rack-oauth2 0.1.0 → 0.2.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/README.rdoc +15 -11
- data/Rakefile +2 -1
- data/VERSION +1 -1
- data/lib/rack/oauth2/server/abstract/request.rb +13 -7
- data/lib/rack/oauth2/server/authorize.rb +3 -1
- data/lib/rack/oauth2/server/error.rb +18 -18
- data/lib/rack/oauth2/server/error/authorize.rb +54 -0
- data/lib/rack/oauth2/server/error/resource.rb +50 -0
- data/lib/rack/oauth2/server/error/token.rb +59 -0
- data/lib/rack/oauth2/server/resource.rb +14 -11
- data/lib/rack/oauth2/server/token.rb +16 -5
- data/rack-oauth2.gemspec +14 -6
- data/spec/rack/oauth2/server/authorize/code_and_token_spec.rb +14 -4
- data/spec/rack/oauth2/server/authorize/code_spec.rb +14 -4
- data/spec/rack/oauth2/server/authorize/token_spec.rb +14 -4
- data/spec/rack/oauth2/server/error/authorize_spec.rb +103 -0
- data/spec/rack/oauth2/server/error/resource_spec.rb +69 -0
- data/spec/rack/oauth2/server/error/token_spec.rb +115 -0
- data/spec/rack/oauth2/server/error_spec.rb +35 -5
- data/spec/rack/oauth2/server/resource_spec.rb +36 -6
- data/spec/rack/oauth2/server/token/assertion_spec.rb +9 -6
- data/spec/rack/oauth2/server/token/authorization_code_spec.rb +60 -18
- data/spec/rack/oauth2/server/token/password_spec.rb +9 -6
- data/spec/rack/oauth2/server/token/refresh_token_spec.rb +9 -6
- data/spec/rack/oauth2/server/util_spec.rb +26 -0
- metadata +16 -8
- data/example/server/authorize.rb +0 -57
- data/example/server/oauth2_controller.rb +0 -100
- data/example/server/token.rb +0 -20
data/rack-oauth2.gemspec
CHANGED
@@ -5,11 +5,11 @@
|
|
5
5
|
|
6
6
|
Gem::Specification.new do |s|
|
7
7
|
s.name = %q{rack-oauth2}
|
8
|
-
s.version = "0.
|
8
|
+
s.version = "0.2.0"
|
9
9
|
|
10
10
|
s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
|
11
11
|
s.authors = ["nov matake"]
|
12
|
-
s.date = %q{2010-
|
12
|
+
s.date = %q{2010-10-03}
|
13
13
|
s.description = %q{Rack Middleware for OAuth2. Currently support only Server/Provider, not Client/Consumer.}
|
14
14
|
s.email = %q{nov@matake.jp}
|
15
15
|
s.extra_rdoc_files = [
|
@@ -23,9 +23,6 @@ Gem::Specification.new do |s|
|
|
23
23
|
"README.rdoc",
|
24
24
|
"Rakefile",
|
25
25
|
"VERSION",
|
26
|
-
"example/server/authorize.rb",
|
27
|
-
"example/server/oauth2_controller.rb",
|
28
|
-
"example/server/token.rb",
|
29
26
|
"lib/rack/oauth2.rb",
|
30
27
|
"lib/rack/oauth2/server.rb",
|
31
28
|
"lib/rack/oauth2/server/abstract.rb",
|
@@ -37,6 +34,9 @@ Gem::Specification.new do |s|
|
|
37
34
|
"lib/rack/oauth2/server/authorize/code_and_token.rb",
|
38
35
|
"lib/rack/oauth2/server/authorize/token.rb",
|
39
36
|
"lib/rack/oauth2/server/error.rb",
|
37
|
+
"lib/rack/oauth2/server/error/authorize.rb",
|
38
|
+
"lib/rack/oauth2/server/error/resource.rb",
|
39
|
+
"lib/rack/oauth2/server/error/token.rb",
|
40
40
|
"lib/rack/oauth2/server/resource.rb",
|
41
41
|
"lib/rack/oauth2/server/token.rb",
|
42
42
|
"lib/rack/oauth2/server/token/assertion.rb",
|
@@ -49,6 +49,9 @@ Gem::Specification.new do |s|
|
|
49
49
|
"spec/rack/oauth2/server/authorize/code_spec.rb",
|
50
50
|
"spec/rack/oauth2/server/authorize/token_spec.rb",
|
51
51
|
"spec/rack/oauth2/server/authorize_spec.rb",
|
52
|
+
"spec/rack/oauth2/server/error/authorize_spec.rb",
|
53
|
+
"spec/rack/oauth2/server/error/resource_spec.rb",
|
54
|
+
"spec/rack/oauth2/server/error/token_spec.rb",
|
52
55
|
"spec/rack/oauth2/server/error_spec.rb",
|
53
56
|
"spec/rack/oauth2/server/resource_spec.rb",
|
54
57
|
"spec/rack/oauth2/server/token/assertion_spec.rb",
|
@@ -56,6 +59,7 @@ Gem::Specification.new do |s|
|
|
56
59
|
"spec/rack/oauth2/server/token/password_spec.rb",
|
57
60
|
"spec/rack/oauth2/server/token/refresh_token_spec.rb",
|
58
61
|
"spec/rack/oauth2/server/token_spec.rb",
|
62
|
+
"spec/rack/oauth2/server/util_spec.rb",
|
59
63
|
"spec/spec.opts",
|
60
64
|
"spec/spec_helper.rb"
|
61
65
|
]
|
@@ -63,12 +67,15 @@ Gem::Specification.new do |s|
|
|
63
67
|
s.rdoc_options = ["--charset=UTF-8"]
|
64
68
|
s.require_paths = ["lib"]
|
65
69
|
s.rubygems_version = %q{1.3.7}
|
66
|
-
s.summary = %q{Rack Middleware for OAuth2
|
70
|
+
s.summary = %q{Rack Middleware for OAuth2 Server}
|
67
71
|
s.test_files = [
|
68
72
|
"spec/rack/oauth2/server/authorize/code_and_token_spec.rb",
|
69
73
|
"spec/rack/oauth2/server/authorize/code_spec.rb",
|
70
74
|
"spec/rack/oauth2/server/authorize/token_spec.rb",
|
71
75
|
"spec/rack/oauth2/server/authorize_spec.rb",
|
76
|
+
"spec/rack/oauth2/server/error/authorize_spec.rb",
|
77
|
+
"spec/rack/oauth2/server/error/resource_spec.rb",
|
78
|
+
"spec/rack/oauth2/server/error/token_spec.rb",
|
72
79
|
"spec/rack/oauth2/server/error_spec.rb",
|
73
80
|
"spec/rack/oauth2/server/resource_spec.rb",
|
74
81
|
"spec/rack/oauth2/server/token/assertion_spec.rb",
|
@@ -76,6 +83,7 @@ Gem::Specification.new do |s|
|
|
76
83
|
"spec/rack/oauth2/server/token/password_spec.rb",
|
77
84
|
"spec/rack/oauth2/server/token/refresh_token_spec.rb",
|
78
85
|
"spec/rack/oauth2/server/token_spec.rb",
|
86
|
+
"spec/rack/oauth2/server/util_spec.rb",
|
79
87
|
"spec/spec_helper.rb"
|
80
88
|
]
|
81
89
|
|
@@ -5,7 +5,6 @@ describe Rack::OAuth2::Server::Authorize::CodeAndToken do
|
|
5
5
|
context "when authorized" do
|
6
6
|
|
7
7
|
before do
|
8
|
-
# NOTE: for some reason, test fails when called Rack::OAuth2::Server::Authorization::CodeAndToken directly
|
9
8
|
@app = Rack::OAuth2::Server::Authorize.new(simple_app) do |request, response|
|
10
9
|
response.approve!
|
11
10
|
response.code = "authorization_code"
|
@@ -20,14 +19,21 @@ describe Rack::OAuth2::Server::Authorize::CodeAndToken do
|
|
20
19
|
response.location.should == "http://client.example.com/callback?code=authorization_code#access_token=access_token"
|
21
20
|
end
|
22
21
|
|
22
|
+
context "when redirect_uri already includes query and fragment" do
|
23
|
+
it "should keep original query and fragment" do
|
24
|
+
response = @request.get("/?response_type=code_and_token&client_id=client&redirect_uri=http://client.example.com/callback?k=v%23fragment")
|
25
|
+
response.status.should == 302
|
26
|
+
response.location.should == "http://client.example.com/callback?k=v&code=authorization_code#fragment&access_token=access_token"
|
27
|
+
end
|
28
|
+
end
|
29
|
+
|
23
30
|
end
|
24
31
|
|
25
32
|
context "when denied" do
|
26
33
|
|
27
34
|
before do
|
28
|
-
# NOTE: for some reason, test fails when called Rack::OAuth2::Server::Authorization::Code directly
|
29
35
|
@app = Rack::OAuth2::Server::Authorize.new(simple_app) do |request, response|
|
30
|
-
|
36
|
+
request.access_denied! 'User rejected the requested access.'
|
31
37
|
end
|
32
38
|
@request = Rack::MockRequest.new @app
|
33
39
|
end
|
@@ -35,7 +41,11 @@ describe Rack::OAuth2::Server::Authorize::CodeAndToken do
|
|
35
41
|
it "should redirect to redirect_uri with error message" do
|
36
42
|
response = @request.get("/?response_type=code_and_token&client_id=client&redirect_uri=http://client.example.com/callback")
|
37
43
|
response.status.should == 302
|
38
|
-
|
44
|
+
error_message = {
|
45
|
+
:error => :access_denied,
|
46
|
+
:error_description => "User rejected the requested access."
|
47
|
+
}
|
48
|
+
response.location.should == "http://client.example.com/callback?#{error_message.to_query}"
|
39
49
|
end
|
40
50
|
|
41
51
|
end
|
@@ -5,7 +5,6 @@ describe Rack::OAuth2::Server::Authorize::Code do
|
|
5
5
|
context "when authorized" do
|
6
6
|
|
7
7
|
before do
|
8
|
-
# NOTE: for some reason, test fails when called Rack::OAuth2::Server::Authorization::Code directly
|
9
8
|
@app = Rack::OAuth2::Server::Authorize.new(simple_app) do |request, response|
|
10
9
|
response.approve!
|
11
10
|
response.code = "authorization_code"
|
@@ -19,14 +18,21 @@ describe Rack::OAuth2::Server::Authorize::Code do
|
|
19
18
|
response.location.should == "http://client.example.com/callback?code=authorization_code"
|
20
19
|
end
|
21
20
|
|
21
|
+
context "when redirect_uri already includes query" do
|
22
|
+
it "should keep original query" do
|
23
|
+
response = @request.get("/?response_type=code&client_id=client&redirect_uri=http://client.example.com/callback?k=v")
|
24
|
+
response.status.should == 302
|
25
|
+
response.location.should == "http://client.example.com/callback?k=v&code=authorization_code"
|
26
|
+
end
|
27
|
+
end
|
28
|
+
|
22
29
|
end
|
23
30
|
|
24
31
|
context "when denied" do
|
25
32
|
|
26
33
|
before do
|
27
|
-
# NOTE: for some reason, test fails when called Rack::OAuth2::Server::Authorization::Code directly
|
28
34
|
@app = Rack::OAuth2::Server::Authorize.new(simple_app) do |request, response|
|
29
|
-
|
35
|
+
request.access_denied! 'User rejected the requested access.'
|
30
36
|
end
|
31
37
|
@request = Rack::MockRequest.new @app
|
32
38
|
end
|
@@ -34,7 +40,11 @@ describe Rack::OAuth2::Server::Authorize::Code do
|
|
34
40
|
it "should redirect to redirect_uri with error message" do
|
35
41
|
response = @request.get("/?response_type=code&client_id=client&redirect_uri=http://client.example.com/callback")
|
36
42
|
response.status.should == 302
|
37
|
-
|
43
|
+
error_message = {
|
44
|
+
:error => :access_denied,
|
45
|
+
:error_description => "User rejected the requested access."
|
46
|
+
}
|
47
|
+
response.location.should == "http://client.example.com/callback?#{error_message.to_query}"
|
38
48
|
end
|
39
49
|
|
40
50
|
end
|
@@ -5,7 +5,6 @@ describe Rack::OAuth2::Server::Authorize::Token do
|
|
5
5
|
context "when authorized" do
|
6
6
|
|
7
7
|
before do
|
8
|
-
# NOTE: for some reason, test fails when called Rack::OAuth2::Server::Authorization::Token directly
|
9
8
|
@app = Rack::OAuth2::Server::Authorize.new do |request, response|
|
10
9
|
response.approve!
|
11
10
|
response.access_token = "access_token"
|
@@ -19,14 +18,21 @@ describe Rack::OAuth2::Server::Authorize::Token do
|
|
19
18
|
response.location.should == "http://client.example.com/callback#access_token=access_token"
|
20
19
|
end
|
21
20
|
|
21
|
+
context "when redirect_uri already includes fragment" do
|
22
|
+
it "should keep original fragment" do
|
23
|
+
response = @request.get("/?response_type=token&client_id=client&redirect_uri=http://client.example.com/callback%23fragment")
|
24
|
+
response.status.should == 302
|
25
|
+
response.location.should == "http://client.example.com/callback#fragment&access_token=access_token"
|
26
|
+
end
|
27
|
+
end
|
28
|
+
|
22
29
|
end
|
23
30
|
|
24
31
|
context "when denied" do
|
25
32
|
|
26
33
|
before do
|
27
|
-
# NOTE: for some reason, test fails when called Rack::OAuth2::Server::Authorization::Code directly
|
28
34
|
@app = Rack::OAuth2::Server::Authorize.new do |request, response|
|
29
|
-
|
35
|
+
request.access_denied! 'User rejected the requested access.'
|
30
36
|
end
|
31
37
|
@request = Rack::MockRequest.new @app
|
32
38
|
end
|
@@ -34,7 +40,11 @@ describe Rack::OAuth2::Server::Authorize::Token do
|
|
34
40
|
it "should redirect to redirect_uri with error message" do
|
35
41
|
response = @request.get("/?response_type=token&client_id=client&redirect_uri=http://client.example.com/callback")
|
36
42
|
response.status.should == 302
|
37
|
-
|
43
|
+
error_message = {
|
44
|
+
:error => :access_denied,
|
45
|
+
:error_description => "User rejected the requested access."
|
46
|
+
}
|
47
|
+
response.location.should == "http://client.example.com/callback?#{error_message.to_query}"
|
38
48
|
end
|
39
49
|
|
40
50
|
end
|
@@ -0,0 +1,103 @@
|
|
1
|
+
require 'spec_helper.rb'
|
2
|
+
|
3
|
+
describe Rack::OAuth2::Server::Authorize::Request do
|
4
|
+
|
5
|
+
before do
|
6
|
+
@request = Rack::OAuth2::Server::Authorize::Request.new(
|
7
|
+
Rack::MockRequest.env_for("/authorize", :params => {
|
8
|
+
:client_id => "client_id",
|
9
|
+
:response_type => "code"
|
10
|
+
})
|
11
|
+
)
|
12
|
+
end
|
13
|
+
|
14
|
+
describe "#error!" do
|
15
|
+
it "should raise BadRequest error" do
|
16
|
+
lambda do
|
17
|
+
@request.error! :something
|
18
|
+
end.should raise_error(Rack::OAuth2::Server::BadRequest) { |e|
|
19
|
+
e.error.should == :something
|
20
|
+
e.description.should be_nil
|
21
|
+
}
|
22
|
+
end
|
23
|
+
end
|
24
|
+
|
25
|
+
describe "#invalid_request!" do
|
26
|
+
it "should raise BadRequest error" do
|
27
|
+
lambda do
|
28
|
+
@request.invalid_request!
|
29
|
+
end.should raise_error(Rack::OAuth2::Server::BadRequest) { |e|
|
30
|
+
e.error.should == :invalid_request
|
31
|
+
e.description.should == Rack::OAuth2::Server::Error::Authorize::DEFAULT_DESCRIPTION[:invalid_request]
|
32
|
+
}
|
33
|
+
end
|
34
|
+
end
|
35
|
+
|
36
|
+
describe "#invalid_client!" do
|
37
|
+
it "should raise BadRequest error" do
|
38
|
+
lambda do
|
39
|
+
@request.invalid_client!
|
40
|
+
end.should raise_error(Rack::OAuth2::Server::BadRequest) { |e|
|
41
|
+
e.error.should == :invalid_client
|
42
|
+
e.description.should == Rack::OAuth2::Server::Error::Authorize::DEFAULT_DESCRIPTION[:invalid_client]
|
43
|
+
}
|
44
|
+
end
|
45
|
+
end
|
46
|
+
|
47
|
+
describe "#unauthorized_client!" do
|
48
|
+
it "should raise BadRequest error" do
|
49
|
+
lambda do
|
50
|
+
@request.unauthorized_client!
|
51
|
+
end.should raise_error(Rack::OAuth2::Server::BadRequest) { |e|
|
52
|
+
e.error.should == :unauthorized_client
|
53
|
+
e.description.should == Rack::OAuth2::Server::Error::Authorize::DEFAULT_DESCRIPTION[:unauthorized_client]
|
54
|
+
}
|
55
|
+
end
|
56
|
+
end
|
57
|
+
|
58
|
+
describe "#redirect_uri_mismatch!" do
|
59
|
+
it "should raise BadRequest error" do
|
60
|
+
lambda do
|
61
|
+
@request.redirect_uri_mismatch!
|
62
|
+
end.should raise_error(Rack::OAuth2::Server::BadRequest) { |e|
|
63
|
+
e.error.should == :redirect_uri_mismatch
|
64
|
+
e.description.should == Rack::OAuth2::Server::Error::Authorize::DEFAULT_DESCRIPTION[:redirect_uri_mismatch]
|
65
|
+
}
|
66
|
+
end
|
67
|
+
end
|
68
|
+
|
69
|
+
describe "#access_denied!" do
|
70
|
+
it "should raise BadRequest error" do
|
71
|
+
lambda do
|
72
|
+
@request.access_denied!
|
73
|
+
end.should raise_error(Rack::OAuth2::Server::BadRequest) { |e|
|
74
|
+
e.error.should == :access_denied
|
75
|
+
e.description.should == Rack::OAuth2::Server::Error::Authorize::DEFAULT_DESCRIPTION[:access_denied]
|
76
|
+
}
|
77
|
+
end
|
78
|
+
end
|
79
|
+
|
80
|
+
describe "#unsupported_response_type!" do
|
81
|
+
it "should raise BadRequest error" do
|
82
|
+
lambda do
|
83
|
+
@request.unsupported_response_type!
|
84
|
+
end.should raise_error(Rack::OAuth2::Server::BadRequest) { |e|
|
85
|
+
p e
|
86
|
+
e.error.should == :unsupported_response_type
|
87
|
+
e.description.should == Rack::OAuth2::Server::Error::Authorize::DEFAULT_DESCRIPTION[:unsupported_response_type]
|
88
|
+
}
|
89
|
+
end
|
90
|
+
end
|
91
|
+
|
92
|
+
describe "#invalid_scope!" do
|
93
|
+
it "should raise BadRequest error" do
|
94
|
+
lambda do
|
95
|
+
@request.invalid_scope!
|
96
|
+
end.should raise_error(Rack::OAuth2::Server::BadRequest) { |e|
|
97
|
+
e.error.should == :invalid_scope
|
98
|
+
e.description.should == Rack::OAuth2::Server::Error::Authorize::DEFAULT_DESCRIPTION[:invalid_scope]
|
99
|
+
}
|
100
|
+
end
|
101
|
+
end
|
102
|
+
|
103
|
+
end
|
@@ -0,0 +1,69 @@
|
|
1
|
+
require 'spec_helper.rb'
|
2
|
+
|
3
|
+
describe Rack::OAuth2::Server::Resource::Request do
|
4
|
+
|
5
|
+
before do
|
6
|
+
@request = Rack::OAuth2::Server::Resource::Request.new(
|
7
|
+
Rack::MockRequest.env_for("/resource", :params => {
|
8
|
+
:oauth_token => "oauth_token"
|
9
|
+
}), "server.example.com"
|
10
|
+
)
|
11
|
+
end
|
12
|
+
|
13
|
+
describe "#error!" do
|
14
|
+
it "should raise BadRequest error" do
|
15
|
+
lambda do
|
16
|
+
@request.error! :something
|
17
|
+
end.should raise_error(Rack::OAuth2::Server::Error) { |e|
|
18
|
+
e.status.should == 400
|
19
|
+
e.error.should == :something
|
20
|
+
e.description.should be_nil
|
21
|
+
}
|
22
|
+
end
|
23
|
+
end
|
24
|
+
|
25
|
+
describe "#invalid_request!" do
|
26
|
+
it "should raise BadRequest error" do
|
27
|
+
lambda do
|
28
|
+
@request.invalid_request!
|
29
|
+
end.should raise_error(Rack::OAuth2::Server::BadRequest) { |e|
|
30
|
+
e.error.should == :invalid_request
|
31
|
+
e.description.should == Rack::OAuth2::Server::Error::Resource::DEFAULT_DESCRIPTION[:invalid_request]
|
32
|
+
}
|
33
|
+
end
|
34
|
+
end
|
35
|
+
|
36
|
+
describe "#invalid_token!" do
|
37
|
+
it "should raise Unauthorized error" do
|
38
|
+
lambda do
|
39
|
+
@request.invalid_token!
|
40
|
+
end.should raise_error(Rack::OAuth2::Server::Unauthorized) { |e|
|
41
|
+
e.error.should == :invalid_token
|
42
|
+
e.description.should == Rack::OAuth2::Server::Error::Resource::DEFAULT_DESCRIPTION[:invalid_token]
|
43
|
+
}
|
44
|
+
end
|
45
|
+
end
|
46
|
+
|
47
|
+
describe "#expired_token!" do
|
48
|
+
it "should raise Unauthorized error" do
|
49
|
+
lambda do
|
50
|
+
@request.expired_token!
|
51
|
+
end.should raise_error(Rack::OAuth2::Server::Unauthorized) { |e|
|
52
|
+
e.error.should == :expired_token
|
53
|
+
e.description.should == Rack::OAuth2::Server::Error::Resource::DEFAULT_DESCRIPTION[:expired_token]
|
54
|
+
}
|
55
|
+
end
|
56
|
+
end
|
57
|
+
|
58
|
+
describe "#insufficient_scope!" do
|
59
|
+
it "should raise Forbidden error" do
|
60
|
+
lambda do
|
61
|
+
@request.insufficient_scope!
|
62
|
+
end.should raise_error(Rack::OAuth2::Server::Forbidden) { |e|
|
63
|
+
e.error.should == :insufficient_scope
|
64
|
+
e.description.should == Rack::OAuth2::Server::Error::Resource::DEFAULT_DESCRIPTION[:insufficient_scope]
|
65
|
+
}
|
66
|
+
end
|
67
|
+
end
|
68
|
+
|
69
|
+
end
|
@@ -0,0 +1,115 @@
|
|
1
|
+
require 'spec_helper.rb'
|
2
|
+
|
3
|
+
describe Rack::OAuth2::Server::Token::Request do
|
4
|
+
|
5
|
+
before do
|
6
|
+
@request = Rack::OAuth2::Server::Token::Request.new(
|
7
|
+
Rack::MockRequest.env_for("/token", :params => {
|
8
|
+
:client_id => "client_id",
|
9
|
+
:grant_type => "authorization_code",
|
10
|
+
:code => "code"
|
11
|
+
})
|
12
|
+
)
|
13
|
+
end
|
14
|
+
|
15
|
+
describe "#error!" do
|
16
|
+
it "should raise BadRequest error" do
|
17
|
+
lambda do
|
18
|
+
@request.error! :something
|
19
|
+
end.should raise_error(Rack::OAuth2::Server::BadRequest) { |e|
|
20
|
+
e.error.should == :something
|
21
|
+
e.description.should be_nil
|
22
|
+
}
|
23
|
+
end
|
24
|
+
end
|
25
|
+
|
26
|
+
describe "#invalid_request!" do
|
27
|
+
it "should raise BadRequest error" do
|
28
|
+
lambda do
|
29
|
+
@request.invalid_request!
|
30
|
+
end.should raise_error(Rack::OAuth2::Server::BadRequest) { |e|
|
31
|
+
e.error.should == :invalid_request
|
32
|
+
e.description.should == Rack::OAuth2::Server::Error::Token::DEFAULT_DESCRIPTION[:invalid_request]
|
33
|
+
}
|
34
|
+
end
|
35
|
+
end
|
36
|
+
|
37
|
+
describe "#invalid_client!" do
|
38
|
+
it "should raise BadRequest error" do
|
39
|
+
lambda do
|
40
|
+
@request.invalid_client!
|
41
|
+
end.should raise_error(Rack::OAuth2::Server::BadRequest) { |e|
|
42
|
+
e.error.should == :invalid_client
|
43
|
+
e.description.should == Rack::OAuth2::Server::Error::Token::DEFAULT_DESCRIPTION[:invalid_client]
|
44
|
+
}
|
45
|
+
end
|
46
|
+
|
47
|
+
context "when Authorization header is used" do
|
48
|
+
it "should raise Unauthorized error" do
|
49
|
+
lambda do
|
50
|
+
@request.via_authorization_header = true
|
51
|
+
@request.invalid_client!
|
52
|
+
end.should raise_error(Rack::OAuth2::Server::Unauthorized) { |e|
|
53
|
+
e.error.should == :invalid_client
|
54
|
+
e.description.should == Rack::OAuth2::Server::Error::Token::DEFAULT_DESCRIPTION[:invalid_client]
|
55
|
+
}
|
56
|
+
end
|
57
|
+
end
|
58
|
+
end
|
59
|
+
|
60
|
+
describe "#unauthorized_client!" do
|
61
|
+
it "should raise BadRequest error" do
|
62
|
+
lambda do
|
63
|
+
@request.unauthorized_client!
|
64
|
+
end.should raise_error(Rack::OAuth2::Server::BadRequest) { |e|
|
65
|
+
e.error.should == :unauthorized_client
|
66
|
+
e.description.should == Rack::OAuth2::Server::Error::Token::DEFAULT_DESCRIPTION[:unauthorized_client]
|
67
|
+
}
|
68
|
+
end
|
69
|
+
end
|
70
|
+
|
71
|
+
describe "#invalid_grant!" do
|
72
|
+
it "should raise BadRequest error" do
|
73
|
+
lambda do
|
74
|
+
@request.invalid_grant!
|
75
|
+
end.should raise_error(Rack::OAuth2::Server::BadRequest) { |e|
|
76
|
+
e.error.should == :invalid_grant
|
77
|
+
e.description.should == Rack::OAuth2::Server::Error::Token::DEFAULT_DESCRIPTION[:invalid_grant]
|
78
|
+
}
|
79
|
+
end
|
80
|
+
end
|
81
|
+
|
82
|
+
describe "#unsupported_grant_type!" do
|
83
|
+
it "should raise BadRequest error" do
|
84
|
+
lambda do
|
85
|
+
@request.unsupported_grant_type!
|
86
|
+
end.should raise_error(Rack::OAuth2::Server::BadRequest) { |e|
|
87
|
+
e.error.should == :unsupported_grant_type
|
88
|
+
e.description.should == Rack::OAuth2::Server::Error::Token::DEFAULT_DESCRIPTION[:unsupported_grant_type]
|
89
|
+
}
|
90
|
+
end
|
91
|
+
end
|
92
|
+
|
93
|
+
describe "#unsupported_response_type!" do
|
94
|
+
it "should raise BadRequest error" do
|
95
|
+
lambda do
|
96
|
+
@request.unsupported_response_type!
|
97
|
+
end.should raise_error(Rack::OAuth2::Server::BadRequest) { |e|
|
98
|
+
e.error.should == :unsupported_response_type
|
99
|
+
e.description.should == Rack::OAuth2::Server::Error::Token::DEFAULT_DESCRIPTION[:unsupported_response_type]
|
100
|
+
}
|
101
|
+
end
|
102
|
+
end
|
103
|
+
|
104
|
+
describe "#invalid_scope!" do
|
105
|
+
it "should raise BadRequest error" do
|
106
|
+
lambda do
|
107
|
+
@request.invalid_scope!
|
108
|
+
end.should raise_error(Rack::OAuth2::Server::BadRequest) { |e|
|
109
|
+
e.error.should == :invalid_scope
|
110
|
+
e.description.should == Rack::OAuth2::Server::Error::Token::DEFAULT_DESCRIPTION[:invalid_scope]
|
111
|
+
}
|
112
|
+
end
|
113
|
+
end
|
114
|
+
|
115
|
+
end
|