oauth2-client 1.0.0

data/spec/oauth2/connection_spec.rb

@@ -0,0 +1,273 @@
+require File.expand_path('../../spec_helper', __FILE__)
+require 'ostruct'
+
+describe OAuth2::HttpConnection do
+
+  subject do
+    @conn = OAuth2::HttpConnection.new('https://yammer.com')
+  end
+
+  context "with user options" do
+    before do
+      @conn = OAuth2::HttpConnection.new('https://microsoft.com', {
+        :accept => 'application/xml',
+        :user_agent => "OAuth2 Test Client",
+        :ssl => {:verify => false},
+        :max_redirects => 2
+      })
+    end
+
+    describe "connection options" do
+      # it " " do
+      #   options = OAuth2::HttpConnection.default_options
+      #   options.keys.each do |key|
+      #     expect(@conn.instance_variable_get(:"@#{key}")).to eq options[key]
+      #   end
+      # end
+    end
+  end
+
+  describe "#default_headers" do
+    it "returns user_agent and response format" do
+      expect(subject.default_headers).to eq ({
+        "Accept"     => "application/json", 
+        "User-Agent" => "OAuth2 Ruby Gem #{OAuth2::Version}"
+      })
+    end
+  end
+
+  describe "#scheme" do
+    it "returns the http scheme" do
+      expect(subject.scheme).to eq 'https'
+    end
+  end
+
+  describe "#scheme" do
+    context "scheme is unsupported" do
+      it "raises an error" do
+        expect { subject.scheme = 'ftp'}.to raise_error(OAuth2::HttpConnection::UnsupportedSchemeError)
+      end
+    end
+
+    context "scheme is http" do
+      it "sets the scheme" do
+        subject.scheme = 'http'
+        expect(subject.scheme).to eq 'http'
+      end
+    end
+
+    context "scheme is https" do
+      it "sets the scheme" do
+        subject.scheme = 'https'
+        expect(subject.scheme).to eq 'https'
+      end
+    end
+  end
+
+  describe "#host" do
+    it "returns the host server" do
+      expect(subject.host).to eq 'yammer.com'
+    end
+  end
+
+  describe "#port" do
+    it "returns the port" do
+      expect(subject.port).to eq 443
+    end
+  end
+
+  describe "#ssl?" do
+    context "scheme is https" do
+      it "returns true" do
+        subject.scheme = 'https'
+        expect(subject.ssl?).to eq true
+      end
+    end
+
+    context "scheme is http" do
+      it "returns false" do
+        subject.scheme = 'http'
+        expect(subject.ssl?).to eq false
+      end
+    end
+  end
+
+  describe "#http_connection" do
+    it "behaves like HTTP client" do
+      expect(subject.http_connection).to respond_to(:get)
+      expect(subject.http_connection).to respond_to(:post)
+      expect(subject.http_connection).to respond_to(:put)
+      expect(subject.http_connection).to respond_to(:delete)
+    end
+  end
+
+  describe "#absolute_url" do
+    context "with no parameters" do
+      it "returns a uri without path" do
+        expect(subject.absolute_url).to eq "https://yammer.com"
+      end
+    end
+
+    context "with parameters" do
+      it "returns a uri with path" do
+        expect(subject.absolute_url('/oauth/v2/authorize')).to eq "https://yammer.com/oauth/v2/authorize"
+      end
+    end
+  end
+
+  describe "#configure_ssl" do
+  end
+
+  describe "#redirect_limit_reached?" do
+  end
+
+  describe "#ssl_verify_mode" do
+    context "ssl verify set to true" do
+      it "returns OpenSSL::SSL::VERIFY_PEER" do
+        subject.ssl = { :verify => true }
+        expect(subject.send(:ssl_verify_mode)).to eq OpenSSL::SSL::VERIFY_PEER
+      end
+    end
+
+    context "ssl verify set to false" do
+      it "returns OpenSSL::SSL::VERIFY_NONE" do
+        subject.ssl = { :verify => false }
+        expect(subject.send(:ssl_verify_mode)).to eq OpenSSL::SSL::VERIFY_NONE
+      end
+    end
+  end
+
+  describe "ssl_cert_store" do
+  end
+
+  describe "#send_request" do
+    before do
+      @http_ok = OpenStruct.new(
+        :code    => '200',
+        :body    => 'success',
+        :header => {'Content-Type' => "application/json"}
+      )
+      @http_redirect = OpenStruct.new(
+        :code    => '301',
+        :body    => 'redirect',
+        :header => {'Location' => "http://yammer.com/members"}
+      )
+    end
+
+    context "when method is not supported" do
+      it "raises an error" do
+        expect {subject.send_request(:patch, '/')}.to raise_error(OAuth2::HttpConnection::UnhandledHTTPMethodError)
+      end
+    end
+
+    context "when method is get" do
+      it "returns an http response" do
+        path = '/oauth/authorize'
+        params = {:client_id => '001337', :client_secret => 'abcxyz'}
+        method = :get
+        
+        normalized_path = '/oauth/authorize?client_id=001337&client_secret=abcxyz'
+
+        Net::HTTP.any_instance.should_receive(:get).with(normalized_path, subject.default_headers).and_return(@http_ok)
+        response = subject.send_request(method, path, :params => params)
+
+        expect(response.code).to eq '200'
+      end
+    end
+
+    context "when method is delete" do
+      it "returns an http response" do
+        path = '/users/1'
+        method = 'delete'
+
+        Net::HTTP.any_instance.should_receive(:delete).with(path, subject.default_headers).and_return(@http_ok)
+        response = subject.send_request(method, path)
+
+        expect(response.code).to eq '200'
+      end
+    end
+
+    context "when method is post" do
+      it "returns an http response" do
+        path = '/users'
+        params = {:first_name => 'john', :last_name => 'smith'}
+        query  = Addressable::URI.form_encode(params)
+        headers = {'Content-Type' => 'application/x-www-form-urlencoded' }.merge(subject.default_headers)
+
+        Net::HTTP.any_instance.should_receive(:post).with(path, query, headers).and_return(@http_ok)
+        response =subject.send_request(:post, path, :params => params)
+
+        expect(response.code).to eq '200'
+      end
+    end
+
+    context "when method is put" do
+      it "returns an http response" do
+        path = '/users/1'
+        params = {:first_name => 'jane', :last_name => 'doe'}
+        query  = Addressable::URI.form_encode(params)
+        headers = {'Content-Type' => 'application/x-www-form-urlencoded' }.merge(subject.default_headers)
+
+        Net::HTTP.any_instance.should_receive(:put).with(path, query, headers).and_return(@http_ok)
+
+        response = subject.send_request(:put, path, :params => params)
+
+        expect(response.code).to eq '200'
+      end
+    end
+
+    it "follows redirect" do
+      path = '/users'
+      params = {:first_name => 'jane', :last_name => 'doe'}
+      query  = Addressable::URI.form_encode(params)
+      headers = {'Content-Type' => 'application/x-www-form-urlencoded' }.merge(subject.default_headers)
+      client = double("client")
+
+      subject.should_receive(:http_connection).twice.and_return(client, client)
+      client.should_receive(:post).ordered.with(path, query, headers).and_return(@http_redirect)
+      client.should_receive(:post).ordered.with('/members', query, headers).and_return(@http_ok)
+
+      response = subject.send_request(:post, path, :params => params)
+
+      expect(response.code).to eq '200'
+    end
+
+    it "respects the redirect limit " do
+      subject.max_redirects = 1
+      path = '/users'
+      params = {:first_name => 'jane', :last_name => 'doe'}
+      query  = Addressable::URI.form_encode(params)
+      headers = {'Content-Type' => 'application/x-www-form-urlencoded' }.merge(subject.default_headers)
+      client = double("client")
+
+      subject.should_receive(:http_connection).twice.and_return(client, client)
+      client.should_receive(:post).ordered.with(path, query, headers).and_return(@http_redirect)
+      client.should_receive(:post).ordered.with('/members', query, headers).and_return(@http_redirect)
+
+      response = subject.send_request(:post, path, :params => params)
+
+      expect(response.code).to eq '301'
+    end
+
+    it "modifies http 303 redirect from POST to GET " do
+      http_303 = OpenStruct.new(
+        :code    => '303',
+        :body    => 'redirect',
+        :header => {'Location' => "http://yammer.com/members"}
+      )
+      path = '/users'
+      params = {:first_name => 'jane', :last_name => 'doe'}
+      query  = Addressable::URI.form_encode(params)
+      headers = {'Content-Type' => 'application/x-www-form-urlencoded' }.merge(subject.default_headers)
+      client = double("client")
+
+      subject.should_receive(:http_connection).twice.and_return(client, client)
+      client.should_receive(:post).ordered.with(path, query, headers).and_return(http_303)
+      client.should_receive(:get).ordered.with('/members', subject.default_headers).and_return(@http_ok)
+
+      response = subject.send_request(:post, path, :params => params)
+
+      expect(response.code).to eq '200'
+    end
+  end
+end

data/spec/oauth2/grant/authorization_code_spec.rb

@@ -0,0 +1,89 @@
+require File.expand_path('../../../spec_helper', __FILE__)
+
+describe OAuth2::Grant::AuthorizationCode do
+
+  before :all do
+    @host           = 'https://example.com'
+    @client_id      = 's6BhdRkqt3'
+    @client_secret  = 'SplxlOBeZQQYbYS6WxSbIA'
+    @client = OAuth2::Client.new(@host, @client_id, @client_secret)
+    OAuth2::Grant::AuthorizationCode.stub(:make_request)
+  end
+
+  subject do
+    OAuth2::Grant::AuthorizationCode.new(@client)
+  end
+
+  describe "#authorization_params" do
+    it "returns client_id and response_type" do
+      expect(subject.send(:authorization_params)).to eq({ :client_id => "s6BhdRkqt3", :response_type => "code" })
+    end
+  end
+
+  describe "#response_type" do
+    it "returns response type" do
+      expect(subject.response_type).to eq 'code'
+    end
+  end
+
+  describe "#grant_type" do
+    it "returns grant type" do
+      expect(subject.grant_type).to eq 'authorization_code'
+    end
+  end
+
+  describe "#authorization_path" do
+    context "without parameters" do
+      it "returns authorization path with only response_type and client_id in query string" do
+        query_values = Addressable::URI.parse(subject.authorization_path).query_values
+        expect(query_values).to eq({"response_type"=>"code", "client_id"=>"s6BhdRkqt3"})
+      end
+    end
+
+    context "with parameters" do
+      it "returns authorization path with exra parameters in query string" do
+        path = subject.authorization_path({
+          :scope => 'abc xyz',
+          :state => 'state'
+        })
+        query_values = Addressable::URI.parse(path).query_values
+        expect(query_values).to eq({"response_type"=>"code", "client_id"=>"s6BhdRkqt3", "scope" => "abc xyz", "state" => "state"})
+      end
+    end
+  end
+
+  describe "#token_path" do
+    context "with parameters" do
+      it "returns token path" do
+        query_values = Addressable::URI.parse(subject.token_path).query_values
+        expect(subject.token_path).to eq '/oauth2/token'
+      end
+    end
+
+    context "without parameters" do
+      it "returns token path with provided query parameters" do
+        path = subject.token_path({
+          :response_type => 'token',
+          :state => '16WxSbIA',
+          :code   => 's6BhdRkqt3'
+        })
+        query_values = Addressable::URI.parse(path).query_values
+        expect(query_values).to eq({"response_type"=>"token", "code"=>"s6BhdRkqt3", "state" =>"16WxSbIA"})
+      end
+    end
+  end
+
+  describe "#fetch_authorization_url" do
+    it "returns response authorization page from oauth server" do
+      subject.should_receive(:make_request).with(:get, "/oauth2/authorize", {:params=> {:response_type=>"code", :client_id=>"s6BhdRkqt3"}})
+      subject.fetch_authorization_url
+    end
+  end
+
+  describe "#get_token" do
+    it "exchanges authorization code for access token" do
+      subject.should_receive(:make_request).with(:post, "/oauth2/token", {:params=>{:scope=>"abc xyz", :state=>"state", :code=>"G3Y6jU3a"}, :authenticate=>:headers})
+      subject.get_token('G3Y6jU3a', :params => {:scope => 'abc xyz', :state => 'state'})
+    end
+  end
+end

data/spec/oauth2/grant/base_spec.rb

@@ -0,0 +1,57 @@
+require File.expand_path('../../../spec_helper', __FILE__)
+require 'oauth2/helper'
+
+describe OAuth2::Grant::Base do
+
+  before :all do
+    @client = OpenStruct.new(
+      :host           => 'example.com',
+      :client_id      => 's6BhdRkqt3',
+      :client_secret  => 'SplxlOBeZQQYbYS6WxSbIA',
+      :authorize_path => '/oauth2/authorize',
+      :token_path     => '/oauth2/token',
+      :device_path    => '/oauth2/device',
+      :connection     => OpenStruct.new
+    )
+  end
+
+  subject do
+    OAuth2::Grant::Base.new(@client)
+  end
+
+  describe "#make_request" do
+    context "without authenticate option" do
+      it "does not send authorization credentials" do
+        @client.connection.should_receive(:send_request).with(:get, '/oauth2', {})
+        subject.make_request(:get, '/oauth2')
+      end
+    end
+
+    context "with authenticate option" do
+      context "option is headers" do
+        it "authorization credentials in headers" do
+          opts = {
+            :headers => {'Authorization' => OAuth2::UrlHelper::http_basic_encode(@client.client_id, @client.client_secret)},
+            :params  => {:client_id => @client.client_id}
+          }
+          @client.connection.should_receive(:send_request).with(:get, '/oauth2', opts)
+          subject.make_request(:get, '/oauth2', :authenticate => :headers, :params => {:client_id => @client.client_id})
+        end
+      end
+
+      context "option is body" do
+        it "authorization credentials in body" do
+          opts = {
+            :params  => {
+              :code => 'abc123',
+              :client_id => @client.client_id,
+              :client_secret => @client.client_secret
+            },
+          }
+          @client.connection.should_receive(:send_request).with(:get, '/oauth2', opts)
+          subject.make_request(:get, '/oauth2', :params => {:code => 'abc123'}, :authenticate => :body)
+        end
+      end
+    end   
+  end
+end

data/spec/oauth2/grant/client_credentials_spec.rb

@@ -0,0 +1,28 @@
+require File.expand_path('../../../spec_helper', __FILE__)
+
+describe OAuth2::Grant::ClientCredentials do
+
+  before :all do
+    @host           = 'example.com'
+    @client_id      = 's6BhdRkqt3'
+    @client_secret  = 'SplxlOBeZQQYbYS6WxSbIA'
+    @client = OAuth2::Client.new(@host, @client_id, @client_secret)
+  end
+
+  subject do
+    OAuth2::Grant::ClientCredentials.new(@client)
+  end
+
+  describe "#grant_type" do
+    it "returns grant type" do
+      expect(subject.grant_type).to eq 'client_credentials'
+    end
+  end
+
+  describe "#get_token" do
+    it "exchanges authorization code for access token" do
+      subject.should_receive(:make_request).with(:post, "/oauth2/token", {:params=>{:grant_type=>"client_credentials"}, :authenticate=>:headers})
+      subject.get_token
+    end
+  end
+end