oauth2 1.4.9 → 2.0.3

Sign up to get free protection for your applications and to get access to all the features.
data/spec/helper.rb DELETED
@@ -1,33 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- DEBUG = ENV['DEBUG'] == 'true'
4
- RUN_COVERAGE = ENV['CI_CODECOV'] || ENV['CI'].nil?
5
-
6
- ruby_version = Gem::Version.new(RUBY_VERSION)
7
- minimum_version = ->(version) { ruby_version >= Gem::Version.new(version) && RUBY_ENGINE == 'ruby' }
8
- coverage = minimum_version.call('2.7') && RUN_COVERAGE
9
- debug = minimum_version.call('2.5') && DEBUG
10
-
11
- require 'simplecov' if coverage
12
- require 'byebug' if debug
13
-
14
- require 'oauth2'
15
- require 'addressable/uri'
16
- require 'rspec'
17
- require 'rspec/stubbed_env'
18
- require 'rspec/pending_for'
19
- require 'silent_stream'
20
-
21
- RSpec.configure do |config|
22
- config.expect_with :rspec do |c|
23
- c.syntax = :expect
24
- end
25
- end
26
-
27
- Faraday.default_adapter = :test
28
-
29
- RSpec.configure do |conf|
30
- conf.include SilentStream
31
- end
32
-
33
- VERBS = [:get, :post, :put, :delete].freeze
@@ -1,218 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- describe OAuth2::AccessToken do
4
- subject { described_class.new(client, token) }
5
-
6
- let(:token) { 'monkey' }
7
- let(:refresh_body) { MultiJson.encode(:access_token => 'refreshed_foo', :expires_in => 600, :refresh_token => 'refresh_bar') }
8
- let(:client) do
9
- OAuth2::Client.new('abc', 'def', :site => 'https://api.example.com') do |builder|
10
- builder.request :url_encoded
11
- builder.adapter :test do |stub|
12
- VERBS.each do |verb|
13
- stub.send(verb, '/token/header') { |env| [200, {}, env[:request_headers]['Authorization']] }
14
- stub.send(verb, "/token/query?access_token=#{token}") { |env| [200, {}, Addressable::URI.parse(env[:url]).query_values['access_token']] }
15
- stub.send(verb, '/token/query_string') { |env| [200, {}, CGI.unescape(Addressable::URI.parse(env[:url]).query)] }
16
- stub.send(verb, '/token/body') { |env| [200, {}, env[:body]] }
17
- end
18
- stub.post('/oauth/token') { |env| [200, {'Content-Type' => 'application/json'}, refresh_body] }
19
- end
20
- end
21
- end
22
-
23
- describe '#initialize' do
24
- it 'assigns client and token' do
25
- expect(subject.client).to eq(client)
26
- expect(subject.token).to eq(token)
27
- end
28
-
29
- it 'assigns extra params' do
30
- target = described_class.new(client, token, 'foo' => 'bar')
31
- expect(target.params).to include('foo')
32
- expect(target.params['foo']).to eq('bar')
33
- end
34
-
35
- def assert_initialized_token(target)
36
- expect(target.token).to eq(token)
37
- expect(target).to be_expires
38
- expect(target.params.keys).to include('foo')
39
- expect(target.params['foo']).to eq('bar')
40
- end
41
-
42
- it 'initializes with a Hash' do
43
- hash = {:access_token => token, :expires_at => Time.now.to_i + 200, 'foo' => 'bar'}
44
- target = described_class.from_hash(client, hash)
45
- assert_initialized_token(target)
46
- end
47
-
48
- it 'from_hash does not modify opts hash' do
49
- hash = {:access_token => token, :expires_at => Time.now.to_i}
50
- hash_before = hash.dup
51
- described_class.from_hash(client, hash)
52
- expect(hash).to eq(hash_before)
53
- end
54
-
55
- it 'initializes with a form-urlencoded key/value string' do
56
- kvform = "access_token=#{token}&expires_at=#{Time.now.to_i + 200}&foo=bar"
57
- target = described_class.from_kvform(client, kvform)
58
- assert_initialized_token(target)
59
- end
60
-
61
- it 'sets options' do
62
- target = described_class.new(client, token, :param_name => 'foo', :header_format => 'Bearer %', :mode => :body)
63
- expect(target.options[:param_name]).to eq('foo')
64
- expect(target.options[:header_format]).to eq('Bearer %')
65
- expect(target.options[:mode]).to eq(:body)
66
- end
67
-
68
- it 'does not modify opts hash' do
69
- opts = {:param_name => 'foo', :header_format => 'Bearer %', :mode => :body}
70
- opts_before = opts.dup
71
- described_class.new(client, token, opts)
72
- expect(opts).to eq(opts_before)
73
- end
74
-
75
- describe 'expires_at' do
76
- let(:expires_at) { 1_361_396_829 }
77
- let(:hash) do
78
- {
79
- :access_token => token,
80
- :expires_at => expires_at.to_s,
81
- 'foo' => 'bar',
82
- }
83
- end
84
-
85
- it 'initializes with an integer timestamp expires_at' do
86
- target = described_class.from_hash(client, hash.merge(:expires_at => expires_at))
87
- assert_initialized_token(target)
88
- expect(target.expires_at).to eql(expires_at)
89
- end
90
-
91
- it 'initializes with a string timestamp expires_at' do
92
- target = described_class.from_hash(client, hash)
93
- assert_initialized_token(target)
94
- expect(target.expires_at).to eql(expires_at)
95
- end
96
-
97
- it 'initializes with a string time expires_at' do
98
- target = described_class.from_hash(client, hash.merge(:expires_at => Time.at(expires_at).iso8601))
99
- assert_initialized_token(target)
100
- expect(target.expires_at).to eql(expires_at)
101
- end
102
- end
103
- end
104
-
105
- describe '#request' do
106
- context 'with :mode => :header' do
107
- before do
108
- subject.options[:mode] = :header
109
- end
110
-
111
- VERBS.each do |verb|
112
- it "sends the token in the Authorization header for a #{verb.to_s.upcase} request" do
113
- expect(subject.post('/token/header').body).to include(token)
114
- end
115
- end
116
- end
117
-
118
- context 'with :mode => :query' do
119
- before do
120
- subject.options[:mode] = :query
121
- end
122
-
123
- VERBS.each do |verb|
124
- it "sends the token in the Authorization header for a #{verb.to_s.upcase} request" do
125
- expect(subject.post('/token/query').body).to eq(token)
126
- end
127
-
128
- it "sends a #{verb.to_s.upcase} request and options[:param_name] include [number]." do
129
- subject.options[:param_name] = 'auth[1]'
130
- expect(subject.__send__(verb, '/token/query_string').body).to include("auth[1]=#{token}")
131
- end
132
- end
133
- end
134
-
135
- context 'with :mode => :body' do
136
- before do
137
- subject.options[:mode] = :body
138
- end
139
-
140
- VERBS.each do |verb|
141
- it "sends the token in the Authorization header for a #{verb.to_s.upcase} request" do
142
- expect(subject.post('/token/body').body.split('=').last).to eq(token)
143
- end
144
- end
145
- end
146
-
147
- context 'params include [number]' do
148
- VERBS.each do |verb|
149
- it "sends #{verb.to_s.upcase} correct query" do
150
- expect(subject.__send__(verb, '/token/query_string', :params => {'foo[bar][1]' => 'val'}).body).to include('foo[bar][1]=val')
151
- end
152
- end
153
- end
154
- end
155
-
156
- describe '#expires?' do
157
- it 'is false if there is no expires_at' do
158
- expect(described_class.new(client, token)).not_to be_expires
159
- end
160
-
161
- it 'is true if there is an expires_in' do
162
- expect(described_class.new(client, token, :refresh_token => 'abaca', :expires_in => 600)).to be_expires
163
- end
164
-
165
- it 'is true if there is an expires_at' do
166
- expect(described_class.new(client, token, :refresh_token => 'abaca', :expires_in => Time.now.getutc.to_i + 600)).to be_expires
167
- end
168
- end
169
-
170
- describe '#expired?' do
171
- it 'is false if there is no expires_in or expires_at' do
172
- expect(described_class.new(client, token)).not_to be_expired
173
- end
174
-
175
- it 'is false if expires_in is in the future' do
176
- expect(described_class.new(client, token, :refresh_token => 'abaca', :expires_in => 10_800)).not_to be_expired
177
- end
178
-
179
- it 'is true if expires_at is in the past' do
180
- access = described_class.new(client, token, :refresh_token => 'abaca', :expires_in => 600)
181
- @now = Time.now + 10_800
182
- allow(Time).to receive(:now).and_return(@now)
183
- expect(access).to be_expired
184
- end
185
- end
186
-
187
- describe '#refresh!' do
188
- let(:access) do
189
- described_class.new(client, token, :refresh_token => 'abaca',
190
- :expires_in => 600,
191
- :param_name => 'o_param')
192
- end
193
-
194
- it 'returns a refresh token with appropriate values carried over' do
195
- refreshed = access.refresh!
196
- expect(access.client).to eq(refreshed.client)
197
- expect(access.options[:param_name]).to eq(refreshed.options[:param_name])
198
- end
199
-
200
- context 'with a nil refresh_token in the response' do
201
- let(:refresh_body) { MultiJson.encode(:access_token => 'refreshed_foo', :expires_in => 600, :refresh_token => nil) }
202
-
203
- it 'copies the refresh_token from the original token' do
204
- refreshed = access.refresh!
205
-
206
- expect(refreshed.refresh_token).to eq(access.refresh_token)
207
- end
208
- end
209
- end
210
-
211
- describe '#to_hash' do
212
- it 'return a hash equals to the hash used to initialize access token' do
213
- hash = {:access_token => token, :refresh_token => 'foobar', :expires_at => Time.now.to_i + 200, 'foo' => 'bar'}
214
- access_token = described_class.from_hash(client, hash.clone)
215
- expect(access_token.to_hash).to eq(hash)
216
- end
217
- end
218
- end
@@ -1,86 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- describe OAuth2::Authenticator do
4
- subject do
5
- described_class.new(client_id, client_secret, mode)
6
- end
7
-
8
- let(:client_id) { 'foo' }
9
- let(:client_secret) { 'bar' }
10
- let(:mode) { :undefined }
11
-
12
- it 'raises NotImplementedError for unknown authentication mode' do
13
- expect { subject.apply({}) }.to raise_error(NotImplementedError)
14
- end
15
-
16
- describe '#apply' do
17
- context 'with parameter-based authentication' do
18
- let(:mode) { :request_body }
19
-
20
- it 'adds client_id and client_secret to params' do
21
- output = subject.apply({})
22
- expect(output).to eq('client_id' => 'foo', 'client_secret' => 'bar')
23
- end
24
-
25
- it 'does not overwrite existing credentials' do
26
- input = {'client_secret' => 's3cr3t'}
27
- output = subject.apply(input)
28
- expect(output).to eq('client_id' => 'foo', 'client_secret' => 's3cr3t')
29
- end
30
-
31
- it 'preserves other parameters' do
32
- input = {'state' => '42', :headers => {'A' => 'b'}}
33
- output = subject.apply(input)
34
- expect(output).to eq(
35
- 'client_id' => 'foo',
36
- 'client_secret' => 'bar',
37
- 'state' => '42',
38
- :headers => {'A' => 'b'}
39
- )
40
- end
41
-
42
- context 'using tls client authentication' do
43
- let(:mode) { :tls_client_auth }
44
-
45
- it 'does not add client_secret' do
46
- output = subject.apply({})
47
- expect(output).to eq('client_id' => 'foo')
48
- end
49
- end
50
-
51
- context 'using private key jwt authentication' do
52
- let(:mode) { :private_key_jwt }
53
-
54
- it 'does not add client_secret or client_id' do
55
- output = subject.apply({})
56
- expect(output).to eq({})
57
- end
58
- end
59
- end
60
-
61
- context 'with Basic authentication' do
62
- let(:mode) { :basic_auth }
63
- let(:header) { 'Basic ' + Base64.encode64("#{client_id}:#{client_secret}").delete("\n") }
64
-
65
- it 'encodes credentials in headers' do
66
- output = subject.apply({})
67
- expect(output).to eq(:headers => {'Authorization' => header})
68
- end
69
-
70
- it 'does not overwrite existing credentials' do
71
- input = {:headers => {'Authorization' => 'Bearer abc123'}}
72
- output = subject.apply(input)
73
- expect(output).to eq(:headers => {'Authorization' => 'Bearer abc123'})
74
- end
75
-
76
- it 'does not overwrite existing params or headers' do
77
- input = {'state' => '42', :headers => {'A' => 'b'}}
78
- output = subject.apply(input)
79
- expect(output).to eq(
80
- 'state' => '42',
81
- :headers => {'A' => 'b', 'Authorization' => header}
82
- )
83
- end
84
- end
85
- end
86
- end