oauth2 0.8.1 → 0.9.0
Sign up to get free protection for your applications and to get access to all the features.
- data.tar.gz.sig +3 -0
- data/CONTRIBUTING.md +15 -0
- data/README.md +7 -23
- data/lib/oauth2/access_token.rb +12 -5
- data/lib/oauth2/client.rb +3 -2
- data/lib/oauth2/version.rb +2 -2
- data/oauth2.gemspec +28 -25
- data/spec/helper.rb +7 -0
- data/spec/oauth2/access_token_spec.rb +59 -53
- data/spec/oauth2/client_spec.rb +50 -50
- data/spec/oauth2/response_spec.rb +24 -24
- data/spec/oauth2/strategy/assertion_spec.rb +10 -10
- data/spec/oauth2/strategy/auth_code_spec.rb +19 -19
- data/spec/oauth2/strategy/base_spec.rb +2 -2
- data/spec/oauth2/strategy/client_credentials_spec.rb +12 -12
- data/spec/oauth2/strategy/implicit_spec.rb +9 -9
- data/spec/oauth2/strategy/password_spec.rb +12 -12
- metadata +148 -182
- metadata.gz.sig +3 -0
- data/.gemtest +0 -0
- data/.gitignore +0 -35
- data/.rspec +0 -2
- data/.travis.yml +0 -13
- data/Gemfile +0 -3
data.tar.gz.sig
ADDED
data/CONTRIBUTING.md
ADDED
@@ -0,0 +1,15 @@
|
|
1
|
+
## Submitting a Pull Request
|
2
|
+
1. [Fork the repository.][fork]
|
3
|
+
2. [Create a topic branch.][branch]
|
4
|
+
3. Add specs for your unimplemented feature or bug fix.
|
5
|
+
4. Run `bundle exec rake spec`. If your specs pass, return to step 3.
|
6
|
+
5. Implement your feature or bug fix.
|
7
|
+
6. Run `bundle exec rake spec`. If your specs fail, return to step 5.
|
8
|
+
7. Run `open coverage/index.html`. If your changes are not completely covered
|
9
|
+
by your tests, return to step 3.
|
10
|
+
8. Add, commit, and push your changes.
|
11
|
+
9. [Submit a pull request.][pr]
|
12
|
+
|
13
|
+
[fork]: http://help.github.com/fork-a-repo/
|
14
|
+
[branch]: http://learn.github.com/p/branching.html
|
15
|
+
[pr]: http://help.github.com/send-pull-requests/
|
data/README.md
CHANGED
@@ -86,22 +86,6 @@ request, add a 'headers' hash under 'params':
|
|
86
86
|
You can always use the #request method on the OAuth2::Client instance to make
|
87
87
|
requests for tokens for any Authentication grant type.
|
88
88
|
|
89
|
-
## Submitting a Pull Request
|
90
|
-
1. [Fork the repository.][fork]
|
91
|
-
2. [Create a topic branch.][branch]
|
92
|
-
3. Add specs for your unimplemented feature or bug fix.
|
93
|
-
4. Run `bundle exec rake spec`. If your specs pass, return to step 3.
|
94
|
-
5. Implement your feature or bug fix.
|
95
|
-
6. Run `bundle exec rake spec`. If your specs fail, return to step 5.
|
96
|
-
7. Run `open coverage/index.html`. If your changes are not completely covered
|
97
|
-
by your tests, return to step 3.
|
98
|
-
8. Add, commit, and push your changes.
|
99
|
-
9. [Submit a pull request.][pr]
|
100
|
-
|
101
|
-
[fork]: http://help.github.com/fork-a-repo/
|
102
|
-
[branch]: http://learn.github.com/p/branching.html
|
103
|
-
[pr]: http://help.github.com/send-pull-requests/
|
104
|
-
|
105
89
|
## Supported Ruby Versions
|
106
90
|
This library aims to support and is [tested against][travis] the following Ruby
|
107
91
|
implementations:
|
@@ -109,14 +93,14 @@ implementations:
|
|
109
93
|
* Ruby 1.8.7
|
110
94
|
* Ruby 1.9.2
|
111
95
|
* Ruby 1.9.3
|
96
|
+
* Ruby 2.0.0
|
112
97
|
* [JRuby][]
|
113
98
|
* [Rubinius][]
|
114
99
|
|
115
|
-
[jruby]: http://
|
100
|
+
[jruby]: http://jruby.org/
|
116
101
|
[rubinius]: http://rubini.us/
|
117
102
|
|
118
|
-
If something doesn't work on one of these interpreters, it
|
119
|
-
a bug.
|
103
|
+
If something doesn't work on one of these interpreters, it's a bug.
|
120
104
|
|
121
105
|
This library may inadvertently work (or seem to work) on other Ruby
|
122
106
|
implementations, however support will only be provided for the versions listed
|
@@ -125,11 +109,11 @@ above.
|
|
125
109
|
If you would like this library to support another Ruby version, you may
|
126
110
|
volunteer to be a maintainer. Being a maintainer entails making sure all tests
|
127
111
|
run and pass on that implementation. When something breaks on your
|
128
|
-
implementation, you will be
|
129
|
-
|
130
|
-
|
112
|
+
implementation, you will be responsible for providing patches in a timely
|
113
|
+
fashion. If critical issues for a particular implementation exist at the time
|
114
|
+
of a major release, support for that Ruby version may be dropped.
|
131
115
|
|
132
116
|
## Copyright
|
133
117
|
Copyright (c) 2011 Intridea, Inc. and Michael Bleigh.
|
134
118
|
See [LICENSE][] for details.
|
135
|
-
[license]:
|
119
|
+
[license]: LICENSE.md
|
data/lib/oauth2/access_token.rb
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
module OAuth2
|
2
2
|
class AccessToken
|
3
|
-
attr_reader :client, :token, :
|
4
|
-
attr_accessor :options
|
3
|
+
attr_reader :client, :token, :expires_in, :expires_at, :params
|
4
|
+
attr_accessor :options, :refresh_token
|
5
5
|
|
6
6
|
class << self
|
7
7
|
# Initializes an AccessToken from a Hash
|
@@ -34,7 +34,7 @@ module OAuth2
|
|
34
34
|
# @option opts [Symbol] :mode (:header) the transmission mode of the Access Token parameter value
|
35
35
|
# one of :header, :body or :query
|
36
36
|
# @option opts [String] :header_format ('Bearer %s') the string format to use for the Authorization header
|
37
|
-
# @option opts [String] :param_name ('
|
37
|
+
# @option opts [String] :param_name ('access_token') the parameter name to use for transmission of the
|
38
38
|
# Access Token value in :body or :query transmission mode
|
39
39
|
def initialize(client, token, opts={})
|
40
40
|
@client = client
|
@@ -44,11 +44,10 @@ module OAuth2
|
|
44
44
|
end
|
45
45
|
@expires_in ||= opts.delete('expires')
|
46
46
|
@expires_in &&= @expires_in.to_i
|
47
|
-
@expires_at &&= @expires_at.to_i
|
48
47
|
@expires_at ||= Time.now.to_i + @expires_in if @expires_in
|
49
48
|
@options = {:mode => opts.delete(:mode) || :header,
|
50
49
|
:header_format => opts.delete(:header_format) || 'Bearer %s',
|
51
|
-
:param_name => opts.delete(:param_name) || '
|
50
|
+
:param_name => opts.delete(:param_name) || 'access_token'}
|
52
51
|
@params = opts
|
53
52
|
end
|
54
53
|
|
@@ -85,6 +84,7 @@ module OAuth2
|
|
85
84
|
:refresh_token => refresh_token)
|
86
85
|
new_token = @client.get_token(params)
|
87
86
|
new_token.options = options
|
87
|
+
new_token.refresh_token = refresh_token unless new_token.refresh_token
|
88
88
|
new_token
|
89
89
|
end
|
90
90
|
|
@@ -120,6 +120,13 @@ module OAuth2
|
|
120
120
|
request(:put, path, opts, &block)
|
121
121
|
end
|
122
122
|
|
123
|
+
# Make a PATCH request with the Access Token
|
124
|
+
#
|
125
|
+
# @see AccessToken#request
|
126
|
+
def patch(path, opts={}, &block)
|
127
|
+
request(:patch, path, opts, &block)
|
128
|
+
end
|
129
|
+
|
123
130
|
# Make a DELETE request with the Access Token
|
124
131
|
#
|
125
132
|
# @see AccessToken#request
|
data/lib/oauth2/client.rb
CHANGED
@@ -3,8 +3,9 @@ require 'faraday'
|
|
3
3
|
module OAuth2
|
4
4
|
# The OAuth2::Client class
|
5
5
|
class Client
|
6
|
-
attr_reader :id, :secret
|
7
|
-
attr_accessor :
|
6
|
+
attr_reader :id, :secret, :site
|
7
|
+
attr_accessor :options
|
8
|
+
attr_writer :connection
|
8
9
|
|
9
10
|
# Instantiate a new OAuth 2.0 client using the
|
10
11
|
# Client ID and Client Secret registered to your
|
data/lib/oauth2/version.rb
CHANGED
data/oauth2.gemspec
CHANGED
@@ -1,27 +1,30 @@
|
|
1
|
-
#
|
2
|
-
|
1
|
+
# coding: utf-8
|
2
|
+
lib = File.expand_path('../lib', __FILE__)
|
3
|
+
$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
|
4
|
+
require 'oauth2/version'
|
3
5
|
|
4
|
-
Gem::Specification.new do |
|
5
|
-
|
6
|
-
|
7
|
-
|
8
|
-
|
9
|
-
|
10
|
-
|
11
|
-
|
12
|
-
|
13
|
-
|
14
|
-
|
15
|
-
|
16
|
-
|
17
|
-
|
18
|
-
|
19
|
-
|
20
|
-
|
21
|
-
|
22
|
-
|
23
|
-
|
24
|
-
|
25
|
-
|
26
|
-
|
6
|
+
Gem::Specification.new do |spec|
|
7
|
+
spec.add_development_dependency 'bundler', '~> 1.0'
|
8
|
+
spec.add_dependency 'faraday', '~> 0.8'
|
9
|
+
spec.add_dependency 'httpauth', '~> 0.1'
|
10
|
+
spec.add_dependency 'multi_json', '~> 1.0'
|
11
|
+
spec.add_dependency 'multi_xml', '~> 0.5'
|
12
|
+
spec.add_dependency 'rack', '~> 1.2'
|
13
|
+
spec.add_dependency 'jwt', '~> 0.1.4'
|
14
|
+
spec.authors = ["Michael Bleigh", "Erik Michaels-Ober"]
|
15
|
+
spec.cert_chain = %w(certs/sferik.pem)
|
16
|
+
spec.description = %q{A Ruby wrapper for the OAuth 2.0 protocol built with a similar style to the original OAuth spec.}
|
17
|
+
spec.email = ['michael@intridea.com', 'sferik@gmail.com']
|
18
|
+
spec.files = %w(.document CONTRIBUTING.md LICENSE.md README.md Rakefile oauth2.gemspec)
|
19
|
+
spec.files += Dir.glob("lib/**/*.rb")
|
20
|
+
spec.files += Dir.glob("spec/**/*")
|
21
|
+
spec.homepage = 'http://github.com/intridea/oauth2'
|
22
|
+
spec.licenses = ['MIT']
|
23
|
+
spec.name = 'oauth2'
|
24
|
+
spec.require_paths = ['lib']
|
25
|
+
spec.required_rubygems_version = '>= 1.3.6'
|
26
|
+
spec.signing_key = File.expand_path("~/.gem/private_key.pem") if $0 =~ /gem\z/
|
27
|
+
spec.summary = %q{A Ruby wrapper for the OAuth 2.0 protocol.}
|
28
|
+
spec.test_files = Dir.glob("spec/**/*")
|
29
|
+
spec.version = OAuth2::Version
|
27
30
|
end
|
data/spec/helper.rb
CHANGED
@@ -4,11 +4,18 @@ unless ENV['CI']
|
|
4
4
|
add_filter 'spec'
|
5
5
|
end
|
6
6
|
end
|
7
|
+
|
7
8
|
require 'oauth2'
|
8
9
|
require 'addressable/uri'
|
9
10
|
require 'rspec'
|
10
11
|
require 'rspec/autorun'
|
11
12
|
|
13
|
+
RSpec.configure do |config|
|
14
|
+
config.expect_with :rspec do |c|
|
15
|
+
c.syntax = :expect
|
16
|
+
end
|
17
|
+
end
|
18
|
+
|
12
19
|
Faraday.default_adapter = :test
|
13
20
|
|
14
21
|
RSpec.configure do |conf|
|
@@ -12,7 +12,7 @@ describe AccessToken do
|
|
12
12
|
builder.adapter :test do |stub|
|
13
13
|
VERBS.each do |verb|
|
14
14
|
stub.send(verb, '/token/header') {|env| [200, {}, env[:request_headers]['Authorization']]}
|
15
|
-
stub.send(verb, "/token/query?
|
15
|
+
stub.send(verb, "/token/query?access_token=#{token}") {|env| [200, {}, Addressable::URI.parse(env[:url]).query_values['access_token']]}
|
16
16
|
stub.send(verb, '/token/body') {|env| [200, {}, env[:body]]}
|
17
17
|
end
|
18
18
|
stub.post('/oauth/token') {|env| [200, {'Content-Type' => 'application/json'}, refresh_body]}
|
@@ -22,130 +22,136 @@ describe AccessToken do
|
|
22
22
|
|
23
23
|
subject {AccessToken.new(client, token)}
|
24
24
|
|
25
|
-
describe
|
26
|
-
it
|
27
|
-
subject.client.
|
28
|
-
subject.token.
|
25
|
+
describe "#initialize" do
|
26
|
+
it "assigns client and token" do
|
27
|
+
expect(subject.client).to eq(client)
|
28
|
+
expect(subject.token).to eq(token)
|
29
29
|
end
|
30
30
|
|
31
|
-
it
|
31
|
+
it "assigns extra params" do
|
32
32
|
target = AccessToken.new(client, token, 'foo' => 'bar')
|
33
|
-
target.params.
|
34
|
-
target.params['foo'].
|
33
|
+
expect(target.params).to include('foo')
|
34
|
+
expect(target.params['foo']).to eq('bar')
|
35
35
|
end
|
36
36
|
|
37
37
|
def assert_initialized_token(target)
|
38
|
-
target.token.
|
39
|
-
target.
|
40
|
-
target.params.keys.
|
41
|
-
target.params['foo'].
|
38
|
+
expect(target.token).to eq(token)
|
39
|
+
expect(target).to be_expires
|
40
|
+
expect(target.params.keys).to include('foo')
|
41
|
+
expect(target.params['foo']).to eq('bar')
|
42
42
|
end
|
43
43
|
|
44
|
-
it
|
44
|
+
it "initializes with a Hash" do
|
45
45
|
hash = {:access_token => token, :expires_at => Time.now.to_i + 200, 'foo' => 'bar'}
|
46
46
|
target = AccessToken.from_hash(client, hash)
|
47
47
|
assert_initialized_token(target)
|
48
48
|
end
|
49
49
|
|
50
|
-
it
|
50
|
+
it "initalizes with a form-urlencoded key/value string" do
|
51
51
|
kvform = "access_token=#{token}&expires_at=#{Time.now.to_i+200}&foo=bar"
|
52
52
|
target = AccessToken.from_kvform(client, kvform)
|
53
53
|
assert_initialized_token(target)
|
54
54
|
end
|
55
55
|
|
56
|
-
it
|
56
|
+
it "sets options" do
|
57
57
|
target = AccessToken.new(client, token, :param_name => 'foo', :header_format => 'Bearer %', :mode => :body)
|
58
|
-
target.options[:param_name].
|
59
|
-
target.options[:header_format].
|
60
|
-
target.options[:mode].
|
61
|
-
end
|
62
|
-
|
63
|
-
it "initializes with a string expires_at" do
|
64
|
-
hash = {:access_token => token, :expires_at => '1361396829', 'foo' => 'bar'}
|
65
|
-
target = AccessToken.from_hash(client, hash)
|
66
|
-
assert_initialized_token(target)
|
67
|
-
expect(target.expires_at).to be_a(Integer)
|
58
|
+
expect(target.options[:param_name]).to eq('foo')
|
59
|
+
expect(target.options[:header_format]).to eq('Bearer %')
|
60
|
+
expect(target.options[:mode]).to eq(:body)
|
68
61
|
end
|
69
62
|
end
|
70
63
|
|
71
|
-
describe
|
72
|
-
context
|
64
|
+
describe "#request" do
|
65
|
+
context ":mode => :header" do
|
73
66
|
before :all do
|
74
67
|
subject.options[:mode] = :header
|
75
68
|
end
|
76
69
|
|
77
70
|
VERBS.each do |verb|
|
78
71
|
it "sends the token in the Authorization header for a #{verb.to_s.upcase} request" do
|
79
|
-
subject.post('/token/header').body.
|
72
|
+
expect(subject.post('/token/header').body).to include(token)
|
80
73
|
end
|
81
74
|
end
|
82
75
|
end
|
83
76
|
|
84
|
-
context
|
77
|
+
context ":mode => :query" do
|
85
78
|
before :all do
|
86
79
|
subject.options[:mode] = :query
|
87
80
|
end
|
88
81
|
|
89
82
|
VERBS.each do |verb|
|
90
83
|
it "sends the token in the Authorization header for a #{verb.to_s.upcase} request" do
|
91
|
-
subject.post('/token/query').body.
|
84
|
+
expect(subject.post('/token/query').body).to eq(token)
|
92
85
|
end
|
93
86
|
end
|
94
87
|
end
|
95
88
|
|
96
|
-
context
|
89
|
+
context ":mode => :body" do
|
97
90
|
before :all do
|
98
91
|
subject.options[:mode] = :body
|
99
92
|
end
|
100
93
|
|
101
94
|
VERBS.each do |verb|
|
102
95
|
it "sends the token in the Authorization header for a #{verb.to_s.upcase} request" do
|
103
|
-
subject.post('/token/body').body.split('=').last.
|
96
|
+
expect(subject.post('/token/body').body.split('=').last).to eq(token)
|
104
97
|
end
|
105
98
|
end
|
106
99
|
end
|
107
100
|
end
|
108
101
|
|
109
|
-
describe
|
110
|
-
it
|
111
|
-
AccessToken.new(client, token).
|
102
|
+
describe "#expires?" do
|
103
|
+
it "is false if there is no expires_at" do
|
104
|
+
expect(AccessToken.new(client, token)).not_to be_expires
|
112
105
|
end
|
113
106
|
|
114
|
-
it
|
115
|
-
AccessToken.new(client, token, :refresh_token => 'abaca', :expires_in => 600).
|
107
|
+
it "is true if there is an expires_in" do
|
108
|
+
expect(AccessToken.new(client, token, :refresh_token => 'abaca', :expires_in => 600)).to be_expires
|
116
109
|
end
|
117
110
|
|
118
|
-
it
|
119
|
-
AccessToken.new(client, token, :refresh_token => 'abaca', :expires_in => Time.now.getutc.to_i+600).
|
111
|
+
it "is true if there is an expires_at" do
|
112
|
+
expect(AccessToken.new(client, token, :refresh_token => 'abaca', :expires_in => Time.now.getutc.to_i+600)).to be_expires
|
120
113
|
end
|
121
114
|
end
|
122
115
|
|
123
|
-
describe
|
124
|
-
it
|
125
|
-
AccessToken.new(client, token).
|
116
|
+
describe "#expired?" do
|
117
|
+
it "is false if there is no expires_in or expires_at" do
|
118
|
+
expect(AccessToken.new(client, token)).not_to be_expired
|
126
119
|
end
|
127
120
|
|
128
|
-
it
|
129
|
-
AccessToken.new(client, token, :refresh_token => 'abaca', :expires_in => 10800).
|
121
|
+
it "is false if expires_in is in the future" do
|
122
|
+
expect(AccessToken.new(client, token, :refresh_token => 'abaca', :expires_in => 10800)).not_to be_expired
|
130
123
|
end
|
131
124
|
|
132
|
-
it
|
125
|
+
it "is true if expires_at is in the past" do
|
133
126
|
access = AccessToken.new(client, token, :refresh_token => 'abaca', :expires_in => 600)
|
134
127
|
@now = Time.now + 10800
|
135
128
|
Time.stub!(:now).and_return(@now)
|
136
|
-
access.
|
129
|
+
expect(access).to be_expired
|
137
130
|
end
|
138
131
|
|
139
132
|
end
|
140
133
|
|
141
|
-
describe
|
142
|
-
|
143
|
-
|
144
|
-
|
145
|
-
|
134
|
+
describe "#refresh!" do
|
135
|
+
let(:access) {
|
136
|
+
AccessToken.new(client, token, :refresh_token => 'abaca',
|
137
|
+
:expires_in => 600,
|
138
|
+
:param_name => 'o_param')
|
139
|
+
}
|
140
|
+
|
141
|
+
it "returns a refresh token with appropriate values carried over" do
|
146
142
|
refreshed = access.refresh!
|
147
|
-
access.client.
|
148
|
-
access.options[:param_name].
|
143
|
+
expect(access.client).to eq(refreshed.client)
|
144
|
+
expect(access.options[:param_name]).to eq(refreshed.options[:param_name])
|
145
|
+
end
|
146
|
+
|
147
|
+
context "with a nil refresh_token in the response" do
|
148
|
+
let(:refresh_body) { MultiJson.encode(:access_token => 'refreshed_foo', :expires_in => 600, :refresh_token => nil) }
|
149
|
+
|
150
|
+
it "copies the refresh_token from the original token" do
|
151
|
+
refreshed = access.refresh!
|
152
|
+
|
153
|
+
expect(refreshed.refresh_token).to eq(access.refresh_token)
|
154
|
+
end
|
149
155
|
end
|
150
156
|
end
|
151
157
|
end
|
data/spec/oauth2/client_spec.rb
CHANGED
@@ -20,25 +20,25 @@ describe OAuth2::Client do
|
|
20
20
|
end
|
21
21
|
end
|
22
22
|
|
23
|
-
describe
|
24
|
-
it
|
25
|
-
subject.id.
|
26
|
-
subject.secret.
|
23
|
+
describe "#initialize" do
|
24
|
+
it "assigns id and secret" do
|
25
|
+
expect(subject.id).to eq('abc')
|
26
|
+
expect(subject.secret).to eq('def')
|
27
27
|
end
|
28
28
|
|
29
|
-
it
|
30
|
-
subject.site.
|
29
|
+
it "assigns site from the options hash" do
|
30
|
+
expect(subject.site).to eq('https://api.example.com')
|
31
31
|
end
|
32
32
|
|
33
|
-
it
|
34
|
-
subject.connection.host.
|
33
|
+
it "assigns Faraday::Connection#host" do
|
34
|
+
expect(subject.connection.host).to eq('api.example.com')
|
35
35
|
end
|
36
36
|
|
37
|
-
it
|
38
|
-
subject.connection.ssl.
|
37
|
+
it "leaves Faraday::Connection#ssl unset" do
|
38
|
+
expect(subject.connection.ssl).to eq({})
|
39
39
|
end
|
40
40
|
|
41
|
-
it "
|
41
|
+
it "is able to pass a block to configure the connection" do
|
42
42
|
connection = stub('connection')
|
43
43
|
session = stub('session', :to_ary => nil)
|
44
44
|
builder = stub('builder')
|
@@ -53,77 +53,77 @@ describe OAuth2::Client do
|
|
53
53
|
end
|
54
54
|
|
55
55
|
it "defaults raise_errors to true" do
|
56
|
-
subject.options[:raise_errors].
|
56
|
+
expect(subject.options[:raise_errors]).to be_true
|
57
57
|
end
|
58
58
|
|
59
59
|
it "allows true/false for raise_errors option" do
|
60
60
|
client = OAuth2::Client.new('abc', 'def', :site => 'https://api.example.com', :raise_errors => false)
|
61
|
-
client.options[:raise_errors].
|
61
|
+
expect(client.options[:raise_errors]).to be_false
|
62
62
|
client = OAuth2::Client.new('abc', 'def', :site => 'https://api.example.com', :raise_errors => true)
|
63
|
-
client.options[:raise_errors].
|
63
|
+
expect(client.options[:raise_errors]).to be_true
|
64
64
|
end
|
65
65
|
|
66
66
|
it "allows get/post for access_token_method option" do
|
67
67
|
client = OAuth2::Client.new('abc', 'def', :site => 'https://api.example.com', :access_token_method => :get)
|
68
|
-
client.options[:access_token_method].
|
68
|
+
expect(client.options[:access_token_method]).to eq(:get)
|
69
69
|
client = OAuth2::Client.new('abc', 'def', :site => 'https://api.example.com', :access_token_method => :post)
|
70
|
-
client.options[:access_token_method].
|
70
|
+
expect(client.options[:access_token_method]).to eq(:post)
|
71
71
|
end
|
72
72
|
end
|
73
73
|
|
74
74
|
%w(authorize token).each do |url_type|
|
75
75
|
describe ":#{url_type}_url option" do
|
76
|
-
it "
|
77
|
-
subject.send("#{url_type}_url").
|
76
|
+
it "defaults to a path of /oauth/#{url_type}" do
|
77
|
+
expect(subject.send("#{url_type}_url")).to eq("https://api.example.com/oauth/#{url_type}")
|
78
78
|
end
|
79
79
|
|
80
|
-
it "
|
80
|
+
it "is settable via the :#{url_type}_url option" do
|
81
81
|
subject.options[:"#{url_type}_url"] = '/oauth/custom'
|
82
|
-
subject.send("#{url_type}_url").
|
82
|
+
expect(subject.send("#{url_type}_url")).to eq('https://api.example.com/oauth/custom')
|
83
83
|
end
|
84
84
|
|
85
85
|
it "allows a different host than the site" do
|
86
86
|
subject.options[:"#{url_type}_url"] = 'https://api.foo.com/oauth/custom'
|
87
|
-
subject.send("#{url_type}_url").
|
87
|
+
expect(subject.send("#{url_type}_url")).to eq('https://api.foo.com/oauth/custom')
|
88
88
|
end
|
89
89
|
end
|
90
90
|
end
|
91
91
|
|
92
92
|
describe "#request" do
|
93
93
|
it "works with a null response body" do
|
94
|
-
subject.request(:get, 'empty_get').body.
|
94
|
+
expect(subject.request(:get, 'empty_get').body).to eq('')
|
95
95
|
end
|
96
96
|
|
97
97
|
it "returns on a successful response" do
|
98
98
|
response = subject.request(:get, '/success')
|
99
|
-
response.body.
|
100
|
-
response.status.
|
101
|
-
response.headers.
|
99
|
+
expect(response.body).to eq('yay')
|
100
|
+
expect(response.status).to eq(200)
|
101
|
+
expect(response.headers).to eq({'Content-Type' => 'text/awesome'})
|
102
102
|
end
|
103
103
|
|
104
104
|
it "posts a body" do
|
105
105
|
response = subject.request(:post, '/reflect', :body => 'foo=bar')
|
106
|
-
response.body.
|
106
|
+
expect(response.body).to eq('foo=bar')
|
107
107
|
end
|
108
108
|
|
109
109
|
it "follows redirects properly" do
|
110
110
|
response = subject.request(:get, '/redirect')
|
111
|
-
response.body.
|
112
|
-
response.status.
|
113
|
-
response.headers.
|
111
|
+
expect(response.body).to eq('yay')
|
112
|
+
expect(response.status).to eq(200)
|
113
|
+
expect(response.headers).to eq({'Content-Type' => 'text/awesome'})
|
114
114
|
end
|
115
115
|
|
116
116
|
it "redirects using GET on a 303" do
|
117
117
|
response = subject.request(:post, '/redirect', :body => 'foo=bar')
|
118
|
-
response.body.
|
119
|
-
response.status.
|
118
|
+
expect(response.body).to be_empty
|
119
|
+
expect(response.status).to eq(200)
|
120
120
|
end
|
121
121
|
|
122
122
|
it "obeys the :max_redirects option" do
|
123
123
|
max_redirects = subject.options[:max_redirects]
|
124
124
|
subject.options[:max_redirects] = 0
|
125
125
|
response = subject.request(:get, '/redirect')
|
126
|
-
response.status.
|
126
|
+
expect(response.status).to eq(302)
|
127
127
|
subject.options[:max_redirects] = max_redirects
|
128
128
|
end
|
129
129
|
|
@@ -131,25 +131,25 @@ describe OAuth2::Client do
|
|
131
131
|
subject.options[:raise_errors] = false
|
132
132
|
response = subject.request(:get, '/unauthorized')
|
133
133
|
|
134
|
-
response.status.
|
135
|
-
response.headers.
|
136
|
-
response.error.
|
134
|
+
expect(response.status).to eq(401)
|
135
|
+
expect(response.headers).to eq({'Content-Type' => 'application/json'})
|
136
|
+
expect(response.error).not_to be_nil
|
137
137
|
end
|
138
138
|
|
139
139
|
%w(/unauthorized /conflict /error).each do |error_path|
|
140
140
|
it "raises OAuth2::Error on error response to path #{error_path}" do
|
141
|
-
|
141
|
+
expect{subject.request(:get, error_path)}.to raise_error(OAuth2::Error)
|
142
142
|
end
|
143
143
|
end
|
144
144
|
|
145
|
-
it
|
145
|
+
it "parses OAuth2 standard error response" do
|
146
146
|
begin
|
147
147
|
subject.request(:get, '/unauthorized')
|
148
148
|
rescue Exception => e
|
149
|
-
e.code.
|
150
|
-
e.description.
|
151
|
-
e.to_s.
|
152
|
-
e.to_s.
|
149
|
+
expect(e.code).to eq(error_value)
|
150
|
+
expect(e.description).to eq(error_description_value)
|
151
|
+
expect(e.to_s).to match(/#{error_value}/)
|
152
|
+
expect(e.to_s).to match(/#{error_description_value}/)
|
153
153
|
end
|
154
154
|
end
|
155
155
|
|
@@ -157,21 +157,21 @@ describe OAuth2::Client do
|
|
157
157
|
begin
|
158
158
|
subject.request(:get, '/error')
|
159
159
|
rescue Exception => e
|
160
|
-
e.response.
|
161
|
-
e.to_s.
|
160
|
+
expect(e.response).not_to be_nil
|
161
|
+
expect(e.to_s).to match(/unknown error/)
|
162
162
|
end
|
163
163
|
end
|
164
164
|
end
|
165
165
|
|
166
|
-
it
|
167
|
-
subject.auth_code.
|
166
|
+
it "instantiates an AuthCode strategy with this client" do
|
167
|
+
expect(subject.auth_code).to be_kind_of(OAuth2::Strategy::AuthCode)
|
168
168
|
end
|
169
169
|
|
170
|
-
it
|
171
|
-
subject.implicit.
|
170
|
+
it "instantiates an Implicit strategy with this client" do
|
171
|
+
expect(subject.implicit).to be_kind_of(OAuth2::Strategy::Implicit)
|
172
172
|
end
|
173
173
|
|
174
|
-
context
|
174
|
+
context "with SSL options" do
|
175
175
|
subject do
|
176
176
|
cli = OAuth2::Client.new('abc', 'def', :site => 'https://api.example.com', :ssl => {:ca_file => 'foo.pem'})
|
177
177
|
cli.connection.build do |b|
|
@@ -180,8 +180,8 @@ describe OAuth2::Client do
|
|
180
180
|
cli
|
181
181
|
end
|
182
182
|
|
183
|
-
it
|
184
|
-
subject.connection.ssl.
|
183
|
+
it "passes the SSL options along to Faraday::Connection#ssl" do
|
184
|
+
expect(subject.connection.ssl).to eq({:ca_file => 'foo.pem'})
|
185
185
|
end
|
186
186
|
end
|
187
187
|
end
|