oauth2-aptible 0.9.4.aptible

data/spec/oauth2/client_spec.rb

@@ -0,0 +1,205 @@
+require 'helper'
+
+describe OAuth2::Client do
+  let!(:error_value) { 'invalid_token' }
+  let!(:error_description_value) { 'bad bad token' }
+
+  subject do
+    OAuth2::Client.new('abc', 'def', :site => 'https://api.example.com') do |builder|
+      builder.adapter :test do |stub|
+        stub.get('/success')      { |env| [200, {'Content-Type' => 'text/awesome'}, 'yay'] }
+        stub.get('/reflect')      { |env| [200, {}, env[:body]] }
+        stub.post('/reflect')     { |env| [200, {}, env[:body]] }
+        stub.get('/unauthorized') { |env| [401, {'Content-Type' => 'application/json'}, MultiJson.encode(:error => error_value, :error_description => error_description_value)] }
+        stub.get('/conflict')     { |env| [409, {'Content-Type' => 'text/plain'}, 'not authorized'] }
+        stub.get('/redirect')     { |env| [302, {'Content-Type' => 'text/plain', 'location' => '/success'}, ''] }
+        stub.post('/redirect')    { |env| [303, {'Content-Type' => 'text/plain', 'location' => '/reflect'}, ''] }
+        stub.get('/error')        { |env| [500, {'Content-Type' => 'text/plain'}, 'unknown error'] }
+        stub.get('/empty_get')    { |env| [204, {}, nil] }
+      end
+    end
+  end
+
+  describe '#initialize' do
+    it 'assigns id and secret' do
+      expect(subject.id).to eq('abc')
+      expect(subject.secret).to eq('def')
+    end
+
+    it 'assigns site from the options hash' do
+      expect(subject.site).to eq('https://api.example.com')
+    end
+
+    it 'assigns Faraday::Connection#host' do
+      expect(subject.connection.host).to eq('api.example.com')
+    end
+
+    it 'leaves Faraday::Connection#ssl unset' do
+      expect(subject.connection.ssl).to be_empty
+    end
+
+    it 'is able to pass a block to configure the connection' do
+      connection = double('connection')
+      builder = double('builder')
+      allow(connection).to receive(:build).and_yield(builder)
+      allow(Faraday::Connection).to receive(:new).and_return(connection)
+
+      expect(builder).to receive(:adapter).with(:test)
+
+      OAuth2::Client.new('abc', 'def') do |client|
+        client.adapter :test
+      end.connection
+    end
+
+    it 'defaults raise_errors to true' do
+      expect(subject.options[:raise_errors]).to be true
+    end
+
+    it 'allows true/false for raise_errors option' do
+      client = OAuth2::Client.new('abc', 'def', :site => 'https://api.example.com', :raise_errors => false)
+      expect(client.options[:raise_errors]).to be false
+      client = OAuth2::Client.new('abc', 'def', :site => 'https://api.example.com', :raise_errors => true)
+      expect(client.options[:raise_errors]).to be true
+    end
+
+    it 'allows override of raise_errors option' do
+      client = OAuth2::Client.new('abc', 'def', :site => 'https://api.example.com', :raise_errors => true) do |builder|
+        builder.adapter :test do |stub|
+          stub.get('/notfound') { |env| [404, {}, nil] }
+        end
+      end
+      expect(client.options[:raise_errors]).to be true
+      expect { client.request(:get, '/notfound') }.to raise_error(OAuth2::Error)
+      response = client.request(:get, '/notfound', :raise_errors => false)
+      expect(response.status).to eq(404)
+    end
+
+    it 'allows get/post for access_token_method option' do
+      client = OAuth2::Client.new('abc', 'def', :site => 'https://api.example.com', :access_token_method => :get)
+      expect(client.options[:access_token_method]).to eq(:get)
+      client = OAuth2::Client.new('abc', 'def', :site => 'https://api.example.com', :access_token_method => :post)
+      expect(client.options[:access_token_method]).to eq(:post)
+    end
+
+    it 'does not mutate the opts hash argument' do
+      opts = {:site => 'http://example.com/'}
+      opts2 = opts.dup
+      OAuth2::Client.new 'abc', 'def', opts
+      expect(opts).to eq(opts2)
+    end
+  end
+
+  %w(authorize token).each do |url_type|
+    describe ":#{url_type}_url option" do
+      it "defaults to a path of /oauth/#{url_type}" do
+        expect(subject.send("#{url_type}_url")).to eq("https://api.example.com/oauth/#{url_type}")
+      end
+
+      it "is settable via the :#{url_type}_url option" do
+        subject.options[:"#{url_type}_url"] = '/oauth/custom'
+        expect(subject.send("#{url_type}_url")).to eq('https://api.example.com/oauth/custom')
+      end
+
+      it 'allows a different host than the site' do
+        subject.options[:"#{url_type}_url"] = 'https://api.foo.com/oauth/custom'
+        expect(subject.send("#{url_type}_url")).to eq('https://api.foo.com/oauth/custom')
+      end
+    end
+  end
+
+  describe '#request' do
+    it 'works with a null response body' do
+      expect(subject.request(:get, 'empty_get').body).to eq('')
+    end
+
+    it 'returns on a successful response' do
+      response = subject.request(:get, '/success')
+      expect(response.body).to eq('yay')
+      expect(response.status).to eq(200)
+      expect(response.headers).to eq('Content-Type' => 'text/awesome')
+    end
+
+    it 'posts a body' do
+      response = subject.request(:post, '/reflect', :body => 'foo=bar')
+      expect(response.body).to eq('foo=bar')
+    end
+
+    it 'follows redirects properly' do
+      response = subject.request(:get, '/redirect')
+      expect(response.body).to eq('yay')
+      expect(response.status).to eq(200)
+      expect(response.headers).to eq('Content-Type' => 'text/awesome')
+    end
+
+    it 'redirects using GET on a 303' do
+      response = subject.request(:post, '/redirect', :body => 'foo=bar')
+      expect(response.body).to be_empty
+      expect(response.status).to eq(200)
+    end
+
+    it 'obeys the :max_redirects option' do
+      max_redirects = subject.options[:max_redirects]
+      subject.options[:max_redirects] = 0
+      response = subject.request(:get, '/redirect')
+      expect(response.status).to eq(302)
+      subject.options[:max_redirects] = max_redirects
+    end
+
+    it 'returns if raise_errors is false' do
+      subject.options[:raise_errors] = false
+      response = subject.request(:get, '/unauthorized')
+
+      expect(response.status).to eq(401)
+      expect(response.headers).to eq('Content-Type' => 'application/json')
+      expect(response.error).not_to be_nil
+    end
+
+    %w(/unauthorized /conflict /error).each do |error_path|
+      it "raises OAuth2::Error on error response to path #{error_path}" do
+        expect { subject.request(:get, error_path) }.to raise_error(OAuth2::Error)
+      end
+    end
+
+    it 'parses OAuth2 standard error response' do
+      begin
+        subject.request(:get, '/unauthorized')
+      rescue StandardError => e
+        expect(e.code).to eq(error_value)
+        expect(e.description).to eq(error_description_value)
+        expect(e.to_s).to match(/#{error_value}/)
+        expect(e.to_s).to match(/#{error_description_value}/)
+      end
+    end
+
+    it 'provides the response in the Exception' do
+      begin
+        subject.request(:get, '/error')
+      rescue StandardError => e
+        expect(e.response).not_to be_nil
+        expect(e.to_s).to match(/unknown error/)
+      end
+    end
+  end
+
+  it 'instantiates an AuthCode strategy with this client' do
+    expect(subject.auth_code).to be_kind_of(OAuth2::Strategy::AuthCode)
+  end
+
+  it 'instantiates an Implicit strategy with this client' do
+    expect(subject.implicit).to be_kind_of(OAuth2::Strategy::Implicit)
+  end
+
+  context 'with SSL options' do
+    subject do
+      cli = OAuth2::Client.new('abc', 'def', :site => 'https://api.example.com', :ssl => {:ca_file => 'foo.pem'})
+      cli.connection.build do |b|
+        b.adapter :test
+      end
+      cli
+    end
+
+    it 'passes the SSL options along to Faraday::Connection#ssl' do
+      expect(subject.connection.ssl.fetch(:ca_file)).to eq('foo.pem')
+    end
+  end
+end

data/spec/oauth2/response_spec.rb

@@ -0,0 +1,101 @@
+require 'helper'
+
+describe OAuth2::Response do
+  describe '#initialize' do
+    let(:status) { 200 }
+    let(:headers) { {'foo' => 'bar'} }
+    let(:body) { 'foo' }
+
+    it 'returns the status, headers and body' do
+      response = double('response', :headers => headers,
+                                    :status  => status,
+                                    :body    => body)
+      subject = Response.new(response)
+      expect(subject.headers).to eq(headers)
+      expect(subject.status).to eq(status)
+      expect(subject.body).to eq(body)
+    end
+  end
+
+  describe '.register_parser' do
+    let(:response) do
+      double('response', :headers => {'Content-Type' => 'application/foo-bar'},
+                         :status => 200,
+                         :body => 'baz')
+    end
+    before do
+      OAuth2::Response.register_parser(:foobar, 'application/foo-bar') do |body|
+        "foobar #{body}"
+      end
+    end
+
+    it 'adds to the content types and parsers' do
+      expect(OAuth2::Response::PARSERS.keys).to include(:foobar)
+      expect(OAuth2::Response::CONTENT_TYPES.keys).to include('application/foo-bar')
+    end
+
+    it 'is able to parse that content type automatically' do
+      expect(OAuth2::Response.new(response).parsed).to eq('foobar baz')
+    end
+  end
+
+  describe '#parsed' do
+    it 'parses application/x-www-form-urlencoded body' do
+      headers = {'Content-Type' => 'application/x-www-form-urlencoded'}
+      body = 'foo=bar&answer=42'
+      response = double('response', :headers => headers, :body => body)
+      subject = Response.new(response)
+      expect(subject.parsed.keys.size).to eq(2)
+      expect(subject.parsed['foo']).to eq('bar')
+      expect(subject.parsed['answer']).to eq('42')
+    end
+
+    it 'parses application/json body' do
+      headers = {'Content-Type' => 'application/json'}
+      body = MultiJson.encode(:foo => 'bar', :answer => 42)
+      response = double('response', :headers => headers, :body => body)
+      subject = Response.new(response)
+      expect(subject.parsed.keys.size).to eq(2)
+      expect(subject.parsed['foo']).to eq('bar')
+      expect(subject.parsed['answer']).to eq(42)
+    end
+
+    it 'parses alternative application/json extension bodies' do
+      headers = {'Content-Type' => 'application/hal+json'}
+      body = MultiJson.encode(:foo => 'bar', :answer => 42)
+      response = double('response', :headers => headers, :body => body)
+      subject = Response.new(response)
+      expect(subject.parsed.keys.size).to eq(2)
+      expect(subject.parsed['foo']).to eq('bar')
+      expect(subject.parsed['answer']).to eq(42)
+    end
+
+    it "doesn't try to parse other content-types" do
+      headers = {'Content-Type' => 'text/html'}
+      body = '<!DOCTYPE html><html><head></head><body></body></html>'
+
+      response = double('response', :headers => headers, :body => body)
+
+      expect(MultiJson).not_to receive(:decode)
+      expect(MultiJson).not_to receive(:load)
+      expect(Rack::Utils).not_to receive(:parse_query)
+
+      subject = Response.new(response)
+      expect(subject.parsed).to be_nil
+    end
+  end
+
+  context 'xml parser registration' do
+    it 'tries to load multi_xml and use it' do
+      expect(OAuth2::Response::PARSERS[:xml]).not_to be_nil
+    end
+
+    it 'is able to parse xml' do
+      headers = {'Content-Type' => 'text/xml'}
+      body = '<?xml version="1.0" standalone="yes" ?><foo><bar>baz</bar></foo>'
+
+      response = double('response', :headers => headers, :body => body)
+      expect(OAuth2::Response.new(response).parsed).to eq('foo' => {'bar' => 'baz'})
+    end
+  end
+end

data/spec/oauth2/strategy/assertion_spec.rb

@@ -0,0 +1,56 @@
+require 'helper'
+
+describe OAuth2::Strategy::Assertion do
+  let(:client) do
+    cli = OAuth2::Client.new('abc', 'def', :site => 'http://api.example.com')
+    cli.connection.build do |b|
+      b.adapter :test do |stub|
+        stub.post('/oauth/token') do |env|
+          case @mode
+          when 'formencoded'
+            [200, {'Content-Type' => 'application/x-www-form-urlencoded'}, 'expires_in=600&access_token=salmon&refresh_token=trout']
+          when 'json'
+            [200, {'Content-Type' => 'application/json'}, '{"expires_in":600,"access_token":"salmon","refresh_token":"trout"}']
+          end
+        end
+      end
+    end
+    cli
+  end
+
+  let(:params) { {:hmac_secret => 'foo'} }
+
+  subject { client.assertion }
+
+  describe '#authorize_url' do
+    it 'raises NotImplementedError' do
+      expect { subject.authorize_url }.to raise_error(NotImplementedError)
+    end
+  end
+
+  %w(json formencoded).each do |mode|
+    describe "#get_token (#{mode})" do
+      before do
+        @mode = mode
+        @access = subject.get_token(params)
+      end
+
+      it 'returns AccessToken with same Client' do
+        expect(@access.client).to eq(client)
+      end
+
+      it 'returns AccessToken with #token' do
+        expect(@access.token).to eq('salmon')
+      end
+
+      it 'returns AccessToken with #expires_in' do
+        expect(@access.expires_in).to eq(600)
+      end
+
+      it 'returns AccessToken with #expires_at' do
+        expect(@access.expires_at).not_to be_nil
+      end
+    end
+  end
+
+end

data/spec/oauth2/strategy/auth_code_spec.rb

@@ -0,0 +1,88 @@
+require 'helper'
+
+describe OAuth2::Strategy::AuthCode do
+  let(:code) { 'sushi' }
+  let(:kvform_token) { 'expires_in=600&access_token=salmon&refresh_token=trout&extra_param=steve' }
+  let(:facebook_token) { kvform_token.gsub('_in', '') }
+  let(:json_token) { MultiJson.encode(:expires_in => 600, :access_token => 'salmon', :refresh_token => 'trout', :extra_param => 'steve') }
+
+  let(:client) do
+    OAuth2::Client.new('abc', 'def', :site => 'http://api.example.com') do |builder|
+      builder.adapter :test do |stub|
+        stub.get("/oauth/token?client_id=abc&client_secret=def&code=#{code}&grant_type=authorization_code") do |env|
+          case @mode
+          when 'formencoded'
+            [200, {'Content-Type' => 'application/x-www-form-urlencoded'}, kvform_token]
+          when 'json'
+            [200, {'Content-Type' => 'application/json'}, json_token]
+          when 'from_facebook'
+            [200, {'Content-Type' => 'application/x-www-form-urlencoded'}, facebook_token]
+          end
+        end
+        stub.post('/oauth/token', 'client_id' => 'abc', 'client_secret' => 'def', 'code' => 'sushi', 'grant_type' => 'authorization_code') do |env|
+          case @mode
+          when 'formencoded'
+            [200, {'Content-Type' => 'application/x-www-form-urlencoded'}, kvform_token]
+          when 'json'
+            [200, {'Content-Type' => 'application/json'}, json_token]
+          when 'from_facebook'
+            [200, {'Content-Type' => 'application/x-www-form-urlencoded'}, facebook_token]
+          end
+        end
+      end
+    end
+  end
+
+  subject { client.auth_code }
+
+  describe '#authorize_url' do
+    it 'includes the client_id' do
+      expect(subject.authorize_url).to include('client_id=abc')
+    end
+
+    it 'includes the type' do
+      expect(subject.authorize_url).to include('response_type=code')
+    end
+
+    it 'includes passed in options' do
+      cb = 'http://myserver.local/oauth/callback'
+      expect(subject.authorize_url(:redirect_uri => cb)).to include("redirect_uri=#{Rack::Utils.escape(cb)}")
+    end
+  end
+
+  %w(json formencoded from_facebook).each do |mode|
+    [:get, :post].each do |verb|
+      describe "#get_token (#{mode}, access_token_method=#{verb}" do
+        before do
+          @mode = mode
+          client.options[:token_method] = verb
+          @access = subject.get_token(code)
+        end
+
+        it 'returns AccessToken with same Client' do
+          expect(@access.client).to eq(client)
+        end
+
+        it 'returns AccessToken with #token' do
+          expect(@access.token).to eq('salmon')
+        end
+
+        it 'returns AccessToken with #refresh_token' do
+          expect(@access.refresh_token).to eq('trout')
+        end
+
+        it 'returns AccessToken with #expires_in' do
+          expect(@access.expires_in).to eq(600)
+        end
+
+        it 'returns AccessToken with #expires_at' do
+          expect(@access.expires_at).to be_kind_of(Integer)
+        end
+
+        it 'returns AccessToken with params accessible via []' do
+          expect(@access['extra_param']).to eq('steve')
+        end
+      end
+    end
+  end
+end