simple_token_authentication 1.5.1 → 1.5.2

data/spec/lib/simple_token_authentication/entities_manager_spec.rb

@@ -0,0 +1,67 @@
+require 'spec_helper'
+
+describe SimpleTokenAuthentication::EntitiesManager do
+
+  # The 'model' argument is quite vague, as it is for Entity;
+  # let's do nothing to solve that undefinition for now.
+
+  it_behaves_like 'an entities manager'
+
+  describe '#find_or_create_entity' do
+
+    before(:each) do
+      entity = double()
+      allow(entity).to receive(:new).and_return('an Entity instance')
+      stub_const('SimpleTokenAuthentication::Entity', entity)
+
+      super_user = double()
+      allow(super_user).to receive(:name) # any Ruby class has a name
+      stub_const('SuperUser', super_user)
+    end
+
+    context 'when a model is provided for the first time' do
+
+      it 'creates an Entity instance for the model', private: true do
+        expect(SimpleTokenAuthentication::Entity).to receive(:new).with(SuperUser)
+        expect(subject.find_or_create_entity(SuperUser)).to eq 'an Entity instance'
+      end
+
+      context 'even if Entity instances for other models exist', private: true do
+
+        before(:each) do
+          # define another model
+          admin = double()
+          allow(admin).to receive(:name).and_return('Admin')
+          stub_const('Admin', admin)
+          # ensure its Entity instance exists
+          subject.find_or_create_entity(Admin)
+          allow(SimpleTokenAuthentication::Entity).to receive(:new).and_return('some new Entity instance')
+        end
+
+        it 'creates an Entity instance for the model', private: true do
+          expect(SimpleTokenAuthentication::Entity).to receive(:new).with(SuperUser)
+          expect(subject.find_or_create_entity(SuperUser)).to eq 'some new Entity instance'
+        end
+      end
+    end
+
+    context 'when an Entity instance for that model already exists' do
+
+      before(:each) do
+        allow(SuperUser).to receive(:name).and_return('SuperUser')
+        subject.find_or_create_entity(SuperUser)
+
+        allow(SimpleTokenAuthentication::Entity).to receive(:new).and_return('some new Entity instance')
+      end
+
+      it 'returns that Entity instance', private: true do
+        expect(subject.find_or_create_entity(SuperUser)).to eq 'an Entity instance'
+      end
+
+      it 'does not create a new Entity instance', private: true do
+        expect(SimpleTokenAuthentication::Entity).not_to receive(:new).with(SuperUser)
+        subject.find_or_create_entity(SuperUser)
+      end
+    end
+  end
+end

data/spec/lib/simple_token_authentication/entity_spec.rb

@@ -0,0 +1,190 @@
+require 'spec_helper'
+
+describe SimpleTokenAuthentication::Entity do
+
+  before(:each) do
+    user = double()
+    allow(user).to receive(:name).and_return('SuperUser')
+    stub_const('SuperUser', user)
+
+    @subject = SimpleTokenAuthentication::Entity.new(SuperUser)
+  end
+
+  it 'responds to :model', protected: true do
+    expect(@subject).to respond_to :model
+  end
+
+  it 'responds to :name', protected: true do
+    expect(@subject).to respond_to :name
+  end
+
+  it 'responds to :name_underscore', protected: true do
+    expect(@subject).to respond_to :name_underscore
+  end
+
+  it 'responds to :token_header_name', protected: true do
+    expect(@subject).to respond_to :token_header_name
+  end
+
+  it 'responds to :identifier_header_name', protected: true do
+    expect(@subject).to respond_to :identifier_header_name
+  end
+
+  it 'responds to :token_param_name', protected: true do
+    expect(@subject).to respond_to :token_param_name
+  end
+
+  it 'responds to :identifier_param_name', protected: true do
+    expect(@subject).to respond_to :identifier_param_name
+  end
+
+  it 'responds to :get_token_from_params_or_headers', protected: true do
+    expect(@subject).to respond_to :get_token_from_params_or_headers
+  end
+
+  it 'responds to :get_identifier_from_params_or_headers', protected: true do
+    expect(@subject).to respond_to :get_identifier_from_params_or_headers
+  end
+
+  describe '#model' do
+    it 'is a constant', protected: true do
+      expect(@subject.model).to eq SuperUser
+    end
+  end
+
+  describe '#name' do
+    it 'is a camelized String', protected: true do
+      expect(@subject.name).to be_instance_of String
+      expect(@subject.name).to eq @subject.name.camelize
+    end
+  end
+
+  describe '#name_underscore', protected: true do
+    it 'is an underscored String' do
+      expect(@subject.name_underscore).to be_instance_of String
+      expect(@subject.name_underscore).to eq @subject.name_underscore.underscore
+    end
+  end
+
+  describe '#token_header_name', protected: true do
+    it 'is a String' do
+      expect(@subject.token_header_name).to be_instance_of String
+    end
+
+    it 'defines a non-standard header field' do
+      expect(@subject.token_header_name[0..1]).to eq 'X-'
+    end
+  end
+
+  describe '#identifier_header_name', protected: true do
+    it 'is a String' do
+      expect(@subject.identifier_header_name).to be_instance_of String
+    end
+
+    it 'defines a non-standard header field' do
+      expect(@subject.identifier_header_name[0..1]).to eq 'X-'
+    end
+  end
+
+  describe '#token_param_name', protected: true do
+    it 'is a Symbol' do
+      expect(@subject.token_param_name).to be_instance_of Symbol
+    end
+  end
+
+  describe '#identifier_param_name', protected: true do
+    it 'is a Symbol' do
+      expect(@subject.identifier_param_name).to be_instance_of Symbol
+    end
+  end
+
+  describe '#get_token_from_params_or_headers', protected: true do
+
+    context 'when a token is present in params' do
+
+      before(:each) do
+        @controller = double()
+        allow(@controller).to receive(:params).and_return({ super_user_token: 'The_ToKeN' })
+      end
+
+      it 'returns that token (String)' do
+        expect(@subject.get_token_from_params_or_headers(@controller)).to be_instance_of String
+        expect(@subject.get_token_from_params_or_headers(@controller)).to eq 'The_ToKeN'
+      end
+
+      context 'and another token is present in the headers' do
+
+        before(:each) do
+          allow(@controller).to receive_message_chain(:request, :headers)
+                     .and_return({ 'X-SuperUser-Token' => 'HeAd3rs_ToKeN' })
+        end
+
+        it 'returns the params token' do
+          expect(@subject.get_token_from_params_or_headers(@controller)).to eq 'The_ToKeN'
+        end
+      end
+    end
+
+    context 'when no token is present in params' do
+
+      context 'and a token is present in the headers' do
+
+        before(:each) do
+          @controller = double()
+          allow(@controller).to receive(:params).and_return({ super_user_token: '' })
+          allow(@controller).to receive_message_chain(:request, :headers)
+                     .and_return({ 'X-SuperUser-Token' => 'HeAd3rs_ToKeN' })
+        end
+
+        it 'returns the headers token' do
+          expect(@subject.get_token_from_params_or_headers(@controller)).to eq 'HeAd3rs_ToKeN'
+        end
+      end
+    end
+  end
+
+  describe '#get_identifier_from_params_or_headers', protected: true do
+
+    context 'when an identifier is present in params' do
+
+      before(:each) do
+        @controller = double()
+        allow(@controller).to receive(:params).and_return({ super_user_email: 'alice@example.com' })
+      end
+
+      it 'returns that identifier (String)' do
+        expect(@subject.get_identifier_from_params_or_headers(@controller)).to be_instance_of String
+        expect(@subject.get_identifier_from_params_or_headers(@controller)).to eq 'alice@example.com'
+      end
+
+      context 'and another identifier is present in the headers' do
+
+        before(:each) do
+          allow(@controller).to receive_message_chain(:request, :headers)
+                     .and_return({ 'X-SuperUser-Email' => 'bob@example.com' })
+        end
+
+        it 'returns the params identifier' do
+          expect(@subject.get_identifier_from_params_or_headers(@controller)).to eq 'alice@example.com'
+        end
+      end
+    end
+
+    context 'when no identifier is present in params' do
+
+      context 'and an identifier is present in the headers' do
+
+        before(:each) do
+          @controller = double()
+          allow(@controller).to receive(:params).and_return({ super_user_email: '' })
+          allow(@controller).to receive_message_chain(:request, :headers)
+                     .and_return({ 'X-SuperUser-Email' => 'bob@example.com' })
+        end
+
+        it 'returns the headers identifier' do
+          expect(@subject.get_identifier_from_params_or_headers(@controller)).to eq 'bob@example.com'
+        end
+      end
+    end
+  end
+end

data/spec/lib/simple_token_authentication/fallback_authentication_handler_spec.rb

@@ -0,0 +1,24 @@
+require 'spec_helper'
+
+describe SimpleTokenAuthentication::FallbackAuthenticationHandler do
+
+  it_behaves_like 'an authentication handler'
+
+  describe '#authenticate_entity!' do
+
+    it 'delegates authentication to Devise::Controllers::Helpers through a controller', private: true do
+      controller = double()
+      allow(controller).to receive(:authenticate_user!).and_return('Devise response.')
+
+      entity = double()
+      allow(entity).to receive_message_chain(:name_underscore).and_return('user')
+
+      # delegating consists in sending the message
+      expect(controller).to receive(:authenticate_user!)
+      response = subject.authenticate_entity!(controller, entity)
+
+      # and returning the response
+      expect(response).to eq 'Devise response.'
+    end
+  end
+end

data/spec/lib/simple_token_authentication/sign_in_handler_spec.rb

@@ -0,0 +1,43 @@
+require 'spec_helper'
+
+describe SimpleTokenAuthentication::SignInHandler do
+
+  it_behaves_like 'a sign in handler'
+
+  describe '#sign_in' do
+
+    it 'delegates sign in to Devise::Controllers::SignInOut#sign_in through a controller', private: true do
+      controller = double()
+      allow(controller).to receive(:sign_in).with(:record, option: 'some_value').and_return('Devise response.')
+      allow(controller).to receive(:env).and_return({})
+
+      # delegating consists in sending the message
+      expect(controller).to receive(:sign_in)
+      response = subject.sign_in(controller, :record, option: 'some_value')
+
+      # and returning the response
+      expect(response).to eq 'Devise response.'
+    end
+
+    it 'integrates with Devise trackable', protected: true do
+      controller = double()
+      allow(controller).to receive(:sign_in).with(:record)
+      allow(controller).to receive(:integrate_with_devise_trackable!)
+
+      expect(subject).to receive(:integrate_with_devise_trackable!).with(controller)
+      subject.sign_in(controller, :record)
+    end
+  end
+
+  describe '#integrate_with_devise_trackable!' do
+
+    it 'ensures Devise trackable statistics are kept clean', private: true do
+      controller = double()
+      env = double()
+      allow(controller).to receive(:env).and_return(env)
+      expect(env).to receive(:[]=).with('devise.skip_trackable', true)
+
+      subject.send :integrate_with_devise_trackable!, controller
+    end
+  end
+end

data/spec/lib/simple_token_authentication/token_authentication_handler_spec.rb

@@ -0,0 +1,250 @@
+require 'spec_helper'
+
+describe 'Any class which includes SimpleTokenAuthentication::TokenAuthenticationHandler' do
+
+  let(:described_class) do
+    define_dummy_class_which_includes SimpleTokenAuthentication::TokenAuthenticationHandler
+  end
+
+  after(:each) do
+    # ensure_examples_independence
+    SimpleTokenAuthentication.send(:remove_const, :SomeClass)
+  end
+
+  it_behaves_like 'a token authentication handler'
+
+  let(:subject) { described_class }
+
+  describe '.handle_token_authentication_for' do
+
+    before(:each) do
+      double_user_model
+    end
+
+    it 'ensures token authentication is handled for a given (token authenticatable) model', public: true do
+      entities_manager = double()
+      allow(entities_manager).to receive(:find_or_create_entity).and_return('entity')
+
+      # skip steps which are not relevant in this example
+      allow(SimpleTokenAuthentication).to receive(:fallback).and_return('default')
+      allow(subject).to receive(:entities_manager).and_return(entities_manager)
+      allow(subject).to receive(:set_token_authentication_hooks)
+      allow(subject).to receive(:define_token_authentication_helpers_for)
+
+      expect(subject).to receive(:set_token_authentication_hooks).with('entity', {option: 'value', fallback: 'default'})
+      subject.handle_token_authentication_for(User, {option: 'value'})
+    end
+
+    context 'when called multiple times' do
+
+      it 'ensures token authentication is handled for the given (token authenticatable) models', public: true do
+        double_super_admin_model
+        entities_manager = double()
+        allow(entities_manager).to receive(:find_or_create_entity).with(User).and_return('User entity')
+        allow(entities_manager).to receive(:find_or_create_entity).with(SuperAdmin).and_return('SuperAdmin entity')
+
+        # skip steps which are not relevant in this example
+        allow(SimpleTokenAuthentication).to receive(:fallback).and_return('default')
+        allow(subject).to receive(:entities_manager).and_return(entities_manager)
+        allow(subject).to receive(:set_token_authentication_hooks)
+        allow(subject).to receive(:define_token_authentication_helpers_for)
+
+        expect(subject).to receive(:set_token_authentication_hooks).with('User entity', {option: 'value', fallback: 'default'})
+        expect(subject).to receive(:set_token_authentication_hooks).with('SuperAdmin entity', {option: 'some specific value', fallback: 'default'})
+        subject.handle_token_authentication_for(User, {option: 'value'})
+        subject.handle_token_authentication_for(SuperAdmin, {option: 'some specific value'})
+      end
+    end
+  end
+
+  describe '.entities_manager' do
+
+    before(:each) do
+      # The private tag is here to keep the following examples out of
+      # the public documentation.
+      subject.send :public_class_method, :entities_manager
+
+      allow(SimpleTokenAuthentication::EntitiesManager).to receive(:new)
+        .and_return('a EntitiesManager instance')
+    end
+
+    context 'when called for the first time' do
+
+      it 'creates a new EntitiesManager instance', private: true do
+        expect(SimpleTokenAuthentication::EntitiesManager).to receive(:new)
+        expect(subject.entities_manager).to eq 'a EntitiesManager instance'
+      end
+    end
+
+    context 'when a EntitiesManager instance was already created' do
+
+      before(:each) do
+        subject.entities_manager
+        # let's make any new EntitiesManager distinct from the first
+        allow(SimpleTokenAuthentication::EntitiesManager).to receive(:new)
+        .and_return('another EntitiesManager instance')
+      end
+
+      it 'returns that instance', private: true do
+        expect(subject.entities_manager).to eq 'a EntitiesManager instance'
+      end
+
+      it 'does not create a new EntitiesManager instance', private: true do
+        expect(SimpleTokenAuthentication::EntitiesManager).not_to receive(:new)
+        expect(subject.entities_manager).not_to eq 'another EntitiesManager instance'
+      end
+    end
+  end
+
+  describe '.fallback_authentication_handler' do
+
+    before(:each) do
+      # The private tag is here to keep the following examples out of
+      # the public documentation.
+      subject.send :public_class_method, :fallback_authentication_handler
+
+      allow(SimpleTokenAuthentication::FallbackAuthenticationHandler).to receive(:new)
+        .and_return('a FallbackAuthenticationHandler instance')
+    end
+
+    context 'when called for the first time' do
+
+      it 'creates a new FallbackAuthenticationHandler instance', private: true do
+        expect(SimpleTokenAuthentication::FallbackAuthenticationHandler).to receive(:new)
+        expect(subject.fallback_authentication_handler).to eq 'a FallbackAuthenticationHandler instance'
+      end
+    end
+
+    context 'when a FallbackAuthenticationHandler instance was already created' do
+
+      before(:each) do
+        subject.fallback_authentication_handler
+        # let's make any new FallbackAuthenticationHandler distinct from the first
+        allow(SimpleTokenAuthentication::FallbackAuthenticationHandler).to receive(:new)
+        .and_return('another FallbackAuthenticationHandler instance')
+      end
+
+      it 'returns that instance', private: true do
+        expect(subject.fallback_authentication_handler).to eq 'a FallbackAuthenticationHandler instance'
+      end
+
+      it 'does not create a new FallbackAuthenticationHandler instance', private: true do
+        expect(SimpleTokenAuthentication::FallbackAuthenticationHandler).not_to receive(:new)
+        expect(subject.fallback_authentication_handler).not_to eq 'another FallbackAuthenticationHandler instance'
+      end
+    end
+  end
+
+  describe 'and which supports the :before_filter hook' do
+
+    before(:each) do
+      allow(subject).to receive(:before_filter)
+    end
+
+    # User
+
+    context 'and which handles token authentication for User' do
+
+      before(:each) do
+        double_user_model
+      end
+
+      it 'ensures its instances require user to authenticate from token or any Devise strategy before any action', public: true do
+        expect(subject).to receive(:before_filter).with(:authenticate_user_from_token!, {})
+        subject.handle_token_authentication_for User
+      end
+
+      context 'and disables the fallback to Devise authentication' do
+
+        let(:options) do
+          { fallback_to_devise: false }
+        end
+
+        it 'ensures its instances require user to authenticate from token before any action', public: true do
+          expect(subject).to receive(:before_filter).with(:authenticate_user_from_token, {})
+          subject.handle_token_authentication_for User, options
+        end
+      end
+
+      describe 'instance' do
+
+        before(:each) do
+          double_user_model
+
+          subject.class_eval do
+            handle_token_authentication_for User
+          end
+        end
+
+        it 'responds to :authenticate_user_from_token', protected: true do
+          expect(subject.new).to respond_to :authenticate_user_from_token
+        end
+
+        it 'responds to :authenticate_user_from_token!', protected: true do
+          expect(subject.new).to respond_to :authenticate_user_from_token!
+        end
+
+        it 'does not respond to :authenticate_super_admin_from_token', protected: true do
+          expect(subject.new).not_to respond_to :authenticate_super_admin_from_token
+        end
+
+        it 'does not respond to :authenticate_super_admin_from_token!', protected: true do
+          expect(subject.new).not_to respond_to :authenticate_super_admin_from_token!
+        end
+      end
+    end
+
+    # SuperAdmin
+
+    context 'and which handles token authentication for SuperAdmin' do
+
+      before(:each) do
+        double_super_admin_model
+      end
+
+      it 'ensures its instances require super_admin to authenticate from token or any Devise strategy before any action', public: true do
+        expect(subject).to receive(:before_filter).with(:authenticate_super_admin_from_token!, {})
+        subject.handle_token_authentication_for SuperAdmin
+      end
+
+      context 'and disables the fallback to Devise authentication' do
+
+        let(:options) do
+          { fallback_to_devise: false }
+        end
+
+        it 'ensures its instances require super_admin to authenticate from token before any action', public: true do
+          expect(subject).to receive(:before_filter).with(:authenticate_super_admin_from_token, {})
+          subject.handle_token_authentication_for SuperAdmin, options
+        end
+      end
+
+      describe 'instance' do
+
+        before(:each) do
+          double_super_admin_model
+
+          subject.class_eval do
+            handle_token_authentication_for SuperAdmin
+          end
+        end
+
+        it 'responds to :authenticate_super_admin_from_token', protected: true do
+          expect(subject.new).to respond_to :authenticate_super_admin_from_token
+        end
+
+        it 'responds to :authenticate_super_admin_from_token!', protected: true do
+          expect(subject.new).to respond_to :authenticate_super_admin_from_token!
+        end
+
+        it 'does not respond to :authenticate_user_from_token', protected: true do
+          expect(subject.new).not_to respond_to :authenticate_user_from_token
+        end
+
+        it 'does not respond to :authenticate_user_from_token!', protected: true do
+          expect(subject.new).not_to respond_to :authenticate_user_from_token!
+        end
+      end
+    end
+  end
+end