doorkeeper 0.4.2 → 0.5.0.rc1

data/spec/models/doorkeeper/access_token_spec.rb

@@ -12,6 +12,34 @@ module Doorkeeper
       let(:factory_name) { :access_token }
     end
 
+    describe :refresh_token do
+      it 'has empty refresh token if it was not required' do
+        token = FactoryGirl.create :access_token
+        token.refresh_token.should be_nil
+      end
+
+      it 'generates a refresh token if it was requested' do
+        token = FactoryGirl.create :access_token, :use_refresh_token => true
+        token.refresh_token.should_not be_nil
+      end
+
+      it "is not valid if token exists" do
+        token1 = FactoryGirl.create :access_token, :use_refresh_token => true
+        token2 = FactoryGirl.create :access_token, :use_refresh_token => true
+        token2.send :write_attribute, :refresh_token, token1.refresh_token
+        token2.should_not be_valid
+      end
+
+      it 'expects database to raise an error if refresh tokens are the same' do
+        token1 = FactoryGirl.create :access_token, :use_refresh_token => true
+        token2 = FactoryGirl.create :access_token, :use_refresh_token => true
+        expect {
+          token2.write_attribute :refresh_token, token1.refresh_token
+          token2.save(:validate => false)
+        }.to raise_error
+      end
+    end
+
     describe "validations" do
       it "is valid without resource_owner_id" do
         # For client credentials flow
@@ -66,7 +94,7 @@ module Doorkeeper
       end
 
       it 'accepts resource owner as object' do
-        resource_owner = stub(:kind_of? => true, :id => 100)
+        resource_owner = stub(:to_key => true, :id => 100)
         token = FactoryGirl.create :access_token, default_attributes
         last_token = AccessToken.matching_token_for(application, resource_owner, scopes)
         last_token.should == token
@@ -108,6 +136,18 @@ module Doorkeeper
         last_token = AccessToken.matching_token_for(application, resource_owner_id, scopes)
         last_token.should == token
       end
+
+      it 'returns as_json hash'   do
+        token = FactoryGirl.create :access_token, default_attributes
+        token_hash = {
+                      :resource_owner_id => token.resource_owner_id,
+                      :scopes => token.scopes,
+                      :expires_in_seconds => token.expires_in_seconds, 
+                      :application => { :uid => token.application.uid }
+                     }
+        token.as_json.should eq token_hash
+      end
     end
+
   end
 end

data/spec/models/doorkeeper/application_spec.rb

@@ -2,10 +2,45 @@ require 'spec_helper_integration'
 
 module Doorkeeper
   describe Application do
+    include OrmHelper
+
+    let(:require_owner) { Doorkeeper.configuration.instance_variable_set("@confirm_application_owner", true) }
+    let(:unset_require_owner) { Doorkeeper.configuration.instance_variable_set("@confirm_application_owner", false) }
     let(:new_application) { FactoryGirl.build(:application) }
 
-    it 'is valid given valid attributes' do
-      new_application.should be_valid
+    context "application_owner is enabled" do
+      before do
+        Doorkeeper.configure do
+          orm DOORKEEPER_ORM
+          enable_application_owner
+        end
+      end
+
+      context 'application owner is not required' do
+        before(:each) do
+          unset_require_owner
+        end
+
+        it 'is valid given valid attributes' do
+          new_application.should be_valid
+        end
+      end
+
+      context "application owner is required" do
+        before(:each) do
+          require_owner
+          @owner = mock_application_owner
+        end
+
+        it 'is invalid without an owner' do
+          new_application.should_not be_valid
+        end
+
+        it 'is valid with an owner' do
+          new_application.owner = @owner
+          new_application.should be_valid
+        end
+      end
     end
 
     it 'is invalid without a name' do
@@ -31,29 +66,20 @@ module Doorkeeper
       new_application.should_not be_valid
     end
 
-    it 'is invalid with a redirect_uri that is relative' do
-      new_application.save
-      new_application.redirect_uri = "/abcd"
-      new_application.should_not be_valid
-    end
-
-    it 'is invalid with a redirect_uri that has a fragment' do
-      new_application.save
-      new_application.redirect_uri = "http://example.com/abcd#xyz"
-      new_application.should_not be_valid
-    end
-
-    it 'is invalid with a redirect_uri that has a query parameter' do
-      new_application.save
-      new_application.redirect_uri = "http://example.com/abcd?xyz=123"
-      new_application.should_not be_valid
+    it 'checks uniqueness of uid' do
+      app1 = Factory(:application)
+      app2 = Factory(:application)
+      app2.uid = app1.uid
+      app2.should_not be_valid
     end
 
-    it 'checks uniqueness of uid' do
+    it 'expects database to throw an error when uids are the same' do
       app1 = FactoryGirl.create(:application)
       app2 = FactoryGirl.create(:application)
       app2.uid = app1.uid
-      app2.should_not be_valid
+      expect {
+        app2.save!(:validate => false)
+      }.to raise_error
     end
 
     it 'generate secret on create' do
@@ -123,7 +149,14 @@ module Doorkeeper
                         :secret => 'something' }
         Application.create(mass_assign).uid.should_not == 123
       end
+    end
 
+    describe :authenticate do
+      it 'finds the application via uid/secret' do
+        app = FactoryGirl.create :application
+        authenticated = Application.authenticate(app.uid, app.secret)
+        authenticated.should == app
+      end
     end
   end
 end

data/spec/requests/flows/authorization_code_spec.rb

@@ -43,7 +43,7 @@ feature 'Authorization Code Flow' do
   scenario 'revokes and return new token if it is has expired' do
     client_is_authorized(@client, @resource_owner)
     token = Doorkeeper::AccessToken.first
-    token.update_attribute :expires_in, -100
+    token.update_column :expires_in, -100
     visit authorization_endpoint_url(:client => @client)
 
     authorization_code = Doorkeeper::AccessGrant.first.token

data/spec/requests/flows/client_credentials_spec.rb

@@ -46,6 +46,8 @@ describe 'Client Credentials Request' do
       should_have_json 'error', 'invalid_client'
       should_have_json 'error_description', translated_error_message(:invalid_client)
       should_not_have_json 'access_token'
+
+      response.status.should == 401
     end
   end
 

data/spec/requests/flows/password_spec.rb

@@ -5,6 +5,21 @@
 
 require 'spec_helper_integration'
 
+feature 'Resource Owner Password Credentials Flow inproperly set up' do
+  background do
+    client_exists
+    create_resource_owner
+  end
+
+  context 'with valid user credentials' do
+    scenario "should issue new token" do
+      expect {
+        post password_token_endpoint_url(:client => @client, :resource_owner => @resource_owner)
+      }.to_not change { Doorkeeper::AccessToken.count }
+    end
+  end
+end
+
 feature 'Resource Owner Password Credentials Flow' do
   background do
     config_is_set(:resource_owner_from_credentials) { User.authenticate! params[:username], params[:password] }
@@ -32,6 +47,16 @@ feature 'Resource Owner Password Credentials Flow' do
 
       should_have_json 'refresh_token',  token.refresh_token
     end
+
+    scenario 'should return the same token if it is still accessible' do
+      client_is_authorized(@client, @resource_owner)
+
+      post password_token_endpoint_url(:client => @client, :resource_owner => @resource_owner)
+
+      Doorkeeper::AccessToken.count.should be(1)
+
+      should_have_json 'access_token', Doorkeeper::AccessToken.first.token
+    end
   end
 
   context "with invalid user credentials" do

data/spec/requests/flows/refresh_token_spec.rb

@@ -2,7 +2,10 @@ require 'spec_helper_integration'
 
 feature "Refresh Token Flow" do
   before do
-    Doorkeeper.configure { use_refresh_token }
+    Doorkeeper.configure { 
+      orm DOORKEEPER_ORM
+      use_refresh_token 
+    }
     client_exists
   end
 
@@ -44,7 +47,7 @@ feature "Refresh Token Flow" do
     end
 
     scenario "client request a token with expired access token" do
-      @token.update_attribute :expires_in, -100
+      @token.update_column :expires_in, -100
       post refresh_token_endpoint_url(:client => @client, :refresh_token => @token.refresh_token)
       should_have_json 'refresh_token', Doorkeeper::AccessToken.last.refresh_token
       @token.reload.should be_revoked

data/spec/requests/protected_resources/private_api_spec.rb

@@ -13,6 +13,13 @@ feature 'Private API' do
     page.body.should have_content("index")
   end
 
+  scenario 'client requests protected resource with disabled header authentication' do
+    config_is_set :access_token_methods, [:from_access_token_param]
+    with_access_token_header @token.token
+    visit '/full_protected_resources'
+    response_status_should_be 401
+  end
+
   scenario 'client attempts to request protected resource with invalid token' do
     with_access_token_header "invalid"
     visit '/full_protected_resources'
@@ -20,14 +27,14 @@ feature 'Private API' do
   end
 
   scenario 'client attempts to request protected resource with expired token' do
-    @token.update_attribute :expires_in, -100 # expires token
+    @token.update_column :expires_in, -100 # expires token
     with_access_token_header @token.token
     visit '/full_protected_resources'
     response_status_should_be 401
   end
 
   scenario 'client requests protected resource with permanent token' do
-    @token.update_attribute :expires_in, nil # never expires
+    @token.update_column :expires_in, nil # never expires
     with_access_token_header @token.token
     visit '/full_protected_resources'
     page.body.should have_content("index")
@@ -35,7 +42,7 @@ feature 'Private API' do
 
   scenario 'access token with no scopes' do
     optional_scopes_exist :admin
-    @token.update_attribute :scopes, nil
+    @token.update_column :scopes, nil
     with_access_token_header @token.token
     visit '/full_protected_resources/1.json'
     response_status_should_be 401

data/spec/routing/custom_controller_routes_spec.rb

@@ -0,0 +1,44 @@
+require 'spec_helper_integration'
+
+describe 'Custom controller for routes' do
+  it 'GET /space/oauth/authorize routes to custom authorizations controller' do
+    get('/space/oauth/authorize').should route_to('custom_authorizations#new')
+  end
+
+  it 'POST /space/oauth/authorize routes to custom authorizations controller' do
+    post('/space/oauth/authorize').should route_to('custom_authorizations#create')
+  end
+
+  it 'DELETE /space/oauth/authorize routes to custom authorizations controller' do
+    delete('/space/oauth/authorize').should route_to('custom_authorizations#destroy')
+  end
+
+  it 'POST /space/oauth/token routes to tokens controller' do
+    post('/space/oauth/token').should route_to('custom_authorizations#create')
+  end
+
+  it 'GET /space/oauth/applications routes to applications controller' do
+    get('/space/oauth/applications').should route_to('custom_authorizations#index')
+  end
+
+  it 'GET /space/oauth/token/info routes to the token_info controller' do
+    get('/space/oauth/token/info').should route_to('custom_authorizations#show')  
+  end
+
+  it 'POST /outer_space/oauth/token is not be routable' do
+    post('/outer_space/oauth/token').should_not be_routable
+  end
+
+  it 'GET /outer_space/oauth/authorize routes to custom authorizations controller' do
+    get('/outer_space/oauth/authorize').should be_routable
+  end
+
+  it 'GET /outer_space/oauth/applications is not routable' do
+    get('/outer_space/oauth/applications').should_not be_routable
+  end
+
+  it 'GET /outer_space/oauth/token_info is not routable' do
+    get('/outer_space/oauth/token/info').should_not be_routable
+  end
+    
+end

data/spec/routing/default_routes_spec.rb

@@ -0,0 +1,32 @@
+require 'spec_helper_integration'
+
+describe 'Default routes' do
+  it 'GET /oauth/authorize routes to authorizations controller' do
+    get('/oauth/authorize').should route_to('doorkeeper/authorizations#new')
+  end
+
+  it 'POST /oauth/authorize routes to authorizations controller' do
+    post('/oauth/authorize').should route_to('doorkeeper/authorizations#create')
+  end
+
+  it 'DELETE /oauth/authorize routes to authorizations controller' do
+    delete('/oauth/authorize').should route_to('doorkeeper/authorizations#destroy')
+  end
+
+  it 'POST /oauth/token routes to tokens controller' do
+    post('/oauth/token').should route_to('doorkeeper/tokens#create')
+  end
+
+  it 'GET /oauth/applications routes to applications controller' do
+    get('/oauth/applications').should route_to('doorkeeper/applications#index')
+  end
+
+  it 'GET /oauth/authorized_applications routes to authorized applications controller' do
+    get('/oauth/authorized_applications').should route_to('doorkeeper/authorized_applications#index')
+  end
+
+  it 'GET /oauth/token/info route to authorzed tokeninfo controller' do
+    get('/oauth/token/info').should route_to('doorkeeper/token_info#show')    
+  end
+
+end

data/spec/spec_helper.rb

@@ -1 +1,2 @@
 $LOAD_PATH.unshift File.expand_path(File.join(File.dirname(__FILE__), "../lib"))
+$LOAD_PATH.unshift File.expand_path(File.join(File.dirname(__FILE__), "../app"))

data/spec/spec_helper_integration.rb

@@ -1,21 +1,24 @@
 ENV["RAILS_ENV"] ||= 'test'
-require File.expand_path("../dummy/config/environment", __FILE__)
+DOORKEEPER_ORM = (ENV["DOORKEEPER_ORM"] || :active_record).to_sym
 
+$:.unshift File.dirname(__FILE__)
+
+require 'dummy/config/environment'
 require 'rspec/rails'
 require 'rspec/autorun'
 require 'generator_spec/test_case'
 require 'timecop'
+require 'database_cleaner'
 
-ENGINE_RAILS_ROOT = File.join(File.dirname(__FILE__), '../')
-
+puts "====> Doorkeeper.orm = #{Doorkeeper.configuration.orm.inspect}"
 puts "====> Rails version: #{Rails.version}"
 puts "====> Ruby version: #{RUBY_VERSION}"
 
-# load schema to in memory sqlite
-ActiveRecord::Migration.verbose = false
-load Rails.root + "db/schema.rb"
+require "support/orm/#{Doorkeeper.configuration.orm}"
 
-Dir[File.join(ENGINE_RAILS_ROOT, "spec/support/**/*.rb")].each { |f| require f }
+ENGINE_RAILS_ROOT = File.join(File.dirname(__FILE__), '../')
+
+Dir["#{File.dirname(__FILE__)}/support/{dependencies,helpers,shared}/*.rb"].each { |f| require f }
 
 RSpec.configure do |config|
   config.mock_with :rspec
@@ -23,6 +26,13 @@ RSpec.configure do |config|
   config.infer_base_class_for_anonymous_controllers = false
 
   config.before do
-    Doorkeeper.configure {}
+    DatabaseCleaner.start
+    Doorkeeper.configure {
+      orm DOORKEEPER_ORM
+    }
+  end
+
+  config.after do
+    DatabaseCleaner.clean
   end
 end

data/spec/support/dependencies/factory_girl.rb

@@ -1,5 +1,2 @@
 require 'factory_girl'
-
-FactoryGirl.definition_file_paths << File.join(ENGINE_RAILS_ROOT, 'spec/factories')
-
 FactoryGirl.find_definitions

data/spec/support/orm/active_record.rb

@@ -0,0 +1,11 @@
+# load schema to in memory sqlite
+ActiveRecord::Migration.verbose = false
+load Rails.root + "db/schema.rb"
+
+module Doorkeeper
+  module OrmHelper
+  	def mock_application_owner
+      mock_model 'User', :id => 1234
+  	end
+  end
+end

data/spec/support/orm/mongoid.rb

@@ -0,0 +1,26 @@
+DatabaseCleaner[:mongoid].strategy = :truncation
+DatabaseCleaner[:mongoid].clean_with :truncation
+
+RSpec.configure do |config|
+  config.before :suite do
+    Doorkeeper::Application.create_indexes
+    Doorkeeper::AccessGrant.create_indexes
+    Doorkeeper::AccessToken.create_indexes
+  end
+end
+
+module Doorkeeper
+  class PlaceholderApplicationOwner
+    include Mongoid::Document
+
+    self.store_in :placeholder_application_owners
+    has_many :applications
+
+  end
+
+  module OrmHelper
+  	def mock_application_owner
+  		PlaceholderApplicationOwner.new
+  	end
+  end
+end