rack-oauth2 0.14.6 → 0.14.7

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (28) hide show
  1. data/Gemfile.lock +1 -1
  2. data/VERSION +1 -1
  3. data/lib/rack/oauth2.rb +8 -1
  4. data/lib/rack/oauth2/access_token/mac.rb +12 -6
  5. data/lib/rack/oauth2/access_token/mac/sha256_hex_verifier.rb +1 -1
  6. data/lib/rack/oauth2/access_token/mac/verifier.rb +0 -1
  7. data/spec/rack/oauth2/access_token/mac/sha256_hex_verifier_spec.rb +10 -0
  8. data/spec/rack/oauth2/access_token/mac/verifier_spec.rb +1 -1
  9. data/spec/rack/oauth2/access_token/mac_spec.rb +3 -4
  10. data/spec/rack/oauth2/access_token_spec.rb +2 -2
  11. data/spec/rack/oauth2/client/grant/authorization_code_spec.rb +1 -1
  12. data/spec/rack/oauth2/client/grant/password_spec.rb +2 -2
  13. data/spec/rack/oauth2/client/grant/refresh_token_spec.rb +1 -1
  14. data/spec/rack/oauth2/client_spec.rb +5 -5
  15. data/spec/rack/oauth2/oauth2_spec.rb +29 -0
  16. data/spec/rack/oauth2/server/authorize/code_spec.rb +2 -2
  17. data/spec/rack/oauth2/server/authorize/error_spec.rb +5 -5
  18. data/spec/rack/oauth2/server/authorize/token_spec.rb +2 -2
  19. data/spec/rack/oauth2/server/authorize_spec.rb +10 -10
  20. data/spec/rack/oauth2/server/resource/bearer/error_spec.rb +2 -2
  21. data/spec/rack/oauth2/server/resource/error_spec.rb +6 -6
  22. data/spec/rack/oauth2/server/resource/mac/error_spec.rb +2 -2
  23. data/spec/rack/oauth2/server/resource/mac_spec.rb +7 -1
  24. data/spec/rack/oauth2/server/resource_spec.rb +2 -2
  25. data/spec/rack/oauth2/server/token/error_spec.rb +4 -4
  26. data/spec/rack/oauth2/server/token_spec.rb +1 -1
  27. data/spec/rack/oauth2/util_spec.rb +3 -3
  28. metadata +2 -2
data/Gemfile.lock CHANGED
@@ -1,7 +1,7 @@
1
1
  PATH
2
2
  remote: .
3
3
  specs:
4
- rack-oauth2 (0.14.5)
4
+ rack-oauth2 (0.14.6)
5
5
  activesupport (>= 2.3)
6
6
  attr_required (>= 0.0.5)
7
7
  httpclient (>= 2.2.0.2)
data/VERSION CHANGED
@@ -1 +1 @@
1
- 0.14.6
1
+ 0.14.7
data/lib/rack/oauth2.rb CHANGED
@@ -39,17 +39,24 @@ module Rack
39
39
  end
40
40
  self.debugging = false
41
41
 
42
- def self.http_client(agent_name = "Rack::OAuth2 (#{VERSION})")
42
+ def self.http_client(agent_name = "Rack::OAuth2 (#{VERSION})", &local_http_config)
43
43
  _http_client_ = HTTPClient.new(
44
44
  :agent_name => agent_name
45
45
  )
46
46
  http_config.try(:call, _http_client_)
47
+ local_http_config.try(:call, _http_client_) unless local_http_config.nil?
47
48
  _http_client_.request_filter << Debugger::RequestFilter.new if debugging?
48
49
  _http_client_
49
50
  end
51
+
50
52
  def self.http_config(&block)
51
53
  @@http_config ||= block
52
54
  end
55
+
56
+ def self.reset_http_config!
57
+ @@http_config = nil
58
+ end
59
+
53
60
  end
54
61
  end
55
62
 
data/lib/rack/oauth2/access_token/mac.rb CHANGED
@@ -3,12 +3,13 @@ module Rack
3
3
  class AccessToken
4
4
  class MAC < AccessToken
5
5
  attr_required :mac_key, :mac_algorithm
6
- attr_optional :ts, :ext_verifier
6
+ attr_optional :ts, :ext_verifier, :ts_expires_in
7
7
  attr_reader :nonce, :signature, :ext
8
8
 
9
9
  def initialize(attributes = {})
10
10
  super(attributes)
11
- @ts ||= Time.now.utc
11
+ @issued_at = Time.now.utc
12
+ @ts_expires_in ||= 5.minutes
12
13
  end
13
14
 
14
15
  def token_response
@@ -19,7 +20,6 @@ module Rack
19
20
  end
20
21
 
21
22
  def verify!(request)
22
-
23
23
  body = request.body.read
24
24
  if self.ext_verifier.present?
25
25
  self.ext_verifier.new(
@@ -28,6 +28,11 @@ module Rack
28
28
  ).verify!(request.ext)
29
29
  end
30
30
 
31
+ now = Time.now.utc.to_i
32
+ now = @ts.to_i if @ts.present?
33
+
34
+ raise Rack::OAuth2::AccessToken::MAC::Verifier::VerificationFailed.new("Request ts expired") if now - request.ts.to_i > @ts_expires_in.to_i
35
+
31
36
  Signature.new(
32
37
  :secret => self.mac_key,
33
38
  :algorithm => self.mac_algorithm,
@@ -45,6 +50,7 @@ module Rack
45
50
 
46
51
  def authenticate(request)
47
52
  @nonce = generate_nonce
53
+ @ts_generated = @ts || Time.now.utc
48
54
 
49
55
  if self.ext_verifier.present?
50
56
  @ext = self.ext_verifier.new(
@@ -61,7 +67,7 @@ module Rack
61
67
  :request_uri => request.header.create_query_uri,
62
68
  :host => request.header.request_uri.host,
63
69
  :port => request.header.request_uri.port,
64
- :ts => self.ts,
70
+ :ts => @ts_generated,
65
71
  :ext => @ext
66
72
  ).calculate
67
73
 
@@ -73,7 +79,7 @@ module Rack
73
79
  def authorization_header
74
80
  header = "MAC id=\"#{access_token}\""
75
81
  header << ", nonce=\"#{nonce}\""
76
- header << ", ts=\"#{ts.to_i}\""
82
+ header << ", ts=\"#{@ts_generated.to_i}\""
77
83
  header << ", mac=\"#{signature}\""
78
84
  header << ", ext=\"#{ext}\"" if @ext.present?
79
85
  header
@@ -81,7 +87,7 @@ module Rack
81
87
 
82
88
  def generate_nonce
83
89
  [
84
- (Time.now.utc - @ts).to_i,
90
+ (Time.now.utc - @issued_at).to_i,
85
91
  SecureRandom.hex
86
92
  ].join(':')
87
93
  end
data/lib/rack/oauth2/access_token/mac/sha256_hex_verifier.rb CHANGED
@@ -6,7 +6,7 @@ module Rack
6
6
  attr_optional :raw_body
7
7
 
8
8
  def calculate
9
- return nil if raw_body.nil?
9
+ return nil unless raw_body.present?
10
10
 
11
11
  OpenSSL::Digest::SHA256.new.digest(raw_body).unpack('H*').first
12
12
  end
data/lib/rack/oauth2/access_token/mac/verifier.rb CHANGED
@@ -18,7 +18,6 @@ module Rack
18
18
  end
19
19
 
20
20
  def verify!(expected)
21
- puts "verifying #{expected} = #{self.calculate}"
22
21
  if expected == self.calculate
23
22
  :verified
24
23
  else
data/spec/rack/oauth2/access_token/mac/sha256_hex_verifier_spec.rb CHANGED
@@ -15,4 +15,14 @@ describe Rack::OAuth2::AccessToken::MAC::Sha256HexVerifier do
15
15
  end
16
16
 
17
17
 
18
+ context 'when raw_body is empty' do
19
+ subject do
20
+ Rack::OAuth2::AccessToken::MAC::Sha256HexVerifier.new(
21
+ :algorithm => 'hmac-sha-256',
22
+ :raw_body => ''
23
+ )
24
+ end
25
+ its(:calculate) { should be_nil }
26
+ end
27
+
18
28
  end
data/spec/rack/oauth2/access_token/mac/verifier_spec.rb CHANGED
@@ -17,7 +17,7 @@ describe Rack::OAuth2::AccessToken::MAC::Verifier do
17
17
  context 'otherwise' do
18
18
  let(:algorithm) { 'invalid' }
19
19
  it do
20
- expect { verifier.send(:hash_generator) }.should raise_error(StandardError, 'Unsupported Algorithm')
20
+ expect { verifier.send(:hash_generator) }.to raise_error(StandardError, 'Unsupported Algorithm')
21
21
  end
22
22
  end
23
23
 
data/spec/rack/oauth2/access_token/mac_spec.rb CHANGED
@@ -60,7 +60,7 @@ describe Rack::OAuth2::AccessToken::MAC do
60
60
  context 'otherwise' do
61
61
  let(:signature) { 'invalid' }
62
62
  it do
63
- expect { token.verify!(request.setup!) }.should raise_error(
63
+ expect { token.verify!(request.setup!) }.to raise_error(
64
64
  Rack::OAuth2::Server::Resource::MAC::Unauthorized,
65
65
  'invalid_token :: Signature Invalid'
66
66
  )
@@ -84,7 +84,7 @@ describe Rack::OAuth2::AccessToken::MAC do
84
84
  context 'when ext is invalid' do
85
85
  let(:ext) { 'invalid' }
86
86
  it do
87
- expect { token_with_ext_verifier.verify!(request.setup!) }.should raise_error(
87
+ expect { token_with_ext_verifier.verify!(request.setup!) }.to raise_error(
88
88
  Rack::OAuth2::Server::Resource::MAC::Unauthorized,
89
89
  'invalid_token :: Sha256HexVerifier Invalid'
90
90
  )
@@ -98,7 +98,6 @@ describe Rack::OAuth2::AccessToken::MAC do
98
98
  let(:signature) { 'dZYR54n+Lym5qCRRmDqmRZ71rG+bkjSWmqrOv8OjYHk=' }
99
99
  it do
100
100
  Time.fix(Time.at(1302361200)) do
101
-
102
101
  token_with_ext_verifier.verify!(request.setup!).should == :verified
103
102
  end
104
103
  end
@@ -106,7 +105,7 @@ describe Rack::OAuth2::AccessToken::MAC do
106
105
 
107
106
  context 'otherwise' do
108
107
  it do
109
- expect { token.verify!(request.setup!) }.should raise_error(
108
+ expect { token.verify!(request.setup!) }.to raise_error(
110
109
  Rack::OAuth2::Server::Resource::MAC::Unauthorized,
111
110
  'invalid_token :: Signature Invalid'
112
111
  )
data/spec/rack/oauth2/access_token_spec.rb CHANGED
@@ -33,7 +33,7 @@ describe Rack::OAuth2::AccessToken do
33
33
  :expires_in => 3600,
34
34
  :scope => [:scope1, :scope2]
35
35
  )
36
- end.should raise_error AttrRequired::AttrMissing
36
+ end.to raise_error AttrRequired::AttrMissing
37
37
  end
38
38
  end
39
39
 
@@ -43,7 +43,7 @@ describe Rack::OAuth2::AccessToken do
43
43
  Rack::OAuth2::AccessToken::Bearer.new(
44
44
  :access_token => 'access_token'
45
45
  )
46
- end.should_not raise_error
46
+ end.not_to raise_error
47
47
  end
48
48
  end
49
49
 
data/spec/rack/oauth2/client/grant/authorization_code_spec.rb CHANGED
@@ -31,7 +31,7 @@ describe Rack::OAuth2::Client::Grant::AuthorizationCode do
31
31
 
32
32
  context 'otherwise' do
33
33
  it do
34
- expect { grant.new }.should raise_error AttrRequired::AttrMissing
34
+ expect { grant.new }.to raise_error AttrRequired::AttrMissing
35
35
  end
36
36
  end
37
37
  end
data/spec/rack/oauth2/client/grant/password_spec.rb CHANGED
@@ -20,14 +20,14 @@ describe Rack::OAuth2::Client::Grant::Password do
20
20
 
21
21
  context 'otherwise' do
22
22
  it do
23
- expect { grant.new attributes }.should raise_error AttrRequired::AttrMissing
23
+ expect { grant.new attributes }.to raise_error AttrRequired::AttrMissing
24
24
  end
25
25
  end
26
26
  end
27
27
 
28
28
  context 'otherwise' do
29
29
  it do
30
- expect { grant.new }.should raise_error AttrRequired::AttrMissing
30
+ expect { grant.new }.to raise_error AttrRequired::AttrMissing
31
31
  end
32
32
  end
33
33
  end
data/spec/rack/oauth2/client/grant/refresh_token_spec.rb CHANGED
@@ -15,7 +15,7 @@ describe Rack::OAuth2::Client::Grant::RefreshToken do
15
15
 
16
16
  context 'otherwise' do
17
17
  it do
18
- expect { grant.new }.should raise_error AttrRequired::AttrMissing
18
+ expect { grant.new }.to raise_error AttrRequired::AttrMissing
19
19
  end
20
20
  end
21
21
  end
data/spec/rack/oauth2/client_spec.rb CHANGED
@@ -18,7 +18,7 @@ describe Rack::OAuth2::Client do
18
18
 
19
19
  context 'when identifier is missing' do
20
20
  it do
21
- expect { Rack::OAuth2::Client.new }.should raise_error AttrRequired::AttrMissing
21
+ expect { Rack::OAuth2::Client.new }.to raise_error AttrRequired::AttrMissing
22
22
  end
23
23
  end
24
24
 
@@ -211,7 +211,7 @@ describe Rack::OAuth2::Client do
211
211
  )
212
212
  end
213
213
  it do
214
- expect { client.access_token! }.should raise_error(StandardError, 'Unknown Token Type')
214
+ expect { client.access_token! }.to raise_error(StandardError, 'Unknown Token Type')
215
215
  end
216
216
  end
217
217
 
@@ -225,7 +225,7 @@ describe Rack::OAuth2::Client do
225
225
  )
226
226
  end
227
227
  it do
228
- expect { client.access_token! }.should raise_error Rack::OAuth2::Client::Error
228
+ expect { client.access_token! }.to raise_error Rack::OAuth2::Client::Error
229
229
  end
230
230
  end
231
231
  end
@@ -241,13 +241,13 @@ describe Rack::OAuth2::Client do
241
241
 
242
242
  describe '#authorization_uri' do
243
243
  it do
244
- expect { client.authorization_uri }.should raise_error 'No Host Info'
244
+ expect { client.authorization_uri }.to raise_error 'No Host Info'
245
245
  end
246
246
  end
247
247
 
248
248
  describe '#access_token!' do
249
249
  it do
250
- expect { client.access_token! }.should raise_error 'No Host Info'
250
+ expect { client.access_token! }.to raise_error 'No Host Info'
251
251
  end
252
252
  end
253
253
  end
data/spec/rack/oauth2/oauth2_spec.rb CHANGED
@@ -32,6 +32,8 @@ describe Rack::OAuth2 do
32
32
  describe '.http_config' do
33
33
  context 'when request_filter added' do
34
34
  context 'when "debug!" is called' do
35
+ after { Rack::OAuth2.reset_http_config! }
36
+
35
37
  it 'should put Debugger::RequestFilter at last' do
36
38
  Rack::OAuth2.debug!
37
39
  Rack::OAuth2.http_config do |config|
@@ -39,6 +41,33 @@ describe Rack::OAuth2 do
39
41
  end
40
42
  Rack::OAuth2.http_client.request_filter.last.should be_instance_of Rack::OAuth2::Debugger::RequestFilter
41
43
  end
44
+
45
+ it 'should reset_http_config' do
46
+ Rack::OAuth2.debug!
47
+ Rack::OAuth2.http_config do |config|
48
+ config.request_filter << Proc.new {}
49
+ end
50
+ size = Rack::OAuth2.http_client.request_filter.size
51
+ Rack::OAuth2.reset_http_config!
52
+ Rack::OAuth2.http_client.request_filter.size.should == size - 1
53
+ end
54
+
55
+ end
56
+ end
57
+ end
58
+
59
+ describe ".http_client" do
60
+ context "when local_http_config is used" do
61
+ it "should correctly set request_filter" do
62
+ clnt1 = Rack::OAuth2.http_client
63
+ clnt2 = Rack::OAuth2.http_client("my client") do |config|
64
+ config.request_filter << Proc.new {}
65
+ end
66
+ clnt3 = Rack::OAuth2.http_client
67
+
68
+ clnt1.request_filter.size.should == clnt3.request_filter.size
69
+ clnt1.request_filter.size.should == clnt2.request_filter.size - 1
70
+
42
71
  end
43
72
  end
44
73
  end
data/spec/rack/oauth2/server/authorize/code_spec.rb CHANGED
@@ -26,14 +26,14 @@ describe Rack::OAuth2::Server::Authorize::Code do
26
26
  context 'when redirect_uri is missing' do
27
27
  let(:redirect_uri) { nil }
28
28
  it do
29
- expect { response }.should raise_error AttrRequired::AttrMissing
29
+ expect { response }.to raise_error AttrRequired::AttrMissing
30
30
  end
31
31
  end
32
32
 
33
33
  context 'when code is missing' do
34
34
  let(:authorization_code) { nil }
35
35
  it do
36
- expect { response }.should raise_error AttrRequired::AttrMissing
36
+ expect { response }.to raise_error AttrRequired::AttrMissing
37
37
  end
38
38
  end
39
39
  end
data/spec/rack/oauth2/server/authorize/error_spec.rb CHANGED
@@ -50,7 +50,7 @@ describe Rack::OAuth2::Server::Authorize::BadRequest do
50
50
 
51
51
  context 'otherwise' do
52
52
  it 'should raise itself' do
53
- expect { error.finish }.should raise_error(klass) { |e|
53
+ expect { error.finish }.to raise_error(klass) { |e|
54
54
  e.should == error
55
55
  }
56
56
  end
@@ -69,12 +69,12 @@ describe Rack::OAuth2::Server::Authorize::ErrorMethods do
69
69
 
70
70
  describe 'bad_request!' do
71
71
  it do
72
- expect { request.bad_request! }.should raise_error klass
72
+ expect { request.bad_request! }.to raise_error klass
73
73
  end
74
74
 
75
75
  context 'when response_type = :code' do
76
76
  it 'should set protocol_params_location = :query' do
77
- expect { request_for_code.bad_request! }.should raise_error(klass) { |e|
77
+ expect { request_for_code.bad_request! }.to raise_error(klass) { |e|
78
78
  e.protocol_params_location.should == :query
79
79
  }
80
80
  end
@@ -82,7 +82,7 @@ describe Rack::OAuth2::Server::Authorize::ErrorMethods do
82
82
 
83
83
  context 'when response_type = :token' do
84
84
  it 'should set protocol_params_location = :fragment' do
85
- expect { request_for_token.bad_request! }.should raise_error(klass) { |e|
85
+ expect { request_for_token.bad_request! }.to raise_error(klass) { |e|
86
86
  e.protocol_params_location.should == :fragment
87
87
  }
88
88
  end
@@ -93,7 +93,7 @@ describe Rack::OAuth2::Server::Authorize::ErrorMethods do
93
93
  method = "#{error_code}!"
94
94
  describe method do
95
95
  it "should raise Rack::OAuth2::Server::Authorize::BadRequest with error = :#{error_code}" do
96
- expect { request.send method }.should raise_error(klass) { |error|
96
+ expect { request.send method }.to raise_error(klass) { |error|
97
97
  error.error.should == error_code
98
98
  error.description.should == default_description[error_code]
99
99
  }
data/spec/rack/oauth2/server/authorize/token_spec.rb CHANGED
@@ -37,7 +37,7 @@ describe Rack::OAuth2::Server::Authorize::Token do
37
37
  end
38
38
  end
39
39
  it do
40
- expect { response }.should raise_error AttrRequired::AttrMissing
40
+ expect { response }.to raise_error AttrRequired::AttrMissing
41
41
  end
42
42
  end
43
43
 
@@ -49,7 +49,7 @@ describe Rack::OAuth2::Server::Authorize::Token do
49
49
  end
50
50
  end
51
51
  it do
52
- expect { response }.should raise_error AttrRequired::AttrMissing
52
+ expect { response }.to raise_error AttrRequired::AttrMissing
53
53
  end
54
54
  end
55
55
  end
data/spec/rack/oauth2/server/authorize_spec.rb CHANGED
@@ -8,25 +8,25 @@ describe Rack::OAuth2::Server::Authorize do
8
8
 
9
9
  context 'when response_type is missing' do
10
10
  it do
11
- expect { request.get "/?client_id=client&redirect_uri=#{redirect_uri}" }.should raise_error bad_request
11
+ expect { request.get "/?client_id=client&redirect_uri=#{redirect_uri}" }.to raise_error bad_request
12
12
  end
13
13
  end
14
14
 
15
15
  context 'when redirect_uri is missing' do
16
16
  it do
17
- expect { request.get "/?response_type=code&client_id=client" }.should_not raise_error
17
+ expect { request.get "/?response_type=code&client_id=client" }.not_to raise_error
18
18
  end
19
19
  end
20
20
 
21
21
  context 'when client_id is missing' do
22
22
  it do
23
- expect { request.get "/?response_type=code&redirect_uri=#{redirect_uri}" }.should raise_error bad_request
23
+ expect { request.get "/?response_type=code&redirect_uri=#{redirect_uri}" }.to raise_error bad_request
24
24
  end
25
25
  end
26
26
 
27
27
  context 'when unknown response_type is given' do
28
28
  it do
29
- expect { request.get "/?response_type=unknown&client_id=client&redirect_uri=#{redirect_uri}" }.should raise_error bad_request
29
+ expect { request.get "/?response_type=unknown&client_id=client&redirect_uri=#{redirect_uri}" }.to raise_error bad_request
30
30
  end
31
31
  end
32
32
 
@@ -40,8 +40,8 @@ describe Rack::OAuth2::Server::Authorize do
40
40
  end
41
41
 
42
42
  describe Rack::OAuth2::Server::Authorize::Request do
43
- let(:env) { Rack::MockRequest.env_for("/authorize?client_id=client&redirect_uri=#{redirect_uri}") }
44
- let(:request) { Rack::OAuth2::Server::Authorize::Request.new env }
43
+ let(:env) { Rack::MockRequest.env_for("/authorize?client_id=client&redirect_uri=#{redirect_uri}") }
44
+ let(:request) { Rack::OAuth2::Server::Authorize::Request.new env }
45
45
 
46
46
  describe '#varified_redirect_uri' do
47
47
  context 'when an Array of pre-registered URIs are given' do
@@ -68,7 +68,7 @@ describe Rack::OAuth2::Server::Authorize do
68
68
  it do
69
69
  expect do
70
70
  request.verify_redirect_uri!(pre_registered)
71
- end.should raise_error Rack::OAuth2::Server::Authorize::BadRequest
71
+ end.to raise_error Rack::OAuth2::Server::Authorize::BadRequest
72
72
  end
73
73
  end
74
74
  end
@@ -93,7 +93,7 @@ describe Rack::OAuth2::Server::Authorize do
93
93
  it do
94
94
  expect do
95
95
  request.verify_redirect_uri!(pre_registered)
96
- end.should raise_error Rack::OAuth2::Server::Authorize::BadRequest
96
+ end.to raise_error Rack::OAuth2::Server::Authorize::BadRequest
97
97
  end
98
98
  end
99
99
  end
@@ -103,7 +103,7 @@ describe Rack::OAuth2::Server::Authorize do
103
103
  it do
104
104
  expect do
105
105
  request.verify_redirect_uri!(pre_registered)
106
- end.should raise_error Rack::OAuth2::Server::Authorize::BadRequest
106
+ end.to raise_error Rack::OAuth2::Server::Authorize::BadRequest
107
107
  end
108
108
  end
109
109
 
@@ -151,7 +151,7 @@ describe Rack::OAuth2::Server::Authorize do
151
151
  it do
152
152
  expect do
153
153
  app.send(:response_type_for, request)
154
- end.should raise_error bad_request
154
+ end.to raise_error bad_request
155
155
  end
156
156
  end
157
157
 
data/spec/rack/oauth2/server/resource/bearer/error_spec.rb CHANGED
@@ -27,7 +27,7 @@ describe Rack::OAuth2::Server::Resource::Bearer::ErrorMethods do
27
27
 
28
28
  describe 'unauthorized!' do
29
29
  it do
30
- expect { request.unauthorized! :invalid_client }.should raise_error unauthorized
30
+ expect { request.unauthorized! :invalid_client }.to raise_error unauthorized
31
31
  end
32
32
  end
33
33
 
@@ -41,7 +41,7 @@ describe Rack::OAuth2::Server::Resource::Bearer::ErrorMethods do
41
41
  else
42
42
  describe method do
43
43
  it "should raise Rack::OAuth2::Server::Resource::Bearer::Unauthorized with error = :#{error_code}" do
44
- expect { request.send method }.should raise_error(unauthorized) { |error|
44
+ expect { request.send method }.to raise_error(unauthorized) { |error|
45
45
  error.error.should == error_code
46
46
  error.description.should == default_description[error_code]
47
47
  }
data/spec/rack/oauth2/server/resource/error_spec.rb CHANGED
@@ -23,7 +23,7 @@ describe Rack::OAuth2::Server::Resource::Unauthorized do
23
23
 
24
24
  describe '#scheme' do
25
25
  it do
26
- expect { error.scheme }.should raise_error(RuntimeError, 'Define me!')
26
+ expect { error.scheme }.to raise_error(RuntimeError, 'Define me!')
27
27
  end
28
28
  end
29
29
 
@@ -105,13 +105,13 @@ describe Rack::OAuth2::Server::Resource::Bearer::ErrorMethods do
105
105
 
106
106
  describe 'bad_request!' do
107
107
  it do
108
- expect { request.bad_request! :invalid_request }.should raise_error bad_request
108
+ expect { request.bad_request! :invalid_request }.to raise_error bad_request
109
109
  end
110
110
  end
111
111
 
112
112
  describe 'unauthorized!' do
113
113
  it do
114
- expect { request.unauthorized! :invalid_client }.should raise_error(RuntimeError, 'Define me!')
114
+ expect { request.unauthorized! :invalid_client }.to raise_error(RuntimeError, 'Define me!')
115
115
  end
116
116
  end
117
117
 
@@ -121,7 +121,7 @@ describe Rack::OAuth2::Server::Resource::Bearer::ErrorMethods do
121
121
  when :invalid_request
122
122
  describe method do
123
123
  it "should raise Rack::OAuth2::Server::Resource::BadRequest with error = :#{error_code}" do
124
- expect { request.send method }.should raise_error(bad_request) { |error|
124
+ expect { request.send method }.to raise_error(bad_request) { |error|
125
125
  error.error.should == error_code
126
126
  error.description.should == default_description[error_code]
127
127
  }
@@ -130,7 +130,7 @@ describe Rack::OAuth2::Server::Resource::Bearer::ErrorMethods do
130
130
  when :insufficient_scope
131
131
  describe method do
132
132
  it "should raise Rack::OAuth2::Server::Resource::Forbidden with error = :#{error_code}" do
133
- expect { request.send method }.should raise_error(forbidden) { |error|
133
+ expect { request.send method }.to raise_error(forbidden) { |error|
134
134
  error.error.should == error_code
135
135
  error.description.should == default_description[error_code]
136
136
  }
@@ -139,7 +139,7 @@ describe Rack::OAuth2::Server::Resource::Bearer::ErrorMethods do
139
139
  else
140
140
  describe method do
141
141
  it do
142
- expect { request.send method }.should raise_error(RuntimeError, 'Define me!')
142
+ expect { request.send method }.to raise_error(RuntimeError, 'Define me!')
143
143
  end
144
144
  end
145
145
  end
data/spec/rack/oauth2/server/resource/mac/error_spec.rb CHANGED
@@ -27,7 +27,7 @@ describe Rack::OAuth2::Server::Resource::MAC::ErrorMethods do
27
27
 
28
28
  describe 'unauthorized!' do
29
29
  it do
30
- expect { request.unauthorized! :invalid_client }.should raise_error unauthorized
30
+ expect { request.unauthorized! :invalid_client }.to raise_error unauthorized
31
31
  end
32
32
  end
33
33
 
@@ -41,7 +41,7 @@ describe Rack::OAuth2::Server::Resource::MAC::ErrorMethods do
41
41
  else
42
42
  describe method do
43
43
  it "should raise Rack::OAuth2::Server::Resource::Bearer::Unauthorized with error = :#{error_code}" do
44
- expect { request.send method }.should raise_error(unauthorized) { |error|
44
+ expect { request.send method }.to raise_error(unauthorized) { |error|
45
45
  error.error.should == error_code
46
46
  error.description.should == default_description[error_code]
47
47
  }
data/spec/rack/oauth2/server/resource/mac_spec.rb CHANGED
@@ -19,7 +19,8 @@ describe Rack::OAuth2::Server::Resource::MAC do
19
19
  Rack::OAuth2::AccessToken::MAC.new(
20
20
  :access_token => 'valid_token',
21
21
  :mac_key => 'secret',
22
- :mac_algorithm => 'hmac-sha-256'
22
+ :mac_algorithm => 'hmac-sha-256',
23
+ :ts => 1305820230 # fix verification time
23
24
  )
24
25
  end
25
26
  let(:access_token) { env[Rack::OAuth2::Server::Resource::ACCESS_TOKEN] }
@@ -80,6 +81,11 @@ describe Rack::OAuth2::Server::Resource::MAC do
80
81
  let(:env) { Rack::MockRequest.env_for('/protected_resource', 'HTTP_AUTHORIZATION' => 'MAC id="valid_token", nonce="51e74de734c05613f37520872e68db5f", ts="1305820234", mac="26JP6MMZyAHLHeMU8+m+NbVJgZbikp5SlT86/a62pwg="') }
81
82
  it_behaves_like :authenticated_mac_request
82
83
  end
84
+
85
+ context 'when all required params are valid and ts is expired' do
86
+ let(:env) { Rack::MockRequest.env_for('/protected_resource', 'HTTP_AUTHORIZATION' => 'MAC id="valid_token", nonce="51e74de734c05613f37520872e68db5f", ts="1305819234", mac="nuo4765MZrVL/qMsAtuTczhqZAE5y02ChaLCyOiVU68="') }
87
+ it_behaves_like :unauthorized_mac_request
88
+ end
83
89
  end
84
90
 
85
91
  context 'when invalid_token is given' do
data/spec/rack/oauth2/server/resource_spec.rb CHANGED
@@ -11,13 +11,13 @@ describe Rack::OAuth2::Server::Resource::Request do
11
11
 
12
12
  describe '#setup!' do
13
13
  it do
14
- expect { request.setup! }.should raise_error(RuntimeError, 'Define me!')
14
+ expect { request.setup! }.to raise_error(RuntimeError, 'Define me!')
15
15
  end
16
16
  end
17
17
 
18
18
  describe '#oauth2?' do
19
19
  it do
20
- expect { request.oauth2? }.should raise_error(RuntimeError, 'Define me!')
20
+ expect { request.oauth2? }.to raise_error(RuntimeError, 'Define me!')
21
21
  end
22
22
  end
23
23
  end
data/spec/rack/oauth2/server/token/error_spec.rb CHANGED
@@ -41,13 +41,13 @@ describe Rack::OAuth2::Server::Token::ErrorMethods do
41
41
 
42
42
  describe 'bad_request!' do
43
43
  it do
44
- expect { request.bad_request! :invalid_request }.should raise_error bad_request
44
+ expect { request.bad_request! :invalid_request }.to raise_error bad_request
45
45
  end
46
46
  end
47
47
 
48
48
  describe 'unauthorized!' do
49
49
  it do
50
- expect { request.unauthorized! :invalid_client }.should raise_error unauthorized
50
+ expect { request.unauthorized! :invalid_client }.to raise_error unauthorized
51
51
  end
52
52
  end
53
53
 
@@ -57,7 +57,7 @@ describe Rack::OAuth2::Server::Token::ErrorMethods do
57
57
  when :invalid_client
58
58
  describe method do
59
59
  it "should raise Rack::OAuth2::Server::Token::Unauthorized with error = :#{error_code}" do
60
- expect { request.send method }.should raise_error(unauthorized) { |error|
60
+ expect { request.send method }.to raise_error(unauthorized) { |error|
61
61
  error.error.should == error_code
62
62
  error.description.should == default_description[error_code]
63
63
  }
@@ -66,7 +66,7 @@ describe Rack::OAuth2::Server::Token::ErrorMethods do
66
66
  else
67
67
  describe method do
68
68
  it "should raise Rack::OAuth2::Server::Token::BadRequest with error = :#{error_code}" do
69
- expect { request.send method }.should raise_error(bad_request) { |error|
69
+ expect { request.send method }.to raise_error(bad_request) { |error|
70
70
  error.error.should == error_code
71
71
  error.description.should == default_description[error_code]
72
72
  }
data/spec/rack/oauth2/server/token_spec.rb CHANGED
@@ -96,7 +96,7 @@ describe Rack::OAuth2::Server::Token do
96
96
  Rack::OAuth2::Server::Token.new
97
97
  end
98
98
  it do
99
- expect { request.post('/', :params => params) }.should raise_error AttrRequired::AttrMissing
99
+ expect { request.post('/', :params => params) }.to raise_error AttrRequired::AttrMissing
100
100
  end
101
101
  end
102
102
  end
data/spec/rack/oauth2/util_spec.rb CHANGED
@@ -40,14 +40,14 @@ describe Rack::OAuth2::Util do
40
40
  it do
41
41
  expect do
42
42
  util.parse_uri '::'
43
- end.should raise_error URI::InvalidURIError
43
+ end.to raise_error URI::InvalidURIError
44
44
  end
45
45
  end
46
46
 
47
47
  context 'otherwise' do
48
48
  it do
49
- expect { util.parse_uri nil }.should raise_error StandardError
50
- expect { util.parse_uri 123 }.should raise_error StandardError
49
+ expect { util.parse_uri nil }.to raise_error StandardError
50
+ expect { util.parse_uri 123 }.to raise_error StandardError
51
51
  end
52
52
  end
53
53
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: rack-oauth2
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.14.6
4
+ version: 0.14.7
5
5
  prerelease:
6
6
  platform: ruby
7
7
  authors:
@@ -9,7 +9,7 @@ authors:
9
9
  autorequire:
10
10
  bindir: bin
11
11
  cert_chain: []
12
- date: 2012-08-07 00:00:00.000000000 Z
12
+ date: 2012-08-09 00:00:00.000000000 Z
13
13
  dependencies:
14
14
  - !ruby/object:Gem::Dependency
15
15
  name: rack