rack-oauth2-revibe 1.0.7

data/spec/rack/oauth2/debugger/request_filter_spec.rb

@@ -0,0 +1,33 @@
+require 'spec_helper'
+
+describe Rack::OAuth2::Debugger::RequestFilter do
+  let(:resource_endpoint) { 'https://example.com/resources' }
+  let(:request) { HTTP::Message.new_request(:get, URI.parse(resource_endpoint)) }
+  let(:response) { HTTP::Message.new_response(MultiJson.dump({:hello => 'world'})) }
+  let(:request_filter) { Rack::OAuth2::Debugger::RequestFilter.new }
+
+  describe '#filter_request' do
+    it 'should log request' do
+      [
+        "======= [Rack::OAuth2] HTTP REQUEST STARTED =======",
+        request.dump
+      ].each do |output|
+        Rack::OAuth2.logger.should_receive(:info).with output
+      end
+      request_filter.filter_request(request)
+    end
+  end
+
+  describe '#filter_response' do
+    it 'should log response' do
+      [
+        "--------------------------------------------------",
+        response.dump,
+        "======= [Rack::OAuth2] HTTP REQUEST FINISHED ======="
+      ].each do |output|
+        Rack::OAuth2.logger.should_receive(:info).with output
+      end
+      request_filter.filter_response(request, response)
+    end
+  end
+end

data/spec/rack/oauth2/oauth2_spec.rb

@@ -0,0 +1,74 @@
+require 'spec_helper'
+
+describe Rack::OAuth2 do
+  subject { Rack::OAuth2 }
+  after { Rack::OAuth2.debugging = false }
+
+  its(:logger) { should be_a Logger }
+  its(:debugging?) { should be_false }
+
+  describe '.debug!' do
+    before { Rack::OAuth2.debug! }
+    its(:debugging?) { should be_true }
+  end
+
+  describe '.debug' do
+    it 'should enable debugging within given block' do
+      Rack::OAuth2.debug do
+        Rack::OAuth2.debugging?.should be_true
+      end
+      Rack::OAuth2.debugging?.should be_false
+    end
+
+    it 'should not force disable debugging' do
+      Rack::OAuth2.debug!
+      Rack::OAuth2.debug do
+        Rack::OAuth2.debugging?.should be_true
+      end
+      Rack::OAuth2.debugging?.should be_true
+    end
+  end
+
+  describe '.http_config' do
+    context 'when request_filter added' do
+      context 'when "debug!" is called' do
+        after { Rack::OAuth2.reset_http_config! }
+  
+        it 'should put Debugger::RequestFilter at last' do
+          Rack::OAuth2.debug!
+          Rack::OAuth2.http_config do |config|
+            config.request_filter << Proc.new {}
+          end
+          Rack::OAuth2.http_client.request_filter.last.should be_instance_of Rack::OAuth2::Debugger::RequestFilter
+        end
+
+        it 'should reset_http_config' do
+          Rack::OAuth2.debug!
+          Rack::OAuth2.http_config do |config|
+            config.request_filter << Proc.new {}
+          end
+          size = Rack::OAuth2.http_client.request_filter.size
+          Rack::OAuth2.reset_http_config!
+          Rack::OAuth2.http_client.request_filter.size.should == size - 1
+        end
+
+      end
+    end
+  end
+
+  describe ".http_client" do
+    context "when local_http_config is used" do
+      it "should correctly set request_filter" do
+        clnt1 = Rack::OAuth2.http_client
+        clnt2 = Rack::OAuth2.http_client("my client") do |config|
+          config.request_filter << Proc.new {}
+        end
+        clnt3 = Rack::OAuth2.http_client
+
+        clnt1.request_filter.size.should == clnt3.request_filter.size
+        clnt1.request_filter.size.should == clnt2.request_filter.size - 1
+
+      end
+    end
+  end
+end

data/spec/rack/oauth2/server/abstract/error_spec.rb

@@ -0,0 +1,59 @@
+require 'spec_helper.rb'
+
+describe Rack::OAuth2::Server::Abstract::Error do
+
+  context 'when full attributes are given' do
+    subject do
+      Rack::OAuth2::Server::Abstract::Error.new 400, :invalid_request, 'Missing some required params', :uri => 'http://server.example.com/error'
+    end
+    its(:status)      { should == 400 }
+    its(:error)       { should == :invalid_request }
+    its(:description) { should == 'Missing some required params' }
+    its(:uri)         { should == 'http://server.example.com/error' }
+    its(:protocol_params) do
+      should == {
+        :error             => :invalid_request,
+        :error_description => 'Missing some required params',
+        :error_uri         => 'http://server.example.com/error'
+      }
+    end
+  end
+
+  context 'when optional attributes are not given' do
+    subject do
+      Rack::OAuth2::Server::Abstract::Error.new 400, :invalid_request
+    end
+    its(:status)      { should == 400 }
+    its(:error)       { should == :invalid_request }
+    its(:description) { should be_nil }
+    its(:uri)         { should be_nil }
+    its(:protocol_params) do
+      should == {
+        :error             => :invalid_request,
+        :error_description => nil,
+        :error_uri         => nil
+      }
+    end
+  end
+
+end
+
+describe Rack::OAuth2::Server::Abstract::BadRequest do
+  its(:status) { should == 400 }
+end
+
+describe Rack::OAuth2::Server::Abstract::Unauthorized do
+  its(:status) { should == 401 }
+end
+
+describe Rack::OAuth2::Server::Abstract::Forbidden do
+  its(:status) { should == 403 }
+end
+
+describe Rack::OAuth2::Server::Abstract::ServerError do
+  its(:status) { should == 500 }
+end
+
+describe Rack::OAuth2::Server::Abstract::TemporarilyUnavailable do
+  its(:status) { should == 503 }
+end

data/spec/rack/oauth2/server/authorize/code_spec.rb

@@ -0,0 +1,57 @@
+require 'spec_helper.rb'
+
+describe Rack::OAuth2::Server::Authorize::Code do
+  let(:request)            { Rack::MockRequest.new app }
+  let(:redirect_uri)       { 'http://client.example.com/callback' }
+  let(:authorization_code) { 'authorization_code' }  
+  let(:response)           { request.get "/?response_type=code&client_id=client&redirect_uri=#{redirect_uri}&state=state" }
+
+  context 'when approved' do
+    subject { response }
+    let :app do
+      Rack::OAuth2::Server::Authorize.new do |request, response|
+        response.redirect_uri = redirect_uri
+        response.code = authorization_code
+        response.approve!
+      end
+    end
+    its(:status)   { should == 302 }
+    its(:location) { should == "#{redirect_uri}?code=#{authorization_code}&state=state" }
+
+    context 'when redirect_uri already includes query' do
+      let(:redirect_uri) { 'http://client.example.com/callback?k=v' }
+      its(:location)     { should == "#{redirect_uri}&code=#{authorization_code}&state=state" }
+    end
+
+    context 'when redirect_uri is missing' do
+      let(:redirect_uri) { nil }
+      it do
+        expect { response }.to raise_error AttrRequired::AttrMissing
+      end
+    end
+
+    context 'when code is missing' do
+      let(:authorization_code) { nil }
+      it do
+        expect { response }.to raise_error AttrRequired::AttrMissing
+      end
+    end
+  end
+
+  context 'when denied' do
+    let :app do
+      Rack::OAuth2::Server::Authorize.new do |request, response|
+        request.verify_redirect_uri! redirect_uri
+        request.access_denied!
+      end
+    end
+    it 'should redirect with error in query' do
+      response.status.should == 302
+      error_message = {
+        :error => :access_denied,
+        :error_description => Rack::OAuth2::Server::Authorize::ErrorMethods::DEFAULT_DESCRIPTION[:access_denied]
+      }
+      response.location.should == "#{redirect_uri}?#{error_message.to_query}&state=state"
+    end
+  end
+end

data/spec/rack/oauth2/server/authorize/error_spec.rb

@@ -0,0 +1,103 @@
+require 'spec_helper.rb'
+
+describe Rack::OAuth2::Server::Authorize::BadRequest do
+  let(:klass)        { Rack::OAuth2::Server::Authorize::BadRequest }
+  let(:error)        { klass.new(:invalid_request) }
+  let(:redirect_uri) { 'http://client.example.com/callback' }
+
+  subject { error }
+  it { should be_a Rack::OAuth2::Server::Abstract::BadRequest }
+  its(:protocol_params) do
+    should == {
+      :error             => :invalid_request,
+      :error_description => nil,
+      :error_uri         => nil,
+      :state             => nil
+    }
+  end
+
+  describe '#finish' do
+    context 'when redirect_uri is given' do
+      before { error.redirect_uri = redirect_uri }
+
+      context 'when protocol_params_location = :query' do
+        before { error.protocol_params_location = :query }
+        it 'should redirect with error in query' do
+          state, header, response = error.finish
+          state.should == 302
+          header["Location"].should == "#{redirect_uri}?error=invalid_request"
+        end
+      end
+
+      context 'when protocol_params_location = :fragment' do
+        before { error.protocol_params_location = :fragment }
+        it 'should redirect with error in fragment' do
+          state, header, response = error.finish
+          state.should == 302
+          header["Location"].should == "#{redirect_uri}#error=invalid_request"
+        end
+      end
+
+      context 'otherwise' do
+        before { error.protocol_params_location = :other }
+        it 'should redirect without error' do
+          state, header, response = error.finish
+          state.should == 302
+          header["Location"].should == redirect_uri
+        end
+      end
+    end
+
+    context 'otherwise' do
+      it 'should raise itself' do
+        expect { error.finish }.to raise_error(klass) { |e|
+          e.should == error
+        }
+      end
+    end
+  end
+end
+
+describe Rack::OAuth2::Server::Authorize::ErrorMethods do
+  let(:klass)               { Rack::OAuth2::Server::Authorize::BadRequest }
+  let(:redirect_uri)        { 'http://client.example.com/callback' }
+  let(:default_description) { Rack::OAuth2::Server::Authorize::ErrorMethods::DEFAULT_DESCRIPTION }
+  let(:env)                 { Rack::MockRequest.env_for("/authorize?client_id=client_id") }
+  let(:request)             { Rack::OAuth2::Server::Authorize::Request.new env }
+  let(:request_for_code)    { Rack::OAuth2::Server::Authorize::Code::Request.new env }
+  let(:request_for_token)   { Rack::OAuth2::Server::Authorize::Token::Request.new env }
+
+  describe 'bad_request!' do
+    it do
+      expect { request.bad_request! }.to raise_error klass
+    end
+
+    context 'when response_type = :code' do
+      it 'should set protocol_params_location = :query' do
+        expect { request_for_code.bad_request! }.to raise_error(klass) { |e|
+          e.protocol_params_location.should == :query
+        }
+      end
+    end
+
+    context 'when response_type = :token' do
+      it 'should set protocol_params_location = :fragment' do
+        expect { request_for_token.bad_request! }.to raise_error(klass) { |e|
+          e.protocol_params_location.should == :fragment
+        }
+      end
+    end
+  end
+
+  Rack::OAuth2::Server::Authorize::ErrorMethods::DEFAULT_DESCRIPTION.keys.each do |error_code|
+    method = "#{error_code}!"
+    describe method do
+      it "should raise Rack::OAuth2::Server::Authorize::BadRequest with error = :#{error_code}" do
+        expect { request.send method }.to raise_error(klass) { |error|
+          error.error.should       == error_code
+          error.description.should == default_description[error_code]
+        }
+      end
+    end
+  end
+end

data/spec/rack/oauth2/server/authorize/extensions/code_and_token_spec.rb

@@ -0,0 +1,60 @@
+require 'spec_helper.rb'
+require 'rack/oauth2/server/authorize/extension/code_and_token'
+
+describe Rack::OAuth2::Server::Authorize::Extension::CodeAndToken do
+  let(:request)            { Rack::MockRequest.new app }
+  let(:redirect_uri)       { 'http://client.example.com/callback' }
+  let(:access_token)       { 'access_token' }
+  let(:authorization_code) { 'authorization_code' }
+  let(:response) do
+    request.get("/?response_type=code%20token&client_id=client&redirect_uri=#{redirect_uri}")
+  end
+
+  context "when approved" do
+    subject { response }
+    let(:bearer_token) { Rack::OAuth2::AccessToken::Bearer.new(:access_token => access_token) }
+    let :app do
+      Rack::OAuth2::Server::Authorize.new do |request, response|
+        response.redirect_uri = redirect_uri
+        response.access_token = bearer_token
+        response.code         = authorization_code
+        response.approve!
+      end
+    end
+    its(:status)   { should == 302 }
+    its(:location) { should include "#{redirect_uri}#" }
+    its(:location) { should include "code=#{authorization_code}"}
+    its(:location) { should include "access_token=#{access_token}"}
+    its(:location) { should include 'token_type=bearer' }
+
+    context 'when refresh_token is given' do
+      let :bearer_token do
+        Rack::OAuth2::AccessToken::Bearer.new(
+          :access_token => access_token,
+          :refresh_token => 'refresh'
+        )
+      end
+      its(:location) { should include "#{redirect_uri}#" }
+      its(:location) { should include "code=#{authorization_code}"}
+      its(:location) { should include "access_token=#{access_token}"}
+      its(:location) { should include 'token_type=bearer' }
+    end
+  end
+
+  context 'when denied' do
+    let :app do
+      Rack::OAuth2::Server::Authorize.new do |request, response|
+        request.verify_redirect_uri! redirect_uri
+        request.access_denied!
+      end
+    end
+    it 'should redirect with error in fragment' do
+      response.status.should == 302
+      error_message = {
+        :error => :access_denied,
+        :error_description => Rack::OAuth2::Server::Authorize::ErrorMethods::DEFAULT_DESCRIPTION[:access_denied]
+      }
+      response.location.should == "#{redirect_uri}##{error_message.to_query}"
+    end
+  end
+end

data/spec/rack/oauth2/server/authorize/token_spec.rb

@@ -0,0 +1,73 @@
+require 'spec_helper.rb'
+
+describe Rack::OAuth2::Server::Authorize::Token do
+  let(:request)      { Rack::MockRequest.new app }
+  let(:redirect_uri) { 'http://client.example.com/callback' }
+  let(:access_token) { 'access_token' }
+  let(:response)     { request.get("/?response_type=token&client_id=client&redirect_uri=#{redirect_uri}&state=state") }
+
+  context "when approved" do
+    subject { response }
+    let(:bearer_token) { Rack::OAuth2::AccessToken::Bearer.new(:access_token => access_token) }
+    let :app do
+      Rack::OAuth2::Server::Authorize.new do |request, response|
+        response.redirect_uri = redirect_uri
+        response.access_token = bearer_token
+        response.approve!
+      end
+    end
+    its(:status)   { should == 302 }
+    its(:location) { should == "#{redirect_uri}#access_token=#{access_token}&state=state&token_type=bearer" }
+
+    context 'when refresh_token is given' do
+      let :bearer_token do
+        Rack::OAuth2::AccessToken::Bearer.new(
+          :access_token => access_token,
+          :refresh_token => 'refresh'
+        )
+      end
+      its(:location) { should == "#{redirect_uri}#access_token=#{access_token}&state=state&token_type=bearer" }
+    end
+
+    context 'when redirect_uri is missing' do
+      let :app do
+        Rack::OAuth2::Server::Authorize.new do |request, response|
+          response.access_token = bearer_token
+          response.approve!
+        end
+      end
+      it do
+        expect { response }.to raise_error AttrRequired::AttrMissing
+      end
+    end
+
+    context 'when access_token is missing' do
+      let :app do
+        Rack::OAuth2::Server::Authorize.new do |request, response|
+          response.redirect_uri = redirect_uri
+          response.approve!
+        end
+      end
+      it do
+        expect { response }.to raise_error AttrRequired::AttrMissing
+      end
+    end
+  end
+
+  context 'when denied' do
+    let :app do
+      Rack::OAuth2::Server::Authorize.new do |request, response|
+        request.verify_redirect_uri! redirect_uri
+        request.access_denied!
+      end
+    end
+    it 'should redirect with error in fragment' do
+      response.status.should == 302
+      error_message = {
+        :error => :access_denied,
+        :error_description => Rack::OAuth2::Server::Authorize::ErrorMethods::DEFAULT_DESCRIPTION[:access_denied]
+      }
+      response.location.should == "#{redirect_uri}##{error_message.to_query}&state=state"
+    end
+  end
+end