omniauth-mercadolibre 0.0.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- data/.gitignore +17 -0
- data/.rspec +2 -0
- data/.ruby-gemset +1 -0
- data/.ruby-version +1 -0
- data/.rvmrc +1 -0
- data/CHANGELOG.md +13 -0
- data/Gemfile +12 -0
- data/Guardfile +10 -0
- data/MIT-LICENSE +20 -0
- data/README.md +198 -0
- data/Rakefile +25 -0
- data/lib/omniauth-mercadolibre.rb +2 -0
- data/lib/omniauth-mercadolibre/version.rb +5 -0
- data/lib/omniauth/strategies/mercadolibre.rb +80 -0
- data/omniauth-mercadolibre.gemspec +26 -0
- data/omniauth-mercadolibre.sublime-project +9 -0
- data/spec/fixtures/vcr_cassettes/callback_phase.yml +113 -0
- data/spec/fixtures/vcr_cassettes/request_phase.yml +58 -0
- data/spec/omniauth/strategies/mercado_libre_spec.rb +453 -0
- data/spec/spec_helper.rb +15 -0
- data/test/dump/.gitignore +16 -0
- data/test/dump/Gemfile +48 -0
- data/test/dump/README.rdoc +28 -0
- data/test/dump/Rakefile +6 -0
- data/test/dump/app/assets/images/.keep +0 -0
- data/test/dump/app/assets/javascripts/application.js +16 -0
- data/test/dump/app/assets/javascripts/home.js.coffee +3 -0
- data/test/dump/app/assets/stylesheets/application.css +13 -0
- data/test/dump/app/assets/stylesheets/home.css.scss +3 -0
- data/test/dump/app/controllers/application_controller.rb +5 -0
- data/test/dump/app/controllers/concerns/.keep +0 -0
- data/test/dump/app/controllers/home_controller.rb +4 -0
- data/test/dump/app/controllers/users/omniauth_callbacks_controller.rb +14 -0
- data/test/dump/app/helpers/application_helper.rb +2 -0
- data/test/dump/app/helpers/home_helper.rb +2 -0
- data/test/dump/app/mailers/.keep +0 -0
- data/test/dump/app/models/.keep +0 -0
- data/test/dump/app/models/concerns/.keep +0 -0
- data/test/dump/app/models/user.rb +31 -0
- data/test/dump/app/views/home/index.html.erb +7 -0
- data/test/dump/app/views/layouts/application.html.erb +14 -0
- data/test/dump/bin/bundle +3 -0
- data/test/dump/bin/rails +4 -0
- data/test/dump/bin/rake +4 -0
- data/test/dump/config.ru +4 -0
- data/test/dump/config/application.rb +28 -0
- data/test/dump/config/boot.rb +4 -0
- data/test/dump/config/database.yml +25 -0
- data/test/dump/config/environment.rb +5 -0
- data/test/dump/config/environments/development.rb +29 -0
- data/test/dump/config/environments/production.rb +80 -0
- data/test/dump/config/environments/test.rb +36 -0
- data/test/dump/config/initializers/backtrace_silencers.rb +7 -0
- data/test/dump/config/initializers/devise.rb +256 -0
- data/test/dump/config/initializers/filter_parameter_logging.rb +4 -0
- data/test/dump/config/initializers/inflections.rb +16 -0
- data/test/dump/config/initializers/mime_types.rb +5 -0
- data/test/dump/config/initializers/secret_token.rb +12 -0
- data/test/dump/config/initializers/session_store.rb +3 -0
- data/test/dump/config/initializers/wrap_parameters.rb +14 -0
- data/test/dump/config/locales/devise.en.yml +59 -0
- data/test/dump/config/locales/en.yml +23 -0
- data/test/dump/config/routes.rb +9 -0
- data/test/dump/db/migrate/20140120110923_devise_create_users.rb +46 -0
- data/test/dump/db/schema.rb +36 -0
- data/test/dump/db/seeds.rb +7 -0
- data/test/dump/lib/assets/.keep +0 -0
- data/test/dump/lib/tasks/.keep +0 -0
- data/test/dump/log/.keep +0 -0
- data/test/dump/public/404.html +58 -0
- data/test/dump/public/422.html +58 -0
- data/test/dump/public/500.html +57 -0
- data/test/dump/public/favicon.ico +0 -0
- data/test/dump/public/robots.txt +5 -0
- data/test/dump/vendor/assets/javascripts/.keep +0 -0
- data/test/dump/vendor/assets/stylesheets/.keep +0 -0
- metadata +215 -0
@@ -0,0 +1,113 @@
|
|
1
|
+
---
|
2
|
+
recorded_with: VCR 2.0.1
|
3
|
+
http_interactions:
|
4
|
+
- request:
|
5
|
+
method: post
|
6
|
+
uri: https://api.ebay.com/ws/api.dll
|
7
|
+
body:
|
8
|
+
string: " <?xml version=\"1.0\" encoding=\"utf-8\"?>\n <FetchTokenRequest xmlns=\"urn:ebay:apis:eBLBaseComponents\">\n <RequesterCredentials>\n <Username>test_user</Username>\n </RequesterCredentials>\n <SecretID>fake</SecretID>\n </FetchTokenRequest>\n"
|
9
|
+
headers:
|
10
|
+
x-ebay-api-call-name:
|
11
|
+
- FetchToken
|
12
|
+
accept:
|
13
|
+
- "*/*"
|
14
|
+
content-type:
|
15
|
+
- text/xml
|
16
|
+
x-ebay-api-app-name:
|
17
|
+
- a219dda1-87b5-11e1-b0c4-0800200c9a66
|
18
|
+
content-length:
|
19
|
+
- "350"
|
20
|
+
x-ebay-api-dev-name:
|
21
|
+
- bdc8a861-87b5-11e1-b0c4-0800200c9a66
|
22
|
+
x-ebay-api-cert-name:
|
23
|
+
- cf9340f3-87b5-11e1-b0c4-0800200c9a66
|
24
|
+
x-ebay-api-siteid:
|
25
|
+
- "0"
|
26
|
+
x-ebay-api-compatibility-level:
|
27
|
+
- "675"
|
28
|
+
response:
|
29
|
+
status:
|
30
|
+
code: 200
|
31
|
+
message: OK
|
32
|
+
headers:
|
33
|
+
x-ebay-api-pool-name:
|
34
|
+
- 11212345690123456722222
|
35
|
+
x-ebay-esb-siteid:
|
36
|
+
- "0"
|
37
|
+
content-type:
|
38
|
+
- text/xml
|
39
|
+
x-ebay-esb-guid:
|
40
|
+
- fak:uuid:Fakefakefakefakefakefakefakefak
|
41
|
+
x-ebay-esb-app-name:
|
42
|
+
- fakefake-fake-fake-fake-fakefakefake
|
43
|
+
server:
|
44
|
+
- Apache-Coyote/1.1
|
45
|
+
content-length:
|
46
|
+
- "1219"
|
47
|
+
x-ebay-esb-call-name:
|
48
|
+
- FetchToken
|
49
|
+
date:
|
50
|
+
- Mon, 16 Apr 2012 11:13:26 GMT
|
51
|
+
x-ebay-api-server-name:
|
52
|
+
- ___ffffffffffffffffffffffffffffffffffffffffffff
|
53
|
+
body:
|
54
|
+
string: |-
|
55
|
+
<?xml version="1.0" encoding="UTF-8"?>
|
56
|
+
<FetchTokenResponse xmlns="urn:ebay:apis:eBLBaseComponents"><Timestamp>2012-04-16T11:13:26.603Z</Timestamp><Ack>Success</Ack><Version>767</Version><Build>E767_CORE_BUNDLED_14671989_R1</Build><eBayAuthToken>fake</eBayAuthToken><HardExpirationTime>2013-10-08T08:36:50.000Z</HardExpirationTime></FetchTokenResponse>
|
57
|
+
http_version: "1.1"
|
58
|
+
recorded_at: Mon, 16 Apr 2012 11:12:58 GMT
|
59
|
+
- request:
|
60
|
+
method: post
|
61
|
+
uri: https://api.ebay.com/ws/api.dll
|
62
|
+
body:
|
63
|
+
string: " <?xml version=\"1.0\" encoding=\"utf-8\"?>\n <GetUserRequest xmlns=\"urn:ebay:apis:eBLBaseComponents\">\n <RequesterCredentials>\n <eBayAuthToken>fake</eBayAuthToken>\n </RequesterCredentials>\n </GetUserRequest>\n"
|
64
|
+
headers:
|
65
|
+
x-ebay-api-call-name:
|
66
|
+
- GetUser
|
67
|
+
accept:
|
68
|
+
- "*/*"
|
69
|
+
content-type:
|
70
|
+
- text/xml
|
71
|
+
x-ebay-api-app-name:
|
72
|
+
- a219dda1-87b5-11e1-b0c4-0800200c9a66
|
73
|
+
content-length:
|
74
|
+
- "350"
|
75
|
+
x-ebay-api-dev-name:
|
76
|
+
- bdc8a861-87b5-11e1-b0c4-0800200c9a66
|
77
|
+
x-ebay-api-cert-name:
|
78
|
+
- cf9340f3-87b5-11e1-b0c4-0800200c9a66
|
79
|
+
x-ebay-api-siteid:
|
80
|
+
- "0"
|
81
|
+
x-ebay-api-compatibility-level:
|
82
|
+
- "675"
|
83
|
+
response:
|
84
|
+
status:
|
85
|
+
code: 200
|
86
|
+
message: OK
|
87
|
+
headers:
|
88
|
+
x-ebay-api-pool-name:
|
89
|
+
- fake
|
90
|
+
x-ebay-esb-siteid:
|
91
|
+
- "0"
|
92
|
+
content-type:
|
93
|
+
- text/xml
|
94
|
+
x-ebay-esb-guid:
|
95
|
+
- fake
|
96
|
+
x-ebay-esb-app-name:
|
97
|
+
- fake
|
98
|
+
server:
|
99
|
+
- Apache-Coyote/1.1
|
100
|
+
content-length:
|
101
|
+
- "2162"
|
102
|
+
x-ebay-esb-call-name:
|
103
|
+
- GetUser
|
104
|
+
date:
|
105
|
+
- Mon, 16 Apr 2012 11:13:30 GMT
|
106
|
+
x-ebay-api-server-name:
|
107
|
+
- ___dm8ucis2MTZkMzB8KTYzKzczLTQ2MS09MD07NT43
|
108
|
+
body:
|
109
|
+
string: |-
|
110
|
+
<?xml version="1.0" encoding="UTF-8"?>
|
111
|
+
<GetUserResponse xmlns="urn:ebay:apis:eBLBaseComponents"><Timestamp>2012-04-16T11:13:31.701Z</Timestamp><Ack>Success</Ack><Version>767</Version><Build>E767_CORE_BUNDLED_14671989_R1</Build><User><AboutMePage>false</AboutMePage><EIASToken>fake_eias_token</EIASToken><Email>test@user.com</Email><FeedbackScore>27</FeedbackScore><UniqueNegativeFeedbackCount>0</UniqueNegativeFeedbackCount><UniquePositiveFeedbackCount>0</UniquePositiveFeedbackCount><PositiveFeedbackPercent>0.0</PositiveFeedbackPercent><FeedbackPrivate>false</FeedbackPrivate><FeedbackRatingStar>Yellow</FeedbackRatingStar><IDVerified>false</IDVerified><eBayGoodStanding>true</eBayGoodStanding><NewUser>false</NewUser><RegistrationDate>2000-01-01T07:06:10.000Z</RegistrationDate><Site>US</Site><Status>Confirmed</Status><UserID>test_user</UserID><UserIDChanged>false</UserIDChanged><UserIDLastChanged>2004-01-02T19:18:59.000Z</UserIDLastChanged><VATStatus>NoVATTax</VATStatus><SellerInfo><AllowPaymentEdit>true</AllowPaymentEdit><CheckoutEnabled>true</CheckoutEnabled><CIPBankAccountStored>false</CIPBankAccountStored><GoodStanding>true</GoodStanding><LiveAuctionAuthorized>false</LiveAuctionAuthorized><MerchandizingPref>OptIn</MerchandizingPref><QualifiesForB2BVAT>false</QualifiesForB2BVAT><SellerGuaranteeLevel>NotEligible</SellerGuaranteeLevel><SchedulingInfo><MaxScheduledMinutes>30240</MaxScheduledMinutes><MinScheduledMinutes>0</MinScheduledMinutes><MaxScheduledItems>3000</MaxScheduledItems></SchedulingInfo><StoreOwner>false</StoreOwner><PaymentMethod>NothingOnFile</PaymentMethod><CharityRegistered>false</CharityRegistered><SafePaymentExempt>true</SafePaymentExempt><TransactionPercent>0.0</TransactionPercent><RecoupmentPolicyConsent/></SellerInfo><PayPalAccountLevel>Verified</PayPalAccountLevel><PayPalAccountType>Personal</PayPalAccountType><PayPalAccountStatus>Active</PayPalAccountStatus><eBayWikiReadOnly>false</eBayWikiReadOnly><MotorsDealer>false</MotorsDealer><UniqueNeutralFeedbackCount>0</UniqueNeutralFeedbackCount><EnterpriseSeller>false</EnterpriseSeller></User></GetUserResponse>
|
112
|
+
http_version: "1.1"
|
113
|
+
recorded_at: Mon, 16 Apr 2012 11:13:03 GMT
|
@@ -0,0 +1,58 @@
|
|
1
|
+
---
|
2
|
+
recorded_with: VCR 2.0.1
|
3
|
+
http_interactions:
|
4
|
+
- request:
|
5
|
+
method: post
|
6
|
+
uri: https://api.ebay.com/ws/api.dll
|
7
|
+
body:
|
8
|
+
string: " <?xml version=\"1.0\" encoding=\"utf-8\"?>\n <GetSessionIDRequest xmlns=\"urn:ebay:apis:eBLBaseComponents\">\n <RuName>fak_fak_fakeeee-eeeeeeee-eeee-e-eeeee</RuName>\n </GetSessionIDRequest>\n"
|
9
|
+
headers:
|
10
|
+
x-ebay-api-call-name:
|
11
|
+
- GetSessionID
|
12
|
+
accept:
|
13
|
+
- "*/*"
|
14
|
+
content-type:
|
15
|
+
- text/xml
|
16
|
+
x-ebay-api-app-name:
|
17
|
+
- a219dda1-87b5-11e1-b0c4-0800200c9a66
|
18
|
+
content-length:
|
19
|
+
- "350"
|
20
|
+
x-ebay-api-dev-name:
|
21
|
+
- bdc8a861-87b5-11e1-b0c4-0800200c9a66
|
22
|
+
x-ebay-api-cert-name:
|
23
|
+
- cf9340f3-87b5-11e1-b0c4-0800200c9a66
|
24
|
+
x-ebay-api-siteid:
|
25
|
+
- "0"
|
26
|
+
x-ebay-api-compatibility-level:
|
27
|
+
- "675"
|
28
|
+
response:
|
29
|
+
status:
|
30
|
+
code: 200
|
31
|
+
message: OK
|
32
|
+
headers:
|
33
|
+
x-ebay-api-pool-name:
|
34
|
+
- 11212345690123456722222
|
35
|
+
x-ebay-esb-siteid:
|
36
|
+
- "0"
|
37
|
+
content-type:
|
38
|
+
- text/xml
|
39
|
+
x-ebay-esb-guid:
|
40
|
+
- fak:uuid:Fakefakefakefakefakefakefakefak
|
41
|
+
x-ebay-esb-app-name:
|
42
|
+
- fakefake-fake-fake-fake-fakefakefake
|
43
|
+
server:
|
44
|
+
- Apache-Coyote/1.1
|
45
|
+
content-length:
|
46
|
+
- "318"
|
47
|
+
x-ebay-esb-call-name:
|
48
|
+
- GetSessionID
|
49
|
+
date:
|
50
|
+
- Mon, 16 Apr 2012 11:13:24 GMT
|
51
|
+
x-ebay-api-server-name:
|
52
|
+
- ____ffffffffffffffffffffffffffffffffffffffffffff
|
53
|
+
body:
|
54
|
+
string: |-
|
55
|
+
<?xml version="1.0" encoding="UTF-8"?>
|
56
|
+
<GetSessionIDResponse xmlns="urn:ebay:apis:eBLBaseComponents"><Timestamp>2012-04-16T11:13:25.255Z</Timestamp><Ack>Success</Ack><Version>767</Version><Build>E767_CORE_BUNDLED_14671989_R1</Build><SessionID>fake</SessionID></GetSessionIDResponse>
|
57
|
+
http_version: "1.1"
|
58
|
+
recorded_at: Mon, 16 Apr 2012 11:12:57 GMT
|
@@ -0,0 +1,453 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
|
3
|
+
describe OmniAuth::Strategies::MercadoLibre do
|
4
|
+
let(:access_token ) { double('AccessToken', :options => {}) }
|
5
|
+
let(:parsed_response) { double('ParsedResponse') }
|
6
|
+
let(:response ) { double('Response', :parsed => parsed_response) }
|
7
|
+
|
8
|
+
subject do
|
9
|
+
OmniAuth::Strategies::MercadoLibre.new({})
|
10
|
+
end
|
11
|
+
|
12
|
+
before(:each) do
|
13
|
+
allow(subject).to receive(:access_token).and_return(access_token)
|
14
|
+
end
|
15
|
+
|
16
|
+
context "client options" do
|
17
|
+
it 'should have correct site' do
|
18
|
+
subject.options.client_options.site.should eq("https://api.mercadolibre.com")
|
19
|
+
end
|
20
|
+
|
21
|
+
it 'should have correct authorize url' do
|
22
|
+
subject.options.client_options.authorize_url.should eq('https://auth.mercadolibre.com/authorization')
|
23
|
+
end
|
24
|
+
|
25
|
+
it 'should have correct token url' do
|
26
|
+
subject.options.client_options.token_url.should eq('https://api.mercadolibre.com/oauth/token')
|
27
|
+
end
|
28
|
+
end
|
29
|
+
|
30
|
+
context "#email" do
|
31
|
+
it "should return client_id from raw_info if available" do
|
32
|
+
allow(subject).to receive(:raw_info).and_return({ 'client_id' => '1234' })
|
33
|
+
subject.client_id.should eq('1234')
|
34
|
+
end
|
35
|
+
|
36
|
+
# it "should return nil if there is no raw_info and email access is not allowed" do
|
37
|
+
# allow(subject).to receive(:raw_info).and_return({})
|
38
|
+
# subject.email.should be_nil
|
39
|
+
# end
|
40
|
+
|
41
|
+
# it "should return the primary email if there is no raw_info and email access is allowed" do
|
42
|
+
# emails = [
|
43
|
+
# { 'email' => 'secondary@example.com', 'primary' => false },
|
44
|
+
# { 'email' => 'primary@example.com', 'primary' => true }
|
45
|
+
# ]
|
46
|
+
# allow(subject).to receive(:raw_info).and_return({})
|
47
|
+
# subject.options['scope'] = 'user'
|
48
|
+
# allow(subject).to receive(:emails).and_return(emails)
|
49
|
+
# subject.email.should eq('primary@example.com')
|
50
|
+
# end
|
51
|
+
|
52
|
+
# it "should return the first email if there is no raw_info and email access is allowed" do
|
53
|
+
# emails = [
|
54
|
+
# { 'email' => 'first@example.com', 'primary' => false },
|
55
|
+
# { 'email' => 'second@example.com', 'primary' => false }
|
56
|
+
# ]
|
57
|
+
# allow(subject).to receive(:raw_info).and_return({})
|
58
|
+
# subject.options['scope'] = 'user'
|
59
|
+
# allow(subject).to receive(:emails).and_return(emails)
|
60
|
+
# subject.email.should eq('first@example.com')
|
61
|
+
# end
|
62
|
+
end
|
63
|
+
|
64
|
+
|
65
|
+
=begin
|
66
|
+
describe "#authorize_options" do
|
67
|
+
[:access_type, :hd, :login_hint, :prompt, :scope, :state].each do |k|
|
68
|
+
it "should support #{k}" do
|
69
|
+
@options = {k => 'http://someval'}
|
70
|
+
subject.authorize_params[k.to_s].should eq('http://someval')
|
71
|
+
end
|
72
|
+
end
|
73
|
+
|
74
|
+
describe "redirect_uri" do
|
75
|
+
it 'should default to nil' do
|
76
|
+
@options = {}
|
77
|
+
subject.authorize_params['redirect_uri'].should eq(nil)
|
78
|
+
end
|
79
|
+
|
80
|
+
it 'should set the redirect_uri parameter if present' do
|
81
|
+
@options = {:redirect_uri => 'https://example.com'}
|
82
|
+
subject.authorize_params['redirect_uri'].should eq('https://example.com')
|
83
|
+
end
|
84
|
+
end
|
85
|
+
|
86
|
+
describe 'access_type' do
|
87
|
+
it 'should default to "offline"' do
|
88
|
+
@options = {}
|
89
|
+
subject.authorize_params['access_type'].should eq('offline')
|
90
|
+
end
|
91
|
+
|
92
|
+
it 'should set the access_type parameter if present' do
|
93
|
+
@options = {:access_type => 'online'}
|
94
|
+
subject.authorize_params['access_type'].should eq('online')
|
95
|
+
end
|
96
|
+
end
|
97
|
+
|
98
|
+
describe 'hd' do
|
99
|
+
it "should default to nil" do
|
100
|
+
subject.authorize_params['hd'].should eq(nil)
|
101
|
+
end
|
102
|
+
|
103
|
+
it 'should set the hd (hosted domain) parameter if present' do
|
104
|
+
@options = {:hd => 'example.com'}
|
105
|
+
subject.authorize_params['hd'].should eq('example.com')
|
106
|
+
end
|
107
|
+
end
|
108
|
+
|
109
|
+
describe 'login_hint' do
|
110
|
+
it "should default to nil" do
|
111
|
+
subject.authorize_params['login_hint'].should eq(nil)
|
112
|
+
end
|
113
|
+
|
114
|
+
it 'should set the login_hint parameter if present' do
|
115
|
+
@options = {:login_hint => 'john@example.com'}
|
116
|
+
subject.authorize_params['login_hint'].should eq('john@example.com')
|
117
|
+
end
|
118
|
+
end
|
119
|
+
|
120
|
+
describe 'prompt' do
|
121
|
+
it "should default to nil" do
|
122
|
+
subject.authorize_params['prompt'].should eq(nil)
|
123
|
+
end
|
124
|
+
|
125
|
+
it 'should set the prompt parameter if present' do
|
126
|
+
@options = {:prompt => 'consent select_account'}
|
127
|
+
subject.authorize_params['prompt'].should eq('consent select_account')
|
128
|
+
end
|
129
|
+
end
|
130
|
+
|
131
|
+
describe 'request_visible_actions' do
|
132
|
+
it "should default to nil" do
|
133
|
+
subject.authorize_params['request_visible_actions'].should eq(nil)
|
134
|
+
end
|
135
|
+
|
136
|
+
it 'should set the request_visible_actions parameter if present' do
|
137
|
+
@options = {:request_visible_actions => 'something'}
|
138
|
+
subject.authorize_params['request_visible_actions'].should eq('something')
|
139
|
+
end
|
140
|
+
end
|
141
|
+
|
142
|
+
describe 'scope' do
|
143
|
+
it 'should expand scope shortcuts' do
|
144
|
+
@options = {:scope => 'userinfo.email'}
|
145
|
+
subject.authorize_params['scope'].should eq('https://www.googleapis.com/auth/userinfo.email')
|
146
|
+
end
|
147
|
+
|
148
|
+
it 'should leave full scopes as is' do
|
149
|
+
@options = {:scope => 'https://www.googleapis.com/auth/userinfo.profile'}
|
150
|
+
subject.authorize_params['scope'].should eq('https://www.googleapis.com/auth/userinfo.profile')
|
151
|
+
end
|
152
|
+
|
153
|
+
it 'should join scopes' do
|
154
|
+
@options = {:scope => 'userinfo.profile,userinfo.email'}
|
155
|
+
subject.authorize_params['scope'].should eq('https://www.googleapis.com/auth/userinfo.profile https://www.googleapis.com/auth/userinfo.email')
|
156
|
+
end
|
157
|
+
|
158
|
+
it 'should deal with whitespace when joining scopes' do
|
159
|
+
@options = {:scope => 'userinfo.profile, userinfo.email'}
|
160
|
+
subject.authorize_params['scope'].should eq('https://www.googleapis.com/auth/userinfo.profile https://www.googleapis.com/auth/userinfo.email')
|
161
|
+
end
|
162
|
+
|
163
|
+
it 'should set default scope to userinfo.email,userinfo.profile' do
|
164
|
+
subject.authorize_params['scope'].should eq('https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/userinfo.profile')
|
165
|
+
end
|
166
|
+
|
167
|
+
it 'should support space delimited scopes' do
|
168
|
+
@options = {:scope => 'userinfo.profile userinfo.email'}
|
169
|
+
subject.authorize_params['scope'].should eq('https://www.googleapis.com/auth/userinfo.profile https://www.googleapis.com/auth/userinfo.email')
|
170
|
+
end
|
171
|
+
|
172
|
+
it "should support extremely badly formed scopes" do
|
173
|
+
@options = {:scope => 'userinfo.profile userinfo.email,foo,steve yeah http://example.com'}
|
174
|
+
subject.authorize_params['scope'].should eq('https://www.googleapis.com/auth/userinfo.profile https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/foo https://www.googleapis.com/auth/steve https://www.googleapis.com/auth/yeah http://example.com')
|
175
|
+
end
|
176
|
+
end
|
177
|
+
|
178
|
+
describe 'state' do
|
179
|
+
it 'should set the state parameter' do
|
180
|
+
@options = {:state => 'some_state'}
|
181
|
+
subject.authorize_params['state'].should eq('some_state')
|
182
|
+
subject.session['omniauth.state'].should eq('some_state')
|
183
|
+
end
|
184
|
+
|
185
|
+
it 'should set the omniauth.state dynamically' do
|
186
|
+
subject.double(:request) { double('Request', {:params => {'state' => 'some_state'}, :env => {}}) }
|
187
|
+
subject.authorize_params['state'].should eq('some_state')
|
188
|
+
subject.session['omniauth.state'].should eq('some_state')
|
189
|
+
end
|
190
|
+
end
|
191
|
+
|
192
|
+
describe "overrides" do
|
193
|
+
it 'should include top-level options that are marked as :authorize_options' do
|
194
|
+
@options = {:authorize_options => [:scope, :foo, :request_visible_actions], :scope => 'http://bar', :foo => 'baz', :hd => "wow", :request_visible_actions => "something"}
|
195
|
+
subject.authorize_params['scope'].should eq('http://bar')
|
196
|
+
subject.authorize_params['foo'].should eq('baz')
|
197
|
+
subject.authorize_params['hd'].should eq(nil)
|
198
|
+
subject.authorize_params['request_visible_actions'].should eq('something')
|
199
|
+
end
|
200
|
+
|
201
|
+
describe "request overrides" do
|
202
|
+
[:access_type, :hd, :login_hint, :prompt, :scope, :state].each do |k|
|
203
|
+
context "authorize option #{k}" do
|
204
|
+
let(:request) { double('Request', :params => {k.to_s => 'http://example.com'}, :cookies => {}, :env => {}) }
|
205
|
+
|
206
|
+
it "should set the #{k} authorize option dynamically in the request" do
|
207
|
+
@options = {k => ''}
|
208
|
+
subject.authorize_params[k.to_s].should eq('http://example.com')
|
209
|
+
end
|
210
|
+
end
|
211
|
+
end
|
212
|
+
|
213
|
+
describe "custom authorize_options" do
|
214
|
+
let(:request) { double('Request', :params => {'foo' => 'something'}, :cookies => {}, :env => {}) }
|
215
|
+
|
216
|
+
it "should support request overrides from custom authorize_options" do
|
217
|
+
@options = {:authorize_options => [:foo], :foo => ''}
|
218
|
+
subject.authorize_params['foo'].should eq('something')
|
219
|
+
end
|
220
|
+
end
|
221
|
+
end
|
222
|
+
end
|
223
|
+
end
|
224
|
+
|
225
|
+
describe '#authorize_params' do
|
226
|
+
it 'should include any authorize params passed in the :authorize_params option' do
|
227
|
+
@options = {:authorize_params => {:request_visible_actions => 'something', :foo => 'bar', :baz => 'zip'}, :hd => 'wow', :bad => 'not_included'}
|
228
|
+
subject.authorize_params['request_visible_actions'].should eq('something')
|
229
|
+
subject.authorize_params['foo'].should eq('bar')
|
230
|
+
subject.authorize_params['baz'].should eq('zip')
|
231
|
+
subject.authorize_params['hd'].should eq('wow')
|
232
|
+
subject.authorize_params['bad'].should eq(nil)
|
233
|
+
end
|
234
|
+
end
|
235
|
+
|
236
|
+
describe '#token_params' do
|
237
|
+
it 'should include any token params passed in the :token_params option' do
|
238
|
+
@options = {:token_params => {:foo => 'bar', :baz => 'zip'}}
|
239
|
+
subject.token_params['foo'].should eq('bar')
|
240
|
+
subject.token_params['baz'].should eq('zip')
|
241
|
+
end
|
242
|
+
end
|
243
|
+
|
244
|
+
describe "#token_options" do
|
245
|
+
it 'should include top-level options that are marked as :token_options' do
|
246
|
+
@options = {:token_options => [:scope, :foo], :scope => 'bar', :foo => 'baz', :bad => 'not_included'}
|
247
|
+
subject.token_params['scope'].should eq('bar')
|
248
|
+
subject.token_params['foo'].should eq('baz')
|
249
|
+
subject.token_params['bad'].should eq(nil)
|
250
|
+
end
|
251
|
+
end
|
252
|
+
|
253
|
+
describe '#callback_path' do
|
254
|
+
it 'has the correct callback path' do
|
255
|
+
subject.callback_path.should eq('/auth/mercado_libre/callback')
|
256
|
+
end
|
257
|
+
end
|
258
|
+
|
259
|
+
describe '#extra' do
|
260
|
+
let(:client) do
|
261
|
+
OAuth2::Client.new('abc', 'def') do |builder|
|
262
|
+
builder.request :url_encoded
|
263
|
+
builder.adapter :test do |stub|
|
264
|
+
stub.get('/oauth2/v1/userinfo') {|env| [200, {'content-type' => 'application/json'}, '{"id": "12345"}']}
|
265
|
+
stub.get('/plus/v1/people/12345/people/visible') {|env| [200, {'content-type' => 'application/json'}, '[{"foo":"bar"}]']}
|
266
|
+
end
|
267
|
+
end
|
268
|
+
end
|
269
|
+
let(:access_token) { OAuth2::AccessToken.from_hash(client, {}) }
|
270
|
+
|
271
|
+
before { subject.double(:access_token => access_token) }
|
272
|
+
|
273
|
+
describe 'id_token' do
|
274
|
+
context 'when the id_token is passed into the access token' do
|
275
|
+
let(:access_token) { OAuth2::AccessToken.from_hash(client, {'id_token' => 'xyz'}) }
|
276
|
+
|
277
|
+
it 'should include id_token when set on the access_token' do
|
278
|
+
subject.extra.should include(:id_token => 'xyz')
|
279
|
+
end
|
280
|
+
end
|
281
|
+
|
282
|
+
context 'when the id_token is missing' do
|
283
|
+
it 'should not include id_token' do
|
284
|
+
subject.extra.should_not have_key(:id_token)
|
285
|
+
end
|
286
|
+
end
|
287
|
+
end
|
288
|
+
|
289
|
+
describe 'raw_info' do
|
290
|
+
context 'when skip_info is true' do
|
291
|
+
before { subject.options[:skip_info] = true }
|
292
|
+
|
293
|
+
it 'should not include raw_info' do
|
294
|
+
subject.extra.should_not have_key(:raw_info)
|
295
|
+
end
|
296
|
+
end
|
297
|
+
|
298
|
+
context 'when skip_info is false' do
|
299
|
+
before { subject.options[:skip_info] = false }
|
300
|
+
|
301
|
+
it 'should include raw_info' do
|
302
|
+
subject.extra[:raw_info].should eq('id' => '12345')
|
303
|
+
end
|
304
|
+
end
|
305
|
+
end
|
306
|
+
|
307
|
+
describe 'raw_friend_info' do
|
308
|
+
context 'when skip_info is true' do
|
309
|
+
before { subject.options[:skip_info] = true }
|
310
|
+
|
311
|
+
it 'should not include raw_friend_info' do
|
312
|
+
subject.extra.should_not have_key(:raw_friend_info)
|
313
|
+
end
|
314
|
+
end
|
315
|
+
|
316
|
+
context 'when skip_info is false' do
|
317
|
+
before { subject.options[:skip_info] = false }
|
318
|
+
|
319
|
+
context 'when skip_friends is true' do
|
320
|
+
before { subject.options[:skip_friends] = true }
|
321
|
+
|
322
|
+
it 'should not include raw_friend_info' do
|
323
|
+
subject.extra.should_not have_key(:raw_friend_info)
|
324
|
+
end
|
325
|
+
end
|
326
|
+
|
327
|
+
context 'when skip_friends is false' do
|
328
|
+
before { subject.options[:skip_friends] = false }
|
329
|
+
|
330
|
+
it 'should not include raw_friend_info' do
|
331
|
+
subject.extra[:raw_friend_info].should eq([{'foo' => 'bar'}])
|
332
|
+
end
|
333
|
+
end
|
334
|
+
end
|
335
|
+
end
|
336
|
+
end
|
337
|
+
|
338
|
+
describe 'populate auth hash urls' do
|
339
|
+
it 'should populate url map in auth hash if link present in raw_info' do
|
340
|
+
subject.double(:raw_info) { {'name' => 'Foo', 'link' => 'https://plus.google.com/123456'} }
|
341
|
+
subject.info[:urls]['Google'].should eq('https://plus.google.com/123456')
|
342
|
+
end
|
343
|
+
|
344
|
+
it 'should not populate url map in auth hash if no link present in raw_info' do
|
345
|
+
subject.double(:raw_info) { {'name' => 'Foo'} }
|
346
|
+
subject.info.should_not have_key(:urls)
|
347
|
+
end
|
348
|
+
end
|
349
|
+
|
350
|
+
describe 'image options' do
|
351
|
+
it "should have no image if a picture isn't present" do
|
352
|
+
@options = {:image_aspect_ratio => 'square'}
|
353
|
+
subject.double(:raw_info) { {'name' => 'User Without Pic'} }
|
354
|
+
subject.info[:image].should be_nil
|
355
|
+
end
|
356
|
+
|
357
|
+
describe "when a picture is returned from google" do
|
358
|
+
it 'should return the image with size specified in the `image_size` option' do
|
359
|
+
@options = {:image_size => 50}
|
360
|
+
subject.double(:raw_info) { {'picture' => 'https://lh3.googleusercontent.com/url/photo.jpg'} }
|
361
|
+
subject.info[:image].should eq('https://lh3.googleusercontent.com/url/s50/photo.jpg')
|
362
|
+
end
|
363
|
+
|
364
|
+
it 'should return the image with width and height specified in the `image_size` option' do
|
365
|
+
@options = {:image_size => {:width => 50, :height => 40}}
|
366
|
+
subject.double(:raw_info) { {'picture' => 'https://lh3.googleusercontent.com/url/photo.jpg'} }
|
367
|
+
subject.info[:image].should eq('https://lh3.googleusercontent.com/url/w50-h40/photo.jpg')
|
368
|
+
end
|
369
|
+
|
370
|
+
it 'should return square image when `image_aspect_ratio` is specified' do
|
371
|
+
@options = {:image_aspect_ratio => 'square'}
|
372
|
+
subject.double(:raw_info) { {'picture' => 'https://lh3.googleusercontent.com/url/photo.jpg'} }
|
373
|
+
subject.info[:image].should eq('https://lh3.googleusercontent.com/url/c/photo.jpg')
|
374
|
+
end
|
375
|
+
|
376
|
+
it 'should return square sized image when `image_aspect_ratio` and `image_size` is set' do
|
377
|
+
@options = {:image_aspect_ratio => 'square', :image_size => 50}
|
378
|
+
subject.double(:raw_info) { {'picture' => 'https://lh3.googleusercontent.com/url/photo.jpg'} }
|
379
|
+
subject.info[:image].should eq('https://lh3.googleusercontent.com/url/s50-c/photo.jpg')
|
380
|
+
end
|
381
|
+
|
382
|
+
it 'should return square sized image when `image_aspect_ratio` and `image_size` has height and width' do
|
383
|
+
@options = {:image_aspect_ratio => 'square', :image_size => {:width => 50, :height => 40}}
|
384
|
+
subject.double(:raw_info) { {'picture' => 'https://lh3.googleusercontent.com/url/photo.jpg'} }
|
385
|
+
subject.info[:image].should eq('https://lh3.googleusercontent.com/url/w50-h40-c/photo.jpg')
|
386
|
+
end
|
387
|
+
end
|
388
|
+
|
389
|
+
it 'should return original image if no options are provided' do
|
390
|
+
subject.double(:raw_info) { {'picture' => 'https://lh3.googleusercontent.com/url/photo.jpg'} }
|
391
|
+
subject.info[:image].should eq('https://lh3.googleusercontent.com/url/photo.jpg')
|
392
|
+
end
|
393
|
+
end
|
394
|
+
|
395
|
+
describe 'build_access_token' do
|
396
|
+
it 'should read access_token from hash' do
|
397
|
+
request.double(:params).and_return('id_token' => 'valid_id_token', 'access_token' => 'valid_access_token')
|
398
|
+
subject.should_receive(:verify_token).with('valid_id_token', 'valid_access_token').and_return true
|
399
|
+
subject.should_receive(:client).and_return(:client)
|
400
|
+
|
401
|
+
token = subject.build_access_token
|
402
|
+
token.should be_instance_of(::OAuth2::AccessToken)
|
403
|
+
token.token.should eq('valid_access_token')
|
404
|
+
token.client.should eq(:client)
|
405
|
+
end
|
406
|
+
|
407
|
+
it 'should call super' do
|
408
|
+
subject.should_receive(:orig_build_access_token)
|
409
|
+
subject.build_access_token
|
410
|
+
end
|
411
|
+
end
|
412
|
+
|
413
|
+
describe 'verify_token' do
|
414
|
+
before(:each) do
|
415
|
+
subject.options.client_options[:connection_build] = proc do |builder|
|
416
|
+
builder.request :url_encoded
|
417
|
+
builder.adapter :test do |stub|
|
418
|
+
stub.get('/oauth2/v2/tokeninfo?id_token=valid_id_token&access_token=valid_access_token') do |env|
|
419
|
+
[200, {'Content-Type' => 'application/json; charset=UTF-8'}, MultiJson.encode(
|
420
|
+
:issued_to => '000000000000.apps.googleusercontent.com',
|
421
|
+
:audience => '000000000000.apps.googleusercontent.com',
|
422
|
+
:user_id => '000000000000000000000',
|
423
|
+
:scope => 'https://www.googleapis.com/auth/userinfo.profile https://www.googleapis.com/auth/userinfo.email',
|
424
|
+
:expires_in => 3514,
|
425
|
+
:email => 'me@example.com',
|
426
|
+
:verified_email => true,
|
427
|
+
:access_type => 'online'
|
428
|
+
)]
|
429
|
+
end
|
430
|
+
stub.get('/oauth2/v2/tokeninfo?id_token=invalid_id_token&access_token=invalid_access_token') do |env|
|
431
|
+
[400, {'Content-Type' => 'application/json; charset=UTF-8'}, MultiJson.encode(:error_description => 'Invalid Value')]
|
432
|
+
end
|
433
|
+
end
|
434
|
+
end
|
435
|
+
end
|
436
|
+
|
437
|
+
it 'should verify token if access_token and id_token are valid and app_id equals' do
|
438
|
+
subject.options.client_id = '000000000000.apps.googleusercontent.com'
|
439
|
+
subject.send(:verify_token, 'valid_id_token', 'valid_access_token').should == true
|
440
|
+
end
|
441
|
+
|
442
|
+
it 'should not verify token if access_token and id_token are valid but app_id is false' do
|
443
|
+
subject.send(:verify_token, 'valid_id_token', 'valid_access_token').should == false
|
444
|
+
end
|
445
|
+
|
446
|
+
it 'should raise error if access_token or id_token is invalid' do
|
447
|
+
expect {
|
448
|
+
subject.send(:verify_token, 'invalid_id_token', 'invalid_access_token')
|
449
|
+
}.to raise_error(OAuth2::Error)
|
450
|
+
end
|
451
|
+
end
|
452
|
+
=end
|
453
|
+
end
|