oauth-plugin 0.4.0.pre4 → 0.4.0.pre5

Sign up to get free protection for your applications and to get access to all the features.
Files changed (43) hide show
  1. data/.gitignore +2 -0
  2. data/CHANGELOG +11 -0
  3. data/Gemfile.lock +66 -0
  4. data/Guardfile +8 -0
  5. data/README.rdoc +50 -4
  6. data/generators/oauth_consumer/templates/controller.rb +8 -0
  7. data/generators/oauth_consumer/templates/oauth_config.rb +23 -1
  8. data/generators/oauth_provider/oauth_provider_generator.rb +0 -4
  9. data/generators/oauth_provider/templates/oauth2_authorize.html.erb +2 -2
  10. data/generators/oauth_provider/templates/oauth2_authorize.html.haml +1 -1
  11. data/generators/oauth_provider/templates/request_token.rb +2 -2
  12. data/lib/generators/active_record/oauth_provider_templates/request_token.rb +2 -2
  13. data/lib/generators/erb/oauth_provider_templates/oauth2_authorize.html.erb +1 -1
  14. data/lib/generators/haml/oauth_provider_templates/oauth2_authorize.html.haml +1 -1
  15. data/lib/generators/mongoid/oauth_consumer_templates/consumer_token.rb +10 -8
  16. data/lib/generators/mongoid/oauth_provider_templates/request_token.rb +2 -2
  17. data/lib/generators/oauth_consumer/oauth_consumer_generator.rb +5 -1
  18. data/lib/generators/oauth_consumer/templates/controller.rb +9 -0
  19. data/lib/generators/oauth_consumer/templates/oauth_config.rb +21 -0
  20. data/lib/generators/rspec/oauth_provider_generator.rb +0 -4
  21. data/lib/generators/test_unit/oauth_provider_generator.rb +0 -4
  22. data/lib/oauth-plugin/version.rb +1 -1
  23. data/lib/oauth/controllers/application_controller_methods.rb +24 -127
  24. data/lib/oauth/controllers/consumer_controller.rb +60 -8
  25. data/lib/oauth/controllers/provider_controller.rb +4 -7
  26. data/lib/oauth/models/consumers/service_loader.rb +3 -1
  27. data/lib/oauth/models/consumers/services/google_token.rb +7 -13
  28. data/lib/oauth/models/consumers/services/oauth2_token.rb +27 -0
  29. data/lib/oauth/models/consumers/services/twitter_token.rb +18 -11
  30. data/lib/oauth/models/consumers/token.rb +10 -6
  31. data/lib/oauth/rack/oauth_filter.rb +57 -12
  32. data/oauth-plugin.gemspec +11 -3
  33. data/spec/rack/oauth_filter_spec.rb +136 -0
  34. data/spec/spec_helper.rb +3 -0
  35. metadata +105 -38
  36. data/generators/oauth_provider/templates/controller_spec.rb +0 -838
  37. data/generators/oauth_provider/templates/controller_spec_helper.rb +0 -66
  38. data/generators/oauth_provider/templates/controller_test.rb +0 -310
  39. data/generators/oauth_provider/templates/controller_test_helper.rb +0 -115
  40. data/lib/generators/rspec/templates/controller_spec.rb +0 -838
  41. data/lib/generators/rspec/templates/controller_spec_helper.rb +0 -66
  42. data/lib/generators/test_unit/templates/controller_test.rb +0 -310
  43. data/lib/generators/test_unit/templates/controller_test_helper.rb +0 -115
@@ -1,838 +0,0 @@
1
- require File.dirname(__FILE__) + '/../spec_helper'
2
- require File.dirname(__FILE__) + '/oauth_controller_spec_helper'
3
- require 'json'
4
- describe OauthController do
5
- if defined?(Devise)
6
- include Devise::TestHelpers
7
- end
8
- include OAuthControllerSpecHelper
9
- fixtures :client_applications, :oauth_tokens, :users
10
- describe "getting a request token" do
11
- before(:each) do
12
- sign_request_with_oauth
13
- ClientApplication.stub!(:find_by_key).and_return(current_client_application)
14
- end
15
-
16
- def do_get
17
- get :request_token
18
- end
19
-
20
- it "should be successful" do
21
- do_get
22
- response.should be_success
23
- end
24
-
25
- it "should query for client_application" do
26
- ClientApplication.should_receive(:find_by_key).with(current_client_application.key).and_return(current_client_application)
27
- do_get
28
- end
29
-
30
- it "should request token from client_application" do
31
- current_client_application.should_receive(:create_request_token).and_return(request_token)
32
- do_get
33
- end
34
-
35
- it "should return token string" do
36
- do_get
37
- response.body.should==RequestToken.last.to_query
38
- end
39
-
40
- it "should not set token_callback_url" do
41
- current_client_application.should_not_receive(:token_callback_url=)
42
- do_get
43
- end
44
- end
45
-
46
- describe "getting a request token passing a oauth_callback url" do
47
- before(:each) do
48
- sign_request_with_oauth nil, {:oauth_callback=>"http://test.com/alternative_callback"}
49
- ClientApplication.stub!(:find_by_key).and_return(current_client_application)
50
- end
51
-
52
- def do_get
53
- get :request_token
54
- end
55
-
56
- it "should be successful" do
57
- do_get
58
- response.should be_success
59
- end
60
-
61
- it "should query for client_application" do
62
- ClientApplication.should_receive(:find_by_key).with(current_client_application.key).and_return(current_client_application)
63
- do_get
64
- end
65
-
66
- it "should request token from client_application" do
67
- current_client_application.should_receive(:create_request_token).and_return(request_token)
68
- do_get
69
- end
70
-
71
- it "should return token string" do
72
- do_get
73
- response.body.should==RequestToken.last.to_query
74
- end
75
-
76
- it "should set token_callback_url with received oauth_callback" do
77
- current_client_application.should_receive(:token_callback_url=).with("http://test.com/alternative_callback")
78
- do_get
79
- end
80
- end
81
-
82
- describe "10a token authorization" do
83
- before(:each) do
84
- login
85
- RequestToken.stub!(:find_by_token).and_return(request_token)
86
- end
87
-
88
- def do_get
89
- get :authorize, :oauth_token => request_token.token
90
- end
91
-
92
- it "should show authorize page" do
93
- do_get
94
- response.should render_template("authorize")
95
- end
96
-
97
- it "should authorize token" do
98
- request_token.should_not_receive(:authorize!).with(current_user)
99
- do_get
100
- end
101
-
102
- it "should redirect if token is invalidated" do
103
- request_token.invalidate!
104
- do_get
105
- response.should render_template("authorize_failure")
106
- end
107
-
108
- end
109
-
110
- describe "10a token authorization" do
111
- before(:each) do
112
- login
113
- RequestToken.stub!(:find_by_token).and_return(request_token)
114
- end
115
-
116
- def do_post
117
- post :authorize, :oauth_token => request_token.token, :authorize=>"1"
118
- end
119
-
120
- it "should redirect to default callback" do
121
- do_post
122
- response.should be_redirect
123
- response.should redirect_to("http://application/callback?oauth_token=#{request_token.token}&oauth_verifier=#{request_token.verifier}")
124
- end
125
-
126
- it "should authorize token" do
127
- request_token.should_receive(:authorize!).with(current_user)
128
- do_post
129
- end
130
-
131
- it "should redirect if token is invalidated" do
132
- request_token.invalidate!
133
- do_post
134
- response.should render_template("authorize_failure")
135
- end
136
-
137
- end
138
-
139
- describe "2.0 authorization code flow" do
140
- before(:each) do
141
- login
142
- end
143
-
144
- describe "authorize redirect" do
145
- before(:each) do
146
- get :authorize, :response_type=>"code",:client_id=>current_client_application.key, :redirect_url=>"http://application/callback"
147
- end
148
-
149
- it "should render authorize" do
150
- response.should render_template("oauth2_authorize")
151
- end
152
-
153
- it "should not create token" do
154
- Oauth2Verifier.last.should be_nil
155
- end
156
- end
157
-
158
- describe "authorize" do
159
- before(:each) do
160
- post :authorize, :response_type=>"code",:client_id=>current_client_application.key, :redirect_url=>"http://application/callback",:authorize=>"1"
161
- @verification_token = Oauth2Verifier.last
162
- @oauth2_token_count= Oauth2Token.count
163
- end
164
- subject { @verification_token }
165
-
166
- it { should_not be_nil }
167
- it "should set user on verification token" do
168
- @verification_token.user.should==current_user
169
- end
170
-
171
- it "should set redirect_url" do
172
- @verification_token.redirect_url.should == "http://application/callback"
173
- end
174
-
175
- it "should redirect to default callback" do
176
- response.should be_redirect
177
- response.should redirect_to("http://application/callback?code=#{@verification_token.code}")
178
- end
179
-
180
- describe "get token" do
181
- before(:each) do
182
- post :token, :grant_type=>"authorization_code", :client_id=>current_client_application.key,:client_secret=>current_client_application.secret, :redirect_url=>"http://application/callback",:code=>@verification_token.code
183
- @token = Oauth2Token.last
184
- end
185
-
186
- subject { @token }
187
-
188
- it { should_not be_nil }
189
- it { should be_authorized }
190
- it "should have added a new token" do
191
- Oauth2Token.count.should==@oauth2_token_count+1
192
- end
193
-
194
- it "should set user to current user" do
195
- @token.user.should==current_user
196
- end
197
-
198
- it "should return json token" do
199
- JSON.parse(response.body).should=={"access_token"=>@token.token}
200
- end
201
- end
202
-
203
- describe "get token with wrong secret" do
204
- before(:each) do
205
- post :token, :grant_type=>"authorization_code", :client_id=>current_client_application.key,:client_secret=>"fake", :redirect_url=>"http://application/callback",:code=>@verification_token.code
206
- end
207
-
208
- it "should not create token" do
209
- Oauth2Token.count.should==@oauth2_token_count
210
- end
211
-
212
- it "should return incorrect_client_credentials error" do
213
- JSON.parse(response.body).should == {"error"=>"invalid_client"}
214
- end
215
- end
216
-
217
- describe "get token with wrong code" do
218
- before(:each) do
219
- post :token, :grant_type=>"authorization_code", :client_id=>current_client_application.key,:client_secret=>current_client_application.secret, :redirect_url=>"http://application/callback",:code=>"fake"
220
- end
221
-
222
- it "should not create token" do
223
- Oauth2Token.count.should==@oauth2_token_count
224
- end
225
-
226
- it "should return incorrect_client_credentials error" do
227
- JSON.parse(response.body).should == {"error"=>"invalid_grant"}
228
- end
229
- end
230
-
231
- describe "get token with wrong redirect_url" do
232
- before(:each) do
233
- post :token, :grant_type=>"authorization_code", :client_id=>current_client_application.key,:client_secret=>current_client_application.secret, :redirect_url=>"http://evil/callback",:code=>@verification_token.code
234
- end
235
-
236
- it "should not create token" do
237
- Oauth2Token.count.should==@oauth2_token_count
238
- end
239
-
240
- it "should return incorrect_client_credentials error" do
241
- JSON.parse(response.body).should == {"error"=>"invalid_grant"}
242
- end
243
- end
244
-
245
- end
246
-
247
- describe "deny" do
248
- before(:each) do
249
- post :authorize, :response_type=>"code", :client_id=>current_client_application.key, :redirect_url=>"http://application/callback",:authorize=>"0"
250
- end
251
-
252
- it { Oauth2Verifier.last.should be_nil }
253
-
254
- it "should redirect to default callback" do
255
- response.should be_redirect
256
- response.should redirect_to("http://application/callback?error=user_denied")
257
- end
258
- end
259
-
260
- end
261
-
262
-
263
- describe "2.0 authorization token flow" do
264
- before(:each) do
265
- login
266
- current_client_application # load up so it creates its own token
267
- @oauth2_token_count= Oauth2Token.count
268
- end
269
-
270
- describe "authorize redirect" do
271
- before(:each) do
272
- get :authorize, :response_type=>"token",:client_id=>current_client_application.key, :redirect_url=>"http://application/callback"
273
- end
274
-
275
- it "should render authorize" do
276
- response.should render_template("oauth2_authorize")
277
- end
278
-
279
- it "should not create token" do
280
- Oauth2Verifier.last.should be_nil
281
- end
282
- end
283
-
284
- describe "authorize" do
285
- before(:each) do
286
- post :authorize, :response_type=>"token",:client_id=>current_client_application.key, :redirect_url=>"http://application/callback",:authorize=>"1"
287
- @token = Oauth2Token.last
288
- end
289
- subject { @token }
290
- it "should redirect to default callback" do
291
- response.should be_redirect
292
- response.should redirect_to("http://application/callback?access_token=#{@token.token}")
293
- end
294
-
295
- it "should not have a scope" do
296
- @token.scope.should be_nil
297
- end
298
- it { should_not be_nil }
299
- it { should be_authorized }
300
-
301
- it "should set user to current user" do
302
- @token.user.should==current_user
303
- end
304
-
305
- it "should have added a new token" do
306
- Oauth2Token.count.should==@oauth2_token_count+1
307
- end
308
- end
309
-
310
- describe "deny" do
311
- before(:each) do
312
- post :authorize, :response_type=>"token", :client_id=>current_client_application.key, :redirect_url=>"http://application/callback",:authorize=>"0"
313
- end
314
-
315
- it { Oauth2Verifier.last.should be_nil }
316
-
317
- it "should redirect to default callback" do
318
- response.should be_redirect
319
- response.should redirect_to("http://application/callback?error=user_denied")
320
- end
321
- end
322
- end
323
-
324
- describe "oauth2 token for autonomous client_application" do
325
- before(:each) do
326
- current_client_application
327
- @oauth2_token_count = Oauth2Token.count
328
- post :token, :grant_type=>"none", :client_id=>current_client_application.key,:client_secret=>current_client_application.secret
329
- @token = Oauth2Token.last
330
- end
331
-
332
- subject { @token }
333
-
334
- it { should_not be_nil }
335
- it { should be_authorized }
336
- it "should set user to client_applications user" do
337
- @token.user.should==current_client_application.user
338
- end
339
- it "should have added a new token" do
340
- Oauth2Token.count.should==@oauth2_token_count+1
341
- end
342
-
343
- it "should return json token" do
344
- JSON.parse(response.body).should=={"access_token"=>@token.token}
345
- end
346
- end
347
-
348
- describe "oauth2 token for autonomous client_application with invalid client credentials" do
349
- before(:each) do
350
- current_client_application
351
- @oauth2_token_count = Oauth2Token.count
352
- post :token, :grant_type=>"none", :client_id=>current_client_application.key,:client_secret=>"bad"
353
- end
354
-
355
- subject { @token }
356
-
357
- it "should not have added a new token" do
358
- Oauth2Token.count.should==@oauth2_token_count
359
- end
360
-
361
- it "should return json token" do
362
- JSON.parse(response.body).should=={"error"=>"invalid_client"}
363
- end
364
- end
365
-
366
-
367
- describe "oauth2 token for basic credentials" do
368
- before(:each) do
369
- current_client_application
370
- @oauth2_token_count = Oauth2Token.count
371
- post :token, :grant_type=>"password", :client_id=>current_client_application.key,:client_secret=>current_client_application.secret, :username=>current_user.login, :password=>"password"
372
- @token = Oauth2Token.last
373
- end
374
-
375
- subject { @token }
376
-
377
- it { should_not be_nil }
378
- it { should be_authorized }
379
- it "should set user to client_applications user" do
380
- @token.user.should==current_user
381
- end
382
- it "should have added a new token" do
383
- Oauth2Token.count.should==@oauth2_token_count+1
384
- end
385
-
386
- it "should return json token" do
387
- JSON.parse(response.body).should=={"access_token"=>@token.token}
388
- end
389
- end
390
-
391
- describe "oauth2 token for basic credentials with wrong password" do
392
- before(:each) do
393
- current_client_application
394
- @oauth2_token_count = Oauth2Token.count
395
- post :token, :grant_type=>"password", :client_id=>current_client_application.key,:client_secret=>current_client_application.secret, :username=>current_user.login, :password=>"bad"
396
- end
397
-
398
- it "should not have added a new token" do
399
- Oauth2Token.count.should==@oauth2_token_count
400
- end
401
-
402
- it "should return json token" do
403
- JSON.parse(response.body).should=={"error"=>"invalid_grant"}
404
- end
405
- end
406
-
407
- describe "oauth2 token for basic credentials with unknown user" do
408
- before(:each) do
409
- current_client_application
410
- @oauth2_token_count = Oauth2Token.count
411
- post :token, :grant_type=>"password", :client_id=>current_client_application.key,:client_secret=>current_client_application.secret, :username=>"non existent", :password=>"password"
412
- end
413
-
414
- it "should not have added a new token" do
415
- Oauth2Token.count.should==@oauth2_token_count
416
- end
417
-
418
- it "should return json token" do
419
- JSON.parse(response.body).should=={"error"=>"invalid_grant"}
420
- end
421
- end
422
-
423
- describe "getting an access token" do
424
- before(:each) do
425
- request_token.authorize!(current_user)
426
- request_token.reload
427
- sign_request_with_oauth consumer_request_token, :oauth_verifier=>request_token.verifier
428
- end
429
-
430
- def do_get
431
- post :access_token
432
- end
433
-
434
- it "should have a verifier" do
435
- request_token.verifier.should_not be_nil
436
- end
437
-
438
- it "should be authorized" do
439
- request_token.should be_authorized
440
- end
441
-
442
- it "should be successful" do
443
- do_get
444
- response.should be_success
445
- end
446
-
447
- it "should request token from client_application" do
448
- controller.stub!(:current_token).and_return(request_token)
449
- request_token.should_receive(:exchange!).and_return(access_token)
450
- do_get
451
- end
452
-
453
- it "should return token string" do
454
- do_get
455
- response.body.should == AccessToken.last.to_query
456
- end
457
-
458
- describe "access token" do
459
- before(:each) do
460
- do_get
461
- access_token=AccessToken.last
462
- end
463
-
464
- it "should have user set" do
465
- access_token.user.should==current_user
466
- end
467
-
468
- it "should be authorized" do
469
- access_token.should be_authorized
470
- end
471
- end
472
- end
473
-
474
- describe "invalidate" do
475
- before(:each) do
476
- sign_request_with_oauth access_token
477
- get :invalidate
478
- end
479
-
480
- it "should be a success" do
481
- response.code.should=="410"
482
- end
483
- end
484
-
485
- end
486
-
487
- class OauthorizedController<ApplicationController
488
- before_filter :login_required, :only => :interactive
489
- oauthenticate :only => :all
490
- oauthenticate :strategies=>:token, :only=>:interactive_and_token
491
- oauthenticate :strategies=>:two_legged, :only=>:interactive_and_two_legged
492
- oauthenticate :interactive=>false, :only=>:no_interactive
493
- oauthenticate :interactive=>false, :strategies=>:token, :only=>:token
494
- oauthenticate :interactive=>false, :strategies=>:two_legged, :only=>:two_legged
495
- before_filter :oauth_required, :only=>:token_legacy
496
- before_filter :login_or_oauth_required, :only=>:both_legacy
497
-
498
- def interactive
499
- head :ok
500
- end
501
-
502
- def all
503
- head :ok
504
- end
505
-
506
- def token
507
- head :ok
508
- end
509
-
510
- def interactive_and_token
511
- head :ok
512
- end
513
-
514
- def interactive_and_two_legged
515
- head :ok
516
- end
517
-
518
- def two_legged
519
- head :ok
520
- end
521
-
522
- def token_legacy
523
- head :ok
524
- end
525
-
526
- def both_legacy
527
- head :ok
528
- end
529
- end
530
-
531
- describe OauthorizedController, " access control" do
532
- fixtures :client_applications, :oauth_tokens, :users
533
- if defined?(Devise)
534
- include Devise::TestHelpers
535
- end
536
- include OAuthControllerSpecHelper
537
-
538
- it "should return false for oauth? by default" do
539
- controller.send(:oauth?).should == false
540
- end
541
-
542
- it "should return nil for current_token by default" do
543
- controller.send(:current_token).should be_nil
544
- end
545
-
546
- describe "oauth 10a" do
547
-
548
- describe "request token signed" do
549
- before(:each) do
550
- sign_request_with_oauth(request_token)
551
- end
552
-
553
- it "should disallow oauth using RequestToken when using oauth_required" do
554
- get :token
555
- response.code.should == '401'
556
- end
557
- end
558
-
559
- describe "access token signed" do
560
- before(:each) do
561
- sign_request_with_oauth(access_token)
562
- end
563
-
564
- [:interactive,:two_legged,:interactive_and_two_legged].each do |action|
565
- describe "accessing #{action.to_s.humanize}" do
566
- before(:each) do
567
- get action
568
- end
569
-
570
- it "should not be a success" do
571
- response.should_not be_success
572
- end
573
-
574
- it "should not set current_token" do
575
- controller.send(:current_token).should be_nil
576
- end
577
-
578
- it "should not set current_client_application" do
579
- controller.send(:current_client_application).should be_nil
580
- end
581
-
582
- it "should not set current_user" do
583
- controller.send(:current_user).should be_nil
584
- end
585
- end
586
- end
587
-
588
- [:token,:interactive_and_token,:all,:token_legacy,:both_legacy].each do |action|
589
- describe "accessing #{action.to_s.humanize}" do
590
- before(:each) do
591
- get action
592
- end
593
-
594
- it "should not be a success" do
595
- response.should be_success
596
- end
597
-
598
- it "should set current_token" do
599
- controller.send(:current_token).should == access_token
600
- end
601
-
602
- it "should set current_client_application" do
603
- controller.send(:current_client_application).should == current_client_application
604
- end
605
-
606
- it "should set current_user" do
607
- controller.send(:current_user).should == current_user
608
- end
609
- end
610
- end
611
- end
612
-
613
- describe "2 legged" do
614
- before(:each) do
615
- two_legged_sign_request_with_oauth(current_consumer)
616
- end
617
-
618
- [:token,:interactive_and_token,:interactive,:token_legacy,:both_legacy].each do |action|
619
- describe "accessing #{action.to_s.humanize}" do
620
- before(:each) do
621
- get action
622
- end
623
-
624
- it "should not be a success" do
625
- response.should_not be_success
626
- end
627
-
628
- it "should not set current_token" do
629
- controller.send(:current_token).should be_nil
630
- end
631
-
632
- it "should not set current_client_application" do
633
- controller.send(:current_client_application).should be_nil
634
- end
635
-
636
- it "should not set current_user" do
637
- controller.send(:current_user).should be_nil
638
- end
639
- end
640
- end
641
-
642
- [:two_legged,:interactive_and_two_legged,:all].each do |action|
643
- describe "accessing #{action.to_s.humanize}" do
644
- before(:each) do
645
- get action
646
- end
647
-
648
- it "should not be a success" do
649
- response.should be_success
650
- end
651
-
652
- it "should not set current_token" do
653
- controller.send(:current_token).should be_nil
654
- end
655
-
656
- it "should set current_client_application" do
657
- controller.send(:current_client_application).should == current_client_application
658
- end
659
-
660
- it "should set current_user" do
661
- controller.send(:current_user).should == current_client_application.user
662
- end
663
- end
664
- end
665
- end
666
-
667
- end
668
-
669
- describe "oauth 2.0" do
670
- before(:each) do
671
- @access_token = Oauth2Token.create :user=>current_user, :client_application=>current_client_application
672
- @client_application = @access_token.client_application
673
- end
674
- describe "authorize header" do
675
- before(:each) do
676
- add_oauth2_token_header(access_token)
677
- end
678
-
679
- it "should include headers" do
680
- get :interactive_and_token
681
- request.authorization.should == "OAuth #{access_token.token}"
682
- end
683
-
684
- [:interactive,:two_legged,:interactive_and_two_legged,:token_legacy,:both_legacy].each do |action|
685
- describe "accessing #{action.to_s.humanize}" do
686
- before(:each) do
687
- get action
688
- end
689
-
690
- it "should not be a success" do
691
- response.should_not be_success
692
- end
693
-
694
- it "should not set current_token" do
695
- controller.send(:current_token).should be_nil
696
- end
697
-
698
- it "should not set current_client_application" do
699
- controller.send(:current_client_application).should be_nil
700
- end
701
-
702
- it "should not set current_user" do
703
- controller.send(:current_user).should be_nil
704
- end
705
- end
706
- end
707
-
708
- [:token,:interactive_and_token,:all].each do |action|
709
- describe "accessing #{action.to_s.humanize}" do
710
- before(:each) do
711
- get action
712
- end
713
-
714
- it "should not be a success" do
715
- response.should be_success
716
- end
717
-
718
- it "should set current_token" do
719
- controller.send(:current_token).should == access_token
720
- end
721
-
722
- it "should set current_client_application" do
723
- controller.send(:current_client_application).should == current_client_application
724
- end
725
-
726
- it "should set current_user" do
727
- controller.send(:current_user).should == current_user
728
- end
729
- end
730
- end
731
- end
732
-
733
- describe "query string" do
734
- [:interactive,:two_legged,:interactive_and_two_legged,:token_legacy,:both_legacy].each do |action|
735
- describe "accessing #{action.to_s.humanize}" do
736
- before(:each) do
737
- get action, :oauth_token=>access_token.token
738
- end
739
-
740
- it "should not be a success" do
741
- response.should_not be_success
742
- end
743
-
744
- it "should not set current_token" do
745
- controller.send(:current_token).should be_nil
746
- end
747
-
748
- it "should not set current_client_application" do
749
- controller.send(:current_client_application).should be_nil
750
- end
751
-
752
- it "should not set current_user" do
753
- controller.send(:current_user).should be_nil
754
- end
755
- end
756
- end
757
-
758
- [:token,:interactive_and_token,:all].each do |action|
759
- describe "accessing #{action.to_s.humanize}" do
760
- before(:each) do
761
- get action, :oauth_token=>access_token.token
762
- end
763
-
764
- it "should not be a success" do
765
- response.should be_success
766
- end
767
-
768
- it "should set current_token" do
769
- controller.send(:current_token).should == access_token
770
- end
771
-
772
- it "should set current_client_application" do
773
- controller.send(:current_client_application).should == current_client_application
774
- end
775
-
776
- it "should set current_user" do
777
- controller.send(:current_user).should == current_user
778
- end
779
- end
780
- end
781
-
782
- end
783
-
784
- end
785
-
786
- describe "logged in user" do
787
- before(:each) do
788
- login
789
- end
790
-
791
-
792
- [:token,:two_legged,:token_legacy].each do |action|
793
- describe "accessing #{action.to_s.humanize}" do
794
- before(:each) do
795
- get action, :oauth_token=>access_token.token
796
- end
797
-
798
- it "should not be a success" do
799
- response.should_not be_success
800
- end
801
-
802
- it "should not set current_token" do
803
- controller.send(:current_token).should be_nil
804
- end
805
-
806
- it "should not set current_client_application" do
807
- controller.send(:current_client_application).should be_nil
808
- end
809
-
810
- end
811
- end
812
-
813
- [:interactive,:interactive_and_two_legged,:interactive_and_token,:all,:both_legacy].each do |action|
814
- describe "accessing #{action.to_s.humanize}" do
815
- before(:each) do
816
- get action, :oauth_token=>access_token.token
817
- end
818
-
819
- it "should not be a success" do
820
- response.should be_success
821
- end
822
-
823
- it "should not set current_token" do
824
- controller.send(:current_token).should be_nil
825
- end
826
-
827
- it "should not set current_client_application" do
828
- controller.send(:current_client_application).should be_nil
829
- end
830
-
831
- it "should set current_user" do
832
- controller.send(:current_user).should == current_user
833
- end
834
- end
835
- end
836
- end
837
- end
838
-