ginjo-omniauth-slack 2.4.1 → 2.5.0

data/test/access_token_test.rb

@@ -0,0 +1,123 @@
+require 'helper'
+
+describe OmniAuth::Slack::OAuth2::AccessToken do
+  def setup
+    @access_token = OmniAuth::Slack::OAuth2::AccessToken.from_hash(
+      OmniAuth::Slack::OAuth2::Client.new('key','secret'),
+      {
+        'ok' => true,
+        'access_token' => 'xoxp-abcdef-123456789',
+        'user' => {'id' => '11', 'name' => 'bill'},
+        'team_id' => 33,
+        'team_name' => 'my team',
+        'scope' => 'users:read'
+      }
+    )
+    
+    @at_class = OmniAuth::Slack::OAuth2::AccessToken
+    
+    @scope_base = YAML.load_file(File.join(File.dirname(__FILE__), 'support/scope_base.yml'))
+  end
+  
+  it 'defines getter methods for basic user data' do
+    assert_equal 'users:read', @access_token.scope
+    assert_equal 33, @access_token.team_id
+    assert_equal 'my team', @access_token.team_name
+  end
+  
+  describe 'user_id' do
+    it "gets data from params['user'].to_h['id']" do
+      assert_equal '11', @access_token.user_id
+    end
+    
+    it "gets data from params['user_id']" do
+      @access_token.params.replace({'user_id' => 'user-id-01'})
+      assert_equal 'user-id-01', @access_token.user_id
+    end
+    
+    it "gets data from params['authorizing_user'].to_h['user_id']" do
+      @access_token.params.replace({'authorizing_user' => {'user_id' => 'user-id-02'}})
+      assert_equal 'user-id-02', @access_token.user_id
+    end
+  end
+  
+  describe 'ok?' do
+    it 'returns true or false' do
+      assert_equal true, @access_token.ok?
+      @access_token.params['ok'] = 'false'
+      assert_equal false, @access_token.ok?
+      @access_token.params['ok'] = nil
+      assert_equal false, @access_token.ok?
+    end
+  end
+  
+  describe 'token_type?' do
+    it 'compares token_type with any number of arguments and returns true if any match' do
+      assert_equal true, @access_token.token_type?('user')
+    end
+  end
+  
+  describe 'uid' do
+    it 'gets concatenated user_id-team_id' do
+      assert_equal '11-33', @access_token.uid
+    end
+  end
+  
+  describe 'all_scopes' do
+    it 'retrieves compiled hash of all scopes currently visible on token' do
+    end
+  end
+  
+  describe 'has_scope?' do
+    it 'passes array of classic scopes to class-level has_scope?' do
+      assert_equal true, @access_token.has_scope?('identify', 'channels:read', 'boblobla', base:@scope_base)
+    end
+    
+    it 'passes string of classic scopes to class-level has_scope?' do
+      assert_equal true, @access_token.has_scope?('identify channels:read boblobla', base:@scope_base)
+    end
+  end
+  
+  describe 'self.has_scope?' do    
+    it 'accepts a string of classic scopes to be matched against base-scopes containing :classic key' do
+      assert_equal true, @at_class.has_scope?(scope_query:'identify channels:read chat:write:bot users.profile:read', scope_base:@scope_base)
+    end
+    
+    it 'accepts an array of classic scopes to be matched against base-scopes containing :classic key' do
+      assert_equal true, @at_class.has_scope?(scope_query:['identify','channels:read','chat:write:bot','users.profile:read'], scope_base:@scope_base)
+    end
+
+    it 'accepts a scope_query hash' do
+      assert_equal true, @at_class.has_scope?(scope_query:{channel:'channels:read im:read', group:'chat:write'}, scope_base:@scope_base)
+    end
+    
+    it 'accepts an array of scope_query hashes' do
+      assert_equal true, @at_class.has_scope?(scope_query:[{channel:'channels:read im:read', group:'chat:write'}, {app_home:'chat:write'}], scope_base:@scope_base)
+    end
+
+    it 'accepts a scope_query hash with array of string values' do
+      assert_equal true, @at_class.has_scope?(scope_query:{channel: %w(channels:read im:read chat:write)}, scope_base:@scope_base)
+    end
+    
+    it "accepts a :logic param to switch to 'and' (all) logic from 'or' (any) logic" do
+      assert_equal false, @at_class.has_scope?(scope_query:{channel:'channels:read im:read', group:'chat:write'}, scope_base:@scope_base, logic:'and')
+      assert_equal true, @at_class.has_scope?(scope_query:{channel:'channels:read im:read', group:'chat:write'}, scope_base:@scope_base, logic:'or')
+      assert_equal false, @at_class.has_scope?(scope_query:{channel:'im:read'}, scope_base:@scope_base)
+    end
+    
+    it "given 'or' logic, must match at least one scope from given scope_query hash" do
+      assert_equal true, @at_class.has_scope?(scope_query:{channel:'channels:read im:read', group:'chat:wrong'}, scope_base:@scope_base, logic:'or')
+      assert_equal false, @at_class.has_scope?(scope_query:{channel:'chappels:read im:read', group:'chat:wrong'}, scope_base:@scope_base, logic:'or')
+    end
+    
+    it "given 'and' logic, must match all scopes from given scope_query hash" do
+      assert_equal true, @at_class.has_scope?(scope_query:{channel:'channels:read channels:history', group:'chat:write'}, scope_base:@scope_base, logic:'and')
+      assert_equal false, @at_class.has_scope?(scope_query:{channel:'channels:read channels:history', group:'chat:write', team:'users:read'}, scope_base:@scope_base, logic:'and')
+    end
+    
+    it "logic for array of query hashes is opposite of logic for query-hash" do
+      assert_equal true, @at_class.has_scope?(scope_query:[{channel:'channels:read im:read'}, {group:'chat:write'}], scope_base:@scope_base, logic:'and')
+      assert_equal false, @at_class.has_scope?(scope_query:[{channel:'channels:read im:read'}, {group:'chat:wrong chat:still.wrong'}], scope_base:@scope_base, logic:'or')
+    end
+  end
+end

data/test/helper.rb

@@ -1,9 +1,32 @@
-require "bundler/setup"
-require "minitest/autorun"
-require "mocha/setup"
-require "omniauth/strategies/slack"
+# Run all tests with
+#   ruby -I./test test/test.rb
+# or
+#   rake test
+# or run specific tests
+#   ruby -I./test test/refinements_test.rb
+#
+$LOAD_PATH.unshift File.expand_path('../../lib', __FILE__)
+$LOAD_PATH.unshift File.expand_path('../support', __FILE__)
+
+# Is specific require-bundler-setup needed?
+#require 'bundler/setup'
+
+require 'minitest/autorun'
+# Must load after minitest-autorun.
+require 'mocha/setup'
+
+# Is explicit require-oauth2 still needed?
+require 'oauth2'
+require 'omniauth-slack'
+
+# See below for require 'shared_examples' (needs to load after helpers).
+#require 'shared_examples'
+
+
 
 OmniAuth.config.test_mode = true
+OmniAuth.logger.level = 1
+ENV['OMNIAUTH_SLACK_DEBUG']='false'
 
 module BlockTestHelper
   def test(name, &blk)
@@ -54,5 +77,17 @@ class StrategyTestCase < TestCase
   end
 end
 
-Dir[File.expand_path("../support/**/*", __FILE__)].each(&method(:require))
+
+## This needs to load after helpers.
+require 'shared_examples'
+
+
+## These are not used here anymore.
+
+# Dir[File.expand_path("../support/**/*", __FILE__)].each(&method(:require))
+
+# Dir[File.join("../", 'test', '*.rb')].each {|file| require file }
+
+#require_relative 'support/shared_examples.rb'
+#Dir[File.expand_path("../**/*.rb", __FILE__)].each(&method(:require))
 

data/test/refinements_test.rb

@@ -0,0 +1,83 @@
+require 'helper'
+
+#class TestObjectRefinements
+class TestCallerMethodName
+  #using OmniAuth::Slack::ObjectRefinements
+  include OmniAuth::Slack::CallerMethodName
+
+  def test_caller_method_name_outter
+    test_caller_method_name_middle
+  end
+  
+  def test_caller_method_name_middle
+    test_caller_method_name_inner
+  end
+  
+  def test_caller_method_name_inner
+    caller_method_name  
+  end
+end
+
+# describe OmniAuth::Slack::ObjectRefinements do
+#   using OmniAuth::Slack::ObjectRefinements
+#   
+#   describe 'caller_method_name' do
+#     instance = TestObjectRefinements.new
+#     it "gets the name of the method that called the current method" do
+#       assert_equal 'test_caller_method_name_middle', instance.test_caller_method_name_outter
+#     end
+#   end
+# end
+
+describe OmniAuth::Slack::CallerMethodName do
+  #using OmniAuth::Slack::ObjectRefinements
+  
+  describe 'caller_method_name' do
+    instance = TestCallerMethodName.new
+    it "gets the name of the method that called the current method" do
+      assert_equal 'test_caller_method_name_middle', instance.test_caller_method_name_outter
+    end
+  end
+end
+
+describe OmniAuth::Slack::ArrayRefinements do
+  using OmniAuth::Slack::ArrayRefinements
+  
+  describe 'sort_with' do
+    it 'sorts one array according the order of another array' do
+      assert_equal [5,2,2,"three","three",1,:four,:four], [1,2,"three",:four,5,:four,2,"three"].sort_with([5,2,"three",1,:four])
+    end
+    
+    it 'takes an argument for :beginning or :ending to specify where to put un-matched source items' do
+      assert_equal [:c, :d, :b, :e, :a], [:a, :b, :c, :d, :e].sort_with([:b, :e, :a], :beginning)
+      assert_equal [:b, :e, :a, :c, :d], [:a, :b, :c, :d, :e].sort_with([:b, :e, :a], :ending)
+    end
+  end
+end
+
+describe OmniAuth::Slack::OAuth2Refinements do
+  using OmniAuth::Slack::OAuth2Refinements
+  
+  describe OAuth2::Response do
+    describe 'to_auth_hash' do
+      it 'returns parsed response as OmniAuth::Slack::AuthHash' do
+        resp = OAuth2::Response.new(a:'data')
+        resp.stubs(:parsed).returns({a:'data'})
+        assert_kind_of OmniAuth::Slack::AuthHash, resp.to_auth_hash
+        assert_equal({a:'data'}[:a], resp.to_auth_hash.a)
+      end
+    end
+  end
+end
+
+describe OmniAuth::Slack::StringRefinements do
+  using OmniAuth::Slack::StringRefinements
+  
+  describe 'words' do
+    it 'splits string into array of words based on white-space or commas' do
+      assert_equal('scope:one,scope.two scope.three ,scope@four, ,scope-five   scope_six,,,scope/seven , scope#eight'.words,
+        ["scope:one", "scope.two", "scope.three", "scope@four", "scope-five", "scope_six", "scope/seven", "scope#eight"]
+      )
+    end
+  end
+end

data/test/strategy_test.rb

@@ -0,0 +1,249 @@
+require 'helper'
+
+class StrategyTest < StrategyTestCase
+  include OAuth2StrategyTests
+  
+  test 'uses custom AuthHash subclass for auth_hash object' do
+    ::OmniAuth::Strategy.class_eval do
+      def auth_hash; {a:1, b:2}; end
+    end
+    assert_equal true, strategy.auth_hash.is_a?(OmniAuth::Slack::AuthHash)
+  end
+end
+
+class ClientTest < StrategyTestCase
+  test "has correct Slack site" do
+    assert_equal "https://slack.com", strategy.client.site
+  end
+
+  test "has correct authorize url" do
+    assert_equal "/oauth/v2/authorize", strategy.client.instance_eval{
+      options[:authorize_url].is_a?(Proc) ? instance_eval(&options[:authorize_url]) : options[:authorize_url]
+    }
+  end
+
+  test "has correct token url" do
+    assert_equal "/api/oauth.v2.access", strategy.client.instance_eval{
+      options[:token_url].is_a?(Proc) ? instance_eval(&options[:token_url]) : options[:token_url]
+    }
+  end
+
+  test "has correct auth_scheme" do
+    assert_equal :basic_auth, strategy.client.options[:auth_scheme]
+  end
+  
+  test 'request logs api call' do
+    # We need to manually stub the base #request method,
+    # since we're testing the override in the subclassed Client.
+    ::OAuth2::Client.class_eval do
+      def request(*args)
+        {'simple' => 'hash'}
+      end
+    end
+    @client = strategy.client
+    OmniAuth.logger.expects(:debug).with(){|*params| assert_match(/http:\/\/host\/api\/test.action/, params[0])}
+    @client.request(:get, 'http://host/api/test.action')
+  end
+  
+  test 'request adds api response to @history array' do
+    # We need to manually stub the base #request method,
+    # since we're testing the override in the subclassed Client.
+    ::OAuth2::Client.class_eval do
+      def request(*args)
+        {'simple' => 'hash'}
+      end
+    end
+    @client = strategy.client
+    @client.history = []
+    @client.request(:get, 'http://host/api/test.action')
+    #assert_equal( {'test.action' => {'simple' => 'hash'}}, @client.history )
+    #assert_equal( {'test.action' => {'simple' => 'hash'}}, strategy.send(:raw_info) )
+    assert_equal( {'api_call' => 'test.action', 'response' => {'simple' => 'hash'}}, @client.history[0].to_h.tap{|r| r.delete('time')} )
+    
+  end
+  
+  test "transfers team_domain from strategy options to client.site uri" do
+    @options = { :team_domain => 'subdomain' }
+    assert_equal "https://subdomain.slack.com", strategy.client.site
+  end
+  
+  test "transfers team_domain from request.params to client.site uri" do
+    @options = {pass_through_params: 'team_domain' }
+    @request.stubs(:params).returns({ 'team_domain' => 'subdomain2' })
+    assert_equal "https://subdomain2.slack.com", strategy.client.site
+  end
+  
+  test "transfers history option from strategy client_options to client.history" do
+    @options = { :client_options => {history:[5]} }
+    assert_equal [5], strategy.client.history
+  end
+end
+
+class CallbackUrlTest < StrategyTestCase
+  test "returns the default callback url" do
+    url_base = "http://auth.request.com"
+    @request.stubs(:url).returns("#{url_base}/some/page")
+    strategy.stubs(:script_name).returns("") # as not to depend on Rack env
+    assert_equal "#{url_base}/auth/slack/callback", strategy.callback_url
+  end
+
+  test "returns path from callback_path option" do
+    @options = { :callback_path => "/auth/slack/done"}
+    url_base = "http://auth.request.com"
+    @request.stubs(:url).returns("#{url_base}/page/path")
+    strategy.stubs(:script_name).returns("") # as not to depend on Rack env
+    assert_equal "#{url_base}/auth/slack/done", strategy.callback_url
+  end
+end
+
+class UidTest < StrategyTestCase
+  def setup
+    super
+    @access_token = stub("OmniAuth::Slack::OAuth2::AccessToken")
+    #@access_token.stubs(:user_id).returns('U123')
+    #@access_token.stubs(:team_id).returns('T456')
+    strategy.stubs(:access_token).returns(@access_token)
+  end
+
+  test "returns the uid from access_token" do
+    @access_token.stubs(:uid).returns("U123-T456")
+    assert_equal "U123-T456", strategy.uid
+  end
+end
+
+class CredentialsTest < StrategyTestCase
+  def setup
+    super
+    @access_token = stub("OmniAuth::Slack::OAuth2::AccessToken")
+    @access_token.stubs(:token)
+    @access_token.stubs(:token_type)
+    @access_token.stubs(:expires?)
+    @access_token.stubs(:expires_at)
+    @access_token.stubs(:refresh_token)
+    @access_token.stubs(:[])
+    @access_token.stubs(:params)
+    @access_token.stubs(:is_app_token?)
+    @access_token.stubs(:scope)
+    @access_token.stubs(:scopes)
+    @access_token.stubs(:all_scopes)
+    @access_token.stubs(:user_token)
+    strategy.stubs(:access_token).returns(@access_token)
+  end
+
+  test "returns a Hash" do
+    assert_kind_of Hash, strategy.credentials
+  end
+
+  test "returns the token" do
+    @access_token.stubs(:token).returns("123")
+    assert_equal "123", strategy.credentials["token"]
+  end
+  
+  test "returns the token_type" do
+    @access_token.stubs(:token_type).returns('bot')
+    assert_equal 'bot', strategy.credentials[:token_type]    
+  end
+
+  test "returns the expiry status" do
+    @access_token.stubs(:expires?).returns(true)
+    assert strategy.credentials["expires"]
+
+    @access_token.stubs(:expires?).returns(false)
+    refute strategy.credentials["expires"]
+  end
+
+  test "returns the refresh token and expiry time when expiring" do
+    ten_mins_from_now = (Time.now + 600).to_i
+    @access_token.stubs(:expires?).returns(true)
+    @access_token.stubs(:refresh_token).returns("321")
+    @access_token.stubs(:expires_at).returns(ten_mins_from_now)
+    assert_equal "321", strategy.credentials["refresh_token"]
+    assert_equal ten_mins_from_now, strategy.credentials["expires_at"]
+  end
+
+  test "does not return the refresh token when test is nil and expiring" do
+    @access_token.stubs(:expires?).returns(true)
+    @access_token.stubs(:refresh_token).returns(nil)
+    assert_nil strategy.credentials["refresh_token"]
+    refute_has_key "refresh_token", strategy.credentials
+  end
+
+  test "does not return the refresh token when not expiring" do
+    @access_token.stubs(:expires?).returns(false)
+    @access_token.stubs(:refresh_token).returns("XXX")
+    assert_nil strategy.credentials["refresh_token"]
+    refute_has_key "refresh_token", strategy.credentials
+  end
+end
+
+# This test is no longer relevant, but if modified, it might still be useful.
+#
+# class SkipInfoTest < StrategyTestCase
+# 
+#   test 'info should not include extended info when skip_info is specified' do
+#     @access_token = stub_everything("OmniAuth::Slack::OAuth2::AccessToken")
+#     @options = { skip_info: true }
+#     strategy.stubs(:access_token).returns(@access_token)
+#     assert_equal %w(name email user_id team_name team_id image), strategy.info.keys.map(&:to_s)
+#   end
+# 
+# end
+
+class AuthorizeParamsTest < StrategyTestCase
+
+  test 'returns OmniAuth::Strategy::Options hash' do
+    assert_kind_of OmniAuth::Strategy::Options, strategy.authorize_params
+  end
+  
+  test 'forwards oauth request params (redirect_uri scope team) to slack' do
+    @options = {pass_through_params: %w(redirect_uri scope team)}
+    strategy.request.params['scope'] = 'test-scope'
+    strategy.request.params['team'] = 'test-team'
+    strategy.request.params['redirect_uri'] = 'http://my-test-uri/auth/callback'
+    assert_equal 'test-scope', strategy.authorize_params['scope']
+    assert_equal 'test-team', strategy.authorize_params['team']
+    assert_equal 'http://my-test-uri/auth/callback', strategy.authorize_params['redirect_uri']
+  end
+  
+end
+
+# class InitializeTest < StrategyTestCase
+# end
+
+class CallbackPhaseTest < StrategyTestCase
+  def setup
+    super
+    strategy.stubs(:session).returns({'omniauth.authorize_params'=>{'team'=>'ABC123'}})
+    strategy.stubs(:env).returns({})
+    # Without this, OAuth2#callback_phase fails during these tests with csrf detected.
+    strategy.stubs('fail!').returns(true)
+  end
+  
+  test "sets env['omniauth.authorize_params'] with session['omniauth.authorize_params']" do
+    strategy.callback_phase
+    assert_equal( {'team'=>'ABC123'}, strategy.env['omniauth.authorize_params'] )
+  end
+end
+
+class PassThroughParamsTest < StrategyTestCase
+  test 'returns all AUTH_OPTIONS when given :all' do
+    strategy.options.pass_through_params = :all
+    assert_equal strategy.class::AUTH_OPTIONS, strategy.send(:pass_through_params)
+  end
+  
+  test 'returns empty array when given :none' do
+    strategy.options.pass_through_params = :none
+    assert_equal [], strategy.send(:pass_through_params)
+  end
+  
+  test "returns empty array when given nil" do
+    strategy.options.pass_through_params = nil
+    assert_equal [], strategy.send(:pass_through_params)
+  end
+  
+  test "returns specific items when given specific items" do
+    strategy.options.pass_through_params = %w(scope team_domain)
+    assert_equal %w(scope team_domain), strategy.send(:pass_through_params)
+  end
+end
+