oauth-plugin 0.4.0.pre4 → 0.4.0.pre5

Sign up to get free protection for your applications and to get access to all the features.
Files changed (43) hide show
  1. data/.gitignore +2 -0
  2. data/CHANGELOG +11 -0
  3. data/Gemfile.lock +66 -0
  4. data/Guardfile +8 -0
  5. data/README.rdoc +50 -4
  6. data/generators/oauth_consumer/templates/controller.rb +8 -0
  7. data/generators/oauth_consumer/templates/oauth_config.rb +23 -1
  8. data/generators/oauth_provider/oauth_provider_generator.rb +0 -4
  9. data/generators/oauth_provider/templates/oauth2_authorize.html.erb +2 -2
  10. data/generators/oauth_provider/templates/oauth2_authorize.html.haml +1 -1
  11. data/generators/oauth_provider/templates/request_token.rb +2 -2
  12. data/lib/generators/active_record/oauth_provider_templates/request_token.rb +2 -2
  13. data/lib/generators/erb/oauth_provider_templates/oauth2_authorize.html.erb +1 -1
  14. data/lib/generators/haml/oauth_provider_templates/oauth2_authorize.html.haml +1 -1
  15. data/lib/generators/mongoid/oauth_consumer_templates/consumer_token.rb +10 -8
  16. data/lib/generators/mongoid/oauth_provider_templates/request_token.rb +2 -2
  17. data/lib/generators/oauth_consumer/oauth_consumer_generator.rb +5 -1
  18. data/lib/generators/oauth_consumer/templates/controller.rb +9 -0
  19. data/lib/generators/oauth_consumer/templates/oauth_config.rb +21 -0
  20. data/lib/generators/rspec/oauth_provider_generator.rb +0 -4
  21. data/lib/generators/test_unit/oauth_provider_generator.rb +0 -4
  22. data/lib/oauth-plugin/version.rb +1 -1
  23. data/lib/oauth/controllers/application_controller_methods.rb +24 -127
  24. data/lib/oauth/controllers/consumer_controller.rb +60 -8
  25. data/lib/oauth/controllers/provider_controller.rb +4 -7
  26. data/lib/oauth/models/consumers/service_loader.rb +3 -1
  27. data/lib/oauth/models/consumers/services/google_token.rb +7 -13
  28. data/lib/oauth/models/consumers/services/oauth2_token.rb +27 -0
  29. data/lib/oauth/models/consumers/services/twitter_token.rb +18 -11
  30. data/lib/oauth/models/consumers/token.rb +10 -6
  31. data/lib/oauth/rack/oauth_filter.rb +57 -12
  32. data/oauth-plugin.gemspec +11 -3
  33. data/spec/rack/oauth_filter_spec.rb +136 -0
  34. data/spec/spec_helper.rb +3 -0
  35. metadata +105 -38
  36. data/generators/oauth_provider/templates/controller_spec.rb +0 -838
  37. data/generators/oauth_provider/templates/controller_spec_helper.rb +0 -66
  38. data/generators/oauth_provider/templates/controller_test.rb +0 -310
  39. data/generators/oauth_provider/templates/controller_test_helper.rb +0 -115
  40. data/lib/generators/rspec/templates/controller_spec.rb +0 -838
  41. data/lib/generators/rspec/templates/controller_spec_helper.rb +0 -66
  42. data/lib/generators/test_unit/templates/controller_test.rb +0 -310
  43. data/lib/generators/test_unit/templates/controller_test_helper.rb +0 -115
@@ -1,66 +0,0 @@
1
- require 'oauth/client/action_controller_request'
2
- module OAuthControllerSpecHelper
3
-
4
- def current_user
5
- @user||=users(:aaron)
6
- end
7
-
8
- def current_client_application
9
- @client_application||=client_applications(:one)
10
- end
11
-
12
- def access_token
13
- @access_token||=AccessToken.create :user=>current_user,:client_application=>current_client_application
14
- end
15
-
16
- def request_token
17
- @request_token||=RequestToken.create :client_application=>current_client_application, :callback_url=>"http://application/callback"
18
- end
19
-
20
- def consumer_request_token
21
- OAuth::RequestToken.new current_consumer,request_token.token,request_token.secret
22
- end
23
-
24
- def consumer_access_token
25
- OAuth::AccessToken.new current_consumer,access_token.token,access_token.secret
26
- end
27
-
28
- if defined?(Devise)
29
- include Devise::TestHelpers
30
- def login
31
- sign_in :user, current_user
32
- end
33
- else
34
- def login
35
- controller.stub!(:current_user).and_return(current_user)
36
- end
37
- end
38
-
39
- def login_as_application_owner
40
- @user = users(:quentin)
41
- login
42
- end
43
-
44
- def current_consumer
45
- @consumer ||= OAuth::Consumer.new(current_client_application.key,current_client_application.secret,{:site => "http://test.host"})
46
- end
47
-
48
- def setup_oauth_for_user
49
- login
50
- end
51
-
52
- def sign_request_with_oauth(token=nil,options={})
53
- ActionController::TestRequest.use_oauth=true
54
- @request.configure_oauth(current_consumer,token,options)
55
- end
56
-
57
- def two_legged_sign_request_with_oauth(consumer=nil,options={})
58
- ActionController::TestRequest.use_oauth=true
59
- @request.configure_oauth(consumer,nil,options)
60
- end
61
-
62
- def add_oauth2_token_header(token,options={})
63
- request.env['HTTP_AUTHORIZATION'] = "OAuth #{token.token}"
64
- end
65
-
66
- end
@@ -1,310 +0,0 @@
1
- require File.dirname(__FILE__) + '/../test_helper'
2
- require File.dirname(__FILE__) + '/../oauth_controller_test_helper'
3
- require 'oauth/client/action_controller_request'
4
-
5
- class OauthController; def rescue_action(e) raise e end; end
6
-
7
- class OauthControllerRequestTokenTest < ActionController::TestCase
8
- include OAuthControllerTestHelper
9
- tests OauthController
10
-
11
- def setup
12
- @controller = OauthController.new
13
- setup_oauth
14
- sign_request_with_oauth
15
- @client_application.stubs(:create_request_token).returns(@request_token)
16
- end
17
-
18
- def do_get
19
- get :request_token
20
- end
21
-
22
- def test_should_be_successful
23
- do_get
24
- assert @response.success?
25
- end
26
-
27
- def test_should_query_for_client_application
28
- ClientApplication.expects(:find_by_key).with('key').returns(@client_application)
29
- do_get
30
- end
31
-
32
- def test_should_request_token_from_client_application
33
- @client_application.expects(:create_request_token).returns(@request_token)
34
- do_get
35
- end
36
-
37
- def test_should_return_token_string
38
- do_get
39
- assert_equal @request_token_string, @response.body
40
- end
41
- end
42
-
43
- class OauthControllerTokenAuthorizationTest < ActionController::TestCase
44
- include OAuthControllerTestHelper
45
- tests OauthController
46
-
47
- def setup
48
- @controller = OauthController.new
49
- login
50
- setup_oauth
51
- RequestToken.stubs(:find_by_token).returns(@request_token)
52
- end
53
-
54
- def do_get
55
- get :authorize, :oauth_token => @request_token.token
56
- end
57
-
58
- def do_post
59
- @request_token.expects(:authorize!).with(@user)
60
- post :authorize,:oauth_token=>@request_token.token,:authorize=>"1"
61
- end
62
-
63
- def do_post_without_user_authorization
64
- @request_token.expects(:invalidate!)
65
- post :authorize,:oauth_token=>@request_token.token,:authorize=>"0"
66
- end
67
-
68
- def do_post_with_callback
69
- @request_token.expects(:authorize!).with(@user)
70
- post :authorize,:oauth_token=>@request_token.token,:oauth_callback=>"http://application/alternative",:authorize=>"1"
71
- end
72
-
73
- def do_post_with_no_application_callback
74
- @request_token.expects(:authorize!).with(@user)
75
- @client_application.stubs(:callback_url).returns(nil)
76
- post :authorize, :oauth_token => @request_token.token, :authorize=>"1"
77
- end
78
-
79
- def test_should_be_successful
80
- do_get
81
- assert @response.success?
82
- end
83
-
84
- def test_should_query_for_client_application
85
- RequestToken.expects(:find_by_token).returns(@request_token)
86
- do_get
87
- end
88
-
89
- def test_should_assign_token
90
- do_get
91
- assert_equal @request_token, assigns(:token)
92
- end
93
-
94
- def test_should_render_authorize_template
95
- do_get
96
- assert_template('authorize')
97
- end
98
-
99
- def test_should_redirect_to_default_callback
100
- do_post
101
- assert_response :redirect
102
- assert_redirected_to("http://application/callback?oauth_token=#{@request_token.token}")
103
- end
104
-
105
- def test_should_redirect_to_callback_in_query
106
- do_post_with_callback
107
- assert_response :redirect
108
- assert_redirected_to("http://application/alternative?oauth_token=#{@request_token.token}")
109
- end
110
-
111
- def test_should_be_successful_on_authorize_without_any_application_callback
112
- do_post_with_no_application_callback
113
- assert @response.success?
114
- assert_template('authorize_success')
115
- end
116
-
117
- def test_should_render_failure_screen_on_user_invalidation
118
- do_post_without_user_authorization
119
- assert_template('authorize_failure')
120
- end
121
-
122
- def test_should_render_failure_screen_if_token_is_invalidated
123
- @request_token.expects(:invalidated?).returns(true)
124
- do_get
125
- assert_template('authorize_failure')
126
- end
127
-
128
-
129
- end
130
-
131
- class OauthControllerGetAccessTokenTest < ActionController::TestCase
132
- include OAuthControllerTestHelper
133
- tests OauthController
134
-
135
- def setup
136
- @controller = OauthController.new
137
- setup_oauth
138
- sign_request_with_oauth @request_token
139
- @request_token.stubs(:exchange!).returns(@access_token)
140
- end
141
-
142
- def do_get
143
- get :access_token
144
- end
145
-
146
- def test_should_be_successful
147
- do_get
148
- assert @response.success?
149
- end
150
-
151
- def test_should_query_for_client_application
152
- ClientApplication.expects(:find_token).with(@request_token.token).returns(@request_token)
153
- do_get
154
- end
155
-
156
- def test_should_request_token_from_client_application
157
- @request_token.expects(:exchange!).returns(@access_token)
158
- do_get
159
- end
160
-
161
- def test_should__return_token_string
162
- do_get
163
- assert_equal @access_token_string, @response.body
164
- end
165
- end
166
-
167
- class OauthorizedController < ApplicationController
168
- before_filter :login_or_oauth_required,:only=>:both
169
- before_filter :login_required,:only=>:interactive
170
- before_filter :oauth_required,:only=>:token_only
171
-
172
- def interactive
173
- render :text => "interactive"
174
- end
175
-
176
- def token_only
177
- render :text => "token"
178
- end
179
-
180
- def both
181
- render :text => "both"
182
- end
183
- end
184
-
185
-
186
- class OauthControllerAccessControlTest < ActionController::TestCase
187
- include OAuthControllerTestHelper
188
- tests OauthorizedController
189
-
190
- def setup
191
- @controller = OauthorizedController.new
192
- end
193
-
194
- def test_should__have_access_token_set_up_correctly
195
- setup_to_authorize_request
196
- assert @access_token.is_a?(AccessToken)
197
- assert @access_token.authorized?
198
- assert !@access_token.invalidated?
199
- assert_equal @user, @access_token.user
200
- assert_equal @client_application, @access_token.client_application
201
- end
202
-
203
- def test_should_return_false_for_oauth_by_default
204
- assert_equal false, @controller.send(:oauth?)
205
- end
206
-
207
- def test_should_return_nil_for_current_token_by_default
208
- assert_nil @controller.send(:current_token)
209
- end
210
-
211
- def test_should_allow_oauth_when_using_login_or_oauth_required
212
- setup_to_authorize_request
213
- sign_request_with_oauth(@access_token)
214
- ClientApplication.expects(:find_token).with(@access_token.token).returns(@access_token)
215
- get :both
216
- assert_equal @access_token, @controller.send(:current_token)
217
- assert @controller.send(:current_token).is_a?(AccessToken)
218
- assert_equal @user, @controller.send(:current_user)
219
- assert_equal @client_application, @controller.send(:current_client_application)
220
- assert_equal '200', @response.code
221
- assert @response.success?
222
- end
223
-
224
- def test_should_allow_interactive_when_using_login_or_oauth_required
225
- login
226
- get :both
227
- assert @response.success?
228
- assert_equal @user, @controller.send(:current_user)
229
- assert_nil @controller.send(:current_token)
230
- end
231
-
232
- def test_should_allow_oauth_when_using_oauth_required
233
- setup_to_authorize_request
234
- sign_request_with_oauth(@access_token)
235
- ClientApplication.expects(:find_token).with(@access_token.token).returns(@access_token)
236
- get :token_only
237
- assert_equal @access_token, @controller.send(:current_token)
238
- assert_equal @client_application, @controller.send(:current_client_application)
239
- assert_equal @user, @controller.send(:current_user)
240
- assert_equal '200', @response.code
241
- assert @response.success?
242
- end
243
-
244
- def test_should_disallow_oauth_using_request_token_when_using_oauth_required
245
- setup_to_authorize_request
246
- ClientApplication.expects(:find_token).with(@request_token.token).returns(@request_token)
247
- sign_request_with_oauth(@request_token)
248
- get :token_only
249
- assert_equal '401', @response.code
250
- end
251
-
252
- def test_should_disallow_interactive_when_using_oauth_required
253
- login
254
- get :token_only
255
- assert_equal '401', @response.code
256
-
257
- assert_equal @user, @controller.send(:current_user)
258
- assert_nil @controller.send(:current_token)
259
- end
260
-
261
- def test_should_disallow_oauth_when_using_login_required
262
- setup_to_authorize_request
263
- sign_request_with_oauth(@access_token)
264
- get :interactive
265
- assert_equal "302",@response.code
266
- assert_nil @controller.send(:current_user)
267
- assert_nil @controller.send(:current_token)
268
- end
269
-
270
- def test_should_allow_interactive_when_using_login_required
271
- login
272
- get :interactive
273
- assert @response.success?
274
- assert_equal @user, @controller.send(:current_user)
275
- assert_nil @controller.send(:current_token)
276
- end
277
-
278
- end
279
-
280
- class OauthControllerRevokeTest < ActionController::TestCase
281
- include OAuthControllerTestHelper
282
- tests OauthController
283
-
284
- def setup
285
- @controller = OauthController.new
286
- setup_oauth_for_user
287
- @request_token.stubs(:invalidate!)
288
- end
289
-
290
- def do_post
291
- post :revoke, :token => "TOKEN STRING"
292
- end
293
-
294
- def test_should_redirect_to_index
295
- do_post
296
- assert_response :redirect
297
- assert_redirected_to('http://test.host/oauth_clients')
298
- end
299
-
300
- def test_should_query_current_users_tokens
301
- @tokens.expects(:find_by_token).returns(@request_token)
302
- do_post
303
- end
304
-
305
- def test_should_call_invalidate_on_token
306
- @request_token.expects(:invalidate!)
307
- do_post
308
- end
309
-
310
- end
@@ -1,115 +0,0 @@
1
- require "mocha"
2
- module OAuthControllerTestHelper
3
-
4
- # Some custom stuff since we're using Mocha
5
- def mock_model(model_class, options_and_stubs = {})
6
- id = rand(10000)
7
- options_and_stubs.reverse_merge! :id => id,
8
- :to_param => id.to_s,
9
- :new_record? => false,
10
- :errors => stub("errors", :count => 0)
11
-
12
- m = stub("#{model_class.name}_#{options_and_stubs[:id]}", options_and_stubs)
13
- m.instance_eval <<-CODE
14
- def is_a?(other)
15
- #{model_class}.ancestors.include?(other)
16
- end
17
- def kind_of?(other)
18
- #{model_class}.ancestors.include?(other)
19
- end
20
- def instance_of?(other)
21
- other == #{model_class}
22
- end
23
- def class
24
- #{model_class}
25
- end
26
- CODE
27
- yield m if block_given?
28
- m
29
- end
30
-
31
- def mock_full_client_application
32
- mock_model(ClientApplication,
33
- :name => "App1",
34
- :url => "http://app.com",
35
- :callback_url => "http://app.com/callback",
36
- :support_url => "http://app.com/support",
37
- :key => "asd23423yy",
38
- :secret => "secret",
39
- :oauth_server => OAuth::Server.new("http://kowabunga.com")
40
- )
41
- end
42
-
43
- def login
44
- @controller.stubs(:local_request?).returns(true)
45
- @user = mock_model(User, :login => "ron")
46
- @controller.stubs(:current_user).returns(@user)
47
- @tokens=[]
48
- @tokens.stubs(:find).returns(@tokens)
49
- @user.stubs(:tokens).returns(@tokens)
50
- User.stubs(:find_by_id).returns(@user)
51
- end
52
-
53
- def login_as_application_owner
54
- login
55
- @client_application = mock_full_client_application
56
- @client_applications = [@client_application]
57
-
58
- @user.stubs(:client_applications).returns(@client_applications)
59
- @client_applications.stubs(:find).returns(@client_application)
60
- end
61
-
62
- def setup_oauth
63
- @controller.stubs(:local_request?).returns(true)
64
- @user||=mock_model(User)
65
-
66
- User.stubs(:find_by_id).returns(@user)
67
-
68
- @server=OAuth::Server.new "http://test.host"
69
- @consumer=OAuth::Consumer.new('key','secret',{:site=>"http://test.host"})
70
-
71
- @client_application = mock_full_client_application
72
- @controller.stubs(:current_client_application).returns(@client_application)
73
- ClientApplication.stubs(:find_by_key).returns(@client_application)
74
- @client_application.stubs(:key).returns(@consumer.key)
75
- @client_application.stubs(:secret).returns(@consumer.secret)
76
- @client_application.stubs(:name).returns("Client Application name")
77
- @client_application.stubs(:callback_url).returns("http://application/callback")
78
- @request_token=mock_model(RequestToken,:token=>'request_token',:client_application=>@client_application,:secret=>"request_secret",:user=>@user)
79
- @request_token.stubs(:invalidated?).returns(false)
80
- ClientApplication.stubs(:find_token).returns(@request_token)
81
-
82
- @request_token_string="oauth_token=request_token&oauth_token_secret=request_secret"
83
- @request_token.stubs(:to_query).returns(@request_token_string)
84
-
85
- @access_token=mock_model(AccessToken,:token=>'access_token',:client_application=>@client_application,:secret=>"access_secret",:user=>@user)
86
- @access_token.stubs(:invalidated?).returns(false)
87
- @access_token.stubs(:authorized?).returns(true)
88
- @access_token_string="oauth_token=access_token&oauth_token_secret=access_secret"
89
- @access_token.stubs(:to_query).returns(@access_token_string)
90
-
91
- @client_application.stubs(:authorize_request?).returns(true)
92
- # @client_application.stubs(:sign_request_with_oauth_token).returns(@request_token)
93
- @client_application.stubs(:exchange_for_access_token).returns(@access_token)
94
- end
95
-
96
- def setup_oauth_for_user
97
- login
98
- setup_oauth
99
- @tokens=[@request_token]
100
- @tokens.stubs(:find).returns(@tokens)
101
- @tokens.stubs(:find_by_token).returns(@request_token)
102
- @user.stubs(:tokens).returns(@tokens)
103
- end
104
-
105
- def sign_request_with_oauth(token=nil)
106
- ActionController::TestRequest.use_oauth=true
107
- @request.configure_oauth(@consumer, token)
108
- end
109
-
110
- def setup_to_authorize_request
111
- setup_oauth
112
- OauthToken.stubs(:find_by_token).with( @access_token.token).returns(@access_token)
113
- @access_token.stubs(:is_a?).returns(true)
114
- end
115
- end