oauth2 1.4.9 → 2.0.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -1,96 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- describe OAuth2::Response do
4
- describe '#initialize' do
5
- let(:status) { 200 }
6
- let(:headers) { {'foo' => 'bar'} }
7
- let(:body) { 'foo' }
8
-
9
- it 'returns the status, headers and body' do
10
- response = double('response', :headers => headers,
11
- :status => status,
12
- :body => body)
13
- subject = described_class.new(response)
14
- expect(subject.headers).to eq(headers)
15
- expect(subject.status).to eq(status)
16
- expect(subject.body).to eq(body)
17
- end
18
- end
19
-
20
- describe '.register_parser' do
21
- let(:response) do
22
- double('response', :headers => {'Content-Type' => 'application/foo-bar'},
23
- :status => 200,
24
- :body => 'baz')
25
- end
26
-
27
- before do
28
- described_class.register_parser(:foobar, 'application/foo-bar') do |body|
29
- "foobar #{body}"
30
- end
31
- end
32
-
33
- it 'adds to the content types and parsers' do
34
- expect(described_class.send(:class_variable_get, :@@parsers).keys).to include(:foobar)
35
- expect(described_class.send(:class_variable_get, :@@content_types).keys).to include('application/foo-bar')
36
- end
37
-
38
- it 'is able to parse that content type automatically' do
39
- expect(described_class.new(response).parsed).to eq('foobar baz')
40
- end
41
- end
42
-
43
- describe '#parsed' do
44
- it 'parses application/x-www-form-urlencoded body' do
45
- headers = {'Content-Type' => 'application/x-www-form-urlencoded'}
46
- body = 'foo=bar&answer=42'
47
- response = double('response', :headers => headers, :body => body)
48
- subject = described_class.new(response)
49
- expect(subject.parsed.keys.size).to eq(2)
50
- expect(subject.parsed['foo']).to eq('bar')
51
- expect(subject.parsed['answer']).to eq('42')
52
- end
53
-
54
- it 'parses application/json body' do
55
- headers = {'Content-Type' => 'application/json'}
56
- body = MultiJson.encode(:foo => 'bar', :answer => 42)
57
- response = double('response', :headers => headers, :body => body)
58
- subject = described_class.new(response)
59
- expect(subject.parsed.keys.size).to eq(2)
60
- expect(subject.parsed['foo']).to eq('bar')
61
- expect(subject.parsed['answer']).to eq(42)
62
- end
63
-
64
- it "doesn't try to parse other content-types" do
65
- headers = {'Content-Type' => 'text/html'}
66
- body = '<!DOCTYPE html><html><head></head><body></body></html>'
67
-
68
- response = double('response', :headers => headers, :body => body)
69
-
70
- expect(MultiJson).not_to receive(:decode)
71
- expect(MultiJson).not_to receive(:load)
72
- expect(Rack::Utils).not_to receive(:parse_query)
73
-
74
- subject = described_class.new(response)
75
- expect(subject.parsed).to be_nil
76
- end
77
- end
78
-
79
- context 'with xml parser registration' do
80
- before do
81
- MultiXml.parser = :rexml
82
- end
83
-
84
- it 'tries to load multi_xml and use it' do
85
- expect(described_class.send(:class_variable_get, :@@parsers)[:xml]).not_to be_nil
86
- end
87
-
88
- it 'is able to parse xml' do
89
- headers = {'Content-Type' => 'text/xml'}
90
- body = '<?xml version="1.0" standalone="yes" ?><foo><bar>baz</bar></foo>'
91
-
92
- response = double('response', :headers => headers, :body => body)
93
- expect(described_class.new(response).parsed).to eq('foo' => {'bar' => 'baz'})
94
- end
95
- end
96
- end
@@ -1,113 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- require 'openssl'
4
-
5
- describe OAuth2::Strategy::Assertion do
6
- let(:client_assertion) { client.assertion }
7
-
8
- let(:client) do
9
- cli = OAuth2::Client.new('abc', 'def', :site => 'http://api.example.com')
10
- cli.connection = Faraday.new(cli.site, cli.options[:connection_opts]) do |b|
11
- b.request :url_encoded
12
- b.adapter :test do |stub|
13
- stub.post('/oauth/token') do |env|
14
- case @mode
15
- when 'formencoded'
16
- [200, {'Content-Type' => 'application/x-www-form-urlencoded'}, 'expires_in=600&access_token=salmon&refresh_token=trout']
17
- when 'json'
18
- [200, {'Content-Type' => 'application/json'}, '{"expires_in":600,"access_token":"salmon","refresh_token":"trout"}']
19
- end
20
- end
21
- end
22
- end
23
- cli
24
- end
25
-
26
- let(:params) do
27
- {
28
- :hmac_secret => 'foo',
29
- :exp => Time.now.utc.to_i + 3600,
30
- }
31
- end
32
-
33
- describe '#authorize_url' do
34
- it 'raises NotImplementedError' do
35
- expect { client_assertion.authorize_url }.to raise_error(NotImplementedError)
36
- end
37
- end
38
-
39
- %w[json formencoded].each do |mode|
40
- before { @mode = mode }
41
-
42
- shared_examples_for "get_token #{mode}" do
43
- describe "#get_token (#{mode})" do
44
- subject(:get_token) { client_assertion.get_token(params) }
45
-
46
- it 'returns AccessToken with same Client' do
47
- expect(get_token.client).to eq(client)
48
- end
49
-
50
- it 'returns AccessToken with #token' do
51
- expect(get_token.token).to eq('salmon')
52
- end
53
-
54
- it 'returns AccessToken with #expires_in' do
55
- expect(get_token.expires_in).to eq(600)
56
- end
57
-
58
- it 'returns AccessToken with #expires_at' do
59
- expect(get_token.expires_at).not_to be_nil
60
- end
61
- end
62
- end
63
-
64
- it_behaves_like "get_token #{mode}"
65
- describe "#build_assertion (#{mode})" do
66
- context 'with hmac_secret' do
67
- subject(:build_assertion) { client_assertion.build_assertion(params) }
68
-
69
- let(:hmac_secret) { '1883be842495c3b58f68ca71fbf1397fbb9ed2fdf8990f8404a25d0a1b995943' }
70
- let(:params) do
71
- {
72
- :iss => 2345,
73
- :aud => 'too',
74
- :prn => 'much',
75
- :exp => 123_456_789,
76
- :hmac_secret => hmac_secret,
77
- }
78
- end
79
- let(:jwt) { 'eyJhbGciOiJIUzI1NiJ9.eyJpc3MiOjIzNDUsImF1ZCI6InRvbyIsInBybiI6Im11Y2giLCJleHAiOjEyMzQ1Njc4OX0.GnZjgcdc5WSWKNW0p9S4GuhpBs3LJCEqjPm6turLG-c' }
80
-
81
- it 'returns JWT' do
82
- expect(build_assertion).to eq(jwt)
83
- end
84
-
85
- it_behaves_like "get_token #{mode}"
86
- end
87
-
88
- context 'with private_key' do
89
- subject(:build_assertion) { client_assertion.build_assertion(params) }
90
-
91
- let(:private_key_file) { 'spec/fixtures/RS256/jwtRS256.key' }
92
- let(:password) { '' }
93
- let(:private_key) { OpenSSL::PKey::RSA.new(File.read(private_key_file), password) }
94
- let(:params) do
95
- {
96
- :iss => 2345,
97
- :aud => 'too',
98
- :prn => 'much',
99
- :exp => 123_456_789,
100
- :private_key => private_key,
101
- }
102
- end
103
- let(:jwt) { 'eyJhbGciOiJSUzI1NiJ9.eyJpc3MiOjIzNDUsImF1ZCI6InRvbyIsInBybiI6Im11Y2giLCJleHAiOjEyMzQ1Njc4OX0.vJ32OiPVMdJrlNkPw02Y9u6beiFY0Mfndhg_CkEDLtOYn8dscQIEpWoR4GzH8tiQVOQ1fOkqxE95tNIKOTjnIoskmYnfzhzIl9fnfQ_lsEuLC-nq45KhPzSM2wYgF2ZEIjDq51daK70bRPzTBr1Id45cTY-jJSito0lbKXj2nPa_Gs-_vyEU2MSxjiMaIxxccfY4Ow5zN3AUMTKp6LjrpDKFxag3fJ1nrb6iDATa504gyJHVLift3ovhAwYidkA81WnmEtISWBY904CKIcZD9Cx3ifS5bc3JaLAteIBKAAyD8o7D60vOKutsjCMHUCKL357BQ36bW7fmaEtW367Ri-xgOsCY0_HeWp991vrJ-DxhFPeuF-8hn_9KggBzKbA2eKEOOY4iDKSFwjWQUFOcRdvHw9RgbGt0IjY3wdo8CaJVlhynh54YlaLgOFhTBPeMgZdqQUHOztljaK9zubeVkrDGNnGuSuq0KR82KArb1x2z7XyZpxiV5ZatP9SNyhn-YIWk7UeQYXaS0UfsBX7L5T1y_FZj84r7Vl42lj1DfdR5DyGvHfZyHotTnejdIrDuQfDL_bGe24eHsilzuEFaajYmu10hxflZ6Apm-lekRRV47tbxTF1zI5we14XsTeklrTXqgDkSw6gyOoNUJm-cQkJpfdvBgUHYGInC1ttz7NU' }
104
-
105
- it 'returns JWT' do
106
- expect(build_assertion).to eq(jwt)
107
- end
108
-
109
- it_behaves_like "get_token #{mode}"
110
- end
111
- end
112
- end
113
- end
@@ -1,108 +0,0 @@
1
- # encoding: utf-8
2
- # frozen_string_literal: true
3
-
4
- describe OAuth2::Strategy::AuthCode do
5
- subject { client.auth_code }
6
-
7
- let(:code) { 'sushi' }
8
- let(:kvform_token) { 'expires_in=600&access_token=salmon&refresh_token=trout&extra_param=steve' }
9
- let(:facebook_token) { kvform_token.gsub('_in', '') }
10
- let(:json_token) { MultiJson.encode(:expires_in => 600, :access_token => 'salmon', :refresh_token => 'trout', :extra_param => 'steve') }
11
-
12
- let(:client) do
13
- OAuth2::Client.new('abc', 'def', :site => 'http://api.example.com') do |builder|
14
- builder.adapter :test do |stub|
15
- stub.get("/oauth/token?client_id=abc&client_secret=def&code=#{code}&grant_type=authorization_code") do |env|
16
- case @mode
17
- when 'formencoded'
18
- [200, {'Content-Type' => 'application/x-www-form-urlencoded'}, kvform_token]
19
- when 'json'
20
- [200, {'Content-Type' => 'application/json'}, json_token]
21
- when 'from_facebook'
22
- [200, {'Content-Type' => 'application/x-www-form-urlencoded'}, facebook_token]
23
- end
24
- end
25
- stub.post('/oauth/token', 'client_id' => 'abc', 'client_secret' => 'def', 'code' => 'sushi', 'grant_type' => 'authorization_code') do |env|
26
- case @mode
27
- when 'formencoded'
28
- [200, {'Content-Type' => 'application/x-www-form-urlencoded'}, kvform_token]
29
- when 'json'
30
- [200, {'Content-Type' => 'application/json'}, json_token]
31
- when 'from_facebook'
32
- [200, {'Content-Type' => 'application/x-www-form-urlencoded'}, facebook_token]
33
- end
34
- end
35
- end
36
- end
37
- end
38
-
39
- describe '#authorize_url' do
40
- it 'includes the client_id' do
41
- expect(subject.authorize_url).to include('client_id=abc')
42
- end
43
-
44
- it 'includes the type' do
45
- expect(subject.authorize_url).to include('response_type=code')
46
- end
47
-
48
- it 'includes passed in options' do
49
- cb = 'http://myserver.local/oauth/callback'
50
- expect(subject.authorize_url(:redirect_uri => cb)).to include("redirect_uri=#{Rack::Utils.escape(cb)}")
51
- end
52
- end
53
-
54
- describe '#get_token (handling utf-8 data)' do
55
- let(:json_token) { MultiJson.encode(:expires_in => 600, :access_token => 'salmon', :refresh_token => 'trout', :extra_param => 'André') }
56
-
57
- before do
58
- @mode = 'json'
59
- client.options[:token_method] = :post
60
- end
61
-
62
- it 'does not raise an error' do
63
- expect { subject.get_token(code) }.not_to raise_error
64
- end
65
-
66
- it 'does not create an error instance' do
67
- expect(OAuth2::Error).not_to receive(:new)
68
-
69
- subject.get_token(code)
70
- end
71
- end
72
-
73
- %w[json formencoded from_facebook].each do |mode|
74
- [:get, :post].each do |verb|
75
- describe "#get_token (#{mode}, access_token_method=#{verb}" do
76
- before do
77
- @mode = mode
78
- client.options[:token_method] = verb
79
- @access = subject.get_token(code)
80
- end
81
-
82
- it 'returns AccessToken with same Client' do
83
- expect(@access.client).to eq(client)
84
- end
85
-
86
- it 'returns AccessToken with #token' do
87
- expect(@access.token).to eq('salmon')
88
- end
89
-
90
- it 'returns AccessToken with #refresh_token' do
91
- expect(@access.refresh_token).to eq('trout')
92
- end
93
-
94
- it 'returns AccessToken with #expires_in' do
95
- expect(@access.expires_in).to eq(600)
96
- end
97
-
98
- it 'returns AccessToken with #expires_at' do
99
- expect(@access.expires_at).to be_kind_of(Integer)
100
- end
101
-
102
- it 'returns AccessToken with params accessible via []' do
103
- expect(@access['extra_param']).to eq('steve')
104
- end
105
- end
106
- end
107
- end
108
- end
@@ -1,7 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- describe OAuth2::Strategy::Base do
4
- it 'initializes with a Client' do
5
- expect { described_class.new(OAuth2::Client.new('abc', 'def')) }.not_to raise_error
6
- end
7
- end
@@ -1,71 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- describe OAuth2::Strategy::ClientCredentials do
4
- subject { client.client_credentials }
5
-
6
- let(:kvform_token) { 'expires_in=600&access_token=salmon&refresh_token=trout' }
7
- let(:json_token) { '{"expires_in":600,"access_token":"salmon","refresh_token":"trout"}' }
8
-
9
- let(:client) do
10
- OAuth2::Client.new('abc', 'def', :site => 'http://api.example.com') do |builder|
11
- builder.adapter :test do |stub|
12
- stub.post('/oauth/token', 'grant_type' => 'client_credentials') do |env|
13
- client_id, client_secret = Base64.decode64(env[:request_headers]['Authorization'].split(' ', 2)[1]).split(':', 2)
14
- (client_id == 'abc' && client_secret == 'def') || raise(Faraday::Adapter::Test::Stubs::NotFound)
15
- case @mode
16
- when 'formencoded'
17
- [200, {'Content-Type' => 'application/x-www-form-urlencoded'}, kvform_token]
18
- when 'json'
19
- [200, {'Content-Type' => 'application/json'}, json_token]
20
- end
21
- end
22
- stub.post('/oauth/token', 'client_id' => 'abc', 'client_secret' => 'def', 'grant_type' => 'client_credentials') do |env|
23
- case @mode
24
- when 'formencoded'
25
- [200, {'Content-Type' => 'application/x-www-form-urlencoded'}, kvform_token]
26
- when 'json'
27
- [200, {'Content-Type' => 'application/json'}, json_token]
28
- end
29
- end
30
- end
31
- end
32
- end
33
-
34
- describe '#authorize_url' do
35
- it 'raises NotImplementedError' do
36
- expect { subject.authorize_url }.to raise_error(NotImplementedError)
37
- end
38
- end
39
-
40
- %w[json formencoded].each do |mode|
41
- [:basic_auth, :request_body].each do |auth_scheme|
42
- describe "#get_token (#{mode}) (#{auth_scheme})" do
43
- before do
44
- @mode = mode
45
- client.options[:auth_scheme] = auth_scheme
46
- @access = subject.get_token
47
- end
48
-
49
- it 'returns AccessToken with same Client' do
50
- expect(@access.client).to eq(client)
51
- end
52
-
53
- it 'returns AccessToken with #token' do
54
- expect(@access.token).to eq('salmon')
55
- end
56
-
57
- it 'returns AccessToken without #refresh_token' do
58
- expect(@access.refresh_token).to be_nil
59
- end
60
-
61
- it 'returns AccessToken with #expires_in' do
62
- expect(@access.expires_in).to eq(600)
63
- end
64
-
65
- it 'returns AccessToken with #expires_at' do
66
- expect(@access.expires_at).not_to be_nil
67
- end
68
- end
69
- end
70
- end
71
- end
@@ -1,28 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- describe OAuth2::Strategy::Implicit do
4
- subject { client.implicit }
5
-
6
- let(:client) { OAuth2::Client.new('abc', 'def', :site => 'http://api.example.com') }
7
-
8
- describe '#authorize_url' do
9
- it 'includes the client_id' do
10
- expect(subject.authorize_url).to include('client_id=abc')
11
- end
12
-
13
- it 'includes the type' do
14
- expect(subject.authorize_url).to include('response_type=token')
15
- end
16
-
17
- it 'includes passed in options' do
18
- cb = 'http://myserver.local/oauth/callback'
19
- expect(subject.authorize_url(:redirect_uri => cb)).to include("redirect_uri=#{Rack::Utils.escape(cb)}")
20
- end
21
- end
22
-
23
- describe '#get_token' do
24
- it 'raises NotImplementedError' do
25
- expect { subject.get_token }.to raise_error(NotImplementedError)
26
- end
27
- end
28
- end
@@ -1,58 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- describe OAuth2::Strategy::Password do
4
- subject { client.password }
5
-
6
- let(:client) do
7
- cli = OAuth2::Client.new('abc', 'def', :site => 'http://api.example.com')
8
- cli.connection = Faraday.new(cli.site, cli.options[:connection_opts]) do |b|
9
- b.request :url_encoded
10
- b.adapter :test do |stub|
11
- stub.post('/oauth/token') do |env|
12
- case @mode
13
- when 'formencoded'
14
- [200, {'Content-Type' => 'application/x-www-form-urlencoded'}, 'expires_in=600&access_token=salmon&refresh_token=trout']
15
- when 'json'
16
- [200, {'Content-Type' => 'application/json'}, '{"expires_in":600,"access_token":"salmon","refresh_token":"trout"}']
17
- end
18
- end
19
- end
20
- end
21
- cli
22
- end
23
-
24
- describe '#authorize_url' do
25
- it 'raises NotImplementedError' do
26
- expect { subject.authorize_url }.to raise_error(NotImplementedError)
27
- end
28
- end
29
-
30
- %w[json formencoded].each do |mode|
31
- describe "#get_token (#{mode})" do
32
- before do
33
- @mode = mode
34
- @access = subject.get_token('username', 'password')
35
- end
36
-
37
- it 'returns AccessToken with same Client' do
38
- expect(@access.client).to eq(client)
39
- end
40
-
41
- it 'returns AccessToken with #token' do
42
- expect(@access.token).to eq('salmon')
43
- end
44
-
45
- it 'returns AccessToken with #refresh_token' do
46
- expect(@access.refresh_token).to eq('trout')
47
- end
48
-
49
- it 'returns AccessToken with #expires_in' do
50
- expect(@access.expires_in).to eq(600)
51
- end
52
-
53
- it 'returns AccessToken with #expires_at' do
54
- expect(@access.expires_at).not_to be_nil
55
- end
56
- end
57
- end
58
- end
@@ -1,23 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- RSpec.describe OAuth2::Version do
4
- it 'has a version number' do
5
- expect(described_class).not_to be nil
6
- end
7
-
8
- it 'can be a string' do
9
- expect(described_class.to_s).to be_a(String)
10
- end
11
-
12
- it 'allows Constant access' do
13
- expect(described_class::VERSION).to be_a(String)
14
- end
15
-
16
- it 'is greater than 0.1.0' do
17
- expect(Gem::Version.new(described_class) > Gem::Version.new('0.1.0')).to be(true)
18
- end
19
-
20
- it 'is not a pre-release' do
21
- expect(Gem::Version.new(described_class).prerelease?).to be(false)
22
- end
23
- end