rack-oauth2 0.1.0 → 0.2.0
Sign up to get free protection for your applications and to get access to all the features.
- data/README.rdoc +15 -11
- data/Rakefile +2 -1
- data/VERSION +1 -1
- data/lib/rack/oauth2/server/abstract/request.rb +13 -7
- data/lib/rack/oauth2/server/authorize.rb +3 -1
- data/lib/rack/oauth2/server/error.rb +18 -18
- data/lib/rack/oauth2/server/error/authorize.rb +54 -0
- data/lib/rack/oauth2/server/error/resource.rb +50 -0
- data/lib/rack/oauth2/server/error/token.rb +59 -0
- data/lib/rack/oauth2/server/resource.rb +14 -11
- data/lib/rack/oauth2/server/token.rb +16 -5
- data/rack-oauth2.gemspec +14 -6
- data/spec/rack/oauth2/server/authorize/code_and_token_spec.rb +14 -4
- data/spec/rack/oauth2/server/authorize/code_spec.rb +14 -4
- data/spec/rack/oauth2/server/authorize/token_spec.rb +14 -4
- data/spec/rack/oauth2/server/error/authorize_spec.rb +103 -0
- data/spec/rack/oauth2/server/error/resource_spec.rb +69 -0
- data/spec/rack/oauth2/server/error/token_spec.rb +115 -0
- data/spec/rack/oauth2/server/error_spec.rb +35 -5
- data/spec/rack/oauth2/server/resource_spec.rb +36 -6
- data/spec/rack/oauth2/server/token/assertion_spec.rb +9 -6
- data/spec/rack/oauth2/server/token/authorization_code_spec.rb +60 -18
- data/spec/rack/oauth2/server/token/password_spec.rb +9 -6
- data/spec/rack/oauth2/server/token/refresh_token_spec.rb +9 -6
- data/spec/rack/oauth2/server/util_spec.rb +26 -0
- metadata +16 -8
- data/example/server/authorize.rb +0 -57
- data/example/server/oauth2_controller.rb +0 -100
- data/example/server/token.rb +0 -20
data/rack-oauth2.gemspec
CHANGED
|
@@ -5,11 +5,11 @@
|
|
|
5
5
|
|
|
6
6
|
Gem::Specification.new do |s|
|
|
7
7
|
s.name = %q{rack-oauth2}
|
|
8
|
-
s.version = "0.
|
|
8
|
+
s.version = "0.2.0"
|
|
9
9
|
|
|
10
10
|
s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
|
|
11
11
|
s.authors = ["nov matake"]
|
|
12
|
-
s.date = %q{2010-
|
|
12
|
+
s.date = %q{2010-10-03}
|
|
13
13
|
s.description = %q{Rack Middleware for OAuth2. Currently support only Server/Provider, not Client/Consumer.}
|
|
14
14
|
s.email = %q{nov@matake.jp}
|
|
15
15
|
s.extra_rdoc_files = [
|
|
@@ -23,9 +23,6 @@ Gem::Specification.new do |s|
|
|
|
23
23
|
"README.rdoc",
|
|
24
24
|
"Rakefile",
|
|
25
25
|
"VERSION",
|
|
26
|
-
"example/server/authorize.rb",
|
|
27
|
-
"example/server/oauth2_controller.rb",
|
|
28
|
-
"example/server/token.rb",
|
|
29
26
|
"lib/rack/oauth2.rb",
|
|
30
27
|
"lib/rack/oauth2/server.rb",
|
|
31
28
|
"lib/rack/oauth2/server/abstract.rb",
|
|
@@ -37,6 +34,9 @@ Gem::Specification.new do |s|
|
|
|
37
34
|
"lib/rack/oauth2/server/authorize/code_and_token.rb",
|
|
38
35
|
"lib/rack/oauth2/server/authorize/token.rb",
|
|
39
36
|
"lib/rack/oauth2/server/error.rb",
|
|
37
|
+
"lib/rack/oauth2/server/error/authorize.rb",
|
|
38
|
+
"lib/rack/oauth2/server/error/resource.rb",
|
|
39
|
+
"lib/rack/oauth2/server/error/token.rb",
|
|
40
40
|
"lib/rack/oauth2/server/resource.rb",
|
|
41
41
|
"lib/rack/oauth2/server/token.rb",
|
|
42
42
|
"lib/rack/oauth2/server/token/assertion.rb",
|
|
@@ -49,6 +49,9 @@ Gem::Specification.new do |s|
|
|
|
49
49
|
"spec/rack/oauth2/server/authorize/code_spec.rb",
|
|
50
50
|
"spec/rack/oauth2/server/authorize/token_spec.rb",
|
|
51
51
|
"spec/rack/oauth2/server/authorize_spec.rb",
|
|
52
|
+
"spec/rack/oauth2/server/error/authorize_spec.rb",
|
|
53
|
+
"spec/rack/oauth2/server/error/resource_spec.rb",
|
|
54
|
+
"spec/rack/oauth2/server/error/token_spec.rb",
|
|
52
55
|
"spec/rack/oauth2/server/error_spec.rb",
|
|
53
56
|
"spec/rack/oauth2/server/resource_spec.rb",
|
|
54
57
|
"spec/rack/oauth2/server/token/assertion_spec.rb",
|
|
@@ -56,6 +59,7 @@ Gem::Specification.new do |s|
|
|
|
56
59
|
"spec/rack/oauth2/server/token/password_spec.rb",
|
|
57
60
|
"spec/rack/oauth2/server/token/refresh_token_spec.rb",
|
|
58
61
|
"spec/rack/oauth2/server/token_spec.rb",
|
|
62
|
+
"spec/rack/oauth2/server/util_spec.rb",
|
|
59
63
|
"spec/spec.opts",
|
|
60
64
|
"spec/spec_helper.rb"
|
|
61
65
|
]
|
|
@@ -63,12 +67,15 @@ Gem::Specification.new do |s|
|
|
|
63
67
|
s.rdoc_options = ["--charset=UTF-8"]
|
|
64
68
|
s.require_paths = ["lib"]
|
|
65
69
|
s.rubygems_version = %q{1.3.7}
|
|
66
|
-
s.summary = %q{Rack Middleware for OAuth2
|
|
70
|
+
s.summary = %q{Rack Middleware for OAuth2 Server}
|
|
67
71
|
s.test_files = [
|
|
68
72
|
"spec/rack/oauth2/server/authorize/code_and_token_spec.rb",
|
|
69
73
|
"spec/rack/oauth2/server/authorize/code_spec.rb",
|
|
70
74
|
"spec/rack/oauth2/server/authorize/token_spec.rb",
|
|
71
75
|
"spec/rack/oauth2/server/authorize_spec.rb",
|
|
76
|
+
"spec/rack/oauth2/server/error/authorize_spec.rb",
|
|
77
|
+
"spec/rack/oauth2/server/error/resource_spec.rb",
|
|
78
|
+
"spec/rack/oauth2/server/error/token_spec.rb",
|
|
72
79
|
"spec/rack/oauth2/server/error_spec.rb",
|
|
73
80
|
"spec/rack/oauth2/server/resource_spec.rb",
|
|
74
81
|
"spec/rack/oauth2/server/token/assertion_spec.rb",
|
|
@@ -76,6 +83,7 @@ Gem::Specification.new do |s|
|
|
|
76
83
|
"spec/rack/oauth2/server/token/password_spec.rb",
|
|
77
84
|
"spec/rack/oauth2/server/token/refresh_token_spec.rb",
|
|
78
85
|
"spec/rack/oauth2/server/token_spec.rb",
|
|
86
|
+
"spec/rack/oauth2/server/util_spec.rb",
|
|
79
87
|
"spec/spec_helper.rb"
|
|
80
88
|
]
|
|
81
89
|
|
|
@@ -5,7 +5,6 @@ describe Rack::OAuth2::Server::Authorize::CodeAndToken do
|
|
|
5
5
|
context "when authorized" do
|
|
6
6
|
|
|
7
7
|
before do
|
|
8
|
-
# NOTE: for some reason, test fails when called Rack::OAuth2::Server::Authorization::CodeAndToken directly
|
|
9
8
|
@app = Rack::OAuth2::Server::Authorize.new(simple_app) do |request, response|
|
|
10
9
|
response.approve!
|
|
11
10
|
response.code = "authorization_code"
|
|
@@ -20,14 +19,21 @@ describe Rack::OAuth2::Server::Authorize::CodeAndToken do
|
|
|
20
19
|
response.location.should == "http://client.example.com/callback?code=authorization_code#access_token=access_token"
|
|
21
20
|
end
|
|
22
21
|
|
|
22
|
+
context "when redirect_uri already includes query and fragment" do
|
|
23
|
+
it "should keep original query and fragment" do
|
|
24
|
+
response = @request.get("/?response_type=code_and_token&client_id=client&redirect_uri=http://client.example.com/callback?k=v%23fragment")
|
|
25
|
+
response.status.should == 302
|
|
26
|
+
response.location.should == "http://client.example.com/callback?k=v&code=authorization_code#fragment&access_token=access_token"
|
|
27
|
+
end
|
|
28
|
+
end
|
|
29
|
+
|
|
23
30
|
end
|
|
24
31
|
|
|
25
32
|
context "when denied" do
|
|
26
33
|
|
|
27
34
|
before do
|
|
28
|
-
# NOTE: for some reason, test fails when called Rack::OAuth2::Server::Authorization::Code directly
|
|
29
35
|
@app = Rack::OAuth2::Server::Authorize.new(simple_app) do |request, response|
|
|
30
|
-
|
|
36
|
+
request.access_denied! 'User rejected the requested access.'
|
|
31
37
|
end
|
|
32
38
|
@request = Rack::MockRequest.new @app
|
|
33
39
|
end
|
|
@@ -35,7 +41,11 @@ describe Rack::OAuth2::Server::Authorize::CodeAndToken do
|
|
|
35
41
|
it "should redirect to redirect_uri with error message" do
|
|
36
42
|
response = @request.get("/?response_type=code_and_token&client_id=client&redirect_uri=http://client.example.com/callback")
|
|
37
43
|
response.status.should == 302
|
|
38
|
-
|
|
44
|
+
error_message = {
|
|
45
|
+
:error => :access_denied,
|
|
46
|
+
:error_description => "User rejected the requested access."
|
|
47
|
+
}
|
|
48
|
+
response.location.should == "http://client.example.com/callback?#{error_message.to_query}"
|
|
39
49
|
end
|
|
40
50
|
|
|
41
51
|
end
|
|
@@ -5,7 +5,6 @@ describe Rack::OAuth2::Server::Authorize::Code do
|
|
|
5
5
|
context "when authorized" do
|
|
6
6
|
|
|
7
7
|
before do
|
|
8
|
-
# NOTE: for some reason, test fails when called Rack::OAuth2::Server::Authorization::Code directly
|
|
9
8
|
@app = Rack::OAuth2::Server::Authorize.new(simple_app) do |request, response|
|
|
10
9
|
response.approve!
|
|
11
10
|
response.code = "authorization_code"
|
|
@@ -19,14 +18,21 @@ describe Rack::OAuth2::Server::Authorize::Code do
|
|
|
19
18
|
response.location.should == "http://client.example.com/callback?code=authorization_code"
|
|
20
19
|
end
|
|
21
20
|
|
|
21
|
+
context "when redirect_uri already includes query" do
|
|
22
|
+
it "should keep original query" do
|
|
23
|
+
response = @request.get("/?response_type=code&client_id=client&redirect_uri=http://client.example.com/callback?k=v")
|
|
24
|
+
response.status.should == 302
|
|
25
|
+
response.location.should == "http://client.example.com/callback?k=v&code=authorization_code"
|
|
26
|
+
end
|
|
27
|
+
end
|
|
28
|
+
|
|
22
29
|
end
|
|
23
30
|
|
|
24
31
|
context "when denied" do
|
|
25
32
|
|
|
26
33
|
before do
|
|
27
|
-
# NOTE: for some reason, test fails when called Rack::OAuth2::Server::Authorization::Code directly
|
|
28
34
|
@app = Rack::OAuth2::Server::Authorize.new(simple_app) do |request, response|
|
|
29
|
-
|
|
35
|
+
request.access_denied! 'User rejected the requested access.'
|
|
30
36
|
end
|
|
31
37
|
@request = Rack::MockRequest.new @app
|
|
32
38
|
end
|
|
@@ -34,7 +40,11 @@ describe Rack::OAuth2::Server::Authorize::Code do
|
|
|
34
40
|
it "should redirect to redirect_uri with error message" do
|
|
35
41
|
response = @request.get("/?response_type=code&client_id=client&redirect_uri=http://client.example.com/callback")
|
|
36
42
|
response.status.should == 302
|
|
37
|
-
|
|
43
|
+
error_message = {
|
|
44
|
+
:error => :access_denied,
|
|
45
|
+
:error_description => "User rejected the requested access."
|
|
46
|
+
}
|
|
47
|
+
response.location.should == "http://client.example.com/callback?#{error_message.to_query}"
|
|
38
48
|
end
|
|
39
49
|
|
|
40
50
|
end
|
|
@@ -5,7 +5,6 @@ describe Rack::OAuth2::Server::Authorize::Token do
|
|
|
5
5
|
context "when authorized" do
|
|
6
6
|
|
|
7
7
|
before do
|
|
8
|
-
# NOTE: for some reason, test fails when called Rack::OAuth2::Server::Authorization::Token directly
|
|
9
8
|
@app = Rack::OAuth2::Server::Authorize.new do |request, response|
|
|
10
9
|
response.approve!
|
|
11
10
|
response.access_token = "access_token"
|
|
@@ -19,14 +18,21 @@ describe Rack::OAuth2::Server::Authorize::Token do
|
|
|
19
18
|
response.location.should == "http://client.example.com/callback#access_token=access_token"
|
|
20
19
|
end
|
|
21
20
|
|
|
21
|
+
context "when redirect_uri already includes fragment" do
|
|
22
|
+
it "should keep original fragment" do
|
|
23
|
+
response = @request.get("/?response_type=token&client_id=client&redirect_uri=http://client.example.com/callback%23fragment")
|
|
24
|
+
response.status.should == 302
|
|
25
|
+
response.location.should == "http://client.example.com/callback#fragment&access_token=access_token"
|
|
26
|
+
end
|
|
27
|
+
end
|
|
28
|
+
|
|
22
29
|
end
|
|
23
30
|
|
|
24
31
|
context "when denied" do
|
|
25
32
|
|
|
26
33
|
before do
|
|
27
|
-
# NOTE: for some reason, test fails when called Rack::OAuth2::Server::Authorization::Code directly
|
|
28
34
|
@app = Rack::OAuth2::Server::Authorize.new do |request, response|
|
|
29
|
-
|
|
35
|
+
request.access_denied! 'User rejected the requested access.'
|
|
30
36
|
end
|
|
31
37
|
@request = Rack::MockRequest.new @app
|
|
32
38
|
end
|
|
@@ -34,7 +40,11 @@ describe Rack::OAuth2::Server::Authorize::Token do
|
|
|
34
40
|
it "should redirect to redirect_uri with error message" do
|
|
35
41
|
response = @request.get("/?response_type=token&client_id=client&redirect_uri=http://client.example.com/callback")
|
|
36
42
|
response.status.should == 302
|
|
37
|
-
|
|
43
|
+
error_message = {
|
|
44
|
+
:error => :access_denied,
|
|
45
|
+
:error_description => "User rejected the requested access."
|
|
46
|
+
}
|
|
47
|
+
response.location.should == "http://client.example.com/callback?#{error_message.to_query}"
|
|
38
48
|
end
|
|
39
49
|
|
|
40
50
|
end
|
|
@@ -0,0 +1,103 @@
|
|
|
1
|
+
require 'spec_helper.rb'
|
|
2
|
+
|
|
3
|
+
describe Rack::OAuth2::Server::Authorize::Request do
|
|
4
|
+
|
|
5
|
+
before do
|
|
6
|
+
@request = Rack::OAuth2::Server::Authorize::Request.new(
|
|
7
|
+
Rack::MockRequest.env_for("/authorize", :params => {
|
|
8
|
+
:client_id => "client_id",
|
|
9
|
+
:response_type => "code"
|
|
10
|
+
})
|
|
11
|
+
)
|
|
12
|
+
end
|
|
13
|
+
|
|
14
|
+
describe "#error!" do
|
|
15
|
+
it "should raise BadRequest error" do
|
|
16
|
+
lambda do
|
|
17
|
+
@request.error! :something
|
|
18
|
+
end.should raise_error(Rack::OAuth2::Server::BadRequest) { |e|
|
|
19
|
+
e.error.should == :something
|
|
20
|
+
e.description.should be_nil
|
|
21
|
+
}
|
|
22
|
+
end
|
|
23
|
+
end
|
|
24
|
+
|
|
25
|
+
describe "#invalid_request!" do
|
|
26
|
+
it "should raise BadRequest error" do
|
|
27
|
+
lambda do
|
|
28
|
+
@request.invalid_request!
|
|
29
|
+
end.should raise_error(Rack::OAuth2::Server::BadRequest) { |e|
|
|
30
|
+
e.error.should == :invalid_request
|
|
31
|
+
e.description.should == Rack::OAuth2::Server::Error::Authorize::DEFAULT_DESCRIPTION[:invalid_request]
|
|
32
|
+
}
|
|
33
|
+
end
|
|
34
|
+
end
|
|
35
|
+
|
|
36
|
+
describe "#invalid_client!" do
|
|
37
|
+
it "should raise BadRequest error" do
|
|
38
|
+
lambda do
|
|
39
|
+
@request.invalid_client!
|
|
40
|
+
end.should raise_error(Rack::OAuth2::Server::BadRequest) { |e|
|
|
41
|
+
e.error.should == :invalid_client
|
|
42
|
+
e.description.should == Rack::OAuth2::Server::Error::Authorize::DEFAULT_DESCRIPTION[:invalid_client]
|
|
43
|
+
}
|
|
44
|
+
end
|
|
45
|
+
end
|
|
46
|
+
|
|
47
|
+
describe "#unauthorized_client!" do
|
|
48
|
+
it "should raise BadRequest error" do
|
|
49
|
+
lambda do
|
|
50
|
+
@request.unauthorized_client!
|
|
51
|
+
end.should raise_error(Rack::OAuth2::Server::BadRequest) { |e|
|
|
52
|
+
e.error.should == :unauthorized_client
|
|
53
|
+
e.description.should == Rack::OAuth2::Server::Error::Authorize::DEFAULT_DESCRIPTION[:unauthorized_client]
|
|
54
|
+
}
|
|
55
|
+
end
|
|
56
|
+
end
|
|
57
|
+
|
|
58
|
+
describe "#redirect_uri_mismatch!" do
|
|
59
|
+
it "should raise BadRequest error" do
|
|
60
|
+
lambda do
|
|
61
|
+
@request.redirect_uri_mismatch!
|
|
62
|
+
end.should raise_error(Rack::OAuth2::Server::BadRequest) { |e|
|
|
63
|
+
e.error.should == :redirect_uri_mismatch
|
|
64
|
+
e.description.should == Rack::OAuth2::Server::Error::Authorize::DEFAULT_DESCRIPTION[:redirect_uri_mismatch]
|
|
65
|
+
}
|
|
66
|
+
end
|
|
67
|
+
end
|
|
68
|
+
|
|
69
|
+
describe "#access_denied!" do
|
|
70
|
+
it "should raise BadRequest error" do
|
|
71
|
+
lambda do
|
|
72
|
+
@request.access_denied!
|
|
73
|
+
end.should raise_error(Rack::OAuth2::Server::BadRequest) { |e|
|
|
74
|
+
e.error.should == :access_denied
|
|
75
|
+
e.description.should == Rack::OAuth2::Server::Error::Authorize::DEFAULT_DESCRIPTION[:access_denied]
|
|
76
|
+
}
|
|
77
|
+
end
|
|
78
|
+
end
|
|
79
|
+
|
|
80
|
+
describe "#unsupported_response_type!" do
|
|
81
|
+
it "should raise BadRequest error" do
|
|
82
|
+
lambda do
|
|
83
|
+
@request.unsupported_response_type!
|
|
84
|
+
end.should raise_error(Rack::OAuth2::Server::BadRequest) { |e|
|
|
85
|
+
p e
|
|
86
|
+
e.error.should == :unsupported_response_type
|
|
87
|
+
e.description.should == Rack::OAuth2::Server::Error::Authorize::DEFAULT_DESCRIPTION[:unsupported_response_type]
|
|
88
|
+
}
|
|
89
|
+
end
|
|
90
|
+
end
|
|
91
|
+
|
|
92
|
+
describe "#invalid_scope!" do
|
|
93
|
+
it "should raise BadRequest error" do
|
|
94
|
+
lambda do
|
|
95
|
+
@request.invalid_scope!
|
|
96
|
+
end.should raise_error(Rack::OAuth2::Server::BadRequest) { |e|
|
|
97
|
+
e.error.should == :invalid_scope
|
|
98
|
+
e.description.should == Rack::OAuth2::Server::Error::Authorize::DEFAULT_DESCRIPTION[:invalid_scope]
|
|
99
|
+
}
|
|
100
|
+
end
|
|
101
|
+
end
|
|
102
|
+
|
|
103
|
+
end
|
|
@@ -0,0 +1,69 @@
|
|
|
1
|
+
require 'spec_helper.rb'
|
|
2
|
+
|
|
3
|
+
describe Rack::OAuth2::Server::Resource::Request do
|
|
4
|
+
|
|
5
|
+
before do
|
|
6
|
+
@request = Rack::OAuth2::Server::Resource::Request.new(
|
|
7
|
+
Rack::MockRequest.env_for("/resource", :params => {
|
|
8
|
+
:oauth_token => "oauth_token"
|
|
9
|
+
}), "server.example.com"
|
|
10
|
+
)
|
|
11
|
+
end
|
|
12
|
+
|
|
13
|
+
describe "#error!" do
|
|
14
|
+
it "should raise BadRequest error" do
|
|
15
|
+
lambda do
|
|
16
|
+
@request.error! :something
|
|
17
|
+
end.should raise_error(Rack::OAuth2::Server::Error) { |e|
|
|
18
|
+
e.status.should == 400
|
|
19
|
+
e.error.should == :something
|
|
20
|
+
e.description.should be_nil
|
|
21
|
+
}
|
|
22
|
+
end
|
|
23
|
+
end
|
|
24
|
+
|
|
25
|
+
describe "#invalid_request!" do
|
|
26
|
+
it "should raise BadRequest error" do
|
|
27
|
+
lambda do
|
|
28
|
+
@request.invalid_request!
|
|
29
|
+
end.should raise_error(Rack::OAuth2::Server::BadRequest) { |e|
|
|
30
|
+
e.error.should == :invalid_request
|
|
31
|
+
e.description.should == Rack::OAuth2::Server::Error::Resource::DEFAULT_DESCRIPTION[:invalid_request]
|
|
32
|
+
}
|
|
33
|
+
end
|
|
34
|
+
end
|
|
35
|
+
|
|
36
|
+
describe "#invalid_token!" do
|
|
37
|
+
it "should raise Unauthorized error" do
|
|
38
|
+
lambda do
|
|
39
|
+
@request.invalid_token!
|
|
40
|
+
end.should raise_error(Rack::OAuth2::Server::Unauthorized) { |e|
|
|
41
|
+
e.error.should == :invalid_token
|
|
42
|
+
e.description.should == Rack::OAuth2::Server::Error::Resource::DEFAULT_DESCRIPTION[:invalid_token]
|
|
43
|
+
}
|
|
44
|
+
end
|
|
45
|
+
end
|
|
46
|
+
|
|
47
|
+
describe "#expired_token!" do
|
|
48
|
+
it "should raise Unauthorized error" do
|
|
49
|
+
lambda do
|
|
50
|
+
@request.expired_token!
|
|
51
|
+
end.should raise_error(Rack::OAuth2::Server::Unauthorized) { |e|
|
|
52
|
+
e.error.should == :expired_token
|
|
53
|
+
e.description.should == Rack::OAuth2::Server::Error::Resource::DEFAULT_DESCRIPTION[:expired_token]
|
|
54
|
+
}
|
|
55
|
+
end
|
|
56
|
+
end
|
|
57
|
+
|
|
58
|
+
describe "#insufficient_scope!" do
|
|
59
|
+
it "should raise Forbidden error" do
|
|
60
|
+
lambda do
|
|
61
|
+
@request.insufficient_scope!
|
|
62
|
+
end.should raise_error(Rack::OAuth2::Server::Forbidden) { |e|
|
|
63
|
+
e.error.should == :insufficient_scope
|
|
64
|
+
e.description.should == Rack::OAuth2::Server::Error::Resource::DEFAULT_DESCRIPTION[:insufficient_scope]
|
|
65
|
+
}
|
|
66
|
+
end
|
|
67
|
+
end
|
|
68
|
+
|
|
69
|
+
end
|
|
@@ -0,0 +1,115 @@
|
|
|
1
|
+
require 'spec_helper.rb'
|
|
2
|
+
|
|
3
|
+
describe Rack::OAuth2::Server::Token::Request do
|
|
4
|
+
|
|
5
|
+
before do
|
|
6
|
+
@request = Rack::OAuth2::Server::Token::Request.new(
|
|
7
|
+
Rack::MockRequest.env_for("/token", :params => {
|
|
8
|
+
:client_id => "client_id",
|
|
9
|
+
:grant_type => "authorization_code",
|
|
10
|
+
:code => "code"
|
|
11
|
+
})
|
|
12
|
+
)
|
|
13
|
+
end
|
|
14
|
+
|
|
15
|
+
describe "#error!" do
|
|
16
|
+
it "should raise BadRequest error" do
|
|
17
|
+
lambda do
|
|
18
|
+
@request.error! :something
|
|
19
|
+
end.should raise_error(Rack::OAuth2::Server::BadRequest) { |e|
|
|
20
|
+
e.error.should == :something
|
|
21
|
+
e.description.should be_nil
|
|
22
|
+
}
|
|
23
|
+
end
|
|
24
|
+
end
|
|
25
|
+
|
|
26
|
+
describe "#invalid_request!" do
|
|
27
|
+
it "should raise BadRequest error" do
|
|
28
|
+
lambda do
|
|
29
|
+
@request.invalid_request!
|
|
30
|
+
end.should raise_error(Rack::OAuth2::Server::BadRequest) { |e|
|
|
31
|
+
e.error.should == :invalid_request
|
|
32
|
+
e.description.should == Rack::OAuth2::Server::Error::Token::DEFAULT_DESCRIPTION[:invalid_request]
|
|
33
|
+
}
|
|
34
|
+
end
|
|
35
|
+
end
|
|
36
|
+
|
|
37
|
+
describe "#invalid_client!" do
|
|
38
|
+
it "should raise BadRequest error" do
|
|
39
|
+
lambda do
|
|
40
|
+
@request.invalid_client!
|
|
41
|
+
end.should raise_error(Rack::OAuth2::Server::BadRequest) { |e|
|
|
42
|
+
e.error.should == :invalid_client
|
|
43
|
+
e.description.should == Rack::OAuth2::Server::Error::Token::DEFAULT_DESCRIPTION[:invalid_client]
|
|
44
|
+
}
|
|
45
|
+
end
|
|
46
|
+
|
|
47
|
+
context "when Authorization header is used" do
|
|
48
|
+
it "should raise Unauthorized error" do
|
|
49
|
+
lambda do
|
|
50
|
+
@request.via_authorization_header = true
|
|
51
|
+
@request.invalid_client!
|
|
52
|
+
end.should raise_error(Rack::OAuth2::Server::Unauthorized) { |e|
|
|
53
|
+
e.error.should == :invalid_client
|
|
54
|
+
e.description.should == Rack::OAuth2::Server::Error::Token::DEFAULT_DESCRIPTION[:invalid_client]
|
|
55
|
+
}
|
|
56
|
+
end
|
|
57
|
+
end
|
|
58
|
+
end
|
|
59
|
+
|
|
60
|
+
describe "#unauthorized_client!" do
|
|
61
|
+
it "should raise BadRequest error" do
|
|
62
|
+
lambda do
|
|
63
|
+
@request.unauthorized_client!
|
|
64
|
+
end.should raise_error(Rack::OAuth2::Server::BadRequest) { |e|
|
|
65
|
+
e.error.should == :unauthorized_client
|
|
66
|
+
e.description.should == Rack::OAuth2::Server::Error::Token::DEFAULT_DESCRIPTION[:unauthorized_client]
|
|
67
|
+
}
|
|
68
|
+
end
|
|
69
|
+
end
|
|
70
|
+
|
|
71
|
+
describe "#invalid_grant!" do
|
|
72
|
+
it "should raise BadRequest error" do
|
|
73
|
+
lambda do
|
|
74
|
+
@request.invalid_grant!
|
|
75
|
+
end.should raise_error(Rack::OAuth2::Server::BadRequest) { |e|
|
|
76
|
+
e.error.should == :invalid_grant
|
|
77
|
+
e.description.should == Rack::OAuth2::Server::Error::Token::DEFAULT_DESCRIPTION[:invalid_grant]
|
|
78
|
+
}
|
|
79
|
+
end
|
|
80
|
+
end
|
|
81
|
+
|
|
82
|
+
describe "#unsupported_grant_type!" do
|
|
83
|
+
it "should raise BadRequest error" do
|
|
84
|
+
lambda do
|
|
85
|
+
@request.unsupported_grant_type!
|
|
86
|
+
end.should raise_error(Rack::OAuth2::Server::BadRequest) { |e|
|
|
87
|
+
e.error.should == :unsupported_grant_type
|
|
88
|
+
e.description.should == Rack::OAuth2::Server::Error::Token::DEFAULT_DESCRIPTION[:unsupported_grant_type]
|
|
89
|
+
}
|
|
90
|
+
end
|
|
91
|
+
end
|
|
92
|
+
|
|
93
|
+
describe "#unsupported_response_type!" do
|
|
94
|
+
it "should raise BadRequest error" do
|
|
95
|
+
lambda do
|
|
96
|
+
@request.unsupported_response_type!
|
|
97
|
+
end.should raise_error(Rack::OAuth2::Server::BadRequest) { |e|
|
|
98
|
+
e.error.should == :unsupported_response_type
|
|
99
|
+
e.description.should == Rack::OAuth2::Server::Error::Token::DEFAULT_DESCRIPTION[:unsupported_response_type]
|
|
100
|
+
}
|
|
101
|
+
end
|
|
102
|
+
end
|
|
103
|
+
|
|
104
|
+
describe "#invalid_scope!" do
|
|
105
|
+
it "should raise BadRequest error" do
|
|
106
|
+
lambda do
|
|
107
|
+
@request.invalid_scope!
|
|
108
|
+
end.should raise_error(Rack::OAuth2::Server::BadRequest) { |e|
|
|
109
|
+
e.error.should == :invalid_scope
|
|
110
|
+
e.description.should == Rack::OAuth2::Server::Error::Token::DEFAULT_DESCRIPTION[:invalid_scope]
|
|
111
|
+
}
|
|
112
|
+
end
|
|
113
|
+
end
|
|
114
|
+
|
|
115
|
+
end
|