rack-oauth2_utils 0.0.4 → 0.0.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -3,11 +3,14 @@ module Rack
3
3
 
4
4
  class Middleware
5
5
 
6
+ INVALID_HEADERS_AND_BODY = [{'Content-Type' => 'text/plain'}, ['The access token is invalid.']].freeze
7
+
6
8
  def initialize(app, options = {}, &resolver)
7
9
  @app = app
8
10
  @realm = options[:realm]
9
11
  @logger = options[:logger]
10
12
  @resolver = resolver
13
+ @invalid_token_response = options[:invalid_token_response] || INVALID_HEADERS_AND_BODY.dup
11
14
  end
12
15
 
13
16
  def call(env)
@@ -34,7 +37,9 @@ module Rack
34
37
  def unauthorized(request)
35
38
  challenge = 'OAuth realm="%s"' % (@realm || request.host)
36
39
  challenge << ', error="invalid_token", error_description="The access token is invalid."'
37
- return [401, { "WWW-Authenticate" => challenge, 'Content-Type' => 'text/plain' }, ['The access token is invalid.']]
40
+ headers = @invalid_token_response.first.merge("WWW-Authenticate" => challenge)
41
+ body = @invalid_token_response.last
42
+ return [401, headers, body]
38
43
  end
39
44
 
40
45
  end
@@ -1,5 +1,5 @@
1
1
  module Rack
2
2
  module OAuth2Utils
3
- VERSION = "0.0.4"
3
+ VERSION = "0.0.5"
4
4
  end
5
5
  end
@@ -80,6 +80,14 @@ describe Rack::OAuth2Utils::Middleware do
80
80
  it 'should return WWW-Authenticate header with realm and error info' do
81
81
  last_response.headers['WWW-Authenticate'].must_equal "OAuth realm=\"example.org\", error=\"invalid_token\", error_description=\"The access token is invalid.\""
82
82
  end
83
+
84
+ it 'should have default content type' do
85
+ last_response.headers['Content-Type'].must_equal 'text/plain'
86
+ end
87
+
88
+ it 'should have default error explanation in the body' do
89
+ last_response.body.must_equal 'The access token is invalid.'
90
+ end
83
91
  end
84
92
 
85
93
  describe 'private resource' do
@@ -95,6 +103,47 @@ describe Rack::OAuth2Utils::Middleware do
95
103
  end
96
104
  end
97
105
 
106
+ describe ':invalid_token_response' do
107
+ def app
108
+ invalid = [{'Content-Type' => 'application/json'}, ['{"error": "Invalid token"}']]
109
+ Rack::Builder.new do
110
+ # Simple token / identity store
111
+ use Rack::OAuth2Utils::Middleware, :invalid_token_response => invalid do |access_token|
112
+ IDENTITIES[access_token]
113
+ end
114
+
115
+ # Private, or auth protected
116
+ map('/private'){
117
+ run lambda {|env|
118
+ OK_RESPONSE
119
+ }
120
+ }
121
+ end
122
+ end
123
+
124
+ before {
125
+ header "Authorization", "OAuth invalidtoken"
126
+ get '/private'
127
+ }
128
+
129
+ it 'should return 401 Unauthorized' do
130
+ last_response.status.must_equal 401
131
+ end
132
+
133
+ it 'should return WWW-Authenticate header with realm and error info' do
134
+ last_response.headers['WWW-Authenticate'].must_equal "OAuth realm=\"example.org\", error=\"invalid_token\", error_description=\"The access token is invalid.\""
135
+ end
136
+
137
+ it 'should have set content type' do
138
+ last_response.headers['Content-Type'].must_equal 'application/json'
139
+ end
140
+
141
+ it 'should have default error explanation in the body' do
142
+ last_response.body.must_equal '{"error": "Invalid token"}'
143
+ end
144
+
145
+ end
146
+
98
147
  describe 'with valid token' do
99
148
 
100
149
  before {
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: rack-oauth2_utils
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.0.4
4
+ version: 0.0.5
5
5
  prerelease:
6
6
  platform: ruby
7
7
  authors:
@@ -9,11 +9,11 @@ authors:
9
9
  autorequire:
10
10
  bindir: bin
11
11
  cert_chain: []
12
- date: 2011-12-28 00:00:00.000000000Z
12
+ date: 2012-03-01 00:00:00.000000000Z
13
13
  dependencies:
14
14
  - !ruby/object:Gem::Dependency
15
15
  name: rack
16
- requirement: &2152549680 !ruby/object:Gem::Requirement
16
+ requirement: &2151857500 !ruby/object:Gem::Requirement
17
17
  none: false
18
18
  requirements:
19
19
  - - ! '>='
@@ -21,10 +21,10 @@ dependencies:
21
21
  version: 1.2.2
22
22
  type: :runtime
23
23
  prerelease: false
24
- version_requirements: *2152549680
24
+ version_requirements: *2151857500
25
25
  - !ruby/object:Gem::Dependency
26
26
  name: bundler
27
- requirement: &2152549020 !ruby/object:Gem::Requirement
27
+ requirement: &2151854660 !ruby/object:Gem::Requirement
28
28
  none: false
29
29
  requirements:
30
30
  - - ! '>='
@@ -32,10 +32,10 @@ dependencies:
32
32
  version: 1.0.0
33
33
  type: :development
34
34
  prerelease: false
35
- version_requirements: *2152549020
35
+ version_requirements: *2151854660
36
36
  - !ruby/object:Gem::Dependency
37
37
  name: minitest
38
- requirement: &2152548460 !ruby/object:Gem::Requirement
38
+ requirement: &2151841280 !ruby/object:Gem::Requirement
39
39
  none: false
40
40
  requirements:
41
41
  - - ! '>='
@@ -43,7 +43,7 @@ dependencies:
43
43
  version: '0'
44
44
  type: :development
45
45
  prerelease: false
46
- version_requirements: *2152548460
46
+ version_requirements: *2151841280
47
47
  description: Simple Rack middleware that catches OAuth2 access tokens and validates
48
48
  identity
49
49
  email: