rack-oauth2 1.1.1 → 1.2.0

data/spec/rack/oauth2/access_token/mac_spec.rb

@@ -4,19 +4,19 @@ describe Rack::OAuth2::AccessToken::MAC do
   let(:ts) { 1305820234 }
   let :token do
     Rack::OAuth2::AccessToken::MAC.new(
-      :access_token => 'access_token',
-      :mac_key => 'secret',
-      :mac_algorithm => 'hmac-sha-256',
-      :ts => ts
+      access_token: 'access_token',
+      mac_key: 'secret',
+      mac_algorithm: 'hmac-sha-256',
+      ts: ts
     )
   end
   let :token_with_ext_verifier do
     Rack::OAuth2::AccessToken::MAC.new(
-      :access_token => 'access_token',
-      :mac_key => 'secret',
-      :mac_algorithm => 'hmac-sha-256',
-      :ts => ts,
-      :ext_verifier => Rack::OAuth2::AccessToken::MAC::Sha256HexVerifier
+      access_token: 'access_token',
+      mac_key: 'secret',
+      mac_algorithm: 'hmac-sha-256',
+      ts: ts,
+      ext_verifier: Rack::OAuth2::AccessToken::MAC::Sha256HexVerifier
     )
   end
   let(:nonce) { '1000:51e74de734c05613f37520872e68db5f' }
@@ -27,13 +27,13 @@ describe Rack::OAuth2::AccessToken::MAC do
   its(:mac_algorithm) { should == 'hmac-sha-256' }
   its(:token_response) do
     should == {
-      :access_token => 'access_token',
-      :refresh_token => nil,
-      :token_type => :mac,
-      :expires_in => nil,
-      :scope => '',
-      :mac_key => 'secret',
-      :mac_algorithm => 'hmac-sha-256'
+      access_token: 'access_token',
+      refresh_token: nil,
+      token_type: :mac,
+      expires_in: nil,
+      scope: '',
+      mac_key: 'secret',
+      mac_algorithm: 'hmac-sha-256'
     }
   end
   its(:generate_nonce) { should be_a String }
@@ -72,9 +72,9 @@ describe Rack::OAuth2::AccessToken::MAC do
       let(:env) do
         Rack::MockRequest.env_for(
           '/protected_resources',
-          :method => :POST,
-          :params => {
-            :key1 => 'value1'
+          method: :POST,
+          params: {
+            key1: 'value1'
           },
           'HTTP_AUTHORIZATION' => %{MAC id="access_token", nonce="#{nonce}", ts="#{ts}", mac="#{signature}", ext="#{ext}"}
         )
@@ -116,7 +116,7 @@ describe Rack::OAuth2::AccessToken::MAC do
   end
 
   describe '.authenticate' do
-    let(:request) { HTTPClient.new.send(:create_request, :post, URI.parse(resource_endpoint), {}, {:hello => "world"}, {}) }
+    let(:request) { HTTPClient.new.send(:create_request, :post, URI.parse(resource_endpoint), {}, {hello: "world"}, {}) }
     context 'when no ext_verifier is given' do
       let(:signature) { 'pOBaL6HRawe4tUPmcU4vJEj1f2GJqrbQOlCcdAYgI/s=' }
 

data/spec/rack/oauth2/access_token_spec.rb

@@ -3,10 +3,10 @@ require 'spec_helper'
 describe Rack::OAuth2::AccessToken do
   let :token do
     Rack::OAuth2::AccessToken::Bearer.new(
-      :access_token => 'access_token',
-      :refresh_token => 'refresh_token',
-      :expires_in => 3600,
-      :scope => [:scope1, :scope2]
+      access_token: 'access_token',
+      refresh_token: 'refresh_token',
+      expires_in: 3600,
+      scope: [:scope1, :scope2]
     )
   end
   subject { token }
@@ -17,11 +17,11 @@ describe Rack::OAuth2::AccessToken do
   its(:scope)         { should == [:scope1, :scope2] }
   its(:token_response) do
     should == {
-      :token_type => :bearer,
-      :access_token => 'access_token',
-      :refresh_token => 'refresh_token',
-      :expires_in => 3600,
-      :scope => 'scope1 scope2'
+      token_type: :bearer,
+      access_token: 'access_token',
+      refresh_token: 'refresh_token',
+      expires_in: 3600,
+      scope: 'scope1 scope2'
     }
   end
 
@@ -29,9 +29,9 @@ describe Rack::OAuth2::AccessToken do
     it do
       expect do
         Rack::OAuth2::AccessToken::Bearer.new(
-          :refresh_token => 'refresh_token',
-          :expires_in => 3600,
-          :scope => [:scope1, :scope2]
+          refresh_token: 'refresh_token',
+          expires_in: 3600,
+          scope: [:scope1, :scope2]
         )
       end.to raise_error AttrRequired::AttrMissing
     end
@@ -41,7 +41,7 @@ describe Rack::OAuth2::AccessToken do
     it do
       expect do
         Rack::OAuth2::AccessToken::Bearer.new(
-          :access_token => 'access_token'
+          access_token: 'access_token'
         )
       end.not_to raise_error
     end
@@ -66,4 +66,4 @@ describe Rack::OAuth2::AccessToken do
       end
     end
   end
-end
+end

data/spec/rack/oauth2/client/error_spec.rb

@@ -3,9 +3,9 @@ require 'spec_helper.rb'
 describe Rack::OAuth2::Client::Error do
   let :error do
     {
-      :error => :invalid_request,
-      :error_description => 'Include invalid parameters',
-      :error_uri => 'http://server.example.com/error/invalid_request'
+      error: :invalid_request,
+      error_description: 'Include invalid parameters',
+      error_uri: 'http://server.example.com/error/invalid_request'
     }
   end
   subject do
@@ -15,4 +15,4 @@ describe Rack::OAuth2::Client::Error do
   its(:status)   { should == 400 }
   its(:message)  { should == error[:error_description] }
   its(:response) { should == error }
-end
+end

data/spec/rack/oauth2/client/grant/authorization_code_spec.rb

@@ -6,17 +6,17 @@ describe Rack::OAuth2::Client::Grant::AuthorizationCode do
 
   context 'when code is given' do
     let :attributes do
-      {:code => 'code'}
+      {code: 'code'}
     end
 
     context 'when redirect_uri is given' do
       let :attributes do
-        {:code => 'code', :redirect_uri => redirect_uri}
+        {code: 'code', redirect_uri: redirect_uri}
       end
       subject { grant.new attributes }
       its(:redirect_uri) { should == redirect_uri }
       its(:as_json) do
-        should == {:grant_type => :authorization_code, :code => 'code', :redirect_uri => redirect_uri}
+        should == {grant_type: :authorization_code, code: 'code', redirect_uri: redirect_uri}
       end
     end
 
@@ -24,7 +24,7 @@ describe Rack::OAuth2::Client::Grant::AuthorizationCode do
       subject { grant.new attributes }
       its(:redirect_uri) { should be_nil }
       its(:as_json) do
-        should == {:grant_type => :authorization_code, :code => 'code', :redirect_uri => nil}
+        should == {grant_type: :authorization_code, code: 'code', redirect_uri: nil}
       end
     end
   end
@@ -34,4 +34,4 @@ describe Rack::OAuth2::Client::Grant::AuthorizationCode do
       expect { grant.new }.to raise_error AttrRequired::AttrMissing
     end
   end
-end
+end

data/spec/rack/oauth2/client/grant/client_credentials_spec.rb

@@ -2,6 +2,6 @@ require 'spec_helper.rb'
 
 describe Rack::OAuth2::Client::Grant::ClientCredentials do
   its(:as_json) do
-    should == {:grant_type => :client_credentials}
+    should == {grant_type: :client_credentials}
   end
-end
+end

data/spec/rack/oauth2/client/grant/password_spec.rb

@@ -5,16 +5,16 @@ describe Rack::OAuth2::Client::Grant::Password do
 
   context 'when username is given' do
     let :attributes do
-      {:username => 'username'}
+      {username: 'username'}
     end
 
     context 'when password is given' do
       let :attributes do
-        {:username => 'username', :password => 'password'}
+        {username: 'username', password: 'password'}
       end
       subject { grant.new attributes }
       its(:as_json) do
-        should == {:grant_type => :password, :username => 'username', :password => 'password'}
+        should == {grant_type: :password, username: 'username', password: 'password'}
       end
     end
 
@@ -30,4 +30,4 @@ describe Rack::OAuth2::Client::Grant::Password do
       expect { grant.new }.to raise_error AttrRequired::AttrMissing
     end
   end
-end
+end

data/spec/rack/oauth2/client/grant/refresh_token_spec.rb

@@ -5,11 +5,11 @@ describe Rack::OAuth2::Client::Grant::RefreshToken do
 
   context 'when refresh_token is given' do
     let :attributes do
-      {:refresh_token => 'refresh_token'}
+      {refresh_token: 'refresh_token'}
     end
     subject { grant.new attributes }
     its(:as_json) do
-      should == {:grant_type => :refresh_token, :refresh_token => 'refresh_token'}
+      should == {grant_type: :refresh_token, refresh_token: 'refresh_token'}
     end
   end
 
@@ -18,4 +18,4 @@ describe Rack::OAuth2::Client::Grant::RefreshToken do
       expect { grant.new }.to raise_error AttrRequired::AttrMissing
     end
   end
-end
+end

data/spec/rack/oauth2/client_spec.rb

@@ -3,10 +3,10 @@ require 'spec_helper.rb'
 describe Rack::OAuth2::Client do
   let :client do
     Rack::OAuth2::Client.new(
-      :identifier => 'client_id',
-      :secret => 'client_secret',
-      :host => 'server.example.com',
-      :redirect_uri => 'https://client.example.com/callback'
+      identifier: 'client_id',
+      secret: 'client_secret',
+      host: 'server.example.com',
+      redirect_uri: 'https://client.example.com/callback'
     )
   end
   subject { client }
@@ -43,17 +43,17 @@ describe Rack::OAuth2::Client do
     end
 
     context 'when response_type is token' do
-      subject { client.authorization_uri(:response_type => :token) }
+      subject { client.authorization_uri(response_type: :token) }
       it { should include 'response_type=token' }
     end
 
     context 'when response_type is an Array' do
-      subject { client.authorization_uri(:response_type => [:token, :code]) }
+      subject { client.authorization_uri(response_type: [:token, :code]) }
       it { should include 'response_type=token+code' }
     end
 
     context 'when scope is given' do
-      subject { client.authorization_uri(:scope => [:scope1, :scope2]) }
+      subject { client.authorization_uri(scope: [:scope1, :scope2]) }
       it { should include 'scope=scope1+scope2' }
     end
   end
@@ -79,55 +79,91 @@ describe Rack::OAuth2::Client do
   describe '#access_token!' do
     subject { client.access_token! }
 
-    describe 'client authentication method' do
-      before do
-        client.authorization_code = 'code'
-      end
+      context 'when *args given' do
 
-      it 'should be Basic auth as default' do
-        mock_response(
-          :post,
-          'https://server.example.com/oauth2/token',
-          'tokens/bearer.json',
-          :request_header => {
-            'Authorization' => 'Basic Y2xpZW50X2lkOmNsaWVudF9zZWNyZXQ='
-          }
-        )
-        client.access_token!
-      end
+      describe 'client authentication method' do
+        before do
+          client.authorization_code = 'code'
+        end
 
-      context 'when other auth method specified' do
-        it do
+        it 'should be Basic auth as default' do
           mock_response(
             :post,
             'https://server.example.com/oauth2/token',
             'tokens/bearer.json',
-            :params => {
-              :client_id => 'client_id',
-              :client_secret => 'client_secret',
-              :code => 'code',
-              :grant_type => 'authorization_code',
-              :redirect_uri => 'https://client.example.com/callback'
+            request_header: {
+              'Authorization' => 'Basic Y2xpZW50X2lkOmNsaWVudF9zZWNyZXQ='
             }
           )
-          client.access_token! :client_auth_body
+          client.access_token!
+        end
+
+        context 'when other auth method specified' do
+          it 'should be body params' do
+            mock_response(
+              :post,
+              'https://server.example.com/oauth2/token',
+              'tokens/bearer.json',
+              params: {
+                client_id: 'client_id',
+                client_secret: 'client_secret',
+                code: 'code',
+                grant_type: 'authorization_code',
+                redirect_uri: 'https://client.example.com/callback'
+              }
+            )
+            client.access_token! :client_auth_body
+          end
+        end
+
+        context 'when auth method is specified as Hash' do
+          it 'should be removed before sending request' do
+            mock_response(
+              :post,
+              'https://server.example.com/oauth2/token',
+              'tokens/bearer.json',
+              params: {
+                client_id: 'client_id',
+                client_secret: 'client_secret',
+                code: 'code',
+                grant_type: 'authorization_code',
+                redirect_uri: 'https://client.example.com/callback'
+              }
+            )
+            client.access_token! client_auth_method: :body
+          end
+        end
+      end
+
+      describe 'scopes' do
+        context 'when scope option given' do
+          it 'should specify given scope' do
+            mock_response(
+              :post,
+              'https://server.example.com/oauth2/token',
+              'tokens/bearer.json',
+              params: {
+                grant_type: 'client_credentials',
+                scope: 'a b'
+              }
+            )
+            client.access_token! scope: [:a, :b]
+          end
         end
       end
-    end
 
-    describe 'scopes' do
-      context 'when scope option given' do
-        it 'should specify given scope' do
+      describe 'unknown params' do
+        it 'should be included in body params' do
           mock_response(
             :post,
             'https://server.example.com/oauth2/token',
             'tokens/bearer.json',
-            :params => {
-              :grant_type => 'client_credentials',
-              :scope => 'a b'
+            params: {
+              grant_type: 'client_credentials',
+              resource: 'something'
             }
           )
-          client.access_token! :scope => [:a, :b]
+          client.access_token! resource: :something
         end
       end
     end
@@ -238,7 +274,7 @@ describe Rack::OAuth2::Client do
           :post,
           'https://server.example.com/oauth2/token',
           'errors/invalid_request.json',
-          :status => 400
+          status: 400
         )
       end
       it do
@@ -253,7 +289,7 @@ describe Rack::OAuth2::Client do
             :post,
             'https://server.example.com/oauth2/token',
             'blank',
-            :status => 400
+            status: 400
           )
         end
         it do
@@ -266,9 +302,9 @@ describe Rack::OAuth2::Client do
   context 'when no host info' do
     let :client do
       Rack::OAuth2::Client.new(
-        :identifier => 'client_id',
-        :secret => 'client_secret',
-        :redirect_uri => 'https://client.example.com/callback'
+        identifier: 'client_id',
+        secret: 'client_secret',
+        redirect_uri: 'https://client.example.com/callback'
       )
     end
 
@@ -284,4 +320,4 @@ describe Rack::OAuth2::Client do
       end
     end
   end
-end
+end

data/spec/rack/oauth2/debugger/request_filter_spec.rb

@@ -3,7 +3,7 @@ require 'spec_helper'
 describe Rack::OAuth2::Debugger::RequestFilter do
   let(:resource_endpoint) { 'https://example.com/resources' }
   let(:request) { HTTP::Message.new_request(:get, URI.parse(resource_endpoint)) }
-  let(:response) { HTTP::Message.new_response(MultiJson.dump({:hello => 'world'})) }
+  let(:response) { HTTP::Message.new_response(MultiJson.dump({hello: 'world'})) }
   let(:request_filter) { Rack::OAuth2::Debugger::RequestFilter.new }
 
   describe '#filter_request' do
@@ -30,4 +30,4 @@ describe Rack::OAuth2::Debugger::RequestFilter do
       request_filter.filter_response(request, response)
     end
   end
-end
+end

data/spec/rack/oauth2/server/abstract/error_spec.rb

@@ -4,7 +4,7 @@ describe Rack::OAuth2::Server::Abstract::Error do
 
   context 'when full attributes are given' do
     subject do
-      Rack::OAuth2::Server::Abstract::Error.new 400, :invalid_request, 'Missing some required params', :uri => 'http://server.example.com/error'
+      Rack::OAuth2::Server::Abstract::Error.new 400, :invalid_request, 'Missing some required params', uri: 'http://server.example.com/error'
     end
     its(:status)      { should == 400 }
     its(:error)       { should == :invalid_request }
@@ -12,9 +12,9 @@ describe Rack::OAuth2::Server::Abstract::Error do
     its(:uri)         { should == 'http://server.example.com/error' }
     its(:protocol_params) do
       should == {
-        :error             => :invalid_request,
-        :error_description => 'Missing some required params',
-        :error_uri         => 'http://server.example.com/error'
+        error:             :invalid_request,
+        error_description: 'Missing some required params',
+        error_uri:         'http://server.example.com/error'
       }
     end
   end
@@ -29,9 +29,9 @@ describe Rack::OAuth2::Server::Abstract::Error do
     its(:uri)         { should be_nil }
     its(:protocol_params) do
       should == {
-        :error             => :invalid_request,
-        :error_description => nil,
-        :error_uri         => nil
+        error:             :invalid_request,
+        error_description: nil,
+        error_uri:         nil
       }
     end
   end
@@ -56,4 +56,4 @@ end
 
 describe Rack::OAuth2::Server::Abstract::TemporarilyUnavailable do
   its(:status) { should == 503 }
-end
+end

data/spec/rack/oauth2/server/authorize/code_spec.rb

@@ -3,7 +3,7 @@ require 'spec_helper.rb'
 describe Rack::OAuth2::Server::Authorize::Code do
   let(:request)            { Rack::MockRequest.new app }
   let(:redirect_uri)       { 'http://client.example.com/callback' }
-  let(:authorization_code) { 'authorization_code' }  
+  let(:authorization_code) { 'authorization_code' }
   let(:response)           { request.get "/?response_type=code&client_id=client&redirect_uri=#{redirect_uri}&state=state" }
 
   context 'when approved' do
@@ -48,10 +48,10 @@ describe Rack::OAuth2::Server::Authorize::Code do
     it 'should redirect with error in query' do
       response.status.should == 302
       error_message = {
-        :error => :access_denied,
-        :error_description => Rack::OAuth2::Server::Authorize::ErrorMethods::DEFAULT_DESCRIPTION[:access_denied]
+        error: :access_denied,
+        error_description: Rack::OAuth2::Server::Authorize::ErrorMethods::DEFAULT_DESCRIPTION[:access_denied]
       }
       response.location.should == "#{redirect_uri}?#{error_message.to_query}&state=state"
     end
   end
-end
+end

data/spec/rack/oauth2/server/authorize/error_spec.rb

@@ -9,10 +9,10 @@ describe Rack::OAuth2::Server::Authorize::BadRequest do
   it { should be_a Rack::OAuth2::Server::Abstract::BadRequest }
   its(:protocol_params) do
     should == {
-      :error             => :invalid_request,
-      :error_description => nil,
-      :error_uri         => nil,
-      :state             => nil
+      error:             :invalid_request,
+      error_description: nil,
+      error_uri:         nil,
+      state:             nil
     }
   end
 
@@ -109,4 +109,4 @@ describe Rack::OAuth2::Server::Authorize::ErrorMethods do
       end
     end
   end
-end
+end

data/spec/rack/oauth2/server/authorize/extensions/code_and_token_spec.rb

@@ -12,7 +12,7 @@ describe Rack::OAuth2::Server::Authorize::Extension::CodeAndToken do
 
   context "when approved" do
     subject { response }
-    let(:bearer_token) { Rack::OAuth2::AccessToken::Bearer.new(:access_token => access_token) }
+    let(:bearer_token) { Rack::OAuth2::AccessToken::Bearer.new(access_token: access_token) }
     let :app do
       Rack::OAuth2::Server::Authorize.new do |request, response|
         response.redirect_uri = redirect_uri
@@ -30,8 +30,8 @@ describe Rack::OAuth2::Server::Authorize::Extension::CodeAndToken do
     context 'when refresh_token is given' do
       let :bearer_token do
         Rack::OAuth2::AccessToken::Bearer.new(
-          :access_token => access_token,
-          :refresh_token => 'refresh'
+          access_token: access_token,
+          refresh_token: 'refresh'
         )
       end
       its(:location) { should include "#{redirect_uri}#" }
@@ -51,10 +51,10 @@ describe Rack::OAuth2::Server::Authorize::Extension::CodeAndToken do
     it 'should redirect with error in fragment' do
       response.status.should == 302
       error_message = {
-        :error => :access_denied,
-        :error_description => Rack::OAuth2::Server::Authorize::ErrorMethods::DEFAULT_DESCRIPTION[:access_denied]
+        error: :access_denied,
+        error_description: Rack::OAuth2::Server::Authorize::ErrorMethods::DEFAULT_DESCRIPTION[:access_denied]
       }
       response.location.should == "#{redirect_uri}##{error_message.to_query}"
     end
   end
-end
+end

data/spec/rack/oauth2/server/authorize/token_spec.rb

@@ -8,7 +8,7 @@ describe Rack::OAuth2::Server::Authorize::Token do
 
   context "when approved" do
     subject { response }
-    let(:bearer_token) { Rack::OAuth2::AccessToken::Bearer.new(:access_token => access_token) }
+    let(:bearer_token) { Rack::OAuth2::AccessToken::Bearer.new(access_token: access_token) }
     let :app do
       Rack::OAuth2::Server::Authorize.new do |request, response|
         response.redirect_uri = redirect_uri
@@ -22,8 +22,8 @@ describe Rack::OAuth2::Server::Authorize::Token do
     context 'when refresh_token is given' do
       let :bearer_token do
         Rack::OAuth2::AccessToken::Bearer.new(
-          :access_token => access_token,
-          :refresh_token => 'refresh'
+          access_token: access_token,
+          refresh_token: 'refresh'
         )
       end
       its(:location) { should == "#{redirect_uri}#access_token=#{access_token}&state=state&token_type=bearer" }
@@ -64,10 +64,10 @@ describe Rack::OAuth2::Server::Authorize::Token do
     it 'should redirect with error in fragment' do
       response.status.should == 302
       error_message = {
-        :error => :access_denied,
-        :error_description => Rack::OAuth2::Server::Authorize::ErrorMethods::DEFAULT_DESCRIPTION[:access_denied]
+        error: :access_denied,
+        error_description: Rack::OAuth2::Server::Authorize::ErrorMethods::DEFAULT_DESCRIPTION[:access_denied]
       }
       response.location.should == "#{redirect_uri}##{error_message.to_query}&state=state"
     end
   end
-end
+end

data/spec/rack/oauth2/server/resource/bearer_spec.rb

@@ -14,7 +14,7 @@ describe Rack::OAuth2::Server::Resource::Bearer do
     end
   end
   let(:bearer_token) do
-    Rack::OAuth2::AccessToken::Bearer.new(:access_token => 'valid_token')
+    Rack::OAuth2::AccessToken::Bearer.new(access_token: 'valid_token')
   end
   let(:access_token) { env[Rack::OAuth2::Server::Resource::ACCESS_TOKEN] }
   let(:request) { app.call(env) }
@@ -62,7 +62,7 @@ describe Rack::OAuth2::Server::Resource::Bearer do
     end
 
     context 'when token is in params' do
-      let(:env) { Rack::MockRequest.env_for('/protected_resource', :params => {:access_token => 'valid_token'}) }
+      let(:env) { Rack::MockRequest.env_for('/protected_resource', params: {access_token: 'valid_token'}) }
       it_behaves_like :authenticated_bearer_request
     end
   end
@@ -80,7 +80,7 @@ describe Rack::OAuth2::Server::Resource::Bearer do
     end
 
     context 'when token is in params' do
-      let(:env) { Rack::MockRequest.env_for('/protected_resource', :params => {:access_token => 'invalid_token'}) }
+      let(:env) { Rack::MockRequest.env_for('/protected_resource', params: {access_token: 'invalid_token'}) }
       it_behaves_like :unauthorized_bearer_request
     end
 
@@ -114,7 +114,7 @@ describe Rack::OAuth2::Server::Resource::Bearer do
         Rack::MockRequest.env_for(
           '/protected_resource',
           'HTTP_AUTHORIZATION' => 'Bearer valid_token',
-          :params => {:access_token => 'valid_token'}
+          params: {access_token: 'valid_token'}
         )
       end
       it_behaves_like :bad_bearer_request