rack-oauth2 0.5.1 → 0.6.0.alpha

data/spec/rack/oauth2/server/resource/mac/error_spec.rb

@@ -0,0 +1,52 @@
+require 'spec_helper.rb'
+
+describe Rack::OAuth2::Server::Resource::MAC::Unauthorized do
+  let(:error) { Rack::OAuth2::Server::Resource::MAC::Unauthorized.new(:invalid_token) }
+
+  it { should be_a Rack::OAuth2::Server::Resource::Unauthorized }
+
+  describe '#scheme' do
+    subject { error }
+    its(:scheme) { should == :MAC }
+  end
+
+  describe '#finish' do
+    it 'should use MAC scheme' do
+      status, header, response = error.finish
+      header['WWW-Authenticate'].should =~ /^MAC /
+    end
+  end
+end
+
+describe Rack::OAuth2::Server::Resource::MAC::ErrorMethods do
+  let(:unauthorized)        { Rack::OAuth2::Server::Resource::MAC::Unauthorized }
+  let(:redirect_uri)        { 'http://client.example.com/callback' }
+  let(:default_description) { Rack::OAuth2::Server::Resource::ErrorMethods::DEFAULT_DESCRIPTION }
+  let(:env)                 { Rack::MockRequest.env_for("/authorize?client_id=client_id") }
+  let(:request)             { Rack::OAuth2::Server::Resource::MAC::Request.new env }
+
+  describe 'unauthorized!' do
+    it do
+      expect { request.unauthorized! :invalid_client }.should raise_error unauthorized
+    end
+  end
+
+  Rack::OAuth2::Server::Resource::Bearer::ErrorMethods::DEFAULT_DESCRIPTION.keys.each do |error_code|
+    method = "#{error_code}!"
+    case error_code
+    when :invalid_request
+      # ignore
+    when :insufficient_scope
+      # ignore
+    else
+      describe method do
+        it "should raise Rack::OAuth2::Server::Resource::Bearer::Unauthorized with error = :#{error_code}" do
+          expect { request.send method }.should raise_error(unauthorized) { |error|
+            error.error.should       == error_code
+            error.description.should == default_description[error_code]
+          }
+        end
+      end
+    end
+  end
+end

data/spec/rack/oauth2/server/resource/mac_spec.rb

@@ -0,0 +1,92 @@
+require 'spec_helper.rb'
+
+describe Rack::OAuth2::Server::Resource::MAC do
+  let(:app) do
+    Rack::OAuth2::Server::Resource::MAC.new(simple_app) do |request|
+      case request.access_token
+      when 'valid_token'
+        # nothing to do
+      when 'insufficient_scope_token'
+        request.insufficient_scope!
+      else
+        request.invalid_token!
+      end
+    end
+  end
+  let(:access_token) { env[Rack::OAuth2::Server::Resource::ACCESS_TOKEN] }
+  let(:request) { app.call(env) }
+  subject { app.call(env) }
+
+  shared_examples_for :non_mac_request do
+    it 'should skip OAuth 2.0 authentication' do
+      status, header, response = request
+      status.should == 200
+      access_token.should be_nil
+    end
+  end
+  shared_examples_for :authenticated_mac_request do
+    it 'should be authenticated' do
+      status, header, response = request
+      status.should == 200
+      access_token.should == 'valid_token'
+    end
+  end
+  shared_examples_for :unauthorized_mac_request do
+    it 'should be unauthorized' do
+      status, header, response = request
+      status.should == 401
+      header['WWW-Authenticate'].should include 'MAC'
+      access_token.should be_nil
+    end
+  end
+  shared_examples_for :bad_mac_request do
+    it 'should be unauthorized' do
+      status, header, response = request
+      status.should == 400
+      access_token.should be_nil
+    end
+  end
+
+  context 'when no access token is given' do
+    let(:env) { Rack::MockRequest.env_for('/protected_resource') }
+    it 'should skip OAuth 2.0 authentication' do
+      status, header, response = request
+      status.should == 200
+      access_token.should be_nil
+    end
+  end
+
+  context 'when valid_token is given' do
+    let(:env) { Rack::MockRequest.env_for('/protected_resource', 'HTTP_AUTHORIZATION' => 'MAC token="valid_token"') }
+    it_behaves_like :authenticated_mac_request
+  end
+
+  context 'when invalid_token is given' do
+    let(:env) { Rack::MockRequest.env_for('/protected_resource', 'HTTP_AUTHORIZATION' => 'MAC token="invalid_token"') }
+    it_behaves_like :unauthorized_mac_request
+
+    describe 'realm' do
+      let(:env) { Rack::MockRequest.env_for('/protected_resource', 'HTTP_AUTHORIZATION' => 'MAC token="invalid_token"') }
+
+      context 'when specified' do
+        let(:realm) { 'server.example.com' }
+        let(:app) do
+          Rack::OAuth2::Server::Resource::MAC.new(simple_app, realm) do |request|
+            request.unauthorized!
+          end
+        end
+        it 'should use specified realm' do
+          status, header, response = request
+          header['WWW-Authenticate'].should include "MAC realm=\"#{realm}\""
+        end
+      end
+
+      context 'otherwize' do
+        it 'should use default realm' do
+          status, header, response = request
+          header['WWW-Authenticate'].should include "MAC realm=\"#{Rack::OAuth2::Server::Resource::DEFAULT_REALM}\""
+        end
+      end
+    end
+  end
+end

data/spec/rack/oauth2/server/resource_spec.rb

@@ -0,0 +1,23 @@
+require 'spec_helper.rb'
+
+describe Rack::OAuth2::Server::Resource do
+  subject { Rack::OAuth2::Server::Resource.new(simple_app, 'realm') }
+  its(:realm) { should == 'realm' }
+end
+
+describe Rack::OAuth2::Server::Resource::Request do
+  let(:env) { Rack::MockRequest.env_for('/protected_resource') }
+  let(:request) { Rack::OAuth2::Server::Resource::Request.new(env) }
+
+  describe '#setup!' do
+    it do
+      expect { request.setup! }.should raise_error(RuntimeError, 'Define me!')
+    end
+  end
+
+  describe '#oauth2?' do
+    it do
+      expect { request.oauth2? }.should raise_error(RuntimeError, 'Define me!')
+    end
+  end
+end

data/spec/rack/oauth2/server/token/authorization_code_spec.rb

@@ -4,8 +4,7 @@ describe Rack::OAuth2::Server::Token::AuthorizationCode do
   let(:request) { Rack::MockRequest.new app }
   let(:app) do
     Rack::OAuth2::Server::Token.new do |request, response|
-      response.access_token = 'access_token'
-      response.token_type = :bearer
+      response.access_token = Rack::OAuth2::AccessToken::Bearer.new(:access_token => 'access_token')
     end
   end
   let(:params) do

data/spec/rack/oauth2/server/token/client_credentials_spec.rb

@@ -4,8 +4,7 @@ describe Rack::OAuth2::Server::Token::ClientCredentials do
   let(:request) { Rack::MockRequest.new app }
   let(:app) do
     Rack::OAuth2::Server::Token.new do |request, response|
-      response.access_token = 'access_token'
-      response.token_type = :bearer
+      response.access_token = Rack::OAuth2::AccessToken::Bearer.new(:access_token => 'access_token')
     end
   end
   let(:params) do

data/spec/rack/oauth2/server/token/password_spec.rb

@@ -4,8 +4,7 @@ describe Rack::OAuth2::Server::Token::Password do
   let(:request) { Rack::MockRequest.new app }
   let(:app) do
     Rack::OAuth2::Server::Token.new do |request, response|
-      response.access_token = 'access_token'
-      response.token_type = :bearer
+      response.access_token = Rack::OAuth2::AccessToken::Bearer.new(:access_token => 'access_token')
     end
   end
   let(:params) do

data/spec/rack/oauth2/server/token/refresh_token_spec.rb

@@ -4,8 +4,7 @@ describe Rack::OAuth2::Server::Token::RefreshToken do
   let(:request) { Rack::MockRequest.new app }
   let(:app) do
     Rack::OAuth2::Server::Token.new do |request, response|
-      response.access_token = 'access_token'
-      response.token_type = :bearer
+      response.access_token = Rack::OAuth2::AccessToken::Bearer.new(:access_token => 'access_token')
     end
   end
   let(:params) do

data/spec/rack/oauth2/server/token_spec.rb

@@ -5,8 +5,7 @@ describe Rack::OAuth2::Server::Token do
   let(:request) { Rack::MockRequest.new app }
   let(:app) do
     Rack::OAuth2::Server::Token.new do |request, response|
-      response.access_token = 'access_token'
-      response.token_type = :bearer
+      response.access_token = Rack::OAuth2::AccessToken::Bearer.new(:access_token => 'access_token')
     end
   end
   let(:params) do

data/spec/rack/oauth2/util_spec.rb

@@ -9,6 +9,16 @@ describe Rack::OAuth2::Util do
     'http://client.example.com/callback'
   end
 
+  describe '.rfc3986_encode' do
+    subject { util.rfc3986_encode '=+ .-/' }
+    it { should == '%3D%2B%20.-%2F' }
+  end
+
+  describe '.base64_encode' do
+    subject { util.base64_encode '=+ .-/' }
+    it { should == 'PSsgLi0v' }
+  end
+
   describe '.compact_hash' do
     subject { util.compact_hash :k1 => 'v1', :k2 => '', :k3 => nil }
     it { should == {:k1 => 'v1'} }

data/spec/spec_helper.rb

@@ -4,6 +4,7 @@ $LOAD_PATH.unshift(File.join(File.dirname(__FILE__), '..', 'lib'))
 require 'rack/oauth2'
 require 'rspec'
 require 'fakeweb'
+require 'helpers/time'
 
 def simple_app
   lambda do |env|

metadata

@@ -1,13 +1,14 @@
 --- !ruby/object:Gem::Specification 
 name: rack-oauth2
 version: !ruby/object:Gem::Version 
-  hash: 9
-  prerelease: 
+  hash: -1851332210
+  prerelease: 6
   segments: 
   - 0
-  - 5
-  - 1
-  version: 0.5.1
+  - 6
+  - 0
+  - alpha
+  version: 0.6.0.alpha
 platform: ruby
 authors: 
 - nov matake
@@ -15,7 +16,7 @@ autorequire:
 bindir: bin
 cert_chain: []
 
-date: 2011-04-15 00:00:00 +09:00
+date: 2011-04-20 00:00:00 +09:00
 default_executable: 
 dependencies: 
 - !ruby/object:Gem::Dependency 
@@ -186,6 +187,12 @@ files:
 - Rakefile
 - VERSION
 - lib/rack/oauth2.rb
+- lib/rack/oauth2/access_token.rb
+- lib/rack/oauth2/access_token/bearer.rb
+- lib/rack/oauth2/access_token/mac.rb
+- lib/rack/oauth2/access_token/mac/body_hash.rb
+- lib/rack/oauth2/access_token/mac/signature.rb
+- lib/rack/oauth2/access_token/mac/verifier.rb
 - lib/rack/oauth2/client.rb
 - lib/rack/oauth2/client/error.rb
 - lib/rack/oauth2/client/grant.rb
@@ -206,6 +213,9 @@ files:
 - lib/rack/oauth2/server/resource.rb
 - lib/rack/oauth2/server/resource/bearer.rb
 - lib/rack/oauth2/server/resource/bearer/error.rb
+- lib/rack/oauth2/server/resource/error.rb
+- lib/rack/oauth2/server/resource/mac.rb
+- lib/rack/oauth2/server/resource/mac/error.rb
 - lib/rack/oauth2/server/token.rb
 - lib/rack/oauth2/server/token/authorization_code.rb
 - lib/rack/oauth2/server/token/client_credentials.rb
@@ -214,8 +224,15 @@ files:
 - lib/rack/oauth2/server/token/refresh_token.rb
 - lib/rack/oauth2/util.rb
 - rack-oauth2.gemspec
+- spec/fake_response/facebook_token_response.txt
 - spec/fake_response/invalid_request.json
+- spec/fake_response/resources/fake.txt
 - spec/fake_response/token.json
+- spec/helpers/time.rb
+- spec/rack/oauth2/access_token/bearer_spec.rb
+- spec/rack/oauth2/access_token/mac/verifier_spec.rb
+- spec/rack/oauth2/access_token/mac_spec.rb
+- spec/rack/oauth2/access_token_spec.rb
 - spec/rack/oauth2/client/error_spec.rb
 - spec/rack/oauth2/client_spec.rb
 - spec/rack/oauth2/server/abstract/error_spec.rb
@@ -225,6 +242,10 @@ files:
 - spec/rack/oauth2/server/authorize_spec.rb
 - spec/rack/oauth2/server/resource/bearer/error_spec.rb
 - spec/rack/oauth2/server/resource/bearer_spec.rb
+- spec/rack/oauth2/server/resource/error_spec.rb
+- spec/rack/oauth2/server/resource/mac/error_spec.rb
+- spec/rack/oauth2/server/resource/mac_spec.rb
+- spec/rack/oauth2/server/resource_spec.rb
 - spec/rack/oauth2/server/token/authorization_code_spec.rb
 - spec/rack/oauth2/server/token/client_credentials_spec.rb
 - spec/rack/oauth2/server/token/error_spec.rb
@@ -270,8 +291,15 @@ signing_key:
 specification_version: 3
 summary: Rack Middleware for OAuth2 server
 test_files: 
+- spec/fake_response/facebook_token_response.txt
 - spec/fake_response/invalid_request.json
+- spec/fake_response/resources/fake.txt
 - spec/fake_response/token.json
+- spec/helpers/time.rb
+- spec/rack/oauth2/access_token/bearer_spec.rb
+- spec/rack/oauth2/access_token/mac/verifier_spec.rb
+- spec/rack/oauth2/access_token/mac_spec.rb
+- spec/rack/oauth2/access_token_spec.rb
 - spec/rack/oauth2/client/error_spec.rb
 - spec/rack/oauth2/client_spec.rb
 - spec/rack/oauth2/server/abstract/error_spec.rb
@@ -281,6 +309,10 @@ test_files:
 - spec/rack/oauth2/server/authorize_spec.rb
 - spec/rack/oauth2/server/resource/bearer/error_spec.rb
 - spec/rack/oauth2/server/resource/bearer_spec.rb
+- spec/rack/oauth2/server/resource/error_spec.rb
+- spec/rack/oauth2/server/resource/mac/error_spec.rb
+- spec/rack/oauth2/server/resource/mac_spec.rb
+- spec/rack/oauth2/server/resource_spec.rb
 - spec/rack/oauth2/server/token/authorization_code_spec.rb
 - spec/rack/oauth2/server/token/client_credentials_spec.rb
 - spec/rack/oauth2/server/token/error_spec.rb