devise_jwt_auth 0.1.4 → 0.2.0

data/test/controllers/devise_jwt_auth/passwords_controller_test.rb

@@ -13,7 +13,7 @@ class DeviseJwtAuth::PasswordsControllerTest < ActionController::TestCase
     describe 'Password reset' do
       before do
         @resource = create(:user, :confirmed)
-        @redirect_url = 'http://ng-token-auth.dev'
+        @redirect_url = 'http://ng-jwt-auth.dev'
       end
 
       describe 'not email should return 401' do
@@ -66,7 +66,7 @@ class DeviseJwtAuth::PasswordsControllerTest < ActionController::TestCase
         describe 'for edit' do
           before do
             get_reset_token
-            get :edit, params: { reset_password_token: @mail_reset_token}
+            get :edit, params: { reset_password_token: @mail_reset_token }
             @data = JSON.parse(response.body)
           end
 
@@ -109,7 +109,7 @@ class DeviseJwtAuth::PasswordsControllerTest < ActionController::TestCase
             assert @data['errors']
             assert_equal @data['errors'],
                          [I18n.t('devise_jwt_auth.passwords.user_not_found',
-                                 email: 'chester@cheet.ah')]
+                         email: 'chester@cheet.ah')]
           end
 
           test 'response should not have refresh cookie' do
@@ -143,9 +143,9 @@ class DeviseJwtAuth::PasswordsControllerTest < ActionController::TestCase
             @resource.reload
             @data = JSON.parse(response.body)
 
-            @mail_config_name  = CGI.unescape(@mail.body.match(/config=([^&]*)&/)[1])
+            # @mail_config_name  = CGI.unescape(@mail.body.match(/config=([^&]*)&/)[1])
             @mail_redirect_url = CGI.unescape(@mail.body.match(/redirect_url=([^&]*)&/)[1])
-            @mail_reset_token  = @mail.body.match(/reset_password_token=(.*)\"/)[1]
+            @mail_reset_token  = @mail.body.match(/reset_password_token=(.*)"/)[1]
           end
 
           test 'response should return success status' do
@@ -178,9 +178,9 @@ class DeviseJwtAuth::PasswordsControllerTest < ActionController::TestCase
             assert_equal @redirect_url, @mail_redirect_url
           end
 
-          test 'the client config name should fall back to "default"' do
-            assert_equal 'default', @mail_config_name
-          end
+          # test 'the client config name should fall back to "default"' do
+          #   assert_equal 'default', @mail_config_name
+          # end
 
           test 'the email body should contain a link with reset token as a query param' do
             user = User.reset_password_by_token(reset_password_token: @mail_reset_token)
@@ -209,9 +209,9 @@ class DeviseJwtAuth::PasswordsControllerTest < ActionController::TestCase
               raw_qs = response.location.split('?')[1]
               @qs = Rack::Utils.parse_nested_query(raw_qs)
 
-              @access_token   = @qs[DeviseJwtAuth.access_token_name]
-              @reset_password = @qs['reset_password']
-              @refresh_token  = response.cookies[DeviseJwtAuth.refresh_token_name]
+              # @access_token   = @qs[DeviseJwtAuth.access_token_name]
+              # @reset_password = @qs['reset_password']
+              @refresh_token = response.cookies[DeviseJwtAuth.refresh_token_name]
             end
 
             test 'response should have success redirect status' do
@@ -219,14 +219,14 @@ class DeviseJwtAuth::PasswordsControllerTest < ActionController::TestCase
             end
 
             test 'response should contain auth params' do
-              assert @access_token
-              assert @reset_password
+              # assert @access_token
+              # assert @reset_password
               assert @refresh_token
             end
 
             test 'access and refresh tokens should be valid' do
-              payload = DeviseJwtAuth::TokenFactory.decode_access_token(@access_token)
-              assert payload['sub']
+              # payload = DeviseJwtAuth::TokenFactory.decode_access_token(@access_token)
+              # assert payload['sub']
               payload = DeviseJwtAuth::TokenFactory.decode_refresh_token(@refresh_token)
               assert payload['sub']
             end
@@ -237,7 +237,7 @@ class DeviseJwtAuth::PasswordsControllerTest < ActionController::TestCase
           before do
             @resource_class = User
             @request_params = {
-              email:        @resource.email.upcase,
+              email: @resource.email.upcase,
               redirect_url: @redirect_url
             }
           end
@@ -264,13 +264,12 @@ class DeviseJwtAuth::PasswordsControllerTest < ActionController::TestCase
 
             @mail = ActionMailer::Base.deliveries.last
             @mail_redirect_url = CGI.unescape(@mail.body.match(/redirect_url=([^&]*)&/)[1])
-            @mail_reset_token  = @mail.body.match(/reset_password_token=(.*)\"/)[1]
+            @mail_reset_token  = @mail.body.match(/reset_password_token=(.*)"/)[1]
 
             @resource.reload
           end
 
           describe 'reset_password_token is valid' do
-
             test 'mail_reset_token should be the same as reset_password_token' do
               assert_equal Devise.token_generator.digest(self, :reset_password_token, @mail_reset_token), @resource.reset_password_token
             end
@@ -341,7 +340,7 @@ class DeviseJwtAuth::PasswordsControllerTest < ActionController::TestCase
       describe 'Using default_password_reset_url' do
         before do
           @resource = create(:user, :confirmed)
-          @redirect_url = 'http://ng-token-auth.dev'
+          @redirect_url = 'http://ng-jwt-auth.dev'
 
           DeviseJwtAuth.default_password_reset_url = @redirect_url
 
@@ -492,7 +491,7 @@ class DeviseJwtAuth::PasswordsControllerTest < ActionController::TestCase
 
             @mail = ActionMailer::Base.deliveries.last
             @mail_redirect_url = CGI.unescape(@mail.body.match(/redirect_url=([^&]*)&/)[1])
-            @mail_reset_token  = @mail.body.match(/reset_password_token=(.*)\"/)[1]
+            @mail_reset_token  = @mail.body.match(/reset_password_token=(.*)"/)[1]
 
             # confirm via password reset email link
             get :edit, params: { reset_password_token: @mail_reset_token,
@@ -568,10 +567,9 @@ class DeviseJwtAuth::PasswordsControllerTest < ActionController::TestCase
             DeviseJwtAuth.require_client_password_reset_token = true
             @redirect_url = 'http://client-app.dev'
             get_reset_token
-            edit_url = CGI.unescape(@mail.body.match(/href=\"(.+)\"/)[1])
+            edit_url = CGI.unescape(@mail.body.match(/href="(.+)"/)[1])
             query_parts = Rack::Utils.parse_nested_query(URI.parse(edit_url).query)
             get :edit, params: query_parts
-            
           end
 
           test 'reponse should be redirect' do
@@ -668,8 +666,8 @@ class DeviseJwtAuth::PasswordsControllerTest < ActionController::TestCase
 
         describe 'without valid headers' do
           before do
-           @auth_headers = @resource.create_named_token_pair
-           new_password = Faker::Internet.password
+            @auth_headers = @resource.create_named_token_pair
+            new_password = Faker::Internet.password
 
             put :update, params: { password: new_password,
                                    password_confirmation: new_password }
@@ -800,7 +798,7 @@ class DeviseJwtAuth::PasswordsControllerTest < ActionController::TestCase
 
       before do
         @resource = create(:mang_user, :confirmed)
-        @redirect_url = 'http://ng-token-auth.dev'
+        @redirect_url = 'http://ng-jwt-auth.dev'
         get_reset_token
       end
 
@@ -818,7 +816,7 @@ class DeviseJwtAuth::PasswordsControllerTest < ActionController::TestCase
     describe 'unconfirmed user' do
       before do
         @resource = create(:user)
-        @redirect_url = 'http://ng-token-auth.dev'
+        @redirect_url = 'http://ng-jwt-auth.dev'
 
         get_reset_token
 
@@ -852,18 +850,19 @@ class DeviseJwtAuth::PasswordsControllerTest < ActionController::TestCase
     describe 'alternate user type' do
       before do
         @resource = create(:user, :confirmed)
-        @redirect_url = 'http://ng-token-auth.dev'
-        @config_name  = 'altUser'
+        @redirect_url = 'http://ng-jwt-auth.dev'
+        # @config_name  = 'altUser'
 
         params = { email: @resource.email,
-                                redirect_url: @redirect_url,
-                                config_name: @config_name }
+                   redirect_url: @redirect_url,
+                   # config_name: @config_name
+                  }
         get_reset_token params
       end
 
-      test 'config_name param is included in the confirmation email link' do
-        assert_equal @config_name, @mail_config_name
-      end
+      # test 'config_name param is included in the confirmation email link' do
+      #   assert_equal @config_name, @mail_config_name
+      # end
     end
 
     def get_reset_token(params = nil)
@@ -873,9 +872,9 @@ class DeviseJwtAuth::PasswordsControllerTest < ActionController::TestCase
       @mail = ActionMailer::Base.deliveries.last
       @resource.reload
 
-      @mail_config_name  = CGI.unescape(@mail.body.match(/config=([^&]*)&/)[1])
+      # @mail_config_name  = CGI.unescape(@mail.body.match(/config=([^&]*)&/)[1])
       @mail_redirect_url = CGI.unescape(@mail.body.match(/redirect_url=([^&]*)&/)[1])
-      @mail_reset_token  = @mail.body.match(/reset_password_token=(.*)\"/)[1]
+      @mail_reset_token  = @mail.body.match(/reset_password_token=(.*)"/)[1]
     end
   end
 end

data/test/controllers/devise_jwt_auth/refresh_token_controller_test.rb

@@ -8,8 +8,7 @@ class DeviseJwtAuth::RefreshTokenControllerTest < ActionDispatch::IntegrationTes
       before do
         @resource = create(:user, :confirmed)
         @auth_headers = get_cookie_header(DeviseJwtAuth.refresh_token_name,
-                                          @resource.create_refresh_token
-        )
+                                          @resource.create_refresh_token)
         get '/auth/refresh_token', params: {}, headers: @auth_headers
         @resp = JSON.parse(response.body)
       end
@@ -22,13 +21,12 @@ class DeviseJwtAuth::RefreshTokenControllerTest < ActionDispatch::IntegrationTes
         assert @resp[DeviseJwtAuth.access_token_name]
       end
     end
-    
+
     describe 'unconfirmed user' do
       before do
         @resource = create(:user)
         @auth_headers = get_cookie_header(DeviseJwtAuth.refresh_token_name,
-                                          @resource.create_refresh_token
-        )
+                                          @resource.create_refresh_token)
         get '/auth/refresh_token', params: {}, headers: @auth_headers
         @resp = JSON.parse(response.body)
       end
@@ -41,19 +39,18 @@ class DeviseJwtAuth::RefreshTokenControllerTest < ActionDispatch::IntegrationTes
         assert_nil @resp[DeviseJwtAuth.access_token_name]
       end
     end
-    
+
     describe 'an expired token' do
       before do
         @resource = create(:user, :confirmed)
         @exp = (Time.now - 1.hour).to_i
         @expired_token = @resource.create_refresh_token(exp: @exp)
         @auth_headers = get_cookie_header(DeviseJwtAuth.refresh_token_name,
-                                          @expired_token
-        )
+                                          @expired_token)
         get '/auth/refresh_token', params: {}, headers: @auth_headers
         @resp = JSON.parse(response.body)
       end
-      
+
       it 'response error' do
         assert_equal 401, response.status
       end
@@ -66,12 +63,11 @@ class DeviseJwtAuth::RefreshTokenControllerTest < ActionDispatch::IntegrationTes
     describe 'an invalid refresh token' do
       before do
         @auth_headers = get_cookie_header(DeviseJwtAuth.refresh_token_name,
-                                          "invalid-token"
-        )
+                                          'invalid-token')
         get '/auth/refresh_token', params: {}, headers: @auth_headers
         @resp = JSON.parse(response.body)
       end
-      
+
       it 'response error' do
         assert_equal 401, response.status
       end

data/test/controllers/devise_jwt_auth/registrations_controller_test.rb

@@ -105,7 +105,7 @@ class DeviseJwtAuth::RegistrationsControllerTest < ActionDispatch::IntegrationTe
 
         @data = JSON.parse(response.body)
       end
-      
+
       test 'an access token should be returned' do
         assert @data[DeviseJwtAuth.access_token_name]
       end
@@ -185,7 +185,7 @@ class DeviseJwtAuth::RegistrationsControllerTest < ActionDispatch::IntegrationTe
                        unpermitted_param: '(x_x)' }
 
         @data = JSON.parse(response.body)
-        
+
         assert_equal 422, response.status
         assert_nil @data[DeviseJwtAuth.access_token_name]
         assert_nil response.cookies[DeviseJwtAuth.refresh_token_name]
@@ -223,17 +223,17 @@ class DeviseJwtAuth::RegistrationsControllerTest < ActionDispatch::IntegrationTe
         @resource = assigns(:resource)
         @data = JSON.parse(response.body)
         @mail = ActionMailer::Base.deliveries.last
-        @sent_redirect_url = CGI.unescape(@mail.body.match(/redirect_url=([^&]*)(&|\")/)[1])
+        @sent_redirect_url = CGI.unescape(@mail.body.match(/redirect_url=([^&]*)(&|")/)[1])
       end
-      
+
       teardown do
         DeviseJwtAuth.default_confirm_success_url = nil
       end
-      
+
       test 'request should be successful' do
         assert_equal 200, response.status
       end
-      
+
       test 'email contains the default redirect url' do
         assert_equal @redirect_url, @sent_redirect_url
       end
@@ -310,7 +310,7 @@ class DeviseJwtAuth::RegistrationsControllerTest < ActionDispatch::IntegrationTe
         @mail = ActionMailer::Base.deliveries.last
 
         @mail_reset_token  = @mail.body.match(/confirmation_token=([^&]*)&/)[1]
-        @mail_redirect_url = CGI.unescape(@mail.body.match(/redirect_url=(.*)\"/)[1])
+        @mail_redirect_url = CGI.unescape(@mail.body.match(/redirect_url=(.*)"/)[1])
         @mail_config_name  = CGI.unescape(@mail.body.match(/config=([^&]*)&/)[1])
       end
 
@@ -449,10 +449,10 @@ class DeviseJwtAuth::RegistrationsControllerTest < ActionDispatch::IntegrationTe
         before do
           @existing_user = create(:user, :confirmed)
           @auth_headers = @existing_user.create_named_token_pair
-          #@client_id     = @auth_headers['client']
+          # @client_id     = @auth_headers['client']
 
           # ensure request is not treated as batch request
-          #age_token(@existing_user, @client_id)
+          # age_token(@existing_user, @client_id)
 
           delete '/auth', params: {}, headers: @auth_headers
 
@@ -495,7 +495,7 @@ class DeviseJwtAuth::RegistrationsControllerTest < ActionDispatch::IntegrationTe
     describe 'Update user account' do
       describe 'existing user' do
         before do
-          @existing_user = create(:user, :confirmed)          
+          @existing_user = create(:user, :confirmed)
           @auth_headers = @existing_user.create_named_token_pair
 
           # @client_id     = @auth_headers['client']
@@ -799,7 +799,7 @@ class DeviseJwtAuth::RegistrationsControllerTest < ActionDispatch::IntegrationTe
         @resource.skip_confirmation!
         @resource.save!
         @auth_headers = @resource.create_named_token_pair
-  
+
         # @client_id     = @auth_headers['client']
 
         # ensure request is not treated as batch request
@@ -832,7 +832,7 @@ class DeviseJwtAuth::RegistrationsControllerTest < ActionDispatch::IntegrationTe
         @resource.reload
 
         @mail_reset_token  = @mail.body.match(/confirmation_token=([^&]*)&/)[1]
-        @mail_redirect_url = CGI.unescape(@mail.body.match(/redirect_url=(.*)\"/)[1])
+        @mail_redirect_url = CGI.unescape(@mail.body.match(/redirect_url=(.*)"/)[1])
         @mail_config_name  = CGI.unescape(@mail.body.match(/config=([^&]*)&/)[1])
       end
 
@@ -879,20 +879,6 @@ class DeviseJwtAuth::RegistrationsControllerTest < ActionDispatch::IntegrationTe
       test 'user was confirmed' do
         assert @resource.confirmed?
       end
-      
-=begin
-      test 'auth headers were returned in response' do
-        assert response.headers['access-token']
-        assert response.headers['token-type']
-        assert response.headers['client']
-        assert response.headers['expiry']
-        assert response.headers['uid']
-      end
-
-      test 'response token is valid' do
-        assert @resource.valid_token?(@token, @client_id)
-      end
-=end
     end
 
     describe 'User with only :database_authenticatable and :registerable included' do

data/test/controllers/devise_jwt_auth/sessions_controller_test.rb

@@ -141,7 +141,8 @@ class DeviseJwtAuth::SessionsControllerTest < ActionController::TestCase
           assert_nil @data[DeviseJwtAuth.access_token_name]
         end
 
-        test 'response should not have refresh token' do
+        test 'response should delete refresh token from client' do
+          assert_equal true, response.cookies.keys.include?(DeviseJwtAuth.refresh_token_name)
           assert_nil response.cookies[DeviseJwtAuth.refresh_token_name]
         end
 
@@ -174,7 +175,7 @@ class DeviseJwtAuth::SessionsControllerTest < ActionController::TestCase
 
         test 'response should not have refresh token' do
           assert_nil response.cookies[DeviseJwtAuth.refresh_token_name]
-        end        
+        end
       end
 
       describe 'failure' do
@@ -206,37 +207,35 @@ class DeviseJwtAuth::SessionsControllerTest < ActionController::TestCase
         end
       end
 
-=begin
-      describe 'failure with bad password when change_headers_on_each_request false' do
-        before do
-          DeviseJwtAuth.change_headers_on_each_request = false
-
-          # accessing current_user calls through set_user_by_token,
-          # which initializes client_id
-          @controller.current_user
-
-          post :create,
-               params: { email: @existing_user.email,
-                         password: 'bogus' }
-
-          @resource = assigns(:resource)
-          @data = JSON.parse(response.body)
-        end
-
-        test 'request should fail' do
-          assert_equal 401, response.status
-        end
-
-        test 'response should contain errors' do
-          assert @data['errors']
-          assert_equal @data['errors'], [I18n.t('devise_jwt_auth.sessions.bad_credentials')]
-        end
-
-        after do
-          DeviseJwtAuth.change_headers_on_each_request = true
-        end
-      end
-=end
+      #       describe 'failure with bad password when change_headers_on_each_request false' do
+      #         before do
+      #           DeviseJwtAuth.change_headers_on_each_request = false
+      #
+      #           # accessing current_user calls through set_user_by_token,
+      #           # which initializes client_id
+      #           @controller.current_user
+      #
+      #           post :create,
+      #                params: { email: @existing_user.email,
+      #                          password: 'bogus' }
+      #
+      #           @resource = assigns(:resource)
+      #           @data = JSON.parse(response.body)
+      #         end
+      #
+      #         test 'request should fail' do
+      #           assert_equal 401, response.status
+      #         end
+      #
+      #         test 'response should contain errors' do
+      #           assert @data['errors']
+      #           assert_equal @data['errors'], [I18n.t('devise_jwt_auth.sessions.bad_credentials')]
+      #         end
+      #
+      #         after do
+      #           DeviseJwtAuth.change_headers_on_each_request = true
+      #         end
+      #       end
 
       describe 'case-insensitive email' do
         before do
@@ -284,7 +283,6 @@ class DeviseJwtAuth::SessionsControllerTest < ActionController::TestCase
           @data = JSON.parse(response.body)
 
           assert_equal 200, response.status
-          # p 'DATA', @data.inspect
           assert @data[DeviseJwtAuth.access_token_name]
           assert response.cookies[DeviseJwtAuth.refresh_token_name]
         end

data/test/controllers/devise_jwt_auth/unlocks_controller_test.rb

@@ -95,7 +95,7 @@ class DeviseJwtAuth::UnlocksControllerTest < ActionController::TestCase
             @data = JSON.parse(response.body)
 
             @mail_config_name  = CGI.unescape(@mail.body.match(/config=([^&]*)&/)[1])
-            @mail_reset_token  = @mail.body.match(/unlock_token=(.*)\"/)[1]
+            @mail_reset_token  = @mail.body.match(/unlock_token=(.*)"/)[1]
           end
 
           test 'response should return success status' do
@@ -161,7 +161,7 @@ class DeviseJwtAuth::UnlocksControllerTest < ActionController::TestCase
           before do
             @resource_class = LockableUser
             @request_params = {
-              email:        @resource.email.upcase
+              email: @resource.email.upcase
             }
           end
 

data/test/controllers/overrides/confirmations_controller_test.rb

@@ -20,7 +20,7 @@ class Overrides::ConfirmationsControllerTest < ActionDispatch::IntegrationTest
       @new_user.send_confirmation_instructions(redirect_url: @redirect_url)
 
       @mail = ActionMailer::Base.deliveries.last
-      @confirmation_path = @mail.body.match(/localhost([^\"]*)\"/)[1]
+      @confirmation_path = @mail.body.match(/localhost([^"]*)"/)[1]
 
       # visit confirmation link
       get @confirmation_path

data/test/controllers/overrides/passwords_controller_test.rb

@@ -24,7 +24,7 @@ class Overrides::PasswordsControllerTest < ActionDispatch::IntegrationTest
       mail = ActionMailer::Base.deliveries.last
       @resource.reload
 
-      mail_reset_token  = mail.body.match(/reset_password_token=(.*)\"/)[1]
+      mail_reset_token  = mail.body.match(/reset_password_token=(.*)"/)[1]
       mail_redirect_url = CGI.unescape(mail.body.match(/redirect_url=([^&]*)&/)[1])
 
       get '/evil_user_auth/password/edit',
@@ -46,13 +46,8 @@ class Overrides::PasswordsControllerTest < ActionDispatch::IntegrationTest
     test 'response should contain auth params + override proof' do
       # TODO: remove access-token and keep uid?
       assert @query_string['access-token']
-      # assert @query_string['client']
-      # assert @query_string['client_id']
-      # assert @query_string['expiry']
       assert @query_string['override_proof']
       assert @query_string['reset_password']
-      # assert @query_string['token']
-      # assert @query_string['uid']
     end
 
     test 'override proof is correct' do

data/test/controllers/overrides/refresh_token_controller_test.rb

@@ -15,8 +15,7 @@ class Overrides::RefreshTokenControllerTest < ActionDispatch::IntegrationTest
     before do
       @resource = create(:user, :confirmed)
       @auth_headers = get_cookie_header(DeviseJwtAuth.refresh_token_name,
-                                          @resource.create_refresh_token
-      )
+                                        @resource.create_refresh_token)
 
       get '/evil_user_auth/refresh_token',
           params: {},

data/test/controllers/overrides/registrations_controller_test.rb

@@ -14,7 +14,7 @@ class Overrides::RegistrationsControllerTest < ActionDispatch::IntegrationTest
   describe Overrides::RegistrationsController do
     describe 'Succesful Registration update' do
       before do
-        @existing_user  = create(:user, :confirmed)
+        @existing_user = create(:user, :confirmed)
         @auth_headers = @existing_user.create_named_token_pair
 
         # @client_id      = @auth_headers['client']

data/test/dummy/app/controllers/custom/refresh_token_controller.rb

@@ -1,4 +1,5 @@
 # frozen_string_literal: true
+
 module Custom
   class RefreshTokenController < DeviseJwtAuth::RefreshTokenController
     def show
@@ -17,4 +18,4 @@ module Custom
       render json: { custom: 'foo' }
     end
   end
-end
+end

data/test/dummy/app/controllers/custom/registrations_controller.rb

@@ -2,7 +2,7 @@
 
 class Custom::RegistrationsController < DeviseJwtAuth::RegistrationsController
   def create
-    super do |resource|
+    super do |_resource|
       @create_block_called = true
     end
   end

data/test/dummy/app/controllers/overrides/confirmations_controller.rb

@@ -5,30 +5,17 @@ module Overrides
     def show
       @resource = resource_class.confirm_by_token(params[:confirmation_token])
 
-      if @resource && @resource.id
-        # token = @resource.create_token
-        # @resource.save!
-        
+      if @resource&.id
         update_refresh_token_cookie
         redirect_header_options = {
           account_confirmation_success: true,
           config: params[:config],
           override_proof: '(^^,)'
         }
-        redirect_headers = @resource.create_named_token_pair.
-                             merge(redirect_header_options)  
+        redirect_headers = @resource.create_named_token_pair
+                             .merge(redirect_header_options)
         redirect_to_link = DeviseJwtAuth::Url.generate(params[:redirect_url], redirect_headers)
         redirect_to redirect_to_link
-        # redirect_header_options = {
-        #   account_confirmation_success: true,
-        #   config: params[:config],
-        #   override_proof: '(^^,)'
-        # }
-        # redirect_headers = build_redirect_headers(token.token,
-        #                                           token.client,
-        #                                           redirect_header_options)
-        # redirect_to(@resource.build_auth_url(params[:redirect_url],
-        #                                      redirect_headers))
       else
         raise ActionController::RoutingError, 'Not Found'
       end

data/test/dummy/app/controllers/overrides/omniauth_callbacks_controller.rb

@@ -2,14 +2,14 @@
 
 module Overrides
   class OmniauthCallbacksController < DeviseJwtAuth::OmniauthCallbacksController
-    DEFAULT_NICKNAME = 'stimpy'.freeze
+    DEFAULT_NICKNAME = 'stimpy'
 
     def assign_provider_attrs(user, auth_hash)
       user.assign_attributes(
         nickname: DEFAULT_NICKNAME,
-        name:     auth_hash['info']['name'],
-        image:    auth_hash['info']['image'],
-        email:    auth_hash['info']['email']
+        name: auth_hash['info']['name'],
+        image: auth_hash['info']['image'],
+        email: auth_hash['info']['email']
       )
     end
   end

data/test/dummy/app/controllers/overrides/passwords_controller.rb

@@ -2,7 +2,7 @@
 
 module Overrides
   class PasswordsController < DeviseJwtAuth::PasswordsController
-    OVERRIDE_PROOF = '(^^,)'.freeze
+    OVERRIDE_PROOF = '(^^,)'
 
     # this is where users arrive after visiting the email confirmation link
     def edit
@@ -10,9 +10,7 @@ module Overrides
         reset_password_token: resource_params[:reset_password_token]
       )
 
-      if @resource && @resource.id
-        # token = @resource.create_token
-
+      if @resource&.id
         # ensure that user is confirmed
         @resource.skip_confirmation! unless @resource.confirmed_at
 
@@ -23,20 +21,10 @@ module Overrides
           override_proof: OVERRIDE_PROOF,
           reset_password: true
         }
-        redirect_headers = @resource.create_named_token_pair.
-                             merge(redirect_header_options)  
+        redirect_headers = @resource.create_named_token_pair
+                             .merge(redirect_header_options)
         redirect_to_link = DeviseJwtAuth::Url.generate(params[:redirect_url], redirect_headers)
         redirect_to redirect_to_link
-
-        # redirect_header_options = {
-        #   override_proof: OVERRIDE_PROOF,
-        #   reset_password: true
-        # }
-        # redirect_headers = build_redirect_headers(token.token,
-        #                                           token.client,
-        #                                           redirect_header_options)
-        # redirect_to(@resource.build_auth_url(params[:redirect_url],
-        #                                      redirect_headers))
       else
         raise ActionController::RoutingError, 'Not Found'
       end