devise_oauth2_providable 0.2.2 → 0.2.3

Sign up to get free protection for your applications and to get access to all the features.
@@ -8,7 +8,8 @@ module Devise
8
8
  @req.oauth2?
9
9
  end
10
10
  def authenticate!
11
- token = AccessToken.valid.find_by_token access_token
11
+ @req.setup!
12
+ token = AccessToken.valid.find_by_token @req.access_token
12
13
  resource = token ? token.user : nil
13
14
  if validate(resource)
14
15
  success! resource
@@ -18,11 +19,6 @@ module Devise
18
19
  end
19
20
 
20
21
  private
21
- def access_token
22
- tokens = [@req.access_token_in_header, @req.access_token_in_payload].compact
23
- raise 'invalid request: access token exists in header and payload' if tokens.size > 1
24
- tokens.first
25
- end
26
22
  # Simply invokes valid_for_authentication? with the given block and deal with the result.
27
23
  def validate(resource, &block)
28
24
  result = resource && resource.valid_for_authentication?(&block)
@@ -1,5 +1,5 @@
1
1
  module Devise
2
2
  module Oauth2Providable
3
- VERSION = "0.2.2"
3
+ VERSION = "0.2.3"
4
4
  end
5
5
  end
@@ -7,9 +7,26 @@ describe ProtectedController do
7
7
  client = Client.create! :name => 'test', :redirect_uri => 'http://localhost:3000', :website => 'http://localhost'
8
8
  @user = User.create! :name => 'ryan sonnek', :email => 'foo@example.com'
9
9
  @token = AccessToken.create! :client => client, :user => @user
10
-
11
- get :index, {:bearer_token => @token.token}, {'HTTP_AUTHORIZATION' => "Bearer #{@token.token}"}
12
10
  end
13
- it { should respond_with :ok }
11
+ context 'with valid bearer token in header' do
12
+ before do
13
+ @request.env['HTTP_AUTHORIZATION'] = "Bearer #{@token.token}"
14
+ get :index, :format => 'json'
15
+ end
16
+ it { should respond_with :ok }
17
+ end
18
+ context 'with invalid bearer token in query param' do
19
+ before do
20
+ get :index, :bearer_token => 'invalid', :format => 'json'
21
+ end
22
+ it { should respond_with :unauthorized }
23
+ end
24
+ context 'with valid bearer token in header and query string' do
25
+ before do
26
+ @request.env['HTTP_AUTHORIZATION'] = "Bearer #{@token.token}"
27
+ get :index, :bearer_token => @token.token, :format => 'json'
28
+ end
29
+ it { should respond_with :unauthorized }
30
+ end
14
31
  end
15
32
  end
metadata CHANGED
@@ -1,13 +1,13 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: devise_oauth2_providable
3
3
  version: !ruby/object:Gem::Version
4
- hash: 19
4
+ hash: 17
5
5
  prerelease:
6
6
  segments:
7
7
  - 0
8
8
  - 2
9
- - 2
10
- version: 0.2.2
9
+ - 3
10
+ version: 0.2.3
11
11
  platform: ruby
12
12
  authors:
13
13
  - Ryan Sonnek
@@ -15,7 +15,7 @@ autorequire:
15
15
  bindir: bin
16
16
  cert_chain: []
17
17
 
18
- date: 2011-05-17 00:00:00 Z
18
+ date: 2011-05-18 00:00:00 Z
19
19
  dependencies:
20
20
  - !ruby/object:Gem::Dependency
21
21
  name: rails