RubyGems - rack-couchdb-oauth2 - Versions diffs - 0.1.0 → 0.2.0 - Mend

rack-couchdb-oauth2 0.1.0 → 0.2.0

Files changed (20) hide show

data/Gemfile.lock +6 -6
data/VERSION +1 -1
data/lib/couchdb_oauth2/configuration.rb +28 -0
data/lib/couchdb_oauth2/model/access_token.rb +1 -3
data/lib/couchdb_oauth2/model/account.rb +87 -69
data/lib/couchdb_oauth2/model/base.rb +12 -11
data/lib/couchdb_oauth2/model/client.rb +11 -2
data/lib/couchdb_oauth2/model/oauth2_token.rb +24 -10
data/lib/couchdb_oauth2/model/refresh_token.rb +1 -5
data/lib/couchdb_oauth2/resource/require_client.rb +1 -1
data/lib/couchdb_oauth2/token_endpoint.rb +2 -1
data/lib/rack-couchdb-oauth2.rb +19 -9
data/rack-couchdb-oauth2.gemspec +9 -4
data/test/helper.rb +31 -0
data/test/test_account.rb +26 -0
data/test/test_client.rb +50 -0
data/test/test_rack-couchdb-oauth2.rb +4 -5
data/test/test_require_client.rb +130 -0
data/test/test_token.rb +62 -0
metadata +40 -35

data/Gemfile.lock CHANGED Viewed

@@ -1,6 +1,6 @@
 GIT
   remote: git://github.com/couchrest/couchrest_model.git
-  revision: 98772ae98a4685d6a69a77a50d30bd2118cc3aad
+  revision: dca47ac3b2b6fd5a4f3ee131083dde4a5cd2b8db
   specs:
     couchrest_model (1.1.0.rc1)
       activemodel (~> 3.0)
@@ -11,11 +11,11 @@ GIT
 GEM
   remote: http://rubygems.org/
   specs:
-    activemodel (3.0.8)
-      activesupport (= 3.0.8)
+    activemodel (3.0.9)
+      activesupport (= 3.0.9)
       builder (~> 2.1.2)
       i18n (~> 0.5.0)
-    activesupport (3.0.8)
+    activesupport (3.0.9)
     attr_required (0.0.3)
     bcrypt-ruby (2.1.4)
     builder (2.1.2)
@@ -30,11 +30,11 @@ GEM
       bundler (~> 1.0)
       git (>= 1.2.5)
       rake
-    json (1.5.2)
+    json (1.5.3)
     mime-types (1.16)
     multi_json (1.0.3)
     rack (1.3.0)
-    rack-oauth2 (0.8.1)
+    rack-oauth2 (0.8.2)
       activesupport (>= 2.3)
       attr_required (>= 0.0.3)
       httpclient (>= 2.2.0.2)

data/VERSION CHANGED Viewed

	@@ -1 +1 @@
1	- 0.1.0
1	+ 0.2.0

data/lib/couchdb_oauth2/configuration.rb ADDED Viewed

@@ -0,0 +1,28 @@
+module Rack
+  module CouchdbOAuth2
+    class Configuration
+      def self.add_config(name)
+        class_eval <<-RUBY, __FILE__, __LINE__ + 1
+          def self.#{name}(value=nil)
+            @#{name} = value if value
+            return @#{name} if self.object_id == #{self.object_id} || defined?(@#{name})
+            name = superclass.#{name}
+            return nil if name.nil? && !instance_variable_defined?("@#{name}")
+            @#{name} = name && !name.is_a?(Module) && !name.is_a?(Symbol) && !name.is_a?(Numeric) && !name.is_a?(TrueClass) && !name.is_a?(FalseClass) ? name.dup : name
+          end
+          def self.#{name}=(value)
+            @#{name} = value
+          end
+          def #{name}
+            self.class.#{name}
+          end
+        RUBY
+      end
+      add_config  :account_class
+    end
+  end
+end

data/lib/couchdb_oauth2/model/access_token.rb CHANGED Viewed

@@ -1,11 +1,9 @@
 class AccessToken < CouchRest::Model::Base
-  include CouchdbOAuth2::Model::Base
+  include Rack::CouchdbOAuth2::Model::Base
   include Oauth2Token
   self.default_lifetime = 15.minutes
   belongs_to :refresh_token
-  property  :token, String
-  property  :expires_at,  Time
   timestamps!
   def to_bearer_token(with_refresh_token = false)

data/lib/couchdb_oauth2/model/account.rb CHANGED Viewed

@@ -1,74 +1,92 @@
 require 'bcrypt'
-class Account < CouchRest::Model::Base
-  include CouchdbOAuth2::Model::Base
-  property  :email,   String
-  property  :encrypted_password,  String
-  timestamps!
-  view_by   :email
-  validates_uniqueness_of :email
-  attr_reader :password
-  def password=(new_password)
-    @password = new_password
-    self.encrypted_password = password_digest(@password) if @password.present?
-  end
-  def valid_password?(password)
-    return false if encrypted_password.blank?
-    bcrypt   = ::BCrypt::Password.new(self.encrypted_password)
-    password = ::BCrypt::Engine.hash_secret("#{password}#{self.class.pepper}", bcrypt.salt)
-    Account.secure_compare(password, self.encrypted_password)
-  end
-  def clean_up_passwords
-    self.password = self.password_confirmation = ""
-  end
-  # A reliable way to expose the salt regardless of the implementation.
-  def authenticatable_salt
-    self.encrypted_password[0,29] if self.encrypted_password
-  end
-  def access_tokens
-    AccessToken.view(:by_account_id, :key => self['_id'])
-  end
-  def refresh_tokens
-    RefreshToken.view(:by_account_id, :key => self['_id'])
-  end
-  protected
-  # Downcase case-insensitive keys
-  def downcase_keys
-    (self.class.case_insensitive_keys || []).each { |k| self[k].try(:downcase!) }
-  end
+module Rack
+  module CouchdbOAuth2
+    module Model
+      module Account
+        def self.included(klass)
+          klass.class_eval do
-  # Digests the password using bcrypt.
-  def password_digest(password)
-    ::BCrypt::Password.create("#{password}#{self.class.pepper}", :cost => self.class.stretches).to_s
-  end
-  def self.stretches
-    5
-  end
-  def self.pepper
-    '5ad96cc293abadd5322908c597a363205b909c99fab13b59895b6e3fc93540f2f276800d6718fa174c9a9720e1148b4da19ee58c779078efe98ca2c76c8cdd40'
-  end
-  def self.secure_compare(a, b)
-    return false if a.blank? || b.blank? || a.bytesize != b.bytesize
-    l = a.unpack "C#{a.bytesize}"
-    res = 0
-    b.each_byte { |byte| res |= byte ^ l.shift }
-    res == 0
+            property  :email,   String
+            property  :encrypted_password,  String, :protected => true
+            property  :pepper,  String, :protected => true
+            view_by   :email
+            validates_presence_of :email
+            validates_uniqueness_of :email
+            validates_confirmation_of :password
+            validates_presence_of :encrypted_password, :message => 'password should not be empty'
+            validates_presence_of :password_confirmation, :if => :password_changed?
+            attr_reader :password
+            def self.stretches
+              5
+            end
+            def self.secure_compare(a, b)
+              return false if a.blank? || b.blank? || a.bytesize != b.bytesize
+              l = a.unpack "C#{a.bytesize}"
+              res = 0
+              b.each_byte { |byte| res |= byte ^ l.shift }
+              res == 0
+            end
+            def self.find_account(identity)
+              raise 'implement me'
+            end
+          end
+        end
+        def password=(new_password)
+          @password = new_password
+          self.pepper = BCrypt::Engine.generate_salt
+          self.encrypted_password = password_digest(@password) if @password.present?
+        end
+        def password_changed?
+          self.encrypted_password_changed?
+        end
+        def valid_password?(password)
+          return false if encrypted_password.blank?
+          bcrypt   = ::BCrypt::Password.new(self.encrypted_password)
+          password = ::BCrypt::Engine.hash_secret("#{password}#{self.pepper}", bcrypt.salt)
+          self.class.secure_compare(password, self.encrypted_password)
+        end
+        def clean_up_passwords
+          self.password = self.password_confirmation = ""
+        end
+        # A reliable way to expose the salt regardless of the implementation.
+        def authenticatable_salt
+          self.encrypted_password[0,29] if self.encrypted_password
+        end
+        def access_tokens
+          AccessToken.view(:by_account_id, :key => self['_id'])
+        end
+        def refresh_tokens
+          RefreshToken.view(:by_account_id, :key => self['_id'])
+        end
+        protected
+        # Downcase case-insensitive keys
+        def downcase_keys
+          (self.class.case_insensitive_keys || []).each { |k| self[k].try(:downcase!) }
+        end
+        # Digests the password using bcrypt.
+        def password_digest(password)
+          ::BCrypt::Password.create("#{password}#{self.pepper}", :cost => self.class.stretches).to_s
+        end
+      end
+    end
   end
 end

data/lib/couchdb_oauth2/model/base.rb CHANGED Viewed

@@ -1,12 +1,13 @@
-module CouchdbOAuth2
-  module Model
-    module Base
-      def self.included(klass)
-        klass.class_eval do
-          use_database klass.name.tableize
-        end
-      end
+module Rack
+  module CouchdbOAuth2
+    module Model
+      module Base
+        def self.included(klass)
+          klass.class_eval do
+            use_database klass.name.tableize
+          end
+        end
+      end
     end
-  end
-end
+  end
+end

data/lib/couchdb_oauth2/model/client.rb CHANGED Viewed

@@ -1,13 +1,16 @@
 class Client < CouchRest::Model::Base
-  include CouchdbOAuth2::Model::Base
+  include Rack::CouchdbOAuth2::Model::Base
   property :name,      String
   property :redirect_url,   String
   property :website,        String
-  property :secret,         String
+  property :secret,         String, :protected => true
   timestamps!
   before_validation :setup, :on => :create
+  validates_uniqueness_of :name
+  validates_presence_of :name
+  validates_presence_of :secret
   def setup
     if self.secret.nil?
@@ -18,4 +21,10 @@ class Client < CouchRest::Model::Base
   def identity
     self['_id']
   end
+  def self.find_by_env(env)
+    request = Rack::OAuth2::Server::Token::Request.new(env)
+    client = Client.find(request.client_id)
+    client if client && client.secret == request.client_secret
+  end
 end

data/lib/couchdb_oauth2/model/oauth2_token.rb CHANGED Viewed

@@ -4,9 +4,12 @@ module Oauth2Token
       cattr_accessor :default_lifetime
       self.default_lifetime = 1.minute
-      belongs_to :account
+      belongs_to :account, :class_name => Rack::CouchdbOAuth2::Configuration.account_class.to_s
       belongs_to :client
+      property  :token, String
+      property :expires_at, Time
       view_by :expires_at
       view_by :account_id
       view_by :client_id
@@ -15,6 +18,25 @@ module Oauth2Token
       before_validation :setup, :on => :create
       validates :client, :expires_at, :account, :presence => true
       validates :token, :presence => true, :uniqueness => true
+      def self.find_by_env(env)
+        token = find_by_token(env[Rack::OAuth2::Server::Resource::ACCESS_TOKEN])
+        if token.nil? || token.expired?
+          nil
+        else
+          token
+        end
+      end
+      def self.valid
+        view(:by_expires_at, :startkey => Time.now.utc)
+      end
+      def self.find_by_token(token)
+        return nil if token.nil? || token.empty?
+        self.first_from_view(:by_token, token)
+      end
     end
   end
@@ -29,16 +51,8 @@ module Oauth2Token
   def expired?
     self.expires_at < Time.now.utc
-  end
-  def self.valid
-    view(:by_expires_at, :startkey => Time.now.utc)
-  end
+  end
-  def self.find_by_token(token)
-    return nil if token.nil? || token.empty?
-    self.first_from_view(:by_token, token)
-  end
   private
   def self.generate(bytes = 64)

data/lib/couchdb_oauth2/model/refresh_token.rb CHANGED Viewed

@@ -1,10 +1,6 @@
 class RefreshToken < CouchRest::Model::Base
-  include CouchdbOAuth2::Model::Base
+  include Rack::CouchdbOAuth2::Model::Base
   include Oauth2Token
-  belongs_to :account
-  belongs_to :client
-  property  :token,   String
-  property :expires_at, Time
   timestamps!
   self.default_lifetime = 1.month

data/lib/couchdb_oauth2/resource/require_client.rb CHANGED Viewed

@@ -22,7 +22,7 @@ module Rack
         client = request.client
         request.unauthorized!(:invalid_token) unless client
         if @authenticator
-          request.unauthorized! unless @authenticator.call(request)
+          request.unauthorized!(:invalid_token) unless @authenticator.call(request)
         end
         env[CLIENT] = client
       end

data/lib/couchdb_oauth2/token_endpoint.rb CHANGED Viewed

@@ -17,7 +17,8 @@ module Rack
             req.unsupported_grant_type!
           when :password
             # NOTE: password is not hashed in this sample app. Don't do the same on your app.
-            account = req.username.nil? ? nil : Account.first_from_view(:by_email, req.username)
+            account_class = Rack::CouchdbOAuth2::Configuration.account_class
+            account = req.username.nil? ? nil : account_class.find_account(req.username)
             req.invalid_grant! unless account && account.valid_password?(req.password)
             res.access_token = AccessToken.create(:client => client, :account => account).to_bearer_token(:with_refresh_token)
           when :client_credentials

data/lib/rack-couchdb-oauth2.rb CHANGED Viewed

@@ -2,13 +2,23 @@ require 'rack/oauth2'
 require 'couchrest'
 require 'couchrest_model'
 require 'active_support'
-require 'couchdb_oauth2/model/base'
-require 'couchdb_oauth2/model/oauth2_token'
-require 'couchdb_oauth2/model/access_token'
-require 'couchdb_oauth2/model/account'
-require 'couchdb_oauth2/model/client'
-require 'couchdb_oauth2/model/refresh_token'
-require 'couchdb_oauth2/token_endpoint'
-require 'couchdb_oauth2/resource/require_bearer_token'
-require 'couchdb_oauth2/resource/require_client'
+module Rack
+  module CouchdbOAuth2
+    autoload :Configuration, 'couchdb_oauth2/configuration'
+    autoload :TokenEndpoint, 'couchdb_oauth2/token_endpoint'
+    autoload :RequireBearerToken, 'couchdb_oauth2/resource/require_bearer_token'
+    autoload :RequireClient, 'couchdb_oauth2/resource/require_client'
+    module Model
+      autoload :Base, 'couchdb_oauth2/model/base'
+      autoload :Account, 'couchdb_oauth2/model/account'
+    end
+  end
+end
+autoload :Oauth2Token, 'couchdb_oauth2/model/oauth2_token'
+autoload :AccessToken, 'couchdb_oauth2/model/access_token'
+autoload :Client, 'couchdb_oauth2/model/client'
+autoload :RefreshToken, 'couchdb_oauth2/model/refresh_token'

data/rack-couchdb-oauth2.gemspec CHANGED Viewed

@@ -5,11 +5,11 @@
 Gem::Specification.new do |s|
   s.name = %q{rack-couchdb-oauth2}
-  s.version = "0.1.0"
+  s.version = "0.2.0"
   s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
   s.authors = ["Robin Lu"]
-  s.date = %q{2011-06-15}
+  s.date = %q{2011-06-27}
   s.description = %q{Rack middleware for OAuth2 Provider Server Based on Couchdb}
   s.email = %q{iamawalrus@gmail.com}
   s.extra_rdoc_files = [
@@ -24,6 +24,7 @@ Gem::Specification.new do |s|
     "README.rdoc",
     "Rakefile",
     "VERSION",
+    "lib/couchdb_oauth2/configuration.rb",
     "lib/couchdb_oauth2/model/access_token.rb",
     "lib/couchdb_oauth2/model/account.rb",
     "lib/couchdb_oauth2/model/base.rb",
@@ -36,12 +37,16 @@ Gem::Specification.new do |s|
     "lib/rack-couchdb-oauth2.rb",
     "rack-couchdb-oauth2.gemspec",
     "test/helper.rb",
-    "test/test_rack-couchdb-oauth2.rb"
+    "test/test_account.rb",
+    "test/test_client.rb",
+    "test/test_rack-couchdb-oauth2.rb",
+    "test/test_require_client.rb",
+    "test/test_token.rb"
   ]
   s.homepage = %q{http://github.com/robin/rack-couchdb-oauth2}
   s.licenses = ["MIT"]
   s.require_paths = ["lib"]
-  s.rubygems_version = %q{1.4.2}
+  s.rubygems_version = %q{1.6.2}
   s.summary = %q{Rack middleware for OAuth2 Provider Server Based on Couchdb}
   if s.respond_to? :specification_version then

data/test/helper.rb CHANGED Viewed

@@ -14,6 +14,21 @@ $LOAD_PATH.unshift(File.dirname(__FILE__))
 $LOAD_PATH.unshift(File.join(File.dirname(__FILE__), '..', 'lib'))
 require 'rack-couchdb-oauth2'
+class User < CouchRest::Model::Base
+  use_database 'users'
+  include Rack::CouchdbOAuth2::Model::Account
+  def self.pepper
+    'pepper'
+  end
+  def self.find_account(identity)
+    first_from_view(:by_email, identity)
+  end
+end
+Rack::CouchdbOAuth2::Configuration.account_class = ::User
 class Test::Unit::TestCase
   def assert_error_response(response)
     assert !response.ok?
@@ -21,6 +36,22 @@ class Test::Unit::TestCase
     assert_not_nil(body['error'])
     assert_nil(body['access_token'])
   end
+  def create_client
+    @client = Client.create(:name => 'test client')
+  end
+  def create_account
+    @account = User.create(:email => 'test@example.com', :password => 'abc123', :password_confirmation => 'abc123' )
+  end
+  def destroy_client
+    @client.destroy
+  end
+  def destroy_account
+    @account.destroy
+  end
 end
 class TestApp

data/test/test_account.rb ADDED Viewed

@@ -0,0 +1,26 @@
+require "helper"
+class TestRequireClient < Test::Unit::TestCase
+  include Rack::Test::Methods
+  def test_presents
+    a = User.new()
+    assert(!a.save, "Failure message.")
+    a.email = 'abc@example.com'
+    assert(!a.save, "Failure message.")
+    a.password = 'abcdef'
+    assert(!a.save, "Failure message.")
+    a.password_confirmation = 'wrong'
+    assert(!a.save, "Failure message.")
+    a.password_confirmation = 'abcdef'
+    assert(a.save, "Failure message.")
+    a.destroy
+  end
+  def test_attr_protected
+    a = User.new(:email => 'aaa@example.com', :encrypted_password => "pwd", :pepper => "pepper")
+    assert_equal('aaa@example.com', a.email)
+    assert_nil(a.encrypted_password)
+    assert_nil(a.pepper)
+  end
+end

data/test/test_client.rb ADDED Viewed

@@ -0,0 +1,50 @@
+require "helper"
+class TestClient < Test::Unit::TestCase
+  include Rack::Test::Methods
+  def setup
+    create_client
+  end
+  def teardown
+    destroy_client
+  end
+  def app
+    Rack::Builder.new do
+      run proc {|env|
+        client = Client.find_by_env(env)
+        raise 'no client' if client.nil?
+        [200, {}, 'OK']
+      }
+    end
+  end
+  def test_presents
+    c = Client.new()
+    assert(!c.save, "Failure message.")
+    c.name = 'abc'
+    assert(c.save, "Failure message.")
+    c2 = Client.new :name => 'abc', :secret => 's'
+    assert_nil(c2.secret)
+    assert(!c2.save, "Failure message.")
+    c.destroy
+  end
+  def test_find_by_env
+    assert_raise(RuntimeError) {
+      get '/'
+    }
+    assert_raise(RuntimeError) {
+      get '/', :client_id => @client.identity, :client_secret =>'wrong secret'
+    }
+    assert_nothing_raised(RuntimeError) {
+      get '/', :client_id => @client.identity, :client_secret =>@client.secret
+    }
+    assert_raise(RuntimeError) {
+      get '/', :client_id => "wrong identity", :client_secret =>'wrong secret'
+    }
+  end
+end

data/test/test_rack-couchdb-oauth2.rb CHANGED Viewed

@@ -4,20 +4,19 @@ class TestRackCouchdbOauth2 < Test::Unit::TestCase
   include Rack::Test::Methods
   def setup
-    @client = Client.create(:name => 'test client')
-    @account = Account.create(:email => 'test@example.com', :password => 'abc123' )
+    create_client
+    create_account
   end
   def teardown
-    @client.destroy
-    @account.destroy
+    destroy_client
+    destroy_account
   end
   def app
     Rack::Builder.new do
       map '/db' do
         use Rack::CouchdbOAuth2::RequireBearerToken
-        use Rack::CouchdbOAuth2::RequireClient
         run TestApp.new
       end

data/test/test_require_client.rb ADDED Viewed

@@ -0,0 +1,130 @@
+require "helper"
+class TestRequireClient < Test::Unit::TestCase
+  include Rack::Test::Methods
+  def setup
+    create_client
+    create_account
+  end
+  def teardown
+    destroy_client
+    destroy_account
+  end
+  def app
+    @app ||= Rack::Builder.new do
+      map '/db' do
+        use Rack::CouchdbOAuth2::RequireBearerToken
+        use Rack::CouchdbOAuth2::RequireClient
+        run TestApp.new
+      end
+      map '/oauth2' do
+        map '/token' do
+          run Rack::CouchdbOAuth2::TokenEndpoint.new
+        end
+      end
+    end
+  end
+  def change_to_false_client_id
+    @app ||= Rack::Builder.new do
+      map '/db' do
+        use Rack::CouchdbOAuth2::RequireBearerToken
+        use Rack::CouchdbOAuth2::RequireClient do |req|
+          req.client.identity == 'false id'
+        end
+        run TestApp.new
+      end
+      map '/oauth2' do
+        map '/token' do
+          run Rack::CouchdbOAuth2::TokenEndpoint.new
+        end
+      end
+    end
+  end
+  def change_to_use_client_id
+    identity = @client.identity
+    @app ||= Rack::Builder.new do
+      map '/db' do
+        use Rack::CouchdbOAuth2::RequireBearerToken
+        use Rack::CouchdbOAuth2::RequireClient do |req|
+          req.client.identity == identity
+        end
+        run TestApp.new
+      end
+      map '/oauth2' do
+        map '/token' do
+          run Rack::CouchdbOAuth2::TokenEndpoint.new
+        end
+      end
+    end
+  end
+  def test_require_client
+    header 'AUTHORIZATION', nil
+    get 'db'
+    assert_error_response last_response
+    post 'oauth2/token', :grant_type => 'password', :client_id => @client.identity, :client_secret => @client.secret, :username => @account.email, :password => 'abc123'
+    assert last_response.ok?
+    body = ActiveSupport::JSON.decode(last_response.body)
+    access_token = body['access_token']
+    refresh_token = body['refresh_token']
+    assert_not_nil(access_token)
+    assert_not_nil(refresh_token)
+    assert_equal('bearer', body['token_type'])
+    header 'AUTHORIZATION', "Bearer #{access_token}"
+    get 'db'
+    assert last_response.ok?
+    assert_equal(TestApp::BODY, last_response.body)
+  end
+  def test_require_client_with_wrong_id
+    change_to_false_client_id
+    header 'AUTHORIZATION', nil
+    get 'db'
+    assert_error_response last_response
+    post 'oauth2/token', :grant_type => 'password', :client_id => @client.identity, :client_secret => @client.secret, :username => @account.email, :password => 'abc123'
+    assert last_response.ok?
+    body = ActiveSupport::JSON.decode(last_response.body)
+    access_token = body['access_token']
+    refresh_token = body['refresh_token']
+    assert_not_nil(access_token)
+    assert_not_nil(refresh_token)
+    assert_equal('bearer', body['token_type'])
+    header 'AUTHORIZATION', "Bearer #{access_token}"
+    get 'db'
+    assert_error_response last_response
+  end
+  def test_require_client_with_correct_id
+    change_to_use_client_id
+    header 'AUTHORIZATION', nil
+    get 'db'
+    assert_error_response last_response
+    post 'oauth2/token', :grant_type => 'password', :client_id => @client.identity, :client_secret => @client.secret, :username => @account.email, :password => 'abc123'
+    assert last_response.ok?
+    body = ActiveSupport::JSON.decode(last_response.body)
+    access_token = body['access_token']
+    refresh_token = body['refresh_token']
+    assert_not_nil(access_token)
+    assert_not_nil(refresh_token)
+    assert_equal('bearer', body['token_type'])
+    header 'AUTHORIZATION', "Bearer #{access_token}"
+    get 'db'
+    assert last_response.ok?
+    assert_equal(TestApp::BODY, last_response.body)
+  end
+end

data/test/test_token.rb ADDED Viewed

@@ -0,0 +1,62 @@
+require 'helper'
+class TestToken < Test::Unit::TestCase
+  include Rack::Test::Methods
+  def setup
+    create_client
+    create_account
+  end
+  def teardown
+    destroy_client
+    destroy_account
+  end
+  def app
+    Rack::Builder.new do
+      map '/oauth2' do
+        map '/token' do
+          run Rack::CouchdbOAuth2::TokenEndpoint.new
+        end
+      end
+      map '/db' do
+        use Rack::OAuth2::Server::Resource::Bearer, 'test' do |req|
+        end
+        run proc {|env|
+          token = AccessToken.find_by_env(env)
+          raise 'no client' if token.nil?
+          [200, {}, 'OK']
+        }
+      end
+    end
+  end
+  def test_find_by_env
+    post 'oauth2/token', :grant_type => 'password', :client_id => @client.identity, :client_secret => @client.secret, :username => @account.email, :password => 'abc123'
+    assert last_response.ok?
+    body = ActiveSupport::JSON.decode(last_response.body)
+    access_token = body['access_token']
+    refresh_token = body['refresh_token']
+    assert_not_nil(access_token)
+    assert_not_nil(refresh_token)
+    assert_equal('bearer', body['token_type'])
+    assert_raise(RuntimeError) {
+      header 'AUTHORIZATION', nil
+      get 'db'
+    }
+    assert_nothing_raised(RuntimeError) {
+      header 'AUTHORIZATION', "Bearer #{access_token}"
+      get 'db'
+    }
+    assert_raise(RuntimeError) {
+      header 'AUTHORIZATION', nil
+      get 'db'
+    }
+  end
+end

metadata CHANGED Viewed

@@ -1,13 +1,13 @@
 --- !ruby/object:Gem::Specification
 name: rack-couchdb-oauth2
 version: !ruby/object:Gem::Version
-  hash: 27
+  hash: 23
   prerelease:
   segments:
   - 0
-  - 1
+  - 2
   - 0
-  version: 0.1.0
+  version: 0.2.0
 platform: ruby
 authors:
 - Robin Lu
@@ -15,14 +15,13 @@ autorequire:
 bindir: bin
 cert_chain: []
-date: 2011-06-15 00:00:00 +08:00
+date: 2011-06-27 00:00:00 +08:00
 default_executable:
 dependencies:
 - !ruby/object:Gem::Dependency
   prerelease: false
-  name: rack
   type: :runtime
-  version_requirements: &id001 !ruby/object:Gem::Requirement
+  requirement: &id001 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ">="
@@ -31,12 +30,12 @@ dependencies:
         segments:
         - 0
         version: "0"
-  requirement: *id001
+  name: rack
+  version_requirements: *id001
 - !ruby/object:Gem::Dependency
   prerelease: false
-  name: couchrest
   type: :runtime
-  version_requirements: &id002 !ruby/object:Gem::Requirement
+  requirement: &id002 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ">="
@@ -45,12 +44,12 @@ dependencies:
         segments:
         - 0
         version: "0"
-  requirement: *id002
+  name: couchrest
+  version_requirements: *id002
 - !ruby/object:Gem::Dependency
   prerelease: false
-  name: couchrest_model
   type: :runtime
-  version_requirements: &id003 !ruby/object:Gem::Requirement
+  requirement: &id003 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ">="
@@ -59,12 +58,12 @@ dependencies:
         segments:
         - 0
         version: "0"
-  requirement: *id003
+  name: couchrest_model
+  version_requirements: *id003
 - !ruby/object:Gem::Dependency
   prerelease: false
-  name: activesupport
   type: :runtime
-  version_requirements: &id004 !ruby/object:Gem::Requirement
+  requirement: &id004 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ">="
@@ -73,12 +72,12 @@ dependencies:
         segments:
         - 0
         version: "0"
-  requirement: *id004
+  name: activesupport
+  version_requirements: *id004
 - !ruby/object:Gem::Dependency
   prerelease: false
-  name: rack-oauth2
   type: :runtime
-  version_requirements: &id005 !ruby/object:Gem::Requirement
+  requirement: &id005 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ">="
@@ -87,12 +86,12 @@ dependencies:
         segments:
         - 0
         version: "0"
-  requirement: *id005
+  name: rack-oauth2
+  version_requirements: *id005
 - !ruby/object:Gem::Dependency
   prerelease: false
-  name: bcrypt-ruby
   type: :runtime
-  version_requirements: &id006 !ruby/object:Gem::Requirement
+  requirement: &id006 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ">="
@@ -101,12 +100,12 @@ dependencies:
         segments:
         - 0
         version: "0"
-  requirement: *id006
+  name: bcrypt-ruby
+  version_requirements: *id006
 - !ruby/object:Gem::Dependency
   prerelease: false
-  name: bundler
   type: :development
-  version_requirements: &id007 !ruby/object:Gem::Requirement
+  requirement: &id007 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ~>
@@ -117,12 +116,12 @@ dependencies:
         - 0
         - 0
         version: 1.0.0
-  requirement: *id007
+  name: bundler
+  version_requirements: *id007
 - !ruby/object:Gem::Dependency
   prerelease: false
-  name: jeweler
   type: :development
-  version_requirements: &id008 !ruby/object:Gem::Requirement
+  requirement: &id008 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ~>
@@ -133,12 +132,12 @@ dependencies:
         - 6
         - 2
         version: 1.6.2
-  requirement: *id008
+  name: jeweler
+  version_requirements: *id008
 - !ruby/object:Gem::Dependency
   prerelease: false
-  name: rcov
   type: :development
-  version_requirements: &id009 !ruby/object:Gem::Requirement
+  requirement: &id009 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ">="
@@ -147,12 +146,12 @@ dependencies:
         segments:
         - 0
         version: "0"
-  requirement: *id009
+  name: rcov
+  version_requirements: *id009
 - !ruby/object:Gem::Dependency
   prerelease: false
-  name: rack-test
   type: :development
-  version_requirements: &id010 !ruby/object:Gem::Requirement
+  requirement: &id010 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ">="
@@ -161,7 +160,8 @@ dependencies:
         segments:
         - 0
         version: "0"
-  requirement: *id010
+  name: rack-test
+  version_requirements: *id010
 description: Rack middleware for OAuth2 Provider Server Based on Couchdb
 email: iamawalrus@gmail.com
 executables: []
@@ -179,6 +179,7 @@ files:
 - README.rdoc
 - Rakefile
 - VERSION
+- lib/couchdb_oauth2/configuration.rb
 - lib/couchdb_oauth2/model/access_token.rb
 - lib/couchdb_oauth2/model/account.rb
 - lib/couchdb_oauth2/model/base.rb
@@ -191,7 +192,11 @@ files:
 - lib/rack-couchdb-oauth2.rb
 - rack-couchdb-oauth2.gemspec
 - test/helper.rb
+- test/test_account.rb
+- test/test_client.rb
 - test/test_rack-couchdb-oauth2.rb
+- test/test_require_client.rb
+- test/test_token.rb
 has_rdoc: true
 homepage: http://github.com/robin/rack-couchdb-oauth2
 licenses:
@@ -222,7 +227,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
 requirements: []
 rubyforge_project:
-rubygems_version: 1.4.2
+rubygems_version: 1.6.2
 signing_key:
 specification_version: 3
 summary: Rack middleware for OAuth2 Provider Server Based on Couchdb