grape_oauth2 0.1.1 → 0.2.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (93) hide show
  1. checksums.yaml +4 -4
  2. data/.gitignore +11 -11
  3. data/Gemfile +23 -23
  4. data/Rakefile +11 -11
  5. data/grape_oauth2.gemspec +26 -27
  6. data/lib/grape_oauth2.rb +129 -129
  7. data/lib/grape_oauth2/configuration.rb +143 -143
  8. data/lib/grape_oauth2/configuration/class_accessors.rb +36 -36
  9. data/lib/grape_oauth2/configuration/validation.rb +71 -71
  10. data/lib/grape_oauth2/endpoints/authorize.rb +34 -34
  11. data/lib/grape_oauth2/endpoints/token.rb +72 -72
  12. data/lib/grape_oauth2/gem_version.rb +24 -24
  13. data/lib/grape_oauth2/generators/authorization.rb +44 -44
  14. data/lib/grape_oauth2/generators/base.rb +26 -26
  15. data/lib/grape_oauth2/generators/token.rb +62 -62
  16. data/lib/grape_oauth2/helpers/access_token_helpers.rb +52 -54
  17. data/lib/grape_oauth2/helpers/oauth_params.rb +41 -41
  18. data/lib/grape_oauth2/mixins/active_record/access_grant.rb +47 -47
  19. data/lib/grape_oauth2/mixins/active_record/access_token.rb +75 -75
  20. data/lib/grape_oauth2/mixins/active_record/client.rb +36 -35
  21. data/lib/grape_oauth2/mixins/mongoid/access_grant.rb +58 -58
  22. data/lib/grape_oauth2/mixins/mongoid/access_token.rb +88 -88
  23. data/lib/grape_oauth2/mixins/mongoid/client.rb +44 -41
  24. data/lib/grape_oauth2/mixins/sequel/access_grant.rb +68 -68
  25. data/lib/grape_oauth2/mixins/sequel/access_token.rb +86 -86
  26. data/lib/grape_oauth2/mixins/sequel/client.rb +54 -46
  27. data/lib/grape_oauth2/responses/authorization.rb +11 -10
  28. data/lib/grape_oauth2/responses/base.rb +56 -56
  29. data/lib/grape_oauth2/responses/token.rb +10 -10
  30. data/lib/grape_oauth2/scopes.rb +74 -74
  31. data/lib/grape_oauth2/strategies/authorization_code.rb +38 -38
  32. data/lib/grape_oauth2/strategies/base.rb +47 -47
  33. data/lib/grape_oauth2/strategies/client_credentials.rb +20 -20
  34. data/lib/grape_oauth2/strategies/password.rb +22 -22
  35. data/lib/grape_oauth2/strategies/refresh_token.rb +47 -47
  36. data/lib/grape_oauth2/unique_token.rb +20 -20
  37. data/lib/grape_oauth2/version.rb +14 -14
  38. data/spec/configuration/config_spec.rb +231 -231
  39. data/spec/configuration/version_spec.rb +12 -12
  40. data/spec/dummy/endpoints/custom_authorization.rb +25 -25
  41. data/spec/dummy/endpoints/custom_token.rb +35 -35
  42. data/spec/dummy/endpoints/status.rb +25 -25
  43. data/spec/dummy/grape_oauth2_config.rb +11 -11
  44. data/spec/dummy/orm/active_record/app/config/db.rb +7 -7
  45. data/spec/dummy/orm/active_record/app/models/access_code.rb +3 -3
  46. data/spec/dummy/orm/active_record/app/models/access_token.rb +3 -3
  47. data/spec/dummy/orm/active_record/app/models/application.rb +3 -3
  48. data/spec/dummy/orm/active_record/app/models/application_record.rb +3 -3
  49. data/spec/dummy/orm/active_record/app/models/user.rb +10 -10
  50. data/spec/dummy/orm/active_record/app/twitter.rb +36 -36
  51. data/spec/dummy/orm/active_record/config.ru +7 -7
  52. data/spec/dummy/orm/active_record/db/schema.rb +53 -53
  53. data/spec/dummy/orm/mongoid/app/config/db.rb +6 -6
  54. data/spec/dummy/orm/mongoid/app/config/mongoid.yml +21 -21
  55. data/spec/dummy/orm/mongoid/app/models/access_code.rb +3 -3
  56. data/spec/dummy/orm/mongoid/app/models/access_token.rb +3 -3
  57. data/spec/dummy/orm/mongoid/app/models/application.rb +3 -3
  58. data/spec/dummy/orm/mongoid/app/models/user.rb +11 -11
  59. data/spec/dummy/orm/mongoid/app/twitter.rb +34 -34
  60. data/spec/dummy/orm/mongoid/config.ru +5 -5
  61. data/spec/dummy/orm/sequel/app/config/db.rb +1 -1
  62. data/spec/dummy/orm/sequel/app/models/access_code.rb +4 -4
  63. data/spec/dummy/orm/sequel/app/models/access_token.rb +4 -4
  64. data/spec/dummy/orm/sequel/app/models/application.rb +4 -4
  65. data/spec/dummy/orm/sequel/app/models/application_record.rb +2 -2
  66. data/spec/dummy/orm/sequel/app/models/user.rb +11 -11
  67. data/spec/dummy/orm/sequel/app/twitter.rb +47 -47
  68. data/spec/dummy/orm/sequel/config.ru +5 -5
  69. data/spec/dummy/orm/sequel/db/schema.rb +50 -50
  70. data/spec/lib/scopes_spec.rb +50 -50
  71. data/spec/mixins/active_record/access_token_spec.rb +185 -185
  72. data/spec/mixins/active_record/client_spec.rb +104 -95
  73. data/spec/mixins/mongoid/access_token_spec.rb +185 -185
  74. data/spec/mixins/mongoid/client_spec.rb +104 -95
  75. data/spec/mixins/sequel/access_token_spec.rb +185 -185
  76. data/spec/mixins/sequel/client_spec.rb +105 -96
  77. data/spec/requests/flows/authorization_code_spec.rb +67 -67
  78. data/spec/requests/flows/client_credentials_spec.rb +101 -101
  79. data/spec/requests/flows/password_spec.rb +210 -210
  80. data/spec/requests/flows/refresh_token_spec.rb +222 -222
  81. data/spec/requests/flows/revoke_token_spec.rb +103 -103
  82. data/spec/requests/protected_resources_spec.rb +64 -64
  83. data/spec/spec_helper.rb +60 -60
  84. data/spec/support/api_helper.rb +11 -11
  85. metadata +50 -52
  86. data/.rspec +0 -2
  87. data/.rubocop.yml +0 -18
  88. data/.travis.yml +0 -42
  89. data/README.md +0 -820
  90. data/gemfiles/active_record.rb +0 -25
  91. data/gemfiles/mongoid.rb +0 -14
  92. data/gemfiles/sequel.rb +0 -24
  93. data/grape_oauth2.png +0 -0
@@ -1,50 +1,50 @@
1
- require 'spec_helper'
2
-
3
- describe Grape::OAuth2::Scopes do
4
- context '#valid_for?' do
5
- it 'true when all the requested scopes included in the Access Token scopes' do
6
- scopes = described_class.new(['read', 'write'])
7
- access_token = double('AccessToken', scopes: 'read write')
8
-
9
- expect(scopes.valid_for?(access_token)).to be_truthy
10
- end
11
-
12
- it 'true when requested scopes are empty' do
13
- scopes = described_class.new([])
14
- access_token = double('AccessToken', scopes: 'read write')
15
-
16
- expect(scopes.valid_for?(access_token)).to be_truthy
17
- end
18
-
19
- it 'false when some of the requested scopes does not included in the Access Token scopes' do
20
- scopes = described_class.new(['read', 'write', 'destroy'])
21
- access_token = double('AccessToken', scopes: 'read write')
22
-
23
- expect(scopes.valid_for?(access_token)).to be_falsey
24
- end
25
- end
26
-
27
- context '#to_array' do
28
- let(:scopes) { described_class.new([]) }
29
-
30
- it 'converts the String scopes to an Array' do
31
- expect(scopes.send(:to_array, 'read write delete')).to eq(%w(read write delete))
32
- end
33
-
34
- it 'converts the object that responds to `to_a` to an Array' do
35
- custom_scopes = double('CustomScopes')
36
- allow(custom_scopes).to receive(:to_a).and_return(%w(read write))
37
-
38
- expect(scopes.send(:to_array, custom_scopes)).to eq(%w(read write))
39
- end
40
-
41
- it 'returns an Array of String values if Array was passed' do
42
- expect(scopes.send(:to_array, %w(read write delete))).to eq(%w(read write delete))
43
- expect(scopes.send(:to_array, %i(read write delete))).to eq(%w(read write delete))
44
- end
45
-
46
- it 'raises an error if scopes type is not supported' do
47
- expect { scopes.send(:to_array, :read) }.to raise_error(ArgumentError)
48
- end
49
- end
50
- end
1
+ require 'spec_helper'
2
+
3
+ describe Grape::OAuth2::Scopes do
4
+ context '#valid_for?' do
5
+ it 'true when all the requested scopes included in the Access Token scopes' do
6
+ scopes = described_class.new(['read', 'write'])
7
+ access_token = double('AccessToken', scopes: 'read write')
8
+
9
+ expect(scopes.valid_for?(access_token)).to be_truthy
10
+ end
11
+
12
+ it 'true when requested scopes are empty' do
13
+ scopes = described_class.new([])
14
+ access_token = double('AccessToken', scopes: 'read write')
15
+
16
+ expect(scopes.valid_for?(access_token)).to be_truthy
17
+ end
18
+
19
+ it 'false when some of the requested scopes does not included in the Access Token scopes' do
20
+ scopes = described_class.new(['read', 'write', 'destroy'])
21
+ access_token = double('AccessToken', scopes: 'read write')
22
+
23
+ expect(scopes.valid_for?(access_token)).to be_falsey
24
+ end
25
+ end
26
+
27
+ context '#to_array' do
28
+ let(:scopes) { described_class.new([]) }
29
+
30
+ it 'converts the String scopes to an Array' do
31
+ expect(scopes.send(:to_array, 'read write delete')).to eq(%w[read write delete])
32
+ end
33
+
34
+ it 'converts the object that responds to `to_a` to an Array' do
35
+ custom_scopes = double('CustomScopes')
36
+ allow(custom_scopes).to receive(:to_a).and_return(%w(read write))
37
+
38
+ expect(scopes.send(:to_array, custom_scopes)).to eq(%w(read write))
39
+ end
40
+
41
+ it 'returns an Array of String values if Array was passed' do
42
+ expect(scopes.send(:to_array, %w(read write delete))).to eq(%w[read write delete])
43
+ expect(scopes.send(:to_array, %i(read write delete))).to eq(%w[read write delete])
44
+ end
45
+
46
+ it 'raises an error if scopes type is not supported' do
47
+ expect { scopes.send(:to_array, :read) }.to raise_error(ArgumentError)
48
+ end
49
+ end
50
+ end
@@ -1,185 +1,185 @@
1
- require 'spec_helper'
2
-
3
- describe 'Grape::OAuth2::ActiveRecord::AccessToken', skip_if: ENV['ORM'] != 'active_record' do
4
- let(:application) { Application.create(name: 'Test') }
5
- let(:user) { User.create(username: 'test', password: '123123') }
6
- let(:access_token) { AccessToken.create(client: application, resource_owner: user) }
7
-
8
- let(:token) { SecureRandom.hex(16) }
9
-
10
- describe 'validations' do
11
- it 'validate token uniqueness' do
12
- another_token = AccessToken.create(client: application)
13
- token = AccessToken.new(client: application, token: another_token.token)
14
-
15
- expect(token).not_to be_valid
16
- expect(token.errors.messages).to include(:token)
17
- end
18
- end
19
-
20
- describe '#to_bearer_token' do
21
- context 'config with refresh token' do
22
- before do
23
- Grape::OAuth2.config.issue_refresh_token = true
24
- end
25
-
26
- after do
27
- Grape::OAuth2.config.issue_refresh_token = false
28
- end
29
-
30
- it 'returns refresh token' do
31
- expect(access_token.to_bearer_token[:access_token]).not_to be_blank
32
- end
33
- end
34
-
35
- context 'config without refresh token' do
36
- before do
37
- Grape::OAuth2.configure do |config|
38
- config.issue_refresh_token = false
39
- end
40
- end
41
-
42
- it 'returns blank refresh token' do
43
- expect(access_token.to_bearer_token[:refresh_token]).to be_blank
44
- end
45
- end
46
- end
47
-
48
- describe '#authenticate' do
49
- it 'returns an instance if authenticated successfully' do
50
- access_token.token = token
51
- access_token.save
52
-
53
- expect(AccessToken.authenticate(token)).to eq(access_token)
54
- end
55
-
56
- it 'returns nil if authentication failed' do
57
- access_token.token = token
58
- access_token.save
59
-
60
- expect(AccessToken.authenticate("invalid-#{token}")).to be_nil
61
- end
62
-
63
- it 'returns an instance by refresh token' do
64
- refresh_token = SecureRandom.hex(6)
65
- token = AccessToken.create(client: application, refresh_token: refresh_token)
66
-
67
- expect(AccessToken.authenticate(refresh_token, type: :refresh_token)).to eq(token)
68
- expect(AccessToken.authenticate(refresh_token, type: 'refresh_token')).to eq(token)
69
- end
70
- end
71
-
72
- describe '#create_for?' do
73
- it 'creates a record only for Client' do
74
- token = AccessToken.create_for(application, nil)
75
-
76
- expect(token.client).not_to be_nil
77
- expect(token.resource_owner).to be_nil
78
- end
79
-
80
- it 'creates a record for Client and Resource Owner' do
81
- token = AccessToken.create_for(application, user)
82
-
83
- expect(token.client).to eq(application)
84
- expect(token.resource_owner).to eq(user)
85
- end
86
-
87
- it 'creates a record with scopes' do
88
- scopes = 'write read'
89
- token = AccessToken.create_for(application, user, scopes)
90
-
91
- expect(token.client).to eq(application)
92
- expect(token.resource_owner).to eq(user)
93
- expect(token.scopes).to eq(scopes)
94
- end
95
- end
96
-
97
- describe '#expired?' do
98
- it 'return false if expires_at nil' do
99
- access_token.update_column(:expires_at, nil)
100
-
101
- expect(access_token.expired?).to be_falsey
102
- end
103
-
104
- it 'return false if expires_at < Time.now' do
105
- expect(access_token.expired?).to be_falsey
106
- end
107
-
108
- it 'return false if expires_at > Time.now' do
109
- expired_at = Time.now.utc - Grape::OAuth2.config.access_token_lifetime + 1
110
- access_token.update_column(:expires_at, expired_at)
111
-
112
- expect(access_token.expired?).to be_truthy
113
- end
114
- end
115
-
116
- describe '#revoked?' do
117
- it 'return false if revoked_at nil' do
118
- access_token.update_column(:revoked_at, nil)
119
-
120
- expect(access_token.revoked?).to be_falsey
121
- end
122
-
123
- it 'return false if revoked_at present' do
124
- access_token.update_column(:revoked_at, Time.now.utc)
125
- expect(access_token.revoked?).to be_truthy
126
- end
127
- end
128
-
129
- describe '#revoke!' do
130
- it 'update :revoked_at attribute' do
131
- expect { access_token.revoke! }.to change { access_token.revoked? }.from(false).to(true)
132
- end
133
-
134
- it 'update :revoked_at attribute with custom value' do
135
- custom_time = Time.now - 7200
136
- access_token.revoke!(custom_time)
137
-
138
- expect(access_token.revoked_at).to eq(custom_time.utc)
139
- end
140
- end
141
-
142
- describe 'token generation' do
143
- it 'generates a new token before saving if token is blank' do
144
- token = AccessToken.new(client: application, resource_owner: user)
145
-
146
- expect(token.token).to be_blank
147
-
148
- token.save
149
-
150
- expect(token.token).not_to be_blank
151
- end
152
-
153
- it 'does not change token value on saving if token is present' do
154
- token = AccessToken.new(client: application, resource_owner: user, token: 'abcdef')
155
-
156
- expect(token.token).not_to be_blank
157
-
158
- token.save
159
-
160
- expect(token.token).to eq('abcdef')
161
- end
162
- end
163
-
164
- describe 'expiration' do
165
- it 'set to nil if configuration option set to nil' do
166
- Grape::OAuth2.config.access_token_lifetime = nil
167
-
168
- token = AccessToken.create(client: application, resource_owner: user)
169
- expect(token.expires_at).to be_nil
170
-
171
- Grape::OAuth2.config.access_token_lifetime = Grape::OAuth2::Configuration::DEFAULT_TOKEN_LIFETIME
172
- end
173
-
174
- it 'set to specific time if configuration option set to some value' do
175
- current_time = Time.now.utc
176
- Grape::OAuth2.config.access_token_lifetime = 3500
177
-
178
- token = AccessToken.create(client: application, resource_owner: user)
179
- expect(token.expires_at).not_to be_nil
180
- expect(token.expires_at).to be_within(1).of(current_time + 3500)
181
-
182
- Grape::OAuth2.config.access_token_lifetime = Grape::OAuth2::Configuration::DEFAULT_TOKEN_LIFETIME
183
- end
184
- end
185
- end
1
+ require 'spec_helper'
2
+
3
+ describe 'Grape::OAuth2::ActiveRecord::AccessToken', skip_if: ENV['ORM'] != 'active_record' do
4
+ let(:application) { Application.create(name: 'Test') }
5
+ let(:user) { User.create(username: 'test', password: '123123') }
6
+ let(:access_token) { AccessToken.create(client: application, resource_owner: user) }
7
+
8
+ let(:token) { SecureRandom.hex(16) }
9
+
10
+ describe 'validations' do
11
+ it 'validate token uniqueness' do
12
+ another_token = AccessToken.create(client: application)
13
+ token = AccessToken.new(client: application, token: another_token.token)
14
+
15
+ expect(token).not_to be_valid
16
+ expect(token.errors.messages).to include(:token)
17
+ end
18
+ end
19
+
20
+ describe '#to_bearer_token' do
21
+ context 'config with refresh token' do
22
+ before do
23
+ Grape::OAuth2.config.issue_refresh_token = true
24
+ end
25
+
26
+ after do
27
+ Grape::OAuth2.config.issue_refresh_token = false
28
+ end
29
+
30
+ it 'returns refresh token' do
31
+ expect(access_token.to_bearer_token[:access_token]).not_to be_blank
32
+ end
33
+ end
34
+
35
+ context 'config without refresh token' do
36
+ before do
37
+ Grape::OAuth2.configure do |config|
38
+ config.issue_refresh_token = false
39
+ end
40
+ end
41
+
42
+ it 'returns blank refresh token' do
43
+ expect(access_token.to_bearer_token[:refresh_token]).to be_blank
44
+ end
45
+ end
46
+ end
47
+
48
+ describe '#authenticate' do
49
+ it 'returns an instance if authenticated successfully' do
50
+ access_token.token = token
51
+ access_token.save
52
+
53
+ expect(AccessToken.authenticate(token)).to eq(access_token)
54
+ end
55
+
56
+ it 'returns nil if authentication failed' do
57
+ access_token.token = token
58
+ access_token.save
59
+
60
+ expect(AccessToken.authenticate("invalid-#{token}")).to be_nil
61
+ end
62
+
63
+ it 'returns an instance by refresh token' do
64
+ refresh_token = SecureRandom.hex(6)
65
+ token = AccessToken.create(client: application, refresh_token: refresh_token)
66
+
67
+ expect(AccessToken.authenticate(refresh_token, type: :refresh_token)).to eq(token)
68
+ expect(AccessToken.authenticate(refresh_token, type: 'refresh_token')).to eq(token)
69
+ end
70
+ end
71
+
72
+ describe '#create_for?' do
73
+ it 'creates a record only for Client' do
74
+ token = AccessToken.create_for(application, nil)
75
+
76
+ expect(token.client).not_to be_nil
77
+ expect(token.resource_owner).to be_nil
78
+ end
79
+
80
+ it 'creates a record for Client and Resource Owner' do
81
+ token = AccessToken.create_for(application, user)
82
+
83
+ expect(token.client).to eq(application)
84
+ expect(token.resource_owner).to eq(user)
85
+ end
86
+
87
+ it 'creates a record with scopes' do
88
+ scopes = 'write read'
89
+ token = AccessToken.create_for(application, user, scopes)
90
+
91
+ expect(token.client).to eq(application)
92
+ expect(token.resource_owner).to eq(user)
93
+ expect(token.scopes).to eq(scopes)
94
+ end
95
+ end
96
+
97
+ describe '#expired?' do
98
+ it 'return false if expires_at nil' do
99
+ access_token.update_column(:expires_at, nil)
100
+
101
+ expect(access_token.expired?).to be_falsey
102
+ end
103
+
104
+ it 'return false if expires_at < Time.now' do
105
+ expect(access_token.expired?).to be_falsey
106
+ end
107
+
108
+ it 'return false if expires_at > Time.now' do
109
+ expired_at = Time.now.utc - Grape::OAuth2.config.access_token_lifetime + 1
110
+ access_token.update_column(:expires_at, expired_at)
111
+
112
+ expect(access_token.expired?).to be_truthy
113
+ end
114
+ end
115
+
116
+ describe '#revoked?' do
117
+ it 'return false if revoked_at nil' do
118
+ access_token.update_column(:revoked_at, nil)
119
+
120
+ expect(access_token.revoked?).to be_falsey
121
+ end
122
+
123
+ it 'return false if revoked_at present' do
124
+ access_token.update_column(:revoked_at, Time.now.utc)
125
+ expect(access_token.revoked?).to be_truthy
126
+ end
127
+ end
128
+
129
+ describe '#revoke!' do
130
+ it 'update :revoked_at attribute' do
131
+ expect { access_token.revoke! }.to change { access_token.revoked? }.from(false).to(true)
132
+ end
133
+
134
+ it 'update :revoked_at attribute with custom value' do
135
+ custom_time = Time.now - 7200
136
+ access_token.revoke!(custom_time)
137
+
138
+ expect(access_token.revoked_at).to eq(custom_time.utc)
139
+ end
140
+ end
141
+
142
+ describe 'token generation' do
143
+ it 'generates a new token before saving if token is blank' do
144
+ token = AccessToken.new(client: application, resource_owner: user)
145
+
146
+ expect(token.token).to be_blank
147
+
148
+ token.save
149
+
150
+ expect(token.token).not_to be_blank
151
+ end
152
+
153
+ it 'does not change token value on saving if token is present' do
154
+ token = AccessToken.new(client: application, resource_owner: user, token: 'abcdef')
155
+
156
+ expect(token.token).not_to be_blank
157
+
158
+ token.save
159
+
160
+ expect(token.token).to eq('abcdef')
161
+ end
162
+ end
163
+
164
+ describe 'expiration' do
165
+ it 'set to nil if configuration option set to nil' do
166
+ Grape::OAuth2.config.access_token_lifetime = nil
167
+
168
+ token = AccessToken.create(client: application, resource_owner: user)
169
+ expect(token.expires_at).to be_nil
170
+
171
+ Grape::OAuth2.config.access_token_lifetime = Grape::OAuth2::Configuration::DEFAULT_TOKEN_LIFETIME
172
+ end
173
+
174
+ it 'set to specific time if configuration option set to some value' do
175
+ current_time = Time.now.utc
176
+ Grape::OAuth2.config.access_token_lifetime = 3500
177
+
178
+ token = AccessToken.create(client: application, resource_owner: user)
179
+ expect(token.expires_at).not_to be_nil
180
+ expect(token.expires_at).to be_within(1).of(current_time + 3500)
181
+
182
+ Grape::OAuth2.config.access_token_lifetime = Grape::OAuth2::Configuration::DEFAULT_TOKEN_LIFETIME
183
+ end
184
+ end
185
+ end