insrc_devise_oauth2_providable 1.1.2
Sign up to get free protection for your applications and to get access to all the features.
- data/.gitignore +35 -0
- data/.rvmrc +1 -0
- data/CONTRIBUTORS.txt +6 -0
- data/Gemfile +4 -0
- data/LICENSE.txt +22 -0
- data/README.md +158 -0
- data/Rakefile +8 -0
- data/app/controllers/devise/oauth2_providable/authorizations_controller.rb +59 -0
- data/app/controllers/devise/oauth2_providable/tokens_controller.rb +17 -0
- data/app/models/devise/oauth2_providable/access_token.rb +24 -0
- data/app/models/devise/oauth2_providable/authorization_code.rb +3 -0
- data/app/models/devise/oauth2_providable/client.rb +24 -0
- data/app/models/devise/oauth2_providable/refresh_token.rb +8 -0
- data/app/views/devise/oauth2_providable/authorizations/_form.html.erb +7 -0
- data/app/views/devise/oauth2_providable/authorizations/error.html.erb +4 -0
- data/app/views/devise/oauth2_providable/authorizations/new.html.erb +4 -0
- data/config/routes.rb +7 -0
- data/db/migrate/20111014160714_create_devise_oauth2_providable_schema.rb +54 -0
- data/devise_oauth2_providable.gemspec +32 -0
- data/lib/devise/oauth2_providable/engine.rb +16 -0
- data/lib/devise/oauth2_providable/expirable_token.rb +58 -0
- data/lib/devise/oauth2_providable/models/oauth2_authorization_code_grantable.rb +6 -0
- data/lib/devise/oauth2_providable/models/oauth2_password_grantable.rb +6 -0
- data/lib/devise/oauth2_providable/models/oauth2_providable.rb +13 -0
- data/lib/devise/oauth2_providable/models/oauth2_refresh_token_grantable.rb +6 -0
- data/lib/devise/oauth2_providable/strategies/oauth2_authorization_code_grant_type_strategy.rb +21 -0
- data/lib/devise/oauth2_providable/strategies/oauth2_grant_type_strategy.rb +39 -0
- data/lib/devise/oauth2_providable/strategies/oauth2_password_grant_type_strategy.rb +22 -0
- data/lib/devise/oauth2_providable/strategies/oauth2_providable_strategy.rb +25 -0
- data/lib/devise/oauth2_providable/strategies/oauth2_refresh_token_grant_type_strategy.rb +22 -0
- data/lib/devise/oauth2_providable/version.rb +5 -0
- data/lib/devise_oauth2_providable.rb +41 -0
- data/script/rails +6 -0
- data/spec/controllers/authorizations_controller_spec.rb +32 -0
- data/spec/controllers/protected_controller_spec.rb +42 -0
- data/spec/dummy/Rakefile +7 -0
- data/spec/dummy/app/assets/javascripts/application.js +7 -0
- data/spec/dummy/app/assets/stylesheets/application.css +7 -0
- data/spec/dummy/app/controllers/application_controller.rb +3 -0
- data/spec/dummy/app/controllers/protected_controller.rb +6 -0
- data/spec/dummy/app/helpers/application_helper.rb +2 -0
- data/spec/dummy/app/mailers/.gitkeep +0 -0
- data/spec/dummy/app/models/.gitkeep +0 -0
- data/spec/dummy/app/models/user.rb +3 -0
- data/spec/dummy/app/views/layouts/application.html.erb +14 -0
- data/spec/dummy/config.ru +4 -0
- data/spec/dummy/config/application.rb +51 -0
- data/spec/dummy/config/boot.rb +10 -0
- data/spec/dummy/config/database.yml +25 -0
- data/spec/dummy/config/environment.rb +5 -0
- data/spec/dummy/config/environments/development.rb +30 -0
- data/spec/dummy/config/environments/production.rb +60 -0
- data/spec/dummy/config/environments/test.rb +39 -0
- data/spec/dummy/config/initializers/backtrace_silencers.rb +7 -0
- data/spec/dummy/config/initializers/devise.rb +210 -0
- data/spec/dummy/config/initializers/inflections.rb +10 -0
- data/spec/dummy/config/initializers/mime_types.rb +5 -0
- data/spec/dummy/config/initializers/secret_token.rb +7 -0
- data/spec/dummy/config/initializers/session_store.rb +8 -0
- data/spec/dummy/config/initializers/wrap_parameters.rb +14 -0
- data/spec/dummy/config/locales/devise.en.yml +58 -0
- data/spec/dummy/config/locales/en.yml +5 -0
- data/spec/dummy/config/routes.rb +7 -0
- data/spec/dummy/db/migrate/20111014142838_create_users.rb +9 -0
- data/spec/dummy/db/migrate/20111014161437_create_devise_oauth2_providable_schema.rb +55 -0
- data/spec/dummy/db/schema.rb +78 -0
- data/spec/dummy/lib/assets/.gitkeep +0 -0
- data/spec/dummy/public/404.html +26 -0
- data/spec/dummy/public/422.html +26 -0
- data/spec/dummy/public/500.html +26 -0
- data/spec/dummy/public/favicon.ico +0 -0
- data/spec/dummy/script/rails +6 -0
- data/spec/factories/client_factory.rb +5 -0
- data/spec/factories/user_factory.rb +4 -0
- data/spec/integration/oauth2_authorization_token_grant_type_strategy_spec.rb +136 -0
- data/spec/integration/oauth2_password_grant_type_strategy_spec.rb +174 -0
- data/spec/integration/oauth2_refresh_token_grant_type_strategy_spec.rb +138 -0
- data/spec/lib/devise_oauth2_providable_spec.rb +7 -0
- data/spec/models/access_token_spec.rb +53 -0
- data/spec/models/authorization_code_spec.rb +23 -0
- data/spec/models/client_spec.rb +22 -0
- data/spec/models/refresh_token_spec.rb +26 -0
- data/spec/models/user_spec.rb +6 -0
- data/spec/routing/authorizations_routing_spec.rb +16 -0
- data/spec/routing/tokens_routing_spec.rb +9 -0
- data/spec/spec_helper.rb +29 -0
- data/spec/support/inject_engine_routes_into_application.rb +74 -0
- data/spec/support/match_json.rb +6 -0
- metadata +374 -0
@@ -0,0 +1,174 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
|
3
|
+
describe Devise::Strategies::Oauth2PasswordGrantTypeStrategy do
|
4
|
+
describe 'POST /oauth2/token' do
|
5
|
+
describe 'with grant_type=password' do
|
6
|
+
context 'with valid params' do
|
7
|
+
with :client
|
8
|
+
before do
|
9
|
+
@user = User.create! :email => 'ryan@socialcast.com', :password => 'test'
|
10
|
+
|
11
|
+
params = {
|
12
|
+
:grant_type => 'password',
|
13
|
+
:client_id => client.identifier,
|
14
|
+
:client_secret => client.secret,
|
15
|
+
:username => @user.email,
|
16
|
+
:password => 'test'
|
17
|
+
}
|
18
|
+
|
19
|
+
post '/oauth2/token', params
|
20
|
+
end
|
21
|
+
it { response.code.to_i.should == 200 }
|
22
|
+
it { response.content_type.should == 'application/json' }
|
23
|
+
it 'returns json' do
|
24
|
+
token = Devise::Oauth2Providable::AccessToken.last
|
25
|
+
expected = token.token_response
|
26
|
+
response.body.should match_json(expected)
|
27
|
+
end
|
28
|
+
end
|
29
|
+
context 'with valid params and client id/secret in basic auth header' do
|
30
|
+
with :client
|
31
|
+
before do
|
32
|
+
@user = User.create! :email => 'ryan@socialcast.com', :password => 'test'
|
33
|
+
|
34
|
+
params = {
|
35
|
+
:grant_type => 'password',
|
36
|
+
:username => @user.email,
|
37
|
+
:password => 'test'
|
38
|
+
}
|
39
|
+
|
40
|
+
auth_header = ActionController::HttpAuthentication::Basic.encode_credentials client.identifier, client.secret
|
41
|
+
post '/oauth2/token', params, 'HTTP_AUTHORIZATION' => auth_header
|
42
|
+
end
|
43
|
+
it { response.code.to_i.should == 200 }
|
44
|
+
it { response.content_type.should == 'application/json' }
|
45
|
+
it 'returns json' do
|
46
|
+
puts response.body
|
47
|
+
token = Devise::Oauth2Providable::AccessToken.last
|
48
|
+
expected = token.token_response
|
49
|
+
response.body.should match_json(expected)
|
50
|
+
end
|
51
|
+
end
|
52
|
+
context 'with invalid client id in basic auth header' do
|
53
|
+
with :client
|
54
|
+
before do
|
55
|
+
@user = User.create! :email => 'ryan@socialcast.com', :password => 'test'
|
56
|
+
params = {
|
57
|
+
:grant_type => 'password',
|
58
|
+
:username => @user.email,
|
59
|
+
:password => 'test'
|
60
|
+
}
|
61
|
+
auth_header = ActionController::HttpAuthentication::Basic.encode_credentials 'invalid client id', client.secret
|
62
|
+
post '/oauth2/token', params, 'HTTP_AUTHORIZATION' => auth_header
|
63
|
+
end
|
64
|
+
it { response.code.to_i.should == 400 }
|
65
|
+
it { response.content_type.should == 'application/json' }
|
66
|
+
it 'returns json' do
|
67
|
+
expected = {
|
68
|
+
:error_description => "invalid client credentials",
|
69
|
+
:error => "invalid_client"
|
70
|
+
}
|
71
|
+
response.body.should match_json(expected)
|
72
|
+
end
|
73
|
+
end
|
74
|
+
context 'with invalid client secret in basic auth header' do
|
75
|
+
with :client
|
76
|
+
before do
|
77
|
+
@user = User.create! :email => 'ryan@socialcast.com', :password => 'test'
|
78
|
+
params = {
|
79
|
+
:grant_type => 'password',
|
80
|
+
:username => @user.email,
|
81
|
+
:password => 'test'
|
82
|
+
}
|
83
|
+
auth_header = ActionController::HttpAuthentication::Basic.encode_credentials client.identifier, 'invalid secret'
|
84
|
+
post '/oauth2/token', params, 'HTTP_AUTHORIZATION' => auth_header
|
85
|
+
end
|
86
|
+
it { response.code.to_i.should == 400 }
|
87
|
+
it { response.content_type.should == 'application/json' }
|
88
|
+
it 'returns json' do
|
89
|
+
expected = {
|
90
|
+
:error_description => "invalid client credentials",
|
91
|
+
:error => "invalid_client"
|
92
|
+
}
|
93
|
+
response.body.should match_json(expected)
|
94
|
+
end
|
95
|
+
end
|
96
|
+
context 'with invalid password' do
|
97
|
+
with :client
|
98
|
+
before do
|
99
|
+
@user = User.create! :email => 'ryan@socialcast.com', :password => 'test'
|
100
|
+
|
101
|
+
params = {
|
102
|
+
:grant_type => 'password',
|
103
|
+
:client_id => client.identifier,
|
104
|
+
:client_secret => client.secret,
|
105
|
+
:username => @user.email,
|
106
|
+
:password => 'bar'
|
107
|
+
}
|
108
|
+
|
109
|
+
post '/oauth2/token', params
|
110
|
+
end
|
111
|
+
it { response.code.to_i.should == 400 }
|
112
|
+
it { response.content_type.should == 'application/json' }
|
113
|
+
it 'returns json' do
|
114
|
+
expected = {
|
115
|
+
:error_description => "invalid password authentication request",
|
116
|
+
:error => "invalid_grant"
|
117
|
+
}
|
118
|
+
response.body.should match_json(expected)
|
119
|
+
end
|
120
|
+
end
|
121
|
+
context 'with invalid client_id' do
|
122
|
+
with :client
|
123
|
+
before do
|
124
|
+
@user = User.create! :email => 'ryan@socialcast.com', :password => 'test'
|
125
|
+
|
126
|
+
params = {
|
127
|
+
:grant_type => 'password',
|
128
|
+
:client_id => 'invalid',
|
129
|
+
:client_secret => client.secret,
|
130
|
+
:username => @user.email,
|
131
|
+
:password => 'test'
|
132
|
+
}
|
133
|
+
|
134
|
+
post '/oauth2/token', params
|
135
|
+
end
|
136
|
+
it { response.code.to_i.should == 400 }
|
137
|
+
it { response.content_type.should == 'application/json' }
|
138
|
+
it 'returns json' do
|
139
|
+
expected = {
|
140
|
+
:error_description => "invalid client credentials",
|
141
|
+
:error => "invalid_client"
|
142
|
+
}
|
143
|
+
response.body.should match_json(expected)
|
144
|
+
end
|
145
|
+
end
|
146
|
+
context 'with invalid client_secret' do
|
147
|
+
with :client
|
148
|
+
before do
|
149
|
+
@user = User.create! :email => 'ryan@socialcast.com', :password => 'test'
|
150
|
+
|
151
|
+
params = {
|
152
|
+
:grant_type => 'password',
|
153
|
+
:client_id => client.identifier,
|
154
|
+
:client_secret => 'invalid',
|
155
|
+
:username => @user.email,
|
156
|
+
:password => 'test'
|
157
|
+
}
|
158
|
+
|
159
|
+
post '/oauth2/token', params
|
160
|
+
end
|
161
|
+
it { response.code.to_i.should == 400 }
|
162
|
+
it { response.content_type.should == 'application/json' }
|
163
|
+
it 'returns json' do
|
164
|
+
expected = {
|
165
|
+
:error_description => "invalid client credentials",
|
166
|
+
:error => "invalid_client"
|
167
|
+
}
|
168
|
+
response.body.should match_json(expected)
|
169
|
+
end
|
170
|
+
end
|
171
|
+
end
|
172
|
+
end
|
173
|
+
end
|
174
|
+
|
@@ -0,0 +1,138 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
|
3
|
+
describe Devise::Strategies::Oauth2RefreshTokenGrantTypeStrategy do
|
4
|
+
describe 'POST /oauth2/token' do
|
5
|
+
describe 'with grant_type=refresh_token' do
|
6
|
+
context 'with valid params' do
|
7
|
+
with :client
|
8
|
+
with :user
|
9
|
+
before do
|
10
|
+
@refresh_token = client.refresh_tokens.create! :user => user
|
11
|
+
params = {
|
12
|
+
:grant_type => 'refresh_token',
|
13
|
+
:client_id => client.identifier,
|
14
|
+
:client_secret => client.secret,
|
15
|
+
:refresh_token => @refresh_token.token
|
16
|
+
}
|
17
|
+
|
18
|
+
post '/oauth2/token', params
|
19
|
+
end
|
20
|
+
it { response.code.to_i.should == 200 }
|
21
|
+
it { response.content_type.should == 'application/json' }
|
22
|
+
it 'returns json' do
|
23
|
+
token = Devise::Oauth2Providable::AccessToken.last
|
24
|
+
refresh_token = @refresh_token
|
25
|
+
expected = {
|
26
|
+
:token_type => 'bearer',
|
27
|
+
:expires_in => 899,
|
28
|
+
:refresh_token => refresh_token.token,
|
29
|
+
:access_token => token.token
|
30
|
+
}
|
31
|
+
response.body.should match_json(expected)
|
32
|
+
end
|
33
|
+
end
|
34
|
+
context 'with expired refresh_token' do
|
35
|
+
with :user
|
36
|
+
with :client
|
37
|
+
before do
|
38
|
+
timenow = 2.days.from_now
|
39
|
+
Time.stub!(:now).and_return(timenow)
|
40
|
+
@refresh_token = client.refresh_tokens.create! :user => user
|
41
|
+
params = {
|
42
|
+
:grant_type => 'refresh_token',
|
43
|
+
:client_id => client.identifier,
|
44
|
+
:client_secret => client.secret,
|
45
|
+
:refresh_token => @refresh_token.token
|
46
|
+
}
|
47
|
+
Time.stub!(:now).and_return(timenow + 2.months)
|
48
|
+
|
49
|
+
post '/oauth2/token', params
|
50
|
+
end
|
51
|
+
it { response.code.to_i.should == 400 }
|
52
|
+
it { response.content_type.should == 'application/json' }
|
53
|
+
it 'returns json' do
|
54
|
+
expected = {
|
55
|
+
:error => 'invalid_grant',
|
56
|
+
:error_description => 'invalid refresh token'
|
57
|
+
}
|
58
|
+
response.body.should match_json(expected)
|
59
|
+
end
|
60
|
+
end
|
61
|
+
context 'with invalid refresh_token' do
|
62
|
+
with :user
|
63
|
+
with :client
|
64
|
+
before do
|
65
|
+
@refresh_token = client.refresh_tokens.create! :user => user
|
66
|
+
params = {
|
67
|
+
:grant_type => 'refresh_token',
|
68
|
+
:client_id => client.identifier,
|
69
|
+
:client_secret => client.secret,
|
70
|
+
:refresh_token => 'invalid'
|
71
|
+
}
|
72
|
+
|
73
|
+
post '/oauth2/token', params
|
74
|
+
end
|
75
|
+
it { response.code.to_i.should == 400 }
|
76
|
+
it { response.content_type.should == 'application/json' }
|
77
|
+
it 'returns json' do
|
78
|
+
token = Devise::Oauth2Providable::AccessToken.last
|
79
|
+
refresh_token = @refresh_token
|
80
|
+
expected = {
|
81
|
+
:error => 'invalid_grant',
|
82
|
+
:error_description => 'invalid refresh token'
|
83
|
+
}
|
84
|
+
response.body.should match_json(expected)
|
85
|
+
end
|
86
|
+
end
|
87
|
+
context 'with invalid client_id' do
|
88
|
+
with :user
|
89
|
+
with :client
|
90
|
+
before do
|
91
|
+
@refresh_token = client.refresh_tokens.create! :user => user
|
92
|
+
params = {
|
93
|
+
:grant_type => 'refresh_token',
|
94
|
+
:client_id => 'invalid',
|
95
|
+
:client_secret => client.secret,
|
96
|
+
:refresh_token => @refresh_token.token
|
97
|
+
}
|
98
|
+
|
99
|
+
post '/oauth2/token', params
|
100
|
+
end
|
101
|
+
it { response.code.to_i.should == 400 }
|
102
|
+
it { response.content_type.should == 'application/json' }
|
103
|
+
it 'returns json' do
|
104
|
+
expected = {
|
105
|
+
:error => 'invalid_client',
|
106
|
+
:error_description => 'invalid client credentials'
|
107
|
+
}
|
108
|
+
response.body.should match_json(expected)
|
109
|
+
end
|
110
|
+
end
|
111
|
+
context 'with invalid client_secret' do
|
112
|
+
with :user
|
113
|
+
with :client
|
114
|
+
before do
|
115
|
+
@refresh_token = client.refresh_tokens.create! :user => user
|
116
|
+
params = {
|
117
|
+
:grant_type => 'refresh_token',
|
118
|
+
:client_id => client.identifier,
|
119
|
+
:client_secret => 'invalid',
|
120
|
+
:refresh_token => @refresh_token.token
|
121
|
+
}
|
122
|
+
|
123
|
+
post '/oauth2/token', params
|
124
|
+
end
|
125
|
+
it { response.code.to_i.should == 400 }
|
126
|
+
it { response.content_type.should == 'application/json' }
|
127
|
+
it 'returns json' do
|
128
|
+
expected = {
|
129
|
+
:error => 'invalid_client',
|
130
|
+
:error_description => 'invalid client credentials'
|
131
|
+
}
|
132
|
+
response.body.should match_json(expected)
|
133
|
+
end
|
134
|
+
end
|
135
|
+
end
|
136
|
+
end
|
137
|
+
end
|
138
|
+
|
@@ -0,0 +1,53 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
|
3
|
+
describe Devise::Oauth2Providable::AccessToken do
|
4
|
+
it { Devise::Oauth2Providable::AccessToken.table_name.should == 'oauth2_access_tokens' }
|
5
|
+
|
6
|
+
describe 'basic access token instance' do
|
7
|
+
with :client
|
8
|
+
subject do
|
9
|
+
Devise::Oauth2Providable::AccessToken.create! :client => client
|
10
|
+
end
|
11
|
+
it { should validate_presence_of :token }
|
12
|
+
it { should validate_uniqueness_of :token }
|
13
|
+
it { should belong_to :user }
|
14
|
+
it { should allow_mass_assignment_of :user }
|
15
|
+
it { should belong_to :client }
|
16
|
+
it { should allow_mass_assignment_of :client }
|
17
|
+
it { should validate_presence_of :client }
|
18
|
+
it { should validate_presence_of :expires_at }
|
19
|
+
it { should belong_to :refresh_token }
|
20
|
+
it { should allow_mass_assignment_of :refresh_token }
|
21
|
+
it { should have_db_index :client_id }
|
22
|
+
it { should have_db_index :user_id }
|
23
|
+
it { should have_db_index(:token).unique(true) }
|
24
|
+
it { should have_db_index :expires_at }
|
25
|
+
end
|
26
|
+
|
27
|
+
describe '#expires_at' do
|
28
|
+
context 'when refresh token does not expire before access token' do
|
29
|
+
with :client
|
30
|
+
before do
|
31
|
+
@later = 1.year.from_now
|
32
|
+
@refresh_token = client.refresh_tokens.create!
|
33
|
+
@refresh_token.expires_at = @soon
|
34
|
+
@access_token = Devise::Oauth2Providable::AccessToken.create! :client => client, :refresh_token => @refresh_token
|
35
|
+
end
|
36
|
+
focus 'should not set the access token expires_at to equal refresh token' do
|
37
|
+
@access_token.expires_at.should_not == @later
|
38
|
+
end
|
39
|
+
end
|
40
|
+
context 'when refresh token expires before access token' do
|
41
|
+
with :client
|
42
|
+
before do
|
43
|
+
@soon = 1.minute.from_now
|
44
|
+
@refresh_token = client.refresh_tokens.create!
|
45
|
+
@refresh_token.expires_at = @soon
|
46
|
+
@access_token = Devise::Oauth2Providable::AccessToken.create! :client => client, :refresh_token => @refresh_token
|
47
|
+
end
|
48
|
+
it 'should set the access token expires_at to equal refresh token' do
|
49
|
+
@access_token.expires_at.should == @soon
|
50
|
+
end
|
51
|
+
end
|
52
|
+
end
|
53
|
+
end
|
@@ -0,0 +1,23 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
|
3
|
+
describe Devise::Oauth2Providable::AuthorizationCode do
|
4
|
+
describe 'basic authorization code instance' do
|
5
|
+
with :client
|
6
|
+
subject do
|
7
|
+
Devise::Oauth2Providable::AuthorizationCode.create! :client => client
|
8
|
+
end
|
9
|
+
it { should validate_presence_of :token }
|
10
|
+
it { should validate_uniqueness_of :token }
|
11
|
+
it { should belong_to :user }
|
12
|
+
it { should allow_mass_assignment_of :user }
|
13
|
+
it { should belong_to :client }
|
14
|
+
it { should allow_mass_assignment_of :client }
|
15
|
+
it { should validate_presence_of :client }
|
16
|
+
it { should validate_presence_of :expires_at }
|
17
|
+
it { should have_db_index :client_id }
|
18
|
+
it { should have_db_index :user_id }
|
19
|
+
it { should have_db_index(:token).unique(true) }
|
20
|
+
it { should have_db_index :expires_at }
|
21
|
+
end
|
22
|
+
end
|
23
|
+
|
@@ -0,0 +1,22 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
|
3
|
+
describe Devise::Oauth2Providable::Client do
|
4
|
+
it { Devise::Oauth2Providable::Client.table_name.should == 'oauth2_clients' }
|
5
|
+
|
6
|
+
describe 'basic client instance' do
|
7
|
+
with :client
|
8
|
+
subject { client }
|
9
|
+
it { should validate_presence_of :name }
|
10
|
+
it { should validate_uniqueness_of :name }
|
11
|
+
it { should allow_mass_assignment_of :name }
|
12
|
+
it { should validate_presence_of :website }
|
13
|
+
it { should allow_mass_assignment_of :website }
|
14
|
+
it { should allow_mass_assignment_of :redirect_uri }
|
15
|
+
it { should validate_uniqueness_of :identifier }
|
16
|
+
it { should have_db_index(:identifier).unique(true) }
|
17
|
+
it { should_not allow_mass_assignment_of :identifier }
|
18
|
+
it { should_not allow_mass_assignment_of :secret }
|
19
|
+
it { should have_many :refresh_tokens }
|
20
|
+
it { should have_many :authorization_codes }
|
21
|
+
end
|
22
|
+
end
|
@@ -0,0 +1,26 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
|
3
|
+
describe Devise::Oauth2Providable::RefreshToken do
|
4
|
+
it { Devise::Oauth2Providable::RefreshToken.table_name.should == 'oauth2_refresh_tokens' }
|
5
|
+
|
6
|
+
describe 'basic refresh token instance' do
|
7
|
+
with :client
|
8
|
+
subject do
|
9
|
+
Devise::Oauth2Providable::RefreshToken.create! :client => client
|
10
|
+
end
|
11
|
+
it { should validate_presence_of :token }
|
12
|
+
it { should validate_uniqueness_of :token }
|
13
|
+
it { should belong_to :user }
|
14
|
+
it { should allow_mass_assignment_of :user }
|
15
|
+
it { should belong_to :client }
|
16
|
+
it { should allow_mass_assignment_of :client }
|
17
|
+
it { should validate_presence_of :client }
|
18
|
+
it { should validate_presence_of :expires_at }
|
19
|
+
it { should have_many :access_tokens }
|
20
|
+
it { should allow_mass_assignment_of :access_tokens }
|
21
|
+
it { should have_db_index :client_id }
|
22
|
+
it { should have_db_index :user_id }
|
23
|
+
it { should have_db_index(:token).unique(true) }
|
24
|
+
it { should have_db_index :expires_at }
|
25
|
+
end
|
26
|
+
end
|