leash_provider 0.0.3 → 0.0.4

Sign up to get free protection for your applications and to get access to all the features.
Files changed (13) hide show
  1. checksums.yaml +4 -4
  2. data/.gitignore +1 -0
  3. data/app/controllers/leash/provider/authorize_controller.rb +5 -4
  4. data/app/controllers/leash/provider/token_controller.rb +13 -8
  5. data/app/controllers/leash/provider/user_info_controller.rb +10 -6
  6. data/app/controllers/leash/provider_controller.rb +40 -5
  7. data/app/models/leash/provider/access_token.rb +4 -2
  8. data/app/models/leash/provider/auth_code.rb +6 -3
  9. data/lib/leash/provider/version.rb +1 -1
  10. data/lib/leash_provider.rb +4 -1
  11. data/spec/controllers/leash/provider/authorize_controller_spec.rb +143 -21
  12. metadata +2 -3
  13. data/Gemfile.lock +0 -165
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 3d929c6d8f1db0374e9c4bdcb1a35662444643a4
4
- data.tar.gz: 43eb6480e8c26cc79d89d02d924ef8ab95669825
3
+ metadata.gz: e9f8943e22d719e5c719c1d8bd3fd2c3403f1381
4
+ data.tar.gz: 62427c00a7295768294e536c42274d1fd7655553
5
5
  SHA512:
6
- metadata.gz: 7d7e2e761d88e35a2a88963f3a48d65e4480a8604dc674c1df6fe5ca0d37da8665f13f197fdb750192c6b05e48ff5d43b13e7afe377d6b9456176a9bdf193754
7
- data.tar.gz: 828888b133c37b9647b08008c4495e74fdb8c9e79bb48b4d38327080e4d7f691253e64e25e664aa12a31309cb7886b72942a62c0008b6b484e0fbc88496b88a4
6
+ metadata.gz: 12abd987b0297a74fa11c795b2e31adcde8a5c4c185a3bafc5c6ba33af88888035c2217a526ca351b14ae0b4e026b004ac613a46b8450dd976b9a5fd5c576287
7
+ data.tar.gz: ced279adaf543ecf142b691431ac05b65147023cbe1966615e23fde3f124264e7b73bb425a98d550f89107ed69dd9132e3ddb1de4e00697a3592febf86dd6a31
data/.gitignore CHANGED
@@ -2,3 +2,4 @@
2
2
  *.sqlite
3
3
  /spec/internal/log/
4
4
  *.gem
5
+ Gemfile.lock
data/app/controllers/leash/provider/authorize_controller.rb CHANGED
@@ -1,6 +1,7 @@
1
1
  class Leash::Provider::AuthorizeController < Leash::ProviderController
2
2
  RESPONSE_TYPES = [ "token", "code" ].freeze
3
3
 
4
+ before_action :set_no_cache_headers
4
5
  before_action :determine_response_type!
5
6
  before_action :determine_client_id!
6
7
  before_action :determine_redirect_url!
@@ -28,15 +29,15 @@ class Leash::Provider::AuthorizeController < Leash::ProviderController
28
29
  redirect_to params[:redirect_uri] + "#access_token=#{URI.encode(access_token)}"
29
30
 
30
31
  when "code"
31
- auth_code = Leash::Provider::AuthCode.assign! @app_name, current_owner
32
+ auth_code = Leash::Provider::AuthCode.assign! @app_name, current_owner, params[:redirect_uri]
32
33
 
33
34
  Rails.logger.info "[Leash::Provider] Authorize ok: response_type=#{@response_type} current_owner=#{current_owner.class.name}##{current_owner.id} auth_code=#{auth_code} request_ip=#{request.remote_ip} request_user_agent=#{request.user_agent}"
34
35
 
35
36
  if params.has_key? :state
36
- redirect_to params[:redirect_uri] + "?code=#{URI.encode(auth_code)}&state=#{URI.encode(params[:state])}"
37
+ redirect_to params[:redirect_uri] + "?code=#{URI.encode(auth_code)}&state=#{URI.encode(params[:state])}" # FIXME ensure that params are joined correctly
37
38
 
38
39
  else
39
- redirect_to params[:redirect_uri] + "?code=#{URI.encode(auth_code)}"
40
+ redirect_to params[:redirect_uri] + "?code=#{URI.encode(auth_code)}" # FIXME ensure that params are joined correctly
40
41
  end
41
42
 
42
43
  else
@@ -76,7 +77,7 @@ class Leash::Provider::AuthorizeController < Leash::ProviderController
76
77
  @user_role_underscored = params[:user_role].underscore.gsub("/", "_")
77
78
 
78
79
  else
79
- callback_with_error "invalid_user_role", "Authorize error: Unknown role of '#{params[:user_role]}'"
80
+ callback_with_error "unknown_user_role", "Authorize error: Unknown role of '#{params[:user_role]}'"
80
81
  end
81
82
  end
82
83
 
data/app/controllers/leash/provider/token_controller.rb CHANGED
@@ -1,22 +1,27 @@
1
1
  class Leash::Provider::TokenController < Leash::ProviderController
2
2
  GRANT_TYPES = [ "authorization_code" ].freeze
3
3
 
4
+ before_action :set_no_cache_headers
4
5
  before_action :determine_grant_type!
5
6
 
6
-
7
7
  def token
8
8
  case @grant_type
9
9
  when "authorization_code"
10
10
  params.require("code")
11
11
 
12
- if Leash::Provider::AuthCode.valid?(params[:code])
13
- access_token = Leash::Provider::AccessToken.assign_from_auth_code! Leash::Provider::AuthCode.find_by_auth_code(params[:code])
12
+ # Rails.logger.info "[Leash::Provider] Code<->Token exchange: #{params.inspect}"
13
+ callback_with_error "invalid_grant", "Given auth code does not exist" and return unless Leash::Provider::AuthCode.present?(params[:code])
14
+
15
+ auth_code = Leash::Provider::AuthCode.find_by_auth_code(params[:code])
16
+ callback_with_error "invalid_grant", "Given redirect URI does not match one specified in the authorization request" and return unless auth_code.redirect_uri == params[:redirect_uri]
17
+ # TODO if client_id and client_secret is present, try to match it with ENV vars
14
18
 
15
- render json: { access_token: access_token, token_type: "bearer" }
16
- end
19
+ access_token = Leash::Provider::AccessToken.assign_from_auth_code! Leash::Provider::AuthCode.find_by_auth_code(params[:code])
20
+ Rails.logger.info "[Leash::Provider] Code<->Token exchange ok: grant_type=#{@grant_type} auth_code=#{params[:code]} access_token=#{access_token} request_ip=#{request.remote_ip} request_user_agent=#{request.user_agent}"
21
+ render json: { access_token: access_token, token_type: "bearer" }
17
22
 
18
23
  else
19
- fail "Should not be reached"
24
+ fail # Should not be reached
20
25
  end
21
26
  end
22
27
 
@@ -29,7 +34,7 @@ class Leash::Provider::TokenController < Leash::ProviderController
29
34
 
30
35
  case @grant_type
31
36
  when "authorization_code"
32
- render json: { error: error_code }, status: :unprocessable_entity
37
+ render json: { error: error_code, error_description: message }, status: :unprocessable_entity
33
38
  end
34
39
  end
35
40
 
@@ -40,7 +45,7 @@ class Leash::Provider::TokenController < Leash::ProviderController
40
45
  if GRANT_TYPES.include? params[:grant_type]
41
46
  @grant_type = params[:grant_type]
42
47
  else
43
- callback_with_error "unknown_grant_type", "Unknown grant type of '#{params[:grant_type]}'"
48
+ callback_with_error "unsupported_grant_type", "Unknown grant type of '#{params[:grant_type]}'"
44
49
  end
45
50
  end
46
51
  end
data/app/controllers/leash/provider/user_info_controller.rb CHANGED
@@ -1,24 +1,28 @@
1
1
  class Leash::Provider::UserInfoController < Leash::ProviderController
2
2
  def info
3
- render text: "missing_authorization_header", status: :unauthorized unless request.headers["Authorization"]
4
- render text: "missing_authorization_bearer", status: :unauthorized unless request.headers["Authorization"].starts_with? "Bearer "
3
+ render json: { error: "missing_authorization_header" }, status: :unauthorized and return unless request.headers["Authorization"]
4
+ render json: { error: "missing_authorization_bearer" }, status: :unauthorized and return unless request.headers["Authorization"].start_with? "Bearer "
5
5
 
6
6
  access_token_raw = request.headers["Authorization"].split(" ", 2).last
7
7
 
8
- render text: "invalid_access_token", status: :forbidden unless Leash::Provider::AccessToken.valid?(access_token_raw)
8
+ render json: { error: "unknown_access_token" }, status: :forbidden and return unless Leash::Provider::AccessToken.present?(access_token_raw)
9
9
 
10
10
  access_token = Leash::Provider::AccessToken.find_by_access_token(access_token_raw)
11
11
  owner = access_token.owner_instance
12
12
 
13
13
  if owner.respond_to? :for_leash_provider
14
- data = owner.for_leash_provider
14
+ data = owner.for_leash_provider.as_json
15
15
  else
16
- data = owner
16
+ data = owner.as_json
17
17
  end
18
18
 
19
+ full_data = { owner.class.name => data }
20
+
21
+ Rails.logger.info "[Leash::Provider] User info ok: access_token=#{access_token_raw} request_ip=#{request.remote_ip} request_user_agent=#{request.user_agent}"
22
+
19
23
  respond_to do |format|
20
24
  format.json do
21
- render json: data
25
+ render json: full_data
22
26
  end
23
27
  end
24
28
  end
data/app/controllers/leash/provider_controller.rb CHANGED
@@ -10,6 +10,12 @@ class Leash::ProviderController < LeashController
10
10
  end
11
11
 
12
12
 
13
+ def set_no_cache_headers
14
+ response.headers["Cache-Control"] = "no-store"
15
+ response.headers["Pragma"] = "no-cache"
16
+ end
17
+
18
+
13
19
  def determine_client_id!
14
20
  params.require("client_id")
15
21
 
@@ -33,12 +39,41 @@ class Leash::ProviderController < LeashController
33
39
  @redirect_url = ENV["APP_#{@env_name}_OAUTH2_REDIRECT_URL"]
34
40
  if @redirect_url and not @redirect_url.blank?
35
41
  @redirect_urls = @redirect_url.split(" ")
36
- unless @redirect_urls.include? params[:redirect_uri]
37
- callback_with_error "invalid_redirect_uri", "Redirect URL mismatch (should be '#{@redirect_url}', given '#{params[:redirect_uri]}'"
42
+
43
+ begin
44
+ redirect_uri_parsed = URI.parse(params[:redirect_uri])
45
+ rescue URI::InvalidURIError => e
46
+ callback_with_error "invalid_redirect_uri", "Redirect URL has invalid syntax, given '#{params[:redirect_uri]}'"
47
+ return
38
48
  end
39
49
 
50
+ unless redirect_uri_parsed.fragment.nil?
51
+ callback_with_error "invalid_redirect_uri", "Redirect URL contains fragment, given '#{params[:redirect_uri]}'"
52
+ return
53
+ end
54
+
55
+
56
+ @redirect_urls.each do |known_redirect_url|
57
+ if known_redirect_url.end_with? "*"
58
+ if params[:redirect_uri].start_with? known_redirect_url[0..-2]
59
+ # Found!
60
+ return
61
+ end
62
+
63
+ else
64
+ if known_redirect_url == params[:redirect_uri]
65
+ # Found!
66
+ return
67
+ end
68
+ end
69
+ end
70
+
71
+ callback_with_error "unknown_redirect_uri", "Redirect URL mismatch (should be one of '#{@redirect_url}', given '#{params[:redirect_uri]}'"
72
+ return
73
+
40
74
  else
41
- callback_with_error "unknown_redirect_uri", "Unable to find redirect URL associated with app '#{@app_name}'"
75
+ callback_with_error "configuration_error", "Unable to find redirect URLs associated with app '#{@app_name}'"
76
+ return
42
77
  end
43
78
  end
44
79
 
@@ -49,10 +84,10 @@ class Leash::ProviderController < LeashController
49
84
  @client_secret = ENV["APP_#{@env_name}_OAUTH2_SECRET"]
50
85
  if @client_secret
51
86
  unless @client_secret == params[:client_secret]
52
- callback_with_error "invalid_secret", "Secret mismatch"
87
+ callback_with_error "unknown_secret", "Secret mismatch"
53
88
  end
54
89
  else
55
- callback_with_error "unknown_secret", "Unable to find secret associated with app '#{@app_name}'"
90
+ callback_with_error "configuration_error", "Unable to find secret associated with app '#{@app_name}'"
56
91
  end
57
92
  end
58
93
 
data/app/models/leash/provider/access_token.rb CHANGED
@@ -43,7 +43,7 @@ class Leash::Provider::AccessToken < Ohm::Model
43
43
  end
44
44
 
45
45
 
46
- def self.valid?(access_token)
46
+ def self.present?(access_token)
47
47
  self.find(access_token: access_token).size != 0
48
48
  end
49
49
 
@@ -77,4 +77,6 @@ class Leash::Provider::AccessToken < Ohm::Model
77
77
  def touch!
78
78
  update accessed_at: Time.now.to_i
79
79
  end
80
- end
80
+ end
81
+
82
+ ::Leash::Provider::AccessToken.redis = Redic.new(::Leash::Provider.redis_url)
data/app/models/leash/provider/auth_code.rb CHANGED
@@ -4,6 +4,7 @@ class Leash::Provider::AuthCode < Ohm::Model
4
4
  attribute :app_name
5
5
  attribute :auth_code
6
6
  attribute :owner
7
+ attribute :redirect_uri
7
8
  attribute :created_at
8
9
 
9
10
  index :owner
@@ -11,7 +12,7 @@ class Leash::Provider::AuthCode < Ohm::Model
11
12
  unique :auth_code
12
13
 
13
14
 
14
- def self.assign!(app_name, owner)
15
+ def self.assign!(app_name, owner, redirect_uri)
15
16
  tries = 0
16
17
  auth_code = nil
17
18
 
@@ -19,7 +20,7 @@ class Leash::Provider::AuthCode < Ohm::Model
19
20
  begin
20
21
  auth_code = SecureRandom.urlsafe_base64(32)
21
22
  timestamp = Time.now.to_i
22
- self.create app_name: app_name, owner: owner_key(owner), auth_code: auth_code, created_at: timestamp
23
+ self.create app_name: app_name, owner: owner_key(owner), auth_code: auth_code, redirect_uri: redirect_uri, created_at: timestamp
23
24
  break
24
25
 
25
26
  rescue Ohm::UniqueIndexViolation => e
@@ -33,7 +34,7 @@ class Leash::Provider::AuthCode < Ohm::Model
33
34
  end
34
35
 
35
36
 
36
- def self.valid?(auth_code)
37
+ def self.present?(auth_code)
37
38
  self.find(auth_code: auth_code).size != 0
38
39
  end
39
40
 
@@ -58,3 +59,5 @@ class Leash::Provider::AuthCode < Ohm::Model
58
59
  owner_klass.classify.constantize.find(owner_id)
59
60
  end
60
61
  end
62
+
63
+ ::Leash::Provider::AuthCode.redis = Redic.new(::Leash::Provider.redis_url)
data/lib/leash/provider/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  module Leash
2
2
  module Provider
3
- VERSION = "0.0.3"
3
+ VERSION = "0.0.4"
4
4
  end
5
5
  end
data/lib/leash_provider.rb CHANGED
@@ -20,11 +20,14 @@ module Leash
20
20
 
21
21
  def self.configure
22
22
  yield self
23
+
24
+ establish_connection!
23
25
  end
24
26
 
25
27
 
26
28
  def self.establish_connection!
27
- Ohm.redis = Redic.new(@@redis_url)
29
+ ::Leash::Provider::AccessToken.redis = Redic.new(@@redis_url)
30
+ ::Leash::Provider::AuthCode.redis = Redic.new(@@redis_url)
28
31
  end
29
32
  end
30
33
  end
data/spec/controllers/leash/provider/authorize_controller_spec.rb CHANGED
@@ -18,9 +18,12 @@ RSpec.describe Leash::Provider::AuthorizeController, :type => :controller do
18
18
  let(:valid_user_role) { "Admin" }
19
19
  let(:valid_client_id) { ENV["APP_TEST_OAUTH2_CLIENT_ID"] }
20
20
  let(:valid_redirect_uri) { ENV["APP_TEST_OAUTH2_REDIRECT_URL"] }
21
- let(:invalid_user_role) { "Ufo" }
22
- let(:invalid_client_id) { "098765" }
23
- let(:invalid_redirect_uri) { "http://whatever.com" }
21
+ let(:unknown_user_role) { "Ufo" }
22
+ let(:unknown_client_id) { "098765" }
23
+ let(:invalid_redirect_uri_syntax) { " http://whatever.com" }
24
+ let(:invalid_redirect_uri_fragment_empty) { "http://whatever.com#" }
25
+ let(:invalid_redirect_uri_fragment_present) { "http://whatever.com#abcd" }
26
+ let(:unknown_redirect_uri) { "http://whatever.com" }
24
27
  let(:authentication_route) { new_admin_session_path }
25
28
 
26
29
 
@@ -33,8 +36,8 @@ RSpec.describe Leash::Provider::AuthorizeController, :type => :controller do
33
36
  context "with all necessary params" do
34
37
  let(:params) { { user_role: user_role, response_type: response_type, client_id: client_id, redirect_uri: redirect_uri } }
35
38
 
36
- context "with invalid client_id" do
37
- let(:client_id) { invalid_client_id }
39
+ context "with unknown client_id" do
40
+ let(:client_id) { unknown_client_id }
38
41
 
39
42
  context "with valid redirect_uri" do
40
43
  let(:redirect_uri) { valid_redirect_uri }
@@ -60,8 +63,8 @@ RSpec.describe Leash::Provider::AuthorizeController, :type => :controller do
60
63
  context "with valid client_id" do
61
64
  let(:client_id) { valid_client_id }
62
65
 
63
- context "with invalid redirect_uri" do
64
- let(:redirect_uri) { invalid_redirect_uri }
66
+ context "with unknown redirect_uri" do
67
+ let(:redirect_uri) { unknown_redirect_uri }
65
68
 
66
69
  context "with valid user role" do
67
70
  let(:user_role) { valid_user_role }
@@ -74,8 +77,73 @@ RSpec.describe Leash::Provider::AuthorizeController, :type => :controller do
74
77
  expect(response.status).to eq 422
75
78
  end
76
79
 
77
- it "should return 'invalid_redirect_uri' in the response" do
78
- expect(response.body).to eq "invalid_redirect_uri"
80
+ it "should return 'unknown_redirect_uri' in the response" do
81
+ expect(response.body).to eq "unknown_redirect_uri"
82
+ end
83
+ end
84
+ end
85
+
86
+ context "with invalid redirect_uri" do
87
+ context "because it has invalid syntax" do
88
+ let(:redirect_uri) { invalid_redirect_uri_syntax }
89
+
90
+ context "with valid user role" do
91
+ let(:user_role) { valid_user_role }
92
+
93
+
94
+ before do
95
+ get :authorize, params
96
+ end
97
+
98
+ it "should return 422 status" do
99
+ expect(response.status).to eq 422
100
+ end
101
+
102
+ it "should return 'invalid_redirect_uri' in the response" do
103
+ expect(response.body).to eq "invalid_redirect_uri"
104
+ end
105
+ end
106
+ end
107
+
108
+ context "because it contains an empty fragment" do
109
+ let(:redirect_uri) { invalid_redirect_uri_fragment_empty }
110
+
111
+ context "with valid user role" do
112
+ let(:user_role) { valid_user_role }
113
+
114
+
115
+ before do
116
+ get :authorize, params
117
+ end
118
+
119
+ it "should return 422 status" do
120
+ expect(response.status).to eq 422
121
+ end
122
+
123
+ it "should return 'invalid_redirect_uri' in the response" do
124
+ expect(response.body).to eq "invalid_redirect_uri"
125
+ end
126
+ end
127
+ end
128
+
129
+ context "because it contains an non-empty fragment" do
130
+ let(:redirect_uri) { invalid_redirect_uri_fragment_present }
131
+
132
+ context "with valid user role" do
133
+ let(:user_role) { valid_user_role }
134
+
135
+
136
+ before do
137
+ get :authorize, params
138
+ end
139
+
140
+ it "should return 422 status" do
141
+ expect(response.status).to eq 422
142
+ end
143
+
144
+ it "should return 'invalid_redirect_uri' in the response" do
145
+ expect(response.body).to eq "invalid_redirect_uri"
146
+ end
79
147
  end
80
148
  end
81
149
  end
@@ -84,7 +152,7 @@ RSpec.describe Leash::Provider::AuthorizeController, :type => :controller do
84
152
  let(:redirect_uri) { valid_redirect_uri }
85
153
 
86
154
  context "but with unknown user_role" do
87
- let(:user_role) { invalid_user_role }
155
+ let(:user_role) { unknown_user_role }
88
156
 
89
157
  before do
90
158
  get :authorize, params
@@ -94,8 +162,8 @@ RSpec.describe Leash::Provider::AuthorizeController, :type => :controller do
94
162
  expect(response.status).to eq 422
95
163
  end
96
164
 
97
- it "should return 'invalid_user_role' in the response" do
98
- expect(response.body).to eq "invalid_user_role"
165
+ it "should return 'unknown_user_role' in the response" do
166
+ expect(response.body).to eq "unknown_user_role"
99
167
  end
100
168
  end
101
169
 
@@ -138,8 +206,8 @@ RSpec.describe Leash::Provider::AuthorizeController, :type => :controller do
138
206
  context "with all necessary params" do
139
207
  let(:params) { { user_role: user_role, response_type: response_type, client_id: client_id, redirect_uri: redirect_uri } }
140
208
 
141
- context "with invalid client_id" do
142
- let(:client_id) { invalid_client_id }
209
+ context "with unknown client_id" do
210
+ let(:client_id) { unknown_client_id }
143
211
 
144
212
  context "with valid redirect_uri" do
145
213
  let(:redirect_uri) { valid_redirect_uri }
@@ -165,8 +233,8 @@ RSpec.describe Leash::Provider::AuthorizeController, :type => :controller do
165
233
  context "with valid client_id" do
166
234
  let(:client_id) { valid_client_id }
167
235
 
168
- context "with invalid redirect_uri" do
169
- let(:redirect_uri) { invalid_redirect_uri }
236
+ context "with unknown redirect_uri" do
237
+ let(:redirect_uri) { unknown_redirect_uri }
170
238
 
171
239
  context "with valid user role" do
172
240
  let(:user_role) { valid_user_role }
@@ -175,24 +243,78 @@ RSpec.describe Leash::Provider::AuthorizeController, :type => :controller do
175
243
  get :authorize, params
176
244
  end
177
245
 
178
- it "should redirect to the first redirect_uri specified in the app with appended '#error=invalid_redirect_uri'" do
179
- expect(response).to redirect_to("#{valid_redirect_uri}#error=invalid_redirect_uri")
246
+ it "should redirect to the first redirect_uri specified in the app with appended '#error=unknown_redirect_uri'" do
247
+ expect(response).to redirect_to("#{valid_redirect_uri}#error=unknown_redirect_uri")
180
248
  end
181
249
  end
182
250
  end
183
251
 
252
+ context "with invalid redirect_uri" do
253
+ context "because it has invalid syntax" do
254
+ let(:redirect_uri) { invalid_redirect_uri_syntax }
255
+
256
+ context "with valid user role" do
257
+ let(:user_role) { valid_user_role }
258
+
259
+
260
+ before do
261
+ get :authorize, params
262
+ end
263
+
264
+ it "should redirect to the first redirect_uri specified in the app with appended '#error=invalid_redirect_uri'" do
265
+ expect(response).to redirect_to("#{valid_redirect_uri}#error=invalid_redirect_uri")
266
+ end
267
+ end
268
+ end
269
+
270
+ context "because it contains an empty fragment" do
271
+ let(:redirect_uri) { invalid_redirect_uri_fragment_empty }
272
+
273
+ context "with valid user role" do
274
+ let(:user_role) { valid_user_role }
275
+
276
+
277
+ before do
278
+ get :authorize, params
279
+ end
280
+
281
+ it "should redirect to the first redirect_uri specified in the app with appended '#error=invalid_redirect_uri'" do
282
+ expect(response).to redirect_to("#{valid_redirect_uri}#error=invalid_redirect_uri")
283
+ end
284
+ end
285
+ end
286
+
287
+ context "because it contains an non-empty fragment" do
288
+ let(:redirect_uri) { invalid_redirect_uri_fragment_present }
289
+
290
+ context "with valid user role" do
291
+ let(:user_role) { valid_user_role }
292
+
293
+
294
+ before do
295
+ get :authorize, params
296
+ end
297
+
298
+ it "should redirect to the first redirect_uri specified in the app with appended '#error=invalid_redirect_uri'" do
299
+ expect(response).to redirect_to("#{valid_redirect_uri}#error=invalid_redirect_uri")
300
+ end
301
+ end
302
+ end
303
+ end
304
+
305
+
184
306
  context "with valid redirect_uri" do
185
307
  let(:redirect_uri) { valid_redirect_uri }
186
308
 
187
309
  context "but with unknown user_role" do
188
- let(:user_role) { invalid_user_role }
310
+ let(:user_role) { unknown_user_role }
189
311
 
190
312
  before do
191
313
  get :authorize, params
192
314
  end
193
315
 
194
- it "should redirect to the first redirect_uri specified in the app with appended '#error=invalid_user_role'" do
195
- expect(response).to redirect_to("#{valid_redirect_uri}#error=invalid_user_role")
316
+ it "should redirect to the first redirect_uri specified in the app with appended '#error=unknown_user_role'" do
317
+ expect(response).to redirect_to("#{valid_redirect_uri}#error=unknown_user_role")
196
318
  end
197
319
  end
198
320
 
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: leash_provider
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.0.3
4
+ version: 0.0.4
5
5
  platform: ruby
6
6
  authors:
7
7
  - Marcin Lewandowski
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2015-06-19 00:00:00.000000000 Z
11
+ date: 2015-09-01 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: rails
@@ -148,7 +148,6 @@ files:
148
148
  - ".rspec"
149
149
  - ".travis.yml"
150
150
  - Gemfile
151
- - Gemfile.lock
152
151
  - README.md
153
152
  - Rakefile
154
153
  - app/controllers/leash/provider/authorize_controller.rb
data/Gemfile.lock DELETED
@@ -1,165 +0,0 @@
1
- PATH
2
- remote: .
3
- specs:
4
- leash_provider (0.0.2)
5
- devise
6
- ohm
7
- rails (~> 4.2)
8
-
9
- GEM
10
- remote: https://rubygems.org/
11
- specs:
12
- actionmailer (4.2.1)
13
- actionpack (= 4.2.1)
14
- actionview (= 4.2.1)
15
- activejob (= 4.2.1)
16
- mail (~> 2.5, >= 2.5.4)
17
- rails-dom-testing (~> 1.0, >= 1.0.5)
18
- actionpack (4.2.1)
19
- actionview (= 4.2.1)
20
- activesupport (= 4.2.1)
21
- rack (~> 1.6)
22
- rack-test (~> 0.6.2)
23
- rails-dom-testing (~> 1.0, >= 1.0.5)
24
- rails-html-sanitizer (~> 1.0, >= 1.0.1)
25
- actionview (4.2.1)
26
- activesupport (= 4.2.1)
27
- builder (~> 3.1)
28
- erubis (~> 2.7.0)
29
- rails-dom-testing (~> 1.0, >= 1.0.5)
30
- rails-html-sanitizer (~> 1.0, >= 1.0.1)
31
- activejob (4.2.1)
32
- activesupport (= 4.2.1)
33
- globalid (>= 0.3.0)
34
- activemodel (4.2.1)
35
- activesupport (= 4.2.1)
36
- builder (~> 3.1)
37
- activerecord (4.2.1)
38
- activemodel (= 4.2.1)
39
- activesupport (= 4.2.1)
40
- arel (~> 6.0)
41
- activesupport (4.2.1)
42
- i18n (~> 0.7)
43
- json (~> 1.7, >= 1.7.7)
44
- minitest (~> 5.1)
45
- thread_safe (~> 0.3, >= 0.3.4)
46
- tzinfo (~> 1.1)
47
- arel (6.0.0)
48
- bcrypt (3.1.10)
49
- builder (3.2.2)
50
- combustion (0.5.3)
51
- activesupport (>= 3.0.0)
52
- railties (>= 3.0.0)
53
- thor (>= 0.14.6)
54
- devise (3.4.1)
55
- bcrypt (~> 3.0)
56
- orm_adapter (~> 0.1)
57
- railties (>= 3.2.6, < 5)
58
- responders
59
- thread_safe (~> 0.1)
60
- warden (~> 1.2.3)
61
- diff-lcs (1.2.5)
62
- erubis (2.7.0)
63
- factory_girl (4.5.0)
64
- activesupport (>= 3.0.0)
65
- factory_girl_rails (4.5.0)
66
- factory_girl (~> 4.5.0)
67
- railties (>= 3.0.0)
68
- globalid (0.3.5)
69
- activesupport (>= 4.1.0)
70
- hiredis (0.6.0)
71
- i18n (0.7.0)
72
- json (1.8.2)
73
- loofah (2.0.2)
74
- nokogiri (>= 1.5.9)
75
- mail (2.6.3)
76
- mime-types (>= 1.16, < 3)
77
- mime-types (2.5)
78
- mini_portile (0.6.2)
79
- minitest (5.6.1)
80
- msgpack (0.5.12)
81
- nido (0.0.1)
82
- nokogiri (1.6.6.2)
83
- mini_portile (~> 0.6.0)
84
- ohm (2.2.0)
85
- msgpack
86
- nido
87
- redic
88
- stal
89
- orm_adapter (0.5.0)
90
- rack (1.6.1)
91
- rack-test (0.6.3)
92
- rack (>= 1.0)
93
- rails (4.2.1)
94
- actionmailer (= 4.2.1)
95
- actionpack (= 4.2.1)
96
- actionview (= 4.2.1)
97
- activejob (= 4.2.1)
98
- activemodel (= 4.2.1)
99
- activerecord (= 4.2.1)
100
- activesupport (= 4.2.1)
101
- bundler (>= 1.3.0, < 2.0)
102
- railties (= 4.2.1)
103
- sprockets-rails
104
- rails-deprecated_sanitizer (1.0.3)
105
- activesupport (>= 4.2.0.alpha)
106
- rails-dom-testing (1.0.6)
107
- activesupport (>= 4.2.0.beta, < 5.0)
108
- nokogiri (~> 1.6.0)
109
- rails-deprecated_sanitizer (>= 1.0.1)
110
- rails-html-sanitizer (1.0.2)
111
- loofah (~> 2.0)
112
- railties (4.2.1)
113
- actionpack (= 4.2.1)
114
- activesupport (= 4.2.1)
115
- rake (>= 0.8.7)
116
- thor (>= 0.18.1, < 2.0)
117
- rake (10.4.2)
118
- redic (1.5.0)
119
- hiredis
120
- responders (2.1.0)
121
- railties (>= 4.2.0, < 5)
122
- rspec-core (3.2.3)
123
- rspec-support (~> 3.2.0)
124
- rspec-expectations (3.2.1)
125
- diff-lcs (>= 1.2.0, < 2.0)
126
- rspec-support (~> 3.2.0)
127
- rspec-mocks (3.2.1)
128
- diff-lcs (>= 1.2.0, < 2.0)
129
- rspec-support (~> 3.2.0)
130
- rspec-rails (3.2.1)
131
- actionpack (>= 3.0, < 4.3)
132
- activesupport (>= 3.0, < 4.3)
133
- railties (>= 3.0, < 4.3)
134
- rspec-core (~> 3.2.0)
135
- rspec-expectations (~> 3.2.0)
136
- rspec-mocks (~> 3.2.0)
137
- rspec-support (~> 3.2.0)
138
- rspec-support (3.2.2)
139
- sprockets (3.1.0)
140
- rack (~> 1.0)
141
- sprockets-rails (2.3.1)
142
- actionpack (>= 3.0)
143
- activesupport (>= 3.0)
144
- sprockets (>= 2.8, < 4.0)
145
- sqlite3 (1.3.10)
146
- stal (0.1.0)
147
- redic
148
- thor (0.19.1)
149
- thread_safe (0.3.5)
150
- tzinfo (1.2.2)
151
- thread_safe (~> 0.1)
152
- warden (1.2.3)
153
- rack (>= 1.0)
154
-
155
- PLATFORMS
156
- ruby
157
-
158
- DEPENDENCIES
159
- bundler
160
- combustion (~> 0.5.3)
161
- factory_girl_rails (~> 4.0)
162
- leash_provider!
163
- rake
164
- rspec-rails
165
- sqlite3