grape_oauth2 0.1.1 → 0.2.0

data/spec/mixins/sequel/client_spec.rb

@@ -1,96 +1,105 @@
-require 'spec_helper'
-
-describe 'Grape::OAuth2::Sequel::Client', skip_if: ENV['ORM'] != 'sequel' do
-  let(:client) { Application.new(name: 'Test') }
-
-  let(:key) { SecureRandom.hex(8)  }
-  let(:secret) { SecureRandom.hex(8) }
-
-  it 'generates key on create' do
-    expect(client.key).to be_nil
-    client.save
-    expect(client.key).not_to be_nil
-  end
-
-  it 'generates key on create if an empty string' do
-    client.key = ''
-    client.save
-    expect(client.key).not_to be_blank
-  end
-
-  it 'generates key on create unless one is set' do
-    client.key = key
-    client.save
-    expect(client.key).to eq(key)
-  end
-
-  it 'is invalid without key' do
-    client.save
-    client.key = nil
-    expect(client).not_to be_valid
-  end
-
-  it 'checks uniqueness of key' do
-    app1 = Application.create(name: 'app1')
-    app2 = Application.create(name: 'app2')
-    app2.key = app1.key
-    expect(app2).not_to be_valid
-    expect(app2.errors).to include(:key)
-  end
-
-  it 'expects database to throw an error when keys are the same' do
-    app1 = Application.create(name: 'app1')
-    app2 = Application.create(name: 'app2')
-    app2.key = app1.key
-    expect { app2.save }.to raise_error(Sequel::ValidationFailed)
-  end
-
-  it 'generate secret on create' do
-    expect(client.secret).to be_nil
-    client.save
-    expect(client.secret).not_to be_nil
-  end
-
-  it 'generate secret on create if is blank string' do
-    client.secret = ''
-    client.save
-    expect(client.secret).not_to be_blank
-  end
-
-  it 'generate secret on create unless one is set' do
-    client.secret = secret
-    client.save
-    expect(client.secret).to eq(secret)
-  end
-
-  it 'is invalid without secret' do
-    client.save
-    client.secret = nil
-    expect(client).not_to be_valid
-  end
-
-  describe '#authenticate' do
-    it 'returns a class instance if authenticated successfully' do
-      client.key = key
-      client.secret = secret
-      client.save
-
-      expect(Application.authenticate(key, secret)).to eq(client)
-    end
-
-    it 'returns a class instance if only key specified' do
-      client.key = key
-      client.save
-
-      expect(Application.authenticate(key)).to eq(client)
-    end
-
-    it 'returns nil if authentication failed' do
-      client.key = key
-      client.secret = secret
-      client.save
-
-      expect(Application.authenticate(key, 'invalid-')).to be_nil
-    end
-  end
-end
+require 'spec_helper'
+
+describe 'Grape::OAuth2::Sequel::Client', skip_if: ENV['ORM'] != 'sequel' do
+  let(:client) { Application.new(name: 'Test') }
+
+  let(:key) { SecureRandom.hex(8)  }
+  let(:secret) { SecureRandom.hex(8) }
+
+  it 'generates key on create' do
+    expect(client.key).to be_nil
+    client.save
+    expect(client.key).not_to be_nil
+  end
+
+  it 'generates key on create if an empty string' do
+    client.key = ''
+    client.save
+    expect(client.key).not_to be_blank
+  end
+
+  it 'generates key on create unless one is set' do
+    client.key = key
+    client.save
+    expect(client.key).to eq(key)
+  end
+
+  it 'is invalid without key' do
+    client.save
+    client.key = nil
+    expect(client).not_to be_valid
+  end
+
+  it 'checks uniqueness of key' do
+    app1 = Application.create(name: 'app1')
+    app2 = Application.create(name: 'app2')
+    app2.key = app1.key
+    expect(app2).not_to be_valid
+    expect(app2.errors).to include(:key)
+  end
+
+  it 'expects database to throw an error when keys are the same' do
+    app1 = Application.create(name: 'app1')
+    app2 = Application.create(name: 'app2')
+    app2.key = app1.key
+    expect { app2.save }.to raise_error(Sequel::ValidationFailed)
+  end
+
+  it 'generate secret on create' do
+    expect(client.secret).to be_nil
+    client.save
+    expect(client.secret).not_to be_nil
+  end
+
+  it 'generate secret on create if is blank string' do
+    client.secret = ''
+    client.save
+    expect(client.secret).not_to be_blank
+  end
+
+  it 'generate secret on create unless one is set' do
+    client.secret = secret
+    client.save
+    expect(client.secret).to eq(secret)
+  end
+
+  it 'is invalid without secret' do
+    client.save
+    client.secret = nil
+    expect(client).not_to be_valid
+  end
+
+  describe '#authenticate' do
+    it 'returns a class instance if authenticated successfully' do
+      client.key = key
+      client.secret = secret
+      client.save
+
+      expect(Application.authenticate(key, secret)).to eq(client)
+    end
+
+    it 'returns a class instance if only key specified' do
+      client.key = key
+      client.save
+
+      expect(Application.authenticate(key)).to eq(client)
+    end
+
+    it 'returns nil if authentication failed' do
+      client.key = key
+      client.secret = secret
+      client.save
+
+      expect(Application.authenticate(key, 'invalid-')).to be_nil
+    end
+
+    it 'delete all the associated access tokens on destroy' do
+      user = User.create(username: 'John', password: '123123')
+      app = Application.create(name: 'app1', redirect_uri: 'https://google.com')
+
+      3.times { AccessToken.create(resource_owner_id: user.id, client_id: app.id) }
+
+      expect { app.refresh.destroy }.to change { AccessToken.count }.from(3).to(0)
+    end
+  end
+end

data/spec/requests/flows/authorization_code_spec.rb

@@ -1,67 +1,67 @@
-require 'spec_helper'
-
-describe 'Authorization Code flow' do
-  let(:redirect_uri) { 'http://localhost:3000/home' }
-  let(:application) { Application.create(name: 'App1', redirect_uri: redirect_uri) }
-
-  describe 'POST /oauth/authorize' do
-    let(:authorize_url) { '/api/v1/oauth/authorize' }
-
-    context 'with valid params' do
-      context 'when response_type is :code' do
-        it 'should be success' do
-          expect {
-            post authorize_url,
-              client_id: application.key,
-              redirect_uri: redirect_uri,
-              response_type: 'code'
-          }.to change { AccessCode.count }.from(0).to(1)
-
-          expect(last_response.status).to eq 302
-        end
-      end
-
-      context 'when response_type is :token' do
-        it 'should be success' do
-          expect {
-            post authorize_url,
-              client_id: application.key,
-              redirect_uri: redirect_uri,
-              response_type: 'token'
-          }.to change { AccessToken.count }.from(0).to(1)
-        end
-      end
-    end
-
-    context 'with invalid params' do
-      it 'should fail without response_type' do
-        post authorize_url,
-             client_id: application.key
-
-        expect(last_response.status).to eq 400
-        expect(json_body[:error]).to eq('invalid_request')
-      end
-
-      it 'should fail with unsupported response_type' do
-        post authorize_url,
-             client_id: application.key,
-             redirect_uri: redirect_uri,
-             response_type: 'invalid'
-
-        expect(last_response.status).to eq 400
-        expect(json_body[:error]).to eq('unsupported_response_type')
-      end
-    end
-  end
-
-  describe 'POST /oauth/custom_authorize' do
-    it 'invokes custom block' do
-      post '/api/v1/oauth/custom_authorize',
-           client_id: application.key,
-           redirect_uri: redirect_uri,
-           response_type: 'code'
-
-      expect(last_response.status).to eq(400)
-    end
-  end
-end
+require 'spec_helper'
+
+describe 'Authorization Code flow' do
+  let(:redirect_uri) { 'http://localhost:3000/home' }
+  let(:application) { Application.create(name: 'App1', redirect_uri: redirect_uri) }
+
+  describe 'POST /oauth/authorize' do
+    let(:authorize_url) { '/api/v1/oauth/authorize' }
+
+    context 'with valid params' do
+      context 'when response_type is :code' do
+        it 'should be success' do
+          expect {
+            post authorize_url,
+              client_id: application.key,
+              redirect_uri: redirect_uri,
+              response_type: 'code'
+          }.to change { AccessCode.count }.from(0).to(1)
+
+          expect(last_response.status).to eq 302
+        end
+      end
+
+      context 'when response_type is :token' do
+        it 'should be success' do
+          expect {
+            post authorize_url,
+              client_id: application.key,
+              redirect_uri: redirect_uri,
+              response_type: 'token'
+          }.to change { AccessToken.count }.from(0).to(1)
+        end
+      end
+    end
+
+    context 'with invalid params' do
+      it 'should fail without response_type' do
+        post authorize_url,
+             client_id: application.key
+
+        expect(last_response.status).to eq 400
+        expect(json_body[:error]).to eq('invalid_request')
+      end
+
+      it 'should fail with unsupported response_type' do
+        post authorize_url,
+             client_id: application.key,
+             redirect_uri: redirect_uri,
+             response_type: 'invalid'
+
+        expect(last_response.status).to eq 400
+        expect(json_body[:error]).to eq('unsupported_response_type')
+      end
+    end
+  end
+
+  describe 'POST /oauth/custom_authorize' do
+    it 'invokes custom block' do
+      post '/api/v1/oauth/custom_authorize',
+           client_id: application.key,
+           redirect_uri: redirect_uri,
+           response_type: 'code'
+
+      expect(last_response.status).to eq(400)
+    end
+  end
+end

data/spec/requests/flows/client_credentials_spec.rb

@@ -1,101 +1,101 @@
-require 'spec_helper'
-
-describe 'Token Endpoint' do
-  describe 'POST /oauth/token' do
-    describe 'Client Credentials flow' do
-      context 'with valid params' do
-        let(:authentication_url) { '/api/v1/oauth/token' }
-        let(:application) { Application.create(name: 'App1') }
-        let(:user) { User.create(username: 'test', password: '12345678') }
-
-        context 'when request is invalid' do
-          it 'fails without Grant Type' do
-            post authentication_url,
-                 client_id: application.key,
-                 client_secret: application.secret
-
-            expect(AccessToken.all).to be_empty
-
-            expect(json_body[:error]).to eq('invalid_request')
-            expect(last_response.status).to eq 400
-          end
-
-          it 'fails with invalid Grant Type' do
-            post authentication_url,
-                 grant_type: 'invalid'
-
-            expect(AccessToken.all).to be_empty
-
-            expect(json_body[:error]).to eq('unsupported_grant_type')
-            expect(last_response.status).to eq 400
-          end
-
-          it 'fails without Client Credentials' do
-            post authentication_url,
-                 grant_type: 'client_credentials'
-
-            expect(AccessToken.all).to be_empty
-
-            expect(json_body[:error]).to eq('invalid_request')
-            expect(last_response.status).to eq 400
-          end
-
-          it 'fails with invalid Client Credentials' do
-            post authentication_url,
-                 grant_type: 'client_credentials',
-                 client_id: 'blah-blah',
-                 client_secret: application.secret
-
-            expect(AccessToken.all).to be_empty
-
-            expect(json_body[:error]).to eq('invalid_client')
-            expect(last_response.status).to eq 401
-          end
-        end
-
-        context 'with valid data' do
-          context 'when scopes requested' do
-            it 'returns an Access Token with scopes' do
-              post authentication_url,
-                   grant_type: 'client_credentials',
-                   scope: 'read write',
-                   client_id: application.key,
-                   client_secret: application.secret
-
-              expect(AccessToken.count).to eq 1
-              expect(AccessToken.first.client_id).to eq application.id
-
-              expect(json_body[:access_token]).to be_present
-              expect(json_body[:token_type]).to eq 'bearer'
-              expect(json_body[:expires_in]).to eq 7200
-              expect(json_body[:refresh_token]).to be_nil
-              expect(json_body[:scope]).to eq('read write')
-
-              expect(last_response.status).to eq 200
-            end
-          end
-
-          context 'without scopes' do
-            it 'returns an Access Token without scopes' do
-              post authentication_url,
-                   grant_type: 'client_credentials',
-                   client_id: application.key,
-                   client_secret: application.secret
-
-              expect(AccessToken.count).to eq 1
-              expect(AccessToken.first.client_id).to eq application.id
-
-              expect(json_body[:access_token]).to be_present
-              expect(json_body[:token_type]).to eq 'bearer'
-              expect(json_body[:expires_in]).to eq 7200
-              expect(json_body[:refresh_token]).to be_nil
-              expect(json_body[:scope]).to be_nil
-
-              expect(last_response.status).to eq 200
-            end
-          end
-        end
-      end
-    end
-  end
-end
+require 'spec_helper'
+
+describe 'Token Endpoint' do
+  describe 'POST /oauth/token' do
+    describe 'Client Credentials flow' do
+      context 'with valid params' do
+        let(:authentication_url) { '/api/v1/oauth/token' }
+        let(:application) { Application.create(name: 'App1') }
+        let(:user) { User.create(username: 'test', password: '12345678') }
+
+        context 'when request is invalid' do
+          it 'fails without Grant Type' do
+            post authentication_url,
+                 client_id: application.key,
+                 client_secret: application.secret
+
+            expect(AccessToken.all).to be_empty
+
+            expect(json_body[:error]).to eq('invalid_request')
+            expect(last_response.status).to eq 400
+          end
+
+          it 'fails with invalid Grant Type' do
+            post authentication_url,
+                 grant_type: 'invalid'
+
+            expect(AccessToken.all).to be_empty
+
+            expect(json_body[:error]).to eq('unsupported_grant_type')
+            expect(last_response.status).to eq 400
+          end
+
+          it 'fails without Client Credentials' do
+            post authentication_url,
+                 grant_type: 'client_credentials'
+
+            expect(AccessToken.all).to be_empty
+
+            expect(json_body[:error]).to eq('invalid_request')
+            expect(last_response.status).to eq 400
+          end
+
+          it 'fails with invalid Client Credentials' do
+            post authentication_url,
+                 grant_type: 'client_credentials',
+                 client_id: 'blah-blah',
+                 client_secret: application.secret
+
+            expect(AccessToken.all).to be_empty
+
+            expect(json_body[:error]).to eq('invalid_client')
+            expect(last_response.status).to eq 401
+          end
+        end
+
+        context 'with valid data' do
+          context 'when scopes requested' do
+            it 'returns an Access Token with scopes' do
+              post authentication_url,
+                   grant_type: 'client_credentials',
+                   scope: 'read write',
+                   client_id: application.key,
+                   client_secret: application.secret
+
+              expect(AccessToken.count).to eq 1
+              expect(AccessToken.first.client_id).to eq application.id
+
+              expect(json_body[:access_token]).to be_present
+              expect(json_body[:token_type]).to eq 'bearer'
+              expect(json_body[:expires_in]).to eq 7200
+              expect(json_body[:refresh_token]).to be_nil
+              expect(json_body[:scope]).to eq('read write')
+
+              expect(last_response.status).to eq 200
+            end
+          end
+
+          context 'without scopes' do
+            it 'returns an Access Token without scopes' do
+              post authentication_url,
+                   grant_type: 'client_credentials',
+                   client_id: application.key,
+                   client_secret: application.secret
+
+              expect(AccessToken.count).to eq 1
+              expect(AccessToken.first.client_id).to eq application.id
+
+              expect(json_body[:access_token]).to be_present
+              expect(json_body[:token_type]).to eq 'bearer'
+              expect(json_body[:expires_in]).to eq 7200
+              expect(json_body[:refresh_token]).to be_nil
+              expect(json_body[:scope]).to be_nil
+
+              expect(last_response.status).to eq 200
+            end
+          end
+        end
+      end
+    end
+  end
+end