oauth2 0.9.2 → 0.9.3
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- checksums.yaml.gz.sig +0 -0
- data.tar.gz.sig +0 -0
- data/CONTRIBUTING.md +6 -3
- data/README.md +2 -11
- data/Rakefile +21 -1
- data/lib/oauth2/access_token.rb +16 -15
- data/lib/oauth2/client.rb +13 -11
- data/lib/oauth2/response.rb +8 -12
- data/lib/oauth2/strategy/assertion.rb +6 -8
- data/lib/oauth2/strategy/auth_code.rb +3 -3
- data/lib/oauth2/strategy/client_credentials.rb +12 -4
- data/lib/oauth2/strategy/implicit.rb +3 -3
- data/lib/oauth2/strategy/password.rb +2 -2
- data/lib/oauth2/version.rb +4 -7
- data/oauth2.gemspec +8 -9
- data/spec/helper.rb +5 -1
- data/spec/oauth2/access_token_spec.rb +38 -38
- data/spec/oauth2/client_spec.rb +58 -59
- data/spec/oauth2/response_spec.rb +20 -20
- data/spec/oauth2/strategy/assertion_spec.rb +13 -14
- data/spec/oauth2/strategy/auth_code_spec.rb +22 -22
- data/spec/oauth2/strategy/base_spec.rb +2 -2
- data/spec/oauth2/strategy/client_credentials_spec.rb +28 -17
- data/spec/oauth2/strategy/implicit_spec.rb +8 -8
- data/spec/oauth2/strategy/password_spec.rb +13 -13
- metadata +52 -82
- metadata.gz.sig +0 -0
@@ -8,7 +8,7 @@ module OAuth2
|
|
8
8
|
#
|
9
9
|
# @raise [NotImplementedError]
|
10
10
|
def authorize_url
|
11
|
-
|
11
|
+
fail(NotImplementedError, 'The authorization endpoint is not used in this strategy')
|
12
12
|
end
|
13
13
|
|
14
14
|
# Retrieve an access token given the specified End User username and password.
|
@@ -16,7 +16,7 @@ module OAuth2
|
|
16
16
|
# @param [String] username the End User username
|
17
17
|
# @param [String] password the End User password
|
18
18
|
# @param [Hash] params additional params
|
19
|
-
def get_token(username, password, params={}, opts={})
|
19
|
+
def get_token(username, password, params = {}, opts = {})
|
20
20
|
params = {'grant_type' => 'password',
|
21
21
|
'username' => username,
|
22
22
|
'password' => password}.merge(client_params).merge(params)
|
data/lib/oauth2/version.rb
CHANGED
@@ -1,18 +1,15 @@
|
|
1
1
|
module OAuth2
|
2
2
|
class Version
|
3
|
-
MAJOR = 0
|
4
|
-
MINOR = 9
|
5
|
-
PATCH =
|
6
|
-
PRE = nil
|
3
|
+
MAJOR = 0
|
4
|
+
MINOR = 9
|
5
|
+
PATCH = 3
|
6
|
+
PRE = nil
|
7
7
|
|
8
8
|
class << self
|
9
|
-
|
10
9
|
# @return [String]
|
11
10
|
def to_s
|
12
11
|
[MAJOR, MINOR, PATCH, PRE].compact.join('.')
|
13
12
|
end
|
14
|
-
|
15
13
|
end
|
16
|
-
|
17
14
|
end
|
18
15
|
end
|
data/oauth2.gemspec
CHANGED
@@ -5,26 +5,25 @@ require 'oauth2/version'
|
|
5
5
|
|
6
6
|
Gem::Specification.new do |spec|
|
7
7
|
spec.add_development_dependency 'bundler', '~> 1.0'
|
8
|
-
spec.add_dependency 'faraday', '
|
9
|
-
spec.add_dependency '
|
10
|
-
spec.add_dependency 'multi_json', '~> 1.0'
|
8
|
+
spec.add_dependency 'faraday', ['>= 0.8', '< 0.10']
|
9
|
+
spec.add_dependency 'multi_json', '~> 1.3'
|
11
10
|
spec.add_dependency 'multi_xml', '~> 0.5'
|
12
11
|
spec.add_dependency 'rack', '~> 1.2'
|
13
|
-
spec.add_dependency 'jwt', '~> 0.1.
|
14
|
-
spec.authors = [
|
12
|
+
spec.add_dependency 'jwt', '~> 0.1.8'
|
13
|
+
spec.authors = ['Michael Bleigh', 'Erik Michaels-Ober']
|
15
14
|
spec.cert_chain = %w(certs/sferik.pem)
|
16
15
|
spec.description = %q{A Ruby wrapper for the OAuth 2.0 protocol built with a similar style to the original OAuth spec.}
|
17
16
|
spec.email = ['michael@intridea.com', 'sferik@gmail.com']
|
18
17
|
spec.files = %w(.document CONTRIBUTING.md LICENSE.md README.md Rakefile oauth2.gemspec)
|
19
|
-
spec.files += Dir.glob(
|
20
|
-
spec.files += Dir.glob(
|
18
|
+
spec.files += Dir.glob('lib/**/*.rb')
|
19
|
+
spec.files += Dir.glob('spec/**/*')
|
21
20
|
spec.homepage = 'http://github.com/intridea/oauth2'
|
22
21
|
spec.licenses = ['MIT']
|
23
22
|
spec.name = 'oauth2'
|
24
23
|
spec.require_paths = ['lib']
|
25
24
|
spec.required_rubygems_version = '>= 1.3.5'
|
26
|
-
spec.signing_key = File.expand_path(
|
25
|
+
spec.signing_key = File.expand_path('~/.gem/private_key.pem') if $PROGRAM_NAME =~ /gem\z/
|
27
26
|
spec.summary = %q{A Ruby wrapper for the OAuth 2.0 protocol.}
|
28
|
-
spec.test_files = Dir.glob(
|
27
|
+
spec.test_files = Dir.glob('spec/**/*')
|
29
28
|
spec.version = OAuth2::Version
|
30
29
|
end
|
data/spec/helper.rb
CHANGED
@@ -5,7 +5,11 @@ SimpleCov.formatter = SimpleCov::Formatter::MultiFormatter[
|
|
5
5
|
SimpleCov::Formatter::HTMLFormatter,
|
6
6
|
Coveralls::SimpleCov::Formatter
|
7
7
|
]
|
8
|
-
|
8
|
+
|
9
|
+
SimpleCov.start do
|
10
|
+
add_filter '/spec/'
|
11
|
+
minimum_coverage(95.29)
|
12
|
+
end
|
9
13
|
|
10
14
|
require 'oauth2'
|
11
15
|
require 'addressable/uri'
|
@@ -3,32 +3,32 @@ require 'helper'
|
|
3
3
|
VERBS = [:get, :post, :put, :delete]
|
4
4
|
|
5
5
|
describe AccessToken do
|
6
|
-
let(:token) {'monkey'}
|
7
|
-
let(:token_body) {MultiJson.encode(:access_token => 'foo', :expires_in => 600, :refresh_token => 'bar')}
|
8
|
-
let(:refresh_body) {MultiJson.encode(:access_token => 'refreshed_foo', :expires_in => 600, :refresh_token => 'refresh_bar')}
|
6
|
+
let(:token) { 'monkey' }
|
7
|
+
let(:token_body) { MultiJson.encode(:access_token => 'foo', :expires_in => 600, :refresh_token => 'bar') }
|
8
|
+
let(:refresh_body) { MultiJson.encode(:access_token => 'refreshed_foo', :expires_in => 600, :refresh_token => 'refresh_bar') }
|
9
9
|
let(:client) do
|
10
10
|
Client.new('abc', 'def', :site => 'https://api.example.com') do |builder|
|
11
11
|
builder.request :url_encoded
|
12
12
|
builder.adapter :test do |stub|
|
13
13
|
VERBS.each do |verb|
|
14
|
-
stub.send(verb, '/token/header') {|env| [200, {}, env[:request_headers]['Authorization']]}
|
15
|
-
stub.send(verb, "/token/query?access_token=#{token}") {|env| [200, {}, Addressable::URI.parse(env[:url]).query_values['access_token']]}
|
16
|
-
stub.send(verb, '/token/body') {|env| [200, {}, env[:body]]}
|
14
|
+
stub.send(verb, '/token/header') { |env| [200, {}, env[:request_headers]['Authorization']] }
|
15
|
+
stub.send(verb, "/token/query?access_token=#{token}") { |env| [200, {}, Addressable::URI.parse(env[:url]).query_values['access_token']] }
|
16
|
+
stub.send(verb, '/token/body') { |env| [200, {}, env[:body]] }
|
17
17
|
end
|
18
|
-
stub.post('/oauth/token') {|env| [200, {'Content-Type' => 'application/json'}, refresh_body]}
|
18
|
+
stub.post('/oauth/token') { |env| [200, {'Content-Type' => 'application/json'}, refresh_body] }
|
19
19
|
end
|
20
20
|
end
|
21
21
|
end
|
22
22
|
|
23
|
-
subject {AccessToken.new(client, token)}
|
23
|
+
subject { AccessToken.new(client, token) }
|
24
24
|
|
25
|
-
describe
|
26
|
-
it
|
25
|
+
describe '#initialize' do
|
26
|
+
it 'assigns client and token' do
|
27
27
|
expect(subject.client).to eq(client)
|
28
28
|
expect(subject.token).to eq(token)
|
29
29
|
end
|
30
30
|
|
31
|
-
it
|
31
|
+
it 'assigns extra params' do
|
32
32
|
target = AccessToken.new(client, token, 'foo' => 'bar')
|
33
33
|
expect(target.params).to include('foo')
|
34
34
|
expect(target.params['foo']).to eq('bar')
|
@@ -41,26 +41,26 @@ describe AccessToken do
|
|
41
41
|
expect(target.params['foo']).to eq('bar')
|
42
42
|
end
|
43
43
|
|
44
|
-
it
|
44
|
+
it 'initializes with a Hash' do
|
45
45
|
hash = {:access_token => token, :expires_at => Time.now.to_i + 200, 'foo' => 'bar'}
|
46
46
|
target = AccessToken.from_hash(client, hash)
|
47
47
|
assert_initialized_token(target)
|
48
48
|
end
|
49
49
|
|
50
|
-
it
|
51
|
-
kvform = "access_token=#{token}&expires_at=#{Time.now.to_i+200}&foo=bar"
|
50
|
+
it 'initalizes with a form-urlencoded key/value string' do
|
51
|
+
kvform = "access_token=#{token}&expires_at=#{Time.now.to_i + 200}&foo=bar"
|
52
52
|
target = AccessToken.from_kvform(client, kvform)
|
53
53
|
assert_initialized_token(target)
|
54
54
|
end
|
55
55
|
|
56
|
-
it
|
56
|
+
it 'sets options' do
|
57
57
|
target = AccessToken.new(client, token, :param_name => 'foo', :header_format => 'Bearer %', :mode => :body)
|
58
58
|
expect(target.options[:param_name]).to eq('foo')
|
59
59
|
expect(target.options[:header_format]).to eq('Bearer %')
|
60
60
|
expect(target.options[:mode]).to eq(:body)
|
61
61
|
end
|
62
62
|
|
63
|
-
it
|
63
|
+
it 'initializes with a string expires_at' do
|
64
64
|
hash = {:access_token => token, :expires_at => '1361396829', 'foo' => 'bar'}
|
65
65
|
target = AccessToken.from_hash(client, hash)
|
66
66
|
assert_initialized_token(target)
|
@@ -68,8 +68,8 @@ describe AccessToken do
|
|
68
68
|
end
|
69
69
|
end
|
70
70
|
|
71
|
-
describe
|
72
|
-
context
|
71
|
+
describe '#request' do
|
72
|
+
context ':mode => :header' do
|
73
73
|
before do
|
74
74
|
subject.options[:mode] = :header
|
75
75
|
end
|
@@ -81,7 +81,7 @@ describe AccessToken do
|
|
81
81
|
end
|
82
82
|
end
|
83
83
|
|
84
|
-
context
|
84
|
+
context ':mode => :query' do
|
85
85
|
before do
|
86
86
|
subject.options[:mode] = :query
|
87
87
|
end
|
@@ -93,7 +93,7 @@ describe AccessToken do
|
|
93
93
|
end
|
94
94
|
end
|
95
95
|
|
96
|
-
context
|
96
|
+
context ':mode => :body' do
|
97
97
|
before do
|
98
98
|
subject.options[:mode] = :body
|
99
99
|
end
|
@@ -106,55 +106,55 @@ describe AccessToken do
|
|
106
106
|
end
|
107
107
|
end
|
108
108
|
|
109
|
-
describe
|
110
|
-
it
|
109
|
+
describe '#expires?' do
|
110
|
+
it 'is false if there is no expires_at' do
|
111
111
|
expect(AccessToken.new(client, token)).not_to be_expires
|
112
112
|
end
|
113
113
|
|
114
|
-
it
|
114
|
+
it 'is true if there is an expires_in' do
|
115
115
|
expect(AccessToken.new(client, token, :refresh_token => 'abaca', :expires_in => 600)).to be_expires
|
116
116
|
end
|
117
117
|
|
118
|
-
it
|
119
|
-
expect(AccessToken.new(client, token, :refresh_token => 'abaca', :expires_in => Time.now.getutc.to_i+600)).to be_expires
|
118
|
+
it 'is true if there is an expires_at' do
|
119
|
+
expect(AccessToken.new(client, token, :refresh_token => 'abaca', :expires_in => Time.now.getutc.to_i + 600)).to be_expires
|
120
120
|
end
|
121
121
|
end
|
122
122
|
|
123
|
-
describe
|
124
|
-
it
|
123
|
+
describe '#expired?' do
|
124
|
+
it 'is false if there is no expires_in or expires_at' do
|
125
125
|
expect(AccessToken.new(client, token)).not_to be_expired
|
126
126
|
end
|
127
127
|
|
128
|
-
it
|
129
|
-
expect(AccessToken.new(client, token, :refresh_token => 'abaca', :expires_in =>
|
128
|
+
it 'is false if expires_in is in the future' do
|
129
|
+
expect(AccessToken.new(client, token, :refresh_token => 'abaca', :expires_in => 10_800)).not_to be_expired
|
130
130
|
end
|
131
131
|
|
132
|
-
it
|
132
|
+
it 'is true if expires_at is in the past' do
|
133
133
|
access = AccessToken.new(client, token, :refresh_token => 'abaca', :expires_in => 600)
|
134
|
-
@now = Time.now +
|
135
|
-
Time.
|
134
|
+
@now = Time.now + 10_800
|
135
|
+
allow(Time).to receive(:now).and_return(@now)
|
136
136
|
expect(access).to be_expired
|
137
137
|
end
|
138
138
|
|
139
139
|
end
|
140
140
|
|
141
|
-
describe
|
142
|
-
let(:access)
|
141
|
+
describe '#refresh!' do
|
142
|
+
let(:access) do
|
143
143
|
AccessToken.new(client, token, :refresh_token => 'abaca',
|
144
144
|
:expires_in => 600,
|
145
145
|
:param_name => 'o_param')
|
146
|
-
|
146
|
+
end
|
147
147
|
|
148
|
-
it
|
148
|
+
it 'returns a refresh token with appropriate values carried over' do
|
149
149
|
refreshed = access.refresh!
|
150
150
|
expect(access.client).to eq(refreshed.client)
|
151
151
|
expect(access.options[:param_name]).to eq(refreshed.options[:param_name])
|
152
152
|
end
|
153
153
|
|
154
|
-
context
|
154
|
+
context 'with a nil refresh_token in the response' do
|
155
155
|
let(:refresh_body) { MultiJson.encode(:access_token => 'refreshed_foo', :expires_in => 600, :refresh_token => nil) }
|
156
156
|
|
157
|
-
it
|
157
|
+
it 'copies the refresh_token from the original token' do
|
158
158
|
refreshed = access.refresh!
|
159
159
|
|
160
160
|
expect(refreshed.refresh_token).to eq(access.refresh_token)
|
data/spec/oauth2/client_spec.rb
CHANGED
@@ -1,81 +1,80 @@
|
|
1
1
|
require 'helper'
|
2
2
|
|
3
3
|
describe OAuth2::Client do
|
4
|
-
let!(:error_value) {'invalid_token'}
|
5
|
-
let!(:error_description_value) {'bad bad token'}
|
4
|
+
let!(:error_value) { 'invalid_token' }
|
5
|
+
let!(:error_description_value) { 'bad bad token' }
|
6
6
|
|
7
7
|
subject do
|
8
8
|
OAuth2::Client.new('abc', 'def', :site => 'https://api.example.com') do |builder|
|
9
9
|
builder.adapter :test do |stub|
|
10
|
-
stub.get('/success') {|env| [200, {'Content-Type' => 'text/awesome'}, 'yay']}
|
11
|
-
stub.get('/reflect') {|env| [200, {}, env[:body]]}
|
12
|
-
stub.post('/reflect') {|env| [200, {}, env[:body]]}
|
13
|
-
stub.get('/unauthorized') {|env| [401, {'Content-Type' => 'application/json'}, MultiJson.encode(:error => error_value, :error_description => error_description_value)]}
|
14
|
-
stub.get('/conflict') {|env| [409, {'Content-Type' => 'text/plain'}, 'not authorized']}
|
15
|
-
stub.get('/redirect') {|env| [302, {'Content-Type' => 'text/plain', 'location' => '/success'
|
16
|
-
stub.post('/redirect') {|env| [303, {'Content-Type' => 'text/plain', 'location' => '/reflect'
|
17
|
-
stub.get('/error') {|env| [500, {'Content-Type' => 'text/plain'}, 'unknown error']}
|
18
|
-
stub.get('/empty_get') {|env| [204, {}, nil]}
|
10
|
+
stub.get('/success') { |env| [200, {'Content-Type' => 'text/awesome'}, 'yay'] }
|
11
|
+
stub.get('/reflect') { |env| [200, {}, env[:body]] }
|
12
|
+
stub.post('/reflect') { |env| [200, {}, env[:body]] }
|
13
|
+
stub.get('/unauthorized') { |env| [401, {'Content-Type' => 'application/json'}, MultiJson.encode(:error => error_value, :error_description => error_description_value)] }
|
14
|
+
stub.get('/conflict') { |env| [409, {'Content-Type' => 'text/plain'}, 'not authorized'] }
|
15
|
+
stub.get('/redirect') { |env| [302, {'Content-Type' => 'text/plain', 'location' => '/success'}, ''] }
|
16
|
+
stub.post('/redirect') { |env| [303, {'Content-Type' => 'text/plain', 'location' => '/reflect'}, ''] }
|
17
|
+
stub.get('/error') { |env| [500, {'Content-Type' => 'text/plain'}, 'unknown error'] }
|
18
|
+
stub.get('/empty_get') { |env| [204, {}, nil] }
|
19
19
|
end
|
20
20
|
end
|
21
21
|
end
|
22
22
|
|
23
|
-
describe
|
24
|
-
it
|
23
|
+
describe '#initialize' do
|
24
|
+
it 'assigns id and secret' do
|
25
25
|
expect(subject.id).to eq('abc')
|
26
26
|
expect(subject.secret).to eq('def')
|
27
27
|
end
|
28
28
|
|
29
|
-
it
|
29
|
+
it 'assigns site from the options hash' do
|
30
30
|
expect(subject.site).to eq('https://api.example.com')
|
31
31
|
end
|
32
32
|
|
33
|
-
it
|
33
|
+
it 'assigns Faraday::Connection#host' do
|
34
34
|
expect(subject.connection.host).to eq('api.example.com')
|
35
35
|
end
|
36
36
|
|
37
|
-
it
|
38
|
-
expect(subject.connection.ssl).to
|
37
|
+
it 'leaves Faraday::Connection#ssl unset' do
|
38
|
+
expect(subject.connection.ssl).to be_empty
|
39
39
|
end
|
40
40
|
|
41
|
-
it
|
42
|
-
connection =
|
43
|
-
|
44
|
-
|
45
|
-
|
46
|
-
Faraday::Connection.stub(:new => connection)
|
41
|
+
it 'is able to pass a block to configure the connection' do
|
42
|
+
connection = double('connection')
|
43
|
+
builder = double('builder')
|
44
|
+
allow(connection).to receive(:build).and_yield(builder)
|
45
|
+
allow(Faraday::Connection).to receive(:new).and_return(connection)
|
47
46
|
|
48
|
-
builder.
|
47
|
+
expect(builder).to receive(:adapter).with(:test)
|
49
48
|
|
50
|
-
OAuth2::Client.new('abc', 'def') do |
|
51
|
-
|
49
|
+
OAuth2::Client.new('abc', 'def') do |client|
|
50
|
+
client.adapter :test
|
52
51
|
end.connection
|
53
52
|
end
|
54
53
|
|
55
|
-
it
|
56
|
-
expect(subject.options[:raise_errors]).to
|
54
|
+
it 'defaults raise_errors to true' do
|
55
|
+
expect(subject.options[:raise_errors]).to be true
|
57
56
|
end
|
58
57
|
|
59
|
-
it
|
58
|
+
it 'allows true/false for raise_errors option' do
|
60
59
|
client = OAuth2::Client.new('abc', 'def', :site => 'https://api.example.com', :raise_errors => false)
|
61
|
-
expect(client.options[:raise_errors]).to
|
60
|
+
expect(client.options[:raise_errors]).to be false
|
62
61
|
client = OAuth2::Client.new('abc', 'def', :site => 'https://api.example.com', :raise_errors => true)
|
63
|
-
expect(client.options[:raise_errors]).to
|
62
|
+
expect(client.options[:raise_errors]).to be true
|
64
63
|
end
|
65
64
|
|
66
|
-
it
|
65
|
+
it 'allows override of raise_errors option' do
|
67
66
|
client = OAuth2::Client.new('abc', 'def', :site => 'https://api.example.com', :raise_errors => true) do |builder|
|
68
67
|
builder.adapter :test do |stub|
|
69
|
-
stub.get('/notfound') {|env| [404, {}, nil]}
|
68
|
+
stub.get('/notfound') { |env| [404, {}, nil] }
|
70
69
|
end
|
71
70
|
end
|
72
|
-
expect(client.options[:raise_errors]).to
|
73
|
-
expect{client.request(:get, '/notfound')}.to raise_error(OAuth2::Error)
|
71
|
+
expect(client.options[:raise_errors]).to be true
|
72
|
+
expect { client.request(:get, '/notfound') }.to raise_error(OAuth2::Error)
|
74
73
|
response = client.request(:get, '/notfound', :raise_errors => false)
|
75
74
|
expect(response.status).to eq(404)
|
76
75
|
end
|
77
76
|
|
78
|
-
it
|
77
|
+
it 'allows get/post for access_token_method option' do
|
79
78
|
client = OAuth2::Client.new('abc', 'def', :site => 'https://api.example.com', :access_token_method => :get)
|
80
79
|
expect(client.options[:access_token_method]).to eq(:get)
|
81
80
|
client = OAuth2::Client.new('abc', 'def', :site => 'https://api.example.com', :access_token_method => :post)
|
@@ -83,7 +82,7 @@ describe OAuth2::Client do
|
|
83
82
|
end
|
84
83
|
|
85
84
|
it 'does not mutate the opts hash argument' do
|
86
|
-
opts = {
|
85
|
+
opts = {:site => 'http://example.com/'}
|
87
86
|
opts2 = opts.dup
|
88
87
|
OAuth2::Client.new 'abc', 'def', opts
|
89
88
|
expect(opts).to eq(opts2)
|
@@ -101,44 +100,44 @@ describe OAuth2::Client do
|
|
101
100
|
expect(subject.send("#{url_type}_url")).to eq('https://api.example.com/oauth/custom')
|
102
101
|
end
|
103
102
|
|
104
|
-
it
|
103
|
+
it 'allows a different host than the site' do
|
105
104
|
subject.options[:"#{url_type}_url"] = 'https://api.foo.com/oauth/custom'
|
106
105
|
expect(subject.send("#{url_type}_url")).to eq('https://api.foo.com/oauth/custom')
|
107
106
|
end
|
108
107
|
end
|
109
108
|
end
|
110
109
|
|
111
|
-
describe
|
112
|
-
it
|
110
|
+
describe '#request' do
|
111
|
+
it 'works with a null response body' do
|
113
112
|
expect(subject.request(:get, 'empty_get').body).to eq('')
|
114
113
|
end
|
115
114
|
|
116
|
-
it
|
115
|
+
it 'returns on a successful response' do
|
117
116
|
response = subject.request(:get, '/success')
|
118
117
|
expect(response.body).to eq('yay')
|
119
118
|
expect(response.status).to eq(200)
|
120
|
-
expect(response.headers).to eq(
|
119
|
+
expect(response.headers).to eq('Content-Type' => 'text/awesome')
|
121
120
|
end
|
122
121
|
|
123
|
-
it
|
122
|
+
it 'posts a body' do
|
124
123
|
response = subject.request(:post, '/reflect', :body => 'foo=bar')
|
125
124
|
expect(response.body).to eq('foo=bar')
|
126
125
|
end
|
127
126
|
|
128
|
-
it
|
127
|
+
it 'follows redirects properly' do
|
129
128
|
response = subject.request(:get, '/redirect')
|
130
129
|
expect(response.body).to eq('yay')
|
131
130
|
expect(response.status).to eq(200)
|
132
|
-
expect(response.headers).to eq(
|
131
|
+
expect(response.headers).to eq('Content-Type' => 'text/awesome')
|
133
132
|
end
|
134
133
|
|
135
|
-
it
|
134
|
+
it 'redirects using GET on a 303' do
|
136
135
|
response = subject.request(:post, '/redirect', :body => 'foo=bar')
|
137
136
|
expect(response.body).to be_empty
|
138
137
|
expect(response.status).to eq(200)
|
139
138
|
end
|
140
139
|
|
141
|
-
it
|
140
|
+
it 'obeys the :max_redirects option' do
|
142
141
|
max_redirects = subject.options[:max_redirects]
|
143
142
|
subject.options[:max_redirects] = 0
|
144
143
|
response = subject.request(:get, '/redirect')
|
@@ -146,25 +145,25 @@ describe OAuth2::Client do
|
|
146
145
|
subject.options[:max_redirects] = max_redirects
|
147
146
|
end
|
148
147
|
|
149
|
-
it
|
148
|
+
it 'returns if raise_errors is false' do
|
150
149
|
subject.options[:raise_errors] = false
|
151
150
|
response = subject.request(:get, '/unauthorized')
|
152
151
|
|
153
152
|
expect(response.status).to eq(401)
|
154
|
-
expect(response.headers).to eq(
|
153
|
+
expect(response.headers).to eq('Content-Type' => 'application/json')
|
155
154
|
expect(response.error).not_to be_nil
|
156
155
|
end
|
157
156
|
|
158
157
|
%w(/unauthorized /conflict /error).each do |error_path|
|
159
158
|
it "raises OAuth2::Error on error response to path #{error_path}" do
|
160
|
-
expect{subject.request(:get, error_path)}.to raise_error(OAuth2::Error)
|
159
|
+
expect { subject.request(:get, error_path) }.to raise_error(OAuth2::Error)
|
161
160
|
end
|
162
161
|
end
|
163
162
|
|
164
|
-
it
|
163
|
+
it 'parses OAuth2 standard error response' do
|
165
164
|
begin
|
166
165
|
subject.request(:get, '/unauthorized')
|
167
|
-
rescue
|
166
|
+
rescue StandardError => e
|
168
167
|
expect(e.code).to eq(error_value)
|
169
168
|
expect(e.description).to eq(error_description_value)
|
170
169
|
expect(e.to_s).to match(/#{error_value}/)
|
@@ -172,25 +171,25 @@ describe OAuth2::Client do
|
|
172
171
|
end
|
173
172
|
end
|
174
173
|
|
175
|
-
it
|
174
|
+
it 'provides the response in the Exception' do
|
176
175
|
begin
|
177
176
|
subject.request(:get, '/error')
|
178
|
-
rescue
|
177
|
+
rescue StandardError => e
|
179
178
|
expect(e.response).not_to be_nil
|
180
179
|
expect(e.to_s).to match(/unknown error/)
|
181
180
|
end
|
182
181
|
end
|
183
182
|
end
|
184
183
|
|
185
|
-
it
|
184
|
+
it 'instantiates an AuthCode strategy with this client' do
|
186
185
|
expect(subject.auth_code).to be_kind_of(OAuth2::Strategy::AuthCode)
|
187
186
|
end
|
188
187
|
|
189
|
-
it
|
188
|
+
it 'instantiates an Implicit strategy with this client' do
|
190
189
|
expect(subject.implicit).to be_kind_of(OAuth2::Strategy::Implicit)
|
191
190
|
end
|
192
191
|
|
193
|
-
context
|
192
|
+
context 'with SSL options' do
|
194
193
|
subject do
|
195
194
|
cli = OAuth2::Client.new('abc', 'def', :site => 'https://api.example.com', :ssl => {:ca_file => 'foo.pem'})
|
196
195
|
cli.connection.build do |b|
|
@@ -199,8 +198,8 @@ describe OAuth2::Client do
|
|
199
198
|
cli
|
200
199
|
end
|
201
200
|
|
202
|
-
it
|
203
|
-
expect(subject.connection.ssl).to eq(
|
201
|
+
it 'passes the SSL options along to Faraday::Connection#ssl' do
|
202
|
+
expect(subject.connection.ssl.fetch(:ca_file)).to eq('foo.pem')
|
204
203
|
end
|
205
204
|
end
|
206
205
|
end
|