sorcery 0.1.4 → 0.3.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (113) hide show
  1. data/Gemfile +4 -2
  2. data/Gemfile.lock +16 -13
  3. data/README.rdoc +149 -78
  4. data/Rakefile +5 -0
  5. data/VERSION +1 -1
  6. data/lib/generators/sorcery_migration/sorcery_migration_generator.rb +24 -0
  7. data/lib/generators/sorcery_migration/templates/activity_logging.rb +17 -0
  8. data/lib/generators/sorcery_migration/templates/brute_force_protection.rb +11 -0
  9. data/lib/generators/sorcery_migration/templates/core.rb +16 -0
  10. data/lib/generators/sorcery_migration/templates/external.rb +14 -0
  11. data/lib/generators/sorcery_migration/templates/remember_me.rb +15 -0
  12. data/lib/generators/sorcery_migration/templates/reset_password.rb +13 -0
  13. data/lib/generators/sorcery_migration/templates/user_activation.rb +17 -0
  14. data/lib/sorcery/controller/adapters/sinatra.rb +97 -0
  15. data/lib/sorcery/controller/submodules/activity_logging.rb +20 -7
  16. data/lib/sorcery/controller/submodules/brute_force_protection.rb +9 -2
  17. data/lib/sorcery/controller/submodules/email.rb +44 -0
  18. data/lib/sorcery/controller/submodules/external/protocols/oauth1.rb +35 -0
  19. data/lib/sorcery/controller/submodules/external/protocols/oauth2.rb +26 -0
  20. data/lib/sorcery/controller/submodules/external/providers/facebook.rb +82 -0
  21. data/lib/sorcery/controller/submodules/external/providers/twitter.rb +86 -0
  22. data/lib/sorcery/controller/submodules/external.rb +83 -0
  23. data/lib/sorcery/controller/submodules/http_basic_auth.rb +18 -9
  24. data/lib/sorcery/controller/submodules/oauth.rb +95 -0
  25. data/lib/sorcery/controller/submodules/remember_me.rb +14 -5
  26. data/lib/sorcery/controller/submodules/session_timeout.rb +6 -1
  27. data/lib/sorcery/controller.rb +30 -16
  28. data/lib/sorcery/engine.rb +9 -2
  29. data/lib/sorcery/model/submodules/activity_logging.rb +13 -8
  30. data/lib/sorcery/model/submodules/brute_force_protection.rb +11 -8
  31. data/lib/sorcery/model/submodules/external.rb +53 -0
  32. data/lib/sorcery/model/submodules/remember_me.rb +5 -3
  33. data/lib/sorcery/model/submodules/reset_password.rb +16 -13
  34. data/lib/sorcery/model/submodules/user_activation.rb +38 -19
  35. data/lib/sorcery/model/temporary_token.rb +22 -0
  36. data/lib/sorcery/model.rb +17 -7
  37. data/lib/sorcery/sinatra.rb +14 -0
  38. data/lib/sorcery/test_helpers/rails.rb +57 -0
  39. data/lib/sorcery/test_helpers/sinatra.rb +131 -0
  40. data/lib/sorcery/test_helpers.rb +40 -0
  41. data/lib/sorcery.rb +22 -0
  42. data/sorcery.gemspec +146 -41
  43. data/spec/Gemfile +3 -2
  44. data/spec/Gemfile.lock +15 -2
  45. data/spec/rails3/app_root/.rspec +1 -0
  46. data/spec/rails3/{Gemfile → app_root/Gemfile} +4 -4
  47. data/spec/rails3/{Gemfile.lock → app_root/Gemfile.lock} +23 -3
  48. data/spec/rails3/app_root/app/controllers/application_controller.rb +42 -1
  49. data/spec/rails3/app_root/app/models/authentication.rb +3 -0
  50. data/spec/rails3/app_root/app/models/user.rb +4 -1
  51. data/spec/rails3/app_root/config/application.rb +1 -3
  52. data/spec/rails3/app_root/config/routes.rb +1 -10
  53. data/spec/rails3/app_root/db/migrate/activation/20101224223622_add_activation_to_users.rb +6 -4
  54. data/spec/rails3/app_root/db/migrate/core/20101224223620_create_users.rb +4 -4
  55. data/spec/rails3/app_root/db/migrate/external/20101224223628_create_authentications.rb +14 -0
  56. data/spec/rails3/{controller_activity_logging_spec.rb → app_root/spec/controller_activity_logging_spec.rb} +13 -13
  57. data/spec/rails3/{controller_brute_force_protection_spec.rb → app_root/spec/controller_brute_force_protection_spec.rb} +16 -6
  58. data/spec/rails3/{controller_http_basic_auth_spec.rb → app_root/spec/controller_http_basic_auth_spec.rb} +3 -3
  59. data/spec/rails3/app_root/spec/controller_oauth2_spec.rb +119 -0
  60. data/spec/rails3/app_root/spec/controller_oauth_spec.rb +122 -0
  61. data/spec/rails3/{controller_remember_me_spec.rb → app_root/spec/controller_remember_me_spec.rb} +4 -4
  62. data/spec/rails3/{controller_session_timeout_spec.rb → app_root/spec/controller_session_timeout_spec.rb} +6 -6
  63. data/spec/rails3/{controller_spec.rb → app_root/spec/controller_spec.rb} +20 -13
  64. data/spec/rails3/app_root/spec/spec_helper.orig.rb +27 -0
  65. data/spec/rails3/app_root/spec/spec_helper.rb +62 -0
  66. data/spec/rails3/{user_activation_spec.rb → app_root/spec/user_activation_spec.rb} +60 -20
  67. data/spec/rails3/{user_activity_logging_spec.rb → app_root/spec/user_activity_logging_spec.rb} +4 -4
  68. data/spec/rails3/{user_brute_force_protection_spec.rb → app_root/spec/user_brute_force_protection_spec.rb} +7 -7
  69. data/spec/rails3/app_root/spec/user_oauth_spec.rb +39 -0
  70. data/spec/rails3/{user_remember_me_spec.rb → app_root/spec/user_remember_me_spec.rb} +4 -4
  71. data/spec/rails3/{user_reset_password_spec.rb → app_root/spec/user_reset_password_spec.rb} +21 -41
  72. data/spec/rails3/app_root/spec/user_spec.rb +317 -0
  73. data/spec/sinatra/Gemfile +12 -0
  74. data/spec/sinatra/Gemfile.lock +134 -0
  75. data/spec/sinatra/Rakefile +10 -0
  76. data/spec/sinatra/authentication.rb +3 -0
  77. data/spec/sinatra/db/migrate/activation/20101224223622_add_activation_to_users.rb +17 -0
  78. data/spec/sinatra/db/migrate/activity_logging/20101224223624_add_activity_logging_to_users.rb +17 -0
  79. data/spec/sinatra/db/migrate/brute_force_protection/20101224223626_add_brute_force_protection_to_users.rb +11 -0
  80. data/spec/sinatra/db/migrate/core/20101224223620_create_users.rb +16 -0
  81. data/spec/sinatra/db/migrate/external/20101224223628_create_authentications.rb +14 -0
  82. data/spec/sinatra/db/migrate/remember_me/20101224223623_add_remember_me_token_to_users.rb +15 -0
  83. data/spec/sinatra/db/migrate/reset_password/20101224223622_add_reset_password_to_users.rb +13 -0
  84. data/spec/sinatra/filters.rb +21 -0
  85. data/spec/sinatra/myapp.rb +133 -0
  86. data/spec/sinatra/sorcery_mailer.rb +25 -0
  87. data/spec/sinatra/spec/controller_activity_logging_spec.rb +85 -0
  88. data/spec/sinatra/spec/controller_brute_force_protection_spec.rb +69 -0
  89. data/spec/sinatra/spec/controller_http_basic_auth_spec.rb +53 -0
  90. data/spec/sinatra/spec/controller_oauth2_spec.rb +119 -0
  91. data/spec/sinatra/spec/controller_oauth_spec.rb +121 -0
  92. data/spec/sinatra/spec/controller_remember_me_spec.rb +64 -0
  93. data/spec/sinatra/spec/controller_session_timeout_spec.rb +52 -0
  94. data/spec/sinatra/spec/controller_spec.rb +120 -0
  95. data/spec/sinatra/spec/spec.opts +4 -0
  96. data/spec/sinatra/spec/spec_helper.rb +44 -0
  97. data/spec/sinatra/spec/user_activation_spec.rb +188 -0
  98. data/spec/sinatra/spec/user_activity_logging_spec.rb +36 -0
  99. data/spec/sinatra/spec/user_brute_force_protection_spec.rb +76 -0
  100. data/spec/sinatra/spec/user_oauth_spec.rb +39 -0
  101. data/spec/sinatra/spec/user_remember_me_spec.rb +66 -0
  102. data/spec/sinatra/spec/user_reset_password_spec.rb +178 -0
  103. data/spec/{rails3 → sinatra/spec}/user_spec.rb +68 -38
  104. data/spec/sinatra/user.rb +6 -0
  105. data/spec/sinatra/views/test_login.erb +4 -0
  106. data/spec/untitled folder +18 -0
  107. metadata +203 -58
  108. data/spec/rails3/app_root/test/fixtures/users.yml +0 -9
  109. data/spec/rails3/app_root/test/performance/browsing_test.rb +0 -9
  110. data/spec/rails3/app_root/test/test_helper.rb +0 -13
  111. data/spec/rails3/app_root/test/unit/user_test.rb +0 -8
  112. data/spec/rails3/spec_helper.rb +0 -135
  113. /data/spec/rails3/{Rakefile → app_root/Rakefile} +0 -0
@@ -1,7 +1,14 @@
1
1
  PATH
2
2
  remote: ../../../
3
3
  specs:
4
- sorcery (0.1.3)
4
+ sorcery (0.3.1)
5
+ bcrypt-ruby (~> 2.1.4)
6
+ json (>= 1.5.1)
7
+ oauth (>= 0.4.4)
8
+ oauth (>= 0.4.4)
9
+ oauth2 (>= 0.1.1)
10
+ oauth2 (>= 0.1.1)
11
+ rails (>= 3.0.0)
5
12
 
6
13
  GEM
7
14
  remote: http://rubygems.org/
@@ -33,6 +40,7 @@ GEM
33
40
  activemodel (= 3.0.3)
34
41
  activesupport (= 3.0.3)
35
42
  activesupport (3.0.3)
43
+ addressable (2.2.4)
36
44
  archive-tar-minitar (0.5.2)
37
45
  arel (2.0.6)
38
46
  bcrypt-ruby (2.1.4)
@@ -41,7 +49,12 @@ GEM
41
49
  diff-lcs (1.1.2)
42
50
  erubis (2.6.6)
43
51
  abstract (>= 1.0.0)
52
+ faraday (0.5.5)
53
+ addressable (~> 2.2.4)
54
+ multipart-post (~> 1.1.0)
55
+ rack (< 2, >= 1.1.0)
44
56
  i18n (0.5.0)
57
+ json (1.5.1)
45
58
  linecache19 (0.5.11)
46
59
  ruby_core_source (>= 0.1.4)
47
60
  mail (2.2.13)
@@ -50,6 +63,12 @@ GEM
50
63
  mime-types (~> 1.16)
51
64
  treetop (~> 1.4.8)
52
65
  mime-types (1.16)
66
+ multi_json (0.0.5)
67
+ multipart-post (1.1.0)
68
+ oauth (0.4.4)
69
+ oauth2 (0.1.1)
70
+ faraday (~> 0.5.0)
71
+ multi_json (~> 0.0.4)
53
72
  polyglot (0.3.1)
54
73
  rack (1.2.1)
55
74
  rack-mount (0.6.13)
@@ -96,6 +115,7 @@ GEM
96
115
  simplecov (0.3.9)
97
116
  simplecov-html (>= 0.3.7)
98
117
  simplecov-html (0.3.9)
118
+ spork (0.9.0.rc3)
99
119
  sqlite3-ruby (1.3.2)
100
120
  thor (0.14.6)
101
121
  treetop (1.4.9)
@@ -106,11 +126,11 @@ PLATFORMS
106
126
  ruby
107
127
 
108
128
  DEPENDENCIES
109
- bcrypt-ruby (~> 2.1.4)
110
129
  rails (= 3.0.3)
111
130
  rspec
112
131
  rspec-rails
113
132
  ruby-debug19
114
133
  simplecov (>= 0.3.8)
115
- sorcery (= 0.1.3)!
134
+ sorcery (= 0.3.1)!
135
+ spork (~> 0.9.0.rc)
116
136
  sqlite3-ruby
@@ -1,3 +1,5 @@
1
+ require 'oauth'
2
+
1
3
  class ApplicationController < ActionController::Base
2
4
  protect_from_forgery
3
5
 
@@ -18,6 +20,11 @@ class ApplicationController < ActionController::Base
18
20
  render :text => ""
19
21
  end
20
22
 
23
+ def test_return_to
24
+ @user = login(params[:username], params[:password])
25
+ redirect_back_or_to(:index, :notice => 'haha!')
26
+ end
27
+
21
28
  def test_logout
22
29
  logout
23
30
  render :text => ""
@@ -43,7 +50,7 @@ class ApplicationController < ActionController::Base
43
50
  end
44
51
 
45
52
  def test_login_from_cookie
46
- @user = logged_in_user
53
+ @user = current_user
47
54
  render :text => ""
48
55
  end
49
56
 
@@ -59,6 +66,40 @@ class ApplicationController < ActionController::Base
59
66
  render :text => "HTTP Basic Auth"
60
67
  end
61
68
 
69
+ def login_at_test
70
+ login_at(:twitter)
71
+ end
72
+
73
+ def login_at_test2
74
+ login_at(:facebook)
75
+ end
76
+
77
+ def test_login_from
78
+ if @user = login_from(:twitter)
79
+ redirect_to "bla", :notice => "Success!"
80
+ else
81
+ redirect_to "blu", :alert => "Failed!"
82
+ end
83
+ end
84
+
85
+ def test_login_from2
86
+ if @user = login_from(:facebook)
87
+ redirect_to "bla", :notice => "Success!"
88
+ else
89
+ redirect_to "blu", :alert => "Failed!"
90
+ end
91
+ end
92
+
93
+ def test_create_from_provider
94
+ provider = params[:provider]
95
+ login_from(provider)
96
+ if @user = create_from(provider)
97
+ redirect_to "bla", :notice => "Success!"
98
+ else
99
+ redirect_to "blu", :alert => "Failed!"
100
+ end
101
+ end
102
+
62
103
  protected
63
104
 
64
105
 
@@ -0,0 +1,3 @@
1
+ class Authentication < ActiveRecord::Base
2
+ belongs_to :user
3
+ end
@@ -1,3 +1,6 @@
1
1
  class User < ActiveRecord::Base
2
- #activate_sorcery!
2
+ attr_accessible :email, :password, :password_confirmation, :authentications_attributes
3
+
4
+ has_many :authentications, :dependent => :destroy
5
+ accepts_nested_attributes_for :authentications
3
6
  end
@@ -38,9 +38,7 @@ module AppRoot
38
38
 
39
39
  # Configure sensitive parameters which will be filtered from the log file.
40
40
  config.filter_parameters += [:password]
41
-
42
- config.root = File.expand_path('../..', __FILE__)
43
-
41
+
44
42
  config.action_mailer.delivery_method = :test
45
43
 
46
44
  config.active_support.deprecation = :stderr
@@ -1,14 +1,5 @@
1
1
  AppRoot::Application.routes.draw do
2
2
  root :to => "application#index"
3
- match '/test_login', :to => "application#test_login"
4
- match '/test_logout', :to => "application#test_logout"
5
- match '/some_action', :to => "application#some_action"
6
- match '/test_logout_with_remember', :to => "application#test_logout_with_remember"
7
- match '/test_login_with_remember', :to => 'application#test_login_with_remember'
8
- match '/test_login_with_remember_in_login', :to => 'application#test_login_with_remember_in_login'
9
- match '/test_login_from_cookie', :to => 'application#test_login_from_cookie'
10
- match '/test_should_be_logged_in', :to => 'application#test_should_be_logged_in'
11
- match '/test_http_basic_auth', :to => 'application#test_http_basic_auth'
12
3
  # The priority is based upon order of creation:
13
4
  # first created -> highest priority.
14
5
 
@@ -64,5 +55,5 @@ AppRoot::Application.routes.draw do
64
55
 
65
56
  # This is a legacy wild controller route that's not recommended for RESTful applications.
66
57
  # Note: This route will make all actions in every controller accessible via GET requests.
67
- # match ':controller(/:action(/:id(.:format)))'
58
+ match ':controller(/:action(/:id(.:format)))'
68
59
  end
@@ -1,15 +1,17 @@
1
1
  class AddActivationToUsers < ActiveRecord::Migration
2
2
  def self.up
3
3
  add_column :users, :activation_state, :string, :default => nil
4
- add_column :users, :activation_code, :string, :default => nil
4
+ add_column :users, :activation_token, :string, :default => nil
5
+ add_column :users, :activation_token_expires_at, :datetime, :default => nil
5
6
 
6
- add_index :users, :activation_code
7
+ add_index :users, :activation_token
7
8
  end
8
9
 
9
10
  def self.down
10
- remove_index :users, :activation_code
11
+ remove_index :users, :activation_token
11
12
 
12
- remove_column :users, :activation_code
13
+ remove_column :users, :activation_token_expires_at
14
+ remove_column :users, :activation_token
13
15
  remove_column :users, :activation_state
14
16
  end
15
17
  end
@@ -1,10 +1,10 @@
1
1
  class CreateUsers < ActiveRecord::Migration
2
2
  def self.up
3
3
  create_table :users do |t|
4
- t.string :username
5
- t.string :email, :null => false
6
- t.string :crypted_password
7
- t.string :salt
4
+ t.string :username, :null => false
5
+ t.string :email, :default => nil
6
+ t.string :crypted_password, :default => nil
7
+ t.string :salt, :default => nil
8
8
 
9
9
  t.timestamps
10
10
  end
@@ -0,0 +1,14 @@
1
+ class CreateAuthentications < ActiveRecord::Migration
2
+ def self.up
3
+ create_table :authentications do |t|
4
+ t.integer :user_id, :null => false
5
+ t.string :provider, :uid, :null => false
6
+
7
+ t.timestamps
8
+ end
9
+ end
10
+
11
+ def self.down
12
+ drop_table :authentications
13
+ end
14
+ end
@@ -12,7 +12,7 @@ describe ApplicationController do
12
12
  # ----------------- ACTIVITY LOGGING -----------------------
13
13
  describe ApplicationController, "with activity logging features" do
14
14
  before(:all) do
15
- plugin_model_configure([:activity_logging])
15
+ sorcery_reload!([:activity_logging])
16
16
  end
17
17
 
18
18
  before(:each) do
@@ -23,12 +23,12 @@ describe ApplicationController do
23
23
  User.delete_all
24
24
  end
25
25
 
26
- it "should respond to 'logged_in_users'" do
27
- subject.should respond_to(:logged_in_users)
26
+ it "should respond to 'current_users'" do
27
+ subject.should respond_to(:current_users)
28
28
  end
29
29
 
30
- it "'logged_in_users' should be empty when no users are logged in" do
31
- subject.logged_in_users.size.should == 0
30
+ it "'current_users' should be empty when no users are logged in" do
31
+ subject.current_users.size.should == 0
32
32
  end
33
33
 
34
34
  it "should log login time on login" do
@@ -56,14 +56,14 @@ describe ApplicationController do
56
56
  User.first.last_activity_at.to_s(:db).should <= (now+2).to_s(:db)
57
57
  end
58
58
 
59
- it "'logged_in_users' should hold the user object when 1 user is logged in" do
59
+ it "'current_users' should hold the user object when 1 user is logged in" do
60
60
  login_user
61
61
  get :some_action
62
- subject.logged_in_users.size.should == 1
63
- subject.logged_in_users[0].should == @user
62
+ subject.current_users.size.should == 1
63
+ subject.current_users[0].should == @user
64
64
  end
65
65
 
66
- it "'logged_in_users' should show all logged_in_users, whether they have logged out before or not." do
66
+ it "'current_users' should show all current_users, whether they have logged out before or not." do
67
67
  user1 = create_new_user({:username => 'gizmo1', :email => "bla1@bla.com", :password => 'secret1'})
68
68
  login_user(user1)
69
69
  get :some_action
@@ -75,10 +75,10 @@ describe ApplicationController do
75
75
  user3 = create_new_user({:username => 'gizmo3', :email => "bla3@bla.com", :password => 'secret3'})
76
76
  login_user(user3)
77
77
  get :some_action
78
- subject.logged_in_users.size.should == 3
79
- subject.logged_in_users[0].should == user1
80
- subject.logged_in_users[1].should == user2
81
- subject.logged_in_users[2].should == user3
78
+ subject.current_users.size.should == 3
79
+ subject.current_users[0].should == user1
80
+ subject.current_users[1].should == user2
81
+ subject.current_users[2].should == user3
82
82
  end
83
83
  end
84
84
  end
@@ -12,13 +12,13 @@ describe ApplicationController do
12
12
  # ----------------- SESSION TIMEOUT -----------------------
13
13
  describe ApplicationController, "with brute force protection features" do
14
14
  before(:all) do
15
- plugin_model_configure([:brute_force_protection])
15
+ sorcery_reload!([:brute_force_protection])
16
16
  create_new_user
17
17
  end
18
18
 
19
19
  after(:each) do
20
20
  Sorcery::Controller::Config.reset!
21
- plugin_set_controller_config_property(:user_class, User)
21
+ sorcery_controller_property_set(:user_class, User)
22
22
  end
23
23
 
24
24
  it "should count login retries" do
@@ -27,7 +27,7 @@ describe ApplicationController do
27
27
  end
28
28
 
29
29
  it "should reset the counter on a good login" do
30
- plugin_set_model_config_property(:consecutive_login_retries_amount_allowed, 5)
30
+ sorcery_model_property_set(:consecutive_login_retries_amount_limit, 5)
31
31
  3.times {get :test_login, :username => 'gizmo', :password => 'blabla'}
32
32
  get :test_login, :username => 'gizmo', :password => 'secret'
33
33
  User.find_by_username('gizmo').failed_logins_count.should == 0
@@ -35,14 +35,14 @@ describe ApplicationController do
35
35
 
36
36
  it "should lock user when number of retries reached the limit" do
37
37
  User.find_by_username('gizmo').lock_expires_at.should be_nil
38
- plugin_set_model_config_property(:consecutive_login_retries_amount_allowed, 1)
38
+ sorcery_model_property_set(:consecutive_login_retries_amount_limit, 1)
39
39
  get :test_login, :username => 'gizmo', :password => 'blabla'
40
40
  User.find_by_username('gizmo').lock_expires_at.should_not be_nil
41
41
  end
42
42
 
43
43
  it "should unlock after lock time period passes" do
44
- plugin_set_model_config_property(:consecutive_login_retries_amount_allowed, 2)
45
- plugin_set_model_config_property(:login_lock_time_period, 0.2)
44
+ sorcery_model_property_set(:consecutive_login_retries_amount_limit, 2)
45
+ sorcery_model_property_set(:login_lock_time_period, 0.2)
46
46
  get :test_login, :username => 'gizmo', :password => 'blabla'
47
47
  get :test_login, :username => 'gizmo', :password => 'blabla'
48
48
  User.find_by_username('gizmo').lock_expires_at.should_not be_nil
@@ -51,5 +51,15 @@ describe ApplicationController do
51
51
  User.find_by_username('gizmo').lock_expires_at.should be_nil
52
52
  end
53
53
 
54
+ it "should not unlock if time period is 0 (permanent lock)" do
55
+ sorcery_model_property_set(:consecutive_login_retries_amount_limit, 2)
56
+ sorcery_model_property_set(:login_lock_time_period, 0)
57
+ get :test_login, :username => 'gizmo', :password => 'blabla'
58
+ get :test_login, :username => 'gizmo', :password => 'blabla'
59
+ unlock_date = User.find_by_username('gizmo').lock_expires_at
60
+ sleep 1
61
+ get :test_login, :username => 'gizmo', :password => 'blabla'
62
+ User.find_by_username('gizmo').lock_expires_at.to_s.should == unlock_date.to_s
63
+ end
54
64
  end
55
65
  end
@@ -5,7 +5,7 @@ describe ApplicationController do
5
5
  # ----------------- HTTP BASIC AUTH -----------------------
6
6
  describe ApplicationController, "with http basic auth features" do
7
7
  before(:all) do
8
- plugin_model_configure([:http_basic_auth])
8
+ sorcery_reload!([:http_basic_auth])
9
9
  create_new_user
10
10
  end
11
11
 
@@ -31,12 +31,12 @@ describe ApplicationController do
31
31
  end
32
32
 
33
33
  it "should allow configuration option 'controller_to_realm_map'" do
34
- plugin_set_controller_config_property(:controller_to_realm_map, {"1" => "2"})
34
+ sorcery_controller_property_set(:controller_to_realm_map, {"1" => "2"})
35
35
  Sorcery::Controller::Config.controller_to_realm_map.should == {"1" => "2"}
36
36
  end
37
37
 
38
38
  it "should display the correct realm name configured for the controller" do
39
- plugin_set_controller_config_property(:controller_to_realm_map, {"application" => "Salad"})
39
+ sorcery_controller_property_set(:controller_to_realm_map, {"application" => "Salad"})
40
40
  get :test_http_basic_auth
41
41
  response.headers["WWW-Authenticate"].should == "Basic realm=\"Salad\""
42
42
  end
@@ -0,0 +1,119 @@
1
+ require File.expand_path(File.dirname(__FILE__) + '/spec_helper')
2
+
3
+ def stub_all_oauth2_requests!
4
+ @client = OAuth2::Client.new("key","secret", :site => "http://myapi.com")
5
+ OAuth2::Client.stub!(:new).and_return(@client)
6
+ @acc_token = OAuth2::AccessToken.new(@client, "", "asd", nil, {})
7
+ @webby = @client.web_server
8
+ OAuth2::Strategy::WebServer.stub!(:new).and_return(@webby)
9
+ @webby.stub!(:get_access_token).and_return(@acc_token)
10
+ @acc_token.stub!(:get).and_return({"id"=>"123", "name"=>"Noam Ben Ari", "first_name"=>"Noam", "last_name"=>"Ben Ari", "link"=>"http://www.facebook.com/nbenari1", "hometown"=>{"id"=>"110619208966868", "name"=>"Haifa, Israel"}, "location"=>{"id"=>"106906559341067", "name"=>"Pardes Hanah, Hefa, Israel"}, "bio"=>"I'm a new daddy, and enjoying it!", "gender"=>"male", "email"=>"nbenari@gmail.com", "timezone"=>2, "locale"=>"en_US", "languages"=>[{"id"=>"108405449189952", "name"=>"Hebrew"}, {"id"=>"106059522759137", "name"=>"English"}, {"id"=>"112624162082677", "name"=>"Russian"}], "verified"=>true, "updated_time"=>"2011-02-16T20:59:38+0000"}.to_json)
11
+ end
12
+
13
+ describe ApplicationController do
14
+ before(:all) do
15
+ ActiveRecord::Migrator.migrate("#{Rails.root}/db/migrate/external")
16
+ sorcery_reload!([:external])
17
+ sorcery_controller_property_set(:external_providers, [:facebook])
18
+ sorcery_controller_oauth_property_set(:facebook, :key, "eYVNBjBDi33aa9GkA3w")
19
+ sorcery_controller_oauth_property_set(:facebook, :secret, "XpbeSdCoaKSmQGSeokz5qcUATClRW5u08QWNfv71N8")
20
+ sorcery_controller_oauth_property_set(:facebook, :callback_url, "http://blabla.com")
21
+ end
22
+
23
+ after(:all) do
24
+ ActiveRecord::Migrator.rollback("#{Rails.root}/db/migrate/external")
25
+ end
26
+ # ----------------- OAuth -----------------------
27
+ describe ApplicationController, "with OAuth features" do
28
+
29
+ before(:each) do
30
+ stub_all_oauth2_requests!
31
+ end
32
+
33
+ after(:each) do
34
+ User.delete_all
35
+ Authentication.delete_all
36
+ end
37
+
38
+ it "login_at redirects correctly" do
39
+ create_new_user
40
+ get :login_at_test2
41
+ response.should be_a_redirect
42
+ response.should redirect_to("http://myapi.com/oauth/authorize?client_id=key&redirect_uri=http%3A%2F%2Fblabla.com&scope=email%2Coffline_access&type=web_server")
43
+ end
44
+
45
+ it "'login_from' logins if user exists" do
46
+ sorcery_model_property_set(:authentications_class, Authentication)
47
+ create_new_external_user(:facebook)
48
+ get :test_login_from2
49
+ flash[:notice].should == "Success!"
50
+ end
51
+
52
+ it "'login_from' fails if user doesn't exist" do
53
+ sorcery_model_property_set(:authentications_class, Authentication)
54
+ create_new_user
55
+ get :test_login_from2
56
+ flash[:alert].should == "Failed!"
57
+ end
58
+ end
59
+
60
+ describe ApplicationController, "'create_from'" do
61
+ before(:each) do
62
+ stub_all_oauth2_requests!
63
+ User.delete_all
64
+ Authentication.delete_all
65
+ end
66
+
67
+ it "should create a new user" do
68
+ sorcery_model_property_set(:authentications_class, Authentication)
69
+ sorcery_controller_oauth_property_set(:facebook, :user_info_mapping, {:username => "name"})
70
+ lambda do
71
+ get :test_create_from_provider, :provider => "facebook"
72
+ end.should change(User, :count).by(1)
73
+ User.first.username.should == "Noam Ben Ari"
74
+ end
75
+
76
+ it "should support nested attributes" do
77
+ sorcery_model_property_set(:authentications_class, Authentication)
78
+ sorcery_controller_oauth_property_set(:facebook, :user_info_mapping, {:username => "hometown/name"})
79
+ lambda do
80
+ get :test_create_from_provider, :provider => "facebook"
81
+ end.should change(User, :count).by(1)
82
+ User.first.username.should == "Haifa, Israel"
83
+ end
84
+ end
85
+
86
+ describe ApplicationController, "OAuth with User Activation features" do
87
+ before(:all) do
88
+ ActiveRecord::Migrator.migrate("#{Rails.root}/db/migrate/activation")
89
+ sorcery_reload!([:user_activation,:external], :user_activation_mailer => ::SorceryMailer)
90
+ sorcery_controller_property_set(:external_providers, [:facebook])
91
+ sorcery_controller_oauth_property_set(:facebook, :key, "eYVNBjBDi33aa9GkA3w")
92
+ sorcery_controller_oauth_property_set(:facebook, :secret, "XpbeSdCoaKSmQGSeokz5qcUATClRW5u08QWNfv71N8")
93
+ sorcery_controller_oauth_property_set(:facebook, :callback_url, "http://blabla.com")
94
+ end
95
+
96
+ after(:all) do
97
+ ActiveRecord::Migrator.rollback("#{Rails.root}/db/migrate/activation")
98
+ end
99
+
100
+ after(:each) do
101
+ User.delete_all
102
+ end
103
+
104
+ it "should not send activation email to external users" do
105
+ old_size = ActionMailer::Base.deliveries.size
106
+ create_new_external_user(:facebook)
107
+ ActionMailer::Base.deliveries.size.should == old_size
108
+ end
109
+
110
+ it "should not send external users an activation success email" do
111
+ sorcery_model_property_set(:activation_success_email_method_name, nil)
112
+ create_new_external_user(:facebook)
113
+ old_size = ActionMailer::Base.deliveries.size
114
+ @user.activate!
115
+ ActionMailer::Base.deliveries.size.should == old_size
116
+ end
117
+ end
118
+
119
+ end
@@ -0,0 +1,122 @@
1
+ require File.expand_path(File.dirname(__FILE__) + '/spec_helper')
2
+ require 'ostruct'
3
+
4
+ def stub_all_oauth_requests!
5
+ @consumer = OAuth::Consumer.new("key","secret", :site => "http://myapi.com")
6
+ OAuth::Consumer.stub!(:new).and_return(@consumer)
7
+
8
+ @req_token = OAuth::RequestToken.new(@consumer)
9
+ @consumer.stub!(:get_request_token).and_return(@req_token)
10
+ @acc_token = OAuth::AccessToken.new(@consumer)
11
+ @req_token.stub!(:get_access_token).and_return(@acc_token)
12
+ session[:request_token] = @req_token.token
13
+ session[:request_token_secret] = @req_token.secret
14
+ OAuth::RequestToken.stub!(:new).and_return(@req_token)
15
+ response = OpenStruct.new()
16
+ response.body = {"following"=>false, "listed_count"=>0, "profile_link_color"=>"0084B4", "profile_image_url"=>"http://a1.twimg.com/profile_images/536178575/noamb_normal.jpg", "description"=>"Programmer/Heavy Metal Fan/New Father", "status"=>{"text"=>"coming soon to sorcery gem: twitter and facebook authentication support.", "truncated"=>false, "favorited"=>false, "source"=>"web", "geo"=>nil, "in_reply_to_screen_name"=>nil, "in_reply_to_user_id"=>nil, "in_reply_to_status_id_str"=>nil, "created_at"=>"Sun Mar 06 23:01:12 +0000 2011", "contributors"=>nil, "place"=>nil, "retweeted"=>false, "in_reply_to_status_id"=>nil, "in_reply_to_user_id_str"=>nil, "coordinates"=>nil, "retweet_count"=>0, "id"=>44533012284706816, "id_str"=>"44533012284706816"}, "show_all_inline_media"=>false, "geo_enabled"=>true, "profile_sidebar_border_color"=>"a8c7f7", "url"=>nil, "followers_count"=>10, "screen_name"=>"nbenari", "profile_use_background_image"=>true, "location"=>"Israel", "statuses_count"=>25, "profile_background_color"=>"022330", "lang"=>"en", "verified"=>false, "notifications"=>false, "profile_background_image_url"=>"http://a3.twimg.com/profile_background_images/104087198/04042010339.jpg", "favourites_count"=>5, "created_at"=>"Fri Nov 20 21:58:19 +0000 2009", "is_translator"=>false, "contributors_enabled"=>false, "protected"=>false, "follow_request_sent"=>false, "time_zone"=>"Greenland", "profile_text_color"=>"333333", "name"=>"Noam Ben Ari", "friends_count"=>10, "profile_sidebar_fill_color"=>"C0DFEC", "id"=>123, "id_str"=>"91434812", "profile_background_tile"=>false, "utc_offset"=>-10800}.to_json
17
+ @acc_token.stub!(:get).and_return(response)
18
+ end
19
+
20
+ describe ApplicationController do
21
+ before(:all) do
22
+ ActiveRecord::Migrator.migrate("#{Rails.root}/db/migrate/external")
23
+ sorcery_reload!([:external])
24
+ sorcery_controller_property_set(:external_providers, [:twitter])
25
+ sorcery_controller_oauth_property_set(:twitter, :key, "eYVNBjBDi33aa9GkA3w")
26
+ sorcery_controller_oauth_property_set(:twitter, :secret, "XpbeSdCoaKSmQGSeokz5qcUATClRW5u08QWNfv71N8")
27
+ sorcery_controller_oauth_property_set(:twitter, :callback_url, "http://blabla.com")
28
+ end
29
+
30
+ after(:all) do
31
+ ActiveRecord::Migrator.rollback("#{Rails.root}/db/migrate/external")
32
+ end
33
+ # ----------------- OAuth -----------------------
34
+ describe ApplicationController, "'login_from'" do
35
+
36
+ before(:each) do
37
+ stub_all_oauth_requests!
38
+ end
39
+
40
+ after(:each) do
41
+ User.delete_all
42
+ Authentication.delete_all
43
+ end
44
+
45
+ it "login_at redirects correctly" do
46
+ create_new_user
47
+ get :login_at_test
48
+ response.should be_a_redirect
49
+ response.should redirect_to("http://myapi.com/oauth/authorize?oauth_callback=http%3A%2F%2Fblabla.com&oauth_token=")
50
+ end
51
+
52
+ it "logins if user exists" do
53
+ sorcery_model_property_set(:authentications_class, Authentication)
54
+ create_new_external_user(:twitter)
55
+ get :test_login_from, :oauth_verifier => "blablaRERASDFcxvSDFA"
56
+ flash[:notice].should == "Success!"
57
+ end
58
+
59
+ it "'login_from' fails if user doesn't exist" do
60
+ sorcery_model_property_set(:authentications_class, Authentication)
61
+ create_new_user
62
+ get :test_login_from, :oauth_verifier => "blablaRERASDFcxvSDFA"
63
+ flash[:alert].should == "Failed!"
64
+ end
65
+ end
66
+
67
+ describe ApplicationController, "'create_from'" do
68
+ before(:each) do
69
+ stub_all_oauth_requests!
70
+ User.delete_all
71
+ Authentication.delete_all
72
+ end
73
+
74
+ it "should create a new user" do
75
+ sorcery_model_property_set(:authentications_class, Authentication)
76
+ sorcery_controller_oauth_property_set(:twitter, :user_info_mapping, {:username => "screen_name"})
77
+ lambda do
78
+ get :test_create_from_provider, :provider => "twitter"
79
+ end.should change(User, :count).by(1)
80
+ User.first.username.should == "nbenari"
81
+ end
82
+
83
+ it "should support nested attributes" do
84
+ sorcery_model_property_set(:authentications_class, Authentication)
85
+ sorcery_controller_oauth_property_set(:twitter, :user_info_mapping, {:username => "status/text"})
86
+ lambda do
87
+ get :test_create_from_provider, :provider => "twitter"
88
+ end.should change(User, :count).by(1)
89
+ User.first.username.should == "coming soon to sorcery gem: twitter and facebook authentication support."
90
+ end
91
+ end
92
+
93
+ describe ApplicationController, "OAuth with User Activation features" do
94
+ before(:all) do
95
+ ActiveRecord::Migrator.migrate("#{Rails.root}/db/migrate/activation")
96
+ sorcery_reload!([:user_activation,:external], :user_activation_mailer => ::SorceryMailer)
97
+ end
98
+
99
+ after(:all) do
100
+ ActiveRecord::Migrator.rollback("#{Rails.root}/db/migrate/activation")
101
+ end
102
+
103
+ after(:each) do
104
+ User.delete_all
105
+ Authentication.delete_all
106
+ end
107
+
108
+ it "should not send activation email to external users" do
109
+ old_size = ActionMailer::Base.deliveries.size
110
+ create_new_external_user(:twitter)
111
+ ActionMailer::Base.deliveries.size.should == old_size
112
+ end
113
+
114
+ it "should not send external users an activation success email" do
115
+ sorcery_model_property_set(:activation_success_email_method_name, nil)
116
+ create_new_external_user(:twitter)
117
+ old_size = ActionMailer::Base.deliveries.size
118
+ @user.activate!
119
+ ActionMailer::Base.deliveries.size.should == old_size
120
+ end
121
+ end
122
+ end
@@ -6,7 +6,7 @@ describe ApplicationController do
6
6
  describe ApplicationController, "with remember me features" do
7
7
  before(:all) do
8
8
  ActiveRecord::Migrator.migrate("#{Rails.root}/db/migrate/remember_me")
9
- plugin_model_configure([:remember_me])
9
+ sorcery_reload!([:remember_me])
10
10
  end
11
11
 
12
12
  before(:each) do
@@ -25,7 +25,7 @@ describe ApplicationController do
25
25
 
26
26
  it "should set cookie on remember_me!" do
27
27
  post :test_login_with_remember, :username => 'gizmo', :password => 'secret'
28
- cookies["remember_me_token"].should == assigns[:logged_in_user].remember_me_token
28
+ cookies["remember_me_token"].should == assigns[:current_user].remember_me_token
29
29
  end
30
30
 
31
31
  it "should clear cookie on forget_me!" do
@@ -50,11 +50,11 @@ describe ApplicationController do
50
50
  session[:user_id] = @user.id
51
51
  subject.remember_me!
52
52
  subject.instance_eval do
53
- @logged_in_user = nil
53
+ @current_user = nil
54
54
  end
55
55
  session[:user_id] = nil
56
56
  get :test_login_from_cookie
57
- assigns[:logged_in_user].should == @user
57
+ assigns[:current_user].should == @user
58
58
  end
59
59
 
60
60
  it "should not remember_me! when not asked to" do