omniauth-tent 0.1.8 → 0.2.1

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 801dbe53cc70dbbc354b3f415ffa2c832320a897
+  data.tar.gz: 8126aac753fc7eebb17ea5c3193aceac2fa9a28d
+SHA512:
+  metadata.gz: fd0b21a9ddb59b362baafeb5ceb940f8e6ec98111be28a2f7622e31317d0c6e3c04ed0366e12a538057cba0318c5b1a4fbc6e350e0cdb7c9bf95147e52c56ba5
+  data.tar.gz: 63a4cdf0dac45fb62124862faef74e2212ffcbc05c10415c266ce2d3576e8c0915c9a8fe321335107b197922e99e4e9686ce04001e7be731e832d22d3d8cd002

data/.travis.yml

@@ -1,9 +1,6 @@
-before_script: mkdir ./log && touch ./log/test.log
 language: ruby
 rvm:
+  - 2.0.0
   - 1.9.3
   - 1.9.2
-  - rbx-18mode
   - rbx-19mode
-  - 1.8.7
-  - ree

data/Gemfile

@@ -4,4 +4,5 @@ source 'https://rubygems.org'
 gemspec
 
 gem 'tent-client', :git => 'git://github.com/tent/tent-client-ruby.git', :branch => 'master'
+gem 'hawk-auth', :git => 'git://github.com/tent/hawk-ruby.git', :branch => 'master'
 gem 'faraday_middleware-multi_json', :git => 'git://github.com/jvatic/faraday_middleware-multi_json.git', :branch => :master

data/README.md

@@ -1,4 +1,4 @@
-[![Build Status](https://secure.travis-ci.org/tent/omniauth-tent.png)](http://travis-ci.org/tent/omniauth-tent)
+[![Build Status](https://travis-ci.org/tent/omniauth-tent.png?branch=master)](https://travis-ci.org/tent/omniauth-tent)
 
 # Omniauth::Tent
 
@@ -19,23 +19,16 @@ use OmniAuth::Builder do
 end
 ```
 
-Available options (see [the Tent.io docs for details](http://tent.io/docs/app-auth))
+Available options (see the Tent docs for details)
 
 | Option | Required | Description |
 | ------ | -------- | ----------- |
 | get_app | Yes | Should be a lambda (or anything which responds to `call`) returning either an existing app attributes hash or `nil`. The entity URI will be passed in as a single argument. |
 | on_app_created | No | Should respond to `call`. Gets called with Hashie::Mash representation of app when created |
-| app | Yes | `name`, `icon`, `url`, `description`, `scopes`, and `redirect_uris` |
-| profile_info_types | Yes | Array of profile info type URIs your app wants access to |
-| post_types | Yes | Array of post type URIs your app wants access to |
-| notification_url | Yes | URL for receiving notifications |
+| app | Yes | `name`, `description`, `url`, `redirect_uri`, `read_types`, `write_types`, `notification_types`, `notification_url`, `scopes` |
 
 ## Testing
 
-    bundle exec kicker
-
-OR
-
     bundle exec rspec
 
 ## Contributing

data/lib/omniauth-tent/version.rb

@@ -1,5 +1,5 @@
 module Omniauth
   module Tent
-    VERSION = "0.1.8"
+    VERSION = "0.2.1"
   end
 end

data/lib/omniauth/strategies/tent.rb

@@ -10,23 +10,38 @@ module OmniAuth
 
       Error = Class.new(StandardError)
       AppCreateFailure = Class.new(Error)
+      AppUpdateFailure = Class.new(Error)
       AppLookupFailure = Class.new(Error)
       AppAuthorizationCreateFailure = Class.new(Error)
+      DiscoveryFailure = Class.new(Error)
       StateMissmatchError = Class.new(Error)
+      InvalidAppError = Class.new(Error)
+      OAuthError = Class.new(Error)
 
       option :get_app, lambda { |entity| }
       option :on_app_created, lambda { |app, entity| }
-      option :app, { :name => nil, :icon => nil, :description => nil, :scopes => {}, :redirect_uris => nil }
-      option :profile_info_types, []
-      option :post_types, []
-      option :notification_url, ""
+
+      option :app, {
+        :name => nil,
+        :description => nil,
+        :url => nil,
+        :redirect_uri => nil,
+        :read_types => [],
+        :write_types => [],
+        :notification_types => [],
+        :notification_url => nil,
+        :scopes => [],
+        :icon => nil
+      }
 
       def request_params
         Hashie::Mash.new(request.params)
       end
 
       def request_phase
-        if request.post? && request_params.entity
+        if request.post?
+          raise DiscoveryFailure.new("No entity given!") unless request_params.entity
+
           delete_state!
           set_state(:entity, ensure_entity_has_scheme(request_params.entity))
           perform_discovery!
@@ -40,24 +55,37 @@ module OmniAuth
           end.to_response
         end
       rescue AppCreateFailure => e
+        delete_state!
         fail!(:app_create_failure, e)
       rescue AppLookupFailure => e
+        delete_state!
         fail!(:app_lookup_failure, e)
+      rescue InvalidAppError => e
+        delete_state!
+        fail!(:invalid_app, e)
+      rescue DiscoveryFailure => e
+        delete_state!
+        fail!(:discovery_failure, e)
       rescue => e
+        delete_state!
         fail!(:unknown_error, e)
       end
 
       def callback_phase
+        check_error!
         verify_state!
-        create_app_authorization!
+        token_exchange!
         build_auth_hash!
         delete_state!
         call_app!
       rescue AppAuthorizationCreateFailure => e
+        delete_state!
         fail!(:app_auth_create_failure, e)
       rescue StateMissmatchError => e
+        delete_state!
         fail!(:state_missmatch, e) 
       rescue => e
+        delete_state!
         fail!(:unknown_error, e)
       end
 
@@ -72,6 +100,7 @@ module OmniAuth
       end
 
       def set_state(key, val)
+        (session["omniauth.tent-keys"] ||= []) << key unless session["omniauth.tent-keys"].to_a.include?(key)
         session["omniauth.#{key}"] = val
         val
       end
@@ -81,141 +110,248 @@ module OmniAuth
       end
 
       def perform_discovery!
-        client = ::TentClient.new
-        @profile, @server_url = client.discover(get_state(:entity)).get_profile
-        set_state(:server_url, @server_url)
-        set_state(:profile, @profile)
+        client = ::TentClient.new(get_state(:entity))
+        unless @server_meta = client.server_meta_post
+          raise DiscoveryFailure.new("Failed to perform discovery on #{get_state(:entity).inspect}")
+        end
+      end
+
+      def validate_app!(app)
+        unless Hash === app
+          raise InvalidAppError.new("Expected app to be a hash, got instance of #{app.class.name}")
+        end
+
+        expected_attributes = [:id, :credentials]
+        if expected_attributes.any? { |key| !app.has_key?(key) }
+          raise InvalidAppError.new("Expected app to have #{expected_attributes.map(&:inspect).join(', ')}, got #{app.keys.map(&:inspect).join(', ')}")
+        end
       end
 
       def find_or_create_app!
-        app = Hashie::Mash.new(options[:get_app].call(get_state(:entity)) || {})
-        client = ::TentClient.new(get_state(:server_url), :mac_key_id => app[:mac_key_id],
-                                                          :mac_key => app[:mac_key],
-                                                          :mac_algorithm => app[:mac_algorithm])
-        if app[:id]
-          res = client.app.get(app[:id])
-          if !res.success?
+        app = options[:get_app].call(get_state(:entity))
+        app = Hashie::Mash.new(app) if Hash === app
+
+        if app
+          validate_app!(app)
+
+          ##
+          # Check if app exists, if not create a new one
+
+          app_credentials = {
+            :id => app[:credentials][:hawk_id],
+            :hawk_key => app[:credentials][:hawk_key],
+            :hawk_algorithm => app[:credentials][:hawk_algorithm]
+          }
+          client = ::TentClient.new(get_state(:entity), :credentials => app_credentials, :server_meta => @server_meta)
+
+          res = client.post.get(get_state(:entity), app[:id])
+
+          if res.success?
+            if res.body['post']['content']['scopes'].to_a.sort == options[:app][:scopes].to_a.sort &&
+               res.body['post']['content']['types']['read'].to_a.sort == options[:app][:read_types].to_a.sort &&
+               res.body['post']['content']['types']['write'].to_a.sort == options[:app][:write_types].to_a.sort
+
+              set_app(app)
+              set_server(res.env[:tent_server])
+            else
+              update_app(res.body['post'], app_credentials)
+            end
+          else
             if (400...500).include?(res.status)
               create_app and return
             else
               raise AppLookupFailure.new(res.inspect)
             end
-          else
-            set_app(app)
           end
         else
           create_app
         end
       end
 
+      def set_server(server)
+        server['urls'].delete_if { |k,v| k !~ /\Aoauth/ }
+        set_state(:server, server)
+        @server = server
+      end
+
+      def get_server
+        @server ||= get_state(:server)
+      end
+
       def set_app(app)
-        set_state(:app, app)
+        @tent_app = Hashie::Mash.new(app)
       end
 
       def get_app
-        @tent_app ||= Hashie::Mash.new(get_state(:app) || {})
+        @tent_app || set_app(options[:get_app].call(get_state(:entity)))
       end
 
-      def create_app
-        client = ::TentClient.new(@server_url)
+      def build_app
         app_attrs = {
-          :name => options.app.name,
-          :description => options.app.description,
-          :scopes => options.app.scopes,
-          :icon => options.app.icon,
-          :url => options.app.url,
-          :redirect_uris => options.app.redirect_uris || [callback_url]
+          :type => "https://tent.io/types/app/v0#",
+          :content => {
+            :name => options[:app][:name],
+            :description => options[:app][:description],
+            :url => options[:app][:url],
+            :redirect_uri => options[:app][:redirect_uri],
+            :types => {
+              :read => options[:app][:read_types],
+              :write => options[:app][:write_types]
+            },
+            :notification_url => options[:app][:notification_url],
+            :notification_types => options[:app][:notification_types],
+            :scopes => options[:app][:scopes]
+          },
+          :permissions => {
+            :public => false
+          }
         }
 
-        res = client.app.create(app_attrs)
+        app_icon_attrs = if options[:app][:icon]
+          if Hash === options[:app][:icon]
+            options[:app][:icon]
+          elsif options[:app][:icon].respond_to?(:path)
+            # Assume IO
+            filename = options[:app][:icon].path.to_s.split('/').last || 'appicon.png'
+            {
+              :content_type => "image/#{filename.split('.').last || 'png'}",
+              :category => 'icon',
+              :name => filename,
+              :data => options[:app][:icon]
+            }
+          elsif String === options[:app][:icon]
+            {
+              :content_type => "image/png",
+              :category => 'icon',
+              :name => "appicon.png",
+              :data => options[:app][:icon]
+            }
+          end
+        end
+        attachments = [app_icon_attrs].compact
+
+        [app_attrs, attachments]
+      end
+
+      def update_app(app, app_credentials)
+        client = ::TentClient.new(get_state(:entity), :credentials => app_credentials, :server_meta => @server_meta)
+
+        app_attrs, attachments = build_app
+        app_attrs[:version] = { :parents => [{ :version => app['version']['id'] }] }
+
+        res = client.post.update(app['entity'], app['id'], app_attrs)
 
-        if (app = res.body) && !app.kind_of?(::String)
-          set_app(app)
+        if res.success? && (Hash === res.body) && (Hash === res.body['post'])
+          set_app(res.body['post'].merge(:credentials => app_credentials.merge(:hawk_id => app_credentials.delete(:id))))
           options[:on_app_created].call(get_app, get_state(:entity))
+          set_server(res.env[:tent_server])
+        else
+          raise AppUpdateFailure.new(res.inspect)
+        end
+      end
+
+      def create_app
+        client = ::TentClient.new(get_state(:entity), :server_meta => @server_meta)
+
+        app_attrs, attachments = build_app
+        res = client.post.create(app_attrs, {}, :attachments => attachments)
+
+        if res.success? && (Hash === res.body) && (Hash === res.body['post'])
+          app = res.body['post']
+          credentials_post_link = ::TentClient::LinkHeader.parse(res.env[:response_headers]['Link'].to_s).links.find { |l| l[:rel] == 'https://tent.io/rels/credentials' }
+
+          if credentials_post_link && (credentials_post_res = client.http.get(credentials_post_link.uri.to_s)) && credentials_post_res.success?
+            credentials_post = Hashie::Mash.new(credentials_post_res.body).post
+            set_app(app.merge(:credentials => {
+              :hawk_id => credentials_post.id,
+              :hawk_key => credentials_post.content.hawk_key,
+              :hawk_algorithm => credentials_post.content.hawk_algorithm
+            }))
+            options[:on_app_created].call(get_app, get_state(:entity))
+          else
+            raise AppLookupFailure.new("Failed to fetch app credentials!")
+          end
+
+          set_server(res.env[:tent_server])
         else
           raise AppCreateFailure.new(res.inspect)
         end
       end
 
+      def generate_state
+        SecureRandom.hex(32)
+      end
+
       def build_uri_and_redirect!
-        auth_uri = URI(@server_url + '/oauth/authorize')
+        auth_uri = URI(get_server['urls']['oauth_auth'])
+
         params = {
           :client_id => get_app[:id],
-          :tent_profile_info_types => options[:profile_info_types].join(','),
-          :tent_post_types => options[:post_types].join(','),
-          :tent_notification_url => options[:notification_url],
-          :scope => options[:app][:scopes].keys.join(','),
-          :redirect_uri => Array(options.app.redirect_uris).first || callback_url,
         }
-        params[:state] = set_state(:state, SecureRandom.hex(32))
-        build_uri_params!(auth_uri, params)
+        params[:state] = set_state(:state, generate_state)
+
+        auth_uri.query = build_query_string(params)
 
         redirect auth_uri.to_s
       end
 
-      def build_uri_params!(uri, params)
-        uri.query = params.inject([]) do |memo, (key,val)|
+      def build_query_string(params)
+        params.inject([]) do |memo, (key,val)|
           memo << "#{key}=#{URI.encode_www_form_component(val)}"
           memo
         end.join('&')
       end
 
+      def check_error!
+        if request_params['error']
+          raise OAuthError.new(request_params['error'])
+        end
+      end
+
       def verify_state!
-        raise StateMissmatchError unless get_state(:state) == request.params['state']
+        raise StateMissmatchError.new("Expected #{get_state(:state).inspect}, got #{request.params['state'].inspect}") unless get_state(:state) == request.params['state']
       end
 
-      def create_app_authorization!
-        client = ::TentClient.new(get_state(:server_url), :mac_key_id => get_app[:mac_key_id],
-                                                          :mac_key => get_app[:mac_key],
-                                                          :mac_algorithm => get_app[:mac_algorithm])
-        res = client.app.authorization.create(get_app[:id], :code => request.params['code'])
-        raise AppAuthorizationCreateFailure.new(res.body) if res.body.kind_of?(String)
-        @app_authorization = Hashie::Mash.new(res.body)
+      def token_exchange!
+        app_credentials = get_app[:credentials].dup
+        app_credentials.merge!(:id => app_credentials.delete(:hawk_id))
+        client = ::TentClient.new(get_state(:entity), :credentials => app_credentials)
+        client.server_meta['servers'] = [get_server]
+
+        res = client.oauth_token_exchange(:code => request.params['code'], :token_type => 'https://tent.io/oauth/hawk-token')
+
+        raise AppAuthorizationCreateFailure.new(res.body) unless res.success?
+        @auth_credentials = Hashie::Mash.new(res.body)
       end
 
       def build_auth_hash!
         env['omniauth.auth'] = Hashie::Mash.new(
           :provider => 'tent',
           :uid => get_state(:entity),
-          :info => extract_basic_info(get_state(:profile)),
           :credentials => {
-            :token => @app_authorization.access_token,
-            :secret => @app_authorization.mac_key
+            :token => @auth_credentials.access_token,
+            :secret => @auth_credentials.hawk_key
           },
           :extra => {
             :raw_info => {
-              :profile => get_state(:profile),
-              :app_authorization => @app_authorization,
+              :auth_credentials => @auth_credentials,
               :app => get_app
             },
             :credentials => {
-              :mac_key_id => @app_authorization.access_token,
-              :mac_key => @app_authorization.mac_key,
-              :mac_algorithm => @app_authorization.mac_algorithm,
-              :token_type => @app_authorization.token_type
+              :id => @auth_credentials.access_token,
+              :hawk_key => @auth_credentials.hawk_key,
+              :hawk_algorithm => @auth_credentials.hawk_algorithm,
+              :token_type => @auth_credentials.token_type
             }
           }
         )
       end
 
       def delete_state!
-        %w( entity app server_url profile state ).each do |key|
+        session.delete('omniauth.tent-keys').to_a.each do |key|
           session.delete("omniauth.#{key}")
         end
       end
-
-      def extract_basic_info(profile)
-        basic_info = Hashie::Mash.new(profile.inject({}) { |memo, (k,v)|
-          memo = v if k =~ %r{^https://tent.io/types/info/basic}
-          memo
-        })
-
-        {
-          :name => basic_info.name,
-          :nickname => get_state(:entity),
-          :image => basic_info.avatar
-        }
-      end
     end
   end
 end

data/omniauth-tent.gemspec

@@ -25,7 +25,6 @@ Gem::Specification.new do |gem|
   gem.add_development_dependency 'webmock'
   gem.add_development_dependency 'bundler'
   gem.add_development_dependency 'rake'
-  gem.add_development_dependency 'kicker'
   gem.add_development_dependency 'mocha'
   gem.add_development_dependency 'yajl-ruby'
 end

data/spec/omniauth/strategies/tent_spec.rb

@@ -1,177 +1,385 @@
 require 'spec_helper'
 require 'yajl'
+require 'uri'
 
 describe OmniAuth::Strategies::Tent do
-  attr_accessor :app
-
-  # customize rack app for testing, if block is given, reverts to default
-  # rack app after testing is done
-  def set_app!(tent_options = {})
-    old_app = self.app
-    self.app = Rack::Builder.app do
-      use OmniAuth::Strategies::Tent, tent_options
+
+  def app
+    @app || set_app
+  end
+
+  def set_app(strategy_options = {})
+    @app = Rack::Builder.app do
+      use OmniAuth::Strategies::Tent, strategy_options
       run lambda{|env| [404, {'env' => env}, ["HELLO!"]]}
     end
-    if block_given?
-      yield
-      self.app = old_app
-    end
-    self.app
   end
 
-  before(:all) do
-    set_app!
-  end
+  let(:entity_uri) { "http://entity.example.org/xfapc" }
+  let(:server_url) { "http://tent.example.org/xfapc" }
+  let(:server_meta_post_url) { "#{server_url}/posts/#{URI.encode_www_form_component(entity_uri)}/meta-post-id" }
+  let(:link_header) {
+    %(<#{server_meta_post_url}>; rel="https://tent.io/rels/meta-post")
+  }
+  let(:meta_post) {
+    {
+      "id" => "DBhFT_BvKe4zKAPvZJaHMg",
+      "type" => "https://tent.io/types/meta/v0#",
+      "entity" => entity_uri,
+      "published_at" => 1371489957115,
+      "content" => {
+        "entity" => entity_uri,
+        "servers" => [{
+          "version" => "0.3",
+          "urls" => {
+            "oauth_auth" => "#{server_url}/oauth/authorize",
+            "oauth_token" => "#{server_url}/oauth/token",
+            "posts_feed" => "#{server_url}/posts",
+            "new_post" => "#{server_url}/posts",
+            "post" => "#{server_url}/posts/{entity}/{post}",
+            "post_attachment" => "#{server_url}/posts/{entity}/{post}/attachments/{name}",
+            "attachment" => "#{server_url}/attachments/{entity}/{digest}",
+            "batch" => "#{server_url}/batch",
+            "server_info" => "#{server_url}/server"
+          },
+          "preference" => 0
+        }]
+      },
+      "version" => {
+        "id" => "4fda2190756c2805ebd1094cc4a089982bac615279d8288cd4a4a9fdc4337761",
+        "published_at" => 1371489957115
+      }
+    }
+  }
 
-  let(:env) { {'rack.session' => {}} }
+  let(:app_post_id) { 'app-post-id' }
+  let(:app_post) {
+    {
+      :id => app_post_id,
+      :published_at => (Time.now.to_f * 1000).to_i,
+      :type => "https://tent.io/types/app/v0#",
+      :content => {
+        :name => "Example App Name",
+        :description => "Example App Description",
+        :url => "http://someapp.example.com",
+        :redirect_uri => "http://someapp.example.com/oauth/callback",
+        :types => {
+          :read => %w( all ),
+          :write => %w( https://tent.io/types/status/v0# )
+        },
+        :notification_types => %w( all ),
+        :scopes => %w( import_posts )
+      },
+      :permissions => {
+        :public => false
+      }
+    }
+  }
 
-  let(:fresh_strategy){ Class.new(OmniAuth::Strategies::Tent) }
+  let(:app_credentials_post_id) { 'app-credentials-post-id' }
+  let(:server_app_credentials_post_url) { "#{server_url}/posts/#{app_credentials_post_id}" }
+  let(:app_credentials_post) {
+    {
+      :id => app_credentials_post_id,
+      :published_at => (Time.now.to_f * 1000).to_i,
+      :type => "https://tent.io/types/credentials/v0#",
+      :content => {
+        :hawk_key => 'hawk-mac-key',
+        :hawk_algorithm => 'sha256'
+      },
+      :permissions => {
+        :public => false
+      }
+    }
+  }
 
-  let(:tent_entity) { 'https://example.com' }
-  let(:tent_server) { "#{tent_entity}/tent" }
-  let(:app_id) { 'app-id-123' }
-  let(:link_header) { %(<#{tent_server}/profile>; rel="%s") % TentClient::PROFILE_REL }
-  let(:tent_profile) { %({"https://tent.io/types/info/core/v0.1.0":{"licenses":["http://creativecommons.org/licenses/by/3.0/"],"entity":"#{tent_entity}","servers":["#{tent_server}"]}}) }
-  let(:app_attrs) do
+  let(:app_credentials) {
+    app_credentials_post[:content].merge(:hawk_id => app_credentials_post_id)
+  }
+
+  let(:access_token_hash) {
     {
-      :name => "Example App",
-      :description => "An example app",
-      :scopes => { "read_posts" => "Display your posts feed" },
-      :icon => "https://example.com/icon.png",
-      :url => "https://example.com"
+      :access_token => 'app-auth-id',
+      :hawk_key => 'hawk-mac-key',
+      :hawk_algorithm => 'sha256',
+      :token_type => 'hawk'
     }
+  }
+
+  def server_named_url(name, params = {})
+    uri_template = meta_post['content']['servers'].first['urls'][name.to_s]
+    uri_template.gsub(/\{([^\}]+)\}/) { URI.encode_www_form_component(params[$1.to_sym]) || "#{$1}" }
   end
-  let(:app_json) { %({"name":"Example App","id":"#{app_id}"}) }
-  let(:app_hash) { Yajl::Parser.parse(app_json) }
 
-  let(:token_code) { 'token-code-123abc' }
+  def stub_head_discovery!
+    stub_request(:head, entity_uri).to_return(:headers => { 'Link' => link_header })
+  end
 
-  let(:access_token) { 'access-token-abc' }
-  let(:mac_key) { 'mac-key-312' }
-  let(:mac_algorithm) { 'hmac-sha-256' }
-  let(:token_type) { 'mac' }
-  let(:app_auth_json) { %({"access_token":"#{access_token}","mac_key":"#{mac_key}","mac_algorithm":"#{mac_algorithm}","token_type":"#{token_type}") }
+  def stub_meta_discovery!
+    stub_request(:any, server_meta_post_url).to_return(
+      :status => 200,
+      :headers => {
+        'Content-Type' => 'application/json'
+      },
+      :body => Yajl::Encoder.encode(:post => meta_post)
+    )
+  end
 
-  let(:stub_head_discovery!) do
-    stub_request(:head, tent_entity).to_return(:headers => {'Link' => link_header})
+  def stub_app_create!
+    stub_request(:post, server_named_url(:new_post)).to_return(
+      :status => 200,
+      :headers => {
+        'Content-Type' => 'application/json',
+        'Link' => %(<#{server_app_credentials_post_url}>; rel="https://tent.io/rels/credentials")
+      },
+      :body => Yajl::Encoder.encode(:post => app_post)
+    )
   end
 
-  let(:stub_profile_discovery!) do
-    stub_request(:get, "#{tent_server}/profile").to_return(:body => tent_profile, :headers => {'Content-Type' => TentClient::MEDIA_TYPE})
+  def stub_fetch_app!
+    stub_request(:get, server_named_url(:post, :entity => entity_uri, :post => app_post_id)).to_return(
+      :status => 200,
+      :headers => {
+        'Content-Type' => 'application/json',
+      },
+      :body => Yajl::Encoder.encode(:post => app_post)
+    )
   end
 
-  let(:stub_app_lookup_success!) do
-    stub_request(:get, "#{tent_server}/apps/#{app_id}").to_return(:body => app_json, :headers => { 'Content-Type' => TentClient::MEDIA_TYPE })
+  def stub_fetch_app_failure!
+    stub_request(:get, server_named_url(:post, :entity => entity_uri, :post => app_post_id)).to_return(
+      :status => 404,
+      :headers => {
+        'Content-Type' => 'application/json',
+      },
+      :body => Yajl::Encoder.encode(:error => 'Not Found')
+    )
   end
 
-  let(:stub_app_lookup_failure!) do
-    stub_request(:get, "#{tent_server}/apps/#{app_id}").to_return(:status => 404)
+  def stub_fetch_app_credentials!
+    stub_request(:get, server_app_credentials_post_url).to_return(
+      :status => 200,
+      :headers => {
+        'Content-Type' => 'application/json',
+      },
+      :body => Yajl::Encoder.encode(:post => app_credentials_post)
+    )
   end
 
-  let(:stub_app_create_success!) do
-    stub_request(:post, "#{tent_server}/apps").to_return(:body => app_json, :headers => { 'Content-Type' => TentClient::MEDIA_TYPE })
+  def stub_app_auth_create!
+    stub_request(:post, server_named_url(:oauth_token)).to_return(
+      :status => 200,
+      :headers => {
+        'Content-Type' => 'application/json'
+      },
+      :body => Yajl::Encoder.encode(access_token_hash)
+    )
   end
 
-  let(:stub_app_auth_create_success!) do
-    stub_request(:post, "#{tent_server}/apps/#{app_id}/authorizations").with(:body => Yajl::Encoder.encode({ :code => token_code })).to_return(:body => app_auth_json, :headers => { 'Content-Type' => TentClient::MEDIA_TYPE })
+  let(:env) { {'rack.session' => {}} }
+
+  let(:app_attrs) do
+    {
+      :name => app_post[:content][:name],
+      :description => app_post[:content][:description],
+      :url => app_post[:content][:url],
+      :redirect_uri => app_post[:content][:redirect_uri],
+      :read_types => app_post[:content][:types][:read],
+      :write_types => app_post[:content][:types][:write],
+      :notification_types => app_post[:content][:notification_types],
+      :notification_url => app_post[:content][:notification_url],
+      :scopes => app_post[:content][:scopes],
+    }
   end
 
   describe '#request_phase' do
-    it 'should display a form' do
+    it 'displays a form' do
       get '/auth/tent', {}, env
       expect(last_response.body).to be_include("<form")
     end
 
-    it 'should perform disvocery' do
+    it 'performs disvocery' do
       head_stub = stub_head_discovery!
-      profile_stub = stub_profile_discovery!
+      meta_stub = stub_meta_discovery!
 
       described_class.any_instance.stubs(:find_or_create_app!)
       described_class.any_instance.stubs(:build_uri_and_redirect!).returns([200, {}, []])
 
-      post '/auth/tent', { :entity => tent_entity }, env
+      post '/auth/tent', { :entity => entity_uri }, env
 
       expect(head_stub).to have_been_requested
-      expect(profile_stub).to have_been_requested
+      expect(meta_stub).to have_been_requested
     end
 
-    it 'should create app if app_id callback returns nil' do
-      set_app!(:app => app_attrs)
-      stub_head_discovery!
-      stub_profile_discovery!
-      app_create_stub = stub_app_create_success!
-      described_class.any_instance.stubs(:build_uri_and_redirect!).returns([200, {}, []])
+    creates_app = proc do
+      it 'creates app' do
+        stub_head_discovery!
+        stub_meta_discovery!
+        app_create_stub = stub_app_create!
+        fetch_credentials_stub = stub_fetch_app_credentials!
+
+        described_class.any_instance.stubs(:build_uri_and_redirect!).returns([200, {}, []])
 
-      post '/auth/tent', { :entity => tent_entity }, env
+        post '/auth/tent', { :entity => entity_uri }, env
 
-      expect(app_create_stub).to have_been_requested
+        expect(app_create_stub).to have_been_requested
+        expect(fetch_credentials_stub).to have_been_requested
+      end
     end
 
-    it 'should create app if not found' do
-      set_app!(:app => app_attrs, :on_app_created => mock(:call))
-      stub_head_discovery!
-      stub_profile_discovery!
-      stub_app_lookup_failure!
-      app_create_stub = stub_app_create_success!
-      described_class.any_instance.stubs(:build_uri_and_redirect!).returns([200, {}, []])
+    builds_uri_and_redirects = proc do
+      it 'builds uri and redirects' do
+        stub_head_discovery!
+        stub_meta_discovery!
+        stub_fetch_app!
 
-      post '/auth/tent', { :entity => tent_entity }, env
+        post '/auth/tent', { :entity => entity_uri }, env
 
-      expect(app_create_stub).to have_been_requested
+        expect(last_response.status).to eq(302)
+        expect(last_response.headers["Location"]).to match(%r{\A#{Regexp.escape(server_named_url(:oauth_auth))}})
+        expect(last_response.headers["Location"]).to match(%r{client_id=#{app_post_id}})
+      end
     end
 
-    it 'should build uri and redirect' do
-      set_app!(:get_app => lambda { |entity| app_hash })
-      stub_head_discovery!
-      stub_profile_discovery!
-      stub_app_lookup_success!
+    context 'when app_id proc returns nil' do
+      before do
+        set_app(:app => app_attrs)
+      end
+
+      context &creates_app
+    end
 
-      post '/auth/tent', { :entity => tent_entity }, env
+    context 'when app not found' do
+      context 'when lookup fails' do
+        before do
+          set_app(:app => app_attrs, :get_app => lambda { |entity| })
+        end
 
-      expect(last_response.status).to eq(302)
-      expect(last_response.headers["Location"]).to match(%r{^#{tent_server}/oauth/authorize})
-      expect(last_response.headers["Location"]).to match(%r{client_id=#{app_id}})
+        context &creates_app
+      end
+
+      context 'when fetch fails' do
+        before do
+          set_app(:app => app_attrs, :get_app => lambda { |entity| app_post.merge(:credentials => app_credentials) })
+          stub_fetch_app_failure!
+        end
+
+        context &creates_app
+      end
+    end
+
+    context 'when app found' do
+      before do
+        set_app(:app => app_attrs, :get_app => lambda { |entity| app_post.merge(:credentials => app_credentials) })
+      end
+
+      context &builds_uri_and_redirects
     end
   end
 
-  describe '#callback_phase' do
-    it 'should create app authorization' do
-      state = 'abcdef'
-      session = {}
+  describe "#callback_phase" do
+    let(:state) { 'request-state' }
+    let(:session) { Hash.new }
+
+    let(:token_code) { 'token-code' }
+
+    before do
       session['omniauth.state'] = state
-      session['omniauth.entity'] = tent_entity
-      session['omniauth.server_url'] = tent_server
-      session['omniauth.app'] = { :id => app_id }
-      session['omniauth.profile'] = Yajl::Parser.parse(tent_profile)
+      session['omniauth.entity'] = entity_uri
+      session['omniauth.server'] = meta_post['content']['servers'].first
+    end
 
-      stub_app_auth_create_success!
-      stub_app_lookup_success!
+    it 'creates app authorization' do
+      app = app_post.merge(:credentials => app_credentials)
+      set_app(:app => app_attrs, :get_app => proc { |e| app })
+
+      stub_head_discovery!
+      stub_meta_discovery!
+      create_auth_stub = stub_app_auth_create!
 
       get '/auth/tent/callback', { :code => token_code, :state => state }, 'rack.session' => session
 
+      expect(create_auth_stub).to have_been_requested
+
       auth_hash = last_response['env']['omniauth.auth']
-      expect(auth_hash).to_not be_nil
-      expect(auth_hash.provider).to eq('tent')
-      expect(auth_hash.uid).to eq(tent_entity)
-      expect(auth_hash.info).to eq(Hashie::Mash.new(
-        :name => nil,
-        :nickname => tent_entity,
-        :image => nil
+      expect(auth_hash).to be_kind_of(Hashie::Mash)
+
+      expect(auth_hash.provider).to eql('tent')
+      expect(auth_hash.uid).to eql(entity_uri)
+      expect(auth_hash.credentials).to eql(Hashie::Mash.new(
+        :token => access_token_hash[:access_token],
+        :secret => access_token_hash[:hawk_key]
       ))
-      expect(auth_hash.credentials).to eq(Hashie::Mash.new(
-        :token => access_token,
-        :secret => mac_key
+
+      expect(auth_hash.extra).to be_kind_of(Hashie::Mash)
+      expect(auth_hash.extra.credentials).to eql(Hashie::Mash.new(
+        :id => access_token_hash[:access_token],
+        :hawk_key => access_token_hash[:hawk_key],
+        :hawk_algorithm => access_token_hash[:hawk_algorithm],
+        :token_type => access_token_hash[:token_type]
       ))
-      expect(auth_hash.extra.raw_info.profile).to eq(Hashie::Mash.new(Yajl::Parser.parse(tent_profile)))
-      expect(auth_hash.extra.credentials).to eq(Hashie::Mash.new(
-        :mac_key_id => access_token,
-        :mac_key => mac_key,
-        :mac_algorithm => mac_algorithm,
-        :token_type => token_type
+
+      expect(auth_hash.extra.raw_info).to be_kind_of(Hashie::Mash)
+      expect(auth_hash.extra.raw_info.auth_credentials).to eql(Hashie::Mash.new(access_token_hash))
+      expect(auth_hash.extra.raw_info.app).to eql(Hashie::Mash.new(app_post.merge(:credentials => app_credentials)))
+    end
+  end
+
+  describe "full flow" do
+    let(:state) { 'request-state' }
+    let(:token_code) { 'token-code' }
+
+    before do
+      described_class.any_instance.stubs(:generate_state).returns(state)
+    end
+
+    it "maintains state through full oauth flow" do
+      app = nil
+      set_app(:app => app_attrs, :on_app_created => proc { |a, e| app = a }, :get_app => proc { |e| app })
+
+      ##
+      # Request Phase
+
+      stub_head_discovery!
+      stub_meta_discovery!
+      app_create_stub = stub_app_create!
+      fetch_credentials_stub = stub_fetch_app_credentials!
+
+      post '/auth/tent', { :entity => entity_uri }, env
+
+      expect(last_response.status).to eq(302)
+      expect(last_response.headers["Location"]).to match(%r{\A#{Regexp.escape(server_named_url(:oauth_auth))}})
+      expect(last_response.headers["Location"]).to match(%r{client_id=#{app_post_id}})
+
+      ##
+      # Callback Phase
+
+      create_auth_stub = stub_app_auth_create!
+      get '/auth/tent/callback', { :code => token_code, :state => state }, env
+
+      expect(create_auth_stub).to have_been_requested
+
+      auth_hash = last_response['env']['omniauth.auth']
+      expect(auth_hash).to be_kind_of(Hashie::Mash)
+
+      expect(auth_hash.provider).to eql('tent')
+      expect(auth_hash.uid).to eql(entity_uri)
+      expect(auth_hash.credentials).to eql(Hashie::Mash.new(
+        :token => access_token_hash[:access_token],
+        :secret => access_token_hash[:hawk_key]
       ))
-      expect(auth_hash.extra.raw_info.app_authorization).to eq(Hashie::Mash.new(
-        Yajl::Parser.parse(app_auth_json)
+
+      expect(auth_hash.extra).to be_kind_of(Hashie::Mash)
+      expect(auth_hash.extra.credentials).to eql(Hashie::Mash.new(
+        :id => access_token_hash[:access_token],
+        :hawk_key => access_token_hash[:hawk_key],
+        :hawk_algorithm => access_token_hash[:hawk_algorithm],
+        :token_type => access_token_hash[:token_type]
       ))
+
+      expect(auth_hash.extra.raw_info).to be_kind_of(Hashie::Mash)
+      expect(auth_hash.extra.raw_info.auth_credentials).to eql(Hashie::Mash.new(access_token_hash))
+      expect(auth_hash.extra.raw_info.app).to eql(Hashie::Mash.new(app_post.merge(:credentials => app_credentials)))
     end
   end
 end

data/spec/spec_helper.rb

@@ -2,7 +2,7 @@ $LOAD_PATH.unshift(File.dirname(__FILE__))
 $LOAD_PATH.unshift(File.join(File.dirname(__FILE__), '..', 'lib'))
 
 require 'bundler/setup'
-require 'mocha_standalone'
+require 'mocha/api'
 require 'rack/test'
 require 'webmock/rspec'
 require 'omniauth-tent'
@@ -10,10 +10,14 @@ require 'omniauth-tent'
 Dir["#{File.dirname(__FILE__)}/support/*.rb"].each { |f| require f }
 
 RSpec.configure do |config|
+  config.color = true
   config.include WebMock::API
   config.include Rack::Test::Methods
   config.extend  OmniAuth::Test::StrategyMacros, :type => :strategy
   config.mock_with :mocha
+  config.expect_with :rspec do |c|
+    c.syntax = :expect
+  end
 end
 
-OmniAuth.config.logger = Logger.new(File.join(File.dirname(__FILE__), '..', 'log', 'test.log'))
+OmniAuth.config.logger = Logger.new("/dev/null")

metadata

@@ -1,20 +1,18 @@
 --- !ruby/object:Gem::Specification
 name: omniauth-tent
 version: !ruby/object:Gem::Version
-  version: 0.1.8
-  prerelease: 
+  version: 0.2.1
 platform: ruby
 authors:
 - Jesse Stuart
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2013-04-05 00:00:00.000000000 Z
+date: 2013-09-06 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: omniauth
   requirement: !ruby/object:Gem::Requirement
-    none: false
     requirements:
     - - ~>
       - !ruby/object:Gem::Version
@@ -22,7 +20,6 @@ dependencies:
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
-    none: false
     requirements:
     - - ~>
       - !ruby/object:Gem::Version
@@ -30,23 +27,20 @@ dependencies:
 - !ruby/object:Gem::Dependency
   name: tent-client
   requirement: !ruby/object:Gem::Requirement
-    none: false
     requirements:
-    - - ! '>='
+    - - '>='
       - !ruby/object:Gem::Version
         version: '0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
-    none: false
     requirements:
-    - - ! '>='
+    - - '>='
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
   name: rspec
   requirement: !ruby/object:Gem::Requirement
-    none: false
     requirements:
     - - ~>
       - !ruby/object:Gem::Version
@@ -54,7 +48,6 @@ dependencies:
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
-    none: false
     requirements:
     - - ~>
       - !ruby/object:Gem::Version
@@ -62,113 +55,85 @@ dependencies:
 - !ruby/object:Gem::Dependency
   name: rack-test
   requirement: !ruby/object:Gem::Requirement
-    none: false
     requirements:
-    - - ! '>='
+    - - '>='
       - !ruby/object:Gem::Version
         version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
-    none: false
     requirements:
-    - - ! '>='
+    - - '>='
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
   name: webmock
   requirement: !ruby/object:Gem::Requirement
-    none: false
     requirements:
-    - - ! '>='
+    - - '>='
       - !ruby/object:Gem::Version
         version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
-    none: false
     requirements:
-    - - ! '>='
+    - - '>='
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
   name: bundler
   requirement: !ruby/object:Gem::Requirement
-    none: false
     requirements:
-    - - ! '>='
+    - - '>='
       - !ruby/object:Gem::Version
         version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
-    none: false
     requirements:
-    - - ! '>='
+    - - '>='
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
   name: rake
   requirement: !ruby/object:Gem::Requirement
-    none: false
     requirements:
-    - - ! '>='
+    - - '>='
       - !ruby/object:Gem::Version
         version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
-    none: false
     requirements:
-    - - ! '>='
-      - !ruby/object:Gem::Version
-        version: '0'
-- !ruby/object:Gem::Dependency
-  name: kicker
-  requirement: !ruby/object:Gem::Requirement
-    none: false
-    requirements:
-    - - ! '>='
-      - !ruby/object:Gem::Version
-        version: '0'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    none: false
-    requirements:
-    - - ! '>='
+    - - '>='
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
   name: mocha
   requirement: !ruby/object:Gem::Requirement
-    none: false
     requirements:
-    - - ! '>='
+    - - '>='
       - !ruby/object:Gem::Version
         version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
-    none: false
     requirements:
-    - - ! '>='
+    - - '>='
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
   name: yajl-ruby
   requirement: !ruby/object:Gem::Requirement
-    none: false
     requirements:
-    - - ! '>='
+    - - '>='
       - !ruby/object:Gem::Version
         version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
-    none: false
     requirements:
-    - - ! '>='
+    - - '>='
       - !ruby/object:Gem::Version
         version: '0'
 description: Omniauth Strategy for Tent
@@ -193,27 +158,26 @@ files:
 - spec/spec_helper.rb
 homepage: https://github.com/tent/omniauth-tent
 licenses: []
+metadata: {}
 post_install_message: 
 rdoc_options: []
 require_paths:
 - lib
 required_ruby_version: !ruby/object:Gem::Requirement
-  none: false
   requirements:
-  - - ! '>='
+  - - '>='
     - !ruby/object:Gem::Version
       version: '0'
 required_rubygems_version: !ruby/object:Gem::Requirement
-  none: false
   requirements:
-  - - ! '>='
+  - - '>='
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 1.8.23
+rubygems_version: 2.0.7
 signing_key: 
-specification_version: 3
+specification_version: 4
 summary: Omniauth Strategy for Tent
 test_files:
 - spec/omniauth/strategies/tent_spec.rb