oauth2 1.4.9 → 2.0.1

data/spec/oauth2/response_spec.rb

@@ -1,96 +0,0 @@
-# frozen_string_literal: true
-
-describe OAuth2::Response do
-  describe '#initialize' do
-    let(:status) { 200 }
-    let(:headers) { {'foo' => 'bar'} }
-    let(:body) { 'foo' }
-
-    it 'returns the status, headers and body' do
-      response = double('response', :headers => headers,
-                                    :status => status,
-                                    :body => body)
-      subject = described_class.new(response)
-      expect(subject.headers).to eq(headers)
-      expect(subject.status).to eq(status)
-      expect(subject.body).to eq(body)
-    end
-  end
-
-  describe '.register_parser' do
-    let(:response) do
-      double('response', :headers => {'Content-Type' => 'application/foo-bar'},
-                         :status => 200,
-                         :body => 'baz')
-    end
-
-    before do
-      described_class.register_parser(:foobar, 'application/foo-bar') do |body|
-        "foobar #{body}"
-      end
-    end
-
-    it 'adds to the content types and parsers' do
-      expect(described_class.send(:class_variable_get, :@@parsers).keys).to include(:foobar)
-      expect(described_class.send(:class_variable_get, :@@content_types).keys).to include('application/foo-bar')
-    end
-
-    it 'is able to parse that content type automatically' do
-      expect(described_class.new(response).parsed).to eq('foobar baz')
-    end
-  end
-
-  describe '#parsed' do
-    it 'parses application/x-www-form-urlencoded body' do
-      headers = {'Content-Type' => 'application/x-www-form-urlencoded'}
-      body = 'foo=bar&answer=42'
-      response = double('response', :headers => headers, :body => body)
-      subject = described_class.new(response)
-      expect(subject.parsed.keys.size).to eq(2)
-      expect(subject.parsed['foo']).to eq('bar')
-      expect(subject.parsed['answer']).to eq('42')
-    end
-
-    it 'parses application/json body' do
-      headers = {'Content-Type' => 'application/json'}
-      body = MultiJson.encode(:foo => 'bar', :answer => 42)
-      response = double('response', :headers => headers, :body => body)
-      subject = described_class.new(response)
-      expect(subject.parsed.keys.size).to eq(2)
-      expect(subject.parsed['foo']).to eq('bar')
-      expect(subject.parsed['answer']).to eq(42)
-    end
-
-    it "doesn't try to parse other content-types" do
-      headers = {'Content-Type' => 'text/html'}
-      body = '<!DOCTYPE html><html><head></head><body></body></html>'
-
-      response = double('response', :headers => headers, :body => body)
-
-      expect(MultiJson).not_to receive(:decode)
-      expect(MultiJson).not_to receive(:load)
-      expect(Rack::Utils).not_to receive(:parse_query)
-
-      subject = described_class.new(response)
-      expect(subject.parsed).to be_nil
-    end
-  end
-
-  context 'with xml parser registration' do
-    before do
-      MultiXml.parser = :rexml
-    end
-
-    it 'tries to load multi_xml and use it' do
-      expect(described_class.send(:class_variable_get, :@@parsers)[:xml]).not_to be_nil
-    end
-
-    it 'is able to parse xml' do
-      headers = {'Content-Type' => 'text/xml'}
-      body = '<?xml version="1.0" standalone="yes" ?><foo><bar>baz</bar></foo>'
-
-      response = double('response', :headers => headers, :body => body)
-      expect(described_class.new(response).parsed).to eq('foo' => {'bar' => 'baz'})
-    end
-  end
-end

data/spec/oauth2/strategy/assertion_spec.rb

@@ -1,113 +0,0 @@
-# frozen_string_literal: true
-
-require 'openssl'
-
-describe OAuth2::Strategy::Assertion do
-  let(:client_assertion) { client.assertion }
-
-  let(:client) do
-    cli = OAuth2::Client.new('abc', 'def', :site => 'http://api.example.com')
-    cli.connection = Faraday.new(cli.site, cli.options[:connection_opts]) do |b|
-      b.request :url_encoded
-      b.adapter :test do |stub|
-        stub.post('/oauth/token') do |env|
-          case @mode
-          when 'formencoded'
-            [200, {'Content-Type' => 'application/x-www-form-urlencoded'}, 'expires_in=600&access_token=salmon&refresh_token=trout']
-          when 'json'
-            [200, {'Content-Type' => 'application/json'}, '{"expires_in":600,"access_token":"salmon","refresh_token":"trout"}']
-          end
-        end
-      end
-    end
-    cli
-  end
-
-  let(:params) do
-    {
-      :hmac_secret => 'foo',
-      :exp => Time.now.utc.to_i + 3600,
-    }
-  end
-
-  describe '#authorize_url' do
-    it 'raises NotImplementedError' do
-      expect { client_assertion.authorize_url }.to raise_error(NotImplementedError)
-    end
-  end
-
-  %w[json formencoded].each do |mode|
-    before { @mode = mode }
-
-    shared_examples_for "get_token #{mode}" do
-      describe "#get_token (#{mode})" do
-        subject(:get_token) { client_assertion.get_token(params) }
-
-        it 'returns AccessToken with same Client' do
-          expect(get_token.client).to eq(client)
-        end
-
-        it 'returns AccessToken with #token' do
-          expect(get_token.token).to eq('salmon')
-        end
-
-        it 'returns AccessToken with #expires_in' do
-          expect(get_token.expires_in).to eq(600)
-        end
-
-        it 'returns AccessToken with #expires_at' do
-          expect(get_token.expires_at).not_to be_nil
-        end
-      end
-    end
-
-    it_behaves_like "get_token #{mode}"
-    describe "#build_assertion (#{mode})" do
-      context 'with hmac_secret' do
-        subject(:build_assertion) { client_assertion.build_assertion(params) }
-
-        let(:hmac_secret) { '1883be842495c3b58f68ca71fbf1397fbb9ed2fdf8990f8404a25d0a1b995943' }
-        let(:params) do
-          {
-            :iss => 2345,
-            :aud => 'too',
-            :prn => 'much',
-            :exp => 123_456_789,
-            :hmac_secret => hmac_secret,
-          }
-        end
-        let(:jwt) { 'eyJhbGciOiJIUzI1NiJ9.eyJpc3MiOjIzNDUsImF1ZCI6InRvbyIsInBybiI6Im11Y2giLCJleHAiOjEyMzQ1Njc4OX0.GnZjgcdc5WSWKNW0p9S4GuhpBs3LJCEqjPm6turLG-c' }
-
-        it 'returns JWT' do
-          expect(build_assertion).to eq(jwt)
-        end
-
-        it_behaves_like "get_token #{mode}"
-      end
-
-      context 'with private_key' do
-        subject(:build_assertion) { client_assertion.build_assertion(params) }
-
-        let(:private_key_file) { 'spec/fixtures/RS256/jwtRS256.key' }
-        let(:password) { '' }
-        let(:private_key) { OpenSSL::PKey::RSA.new(File.read(private_key_file), password) }
-        let(:params) do
-          {
-            :iss => 2345,
-            :aud => 'too',
-            :prn => 'much',
-            :exp => 123_456_789,
-            :private_key => private_key,
-          }
-        end
-        let(:jwt) { 'eyJhbGciOiJSUzI1NiJ9.eyJpc3MiOjIzNDUsImF1ZCI6InRvbyIsInBybiI6Im11Y2giLCJleHAiOjEyMzQ1Njc4OX0.vJ32OiPVMdJrlNkPw02Y9u6beiFY0Mfndhg_CkEDLtOYn8dscQIEpWoR4GzH8tiQVOQ1fOkqxE95tNIKOTjnIoskmYnfzhzIl9fnfQ_lsEuLC-nq45KhPzSM2wYgF2ZEIjDq51daK70bRPzTBr1Id45cTY-jJSito0lbKXj2nPa_Gs-_vyEU2MSxjiMaIxxccfY4Ow5zN3AUMTKp6LjrpDKFxag3fJ1nrb6iDATa504gyJHVLift3ovhAwYidkA81WnmEtISWBY904CKIcZD9Cx3ifS5bc3JaLAteIBKAAyD8o7D60vOKutsjCMHUCKL357BQ36bW7fmaEtW367Ri-xgOsCY0_HeWp991vrJ-DxhFPeuF-8hn_9KggBzKbA2eKEOOY4iDKSFwjWQUFOcRdvHw9RgbGt0IjY3wdo8CaJVlhynh54YlaLgOFhTBPeMgZdqQUHOztljaK9zubeVkrDGNnGuSuq0KR82KArb1x2z7XyZpxiV5ZatP9SNyhn-YIWk7UeQYXaS0UfsBX7L5T1y_FZj84r7Vl42lj1DfdR5DyGvHfZyHotTnejdIrDuQfDL_bGe24eHsilzuEFaajYmu10hxflZ6Apm-lekRRV47tbxTF1zI5we14XsTeklrTXqgDkSw6gyOoNUJm-cQkJpfdvBgUHYGInC1ttz7NU' }
-
-        it 'returns JWT' do
-          expect(build_assertion).to eq(jwt)
-        end
-
-        it_behaves_like "get_token #{mode}"
-      end
-    end
-  end
-end

data/spec/oauth2/strategy/auth_code_spec.rb

@@ -1,108 +0,0 @@
-# encoding: utf-8
-# frozen_string_literal: true
-
-describe OAuth2::Strategy::AuthCode do
-  subject { client.auth_code }
-
-  let(:code) { 'sushi' }
-  let(:kvform_token) { 'expires_in=600&access_token=salmon&refresh_token=trout&extra_param=steve' }
-  let(:facebook_token) { kvform_token.gsub('_in', '') }
-  let(:json_token) { MultiJson.encode(:expires_in => 600, :access_token => 'salmon', :refresh_token => 'trout', :extra_param => 'steve') }
-
-  let(:client) do
-    OAuth2::Client.new('abc', 'def', :site => 'http://api.example.com') do |builder|
-      builder.adapter :test do |stub|
-        stub.get("/oauth/token?client_id=abc&client_secret=def&code=#{code}&grant_type=authorization_code") do |env|
-          case @mode
-          when 'formencoded'
-            [200, {'Content-Type' => 'application/x-www-form-urlencoded'}, kvform_token]
-          when 'json'
-            [200, {'Content-Type' => 'application/json'}, json_token]
-          when 'from_facebook'
-            [200, {'Content-Type' => 'application/x-www-form-urlencoded'}, facebook_token]
-          end
-        end
-        stub.post('/oauth/token', 'client_id' => 'abc', 'client_secret' => 'def', 'code' => 'sushi', 'grant_type' => 'authorization_code') do |env|
-          case @mode
-          when 'formencoded'
-            [200, {'Content-Type' => 'application/x-www-form-urlencoded'}, kvform_token]
-          when 'json'
-            [200, {'Content-Type' => 'application/json'}, json_token]
-          when 'from_facebook'
-            [200, {'Content-Type' => 'application/x-www-form-urlencoded'}, facebook_token]
-          end
-        end
-      end
-    end
-  end
-
-  describe '#authorize_url' do
-    it 'includes the client_id' do
-      expect(subject.authorize_url).to include('client_id=abc')
-    end
-
-    it 'includes the type' do
-      expect(subject.authorize_url).to include('response_type=code')
-    end
-
-    it 'includes passed in options' do
-      cb = 'http://myserver.local/oauth/callback'
-      expect(subject.authorize_url(:redirect_uri => cb)).to include("redirect_uri=#{Rack::Utils.escape(cb)}")
-    end
-  end
-
-  describe '#get_token (handling utf-8 data)' do
-    let(:json_token) { MultiJson.encode(:expires_in => 600, :access_token => 'salmon', :refresh_token => 'trout', :extra_param => 'André') }
-
-    before do
-      @mode = 'json'
-      client.options[:token_method] = :post
-    end
-
-    it 'does not raise an error' do
-      expect { subject.get_token(code) }.not_to raise_error
-    end
-
-    it 'does not create an error instance' do
-      expect(OAuth2::Error).not_to receive(:new)
-
-      subject.get_token(code)
-    end
-  end
-
-  %w[json formencoded from_facebook].each do |mode|
-    [:get, :post].each do |verb|
-      describe "#get_token (#{mode}, access_token_method=#{verb}" do
-        before do
-          @mode = mode
-          client.options[:token_method] = verb
-          @access = subject.get_token(code)
-        end
-
-        it 'returns AccessToken with same Client' do
-          expect(@access.client).to eq(client)
-        end
-
-        it 'returns AccessToken with #token' do
-          expect(@access.token).to eq('salmon')
-        end
-
-        it 'returns AccessToken with #refresh_token' do
-          expect(@access.refresh_token).to eq('trout')
-        end
-
-        it 'returns AccessToken with #expires_in' do
-          expect(@access.expires_in).to eq(600)
-        end
-
-        it 'returns AccessToken with #expires_at' do
-          expect(@access.expires_at).to be_kind_of(Integer)
-        end
-
-        it 'returns AccessToken with params accessible via []' do
-          expect(@access['extra_param']).to eq('steve')
-        end
-      end
-    end
-  end
-end

data/spec/oauth2/strategy/base_spec.rb

@@ -1,7 +0,0 @@
-# frozen_string_literal: true
-
-describe OAuth2::Strategy::Base do
-  it 'initializes with a Client' do
-    expect { described_class.new(OAuth2::Client.new('abc', 'def')) }.not_to raise_error
-  end
-end

data/spec/oauth2/strategy/client_credentials_spec.rb

@@ -1,71 +0,0 @@
-# frozen_string_literal: true
-
-describe OAuth2::Strategy::ClientCredentials do
-  subject { client.client_credentials }
-
-  let(:kvform_token) { 'expires_in=600&access_token=salmon&refresh_token=trout' }
-  let(:json_token) { '{"expires_in":600,"access_token":"salmon","refresh_token":"trout"}' }
-
-  let(:client) do
-    OAuth2::Client.new('abc', 'def', :site => 'http://api.example.com') do |builder|
-      builder.adapter :test do |stub|
-        stub.post('/oauth/token', 'grant_type' => 'client_credentials') do |env|
-          client_id, client_secret = Base64.decode64(env[:request_headers]['Authorization'].split(' ', 2)[1]).split(':', 2)
-          (client_id == 'abc' && client_secret == 'def') || raise(Faraday::Adapter::Test::Stubs::NotFound)
-          case @mode
-          when 'formencoded'
-            [200, {'Content-Type' => 'application/x-www-form-urlencoded'}, kvform_token]
-          when 'json'
-            [200, {'Content-Type' => 'application/json'}, json_token]
-          end
-        end
-        stub.post('/oauth/token', 'client_id' => 'abc', 'client_secret' => 'def', 'grant_type' => 'client_credentials') do |env|
-          case @mode
-          when 'formencoded'
-            [200, {'Content-Type' => 'application/x-www-form-urlencoded'}, kvform_token]
-          when 'json'
-            [200, {'Content-Type' => 'application/json'}, json_token]
-          end
-        end
-      end
-    end
-  end
-
-  describe '#authorize_url' do
-    it 'raises NotImplementedError' do
-      expect { subject.authorize_url }.to raise_error(NotImplementedError)
-    end
-  end
-
-  %w[json formencoded].each do |mode|
-    [:basic_auth, :request_body].each do |auth_scheme|
-      describe "#get_token (#{mode}) (#{auth_scheme})" do
-        before do
-          @mode = mode
-          client.options[:auth_scheme] = auth_scheme
-          @access = subject.get_token
-        end
-
-        it 'returns AccessToken with same Client' do
-          expect(@access.client).to eq(client)
-        end
-
-        it 'returns AccessToken with #token' do
-          expect(@access.token).to eq('salmon')
-        end
-
-        it 'returns AccessToken without #refresh_token' do
-          expect(@access.refresh_token).to be_nil
-        end
-
-        it 'returns AccessToken with #expires_in' do
-          expect(@access.expires_in).to eq(600)
-        end
-
-        it 'returns AccessToken with #expires_at' do
-          expect(@access.expires_at).not_to be_nil
-        end
-      end
-    end
-  end
-end

data/spec/oauth2/strategy/implicit_spec.rb

@@ -1,28 +0,0 @@
-# frozen_string_literal: true
-
-describe OAuth2::Strategy::Implicit do
-  subject { client.implicit }
-
-  let(:client) { OAuth2::Client.new('abc', 'def', :site => 'http://api.example.com') }
-
-  describe '#authorize_url' do
-    it 'includes the client_id' do
-      expect(subject.authorize_url).to include('client_id=abc')
-    end
-
-    it 'includes the type' do
-      expect(subject.authorize_url).to include('response_type=token')
-    end
-
-    it 'includes passed in options' do
-      cb = 'http://myserver.local/oauth/callback'
-      expect(subject.authorize_url(:redirect_uri => cb)).to include("redirect_uri=#{Rack::Utils.escape(cb)}")
-    end
-  end
-
-  describe '#get_token' do
-    it 'raises NotImplementedError' do
-      expect { subject.get_token }.to raise_error(NotImplementedError)
-    end
-  end
-end

data/spec/oauth2/strategy/password_spec.rb

@@ -1,58 +0,0 @@
-# frozen_string_literal: true
-
-describe OAuth2::Strategy::Password do
-  subject { client.password }
-
-  let(:client) do
-    cli = OAuth2::Client.new('abc', 'def', :site => 'http://api.example.com')
-    cli.connection = Faraday.new(cli.site, cli.options[:connection_opts]) do |b|
-      b.request :url_encoded
-      b.adapter :test do |stub|
-        stub.post('/oauth/token') do |env|
-          case @mode
-          when 'formencoded'
-            [200, {'Content-Type' => 'application/x-www-form-urlencoded'}, 'expires_in=600&access_token=salmon&refresh_token=trout']
-          when 'json'
-            [200, {'Content-Type' => 'application/json'}, '{"expires_in":600,"access_token":"salmon","refresh_token":"trout"}']
-          end
-        end
-      end
-    end
-    cli
-  end
-
-  describe '#authorize_url' do
-    it 'raises NotImplementedError' do
-      expect { subject.authorize_url }.to raise_error(NotImplementedError)
-    end
-  end
-
-  %w[json formencoded].each do |mode|
-    describe "#get_token (#{mode})" do
-      before do
-        @mode = mode
-        @access = subject.get_token('username', 'password')
-      end
-
-      it 'returns AccessToken with same Client' do
-        expect(@access.client).to eq(client)
-      end
-
-      it 'returns AccessToken with #token' do
-        expect(@access.token).to eq('salmon')
-      end
-
-      it 'returns AccessToken with #refresh_token' do
-        expect(@access.refresh_token).to eq('trout')
-      end
-
-      it 'returns AccessToken with #expires_in' do
-        expect(@access.expires_in).to eq(600)
-      end
-
-      it 'returns AccessToken with #expires_at' do
-        expect(@access.expires_at).not_to be_nil
-      end
-    end
-  end
-end

data/spec/oauth2/version_spec.rb

@@ -1,23 +0,0 @@
-# frozen_string_literal: true
-
-RSpec.describe OAuth2::Version do
-  it 'has a version number' do
-    expect(described_class).not_to be nil
-  end
-
-  it 'can be a string' do
-    expect(described_class.to_s).to be_a(String)
-  end
-
-  it 'allows Constant access' do
-    expect(described_class::VERSION).to be_a(String)
-  end
-
-  it 'is greater than 0.1.0' do
-    expect(Gem::Version.new(described_class) > Gem::Version.new('0.1.0')).to be(true)
-  end
-
-  it 'is not a pre-release' do
-    expect(Gem::Version.new(described_class).prerelease?).to be(false)
-  end
-end