multi_auth 0.0.1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (148) hide show
  1. data/README +36 -0
  2. data/app/controllers/application_controller.rb +11 -0
  3. data/app/controllers/auth/email_controller.rb +34 -0
  4. data/app/controllers/auth/open_id_controller.rb +43 -0
  5. data/app/controllers/auth_controller.rb +24 -0
  6. data/app/controllers/credentials/email_controller.rb +156 -0
  7. data/app/controllers/credentials/open_id_controller.rb +85 -0
  8. data/app/controllers/credentials_controller.rb +14 -0
  9. data/app/controllers/signup/email_controller.rb +132 -0
  10. data/app/controllers/signup/open_id_controller.rb +62 -0
  11. data/app/controllers/signup_controller.rb +8 -0
  12. data/app/helpers/application_helper.rb +5 -0
  13. data/app/models/activation_mailer.rb +114 -0
  14. data/app/models/email_credential.rb +89 -0
  15. data/app/models/email_credential_edit_form.rb +52 -0
  16. data/app/models/email_login_form.rb +24 -0
  17. data/app/models/email_password_edit_form.rb +36 -0
  18. data/app/models/open_id_credential.rb +33 -0
  19. data/app/models/open_id_login_form.rb +17 -0
  20. data/app/models/session.rb +19 -0
  21. data/app/models/user.rb +37 -0
  22. data/app/views/activation_mailer/complete_for_credential.erb +4 -0
  23. data/app/views/activation_mailer/complete_for_notice.erb +4 -0
  24. data/app/views/activation_mailer/complete_for_signup.erb +4 -0
  25. data/app/views/activation_mailer/request_for_credential.erb +11 -0
  26. data/app/views/activation_mailer/request_for_notice.erb +11 -0
  27. data/app/views/activation_mailer/request_for_signup.erb +11 -0
  28. data/app/views/auth/email/index.html.erb +90 -0
  29. data/app/views/auth/logged_in.html.erb +21 -0
  30. data/app/views/auth/logged_out.html.erb +21 -0
  31. data/app/views/auth/open_id/index.html.erb +16 -0
  32. data/app/views/credentials/email/activated.html.erb +4 -0
  33. data/app/views/credentials/email/activation.html.erb +15 -0
  34. data/app/views/credentials/email/created.html.erb +15 -0
  35. data/app/views/credentials/email/delete.html.erb +20 -0
  36. data/app/views/credentials/email/edit_password.html.erb +31 -0
  37. data/app/views/credentials/email/new.html.erb +36 -0
  38. data/app/views/credentials/index.html.erb +88 -0
  39. data/app/views/credentials/open_id/delete.html.erb +20 -0
  40. data/app/views/credentials/open_id/new.html.erb +26 -0
  41. data/app/views/signup/email/_progress.html.erb +14 -0
  42. data/app/views/signup/email/activated.html.erb +9 -0
  43. data/app/views/signup/email/activation.html.erb +27 -0
  44. data/app/views/signup/email/created.html.erb +14 -0
  45. data/app/views/signup/email/index.html.erb +34 -0
  46. data/app/views/signup/email/validated.html.erb +21 -0
  47. data/app/views/signup/index.html.erb +51 -0
  48. data/app/views/signup/open_id/authenticated.html.erb +15 -0
  49. data/app/views/signup/open_id/created.html.erb +6 -0
  50. data/app/views/signup/open_id/index.html.erb +16 -0
  51. data/config/boot.rb +110 -0
  52. data/config/database.yml +22 -0
  53. data/config/database.yml.sqlite3 +22 -0
  54. data/config/environment.rb +62 -0
  55. data/config/routes.rb +51 -0
  56. data/config/smtp.yml.example +8 -0
  57. data/db/development.sqlite3 +0 -0
  58. data/db/schema.rb +88 -0
  59. data/db/test.sqlite3 +0 -0
  60. data/lib/action_mailer_util.rb +15 -0
  61. data/lib/multi_auth.rb +64 -0
  62. data/lib/multi_auth_helper.rb +98 -0
  63. data/lib/notice_formatter.rb +106 -0
  64. data/lib/open_id_authentication/result.rb +12 -0
  65. data/lib/token_util.rb +18 -0
  66. data/public/404.html +92 -0
  67. data/public/422.html +91 -0
  68. data/public/500.html +92 -0
  69. data/public/503.html +92 -0
  70. data/public/favicon.ico +0 -0
  71. data/public/images/battery/cell.png +0 -0
  72. data/public/images/battery/level-green.png +0 -0
  73. data/public/images/battery/level-orange.png +0 -0
  74. data/public/images/battery/level-red.png +0 -0
  75. data/public/images/battery/level-yellow.png +0 -0
  76. data/public/images/battery/style.html +82 -0
  77. data/public/images/favicons/livedoor.png +0 -0
  78. data/public/images/favicons/mixi.png +0 -0
  79. data/public/images/favicons/yahoo.png +0 -0
  80. data/public/images/h1-back.png +0 -0
  81. data/public/images/icons/fam/add.png +0 -0
  82. data/public/images/icons/fam/bin.png +0 -0
  83. data/public/images/icons/fam/bomb.png +0 -0
  84. data/public/images/icons/fam/cog.png +0 -0
  85. data/public/images/icons/fam/delete.png +0 -0
  86. data/public/images/icons/fam/email-with-desc.png +0 -0
  87. data/public/images/icons/fam/email.png +0 -0
  88. data/public/images/icons/fam/feed.png +0 -0
  89. data/public/images/icons/fam/help.png +0 -0
  90. data/public/images/icons/fam/key-with-desc.png +0 -0
  91. data/public/images/icons/fam/key.png +0 -0
  92. data/public/images/icons/fam/lightning.png +0 -0
  93. data/public/images/icons/fam/plugin.png +0 -0
  94. data/public/images/icons/fam/stop.png +0 -0
  95. data/public/images/icons/fam/table_save.png +0 -0
  96. data/public/images/icons/fam/tick.png +0 -0
  97. data/public/images/icons/fam/user.png +0 -0
  98. data/public/images/icons/fam/vcard.png +0 -0
  99. data/public/images/icons/openid-with-desc.png +0 -0
  100. data/public/images/icons/openid.png +0 -0
  101. data/public/images/logo-back.png +0 -0
  102. data/public/images/logo.png +0 -0
  103. data/public/images/side-column-back.png +0 -0
  104. data/public/javascripts/application.js +2 -0
  105. data/public/javascripts/controls.js +963 -0
  106. data/public/javascripts/dragdrop.js +973 -0
  107. data/public/javascripts/effects.js +1128 -0
  108. data/public/javascripts/prototype.js +4320 -0
  109. data/public/robots.txt +5 -0
  110. data/public/stylesheets/application.css +365 -0
  111. data/public/stylesheets/auth.css +22 -0
  112. data/public/stylesheets/home.css +114 -0
  113. data/rails/init.rb +24 -0
  114. data/test/functional/auth/email_controller_test.rb +102 -0
  115. data/test/functional/auth/open_id_controller_test.rb +76 -0
  116. data/test/functional/auth_controller_test.rb +74 -0
  117. data/test/functional/credentials/email_controller_test.rb +488 -0
  118. data/test/functional/credentials/open_id_controller_test.rb +308 -0
  119. data/test/functional/credentials_controller_test.rb +49 -0
  120. data/test/functional/signup/email_controller_test.rb +369 -0
  121. data/test/functional/signup/open_id_controller_test.rb +44 -0
  122. data/test/functional/signup_controller_test.rb +17 -0
  123. data/test/performance/browsing_test.rb +9 -0
  124. data/test/test_helper.rb +82 -0
  125. data/test/unit/action_mailer_util_test.rb +63 -0
  126. data/test/unit/activation_mailer_test.rb +181 -0
  127. data/test/unit/email_credential_edit_form_test.rb +173 -0
  128. data/test/unit/email_credential_test.rb +324 -0
  129. data/test/unit/email_login_form_test.rb +76 -0
  130. data/test/unit/email_password_edit_form_test.rb +117 -0
  131. data/test/unit/helpers/auth_helper_test.rb +4 -0
  132. data/test/unit/helpers/credentials/email_helper_test.rb +4 -0
  133. data/test/unit/helpers/credentials/open_id_helper_test.rb +4 -0
  134. data/test/unit/helpers/credentials_helper_test.rb +4 -0
  135. data/test/unit/helpers/email_auth_helper_test.rb +4 -0
  136. data/test/unit/helpers/email_signup_helper_test.rb +4 -0
  137. data/test/unit/helpers/open_id_auth_helper_test.rb +4 -0
  138. data/test/unit/helpers/open_id_signup_helper_test.rb +4 -0
  139. data/test/unit/helpers/password_auth_helper_test.rb +4 -0
  140. data/test/unit/helpers/password_signup_helper_test.rb +4 -0
  141. data/test/unit/helpers/signup_helper_test.rb +4 -0
  142. data/test/unit/notice_formatter_test.rb +153 -0
  143. data/test/unit/open_id_credential_test.rb +108 -0
  144. data/test/unit/open_id_login_form_test.rb +57 -0
  145. data/test/unit/session_test.rb +53 -0
  146. data/test/unit/token_util_test.rb +51 -0
  147. data/test/unit/user_test.rb +177 -0
  148. metadata +220 -0
@@ -0,0 +1,308 @@
1
+ # -*- coding: utf-8 -*-
2
+
3
+ require 'test_helper'
4
+
5
+ class Credentials::OpenIdControllerTest < ActionController::TestCase
6
+ def setup
7
+ @yuya = users(:yuya)
8
+ @yuya_livedoor = open_id_credentials(:yuya_livedoor)
9
+ @shinya_example = open_id_credentials(:shinya_example)
10
+
11
+ @login_form = OpenIdLoginForm.new(
12
+ :openid_url => "livedoor.com")
13
+
14
+ session_login(@yuya)
15
+ end
16
+
17
+ test "routes" do
18
+ base = {:controller => "credentials/open_id"}
19
+
20
+ assert_routing("/credentials/open_id/new", base.merge(:action => "new"))
21
+ assert_routing("/credentials/open_id/create", base.merge(:action => "create"))
22
+
23
+ assert_routing("/credential/open_id/1234567890/delete", base.merge(:action => "delete", :open_id_credential_id => "1234567890"))
24
+ assert_routing("/credential/open_id/1234567890/destroy", base.merge(:action => "destroy", :open_id_credential_id => "1234567890"))
25
+ end
26
+
27
+ test "GET new" do
28
+ get :new
29
+
30
+ assert_response(:success)
31
+ assert_template("new")
32
+ assert_flash_empty
33
+ assert_logged_in(@yuya)
34
+
35
+ assert_equal(
36
+ OpenIdLoginForm.new.attributes,
37
+ assigns(:login_form).attributes)
38
+ end
39
+
40
+ test "GET new, abnormal, no login" do
41
+ session_logout
42
+
43
+ get :new
44
+
45
+ assert_response(:redirect)
46
+ assert_redirected_to(root_path)
47
+ assert_flash_error
48
+ end
49
+
50
+ # MEMO: 実際にエンドポイントにアクセスに行く(インターネットへのアクセスが発生)
51
+ test "POST create(begin)" do
52
+ musha = Kagemusha.new(ActionController::Base).
53
+ def(:open_id_redirect_url) { "http://openid/providor" }
54
+
55
+ musha.swap {
56
+ post :create, :login_form => @login_form.attributes
57
+ }
58
+
59
+ assert_response(:redirect)
60
+ assert_redirected_to("http://openid/providor")
61
+ assert_flash_empty
62
+ assert_logged_in(@yuya)
63
+
64
+ assert_equal(@login_form.attributes, assigns(:login_form).attributes)
65
+ assert_equal(nil, assigns(:status))
66
+ end
67
+
68
+ test "POST create(begin), invalid form" do
69
+ @login_form.openid_url = nil
70
+
71
+ post :create, :login_form => @login_form.attributes
72
+
73
+ assert_response(:success)
74
+ assert_template("new")
75
+ assert_flash_error
76
+ end
77
+
78
+ test "POST create(begin), result is invalid" do
79
+ musha = Kagemusha.new(ActionController::Base).
80
+ def(:normalize_identifier) { raise(OpenIdAuthentication::InvalidOpenId) }
81
+
82
+ musha.swap {
83
+ post :create, :login_form => @login_form.attributes
84
+ }
85
+
86
+ assert_response(:success)
87
+ assert_template("new")
88
+ assert_flash_error
89
+
90
+ assert_equal(:invalid, assigns(:status))
91
+ end
92
+
93
+ test "POST create(begin), result is missing" do
94
+ musha = Kagemusha.new(ActionController::Base).
95
+ def(:normalize_identifier) { raise(OpenID::OpenIDError) }
96
+
97
+ musha.swap {
98
+ post :create, :login_form => @login_form.attributes
99
+ }
100
+
101
+ assert_response(:success)
102
+ assert_template("new")
103
+ assert_flash_error
104
+
105
+ assert_equal(:missing, assigns(:status))
106
+ end
107
+
108
+ test "GET create(complete)" do
109
+ identity_url = "http://openid/"
110
+ musha = create_openid_musha(identity_url, OpenID::Consumer::SUCCESS)
111
+
112
+ assert_difference("OpenIdCredential.count", +1) {
113
+ musha.swap {
114
+ get :create, :open_id_complete => "1"
115
+ }
116
+ }
117
+
118
+ assert_response(:redirect)
119
+ assert_redirected_to(:controller => "/credentials", :action => "index")
120
+ assert_flash_notice
121
+
122
+ assert_equal(:successful, assigns(:status))
123
+
124
+ assigns(:open_id_credential).reload
125
+ assert_equal(@yuya.id, assigns(:open_id_credential).user_id)
126
+ assert_equal(identity_url, assigns(:open_id_credential).identity_url)
127
+ end
128
+
129
+ test "GET create(complete), already exists" do
130
+ identity_url = open_id_credentials(:yuya_livedoor).identity_url
131
+ musha = create_openid_musha(identity_url, OpenID::Consumer::SUCCESS)
132
+
133
+ musha.swap {
134
+ get :create, :open_id_complete => "1"
135
+ }
136
+
137
+ assert_response(:success)
138
+ assert_template("new")
139
+ assert_flash_error
140
+
141
+ assert_equal(identity_url, assigns(:login_form).openid_url)
142
+ assert_equal(:successful, assigns(:status))
143
+ end
144
+
145
+ test "GET create(complete), result is canceled" do
146
+ identity_url = "http://openid/"
147
+ musha = create_openid_musha(identity_url, OpenID::Consumer::CANCEL)
148
+
149
+ musha.swap {
150
+ get :create, :open_id_complete => "1"
151
+ }
152
+
153
+ assert_response(:success)
154
+ assert_template("new")
155
+ assert_flash_error
156
+
157
+ assert_equal(identity_url, assigns(:login_form).openid_url)
158
+ assert_equal(:canceled, assigns(:status))
159
+ end
160
+
161
+ test "GET create(complete), result is failed" do
162
+ musha = create_openid_musha("http://openid/", OpenID::Consumer::FAILURE)
163
+
164
+ musha.swap {
165
+ get :create, :open_id_complete => "1"
166
+ }
167
+
168
+ assert_response(:success)
169
+ assert_template("new")
170
+ assert_flash_error
171
+
172
+ assert_equal(:failed, assigns(:status))
173
+ end
174
+
175
+ test "GET create(complete), result is setup needed" do
176
+ musha = create_openid_musha("http://openid/", OpenID::Consumer::SETUP_NEEDED)
177
+
178
+ musha.swap {
179
+ get :create, :open_id_complete => "1"
180
+ }
181
+
182
+ assert_response(:success)
183
+ assert_template("new")
184
+ assert_flash_error
185
+
186
+ assert_equal(:setup_needed, assigns(:status))
187
+ end
188
+
189
+ test "POST create, abnormal, no login" do
190
+ session_logout
191
+
192
+ post :create
193
+
194
+ assert_response(:redirect)
195
+ assert_redirected_to(root_path)
196
+ assert_flash_error
197
+ end
198
+
199
+ test "GET delete" do
200
+ get :delete, :open_id_credential_id => @yuya_livedoor.id
201
+
202
+ assert_response(:success)
203
+ assert_template("delete")
204
+ assert_flash_empty
205
+ assert_logged_in(@yuya)
206
+
207
+ assert_equal(@yuya_livedoor, assigns(:open_id_credential))
208
+ end
209
+
210
+ test "GET delete, abnormal, no login" do
211
+ session_logout
212
+
213
+ get :delete, :open_id_credential_id => @yuya_livedoor.id
214
+
215
+ assert_response(:redirect)
216
+ assert_redirected_to(root_path)
217
+ assert_flash_error
218
+ end
219
+
220
+ test "GET delete, abnormal, invalid openid credential id" do
221
+ get :delete, :open_id_credential_id => "0"
222
+
223
+ assert_response(:redirect)
224
+ assert_redirected_to(root_path)
225
+ assert_flash_error
226
+ end
227
+
228
+ test "GET delete, abnormal, other's openid credential" do
229
+ get :delete, :open_id_credential_id => @shinya_example.id
230
+
231
+ assert_response(:redirect)
232
+ assert_redirected_to(root_path)
233
+ assert_flash_error
234
+ end
235
+
236
+ test "POST destroy" do
237
+ assert_difference("OpenIdCredential.count", -1) {
238
+ post :destroy, :open_id_credential_id => @yuya_livedoor.id
239
+ }
240
+
241
+ assert_response(:redirect)
242
+ assert_redirected_to(:controller => "/credentials", :action => "index")
243
+ assert_flash_notice
244
+ assert_logged_in(@yuya)
245
+
246
+ assert_equal(@yuya_livedoor, assigns(:open_id_credential))
247
+
248
+ assert_equal(nil, OpenIdCredential.find_by_id(@yuya_livedoor.id))
249
+ end
250
+
251
+ test "GET destroy, abnormal, method not allowed" do
252
+ get :destroy, :open_id_credential_id => @yuya_livedoor.id
253
+
254
+ assert_response(405)
255
+ assert_template(nil)
256
+ end
257
+
258
+ test "POST destroy, abnormal, no login" do
259
+ session_logout
260
+
261
+ post :destroy, :open_id_credential_id => @yuya_livedoor.id
262
+
263
+ assert_response(:redirect)
264
+ assert_redirected_to(root_path)
265
+ assert_flash_error
266
+ end
267
+
268
+ test "POST destroy, abnormal, invalid openid credential id" do
269
+ post :destroy, :open_id_credential_id => "0"
270
+
271
+ assert_response(:redirect)
272
+ assert_redirected_to(root_path)
273
+ assert_flash_error
274
+ end
275
+
276
+ test "POST destroy, abnormal, other's openid credential" do
277
+ post :destroy, :open_id_credential_id => @shinya_example.id
278
+
279
+ assert_response(:redirect)
280
+ assert_redirected_to(root_path)
281
+ assert_flash_error
282
+ end
283
+
284
+ private
285
+
286
+ def create_openid_musha(identity_url, status)
287
+ composite = Kagemusha::Composite.new
288
+
289
+ composite << Kagemusha.new(ActionController::Base).
290
+ def(:timeout_protection_from_identity_server) {
291
+ obj = Object.new
292
+ meta = (class << obj; self; end)
293
+ meta.__send__(:define_method, :identity_url) { identity_url }
294
+ meta.__send__(:define_method, :display_identifier) { identity_url }
295
+ meta.__send__(:define_method, :status) { status }
296
+ meta.__send__(:define_method, :setup_url) { nil }
297
+ obj
298
+ }
299
+
300
+ composite << Kagemusha.new(OpenID::SReg::Response).
301
+ defs(:from_success_response) { nil }
302
+
303
+ composite << Kagemusha.new(OpenID::AX::FetchResponse).
304
+ defs(:from_success_response) { nil }
305
+
306
+ return composite
307
+ end
308
+ end
@@ -0,0 +1,49 @@
1
+
2
+ require 'test_helper'
3
+
4
+ class CredentialsControllerTest < ActionController::TestCase
5
+ def setup
6
+ @yuya = users(:yuya)
7
+
8
+ session_login(@yuya)
9
+ end
10
+
11
+ test "routes" do
12
+ base = {:controller => "credentials"}
13
+
14
+ assert_routing("/credentials", base.merge(:action => "index"))
15
+ end
16
+
17
+ test "GET index" do
18
+ get :index
19
+
20
+ assert_response(:success)
21
+ assert_template("index")
22
+ assert_flash_empty
23
+ assert_logged_in(@yuya)
24
+
25
+ open_id_credentials = assigns(:open_id_credentials)
26
+ assert_equal(@yuya.open_id_credentials.size, open_id_credentials.size)
27
+ assert_equal(true, open_id_credentials.all? { |o| o.user == @yuya })
28
+ assert_equal(
29
+ open_id_credentials.sort_by(&:identity_url),
30
+ open_id_credentials)
31
+
32
+ email_credentials = assigns(:email_credentials)
33
+ assert_equal(@yuya.email_credentials.size, email_credentials.size)
34
+ assert_equal(true, email_credentials.all? { |e| e.user == @yuya})
35
+ assert_equal(
36
+ email_credentials.sort_by(&:email),
37
+ email_credentials)
38
+ end
39
+
40
+ test "GET index, abnormal, no login" do
41
+ session_logout
42
+
43
+ get :index
44
+
45
+ assert_response(:redirect)
46
+ assert_redirected_to(root_path)
47
+ assert_flash_error
48
+ end
49
+ end