oauth2 1.0.0 → 1.1.0

data/spec/oauth2/mac_token_spec.rb

@@ -1,119 +0,0 @@
-require 'helper'
-
-describe MACToken do
-  let(:token) { 'monkey' }
-  let(:client) do
-    Client.new('abc', 'def', :site => 'https://api.example.com') do |builder|
-      builder.request :url_encoded
-      builder.adapter :test do |stub|
-        VERBS.each do |verb|
-          stub.send(verb, '/token/header') { |env| [200, {}, env[:request_headers]['Authorization']] }
-        end
-      end
-    end
-  end
-
-  subject { MACToken.new(client, token, 'abc123') }
-
-  describe '#initialize' do
-    it 'assigns client and token' do
-      expect(subject.client).to eq(client)
-      expect(subject.token).to eq(token)
-    end
-
-    it 'assigns secret' do
-      expect(subject.secret).to eq('abc123')
-    end
-
-    it 'defaults algorithm to hmac-sha-256' do
-      expect(subject.algorithm).to be_instance_of(OpenSSL::Digest::SHA256)
-    end
-
-    it 'handles hmac-sha-256' do
-      mac = MACToken.new(client, token, 'abc123', :algorithm => 'hmac-sha-256')
-      expect(mac.algorithm).to be_instance_of(OpenSSL::Digest::SHA256)
-    end
-
-    it 'handles hmac-sha-1' do
-      mac = MACToken.new(client, token, 'abc123', :algorithm => 'hmac-sha-1')
-      expect(mac.algorithm).to be_instance_of(OpenSSL::Digest::SHA1)
-    end
-
-    it 'raises on improper algorithm' do
-      expect { MACToken.new(client, token, 'abc123', :algorithm => 'invalid-sha') }.to raise_error(ArgumentError)
-    end
-  end
-
-  describe '#request' do
-    VERBS.each do |verb|
-      it "sends the token in the Authorization header for a #{verb.to_s.upcase} request" do
-        expect(subject.post('/token/header').body).to include("MAC id=\"#{token}\"")
-      end
-    end
-  end
-
-  describe '#header' do
-    it 'does not generate the same header twice' do
-      header = subject.header('get', 'https://www.example.com/hello')
-      duplicate_header = subject.header('get', 'https://www.example.com/hello')
-
-      expect(header).to_not eq(duplicate_header)
-    end
-
-    it 'generates the proper format' do
-      header = subject.header('get', 'https://www.example.com/hello?a=1')
-      expect(header).to match(/MAC id="#{token}", ts="[0-9]+", nonce="[^"]+", mac="[^"]+"/)
-    end
-
-    it 'passes ArgumentError with an invalid url' do
-      expect { subject.header('get', 'this-is-not-valid') }.to raise_error(ArgumentError)
-    end
-
-    it 'passes URI::InvalidURIError through' do
-      expect { subject.header('get', nil) }.to raise_error(URI::InvalidURIError)
-    end
-  end
-
-  describe '#signature' do
-    it 'generates properly' do
-      signature = subject.signature(0, 'random-string', 'get', URI('https://www.google.com'))
-      expect(signature).to eq('rMDjVA3VJj3v1OmxM29QQljKia6msl5rjN83x3bZmi8=')
-    end
-  end
-
-  describe '#headers' do
-    it 'is an empty hash' do
-      expect(subject.headers).to eq({})
-    end
-  end
-
-  describe '.from_access_token' do
-    let(:access_token) do
-      AccessToken.new(
-        client, token,
-        :expires_at => 1,
-        :expires_in => 1,
-        :refresh_token => 'abc',
-        :random => 1
-      )
-    end
-
-    subject { MACToken.from_access_token(access_token, 'hello') }
-
-    it 'initializes client, token, and secret properly' do
-      expect(subject.client).to eq(client)
-      expect(subject.token).to eq(token)
-      expect(subject.secret).to eq('hello')
-    end
-
-    it 'initializes configuration options' do
-      expect(subject.expires_at).to eq(1)
-      expect(subject.expires_in).to eq(1)
-      expect(subject.refresh_token).to eq('abc')
-    end
-
-    it 'initializes params' do
-      expect(subject.params).to eq(:random => 1)
-    end
-  end
-end

data/spec/oauth2/response_spec.rb

@@ -1,91 +0,0 @@
-require 'helper'
-
-describe OAuth2::Response do
-  describe '#initialize' do
-    let(:status) { 200 }
-    let(:headers) { {'foo' => 'bar'} }
-    let(:body) { 'foo' }
-
-    it 'returns the status, headers and body' do
-      response = double('response', :headers => headers,
-                                    :status  => status,
-                                    :body    => body)
-      subject = Response.new(response)
-      expect(subject.headers).to eq(headers)
-      expect(subject.status).to eq(status)
-      expect(subject.body).to eq(body)
-    end
-  end
-
-  describe '.register_parser' do
-    let(:response) do
-      double('response', :headers => {'Content-Type' => 'application/foo-bar'},
-                         :status => 200,
-                         :body => 'baz')
-    end
-    before do
-      OAuth2::Response.register_parser(:foobar, 'application/foo-bar') do |body|
-        "foobar #{body}"
-      end
-    end
-
-    it 'adds to the content types and parsers' do
-      expect(OAuth2::Response::PARSERS.keys).to include(:foobar)
-      expect(OAuth2::Response::CONTENT_TYPES.keys).to include('application/foo-bar')
-    end
-
-    it 'is able to parse that content type automatically' do
-      expect(OAuth2::Response.new(response).parsed).to eq('foobar baz')
-    end
-  end
-
-  describe '#parsed' do
-    it 'parses application/x-www-form-urlencoded body' do
-      headers = {'Content-Type' => 'application/x-www-form-urlencoded'}
-      body = 'foo=bar&answer=42'
-      response = double('response', :headers => headers, :body => body)
-      subject = Response.new(response)
-      expect(subject.parsed.keys.size).to eq(2)
-      expect(subject.parsed['foo']).to eq('bar')
-      expect(subject.parsed['answer']).to eq('42')
-    end
-
-    it 'parses application/json body' do
-      headers = {'Content-Type' => 'application/json'}
-      body = MultiJson.encode(:foo => 'bar', :answer => 42)
-      response = double('response', :headers => headers, :body => body)
-      subject = Response.new(response)
-      expect(subject.parsed.keys.size).to eq(2)
-      expect(subject.parsed['foo']).to eq('bar')
-      expect(subject.parsed['answer']).to eq(42)
-    end
-
-    it "doesn't try to parse other content-types" do
-      headers = {'Content-Type' => 'text/html'}
-      body = '<!DOCTYPE html><html><head></head><body></body></html>'
-
-      response = double('response', :headers => headers, :body => body)
-
-      expect(MultiJson).not_to receive(:decode)
-      expect(MultiJson).not_to receive(:load)
-      expect(Rack::Utils).not_to receive(:parse_query)
-
-      subject = Response.new(response)
-      expect(subject.parsed).to be_nil
-    end
-  end
-
-  context 'xml parser registration' do
-    it 'tries to load multi_xml and use it' do
-      expect(OAuth2::Response::PARSERS[:xml]).not_to be_nil
-    end
-
-    it 'is able to parse xml' do
-      headers = {'Content-Type' => 'text/xml'}
-      body = '<?xml version="1.0" standalone="yes" ?><foo><bar>baz</bar></foo>'
-
-      response = double('response', :headers => headers, :body => body)
-      expect(OAuth2::Response.new(response).parsed).to eq('foo' => {'bar' => 'baz'})
-    end
-  end
-end

data/spec/oauth2/strategy/assertion_spec.rb

@@ -1,56 +0,0 @@
-require 'helper'
-
-describe OAuth2::Strategy::Assertion do
-  let(:client) do
-    cli = OAuth2::Client.new('abc', 'def', :site => 'http://api.example.com')
-    cli.connection.build do |b|
-      b.adapter :test do |stub|
-        stub.post('/oauth/token') do |env|
-          case @mode
-          when 'formencoded'
-            [200, {'Content-Type' => 'application/x-www-form-urlencoded'}, 'expires_in=600&access_token=salmon&refresh_token=trout']
-          when 'json'
-            [200, {'Content-Type' => 'application/json'}, '{"expires_in":600,"access_token":"salmon","refresh_token":"trout"}']
-          end
-        end
-      end
-    end
-    cli
-  end
-
-  let(:params) { {:hmac_secret => 'foo'} }
-
-  subject { client.assertion }
-
-  describe '#authorize_url' do
-    it 'raises NotImplementedError' do
-      expect { subject.authorize_url }.to raise_error(NotImplementedError)
-    end
-  end
-
-  %w(json formencoded).each do |mode|
-    describe "#get_token (#{mode})" do
-      before do
-        @mode = mode
-        @access = subject.get_token(params)
-      end
-
-      it 'returns AccessToken with same Client' do
-        expect(@access.client).to eq(client)
-      end
-
-      it 'returns AccessToken with #token' do
-        expect(@access.token).to eq('salmon')
-      end
-
-      it 'returns AccessToken with #expires_in' do
-        expect(@access.expires_in).to eq(600)
-      end
-
-      it 'returns AccessToken with #expires_at' do
-        expect(@access.expires_at).not_to be_nil
-      end
-    end
-  end
-
-end

data/spec/oauth2/strategy/auth_code_spec.rb

@@ -1,88 +0,0 @@
-require 'helper'
-
-describe OAuth2::Strategy::AuthCode do
-  let(:code) { 'sushi' }
-  let(:kvform_token) { 'expires_in=600&access_token=salmon&refresh_token=trout&extra_param=steve' }
-  let(:facebook_token) { kvform_token.gsub('_in', '') }
-  let(:json_token) { MultiJson.encode(:expires_in => 600, :access_token => 'salmon', :refresh_token => 'trout', :extra_param => 'steve') }
-
-  let(:client) do
-    OAuth2::Client.new('abc', 'def', :site => 'http://api.example.com') do |builder|
-      builder.adapter :test do |stub|
-        stub.get("/oauth/token?client_id=abc&client_secret=def&code=#{code}&grant_type=authorization_code") do |env|
-          case @mode
-          when 'formencoded'
-            [200, {'Content-Type' => 'application/x-www-form-urlencoded'}, kvform_token]
-          when 'json'
-            [200, {'Content-Type' => 'application/json'}, json_token]
-          when 'from_facebook'
-            [200, {'Content-Type' => 'application/x-www-form-urlencoded'}, facebook_token]
-          end
-        end
-        stub.post('/oauth/token', 'client_id' => 'abc', 'client_secret' => 'def', 'code' => 'sushi', 'grant_type' => 'authorization_code') do |env|
-          case @mode
-          when 'formencoded'
-            [200, {'Content-Type' => 'application/x-www-form-urlencoded'}, kvform_token]
-          when 'json'
-            [200, {'Content-Type' => 'application/json'}, json_token]
-          when 'from_facebook'
-            [200, {'Content-Type' => 'application/x-www-form-urlencoded'}, facebook_token]
-          end
-        end
-      end
-    end
-  end
-
-  subject { client.auth_code }
-
-  describe '#authorize_url' do
-    it 'includes the client_id' do
-      expect(subject.authorize_url).to include('client_id=abc')
-    end
-
-    it 'includes the type' do
-      expect(subject.authorize_url).to include('response_type=code')
-    end
-
-    it 'includes passed in options' do
-      cb = 'http://myserver.local/oauth/callback'
-      expect(subject.authorize_url(:redirect_uri => cb)).to include("redirect_uri=#{Rack::Utils.escape(cb)}")
-    end
-  end
-
-  %w(json formencoded from_facebook).each do |mode|
-    [:get, :post].each do |verb|
-      describe "#get_token (#{mode}, access_token_method=#{verb}" do
-        before do
-          @mode = mode
-          client.options[:token_method] = verb
-          @access = subject.get_token(code)
-        end
-
-        it 'returns AccessToken with same Client' do
-          expect(@access.client).to eq(client)
-        end
-
-        it 'returns AccessToken with #token' do
-          expect(@access.token).to eq('salmon')
-        end
-
-        it 'returns AccessToken with #refresh_token' do
-          expect(@access.refresh_token).to eq('trout')
-        end
-
-        it 'returns AccessToken with #expires_in' do
-          expect(@access.expires_in).to eq(600)
-        end
-
-        it 'returns AccessToken with #expires_at' do
-          expect(@access.expires_at).to be_kind_of(Integer)
-        end
-
-        it 'returns AccessToken with params accessible via []' do
-          expect(@access['extra_param']).to eq('steve')
-        end
-      end
-    end
-  end
-end

data/spec/oauth2/strategy/base_spec.rb

@@ -1,7 +0,0 @@
-require 'helper'
-
-describe OAuth2::Strategy::Base do
-  it 'initializes with a Client' do
-    expect { OAuth2::Strategy::Base.new(OAuth2::Client.new('abc', 'def')) }.not_to raise_error
-  end
-end

data/spec/oauth2/strategy/client_credentials_spec.rb

@@ -1,81 +0,0 @@
-require 'helper'
-
-describe OAuth2::Strategy::ClientCredentials do
-  let(:kvform_token) { 'expires_in=600&access_token=salmon&refresh_token=trout' }
-  let(:json_token) { '{"expires_in":600,"access_token":"salmon","refresh_token":"trout"}' }
-
-  let(:client) do
-    OAuth2::Client.new('abc', 'def', :site => 'http://api.example.com') do |builder|
-      builder.adapter :test do |stub|
-        stub.post('/oauth/token', 'grant_type' => 'client_credentials') do |env|
-          client_id, client_secret = Base64.decode64(env[:request_headers]['Authorization'].split(' ', 2)[1]).split(':', 2)
-          client_id == 'abc' && client_secret == 'def' || fail(Faraday::Adapter::Test::Stubs::NotFound)
-          case @mode
-          when 'formencoded'
-            [200, {'Content-Type' => 'application/x-www-form-urlencoded'}, kvform_token]
-          when 'json'
-            [200, {'Content-Type' => 'application/json'}, json_token]
-          end
-        end
-        stub.post('/oauth/token', 'client_id' => 'abc', 'client_secret' => 'def', 'grant_type' => 'client_credentials') do |env|
-          case @mode
-          when 'formencoded'
-            [200, {'Content-Type' => 'application/x-www-form-urlencoded'}, kvform_token]
-          when 'json'
-            [200, {'Content-Type' => 'application/json'}, json_token]
-          end
-        end
-      end
-    end
-  end
-
-  subject { client.client_credentials }
-
-  describe '#authorize_url' do
-    it 'raises NotImplementedError' do
-      expect { subject.authorize_url }.to raise_error(NotImplementedError)
-    end
-  end
-
-  describe '#authorization' do
-    it 'generates an Authorization header value for HTTP Basic Authentication' do
-      [
-        ['abc', 'def', 'Basic YWJjOmRlZg=='],
-        ['xxx', 'secret', 'Basic eHh4OnNlY3JldA==']
-      ].each do |client_id, client_secret, expected|
-        expect(subject.authorization(client_id, client_secret)).to eq(expected)
-      end
-    end
-  end
-
-  %w(json formencoded).each do |mode|
-    %w(default basic_auth request_body).each do |auth_scheme|
-      describe "#get_token (#{mode}) (#{auth_scheme})" do
-        before do
-          @mode = mode
-          @access = subject.get_token({}, auth_scheme == 'default' ? {} : {'auth_scheme' => auth_scheme})
-        end
-
-        it 'returns AccessToken with same Client' do
-          expect(@access.client).to eq(client)
-        end
-
-        it 'returns AccessToken with #token' do
-          expect(@access.token).to eq('salmon')
-        end
-
-        it 'returns AccessToken without #refresh_token' do
-          expect(@access.refresh_token).to be_nil
-        end
-
-        it 'returns AccessToken with #expires_in' do
-          expect(@access.expires_in).to eq(600)
-        end
-
-        it 'returns AccessToken with #expires_at' do
-          expect(@access.expires_at).not_to be_nil
-        end
-      end
-    end
-  end
-end