rack-oauth 0.1.2

data/spec/rack_oauth_middleware_spec.rb

@@ -0,0 +1,156 @@
+require File.dirname(__FILE__) + '/spec_helper'
+
+# This is just testing to make sure that the basics of the middleware 
+# all work.  This does NOT actually test any of the OAuth functionality.
+describe Rack::OAuth, 'basic middlware usage' do
+
+  before do
+    @app = lambda {|env| [200, {}, ["Hello World"]] }
+  end
+
+  it 'should have a name' do
+    oauth = Rack::OAuth.new @app, :foo, :site => 'a', :key => 'b', :secret => 'c'
+    oauth.name.should == 'foo'
+  end
+
+  it 'name should default to "default"' do
+    oauth = Rack::OAuth.new @app, :site => 'a', :key => 'b', :secret => 'c'
+    oauth.name.should == 'default'
+  end
+
+  it 'should be able to access an instance of Rack::OAuth by name from within Rack application' do
+    app = lambda {|env| [200, {}, [ env['rack.oauth'].keys.inspect ]] }
+
+    oauth = Rack::OAuth.new app, :foo, :site => 'a', :key => 'b', :secret => 'c'
+    RackBox.request(Rack::Session::Cookie.new(oauth), '/').body.should include('foo')
+    RackBox.request(Rack::Session::Cookie.new(oauth), '/').body.should_not include('bar')
+
+    oauth = Rack::OAuth.new oauth, :bar, :site => 'a', :key => 'b', :secret => 'c'
+    RackBox.request(Rack::Session::Cookie.new(oauth), '/').body.should include('foo')
+    RackBox.request(Rack::Session::Cookie.new(oauth), '/').body.should include('bar')
+  end
+
+  it 'should be *really* easy to access the default instance of Rack::OAuth by name from within Rack application' do
+    app = lambda {|env| [200, {}, [ Rack::OAuth.get(env).inspect ]] }
+
+    oauth = Rack::OAuth.new app, :foo, :site => 'a', :key => 'b', :secret => 'c'
+    RackBox.request(Rack::Session::Cookie.new(oauth), '/').body.should == 'nil'
+
+    oauth = Rack::OAuth.new app, :site => 'a', :key => 'b', :secret => 'c'
+    RackBox.request(Rack::Session::Cookie.new(oauth), '/').body.should_not == 'nil'
+    RackBox.request(Rack::Session::Cookie.new(oauth), '/').body.should include('#<Rack::OAuth')
+  end
+
+  it 'should be easy to access an instance of Rack::OAuth by name from within Rack application' do
+    app = lambda {|env| [200, {}, [ Rack::OAuth.get(env, :bar).inspect ]] }
+
+    oauth = Rack::OAuth.new app, :foo, :site => 'a', :key => 'b', :secret => 'c'
+    RackBox.request(Rack::Session::Cookie.new(oauth), '/').body.should == 'nil'
+
+    oauth = Rack::OAuth.new oauth, :bar, :site => 'a', :key => 'b', :secret => 'c'
+    RackBox.request(Rack::Session::Cookie.new(oauth), '/').body.should_not == 'nil'
+    RackBox.request(Rack::Session::Cookie.new(oauth), '/').body.should include('#<Rack::OAuth')
+  end
+
+  it 'should be easy to access to all instances of Rack::OAuth for a Rack application' do
+    app = lambda {|env| [200, {}, [ Rack::OAuth.all(env).length ]] }
+
+    oauth = Rack::OAuth.new app, :foo, :site => 'a', :key => 'b', :secret => 'c'
+    RackBox.request(Rack::Session::Cookie.new(oauth), '/').body.should == '1'
+
+    oauth = Rack::OAuth.new oauth, :bar, :site => 'a', :key => 'b', :secret => 'c'
+    RackBox.request(Rack::Session::Cookie.new(oauth), '/').body.should == '2'
+
+    ## double check it's working as expected ...
+
+    app = lambda {|env| [200, {}, [ Rack::OAuth.all(env).keys ]] }
+
+    oauth = Rack::OAuth.new app, :foo, :site => 'a', :key => 'b', :secret => 'c'
+    RackBox.request(Rack::Session::Cookie.new(oauth), '/').body.should     include('foo')
+    RackBox.request(Rack::Session::Cookie.new(oauth), '/').body.should_not include('bar')
+
+    oauth = Rack::OAuth.new oauth, :bar, :site => 'a', :key => 'b', :secret => 'c'
+    RackBox.request(Rack::Session::Cookie.new(oauth), '/').body.should include('foo')
+    RackBox.request(Rack::Session::Cookie.new(oauth), '/').body.should include('bar')
+  end
+
+  it 'should be able to get the login path for an instance (so we can easily redirect from the app)' do
+    pending
+    oauth = Rack::OAuth.new app, :foo, :site => 'a', :key => 'b', :secret => 'c'
+    oauth.login_path
+    
+  end
+
+  # path getters should join the name of the Rack::OAuth.  setters shouldn't include the name.
+  it 'login path should be namespaced to the name of the Rack::OAuth instance' do
+    app = lambda {|env| [200, {}, ["Hello World"]] }
+
+    # the default name doesn't have its name appended.  we assume 'default' for this.
+    Rack::OAuth.new(app,       :site => 'a', :key => 'b', :secret => 'c').login_path.should == '/oauth_login'
+
+    Rack::OAuth.new(app, :foo, :site => 'a', :key => 'b', :secret => 'c').login_path.should == '/oauth_login/foo'
+
+    oauth = Rack::OAuth.new(app, :bar, :site => 'a', :key => 'b', :secret => 'c', :login_path => '/twitter_login')
+    oauth.login_path.should == '/twitter_login/bar'
+  end
+
+  it 'callback path should be namespaced to the name of the Rack::OAuth instance' do
+    app = lambda {|env| [200, {}, ["Hello World"]] }
+
+    # the default name doesn't have its name appended.  we assume 'default' for this.
+    Rack::OAuth.new(app,       :site => 'a', :key => 'b', :secret => 'c').callback_path.should == '/oauth_callback'
+
+    Rack::OAuth.new(app, :foo, :site => 'a', :key => 'b', :secret => 'c').callback_path.should == '/oauth_callback/foo'
+
+    oauth = Rack::OAuth.new(app, :bar, :site => 'a', :key => 'b', :secret => 'c', :callback_path => '/twitter_callback')
+    oauth.callback_path.should == '/twitter_callback/bar'
+  end
+
+  it 'redirect_to should NOT be namespaced to the name of the Rack::OAuth instance' do
+    app = lambda {|env| [200, {}, ["Hello World"]] }
+
+    # the default name doesn't have its name appended.  we assume 'default' for this.
+    Rack::OAuth.new(app,       :site => 'a', :key => 'b', :secret => 'c').redirect_to.should == '/oauth_complete'
+
+    Rack::OAuth.new(app, :foo, :site => 'a', :key => 'b', :secret => 'c').redirect_to.should == '/oauth_complete'
+
+    oauth = Rack::OAuth.new(app, :bar, :site => 'a', :key => 'b', :secret => 'c', :redirect_to => '/twitter_login_complete')
+    oauth.redirect_to.should == '/twitter_login_complete'
+  end
+
+  it 'session variables should all be namespaced to the name of the Rack::OAuth instance'
+
+  it 'should explodify with a helpful message if 2 Rack::OAuths are instantiated with the same name (?)'
+
+  describe 'Mocked requests / responses and whatnot' do
+
+    it 'the Rack::OAuth#consumer should persist through requests (confirm this is true because we need it to be true for mocking purposes)' do
+      app   = lambda {|env| [200, {}, [ Rack::OAuth.get(env).consumer.object_id.to_s ]] }
+      oauth = Rack::OAuth.new app, :site => 'a', :key => 'b', :secret => 'c'
+      
+      consumer_id = oauth.consumer.object_id
+
+      RackBox.request(Rack::Session::Cookie.new(oauth), '/').body.should include(consumer_id.to_s)
+      oauth.consumer.object_id.should == consumer_id
+
+      # do another request to make sure it stays the same
+      RackBox.request(Rack::Session::Cookie.new(oauth), '/').body.should include(consumer_id.to_s)
+      oauth.consumer.object_id.should == consumer_id
+    end
+
+    it 'should redirect to the authorize_url of the OAuth::RequestToken returned by consumer.get_request_token' do
+      app   = lambda {|env| [200, {}, ["Hello World"]] }
+      oauth = Rack::OAuth.new app, :site => 'a', :key => 'b', :secret => 'c'
+      
+      oauth.consumer.should_receive(:get_request_token).with(:oauth_callback => 'http://foo.com/oauth_callback').
+        and_return(mock_request_token(:authorize_path => '/silly_path'))
+
+      RackBox.request(Rack::Session::Cookie.new(oauth), '/oauth_login', 'HTTP_HOST' => 'foo.com').
+        headers['Location'].should =~ /^http:\/\/twitter\.com\/silly_path\?oauth_token=/
+    end
+
+    it 'should get an access token that can be used to make arbitrary requests if the callback_path is hit with the right variables given'
+
+  end
+
+end

data/spec/sample_sinatra_app_spec.rb

@@ -0,0 +1,105 @@
+require File.dirname(__FILE__) + '/spec_helper'
+
+require 'json'
+require 'sinatra/base'
+class SampleSinatraApp < Sinatra::Base
+
+  # this is hardcore optional ... if you want to override where ALL tokens are persisted, you can do this ...
+
+  def self.get_token key, oauth
+    @tokens[key] if @tokens
+  end
+  def self.set_token key, token, oauth
+    @tokens ||= {}
+    @tokens[key] = token
+  end
+
+  use Rack::Session::Cookie
+  use Rack::OAuth, :site   => 'http://twitter.com',
+                   :key    => '4JjFmhjfZyQ6rdbiql5A', 
+                   :secret => 'rv4ZaCgvxVPVjxHIDbMxTGFbIMxUa4KkIdPqL7HmaQo',
+                   :get    => method(:get_token),
+                   :set    => method(:set_token)
+
+  enable :raise_errors
+
+  helpers do
+    include Rack::OAuth::Methods
+  end
+
+  get '/' do
+    if logged_in?
+      "Hello World"
+    else
+      redirect oauth_login_path
+    end
+  end
+
+  get '/oauth_complete' do
+    info = JSON.parse oauth_request('/account/verify_credentials.json')
+    name = info['screen_name']
+    $access_tokens[name] = oauth_access_token
+  end
+
+  get '/get_user_info' do
+    info = JSON.parse oauth_request('/account/verify_credentials.json')
+  end
+end
+
+describe SampleSinatraApp do
+
+  def example_json
+    %[{"time_zone":"Pacific Time (US & Canada)","profile_image_url":"http://a3.twimg.com/profile_images/54765389/remi-rock-on_bak_normal.png","description":"Beer goes in, Code comes out","following":false,"profile_text_color":"3E4415","status":{"source":"web","in_reply_to_user_id":64218381,"in_reply_to_status_id":5352275994,"truncated":false,"created_at":"Mon Nov 02 02:00:26 +0000 2009","favorited":false,"in_reply_to_screen_name":"benatkin","id":5352407184,"text":"@benatkin For GoldBar, they would want to tell you when you buy something because lots of people are coming in and not buying anything  :/"},"profile_background_image_url":"http://s.twimg.com/a/1256928834/images/themes/theme5/bg.gif","followers_count":257,"screen_name":"remitaylor","profile_link_color":"D02B55","profile_background_tile":false,"friends_count":190,"url":"http://remi.org","created_at":"Tue Dec 11 09:13:43 +0000 2007","profile_background_color":"352726","notifications":false,"favourites_count":0,"statuses_count":1700,"profile_sidebar_fill_color":"99CC33","protected":false,"geo_enabled":false,"location":"Phoenix, AZ","name":"remitaylor","profile_sidebar_border_color":"829D5E","id":11043342,"verified":false,"utc_offset":-28800}]
+  end
+
+  before :all do
+    @rackbox_app = RackBox.app
+    RackBox.app = SampleSinatraApp
+    Rack::OAuth.enable_test_mode
+  end
+
+  after :all do
+    RackBox.app = @rackbox_app
+    Rack::OAuth.disable_test_mode
+  end
+
+  it 'should be able to "authorize" a user' do
+    # we're not authorized, so logged_in? is false and we should redirect to /oauth_login
+    request('/').status.should == 302
+    request('/').headers['Location'].should include('/oauth_login')
+
+    # because we're in test mode, redirecting to /oauth_login should pretend to log 
+    # us in and it should redirect to /oauth_complete
+    request('/oauth_login').status.should == 302
+    request('/oauth_login').headers['Location'].should include('/oauth_complete')
+
+    # now the user should be authorized
+    request('/').status.should == 200
+    request('/').body.should include('Hello World')
+  end
+
+  it 'should be able to specify a mock response for an arbitrary authorized response' do
+    request('/oauth_login') # login
+
+    # if we don't mock the request, it should blow up
+    lambda { request('/get_user_info') }.should raise_error
+
+    Rack::OAuth.mock_request '/account/verify_credentials.json', example_json
+
+    request('/get_user_info').body.should include('remitaylor')
+  end
+
+  it 'should be able to persist access token by some arbitrary value like twitter screen_name' do
+    $access_tokens ||= {}
+    request('/oauth_login').status.should == 302
+
+    # token should be nil
+    $access_tokens['remitaylor'].should be_nil
+
+    request('/oauth_complete')
+
+    # token should not be nil because the oauth_complete goes and gets and persists it
+    $access_tokens['remitaylor'].should_not be_nil
+  end
+
+end

data/spec/spec_helper.rb

@@ -0,0 +1,24 @@
+require 'rubygems'
+require 'spec'
+require 'rackbox'
+require File.dirname(__FILE__) + '/../lib/rack-oauth'
+
+# returns the path to a data file, eg. data_path(:foo) => 'spec/data/foo.yml'
+def data_path name
+  File.join File.dirname(__FILE__), 'data', "#{ name }.yml"
+end
+
+# returns the string body of a file using data_path to get the path to the file
+def data name
+  File.read data_path(name)
+end
+
+def mock_request_token options = {}
+  YAML.load data(:unauthorized_request_token).sub('AUTH_PATH', options[:authorize_path] || '/oauth/authorize')
+end
+
+RackBox.app = lambda {}
+
+Spec::Runner.configure do |config|
+  config.use_blackbox = true
+end

metadata

@@ -0,0 +1,162 @@
+--- !ruby/object:Gem::Specification 
+name: rack-oauth
+version: !ruby/object:Gem::Version 
+  version: 0.1.2
+platform: ruby
+authors: 
+- remi
+autorequire: 
+bindir: bin
+cert_chain: []
+
+date: 2009-11-02 00:00:00 -07:00
+default_executable: 
+dependencies: []
+
+description: Rack Middleware for OAuth Authorization
+email: remi@remitaylor.com
+executables: []
+
+extensions: []
+
+extra_rdoc_files: 
+- README.rdoc
+files: 
+- README.rdoc
+- Rakefile
+- VERSION
+- examples/rails-example/README
+- examples/rails-example/Rakefile
+- examples/rails-example/app/controllers/application_controller.rb
+- examples/rails-example/app/controllers/welcome_controller.rb
+- examples/rails-example/app/helpers/application_helper.rb
+- examples/rails-example/app/helpers/welcome_helper.rb
+- examples/rails-example/app/views/welcome/index.html.erb
+- examples/rails-example/config/boot.rb
+- examples/rails-example/config/database.yml
+- examples/rails-example/config/environment.rb
+- examples/rails-example/config/environments/development.rb
+- examples/rails-example/config/environments/production.rb
+- examples/rails-example/config/environments/test.rb
+- examples/rails-example/config/initializers/backtrace_silencers.rb
+- examples/rails-example/config/initializers/inflections.rb
+- examples/rails-example/config/initializers/mime_types.rb
+- examples/rails-example/config/initializers/new_rails_defaults.rb
+- examples/rails-example/config/initializers/session_store.rb
+- examples/rails-example/config/locales/en.yml
+- examples/rails-example/config/routes.rb
+- examples/rails-example/db/development.sqlite3
+- examples/rails-example/db/seeds.rb
+- examples/rails-example/db/test.sqlite3
+- examples/rails-example/doc/README_FOR_APP
+- examples/rails-example/lib/tasks/rspec.rake
+- examples/rails-example/log/development.log
+- examples/rails-example/log/production.log
+- examples/rails-example/log/server.log
+- examples/rails-example/log/test.log
+- examples/rails-example/public/404.html
+- examples/rails-example/public/422.html
+- examples/rails-example/public/500.html
+- examples/rails-example/public/favicon.ico
+- examples/rails-example/public/images/rails.png
+- examples/rails-example/public/javascripts/application.js
+- examples/rails-example/public/javascripts/controls.js
+- examples/rails-example/public/javascripts/dragdrop.js
+- examples/rails-example/public/javascripts/effects.js
+- examples/rails-example/public/javascripts/prototype.js
+- examples/rails-example/public/robots.txt
+- examples/rails-example/script/about
+- examples/rails-example/script/autospec
+- examples/rails-example/script/console
+- examples/rails-example/script/dbconsole
+- examples/rails-example/script/destroy
+- examples/rails-example/script/generate
+- examples/rails-example/script/performance/benchmarker
+- examples/rails-example/script/performance/profiler
+- examples/rails-example/script/plugin
+- examples/rails-example/script/runner
+- examples/rails-example/script/server
+- examples/rails-example/script/spec
+- examples/rails-example/script/spec_server
+- examples/rails-example/spec/integration/login_spec.rb
+- examples/rails-example/spec/rcov.opts
+- examples/rails-example/spec/spec.opts
+- examples/rails-example/spec/spec_helper.rb
+- examples/rails-example/tmp/webrat-1257205170.html
+- examples/rails-example/tmp/webrat-1257205276.html
+- examples/rails-example/tmp/webrat-1257205315.html
+- examples/rails-example/tmp/webrat-1257205333.html
+- examples/rails-example/tmp/webrat-1257205380.html
+- examples/rails-example/tmp/webrat-1257205757.html
+- examples/rails-example/tmp/webrat-1257210107.html
+- examples/rails-example/tmp/webrat-1257210160.html
+- examples/rails-example/tmp/webrat-1257210488.html
+- examples/rails-example/tmp/webrat-1257210501.html
+- examples/rails-example/tmp/webrat-1257210545.html
+- examples/rails-example/tmp/webrat-1257210564.html
+- examples/rails-example/tmp/webrat-1257210581.html
+- examples/rails-example/tmp/webrat-1257210600.html
+- examples/rails-example/tmp/webrat-1257210608.html
+- examples/sinatra-twitter.rb
+- examples/sinatra-twitter.ru
+- lib/rack-oauth.rb
+- lib/rack/oauth.rb
+- spec/data/authorized_access_token.yml
+- spec/data/authorized_oauth_verifier.yml
+- spec/data/authorized_request_secret.yml
+- spec/data/authorized_request_token.yml
+- spec/data/unauthorized_request_token.yml
+- spec/rack_oauth_middleware_spec.rb
+- spec/sample_sinatra_app_spec.rb
+- spec/spec_helper.rb
+has_rdoc: true
+homepage: http://github.com/remi/rack-oauth
+licenses: []
+
+post_install_message: 
+rdoc_options: 
+- --charset=UTF-8
+require_paths: 
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement 
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      version: "0"
+  version: 
+required_rubygems_version: !ruby/object:Gem::Requirement 
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      version: "0"
+  version: 
+requirements: []
+
+rubyforge_project: 
+rubygems_version: 1.3.5
+signing_key: 
+specification_version: 3
+summary: Rack Middleware for OAuth Authorization
+test_files: 
+- spec/rack_oauth_middleware_spec.rb
+- spec/spec_helper.rb
+- spec/sample_sinatra_app_spec.rb
+- examples/sinatra-twitter.rb
+- examples/rails-example/spec/integration/login_spec.rb
+- examples/rails-example/spec/spec_helper.rb
+- examples/rails-example/config/boot.rb
+- examples/rails-example/config/routes.rb
+- examples/rails-example/config/environments/development.rb
+- examples/rails-example/config/environments/test.rb
+- examples/rails-example/config/environments/production.rb
+- examples/rails-example/config/environment.rb
+- examples/rails-example/config/initializers/backtrace_silencers.rb
+- examples/rails-example/config/initializers/inflections.rb
+- examples/rails-example/config/initializers/new_rails_defaults.rb
+- examples/rails-example/config/initializers/session_store.rb
+- examples/rails-example/config/initializers/mime_types.rb
+- examples/rails-example/db/seeds.rb
+- examples/rails-example/app/helpers/application_helper.rb
+- examples/rails-example/app/helpers/welcome_helper.rb
+- examples/rails-example/app/controllers/application_controller.rb
+- examples/rails-example/app/controllers/welcome_controller.rb