omniauth-google-oauth2 0.1.19 → 0.2.0

data/Gemfile

@@ -1,7 +1,7 @@
-source 'http://rubygems.org'
+source 'https://rubygems.org'
 
 gemspec
 
 group :example do
   gem 'sinatra'
-end
+end

data/README.md

@@ -18,7 +18,7 @@ Then `bundle install`.
 
 ## Usage
 
-Here's an example, adding the middleware to a Rails app in `config/initializers/omniauth.rb`:
+Here's an example for adding the middleware to a Rails app in `config/initializers/omniauth.rb`:
 
 ```ruby
 Rails.application.config.middleware.use OmniAuth::Builder do
@@ -28,6 +28,8 @@ end
 
 You can now access the OmniAuth Google OAuth2 URL: `/auth/google_oauth2`
 
+Fore more examples please check out `examples/omni_auth.rb`
+
 ## Configuration
 
 You can configure several options, which you pass in to the `provider` method via a hash:
@@ -106,9 +108,48 @@ Here's an example of an authentication hash available in the callback by accessi
 }
 ```
 
+### Devise
+
+For devise, you should also make sure you have an OmniAuth callback controller setup
+
+```ruby
+class Users::OmniauthCallbacksController < Devise::OmniauthCallbacksController
+  def google_oauth2
+      # You need to implement the method below in your model (e.g. app/models/user.rb)
+      @user = User.find_for_google_oauth2(request.env["omniauth.auth"], current_user)
+
+      if @user.persisted?
+        flash[:notice] = I18n.t "devise.omniauth_callbacks.success", :kind => "Google"
+        sign_in_and_redirect @user, :event => :authentication
+      else
+        session["devise.google_data"] = request.env["omniauth.auth"]
+        redirect_to new_user_registration_url
+      end
+  end
+end
+```
+
+and bind to or create the user
+
+```ruby
+def self.find_for_google_oauth2(access_token, signed_in_resource=nil)
+    data = access_token.info
+    user = User.where(:email => data["email"]).first
+
+    unless user
+        user = User.create(name: data["name"],
+             email: data["email"],
+             password: Devise.friendly_token[0,20]
+            )
+    end
+    user
+end
+```
+Detailed example at https://github.com/plataformatec/devise/wiki/OmniAuth:-Overview#google-oauth2-example
+
 ## License
 
-Copyright (c) 2012 by Josh Ellithorpe
+Copyright (c) 2013 by Josh Ellithorpe
 
 Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
 

data/Rakefile

@@ -1,6 +1,6 @@
 #!/usr/bin/env rake
-require "bundler/gem_tasks"
-require 'rspec/core/rake_task'
+require File.join('bundler', 'gem_tasks')
+require File.join('rspec', 'core', 'rake_task')
 
 RSpec::Core::RakeTask.new(:spec)
 

data/examples/config.ru

@@ -10,6 +10,9 @@ require 'omniauth-google-oauth2'
 
 # Do not use for production code.
 # This is only to make setup easier when running through the sample.
+#
+# If you do have issues with certs in production code, this could help:
+# http://railsapps.github.io/openssl-certificate-verify-failed.html
 OpenSSL::SSL::VERIFY_PEER = OpenSSL::SSL::VERIFY_NONE
 
 class App < Sinatra::Base
@@ -25,7 +28,7 @@ class App < Sinatra::Base
     content_type 'text/plain'
     request.env['omniauth.auth'].to_hash.inspect rescue "No Data"
   end
-  
+
   get '/auth/failure' do
     content_type 'text/plain'
     request.env['omniauth.auth'].to_hash.inspect rescue "No Data"
@@ -35,11 +38,8 @@ end
 use Rack::Session::Cookie, :secret => ENV['RACK_COOKIE_SECRET']
 
 use OmniAuth::Builder do
-  # Regular usage
+  # For additional provider examples please look at 'omni_auth.rb'
   provider :google_oauth2, ENV['GOOGLE_KEY'], ENV['GOOGLE_SECRET'], {}
-  
-  # Custom scope supporting youtube
-  # provider :google_oauth2, ENV['GOOGLE_KEY'], ENV['GOOGLE_SECRET'], {:scope => 'http://gdata.youtube.com,userinfo.email,userinfo.profile,plus.me', :access_type => 'online', :approval_prompt => ''}
 end
 
 run App.new

data/examples/omni_auth.rb

@@ -1,6 +1,32 @@
+# Google's OAuth2 docs. Make sure you are familiar with all the options
+# before attempting to configure this gem.
+# https://developers.google.com/accounts/docs/OAuth2Login
+
 Rails.application.config.middleware.use OmniAuth::Builder do
-  # If you don't need a refresh token -- if you're only using Google for account creation/auth and don't need google services -- set the access_type to 'online'.
-  # Also, set the approval prompt to an empty string, since otherwise it will be set to 'force', which makes users manually approve to the Oauth every time they log in.
-  # See http://googleappsdeveloper.blogspot.com/2011/10/upcoming-changes-to-oauth-20-endpoint.html
-  provider :google_oauth2, ENV['GOOGLE_KEY'], ENV['GOOGLE_SECRET'], {access_type: 'online', approval_prompt: ''}
+  # Default usage, this will give you offline access and a refresh token
+  # using default scopes 'userinfo.email' and 'userinfo.profile'
+  #
+  provider :google_oauth2, ENV['GOOGLE_KEY'], ENV['GOOGLE_SECRET'], {}
+
+  # Manual setup for offline access with a refresh token.
+  # The prompt must be set to 'consent'
+  #
+  # provider :google_oauth2, ENV['GOOGLE_KEY'], ENV['GOOGLE_SECRET'], {
+  #   :access_type => 'offline',
+  #   :prompt => 'consent'
+  # }
+
+  # Custom scope supporting youtube. If you are customizing scopes, remember
+  # to include the default scopes 'userinfo.email' and 'userinfo.profile'
+  #
+  # provider :google_oauth2, ENV['GOOGLE_KEY'], ENV['GOOGLE_SECRET'], {
+  #   :scope => 'http://gdata.youtube.com,userinfo.email,userinfo.profile,plus.me'
+  # }
+
+  # Custom scope for users only using Google for account creation/auth and do not require a refresh token.
+  #
+  # provider :google_oauth2, ENV['GOOGLE_KEY'], ENV['GOOGLE_SECRET'], {
+  #   :access_type => 'online',
+  #   :prompt => ''
+  # }
 end

data/lib/omniauth-google-oauth2.rb

@@ -1 +1 @@
-require "omniauth/google_oauth2"
+require File.join('omniauth', 'google_oauth2')

data/lib/omniauth/google_oauth2.rb

@@ -1 +1 @@
-require 'omniauth/strategies/google_oauth2'
+require File.join('omniauth', 'strategies', 'google_oauth2')

data/lib/omniauth/google_oauth2/version.rb

@@ -1,5 +1,5 @@
 module OmniAuth
   module GoogleOauth2
-    VERSION = "0.1.19"
+    VERSION = "0.2.0"
   end
-end
+end

data/lib/omniauth/strategies/google_oauth2.rb

@@ -3,12 +3,12 @@ require 'omniauth/strategies/oauth2'
 module OmniAuth
   module Strategies
     class GoogleOauth2 < OmniAuth::Strategies::OAuth2
-
+      BASE_SCOPE_URL = "https://www.googleapis.com/auth/"
       DEFAULT_SCOPE = "userinfo.email,userinfo.profile"
 
       option :name, 'google_oauth2'
 
-      option :authorize_options, [:access_type, :hd, :prompt, :request_visible_actions, :scope, :state]
+      option :authorize_options, [:access_type, :hd, :login_hint, :prompt, :scope, :state]
 
       option :client_options, {
         :site          => 'https://accounts.google.com',
@@ -17,21 +17,19 @@ module OmniAuth
       }
 
       def authorize_params
-        base_scope_url = "https://www.googleapis.com/auth/"
         super.tap do |params|
-          # Read the params if passed directly to omniauth_authorize_path
           options[:authorize_options].each do |k|
             params[k] = request.params[k.to_s] unless [nil, ''].include?(request.params[k.to_s])
           end
-          scopes = (params[:scope] || DEFAULT_SCOPE).delete(' ').split(',')
-          scopes.map! { |s| s =~ /^https?:\/\// ? s : "#{base_scope_url}#{s}" }
-          params[:scope] = scopes.join(' ')
-          # This makes sure we get a refresh_token.
-          # http://googlecode.blogspot.com/2011/10/upcoming-changes-to-oauth-20-endpoint.html
+
+          raw_scope = params[:scope] || DEFAULT_SCOPE
+          scope_list = raw_scope.split(" ").map {|item| item.split(",")}.flatten
+          scope_list.map! { |s| s =~ /^https?:\/\// ? s : "#{BASE_SCOPE_URL}#{s}" }
+          params[:scope] = scope_list.join(" ")
+
           params[:access_type] = 'offline' if params[:access_type].nil?
-          params[:login_hint] = request.params['login_hint'] if request.params['login_hint']
-          # Override the state per request
-          session['omniauth.state'] = params[:state] if request.params['state']
+
+          session['omniauth.state'] = params[:state] if params['state']
         end
       end
 
@@ -60,24 +58,22 @@ module OmniAuth
         @raw_info ||= access_token.get('https://www.googleapis.com/oauth2/v1/userinfo').parsed
       end
 
-      def build_access_token_with_access_token
-        if !request.params['id_token'].nil? &&
-            !request.params['access_token'].nil? &&
-            verify_token(request.params['id_token'], request.params['access_token'])
+      def custom_build_access_token
+        if verify_token(request.params['id_token'], request.params['access_token'])
           ::OAuth2::AccessToken.from_hash(client, request.params.dup)
         else
-          build_access_token_without_access_token
+          orig_build_access_token
         end
       end
-      alias_method :build_access_token_without_access_token, :build_access_token
-      alias :build_access_token :build_access_token_with_access_token
+      alias_method :orig_build_access_token, :build_access_token
+      alias :build_access_token :custom_build_access_token
 
       private
 
       def prune!(hash)
-        hash.delete_if do |_, value|
-          prune!(value) if value.is_a?(Hash)
-          value.nil? || (value.respond_to?(:empty?) && value.empty?)
+        hash.delete_if do |_, v|
+          prune!(v) if v.is_a?(Hash)
+          v.nil? || (v.respond_to?(:empty?) && v.empty?)
         end
       end
 
@@ -99,17 +95,18 @@ module OmniAuth
         image_params << 'c' if options[:image_aspect_ratio] == 'square'
 
         params_index = original_url.index('/photo.jpg')
-        original_url.insert(params_index, '/'+image_params.join('-'))
+        original_url.insert(params_index, ('/' + image_params.join('-')))
       end
 
       def verify_token(id_token, access_token)
-        # Verify id_token as well
-        # request fails and raises error when id_token or access_token is invalid
-        raw_response = client.request(:get, 'https://www.googleapis.com/oauth2/v2/tokeninfo',
-            :params => {:id_token => id_token, :access_token => access_token}).parsed
+        return false unless (id_token && access_token)
+
+        raw_response = client.request(:get, 'https://www.googleapis.com/oauth2/v2/tokeninfo', :params => {
+          :id_token => id_token,
+          :access_token => access_token
+        }).parsed
         raw_response['issued_to'] == options.client_id
       end
-
     end
   end
 end

data/omniauth-contrib.gemspec

@@ -1,18 +1,18 @@
 # -*- encoding: utf-8 -*-
-require File.expand_path('../lib/omniauth/google_oauth2/version', __FILE__)
+require File.expand_path(File.join('..', 'lib', 'omniauth', 'google_oauth2', 'version'), __FILE__)
 
 Gem::Specification.new do |gem|
   gem.add_dependency 'omniauth', '~> 1.0'
 
   gem.authors       = ["Josh Ellithorpe", "Yury Korolev"]
   gem.email         = ["quest@mac.com"]
-  gem.description   = %q{A Google oauth2 strategy for OmniAuth 1.0}
-  gem.summary       = %q{A Google oauth2 strategy for OmniAuth 1.0}
+  gem.description   = %q{A Google OAuth2 strategy for OmniAuth 1.x}
+  gem.summary       = %q{A Google OAuth2 strategy for OmniAuth 1.x}
   gem.homepage      = ""
 
   gem.executables   = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) }
   gem.files         = `git ls-files`.split("\n")
-  gem.test_files    = `git ls-files -- {test,spec,features}/*`.split("\n")
+  gem.test_files    = `git ls-files -- {spec}/*`.split("\n")
   gem.name          = "omniauth-google-oauth2"
   gem.require_paths = ["lib"]
   gem.version       = OmniAuth::GoogleOauth2::VERSION

data/spec/omniauth/strategies/google_oauth2_spec.rb

@@ -2,107 +2,146 @@ require 'spec_helper'
 require 'omniauth-google-oauth2'
 
 describe OmniAuth::Strategies::GoogleOauth2 do
-  def app; lambda{|env| [200, {}, ["Hello."]]} end
+  let(:request) { double('Request', :params => {}, :cookies => {}, :env => {}) }
+  let(:app) {
+    lambda do
+      [200, {}, ["Hello."]]
+    end
+  }
 
-  before :each do
+  subject do
+    OmniAuth::Strategies::GoogleOauth2.new(app, 'appid', 'secret', @options || {}).tap do |strategy|
+      strategy.stub(:request) {
+        request
+      }
+    end
+  end
+
+  before do
     OmniAuth.config.test_mode = true
-    @request = double('Request')
-    @request.stub(:params) { {} }
-    @request.stub(:cookies) { {} }
-    @request.stub(:env) { {} }
   end
 
   after do
     OmniAuth.config.test_mode = false
   end
 
-  subject do
-    args = ['appid', 'secret', @options || {}].compact
-    OmniAuth::Strategies::GoogleOauth2.new(app, *args).tap do |strategy|
-      strategy.stub(:request) { @request }
-    end
-  end
-
-  it_should_behave_like 'an oauth2 strategy'
-
-  describe '#client' do
-    it 'has correct Google site' do
+  describe '#client_options' do
+    it 'has correct site' do
       subject.client.site.should eq('https://accounts.google.com')
     end
 
-    it 'has correct authorize url' do
+    it 'has correct authorize_url' do
       subject.client.options[:authorize_url].should eq('/o/oauth2/auth')
     end
 
-    it 'has correct token url' do
+    it 'has correct token_url' do
       subject.client.options[:token_url].should eq('/o/oauth2/token')
     end
-  end
 
-  describe '#callback_path' do
-    it 'has the correct callback path' do
-      subject.callback_path.should eq('/auth/google_oauth2/callback')
+    describe "overrides" do
+      it 'should allow overriding the site' do
+        @options = {:client_options => {'site' => 'https://example.com'}}
+        subject.client.site.should == 'https://example.com'
+      end
+
+      it 'should allow overriding the authorize_url' do
+        @options = {:client_options => {'authorize_url' => 'https://example.com'}}
+        subject.client.options[:authorize_url].should == 'https://example.com'
+      end
+
+      it 'should allow overriding the token_url' do
+        @options = {:client_options => {'token_url' => 'https://example.com'}}
+        subject.client.options[:token_url].should == 'https://example.com'
+      end
     end
   end
 
-  describe '#authorize_params' do
-    %w(access_type hd prompt state any_other).each do |k|
-      it "should set the #{k} authorize option dynamically in the request" do
-        @options = {:authorize_options => [k.to_sym], k.to_sym => ''}
-        subject.stub(:request) { double('Request', {:params => { k => 'something' }, :env => {}}) }
-        subject.authorize_params[k].should eq('something')
+  describe "#authorize_options" do
+    [:access_type, :hd, :login_hint, :prompt, :scope, :state].each do |k|
+      it "should support #{k}" do
+        @options = {k => 'http://someval'}
+        subject.authorize_params[k.to_s].should eq('http://someval')
+      end
+    end
+
+    describe 'access_type' do
+      it 'should default to "offline"' do
+        @options = {}
+        subject.authorize_params['access_type'].should eq('offline')
+      end
+
+      it 'should set the access_type parameter if present' do
+        @options = {:access_type => 'online'}
+        subject.authorize_params['access_type'].should eq('online')
+      end
+    end
+
+    describe 'hd' do
+      it "should default to nil" do
+        subject.authorize_params['hd'].should eq(nil)
+      end
+
+      it 'should set the hd (hosted domain) parameter if present' do
+        @options = {:hd => 'example.com'}
+        subject.authorize_params['hd'].should eq('example.com')
+      end
+    end
+
+    describe 'login_hint' do
+      it "should default to nil" do
+        subject.authorize_params['login_hint'].should eq(nil)
+      end
+
+      it 'should set the login_hint parameter if present' do
+        @options = {:login_hint => 'john@example.com'}
+        subject.authorize_params['login_hint'].should eq('john@example.com')
+      end
+    end
+
+    describe 'prompt' do
+      it "should default to nil" do
+        subject.authorize_params['prompt'].should eq(nil)
+      end
+
+      it 'should set the prompt parameter if present' do
+        @options = {:prompt => 'consent select_account'}
+        subject.authorize_params['prompt'].should eq('consent select_account')
       end
     end
 
     describe 'scope' do
       it 'should expand scope shortcuts' do
-        @options = { :authorize_options => [:scope], :scope => 'userinfo.email'}
+        @options = {:scope => 'userinfo.email'}
         subject.authorize_params['scope'].should eq('https://www.googleapis.com/auth/userinfo.email')
       end
 
       it 'should leave full scopes as is' do
-        @options = { :authorize_options => [:scope], :scope => 'https://www.googleapis.com/auth/userinfo.profile'}
+        @options = {:scope => 'https://www.googleapis.com/auth/userinfo.profile'}
         subject.authorize_params['scope'].should eq('https://www.googleapis.com/auth/userinfo.profile')
       end
 
       it 'should join scopes' do
-        @options = { :authorize_options => [:scope], :scope => 'userinfo.profile,userinfo.email'}
+        @options = {:scope => 'userinfo.profile,userinfo.email'}
         subject.authorize_params['scope'].should eq('https://www.googleapis.com/auth/userinfo.profile https://www.googleapis.com/auth/userinfo.email')
       end
 
       it 'should deal with whitespace when joining scopes' do
-        @options = { :authorize_options => [:scope], :scope => 'userinfo.profile, userinfo.email'}
+        @options = {:scope => 'userinfo.profile, userinfo.email'}
         subject.authorize_params['scope'].should eq('https://www.googleapis.com/auth/userinfo.profile https://www.googleapis.com/auth/userinfo.email')
       end
 
       it 'should set default scope to userinfo.email,userinfo.profile' do
-        @options = { :authorize_options => [:scope]}
         subject.authorize_params['scope'].should eq('https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/userinfo.profile')
       end
 
-      it 'should dynamically set the scope in the request' do
-        @options = {:scope => 'http://example.com'}
-        subject.stub(:request) { double('Request', {:params => { 'scope' => 'userinfo.email' }, :env => {}}) }
-        subject.authorize_params['scope'].should eq('https://www.googleapis.com/auth/userinfo.email')
-      end
-    end
-
-    describe 'prompt' do
-      it 'should set the prompt parameter if present' do
-        @options = {:prompt => 'consent select_account'}
-        subject.authorize_params['prompt'].should eq('consent select_account')
-      end
-    end
-
-    describe 'access_type' do
-      it 'should set the access_type parameter if present' do
-        @options = {:access_type => 'type'}
-        subject.authorize_params['access_type'].should eq('type')
+      it 'should support space delimited scopes' do
+        @options = {:scope => 'userinfo.profile userinfo.email'}
+        subject.authorize_params['scope'].should eq('https://www.googleapis.com/auth/userinfo.profile https://www.googleapis.com/auth/userinfo.email')
       end
 
-      it 'should default to "offline"' do
-        @options = {}
-        subject.authorize_params['access_type'].should eq('offline')
+      it "should support extremely badly formed scopes" do
+        @options = {:scope => 'userinfo.profile userinfo.email,foo,steve yeah http://example.com'}
+        subject.authorize_params['scope'].should eq('https://www.googleapis.com/auth/userinfo.profile https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/foo https://www.googleapis.com/auth/steve https://www.googleapis.com/auth/yeah http://example.com')
       end
     end
 
@@ -114,96 +153,151 @@ describe OmniAuth::Strategies::GoogleOauth2 do
       end
 
       it 'should set the omniauth.state dynamically' do
-        subject.stub(:request) { double('Request', {:params => { 'state' => 'some_state' }, :env => {}}) }
+        subject.stub(:request) { double('Request', {:params => {'state' => 'some_state'}, :env => {}}) }
         subject.authorize_params['state'].should eq('some_state')
         subject.session['omniauth.state'].should eq('some_state')
       end
     end
 
-    describe 'hd' do
-      it 'should set the hd (hosted domain) parameter if present' do
-        @options = {:hd => 'example.com'}
-        subject.authorize_params['hd'].should eq('example.com')
+    describe "overrides" do
+      it 'should include top-level options that are marked as :authorize_options' do
+        @options = {:authorize_options => [:scope, :foo, :request_visible_actions], :scope => 'http://bar', :foo => 'baz', :hd => "wow", :request_visible_actions => "something"}
+        subject.authorize_params['scope'].should eq('http://bar')
+        subject.authorize_params['foo'].should eq('baz')
+        subject.authorize_params['hd'].should eq(nil)
+        subject.authorize_params['request_visible_actions'].should eq('something')
       end
-    end
 
-    describe 'login_hint' do
-      it 'should set the login_hint parameter if present' do
-        subject.stub(:request) { double('Request', {:params => { 'login_hint' => 'example@example.com' }, :env => {}}) }
-        subject.authorize_params['login_hint'].should eq('example@example.com')
+      describe "request overrides" do
+        [:access_type, :hd, :login_hint, :prompt, :scope, :state].each do |k|
+          context "authorize option #{k}" do
+            let(:request) { double('Request', :params => {k.to_s => 'http://example.com'}, :cookies => {}, :env => {}) }
+
+            it "should set the #{k} authorize option dynamically in the request" do
+              @options = {k => ''}
+              subject.authorize_params[k.to_s].should eq('http://example.com')
+            end
+          end
+        end
+
+        describe "custom authorize_options" do
+          let(:request) { double('Request', :params => {'foo' => 'something'}, :cookies => {}, :env => {}) }
+
+          it "should support request overrides from custom authorize_options" do
+            @options = {:authorize_options => [:foo], :foo => ''}
+            subject.authorize_params['foo'].should eq('something')
+          end
+        end
       end
     end
   end
 
+  describe '#authorize_params' do
+    it 'should include any authorize params passed in the :authorize_params option' do
+      @options = {:authorize_params => {:request_visible_actions => 'something', :foo => 'bar', :baz => 'zip'}, :hd => 'wow', :bad => 'not_included'}
+      subject.authorize_params['request_visible_actions'].should eq('something')
+      subject.authorize_params['foo'].should eq('bar')
+      subject.authorize_params['baz'].should eq('zip')
+      subject.authorize_params['hd'].should eq('wow')
+      subject.authorize_params['bad'].should eq(nil)
+    end
+  end
+
+  describe '#token_params' do
+    it 'should include any token params passed in the :token_params option' do
+      @options = {:token_params => {:foo => 'bar', :baz => 'zip'}}
+      subject.token_params['foo'].should eq('bar')
+      subject.token_params['baz'].should eq('zip')
+    end
+  end
+
+  describe "#token_options" do
+    it 'should include top-level options that are marked as :token_options' do
+      @options = {:token_options => [:scope, :foo], :scope => 'bar', :foo => 'baz', :bad => 'not_included'}
+      subject.token_params['scope'].should eq('bar')
+      subject.token_params['foo'].should eq('baz')
+      subject.token_params['bad'].should eq(nil)
+    end
+  end
+
+  describe '#callback_path' do
+    it 'has the correct callback path' do
+      subject.callback_path.should eq('/auth/google_oauth2/callback')
+    end
+  end
+
   describe 'raw info' do
     it 'should include raw_info in extras hash by default' do
-      subject.stub(:raw_info) { { :foo => 'bar' } }
-      subject.extra[:raw_info].should eq({ :foo => 'bar' })
+      subject.stub(:raw_info) { {:foo => 'bar'} }
+      subject.extra[:raw_info].should eq({:foo => 'bar'})
     end
 
     it 'should not include raw_info in extras hash when skip_info is specified' do
-      @options = { :skip_info => true }
+      @options = {:skip_info => true}
       subject.extra.should_not have_key(:raw_info)
     end
   end
 
-  describe 'populate auth hash url' do
+  describe 'populate auth hash urls' do
     it 'should populate url map in auth hash if link present in raw_info' do
-      subject.stub(:raw_info) { { 'name' => 'Foo', 'link' => 'https://plus.google.com/123456' } }
+      subject.stub(:raw_info) { {'name' => 'Foo', 'link' => 'https://plus.google.com/123456'} }
       subject.info[:urls]['Google'].should eq('https://plus.google.com/123456')
     end
 
     it 'should not populate url map in auth hash if no link present in raw_info' do
-      subject.stub(:raw_info) { { 'name' => 'Foo' } }
+      subject.stub(:raw_info) { {'name' => 'Foo'} }
       subject.info.should_not have_key(:urls)
     end
   end
 
   describe 'image options' do
-    it 'should return the image with size specified in the `image_size` option' do
-      @options = { :image_size => 50 }
-      subject.stub(:raw_info) { { 'picture' => 'https://lh3.googleusercontent.com/url/photo.jpg' } }
-      main_url, image_params = subject.info[:image].match(/^(.*)\/(.*)\/photo.jpg/).captures
-      main_url.should eq('https://lh3.googleusercontent.com/url')
-      image_params.should eq('s50')
+    it "should have no image if a picture isn't present" do
+      @options = {:image_aspect_ratio => 'square'}
+      subject.stub(:raw_info) { {'name' => 'User Without Pic'} }
+      subject.info[:image].should be_nil
     end
 
-    it 'should return the image with width and height specified in the `image_size` option' do
-      @options = { :image_size => { :width => 50, :height => 50 } }
-      subject.stub(:raw_info) { { 'picture' => 'https://lh3.googleusercontent.com/url/photo.jpg' } }
-      main_url, image_params = subject.info[:image].match(/^(.*)\/(.*)\/photo.jpg/).captures
-      image_params = image_params.split('-').inject({}) do |result, element|
-        result[element.slice!(0)] = element
-        result
+    describe "when a picture is returned from google" do
+      it 'should return the image with size specified in the `image_size` option' do
+        @options = {:image_size => 50}
+        subject.stub(:raw_info) { {'picture' => 'https://lh3.googleusercontent.com/url/photo.jpg'} }
+        subject.info[:image].should eq('https://lh3.googleusercontent.com/url/s50/photo.jpg')
       end
-      main_url.should eq('https://lh3.googleusercontent.com/url')
-      image_params['w'].should eq('50')
-      image_params['h'].should eq('50')
-    end
 
-    it 'should return square image when `image_aspect_ratio` is specified' do
-      @options = { :image_aspect_ratio => 'square' }
-      subject.stub(:raw_info) { { 'picture' => 'https://lh3.googleusercontent.com/url/photo.jpg' } }
-      main_url, image_params = subject.info[:image].match(/^(.*)\/(.*)\/photo.jpg/).captures
-      main_url.should eq('https://lh3.googleusercontent.com/url')
-      image_params.should eq('c')
-    end
+      it 'should return the image with width and height specified in the `image_size` option' do
+        @options = {:image_size => {:width => 50, :height => 40}}
+        subject.stub(:raw_info) { {'picture' => 'https://lh3.googleusercontent.com/url/photo.jpg'} }
+        subject.info[:image].should eq('https://lh3.googleusercontent.com/url/w50-h40/photo.jpg')
+      end
 
-    it 'should not break if no picture present in raw_info' do
-      @options = { :image_aspect_ratio => 'square' }
-      subject.stub(:raw_info) { { 'name' => 'User Without Pic' } }
-      subject.info[:image].should be_nil
+      it 'should return square image when `image_aspect_ratio` is specified' do
+        @options = {:image_aspect_ratio => 'square'}
+        subject.stub(:raw_info) { {'picture' => 'https://lh3.googleusercontent.com/url/photo.jpg'} }
+        subject.info[:image].should eq('https://lh3.googleusercontent.com/url/c/photo.jpg')
+      end
+
+      it 'should return square sized image when `image_aspect_ratio` and `image_size` is set' do
+        @options = {:image_aspect_ratio => 'square', :image_size => 50}
+        subject.stub(:raw_info) { {'picture' => 'https://lh3.googleusercontent.com/url/photo.jpg'} }
+        subject.info[:image].should eq('https://lh3.googleusercontent.com/url/s50-c/photo.jpg')
+      end
+
+      it 'should return square sized image when `image_aspect_ratio` and `image_size` has height and width' do
+        @options = {:image_aspect_ratio => 'square', :image_size => {:width => 50, :height => 40}}
+        subject.stub(:raw_info) { {'picture' => 'https://lh3.googleusercontent.com/url/photo.jpg'} }
+        subject.info[:image].should eq('https://lh3.googleusercontent.com/url/w50-h40-c/photo.jpg')
+      end
     end
 
     it 'should return original image if no options are provided' do
-      subject.stub(:raw_info) { { 'picture' => 'https://lh3.googleusercontent.com/url/photo.jpg' } }
+      subject.stub(:raw_info) { {'picture' => 'https://lh3.googleusercontent.com/url/photo.jpg'} }
       subject.info[:image].should eq('https://lh3.googleusercontent.com/url/photo.jpg')
     end
   end
 
   describe 'build_access_token' do
     it 'should read access_token from hash' do
-      @request.stub(:params).and_return('id_token' => 'valid_id_token', 'access_token' => 'valid_access_token')
+      request.stub(:params).and_return('id_token' => 'valid_id_token', 'access_token' => 'valid_access_token')
       subject.should_receive(:verify_token).with('valid_id_token', 'valid_access_token').and_return true
       subject.should_receive(:client).and_return(:client)
 
@@ -214,7 +308,7 @@ describe OmniAuth::Strategies::GoogleOauth2 do
     end
 
     it 'should call super' do
-      subject.should_receive(:build_access_token_without_access_token)
+      subject.should_receive(:orig_build_access_token)
       subject.build_access_token
     end
   end
@@ -244,7 +338,7 @@ describe OmniAuth::Strategies::GoogleOauth2 do
     end
 
     it 'should verify token if access_token and id_token are valid and app_id equals' do
-      subject.options.client_id =  '000000000000.apps.googleusercontent.com'
+      subject.options.client_id = '000000000000.apps.googleusercontent.com'
       subject.send(:verify_token, 'valid_id_token', 'valid_access_token').should == true
     end
 

data/spec/spec_helper.rb

@@ -1,7 +1,2 @@
-require 'bundler/setup'
-require 'rspec'
-
-Dir[File.expand_path('../support/**/*', __FILE__)].each { |f| require f }
-
-RSpec.configure do |config|
-end
+require File.join('bundler', 'setup')
+require 'rspec'

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: omniauth-google-oauth2
 version: !ruby/object:Gem::Version
-  version: 0.1.19
+  version: 0.2.0
   prerelease: 
 platform: ruby
 authors:
@@ -10,7 +10,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2013-06-19 00:00:00.000000000 Z
+date: 2013-06-26 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: omniauth
@@ -76,7 +76,7 @@ dependencies:
     - - ! '>='
       - !ruby/object:Gem::Version
         version: '0'
-description: A Google oauth2 strategy for OmniAuth 1.0
+description: A Google OAuth2 strategy for OmniAuth 1.x
 email:
 - quest@mac.com
 executables: []
@@ -97,7 +97,6 @@ files:
 - omniauth-contrib.gemspec
 - spec/omniauth/strategies/google_oauth2_spec.rb
 - spec/spec_helper.rb
-- spec/support/shared_examples.rb
 homepage: ''
 licenses: []
 post_install_message: 
@@ -112,7 +111,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
       version: '0'
       segments:
       - 0
-      hash: 3969644160829709281
+      hash: 3419223679075282688
 required_rubygems_version: !ruby/object:Gem::Requirement
   none: false
   requirements:
@@ -121,14 +120,11 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
       segments:
       - 0
-      hash: 3969644160829709281
+      hash: 3419223679075282688
 requirements: []
 rubyforge_project: 
 rubygems_version: 1.8.25
 signing_key: 
 specification_version: 3
-summary: A Google oauth2 strategy for OmniAuth 1.0
-test_files:
-- spec/omniauth/strategies/google_oauth2_spec.rb
-- spec/spec_helper.rb
-- spec/support/shared_examples.rb
+summary: A Google OAuth2 strategy for OmniAuth 1.x
+test_files: []

data/spec/support/shared_examples.rb

@@ -1,37 +0,0 @@
-# NOTE it would be useful if this lived in omniauth-oauth2 eventually
-shared_examples 'an oauth2 strategy' do
-  describe '#client' do
-    it 'should be initialized with symbolized client_options' do
-      @options = { :client_options => { 'authorize_url' => 'https://example.com' } }
-      subject.client.options[:authorize_url].should == 'https://example.com'
-    end
-  end
-
-  describe '#authorize_params' do
-    it 'should include any authorize params passed in the :authorize_params option' do
-      @options = { :authorize_params => { :foo => 'bar', :baz => 'zip' } }
-      subject.authorize_params['foo'].should eq('bar')
-      subject.authorize_params['baz'].should eq('zip')
-    end
-
-    it 'should include top-level options that are marked as :authorize_options' do
-      @options = { :authorize_options => [:scope, :foo], :scope => 'http://bar', :foo => 'baz' }
-      subject.authorize_params['scope'].should eq('http://bar')
-      subject.authorize_params['foo'].should eq('baz')
-    end
-  end
-
-  describe '#token_params' do
-    it 'should include any token params passed in the :token_params option' do
-      @options = { :token_params => { :foo => 'bar', :baz => 'zip' } }
-      subject.token_params['foo'].should eq('bar')
-      subject.token_params['baz'].should eq('zip')
-    end
-
-    it 'should include top-level options that are marked as :token_options' do
-      @options = { :token_options => [:scope, :foo], :scope => 'bar', :foo => 'baz' }
-      subject.token_params['scope'].should eq('bar')
-      subject.token_params['foo'].should eq('baz')
-    end
-  end
-end