gs_graph 2.6.5

data/spec/gs_graph/app_request_spec.rb

@@ -0,0 +1,40 @@
+require 'spec_helper'
+
+describe GSGraph::AppRequest, '.new' do
+  it 'should setup all supported attributes' do
+    attributes = {
+      :id => "10150111088582277",
+      :application => {
+        :name => "gem sample",
+        :id => "134145643294322"
+      },
+      :to => {
+        :name => "Nov Matake",
+        :id => "579612276"
+      },
+      :from => {
+        :name => "Nov Matake",
+        :id => "1575327134"
+      },
+      :data => "tracking information for the user",
+      :message => "You should learn more about this awesome game.",
+      :created_time => "2011-02-04T09:55:43+0000"
+    }
+    app_request = GSGraph::AppRequest.new(attributes.delete(:id), attributes)
+    app_request.identifier.should == '10150111088582277'
+    app_request.application.should == GSGraph::Application.new('134145643294322', :name => 'gem sample')
+    app_request.to.should == GSGraph::User.new('579612276', :name => 'Nov Matake')
+    app_request.from.should == GSGraph::User.new('1575327134', :name => 'Nov Matake')
+    app_request.data.should == 'tracking information for the user'
+    app_request.message.should == 'You should learn more about this awesome game.'
+    app_request.created_time.should == Time.parse('2011-02-04T09:55:43+0000')
+  end
+end
+
+describe GSGraph::AppRequest, '#destroy' do
+  it 'should request DELETE /:request_id' do
+    mock_graph :delete, '12345', 'true', :access_token => 'access_token' do
+      GSGraph::AppRequest.new('12345', :access_token => 'access_token').destroy
+    end
+  end
+end

data/spec/gs_graph/application_spec.rb

@@ -0,0 +1,251 @@
+require 'spec_helper'
+
+describe GSGraph::Application do
+  let(:app) { GSGraph::Application.new('client_id') }
+
+  describe '.new' do
+    it 'should setup all supported attributes' do
+      attributes = {
+        :id          => '12345',
+        :name        => 'GSGraph',
+        :description => 'Owsome Facebook Graph Wrapper',
+        :canvas_name => 'gs_graph',
+        :category    => 'Programming',
+        :subcategory => 'Ruby',
+        :link        => 'http://github.com/nov/gs_graph',
+        :company     => 'GSGraph',
+        :secret      => 'sec sec',
+        :icon_url    => 'http://example.com/icon.gif',
+        :logo_url    => 'http://example.com/logo.gif',
+        :daily_active_users => '10',
+        :weekly_active_users => '5',
+        :monthly_active_users => '1',
+        :migrations => {
+          'secure_stream_urls' => false,
+          'expiring_offline_access_tokens' => true,
+          'december_rollup' => true,
+          'requires_login_secret' => false,
+          'gdp_v2' => true,
+          'page_hours_format' => true,
+          'graph_batch_api_exception_format' => true,
+          'status_checkin_perm_migration' => false
+        },
+        :namespace => 'gs_graph',
+        :restrictions => {
+          'age_distribution' => {
+            'CA,US' => '16-25'
+          }
+        },
+        :app_domains => [
+          'example.com',
+          'example.org'
+        ],
+        :auth_dialog_data_help_url => 'http://example.com/help/',
+        :auth_dialog_description => 'Authorize this app',
+        :auth_dialog_headline => "Don't think, just click",
+        :auth_dialog_perms_explanation => 'Trust me',
+        :auth_referral_user_perms => [
+          'user_hometown',
+          'user_activities',
+          'user_online_presence'
+        ],
+        :auth_referral_default_activity_privacy => 'NONE',
+        :auth_referral_enabled => 1,
+        :auth_referral_extended_perms => [
+          'status_update',
+          'video_upload',
+          'publish_stream'
+        ],
+        :auth_referral_response_type => 'code',
+        :canvas_fluid_height => false,
+        :canvas_fluid_width => 1,
+        :canvas_url => 'http://example.com/canvas/',
+        :contact_email => 'gs_graph@example.com',
+        :created_time => 1328798126,
+        :creator_uid => 98765,
+        :deauth_callback_url => 'http://example.com/death/',
+        :iphone_app_store_id => '4567',
+        :hosting_url => 'http://gs_graph.heroku.com',
+        :mobile_web_url => 'http://m.example.com',
+        :page_tab_default_name => 'gs_graph Page',
+        :page_tab_url => 'http://example.com/page/',
+        :privacy_policy_url => 'http://example.com/privacy/',
+        :secure_canvas_url => 'https://example.com/canvas/',
+        :secure_page_tab_url => 'https://example.com/page/',
+        :server_ip_whitelist => '127.0.0.1',
+        :social_discovery => 0,
+        :terms_of_service_url => 'http://example.com/terms/',
+        :user_support_email => 'gs_graph@example.org',
+        :user_support_url => 'http://example.com/support/',
+        :website_url => 'http://example.com',
+        :type => 'application'
+      }
+
+      app = GSGraph::Application.new(attributes.delete(:id), attributes)
+      app.identifier.should  == '12345'
+      app.name.should        == 'GSGraph'
+      app.description.should == 'Owsome Facebook Graph Wrapper'
+      app.canvas_name.should == 'gs_graph'
+      app.category.should    == 'Programming'
+      app.subcategory.should == 'Ruby'
+      app.link.should        == 'http://github.com/nov/gs_graph'
+      app.company.should     == 'GSGraph'
+      app.icon_url.should    == 'http://example.com/icon.gif'
+      app.logo_url.should    == 'http://example.com/logo.gif'
+      app.secret.should      == 'sec sec'
+      app.daily_active_users.should == 10
+      app.weekly_active_users.should == 5
+      app.monthly_active_users.should == 1
+      app.migrations.should == {
+        'secure_stream_urls' => false,
+        'expiring_offline_access_tokens' => true,
+        'december_rollup' => true,
+        'requires_login_secret' => false,
+        'gdp_v2' => true,
+        'page_hours_format' => true,
+        'graph_batch_api_exception_format' => true,
+        'status_checkin_perm_migration' => false
+      }
+      app.namespace.should == 'gs_graph'
+      app.restrictions.should == {
+        'age_distribution' => {
+          'CA,US' => '16-25'
+        }
+      }
+      app.app_domains.should == [
+        'example.com',
+        'example.org'
+      ]
+      app.auth_dialog_data_help_url.should == 'http://example.com/help/'
+      app.auth_dialog_description.should == 'Authorize this app'
+      app.auth_dialog_headline.should == "Don't think, just click"
+      app.auth_dialog_perms_explanation.should == 'Trust me'
+      app.auth_referral_user_perms.should == [
+        'user_hometown',
+        'user_activities',
+        'user_online_presence'
+      ]
+      app.auth_referral_default_activity_privacy.should == 'NONE'
+      app.auth_referral_enabled.should == true
+      app.auth_referral_extended_perms.should == [
+        'status_update',
+        'video_upload',
+        'publish_stream'
+      ]
+      app.auth_referral_response_type.should == 'code'
+      app.canvas_fluid_height.should == false
+      app.canvas_fluid_width.should == true
+      app.canvas_url.should == 'http://example.com/canvas/'
+      app.contact_email.should == 'gs_graph@example.com'
+      app.created_time.should == 1328798126
+      app.creator_uid.should == 98765
+      app.deauth_callback_url.should == 'http://example.com/death/'
+      app.iphone_app_store_id.should == '4567'
+      app.hosting_url.should == 'http://gs_graph.heroku.com'
+      app.mobile_web_url.should == 'http://m.example.com'
+      app.page_tab_default_name.should == 'gs_graph Page'
+      app.page_tab_url.should == 'http://example.com/page/'
+      app.privacy_policy_url.should == 'http://example.com/privacy/'
+      app.secure_canvas_url.should == 'https://example.com/canvas/'
+      app.secure_page_tab_url.should == 'https://example.com/page/'
+      app.server_ip_whitelist.should == '127.0.0.1'
+      app.social_discovery.should == false
+      app.user_support_email.should == 'gs_graph@example.org'
+      app.user_support_url.should == 'http://example.com/support/'
+      app.website_url.should == 'http://example.com'
+      app.type.should == 'application'
+    end
+  end
+
+  describe '#get_access_token' do
+    before { app.secret = 'secret' }
+
+    it 'should return Rack::OAuth2::AccessToken::Legacy' do
+      mock_graph :post, 'oauth/access_token', 'token_response' do
+        token = app.get_access_token
+        token.should be_instance_of(Rack::OAuth2::AccessToken::Legacy)
+        token.access_token.should == 'token'
+      end
+    end
+  end
+
+  describe '#access_token' do
+    context 'when access token already exists' do
+      before { app.access_token = "token" }
+      it 'should not fetch new token' do
+        app.should_not_receive(:get_access_token)
+        app.access_token
+      end
+    end
+
+    context 'otherwise' do
+      context 'when secret exists' do
+        before { app.secret = 'secret' }
+        it 'should fetch new token' do
+          app.should_receive(:get_access_token)
+          app.access_token
+        end
+      end
+
+      context 'otherwise' do
+        it 'should not fetch new token' do
+          app.should_not_receive(:get_access_token)
+          app.access_token
+        end
+      end
+    end
+  end
+
+  describe '#debug_token' do
+    before { app.access_token = 'app_token' }
+    let(:application) { GSGraph::Application.new(210798282372757, :name => 'gem sample') }
+    let(:user)        { GSGraph::User.new(579612276) }
+    let(:scopes)      { ['email'] }
+
+    shared_examples_for :token_debugger do
+      context 'when valid' do
+        it 'should return introspection result without error' do
+          mock_graph :get, 'debug_token', 'token_introspection/valid', :access_token => 'app_token', :params => {
+            :input_token => 'input_token'
+          } do
+            result = app.debug_token input_token
+            result.should be_instance_of Rack::OAuth2::AccessToken::Introspectable::Result
+            result.application.should == application
+            result.user.should == user
+            result.scopes.should == scopes
+            result.expires_at.should == Time.at(1350363600)
+            result.is_valid.should be_true
+            result.error.should be_nil
+          end
+        end
+      end
+
+      context 'when invalid' do
+        it 'should return introspection result with error' do
+          mock_graph :get, 'debug_token', 'token_introspection/invalid', :access_token => 'app_token', :params => {
+            :input_token => 'input_token'
+          } do
+            result = app.debug_token input_token
+            result.should be_instance_of Rack::OAuth2::AccessToken::Introspectable::Result
+            result.application.should == application
+            result.user.should == user
+            result.scopes.should == scopes
+            result.expires_at.should == Time.at(1350356400)
+            result.is_valid.should be_false
+            result.error.should be_a Hash
+          end
+        end
+      end
+    end
+
+    context 'when input_token is String' do
+      let(:input_token) { 'input_token' }
+      it_behaves_like :token_debugger
+    end
+
+    context 'when input_token is Rack::OAuth2::AccessToken::Legacy instance' do
+      let(:input_token) { Rack::OAuth2::AccessToken::Legacy.new :access_token => 'input_token' }
+      it_behaves_like :token_debugger
+    end
+  end
+end

data/spec/gs_graph/auth/cookie_spec.rb

@@ -0,0 +1,29 @@
+require 'spec_helper'
+
+describe GSGraph::Auth::Cookie, '.parse' do
+  let(:client) { Rack::OAuth2::Client.new(:identifier => 'client_id', :secret => 'client_secret') }
+  let :cookie do
+    {
+      'fbsr_client_id' => "9heZHFs6tDH/Nif4CqmBaMQ8nKEOc5g2WgVJa10LF00.eyJhbGdvcml0aG0iOiJITUFDLVNIQTI1NiIsImNvZGUiOiI4ZDYwZDY4NDA4MmQ1NjczMjY3MWUxNzAuMS01Nzk2MTIyNzZ8N2pkVlp6MlNLNUY2b0gtQ21FQWtZZVpuVjEwIiwiaXNzdWVkX2F0IjoxMzEyOTUzOTcxLCJ1c2VyX2lkIjo1Nzk2MTIyNzZ9"
+    }
+  end
+
+  shared_examples_for :parsable_cookie do
+    it 'should be parsable' do
+      data[:algorithm].should == 'HMAC-SHA256'
+      data[:code].should      == '8d60d684082d56732671e170.1-579612276|7jdVZz2SK5F6oH-CmEAkYeZnV10'
+      data[:issued_at].should == 1312953971
+      data[:user_id].should   == 579612276
+    end
+  end
+
+  context 'when whole cookie is given' do
+    let(:data) { GSGraph::Auth::Cookie.parse(client, cookie) }
+    it_behaves_like :parsable_cookie
+  end
+
+  context 'when actual cookie string is given' do
+    let(:data) { GSGraph::Auth::Cookie.parse(client, cookie['fbsr_client_id']) }
+    it_behaves_like :parsable_cookie
+  end
+end

data/spec/gs_graph/auth/signed_request_spec.rb

@@ -0,0 +1,22 @@
+require 'spec_helper'
+
+describe GSGraph::Auth::SignedRequest, '.parse' do
+  before do
+    @client = Rack::OAuth2::Client.new(:identifier => 'client_id', :secret => 'client_secret')
+    @signed_request = "LqsgnfcsRdfjOgyW6ZuSLpGBVsxUBegEqai4EcrWS0A=.eyJhbGdvcml0aG0iOiJITUFDLVNIQTI1NiIsImV4cGlyZXMiOjAsImlzc3VlZF9hdCI6MTI5ODc4MzczOSwib2F1dGhfdG9rZW4iOiIxMzQxNDU2NDMyOTQzMjJ8MmI4YTZmOTc1NTJjNmRjZWQyMDU4MTBiLTU3OTYxMjI3NnxGS1o0akdKZ0JwN2k3bFlrOVhhUk1QZ3lhNnMiLCJ1c2VyIjp7ImNvdW50cnkiOiJqcCIsImxvY2FsZSI6ImVuX1VTIiwiYWdlIjp7Im1pbiI6MjF9fSwidXNlcl9pZCI6IjU3OTYxMjI3NiJ9"
+  end
+
+  it 'should verify signature and return data' do
+    data = GSGraph::Auth::SignedRequest.verify(@client, @signed_request)
+    data[:expires].should          == 0
+    data[:algorithm].should        == 'HMAC-SHA256'
+    data[:user_id].should          == '579612276'
+    data[:oauth_token].should      == '134145643294322|2b8a6f97552c6dced205810b-579612276|FKZ4jGJgBp7i7lYk9XaRMPgya6s'
+    data[:issued_at].should        == 1298783739
+    data[:user][:country].should   == 'jp'
+    data[:user][:locale].should    == 'en_US'
+    data[:user][:age][:min].should == 21
+  end
+end
+
+

data/spec/gs_graph/auth_spec.rb

@@ -0,0 +1,223 @@
+require 'spec_helper'
+
+describe GSGraph::Auth do
+  let :optional_attributes do
+    {}
+  end
+  let(:auth) { GSGraph::Auth.new('client_id', 'client_secret', optional_attributes) }
+  subject { auth }
+
+  its(:client) { should be_a(Rack::OAuth2::Client) }
+  describe 'client' do
+    subject { auth.client }
+    let :optional_attributes do
+      {:redirect_uri => 'https://client.example.com/callback'}
+    end
+    its(:identifier) { should == 'client_id' }
+    its(:secret) { should == 'client_secret' }
+    its(:redirect_uri) { should == 'https://client.example.com/callback' }
+  end
+
+  context 'when invalid cookie given' do
+    let :optional_attributes do
+      {:cookie => 'invalid'}
+    end
+    it 'should raise GSGraph::VerificationFailed' do
+      expect { auth }.to raise_exception(GSGraph::Auth::VerificationFailed)
+    end
+  end
+
+  context 'when invalid cookie given' do
+    let :optional_attributes do
+      {:signed_request => 'invalid'}
+    end
+
+    it 'should raise GSGraph::VerificationFailed' do
+      expect { auth }.to raise_exception(GSGraph::Auth::VerificationFailed)
+    end
+  end
+
+  describe '#authorized?' do
+    context 'when access_token is given' do
+      before do
+        auth.access_token = 'access_token'
+      end
+      its(:authorized?) { should be_true }
+    end
+
+    context 'otherwise' do
+      its(:authorized?) { should be_false }
+    end
+  end
+
+  describe '#authorize_uri' do
+    let(:canvas_uri) { 'http://client.example.com/canvas' }
+    subject { auth.authorize_uri(canvas_uri) }
+    it { should == "https://www.gamestamper.com/dialog/oauth?client_id=client_id&redirect_uri=#{CGI.escape canvas_uri}" }
+
+    context 'when params are given' do
+      subject { auth.authorize_uri(canvas_uri, :scope => [:scope1, :scope2], :state => 'state1') }
+      it { should == "https://www.gamestamper.com/dialog/oauth?client_id=client_id&redirect_uri=#{CGI.escape canvas_uri}&scope=#{CGI.escape "scope1,scope2"}&state=state1" }
+    end
+  end
+
+  describe '#from_cookie' do
+    let :cookie do
+      {
+        'fbsr_client_id' => "9heZHFs6tDH/Nif4CqmBaMQ8nKEOc5g2WgVJa10LF00.eyJhbGdvcml0aG0iOiJITUFDLVNIQTI1NiIsImNvZGUiOiI4ZDYwZDY4NDA4MmQ1NjczMjY3MWUxNzAuMS01Nzk2MTIyNzZ8N2pkVlp6MlNLNUY2b0gtQ21FQWtZZVpuVjEwIiwiaXNzdWVkX2F0IjoxMzEyOTUzOTcxLCJ1c2VyX2lkIjo1Nzk2MTIyNzZ9"
+      }
+    end
+
+    it 'should exchange code with access token' do
+      expect { auth.from_cookie(cookie) }.to request_to '/oauth/access_token', :post
+    end
+
+    it 'should setup user and access_token' do
+      mock_graph :post, '/oauth/access_token', 'token_response' do
+        auth.access_token.should be_nil
+        auth.user.should be_nil
+        auth.from_cookie(cookie)
+        auth.access_token.should be_a Rack::OAuth2::AccessToken::Legacy
+        auth.access_token.access_token.should      == 'token'
+        auth.user.should be_a GSGraph::User
+        auth.user.identifier.should                == 579612276
+        auth.user.access_token.access_token.should == 'token'
+        auth.data.should == {
+          "algorithm" => "HMAC-SHA256",
+          "code" => "8d60d684082d56732671e170.1-579612276|7jdVZz2SK5F6oH-CmEAkYeZnV10",
+          "issued_at" => 1312953971,
+          "user_id" => 579612276
+        }
+      end
+    end
+
+    context 'when invalid cookie given' do
+      it 'should raise GSGraph::VerificationFailed' do
+        lambda do
+          auth.from_cookie('invalid')
+        end.should raise_exception(GSGraph::Auth::VerificationFailed)
+      end
+    end
+
+    context 'when Rack::OAuth2::Client::Error occurred' do
+      context 'when BadRequest' do
+        it 'should raise GSGraph::BadRequest' do
+          mock_graph :post, 'oauth/access_token', 'blank', :status => [400, 'BadRequest'] do
+            lambda do
+              auth.from_cookie(cookie)
+            end.should raise_exception GSGraph::BadRequest
+          end
+        end
+      end
+
+      context 'when Unauthorized' do
+        it 'should raise GSGraph::Unauthorized' do
+          mock_graph :post, 'oauth/access_token', 'blank', :status => [401, 'Unauthorized'] do
+            lambda do
+              auth.from_cookie(cookie)
+            end.should raise_exception GSGraph::Unauthorized
+          end
+        end
+      end
+
+      context 'otherwise' do
+        it 'should raise GSGraph::Exception' do
+          mock_graph :post, 'oauth/access_token', 'blank', :status => [403, 'Forbidden'] do
+            lambda do
+              auth.from_cookie(cookie)
+            end.should raise_exception GSGraph::Exception
+          end
+        end
+      end
+    end
+  end
+
+  describe '#from_signed_request' do
+    let :signed_request do
+      "LqsgnfcsRdfjOgyW6ZuSLpGBVsxUBegEqai4EcrWS0A=.eyJhbGdvcml0aG0iOiJITUFDLVNIQTI1NiIsImV4cGlyZXMiOjAsImlzc3VlZF9hdCI6MTI5ODc4MzczOSwib2F1dGhfdG9rZW4iOiIxMzQxNDU2NDMyOTQzMjJ8MmI4YTZmOTc1NTJjNmRjZWQyMDU4MTBiLTU3OTYxMjI3NnxGS1o0akdKZ0JwN2k3bFlrOVhhUk1QZ3lhNnMiLCJ1c2VyIjp7ImNvdW50cnkiOiJqcCIsImxvY2FsZSI6ImVuX1VTIiwiYWdlIjp7Im1pbiI6MjF9fSwidXNlcl9pZCI6IjU3OTYxMjI3NiJ9"
+    end
+
+    it 'should setup user and access_token' do
+      auth.access_token.should be_nil
+      auth.user.should be_nil
+      auth.from_signed_request(signed_request)
+      auth.access_token.should be_a Rack::OAuth2::AccessToken::Legacy
+      auth.access_token.access_token.should      == '134145643294322|2b8a6f97552c6dced205810b-579612276|FKZ4jGJgBp7i7lYk9XaRMPgya6s'
+      auth.user.should be_a GSGraph::User
+      auth.user.identifier.should                == '579612276'
+      auth.user.access_token.access_token.should == '134145643294322|2b8a6f97552c6dced205810b-579612276|FKZ4jGJgBp7i7lYk9XaRMPgya6s'
+      auth.data.should include(
+        "expires"=>0,
+        "algorithm"=>"HMAC-SHA256",
+        "issued_at"=>1298783739
+      )
+      auth.data['user'].should include(
+        "country"=>"jp",
+        "locale"=>"en_US",
+        "age"=>{"min"=>21}
+      )
+    end
+
+    context 'when expires included' do
+      let :signed_request do
+        "bzMUNepndPnmce-QdJqvkigxr_6iEzOf-ZNl-ZitvpA.eyJhbGdvcml0aG0iOiJITUFDLVNIQTI1NiIsImV4cGlyZXMiOjEzMjA2NjAwMDAsImlzc3VlZF9hdCI6MTI5ODc4MzczOSwib2F1dGhfdG9rZW4iOiIxMzQxNDU2NDMyOTQzMjJ8MmI4YTZmOTc1NTJjNmRjZWQyMDU4MTBiLTU3OTYxMjI3NnxGS1o0akdKZ0JwN2k3bFlrOVhhUk1QZ3lhNnMiLCJ1c2VyIjp7ImNvdW50cnkiOiJqcCIsImxvY2FsZSI6ImVuX1VTIiwiYWdlIjp7Im1pbiI6MjF9fSwidXNlcl9pZCI6IjU3OTYxMjI3NiJ9"
+      end
+
+      it 'should have expires_in' do
+        auth.from_signed_request(signed_request)
+        auth.access_token.expires_in.should be_a Integer
+      end
+    end
+
+    context 'when invalid signed_request given' do
+      it 'should raise GSGraph::VerificationFailed' do
+        lambda do
+          auth.from_signed_request('invalid.signed_request')
+        end.should raise_exception(GSGraph::Auth::VerificationFailed)
+      end
+    end
+  end
+
+  describe "#exchange_token!" do
+    it 'should get new token' do
+      mock_graph :post, '/oauth/access_token', 'token_with_expiry' do
+        auth.exchange_token! 'old_token'
+        auth.access_token.access_token.should == 'new_token'
+        auth.access_token.expires_in.should == 3600
+      end
+    end
+
+    context 'when Rack::OAuth2::Client::Error occurred' do
+      context 'when BadRequest' do
+        it 'should raise GSGraph::BadRequest' do
+          mock_graph :post, 'oauth/access_token', 'blank', :status => [400, 'BadRequest'] do
+            lambda do
+              auth.exchange_token! 'old_token'
+            end.should raise_exception GSGraph::BadRequest
+          end
+        end
+      end
+
+      context 'when Unauthorized' do
+        it 'should raise GSGraph::Unauthorized' do
+          mock_graph :post, 'oauth/access_token', 'blank', :status => [401, 'Unauthorized'] do
+            lambda do
+              auth.exchange_token! 'old_token'
+            end.should raise_exception GSGraph::Unauthorized
+          end
+        end
+      end
+
+      context 'otherwise' do
+        it 'should raise GSGraph::Exception' do
+          mock_graph :post, 'oauth/access_token', 'blank', :status => [403, 'Forbidden'] do
+            lambda do
+              auth.exchange_token! 'old_token'
+            end.should raise_exception GSGraph::Exception
+          end
+        end
+      end
+    end
+  end
+end
+