rack-oauth2 0.14.6 → 0.14.7

Sign up to get free protection for your applications and to get access to all the features.
Files changed (28) hide show
  1. data/Gemfile.lock +1 -1
  2. data/VERSION +1 -1
  3. data/lib/rack/oauth2.rb +8 -1
  4. data/lib/rack/oauth2/access_token/mac.rb +12 -6
  5. data/lib/rack/oauth2/access_token/mac/sha256_hex_verifier.rb +1 -1
  6. data/lib/rack/oauth2/access_token/mac/verifier.rb +0 -1
  7. data/spec/rack/oauth2/access_token/mac/sha256_hex_verifier_spec.rb +10 -0
  8. data/spec/rack/oauth2/access_token/mac/verifier_spec.rb +1 -1
  9. data/spec/rack/oauth2/access_token/mac_spec.rb +3 -4
  10. data/spec/rack/oauth2/access_token_spec.rb +2 -2
  11. data/spec/rack/oauth2/client/grant/authorization_code_spec.rb +1 -1
  12. data/spec/rack/oauth2/client/grant/password_spec.rb +2 -2
  13. data/spec/rack/oauth2/client/grant/refresh_token_spec.rb +1 -1
  14. data/spec/rack/oauth2/client_spec.rb +5 -5
  15. data/spec/rack/oauth2/oauth2_spec.rb +29 -0
  16. data/spec/rack/oauth2/server/authorize/code_spec.rb +2 -2
  17. data/spec/rack/oauth2/server/authorize/error_spec.rb +5 -5
  18. data/spec/rack/oauth2/server/authorize/token_spec.rb +2 -2
  19. data/spec/rack/oauth2/server/authorize_spec.rb +10 -10
  20. data/spec/rack/oauth2/server/resource/bearer/error_spec.rb +2 -2
  21. data/spec/rack/oauth2/server/resource/error_spec.rb +6 -6
  22. data/spec/rack/oauth2/server/resource/mac/error_spec.rb +2 -2
  23. data/spec/rack/oauth2/server/resource/mac_spec.rb +7 -1
  24. data/spec/rack/oauth2/server/resource_spec.rb +2 -2
  25. data/spec/rack/oauth2/server/token/error_spec.rb +4 -4
  26. data/spec/rack/oauth2/server/token_spec.rb +1 -1
  27. data/spec/rack/oauth2/util_spec.rb +3 -3
  28. metadata +2 -2
data/Gemfile.lock CHANGED
@@ -1,7 +1,7 @@
1
1
  PATH
2
2
  remote: .
3
3
  specs:
4
- rack-oauth2 (0.14.5)
4
+ rack-oauth2 (0.14.6)
5
5
  activesupport (>= 2.3)
6
6
  attr_required (>= 0.0.5)
7
7
  httpclient (>= 2.2.0.2)
data/VERSION CHANGED
@@ -1 +1 @@
1
- 0.14.6
1
+ 0.14.7
data/lib/rack/oauth2.rb CHANGED
@@ -39,17 +39,24 @@ module Rack
39
39
  end
40
40
  self.debugging = false
41
41
 
42
- def self.http_client(agent_name = "Rack::OAuth2 (#{VERSION})")
42
+ def self.http_client(agent_name = "Rack::OAuth2 (#{VERSION})", &local_http_config)
43
43
  _http_client_ = HTTPClient.new(
44
44
  :agent_name => agent_name
45
45
  )
46
46
  http_config.try(:call, _http_client_)
47
+ local_http_config.try(:call, _http_client_) unless local_http_config.nil?
47
48
  _http_client_.request_filter << Debugger::RequestFilter.new if debugging?
48
49
  _http_client_
49
50
  end
51
+
50
52
  def self.http_config(&block)
51
53
  @@http_config ||= block
52
54
  end
55
+
56
+ def self.reset_http_config!
57
+ @@http_config = nil
58
+ end
59
+
53
60
  end
54
61
  end
55
62
 
data/lib/rack/oauth2/access_token/mac.rb CHANGED
@@ -3,12 +3,13 @@ module Rack
3
3
  class AccessToken
4
4
  class MAC < AccessToken
5
5
  attr_required :mac_key, :mac_algorithm
6
- attr_optional :ts, :ext_verifier
6
+ attr_optional :ts, :ext_verifier, :ts_expires_in
7
7
  attr_reader :nonce, :signature, :ext
8
8
 
9
9
  def initialize(attributes = {})
10
10
  super(attributes)
11
- @ts ||= Time.now.utc
11
+ @issued_at = Time.now.utc
12
+ @ts_expires_in ||= 5.minutes
12
13
  end
13
14
 
14
15
  def token_response
@@ -19,7 +20,6 @@ module Rack
19
20
  end
20
21
 
21
22
  def verify!(request)
22
-
23
23
  body = request.body.read
24
24
  if self.ext_verifier.present?
25
25
  self.ext_verifier.new(
@@ -28,6 +28,11 @@ module Rack
28
28
  ).verify!(request.ext)
29
29
  end
30
30
 
31
+ now = Time.now.utc.to_i
32
+ now = @ts.to_i if @ts.present?
33
+
34
+ raise Rack::OAuth2::AccessToken::MAC::Verifier::VerificationFailed.new("Request ts expired") if now - request.ts.to_i > @ts_expires_in.to_i
35
+
31
36
  Signature.new(
32
37
  :secret => self.mac_key,
33
38
  :algorithm => self.mac_algorithm,
@@ -45,6 +50,7 @@ module Rack
45
50
 
46
51
  def authenticate(request)
47
52
  @nonce = generate_nonce
53
+ @ts_generated = @ts || Time.now.utc
48
54
 
49
55
  if self.ext_verifier.present?
50
56
  @ext = self.ext_verifier.new(
@@ -61,7 +67,7 @@ module Rack
61
67
  :request_uri => request.header.create_query_uri,
62
68
  :host => request.header.request_uri.host,
63
69
  :port => request.header.request_uri.port,
64
- :ts => self.ts,
70
+ :ts => @ts_generated,
65
71
  :ext => @ext
66
72
  ).calculate
67
73
 
@@ -73,7 +79,7 @@ module Rack
73
79
  def authorization_header
74
80
  header = "MAC id=\"#{access_token}\""
75
81
  header << ", nonce=\"#{nonce}\""
76
- header << ", ts=\"#{ts.to_i}\""
82
+ header << ", ts=\"#{@ts_generated.to_i}\""
77
83
  header << ", mac=\"#{signature}\""
78
84
  header << ", ext=\"#{ext}\"" if @ext.present?
79
85
  header
@@ -81,7 +87,7 @@ module Rack
81
87
 
82
88
  def generate_nonce
83
89
  [
84
- (Time.now.utc - @ts).to_i,
90
+ (Time.now.utc - @issued_at).to_i,
85
91
  SecureRandom.hex
86
92
  ].join(':')
87
93
  end
data/lib/rack/oauth2/access_token/mac/sha256_hex_verifier.rb CHANGED
@@ -6,7 +6,7 @@ module Rack
6
6
  attr_optional :raw_body
7
7
 
8
8
  def calculate
9
- return nil if raw_body.nil?
9
+ return nil unless raw_body.present?
10
10
 
11
11
  OpenSSL::Digest::SHA256.new.digest(raw_body).unpack('H*').first
12
12
  end
data/lib/rack/oauth2/access_token/mac/verifier.rb CHANGED
@@ -18,7 +18,6 @@ module Rack
18
18
  end
19
19
 
20
20
  def verify!(expected)
21
- puts "verifying #{expected} = #{self.calculate}"
22
21
  if expected == self.calculate
23
22
  :verified
24
23
  else
data/spec/rack/oauth2/access_token/mac/sha256_hex_verifier_spec.rb CHANGED
@@ -15,4 +15,14 @@ describe Rack::OAuth2::AccessToken::MAC::Sha256HexVerifier do
15
15
  end
16
16
 
17
17
 
18
+ context 'when raw_body is empty' do
19
+ subject do
20
+ Rack::OAuth2::AccessToken::MAC::Sha256HexVerifier.new(
21
+ :algorithm => 'hmac-sha-256',
22
+ :raw_body => ''
23
+ )
24
+ end
25
+ its(:calculate) { should be_nil }
26
+ end
27
+
18
28
  end
data/spec/rack/oauth2/access_token/mac/verifier_spec.rb CHANGED
@@ -17,7 +17,7 @@ describe Rack::OAuth2::AccessToken::MAC::Verifier do
17
17
  context 'otherwise' do
18
18
  let(:algorithm) { 'invalid' }
19
19
  it do
20
- expect { verifier.send(:hash_generator) }.should raise_error(StandardError, 'Unsupported Algorithm')
20
+ expect { verifier.send(:hash_generator) }.to raise_error(StandardError, 'Unsupported Algorithm')
21
21
  end
22
22
  end
23
23
 
data/spec/rack/oauth2/access_token/mac_spec.rb CHANGED
@@ -60,7 +60,7 @@ describe Rack::OAuth2::AccessToken::MAC do
60
60
  context 'otherwise' do
61
61
  let(:signature) { 'invalid' }
62
62
  it do
63
- expect { token.verify!(request.setup!) }.should raise_error(
63
+ expect { token.verify!(request.setup!) }.to raise_error(
64
64
  Rack::OAuth2::Server::Resource::MAC::Unauthorized,
65
65
  'invalid_token :: Signature Invalid'
66
66
  )
@@ -84,7 +84,7 @@ describe Rack::OAuth2::AccessToken::MAC do
84
84
  context 'when ext is invalid' do
85
85
  let(:ext) { 'invalid' }
86
86
  it do
87
- expect { token_with_ext_verifier.verify!(request.setup!) }.should raise_error(
87
+ expect { token_with_ext_verifier.verify!(request.setup!) }.to raise_error(
88
88
  Rack::OAuth2::Server::Resource::MAC::Unauthorized,
89
89
  'invalid_token :: Sha256HexVerifier Invalid'
90
90
  )
@@ -98,7 +98,6 @@ describe Rack::OAuth2::AccessToken::MAC do
98
98
  let(:signature) { 'dZYR54n+Lym5qCRRmDqmRZ71rG+bkjSWmqrOv8OjYHk=' }
99
99
  it do
100
100
  Time.fix(Time.at(1302361200)) do
101
-
102
101
  token_with_ext_verifier.verify!(request.setup!).should == :verified
103
102
  end
104
103
  end
@@ -106,7 +105,7 @@ describe Rack::OAuth2::AccessToken::MAC do
106
105
 
107
106
  context 'otherwise' do
108
107
  it do
109
- expect { token.verify!(request.setup!) }.should raise_error(
108
+ expect { token.verify!(request.setup!) }.to raise_error(
110
109
  Rack::OAuth2::Server::Resource::MAC::Unauthorized,
111
110
  'invalid_token :: Signature Invalid'
112
111
  )
data/spec/rack/oauth2/access_token_spec.rb CHANGED
@@ -33,7 +33,7 @@ describe Rack::OAuth2::AccessToken do
33
33
  :expires_in => 3600,
34
34
  :scope => [:scope1, :scope2]
35
35
  )
36
- end.should raise_error AttrRequired::AttrMissing
36
+ end.to raise_error AttrRequired::AttrMissing
37
37
  end
38
38
  end
39
39
 
@@ -43,7 +43,7 @@ describe Rack::OAuth2::AccessToken do
43
43
  Rack::OAuth2::AccessToken::Bearer.new(
44
44
  :access_token => 'access_token'
45
45
  )
46
- end.should_not raise_error
46
+ end.not_to raise_error
47
47
  end
48
48
  end
49
49
 
data/spec/rack/oauth2/client/grant/authorization_code_spec.rb CHANGED
@@ -31,7 +31,7 @@ describe Rack::OAuth2::Client::Grant::AuthorizationCode do
31
31
 
32
32
  context 'otherwise' do
33
33
  it do
34
- expect { grant.new }.should raise_error AttrRequired::AttrMissing
34
+ expect { grant.new }.to raise_error AttrRequired::AttrMissing
35
35
  end
36
36
  end
37
37
  end
data/spec/rack/oauth2/client/grant/password_spec.rb CHANGED
@@ -20,14 +20,14 @@ describe Rack::OAuth2::Client::Grant::Password do
20
20
 
21
21
  context 'otherwise' do
22
22
  it do
23
- expect { grant.new attributes }.should raise_error AttrRequired::AttrMissing
23
+ expect { grant.new attributes }.to raise_error AttrRequired::AttrMissing
24
24
  end
25
25
  end
26
26
  end
27
27
 
28
28
  context 'otherwise' do
29
29
  it do
30
- expect { grant.new }.should raise_error AttrRequired::AttrMissing
30
+ expect { grant.new }.to raise_error AttrRequired::AttrMissing
31
31
  end
32
32
  end
33
33
  end
data/spec/rack/oauth2/client/grant/refresh_token_spec.rb CHANGED
@@ -15,7 +15,7 @@ describe Rack::OAuth2::Client::Grant::RefreshToken do
15
15
 
16
16
  context 'otherwise' do
17
17
  it do
18
- expect { grant.new }.should raise_error AttrRequired::AttrMissing
18
+ expect { grant.new }.to raise_error AttrRequired::AttrMissing
19
19
  end
20
20
  end
21
21
  end
data/spec/rack/oauth2/client_spec.rb CHANGED
@@ -18,7 +18,7 @@ describe Rack::OAuth2::Client do
18
18
 
19
19
  context 'when identifier is missing' do
20
20
  it do
21
- expect { Rack::OAuth2::Client.new }.should raise_error AttrRequired::AttrMissing
21
+ expect { Rack::OAuth2::Client.new }.to raise_error AttrRequired::AttrMissing
22
22
  end
23
23
  end
24
24
 
@@ -211,7 +211,7 @@ describe Rack::OAuth2::Client do
211
211
  )
212
212
  end
213
213
  it do
214
- expect { client.access_token! }.should raise_error(StandardError, 'Unknown Token Type')
214
+ expect { client.access_token! }.to raise_error(StandardError, 'Unknown Token Type')
215
215
  end
216
216
  end
217
217
 
@@ -225,7 +225,7 @@ describe Rack::OAuth2::Client do
225
225
  )
226
226
  end
227
227
  it do
228
- expect { client.access_token! }.should raise_error Rack::OAuth2::Client::Error
228
+ expect { client.access_token! }.to raise_error Rack::OAuth2::Client::Error
229
229
  end
230
230
  end
231
231
  end
@@ -241,13 +241,13 @@ describe Rack::OAuth2::Client do
241
241
 
242
242
  describe '#authorization_uri' do
243
243
  it do
244
- expect { client.authorization_uri }.should raise_error 'No Host Info'
244
+ expect { client.authorization_uri }.to raise_error 'No Host Info'
245
245
  end
246
246
  end
247
247
 
248
248
  describe '#access_token!' do
249
249
  it do
250
- expect { client.access_token! }.should raise_error 'No Host Info'
250
+ expect { client.access_token! }.to raise_error 'No Host Info'
251
251
  end
252
252
  end
253
253
  end
data/spec/rack/oauth2/oauth2_spec.rb CHANGED
@@ -32,6 +32,8 @@ describe Rack::OAuth2 do
32
32
  describe '.http_config' do
33
33
  context 'when request_filter added' do
34
34
  context 'when "debug!" is called' do
35
+ after { Rack::OAuth2.reset_http_config! }
36
+
35
37
  it 'should put Debugger::RequestFilter at last' do
36
38
  Rack::OAuth2.debug!
37
39
  Rack::OAuth2.http_config do |config|
@@ -39,6 +41,33 @@ describe Rack::OAuth2 do
39
41
  end
40
42
  Rack::OAuth2.http_client.request_filter.last.should be_instance_of Rack::OAuth2::Debugger::RequestFilter
41
43
  end
44
+
45
+ it 'should reset_http_config' do
46
+ Rack::OAuth2.debug!
47
+ Rack::OAuth2.http_config do |config|
48
+ config.request_filter << Proc.new {}
49
+ end
50
+ size = Rack::OAuth2.http_client.request_filter.size
51
+ Rack::OAuth2.reset_http_config!
52
+ Rack::OAuth2.http_client.request_filter.size.should == size - 1
53
+ end
54
+
55
+ end
56
+ end
57
+ end
58
+
59
+ describe ".http_client" do
60
+ context "when local_http_config is used" do
61
+ it "should correctly set request_filter" do
62
+ clnt1 = Rack::OAuth2.http_client
63
+ clnt2 = Rack::OAuth2.http_client("my client") do |config|
64
+ config.request_filter << Proc.new {}
65
+ end
66
+ clnt3 = Rack::OAuth2.http_client
67
+
68
+ clnt1.request_filter.size.should == clnt3.request_filter.size
69
+ clnt1.request_filter.size.should == clnt2.request_filter.size - 1
70
+
42
71
  end
43
72
  end
44
73
  end
data/spec/rack/oauth2/server/authorize/code_spec.rb CHANGED
@@ -26,14 +26,14 @@ describe Rack::OAuth2::Server::Authorize::Code do
26
26
  context 'when redirect_uri is missing' do
27
27
  let(:redirect_uri) { nil }
28
28
  it do
29
- expect { response }.should raise_error AttrRequired::AttrMissing
29
+ expect { response }.to raise_error AttrRequired::AttrMissing
30
30
  end
31
31
  end
32
32
 
33
33
  context 'when code is missing' do
34
34
  let(:authorization_code) { nil }
35
35
  it do
36
- expect { response }.should raise_error AttrRequired::AttrMissing
36
+ expect { response }.to raise_error AttrRequired::AttrMissing
37
37
  end
38
38
  end
39
39
  end
data/spec/rack/oauth2/server/authorize/error_spec.rb CHANGED
@@ -50,7 +50,7 @@ describe Rack::OAuth2::Server::Authorize::BadRequest do
50
50
 
51
51
  context 'otherwise' do
52
52
  it 'should raise itself' do
53
- expect { error.finish }.should raise_error(klass) { |e|
53
+ expect { error.finish }.to raise_error(klass) { |e|
54
54
  e.should == error
55
55
  }
56
56
  end
@@ -69,12 +69,12 @@ describe Rack::OAuth2::Server::Authorize::ErrorMethods do
69
69
 
70
70
  describe 'bad_request!' do
71
71
  it do
72
- expect { request.bad_request! }.should raise_error klass
72
+ expect { request.bad_request! }.to raise_error klass
73
73
  end
74
74
 
75
75
  context 'when response_type = :code' do
76
76
  it 'should set protocol_params_location = :query' do
77
- expect { request_for_code.bad_request! }.should raise_error(klass) { |e|
77
+ expect { request_for_code.bad_request! }.to raise_error(klass) { |e|
78
78
  e.protocol_params_location.should == :query
79
79
  }
80
80
  end
@@ -82,7 +82,7 @@ describe Rack::OAuth2::Server::Authorize::ErrorMethods do
82
82
 
83
83
  context 'when response_type = :token' do
84
84
  it 'should set protocol_params_location = :fragment' do
85
- expect { request_for_token.bad_request! }.should raise_error(klass) { |e|
85
+ expect { request_for_token.bad_request! }.to raise_error(klass) { |e|
86
86
  e.protocol_params_location.should == :fragment
87
87
  }
88
88
  end
@@ -93,7 +93,7 @@ describe Rack::OAuth2::Server::Authorize::ErrorMethods do
93
93
  method = "#{error_code}!"
94
94
  describe method do
95
95
  it "should raise Rack::OAuth2::Server::Authorize::BadRequest with error = :#{error_code}" do
96
- expect { request.send method }.should raise_error(klass) { |error|
96
+ expect { request.send method }.to raise_error(klass) { |error|
97
97
  error.error.should == error_code
98
98
  error.description.should == default_description[error_code]
99
99
  }
data/spec/rack/oauth2/server/authorize/token_spec.rb CHANGED
@@ -37,7 +37,7 @@ describe Rack::OAuth2::Server::Authorize::Token do
37
37
  end
38
38
  end
39
39
  it do
40
- expect { response }.should raise_error AttrRequired::AttrMissing
40
+ expect { response }.to raise_error AttrRequired::AttrMissing
41
41
  end
42
42
  end
43
43
 
@@ -49,7 +49,7 @@ describe Rack::OAuth2::Server::Authorize::Token do
49
49
  end
50
50
  end
51
51
  it do
52
- expect { response }.should raise_error AttrRequired::AttrMissing
52
+ expect { response }.to raise_error AttrRequired::AttrMissing
53
53
  end
54
54
  end
55
55
  end
data/spec/rack/oauth2/server/authorize_spec.rb CHANGED
@@ -8,25 +8,25 @@ describe Rack::OAuth2::Server::Authorize do
8
8
 
9
9
  context 'when response_type is missing' do
10
10
  it do
11
- expect { request.get "/?client_id=client&redirect_uri=#{redirect_uri}" }.should raise_error bad_request
11
+ expect { request.get "/?client_id=client&redirect_uri=#{redirect_uri}" }.to raise_error bad_request
12
12
  end
13
13
  end
14
14
 
15
15
  context 'when redirect_uri is missing' do
16
16
  it do
17
- expect { request.get "/?response_type=code&client_id=client" }.should_not raise_error
17
+ expect { request.get "/?response_type=code&client_id=client" }.not_to raise_error
18
18
  end
19
19
  end
20
20
 
21
21
  context 'when client_id is missing' do
22
22
  it do
23
- expect { request.get "/?response_type=code&redirect_uri=#{redirect_uri}" }.should raise_error bad_request
23
+ expect { request.get "/?response_type=code&redirect_uri=#{redirect_uri}" }.to raise_error bad_request
24
24
  end
25
25
  end
26
26
 
27
27
  context 'when unknown response_type is given' do
28
28
  it do
29
- expect { request.get "/?response_type=unknown&client_id=client&redirect_uri=#{redirect_uri}" }.should raise_error bad_request
29
+ expect { request.get "/?response_type=unknown&client_id=client&redirect_uri=#{redirect_uri}" }.to raise_error bad_request
30
30
  end
31
31
  end
32
32
 
@@ -40,8 +40,8 @@ describe Rack::OAuth2::Server::Authorize do
40
40
  end
41
41
 
42
42
  describe Rack::OAuth2::Server::Authorize::Request do
43
- let(:env) { Rack::MockRequest.env_for("/authorize?client_id=client&redirect_uri=#{redirect_uri}") }
44
- let(:request) { Rack::OAuth2::Server::Authorize::Request.new env }
43
+ let(:env) { Rack::MockRequest.env_for("/authorize?client_id=client&redirect_uri=#{redirect_uri}") }
44
+ let(:request) { Rack::OAuth2::Server::Authorize::Request.new env }
45
45
 
46
46
  describe '#varified_redirect_uri' do
47
47
  context 'when an Array of pre-registered URIs are given' do
@@ -68,7 +68,7 @@ describe Rack::OAuth2::Server::Authorize do
68
68
  it do
69
69
  expect do
70
70
  request.verify_redirect_uri!(pre_registered)
71
- end.should raise_error Rack::OAuth2::Server::Authorize::BadRequest
71
+ end.to raise_error Rack::OAuth2::Server::Authorize::BadRequest
72
72
  end
73
73
  end
74
74
  end
@@ -93,7 +93,7 @@ describe Rack::OAuth2::Server::Authorize do
93
93
  it do
94
94
  expect do
95
95
  request.verify_redirect_uri!(pre_registered)
96
- end.should raise_error Rack::OAuth2::Server::Authorize::BadRequest
96
+ end.to raise_error Rack::OAuth2::Server::Authorize::BadRequest
97
97
  end
98
98
  end
99
99
  end
@@ -103,7 +103,7 @@ describe Rack::OAuth2::Server::Authorize do
103
103
  it do
104
104
  expect do
105
105
  request.verify_redirect_uri!(pre_registered)
106
- end.should raise_error Rack::OAuth2::Server::Authorize::BadRequest
106
+ end.to raise_error Rack::OAuth2::Server::Authorize::BadRequest
107
107
  end
108
108
  end
109
109
 
@@ -151,7 +151,7 @@ describe Rack::OAuth2::Server::Authorize do
151
151
  it do
152
152
  expect do
153
153
  app.send(:response_type_for, request)
154
- end.should raise_error bad_request
154
+ end.to raise_error bad_request
155
155
  end
156
156
  end
157
157
 
data/spec/rack/oauth2/server/resource/bearer/error_spec.rb CHANGED
@@ -27,7 +27,7 @@ describe Rack::OAuth2::Server::Resource::Bearer::ErrorMethods do
27
27
 
28
28
  describe 'unauthorized!' do
29
29
  it do
30
- expect { request.unauthorized! :invalid_client }.should raise_error unauthorized
30
+ expect { request.unauthorized! :invalid_client }.to raise_error unauthorized
31
31
  end
32
32
  end
33
33
 
@@ -41,7 +41,7 @@ describe Rack::OAuth2::Server::Resource::Bearer::ErrorMethods do
41
41
  else
42
42
  describe method do
43
43
  it "should raise Rack::OAuth2::Server::Resource::Bearer::Unauthorized with error = :#{error_code}" do
44
- expect { request.send method }.should raise_error(unauthorized) { |error|
44
+ expect { request.send method }.to raise_error(unauthorized) { |error|
45
45
  error.error.should == error_code
46
46
  error.description.should == default_description[error_code]
47
47
  }
data/spec/rack/oauth2/server/resource/error_spec.rb CHANGED
@@ -23,7 +23,7 @@ describe Rack::OAuth2::Server::Resource::Unauthorized do
23
23
 
24
24
  describe '#scheme' do
25
25
  it do
26
- expect { error.scheme }.should raise_error(RuntimeError, 'Define me!')
26
+ expect { error.scheme }.to raise_error(RuntimeError, 'Define me!')
27
27
  end
28
28
  end
29
29
 
@@ -105,13 +105,13 @@ describe Rack::OAuth2::Server::Resource::Bearer::ErrorMethods do
105
105
 
106
106
  describe 'bad_request!' do
107
107
  it do
108
- expect { request.bad_request! :invalid_request }.should raise_error bad_request
108
+ expect { request.bad_request! :invalid_request }.to raise_error bad_request
109
109
  end
110
110
  end
111
111
 
112
112
  describe 'unauthorized!' do
113
113
  it do
114
- expect { request.unauthorized! :invalid_client }.should raise_error(RuntimeError, 'Define me!')
114
+ expect { request.unauthorized! :invalid_client }.to raise_error(RuntimeError, 'Define me!')
115
115
  end
116
116
  end
117
117
 
@@ -121,7 +121,7 @@ describe Rack::OAuth2::Server::Resource::Bearer::ErrorMethods do
121
121
  when :invalid_request
122
122
  describe method do
123
123
  it "should raise Rack::OAuth2::Server::Resource::BadRequest with error = :#{error_code}" do
124
- expect { request.send method }.should raise_error(bad_request) { |error|
124
+ expect { request.send method }.to raise_error(bad_request) { |error|
125
125
  error.error.should == error_code
126
126
  error.description.should == default_description[error_code]
127
127
  }
@@ -130,7 +130,7 @@ describe Rack::OAuth2::Server::Resource::Bearer::ErrorMethods do
130
130
  when :insufficient_scope
131
131
  describe method do
132
132
  it "should raise Rack::OAuth2::Server::Resource::Forbidden with error = :#{error_code}" do
133
- expect { request.send method }.should raise_error(forbidden) { |error|
133
+ expect { request.send method }.to raise_error(forbidden) { |error|
134
134
  error.error.should == error_code
135
135
  error.description.should == default_description[error_code]
136
136
  }
@@ -139,7 +139,7 @@ describe Rack::OAuth2::Server::Resource::Bearer::ErrorMethods do
139
139
  else
140
140
  describe method do
141
141
  it do
142
- expect { request.send method }.should raise_error(RuntimeError, 'Define me!')
142
+ expect { request.send method }.to raise_error(RuntimeError, 'Define me!')
143
143
  end
144
144
  end
145
145
  end
data/spec/rack/oauth2/server/resource/mac/error_spec.rb CHANGED
@@ -27,7 +27,7 @@ describe Rack::OAuth2::Server::Resource::MAC::ErrorMethods do
27
27
 
28
28
  describe 'unauthorized!' do
29
29
  it do
30
- expect { request.unauthorized! :invalid_client }.should raise_error unauthorized
30
+ expect { request.unauthorized! :invalid_client }.to raise_error unauthorized
31
31
  end
32
32
  end
33
33
 
@@ -41,7 +41,7 @@ describe Rack::OAuth2::Server::Resource::MAC::ErrorMethods do
41
41
  else
42
42
  describe method do
43
43
  it "should raise Rack::OAuth2::Server::Resource::Bearer::Unauthorized with error = :#{error_code}" do
44
- expect { request.send method }.should raise_error(unauthorized) { |error|
44
+ expect { request.send method }.to raise_error(unauthorized) { |error|
45
45
  error.error.should == error_code
46
46
  error.description.should == default_description[error_code]
47
47
  }
data/spec/rack/oauth2/server/resource/mac_spec.rb CHANGED
@@ -19,7 +19,8 @@ describe Rack::OAuth2::Server::Resource::MAC do
19
19
  Rack::OAuth2::AccessToken::MAC.new(
20
20
  :access_token => 'valid_token',
21
21
  :mac_key => 'secret',
22
- :mac_algorithm => 'hmac-sha-256'
22
+ :mac_algorithm => 'hmac-sha-256',
23
+ :ts => 1305820230 # fix verification time
23
24
  )
24
25
  end
25
26
  let(:access_token) { env[Rack::OAuth2::Server::Resource::ACCESS_TOKEN] }
@@ -80,6 +81,11 @@ describe Rack::OAuth2::Server::Resource::MAC do
80
81
  let(:env) { Rack::MockRequest.env_for('/protected_resource', 'HTTP_AUTHORIZATION' => 'MAC id="valid_token", nonce="51e74de734c05613f37520872e68db5f", ts="1305820234", mac="26JP6MMZyAHLHeMU8+m+NbVJgZbikp5SlT86/a62pwg="') }
81
82
  it_behaves_like :authenticated_mac_request
82
83
  end
84
+
85
+ context 'when all required params are valid and ts is expired' do
86
+ let(:env) { Rack::MockRequest.env_for('/protected_resource', 'HTTP_AUTHORIZATION' => 'MAC id="valid_token", nonce="51e74de734c05613f37520872e68db5f", ts="1305819234", mac="nuo4765MZrVL/qMsAtuTczhqZAE5y02ChaLCyOiVU68="') }
87
+ it_behaves_like :unauthorized_mac_request
88
+ end
83
89
  end
84
90
 
85
91
  context 'when invalid_token is given' do
data/spec/rack/oauth2/server/resource_spec.rb CHANGED
@@ -11,13 +11,13 @@ describe Rack::OAuth2::Server::Resource::Request do
11
11
 
12
12
  describe '#setup!' do
13
13
  it do
14
- expect { request.setup! }.should raise_error(RuntimeError, 'Define me!')
14
+ expect { request.setup! }.to raise_error(RuntimeError, 'Define me!')
15
15
  end
16
16
  end
17
17
 
18
18
  describe '#oauth2?' do
19
19
  it do
20
- expect { request.oauth2? }.should raise_error(RuntimeError, 'Define me!')
20
+ expect { request.oauth2? }.to raise_error(RuntimeError, 'Define me!')
21
21
  end
22
22
  end
23
23
  end
data/spec/rack/oauth2/server/token/error_spec.rb CHANGED
@@ -41,13 +41,13 @@ describe Rack::OAuth2::Server::Token::ErrorMethods do
41
41
 
42
42
  describe 'bad_request!' do
43
43
  it do
44
- expect { request.bad_request! :invalid_request }.should raise_error bad_request
44
+ expect { request.bad_request! :invalid_request }.to raise_error bad_request
45
45
  end
46
46
  end
47
47
 
48
48
  describe 'unauthorized!' do
49
49
  it do
50
- expect { request.unauthorized! :invalid_client }.should raise_error unauthorized
50
+ expect { request.unauthorized! :invalid_client }.to raise_error unauthorized
51
51
  end
52
52
  end
53
53
 
@@ -57,7 +57,7 @@ describe Rack::OAuth2::Server::Token::ErrorMethods do
57
57
  when :invalid_client
58
58
  describe method do
59
59
  it "should raise Rack::OAuth2::Server::Token::Unauthorized with error = :#{error_code}" do
60
- expect { request.send method }.should raise_error(unauthorized) { |error|
60
+ expect { request.send method }.to raise_error(unauthorized) { |error|
61
61
  error.error.should == error_code
62
62
  error.description.should == default_description[error_code]
63
63
  }
@@ -66,7 +66,7 @@ describe Rack::OAuth2::Server::Token::ErrorMethods do
66
66
  else
67
67
  describe method do
68
68
  it "should raise Rack::OAuth2::Server::Token::BadRequest with error = :#{error_code}" do
69
- expect { request.send method }.should raise_error(bad_request) { |error|
69
+ expect { request.send method }.to raise_error(bad_request) { |error|
70
70
  error.error.should == error_code
71
71
  error.description.should == default_description[error_code]
72
72
  }
data/spec/rack/oauth2/server/token_spec.rb CHANGED
@@ -96,7 +96,7 @@ describe Rack::OAuth2::Server::Token do
96
96
  Rack::OAuth2::Server::Token.new
97
97
  end
98
98
  it do
99
- expect { request.post('/', :params => params) }.should raise_error AttrRequired::AttrMissing
99
+ expect { request.post('/', :params => params) }.to raise_error AttrRequired::AttrMissing
100
100
  end
101
101
  end
102
102
  end
data/spec/rack/oauth2/util_spec.rb CHANGED
@@ -40,14 +40,14 @@ describe Rack::OAuth2::Util do
40
40
  it do
41
41
  expect do
42
42
  util.parse_uri '::'
43
- end.should raise_error URI::InvalidURIError
43
+ end.to raise_error URI::InvalidURIError
44
44
  end
45
45
  end
46
46
 
47
47
  context 'otherwise' do
48
48
  it do
49
- expect { util.parse_uri nil }.should raise_error StandardError
50
- expect { util.parse_uri 123 }.should raise_error StandardError
49
+ expect { util.parse_uri nil }.to raise_error StandardError
50
+ expect { util.parse_uri 123 }.to raise_error StandardError
51
51
  end
52
52
  end
53
53
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: rack-oauth2
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.14.6
4
+ version: 0.14.7
5
5
  prerelease:
6
6
  platform: ruby
7
7
  authors:
@@ -9,7 +9,7 @@ authors:
9
9
  autorequire:
10
10
  bindir: bin
11
11
  cert_chain: []
12
- date: 2012-08-07 00:00:00.000000000 Z
12
+ date: 2012-08-09 00:00:00.000000000 Z
13
13
  dependencies:
14
14
  - !ruby/object:Gem::Dependency
15
15
  name: rack