sorcery 0.15.0 → 0.17.0

data/spec/controllers/controller_oauth_spec.rb

@@ -84,11 +84,17 @@ describe SorceryController, type: :controller do
     end
 
     context 'when callback_url begin with http://' do
+      before do
+        sorcery_controller_external_property_set(:twitter, :callback_url, '/oauth/twitter/callback')
+      end
       it 'login_at redirects correctly', pending: true do
         get :login_at_test
         expect(response).to be_a_redirect
         expect(response).to redirect_to('http://myapi.com/oauth/authorize?oauth_callback=http%3A%2F%2Fblabla.com&oauth_token=')
       end
+      after do
+        sorcery_controller_external_property_set(:twitter, :callback_url, 'http://blabla.com')
+      end
     end
 
     it 'logins if user exists' do
@@ -130,7 +136,7 @@ describe SorceryController, type: :controller do
       it 'creates a new user' do
         sorcery_controller_external_property_set(:twitter, :user_info_mapping, username: 'screen_name')
         expect(User).to receive(:load_from_provider).with('twitter', '123').and_return(nil)
-        expect(User).to receive(:create_from_provider).with('twitter', '123', username: 'nbenari').and_return(user)
+        expect(User).to receive(:create_from_provider).with('twitter', '123', { username: 'nbenari' }).and_return(user)
 
         get :test_create_from_provider, params: { provider: 'twitter' }
       end
@@ -138,7 +144,7 @@ describe SorceryController, type: :controller do
       it 'supports nested attributes' do
         sorcery_controller_external_property_set(:twitter, :user_info_mapping, username: 'status/text')
         expect(User).to receive(:load_from_provider).with('twitter', '123').and_return(nil)
-        expect(User).to receive(:create_from_provider).with('twitter', '123', username: 'coming soon to sorcery gem: twitter and facebook authentication support.').and_return(user)
+        expect(User).to receive(:create_from_provider).with('twitter', '123', { username: 'coming soon to sorcery gem: twitter and facebook authentication support.' }).and_return(user)
 
         get :test_create_from_provider, params: { provider: 'twitter' }
       end
@@ -146,7 +152,7 @@ describe SorceryController, type: :controller do
       it 'does not crash on missing nested attributes' do
         sorcery_controller_external_property_set(:twitter, :user_info_mapping, username: 'status/text', created_at: 'does/not/exist')
         expect(User).to receive(:load_from_provider).with('twitter', '123').and_return(nil)
-        expect(User).to receive(:create_from_provider).with('twitter', '123', username: 'coming soon to sorcery gem: twitter and facebook authentication support.').and_return(user)
+        expect(User).to receive(:create_from_provider).with('twitter', '123', { username: 'coming soon to sorcery gem: twitter and facebook authentication support.' }).and_return(user)
 
         get :test_create_from_provider, params: { provider: 'twitter' }
       end
@@ -169,7 +175,7 @@ describe SorceryController, type: :controller do
 
           u = double('user')
           expect(User).to receive(:load_from_provider).with('twitter', '123').and_return(nil)
-          expect(User).to receive(:create_from_provider).with('twitter', '123', username: 'nbenari').and_return(u).and_yield(u)
+          expect(User).to receive(:create_from_provider).with('twitter', '123', { username: 'nbenari' }).and_return(u).and_yield(u)
 
           get :test_create_from_provider_with_block, params: { provider: 'twitter' }
         end

data/spec/controllers/controller_session_timeout_spec.rb

@@ -129,9 +129,11 @@ describe SorceryController, type: :controller do
     end
 
     context "with 'session_timeout_from_last_action'" do
+      before { create_new_user }
+      after { User.delete_all }
+
       it 'does not logout if there was activity' do
         sorcery_controller_property_set(:session_timeout_from_last_action, true)
-        expect(User).to receive(:authenticate).with('bla@bla.com', 'secret') { |&block| block.call(user, nil) }
 
         get :test_login, params: { email: 'bla@bla.com', password: 'secret' }
         Timecop.travel(Time.now.in_time_zone + 0.3)

data/spec/controllers/controller_spec.rb

@@ -64,7 +64,13 @@ describe SorceryController, type: :controller do
           expect(session[:user_id]).to eq user.id.to_s
         end
 
+        # NOTE: The lack of a CSRF token may mean that sessions will break
+        #       horribly for Sorcery when using Rails 7.1+. We shall see.
         it 'sets csrf token in session' do
+          if Gem::Version.new(Rails.version) >= Gem::Version.new('7.1')
+            pending 'Rails 7.1 is not including the csrf token in the session for unknown reasons'
+          end
+
           expect(session[:_csrf_token]).not_to be_nil
         end
       end

data/spec/providers/examples_spec.rb

@@ -0,0 +1,17 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+require 'sorcery/providers/base'
+
+describe Sorcery::Providers::Examples do
+  before(:all) do
+    sorcery_reload!([:external])
+    sorcery_controller_property_set(:external_providers, [:examples])
+  end
+
+  context 'fetching a plural custom provider' do
+    it 'returns the provider' do
+      expect(Sorcery::Controller::Config.examples).to be_a(Sorcery::Providers::Examples)
+    end
+  end
+end

data/spec/rails_app/app/controllers/application_controller.rb

@@ -0,0 +1,2 @@
+class ApplicationController < ActionController::Base
+end

data/spec/rails_app/app/controllers/sorcery_controller.rb

@@ -1,6 +1,6 @@
 require 'oauth'
 
-class SorceryController < ActionController::Base
+class SorceryController < ApplicationController
   protect_from_forgery
 
   before_action :require_login_from_http_basic, only: [:test_http_basic_auth]
@@ -170,6 +170,10 @@ class SorceryController < ActionController::Base
     login_at(:discord)
   end
 
+  def login_at_test_battlenet
+    login_at(:battlenet)
+  end
+
   def test_login_from_twitter
     if (@user = login_from(:twitter))
       redirect_to 'bla', notice: 'Success!'
@@ -300,6 +304,14 @@ class SorceryController < ActionController::Base
     end
   end
 
+  def test_login_from_battlenet
+    if (@user = login_from(:battlenet))
+      redirect_to 'bla', notice: 'Success!'
+    else
+      redirect_to 'blu', alert: 'Failed!'
+    end
+  end
+
   def test_return_to_with_external_twitter
     if (@user = login_from(:twitter))
       redirect_back_or_to 'bla', notice: 'Success!'
@@ -430,6 +442,14 @@ class SorceryController < ActionController::Base
     end
   end
 
+  def test_return_to_with_external_battlenet
+    if (@user = login_from(:battlenet))
+      redirect_back_or_to 'bla', notice: 'Success!'
+    else
+      redirect_to 'blu', alert: 'Failed!'
+    end
+  end
+
   def test_create_from_provider
     provider = params[:provider]
     login_from(provider)

data/spec/rails_app/config/routes.rb

@@ -35,6 +35,7 @@ AppRoot::Application.routes.draw do
     get :test_login_from_auth0
     get :test_login_from_line
     get :test_login_from_discord
+    get :test_login_from_battlenet
     get :login_at_test
     get :login_at_test_twitter
     get :login_at_test_facebook
@@ -52,6 +53,7 @@ AppRoot::Application.routes.draw do
     get :login_at_test_auth0
     get :login_at_test_line
     get :login_at_test_discord
+    get :login_at_test_battlenet
     get :test_return_to_with_external
     get :test_return_to_with_external_twitter
     get :test_return_to_with_external_facebook
@@ -69,6 +71,7 @@ AppRoot::Application.routes.draw do
     get :test_return_to_with_external_auth0
     get :test_return_to_with_external_line
     get :test_return_to_with_external_discord
+    get :test_return_to_with_external_battlenet
     get :test_http_basic_auth
     get :some_action_making_a_non_persisted_change_to_the_user
     post :test_login_with_remember

data/spec/shared_examples/user_reset_password_shared_examples.rb

@@ -328,6 +328,18 @@ shared_examples_for 'rails_3_reset_password_model' do
       expect(user.reset_password_token).to be_nil
     end
 
+    it 'when change_password! is called with empty argument, raise an exception' do
+      expect {
+        user.change_password!('')
+      }.to raise_error(ArgumentError, 'Blank password passed to change_password!')
+    end
+
+    it 'when change_password! is called with nil argument, raise an exception' do
+      expect {
+        user.change_password!(nil)
+      }.to raise_error(ArgumentError, 'Blank password passed to change_password!')
+    end
+
     it 'when change_password is called, deletes reset_password_token and calls #save' do
       new_password = 'blabulsdf'
 

data/spec/shared_examples/user_shared_examples.rb

@@ -511,7 +511,7 @@ shared_examples_for 'rails_3_core_model' do
 
       # password comparison is done using BCrypt::Password#==(raw_token), not String#==
       bcrypt_password = BCrypt::Password.new(user.crypted_password)
-      allow(::BCrypt::Password).to receive(:create) do |token, cost:|
+      allow(::BCrypt::Password).to receive(:create) do |token, options = {}|
         # need to use common BCrypt's salt when genarating BCrypt::Password objects
         # so that any generated password hashes can be compared each other
         ::BCrypt::Engine.hash_secret(token, bcrypt_password.salt)
@@ -535,7 +535,7 @@ shared_examples_for 'rails_3_core_model' do
 
       # password comparison is done using BCrypt::Password#==(raw_token), not String#==
       bcrypt_password = BCrypt::Password.new(user.crypted_password)
-      allow(::BCrypt::Password).to receive(:create) do |token, cost:|
+      allow(::BCrypt::Password).to receive(:create) do |token, options = {}|
         # need to use common BCrypt's salt when genarating BCrypt::Password objects
         # so that any generated password hashes can be compared each other
         ::BCrypt::Engine.hash_secret(token, bcrypt_password.salt)

data/spec/support/migration_helper.rb

@@ -1,7 +1,9 @@
 class MigrationHelper
   class << self
     def migrate(path)
-      if ActiveRecord.version >= Gem::Version.new('5.2.0')
+      if ActiveRecord.version >= Gem::Version.new('6.0.0')
+        ActiveRecord::MigrationContext.new(path, schema_migration).migrate
+      elsif ActiveRecord.version >= Gem::Version.new('5.2.0')
         ActiveRecord::MigrationContext.new(path).migrate
       else
         ActiveRecord::Migrator.migrate(path)
@@ -9,11 +11,19 @@ class MigrationHelper
     end
 
     def rollback(path)
-      if ActiveRecord.version >= Gem::Version.new('5.2.0')
+      if ActiveRecord.version >= Gem::Version.new('6.0.0')
+        ActiveRecord::MigrationContext.new(path, schema_migration).rollback
+      elsif ActiveRecord.version >= Gem::Version.new('5.2.0')
         ActiveRecord::MigrationContext.new(path).rollback
       else
         ActiveRecord::Migrator.rollback(path)
       end
     end
+
+    private
+
+    def schema_migration
+      ActiveRecord::Base.connection.schema_migration
+    end
   end
 end

data/spec/support/providers/examples.rb

@@ -0,0 +1,11 @@
+# frozen_string_literal: true
+
+require 'sorcery/providers/base'
+
+module Sorcery
+  module Providers
+    class Examples < Base
+      include Protocols::Oauth2
+    end
+  end
+end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: sorcery
 version: !ruby/object:Gem::Version
-  version: 0.15.0
+  version: 0.17.0
 platform: ruby
 authors:
 - Noam Ben Ari
@@ -12,7 +12,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2020-05-02 00:00:00.000000000 Z
+date: 2024-03-08 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bcrypt
@@ -32,42 +32,30 @@ dependencies:
   name: oauth
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '0.4'
     - - ">="
       - !ruby/object:Gem::Version
-        version: 0.4.4
+        version: '0.6'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '0.4'
     - - ">="
       - !ruby/object:Gem::Version
-        version: 0.4.4
+        version: '0.6'
 - !ruby/object:Gem::Dependency
   name: oauth2
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: 0.8.0
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.0'
+        version: '2.0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: 0.8.0
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.0'
+        version: '2.0'
 - !ruby/object:Gem::Dependency
   name: byebug
   requirement: !ruby/object:Gem::Requirement
@@ -86,16 +74,16 @@ dependencies:
   name: rspec-rails
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: 3.7.0
+        version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: 3.7.0
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: rubocop
   requirement: !ruby/object:Gem::Requirement
@@ -189,24 +177,34 @@ dependencies:
 description: Provides common authentication needs such as signing in/out, activating
   by email and resetting password.
 email:
-- chase.gilliam@gmail.com
-- contact@joshbuker.com
+- crypto@joshbuker.com
 executables: []
 extensions: []
 extra_rdoc_files: []
 files:
+- ".devcontainer/Dockerfile"
+- ".devcontainer/devcontainer.json"
+- ".devcontainer/postcreate.sh"
 - ".document"
+- ".github/FUNDING.yml"
 - ".github/ISSUE_TEMPLATE.md"
+- ".github/PULL_REQUEST_TEMPLATE.md"
+- ".github/workflows/ruby.yml"
 - ".gitignore"
 - ".rspec"
 - ".rubocop.yml"
 - ".rubocop_todo.yml"
-- ".travis.yml"
 - CHANGELOG.md
+- CODE_OF_CONDUCT.md
 - Gemfile
 - LICENSE.md
+- MAINTAINING.md
 - README.md
 - Rakefile
+- SECURITY.md
+- gemfiles/rails_61.gemfile
+- gemfiles/rails_70.gemfile
+- gemfiles/rails_71.gemfile
 - lib/generators/sorcery/USAGE
 - lib/generators/sorcery/helpers.rb
 - lib/generators/sorcery/install_generator.rb
@@ -254,6 +252,7 @@ files:
 - lib/sorcery/protocols/oauth2.rb
 - lib/sorcery/providers/auth0.rb
 - lib/sorcery/providers/base.rb
+- lib/sorcery/providers/battlenet.rb
 - lib/sorcery/providers/discord.rb
 - lib/sorcery/providers/facebook.rb
 - lib/sorcery/providers/github.rb
@@ -298,11 +297,13 @@ files:
 - spec/orm/active_record.rb
 - spec/providers/example_provider_spec.rb
 - spec/providers/example_spec.rb
+- spec/providers/examples_spec.rb
 - spec/providers/vk_spec.rb
 - spec/rails_app/app/active_record/authentication.rb
 - spec/rails_app/app/active_record/user.rb
 - spec/rails_app/app/active_record/user_provider.rb
 - spec/rails_app/app/assets/config/manifest.js
+- spec/rails_app/app/controllers/application_controller.rb
 - spec/rails_app/app/controllers/sorcery_controller.rb
 - spec/rails_app/app/helpers/application_helper.rb
 - spec/rails_app/app/mailers/sorcery_mailer.rb
@@ -358,6 +359,7 @@ files:
 - spec/support/migration_helper.rb
 - spec/support/providers/example.rb
 - spec/support/providers/example_provider.rb
+- spec/support/providers/examples.rb
 homepage: https://github.com/Sorcery/sorcery
 licenses:
 - MIT
@@ -379,7 +381,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.0.8
+rubygems_version: 3.3.5
 signing_key: 
 specification_version: 4
 summary: Magical authentication for Rails applications

data/.travis.yml

@@ -1,8 +0,0 @@
-language: ruby
-rvm:
-  - 2.4.9
-  - 2.5.7
-  - 2.6.5
-
-gemfile:
-  - Gemfile