oauth2 1.4.2 → 1.4.7

data/spec/oauth2/mac_token_spec.rb

@@ -0,0 +1,117 @@
+describe OAuth2::MACToken do
+  subject { described_class.new(client, token, 'abc123') }
+
+  let(:token) { 'monkey' }
+  let(:client) do
+    OAuth2::Client.new('abc', 'def', :site => 'https://api.example.com') do |builder|
+      builder.request :url_encoded
+      builder.adapter :test do |stub|
+        VERBS.each do |verb|
+          stub.send(verb, '/token/header') { |env| [200, {}, env[:request_headers]['Authorization']] }
+        end
+      end
+    end
+  end
+
+  describe '#initialize' do
+    it 'assigns client and token' do
+      expect(subject.client).to eq(client)
+      expect(subject.token).to eq(token)
+    end
+
+    it 'assigns secret' do
+      expect(subject.secret).to eq('abc123')
+    end
+
+    it 'defaults algorithm to hmac-sha-256' do
+      expect(subject.algorithm).to be_instance_of(OpenSSL::Digest::SHA256)
+    end
+
+    it 'handles hmac-sha-256' do
+      mac = described_class.new(client, token, 'abc123', :algorithm => 'hmac-sha-256')
+      expect(mac.algorithm).to be_instance_of(OpenSSL::Digest::SHA256)
+    end
+
+    it 'handles hmac-sha-1' do
+      mac = described_class.new(client, token, 'abc123', :algorithm => 'hmac-sha-1')
+      expect(mac.algorithm).to be_instance_of(OpenSSL::Digest::SHA1)
+    end
+
+    it 'raises on improper algorithm' do
+      expect { described_class.new(client, token, 'abc123', :algorithm => 'invalid-sha') }.to raise_error(ArgumentError)
+    end
+  end
+
+  describe '#request' do
+    VERBS.each do |verb|
+      it "sends the token in the Authorization header for a #{verb.to_s.upcase} request" do
+        expect(subject.post('/token/header').body).to include("MAC id=\"#{token}\"")
+      end
+    end
+  end
+
+  describe '#header' do
+    it 'does not generate the same header twice' do
+      header = subject.header('get', 'https://www.example.com/hello')
+      duplicate_header = subject.header('get', 'https://www.example.com/hello')
+
+      expect(header).not_to eq(duplicate_header)
+    end
+
+    it 'generates the proper format' do
+      header = subject.header('get', 'https://www.example.com/hello?a=1')
+      expect(header).to match(/MAC id="#{token}", ts="[0-9]+", nonce="[^"]+", mac="[^"]+"/)
+    end
+
+    it 'passes ArgumentError with an invalid url' do
+      expect { subject.header('get', 'this-is-not-valid') }.to raise_error(ArgumentError)
+    end
+
+    it 'passes URI::InvalidURIError through' do
+      expect { subject.header('get', nil) }.to raise_error(URI::InvalidURIError)
+    end
+  end
+
+  describe '#signature' do
+    it 'generates properly' do
+      signature = subject.signature(0, 'random-string', 'get', URI('https://www.google.com'))
+      expect(signature).to eq('rMDjVA3VJj3v1OmxM29QQljKia6msl5rjN83x3bZmi8=')
+    end
+  end
+
+  describe '#headers' do
+    it 'is an empty hash' do
+      expect(subject.headers).to eq({})
+    end
+  end
+
+  describe '.from_access_token' do
+    subject { described_class.from_access_token(access_token, 'hello') }
+
+    let(:access_token) do
+      OAuth2::AccessToken.new(
+        client, token,
+        :expires_at => 1,
+        :expires_in => 1,
+        :refresh_token => 'abc',
+        :random => 1
+      )
+    end
+
+    it 'initializes client, token, and secret properly' do
+      expect(subject.client).to eq(client)
+      expect(subject.token).to eq(token)
+      expect(subject.secret).to eq('hello')
+    end
+
+    it 'initializes configuration options' do
+      expect(subject.expires_at).to eq(1)
+      expect(subject.expires_in).to eq(1)
+      expect(subject.refresh_token).to eq('abc')
+    end
+
+    it 'initializes params' do
+      expect(subject.params).to eq(:random => 1)
+    end
+  end
+end

data/spec/oauth2/response_spec.rb

@@ -0,0 +1,90 @@
+describe OAuth2::Response do
+  describe '#initialize' do
+    let(:status) { 200 }
+    let(:headers) { {'foo' => 'bar'} }
+    let(:body) { 'foo' }
+
+    it 'returns the status, headers and body' do
+      response = double('response', :headers => headers,
+                                    :status => status,
+                                    :body => body)
+      subject = described_class.new(response)
+      expect(subject.headers).to eq(headers)
+      expect(subject.status).to eq(status)
+      expect(subject.body).to eq(body)
+    end
+  end
+
+  describe '.register_parser' do
+    let(:response) do
+      double('response', :headers => {'Content-Type' => 'application/foo-bar'},
+                         :status => 200,
+                         :body => 'baz')
+    end
+
+    before do
+      described_class.register_parser(:foobar, 'application/foo-bar') do |body|
+        "foobar #{body}"
+      end
+    end
+
+    it 'adds to the content types and parsers' do
+      expect(described_class.send(:class_variable_get, :@@parsers).keys).to include(:foobar)
+      expect(described_class.send(:class_variable_get, :@@content_types).keys).to include('application/foo-bar')
+    end
+
+    it 'is able to parse that content type automatically' do
+      expect(described_class.new(response).parsed).to eq('foobar baz')
+    end
+  end
+
+  describe '#parsed' do
+    it 'parses application/x-www-form-urlencoded body' do
+      headers = {'Content-Type' => 'application/x-www-form-urlencoded'}
+      body = 'foo=bar&answer=42'
+      response = double('response', :headers => headers, :body => body)
+      subject = described_class.new(response)
+      expect(subject.parsed.keys.size).to eq(2)
+      expect(subject.parsed['foo']).to eq('bar')
+      expect(subject.parsed['answer']).to eq('42')
+    end
+
+    it 'parses application/json body' do
+      headers = {'Content-Type' => 'application/json'}
+      body = MultiJson.encode(:foo => 'bar', :answer => 42)
+      response = double('response', :headers => headers, :body => body)
+      subject = described_class.new(response)
+      expect(subject.parsed.keys.size).to eq(2)
+      expect(subject.parsed['foo']).to eq('bar')
+      expect(subject.parsed['answer']).to eq(42)
+    end
+
+    it "doesn't try to parse other content-types" do
+      headers = {'Content-Type' => 'text/html'}
+      body = '<!DOCTYPE html><html><head></head><body></body></html>'
+
+      response = double('response', :headers => headers, :body => body)
+
+      expect(MultiJson).not_to receive(:decode)
+      expect(MultiJson).not_to receive(:load)
+      expect(Rack::Utils).not_to receive(:parse_query)
+
+      subject = described_class.new(response)
+      expect(subject.parsed).to be_nil
+    end
+  end
+
+  context 'with xml parser registration' do
+    it 'tries to load multi_xml and use it' do
+      expect(described_class.send(:class_variable_get, :@@parsers)[:xml]).not_to be_nil
+    end
+
+    it 'is able to parse xml' do
+      headers = {'Content-Type' => 'text/xml'}
+      body = '<?xml version="1.0" standalone="yes" ?><foo><bar>baz</bar></foo>'
+
+      response = double('response', :headers => headers, :body => body)
+      expect(described_class.new(response).parsed).to eq('foo' => {'bar' => 'baz'})
+    end
+  end
+end

data/spec/oauth2/strategy/assertion_spec.rb

@@ -0,0 +1,58 @@
+describe OAuth2::Strategy::Assertion do
+  subject { client.assertion }
+
+  let(:client) do
+    cli = OAuth2::Client.new('abc', 'def', :site => 'http://api.example.com')
+    cli.connection.build do |b|
+      b.adapter :test do |stub|
+        stub.post('/oauth/token') do |env|
+          case @mode
+          when 'formencoded'
+            [200, {'Content-Type' => 'application/x-www-form-urlencoded'}, 'expires_in=600&access_token=salmon&refresh_token=trout']
+          when 'json'
+            [200, {'Content-Type' => 'application/json'}, '{"expires_in":600,"access_token":"salmon","refresh_token":"trout"}']
+          end
+        end
+      end
+    end
+    cli
+  end
+
+  let(:params) do
+    {
+      :hmac_secret => 'foo',
+      :exp => Time.now.utc.to_i + 3600,
+    }
+  end
+
+  describe '#authorize_url' do
+    it 'raises NotImplementedError' do
+      expect { subject.authorize_url }.to raise_error(NotImplementedError)
+    end
+  end
+
+  %w[json formencoded].each do |mode|
+    describe "#get_token (#{mode})" do
+      before do
+        @mode = mode
+        @access = subject.get_token(params)
+      end
+
+      it 'returns AccessToken with same Client' do
+        expect(@access.client).to eq(client)
+      end
+
+      it 'returns AccessToken with #token' do
+        expect(@access.token).to eq('salmon')
+      end
+
+      it 'returns AccessToken with #expires_in' do
+        expect(@access.expires_in).to eq(600)
+      end
+
+      it 'returns AccessToken with #expires_at' do
+        expect(@access.expires_at).not_to be_nil
+      end
+    end
+  end
+end

data/spec/oauth2/strategy/auth_code_spec.rb

@@ -0,0 +1,107 @@
+# encoding: utf-8
+
+describe OAuth2::Strategy::AuthCode do
+  subject { client.auth_code }
+
+  let(:code) { 'sushi' }
+  let(:kvform_token) { 'expires_in=600&access_token=salmon&refresh_token=trout&extra_param=steve' }
+  let(:facebook_token) { kvform_token.gsub('_in', '') }
+  let(:json_token) { MultiJson.encode(:expires_in => 600, :access_token => 'salmon', :refresh_token => 'trout', :extra_param => 'steve') }
+
+  let(:client) do
+    OAuth2::Client.new('abc', 'def', :site => 'http://api.example.com') do |builder|
+      builder.adapter :test do |stub|
+        stub.get("/oauth/token?client_id=abc&client_secret=def&code=#{code}&grant_type=authorization_code") do |env|
+          case @mode
+          when 'formencoded'
+            [200, {'Content-Type' => 'application/x-www-form-urlencoded'}, kvform_token]
+          when 'json'
+            [200, {'Content-Type' => 'application/json'}, json_token]
+          when 'from_facebook'
+            [200, {'Content-Type' => 'application/x-www-form-urlencoded'}, facebook_token]
+          end
+        end
+        stub.post('/oauth/token', 'client_id' => 'abc', 'client_secret' => 'def', 'code' => 'sushi', 'grant_type' => 'authorization_code') do |env|
+          case @mode
+          when 'formencoded'
+            [200, {'Content-Type' => 'application/x-www-form-urlencoded'}, kvform_token]
+          when 'json'
+            [200, {'Content-Type' => 'application/json'}, json_token]
+          when 'from_facebook'
+            [200, {'Content-Type' => 'application/x-www-form-urlencoded'}, facebook_token]
+          end
+        end
+      end
+    end
+  end
+
+  describe '#authorize_url' do
+    it 'includes the client_id' do
+      expect(subject.authorize_url).to include('client_id=abc')
+    end
+
+    it 'includes the type' do
+      expect(subject.authorize_url).to include('response_type=code')
+    end
+
+    it 'includes passed in options' do
+      cb = 'http://myserver.local/oauth/callback'
+      expect(subject.authorize_url(:redirect_uri => cb)).to include("redirect_uri=#{Rack::Utils.escape(cb)}")
+    end
+  end
+
+  describe '#get_token (handling utf-8 data)' do
+    let(:json_token) { MultiJson.encode(:expires_in => 600, :access_token => 'salmon', :refresh_token => 'trout', :extra_param => 'André') }
+
+    before do
+      @mode = 'json'
+      client.options[:token_method] = :post
+    end
+
+    it 'does not raise an error' do
+      expect { subject.get_token(code) }.not_to raise_error
+    end
+
+    it 'does not create an error instance' do
+      expect(OAuth2::Error).not_to receive(:new)
+
+      subject.get_token(code)
+    end
+  end
+
+  %w[json formencoded from_facebook].each do |mode|
+    [:get, :post].each do |verb|
+      describe "#get_token (#{mode}, access_token_method=#{verb}" do
+        before do
+          @mode = mode
+          client.options[:token_method] = verb
+          @access = subject.get_token(code)
+        end
+
+        it 'returns AccessToken with same Client' do
+          expect(@access.client).to eq(client)
+        end
+
+        it 'returns AccessToken with #token' do
+          expect(@access.token).to eq('salmon')
+        end
+
+        it 'returns AccessToken with #refresh_token' do
+          expect(@access.refresh_token).to eq('trout')
+        end
+
+        it 'returns AccessToken with #expires_in' do
+          expect(@access.expires_in).to eq(600)
+        end
+
+        it 'returns AccessToken with #expires_at' do
+          expect(@access.expires_at).to be_kind_of(Integer)
+        end
+
+        it 'returns AccessToken with params accessible via []' do
+          expect(@access['extra_param']).to eq('steve')
+        end
+      end
+    end
+  end
+end

data/spec/oauth2/strategy/base_spec.rb

@@ -0,0 +1,5 @@
+describe OAuth2::Strategy::Base do
+  it 'initializes with a Client' do
+    expect { described_class.new(OAuth2::Client.new('abc', 'def')) }.not_to raise_error
+  end
+end

data/spec/oauth2/strategy/client_credentials_spec.rb

@@ -0,0 +1,69 @@
+describe OAuth2::Strategy::ClientCredentials do
+  subject { client.client_credentials }
+
+  let(:kvform_token) { 'expires_in=600&access_token=salmon&refresh_token=trout' }
+  let(:json_token) { '{"expires_in":600,"access_token":"salmon","refresh_token":"trout"}' }
+
+  let(:client) do
+    OAuth2::Client.new('abc', 'def', :site => 'http://api.example.com') do |builder|
+      builder.adapter :test do |stub|
+        stub.post('/oauth/token', 'grant_type' => 'client_credentials') do |env|
+          client_id, client_secret = Base64.decode64(env[:request_headers]['Authorization'].split(' ', 2)[1]).split(':', 2)
+          client_id == 'abc' && client_secret == 'def' || raise(Faraday::Adapter::Test::Stubs::NotFound)
+          case @mode
+          when 'formencoded'
+            [200, {'Content-Type' => 'application/x-www-form-urlencoded'}, kvform_token]
+          when 'json'
+            [200, {'Content-Type' => 'application/json'}, json_token]
+          end
+        end
+        stub.post('/oauth/token', 'client_id' => 'abc', 'client_secret' => 'def', 'grant_type' => 'client_credentials') do |env|
+          case @mode
+          when 'formencoded'
+            [200, {'Content-Type' => 'application/x-www-form-urlencoded'}, kvform_token]
+          when 'json'
+            [200, {'Content-Type' => 'application/json'}, json_token]
+          end
+        end
+      end
+    end
+  end
+
+  describe '#authorize_url' do
+    it 'raises NotImplementedError' do
+      expect { subject.authorize_url }.to raise_error(NotImplementedError)
+    end
+  end
+
+  %w[json formencoded].each do |mode|
+    [:basic_auth, :request_body].each do |auth_scheme|
+      describe "#get_token (#{mode}) (#{auth_scheme})" do
+        before do
+          @mode = mode
+          client.options[:auth_scheme] = auth_scheme
+          @access = subject.get_token
+        end
+
+        it 'returns AccessToken with same Client' do
+          expect(@access.client).to eq(client)
+        end
+
+        it 'returns AccessToken with #token' do
+          expect(@access.token).to eq('salmon')
+        end
+
+        it 'returns AccessToken without #refresh_token' do
+          expect(@access.refresh_token).to be_nil
+        end
+
+        it 'returns AccessToken with #expires_in' do
+          expect(@access.expires_in).to eq(600)
+        end
+
+        it 'returns AccessToken with #expires_at' do
+          expect(@access.expires_at).not_to be_nil
+        end
+      end
+    end
+  end
+end