sorcery 0.15.0 → 0.17.0

data/lib/generators/sorcery/templates/migration/core.rb

@@ -1,13 +1,11 @@
 class SorceryCore < <%= migration_class_name %>
   def change
-    create_table :<%= model_class_name.tableize %> do |t|
-      t.string :email,            null: false
+    create_table :<%= tableized_model_class %> do |t|
+      t.string :email,            null: false, index: { unique: true }
       t.string :crypted_password
       t.string :salt
 
       t.timestamps                null: false
     end
-
-    add_index :<%= model_class_name.tableize %>, :email, unique: true
   end
 end

data/lib/generators/sorcery/templates/migration/external.rb

@@ -1,7 +1,7 @@
 class SorceryExternal < <%= migration_class_name %>
   def change
     create_table :authentications do |t|
-      t.integer :<%= model_class_name.tableize.singularize %>_id, null: false
+      t.integer :<%= tableized_model_class.singularize %>_id, null: false
       t.string :provider, :uid, null: false
 
       t.timestamps              null: false

data/lib/generators/sorcery/templates/migration/magic_login.rb

@@ -1,9 +1,9 @@
 class SorceryMagicLogin < <%= migration_class_name %>
   def change
-    add_column :<%= model_class_name.tableize %>, :magic_login_token, :string, default: nil
-    add_column :<%= model_class_name.tableize %>, :magic_login_token_expires_at, :datetime, default: nil
-    add_column :<%= model_class_name.tableize %>, :magic_login_email_sent_at, :datetime, default: nil
+    add_column :<%= tableized_model_class %>, :magic_login_token, :string, default: nil
+    add_column :<%= tableized_model_class %>, :magic_login_token_expires_at, :datetime, default: nil
+    add_column :<%= tableized_model_class %>, :magic_login_email_sent_at, :datetime, default: nil
 
-    add_index :<%= model_class_name.tableize %>, :magic_login_token
+    add_index :<%= tableized_model_class %>, :magic_login_token
   end
 end

data/lib/generators/sorcery/templates/migration/remember_me.rb

@@ -1,8 +1,8 @@
 class SorceryRememberMe < <%= migration_class_name %>
   def change
-    add_column :<%= model_class_name.tableize %>, :remember_me_token, :string, default: nil
-    add_column :<%= model_class_name.tableize %>, :remember_me_token_expires_at, :datetime, default: nil
+    add_column :<%= tableized_model_class %>, :remember_me_token, :string, default: nil
+    add_column :<%= tableized_model_class %>, :remember_me_token_expires_at, :datetime, default: nil
 
-    add_index :<%= model_class_name.tableize %>, :remember_me_token
+    add_index :<%= tableized_model_class %>, :remember_me_token
   end
 end

data/lib/generators/sorcery/templates/migration/reset_password.rb

@@ -1,10 +1,10 @@
 class SorceryResetPassword < <%= migration_class_name %>
   def change
-    add_column :<%= model_class_name.tableize %>, :reset_password_token, :string, default: nil
-    add_column :<%= model_class_name.tableize %>, :reset_password_token_expires_at, :datetime, default: nil
-    add_column :<%= model_class_name.tableize %>, :reset_password_email_sent_at, :datetime, default: nil
-    add_column :<%= model_class_name.tableize %>, :access_count_to_reset_password_page, :integer, default: 0
+    add_column :<%= tableized_model_class %>, :reset_password_token, :string, default: nil
+    add_column :<%= tableized_model_class %>, :reset_password_token_expires_at, :datetime, default: nil
+    add_column :<%= tableized_model_class %>, :reset_password_email_sent_at, :datetime, default: nil
+    add_column :<%= tableized_model_class %>, :access_count_to_reset_password_page, :integer, default: 0
 
-    add_index :<%= model_class_name.tableize %>, :reset_password_token
+    add_index :<%= tableized_model_class %>, :reset_password_token
   end
 end

data/lib/generators/sorcery/templates/migration/user_activation.rb

@@ -1,9 +1,9 @@
 class SorceryUserActivation < <%= migration_class_name %>
   def change
-    add_column :<%= model_class_name.tableize %>, :activation_state, :string, default: nil
-    add_column :<%= model_class_name.tableize %>, :activation_token, :string, default: nil
-    add_column :<%= model_class_name.tableize %>, :activation_token_expires_at, :datetime, default: nil
+    add_column :<%= tableized_model_class %>, :activation_state, :string, default: nil
+    add_column :<%= tableized_model_class %>, :activation_token, :string, default: nil
+    add_column :<%= tableized_model_class %>, :activation_token_expires_at, :datetime, default: nil
 
-    add_index :<%= model_class_name.tableize %>, :activation_token
+    add_index :<%= tableized_model_class %>, :activation_token
   end
 end

data/lib/sorcery/adapters/active_record_adapter.rb

@@ -12,7 +12,7 @@ module Sorcery
 
       def save(options = {})
         mthd = options.delete(:raise_on_failure) ? :save! : :save
-        @model.send(mthd, options)
+        @model.send(mthd, **options)
       end
 
       def increment(field)
@@ -35,7 +35,7 @@ module Sorcery
         end
 
         def define_callback(time, event, method_name, options = {})
-          @klass.send "#{time}_#{event}", method_name, options.slice(:if, :on)
+          @klass.send "#{time}_#{event}", method_name, **options.slice(:if, :on)
         end
 
         def find_by_oauth_credentials(provider, uid)

data/lib/sorcery/adapters/mongoid_adapter.rb

@@ -32,7 +32,7 @@ module Sorcery
         end
 
         def define_callback(time, event, method_name, options = {})
-          @klass.send callback_name(time, event, options), method_name, options.slice(:if)
+          @klass.send callback_name(time, event, options), method_name, **options.slice(:if)
         end
 
         def callback_name(time, event, options)

data/lib/sorcery/controller/config.rb

@@ -25,12 +25,12 @@ module Sorcery
             :@user_class                           => nil,
             :@submodules                           => [],
             :@not_authenticated_action             => :not_authenticated,
-            :@login_sources                        => [],
-            :@after_login                          => [],
-            :@after_failed_login                   => [],
-            :@before_logout                        => [],
-            :@after_logout                         => [],
-            :@after_remember_me                    => [],
+            :@login_sources                        => Set.new,
+            :@after_login                          => Set.new,
+            :@after_failed_login                   => Set.new,
+            :@before_logout                        => Set.new,
+            :@after_logout                         => Set.new,
+            :@after_remember_me                    => Set.new,
             :@save_return_to_url                   => true,
             :@cookie_domain                        => nil
           }

data/lib/sorcery/controller/submodules/activity_logging.rb

@@ -30,16 +30,11 @@ module Sorcery
             end
             merge_activity_logging_defaults!
           end
-          # FIXME: There is likely a more elegant way to safeguard these callbacks.
-          unless Config.after_login.include?(:register_login_time_to_db)
-            Config.after_login << :register_login_time_to_db
-          end
-          unless Config.after_login.include?(:register_last_ip_address)
-            Config.after_login << :register_last_ip_address
-          end
-          unless Config.before_logout.include?(:register_logout_time_to_db)
-            Config.before_logout << :register_logout_time_to_db
-          end
+
+          Config.after_login << :register_login_time_to_db
+          Config.after_login << :register_last_ip_address
+          Config.before_logout << :register_logout_time_to_db
+
           base.after_action :register_last_activity_time_to_db
         end
 

data/lib/sorcery/controller/submodules/brute_force_protection.rb

@@ -10,13 +10,9 @@ module Sorcery
       module BruteForceProtection
         def self.included(base)
           base.send(:include, InstanceMethods)
-          # FIXME: There is likely a more elegant way to safeguard these callbacks.
-          unless Config.after_login.include?(:reset_failed_logins_count!)
-            Config.after_login << :reset_failed_logins_count!
-          end
-          unless Config.after_failed_login.include?(:update_failed_logins_count!)
-            Config.after_failed_login << :update_failed_logins_count!
-          end
+
+          Config.after_login << :reset_failed_logins_count!
+          Config.after_failed_login << :update_failed_logins_count!
         end
 
         module InstanceMethods

data/lib/sorcery/controller/submodules/external.rb

@@ -27,6 +27,7 @@ module Sorcery
           require 'sorcery/providers/auth0'
           require 'sorcery/providers/line'
           require 'sorcery/providers/discord'
+          require 'sorcery/providers/battlenet'
 
           Config.module_eval do
             class << self
@@ -39,7 +40,7 @@ module Sorcery
                 providers.each do |name|
                   class_eval <<-RUBY, __FILE__, __LINE__ + 1
                     def self.#{name}
-                      @#{name} ||= Sorcery::Providers.const_get('#{name}'.to_s.classify).new
+                      @#{name} ||= Sorcery::Providers.const_get('#{name}'.to_s.camelcase).new
                     end
                   RUBY
                 end
@@ -117,7 +118,7 @@ module Sorcery
           # sends user to authenticate at the provider's website.
           # after authentication the user is redirected to the callback defined in the provider config
           def login_at(provider_name, args = {})
-            redirect_to sorcery_login_url(provider_name, args)
+            redirect_to sorcery_login_url(provider_name, args), allow_other_host: true
           end
 
           # tries to login the user from provider's callback

data/lib/sorcery/controller/submodules/http_basic_auth.rb

@@ -19,10 +19,8 @@ module Sorcery
             end
             merge_http_basic_auth_defaults!
           end
-          # FIXME: There is likely a more elegant way to safeguard these callbacks.
-          unless Config.login_sources.include?(:login_from_basic_auth)
-            Config.login_sources << :login_from_basic_auth
-          end
+
+          Config.login_sources << :login_from_basic_auth
         end
 
         module InstanceMethods

data/lib/sorcery/controller/submodules/remember_me.rb

@@ -17,13 +17,9 @@ module Sorcery
             end
             merge_remember_me_defaults!
           end
-          # FIXME: There is likely a more elegant way to safeguard these callbacks.
-          unless Config.login_sources.include?(:login_from_cookie)
-            Config.login_sources << :login_from_cookie
-          end
-          unless Config.before_logout.include?(:forget_me!)
-            Config.before_logout << :forget_me!
-          end
+
+          Config.login_sources << :login_from_cookie
+          Config.before_logout << :forget_me!
         end
 
         module InstanceMethods

data/lib/sorcery/controller/submodules/session_timeout.rb

@@ -23,13 +23,10 @@ module Sorcery
             end
             merge_session_timeout_defaults!
           end
-          # FIXME: There is likely a more elegant way to safeguard these callbacks.
-          unless Config.after_login.include?(:register_login_time)
-            Config.after_login << :register_login_time
-          end
-          unless Config.after_remember_me.include?(:register_login_time)
-            Config.after_remember_me << :register_login_time
-          end
+
+          Config.after_login << :register_login_time
+          Config.after_remember_me << :register_login_time
+
           base.prepend_before_action :validate_session
         end
 

data/lib/sorcery/controller.rb

@@ -165,7 +165,7 @@ module Sorcery
       def user_class
         @user_class ||= Config.user_class.to_s.constantize
       rescue NameError
-        raise ArgumentError, 'You have incorrectly defined user_class or have forgotten to define it in intitializer file (config.user_class = \'User\').'
+        raise ArgumentError, 'You have incorrectly defined user_class or have forgotten to define it in the initializer file (config.user_class = \'User\').'
       end
     end
   end

data/lib/sorcery/model/submodules/reset_password.rb

@@ -131,6 +131,8 @@ module Sorcery
           end
 
           def change_password!(new_password)
+            raise ArgumentError, 'Blank password passed to change_password!' if new_password.blank?
+
             change_password(new_password, raise_on_failure: true)
           end
 

data/lib/sorcery/model.rb

@@ -131,6 +131,14 @@ module Sorcery
         @sorcery_config.encryption_provider.encrypt(*tokens)
       end
 
+      # FIXME: This method of passing config to the hashing provider is
+      #        questionable, and has been refactored in Sorcery v1.
+      def set_encryption_attributes
+        @sorcery_config.encryption_provider.stretches = @sorcery_config.stretches if @sorcery_config.encryption_provider.respond_to?(:stretches) && @sorcery_config.stretches
+        @sorcery_config.encryption_provider.join_token = @sorcery_config.salt_join_token if @sorcery_config.encryption_provider.respond_to?(:join_token) && @sorcery_config.salt_join_token
+        @sorcery_config.encryption_provider.pepper = @sorcery_config.pepper if @sorcery_config.encryption_provider.respond_to?(:pepper) && @sorcery_config.pepper
+      end
+
       protected
 
       def authentication_response(options = {})
@@ -139,12 +147,6 @@ module Sorcery
         options[:return_value]
       end
 
-      def set_encryption_attributes
-        @sorcery_config.encryption_provider.stretches = @sorcery_config.stretches if @sorcery_config.encryption_provider.respond_to?(:stretches) && @sorcery_config.stretches
-        @sorcery_config.encryption_provider.join_token = @sorcery_config.salt_join_token if @sorcery_config.encryption_provider.respond_to?(:join_token) && @sorcery_config.salt_join_token
-        @sorcery_config.encryption_provider.pepper = @sorcery_config.pepper if @sorcery_config.encryption_provider.respond_to?(:pepper) && @sorcery_config.pepper
-      end
-
       def add_config_inheritance
         class_eval do
           def self.inherited(subclass)
@@ -177,6 +179,9 @@ module Sorcery
         crypted = send(sorcery_config.crypted_password_attribute_name)
         return crypted == pass if sorcery_config.encryption_provider.nil?
 
+        # Ensure encryption provider is using configured values
+        self.class.set_encryption_attributes
+
         salt = send(sorcery_config.salt_attribute_name) unless sorcery_config.salt_attribute_name.nil?
 
         sorcery_config.encryption_provider.matches?(crypted, pass, salt)

data/lib/sorcery/protocols/oauth2.rb

@@ -32,6 +32,7 @@ module Sorcery
       def build_client(options = {})
         defaults = {
           site: @site,
+          auth_scheme: :request_body,
           ssl: { ca_file: Sorcery::Controller::Config.ca_file }
         }
         ::OAuth2::Client.new(

data/lib/sorcery/providers/battlenet.rb

@@ -0,0 +1,51 @@
+module Sorcery
+  module Providers
+    # This class adds support for OAuth with BattleNet
+
+    class Battlenet < Base
+      include Protocols::Oauth2
+
+      attr_accessor :auth_path, :scope, :token_url, :user_info_path
+
+      def initialize
+        super
+
+        @scope          = 'openid'
+        @site           = 'https://eu.battle.net/'
+        @auth_path      = '/oauth/authorize'
+        @token_url      = '/oauth/token'
+        @user_info_path = '/oauth/userinfo'
+        @state          = SecureRandom.hex(16)
+      end
+
+      def get_user_hash(access_token)
+        response = access_token.get(user_info_path)
+        body = JSON.parse(response.body)
+        auth_hash(access_token).tap do |h|
+          h[:user_info] = body
+          h[:battletag] = body['battletag']
+          h[:uid] = body['id']
+        end
+      end
+
+      # calculates and returns the url to which the user should be redirected,
+      # to get authenticated at the external provider's site.
+      def login_url(_params, _session)
+        authorize_url(authorize_url: auth_path)
+      end
+
+      # tries to login the user from access token
+      def process_callback(params, _session)
+        args = { code: params[:code] }
+        get_access_token(
+          args,
+          token_url: token_url,
+          client_id: @key,
+          client_secret: @secret,
+          grant_type: 'authorization_code',
+          token_method: :post
+        )
+      end
+    end
+  end
+end

data/lib/sorcery/providers/line.rb

@@ -9,15 +9,16 @@ module Sorcery
     class Line < Base
       include Protocols::Oauth2
 
-      attr_accessor :token_url, :user_info_path, :auth_path
+      attr_accessor :token_url, :user_info_path, :auth_path, :scope, :bot_prompt
 
       def initialize
         super
 
         @site           = 'https://access.line.me'
         @user_info_path = 'https://api.line.me/v2/profile'
-        @token_url      = 'https://api.line.me/v2/oauth/accessToken'
-        @auth_path      = 'dialog/oauth/weblogin'
+        @token_url      = 'https://api.line.me/oauth2/v2.1/token'
+        @auth_path      = 'oauth2/v2.1/authorize'
+        @scope          = 'profile'
       end
 
       def get_user_hash(access_token)
@@ -34,13 +35,28 @@ module Sorcery
         @state = SecureRandom.hex(16)
         authorize_url(authorize_url: auth_path)
       end
+
+      # overrides oauth2#authorize_url to add bot_prompt query.
+      def authorize_url(options = {})
+        options.merge!({
+          connection_opts: { params: { bot_prompt: bot_prompt } }
+        }) if bot_prompt.present?
+
+        super(options)
+      end
+
       # tries to login the user from access token
       def process_callback(params, _session)
         args = {}.tap do |a|
           a[:code] = params[:code] if params[:code]
         end
 
-        get_access_token(args, token_url: token_url, token_method: :post)
+        get_access_token(
+          args,
+          token_url: token_url,
+          token_method: :post,
+          grant_type: 'authorization_code'
+        )
       end
     end
   end

data/lib/sorcery/providers/slack.rb

@@ -18,7 +18,7 @@ module Sorcery
       end
 
       def get_user_hash(access_token)
-        response = access_token.get(user_info_path, params: { token: access_token.token })
+        response = access_token.get(user_info_path)
         auth_hash(access_token).tap do |h|
           h[:user_info] = JSON.parse(response.body)
           h[:user_info]['email'] = h[:user_info]['user']['email']

data/lib/sorcery/version.rb

@@ -1,3 +1,3 @@
 module Sorcery
-  VERSION = '0.15.0'.freeze
+  VERSION = '0.17.0'.freeze
 end

data/sorcery.gemspec

@@ -14,8 +14,7 @@ Gem::Specification.new do |s|
     'Josh Buker'
   ]
   s.email = [
-    'chase.gilliam@gmail.com',
-    'contact@joshbuker.com'
+    'crypto@joshbuker.com'
   ]
 
   # TODO: Cleanup formatting.
@@ -35,11 +34,11 @@ Gem::Specification.new do |s|
   s.required_ruby_version = '>= 2.4.9'
 
   s.add_dependency 'bcrypt', '~> 3.1'
-  s.add_dependency 'oauth', '~> 0.4', '>= 0.4.4'
-  s.add_dependency 'oauth2', '~> 1.0', '>= 0.8.0'
+  s.add_dependency 'oauth', '>= 0.6'
+  s.add_dependency 'oauth2', '~> 2.0'
 
   s.add_development_dependency 'byebug', '~> 10.0.0'
-  s.add_development_dependency 'rspec-rails', '~> 3.7.0'
+  s.add_development_dependency 'rspec-rails'
   s.add_development_dependency 'rubocop'
   s.add_development_dependency 'simplecov', '>= 0.3.8'
   s.add_development_dependency 'test-unit', '~> 3.2.0'

data/spec/controllers/controller_oauth2_spec.rb

@@ -32,14 +32,14 @@ describe SorceryController, active_record: true, type: :controller do
       sorcery_model_property_set(:authentications_class, Authentication)
       sorcery_controller_external_property_set(:facebook, :user_info_mapping, username: 'name')
 
-      expect(User).to receive(:create_from_provider).with('facebook', '123', username: 'Noam Ben Ari')
+      expect(User).to receive(:create_from_provider).with('facebook', '123', { username: 'Noam Ben Ari' })
       get :test_create_from_provider, params: { provider: 'facebook' }
     end
 
     it 'supports nested attributes' do
       sorcery_model_property_set(:authentications_class, Authentication)
       sorcery_controller_external_property_set(:facebook, :user_info_mapping, username: 'hometown/name')
-      expect(User).to receive(:create_from_provider).with('facebook', '123', username: 'Haifa, Israel')
+      expect(User).to receive(:create_from_provider).with('facebook', '123', { username: 'Haifa, Israel' })
 
       get :test_create_from_provider, params: { provider: 'facebook' }
     end
@@ -48,7 +48,7 @@ describe SorceryController, active_record: true, type: :controller do
       sorcery_model_property_set(:authentications_class, Authentication)
       sorcery_controller_external_property_set(:facebook, :user_info_mapping, username: 'name', created_at: 'does/not/exist')
 
-      expect(User).to receive(:create_from_provider).with('facebook', '123', username: 'Noam Ben Ari')
+      expect(User).to receive(:create_from_provider).with('facebook', '123', { username: 'Noam Ben Ari' })
 
       get :test_create_from_provider, params: { provider: 'facebook' }
     end
@@ -59,7 +59,7 @@ describe SorceryController, active_record: true, type: :controller do
         sorcery_controller_external_property_set(:facebook, :user_info_mapping, username: 'name')
 
         u = double('user')
-        expect(User).to receive(:create_from_provider).with('facebook', '123', username: 'Noam Ben Ari').and_return(u).and_yield(u)
+        expect(User).to receive(:create_from_provider).with('facebook', '123', { username: 'Noam Ben Ari' }).and_return(u).and_yield(u)
         # test_create_from_provider_with_block in controller will check for uniqueness of username
         get :test_create_from_provider_with_block, params: { provider: 'facebook' }
       end
@@ -116,12 +116,21 @@ describe SorceryController, active_record: true, type: :controller do
     end
 
     context 'when callback_url begin with http://' do
+      before do
+        sorcery_controller_external_property_set(:facebook, :callback_url, '/oauth/twitter/callback')
+        sorcery_controller_external_property_set(:facebook, :api_version, 'v2.2')
+      end
+
       it 'login_at redirects correctly' do
         create_new_user
         get :login_at_test_facebook
         expect(response).to be_a_redirect
         expect(response).to redirect_to("https://www.facebook.com/v2.2/dialog/oauth?client_id=#{::Sorcery::Controller::Config.facebook.key}&display=page&redirect_uri=http%3A%2F%2Ftest.host%2Foauth%2Ftwitter%2Fcallback&response_type=code&scope=email&state")
       end
+
+      after do
+        sorcery_controller_external_property_set(:facebook, :callback_url, 'http://blabla.com')
+      end
     end
 
     it "'login_from' logins if user exists" do
@@ -155,7 +164,7 @@ describe SorceryController, active_record: true, type: :controller do
       expect(flash[:notice]).to eq 'Success!'
     end
 
-    %i[github google liveid vk salesforce paypal slack wechat microsoft instagram auth0 discord].each do |provider|
+    %i[github google liveid vk salesforce paypal slack wechat microsoft instagram auth0 discord battlenet].each do |provider|
       describe "with #{provider}" do
         it 'login_at redirects correctly' do
           get :"login_at_test_#{provider}"
@@ -218,6 +227,7 @@ describe SorceryController, active_record: true, type: :controller do
           auth0
           line
           discord
+          battlenet
         ]
       )
 
@@ -265,6 +275,9 @@ describe SorceryController, active_record: true, type: :controller do
       sorcery_controller_external_property_set(:discord, :key, 'eYVNBjBDi33aa9GkA3w')
       sorcery_controller_external_property_set(:discord, :secret, 'XpbeSdCoaKSmQGSeokz5qcUATClRW5u08QWNfv71N8')
       sorcery_controller_external_property_set(:discord, :callback_url, 'http://blabla.com')
+      sorcery_controller_external_property_set(:battlenet, :key, '4c43d4862c774ca5bbde89873bf0d338')
+      sorcery_controller_external_property_set(:battlenet, :secret, 'TxY7IwKOykACd8kUxPyVGTqBs44UBDdX')
+      sorcery_controller_external_property_set(:battlenet, :callback_url, 'http://blabla.com')
     end
 
     after(:each) do
@@ -287,7 +300,7 @@ describe SorceryController, active_record: true, type: :controller do
       expect(ActionMailer::Base.deliveries.size).to eq old_size
     end
 
-    %i[github google liveid vk salesforce paypal wechat microsoft instagram auth0 discord].each do |provider|
+    %i[github google liveid vk salesforce paypal wechat microsoft instagram auth0 discord battlenet].each do |provider|
       it "does not send activation email to external users (#{provider})" do
         old_size = ActionMailer::Base.deliveries.size
         create_new_external_user provider
@@ -311,7 +324,7 @@ describe SorceryController, active_record: true, type: :controller do
       sorcery_reload!(%i[activity_logging external])
     end
 
-    %w[facebook github google liveid vk salesforce slack discord].each do |provider|
+    %w[facebook github google liveid vk salesforce slack discord battlenet].each do |provider|
       context "when #{provider}" do
         before(:each) do
           sorcery_controller_property_set(:register_login_time, true)
@@ -350,7 +363,7 @@ describe SorceryController, active_record: true, type: :controller do
 
     let(:user) { double('user', id: 42) }
 
-    %w[facebook github google liveid vk salesforce slack discord].each do |provider|
+    %w[facebook github google liveid vk salesforce slack discord battlenet].each do |provider|
       context "when #{provider}" do
         before(:each) do
           sorcery_model_property_set(:authentications_class, Authentication)
@@ -484,6 +497,7 @@ describe SorceryController, active_record: true, type: :controller do
         auth0
         line
         discord
+        battlenet
       ]
     )
     sorcery_controller_external_property_set(:facebook, :key, 'eYVNBjBDi33aa9GkA3w')
@@ -529,6 +543,9 @@ describe SorceryController, active_record: true, type: :controller do
     sorcery_controller_external_property_set(:discord, :key, 'eYVNBjBDi33aa9GkA3w')
     sorcery_controller_external_property_set(:discord, :secret, 'XpbeSdCoaKSmQGSeokz5qcUATClRW5u08QWNfv71N8')
     sorcery_controller_external_property_set(:discord, :callback_url, 'http://blabla.com')
+    sorcery_controller_external_property_set(:battlenet, :key, '4c43d4862c774ca5bbde89873bf0d338')
+    sorcery_controller_external_property_set(:battlenet, :secret, 'TxY7IwKOykACd8kUxPyVGTqBs44UBDdX')
+    sorcery_controller_external_property_set(:battlenet, :callback_url, 'http://blabla.com')
   end
 
   def provider_url(provider)
@@ -544,7 +561,8 @@ describe SorceryController, active_record: true, type: :controller do
       microsoft: "https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=#{::Sorcery::Controller::Config.microsoft.key}&display&redirect_uri=http%3A%2F%2Fblabla.com&response_type=code&scope=openid+email+https%3A%2F%2Fgraph.microsoft.com%2FUser.Read&state",
       instagram: "https://api.instagram.com/oauth/authorize?client_id=#{::Sorcery::Controller::Config.instagram.key}&display&redirect_uri=http%3A%2F%2Fblabla.com&response_type=code&scope=#{::Sorcery::Controller::Config.instagram.scope}&state",
       auth0: "https://sorcery-test.auth0.com/authorize?client_id=#{::Sorcery::Controller::Config.auth0.key}&display&redirect_uri=http%3A%2F%2Fblabla.com&response_type=code&scope=openid+profile+email&state",
-      discord: "https://discordapp.com/api/oauth2/authorize?client_id=#{::Sorcery::Controller::Config.discord.key}&display&redirect_uri=http%3A%2F%2Fblabla.com&response_type=code&scope=identify&state"
+      discord: "https://discordapp.com/api/oauth2/authorize?client_id=#{::Sorcery::Controller::Config.discord.key}&display&redirect_uri=http%3A%2F%2Fblabla.com&response_type=code&scope=identify&state",
+      battlenet: "https://eu.battle.net/oauth/authorize?client_id=#{::Sorcery::Controller::Config.battlenet.key}&display&redirect_uri=http%3A%2F%2Fblabla.com&response_type=code&scope=openid&state"
     }[provider]
   end
 end