omniauth-mercadolibre 0.0.1

data/omniauth-mercadolibre.sublime-project

@@ -0,0 +1,9 @@
+{
+	"folders":
+	[
+		{
+			"follow_symlinks": true,
+			"path": "."
+		}
+	]
+}

data/spec/fixtures/vcr_cassettes/callback_phase.yml

@@ -0,0 +1,113 @@
+--- 
+recorded_with: VCR 2.0.1
+http_interactions: 
+- request: 
+    method: post
+    uri: https://api.ebay.com/ws/api.dll
+    body: 
+      string: "          <?xml version=\"1.0\" encoding=\"utf-8\"?>\n          <FetchTokenRequest xmlns=\"urn:ebay:apis:eBLBaseComponents\">\n             <RequesterCredentials>\n               <Username>test_user</Username>\n             </RequesterCredentials>\n             <SecretID>fake</SecretID>\n          </FetchTokenRequest>\n"
+    headers: 
+      x-ebay-api-call-name: 
+      - FetchToken
+      accept: 
+      - "*/*"
+      content-type: 
+      - text/xml
+      x-ebay-api-app-name: 
+      - a219dda1-87b5-11e1-b0c4-0800200c9a66
+      content-length: 
+      - "350"
+      x-ebay-api-dev-name: 
+      - bdc8a861-87b5-11e1-b0c4-0800200c9a66
+      x-ebay-api-cert-name: 
+      - cf9340f3-87b5-11e1-b0c4-0800200c9a66
+      x-ebay-api-siteid: 
+      - "0"
+      x-ebay-api-compatibility-level: 
+      - "675"
+  response: 
+    status: 
+      code: 200
+      message: OK
+    headers: 
+      x-ebay-api-pool-name: 
+      - 11212345690123456722222
+      x-ebay-esb-siteid: 
+      - "0"
+      content-type: 
+      - text/xml
+      x-ebay-esb-guid: 
+      - fak:uuid:Fakefakefakefakefakefakefakefak
+      x-ebay-esb-app-name: 
+      - fakefake-fake-fake-fake-fakefakefake
+      server: 
+      - Apache-Coyote/1.1
+      content-length: 
+      - "1219"
+      x-ebay-esb-call-name: 
+      - FetchToken
+      date: 
+      - Mon, 16 Apr 2012 11:13:26 GMT
+      x-ebay-api-server-name: 
+      - ___ffffffffffffffffffffffffffffffffffffffffffff
+    body: 
+      string: |-
+        <?xml version="1.0" encoding="UTF-8"?>
+        <FetchTokenResponse xmlns="urn:ebay:apis:eBLBaseComponents"><Timestamp>2012-04-16T11:13:26.603Z</Timestamp><Ack>Success</Ack><Version>767</Version><Build>E767_CORE_BUNDLED_14671989_R1</Build><eBayAuthToken>fake</eBayAuthToken><HardExpirationTime>2013-10-08T08:36:50.000Z</HardExpirationTime></FetchTokenResponse>
+    http_version: "1.1"
+  recorded_at: Mon, 16 Apr 2012 11:12:58 GMT
+- request: 
+    method: post
+    uri: https://api.ebay.com/ws/api.dll
+    body: 
+      string: "          <?xml version=\"1.0\" encoding=\"utf-8\"?>\n          <GetUserRequest xmlns=\"urn:ebay:apis:eBLBaseComponents\">\n            <RequesterCredentials>\n              <eBayAuthToken>fake</eBayAuthToken>\n            </RequesterCredentials>\n          </GetUserRequest>\n"
+    headers: 
+      x-ebay-api-call-name: 
+      - GetUser
+      accept: 
+      - "*/*"
+      content-type: 
+      - text/xml
+      x-ebay-api-app-name: 
+      - a219dda1-87b5-11e1-b0c4-0800200c9a66
+      content-length: 
+      - "350"
+      x-ebay-api-dev-name: 
+      - bdc8a861-87b5-11e1-b0c4-0800200c9a66
+      x-ebay-api-cert-name: 
+      - cf9340f3-87b5-11e1-b0c4-0800200c9a66
+      x-ebay-api-siteid: 
+      - "0"
+      x-ebay-api-compatibility-level: 
+      - "675"
+  response: 
+    status: 
+      code: 200
+      message: OK
+    headers: 
+      x-ebay-api-pool-name: 
+      - fake 
+      x-ebay-esb-siteid: 
+      - "0"
+      content-type: 
+      - text/xml
+      x-ebay-esb-guid: 
+      - fake 
+      x-ebay-esb-app-name: 
+      - fake
+      server: 
+      - Apache-Coyote/1.1
+      content-length: 
+      - "2162"
+      x-ebay-esb-call-name: 
+      - GetUser
+      date: 
+      - Mon, 16 Apr 2012 11:13:30 GMT
+      x-ebay-api-server-name: 
+      - ___dm8ucis2MTZkMzB8KTYzKzczLTQ2MS09MD07NT43
+    body: 
+      string: |-
+        <?xml version="1.0" encoding="UTF-8"?>
+        <GetUserResponse xmlns="urn:ebay:apis:eBLBaseComponents"><Timestamp>2012-04-16T11:13:31.701Z</Timestamp><Ack>Success</Ack><Version>767</Version><Build>E767_CORE_BUNDLED_14671989_R1</Build><User><AboutMePage>false</AboutMePage><EIASToken>fake_eias_token</EIASToken><Email>test@user.com</Email><FeedbackScore>27</FeedbackScore><UniqueNegativeFeedbackCount>0</UniqueNegativeFeedbackCount><UniquePositiveFeedbackCount>0</UniquePositiveFeedbackCount><PositiveFeedbackPercent>0.0</PositiveFeedbackPercent><FeedbackPrivate>false</FeedbackPrivate><FeedbackRatingStar>Yellow</FeedbackRatingStar><IDVerified>false</IDVerified><eBayGoodStanding>true</eBayGoodStanding><NewUser>false</NewUser><RegistrationDate>2000-01-01T07:06:10.000Z</RegistrationDate><Site>US</Site><Status>Confirmed</Status><UserID>test_user</UserID><UserIDChanged>false</UserIDChanged><UserIDLastChanged>2004-01-02T19:18:59.000Z</UserIDLastChanged><VATStatus>NoVATTax</VATStatus><SellerInfo><AllowPaymentEdit>true</AllowPaymentEdit><CheckoutEnabled>true</CheckoutEnabled><CIPBankAccountStored>false</CIPBankAccountStored><GoodStanding>true</GoodStanding><LiveAuctionAuthorized>false</LiveAuctionAuthorized><MerchandizingPref>OptIn</MerchandizingPref><QualifiesForB2BVAT>false</QualifiesForB2BVAT><SellerGuaranteeLevel>NotEligible</SellerGuaranteeLevel><SchedulingInfo><MaxScheduledMinutes>30240</MaxScheduledMinutes><MinScheduledMinutes>0</MinScheduledMinutes><MaxScheduledItems>3000</MaxScheduledItems></SchedulingInfo><StoreOwner>false</StoreOwner><PaymentMethod>NothingOnFile</PaymentMethod><CharityRegistered>false</CharityRegistered><SafePaymentExempt>true</SafePaymentExempt><TransactionPercent>0.0</TransactionPercent><RecoupmentPolicyConsent/></SellerInfo><PayPalAccountLevel>Verified</PayPalAccountLevel><PayPalAccountType>Personal</PayPalAccountType><PayPalAccountStatus>Active</PayPalAccountStatus><eBayWikiReadOnly>false</eBayWikiReadOnly><MotorsDealer>false</MotorsDealer><UniqueNeutralFeedbackCount>0</UniqueNeutralFeedbackCount><EnterpriseSeller>false</EnterpriseSeller></User></GetUserResponse>
+    http_version: "1.1"
+  recorded_at: Mon, 16 Apr 2012 11:13:03 GMT

data/spec/fixtures/vcr_cassettes/request_phase.yml

@@ -0,0 +1,58 @@
+--- 
+recorded_with: VCR 2.0.1
+http_interactions: 
+- request: 
+    method: post
+    uri: https://api.ebay.com/ws/api.dll
+    body: 
+      string: "          <?xml version=\"1.0\" encoding=\"utf-8\"?>\n          <GetSessionIDRequest xmlns=\"urn:ebay:apis:eBLBaseComponents\">\n            <RuName>fak_fak_fakeeee-eeeeeeee-eeee-e-eeeee</RuName>\n          </GetSessionIDRequest>\n"
+    headers: 
+      x-ebay-api-call-name: 
+      - GetSessionID
+      accept: 
+      - "*/*"
+      content-type: 
+      - text/xml
+      x-ebay-api-app-name: 
+      - a219dda1-87b5-11e1-b0c4-0800200c9a66
+      content-length: 
+      - "350"
+      x-ebay-api-dev-name: 
+      - bdc8a861-87b5-11e1-b0c4-0800200c9a66
+      x-ebay-api-cert-name: 
+      - cf9340f3-87b5-11e1-b0c4-0800200c9a66
+      x-ebay-api-siteid: 
+      - "0"
+      x-ebay-api-compatibility-level: 
+      - "675"
+  response: 
+    status: 
+      code: 200
+      message: OK
+    headers: 
+      x-ebay-api-pool-name: 
+      - 11212345690123456722222
+      x-ebay-esb-siteid: 
+      - "0"
+      content-type: 
+      - text/xml
+      x-ebay-esb-guid: 
+      - fak:uuid:Fakefakefakefakefakefakefakefak
+      x-ebay-esb-app-name: 
+      - fakefake-fake-fake-fake-fakefakefake
+      server: 
+      - Apache-Coyote/1.1
+      content-length: 
+      - "318"
+      x-ebay-esb-call-name: 
+      - GetSessionID
+      date: 
+      - Mon, 16 Apr 2012 11:13:24 GMT
+      x-ebay-api-server-name: 
+      - ____ffffffffffffffffffffffffffffffffffffffffffff
+    body: 
+      string: |-
+        <?xml version="1.0" encoding="UTF-8"?>
+        <GetSessionIDResponse xmlns="urn:ebay:apis:eBLBaseComponents"><Timestamp>2012-04-16T11:13:25.255Z</Timestamp><Ack>Success</Ack><Version>767</Version><Build>E767_CORE_BUNDLED_14671989_R1</Build><SessionID>fake</SessionID></GetSessionIDResponse>
+    http_version: "1.1"
+  recorded_at: Mon, 16 Apr 2012 11:12:57 GMT

data/spec/omniauth/strategies/mercado_libre_spec.rb

@@ -0,0 +1,453 @@
+require 'spec_helper'
+
+describe OmniAuth::Strategies::MercadoLibre do
+  let(:access_token   ) { double('AccessToken', :options => {}) }
+  let(:parsed_response) { double('ParsedResponse') }
+  let(:response       ) { double('Response', :parsed => parsed_response) }
+
+  subject do
+    OmniAuth::Strategies::MercadoLibre.new({})
+  end
+
+  before(:each) do
+    allow(subject).to  receive(:access_token).and_return(access_token)
+  end
+
+  context "client options" do
+    it 'should have correct site' do
+      subject.options.client_options.site.should eq("https://api.mercadolibre.com")
+    end
+
+    it 'should have correct authorize url' do
+      subject.options.client_options.authorize_url.should eq('https://auth.mercadolibre.com/authorization')
+    end
+
+    it 'should have correct token url' do
+      subject.options.client_options.token_url.should eq('https://api.mercadolibre.com/oauth/token')
+    end
+  end
+
+  context "#email" do
+    it "should return client_id from raw_info if available" do
+      allow(subject).to receive(:raw_info).and_return({ 'client_id' => '1234' })
+      subject.client_id.should eq('1234')
+    end
+
+    # it "should return nil if there is no raw_info and email access is not allowed" do
+    #   allow(subject).to receive(:raw_info).and_return({})
+    #   subject.email.should be_nil
+    # end
+
+    # it "should return the primary email if there is no raw_info and email access is allowed" do
+    #   emails = [
+    #     { 'email' => 'secondary@example.com', 'primary' => false },
+    #     { 'email' => 'primary@example.com',   'primary' => true }
+    #   ]
+    #   allow(subject).to receive(:raw_info).and_return({})
+    #   subject.options['scope'] = 'user'
+    #   allow(subject).to receive(:emails).and_return(emails)
+    #   subject.email.should eq('primary@example.com')
+    # end
+
+    # it "should return the first email if there is no raw_info and email access is allowed" do
+    #   emails = [
+    #     { 'email' => 'first@example.com',   'primary' => false },
+    #     { 'email' => 'second@example.com',  'primary' => false }
+    #   ]
+    #   allow(subject).to receive(:raw_info).and_return({})
+    #   subject.options['scope'] = 'user'
+    #   allow(subject).to receive(:emails).and_return(emails)
+    #   subject.email.should eq('first@example.com')
+    # end
+  end
+
+
+=begin
+  describe "#authorize_options" do
+    [:access_type, :hd, :login_hint, :prompt, :scope, :state].each do |k|
+      it "should support #{k}" do
+        @options = {k => 'http://someval'}
+        subject.authorize_params[k.to_s].should eq('http://someval')
+      end
+    end
+
+    describe "redirect_uri" do
+      it 'should default to nil' do
+        @options = {}
+        subject.authorize_params['redirect_uri'].should eq(nil)
+      end
+
+      it 'should set the redirect_uri parameter if present' do
+        @options = {:redirect_uri => 'https://example.com'}
+        subject.authorize_params['redirect_uri'].should eq('https://example.com')
+      end
+    end
+
+    describe 'access_type' do
+      it 'should default to "offline"' do
+        @options = {}
+        subject.authorize_params['access_type'].should eq('offline')
+      end
+
+      it 'should set the access_type parameter if present' do
+        @options = {:access_type => 'online'}
+        subject.authorize_params['access_type'].should eq('online')
+      end
+    end
+
+    describe 'hd' do
+      it "should default to nil" do
+        subject.authorize_params['hd'].should eq(nil)
+      end
+
+      it 'should set the hd (hosted domain) parameter if present' do
+        @options = {:hd => 'example.com'}
+        subject.authorize_params['hd'].should eq('example.com')
+      end
+    end
+
+    describe 'login_hint' do
+      it "should default to nil" do
+        subject.authorize_params['login_hint'].should eq(nil)
+      end
+
+      it 'should set the login_hint parameter if present' do
+        @options = {:login_hint => 'john@example.com'}
+        subject.authorize_params['login_hint'].should eq('john@example.com')
+      end
+    end
+
+    describe 'prompt' do
+      it "should default to nil" do
+        subject.authorize_params['prompt'].should eq(nil)
+      end
+
+      it 'should set the prompt parameter if present' do
+        @options = {:prompt => 'consent select_account'}
+        subject.authorize_params['prompt'].should eq('consent select_account')
+      end
+    end
+
+    describe 'request_visible_actions' do
+      it "should default to nil" do
+        subject.authorize_params['request_visible_actions'].should eq(nil)
+      end
+
+      it 'should set the request_visible_actions parameter if present' do
+        @options = {:request_visible_actions => 'something'}
+        subject.authorize_params['request_visible_actions'].should eq('something')
+      end
+    end
+
+    describe 'scope' do
+      it 'should expand scope shortcuts' do
+        @options = {:scope => 'userinfo.email'}
+        subject.authorize_params['scope'].should eq('https://www.googleapis.com/auth/userinfo.email')
+      end
+
+      it 'should leave full scopes as is' do
+        @options = {:scope => 'https://www.googleapis.com/auth/userinfo.profile'}
+        subject.authorize_params['scope'].should eq('https://www.googleapis.com/auth/userinfo.profile')
+      end
+
+      it 'should join scopes' do
+        @options = {:scope => 'userinfo.profile,userinfo.email'}
+        subject.authorize_params['scope'].should eq('https://www.googleapis.com/auth/userinfo.profile https://www.googleapis.com/auth/userinfo.email')
+      end
+
+      it 'should deal with whitespace when joining scopes' do
+        @options = {:scope => 'userinfo.profile, userinfo.email'}
+        subject.authorize_params['scope'].should eq('https://www.googleapis.com/auth/userinfo.profile https://www.googleapis.com/auth/userinfo.email')
+      end
+
+      it 'should set default scope to userinfo.email,userinfo.profile' do
+        subject.authorize_params['scope'].should eq('https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/userinfo.profile')
+      end
+
+      it 'should support space delimited scopes' do
+        @options = {:scope => 'userinfo.profile userinfo.email'}
+        subject.authorize_params['scope'].should eq('https://www.googleapis.com/auth/userinfo.profile https://www.googleapis.com/auth/userinfo.email')
+      end
+
+      it "should support extremely badly formed scopes" do
+        @options = {:scope => 'userinfo.profile userinfo.email,foo,steve yeah http://example.com'}
+        subject.authorize_params['scope'].should eq('https://www.googleapis.com/auth/userinfo.profile https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/foo https://www.googleapis.com/auth/steve https://www.googleapis.com/auth/yeah http://example.com')
+      end
+    end
+
+    describe 'state' do
+      it 'should set the state parameter' do
+        @options = {:state => 'some_state'}
+        subject.authorize_params['state'].should eq('some_state')
+        subject.session['omniauth.state'].should eq('some_state')
+      end
+
+      it 'should set the omniauth.state dynamically' do
+        subject.double(:request) { double('Request', {:params => {'state' => 'some_state'}, :env => {}}) }
+        subject.authorize_params['state'].should eq('some_state')
+        subject.session['omniauth.state'].should eq('some_state')
+      end
+    end
+
+    describe "overrides" do
+      it 'should include top-level options that are marked as :authorize_options' do
+        @options = {:authorize_options => [:scope, :foo, :request_visible_actions], :scope => 'http://bar', :foo => 'baz', :hd => "wow", :request_visible_actions => "something"}
+        subject.authorize_params['scope'].should eq('http://bar')
+        subject.authorize_params['foo'].should eq('baz')
+        subject.authorize_params['hd'].should eq(nil)
+        subject.authorize_params['request_visible_actions'].should eq('something')
+      end
+
+      describe "request overrides" do
+        [:access_type, :hd, :login_hint, :prompt, :scope, :state].each do |k|
+          context "authorize option #{k}" do
+            let(:request) { double('Request', :params => {k.to_s => 'http://example.com'}, :cookies => {}, :env => {}) }
+
+            it "should set the #{k} authorize option dynamically in the request" do
+              @options = {k => ''}
+              subject.authorize_params[k.to_s].should eq('http://example.com')
+            end
+          end
+        end
+
+        describe "custom authorize_options" do
+          let(:request) { double('Request', :params => {'foo' => 'something'}, :cookies => {}, :env => {}) }
+
+          it "should support request overrides from custom authorize_options" do
+            @options = {:authorize_options => [:foo], :foo => ''}
+            subject.authorize_params['foo'].should eq('something')
+          end
+        end
+      end
+    end
+  end
+
+  describe '#authorize_params' do
+    it 'should include any authorize params passed in the :authorize_params option' do
+      @options = {:authorize_params => {:request_visible_actions => 'something', :foo => 'bar', :baz => 'zip'}, :hd => 'wow', :bad => 'not_included'}
+      subject.authorize_params['request_visible_actions'].should eq('something')
+      subject.authorize_params['foo'].should eq('bar')
+      subject.authorize_params['baz'].should eq('zip')
+      subject.authorize_params['hd'].should eq('wow')
+      subject.authorize_params['bad'].should eq(nil)
+    end
+  end
+
+  describe '#token_params' do
+    it 'should include any token params passed in the :token_params option' do
+      @options = {:token_params => {:foo => 'bar', :baz => 'zip'}}
+      subject.token_params['foo'].should eq('bar')
+      subject.token_params['baz'].should eq('zip')
+    end
+  end
+
+  describe "#token_options" do
+    it 'should include top-level options that are marked as :token_options' do
+      @options = {:token_options => [:scope, :foo], :scope => 'bar', :foo => 'baz', :bad => 'not_included'}
+      subject.token_params['scope'].should eq('bar')
+      subject.token_params['foo'].should eq('baz')
+      subject.token_params['bad'].should eq(nil)
+    end
+  end
+
+  describe '#callback_path' do
+    it 'has the correct callback path' do
+      subject.callback_path.should eq('/auth/mercado_libre/callback')
+    end
+  end
+
+  describe '#extra' do
+    let(:client) do
+      OAuth2::Client.new('abc', 'def') do |builder|
+        builder.request :url_encoded
+        builder.adapter :test do |stub|
+          stub.get('/oauth2/v1/userinfo') {|env| [200, {'content-type' => 'application/json'}, '{"id": "12345"}']}
+          stub.get('/plus/v1/people/12345/people/visible') {|env| [200, {'content-type' => 'application/json'}, '[{"foo":"bar"}]']}
+        end
+      end
+    end
+    let(:access_token) { OAuth2::AccessToken.from_hash(client, {}) }
+
+    before { subject.double(:access_token => access_token) }
+
+    describe 'id_token' do
+      context 'when the id_token is passed into the access token' do
+       let(:access_token) { OAuth2::AccessToken.from_hash(client, {'id_token' => 'xyz'}) }
+
+        it 'should include id_token when set on the access_token' do
+          subject.extra.should include(:id_token => 'xyz')
+        end
+      end
+
+      context 'when the id_token is missing' do
+        it 'should not include id_token' do
+          subject.extra.should_not have_key(:id_token)
+        end
+      end
+    end
+
+    describe 'raw_info' do
+      context 'when skip_info is true' do
+        before { subject.options[:skip_info] = true }
+
+        it 'should not include raw_info' do
+          subject.extra.should_not have_key(:raw_info)
+        end
+      end
+
+      context 'when skip_info is false' do
+        before { subject.options[:skip_info] = false }
+
+        it 'should include raw_info' do
+          subject.extra[:raw_info].should eq('id' => '12345')
+        end
+      end
+    end
+
+    describe 'raw_friend_info' do
+      context 'when skip_info is true' do
+        before { subject.options[:skip_info] = true }
+
+        it 'should not include raw_friend_info' do
+          subject.extra.should_not have_key(:raw_friend_info)
+        end
+      end
+
+      context 'when skip_info is false' do
+        before { subject.options[:skip_info] = false }
+
+        context 'when skip_friends is true' do
+          before { subject.options[:skip_friends] = true }
+
+          it 'should not include raw_friend_info' do
+            subject.extra.should_not have_key(:raw_friend_info)
+          end
+        end
+
+        context 'when skip_friends is false' do
+          before { subject.options[:skip_friends] = false }
+
+          it 'should not include raw_friend_info' do
+            subject.extra[:raw_friend_info].should eq([{'foo' => 'bar'}])
+          end
+        end
+      end
+    end
+  end
+
+  describe 'populate auth hash urls' do
+    it 'should populate url map in auth hash if link present in raw_info' do
+      subject.double(:raw_info) { {'name' => 'Foo', 'link' => 'https://plus.google.com/123456'} }
+      subject.info[:urls]['Google'].should eq('https://plus.google.com/123456')
+    end
+
+    it 'should not populate url map in auth hash if no link present in raw_info' do
+      subject.double(:raw_info) { {'name' => 'Foo'} }
+      subject.info.should_not have_key(:urls)
+    end
+  end
+
+  describe 'image options' do
+    it "should have no image if a picture isn't present" do
+      @options = {:image_aspect_ratio => 'square'}
+      subject.double(:raw_info) { {'name' => 'User Without Pic'} }
+      subject.info[:image].should be_nil
+    end
+
+    describe "when a picture is returned from google" do
+      it 'should return the image with size specified in the `image_size` option' do
+        @options = {:image_size => 50}
+        subject.double(:raw_info) { {'picture' => 'https://lh3.googleusercontent.com/url/photo.jpg'} }
+        subject.info[:image].should eq('https://lh3.googleusercontent.com/url/s50/photo.jpg')
+      end
+
+      it 'should return the image with width and height specified in the `image_size` option' do
+        @options = {:image_size => {:width => 50, :height => 40}}
+        subject.double(:raw_info) { {'picture' => 'https://lh3.googleusercontent.com/url/photo.jpg'} }
+        subject.info[:image].should eq('https://lh3.googleusercontent.com/url/w50-h40/photo.jpg')
+      end
+
+      it 'should return square image when `image_aspect_ratio` is specified' do
+        @options = {:image_aspect_ratio => 'square'}
+        subject.double(:raw_info) { {'picture' => 'https://lh3.googleusercontent.com/url/photo.jpg'} }
+        subject.info[:image].should eq('https://lh3.googleusercontent.com/url/c/photo.jpg')
+      end
+
+      it 'should return square sized image when `image_aspect_ratio` and `image_size` is set' do
+        @options = {:image_aspect_ratio => 'square', :image_size => 50}
+        subject.double(:raw_info) { {'picture' => 'https://lh3.googleusercontent.com/url/photo.jpg'} }
+        subject.info[:image].should eq('https://lh3.googleusercontent.com/url/s50-c/photo.jpg')
+      end
+
+      it 'should return square sized image when `image_aspect_ratio` and `image_size` has height and width' do
+        @options = {:image_aspect_ratio => 'square', :image_size => {:width => 50, :height => 40}}
+        subject.double(:raw_info) { {'picture' => 'https://lh3.googleusercontent.com/url/photo.jpg'} }
+        subject.info[:image].should eq('https://lh3.googleusercontent.com/url/w50-h40-c/photo.jpg')
+      end
+    end
+
+    it 'should return original image if no options are provided' do
+      subject.double(:raw_info) { {'picture' => 'https://lh3.googleusercontent.com/url/photo.jpg'} }
+      subject.info[:image].should eq('https://lh3.googleusercontent.com/url/photo.jpg')
+    end
+  end
+
+  describe 'build_access_token' do
+    it 'should read access_token from hash' do
+      request.double(:params).and_return('id_token' => 'valid_id_token', 'access_token' => 'valid_access_token')
+      subject.should_receive(:verify_token).with('valid_id_token', 'valid_access_token').and_return true
+      subject.should_receive(:client).and_return(:client)
+
+      token = subject.build_access_token
+      token.should be_instance_of(::OAuth2::AccessToken)
+      token.token.should eq('valid_access_token')
+      token.client.should eq(:client)
+    end
+
+    it 'should call super' do
+      subject.should_receive(:orig_build_access_token)
+      subject.build_access_token
+    end
+  end
+
+  describe 'verify_token' do
+    before(:each) do
+      subject.options.client_options[:connection_build] = proc do |builder|
+        builder.request :url_encoded
+        builder.adapter :test do |stub|
+          stub.get('/oauth2/v2/tokeninfo?id_token=valid_id_token&access_token=valid_access_token') do |env|
+            [200, {'Content-Type' => 'application/json; charset=UTF-8'}, MultiJson.encode(
+              :issued_to => '000000000000.apps.googleusercontent.com',
+              :audience => '000000000000.apps.googleusercontent.com',
+              :user_id => '000000000000000000000',
+              :scope => 'https://www.googleapis.com/auth/userinfo.profile https://www.googleapis.com/auth/userinfo.email',
+              :expires_in => 3514,
+              :email => 'me@example.com',
+              :verified_email => true,
+              :access_type => 'online'
+            )]
+          end
+          stub.get('/oauth2/v2/tokeninfo?id_token=invalid_id_token&access_token=invalid_access_token') do |env|
+            [400, {'Content-Type' => 'application/json; charset=UTF-8'}, MultiJson.encode(:error_description => 'Invalid Value')]
+          end
+        end
+      end
+    end
+
+    it 'should verify token if access_token and id_token are valid and app_id equals' do
+      subject.options.client_id = '000000000000.apps.googleusercontent.com'
+      subject.send(:verify_token, 'valid_id_token', 'valid_access_token').should == true
+    end
+
+    it 'should not verify token if access_token and id_token are valid but app_id is false' do
+      subject.send(:verify_token, 'valid_id_token', 'valid_access_token').should == false
+    end
+
+    it 'should raise error if access_token or id_token is invalid' do
+      expect {
+        subject.send(:verify_token, 'invalid_id_token', 'invalid_access_token')
+      }.to raise_error(OAuth2::Error)
+    end
+  end
+=end
+end