omniauth 0.3.2 → 1.0.0.beta1

data/lib/omniauth/test.rb

@@ -0,0 +1,12 @@
+module OmniAuth
+
+  # Support for testing OmniAuth strategies.
+  module Test
+
+    autoload :PhonySession,     'omniauth/test/phony_session'
+    autoload :StrategyMacros,   'omniauth/test/strategy_macros'
+    autoload :StrategyTestCase, 'omniauth/test/strategy_test_case'
+
+  end
+
+end

data/lib/omniauth/test/phony_session.rb

@@ -0,0 +1,8 @@
+class OmniAuth::Test::PhonySession
+  def initialize(app); @app = app end
+  def call(env)
+    @session ||= (env['rack.session'] || {})
+    env['rack.session'] = @session
+    @app.call(env)
+  end
+end

data/lib/omniauth/test/strategy_macros.rb

@@ -0,0 +1,34 @@
+module OmniAuth
+
+  module Test
+
+    module StrategyMacros
+
+      def sets_an_auth_hash
+        it 'should set an auth hash' do
+          last_request.env['omniauth.auth'].should be_kind_of(Hash)
+        end
+      end
+
+      def sets_provider_to(provider)
+        it "should set the provider to #{provider}" do
+          (last_request.env['omniauth.auth'] || {})['provider'].should == provider
+        end
+      end
+
+      def sets_uid_to(uid)
+        it "should set the UID to #{uid}" do
+          (last_request.env['omniauth.auth'] || {})['uid'].should == uid
+        end
+      end
+
+      def sets_user_info_to(user_info)
+        it "should set the user_info to #{user_info}" do
+          (last_request.env['omniauth.auth'] || {})['user_info'].should == user_info
+        end
+      end
+    end
+
+  end
+
+end

data/lib/omniauth/test/strategy_test_case.rb

@@ -0,0 +1,49 @@
+require 'rack'
+require 'omniauth/test'
+
+module OmniAuth
+
+  module Test
+
+    # Support for testing OmniAuth strategies.
+    #
+    # @example Usage
+    #   class MyStrategyTest < Test::Unit::TestCase
+    #     include OmniAuth::Test::StrategyTestCase
+    #     def strategy
+    #       # return the parameters to a Rack::Builder map call:
+    #       [MyStrategy.new, :some, :configuration, :options => 'here']
+    #     end
+    #     setup do
+    #       post '/auth/my_strategy/callback', :user => { 'name' => 'Dylan', 'id' => '445' }
+    #     end
+    #   end
+    module StrategyTestCase
+
+      def app
+        strat = self.strategy
+        resp = self.app_response
+        Rack::Builder.new {
+          use OmniAuth::Test::PhonySession
+          use *strat
+          run lambda {|env| [404, {'Content-Type' => 'text/plain'}, [resp || env.key?('omniauth.auth').to_s]] }
+        }.to_app
+      end
+
+      def app_response
+        nil
+      end
+
+      def session
+        last_request.env['rack.session']
+      end
+
+      def strategy
+        raise NotImplementedError.new('Including specs must define #strategy')
+      end
+
+    end
+
+  end
+
+end

data/lib/omniauth/version.rb

@@ -1,19 +1,3 @@
 module OmniAuth
-  module Version
-    unless defined?(::OmniAuth::Version::MAJOR)
-      MAJOR = 0
-    end
-    unless defined?(::OmniAuth::Version::MINOR)
-      MINOR = 3
-    end
-    unless defined?(::OmniAuth::Version::PATCH)
-      PATCH = 2
-    end
-    unless defined?(::OmniAuth::Version::PRE)
-      PRE   = nil
-    end
-    unless defined?(::OmniAuth::Version::STRING)
-      STRING = [MAJOR, MINOR, PATCH, PRE].compact.join('.')
-    end
-  end
+  VERSION = "1.0.0.beta1"
 end

data/omniauth.gemspec

@@ -0,0 +1,28 @@
+# encoding: utf-8
+require File.expand_path('../lib/omniauth/version', __FILE__)
+
+Gem::Specification.new do |gem|
+  gem.name = 'omniauth'
+  gem.description = %q{A generalized Rack framework for multiple-provider authentication.}
+  gem.authors = ['Michael Bleigh', 'Erik Michaels-Ober']
+  gem.email = ['michael@intridea.com', 'sferik@gmail.com']
+
+  gem.add_runtime_dependency 'rack'
+  gem.add_runtime_dependency 'hashie', '~> 1.2'
+
+  gem.add_development_dependency 'maruku', '~> 0.6'
+  gem.add_development_dependency 'simplecov', '~> 0.4'
+  gem.add_development_dependency 'rack-test', '~> 0.5'
+  gem.add_development_dependency 'rake', '~> 0.8'
+  gem.add_development_dependency 'rdiscount', '~> 1.6'
+  gem.add_development_dependency 'rspec', '~> 2.5'
+  gem.add_development_dependency 'yard', '~> 0.7'
+
+  gem.version = OmniAuth::VERSION
+  gem.files = `git ls-files`.split("\n")
+  gem.homepage = 'http://github.com/intridea/omniauth'
+  gem.require_paths = ['lib']
+  gem.required_rubygems_version = Gem::Requirement.new('>= 1.3.6') if gem.respond_to? :required_rubygems_version=
+  gem.summary = gem.description
+  gem.test_files = `git ls-files -- {test,spec,features}/*`.split("\n")
+end

data/spec/omniauth/auth_hash_spec.rb

@@ -0,0 +1,108 @@
+require 'spec_helper'
+
+describe OmniAuth::AuthHash do
+  subject{ OmniAuth::AuthHash.new }
+  it 'should convert a supplied info key into an InfoHash object' do
+    subject.info = {:first_name => 'Awesome'}
+    subject.info.should be_kind_of(OmniAuth::AuthHash::InfoHash)
+    subject.info.first_name.should == 'Awesome'
+  end
+
+  describe '#valid?' do
+    subject{ OmniAuth::AuthHash.new(:uid => '123', :provider => 'example', :info => {:name => 'Steven'}) }
+
+    it 'should be valid with the right parameters' do
+      subject.should be_valid
+    end
+
+    it 'should require a uid' do
+      subject.uid = nil
+      subject.should_not be_valid
+    end
+
+    it 'should require a provider' do
+      subject.provider = nil
+      subject.should_not be_valid
+    end
+
+    it 'should require a name in the user info hash' do
+      subject.info.name = nil
+      subject.should_not be_valid?
+    end
+  end
+
+  describe '#name' do
+    subject{ OmniAuth::AuthHash.new(
+      :info => {
+        :name => 'Phillip J. Fry',
+        :first_name => 'Phillip',
+        :last_name => 'Fry',
+        :nickname => 'meatbag',
+        :email => 'fry@planetexpress.com'
+    })}
+
+    it 'should default to the name key' do
+      subject.info.name.should == 'Phillip J. Fry'
+    end
+
+    it 'should fall back to go to first_name last_name concatenation' do
+      subject.info.name = nil
+      subject.info.name.should == 'Phillip Fry'
+    end
+
+    it 'should display only a first or last name if only that is available' do
+      subject.info.name = nil
+      subject.info.first_name = nil
+      subject.info.name.should == 'Fry'
+    end
+
+    it 'should display the nickname if no name, first, or last is available' do
+      subject.info.name = nil
+      %w(first_name last_name).each{|k| subject.info[k] = nil}
+      subject.info.name.should == 'meatbag'
+    end
+
+    it 'should display the email if no name, first, last, or nick is available' do
+      subject.info.name = nil
+      %w(first_name last_name nickname).each{|k| subject.info[k] = nil}
+      subject.info.name.should == 'fry@planetexpress.com'
+    end
+  end
+
+  describe '#to_hash' do
+    subject{ OmniAuth::AuthHash.new(:uid => '123', :provider => 'test', :name => 'Bob Example')}
+    let(:hash){ subject.to_hash }
+
+    it 'should be a plain old hash' do
+      hash.class.should == ::Hash
+    end
+
+    it 'should have string keys' do
+      hash.keys.should be_include('uid')
+    end
+
+    it 'should convert an info hash as well' do
+      subject.info = {:first_name => 'Bob', :last_name => 'Example'}
+      subject.info.class.should == OmniAuth::AuthHash::InfoHash
+      subject.to_hash['info'].class.should == ::Hash
+    end
+
+    it 'should supply the calculated name in the converted hash' do
+      subject.info = {:first_name => 'Bob', :last_name => 'Examplar'}
+      hash['info']['name'].should == 'Bob Examplar'
+    end
+
+    it 'should not pollute the URL hash with "name" etc' do
+      subject.info = {'urls' => {'Homepage' => "http://homepage.com"}}
+      subject.to_hash['info']['urls'].should == {'Homepage' => "http://homepage.com"}
+    end
+  end
+
+  describe OmniAuth::AuthHash::InfoHash do
+    describe '#valid?' do
+      it 'should be valid if there is a name' do
+        OmniAuth::AuthHash::InfoHash.new(:name => 'Awesome').should be_valid
+      end
+    end
+  end
+end

data/spec/omniauth/builder_spec.rb

@@ -0,0 +1,20 @@
+require File.expand_path('../../spec_helper', __FILE__)
+
+describe OmniAuth::Builder do
+  describe '#provider' do
+    it 'should translate a symbol to a constant' do
+      OmniAuth::Strategies.should_receive(:const_get).with('MyStrategy').and_return(Class.new)
+      OmniAuth::Builder.new(nil) do
+        provider :my_strategy
+      end
+    end
+
+    it 'should also just accept a class' do
+      class ::ExampleClass; end
+
+      lambda{ OmniAuth::Builder.new(nil) do
+        provider ::ExampleClass
+      end }.should_not raise_error
+    end
+  end
+end

data/spec/omniauth/strategies/developer_spec.rb

@@ -0,0 +1,69 @@
+require 'spec_helper'
+
+describe OmniAuth::Strategies::Developer do
+  let(:app){ Rack::Builder.new do |b|
+    b.use Rack::Session::Cookie
+    b.use OmniAuth::Strategies::Developer
+    b.run lambda{|env| [200, {}, ['Not Found']]}
+  end.to_app }
+
+  context 'request phase' do
+    before(:each){ get '/auth/developer' }
+
+    it 'should display a form' do
+      last_response.status.should == 200
+      last_response.body.should be_include("<form")
+    end
+
+    it 'should have the callback as the action for the form' do
+      last_response.body.should be_include("action='/auth/developer/callback'")
+    end
+
+    it 'should have a text field for each of the fields' do
+      last_response.body.scan('<input').size.should == 2
+    end
+  end
+
+  context 'callback phase' do
+    let(:auth_hash){ last_request.env['omniauth.auth'] }
+
+    context 'with default options' do
+      before do
+        post '/auth/developer/callback', :name => 'Example User', :email => 'user@example.com'
+      end
+
+      it 'should set the name in the auth hash' do
+        auth_hash.info.name.should == 'Example User'
+      end
+
+      it 'should set the email in the auth hash' do
+        auth_hash.info.email.should == 'user@example.com'
+      end
+
+      it 'should set the uid to the email' do
+        auth_hash.uid.should == 'user@example.com'
+      end
+    end
+
+    context 'with custom options' do
+      let(:app){ Rack::Builder.new do |b|
+        b.use Rack::Session::Cookie
+        b.use OmniAuth::Strategies::Developer, :fields => [:first_name, :last_name], :uid_field => :last_name
+        b.run lambda{|env| [200, {}, ['Not Found']]}
+      end.to_app }
+
+      before do
+        @options = {:uid_field => :last_name, :fields => [:first_name, :last_name]}
+        post '/auth/developer/callback', :first_name => 'Example', :last_name => 'User'
+      end
+
+      it 'should set info fields properly' do
+        auth_hash.info.name.should == 'Example User'
+      end
+
+      it 'should set the uid properly' do
+        auth_hash.uid.should == 'User'
+      end
+    end
+  end
+end

data/spec/omniauth/strategy_spec.rb

@@ -0,0 +1,601 @@
+require File.expand_path('../../spec_helper', __FILE__)
+
+class ExampleStrategy
+  include OmniAuth::Strategy
+  option :name, 'test'
+  def call(env); self.call!(env) end
+  attr_reader :last_env
+  def request_phase
+    @fail = fail!(options[:failure]) if options[:failure]
+    @last_env = env
+    return @fail if @fail
+    raise "Request Phase"
+  end
+  def callback_phase
+    @fail = fail!(options[:failure]) if options[:failure]
+    @last_env = env
+    return @fail if @fail
+    raise "Callback Phase"
+  end
+end
+
+def make_env(path = '/auth/test', props = {})
+  {
+    'REQUEST_METHOD' => 'GET',
+    'PATH_INFO' => path,
+    'rack.session' => {},
+    'rack.input' => StringIO.new('test=true')
+  }.merge(props)
+end
+
+describe OmniAuth::Strategy do
+  let(:app){ lambda{|env| [404, {}, ['Awesome']]}}
+  let(:fresh_strategy){ c = Class.new; c.send :include, OmniAuth::Strategy; c}
+
+  describe '.default_options' do
+    it 'should be inherited from a parent class' do
+      superklass = Class.new
+      superklass.send :include, OmniAuth::Strategy
+      superklass.configure do |c|
+        c.foo = 'bar'
+      end
+
+      klass = Class.new(superklass)
+      klass.default_options.foo.should == 'bar'
+    end
+  end
+
+  describe '.configure' do
+    subject { klass = Class.new; klass.send :include, OmniAuth::Strategy; klass }
+    it 'should take a block and allow for default options setting' do
+      subject.configure do |c|
+        c.wakka = 'doo'
+      end
+      subject.default_options["wakka"].should == "doo"
+    end
+
+    it 'should take a hash and deep merge it' do
+      subject.configure :abc => {:def => 123}
+      subject.configure :abc => {:hgi => 456}
+      subject.default_options['abc'].should == {'def' => 123, 'hgi' => 456}
+    end
+  end
+
+  describe '#skip_info?' do
+    it 'should be true if options.skip_info is true' do
+      ExampleStrategy.new(app, :skip_info => true).should be_skip_info
+    end
+
+    it 'should be false if options.skip_info is false' do
+      ExampleStrategy.new(app, :skip_info => false).should_not be_skip_info
+    end
+
+    it 'should be false by default' do
+      ExampleStrategy.new(app).should_not be_skip_info
+    end
+
+    it 'should be true if options.skip_info is a callable that evaluates to truthy' do
+      instance = ExampleStrategy.new(app, :skip_info => lambda{|uid| uid})
+      instance.should_receive(:uid).and_return(true)
+      instance.should be_skip_info
+    end
+  end
+
+  describe '.option' do
+    subject { klass = Class.new; klass.send :include, OmniAuth::Strategy; klass }
+    it 'should set a default value' do
+      subject.option :abc, 123
+      subject.default_options.abc.should == 123
+    end
+
+    it 'should set the default value to nil if none is provided' do
+      subject.option :abc
+      subject.default_options.abc.should be_nil
+    end
+  end
+
+  describe '.args' do
+    subject{ c = Class.new; c.send :include, OmniAuth::Strategy; c }
+    it 'should set args to the specified argument if there is one' do
+      subject.args [:abc, :def]
+      subject.args.should == [:abc, :def]
+    end
+
+    it 'should be inheritable' do
+      subject.args [:abc, :def]
+      c = Class.new(subject)
+      c.args.should == [:abc, :def]
+    end
+  end
+
+  context 'fetcher procs' do
+    subject{ fresh_strategy }
+    %w(uid info credentials extra).each do |fetcher|
+      it ".#{fetcher} should be able to set and retrieve a proc" do
+        proc = lambda{ "Hello" }
+        subject.send(fetcher, &proc)
+        subject.send(fetcher).should == proc
+      end
+    end
+  end
+
+  context 'fetcher stacks' do
+    subject{ fresh_strategy }
+    %w(uid info credentials extra).each do |fetcher|
+      it ".#{fetcher}_stack should be an array of called ancestral procs" do
+        fetchy = Proc.new{ "Hello" }
+        subject.send(fetcher, &fetchy)
+        subject.send("#{fetcher}_stack", subject.new(app)).should == ["Hello"]
+      end
+    end
+  end
+
+  %w(request_phase).each do |abstract_method|
+    it "#{abstract_method} should raise a NotImplementedError" do
+      strat = Class.new
+      strat.send :include, OmniAuth::Strategy
+      lambda{ strat.new(app).send(abstract_method) }.should raise_error(NotImplementedError)
+    end
+  end
+
+  describe '#auth_hash' do
+    subject do
+      klass = Class.new
+      klass.send :include, OmniAuth::Strategy
+      klass.option :name, 'auth_hasher'
+      klass
+    end
+    let(:instance){ subject.new(app) }
+
+    it 'should call through to uid and info' do
+      instance.should_receive :uid
+      instance.should_receive :info
+      instance.auth_hash
+    end
+
+    it 'should return an AuthHash' do
+      instance.stub!(:uid).and_return('123')
+      instance.stub!(:info).and_return(:name => 'Hal Awesome')
+      hash = instance.auth_hash
+      hash.should be_kind_of(OmniAuth::AuthHash)
+      hash.uid.should == '123'
+      hash.info.name.should == 'Hal Awesome'
+    end
+  end
+
+  describe '#initialize' do
+    context 'options extraction' do
+      it 'should be the last argument if the last argument is a Hash' do
+        ExampleStrategy.new(app, :abc => 123).options[:abc].should == 123
+      end
+
+      it 'should be the default options if any are provided' do
+        ExampleStrategy.stub!(:default_options).and_return(OmniAuth::Strategy::Options.new(:abc => 123))
+        ExampleStrategy.new(app).options.abc.should == 123
+      end
+    end
+
+    context 'custom args' do
+      subject{ c = Class.new; c.send :include, OmniAuth::Strategy; c }
+      it 'should set options based on the arguments if they are supplied' do
+        subject.args [:abc, :def]
+        s = subject.new app, 123, 456
+        s.options[:abc].should == 123
+        s.options[:def].should == 456
+      end
+    end
+  end
+
+  it '#call should duplicate and call' do
+    klass = Class.new
+    klass.send :include, OmniAuth::Strategy
+    instance = klass.new(app)
+    instance.should_receive(:dup).and_return(instance)
+    instance.call({'rack.session' => {}})
+  end
+
+  describe '#inspect' do
+    it 'should just be the class name in Ruby inspect format' do
+      ExampleStrategy.new(app).inspect.should == '#<ExampleStrategy>'
+    end
+  end
+
+  describe '#redirect' do
+    it 'should use javascript if :iframe is true' do
+      response = ExampleStrategy.new(app, :iframe => true).redirect("http://abc.com")
+      response.last.body.first.should be_include("top.location.href")
+    end
+  end
+
+  describe '#callback_phase' do
+    subject{ k = Class.new; k.send :include, OmniAuth::Strategy; k.new(app) }
+
+    it 'should set the auth hash' do
+      env = make_env
+      subject.stub!(:env).and_return(env)
+      subject.stub!(:auth_hash).and_return("AUTH HASH")
+      subject.callback_phase
+      env['omniauth.auth'].should == "AUTH HASH"
+    end
+  end
+
+  describe '#full_host' do
+    let(:strategy){ ExampleStrategy.new(app, {}) }
+    it 'should not freak out if there is a pipe in the URL' do
+      strategy.call!(make_env('/whatever', 'rack.url_scheme' => 'http', 'SERVER_NAME' => 'facebook.lame', 'QUERY_STRING' => 'code=asofibasf|asoidnasd', 'SCRIPT_NAME' => '', 'SERVER_PORT' => 80))
+      lambda{ strategy.full_host }.should_not raise_error
+    end
+  end
+
+  describe '#uid' do
+    subject{ fresh_strategy }
+    it "should be the current class's uid if one exists" do
+      subject.uid{ "Hi" }
+      subject.new(app).uid.should == "Hi"
+    end
+
+    it "should inherit if it can" do
+      subject.uid{ "Hi" }
+      c = Class.new(subject)
+      c.new(app).uid.should == "Hi"
+    end
+  end
+
+  %w(info credentials extra).each do |fetcher|
+    subject{ fresh_strategy }
+    it "should be the current class's proc call if one exists" do
+      subject.send(fetcher){ {:abc => 123} }
+      subject.new(app).send(fetcher).should == {:abc => 123}
+    end
+
+    it 'should inherit by merging with preference for the latest class' do
+      subject.send(fetcher){ {:abc => 123, :def => 456} }
+      c = Class.new(subject)
+      c.send(fetcher){ {:abc => 789} }
+      c.new(app).send(fetcher).should == {:abc => 789, :def => 456}
+    end
+  end
+
+  describe '#call' do
+    let(:strategy){ ExampleStrategy.new(app, @options || {}) }
+
+    context 'omniauth.origin' do
+      it 'should be set on the request phase' do
+        lambda{ strategy.call(make_env('/auth/test', 'HTTP_REFERER' => 'http://example.com/origin')) }.should raise_error("Request Phase")
+        strategy.last_env['rack.session']['omniauth.origin'].should == 'http://example.com/origin'
+      end
+
+      it 'should be turned into an env variable on the callback phase' do
+        lambda{ strategy.call(make_env('/auth/test/callback', 'rack.session' => {'omniauth.origin' => 'http://example.com/origin'})) }.should raise_error("Callback Phase")
+        strategy.last_env['omniauth.origin'].should == 'http://example.com/origin'
+      end
+
+      it 'should set from the params if provided' do
+        lambda{ strategy.call(make_env('/auth/test', 'QUERY_STRING' => 'origin=/foo')) }.should raise_error('Request Phase')
+        strategy.last_env['rack.session']['omniauth.origin'].should == '/foo'
+      end
+
+      it 'should be set on the failure env' do
+        OmniAuth.config.should_receive(:on_failure).and_return(lambda{|env| env})
+        @options = {:failure => :forced_fail}
+        strategy.call(make_env('/auth/test/callback', 'rack.session' => {'omniauth.origin' => '/awesome'}))
+      end
+
+      context "with script_name" do
+        it 'should be set on the request phase, containing full path' do
+          env = {'HTTP_REFERER' => 'http://example.com/sub_uri/origin', 'SCRIPT_NAME' => '/sub_uri' }
+          lambda{ strategy.call(make_env('/auth/test', env)) }.should raise_error("Request Phase")
+          strategy.last_env['rack.session']['omniauth.origin'].should == 'http://example.com/sub_uri/origin'
+        end
+
+        it 'should be turned into an env variable on the callback phase, containing full path' do
+          env = {
+            'rack.session' => {'omniauth.origin' => 'http://example.com/sub_uri/origin'},
+            'SCRIPT_NAME' => '/sub_uri'
+          }
+
+          lambda{ strategy.call(make_env('/auth/test/callback', env)) }.should raise_error("Callback Phase")
+          strategy.last_env['omniauth.origin'].should == 'http://example.com/sub_uri/origin'
+        end
+
+      end
+    end
+
+    context 'default paths' do
+      it 'should use the default request path' do
+        lambda{ strategy.call(make_env) }.should raise_error("Request Phase")
+      end
+
+      it 'should be case insensitive on request path' do
+        lambda{ strategy.call(make_env('/AUTH/Test'))}.should raise_error("Request Phase")
+      end
+
+      it 'should be case insensitive on callback path' do
+        lambda{ strategy.call(make_env('/AUTH/TeSt/CaLlBAck'))}.should raise_error("Callback Phase")
+      end
+
+      it 'should use the default callback path' do
+        lambda{ strategy.call(make_env('/auth/test/callback')) }.should raise_error("Callback Phase")
+      end
+
+      it 'should strip trailing spaces on request' do
+        lambda{ strategy.call(make_env('/auth/test/')) }.should raise_error("Request Phase")
+      end
+
+      it 'should strip trailing spaces on callback' do
+        lambda{ strategy.call(make_env('/auth/test/callback/')) }.should raise_error("Callback Phase")
+      end
+
+      context 'callback_url' do
+        it 'uses the default callback_path' do
+          strategy.should_receive(:full_host).and_return('http://example.com')
+
+          lambda{ strategy.call(make_env) }.should raise_error("Request Phase")
+
+          strategy.callback_url.should == 'http://example.com/auth/test/callback'
+        end
+
+        it 'preserves the query parameters' do
+          strategy.stub(:full_host).and_return('http://example.com')
+          begin
+            strategy.call(make_env('/auth/test', 'QUERY_STRING' => 'id=5'))
+          rescue RuntimeError; end
+          strategy.callback_url.should == 'http://example.com/auth/test/callback?id=5'
+        end
+
+        it 'consider script name' do
+          strategy.stub(:full_host).and_return('http://example.com')
+          begin
+            strategy.call(make_env('/auth/test', 'SCRIPT_NAME' => '/sub_uri'))
+          rescue RuntimeError; end
+          strategy.callback_url.should == 'http://example.com/sub_uri/auth/test/callback'
+        end
+      end
+    end
+
+    context ':form option' do
+      it 'should call through to the supplied form option if one exists' do
+        strategy.options.form = lambda{|env| "Called me!"}
+        strategy.call(make_env('/auth/test')).should == "Called me!"
+      end
+
+      it 'should call through to the app if :form => true is set as an option' do
+        strategy.options.form = true
+        strategy.call(make_env('/auth/test')).should == app.call(make_env('/auth/test'))
+      end
+    end
+
+    context 'custom paths' do
+      it 'should use a custom request_path if one is provided' do
+        @options = {:request_path => '/awesome'}
+        lambda{ strategy.call(make_env('/awesome')) }.should raise_error("Request Phase")
+      end
+
+      it 'should use a custom callback_path if one is provided' do
+        @options = {:callback_path => '/radical'}
+        lambda{ strategy.call(make_env('/radical')) }.should raise_error("Callback Phase")
+      end
+
+      context 'callback_url' do
+        it 'uses a custom callback_path if one is provided' do
+          @options = {:callback_path => '/radical'}
+          strategy.should_receive(:full_host).and_return('http://example.com')
+
+          lambda{ strategy.call(make_env('/radical')) }.should raise_error("Callback Phase")
+
+          strategy.callback_url.should == 'http://example.com/radical'
+        end
+
+        it 'preserves the query parameters' do
+          @options = {:callback_path => '/radical'}
+          strategy.stub(:full_host).and_return('http://example.com')
+          begin
+            strategy.call(make_env('/auth/test', 'QUERY_STRING' => 'id=5'))
+          rescue RuntimeError; end
+          strategy.callback_url.should == 'http://example.com/radical?id=5'
+        end
+      end
+    end
+
+    context 'custom prefix' do
+      before do
+        @options = {:path_prefix => '/wowzers'}
+      end
+
+      it 'should use a custom prefix for request' do
+        lambda{ strategy.call(make_env('/wowzers/test')) }.should raise_error("Request Phase")
+      end
+
+      it 'should use a custom prefix for callback' do
+        lambda{ strategy.call(make_env('/wowzers/test/callback')) }.should raise_error("Callback Phase")
+      end
+
+      context 'callback_url' do
+        it 'uses a custom prefix' do
+          strategy.should_receive(:full_host).and_return('http://example.com')
+
+          lambda{ strategy.call(make_env('/wowzers/test')) }.should raise_error("Request Phase")
+
+          strategy.callback_url.should == 'http://example.com/wowzers/test/callback'
+        end
+
+        it 'preserves the query parameters' do
+          strategy.stub(:full_host).and_return('http://example.com')
+          begin
+            strategy.call(make_env('/auth/test', 'QUERY_STRING' => 'id=5'))
+          rescue RuntimeError; end
+          strategy.callback_url.should == 'http://example.com/wowzers/test/callback?id=5'
+        end
+      end
+    end
+
+    context 'request method restriction' do
+      before do
+        OmniAuth.config.allowed_request_methods = [:post]
+      end
+
+      it 'should not allow a request method of the wrong type' do
+        lambda{ strategy.call(make_env)}.should_not raise_error
+      end
+
+      it 'should allow a request method of the correct type' do
+        lambda{ strategy.call(make_env('/auth/test', 'REQUEST_METHOD' => 'POST'))}.should raise_error("Request Phase")
+      end
+
+      after do
+        OmniAuth.config.allowed_request_methods = [:get, :post]
+      end
+    end
+
+    context 'receiving an OPTIONS request' do
+      shared_examples_for "an OPTIONS request" do
+        it 'should respond with 200' do
+          response[0].should == 200
+        end
+
+        it 'should set the Allow header properly' do
+          response[1]['Allow'].should == "GET, POST"
+        end
+      end
+
+      context 'to the request path' do
+        let(:response) { strategy.call(make_env('/auth/test', 'REQUEST_METHOD' => 'OPTIONS')) }
+        it_should_behave_like 'an OPTIONS request'
+      end
+
+      context 'to the request path' do
+        let(:response) { strategy.call(make_env('/auth/test/callback', 'REQUEST_METHOD' => 'OPTIONS')) }
+        it_should_behave_like 'an OPTIONS request'
+      end
+
+      context 'to some other path' do
+        it 'should not short-circuit the request' do
+          env = make_env('/other', 'REQUEST_METHOD' => 'OPTIONS')
+          strategy.call(env).should == app.call(env)
+        end
+      end
+    end
+
+    context 'test mode' do
+      before do
+        OmniAuth.config.test_mode = true
+      end
+
+      it 'should short circuit the request phase entirely' do
+        response = strategy.call(make_env)
+        response[0].should == 302
+        response[1]['Location'].should == '/auth/test/callback'
+      end
+
+      it 'should be case insensitive on request path' do
+        strategy.call(make_env('/AUTH/Test'))[0].should == 302
+      end
+
+      it 'should respect SCRIPT_NAME (a.k.a. BaseURI)' do
+        response = strategy.call(make_env('/auth/test', 'SCRIPT_NAME' => '/sub_uri'))
+        response[1]['Location'].should == '/sub_uri/auth/test/callback'
+      end
+
+      it 'should be case insensitive on callback path' do
+        strategy.call(make_env('/AUTH/TeSt/CaLlBAck')).should == strategy.call(make_env('/auth/test/callback'))
+      end
+
+      it 'should maintain query string parameters' do
+        response = strategy.call(make_env('/auth/test', 'QUERY_STRING' => 'cheese=stilton'))
+        response[1]['Location'].should == '/auth/test/callback?cheese=stilton'
+      end
+
+      it 'should not short circuit requests outside of authentication' do
+        strategy.call(make_env('/')).should == app.call(make_env('/'))
+      end
+
+      it 'should respond with the default hash if none is set' do
+        strategy.call make_env('/auth/test/callback')
+        strategy.env['omniauth.auth']['uid'].should == '1234'
+      end
+
+      it 'should respond with a provider-specific hash if one is set' do
+        OmniAuth.config.mock_auth[:test] = {
+          'uid' => 'abc'
+        }
+
+        strategy.call make_env('/auth/test/callback')
+        strategy.env['omniauth.auth']['uid'].should == 'abc'
+      end
+
+      it 'should simulate login failure if mocked data is set as a symbol' do
+        OmniAuth.config.mock_auth[:test] = :invalid_credentials
+
+        strategy.call make_env('/auth/test/callback')
+        strategy.env['omniauth.error.type'].should == :invalid_credentials
+      end
+
+      it 'should set omniauth.origin on the request phase' do
+        strategy.call(make_env('/auth/test', 'HTTP_REFERER' => 'http://example.com/origin'))
+        strategy.env['rack.session']['omniauth.origin'].should == 'http://example.com/origin'
+      end
+
+      it 'should set omniauth.origin from the params if provided' do
+        strategy.call(make_env('/auth/test', 'QUERY_STRING' => 'origin=/foo'))
+        strategy.env['rack.session']['omniauth.origin'].should == '/foo'
+      end
+
+      it 'should turn omniauth.origin into an env variable on the callback phase' do
+        OmniAuth.config.mock_auth[:test] = {}
+
+        strategy.call(make_env('/auth/test/callback', 'rack.session' => {'omniauth.origin' => 'http://example.com/origin'}))
+        strategy.env['omniauth.origin'].should == 'http://example.com/origin'
+      end
+    end
+
+    context 'custom full_host' do
+      it 'should be the string when a string is there' do
+        OmniAuth.config.full_host = 'my.host.com'
+        strategy.full_host.should == 'my.host.com'
+      end
+
+      it 'should run the proc with the env when it is a proc' do
+        OmniAuth.config.full_host = Proc.new{|env| env['HOST']}
+        strategy.call(make_env('/auth/test', 'HOST' => 'my.host.net'))
+        strategy.full_host.should == 'my.host.net'
+      end
+    end
+  end
+
+  context 'setup phase' do
+    context 'when options[:setup] = true' do
+      let(:strategy){ ExampleStrategy.new(app, :setup => true) }
+      let(:app){lambda{|env| env['omniauth.strategy'].options[:awesome] = 'sauce' if env['PATH_INFO'] == '/auth/test/setup'; [404, {}, 'Awesome'] }}
+
+      it 'should call through to /auth/:provider/setup' do
+        strategy.call(make_env('/auth/test'))
+        strategy.options[:awesome].should == 'sauce'
+      end
+
+      it 'should not call through on a non-omniauth endpoint' do
+        strategy.call(make_env('/somewhere/else'))
+        strategy.options[:awesome].should_not == 'sauce'
+      end
+    end
+
+    context 'when options[:setup] is an app' do
+      let(:setup_proc) do
+        Proc.new do |env|
+          env['omniauth.strategy'].options[:awesome] = 'sauce'
+        end
+      end
+
+      let(:strategy){ ExampleStrategy.new(app, :setup => setup_proc) }
+
+      it 'should not call the app on a non-omniauth endpoint' do
+        strategy.call(make_env('/somehwere/else'))
+        strategy.options[:awesome].should_not == 'sauce'
+      end
+
+      it 'should call the rack app' do
+        strategy.call(make_env('/auth/test'))
+        strategy.options[:awesome].should == 'sauce'
+      end
+    end
+  end
+end