doorkeeper-mongodb 5.2.1 → 5.2.2
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/doorkeeper-mongodb.rb +1 -0
- data/lib/doorkeeper-mongodb/mixins/mongoid/access_grant_mixin.rb +1 -0
- data/lib/doorkeeper-mongodb/mixins/mongoid/access_token_mixin.rb +1 -0
- data/lib/doorkeeper-mongodb/mixins/mongoid/application_mixin.rb +76 -0
- data/lib/doorkeeper-mongodb/mixins/mongoid/base_mixin.rb +0 -8
- data/lib/doorkeeper-mongodb/mixins/mongoid/json_serializable.rb +17 -0
- data/lib/doorkeeper-mongodb/version.rb +1 -1
- data/spec/controllers/application_metal_controller_spec.rb +4 -4
- data/spec/controllers/applications_controller_spec.rb +198 -202
- data/spec/controllers/authorizations_controller_spec.rb +32 -31
- data/spec/controllers/protected_resources_controller_spec.rb +10 -10
- data/spec/controllers/token_info_controller_spec.rb +1 -1
- data/spec/controllers/tokens_controller_spec.rb +105 -62
- data/spec/doorkeeper/redirect_uri_validator_spec.rb +183 -0
- data/spec/{lib → doorkeeper}/server_spec.rb +5 -4
- data/spec/{lib → doorkeeper}/stale_records_cleaner_spec.rb +8 -7
- data/spec/{version → doorkeeper}/version_spec.rb +3 -3
- data/spec/dummy/log/test.log +4220 -4184
- data/spec/dummy/tmp/cache/assets/sprockets/v4.0.0/{eS/eSL1QMz46gKLM0GR6S9fL6uyARPxOImcappZ9_ZtSyg.cache → Pm/PmheG0PGFqDws1qgFOxOyIL-gpMof3Ar9eSRKVLYuik.cache} +0 -0
- data/spec/grape/grape_integration_spec.rb +1 -1
- data/spec/helpers/doorkeeper/dashboard_helper_spec.rb +1 -1
- data/spec/lib/config_spec.rb +23 -12
- data/spec/lib/doorkeeper_spec.rb +4 -4
- data/spec/lib/models/expirable_spec.rb +9 -9
- data/spec/lib/models/reusable_spec.rb +2 -2
- data/spec/lib/models/revocable_spec.rb +4 -7
- data/spec/lib/models/scopes_spec.rb +7 -7
- data/spec/lib/models/secret_storable_spec.rb +9 -8
- data/spec/lib/oauth/authorization/uri_builder_spec.rb +23 -27
- data/spec/lib/oauth/authorization_code_request_spec.rb +6 -6
- data/spec/lib/oauth/base_request_spec.rb +11 -27
- data/spec/lib/oauth/base_response_spec.rb +2 -2
- data/spec/lib/oauth/client/credentials_spec.rb +25 -25
- data/spec/lib/oauth/client_credentials/creator_spec.rb +89 -91
- data/spec/lib/oauth/client_credentials/issuer_spec.rb +84 -86
- data/spec/lib/oauth/client_credentials/validation_spec.rb +72 -39
- data/spec/lib/oauth/client_credentials_integration_spec.rb +5 -5
- data/spec/lib/oauth/client_credentials_request_spec.rb +7 -10
- data/spec/lib/oauth/client_spec.rb +8 -8
- data/spec/lib/oauth/code_request_spec.rb +5 -5
- data/spec/lib/oauth/code_response_spec.rb +4 -4
- data/spec/lib/oauth/error_response_spec.rb +6 -5
- data/spec/lib/oauth/error_spec.rb +1 -1
- data/spec/lib/oauth/forbidden_token_response_spec.rb +2 -2
- data/spec/lib/oauth/helpers/scope_checker_spec.rb +37 -37
- data/spec/lib/oauth/helpers/unique_token_spec.rb +2 -2
- data/spec/lib/oauth/helpers/uri_checker_spec.rb +54 -54
- data/spec/lib/oauth/invalid_request_response_spec.rb +6 -6
- data/spec/lib/oauth/invalid_token_response_spec.rb +4 -4
- data/spec/lib/oauth/password_access_token_request_spec.rb +10 -9
- data/spec/lib/oauth/pre_authorization_spec.rb +20 -8
- data/spec/lib/oauth/refresh_token_request_spec.rb +10 -10
- data/spec/lib/oauth/scopes_spec.rb +14 -14
- data/spec/lib/oauth/token_request_spec.rb +9 -9
- data/spec/lib/oauth/token_response_spec.rb +5 -5
- data/spec/lib/oauth/token_spec.rb +5 -5
- data/spec/lib/option_spec.rb +1 -1
- data/spec/lib/request/strategy_spec.rb +34 -37
- data/spec/lib/secret_storing/base_spec.rb +3 -2
- data/spec/lib/secret_storing/bcrypt_spec.rb +2 -1
- data/spec/lib/secret_storing/plain_spec.rb +2 -1
- data/spec/lib/secret_storing/sha256_hash_spec.rb +2 -1
- data/spec/models/doorkeeper/access_grant_spec.rb +7 -9
- data/spec/models/doorkeeper/access_token_spec.rb +20 -26
- data/spec/models/doorkeeper/application_spec.rb +83 -26
- data/spec/requests/applications/applications_request_spec.rb +91 -93
- data/spec/requests/endpoints/authorization_spec.rb +1 -1
- data/spec/requests/endpoints/token_spec.rb +22 -16
- data/spec/requests/flows/authorization_code_errors_spec.rb +12 -8
- data/spec/requests/flows/authorization_code_spec.rb +108 -79
- data/spec/requests/flows/client_credentials_spec.rb +57 -45
- data/spec/requests/flows/implicit_grant_spec.rb +4 -4
- data/spec/requests/flows/password_spec.rb +253 -213
- data/spec/requests/flows/refresh_token_spec.rb +53 -39
- data/spec/requests/flows/revoke_token_spec.rb +24 -24
- data/spec/requests/flows/skip_authorization_spec.rb +1 -1
- data/spec/requests/protected_resources/metal_spec.rb +2 -2
- data/spec/routing/custom_controller_routes_spec.rb +1 -1
- data/spec/routing/default_routes_spec.rb +1 -1
- data/spec/routing/scoped_routes_spec.rb +1 -1
- data/spec/support/helpers/request_spec_helper.rb +1 -13
- data/spec/support/helpers/url_helper.rb +2 -2
- data/spec/support/shared/controllers_shared_context.rb +5 -38
- data/spec/support/shared/hashing_shared_context.rb +4 -0
- data/spec/support/shared/models_shared_examples.rb +6 -6
- metadata +13 -10
@@ -2,7 +2,7 @@
|
|
2
2
|
|
3
3
|
require "spec_helper"
|
4
4
|
|
5
|
-
describe "Refresh Token Flow" do
|
5
|
+
RSpec.describe "Refresh Token Flow" do
|
6
6
|
before do
|
7
7
|
Doorkeeper.configure do
|
8
8
|
orm DOORKEEPER_ORM
|
@@ -14,7 +14,7 @@ describe "Refresh Token Flow" do
|
|
14
14
|
|
15
15
|
let(:resource_owner) { FactoryBot.create(:resource_owner) }
|
16
16
|
|
17
|
-
|
17
|
+
describe "issuing a refresh token" do
|
18
18
|
before do
|
19
19
|
authorization_code_exists application: @client,
|
20
20
|
resource_owner_id: resource_owner.id,
|
@@ -26,23 +26,27 @@ describe "Refresh Token Flow" do
|
|
26
26
|
|
27
27
|
token = Doorkeeper::AccessToken.first
|
28
28
|
|
29
|
-
|
30
|
-
|
29
|
+
expect(json_response).to include(
|
30
|
+
"access_token" => token.token,
|
31
|
+
"refresh_token" => token.refresh_token,
|
32
|
+
)
|
31
33
|
|
32
34
|
expect(@authorization.reload).to be_revoked
|
33
35
|
|
34
36
|
post refresh_token_endpoint_url(client: @client, refresh_token: token.refresh_token)
|
35
37
|
|
36
38
|
new_token = Doorkeeper::AccessToken.last
|
37
|
-
|
38
|
-
|
39
|
+
expect(json_response).to include(
|
40
|
+
"access_token" => new_token.token,
|
41
|
+
"refresh_token" => new_token.refresh_token,
|
42
|
+
)
|
39
43
|
|
40
|
-
expect(token.token).not_to
|
44
|
+
expect(token.token).not_to eq(new_token.token)
|
41
45
|
expect(token.refresh_token).not_to eq(new_token.refresh_token)
|
42
46
|
end
|
43
47
|
end
|
44
48
|
|
45
|
-
|
49
|
+
describe "refreshing the token" do
|
46
50
|
before do
|
47
51
|
@token = FactoryBot.create(
|
48
52
|
:access_token,
|
@@ -53,30 +57,30 @@ describe "Refresh Token Flow" do
|
|
53
57
|
)
|
54
58
|
end
|
55
59
|
|
56
|
-
context "refresh_token revoked on use" do
|
57
|
-
it "client
|
60
|
+
context "when refresh_token revoked on use" do
|
61
|
+
it "client requests a token with refresh token" do
|
58
62
|
post refresh_token_endpoint_url(
|
59
63
|
client: @client, refresh_token: @token.refresh_token,
|
60
64
|
)
|
61
|
-
|
62
|
-
"refresh_token"
|
65
|
+
expect(json_response).to include(
|
66
|
+
"refresh_token" => Doorkeeper::AccessToken.last.refresh_token,
|
63
67
|
)
|
64
68
|
expect(@token.reload).not_to be_revoked
|
65
69
|
end
|
66
70
|
|
67
|
-
it "client
|
71
|
+
it "client requests a token with expired access token" do
|
68
72
|
@token.update_attribute :expires_in, -100
|
69
73
|
post refresh_token_endpoint_url(
|
70
74
|
client: @client, refresh_token: @token.refresh_token,
|
71
75
|
)
|
72
|
-
|
73
|
-
"refresh_token"
|
76
|
+
expect(json_response).to include(
|
77
|
+
"refresh_token" => Doorkeeper::AccessToken.last.refresh_token,
|
74
78
|
)
|
75
79
|
expect(@token.reload).not_to be_revoked
|
76
80
|
end
|
77
81
|
end
|
78
82
|
|
79
|
-
context "refresh_token revoked on refresh_token request" do
|
83
|
+
context "when refresh_token revoked on refresh_token request" do
|
80
84
|
before do
|
81
85
|
allow(Doorkeeper::AccessToken).to receive(:refresh_token_revoked_on_use?).and_return(false)
|
82
86
|
end
|
@@ -85,8 +89,8 @@ describe "Refresh Token Flow" do
|
|
85
89
|
post refresh_token_endpoint_url(
|
86
90
|
client: @client, refresh_token: @token.refresh_token,
|
87
91
|
)
|
88
|
-
|
89
|
-
"refresh_token"
|
92
|
+
expect(json_response).to include(
|
93
|
+
"refresh_token" => Doorkeeper::AccessToken.last.refresh_token,
|
90
94
|
)
|
91
95
|
expect(@token.reload).to be_revoked
|
92
96
|
end
|
@@ -96,14 +100,14 @@ describe "Refresh Token Flow" do
|
|
96
100
|
post refresh_token_endpoint_url(
|
97
101
|
client: @client, refresh_token: @token.refresh_token,
|
98
102
|
)
|
99
|
-
|
100
|
-
"refresh_token"
|
103
|
+
expect(json_response).to include(
|
104
|
+
"refresh_token" => Doorkeeper::AccessToken.last.refresh_token,
|
101
105
|
)
|
102
106
|
expect(@token.reload).to be_revoked
|
103
107
|
end
|
104
108
|
end
|
105
109
|
|
106
|
-
context "public & private clients" do
|
110
|
+
context "with public & private clients" do
|
107
111
|
let(:public_client) do
|
108
112
|
FactoryBot.create(
|
109
113
|
:application,
|
@@ -138,15 +142,16 @@ describe "Refresh Token Flow" do
|
|
138
142
|
)
|
139
143
|
|
140
144
|
new_token = Doorkeeper::AccessToken.last
|
141
|
-
|
142
|
-
|
145
|
+
expect(json_response).to include(
|
146
|
+
"access_token" => new_token.token,
|
147
|
+
"refresh_token" => new_token.refresh_token,
|
148
|
+
)
|
143
149
|
end
|
144
150
|
|
145
151
|
it "returns an error without credentials" do
|
146
152
|
post refresh_token_endpoint_url(refresh_token: token_for_private_client.refresh_token)
|
147
153
|
|
148
|
-
|
149
|
-
should_have_json "error", "invalid_grant"
|
154
|
+
expect(json_response).to include("error" => "invalid_grant")
|
150
155
|
end
|
151
156
|
|
152
157
|
it "returns an error with wrong credentials" do
|
@@ -155,35 +160,44 @@ describe "Refresh Token Flow" do
|
|
155
160
|
client_secret: "1",
|
156
161
|
refresh_token: token_for_private_client.refresh_token,
|
157
162
|
)
|
158
|
-
|
159
|
-
|
160
|
-
|
163
|
+
expect(json_response).to match(
|
164
|
+
"error" => "invalid_client",
|
165
|
+
"error_description" => an_instance_of(String),
|
166
|
+
)
|
161
167
|
end
|
162
168
|
end
|
163
169
|
|
164
170
|
it "client gets an error for invalid refresh token" do
|
165
171
|
post refresh_token_endpoint_url(client: @client, refresh_token: "invalid")
|
166
|
-
|
167
|
-
|
172
|
+
|
173
|
+
expect(json_response).to match(
|
174
|
+
"error" => "invalid_grant",
|
175
|
+
"error_description" => an_instance_of(String),
|
176
|
+
)
|
168
177
|
end
|
169
178
|
|
170
179
|
it "client gets an error for revoked access token" do
|
171
180
|
@token.revoke
|
172
181
|
post refresh_token_endpoint_url(client: @client, refresh_token: @token.refresh_token)
|
173
|
-
|
174
|
-
|
182
|
+
|
183
|
+
expect(json_response).to match(
|
184
|
+
"error" => "invalid_grant",
|
185
|
+
"error_description" => an_instance_of(String),
|
186
|
+
)
|
175
187
|
end
|
176
188
|
|
177
189
|
it "second of simultaneous client requests get an error for revoked access token" do
|
178
190
|
allow_any_instance_of(Doorkeeper::AccessToken).to receive(:revoked?).and_return(false, true)
|
179
191
|
post refresh_token_endpoint_url(client: @client, refresh_token: @token.refresh_token)
|
180
192
|
|
181
|
-
|
182
|
-
|
193
|
+
expect(json_response).to match(
|
194
|
+
"error" => "invalid_grant",
|
195
|
+
"error_description" => an_instance_of(String),
|
196
|
+
)
|
183
197
|
end
|
184
198
|
end
|
185
199
|
|
186
|
-
context "refreshing the token with multiple sessions (devices)" do
|
200
|
+
context "when refreshing the token with multiple sessions (devices)" do
|
187
201
|
before do
|
188
202
|
# enable password auth to simulate other devices
|
189
203
|
config_is_set(:grant_flows, ["password"])
|
@@ -206,18 +220,18 @@ describe "Refresh Token Flow" do
|
|
206
220
|
@token.update_attribute :expires_in, -100
|
207
221
|
end
|
208
222
|
|
209
|
-
context "refresh_token revoked on use" do
|
223
|
+
context "when refresh_token revoked on use" do
|
210
224
|
it "client request a token after creating another token with the same user" do
|
211
225
|
post refresh_token_endpoint_url(
|
212
226
|
client: @client, refresh_token: @token.refresh_token,
|
213
227
|
)
|
214
228
|
|
215
|
-
|
229
|
+
expect(json_response).to include("refresh_token" => last_token.refresh_token)
|
216
230
|
expect(@token.reload).not_to be_revoked
|
217
231
|
end
|
218
232
|
end
|
219
233
|
|
220
|
-
context "refresh_token revoked on refresh_token request" do
|
234
|
+
context "when refresh_token revoked on refresh_token request" do
|
221
235
|
before do
|
222
236
|
allow(Doorkeeper::AccessToken).to receive(:refresh_token_revoked_on_use?).and_return(false)
|
223
237
|
end
|
@@ -227,7 +241,7 @@ describe "Refresh Token Flow" do
|
|
227
241
|
client: @client, refresh_token: @token.refresh_token,
|
228
242
|
)
|
229
243
|
|
230
|
-
|
244
|
+
expect(json_response).to include("refresh_token" => last_token.refresh_token)
|
231
245
|
expect(@token.reload).to be_revoked
|
232
246
|
end
|
233
247
|
end
|
@@ -2,7 +2,7 @@
|
|
2
2
|
|
3
3
|
require "spec_helper"
|
4
4
|
|
5
|
-
describe "Revoke Token Flow" do
|
5
|
+
RSpec.describe "Revoke Token Flow" do
|
6
6
|
before do
|
7
7
|
Doorkeeper.configure { orm DOORKEEPER_ORM }
|
8
8
|
end
|
@@ -29,22 +29,22 @@ describe "Revoke Token Flow" do
|
|
29
29
|
{ "HTTP_AUTHORIZATION" => "Basic #{credentials}" }
|
30
30
|
end
|
31
31
|
|
32
|
-
it "
|
32
|
+
it "revokes the access token provided" do
|
33
33
|
post revocation_token_endpoint_url, params: { token: access_token.token }, headers: headers
|
34
34
|
|
35
35
|
expect(response).to be_successful
|
36
|
-
expect(access_token.reload
|
36
|
+
expect(access_token.reload).to be_revoked
|
37
37
|
end
|
38
38
|
|
39
|
-
it "
|
39
|
+
it "revokes the refresh token provided" do
|
40
40
|
post revocation_token_endpoint_url, params: { token: access_token.refresh_token }, headers: headers
|
41
41
|
|
42
42
|
expect(response).to be_successful
|
43
|
-
expect(access_token.reload
|
43
|
+
expect(access_token.reload).to be_revoked
|
44
44
|
end
|
45
45
|
|
46
46
|
context "with invalid token to revoke" do
|
47
|
-
it "
|
47
|
+
it "does not revoke any tokens and must respond with success" do
|
48
48
|
expect do
|
49
49
|
post revocation_token_endpoint_url,
|
50
50
|
params: { token: "I_AM_AN_INVALID_TOKEN" },
|
@@ -62,24 +62,24 @@ describe "Revoke Token Flow" do
|
|
62
62
|
{ "HTTP_AUTHORIZATION" => "Basic #{credentials}" }
|
63
63
|
end
|
64
64
|
|
65
|
-
it "
|
65
|
+
it "does not revoke any tokens and respond with forbidden" do
|
66
66
|
post revocation_token_endpoint_url, params: { token: access_token.token }, headers: headers
|
67
67
|
|
68
68
|
expect(response).to be_forbidden
|
69
69
|
expect(response.body).to include("unauthorized_client")
|
70
70
|
expect(response.body).to include(I18n.t("doorkeeper.errors.messages.revoke.unauthorized"))
|
71
|
-
expect(access_token.reload
|
71
|
+
expect(access_token.reload).not_to be_revoked
|
72
72
|
end
|
73
73
|
end
|
74
74
|
|
75
75
|
context "with no credentials and a valid token" do
|
76
|
-
it "
|
76
|
+
it "does not revoke any tokens and respond with forbidden" do
|
77
77
|
post revocation_token_endpoint_url, params: { token: access_token.token }
|
78
78
|
|
79
79
|
expect(response).to be_forbidden
|
80
80
|
expect(response.body).to include("unauthorized_client")
|
81
81
|
expect(response.body).to include(I18n.t("doorkeeper.errors.messages.revoke.unauthorized"))
|
82
|
-
expect(access_token.reload
|
82
|
+
expect(access_token.reload).not_to be_revoked
|
83
83
|
end
|
84
84
|
end
|
85
85
|
|
@@ -92,13 +92,13 @@ describe "Revoke Token Flow" do
|
|
92
92
|
{ "HTTP_AUTHORIZATION" => "Basic #{credentials}" }
|
93
93
|
end
|
94
94
|
|
95
|
-
it "
|
95
|
+
it "does not revoke the token as it's unauthorized" do
|
96
96
|
post revocation_token_endpoint_url, params: { token: access_token.token }, headers: headers
|
97
97
|
|
98
98
|
expect(response).to be_forbidden
|
99
99
|
expect(response.body).to include("unauthorized_client")
|
100
100
|
expect(response.body).to include(I18n.t("doorkeeper.errors.messages.revoke.unauthorized"))
|
101
|
-
expect(access_token.reload
|
101
|
+
expect(access_token.reload).not_to be_revoked
|
102
102
|
end
|
103
103
|
end
|
104
104
|
end
|
@@ -114,25 +114,25 @@ describe "Revoke Token Flow" do
|
|
114
114
|
)
|
115
115
|
end
|
116
116
|
|
117
|
-
it "
|
117
|
+
it "revokes the access token provided" do
|
118
118
|
post revocation_token_endpoint_url,
|
119
119
|
params: { client_id: public_client_application.uid, token: access_token.token },
|
120
120
|
headers: headers
|
121
121
|
|
122
122
|
expect(response).to be_successful
|
123
|
-
expect(access_token.reload
|
123
|
+
expect(access_token.reload).to be_revoked
|
124
124
|
end
|
125
125
|
|
126
|
-
it "
|
126
|
+
it "revokes the refresh token provided" do
|
127
127
|
post revocation_token_endpoint_url,
|
128
128
|
params: { client_id: public_client_application.uid, token: access_token.refresh_token },
|
129
129
|
headers: headers
|
130
130
|
|
131
131
|
expect(response).to be_successful
|
132
|
-
expect(access_token.reload
|
132
|
+
expect(access_token.reload).to be_revoked
|
133
133
|
end
|
134
134
|
|
135
|
-
it "
|
135
|
+
it "responses with success even for invalid token" do
|
136
136
|
post revocation_token_endpoint_url,
|
137
137
|
params: { client_id: public_client_application.uid, token: "dont_exist" },
|
138
138
|
headers: headers
|
@@ -151,24 +151,24 @@ describe "Revoke Token Flow" do
|
|
151
151
|
)
|
152
152
|
end
|
153
153
|
|
154
|
-
it "
|
154
|
+
it "does not revoke the access token provided" do
|
155
155
|
post revocation_token_endpoint_url,
|
156
156
|
params: { client_id: public_client_application.uid, token: access_token.token }
|
157
157
|
|
158
158
|
expect(response).to be_forbidden
|
159
159
|
expect(response.body).to include("unauthorized_client")
|
160
160
|
expect(response.body).to include(I18n.t("doorkeeper.errors.messages.revoke.unauthorized"))
|
161
|
-
expect(access_token.reload
|
161
|
+
expect(access_token.reload).not_to be_revoked
|
162
162
|
end
|
163
163
|
|
164
|
-
it "
|
164
|
+
it "does not revoke the refresh token provided" do
|
165
165
|
post revocation_token_endpoint_url,
|
166
|
-
params: { client_id: public_client_application.uid, token: access_token.
|
166
|
+
params: { client_id: public_client_application.uid, token: access_token.refresh_token }
|
167
167
|
|
168
168
|
expect(response).to be_forbidden
|
169
169
|
expect(response.body).to include("unauthorized_client")
|
170
170
|
expect(response.body).to include(I18n.t("doorkeeper.errors.messages.revoke.unauthorized"))
|
171
|
-
expect(access_token.reload
|
171
|
+
expect(access_token.reload).not_to be_revoked
|
172
172
|
end
|
173
173
|
end
|
174
174
|
end
|
@@ -184,13 +184,13 @@ describe "Revoke Token Flow" do
|
|
184
184
|
)
|
185
185
|
end
|
186
186
|
|
187
|
-
it "
|
187
|
+
it "does not remove the token and responses with an error" do
|
188
188
|
post revocation_token_endpoint_url,
|
189
189
|
params: { token: access_token.token },
|
190
190
|
headers: headers
|
191
191
|
|
192
192
|
expect(response).not_to be_successful
|
193
|
-
expect(access_token.reload
|
193
|
+
expect(access_token.reload).not_to be_revoked
|
194
194
|
end
|
195
195
|
end
|
196
196
|
end
|
@@ -2,7 +2,7 @@
|
|
2
2
|
|
3
3
|
require "spec_helper"
|
4
4
|
|
5
|
-
describe "ActionController::Metal API" do
|
5
|
+
RSpec.describe "ActionController::Metal API" do
|
6
6
|
before do
|
7
7
|
@client = FactoryBot.create(:application)
|
8
8
|
@resource = User.create!(name: "Joe", password: "sekret")
|
@@ -11,6 +11,6 @@ describe "ActionController::Metal API" do
|
|
11
11
|
|
12
12
|
it "client requests protected resource with valid token" do
|
13
13
|
get "/metal.json?access_token=#{@token.token}"
|
14
|
-
|
14
|
+
expect(json_response).to include("ok" => true)
|
15
15
|
end
|
16
16
|
end
|
@@ -14,7 +14,7 @@ module RequestSpecHelper
|
|
14
14
|
end
|
15
15
|
|
16
16
|
def i_should_be_on(path)
|
17
|
-
expect(
|
17
|
+
expect(page).to have_current_path(path, ignore_query: true)
|
18
18
|
end
|
19
19
|
|
20
20
|
def url_should_have_param(param, value)
|
@@ -61,18 +61,6 @@ module RequestSpecHelper
|
|
61
61
|
ActionController::HttpAuthentication::Basic.encode_credentials client.uid, client.secret
|
62
62
|
end
|
63
63
|
|
64
|
-
def should_have_json(key, value)
|
65
|
-
expect(json_response.fetch(key)).to eq(value)
|
66
|
-
end
|
67
|
-
|
68
|
-
def should_have_json_within(key, value, range)
|
69
|
-
expect(json_response.fetch(key)).to be_within(range).of(value)
|
70
|
-
end
|
71
|
-
|
72
|
-
def should_not_have_json(key)
|
73
|
-
expect(json_response).not_to have_key(key)
|
74
|
-
end
|
75
|
-
|
76
64
|
def sign_in
|
77
65
|
visit "/"
|
78
66
|
click_on "Sign in"
|