sorcery 0.8.1 → 0.9.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +7 -0
- data/.gitignore +56 -0
- data/.travis.yml +130 -1
- data/CHANGELOG.md +279 -0
- data/Gemfile +18 -23
- data/README.md +372 -0
- data/Rakefile +3 -78
- data/gemfiles/active_record-rails40.gemfile +7 -0
- data/gemfiles/active_record-rails41.gemfile +7 -0
- data/gemfiles/mongo_mapper-rails40.gemfile +9 -0
- data/gemfiles/mongo_mapper-rails41.gemfile +9 -0
- data/gemfiles/mongoid-rails40.gemfile +9 -0
- data/gemfiles/mongoid-rails41.gemfile +9 -0
- data/gemfiles/mongoid3-rails32.gemfile +9 -0
- data/lib/generators/sorcery/USAGE +1 -1
- data/lib/generators/sorcery/helpers.rb +40 -0
- data/lib/generators/sorcery/install_generator.rb +38 -20
- data/lib/generators/sorcery/templates/initializer.rb +53 -16
- data/lib/generators/sorcery/templates/migration/activity_logging.rb +3 -10
- data/lib/generators/sorcery/templates/migration/brute_force_protection.rb +3 -7
- data/lib/generators/sorcery/templates/migration/core.rb +5 -8
- data/lib/generators/sorcery/templates/migration/external.rb +3 -5
- data/lib/generators/sorcery/templates/migration/remember_me.rb +2 -9
- data/lib/generators/sorcery/templates/migration/reset_password.rb +2 -10
- data/lib/generators/sorcery/templates/migration/user_activation.rb +2 -10
- data/lib/sorcery/adapters/active_record_adapter.rb +120 -0
- data/lib/sorcery/adapters/base_adapter.rb +30 -0
- data/lib/sorcery/adapters/data_mapper_adapter.rb +176 -0
- data/lib/sorcery/adapters/mongo_mapper_adapter.rb +110 -0
- data/lib/sorcery/adapters/mongoid_adapter.rb +97 -0
- data/lib/sorcery/controller/config.rb +65 -0
- data/lib/sorcery/controller/submodules/activity_logging.rb +27 -21
- data/lib/sorcery/controller/submodules/brute_force_protection.rb +6 -6
- data/lib/sorcery/controller/submodules/external.rb +107 -75
- data/lib/sorcery/controller/submodules/remember_me.rb +5 -5
- data/lib/sorcery/controller/submodules/session_timeout.rb +11 -7
- data/lib/sorcery/controller.rb +27 -76
- data/lib/sorcery/model/config.rb +96 -0
- data/lib/sorcery/model/submodules/activity_logging.rb +32 -12
- data/lib/sorcery/model/submodules/brute_force_protection.rb +36 -36
- data/lib/sorcery/model/submodules/external.rb +53 -9
- data/lib/sorcery/model/submodules/remember_me.rb +15 -19
- data/lib/sorcery/model/submodules/reset_password.rb +36 -33
- data/lib/sorcery/model/submodules/user_activation.rb +51 -48
- data/lib/sorcery/model/temporary_token.rb +4 -4
- data/lib/sorcery/model.rb +85 -175
- data/lib/sorcery/protocols/oauth.rb +42 -0
- data/lib/sorcery/protocols/oauth2.rb +47 -0
- data/lib/sorcery/providers/base.rb +38 -0
- data/lib/sorcery/providers/facebook.rb +74 -0
- data/lib/sorcery/providers/github.rb +60 -0
- data/lib/sorcery/providers/google.rb +51 -0
- data/lib/sorcery/providers/heroku.rb +57 -0
- data/lib/sorcery/providers/jira.rb +77 -0
- data/lib/sorcery/providers/linkedin.rb +66 -0
- data/lib/sorcery/providers/liveid.rb +53 -0
- data/lib/sorcery/providers/salesforce.rb +50 -0
- data/lib/sorcery/providers/twitter.rb +59 -0
- data/lib/sorcery/providers/vk.rb +63 -0
- data/lib/sorcery/providers/xing.rb +64 -0
- data/lib/sorcery/railties/tasks.rake +1 -7
- data/lib/sorcery/test_helpers/internal/rails.rb +17 -6
- data/lib/sorcery/test_helpers/internal.rb +27 -6
- data/lib/sorcery/test_helpers/rails/controller.rb +21 -0
- data/lib/sorcery/test_helpers/rails/integration.rb +26 -0
- data/lib/sorcery/version.rb +3 -0
- data/lib/sorcery.rb +83 -57
- data/sorcery.gemspec +24 -363
- data/spec/active_record/user_activation_spec.rb +18 -0
- data/spec/active_record/user_activity_logging_spec.rb +17 -0
- data/spec/{rails3/spec → active_record}/user_brute_force_protection_spec.rb +6 -5
- data/spec/{rails3/spec → active_record}/user_oauth_spec.rb +6 -5
- data/spec/{rails3/spec → active_record}/user_remember_me_spec.rb +5 -4
- data/spec/{rails3/spec → active_record}/user_reset_password_spec.rb +7 -7
- data/spec/active_record/user_spec.rb +37 -0
- data/spec/controllers/controller_activity_logging_spec.rb +124 -0
- data/spec/controllers/controller_brute_force_protection_spec.rb +43 -0
- data/spec/controllers/controller_http_basic_auth_spec.rb +68 -0
- data/spec/controllers/controller_oauth2_spec.rb +429 -0
- data/spec/controllers/controller_oauth_spec.rb +240 -0
- data/spec/controllers/controller_remember_me_spec.rb +117 -0
- data/spec/controllers/controller_session_timeout_spec.rb +80 -0
- data/spec/controllers/controller_spec.rb +218 -0
- data/spec/data_mapper/user_activation_spec.rb +10 -0
- data/spec/data_mapper/user_activity_logging_spec.rb +14 -0
- data/spec/data_mapper/user_brute_force_protection_spec.rb +9 -0
- data/spec/data_mapper/user_oauth_spec.rb +9 -0
- data/spec/data_mapper/user_remember_me_spec.rb +8 -0
- data/spec/data_mapper/user_reset_password_spec.rb +8 -0
- data/spec/data_mapper/user_spec.rb +27 -0
- data/spec/mongo_mapper/user_activation_spec.rb +9 -0
- data/spec/mongo_mapper/user_activity_logging_spec.rb +8 -0
- data/spec/mongo_mapper/user_brute_force_protection_spec.rb +8 -0
- data/spec/mongo_mapper/user_oauth_spec.rb +8 -0
- data/spec/mongo_mapper/user_remember_me_spec.rb +8 -0
- data/spec/mongo_mapper/user_reset_password_spec.rb +8 -0
- data/spec/mongo_mapper/user_spec.rb +37 -0
- data/spec/mongoid/user_activation_spec.rb +9 -0
- data/spec/mongoid/user_activity_logging_spec.rb +8 -0
- data/spec/mongoid/user_brute_force_protection_spec.rb +8 -0
- data/spec/mongoid/user_oauth_spec.rb +8 -0
- data/spec/mongoid/user_remember_me_spec.rb +8 -0
- data/spec/mongoid/user_reset_password_spec.rb +8 -0
- data/spec/mongoid/user_spec.rb +51 -0
- data/spec/orm/active_record.rb +21 -0
- data/spec/orm/data_mapper.rb +48 -0
- data/spec/orm/mongo_mapper.rb +10 -0
- data/spec/orm/mongoid.rb +22 -0
- data/spec/{rails3/app/models → rails_app/app/active_record}/user.rb +1 -2
- data/spec/rails_app/app/active_record/user_provider.rb +3 -0
- data/spec/rails_app/app/controllers/sorcery_controller.rb +285 -0
- data/spec/rails_app/app/data_mapper/authentication.rb +8 -0
- data/spec/rails_app/app/data_mapper/user.rb +7 -0
- data/spec/{rails3_mongo_mapper/app/models → rails_app/app/mongo_mapper}/user.rb +2 -0
- data/spec/{rails3_mongoid/app/models → rails_app/app/mongoid}/user.rb +2 -0
- data/spec/rails_app/app/views/sorcery_mailer/send_unlock_token_email.text.erb +1 -0
- data/spec/{rails3_mongo_mapper → rails_app}/config/application.rb +13 -8
- data/spec/rails_app/config/boot.rb +4 -0
- data/spec/rails_app/config/database.yml +22 -0
- data/spec/{rails3_mongo_mapper → rails_app}/config/environments/test.rb +2 -0
- data/spec/{rails3_mongoid → rails_app}/config/initializers/session_store.rb +4 -0
- data/spec/rails_app/config/routes.rb +51 -0
- data/spec/{rails3_mongo_mapper → rails_app}/config.ru +1 -1
- data/spec/{rails3 → rails_app}/db/migrate/activation/20101224223622_add_activation_to_users.rb +3 -3
- data/spec/{rails3 → rails_app}/db/migrate/activity_logging/20101224223624_add_activity_logging_to_users.rb +2 -0
- data/spec/{rails3 → rails_app}/db/migrate/core/20101224223620_create_users.rb +2 -2
- data/spec/rails_app/db/migrate/external/20101224223628_create_authentications_and_user_providers.rb +22 -0
- data/spec/rails_app/log/development.log +1791 -0
- data/spec/shared_examples/user_activation_shared_examples.rb +137 -98
- data/spec/shared_examples/user_activity_logging_shared_examples.rb +86 -13
- data/spec/shared_examples/user_brute_force_protection_shared_examples.rb +140 -21
- data/spec/shared_examples/user_oauth_shared_examples.rb +21 -16
- data/spec/shared_examples/user_remember_me_shared_examples.rb +36 -24
- data/spec/shared_examples/user_reset_password_shared_examples.rb +163 -130
- data/spec/shared_examples/user_shared_examples.rb +370 -195
- data/spec/sorcery_crypto_providers_spec.rb +74 -72
- data/spec/spec_helper.rb +32 -4
- metadata +259 -425
- data/Gemfile.lock +0 -192
- data/README.rdoc +0 -261
- data/VERSION +0 -1
- data/lib/sorcery/controller/submodules/external/protocols/oauth1.rb +0 -35
- data/lib/sorcery/controller/submodules/external/protocols/oauth2.rb +0 -45
- data/lib/sorcery/controller/submodules/external/providers/facebook.rb +0 -97
- data/lib/sorcery/controller/submodules/external/providers/github.rb +0 -91
- data/lib/sorcery/controller/submodules/external/providers/google.rb +0 -90
- data/lib/sorcery/controller/submodules/external/providers/linkedin.rb +0 -101
- data/lib/sorcery/controller/submodules/external/providers/liveid.rb +0 -91
- data/lib/sorcery/controller/submodules/external/providers/twitter.rb +0 -92
- data/lib/sorcery/controller/submodules/external/providers/vk.rb +0 -99
- data/lib/sorcery/model/adapters/active_record.rb +0 -49
- data/lib/sorcery/model/adapters/mongo_mapper.rb +0 -56
- data/lib/sorcery/model/adapters/mongoid.rb +0 -88
- data/lib/sorcery/test_helpers/rails.rb +0 -16
- data/lib/sorcery/test_helpers.rb +0 -5
- data/spec/Gemfile +0 -12
- data/spec/Gemfile.lock +0 -129
- data/spec/README.md +0 -31
- data/spec/Rakefile +0 -12
- data/spec/rails3/.gitignore +0 -4
- data/spec/rails3/.rspec +0 -1
- data/spec/rails3/Gemfile +0 -15
- data/spec/rails3/Gemfile.lock +0 -162
- data/spec/rails3/README +0 -256
- data/spec/rails3/Rakefile +0 -11
- data/spec/rails3/app/controllers/application_controller.rb +0 -208
- data/spec/rails3/app/views/sorcery_mailer/send_unlock_token_email.text.erb +0 -1
- data/spec/rails3/config/application.rb +0 -46
- data/spec/rails3/config/boot.rb +0 -13
- data/spec/rails3/config/database.yml +0 -27
- data/spec/rails3/config/environments/development.rb +0 -26
- data/spec/rails3/config/environments/in_memory.rb +0 -35
- data/spec/rails3/config/environments/production.rb +0 -49
- data/spec/rails3/config/environments/test.rb +0 -35
- data/spec/rails3/config/initializers/session_store.rb +0 -8
- data/spec/rails3/config/routes.rb +0 -59
- data/spec/rails3/config.ru +0 -4
- data/spec/rails3/db/migrate/external/20101224223628_create_authentications.rb +0 -14
- data/spec/rails3/lib/tasks/.gitkeep +0 -0
- data/spec/rails3/public/404.html +0 -26
- data/spec/rails3/public/422.html +0 -26
- data/spec/rails3/public/500.html +0 -26
- data/spec/rails3/public/favicon.ico +0 -0
- data/spec/rails3/public/images/rails.png +0 -0
- data/spec/rails3/public/javascripts/application.js +0 -2
- data/spec/rails3/public/javascripts/controls.js +0 -965
- data/spec/rails3/public/javascripts/dragdrop.js +0 -974
- data/spec/rails3/public/javascripts/effects.js +0 -1123
- data/spec/rails3/public/javascripts/prototype.js +0 -6001
- data/spec/rails3/public/javascripts/rails.js +0 -175
- data/spec/rails3/public/robots.txt +0 -5
- data/spec/rails3/public/stylesheets/.gitkeep +0 -0
- data/spec/rails3/script/rails +0 -6
- data/spec/rails3/spec/controller_activity_logging_spec.rb +0 -115
- data/spec/rails3/spec/controller_brute_force_protection_spec.rb +0 -88
- data/spec/rails3/spec/controller_http_basic_auth_spec.rb +0 -50
- data/spec/rails3/spec/controller_oauth2_spec.rb +0 -380
- data/spec/rails3/spec/controller_oauth_spec.rb +0 -206
- data/spec/rails3/spec/controller_remember_me_spec.rb +0 -96
- data/spec/rails3/spec/controller_session_timeout_spec.rb +0 -55
- data/spec/rails3/spec/controller_spec.rb +0 -177
- data/spec/rails3/spec/integration_spec.rb +0 -23
- data/spec/rails3/spec/spec.opts +0 -2
- data/spec/rails3/spec/spec_helper.orig.rb +0 -27
- data/spec/rails3/spec/spec_helper.rb +0 -71
- data/spec/rails3/spec/user_activation_spec.rb +0 -16
- data/spec/rails3/spec/user_activity_logging_spec.rb +0 -8
- data/spec/rails3/spec/user_spec.rb +0 -36
- data/spec/rails3/vendor/plugins/.gitkeep +0 -0
- data/spec/rails3_mongo_mapper/.gitignore +0 -4
- data/spec/rails3_mongo_mapper/.rspec +0 -1
- data/spec/rails3_mongo_mapper/Gemfile +0 -16
- data/spec/rails3_mongo_mapper/Gemfile.lock +0 -156
- data/spec/rails3_mongo_mapper/Rakefile +0 -11
- data/spec/rails3_mongo_mapper/app/controllers/application_controller.rb +0 -122
- data/spec/rails3_mongo_mapper/app/helpers/application_helper.rb +0 -2
- data/spec/rails3_mongo_mapper/app/mailers/sorcery_mailer.rb +0 -25
- data/spec/rails3_mongo_mapper/app/views/layouts/application.html.erb +0 -14
- data/spec/rails3_mongo_mapper/app/views/sorcery_mailer/activation_email.html.erb +0 -17
- data/spec/rails3_mongo_mapper/app/views/sorcery_mailer/activation_email.text.erb +0 -9
- data/spec/rails3_mongo_mapper/app/views/sorcery_mailer/activation_success_email.text.erb +0 -9
- data/spec/rails3_mongo_mapper/app/views/sorcery_mailer/reset_password_email.html.erb +0 -16
- data/spec/rails3_mongo_mapper/app/views/sorcery_mailer/reset_password_email.text.erb +0 -8
- data/spec/rails3_mongo_mapper/config/boot.rb +0 -13
- data/spec/rails3_mongo_mapper/config/environment.rb +0 -5
- data/spec/rails3_mongo_mapper/config/environments/development.rb +0 -30
- data/spec/rails3_mongo_mapper/config/environments/in_memory.rb +0 -0
- data/spec/rails3_mongo_mapper/config/environments/production.rb +0 -49
- data/spec/rails3_mongo_mapper/config/initializers/backtrace_silencers.rb +0 -7
- data/spec/rails3_mongo_mapper/config/initializers/inflections.rb +0 -10
- data/spec/rails3_mongo_mapper/config/initializers/mime_types.rb +0 -5
- data/spec/rails3_mongo_mapper/config/initializers/mongo.rb +0 -2
- data/spec/rails3_mongo_mapper/config/initializers/secret_token.rb +0 -7
- data/spec/rails3_mongo_mapper/config/initializers/session_store.rb +0 -8
- data/spec/rails3_mongo_mapper/config/locales/en.yml +0 -5
- data/spec/rails3_mongo_mapper/config/routes.rb +0 -59
- data/spec/rails3_mongo_mapper/db/schema.rb +0 -23
- data/spec/rails3_mongo_mapper/db/seeds.rb +0 -7
- data/spec/rails3_mongo_mapper/lib/tasks/.gitkeep +0 -0
- data/spec/rails3_mongo_mapper/public/404.html +0 -26
- data/spec/rails3_mongo_mapper/public/422.html +0 -26
- data/spec/rails3_mongo_mapper/public/500.html +0 -26
- data/spec/rails3_mongo_mapper/public/favicon.ico +0 -0
- data/spec/rails3_mongo_mapper/public/images/rails.png +0 -0
- data/spec/rails3_mongo_mapper/public/javascripts/application.js +0 -2
- data/spec/rails3_mongo_mapper/public/javascripts/controls.js +0 -965
- data/spec/rails3_mongo_mapper/public/javascripts/dragdrop.js +0 -974
- data/spec/rails3_mongo_mapper/public/javascripts/effects.js +0 -1123
- data/spec/rails3_mongo_mapper/public/javascripts/prototype.js +0 -6001
- data/spec/rails3_mongo_mapper/public/javascripts/rails.js +0 -175
- data/spec/rails3_mongo_mapper/public/robots.txt +0 -5
- data/spec/rails3_mongo_mapper/public/stylesheets/.gitkeep +0 -0
- data/spec/rails3_mongo_mapper/script/rails +0 -6
- data/spec/rails3_mongo_mapper/spec/controller_spec.rb +0 -170
- data/spec/rails3_mongo_mapper/spec/spec.opts +0 -2
- data/spec/rails3_mongo_mapper/spec/spec_helper.orig.rb +0 -27
- data/spec/rails3_mongo_mapper/spec/spec_helper.rb +0 -55
- data/spec/rails3_mongo_mapper/spec/user_activation_spec.rb +0 -9
- data/spec/rails3_mongo_mapper/spec/user_activity_logging_spec.rb +0 -8
- data/spec/rails3_mongo_mapper/spec/user_brute_force_protection_spec.rb +0 -8
- data/spec/rails3_mongo_mapper/spec/user_oauth_spec.rb +0 -8
- data/spec/rails3_mongo_mapper/spec/user_remember_me_spec.rb +0 -8
- data/spec/rails3_mongo_mapper/spec/user_reset_password_spec.rb +0 -8
- data/spec/rails3_mongo_mapper/spec/user_spec.rb +0 -37
- data/spec/rails3_mongo_mapper/vendor/plugins/.gitkeep +0 -0
- data/spec/rails3_mongoid/.gitignore +0 -4
- data/spec/rails3_mongoid/.rspec +0 -1
- data/spec/rails3_mongoid/Gemfile +0 -15
- data/spec/rails3_mongoid/Gemfile.lock +0 -146
- data/spec/rails3_mongoid/Rakefile +0 -11
- data/spec/rails3_mongoid/app/controllers/application_controller.rb +0 -127
- data/spec/rails3_mongoid/app/helpers/application_helper.rb +0 -2
- data/spec/rails3_mongoid/app/mailers/sorcery_mailer.rb +0 -25
- data/spec/rails3_mongoid/app/views/layouts/application.html.erb +0 -14
- data/spec/rails3_mongoid/app/views/sorcery_mailer/activation_email.html.erb +0 -17
- data/spec/rails3_mongoid/app/views/sorcery_mailer/activation_email.text.erb +0 -9
- data/spec/rails3_mongoid/app/views/sorcery_mailer/activation_success_email.html.erb +0 -17
- data/spec/rails3_mongoid/app/views/sorcery_mailer/activation_success_email.text.erb +0 -9
- data/spec/rails3_mongoid/app/views/sorcery_mailer/reset_password_email.html.erb +0 -16
- data/spec/rails3_mongoid/app/views/sorcery_mailer/reset_password_email.text.erb +0 -8
- data/spec/rails3_mongoid/config/application.rb +0 -51
- data/spec/rails3_mongoid/config/boot.rb +0 -13
- data/spec/rails3_mongoid/config/environment.rb +0 -5
- data/spec/rails3_mongoid/config/environments/development.rb +0 -26
- data/spec/rails3_mongoid/config/environments/in_memory.rb +0 -0
- data/spec/rails3_mongoid/config/environments/production.rb +0 -49
- data/spec/rails3_mongoid/config/environments/test.rb +0 -35
- data/spec/rails3_mongoid/config/initializers/backtrace_silencers.rb +0 -7
- data/spec/rails3_mongoid/config/initializers/inflections.rb +0 -10
- data/spec/rails3_mongoid/config/initializers/mime_types.rb +0 -5
- data/spec/rails3_mongoid/config/initializers/secret_token.rb +0 -7
- data/spec/rails3_mongoid/config/locales/en.yml +0 -5
- data/spec/rails3_mongoid/config/mongoid.yml +0 -7
- data/spec/rails3_mongoid/config/routes.rb +0 -59
- data/spec/rails3_mongoid/config.ru +0 -4
- data/spec/rails3_mongoid/db/schema.rb +0 -23
- data/spec/rails3_mongoid/db/seeds.rb +0 -7
- data/spec/rails3_mongoid/lib/tasks/.gitkeep +0 -0
- data/spec/rails3_mongoid/public/404.html +0 -26
- data/spec/rails3_mongoid/public/422.html +0 -26
- data/spec/rails3_mongoid/public/500.html +0 -26
- data/spec/rails3_mongoid/public/favicon.ico +0 -0
- data/spec/rails3_mongoid/public/images/rails.png +0 -0
- data/spec/rails3_mongoid/public/javascripts/application.js +0 -2
- data/spec/rails3_mongoid/public/javascripts/controls.js +0 -965
- data/spec/rails3_mongoid/public/javascripts/dragdrop.js +0 -974
- data/spec/rails3_mongoid/public/javascripts/effects.js +0 -1123
- data/spec/rails3_mongoid/public/javascripts/prototype.js +0 -6001
- data/spec/rails3_mongoid/public/javascripts/rails.js +0 -175
- data/spec/rails3_mongoid/public/robots.txt +0 -5
- data/spec/rails3_mongoid/public/stylesheets/.gitkeep +0 -0
- data/spec/rails3_mongoid/script/rails +0 -6
- data/spec/rails3_mongoid/spec/controller_activity_logging_spec.rb +0 -105
- data/spec/rails3_mongoid/spec/controller_spec.rb +0 -181
- data/spec/rails3_mongoid/spec/spec.opts +0 -2
- data/spec/rails3_mongoid/spec/spec_helper.orig.rb +0 -27
- data/spec/rails3_mongoid/spec/spec_helper.rb +0 -55
- data/spec/rails3_mongoid/spec/user_activation_spec.rb +0 -9
- data/spec/rails3_mongoid/spec/user_activity_logging_spec.rb +0 -8
- data/spec/rails3_mongoid/spec/user_brute_force_protection_spec.rb +0 -8
- data/spec/rails3_mongoid/spec/user_oauth_spec.rb +0 -8
- data/spec/rails3_mongoid/spec/user_remember_me_spec.rb +0 -8
- data/spec/rails3_mongoid/spec/user_reset_password_spec.rb +0 -8
- data/spec/rails3_mongoid/spec/user_spec.rb +0 -38
- data/spec/rails3_mongoid/vendor/plugins/.gitkeep +0 -0
- data/spec/shared_examples/controller_oauth2_shared_examples.rb +0 -56
- data/spec/shared_examples/controller_oauth_shared_examples.rb +0 -55
- /data/lib/sorcery/{controller/submodules/external/protocols → protocols}/certs/ca-bundle.crt +0 -0
- /data/spec/{rails3/app/models → rails_app/app/active_record}/authentication.rb +0 -0
- /data/spec/{rails3 → rails_app}/app/helpers/application_helper.rb +0 -0
- /data/spec/{rails3 → rails_app}/app/mailers/sorcery_mailer.rb +0 -0
- /data/spec/{rails3_mongo_mapper/app/models → rails_app/app/mongo_mapper}/authentication.rb +0 -0
- /data/spec/{rails3_mongoid/app/models → rails_app/app/mongoid}/authentication.rb +0 -0
- /data/spec/{rails3 → rails_app}/app/views/application/index.html.erb +0 -0
- /data/spec/{rails3 → rails_app}/app/views/layouts/application.html.erb +0 -0
- /data/spec/{rails3 → rails_app}/app/views/sorcery_mailer/activation_email.html.erb +0 -0
- /data/spec/{rails3 → rails_app}/app/views/sorcery_mailer/activation_email.text.erb +0 -0
- /data/spec/{rails3/app/views/sorcery_mailer/activation_success_email.html.erb → rails_app/app/views/sorcery_mailer/activation_needed_email.html.erb} +0 -0
- /data/spec/{rails3_mongo_mapper → rails_app}/app/views/sorcery_mailer/activation_success_email.html.erb +0 -0
- /data/spec/{rails3 → rails_app}/app/views/sorcery_mailer/activation_success_email.text.erb +0 -0
- /data/spec/{rails3 → rails_app}/app/views/sorcery_mailer/reset_password_email.html.erb +0 -0
- /data/spec/{rails3 → rails_app}/app/views/sorcery_mailer/reset_password_email.text.erb +0 -0
- /data/spec/{rails3 → rails_app}/config/environment.rb +0 -0
- /data/spec/{rails3 → rails_app}/config/initializers/backtrace_silencers.rb +0 -0
- /data/spec/{rails3 → rails_app}/config/initializers/inflections.rb +0 -0
- /data/spec/{rails3 → rails_app}/config/initializers/mime_types.rb +0 -0
- /data/spec/{rails3 → rails_app}/config/initializers/secret_token.rb +0 -0
- /data/spec/{rails3 → rails_app}/config/locales/en.yml +0 -0
- /data/spec/{rails3 → rails_app}/db/migrate/brute_force_protection/20101224223626_add_brute_force_protection_to_users.rb +0 -0
- /data/spec/{rails3 → rails_app}/db/migrate/remember_me/20101224223623_add_remember_me_token_to_users.rb +0 -0
- /data/spec/{rails3 → rails_app}/db/migrate/reset_password/20101224223622_add_reset_password_to_users.rb +0 -0
- /data/spec/{rails3 → rails_app}/db/schema.rb +0 -0
- /data/spec/{rails3 → rails_app}/db/seeds.rb +0 -0
|
@@ -0,0 +1,429 @@
|
|
|
1
|
+
require 'spec_helper'
|
|
2
|
+
|
|
3
|
+
# require 'shared_examples/controller_oauth2_shared_examples'
|
|
4
|
+
|
|
5
|
+
describe SorceryController, :active_record => true do
|
|
6
|
+
before(:all) do
|
|
7
|
+
if SORCERY_ORM == :active_record
|
|
8
|
+
ActiveRecord::Migrator.migrate("#{Rails.root}/db/migrate/external")
|
|
9
|
+
User.reset_column_information
|
|
10
|
+
end
|
|
11
|
+
|
|
12
|
+
sorcery_reload!([:external])
|
|
13
|
+
set_external_property
|
|
14
|
+
end
|
|
15
|
+
|
|
16
|
+
after(:all) do
|
|
17
|
+
if SORCERY_ORM == :active_record
|
|
18
|
+
ActiveRecord::Migrator.rollback("#{Rails.root}/db/migrate/external")
|
|
19
|
+
end
|
|
20
|
+
end
|
|
21
|
+
|
|
22
|
+
describe 'using create_from' do
|
|
23
|
+
before(:each) do
|
|
24
|
+
stub_all_oauth2_requests!
|
|
25
|
+
end
|
|
26
|
+
|
|
27
|
+
it 'creates a new user' do
|
|
28
|
+
sorcery_model_property_set(:authentications_class, Authentication)
|
|
29
|
+
sorcery_controller_external_property_set(:facebook, :user_info_mapping, { username: 'name' })
|
|
30
|
+
|
|
31
|
+
expect(User).to receive(:create_from_provider).with('facebook', '123', {username: 'Noam Ben Ari'})
|
|
32
|
+
get :test_create_from_provider, provider: 'facebook'
|
|
33
|
+
end
|
|
34
|
+
|
|
35
|
+
it 'supports nested attributes' do
|
|
36
|
+
sorcery_model_property_set(:authentications_class, Authentication)
|
|
37
|
+
sorcery_controller_external_property_set(:facebook, :user_info_mapping, { username: 'hometown/name' })
|
|
38
|
+
expect(User).to receive(:create_from_provider).with('facebook', '123', {username: 'Haifa, Israel'})
|
|
39
|
+
|
|
40
|
+
get :test_create_from_provider, provider: 'facebook'
|
|
41
|
+
end
|
|
42
|
+
|
|
43
|
+
it 'does not crash on missing nested attributes' do
|
|
44
|
+
sorcery_model_property_set(:authentications_class, Authentication)
|
|
45
|
+
sorcery_controller_external_property_set(:facebook, :user_info_mapping, { username: 'name', created_at: 'does/not/exist' })
|
|
46
|
+
|
|
47
|
+
expect(User).to receive(:create_from_provider).with('facebook', '123', {username: 'Noam Ben Ari'})
|
|
48
|
+
|
|
49
|
+
get :test_create_from_provider, provider: 'facebook'
|
|
50
|
+
end
|
|
51
|
+
|
|
52
|
+
describe 'with a block' do
|
|
53
|
+
it 'does not create user' do
|
|
54
|
+
sorcery_model_property_set(:authentications_class, Authentication)
|
|
55
|
+
sorcery_controller_external_property_set(:facebook, :user_info_mapping, { username: 'name' })
|
|
56
|
+
|
|
57
|
+
u = double('user')
|
|
58
|
+
expect(User).to receive(:create_from_provider).with('facebook', '123', {username: 'Noam Ben Ari'}).and_return(u).and_yield(u)
|
|
59
|
+
# test_create_from_provider_with_block in controller will check for uniqueness of username
|
|
60
|
+
get :test_create_from_provider_with_block, provider: 'facebook'
|
|
61
|
+
end
|
|
62
|
+
end
|
|
63
|
+
end
|
|
64
|
+
|
|
65
|
+
# ----------------- OAuth -----------------------
|
|
66
|
+
context "with OAuth features" do
|
|
67
|
+
|
|
68
|
+
let(:user) { double('user', id: 42) }
|
|
69
|
+
|
|
70
|
+
before(:each) do
|
|
71
|
+
stub_all_oauth2_requests!
|
|
72
|
+
end
|
|
73
|
+
|
|
74
|
+
after(:each) do
|
|
75
|
+
User.sorcery_adapter.delete_all
|
|
76
|
+
Authentication.sorcery_adapter.delete_all
|
|
77
|
+
end
|
|
78
|
+
|
|
79
|
+
context "when callback_url begin with /" do
|
|
80
|
+
before do
|
|
81
|
+
sorcery_controller_external_property_set(:facebook, :callback_url, "/oauth/twitter/callback")
|
|
82
|
+
end
|
|
83
|
+
it "login_at redirects correctly" do
|
|
84
|
+
get :login_at_test_facebook
|
|
85
|
+
expect(response).to be_a_redirect
|
|
86
|
+
expect(response).to redirect_to("https://www.facebook.com/dialog/oauth?client_id=#{::Sorcery::Controller::Config.facebook.key}&display=page&redirect_uri=http%3A%2F%2Ftest.host%2Foauth%2Ftwitter%2Fcallback&response_type=code&scope=email&state=")
|
|
87
|
+
end
|
|
88
|
+
|
|
89
|
+
it "logins with state" do
|
|
90
|
+
get :login_at_test_with_state
|
|
91
|
+
expect(response).to be_a_redirect
|
|
92
|
+
expect(response).to redirect_to("https://www.facebook.com/dialog/oauth?client_id=#{::Sorcery::Controller::Config.facebook.key}&display=page&redirect_uri=http%3A%2F%2Ftest.host%2Foauth%2Ftwitter%2Fcallback&response_type=code&scope=email&state=bla")
|
|
93
|
+
end
|
|
94
|
+
|
|
95
|
+
it "logins with Graph API version" do
|
|
96
|
+
sorcery_controller_external_property_set(:facebook, :api_version, "v2.2")
|
|
97
|
+
get :login_at_test_with_state
|
|
98
|
+
expect(response).to be_a_redirect
|
|
99
|
+
expect(response).to redirect_to("https://www.facebook.com/v2.2/dialog/oauth?client_id=#{::Sorcery::Controller::Config.facebook.key}&display=page&redirect_uri=http%3A%2F%2Ftest.host%2Foauth%2Ftwitter%2Fcallback&response_type=code&scope=email&state=bla")
|
|
100
|
+
end
|
|
101
|
+
|
|
102
|
+
it "logins without state after login with state" do
|
|
103
|
+
get :login_at_test_with_state
|
|
104
|
+
expect(response).to redirect_to("https://www.facebook.com/v2.2/dialog/oauth?client_id=#{::Sorcery::Controller::Config.facebook.key}&display=page&redirect_uri=http%3A%2F%2Ftest.host%2Foauth%2Ftwitter%2Fcallback&response_type=code&scope=email&state=bla")
|
|
105
|
+
|
|
106
|
+
get :login_at_test_facebook
|
|
107
|
+
expect(response).to redirect_to("https://www.facebook.com/v2.2/dialog/oauth?client_id=#{::Sorcery::Controller::Config.facebook.key}&display=page&redirect_uri=http%3A%2F%2Ftest.host%2Foauth%2Ftwitter%2Fcallback&response_type=code&scope=email&state=")
|
|
108
|
+
end
|
|
109
|
+
|
|
110
|
+
after do
|
|
111
|
+
sorcery_controller_external_property_set(:facebook, :callback_url, "http://blabla.com")
|
|
112
|
+
end
|
|
113
|
+
end
|
|
114
|
+
|
|
115
|
+
context "when callback_url begin with http://" do
|
|
116
|
+
it "login_at redirects correctly" do
|
|
117
|
+
create_new_user
|
|
118
|
+
get :login_at_test_facebook
|
|
119
|
+
expect(response).to be_a_redirect
|
|
120
|
+
expect(response).to redirect_to("https://www.facebook.com/v2.2/dialog/oauth?client_id=#{::Sorcery::Controller::Config.facebook.key}&display=page&redirect_uri=http%3A%2F%2Ftest.host%2Foauth%2Ftwitter%2Fcallback&response_type=code&scope=email&state=")
|
|
121
|
+
end
|
|
122
|
+
end
|
|
123
|
+
|
|
124
|
+
it "'login_from' logins if user exists" do
|
|
125
|
+
# dirty hack for rails 4
|
|
126
|
+
allow(subject).to receive(:register_last_activity_time_to_db)
|
|
127
|
+
|
|
128
|
+
sorcery_model_property_set(:authentications_class, Authentication)
|
|
129
|
+
expect(User).to receive(:load_from_provider).with(:facebook, '123').and_return(user)
|
|
130
|
+
get :test_login_from_facebook
|
|
131
|
+
|
|
132
|
+
expect(flash[:notice]).to eq "Success!"
|
|
133
|
+
end
|
|
134
|
+
|
|
135
|
+
it "'login_from' fails if user doesn't exist" do
|
|
136
|
+
sorcery_model_property_set(:authentications_class, Authentication)
|
|
137
|
+
expect(User).to receive(:load_from_provider).with(:facebook, '123').and_return(nil)
|
|
138
|
+
get :test_login_from_facebook
|
|
139
|
+
|
|
140
|
+
expect(flash[:alert]).to eq "Failed!"
|
|
141
|
+
end
|
|
142
|
+
|
|
143
|
+
it "on successful login_from the user is redirected to the url he originally wanted" do
|
|
144
|
+
# dirty hack for rails 4
|
|
145
|
+
allow(subject).to receive(:register_last_activity_time_to_db)
|
|
146
|
+
|
|
147
|
+
sorcery_model_property_set(:authentications_class, Authentication)
|
|
148
|
+
expect(User).to receive(:load_from_provider).with(:facebook, '123').and_return(user)
|
|
149
|
+
get :test_return_to_with_external_facebook, {}, :return_to_url => "fuu"
|
|
150
|
+
|
|
151
|
+
expect(response).to redirect_to("fuu")
|
|
152
|
+
expect(flash[:notice]).to eq "Success!"
|
|
153
|
+
end
|
|
154
|
+
|
|
155
|
+
[:github, :google, :liveid, :vk, :salesforce].each do |provider|
|
|
156
|
+
|
|
157
|
+
describe "with #{provider}" do
|
|
158
|
+
|
|
159
|
+
it "login_at redirects correctly" do
|
|
160
|
+
get :"login_at_test_#{provider}"
|
|
161
|
+
|
|
162
|
+
expect(response).to be_a_redirect
|
|
163
|
+
expect(response).to redirect_to(provider_url provider)
|
|
164
|
+
end
|
|
165
|
+
|
|
166
|
+
it "'login_from' logins if user exists" do
|
|
167
|
+
# dirty hack for rails 4
|
|
168
|
+
allow(subject).to receive(:register_last_activity_time_to_db)
|
|
169
|
+
|
|
170
|
+
sorcery_model_property_set(:authentications_class, Authentication)
|
|
171
|
+
expect(User).to receive(:load_from_provider).with(provider, '123').and_return(user)
|
|
172
|
+
get :"test_login_from_#{provider}"
|
|
173
|
+
|
|
174
|
+
expect(flash[:notice]).to eq "Success!"
|
|
175
|
+
end
|
|
176
|
+
|
|
177
|
+
it "'login_from' fails if user doesn't exist" do
|
|
178
|
+
sorcery_model_property_set(:authentications_class, Authentication)
|
|
179
|
+
expect(User).to receive(:load_from_provider).with(provider, '123').and_return(nil)
|
|
180
|
+
get :"test_login_from_#{provider}"
|
|
181
|
+
|
|
182
|
+
expect(flash[:alert]).to eq "Failed!"
|
|
183
|
+
end
|
|
184
|
+
|
|
185
|
+
it "on successful login_from the user is redirected to the url he originally wanted (#{provider})" do
|
|
186
|
+
# dirty hack for rails 4
|
|
187
|
+
allow(subject).to receive(:register_last_activity_time_to_db)
|
|
188
|
+
|
|
189
|
+
sorcery_model_property_set(:authentications_class, Authentication)
|
|
190
|
+
expect(User).to receive(:load_from_provider).with(provider, '123').and_return(user)
|
|
191
|
+
get :"test_return_to_with_external_#{provider}", {}, :return_to_url => "fuu"
|
|
192
|
+
|
|
193
|
+
expect(response).to redirect_to "fuu"
|
|
194
|
+
expect(flash[:notice]).to eq "Success!"
|
|
195
|
+
end
|
|
196
|
+
end
|
|
197
|
+
end
|
|
198
|
+
|
|
199
|
+
end
|
|
200
|
+
|
|
201
|
+
describe "OAuth with User Activation features" do
|
|
202
|
+
before(:all) do
|
|
203
|
+
if SORCERY_ORM == :active_record
|
|
204
|
+
ActiveRecord::Migrator.migrate("#{Rails.root}/db/migrate/activation")
|
|
205
|
+
end
|
|
206
|
+
|
|
207
|
+
sorcery_reload!([:user_activation,:external], :user_activation_mailer => ::SorceryMailer)
|
|
208
|
+
sorcery_controller_property_set(:external_providers, [:facebook, :github, :google, :liveid, :vk, :salesforce])
|
|
209
|
+
|
|
210
|
+
sorcery_controller_external_property_set(:facebook, :key, "eYVNBjBDi33aa9GkA3w")
|
|
211
|
+
sorcery_controller_external_property_set(:facebook, :secret, "XpbeSdCoaKSmQGSeokz5qcUATClRW5u08QWNfv71N8")
|
|
212
|
+
sorcery_controller_external_property_set(:facebook, :callback_url, "http://blabla.com")
|
|
213
|
+
sorcery_controller_external_property_set(:github, :key, "eYVNBjBDi33aa9GkA3w")
|
|
214
|
+
sorcery_controller_external_property_set(:github, :secret, "XpbeSdCoaKSmQGSeokz5qcUATClRW5u08QWNfv71N8")
|
|
215
|
+
sorcery_controller_external_property_set(:github, :callback_url, "http://blabla.com")
|
|
216
|
+
sorcery_controller_external_property_set(:google, :key, "eYVNBjBDi33aa9GkA3w")
|
|
217
|
+
sorcery_controller_external_property_set(:google, :secret, "XpbeSdCoaKSmQGSeokz5qcUATClRW5u08QWNfv71N8")
|
|
218
|
+
sorcery_controller_external_property_set(:google, :callback_url, "http://blabla.com")
|
|
219
|
+
sorcery_controller_external_property_set(:liveid, :key, "eYVNBjBDi33aa9GkA3w")
|
|
220
|
+
sorcery_controller_external_property_set(:liveid, :secret, "XpbeSdCoaKSmQGSeokz5qcUATClRW5u08QWNfv71N8")
|
|
221
|
+
sorcery_controller_external_property_set(:liveid, :callback_url, "http://blabla.com")
|
|
222
|
+
sorcery_controller_external_property_set(:vk, :key, "eYVNBjBDi33aa9GkA3w")
|
|
223
|
+
sorcery_controller_external_property_set(:vk, :secret, "XpbeSdCoaKSmQGSeokz5qcUATClRW5u08QWNfv71N8")
|
|
224
|
+
sorcery_controller_external_property_set(:vk, :callback_url, "http://blabla.com")
|
|
225
|
+
sorcery_controller_external_property_set(:salesforce, :key, "eYVNBjBDi33aa9GkA3w")
|
|
226
|
+
sorcery_controller_external_property_set(:salesforce, :secret, "XpbeSdCoaKSmQGSeokz5qcUATClRW5u08QWNfv71N8")
|
|
227
|
+
sorcery_controller_external_property_set(:salesforce, :callback_url, "http://blabla.com")
|
|
228
|
+
end
|
|
229
|
+
|
|
230
|
+
after(:all) do
|
|
231
|
+
if SORCERY_ORM == :active_record
|
|
232
|
+
ActiveRecord::Migrator.rollback("#{Rails.root}/db/migrate/activation")
|
|
233
|
+
end
|
|
234
|
+
end
|
|
235
|
+
|
|
236
|
+
after(:each) do
|
|
237
|
+
User.sorcery_adapter.delete_all
|
|
238
|
+
end
|
|
239
|
+
|
|
240
|
+
it "does not send activation email to external users" do
|
|
241
|
+
old_size = ActionMailer::Base.deliveries.size
|
|
242
|
+
create_new_external_user(:facebook)
|
|
243
|
+
|
|
244
|
+
expect(ActionMailer::Base.deliveries.size).to eq old_size
|
|
245
|
+
end
|
|
246
|
+
|
|
247
|
+
it "does not send external users an activation success email" do
|
|
248
|
+
sorcery_model_property_set(:activation_success_email_method_name, nil)
|
|
249
|
+
create_new_external_user(:facebook)
|
|
250
|
+
old_size = ActionMailer::Base.deliveries.size
|
|
251
|
+
@user.activate!
|
|
252
|
+
|
|
253
|
+
expect(ActionMailer::Base.deliveries.size).to eq old_size
|
|
254
|
+
end
|
|
255
|
+
|
|
256
|
+
[:github, :google, :liveid, :vk, :salesforce].each do |provider|
|
|
257
|
+
it "does not send activation email to external users (#{provider})" do
|
|
258
|
+
old_size = ActionMailer::Base.deliveries.size
|
|
259
|
+
create_new_external_user provider
|
|
260
|
+
expect(ActionMailer::Base.deliveries.size).to eq old_size
|
|
261
|
+
end
|
|
262
|
+
|
|
263
|
+
it "does not send external users an activation success email (#{provider})" do
|
|
264
|
+
sorcery_model_property_set(:activation_success_email_method_name, nil)
|
|
265
|
+
create_new_external_user provider
|
|
266
|
+
old_size = ActionMailer::Base.deliveries.size
|
|
267
|
+
@user.activate!
|
|
268
|
+
end
|
|
269
|
+
end
|
|
270
|
+
end
|
|
271
|
+
|
|
272
|
+
describe "OAuth with user activation features" do
|
|
273
|
+
|
|
274
|
+
let(:user) { double('user', id: 42) }
|
|
275
|
+
|
|
276
|
+
before(:all) do
|
|
277
|
+
sorcery_reload!([:activity_logging, :external])
|
|
278
|
+
end
|
|
279
|
+
|
|
280
|
+
after(:all) do
|
|
281
|
+
if SORCERY_ORM == :active_record
|
|
282
|
+
ActiveRecord::Migrator.rollback("#{Rails.root}/db/migrate/external")
|
|
283
|
+
ActiveRecord::Migrator.rollback("#{Rails.root}/db/migrate/activity_logging")
|
|
284
|
+
end
|
|
285
|
+
end
|
|
286
|
+
|
|
287
|
+
%w(facebook github google liveid vk salesforce).each do |provider|
|
|
288
|
+
context "when #{provider}" do
|
|
289
|
+
before(:each) do
|
|
290
|
+
sorcery_controller_property_set(:register_login_time, true)
|
|
291
|
+
sorcery_controller_property_set(:register_logout_time, false)
|
|
292
|
+
sorcery_controller_property_set(:register_last_activity_time, false)
|
|
293
|
+
sorcery_controller_property_set(:register_last_ip_address, false)
|
|
294
|
+
stub_all_oauth2_requests!
|
|
295
|
+
sorcery_model_property_set(:authentications_class, Authentication)
|
|
296
|
+
end
|
|
297
|
+
|
|
298
|
+
it "registers login time" do
|
|
299
|
+
now = Time.now.in_time_zone
|
|
300
|
+
Timecop.freeze(now)
|
|
301
|
+
expect(User).to receive(:load_from_provider).and_return(user)
|
|
302
|
+
expect(user).to receive(:set_last_login_at).with(be_within(0.1).of(now))
|
|
303
|
+
get "test_login_from_#{provider}".to_sym
|
|
304
|
+
Timecop.return
|
|
305
|
+
end
|
|
306
|
+
|
|
307
|
+
it "does not register login time if configured so" do
|
|
308
|
+
sorcery_controller_property_set(:register_login_time, false)
|
|
309
|
+
now = Time.now.in_time_zone
|
|
310
|
+
Timecop.freeze(now)
|
|
311
|
+
expect(User).to receive(:load_from_provider).and_return(user)
|
|
312
|
+
expect(user).to receive(:set_last_login_at).never
|
|
313
|
+
get "test_login_from_#{provider}".to_sym
|
|
314
|
+
|
|
315
|
+
end
|
|
316
|
+
end
|
|
317
|
+
end
|
|
318
|
+
end
|
|
319
|
+
|
|
320
|
+
describe "OAuth with session timeout features" do
|
|
321
|
+
before(:all) do
|
|
322
|
+
sorcery_reload!([:session_timeout, :external])
|
|
323
|
+
end
|
|
324
|
+
|
|
325
|
+
let(:user) { double('user', id: 42) }
|
|
326
|
+
|
|
327
|
+
%w(facebook github google liveid vk salesforce).each do |provider|
|
|
328
|
+
context "when #{provider}" do
|
|
329
|
+
before(:each) do
|
|
330
|
+
sorcery_model_property_set(:authentications_class, Authentication)
|
|
331
|
+
sorcery_controller_property_set(:session_timeout,0.5)
|
|
332
|
+
stub_all_oauth2_requests!
|
|
333
|
+
end
|
|
334
|
+
|
|
335
|
+
after(:each) do
|
|
336
|
+
Timecop.return
|
|
337
|
+
end
|
|
338
|
+
|
|
339
|
+
it "does not reset session before session timeout" do
|
|
340
|
+
expect(User).to receive(:load_from_provider).with(provider.to_sym, '123').and_return(user)
|
|
341
|
+
get "test_login_from_#{provider}".to_sym
|
|
342
|
+
|
|
343
|
+
expect(session[:user_id]).not_to be_nil
|
|
344
|
+
expect(flash[:notice]).to eq "Success!"
|
|
345
|
+
end
|
|
346
|
+
|
|
347
|
+
it "resets session after session timeout" do
|
|
348
|
+
expect(User).to receive(:load_from_provider).with(provider.to_sym, '123').and_return(user)
|
|
349
|
+
get "test_login_from_#{provider}".to_sym
|
|
350
|
+
expect(session[:user_id]).to eq "42"
|
|
351
|
+
Timecop.travel(Time.now.in_time_zone+0.6)
|
|
352
|
+
get :test_should_be_logged_in
|
|
353
|
+
|
|
354
|
+
expect(session[:user_id]).to be_nil
|
|
355
|
+
expect(response).to be_a_redirect
|
|
356
|
+
end
|
|
357
|
+
end
|
|
358
|
+
end
|
|
359
|
+
end
|
|
360
|
+
|
|
361
|
+
def stub_all_oauth2_requests!
|
|
362
|
+
access_token = double(OAuth2::AccessToken)
|
|
363
|
+
allow(access_token).to receive(:token_param=)
|
|
364
|
+
response = double(OAuth2::Response)
|
|
365
|
+
allow(response).to receive(:body) { {
|
|
366
|
+
"id"=>"123",
|
|
367
|
+
"user_id"=>"123", # Needed for Salesforce
|
|
368
|
+
"name"=>"Noam Ben Ari",
|
|
369
|
+
"first_name"=>"Noam",
|
|
370
|
+
"last_name"=>"Ben Ari",
|
|
371
|
+
"link"=>"http://www.facebook.com/nbenari1",
|
|
372
|
+
"hometown"=>{"id"=>"110619208966868", "name"=>"Haifa, Israel"},
|
|
373
|
+
"location"=>{"id"=>"106906559341067", "name"=>"Pardes Hanah, Hefa, Israel"},
|
|
374
|
+
"bio"=>"I'm a new daddy, and enjoying it!",
|
|
375
|
+
"gender"=>"male",
|
|
376
|
+
"email"=>"nbenari@gmail.com",
|
|
377
|
+
"timezone"=>2,
|
|
378
|
+
"locale"=>"en_US",
|
|
379
|
+
"languages"=>[{"id"=>"108405449189952", "name"=>"Hebrew"}, {"id"=>"106059522759137", "name"=>"English"}, {"id"=>"112624162082677", "name"=>"Russian"}],
|
|
380
|
+
"verified"=>true,
|
|
381
|
+
"updated_time"=>"2011-02-16T20:59:38+0000",
|
|
382
|
+
# response for VK auth
|
|
383
|
+
"response"=>[
|
|
384
|
+
{
|
|
385
|
+
"uid"=>"123",
|
|
386
|
+
"first_name"=>"Noam",
|
|
387
|
+
"last_name"=>"Ben Ari"
|
|
388
|
+
}
|
|
389
|
+
]}.to_json }
|
|
390
|
+
allow(access_token).to receive(:get) { response }
|
|
391
|
+
allow(access_token).to receive(:token) { "187041a618229fdaf16613e96e1caabc1e86e46bbfad228de41520e63fe45873684c365a14417289599f3" }
|
|
392
|
+
# access_token params for VK auth
|
|
393
|
+
allow(access_token).to receive(:params) { { "user_id"=>"100500", "email"=>"nbenari@gmail.com" } }
|
|
394
|
+
allow_any_instance_of(OAuth2::Strategy::AuthCode).to receive(:get_token) { access_token }
|
|
395
|
+
end
|
|
396
|
+
|
|
397
|
+
def set_external_property
|
|
398
|
+
sorcery_controller_property_set(:external_providers, [:facebook, :github, :google, :liveid, :vk, :salesforce])
|
|
399
|
+
sorcery_controller_external_property_set(:facebook, :key, "eYVNBjBDi33aa9GkA3w")
|
|
400
|
+
sorcery_controller_external_property_set(:facebook, :secret, "XpbeSdCoaKSmQGSeokz5qcUATClRW5u08QWNfv71N8")
|
|
401
|
+
sorcery_controller_external_property_set(:facebook, :callback_url, "http://blabla.com")
|
|
402
|
+
sorcery_controller_external_property_set(:github, :key, "eYVNBjBDi33aa9GkA3w")
|
|
403
|
+
sorcery_controller_external_property_set(:github, :secret, "XpbeSdCoaKSmQGSeokz5qcUATClRW5u08QWNfv71N8")
|
|
404
|
+
sorcery_controller_external_property_set(:github, :callback_url, "http://blabla.com")
|
|
405
|
+
sorcery_controller_external_property_set(:google, :key, "eYVNBjBDi33aa9GkA3w")
|
|
406
|
+
sorcery_controller_external_property_set(:google, :secret, "XpbeSdCoaKSmQGSeokz5qcUATClRW5u08QWNfv71N8")
|
|
407
|
+
sorcery_controller_external_property_set(:google, :callback_url, "http://blabla.com")
|
|
408
|
+
sorcery_controller_external_property_set(:liveid, :key, "eYVNBjBDi33aa9GkA3w")
|
|
409
|
+
sorcery_controller_external_property_set(:liveid, :secret, "XpbeSdCoaKSmQGSeokz5qcUATClRW5u08QWNfv71N8")
|
|
410
|
+
sorcery_controller_external_property_set(:liveid, :callback_url, "http://blabla.com")
|
|
411
|
+
sorcery_controller_external_property_set(:vk, :key, "eYVNBjBDi33aa9GkA3w")
|
|
412
|
+
sorcery_controller_external_property_set(:vk, :secret, "XpbeSdCoaKSmQGSeokz5qcUATClRW5u08QWNfv71N8")
|
|
413
|
+
sorcery_controller_external_property_set(:vk, :callback_url, "http://blabla.com")
|
|
414
|
+
sorcery_controller_external_property_set(:salesforce, :key, "eYVNBjBDi33aa9GkA3w")
|
|
415
|
+
sorcery_controller_external_property_set(:salesforce, :secret, "XpbeSdCoaKSmQGSeokz5qcUATClRW5u08QWNfv71N8")
|
|
416
|
+
sorcery_controller_external_property_set(:salesforce, :callback_url, "http://blabla.com")
|
|
417
|
+
end
|
|
418
|
+
|
|
419
|
+
def provider_url(provider)
|
|
420
|
+
{
|
|
421
|
+
github: "https://github.com/login/oauth/authorize?client_id=#{::Sorcery::Controller::Config.github.key}&display=&redirect_uri=http%3A%2F%2Fblabla.com&response_type=code&scope=&state=",
|
|
422
|
+
google: "https://accounts.google.com/o/oauth2/auth?client_id=#{::Sorcery::Controller::Config.google.key}&display=&redirect_uri=http%3A%2F%2Fblabla.com&response_type=code&scope=https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fuserinfo.email+https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fuserinfo.profile&state=",
|
|
423
|
+
liveid: "https://oauth.live.com/authorize?client_id=#{::Sorcery::Controller::Config.liveid.key}&display=&redirect_uri=http%3A%2F%2Fblabla.com&response_type=code&scope=wl.basic+wl.emails+wl.offline_access&state=",
|
|
424
|
+
vk: "https://oauth.vk.com/authorize?client_id=#{::Sorcery::Controller::Config.vk.key}&display=&redirect_uri=http%3A%2F%2Fblabla.com&response_type=code&scope=#{::Sorcery::Controller::Config.vk.scope}&state=",
|
|
425
|
+
salesforce: "https://login.salesforce.com/services/oauth2/authorize?client_id=#{::Sorcery::Controller::Config.salesforce.key}&display=&redirect_uri=http%3A%2F%2Fblabla.com&response_type=code&scope=#{::Sorcery::Controller::Config.salesforce.scope}&state="
|
|
426
|
+
}[provider]
|
|
427
|
+
end
|
|
428
|
+
end
|
|
429
|
+
|
|
@@ -0,0 +1,240 @@
|
|
|
1
|
+
require 'spec_helper'
|
|
2
|
+
|
|
3
|
+
# require 'shared_examples/controller_oauth_shared_examples'
|
|
4
|
+
require 'ostruct'
|
|
5
|
+
|
|
6
|
+
def stub_all_oauth_requests!
|
|
7
|
+
consumer = OAuth::Consumer.new("key","secret", :site => "http://myapi.com")
|
|
8
|
+
req_token = OAuth::RequestToken.new(consumer)
|
|
9
|
+
acc_token = OAuth::AccessToken.new(consumer)
|
|
10
|
+
|
|
11
|
+
response = OpenStruct.new()
|
|
12
|
+
response.body = {"following"=>false, "listed_count"=>0, "profile_link_color"=>"0084B4", "profile_image_url"=>"http://a1.twimg.com/profile_images/536178575/noamb_normal.jpg", "description"=>"Programmer/Heavy Metal Fan/New Father", "status"=>{"text"=>"coming soon to sorcery gem: twitter and facebook authentication support.", "truncated"=>false, "favorited"=>false, "source"=>"web", "geo"=>nil, "in_reply_to_screen_name"=>nil, "in_reply_to_user_id"=>nil, "in_reply_to_status_id_str"=>nil, "created_at"=>"Sun Mar 06 23:01:12 +0000 2011", "contributors"=>nil, "place"=>nil, "retweeted"=>false, "in_reply_to_status_id"=>nil, "in_reply_to_user_id_str"=>nil, "coordinates"=>nil, "retweet_count"=>0, "id"=>44533012284706816, "id_str"=>"44533012284706816"}, "show_all_inline_media"=>false, "geo_enabled"=>true, "profile_sidebar_border_color"=>"a8c7f7", "url"=>nil, "followers_count"=>10, "screen_name"=>"nbenari", "profile_use_background_image"=>true, "location"=>"Israel", "statuses_count"=>25, "profile_background_color"=>"022330", "lang"=>"en", "verified"=>false, "notifications"=>false, "profile_background_image_url"=>"http://a3.twimg.com/profile_background_images/104087198/04042010339.jpg", "favourites_count"=>5, "created_at"=>"Fri Nov 20 21:58:19 +0000 2009", "is_translator"=>false, "contributors_enabled"=>false, "protected"=>false, "follow_request_sent"=>false, "time_zone"=>"Greenland", "profile_text_color"=>"333333", "name"=>"Noam Ben Ari", "friends_count"=>10, "profile_sidebar_fill_color"=>"C0DFEC", "id"=>123, "id_str"=>"91434812", "profile_background_tile"=>false, "utc_offset"=>-10800}.to_json
|
|
13
|
+
|
|
14
|
+
session[:request_token] = req_token.token
|
|
15
|
+
session[:request_token_secret] = req_token.secret
|
|
16
|
+
|
|
17
|
+
allow(OAuth::Consumer).to receive(:new) { consumer }
|
|
18
|
+
allow(consumer).to receive(:get_request_token) { req_token }
|
|
19
|
+
allow(req_token).to receive(:get_access_token) { acc_token }
|
|
20
|
+
allow(OAuth::RequestToken).to receive(:new) { req_token }
|
|
21
|
+
allow(acc_token).to receive(:get) { response }
|
|
22
|
+
end
|
|
23
|
+
|
|
24
|
+
describe SorceryController do
|
|
25
|
+
|
|
26
|
+
let(:user) { double('user', id: 42) }
|
|
27
|
+
|
|
28
|
+
before(:all) do
|
|
29
|
+
sorcery_reload!([:external])
|
|
30
|
+
sorcery_controller_property_set(:external_providers, [:twitter, :jira])
|
|
31
|
+
sorcery_controller_external_property_set(:twitter, :key, "eYVNBjBDi33aa9GkA3w")
|
|
32
|
+
sorcery_controller_external_property_set(:twitter, :secret, "XpbeSdCoaKSmQGSeokz5qcUATClRW5u08QWNfv71N8")
|
|
33
|
+
sorcery_controller_external_property_set(:twitter, :callback_url, "http://blabla.com")
|
|
34
|
+
|
|
35
|
+
sorcery_controller_external_property_set(:jira, :key, "7810b8e317ebdc81601c72f8daecc0f1")
|
|
36
|
+
sorcery_controller_external_property_set(:jira, :secret, "MyAppUsingJira")
|
|
37
|
+
sorcery_controller_external_property_set(:jira, :site, "http://jira.mycompany.com/plugins/servlet/oauth")
|
|
38
|
+
sorcery_controller_external_property_set(:jira, :signature_method, "RSA-SHA1")
|
|
39
|
+
sorcery_controller_external_property_set(:jira, :private_key_file, "myrsakey.pem")
|
|
40
|
+
sorcery_controller_external_property_set(:jira, :callback_url, "http://myappusingjira.com/home")
|
|
41
|
+
end
|
|
42
|
+
|
|
43
|
+
# ----------------- OAuth -----------------------
|
|
44
|
+
describe SorceryController, "'using external API to login'" do
|
|
45
|
+
|
|
46
|
+
before(:each) do
|
|
47
|
+
stub_all_oauth_requests!
|
|
48
|
+
end
|
|
49
|
+
|
|
50
|
+
context "when callback_url begin with /" do
|
|
51
|
+
before do
|
|
52
|
+
sorcery_controller_external_property_set(:twitter, :callback_url, "/oauth/twitter/callback")
|
|
53
|
+
end
|
|
54
|
+
it "login_at redirects correctly" do
|
|
55
|
+
get :login_at_test
|
|
56
|
+
expect(response).to be_a_redirect
|
|
57
|
+
expect(response).to redirect_to("http://myapi.com/oauth/authorize?oauth_callback=http%3A%2F%2Ftest.host%2Foauth%2Ftwitter%2Fcallback&oauth_token=")
|
|
58
|
+
end
|
|
59
|
+
after do
|
|
60
|
+
sorcery_controller_external_property_set(:twitter, :callback_url, "http://blabla.com")
|
|
61
|
+
end
|
|
62
|
+
end
|
|
63
|
+
|
|
64
|
+
context "when callback_url begin with http://" do
|
|
65
|
+
it "login_at redirects correctly", pending: true do
|
|
66
|
+
get :login_at_test
|
|
67
|
+
expect(response).to be_a_redirect
|
|
68
|
+
expect(response).to redirect_to("http://myapi.com/oauth/authorize?oauth_callback=http%3A%2F%2Fblabla.com&oauth_token=")
|
|
69
|
+
end
|
|
70
|
+
end
|
|
71
|
+
|
|
72
|
+
it "logins if user exists" do
|
|
73
|
+
expect(User).to receive(:load_from_provider).with(:twitter, '123').and_return(user)
|
|
74
|
+
|
|
75
|
+
get :test_login_from, :oauth_verifier => "blablaRERASDFcxvSDFA"
|
|
76
|
+
expect(flash[:notice]).to eq "Success!"
|
|
77
|
+
end
|
|
78
|
+
|
|
79
|
+
it "'login_from' fails if user doesn't exist" do
|
|
80
|
+
expect(User).to receive(:load_from_provider).with(:twitter, '123').and_return(nil)
|
|
81
|
+
|
|
82
|
+
get :test_login_from, :oauth_verifier => "blablaRERASDFcxvSDFA"
|
|
83
|
+
expect(flash[:alert]).to eq "Failed!"
|
|
84
|
+
end
|
|
85
|
+
|
|
86
|
+
it "on successful 'login_from' the user is redirected to the url he originally wanted" do
|
|
87
|
+
expect(User).to receive(:load_from_provider).with(:twitter, '123').and_return(user)
|
|
88
|
+
get :test_return_to_with_external, {}, :return_to_url => "fuu"
|
|
89
|
+
expect(response).to redirect_to("fuu")
|
|
90
|
+
expect(flash[:notice]).to eq "Success!"
|
|
91
|
+
end
|
|
92
|
+
|
|
93
|
+
context "when jira" do
|
|
94
|
+
it "user logins successfully" do
|
|
95
|
+
get :login_at_test_jira
|
|
96
|
+
expect(session[:request_token]).not_to be_nil
|
|
97
|
+
expect(response).to be_a_redirect
|
|
98
|
+
end
|
|
99
|
+
end
|
|
100
|
+
|
|
101
|
+
end
|
|
102
|
+
|
|
103
|
+
describe SorceryController do
|
|
104
|
+
describe "using 'create_from'" do
|
|
105
|
+
before(:each) do
|
|
106
|
+
stub_all_oauth_requests!
|
|
107
|
+
end
|
|
108
|
+
|
|
109
|
+
it "creates a new user" do
|
|
110
|
+
sorcery_controller_external_property_set(:twitter, :user_info_mapping, {:username => "screen_name"})
|
|
111
|
+
expect(User).to receive(:load_from_provider).with('twitter', '123').and_return(nil)
|
|
112
|
+
expect(User).to receive(:create_from_provider).with('twitter', '123', {username: 'nbenari'}).and_return(user)
|
|
113
|
+
|
|
114
|
+
get :test_create_from_provider, :provider => "twitter"
|
|
115
|
+
end
|
|
116
|
+
|
|
117
|
+
it "supports nested attributes" do
|
|
118
|
+
sorcery_controller_external_property_set(:twitter, :user_info_mapping, {:username => "status/text"})
|
|
119
|
+
expect(User).to receive(:load_from_provider).with('twitter', '123').and_return(nil)
|
|
120
|
+
expect(User).to receive(:create_from_provider).with('twitter', '123', {username: 'coming soon to sorcery gem: twitter and facebook authentication support.'}).and_return(user)
|
|
121
|
+
|
|
122
|
+
get :test_create_from_provider, :provider => "twitter"
|
|
123
|
+
end
|
|
124
|
+
|
|
125
|
+
it "does not crash on missing nested attributes" do
|
|
126
|
+
sorcery_controller_external_property_set(:twitter, :user_info_mapping, {:username => "status/text", :created_at => "does/not/exist"})
|
|
127
|
+
expect(User).to receive(:load_from_provider).with('twitter', '123').and_return(nil)
|
|
128
|
+
expect(User).to receive(:create_from_provider).with('twitter', '123', {username: 'coming soon to sorcery gem: twitter and facebook authentication support.'}).and_return(user)
|
|
129
|
+
|
|
130
|
+
get :test_create_from_provider, :provider => "twitter"
|
|
131
|
+
end
|
|
132
|
+
|
|
133
|
+
it "binds new provider" do
|
|
134
|
+
sorcery_model_property_set(:authentications_class, UserProvider)
|
|
135
|
+
|
|
136
|
+
allow(user).to receive_message_chain(:sorcery_config, :username_attribute_names, :first) { :username }
|
|
137
|
+
allow(user).to receive(:username).and_return('bla@bla.com')
|
|
138
|
+
login_user(user)
|
|
139
|
+
|
|
140
|
+
expect(user).to receive(:add_provider_to_user).with('twitter', '123')
|
|
141
|
+
get :test_add_second_provider, :provider => "twitter"
|
|
142
|
+
end
|
|
143
|
+
|
|
144
|
+
describe "with a block" do
|
|
145
|
+
it "does not create user" do
|
|
146
|
+
sorcery_model_property_set(:authentications_class, Authentication)
|
|
147
|
+
sorcery_controller_external_property_set(:twitter, :user_info_mapping, {:username => "screen_name"})
|
|
148
|
+
|
|
149
|
+
u = double('user')
|
|
150
|
+
expect(User).to receive(:load_from_provider).with('twitter', '123').and_return(nil)
|
|
151
|
+
expect(User).to receive(:create_from_provider).with('twitter', '123', {username: 'nbenari'}).and_return(u).and_yield(u)
|
|
152
|
+
|
|
153
|
+
get :test_create_from_provider_with_block, :provider => "twitter"
|
|
154
|
+
end
|
|
155
|
+
|
|
156
|
+
end
|
|
157
|
+
end
|
|
158
|
+
end
|
|
159
|
+
|
|
160
|
+
describe SorceryController, "OAuth with user activation features" do
|
|
161
|
+
before(:all) do
|
|
162
|
+
sorcery_reload!([:activity_logging, :external])
|
|
163
|
+
end
|
|
164
|
+
|
|
165
|
+
context "when twitter" do
|
|
166
|
+
before(:each) do
|
|
167
|
+
sorcery_controller_property_set(:register_login_time, true)
|
|
168
|
+
sorcery_controller_property_set(:register_logout_time, false)
|
|
169
|
+
sorcery_controller_property_set(:register_last_activity_time, false)
|
|
170
|
+
sorcery_controller_property_set(:register_last_ip_address, false)
|
|
171
|
+
stub_all_oauth_requests!
|
|
172
|
+
end
|
|
173
|
+
|
|
174
|
+
it "registers login time" do
|
|
175
|
+
now = Time.now.in_time_zone
|
|
176
|
+
Timecop.freeze(now)
|
|
177
|
+
expect(User).to receive(:load_from_provider).and_return(user)
|
|
178
|
+
expect(user).to receive(:set_last_login_at).with(be_within(0.1).of(now))
|
|
179
|
+
get :test_login_from
|
|
180
|
+
Timecop.return
|
|
181
|
+
end
|
|
182
|
+
|
|
183
|
+
it "does not register login time if configured so" do
|
|
184
|
+
sorcery_controller_property_set(:register_login_time, false)
|
|
185
|
+
now = Time.now.in_time_zone
|
|
186
|
+
Timecop.freeze(now)
|
|
187
|
+
expect(User).to receive(:load_from_provider).and_return(user)
|
|
188
|
+
expect(user).to receive(:set_last_login_at).never
|
|
189
|
+
get :test_login_from
|
|
190
|
+
Timecop.return
|
|
191
|
+
end
|
|
192
|
+
end
|
|
193
|
+
end
|
|
194
|
+
|
|
195
|
+
describe SorceryController, "OAuth with session timeout features" do
|
|
196
|
+
before(:all) do
|
|
197
|
+
if SORCERY_ORM == :active_record
|
|
198
|
+
ActiveRecord::Migrator.migrate("#{Rails.root}/db/migrate/external")
|
|
199
|
+
User.reset_column_information
|
|
200
|
+
end
|
|
201
|
+
|
|
202
|
+
sorcery_reload!([:session_timeout, :external])
|
|
203
|
+
end
|
|
204
|
+
|
|
205
|
+
after(:all) do
|
|
206
|
+
if SORCERY_ORM == :active_record
|
|
207
|
+
ActiveRecord::Migrator.rollback("#{Rails.root}/db/migrate/external")
|
|
208
|
+
end
|
|
209
|
+
end
|
|
210
|
+
|
|
211
|
+
context "when twitter" do
|
|
212
|
+
before(:each) do
|
|
213
|
+
sorcery_model_property_set(:authentications_class, Authentication)
|
|
214
|
+
sorcery_controller_property_set(:session_timeout,0.5)
|
|
215
|
+
stub_all_oauth_requests!
|
|
216
|
+
end
|
|
217
|
+
|
|
218
|
+
after(:each) do
|
|
219
|
+
Timecop.return
|
|
220
|
+
end
|
|
221
|
+
|
|
222
|
+
it "does not reset session before session timeout" do
|
|
223
|
+
expect(User).to receive(:load_from_provider).with(:twitter, '123').and_return(user)
|
|
224
|
+
get :test_login_from
|
|
225
|
+
|
|
226
|
+
expect(session[:user_id]).not_to be_nil
|
|
227
|
+
expect(flash[:notice]).to eq "Success!"
|
|
228
|
+
end
|
|
229
|
+
|
|
230
|
+
it "resets session after session timeout" do
|
|
231
|
+
get :test_login_from
|
|
232
|
+
Timecop.travel(Time.now.in_time_zone+0.6)
|
|
233
|
+
get :test_should_be_logged_in
|
|
234
|
+
|
|
235
|
+
expect(session[:user_id]).to be_nil
|
|
236
|
+
expect(response).to be_a_redirect
|
|
237
|
+
end
|
|
238
|
+
end
|
|
239
|
+
end
|
|
240
|
+
end
|