g5_authenticatable 0.3.0

data/spec/dummy/config/routes.rb

@@ -0,0 +1,15 @@
+Rails.application.routes.draw do
+  resource :home, only: [:index, :show]
+
+  get '/protected_page', to: 'home#show', as: :protected_page
+
+  namespace :rails_api do
+    resource :secure_resource, only: [:create, :show],
+                               defaults: {format: 'json'}
+  end
+
+  mount G5Authenticatable::Engine => '/g5_auth'
+  mount SecureApi => '/api'
+
+  root to: 'home#index'
+end

data/spec/dummy/db/migrate/20140206070137_create_g5_authenticatable_users.rb

@@ -0,0 +1,23 @@
+class CreateG5AuthenticatableUsers < ActiveRecord::Migration
+  def change
+    create_table(:g5_authenticatable_users) do |t|
+      # G5 authenticatable
+      t.string :email,              null: false, default: ''
+      t.string :provider,           null: false, default: 'g5'
+      t.string :uid,                null: false
+      t.string :g5_access_token
+
+      # Trackable
+      t.integer  :sign_in_count, default: 0, null: false
+      t.datetime :current_sign_in_at
+      t.datetime :last_sign_in_at
+      t.string   :current_sign_in_ip
+      t.string   :last_sign_in_ip
+
+      t.timestamps
+    end
+
+    add_index :g5_authenticatable_users, :email, unique: true
+    add_index :g5_authenticatable_users, [:provider, :uid], unique: true
+  end
+end

data/spec/dummy/db/schema.rb

@@ -0,0 +1,33 @@
+# encoding: UTF-8
+# This file is auto-generated from the current state of the database. Instead
+# of editing this file, please use the migrations feature of Active Record to
+# incrementally modify your database, and then regenerate this schema definition.
+#
+# Note that this schema.rb definition is the authoritative source for your
+# database schema. If you need to create the application database on another
+# system, you should be using db:schema:load, not running all the migrations
+# from scratch. The latter is a flawed and unsustainable approach (the more migrations
+# you'll amass, the slower it'll run and the greater likelihood for issues).
+#
+# It's strongly recommended that you check this file into your version control system.
+
+ActiveRecord::Schema.define(version: 20140206070137) do
+
+  create_table "g5_authenticatable_users", force: true do |t|
+    t.string   "email",              default: "",   null: false
+    t.string   "provider",           default: "g5", null: false
+    t.string   "uid",                               null: false
+    t.string   "g5_access_token"
+    t.integer  "sign_in_count",      default: 0,    null: false
+    t.datetime "current_sign_in_at"
+    t.datetime "last_sign_in_at"
+    t.string   "current_sign_in_ip"
+    t.string   "last_sign_in_ip"
+    t.datetime "created_at"
+    t.datetime "updated_at"
+  end
+
+  add_index "g5_authenticatable_users", ["email"], name: "index_g5_authenticatable_users_on_email", unique: true
+  add_index "g5_authenticatable_users", ["provider", "uid"], name: "index_g5_authenticatable_users_on_provider_and_uid", unique: true
+
+end

data/spec/dummy/public/404.html

@@ -0,0 +1,26 @@
+<!DOCTYPE html>
+<html>
+<head>
+  <title>The page you were looking for doesn't exist (404)</title>
+  <style type="text/css">
+    body { background-color: #fff; color: #666; text-align: center; font-family: arial, sans-serif; }
+    div.dialog {
+      width: 25em;
+      padding: 0 4em;
+      margin: 4em auto 0 auto;
+      border: 1px solid #ccc;
+      border-right-color: #999;
+      border-bottom-color: #999;
+    }
+    h1 { font-size: 100%; color: #f00; line-height: 1.5em; }
+  </style>
+</head>
+
+<body>
+  <!-- This file lives in public/404.html -->
+  <div class="dialog">
+    <h1>The page you were looking for doesn't exist.</h1>
+    <p>You may have mistyped the address or the page may have moved.</p>
+  </div>
+</body>
+</html>

data/spec/dummy/public/422.html

@@ -0,0 +1,26 @@
+<!DOCTYPE html>
+<html>
+<head>
+  <title>The change you wanted was rejected (422)</title>
+  <style type="text/css">
+    body { background-color: #fff; color: #666; text-align: center; font-family: arial, sans-serif; }
+    div.dialog {
+      width: 25em;
+      padding: 0 4em;
+      margin: 4em auto 0 auto;
+      border: 1px solid #ccc;
+      border-right-color: #999;
+      border-bottom-color: #999;
+    }
+    h1 { font-size: 100%; color: #f00; line-height: 1.5em; }
+  </style>
+</head>
+
+<body>
+  <!-- This file lives in public/422.html -->
+  <div class="dialog">
+    <h1>The change you wanted was rejected.</h1>
+    <p>Maybe you tried to change something you didn't have access to.</p>
+  </div>
+</body>
+</html>

data/spec/dummy/public/500.html

@@ -0,0 +1,25 @@
+<!DOCTYPE html>
+<html>
+<head>
+  <title>We're sorry, but something went wrong (500)</title>
+  <style type="text/css">
+    body { background-color: #fff; color: #666; text-align: center; font-family: arial, sans-serif; }
+    div.dialog {
+      width: 25em;
+      padding: 0 4em;
+      margin: 4em auto 0 auto;
+      border: 1px solid #ccc;
+      border-right-color: #999;
+      border-bottom-color: #999;
+    }
+    h1 { font-size: 100%; color: #f00; line-height: 1.5em; }
+  </style>
+</head>
+
+<body>
+  <!-- This file lives in public/500.html -->
+  <div class="dialog">
+    <h1>We're sorry, but something went wrong.</h1>
+  </div>
+</body>
+</html>

data/spec/dummy/script/rails

@@ -0,0 +1,6 @@
+#!/usr/bin/env ruby
+# This command will automatically be run when you run "rails" with Rails 3 gems installed from the root of your application.
+
+APP_PATH = File.expand_path('../../config/application',  __FILE__)
+require File.expand_path('../../config/boot',  __FILE__)
+require 'rails/commands'

data/spec/features/auth_error_path_spec.rb

@@ -0,0 +1,21 @@
+require 'spec_helper'
+
+describe 'error path' do
+
+  context 'when there is an error at the oauth server' do
+
+    before do
+      stub_g5_invalid_credentials
+    end
+
+    it 'should redirect to the error path' do
+      visit(protected_page_path)
+      expect(current_path).to eq('/g5_auth/auth_error')
+    end
+
+    it 'should not use the application layout' do
+      visit(protected_page_path)
+      expect(page).to_not have_title('Dummy')
+    end
+  end
+end

data/spec/features/sign_in_spec.rb

@@ -0,0 +1,68 @@
+require 'spec_helper'
+
+describe 'Signing in' do
+  let(:user) { FactoryGirl.create(:g5_authenticatable_user) }
+
+  context 'from a login link' do
+    subject(:login) { click_link 'Login' }
+
+    before { visit root_path }
+
+    context 'when user exists locally' do
+      before do
+        stub_g5_omniauth(user)
+        login
+      end
+
+      it 'should sign in the user successfully' do
+        expect(page).to have_content('Signed in successfully.')
+      end
+
+      it 'should redirect the user to the root path' do
+        expect(current_path).to eq(root_path)
+      end
+    end
+
+    context 'when user does not exist locally' do
+      before do
+        OmniAuth.config.mock_auth[:g5] = OmniAuth::AuthHash.new({
+          uid: uid,
+          provider: 'g5',
+          info: {email: 'new.test.user@test.host'},
+          credentials: {token: g5_access_token}
+        })
+      end
+
+      let(:uid) { 42 }
+      let(:g5_access_token) { 'my secret token string' }
+
+      it 'should sign in the user successfully' do
+        login
+        expect(page).to have_content('Signed in successfully.')
+      end
+
+      it 'should redirect the user to the root path' do
+        login
+        expect(current_path).to eq(root_path)
+      end
+
+      it 'should create the user locally' do
+        expect { login }.to change { G5Authenticatable::User.count }.by(1)
+      end
+    end
+  end
+
+  context 'when visiting a protected page' do
+    before do
+      visit_path_and_login_with(protected_page_path, user)
+    end
+
+    it 'should sign in the user successfully' do
+      expect(page).to have_content('Signed in successfully.')
+    end
+
+    it 'should redirect the user to the protected page' do
+      expect(current_path).to eq(protected_page_path)
+    end
+  end
+end

data/spec/g5_authenticatable/version_spec.rb

@@ -0,0 +1,7 @@
+require 'spec_helper'
+
+describe G5Authenticatable do
+  it 'should have a version' do
+    expect(G5Authenticatable::VERSION).to_not be_blank
+  end
+end

data/spec/lib/generators/g5_authenticatable/install_generator_spec.rb

@@ -0,0 +1,55 @@
+require 'spec_helper'
+
+# For some reason, trying to load the generator from this spec
+# causes problems without an explicit require statement, even
+# though the rails executable is able to find the generator
+# when you execute it from the command line
+require 'generators/g5_authenticatable/install/install_generator'
+
+describe G5Authenticatable::InstallGenerator, type: :generator do
+  destination File.expand_path('../../../tmp', __FILE__)
+
+  before do
+    prepare_destination
+    setup_routes
+    run_generator
+  end
+
+  it 'should copy the migration' do
+    expect(destination_root).to have_structure {
+      directory 'db' do
+        directory 'migrate' do
+          migration 'create_g5_authenticatable_users' do
+            contains 'class CreateG5AuthenticatableUsers < ActiveRecord::Migration'
+          end
+        end
+      end
+    }
+  end
+
+  it 'should mount the engine' do
+    expect(destination_root).to have_structure {
+      directory 'config' do
+        file 'routes.rb' do
+          contains "mount G5Authenticatable::Engine => '/g5_auth'"
+        end
+      end
+    }
+  end
+
+  def setup_routes
+    routes = <<-END
+      Rails.application.routes.draw do
+        resource :home, only: [:show, :index]
+
+        match '/some_path', to: 'controller#action', as: :my_alias
+
+        root to: 'home#index'
+      end
+    END
+    config_dir = File.join(destination_root, 'config')
+
+    FileUtils.mkdir_p(config_dir)
+    File.write(File.join(config_dir, 'routes.rb'), routes)
+  end
+end

data/spec/models/g5_authenticatable/user_spec.rb

@@ -0,0 +1,39 @@
+require 'spec_helper'
+
+describe G5Authenticatable::User do
+  subject { user }
+  let(:user) { G5Authenticatable::User.create(user_attributes) }
+  let(:user_attributes) { FactoryGirl.attributes_for(:g5_authenticatable_user) }
+
+  it 'should expose the email' do
+    expect(user.email).to eq(user_attributes[:email])
+  end
+
+  it 'should expose the user provider' do
+    expect(user.provider).to eq(user_attributes[:provider])
+  end
+
+  it 'should expose the user uid' do
+    expect(user.uid).to eq(user_attributes[:uid])
+  end
+
+  it 'should expose a g5_access_token' do
+    expect(user.g5_access_token).to eq(user_attributes[:g5_access_token])
+  end
+
+  it 'should initialize the sign_in_count' do
+    expect(user.sign_in_count).to eq(0)
+  end
+
+  it 'should expose a method for updating tracked attributes' do
+    expect(user).to respond_to(:update_tracked_fields!)
+  end
+
+  it { should validate_presence_of(:email) }
+  it { should validate_uniqueness_of(:email) }
+  it { should validate_uniqueness_of(:uid).scoped_to(:provider) }
+
+  it 'should support timeouts' do
+    expect(user.timeout_in).to be > 0
+  end
+end

data/spec/requests/grape_api_spec.rb

@@ -0,0 +1,19 @@
+require 'spec_helper'
+
+describe 'a secure Grape API' do
+  subject(:api_call) { get '/api/secure_resource' }
+
+  context 'with an authenticated user', :auth_request do
+    it 'should be successful' do
+      api_call
+      expect(response).to be_http_ok
+    end
+  end
+
+  context 'without an authenticated user' do
+    it 'should be unauthorized' do
+      api_call
+      expect(response).to be_http_unauthorized
+    end
+  end
+end

data/spec/requests/rails_api_spec.rb

@@ -0,0 +1,53 @@
+require 'spec_helper'
+
+describe 'a secure Rails API' do
+  describe 'POST request to an API-only action' do
+    subject(:api_call) { post '/rails_api/secure_resource' }
+
+    context 'with an authenticated user', :auth_request do
+      it 'should be successful' do
+        api_call
+        expect(response).to be_http_ok
+      end
+    end
+
+    context 'without an authenticated user' do
+      it 'should be unauthorized' do
+        api_call
+        expect(response).to be_http_unauthorized
+      end
+    end
+  end
+
+  describe 'GET json request to mixed API/website action' do
+    subject(:api_call) { get '/rails_api/secure_resource.json' }
+
+    context 'with an authenticated user', :auth_request do
+      it 'should be successful' do
+        api_call
+        expect(response).to be_http_ok
+      end
+    end
+
+    context 'without an authenticated user' do
+      it 'should be unauthorized' do
+        api_call
+        expect(response).to be_http_unauthorized
+      end
+    end
+  end
+
+  describe 'GET html request to mixed API/website action' do
+    subject(:website_call) { get '/rails_api/secure_resource.html' }
+
+    it 'should be a redirect' do
+      website_call
+      expect(response).to be_redirect
+    end
+
+    it 'should redirect to the new session path' do
+      website_call
+      expect(response).to redirect_to('/g5_auth/users/sign_in')
+    end
+  end
+end