rack-oauth2 1.1.1 → 1.2.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.travis.yml +3 -1
- data/Rakefile +1 -1
- data/VERSION +1 -1
- data/lib/rack/oauth2/access_token/mac/verifier.rb +1 -1
- data/lib/rack/oauth2/access_token/mac.rb +26 -26
- data/lib/rack/oauth2/access_token.rb +7 -7
- data/lib/rack/oauth2/client/grant.rb +2 -2
- data/lib/rack/oauth2/client.rb +14 -13
- data/lib/rack/oauth2/server/abstract/error.rb +4 -4
- data/lib/rack/oauth2/server/abstract/request.rb +2 -2
- data/lib/rack/oauth2/server/authorize/code.rb +2 -2
- data/lib/rack/oauth2/server/authorize/error.rb +9 -9
- data/lib/rack/oauth2/server/authorize/extension/code_and_token.rb +2 -2
- data/lib/rack/oauth2/server/authorize.rb +2 -2
- data/lib/rack/oauth2/server/resource/error.rb +5 -5
- data/lib/rack/oauth2/server/resource.rb +1 -1
- data/lib/rack/oauth2/server/token/error.rb +7 -7
- data/lib/rack/oauth2/server/token.rb +1 -1
- data/lib/rack/oauth2.rb +1 -1
- data/spec/rack/oauth2/access_token/authenticator_spec.rb +6 -6
- data/spec/rack/oauth2/access_token/bearer_spec.rb +3 -3
- data/spec/rack/oauth2/access_token/legacy_spec.rb +3 -3
- data/spec/rack/oauth2/access_token/mac/sha256_hex_verifier_spec.rb +5 -5
- data/spec/rack/oauth2/access_token/mac/signature_spec.rb +26 -26
- data/spec/rack/oauth2/access_token/mac/verifier_spec.rb +3 -3
- data/spec/rack/oauth2/access_token/mac_spec.rb +20 -20
- data/spec/rack/oauth2/access_token_spec.rb +14 -14
- data/spec/rack/oauth2/client/error_spec.rb +4 -4
- data/spec/rack/oauth2/client/grant/authorization_code_spec.rb +5 -5
- data/spec/rack/oauth2/client/grant/client_credentials_spec.rb +2 -2
- data/spec/rack/oauth2/client/grant/password_spec.rb +4 -4
- data/spec/rack/oauth2/client/grant/refresh_token_spec.rb +3 -3
- data/spec/rack/oauth2/client_spec.rb +81 -45
- data/spec/rack/oauth2/debugger/request_filter_spec.rb +2 -2
- data/spec/rack/oauth2/server/abstract/error_spec.rb +8 -8
- data/spec/rack/oauth2/server/authorize/code_spec.rb +4 -4
- data/spec/rack/oauth2/server/authorize/error_spec.rb +5 -5
- data/spec/rack/oauth2/server/authorize/extensions/code_and_token_spec.rb +6 -6
- data/spec/rack/oauth2/server/authorize/token_spec.rb +6 -6
- data/spec/rack/oauth2/server/resource/bearer_spec.rb +4 -4
- data/spec/rack/oauth2/server/resource/error_spec.rb +3 -3
- data/spec/rack/oauth2/server/resource/mac_spec.rb +4 -4
- data/spec/rack/oauth2/server/token/authorization_code_spec.rb +7 -7
- data/spec/rack/oauth2/server/token/client_credentials_spec.rb +6 -6
- data/spec/rack/oauth2/server/token/password_spec.rb +7 -7
- data/spec/rack/oauth2/server/token/refresh_token_spec.rb +5 -5
- data/spec/rack/oauth2/server/token_spec.rb +14 -14
- data/spec/rack/oauth2/util_spec.rb +4 -4
- metadata +2 -2
@@ -59,7 +59,7 @@ describe Rack::OAuth2::Server::Resource::Unauthorized do
|
|
59
59
|
|
60
60
|
context 'when realm is specified' do
|
61
61
|
let(:realm) { 'server.example.com' }
|
62
|
-
let(:error) { Rack::OAuth2::Server::Resource::Bearer::Unauthorized.new(:something, nil, :
|
62
|
+
let(:error) { Rack::OAuth2::Server::Resource::Bearer::Unauthorized.new(:something, nil, realm: realm) }
|
63
63
|
|
64
64
|
it 'should use given realm' do
|
65
65
|
status, header, response = error_with_scheme.finish
|
@@ -86,7 +86,7 @@ describe Rack::OAuth2::Server::Resource::Forbidden do
|
|
86
86
|
end
|
87
87
|
|
88
88
|
context 'when scope option is given' do
|
89
|
-
let(:error) { Rack::OAuth2::Server::Resource::Bearer::Forbidden.new(:insufficient_scope, 'Desc', :
|
89
|
+
let(:error) { Rack::OAuth2::Server::Resource::Bearer::Forbidden.new(:insufficient_scope, 'Desc', scope: [:scope1, :scope2]) }
|
90
90
|
|
91
91
|
it 'should have blank WWW-Authenticate header' do
|
92
92
|
status, header, response = error.finish
|
@@ -144,4 +144,4 @@ describe Rack::OAuth2::Server::Resource::Bearer::ErrorMethods do
|
|
144
144
|
end
|
145
145
|
end
|
146
146
|
end
|
147
|
-
end
|
147
|
+
end
|
@@ -17,10 +17,10 @@ describe Rack::OAuth2::Server::Resource::MAC do
|
|
17
17
|
end
|
18
18
|
let(:mac_token) do
|
19
19
|
Rack::OAuth2::AccessToken::MAC.new(
|
20
|
-
:
|
21
|
-
:
|
22
|
-
:
|
23
|
-
:
|
20
|
+
access_token: 'valid_token',
|
21
|
+
mac_key: 'secret',
|
22
|
+
mac_algorithm: 'hmac-sha-256',
|
23
|
+
ts: 1305820230 # fix verification time
|
24
24
|
)
|
25
25
|
end
|
26
26
|
let(:access_token) { env[Rack::OAuth2::Server::Resource::ACCESS_TOKEN] }
|
@@ -4,18 +4,18 @@ describe Rack::OAuth2::Server::Token::AuthorizationCode do
|
|
4
4
|
let(:request) { Rack::MockRequest.new app }
|
5
5
|
let(:app) do
|
6
6
|
Rack::OAuth2::Server::Token.new do |request, response|
|
7
|
-
response.access_token = Rack::OAuth2::AccessToken::Bearer.new(:
|
7
|
+
response.access_token = Rack::OAuth2::AccessToken::Bearer.new(access_token: 'access_token')
|
8
8
|
end
|
9
9
|
end
|
10
10
|
let(:params) do
|
11
11
|
{
|
12
|
-
:
|
13
|
-
:
|
14
|
-
:
|
15
|
-
:
|
12
|
+
grant_type: 'authorization_code',
|
13
|
+
client_id: 'client_id',
|
14
|
+
code: 'authorization_code',
|
15
|
+
redirect_uri: 'http://client.example.com/callback'
|
16
16
|
}
|
17
17
|
end
|
18
|
-
let(:response) { request.post('/', :
|
18
|
+
let(:response) { request.post('/', params: params) }
|
19
19
|
subject { response }
|
20
20
|
|
21
21
|
its(:status) { should == 200 }
|
@@ -40,4 +40,4 @@ describe Rack::OAuth2::Server::Token::AuthorizationCode do
|
|
40
40
|
its(:body) { should include '"error":"invalid_request"' }
|
41
41
|
end
|
42
42
|
end
|
43
|
-
end
|
43
|
+
end
|
@@ -4,20 +4,20 @@ describe Rack::OAuth2::Server::Token::ClientCredentials do
|
|
4
4
|
let(:request) { Rack::MockRequest.new app }
|
5
5
|
let(:app) do
|
6
6
|
Rack::OAuth2::Server::Token.new do |request, response|
|
7
|
-
response.access_token = Rack::OAuth2::AccessToken::Bearer.new(:
|
7
|
+
response.access_token = Rack::OAuth2::AccessToken::Bearer.new(access_token: 'access_token')
|
8
8
|
end
|
9
9
|
end
|
10
10
|
let(:params) do
|
11
11
|
{
|
12
|
-
:
|
13
|
-
:
|
14
|
-
:
|
12
|
+
grant_type: 'client_credentials',
|
13
|
+
client_id: 'client_id',
|
14
|
+
client_secret: 'client_secret'
|
15
15
|
}
|
16
16
|
end
|
17
|
-
subject { request.post('/', :
|
17
|
+
subject { request.post('/', params: params) }
|
18
18
|
|
19
19
|
its(:status) { should == 200 }
|
20
20
|
its(:content_type) { should == 'application/json' }
|
21
21
|
its(:body) { should include '"access_token":"access_token"' }
|
22
22
|
its(:body) { should include '"token_type":"bearer"' }
|
23
|
-
end
|
23
|
+
end
|
@@ -4,18 +4,18 @@ describe Rack::OAuth2::Server::Token::Password do
|
|
4
4
|
let(:request) { Rack::MockRequest.new app }
|
5
5
|
let(:app) do
|
6
6
|
Rack::OAuth2::Server::Token.new do |request, response|
|
7
|
-
response.access_token = Rack::OAuth2::AccessToken::Bearer.new(:
|
7
|
+
response.access_token = Rack::OAuth2::AccessToken::Bearer.new(access_token: 'access_token')
|
8
8
|
end
|
9
9
|
end
|
10
10
|
let(:params) do
|
11
11
|
{
|
12
|
-
:
|
13
|
-
:
|
14
|
-
:
|
15
|
-
:
|
12
|
+
grant_type: 'password',
|
13
|
+
client_id: 'client_id',
|
14
|
+
username: 'nov',
|
15
|
+
password: 'secret'
|
16
16
|
}
|
17
17
|
end
|
18
|
-
subject { request.post('/', :
|
18
|
+
subject { request.post('/', params: params) }
|
19
19
|
|
20
20
|
its(:status) { should == 200 }
|
21
21
|
its(:content_type) { should == 'application/json' }
|
@@ -34,4 +34,4 @@ describe Rack::OAuth2::Server::Token::Password do
|
|
34
34
|
its(:body) { should include '"error":"invalid_request"' }
|
35
35
|
end
|
36
36
|
end
|
37
|
-
end
|
37
|
+
end
|
@@ -4,17 +4,17 @@ describe Rack::OAuth2::Server::Token::RefreshToken do
|
|
4
4
|
let(:request) { Rack::MockRequest.new app }
|
5
5
|
let(:app) do
|
6
6
|
Rack::OAuth2::Server::Token.new do |request, response|
|
7
|
-
response.access_token = Rack::OAuth2::AccessToken::Bearer.new(:
|
7
|
+
response.access_token = Rack::OAuth2::AccessToken::Bearer.new(access_token: 'access_token')
|
8
8
|
end
|
9
9
|
end
|
10
10
|
let(:params) do
|
11
11
|
{
|
12
|
-
:
|
13
|
-
:
|
14
|
-
:
|
12
|
+
grant_type: "refresh_token",
|
13
|
+
client_id: "client_id",
|
14
|
+
refresh_token: "refresh_token"
|
15
15
|
}
|
16
16
|
end
|
17
|
-
subject { request.post('/', :
|
17
|
+
subject { request.post('/', params: params) }
|
18
18
|
|
19
19
|
its(:status) { should == 200 }
|
20
20
|
its(:content_type) { should == 'application/json' }
|
@@ -5,18 +5,18 @@ describe Rack::OAuth2::Server::Token do
|
|
5
5
|
let(:request) { Rack::MockRequest.new app }
|
6
6
|
let(:app) do
|
7
7
|
Rack::OAuth2::Server::Token.new do |request, response|
|
8
|
-
response.access_token = Rack::OAuth2::AccessToken::Bearer.new(:
|
8
|
+
response.access_token = Rack::OAuth2::AccessToken::Bearer.new(access_token: 'access_token')
|
9
9
|
end
|
10
10
|
end
|
11
11
|
let(:params) do
|
12
12
|
{
|
13
|
-
:
|
14
|
-
:
|
15
|
-
:
|
16
|
-
:
|
13
|
+
grant_type: 'authorization_code',
|
14
|
+
client_id: 'client_id',
|
15
|
+
code: 'authorization_code',
|
16
|
+
redirect_uri: 'http://client.example.com/callback'
|
17
17
|
}
|
18
18
|
end
|
19
|
-
subject { request.post('/token', :
|
19
|
+
subject { request.post('/token', params: params) }
|
20
20
|
|
21
21
|
context 'when multiple client credentials are given' do
|
22
22
|
context 'when different credentials are given' do
|
@@ -24,7 +24,7 @@ describe Rack::OAuth2::Server::Token do
|
|
24
24
|
Rack::MockRequest.env_for(
|
25
25
|
'/token',
|
26
26
|
'HTTP_AUTHORIZATION' => "Basic #{Base64.encode64('client_id2:client_secret')}",
|
27
|
-
:
|
27
|
+
params: params
|
28
28
|
)
|
29
29
|
end
|
30
30
|
it 'should fail with unsupported_grant_type' do
|
@@ -39,7 +39,7 @@ describe Rack::OAuth2::Server::Token do
|
|
39
39
|
Rack::MockRequest.env_for(
|
40
40
|
'/token',
|
41
41
|
'HTTP_AUTHORIZATION' => "Basic #{Base64.encode64('client_id:client_secret')}",
|
42
|
-
:
|
42
|
+
params: params
|
43
43
|
)
|
44
44
|
end
|
45
45
|
it 'should ignore duplicates' do
|
@@ -51,7 +51,7 @@ describe Rack::OAuth2::Server::Token do
|
|
51
51
|
|
52
52
|
context 'when unsupported grant_type is given' do
|
53
53
|
before do
|
54
|
-
params.merge!(:
|
54
|
+
params.merge!(grant_type: 'unknown')
|
55
55
|
end
|
56
56
|
its(:status) { should == 400 }
|
57
57
|
its(:content_type) { should == 'application/json' }
|
@@ -96,7 +96,7 @@ describe Rack::OAuth2::Server::Token do
|
|
96
96
|
Rack::OAuth2::Server::Token.new
|
97
97
|
end
|
98
98
|
it do
|
99
|
-
expect { request.post('/', :
|
99
|
+
expect { request.post('/', params: params) }.to raise_error AttrRequired::AttrMissing
|
100
100
|
end
|
101
101
|
end
|
102
102
|
end
|
@@ -110,7 +110,7 @@ describe Rack::OAuth2::Server::Token do
|
|
110
110
|
let(:env) do
|
111
111
|
Rack::MockRequest.env_for(
|
112
112
|
'/token',
|
113
|
-
:
|
113
|
+
params: params
|
114
114
|
)
|
115
115
|
end
|
116
116
|
let(:request) { Rack::OAuth2::Server::Token::Request.new env }
|
@@ -119,8 +119,8 @@ describe Rack::OAuth2::Server::Token do
|
|
119
119
|
describe 'JWT assertion' do
|
120
120
|
let(:params) do
|
121
121
|
{
|
122
|
-
:
|
123
|
-
:
|
122
|
+
grant_type: 'urn:ietf:params:oauth:grant-type:jwt-bearer',
|
123
|
+
assertion: 'header.payload.signature'
|
124
124
|
}
|
125
125
|
end
|
126
126
|
|
@@ -131,4 +131,4 @@ describe Rack::OAuth2::Server::Token do
|
|
131
131
|
end
|
132
132
|
end
|
133
133
|
end
|
134
|
-
end
|
134
|
+
end
|
@@ -20,8 +20,8 @@ describe Rack::OAuth2::Util do
|
|
20
20
|
end
|
21
21
|
|
22
22
|
describe '.compact_hash' do
|
23
|
-
subject { util.compact_hash :
|
24
|
-
it { should == {:
|
23
|
+
subject { util.compact_hash k1: 'v1', k2: '', k3: nil }
|
24
|
+
it { should == {k1: 'v1'} }
|
25
25
|
end
|
26
26
|
|
27
27
|
describe '.parse_uri' do
|
@@ -55,7 +55,7 @@ describe Rack::OAuth2::Util do
|
|
55
55
|
describe '.redirect_uri' do
|
56
56
|
let(:base_uri) { 'http://client.example.com' }
|
57
57
|
let(:params) do
|
58
|
-
{:
|
58
|
+
{k1: :v1, k2: ''}
|
59
59
|
end
|
60
60
|
subject { util.redirect_uri base_uri, location, params }
|
61
61
|
|
@@ -94,4 +94,4 @@ describe Rack::OAuth2::Util do
|
|
94
94
|
end
|
95
95
|
end
|
96
96
|
end
|
97
|
-
end
|
97
|
+
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: rack-oauth2
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.
|
4
|
+
version: 1.2.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- nov matake
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2015-
|
11
|
+
date: 2015-06-15 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: rack
|