privy_wine_bouncer 1.0.4.5

data/spec/lib/wine_bouncer/auth_methods/auth_methods_spec.rb

@@ -0,0 +1,105 @@
+# frozen_string_literal: true
+
+require 'rails_helper'
+
+describe ::WineBouncer::AuthMethods do
+  let(:tested_class) do
+    Class.new do
+      include ::WineBouncer::AuthMethods
+    end.new
+  end
+  let(:user) { FactoryBot.create(:user) }
+  let(:token) { FactoryBot.create :clientless_access_token, resource_owner_id: user.id, scopes: 'public' }
+
+  context 'doorkeeper_access_token' do
+    it 'sets and gets a token' do
+      tested_class.doorkeeper_access_token = token
+      expect(tested_class.doorkeeper_access_token).to eq(token)
+    end
+  end
+
+  context 'has_resource_owner?' do
+    it 'gives true when the token has an resource owner' do
+      tested_class.doorkeeper_access_token = token
+
+      expect(tested_class.has_resource_owner?).to be true
+    end
+
+    it 'gives false when the class an no token' do
+      expect(tested_class.has_resource_owner?).to be false
+    end
+
+    it 'gives false when the token has no resource owner' do
+      token.resource_owner_id = nil
+      tested_class.doorkeeper_access_token = token
+
+      expect(tested_class.has_resource_owner?).to be false
+    end
+  end
+
+  context 'has_doorkeeper_token?' do
+    it 'returns true when the class has a token' do
+      tested_class.doorkeeper_access_token = token
+      expect(tested_class.has_doorkeeper_token?).to be true
+    end
+
+    it 'returns false when the class has no token' do
+      expect(tested_class.has_doorkeeper_token?).to be false
+    end
+  end
+
+  context 'client_credential_token?' do
+    it 'return true if the doorkeeper token is aquired through client_credential authentication' do
+      token.resource_owner_id = nil
+      tested_class.doorkeeper_access_token = token
+      expect(tested_class.client_credential_token?).to be true
+    end
+
+    it 'return false if no token is set' do
+      token.resource_owner_id = nil
+      tested_class.doorkeeper_access_token
+      expect(tested_class.client_credential_token?).to be false
+    end
+
+    it 'return false if the token has a resource_owner' do
+      token.resource_owner_id = 2
+      tested_class.doorkeeper_access_token = token
+      expect(tested_class.client_credential_token?).to be false
+    end
+  end
+
+  context 'protected_endpoint?' do
+    it 'when set true it returns true' do
+      tested_class.protected_endpoint = true
+      expect(tested_class.protected_endpoint?).to be true
+    end
+
+    it 'when set false it returns false' do
+      tested_class.protected_endpoint = false
+      expect(tested_class.protected_endpoint?).to be false
+    end
+
+    it 'defaults returns false if not set' do
+      expect(tested_class.protected_endpoint?).to be false
+    end
+  end
+
+  context 'resource_owner' do
+    it 'runs the configured block' do
+      result = 'called block'
+      foo = proc { result }
+
+      WineBouncer.configure do |c|
+        c.auth_strategy = :default
+        c.define_resource_owner(&foo)
+      end
+
+      expect(tested_class.resource_owner).to be(result)
+    end
+
+    it 'raises an argument error when the block is not configured' do
+      WineBouncer.configuration = WineBouncer::Configuration.new
+      expect { tested_class.resource_owner }.to raise_error(WineBouncer::Errors::UnconfiguredError)
+    end
+  end
+end

data/spec/lib/wine_bouncer/auth_strategies/default_spec.rb

@@ -0,0 +1,76 @@
+# frozen_string_literal: true
+
+require 'rails_helper'
+require 'wine_bouncer/auth_strategies/default'
+
+describe ::WineBouncer::AuthStrategies::Default do
+  subject(:klass) { ::WineBouncer::AuthStrategies::Default.new }
+
+  let(:scopes) { %w(public private) }
+  let(:scopes_hash) { { scopes: scopes } }
+  let(:auth_context) { { route_options: { auth: scopes_hash } } }
+
+  context 'endpoint_authorizations' do
+    it 'returns the auth key of the authentication hash.' do
+      context_double = double()
+      allow(context_double).to receive(:options) { auth_context }
+      klass.api_context = context_double
+      expect(klass.send(:endpoint_authorizations)).to eq(scopes_hash)
+    end
+
+    it 'returns nil when the authentication key has no hash key.' do
+      context_double = double()
+      allow(context_double).to receive(:options) { { route_options: { some: scopes_hash } } }
+      klass.api_context = context_double
+      expect(klass.send(:endpoint_authorizations)).to eq(nil)
+    end
+  end
+
+  context 'endpoint_protected?' do
+    it 'returns true when the context has the auth key.' do
+      context_double = double()
+      allow(context_double).to receive(:options) { auth_context }
+      klass.api_context = context_double
+      expect(klass.endpoint_protected?).to eq(true)
+    end
+
+    it 'returns false when the context has no auth key.' do
+      context_double = double()
+      allow(context_double).to receive(:options) { { route_options: { some: scopes_hash } } }
+      klass.api_context = context_double
+      expect(klass.endpoint_protected?).to eq(false)
+    end
+  end
+
+  context 'has_auth_scopes?' do
+    it 'returns true when the context has the auth key.' do
+      context_double = double()
+      allow(context_double).to receive(:options) { auth_context }
+      klass.api_context = context_double
+      expect(klass.has_auth_scopes?).to eq(true)
+    end
+
+    it 'returns false when the context has no auth key.' do
+      context_double = double()
+      allow(context_double).to receive(:options) { { route_options: { some: scopes_hash } } }
+      klass.api_context = context_double
+      expect(klass.has_auth_scopes?).to eq(false)
+    end
+
+    it 'returns false when the auth scopes contain a blank scope array' do
+      context_double = double()
+      allow(context_double).to receive(:options) { { route_options: { auth: { scopes: [] } } } }
+      klass.api_context = context_double
+      expect(klass.has_auth_scopes?).to eq(false)
+    end
+  end
+
+  context 'auth_scopes' do
+    it 'returns an array of scopes' do
+      context_double = double()
+      allow(context_double).to receive(:options) { auth_context }
+      klass.api_context = context_double
+      expect(klass.auth_scopes).to eq([:public, :private])
+    end
+  end
+end

data/spec/lib/wine_bouncer/auth_strategies/swagger_spec.rb

@@ -0,0 +1,115 @@
+# frozen_string_literal: true
+
+require 'rails_helper'
+require 'wine_bouncer/auth_strategies/swagger'
+
+describe ::WineBouncer::AuthStrategies::Swagger do
+  subject(:klass) { ::WineBouncer::AuthStrategies::Swagger.new }
+
+  let(:scopes) { [{ scope: 'private', description: 'anything' },{ scope: 'public', description: 'anything' }] }
+  let(:scopes_map) { { oauth2: scopes } }
+  let(:auth_context) { { route_options: { authorizations: scopes_map } } }
+
+  context 'endpoint_authorizations' do
+    it 'returns the auth key of the authentication hash.' do
+      context_double = double()
+      allow(context_double).to receive(:options) { auth_context }
+      klass.api_context = context_double
+      expect(klass.send(:endpoint_authorizations)).to eq(scopes_map)
+    end
+
+    it 'returns nil when the authentication key has no hash key.' do
+      context_double = double()
+      allow(context_double).to receive(:options) { { route_options: { some: scopes_map } } }
+      klass.api_context = context_double
+      expect(klass.send(:endpoint_authorizations)).to eq(nil)
+    end
+  end
+
+  context 'has_authorizations?' do
+    it 'returns true when it has an authentication hash.' do
+      context_double = double()
+      allow(context_double).to receive(:options) { auth_context }
+      klass.api_context = context_double
+      expect(klass.send(:has_authorizations?)).to eq(true)
+    end
+
+    it 'returns false when there is no authentication key.' do
+      context_double = double()
+      allow(context_double).to receive(:options) { { route_options: { some: scopes_map } } }
+      klass.api_context = context_double
+      expect(klass.send(:has_authorizations?)).to eq(false)
+    end
+  end
+
+  context 'authorization_type_oauth2' do
+    it 'returns the scopes.' do
+      context_double = double()
+      allow(context_double).to receive(:options) { auth_context }
+      klass.api_context = context_double
+      expect(klass.send(:authorization_type_oauth2)).to eq(scopes)
+    end
+
+    it 'returns nil when there is no oauth2 key.' do
+      context_double = double()
+      allow(context_double).to receive(:options) { { route_options: { authorizations: { no_oauth: scopes } } } }
+      klass.api_context = context_double
+      expect(klass.send(:authorization_type_oauth2)).to eq(nil)
+    end
+  end
+
+  context 'endpoint_protected?' do
+    it 'returns true when the context has the auth key.' do
+      context_double = double()
+      allow(context_double).to receive(:options) { auth_context }
+      klass.api_context = context_double
+      expect(klass.endpoint_protected?).to eq(true)
+    end
+
+    it 'returns false when the context has no auth key.' do
+      context_double = double()
+      allow(context_double).to receive(:options) { { route_options: { some: scopes_map } } }
+      klass.api_context = context_double
+      expect(klass.endpoint_protected?).to eq(false)
+    end
+  end
+
+  context 'has_auth_scopes?' do
+    it 'returns true when the context has the auth key.' do
+      context_double = double()
+      allow(context_double).to receive(:options) { auth_context }
+      klass.api_context = context_double
+      expect(klass.has_auth_scopes?).to eq(true)
+    end
+
+    it 'returns false when the context has no authorizations key.' do
+      context_double = double()
+      allow(context_double).to receive(:options) { { route_options: { some: scopes_map } } }
+      klass.api_context = context_double
+      expect(klass.has_auth_scopes?).to eq(false)
+    end
+
+    it 'returns false when the context has no oauth2 key.' do
+      context_double = double()
+      allow(context_double).to receive(:options) { { route_options: { authorizations: { no_oauth: scopes } } } }
+      klass.api_context = context_double
+      expect(klass.has_auth_scopes?).to eq(false)
+    end
+
+    it 'returns false when the auth scopes contain a blank scope array' do
+      context_double = double()
+      allow(context_double).to receive(:options) { { route_options: { authorizations: { oauth2: [] } } } }
+      klass.api_context = context_double
+      expect(klass.has_auth_scopes?).to eq(false)
+    end
+  end
+
+  context 'auth_scopes' do
+    it 'returns an array of scopes' do
+      context_double = double()
+      allow(context_double).to receive(:options) { auth_context }
+      klass.api_context = context_double
+      expect(klass.auth_scopes).to eq([:private, :public])
+    end
+  end
+end

data/spec/rails_helper.rb

@@ -0,0 +1,79 @@
+# frozen_string_literal: true
+
+# This file is copied to spec/ when you run 'rails generate rspec:install'
+ENV['RAILS_ENV'] ||= 'test'
+ORM = (ENV['orm'] || :active_record).to_sym
+require 'spec_helper'
+require File.expand_path('../dummy/config/environment', __FILE__)
+require 'rspec/rails'
+require 'wine_bouncer'
+require 'factory_bot'
+require 'database_cleaner'
+
+# Add additional requires below this line. Rails is not loaded until this point!
+
+# Requires supporting ruby files with custom matchers and macros, etc, in
+# spec/support/ and its subdirectories. Files matching `spec/**/*_spec.rb` are
+# run as spec files by default. This means that files in spec/support that end
+# in _spec.rb will both be required and run as specs, causing the specs to be
+# run twice. It is recommended that you do not name files matching this glob to
+# end with _spec.rb. You can configure this pattern with the --pattern
+# option on the command line or in ~/.rspec, .rspec or `.rspec-local`.
+#
+# The following line is provided for convenience purposes. It has the downside
+# of increasing the boot-up time by auto-requiring all files in the support
+# directory. Alternatively, in the individual `*_spec.rb` files, manually
+# require only the support files necessary.
+#
+# Dir[Rails.root.join("spec/support/**/*.rb")].each { |f| require f }
+
+# Checks for pending migrations before tests are run.
+# If you are not using ActiveRecord, you can remove this line.
+#ActiveRecord::Migration.maintain_test_schema!
+
+module ApiHelper
+  include Rack::Test::Methods
+
+  def app
+    Rails.application
+  end
+end
+
+def orm_name
+  orm = Doorkeeper.configuration.orm
+  [:mongoid2, :mongoid3, :mongoid4].include?(orm.to_sym) ? :mongoid : orm
+end
+
+require "shared/orm/#{orm_name}"
+
+FactoryBot.find_definitions
+
+RSpec.configure do |config|
+  # Remove this line if you're not using ActiveRecord or ActiveRecord fixtures
+  #config.fixture_path = "#{::Rails.root}/spec/fixtures"
+
+  # If you're not using ActiveRecord, or you'd prefer not to run each of your
+  # examples within a transaction, remove the following line or assign false
+  # instead of true.
+
+  config.include FactoryBot::Syntax::Methods
+  config.include ApiHelper, type: :api
+
+  config.use_transactional_fixtures = false
+
+  config.infer_spec_type_from_file_location!
+
+  config.infer_base_class_for_anonymous_controllers = false
+
+  config.before do
+    DatabaseCleaner.start
+    FactoryBot.lint
+   # Doorkeeper.configure { orm :active_record }
+  end
+
+  config.after do
+    DatabaseCleaner.clean
+  end
+
+  config.order = 'random'
+end

data/spec/shared/orm/active_record.rb

@@ -0,0 +1,4 @@
+# frozen_string_literal: true
+
+ActiveRecord::Migration.verbose = false
+load Rails.root + 'db/schema.rb'

data/spec/spec_helper.rb

@@ -0,0 +1,95 @@
+# frozen_string_literal: true
+
+# This file was generated by the `rspec --init` command. Conventionally, all
+# specs live under a `spec` directory, which RSpec adds to the `$LOAD_PATH`.
+# The generated `.rspec` file contains `--require spec_helper` which will cause this
+# file to always be loaded, without a need to explicitly require it in any files.
+#
+# Given that it is always loaded, you are encouraged to keep this file as
+# light-weight as possible. Requiring heavyweight dependencies from this file
+# will add to the boot time of your test suite on EVERY test run, even for an
+# individual file that may not need all of that loaded. Instead, consider making
+# a separate helper file that requires the additional dependencies and performs
+# the additional setup, and require it from the spec files that actually need it.
+#
+# The `.rspec` file also contains a few flags that are not defaults but that
+# users commonly want.
+#
+# See http://rubydoc.info/gems/rspec-core/RSpec/Core/Configuration
+
+require 'simplecov'
+SimpleCov.start
+
+RSpec.configure do |config|
+  # rspec-expectations config goes here. You can use an alternate
+  # assertion/expectation library such as wrong or the stdlib/minitest
+  # assertions if you prefer.
+  config.expect_with :rspec do |expectations|
+    # This option will default to `true` in RSpec 4. It makes the `description`
+    # and `failure_message` of custom matchers include text for helper methods
+    # defined using `chain`, e.g.:
+    # be_bigger_than(2).and_smaller_than(4).description
+    #   # => "be bigger than 2 and smaller than 4"
+    # ...rather than:
+    #   # => "be bigger than 2"
+    expectations.include_chain_clauses_in_custom_matcher_descriptions = true
+  end
+
+  # rspec-mocks config goes here. You can use an alternate test double
+  # library (such as bogus or mocha) by changing the `mock_with` option here.
+  config.mock_with :rspec do |mocks|
+    # Prevents you from mocking or stubbing a method that does not exist on
+    # a real object. This is generally recommended, and will default to
+    # `true` in RSpec 4.
+    mocks.verify_partial_doubles = true
+  end
+
+# The settings below are suggested to provide a good initial experience
+# with RSpec, but feel free to customize to your heart's content.
+=begin
+  # These two settings work together to allow you to limit a spec run
+  # to individual examples or groups you care about by tagging them with
+  # `:focus` metadata. When nothing is tagged with `:focus`, all examples
+  # get run.
+  config.filter_run :focus
+  config.run_all_when_everything_filtered = true
+
+  # Limits the available syntax to the non-monkey patched syntax that is recommended.
+  # For more details, see:
+  #   - http://myronmars.to/n/dev-blog/2012/06/rspecs-new-expectation-syntax
+  #   - http://teaisaweso.me/blog/2013/05/27/rspecs-new-message-expectation-syntax/
+  #   - http://myronmars.to/n/dev-blog/2014/05/notable-changes-in-rspec-3#new__config_option_to_disable_rspeccore_monkey_patching
+  config.disable_monkey_patching!
+
+  # This setting enables warnings. It's recommended, but in some cases may
+  # be too noisy due to issues in dependencies.
+  config.warnings = true
+
+  # Many RSpec users commonly either run the entire suite or an individual
+  # file, and it's useful to allow more verbose output when running an
+  # individual spec file.
+  if config.files_to_run.one?
+    # Use the documentation formatter for detailed output,
+    # unless a formatter has already been configured
+    # (e.g. via a command-line flag).
+    config.default_formatter = 'doc'
+  end
+
+  # Print the 10 slowest examples and example groups at the
+  # end of the spec run, to help surface which specs are running
+  # particularly slow.
+  config.profile_examples = 10
+
+  # Run specs in random order to surface order dependencies. If you find an
+  # order dependency and want to debug it, you can fix the order by providing
+  # the seed, which is printed after each run.
+  #     --seed 1234
+  config.order = :random
+
+  # Seed global randomization in this process using the `--seed` CLI option.
+  # Setting this allows you to use `--seed` to deterministically reproduce
+  # test failures related to randomization by passing the same `--seed` value
+  # as the one that triggered the failure.
+  Kernel.srand config.seed
+=end
+end

data/wine_bouncer.gemspec

@@ -0,0 +1,33 @@
+lib = File.expand_path('lib', __dir__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require 'wine_bouncer/version'
+
+Gem::Specification.new do |spec|
+  spec.name          = 'privy_wine_bouncer'
+  spec.version       = WineBouncer::VERSION
+  spec.authors       = ['Achmad Chun Chun']
+  spec.email         = ['achmad.chun@privy.id']
+  spec.summary       = %q{A Ruby gem that allows Oauth2 protection with Doorkeeper for Grape Api's}
+  spec.homepage      = 'https://github.com/privy-ruby/wine_bouncer_gem'
+  spec.license       = 'MIT'
+
+  spec.files         = `git ls-files -z`.split("\x0")
+  spec.executables   = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
+  spec.test_files    = spec.files.grep(%r{^(test|spec|features)/})
+  spec.require_paths = ['lib']
+
+  spec.add_runtime_dependency 'grape', '>= 0.10'
+  spec.add_runtime_dependency 'doorkeeper', '>= 1.4', '< 6.0'
+
+  spec.add_development_dependency 'railties'
+  spec.add_development_dependency 'bundler'
+  spec.add_development_dependency 'rake', '~> 11.0'
+  spec.add_development_dependency 'rspec-rails', '~> 3.5.0'
+  spec.add_development_dependency 'factory_bot', '~> 4.8'
+  spec.add_development_dependency 'generator_spec', '~> 0.9.0'
+  spec.add_development_dependency 'sqlite3'
+  spec.add_development_dependency 'database_cleaner', '~> 1.6'
+  spec.add_development_dependency 'rubocop', '0.58.2'
+  spec.add_development_dependency 'yard', '~> 0.9.16'
+  spec.add_development_dependency 'simplecov'
+end