sidecar_token_auth 1.0.1

data/test/lib/devise_token_auth/blacklist_test.rb

@@ -0,0 +1,11 @@
+# frozen_string_literal: true
+
+require 'test_helper'
+
+class DeviseTokenAuth::BlacklistTest < ActiveSupport::TestCase
+  describe Devise::Models::Authenticatable::BLACKLIST_FOR_SERIALIZATION do
+    test 'should include :tokens' do
+      assert Devise::Models::Authenticatable::BLACKLIST_FOR_SERIALIZATION.include?(:tokens)
+    end
+  end
+end

data/test/lib/devise_token_auth/token_factory_test.rb

@@ -0,0 +1,191 @@
+require 'test_helper'
+
+class DeviseTokenAuth::TokenFactoryTest < ActiveSupport::TestCase
+  describe 'TokenFactory module' do
+    let(:tf) { DeviseTokenAuth::TokenFactory }
+    let(:token_regexp) { /^[-_A-Za-z0-9]{22}$/ }
+
+    it 'should be defined' do
+      assert_equal(tf.present?, true)
+      assert_kind_of(Module, tf)
+    end
+
+    describe 'interface' do
+      let(:token_hash_cost_regexp) { /\$[\w]+\$([\d]+)\$/ }
+      let(:lifespan) { 10 }
+      let(:cost) { DeviseTokenAuth.token_cost }
+
+      it '::secure_string' do
+        assert_respond_to(tf, :secure_string)
+
+        secure_string = tf.secure_string
+        assert_equal(secure_string.size, 22)
+        assert_match(token_regexp, secure_string)
+
+        SecureRandom.stub(:urlsafe_base64, secure_string) do
+          assert_equal(tf.secure_string, secure_string)
+        end
+      end
+
+      it '::client' do
+        assert_respond_to(tf, :client)
+
+        client = tf.client
+        assert_equal(client.size, 22)
+        assert_match(token_regexp, client)
+
+        secure_string = tf.secure_string
+        tf.stub(:secure_string, secure_string) do
+          assert_equal(tf.client, secure_string)
+        end
+      end
+
+      it '::token' do
+        assert_respond_to(tf, :token)
+
+        token = tf.token
+        assert_kind_of(String, token)
+        assert_equal(token.size, 22)
+        assert_match(token_regexp, token)
+
+        secure_string = tf.secure_string
+        tf.stub(:secure_string, secure_string) do
+          assert_equal(tf.token, secure_string)
+        end
+      end
+
+      it '::token_hash(args)' do
+        assert_respond_to(tf, :token_hash)
+
+        token_hash = tf.token_hash(tf.token)
+        assert_equal(token_hash.size, 60)
+        assert_kind_of(String, token_hash)
+
+        token_cost = token_hash_cost_regexp.match(token_hash)[1].to_i
+        assert_equal(token_cost, cost)
+
+        cost = DeviseTokenAuth.token_cost == 4 ? 10 : 4
+        token_hash = tf.token_hash(tf.token, cost)
+        token_cost = token_hash_cost_regexp.match(token_hash)[1].to_i
+        assert_equal(token_cost, cost)
+
+        cost = nil
+        token_hash = tf.token_hash(tf.token, cost)
+        token_cost = token_hash_cost_regexp.match(token_hash)[1].to_i
+        assert_equal(token_cost, DeviseTokenAuth.token_cost)
+      end
+
+      it '::expiry' do
+        assert_respond_to(tf, :expiry)
+
+        assert_kind_of(Integer, tf.expiry)
+        assert tf.expiry > Time.now.to_i
+      end
+
+      it '::expiry(args)' do
+        time = Time.now
+        Time.stub(:now, time) do
+          assert_equal(tf.expiry(lifespan), (time + lifespan).to_i)
+
+          lifespan = nil
+          assert_equal(tf.expiry(lifespan), (time + DeviseTokenAuth.token_lifespan).to_i)
+        end
+      end
+
+      it '::create' do
+        assert_respond_to(tf, :create)
+
+        token = tf.create
+        assert token
+        token.members.each { |m| refute_nil token[m] }
+      end
+
+      it '::create(args)' do
+        client = tf.client
+        token = tf.create(client: client)
+        assert_equal(token.client, client)
+
+        time = Time.now
+        Time.stub(:now, time) do
+          token = tf.create(lifespan: lifespan)
+          assert_equal(token.expiry, (time + lifespan).to_i)
+        end
+
+        token = tf.create(cost: cost)
+        token_cost = token_hash_cost_regexp.match(token.token_hash)[1].to_i
+        assert_equal(token_cost, cost)
+      end
+
+      it '::new' do
+        assert_respond_to(tf, :new)
+
+        token = tf.new
+        token.each { |v| assert_nil v }
+      end
+
+      it '::valid_token_hash?' do
+        assert_respond_to(tf, :valid_token_hash?)
+
+        refute tf.valid_token_hash?('koskoskos')
+        assert tf.valid_token_hash?(tf.create.token_hash)
+      end
+
+      it '::token_hash_is_token?' do
+        assert_respond_to(tf, :token_hash_is_token?)
+
+        token = tf.create
+        refute tf.token_hash_is_token?(token.token_hash, 'koskoskos')
+        refute tf.token_hash_is_token?('koskoskos', token.token)
+        assert tf.token_hash_is_token?(token.token_hash, token.token)
+      end
+    end
+
+    describe 'token object implements' do
+      let(:object) { tf.create }
+
+      it '#client' do
+        assert_respond_to(object, :client)
+
+        assert_kind_of(String, object.client)
+        assert_equal(object.client.size, 22)
+        assert_match(token_regexp, object.client)
+      end
+
+      it '#token' do
+        assert_respond_to(object, :token)
+
+        assert_kind_of(String, object.token)
+        assert_equal(object.token.size, 22)
+        assert_match(token_regexp, object.token)
+      end
+
+      it '#token_hash' do
+        assert_respond_to(object, :token_hash)
+
+        assert_kind_of(String, object.token_hash)
+        assert_equal(object.token_hash.size, 60)
+      end
+
+      it '#expiry' do
+        assert_respond_to(object, :expiry)
+        assert_kind_of(Integer, object.expiry)
+      end
+
+      it '#clear!' do
+        assert_respond_to(object, :clear!)
+
+        assert object.clear!
+        object.each { |v| assert_nil v }
+      end
+
+      it '#present?' do
+        assert_respond_to(object, :present?)
+
+        assert object.present?
+
+        object.token = nil
+        refute object.present?
+      end
+    end
+  end
+end

data/test/lib/devise_token_auth/url_test.rb

@@ -0,0 +1,26 @@
+# frozen_string_literal: true
+
+require 'test_helper'
+
+class DeviseTokenAuth::UrlTest < ActiveSupport::TestCase
+  describe 'DeviseTokenAuth::Url#generate' do
+    test 'URI fragment should appear at the end of URL with repeat of query params' do
+      params = { client_id: 123 }
+      url = 'http://example.com#fragment'
+      assert_equal DeviseTokenAuth::Url.send(:generate, url, params), 'http://example.com?client_id=123#fragment?client_id=123'
+    end
+
+    describe 'with existing query params' do
+      test 'should preserve existing query params' do
+        url = 'http://example.com?a=1'
+        assert_equal DeviseTokenAuth::Url.send(:generate, url), 'http://example.com?a=1'
+      end
+
+      test 'should marge existing query params with new ones' do
+        params = { client_id: 123 }
+        url = 'http://example.com?a=1'
+        assert_equal DeviseTokenAuth::Url.send(:generate, url, params), 'http://example.com?a=1&client_id=123'
+      end
+    end
+  end
+end

data/test/lib/generators/devise_token_auth/install_generator_test.rb

@@ -0,0 +1,217 @@
+# frozen_string_literal: true
+
+require 'test_helper'
+require 'fileutils'
+require 'generators/devise_token_auth/install_generator' if DEVISE_TOKEN_AUTH_ORM == :active_record
+require 'generators/devise_token_auth/install_mongoid_generator' if DEVISE_TOKEN_AUTH_ORM == :mongoid
+
+module DeviseTokenAuth
+  class InstallGeneratorTest < Rails::Generators::TestCase
+    tests InstallGenerator        if DEVISE_TOKEN_AUTH_ORM == :active_record
+    tests InstallMongoidGenerator if DEVISE_TOKEN_AUTH_ORM == :mongoid
+    destination Rails.root.join('tmp/generators')
+
+    describe 'default values, clean install' do
+      setup :prepare_destination
+
+      before do
+        run_generator
+      end
+
+      test 'user model is created, concern is included' do
+        assert_file 'app/models/user.rb' do |model|
+          assert_match(/include DeviseTokenAuth::Concerns::User/, model)
+        end
+      end
+
+      test 'initializer is created' do
+        assert_file 'config/initializers/devise_token_auth.rb'
+      end
+
+      test 'subsequent runs raise no errors' do
+        run_generator
+      end
+
+      if DEVISE_TOKEN_AUTH_ORM == :active_record
+        test 'migration is created' do
+          assert_migration 'db/migrate/devise_token_auth_create_users.rb'
+        end
+
+        test 'migration file contains rails version' do
+          if Rails::VERSION::MAJOR >= 5
+            assert_migration 'db/migrate/devise_token_auth_create_users.rb', /#{Rails::VERSION::MAJOR}.#{Rails::VERSION::MINOR}/
+          else
+            assert_migration 'db/migrate/devise_token_auth_create_users.rb'
+          end
+        end
+
+        test 'add primary key type with rails 5 when specified in rails generator' do
+          run_generator %w[--primary_key_type=uuid --force]
+          if Rails::VERSION::MAJOR >= 5
+            assert_migration 'db/migrate/devise_token_auth_create_users.rb', /create_table\(:users, id: :uuid\) do/
+          else
+            assert_migration 'db/migrate/devise_token_auth_create_users.rb', /create_table\(:users\) do/
+          end
+        end
+      end
+    end
+
+    describe 'existing user model' do
+      setup :prepare_destination
+
+      before do
+        @dir = File.join(destination_root, 'app', 'models')
+
+        @fname = File.join(@dir, 'user.rb')
+
+        # make dir if not exists
+        FileUtils.mkdir_p(@dir)
+
+        case DEVISE_TOKEN_AUTH_ORM
+        when :active_record
+          # account for rails version 5
+          active_record_needle = (Rails::VERSION::MAJOR >= 5) ? 'ApplicationRecord' : 'ActiveRecord::Base'
+
+          @f = File.open(@fname, 'w') do |f|
+            f.write <<-RUBY
+              class User < #{active_record_needle}
+
+                def whatever
+                  puts 'whatever'
+                end
+              end
+            RUBY
+          end
+        when :mongoid
+          @f = File.open(@fname, 'w') do |f|
+            f.write <<-'RUBY'
+              class User
+
+                def whatever
+                  puts 'whatever'
+                end
+              end
+            RUBY
+          end
+        end
+
+        run_generator
+      end
+
+      test 'user concern is injected into existing model' do
+        assert_file 'app/models/user.rb' do |model|
+          assert_match(/include DeviseTokenAuth::Concerns::User/, model)
+        end
+      end
+
+      test 'subsequent runs do not modify file' do
+        run_generator
+        assert_file 'app/models/user.rb' do |model|
+          matches = model.scan(/include DeviseTokenAuth::Concerns::User/m).size
+          assert_equal 1, matches
+        end
+      end
+    end
+
+    describe 'routes' do
+      setup :prepare_destination
+
+      before do
+        @dir = File.join(destination_root, 'config')
+
+        @fname = File.join(@dir, 'routes.rb')
+
+        # make dir if not exists
+        FileUtils.mkdir_p(@dir)
+
+        @f = File.open(@fname, 'w') do |f|
+          f.write <<-RUBY
+            Rails.application.routes.draw do
+              patch '/chong', to: 'bong#index'
+            end
+          RUBY
+        end
+
+        run_generator
+      end
+
+      test 'route method is appended to routes file' do
+        assert_file 'config/routes.rb' do |routes|
+          assert_match(/mount_devise_token_auth_for 'User', at: 'auth'/, routes)
+        end
+      end
+
+      test 'subsequent runs do not modify file' do
+        run_generator
+        assert_file 'config/routes.rb' do |routes|
+          matches = routes.scan(/mount_devise_token_auth_for 'User', at: 'auth'/m).size
+          assert_equal 1, matches
+        end
+      end
+
+      describe 'subsequent models' do
+        before do
+          run_generator %w[Mang mangs]
+        end
+
+        test 'route method is appended to routes file' do
+          assert_file 'config/routes.rb' do |routes|
+            assert_match(/mount_devise_token_auth_for 'Mang', at: 'mangs'/, routes)
+          end
+        end
+
+        test 'devise_for block is appended to routes file' do
+          assert_file 'config/routes.rb' do |routes|
+            assert_match(/as :mang do/, routes)
+            assert_match(/# Define routes for Mang within this block./, routes)
+          end
+        end
+
+        if DEVISE_TOKEN_AUTH_ORM == :active_record
+          test 'migration is created' do
+            assert_migration 'db/migrate/devise_token_auth_create_mangs.rb'
+          end
+        end
+      end
+    end
+
+    describe 'application controller' do
+      setup :prepare_destination
+
+      before do
+        @dir = File.join(destination_root, 'app', 'controllers')
+
+        @fname = File.join(@dir, 'application_controller.rb')
+
+        # make dir if not exists
+        FileUtils.mkdir_p(@dir)
+
+        @f = File.open(@fname, 'w') do |f|
+          f.write <<-RUBY
+            class ApplicationController < ActionController::Base
+              def whatever
+                'whatever'
+              end
+            end
+          RUBY
+        end
+
+        run_generator
+      end
+
+      test 'controller concern is appended to application controller' do
+        assert_file 'app/controllers/application_controller.rb' do |controller|
+          assert_match(/include DeviseTokenAuth::Concerns::SetUserByToken/, controller)
+        end
+      end
+
+      test 'subsequent runs do not modify file' do
+        run_generator
+        assert_file 'app/controllers/application_controller.rb' do |controller|
+          matches = controller.scan(/include DeviseTokenAuth::Concerns::SetUserByToken/m).size
+          assert_equal 1, matches
+        end
+      end
+    end
+  end
+end

data/test/lib/generators/devise_token_auth/install_generator_with_namespace_test.rb

@@ -0,0 +1,222 @@
+# frozen_string_literal: true
+
+require 'test_helper'
+require 'fileutils'
+require 'generators/devise_token_auth/install_generator' if DEVISE_TOKEN_AUTH_ORM == :active_record
+require 'generators/devise_token_auth/install_mongoid_generator' if DEVISE_TOKEN_AUTH_ORM == :mongoid
+
+module DeviseTokenAuth
+  class InstallGeneratorTest < Rails::Generators::TestCase
+    tests InstallGenerator        if DEVISE_TOKEN_AUTH_ORM == :active_record
+    tests InstallMongoidGenerator if DEVISE_TOKEN_AUTH_ORM == :mongoid
+    destination Rails.root.join('tmp/generators')
+
+    # The namespaced user model for testing
+    let(:user_class) { 'Azpire::V1::HumanResource::User' }
+    let(:namespace_path) { user_class.underscore }
+    let(:table_name) { user_class.pluralize.underscore.gsub('/','_') }
+
+    describe 'user model with namespace, clean install' do
+      setup :prepare_destination
+
+      before do
+        run_generator %W[#{user_class} auth]
+      end
+
+      test 'user model (with namespace) is created, concern is included' do
+        assert_file "app/models/#{namespace_path}.rb" do |model|
+          assert_match(/include DeviseTokenAuth::Concerns::User/, model)
+        end
+      end
+
+      test 'initializer is created' do
+        assert_file 'config/initializers/devise_token_auth.rb'
+      end
+
+      test 'subsequent runs raise no errors' do
+        run_generator %W[#{user_class} auth]
+      end
+
+      if DEVISE_TOKEN_AUTH_ORM == :active_record
+        test 'migration is created for user model with namespace' do
+          assert_migration "db/migrate/devise_token_auth_create_#{table_name}.rb"
+        end
+
+        test 'migration file for user model with namespace contains rails version' do
+          if Rails::VERSION::MAJOR >= 5
+            assert_migration "db/migrate/devise_token_auth_create_#{table_name}.rb", /#{Rails::VERSION::MAJOR}.#{Rails::VERSION::MINOR}/
+          else
+            assert_migration "db/migrate/devise_token_auth_create_#{table_name}.rb"
+          end
+        end
+
+        test 'add primary key type with rails 5 when specified in rails generator' do
+          run_generator %W[#{user_class} auth --primary_key_type=uuid --force]
+          if Rails::VERSION::MAJOR >= 5
+            assert_migration "db/migrate/devise_token_auth_create_#{table_name}.rb", /create_table\(:#{table_name}, id: :uuid\) do/
+          else
+            assert_migration "db/migrate/devise_token_auth_create_#{table_name}.rb", /create_table\(:#{table_name}\) do/
+          end
+        end
+      end
+    end
+
+    describe 'existing user model' do
+      setup :prepare_destination
+
+      before do
+        @dir = File.join(destination_root, 'app', 'models')
+
+        @fname = File.join(@dir, 'user.rb')
+
+        # make dir if not exists
+        FileUtils.mkdir_p(@dir)
+
+        case DEVISE_TOKEN_AUTH_ORM
+        when :active_record
+          # account for rails version 5
+          active_record_needle = (Rails::VERSION::MAJOR >= 5) ? 'ApplicationRecord' : 'ActiveRecord::Base'
+
+          @f = File.open(@fname, 'w') do |f|
+            f.write <<-RUBY
+              class User < #{active_record_needle}
+
+                def whatever
+                  puts 'whatever'
+                end
+              end
+            RUBY
+          end
+        when :mongoid
+          @f = File.open(@fname, 'w') do |f|
+            f.write <<-'RUBY'
+              class User
+
+                def whatever
+                  puts 'whatever'
+                end
+              end
+            RUBY
+          end
+        end
+
+        run_generator
+      end
+
+      test 'user concern is injected into existing model' do
+        assert_file 'app/models/user.rb' do |model|
+          assert_match(/include DeviseTokenAuth::Concerns::User/, model)
+        end
+      end
+
+      test 'subsequent runs do not modify file' do
+        run_generator
+        assert_file 'app/models/user.rb' do |model|
+          matches = model.scan(/include DeviseTokenAuth::Concerns::User/m).size
+          assert_equal 1, matches
+        end
+      end
+    end
+
+    describe 'routes' do
+      setup :prepare_destination
+
+      before do
+        @dir = File.join(destination_root, 'config')
+
+        @fname = File.join(@dir, 'routes.rb')
+
+        # make dir if not exists
+        FileUtils.mkdir_p(@dir)
+
+        @f = File.open(@fname, 'w') do |f|
+          f.write <<-RUBY
+            Rails.application.routes.draw do
+              patch '/chong', to: 'bong#index'
+            end
+          RUBY
+        end
+
+        run_generator %W[#{user_class} auth]
+      end
+
+      test 'route method for user model with namespace is appended to routes file' do
+        assert_file 'config/routes.rb' do |routes|
+          assert_match(/mount_devise_token_auth_for '#{user_class}', at: 'auth'/, routes)
+        end
+      end
+
+      test 'subsequent runs do not modify file' do
+        run_generator %W[#{user_class} auth]
+        assert_file 'config/routes.rb' do |routes|
+          matches = routes.scan(/mount_devise_token_auth_for '#{user_class}', at: 'auth'/m).size
+          assert_equal 1, matches
+        end
+      end
+
+      describe 'subsequent models' do
+        before do
+          run_generator %w[Mang mangs]
+        end
+
+        test 'route method is appended to routes file' do
+          assert_file 'config/routes.rb' do |routes|
+            assert_match(/mount_devise_token_auth_for 'Mang', at: 'mangs'/, routes)
+          end
+        end
+
+        test 'devise_for block is appended to routes file' do
+          assert_file 'config/routes.rb' do |routes|
+            assert_match(/as :mang do/, routes)
+            assert_match(/# Define routes for Mang within this block./, routes)
+          end
+        end
+
+        if DEVISE_TOKEN_AUTH_ORM == :active_record
+          test 'migration is created' do
+            assert_migration 'db/migrate/devise_token_auth_create_mangs.rb'
+          end
+        end
+      end
+    end
+
+    describe 'application controller' do
+      setup :prepare_destination
+
+      before do
+        @dir = File.join(destination_root, 'app', 'controllers')
+
+        @fname = File.join(@dir, 'application_controller.rb')
+
+        # make dir if not exists
+        FileUtils.mkdir_p(@dir)
+
+        @f = File.open(@fname, 'w') do |f|
+          f.write <<-RUBY
+            class ApplicationController < ActionController::Base
+              def whatever
+                'whatever'
+              end
+            end
+          RUBY
+        end
+
+        run_generator %W[#{user_class} auth]
+      end
+
+      test 'controller concern is appended to application controller' do
+        assert_file 'app/controllers/application_controller.rb' do |controller|
+          assert_match(/include DeviseTokenAuth::Concerns::SetUserByToken/, controller)
+        end
+      end
+
+      test 'subsequent runs do not modify file' do
+        run_generator %W[#{user_class} auth]
+        assert_file 'app/controllers/application_controller.rb' do |controller|
+          matches = controller.scan(/include DeviseTokenAuth::Concerns::SetUserByToken/m).size
+          assert_equal 1, matches
+        end
+      end
+    end
+  end
+end