filiptepper-oauth-plugin 0.3.11

Sign up to get free protection for your applications and to get access to all the features.
Files changed (74) hide show
  1. data/.gitignore +5 -0
  2. data/CHANGELOG +101 -0
  3. data/MIT-LICENSE +20 -0
  4. data/README.rdoc +376 -0
  5. data/Rakefile +38 -0
  6. data/VERSION +1 -0
  7. data/generators/oauth_consumer/USAGE +10 -0
  8. data/generators/oauth_consumer/oauth_consumer_generator.rb +50 -0
  9. data/generators/oauth_consumer/templates/consumer_token.rb +5 -0
  10. data/generators/oauth_consumer/templates/controller.rb +19 -0
  11. data/generators/oauth_consumer/templates/index.html.erb +29 -0
  12. data/generators/oauth_consumer/templates/index.html.haml +18 -0
  13. data/generators/oauth_consumer/templates/migration.rb +20 -0
  14. data/generators/oauth_consumer/templates/oauth_config.rb +41 -0
  15. data/generators/oauth_consumer/templates/show.html.erb +7 -0
  16. data/generators/oauth_consumer/templates/show.html.haml +8 -0
  17. data/generators/oauth_provider/USAGE +20 -0
  18. data/generators/oauth_provider/lib/insert_routes.rb +67 -0
  19. data/generators/oauth_provider/oauth_provider_generator.rb +125 -0
  20. data/generators/oauth_provider/templates/_form.html.erb +17 -0
  21. data/generators/oauth_provider/templates/_form.html.haml +21 -0
  22. data/generators/oauth_provider/templates/access_token.rb +16 -0
  23. data/generators/oauth_provider/templates/authorize.html.erb +14 -0
  24. data/generators/oauth_provider/templates/authorize.html.haml +16 -0
  25. data/generators/oauth_provider/templates/authorize_failure.html.erb +1 -0
  26. data/generators/oauth_provider/templates/authorize_failure.html.haml +1 -0
  27. data/generators/oauth_provider/templates/authorize_success.html.erb +1 -0
  28. data/generators/oauth_provider/templates/authorize_success.html.haml +1 -0
  29. data/generators/oauth_provider/templates/client_application.rb +55 -0
  30. data/generators/oauth_provider/templates/client_application_spec.rb +29 -0
  31. data/generators/oauth_provider/templates/client_application_test.rb +42 -0
  32. data/generators/oauth_provider/templates/client_applications.yml +23 -0
  33. data/generators/oauth_provider/templates/clients_controller.rb +52 -0
  34. data/generators/oauth_provider/templates/clients_controller_spec.rb +239 -0
  35. data/generators/oauth_provider/templates/clients_controller_test.rb +280 -0
  36. data/generators/oauth_provider/templates/controller.rb +11 -0
  37. data/generators/oauth_provider/templates/controller_spec.rb +367 -0
  38. data/generators/oauth_provider/templates/controller_spec_helper.rb +80 -0
  39. data/generators/oauth_provider/templates/controller_test.rb +310 -0
  40. data/generators/oauth_provider/templates/controller_test_helper.rb +115 -0
  41. data/generators/oauth_provider/templates/edit.html.erb +7 -0
  42. data/generators/oauth_provider/templates/edit.html.haml +4 -0
  43. data/generators/oauth_provider/templates/index.html.erb +43 -0
  44. data/generators/oauth_provider/templates/index.html.haml +39 -0
  45. data/generators/oauth_provider/templates/migration.rb +46 -0
  46. data/generators/oauth_provider/templates/new.html.erb +5 -0
  47. data/generators/oauth_provider/templates/new.html.haml +5 -0
  48. data/generators/oauth_provider/templates/oauth_nonce.rb +13 -0
  49. data/generators/oauth_provider/templates/oauth_nonce_spec.rb +24 -0
  50. data/generators/oauth_provider/templates/oauth_nonce_test.rb +26 -0
  51. data/generators/oauth_provider/templates/oauth_nonces.yml +13 -0
  52. data/generators/oauth_provider/templates/oauth_token.rb +31 -0
  53. data/generators/oauth_provider/templates/oauth_token_spec.rb +309 -0
  54. data/generators/oauth_provider/templates/oauth_token_test.rb +57 -0
  55. data/generators/oauth_provider/templates/oauth_tokens.yml +17 -0
  56. data/generators/oauth_provider/templates/request_token.rb +40 -0
  57. data/generators/oauth_provider/templates/show.html.erb +27 -0
  58. data/generators/oauth_provider/templates/show.html.haml +30 -0
  59. data/init.rb +1 -0
  60. data/install.rb +2 -0
  61. data/lib/oauth-plugin.rb +1 -0
  62. data/lib/oauth/controllers/application_controller_methods.rb +110 -0
  63. data/lib/oauth/controllers/consumer_controller.rb +76 -0
  64. data/lib/oauth/controllers/provider_controller.rb +111 -0
  65. data/lib/oauth/models/consumers/service_loader.rb +18 -0
  66. data/lib/oauth/models/consumers/services/agree2_token.rb +15 -0
  67. data/lib/oauth/models/consumers/services/fireeagle_token.rb +39 -0
  68. data/lib/oauth/models/consumers/services/twitter_token.rb +18 -0
  69. data/lib/oauth/models/consumers/token.rb +60 -0
  70. data/oauth-plugin.gemspec +112 -0
  71. data/rails/init.rb +7 -0
  72. data/tasks/oauth_tasks.rake +4 -0
  73. data/uninstall.rb +1 -0
  74. metadata +136 -0
@@ -0,0 +1,280 @@
1
+ require File.dirname(__FILE__) + '/../test_helper'
2
+ require File.dirname(__FILE__) + '/../oauth_controller_test_helper'
3
+ require 'oauth/client/action_controller_request'
4
+
5
+ class OauthClientsController; def rescue_action(e) raise e end; end
6
+
7
+ class OauthClientsControllerIndexTest < ActionController::TestCase
8
+ include OAuthControllerTestHelper
9
+ tests OauthClientsController
10
+
11
+ def setup
12
+ @controller = OauthClientsController.new
13
+ @request = ActionController::TestRequest.new
14
+ @response = ActionController::TestResponse.new
15
+
16
+ login_as_application_owner
17
+ end
18
+
19
+ def do_get
20
+ get :index
21
+ end
22
+
23
+ def test_should_be_successful
24
+ do_get
25
+ assert @response.success?
26
+ end
27
+
28
+ def test_should_query_current_users_client_applications
29
+ @user.expects(:client_applications).returns(@client_applications)
30
+ do_get
31
+ end
32
+
33
+ def test_should_assign_client_applications
34
+ do_get
35
+ assert_equal @client_applications, assigns(:client_applications)
36
+ end
37
+
38
+ def test_should_render_index_template
39
+ do_get
40
+ assert_template 'index'
41
+ end
42
+ end
43
+
44
+ class OauthClientsControllerShowTest < ActionController::TestCase
45
+ include OAuthControllerTestHelper
46
+ tests OauthClientsController
47
+
48
+ def setup
49
+ @controller = OauthClientsController.new
50
+ @request = ActionController::TestRequest.new
51
+ @response = ActionController::TestResponse.new
52
+
53
+ login_as_application_owner
54
+ end
55
+
56
+ def do_get
57
+ get :show, :id=>'3'
58
+ end
59
+
60
+ def test_should_be_successful
61
+ do_get
62
+ assert @response.success?
63
+ end
64
+
65
+ def test_should_query_current_users_client_applications
66
+ @user.expects(:client_applications).returns(@client_applications)
67
+ @client_applications.expects(:find).with('3').returns(@client_application)
68
+ do_get
69
+ end
70
+
71
+ def test_should_assign_client_applications
72
+ do_get
73
+ assert_equal @client_application, assigns(:client_application)
74
+ end
75
+
76
+ def test_should_render_show_template
77
+ do_get
78
+ assert_template 'show'
79
+ end
80
+
81
+ end
82
+
83
+ class OauthClientsControllerNewTest < ActionController::TestCase
84
+ include OAuthControllerTestHelper
85
+ tests OauthClientsController
86
+
87
+ def setup
88
+ @controller = OauthClientsController.new
89
+ @request = ActionController::TestRequest.new
90
+ @response = ActionController::TestResponse.new
91
+
92
+ login_as_application_owner
93
+ ClientApplication.stubs(:new).returns(@client_application)
94
+ end
95
+
96
+ def do_get
97
+ get :new
98
+ end
99
+
100
+ def test_should_be_successful
101
+ do_get
102
+ assert @response.success?
103
+ end
104
+
105
+ def test_should_assign_client_applications
106
+ do_get
107
+ assert_equal @client_application, assigns(:client_application)
108
+ end
109
+
110
+ def test_should_render_show_template
111
+ do_get
112
+ assert_template 'new'
113
+ end
114
+
115
+ end
116
+
117
+ class OauthClientsControllerEditTest < ActionController::TestCase
118
+ include OAuthControllerTestHelper
119
+ tests OauthClientsController
120
+
121
+ def setup
122
+ @controller = OauthClientsController.new
123
+ @request = ActionController::TestRequest.new
124
+ @response = ActionController::TestResponse.new
125
+
126
+ login_as_application_owner
127
+ end
128
+
129
+ def do_get
130
+ get :edit, :id=>'3'
131
+ end
132
+
133
+ def test_should_be_successful
134
+ do_get
135
+ assert @response.success?
136
+ end
137
+
138
+ def test_should_query_current_users_client_applications
139
+ @user.expects(:client_applications).returns(@client_applications)
140
+ @client_applications.expects(:find).with('3').returns(@client_application)
141
+ do_get
142
+ end
143
+
144
+ def test_should_assign_client_applications
145
+ do_get
146
+ assert_equal @client_application, assigns(:client_application)
147
+ end
148
+
149
+ def test_should_render_edit_template
150
+ do_get
151
+ assert_template 'edit'
152
+ end
153
+
154
+ end
155
+
156
+ class OauthClientsControllerCreateTest < ActionController::TestCase
157
+ include OAuthControllerTestHelper
158
+ tests OauthClientsController
159
+
160
+ def setup
161
+ @controller = OauthClientsController.new
162
+ @request = ActionController::TestRequest.new
163
+ @response = ActionController::TestResponse.new
164
+
165
+ login_as_application_owner
166
+ @client_applications.stubs(:build).returns(@client_application)
167
+ @client_application.stubs(:save).returns(true)
168
+ end
169
+
170
+ def do_valid_post
171
+ @client_application.expects(:save).returns(true)
172
+ post :create,'client_application'=>{'name'=>'my site'}
173
+ end
174
+
175
+ def do_invalid_post
176
+ @client_application.expects(:save).returns(false)
177
+ post :create,:client_application=>{:name=>'my site'}
178
+ end
179
+
180
+ def test_should_query_current_users_client_applications
181
+ @client_applications.expects(:build).returns(@client_application)
182
+ do_valid_post
183
+ end
184
+
185
+ def test_should_redirect_to_new_client_application
186
+ do_valid_post
187
+ assert_response :redirect
188
+ assert_redirected_to(:action => "show", :id => @client_application.id)
189
+ end
190
+
191
+ def test_should_assign_client_applications
192
+ do_invalid_post
193
+ assert_equal @client_application, assigns(:client_application)
194
+ end
195
+
196
+ def test_should_render_show_template
197
+ do_invalid_post
198
+ assert_template('new')
199
+ end
200
+ end
201
+
202
+ class OauthClientsControllerDestroyTest < ActionController::TestCase
203
+ include OAuthControllerTestHelper
204
+ tests OauthClientsController
205
+
206
+ def setup
207
+ @controller = OauthClientsController.new
208
+ @request = ActionController::TestRequest.new
209
+ @response = ActionController::TestResponse.new
210
+
211
+ login_as_application_owner
212
+ @client_application.stubs(:destroy)
213
+ end
214
+
215
+ def do_delete
216
+ delete :destroy,:id=>'3'
217
+ end
218
+
219
+ def test_should_query_current_users_client_applications
220
+ @user.expects(:client_applications).returns(@client_applications)
221
+ @client_applications.expects(:find).with('3').returns(@client_application)
222
+ do_delete
223
+ end
224
+
225
+ def test_should_destroy_client_applications
226
+ @client_application.expects(:destroy)
227
+ do_delete
228
+ end
229
+
230
+ def test_should_redirect_to_list
231
+ do_delete
232
+ assert_response :redirect
233
+ assert_redirected_to :action => 'index'
234
+ end
235
+
236
+ end
237
+
238
+ class OauthClientsControllerUpdateTest < ActionController::TestCase
239
+ include OAuthControllerTestHelper
240
+ tests OauthClientsController
241
+
242
+ def setup
243
+ @controller = OauthClientsController.new
244
+ @request = ActionController::TestRequest.new
245
+ @response = ActionController::TestResponse.new
246
+ login_as_application_owner
247
+ end
248
+
249
+ def do_valid_update
250
+ @client_application.expects(:update_attributes).returns(true)
251
+ put :update, :id => '1', 'client_application' => {'name'=>'my site'}
252
+ end
253
+
254
+ def do_invalid_update
255
+ @client_application.expects(:update_attributes).returns(false)
256
+ put :update, :id=>'1', 'client_application' => {'name'=>'my site'}
257
+ end
258
+
259
+ def test_should_query_current_users_client_applications
260
+ @user.expects(:client_applications).returns(@client_applications)
261
+ @client_applications.expects(:find).with('1').returns(@client_application)
262
+ do_valid_update
263
+ end
264
+
265
+ def test_should_redirect_to_new_client_application
266
+ do_valid_update
267
+ assert_response :redirect
268
+ assert_redirected_to :action => "show", :id => @client_application.id
269
+ end
270
+
271
+ def test_should_assign_client_applications
272
+ do_invalid_update
273
+ assert_equal @client_application, assigns(:client_application)
274
+ end
275
+
276
+ def test_should_render_show_template
277
+ do_invalid_update
278
+ assert_template('edit')
279
+ end
280
+ end
@@ -0,0 +1,11 @@
1
+ require 'oauth/controllers/provider_controller'
2
+ class OauthController < ApplicationController
3
+ include OAuth::Controllers::ProviderController
4
+
5
+ # Override this to match your authorization page form
6
+ # It currently expects a checkbox called authorize
7
+ # def user_authorizes_token?
8
+ # params[:authorize] == '1'
9
+ # end
10
+
11
+ end
@@ -0,0 +1,367 @@
1
+ require File.dirname(__FILE__) + '/../spec_helper'
2
+ require File.dirname(__FILE__) + '/oauth_controller_spec_helper'
3
+ require 'oauth/client/action_controller_request'
4
+
5
+ describe OauthController, "getting a request token" do
6
+ include OAuthControllerSpecHelper
7
+ before(:each) do
8
+ setup_oauth
9
+ sign_request_with_oauth
10
+ @client_application.stub!(:create_request_token).and_return(@request_token)
11
+ @client_application.stub!(:token_callback_url=)
12
+ end
13
+
14
+ def do_get
15
+ get :request_token
16
+ end
17
+
18
+ it "should be successful" do
19
+ do_get
20
+ response.should be_success
21
+ end
22
+
23
+ it "should query for client_application" do
24
+ ClientApplication.should_receive(:find_by_key).with('key').and_return(@client_application)
25
+ do_get
26
+ end
27
+
28
+ it "should request token from client_application" do
29
+ @client_application.should_receive(:create_request_token).and_return(@request_token)
30
+ do_get
31
+ end
32
+
33
+ it "should return token string" do
34
+ do_get
35
+ response.body.should==@request_token_string
36
+ end
37
+
38
+ it "should not set token_callback_url" do
39
+ @client_application.should_not_receive(:token_callback_url=).with(nil)
40
+ do_get
41
+ end
42
+ end
43
+
44
+ describe OauthController, "getting a request token passing a oauth_callback url" do
45
+ include OAuthControllerSpecHelper
46
+ before(:each) do
47
+ setup_oauth
48
+ sign_request_with_oauth nil, {:oauth_callback=>"http://test.com/alternative_callback"}
49
+ @client_application.stub!(:create_request_token).and_return(@request_token)
50
+ @client_application.stub!(:token_callback_url=)
51
+ end
52
+
53
+ def do_get
54
+ get :request_token
55
+ end
56
+
57
+ it "should be successful" do
58
+ do_get
59
+ response.should be_success
60
+ end
61
+
62
+ it "should query for client_application" do
63
+ ClientApplication.should_receive(:find_by_key).with('key').and_return(@client_application)
64
+ do_get
65
+ end
66
+
67
+ it "should request token from client_application" do
68
+ @client_application.should_receive(:create_request_token).and_return(@request_token)
69
+ do_get
70
+ end
71
+
72
+ it "should return token string" do
73
+ do_get
74
+ response.body.should==@request_token_string
75
+ end
76
+
77
+ it "should set token_callback_url with received oauth_callback" do
78
+ @client_application.should_receive(:token_callback_url=).with("http://test.com/alternative_callback")
79
+ do_get
80
+ end
81
+ end
82
+
83
+
84
+ describe OauthController, "token authorization" do
85
+ include OAuthControllerSpecHelper
86
+ before(:each) do
87
+ login
88
+ setup_oauth
89
+ RequestToken.stub!(:find_by_token).and_return(@request_token)
90
+
91
+ end
92
+
93
+ def do_get
94
+ get :authorize, :oauth_token => @request_token.token
95
+ end
96
+
97
+ def do_post
98
+ @request_token.should_receive(:authorize!).with(@user)
99
+ post :authorize, :oauth_token => @request_token.token, :authorize => "1"
100
+ end
101
+
102
+ def do_post_without_user_authorization
103
+ @request_token.should_receive(:invalidate!)
104
+ post :authorize, :oauth_token => @request_token.token, :authorize => "0"
105
+ end
106
+
107
+ def do_post_with_callback
108
+ @request_token.should_receive(:authorize!).with(@user)
109
+ post :authorize, :oauth_token => @request_token.token, :oauth_callback => "http://application/alternative", :authorize => "1"
110
+ end
111
+
112
+ def do_post_with_no_application_callback
113
+ @request_token.should_receive(:authorize!).with(@user)
114
+ @client_application.stub!(:callback_url).and_return(nil)
115
+ post :authorize, :oauth_token => @request_token.token, :authorize => "1"
116
+ end
117
+
118
+ it "should be successful" do
119
+ do_get
120
+ response.should be_success
121
+ end
122
+
123
+ it "should query for client_application" do
124
+ RequestToken.should_receive(:find_by_token).and_return(@request_token)
125
+ do_get
126
+ end
127
+
128
+ it "should assign token" do
129
+ do_get
130
+ assigns[:token].should equal(@request_token)
131
+ end
132
+
133
+ it "should render authorize template" do
134
+ do_get
135
+ response.should render_template('authorize')
136
+ end
137
+
138
+ it "should redirect to default callback" do
139
+ do_post
140
+ response.should be_redirect
141
+ response.should redirect_to("http://application/callback?oauth_token=#{@request_token.token}&oauth_verifier=verifyme")
142
+ end
143
+
144
+ it "should redirect to default callback without verifier if oauth 1.0" do
145
+ @request_token.stub!(:oauth10?).and_return(true)
146
+ do_post
147
+ response.should be_redirect
148
+ response.should redirect_to("http://application/callback?oauth_token=#{@request_token.token}")
149
+ end
150
+
151
+ it "should redirect to callback in query if oauth 1.0" do
152
+ @request_token.stub!(:oauth10?).and_return(true)
153
+ do_post_with_callback
154
+ response.should be_redirect
155
+ response.should redirect_to("http://application/alternative?oauth_token=#{@request_token.token}")
156
+ end
157
+
158
+ it "should redirect to request_token callback" do
159
+ @request_token.stub!(:oob?).and_return(false)
160
+ @request_token.stub!(:callback_url).and_return("http://alternative/callback")
161
+ do_post
162
+ response.should be_redirect
163
+ response.should redirect_to("http://alternative/callback?oauth_token=#{@request_token.token}&oauth_verifier=verifyme")
164
+ end
165
+
166
+ it "should ignore callback in query but redirect to default" do
167
+ do_post_with_callback
168
+ response.should be_redirect
169
+ response.should redirect_to("http://application/callback?oauth_token=#{@request_token.token}&oauth_verifier=verifyme")
170
+ end
171
+
172
+ it "should be successful on authorize without any application callback" do
173
+ do_post_with_no_application_callback
174
+ response.should be_success
175
+ end
176
+
177
+ it "should be successful on authorize without any application callback" do
178
+ do_post_with_no_application_callback
179
+ response.should render_template('authorize_success')
180
+ end
181
+
182
+ it "should render failure screen on user invalidation" do
183
+ do_post_without_user_authorization
184
+ response.should render_template('authorize_failure')
185
+ end
186
+
187
+ it "should render failure screen if token is invalidated" do
188
+ @request_token.stub!(:authorized?).and_return(false)
189
+ @request_token.stub!(:invalidated?).and_return(true)
190
+ do_get
191
+ response.should render_template('authorize_failure')
192
+ end
193
+
194
+
195
+ end
196
+
197
+
198
+ describe OauthController, "getting an access token" do
199
+ include OAuthControllerSpecHelper
200
+ before(:each) do
201
+ setup_oauth
202
+ sign_request_with_oauth @request_token
203
+ @request_token.stub!(:exchange!).and_return(@access_token)
204
+ end
205
+
206
+ def do_get
207
+ get :access_token
208
+ end
209
+
210
+ it "should be successful" do
211
+ do_get
212
+ response.should be_success
213
+ end
214
+
215
+ it "should query for client_application" do
216
+ ClientApplication.should_receive(:find_token).with(@request_token.token).and_return(@request_token)
217
+ do_get
218
+ end
219
+
220
+ it "should request token from client_application" do
221
+ @request_token.should_receive(:exchange!).and_return(@access_token)
222
+ do_get
223
+ end
224
+
225
+ it "should return token string" do
226
+ do_get
227
+ response.body.should == @access_token_string
228
+ end
229
+ end
230
+
231
+ class OauthorizedController<ApplicationController
232
+ before_filter :login_or_oauth_required, :only => :both
233
+ before_filter :login_required, :only => :interactive
234
+ before_filter :oauth_required, :only => :token_only
235
+
236
+ def interactive
237
+ end
238
+
239
+ def token_only
240
+ end
241
+
242
+ def both
243
+ end
244
+ end
245
+
246
+ describe OauthorizedController, " access control" do
247
+ include OAuthControllerSpecHelper
248
+
249
+ before(:each) do
250
+ end
251
+
252
+ it "should have access_token set up correctly" do
253
+ setup_to_authorize_request
254
+ @access_token.is_a?(AccessToken).should == true
255
+ @access_token.should be_authorized
256
+ @access_token.should_not be_invalidated
257
+ @access_token.user.should == @user
258
+ @access_token.client_application.should == @client_application
259
+ end
260
+
261
+ it "should return false for oauth? by default" do
262
+ controller.send(:oauth?).should == false
263
+ end
264
+
265
+ it "should return nil for current_token by default" do
266
+ controller.send(:current_token).should be_nil
267
+ end
268
+
269
+ it "should allow oauth when using login_or_oauth_required" do
270
+ setup_to_authorize_request
271
+ sign_request_with_oauth(@access_token)
272
+ ClientApplication.should_receive(:find_token).with(@access_token.token).and_return(@access_token)
273
+ get :both
274
+ controller.send(:current_token).should == @access_token
275
+ controller.send(:current_token).is_a?(AccessToken).should == true
276
+ controller.send(:current_user).should == @user
277
+ controller.send(:current_client_application).should == @client_application
278
+ response.code.should == '200'
279
+ response.should be_success
280
+ end
281
+
282
+ it "should allow interactive when using login_or_oauth_required" do
283
+ login
284
+ get :both
285
+ response.should be_success
286
+ controller.send(:current_user).should == @user
287
+ controller.send(:current_token).should be_nil
288
+ end
289
+
290
+
291
+ it "should allow oauth when using oauth_required" do
292
+ setup_to_authorize_request
293
+ sign_request_with_oauth(@access_token)
294
+ ClientApplication.should_receive(:find_token).with(@access_token.token).and_return(@access_token)
295
+ get :token_only
296
+ controller.send(:current_token).should == @access_token
297
+ controller.send(:current_client_application).should == @client_application
298
+ controller.send(:current_user).should == @user
299
+ response.code.should == '200'
300
+ response.should be_success
301
+ end
302
+
303
+ it "should disallow oauth using RequestToken when using oauth_required" do
304
+ setup_to_authorize_request
305
+ ClientApplication.should_receive(:find_token).with(@request_token.token).and_return(@request_token)
306
+ sign_request_with_oauth(@request_token)
307
+ get :token_only
308
+ response.code.should == '401'
309
+ end
310
+
311
+ it "should disallow interactive when using oauth_required" do
312
+ login
313
+ get :token_only
314
+ response.code.should == '401'
315
+
316
+ controller.send(:current_user).should == @user
317
+ controller.send(:current_token).should be_nil
318
+ end
319
+
320
+ it "should disallow oauth when using login_required" do
321
+ setup_to_authorize_request
322
+ sign_request_with_oauth(@access_token)
323
+ get :interactive
324
+ response.code.should == "302"
325
+ controller.send(:current_user).should be_nil
326
+ controller.send(:current_token).should be_nil
327
+ end
328
+
329
+ it "should allow interactive when using login_required" do
330
+ login
331
+ get :interactive
332
+ response.should be_success
333
+ controller.send(:current_user).should == @user
334
+ controller.send(:current_token).should be_nil
335
+ end
336
+
337
+ end
338
+
339
+ describe OauthController, "revoke" do
340
+ include OAuthControllerSpecHelper
341
+ before(:each) do
342
+ setup_oauth_for_user
343
+ @request_token.stub!(:invalidate!)
344
+ end
345
+
346
+ def do_post
347
+ post :revoke, :token => "TOKEN STRING"
348
+ end
349
+
350
+ it "should redirect to index" do
351
+ do_post
352
+ response.should be_redirect
353
+ response.should redirect_to('http://test.host/oauth_clients')
354
+ end
355
+
356
+ it "should query current_users tokens" do
357
+ @tokens.should_receive(:find_by_token).and_return(@request_token)
358
+ do_post
359
+ end
360
+
361
+ it "should call invalidate on token" do
362
+ @request_token.should_receive(:invalidate!)
363
+ do_post
364
+ end
365
+
366
+ end
367
+