rack-oauth2 0.2.3 → 0.3.0.alpha
Sign up to get free protection for your applications and to get access to all the features.
- data/Gemfile +1 -0
- data/README.rdoc +1 -0
- data/VERSION +1 -1
- data/lib/rack/oauth2.rb +1 -7
- data/lib/rack/oauth2/server.rb +0 -1
- data/lib/rack/oauth2/server/abstract.rb +2 -1
- data/lib/rack/oauth2/server/abstract/error.rb +55 -0
- data/lib/rack/oauth2/server/abstract/handler.rb +2 -3
- data/lib/rack/oauth2/server/abstract/request.rb +2 -3
- data/lib/rack/oauth2/server/abstract/response.rb +0 -5
- data/lib/rack/oauth2/server/authorize.rb +19 -14
- data/lib/rack/oauth2/server/authorize/code.rb +8 -19
- data/lib/rack/oauth2/server/authorize/error.rb +60 -0
- data/lib/rack/oauth2/server/authorize/token.rb +15 -24
- data/lib/rack/oauth2/server/resource.rb +1 -79
- data/lib/rack/oauth2/server/resource/bearer.rb +74 -0
- data/lib/rack/oauth2/server/resource/bearer/error.rb +80 -0
- data/lib/rack/oauth2/server/token.rb +12 -19
- data/lib/rack/oauth2/server/token/authorization_code.rb +4 -5
- data/lib/rack/oauth2/server/token/error.rb +54 -0
- data/lib/rack/oauth2/server/token/password.rb +0 -2
- data/lib/rack/oauth2/server/token/refresh_token.rb +1 -1
- data/lib/rack/oauth2/server/util.rb +29 -0
- data/rack-oauth2.gemspec +1 -1
- data/spec/rack/oauth2/server/abstract/error_spec.rb +51 -0
- data/spec/rack/oauth2/server/authorize/code_spec.rb +42 -28
- data/spec/rack/oauth2/server/authorize/error_spec.rb +103 -0
- data/spec/rack/oauth2/server/authorize/token_spec.rb +55 -26
- data/spec/rack/oauth2/server/authorize_spec.rb +24 -68
- data/spec/rack/oauth2/server/resource/bearer/error_spec.rb +118 -0
- data/spec/rack/oauth2/server/resource/bearer_spec.rb +117 -0
- data/spec/rack/oauth2/server/token/authorization_code_spec.rb +26 -109
- data/spec/rack/oauth2/server/token/error_spec.rb +77 -0
- data/spec/rack/oauth2/server/token/password_spec.rb +27 -47
- data/spec/rack/oauth2/server/token/refresh_token_spec.rb +22 -43
- data/spec/rack/oauth2/server/token_spec.rb +77 -116
- data/spec/rack/oauth2/server/util_spec.rb +75 -16
- data/spec/spec_helper.rb +0 -12
- metadata +25 -29
- data/lib/rack/oauth2/server/authorize/code_and_token.rb +0 -62
- data/lib/rack/oauth2/server/error.rb +0 -73
- data/lib/rack/oauth2/server/error/authorize.rb +0 -54
- data/lib/rack/oauth2/server/error/resource.rb +0 -50
- data/lib/rack/oauth2/server/error/token.rb +0 -59
- data/lib/rack/oauth2/server/token/assertion.rb +0 -29
- data/spec/rack/oauth2/server/authorize/code_and_token_spec.rb +0 -53
- data/spec/rack/oauth2/server/error/authorize_spec.rb +0 -102
- data/spec/rack/oauth2/server/error/resource_spec.rb +0 -69
- data/spec/rack/oauth2/server/error/token_spec.rb +0 -115
- data/spec/rack/oauth2/server/error_spec.rb +0 -107
- data/spec/rack/oauth2/server/resource_spec.rb +0 -141
- data/spec/rack/oauth2/server/token/assertion_spec.rb +0 -56
@@ -1,69 +0,0 @@
|
|
1
|
-
require 'spec_helper.rb'
|
2
|
-
|
3
|
-
describe Rack::OAuth2::Server::Resource::Request do
|
4
|
-
|
5
|
-
before do
|
6
|
-
@request = Rack::OAuth2::Server::Resource::Request.new(
|
7
|
-
Rack::MockRequest.env_for("/resource", :params => {
|
8
|
-
:oauth_token => "oauth_token"
|
9
|
-
}), "server.example.com"
|
10
|
-
)
|
11
|
-
end
|
12
|
-
|
13
|
-
describe "#error!" do
|
14
|
-
it "should raise BadRequest error" do
|
15
|
-
lambda do
|
16
|
-
@request.error! :something
|
17
|
-
end.should raise_error(Rack::OAuth2::Server::Error) { |e|
|
18
|
-
e.status.should == 400
|
19
|
-
e.error.should == :something
|
20
|
-
e.description.should be_nil
|
21
|
-
}
|
22
|
-
end
|
23
|
-
end
|
24
|
-
|
25
|
-
describe "#invalid_request!" do
|
26
|
-
it "should raise BadRequest error" do
|
27
|
-
lambda do
|
28
|
-
@request.invalid_request!
|
29
|
-
end.should raise_error(Rack::OAuth2::Server::BadRequest) { |e|
|
30
|
-
e.error.should == :invalid_request
|
31
|
-
e.description.should == Rack::OAuth2::Server::Error::Resource::DEFAULT_DESCRIPTION[:invalid_request]
|
32
|
-
}
|
33
|
-
end
|
34
|
-
end
|
35
|
-
|
36
|
-
describe "#invalid_token!" do
|
37
|
-
it "should raise Unauthorized error" do
|
38
|
-
lambda do
|
39
|
-
@request.invalid_token!
|
40
|
-
end.should raise_error(Rack::OAuth2::Server::Unauthorized) { |e|
|
41
|
-
e.error.should == :invalid_token
|
42
|
-
e.description.should == Rack::OAuth2::Server::Error::Resource::DEFAULT_DESCRIPTION[:invalid_token]
|
43
|
-
}
|
44
|
-
end
|
45
|
-
end
|
46
|
-
|
47
|
-
describe "#expired_token!" do
|
48
|
-
it "should raise Unauthorized error" do
|
49
|
-
lambda do
|
50
|
-
@request.expired_token!
|
51
|
-
end.should raise_error(Rack::OAuth2::Server::Unauthorized) { |e|
|
52
|
-
e.error.should == :expired_token
|
53
|
-
e.description.should == Rack::OAuth2::Server::Error::Resource::DEFAULT_DESCRIPTION[:expired_token]
|
54
|
-
}
|
55
|
-
end
|
56
|
-
end
|
57
|
-
|
58
|
-
describe "#insufficient_scope!" do
|
59
|
-
it "should raise Forbidden error" do
|
60
|
-
lambda do
|
61
|
-
@request.insufficient_scope!
|
62
|
-
end.should raise_error(Rack::OAuth2::Server::Forbidden) { |e|
|
63
|
-
e.error.should == :insufficient_scope
|
64
|
-
e.description.should == Rack::OAuth2::Server::Error::Resource::DEFAULT_DESCRIPTION[:insufficient_scope]
|
65
|
-
}
|
66
|
-
end
|
67
|
-
end
|
68
|
-
|
69
|
-
end
|
@@ -1,115 +0,0 @@
|
|
1
|
-
require 'spec_helper.rb'
|
2
|
-
|
3
|
-
describe Rack::OAuth2::Server::Token::Request do
|
4
|
-
|
5
|
-
before do
|
6
|
-
@request = Rack::OAuth2::Server::Token::Request.new(
|
7
|
-
Rack::MockRequest.env_for("/token", :params => {
|
8
|
-
:client_id => "client_id",
|
9
|
-
:grant_type => "authorization_code",
|
10
|
-
:code => "code"
|
11
|
-
})
|
12
|
-
)
|
13
|
-
end
|
14
|
-
|
15
|
-
describe "#error!" do
|
16
|
-
it "should raise BadRequest error" do
|
17
|
-
lambda do
|
18
|
-
@request.error! :something
|
19
|
-
end.should raise_error(Rack::OAuth2::Server::BadRequest) { |e|
|
20
|
-
e.error.should == :something
|
21
|
-
e.description.should be_nil
|
22
|
-
}
|
23
|
-
end
|
24
|
-
end
|
25
|
-
|
26
|
-
describe "#invalid_request!" do
|
27
|
-
it "should raise BadRequest error" do
|
28
|
-
lambda do
|
29
|
-
@request.invalid_request!
|
30
|
-
end.should raise_error(Rack::OAuth2::Server::BadRequest) { |e|
|
31
|
-
e.error.should == :invalid_request
|
32
|
-
e.description.should == Rack::OAuth2::Server::Error::Token::DEFAULT_DESCRIPTION[:invalid_request]
|
33
|
-
}
|
34
|
-
end
|
35
|
-
end
|
36
|
-
|
37
|
-
describe "#invalid_client!" do
|
38
|
-
it "should raise BadRequest error" do
|
39
|
-
lambda do
|
40
|
-
@request.invalid_client!
|
41
|
-
end.should raise_error(Rack::OAuth2::Server::BadRequest) { |e|
|
42
|
-
e.error.should == :invalid_client
|
43
|
-
e.description.should == Rack::OAuth2::Server::Error::Token::DEFAULT_DESCRIPTION[:invalid_client]
|
44
|
-
}
|
45
|
-
end
|
46
|
-
|
47
|
-
context "when Authorization header is used" do
|
48
|
-
it "should raise Unauthorized error" do
|
49
|
-
lambda do
|
50
|
-
@request.via_authorization_header = true
|
51
|
-
@request.invalid_client!
|
52
|
-
end.should raise_error(Rack::OAuth2::Server::Unauthorized) { |e|
|
53
|
-
e.error.should == :invalid_client
|
54
|
-
e.description.should == Rack::OAuth2::Server::Error::Token::DEFAULT_DESCRIPTION[:invalid_client]
|
55
|
-
}
|
56
|
-
end
|
57
|
-
end
|
58
|
-
end
|
59
|
-
|
60
|
-
describe "#unauthorized_client!" do
|
61
|
-
it "should raise BadRequest error" do
|
62
|
-
lambda do
|
63
|
-
@request.unauthorized_client!
|
64
|
-
end.should raise_error(Rack::OAuth2::Server::BadRequest) { |e|
|
65
|
-
e.error.should == :unauthorized_client
|
66
|
-
e.description.should == Rack::OAuth2::Server::Error::Token::DEFAULT_DESCRIPTION[:unauthorized_client]
|
67
|
-
}
|
68
|
-
end
|
69
|
-
end
|
70
|
-
|
71
|
-
describe "#invalid_grant!" do
|
72
|
-
it "should raise BadRequest error" do
|
73
|
-
lambda do
|
74
|
-
@request.invalid_grant!
|
75
|
-
end.should raise_error(Rack::OAuth2::Server::BadRequest) { |e|
|
76
|
-
e.error.should == :invalid_grant
|
77
|
-
e.description.should == Rack::OAuth2::Server::Error::Token::DEFAULT_DESCRIPTION[:invalid_grant]
|
78
|
-
}
|
79
|
-
end
|
80
|
-
end
|
81
|
-
|
82
|
-
describe "#unsupported_grant_type!" do
|
83
|
-
it "should raise BadRequest error" do
|
84
|
-
lambda do
|
85
|
-
@request.unsupported_grant_type!
|
86
|
-
end.should raise_error(Rack::OAuth2::Server::BadRequest) { |e|
|
87
|
-
e.error.should == :unsupported_grant_type
|
88
|
-
e.description.should == Rack::OAuth2::Server::Error::Token::DEFAULT_DESCRIPTION[:unsupported_grant_type]
|
89
|
-
}
|
90
|
-
end
|
91
|
-
end
|
92
|
-
|
93
|
-
describe "#unsupported_response_type!" do
|
94
|
-
it "should raise BadRequest error" do
|
95
|
-
lambda do
|
96
|
-
@request.unsupported_response_type!
|
97
|
-
end.should raise_error(Rack::OAuth2::Server::BadRequest) { |e|
|
98
|
-
e.error.should == :unsupported_response_type
|
99
|
-
e.description.should == Rack::OAuth2::Server::Error::Token::DEFAULT_DESCRIPTION[:unsupported_response_type]
|
100
|
-
}
|
101
|
-
end
|
102
|
-
end
|
103
|
-
|
104
|
-
describe "#invalid_scope!" do
|
105
|
-
it "should raise BadRequest error" do
|
106
|
-
lambda do
|
107
|
-
@request.invalid_scope!
|
108
|
-
end.should raise_error(Rack::OAuth2::Server::BadRequest) { |e|
|
109
|
-
e.error.should == :invalid_scope
|
110
|
-
e.description.should == Rack::OAuth2::Server::Error::Token::DEFAULT_DESCRIPTION[:invalid_scope]
|
111
|
-
}
|
112
|
-
end
|
113
|
-
end
|
114
|
-
|
115
|
-
end
|
@@ -1,107 +0,0 @@
|
|
1
|
-
require 'spec_helper.rb'
|
2
|
-
|
3
|
-
describe Rack::OAuth2::Server::Error, '#finish' do
|
4
|
-
|
5
|
-
context "when state is given" do
|
6
|
-
it "should return state as error response" do
|
7
|
-
error = Rack::OAuth2::Server::Error.new(400, :invalid_request, "Something Invalid!!", :state => "anything")
|
8
|
-
status, header, response = error.finish
|
9
|
-
response.body.to_s.should match("\"state\":\"anything\"")
|
10
|
-
end
|
11
|
-
end
|
12
|
-
|
13
|
-
context "when redirect_uri is given" do
|
14
|
-
before do
|
15
|
-
@params = {
|
16
|
-
:error => :invalid_request,
|
17
|
-
:error_description => "Something invalid!!",
|
18
|
-
:redirect_uri => "http://client.example.com"
|
19
|
-
}
|
20
|
-
@error = Rack::OAuth2::Server::Error.new(400, @params[:error], @params[:error_description], :redirect_uri => @params[:redirect_uri])
|
21
|
-
end
|
22
|
-
|
23
|
-
it "should redirect to redirect_uri with error message in query string" do
|
24
|
-
status, header, response = @error.finish
|
25
|
-
status.should == 302
|
26
|
-
header['Content-Type'].should == "text/html"
|
27
|
-
header['Location'].should == "#{@params.delete(:redirect_uri)}?#{@params.to_query}"
|
28
|
-
end
|
29
|
-
|
30
|
-
context "when redirect_uri already includes query" do
|
31
|
-
before do
|
32
|
-
@params = {
|
33
|
-
:error => :invalid_request,
|
34
|
-
:error_description => "Something invalid!!",
|
35
|
-
:redirect_uri => "http://client.example.com?k=v"
|
36
|
-
}
|
37
|
-
@error = Rack::OAuth2::Server::Error.new(400, @params[:error], @params[:error_description], :redirect_uri => @params[:redirect_uri])
|
38
|
-
end
|
39
|
-
|
40
|
-
it "should keep original query" do
|
41
|
-
status, header, response = @error.finish
|
42
|
-
status.should == 302
|
43
|
-
header['Content-Type'].should == "text/html"
|
44
|
-
header['Location'].should == "#{@params.delete(:redirect_uri)}&#{@params.to_query}"
|
45
|
-
end
|
46
|
-
end
|
47
|
-
end
|
48
|
-
|
49
|
-
context "when realm is given" do
|
50
|
-
before do
|
51
|
-
@params = {
|
52
|
-
:error => :invalid_request,
|
53
|
-
:error_description => "Something invalid!!"
|
54
|
-
}
|
55
|
-
@error = Rack::OAuth2::Server::Error.new(401, @params[:error], @params[:error_description], :realm => "server.example.com")
|
56
|
-
end
|
57
|
-
|
58
|
-
it "should return failure response with error message in WWW-Authenticate header" do
|
59
|
-
status, header, response = @error.finish
|
60
|
-
status.should === 401
|
61
|
-
error_message = {
|
62
|
-
:error => "invalid_request",
|
63
|
-
:error_description => "Something invalid!!"
|
64
|
-
}
|
65
|
-
header['WWW-Authenticate'].should == "OAuth realm='server.example.com' #{error_message.collect {|k,v| "#{k}='#{v}'"}.join(' ')}"
|
66
|
-
end
|
67
|
-
end
|
68
|
-
|
69
|
-
context "when neither redirect_uri nor realm isn't given" do
|
70
|
-
before do
|
71
|
-
@params = {
|
72
|
-
:error => :invalid_request,
|
73
|
-
:error_description => "Something invalid!!"
|
74
|
-
}
|
75
|
-
@error = Rack::OAuth2::Server::Error.new(400, @params[:error], @params[:error_description])
|
76
|
-
end
|
77
|
-
|
78
|
-
it "should return failure response with error message in json body" do
|
79
|
-
status, header, response = @error.finish
|
80
|
-
status.should === 400
|
81
|
-
response.body.to_s.should == @params.to_json
|
82
|
-
end
|
83
|
-
|
84
|
-
end
|
85
|
-
|
86
|
-
end
|
87
|
-
|
88
|
-
describe Rack::OAuth2::Server::BadRequest do
|
89
|
-
it "should use 400 as status" do
|
90
|
-
error = Rack::OAuth2::Server::BadRequest.new(:invalid_request)
|
91
|
-
error.status.should == 400
|
92
|
-
end
|
93
|
-
end
|
94
|
-
|
95
|
-
describe Rack::OAuth2::Server::Unauthorized do
|
96
|
-
it "should use 401 as status" do
|
97
|
-
error = Rack::OAuth2::Server::Unauthorized.new(:invalid_request)
|
98
|
-
error.status.should == 401
|
99
|
-
end
|
100
|
-
end
|
101
|
-
|
102
|
-
describe Rack::OAuth2::Server::Forbidden do
|
103
|
-
it "should use 403 as status" do
|
104
|
-
error = Rack::OAuth2::Server::Forbidden.new(:invalid_request)
|
105
|
-
error.status.should == 403
|
106
|
-
end
|
107
|
-
end
|
@@ -1,141 +0,0 @@
|
|
1
|
-
require 'spec_helper.rb'
|
2
|
-
|
3
|
-
describe Rack::OAuth2::Server::Resource do
|
4
|
-
it "should support realm" do
|
5
|
-
app = Rack::OAuth2::Server::Resource.new(simple_app, "server.example.com")
|
6
|
-
app.realm.should == "server.example.com"
|
7
|
-
end
|
8
|
-
end
|
9
|
-
|
10
|
-
describe Rack::OAuth2::Server::Resource, '#call' do
|
11
|
-
|
12
|
-
before do
|
13
|
-
@app = Rack::OAuth2::Server::Resource.new(simple_app, "server.example.com") do |request|
|
14
|
-
case request.access_token
|
15
|
-
when "valid_token"
|
16
|
-
# nothing to do
|
17
|
-
when "insufficient_scope_token"
|
18
|
-
request.insufficient_scope!("More scope is required.")
|
19
|
-
when "expired_token"
|
20
|
-
request.expired_token!("Given access token has been expired.")
|
21
|
-
else
|
22
|
-
request.invalid_token!("Given access token is invalid.")
|
23
|
-
end
|
24
|
-
end
|
25
|
-
@request = Rack::MockRequest.new @app
|
26
|
-
end
|
27
|
-
|
28
|
-
context "when no access token is given" do
|
29
|
-
it "should skip OAuth 2.0 authentication" do
|
30
|
-
env = Rack::MockRequest.env_for("/protected_resource")
|
31
|
-
status, header, response = @app.call(env)
|
32
|
-
status.should == 200
|
33
|
-
env[Rack::OAuth2::ACCESS_TOKEN].should be_nil
|
34
|
-
end
|
35
|
-
end
|
36
|
-
|
37
|
-
context "when valid_token is given" do
|
38
|
-
it "should succeed" do
|
39
|
-
response = @request.get("/protected_resource?oauth_token=valid_token")
|
40
|
-
response.status.should == 200
|
41
|
-
end
|
42
|
-
|
43
|
-
it "should store access token in env" do
|
44
|
-
env = Rack::MockRequest.env_for("/protected_resource?oauth_token=valid_token")
|
45
|
-
@app.call(env)
|
46
|
-
env[Rack::OAuth2::ACCESS_TOKEN].should == "valid_token"
|
47
|
-
end
|
48
|
-
|
49
|
-
context "when Authorization header is used" do
|
50
|
-
it "should be accepted" do
|
51
|
-
env = Rack::MockRequest.env_for("/protected_resource", "HTTP_AUTHORIZATION" => "OAuth valid_token")
|
52
|
-
status, header, response = @app.call(env)
|
53
|
-
status.should == 200
|
54
|
-
env[Rack::OAuth2::ACCESS_TOKEN].should == "valid_token"
|
55
|
-
end
|
56
|
-
end
|
57
|
-
|
58
|
-
context "when request body is used" do
|
59
|
-
it "should be accepted" do
|
60
|
-
env = Rack::MockRequest.env_for("/protected_resource", :params => {:oauth_token => "valid_token"})
|
61
|
-
status, header, response = @app.call(env)
|
62
|
-
status.should == 200
|
63
|
-
env[Rack::OAuth2::ACCESS_TOKEN].should == "valid_token"
|
64
|
-
end
|
65
|
-
end
|
66
|
-
end
|
67
|
-
|
68
|
-
context "when expired_token is given" do
|
69
|
-
it "should fail with expired_token error" do
|
70
|
-
response = @request.get("/protected_resource?oauth_token=expired_token")
|
71
|
-
response.status.should == 401
|
72
|
-
error_message = {
|
73
|
-
:error => :expired_token,
|
74
|
-
:error_description => "Given access token has been expired."
|
75
|
-
}
|
76
|
-
response.headers["WWW-Authenticate"].should == "OAuth realm='server.example.com' #{error_message.collect {|k,v| "#{k}='#{v}'"}.join(' ')}"
|
77
|
-
end
|
78
|
-
|
79
|
-
it "should not store access token in env" do
|
80
|
-
env = Rack::MockRequest.env_for("/protected_resource?oauth_token=expired_token")
|
81
|
-
@app.call(env)
|
82
|
-
env[Rack::OAuth2::ACCESS_TOKEN].should be_nil
|
83
|
-
end
|
84
|
-
end
|
85
|
-
|
86
|
-
context "when expired_token is given" do
|
87
|
-
it "should fail with invalid_token error" do
|
88
|
-
response = @request.get("/protected_resource?oauth_token=invalid_token")
|
89
|
-
response.status.should == 401
|
90
|
-
error_message = {
|
91
|
-
:error => :invalid_token,
|
92
|
-
:error_description => "Given access token is invalid."
|
93
|
-
}
|
94
|
-
response.headers["WWW-Authenticate"].should == "OAuth realm='server.example.com' #{error_message.collect {|k,v| "#{k}='#{v}'"}.join(' ')}"
|
95
|
-
end
|
96
|
-
|
97
|
-
it "should not store access token in env" do
|
98
|
-
env = Rack::MockRequest.env_for("/protected_resource?oauth_token=invalid_token")
|
99
|
-
@app.call(env)
|
100
|
-
env[Rack::OAuth2::ACCESS_TOKEN].should be_nil
|
101
|
-
end
|
102
|
-
end
|
103
|
-
|
104
|
-
context "when multiple access_token is given" do
|
105
|
-
it "should fail with invalid_request error" do
|
106
|
-
response = @request.get("/protected_resource?oauth_token=invalid_token", "HTTP_AUTHORIZATION" => "OAuth valid_token")
|
107
|
-
response.status.should == 400
|
108
|
-
error_message = {
|
109
|
-
:error => :invalid_request,
|
110
|
-
:error_description => "Both Authorization header and payload includes oauth_token."
|
111
|
-
}
|
112
|
-
response.headers["WWW-Authenticate"].should == "OAuth realm='server.example.com' #{error_message.collect {|k,v| "#{k}='#{v}'"}.join(' ')}"
|
113
|
-
end
|
114
|
-
end
|
115
|
-
|
116
|
-
context "when OAuth 1.0 Authorization header is given" do
|
117
|
-
it "should ignore the OAuth params" do
|
118
|
-
env = Rack::MockRequest.env_for("/protected_resource", "HTTP_AUTHORIZATION" => "OAuth realm='server.example.com' oauth_consumer_key='key' oauth_token='token' oauth_signature_method='HMAC-SHA1' oauth_signature='sig' oauth_timestamp='123456789' oauth_nonce='nonce'")
|
119
|
-
status, header, body = @app.call(env)
|
120
|
-
status.should == 200
|
121
|
-
env[Rack::OAuth2::ACCESS_TOKEN].should be_nil
|
122
|
-
end
|
123
|
-
end
|
124
|
-
|
125
|
-
context "when OAuth 1.0 params is given" do
|
126
|
-
it "should ignore the OAuth params" do
|
127
|
-
env = Rack::MockRequest.env_for("/protected_resource", :params => {
|
128
|
-
:oauth_consumer_key => "key",
|
129
|
-
:oauth_token => "token",
|
130
|
-
:oauth_signature_method => "HMAC-SHA1",
|
131
|
-
:oauth_signature => "sig",
|
132
|
-
:oauth_timestamp => 123456789,
|
133
|
-
:oauth_nonce => "nonce"
|
134
|
-
})
|
135
|
-
status, header, body = @app.call(env)
|
136
|
-
status.should == 200
|
137
|
-
env[Rack::OAuth2::ACCESS_TOKEN].should be_nil
|
138
|
-
end
|
139
|
-
end
|
140
|
-
|
141
|
-
end
|
@@ -1,56 +0,0 @@
|
|
1
|
-
require 'spec_helper.rb'
|
2
|
-
|
3
|
-
describe Rack::OAuth2::Server::Token::Assertion do
|
4
|
-
|
5
|
-
context "when valid assertion is given" do
|
6
|
-
|
7
|
-
before do
|
8
|
-
@app = Rack::OAuth2::Server::Token.new(simple_app) do |request, response|
|
9
|
-
response.access_token = "access_token"
|
10
|
-
end
|
11
|
-
@request = Rack::MockRequest.new @app
|
12
|
-
end
|
13
|
-
|
14
|
-
it "should return access_token as json response body" do
|
15
|
-
response = @request.post("/", :params => {
|
16
|
-
:grant_type => "assertion",
|
17
|
-
:client_id => "valid_client",
|
18
|
-
:assertion => "valid_assertion",
|
19
|
-
:assertion_type => "something"
|
20
|
-
})
|
21
|
-
response.status.should == 200
|
22
|
-
response.content_type.should == "application/json"
|
23
|
-
response.body.should == {
|
24
|
-
:access_token => "access_token"
|
25
|
-
}.to_json
|
26
|
-
end
|
27
|
-
|
28
|
-
end
|
29
|
-
|
30
|
-
context "when invalid assertion is given" do
|
31
|
-
|
32
|
-
before do
|
33
|
-
@app = Rack::OAuth2::Server::Token.new(simple_app) do |request, response|
|
34
|
-
request.invalid_grant! 'Invalid assertion.'
|
35
|
-
end
|
36
|
-
@request = Rack::MockRequest.new @app
|
37
|
-
end
|
38
|
-
|
39
|
-
it "should return error message as json response body" do
|
40
|
-
response = @request.post("/", :params => {
|
41
|
-
:grant_type => "assertion",
|
42
|
-
:client_id => "valid_client",
|
43
|
-
:assertion => "invalid_assertion",
|
44
|
-
:assertion_type => "something"
|
45
|
-
})
|
46
|
-
response.status.should == 400
|
47
|
-
response.content_type.should == "application/json"
|
48
|
-
response.body.should == {
|
49
|
-
:error => :invalid_grant,
|
50
|
-
:error_description => "Invalid assertion."
|
51
|
-
}.to_json
|
52
|
-
end
|
53
|
-
|
54
|
-
end
|
55
|
-
|
56
|
-
end
|