rack-oauth2 0.0.6 → 0.0.7
Sign up to get free protection for your applications and to get access to all the features.
- data/VERSION +1 -1
- data/example/server/authorize.rb +2 -2
- data/lib/rack/oauth2/server.rb +1 -1
- data/lib/rack/oauth2/server/abstract/handler.rb +0 -2
- data/lib/rack/oauth2/server/{authorization.rb → authorize.rb} +4 -4
- data/lib/rack/oauth2/server/{authorization → authorize}/code.rb +4 -4
- data/lib/rack/oauth2/server/{authorization → authorize}/code_and_token.rb +4 -4
- data/lib/rack/oauth2/server/{authorization → authorize}/token.rb +4 -4
- data/lib/rack/oauth2/server/error.rb +6 -1
- data/lib/rack/oauth2/server/token.rb +9 -5
- data/lib/rack/oauth2/server/token/authorization_code.rb +1 -1
- data/lib/rack/oauth2/server/token/password.rb +1 -1
- data/rack-oauth2.gemspec +13 -13
- data/spec/rack/oauth2/server/{authorization → authorize}/code_and_token_spec.rb +3 -3
- data/spec/rack/oauth2/server/{authorization → authorize}/code_spec.rb +3 -3
- data/spec/rack/oauth2/server/{authorization → authorize}/token_spec.rb +3 -3
- data/spec/rack/oauth2/server/{authorization_spec.rb → authorize_spec.rb} +7 -7
- data/spec/rack/oauth2/server/error_spec.rb +12 -3
- data/spec/rack/oauth2/server/token/assertion_spec.rb +13 -3
- data/spec/rack/oauth2/server/token/authorization_code_spec.rb +20 -5
- data/spec/rack/oauth2/server/token/password_spec.rb +13 -3
- data/spec/rack/oauth2/server/token/refresh_token_spec.rb +11 -3
- metadata +15 -15
data/VERSION
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
0.0.
|
|
1
|
+
0.0.7
|
data/example/server/authorize.rb
CHANGED
|
@@ -7,7 +7,7 @@ $LOAD_PATH.unshift(File.join(File.dirname(__FILE__), '../../lib'))
|
|
|
7
7
|
require 'rack/oauth2'
|
|
8
8
|
|
|
9
9
|
get '/oauth/authorize' do
|
|
10
|
-
authorization_endpoint = Rack::OAuth2::Server::
|
|
10
|
+
authorization_endpoint = Rack::OAuth2::Server::Authorize.new(self)
|
|
11
11
|
response = authorization_endpoint.call(env)
|
|
12
12
|
case response.first
|
|
13
13
|
when 200
|
|
@@ -35,7 +35,7 @@ get '/oauth/authorize' do
|
|
|
35
35
|
end
|
|
36
36
|
|
|
37
37
|
post '/oauth/authorize' do
|
|
38
|
-
authorization_endpoint = Rack::OAuth2::Server::
|
|
38
|
+
authorization_endpoint = Rack::OAuth2::Server::Authorize.new(self) do |request, response|
|
|
39
39
|
# allow everything
|
|
40
40
|
params = env['rack.request.form_hash']
|
|
41
41
|
if params['approved']
|
data/lib/rack/oauth2/server.rb
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
module Rack
|
|
2
2
|
module OAuth2
|
|
3
3
|
module Server
|
|
4
|
-
class
|
|
4
|
+
class Authorize < Abstract::Handler
|
|
5
5
|
|
|
6
6
|
def call(env)
|
|
7
7
|
request = Request.new(env)
|
|
@@ -60,6 +60,6 @@ module Rack
|
|
|
60
60
|
end
|
|
61
61
|
end
|
|
62
62
|
|
|
63
|
-
require 'rack/oauth2/server/
|
|
64
|
-
require 'rack/oauth2/server/
|
|
65
|
-
require 'rack/oauth2/server/
|
|
63
|
+
require 'rack/oauth2/server/authorize/code'
|
|
64
|
+
require 'rack/oauth2/server/authorize/token'
|
|
65
|
+
require 'rack/oauth2/server/authorize/code_and_token'
|
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
module Rack
|
|
2
2
|
module OAuth2
|
|
3
3
|
module Server
|
|
4
|
-
class
|
|
4
|
+
class Authorize
|
|
5
5
|
class Code < Abstract::Handler
|
|
6
6
|
|
|
7
7
|
def call(env)
|
|
@@ -10,14 +10,14 @@ module Rack
|
|
|
10
10
|
super
|
|
11
11
|
end
|
|
12
12
|
|
|
13
|
-
class Request <
|
|
13
|
+
class Request < Authorize::Request
|
|
14
14
|
def initialize(env)
|
|
15
15
|
super
|
|
16
|
-
@response_type =
|
|
16
|
+
@response_type = :code
|
|
17
17
|
end
|
|
18
18
|
end
|
|
19
19
|
|
|
20
|
-
class Response <
|
|
20
|
+
class Response < Authorize::Response
|
|
21
21
|
attr_accessor :code
|
|
22
22
|
|
|
23
23
|
def required_params
|
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
module Rack
|
|
2
2
|
module OAuth2
|
|
3
3
|
module Server
|
|
4
|
-
class
|
|
4
|
+
class Authorize
|
|
5
5
|
class CodeAndToken < Abstract::Handler
|
|
6
6
|
|
|
7
7
|
def call(env)
|
|
@@ -10,14 +10,14 @@ module Rack
|
|
|
10
10
|
super
|
|
11
11
|
end
|
|
12
12
|
|
|
13
|
-
class Request <
|
|
13
|
+
class Request < Authorize::Request
|
|
14
14
|
def initialize(env)
|
|
15
15
|
super
|
|
16
|
-
@response_type =
|
|
16
|
+
@response_type = :code_and_token
|
|
17
17
|
end
|
|
18
18
|
end
|
|
19
19
|
|
|
20
|
-
class Response <
|
|
20
|
+
class Response < Authorize::Response
|
|
21
21
|
attr_accessor :code, :access_token, :expires_in, :scope
|
|
22
22
|
|
|
23
23
|
def required_params
|
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
module Rack
|
|
2
2
|
module OAuth2
|
|
3
3
|
module Server
|
|
4
|
-
class
|
|
4
|
+
class Authorize
|
|
5
5
|
class Token < Abstract::Handler
|
|
6
6
|
|
|
7
7
|
def call(env)
|
|
@@ -10,14 +10,14 @@ module Rack
|
|
|
10
10
|
super
|
|
11
11
|
end
|
|
12
12
|
|
|
13
|
-
class Request <
|
|
13
|
+
class Request < Authorize::Request
|
|
14
14
|
def initialize(env)
|
|
15
15
|
super
|
|
16
|
-
@response_type =
|
|
16
|
+
@response_type = :token
|
|
17
17
|
end
|
|
18
18
|
end
|
|
19
19
|
|
|
20
|
-
class Response <
|
|
20
|
+
class Response < Authorize::Response
|
|
21
21
|
attr_accessor :access_token, :expires_in, :scope
|
|
22
22
|
|
|
23
23
|
def required_params
|
|
@@ -40,7 +40,12 @@ module Rack
|
|
|
40
40
|
|
|
41
41
|
class Unauthorized < Error
|
|
42
42
|
def initialize(error, description = "", options = {})
|
|
43
|
-
|
|
43
|
+
status = if options[:payload] == :header
|
|
44
|
+
401
|
|
45
|
+
else
|
|
46
|
+
400
|
|
47
|
+
end
|
|
48
|
+
super(status, error, description, options)
|
|
44
49
|
end
|
|
45
50
|
end
|
|
46
51
|
|
|
@@ -37,6 +37,7 @@ module Rack
|
|
|
37
37
|
raise BadRequest.new(:unsupported_grant_type, "'#{params['grant_type']}' isn't supported.")
|
|
38
38
|
end
|
|
39
39
|
end
|
|
40
|
+
|
|
40
41
|
end
|
|
41
42
|
|
|
42
43
|
class Response < Abstract::Response
|
|
@@ -47,11 +48,14 @@ module Rack
|
|
|
47
48
|
end
|
|
48
49
|
|
|
49
50
|
def finish
|
|
50
|
-
|
|
51
|
-
|
|
52
|
-
|
|
53
|
-
|
|
54
|
-
|
|
51
|
+
params = {
|
|
52
|
+
:access_token => access_token,
|
|
53
|
+
:expires_in => expires_in,
|
|
54
|
+
:scope => Array(scope).join(' ')
|
|
55
|
+
}.delete_if do |key, value|
|
|
56
|
+
value.blank?
|
|
57
|
+
end
|
|
58
|
+
write params.to_json
|
|
55
59
|
header['Content-Type'] = "application/json"
|
|
56
60
|
super
|
|
57
61
|
end
|
data/rack-oauth2.gemspec
CHANGED
|
@@ -5,7 +5,7 @@
|
|
|
5
5
|
|
|
6
6
|
Gem::Specification.new do |s|
|
|
7
7
|
s.name = %q{rack-oauth2}
|
|
8
|
-
s.version = "0.0.
|
|
8
|
+
s.version = "0.0.7"
|
|
9
9
|
|
|
10
10
|
s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
|
|
11
11
|
s.authors = ["nov matake"]
|
|
@@ -32,10 +32,10 @@ Gem::Specification.new do |s|
|
|
|
32
32
|
"lib/rack/oauth2/server/abstract/handler.rb",
|
|
33
33
|
"lib/rack/oauth2/server/abstract/request.rb",
|
|
34
34
|
"lib/rack/oauth2/server/abstract/response.rb",
|
|
35
|
-
"lib/rack/oauth2/server/
|
|
36
|
-
"lib/rack/oauth2/server/
|
|
37
|
-
"lib/rack/oauth2/server/
|
|
38
|
-
"lib/rack/oauth2/server/
|
|
35
|
+
"lib/rack/oauth2/server/authorize.rb",
|
|
36
|
+
"lib/rack/oauth2/server/authorize/code.rb",
|
|
37
|
+
"lib/rack/oauth2/server/authorize/code_and_token.rb",
|
|
38
|
+
"lib/rack/oauth2/server/authorize/token.rb",
|
|
39
39
|
"lib/rack/oauth2/server/error.rb",
|
|
40
40
|
"lib/rack/oauth2/server/token.rb",
|
|
41
41
|
"lib/rack/oauth2/server/token/assertion.rb",
|
|
@@ -44,10 +44,10 @@ Gem::Specification.new do |s|
|
|
|
44
44
|
"lib/rack/oauth2/server/token/refresh_token.rb",
|
|
45
45
|
"lib/rack/oauth2/server/util.rb",
|
|
46
46
|
"rack-oauth2.gemspec",
|
|
47
|
-
"spec/rack/oauth2/server/
|
|
48
|
-
"spec/rack/oauth2/server/
|
|
49
|
-
"spec/rack/oauth2/server/
|
|
50
|
-
"spec/rack/oauth2/server/
|
|
47
|
+
"spec/rack/oauth2/server/authorize/code_and_token_spec.rb",
|
|
48
|
+
"spec/rack/oauth2/server/authorize/code_spec.rb",
|
|
49
|
+
"spec/rack/oauth2/server/authorize/token_spec.rb",
|
|
50
|
+
"spec/rack/oauth2/server/authorize_spec.rb",
|
|
51
51
|
"spec/rack/oauth2/server/error_spec.rb",
|
|
52
52
|
"spec/rack/oauth2/server/token/assertion_spec.rb",
|
|
53
53
|
"spec/rack/oauth2/server/token/authorization_code_spec.rb",
|
|
@@ -63,10 +63,10 @@ Gem::Specification.new do |s|
|
|
|
63
63
|
s.rubygems_version = %q{1.3.7}
|
|
64
64
|
s.summary = %q{Rack Middleware for OAuth2 Client & Server}
|
|
65
65
|
s.test_files = [
|
|
66
|
-
"spec/rack/oauth2/server/
|
|
67
|
-
"spec/rack/oauth2/server/
|
|
68
|
-
"spec/rack/oauth2/server/
|
|
69
|
-
"spec/rack/oauth2/server/
|
|
66
|
+
"spec/rack/oauth2/server/authorize/code_and_token_spec.rb",
|
|
67
|
+
"spec/rack/oauth2/server/authorize/code_spec.rb",
|
|
68
|
+
"spec/rack/oauth2/server/authorize/token_spec.rb",
|
|
69
|
+
"spec/rack/oauth2/server/authorize_spec.rb",
|
|
70
70
|
"spec/rack/oauth2/server/error_spec.rb",
|
|
71
71
|
"spec/rack/oauth2/server/token/assertion_spec.rb",
|
|
72
72
|
"spec/rack/oauth2/server/token/authorization_code_spec.rb",
|
|
@@ -1,12 +1,12 @@
|
|
|
1
1
|
require 'spec_helper.rb'
|
|
2
2
|
|
|
3
|
-
describe Rack::OAuth2::Server::
|
|
3
|
+
describe Rack::OAuth2::Server::Authorize::CodeAndToken do
|
|
4
4
|
|
|
5
5
|
context "when authorized" do
|
|
6
6
|
|
|
7
7
|
before do
|
|
8
8
|
# NOTE: for some reason, test fails when called Rack::OAuth2::Server::Authorization::CodeAndToken directly
|
|
9
|
-
@app = Rack::OAuth2::Server::
|
|
9
|
+
@app = Rack::OAuth2::Server::Authorize.new(simple_app) do |request, response|
|
|
10
10
|
response.approve!
|
|
11
11
|
response.code = "authorization_code"
|
|
12
12
|
response.access_token = "access_token"
|
|
@@ -26,7 +26,7 @@ describe Rack::OAuth2::Server::Authorization::CodeAndToken do
|
|
|
26
26
|
|
|
27
27
|
before do
|
|
28
28
|
# NOTE: for some reason, test fails when called Rack::OAuth2::Server::Authorization::Code directly
|
|
29
|
-
@app = Rack::OAuth2::Server::
|
|
29
|
+
@app = Rack::OAuth2::Server::Authorize.new(simple_app) do |request, response|
|
|
30
30
|
raise Rack::OAuth2::Server::Unauthorized.new(:access_denied, 'User rejected the requested access.', :redirect_uri => request.redirect_uri)
|
|
31
31
|
end
|
|
32
32
|
@request = Rack::MockRequest.new @app
|
|
@@ -1,12 +1,12 @@
|
|
|
1
1
|
require 'spec_helper.rb'
|
|
2
2
|
|
|
3
|
-
describe Rack::OAuth2::Server::
|
|
3
|
+
describe Rack::OAuth2::Server::Authorize::Code do
|
|
4
4
|
|
|
5
5
|
context "when authorized" do
|
|
6
6
|
|
|
7
7
|
before do
|
|
8
8
|
# NOTE: for some reason, test fails when called Rack::OAuth2::Server::Authorization::Code directly
|
|
9
|
-
@app = Rack::OAuth2::Server::
|
|
9
|
+
@app = Rack::OAuth2::Server::Authorize.new(simple_app) do |request, response|
|
|
10
10
|
response.approve!
|
|
11
11
|
response.code = "authorization_code"
|
|
12
12
|
end
|
|
@@ -25,7 +25,7 @@ describe Rack::OAuth2::Server::Authorization::Code do
|
|
|
25
25
|
|
|
26
26
|
before do
|
|
27
27
|
# NOTE: for some reason, test fails when called Rack::OAuth2::Server::Authorization::Code directly
|
|
28
|
-
@app = Rack::OAuth2::Server::
|
|
28
|
+
@app = Rack::OAuth2::Server::Authorize.new(simple_app) do |request, response|
|
|
29
29
|
raise Rack::OAuth2::Server::Unauthorized.new(:access_denied, 'User rejected the requested access.', :redirect_uri => request.redirect_uri)
|
|
30
30
|
end
|
|
31
31
|
@request = Rack::MockRequest.new @app
|
|
@@ -1,12 +1,12 @@
|
|
|
1
1
|
require 'spec_helper.rb'
|
|
2
2
|
|
|
3
|
-
describe Rack::OAuth2::Server::
|
|
3
|
+
describe Rack::OAuth2::Server::Authorize::Token do
|
|
4
4
|
|
|
5
5
|
context "when authorized" do
|
|
6
6
|
|
|
7
7
|
before do
|
|
8
8
|
# NOTE: for some reason, test fails when called Rack::OAuth2::Server::Authorization::Token directly
|
|
9
|
-
@app = Rack::OAuth2::Server::
|
|
9
|
+
@app = Rack::OAuth2::Server::Authorize.new do |request, response|
|
|
10
10
|
response.approve!
|
|
11
11
|
response.access_token = "access_token"
|
|
12
12
|
end
|
|
@@ -25,7 +25,7 @@ describe Rack::OAuth2::Server::Authorization::Token do
|
|
|
25
25
|
|
|
26
26
|
before do
|
|
27
27
|
# NOTE: for some reason, test fails when called Rack::OAuth2::Server::Authorization::Code directly
|
|
28
|
-
@app = Rack::OAuth2::Server::
|
|
28
|
+
@app = Rack::OAuth2::Server::Authorize.new do |request, response|
|
|
29
29
|
raise Rack::OAuth2::Server::Unauthorized.new(:access_denied, 'User rejected the requested access.', :redirect_uri => request.redirect_uri)
|
|
30
30
|
end
|
|
31
31
|
@request = Rack::MockRequest.new @app
|
|
@@ -1,16 +1,16 @@
|
|
|
1
1
|
require 'spec_helper.rb'
|
|
2
2
|
|
|
3
|
-
describe Rack::OAuth2::Server::
|
|
3
|
+
describe Rack::OAuth2::Server::Authorize do
|
|
4
4
|
it "should support realm" do
|
|
5
|
-
app = Rack::OAuth2::Server::
|
|
5
|
+
app = Rack::OAuth2::Server::Authorize.new("server.example.com")
|
|
6
6
|
app.realm.should == "server.example.com"
|
|
7
7
|
end
|
|
8
8
|
end
|
|
9
9
|
|
|
10
|
-
describe Rack::OAuth2::Server::
|
|
10
|
+
describe Rack::OAuth2::Server::Authorize::Request do
|
|
11
11
|
|
|
12
12
|
before do
|
|
13
|
-
@app = Rack::OAuth2::Server::
|
|
13
|
+
@app = Rack::OAuth2::Server::Authorize.new(simple_app) do |request, response|
|
|
14
14
|
response.code = "authorization_code"
|
|
15
15
|
end
|
|
16
16
|
@request = Rack::MockRequest.new @app
|
|
@@ -47,12 +47,12 @@ describe Rack::OAuth2::Server::Authorization::Request do
|
|
|
47
47
|
|
|
48
48
|
end
|
|
49
49
|
|
|
50
|
-
describe Rack::OAuth2::Server::
|
|
50
|
+
describe Rack::OAuth2::Server::Authorize::Response do
|
|
51
51
|
|
|
52
52
|
context "when required response params are missing" do
|
|
53
53
|
|
|
54
54
|
before do
|
|
55
|
-
@app = Rack::OAuth2::Server::
|
|
55
|
+
@app = Rack::OAuth2::Server::Authorize.new(simple_app) do |request, response|
|
|
56
56
|
response.approve!
|
|
57
57
|
# code is missing
|
|
58
58
|
end
|
|
@@ -70,7 +70,7 @@ describe Rack::OAuth2::Server::Authorization::Response do
|
|
|
70
70
|
context "when required response params are given" do
|
|
71
71
|
|
|
72
72
|
before do
|
|
73
|
-
@app = Rack::OAuth2::Server::
|
|
73
|
+
@app = Rack::OAuth2::Server::Authorize.new(simple_app) do |request, response|
|
|
74
74
|
response.approve!
|
|
75
75
|
response.code = "authorization_code"
|
|
76
76
|
end
|
|
@@ -53,8 +53,17 @@ describe Rack::OAuth2::Server::BadRequest do
|
|
|
53
53
|
end
|
|
54
54
|
|
|
55
55
|
describe Rack::OAuth2::Server::Unauthorized do
|
|
56
|
-
|
|
57
|
-
|
|
58
|
-
|
|
56
|
+
context "when payload is header" do
|
|
57
|
+
it "should use 401 as status" do
|
|
58
|
+
error = Rack::OAuth2::Server::Unauthorized.new(:invalid_client, '', :payload => :header)
|
|
59
|
+
error.code.should == 401
|
|
60
|
+
end
|
|
61
|
+
end
|
|
62
|
+
|
|
63
|
+
context "when payload isn't header" do
|
|
64
|
+
it "should use 400 as status" do
|
|
65
|
+
error = Rack::OAuth2::Server::Unauthorized.new(:invalid_request)
|
|
66
|
+
error.code.should == 400
|
|
67
|
+
end
|
|
59
68
|
end
|
|
60
69
|
end
|
|
@@ -13,7 +13,12 @@ describe Rack::OAuth2::Server::Token::Assertion do
|
|
|
13
13
|
end
|
|
14
14
|
|
|
15
15
|
it "should return access_token as json response body" do
|
|
16
|
-
response = @request.
|
|
16
|
+
response = @request.post("/", :params => {
|
|
17
|
+
:grant_type => "assertion",
|
|
18
|
+
:client_id => "valid_client",
|
|
19
|
+
:assertion => "valid_assertion",
|
|
20
|
+
:assertion_type => "something"
|
|
21
|
+
})
|
|
17
22
|
response.status.should == 200
|
|
18
23
|
response.content_type.should == "application/json"
|
|
19
24
|
response.body.should == "{\"access_token\":\"access_token\"}"
|
|
@@ -32,8 +37,13 @@ describe Rack::OAuth2::Server::Token::Assertion do
|
|
|
32
37
|
end
|
|
33
38
|
|
|
34
39
|
it "should return error message as json response body" do
|
|
35
|
-
response = @request.
|
|
36
|
-
|
|
40
|
+
response = @request.post("/", :params => {
|
|
41
|
+
:grant_type => "assertion",
|
|
42
|
+
:client_id => "valid_client",
|
|
43
|
+
:assertion => "invalid_assertion",
|
|
44
|
+
:assertion_type => "something"
|
|
45
|
+
})
|
|
46
|
+
response.status.should == 400
|
|
37
47
|
response.content_type.should == "application/json"
|
|
38
48
|
response.body.should == "{\"error_description\":\"Invalid assertion.\",\"error\":\"invalid_grant\"}"
|
|
39
49
|
end
|
|
@@ -13,7 +13,12 @@ describe Rack::OAuth2::Server::Token::AuthorizationCode do
|
|
|
13
13
|
end
|
|
14
14
|
|
|
15
15
|
it "should return access_token as json response body" do
|
|
16
|
-
response = @request.
|
|
16
|
+
response = @request.post("/", :params => {
|
|
17
|
+
:grant_type => "authorization_code",
|
|
18
|
+
:client_id => "valid_client",
|
|
19
|
+
:code => "valid_authorization_code",
|
|
20
|
+
:redirect_uri => "http://client.example.com/callback"
|
|
21
|
+
})
|
|
17
22
|
response.status.should == 200
|
|
18
23
|
response.content_type.should == "application/json"
|
|
19
24
|
response.body.should == "{\"access_token\":\"access_token\"}"
|
|
@@ -32,8 +37,13 @@ describe Rack::OAuth2::Server::Token::AuthorizationCode do
|
|
|
32
37
|
end
|
|
33
38
|
|
|
34
39
|
it "should return error message as json response body" do
|
|
35
|
-
response = @request.
|
|
36
|
-
|
|
40
|
+
response = @request.post("/", :params => {
|
|
41
|
+
:grant_type => "authorization_code",
|
|
42
|
+
:client_id => "valid_client",
|
|
43
|
+
:code => "invalid_authorization_code",
|
|
44
|
+
:redirect_uri => "http://client.example.com/callback"
|
|
45
|
+
})
|
|
46
|
+
response.status.should == 400
|
|
37
47
|
response.content_type.should == "application/json"
|
|
38
48
|
response.body.should == "{\"error_description\":\"Invalid authorization code.\",\"error\":\"invalid_grant\"}"
|
|
39
49
|
end
|
|
@@ -51,8 +61,13 @@ describe Rack::OAuth2::Server::Token::AuthorizationCode do
|
|
|
51
61
|
end
|
|
52
62
|
|
|
53
63
|
it "should return error message as json response body" do
|
|
54
|
-
response = @request.
|
|
55
|
-
|
|
64
|
+
response = @request.post("/", :params => {
|
|
65
|
+
:grant_type => "authorization_code",
|
|
66
|
+
:client_id => "invalid_client",
|
|
67
|
+
:code => "valid_authorization_code",
|
|
68
|
+
:redirect_uri => "http://client.example.com/callback"
|
|
69
|
+
})
|
|
70
|
+
response.status.should == 400
|
|
56
71
|
response.content_type.should == "application/json"
|
|
57
72
|
response.body.should == "{\"error_description\":\"Invalid client identifier.\",\"error\":\"invalid_client\"}"
|
|
58
73
|
end
|
|
@@ -13,7 +13,12 @@ describe Rack::OAuth2::Server::Token::Password do
|
|
|
13
13
|
end
|
|
14
14
|
|
|
15
15
|
it "should return access_token as json response body" do
|
|
16
|
-
response = @request.
|
|
16
|
+
response = @request.post("/", :params => {
|
|
17
|
+
:grant_type => "password",
|
|
18
|
+
:client_id => "valid_client",
|
|
19
|
+
:username => "nov",
|
|
20
|
+
:password => "valid_pass"
|
|
21
|
+
})
|
|
17
22
|
response.status.should == 200
|
|
18
23
|
response.content_type.should == "application/json"
|
|
19
24
|
response.body.should == "{\"access_token\":\"access_token\"}"
|
|
@@ -32,8 +37,13 @@ describe Rack::OAuth2::Server::Token::Password do
|
|
|
32
37
|
end
|
|
33
38
|
|
|
34
39
|
it "should return error message as json response body" do
|
|
35
|
-
response = @request.
|
|
36
|
-
|
|
40
|
+
response = @request.post("/", :params => {
|
|
41
|
+
:grant_type => "password",
|
|
42
|
+
:client_id => "valid_client",
|
|
43
|
+
:username => "nov",
|
|
44
|
+
:password => "invalid_pass"
|
|
45
|
+
})
|
|
46
|
+
response.status.should == 400
|
|
37
47
|
response.content_type.should == "application/json"
|
|
38
48
|
response.body.should == "{\"error_description\":\"Invalid resource owner credentials.\",\"error\":\"invalid_grant\"}"
|
|
39
49
|
end
|
|
@@ -13,7 +13,11 @@ describe Rack::OAuth2::Server::Token::RefreshToken do
|
|
|
13
13
|
end
|
|
14
14
|
|
|
15
15
|
it "should return access_token as json response body" do
|
|
16
|
-
response = @request.
|
|
16
|
+
response = @request.post("/", :params => {
|
|
17
|
+
:grant_type => "refresh_token",
|
|
18
|
+
:client_id => "valid_client",
|
|
19
|
+
:refresh_token => "valid_refresh_token"
|
|
20
|
+
})
|
|
17
21
|
response.status.should == 200
|
|
18
22
|
response.content_type.should == "application/json"
|
|
19
23
|
response.body.should == "{\"access_token\":\"access_token\"}"
|
|
@@ -32,8 +36,12 @@ describe Rack::OAuth2::Server::Token::RefreshToken do
|
|
|
32
36
|
end
|
|
33
37
|
|
|
34
38
|
it "should return error message as json response body" do
|
|
35
|
-
response = @request.
|
|
36
|
-
|
|
39
|
+
response = @request.post("/", :params => {
|
|
40
|
+
:grant_type => "refresh_token",
|
|
41
|
+
:client_id => "valid_client",
|
|
42
|
+
:refresh_token => "invalid_refresh_token"
|
|
43
|
+
})
|
|
44
|
+
response.status.should == 400
|
|
37
45
|
response.content_type.should == "application/json"
|
|
38
46
|
response.body.should == "{\"error_description\":\"Invalid refresh_token.\",\"error\":\"invalid_grant\"}"
|
|
39
47
|
end
|
metadata
CHANGED
|
@@ -1,13 +1,13 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: rack-oauth2
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
hash:
|
|
4
|
+
hash: 17
|
|
5
5
|
prerelease: false
|
|
6
6
|
segments:
|
|
7
7
|
- 0
|
|
8
8
|
- 0
|
|
9
|
-
-
|
|
10
|
-
version: 0.0.
|
|
9
|
+
- 7
|
|
10
|
+
version: 0.0.7
|
|
11
11
|
platform: ruby
|
|
12
12
|
authors:
|
|
13
13
|
- nov matake
|
|
@@ -87,10 +87,10 @@ files:
|
|
|
87
87
|
- lib/rack/oauth2/server/abstract/handler.rb
|
|
88
88
|
- lib/rack/oauth2/server/abstract/request.rb
|
|
89
89
|
- lib/rack/oauth2/server/abstract/response.rb
|
|
90
|
-
- lib/rack/oauth2/server/
|
|
91
|
-
- lib/rack/oauth2/server/
|
|
92
|
-
- lib/rack/oauth2/server/
|
|
93
|
-
- lib/rack/oauth2/server/
|
|
90
|
+
- lib/rack/oauth2/server/authorize.rb
|
|
91
|
+
- lib/rack/oauth2/server/authorize/code.rb
|
|
92
|
+
- lib/rack/oauth2/server/authorize/code_and_token.rb
|
|
93
|
+
- lib/rack/oauth2/server/authorize/token.rb
|
|
94
94
|
- lib/rack/oauth2/server/error.rb
|
|
95
95
|
- lib/rack/oauth2/server/token.rb
|
|
96
96
|
- lib/rack/oauth2/server/token/assertion.rb
|
|
@@ -99,10 +99,10 @@ files:
|
|
|
99
99
|
- lib/rack/oauth2/server/token/refresh_token.rb
|
|
100
100
|
- lib/rack/oauth2/server/util.rb
|
|
101
101
|
- rack-oauth2.gemspec
|
|
102
|
-
- spec/rack/oauth2/server/
|
|
103
|
-
- spec/rack/oauth2/server/
|
|
104
|
-
- spec/rack/oauth2/server/
|
|
105
|
-
- spec/rack/oauth2/server/
|
|
102
|
+
- spec/rack/oauth2/server/authorize/code_and_token_spec.rb
|
|
103
|
+
- spec/rack/oauth2/server/authorize/code_spec.rb
|
|
104
|
+
- spec/rack/oauth2/server/authorize/token_spec.rb
|
|
105
|
+
- spec/rack/oauth2/server/authorize_spec.rb
|
|
106
106
|
- spec/rack/oauth2/server/error_spec.rb
|
|
107
107
|
- spec/rack/oauth2/server/token/assertion_spec.rb
|
|
108
108
|
- spec/rack/oauth2/server/token/authorization_code_spec.rb
|
|
@@ -146,10 +146,10 @@ signing_key:
|
|
|
146
146
|
specification_version: 3
|
|
147
147
|
summary: Rack Middleware for OAuth2 Client & Server
|
|
148
148
|
test_files:
|
|
149
|
-
- spec/rack/oauth2/server/
|
|
150
|
-
- spec/rack/oauth2/server/
|
|
151
|
-
- spec/rack/oauth2/server/
|
|
152
|
-
- spec/rack/oauth2/server/
|
|
149
|
+
- spec/rack/oauth2/server/authorize/code_and_token_spec.rb
|
|
150
|
+
- spec/rack/oauth2/server/authorize/code_spec.rb
|
|
151
|
+
- spec/rack/oauth2/server/authorize/token_spec.rb
|
|
152
|
+
- spec/rack/oauth2/server/authorize_spec.rb
|
|
153
153
|
- spec/rack/oauth2/server/error_spec.rb
|
|
154
154
|
- spec/rack/oauth2/server/token/assertion_spec.rb
|
|
155
155
|
- spec/rack/oauth2/server/token/authorization_code_spec.rb
|