oauth-plugin 0.4.0.pre4 → 0.4.0.pre5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (43) hide show
  1. data/.gitignore +2 -0
  2. data/CHANGELOG +11 -0
  3. data/Gemfile.lock +66 -0
  4. data/Guardfile +8 -0
  5. data/README.rdoc +50 -4
  6. data/generators/oauth_consumer/templates/controller.rb +8 -0
  7. data/generators/oauth_consumer/templates/oauth_config.rb +23 -1
  8. data/generators/oauth_provider/oauth_provider_generator.rb +0 -4
  9. data/generators/oauth_provider/templates/oauth2_authorize.html.erb +2 -2
  10. data/generators/oauth_provider/templates/oauth2_authorize.html.haml +1 -1
  11. data/generators/oauth_provider/templates/request_token.rb +2 -2
  12. data/lib/generators/active_record/oauth_provider_templates/request_token.rb +2 -2
  13. data/lib/generators/erb/oauth_provider_templates/oauth2_authorize.html.erb +1 -1
  14. data/lib/generators/haml/oauth_provider_templates/oauth2_authorize.html.haml +1 -1
  15. data/lib/generators/mongoid/oauth_consumer_templates/consumer_token.rb +10 -8
  16. data/lib/generators/mongoid/oauth_provider_templates/request_token.rb +2 -2
  17. data/lib/generators/oauth_consumer/oauth_consumer_generator.rb +5 -1
  18. data/lib/generators/oauth_consumer/templates/controller.rb +9 -0
  19. data/lib/generators/oauth_consumer/templates/oauth_config.rb +21 -0
  20. data/lib/generators/rspec/oauth_provider_generator.rb +0 -4
  21. data/lib/generators/test_unit/oauth_provider_generator.rb +0 -4
  22. data/lib/oauth-plugin/version.rb +1 -1
  23. data/lib/oauth/controllers/application_controller_methods.rb +24 -127
  24. data/lib/oauth/controllers/consumer_controller.rb +60 -8
  25. data/lib/oauth/controllers/provider_controller.rb +4 -7
  26. data/lib/oauth/models/consumers/service_loader.rb +3 -1
  27. data/lib/oauth/models/consumers/services/google_token.rb +7 -13
  28. data/lib/oauth/models/consumers/services/oauth2_token.rb +27 -0
  29. data/lib/oauth/models/consumers/services/twitter_token.rb +18 -11
  30. data/lib/oauth/models/consumers/token.rb +10 -6
  31. data/lib/oauth/rack/oauth_filter.rb +57 -12
  32. data/oauth-plugin.gemspec +11 -3
  33. data/spec/rack/oauth_filter_spec.rb +136 -0
  34. data/spec/spec_helper.rb +3 -0
  35. metadata +105 -38
  36. data/generators/oauth_provider/templates/controller_spec.rb +0 -838
  37. data/generators/oauth_provider/templates/controller_spec_helper.rb +0 -66
  38. data/generators/oauth_provider/templates/controller_test.rb +0 -310
  39. data/generators/oauth_provider/templates/controller_test_helper.rb +0 -115
  40. data/lib/generators/rspec/templates/controller_spec.rb +0 -838
  41. data/lib/generators/rspec/templates/controller_spec_helper.rb +0 -66
  42. data/lib/generators/test_unit/templates/controller_test.rb +0 -310
  43. data/lib/generators/test_unit/templates/controller_test_helper.rb +0 -115
@@ -1,838 +0,0 @@
1
- require File.dirname(__FILE__) + '/../spec_helper'
2
- require File.dirname(__FILE__) + '/oauth_controller_spec_helper'
3
-
4
- describe OauthController do
5
- if defined?(Devise)
6
- include Devise::TestHelpers
7
- end
8
- include OAuthControllerSpecHelper
9
- fixtures :client_applications, :oauth_tokens, :users
10
- describe "getting a request token" do
11
- before(:each) do
12
- sign_request_with_oauth
13
- ClientApplication.stub!(:find_by_key).and_return(current_client_application)
14
- end
15
-
16
- def do_get
17
- get :request_token
18
- end
19
-
20
- it "should be successful" do
21
- do_get
22
- response.should be_success
23
- end
24
-
25
- it "should query for client_application" do
26
- ClientApplication.should_receive(:find_by_key).with(current_client_application.key).and_return(current_client_application)
27
- do_get
28
- end
29
-
30
- it "should request token from client_application" do
31
- current_client_application.should_receive(:create_request_token).and_return(request_token)
32
- do_get
33
- end
34
-
35
- it "should return token string" do
36
- do_get
37
- response.body.should==RequestToken.last.to_query
38
- end
39
-
40
- it "should not set token_callback_url" do
41
- current_client_application.should_not_receive(:token_callback_url=)
42
- do_get
43
- end
44
- end
45
-
46
- describe "getting a request token passing a oauth_callback url" do
47
- before(:each) do
48
- sign_request_with_oauth nil, {:oauth_callback=>"http://test.com/alternative_callback"}
49
- ClientApplication.stub!(:find_by_key).and_return(current_client_application)
50
- end
51
-
52
- def do_get
53
- get :request_token
54
- end
55
-
56
- it "should be successful" do
57
- do_get
58
- response.should be_success
59
- end
60
-
61
- it "should query for client_application" do
62
- ClientApplication.should_receive(:find_by_key).with(current_client_application.key).and_return(current_client_application)
63
- do_get
64
- end
65
-
66
- it "should request token from client_application" do
67
- current_client_application.should_receive(:create_request_token).and_return(request_token)
68
- do_get
69
- end
70
-
71
- it "should return token string" do
72
- do_get
73
- response.body.should==RequestToken.last.to_query
74
- end
75
-
76
- it "should set token_callback_url with received oauth_callback" do
77
- current_client_application.should_receive(:token_callback_url=).with("http://test.com/alternative_callback")
78
- do_get
79
- end
80
- end
81
-
82
- describe "10a token authorization" do
83
- before(:each) do
84
- login
85
- RequestToken.stub!(:find_by_token).and_return(request_token)
86
- end
87
-
88
- def do_get
89
- get :authorize, :oauth_token => request_token.token
90
- end
91
-
92
- it "should show authorize page" do
93
- do_get
94
- response.should render_template("authorize")
95
- end
96
-
97
- it "should authorize token" do
98
- request_token.should_not_receive(:authorize!).with(current_user)
99
- do_get
100
- end
101
-
102
- it "should redirect if token is invalidated" do
103
- request_token.invalidate!
104
- do_get
105
- response.should render_template("authorize_failure")
106
- end
107
-
108
- end
109
-
110
- describe "10a token authorization" do
111
- before(:each) do
112
- login
113
- RequestToken.stub!(:find_by_token).and_return(request_token)
114
- end
115
-
116
- def do_post
117
- post :authorize, :oauth_token => request_token.token, :authorize=>1
118
- end
119
-
120
- it "should redirect to default callback" do
121
- do_post
122
- response.should be_redirect
123
- response.should redirect_to("http://application/callback?oauth_token=#{request_token.token}&oauth_verifier=#{request_token.verifier}")
124
- end
125
-
126
- it "should authorize token" do
127
- request_token.should_receive(:authorize!).with(current_user)
128
- do_post
129
- end
130
-
131
- it "should redirect if token is invalidated" do
132
- request_token.invalidate!
133
- do_post
134
- response.should render_template("authorize_failure")
135
- end
136
-
137
- end
138
-
139
- describe "2.0 authorization code flow" do
140
- before(:each) do
141
- login
142
- end
143
-
144
- describe "authorize redirect" do
145
- before(:each) do
146
- get :authorize, :response_type=>"code",:client_id=>current_client_application.key, :redirect_url=>"http://application/callback"
147
- end
148
-
149
- it "should render authorize" do
150
- response.should render_template("oauth2_authorize")
151
- end
152
-
153
- it "should not create token" do
154
- Oauth2Verifier.last.should be_nil
155
- end
156
- end
157
-
158
- describe "authorize" do
159
- before(:each) do
160
- post :authorize, :response_type=>"code",:client_id=>current_client_application.key, :redirect_url=>"http://application/callback",:authorize=>1
161
- @verification_token = Oauth2Verifier.last
162
- @oauth2_token_count= Oauth2Token.count
163
- end
164
- subject { @verification_token }
165
-
166
- it { should_not be_nil }
167
- it "should set user on verification token" do
168
- @verification_token.user.should==current_user
169
- end
170
-
171
- it "should set redirect_url" do
172
- @verification_token.redirect_url.should == "http://application/callback"
173
- end
174
-
175
- it "should redirect to default callback" do
176
- response.should be_redirect
177
- response.should redirect_to("http://application/callback?code=#{@verification_token.code}")
178
- end
179
-
180
- describe "get token" do
181
- before(:each) do
182
- post :token, :grant_type=>"authorization_code", :client_id=>current_client_application.key,:client_secret=>current_client_application.secret, :redirect_url=>"http://application/callback",:code=>@verification_token.code
183
- @token = Oauth2Token.last
184
- end
185
-
186
- subject { @token }
187
-
188
- it { should_not be_nil }
189
- it { should be_authorized }
190
- it "should have added a new token" do
191
- Oauth2Token.count.should==@oauth2_token_count+1
192
- end
193
-
194
- it "should set user to current user" do
195
- @token.user.should==current_user
196
- end
197
-
198
- it "should return json token" do
199
- JSON.parse(response.body).should=={"access_token"=>@token.token}
200
- end
201
- end
202
-
203
- describe "get token with wrong secret" do
204
- before(:each) do
205
- post :token, :grant_type=>"authorization_code", :client_id=>current_client_application.key,:client_secret=>"fake", :redirect_url=>"http://application/callback",:code=>@verification_token.code
206
- end
207
-
208
- it "should not create token" do
209
- Oauth2Token.count.should==@oauth2_token_count
210
- end
211
-
212
- it "should return incorrect_client_credentials error" do
213
- JSON.parse(response.body).should == {"error"=>"invalid_client"}
214
- end
215
- end
216
-
217
- describe "get token with wrong code" do
218
- before(:each) do
219
- post :token, :grant_type=>"authorization_code", :client_id=>current_client_application.key,:client_secret=>current_client_application.secret, :redirect_url=>"http://application/callback",:code=>"fake"
220
- end
221
-
222
- it "should not create token" do
223
- Oauth2Token.count.should==@oauth2_token_count
224
- end
225
-
226
- it "should return incorrect_client_credentials error" do
227
- JSON.parse(response.body).should == {"error"=>"invalid_grant"}
228
- end
229
- end
230
-
231
- describe "get token with wrong redirect_url" do
232
- before(:each) do
233
- post :token, :grant_type=>"authorization_code", :client_id=>current_client_application.key,:client_secret=>current_client_application.secret, :redirect_url=>"http://evil/callback",:code=>@verification_token.code
234
- end
235
-
236
- it "should not create token" do
237
- Oauth2Token.count.should==@oauth2_token_count
238
- end
239
-
240
- it "should return incorrect_client_credentials error" do
241
- JSON.parse(response.body).should == {"error"=>"invalid_grant"}
242
- end
243
- end
244
-
245
- end
246
-
247
- describe "deny" do
248
- before(:each) do
249
- post :authorize, :response_type=>"code", :client_id=>current_client_application.key, :redirect_url=>"http://application/callback",:authorize=>0
250
- end
251
-
252
- it { Oauth2Verifier.last.should be_nil }
253
-
254
- it "should redirect to default callback" do
255
- response.should be_redirect
256
- response.should redirect_to("http://application/callback?error=user_denied")
257
- end
258
- end
259
-
260
- end
261
-
262
-
263
- describe "2.0 authorization token flow" do
264
- before(:each) do
265
- login
266
- current_client_application # load up so it creates its own token
267
- @oauth2_token_count= Oauth2Token.count
268
- end
269
-
270
- describe "authorize redirect" do
271
- before(:each) do
272
- get :authorize, :response_type=>"token",:client_id=>current_client_application.key, :redirect_url=>"http://application/callback"
273
- end
274
-
275
- it "should render authorize" do
276
- response.should render_template("oauth2_authorize")
277
- end
278
-
279
- it "should not create token" do
280
- Oauth2Verifier.last.should be_nil
281
- end
282
- end
283
-
284
- describe "authorize" do
285
- before(:each) do
286
- post :authorize, :response_type=>"token",:client_id=>current_client_application.key, :redirect_url=>"http://application/callback",:authorize=>1
287
- @token = Oauth2Token.last
288
- end
289
- subject { @token }
290
- it "should redirect to default callback" do
291
- response.should be_redirect
292
- response.should redirect_to("http://application/callback?access_token=#{@token.token}")
293
- end
294
-
295
- it "should not have a scope" do
296
- @token.scope.should be_nil
297
- end
298
- it { should_not be_nil }
299
- it { should be_authorized }
300
-
301
- it "should set user to current user" do
302
- @token.user.should==current_user
303
- end
304
-
305
- it "should have added a new token" do
306
- Oauth2Token.count.should==@oauth2_token_count+1
307
- end
308
- end
309
-
310
- describe "deny" do
311
- before(:each) do
312
- post :authorize, :response_type=>"token", :client_id=>current_client_application.key, :redirect_url=>"http://application/callback",:authorize=>0
313
- end
314
-
315
- it { Oauth2Verifier.last.should be_nil }
316
-
317
- it "should redirect to default callback" do
318
- response.should be_redirect
319
- response.should redirect_to("http://application/callback?error=user_denied")
320
- end
321
- end
322
- end
323
-
324
- describe "oauth2 token for autonomous client_application" do
325
- before(:each) do
326
- current_client_application
327
- @oauth2_token_count = Oauth2Token.count
328
- post :token, :grant_type=>"none", :client_id=>current_client_application.key,:client_secret=>current_client_application.secret
329
- @token = Oauth2Token.last
330
- end
331
-
332
- subject { @token }
333
-
334
- it { should_not be_nil }
335
- it { should be_authorized }
336
- it "should set user to client_applications user" do
337
- @token.user.should==current_client_application.user
338
- end
339
- it "should have added a new token" do
340
- Oauth2Token.count.should==@oauth2_token_count+1
341
- end
342
-
343
- it "should return json token" do
344
- JSON.parse(response.body).should=={"access_token"=>@token.token}
345
- end
346
- end
347
-
348
- describe "oauth2 token for autonomous client_application with invalid client credentials" do
349
- before(:each) do
350
- current_client_application
351
- @oauth2_token_count = Oauth2Token.count
352
- post :token, :grant_type=>"none", :client_id=>current_client_application.key,:client_secret=>"bad"
353
- end
354
-
355
- subject { @token }
356
-
357
- it "should not have added a new token" do
358
- Oauth2Token.count.should==@oauth2_token_count
359
- end
360
-
361
- it "should return json token" do
362
- JSON.parse(response.body).should=={"error"=>"invalid_client"}
363
- end
364
- end
365
-
366
-
367
- describe "oauth2 token for basic credentials" do
368
- before(:each) do
369
- current_client_application
370
- @oauth2_token_count = Oauth2Token.count
371
- post :token, :grant_type=>"password", :client_id=>current_client_application.key,:client_secret=>current_client_application.secret, :username=>current_user.login, :password=>"password"
372
- @token = Oauth2Token.last
373
- end
374
-
375
- subject { @token }
376
-
377
- it { should_not be_nil }
378
- it { should be_authorized }
379
- it "should set user to client_applications user" do
380
- @token.user.should==current_user
381
- end
382
- it "should have added a new token" do
383
- Oauth2Token.count.should==@oauth2_token_count+1
384
- end
385
-
386
- it "should return json token" do
387
- JSON.parse(response.body).should=={"access_token"=>@token.token}
388
- end
389
- end
390
-
391
- describe "oauth2 token for basic credentials with wrong password" do
392
- before(:each) do
393
- current_client_application
394
- @oauth2_token_count = Oauth2Token.count
395
- post :token, :grant_type=>"password", :client_id=>current_client_application.key,:client_secret=>current_client_application.secret, :username=>current_user.login, :password=>"bad"
396
- end
397
-
398
- it "should not have added a new token" do
399
- Oauth2Token.count.should==@oauth2_token_count
400
- end
401
-
402
- it "should return json token" do
403
- JSON.parse(response.body).should=={"error"=>"invalid_grant"}
404
- end
405
- end
406
-
407
- describe "oauth2 token for basic credentials with unknown user" do
408
- before(:each) do
409
- current_client_application
410
- @oauth2_token_count = Oauth2Token.count
411
- post :token, :grant_type=>"password", :client_id=>current_client_application.key,:client_secret=>current_client_application.secret, :username=>"non existent", :password=>"password"
412
- end
413
-
414
- it "should not have added a new token" do
415
- Oauth2Token.count.should==@oauth2_token_count
416
- end
417
-
418
- it "should return json token" do
419
- JSON.parse(response.body).should=={"error"=>"invalid_grant"}
420
- end
421
- end
422
-
423
- describe "getting an access token" do
424
- before(:each) do
425
- request_token.authorize!(current_user)
426
- request_token.reload
427
- sign_request_with_oauth consumer_request_token, :oauth_verifier=>request_token.verifier
428
- end
429
-
430
- def do_get
431
- post :access_token
432
- end
433
-
434
- it "should have a verifier" do
435
- request_token.verifier.should_not be_nil
436
- end
437
-
438
- it "should be authorized" do
439
- request_token.should be_authorized
440
- end
441
-
442
- it "should be successful" do
443
- do_get
444
- response.should be_success
445
- end
446
-
447
- it "should request token from client_application" do
448
- controller.stub!(:current_token).and_return(request_token)
449
- request_token.should_receive(:exchange!).and_return(access_token)
450
- do_get
451
- end
452
-
453
- it "should return token string" do
454
- do_get
455
- response.body.should == AccessToken.last.to_query
456
- end
457
-
458
- describe "access token" do
459
- before(:each) do
460
- do_get
461
- access_token=AccessToken.last
462
- end
463
-
464
- it "should have user set" do
465
- access_token.user.should==current_user
466
- end
467
-
468
- it "should be authorized" do
469
- access_token.should be_authorized
470
- end
471
- end
472
- end
473
-
474
- describe "invalidate" do
475
- before(:each) do
476
- sign_request_with_oauth access_token
477
- get :invalidate
478
- end
479
-
480
- it "should be a success" do
481
- response.code.should=="410"
482
- end
483
- end
484
-
485
- end
486
-
487
- class OauthorizedController<ApplicationController
488
- before_filter :login_required, :only => :interactive
489
- oauthenticate :only => :all
490
- oauthenticate :strategies=>:token, :only=>:interactive_and_token
491
- oauthenticate :strategies=>:two_legged, :only=>:interactive_and_two_legged
492
- oauthenticate :interactive=>false, :only=>:no_interactive
493
- oauthenticate :interactive=>false, :strategies=>:token, :only=>:token
494
- oauthenticate :interactive=>false, :strategies=>:two_legged, :only=>:two_legged
495
- before_filter :oauth_required, :only=>:token_legacy
496
- before_filter :login_or_oauth_required, :only=>:both_legacy
497
-
498
- def interactive
499
- head :ok
500
- end
501
-
502
- def all
503
- head :ok
504
- end
505
-
506
- def token
507
- head :ok
508
- end
509
-
510
- def interactive_and_token
511
- head :ok
512
- end
513
-
514
- def interactive_and_two_legged
515
- head :ok
516
- end
517
-
518
- def two_legged
519
- head :ok
520
- end
521
-
522
- def token_legacy
523
- head :ok
524
- end
525
-
526
- def both_legacy
527
- head :ok
528
- end
529
- end
530
-
531
- describe OauthorizedController, " access control" do
532
- fixtures :client_applications, :oauth_tokens, :users
533
- if defined?(Devise)
534
- include Devise::TestHelpers
535
- end
536
- include OAuthControllerSpecHelper
537
-
538
- it "should return false for oauth? by default" do
539
- controller.send(:oauth?).should == false
540
- end
541
-
542
- it "should return nil for current_token by default" do
543
- controller.send(:current_token).should be_nil
544
- end
545
-
546
- describe "oauth 10a" do
547
-
548
- describe "request token signed" do
549
- before(:each) do
550
- sign_request_with_oauth(request_token)
551
- end
552
-
553
- it "should disallow oauth using RequestToken when using oauth_required" do
554
- get :token
555
- response.code.should == '401'
556
- end
557
- end
558
-
559
- describe "access token signed" do
560
- before(:each) do
561
- sign_request_with_oauth(access_token)
562
- end
563
-
564
- [:interactive,:two_legged,:interactive_and_two_legged].each do |action|
565
- describe "accessing #{action.to_s.humanize}" do
566
- before(:each) do
567
- get action
568
- end
569
-
570
- it "should not be a success" do
571
- response.should_not be_success
572
- end
573
-
574
- it "should not set current_token" do
575
- controller.send(:current_token).should be_nil
576
- end
577
-
578
- it "should not set current_client_application" do
579
- controller.send(:current_client_application).should be_nil
580
- end
581
-
582
- it "should not set current_user" do
583
- controller.send(:current_user).should be_nil
584
- end
585
- end
586
- end
587
-
588
- [:token,:interactive_and_token,:all,:token_legacy,:both_legacy].each do |action|
589
- describe "accessing #{action.to_s.humanize}" do
590
- before(:each) do
591
- get action
592
- end
593
-
594
- it "should not be a success" do
595
- response.should be_success
596
- end
597
-
598
- it "should set current_token" do
599
- controller.send(:current_token).should == access_token
600
- end
601
-
602
- it "should set current_client_application" do
603
- controller.send(:current_client_application).should == current_client_application
604
- end
605
-
606
- it "should set current_user" do
607
- controller.send(:current_user).should == current_user
608
- end
609
- end
610
- end
611
- end
612
-
613
- describe "2 legged" do
614
- before(:each) do
615
- two_legged_sign_request_with_oauth(current_consumer)
616
- end
617
-
618
- [:token,:interactive_and_token,:interactive,:token_legacy,:both_legacy].each do |action|
619
- describe "accessing #{action.to_s.humanize}" do
620
- before(:each) do
621
- get action
622
- end
623
-
624
- it "should not be a success" do
625
- response.should_not be_success
626
- end
627
-
628
- it "should not set current_token" do
629
- controller.send(:current_token).should be_nil
630
- end
631
-
632
- it "should not set current_client_application" do
633
- controller.send(:current_client_application).should be_nil
634
- end
635
-
636
- it "should not set current_user" do
637
- controller.send(:current_user).should be_nil
638
- end
639
- end
640
- end
641
-
642
- [:two_legged,:interactive_and_two_legged,:all].each do |action|
643
- describe "accessing #{action.to_s.humanize}" do
644
- before(:each) do
645
- get action
646
- end
647
-
648
- it "should not be a success" do
649
- response.should be_success
650
- end
651
-
652
- it "should not set current_token" do
653
- controller.send(:current_token).should be_nil
654
- end
655
-
656
- it "should set current_client_application" do
657
- controller.send(:current_client_application).should == current_client_application
658
- end
659
-
660
- it "should set current_user" do
661
- controller.send(:current_user).should == current_client_application.user
662
- end
663
- end
664
- end
665
- end
666
-
667
- end
668
-
669
- describe "oauth 2.0" do
670
- before(:each) do
671
- @access_token = Oauth2Token.create :user=>current_user, :client_application=>current_client_application
672
- @client_application = @access_token.client_application
673
- end
674
- describe "authorize header" do
675
- before(:each) do
676
- add_oauth2_token_header(access_token)
677
- end
678
-
679
- it "should include headers" do
680
- get :interactive_and_token
681
- ActionController::HttpAuthentication::Basic.authorization(request).should == "OAuth #{access_token.token}"
682
- end
683
-
684
- [:interactive,:two_legged,:interactive_and_two_legged,:token_legacy,:both_legacy].each do |action|
685
- describe "accessing #{action.to_s.humanize}" do
686
- before(:each) do
687
- get action
688
- end
689
-
690
- it "should not be a success" do
691
- response.should_not be_success
692
- end
693
-
694
- it "should not set current_token" do
695
- controller.send(:current_token).should be_nil
696
- end
697
-
698
- it "should not set current_client_application" do
699
- controller.send(:current_client_application).should be_nil
700
- end
701
-
702
- it "should not set current_user" do
703
- controller.send(:current_user).should be_nil
704
- end
705
- end
706
- end
707
-
708
- [:token,:interactive_and_token,:all].each do |action|
709
- describe "accessing #{action.to_s.humanize}" do
710
- before(:each) do
711
- get action
712
- end
713
-
714
- it "should not be a success" do
715
- response.should be_success
716
- end
717
-
718
- it "should set current_token" do
719
- controller.send(:current_token).should == access_token
720
- end
721
-
722
- it "should set current_client_application" do
723
- controller.send(:current_client_application).should == current_client_application
724
- end
725
-
726
- it "should set current_user" do
727
- controller.send(:current_user).should == current_user
728
- end
729
- end
730
- end
731
- end
732
-
733
- describe "query string" do
734
- [:interactive,:two_legged,:interactive_and_two_legged,:token_legacy,:both_legacy].each do |action|
735
- describe "accessing #{action.to_s.humanize}" do
736
- before(:each) do
737
- get action, :oauth_token=>access_token.token
738
- end
739
-
740
- it "should not be a success" do
741
- response.should_not be_success
742
- end
743
-
744
- it "should not set current_token" do
745
- controller.send(:current_token).should be_nil
746
- end
747
-
748
- it "should not set current_client_application" do
749
- controller.send(:current_client_application).should be_nil
750
- end
751
-
752
- it "should not set current_user" do
753
- controller.send(:current_user).should be_nil
754
- end
755
- end
756
- end
757
-
758
- [:token,:interactive_and_token,:all].each do |action|
759
- describe "accessing #{action.to_s.humanize}" do
760
- before(:each) do
761
- get action, :oauth_token=>access_token.token
762
- end
763
-
764
- it "should not be a success" do
765
- response.should be_success
766
- end
767
-
768
- it "should set current_token" do
769
- controller.send(:current_token).should == access_token
770
- end
771
-
772
- it "should set current_client_application" do
773
- controller.send(:current_client_application).should == current_client_application
774
- end
775
-
776
- it "should set current_user" do
777
- controller.send(:current_user).should == current_user
778
- end
779
- end
780
- end
781
-
782
- end
783
-
784
- end
785
-
786
- describe "logged in user" do
787
- before(:each) do
788
- login
789
- end
790
-
791
-
792
- [:token,:two_legged,:token_legacy].each do |action|
793
- describe "accessing #{action.to_s.humanize}" do
794
- before(:each) do
795
- get action, :oauth_token=>access_token.token
796
- end
797
-
798
- it "should not be a success" do
799
- response.should_not be_success
800
- end
801
-
802
- it "should not set current_token" do
803
- controller.send(:current_token).should be_nil
804
- end
805
-
806
- it "should not set current_client_application" do
807
- controller.send(:current_client_application).should be_nil
808
- end
809
-
810
- end
811
- end
812
-
813
- [:interactive,:interactive_and_two_legged,:interactive_and_token,:all,:both_legacy].each do |action|
814
- describe "accessing #{action.to_s.humanize}" do
815
- before(:each) do
816
- get action, :oauth_token=>access_token.token
817
- end
818
-
819
- it "should not be a success" do
820
- response.should be_success
821
- end
822
-
823
- it "should not set current_token" do
824
- controller.send(:current_token).should be_nil
825
- end
826
-
827
- it "should not set current_client_application" do
828
- controller.send(:current_client_application).should be_nil
829
- end
830
-
831
- it "should set current_user" do
832
- controller.send(:current_user).should == current_user
833
- end
834
- end
835
- end
836
- end
837
- end
838
-