grape_oauth2 0.1.1

data/spec/requests/protected_resources_spec.rb

@@ -0,0 +1,64 @@
+require 'spec_helper'
+
+describe 'GET Protected Resources' do
+  let(:application) { Application.create(name: 'App1') }
+  let(:user) { User.create(username: 'Jack Sparrow', password: '12345678') }
+  let(:access_token) { AccessToken.create_for(application, user) }
+
+  context 'with invalid data' do
+    it 'returns Unauthorized without Access Token' do
+      get 'api/v1/status'
+
+      expect(last_response.status).to eq 401
+
+      expect(json_body[:error]).to eq('unauthorized')
+      expect(last_response.headers['WWW-Authenticate']).to eq('Bearer realm="Custom Realm"')
+    end
+
+    it 'returns Unauthorized when token scopes are blank' do
+      get 'api/v1/status/single_scope', access_token: access_token.token
+
+      expect(last_response.status).to eq 403
+
+      expect(json_body[:error]).not_to be_blank
+    end
+
+    it "returns Unauthorized when token scopes doesn't match required scopes" do
+      access_token.update(scopes: 'read')
+      get 'api/v1/status/multiple_scopes', access_token: access_token.token
+
+      expect(last_response.status).to eq 403
+
+      expect(json_body[:error]).not_to be_blank
+    end
+  end
+
+  context 'with valid data' do
+    it "returns status for endpoint that doesn't requires any scope" do
+      get 'api/v1/status', access_token: access_token.token
+
+      expect(last_response.status).to eq 200
+
+      expect(json_body[:value]).to eq('Nice day!')
+      expect(json_body[:current_user]).to eq('Jack Sparrow')
+    end
+
+    it 'returns status for endpoint with specific scope' do
+      access_token.update(scopes: 'read public')
+      get 'api/v1/status/single_scope', access_token: access_token.token
+
+      expect(last_response.status).to eq 200
+
+      expect(json_body[:value]).to eq('Access granted')
+    end
+
+    it 'returns status for endpoint with specific set of scopes' do
+      access_token.update(scopes: 'read write public')
+      get 'api/v1/status/multiple_scopes', access_token: access_token.token
+
+      expect(last_response.status).to eq 200
+
+      expect(json_body[:value]).to eq('Access granted')
+    end
+  end
+end

data/spec/spec_helper.rb

@@ -0,0 +1,60 @@
+ENV['RAILS_ENV'] ||= 'test'
+ENV['ORM'] ||= 'active_record'
+
+puts "Configured ORM: '#{ENV['ORM']}'"
+
+require 'coveralls'
+
+if Coveralls.should_run?
+  Coveralls.wear!
+else
+  require 'simplecov'
+  SimpleCov.start
+end
+
+require 'bundler/setup'
+Bundler.setup
+
+require 'rack/test'
+require 'database_cleaner'
+
+ORM_GEMS_MAPPING = {
+  'sequel' => 'sequel',
+  'active_record' => 'active_record',
+  'mongoid' => 'mongoid'
+}.freeze
+
+require ORM_GEMS_MAPPING[ENV['ORM']]
+
+require 'grape_oauth2'
+
+# Require Rack app by ORM
+require File.expand_path("../dummy/orm/#{ENV['ORM']}/app/twitter", __FILE__)
+
+TWITTER_APP = Rack::Builder.parse_file(File.expand_path("../dummy/orm/#{ENV['ORM']}/config.ru", __FILE__)).first
+
+require 'support/api_helper'
+
+RSpec.configure do |config|
+  config.include ApiHelper
+
+  config.filter_run_excluding skip_if: true
+
+  config.order = 'random'
+
+  config.before(:suite) do
+    if ENV['ORM'] == 'mongoid'
+      DatabaseCleaner[:mongoid].strategy = :truncation
+      DatabaseCleaner[:mongoid].clean_with :truncation
+    else
+      DatabaseCleaner.strategy = :transaction
+      DatabaseCleaner.clean_with(:deletion)
+    end
+  end
+
+  config.around(:example) do |example|
+    DatabaseCleaner.cleaning do
+      example.run
+    end
+  end
+end

data/spec/support/api_helper.rb

@@ -0,0 +1,11 @@
+module ApiHelper
+  include Rack::Test::Methods
+
+  def app
+    TWITTER_APP
+  end
+
+  def json_body
+    JSON.parse(last_response.body, symbolize_names: true) rescue fail StandardError, 'API request returned invalid json'
+  end
+end

metadata

@@ -0,0 +1,257 @@
+--- !ruby/object:Gem::Specification
+name: grape_oauth2
+version: !ruby/object:Gem::Version
+  version: 0.1.1
+platform: ruby
+authors:
+- Nikita Bulai
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2016-05-31 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: grape
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.16'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.16'
+- !ruby/object:Gem::Dependency
+  name: rack-oauth2
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 1.3.0
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 1.3.0
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 1.3.0
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 1.3.0
+- !ruby/object:Gem::Dependency
+  name: rspec-rails
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 3.4.0
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 3.4.0
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 3.4.0
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 3.4.0
+- !ruby/object:Gem::Dependency
+  name: database_cleaner
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 1.5.0
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 1.5.0
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 1.5.0
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 1.5.0
+description: Provides flexible, ORM-agnostic, fully customizable and simple OAuth2
+  support for Grape APIs
+email:
+- bulajnikita@gmail.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- ".gitignore"
+- ".rspec"
+- ".rubocop.yml"
+- ".travis.yml"
+- Gemfile
+- README.md
+- Rakefile
+- gemfiles/active_record.rb
+- gemfiles/mongoid.rb
+- gemfiles/sequel.rb
+- grape_oauth2.gemspec
+- grape_oauth2.png
+- lib/grape_oauth2.rb
+- lib/grape_oauth2/configuration.rb
+- lib/grape_oauth2/configuration/class_accessors.rb
+- lib/grape_oauth2/configuration/validation.rb
+- lib/grape_oauth2/endpoints/authorize.rb
+- lib/grape_oauth2/endpoints/token.rb
+- lib/grape_oauth2/gem_version.rb
+- lib/grape_oauth2/generators/authorization.rb
+- lib/grape_oauth2/generators/base.rb
+- lib/grape_oauth2/generators/token.rb
+- lib/grape_oauth2/helpers/access_token_helpers.rb
+- lib/grape_oauth2/helpers/oauth_params.rb
+- lib/grape_oauth2/mixins/active_record/access_grant.rb
+- lib/grape_oauth2/mixins/active_record/access_token.rb
+- lib/grape_oauth2/mixins/active_record/client.rb
+- lib/grape_oauth2/mixins/mongoid/access_grant.rb
+- lib/grape_oauth2/mixins/mongoid/access_token.rb
+- lib/grape_oauth2/mixins/mongoid/client.rb
+- lib/grape_oauth2/mixins/sequel/access_grant.rb
+- lib/grape_oauth2/mixins/sequel/access_token.rb
+- lib/grape_oauth2/mixins/sequel/client.rb
+- lib/grape_oauth2/responses/authorization.rb
+- lib/grape_oauth2/responses/base.rb
+- lib/grape_oauth2/responses/token.rb
+- lib/grape_oauth2/scopes.rb
+- lib/grape_oauth2/strategies/authorization_code.rb
+- lib/grape_oauth2/strategies/base.rb
+- lib/grape_oauth2/strategies/client_credentials.rb
+- lib/grape_oauth2/strategies/password.rb
+- lib/grape_oauth2/strategies/refresh_token.rb
+- lib/grape_oauth2/unique_token.rb
+- lib/grape_oauth2/version.rb
+- spec/configuration/config_spec.rb
+- spec/configuration/version_spec.rb
+- spec/dummy/endpoints/custom_authorization.rb
+- spec/dummy/endpoints/custom_token.rb
+- spec/dummy/endpoints/status.rb
+- spec/dummy/grape_oauth2_config.rb
+- spec/dummy/orm/active_record/app/config/db.rb
+- spec/dummy/orm/active_record/app/models/access_code.rb
+- spec/dummy/orm/active_record/app/models/access_token.rb
+- spec/dummy/orm/active_record/app/models/application.rb
+- spec/dummy/orm/active_record/app/models/application_record.rb
+- spec/dummy/orm/active_record/app/models/user.rb
+- spec/dummy/orm/active_record/app/twitter.rb
+- spec/dummy/orm/active_record/config.ru
+- spec/dummy/orm/active_record/db/schema.rb
+- spec/dummy/orm/mongoid/app/config/db.rb
+- spec/dummy/orm/mongoid/app/config/mongoid.yml
+- spec/dummy/orm/mongoid/app/models/access_code.rb
+- spec/dummy/orm/mongoid/app/models/access_token.rb
+- spec/dummy/orm/mongoid/app/models/application.rb
+- spec/dummy/orm/mongoid/app/models/user.rb
+- spec/dummy/orm/mongoid/app/twitter.rb
+- spec/dummy/orm/mongoid/config.ru
+- spec/dummy/orm/sequel/app/config/db.rb
+- spec/dummy/orm/sequel/app/models/access_code.rb
+- spec/dummy/orm/sequel/app/models/access_token.rb
+- spec/dummy/orm/sequel/app/models/application.rb
+- spec/dummy/orm/sequel/app/models/application_record.rb
+- spec/dummy/orm/sequel/app/models/user.rb
+- spec/dummy/orm/sequel/app/twitter.rb
+- spec/dummy/orm/sequel/config.ru
+- spec/dummy/orm/sequel/db/schema.rb
+- spec/lib/scopes_spec.rb
+- spec/mixins/active_record/access_token_spec.rb
+- spec/mixins/active_record/client_spec.rb
+- spec/mixins/mongoid/access_token_spec.rb
+- spec/mixins/mongoid/client_spec.rb
+- spec/mixins/sequel/access_token_spec.rb
+- spec/mixins/sequel/client_spec.rb
+- spec/requests/flows/authorization_code_spec.rb
+- spec/requests/flows/client_credentials_spec.rb
+- spec/requests/flows/password_spec.rb
+- spec/requests/flows/refresh_token_spec.rb
+- spec/requests/flows/revoke_token_spec.rb
+- spec/requests/protected_resources_spec.rb
+- spec/spec_helper.rb
+- spec/support/api_helper.rb
+homepage: http://github.com/nbulaj/grape-oauth2
+licenses:
+- MIT
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: 2.2.2
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.6.3
+signing_key: 
+specification_version: 4
+summary: Grape OAuth2 provider
+test_files:
+- spec/support/api_helper.rb
+- spec/configuration/version_spec.rb
+- spec/configuration/config_spec.rb
+- spec/dummy/grape_oauth2_config.rb
+- spec/dummy/orm/sequel/app/twitter.rb
+- spec/dummy/orm/sequel/app/models/user.rb
+- spec/dummy/orm/sequel/app/models/application.rb
+- spec/dummy/orm/sequel/app/models/access_code.rb
+- spec/dummy/orm/sequel/app/models/access_token.rb
+- spec/dummy/orm/sequel/app/models/application_record.rb
+- spec/dummy/orm/sequel/app/config/db.rb
+- spec/dummy/orm/sequel/config.ru
+- spec/dummy/orm/sequel/db/schema.rb
+- spec/dummy/orm/active_record/app/twitter.rb
+- spec/dummy/orm/active_record/app/models/user.rb
+- spec/dummy/orm/active_record/app/models/application.rb
+- spec/dummy/orm/active_record/app/models/access_code.rb
+- spec/dummy/orm/active_record/app/models/access_token.rb
+- spec/dummy/orm/active_record/app/models/application_record.rb
+- spec/dummy/orm/active_record/app/config/db.rb
+- spec/dummy/orm/active_record/config.ru
+- spec/dummy/orm/active_record/db/schema.rb
+- spec/dummy/orm/mongoid/app/twitter.rb
+- spec/dummy/orm/mongoid/app/models/user.rb
+- spec/dummy/orm/mongoid/app/models/application.rb
+- spec/dummy/orm/mongoid/app/models/access_code.rb
+- spec/dummy/orm/mongoid/app/models/access_token.rb
+- spec/dummy/orm/mongoid/app/config/mongoid.yml
+- spec/dummy/orm/mongoid/app/config/db.rb
+- spec/dummy/orm/mongoid/config.ru
+- spec/dummy/endpoints/custom_token.rb
+- spec/dummy/endpoints/status.rb
+- spec/dummy/endpoints/custom_authorization.rb
+- spec/mixins/sequel/client_spec.rb
+- spec/mixins/sequel/access_token_spec.rb
+- spec/mixins/active_record/client_spec.rb
+- spec/mixins/active_record/access_token_spec.rb
+- spec/mixins/mongoid/client_spec.rb
+- spec/mixins/mongoid/access_token_spec.rb
+- spec/requests/flows/client_credentials_spec.rb
+- spec/requests/flows/authorization_code_spec.rb
+- spec/requests/flows/password_spec.rb
+- spec/requests/flows/revoke_token_spec.rb
+- spec/requests/flows/refresh_token_spec.rb
+- spec/requests/protected_resources_spec.rb
+- spec/lib/scopes_spec.rb
+- spec/spec_helper.rb