googleauth 0.9.0 → 0.17.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (66) hide show
  1. checksums.yaml +4 -4
  2. data/.yardopts +11 -0
  3. data/CHANGELOG.md +113 -21
  4. data/README.md +13 -15
  5. data/SECURITY.md +7 -0
  6. data/lib/googleauth/application_default.rb +9 -9
  7. data/lib/googleauth/compute_engine.rb +55 -30
  8. data/lib/googleauth/credentials.rb +253 -64
  9. data/lib/googleauth/credentials_loader.rb +15 -16
  10. data/lib/googleauth/iam.rb +1 -1
  11. data/{spec/googleauth/stores/store_examples.rb → lib/googleauth/id_tokens/errors.rb} +36 -23
  12. data/lib/googleauth/id_tokens/key_sources.rb +396 -0
  13. data/lib/googleauth/id_tokens/verifier.rb +142 -0
  14. data/lib/googleauth/id_tokens.rb +233 -0
  15. data/lib/googleauth/json_key_reader.rb +6 -2
  16. data/lib/googleauth/scope_util.rb +1 -1
  17. data/lib/googleauth/service_account.rb +61 -36
  18. data/lib/googleauth/signet.rb +9 -7
  19. data/lib/googleauth/stores/file_token_store.rb +1 -0
  20. data/lib/googleauth/stores/redis_token_store.rb +1 -0
  21. data/lib/googleauth/user_authorizer.rb +8 -3
  22. data/lib/googleauth/user_refresh.rb +1 -1
  23. data/lib/googleauth/version.rb +1 -1
  24. data/lib/googleauth/web_user_authorizer.rb +5 -8
  25. data/lib/googleauth.rb +1 -0
  26. metadata +33 -76
  27. data/.github/CONTRIBUTING.md +0 -74
  28. data/.github/ISSUE_TEMPLATE/bug_report.md +0 -36
  29. data/.github/ISSUE_TEMPLATE/feature_request.md +0 -21
  30. data/.github/ISSUE_TEMPLATE/support_request.md +0 -7
  31. data/.gitignore +0 -36
  32. data/.kokoro/build.bat +0 -16
  33. data/.kokoro/build.sh +0 -4
  34. data/.kokoro/continuous/common.cfg +0 -24
  35. data/.kokoro/continuous/linux.cfg +0 -15
  36. data/.kokoro/continuous/osx.cfg +0 -3
  37. data/.kokoro/continuous/windows.cfg +0 -19
  38. data/.kokoro/osx.sh +0 -4
  39. data/.kokoro/presubmit/common.cfg +0 -24
  40. data/.kokoro/presubmit/linux.cfg +0 -14
  41. data/.kokoro/presubmit/osx.cfg +0 -3
  42. data/.kokoro/presubmit/windows.cfg +0 -19
  43. data/.kokoro/release.cfg +0 -53
  44. data/.kokoro/trampoline.bat +0 -10
  45. data/.kokoro/trampoline.sh +0 -4
  46. data/.rspec +0 -2
  47. data/.rubocop.yml +0 -42
  48. data/Gemfile +0 -25
  49. data/Rakefile +0 -89
  50. data/googleauth.gemspec +0 -35
  51. data/spec/googleauth/apply_auth_examples.rb +0 -148
  52. data/spec/googleauth/client_id_spec.rb +0 -160
  53. data/spec/googleauth/compute_engine_spec.rb +0 -122
  54. data/spec/googleauth/credentials_spec.rb +0 -459
  55. data/spec/googleauth/get_application_default_spec.rb +0 -286
  56. data/spec/googleauth/iam_spec.rb +0 -80
  57. data/spec/googleauth/scope_util_spec.rb +0 -77
  58. data/spec/googleauth/service_account_spec.rb +0 -482
  59. data/spec/googleauth/signet_spec.rb +0 -134
  60. data/spec/googleauth/stores/file_token_store_spec.rb +0 -57
  61. data/spec/googleauth/stores/redis_token_store_spec.rb +0 -50
  62. data/spec/googleauth/user_authorizer_spec.rb +0 -323
  63. data/spec/googleauth/user_refresh_spec.rb +0 -359
  64. data/spec/googleauth/web_user_authorizer_spec.rb +0 -172
  65. data/spec/spec_helper.rb +0 -92
  66. /data/{COPYING → LICENSE} +0 -0
@@ -1,286 +0,0 @@
1
- # Copyright 2015, Google Inc.
2
- # All rights reserved.
3
- #
4
- # Redistribution and use in source and binary forms, with or without
5
- # modification, are permitted provided that the following conditions are
6
- # met:
7
- #
8
- # * Redistributions of source code must retain the above copyright
9
- # notice, this list of conditions and the following disclaimer.
10
- # * Redistributions in binary form must reproduce the above
11
- # copyright notice, this list of conditions and the following disclaimer
12
- # in the documentation and/or other materials provided with the
13
- # distribution.
14
- # * Neither the name of Google Inc. nor the names of its
15
- # contributors may be used to endorse or promote products derived from
16
- # this software without specific prior written permission.
17
- #
18
- # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
19
- # "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
20
- # LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
21
- # A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
22
- # OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
23
- # SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
24
- # LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
25
- # DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
26
- # THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
27
- # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
28
- # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
29
-
30
- spec_dir = File.expand_path File.join(File.dirname(__FILE__))
31
- $LOAD_PATH.unshift spec_dir
32
- $LOAD_PATH.uniq!
33
-
34
- require "faraday"
35
- require "fakefs/safe"
36
- require "googleauth"
37
- require "spec_helper"
38
- require "os"
39
-
40
- describe "#get_application_default" do
41
- # Pass unique options each time to bypass memoization
42
- let(:options) { |example| { dememoize: example } }
43
-
44
- before :example do
45
- @key = OpenSSL::PKey::RSA.new 2048
46
- @var_name = ENV_VAR
47
- @credential_vars = [
48
- ENV_VAR, PRIVATE_KEY_VAR, CLIENT_EMAIL_VAR, CLIENT_ID_VAR,
49
- CLIENT_SECRET_VAR, REFRESH_TOKEN_VAR, ACCOUNT_TYPE_VAR
50
- ]
51
- @original_env_vals = {}
52
- @credential_vars.each { |var| @original_env_vals[var] = ENV[var] }
53
- @home = ENV["HOME"]
54
- @app_data = ENV["APPDATA"]
55
- @program_data = ENV["ProgramData"]
56
- @scope = "https://www.googleapis.com/auth/userinfo.profile"
57
- end
58
-
59
- after :example do
60
- @credential_vars.each { |var| ENV[var] = @original_env_vals[var] }
61
- ENV["HOME"] = @home unless @home == ENV["HOME"]
62
- ENV["APPDATA"] = @app_data unless @app_data == ENV["APPDATA"]
63
- ENV["ProgramData"] = @program_data unless @program_data == ENV["ProgramData"]
64
- end
65
-
66
- shared_examples "it cannot load misconfigured credentials" do
67
- it "fails if the GOOGLE_APPLICATION_CREDENTIALS path does not exist" do
68
- Dir.mktmpdir do |dir|
69
- key_path = File.join dir, "does-not-exist"
70
- ENV[@var_name] = key_path
71
- expect { Google::Auth.get_application_default @scope, options }
72
- .to raise_error RuntimeError
73
- end
74
- end
75
-
76
- it "fails without default file or env if not on compute engine" do
77
- stub = stub_request(:get, "http://169.254.169.254")
78
- .to_return(status: 404,
79
- headers: { "Metadata-Flavor" => "NotGoogle" })
80
- Dir.mktmpdir do |dir|
81
- ENV.delete @var_name unless ENV[@var_name].nil? # no env var
82
- ENV["HOME"] = dir # no config present in this tmp dir
83
- expect do
84
- Google::Auth.get_application_default @scope, options
85
- end.to raise_error RuntimeError
86
- end
87
- expect(stub).to have_been_requested
88
- end
89
- end
90
-
91
- shared_examples "it can successfully load credentials" do
92
- it "succeeds if the GOOGLE_APPLICATION_CREDENTIALS file is valid" do
93
- Dir.mktmpdir do |dir|
94
- key_path = File.join dir, "my_cert_file"
95
- FileUtils.mkdir_p File.dirname(key_path)
96
- File.write key_path, cred_json_text
97
- ENV[@var_name] = key_path
98
- expect(Google::Auth.get_application_default(@scope, options))
99
- .to_not be_nil
100
- end
101
- end
102
-
103
- it "propagates default_connection option" do
104
- Dir.mktmpdir do |dir|
105
- key_path = File.join dir, "my_cert_file"
106
- FileUtils.mkdir_p File.dirname(key_path)
107
- File.write key_path, cred_json_text
108
- ENV[@var_name] = key_path
109
- connection = Faraday.new headers: { "User-Agent" => "hello" }
110
- opts = options.merge default_connection: connection
111
- creds = Google::Auth.get_application_default @scope, opts
112
- expect(creds.build_default_connection).to be connection
113
- end
114
- end
115
-
116
- it "succeeds with default file without GOOGLE_APPLICATION_CREDENTIALS" do
117
- ENV.delete @var_name unless ENV[@var_name].nil?
118
- Dir.mktmpdir do |dir|
119
- key_path = File.join dir, ".config", WELL_KNOWN_PATH
120
- key_path = File.join dir, WELL_KNOWN_PATH if OS.windows?
121
- FileUtils.mkdir_p File.dirname(key_path)
122
- File.write key_path, cred_json_text
123
- ENV["HOME"] = dir
124
- ENV["APPDATA"] = dir
125
- expect(Google::Auth.get_application_default(@scope, options))
126
- .to_not be_nil
127
- end
128
- end
129
-
130
- it "succeeds with default file without a scope" do
131
- ENV.delete @var_name unless ENV[@var_name].nil?
132
- Dir.mktmpdir do |dir|
133
- key_path = File.join dir, ".config", WELL_KNOWN_PATH
134
- key_path = File.join dir, WELL_KNOWN_PATH if OS.windows?
135
- FileUtils.mkdir_p File.dirname(key_path)
136
- File.write key_path, cred_json_text
137
- ENV["HOME"] = dir
138
- ENV["APPDATA"] = dir
139
- expect(Google::Auth.get_application_default(nil, options)).to_not be_nil
140
- end
141
- end
142
-
143
- it "succeeds without default file or env if on compute engine" do
144
- stub = stub_request(:get, "http://169.254.169.254")
145
- .to_return(status: 200,
146
- headers: { "Metadata-Flavor" => "Google" })
147
- Dir.mktmpdir do |dir|
148
- ENV.delete @var_name unless ENV[@var_name].nil? # no env var
149
- ENV["HOME"] = dir # no config present in this tmp dir
150
- creds = Google::Auth.get_application_default @scope, options
151
- expect(creds).to_not be_nil
152
- end
153
- expect(stub).to have_been_requested
154
- end
155
-
156
- it "succeeds with system default file" do
157
- ENV.delete @var_name unless ENV[@var_name].nil?
158
- FakeFS do
159
- ENV["ProgramData"] = "/etc"
160
- prefix = OS.windows? ? "/etc/Google/Auth/" : "/etc/google/auth/"
161
- key_path = File.join prefix, CREDENTIALS_FILE_NAME
162
- FileUtils.mkdir_p File.dirname(key_path)
163
- File.write key_path, cred_json_text
164
- expect(Google::Auth.get_application_default(@scope, options))
165
- .to_not be_nil
166
- File.delete key_path
167
- end
168
- end
169
-
170
- it "succeeds if environment vars are valid" do
171
- ENV.delete @var_name unless ENV[@var_name].nil? # no env var
172
- ENV[PRIVATE_KEY_VAR] = cred_json[:private_key]
173
- ENV[CLIENT_EMAIL_VAR] = cred_json[:client_email]
174
- ENV[CLIENT_ID_VAR] = cred_json[:client_id]
175
- ENV[CLIENT_SECRET_VAR] = cred_json[:client_secret]
176
- ENV[REFRESH_TOKEN_VAR] = cred_json[:refresh_token]
177
- ENV[ACCOUNT_TYPE_VAR] = cred_json[:type]
178
- expect(Google::Auth.get_application_default(@scope, options))
179
- .to_not be_nil
180
- end
181
-
182
- it "warns when using cloud sdk credentials" do
183
- ENV.delete @var_name unless ENV[@var_name].nil? # no env var
184
- ENV[PRIVATE_KEY_VAR] = cred_json[:private_key]
185
- ENV[CLIENT_EMAIL_VAR] = cred_json[:client_email]
186
- ENV[CLIENT_ID_VAR] = Google::Auth::CredentialsLoader::CLOUD_SDK_CLIENT_ID
187
- ENV[CLIENT_SECRET_VAR] = cred_json[:client_secret]
188
- ENV[REFRESH_TOKEN_VAR] = cred_json[:refresh_token]
189
- ENV[ACCOUNT_TYPE_VAR] = cred_json[:type]
190
- ENV[PROJECT_ID_VAR] = "a_project_id"
191
- expect { Google::Auth.get_application_default @scope, options }.to output(
192
- Google::Auth::CredentialsLoader::CLOUD_SDK_CREDENTIALS_WARNING + "\n"
193
- ).to_stderr
194
- end
195
- end
196
-
197
- describe "when credential type is service account" do
198
- let :cred_json do
199
- {
200
- private_key_id: "a_private_key_id",
201
- private_key: @key.to_pem,
202
- client_email: "app@developer.gserviceaccount.com",
203
- client_id: "app.apps.googleusercontent.com",
204
- type: "service_account"
205
- }
206
- end
207
-
208
- def cred_json_text
209
- MultiJson.dump cred_json
210
- end
211
-
212
- it_behaves_like "it can successfully load credentials"
213
- it_behaves_like "it cannot load misconfigured credentials"
214
- end
215
-
216
- describe "when credential type is authorized_user" do
217
- let :cred_json do
218
- {
219
- client_secret: "privatekey",
220
- refresh_token: "refreshtoken",
221
- client_id: "app.apps.googleusercontent.com",
222
- type: "authorized_user"
223
- }
224
- end
225
-
226
- def cred_json_text
227
- MultiJson.dump cred_json
228
- end
229
-
230
- it_behaves_like "it can successfully load credentials"
231
- it_behaves_like "it cannot load misconfigured credentials"
232
- end
233
-
234
- describe "when credential type is unknown" do
235
- let :cred_json do
236
- {
237
- client_secret: "privatekey",
238
- refresh_token: "refreshtoken",
239
- client_id: "app.apps.googleusercontent.com",
240
- private_key: @key.to_pem,
241
- client_email: "app@developer.gserviceaccount.com",
242
- type: "not_known_type"
243
- }
244
- end
245
-
246
- def cred_json_text
247
- MultiJson.dump cred_json
248
- end
249
-
250
- it "fails if the GOOGLE_APPLICATION_CREDENTIALS file contains the creds" do
251
- Dir.mktmpdir do |dir|
252
- key_path = File.join dir, "my_cert_file"
253
- FileUtils.mkdir_p File.dirname(key_path)
254
- File.write key_path, cred_json_text
255
- ENV[@var_name] = key_path
256
- expect do
257
- Google::Auth.get_application_default @scope, options
258
- end.to raise_error RuntimeError
259
- end
260
- end
261
-
262
- it "fails if the well known file contains the creds" do
263
- ENV.delete @var_name unless ENV[@var_name].nil?
264
- Dir.mktmpdir do |dir|
265
- key_path = File.join dir, ".config", WELL_KNOWN_PATH
266
- key_path = File.join dir, WELL_KNOWN_PATH if OS.windows?
267
- FileUtils.mkdir_p File.dirname(key_path)
268
- File.write key_path, cred_json_text
269
- ENV["HOME"] = dir
270
- ENV["APPDATA"] = dir
271
- expect do
272
- Google::Auth.get_application_default @scope, options
273
- end.to raise_error RuntimeError
274
- end
275
- end
276
-
277
- it "fails if env vars are set" do
278
- ENV[ENV_VAR] = nil
279
- ENV[PRIVATE_KEY_VAR] = cred_json[:private_key]
280
- ENV[CLIENT_EMAIL_VAR] = cred_json[:client_email]
281
- expect do
282
- Google::Auth.get_application_default @scope, options
283
- end.to raise_error RuntimeError
284
- end
285
- end
286
- end
@@ -1,80 +0,0 @@
1
- # Copyright 2015, Google Inc.
2
- # All rights reserved.
3
- #
4
- # Redistribution and use in source and binary forms, with or without
5
- # modification, are permitted provided that the following conditions are
6
- # met:
7
- #
8
- # * Redistributions of source code must retain the above copyright
9
- # notice, this list of conditions and the following disclaimer.
10
- # * Redistributions in binary form must reproduce the above
11
- # copyright notice, this list of conditions and the following disclaimer
12
- # in the documentation and/or other materials provided with the
13
- # distribution.
14
- # * Neither the name of Google Inc. nor the names of its
15
- # contributors may be used to endorse or promote products derived from
16
- # this software without specific prior written permission.
17
- #
18
- # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
19
- # "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
20
- # LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
21
- # A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
22
- # OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
23
- # SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
24
- # LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
25
- # DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
26
- # THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
27
- # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
28
- # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
29
-
30
- spec_dir = File.expand_path File.join(File.dirname(__FILE__))
31
- $LOAD_PATH.unshift spec_dir
32
- $LOAD_PATH.uniq!
33
-
34
- require "googleauth/iam"
35
-
36
- describe Google::Auth::IAMCredentials do
37
- IAMCredentials = Google::Auth::IAMCredentials
38
- let(:test_selector) { "the-test-selector" }
39
- let(:test_token) { "the-test-token" }
40
- let(:test_creds) { IAMCredentials.new test_selector, test_token }
41
-
42
- describe "#apply!" do
43
- it "should update the target hash with the iam values" do
44
- md = { foo: "bar" }
45
- test_creds.apply! md
46
- expect(md[IAMCredentials::SELECTOR_KEY]).to eq test_selector
47
- expect(md[IAMCredentials::TOKEN_KEY]).to eq test_token
48
- expect(md[:foo]).to eq "bar"
49
- end
50
- end
51
-
52
- describe "updater_proc" do
53
- it "should provide a proc that updates a hash with the iam values" do
54
- md = { foo: "bar" }
55
- the_proc = test_creds.updater_proc
56
- got = the_proc.call md
57
- expect(got[IAMCredentials::SELECTOR_KEY]).to eq test_selector
58
- expect(got[IAMCredentials::TOKEN_KEY]).to eq test_token
59
- expect(got[:foo]).to eq "bar"
60
- end
61
- end
62
-
63
- describe "#apply" do
64
- it "should not update the original hash with the iam values" do
65
- md = { foo: "bar" }
66
- test_creds.apply md
67
- expect(md[IAMCredentials::SELECTOR_KEY]).to be_nil
68
- expect(md[IAMCredentials::TOKEN_KEY]).to be_nil
69
- expect(md[:foo]).to eq "bar"
70
- end
71
-
72
- it "should return a with the iam values" do
73
- md = { foo: "bar" }
74
- got = test_creds.apply md
75
- expect(got[IAMCredentials::SELECTOR_KEY]).to eq test_selector
76
- expect(got[IAMCredentials::TOKEN_KEY]).to eq test_token
77
- expect(got[:foo]).to eq "bar"
78
- end
79
- end
80
- end
@@ -1,77 +0,0 @@
1
- # Copyright 2015, Google Inc.
2
- # All rights reserved.
3
- #
4
- # Redistribution and use in source and binary forms, with or without
5
- # modification, are permitted provided that the following conditions are
6
- # met:
7
- #
8
- # * Redistributions of source code must retain the above copyright
9
- # notice, this list of conditions and the following disclaimer.
10
- # * Redistributions in binary form must reproduce the above
11
- # copyright notice, this list of conditions and the following disclaimer
12
- # in the documentation and/or other materials provided with the
13
- # distribution.
14
- # * Neither the name of Google Inc. nor the names of its
15
- # contributors may be used to endorse or promote products derived from
16
- # this software without specific prior written permission.
17
- #
18
- # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
19
- # "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
20
- # LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
21
- # A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
22
- # OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
23
- # SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
24
- # LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
25
- # DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
26
- # THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
27
- # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
28
- # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
29
-
30
- spec_dir = File.expand_path File.join(File.dirname(__FILE__))
31
- $LOAD_PATH.unshift spec_dir
32
- $LOAD_PATH.uniq!
33
-
34
- require "googleauth/scope_util"
35
-
36
- describe Google::Auth::ScopeUtil do
37
- shared_examples "normalizes scopes" do
38
- let(:normalized) { Google::Auth::ScopeUtil.normalize source }
39
-
40
- it "normalizes the email scope" do
41
- expect(normalized).to include(
42
- "https://www.googleapis.com/auth/userinfo.email"
43
- )
44
- expect(normalized).to_not include "email"
45
- end
46
-
47
- it "normalizes the profile scope" do
48
- expect(normalized).to include(
49
- "https://www.googleapis.com/auth/userinfo.profile"
50
- )
51
- expect(normalized).to_not include "profile"
52
- end
53
-
54
- it "normalizes the openid scope" do
55
- expect(normalized).to include "https://www.googleapis.com/auth/plus.me"
56
- expect(normalized).to_not include "openid"
57
- end
58
-
59
- it "leaves other other scopes as-is" do
60
- expect(normalized).to include "https://www.googleapis.com/auth/drive"
61
- end
62
- end
63
-
64
- context "with scope as string" do
65
- let :source do
66
- "email profile openid https://www.googleapis.com/auth/drive"
67
- end
68
- it_behaves_like "normalizes scopes"
69
- end
70
-
71
- context "with scope as Array" do
72
- let :source do
73
- %w[email profile openid https://www.googleapis.com/auth/drive]
74
- end
75
- it_behaves_like "normalizes scopes"
76
- end
77
- end