rack-oauth2 0.14.6 → 0.14.7
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/Gemfile.lock +1 -1
- data/VERSION +1 -1
- data/lib/rack/oauth2.rb +8 -1
- data/lib/rack/oauth2/access_token/mac.rb +12 -6
- data/lib/rack/oauth2/access_token/mac/sha256_hex_verifier.rb +1 -1
- data/lib/rack/oauth2/access_token/mac/verifier.rb +0 -1
- data/spec/rack/oauth2/access_token/mac/sha256_hex_verifier_spec.rb +10 -0
- data/spec/rack/oauth2/access_token/mac/verifier_spec.rb +1 -1
- data/spec/rack/oauth2/access_token/mac_spec.rb +3 -4
- data/spec/rack/oauth2/access_token_spec.rb +2 -2
- data/spec/rack/oauth2/client/grant/authorization_code_spec.rb +1 -1
- data/spec/rack/oauth2/client/grant/password_spec.rb +2 -2
- data/spec/rack/oauth2/client/grant/refresh_token_spec.rb +1 -1
- data/spec/rack/oauth2/client_spec.rb +5 -5
- data/spec/rack/oauth2/oauth2_spec.rb +29 -0
- data/spec/rack/oauth2/server/authorize/code_spec.rb +2 -2
- data/spec/rack/oauth2/server/authorize/error_spec.rb +5 -5
- data/spec/rack/oauth2/server/authorize/token_spec.rb +2 -2
- data/spec/rack/oauth2/server/authorize_spec.rb +10 -10
- data/spec/rack/oauth2/server/resource/bearer/error_spec.rb +2 -2
- data/spec/rack/oauth2/server/resource/error_spec.rb +6 -6
- data/spec/rack/oauth2/server/resource/mac/error_spec.rb +2 -2
- data/spec/rack/oauth2/server/resource/mac_spec.rb +7 -1
- data/spec/rack/oauth2/server/resource_spec.rb +2 -2
- data/spec/rack/oauth2/server/token/error_spec.rb +4 -4
- data/spec/rack/oauth2/server/token_spec.rb +1 -1
- data/spec/rack/oauth2/util_spec.rb +3 -3
- metadata +2 -2
data/Gemfile.lock
CHANGED
data/VERSION
CHANGED
@@ -1 +1 @@
|
|
1
|
-
0.14.
|
1
|
+
0.14.7
|
data/lib/rack/oauth2.rb
CHANGED
@@ -39,17 +39,24 @@ module Rack
|
|
39
39
|
end
|
40
40
|
self.debugging = false
|
41
41
|
|
42
|
-
def self.http_client(agent_name = "Rack::OAuth2 (#{VERSION})")
|
42
|
+
def self.http_client(agent_name = "Rack::OAuth2 (#{VERSION})", &local_http_config)
|
43
43
|
_http_client_ = HTTPClient.new(
|
44
44
|
:agent_name => agent_name
|
45
45
|
)
|
46
46
|
http_config.try(:call, _http_client_)
|
47
|
+
local_http_config.try(:call, _http_client_) unless local_http_config.nil?
|
47
48
|
_http_client_.request_filter << Debugger::RequestFilter.new if debugging?
|
48
49
|
_http_client_
|
49
50
|
end
|
51
|
+
|
50
52
|
def self.http_config(&block)
|
51
53
|
@@http_config ||= block
|
52
54
|
end
|
55
|
+
|
56
|
+
def self.reset_http_config!
|
57
|
+
@@http_config = nil
|
58
|
+
end
|
59
|
+
|
53
60
|
end
|
54
61
|
end
|
55
62
|
|
@@ -3,12 +3,13 @@ module Rack
|
|
3
3
|
class AccessToken
|
4
4
|
class MAC < AccessToken
|
5
5
|
attr_required :mac_key, :mac_algorithm
|
6
|
-
attr_optional :ts, :ext_verifier
|
6
|
+
attr_optional :ts, :ext_verifier, :ts_expires_in
|
7
7
|
attr_reader :nonce, :signature, :ext
|
8
8
|
|
9
9
|
def initialize(attributes = {})
|
10
10
|
super(attributes)
|
11
|
-
@
|
11
|
+
@issued_at = Time.now.utc
|
12
|
+
@ts_expires_in ||= 5.minutes
|
12
13
|
end
|
13
14
|
|
14
15
|
def token_response
|
@@ -19,7 +20,6 @@ module Rack
|
|
19
20
|
end
|
20
21
|
|
21
22
|
def verify!(request)
|
22
|
-
|
23
23
|
body = request.body.read
|
24
24
|
if self.ext_verifier.present?
|
25
25
|
self.ext_verifier.new(
|
@@ -28,6 +28,11 @@ module Rack
|
|
28
28
|
).verify!(request.ext)
|
29
29
|
end
|
30
30
|
|
31
|
+
now = Time.now.utc.to_i
|
32
|
+
now = @ts.to_i if @ts.present?
|
33
|
+
|
34
|
+
raise Rack::OAuth2::AccessToken::MAC::Verifier::VerificationFailed.new("Request ts expired") if now - request.ts.to_i > @ts_expires_in.to_i
|
35
|
+
|
31
36
|
Signature.new(
|
32
37
|
:secret => self.mac_key,
|
33
38
|
:algorithm => self.mac_algorithm,
|
@@ -45,6 +50,7 @@ module Rack
|
|
45
50
|
|
46
51
|
def authenticate(request)
|
47
52
|
@nonce = generate_nonce
|
53
|
+
@ts_generated = @ts || Time.now.utc
|
48
54
|
|
49
55
|
if self.ext_verifier.present?
|
50
56
|
@ext = self.ext_verifier.new(
|
@@ -61,7 +67,7 @@ module Rack
|
|
61
67
|
:request_uri => request.header.create_query_uri,
|
62
68
|
:host => request.header.request_uri.host,
|
63
69
|
:port => request.header.request_uri.port,
|
64
|
-
:ts =>
|
70
|
+
:ts => @ts_generated,
|
65
71
|
:ext => @ext
|
66
72
|
).calculate
|
67
73
|
|
@@ -73,7 +79,7 @@ module Rack
|
|
73
79
|
def authorization_header
|
74
80
|
header = "MAC id=\"#{access_token}\""
|
75
81
|
header << ", nonce=\"#{nonce}\""
|
76
|
-
header << ", ts=\"#{
|
82
|
+
header << ", ts=\"#{@ts_generated.to_i}\""
|
77
83
|
header << ", mac=\"#{signature}\""
|
78
84
|
header << ", ext=\"#{ext}\"" if @ext.present?
|
79
85
|
header
|
@@ -81,7 +87,7 @@ module Rack
|
|
81
87
|
|
82
88
|
def generate_nonce
|
83
89
|
[
|
84
|
-
(Time.now.utc - @
|
90
|
+
(Time.now.utc - @issued_at).to_i,
|
85
91
|
SecureRandom.hex
|
86
92
|
].join(':')
|
87
93
|
end
|
@@ -15,4 +15,14 @@ describe Rack::OAuth2::AccessToken::MAC::Sha256HexVerifier do
|
|
15
15
|
end
|
16
16
|
|
17
17
|
|
18
|
+
context 'when raw_body is empty' do
|
19
|
+
subject do
|
20
|
+
Rack::OAuth2::AccessToken::MAC::Sha256HexVerifier.new(
|
21
|
+
:algorithm => 'hmac-sha-256',
|
22
|
+
:raw_body => ''
|
23
|
+
)
|
24
|
+
end
|
25
|
+
its(:calculate) { should be_nil }
|
26
|
+
end
|
27
|
+
|
18
28
|
end
|
@@ -17,7 +17,7 @@ describe Rack::OAuth2::AccessToken::MAC::Verifier do
|
|
17
17
|
context 'otherwise' do
|
18
18
|
let(:algorithm) { 'invalid' }
|
19
19
|
it do
|
20
|
-
expect { verifier.send(:hash_generator) }.
|
20
|
+
expect { verifier.send(:hash_generator) }.to raise_error(StandardError, 'Unsupported Algorithm')
|
21
21
|
end
|
22
22
|
end
|
23
23
|
|
@@ -60,7 +60,7 @@ describe Rack::OAuth2::AccessToken::MAC do
|
|
60
60
|
context 'otherwise' do
|
61
61
|
let(:signature) { 'invalid' }
|
62
62
|
it do
|
63
|
-
expect { token.verify!(request.setup!) }.
|
63
|
+
expect { token.verify!(request.setup!) }.to raise_error(
|
64
64
|
Rack::OAuth2::Server::Resource::MAC::Unauthorized,
|
65
65
|
'invalid_token :: Signature Invalid'
|
66
66
|
)
|
@@ -84,7 +84,7 @@ describe Rack::OAuth2::AccessToken::MAC do
|
|
84
84
|
context 'when ext is invalid' do
|
85
85
|
let(:ext) { 'invalid' }
|
86
86
|
it do
|
87
|
-
expect { token_with_ext_verifier.verify!(request.setup!) }.
|
87
|
+
expect { token_with_ext_verifier.verify!(request.setup!) }.to raise_error(
|
88
88
|
Rack::OAuth2::Server::Resource::MAC::Unauthorized,
|
89
89
|
'invalid_token :: Sha256HexVerifier Invalid'
|
90
90
|
)
|
@@ -98,7 +98,6 @@ describe Rack::OAuth2::AccessToken::MAC do
|
|
98
98
|
let(:signature) { 'dZYR54n+Lym5qCRRmDqmRZ71rG+bkjSWmqrOv8OjYHk=' }
|
99
99
|
it do
|
100
100
|
Time.fix(Time.at(1302361200)) do
|
101
|
-
|
102
101
|
token_with_ext_verifier.verify!(request.setup!).should == :verified
|
103
102
|
end
|
104
103
|
end
|
@@ -106,7 +105,7 @@ describe Rack::OAuth2::AccessToken::MAC do
|
|
106
105
|
|
107
106
|
context 'otherwise' do
|
108
107
|
it do
|
109
|
-
expect { token.verify!(request.setup!) }.
|
108
|
+
expect { token.verify!(request.setup!) }.to raise_error(
|
110
109
|
Rack::OAuth2::Server::Resource::MAC::Unauthorized,
|
111
110
|
'invalid_token :: Signature Invalid'
|
112
111
|
)
|
@@ -33,7 +33,7 @@ describe Rack::OAuth2::AccessToken do
|
|
33
33
|
:expires_in => 3600,
|
34
34
|
:scope => [:scope1, :scope2]
|
35
35
|
)
|
36
|
-
end.
|
36
|
+
end.to raise_error AttrRequired::AttrMissing
|
37
37
|
end
|
38
38
|
end
|
39
39
|
|
@@ -43,7 +43,7 @@ describe Rack::OAuth2::AccessToken do
|
|
43
43
|
Rack::OAuth2::AccessToken::Bearer.new(
|
44
44
|
:access_token => 'access_token'
|
45
45
|
)
|
46
|
-
end.
|
46
|
+
end.not_to raise_error
|
47
47
|
end
|
48
48
|
end
|
49
49
|
|
@@ -20,14 +20,14 @@ describe Rack::OAuth2::Client::Grant::Password do
|
|
20
20
|
|
21
21
|
context 'otherwise' do
|
22
22
|
it do
|
23
|
-
expect { grant.new attributes }.
|
23
|
+
expect { grant.new attributes }.to raise_error AttrRequired::AttrMissing
|
24
24
|
end
|
25
25
|
end
|
26
26
|
end
|
27
27
|
|
28
28
|
context 'otherwise' do
|
29
29
|
it do
|
30
|
-
expect { grant.new }.
|
30
|
+
expect { grant.new }.to raise_error AttrRequired::AttrMissing
|
31
31
|
end
|
32
32
|
end
|
33
33
|
end
|
@@ -18,7 +18,7 @@ describe Rack::OAuth2::Client do
|
|
18
18
|
|
19
19
|
context 'when identifier is missing' do
|
20
20
|
it do
|
21
|
-
expect { Rack::OAuth2::Client.new }.
|
21
|
+
expect { Rack::OAuth2::Client.new }.to raise_error AttrRequired::AttrMissing
|
22
22
|
end
|
23
23
|
end
|
24
24
|
|
@@ -211,7 +211,7 @@ describe Rack::OAuth2::Client do
|
|
211
211
|
)
|
212
212
|
end
|
213
213
|
it do
|
214
|
-
expect { client.access_token! }.
|
214
|
+
expect { client.access_token! }.to raise_error(StandardError, 'Unknown Token Type')
|
215
215
|
end
|
216
216
|
end
|
217
217
|
|
@@ -225,7 +225,7 @@ describe Rack::OAuth2::Client do
|
|
225
225
|
)
|
226
226
|
end
|
227
227
|
it do
|
228
|
-
expect { client.access_token! }.
|
228
|
+
expect { client.access_token! }.to raise_error Rack::OAuth2::Client::Error
|
229
229
|
end
|
230
230
|
end
|
231
231
|
end
|
@@ -241,13 +241,13 @@ describe Rack::OAuth2::Client do
|
|
241
241
|
|
242
242
|
describe '#authorization_uri' do
|
243
243
|
it do
|
244
|
-
expect { client.authorization_uri }.
|
244
|
+
expect { client.authorization_uri }.to raise_error 'No Host Info'
|
245
245
|
end
|
246
246
|
end
|
247
247
|
|
248
248
|
describe '#access_token!' do
|
249
249
|
it do
|
250
|
-
expect { client.access_token! }.
|
250
|
+
expect { client.access_token! }.to raise_error 'No Host Info'
|
251
251
|
end
|
252
252
|
end
|
253
253
|
end
|
@@ -32,6 +32,8 @@ describe Rack::OAuth2 do
|
|
32
32
|
describe '.http_config' do
|
33
33
|
context 'when request_filter added' do
|
34
34
|
context 'when "debug!" is called' do
|
35
|
+
after { Rack::OAuth2.reset_http_config! }
|
36
|
+
|
35
37
|
it 'should put Debugger::RequestFilter at last' do
|
36
38
|
Rack::OAuth2.debug!
|
37
39
|
Rack::OAuth2.http_config do |config|
|
@@ -39,6 +41,33 @@ describe Rack::OAuth2 do
|
|
39
41
|
end
|
40
42
|
Rack::OAuth2.http_client.request_filter.last.should be_instance_of Rack::OAuth2::Debugger::RequestFilter
|
41
43
|
end
|
44
|
+
|
45
|
+
it 'should reset_http_config' do
|
46
|
+
Rack::OAuth2.debug!
|
47
|
+
Rack::OAuth2.http_config do |config|
|
48
|
+
config.request_filter << Proc.new {}
|
49
|
+
end
|
50
|
+
size = Rack::OAuth2.http_client.request_filter.size
|
51
|
+
Rack::OAuth2.reset_http_config!
|
52
|
+
Rack::OAuth2.http_client.request_filter.size.should == size - 1
|
53
|
+
end
|
54
|
+
|
55
|
+
end
|
56
|
+
end
|
57
|
+
end
|
58
|
+
|
59
|
+
describe ".http_client" do
|
60
|
+
context "when local_http_config is used" do
|
61
|
+
it "should correctly set request_filter" do
|
62
|
+
clnt1 = Rack::OAuth2.http_client
|
63
|
+
clnt2 = Rack::OAuth2.http_client("my client") do |config|
|
64
|
+
config.request_filter << Proc.new {}
|
65
|
+
end
|
66
|
+
clnt3 = Rack::OAuth2.http_client
|
67
|
+
|
68
|
+
clnt1.request_filter.size.should == clnt3.request_filter.size
|
69
|
+
clnt1.request_filter.size.should == clnt2.request_filter.size - 1
|
70
|
+
|
42
71
|
end
|
43
72
|
end
|
44
73
|
end
|
@@ -26,14 +26,14 @@ describe Rack::OAuth2::Server::Authorize::Code do
|
|
26
26
|
context 'when redirect_uri is missing' do
|
27
27
|
let(:redirect_uri) { nil }
|
28
28
|
it do
|
29
|
-
expect { response }.
|
29
|
+
expect { response }.to raise_error AttrRequired::AttrMissing
|
30
30
|
end
|
31
31
|
end
|
32
32
|
|
33
33
|
context 'when code is missing' do
|
34
34
|
let(:authorization_code) { nil }
|
35
35
|
it do
|
36
|
-
expect { response }.
|
36
|
+
expect { response }.to raise_error AttrRequired::AttrMissing
|
37
37
|
end
|
38
38
|
end
|
39
39
|
end
|
@@ -50,7 +50,7 @@ describe Rack::OAuth2::Server::Authorize::BadRequest do
|
|
50
50
|
|
51
51
|
context 'otherwise' do
|
52
52
|
it 'should raise itself' do
|
53
|
-
expect { error.finish }.
|
53
|
+
expect { error.finish }.to raise_error(klass) { |e|
|
54
54
|
e.should == error
|
55
55
|
}
|
56
56
|
end
|
@@ -69,12 +69,12 @@ describe Rack::OAuth2::Server::Authorize::ErrorMethods do
|
|
69
69
|
|
70
70
|
describe 'bad_request!' do
|
71
71
|
it do
|
72
|
-
expect { request.bad_request! }.
|
72
|
+
expect { request.bad_request! }.to raise_error klass
|
73
73
|
end
|
74
74
|
|
75
75
|
context 'when response_type = :code' do
|
76
76
|
it 'should set protocol_params_location = :query' do
|
77
|
-
expect { request_for_code.bad_request! }.
|
77
|
+
expect { request_for_code.bad_request! }.to raise_error(klass) { |e|
|
78
78
|
e.protocol_params_location.should == :query
|
79
79
|
}
|
80
80
|
end
|
@@ -82,7 +82,7 @@ describe Rack::OAuth2::Server::Authorize::ErrorMethods do
|
|
82
82
|
|
83
83
|
context 'when response_type = :token' do
|
84
84
|
it 'should set protocol_params_location = :fragment' do
|
85
|
-
expect { request_for_token.bad_request! }.
|
85
|
+
expect { request_for_token.bad_request! }.to raise_error(klass) { |e|
|
86
86
|
e.protocol_params_location.should == :fragment
|
87
87
|
}
|
88
88
|
end
|
@@ -93,7 +93,7 @@ describe Rack::OAuth2::Server::Authorize::ErrorMethods do
|
|
93
93
|
method = "#{error_code}!"
|
94
94
|
describe method do
|
95
95
|
it "should raise Rack::OAuth2::Server::Authorize::BadRequest with error = :#{error_code}" do
|
96
|
-
expect { request.send method }.
|
96
|
+
expect { request.send method }.to raise_error(klass) { |error|
|
97
97
|
error.error.should == error_code
|
98
98
|
error.description.should == default_description[error_code]
|
99
99
|
}
|
@@ -37,7 +37,7 @@ describe Rack::OAuth2::Server::Authorize::Token do
|
|
37
37
|
end
|
38
38
|
end
|
39
39
|
it do
|
40
|
-
expect { response }.
|
40
|
+
expect { response }.to raise_error AttrRequired::AttrMissing
|
41
41
|
end
|
42
42
|
end
|
43
43
|
|
@@ -49,7 +49,7 @@ describe Rack::OAuth2::Server::Authorize::Token do
|
|
49
49
|
end
|
50
50
|
end
|
51
51
|
it do
|
52
|
-
expect { response }.
|
52
|
+
expect { response }.to raise_error AttrRequired::AttrMissing
|
53
53
|
end
|
54
54
|
end
|
55
55
|
end
|
@@ -8,25 +8,25 @@ describe Rack::OAuth2::Server::Authorize do
|
|
8
8
|
|
9
9
|
context 'when response_type is missing' do
|
10
10
|
it do
|
11
|
-
expect { request.get "/?client_id=client&redirect_uri=#{redirect_uri}" }.
|
11
|
+
expect { request.get "/?client_id=client&redirect_uri=#{redirect_uri}" }.to raise_error bad_request
|
12
12
|
end
|
13
13
|
end
|
14
14
|
|
15
15
|
context 'when redirect_uri is missing' do
|
16
16
|
it do
|
17
|
-
expect { request.get "/?response_type=code&client_id=client" }.
|
17
|
+
expect { request.get "/?response_type=code&client_id=client" }.not_to raise_error
|
18
18
|
end
|
19
19
|
end
|
20
20
|
|
21
21
|
context 'when client_id is missing' do
|
22
22
|
it do
|
23
|
-
expect { request.get "/?response_type=code&redirect_uri=#{redirect_uri}" }.
|
23
|
+
expect { request.get "/?response_type=code&redirect_uri=#{redirect_uri}" }.to raise_error bad_request
|
24
24
|
end
|
25
25
|
end
|
26
26
|
|
27
27
|
context 'when unknown response_type is given' do
|
28
28
|
it do
|
29
|
-
expect { request.get "/?response_type=unknown&client_id=client&redirect_uri=#{redirect_uri}" }.
|
29
|
+
expect { request.get "/?response_type=unknown&client_id=client&redirect_uri=#{redirect_uri}" }.to raise_error bad_request
|
30
30
|
end
|
31
31
|
end
|
32
32
|
|
@@ -40,8 +40,8 @@ describe Rack::OAuth2::Server::Authorize do
|
|
40
40
|
end
|
41
41
|
|
42
42
|
describe Rack::OAuth2::Server::Authorize::Request do
|
43
|
-
let(:env)
|
44
|
-
let(:request)
|
43
|
+
let(:env) { Rack::MockRequest.env_for("/authorize?client_id=client&redirect_uri=#{redirect_uri}") }
|
44
|
+
let(:request) { Rack::OAuth2::Server::Authorize::Request.new env }
|
45
45
|
|
46
46
|
describe '#varified_redirect_uri' do
|
47
47
|
context 'when an Array of pre-registered URIs are given' do
|
@@ -68,7 +68,7 @@ describe Rack::OAuth2::Server::Authorize do
|
|
68
68
|
it do
|
69
69
|
expect do
|
70
70
|
request.verify_redirect_uri!(pre_registered)
|
71
|
-
end.
|
71
|
+
end.to raise_error Rack::OAuth2::Server::Authorize::BadRequest
|
72
72
|
end
|
73
73
|
end
|
74
74
|
end
|
@@ -93,7 +93,7 @@ describe Rack::OAuth2::Server::Authorize do
|
|
93
93
|
it do
|
94
94
|
expect do
|
95
95
|
request.verify_redirect_uri!(pre_registered)
|
96
|
-
end.
|
96
|
+
end.to raise_error Rack::OAuth2::Server::Authorize::BadRequest
|
97
97
|
end
|
98
98
|
end
|
99
99
|
end
|
@@ -103,7 +103,7 @@ describe Rack::OAuth2::Server::Authorize do
|
|
103
103
|
it do
|
104
104
|
expect do
|
105
105
|
request.verify_redirect_uri!(pre_registered)
|
106
|
-
end.
|
106
|
+
end.to raise_error Rack::OAuth2::Server::Authorize::BadRequest
|
107
107
|
end
|
108
108
|
end
|
109
109
|
|
@@ -151,7 +151,7 @@ describe Rack::OAuth2::Server::Authorize do
|
|
151
151
|
it do
|
152
152
|
expect do
|
153
153
|
app.send(:response_type_for, request)
|
154
|
-
end.
|
154
|
+
end.to raise_error bad_request
|
155
155
|
end
|
156
156
|
end
|
157
157
|
|
@@ -27,7 +27,7 @@ describe Rack::OAuth2::Server::Resource::Bearer::ErrorMethods do
|
|
27
27
|
|
28
28
|
describe 'unauthorized!' do
|
29
29
|
it do
|
30
|
-
expect { request.unauthorized! :invalid_client }.
|
30
|
+
expect { request.unauthorized! :invalid_client }.to raise_error unauthorized
|
31
31
|
end
|
32
32
|
end
|
33
33
|
|
@@ -41,7 +41,7 @@ describe Rack::OAuth2::Server::Resource::Bearer::ErrorMethods do
|
|
41
41
|
else
|
42
42
|
describe method do
|
43
43
|
it "should raise Rack::OAuth2::Server::Resource::Bearer::Unauthorized with error = :#{error_code}" do
|
44
|
-
expect { request.send method }.
|
44
|
+
expect { request.send method }.to raise_error(unauthorized) { |error|
|
45
45
|
error.error.should == error_code
|
46
46
|
error.description.should == default_description[error_code]
|
47
47
|
}
|
@@ -23,7 +23,7 @@ describe Rack::OAuth2::Server::Resource::Unauthorized do
|
|
23
23
|
|
24
24
|
describe '#scheme' do
|
25
25
|
it do
|
26
|
-
expect { error.scheme }.
|
26
|
+
expect { error.scheme }.to raise_error(RuntimeError, 'Define me!')
|
27
27
|
end
|
28
28
|
end
|
29
29
|
|
@@ -105,13 +105,13 @@ describe Rack::OAuth2::Server::Resource::Bearer::ErrorMethods do
|
|
105
105
|
|
106
106
|
describe 'bad_request!' do
|
107
107
|
it do
|
108
|
-
expect { request.bad_request! :invalid_request }.
|
108
|
+
expect { request.bad_request! :invalid_request }.to raise_error bad_request
|
109
109
|
end
|
110
110
|
end
|
111
111
|
|
112
112
|
describe 'unauthorized!' do
|
113
113
|
it do
|
114
|
-
expect { request.unauthorized! :invalid_client }.
|
114
|
+
expect { request.unauthorized! :invalid_client }.to raise_error(RuntimeError, 'Define me!')
|
115
115
|
end
|
116
116
|
end
|
117
117
|
|
@@ -121,7 +121,7 @@ describe Rack::OAuth2::Server::Resource::Bearer::ErrorMethods do
|
|
121
121
|
when :invalid_request
|
122
122
|
describe method do
|
123
123
|
it "should raise Rack::OAuth2::Server::Resource::BadRequest with error = :#{error_code}" do
|
124
|
-
expect { request.send method }.
|
124
|
+
expect { request.send method }.to raise_error(bad_request) { |error|
|
125
125
|
error.error.should == error_code
|
126
126
|
error.description.should == default_description[error_code]
|
127
127
|
}
|
@@ -130,7 +130,7 @@ describe Rack::OAuth2::Server::Resource::Bearer::ErrorMethods do
|
|
130
130
|
when :insufficient_scope
|
131
131
|
describe method do
|
132
132
|
it "should raise Rack::OAuth2::Server::Resource::Forbidden with error = :#{error_code}" do
|
133
|
-
expect { request.send method }.
|
133
|
+
expect { request.send method }.to raise_error(forbidden) { |error|
|
134
134
|
error.error.should == error_code
|
135
135
|
error.description.should == default_description[error_code]
|
136
136
|
}
|
@@ -139,7 +139,7 @@ describe Rack::OAuth2::Server::Resource::Bearer::ErrorMethods do
|
|
139
139
|
else
|
140
140
|
describe method do
|
141
141
|
it do
|
142
|
-
expect { request.send method }.
|
142
|
+
expect { request.send method }.to raise_error(RuntimeError, 'Define me!')
|
143
143
|
end
|
144
144
|
end
|
145
145
|
end
|
@@ -27,7 +27,7 @@ describe Rack::OAuth2::Server::Resource::MAC::ErrorMethods do
|
|
27
27
|
|
28
28
|
describe 'unauthorized!' do
|
29
29
|
it do
|
30
|
-
expect { request.unauthorized! :invalid_client }.
|
30
|
+
expect { request.unauthorized! :invalid_client }.to raise_error unauthorized
|
31
31
|
end
|
32
32
|
end
|
33
33
|
|
@@ -41,7 +41,7 @@ describe Rack::OAuth2::Server::Resource::MAC::ErrorMethods do
|
|
41
41
|
else
|
42
42
|
describe method do
|
43
43
|
it "should raise Rack::OAuth2::Server::Resource::Bearer::Unauthorized with error = :#{error_code}" do
|
44
|
-
expect { request.send method }.
|
44
|
+
expect { request.send method }.to raise_error(unauthorized) { |error|
|
45
45
|
error.error.should == error_code
|
46
46
|
error.description.should == default_description[error_code]
|
47
47
|
}
|
@@ -19,7 +19,8 @@ describe Rack::OAuth2::Server::Resource::MAC do
|
|
19
19
|
Rack::OAuth2::AccessToken::MAC.new(
|
20
20
|
:access_token => 'valid_token',
|
21
21
|
:mac_key => 'secret',
|
22
|
-
:mac_algorithm => 'hmac-sha-256'
|
22
|
+
:mac_algorithm => 'hmac-sha-256',
|
23
|
+
:ts => 1305820230 # fix verification time
|
23
24
|
)
|
24
25
|
end
|
25
26
|
let(:access_token) { env[Rack::OAuth2::Server::Resource::ACCESS_TOKEN] }
|
@@ -80,6 +81,11 @@ describe Rack::OAuth2::Server::Resource::MAC do
|
|
80
81
|
let(:env) { Rack::MockRequest.env_for('/protected_resource', 'HTTP_AUTHORIZATION' => 'MAC id="valid_token", nonce="51e74de734c05613f37520872e68db5f", ts="1305820234", mac="26JP6MMZyAHLHeMU8+m+NbVJgZbikp5SlT86/a62pwg="') }
|
81
82
|
it_behaves_like :authenticated_mac_request
|
82
83
|
end
|
84
|
+
|
85
|
+
context 'when all required params are valid and ts is expired' do
|
86
|
+
let(:env) { Rack::MockRequest.env_for('/protected_resource', 'HTTP_AUTHORIZATION' => 'MAC id="valid_token", nonce="51e74de734c05613f37520872e68db5f", ts="1305819234", mac="nuo4765MZrVL/qMsAtuTczhqZAE5y02ChaLCyOiVU68="') }
|
87
|
+
it_behaves_like :unauthorized_mac_request
|
88
|
+
end
|
83
89
|
end
|
84
90
|
|
85
91
|
context 'when invalid_token is given' do
|
@@ -11,13 +11,13 @@ describe Rack::OAuth2::Server::Resource::Request do
|
|
11
11
|
|
12
12
|
describe '#setup!' do
|
13
13
|
it do
|
14
|
-
expect { request.setup! }.
|
14
|
+
expect { request.setup! }.to raise_error(RuntimeError, 'Define me!')
|
15
15
|
end
|
16
16
|
end
|
17
17
|
|
18
18
|
describe '#oauth2?' do
|
19
19
|
it do
|
20
|
-
expect { request.oauth2? }.
|
20
|
+
expect { request.oauth2? }.to raise_error(RuntimeError, 'Define me!')
|
21
21
|
end
|
22
22
|
end
|
23
23
|
end
|
@@ -41,13 +41,13 @@ describe Rack::OAuth2::Server::Token::ErrorMethods do
|
|
41
41
|
|
42
42
|
describe 'bad_request!' do
|
43
43
|
it do
|
44
|
-
expect { request.bad_request! :invalid_request }.
|
44
|
+
expect { request.bad_request! :invalid_request }.to raise_error bad_request
|
45
45
|
end
|
46
46
|
end
|
47
47
|
|
48
48
|
describe 'unauthorized!' do
|
49
49
|
it do
|
50
|
-
expect { request.unauthorized! :invalid_client }.
|
50
|
+
expect { request.unauthorized! :invalid_client }.to raise_error unauthorized
|
51
51
|
end
|
52
52
|
end
|
53
53
|
|
@@ -57,7 +57,7 @@ describe Rack::OAuth2::Server::Token::ErrorMethods do
|
|
57
57
|
when :invalid_client
|
58
58
|
describe method do
|
59
59
|
it "should raise Rack::OAuth2::Server::Token::Unauthorized with error = :#{error_code}" do
|
60
|
-
expect { request.send method }.
|
60
|
+
expect { request.send method }.to raise_error(unauthorized) { |error|
|
61
61
|
error.error.should == error_code
|
62
62
|
error.description.should == default_description[error_code]
|
63
63
|
}
|
@@ -66,7 +66,7 @@ describe Rack::OAuth2::Server::Token::ErrorMethods do
|
|
66
66
|
else
|
67
67
|
describe method do
|
68
68
|
it "should raise Rack::OAuth2::Server::Token::BadRequest with error = :#{error_code}" do
|
69
|
-
expect { request.send method }.
|
69
|
+
expect { request.send method }.to raise_error(bad_request) { |error|
|
70
70
|
error.error.should == error_code
|
71
71
|
error.description.should == default_description[error_code]
|
72
72
|
}
|
@@ -96,7 +96,7 @@ describe Rack::OAuth2::Server::Token do
|
|
96
96
|
Rack::OAuth2::Server::Token.new
|
97
97
|
end
|
98
98
|
it do
|
99
|
-
expect { request.post('/', :params => params) }.
|
99
|
+
expect { request.post('/', :params => params) }.to raise_error AttrRequired::AttrMissing
|
100
100
|
end
|
101
101
|
end
|
102
102
|
end
|
@@ -40,14 +40,14 @@ describe Rack::OAuth2::Util do
|
|
40
40
|
it do
|
41
41
|
expect do
|
42
42
|
util.parse_uri '::'
|
43
|
-
end.
|
43
|
+
end.to raise_error URI::InvalidURIError
|
44
44
|
end
|
45
45
|
end
|
46
46
|
|
47
47
|
context 'otherwise' do
|
48
48
|
it do
|
49
|
-
expect { util.parse_uri nil }.
|
50
|
-
expect { util.parse_uri 123 }.
|
49
|
+
expect { util.parse_uri nil }.to raise_error StandardError
|
50
|
+
expect { util.parse_uri 123 }.to raise_error StandardError
|
51
51
|
end
|
52
52
|
end
|
53
53
|
end
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: rack-oauth2
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.14.
|
4
|
+
version: 0.14.7
|
5
5
|
prerelease:
|
6
6
|
platform: ruby
|
7
7
|
authors:
|
@@ -9,7 +9,7 @@ authors:
|
|
9
9
|
autorequire:
|
10
10
|
bindir: bin
|
11
11
|
cert_chain: []
|
12
|
-
date: 2012-08-
|
12
|
+
date: 2012-08-09 00:00:00.000000000 Z
|
13
13
|
dependencies:
|
14
14
|
- !ruby/object:Gem::Dependency
|
15
15
|
name: rack
|