devise_jwt_auth 0.1.5 → 0.1.6
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +1 -1
- data/app/controllers/devise_jwt_auth/application_controller.rb +14 -11
- data/app/controllers/devise_jwt_auth/concerns/resource_finder.rb +2 -6
- data/app/controllers/devise_jwt_auth/concerns/set_user_by_token.rb +17 -19
- data/app/controllers/devise_jwt_auth/confirmations_controller.rb +10 -19
- data/app/controllers/devise_jwt_auth/omniauth_callbacks_controller.rb +32 -33
- data/app/controllers/devise_jwt_auth/passwords_controller.rb +29 -19
- data/app/controllers/devise_jwt_auth/refresh_token_controller.rb +4 -1
- data/app/controllers/devise_jwt_auth/registrations_controller.rb +40 -21
- data/app/controllers/devise_jwt_auth/sessions_controller.rb +18 -12
- data/app/controllers/devise_jwt_auth/unlocks_controller.rb +5 -4
- data/app/models/devise_jwt_auth/concerns/active_record_support.rb +3 -0
- data/app/models/devise_jwt_auth/concerns/confirmable_support.rb +7 -4
- data/app/models/devise_jwt_auth/concerns/mongoid_support.rb +3 -0
- data/app/models/devise_jwt_auth/concerns/tokens_serialization.rb +4 -1
- data/app/models/devise_jwt_auth/concerns/user.rb +18 -9
- data/app/models/devise_jwt_auth/concerns/user_omniauth_callbacks.rb +11 -3
- data/app/validators/devise_jwt_auth_email_validator.rb +4 -3
- data/lib/devise_jwt_auth/blacklist.rb +2 -0
- data/lib/devise_jwt_auth/controllers/url_helpers.rb +1 -2
- data/lib/devise_jwt_auth/engine.rb +4 -4
- data/lib/devise_jwt_auth/rails/routes.rb +35 -24
- data/lib/devise_jwt_auth/token_factory.rb +3 -2
- data/lib/devise_jwt_auth/url.rb +2 -4
- data/lib/devise_jwt_auth/version.rb +1 -1
- data/lib/generators/devise_jwt_auth/install_generator.rb +7 -6
- data/lib/generators/devise_jwt_auth/install_generator_helpers.rb +14 -7
- data/lib/generators/devise_jwt_auth/install_mongoid_generator.rb +3 -2
- data/lib/generators/devise_jwt_auth/templates/devise_jwt_auth.rb +2 -3
- data/test/controllers/custom/custom_confirmations_controller_test.rb +2 -2
- data/test/controllers/custom/custom_passwords_controller_test.rb +4 -4
- data/test/controllers/custom/custom_refresh_token_controller_test.rb +2 -3
- data/test/controllers/custom/custom_registrations_controller_test.rb +2 -2
- data/test/controllers/demo_mang_controller_test.rb +206 -210
- data/test/controllers/demo_user_controller_test.rb +358 -374
- data/test/controllers/devise_jwt_auth/confirmations_controller_test.rb +5 -5
- data/test/controllers/devise_jwt_auth/omniauth_callbacks_controller_test.rb +6 -7
- data/test/controllers/devise_jwt_auth/passwords_controller_test.rb +11 -13
- data/test/controllers/devise_jwt_auth/refresh_token_controller_test.rb +8 -12
- data/test/controllers/devise_jwt_auth/registrations_controller_test.rb +23 -25
- data/test/controllers/devise_jwt_auth/sessions_controller_test.rb +30 -32
- data/test/controllers/devise_jwt_auth/unlocks_controller_test.rb +2 -2
- data/test/controllers/overrides/confirmations_controller_test.rb +1 -1
- data/test/controllers/overrides/passwords_controller_test.rb +1 -1
- data/test/controllers/overrides/refresh_token_controller_test.rb +1 -2
- data/test/controllers/overrides/registrations_controller_test.rb +1 -1
- data/test/dummy/app/controllers/custom/refresh_token_controller.rb +2 -1
- data/test/dummy/app/controllers/custom/registrations_controller.rb +1 -1
- data/test/dummy/app/controllers/overrides/confirmations_controller.rb +4 -4
- data/test/dummy/app/controllers/overrides/omniauth_callbacks_controller.rb +4 -4
- data/test/dummy/app/controllers/overrides/passwords_controller.rb +4 -4
- data/test/dummy/app/controllers/overrides/refresh_token_controller.rb +1 -1
- data/test/dummy/app/controllers/overrides/registrations_controller.rb +2 -2
- data/test/dummy/app/controllers/overrides/sessions_controller.rb +2 -2
- data/test/dummy/app/models/concerns/favorite_color.rb +11 -9
- data/test/dummy/config.ru +2 -2
- data/test/dummy/config/application.rb +1 -0
- data/test/dummy/config/boot.rb +1 -1
- data/test/dummy/config/environments/test.rb +11 -7
- data/test/dummy/config/initializers/figaro.rb +1 -1
- data/test/dummy/config/initializers/omniauth.rb +2 -2
- data/test/dummy/config/routes.rb +8 -8
- data/test/dummy/db/migrate/20141222035835_devise_jwt_auth_create_only_email_users.rb +9 -9
- data/test/dummy/db/migrate/20190924101113_devise_jwt_auth_create_confirmable_users.rb +6 -5
- data/test/dummy/db/schema.rb +170 -170
- data/test/dummy/tmp/generators/app/controllers/application_controller.rb +6 -0
- data/test/dummy/tmp/generators/config/initializers/devise_jwt_auth.rb +2 -3
- data/test/dummy/tmp/generators/db/migrate/{20200228012905_devise_jwt_auth_create_users.rb → 20201006030349_devise_jwt_auth_create_users.rb} +0 -0
- data/test/factories/users.rb +5 -3
- data/test/lib/devise_jwt_auth/token_factory_test.rb +6 -6
- data/test/lib/generators/devise_jwt_auth/install_generator_test.rb +3 -20
- data/test/lib/generators/devise_jwt_auth/install_generator_with_namespace_test.rb +4 -21
- data/test/models/concerns/tokens_serialization_test.rb +68 -68
- data/test/models/user_test.rb +35 -37
- data/test/support/controllers/routes.rb +7 -5
- data/test/test_helper.rb +1 -1
- metadata +50 -54
- data/test/dummy/tmp/generators/app/models/mang.rb +0 -9
- data/test/dummy/tmp/generators/config/routes.rb +0 -9
- data/test/dummy/tmp/generators/db/migrate/20200228012905_devise_jwt_auth_create_mangs.rb +0 -54
@@ -8,14 +8,13 @@ module ActionDispatch::Routing
|
|
8
8
|
opts[:skip] ||= []
|
9
9
|
|
10
10
|
# check for ctrl overrides, fall back to defaults
|
11
|
-
sessions_ctrl
|
12
|
-
registrations_ctrl
|
13
|
-
passwords_ctrl
|
14
|
-
confirmations_ctrl
|
15
|
-
|
16
|
-
|
17
|
-
|
18
|
-
unlocks_ctrl = opts[:controllers][:unlocks] || 'devise_jwt_auth/unlocks'
|
11
|
+
sessions_ctrl = opts[:controllers][:sessions] || 'devise_jwt_auth/sessions'
|
12
|
+
registrations_ctrl = opts[:controllers][:registrations] || 'devise_jwt_auth/registrations'
|
13
|
+
passwords_ctrl = opts[:controllers][:passwords] || 'devise_jwt_auth/passwords'
|
14
|
+
confirmations_ctrl = opts[:controllers][:confirmations] || 'devise_jwt_auth/confirmations'
|
15
|
+
refresh_token_ctrl = opts[:controllers][:refresh_token] || 'devise_jwt_auth/refresh_token'
|
16
|
+
omniauth_ctrl = opts[:controllers][:omniauth_callbacks] || 'devise_jwt_auth/omniauth_callbacks'
|
17
|
+
unlocks_ctrl = opts[:controllers][:unlocks] || 'devise_jwt_auth/unlocks'
|
19
18
|
|
20
19
|
# define devise controller mappings
|
21
20
|
controllers = { sessions: sessions_ctrl,
|
@@ -26,7 +25,7 @@ module ActionDispatch::Routing
|
|
26
25
|
controllers[:unlocks] = unlocks_ctrl if unlocks_ctrl
|
27
26
|
|
28
27
|
# remove any unwanted devise modules
|
29
|
-
opts[:skip].each{ |item| controllers.delete(item) }
|
28
|
+
opts[:skip].each { |item| controllers.delete(item) }
|
30
29
|
|
31
30
|
devise_for resource.pluralize.underscore.gsub('/', '_').to_sym,
|
32
31
|
class_name: resource,
|
@@ -44,12 +43,12 @@ module ActionDispatch::Routing
|
|
44
43
|
|
45
44
|
# clear scope so controller routes aren't namespaced
|
46
45
|
@scope = ActionDispatch::Routing::Mapper::Scope.new(
|
47
|
-
path:
|
46
|
+
path: '',
|
48
47
|
shallow_path: '',
|
49
|
-
constraints:
|
50
|
-
defaults:
|
51
|
-
options:
|
52
|
-
parent:
|
48
|
+
constraints: {},
|
49
|
+
defaults: {},
|
50
|
+
options: {},
|
51
|
+
parent: nil
|
53
52
|
)
|
54
53
|
|
55
54
|
mapping_name = resource.underscore.gsub('/', '_')
|
@@ -57,22 +56,34 @@ module ActionDispatch::Routing
|
|
57
56
|
|
58
57
|
devise_scope mapping_name.to_sym do
|
59
58
|
# path to refresh access tokens
|
60
|
-
|
61
|
-
|
59
|
+
unless opts[:skip].include?(:refresh_token)
|
60
|
+
get "#{full_path}/refresh_token", controller: refresh_token_ctrl.to_s, action: 'show'
|
61
|
+
end
|
62
62
|
|
63
63
|
# omniauth routes. only define if omniauth is installed and not skipped.
|
64
64
|
if defined?(::OmniAuth) && !opts[:skip].include?(:omniauth_callbacks)
|
65
|
-
match "#{full_path}/failure",
|
66
|
-
|
67
|
-
|
68
|
-
|
69
|
-
match "#{
|
65
|
+
match "#{full_path}/failure",
|
66
|
+
controller: omniauth_ctrl,
|
67
|
+
action: 'omniauth_failure',
|
68
|
+
via: [:get]
|
69
|
+
match "#{full_path}/:provider/callback",
|
70
|
+
controller: omniauth_ctrl,
|
71
|
+
action: 'omniauth_success',
|
72
|
+
via: [:get]
|
73
|
+
match "#{DeviseJwtAuth.omniauth_prefix}/:provider/callback",
|
74
|
+
controller: omniauth_ctrl,
|
75
|
+
action: 'redirect_callbacks',
|
76
|
+
via: [:get, :post]
|
77
|
+
match "#{DeviseJwtAuth.omniauth_prefix}/failure",
|
78
|
+
controller: omniauth_ctrl,
|
79
|
+
action: 'omniauth_failure',
|
80
|
+
via: [:get, :post]
|
70
81
|
|
71
82
|
# preserve the resource class thru oauth authentication by setting name of
|
72
83
|
# resource as "resource_class" param
|
73
|
-
match "#{full_path}/:provider", to: redirect{ |params, request|
|
84
|
+
match "#{full_path}/:provider", to: redirect { |params, request|
|
74
85
|
# get the current querystring
|
75
|
-
qs = CGI
|
86
|
+
qs = CGI.parse(request.env['QUERY_STRING'])
|
76
87
|
|
77
88
|
# append name of current resource
|
78
89
|
qs['resource_class'] = [resource]
|
@@ -80,7 +91,7 @@ module ActionDispatch::Routing
|
|
80
91
|
|
81
92
|
set_omniauth_path_prefix!(DeviseJwtAuth.omniauth_prefix)
|
82
93
|
|
83
|
-
redirect_params = {}.tap { |hash| qs.each{ |k, v| hash[k] = v.first } }
|
94
|
+
redirect_params = {}.tap { |hash| qs.each { |k, v| hash[k] = v.first } }
|
84
95
|
|
85
96
|
if DeviseJwtAuth.redirect_whitelist
|
86
97
|
redirect_url = request.params['auth_origin_url']
|
@@ -1,9 +1,10 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
require 'jwt'
|
2
4
|
|
3
5
|
module DeviseJwtAuth
|
4
6
|
# A token management factory which allow generate token objects and check them.
|
5
7
|
module TokenFactory
|
6
|
-
|
7
8
|
def self.create_refresh_token(payload)
|
8
9
|
if payload[:exp].blank? && payload['exp'].blank?
|
9
10
|
payload[:exp] = (Time.zone.now + DeviseJwtAuth.refresh_token_lifespan).to_i
|
@@ -33,7 +34,7 @@ module DeviseJwtAuth
|
|
33
34
|
rescue TypeError
|
34
35
|
{}
|
35
36
|
end
|
36
|
-
|
37
|
+
|
37
38
|
def self.decode_access_token(token)
|
38
39
|
JWT.decode(token, DeviseJwtAuth.access_token_encryption_key).first
|
39
40
|
rescue JWT::ExpiredSignature
|
data/lib/devise_jwt_auth/url.rb
CHANGED
@@ -1,12 +1,11 @@
|
|
1
1
|
# frozen_string_literal: true
|
2
2
|
|
3
3
|
module DeviseJwtAuth::Url
|
4
|
-
|
5
4
|
def self.generate(url, params = {})
|
6
5
|
uri = URI(url)
|
7
6
|
|
8
7
|
res = "#{uri.scheme}://#{uri.host}"
|
9
|
-
res += ":#{uri.port}" if
|
8
|
+
res += ":#{uri.port}" if uri.port && uri.port != 80 && uri.port != 443
|
10
9
|
res += uri.path.to_s if uri.path
|
11
10
|
query = [uri.query, params.to_query].reject(&:blank?).join('&')
|
12
11
|
res += "?#{query}"
|
@@ -28,7 +27,7 @@ module DeviseJwtAuth::Url
|
|
28
27
|
# wildcard convenience class
|
29
28
|
class Wildcat
|
30
29
|
def self.parse_to_regex(str)
|
31
|
-
escaped = Regexp.escape(str).gsub('\*','.*?')
|
30
|
+
escaped = Regexp.escape(str).gsub('\*', '.*?')
|
32
31
|
Regexp.new("^#{escaped}$", Regexp::IGNORECASE)
|
33
32
|
end
|
34
33
|
|
@@ -40,5 +39,4 @@ module DeviseJwtAuth::Url
|
|
40
39
|
!!@regex.match(str)
|
41
40
|
end
|
42
41
|
end
|
43
|
-
|
44
42
|
end
|
@@ -10,12 +10,12 @@ module DeviseJwtAuth
|
|
10
10
|
class_option :primary_key_type, type: :string, desc: 'The type for primary key'
|
11
11
|
|
12
12
|
def copy_migrations
|
13
|
-
if self.class.migration_exists?('db/migrate', "devise_jwt_auth_create_#{user_class.pluralize.gsub('::','').underscore}")
|
14
|
-
say_status('skipped', "Migration 'devise_jwt_auth_create_#{user_class.pluralize.gsub('::','').underscore}' already exists")
|
13
|
+
if self.class.migration_exists?('db/migrate', "devise_jwt_auth_create_#{user_class.pluralize.gsub('::', '').underscore}")
|
14
|
+
say_status('skipped', "Migration 'devise_jwt_auth_create_#{user_class.pluralize.gsub('::', '').underscore}' already exists")
|
15
15
|
else
|
16
16
|
migration_template(
|
17
17
|
'devise_jwt_auth_create_users.rb.erb',
|
18
|
-
"db/migrate/devise_jwt_auth_create_#{user_class.pluralize.gsub('::','').underscore}.rb"
|
18
|
+
"db/migrate/devise_jwt_auth_create_#{user_class.pluralize.gsub('::', '').underscore}.rb"
|
19
19
|
)
|
20
20
|
end
|
21
21
|
end
|
@@ -26,8 +26,9 @@ module DeviseJwtAuth
|
|
26
26
|
inclusion = 'include DeviseJwtAuth::Concerns::User'
|
27
27
|
unless parse_file_for_line(fname, inclusion)
|
28
28
|
|
29
|
-
active_record_needle =
|
30
|
-
inject_into_file fname, after: "class #{user_class} < #{active_record_needle}\n" do
|
29
|
+
active_record_needle = Rails::VERSION::MAJOR == 5 ? 'ApplicationRecord' : 'ActiveRecord::Base'
|
30
|
+
inject_into_file fname, after: "class #{user_class} < #{active_record_needle}\n" do
|
31
|
+
<<-'RUBY'
|
31
32
|
# Include default devise modules.
|
32
33
|
devise :database_authenticatable, :registerable,
|
33
34
|
:recoverable, :rememberable, :trackable, :validatable,
|
@@ -43,7 +44,7 @@ module DeviseJwtAuth
|
|
43
44
|
|
44
45
|
private
|
45
46
|
|
46
|
-
def self.next_migration_number(
|
47
|
+
def self.next_migration_number(_path)
|
47
48
|
Time.zone.now.utc.strftime('%Y%m%d%H%M%S')
|
48
49
|
end
|
49
50
|
|
@@ -1,4 +1,7 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
module DeviseJwtAuth
|
4
|
+
# Helper methods for installation generators.
|
2
5
|
module InstallGeneratorHelpers
|
3
6
|
class << self
|
4
7
|
def included(mod)
|
@@ -19,15 +22,19 @@ module DeviseJwtAuth
|
|
19
22
|
if File.exist?(File.join(destination_root, fname))
|
20
23
|
if parse_file_for_line(fname, line)
|
21
24
|
say_status('skipped', 'Concern is already included in the application controller.')
|
22
|
-
elsif
|
23
|
-
inject_into_file fname,
|
25
|
+
elsif rails_api?
|
26
|
+
inject_into_file fname,
|
27
|
+
after: "class ApplicationController < ActionController::API\n" do
|
28
|
+
<<-'RUBY'
|
24
29
|
include DeviseJwtAuth::Concerns::SetUserByToken
|
25
|
-
|
30
|
+
RUBY
|
26
31
|
end
|
27
32
|
else
|
28
|
-
inject_into_file fname,
|
33
|
+
inject_into_file fname,
|
34
|
+
after: "class ApplicationController < ActionController::Base\n" do
|
35
|
+
<<-'RUBY'
|
29
36
|
include DeviseJwtAuth::Concerns::SetUserByToken
|
30
|
-
|
37
|
+
RUBY
|
31
38
|
end
|
32
39
|
end
|
33
40
|
else
|
@@ -69,7 +76,7 @@ module DeviseJwtAuth
|
|
69
76
|
|
70
77
|
def ip_column
|
71
78
|
# Padded with spaces so it aligns nicely with the rest of the columns.
|
72
|
-
|
79
|
+
format('%-8s', (inet? ? 'inet' : 'string'))
|
73
80
|
end
|
74
81
|
|
75
82
|
def inet?
|
@@ -100,7 +107,7 @@ module DeviseJwtAuth
|
|
100
107
|
match
|
101
108
|
end
|
102
109
|
|
103
|
-
def
|
110
|
+
def rails_api?
|
104
111
|
fname = 'app/controllers/application_controller.rb'
|
105
112
|
line = 'class ApplicationController < ActionController::API'
|
106
113
|
parse_file_for_line(fname, line)
|
@@ -3,6 +3,7 @@
|
|
3
3
|
require_relative 'install_generator_helpers'
|
4
4
|
|
5
5
|
module DeviseJwtAuth
|
6
|
+
# Adds Mongoid settings to ORM
|
6
7
|
class InstallMongoidGenerator < Rails::Generators::Base
|
7
8
|
include DeviseJwtAuth::InstallGeneratorHelpers
|
8
9
|
|
@@ -11,8 +12,8 @@ module DeviseJwtAuth
|
|
11
12
|
if File.exist?(File.join(destination_root, fname))
|
12
13
|
inclusion = 'include DeviseJwtAuth::Concerns::User'
|
13
14
|
unless parse_file_for_line(fname, inclusion)
|
14
|
-
inject_into_file fname, before: /end\s\z/ do
|
15
|
-
|
15
|
+
inject_into_file fname, before: /end\s\z/ do
|
16
|
+
<<-'RUBY'
|
16
17
|
include Mongoid::Locker
|
17
18
|
|
18
19
|
field :locker_locked_at, type: Time
|
@@ -6,7 +6,7 @@ DeviseJwtAuth.setup do |config|
|
|
6
6
|
# use the HTTP only refresh cookie that is sent during the authentication
|
7
7
|
# process and make refresh token requests.
|
8
8
|
# config.send_new_access_token_on_each_request = false
|
9
|
-
|
9
|
+
|
10
10
|
# By default, refresh token HTTP Only cookies last for 2 weeks. These tokens
|
11
11
|
# are used for requesting shorter-lived acccess tokens.
|
12
12
|
# config.refresh_token_lifespan = 2.weeks
|
@@ -32,7 +32,7 @@ DeviseJwtAuth.setup do |config|
|
|
32
32
|
# environment variable or secret key base that isn't store in a repository.
|
33
33
|
# Also, its a good idea to NOT use the same key for access tokens.
|
34
34
|
config.refresh_token_encryption_key = 'your-refresh-token-secret-key-here'
|
35
|
-
|
35
|
+
|
36
36
|
# This is the refresh token encryption key. You should set this in an
|
37
37
|
# environment variable or secret key base that isn't store in a repository.
|
38
38
|
# Also, its a good idea to NOT use the same key for access tokens.
|
@@ -70,5 +70,4 @@ DeviseJwtAuth.setup do |config|
|
|
70
70
|
# config.update_token_version_after_password_reset = true
|
71
71
|
# config.bypass_sign_in = true
|
72
72
|
# config.require_client_password_reset_token = false
|
73
|
-
|
74
73
|
end
|
@@ -10,8 +10,8 @@ class Custom::ConfirmationsControllerTest < ActionController::TestCase
|
|
10
10
|
@redirect_url = Faker::Internet.url
|
11
11
|
@new_user = create(:user)
|
12
12
|
@new_user.send_confirmation_instructions(redirect_url: @redirect_url)
|
13
|
-
@mail
|
14
|
-
@token
|
13
|
+
@mail = ActionMailer::Base.deliveries.last
|
14
|
+
@token = @mail.body.match(/confirmation_token=([^&]*)&/)[1]
|
15
15
|
@client_config = @mail.body.match(/config=([^&]*)&/)[1]
|
16
16
|
|
17
17
|
get :show,
|
@@ -13,7 +13,7 @@ class Custom::PasswordsControllerTest < ActionController::TestCase
|
|
13
13
|
|
14
14
|
test 'yield resource to block on create success' do
|
15
15
|
post :create,
|
16
|
-
params: { email:
|
16
|
+
params: { email: @resource.email,
|
17
17
|
redirect_url: @redirect_url }
|
18
18
|
|
19
19
|
@mail = ActionMailer::Base.deliveries.last
|
@@ -21,7 +21,7 @@ class Custom::PasswordsControllerTest < ActionController::TestCase
|
|
21
21
|
|
22
22
|
@mail_config_name = CGI.unescape(@mail.body.match(/config=([^&]*)&/)[1])
|
23
23
|
@mail_redirect_url = CGI.unescape(@mail.body.match(/redirect_url=([^&]*)&/)[1])
|
24
|
-
@mail_reset_token = @mail.body.match(/reset_password_token=(.*)
|
24
|
+
@mail_reset_token = @mail.body.match(/reset_password_token=(.*)"/)[1]
|
25
25
|
|
26
26
|
assert @controller.create_block_called?,
|
27
27
|
'create failed to yield resource to provided block'
|
@@ -32,7 +32,7 @@ class Custom::PasswordsControllerTest < ActionController::TestCase
|
|
32
32
|
@redirect_url = 'http://ng-token-auth.dev'
|
33
33
|
|
34
34
|
post :create,
|
35
|
-
params: { email:
|
35
|
+
params: { email: @resource.email,
|
36
36
|
redirect_url: @redirect_url },
|
37
37
|
xhr: true
|
38
38
|
|
@@ -41,7 +41,7 @@ class Custom::PasswordsControllerTest < ActionController::TestCase
|
|
41
41
|
|
42
42
|
@mail_config_name = CGI.unescape(@mail.body.match(/config=([^&]*)&/)[1])
|
43
43
|
@mail_redirect_url = CGI.unescape(@mail.body.match(/redirect_url=([^&]*)&/)[1])
|
44
|
-
@mail_reset_token = @mail.body.match(/reset_password_token=(.*)
|
44
|
+
@mail_reset_token = @mail.body.match(/reset_password_token=(.*)"/)[1]
|
45
45
|
|
46
46
|
get :edit,
|
47
47
|
params: { reset_password_token: @mail_reset_token,
|
@@ -9,8 +9,7 @@ class Custom::RefreshTokenControllerTest < ActionDispatch::IntegrationTest
|
|
9
9
|
before do
|
10
10
|
@resource = create(:user, :confirmed)
|
11
11
|
@auth_headers = get_cookie_header(DeviseJwtAuth.refresh_token_name,
|
12
|
-
@resource.create_refresh_token
|
13
|
-
)
|
12
|
+
@resource.create_refresh_token)
|
14
13
|
end
|
15
14
|
|
16
15
|
test 'yield resource to block on refresh_token success' do
|
@@ -33,4 +32,4 @@ class Custom::RefreshTokenControllerTest < ActionDispatch::IntegrationTest
|
|
33
32
|
assert_equal @data['custom'], 'foo'
|
34
33
|
end
|
35
34
|
end
|
36
|
-
end
|
35
|
+
end
|
@@ -8,8 +8,8 @@ class Custom::RegistrationsControllerTest < ActionDispatch::IntegrationTest
|
|
8
8
|
|
9
9
|
before do
|
10
10
|
@create_params = attributes_for(:user,
|
11
|
-
|
12
|
-
|
11
|
+
confirm_success_url: Faker::Internet.url,
|
12
|
+
unpermitted_param: '(x_x)')
|
13
13
|
|
14
14
|
@existing_user = create(:user, :confirmed)
|
15
15
|
@auth_headers = @existing_user.create_named_token_pair
|
@@ -39,61 +39,59 @@ class DemoMangControllerTest < ActionDispatch::IntegrationTest
|
|
39
39
|
it 'should define current_mang' do
|
40
40
|
assert_equal @resource, @controller.current_mang
|
41
41
|
end
|
42
|
-
|
42
|
+
|
43
43
|
it 'should define mang_signed_in?' do
|
44
44
|
assert @controller.mang_signed_in?
|
45
45
|
end
|
46
|
-
|
46
|
+
|
47
47
|
it 'should not define current_user' do
|
48
48
|
refute_equal @resource, @controller.current_user
|
49
49
|
end
|
50
|
-
|
50
|
+
|
51
51
|
it 'should define render_authenticate_error' do
|
52
52
|
assert @controller.methods.include?(:render_authenticate_error)
|
53
53
|
end
|
54
54
|
end
|
55
|
-
|
55
|
+
|
56
56
|
it 'should return success status' do
|
57
57
|
assert_equal 200, response.status
|
58
58
|
end
|
59
|
-
|
60
|
-
=begin
|
61
|
-
it 'should receive new token after successful request' do
|
62
|
-
refute_equal @token, @resp_token
|
63
|
-
end
|
64
59
|
|
65
|
-
it 'should
|
66
|
-
|
67
|
-
end
|
68
|
-
|
69
|
-
it
|
70
|
-
|
71
|
-
end
|
72
|
-
|
73
|
-
it
|
74
|
-
|
75
|
-
end
|
76
|
-
|
77
|
-
|
78
|
-
|
79
|
-
|
80
|
-
|
81
|
-
|
82
|
-
|
83
|
-
|
84
|
-
|
85
|
-
|
86
|
-
|
87
|
-
|
88
|
-
|
89
|
-
|
90
|
-
|
91
|
-
|
92
|
-
|
93
|
-
|
94
|
-
|
95
|
-
|
96
|
-
|
60
|
+
# it 'should receive new token after successful request' do
|
61
|
+
# refute_equal @token, @resp_token
|
62
|
+
# end
|
63
|
+
#
|
64
|
+
# it 'should preserve the client id from the first request' do
|
65
|
+
# assert_equal @client_id, @resp_client_id
|
66
|
+
# end
|
67
|
+
#
|
68
|
+
# it "should return the user's uid in the auth header" do
|
69
|
+
# assert_equal @resource.uid, @resp_uid
|
70
|
+
# end
|
71
|
+
#
|
72
|
+
# it 'should not treat this request as a batch request' do
|
73
|
+
# refute assigns(:is_batch_request)
|
74
|
+
# end
|
75
|
+
#
|
76
|
+
# describe 'subsequent requests' do
|
77
|
+
# before do
|
78
|
+
# @resource.reload
|
79
|
+
# # ensure that request is not treated as batch request
|
80
|
+
# # age_token(@resource, @client_id)
|
81
|
+
#
|
82
|
+
# get '/demo/members_only_mang',
|
83
|
+
# params: {},
|
84
|
+
# headers: @auth_headers.merge('access-token' => @resp_token)
|
85
|
+
# end
|
86
|
+
#
|
87
|
+
# it 'should not treat this request as a batch request' do
|
88
|
+
# refute assigns(:is_batch_request)
|
89
|
+
# end
|
90
|
+
#
|
91
|
+
# it 'should allow a new request to be made using new token' do
|
92
|
+
# assert_equal 200, response.status
|
93
|
+
# end
|
94
|
+
# end
|
97
95
|
end
|
98
96
|
|
99
97
|
describe 'failed request' do
|
@@ -112,175 +110,173 @@ class DemoMangControllerTest < ActionDispatch::IntegrationTest
|
|
112
110
|
end
|
113
111
|
end
|
114
112
|
|
115
|
-
|
116
|
-
|
117
|
-
|
118
|
-
|
119
|
-
|
120
|
-
|
121
|
-
|
122
|
-
|
123
|
-
|
124
|
-
|
125
|
-
|
126
|
-
|
127
|
-
|
128
|
-
|
129
|
-
|
130
|
-
|
131
|
-
|
132
|
-
|
133
|
-
|
134
|
-
|
135
|
-
|
136
|
-
|
137
|
-
|
138
|
-
|
139
|
-
|
140
|
-
|
141
|
-
|
142
|
-
|
143
|
-
|
144
|
-
|
145
|
-
|
146
|
-
|
147
|
-
|
148
|
-
|
149
|
-
|
150
|
-
|
151
|
-
|
152
|
-
|
153
|
-
|
154
|
-
|
155
|
-
|
156
|
-
|
157
|
-
|
158
|
-
|
159
|
-
|
160
|
-
|
161
|
-
|
162
|
-
|
163
|
-
|
164
|
-
|
165
|
-
|
166
|
-
|
167
|
-
|
168
|
-
|
169
|
-
|
170
|
-
|
171
|
-
|
172
|
-
|
173
|
-
|
174
|
-
|
175
|
-
|
176
|
-
|
177
|
-
|
178
|
-
|
179
|
-
describe '
|
180
|
-
|
181
|
-
|
182
|
-
|
183
|
-
|
184
|
-
|
185
|
-
|
186
|
-
|
187
|
-
|
188
|
-
|
189
|
-
|
190
|
-
|
191
|
-
|
192
|
-
|
193
|
-
|
194
|
-
|
195
|
-
|
196
|
-
|
197
|
-
|
198
|
-
|
199
|
-
|
200
|
-
|
201
|
-
|
202
|
-
|
203
|
-
|
204
|
-
|
205
|
-
|
206
|
-
|
207
|
-
|
208
|
-
|
209
|
-
|
210
|
-
|
211
|
-
|
212
|
-
|
213
|
-
|
214
|
-
|
215
|
-
|
216
|
-
|
217
|
-
|
218
|
-
|
219
|
-
|
220
|
-
|
221
|
-
|
222
|
-
|
223
|
-
|
224
|
-
|
225
|
-
|
226
|
-
|
227
|
-
|
228
|
-
|
229
|
-
|
230
|
-
|
231
|
-
|
232
|
-
|
233
|
-
|
234
|
-
|
235
|
-
|
236
|
-
|
237
|
-
|
238
|
-
|
239
|
-
|
240
|
-
|
241
|
-
|
242
|
-
|
243
|
-
|
244
|
-
|
245
|
-
|
246
|
-
|
247
|
-
|
248
|
-
|
249
|
-
|
250
|
-
|
251
|
-
|
252
|
-
|
253
|
-
|
254
|
-
|
255
|
-
|
256
|
-
|
257
|
-
|
258
|
-
|
259
|
-
|
260
|
-
|
261
|
-
|
262
|
-
|
263
|
-
|
264
|
-
|
265
|
-
|
266
|
-
|
267
|
-
|
268
|
-
|
269
|
-
|
270
|
-
|
271
|
-
|
272
|
-
|
273
|
-
|
274
|
-
|
275
|
-
|
276
|
-
|
277
|
-
|
278
|
-
|
279
|
-
|
280
|
-
|
281
|
-
|
282
|
-
end
|
283
|
-
=end
|
113
|
+
# describe 'disable change_headers_on_each_request' do
|
114
|
+
# before do
|
115
|
+
# DeviseJwtAuth.change_headers_on_each_request = false
|
116
|
+
# @resource.reload
|
117
|
+
# # age_token(@resource, @client_id)
|
118
|
+
#
|
119
|
+
# get '/demo/members_only_mang',
|
120
|
+
# params: {},
|
121
|
+
# headers: @auth_headers
|
122
|
+
#
|
123
|
+
# @first_is_batch_request = assigns(:is_batch_request)
|
124
|
+
# @first_user = assigns(:resource).dup
|
125
|
+
# @first_access_token = response.headers['access-token']
|
126
|
+
# @first_response_status = response.status
|
127
|
+
#
|
128
|
+
# @resource.reload
|
129
|
+
# # age_token(@resource, @client_id)
|
130
|
+
#
|
131
|
+
# # use expired auth header
|
132
|
+
# get '/demo/members_only_mang',
|
133
|
+
# params: {},
|
134
|
+
# headers: @auth_headers
|
135
|
+
#
|
136
|
+
# @second_is_batch_request = assigns(:is_batch_request)
|
137
|
+
# @second_user = assigns(:resource).dup
|
138
|
+
# @second_access_token = response.headers['access-token']
|
139
|
+
# @second_response_status = response.status
|
140
|
+
# end
|
141
|
+
#
|
142
|
+
# after do
|
143
|
+
# DeviseJwtAuth.change_headers_on_each_request = true
|
144
|
+
# end
|
145
|
+
#
|
146
|
+
# it 'should allow the first request through' do
|
147
|
+
# assert_equal 200, @first_response_status
|
148
|
+
# end
|
149
|
+
#
|
150
|
+
# it 'should allow the second request through' do
|
151
|
+
# assert_equal 200, @second_response_status
|
152
|
+
# end
|
153
|
+
#
|
154
|
+
# it 'should return auth headers from the first request' do
|
155
|
+
# assert @first_access_token
|
156
|
+
# end
|
157
|
+
#
|
158
|
+
# it 'should not treat either requests as batch requests' do
|
159
|
+
# refute @first_is_batch_request
|
160
|
+
# refute @second_is_batch_request
|
161
|
+
# end
|
162
|
+
#
|
163
|
+
# it 'should return auth headers from the second request' do
|
164
|
+
# assert @second_access_token
|
165
|
+
# end
|
166
|
+
#
|
167
|
+
# it 'should define user during first request' do
|
168
|
+
# assert @first_user
|
169
|
+
# end
|
170
|
+
#
|
171
|
+
# it 'should define user during second request' do
|
172
|
+
# assert @second_user
|
173
|
+
# end
|
174
|
+
# end
|
175
|
+
#
|
176
|
+
# describe 'batch requests' do
|
177
|
+
# describe 'success' do
|
178
|
+
# before do
|
179
|
+
# # age_token(@resource, @client_id)
|
180
|
+
#
|
181
|
+
# get '/demo/members_only_mang',
|
182
|
+
# params: {},
|
183
|
+
# headers: @auth_headers
|
184
|
+
#
|
185
|
+
# @first_is_batch_request = assigns(:is_batch_request)
|
186
|
+
# @first_user = assigns(:resource)
|
187
|
+
# @first_access_token = response.headers['access-token']
|
188
|
+
#
|
189
|
+
# get '/demo/members_only_mang',
|
190
|
+
# params: {},
|
191
|
+
# headers: @auth_headers
|
192
|
+
#
|
193
|
+
# @second_is_batch_request = assigns(:is_batch_request)
|
194
|
+
# @second_user = assigns(:resource)
|
195
|
+
# @second_access_token = response.headers['access-token']
|
196
|
+
# end
|
197
|
+
#
|
198
|
+
# it 'should allow both requests through' do
|
199
|
+
# assert_equal 200, response.status
|
200
|
+
# end
|
201
|
+
#
|
202
|
+
# it 'should not treat the first request as a batch request' do
|
203
|
+
# refute @first_is_batch_request
|
204
|
+
# end
|
205
|
+
#
|
206
|
+
# it 'should treat the second request as a batch request' do
|
207
|
+
# assert @second_is_batch_request
|
208
|
+
# end
|
209
|
+
#
|
210
|
+
# it 'should return access token for first (non-batch) request' do
|
211
|
+
# assert @first_access_token
|
212
|
+
# end
|
213
|
+
#
|
214
|
+
# it 'should not return auth headers for second (batched) requests' do
|
215
|
+
# assert_equal ' ', @second_access_token
|
216
|
+
# end
|
217
|
+
# end
|
218
|
+
#
|
219
|
+
# describe 'time out' do
|
220
|
+
# before do
|
221
|
+
# @resource.reload
|
222
|
+
# # age_token(@resource, @client_id)
|
223
|
+
#
|
224
|
+
# get '/demo/members_only_mang',
|
225
|
+
# params: {},
|
226
|
+
# headers: @auth_headers
|
227
|
+
#
|
228
|
+
# @first_is_batch_request = assigns(:is_batch_request)
|
229
|
+
# @first_user = assigns(:resource).dup
|
230
|
+
# @first_access_token = response.headers['access-token']
|
231
|
+
# @first_response_status = response.status
|
232
|
+
#
|
233
|
+
# @resource.reload
|
234
|
+
# # age_token(@resource, @client_id)
|
235
|
+
#
|
236
|
+
# # use expired auth header
|
237
|
+
# get '/demo/members_only_mang',
|
238
|
+
# params: {},
|
239
|
+
# headers: @auth_headers
|
240
|
+
#
|
241
|
+
# @second_is_batch_request = assigns(:is_batch_request)
|
242
|
+
# @second_user = assigns(:resource)
|
243
|
+
# @second_access_token = response.headers['access-token']
|
244
|
+
# @second_response_status = response.status
|
245
|
+
# end
|
246
|
+
#
|
247
|
+
# it 'should allow the first request through' do
|
248
|
+
# assert_equal 200, @first_response_status
|
249
|
+
# end
|
250
|
+
#
|
251
|
+
# it 'should not allow the second request through' do
|
252
|
+
# assert_equal 401, @second_response_status
|
253
|
+
# end
|
254
|
+
#
|
255
|
+
# it 'should not treat first request as batch request' do
|
256
|
+
# refute @second_is_batch_request
|
257
|
+
# end
|
258
|
+
#
|
259
|
+
# it 'should return auth headers from the first request' do
|
260
|
+
# assert @first_access_token
|
261
|
+
# end
|
262
|
+
#
|
263
|
+
# it 'should not treat second request as batch request' do
|
264
|
+
# refute @second_is_batch_request
|
265
|
+
# end
|
266
|
+
#
|
267
|
+
# it 'should not return auth headers from the second request' do
|
268
|
+
# refute @second_access_token
|
269
|
+
# end
|
270
|
+
#
|
271
|
+
# it 'should define user during first request' do
|
272
|
+
# assert @first_user
|
273
|
+
# end
|
274
|
+
#
|
275
|
+
# it 'should not define user during second request' do
|
276
|
+
# refute @second_user
|
277
|
+
# end
|
278
|
+
# end
|
279
|
+
# end
|
284
280
|
end
|
285
281
|
end
|
286
282
|
end
|