doorkeeper 0.4.2 → 0.5.0.rc1

data/spec/generators/migration_generator_spec.rb

@@ -0,0 +1,20 @@
+require 'spec_helper_integration'
+require 'generators/doorkeeper/migration_generator'
+
+describe 'Doorkeeper::MigrationGenerator' do
+  include GeneratorSpec::TestCase
+
+  tests Doorkeeper::MigrationGenerator
+  destination ::File.expand_path("../tmp/dummy", __FILE__)
+
+  describe "after running the generator" do
+    before :each do
+      prepare_destination
+      run_generator
+    end
+
+    it "creates a migration" do
+      assert_migration "db/migrate/create_doorkeeper_tables.rb"
+    end
+  end
+end

data/spec/lib/config_spec.rb

@@ -7,6 +7,7 @@ describe Doorkeeper, "configuration" do
     it "sets the block that is accessible via authenticate_resource_owner" do
       block = proc do end
       Doorkeeper.configure do
+        orm DOORKEEPER_ORM
         resource_owner_authenticator &block
       end
       subject.authenticate_resource_owner.should == block
@@ -17,6 +18,7 @@ describe Doorkeeper, "configuration" do
     it "sets the block that is accessible via authenticate_admin" do
       block = proc do end
       Doorkeeper.configure do
+        orm DOORKEEPER_ORM
         admin_authenticator &block
       end
       subject.authenticate_admin.should == block
@@ -30,6 +32,7 @@ describe Doorkeeper, "configuration" do
 
     it "can change the value" do
       Doorkeeper.configure do
+        orm DOORKEEPER_ORM
         access_token_expires_in 4.hours
       end
       subject.access_token_expires_in.should == 4.hours
@@ -37,6 +40,7 @@ describe Doorkeeper, "configuration" do
 
     it "can be set to nil" do
       Doorkeeper.configure do
+        orm DOORKEEPER_ORM
         access_token_expires_in nil
       end
       subject.access_token_expires_in.should be_nil
@@ -45,17 +49,24 @@ describe Doorkeeper, "configuration" do
 
   describe "scopes" do
     it "has default scopes" do
-      Doorkeeper.configure { default_scopes :public }
+      Doorkeeper.configure {
+        orm DOORKEEPER_ORM
+        default_scopes :public
+      }
       subject.default_scopes.should include(:public)
     end
 
     it 'has optional scopes' do
-      Doorkeeper.configure { optional_scopes :write, :update }
+      Doorkeeper.configure {
+        orm DOORKEEPER_ORM
+        optional_scopes :write, :update
+      }
       subject.optional_scopes.should include(:write, :update)
     end
 
     it 'has all scopes' do
       Doorkeeper.configure do
+        orm DOORKEEPER_ORM
         default_scopes  :normal
         optional_scopes :admin
       end
@@ -69,7 +80,10 @@ describe Doorkeeper, "configuration" do
     end
 
     it "can change the value" do
-      Doorkeeper.configure { use_refresh_token }
+      Doorkeeper.configure {
+        orm DOORKEEPER_ORM
+        use_refresh_token
+      }
       subject.refresh_token_enabled?.should be_true
     end
   end
@@ -80,8 +94,62 @@ describe Doorkeeper, "configuration" do
     end
 
     it "can change the value" do
-      Doorkeeper.configure { client_credentials :from_digest, :from_params }
+      Doorkeeper.configure {
+        orm DOORKEEPER_ORM
+        client_credentials :from_digest, :from_params
+      }
       subject.client_credentials_methods.should == [:from_digest, :from_params]
     end
   end
+
+  describe 'access_token_credentials' do
+    it 'has defaults order' do
+      subject.access_token_methods.should == [:from_bearer_authorization, :from_access_token_param, :from_bearer_param]
+    end
+
+    it "can change the value" do
+      Doorkeeper.configure {
+        orm DOORKEEPER_ORM
+        access_token_methods :from_access_token_param, :from_bearer_param
+      }
+      subject.access_token_methods.should == [:from_access_token_param, :from_bearer_param]
+    end
+  end
+
+  describe "enable_application_owner" do
+    it "is disabled by default" do
+      Doorkeeper.configuration.enable_application_owner?.should_not be_true
+    end
+
+    context "when enabled without confirmation" do
+      before do
+        Doorkeeper.configure do
+          orm DOORKEEPER_ORM
+          enable_application_owner
+        end
+      end
+      it "adds support for application owner" do
+        Doorkeeper::Application.new.should respond_to :owner
+      end
+      it "Doorkeeper.configuration.confirm_application_owner? returns false" do
+        Doorkeeper.configuration.confirm_application_owner?.should_not be_true
+      end
+    end
+
+    context "when enabled with confirmation set to true" do
+      before do
+        Doorkeeper.configure do
+          orm DOORKEEPER_ORM
+          enable_application_owner :confirmation => true
+        end
+      end
+      it "adds support for application owner" do
+        Doorkeeper::Application.new.should respond_to :owner
+      end
+      it "Doorkeeper.configuration.confirm_application_owner? returns true" do
+        Doorkeeper.configuration.confirm_application_owner?.should be_true
+      end
+    end
+
+  end
 end

data/spec/lib/models/expirable_spec.rb

@@ -31,19 +31,16 @@ describe 'Expirable' do
     end
   end
 
-  describe :time_left do
-    it "returns the time in seconds since it was created" do
-      Timecop.freeze(Time.now) do
-        subject.stub :created_at => Time.now, :expires_in => 10.seconds
-        subject.time_left.should == 10.seconds
-      end
+  describe :expires_in_seconds do
+    it "should return the amount of time remaining until the token is expired" do
+      subject.stub :expires_in => 2.minutes
+      subject.expires_in_seconds.should == 60 
     end
 
-    it "returns 0 if token has expired" do
-      Timecop.freeze(Time.now + 1.minute) do
-        subject.stub :created_at => 1.minutes.ago, :expires_in => 10.seconds
-        subject.time_left.should == 0
-      end
+    it "should return 0 when expired" do
+      subject.stub :expires_in => 30.seconds
+      subject.expires_in_seconds.should == 0 
     end
+    
   end
 end

data/spec/lib/models/revocable_spec.rb

@@ -12,7 +12,7 @@ describe 'Revocable' do
   describe :revoke do
     it "updates :revoked_at attribute with current time" do
       clock = double :now => stub
-      subject.should_receive(:update_attribute).with(:revoked_at, clock.now)
+      subject.should_receive(:update_column).with(:revoked_at, clock.now)
       subject.revoke(clock)
     end
   end

data/spec/lib/oauth/access_token_request_spec.rb

@@ -56,16 +56,19 @@ module Doorkeeper::OAuth
     end
 
     describe "with a valid authorization code, client and existing expired access token" do
-      subject { AccessTokenRequest.new(client, params) }
+      before do
+        AccessTokenRequest.new(client, params).authorize
+        last_token = Doorkeeper::AccessToken.last
+        # TODO: make this better, maybe with an expire! method?
+        last_token.update_column :created_at, 10.days.ago
+      end
 
       it "will create a new token" do
-        subject.authorize
-        expired_access_token = subject.access_token.dup
-        subject.access_token.created_at = Time.now - subject.access_token.expires_in - 1.second
-        subject.should_receive(:create_access_token)
-        subject.access_token.should_receive(:revoke)
-        subject.authorize
-        subject.access_token.should_not eq(expired_access_token)
+        grant = FactoryGirl.create(:access_grant, :application => client)
+        authorization = AccessTokenRequest.new(client, params.merge(:code => grant.token))
+        expect {
+          authorization.authorize
+        }.to change { Doorkeeper::AccessToken.count }.by(1)
       end
     end
 
@@ -165,7 +168,10 @@ module Doorkeeper::OAuth
     }
 
     before do
-      Doorkeeper.configure { use_refresh_token }
+      Doorkeeper.configure { 
+        orm DOORKEEPER_ORM
+        use_refresh_token 
+      }
     end
 
     describe "with a valid authorization code and client" do

data/spec/lib/oauth/authorization_request_spec.rb

@@ -13,6 +13,7 @@ module Doorkeeper::OAuth
     end
 
     before :each do
+      Doorkeeper.configuration.stub(:confirm_application_owner?).and_return(false)
       Doorkeeper.configuration.stub(:default_scopes).and_return(Doorkeeper::OAuth::Scopes.from_string('public write'))
     end
 

data/spec/lib/oauth/client_credentials_request_spec.rb

@@ -25,16 +25,22 @@ module Doorkeeper::OAuth
       subject.response.should be_a(ClientCredentialsRequest::Response)
     end
 
-    it 'has an error response if issue was not created' do
-      subject.issuer = stub :create => false, :error => :invalid
-      subject.authorize
-      subject.response.should be_a(Doorkeeper::OAuth::ErrorResponse)
-    end
+    context 'if issue was not created' do
+      before do
+        subject.issuer = stub :create => false, :error => :invalid
+      end
 
-    it 'delegates the error to issuer' do
-      subject.issuer = stub :create => false, :error => :invalid
-      subject.authorize
-      subject.error.should == :invalid
+      its(:authorize) { should be_false }
+
+      it 'has an error response' do
+        subject.authorize
+        subject.response.should be_a(Doorkeeper::OAuth::ErrorResponse)
+      end
+
+      it 'delegates the error to issuer' do
+        subject.authorize
+        subject.error.should == :invalid
+      end
     end
 
     context 'with scopes' do

data/spec/lib/oauth/client_spec.rb

@@ -4,22 +4,19 @@ require 'active_support/core_ext/string'
 require 'doorkeeper/oauth/client'
 
 module Doorkeeper::OAuth
-  class Doorkeeper::Application
-  end
-
   describe Client do
     describe :find do
-      let(:uid) { "some-uid" }
+      let(:method) { mock }
 
       it 'finds the client via uid' do
         client = stub
-        Doorkeeper::Application.should_receive(:find_by_uid).with(uid).and_return(client)
-        Client.find(uid).should be_a(Client)
+        method.should_receive(:call).with('uid').and_return(client)
+        Client.find('uid', method).should be_a(Client)
       end
 
       it 'returns nil if client was not found' do
-        Doorkeeper::Application.should_receive(:find_by_uid).with(uid).and_return(nil)
-        Client.find(uid).should be_nil
+        method.should_receive(:call).with('uid').and_return(nil)
+        Client.find('uid', method).should be_nil
       end
     end
 

data/spec/lib/oauth/helpers/unique_token_spec.rb

@@ -3,36 +3,18 @@ require 'doorkeeper/oauth/helpers/unique_token'
 
 module Doorkeeper::OAuth::Helpers
   describe UniqueToken do
-    let(:klass) { mock }
-
     let :generator do
       lambda { |size| "a" * size }
     end
 
-    it "finds in the collection with given attribute" do
-      klass.should_receive(:find_by_attribute).and_return(nil)
-      UniqueToken.generate_for(:attribute, klass, :generator => generator)
-    end
-
     it "is able to customize the generator method" do
-      klass.stub(:find_by_attribute).and_return(nil)
-      token = UniqueToken.generate_for(:attribute, klass, :generator => generator)
+      token = UniqueToken.generate(:generator => generator)
       token.should == "a" * 32
     end
 
     it "is able to customize the size of the token" do
-      klass.stub(:find_by_attribute).and_return(nil)
-      token = UniqueToken.generate_for(:attribute, klass, :generator => generator, :size => 2)
+      token = UniqueToken.generate(:generator => generator, :size => 2)
       token.should == "aa"
     end
-
-    it "reattempt to create a token if has already found one" do
-      existing_tokens  = ["a"*32, nil]
-      attempted_tokens = ["a"*32, "b"]
-      generator        = lambda { |size| attempted_tokens.pop }
-      klass.stub(:find_by_attribute) { existing_tokens.pop }
-      token = UniqueToken.generate_for(:attribute, klass, :generator => generator)
-      token.should == "b"
-    end
   end
 end

data/spec/lib/oauth/password_access_token_request_spec.rb

@@ -2,7 +2,7 @@ require 'spec_helper_integration'
 
 module Doorkeeper::OAuth
   describe PasswordAccessTokenRequest do
-    let(:client) { Factory(:application) }
+    let(:client) { FactoryGirl.create(:application) }
     let(:owner)  { User.create!(:name => "Joe", :password => "sekret") }
     let(:params) {
       {
@@ -63,7 +63,10 @@ module Doorkeeper::OAuth
       end
 
       it "creates a refresh token if Doorkeeper is configured to do so" do
-        Doorkeeper.configure { use_refresh_token }
+        Doorkeeper.configure { 
+          orm DOORKEEPER_ORM
+          use_refresh_token 
+        }
 
         Doorkeeper::AccessToken.should_receive(:create!).with({
           :application_id    => client.id,
@@ -92,14 +95,17 @@ module Doorkeeper::OAuth
     describe "with an existing expired access token" do
       subject { PasswordAccessTokenRequest.new(client, owner, params) }
 
+      before do
+        PasswordAccessTokenRequest.new(client, owner, params).authorize
+        last_token = Doorkeeper::AccessToken.last
+        # TODO: make this better, maybe with an expire! method?
+        last_token.update_column :created_at, 10.days.ago
+      end
+
       it "will create a new token" do
-        subject.authorize
-        expired_access_token = subject.access_token.dup
-        subject.access_token.created_at = Time.now - subject.access_token.expires_in - 1.second
-        subject.should_receive(:create_access_token)
-        subject.access_token.should_receive(:revoke)
-        subject.authorize
-        subject.access_token.should_not eq(expired_access_token)
+        expect {
+          subject.authorize
+        }.to change { Doorkeeper::AccessToken.count }.by(1)
       end
     end
 
@@ -135,6 +141,7 @@ module Doorkeeper::OAuth
 
       before do
         Doorkeeper.configure do
+          orm DOORKEEPER_ORM
           default_scopes :public
         end
       end

data/spec/lib/oauth/token_spec.rb

@@ -0,0 +1,83 @@
+require 'spec_helper'
+require 'active_support/core_ext/string'
+require 'doorkeeper/oauth/token'
+
+module Doorkeeper
+  unless defined?(AccessToken)
+    class AccessToken
+    end
+  end
+
+  module OAuth
+    describe Token do
+      describe :from_request do
+        let(:request) { stub.as_null_object }
+
+        let(:method) do
+          lambda { |request| return 'token-value' }
+        end
+
+        it 'accepts anything that responds to #call' do
+          method.should_receive(:call).with(request)
+          Token.from_request request, method
+        end
+
+        it 'delegates methods received as symbols to Token class' do
+          Token.should_receive(:from_params).with(request)
+          Token.from_request request, :from_params
+        end
+
+        it 'stops at the first credentials found' do
+          not_called_method = mock
+          not_called_method.should_not_receive(:call)
+          credentials = Token.from_request request, lambda { |r| }, method, not_called_method
+        end
+
+        it 'returns the credential from extractor method' do
+          credentials = Token.from_request request, method
+          credentials.should == 'token-value'
+        end
+      end
+
+      describe :from_access_token_param do
+        it 'returns token from access_token parameter' do
+          request = stub :parameters => { :access_token => 'some-token' }
+          token   = Token.from_access_token_param(request)
+          token.should == "some-token"
+        end
+      end
+
+      describe :from_bearer_param do
+        it 'returns token from bearer_token parameter' do
+          request = stub :parameters => { :bearer_token => 'some-token' }
+          token   = Token.from_bearer_param(request)
+          token.should == "some-token"
+        end
+      end
+
+      describe :from_bearer_authorization do
+        it 'returns token from authorization bearer' do
+          request = stub :authorization => "Bearer SomeToken"
+          token   = Token.from_bearer_authorization(request)
+          token.should == "SomeToken"
+        end
+
+        it 'does not return token if authorization is not bearer' do
+          request = stub :authorization => "MAC SomeToken"
+          token   = Token.from_bearer_authorization(request)
+          token.should be_blank
+        end
+      end
+
+      describe :authenticate do
+        let(:finder) { mock :finder }
+
+        it 'calls the finder if token was found' do
+          token = lambda { |r| 'token' }
+          AccessToken.should_receive(:authenticate).with('token')
+          Token.authenticate stub, token
+        end
+      end
+    end
+  end
+end