
|
|
380
|
+
# it 'should not return auth-headers' do
|
|
381
|
+
# refute response.headers['access-token']
|
|
382
|
+
# end
|
|
383
|
+
# end
|
|
384
|
+
# end
|
|
391
385
|
|
|
392
386
|
describe 'when access-token name has been changed' do
|
|
393
387
|
before do
|
|
394
388
|
# ensure that request is not treated as batch request
|
|
395
389
|
# DeviseJwtAuth.headers_names[:'access-token'] = 'new-access-token'
|
|
396
390
|
DeviseJwtAuth.access_token_name = 'new-access-token'
|
|
397
|
-
|
|
398
|
-
|
|
391
|
+
|
|
399
392
|
auth_headers_modified = @resource.create_named_token_pair
|
|
400
|
-
|
|
393
|
+
|
|
401
394
|
# client_id = auth_headers_modified['client']
|
|
402
395
|
# age_token(@resource, client_id)
|
|
403
|
-
|
|
396
|
+
|
|
404
397
|
get '/demo/members_only',
|
|
405
|
-
|
|
406
|
-
|
|
407
|
-
|
|
398
|
+
params: {},
|
|
399
|
+
headers: auth_headers_modified
|
|
400
|
+
|
|
408
401
|
# @resp_token = response.headers['new-access-token']
|
|
409
402
|
# TODO: do we want to send access-tokens with every response?
|
|
410
403
|
@data = JSON.parse(response.body)
|
|
411
404
|
end
|
|
412
|
-
|
|
413
|
-
|
|
414
|
-
|
|
415
|
-
|
|
416
|
-
end
|
|
417
|
-
=end
|
|
405
|
+
# it 'should have "new-access-token" in reponse' do
|
|
406
|
+
# # assert @resp_token.present?
|
|
407
|
+
# # assert @data['new-access-token']
|
|
408
|
+
# end
|
|
418
409
|
after do
|
|
419
410
|
# DeviseJwtAuth.headers_names[:'access-token'] = 'access-token'
|
|
420
411
|
DeviseJwtAuth.access_token_name = 'access-token'
|
|
421
412
|
end
|
|
422
413
|
end
|
|
423
414
|
|
|
424
|
-
|
|
425
|
-
|
|
426
|
-
|
|
427
|
-
|
|
428
|
-
|
|
429
|
-
|
|
430
|
-
|
|
431
|
-
|
|
432
|
-
|
|
433
|
-
|
|
434
|
-
|
|
435
|
-
|
|
436
|
-
|
|
437
|
-
|
|
438
|
-
|
|
439
|
-
|
|
440
|
-
|
|
441
|
-
|
|
442
|
-
|
|
443
|
-
|
|
444
|
-
|
|
445
|
-
|
|
446
|
-
|
|
447
|
-
|
|
448
|
-
|
|
449
|
-
|
|
450
|
-
|
|
451
|
-
|
|
452
|
-
|
|
453
|
-
|
|
454
|
-
|
|
455
|
-
|
|
456
|
-
|
|
457
|
-
|
|
458
|
-
|
|
459
|
-
|
|
460
|
-
|
|
461
|
-
|
|
462
|
-
|
|
463
|
-
|
|
464
|
-
|
|
465
|
-
|
|
466
|
-
|
|
467
|
-
|
|
468
|
-
|
|
469
|
-
end
|
|
470
|
-
=end
|
|
415
|
+
# describe 'maximum concurrent devices per user' do
|
|
416
|
+
# before do
|
|
417
|
+
# # Set the max_number_of_devices to a lower number
|
|
418
|
+
# # to expedite tests! (Default is 10)
|
|
419
|
+
# DeviseJwtAuth.max_number_of_devices = 5
|
|
420
|
+
# end
|
|
421
|
+
#
|
|
422
|
+
# it 'should limit the maximum number of concurrent devices' do
|
|
423
|
+
# # increment the number of devices until the maximum is exceeded
|
|
424
|
+
# 1.upto(DeviseJwtAuth.max_number_of_devices + 1).each do |n|
|
|
425
|
+
#
|
|
426
|
+
# assert_equal(
|
|
427
|
+
# [n, DeviseJwtAuth.max_number_of_devices].min,
|
|
428
|
+
# @resource.reload.tokens.length
|
|
429
|
+
# )
|
|
430
|
+
#
|
|
431
|
+
# # Add a new device (and token) ahead of the next iteration
|
|
432
|
+
# # @resource.create_new_auth_token
|
|
433
|
+
# create_token_header(@resource)
|
|
434
|
+
# end
|
|
435
|
+
# end
|
|
436
|
+
#
|
|
437
|
+
# it 'should drop the oldest token when the maximum number of devices is exceeded' do
|
|
438
|
+
# # create the maximum number of tokens
|
|
439
|
+
# 1.upto(DeviseJwtAuth.max_number_of_devices).each do
|
|
440
|
+
# # @resource.create_new_auth_token
|
|
441
|
+
# create_token_header(@resource)
|
|
442
|
+
# end
|
|
443
|
+
#
|
|
444
|
+
# # get the oldest token client_id
|
|
445
|
+
# oldest_client_id, = @resource.reload.tokens.min_by do |cid, v|
|
|
446
|
+
# v[:expiry] || v['expiry']
|
|
447
|
+
# end # => [ 'CLIENT_ID', {token: ...} ]
|
|
448
|
+
#
|
|
449
|
+
# # create another token, thereby dropping the oldest token
|
|
450
|
+
# # @resource.create_new_auth_token
|
|
451
|
+
# create_token_header(@resource)
|
|
452
|
+
#
|
|
453
|
+
# assert_not_includes @resource.reload.tokens.keys, oldest_client_id
|
|
454
|
+
# end
|
|
455
|
+
#
|
|
456
|
+
# after do
|
|
457
|
+
# DeviseJwtAuth.max_number_of_devices = 10
|
|
458
|
+
# end
|
|
459
|
+
# end
|
|
471
460
|
end
|
|
472
461
|
|
|
473
462
|
describe 'bypass_sign_in' do
|
|
@@ -560,30 +549,27 @@ class DemoUserControllerTest < ActionDispatch::IntegrationTest
|
|
|
560
549
|
it 'should not define current_mang' do
|
|
561
550
|
refute_equal @resource, @controller.current_mang
|
|
562
551
|
end
|
|
563
|
-
|
|
564
552
|
end
|
|
565
553
|
|
|
566
554
|
it 'should return success status' do
|
|
567
555
|
assert_equal 200, response.status
|
|
568
556
|
end
|
|
569
557
|
|
|
570
|
-
|
|
571
|
-
|
|
572
|
-
|
|
573
|
-
|
|
574
|
-
|
|
575
|
-
|
|
576
|
-
|
|
577
|
-
|
|
578
|
-
|
|
579
|
-
|
|
580
|
-
|
|
581
|
-
|
|
582
|
-
|
|
583
|
-
|
|
584
|
-
|
|
585
|
-
end
|
|
586
|
-
=end
|
|
558
|
+
# it 'should receive new token after successful request' do
|
|
559
|
+
# assert @resp_token
|
|
560
|
+
# end
|
|
561
|
+
#
|
|
562
|
+
# it 'should set the token expiry in the auth header' do
|
|
563
|
+
# assert @resp_expiry
|
|
564
|
+
# end
|
|
565
|
+
#
|
|
566
|
+
# it 'should return the client id in the auth header' do
|
|
567
|
+
# assert @resp_client_id
|
|
568
|
+
# end
|
|
569
|
+
#
|
|
570
|
+
# it "should return the user's uid in the auth header" do
|
|
571
|
+
# assert @resp_uid
|
|
572
|
+
# end
|
|
587
573
|
end
|
|
588
574
|
|
|
589
575
|
describe 'existing Warden authentication with ignored token data' do
|
|
@@ -619,31 +605,29 @@ class DemoUserControllerTest < ActionDispatch::IntegrationTest
|
|
|
619
605
|
assert_equal 200, response.status
|
|
620
606
|
end
|
|
621
607
|
|
|
622
|
-
|
|
623
|
-
|
|
624
|
-
|
|
625
|
-
|
|
626
|
-
|
|
627
|
-
|
|
628
|
-
|
|
629
|
-
|
|
630
|
-
|
|
631
|
-
|
|
632
|
-
|
|
633
|
-
|
|
634
|
-
|
|
635
|
-
|
|
636
|
-
|
|
637
|
-
|
|
638
|
-
|
|
639
|
-
|
|
640
|
-
|
|
641
|
-
|
|
642
|
-
|
|
643
|
-
|
|
644
|
-
|
|
645
|
-
end
|
|
646
|
-
=end
|
|
608
|
+
# it 'should receive new token after successful request' do
|
|
609
|
+
# assert @resp_token
|
|
610
|
+
# end
|
|
611
|
+
#
|
|
612
|
+
# it 'should set the token expiry in the auth header' do
|
|
613
|
+
# assert @resp_expiry
|
|
614
|
+
# end
|
|
615
|
+
#
|
|
616
|
+
# it 'should return the client id in the auth header' do
|
|
617
|
+
# assert @resp_client_id
|
|
618
|
+
# end
|
|
619
|
+
#
|
|
620
|
+
# it "should not use the existing token's client" do
|
|
621
|
+
# refute_equal @auth_headers['client'], @resp_client_id
|
|
622
|
+
# end
|
|
623
|
+
#
|
|
624
|
+
# it "should return the user's uid in the auth header" do
|
|
625
|
+
# assert @resp_uid
|
|
626
|
+
# end
|
|
627
|
+
#
|
|
628
|
+
# it "should not return the token user's uid in the auth header" do
|
|
629
|
+
# refute_equal @resp_uid, @auth_headers['uid']
|
|
630
|
+
# end
|
|
647
631
|
end
|
|
648
632
|
end
|
|
649
633
|
end
|