oauth2 1.4.4 → 1.4.8

data/spec/oauth2/response_spec.rb

@@ -0,0 +1,90 @@
+describe OAuth2::Response do
+  describe '#initialize' do
+    let(:status) { 200 }
+    let(:headers) { {'foo' => 'bar'} }
+    let(:body) { 'foo' }
+
+    it 'returns the status, headers and body' do
+      response = double('response', :headers => headers,
+                                    :status => status,
+                                    :body => body)
+      subject = described_class.new(response)
+      expect(subject.headers).to eq(headers)
+      expect(subject.status).to eq(status)
+      expect(subject.body).to eq(body)
+    end
+  end
+
+  describe '.register_parser' do
+    let(:response) do
+      double('response', :headers => {'Content-Type' => 'application/foo-bar'},
+                         :status => 200,
+                         :body => 'baz')
+    end
+
+    before do
+      described_class.register_parser(:foobar, 'application/foo-bar') do |body|
+        "foobar #{body}"
+      end
+    end
+
+    it 'adds to the content types and parsers' do
+      expect(described_class.send(:class_variable_get, :@@parsers).keys).to include(:foobar)
+      expect(described_class.send(:class_variable_get, :@@content_types).keys).to include('application/foo-bar')
+    end
+
+    it 'is able to parse that content type automatically' do
+      expect(described_class.new(response).parsed).to eq('foobar baz')
+    end
+  end
+
+  describe '#parsed' do
+    it 'parses application/x-www-form-urlencoded body' do
+      headers = {'Content-Type' => 'application/x-www-form-urlencoded'}
+      body = 'foo=bar&answer=42'
+      response = double('response', :headers => headers, :body => body)
+      subject = described_class.new(response)
+      expect(subject.parsed.keys.size).to eq(2)
+      expect(subject.parsed['foo']).to eq('bar')
+      expect(subject.parsed['answer']).to eq('42')
+    end
+
+    it 'parses application/json body' do
+      headers = {'Content-Type' => 'application/json'}
+      body = MultiJson.encode(:foo => 'bar', :answer => 42)
+      response = double('response', :headers => headers, :body => body)
+      subject = described_class.new(response)
+      expect(subject.parsed.keys.size).to eq(2)
+      expect(subject.parsed['foo']).to eq('bar')
+      expect(subject.parsed['answer']).to eq(42)
+    end
+
+    it "doesn't try to parse other content-types" do
+      headers = {'Content-Type' => 'text/html'}
+      body = '<!DOCTYPE html><html><head></head><body></body></html>'
+
+      response = double('response', :headers => headers, :body => body)
+
+      expect(MultiJson).not_to receive(:decode)
+      expect(MultiJson).not_to receive(:load)
+      expect(Rack::Utils).not_to receive(:parse_query)
+
+      subject = described_class.new(response)
+      expect(subject.parsed).to be_nil
+    end
+  end
+
+  context 'with xml parser registration' do
+    it 'tries to load multi_xml and use it' do
+      expect(described_class.send(:class_variable_get, :@@parsers)[:xml]).not_to be_nil
+    end
+
+    it 'is able to parse xml' do
+      headers = {'Content-Type' => 'text/xml'}
+      body = '<?xml version="1.0" standalone="yes" ?><foo><bar>baz</bar></foo>'
+
+      response = double('response', :headers => headers, :body => body)
+      expect(described_class.new(response).parsed).to eq('foo' => {'bar' => 'baz'})
+    end
+  end
+end

data/spec/oauth2/strategy/assertion_spec.rb

@@ -0,0 +1,59 @@
+describe OAuth2::Strategy::Assertion do
+  subject { client.assertion }
+
+  let(:client) do
+    cli = OAuth2::Client.new('abc', 'def', :site => 'http://api.example.com')
+    cli.connection = Faraday.new(cli.site, cli.options[:connection_opts]) do |b|
+      b.request :url_encoded
+      b.adapter :test do |stub|
+        stub.post('/oauth/token') do |env|
+          case @mode
+          when 'formencoded'
+            [200, {'Content-Type' => 'application/x-www-form-urlencoded'}, 'expires_in=600&access_token=salmon&refresh_token=trout']
+          when 'json'
+            [200, {'Content-Type' => 'application/json'}, '{"expires_in":600,"access_token":"salmon","refresh_token":"trout"}']
+          end
+        end
+      end
+    end
+    cli
+  end
+
+  let(:params) do
+    {
+      :hmac_secret => 'foo',
+      :exp => Time.now.utc.to_i + 3600,
+    }
+  end
+
+  describe '#authorize_url' do
+    it 'raises NotImplementedError' do
+      expect { subject.authorize_url }.to raise_error(NotImplementedError)
+    end
+  end
+
+  %w[json formencoded].each do |mode|
+    describe "#get_token (#{mode})" do
+      before do
+        @mode = mode
+        @access = subject.get_token(params)
+      end
+
+      it 'returns AccessToken with same Client' do
+        expect(@access.client).to eq(client)
+      end
+
+      it 'returns AccessToken with #token' do
+        expect(@access.token).to eq('salmon')
+      end
+
+      it 'returns AccessToken with #expires_in' do
+        expect(@access.expires_in).to eq(600)
+      end
+
+      it 'returns AccessToken with #expires_at' do
+        expect(@access.expires_at).not_to be_nil
+      end
+    end
+  end
+end

data/spec/oauth2/strategy/auth_code_spec.rb

@@ -0,0 +1,107 @@
+# encoding: utf-8
+
+describe OAuth2::Strategy::AuthCode do
+  subject { client.auth_code }
+
+  let(:code) { 'sushi' }
+  let(:kvform_token) { 'expires_in=600&access_token=salmon&refresh_token=trout&extra_param=steve' }
+  let(:facebook_token) { kvform_token.gsub('_in', '') }
+  let(:json_token) { MultiJson.encode(:expires_in => 600, :access_token => 'salmon', :refresh_token => 'trout', :extra_param => 'steve') }
+
+  let(:client) do
+    OAuth2::Client.new('abc', 'def', :site => 'http://api.example.com') do |builder|
+      builder.adapter :test do |stub|
+        stub.get("/oauth/token?client_id=abc&client_secret=def&code=#{code}&grant_type=authorization_code") do |env|
+          case @mode
+          when 'formencoded'
+            [200, {'Content-Type' => 'application/x-www-form-urlencoded'}, kvform_token]
+          when 'json'
+            [200, {'Content-Type' => 'application/json'}, json_token]
+          when 'from_facebook'
+            [200, {'Content-Type' => 'application/x-www-form-urlencoded'}, facebook_token]
+          end
+        end
+        stub.post('/oauth/token', 'client_id' => 'abc', 'client_secret' => 'def', 'code' => 'sushi', 'grant_type' => 'authorization_code') do |env|
+          case @mode
+          when 'formencoded'
+            [200, {'Content-Type' => 'application/x-www-form-urlencoded'}, kvform_token]
+          when 'json'
+            [200, {'Content-Type' => 'application/json'}, json_token]
+          when 'from_facebook'
+            [200, {'Content-Type' => 'application/x-www-form-urlencoded'}, facebook_token]
+          end
+        end
+      end
+    end
+  end
+
+  describe '#authorize_url' do
+    it 'includes the client_id' do
+      expect(subject.authorize_url).to include('client_id=abc')
+    end
+
+    it 'includes the type' do
+      expect(subject.authorize_url).to include('response_type=code')
+    end
+
+    it 'includes passed in options' do
+      cb = 'http://myserver.local/oauth/callback'
+      expect(subject.authorize_url(:redirect_uri => cb)).to include("redirect_uri=#{Rack::Utils.escape(cb)}")
+    end
+  end
+
+  describe '#get_token (handling utf-8 data)' do
+    let(:json_token) { MultiJson.encode(:expires_in => 600, :access_token => 'salmon', :refresh_token => 'trout', :extra_param => 'André') }
+
+    before do
+      @mode = 'json'
+      client.options[:token_method] = :post
+    end
+
+    it 'does not raise an error' do
+      expect { subject.get_token(code) }.not_to raise_error
+    end
+
+    it 'does not create an error instance' do
+      expect(OAuth2::Error).not_to receive(:new)
+
+      subject.get_token(code)
+    end
+  end
+
+  %w[json formencoded from_facebook].each do |mode|
+    [:get, :post].each do |verb|
+      describe "#get_token (#{mode}, access_token_method=#{verb}" do
+        before do
+          @mode = mode
+          client.options[:token_method] = verb
+          @access = subject.get_token(code)
+        end
+
+        it 'returns AccessToken with same Client' do
+          expect(@access.client).to eq(client)
+        end
+
+        it 'returns AccessToken with #token' do
+          expect(@access.token).to eq('salmon')
+        end
+
+        it 'returns AccessToken with #refresh_token' do
+          expect(@access.refresh_token).to eq('trout')
+        end
+
+        it 'returns AccessToken with #expires_in' do
+          expect(@access.expires_in).to eq(600)
+        end
+
+        it 'returns AccessToken with #expires_at' do
+          expect(@access.expires_at).to be_kind_of(Integer)
+        end
+
+        it 'returns AccessToken with params accessible via []' do
+          expect(@access['extra_param']).to eq('steve')
+        end
+      end
+    end
+  end
+end

data/spec/oauth2/strategy/base_spec.rb

@@ -0,0 +1,5 @@
+describe OAuth2::Strategy::Base do
+  it 'initializes with a Client' do
+    expect { described_class.new(OAuth2::Client.new('abc', 'def')) }.not_to raise_error
+  end
+end

data/spec/oauth2/strategy/client_credentials_spec.rb

@@ -0,0 +1,69 @@
+describe OAuth2::Strategy::ClientCredentials do
+  subject { client.client_credentials }
+
+  let(:kvform_token) { 'expires_in=600&access_token=salmon&refresh_token=trout' }
+  let(:json_token) { '{"expires_in":600,"access_token":"salmon","refresh_token":"trout"}' }
+
+  let(:client) do
+    OAuth2::Client.new('abc', 'def', :site => 'http://api.example.com') do |builder|
+      builder.adapter :test do |stub|
+        stub.post('/oauth/token', 'grant_type' => 'client_credentials') do |env|
+          client_id, client_secret = Base64.decode64(env[:request_headers]['Authorization'].split(' ', 2)[1]).split(':', 2)
+          (client_id == 'abc' && client_secret == 'def') || raise(Faraday::Adapter::Test::Stubs::NotFound)
+          case @mode
+          when 'formencoded'
+            [200, {'Content-Type' => 'application/x-www-form-urlencoded'}, kvform_token]
+          when 'json'
+            [200, {'Content-Type' => 'application/json'}, json_token]
+          end
+        end
+        stub.post('/oauth/token', 'client_id' => 'abc', 'client_secret' => 'def', 'grant_type' => 'client_credentials') do |env|
+          case @mode
+          when 'formencoded'
+            [200, {'Content-Type' => 'application/x-www-form-urlencoded'}, kvform_token]
+          when 'json'
+            [200, {'Content-Type' => 'application/json'}, json_token]
+          end
+        end
+      end
+    end
+  end
+
+  describe '#authorize_url' do
+    it 'raises NotImplementedError' do
+      expect { subject.authorize_url }.to raise_error(NotImplementedError)
+    end
+  end
+
+  %w[json formencoded].each do |mode|
+    [:basic_auth, :request_body].each do |auth_scheme|
+      describe "#get_token (#{mode}) (#{auth_scheme})" do
+        before do
+          @mode = mode
+          client.options[:auth_scheme] = auth_scheme
+          @access = subject.get_token
+        end
+
+        it 'returns AccessToken with same Client' do
+          expect(@access.client).to eq(client)
+        end
+
+        it 'returns AccessToken with #token' do
+          expect(@access.token).to eq('salmon')
+        end
+
+        it 'returns AccessToken without #refresh_token' do
+          expect(@access.refresh_token).to be_nil
+        end
+
+        it 'returns AccessToken with #expires_in' do
+          expect(@access.expires_in).to eq(600)
+        end
+
+        it 'returns AccessToken with #expires_at' do
+          expect(@access.expires_at).not_to be_nil
+        end
+      end
+    end
+  end
+end

data/spec/oauth2/strategy/implicit_spec.rb

@@ -0,0 +1,26 @@
+describe OAuth2::Strategy::Implicit do
+  subject { client.implicit }
+
+  let(:client) { OAuth2::Client.new('abc', 'def', :site => 'http://api.example.com') }
+
+  describe '#authorize_url' do
+    it 'includes the client_id' do
+      expect(subject.authorize_url).to include('client_id=abc')
+    end
+
+    it 'includes the type' do
+      expect(subject.authorize_url).to include('response_type=token')
+    end
+
+    it 'includes passed in options' do
+      cb = 'http://myserver.local/oauth/callback'
+      expect(subject.authorize_url(:redirect_uri => cb)).to include("redirect_uri=#{Rack::Utils.escape(cb)}")
+    end
+  end
+
+  describe '#get_token' do
+    it 'raises NotImplementedError' do
+      expect { subject.get_token }.to raise_error(NotImplementedError)
+    end
+  end
+end

data/spec/oauth2/strategy/password_spec.rb

@@ -0,0 +1,56 @@
+describe OAuth2::Strategy::Password do
+  subject { client.password }
+
+  let(:client) do
+    cli = OAuth2::Client.new('abc', 'def', :site => 'http://api.example.com')
+    cli.connection = Faraday.new(cli.site, cli.options[:connection_opts]) do |b|
+      b.request :url_encoded
+      b.adapter :test do |stub|
+        stub.post('/oauth/token') do |env|
+          case @mode
+          when 'formencoded'
+            [200, {'Content-Type' => 'application/x-www-form-urlencoded'}, 'expires_in=600&access_token=salmon&refresh_token=trout']
+          when 'json'
+            [200, {'Content-Type' => 'application/json'}, '{"expires_in":600,"access_token":"salmon","refresh_token":"trout"}']
+          end
+        end
+      end
+    end
+    cli
+  end
+
+  describe '#authorize_url' do
+    it 'raises NotImplementedError' do
+      expect { subject.authorize_url }.to raise_error(NotImplementedError)
+    end
+  end
+
+  %w[json formencoded].each do |mode|
+    describe "#get_token (#{mode})" do
+      before do
+        @mode = mode
+        @access = subject.get_token('username', 'password')
+      end
+
+      it 'returns AccessToken with same Client' do
+        expect(@access.client).to eq(client)
+      end
+
+      it 'returns AccessToken with #token' do
+        expect(@access.token).to eq('salmon')
+      end
+
+      it 'returns AccessToken with #refresh_token' do
+        expect(@access.refresh_token).to eq('trout')
+      end
+
+      it 'returns AccessToken with #expires_in' do
+        expect(@access.expires_in).to eq(600)
+      end
+
+      it 'returns AccessToken with #expires_at' do
+        expect(@access.expires_at).not_to be_nil
+      end
+    end
+  end
+end

data/spec/oauth2/version_spec.rb

@@ -0,0 +1,23 @@
+# frozen_string_literal: true
+
+RSpec.describe OAuth2::Version do
+  it 'has a version number' do
+    expect(described_class).not_to be nil
+  end
+
+  it 'can be a string' do
+    expect(described_class.to_s).to be_a(String)
+  end
+
+  it 'allows Constant access' do
+    expect(described_class::VERSION).to be_a(String)
+  end
+
+  it 'is greater than 0.1.0' do
+    expect(Gem::Version.new(described_class) > Gem::Version.new('0.1.0')).to be(true)
+  end
+
+  it 'is not a pre-release' do
+    expect(Gem::Version.new(described_class).prerelease?).to be(false)
+  end
+end

metadata

@@ -1,16 +1,16 @@
 --- !ruby/object:Gem::Specification
 name: oauth2
 version: !ruby/object:Gem::Version
-  version: 1.4.4
+  version: 1.4.8
 platform: ruby
 authors:
 - Peter Boling
 - Michael Bleigh
 - Erik Michaels-Ober
-autorequire: 
+autorequire:
 bindir: exe
 cert_chain: []
-date: 2020-02-13 00:00:00.000000000 Z
+date: 2022-02-18 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: faraday
@@ -21,7 +21,7 @@ dependencies:
         version: '0.8'
     - - "<"
       - !ruby/object:Gem::Version
-        version: '2.0'
+        version: '3.0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
@@ -31,7 +31,7 @@ dependencies:
         version: '0.8'
     - - "<"
       - !ruby/object:Gem::Version
-        version: '2.0'
+        version: '3.0'
 - !ruby/object:Gem::Dependency
   name: jwt
   requirement: !ruby/object:Gem::Requirement
@@ -142,20 +142,6 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: '1.16'
-- !ruby/object:Gem::Dependency
-  name: coveralls
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '0.8'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '0.8'
 - !ruby/object:Gem::Dependency
   name: rake
   requirement: !ruby/object:Gem::Requirement
@@ -205,7 +191,7 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '3.0'
 - !ruby/object:Gem::Dependency
-  name: rspec-stubbed_env
+  name: rspec-block_is_expected
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -233,7 +219,7 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
-  name: rspec-block_is_expected
+  name: rspec-stubbed_env
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -282,38 +268,10 @@ executables: []
 extensions: []
 extra_rdoc_files: []
 files:
-- ".document"
-- ".gitignore"
-- ".jrubyrc"
-- ".rspec"
-- ".rubocop.yml"
-- ".rubocop_rspec.yml"
-- ".rubocop_todo.yml"
-- ".ruby-version"
-- ".travis.yml"
 - CHANGELOG.md
 - CODE_OF_CONDUCT.md
-- CONTRIBUTING.md
-- Gemfile
 - LICENSE
 - README.md
-- Rakefile
-- gemfiles/jruby_1.7.gemfile
-- gemfiles/jruby_9.0.gemfile
-- gemfiles/jruby_9.1.gemfile
-- gemfiles/jruby_9.2.gemfile
-- gemfiles/jruby_head.gemfile
-- gemfiles/ruby_1.9.gemfile
-- gemfiles/ruby_2.0.gemfile
-- gemfiles/ruby_2.1.gemfile
-- gemfiles/ruby_2.2.gemfile
-- gemfiles/ruby_2.3.gemfile
-- gemfiles/ruby_2.4.gemfile
-- gemfiles/ruby_2.5.gemfile
-- gemfiles/ruby_2.6.gemfile
-- gemfiles/ruby_2.7.gemfile
-- gemfiles/ruby_head.gemfile
-- gemfiles/truffleruby.gemfile
 - lib/oauth2.rb
 - lib/oauth2/access_token.rb
 - lib/oauth2/authenticator.rb
@@ -328,17 +286,30 @@ files:
 - lib/oauth2/strategy/implicit.rb
 - lib/oauth2/strategy/password.rb
 - lib/oauth2/version.rb
-- oauth2.gemspec
+- spec/helper.rb
+- spec/oauth2/access_token_spec.rb
+- spec/oauth2/authenticator_spec.rb
+- spec/oauth2/client_spec.rb
+- spec/oauth2/mac_token_spec.rb
+- spec/oauth2/response_spec.rb
+- spec/oauth2/strategy/assertion_spec.rb
+- spec/oauth2/strategy/auth_code_spec.rb
+- spec/oauth2/strategy/base_spec.rb
+- spec/oauth2/strategy/client_credentials_spec.rb
+- spec/oauth2/strategy/implicit_spec.rb
+- spec/oauth2/strategy/password_spec.rb
+- spec/oauth2/version_spec.rb
 homepage: https://github.com/oauth-xx/oauth2
 licenses:
 - MIT
 metadata:
   bug_tracker_uri: https://github.com/oauth-xx/oauth2/issues
-  changelog_uri: https://github.com/oauth-xx/oauth2/blob/v1.4.4/CHANGELOG.md
-  documentation_uri: https://www.rubydoc.info/gems/oauth2/1.4.4
-  source_code_uri: https://github.com/oauth-xx/oauth2/tree/v1.4.4
+  changelog_uri: https://github.com/oauth-xx/oauth2/blob/v1.4.8/CHANGELOG.md
+  documentation_uri: https://www.rubydoc.info/gems/oauth2/1.4.8
+  source_code_uri: https://github.com/oauth-xx/oauth2/tree/v1.4.8
   wiki_uri: https://github.com/oauth-xx/oauth2/wiki
-post_install_message: 
+  rubygems_mfa_required: 'true'
+post_install_message:
 rdoc_options: []
 require_paths:
 - lib
@@ -353,8 +324,21 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: 1.3.5
 requirements: []
-rubygems_version: 3.1.2
-signing_key: 
+rubygems_version: 3.3.7
+signing_key:
 specification_version: 4
 summary: A Ruby wrapper for the OAuth 2.0 protocol.
-test_files: []
+test_files:
+- spec/helper.rb
+- spec/oauth2/access_token_spec.rb
+- spec/oauth2/authenticator_spec.rb
+- spec/oauth2/client_spec.rb
+- spec/oauth2/mac_token_spec.rb
+- spec/oauth2/response_spec.rb
+- spec/oauth2/strategy/assertion_spec.rb
+- spec/oauth2/strategy/auth_code_spec.rb
+- spec/oauth2/strategy/base_spec.rb
+- spec/oauth2/strategy/client_credentials_spec.rb
+- spec/oauth2/strategy/implicit_spec.rb
+- spec/oauth2/strategy/password_spec.rb
+- spec/oauth2/version_spec.rb

data/.document

@@ -1,5 +0,0 @@
-README.rdoc
-lib/**/*.rb
-bin/*
-features/**/*.feature
-LICENSE

data/.gitignore

@@ -1,19 +0,0 @@
-*.gem
-*~
-.bundle
-.rvmrc
-Gemfile.lock
-coverage/*
-log/*
-measurement/*
-pkg/*
-rdoc/*
-
-# rspec failure tracking
-.rspec_status
-
-# gemfiles for CI
-/gemfiles/*.gemfile.lock
-
-# CI bundle
-/gemfiles/vendor/

data/.jrubyrc

@@ -1 +0,0 @@
-debug.fullTrace=true

data/.rspec

@@ -1,2 +0,0 @@
---color
---order random