rack-oauth2 0.2.3 → 0.3.0.alpha

data/spec/rack/oauth2/server/error/resource_spec.rb

@@ -1,69 +0,0 @@
-require 'spec_helper.rb'
-
-describe Rack::OAuth2::Server::Resource::Request do
-  
-  before do
-    @request = Rack::OAuth2::Server::Resource::Request.new(
-      Rack::MockRequest.env_for("/resource", :params => {
-        :oauth_token => "oauth_token"
-      }), "server.example.com"
-    )
-  end
-
-  describe "#error!" do
-    it "should raise BadRequest error" do
-      lambda do
-        @request.error! :something
-      end.should raise_error(Rack::OAuth2::Server::Error) { |e|
-        e.status.should == 400
-        e.error.should == :something
-        e.description.should be_nil
-      }
-    end
-  end
-
-  describe "#invalid_request!" do
-    it "should raise BadRequest error" do
-      lambda do
-        @request.invalid_request!
-      end.should raise_error(Rack::OAuth2::Server::BadRequest) { |e|
-        e.error.should == :invalid_request
-        e.description.should == Rack::OAuth2::Server::Error::Resource::DEFAULT_DESCRIPTION[:invalid_request]
-      }
-    end
-  end
-
-  describe "#invalid_token!" do
-    it "should raise Unauthorized error" do
-      lambda do
-        @request.invalid_token!
-      end.should raise_error(Rack::OAuth2::Server::Unauthorized) { |e|
-        e.error.should == :invalid_token
-        e.description.should == Rack::OAuth2::Server::Error::Resource::DEFAULT_DESCRIPTION[:invalid_token]
-      }
-    end
-  end
-
-  describe "#expired_token!" do
-    it "should raise Unauthorized error" do
-      lambda do
-        @request.expired_token!
-      end.should raise_error(Rack::OAuth2::Server::Unauthorized) { |e|
-        e.error.should == :expired_token
-        e.description.should == Rack::OAuth2::Server::Error::Resource::DEFAULT_DESCRIPTION[:expired_token]
-      }
-    end
-  end
-
-  describe "#insufficient_scope!" do
-    it "should raise Forbidden error" do
-      lambda do
-        @request.insufficient_scope!
-      end.should raise_error(Rack::OAuth2::Server::Forbidden) { |e|
-        e.error.should == :insufficient_scope
-        e.description.should == Rack::OAuth2::Server::Error::Resource::DEFAULT_DESCRIPTION[:insufficient_scope]
-      }
-    end
-  end
-
-end

data/spec/rack/oauth2/server/error/token_spec.rb

@@ -1,115 +0,0 @@
-require 'spec_helper.rb'
-
-describe Rack::OAuth2::Server::Token::Request do
-  
-  before do
-    @request = Rack::OAuth2::Server::Token::Request.new(
-      Rack::MockRequest.env_for("/token", :params => {
-        :client_id => "client_id",
-        :grant_type => "authorization_code",
-        :code => "code"
-      })
-    )
-  end
-
-  describe "#error!" do
-    it "should raise BadRequest error" do
-      lambda do
-        @request.error! :something
-      end.should raise_error(Rack::OAuth2::Server::BadRequest) { |e|
-        e.error.should == :something
-        e.description.should be_nil
-      }
-    end
-  end
-
-  describe "#invalid_request!" do
-    it "should raise BadRequest error" do
-      lambda do
-        @request.invalid_request!
-      end.should raise_error(Rack::OAuth2::Server::BadRequest) { |e|
-        e.error.should == :invalid_request
-        e.description.should == Rack::OAuth2::Server::Error::Token::DEFAULT_DESCRIPTION[:invalid_request]
-      }
-    end
-  end
-
-  describe "#invalid_client!" do
-    it "should raise BadRequest error" do
-      lambda do
-        @request.invalid_client!
-      end.should raise_error(Rack::OAuth2::Server::BadRequest) { |e|
-        e.error.should == :invalid_client
-        e.description.should == Rack::OAuth2::Server::Error::Token::DEFAULT_DESCRIPTION[:invalid_client]
-      }
-    end
-
-    context "when Authorization header is used" do
-      it "should raise Unauthorized error" do
-        lambda do
-          @request.via_authorization_header = true
-          @request.invalid_client!
-        end.should raise_error(Rack::OAuth2::Server::Unauthorized) { |e|
-          e.error.should == :invalid_client
-          e.description.should == Rack::OAuth2::Server::Error::Token::DEFAULT_DESCRIPTION[:invalid_client]
-        }
-      end
-    end
-  end
-
-  describe "#unauthorized_client!" do
-    it "should raise BadRequest error" do
-      lambda do
-        @request.unauthorized_client!
-      end.should raise_error(Rack::OAuth2::Server::BadRequest) { |e|
-        e.error.should == :unauthorized_client
-        e.description.should == Rack::OAuth2::Server::Error::Token::DEFAULT_DESCRIPTION[:unauthorized_client]
-      }
-    end
-  end
-
-  describe "#invalid_grant!" do
-    it "should raise BadRequest error" do
-      lambda do
-        @request.invalid_grant!
-      end.should raise_error(Rack::OAuth2::Server::BadRequest) { |e|
-        e.error.should == :invalid_grant
-        e.description.should == Rack::OAuth2::Server::Error::Token::DEFAULT_DESCRIPTION[:invalid_grant]
-      }
-    end
-  end
-
-  describe "#unsupported_grant_type!" do
-    it "should raise BadRequest error" do
-      lambda do
-        @request.unsupported_grant_type!
-      end.should raise_error(Rack::OAuth2::Server::BadRequest) { |e|
-        e.error.should == :unsupported_grant_type
-        e.description.should == Rack::OAuth2::Server::Error::Token::DEFAULT_DESCRIPTION[:unsupported_grant_type]
-      }
-    end
-  end
-
-  describe "#unsupported_response_type!" do
-    it "should raise BadRequest error" do
-      lambda do
-        @request.unsupported_response_type!
-      end.should raise_error(Rack::OAuth2::Server::BadRequest) { |e|
-        e.error.should == :unsupported_response_type
-        e.description.should == Rack::OAuth2::Server::Error::Token::DEFAULT_DESCRIPTION[:unsupported_response_type]
-      }
-    end
-  end
-
-  describe "#invalid_scope!" do
-    it "should raise BadRequest error" do
-      lambda do
-        @request.invalid_scope!
-      end.should raise_error(Rack::OAuth2::Server::BadRequest) { |e|
-        e.error.should == :invalid_scope
-        e.description.should == Rack::OAuth2::Server::Error::Token::DEFAULT_DESCRIPTION[:invalid_scope]
-      }
-    end
-  end
-
-end

data/spec/rack/oauth2/server/error_spec.rb

@@ -1,107 +0,0 @@
-require 'spec_helper.rb'
-
-describe Rack::OAuth2::Server::Error, '#finish' do
-
-  context "when state is given" do
-    it "should return state as error response" do
-      error = Rack::OAuth2::Server::Error.new(400, :invalid_request, "Something Invalid!!", :state => "anything")
-      status, header, response = error.finish
-      response.body.to_s.should match("\"state\":\"anything\"")
-    end
-  end
-
-  context "when redirect_uri is given" do
-    before do
-      @params = {
-        :error => :invalid_request,
-        :error_description => "Something invalid!!",
-        :redirect_uri => "http://client.example.com"
-      }
-      @error = Rack::OAuth2::Server::Error.new(400, @params[:error], @params[:error_description], :redirect_uri => @params[:redirect_uri])
-    end
-
-    it "should redirect to redirect_uri with error message in query string" do
-      status, header, response = @error.finish
-      status.should == 302
-      header['Content-Type'].should == "text/html"
-      header['Location'].should == "#{@params.delete(:redirect_uri)}?#{@params.to_query}"
-    end
-
-    context "when redirect_uri already includes query" do
-      before do
-        @params = {
-          :error => :invalid_request,
-          :error_description => "Something invalid!!",
-          :redirect_uri => "http://client.example.com?k=v"
-        }
-        @error = Rack::OAuth2::Server::Error.new(400, @params[:error], @params[:error_description], :redirect_uri => @params[:redirect_uri])
-      end
-
-      it "should keep original query" do
-        status, header, response = @error.finish
-        status.should == 302
-        header['Content-Type'].should == "text/html"
-        header['Location'].should == "#{@params.delete(:redirect_uri)}&#{@params.to_query}"
-      end
-    end
-  end
-
-  context "when realm is given" do
-    before do
-      @params = {
-        :error => :invalid_request,
-        :error_description => "Something invalid!!"
-      }
-      @error = Rack::OAuth2::Server::Error.new(401, @params[:error], @params[:error_description], :realm => "server.example.com")
-    end
-
-    it "should return failure response with error message in WWW-Authenticate header" do
-      status, header, response = @error.finish
-      status.should === 401
-      error_message = {
-        :error => "invalid_request",
-        :error_description => "Something invalid!!"
-      }
-      header['WWW-Authenticate'].should == "OAuth realm='server.example.com' #{error_message.collect {|k,v| "#{k}='#{v}'"}.join(' ')}"
-    end
-  end
-
-  context "when neither redirect_uri nor realm isn't given" do
-    before do
-      @params = {
-        :error => :invalid_request,
-        :error_description => "Something invalid!!"
-      }
-      @error = Rack::OAuth2::Server::Error.new(400, @params[:error], @params[:error_description])
-    end
-
-    it "should return failure response with error message in json body" do
-      status, header, response = @error.finish
-      status.should === 400
-      response.body.to_s.should == @params.to_json
-    end
-    
-  end
-
-end
-
-describe Rack::OAuth2::Server::BadRequest do
-  it "should use 400 as status" do
-    error = Rack::OAuth2::Server::BadRequest.new(:invalid_request)
-    error.status.should == 400
-  end
-end
-
-describe Rack::OAuth2::Server::Unauthorized do
-  it "should use 401 as status" do
-    error = Rack::OAuth2::Server::Unauthorized.new(:invalid_request)
-    error.status.should == 401
-  end
-end
-
-describe Rack::OAuth2::Server::Forbidden do
-  it "should use 403 as status" do
-    error = Rack::OAuth2::Server::Forbidden.new(:invalid_request)
-    error.status.should == 403
-  end
-end

data/spec/rack/oauth2/server/resource_spec.rb

@@ -1,141 +0,0 @@
-require 'spec_helper.rb'
-
-describe Rack::OAuth2::Server::Resource do
-  it "should support realm" do
-    app = Rack::OAuth2::Server::Resource.new(simple_app, "server.example.com")
-    app.realm.should == "server.example.com"
-  end
-end
-
-describe Rack::OAuth2::Server::Resource, '#call' do
-
-  before do
-    @app = Rack::OAuth2::Server::Resource.new(simple_app, "server.example.com") do |request|
-      case request.access_token
-      when "valid_token"
-        # nothing to do
-      when "insufficient_scope_token"
-        request.insufficient_scope!("More scope is required.")
-      when "expired_token"
-        request.expired_token!("Given access token has been expired.")
-      else
-        request.invalid_token!("Given access token is invalid.")
-      end
-    end
-    @request = Rack::MockRequest.new @app
-  end
-
-  context "when no access token is given" do
-    it "should skip OAuth 2.0 authentication" do
-      env = Rack::MockRequest.env_for("/protected_resource")
-      status, header, response = @app.call(env)
-      status.should == 200
-      env[Rack::OAuth2::ACCESS_TOKEN].should be_nil
-    end
-  end
-
-  context "when valid_token is given" do
-    it "should succeed" do
-      response = @request.get("/protected_resource?oauth_token=valid_token")
-      response.status.should == 200
-    end
-
-    it "should store access token in env" do
-      env = Rack::MockRequest.env_for("/protected_resource?oauth_token=valid_token")
-      @app.call(env)
-      env[Rack::OAuth2::ACCESS_TOKEN].should == "valid_token"
-    end
-
-    context "when Authorization header is used" do
-      it "should be accepted" do
-        env = Rack::MockRequest.env_for("/protected_resource", "HTTP_AUTHORIZATION" => "OAuth valid_token")
-        status, header, response = @app.call(env)
-        status.should == 200
-        env[Rack::OAuth2::ACCESS_TOKEN].should == "valid_token"
-      end
-    end
-
-    context "when request body is used" do
-      it "should be accepted" do
-        env = Rack::MockRequest.env_for("/protected_resource", :params => {:oauth_token => "valid_token"})
-        status, header, response = @app.call(env)
-        status.should == 200
-        env[Rack::OAuth2::ACCESS_TOKEN].should == "valid_token"
-      end
-    end
-  end
-
-  context "when expired_token is given" do
-    it "should fail with expired_token error" do
-      response = @request.get("/protected_resource?oauth_token=expired_token")
-      response.status.should == 401
-      error_message = {
-        :error => :expired_token,
-        :error_description => "Given access token has been expired."
-      }
-      response.headers["WWW-Authenticate"].should == "OAuth realm='server.example.com' #{error_message.collect {|k,v| "#{k}='#{v}'"}.join(' ')}"
-    end
-
-    it "should not store access token in env" do
-      env = Rack::MockRequest.env_for("/protected_resource?oauth_token=expired_token")
-      @app.call(env)
-      env[Rack::OAuth2::ACCESS_TOKEN].should be_nil
-    end
-  end
-
-  context "when expired_token is given" do
-    it "should fail with invalid_token error" do
-      response = @request.get("/protected_resource?oauth_token=invalid_token")
-      response.status.should == 401
-      error_message = {
-        :error => :invalid_token,
-        :error_description => "Given access token is invalid."
-      }
-      response.headers["WWW-Authenticate"].should == "OAuth realm='server.example.com' #{error_message.collect {|k,v| "#{k}='#{v}'"}.join(' ')}"
-    end
-
-    it "should not store access token in env" do
-      env = Rack::MockRequest.env_for("/protected_resource?oauth_token=invalid_token")
-      @app.call(env)
-      env[Rack::OAuth2::ACCESS_TOKEN].should be_nil
-    end
-  end
-
-  context "when multiple access_token is given" do
-    it "should fail with invalid_request error" do
-      response = @request.get("/protected_resource?oauth_token=invalid_token", "HTTP_AUTHORIZATION" => "OAuth valid_token")
-      response.status.should == 400
-      error_message = {
-        :error => :invalid_request,
-        :error_description => "Both Authorization header and payload includes oauth_token."
-      }
-      response.headers["WWW-Authenticate"].should == "OAuth realm='server.example.com' #{error_message.collect {|k,v| "#{k}='#{v}'"}.join(' ')}"
-    end
-  end
-
-  context "when OAuth 1.0 Authorization header is given" do
-    it "should ignore the OAuth params" do
-      env = Rack::MockRequest.env_for("/protected_resource", "HTTP_AUTHORIZATION" => "OAuth realm='server.example.com' oauth_consumer_key='key' oauth_token='token' oauth_signature_method='HMAC-SHA1' oauth_signature='sig' oauth_timestamp='123456789' oauth_nonce='nonce'")
-      status, header, body = @app.call(env)
-      status.should == 200
-      env[Rack::OAuth2::ACCESS_TOKEN].should be_nil
-    end
-  end
-
-  context "when OAuth 1.0 params is given" do
-    it "should ignore the OAuth params" do
-      env = Rack::MockRequest.env_for("/protected_resource", :params => {
-        :oauth_consumer_key => "key",
-        :oauth_token => "token",
-        :oauth_signature_method => "HMAC-SHA1",
-        :oauth_signature => "sig",
-        :oauth_timestamp => 123456789,
-        :oauth_nonce => "nonce"
-      })
-      status, header, body = @app.call(env)
-      status.should == 200
-      env[Rack::OAuth2::ACCESS_TOKEN].should be_nil
-    end
-  end
-
-end

data/spec/rack/oauth2/server/token/assertion_spec.rb

@@ -1,56 +0,0 @@
-require 'spec_helper.rb'
-
-describe Rack::OAuth2::Server::Token::Assertion do
-
-  context "when valid assertion is given" do
-
-    before do
-      @app = Rack::OAuth2::Server::Token.new(simple_app) do |request, response|
-        response.access_token = "access_token"
-      end
-      @request = Rack::MockRequest.new @app
-    end
-
-    it "should return access_token as json response body" do
-      response = @request.post("/", :params => {
-        :grant_type => "assertion",
-        :client_id => "valid_client",
-        :assertion => "valid_assertion",
-        :assertion_type => "something"
-      })
-      response.status.should == 200
-      response.content_type.should == "application/json"
-      response.body.should == {
-        :access_token => "access_token"
-      }.to_json
-    end
-
-  end
-
-  context "when invalid assertion is given" do
-
-    before do
-      @app = Rack::OAuth2::Server::Token.new(simple_app) do |request, response|
-        request.invalid_grant! 'Invalid assertion.'
-      end
-      @request = Rack::MockRequest.new @app
-    end
-
-    it "should return error message as json response body" do
-      response = @request.post("/", :params => {
-        :grant_type => "assertion",
-        :client_id => "valid_client",
-        :assertion => "invalid_assertion",
-        :assertion_type => "something"
-      })
-      response.status.should == 400
-      response.content_type.should == "application/json"
-      response.body.should == {
-        :error => :invalid_grant,
-        :error_description => "Invalid assertion."
-      }.to_json
-    end
-
-  end
-
-end