rack-oauth2 1.21.2 → 2.0.0.rc1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.github/workflows/spec.yml +32 -0
- data/README.rdoc +1 -20
- data/VERSION +1 -1
- data/lib/rack/oauth2/access_token/authenticator.rb +1 -10
- data/lib/rack/oauth2/access_token/bearer.rb +1 -1
- data/lib/rack/oauth2/access_token/legacy.rb +1 -1
- data/lib/rack/oauth2/access_token.rb +2 -3
- data/lib/rack/oauth2/client.rb +1 -3
- data/lib/rack/oauth2/server/abstract/error.rb +1 -1
- data/lib/rack/oauth2/server/rails/response_ext.rb +3 -3
- data/lib/rack/oauth2/server/resource/error.rb +4 -4
- data/lib/rack/oauth2/server/resource.rb +0 -1
- data/lib/rack/oauth2/server/token/error.rb +1 -1
- data/lib/rack/oauth2/server/token.rb +3 -3
- data/lib/rack/oauth2.rb +8 -14
- data/rack-oauth2.gemspec +4 -3
- data/spec/rack/oauth2/access_token/authenticator_spec.rb +2 -13
- data/spec/rack/oauth2/access_token/bearer_spec.rb +2 -2
- data/spec/rack/oauth2/access_token/legacy_spec.rb +2 -2
- data/spec/rack/oauth2/access_token_spec.rb +0 -17
- data/spec/rack/oauth2/client_spec.rb +1 -17
- data/spec/rack/oauth2/oauth2_spec.rb +0 -43
- data/spec/rack/oauth2/server/authorize/error_spec.rb +6 -6
- data/spec/rack/oauth2/server/resource/bearer/error_spec.rb +2 -2
- data/spec/rack/oauth2/server/resource/bearer_spec.rb +9 -9
- data/spec/rack/oauth2/server/resource/error_spec.rb +14 -14
- data/spec/rack/oauth2/server/token/authorization_code_spec.rb +2 -2
- data/spec/rack/oauth2/server/token/error_spec.rb +5 -5
- data/spec/rack/oauth2/server/token_spec.rb +2 -2
- metadata +26 -37
- data/.travis.yml +0 -8
- data/lib/rack/oauth2/access_token/mac/sha256_hex_verifier.rb +0 -17
- data/lib/rack/oauth2/access_token/mac/signature.rb +0 -34
- data/lib/rack/oauth2/access_token/mac/verifier.rb +0 -44
- data/lib/rack/oauth2/access_token/mac.rb +0 -103
- data/lib/rack/oauth2/debugger/request_filter.rb +0 -30
- data/lib/rack/oauth2/debugger.rb +0 -3
- data/lib/rack/oauth2/server/resource/mac/error.rb +0 -24
- data/lib/rack/oauth2/server/resource/mac.rb +0 -36
- data/spec/mock_response/tokens/mac.json +0 -8
- data/spec/rack/oauth2/access_token/mac/sha256_hex_verifier_spec.rb +0 -28
- data/spec/rack/oauth2/access_token/mac/signature_spec.rb +0 -59
- data/spec/rack/oauth2/access_token/mac/verifier_spec.rb +0 -25
- data/spec/rack/oauth2/access_token/mac_spec.rb +0 -141
- data/spec/rack/oauth2/debugger/request_filter_spec.rb +0 -33
- data/spec/rack/oauth2/server/resource/mac/error_spec.rb +0 -52
- data/spec/rack/oauth2/server/resource/mac_spec.rb +0 -119
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 1cb4411750fe56e3e1d57b739554197d1ea4420833d01239498c3658e18347bf
|
4
|
+
data.tar.gz: e06e73134550dcb58ed74716faa6b8180ecf3da33f1237ebd3533c7e73cac533
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 2166159ab59d7885c7e53833c20480eec38035e2d61e4aa23fe62afabacc6a5e4289ce527ad78ffbaac89f317b495957afb4f8be21e9cc38c937e6f0ad42f8e3
|
7
|
+
data.tar.gz: 0e381b83f45be184850dc8301be85db57800b317e822cc67f8c08e925df96780b828c330012aa0c22b14ee89c8f884fc9de1ac587a2faab4bd01295b4ea04c06
|
@@ -0,0 +1,32 @@
|
|
1
|
+
name: Spec
|
2
|
+
|
3
|
+
on:
|
4
|
+
push:
|
5
|
+
branches:
|
6
|
+
- master
|
7
|
+
pull_request:
|
8
|
+
|
9
|
+
permissions:
|
10
|
+
contents: read
|
11
|
+
|
12
|
+
jobs:
|
13
|
+
spec:
|
14
|
+
strategy:
|
15
|
+
matrix:
|
16
|
+
os: ['ubuntu-20.04']
|
17
|
+
ruby-version: ['2.6', '2.7', '3.0', '3.1']
|
18
|
+
# ubuntu 22.04 only supports ssl 3 and thus only ruby 3.1
|
19
|
+
include:
|
20
|
+
- os: 'ubuntu-22.04'
|
21
|
+
ruby-version: '3.1'
|
22
|
+
runs-on: ${{ matrix.os }}
|
23
|
+
|
24
|
+
steps:
|
25
|
+
- uses: actions/checkout@v3
|
26
|
+
- name: Set up Ruby
|
27
|
+
uses: ruby/setup-ruby@v1
|
28
|
+
with:
|
29
|
+
ruby-version: ${{ matrix.ruby-version }}
|
30
|
+
bundler-cache: true
|
31
|
+
- name: Run Specs
|
32
|
+
run: bundle exec rake spec
|
data/README.rdoc
CHANGED
@@ -1,9 +1,7 @@
|
|
1
1
|
= rack-oauth2
|
2
2
|
|
3
3
|
OAuth 2.0 Server & Client Library.
|
4
|
-
Both Bearer
|
5
|
-
|
6
|
-
{<img src="https://secure.travis-ci.org/nov/rack-oauth2.png" />}[http://travis-ci.org/nov/rack-oauth2]
|
4
|
+
Both Bearer token type are supported.
|
7
5
|
|
8
6
|
The OAuth 2.0 Authorization Framework (RFC 6749)
|
9
7
|
http://www.rfc-editor.org/rfc/rfc6749.txt
|
@@ -11,9 +9,6 @@ http://www.rfc-editor.org/rfc/rfc6749.txt
|
|
11
9
|
The OAuth 2.0 Authorization Framework: Bearer Token Usage (RFC 6750)
|
12
10
|
http://tools.ietf.org/html/draft-ietf-oauth-v2-bearer-06
|
13
11
|
|
14
|
-
HTTP Authentication: MAC Access Authentication (draft 01)
|
15
|
-
http://tools.ietf.org/html/draft-ietf-oauth-v2-http-mac-01
|
16
|
-
|
17
12
|
== Installation
|
18
13
|
|
19
14
|
gem install rack-oauth2
|
@@ -31,31 +26,17 @@ http://tools.ietf.org/html/draft-ietf-oauth-v2-http-mac-01
|
|
31
26
|
Source on GitHub
|
32
27
|
https://github.com/nov/rack-oauth2-sample
|
33
28
|
|
34
|
-
=== MAC
|
35
|
-
|
36
|
-
Source on GitHub
|
37
|
-
https://github.com/nov/rack-oauth2-sample-mac
|
38
|
-
|
39
29
|
== Sample Client
|
40
30
|
|
41
|
-
=== Common between Bearer and MAC
|
42
|
-
|
43
31
|
Authorization Request (request_type: 'code' and 'token')
|
44
32
|
https://gist.github.com/862393
|
45
33
|
|
46
34
|
Token Request (grant_type: 'client_credentials', 'password', 'authorization_code' and 'refresh_token')
|
47
35
|
https://gist.github.com/883541
|
48
36
|
|
49
|
-
=== Bearer
|
50
|
-
|
51
37
|
Resource Request (request both for resource owner resource and for client resource)
|
52
38
|
https://gist.github.com/883575
|
53
39
|
|
54
|
-
=== MAC
|
55
|
-
|
56
|
-
Resource Request (request both for resource owner resource and for client resource)
|
57
|
-
https://gist.github.com/933885
|
58
|
-
|
59
40
|
== Note on Patches/Pull Requests
|
60
41
|
|
61
42
|
* Fork the project.
|
data/VERSION
CHANGED
@@ -1 +1 @@
|
|
1
|
-
|
1
|
+
2.0.0.rc1
|
@@ -6,18 +6,9 @@ module Rack
|
|
6
6
|
@token = token
|
7
7
|
end
|
8
8
|
|
9
|
-
|
10
|
-
# request:: HTTP::Message
|
11
|
-
def filter_request(request)
|
9
|
+
def authenticate(request)
|
12
10
|
@token.authenticate(request)
|
13
11
|
end
|
14
|
-
|
15
|
-
# Callback called in HTTPClient (after received a response)
|
16
|
-
# response:: HTTP::Message
|
17
|
-
# request:: HTTP::Message
|
18
|
-
def filter_response(response, request)
|
19
|
-
# nothing to do
|
20
|
-
end
|
21
12
|
end
|
22
13
|
end
|
23
14
|
end
|
@@ -19,8 +19,8 @@ module Rack
|
|
19
19
|
end
|
20
20
|
|
21
21
|
def httpclient
|
22
|
-
@httpclient ||= Rack::OAuth2.http_client("#{self.class} (#{VERSION})") do |
|
23
|
-
|
22
|
+
@httpclient ||= Rack::OAuth2.http_client("#{self.class} (#{VERSION})") do |faraday|
|
23
|
+
Authenticator.new(self).authenticate(faraday)
|
24
24
|
end
|
25
25
|
end
|
26
26
|
|
@@ -39,6 +39,5 @@ end
|
|
39
39
|
|
40
40
|
require 'rack/oauth2/access_token/authenticator'
|
41
41
|
require 'rack/oauth2/access_token/bearer'
|
42
|
-
require 'rack/oauth2/access_token/mac'
|
43
42
|
require 'rack/oauth2/access_token/legacy'
|
44
43
|
require 'rack/oauth2/access_token/mtls'
|
data/lib/rack/oauth2/client.rb
CHANGED
@@ -76,7 +76,7 @@ module Rack
|
|
76
76
|
handle_response do
|
77
77
|
http_client.post(
|
78
78
|
absolute_uri_for(token_endpoint),
|
79
|
-
Util.compact_hash(params),
|
79
|
+
Util.compact_hash(params).to_query,
|
80
80
|
headers
|
81
81
|
)
|
82
82
|
end
|
@@ -213,8 +213,6 @@ module Rack
|
|
213
213
|
case (@forced_token_type || token_hash[:token_type]).try(:downcase)
|
214
214
|
when 'bearer'
|
215
215
|
AccessToken::Bearer.new(token_hash)
|
216
|
-
when 'mac'
|
217
|
-
AccessToken::MAC.new(token_hash)
|
218
216
|
when nil
|
219
217
|
AccessToken::Legacy.new(token_hash)
|
220
218
|
else
|
@@ -27,7 +27,7 @@ module Rack
|
|
27
27
|
response.status = status
|
28
28
|
yield response if block_given?
|
29
29
|
unless response.redirect?
|
30
|
-
response.
|
30
|
+
response.headers['Content-Type'] = 'application/json'
|
31
31
|
response.write Util.compact_hash(protocol_params).to_json
|
32
32
|
end
|
33
33
|
response.finish
|
@@ -21,9 +21,9 @@ module Rack
|
|
21
21
|
end
|
22
22
|
end
|
23
23
|
|
24
|
-
def
|
24
|
+
def headers
|
25
25
|
ensure_finish do
|
26
|
-
@
|
26
|
+
@headers
|
27
27
|
end
|
28
28
|
end
|
29
29
|
|
@@ -39,7 +39,7 @@ module Rack
|
|
39
39
|
end
|
40
40
|
|
41
41
|
def ensure_finish
|
42
|
-
@status, @
|
42
|
+
@status, @headers, @body = finish unless finished?
|
43
43
|
yield
|
44
44
|
end
|
45
45
|
end
|
@@ -13,11 +13,11 @@ module Rack
|
|
13
13
|
def finish
|
14
14
|
super do |response|
|
15
15
|
self.realm ||= DEFAULT_REALM
|
16
|
-
|
16
|
+
headers = response.headers['WWW-Authenticate'] = "#{scheme} realm=\"#{realm}\""
|
17
17
|
if ErrorMethods::DEFAULT_DESCRIPTION.keys.include?(error)
|
18
|
-
|
19
|
-
|
20
|
-
|
18
|
+
headers << ", error=\"#{error}\""
|
19
|
+
headers << ", error_description=\"#{description}\"" if description.present?
|
20
|
+
headers << ", error_uri=\"#{uri}\"" if uri.present?
|
21
21
|
end
|
22
22
|
end
|
23
23
|
end
|
@@ -80,9 +80,9 @@ module Rack
|
|
80
80
|
def finish
|
81
81
|
attr_missing!
|
82
82
|
write Util.compact_hash(protocol_params).to_json
|
83
|
-
|
84
|
-
|
85
|
-
|
83
|
+
headers['Content-Type'] = 'application/json'
|
84
|
+
headers['Cache-Control'] = 'no-store'
|
85
|
+
headers['Pragma'] = 'no-cache'
|
86
86
|
super
|
87
87
|
end
|
88
88
|
end
|
data/lib/rack/oauth2.rb
CHANGED
@@ -1,5 +1,6 @@
|
|
1
1
|
require 'rack'
|
2
|
-
require '
|
2
|
+
require 'faraday'
|
3
|
+
require 'faraday/follow_redirects'
|
3
4
|
require 'logger'
|
4
5
|
require 'active_support'
|
5
6
|
require 'active_support/core_ext'
|
@@ -40,18 +41,12 @@ module Rack
|
|
40
41
|
self.debugging = false
|
41
42
|
|
42
43
|
def self.http_client(agent_name = "Rack::OAuth2 (#{VERSION})", &local_http_config)
|
43
|
-
|
44
|
-
|
45
|
-
|
46
|
-
|
47
|
-
|
48
|
-
|
49
|
-
_http_client_.ssl_config.cert_store.set_default_paths
|
50
|
-
|
51
|
-
http_config.try(:call, _http_client_)
|
52
|
-
local_http_config.try(:call, _http_client_) unless local_http_config.nil?
|
53
|
-
_http_client_.request_filter << Debugger::RequestFilter.new if debugging?
|
54
|
-
_http_client_
|
44
|
+
Faraday.new(headers: {user_agent: agent_name}) do |faraday|
|
45
|
+
faraday.response :logger, Rack::OAuth2.logger if debugging?
|
46
|
+
faraday.adapter Faraday.default_adapter
|
47
|
+
local_http_config&.call(faraday)
|
48
|
+
http_config&.call(faraday)
|
49
|
+
end
|
55
50
|
end
|
56
51
|
|
57
52
|
def self.http_config(&block)
|
@@ -70,4 +65,3 @@ require 'rack/oauth2/util'
|
|
70
65
|
require 'rack/oauth2/server'
|
71
66
|
require 'rack/oauth2/client'
|
72
67
|
require 'rack/oauth2/access_token'
|
73
|
-
require 'rack/oauth2/debugger'
|
data/rack-oauth2.gemspec
CHANGED
@@ -2,8 +2,8 @@ Gem::Specification.new do |s|
|
|
2
2
|
s.name = 'rack-oauth2'
|
3
3
|
s.version = File.read('VERSION')
|
4
4
|
s.authors = ['nov matake']
|
5
|
-
s.description = %q{OAuth 2.0 Server & Client Library. Both Bearer
|
6
|
-
s.summary = %q{OAuth 2.0 Server & Client Library - Both Bearer
|
5
|
+
s.description = %q{OAuth 2.0 Server & Client Library. Both Bearer token type are supported.}
|
6
|
+
s.summary = %q{OAuth 2.0 Server & Client Library - Both Bearer token type are supported}
|
7
7
|
s.email = 'nov@matake.jp'
|
8
8
|
s.extra_rdoc_files = ['LICENSE', 'README.rdoc']
|
9
9
|
s.rdoc_options = ['--charset=UTF-8']
|
@@ -14,7 +14,8 @@ Gem::Specification.new do |s|
|
|
14
14
|
s.files = `git ls-files`.split("\n")
|
15
15
|
s.test_files = `git ls-files -- {test,spec,features}/*`.split("\n")
|
16
16
|
s.add_runtime_dependency 'rack', '>= 2.1.0'
|
17
|
-
s.add_runtime_dependency '
|
17
|
+
s.add_runtime_dependency 'faraday', '~> 2.0'
|
18
|
+
s.add_runtime_dependency 'faraday-follow_redirects'
|
18
19
|
s.add_runtime_dependency 'activesupport'
|
19
20
|
s.add_runtime_dependency 'attr_required'
|
20
21
|
s.add_runtime_dependency 'json-jwt', '>= 1.11.0'
|
@@ -2,13 +2,13 @@ require 'spec_helper'
|
|
2
2
|
|
3
3
|
describe Rack::OAuth2::AccessToken::Authenticator do
|
4
4
|
let(:resource_endpoint) { 'https://server.example.com/resources/fake' }
|
5
|
-
let(:request) {
|
5
|
+
let(:request) { Faraday::Request.new(:get, URI.parse(resource_endpoint)) }
|
6
6
|
let(:authenticator) { Rack::OAuth2::AccessToken::Authenticator.new(token) }
|
7
7
|
|
8
8
|
shared_examples_for :authenticator do
|
9
9
|
it 'should let the token authenticate the request' do
|
10
10
|
expect(token).to receive(:authenticate).with(request)
|
11
|
-
authenticator.
|
11
|
+
authenticator.authenticate(request)
|
12
12
|
end
|
13
13
|
end
|
14
14
|
|
@@ -29,15 +29,4 @@ describe Rack::OAuth2::AccessToken::Authenticator do
|
|
29
29
|
end
|
30
30
|
it_behaves_like :authenticator
|
31
31
|
end
|
32
|
-
|
33
|
-
context 'when MAC token is given' do
|
34
|
-
let(:token) do
|
35
|
-
Rack::OAuth2::AccessToken::MAC.new(
|
36
|
-
access_token: 'access_token',
|
37
|
-
mac_key: 'secret',
|
38
|
-
mac_algorithm: 'hmac-sha-256'
|
39
|
-
)
|
40
|
-
end
|
41
|
-
it_behaves_like :authenticator
|
42
|
-
end
|
43
32
|
end
|
@@ -7,11 +7,11 @@ describe Rack::OAuth2::AccessToken::Bearer do
|
|
7
7
|
)
|
8
8
|
end
|
9
9
|
let(:resource_endpoint) { 'https://server.example.com/resources/fake' }
|
10
|
-
let(:request) {
|
10
|
+
let(:request) { Faraday::Request.new(:post, URI.parse(resource_endpoint), '', {hello: "world"}, {}) }
|
11
11
|
|
12
12
|
describe '.authenticate' do
|
13
13
|
it 'should set Authorization header' do
|
14
|
-
expect(request.
|
14
|
+
expect(request.headers).to receive(:[]=).with('Authorization', 'Bearer access_token')
|
15
15
|
token.authenticate(request)
|
16
16
|
end
|
17
17
|
end
|
@@ -7,7 +7,7 @@ describe Rack::OAuth2::AccessToken::Legacy do
|
|
7
7
|
)
|
8
8
|
end
|
9
9
|
let(:resource_endpoint) { 'https://server.example.com/resources/fake' }
|
10
|
-
let(:request) {
|
10
|
+
let(:request) { Faraday::Request.new(:post, URI.parse(resource_endpoint), '', {hello: "world"}, {}) }
|
11
11
|
|
12
12
|
describe '#to_s' do
|
13
13
|
subject { token }
|
@@ -16,7 +16,7 @@ describe Rack::OAuth2::AccessToken::Legacy do
|
|
16
16
|
|
17
17
|
describe '.authenticate' do
|
18
18
|
it 'should set Authorization header' do
|
19
|
-
expect(request.
|
19
|
+
expect(request.headers).to receive(:[]=).with('Authorization', 'OAuth access_token')
|
20
20
|
token.authenticate(request)
|
21
21
|
end
|
22
22
|
end
|
@@ -49,23 +49,6 @@ describe Rack::OAuth2::AccessToken do
|
|
49
49
|
|
50
50
|
let(:resource_endpoint) { 'https://server.example.com/resources/fake' }
|
51
51
|
[:get, :delete, :post, :put].each do |method|
|
52
|
-
describe method do
|
53
|
-
it 'should delegate to HTTPClient with Authenticator filter' do
|
54
|
-
expect(token.httpclient).to receive(method).with(resource_endpoint)
|
55
|
-
token.httpclient.request_filter.last.should be_a Rack::OAuth2::AccessToken::Authenticator
|
56
|
-
token.send method, resource_endpoint
|
57
|
-
end
|
58
|
-
end
|
59
|
-
|
60
|
-
context 'in debug mode' do
|
61
|
-
it do
|
62
|
-
Rack::OAuth2.debug do
|
63
|
-
token.httpclient.request_filter[-2].should be_a Rack::OAuth2::AccessToken::Authenticator
|
64
|
-
token.httpclient.request_filter.last.should be_a Rack::OAuth2::Debugger::RequestFilter
|
65
|
-
end
|
66
|
-
end
|
67
|
-
end
|
68
|
-
|
69
52
|
context 'when extension params given' do
|
70
53
|
subject do
|
71
54
|
Rack::OAuth2::AccessToken::Bearer.new(
|
@@ -188,7 +188,7 @@ describe Rack::OAuth2::Client do
|
|
188
188
|
let :client do
|
189
189
|
Rack::OAuth2::Client.new(
|
190
190
|
identifier: 'client_id',
|
191
|
-
private_key: OpenSSL::PKey::EC.
|
191
|
+
private_key: OpenSSL::PKey::EC.generate('prime256v1'),
|
192
192
|
host: 'server.example.com',
|
193
193
|
redirect_uri: 'https://client.example.com/callback'
|
194
194
|
)
|
@@ -338,22 +338,6 @@ describe Rack::OAuth2::Client do
|
|
338
338
|
end
|
339
339
|
end
|
340
340
|
|
341
|
-
context 'when mac token is given' do
|
342
|
-
before do
|
343
|
-
client.authorization_code = 'code'
|
344
|
-
mock_response(
|
345
|
-
:post,
|
346
|
-
'https://server.example.com/oauth2/token',
|
347
|
-
'tokens/mac.json'
|
348
|
-
)
|
349
|
-
end
|
350
|
-
it { should be_instance_of Rack::OAuth2::AccessToken::MAC }
|
351
|
-
its(:token_type) { should == :mac }
|
352
|
-
its(:access_token) { should == 'access_token' }
|
353
|
-
its(:refresh_token) { should == 'refresh_token' }
|
354
|
-
its(:expires_in) { should == 3600 }
|
355
|
-
end
|
356
|
-
|
357
341
|
context 'when no-type token is given (JSON)' do
|
358
342
|
before do
|
359
343
|
client.authorization_code = 'code'
|
@@ -28,47 +28,4 @@ describe Rack::OAuth2 do
|
|
28
28
|
Rack::OAuth2.debugging?.should == true
|
29
29
|
end
|
30
30
|
end
|
31
|
-
|
32
|
-
describe '.http_config' do
|
33
|
-
context 'when request_filter added' do
|
34
|
-
context 'when "debug!" is called' do
|
35
|
-
after { Rack::OAuth2.reset_http_config! }
|
36
|
-
|
37
|
-
it 'should put Debugger::RequestFilter at last' do
|
38
|
-
Rack::OAuth2.debug!
|
39
|
-
Rack::OAuth2.http_config do |config|
|
40
|
-
config.request_filter << Proc.new {}
|
41
|
-
end
|
42
|
-
Rack::OAuth2.http_client.request_filter.last.should be_instance_of Rack::OAuth2::Debugger::RequestFilter
|
43
|
-
end
|
44
|
-
|
45
|
-
it 'should reset_http_config' do
|
46
|
-
Rack::OAuth2.debug!
|
47
|
-
Rack::OAuth2.http_config do |config|
|
48
|
-
config.request_filter << Proc.new {}
|
49
|
-
end
|
50
|
-
size = Rack::OAuth2.http_client.request_filter.size
|
51
|
-
Rack::OAuth2.reset_http_config!
|
52
|
-
Rack::OAuth2.http_client.request_filter.size.should == size - 1
|
53
|
-
end
|
54
|
-
|
55
|
-
end
|
56
|
-
end
|
57
|
-
end
|
58
|
-
|
59
|
-
describe ".http_client" do
|
60
|
-
context "when local_http_config is used" do
|
61
|
-
it "should correctly set request_filter" do
|
62
|
-
clnt1 = Rack::OAuth2.http_client
|
63
|
-
clnt2 = Rack::OAuth2.http_client("my client") do |config|
|
64
|
-
config.request_filter << Proc.new {}
|
65
|
-
end
|
66
|
-
clnt3 = Rack::OAuth2.http_client
|
67
|
-
|
68
|
-
clnt1.request_filter.size.should == clnt3.request_filter.size
|
69
|
-
clnt1.request_filter.size.should == clnt2.request_filter.size - 1
|
70
|
-
|
71
|
-
end
|
72
|
-
end
|
73
|
-
end
|
74
31
|
end
|
@@ -23,27 +23,27 @@ describe Rack::OAuth2::Server::Authorize::BadRequest do
|
|
23
23
|
context 'when protocol_params_location = :query' do
|
24
24
|
before { error.protocol_params_location = :query }
|
25
25
|
it 'should redirect with error in query' do
|
26
|
-
state,
|
26
|
+
state, headers, response = error.finish
|
27
27
|
state.should == 302
|
28
|
-
|
28
|
+
headers["Location"].should == "#{redirect_uri}?error=invalid_request"
|
29
29
|
end
|
30
30
|
end
|
31
31
|
|
32
32
|
context 'when protocol_params_location = :fragment' do
|
33
33
|
before { error.protocol_params_location = :fragment }
|
34
34
|
it 'should redirect with error in fragment' do
|
35
|
-
state,
|
35
|
+
state, headers, response = error.finish
|
36
36
|
state.should == 302
|
37
|
-
|
37
|
+
headers["Location"].should == "#{redirect_uri}#error=invalid_request"
|
38
38
|
end
|
39
39
|
end
|
40
40
|
|
41
41
|
context 'otherwise' do
|
42
42
|
before { error.protocol_params_location = :other }
|
43
43
|
it 'should redirect without error' do
|
44
|
-
state,
|
44
|
+
state, headers, response = error.finish
|
45
45
|
state.should == 302
|
46
|
-
|
46
|
+
headers["Location"].should == redirect_uri
|
47
47
|
end
|
48
48
|
end
|
49
49
|
end
|
@@ -12,8 +12,8 @@ describe Rack::OAuth2::Server::Resource::Bearer::Unauthorized do
|
|
12
12
|
|
13
13
|
describe '#finish' do
|
14
14
|
it 'should use Bearer scheme' do
|
15
|
-
status,
|
16
|
-
|
15
|
+
status, headers, response = error.finish
|
16
|
+
headers['WWW-Authenticate'].should include 'Bearer'
|
17
17
|
end
|
18
18
|
end
|
19
19
|
end
|
@@ -22,29 +22,29 @@ describe Rack::OAuth2::Server::Resource::Bearer do
|
|
22
22
|
|
23
23
|
shared_examples_for :authenticated_bearer_request do
|
24
24
|
it 'should be authenticated' do
|
25
|
-
status,
|
25
|
+
status, headers, response = request
|
26
26
|
status.should == 200
|
27
27
|
access_token.should == bearer_token
|
28
28
|
end
|
29
29
|
end
|
30
30
|
shared_examples_for :unauthorized_bearer_request do
|
31
31
|
it 'should be unauthorized' do
|
32
|
-
status,
|
32
|
+
status, headers, response = request
|
33
33
|
status.should == 401
|
34
|
-
|
34
|
+
headers['WWW-Authenticate'].should include 'Bearer'
|
35
35
|
access_token.should be_nil
|
36
36
|
end
|
37
37
|
end
|
38
38
|
shared_examples_for :bad_bearer_request do
|
39
39
|
it 'should be bad_request' do
|
40
|
-
status,
|
40
|
+
status, headers, response = request
|
41
41
|
status.should == 400
|
42
42
|
access_token.should be_nil
|
43
43
|
end
|
44
44
|
end
|
45
45
|
shared_examples_for :skipped_authentication_request do
|
46
46
|
it 'should skip OAuth 2.0 authentication' do
|
47
|
-
status,
|
47
|
+
status, headers, response = request
|
48
48
|
status.should == 200
|
49
49
|
access_token.should be_nil
|
50
50
|
end
|
@@ -94,15 +94,15 @@ describe Rack::OAuth2::Server::Resource::Bearer do
|
|
94
94
|
end
|
95
95
|
end
|
96
96
|
it 'should use specified realm' do
|
97
|
-
status,
|
98
|
-
|
97
|
+
status, headers, response = request
|
98
|
+
headers['WWW-Authenticate'].should include "Bearer realm=\"#{realm}\""
|
99
99
|
end
|
100
100
|
end
|
101
101
|
|
102
102
|
context 'otherwize' do
|
103
103
|
it 'should use default realm' do
|
104
|
-
status,
|
105
|
-
|
104
|
+
status, headers, response = request
|
105
|
+
headers['WWW-Authenticate'].should include "Bearer realm=\"#{Rack::OAuth2::Server::Resource::Bearer::DEFAULT_REALM}\""
|
106
106
|
end
|
107
107
|
end
|
108
108
|
end
|