dreamwords-oauth2 0.8.1

data/spec/oauth2/client_spec.rb

@@ -0,0 +1,187 @@
+require 'helper'
+
+describe OAuth2::Client do
+  let!(:error_value) {'invalid_token'}
+  let!(:error_description_value) {'bad bad token'}
+
+  subject do
+    OAuth2::Client.new('abc', 'def', :site => 'https://api.example.com') do |builder|
+      builder.adapter :test do |stub|
+        stub.get('/success')      {|env| [200, {'Content-Type' => 'text/awesome'}, 'yay']}
+        stub.get('/reflect')      {|env| [200, {}, env[:body]]}
+        stub.post('/reflect')     {|env| [200, {}, env[:body]]}
+        stub.get('/unauthorized') {|env| [401, {'Content-Type' => 'application/json'}, MultiJson.encode(:error => error_value, :error_description => error_description_value)]}
+        stub.get('/conflict')     {|env| [409, {'Content-Type' => 'text/plain'}, 'not authorized']}
+        stub.get('/redirect')     {|env| [302, {'Content-Type' => 'text/plain', 'location' => '/success' }, '']}
+        stub.post('/redirect')    {|env| [303, {'Content-Type' => 'text/plain', 'location' => '/reflect' }, '']}
+        stub.get('/error')        {|env| [500, {'Content-Type' => 'text/plain'}, 'unknown error']}
+        stub.get('/empty_get')    {|env| [204, {}, nil]}
+      end
+    end
+  end
+
+  describe '#initialize' do
+    it 'should assign id and secret' do
+      subject.id.should == 'abc'
+      subject.secret.should == 'def'
+    end
+
+    it 'should assign site from the options hash' do
+      subject.site.should == 'https://api.example.com'
+    end
+
+    it 'should assign Faraday::Connection#host' do
+      subject.connection.host.should == 'api.example.com'
+    end
+
+    it 'should leave Faraday::Connection#ssl unset' do
+      subject.connection.ssl.should == {}
+    end
+
+    it "should be able to pass a block to configure the connection" do
+      connection = stub('connection')
+      session = stub('session', :to_ary => nil)
+      builder = stub('builder')
+      connection.stub(:build).and_yield(builder)
+      Faraday::Connection.stub(:new => connection)
+
+      builder.should_receive(:adapter).with(:test)
+
+      OAuth2::Client.new('abc', 'def') do |builder|
+        builder.adapter :test
+      end.connection
+    end
+
+    it "defaults raise_errors to true" do
+      subject.options[:raise_errors].should be_true
+    end
+
+    it "allows true/false for raise_errors option" do
+      client = OAuth2::Client.new('abc', 'def', :site => 'https://api.example.com', :raise_errors => false)
+      client.options[:raise_errors].should be_false
+      client = OAuth2::Client.new('abc', 'def', :site => 'https://api.example.com', :raise_errors => true)
+      client.options[:raise_errors].should be_true
+    end
+
+    it "allows get/post for access_token_method option" do
+      client = OAuth2::Client.new('abc', 'def', :site => 'https://api.example.com', :access_token_method => :get)
+      client.options[:access_token_method].should == :get
+      client = OAuth2::Client.new('abc', 'def', :site => 'https://api.example.com', :access_token_method => :post)
+      client.options[:access_token_method].should == :post
+    end
+  end
+
+  %w(authorize token).each do |url_type|
+    describe ":#{url_type}_url option" do
+      it "should default to a path of /oauth/#{url_type}" do
+        subject.send("#{url_type}_url").should == "https://api.example.com/oauth/#{url_type}"
+      end
+
+      it "should be settable via the :#{url_type}_url option" do
+        subject.options[:"#{url_type}_url"] = '/oauth/custom'
+        subject.send("#{url_type}_url").should == 'https://api.example.com/oauth/custom'
+      end
+
+      it "allows a different host than the site" do
+        subject.options[:"#{url_type}_url"] = 'https://api.foo.com/oauth/custom'
+        subject.send("#{url_type}_url").should == 'https://api.foo.com/oauth/custom'
+      end
+    end
+  end
+
+  describe "#request" do
+    it "works with a null response body" do
+      subject.request(:get, 'empty_get').body.should == ''
+    end
+
+    it "returns on a successful response" do
+      response = subject.request(:get, '/success')
+      response.body.should == 'yay'
+      response.status.should == 200
+      response.headers.should == {'Content-Type' => 'text/awesome'}
+    end
+
+    it "posts a body" do
+      response = subject.request(:post, '/reflect', :body => 'foo=bar')
+      response.body.should == 'foo=bar'
+    end
+
+    it "follows redirects properly" do
+      response = subject.request(:get, '/redirect')
+      response.body.should == 'yay'
+      response.status.should == 200
+      response.headers.should == {'Content-Type' => 'text/awesome'}
+    end
+
+    it "redirects using GET on a 303" do
+      response = subject.request(:post, '/redirect', :body => 'foo=bar')
+      response.body.should be_empty
+      response.status.should == 200
+    end
+
+    it "obeys the :max_redirects option" do
+      max_redirects = subject.options[:max_redirects]
+      subject.options[:max_redirects] = 0
+      response = subject.request(:get, '/redirect')
+      response.status.should == 302
+      subject.options[:max_redirects] = max_redirects
+    end
+
+    it "returns if raise_errors is false" do
+      subject.options[:raise_errors] = false
+      response = subject.request(:get, '/unauthorized')
+
+      response.status.should == 401
+      response.headers.should == {'Content-Type' => 'application/json'}
+      response.error.should_not be_nil
+    end
+
+    %w(/unauthorized /conflict /error).each do |error_path|
+      it "raises OAuth2::Error on error response to path #{error_path}" do
+        lambda {subject.request(:get, error_path)}.should raise_error(OAuth2::Error)
+      end
+    end
+
+    it 'parses OAuth2 standard error response' do
+      begin
+        subject.request(:get, '/unauthorized')
+      rescue Exception => e
+        e.code.should == error_value
+        e.description.should == error_description_value
+        e.to_s.should match(/#{error_value}/)
+        e.to_s.should match(/#{error_description_value}/)
+      end
+    end
+
+    it "provides the response in the Exception" do
+      begin
+        subject.request(:get, '/error')
+      rescue Exception => e
+        e.response.should_not be_nil
+        e.to_s.should match(/unknown error/)
+      end
+    end
+  end
+
+  it '#auth_code should instantiate a AuthCode strategy with this client' do
+    subject.auth_code.should be_kind_of(OAuth2::Strategy::AuthCode)
+  end
+
+  it '#implicit should instantiate a Implicit strategy with this client' do
+    subject.implicit.should be_kind_of(OAuth2::Strategy::Implicit)
+  end
+
+  context 'with SSL options' do
+    subject do
+      cli = OAuth2::Client.new('abc', 'def', :site => 'https://api.example.com', :ssl => {:ca_file => 'foo.pem'})
+      cli.connection.build do |b|
+        b.adapter :test
+      end
+      cli
+    end
+
+    it 'should pass the SSL options along to Faraday::Connection#ssl' do
+      subject.connection.ssl.should == {:ca_file => 'foo.pem'}
+    end
+  end
+end

data/spec/oauth2/response_spec.rb

@@ -0,0 +1,91 @@
+require 'helper'
+
+describe OAuth2::Response do
+  describe '#initialize' do
+    let(:status) {200}
+    let(:headers) {{'foo' => 'bar'}}
+    let(:body) {'foo'}
+
+    it 'returns the status, headers and body' do
+      response = double('response', :headers => headers,
+                                    :status  => status,
+                                    :body    => body)
+      subject = Response.new(response)
+      subject.headers.should == headers
+      subject.status.should == status
+      subject.body.should == body
+    end
+  end
+
+  describe '.register_parser' do
+    let(:response) {
+      double('response', :headers => {'Content-Type' => 'application/foo-bar'},
+                         :status => 200,
+                         :body => 'baz')
+    }
+    before do
+      OAuth2::Response.register_parser(:foobar, 'application/foo-bar') do |body|
+        "foobar #{body}"
+      end
+    end
+
+    it 'should add to the content types and parsers' do
+      OAuth2::Response::PARSERS.keys.should be_include(:foobar)
+      OAuth2::Response::CONTENT_TYPES.keys.should be_include('application/foo-bar')
+    end
+
+    it 'should be able to parse that content type automatically' do
+      OAuth2::Response.new(response).parsed.should == 'foobar baz'
+    end
+  end
+
+  describe '#parsed' do
+    it "parses application/x-www-form-urlencoded body" do
+      headers = {'Content-Type' => 'application/x-www-form-urlencoded'}
+      body = 'foo=bar&answer=42'
+      response = double('response', :headers => headers, :body => body)
+      subject = Response.new(response)
+      subject.parsed.keys.size.should == 2
+      subject.parsed['foo'].should == 'bar'
+      subject.parsed['answer'].should == '42'
+    end
+
+    it "parses application/json body" do
+      headers = {'Content-Type' => 'application/json'}
+      body = MultiJson.encode(:foo => 'bar', :answer => 42)
+      response = double('response', :headers => headers, :body => body)
+      subject = Response.new(response)
+      subject.parsed.keys.size.should == 2
+      subject.parsed['foo'].should == 'bar'
+      subject.parsed['answer'].should == 42
+    end
+
+    it "doesn't try to parse other content-types" do
+      headers = {'Content-Type' => 'text/html'}
+      body = '<!DOCTYPE html><html><head></head><body></body></html>'
+
+      response = double('response', :headers => headers, :body => body)
+
+      MultiJson.should_not_receive(:decode)
+      MultiJson.should_not_receive(:load)
+      Rack::Utils.should_not_receive(:parse_query)
+
+      subject = Response.new(response)
+      subject.parsed.should be_nil
+    end
+  end
+
+  context 'xml parser registration' do
+    it 'should try to load multi_xml and use it' do
+      OAuth2::Response::PARSERS[:xml].should_not be_nil
+    end
+
+    it 'should be able to parse xml' do
+      headers = {'Content-Type' => 'text/xml'}
+      body = '<?xml version="1.0" standalone="yes" ?><foo><bar>baz</bar></foo>'
+
+      response = double('response', :headers => headers, :body => body)
+      OAuth2::Response.new(response).parsed.should == {"foo" => {"bar" => "baz"}}
+    end
+  end
+end

data/spec/oauth2/strategy/assertion_spec.rb

@@ -0,0 +1,57 @@
+require 'helper'
+
+describe OAuth2::Strategy::Assertion do
+  let(:client) do
+    cli = OAuth2::Client.new('abc', 'def', :site => 'http://api.example.com')
+    cli.connection.build do |b|
+      b.adapter :test do |stub|
+        stub.post('/oauth/token') do |env|
+          case @mode
+            when "formencoded"
+              [200, {'Content-Type' => 'application/x-www-form-urlencoded'}, 'expires_in=600&access_token=salmon&refresh_token=trout']
+            when "json"
+              [200, {'Content-Type' => 'application/json'}, '{"expires_in":600,"access_token":"salmon","refresh_token":"trout"}']
+          end
+        end
+      end
+    end
+    cli
+  end
+
+  let(:params) { {:hmac_secret => 'foo'}}
+
+  subject {client.assertion}
+
+  describe "#authorize_url" do
+    it "should raise NotImplementedError" do
+      lambda {subject.authorize_url}.should raise_error(NotImplementedError)
+    end
+  end
+
+  %w(json formencoded).each do |mode|
+    describe "#get_token (#{mode})" do
+      before do
+        @mode = mode
+        @access = subject.get_token(params)
+      end
+
+      it 'returns AccessToken with same Client' do
+        @access.client.should == client
+      end
+
+      it 'returns AccessToken with #token' do
+        @access.token.should == 'salmon'
+      end
+
+      it 'returns AccessToken with #expires_in' do
+        @access.expires_in.should == 600
+      end
+
+      it 'returns AccessToken with #expires_at' do
+        @access.expires_at.should_not be_nil
+      end
+    end
+  end
+
+end
+

data/spec/oauth2/strategy/auth_code_spec.rb

@@ -0,0 +1,88 @@
+require 'helper'
+
+describe OAuth2::Strategy::AuthCode do
+  let(:code) {'sushi'}
+  let(:kvform_token) {'expires_in=600&access_token=salmon&refresh_token=trout&extra_param=steve'}
+  let(:facebook_token) {kvform_token.gsub('_in', '')}
+  let(:json_token) {MultiJson.encode(:expires_in => 600, :access_token => 'salmon', :refresh_token => 'trout', :extra_param => 'steve')}
+
+  let(:client) do
+    OAuth2::Client.new('abc', 'def', :site => 'http://api.example.com') do |builder|
+      builder.adapter :test do |stub|
+        stub.get("/oauth/token?client_id=abc&client_secret=def&code=#{code}&grant_type=authorization_code") do |env|
+          case @mode
+          when "formencoded"
+            [200, {'Content-Type' => 'application/x-www-form-urlencoded'}, kvform_token]
+          when "json"
+            [200, {'Content-Type' => 'application/json'}, json_token]
+          when "from_facebook"
+            [200, {'Content-Type' => 'application/x-www-form-urlencoded'}, facebook_token]
+          end
+        end
+        stub.post('/oauth/token', {'client_id' => 'abc', 'client_secret' => 'def', 'code' => 'sushi', 'grant_type' => 'authorization_code'}) do |env|
+          case @mode
+          when "formencoded"
+            [200, {'Content-Type' => 'application/x-www-form-urlencoded'}, kvform_token]
+          when "json"
+            [200, {'Content-Type' => 'application/json'}, json_token]
+          when "from_facebook"
+            [200, {'Content-Type' => 'application/x-www-form-urlencoded'}, facebook_token]
+          end
+        end
+      end
+    end
+  end
+
+  subject {client.auth_code}
+
+  describe '#authorize_url' do
+    it 'should include the client_id' do
+      subject.authorize_url.should be_include('client_id=abc')
+    end
+
+    it 'should include the type' do
+      subject.authorize_url.should be_include('response_type=code')
+    end
+
+    it 'should include passed in options' do
+      cb = 'http://myserver.local/oauth/callback'
+      subject.authorize_url(:redirect_uri => cb).should be_include("redirect_uri=#{Rack::Utils.escape(cb)}")
+    end
+  end
+
+  %w(json formencoded from_facebook).each do |mode|
+    [:get, :post].each do |verb|
+      describe "#get_token (#{mode}, access_token_method=#{verb}" do
+        before :each do
+          @mode = mode
+          client.options[:token_method] = verb
+          @access = subject.get_token(code)
+        end
+
+        it 'returns AccessToken with same Client' do
+          @access.client.should == client
+        end
+
+        it 'returns AccessToken with #token' do
+          @access.token.should == 'salmon'
+        end
+
+        it 'returns AccessToken with #refresh_token' do
+          @access.refresh_token.should == 'trout'
+        end
+
+        it 'returns AccessToken with #expires_in' do
+          @access.expires_in.should == 600
+        end
+
+        it 'returns AccessToken with #expires_at' do
+          @access.expires_at.should be_kind_of(Integer)
+        end
+
+        it 'returns AccessToken with params accessible via []' do
+          @access['extra_param'].should == 'steve'
+        end
+      end
+    end
+  end
+end

data/spec/oauth2/strategy/base_spec.rb

@@ -0,0 +1,7 @@
+require 'helper'
+
+describe OAuth2::Strategy::Base do
+  it 'should initialize with a Client' do
+    lambda{OAuth2::Strategy::Base.new(OAuth2::Client.new('abc', 'def'))}.should_not raise_error
+  end
+end

data/spec/oauth2/strategy/client_credentials_spec.rb

@@ -0,0 +1,70 @@
+require 'helper'
+
+describe OAuth2::Strategy::ClientCredentials do
+  let(:kvform_token) { 'expires_in=600&access_token=salmon&refresh_token=trout' }
+  let(:json_token) { '{"expires_in":600,"access_token":"salmon","refresh_token":"trout"}' }
+
+  let(:client) do
+    OAuth2::Client.new('abc', 'def', :site => 'http://api.example.com') do |builder|
+      builder.adapter :test do |stub|
+        stub.post('/oauth/token', {'grant_type' => 'client_credentials'}) do |env|
+          client_id, client_secret = HTTPAuth::Basic.unpack_authorization(env[:request_headers]['Authorization'])
+          client_id == 'abc' && client_secret == 'def' or raise Faraday::Adapter::Test::Stubs::NotFound.new
+          case @mode
+          when "formencoded"
+            [200, {'Content-Type' => 'application/x-www-form-urlencoded'}, kvform_token]
+          when "json"
+            [200, {'Content-Type' => 'application/json'}, json_token]
+          end
+        end
+        stub.post('/oauth/token', {'client_id' => 'abc', 'client_secret' => 'def', 'grant_type' => 'client_credentials'}) do |env|
+          case @mode
+          when "formencoded"
+            [200, {'Content-Type' => 'application/x-www-form-urlencoded'}, kvform_token]
+          when "json"
+            [200, {'Content-Type' => 'application/json'}, json_token]
+          end
+        end
+      end
+    end
+  end
+
+  subject {client.client_credentials}
+
+  describe "#authorize_url" do
+    it "should raise NotImplementedError" do
+      lambda {subject.authorize_url}.should raise_error(NotImplementedError)
+    end
+  end
+
+  %w(json formencoded).each do |mode|
+    %w(default basic_auth request_body).each do |auth_scheme|
+      describe "#get_token (#{mode}) (#{auth_scheme})" do
+        before do
+          @mode = mode
+          @access = subject.get_token({}, auth_scheme == 'default' ? {} : {'auth_scheme' => auth_scheme})
+        end
+
+        it 'returns AccessToken with same Client' do
+          @access.client.should == client
+        end
+
+        it 'returns AccessToken with #token' do
+          @access.token.should == 'salmon'
+        end
+
+        it 'returns AccessToken without #refresh_token' do
+          @access.refresh_token.should be_nil
+        end
+
+        it 'returns AccessToken with #expires_in' do
+          @access.expires_in.should == 600
+        end
+
+        it 'returns AccessToken with #expires_at' do
+          @access.expires_at.should_not be_nil
+        end
+      end
+    end
+  end
+end