sorcery 0.5.0 → 0.5.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (54) hide show
  1. data/README.rdoc +1 -1
  2. data/VERSION +1 -1
  3. data/lib/sorcery/controller/adapters/sinatra.rb +35 -28
  4. data/lib/sorcery/controller/submodules/http_basic_auth.rb +1 -1
  5. data/lib/sorcery/engine.rb +0 -7
  6. data/lib/sorcery/initializers/initializer.rb +4 -2
  7. data/lib/sorcery/model/adapters/mongoid.rb +10 -5
  8. data/lib/sorcery/model/submodules/reset_password.rb +5 -3
  9. data/lib/sorcery/model.rb +4 -5
  10. data/lib/sorcery/test_helpers/internal/rails.rb +1 -0
  11. data/lib/sorcery/test_helpers/internal/sinatra.rb +3 -3
  12. data/lib/sorcery/test_helpers/internal/sinatra_modular.rb +74 -0
  13. data/lib/sorcery.rb +3 -5
  14. data/sorcery.gemspec +54 -2
  15. data/spec/Gemfile.lock +1 -4
  16. data/spec/rails3/Gemfile.lock +1 -4
  17. data/spec/rails3/spec/user_reset_password_spec.rb +1 -1
  18. data/spec/rails3/spec/user_spec.rb +0 -10
  19. data/spec/rails3_mongoid/Gemfile.lock +1 -4
  20. data/spec/rails3_mongoid/spec/user_reset_password_spec.rb +12 -4
  21. data/spec/rails3_mongoid/spec/user_spec.rb +0 -10
  22. data/spec/sinatra/Gemfile +3 -0
  23. data/spec/sinatra/Gemfile.lock +17 -34
  24. data/spec/sinatra/Rakefile +1 -1
  25. data/spec/sinatra/filters.rb +20 -14
  26. data/spec/sinatra/modular.rb +157 -0
  27. data/spec/sinatra_modular/Gemfile +15 -0
  28. data/spec/sinatra_modular/Gemfile.lock +117 -0
  29. data/spec/sinatra_modular/Rakefile +11 -0
  30. data/spec/sinatra_modular/authentication.rb +3 -0
  31. data/spec/sinatra_modular/db/migrate/activation/20101224223622_add_activation_to_users.rb +17 -0
  32. data/spec/sinatra_modular/db/migrate/activity_logging/20101224223624_add_activity_logging_to_users.rb +17 -0
  33. data/spec/sinatra_modular/db/migrate/brute_force_protection/20101224223626_add_brute_force_protection_to_users.rb +11 -0
  34. data/spec/sinatra_modular/db/migrate/core/20101224223620_create_users.rb +16 -0
  35. data/spec/sinatra_modular/db/migrate/external/20101224223628_create_authentications.rb +14 -0
  36. data/spec/sinatra_modular/db/migrate/remember_me/20101224223623_add_remember_me_token_to_users.rb +15 -0
  37. data/spec/sinatra_modular/db/migrate/reset_password/20101224223622_add_reset_password_to_users.rb +13 -0
  38. data/spec/sinatra_modular/filters.rb +27 -0
  39. data/spec/sinatra_modular/modular.rb +157 -0
  40. data/spec/sinatra_modular/myapp.rb +133 -0
  41. data/spec/sinatra_modular/sorcery_mailer.rb +25 -0
  42. data/spec/sinatra_modular/spec_modular/controller_activity_logging_spec.rb +85 -0
  43. data/spec/sinatra_modular/spec_modular/controller_brute_force_protection_spec.rb +70 -0
  44. data/spec/sinatra_modular/spec_modular/controller_http_basic_auth_spec.rb +53 -0
  45. data/spec/sinatra_modular/spec_modular/controller_oauth2_spec.rb +120 -0
  46. data/spec/sinatra_modular/spec_modular/controller_oauth_spec.rb +121 -0
  47. data/spec/sinatra_modular/spec_modular/controller_remember_me_spec.rb +64 -0
  48. data/spec/sinatra_modular/spec_modular/controller_session_timeout_spec.rb +57 -0
  49. data/spec/sinatra_modular/spec_modular/controller_spec.rb +116 -0
  50. data/spec/sinatra_modular/spec_modular/spec.opts +2 -0
  51. data/spec/sinatra_modular/spec_modular/spec_helper.rb +51 -0
  52. data/spec/sinatra_modular/user.rb +6 -0
  53. data/spec/sinatra_modular/views/test_login.erb +4 -0
  54. metadata +54 -2
@@ -0,0 +1,157 @@
1
+ require 'sinatra/base'
2
+ #enable :sessions
3
+
4
+ require 'sqlite3'
5
+ require 'active_record'
6
+
7
+ # establish connection
8
+ ActiveRecord::Base.establish_connection(
9
+ :adapter => "sqlite3",
10
+ :database => ":memory:",
11
+ :verbosity => "quiet"
12
+ )
13
+
14
+ require 'action_mailer'
15
+ ActionMailer::Base.delivery_method = :test
16
+ require File.join(File.dirname(__FILE__), 'sorcery_mailer')
17
+
18
+ # models
19
+ require File.join(File.dirname(__FILE__), 'user')
20
+ require 'sorcery'
21
+
22
+ APP_ROOT = File.dirname(__FILE__)
23
+
24
+ class Modular < Sinatra::Base
25
+ set :sessions, true
26
+
27
+ # ['/test_logout', '/some_action', '/test_should_be_logged_in'].each do |patt|
28
+ # before patt do
29
+ # require_login
30
+ # end
31
+ # end
32
+ #
33
+ # before '/test_http_basic_auth' do
34
+ # require_login_from_http_basic
35
+ # end
36
+ #
37
+ ## ----- test filters
38
+ #
39
+ # before do
40
+ # self.class.sorcery_vars = {}
41
+ # end
42
+ #
43
+ # after do
44
+ # save_instance_vars
45
+ # end
46
+
47
+ get '/' do
48
+
49
+ end
50
+
51
+ get '/test_login' do
52
+ @user = login(params[:username], params[:password])
53
+ @current_user = current_user
54
+ @logged_in = logged_in?
55
+ erb :test_login
56
+ end
57
+
58
+ get '/test_logout' do
59
+ session[:user_id] = User.first.id
60
+ logout
61
+ @current_user = current_user
62
+ @logged_in = logged_in?
63
+ end
64
+
65
+ get '/test_current_user' do
66
+ session[:user_id] = params[:id]
67
+ current_user
68
+ end
69
+
70
+ get '/some_action' do
71
+ erb ''
72
+ end
73
+
74
+ post '/test_return_to' do
75
+ session[:return_to_url] = params[:return_to_url] if params[:return_to_url]
76
+ @user = login(params[:username], params[:password])
77
+ redirect_back_or_to(:some_action)
78
+ end
79
+
80
+ get '/test_should_be_logged_in' do
81
+ erb ''
82
+ end
83
+
84
+ def test_not_authenticated_action
85
+ halt "test_not_authenticated_action"
86
+ end
87
+
88
+ def not_authenticated2
89
+ @session = session
90
+ save_instance_vars
91
+ redirect '/'
92
+ end
93
+
94
+ # remember me
95
+
96
+ post '/test_login_with_remember' do
97
+ @user = login(params[:username], params[:password])
98
+ remember_me!
99
+ erb ''
100
+ end
101
+
102
+ post '/test_login_with_remember_in_login' do
103
+ @user = login(params[:username], params[:password], params[:remember])
104
+ erb ''
105
+ end
106
+
107
+ get '/test_login_from_cookie' do
108
+ @user = current_user
109
+ erb ''
110
+ end
111
+
112
+ # http_basic
113
+
114
+ get '/test_http_basic_auth' do
115
+ erb "HTTP Basic Auth"
116
+ end
117
+
118
+ # oauth
119
+
120
+ get '/login_at_test' do
121
+ login_at(:twitter)
122
+ end
123
+
124
+ get '/test_login_from' do
125
+ if @user = login_from(:twitter)
126
+ erb "Success!"
127
+ else
128
+ erb "Failed!"
129
+ end
130
+ end
131
+
132
+ # oauth2
133
+
134
+ get '/login_at_test2' do
135
+ login_at(:facebook)
136
+ end
137
+
138
+ get '/test_login_from2' do
139
+ if @user = login_from(:facebook)
140
+ erb "Success!"
141
+ else
142
+ erb "Failed!"
143
+ end
144
+ end
145
+
146
+ get '/test_create_from_provider' do
147
+ provider = params[:provider]
148
+ login_from(provider)
149
+ if @user = create_from(provider)
150
+ erb "Success!"
151
+ else
152
+ erb "Failed!"
153
+ end
154
+ end
155
+
156
+ #run! if app_file == $2
157
+ end
@@ -0,0 +1,133 @@
1
+ require 'sinatra'
2
+ enable :sessions
3
+
4
+ require 'sqlite3'
5
+ require 'active_record'
6
+
7
+ # establish connection
8
+ ActiveRecord::Base.establish_connection(
9
+ :adapter => "sqlite3",
10
+ :database => ":memory:",
11
+ :verbosity => "quiet"
12
+ )
13
+
14
+ require 'action_mailer'
15
+ ActionMailer::Base.delivery_method = :test
16
+ require File.join(File.dirname(__FILE__),'sorcery_mailer')
17
+
18
+ # models
19
+ require File.join(File.dirname(__FILE__),'user')
20
+ require 'sorcery'
21
+
22
+ APP_ROOT = File.dirname(__FILE__)
23
+
24
+ require File.join(File.dirname(__FILE__),'filters')
25
+
26
+ get '/' do
27
+
28
+ end
29
+
30
+ get '/test_login' do
31
+ @user = login(params[:username],params[:password])
32
+ @current_user = current_user
33
+ @logged_in = logged_in?
34
+ erb :test_login
35
+ end
36
+
37
+ get '/test_logout' do
38
+ session[:user_id] = User.first.id
39
+ logout
40
+ @current_user = current_user
41
+ @logged_in = logged_in?
42
+ end
43
+
44
+ get '/test_current_user' do
45
+ session[:user_id] = params[:id]
46
+ current_user
47
+ end
48
+
49
+ get '/some_action' do
50
+ erb ''
51
+ end
52
+
53
+ post '/test_return_to' do
54
+ session[:return_to_url] = params[:return_to_url] if params[:return_to_url]
55
+ @user = login(params[:username], params[:password])
56
+ redirect_back_or_to(:some_action)
57
+ end
58
+
59
+ get '/test_should_be_logged_in' do
60
+ erb ''
61
+ end
62
+
63
+ def test_not_authenticated_action
64
+ halt "test_not_authenticated_action"
65
+ end
66
+
67
+ def not_authenticated2
68
+ @session = session
69
+ save_instance_vars
70
+ redirect '/'
71
+ end
72
+
73
+ # remember me
74
+
75
+ post '/test_login_with_remember' do
76
+ @user = login(params[:username], params[:password])
77
+ remember_me!
78
+ erb ''
79
+ end
80
+
81
+ post '/test_login_with_remember_in_login' do
82
+ @user = login(params[:username], params[:password], params[:remember])
83
+ erb ''
84
+ end
85
+
86
+ get '/test_login_from_cookie' do
87
+ @user = current_user
88
+ erb ''
89
+ end
90
+
91
+ # http_basic
92
+
93
+ get '/test_http_basic_auth' do
94
+ erb "HTTP Basic Auth"
95
+ end
96
+
97
+ # oauth
98
+
99
+ get '/login_at_test' do
100
+ login_at(:twitter)
101
+ end
102
+
103
+ get '/test_login_from' do
104
+ if @user = login_from(:twitter)
105
+ erb "Success!"
106
+ else
107
+ erb "Failed!"
108
+ end
109
+ end
110
+
111
+ # oauth2
112
+
113
+ get '/login_at_test2' do
114
+ login_at(:facebook)
115
+ end
116
+
117
+ get '/test_login_from2' do
118
+ if @user = login_from(:facebook)
119
+ erb "Success!"
120
+ else
121
+ erb "Failed!"
122
+ end
123
+ end
124
+
125
+ get '/test_create_from_provider' do
126
+ provider = params[:provider]
127
+ login_from(provider)
128
+ if @user = create_from(provider)
129
+ erb "Success!"
130
+ else
131
+ erb "Failed!"
132
+ end
133
+ end
@@ -0,0 +1,25 @@
1
+ class SorceryMailer < ActionMailer::Base
2
+
3
+ default :from => "notifications@example.com"
4
+
5
+ def activation_needed_email(user)
6
+ @user = user
7
+ @url = "http://example.com/login"
8
+ mail(:to => user.email,
9
+ :subject => "Welcome to My Awesome Site")
10
+ end
11
+
12
+ def activation_success_email(user)
13
+ @user = user
14
+ @url = "http://example.com/login"
15
+ mail(:to => user.email,
16
+ :subject => "Your account is now activated")
17
+ end
18
+
19
+ def reset_password_email(user)
20
+ @user = user
21
+ @url = "http://example.com/login"
22
+ mail(:to => user.email,
23
+ :subject => "Your password has been reset")
24
+ end
25
+ end
@@ -0,0 +1,85 @@
1
+ require File.expand_path(File.dirname(__FILE__) + '/spec_helper')
2
+
3
+ describe Modular do
4
+ before(:all) do
5
+ ActiveRecord::Migrator.migrate("#{APP_ROOT}/db/migrate/activity_logging")
6
+ end
7
+
8
+ after(:all) do
9
+ ActiveRecord::Migrator.rollback("#{APP_ROOT}/db/migrate/activity_logging")
10
+ end
11
+
12
+ # ----------------- ACTIVITY LOGGING -----------------------
13
+ describe Modular, "with activity logging features" do
14
+ before(:all) do
15
+ sorcery_reload!([:activity_logging])
16
+ clear_cookies
17
+ end
18
+
19
+ before(:each) do
20
+ create_new_user
21
+ end
22
+
23
+ after(:each) do
24
+ User.delete_all
25
+ end
26
+
27
+ it "should respond to 'current_users'" do
28
+ get_sinatra_app(subject).should respond_to(:current_users)
29
+ end
30
+
31
+ it "'current_users' should be empty when no users are logged in" do
32
+ get_sinatra_app(subject).current_users.size.should == 0
33
+ end
34
+
35
+ it "should log login time on login" do
36
+ now = Time.now.utc
37
+ get "/test_login", :username => 'gizmo', :password => 'secret'
38
+ User.first.last_login_at.should_not be_nil
39
+ User.first.last_login_at.to_s(:db).should >= now.to_s(:db)
40
+ User.first.last_login_at.to_s(:db).should <= (now+2).to_s(:db)
41
+ end
42
+
43
+ it "should log logout time on logout" do
44
+ get "/test_login", :username => 'gizmo', :password => 'secret'
45
+ now = Time.now.utc
46
+ get "/test_logout"
47
+ User.first.last_logout_at.should_not be_nil
48
+ User.first.last_logout_at.to_s(:db).should >= now.to_s(:db)
49
+ User.first.last_logout_at.to_s(:db).should <= (now+2).to_s(:db)
50
+ end
51
+
52
+ it "should log last activity time when logged in" do
53
+ get "/test_login", :username => 'gizmo', :password => 'secret'
54
+ now = Time.now.utc
55
+ get "/some_action"
56
+ User.first.last_activity_at.to_s.should >= now.to_s(:db)
57
+ User.first.last_activity_at.to_s.should <= (now+2).to_s(:db)
58
+ end
59
+
60
+ it "'current_users' should hold the user object when 1 user is logged in" do
61
+ get "/test_login", :username => 'gizmo', :password => 'secret'
62
+ get "/some_action"
63
+ get_sinatra_app(subject).current_users.size.should == 1
64
+ get_sinatra_app(subject).current_users[0].should == @user
65
+ end
66
+
67
+ it "'current_users' should show all current_users, whether they have logged out before or not." do
68
+ user1 = create_new_user({:username => 'gizmo1', :email => "bla1@bla.com", :password => 'secret1'})
69
+ get "/test_login", :username => 'gizmo1', :password => 'secret1'
70
+ get "/some_action"
71
+ clear_user_without_logout
72
+ user2 = create_new_user({:username => 'gizmo2', :email => "bla2@bla.com", :password => 'secret2'})
73
+ get "/test_login", :username => 'gizmo2', :password => 'secret2'
74
+ get "/some_action"
75
+ clear_user_without_logout
76
+ user3 = create_new_user({:username => 'gizmo3', :email => "bla3@bla.com", :password => 'secret3'})
77
+ get "/test_login", :username => 'gizmo3', :password => 'secret3'
78
+ get "/some_action"
79
+ get_sinatra_app(subject).current_users.size.should == 3
80
+ get_sinatra_app(subject).current_users[0].should == user1
81
+ get_sinatra_app(subject).current_users[1].should == user2
82
+ get_sinatra_app(subject).current_users[2].should == user3
83
+ end
84
+ end
85
+ end
@@ -0,0 +1,70 @@
1
+ require File.expand_path(File.dirname(__FILE__) + '/spec_helper')
2
+
3
+ describe Modular do
4
+ before(:all) do
5
+ ActiveRecord::Migrator.migrate("#{APP_ROOT}/db/migrate/brute_force_protection")
6
+ end
7
+
8
+ after(:all) do
9
+ ActiveRecord::Migrator.rollback("#{APP_ROOT}/db/migrate/brute_force_protection")
10
+ end
11
+
12
+ # ----------------- SESSION TIMEOUT -----------------------
13
+ describe Modular, "with brute force protection features" do
14
+ before(:all) do
15
+ sorcery_reload!([:brute_force_protection])
16
+ end
17
+
18
+ before(:each) do
19
+ create_new_user
20
+ end
21
+
22
+ after(:each) do
23
+ Sorcery::Controller::Config.reset!
24
+ sorcery_controller_property_set(:user_class, User)
25
+ User.delete_all
26
+ Timecop.return
27
+ end
28
+
29
+ it "should count login retries" do
30
+ 3.times {get "/test_login", :username => 'gizmo', :password => 'blabla'}
31
+ User.find_by_username('gizmo').failed_logins_count.should == 3
32
+ end
33
+
34
+ it "should reset the counter on a good login" do
35
+ sorcery_model_property_set(:consecutive_login_retries_amount_limit, 5)
36
+ 3.times {get "/test_login", :username => 'gizmo', :password => 'blabla'}
37
+ get "/test_login", :username => 'gizmo', :password => 'secret'
38
+ User.find_by_username('gizmo').failed_logins_count.should == 0
39
+ end
40
+
41
+ it "should lock user when number of retries reached the limit" do
42
+ User.find_by_username('gizmo').lock_expires_at.should be_nil
43
+ sorcery_model_property_set(:consecutive_login_retries_amount_limit, 1)
44
+ get "/test_login", :username => 'gizmo', :password => 'blabla'
45
+ User.find_by_username('gizmo').lock_expires_at.should_not be_nil
46
+ end
47
+
48
+ it "should unlock after lock time period passes" do
49
+ sorcery_model_property_set(:consecutive_login_retries_amount_limit, 2)
50
+ sorcery_model_property_set(:login_lock_time_period, 0.2)
51
+ get "/test_login", :username => 'gizmo', :password => 'blabla'
52
+ get "/test_login", :username => 'gizmo', :password => 'blabla'
53
+ User.find_by_username('gizmo').lock_expires_at.should_not be_nil
54
+ Timecop.travel(Time.now+0.3)
55
+ get "/test_login", :username => 'gizmo', :password => 'blabla'
56
+ User.find_by_username('gizmo').lock_expires_at.should be_nil
57
+ end
58
+
59
+ it "should not unlock if time period is 0 (permanent lock)" do
60
+ sorcery_model_property_set(:consecutive_login_retries_amount_limit, 2)
61
+ sorcery_model_property_set(:login_lock_time_period, 0)
62
+ get "/test_login", :username => 'gizmo', :password => 'blabla'
63
+ get "/test_login", :username => 'gizmo', :password => 'blabla'
64
+ unlock_date = User.find_by_username('gizmo').lock_expires_at
65
+ Timecop.travel(Time.now+1)
66
+ get "/test_login", :username => 'gizmo', :password => 'blabla'
67
+ User.find_by_username('gizmo').lock_expires_at.to_s.should == unlock_date.to_s
68
+ end
69
+ end
70
+ end
@@ -0,0 +1,53 @@
1
+ require File.expand_path(File.dirname(__FILE__) + '/spec_helper')
2
+ require 'base64'
3
+
4
+ describe Modular do
5
+
6
+ # ----------------- HTTP BASIC AUTH -----------------------
7
+ describe Modular, "with http basic auth features" do
8
+ before(:all) do
9
+ sorcery_reload!([:http_basic_auth])
10
+ create_new_user
11
+ end
12
+
13
+ after(:each) do
14
+ get "/test_logout"
15
+ end
16
+
17
+ it "requests basic authentication when before_filter is used" do
18
+ session[:http_authentication_used] = nil
19
+ get "/test_http_basic_auth"
20
+ last_response.status.should == 401
21
+ session[:http_authentication_used].should == true
22
+ end
23
+
24
+ it "authenticates from http basic if credentials are sent" do
25
+ session[:http_authentication_used] = true
26
+ get "/test_http_basic_auth", {}, {"HTTP_AUTHORIZATION" => "Basic " + Base64::encode64("#{@user.username}:secret")}
27
+ last_response.should be_ok
28
+ end
29
+
30
+ it "fails authentication if credentials are wrong" do
31
+ session[:http_authentication_used] = true
32
+ get "/test_http_basic_auth", {}, {"HTTP_AUTHORIZATION" => "Basic " + Base64::encode64("#{@user.username}:wrong!")}
33
+ last_response.should redirect_to 'http://example.org/'
34
+ end
35
+
36
+ it "should allow configuration option 'controller_to_realm_map'" do
37
+ sorcery_controller_property_set(:controller_to_realm_map, {"1" => "2"})
38
+ Sorcery::Controller::Config.controller_to_realm_map.should == {"1" => "2"}
39
+ end
40
+
41
+ it "should display the correct realm name configured for the controller" do
42
+ sorcery_controller_property_set(:controller_to_realm_map, {"application" => "Salad"})
43
+ get "/test_http_basic_auth"
44
+ last_response.headers["WWW-Authenticate"].should == "Basic realm=\"Salad\""
45
+ end
46
+
47
+ it "should sign in the user's session on successful login" do
48
+ session[:http_authentication_used] = true
49
+ get "/test_http_basic_auth", {}, {"HTTP_AUTHORIZATION" => "Basic " + Base64::encode64("#{@user.username}:secret")}
50
+ session[:user_id].should == User.find_by_username(@user.username).id
51
+ end
52
+ end
53
+ end
@@ -0,0 +1,120 @@
1
+ require File.expand_path(File.dirname(__FILE__) + '/spec_helper')
2
+
3
+ def stub_all_oauth2_requests!
4
+ @client = OAuth2::Client.new("key","secret", :site => "http://myapi.com")
5
+ OAuth2::Client.stub!(:new).and_return(@client)
6
+ @acc_token = OAuth2::AccessToken.new(@client, "", "asd", nil, {})
7
+ @webby = @client.web_server
8
+ OAuth2::Strategy::WebServer.stub!(:new).and_return(@webby)
9
+ @webby.stub!(:get_access_token).and_return(@acc_token)
10
+ @acc_token.stub!(:get).and_return({"id"=>"123", "name"=>"Noam Ben Ari", "first_name"=>"Noam", "last_name"=>"Ben Ari", "link"=>"http://www.facebook.com/nbenari1", "hometown"=>{"id"=>"110619208966868", "name"=>"Haifa, Israel"}, "location"=>{"id"=>"106906559341067", "name"=>"Pardes Hanah, Hefa, Israel"}, "bio"=>"I'm a new daddy, and enjoying it!", "gender"=>"male", "email"=>"nbenari@gmail.com", "timezone"=>2, "locale"=>"en_US", "languages"=>[{"id"=>"108405449189952", "name"=>"Hebrew"}, {"id"=>"106059522759137", "name"=>"English"}, {"id"=>"112624162082677", "name"=>"Russian"}], "verified"=>true, "updated_time"=>"2011-02-16T20:59:38+0000"}.to_json)
11
+ end
12
+
13
+ describe 'MyApp' do
14
+ before(:all) do
15
+ ActiveRecord::Migrator.migrate("#{APP_ROOT}/db/migrate/external")
16
+ sorcery_reload!([:external])
17
+ sorcery_controller_property_set(:external_providers, [:facebook])
18
+ sorcery_controller_external_property_set(:facebook, :key, "eYVNBjBDi33aa9GkA3w")
19
+ sorcery_controller_external_property_set(:facebook, :secret, "XpbeSdCoaKSmQGSeokz5qcUATClRW5u08QWNfv71N8")
20
+ sorcery_controller_external_property_set(:facebook, :callback_url, "http://blabla.com")
21
+ end
22
+
23
+ after(:all) do
24
+ ActiveRecord::Migrator.rollback("#{APP_ROOT}/db/migrate/external")
25
+ end
26
+ # ----------------- OAuth -----------------------
27
+ describe Modular, "with OAuth features" do
28
+
29
+ before(:each) do
30
+ stub_all_oauth2_requests!
31
+ end
32
+
33
+ after(:each) do
34
+ User.delete_all
35
+ Authentication.delete_all
36
+ end
37
+
38
+ it "login_at redirects correctly" do
39
+ create_new_user
40
+ get "/login_at_test2"
41
+ last_response.should be_a_redirect
42
+ #last_response.should redirect_to("http://myapi.com/oauth/authorize?client_id=key&redirect_uri=http%3A%2F%2Fblabla.com&scope=email%2Coffline_access&type=web_server")
43
+ last_response.should redirect_to("http://myapi.com/oauth/authorize?client_id=key&redirect_uri=http%3A%2F%2Fblabla.com&scope=email%2Coffline_access&response_type=code")
44
+ end
45
+
46
+ it "'login_from' logins if user exists" do
47
+ sorcery_model_property_set(:authentications_class, Authentication)
48
+ create_new_external_user(:facebook)
49
+ get "/test_login_from2"
50
+ last_response.body.should == "Success!"
51
+ end
52
+
53
+ it "'login_from' fails if user doesn't exist" do
54
+ sorcery_model_property_set(:authentications_class, Authentication)
55
+ create_new_user
56
+ get "/test_login_from2"
57
+ last_response.body.should == "Failed!"
58
+ end
59
+ end
60
+
61
+ describe Modular, "'create_from'" do
62
+ before(:each) do
63
+ stub_all_oauth2_requests!
64
+ User.delete_all
65
+ Authentication.delete_all
66
+ end
67
+
68
+ it "should create a new user" do
69
+ sorcery_model_property_set(:authentications_class, Authentication)
70
+ sorcery_controller_external_property_set(:facebook, :user_info_mapping, {:username => "name"})
71
+ lambda do
72
+ get "/test_create_from_provider", :provider => "facebook"
73
+ end.should change(User, :count).by(1)
74
+ User.first.username.should == "Noam Ben Ari"
75
+ end
76
+
77
+ it "should support nested attributes" do
78
+ sorcery_model_property_set(:authentications_class, Authentication)
79
+ sorcery_controller_external_property_set(:facebook, :user_info_mapping, {:username => "hometown/name"})
80
+ lambda do
81
+ get "/test_create_from_provider", :provider => "facebook"
82
+ end.should change(User, :count).by(1)
83
+ User.first.username.should == "Haifa, Israel"
84
+ end
85
+ end
86
+
87
+ describe Modular, "OAuth with User Activation features" do
88
+ before(:all) do
89
+ ActiveRecord::Migrator.migrate("#{APP_ROOT}/db/migrate/activation")
90
+ sorcery_reload!([:user_activation,:external], :user_activation_mailer => ::SorceryMailer)
91
+ sorcery_controller_property_set(:external_providers, [:facebook])
92
+ sorcery_controller_external_property_set(:facebook, :key, "eYVNBjBDi33aa9GkA3w")
93
+ sorcery_controller_external_property_set(:facebook, :secret, "XpbeSdCoaKSmQGSeokz5qcUATClRW5u08QWNfv71N8")
94
+ sorcery_controller_external_property_set(:facebook, :callback_url, "http://blabla.com")
95
+ end
96
+
97
+ after(:all) do
98
+ ActiveRecord::Migrator.rollback("#{APP_ROOT}/db/migrate/activation")
99
+ end
100
+
101
+ after(:each) do
102
+ User.delete_all
103
+ end
104
+
105
+ it "should not send activation email to external users" do
106
+ old_size = ActionMailer::Base.deliveries.size
107
+ create_new_external_user(:facebook)
108
+ ActionMailer::Base.deliveries.size.should == old_size
109
+ end
110
+
111
+ it "should not send external users an activation success email" do
112
+ sorcery_model_property_set(:activation_success_email_method_name, nil)
113
+ create_new_external_user(:facebook)
114
+ old_size = ActionMailer::Base.deliveries.size
115
+ @user.activate!
116
+ ActionMailer::Base.deliveries.size.should == old_size
117
+ end
118
+ end
119
+
120
+ end