multi_auth 0.0.1
Sign up to get free protection for your applications and to get access to all the features.
- data/README +36 -0
- data/app/controllers/application_controller.rb +11 -0
- data/app/controllers/auth/email_controller.rb +34 -0
- data/app/controllers/auth/open_id_controller.rb +43 -0
- data/app/controllers/auth_controller.rb +24 -0
- data/app/controllers/credentials/email_controller.rb +156 -0
- data/app/controllers/credentials/open_id_controller.rb +85 -0
- data/app/controllers/credentials_controller.rb +14 -0
- data/app/controllers/signup/email_controller.rb +132 -0
- data/app/controllers/signup/open_id_controller.rb +62 -0
- data/app/controllers/signup_controller.rb +8 -0
- data/app/helpers/application_helper.rb +5 -0
- data/app/models/activation_mailer.rb +114 -0
- data/app/models/email_credential.rb +89 -0
- data/app/models/email_credential_edit_form.rb +52 -0
- data/app/models/email_login_form.rb +24 -0
- data/app/models/email_password_edit_form.rb +36 -0
- data/app/models/open_id_credential.rb +33 -0
- data/app/models/open_id_login_form.rb +17 -0
- data/app/models/session.rb +19 -0
- data/app/models/user.rb +37 -0
- data/app/views/activation_mailer/complete_for_credential.erb +4 -0
- data/app/views/activation_mailer/complete_for_notice.erb +4 -0
- data/app/views/activation_mailer/complete_for_signup.erb +4 -0
- data/app/views/activation_mailer/request_for_credential.erb +11 -0
- data/app/views/activation_mailer/request_for_notice.erb +11 -0
- data/app/views/activation_mailer/request_for_signup.erb +11 -0
- data/app/views/auth/email/index.html.erb +90 -0
- data/app/views/auth/logged_in.html.erb +21 -0
- data/app/views/auth/logged_out.html.erb +21 -0
- data/app/views/auth/open_id/index.html.erb +16 -0
- data/app/views/credentials/email/activated.html.erb +4 -0
- data/app/views/credentials/email/activation.html.erb +15 -0
- data/app/views/credentials/email/created.html.erb +15 -0
- data/app/views/credentials/email/delete.html.erb +20 -0
- data/app/views/credentials/email/edit_password.html.erb +31 -0
- data/app/views/credentials/email/new.html.erb +36 -0
- data/app/views/credentials/index.html.erb +88 -0
- data/app/views/credentials/open_id/delete.html.erb +20 -0
- data/app/views/credentials/open_id/new.html.erb +26 -0
- data/app/views/signup/email/_progress.html.erb +14 -0
- data/app/views/signup/email/activated.html.erb +9 -0
- data/app/views/signup/email/activation.html.erb +27 -0
- data/app/views/signup/email/created.html.erb +14 -0
- data/app/views/signup/email/index.html.erb +34 -0
- data/app/views/signup/email/validated.html.erb +21 -0
- data/app/views/signup/index.html.erb +51 -0
- data/app/views/signup/open_id/authenticated.html.erb +15 -0
- data/app/views/signup/open_id/created.html.erb +6 -0
- data/app/views/signup/open_id/index.html.erb +16 -0
- data/config/boot.rb +110 -0
- data/config/database.yml +22 -0
- data/config/database.yml.sqlite3 +22 -0
- data/config/environment.rb +62 -0
- data/config/routes.rb +51 -0
- data/config/smtp.yml.example +8 -0
- data/db/development.sqlite3 +0 -0
- data/db/schema.rb +88 -0
- data/db/test.sqlite3 +0 -0
- data/lib/action_mailer_util.rb +15 -0
- data/lib/multi_auth.rb +64 -0
- data/lib/multi_auth_helper.rb +98 -0
- data/lib/notice_formatter.rb +106 -0
- data/lib/open_id_authentication/result.rb +12 -0
- data/lib/token_util.rb +18 -0
- data/public/404.html +92 -0
- data/public/422.html +91 -0
- data/public/500.html +92 -0
- data/public/503.html +92 -0
- data/public/favicon.ico +0 -0
- data/public/images/battery/cell.png +0 -0
- data/public/images/battery/level-green.png +0 -0
- data/public/images/battery/level-orange.png +0 -0
- data/public/images/battery/level-red.png +0 -0
- data/public/images/battery/level-yellow.png +0 -0
- data/public/images/battery/style.html +82 -0
- data/public/images/favicons/livedoor.png +0 -0
- data/public/images/favicons/mixi.png +0 -0
- data/public/images/favicons/yahoo.png +0 -0
- data/public/images/h1-back.png +0 -0
- data/public/images/icons/fam/add.png +0 -0
- data/public/images/icons/fam/bin.png +0 -0
- data/public/images/icons/fam/bomb.png +0 -0
- data/public/images/icons/fam/cog.png +0 -0
- data/public/images/icons/fam/delete.png +0 -0
- data/public/images/icons/fam/email-with-desc.png +0 -0
- data/public/images/icons/fam/email.png +0 -0
- data/public/images/icons/fam/feed.png +0 -0
- data/public/images/icons/fam/help.png +0 -0
- data/public/images/icons/fam/key-with-desc.png +0 -0
- data/public/images/icons/fam/key.png +0 -0
- data/public/images/icons/fam/lightning.png +0 -0
- data/public/images/icons/fam/plugin.png +0 -0
- data/public/images/icons/fam/stop.png +0 -0
- data/public/images/icons/fam/table_save.png +0 -0
- data/public/images/icons/fam/tick.png +0 -0
- data/public/images/icons/fam/user.png +0 -0
- data/public/images/icons/fam/vcard.png +0 -0
- data/public/images/icons/openid-with-desc.png +0 -0
- data/public/images/icons/openid.png +0 -0
- data/public/images/logo-back.png +0 -0
- data/public/images/logo.png +0 -0
- data/public/images/side-column-back.png +0 -0
- data/public/javascripts/application.js +2 -0
- data/public/javascripts/controls.js +963 -0
- data/public/javascripts/dragdrop.js +973 -0
- data/public/javascripts/effects.js +1128 -0
- data/public/javascripts/prototype.js +4320 -0
- data/public/robots.txt +5 -0
- data/public/stylesheets/application.css +365 -0
- data/public/stylesheets/auth.css +22 -0
- data/public/stylesheets/home.css +114 -0
- data/rails/init.rb +24 -0
- data/test/functional/auth/email_controller_test.rb +102 -0
- data/test/functional/auth/open_id_controller_test.rb +76 -0
- data/test/functional/auth_controller_test.rb +74 -0
- data/test/functional/credentials/email_controller_test.rb +488 -0
- data/test/functional/credentials/open_id_controller_test.rb +308 -0
- data/test/functional/credentials_controller_test.rb +49 -0
- data/test/functional/signup/email_controller_test.rb +369 -0
- data/test/functional/signup/open_id_controller_test.rb +44 -0
- data/test/functional/signup_controller_test.rb +17 -0
- data/test/performance/browsing_test.rb +9 -0
- data/test/test_helper.rb +82 -0
- data/test/unit/action_mailer_util_test.rb +63 -0
- data/test/unit/activation_mailer_test.rb +181 -0
- data/test/unit/email_credential_edit_form_test.rb +173 -0
- data/test/unit/email_credential_test.rb +324 -0
- data/test/unit/email_login_form_test.rb +76 -0
- data/test/unit/email_password_edit_form_test.rb +117 -0
- data/test/unit/helpers/auth_helper_test.rb +4 -0
- data/test/unit/helpers/credentials/email_helper_test.rb +4 -0
- data/test/unit/helpers/credentials/open_id_helper_test.rb +4 -0
- data/test/unit/helpers/credentials_helper_test.rb +4 -0
- data/test/unit/helpers/email_auth_helper_test.rb +4 -0
- data/test/unit/helpers/email_signup_helper_test.rb +4 -0
- data/test/unit/helpers/open_id_auth_helper_test.rb +4 -0
- data/test/unit/helpers/open_id_signup_helper_test.rb +4 -0
- data/test/unit/helpers/password_auth_helper_test.rb +4 -0
- data/test/unit/helpers/password_signup_helper_test.rb +4 -0
- data/test/unit/helpers/signup_helper_test.rb +4 -0
- data/test/unit/notice_formatter_test.rb +153 -0
- data/test/unit/open_id_credential_test.rb +108 -0
- data/test/unit/open_id_login_form_test.rb +57 -0
- data/test/unit/session_test.rb +53 -0
- data/test/unit/token_util_test.rb +51 -0
- data/test/unit/user_test.rb +177 -0
- metadata +220 -0
@@ -0,0 +1,308 @@
|
|
1
|
+
# -*- coding: utf-8 -*-
|
2
|
+
|
3
|
+
require 'test_helper'
|
4
|
+
|
5
|
+
class Credentials::OpenIdControllerTest < ActionController::TestCase
|
6
|
+
def setup
|
7
|
+
@yuya = users(:yuya)
|
8
|
+
@yuya_livedoor = open_id_credentials(:yuya_livedoor)
|
9
|
+
@shinya_example = open_id_credentials(:shinya_example)
|
10
|
+
|
11
|
+
@login_form = OpenIdLoginForm.new(
|
12
|
+
:openid_url => "livedoor.com")
|
13
|
+
|
14
|
+
session_login(@yuya)
|
15
|
+
end
|
16
|
+
|
17
|
+
test "routes" do
|
18
|
+
base = {:controller => "credentials/open_id"}
|
19
|
+
|
20
|
+
assert_routing("/credentials/open_id/new", base.merge(:action => "new"))
|
21
|
+
assert_routing("/credentials/open_id/create", base.merge(:action => "create"))
|
22
|
+
|
23
|
+
assert_routing("/credential/open_id/1234567890/delete", base.merge(:action => "delete", :open_id_credential_id => "1234567890"))
|
24
|
+
assert_routing("/credential/open_id/1234567890/destroy", base.merge(:action => "destroy", :open_id_credential_id => "1234567890"))
|
25
|
+
end
|
26
|
+
|
27
|
+
test "GET new" do
|
28
|
+
get :new
|
29
|
+
|
30
|
+
assert_response(:success)
|
31
|
+
assert_template("new")
|
32
|
+
assert_flash_empty
|
33
|
+
assert_logged_in(@yuya)
|
34
|
+
|
35
|
+
assert_equal(
|
36
|
+
OpenIdLoginForm.new.attributes,
|
37
|
+
assigns(:login_form).attributes)
|
38
|
+
end
|
39
|
+
|
40
|
+
test "GET new, abnormal, no login" do
|
41
|
+
session_logout
|
42
|
+
|
43
|
+
get :new
|
44
|
+
|
45
|
+
assert_response(:redirect)
|
46
|
+
assert_redirected_to(root_path)
|
47
|
+
assert_flash_error
|
48
|
+
end
|
49
|
+
|
50
|
+
# MEMO: 実際にエンドポイントにアクセスに行く(インターネットへのアクセスが発生)
|
51
|
+
test "POST create(begin)" do
|
52
|
+
musha = Kagemusha.new(ActionController::Base).
|
53
|
+
def(:open_id_redirect_url) { "http://openid/providor" }
|
54
|
+
|
55
|
+
musha.swap {
|
56
|
+
post :create, :login_form => @login_form.attributes
|
57
|
+
}
|
58
|
+
|
59
|
+
assert_response(:redirect)
|
60
|
+
assert_redirected_to("http://openid/providor")
|
61
|
+
assert_flash_empty
|
62
|
+
assert_logged_in(@yuya)
|
63
|
+
|
64
|
+
assert_equal(@login_form.attributes, assigns(:login_form).attributes)
|
65
|
+
assert_equal(nil, assigns(:status))
|
66
|
+
end
|
67
|
+
|
68
|
+
test "POST create(begin), invalid form" do
|
69
|
+
@login_form.openid_url = nil
|
70
|
+
|
71
|
+
post :create, :login_form => @login_form.attributes
|
72
|
+
|
73
|
+
assert_response(:success)
|
74
|
+
assert_template("new")
|
75
|
+
assert_flash_error
|
76
|
+
end
|
77
|
+
|
78
|
+
test "POST create(begin), result is invalid" do
|
79
|
+
musha = Kagemusha.new(ActionController::Base).
|
80
|
+
def(:normalize_identifier) { raise(OpenIdAuthentication::InvalidOpenId) }
|
81
|
+
|
82
|
+
musha.swap {
|
83
|
+
post :create, :login_form => @login_form.attributes
|
84
|
+
}
|
85
|
+
|
86
|
+
assert_response(:success)
|
87
|
+
assert_template("new")
|
88
|
+
assert_flash_error
|
89
|
+
|
90
|
+
assert_equal(:invalid, assigns(:status))
|
91
|
+
end
|
92
|
+
|
93
|
+
test "POST create(begin), result is missing" do
|
94
|
+
musha = Kagemusha.new(ActionController::Base).
|
95
|
+
def(:normalize_identifier) { raise(OpenID::OpenIDError) }
|
96
|
+
|
97
|
+
musha.swap {
|
98
|
+
post :create, :login_form => @login_form.attributes
|
99
|
+
}
|
100
|
+
|
101
|
+
assert_response(:success)
|
102
|
+
assert_template("new")
|
103
|
+
assert_flash_error
|
104
|
+
|
105
|
+
assert_equal(:missing, assigns(:status))
|
106
|
+
end
|
107
|
+
|
108
|
+
test "GET create(complete)" do
|
109
|
+
identity_url = "http://openid/"
|
110
|
+
musha = create_openid_musha(identity_url, OpenID::Consumer::SUCCESS)
|
111
|
+
|
112
|
+
assert_difference("OpenIdCredential.count", +1) {
|
113
|
+
musha.swap {
|
114
|
+
get :create, :open_id_complete => "1"
|
115
|
+
}
|
116
|
+
}
|
117
|
+
|
118
|
+
assert_response(:redirect)
|
119
|
+
assert_redirected_to(:controller => "/credentials", :action => "index")
|
120
|
+
assert_flash_notice
|
121
|
+
|
122
|
+
assert_equal(:successful, assigns(:status))
|
123
|
+
|
124
|
+
assigns(:open_id_credential).reload
|
125
|
+
assert_equal(@yuya.id, assigns(:open_id_credential).user_id)
|
126
|
+
assert_equal(identity_url, assigns(:open_id_credential).identity_url)
|
127
|
+
end
|
128
|
+
|
129
|
+
test "GET create(complete), already exists" do
|
130
|
+
identity_url = open_id_credentials(:yuya_livedoor).identity_url
|
131
|
+
musha = create_openid_musha(identity_url, OpenID::Consumer::SUCCESS)
|
132
|
+
|
133
|
+
musha.swap {
|
134
|
+
get :create, :open_id_complete => "1"
|
135
|
+
}
|
136
|
+
|
137
|
+
assert_response(:success)
|
138
|
+
assert_template("new")
|
139
|
+
assert_flash_error
|
140
|
+
|
141
|
+
assert_equal(identity_url, assigns(:login_form).openid_url)
|
142
|
+
assert_equal(:successful, assigns(:status))
|
143
|
+
end
|
144
|
+
|
145
|
+
test "GET create(complete), result is canceled" do
|
146
|
+
identity_url = "http://openid/"
|
147
|
+
musha = create_openid_musha(identity_url, OpenID::Consumer::CANCEL)
|
148
|
+
|
149
|
+
musha.swap {
|
150
|
+
get :create, :open_id_complete => "1"
|
151
|
+
}
|
152
|
+
|
153
|
+
assert_response(:success)
|
154
|
+
assert_template("new")
|
155
|
+
assert_flash_error
|
156
|
+
|
157
|
+
assert_equal(identity_url, assigns(:login_form).openid_url)
|
158
|
+
assert_equal(:canceled, assigns(:status))
|
159
|
+
end
|
160
|
+
|
161
|
+
test "GET create(complete), result is failed" do
|
162
|
+
musha = create_openid_musha("http://openid/", OpenID::Consumer::FAILURE)
|
163
|
+
|
164
|
+
musha.swap {
|
165
|
+
get :create, :open_id_complete => "1"
|
166
|
+
}
|
167
|
+
|
168
|
+
assert_response(:success)
|
169
|
+
assert_template("new")
|
170
|
+
assert_flash_error
|
171
|
+
|
172
|
+
assert_equal(:failed, assigns(:status))
|
173
|
+
end
|
174
|
+
|
175
|
+
test "GET create(complete), result is setup needed" do
|
176
|
+
musha = create_openid_musha("http://openid/", OpenID::Consumer::SETUP_NEEDED)
|
177
|
+
|
178
|
+
musha.swap {
|
179
|
+
get :create, :open_id_complete => "1"
|
180
|
+
}
|
181
|
+
|
182
|
+
assert_response(:success)
|
183
|
+
assert_template("new")
|
184
|
+
assert_flash_error
|
185
|
+
|
186
|
+
assert_equal(:setup_needed, assigns(:status))
|
187
|
+
end
|
188
|
+
|
189
|
+
test "POST create, abnormal, no login" do
|
190
|
+
session_logout
|
191
|
+
|
192
|
+
post :create
|
193
|
+
|
194
|
+
assert_response(:redirect)
|
195
|
+
assert_redirected_to(root_path)
|
196
|
+
assert_flash_error
|
197
|
+
end
|
198
|
+
|
199
|
+
test "GET delete" do
|
200
|
+
get :delete, :open_id_credential_id => @yuya_livedoor.id
|
201
|
+
|
202
|
+
assert_response(:success)
|
203
|
+
assert_template("delete")
|
204
|
+
assert_flash_empty
|
205
|
+
assert_logged_in(@yuya)
|
206
|
+
|
207
|
+
assert_equal(@yuya_livedoor, assigns(:open_id_credential))
|
208
|
+
end
|
209
|
+
|
210
|
+
test "GET delete, abnormal, no login" do
|
211
|
+
session_logout
|
212
|
+
|
213
|
+
get :delete, :open_id_credential_id => @yuya_livedoor.id
|
214
|
+
|
215
|
+
assert_response(:redirect)
|
216
|
+
assert_redirected_to(root_path)
|
217
|
+
assert_flash_error
|
218
|
+
end
|
219
|
+
|
220
|
+
test "GET delete, abnormal, invalid openid credential id" do
|
221
|
+
get :delete, :open_id_credential_id => "0"
|
222
|
+
|
223
|
+
assert_response(:redirect)
|
224
|
+
assert_redirected_to(root_path)
|
225
|
+
assert_flash_error
|
226
|
+
end
|
227
|
+
|
228
|
+
test "GET delete, abnormal, other's openid credential" do
|
229
|
+
get :delete, :open_id_credential_id => @shinya_example.id
|
230
|
+
|
231
|
+
assert_response(:redirect)
|
232
|
+
assert_redirected_to(root_path)
|
233
|
+
assert_flash_error
|
234
|
+
end
|
235
|
+
|
236
|
+
test "POST destroy" do
|
237
|
+
assert_difference("OpenIdCredential.count", -1) {
|
238
|
+
post :destroy, :open_id_credential_id => @yuya_livedoor.id
|
239
|
+
}
|
240
|
+
|
241
|
+
assert_response(:redirect)
|
242
|
+
assert_redirected_to(:controller => "/credentials", :action => "index")
|
243
|
+
assert_flash_notice
|
244
|
+
assert_logged_in(@yuya)
|
245
|
+
|
246
|
+
assert_equal(@yuya_livedoor, assigns(:open_id_credential))
|
247
|
+
|
248
|
+
assert_equal(nil, OpenIdCredential.find_by_id(@yuya_livedoor.id))
|
249
|
+
end
|
250
|
+
|
251
|
+
test "GET destroy, abnormal, method not allowed" do
|
252
|
+
get :destroy, :open_id_credential_id => @yuya_livedoor.id
|
253
|
+
|
254
|
+
assert_response(405)
|
255
|
+
assert_template(nil)
|
256
|
+
end
|
257
|
+
|
258
|
+
test "POST destroy, abnormal, no login" do
|
259
|
+
session_logout
|
260
|
+
|
261
|
+
post :destroy, :open_id_credential_id => @yuya_livedoor.id
|
262
|
+
|
263
|
+
assert_response(:redirect)
|
264
|
+
assert_redirected_to(root_path)
|
265
|
+
assert_flash_error
|
266
|
+
end
|
267
|
+
|
268
|
+
test "POST destroy, abnormal, invalid openid credential id" do
|
269
|
+
post :destroy, :open_id_credential_id => "0"
|
270
|
+
|
271
|
+
assert_response(:redirect)
|
272
|
+
assert_redirected_to(root_path)
|
273
|
+
assert_flash_error
|
274
|
+
end
|
275
|
+
|
276
|
+
test "POST destroy, abnormal, other's openid credential" do
|
277
|
+
post :destroy, :open_id_credential_id => @shinya_example.id
|
278
|
+
|
279
|
+
assert_response(:redirect)
|
280
|
+
assert_redirected_to(root_path)
|
281
|
+
assert_flash_error
|
282
|
+
end
|
283
|
+
|
284
|
+
private
|
285
|
+
|
286
|
+
def create_openid_musha(identity_url, status)
|
287
|
+
composite = Kagemusha::Composite.new
|
288
|
+
|
289
|
+
composite << Kagemusha.new(ActionController::Base).
|
290
|
+
def(:timeout_protection_from_identity_server) {
|
291
|
+
obj = Object.new
|
292
|
+
meta = (class << obj; self; end)
|
293
|
+
meta.__send__(:define_method, :identity_url) { identity_url }
|
294
|
+
meta.__send__(:define_method, :display_identifier) { identity_url }
|
295
|
+
meta.__send__(:define_method, :status) { status }
|
296
|
+
meta.__send__(:define_method, :setup_url) { nil }
|
297
|
+
obj
|
298
|
+
}
|
299
|
+
|
300
|
+
composite << Kagemusha.new(OpenID::SReg::Response).
|
301
|
+
defs(:from_success_response) { nil }
|
302
|
+
|
303
|
+
composite << Kagemusha.new(OpenID::AX::FetchResponse).
|
304
|
+
defs(:from_success_response) { nil }
|
305
|
+
|
306
|
+
return composite
|
307
|
+
end
|
308
|
+
end
|
@@ -0,0 +1,49 @@
|
|
1
|
+
|
2
|
+
require 'test_helper'
|
3
|
+
|
4
|
+
class CredentialsControllerTest < ActionController::TestCase
|
5
|
+
def setup
|
6
|
+
@yuya = users(:yuya)
|
7
|
+
|
8
|
+
session_login(@yuya)
|
9
|
+
end
|
10
|
+
|
11
|
+
test "routes" do
|
12
|
+
base = {:controller => "credentials"}
|
13
|
+
|
14
|
+
assert_routing("/credentials", base.merge(:action => "index"))
|
15
|
+
end
|
16
|
+
|
17
|
+
test "GET index" do
|
18
|
+
get :index
|
19
|
+
|
20
|
+
assert_response(:success)
|
21
|
+
assert_template("index")
|
22
|
+
assert_flash_empty
|
23
|
+
assert_logged_in(@yuya)
|
24
|
+
|
25
|
+
open_id_credentials = assigns(:open_id_credentials)
|
26
|
+
assert_equal(@yuya.open_id_credentials.size, open_id_credentials.size)
|
27
|
+
assert_equal(true, open_id_credentials.all? { |o| o.user == @yuya })
|
28
|
+
assert_equal(
|
29
|
+
open_id_credentials.sort_by(&:identity_url),
|
30
|
+
open_id_credentials)
|
31
|
+
|
32
|
+
email_credentials = assigns(:email_credentials)
|
33
|
+
assert_equal(@yuya.email_credentials.size, email_credentials.size)
|
34
|
+
assert_equal(true, email_credentials.all? { |e| e.user == @yuya})
|
35
|
+
assert_equal(
|
36
|
+
email_credentials.sort_by(&:email),
|
37
|
+
email_credentials)
|
38
|
+
end
|
39
|
+
|
40
|
+
test "GET index, abnormal, no login" do
|
41
|
+
session_logout
|
42
|
+
|
43
|
+
get :index
|
44
|
+
|
45
|
+
assert_response(:redirect)
|
46
|
+
assert_redirected_to(root_path)
|
47
|
+
assert_flash_error
|
48
|
+
end
|
49
|
+
end
|