g5_authenticatable_api 0.4.1 → 1.0.0.pre.1

data/spec/rails_helper.rb

@@ -0,0 +1,39 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+ENV['RAILS_ENV'] ||= 'test'
+require File.expand_path('../dummy/config/environment', __FILE__)
+
+require 'rspec/rails'
+require 'capybara/rspec'
+require 'webmock/rspec'
+
+Rails.backtrace_cleaner.remove_silencers!
+
+# Requires supporting ruby files with custom matchers and macros, etc,
+# in spec/support/ and its subdirectories.
+Dir[File.expand_path('../support/**/*.rb', __FILE__)].each { |f| require f }
+
+RSpec.configure do |config|
+  # If you're not using ActiveRecord, or you'd prefer not to run each of your
+  # examples within a transaction, remove the following line or assign false
+  # instead of true.
+  config.use_transactional_fixtures = true
+
+  # If true, the base class of anonymous controllers will be inferred
+  # automatically. This will be the default behavior in future versions of
+  # rspec-rails.
+  config.infer_base_class_for_anonymous_controllers = false
+
+  config.after(:suite) { WebMock.disable! }
+
+  config.infer_spec_type_from_file_location!
+end
+
+Shoulda::Matchers.configure do |config|
+  config.integrate do |with|
+    with.test_framework :rspec
+    with.library :rails
+  end
+end

data/spec/requests/grape_api_spec.rb

@@ -1,19 +1,21 @@
-require 'spec_helper'
+# frozen_string_literal: true
 
-describe 'a secure Grape API endpoint' do
+require 'rails_helper'
+
+RSpec.describe 'a secure Grape API endpoint' do
   let(:endpoint) { '/grape_api/hello' }
   let(:params) {}
   let(:headers) {}
 
   describe 'GET request' do
-    subject(:api_call) { get endpoint, params, headers }
+    subject(:api_call) { safe_get endpoint, params, headers }
 
     it_should_behave_like 'a warden authenticatable api'
     it_should_behave_like 'a token authenticatable api'
   end
 
   describe 'POST request' do
-    subject(:api_call) { post endpoint, params, headers }
+    subject(:api_call) { safe_post endpoint, params, headers }
 
     it_should_behave_like 'a warden authenticatable api'
     it_should_behave_like 'a token authenticatable api'

data/spec/requests/rails_api_spec.rb

@@ -1,11 +1,13 @@
-require 'spec_helper'
+# frozen_string_literal: true
 
-describe 'A Secure Rails API endpoint' do
+require 'rails_helper'
+
+RSpec.describe 'A Secure Rails API endpoint' do
   let(:params) {}
   let(:headers) {}
 
   describe 'GET request' do
-    subject(:api_call) { get '/rails_api/articles', params, headers }
+    subject(:api_call) { safe_get '/rails_api/articles', params, headers }
 
     it_should_behave_like 'a warden authenticatable api'
     it_should_behave_like 'a token authenticatable api'

data/spec/spec_helper.rb

@@ -1,49 +1,29 @@
+# frozen_string_literal: true
+
 # MUST happen before any other code is loaded
 require 'simplecov'
-SimpleCov.start 'test_frameworks'
+SimpleCov.start 'rails'
 
-require 'codeclimate-test-reporter'
-CodeClimate::TestReporter.start
+require 'pry'
 
-ENV["RAILS_ENV"] ||= 'test'
-require File.expand_path("../dummy/config/environment", __FILE__)
+RSpec.configure do |config|
+  config.expect_with :rspec do |expectations|
+    expectations.include_chain_clauses_in_custom_matcher_descriptions = true
+  end
 
-require 'rspec/rails'
-require 'rspec/http'
-require 'capybara/rspec'
-require 'webmock/rspec'
+  config.mock_with :rspec do |mocks|
+    mocks.verify_partial_doubles = true
+  end
 
-Rails.backtrace_cleaner.remove_silencers!
+  config.shared_context_metadata_behavior = :apply_to_host_groups
 
-# Requires supporting ruby files with custom matchers and macros, etc,
-# in spec/support/ and its subdirectories.
-Dir[File.expand_path('../support/**/*.rb', __FILE__)].each { |f| require f }
+  config.filter_run_when_matching :focus
+
+  config.disable_monkey_patching!
+
+  config.default_formatter = 'doc' if config.files_to_run.one?
 
-RSpec.configure do |config|
-  # ## Mock Framework
-  #
-  # If you prefer to use mocha, flexmock or RR, uncomment the appropriate line:
-  #
-  # config.mock_with :mocha
-  # config.mock_with :flexmock
-  # config.mock_with :rr
-  config.mock_with :rspec
-
-  # If you're not using ActiveRecord, or you'd prefer not to run each of your
-  # examples within a transaction, remove the following line or assign false
-  # instead of true.
-  config.use_transactional_fixtures = true
-
-  # If true, the base class of anonymous controllers will be inferred
-  # automatically. This will be the default behavior in future versions of
-  # rspec-rails.
-  config.infer_base_class_for_anonymous_controllers = false
-
-  # Run specs in random order to surface order dependencies. If you find an
-  # order dependency and want to debug it, you can fix the order by providing
-  # the seed, which is printed after each run.
-  #     --seed 1234
   config.order = 'random'
 
-  config.after(:suite) { WebMock.disable! }
+  Kernel.srand config.seed
 end

data/spec/support/controller_test_helpers.rb

@@ -0,0 +1,26 @@
+# frozen_string_literal: true
+
+module ControllerTestHelpers
+  def safe_get(endpoint, params = nil, headers = nil)
+    safe_request(:get, endpoint, params, headers)
+  end
+
+  def safe_post(endpoint, params = nil, headers = nil)
+    safe_request(:post, endpoint, params, headers)
+  end
+
+  def safe_request(method_name, endpoint, params = nil, headers = nil)
+    if Rails.version.starts_with?('4')
+      send(method_name, endpoint, params, headers)
+    else
+      options = { params: params }
+      options[:headers] = headers if headers
+      send(method_name, endpoint, **options)
+    end
+  end
+end
+
+RSpec.configure do |config|
+  config.include ControllerTestHelpers, type: :controller
+  config.include ControllerTestHelpers, type: :request
+end

data/spec/support/factory_girl.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'factory_girl_rails'
 
 RSpec.configure do |config|

data/spec/support/shared_contexts/current_auth_user.rb

@@ -1,10 +1,12 @@
-shared_context 'current auth user' do
+# frozen_string_literal: true
+
+RSpec.shared_context 'current auth user' do
   before do
-    stub_request(:get, 'auth.g5search.com/v1/me').
-      with(headers: {'Authorization'=>"Bearer #{token_value}"}).
-      to_return(status: 200,
-                body: raw_user_info.to_json,
-                headers: {'Content-Type' => 'application/json'})
+    stub_request(:get, 'auth.g5search.com/v1/me')
+      .with(headers: { 'Authorization' => "Bearer #{token_value}" })
+      .to_return(status: 200,
+                 body: raw_user_info.to_json,
+                 headers: { 'Content-Type' => 'application/json' })
   end
 
   let(:raw_user_info) do

data/spec/support/shared_contexts/invalid_access_token.rb

@@ -1,21 +1,23 @@
-shared_context 'OAuth2 error' do
+# frozen_string_literal: true
+
+RSpec.shared_context 'OAuth2 error' do
   before do
-    stub_request(:get, 'auth.g5search.com/oauth/token/info').
-      with(headers: {'Authorization'=>"Bearer #{token_value}"}).
-      to_return(status: 401,
-                headers: {'Content-Type' => 'application/json; charset=utf-8',
-                          'Cache-Control' => 'no-cache'},
-                body: parsed_error.to_json)
+    stub_request(:get, 'auth.g5search.com/oauth/token/info')
+      .with(headers: { 'Authorization' => "Bearer #{token_value}" })
+      .to_return(status: 401,
+                 headers: { 'Content-Type' => 'application/json; charset=utf-8',
+                            'Cache-Control' => 'no-cache' },
+                 body: parsed_error.to_json)
   end
 
   let(:parsed_error) { '' }
 end
 
-shared_context 'invalid access token' do
+RSpec.shared_context 'invalid access token' do
   include_context 'OAuth2 error' do
     let(:parsed_error) do
-      {'error' => error_code,
-       'error_description' => error_description}
+      { 'error' => error_code,
+        'error_description' => error_description }
     end
 
     let(:error_code) { 'invalid_token' }

data/spec/support/shared_contexts/valid_access_token.rb

@@ -1,10 +1,12 @@
-shared_context 'valid access token' do
+# frozen_string_literal: true
+
+RSpec.shared_context 'valid access token' do
   before do
-    stub_request(:get, 'auth.g5search.com/oauth/token/info').
-      with(headers: {'Authorization'=>"Bearer #{token_value}"}).
-      to_return(status: 200,
-                body: raw_token_info.to_json,
-                headers: {'Content-Type' => 'application/json'})
+    stub_request(:get, 'auth.g5search.com/oauth/token/info')
+      .with(headers: { 'Authorization' => "Bearer #{token_value}" })
+      .to_return(status: 200,
+                 body: raw_token_info.to_json,
+                 headers: { 'Content-Type' => 'application/json' })
   end
 
   let(:raw_token_info) do
@@ -12,7 +14,7 @@ shared_context 'valid access token' do
       'resource_owner_id' => '42',
       'scopes' => [],
       'expires_in_seconds' => 120,
-      'application' => {'uid' => 'abcdefg112358'}
+      'application' => { 'uid' => 'abcdefg112358' }
     }
   end
 end

data/spec/support/shared_examples/auth_user.rb

@@ -1,4 +1,6 @@
-shared_examples_for 'an auth user' do
+# frozen_string_literal: true
+
+RSpec.shared_examples_for 'an auth user' do
   it 'has the correct id' do
     expect(user.id).to eq(raw_user_info['id'])
   end

data/spec/support/shared_examples/token_authenticatable_api.rb

@@ -1,14 +1,16 @@
-shared_examples_for 'a token authenticatable api' do
+# frozen_string_literal: true
+
+RSpec.shared_examples_for 'a token authenticatable api' do
   let(:token_value) { 'abc123' }
 
   context 'with authorization header' do
-    let(:headers) { {'Authorization' => "Bearer #{token_value}"} }
+    let(:headers) { { 'Authorization' => "Bearer #{token_value}" } }
 
     include_examples 'token validation'
   end
 
   context 'with access token parameter' do
-    let(:params) { {'access_token' => token_value} }
+    let(:params) { { 'access_token' => token_value } }
 
     include_examples 'token validation'
   end
@@ -17,11 +19,11 @@ shared_examples_for 'a token authenticatable api' do
     before { subject }
 
     it 'should be unauthorized' do
-      expect(response).to be_http_unauthorized
+      expect(response.status).to eq(401)
     end
 
     it 'should return an authenticate header without details' do
-      expect(response.headers).to include('WWW-Authenticate' => 'Bearer')
+      expect(response.headers['WWW-Authenticate']).to eq('Bearer')
     end
   end
 
@@ -39,11 +41,11 @@ shared_examples_for 'a token authenticatable api' do
     before { subject }
 
     it 'should be unauthorized' do
-      expect(response).to be_http_unauthorized
+      expect(response.status).to eq(401)
     end
 
     it 'should return an authenticate header without details' do
-      expect(response.headers).to include('WWW-Authenticate' => 'Bearer')
+      expect(response.headers['WWW-Authenticate']).to eq('Bearer')
     end
   end
 end

data/spec/support/shared_examples/token_validation.rb

@@ -1,4 +1,6 @@
-shared_examples_for 'token validation' do
+# frozen_string_literal: true
+
+RSpec.shared_examples_for 'token validation' do
   context 'when token is valid' do
     include_context 'valid access token'
 
@@ -9,8 +11,9 @@ shared_examples_for 'token validation' do
     end
 
     it 'should validate the access token against the auth server' do
-      expect(a_request(:get, 'auth.g5search.com/oauth/token/info').
-             with(headers: {'Authorization' => "Bearer #{token_value}"})).to have_been_made
+      expect(a_request(:get, 'auth.g5search.com/oauth/token/info')
+        .with(headers: { 'Authorization' => "Bearer #{token_value}" }))
+        .to have_been_made
     end
   end
 
@@ -20,7 +23,7 @@ shared_examples_for 'token validation' do
     before { subject }
 
     it 'should be unauthorized' do
-      expect(response).to be_http_unauthorized
+      expect(response.status).to eq(401)
     end
 
     it 'should return an authenticate header' do
@@ -28,11 +31,13 @@ shared_examples_for 'token validation' do
     end
 
     it 'should return the authentication error' do
-      expect(response.headers['WWW-Authenticate']).to match("error=\"#{error_code}\"")
+      expect(response.headers['WWW-Authenticate'])
+        .to match("error=\"#{error_code}\"")
     end
 
     it 'should return the authentication error description' do
-      expect(response.headers['WWW-Authenticate']).to match("error_description=\"#{error_description}\"")
+      expect(response.headers['WWW-Authenticate'])
+        .to match("error_description=\"#{error_description}\"")
     end
   end
 
@@ -42,7 +47,7 @@ shared_examples_for 'token validation' do
     before { subject }
 
     it 'should be unauthorized' do
-      expect(response).to be_http_unauthorized
+      expect(response.status).to eq(401)
     end
 
     it 'should return an authenticate header' do
@@ -50,7 +55,8 @@ shared_examples_for 'token validation' do
     end
 
     it 'should return the default authentication error code' do
-      expect(response.headers['WWW-Authenticate']).to match('error="invalid_request"')
+      expect(response.headers['WWW-Authenticate'])
+        .to match('error="invalid_request"')
     end
   end
 end

data/spec/support/shared_examples/warden_authenticatable_api.rb

@@ -1,6 +1,6 @@
-require 'spec_helper'
+# frozen_string_literal: true
 
-shared_examples_for 'a warden authenticatable api' do
+RSpec.shared_examples_for 'a warden authenticatable api' do
   context 'when user is authenticated' do
     let(:user) { create(:user) }
     let(:token_value) { user.g5_access_token }
@@ -27,23 +27,24 @@ shared_examples_for 'a warden authenticatable api' do
       end
 
       it 'should not validate the token against the auth server' do
-        expect(a_request(:get, 'auth.g5search.com/oauth/token/info')).to_not have_been_made
+        expect(a_request(:get, 'auth.g5search.com/oauth/token/info'))
+          .to_not have_been_made
       end
     end
   end
 
   context 'when user is not authenticated' do
     before do
-     logout
-     subject
+      logout
+      subject
     end
 
     it 'should be unauthorized' do
-      expect(response).to be_http_unauthorized
+      expect(response.status).to eq(401)
     end
 
     it 'should return an authenticate header without details' do
-      expect(response.headers).to include('WWW-Authenticate' => 'Bearer')
+      expect(response.headers['WWW-Authenticate']).to eq('Bearer')
     end
   end
 end

data/spec/support/warden.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 RSpec.configure do |config|
   config.include Warden::Test::Helpers, type: :request
   config.after(type: :request) { Warden.test_reset! }

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: g5_authenticatable_api
 version: !ruby/object:Gem::Version
-  version: 0.4.1
+  version: 1.0.0.pre.1
 platform: ruby
 authors:
 - Maeve Revels
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2015-06-01 00:00:00.000000000 Z
+date: 2017-06-14 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rack
@@ -28,16 +28,16 @@ dependencies:
   name: g5_authentication_client
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - '='
       - !ruby/object:Gem::Version
-        version: '0.5'
+        version: 1.0.0.pre.4
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - '='
       - !ruby/object:Gem::Version
-        version: '0.5'
+        version: 1.0.0.pre.4
 - !ruby/object:Gem::Dependency
   name: activesupport
   requirement: !ruby/object:Gem::Requirement
@@ -63,12 +63,17 @@ files:
 - ".rspec"
 - ".ruby-version"
 - ".travis.yml"
+- Appraisals
 - CHANGELOG.md
 - Gemfile
 - LICENSE.txt
 - README.md
 - Rakefile
 - g5_authenticatable_api.gemspec
+- gemfiles/rails_4.1.gemfile
+- gemfiles/rails_4.2.gemfile
+- gemfiles/rails_5.0.gemfile
+- gemfiles/rails_5.1.gemfile
 - lib/g5_authenticatable_api.rb
 - lib/g5_authenticatable_api/helpers/grape.rb
 - lib/g5_authenticatable_api/helpers/rails.rb
@@ -113,6 +118,7 @@ files:
 - spec/dummy/config/initializers/filter_parameter_logging.rb
 - spec/dummy/config/initializers/inflections.rb
 - spec/dummy/config/initializers/mime_types.rb
+- spec/dummy/config/initializers/rails_compatibility.rb
 - spec/dummy/config/initializers/secret_token.rb
 - spec/dummy/config/initializers/session_store.rb
 - spec/dummy/config/initializers/wrap_parameters.rb
@@ -140,9 +146,11 @@ files:
 - spec/lib/g5_authenticatable_api/services/token_validator_spec.rb
 - spec/lib/g5_authenticatable_api/services/user_fetcher_spec.rb
 - spec/lib/g5_authenticatable_api/version_spec.rb
+- spec/rails_helper.rb
 - spec/requests/grape_api_spec.rb
 - spec/requests/rails_api_spec.rb
 - spec/spec_helper.rb
+- spec/support/controller_test_helpers.rb
 - spec/support/factory_girl.rb
 - spec/support/shared_contexts/current_auth_user.rb
 - spec/support/shared_contexts/invalid_access_token.rb
@@ -167,12 +175,12 @@ required_ruby_version: !ruby/object:Gem::Requirement
       version: '0'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
-  - - ">="
+  - - ">"
     - !ruby/object:Gem::Version
-      version: '0'
+      version: 1.3.1
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.2.2
+rubygems_version: 2.5.2
 signing_key: 
 specification_version: 4
 summary: Helpers for securing APIs with G5
@@ -213,6 +221,7 @@ test_files:
 - spec/dummy/config/initializers/filter_parameter_logging.rb
 - spec/dummy/config/initializers/inflections.rb
 - spec/dummy/config/initializers/mime_types.rb
+- spec/dummy/config/initializers/rails_compatibility.rb
 - spec/dummy/config/initializers/secret_token.rb
 - spec/dummy/config/initializers/session_store.rb
 - spec/dummy/config/initializers/wrap_parameters.rb
@@ -240,9 +249,11 @@ test_files:
 - spec/lib/g5_authenticatable_api/services/token_validator_spec.rb
 - spec/lib/g5_authenticatable_api/services/user_fetcher_spec.rb
 - spec/lib/g5_authenticatable_api/version_spec.rb
+- spec/rails_helper.rb
 - spec/requests/grape_api_spec.rb
 - spec/requests/rails_api_spec.rb
 - spec/spec_helper.rb
+- spec/support/controller_test_helpers.rb
 - spec/support/factory_girl.rb
 - spec/support/shared_contexts/current_auth_user.rb
 - spec/support/shared_contexts/invalid_access_token.rb
@@ -252,4 +263,3 @@ test_files:
 - spec/support/shared_examples/token_validation.rb
 - spec/support/shared_examples/warden_authenticatable_api.rb
 - spec/support/warden.rb
-has_rdoc: