sorcery 0.8.1 → 0.9.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (353) hide show
  1. checksums.yaml +7 -0
  2. data/.gitignore +56 -0
  3. data/.travis.yml +130 -1
  4. data/CHANGELOG.md +270 -0
  5. data/Gemfile +18 -23
  6. data/README.md +371 -0
  7. data/Rakefile +3 -78
  8. data/gemfiles/active_record-rails40.gemfile +7 -0
  9. data/gemfiles/active_record-rails41.gemfile +7 -0
  10. data/gemfiles/mongo_mapper-rails40.gemfile +9 -0
  11. data/gemfiles/mongo_mapper-rails41.gemfile +9 -0
  12. data/gemfiles/mongoid-rails40.gemfile +9 -0
  13. data/gemfiles/mongoid-rails41.gemfile +9 -0
  14. data/gemfiles/mongoid3-rails32.gemfile +9 -0
  15. data/lib/generators/sorcery/USAGE +1 -1
  16. data/lib/generators/sorcery/helpers.rb +40 -0
  17. data/lib/generators/sorcery/install_generator.rb +38 -20
  18. data/lib/generators/sorcery/templates/initializer.rb +51 -15
  19. data/lib/generators/sorcery/templates/migration/activity_logging.rb +3 -10
  20. data/lib/generators/sorcery/templates/migration/brute_force_protection.rb +3 -7
  21. data/lib/generators/sorcery/templates/migration/core.rb +5 -8
  22. data/lib/generators/sorcery/templates/migration/external.rb +3 -5
  23. data/lib/generators/sorcery/templates/migration/remember_me.rb +2 -9
  24. data/lib/generators/sorcery/templates/migration/reset_password.rb +2 -10
  25. data/lib/generators/sorcery/templates/migration/user_activation.rb +2 -10
  26. data/lib/sorcery/adapters/active_record_adapter.rb +120 -0
  27. data/lib/sorcery/adapters/base_adapter.rb +30 -0
  28. data/lib/sorcery/adapters/data_mapper_adapter.rb +176 -0
  29. data/lib/sorcery/adapters/mongo_mapper_adapter.rb +110 -0
  30. data/lib/sorcery/adapters/mongoid_adapter.rb +97 -0
  31. data/lib/sorcery/controller/config.rb +65 -0
  32. data/lib/sorcery/controller/submodules/activity_logging.rb +27 -21
  33. data/lib/sorcery/controller/submodules/brute_force_protection.rb +6 -6
  34. data/lib/sorcery/controller/submodules/external.rb +107 -75
  35. data/lib/sorcery/controller/submodules/remember_me.rb +5 -5
  36. data/lib/sorcery/controller/submodules/session_timeout.rb +11 -7
  37. data/lib/sorcery/controller.rb +27 -76
  38. data/lib/sorcery/model/config.rb +96 -0
  39. data/lib/sorcery/model/submodules/activity_logging.rb +32 -12
  40. data/lib/sorcery/model/submodules/brute_force_protection.rb +36 -36
  41. data/lib/sorcery/model/submodules/external.rb +53 -9
  42. data/lib/sorcery/model/submodules/remember_me.rb +15 -19
  43. data/lib/sorcery/model/submodules/reset_password.rb +36 -33
  44. data/lib/sorcery/model/submodules/user_activation.rb +51 -48
  45. data/lib/sorcery/model/temporary_token.rb +4 -4
  46. data/lib/sorcery/model.rb +81 -175
  47. data/lib/sorcery/protocols/oauth.rb +42 -0
  48. data/lib/sorcery/protocols/oauth2.rb +47 -0
  49. data/lib/sorcery/providers/base.rb +38 -0
  50. data/lib/sorcery/providers/facebook.rb +63 -0
  51. data/lib/sorcery/providers/github.rb +51 -0
  52. data/lib/sorcery/providers/google.rb +51 -0
  53. data/lib/sorcery/providers/heroku.rb +57 -0
  54. data/lib/sorcery/providers/jira.rb +77 -0
  55. data/lib/sorcery/providers/linkedin.rb +66 -0
  56. data/lib/sorcery/providers/liveid.rb +53 -0
  57. data/lib/sorcery/providers/salesforce.rb +50 -0
  58. data/lib/sorcery/providers/twitter.rb +59 -0
  59. data/lib/sorcery/providers/vk.rb +63 -0
  60. data/lib/sorcery/providers/xing.rb +64 -0
  61. data/lib/sorcery/railties/tasks.rake +1 -7
  62. data/lib/sorcery/test_helpers/internal/rails.rb +17 -6
  63. data/lib/sorcery/test_helpers/internal.rb +27 -6
  64. data/lib/sorcery/test_helpers/rails/controller.rb +21 -0
  65. data/lib/sorcery/test_helpers/rails/integration.rb +26 -0
  66. data/lib/sorcery/version.rb +3 -0
  67. data/lib/sorcery.rb +83 -57
  68. data/sorcery.gemspec +24 -363
  69. data/spec/active_record/user_activation_spec.rb +18 -0
  70. data/spec/active_record/user_activity_logging_spec.rb +17 -0
  71. data/spec/{rails3/spec → active_record}/user_brute_force_protection_spec.rb +6 -5
  72. data/spec/{rails3/spec → active_record}/user_oauth_spec.rb +6 -5
  73. data/spec/{rails3/spec → active_record}/user_remember_me_spec.rb +5 -4
  74. data/spec/{rails3/spec → active_record}/user_reset_password_spec.rb +7 -7
  75. data/spec/active_record/user_spec.rb +37 -0
  76. data/spec/controllers/controller_activity_logging_spec.rb +124 -0
  77. data/spec/controllers/controller_brute_force_protection_spec.rb +43 -0
  78. data/spec/controllers/controller_http_basic_auth_spec.rb +68 -0
  79. data/spec/controllers/controller_oauth2_spec.rb +414 -0
  80. data/spec/controllers/controller_oauth_spec.rb +240 -0
  81. data/spec/controllers/controller_remember_me_spec.rb +117 -0
  82. data/spec/controllers/controller_session_timeout_spec.rb +80 -0
  83. data/spec/controllers/controller_spec.rb +218 -0
  84. data/spec/data_mapper/user_activation_spec.rb +10 -0
  85. data/spec/data_mapper/user_activity_logging_spec.rb +14 -0
  86. data/spec/data_mapper/user_brute_force_protection_spec.rb +9 -0
  87. data/spec/data_mapper/user_oauth_spec.rb +9 -0
  88. data/spec/data_mapper/user_remember_me_spec.rb +8 -0
  89. data/spec/data_mapper/user_reset_password_spec.rb +8 -0
  90. data/spec/data_mapper/user_spec.rb +27 -0
  91. data/spec/mongo_mapper/user_activation_spec.rb +9 -0
  92. data/spec/mongo_mapper/user_activity_logging_spec.rb +8 -0
  93. data/spec/mongo_mapper/user_brute_force_protection_spec.rb +8 -0
  94. data/spec/mongo_mapper/user_oauth_spec.rb +8 -0
  95. data/spec/mongo_mapper/user_remember_me_spec.rb +8 -0
  96. data/spec/mongo_mapper/user_reset_password_spec.rb +8 -0
  97. data/spec/mongo_mapper/user_spec.rb +37 -0
  98. data/spec/mongoid/user_activation_spec.rb +9 -0
  99. data/spec/mongoid/user_activity_logging_spec.rb +8 -0
  100. data/spec/mongoid/user_brute_force_protection_spec.rb +8 -0
  101. data/spec/mongoid/user_oauth_spec.rb +8 -0
  102. data/spec/mongoid/user_remember_me_spec.rb +8 -0
  103. data/spec/mongoid/user_reset_password_spec.rb +8 -0
  104. data/spec/mongoid/user_spec.rb +51 -0
  105. data/spec/orm/active_record.rb +21 -0
  106. data/spec/orm/data_mapper.rb +48 -0
  107. data/spec/orm/mongo_mapper.rb +10 -0
  108. data/spec/orm/mongoid.rb +22 -0
  109. data/spec/{rails3/app/models → rails_app/app/active_record}/user.rb +1 -2
  110. data/spec/rails_app/app/active_record/user_provider.rb +3 -0
  111. data/spec/rails_app/app/controllers/sorcery_controller.rb +285 -0
  112. data/spec/rails_app/app/data_mapper/authentication.rb +8 -0
  113. data/spec/rails_app/app/data_mapper/user.rb +7 -0
  114. data/spec/{rails3_mongo_mapper/app/models → rails_app/app/mongo_mapper}/user.rb +2 -0
  115. data/spec/{rails3_mongoid/app/models → rails_app/app/mongoid}/user.rb +2 -0
  116. data/spec/rails_app/app/views/sorcery_mailer/send_unlock_token_email.text.erb +1 -0
  117. data/spec/{rails3_mongo_mapper → rails_app}/config/application.rb +13 -8
  118. data/spec/rails_app/config/boot.rb +4 -0
  119. data/spec/rails_app/config/database.yml +22 -0
  120. data/spec/{rails3_mongo_mapper → rails_app}/config/environments/test.rb +2 -0
  121. data/spec/{rails3_mongoid → rails_app}/config/initializers/session_store.rb +4 -0
  122. data/spec/rails_app/config/routes.rb +51 -0
  123. data/spec/{rails3_mongo_mapper → rails_app}/config.ru +1 -1
  124. data/spec/{rails3 → rails_app}/db/migrate/activation/20101224223622_add_activation_to_users.rb +3 -3
  125. data/spec/{rails3 → rails_app}/db/migrate/activity_logging/20101224223624_add_activity_logging_to_users.rb +2 -0
  126. data/spec/{rails3 → rails_app}/db/migrate/core/20101224223620_create_users.rb +2 -2
  127. data/spec/rails_app/db/migrate/external/20101224223628_create_authentications_and_user_providers.rb +22 -0
  128. data/spec/rails_app/log/development.log +1791 -0
  129. data/spec/shared_examples/user_activation_shared_examples.rb +137 -98
  130. data/spec/shared_examples/user_activity_logging_shared_examples.rb +86 -13
  131. data/spec/shared_examples/user_brute_force_protection_shared_examples.rb +140 -21
  132. data/spec/shared_examples/user_oauth_shared_examples.rb +21 -16
  133. data/spec/shared_examples/user_remember_me_shared_examples.rb +36 -24
  134. data/spec/shared_examples/user_reset_password_shared_examples.rb +163 -130
  135. data/spec/shared_examples/user_shared_examples.rb +355 -193
  136. data/spec/sorcery_crypto_providers_spec.rb +74 -72
  137. data/spec/spec_helper.rb +32 -4
  138. metadata +258 -425
  139. data/Gemfile.lock +0 -192
  140. data/README.rdoc +0 -261
  141. data/VERSION +0 -1
  142. data/lib/sorcery/controller/submodules/external/protocols/oauth1.rb +0 -35
  143. data/lib/sorcery/controller/submodules/external/protocols/oauth2.rb +0 -45
  144. data/lib/sorcery/controller/submodules/external/providers/facebook.rb +0 -97
  145. data/lib/sorcery/controller/submodules/external/providers/github.rb +0 -91
  146. data/lib/sorcery/controller/submodules/external/providers/google.rb +0 -90
  147. data/lib/sorcery/controller/submodules/external/providers/linkedin.rb +0 -101
  148. data/lib/sorcery/controller/submodules/external/providers/liveid.rb +0 -91
  149. data/lib/sorcery/controller/submodules/external/providers/twitter.rb +0 -92
  150. data/lib/sorcery/controller/submodules/external/providers/vk.rb +0 -99
  151. data/lib/sorcery/model/adapters/active_record.rb +0 -49
  152. data/lib/sorcery/model/adapters/mongo_mapper.rb +0 -56
  153. data/lib/sorcery/model/adapters/mongoid.rb +0 -88
  154. data/lib/sorcery/test_helpers/rails.rb +0 -16
  155. data/lib/sorcery/test_helpers.rb +0 -5
  156. data/spec/Gemfile +0 -12
  157. data/spec/Gemfile.lock +0 -129
  158. data/spec/README.md +0 -31
  159. data/spec/Rakefile +0 -12
  160. data/spec/rails3/.gitignore +0 -4
  161. data/spec/rails3/.rspec +0 -1
  162. data/spec/rails3/Gemfile +0 -15
  163. data/spec/rails3/Gemfile.lock +0 -162
  164. data/spec/rails3/README +0 -256
  165. data/spec/rails3/Rakefile +0 -11
  166. data/spec/rails3/app/controllers/application_controller.rb +0 -208
  167. data/spec/rails3/app/views/sorcery_mailer/send_unlock_token_email.text.erb +0 -1
  168. data/spec/rails3/config/application.rb +0 -46
  169. data/spec/rails3/config/boot.rb +0 -13
  170. data/spec/rails3/config/database.yml +0 -27
  171. data/spec/rails3/config/environments/development.rb +0 -26
  172. data/spec/rails3/config/environments/in_memory.rb +0 -35
  173. data/spec/rails3/config/environments/production.rb +0 -49
  174. data/spec/rails3/config/environments/test.rb +0 -35
  175. data/spec/rails3/config/initializers/session_store.rb +0 -8
  176. data/spec/rails3/config/routes.rb +0 -59
  177. data/spec/rails3/config.ru +0 -4
  178. data/spec/rails3/db/migrate/external/20101224223628_create_authentications.rb +0 -14
  179. data/spec/rails3/lib/tasks/.gitkeep +0 -0
  180. data/spec/rails3/public/404.html +0 -26
  181. data/spec/rails3/public/422.html +0 -26
  182. data/spec/rails3/public/500.html +0 -26
  183. data/spec/rails3/public/favicon.ico +0 -0
  184. data/spec/rails3/public/images/rails.png +0 -0
  185. data/spec/rails3/public/javascripts/application.js +0 -2
  186. data/spec/rails3/public/javascripts/controls.js +0 -965
  187. data/spec/rails3/public/javascripts/dragdrop.js +0 -974
  188. data/spec/rails3/public/javascripts/effects.js +0 -1123
  189. data/spec/rails3/public/javascripts/prototype.js +0 -6001
  190. data/spec/rails3/public/javascripts/rails.js +0 -175
  191. data/spec/rails3/public/robots.txt +0 -5
  192. data/spec/rails3/public/stylesheets/.gitkeep +0 -0
  193. data/spec/rails3/script/rails +0 -6
  194. data/spec/rails3/spec/controller_activity_logging_spec.rb +0 -115
  195. data/spec/rails3/spec/controller_brute_force_protection_spec.rb +0 -88
  196. data/spec/rails3/spec/controller_http_basic_auth_spec.rb +0 -50
  197. data/spec/rails3/spec/controller_oauth2_spec.rb +0 -380
  198. data/spec/rails3/spec/controller_oauth_spec.rb +0 -206
  199. data/spec/rails3/spec/controller_remember_me_spec.rb +0 -96
  200. data/spec/rails3/spec/controller_session_timeout_spec.rb +0 -55
  201. data/spec/rails3/spec/controller_spec.rb +0 -177
  202. data/spec/rails3/spec/integration_spec.rb +0 -23
  203. data/spec/rails3/spec/spec.opts +0 -2
  204. data/spec/rails3/spec/spec_helper.orig.rb +0 -27
  205. data/spec/rails3/spec/spec_helper.rb +0 -71
  206. data/spec/rails3/spec/user_activation_spec.rb +0 -16
  207. data/spec/rails3/spec/user_activity_logging_spec.rb +0 -8
  208. data/spec/rails3/spec/user_spec.rb +0 -36
  209. data/spec/rails3/vendor/plugins/.gitkeep +0 -0
  210. data/spec/rails3_mongo_mapper/.gitignore +0 -4
  211. data/spec/rails3_mongo_mapper/.rspec +0 -1
  212. data/spec/rails3_mongo_mapper/Gemfile +0 -16
  213. data/spec/rails3_mongo_mapper/Gemfile.lock +0 -156
  214. data/spec/rails3_mongo_mapper/Rakefile +0 -11
  215. data/spec/rails3_mongo_mapper/app/controllers/application_controller.rb +0 -122
  216. data/spec/rails3_mongo_mapper/app/helpers/application_helper.rb +0 -2
  217. data/spec/rails3_mongo_mapper/app/mailers/sorcery_mailer.rb +0 -25
  218. data/spec/rails3_mongo_mapper/app/views/layouts/application.html.erb +0 -14
  219. data/spec/rails3_mongo_mapper/app/views/sorcery_mailer/activation_email.html.erb +0 -17
  220. data/spec/rails3_mongo_mapper/app/views/sorcery_mailer/activation_email.text.erb +0 -9
  221. data/spec/rails3_mongo_mapper/app/views/sorcery_mailer/activation_success_email.text.erb +0 -9
  222. data/spec/rails3_mongo_mapper/app/views/sorcery_mailer/reset_password_email.html.erb +0 -16
  223. data/spec/rails3_mongo_mapper/app/views/sorcery_mailer/reset_password_email.text.erb +0 -8
  224. data/spec/rails3_mongo_mapper/config/boot.rb +0 -13
  225. data/spec/rails3_mongo_mapper/config/environment.rb +0 -5
  226. data/spec/rails3_mongo_mapper/config/environments/development.rb +0 -30
  227. data/spec/rails3_mongo_mapper/config/environments/in_memory.rb +0 -0
  228. data/spec/rails3_mongo_mapper/config/environments/production.rb +0 -49
  229. data/spec/rails3_mongo_mapper/config/initializers/backtrace_silencers.rb +0 -7
  230. data/spec/rails3_mongo_mapper/config/initializers/inflections.rb +0 -10
  231. data/spec/rails3_mongo_mapper/config/initializers/mime_types.rb +0 -5
  232. data/spec/rails3_mongo_mapper/config/initializers/mongo.rb +0 -2
  233. data/spec/rails3_mongo_mapper/config/initializers/secret_token.rb +0 -7
  234. data/spec/rails3_mongo_mapper/config/initializers/session_store.rb +0 -8
  235. data/spec/rails3_mongo_mapper/config/locales/en.yml +0 -5
  236. data/spec/rails3_mongo_mapper/config/routes.rb +0 -59
  237. data/spec/rails3_mongo_mapper/db/schema.rb +0 -23
  238. data/spec/rails3_mongo_mapper/db/seeds.rb +0 -7
  239. data/spec/rails3_mongo_mapper/lib/tasks/.gitkeep +0 -0
  240. data/spec/rails3_mongo_mapper/public/404.html +0 -26
  241. data/spec/rails3_mongo_mapper/public/422.html +0 -26
  242. data/spec/rails3_mongo_mapper/public/500.html +0 -26
  243. data/spec/rails3_mongo_mapper/public/favicon.ico +0 -0
  244. data/spec/rails3_mongo_mapper/public/images/rails.png +0 -0
  245. data/spec/rails3_mongo_mapper/public/javascripts/application.js +0 -2
  246. data/spec/rails3_mongo_mapper/public/javascripts/controls.js +0 -965
  247. data/spec/rails3_mongo_mapper/public/javascripts/dragdrop.js +0 -974
  248. data/spec/rails3_mongo_mapper/public/javascripts/effects.js +0 -1123
  249. data/spec/rails3_mongo_mapper/public/javascripts/prototype.js +0 -6001
  250. data/spec/rails3_mongo_mapper/public/javascripts/rails.js +0 -175
  251. data/spec/rails3_mongo_mapper/public/robots.txt +0 -5
  252. data/spec/rails3_mongo_mapper/public/stylesheets/.gitkeep +0 -0
  253. data/spec/rails3_mongo_mapper/script/rails +0 -6
  254. data/spec/rails3_mongo_mapper/spec/controller_spec.rb +0 -170
  255. data/spec/rails3_mongo_mapper/spec/spec.opts +0 -2
  256. data/spec/rails3_mongo_mapper/spec/spec_helper.orig.rb +0 -27
  257. data/spec/rails3_mongo_mapper/spec/spec_helper.rb +0 -55
  258. data/spec/rails3_mongo_mapper/spec/user_activation_spec.rb +0 -9
  259. data/spec/rails3_mongo_mapper/spec/user_activity_logging_spec.rb +0 -8
  260. data/spec/rails3_mongo_mapper/spec/user_brute_force_protection_spec.rb +0 -8
  261. data/spec/rails3_mongo_mapper/spec/user_oauth_spec.rb +0 -8
  262. data/spec/rails3_mongo_mapper/spec/user_remember_me_spec.rb +0 -8
  263. data/spec/rails3_mongo_mapper/spec/user_reset_password_spec.rb +0 -8
  264. data/spec/rails3_mongo_mapper/spec/user_spec.rb +0 -37
  265. data/spec/rails3_mongo_mapper/vendor/plugins/.gitkeep +0 -0
  266. data/spec/rails3_mongoid/.gitignore +0 -4
  267. data/spec/rails3_mongoid/.rspec +0 -1
  268. data/spec/rails3_mongoid/Gemfile +0 -15
  269. data/spec/rails3_mongoid/Gemfile.lock +0 -146
  270. data/spec/rails3_mongoid/Rakefile +0 -11
  271. data/spec/rails3_mongoid/app/controllers/application_controller.rb +0 -127
  272. data/spec/rails3_mongoid/app/helpers/application_helper.rb +0 -2
  273. data/spec/rails3_mongoid/app/mailers/sorcery_mailer.rb +0 -25
  274. data/spec/rails3_mongoid/app/views/layouts/application.html.erb +0 -14
  275. data/spec/rails3_mongoid/app/views/sorcery_mailer/activation_email.html.erb +0 -17
  276. data/spec/rails3_mongoid/app/views/sorcery_mailer/activation_email.text.erb +0 -9
  277. data/spec/rails3_mongoid/app/views/sorcery_mailer/activation_success_email.html.erb +0 -17
  278. data/spec/rails3_mongoid/app/views/sorcery_mailer/activation_success_email.text.erb +0 -9
  279. data/spec/rails3_mongoid/app/views/sorcery_mailer/reset_password_email.html.erb +0 -16
  280. data/spec/rails3_mongoid/app/views/sorcery_mailer/reset_password_email.text.erb +0 -8
  281. data/spec/rails3_mongoid/config/application.rb +0 -51
  282. data/spec/rails3_mongoid/config/boot.rb +0 -13
  283. data/spec/rails3_mongoid/config/environment.rb +0 -5
  284. data/spec/rails3_mongoid/config/environments/development.rb +0 -26
  285. data/spec/rails3_mongoid/config/environments/in_memory.rb +0 -0
  286. data/spec/rails3_mongoid/config/environments/production.rb +0 -49
  287. data/spec/rails3_mongoid/config/environments/test.rb +0 -35
  288. data/spec/rails3_mongoid/config/initializers/backtrace_silencers.rb +0 -7
  289. data/spec/rails3_mongoid/config/initializers/inflections.rb +0 -10
  290. data/spec/rails3_mongoid/config/initializers/mime_types.rb +0 -5
  291. data/spec/rails3_mongoid/config/initializers/secret_token.rb +0 -7
  292. data/spec/rails3_mongoid/config/locales/en.yml +0 -5
  293. data/spec/rails3_mongoid/config/mongoid.yml +0 -7
  294. data/spec/rails3_mongoid/config/routes.rb +0 -59
  295. data/spec/rails3_mongoid/config.ru +0 -4
  296. data/spec/rails3_mongoid/db/schema.rb +0 -23
  297. data/spec/rails3_mongoid/db/seeds.rb +0 -7
  298. data/spec/rails3_mongoid/lib/tasks/.gitkeep +0 -0
  299. data/spec/rails3_mongoid/public/404.html +0 -26
  300. data/spec/rails3_mongoid/public/422.html +0 -26
  301. data/spec/rails3_mongoid/public/500.html +0 -26
  302. data/spec/rails3_mongoid/public/favicon.ico +0 -0
  303. data/spec/rails3_mongoid/public/images/rails.png +0 -0
  304. data/spec/rails3_mongoid/public/javascripts/application.js +0 -2
  305. data/spec/rails3_mongoid/public/javascripts/controls.js +0 -965
  306. data/spec/rails3_mongoid/public/javascripts/dragdrop.js +0 -974
  307. data/spec/rails3_mongoid/public/javascripts/effects.js +0 -1123
  308. data/spec/rails3_mongoid/public/javascripts/prototype.js +0 -6001
  309. data/spec/rails3_mongoid/public/javascripts/rails.js +0 -175
  310. data/spec/rails3_mongoid/public/robots.txt +0 -5
  311. data/spec/rails3_mongoid/public/stylesheets/.gitkeep +0 -0
  312. data/spec/rails3_mongoid/script/rails +0 -6
  313. data/spec/rails3_mongoid/spec/controller_activity_logging_spec.rb +0 -105
  314. data/spec/rails3_mongoid/spec/controller_spec.rb +0 -181
  315. data/spec/rails3_mongoid/spec/spec.opts +0 -2
  316. data/spec/rails3_mongoid/spec/spec_helper.orig.rb +0 -27
  317. data/spec/rails3_mongoid/spec/spec_helper.rb +0 -55
  318. data/spec/rails3_mongoid/spec/user_activation_spec.rb +0 -9
  319. data/spec/rails3_mongoid/spec/user_activity_logging_spec.rb +0 -8
  320. data/spec/rails3_mongoid/spec/user_brute_force_protection_spec.rb +0 -8
  321. data/spec/rails3_mongoid/spec/user_oauth_spec.rb +0 -8
  322. data/spec/rails3_mongoid/spec/user_remember_me_spec.rb +0 -8
  323. data/spec/rails3_mongoid/spec/user_reset_password_spec.rb +0 -8
  324. data/spec/rails3_mongoid/spec/user_spec.rb +0 -38
  325. data/spec/rails3_mongoid/vendor/plugins/.gitkeep +0 -0
  326. data/spec/shared_examples/controller_oauth2_shared_examples.rb +0 -56
  327. data/spec/shared_examples/controller_oauth_shared_examples.rb +0 -55
  328. /data/lib/sorcery/{controller/submodules/external/protocols → protocols}/certs/ca-bundle.crt +0 -0
  329. /data/spec/{rails3/app/models → rails_app/app/active_record}/authentication.rb +0 -0
  330. /data/spec/{rails3 → rails_app}/app/helpers/application_helper.rb +0 -0
  331. /data/spec/{rails3 → rails_app}/app/mailers/sorcery_mailer.rb +0 -0
  332. /data/spec/{rails3_mongo_mapper/app/models → rails_app/app/mongo_mapper}/authentication.rb +0 -0
  333. /data/spec/{rails3_mongoid/app/models → rails_app/app/mongoid}/authentication.rb +0 -0
  334. /data/spec/{rails3 → rails_app}/app/views/application/index.html.erb +0 -0
  335. /data/spec/{rails3 → rails_app}/app/views/layouts/application.html.erb +0 -0
  336. /data/spec/{rails3 → rails_app}/app/views/sorcery_mailer/activation_email.html.erb +0 -0
  337. /data/spec/{rails3 → rails_app}/app/views/sorcery_mailer/activation_email.text.erb +0 -0
  338. /data/spec/{rails3/app/views/sorcery_mailer/activation_success_email.html.erb → rails_app/app/views/sorcery_mailer/activation_needed_email.html.erb} +0 -0
  339. /data/spec/{rails3_mongo_mapper → rails_app}/app/views/sorcery_mailer/activation_success_email.html.erb +0 -0
  340. /data/spec/{rails3 → rails_app}/app/views/sorcery_mailer/activation_success_email.text.erb +0 -0
  341. /data/spec/{rails3 → rails_app}/app/views/sorcery_mailer/reset_password_email.html.erb +0 -0
  342. /data/spec/{rails3 → rails_app}/app/views/sorcery_mailer/reset_password_email.text.erb +0 -0
  343. /data/spec/{rails3 → rails_app}/config/environment.rb +0 -0
  344. /data/spec/{rails3 → rails_app}/config/initializers/backtrace_silencers.rb +0 -0
  345. /data/spec/{rails3 → rails_app}/config/initializers/inflections.rb +0 -0
  346. /data/spec/{rails3 → rails_app}/config/initializers/mime_types.rb +0 -0
  347. /data/spec/{rails3 → rails_app}/config/initializers/secret_token.rb +0 -0
  348. /data/spec/{rails3 → rails_app}/config/locales/en.yml +0 -0
  349. /data/spec/{rails3 → rails_app}/db/migrate/brute_force_protection/20101224223626_add_brute_force_protection_to_users.rb +0 -0
  350. /data/spec/{rails3 → rails_app}/db/migrate/remember_me/20101224223623_add_remember_me_token_to_users.rb +0 -0
  351. /data/spec/{rails3 → rails_app}/db/migrate/reset_password/20101224223622_add_reset_password_to_users.rb +0 -0
  352. /data/spec/{rails3 → rails_app}/db/schema.rb +0 -0
  353. /data/spec/{rails3 → rails_app}/db/seeds.rb +0 -0
@@ -0,0 +1,414 @@
1
+ require 'spec_helper'
2
+
3
+ # require 'shared_examples/controller_oauth2_shared_examples'
4
+
5
+ describe SorceryController, :active_record => true do
6
+ before(:all) do
7
+ if SORCERY_ORM == :active_record
8
+ ActiveRecord::Migrator.migrate("#{Rails.root}/db/migrate/external")
9
+ User.reset_column_information
10
+ end
11
+
12
+ sorcery_reload!([:external])
13
+ set_external_property
14
+ end
15
+
16
+ after(:all) do
17
+ if SORCERY_ORM == :active_record
18
+ ActiveRecord::Migrator.rollback("#{Rails.root}/db/migrate/external")
19
+ end
20
+ end
21
+
22
+ describe 'using create_from' do
23
+ before(:each) do
24
+ stub_all_oauth2_requests!
25
+ end
26
+
27
+ it 'creates a new user' do
28
+ sorcery_model_property_set(:authentications_class, Authentication)
29
+ sorcery_controller_external_property_set(:facebook, :user_info_mapping, { username: 'name' })
30
+
31
+ expect(User).to receive(:create_from_provider).with('facebook', '123', {username: 'Noam Ben Ari'})
32
+ get :test_create_from_provider, provider: 'facebook'
33
+ end
34
+
35
+ it 'supports nested attributes' do
36
+ sorcery_model_property_set(:authentications_class, Authentication)
37
+ sorcery_controller_external_property_set(:facebook, :user_info_mapping, { username: 'hometown/name' })
38
+ expect(User).to receive(:create_from_provider).with('facebook', '123', {username: 'Haifa, Israel'})
39
+
40
+ get :test_create_from_provider, provider: 'facebook'
41
+ end
42
+
43
+ it 'does not crash on missing nested attributes' do
44
+ sorcery_model_property_set(:authentications_class, Authentication)
45
+ sorcery_controller_external_property_set(:facebook, :user_info_mapping, { username: 'name', created_at: 'does/not/exist' })
46
+
47
+ expect(User).to receive(:create_from_provider).with('facebook', '123', {username: 'Noam Ben Ari'})
48
+
49
+ get :test_create_from_provider, provider: 'facebook'
50
+ end
51
+
52
+ describe 'with a block' do
53
+ it 'does not create user' do
54
+ sorcery_model_property_set(:authentications_class, Authentication)
55
+ sorcery_controller_external_property_set(:facebook, :user_info_mapping, { username: 'name' })
56
+
57
+ u = double('user')
58
+ expect(User).to receive(:create_from_provider).with('facebook', '123', {username: 'Noam Ben Ari'}).and_return(u).and_yield(u)
59
+ # test_create_from_provider_with_block in controller will check for uniqueness of username
60
+ get :test_create_from_provider_with_block, provider: 'facebook'
61
+ end
62
+ end
63
+ end
64
+
65
+ # ----------------- OAuth -----------------------
66
+ context "with OAuth features" do
67
+
68
+ let(:user) { double('user', id: 42) }
69
+
70
+ before(:each) do
71
+ stub_all_oauth2_requests!
72
+ end
73
+
74
+ after(:each) do
75
+ User.sorcery_adapter.delete_all
76
+ Authentication.sorcery_adapter.delete_all
77
+ end
78
+
79
+ context "when callback_url begin with /" do
80
+ before do
81
+ sorcery_controller_external_property_set(:facebook, :callback_url, "/oauth/twitter/callback")
82
+ end
83
+ it "login_at redirects correctly" do
84
+ get :login_at_test_facebook
85
+ expect(response).to be_a_redirect
86
+ expect(response).to redirect_to("https://graph.facebook.com/oauth/authorize?client_id=#{::Sorcery::Controller::Config.facebook.key}&display=page&redirect_uri=http%3A%2F%2Ftest.host%2Foauth%2Ftwitter%2Fcallback&response_type=code&scope=email%2Coffline_access&state=")
87
+ end
88
+ it "logins with state" do
89
+ get :login_at_test_with_state
90
+ expect(response).to be_a_redirect
91
+ expect(response).to redirect_to("https://graph.facebook.com/oauth/authorize?client_id=#{::Sorcery::Controller::Config.facebook.key}&display=page&redirect_uri=http%3A%2F%2Ftest.host%2Foauth%2Ftwitter%2Fcallback&response_type=code&scope=email%2Coffline_access&state=bla")
92
+ end
93
+ after do
94
+ sorcery_controller_external_property_set(:facebook, :callback_url, "http://blabla.com")
95
+ end
96
+ end
97
+
98
+ #this test can never pass because of the previous test (the callback url can't change anymore)
99
+ =begin
100
+ context "when callback_url begin with http://" do
101
+ it "login_at redirects correctly" do
102
+ create_new_user
103
+ get :login_at_test2
104
+ response.should be_a_redirect
105
+ response.should redirect_to("https://graph.facebook.com/oauth/authorize?response_type=code&client_id=#{::Sorcery::Controller::Config.facebook.key}&redirect_uri=http%3A%2F%2Fblabla.com&scope=email%2Coffline_access&display=page&state")
106
+ end
107
+ end
108
+ =end
109
+ it "'login_from' logins if user exists" do
110
+ # dirty hack for rails 4
111
+ allow(subject).to receive(:register_last_activity_time_to_db)
112
+
113
+ sorcery_model_property_set(:authentications_class, Authentication)
114
+ expect(User).to receive(:load_from_provider).with(:facebook, '123').and_return(user)
115
+ get :test_login_from_facebook
116
+
117
+ expect(flash[:notice]).to eq "Success!"
118
+ end
119
+
120
+ it "'login_from' fails if user doesn't exist" do
121
+ sorcery_model_property_set(:authentications_class, Authentication)
122
+ expect(User).to receive(:load_from_provider).with(:facebook, '123').and_return(nil)
123
+ get :test_login_from_facebook
124
+
125
+ expect(flash[:alert]).to eq "Failed!"
126
+ end
127
+
128
+ it "on successful login_from the user is redirected to the url he originally wanted" do
129
+ # dirty hack for rails 4
130
+ allow(subject).to receive(:register_last_activity_time_to_db)
131
+
132
+ sorcery_model_property_set(:authentications_class, Authentication)
133
+ expect(User).to receive(:load_from_provider).with(:facebook, '123').and_return(user)
134
+ get :test_return_to_with_external_facebook, {}, :return_to_url => "fuu"
135
+
136
+ expect(response).to redirect_to("fuu")
137
+ expect(flash[:notice]).to eq "Success!"
138
+ end
139
+
140
+ [:github, :google, :liveid, :vk, :salesforce].each do |provider|
141
+
142
+ describe "with #{provider}" do
143
+
144
+ it "login_at redirects correctly" do
145
+ get :"login_at_test_#{provider}"
146
+
147
+ expect(response).to be_a_redirect
148
+ expect(response).to redirect_to(provider_url provider)
149
+ end
150
+
151
+ it "'login_from' logins if user exists" do
152
+ # dirty hack for rails 4
153
+ allow(subject).to receive(:register_last_activity_time_to_db)
154
+
155
+ sorcery_model_property_set(:authentications_class, Authentication)
156
+ expect(User).to receive(:load_from_provider).with(provider, '123').and_return(user)
157
+ get :"test_login_from_#{provider}"
158
+
159
+ expect(flash[:notice]).to eq "Success!"
160
+ end
161
+
162
+ it "'login_from' fails if user doesn't exist" do
163
+ sorcery_model_property_set(:authentications_class, Authentication)
164
+ expect(User).to receive(:load_from_provider).with(provider, '123').and_return(nil)
165
+ get :"test_login_from_#{provider}"
166
+
167
+ expect(flash[:alert]).to eq "Failed!"
168
+ end
169
+
170
+ it "on successful login_from the user is redirected to the url he originally wanted (#{provider})" do
171
+ # dirty hack for rails 4
172
+ allow(subject).to receive(:register_last_activity_time_to_db)
173
+
174
+ sorcery_model_property_set(:authentications_class, Authentication)
175
+ expect(User).to receive(:load_from_provider).with(provider, '123').and_return(user)
176
+ get :"test_return_to_with_external_#{provider}", {}, :return_to_url => "fuu"
177
+
178
+ expect(response).to redirect_to "fuu"
179
+ expect(flash[:notice]).to eq "Success!"
180
+ end
181
+ end
182
+ end
183
+
184
+ end
185
+
186
+ describe "OAuth with User Activation features" do
187
+ before(:all) do
188
+ if SORCERY_ORM == :active_record
189
+ ActiveRecord::Migrator.migrate("#{Rails.root}/db/migrate/activation")
190
+ end
191
+
192
+ sorcery_reload!([:user_activation,:external], :user_activation_mailer => ::SorceryMailer)
193
+ sorcery_controller_property_set(:external_providers, [:facebook, :github, :google, :liveid, :vk, :salesforce])
194
+
195
+ sorcery_controller_external_property_set(:facebook, :key, "eYVNBjBDi33aa9GkA3w")
196
+ sorcery_controller_external_property_set(:facebook, :secret, "XpbeSdCoaKSmQGSeokz5qcUATClRW5u08QWNfv71N8")
197
+ sorcery_controller_external_property_set(:facebook, :callback_url, "http://blabla.com")
198
+ sorcery_controller_external_property_set(:github, :key, "eYVNBjBDi33aa9GkA3w")
199
+ sorcery_controller_external_property_set(:github, :secret, "XpbeSdCoaKSmQGSeokz5qcUATClRW5u08QWNfv71N8")
200
+ sorcery_controller_external_property_set(:github, :callback_url, "http://blabla.com")
201
+ sorcery_controller_external_property_set(:google, :key, "eYVNBjBDi33aa9GkA3w")
202
+ sorcery_controller_external_property_set(:google, :secret, "XpbeSdCoaKSmQGSeokz5qcUATClRW5u08QWNfv71N8")
203
+ sorcery_controller_external_property_set(:google, :callback_url, "http://blabla.com")
204
+ sorcery_controller_external_property_set(:liveid, :key, "eYVNBjBDi33aa9GkA3w")
205
+ sorcery_controller_external_property_set(:liveid, :secret, "XpbeSdCoaKSmQGSeokz5qcUATClRW5u08QWNfv71N8")
206
+ sorcery_controller_external_property_set(:liveid, :callback_url, "http://blabla.com")
207
+ sorcery_controller_external_property_set(:vk, :key, "eYVNBjBDi33aa9GkA3w")
208
+ sorcery_controller_external_property_set(:vk, :secret, "XpbeSdCoaKSmQGSeokz5qcUATClRW5u08QWNfv71N8")
209
+ sorcery_controller_external_property_set(:vk, :callback_url, "http://blabla.com")
210
+ sorcery_controller_external_property_set(:salesforce, :key, "eYVNBjBDi33aa9GkA3w")
211
+ sorcery_controller_external_property_set(:salesforce, :secret, "XpbeSdCoaKSmQGSeokz5qcUATClRW5u08QWNfv71N8")
212
+ sorcery_controller_external_property_set(:salesforce, :callback_url, "http://blabla.com")
213
+ end
214
+
215
+ after(:all) do
216
+ if SORCERY_ORM == :active_record
217
+ ActiveRecord::Migrator.rollback("#{Rails.root}/db/migrate/activation")
218
+ end
219
+ end
220
+
221
+ after(:each) do
222
+ User.sorcery_adapter.delete_all
223
+ end
224
+
225
+ it "does not send activation email to external users" do
226
+ old_size = ActionMailer::Base.deliveries.size
227
+ create_new_external_user(:facebook)
228
+
229
+ expect(ActionMailer::Base.deliveries.size).to eq old_size
230
+ end
231
+
232
+ it "does not send external users an activation success email" do
233
+ sorcery_model_property_set(:activation_success_email_method_name, nil)
234
+ create_new_external_user(:facebook)
235
+ old_size = ActionMailer::Base.deliveries.size
236
+ @user.activate!
237
+
238
+ expect(ActionMailer::Base.deliveries.size).to eq old_size
239
+ end
240
+
241
+ [:github, :google, :liveid, :vk, :salesforce].each do |provider|
242
+ it "does not send activation email to external users (#{provider})" do
243
+ old_size = ActionMailer::Base.deliveries.size
244
+ create_new_external_user provider
245
+ expect(ActionMailer::Base.deliveries.size).to eq old_size
246
+ end
247
+
248
+ it "does not send external users an activation success email (#{provider})" do
249
+ sorcery_model_property_set(:activation_success_email_method_name, nil)
250
+ create_new_external_user provider
251
+ old_size = ActionMailer::Base.deliveries.size
252
+ @user.activate!
253
+ end
254
+ end
255
+ end
256
+
257
+ describe "OAuth with user activation features" do
258
+
259
+ let(:user) { double('user', id: 42) }
260
+
261
+ before(:all) do
262
+ sorcery_reload!([:activity_logging, :external])
263
+ end
264
+
265
+ after(:all) do
266
+ if SORCERY_ORM == :active_record
267
+ ActiveRecord::Migrator.rollback("#{Rails.root}/db/migrate/external")
268
+ ActiveRecord::Migrator.rollback("#{Rails.root}/db/migrate/activity_logging")
269
+ end
270
+ end
271
+
272
+ %w(facebook github google liveid vk salesforce).each do |provider|
273
+ context "when #{provider}" do
274
+ before(:each) do
275
+ sorcery_controller_property_set(:register_login_time, true)
276
+ sorcery_controller_property_set(:register_logout_time, false)
277
+ sorcery_controller_property_set(:register_last_activity_time, false)
278
+ sorcery_controller_property_set(:register_last_ip_address, false)
279
+ stub_all_oauth2_requests!
280
+ sorcery_model_property_set(:authentications_class, Authentication)
281
+ end
282
+
283
+ it "registers login time" do
284
+ now = Time.now.in_time_zone
285
+ Timecop.freeze(now)
286
+ expect(User).to receive(:load_from_provider).and_return(user)
287
+ expect(user).to receive(:set_last_login_at).with(be_within(0.1).of(now))
288
+ get "test_login_from_#{provider}".to_sym
289
+ Timecop.return
290
+ end
291
+
292
+ it "does not register login time if configured so" do
293
+ sorcery_controller_property_set(:register_login_time, false)
294
+ now = Time.now.in_time_zone
295
+ Timecop.freeze(now)
296
+ expect(User).to receive(:load_from_provider).and_return(user)
297
+ expect(user).to receive(:set_last_login_at).never
298
+ get "test_login_from_#{provider}".to_sym
299
+
300
+ end
301
+ end
302
+ end
303
+ end
304
+
305
+ describe "OAuth with session timeout features" do
306
+ before(:all) do
307
+ sorcery_reload!([:session_timeout, :external])
308
+ end
309
+
310
+ let(:user) { double('user', id: 42) }
311
+
312
+ %w(facebook github google liveid vk salesforce).each do |provider|
313
+ context "when #{provider}" do
314
+ before(:each) do
315
+ sorcery_model_property_set(:authentications_class, Authentication)
316
+ sorcery_controller_property_set(:session_timeout,0.5)
317
+ stub_all_oauth2_requests!
318
+ end
319
+
320
+ after(:each) do
321
+ Timecop.return
322
+ end
323
+
324
+ it "does not reset session before session timeout" do
325
+ expect(User).to receive(:load_from_provider).with(provider.to_sym, '123').and_return(user)
326
+ get "test_login_from_#{provider}".to_sym
327
+
328
+ expect(session[:user_id]).not_to be_nil
329
+ expect(flash[:notice]).to eq "Success!"
330
+ end
331
+
332
+ it "resets session after session timeout" do
333
+ expect(User).to receive(:load_from_provider).with(provider.to_sym, '123').and_return(user)
334
+ get "test_login_from_#{provider}".to_sym
335
+ expect(session[:user_id]).to eq "42"
336
+ Timecop.travel(Time.now.in_time_zone+0.6)
337
+ get :test_should_be_logged_in
338
+
339
+ expect(session[:user_id]).to be_nil
340
+ expect(response).to be_a_redirect
341
+ end
342
+ end
343
+ end
344
+ end
345
+
346
+ def stub_all_oauth2_requests!
347
+ access_token = double(OAuth2::AccessToken)
348
+ allow(access_token).to receive(:token_param=)
349
+ response = double(OAuth2::Response)
350
+ allow(response).to receive(:body) { {
351
+ "id"=>"123",
352
+ "user_id"=>"123", # Needed for Salesforce
353
+ "name"=>"Noam Ben Ari",
354
+ "first_name"=>"Noam",
355
+ "last_name"=>"Ben Ari",
356
+ "link"=>"http://www.facebook.com/nbenari1",
357
+ "hometown"=>{"id"=>"110619208966868", "name"=>"Haifa, Israel"},
358
+ "location"=>{"id"=>"106906559341067", "name"=>"Pardes Hanah, Hefa, Israel"},
359
+ "bio"=>"I'm a new daddy, and enjoying it!",
360
+ "gender"=>"male",
361
+ "email"=>"nbenari@gmail.com",
362
+ "timezone"=>2,
363
+ "locale"=>"en_US",
364
+ "languages"=>[{"id"=>"108405449189952", "name"=>"Hebrew"}, {"id"=>"106059522759137", "name"=>"English"}, {"id"=>"112624162082677", "name"=>"Russian"}],
365
+ "verified"=>true,
366
+ "updated_time"=>"2011-02-16T20:59:38+0000",
367
+ # response for VK auth
368
+ "response"=>[
369
+ {
370
+ "uid"=>"123",
371
+ "first_name"=>"Noam",
372
+ "last_name"=>"Ben Ari"
373
+ }
374
+ ]}.to_json }
375
+ allow(access_token).to receive(:get) { response }
376
+ allow(access_token).to receive(:token) { "187041a618229fdaf16613e96e1caabc1e86e46bbfad228de41520e63fe45873684c365a14417289599f3" }
377
+ # access_token params for VK auth
378
+ allow(access_token).to receive(:params) { { "user_id"=>"100500", "email"=>"nbenari@gmail.com" } }
379
+ allow_any_instance_of(OAuth2::Strategy::AuthCode).to receive(:get_token) { access_token }
380
+ end
381
+
382
+ def set_external_property
383
+ sorcery_controller_property_set(:external_providers, [:facebook, :github, :google, :liveid, :vk, :salesforce])
384
+ sorcery_controller_external_property_set(:facebook, :key, "eYVNBjBDi33aa9GkA3w")
385
+ sorcery_controller_external_property_set(:facebook, :secret, "XpbeSdCoaKSmQGSeokz5qcUATClRW5u08QWNfv71N8")
386
+ sorcery_controller_external_property_set(:facebook, :callback_url, "http://blabla.com")
387
+ sorcery_controller_external_property_set(:github, :key, "eYVNBjBDi33aa9GkA3w")
388
+ sorcery_controller_external_property_set(:github, :secret, "XpbeSdCoaKSmQGSeokz5qcUATClRW5u08QWNfv71N8")
389
+ sorcery_controller_external_property_set(:github, :callback_url, "http://blabla.com")
390
+ sorcery_controller_external_property_set(:google, :key, "eYVNBjBDi33aa9GkA3w")
391
+ sorcery_controller_external_property_set(:google, :secret, "XpbeSdCoaKSmQGSeokz5qcUATClRW5u08QWNfv71N8")
392
+ sorcery_controller_external_property_set(:google, :callback_url, "http://blabla.com")
393
+ sorcery_controller_external_property_set(:liveid, :key, "eYVNBjBDi33aa9GkA3w")
394
+ sorcery_controller_external_property_set(:liveid, :secret, "XpbeSdCoaKSmQGSeokz5qcUATClRW5u08QWNfv71N8")
395
+ sorcery_controller_external_property_set(:liveid, :callback_url, "http://blabla.com")
396
+ sorcery_controller_external_property_set(:vk, :key, "eYVNBjBDi33aa9GkA3w")
397
+ sorcery_controller_external_property_set(:vk, :secret, "XpbeSdCoaKSmQGSeokz5qcUATClRW5u08QWNfv71N8")
398
+ sorcery_controller_external_property_set(:vk, :callback_url, "http://blabla.com")
399
+ sorcery_controller_external_property_set(:salesforce, :key, "eYVNBjBDi33aa9GkA3w")
400
+ sorcery_controller_external_property_set(:salesforce, :secret, "XpbeSdCoaKSmQGSeokz5qcUATClRW5u08QWNfv71N8")
401
+ sorcery_controller_external_property_set(:salesforce, :callback_url, "http://blabla.com")
402
+ end
403
+
404
+ def provider_url(provider)
405
+ {
406
+ github: "https://github.com/login/oauth/authorize?client_id=#{::Sorcery::Controller::Config.github.key}&display=&redirect_uri=http%3A%2F%2Fblabla.com&response_type=code&scope=&state=",
407
+ google: "https://accounts.google.com/o/oauth2/auth?client_id=#{::Sorcery::Controller::Config.google.key}&display=&redirect_uri=http%3A%2F%2Fblabla.com&response_type=code&scope=https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fuserinfo.email+https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fuserinfo.profile&state=",
408
+ liveid: "https://oauth.live.com/authorize?client_id=#{::Sorcery::Controller::Config.liveid.key}&display=&redirect_uri=http%3A%2F%2Fblabla.com&response_type=code&scope=wl.basic+wl.emails+wl.offline_access&state=",
409
+ vk: "https://oauth.vk.com/authorize?client_id=#{::Sorcery::Controller::Config.vk.key}&display=&redirect_uri=http%3A%2F%2Fblabla.com&response_type=code&scope=#{::Sorcery::Controller::Config.vk.scope}&state=",
410
+ salesforce: "https://login.salesforce.com/services/oauth2/authorize?client_id=#{::Sorcery::Controller::Config.salesforce.key}&display=&redirect_uri=http%3A%2F%2Fblabla.com&response_type=code&scope=#{::Sorcery::Controller::Config.salesforce.scope}&state="
411
+ }[provider]
412
+ end
413
+ end
414
+
@@ -0,0 +1,240 @@
1
+ require 'spec_helper'
2
+
3
+ # require 'shared_examples/controller_oauth_shared_examples'
4
+ require 'ostruct'
5
+
6
+ def stub_all_oauth_requests!
7
+ consumer = OAuth::Consumer.new("key","secret", :site => "http://myapi.com")
8
+ req_token = OAuth::RequestToken.new(consumer)
9
+ acc_token = OAuth::AccessToken.new(consumer)
10
+
11
+ response = OpenStruct.new()
12
+ response.body = {"following"=>false, "listed_count"=>0, "profile_link_color"=>"0084B4", "profile_image_url"=>"http://a1.twimg.com/profile_images/536178575/noamb_normal.jpg", "description"=>"Programmer/Heavy Metal Fan/New Father", "status"=>{"text"=>"coming soon to sorcery gem: twitter and facebook authentication support.", "truncated"=>false, "favorited"=>false, "source"=>"web", "geo"=>nil, "in_reply_to_screen_name"=>nil, "in_reply_to_user_id"=>nil, "in_reply_to_status_id_str"=>nil, "created_at"=>"Sun Mar 06 23:01:12 +0000 2011", "contributors"=>nil, "place"=>nil, "retweeted"=>false, "in_reply_to_status_id"=>nil, "in_reply_to_user_id_str"=>nil, "coordinates"=>nil, "retweet_count"=>0, "id"=>44533012284706816, "id_str"=>"44533012284706816"}, "show_all_inline_media"=>false, "geo_enabled"=>true, "profile_sidebar_border_color"=>"a8c7f7", "url"=>nil, "followers_count"=>10, "screen_name"=>"nbenari", "profile_use_background_image"=>true, "location"=>"Israel", "statuses_count"=>25, "profile_background_color"=>"022330", "lang"=>"en", "verified"=>false, "notifications"=>false, "profile_background_image_url"=>"http://a3.twimg.com/profile_background_images/104087198/04042010339.jpg", "favourites_count"=>5, "created_at"=>"Fri Nov 20 21:58:19 +0000 2009", "is_translator"=>false, "contributors_enabled"=>false, "protected"=>false, "follow_request_sent"=>false, "time_zone"=>"Greenland", "profile_text_color"=>"333333", "name"=>"Noam Ben Ari", "friends_count"=>10, "profile_sidebar_fill_color"=>"C0DFEC", "id"=>123, "id_str"=>"91434812", "profile_background_tile"=>false, "utc_offset"=>-10800}.to_json
13
+
14
+ session[:request_token] = req_token.token
15
+ session[:request_token_secret] = req_token.secret
16
+
17
+ allow(OAuth::Consumer).to receive(:new) { consumer }
18
+ allow(consumer).to receive(:get_request_token) { req_token }
19
+ allow(req_token).to receive(:get_access_token) { acc_token }
20
+ allow(OAuth::RequestToken).to receive(:new) { req_token }
21
+ allow(acc_token).to receive(:get) { response }
22
+ end
23
+
24
+ describe SorceryController do
25
+
26
+ let(:user) { double('user', id: 42) }
27
+
28
+ before(:all) do
29
+ sorcery_reload!([:external])
30
+ sorcery_controller_property_set(:external_providers, [:twitter, :jira])
31
+ sorcery_controller_external_property_set(:twitter, :key, "eYVNBjBDi33aa9GkA3w")
32
+ sorcery_controller_external_property_set(:twitter, :secret, "XpbeSdCoaKSmQGSeokz5qcUATClRW5u08QWNfv71N8")
33
+ sorcery_controller_external_property_set(:twitter, :callback_url, "http://blabla.com")
34
+
35
+ sorcery_controller_external_property_set(:jira, :key, "7810b8e317ebdc81601c72f8daecc0f1")
36
+ sorcery_controller_external_property_set(:jira, :secret, "MyAppUsingJira")
37
+ sorcery_controller_external_property_set(:jira, :site, "http://jira.mycompany.com/plugins/servlet/oauth")
38
+ sorcery_controller_external_property_set(:jira, :signature_method, "RSA-SHA1")
39
+ sorcery_controller_external_property_set(:jira, :private_key_file, "myrsakey.pem")
40
+ sorcery_controller_external_property_set(:jira, :callback_url, "http://myappusingjira.com/home")
41
+ end
42
+
43
+ # ----------------- OAuth -----------------------
44
+ describe SorceryController, "'using external API to login'" do
45
+
46
+ before(:each) do
47
+ stub_all_oauth_requests!
48
+ end
49
+
50
+ context "when callback_url begin with /" do
51
+ before do
52
+ sorcery_controller_external_property_set(:twitter, :callback_url, "/oauth/twitter/callback")
53
+ end
54
+ it "login_at redirects correctly" do
55
+ get :login_at_test
56
+ expect(response).to be_a_redirect
57
+ expect(response).to redirect_to("http://myapi.com/oauth/authorize?oauth_callback=http%3A%2F%2Ftest.host%2Foauth%2Ftwitter%2Fcallback&oauth_token=")
58
+ end
59
+ after do
60
+ sorcery_controller_external_property_set(:twitter, :callback_url, "http://blabla.com")
61
+ end
62
+ end
63
+
64
+ context "when callback_url begin with http://" do
65
+ it "login_at redirects correctly", pending: true do
66
+ get :login_at_test
67
+ expect(response).to be_a_redirect
68
+ expect(response).to redirect_to("http://myapi.com/oauth/authorize?oauth_callback=http%3A%2F%2Fblabla.com&oauth_token=")
69
+ end
70
+ end
71
+
72
+ it "logins if user exists" do
73
+ expect(User).to receive(:load_from_provider).with(:twitter, '123').and_return(user)
74
+
75
+ get :test_login_from, :oauth_verifier => "blablaRERASDFcxvSDFA"
76
+ expect(flash[:notice]).to eq "Success!"
77
+ end
78
+
79
+ it "'login_from' fails if user doesn't exist" do
80
+ expect(User).to receive(:load_from_provider).with(:twitter, '123').and_return(nil)
81
+
82
+ get :test_login_from, :oauth_verifier => "blablaRERASDFcxvSDFA"
83
+ expect(flash[:alert]).to eq "Failed!"
84
+ end
85
+
86
+ it "on successful 'login_from' the user is redirected to the url he originally wanted" do
87
+ expect(User).to receive(:load_from_provider).with(:twitter, '123').and_return(user)
88
+ get :test_return_to_with_external, {}, :return_to_url => "fuu"
89
+ expect(response).to redirect_to("fuu")
90
+ expect(flash[:notice]).to eq "Success!"
91
+ end
92
+
93
+ context "when jira" do
94
+ it "user logins successfully" do
95
+ get :login_at_test_jira
96
+ expect(session[:request_token]).not_to be_nil
97
+ expect(response).to be_a_redirect
98
+ end
99
+ end
100
+
101
+ end
102
+
103
+ describe SorceryController do
104
+ describe "using 'create_from'" do
105
+ before(:each) do
106
+ stub_all_oauth_requests!
107
+ end
108
+
109
+ it "creates a new user" do
110
+ sorcery_controller_external_property_set(:twitter, :user_info_mapping, {:username => "screen_name"})
111
+ expect(User).to receive(:load_from_provider).with('twitter', '123').and_return(nil)
112
+ expect(User).to receive(:create_from_provider).with('twitter', '123', {username: 'nbenari'}).and_return(user)
113
+
114
+ get :test_create_from_provider, :provider => "twitter"
115
+ end
116
+
117
+ it "supports nested attributes" do
118
+ sorcery_controller_external_property_set(:twitter, :user_info_mapping, {:username => "status/text"})
119
+ expect(User).to receive(:load_from_provider).with('twitter', '123').and_return(nil)
120
+ expect(User).to receive(:create_from_provider).with('twitter', '123', {username: 'coming soon to sorcery gem: twitter and facebook authentication support.'}).and_return(user)
121
+
122
+ get :test_create_from_provider, :provider => "twitter"
123
+ end
124
+
125
+ it "does not crash on missing nested attributes" do
126
+ sorcery_controller_external_property_set(:twitter, :user_info_mapping, {:username => "status/text", :created_at => "does/not/exist"})
127
+ expect(User).to receive(:load_from_provider).with('twitter', '123').and_return(nil)
128
+ expect(User).to receive(:create_from_provider).with('twitter', '123', {username: 'coming soon to sorcery gem: twitter and facebook authentication support.'}).and_return(user)
129
+
130
+ get :test_create_from_provider, :provider => "twitter"
131
+ end
132
+
133
+ it "binds new provider" do
134
+ sorcery_model_property_set(:authentications_class, UserProvider)
135
+
136
+ allow(user).to receive_message_chain(:sorcery_config, :username_attribute_names, :first) { :username }
137
+ allow(user).to receive(:username).and_return('bla@bla.com')
138
+ login_user(user)
139
+
140
+ expect(user).to receive(:add_provider_to_user).with('twitter', '123')
141
+ get :test_add_second_provider, :provider => "twitter"
142
+ end
143
+
144
+ describe "with a block" do
145
+ it "does not create user" do
146
+ sorcery_model_property_set(:authentications_class, Authentication)
147
+ sorcery_controller_external_property_set(:twitter, :user_info_mapping, {:username => "screen_name"})
148
+
149
+ u = double('user')
150
+ expect(User).to receive(:load_from_provider).with('twitter', '123').and_return(nil)
151
+ expect(User).to receive(:create_from_provider).with('twitter', '123', {username: 'nbenari'}).and_return(u).and_yield(u)
152
+
153
+ get :test_create_from_provider_with_block, :provider => "twitter"
154
+ end
155
+
156
+ end
157
+ end
158
+ end
159
+
160
+ describe SorceryController, "OAuth with user activation features" do
161
+ before(:all) do
162
+ sorcery_reload!([:activity_logging, :external])
163
+ end
164
+
165
+ context "when twitter" do
166
+ before(:each) do
167
+ sorcery_controller_property_set(:register_login_time, true)
168
+ sorcery_controller_property_set(:register_logout_time, false)
169
+ sorcery_controller_property_set(:register_last_activity_time, false)
170
+ sorcery_controller_property_set(:register_last_ip_address, false)
171
+ stub_all_oauth_requests!
172
+ end
173
+
174
+ it "registers login time" do
175
+ now = Time.now.in_time_zone
176
+ Timecop.freeze(now)
177
+ expect(User).to receive(:load_from_provider).and_return(user)
178
+ expect(user).to receive(:set_last_login_at).with(be_within(0.1).of(now))
179
+ get :test_login_from
180
+ Timecop.return
181
+ end
182
+
183
+ it "does not register login time if configured so" do
184
+ sorcery_controller_property_set(:register_login_time, false)
185
+ now = Time.now.in_time_zone
186
+ Timecop.freeze(now)
187
+ expect(User).to receive(:load_from_provider).and_return(user)
188
+ expect(user).to receive(:set_last_login_at).never
189
+ get :test_login_from
190
+ Timecop.return
191
+ end
192
+ end
193
+ end
194
+
195
+ describe SorceryController, "OAuth with session timeout features" do
196
+ before(:all) do
197
+ if SORCERY_ORM == :active_record
198
+ ActiveRecord::Migrator.migrate("#{Rails.root}/db/migrate/external")
199
+ User.reset_column_information
200
+ end
201
+
202
+ sorcery_reload!([:session_timeout, :external])
203
+ end
204
+
205
+ after(:all) do
206
+ if SORCERY_ORM == :active_record
207
+ ActiveRecord::Migrator.rollback("#{Rails.root}/db/migrate/external")
208
+ end
209
+ end
210
+
211
+ context "when twitter" do
212
+ before(:each) do
213
+ sorcery_model_property_set(:authentications_class, Authentication)
214
+ sorcery_controller_property_set(:session_timeout,0.5)
215
+ stub_all_oauth_requests!
216
+ end
217
+
218
+ after(:each) do
219
+ Timecop.return
220
+ end
221
+
222
+ it "does not reset session before session timeout" do
223
+ expect(User).to receive(:load_from_provider).with(:twitter, '123').and_return(user)
224
+ get :test_login_from
225
+
226
+ expect(session[:user_id]).not_to be_nil
227
+ expect(flash[:notice]).to eq "Success!"
228
+ end
229
+
230
+ it "resets session after session timeout" do
231
+ get :test_login_from
232
+ Timecop.travel(Time.now.in_time_zone+0.6)
233
+ get :test_should_be_logged_in
234
+
235
+ expect(session[:user_id]).to be_nil
236
+ expect(response).to be_a_redirect
237
+ end
238
+ end
239
+ end
240
+ end