omniauth-identity 1.1.0 → 3.0.2

data/spec/omniauth/identity/models/active_record_spec.rb

@@ -1,16 +1,30 @@
-require 'spec_helper'
+# frozen_string_literal: true
 
-describe(OmniAuth::Identity::Models::ActiveRecord, :db => true) do
-  class TestIdentity < OmniAuth::Identity::Models::ActiveRecord
-    auth_key :ham_sandwich
-  end
+RSpec.describe(OmniAuth::Identity::Models::ActiveRecord, db: true) do
+  describe 'model', type: :model do
+    subject(:model_klass) do
+      AnonymousActiveRecord.generate(
+        parent_klass: 'OmniAuth::Identity::Models::ActiveRecord',
+        columns: %w[name provider],
+        connection_params: { adapter: 'sqlite3', encoding: 'utf8', database: ':memory:' }
+      ) do
+        def flower
+          '🌸'
+        end
+      end
+    end
 
-  it 'should locate using the auth key using a where query' do
-    TestIdentity.should_receive(:where).with('ham_sandwich' => 'open faced').and_return(['wakka'])
-    TestIdentity.locate('open faced').should == 'wakka'
+    it 'delegates locate to the where query method' do
+      allow(model_klass).to receive(:where).with('ham_sandwich' => 'open faced', 'category' => 'sandwiches',
+                                                 'provider' => 'identity').and_return(['wakka'])
+      expect(model_klass.locate('ham_sandwich' => 'open faced', 'category' => 'sandwiches')).to eq('wakka')
+    end
   end
-  
-  it 'should not use STI rules for its table name' do
-    TestIdentity.table_name.should == 'test_identities'
+
+  describe '#table_name' do
+    class TestIdentity < OmniAuth::Identity::Models::ActiveRecord; end
+    it 'does not use STI rules for its table name' do
+      expect(TestIdentity.table_name).to eq('test_identities')
+    end
   end
 end

data/spec/omniauth/identity/models/couch_potato_spec.rb

@@ -0,0 +1,19 @@
+# frozen_string_literal: true
+
+RSpec.describe(OmniAuth::Identity::Models::CouchPotatoModule, db: true) do
+  class CouchPotatoTestIdentity
+    include CouchPotato::Persistence
+    include OmniAuth::Identity::Models::CouchPotatoModule
+    auth_key :ham_sandwich
+  end
+
+  describe 'model', type: :model do
+    subject { CouchPotatoTestIdentity }
+
+    it 'delegates locate to the where query method' do
+      allow(subject).to receive(:where).with('ham_sandwich' => 'open faced',
+                                             'category' => 'sandwiches').and_return(['wakka'])
+      expect(subject.locate('ham_sandwich' => 'open faced', 'category' => 'sandwiches')).to eq('wakka')
+    end
+  end
+end

data/spec/omniauth/identity/models/mongoid_spec.rb

@@ -1,18 +1,26 @@
-require 'spec_helper'
+# frozen_string_literal: true
 
-describe(OmniAuth::Identity::Models::Mongoid, :db => true) do
+RSpec.describe(OmniAuth::Identity::Models::Mongoid, db: true) do
   class MongoidTestIdentity
     include Mongoid::Document
     include OmniAuth::Identity::Models::Mongoid
     auth_key :ham_sandwich
+    store_in database: 'db1', collection: 'mongoid_test_identities', client: 'secondary'
   end
 
-  it 'should locate using the auth key using a where query' do
-    MongoidTestIdentity.should_receive(:where).with('ham_sandwich' => 'open faced').and_return(['wakka'])
-    MongoidTestIdentity.locate('open faced').should == 'wakka'
-  end
-  
-  it 'should not use STI rules for its collection name' do
-    MongoidTestIdentity.collection.name.should == 'mongoid_test_identities'
+  describe 'model', type: :model do
+    subject { MongoidTestIdentity }
+
+    it { is_expected.to be_mongoid_document }
+
+    it 'does not munge collection name' do
+      expect(subject).to be_stored_in(database: 'db1', collection: 'mongoid_test_identities', client: 'secondary')
+    end
+
+    it 'delegates locate to the where query method' do
+      allow(subject).to receive(:where).with('ham_sandwich' => 'open faced',
+                                             'category' => 'sandwiches').and_return(['wakka'])
+      expect(subject.locate('ham_sandwich' => 'open faced', 'category' => 'sandwiches')).to eq('wakka')
+    end
   end
 end

data/spec/omniauth/identity/secure_password_spec.rb

@@ -1,4 +1,4 @@
-require 'spec_helper'
+# frozen_string_literal: true
 
 class HasTheMethod
   def self.has_secure_password; end
@@ -7,21 +7,21 @@ end
 class DoesNotHaveTheMethod
 end
 
-describe OmniAuth::Identity::SecurePassword do
-  it 'should extend with the class methods if it does not have the method' do
-    DoesNotHaveTheMethod.should_receive(:extend).with(OmniAuth::Identity::SecurePassword::ClassMethods)
-    DoesNotHaveTheMethod.send(:include, OmniAuth::Identity::SecurePassword)
+RSpec.describe OmniAuth::Identity::SecurePassword do
+  it 'extends with the class methods if it does not have the method' do
+    expect(DoesNotHaveTheMethod).to receive(:extend).with(OmniAuth::Identity::SecurePassword::ClassMethods)
+    DoesNotHaveTheMethod.include described_class
   end
 
-  it 'should not extend if the method is already defined' do
-    HasTheMethod.should_not_receive(:extend)
-    HasTheMethod.send(:include, OmniAuth::Identity::SecurePassword)
+  it 'does not extend if the method is already defined' do
+    expect(HasTheMethod).not_to receive(:extend)
+    HasTheMethod.include described_class
   end
 
-  it 'should respond to has_secure_password afterwards' do
-    [HasTheMethod,DoesNotHaveTheMethod].each do |klass|
-      klass.send(:include, OmniAuth::Identity::SecurePassword)
-      klass.should be_respond_to(:has_secure_password)
+  it 'responds to has_secure_password afterwards' do
+    [HasTheMethod, DoesNotHaveTheMethod].each do |klass|
+      klass.send(:include, described_class)
+      expect(klass).to be_respond_to(:has_secure_password)
     end
   end
 end

data/spec/omniauth/strategies/identity_spec.rb

@@ -1,128 +1,255 @@
-require 'spec_helper'
+# frozen_string_literal: true
 
-class MockIdentity; end
-
-describe OmniAuth::Strategies::Identity do
+RSpec.describe OmniAuth::Strategies::Identity do
   attr_accessor :app
 
-  let(:auth_hash){ last_response.headers['env']['omniauth.auth'] }
-  let(:identity_hash){ last_response.headers['env']['omniauth.identity'] }
+  let(:auth_hash) { last_response.headers['env']['omniauth.auth'] }
+  let(:identity_hash) { last_response.headers['env']['omniauth.identity'] }
+  let(:identity_options) { {} }
+  let(:anon_ar) do
+    AnonymousActiveRecord.generate(
+      columns: %w[name provider],
+      connection_params: { adapter: 'sqlite3', encoding: 'utf8', database: ':memory:' }
+    ) do
+      def balloon
+        '🎈'
+      end
+    end
+  end
 
   # customize rack app for testing, if block is given, reverts to default
   # rack app after testing is done
   def set_app!(identity_options = {})
-    identity_options = {:model => MockIdentity}.merge(identity_options)
-    old_app = self.app
+    old_app = app
     self.app = Rack::Builder.app do
-      use Rack::Session::Cookie
+      use Rack::Session::Cookie, secret: '1234567890qwertyuiop'
       use OmniAuth::Strategies::Identity, identity_options
-      run lambda{|env| [404, {'env' => env}, ["HELLO!"]]}
+      run ->(env) { [404, { 'env' => env }, ['HELLO!']] }
     end
     if block_given?
       yield
       self.app = old_app
     end
-    self.app
+    app
   end
 
-  before(:all) do
-    set_app!
+  before do
+    opts = identity_options.reverse_merge({ model: anon_ar })
+    set_app!(opts)
   end
 
   describe '#request_phase' do
-    it 'should display a form' do
-      get '/auth/identity'
-      last_response.body.should be_include("<form")
+    context 'with default settings' do
+      let(:identity_options) { { model: anon_ar } }
+
+      it 'displays a form' do
+        get '/auth/identity'
+
+        expect(last_response.body).not_to eq('HELLO!')
+        expect(last_response.body).to be_include('<form')
+      end
+    end
+
+    context 'when login is enabled' do
+      context 'when registration is enabled' do
+        let(:identity_options) { { model: anon_ar, enable_registration: true, enable_login: true } }
+
+        it 'displays a form with a link to register' do
+          get '/auth/identity'
+
+          expect(last_response.body).not_to eq('HELLO!')
+          expect(last_response.body).to be_include('<form')
+          expect(last_response.body).to be_include('<a')
+          expect(last_response.body).to be_include('Create an Identity')
+        end
+      end
+
+      context 'when registration is disabled' do
+        let(:identity_options) { { model: anon_ar, enable_registration: false, enable_login: true } }
+
+        it 'displays a form without a link to register' do
+          get '/auth/identity'
+
+          expect(last_response.body).not_to eq('HELLO!')
+          expect(last_response.body).to be_include('<form')
+          expect(last_response.body).not_to be_include('<a')
+          expect(last_response.body).not_to be_include('Create an Identity')
+        end
+      end
+    end
+
+    context 'when login is disabled' do
+      context 'when registration is enabled' do
+        let(:identity_options) { { model: anon_ar, enable_registration: true, enable_login: false } }
+
+        it 'bypasses registration form' do
+          get '/auth/identity'
+
+          expect(last_response.body).to eq('HELLO!')
+          expect(last_response.body).not_to be_include('<form')
+          expect(last_response.body).not_to be_include('<a')
+          expect(last_response.body).not_to be_include('Create an Identity')
+        end
+      end
+
+      context 'when registration is disabled' do
+        let(:identity_options) { { model: anon_ar, enable_registration: false, enable_login: false } }
+
+        it 'displays a form without a link to register' do
+          get '/auth/identity'
+
+          expect(last_response.body).to eq('HELLO!')
+          expect(last_response.body).not_to be_include('<form')
+          expect(last_response.body).not_to be_include('<a')
+          expect(last_response.body).not_to be_include('Create an Identity')
+        end
+      end
     end
   end
 
   describe '#callback_phase' do
-    let(:user){ mock(:uid => 'user1', :info => {'name' => 'Rockefeller'})}
+    let(:user) { double(uid: 'user1', info: { 'name' => 'Rockefeller' }) }
 
     context 'with valid credentials' do
       before do
-        MockIdentity.should_receive('authenticate').with('john','awesome').and_return(user)
-        post '/auth/identity/callback', :auth_key => 'john', :password => 'awesome'
+        allow(anon_ar).to receive('auth_key').and_return('email')
+        expect(anon_ar).to receive('authenticate').with({ 'email' => 'john' }, 'awesome').and_return(user)
+        post '/auth/identity/callback', auth_key: 'john', password: 'awesome'
       end
 
-      it 'should populate the auth hash' do
-        auth_hash.should be_kind_of(Hash)
+      it 'populates the auth hash' do
+        expect(auth_hash).to be_kind_of(Hash)
       end
 
-      it 'should populate the uid' do
-        auth_hash['uid'].should == 'user1'
+      it 'populates the uid' do
+        expect(auth_hash['uid']).to eq('user1')
       end
 
-      it 'should populate the info hash' do
-        auth_hash['info'].should == {'name' => 'Rockefeller'}
+      it 'populates the info hash' do
+        expect(auth_hash['info']).to eq({ 'name' => 'Rockefeller' })
       end
     end
 
     context 'with invalid credentials' do
       before do
-        OmniAuth.config.on_failure = lambda{|env| [401, {}, [env['omniauth.error.type'].inspect]]}
-        MockIdentity.should_receive(:authenticate).with('wrong','login').and_return(false)
-        post '/auth/identity/callback', :auth_key => 'wrong', :password => 'login'
+        allow(anon_ar).to receive('auth_key').and_return('email')
+        OmniAuth.config.on_failure = ->(env) { [401, {}, [env['omniauth.error.type'].inspect]] }
+        expect(anon_ar).to receive(:authenticate).with({ 'email' => 'wrong' }, 'login').and_return(false)
+        post '/auth/identity/callback', auth_key: 'wrong', password: 'login'
       end
 
-      it 'should fail with :invalid_credentials' do
-        last_response.body.should == ':invalid_credentials'
+      it 'fails with :invalid_credentials' do
+        expect(last_response.body).to eq(':invalid_credentials')
+      end
+    end
+
+    context 'with auth scopes' do
+      let(:identity_options) do
+        { model: anon_ar, locate_conditions: lambda { |req|
+                                               { model.auth_key => req['auth_key'], 'user_type' => 'admin' }
+                                             } }
+      end
+
+      it 'evaluates and pass through conditions proc' do
+        allow(anon_ar).to receive('auth_key').and_return('email')
+        expect(anon_ar).to receive('authenticate').with({ 'email' => 'john', 'user_type' => 'admin' },
+                                                        'awesome').and_return(user)
+        post '/auth/identity/callback', auth_key: 'john', password: 'awesome'
       end
     end
   end
 
   describe '#registration_form' do
-    it 'should trigger from /auth/identity/register by default' do
-      get '/auth/identity/register'
-      last_response.body.should be_include("Register Identity")
+    context 'registration is enabled' do
+      it 'triggers from /auth/identity/register by default' do
+        get '/auth/identity/register'
+        expect(last_response.body).to be_include('Register Identity')
+      end
+    end
+
+    context 'registration is disabled' do
+      let(:identity_options) { { model: anon_ar, enable_registration: false } }
+
+      it 'calls app' do
+        get '/auth/identity/register'
+        expect(last_response.body).to be_include('HELLO!')
+      end
+    end
+
+    it 'supports methods other than GET and POST' do
+      head '/auth/identity/register'
+      expect(last_response.status).to eq(404)
     end
   end
 
   describe '#registration_phase' do
+    context 'registration is disabled' do
+      let(:identity_options) { { model: anon_ar, enable_registration: false } }
+
+      it 'calls app' do
+        post '/auth/identity/register'
+        expect(last_response.body).to eq('HELLO!')
+      end
+    end
+
     context 'with successful creation' do
-      let(:properties){ {
-        :name => 'Awesome Dude', 
-        :email => 'awesome@example.com',
-        :password => 'face',
-        :password_confirmation => 'face'
-      } }
+      let(:properties) do
+        {
+          name: 'Awesome Dude',
+          email: 'awesome@example.com',
+          password: 'face',
+          password_confirmation: 'face',
+          provider: 'identity'
+        }
+      end
 
       before do
-        m = mock(:uid => 'abc', :name => 'Awesome Dude', :email => 'awesome@example.com', :info => {:name => 'DUUUUDE!'}, :persisted? => true)
-        MockIdentity.should_receive(:create).with(properties).and_return(m)
+        allow(anon_ar).to receive('auth_key').and_return('email')
+        m = double(uid: 'abc', name: 'Awesome Dude', email: 'awesome@example.com',
+                   info: { name: 'DUUUUDE!' }, persisted?: true)
+        expect(anon_ar).to receive(:create).with(properties).and_return(m)
       end
 
-      it 'should set the auth hash' do
+      it 'sets the auth hash' do
         post '/auth/identity/register', properties
-        auth_hash['uid'].should == 'abc'
+        expect(auth_hash['uid']).to eq('abc')
       end
     end
 
     context 'with invalid identity' do
-      let(:properties) { {
-        :name => 'Awesome Dude', 
-        :email => 'awesome@example.com',
-        :password => 'NOT',
-        :password_confirmation => 'MATCHING'
-      } }
+      let(:properties) do
+        {
+          name: 'Awesome Dude',
+          email: 'awesome@example.com',
+          password: 'NOT',
+          password_confirmation: 'MATCHING',
+          provider: 'identity'
+        }
+      end
+      let(:invalid_identity) { double(persisted?: false) }
 
       before do
-        MockIdentity.should_receive(:create).with(properties).and_return(mock(:persisted? => false))
+        expect(anon_ar).to receive(:create).with(properties).and_return(invalid_identity)
       end
 
       context 'default' do
-        it 'should show registration form' do
+        it 'shows registration form' do
           post '/auth/identity/register', properties
-          last_response.body.should be_include("Register Identity")
+          expect(last_response.body).to be_include('Register Identity')
         end
       end
 
       context 'custom on_failed_registration endpoint' do
-        it 'should set the identity hash' do
-          set_app!(:on_failed_registration => lambda{|env| [404, {'env' => env}, ["HELLO!"]]}) do
-            post '/auth/identity/register', properties
-            identity_hash.should_not be_nil
-          end
+        let(:identity_options) do
+          { model: anon_ar, on_failed_registration: lambda { |env|
+                                                      [404, { 'env' => env }, ["FAIL'DOH!"]]
+                                                    } }
+        end
+
+        it 'sets the identity hash' do
+          post '/auth/identity/register', properties
+          expect(identity_hash).to eq(invalid_identity)
+          expect(last_response.body).to be_include("FAIL'DOH!")
         end
       end
     end