rack-oauth2 0.0.6 → 0.0.7
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/VERSION +1 -1
- data/example/server/authorize.rb +2 -2
- data/lib/rack/oauth2/server.rb +1 -1
- data/lib/rack/oauth2/server/abstract/handler.rb +0 -2
- data/lib/rack/oauth2/server/{authorization.rb → authorize.rb} +4 -4
- data/lib/rack/oauth2/server/{authorization → authorize}/code.rb +4 -4
- data/lib/rack/oauth2/server/{authorization → authorize}/code_and_token.rb +4 -4
- data/lib/rack/oauth2/server/{authorization → authorize}/token.rb +4 -4
- data/lib/rack/oauth2/server/error.rb +6 -1
- data/lib/rack/oauth2/server/token.rb +9 -5
- data/lib/rack/oauth2/server/token/authorization_code.rb +1 -1
- data/lib/rack/oauth2/server/token/password.rb +1 -1
- data/rack-oauth2.gemspec +13 -13
- data/spec/rack/oauth2/server/{authorization → authorize}/code_and_token_spec.rb +3 -3
- data/spec/rack/oauth2/server/{authorization → authorize}/code_spec.rb +3 -3
- data/spec/rack/oauth2/server/{authorization → authorize}/token_spec.rb +3 -3
- data/spec/rack/oauth2/server/{authorization_spec.rb → authorize_spec.rb} +7 -7
- data/spec/rack/oauth2/server/error_spec.rb +12 -3
- data/spec/rack/oauth2/server/token/assertion_spec.rb +13 -3
- data/spec/rack/oauth2/server/token/authorization_code_spec.rb +20 -5
- data/spec/rack/oauth2/server/token/password_spec.rb +13 -3
- data/spec/rack/oauth2/server/token/refresh_token_spec.rb +11 -3
- metadata +15 -15
data/VERSION
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
0.0.
|
|
1
|
+
0.0.7
|
data/example/server/authorize.rb
CHANGED
|
@@ -7,7 +7,7 @@ $LOAD_PATH.unshift(File.join(File.dirname(__FILE__), '../../lib'))
|
|
|
7
7
|
require 'rack/oauth2'
|
|
8
8
|
|
|
9
9
|
get '/oauth/authorize' do
|
|
10
|
-
authorization_endpoint = Rack::OAuth2::Server::
|
|
10
|
+
authorization_endpoint = Rack::OAuth2::Server::Authorize.new(self)
|
|
11
11
|
response = authorization_endpoint.call(env)
|
|
12
12
|
case response.first
|
|
13
13
|
when 200
|
|
@@ -35,7 +35,7 @@ get '/oauth/authorize' do
|
|
|
35
35
|
end
|
|
36
36
|
|
|
37
37
|
post '/oauth/authorize' do
|
|
38
|
-
authorization_endpoint = Rack::OAuth2::Server::
|
|
38
|
+
authorization_endpoint = Rack::OAuth2::Server::Authorize.new(self) do |request, response|
|
|
39
39
|
# allow everything
|
|
40
40
|
params = env['rack.request.form_hash']
|
|
41
41
|
if params['approved']
|
data/lib/rack/oauth2/server.rb
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
module Rack
|
|
2
2
|
module OAuth2
|
|
3
3
|
module Server
|
|
4
|
-
class
|
|
4
|
+
class Authorize < Abstract::Handler
|
|
5
5
|
|
|
6
6
|
def call(env)
|
|
7
7
|
request = Request.new(env)
|
|
@@ -60,6 +60,6 @@ module Rack
|
|
|
60
60
|
end
|
|
61
61
|
end
|
|
62
62
|
|
|
63
|
-
require 'rack/oauth2/server/
|
|
64
|
-
require 'rack/oauth2/server/
|
|
65
|
-
require 'rack/oauth2/server/
|
|
63
|
+
require 'rack/oauth2/server/authorize/code'
|
|
64
|
+
require 'rack/oauth2/server/authorize/token'
|
|
65
|
+
require 'rack/oauth2/server/authorize/code_and_token'
|
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
module Rack
|
|
2
2
|
module OAuth2
|
|
3
3
|
module Server
|
|
4
|
-
class
|
|
4
|
+
class Authorize
|
|
5
5
|
class Code < Abstract::Handler
|
|
6
6
|
|
|
7
7
|
def call(env)
|
|
@@ -10,14 +10,14 @@ module Rack
|
|
|
10
10
|
super
|
|
11
11
|
end
|
|
12
12
|
|
|
13
|
-
class Request <
|
|
13
|
+
class Request < Authorize::Request
|
|
14
14
|
def initialize(env)
|
|
15
15
|
super
|
|
16
|
-
@response_type =
|
|
16
|
+
@response_type = :code
|
|
17
17
|
end
|
|
18
18
|
end
|
|
19
19
|
|
|
20
|
-
class Response <
|
|
20
|
+
class Response < Authorize::Response
|
|
21
21
|
attr_accessor :code
|
|
22
22
|
|
|
23
23
|
def required_params
|
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
module Rack
|
|
2
2
|
module OAuth2
|
|
3
3
|
module Server
|
|
4
|
-
class
|
|
4
|
+
class Authorize
|
|
5
5
|
class CodeAndToken < Abstract::Handler
|
|
6
6
|
|
|
7
7
|
def call(env)
|
|
@@ -10,14 +10,14 @@ module Rack
|
|
|
10
10
|
super
|
|
11
11
|
end
|
|
12
12
|
|
|
13
|
-
class Request <
|
|
13
|
+
class Request < Authorize::Request
|
|
14
14
|
def initialize(env)
|
|
15
15
|
super
|
|
16
|
-
@response_type =
|
|
16
|
+
@response_type = :code_and_token
|
|
17
17
|
end
|
|
18
18
|
end
|
|
19
19
|
|
|
20
|
-
class Response <
|
|
20
|
+
class Response < Authorize::Response
|
|
21
21
|
attr_accessor :code, :access_token, :expires_in, :scope
|
|
22
22
|
|
|
23
23
|
def required_params
|
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
module Rack
|
|
2
2
|
module OAuth2
|
|
3
3
|
module Server
|
|
4
|
-
class
|
|
4
|
+
class Authorize
|
|
5
5
|
class Token < Abstract::Handler
|
|
6
6
|
|
|
7
7
|
def call(env)
|
|
@@ -10,14 +10,14 @@ module Rack
|
|
|
10
10
|
super
|
|
11
11
|
end
|
|
12
12
|
|
|
13
|
-
class Request <
|
|
13
|
+
class Request < Authorize::Request
|
|
14
14
|
def initialize(env)
|
|
15
15
|
super
|
|
16
|
-
@response_type =
|
|
16
|
+
@response_type = :token
|
|
17
17
|
end
|
|
18
18
|
end
|
|
19
19
|
|
|
20
|
-
class Response <
|
|
20
|
+
class Response < Authorize::Response
|
|
21
21
|
attr_accessor :access_token, :expires_in, :scope
|
|
22
22
|
|
|
23
23
|
def required_params
|
|
@@ -40,7 +40,12 @@ module Rack
|
|
|
40
40
|
|
|
41
41
|
class Unauthorized < Error
|
|
42
42
|
def initialize(error, description = "", options = {})
|
|
43
|
-
|
|
43
|
+
status = if options[:payload] == :header
|
|
44
|
+
401
|
|
45
|
+
else
|
|
46
|
+
400
|
|
47
|
+
end
|
|
48
|
+
super(status, error, description, options)
|
|
44
49
|
end
|
|
45
50
|
end
|
|
46
51
|
|
|
@@ -37,6 +37,7 @@ module Rack
|
|
|
37
37
|
raise BadRequest.new(:unsupported_grant_type, "'#{params['grant_type']}' isn't supported.")
|
|
38
38
|
end
|
|
39
39
|
end
|
|
40
|
+
|
|
40
41
|
end
|
|
41
42
|
|
|
42
43
|
class Response < Abstract::Response
|
|
@@ -47,11 +48,14 @@ module Rack
|
|
|
47
48
|
end
|
|
48
49
|
|
|
49
50
|
def finish
|
|
50
|
-
|
|
51
|
-
|
|
52
|
-
|
|
53
|
-
|
|
54
|
-
|
|
51
|
+
params = {
|
|
52
|
+
:access_token => access_token,
|
|
53
|
+
:expires_in => expires_in,
|
|
54
|
+
:scope => Array(scope).join(' ')
|
|
55
|
+
}.delete_if do |key, value|
|
|
56
|
+
value.blank?
|
|
57
|
+
end
|
|
58
|
+
write params.to_json
|
|
55
59
|
header['Content-Type'] = "application/json"
|
|
56
60
|
super
|
|
57
61
|
end
|
data/rack-oauth2.gemspec
CHANGED
|
@@ -5,7 +5,7 @@
|
|
|
5
5
|
|
|
6
6
|
Gem::Specification.new do |s|
|
|
7
7
|
s.name = %q{rack-oauth2}
|
|
8
|
-
s.version = "0.0.
|
|
8
|
+
s.version = "0.0.7"
|
|
9
9
|
|
|
10
10
|
s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
|
|
11
11
|
s.authors = ["nov matake"]
|
|
@@ -32,10 +32,10 @@ Gem::Specification.new do |s|
|
|
|
32
32
|
"lib/rack/oauth2/server/abstract/handler.rb",
|
|
33
33
|
"lib/rack/oauth2/server/abstract/request.rb",
|
|
34
34
|
"lib/rack/oauth2/server/abstract/response.rb",
|
|
35
|
-
"lib/rack/oauth2/server/
|
|
36
|
-
"lib/rack/oauth2/server/
|
|
37
|
-
"lib/rack/oauth2/server/
|
|
38
|
-
"lib/rack/oauth2/server/
|
|
35
|
+
"lib/rack/oauth2/server/authorize.rb",
|
|
36
|
+
"lib/rack/oauth2/server/authorize/code.rb",
|
|
37
|
+
"lib/rack/oauth2/server/authorize/code_and_token.rb",
|
|
38
|
+
"lib/rack/oauth2/server/authorize/token.rb",
|
|
39
39
|
"lib/rack/oauth2/server/error.rb",
|
|
40
40
|
"lib/rack/oauth2/server/token.rb",
|
|
41
41
|
"lib/rack/oauth2/server/token/assertion.rb",
|
|
@@ -44,10 +44,10 @@ Gem::Specification.new do |s|
|
|
|
44
44
|
"lib/rack/oauth2/server/token/refresh_token.rb",
|
|
45
45
|
"lib/rack/oauth2/server/util.rb",
|
|
46
46
|
"rack-oauth2.gemspec",
|
|
47
|
-
"spec/rack/oauth2/server/
|
|
48
|
-
"spec/rack/oauth2/server/
|
|
49
|
-
"spec/rack/oauth2/server/
|
|
50
|
-
"spec/rack/oauth2/server/
|
|
47
|
+
"spec/rack/oauth2/server/authorize/code_and_token_spec.rb",
|
|
48
|
+
"spec/rack/oauth2/server/authorize/code_spec.rb",
|
|
49
|
+
"spec/rack/oauth2/server/authorize/token_spec.rb",
|
|
50
|
+
"spec/rack/oauth2/server/authorize_spec.rb",
|
|
51
51
|
"spec/rack/oauth2/server/error_spec.rb",
|
|
52
52
|
"spec/rack/oauth2/server/token/assertion_spec.rb",
|
|
53
53
|
"spec/rack/oauth2/server/token/authorization_code_spec.rb",
|
|
@@ -63,10 +63,10 @@ Gem::Specification.new do |s|
|
|
|
63
63
|
s.rubygems_version = %q{1.3.7}
|
|
64
64
|
s.summary = %q{Rack Middleware for OAuth2 Client & Server}
|
|
65
65
|
s.test_files = [
|
|
66
|
-
"spec/rack/oauth2/server/
|
|
67
|
-
"spec/rack/oauth2/server/
|
|
68
|
-
"spec/rack/oauth2/server/
|
|
69
|
-
"spec/rack/oauth2/server/
|
|
66
|
+
"spec/rack/oauth2/server/authorize/code_and_token_spec.rb",
|
|
67
|
+
"spec/rack/oauth2/server/authorize/code_spec.rb",
|
|
68
|
+
"spec/rack/oauth2/server/authorize/token_spec.rb",
|
|
69
|
+
"spec/rack/oauth2/server/authorize_spec.rb",
|
|
70
70
|
"spec/rack/oauth2/server/error_spec.rb",
|
|
71
71
|
"spec/rack/oauth2/server/token/assertion_spec.rb",
|
|
72
72
|
"spec/rack/oauth2/server/token/authorization_code_spec.rb",
|
|
@@ -1,12 +1,12 @@
|
|
|
1
1
|
require 'spec_helper.rb'
|
|
2
2
|
|
|
3
|
-
describe Rack::OAuth2::Server::
|
|
3
|
+
describe Rack::OAuth2::Server::Authorize::CodeAndToken do
|
|
4
4
|
|
|
5
5
|
context "when authorized" do
|
|
6
6
|
|
|
7
7
|
before do
|
|
8
8
|
# NOTE: for some reason, test fails when called Rack::OAuth2::Server::Authorization::CodeAndToken directly
|
|
9
|
-
@app = Rack::OAuth2::Server::
|
|
9
|
+
@app = Rack::OAuth2::Server::Authorize.new(simple_app) do |request, response|
|
|
10
10
|
response.approve!
|
|
11
11
|
response.code = "authorization_code"
|
|
12
12
|
response.access_token = "access_token"
|
|
@@ -26,7 +26,7 @@ describe Rack::OAuth2::Server::Authorization::CodeAndToken do
|
|
|
26
26
|
|
|
27
27
|
before do
|
|
28
28
|
# NOTE: for some reason, test fails when called Rack::OAuth2::Server::Authorization::Code directly
|
|
29
|
-
@app = Rack::OAuth2::Server::
|
|
29
|
+
@app = Rack::OAuth2::Server::Authorize.new(simple_app) do |request, response|
|
|
30
30
|
raise Rack::OAuth2::Server::Unauthorized.new(:access_denied, 'User rejected the requested access.', :redirect_uri => request.redirect_uri)
|
|
31
31
|
end
|
|
32
32
|
@request = Rack::MockRequest.new @app
|
|
@@ -1,12 +1,12 @@
|
|
|
1
1
|
require 'spec_helper.rb'
|
|
2
2
|
|
|
3
|
-
describe Rack::OAuth2::Server::
|
|
3
|
+
describe Rack::OAuth2::Server::Authorize::Code do
|
|
4
4
|
|
|
5
5
|
context "when authorized" do
|
|
6
6
|
|
|
7
7
|
before do
|
|
8
8
|
# NOTE: for some reason, test fails when called Rack::OAuth2::Server::Authorization::Code directly
|
|
9
|
-
@app = Rack::OAuth2::Server::
|
|
9
|
+
@app = Rack::OAuth2::Server::Authorize.new(simple_app) do |request, response|
|
|
10
10
|
response.approve!
|
|
11
11
|
response.code = "authorization_code"
|
|
12
12
|
end
|
|
@@ -25,7 +25,7 @@ describe Rack::OAuth2::Server::Authorization::Code do
|
|
|
25
25
|
|
|
26
26
|
before do
|
|
27
27
|
# NOTE: for some reason, test fails when called Rack::OAuth2::Server::Authorization::Code directly
|
|
28
|
-
@app = Rack::OAuth2::Server::
|
|
28
|
+
@app = Rack::OAuth2::Server::Authorize.new(simple_app) do |request, response|
|
|
29
29
|
raise Rack::OAuth2::Server::Unauthorized.new(:access_denied, 'User rejected the requested access.', :redirect_uri => request.redirect_uri)
|
|
30
30
|
end
|
|
31
31
|
@request = Rack::MockRequest.new @app
|
|
@@ -1,12 +1,12 @@
|
|
|
1
1
|
require 'spec_helper.rb'
|
|
2
2
|
|
|
3
|
-
describe Rack::OAuth2::Server::
|
|
3
|
+
describe Rack::OAuth2::Server::Authorize::Token do
|
|
4
4
|
|
|
5
5
|
context "when authorized" do
|
|
6
6
|
|
|
7
7
|
before do
|
|
8
8
|
# NOTE: for some reason, test fails when called Rack::OAuth2::Server::Authorization::Token directly
|
|
9
|
-
@app = Rack::OAuth2::Server::
|
|
9
|
+
@app = Rack::OAuth2::Server::Authorize.new do |request, response|
|
|
10
10
|
response.approve!
|
|
11
11
|
response.access_token = "access_token"
|
|
12
12
|
end
|
|
@@ -25,7 +25,7 @@ describe Rack::OAuth2::Server::Authorization::Token do
|
|
|
25
25
|
|
|
26
26
|
before do
|
|
27
27
|
# NOTE: for some reason, test fails when called Rack::OAuth2::Server::Authorization::Code directly
|
|
28
|
-
@app = Rack::OAuth2::Server::
|
|
28
|
+
@app = Rack::OAuth2::Server::Authorize.new do |request, response|
|
|
29
29
|
raise Rack::OAuth2::Server::Unauthorized.new(:access_denied, 'User rejected the requested access.', :redirect_uri => request.redirect_uri)
|
|
30
30
|
end
|
|
31
31
|
@request = Rack::MockRequest.new @app
|
|
@@ -1,16 +1,16 @@
|
|
|
1
1
|
require 'spec_helper.rb'
|
|
2
2
|
|
|
3
|
-
describe Rack::OAuth2::Server::
|
|
3
|
+
describe Rack::OAuth2::Server::Authorize do
|
|
4
4
|
it "should support realm" do
|
|
5
|
-
app = Rack::OAuth2::Server::
|
|
5
|
+
app = Rack::OAuth2::Server::Authorize.new("server.example.com")
|
|
6
6
|
app.realm.should == "server.example.com"
|
|
7
7
|
end
|
|
8
8
|
end
|
|
9
9
|
|
|
10
|
-
describe Rack::OAuth2::Server::
|
|
10
|
+
describe Rack::OAuth2::Server::Authorize::Request do
|
|
11
11
|
|
|
12
12
|
before do
|
|
13
|
-
@app = Rack::OAuth2::Server::
|
|
13
|
+
@app = Rack::OAuth2::Server::Authorize.new(simple_app) do |request, response|
|
|
14
14
|
response.code = "authorization_code"
|
|
15
15
|
end
|
|
16
16
|
@request = Rack::MockRequest.new @app
|
|
@@ -47,12 +47,12 @@ describe Rack::OAuth2::Server::Authorization::Request do
|
|
|
47
47
|
|
|
48
48
|
end
|
|
49
49
|
|
|
50
|
-
describe Rack::OAuth2::Server::
|
|
50
|
+
describe Rack::OAuth2::Server::Authorize::Response do
|
|
51
51
|
|
|
52
52
|
context "when required response params are missing" do
|
|
53
53
|
|
|
54
54
|
before do
|
|
55
|
-
@app = Rack::OAuth2::Server::
|
|
55
|
+
@app = Rack::OAuth2::Server::Authorize.new(simple_app) do |request, response|
|
|
56
56
|
response.approve!
|
|
57
57
|
# code is missing
|
|
58
58
|
end
|
|
@@ -70,7 +70,7 @@ describe Rack::OAuth2::Server::Authorization::Response do
|
|
|
70
70
|
context "when required response params are given" do
|
|
71
71
|
|
|
72
72
|
before do
|
|
73
|
-
@app = Rack::OAuth2::Server::
|
|
73
|
+
@app = Rack::OAuth2::Server::Authorize.new(simple_app) do |request, response|
|
|
74
74
|
response.approve!
|
|
75
75
|
response.code = "authorization_code"
|
|
76
76
|
end
|
|
@@ -53,8 +53,17 @@ describe Rack::OAuth2::Server::BadRequest do
|
|
|
53
53
|
end
|
|
54
54
|
|
|
55
55
|
describe Rack::OAuth2::Server::Unauthorized do
|
|
56
|
-
|
|
57
|
-
|
|
58
|
-
|
|
56
|
+
context "when payload is header" do
|
|
57
|
+
it "should use 401 as status" do
|
|
58
|
+
error = Rack::OAuth2::Server::Unauthorized.new(:invalid_client, '', :payload => :header)
|
|
59
|
+
error.code.should == 401
|
|
60
|
+
end
|
|
61
|
+
end
|
|
62
|
+
|
|
63
|
+
context "when payload isn't header" do
|
|
64
|
+
it "should use 400 as status" do
|
|
65
|
+
error = Rack::OAuth2::Server::Unauthorized.new(:invalid_request)
|
|
66
|
+
error.code.should == 400
|
|
67
|
+
end
|
|
59
68
|
end
|
|
60
69
|
end
|
|
@@ -13,7 +13,12 @@ describe Rack::OAuth2::Server::Token::Assertion do
|
|
|
13
13
|
end
|
|
14
14
|
|
|
15
15
|
it "should return access_token as json response body" do
|
|
16
|
-
response = @request.
|
|
16
|
+
response = @request.post("/", :params => {
|
|
17
|
+
:grant_type => "assertion",
|
|
18
|
+
:client_id => "valid_client",
|
|
19
|
+
:assertion => "valid_assertion",
|
|
20
|
+
:assertion_type => "something"
|
|
21
|
+
})
|
|
17
22
|
response.status.should == 200
|
|
18
23
|
response.content_type.should == "application/json"
|
|
19
24
|
response.body.should == "{\"access_token\":\"access_token\"}"
|
|
@@ -32,8 +37,13 @@ describe Rack::OAuth2::Server::Token::Assertion do
|
|
|
32
37
|
end
|
|
33
38
|
|
|
34
39
|
it "should return error message as json response body" do
|
|
35
|
-
response = @request.
|
|
36
|
-
|
|
40
|
+
response = @request.post("/", :params => {
|
|
41
|
+
:grant_type => "assertion",
|
|
42
|
+
:client_id => "valid_client",
|
|
43
|
+
:assertion => "invalid_assertion",
|
|
44
|
+
:assertion_type => "something"
|
|
45
|
+
})
|
|
46
|
+
response.status.should == 400
|
|
37
47
|
response.content_type.should == "application/json"
|
|
38
48
|
response.body.should == "{\"error_description\":\"Invalid assertion.\",\"error\":\"invalid_grant\"}"
|
|
39
49
|
end
|
|
@@ -13,7 +13,12 @@ describe Rack::OAuth2::Server::Token::AuthorizationCode do
|
|
|
13
13
|
end
|
|
14
14
|
|
|
15
15
|
it "should return access_token as json response body" do
|
|
16
|
-
response = @request.
|
|
16
|
+
response = @request.post("/", :params => {
|
|
17
|
+
:grant_type => "authorization_code",
|
|
18
|
+
:client_id => "valid_client",
|
|
19
|
+
:code => "valid_authorization_code",
|
|
20
|
+
:redirect_uri => "http://client.example.com/callback"
|
|
21
|
+
})
|
|
17
22
|
response.status.should == 200
|
|
18
23
|
response.content_type.should == "application/json"
|
|
19
24
|
response.body.should == "{\"access_token\":\"access_token\"}"
|
|
@@ -32,8 +37,13 @@ describe Rack::OAuth2::Server::Token::AuthorizationCode do
|
|
|
32
37
|
end
|
|
33
38
|
|
|
34
39
|
it "should return error message as json response body" do
|
|
35
|
-
response = @request.
|
|
36
|
-
|
|
40
|
+
response = @request.post("/", :params => {
|
|
41
|
+
:grant_type => "authorization_code",
|
|
42
|
+
:client_id => "valid_client",
|
|
43
|
+
:code => "invalid_authorization_code",
|
|
44
|
+
:redirect_uri => "http://client.example.com/callback"
|
|
45
|
+
})
|
|
46
|
+
response.status.should == 400
|
|
37
47
|
response.content_type.should == "application/json"
|
|
38
48
|
response.body.should == "{\"error_description\":\"Invalid authorization code.\",\"error\":\"invalid_grant\"}"
|
|
39
49
|
end
|
|
@@ -51,8 +61,13 @@ describe Rack::OAuth2::Server::Token::AuthorizationCode do
|
|
|
51
61
|
end
|
|
52
62
|
|
|
53
63
|
it "should return error message as json response body" do
|
|
54
|
-
response = @request.
|
|
55
|
-
|
|
64
|
+
response = @request.post("/", :params => {
|
|
65
|
+
:grant_type => "authorization_code",
|
|
66
|
+
:client_id => "invalid_client",
|
|
67
|
+
:code => "valid_authorization_code",
|
|
68
|
+
:redirect_uri => "http://client.example.com/callback"
|
|
69
|
+
})
|
|
70
|
+
response.status.should == 400
|
|
56
71
|
response.content_type.should == "application/json"
|
|
57
72
|
response.body.should == "{\"error_description\":\"Invalid client identifier.\",\"error\":\"invalid_client\"}"
|
|
58
73
|
end
|
|
@@ -13,7 +13,12 @@ describe Rack::OAuth2::Server::Token::Password do
|
|
|
13
13
|
end
|
|
14
14
|
|
|
15
15
|
it "should return access_token as json response body" do
|
|
16
|
-
response = @request.
|
|
16
|
+
response = @request.post("/", :params => {
|
|
17
|
+
:grant_type => "password",
|
|
18
|
+
:client_id => "valid_client",
|
|
19
|
+
:username => "nov",
|
|
20
|
+
:password => "valid_pass"
|
|
21
|
+
})
|
|
17
22
|
response.status.should == 200
|
|
18
23
|
response.content_type.should == "application/json"
|
|
19
24
|
response.body.should == "{\"access_token\":\"access_token\"}"
|
|
@@ -32,8 +37,13 @@ describe Rack::OAuth2::Server::Token::Password do
|
|
|
32
37
|
end
|
|
33
38
|
|
|
34
39
|
it "should return error message as json response body" do
|
|
35
|
-
response = @request.
|
|
36
|
-
|
|
40
|
+
response = @request.post("/", :params => {
|
|
41
|
+
:grant_type => "password",
|
|
42
|
+
:client_id => "valid_client",
|
|
43
|
+
:username => "nov",
|
|
44
|
+
:password => "invalid_pass"
|
|
45
|
+
})
|
|
46
|
+
response.status.should == 400
|
|
37
47
|
response.content_type.should == "application/json"
|
|
38
48
|
response.body.should == "{\"error_description\":\"Invalid resource owner credentials.\",\"error\":\"invalid_grant\"}"
|
|
39
49
|
end
|
|
@@ -13,7 +13,11 @@ describe Rack::OAuth2::Server::Token::RefreshToken do
|
|
|
13
13
|
end
|
|
14
14
|
|
|
15
15
|
it "should return access_token as json response body" do
|
|
16
|
-
response = @request.
|
|
16
|
+
response = @request.post("/", :params => {
|
|
17
|
+
:grant_type => "refresh_token",
|
|
18
|
+
:client_id => "valid_client",
|
|
19
|
+
:refresh_token => "valid_refresh_token"
|
|
20
|
+
})
|
|
17
21
|
response.status.should == 200
|
|
18
22
|
response.content_type.should == "application/json"
|
|
19
23
|
response.body.should == "{\"access_token\":\"access_token\"}"
|
|
@@ -32,8 +36,12 @@ describe Rack::OAuth2::Server::Token::RefreshToken do
|
|
|
32
36
|
end
|
|
33
37
|
|
|
34
38
|
it "should return error message as json response body" do
|
|
35
|
-
response = @request.
|
|
36
|
-
|
|
39
|
+
response = @request.post("/", :params => {
|
|
40
|
+
:grant_type => "refresh_token",
|
|
41
|
+
:client_id => "valid_client",
|
|
42
|
+
:refresh_token => "invalid_refresh_token"
|
|
43
|
+
})
|
|
44
|
+
response.status.should == 400
|
|
37
45
|
response.content_type.should == "application/json"
|
|
38
46
|
response.body.should == "{\"error_description\":\"Invalid refresh_token.\",\"error\":\"invalid_grant\"}"
|
|
39
47
|
end
|
metadata
CHANGED
|
@@ -1,13 +1,13 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: rack-oauth2
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
hash:
|
|
4
|
+
hash: 17
|
|
5
5
|
prerelease: false
|
|
6
6
|
segments:
|
|
7
7
|
- 0
|
|
8
8
|
- 0
|
|
9
|
-
-
|
|
10
|
-
version: 0.0.
|
|
9
|
+
- 7
|
|
10
|
+
version: 0.0.7
|
|
11
11
|
platform: ruby
|
|
12
12
|
authors:
|
|
13
13
|
- nov matake
|
|
@@ -87,10 +87,10 @@ files:
|
|
|
87
87
|
- lib/rack/oauth2/server/abstract/handler.rb
|
|
88
88
|
- lib/rack/oauth2/server/abstract/request.rb
|
|
89
89
|
- lib/rack/oauth2/server/abstract/response.rb
|
|
90
|
-
- lib/rack/oauth2/server/
|
|
91
|
-
- lib/rack/oauth2/server/
|
|
92
|
-
- lib/rack/oauth2/server/
|
|
93
|
-
- lib/rack/oauth2/server/
|
|
90
|
+
- lib/rack/oauth2/server/authorize.rb
|
|
91
|
+
- lib/rack/oauth2/server/authorize/code.rb
|
|
92
|
+
- lib/rack/oauth2/server/authorize/code_and_token.rb
|
|
93
|
+
- lib/rack/oauth2/server/authorize/token.rb
|
|
94
94
|
- lib/rack/oauth2/server/error.rb
|
|
95
95
|
- lib/rack/oauth2/server/token.rb
|
|
96
96
|
- lib/rack/oauth2/server/token/assertion.rb
|
|
@@ -99,10 +99,10 @@ files:
|
|
|
99
99
|
- lib/rack/oauth2/server/token/refresh_token.rb
|
|
100
100
|
- lib/rack/oauth2/server/util.rb
|
|
101
101
|
- rack-oauth2.gemspec
|
|
102
|
-
- spec/rack/oauth2/server/
|
|
103
|
-
- spec/rack/oauth2/server/
|
|
104
|
-
- spec/rack/oauth2/server/
|
|
105
|
-
- spec/rack/oauth2/server/
|
|
102
|
+
- spec/rack/oauth2/server/authorize/code_and_token_spec.rb
|
|
103
|
+
- spec/rack/oauth2/server/authorize/code_spec.rb
|
|
104
|
+
- spec/rack/oauth2/server/authorize/token_spec.rb
|
|
105
|
+
- spec/rack/oauth2/server/authorize_spec.rb
|
|
106
106
|
- spec/rack/oauth2/server/error_spec.rb
|
|
107
107
|
- spec/rack/oauth2/server/token/assertion_spec.rb
|
|
108
108
|
- spec/rack/oauth2/server/token/authorization_code_spec.rb
|
|
@@ -146,10 +146,10 @@ signing_key:
|
|
|
146
146
|
specification_version: 3
|
|
147
147
|
summary: Rack Middleware for OAuth2 Client & Server
|
|
148
148
|
test_files:
|
|
149
|
-
- spec/rack/oauth2/server/
|
|
150
|
-
- spec/rack/oauth2/server/
|
|
151
|
-
- spec/rack/oauth2/server/
|
|
152
|
-
- spec/rack/oauth2/server/
|
|
149
|
+
- spec/rack/oauth2/server/authorize/code_and_token_spec.rb
|
|
150
|
+
- spec/rack/oauth2/server/authorize/code_spec.rb
|
|
151
|
+
- spec/rack/oauth2/server/authorize/token_spec.rb
|
|
152
|
+
- spec/rack/oauth2/server/authorize_spec.rb
|
|
153
153
|
- spec/rack/oauth2/server/error_spec.rb
|
|
154
154
|
- spec/rack/oauth2/server/token/assertion_spec.rb
|
|
155
155
|
- spec/rack/oauth2/server/token/authorization_code_spec.rb
|